Remove duplicate openssl include files
This commit is contained in:
parent
2abfd7a0d5
commit
cd8d4107e8
|
@ -1,149 +0,0 @@
|
||||||
/* crypto/aes/aes.h -*- mode:C; c-file-style: "eay" -*- */
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
*
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
*
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in
|
|
||||||
* the documentation and/or other materials provided with the
|
|
||||||
* distribution.
|
|
||||||
*
|
|
||||||
* 3. All advertising materials mentioning features or use of this
|
|
||||||
* software must display the following acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
|
||||||
*
|
|
||||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* prior written permission. For written permission, please contact
|
|
||||||
* openssl-core@openssl.org.
|
|
||||||
*
|
|
||||||
* 5. Products derived from this software may not be called "OpenSSL"
|
|
||||||
* nor may "OpenSSL" appear in their names without prior written
|
|
||||||
* permission of the OpenSSL Project.
|
|
||||||
*
|
|
||||||
* 6. Redistributions of any form whatsoever must retain the following
|
|
||||||
* acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
||||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
||||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
||||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
||||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
||||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
||||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
||||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
||||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
* ====================================================================
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_AES_H
|
|
||||||
# define HEADER_AES_H
|
|
||||||
|
|
||||||
# include <openssl/opensslconf.h>
|
|
||||||
|
|
||||||
# ifdef OPENSSL_NO_AES
|
|
||||||
# error AES is disabled.
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# include <stddef.h>
|
|
||||||
|
|
||||||
# define AES_ENCRYPT 1
|
|
||||||
# define AES_DECRYPT 0
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Because array size can't be a const in C, the following two are macros.
|
|
||||||
* Both sizes are in bytes.
|
|
||||||
*/
|
|
||||||
# define AES_MAXNR 14
|
|
||||||
# define AES_BLOCK_SIZE 16
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* This should be a hidden type, but EVP requires that the size be known */
|
|
||||||
struct aes_key_st {
|
|
||||||
# ifdef AES_LONG
|
|
||||||
unsigned long rd_key[4 * (AES_MAXNR + 1)];
|
|
||||||
# else
|
|
||||||
unsigned int rd_key[4 * (AES_MAXNR + 1)];
|
|
||||||
# endif
|
|
||||||
int rounds;
|
|
||||||
};
|
|
||||||
typedef struct aes_key_st AES_KEY;
|
|
||||||
|
|
||||||
const char *AES_options(void);
|
|
||||||
|
|
||||||
int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
|
|
||||||
AES_KEY *key);
|
|
||||||
int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
|
|
||||||
AES_KEY *key);
|
|
||||||
|
|
||||||
int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
|
|
||||||
AES_KEY *key);
|
|
||||||
int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
|
|
||||||
AES_KEY *key);
|
|
||||||
|
|
||||||
void AES_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
const AES_KEY *key);
|
|
||||||
void AES_decrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
const AES_KEY *key);
|
|
||||||
|
|
||||||
void AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
const AES_KEY *key, const int enc);
|
|
||||||
void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t length, const AES_KEY *key,
|
|
||||||
unsigned char *ivec, const int enc);
|
|
||||||
void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t length, const AES_KEY *key,
|
|
||||||
unsigned char *ivec, int *num, const int enc);
|
|
||||||
void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t length, const AES_KEY *key,
|
|
||||||
unsigned char *ivec, int *num, const int enc);
|
|
||||||
void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t length, const AES_KEY *key,
|
|
||||||
unsigned char *ivec, int *num, const int enc);
|
|
||||||
void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t length, const AES_KEY *key,
|
|
||||||
unsigned char *ivec, int *num);
|
|
||||||
void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t length, const AES_KEY *key,
|
|
||||||
unsigned char ivec[AES_BLOCK_SIZE],
|
|
||||||
unsigned char ecount_buf[AES_BLOCK_SIZE],
|
|
||||||
unsigned int *num);
|
|
||||||
/* NB: the IV is _two_ blocks long */
|
|
||||||
void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t length, const AES_KEY *key,
|
|
||||||
unsigned char *ivec, const int enc);
|
|
||||||
/* NB: the IV is _four_ blocks long */
|
|
||||||
void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t length, const AES_KEY *key,
|
|
||||||
const AES_KEY *key2, const unsigned char *ivec,
|
|
||||||
const int enc);
|
|
||||||
|
|
||||||
int AES_wrap_key(AES_KEY *key, const unsigned char *iv,
|
|
||||||
unsigned char *out,
|
|
||||||
const unsigned char *in, unsigned int inlen);
|
|
||||||
int AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
|
|
||||||
unsigned char *out,
|
|
||||||
const unsigned char *in, unsigned int inlen);
|
|
||||||
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif /* !HEADER_AES_H */
|
|
|
@ -1,973 +0,0 @@
|
||||||
/* asn1t.h */
|
|
||||||
/*
|
|
||||||
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
|
|
||||||
* 2000.
|
|
||||||
*/
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
*
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
*
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in
|
|
||||||
* the documentation and/or other materials provided with the
|
|
||||||
* distribution.
|
|
||||||
*
|
|
||||||
* 3. All advertising materials mentioning features or use of this
|
|
||||||
* software must display the following acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
|
||||||
*
|
|
||||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* prior written permission. For written permission, please contact
|
|
||||||
* licensing@OpenSSL.org.
|
|
||||||
*
|
|
||||||
* 5. Products derived from this software may not be called "OpenSSL"
|
|
||||||
* nor may "OpenSSL" appear in their names without prior written
|
|
||||||
* permission of the OpenSSL Project.
|
|
||||||
*
|
|
||||||
* 6. Redistributions of any form whatsoever must retain the following
|
|
||||||
* acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
||||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
||||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
||||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
||||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
||||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
||||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
||||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
||||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
* ====================================================================
|
|
||||||
*
|
|
||||||
* This product includes cryptographic software written by Eric Young
|
|
||||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
|
||||||
* Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
#ifndef HEADER_ASN1T_H
|
|
||||||
# define HEADER_ASN1T_H
|
|
||||||
|
|
||||||
# include <stddef.h>
|
|
||||||
# include <openssl/e_os2.h>
|
|
||||||
# include <openssl/asn1.h>
|
|
||||||
|
|
||||||
# ifdef OPENSSL_BUILD_SHLIBCRYPTO
|
|
||||||
# undef OPENSSL_EXTERN
|
|
||||||
# define OPENSSL_EXTERN OPENSSL_EXPORT
|
|
||||||
# endif
|
|
||||||
|
|
||||||
/* ASN1 template defines, structures and functions */
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
|
|
||||||
|
|
||||||
/* Macro to obtain ASN1_ADB pointer from a type (only used internally) */
|
|
||||||
# define ASN1_ADB_ptr(iptr) ((const ASN1_ADB *)(iptr))
|
|
||||||
|
|
||||||
/* Macros for start and end of ASN1_ITEM definition */
|
|
||||||
|
|
||||||
# define ASN1_ITEM_start(itname) \
|
|
||||||
OPENSSL_GLOBAL const ASN1_ITEM itname##_it = {
|
|
||||||
|
|
||||||
# define ASN1_ITEM_end(itname) \
|
|
||||||
};
|
|
||||||
|
|
||||||
# else
|
|
||||||
|
|
||||||
/* Macro to obtain ASN1_ADB pointer from a type (only used internally) */
|
|
||||||
# define ASN1_ADB_ptr(iptr) ((const ASN1_ADB *)(iptr()))
|
|
||||||
|
|
||||||
/* Macros for start and end of ASN1_ITEM definition */
|
|
||||||
|
|
||||||
# define ASN1_ITEM_start(itname) \
|
|
||||||
const ASN1_ITEM * itname##_it(void) \
|
|
||||||
{ \
|
|
||||||
static const ASN1_ITEM local_it = {
|
|
||||||
|
|
||||||
# define ASN1_ITEM_end(itname) \
|
|
||||||
}; \
|
|
||||||
return &local_it; \
|
|
||||||
}
|
|
||||||
|
|
||||||
# endif
|
|
||||||
|
|
||||||
/* Macros to aid ASN1 template writing */
|
|
||||||
|
|
||||||
# define ASN1_ITEM_TEMPLATE(tname) \
|
|
||||||
static const ASN1_TEMPLATE tname##_item_tt
|
|
||||||
|
|
||||||
# define ASN1_ITEM_TEMPLATE_END(tname) \
|
|
||||||
;\
|
|
||||||
ASN1_ITEM_start(tname) \
|
|
||||||
ASN1_ITYPE_PRIMITIVE,\
|
|
||||||
-1,\
|
|
||||||
&tname##_item_tt,\
|
|
||||||
0,\
|
|
||||||
NULL,\
|
|
||||||
0,\
|
|
||||||
#tname \
|
|
||||||
ASN1_ITEM_end(tname)
|
|
||||||
|
|
||||||
/* This is a ASN1 type which just embeds a template */
|
|
||||||
|
|
||||||
/*-
|
|
||||||
* This pair helps declare a SEQUENCE. We can do:
|
|
||||||
*
|
|
||||||
* ASN1_SEQUENCE(stname) = {
|
|
||||||
* ... SEQUENCE components ...
|
|
||||||
* } ASN1_SEQUENCE_END(stname)
|
|
||||||
*
|
|
||||||
* This will produce an ASN1_ITEM called stname_it
|
|
||||||
* for a structure called stname.
|
|
||||||
*
|
|
||||||
* If you want the same structure but a different
|
|
||||||
* name then use:
|
|
||||||
*
|
|
||||||
* ASN1_SEQUENCE(itname) = {
|
|
||||||
* ... SEQUENCE components ...
|
|
||||||
* } ASN1_SEQUENCE_END_name(stname, itname)
|
|
||||||
*
|
|
||||||
* This will create an item called itname_it using
|
|
||||||
* a structure called stname.
|
|
||||||
*/
|
|
||||||
|
|
||||||
# define ASN1_SEQUENCE(tname) \
|
|
||||||
static const ASN1_TEMPLATE tname##_seq_tt[]
|
|
||||||
|
|
||||||
# define ASN1_SEQUENCE_END(stname) ASN1_SEQUENCE_END_name(stname, stname)
|
|
||||||
|
|
||||||
# define ASN1_SEQUENCE_END_name(stname, tname) \
|
|
||||||
;\
|
|
||||||
ASN1_ITEM_start(tname) \
|
|
||||||
ASN1_ITYPE_SEQUENCE,\
|
|
||||||
V_ASN1_SEQUENCE,\
|
|
||||||
tname##_seq_tt,\
|
|
||||||
sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
|
|
||||||
NULL,\
|
|
||||||
sizeof(stname),\
|
|
||||||
#stname \
|
|
||||||
ASN1_ITEM_end(tname)
|
|
||||||
|
|
||||||
# define ASN1_NDEF_SEQUENCE(tname) \
|
|
||||||
ASN1_SEQUENCE(tname)
|
|
||||||
|
|
||||||
# define ASN1_NDEF_SEQUENCE_cb(tname, cb) \
|
|
||||||
ASN1_SEQUENCE_cb(tname, cb)
|
|
||||||
|
|
||||||
# define ASN1_SEQUENCE_cb(tname, cb) \
|
|
||||||
static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
|
|
||||||
ASN1_SEQUENCE(tname)
|
|
||||||
|
|
||||||
# define ASN1_BROKEN_SEQUENCE(tname) \
|
|
||||||
static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_BROKEN, 0, 0, 0, 0}; \
|
|
||||||
ASN1_SEQUENCE(tname)
|
|
||||||
|
|
||||||
# define ASN1_SEQUENCE_ref(tname, cb, lck) \
|
|
||||||
static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), lck, cb, 0}; \
|
|
||||||
ASN1_SEQUENCE(tname)
|
|
||||||
|
|
||||||
# define ASN1_SEQUENCE_enc(tname, enc, cb) \
|
|
||||||
static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_ENCODING, 0, 0, cb, offsetof(tname, enc)}; \
|
|
||||||
ASN1_SEQUENCE(tname)
|
|
||||||
|
|
||||||
# define ASN1_NDEF_SEQUENCE_END(tname) \
|
|
||||||
;\
|
|
||||||
ASN1_ITEM_start(tname) \
|
|
||||||
ASN1_ITYPE_NDEF_SEQUENCE,\
|
|
||||||
V_ASN1_SEQUENCE,\
|
|
||||||
tname##_seq_tt,\
|
|
||||||
sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
|
|
||||||
NULL,\
|
|
||||||
sizeof(tname),\
|
|
||||||
#tname \
|
|
||||||
ASN1_ITEM_end(tname)
|
|
||||||
|
|
||||||
# define ASN1_BROKEN_SEQUENCE_END(stname) ASN1_SEQUENCE_END_ref(stname, stname)
|
|
||||||
|
|
||||||
# define ASN1_SEQUENCE_END_enc(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
|
|
||||||
|
|
||||||
# define ASN1_SEQUENCE_END_cb(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
|
|
||||||
|
|
||||||
# define ASN1_SEQUENCE_END_ref(stname, tname) \
|
|
||||||
;\
|
|
||||||
ASN1_ITEM_start(tname) \
|
|
||||||
ASN1_ITYPE_SEQUENCE,\
|
|
||||||
V_ASN1_SEQUENCE,\
|
|
||||||
tname##_seq_tt,\
|
|
||||||
sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
|
|
||||||
&tname##_aux,\
|
|
||||||
sizeof(stname),\
|
|
||||||
#stname \
|
|
||||||
ASN1_ITEM_end(tname)
|
|
||||||
|
|
||||||
# define ASN1_NDEF_SEQUENCE_END_cb(stname, tname) \
|
|
||||||
;\
|
|
||||||
ASN1_ITEM_start(tname) \
|
|
||||||
ASN1_ITYPE_NDEF_SEQUENCE,\
|
|
||||||
V_ASN1_SEQUENCE,\
|
|
||||||
tname##_seq_tt,\
|
|
||||||
sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
|
|
||||||
&tname##_aux,\
|
|
||||||
sizeof(stname),\
|
|
||||||
#stname \
|
|
||||||
ASN1_ITEM_end(tname)
|
|
||||||
|
|
||||||
/*-
|
|
||||||
* This pair helps declare a CHOICE type. We can do:
|
|
||||||
*
|
|
||||||
* ASN1_CHOICE(chname) = {
|
|
||||||
* ... CHOICE options ...
|
|
||||||
* ASN1_CHOICE_END(chname)
|
|
||||||
*
|
|
||||||
* This will produce an ASN1_ITEM called chname_it
|
|
||||||
* for a structure called chname. The structure
|
|
||||||
* definition must look like this:
|
|
||||||
* typedef struct {
|
|
||||||
* int type;
|
|
||||||
* union {
|
|
||||||
* ASN1_SOMETHING *opt1;
|
|
||||||
* ASN1_SOMEOTHER *opt2;
|
|
||||||
* } value;
|
|
||||||
* } chname;
|
|
||||||
*
|
|
||||||
* the name of the selector must be 'type'.
|
|
||||||
* to use an alternative selector name use the
|
|
||||||
* ASN1_CHOICE_END_selector() version.
|
|
||||||
*/
|
|
||||||
|
|
||||||
# define ASN1_CHOICE(tname) \
|
|
||||||
static const ASN1_TEMPLATE tname##_ch_tt[]
|
|
||||||
|
|
||||||
# define ASN1_CHOICE_cb(tname, cb) \
|
|
||||||
static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
|
|
||||||
ASN1_CHOICE(tname)
|
|
||||||
|
|
||||||
# define ASN1_CHOICE_END(stname) ASN1_CHOICE_END_name(stname, stname)
|
|
||||||
|
|
||||||
# define ASN1_CHOICE_END_name(stname, tname) ASN1_CHOICE_END_selector(stname, tname, type)
|
|
||||||
|
|
||||||
# define ASN1_CHOICE_END_selector(stname, tname, selname) \
|
|
||||||
;\
|
|
||||||
ASN1_ITEM_start(tname) \
|
|
||||||
ASN1_ITYPE_CHOICE,\
|
|
||||||
offsetof(stname,selname) ,\
|
|
||||||
tname##_ch_tt,\
|
|
||||||
sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\
|
|
||||||
NULL,\
|
|
||||||
sizeof(stname),\
|
|
||||||
#stname \
|
|
||||||
ASN1_ITEM_end(tname)
|
|
||||||
|
|
||||||
# define ASN1_CHOICE_END_cb(stname, tname, selname) \
|
|
||||||
;\
|
|
||||||
ASN1_ITEM_start(tname) \
|
|
||||||
ASN1_ITYPE_CHOICE,\
|
|
||||||
offsetof(stname,selname) ,\
|
|
||||||
tname##_ch_tt,\
|
|
||||||
sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\
|
|
||||||
&tname##_aux,\
|
|
||||||
sizeof(stname),\
|
|
||||||
#stname \
|
|
||||||
ASN1_ITEM_end(tname)
|
|
||||||
|
|
||||||
/* This helps with the template wrapper form of ASN1_ITEM */
|
|
||||||
|
|
||||||
# define ASN1_EX_TEMPLATE_TYPE(flags, tag, name, type) { \
|
|
||||||
(flags), (tag), 0,\
|
|
||||||
#name, ASN1_ITEM_ref(type) }
|
|
||||||
|
|
||||||
/* These help with SEQUENCE or CHOICE components */
|
|
||||||
|
|
||||||
/* used to declare other types */
|
|
||||||
|
|
||||||
# define ASN1_EX_TYPE(flags, tag, stname, field, type) { \
|
|
||||||
(flags), (tag), offsetof(stname, field),\
|
|
||||||
#field, ASN1_ITEM_ref(type) }
|
|
||||||
|
|
||||||
/* used when the structure is combined with the parent */
|
|
||||||
|
|
||||||
# define ASN1_EX_COMBINE(flags, tag, type) { \
|
|
||||||
(flags)|ASN1_TFLG_COMBINE, (tag), 0, NULL, ASN1_ITEM_ref(type) }
|
|
||||||
|
|
||||||
/* implicit and explicit helper macros */
|
|
||||||
|
|
||||||
# define ASN1_IMP_EX(stname, field, type, tag, ex) \
|
|
||||||
ASN1_EX_TYPE(ASN1_TFLG_IMPLICIT | ex, tag, stname, field, type)
|
|
||||||
|
|
||||||
# define ASN1_EXP_EX(stname, field, type, tag, ex) \
|
|
||||||
ASN1_EX_TYPE(ASN1_TFLG_EXPLICIT | ex, tag, stname, field, type)
|
|
||||||
|
|
||||||
/* Any defined by macros: the field used is in the table itself */
|
|
||||||
|
|
||||||
# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
|
|
||||||
# define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, (const ASN1_ITEM *)&(tblname##_adb) }
|
|
||||||
# define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, (const ASN1_ITEM *)&(tblname##_adb) }
|
|
||||||
# else
|
|
||||||
# define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, tblname##_adb }
|
|
||||||
# define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, tblname##_adb }
|
|
||||||
# endif
|
|
||||||
/* Plain simple type */
|
|
||||||
# define ASN1_SIMPLE(stname, field, type) ASN1_EX_TYPE(0,0, stname, field, type)
|
|
||||||
|
|
||||||
/* OPTIONAL simple type */
|
|
||||||
# define ASN1_OPT(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_OPTIONAL, 0, stname, field, type)
|
|
||||||
|
|
||||||
/* IMPLICIT tagged simple type */
|
|
||||||
# define ASN1_IMP(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, 0)
|
|
||||||
|
|
||||||
/* IMPLICIT tagged OPTIONAL simple type */
|
|
||||||
# define ASN1_IMP_OPT(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
|
|
||||||
|
|
||||||
/* Same as above but EXPLICIT */
|
|
||||||
|
|
||||||
# define ASN1_EXP(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, 0)
|
|
||||||
# define ASN1_EXP_OPT(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
|
|
||||||
|
|
||||||
/* SEQUENCE OF type */
|
|
||||||
# define ASN1_SEQUENCE_OF(stname, field, type) \
|
|
||||||
ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, stname, field, type)
|
|
||||||
|
|
||||||
/* OPTIONAL SEQUENCE OF */
|
|
||||||
# define ASN1_SEQUENCE_OF_OPT(stname, field, type) \
|
|
||||||
ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
|
|
||||||
|
|
||||||
/* Same as above but for SET OF */
|
|
||||||
|
|
||||||
# define ASN1_SET_OF(stname, field, type) \
|
|
||||||
ASN1_EX_TYPE(ASN1_TFLG_SET_OF, 0, stname, field, type)
|
|
||||||
|
|
||||||
# define ASN1_SET_OF_OPT(stname, field, type) \
|
|
||||||
ASN1_EX_TYPE(ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
|
|
||||||
|
|
||||||
/* Finally compound types of SEQUENCE, SET, IMPLICIT, EXPLICIT and OPTIONAL */
|
|
||||||
|
|
||||||
# define ASN1_IMP_SET_OF(stname, field, type, tag) \
|
|
||||||
ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
|
|
||||||
|
|
||||||
# define ASN1_EXP_SET_OF(stname, field, type, tag) \
|
|
||||||
ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
|
|
||||||
|
|
||||||
# define ASN1_IMP_SET_OF_OPT(stname, field, type, tag) \
|
|
||||||
ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
|
|
||||||
|
|
||||||
# define ASN1_EXP_SET_OF_OPT(stname, field, type, tag) \
|
|
||||||
ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
|
|
||||||
|
|
||||||
# define ASN1_IMP_SEQUENCE_OF(stname, field, type, tag) \
|
|
||||||
ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
|
|
||||||
|
|
||||||
# define ASN1_IMP_SEQUENCE_OF_OPT(stname, field, type, tag) \
|
|
||||||
ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
|
|
||||||
|
|
||||||
# define ASN1_EXP_SEQUENCE_OF(stname, field, type, tag) \
|
|
||||||
ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
|
|
||||||
|
|
||||||
# define ASN1_EXP_SEQUENCE_OF_OPT(stname, field, type, tag) \
|
|
||||||
ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
|
|
||||||
|
|
||||||
/* EXPLICIT using indefinite length constructed form */
|
|
||||||
# define ASN1_NDEF_EXP(stname, field, type, tag) \
|
|
||||||
ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_NDEF)
|
|
||||||
|
|
||||||
/* EXPLICIT OPTIONAL using indefinite length constructed form */
|
|
||||||
# define ASN1_NDEF_EXP_OPT(stname, field, type, tag) \
|
|
||||||
ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_NDEF)
|
|
||||||
|
|
||||||
/* Macros for the ASN1_ADB structure */
|
|
||||||
|
|
||||||
# define ASN1_ADB(name) \
|
|
||||||
static const ASN1_ADB_TABLE name##_adbtbl[]
|
|
||||||
|
|
||||||
# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
|
|
||||||
|
|
||||||
# define ASN1_ADB_END(name, flags, field, app_table, def, none) \
|
|
||||||
;\
|
|
||||||
static const ASN1_ADB name##_adb = {\
|
|
||||||
flags,\
|
|
||||||
offsetof(name, field),\
|
|
||||||
app_table,\
|
|
||||||
name##_adbtbl,\
|
|
||||||
sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\
|
|
||||||
def,\
|
|
||||||
none\
|
|
||||||
}
|
|
||||||
|
|
||||||
# else
|
|
||||||
|
|
||||||
# define ASN1_ADB_END(name, flags, field, app_table, def, none) \
|
|
||||||
;\
|
|
||||||
static const ASN1_ITEM *name##_adb(void) \
|
|
||||||
{ \
|
|
||||||
static const ASN1_ADB internal_adb = \
|
|
||||||
{\
|
|
||||||
flags,\
|
|
||||||
offsetof(name, field),\
|
|
||||||
app_table,\
|
|
||||||
name##_adbtbl,\
|
|
||||||
sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\
|
|
||||||
def,\
|
|
||||||
none\
|
|
||||||
}; \
|
|
||||||
return (const ASN1_ITEM *) &internal_adb; \
|
|
||||||
} \
|
|
||||||
void dummy_function(void)
|
|
||||||
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# define ADB_ENTRY(val, template) {val, template}
|
|
||||||
|
|
||||||
# define ASN1_ADB_TEMPLATE(name) \
|
|
||||||
static const ASN1_TEMPLATE name##_tt
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This is the ASN1 template structure that defines a wrapper round the
|
|
||||||
* actual type. It determines the actual position of the field in the value
|
|
||||||
* structure, various flags such as OPTIONAL and the field name.
|
|
||||||
*/
|
|
||||||
|
|
||||||
struct ASN1_TEMPLATE_st {
|
|
||||||
unsigned long flags; /* Various flags */
|
|
||||||
long tag; /* tag, not used if no tagging */
|
|
||||||
unsigned long offset; /* Offset of this field in structure */
|
|
||||||
# ifndef NO_ASN1_FIELD_NAMES
|
|
||||||
const char *field_name; /* Field name */
|
|
||||||
# endif
|
|
||||||
ASN1_ITEM_EXP *item; /* Relevant ASN1_ITEM or ASN1_ADB */
|
|
||||||
};
|
|
||||||
|
|
||||||
/* Macro to extract ASN1_ITEM and ASN1_ADB pointer from ASN1_TEMPLATE */
|
|
||||||
|
|
||||||
# define ASN1_TEMPLATE_item(t) (t->item_ptr)
|
|
||||||
# define ASN1_TEMPLATE_adb(t) (t->item_ptr)
|
|
||||||
|
|
||||||
typedef struct ASN1_ADB_TABLE_st ASN1_ADB_TABLE;
|
|
||||||
typedef struct ASN1_ADB_st ASN1_ADB;
|
|
||||||
|
|
||||||
struct ASN1_ADB_st {
|
|
||||||
unsigned long flags; /* Various flags */
|
|
||||||
unsigned long offset; /* Offset of selector field */
|
|
||||||
STACK_OF(ASN1_ADB_TABLE) **app_items; /* Application defined items */
|
|
||||||
const ASN1_ADB_TABLE *tbl; /* Table of possible types */
|
|
||||||
long tblcount; /* Number of entries in tbl */
|
|
||||||
const ASN1_TEMPLATE *default_tt; /* Type to use if no match */
|
|
||||||
const ASN1_TEMPLATE *null_tt; /* Type to use if selector is NULL */
|
|
||||||
};
|
|
||||||
|
|
||||||
struct ASN1_ADB_TABLE_st {
|
|
||||||
long value; /* NID for an object or value for an int */
|
|
||||||
const ASN1_TEMPLATE tt; /* item for this value */
|
|
||||||
};
|
|
||||||
|
|
||||||
/* template flags */
|
|
||||||
|
|
||||||
/* Field is optional */
|
|
||||||
# define ASN1_TFLG_OPTIONAL (0x1)
|
|
||||||
|
|
||||||
/* Field is a SET OF */
|
|
||||||
# define ASN1_TFLG_SET_OF (0x1 << 1)
|
|
||||||
|
|
||||||
/* Field is a SEQUENCE OF */
|
|
||||||
# define ASN1_TFLG_SEQUENCE_OF (0x2 << 1)
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Special case: this refers to a SET OF that will be sorted into DER order
|
|
||||||
* when encoded *and* the corresponding STACK will be modified to match the
|
|
||||||
* new order.
|
|
||||||
*/
|
|
||||||
# define ASN1_TFLG_SET_ORDER (0x3 << 1)
|
|
||||||
|
|
||||||
/* Mask for SET OF or SEQUENCE OF */
|
|
||||||
# define ASN1_TFLG_SK_MASK (0x3 << 1)
|
|
||||||
|
|
||||||
/*
|
|
||||||
* These flags mean the tag should be taken from the tag field. If EXPLICIT
|
|
||||||
* then the underlying type is used for the inner tag.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* IMPLICIT tagging */
|
|
||||||
# define ASN1_TFLG_IMPTAG (0x1 << 3)
|
|
||||||
|
|
||||||
/* EXPLICIT tagging, inner tag from underlying type */
|
|
||||||
# define ASN1_TFLG_EXPTAG (0x2 << 3)
|
|
||||||
|
|
||||||
# define ASN1_TFLG_TAG_MASK (0x3 << 3)
|
|
||||||
|
|
||||||
/* context specific IMPLICIT */
|
|
||||||
# define ASN1_TFLG_IMPLICIT ASN1_TFLG_IMPTAG|ASN1_TFLG_CONTEXT
|
|
||||||
|
|
||||||
/* context specific EXPLICIT */
|
|
||||||
# define ASN1_TFLG_EXPLICIT ASN1_TFLG_EXPTAG|ASN1_TFLG_CONTEXT
|
|
||||||
|
|
||||||
/*
|
|
||||||
* If tagging is in force these determine the type of tag to use. Otherwise
|
|
||||||
* the tag is determined by the underlying type. These values reflect the
|
|
||||||
* actual octet format.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* Universal tag */
|
|
||||||
# define ASN1_TFLG_UNIVERSAL (0x0<<6)
|
|
||||||
/* Application tag */
|
|
||||||
# define ASN1_TFLG_APPLICATION (0x1<<6)
|
|
||||||
/* Context specific tag */
|
|
||||||
# define ASN1_TFLG_CONTEXT (0x2<<6)
|
|
||||||
/* Private tag */
|
|
||||||
# define ASN1_TFLG_PRIVATE (0x3<<6)
|
|
||||||
|
|
||||||
# define ASN1_TFLG_TAG_CLASS (0x3<<6)
|
|
||||||
|
|
||||||
/*
|
|
||||||
* These are for ANY DEFINED BY type. In this case the 'item' field points to
|
|
||||||
* an ASN1_ADB structure which contains a table of values to decode the
|
|
||||||
* relevant type
|
|
||||||
*/
|
|
||||||
|
|
||||||
# define ASN1_TFLG_ADB_MASK (0x3<<8)
|
|
||||||
|
|
||||||
# define ASN1_TFLG_ADB_OID (0x1<<8)
|
|
||||||
|
|
||||||
# define ASN1_TFLG_ADB_INT (0x1<<9)
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This flag means a parent structure is passed instead of the field: this is
|
|
||||||
* useful is a SEQUENCE is being combined with a CHOICE for example. Since
|
|
||||||
* this means the structure and item name will differ we need to use the
|
|
||||||
* ASN1_CHOICE_END_name() macro for example.
|
|
||||||
*/
|
|
||||||
|
|
||||||
# define ASN1_TFLG_COMBINE (0x1<<10)
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This flag when present in a SEQUENCE OF, SET OF or EXPLICIT causes
|
|
||||||
* indefinite length constructed encoding to be used if required.
|
|
||||||
*/
|
|
||||||
|
|
||||||
# define ASN1_TFLG_NDEF (0x1<<11)
|
|
||||||
|
|
||||||
/* This is the actual ASN1 item itself */
|
|
||||||
|
|
||||||
struct ASN1_ITEM_st {
|
|
||||||
char itype; /* The item type, primitive, SEQUENCE, CHOICE
|
|
||||||
* or extern */
|
|
||||||
long utype; /* underlying type */
|
|
||||||
const ASN1_TEMPLATE *templates; /* If SEQUENCE or CHOICE this contains
|
|
||||||
* the contents */
|
|
||||||
long tcount; /* Number of templates if SEQUENCE or CHOICE */
|
|
||||||
const void *funcs; /* functions that handle this type */
|
|
||||||
long size; /* Structure size (usually) */
|
|
||||||
# ifndef NO_ASN1_FIELD_NAMES
|
|
||||||
const char *sname; /* Structure name */
|
|
||||||
# endif
|
|
||||||
};
|
|
||||||
|
|
||||||
/*-
|
|
||||||
* These are values for the itype field and
|
|
||||||
* determine how the type is interpreted.
|
|
||||||
*
|
|
||||||
* For PRIMITIVE types the underlying type
|
|
||||||
* determines the behaviour if items is NULL.
|
|
||||||
*
|
|
||||||
* Otherwise templates must contain a single
|
|
||||||
* template and the type is treated in the
|
|
||||||
* same way as the type specified in the template.
|
|
||||||
*
|
|
||||||
* For SEQUENCE types the templates field points
|
|
||||||
* to the members, the size field is the
|
|
||||||
* structure size.
|
|
||||||
*
|
|
||||||
* For CHOICE types the templates field points
|
|
||||||
* to each possible member (typically a union)
|
|
||||||
* and the 'size' field is the offset of the
|
|
||||||
* selector.
|
|
||||||
*
|
|
||||||
* The 'funcs' field is used for application
|
|
||||||
* specific functions.
|
|
||||||
*
|
|
||||||
* For COMPAT types the funcs field gives a
|
|
||||||
* set of functions that handle this type, this
|
|
||||||
* supports the old d2i, i2d convention.
|
|
||||||
*
|
|
||||||
* The EXTERN type uses a new style d2i/i2d.
|
|
||||||
* The new style should be used where possible
|
|
||||||
* because it avoids things like the d2i IMPLICIT
|
|
||||||
* hack.
|
|
||||||
*
|
|
||||||
* MSTRING is a multiple string type, it is used
|
|
||||||
* for a CHOICE of character strings where the
|
|
||||||
* actual strings all occupy an ASN1_STRING
|
|
||||||
* structure. In this case the 'utype' field
|
|
||||||
* has a special meaning, it is used as a mask
|
|
||||||
* of acceptable types using the B_ASN1 constants.
|
|
||||||
*
|
|
||||||
* NDEF_SEQUENCE is the same as SEQUENCE except
|
|
||||||
* that it will use indefinite length constructed
|
|
||||||
* encoding if requested.
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
|
|
||||||
# define ASN1_ITYPE_PRIMITIVE 0x0
|
|
||||||
|
|
||||||
# define ASN1_ITYPE_SEQUENCE 0x1
|
|
||||||
|
|
||||||
# define ASN1_ITYPE_CHOICE 0x2
|
|
||||||
|
|
||||||
# define ASN1_ITYPE_COMPAT 0x3
|
|
||||||
|
|
||||||
# define ASN1_ITYPE_EXTERN 0x4
|
|
||||||
|
|
||||||
# define ASN1_ITYPE_MSTRING 0x5
|
|
||||||
|
|
||||||
# define ASN1_ITYPE_NDEF_SEQUENCE 0x6
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Cache for ASN1 tag and length, so we don't keep re-reading it for things
|
|
||||||
* like CHOICE
|
|
||||||
*/
|
|
||||||
|
|
||||||
struct ASN1_TLC_st {
|
|
||||||
char valid; /* Values below are valid */
|
|
||||||
int ret; /* return value */
|
|
||||||
long plen; /* length */
|
|
||||||
int ptag; /* class value */
|
|
||||||
int pclass; /* class value */
|
|
||||||
int hdrlen; /* header length */
|
|
||||||
};
|
|
||||||
|
|
||||||
/* Typedefs for ASN1 function pointers */
|
|
||||||
|
|
||||||
typedef ASN1_VALUE *ASN1_new_func(void);
|
|
||||||
typedef void ASN1_free_func(ASN1_VALUE *a);
|
|
||||||
typedef ASN1_VALUE *ASN1_d2i_func(ASN1_VALUE **a, const unsigned char **in,
|
|
||||||
long length);
|
|
||||||
typedef int ASN1_i2d_func(ASN1_VALUE *a, unsigned char **in);
|
|
||||||
|
|
||||||
typedef int ASN1_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
|
|
||||||
const ASN1_ITEM *it, int tag, int aclass, char opt,
|
|
||||||
ASN1_TLC *ctx);
|
|
||||||
|
|
||||||
typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
|
|
||||||
const ASN1_ITEM *it, int tag, int aclass);
|
|
||||||
typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
|
|
||||||
typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
|
|
||||||
|
|
||||||
typedef int ASN1_ex_print_func(BIO *out, ASN1_VALUE **pval,
|
|
||||||
int indent, const char *fname,
|
|
||||||
const ASN1_PCTX *pctx);
|
|
||||||
|
|
||||||
typedef int ASN1_primitive_i2c(ASN1_VALUE **pval, unsigned char *cont,
|
|
||||||
int *putype, const ASN1_ITEM *it);
|
|
||||||
typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, const unsigned char *cont,
|
|
||||||
int len, int utype, char *free_cont,
|
|
||||||
const ASN1_ITEM *it);
|
|
||||||
typedef int ASN1_primitive_print(BIO *out, ASN1_VALUE **pval,
|
|
||||||
const ASN1_ITEM *it, int indent,
|
|
||||||
const ASN1_PCTX *pctx);
|
|
||||||
|
|
||||||
typedef struct ASN1_COMPAT_FUNCS_st {
|
|
||||||
ASN1_new_func *asn1_new;
|
|
||||||
ASN1_free_func *asn1_free;
|
|
||||||
ASN1_d2i_func *asn1_d2i;
|
|
||||||
ASN1_i2d_func *asn1_i2d;
|
|
||||||
} ASN1_COMPAT_FUNCS;
|
|
||||||
|
|
||||||
typedef struct ASN1_EXTERN_FUNCS_st {
|
|
||||||
void *app_data;
|
|
||||||
ASN1_ex_new_func *asn1_ex_new;
|
|
||||||
ASN1_ex_free_func *asn1_ex_free;
|
|
||||||
ASN1_ex_free_func *asn1_ex_clear;
|
|
||||||
ASN1_ex_d2i *asn1_ex_d2i;
|
|
||||||
ASN1_ex_i2d *asn1_ex_i2d;
|
|
||||||
ASN1_ex_print_func *asn1_ex_print;
|
|
||||||
} ASN1_EXTERN_FUNCS;
|
|
||||||
|
|
||||||
typedef struct ASN1_PRIMITIVE_FUNCS_st {
|
|
||||||
void *app_data;
|
|
||||||
unsigned long flags;
|
|
||||||
ASN1_ex_new_func *prim_new;
|
|
||||||
ASN1_ex_free_func *prim_free;
|
|
||||||
ASN1_ex_free_func *prim_clear;
|
|
||||||
ASN1_primitive_c2i *prim_c2i;
|
|
||||||
ASN1_primitive_i2c *prim_i2c;
|
|
||||||
ASN1_primitive_print *prim_print;
|
|
||||||
} ASN1_PRIMITIVE_FUNCS;
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This is the ASN1_AUX structure: it handles various miscellaneous
|
|
||||||
* requirements. For example the use of reference counts and an informational
|
|
||||||
* callback. The "informational callback" is called at various points during
|
|
||||||
* the ASN1 encoding and decoding. It can be used to provide minor
|
|
||||||
* customisation of the structures used. This is most useful where the
|
|
||||||
* supplied routines *almost* do the right thing but need some extra help at
|
|
||||||
* a few points. If the callback returns zero then it is assumed a fatal
|
|
||||||
* error has occurred and the main operation should be abandoned. If major
|
|
||||||
* changes in the default behaviour are required then an external type is
|
|
||||||
* more appropriate.
|
|
||||||
*/
|
|
||||||
|
|
||||||
typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it,
|
|
||||||
void *exarg);
|
|
||||||
|
|
||||||
typedef struct ASN1_AUX_st {
|
|
||||||
void *app_data;
|
|
||||||
int flags;
|
|
||||||
int ref_offset; /* Offset of reference value */
|
|
||||||
int ref_lock; /* Lock type to use */
|
|
||||||
ASN1_aux_cb *asn1_cb;
|
|
||||||
int enc_offset; /* Offset of ASN1_ENCODING structure */
|
|
||||||
} ASN1_AUX;
|
|
||||||
|
|
||||||
/* For print related callbacks exarg points to this structure */
|
|
||||||
typedef struct ASN1_PRINT_ARG_st {
|
|
||||||
BIO *out;
|
|
||||||
int indent;
|
|
||||||
const ASN1_PCTX *pctx;
|
|
||||||
} ASN1_PRINT_ARG;
|
|
||||||
|
|
||||||
/* For streaming related callbacks exarg points to this structure */
|
|
||||||
typedef struct ASN1_STREAM_ARG_st {
|
|
||||||
/* BIO to stream through */
|
|
||||||
BIO *out;
|
|
||||||
/* BIO with filters appended */
|
|
||||||
BIO *ndef_bio;
|
|
||||||
/* Streaming I/O boundary */
|
|
||||||
unsigned char **boundary;
|
|
||||||
} ASN1_STREAM_ARG;
|
|
||||||
|
|
||||||
/* Flags in ASN1_AUX */
|
|
||||||
|
|
||||||
/* Use a reference count */
|
|
||||||
# define ASN1_AFLG_REFCOUNT 1
|
|
||||||
/* Save the encoding of structure (useful for signatures) */
|
|
||||||
# define ASN1_AFLG_ENCODING 2
|
|
||||||
/* The Sequence length is invalid */
|
|
||||||
# define ASN1_AFLG_BROKEN 4
|
|
||||||
|
|
||||||
/* operation values for asn1_cb */
|
|
||||||
|
|
||||||
# define ASN1_OP_NEW_PRE 0
|
|
||||||
# define ASN1_OP_NEW_POST 1
|
|
||||||
# define ASN1_OP_FREE_PRE 2
|
|
||||||
# define ASN1_OP_FREE_POST 3
|
|
||||||
# define ASN1_OP_D2I_PRE 4
|
|
||||||
# define ASN1_OP_D2I_POST 5
|
|
||||||
# define ASN1_OP_I2D_PRE 6
|
|
||||||
# define ASN1_OP_I2D_POST 7
|
|
||||||
# define ASN1_OP_PRINT_PRE 8
|
|
||||||
# define ASN1_OP_PRINT_POST 9
|
|
||||||
# define ASN1_OP_STREAM_PRE 10
|
|
||||||
# define ASN1_OP_STREAM_POST 11
|
|
||||||
# define ASN1_OP_DETACHED_PRE 12
|
|
||||||
# define ASN1_OP_DETACHED_POST 13
|
|
||||||
|
|
||||||
/* Macro to implement a primitive type */
|
|
||||||
# define IMPLEMENT_ASN1_TYPE(stname) IMPLEMENT_ASN1_TYPE_ex(stname, stname, 0)
|
|
||||||
# define IMPLEMENT_ASN1_TYPE_ex(itname, vname, ex) \
|
|
||||||
ASN1_ITEM_start(itname) \
|
|
||||||
ASN1_ITYPE_PRIMITIVE, V_##vname, NULL, 0, NULL, ex, #itname \
|
|
||||||
ASN1_ITEM_end(itname)
|
|
||||||
|
|
||||||
/* Macro to implement a multi string type */
|
|
||||||
# define IMPLEMENT_ASN1_MSTRING(itname, mask) \
|
|
||||||
ASN1_ITEM_start(itname) \
|
|
||||||
ASN1_ITYPE_MSTRING, mask, NULL, 0, NULL, sizeof(ASN1_STRING), #itname \
|
|
||||||
ASN1_ITEM_end(itname)
|
|
||||||
|
|
||||||
/* Macro to implement an ASN1_ITEM in terms of old style funcs */
|
|
||||||
|
|
||||||
# define IMPLEMENT_COMPAT_ASN1(sname) IMPLEMENT_COMPAT_ASN1_type(sname, V_ASN1_SEQUENCE)
|
|
||||||
|
|
||||||
# define IMPLEMENT_COMPAT_ASN1_type(sname, tag) \
|
|
||||||
static const ASN1_COMPAT_FUNCS sname##_ff = { \
|
|
||||||
(ASN1_new_func *)sname##_new, \
|
|
||||||
(ASN1_free_func *)sname##_free, \
|
|
||||||
(ASN1_d2i_func *)d2i_##sname, \
|
|
||||||
(ASN1_i2d_func *)i2d_##sname, \
|
|
||||||
}; \
|
|
||||||
ASN1_ITEM_start(sname) \
|
|
||||||
ASN1_ITYPE_COMPAT, \
|
|
||||||
tag, \
|
|
||||||
NULL, \
|
|
||||||
0, \
|
|
||||||
&sname##_ff, \
|
|
||||||
0, \
|
|
||||||
#sname \
|
|
||||||
ASN1_ITEM_end(sname)
|
|
||||||
|
|
||||||
# define IMPLEMENT_EXTERN_ASN1(sname, tag, fptrs) \
|
|
||||||
ASN1_ITEM_start(sname) \
|
|
||||||
ASN1_ITYPE_EXTERN, \
|
|
||||||
tag, \
|
|
||||||
NULL, \
|
|
||||||
0, \
|
|
||||||
&fptrs, \
|
|
||||||
0, \
|
|
||||||
#sname \
|
|
||||||
ASN1_ITEM_end(sname)
|
|
||||||
|
|
||||||
/* Macro to implement standard functions in terms of ASN1_ITEM structures */
|
|
||||||
|
|
||||||
# define IMPLEMENT_ASN1_FUNCTIONS(stname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, stname, stname)
|
|
||||||
|
|
||||||
# define IMPLEMENT_ASN1_FUNCTIONS_name(stname, itname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, itname)
|
|
||||||
|
|
||||||
# define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \
|
|
||||||
IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname)
|
|
||||||
|
|
||||||
# define IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(stname) \
|
|
||||||
IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(static, stname, stname, stname)
|
|
||||||
|
|
||||||
# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS(stname) \
|
|
||||||
IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, stname, stname)
|
|
||||||
|
|
||||||
# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(pre, stname, itname, fname) \
|
|
||||||
pre stname *fname##_new(void) \
|
|
||||||
{ \
|
|
||||||
return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
|
|
||||||
} \
|
|
||||||
pre void fname##_free(stname *a) \
|
|
||||||
{ \
|
|
||||||
ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
|
|
||||||
}
|
|
||||||
|
|
||||||
# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \
|
|
||||||
stname *fname##_new(void) \
|
|
||||||
{ \
|
|
||||||
return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
|
|
||||||
} \
|
|
||||||
void fname##_free(stname *a) \
|
|
||||||
{ \
|
|
||||||
ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
|
|
||||||
}
|
|
||||||
|
|
||||||
# define IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, fname) \
|
|
||||||
IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
|
|
||||||
IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
|
|
||||||
|
|
||||||
# define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
|
|
||||||
stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
|
|
||||||
{ \
|
|
||||||
return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\
|
|
||||||
} \
|
|
||||||
int i2d_##fname(stname *a, unsigned char **out) \
|
|
||||||
{ \
|
|
||||||
return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
|
|
||||||
}
|
|
||||||
|
|
||||||
# define IMPLEMENT_ASN1_NDEF_FUNCTION(stname) \
|
|
||||||
int i2d_##stname##_NDEF(stname *a, unsigned char **out) \
|
|
||||||
{ \
|
|
||||||
return ASN1_item_ndef_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(stname));\
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This includes evil casts to remove const: they will go away when full ASN1
|
|
||||||
* constification is done.
|
|
||||||
*/
|
|
||||||
# define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
|
|
||||||
stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
|
|
||||||
{ \
|
|
||||||
return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\
|
|
||||||
} \
|
|
||||||
int i2d_##fname(const stname *a, unsigned char **out) \
|
|
||||||
{ \
|
|
||||||
return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
|
|
||||||
}
|
|
||||||
|
|
||||||
# define IMPLEMENT_ASN1_DUP_FUNCTION(stname) \
|
|
||||||
stname * stname##_dup(stname *x) \
|
|
||||||
{ \
|
|
||||||
return ASN1_item_dup(ASN1_ITEM_rptr(stname), x); \
|
|
||||||
}
|
|
||||||
|
|
||||||
# define IMPLEMENT_ASN1_PRINT_FUNCTION(stname) \
|
|
||||||
IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, stname, stname)
|
|
||||||
|
|
||||||
# define IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, itname, fname) \
|
|
||||||
int fname##_print_ctx(BIO *out, stname *x, int indent, \
|
|
||||||
const ASN1_PCTX *pctx) \
|
|
||||||
{ \
|
|
||||||
return ASN1_item_print(out, (ASN1_VALUE *)x, indent, \
|
|
||||||
ASN1_ITEM_rptr(itname), pctx); \
|
|
||||||
}
|
|
||||||
|
|
||||||
# define IMPLEMENT_ASN1_FUNCTIONS_const(name) \
|
|
||||||
IMPLEMENT_ASN1_FUNCTIONS_const_fname(name, name, name)
|
|
||||||
|
|
||||||
# define IMPLEMENT_ASN1_FUNCTIONS_const_fname(stname, itname, fname) \
|
|
||||||
IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
|
|
||||||
IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
|
|
||||||
|
|
||||||
/* external definitions for primitive types */
|
|
||||||
|
|
||||||
DECLARE_ASN1_ITEM(ASN1_BOOLEAN)
|
|
||||||
DECLARE_ASN1_ITEM(ASN1_TBOOLEAN)
|
|
||||||
DECLARE_ASN1_ITEM(ASN1_FBOOLEAN)
|
|
||||||
DECLARE_ASN1_ITEM(ASN1_SEQUENCE)
|
|
||||||
DECLARE_ASN1_ITEM(CBIGNUM)
|
|
||||||
DECLARE_ASN1_ITEM(BIGNUM)
|
|
||||||
DECLARE_ASN1_ITEM(LONG)
|
|
||||||
DECLARE_ASN1_ITEM(ZLONG)
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(ASN1_VALUE)
|
|
||||||
|
|
||||||
/* Functions used internally by the ASN1 code */
|
|
||||||
|
|
||||||
int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
|
|
||||||
void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
|
|
||||||
int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
|
|
||||||
int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
|
|
||||||
|
|
||||||
void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
|
|
||||||
int ASN1_template_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
|
|
||||||
const ASN1_TEMPLATE *tt);
|
|
||||||
int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
|
|
||||||
const ASN1_ITEM *it, int tag, int aclass, char opt,
|
|
||||||
ASN1_TLC *ctx);
|
|
||||||
|
|
||||||
int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
|
|
||||||
const ASN1_ITEM *it, int tag, int aclass);
|
|
||||||
int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out,
|
|
||||||
const ASN1_TEMPLATE *tt);
|
|
||||||
void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
|
|
||||||
|
|
||||||
int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
|
|
||||||
const ASN1_ITEM *it);
|
|
||||||
int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
|
|
||||||
int utype, char *free_cont, const ASN1_ITEM *it);
|
|
||||||
|
|
||||||
int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it);
|
|
||||||
int asn1_set_choice_selector(ASN1_VALUE **pval, int value,
|
|
||||||
const ASN1_ITEM *it);
|
|
||||||
|
|
||||||
ASN1_VALUE **asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
|
|
||||||
|
|
||||||
const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt,
|
|
||||||
int nullerr);
|
|
||||||
|
|
||||||
int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it);
|
|
||||||
|
|
||||||
void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it);
|
|
||||||
void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
|
|
||||||
int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval,
|
|
||||||
const ASN1_ITEM *it);
|
|
||||||
int asn1_enc_save(ASN1_VALUE **pval, const unsigned char *in, int inlen,
|
|
||||||
const ASN1_ITEM *it);
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#endif
|
|
|
@ -1,130 +0,0 @@
|
||||||
/* crypto/bf/blowfish.h */
|
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
|
||||||
* All rights reserved.
|
|
||||||
*
|
|
||||||
* This package is an SSL implementation written
|
|
||||||
* by Eric Young (eay@cryptsoft.com).
|
|
||||||
* The implementation was written so as to conform with Netscapes SSL.
|
|
||||||
*
|
|
||||||
* This library is free for commercial and non-commercial use as long as
|
|
||||||
* the following conditions are aheared to. The following conditions
|
|
||||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
||||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
||||||
* included with this distribution is covered by the same copyright terms
|
|
||||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
||||||
* the code are not to be removed.
|
|
||||||
* If this package is used in a product, Eric Young should be given attribution
|
|
||||||
* as the author of the parts of the library used.
|
|
||||||
* This can be in the form of a textual message at program startup or
|
|
||||||
* in documentation (online or textual) provided with the package.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. All advertising materials mentioning features or use of this software
|
|
||||||
* must display the following acknowledgement:
|
|
||||||
* "This product includes cryptographic software written by
|
|
||||||
* Eric Young (eay@cryptsoft.com)"
|
|
||||||
* The word 'cryptographic' can be left out if the rouines from the library
|
|
||||||
* being used are not cryptographic related :-).
|
|
||||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
||||||
* the apps directory (application code) you must include an acknowledgement:
|
|
||||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
||||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
||||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
||||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
* SUCH DAMAGE.
|
|
||||||
*
|
|
||||||
* The licence and distribution terms for any publically available version or
|
|
||||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
||||||
* copied and put under another distribution licence
|
|
||||||
* [including the GNU Public Licence.]
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_BLOWFISH_H
|
|
||||||
# define HEADER_BLOWFISH_H
|
|
||||||
|
|
||||||
# include <openssl/e_os2.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
# ifdef OPENSSL_NO_BF
|
|
||||||
# error BF is disabled.
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# define BF_ENCRYPT 1
|
|
||||||
# define BF_DECRYPT 0
|
|
||||||
|
|
||||||
/*-
|
|
||||||
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
|
||||||
* ! BF_LONG has to be at least 32 bits wide. If it's wider, then !
|
|
||||||
* ! BF_LONG_LOG2 has to be defined along. !
|
|
||||||
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
|
||||||
*/
|
|
||||||
|
|
||||||
# if defined(__LP32__)
|
|
||||||
# define BF_LONG unsigned long
|
|
||||||
# elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
|
|
||||||
# define BF_LONG unsigned long
|
|
||||||
# define BF_LONG_LOG2 3
|
|
||||||
/*
|
|
||||||
* _CRAY note. I could declare short, but I have no idea what impact
|
|
||||||
* does it have on performance on none-T3E machines. I could declare
|
|
||||||
* int, but at least on C90 sizeof(int) can be chosen at compile time.
|
|
||||||
* So I've chosen long...
|
|
||||||
* <appro@fy.chalmers.se>
|
|
||||||
*/
|
|
||||||
# else
|
|
||||||
# define BF_LONG unsigned int
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# define BF_ROUNDS 16
|
|
||||||
# define BF_BLOCK 8
|
|
||||||
|
|
||||||
typedef struct bf_key_st {
|
|
||||||
BF_LONG P[BF_ROUNDS + 2];
|
|
||||||
BF_LONG S[4 * 256];
|
|
||||||
} BF_KEY;
|
|
||||||
|
|
||||||
# ifdef OPENSSL_FIPS
|
|
||||||
void private_BF_set_key(BF_KEY *key, int len, const unsigned char *data);
|
|
||||||
# endif
|
|
||||||
void BF_set_key(BF_KEY *key, int len, const unsigned char *data);
|
|
||||||
|
|
||||||
void BF_encrypt(BF_LONG *data, const BF_KEY *key);
|
|
||||||
void BF_decrypt(BF_LONG *data, const BF_KEY *key);
|
|
||||||
|
|
||||||
void BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
const BF_KEY *key, int enc);
|
|
||||||
void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
|
|
||||||
const BF_KEY *schedule, unsigned char *ivec, int enc);
|
|
||||||
void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
long length, const BF_KEY *schedule,
|
|
||||||
unsigned char *ivec, int *num, int enc);
|
|
||||||
void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
long length, const BF_KEY *schedule,
|
|
||||||
unsigned char *ivec, int *num);
|
|
||||||
const char *BF_options(void);
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif
|
|
|
@ -1,132 +0,0 @@
|
||||||
/* crypto/camellia/camellia.h -*- mode:C; c-file-style: "eay" -*- */
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
*
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
*
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in
|
|
||||||
* the documentation and/or other materials provided with the
|
|
||||||
* distribution.
|
|
||||||
*
|
|
||||||
* 3. All advertising materials mentioning features or use of this
|
|
||||||
* software must display the following acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
|
||||||
*
|
|
||||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* prior written permission. For written permission, please contact
|
|
||||||
* openssl-core@openssl.org.
|
|
||||||
*
|
|
||||||
* 5. Products derived from this software may not be called "OpenSSL"
|
|
||||||
* nor may "OpenSSL" appear in their names without prior written
|
|
||||||
* permission of the OpenSSL Project.
|
|
||||||
*
|
|
||||||
* 6. Redistributions of any form whatsoever must retain the following
|
|
||||||
* acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
||||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
||||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
||||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
||||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
||||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
||||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
||||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
||||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
* ====================================================================
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_CAMELLIA_H
|
|
||||||
# define HEADER_CAMELLIA_H
|
|
||||||
|
|
||||||
# include <openssl/opensslconf.h>
|
|
||||||
|
|
||||||
# ifdef OPENSSL_NO_CAMELLIA
|
|
||||||
# error CAMELLIA is disabled.
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# include <stddef.h>
|
|
||||||
|
|
||||||
# define CAMELLIA_ENCRYPT 1
|
|
||||||
# define CAMELLIA_DECRYPT 0
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Because array size can't be a const in C, the following two are macros.
|
|
||||||
* Both sizes are in bytes.
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* This should be a hidden type, but EVP requires that the size be known */
|
|
||||||
|
|
||||||
# define CAMELLIA_BLOCK_SIZE 16
|
|
||||||
# define CAMELLIA_TABLE_BYTE_LEN 272
|
|
||||||
# define CAMELLIA_TABLE_WORD_LEN (CAMELLIA_TABLE_BYTE_LEN / 4)
|
|
||||||
|
|
||||||
typedef unsigned int KEY_TABLE_TYPE[CAMELLIA_TABLE_WORD_LEN]; /* to match
|
|
||||||
* with WORD */
|
|
||||||
|
|
||||||
struct camellia_key_st {
|
|
||||||
union {
|
|
||||||
double d; /* ensures 64-bit align */
|
|
||||||
KEY_TABLE_TYPE rd_key;
|
|
||||||
} u;
|
|
||||||
int grand_rounds;
|
|
||||||
};
|
|
||||||
typedef struct camellia_key_st CAMELLIA_KEY;
|
|
||||||
|
|
||||||
# ifdef OPENSSL_FIPS
|
|
||||||
int private_Camellia_set_key(const unsigned char *userKey, const int bits,
|
|
||||||
CAMELLIA_KEY *key);
|
|
||||||
# endif
|
|
||||||
int Camellia_set_key(const unsigned char *userKey, const int bits,
|
|
||||||
CAMELLIA_KEY *key);
|
|
||||||
|
|
||||||
void Camellia_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
const CAMELLIA_KEY *key);
|
|
||||||
void Camellia_decrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
const CAMELLIA_KEY *key);
|
|
||||||
|
|
||||||
void Camellia_ecb_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
const CAMELLIA_KEY *key, const int enc);
|
|
||||||
void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t length, const CAMELLIA_KEY *key,
|
|
||||||
unsigned char *ivec, const int enc);
|
|
||||||
void Camellia_cfb128_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t length, const CAMELLIA_KEY *key,
|
|
||||||
unsigned char *ivec, int *num, const int enc);
|
|
||||||
void Camellia_cfb1_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t length, const CAMELLIA_KEY *key,
|
|
||||||
unsigned char *ivec, int *num, const int enc);
|
|
||||||
void Camellia_cfb8_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t length, const CAMELLIA_KEY *key,
|
|
||||||
unsigned char *ivec, int *num, const int enc);
|
|
||||||
void Camellia_ofb128_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t length, const CAMELLIA_KEY *key,
|
|
||||||
unsigned char *ivec, int *num);
|
|
||||||
void Camellia_ctr128_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t length, const CAMELLIA_KEY *key,
|
|
||||||
unsigned char ivec[CAMELLIA_BLOCK_SIZE],
|
|
||||||
unsigned char ecount_buf[CAMELLIA_BLOCK_SIZE],
|
|
||||||
unsigned int *num);
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif /* !HEADER_Camellia_H */
|
|
|
@ -1,107 +0,0 @@
|
||||||
/* crypto/cast/cast.h */
|
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
|
||||||
* All rights reserved.
|
|
||||||
*
|
|
||||||
* This package is an SSL implementation written
|
|
||||||
* by Eric Young (eay@cryptsoft.com).
|
|
||||||
* The implementation was written so as to conform with Netscapes SSL.
|
|
||||||
*
|
|
||||||
* This library is free for commercial and non-commercial use as long as
|
|
||||||
* the following conditions are aheared to. The following conditions
|
|
||||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
||||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
||||||
* included with this distribution is covered by the same copyright terms
|
|
||||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
||||||
* the code are not to be removed.
|
|
||||||
* If this package is used in a product, Eric Young should be given attribution
|
|
||||||
* as the author of the parts of the library used.
|
|
||||||
* This can be in the form of a textual message at program startup or
|
|
||||||
* in documentation (online or textual) provided with the package.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. All advertising materials mentioning features or use of this software
|
|
||||||
* must display the following acknowledgement:
|
|
||||||
* "This product includes cryptographic software written by
|
|
||||||
* Eric Young (eay@cryptsoft.com)"
|
|
||||||
* The word 'cryptographic' can be left out if the rouines from the library
|
|
||||||
* being used are not cryptographic related :-).
|
|
||||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
||||||
* the apps directory (application code) you must include an acknowledgement:
|
|
||||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
||||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
||||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
||||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
* SUCH DAMAGE.
|
|
||||||
*
|
|
||||||
* The licence and distribution terms for any publically available version or
|
|
||||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
||||||
* copied and put under another distribution licence
|
|
||||||
* [including the GNU Public Licence.]
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_CAST_H
|
|
||||||
# define HEADER_CAST_H
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
# include <openssl/opensslconf.h>
|
|
||||||
|
|
||||||
# ifdef OPENSSL_NO_CAST
|
|
||||||
# error CAST is disabled.
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# define CAST_ENCRYPT 1
|
|
||||||
# define CAST_DECRYPT 0
|
|
||||||
|
|
||||||
# define CAST_LONG unsigned int
|
|
||||||
|
|
||||||
# define CAST_BLOCK 8
|
|
||||||
# define CAST_KEY_LENGTH 16
|
|
||||||
|
|
||||||
typedef struct cast_key_st {
|
|
||||||
CAST_LONG data[32];
|
|
||||||
int short_key; /* Use reduced rounds for short key */
|
|
||||||
} CAST_KEY;
|
|
||||||
|
|
||||||
# ifdef OPENSSL_FIPS
|
|
||||||
void private_CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
|
|
||||||
# endif
|
|
||||||
void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
|
|
||||||
void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
const CAST_KEY *key, int enc);
|
|
||||||
void CAST_encrypt(CAST_LONG *data, const CAST_KEY *key);
|
|
||||||
void CAST_decrypt(CAST_LONG *data, const CAST_KEY *key);
|
|
||||||
void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
long length, const CAST_KEY *ks, unsigned char *iv,
|
|
||||||
int enc);
|
|
||||||
void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
long length, const CAST_KEY *schedule,
|
|
||||||
unsigned char *ivec, int *num, int enc);
|
|
||||||
void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
long length, const CAST_KEY *schedule,
|
|
||||||
unsigned char *ivec, int *num);
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif
|
|
|
@ -1,82 +0,0 @@
|
||||||
/* crypto/cmac/cmac.h */
|
|
||||||
/*
|
|
||||||
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
|
||||||
* project.
|
|
||||||
*/
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 2010 The OpenSSL Project. All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
*
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
*
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in
|
|
||||||
* the documentation and/or other materials provided with the
|
|
||||||
* distribution.
|
|
||||||
*
|
|
||||||
* 3. All advertising materials mentioning features or use of this
|
|
||||||
* software must display the following acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
|
||||||
*
|
|
||||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* prior written permission. For written permission, please contact
|
|
||||||
* licensing@OpenSSL.org.
|
|
||||||
*
|
|
||||||
* 5. Products derived from this software may not be called "OpenSSL"
|
|
||||||
* nor may "OpenSSL" appear in their names without prior written
|
|
||||||
* permission of the OpenSSL Project.
|
|
||||||
*
|
|
||||||
* 6. Redistributions of any form whatsoever must retain the following
|
|
||||||
* acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
||||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
||||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
||||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
||||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
||||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
||||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
||||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
||||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
* ====================================================================
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_CMAC_H
|
|
||||||
# define HEADER_CMAC_H
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
# include <openssl/evp.h>
|
|
||||||
|
|
||||||
/* Opaque */
|
|
||||||
typedef struct CMAC_CTX_st CMAC_CTX;
|
|
||||||
|
|
||||||
CMAC_CTX *CMAC_CTX_new(void);
|
|
||||||
void CMAC_CTX_cleanup(CMAC_CTX *ctx);
|
|
||||||
void CMAC_CTX_free(CMAC_CTX *ctx);
|
|
||||||
EVP_CIPHER_CTX *CMAC_CTX_get0_cipher_ctx(CMAC_CTX *ctx);
|
|
||||||
int CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in);
|
|
||||||
|
|
||||||
int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
|
|
||||||
const EVP_CIPHER *cipher, ENGINE *impl);
|
|
||||||
int CMAC_Update(CMAC_CTX *ctx, const void *data, size_t dlen);
|
|
||||||
int CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen);
|
|
||||||
int CMAC_resume(CMAC_CTX *ctx);
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#endif
|
|
|
@ -1,555 +0,0 @@
|
||||||
/* crypto/cms/cms.h */
|
|
||||||
/*
|
|
||||||
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
|
||||||
* project.
|
|
||||||
*/
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 2008 The OpenSSL Project. All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
*
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
*
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in
|
|
||||||
* the documentation and/or other materials provided with the
|
|
||||||
* distribution.
|
|
||||||
*
|
|
||||||
* 3. All advertising materials mentioning features or use of this
|
|
||||||
* software must display the following acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
|
||||||
*
|
|
||||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* prior written permission. For written permission, please contact
|
|
||||||
* licensing@OpenSSL.org.
|
|
||||||
*
|
|
||||||
* 5. Products derived from this software may not be called "OpenSSL"
|
|
||||||
* nor may "OpenSSL" appear in their names without prior written
|
|
||||||
* permission of the OpenSSL Project.
|
|
||||||
*
|
|
||||||
* 6. Redistributions of any form whatsoever must retain the following
|
|
||||||
* acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
||||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
||||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
||||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
||||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
||||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
||||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
||||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
||||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
* ====================================================================
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_CMS_H
|
|
||||||
# define HEADER_CMS_H
|
|
||||||
|
|
||||||
# include <openssl/x509.h>
|
|
||||||
|
|
||||||
# ifdef OPENSSL_NO_CMS
|
|
||||||
# error CMS is disabled.
|
|
||||||
# endif
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
typedef struct CMS_ContentInfo_st CMS_ContentInfo;
|
|
||||||
typedef struct CMS_SignerInfo_st CMS_SignerInfo;
|
|
||||||
typedef struct CMS_CertificateChoices CMS_CertificateChoices;
|
|
||||||
typedef struct CMS_RevocationInfoChoice_st CMS_RevocationInfoChoice;
|
|
||||||
typedef struct CMS_RecipientInfo_st CMS_RecipientInfo;
|
|
||||||
typedef struct CMS_ReceiptRequest_st CMS_ReceiptRequest;
|
|
||||||
typedef struct CMS_Receipt_st CMS_Receipt;
|
|
||||||
typedef struct CMS_RecipientEncryptedKey_st CMS_RecipientEncryptedKey;
|
|
||||||
typedef struct CMS_OtherKeyAttribute_st CMS_OtherKeyAttribute;
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(CMS_SignerInfo)
|
|
||||||
DECLARE_STACK_OF(GENERAL_NAMES)
|
|
||||||
DECLARE_STACK_OF(CMS_RecipientEncryptedKey)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(CMS_ReceiptRequest)
|
|
||||||
DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
|
|
||||||
|
|
||||||
# define CMS_SIGNERINFO_ISSUER_SERIAL 0
|
|
||||||
# define CMS_SIGNERINFO_KEYIDENTIFIER 1
|
|
||||||
|
|
||||||
# define CMS_RECIPINFO_NONE -1
|
|
||||||
# define CMS_RECIPINFO_TRANS 0
|
|
||||||
# define CMS_RECIPINFO_AGREE 1
|
|
||||||
# define CMS_RECIPINFO_KEK 2
|
|
||||||
# define CMS_RECIPINFO_PASS 3
|
|
||||||
# define CMS_RECIPINFO_OTHER 4
|
|
||||||
|
|
||||||
/* S/MIME related flags */
|
|
||||||
|
|
||||||
# define CMS_TEXT 0x1
|
|
||||||
# define CMS_NOCERTS 0x2
|
|
||||||
# define CMS_NO_CONTENT_VERIFY 0x4
|
|
||||||
# define CMS_NO_ATTR_VERIFY 0x8
|
|
||||||
# define CMS_NOSIGS \
|
|
||||||
(CMS_NO_CONTENT_VERIFY|CMS_NO_ATTR_VERIFY)
|
|
||||||
# define CMS_NOINTERN 0x10
|
|
||||||
# define CMS_NO_SIGNER_CERT_VERIFY 0x20
|
|
||||||
# define CMS_NOVERIFY 0x20
|
|
||||||
# define CMS_DETACHED 0x40
|
|
||||||
# define CMS_BINARY 0x80
|
|
||||||
# define CMS_NOATTR 0x100
|
|
||||||
# define CMS_NOSMIMECAP 0x200
|
|
||||||
# define CMS_NOOLDMIMETYPE 0x400
|
|
||||||
# define CMS_CRLFEOL 0x800
|
|
||||||
# define CMS_STREAM 0x1000
|
|
||||||
# define CMS_NOCRL 0x2000
|
|
||||||
# define CMS_PARTIAL 0x4000
|
|
||||||
# define CMS_REUSE_DIGEST 0x8000
|
|
||||||
# define CMS_USE_KEYID 0x10000
|
|
||||||
# define CMS_DEBUG_DECRYPT 0x20000
|
|
||||||
# define CMS_KEY_PARAM 0x40000
|
|
||||||
|
|
||||||
const ASN1_OBJECT *CMS_get0_type(CMS_ContentInfo *cms);
|
|
||||||
|
|
||||||
BIO *CMS_dataInit(CMS_ContentInfo *cms, BIO *icont);
|
|
||||||
int CMS_dataFinal(CMS_ContentInfo *cms, BIO *bio);
|
|
||||||
|
|
||||||
ASN1_OCTET_STRING **CMS_get0_content(CMS_ContentInfo *cms);
|
|
||||||
int CMS_is_detached(CMS_ContentInfo *cms);
|
|
||||||
int CMS_set_detached(CMS_ContentInfo *cms, int detached);
|
|
||||||
|
|
||||||
# ifdef HEADER_PEM_H
|
|
||||||
DECLARE_PEM_rw_const(CMS, CMS_ContentInfo)
|
|
||||||
# endif
|
|
||||||
int CMS_stream(unsigned char ***boundary, CMS_ContentInfo *cms);
|
|
||||||
CMS_ContentInfo *d2i_CMS_bio(BIO *bp, CMS_ContentInfo **cms);
|
|
||||||
int i2d_CMS_bio(BIO *bp, CMS_ContentInfo *cms);
|
|
||||||
|
|
||||||
BIO *BIO_new_CMS(BIO *out, CMS_ContentInfo *cms);
|
|
||||||
int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags);
|
|
||||||
int PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *in,
|
|
||||||
int flags);
|
|
||||||
CMS_ContentInfo *SMIME_read_CMS(BIO *bio, BIO **bcont);
|
|
||||||
int SMIME_write_CMS(BIO *bio, CMS_ContentInfo *cms, BIO *data, int flags);
|
|
||||||
|
|
||||||
int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont,
|
|
||||||
unsigned int flags);
|
|
||||||
|
|
||||||
CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey,
|
|
||||||
STACK_OF(X509) *certs, BIO *data,
|
|
||||||
unsigned int flags);
|
|
||||||
|
|
||||||
CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
|
|
||||||
X509 *signcert, EVP_PKEY *pkey,
|
|
||||||
STACK_OF(X509) *certs, unsigned int flags);
|
|
||||||
|
|
||||||
int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags);
|
|
||||||
CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags);
|
|
||||||
|
|
||||||
int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
|
|
||||||
unsigned int flags);
|
|
||||||
CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md,
|
|
||||||
unsigned int flags);
|
|
||||||
|
|
||||||
int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms,
|
|
||||||
const unsigned char *key, size_t keylen,
|
|
||||||
BIO *dcont, BIO *out, unsigned int flags);
|
|
||||||
|
|
||||||
CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
|
|
||||||
const unsigned char *key,
|
|
||||||
size_t keylen, unsigned int flags);
|
|
||||||
|
|
||||||
int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph,
|
|
||||||
const unsigned char *key, size_t keylen);
|
|
||||||
|
|
||||||
int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
|
|
||||||
X509_STORE *store, BIO *dcont, BIO *out, unsigned int flags);
|
|
||||||
|
|
||||||
int CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms,
|
|
||||||
STACK_OF(X509) *certs,
|
|
||||||
X509_STORE *store, unsigned int flags);
|
|
||||||
|
|
||||||
STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms);
|
|
||||||
|
|
||||||
CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in,
|
|
||||||
const EVP_CIPHER *cipher, unsigned int flags);
|
|
||||||
|
|
||||||
int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pkey, X509 *cert,
|
|
||||||
BIO *dcont, BIO *out, unsigned int flags);
|
|
||||||
|
|
||||||
int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert);
|
|
||||||
int CMS_decrypt_set1_key(CMS_ContentInfo *cms,
|
|
||||||
unsigned char *key, size_t keylen,
|
|
||||||
unsigned char *id, size_t idlen);
|
|
||||||
int CMS_decrypt_set1_password(CMS_ContentInfo *cms,
|
|
||||||
unsigned char *pass, ossl_ssize_t passlen);
|
|
||||||
|
|
||||||
STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
|
|
||||||
int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
|
|
||||||
EVP_PKEY_CTX *CMS_RecipientInfo_get0_pkey_ctx(CMS_RecipientInfo *ri);
|
|
||||||
CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher);
|
|
||||||
CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms,
|
|
||||||
X509 *recip, unsigned int flags);
|
|
||||||
int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey);
|
|
||||||
int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert);
|
|
||||||
int CMS_RecipientInfo_ktri_get0_algs(CMS_RecipientInfo *ri,
|
|
||||||
EVP_PKEY **pk, X509 **recip,
|
|
||||||
X509_ALGOR **palg);
|
|
||||||
int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri,
|
|
||||||
ASN1_OCTET_STRING **keyid,
|
|
||||||
X509_NAME **issuer,
|
|
||||||
ASN1_INTEGER **sno);
|
|
||||||
|
|
||||||
CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid,
|
|
||||||
unsigned char *key, size_t keylen,
|
|
||||||
unsigned char *id, size_t idlen,
|
|
||||||
ASN1_GENERALIZEDTIME *date,
|
|
||||||
ASN1_OBJECT *otherTypeId,
|
|
||||||
ASN1_TYPE *otherType);
|
|
||||||
|
|
||||||
int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri,
|
|
||||||
X509_ALGOR **palg,
|
|
||||||
ASN1_OCTET_STRING **pid,
|
|
||||||
ASN1_GENERALIZEDTIME **pdate,
|
|
||||||
ASN1_OBJECT **potherid,
|
|
||||||
ASN1_TYPE **pothertype);
|
|
||||||
|
|
||||||
int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri,
|
|
||||||
unsigned char *key, size_t keylen);
|
|
||||||
|
|
||||||
int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri,
|
|
||||||
const unsigned char *id, size_t idlen);
|
|
||||||
|
|
||||||
int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri,
|
|
||||||
unsigned char *pass,
|
|
||||||
ossl_ssize_t passlen);
|
|
||||||
|
|
||||||
CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
|
|
||||||
int iter, int wrap_nid,
|
|
||||||
int pbe_nid,
|
|
||||||
unsigned char *pass,
|
|
||||||
ossl_ssize_t passlen,
|
|
||||||
const EVP_CIPHER *kekciph);
|
|
||||||
|
|
||||||
int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
|
|
||||||
int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
|
|
||||||
|
|
||||||
int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
|
|
||||||
unsigned int flags);
|
|
||||||
CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags);
|
|
||||||
|
|
||||||
int CMS_set1_eContentType(CMS_ContentInfo *cms, const ASN1_OBJECT *oid);
|
|
||||||
const ASN1_OBJECT *CMS_get0_eContentType(CMS_ContentInfo *cms);
|
|
||||||
|
|
||||||
CMS_CertificateChoices *CMS_add0_CertificateChoices(CMS_ContentInfo *cms);
|
|
||||||
int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert);
|
|
||||||
int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert);
|
|
||||||
STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms);
|
|
||||||
|
|
||||||
CMS_RevocationInfoChoice *CMS_add0_RevocationInfoChoice(CMS_ContentInfo *cms);
|
|
||||||
int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl);
|
|
||||||
int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl);
|
|
||||||
STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms);
|
|
||||||
|
|
||||||
int CMS_SignedData_init(CMS_ContentInfo *cms);
|
|
||||||
CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
|
|
||||||
X509 *signer, EVP_PKEY *pk, const EVP_MD *md,
|
|
||||||
unsigned int flags);
|
|
||||||
EVP_PKEY_CTX *CMS_SignerInfo_get0_pkey_ctx(CMS_SignerInfo *si);
|
|
||||||
EVP_MD_CTX *CMS_SignerInfo_get0_md_ctx(CMS_SignerInfo *si);
|
|
||||||
STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms);
|
|
||||||
|
|
||||||
void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer);
|
|
||||||
int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si,
|
|
||||||
ASN1_OCTET_STRING **keyid,
|
|
||||||
X509_NAME **issuer, ASN1_INTEGER **sno);
|
|
||||||
int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert);
|
|
||||||
int CMS_set1_signers_certs(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
|
|
||||||
unsigned int flags);
|
|
||||||
void CMS_SignerInfo_get0_algs(CMS_SignerInfo *si, EVP_PKEY **pk,
|
|
||||||
X509 **signer, X509_ALGOR **pdig,
|
|
||||||
X509_ALGOR **psig);
|
|
||||||
ASN1_OCTET_STRING *CMS_SignerInfo_get0_signature(CMS_SignerInfo *si);
|
|
||||||
int CMS_SignerInfo_sign(CMS_SignerInfo *si);
|
|
||||||
int CMS_SignerInfo_verify(CMS_SignerInfo *si);
|
|
||||||
int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain);
|
|
||||||
|
|
||||||
int CMS_add_smimecap(CMS_SignerInfo *si, STACK_OF(X509_ALGOR) *algs);
|
|
||||||
int CMS_add_simple_smimecap(STACK_OF(X509_ALGOR) **algs,
|
|
||||||
int algnid, int keysize);
|
|
||||||
int CMS_add_standard_smimecap(STACK_OF(X509_ALGOR) **smcap);
|
|
||||||
|
|
||||||
int CMS_signed_get_attr_count(const CMS_SignerInfo *si);
|
|
||||||
int CMS_signed_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
|
|
||||||
int lastpos);
|
|
||||||
int CMS_signed_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
|
|
||||||
int lastpos);
|
|
||||||
X509_ATTRIBUTE *CMS_signed_get_attr(const CMS_SignerInfo *si, int loc);
|
|
||||||
X509_ATTRIBUTE *CMS_signed_delete_attr(CMS_SignerInfo *si, int loc);
|
|
||||||
int CMS_signed_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr);
|
|
||||||
int CMS_signed_add1_attr_by_OBJ(CMS_SignerInfo *si,
|
|
||||||
const ASN1_OBJECT *obj, int type,
|
|
||||||
const void *bytes, int len);
|
|
||||||
int CMS_signed_add1_attr_by_NID(CMS_SignerInfo *si,
|
|
||||||
int nid, int type,
|
|
||||||
const void *bytes, int len);
|
|
||||||
int CMS_signed_add1_attr_by_txt(CMS_SignerInfo *si,
|
|
||||||
const char *attrname, int type,
|
|
||||||
const void *bytes, int len);
|
|
||||||
void *CMS_signed_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
|
|
||||||
int lastpos, int type);
|
|
||||||
|
|
||||||
int CMS_unsigned_get_attr_count(const CMS_SignerInfo *si);
|
|
||||||
int CMS_unsigned_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
|
|
||||||
int lastpos);
|
|
||||||
int CMS_unsigned_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
|
|
||||||
int lastpos);
|
|
||||||
X509_ATTRIBUTE *CMS_unsigned_get_attr(const CMS_SignerInfo *si, int loc);
|
|
||||||
X509_ATTRIBUTE *CMS_unsigned_delete_attr(CMS_SignerInfo *si, int loc);
|
|
||||||
int CMS_unsigned_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr);
|
|
||||||
int CMS_unsigned_add1_attr_by_OBJ(CMS_SignerInfo *si,
|
|
||||||
const ASN1_OBJECT *obj, int type,
|
|
||||||
const void *bytes, int len);
|
|
||||||
int CMS_unsigned_add1_attr_by_NID(CMS_SignerInfo *si,
|
|
||||||
int nid, int type,
|
|
||||||
const void *bytes, int len);
|
|
||||||
int CMS_unsigned_add1_attr_by_txt(CMS_SignerInfo *si,
|
|
||||||
const char *attrname, int type,
|
|
||||||
const void *bytes, int len);
|
|
||||||
void *CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
|
|
||||||
int lastpos, int type);
|
|
||||||
|
|
||||||
# ifdef HEADER_X509V3_H
|
|
||||||
|
|
||||||
int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr);
|
|
||||||
CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
|
|
||||||
int allorfirst,
|
|
||||||
STACK_OF(GENERAL_NAMES)
|
|
||||||
*receiptList, STACK_OF(GENERAL_NAMES)
|
|
||||||
*receiptsTo);
|
|
||||||
int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr);
|
|
||||||
void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr,
|
|
||||||
ASN1_STRING **pcid,
|
|
||||||
int *pallorfirst,
|
|
||||||
STACK_OF(GENERAL_NAMES) **plist,
|
|
||||||
STACK_OF(GENERAL_NAMES) **prto);
|
|
||||||
# endif
|
|
||||||
int CMS_RecipientInfo_kari_get0_alg(CMS_RecipientInfo *ri,
|
|
||||||
X509_ALGOR **palg,
|
|
||||||
ASN1_OCTET_STRING **pukm);
|
|
||||||
STACK_OF(CMS_RecipientEncryptedKey)
|
|
||||||
*CMS_RecipientInfo_kari_get0_reks(CMS_RecipientInfo *ri);
|
|
||||||
|
|
||||||
int CMS_RecipientInfo_kari_get0_orig_id(CMS_RecipientInfo *ri,
|
|
||||||
X509_ALGOR **pubalg,
|
|
||||||
ASN1_BIT_STRING **pubkey,
|
|
||||||
ASN1_OCTET_STRING **keyid,
|
|
||||||
X509_NAME **issuer,
|
|
||||||
ASN1_INTEGER **sno);
|
|
||||||
|
|
||||||
int CMS_RecipientInfo_kari_orig_id_cmp(CMS_RecipientInfo *ri, X509 *cert);
|
|
||||||
|
|
||||||
int CMS_RecipientEncryptedKey_get0_id(CMS_RecipientEncryptedKey *rek,
|
|
||||||
ASN1_OCTET_STRING **keyid,
|
|
||||||
ASN1_GENERALIZEDTIME **tm,
|
|
||||||
CMS_OtherKeyAttribute **other,
|
|
||||||
X509_NAME **issuer, ASN1_INTEGER **sno);
|
|
||||||
int CMS_RecipientEncryptedKey_cert_cmp(CMS_RecipientEncryptedKey *rek,
|
|
||||||
X509 *cert);
|
|
||||||
int CMS_RecipientInfo_kari_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pk);
|
|
||||||
EVP_CIPHER_CTX *CMS_RecipientInfo_kari_get0_ctx(CMS_RecipientInfo *ri);
|
|
||||||
int CMS_RecipientInfo_kari_decrypt(CMS_ContentInfo *cms,
|
|
||||||
CMS_RecipientInfo *ri,
|
|
||||||
CMS_RecipientEncryptedKey *rek);
|
|
||||||
|
|
||||||
int CMS_SharedInfo_encode(unsigned char **pder, X509_ALGOR *kekalg,
|
|
||||||
ASN1_OCTET_STRING *ukm, int keylen);
|
|
||||||
|
|
||||||
/* BEGIN ERROR CODES */
|
|
||||||
/*
|
|
||||||
* The following lines are auto generated by the script mkerr.pl. Any changes
|
|
||||||
* made after this point may be overwritten when the script is next run.
|
|
||||||
*/
|
|
||||||
void ERR_load_CMS_strings(void);
|
|
||||||
|
|
||||||
/* Error codes for the CMS functions. */
|
|
||||||
|
|
||||||
/* Function codes. */
|
|
||||||
# define CMS_F_CHECK_CONTENT 99
|
|
||||||
# define CMS_F_CMS_ADD0_CERT 164
|
|
||||||
# define CMS_F_CMS_ADD0_RECIPIENT_KEY 100
|
|
||||||
# define CMS_F_CMS_ADD0_RECIPIENT_PASSWORD 165
|
|
||||||
# define CMS_F_CMS_ADD1_RECEIPTREQUEST 158
|
|
||||||
# define CMS_F_CMS_ADD1_RECIPIENT_CERT 101
|
|
||||||
# define CMS_F_CMS_ADD1_SIGNER 102
|
|
||||||
# define CMS_F_CMS_ADD1_SIGNINGTIME 103
|
|
||||||
# define CMS_F_CMS_COMPRESS 104
|
|
||||||
# define CMS_F_CMS_COMPRESSEDDATA_CREATE 105
|
|
||||||
# define CMS_F_CMS_COMPRESSEDDATA_INIT_BIO 106
|
|
||||||
# define CMS_F_CMS_COPY_CONTENT 107
|
|
||||||
# define CMS_F_CMS_COPY_MESSAGEDIGEST 108
|
|
||||||
# define CMS_F_CMS_DATA 109
|
|
||||||
# define CMS_F_CMS_DATAFINAL 110
|
|
||||||
# define CMS_F_CMS_DATAINIT 111
|
|
||||||
# define CMS_F_CMS_DECRYPT 112
|
|
||||||
# define CMS_F_CMS_DECRYPT_SET1_KEY 113
|
|
||||||
# define CMS_F_CMS_DECRYPT_SET1_PASSWORD 166
|
|
||||||
# define CMS_F_CMS_DECRYPT_SET1_PKEY 114
|
|
||||||
# define CMS_F_CMS_DIGESTALGORITHM_FIND_CTX 115
|
|
||||||
# define CMS_F_CMS_DIGESTALGORITHM_INIT_BIO 116
|
|
||||||
# define CMS_F_CMS_DIGESTEDDATA_DO_FINAL 117
|
|
||||||
# define CMS_F_CMS_DIGEST_VERIFY 118
|
|
||||||
# define CMS_F_CMS_ENCODE_RECEIPT 161
|
|
||||||
# define CMS_F_CMS_ENCRYPT 119
|
|
||||||
# define CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO 120
|
|
||||||
# define CMS_F_CMS_ENCRYPTEDDATA_DECRYPT 121
|
|
||||||
# define CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT 122
|
|
||||||
# define CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY 123
|
|
||||||
# define CMS_F_CMS_ENVELOPEDDATA_CREATE 124
|
|
||||||
# define CMS_F_CMS_ENVELOPEDDATA_INIT_BIO 125
|
|
||||||
# define CMS_F_CMS_ENVELOPED_DATA_INIT 126
|
|
||||||
# define CMS_F_CMS_ENV_ASN1_CTRL 171
|
|
||||||
# define CMS_F_CMS_FINAL 127
|
|
||||||
# define CMS_F_CMS_GET0_CERTIFICATE_CHOICES 128
|
|
||||||
# define CMS_F_CMS_GET0_CONTENT 129
|
|
||||||
# define CMS_F_CMS_GET0_ECONTENT_TYPE 130
|
|
||||||
# define CMS_F_CMS_GET0_ENVELOPED 131
|
|
||||||
# define CMS_F_CMS_GET0_REVOCATION_CHOICES 132
|
|
||||||
# define CMS_F_CMS_GET0_SIGNED 133
|
|
||||||
# define CMS_F_CMS_MSGSIGDIGEST_ADD1 162
|
|
||||||
# define CMS_F_CMS_RECEIPTREQUEST_CREATE0 159
|
|
||||||
# define CMS_F_CMS_RECEIPT_VERIFY 160
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_DECRYPT 134
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_ENCRYPT 169
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT 178
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG 175
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID 173
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_REKS 172
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_KARI_ORIG_ID_CMP 174
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT 135
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT 136
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID 137
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP 138
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP 139
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT 140
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT 141
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS 142
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID 143
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT 167
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_SET0_KEY 144
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD 168
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_SET0_PKEY 145
|
|
||||||
# define CMS_F_CMS_SD_ASN1_CTRL 170
|
|
||||||
# define CMS_F_CMS_SET1_IAS 176
|
|
||||||
# define CMS_F_CMS_SET1_KEYID 177
|
|
||||||
# define CMS_F_CMS_SET1_SIGNERIDENTIFIER 146
|
|
||||||
# define CMS_F_CMS_SET_DETACHED 147
|
|
||||||
# define CMS_F_CMS_SIGN 148
|
|
||||||
# define CMS_F_CMS_SIGNED_DATA_INIT 149
|
|
||||||
# define CMS_F_CMS_SIGNERINFO_CONTENT_SIGN 150
|
|
||||||
# define CMS_F_CMS_SIGNERINFO_SIGN 151
|
|
||||||
# define CMS_F_CMS_SIGNERINFO_VERIFY 152
|
|
||||||
# define CMS_F_CMS_SIGNERINFO_VERIFY_CERT 153
|
|
||||||
# define CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT 154
|
|
||||||
# define CMS_F_CMS_SIGN_RECEIPT 163
|
|
||||||
# define CMS_F_CMS_STREAM 155
|
|
||||||
# define CMS_F_CMS_UNCOMPRESS 156
|
|
||||||
# define CMS_F_CMS_VERIFY 157
|
|
||||||
|
|
||||||
/* Reason codes. */
|
|
||||||
# define CMS_R_ADD_SIGNER_ERROR 99
|
|
||||||
# define CMS_R_CERTIFICATE_ALREADY_PRESENT 175
|
|
||||||
# define CMS_R_CERTIFICATE_HAS_NO_KEYID 160
|
|
||||||
# define CMS_R_CERTIFICATE_VERIFY_ERROR 100
|
|
||||||
# define CMS_R_CIPHER_INITIALISATION_ERROR 101
|
|
||||||
# define CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR 102
|
|
||||||
# define CMS_R_CMS_DATAFINAL_ERROR 103
|
|
||||||
# define CMS_R_CMS_LIB 104
|
|
||||||
# define CMS_R_CONTENTIDENTIFIER_MISMATCH 170
|
|
||||||
# define CMS_R_CONTENT_NOT_FOUND 105
|
|
||||||
# define CMS_R_CONTENT_TYPE_MISMATCH 171
|
|
||||||
# define CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA 106
|
|
||||||
# define CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA 107
|
|
||||||
# define CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA 108
|
|
||||||
# define CMS_R_CONTENT_VERIFY_ERROR 109
|
|
||||||
# define CMS_R_CTRL_ERROR 110
|
|
||||||
# define CMS_R_CTRL_FAILURE 111
|
|
||||||
# define CMS_R_DECRYPT_ERROR 112
|
|
||||||
# define CMS_R_DIGEST_ERROR 161
|
|
||||||
# define CMS_R_ERROR_GETTING_PUBLIC_KEY 113
|
|
||||||
# define CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE 114
|
|
||||||
# define CMS_R_ERROR_SETTING_KEY 115
|
|
||||||
# define CMS_R_ERROR_SETTING_RECIPIENTINFO 116
|
|
||||||
# define CMS_R_INVALID_ENCRYPTED_KEY_LENGTH 117
|
|
||||||
# define CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER 176
|
|
||||||
# define CMS_R_INVALID_KEY_LENGTH 118
|
|
||||||
# define CMS_R_MD_BIO_INIT_ERROR 119
|
|
||||||
# define CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH 120
|
|
||||||
# define CMS_R_MESSAGEDIGEST_WRONG_LENGTH 121
|
|
||||||
# define CMS_R_MSGSIGDIGEST_ERROR 172
|
|
||||||
# define CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE 162
|
|
||||||
# define CMS_R_MSGSIGDIGEST_WRONG_LENGTH 163
|
|
||||||
# define CMS_R_NEED_ONE_SIGNER 164
|
|
||||||
# define CMS_R_NOT_A_SIGNED_RECEIPT 165
|
|
||||||
# define CMS_R_NOT_ENCRYPTED_DATA 122
|
|
||||||
# define CMS_R_NOT_KEK 123
|
|
||||||
# define CMS_R_NOT_KEY_AGREEMENT 181
|
|
||||||
# define CMS_R_NOT_KEY_TRANSPORT 124
|
|
||||||
# define CMS_R_NOT_PWRI 177
|
|
||||||
# define CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 125
|
|
||||||
# define CMS_R_NO_CIPHER 126
|
|
||||||
# define CMS_R_NO_CONTENT 127
|
|
||||||
# define CMS_R_NO_CONTENT_TYPE 173
|
|
||||||
# define CMS_R_NO_DEFAULT_DIGEST 128
|
|
||||||
# define CMS_R_NO_DIGEST_SET 129
|
|
||||||
# define CMS_R_NO_KEY 130
|
|
||||||
# define CMS_R_NO_KEY_OR_CERT 174
|
|
||||||
# define CMS_R_NO_MATCHING_DIGEST 131
|
|
||||||
# define CMS_R_NO_MATCHING_RECIPIENT 132
|
|
||||||
# define CMS_R_NO_MATCHING_SIGNATURE 166
|
|
||||||
# define CMS_R_NO_MSGSIGDIGEST 167
|
|
||||||
# define CMS_R_NO_PASSWORD 178
|
|
||||||
# define CMS_R_NO_PRIVATE_KEY 133
|
|
||||||
# define CMS_R_NO_PUBLIC_KEY 134
|
|
||||||
# define CMS_R_NO_RECEIPT_REQUEST 168
|
|
||||||
# define CMS_R_NO_SIGNERS 135
|
|
||||||
# define CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 136
|
|
||||||
# define CMS_R_RECEIPT_DECODE_ERROR 169
|
|
||||||
# define CMS_R_RECIPIENT_ERROR 137
|
|
||||||
# define CMS_R_SIGNER_CERTIFICATE_NOT_FOUND 138
|
|
||||||
# define CMS_R_SIGNFINAL_ERROR 139
|
|
||||||
# define CMS_R_SMIME_TEXT_ERROR 140
|
|
||||||
# define CMS_R_STORE_INIT_ERROR 141
|
|
||||||
# define CMS_R_TYPE_NOT_COMPRESSED_DATA 142
|
|
||||||
# define CMS_R_TYPE_NOT_DATA 143
|
|
||||||
# define CMS_R_TYPE_NOT_DIGESTED_DATA 144
|
|
||||||
# define CMS_R_TYPE_NOT_ENCRYPTED_DATA 145
|
|
||||||
# define CMS_R_TYPE_NOT_ENVELOPED_DATA 146
|
|
||||||
# define CMS_R_UNABLE_TO_FINALIZE_CONTEXT 147
|
|
||||||
# define CMS_R_UNKNOWN_CIPHER 148
|
|
||||||
# define CMS_R_UNKNOWN_DIGEST_ALGORIHM 149
|
|
||||||
# define CMS_R_UNKNOWN_ID 150
|
|
||||||
# define CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM 151
|
|
||||||
# define CMS_R_UNSUPPORTED_CONTENT_TYPE 152
|
|
||||||
# define CMS_R_UNSUPPORTED_KEK_ALGORITHM 153
|
|
||||||
# define CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM 179
|
|
||||||
# define CMS_R_UNSUPPORTED_RECIPIENT_TYPE 154
|
|
||||||
# define CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE 155
|
|
||||||
# define CMS_R_UNSUPPORTED_TYPE 156
|
|
||||||
# define CMS_R_UNWRAP_ERROR 157
|
|
||||||
# define CMS_R_UNWRAP_FAILURE 180
|
|
||||||
# define CMS_R_VERIFICATION_FAILURE 158
|
|
||||||
# define CMS_R_WRAP_ERROR 159
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#endif
|
|
|
@ -1,267 +0,0 @@
|
||||||
/* crypto/conf/conf.h */
|
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
|
||||||
* All rights reserved.
|
|
||||||
*
|
|
||||||
* This package is an SSL implementation written
|
|
||||||
* by Eric Young (eay@cryptsoft.com).
|
|
||||||
* The implementation was written so as to conform with Netscapes SSL.
|
|
||||||
*
|
|
||||||
* This library is free for commercial and non-commercial use as long as
|
|
||||||
* the following conditions are aheared to. The following conditions
|
|
||||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
||||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
||||||
* included with this distribution is covered by the same copyright terms
|
|
||||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
||||||
* the code are not to be removed.
|
|
||||||
* If this package is used in a product, Eric Young should be given attribution
|
|
||||||
* as the author of the parts of the library used.
|
|
||||||
* This can be in the form of a textual message at program startup or
|
|
||||||
* in documentation (online or textual) provided with the package.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. All advertising materials mentioning features or use of this software
|
|
||||||
* must display the following acknowledgement:
|
|
||||||
* "This product includes cryptographic software written by
|
|
||||||
* Eric Young (eay@cryptsoft.com)"
|
|
||||||
* The word 'cryptographic' can be left out if the rouines from the library
|
|
||||||
* being used are not cryptographic related :-).
|
|
||||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
||||||
* the apps directory (application code) you must include an acknowledgement:
|
|
||||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
||||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
||||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
||||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
* SUCH DAMAGE.
|
|
||||||
*
|
|
||||||
* The licence and distribution terms for any publically available version or
|
|
||||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
||||||
* copied and put under another distribution licence
|
|
||||||
* [including the GNU Public Licence.]
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_CONF_H
|
|
||||||
# define HEADER_CONF_H
|
|
||||||
|
|
||||||
# include <openssl/bio.h>
|
|
||||||
# include <openssl/lhash.h>
|
|
||||||
# include <openssl/stack.h>
|
|
||||||
# include <openssl/safestack.h>
|
|
||||||
# include <openssl/e_os2.h>
|
|
||||||
|
|
||||||
# include <openssl/ossl_typ.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
typedef struct {
|
|
||||||
char *section;
|
|
||||||
char *name;
|
|
||||||
char *value;
|
|
||||||
} CONF_VALUE;
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(CONF_VALUE)
|
|
||||||
DECLARE_LHASH_OF(CONF_VALUE);
|
|
||||||
|
|
||||||
struct conf_st;
|
|
||||||
struct conf_method_st;
|
|
||||||
typedef struct conf_method_st CONF_METHOD;
|
|
||||||
|
|
||||||
struct conf_method_st {
|
|
||||||
const char *name;
|
|
||||||
CONF *(*create) (CONF_METHOD *meth);
|
|
||||||
int (*init) (CONF *conf);
|
|
||||||
int (*destroy) (CONF *conf);
|
|
||||||
int (*destroy_data) (CONF *conf);
|
|
||||||
int (*load_bio) (CONF *conf, BIO *bp, long *eline);
|
|
||||||
int (*dump) (const CONF *conf, BIO *bp);
|
|
||||||
int (*is_number) (const CONF *conf, char c);
|
|
||||||
int (*to_int) (const CONF *conf, char c);
|
|
||||||
int (*load) (CONF *conf, const char *name, long *eline);
|
|
||||||
};
|
|
||||||
|
|
||||||
/* Module definitions */
|
|
||||||
|
|
||||||
typedef struct conf_imodule_st CONF_IMODULE;
|
|
||||||
typedef struct conf_module_st CONF_MODULE;
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(CONF_MODULE)
|
|
||||||
DECLARE_STACK_OF(CONF_IMODULE)
|
|
||||||
|
|
||||||
/* DSO module function typedefs */
|
|
||||||
typedef int conf_init_func (CONF_IMODULE *md, const CONF *cnf);
|
|
||||||
typedef void conf_finish_func (CONF_IMODULE *md);
|
|
||||||
|
|
||||||
# define CONF_MFLAGS_IGNORE_ERRORS 0x1
|
|
||||||
# define CONF_MFLAGS_IGNORE_RETURN_CODES 0x2
|
|
||||||
# define CONF_MFLAGS_SILENT 0x4
|
|
||||||
# define CONF_MFLAGS_NO_DSO 0x8
|
|
||||||
# define CONF_MFLAGS_IGNORE_MISSING_FILE 0x10
|
|
||||||
# define CONF_MFLAGS_DEFAULT_SECTION 0x20
|
|
||||||
|
|
||||||
int CONF_set_default_method(CONF_METHOD *meth);
|
|
||||||
void CONF_set_nconf(CONF *conf, LHASH_OF(CONF_VALUE) *hash);
|
|
||||||
LHASH_OF(CONF_VALUE) *CONF_load(LHASH_OF(CONF_VALUE) *conf, const char *file,
|
|
||||||
long *eline);
|
|
||||||
# ifndef OPENSSL_NO_FP_API
|
|
||||||
LHASH_OF(CONF_VALUE) *CONF_load_fp(LHASH_OF(CONF_VALUE) *conf, FILE *fp,
|
|
||||||
long *eline);
|
|
||||||
# endif
|
|
||||||
LHASH_OF(CONF_VALUE) *CONF_load_bio(LHASH_OF(CONF_VALUE) *conf, BIO *bp,
|
|
||||||
long *eline);
|
|
||||||
STACK_OF(CONF_VALUE) *CONF_get_section(LHASH_OF(CONF_VALUE) *conf,
|
|
||||||
const char *section);
|
|
||||||
char *CONF_get_string(LHASH_OF(CONF_VALUE) *conf, const char *group,
|
|
||||||
const char *name);
|
|
||||||
long CONF_get_number(LHASH_OF(CONF_VALUE) *conf, const char *group,
|
|
||||||
const char *name);
|
|
||||||
void CONF_free(LHASH_OF(CONF_VALUE) *conf);
|
|
||||||
int CONF_dump_fp(LHASH_OF(CONF_VALUE) *conf, FILE *out);
|
|
||||||
int CONF_dump_bio(LHASH_OF(CONF_VALUE) *conf, BIO *out);
|
|
||||||
|
|
||||||
void OPENSSL_config(const char *config_name);
|
|
||||||
void OPENSSL_no_config(void);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* New conf code. The semantics are different from the functions above. If
|
|
||||||
* that wasn't the case, the above functions would have been replaced
|
|
||||||
*/
|
|
||||||
|
|
||||||
struct conf_st {
|
|
||||||
CONF_METHOD *meth;
|
|
||||||
void *meth_data;
|
|
||||||
LHASH_OF(CONF_VALUE) *data;
|
|
||||||
};
|
|
||||||
|
|
||||||
CONF *NCONF_new(CONF_METHOD *meth);
|
|
||||||
CONF_METHOD *NCONF_default(void);
|
|
||||||
CONF_METHOD *NCONF_WIN32(void);
|
|
||||||
# if 0 /* Just to give you an idea of what I have in
|
|
||||||
* mind */
|
|
||||||
CONF_METHOD *NCONF_XML(void);
|
|
||||||
# endif
|
|
||||||
void NCONF_free(CONF *conf);
|
|
||||||
void NCONF_free_data(CONF *conf);
|
|
||||||
|
|
||||||
int NCONF_load(CONF *conf, const char *file, long *eline);
|
|
||||||
# ifndef OPENSSL_NO_FP_API
|
|
||||||
int NCONF_load_fp(CONF *conf, FILE *fp, long *eline);
|
|
||||||
# endif
|
|
||||||
int NCONF_load_bio(CONF *conf, BIO *bp, long *eline);
|
|
||||||
STACK_OF(CONF_VALUE) *NCONF_get_section(const CONF *conf,
|
|
||||||
const char *section);
|
|
||||||
char *NCONF_get_string(const CONF *conf, const char *group, const char *name);
|
|
||||||
int NCONF_get_number_e(const CONF *conf, const char *group, const char *name,
|
|
||||||
long *result);
|
|
||||||
int NCONF_dump_fp(const CONF *conf, FILE *out);
|
|
||||||
int NCONF_dump_bio(const CONF *conf, BIO *out);
|
|
||||||
|
|
||||||
# if 0 /* The following function has no error
|
|
||||||
* checking, and should therefore be avoided */
|
|
||||||
long NCONF_get_number(CONF *conf, char *group, char *name);
|
|
||||||
# else
|
|
||||||
# define NCONF_get_number(c,g,n,r) NCONF_get_number_e(c,g,n,r)
|
|
||||||
# endif
|
|
||||||
|
|
||||||
/* Module functions */
|
|
||||||
|
|
||||||
int CONF_modules_load(const CONF *cnf, const char *appname,
|
|
||||||
unsigned long flags);
|
|
||||||
int CONF_modules_load_file(const char *filename, const char *appname,
|
|
||||||
unsigned long flags);
|
|
||||||
void CONF_modules_unload(int all);
|
|
||||||
void CONF_modules_finish(void);
|
|
||||||
void CONF_modules_free(void);
|
|
||||||
int CONF_module_add(const char *name, conf_init_func *ifunc,
|
|
||||||
conf_finish_func *ffunc);
|
|
||||||
|
|
||||||
const char *CONF_imodule_get_name(const CONF_IMODULE *md);
|
|
||||||
const char *CONF_imodule_get_value(const CONF_IMODULE *md);
|
|
||||||
void *CONF_imodule_get_usr_data(const CONF_IMODULE *md);
|
|
||||||
void CONF_imodule_set_usr_data(CONF_IMODULE *md, void *usr_data);
|
|
||||||
CONF_MODULE *CONF_imodule_get_module(const CONF_IMODULE *md);
|
|
||||||
unsigned long CONF_imodule_get_flags(const CONF_IMODULE *md);
|
|
||||||
void CONF_imodule_set_flags(CONF_IMODULE *md, unsigned long flags);
|
|
||||||
void *CONF_module_get_usr_data(CONF_MODULE *pmod);
|
|
||||||
void CONF_module_set_usr_data(CONF_MODULE *pmod, void *usr_data);
|
|
||||||
|
|
||||||
char *CONF_get1_default_config_file(void);
|
|
||||||
|
|
||||||
int CONF_parse_list(const char *list, int sep, int nospc,
|
|
||||||
int (*list_cb) (const char *elem, int len, void *usr),
|
|
||||||
void *arg);
|
|
||||||
|
|
||||||
void OPENSSL_load_builtin_modules(void);
|
|
||||||
|
|
||||||
/* BEGIN ERROR CODES */
|
|
||||||
/*
|
|
||||||
* The following lines are auto generated by the script mkerr.pl. Any changes
|
|
||||||
* made after this point may be overwritten when the script is next run.
|
|
||||||
*/
|
|
||||||
void ERR_load_CONF_strings(void);
|
|
||||||
|
|
||||||
/* Error codes for the CONF functions. */
|
|
||||||
|
|
||||||
/* Function codes. */
|
|
||||||
# define CONF_F_CONF_DUMP_FP 104
|
|
||||||
# define CONF_F_CONF_LOAD 100
|
|
||||||
# define CONF_F_CONF_LOAD_BIO 102
|
|
||||||
# define CONF_F_CONF_LOAD_FP 103
|
|
||||||
# define CONF_F_CONF_MODULES_LOAD 116
|
|
||||||
# define CONF_F_CONF_PARSE_LIST 119
|
|
||||||
# define CONF_F_DEF_LOAD 120
|
|
||||||
# define CONF_F_DEF_LOAD_BIO 121
|
|
||||||
# define CONF_F_MODULE_INIT 115
|
|
||||||
# define CONF_F_MODULE_LOAD_DSO 117
|
|
||||||
# define CONF_F_MODULE_RUN 118
|
|
||||||
# define CONF_F_NCONF_DUMP_BIO 105
|
|
||||||
# define CONF_F_NCONF_DUMP_FP 106
|
|
||||||
# define CONF_F_NCONF_GET_NUMBER 107
|
|
||||||
# define CONF_F_NCONF_GET_NUMBER_E 112
|
|
||||||
# define CONF_F_NCONF_GET_SECTION 108
|
|
||||||
# define CONF_F_NCONF_GET_STRING 109
|
|
||||||
# define CONF_F_NCONF_LOAD 113
|
|
||||||
# define CONF_F_NCONF_LOAD_BIO 110
|
|
||||||
# define CONF_F_NCONF_LOAD_FP 114
|
|
||||||
# define CONF_F_NCONF_NEW 111
|
|
||||||
# define CONF_F_STR_COPY 101
|
|
||||||
|
|
||||||
/* Reason codes. */
|
|
||||||
# define CONF_R_ERROR_LOADING_DSO 110
|
|
||||||
# define CONF_R_LIST_CANNOT_BE_NULL 115
|
|
||||||
# define CONF_R_MISSING_CLOSE_SQUARE_BRACKET 100
|
|
||||||
# define CONF_R_MISSING_EQUAL_SIGN 101
|
|
||||||
# define CONF_R_MISSING_FINISH_FUNCTION 111
|
|
||||||
# define CONF_R_MISSING_INIT_FUNCTION 112
|
|
||||||
# define CONF_R_MODULE_INITIALIZATION_ERROR 109
|
|
||||||
# define CONF_R_NO_CLOSE_BRACE 102
|
|
||||||
# define CONF_R_NO_CONF 105
|
|
||||||
# define CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE 106
|
|
||||||
# define CONF_R_NO_SECTION 107
|
|
||||||
# define CONF_R_NO_SUCH_FILE 114
|
|
||||||
# define CONF_R_NO_VALUE 108
|
|
||||||
# define CONF_R_UNABLE_TO_CREATE_NEW_SECTION 103
|
|
||||||
# define CONF_R_UNKNOWN_MODULE_NAME 113
|
|
||||||
# define CONF_R_VARIABLE_HAS_NO_VALUE 104
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#endif
|
|
|
@ -1,89 +0,0 @@
|
||||||
/* conf_api.h */
|
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
|
||||||
* All rights reserved.
|
|
||||||
*
|
|
||||||
* This package is an SSL implementation written
|
|
||||||
* by Eric Young (eay@cryptsoft.com).
|
|
||||||
* The implementation was written so as to conform with Netscapes SSL.
|
|
||||||
*
|
|
||||||
* This library is free for commercial and non-commercial use as long as
|
|
||||||
* the following conditions are aheared to. The following conditions
|
|
||||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
||||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
||||||
* included with this distribution is covered by the same copyright terms
|
|
||||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
||||||
* the code are not to be removed.
|
|
||||||
* If this package is used in a product, Eric Young should be given attribution
|
|
||||||
* as the author of the parts of the library used.
|
|
||||||
* This can be in the form of a textual message at program startup or
|
|
||||||
* in documentation (online or textual) provided with the package.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. All advertising materials mentioning features or use of this software
|
|
||||||
* must display the following acknowledgement:
|
|
||||||
* "This product includes cryptographic software written by
|
|
||||||
* Eric Young (eay@cryptsoft.com)"
|
|
||||||
* The word 'cryptographic' can be left out if the rouines from the library
|
|
||||||
* being used are not cryptographic related :-).
|
|
||||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
||||||
* the apps directory (application code) you must include an acknowledgement:
|
|
||||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
||||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
||||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
||||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
* SUCH DAMAGE.
|
|
||||||
*
|
|
||||||
* The licence and distribution terms for any publically available version or
|
|
||||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
||||||
* copied and put under another distribution licence
|
|
||||||
* [including the GNU Public Licence.]
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_CONF_API_H
|
|
||||||
# define HEADER_CONF_API_H
|
|
||||||
|
|
||||||
# include <openssl/lhash.h>
|
|
||||||
# include <openssl/conf.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* Up until OpenSSL 0.9.5a, this was new_section */
|
|
||||||
CONF_VALUE *_CONF_new_section(CONF *conf, const char *section);
|
|
||||||
/* Up until OpenSSL 0.9.5a, this was get_section */
|
|
||||||
CONF_VALUE *_CONF_get_section(const CONF *conf, const char *section);
|
|
||||||
/* Up until OpenSSL 0.9.5a, this was CONF_get_section */
|
|
||||||
STACK_OF(CONF_VALUE) *_CONF_get_section_values(const CONF *conf,
|
|
||||||
const char *section);
|
|
||||||
|
|
||||||
int _CONF_add_string(CONF *conf, CONF_VALUE *section, CONF_VALUE *value);
|
|
||||||
char *_CONF_get_string(const CONF *conf, const char *section,
|
|
||||||
const char *name);
|
|
||||||
long _CONF_get_number(const CONF *conf, const char *section,
|
|
||||||
const char *name);
|
|
||||||
|
|
||||||
int _CONF_new_data(CONF *conf);
|
|
||||||
void _CONF_free_data(CONF *conf);
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#endif
|
|
|
@ -1,257 +0,0 @@
|
||||||
/* crypto/des/des.h */
|
|
||||||
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
|
|
||||||
* All rights reserved.
|
|
||||||
*
|
|
||||||
* This package is an SSL implementation written
|
|
||||||
* by Eric Young (eay@cryptsoft.com).
|
|
||||||
* The implementation was written so as to conform with Netscapes SSL.
|
|
||||||
*
|
|
||||||
* This library is free for commercial and non-commercial use as long as
|
|
||||||
* the following conditions are aheared to. The following conditions
|
|
||||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
||||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
||||||
* included with this distribution is covered by the same copyright terms
|
|
||||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
||||||
* the code are not to be removed.
|
|
||||||
* If this package is used in a product, Eric Young should be given attribution
|
|
||||||
* as the author of the parts of the library used.
|
|
||||||
* This can be in the form of a textual message at program startup or
|
|
||||||
* in documentation (online or textual) provided with the package.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. All advertising materials mentioning features or use of this software
|
|
||||||
* must display the following acknowledgement:
|
|
||||||
* "This product includes cryptographic software written by
|
|
||||||
* Eric Young (eay@cryptsoft.com)"
|
|
||||||
* The word 'cryptographic' can be left out if the rouines from the library
|
|
||||||
* being used are not cryptographic related :-).
|
|
||||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
||||||
* the apps directory (application code) you must include an acknowledgement:
|
|
||||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
||||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
||||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
||||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
* SUCH DAMAGE.
|
|
||||||
*
|
|
||||||
* The licence and distribution terms for any publically available version or
|
|
||||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
||||||
* copied and put under another distribution licence
|
|
||||||
* [including the GNU Public Licence.]
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_NEW_DES_H
|
|
||||||
# define HEADER_NEW_DES_H
|
|
||||||
|
|
||||||
# include <openssl/e_os2.h> /* OPENSSL_EXTERN, OPENSSL_NO_DES, DES_LONG
|
|
||||||
* (via openssl/opensslconf.h */
|
|
||||||
|
|
||||||
# ifdef OPENSSL_NO_DES
|
|
||||||
# error DES is disabled.
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# ifdef OPENSSL_BUILD_SHLIBCRYPTO
|
|
||||||
# undef OPENSSL_EXTERN
|
|
||||||
# define OPENSSL_EXTERN OPENSSL_EXPORT
|
|
||||||
# endif
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
typedef unsigned char DES_cblock[8];
|
|
||||||
typedef /* const */ unsigned char const_DES_cblock[8];
|
|
||||||
/*
|
|
||||||
* With "const", gcc 2.8.1 on Solaris thinks that DES_cblock * and
|
|
||||||
* const_DES_cblock * are incompatible pointer types.
|
|
||||||
*/
|
|
||||||
|
|
||||||
typedef struct DES_ks {
|
|
||||||
union {
|
|
||||||
DES_cblock cblock;
|
|
||||||
/*
|
|
||||||
* make sure things are correct size on machines with 8 byte longs
|
|
||||||
*/
|
|
||||||
DES_LONG deslong[2];
|
|
||||||
} ks[16];
|
|
||||||
} DES_key_schedule;
|
|
||||||
|
|
||||||
# ifndef OPENSSL_DISABLE_OLD_DES_SUPPORT
|
|
||||||
# ifndef OPENSSL_ENABLE_OLD_DES_SUPPORT
|
|
||||||
# define OPENSSL_ENABLE_OLD_DES_SUPPORT
|
|
||||||
# endif
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# ifdef OPENSSL_ENABLE_OLD_DES_SUPPORT
|
|
||||||
# include <openssl/des_old.h>
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# define DES_KEY_SZ (sizeof(DES_cblock))
|
|
||||||
# define DES_SCHEDULE_SZ (sizeof(DES_key_schedule))
|
|
||||||
|
|
||||||
# define DES_ENCRYPT 1
|
|
||||||
# define DES_DECRYPT 0
|
|
||||||
|
|
||||||
# define DES_CBC_MODE 0
|
|
||||||
# define DES_PCBC_MODE 1
|
|
||||||
|
|
||||||
# define DES_ecb2_encrypt(i,o,k1,k2,e) \
|
|
||||||
DES_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
|
|
||||||
|
|
||||||
# define DES_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
|
|
||||||
DES_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
|
|
||||||
|
|
||||||
# define DES_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
|
|
||||||
DES_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
|
|
||||||
|
|
||||||
# define DES_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
|
|
||||||
DES_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
|
|
||||||
|
|
||||||
OPENSSL_DECLARE_GLOBAL(int, DES_check_key); /* defaults to false */
|
|
||||||
# define DES_check_key OPENSSL_GLOBAL_REF(DES_check_key)
|
|
||||||
OPENSSL_DECLARE_GLOBAL(int, DES_rw_mode); /* defaults to DES_PCBC_MODE */
|
|
||||||
# define DES_rw_mode OPENSSL_GLOBAL_REF(DES_rw_mode)
|
|
||||||
|
|
||||||
const char *DES_options(void);
|
|
||||||
void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
|
|
||||||
DES_key_schedule *ks1, DES_key_schedule *ks2,
|
|
||||||
DES_key_schedule *ks3, int enc);
|
|
||||||
DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
|
|
||||||
long length, DES_key_schedule *schedule,
|
|
||||||
const_DES_cblock *ivec);
|
|
||||||
/* DES_cbc_encrypt does not update the IV! Use DES_ncbc_encrypt instead. */
|
|
||||||
void DES_cbc_encrypt(const unsigned char *input, unsigned char *output,
|
|
||||||
long length, DES_key_schedule *schedule,
|
|
||||||
DES_cblock *ivec, int enc);
|
|
||||||
void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
|
|
||||||
long length, DES_key_schedule *schedule,
|
|
||||||
DES_cblock *ivec, int enc);
|
|
||||||
void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
|
|
||||||
long length, DES_key_schedule *schedule,
|
|
||||||
DES_cblock *ivec, const_DES_cblock *inw,
|
|
||||||
const_DES_cblock *outw, int enc);
|
|
||||||
void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
|
|
||||||
long length, DES_key_schedule *schedule,
|
|
||||||
DES_cblock *ivec, int enc);
|
|
||||||
void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
|
|
||||||
DES_key_schedule *ks, int enc);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This is the DES encryption function that gets called by just about every
|
|
||||||
* other DES routine in the library. You should not use this function except
|
|
||||||
* to implement 'modes' of DES. I say this because the functions that call
|
|
||||||
* this routine do the conversion from 'char *' to long, and this needs to be
|
|
||||||
* done to make sure 'non-aligned' memory access do not occur. The
|
|
||||||
* characters are loaded 'little endian'. Data is a pointer to 2 unsigned
|
|
||||||
* long's and ks is the DES_key_schedule to use. enc, is non zero specifies
|
|
||||||
* encryption, zero if decryption.
|
|
||||||
*/
|
|
||||||
void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This functions is the same as DES_encrypt1() except that the DES initial
|
|
||||||
* permutation (IP) and final permutation (FP) have been left out. As for
|
|
||||||
* DES_encrypt1(), you should not use this function. It is used by the
|
|
||||||
* routines in the library that implement triple DES. IP() DES_encrypt2()
|
|
||||||
* DES_encrypt2() DES_encrypt2() FP() is the same as DES_encrypt1()
|
|
||||||
* DES_encrypt1() DES_encrypt1() except faster :-).
|
|
||||||
*/
|
|
||||||
void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks, int enc);
|
|
||||||
|
|
||||||
void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1,
|
|
||||||
DES_key_schedule *ks2, DES_key_schedule *ks3);
|
|
||||||
void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1,
|
|
||||||
DES_key_schedule *ks2, DES_key_schedule *ks3);
|
|
||||||
void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
|
|
||||||
long length,
|
|
||||||
DES_key_schedule *ks1, DES_key_schedule *ks2,
|
|
||||||
DES_key_schedule *ks3, DES_cblock *ivec, int enc);
|
|
||||||
void DES_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
long length,
|
|
||||||
DES_key_schedule *ks1, DES_key_schedule *ks2,
|
|
||||||
DES_key_schedule *ks3,
|
|
||||||
DES_cblock *ivec1, DES_cblock *ivec2, int enc);
|
|
||||||
void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
long length, DES_key_schedule *ks1,
|
|
||||||
DES_key_schedule *ks2, DES_key_schedule *ks3,
|
|
||||||
DES_cblock *ivec, int *num, int enc);
|
|
||||||
void DES_ede3_cfb_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
int numbits, long length, DES_key_schedule *ks1,
|
|
||||||
DES_key_schedule *ks2, DES_key_schedule *ks3,
|
|
||||||
DES_cblock *ivec, int enc);
|
|
||||||
void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
long length, DES_key_schedule *ks1,
|
|
||||||
DES_key_schedule *ks2, DES_key_schedule *ks3,
|
|
||||||
DES_cblock *ivec, int *num);
|
|
||||||
# if 0
|
|
||||||
void DES_xwhite_in2out(const_DES_cblock *DES_key, const_DES_cblock *in_white,
|
|
||||||
DES_cblock *out_white);
|
|
||||||
# endif
|
|
||||||
|
|
||||||
int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched,
|
|
||||||
DES_cblock *iv);
|
|
||||||
int DES_enc_write(int fd, const void *buf, int len, DES_key_schedule *sched,
|
|
||||||
DES_cblock *iv);
|
|
||||||
char *DES_fcrypt(const char *buf, const char *salt, char *ret);
|
|
||||||
char *DES_crypt(const char *buf, const char *salt);
|
|
||||||
void DES_ofb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
|
|
||||||
long length, DES_key_schedule *schedule,
|
|
||||||
DES_cblock *ivec);
|
|
||||||
void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
|
|
||||||
long length, DES_key_schedule *schedule,
|
|
||||||
DES_cblock *ivec, int enc);
|
|
||||||
DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
|
|
||||||
long length, int out_count, DES_cblock *seed);
|
|
||||||
int DES_random_key(DES_cblock *ret);
|
|
||||||
void DES_set_odd_parity(DES_cblock *key);
|
|
||||||
int DES_check_key_parity(const_DES_cblock *key);
|
|
||||||
int DES_is_weak_key(const_DES_cblock *key);
|
|
||||||
/*
|
|
||||||
* DES_set_key (= set_key = DES_key_sched = key_sched) calls
|
|
||||||
* DES_set_key_checked if global variable DES_check_key is set,
|
|
||||||
* DES_set_key_unchecked otherwise.
|
|
||||||
*/
|
|
||||||
int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
|
|
||||||
int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
|
|
||||||
int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
|
|
||||||
void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
|
|
||||||
# ifdef OPENSSL_FIPS
|
|
||||||
void private_DES_set_key_unchecked(const_DES_cblock *key,
|
|
||||||
DES_key_schedule *schedule);
|
|
||||||
# endif
|
|
||||||
void DES_string_to_key(const char *str, DES_cblock *key);
|
|
||||||
void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
|
|
||||||
void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
long length, DES_key_schedule *schedule,
|
|
||||||
DES_cblock *ivec, int *num, int enc);
|
|
||||||
void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
long length, DES_key_schedule *schedule,
|
|
||||||
DES_cblock *ivec, int *num);
|
|
||||||
|
|
||||||
int DES_read_password(DES_cblock *key, const char *prompt, int verify);
|
|
||||||
int DES_read_2passwords(DES_cblock *key1, DES_cblock *key2,
|
|
||||||
const char *prompt, int verify);
|
|
||||||
|
|
||||||
# define DES_fixup_key_parity DES_set_odd_parity
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif
|
|
|
@ -1,497 +0,0 @@
|
||||||
/* crypto/des/des_old.h -*- mode:C; c-file-style: "eay" -*- */
|
|
||||||
|
|
||||||
/*-
|
|
||||||
* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
|
|
||||||
*
|
|
||||||
* The function names in here are deprecated and are only present to
|
|
||||||
* provide an interface compatible with openssl 0.9.6 and older as
|
|
||||||
* well as libdes. OpenSSL now provides functions where "des_" has
|
|
||||||
* been replaced with "DES_" in the names, to make it possible to
|
|
||||||
* make incompatible changes that are needed for C type security and
|
|
||||||
* other stuff.
|
|
||||||
*
|
|
||||||
* This include files has two compatibility modes:
|
|
||||||
*
|
|
||||||
* - If OPENSSL_DES_LIBDES_COMPATIBILITY is defined, you get an API
|
|
||||||
* that is compatible with libdes and SSLeay.
|
|
||||||
* - If OPENSSL_DES_LIBDES_COMPATIBILITY isn't defined, you get an
|
|
||||||
* API that is compatible with OpenSSL 0.9.5x to 0.9.6x.
|
|
||||||
*
|
|
||||||
* Note that these modes break earlier snapshots of OpenSSL, where
|
|
||||||
* libdes compatibility was the only available mode or (later on) the
|
|
||||||
* prefered compatibility mode. However, after much consideration
|
|
||||||
* (and more or less violent discussions with external parties), it
|
|
||||||
* was concluded that OpenSSL should be compatible with earlier versions
|
|
||||||
* of itself before anything else. Also, in all honesty, libdes is
|
|
||||||
* an old beast that shouldn't really be used any more.
|
|
||||||
*
|
|
||||||
* Please consider starting to use the DES_ functions rather than the
|
|
||||||
* des_ ones. The des_ functions will disappear completely before
|
|
||||||
* OpenSSL 1.0!
|
|
||||||
*
|
|
||||||
* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
|
|
||||||
*/
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
|
|
||||||
* 2001.
|
|
||||||
*/
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
*
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
*
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in
|
|
||||||
* the documentation and/or other materials provided with the
|
|
||||||
* distribution.
|
|
||||||
*
|
|
||||||
* 3. All advertising materials mentioning features or use of this
|
|
||||||
* software must display the following acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
|
||||||
*
|
|
||||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* prior written permission. For written permission, please contact
|
|
||||||
* openssl-core@openssl.org.
|
|
||||||
*
|
|
||||||
* 5. Products derived from this software may not be called "OpenSSL"
|
|
||||||
* nor may "OpenSSL" appear in their names without prior written
|
|
||||||
* permission of the OpenSSL Project.
|
|
||||||
*
|
|
||||||
* 6. Redistributions of any form whatsoever must retain the following
|
|
||||||
* acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
||||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
||||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
||||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
||||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
||||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
||||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
||||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
||||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
* ====================================================================
|
|
||||||
*
|
|
||||||
* This product includes cryptographic software written by Eric Young
|
|
||||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
|
||||||
* Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_DES_H
|
|
||||||
# define HEADER_DES_H
|
|
||||||
|
|
||||||
# include <openssl/e_os2.h> /* OPENSSL_EXTERN, OPENSSL_NO_DES, DES_LONG */
|
|
||||||
|
|
||||||
# ifdef OPENSSL_NO_DES
|
|
||||||
# error DES is disabled.
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# ifndef HEADER_NEW_DES_H
|
|
||||||
# error You must include des.h, not des_old.h directly.
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# ifdef _KERBEROS_DES_H
|
|
||||||
# error <openssl/des_old.h> replaces <kerberos/des.h>.
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# include <openssl/symhacks.h>
|
|
||||||
|
|
||||||
# ifdef OPENSSL_BUILD_SHLIBCRYPTO
|
|
||||||
# undef OPENSSL_EXTERN
|
|
||||||
# define OPENSSL_EXTERN OPENSSL_EXPORT
|
|
||||||
# endif
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
# ifdef _
|
|
||||||
# undef _
|
|
||||||
# endif
|
|
||||||
|
|
||||||
typedef unsigned char _ossl_old_des_cblock[8];
|
|
||||||
typedef struct _ossl_old_des_ks_struct {
|
|
||||||
union {
|
|
||||||
_ossl_old_des_cblock _;
|
|
||||||
/*
|
|
||||||
* make sure things are correct size on machines with 8 byte longs
|
|
||||||
*/
|
|
||||||
DES_LONG pad[2];
|
|
||||||
} ks;
|
|
||||||
} _ossl_old_des_key_schedule[16];
|
|
||||||
|
|
||||||
# ifndef OPENSSL_DES_LIBDES_COMPATIBILITY
|
|
||||||
# define des_cblock DES_cblock
|
|
||||||
# define const_des_cblock const_DES_cblock
|
|
||||||
# define des_key_schedule DES_key_schedule
|
|
||||||
# define des_ecb3_encrypt(i,o,k1,k2,k3,e)\
|
|
||||||
DES_ecb3_encrypt((i),(o),&(k1),&(k2),&(k3),(e))
|
|
||||||
# define des_ede3_cbc_encrypt(i,o,l,k1,k2,k3,iv,e)\
|
|
||||||
DES_ede3_cbc_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(e))
|
|
||||||
# define des_ede3_cbcm_encrypt(i,o,l,k1,k2,k3,iv1,iv2,e)\
|
|
||||||
DES_ede3_cbcm_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv1),(iv2),(e))
|
|
||||||
# define des_ede3_cfb64_encrypt(i,o,l,k1,k2,k3,iv,n,e)\
|
|
||||||
DES_ede3_cfb64_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(n),(e))
|
|
||||||
# define des_ede3_ofb64_encrypt(i,o,l,k1,k2,k3,iv,n)\
|
|
||||||
DES_ede3_ofb64_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(n))
|
|
||||||
# define des_options()\
|
|
||||||
DES_options()
|
|
||||||
# define des_cbc_cksum(i,o,l,k,iv)\
|
|
||||||
DES_cbc_cksum((i),(o),(l),&(k),(iv))
|
|
||||||
# define des_cbc_encrypt(i,o,l,k,iv,e)\
|
|
||||||
DES_cbc_encrypt((i),(o),(l),&(k),(iv),(e))
|
|
||||||
# define des_ncbc_encrypt(i,o,l,k,iv,e)\
|
|
||||||
DES_ncbc_encrypt((i),(o),(l),&(k),(iv),(e))
|
|
||||||
# define des_xcbc_encrypt(i,o,l,k,iv,inw,outw,e)\
|
|
||||||
DES_xcbc_encrypt((i),(o),(l),&(k),(iv),(inw),(outw),(e))
|
|
||||||
# define des_cfb_encrypt(i,o,n,l,k,iv,e)\
|
|
||||||
DES_cfb_encrypt((i),(o),(n),(l),&(k),(iv),(e))
|
|
||||||
# define des_ecb_encrypt(i,o,k,e)\
|
|
||||||
DES_ecb_encrypt((i),(o),&(k),(e))
|
|
||||||
# define des_encrypt1(d,k,e)\
|
|
||||||
DES_encrypt1((d),&(k),(e))
|
|
||||||
# define des_encrypt2(d,k,e)\
|
|
||||||
DES_encrypt2((d),&(k),(e))
|
|
||||||
# define des_encrypt3(d,k1,k2,k3)\
|
|
||||||
DES_encrypt3((d),&(k1),&(k2),&(k3))
|
|
||||||
# define des_decrypt3(d,k1,k2,k3)\
|
|
||||||
DES_decrypt3((d),&(k1),&(k2),&(k3))
|
|
||||||
# define des_xwhite_in2out(k,i,o)\
|
|
||||||
DES_xwhite_in2out((k),(i),(o))
|
|
||||||
# define des_enc_read(f,b,l,k,iv)\
|
|
||||||
DES_enc_read((f),(b),(l),&(k),(iv))
|
|
||||||
# define des_enc_write(f,b,l,k,iv)\
|
|
||||||
DES_enc_write((f),(b),(l),&(k),(iv))
|
|
||||||
# define des_fcrypt(b,s,r)\
|
|
||||||
DES_fcrypt((b),(s),(r))
|
|
||||||
# if 0
|
|
||||||
# define des_crypt(b,s)\
|
|
||||||
DES_crypt((b),(s))
|
|
||||||
# if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) && !defined(__OpenBSD__)
|
|
||||||
# define crypt(b,s)\
|
|
||||||
DES_crypt((b),(s))
|
|
||||||
# endif
|
|
||||||
# endif
|
|
||||||
# define des_ofb_encrypt(i,o,n,l,k,iv)\
|
|
||||||
DES_ofb_encrypt((i),(o),(n),(l),&(k),(iv))
|
|
||||||
# define des_pcbc_encrypt(i,o,l,k,iv,e)\
|
|
||||||
DES_pcbc_encrypt((i),(o),(l),&(k),(iv),(e))
|
|
||||||
# define des_quad_cksum(i,o,l,c,s)\
|
|
||||||
DES_quad_cksum((i),(o),(l),(c),(s))
|
|
||||||
# define des_random_seed(k)\
|
|
||||||
_ossl_096_des_random_seed((k))
|
|
||||||
# define des_random_key(r)\
|
|
||||||
DES_random_key((r))
|
|
||||||
# define des_read_password(k,p,v) \
|
|
||||||
DES_read_password((k),(p),(v))
|
|
||||||
# define des_read_2passwords(k1,k2,p,v) \
|
|
||||||
DES_read_2passwords((k1),(k2),(p),(v))
|
|
||||||
# define des_set_odd_parity(k)\
|
|
||||||
DES_set_odd_parity((k))
|
|
||||||
# define des_check_key_parity(k)\
|
|
||||||
DES_check_key_parity((k))
|
|
||||||
# define des_is_weak_key(k)\
|
|
||||||
DES_is_weak_key((k))
|
|
||||||
# define des_set_key(k,ks)\
|
|
||||||
DES_set_key((k),&(ks))
|
|
||||||
# define des_key_sched(k,ks)\
|
|
||||||
DES_key_sched((k),&(ks))
|
|
||||||
# define des_set_key_checked(k,ks)\
|
|
||||||
DES_set_key_checked((k),&(ks))
|
|
||||||
# define des_set_key_unchecked(k,ks)\
|
|
||||||
DES_set_key_unchecked((k),&(ks))
|
|
||||||
# define des_string_to_key(s,k)\
|
|
||||||
DES_string_to_key((s),(k))
|
|
||||||
# define des_string_to_2keys(s,k1,k2)\
|
|
||||||
DES_string_to_2keys((s),(k1),(k2))
|
|
||||||
# define des_cfb64_encrypt(i,o,l,ks,iv,n,e)\
|
|
||||||
DES_cfb64_encrypt((i),(o),(l),&(ks),(iv),(n),(e))
|
|
||||||
# define des_ofb64_encrypt(i,o,l,ks,iv,n)\
|
|
||||||
DES_ofb64_encrypt((i),(o),(l),&(ks),(iv),(n))
|
|
||||||
|
|
||||||
# define des_ecb2_encrypt(i,o,k1,k2,e) \
|
|
||||||
des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
|
|
||||||
|
|
||||||
# define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
|
|
||||||
des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
|
|
||||||
|
|
||||||
# define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
|
|
||||||
des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
|
|
||||||
|
|
||||||
# define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
|
|
||||||
des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
|
|
||||||
|
|
||||||
# define des_check_key DES_check_key
|
|
||||||
# define des_rw_mode DES_rw_mode
|
|
||||||
# else /* libdes compatibility */
|
|
||||||
/*
|
|
||||||
* Map all symbol names to _ossl_old_des_* form, so we avoid all clashes with
|
|
||||||
* libdes
|
|
||||||
*/
|
|
||||||
# define des_cblock _ossl_old_des_cblock
|
|
||||||
# define des_key_schedule _ossl_old_des_key_schedule
|
|
||||||
# define des_ecb3_encrypt(i,o,k1,k2,k3,e)\
|
|
||||||
_ossl_old_des_ecb3_encrypt((i),(o),(k1),(k2),(k3),(e))
|
|
||||||
# define des_ede3_cbc_encrypt(i,o,l,k1,k2,k3,iv,e)\
|
|
||||||
_ossl_old_des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(e))
|
|
||||||
# define des_ede3_cfb64_encrypt(i,o,l,k1,k2,k3,iv,n,e)\
|
|
||||||
_ossl_old_des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(n),(e))
|
|
||||||
# define des_ede3_ofb64_encrypt(i,o,l,k1,k2,k3,iv,n)\
|
|
||||||
_ossl_old_des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(n))
|
|
||||||
# define des_options()\
|
|
||||||
_ossl_old_des_options()
|
|
||||||
# define des_cbc_cksum(i,o,l,k,iv)\
|
|
||||||
_ossl_old_des_cbc_cksum((i),(o),(l),(k),(iv))
|
|
||||||
# define des_cbc_encrypt(i,o,l,k,iv,e)\
|
|
||||||
_ossl_old_des_cbc_encrypt((i),(o),(l),(k),(iv),(e))
|
|
||||||
# define des_ncbc_encrypt(i,o,l,k,iv,e)\
|
|
||||||
_ossl_old_des_ncbc_encrypt((i),(o),(l),(k),(iv),(e))
|
|
||||||
# define des_xcbc_encrypt(i,o,l,k,iv,inw,outw,e)\
|
|
||||||
_ossl_old_des_xcbc_encrypt((i),(o),(l),(k),(iv),(inw),(outw),(e))
|
|
||||||
# define des_cfb_encrypt(i,o,n,l,k,iv,e)\
|
|
||||||
_ossl_old_des_cfb_encrypt((i),(o),(n),(l),(k),(iv),(e))
|
|
||||||
# define des_ecb_encrypt(i,o,k,e)\
|
|
||||||
_ossl_old_des_ecb_encrypt((i),(o),(k),(e))
|
|
||||||
# define des_encrypt(d,k,e)\
|
|
||||||
_ossl_old_des_encrypt((d),(k),(e))
|
|
||||||
# define des_encrypt2(d,k,e)\
|
|
||||||
_ossl_old_des_encrypt2((d),(k),(e))
|
|
||||||
# define des_encrypt3(d,k1,k2,k3)\
|
|
||||||
_ossl_old_des_encrypt3((d),(k1),(k2),(k3))
|
|
||||||
# define des_decrypt3(d,k1,k2,k3)\
|
|
||||||
_ossl_old_des_decrypt3((d),(k1),(k2),(k3))
|
|
||||||
# define des_xwhite_in2out(k,i,o)\
|
|
||||||
_ossl_old_des_xwhite_in2out((k),(i),(o))
|
|
||||||
# define des_enc_read(f,b,l,k,iv)\
|
|
||||||
_ossl_old_des_enc_read((f),(b),(l),(k),(iv))
|
|
||||||
# define des_enc_write(f,b,l,k,iv)\
|
|
||||||
_ossl_old_des_enc_write((f),(b),(l),(k),(iv))
|
|
||||||
# define des_fcrypt(b,s,r)\
|
|
||||||
_ossl_old_des_fcrypt((b),(s),(r))
|
|
||||||
# define des_crypt(b,s)\
|
|
||||||
_ossl_old_des_crypt((b),(s))
|
|
||||||
# if 0
|
|
||||||
# define crypt(b,s)\
|
|
||||||
_ossl_old_crypt((b),(s))
|
|
||||||
# endif
|
|
||||||
# define des_ofb_encrypt(i,o,n,l,k,iv)\
|
|
||||||
_ossl_old_des_ofb_encrypt((i),(o),(n),(l),(k),(iv))
|
|
||||||
# define des_pcbc_encrypt(i,o,l,k,iv,e)\
|
|
||||||
_ossl_old_des_pcbc_encrypt((i),(o),(l),(k),(iv),(e))
|
|
||||||
# define des_quad_cksum(i,o,l,c,s)\
|
|
||||||
_ossl_old_des_quad_cksum((i),(o),(l),(c),(s))
|
|
||||||
# define des_random_seed(k)\
|
|
||||||
_ossl_old_des_random_seed((k))
|
|
||||||
# define des_random_key(r)\
|
|
||||||
_ossl_old_des_random_key((r))
|
|
||||||
# define des_read_password(k,p,v) \
|
|
||||||
_ossl_old_des_read_password((k),(p),(v))
|
|
||||||
# define des_read_2passwords(k1,k2,p,v) \
|
|
||||||
_ossl_old_des_read_2passwords((k1),(k2),(p),(v))
|
|
||||||
# define des_set_odd_parity(k)\
|
|
||||||
_ossl_old_des_set_odd_parity((k))
|
|
||||||
# define des_is_weak_key(k)\
|
|
||||||
_ossl_old_des_is_weak_key((k))
|
|
||||||
# define des_set_key(k,ks)\
|
|
||||||
_ossl_old_des_set_key((k),(ks))
|
|
||||||
# define des_key_sched(k,ks)\
|
|
||||||
_ossl_old_des_key_sched((k),(ks))
|
|
||||||
# define des_string_to_key(s,k)\
|
|
||||||
_ossl_old_des_string_to_key((s),(k))
|
|
||||||
# define des_string_to_2keys(s,k1,k2)\
|
|
||||||
_ossl_old_des_string_to_2keys((s),(k1),(k2))
|
|
||||||
# define des_cfb64_encrypt(i,o,l,ks,iv,n,e)\
|
|
||||||
_ossl_old_des_cfb64_encrypt((i),(o),(l),(ks),(iv),(n),(e))
|
|
||||||
# define des_ofb64_encrypt(i,o,l,ks,iv,n)\
|
|
||||||
_ossl_old_des_ofb64_encrypt((i),(o),(l),(ks),(iv),(n))
|
|
||||||
|
|
||||||
# define des_ecb2_encrypt(i,o,k1,k2,e) \
|
|
||||||
des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
|
|
||||||
|
|
||||||
# define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
|
|
||||||
des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
|
|
||||||
|
|
||||||
# define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
|
|
||||||
des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
|
|
||||||
|
|
||||||
# define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
|
|
||||||
des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
|
|
||||||
|
|
||||||
# define des_check_key DES_check_key
|
|
||||||
# define des_rw_mode DES_rw_mode
|
|
||||||
# endif
|
|
||||||
|
|
||||||
const char *_ossl_old_des_options(void);
|
|
||||||
void _ossl_old_des_ecb3_encrypt(_ossl_old_des_cblock *input,
|
|
||||||
_ossl_old_des_cblock *output,
|
|
||||||
_ossl_old_des_key_schedule ks1,
|
|
||||||
_ossl_old_des_key_schedule ks2,
|
|
||||||
_ossl_old_des_key_schedule ks3, int enc);
|
|
||||||
DES_LONG _ossl_old_des_cbc_cksum(_ossl_old_des_cblock *input,
|
|
||||||
_ossl_old_des_cblock *output, long length,
|
|
||||||
_ossl_old_des_key_schedule schedule,
|
|
||||||
_ossl_old_des_cblock *ivec);
|
|
||||||
void _ossl_old_des_cbc_encrypt(_ossl_old_des_cblock *input,
|
|
||||||
_ossl_old_des_cblock *output, long length,
|
|
||||||
_ossl_old_des_key_schedule schedule,
|
|
||||||
_ossl_old_des_cblock *ivec, int enc);
|
|
||||||
void _ossl_old_des_ncbc_encrypt(_ossl_old_des_cblock *input,
|
|
||||||
_ossl_old_des_cblock *output, long length,
|
|
||||||
_ossl_old_des_key_schedule schedule,
|
|
||||||
_ossl_old_des_cblock *ivec, int enc);
|
|
||||||
void _ossl_old_des_xcbc_encrypt(_ossl_old_des_cblock *input,
|
|
||||||
_ossl_old_des_cblock *output, long length,
|
|
||||||
_ossl_old_des_key_schedule schedule,
|
|
||||||
_ossl_old_des_cblock *ivec,
|
|
||||||
_ossl_old_des_cblock *inw,
|
|
||||||
_ossl_old_des_cblock *outw, int enc);
|
|
||||||
void _ossl_old_des_cfb_encrypt(unsigned char *in, unsigned char *out,
|
|
||||||
int numbits, long length,
|
|
||||||
_ossl_old_des_key_schedule schedule,
|
|
||||||
_ossl_old_des_cblock *ivec, int enc);
|
|
||||||
void _ossl_old_des_ecb_encrypt(_ossl_old_des_cblock *input,
|
|
||||||
_ossl_old_des_cblock *output,
|
|
||||||
_ossl_old_des_key_schedule ks, int enc);
|
|
||||||
void _ossl_old_des_encrypt(DES_LONG *data, _ossl_old_des_key_schedule ks,
|
|
||||||
int enc);
|
|
||||||
void _ossl_old_des_encrypt2(DES_LONG *data, _ossl_old_des_key_schedule ks,
|
|
||||||
int enc);
|
|
||||||
void _ossl_old_des_encrypt3(DES_LONG *data, _ossl_old_des_key_schedule ks1,
|
|
||||||
_ossl_old_des_key_schedule ks2,
|
|
||||||
_ossl_old_des_key_schedule ks3);
|
|
||||||
void _ossl_old_des_decrypt3(DES_LONG *data, _ossl_old_des_key_schedule ks1,
|
|
||||||
_ossl_old_des_key_schedule ks2,
|
|
||||||
_ossl_old_des_key_schedule ks3);
|
|
||||||
void _ossl_old_des_ede3_cbc_encrypt(_ossl_old_des_cblock *input,
|
|
||||||
_ossl_old_des_cblock *output, long length,
|
|
||||||
_ossl_old_des_key_schedule ks1,
|
|
||||||
_ossl_old_des_key_schedule ks2,
|
|
||||||
_ossl_old_des_key_schedule ks3,
|
|
||||||
_ossl_old_des_cblock *ivec, int enc);
|
|
||||||
void _ossl_old_des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out,
|
|
||||||
long length,
|
|
||||||
_ossl_old_des_key_schedule ks1,
|
|
||||||
_ossl_old_des_key_schedule ks2,
|
|
||||||
_ossl_old_des_key_schedule ks3,
|
|
||||||
_ossl_old_des_cblock *ivec, int *num,
|
|
||||||
int enc);
|
|
||||||
void _ossl_old_des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out,
|
|
||||||
long length,
|
|
||||||
_ossl_old_des_key_schedule ks1,
|
|
||||||
_ossl_old_des_key_schedule ks2,
|
|
||||||
_ossl_old_des_key_schedule ks3,
|
|
||||||
_ossl_old_des_cblock *ivec, int *num);
|
|
||||||
# if 0
|
|
||||||
void _ossl_old_des_xwhite_in2out(_ossl_old_des_cblock (*des_key),
|
|
||||||
_ossl_old_des_cblock (*in_white),
|
|
||||||
_ossl_old_des_cblock (*out_white));
|
|
||||||
# endif
|
|
||||||
|
|
||||||
int _ossl_old_des_enc_read(int fd, char *buf, int len,
|
|
||||||
_ossl_old_des_key_schedule sched,
|
|
||||||
_ossl_old_des_cblock *iv);
|
|
||||||
int _ossl_old_des_enc_write(int fd, char *buf, int len,
|
|
||||||
_ossl_old_des_key_schedule sched,
|
|
||||||
_ossl_old_des_cblock *iv);
|
|
||||||
char *_ossl_old_des_fcrypt(const char *buf, const char *salt, char *ret);
|
|
||||||
char *_ossl_old_des_crypt(const char *buf, const char *salt);
|
|
||||||
# if !defined(PERL5) && !defined(NeXT)
|
|
||||||
char *_ossl_old_crypt(const char *buf, const char *salt);
|
|
||||||
# endif
|
|
||||||
void _ossl_old_des_ofb_encrypt(unsigned char *in, unsigned char *out,
|
|
||||||
int numbits, long length,
|
|
||||||
_ossl_old_des_key_schedule schedule,
|
|
||||||
_ossl_old_des_cblock *ivec);
|
|
||||||
void _ossl_old_des_pcbc_encrypt(_ossl_old_des_cblock *input,
|
|
||||||
_ossl_old_des_cblock *output, long length,
|
|
||||||
_ossl_old_des_key_schedule schedule,
|
|
||||||
_ossl_old_des_cblock *ivec, int enc);
|
|
||||||
DES_LONG _ossl_old_des_quad_cksum(_ossl_old_des_cblock *input,
|
|
||||||
_ossl_old_des_cblock *output, long length,
|
|
||||||
int out_count, _ossl_old_des_cblock *seed);
|
|
||||||
void _ossl_old_des_random_seed(_ossl_old_des_cblock key);
|
|
||||||
void _ossl_old_des_random_key(_ossl_old_des_cblock ret);
|
|
||||||
int _ossl_old_des_read_password(_ossl_old_des_cblock *key, const char *prompt,
|
|
||||||
int verify);
|
|
||||||
int _ossl_old_des_read_2passwords(_ossl_old_des_cblock *key1,
|
|
||||||
_ossl_old_des_cblock *key2,
|
|
||||||
const char *prompt, int verify);
|
|
||||||
void _ossl_old_des_set_odd_parity(_ossl_old_des_cblock *key);
|
|
||||||
int _ossl_old_des_is_weak_key(_ossl_old_des_cblock *key);
|
|
||||||
int _ossl_old_des_set_key(_ossl_old_des_cblock *key,
|
|
||||||
_ossl_old_des_key_schedule schedule);
|
|
||||||
int _ossl_old_des_key_sched(_ossl_old_des_cblock *key,
|
|
||||||
_ossl_old_des_key_schedule schedule);
|
|
||||||
void _ossl_old_des_string_to_key(char *str, _ossl_old_des_cblock *key);
|
|
||||||
void _ossl_old_des_string_to_2keys(char *str, _ossl_old_des_cblock *key1,
|
|
||||||
_ossl_old_des_cblock *key2);
|
|
||||||
void _ossl_old_des_cfb64_encrypt(unsigned char *in, unsigned char *out,
|
|
||||||
long length,
|
|
||||||
_ossl_old_des_key_schedule schedule,
|
|
||||||
_ossl_old_des_cblock *ivec, int *num,
|
|
||||||
int enc);
|
|
||||||
void _ossl_old_des_ofb64_encrypt(unsigned char *in, unsigned char *out,
|
|
||||||
long length,
|
|
||||||
_ossl_old_des_key_schedule schedule,
|
|
||||||
_ossl_old_des_cblock *ivec, int *num);
|
|
||||||
|
|
||||||
void _ossl_096_des_random_seed(des_cblock *key);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* The following definitions provide compatibility with the MIT Kerberos
|
|
||||||
* library. The _ossl_old_des_key_schedule structure is not binary
|
|
||||||
* compatible.
|
|
||||||
*/
|
|
||||||
|
|
||||||
# define _KERBEROS_DES_H
|
|
||||||
|
|
||||||
# define KRBDES_ENCRYPT DES_ENCRYPT
|
|
||||||
# define KRBDES_DECRYPT DES_DECRYPT
|
|
||||||
|
|
||||||
# ifdef KERBEROS
|
|
||||||
# define ENCRYPT DES_ENCRYPT
|
|
||||||
# define DECRYPT DES_DECRYPT
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# ifndef NCOMPAT
|
|
||||||
# define C_Block des_cblock
|
|
||||||
# define Key_schedule des_key_schedule
|
|
||||||
# define KEY_SZ DES_KEY_SZ
|
|
||||||
# define string_to_key des_string_to_key
|
|
||||||
# define read_pw_string des_read_pw_string
|
|
||||||
# define random_key des_random_key
|
|
||||||
# define pcbc_encrypt des_pcbc_encrypt
|
|
||||||
# define set_key des_set_key
|
|
||||||
# define key_sched des_key_sched
|
|
||||||
# define ecb_encrypt des_ecb_encrypt
|
|
||||||
# define cbc_encrypt des_cbc_encrypt
|
|
||||||
# define ncbc_encrypt des_ncbc_encrypt
|
|
||||||
# define xcbc_encrypt des_xcbc_encrypt
|
|
||||||
# define cbc_cksum des_cbc_cksum
|
|
||||||
# define quad_cksum des_quad_cksum
|
|
||||||
# define check_parity des_check_key_parity
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# define des_fixup_key_parity DES_fixup_key_parity
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* for DES_read_pw_string et al */
|
|
||||||
# include <openssl/ui_compat.h>
|
|
||||||
|
|
||||||
#endif
|
|
|
@ -1,451 +0,0 @@
|
||||||
/* dso.h -*- mode:C; c-file-style: "eay" -*- */
|
|
||||||
/*
|
|
||||||
* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
|
|
||||||
* 2000.
|
|
||||||
*/
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
*
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
*
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in
|
|
||||||
* the documentation and/or other materials provided with the
|
|
||||||
* distribution.
|
|
||||||
*
|
|
||||||
* 3. All advertising materials mentioning features or use of this
|
|
||||||
* software must display the following acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
|
||||||
*
|
|
||||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* prior written permission. For written permission, please contact
|
|
||||||
* licensing@OpenSSL.org.
|
|
||||||
*
|
|
||||||
* 5. Products derived from this software may not be called "OpenSSL"
|
|
||||||
* nor may "OpenSSL" appear in their names without prior written
|
|
||||||
* permission of the OpenSSL Project.
|
|
||||||
*
|
|
||||||
* 6. Redistributions of any form whatsoever must retain the following
|
|
||||||
* acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
||||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
||||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
||||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
||||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
||||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
||||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
||||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
||||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
* ====================================================================
|
|
||||||
*
|
|
||||||
* This product includes cryptographic software written by Eric Young
|
|
||||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
|
||||||
* Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_DSO_H
|
|
||||||
# define HEADER_DSO_H
|
|
||||||
|
|
||||||
# include <openssl/crypto.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* These values are used as commands to DSO_ctrl() */
|
|
||||||
# define DSO_CTRL_GET_FLAGS 1
|
|
||||||
# define DSO_CTRL_SET_FLAGS 2
|
|
||||||
# define DSO_CTRL_OR_FLAGS 3
|
|
||||||
|
|
||||||
/*
|
|
||||||
* By default, DSO_load() will translate the provided filename into a form
|
|
||||||
* typical for the platform (more specifically the DSO_METHOD) using the
|
|
||||||
* dso_name_converter function of the method. Eg. win32 will transform "blah"
|
|
||||||
* into "blah.dll", and dlfcn will transform it into "libblah.so". The
|
|
||||||
* behaviour can be overriden by setting the name_converter callback in the
|
|
||||||
* DSO object (using DSO_set_name_converter()). This callback could even
|
|
||||||
* utilise the DSO_METHOD's converter too if it only wants to override
|
|
||||||
* behaviour for one or two possible DSO methods. However, the following flag
|
|
||||||
* can be set in a DSO to prevent *any* native name-translation at all - eg.
|
|
||||||
* if the caller has prompted the user for a path to a driver library so the
|
|
||||||
* filename should be interpreted as-is.
|
|
||||||
*/
|
|
||||||
# define DSO_FLAG_NO_NAME_TRANSLATION 0x01
|
|
||||||
/*
|
|
||||||
* An extra flag to give if only the extension should be added as
|
|
||||||
* translation. This is obviously only of importance on Unix and other
|
|
||||||
* operating systems where the translation also may prefix the name with
|
|
||||||
* something, like 'lib', and ignored everywhere else. This flag is also
|
|
||||||
* ignored if DSO_FLAG_NO_NAME_TRANSLATION is used at the same time.
|
|
||||||
*/
|
|
||||||
# define DSO_FLAG_NAME_TRANSLATION_EXT_ONLY 0x02
|
|
||||||
|
|
||||||
/*
|
|
||||||
* The following flag controls the translation of symbol names to upper case.
|
|
||||||
* This is currently only being implemented for OpenVMS.
|
|
||||||
*/
|
|
||||||
# define DSO_FLAG_UPCASE_SYMBOL 0x10
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This flag loads the library with public symbols. Meaning: The exported
|
|
||||||
* symbols of this library are public to all libraries loaded after this
|
|
||||||
* library. At the moment only implemented in unix.
|
|
||||||
*/
|
|
||||||
# define DSO_FLAG_GLOBAL_SYMBOLS 0x20
|
|
||||||
|
|
||||||
typedef void (*DSO_FUNC_TYPE) (void);
|
|
||||||
|
|
||||||
typedef struct dso_st DSO;
|
|
||||||
|
|
||||||
/*
|
|
||||||
* The function prototype used for method functions (or caller-provided
|
|
||||||
* callbacks) that transform filenames. They are passed a DSO structure
|
|
||||||
* pointer (or NULL if they are to be used independantly of a DSO object) and
|
|
||||||
* a filename to transform. They should either return NULL (if there is an
|
|
||||||
* error condition) or a newly allocated string containing the transformed
|
|
||||||
* form that the caller will need to free with OPENSSL_free() when done.
|
|
||||||
*/
|
|
||||||
typedef char *(*DSO_NAME_CONVERTER_FUNC)(DSO *, const char *);
|
|
||||||
/*
|
|
||||||
* The function prototype used for method functions (or caller-provided
|
|
||||||
* callbacks) that merge two file specifications. They are passed a DSO
|
|
||||||
* structure pointer (or NULL if they are to be used independantly of a DSO
|
|
||||||
* object) and two file specifications to merge. They should either return
|
|
||||||
* NULL (if there is an error condition) or a newly allocated string
|
|
||||||
* containing the result of merging that the caller will need to free with
|
|
||||||
* OPENSSL_free() when done. Here, merging means that bits and pieces are
|
|
||||||
* taken from each of the file specifications and added together in whatever
|
|
||||||
* fashion that is sensible for the DSO method in question. The only rule
|
|
||||||
* that really applies is that if the two specification contain pieces of the
|
|
||||||
* same type, the copy from the first string takes priority. One could see
|
|
||||||
* it as the first specification is the one given by the user and the second
|
|
||||||
* being a bunch of defaults to add on if they're missing in the first.
|
|
||||||
*/
|
|
||||||
typedef char *(*DSO_MERGER_FUNC)(DSO *, const char *, const char *);
|
|
||||||
|
|
||||||
typedef struct dso_meth_st {
|
|
||||||
const char *name;
|
|
||||||
/*
|
|
||||||
* Loads a shared library, NB: new DSO_METHODs must ensure that a
|
|
||||||
* successful load populates the loaded_filename field, and likewise a
|
|
||||||
* successful unload OPENSSL_frees and NULLs it out.
|
|
||||||
*/
|
|
||||||
int (*dso_load) (DSO *dso);
|
|
||||||
/* Unloads a shared library */
|
|
||||||
int (*dso_unload) (DSO *dso);
|
|
||||||
/* Binds a variable */
|
|
||||||
void *(*dso_bind_var) (DSO *dso, const char *symname);
|
|
||||||
/*
|
|
||||||
* Binds a function - assumes a return type of DSO_FUNC_TYPE. This should
|
|
||||||
* be cast to the real function prototype by the caller. Platforms that
|
|
||||||
* don't have compatible representations for different prototypes (this
|
|
||||||
* is possible within ANSI C) are highly unlikely to have shared
|
|
||||||
* libraries at all, let alone a DSO_METHOD implemented for them.
|
|
||||||
*/
|
|
||||||
DSO_FUNC_TYPE (*dso_bind_func) (DSO *dso, const char *symname);
|
|
||||||
/* I don't think this would actually be used in any circumstances. */
|
|
||||||
# if 0
|
|
||||||
/* Unbinds a variable */
|
|
||||||
int (*dso_unbind_var) (DSO *dso, char *symname, void *symptr);
|
|
||||||
/* Unbinds a function */
|
|
||||||
int (*dso_unbind_func) (DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
|
|
||||||
# endif
|
|
||||||
/*
|
|
||||||
* The generic (yuck) "ctrl()" function. NB: Negative return values
|
|
||||||
* (rather than zero) indicate errors.
|
|
||||||
*/
|
|
||||||
long (*dso_ctrl) (DSO *dso, int cmd, long larg, void *parg);
|
|
||||||
/*
|
|
||||||
* The default DSO_METHOD-specific function for converting filenames to a
|
|
||||||
* canonical native form.
|
|
||||||
*/
|
|
||||||
DSO_NAME_CONVERTER_FUNC dso_name_converter;
|
|
||||||
/*
|
|
||||||
* The default DSO_METHOD-specific function for converting filenames to a
|
|
||||||
* canonical native form.
|
|
||||||
*/
|
|
||||||
DSO_MERGER_FUNC dso_merger;
|
|
||||||
/* [De]Initialisation handlers. */
|
|
||||||
int (*init) (DSO *dso);
|
|
||||||
int (*finish) (DSO *dso);
|
|
||||||
/* Return pathname of the module containing location */
|
|
||||||
int (*pathbyaddr) (void *addr, char *path, int sz);
|
|
||||||
/* Perform global symbol lookup, i.e. among *all* modules */
|
|
||||||
void *(*globallookup) (const char *symname);
|
|
||||||
} DSO_METHOD;
|
|
||||||
|
|
||||||
/**********************************************************************/
|
|
||||||
/* The low-level handle type used to refer to a loaded shared library */
|
|
||||||
|
|
||||||
struct dso_st {
|
|
||||||
DSO_METHOD *meth;
|
|
||||||
/*
|
|
||||||
* Standard dlopen uses a (void *). Win32 uses a HANDLE. VMS doesn't use
|
|
||||||
* anything but will need to cache the filename for use in the dso_bind
|
|
||||||
* handler. All in all, let each method control its own destiny.
|
|
||||||
* "Handles" and such go in a STACK.
|
|
||||||
*/
|
|
||||||
STACK_OF(void) *meth_data;
|
|
||||||
int references;
|
|
||||||
int flags;
|
|
||||||
/*
|
|
||||||
* For use by applications etc ... use this for your bits'n'pieces, don't
|
|
||||||
* touch meth_data!
|
|
||||||
*/
|
|
||||||
CRYPTO_EX_DATA ex_data;
|
|
||||||
/*
|
|
||||||
* If this callback function pointer is set to non-NULL, then it will be
|
|
||||||
* used in DSO_load() in place of meth->dso_name_converter. NB: This
|
|
||||||
* should normally set using DSO_set_name_converter().
|
|
||||||
*/
|
|
||||||
DSO_NAME_CONVERTER_FUNC name_converter;
|
|
||||||
/*
|
|
||||||
* If this callback function pointer is set to non-NULL, then it will be
|
|
||||||
* used in DSO_load() in place of meth->dso_merger. NB: This should
|
|
||||||
* normally set using DSO_set_merger().
|
|
||||||
*/
|
|
||||||
DSO_MERGER_FUNC merger;
|
|
||||||
/*
|
|
||||||
* This is populated with (a copy of) the platform-independant filename
|
|
||||||
* used for this DSO.
|
|
||||||
*/
|
|
||||||
char *filename;
|
|
||||||
/*
|
|
||||||
* This is populated with (a copy of) the translated filename by which
|
|
||||||
* the DSO was actually loaded. It is NULL iff the DSO is not currently
|
|
||||||
* loaded. NB: This is here because the filename translation process may
|
|
||||||
* involve a callback being invoked more than once not only to convert to
|
|
||||||
* a platform-specific form, but also to try different filenames in the
|
|
||||||
* process of trying to perform a load. As such, this variable can be
|
|
||||||
* used to indicate (a) whether this DSO structure corresponds to a
|
|
||||||
* loaded library or not, and (b) the filename with which it was actually
|
|
||||||
* loaded.
|
|
||||||
*/
|
|
||||||
char *loaded_filename;
|
|
||||||
};
|
|
||||||
|
|
||||||
DSO *DSO_new(void);
|
|
||||||
DSO *DSO_new_method(DSO_METHOD *method);
|
|
||||||
int DSO_free(DSO *dso);
|
|
||||||
int DSO_flags(DSO *dso);
|
|
||||||
int DSO_up_ref(DSO *dso);
|
|
||||||
long DSO_ctrl(DSO *dso, int cmd, long larg, void *parg);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This function sets the DSO's name_converter callback. If it is non-NULL,
|
|
||||||
* then it will be used instead of the associated DSO_METHOD's function. If
|
|
||||||
* oldcb is non-NULL then it is set to the function pointer value being
|
|
||||||
* replaced. Return value is non-zero for success.
|
|
||||||
*/
|
|
||||||
int DSO_set_name_converter(DSO *dso, DSO_NAME_CONVERTER_FUNC cb,
|
|
||||||
DSO_NAME_CONVERTER_FUNC *oldcb);
|
|
||||||
/*
|
|
||||||
* These functions can be used to get/set the platform-independant filename
|
|
||||||
* used for a DSO. NB: set will fail if the DSO is already loaded.
|
|
||||||
*/
|
|
||||||
const char *DSO_get_filename(DSO *dso);
|
|
||||||
int DSO_set_filename(DSO *dso, const char *filename);
|
|
||||||
/*
|
|
||||||
* This function will invoke the DSO's name_converter callback to translate a
|
|
||||||
* filename, or if the callback isn't set it will instead use the DSO_METHOD's
|
|
||||||
* converter. If "filename" is NULL, the "filename" in the DSO itself will be
|
|
||||||
* used. If the DSO_FLAG_NO_NAME_TRANSLATION flag is set, then the filename is
|
|
||||||
* simply duplicated. NB: This function is usually called from within a
|
|
||||||
* DSO_METHOD during the processing of a DSO_load() call, and is exposed so
|
|
||||||
* that caller-created DSO_METHODs can do the same thing. A non-NULL return
|
|
||||||
* value will need to be OPENSSL_free()'d.
|
|
||||||
*/
|
|
||||||
char *DSO_convert_filename(DSO *dso, const char *filename);
|
|
||||||
/*
|
|
||||||
* This function will invoke the DSO's merger callback to merge two file
|
|
||||||
* specifications, or if the callback isn't set it will instead use the
|
|
||||||
* DSO_METHOD's merger. A non-NULL return value will need to be
|
|
||||||
* OPENSSL_free()'d.
|
|
||||||
*/
|
|
||||||
char *DSO_merge(DSO *dso, const char *filespec1, const char *filespec2);
|
|
||||||
/*
|
|
||||||
* If the DSO is currently loaded, this returns the filename that it was
|
|
||||||
* loaded under, otherwise it returns NULL. So it is also useful as a test as
|
|
||||||
* to whether the DSO is currently loaded. NB: This will not necessarily
|
|
||||||
* return the same value as DSO_convert_filename(dso, dso->filename), because
|
|
||||||
* the DSO_METHOD's load function may have tried a variety of filenames (with
|
|
||||||
* and/or without the aid of the converters) before settling on the one it
|
|
||||||
* actually loaded.
|
|
||||||
*/
|
|
||||||
const char *DSO_get_loaded_filename(DSO *dso);
|
|
||||||
|
|
||||||
void DSO_set_default_method(DSO_METHOD *meth);
|
|
||||||
DSO_METHOD *DSO_get_default_method(void);
|
|
||||||
DSO_METHOD *DSO_get_method(DSO *dso);
|
|
||||||
DSO_METHOD *DSO_set_method(DSO *dso, DSO_METHOD *meth);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* The all-singing all-dancing load function, you normally pass NULL for the
|
|
||||||
* first and third parameters. Use DSO_up and DSO_free for subsequent
|
|
||||||
* reference count handling. Any flags passed in will be set in the
|
|
||||||
* constructed DSO after its init() function but before the load operation.
|
|
||||||
* If 'dso' is non-NULL, 'flags' is ignored.
|
|
||||||
*/
|
|
||||||
DSO *DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags);
|
|
||||||
|
|
||||||
/* This function binds to a variable inside a shared library. */
|
|
||||||
void *DSO_bind_var(DSO *dso, const char *symname);
|
|
||||||
|
|
||||||
/* This function binds to a function inside a shared library. */
|
|
||||||
DSO_FUNC_TYPE DSO_bind_func(DSO *dso, const char *symname);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This method is the default, but will beg, borrow, or steal whatever method
|
|
||||||
* should be the default on any particular platform (including
|
|
||||||
* DSO_METH_null() if necessary).
|
|
||||||
*/
|
|
||||||
DSO_METHOD *DSO_METHOD_openssl(void);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This method is defined for all platforms - if a platform has no DSO
|
|
||||||
* support then this will be the only method!
|
|
||||||
*/
|
|
||||||
DSO_METHOD *DSO_METHOD_null(void);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* If DSO_DLFCN is defined, the standard dlfcn.h-style functions (dlopen,
|
|
||||||
* dlclose, dlsym, etc) will be used and incorporated into this method. If
|
|
||||||
* not, this method will return NULL.
|
|
||||||
*/
|
|
||||||
DSO_METHOD *DSO_METHOD_dlfcn(void);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* If DSO_DL is defined, the standard dl.h-style functions (shl_load,
|
|
||||||
* shl_unload, shl_findsym, etc) will be used and incorporated into this
|
|
||||||
* method. If not, this method will return NULL.
|
|
||||||
*/
|
|
||||||
DSO_METHOD *DSO_METHOD_dl(void);
|
|
||||||
|
|
||||||
/* If WIN32 is defined, use DLLs. If not, return NULL. */
|
|
||||||
DSO_METHOD *DSO_METHOD_win32(void);
|
|
||||||
|
|
||||||
/* If VMS is defined, use shared images. If not, return NULL. */
|
|
||||||
DSO_METHOD *DSO_METHOD_vms(void);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This function writes null-terminated pathname of DSO module containing
|
|
||||||
* 'addr' into 'sz' large caller-provided 'path' and returns the number of
|
|
||||||
* characters [including trailing zero] written to it. If 'sz' is 0 or
|
|
||||||
* negative, 'path' is ignored and required amount of charachers [including
|
|
||||||
* trailing zero] to accomodate pathname is returned. If 'addr' is NULL, then
|
|
||||||
* pathname of cryptolib itself is returned. Negative or zero return value
|
|
||||||
* denotes error.
|
|
||||||
*/
|
|
||||||
int DSO_pathbyaddr(void *addr, char *path, int sz);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This function should be used with caution! It looks up symbols in *all*
|
|
||||||
* loaded modules and if module gets unloaded by somebody else attempt to
|
|
||||||
* dereference the pointer is doomed to have fatal consequences. Primary
|
|
||||||
* usage for this function is to probe *core* system functionality, e.g.
|
|
||||||
* check if getnameinfo(3) is available at run-time without bothering about
|
|
||||||
* OS-specific details such as libc.so.versioning or where does it actually
|
|
||||||
* reside: in libc itself or libsocket.
|
|
||||||
*/
|
|
||||||
void *DSO_global_lookup(const char *name);
|
|
||||||
|
|
||||||
/* If BeOS is defined, use shared images. If not, return NULL. */
|
|
||||||
DSO_METHOD *DSO_METHOD_beos(void);
|
|
||||||
|
|
||||||
/* BEGIN ERROR CODES */
|
|
||||||
/*
|
|
||||||
* The following lines are auto generated by the script mkerr.pl. Any changes
|
|
||||||
* made after this point may be overwritten when the script is next run.
|
|
||||||
*/
|
|
||||||
void ERR_load_DSO_strings(void);
|
|
||||||
|
|
||||||
/* Error codes for the DSO functions. */
|
|
||||||
|
|
||||||
/* Function codes. */
|
|
||||||
# define DSO_F_BEOS_BIND_FUNC 144
|
|
||||||
# define DSO_F_BEOS_BIND_VAR 145
|
|
||||||
# define DSO_F_BEOS_LOAD 146
|
|
||||||
# define DSO_F_BEOS_NAME_CONVERTER 147
|
|
||||||
# define DSO_F_BEOS_UNLOAD 148
|
|
||||||
# define DSO_F_DLFCN_BIND_FUNC 100
|
|
||||||
# define DSO_F_DLFCN_BIND_VAR 101
|
|
||||||
# define DSO_F_DLFCN_LOAD 102
|
|
||||||
# define DSO_F_DLFCN_MERGER 130
|
|
||||||
# define DSO_F_DLFCN_NAME_CONVERTER 123
|
|
||||||
# define DSO_F_DLFCN_UNLOAD 103
|
|
||||||
# define DSO_F_DL_BIND_FUNC 104
|
|
||||||
# define DSO_F_DL_BIND_VAR 105
|
|
||||||
# define DSO_F_DL_LOAD 106
|
|
||||||
# define DSO_F_DL_MERGER 131
|
|
||||||
# define DSO_F_DL_NAME_CONVERTER 124
|
|
||||||
# define DSO_F_DL_UNLOAD 107
|
|
||||||
# define DSO_F_DSO_BIND_FUNC 108
|
|
||||||
# define DSO_F_DSO_BIND_VAR 109
|
|
||||||
# define DSO_F_DSO_CONVERT_FILENAME 126
|
|
||||||
# define DSO_F_DSO_CTRL 110
|
|
||||||
# define DSO_F_DSO_FREE 111
|
|
||||||
# define DSO_F_DSO_GET_FILENAME 127
|
|
||||||
# define DSO_F_DSO_GET_LOADED_FILENAME 128
|
|
||||||
# define DSO_F_DSO_GLOBAL_LOOKUP 139
|
|
||||||
# define DSO_F_DSO_LOAD 112
|
|
||||||
# define DSO_F_DSO_MERGE 132
|
|
||||||
# define DSO_F_DSO_NEW_METHOD 113
|
|
||||||
# define DSO_F_DSO_PATHBYADDR 140
|
|
||||||
# define DSO_F_DSO_SET_FILENAME 129
|
|
||||||
# define DSO_F_DSO_SET_NAME_CONVERTER 122
|
|
||||||
# define DSO_F_DSO_UP_REF 114
|
|
||||||
# define DSO_F_GLOBAL_LOOKUP_FUNC 138
|
|
||||||
# define DSO_F_PATHBYADDR 137
|
|
||||||
# define DSO_F_VMS_BIND_SYM 115
|
|
||||||
# define DSO_F_VMS_LOAD 116
|
|
||||||
# define DSO_F_VMS_MERGER 133
|
|
||||||
# define DSO_F_VMS_UNLOAD 117
|
|
||||||
# define DSO_F_WIN32_BIND_FUNC 118
|
|
||||||
# define DSO_F_WIN32_BIND_VAR 119
|
|
||||||
# define DSO_F_WIN32_GLOBALLOOKUP 142
|
|
||||||
# define DSO_F_WIN32_GLOBALLOOKUP_FUNC 143
|
|
||||||
# define DSO_F_WIN32_JOINER 135
|
|
||||||
# define DSO_F_WIN32_LOAD 120
|
|
||||||
# define DSO_F_WIN32_MERGER 134
|
|
||||||
# define DSO_F_WIN32_NAME_CONVERTER 125
|
|
||||||
# define DSO_F_WIN32_PATHBYADDR 141
|
|
||||||
# define DSO_F_WIN32_SPLITTER 136
|
|
||||||
# define DSO_F_WIN32_UNLOAD 121
|
|
||||||
|
|
||||||
/* Reason codes. */
|
|
||||||
# define DSO_R_CTRL_FAILED 100
|
|
||||||
# define DSO_R_DSO_ALREADY_LOADED 110
|
|
||||||
# define DSO_R_EMPTY_FILE_STRUCTURE 113
|
|
||||||
# define DSO_R_FAILURE 114
|
|
||||||
# define DSO_R_FILENAME_TOO_BIG 101
|
|
||||||
# define DSO_R_FINISH_FAILED 102
|
|
||||||
# define DSO_R_INCORRECT_FILE_SYNTAX 115
|
|
||||||
# define DSO_R_LOAD_FAILED 103
|
|
||||||
# define DSO_R_NAME_TRANSLATION_FAILED 109
|
|
||||||
# define DSO_R_NO_FILENAME 111
|
|
||||||
# define DSO_R_NO_FILE_SPECIFICATION 116
|
|
||||||
# define DSO_R_NULL_HANDLE 104
|
|
||||||
# define DSO_R_SET_FILENAME_FAILED 112
|
|
||||||
# define DSO_R_STACK_ERROR 105
|
|
||||||
# define DSO_R_SYM_FAILURE 106
|
|
||||||
# define DSO_R_UNLOAD_FAILED 107
|
|
||||||
# define DSO_R_UNSUPPORTED 108
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#endif
|
|
|
@ -1,26 +0,0 @@
|
||||||
/* crypto/ebcdic.h */
|
|
||||||
|
|
||||||
#ifndef HEADER_EBCDIC_H
|
|
||||||
# define HEADER_EBCDIC_H
|
|
||||||
|
|
||||||
# include <sys/types.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* Avoid name clashes with other applications */
|
|
||||||
# define os_toascii _openssl_os_toascii
|
|
||||||
# define os_toebcdic _openssl_os_toebcdic
|
|
||||||
# define ebcdic2ascii _openssl_ebcdic2ascii
|
|
||||||
# define ascii2ebcdic _openssl_ascii2ebcdic
|
|
||||||
|
|
||||||
extern const unsigned char os_toascii[256];
|
|
||||||
extern const unsigned char os_toebcdic[256];
|
|
||||||
void *ebcdic2ascii(void *dest, const void *srce, size_t count);
|
|
||||||
void *ascii2ebcdic(void *dest, const void *srce, size_t count);
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#endif
|
|
|
@ -1,960 +0,0 @@
|
||||||
/* openssl/engine.h */
|
|
||||||
/*
|
|
||||||
* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
|
|
||||||
* 2000.
|
|
||||||
*/
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
*
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
*
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in
|
|
||||||
* the documentation and/or other materials provided with the
|
|
||||||
* distribution.
|
|
||||||
*
|
|
||||||
* 3. All advertising materials mentioning features or use of this
|
|
||||||
* software must display the following acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
|
||||||
*
|
|
||||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* prior written permission. For written permission, please contact
|
|
||||||
* licensing@OpenSSL.org.
|
|
||||||
*
|
|
||||||
* 5. Products derived from this software may not be called "OpenSSL"
|
|
||||||
* nor may "OpenSSL" appear in their names without prior written
|
|
||||||
* permission of the OpenSSL Project.
|
|
||||||
*
|
|
||||||
* 6. Redistributions of any form whatsoever must retain the following
|
|
||||||
* acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
||||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
||||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
||||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
||||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
||||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
||||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
||||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
||||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
* ====================================================================
|
|
||||||
*
|
|
||||||
* This product includes cryptographic software written by Eric Young
|
|
||||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
|
||||||
* Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
|
|
||||||
* ECDH support in OpenSSL originally developed by
|
|
||||||
* SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_ENGINE_H
|
|
||||||
# define HEADER_ENGINE_H
|
|
||||||
|
|
||||||
# include <openssl/opensslconf.h>
|
|
||||||
|
|
||||||
# ifdef OPENSSL_NO_ENGINE
|
|
||||||
# error ENGINE is disabled.
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# ifndef OPENSSL_NO_DEPRECATED
|
|
||||||
# include <openssl/bn.h>
|
|
||||||
# ifndef OPENSSL_NO_RSA
|
|
||||||
# include <openssl/rsa.h>
|
|
||||||
# endif
|
|
||||||
# ifndef OPENSSL_NO_DSA
|
|
||||||
# include <openssl/dsa.h>
|
|
||||||
# endif
|
|
||||||
# ifndef OPENSSL_NO_DH
|
|
||||||
# include <openssl/dh.h>
|
|
||||||
# endif
|
|
||||||
# ifndef OPENSSL_NO_ECDH
|
|
||||||
# include <openssl/ecdh.h>
|
|
||||||
# endif
|
|
||||||
# ifndef OPENSSL_NO_ECDSA
|
|
||||||
# include <openssl/ecdsa.h>
|
|
||||||
# endif
|
|
||||||
# include <openssl/rand.h>
|
|
||||||
# include <openssl/ui.h>
|
|
||||||
# include <openssl/err.h>
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# include <openssl/ossl_typ.h>
|
|
||||||
# include <openssl/symhacks.h>
|
|
||||||
|
|
||||||
# include <openssl/x509.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/*
|
|
||||||
* These flags are used to control combinations of algorithm (methods) by
|
|
||||||
* bitwise "OR"ing.
|
|
||||||
*/
|
|
||||||
# define ENGINE_METHOD_RSA (unsigned int)0x0001
|
|
||||||
# define ENGINE_METHOD_DSA (unsigned int)0x0002
|
|
||||||
# define ENGINE_METHOD_DH (unsigned int)0x0004
|
|
||||||
# define ENGINE_METHOD_RAND (unsigned int)0x0008
|
|
||||||
# define ENGINE_METHOD_ECDH (unsigned int)0x0010
|
|
||||||
# define ENGINE_METHOD_ECDSA (unsigned int)0x0020
|
|
||||||
# define ENGINE_METHOD_CIPHERS (unsigned int)0x0040
|
|
||||||
# define ENGINE_METHOD_DIGESTS (unsigned int)0x0080
|
|
||||||
# define ENGINE_METHOD_STORE (unsigned int)0x0100
|
|
||||||
# define ENGINE_METHOD_PKEY_METHS (unsigned int)0x0200
|
|
||||||
# define ENGINE_METHOD_PKEY_ASN1_METHS (unsigned int)0x0400
|
|
||||||
/* Obvious all-or-nothing cases. */
|
|
||||||
# define ENGINE_METHOD_ALL (unsigned int)0xFFFF
|
|
||||||
# define ENGINE_METHOD_NONE (unsigned int)0x0000
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This(ese) flag(s) controls behaviour of the ENGINE_TABLE mechanism used
|
|
||||||
* internally to control registration of ENGINE implementations, and can be
|
|
||||||
* set by ENGINE_set_table_flags(). The "NOINIT" flag prevents attempts to
|
|
||||||
* initialise registered ENGINEs if they are not already initialised.
|
|
||||||
*/
|
|
||||||
# define ENGINE_TABLE_FLAG_NOINIT (unsigned int)0x0001
|
|
||||||
|
|
||||||
/* ENGINE flags that can be set by ENGINE_set_flags(). */
|
|
||||||
/* Not used */
|
|
||||||
/* #define ENGINE_FLAGS_MALLOCED 0x0001 */
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This flag is for ENGINEs that wish to handle the various 'CMD'-related
|
|
||||||
* control commands on their own. Without this flag, ENGINE_ctrl() handles
|
|
||||||
* these control commands on behalf of the ENGINE using their "cmd_defns"
|
|
||||||
* data.
|
|
||||||
*/
|
|
||||||
# define ENGINE_FLAGS_MANUAL_CMD_CTRL (int)0x0002
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This flag is for ENGINEs who return new duplicate structures when found
|
|
||||||
* via "ENGINE_by_id()". When an ENGINE must store state (eg. if
|
|
||||||
* ENGINE_ctrl() commands are called in sequence as part of some stateful
|
|
||||||
* process like key-generation setup and execution), it can set this flag -
|
|
||||||
* then each attempt to obtain the ENGINE will result in it being copied into
|
|
||||||
* a new structure. Normally, ENGINEs don't declare this flag so
|
|
||||||
* ENGINE_by_id() just increments the existing ENGINE's structural reference
|
|
||||||
* count.
|
|
||||||
*/
|
|
||||||
# define ENGINE_FLAGS_BY_ID_COPY (int)0x0004
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This flag if for an ENGINE that does not want its methods registered as
|
|
||||||
* part of ENGINE_register_all_complete() for example if the methods are not
|
|
||||||
* usable as default methods.
|
|
||||||
*/
|
|
||||||
|
|
||||||
# define ENGINE_FLAGS_NO_REGISTER_ALL (int)0x0008
|
|
||||||
|
|
||||||
/*
|
|
||||||
* ENGINEs can support their own command types, and these flags are used in
|
|
||||||
* ENGINE_CTRL_GET_CMD_FLAGS to indicate to the caller what kind of input
|
|
||||||
* each command expects. Currently only numeric and string input is
|
|
||||||
* supported. If a control command supports none of the _NUMERIC, _STRING, or
|
|
||||||
* _NO_INPUT options, then it is regarded as an "internal" control command -
|
|
||||||
* and not for use in config setting situations. As such, they're not
|
|
||||||
* available to the ENGINE_ctrl_cmd_string() function, only raw ENGINE_ctrl()
|
|
||||||
* access. Changes to this list of 'command types' should be reflected
|
|
||||||
* carefully in ENGINE_cmd_is_executable() and ENGINE_ctrl_cmd_string().
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* accepts a 'long' input value (3rd parameter to ENGINE_ctrl) */
|
|
||||||
# define ENGINE_CMD_FLAG_NUMERIC (unsigned int)0x0001
|
|
||||||
/*
|
|
||||||
* accepts string input (cast from 'void*' to 'const char *', 4th parameter
|
|
||||||
* to ENGINE_ctrl)
|
|
||||||
*/
|
|
||||||
# define ENGINE_CMD_FLAG_STRING (unsigned int)0x0002
|
|
||||||
/*
|
|
||||||
* Indicates that the control command takes *no* input. Ie. the control
|
|
||||||
* command is unparameterised.
|
|
||||||
*/
|
|
||||||
# define ENGINE_CMD_FLAG_NO_INPUT (unsigned int)0x0004
|
|
||||||
/*
|
|
||||||
* Indicates that the control command is internal. This control command won't
|
|
||||||
* be shown in any output, and is only usable through the ENGINE_ctrl_cmd()
|
|
||||||
* function.
|
|
||||||
*/
|
|
||||||
# define ENGINE_CMD_FLAG_INTERNAL (unsigned int)0x0008
|
|
||||||
|
|
||||||
/*
|
|
||||||
* NB: These 3 control commands are deprecated and should not be used.
|
|
||||||
* ENGINEs relying on these commands should compile conditional support for
|
|
||||||
* compatibility (eg. if these symbols are defined) but should also migrate
|
|
||||||
* the same functionality to their own ENGINE-specific control functions that
|
|
||||||
* can be "discovered" by calling applications. The fact these control
|
|
||||||
* commands wouldn't be "executable" (ie. usable by text-based config)
|
|
||||||
* doesn't change the fact that application code can find and use them
|
|
||||||
* without requiring per-ENGINE hacking.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/*
|
|
||||||
* These flags are used to tell the ctrl function what should be done. All
|
|
||||||
* command numbers are shared between all engines, even if some don't make
|
|
||||||
* sense to some engines. In such a case, they do nothing but return the
|
|
||||||
* error ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED.
|
|
||||||
*/
|
|
||||||
# define ENGINE_CTRL_SET_LOGSTREAM 1
|
|
||||||
# define ENGINE_CTRL_SET_PASSWORD_CALLBACK 2
|
|
||||||
# define ENGINE_CTRL_HUP 3/* Close and reinitialise
|
|
||||||
* any handles/connections
|
|
||||||
* etc. */
|
|
||||||
# define ENGINE_CTRL_SET_USER_INTERFACE 4/* Alternative to callback */
|
|
||||||
# define ENGINE_CTRL_SET_CALLBACK_DATA 5/* User-specific data, used
|
|
||||||
* when calling the password
|
|
||||||
* callback and the user
|
|
||||||
* interface */
|
|
||||||
# define ENGINE_CTRL_LOAD_CONFIGURATION 6/* Load a configuration,
|
|
||||||
* given a string that
|
|
||||||
* represents a file name
|
|
||||||
* or so */
|
|
||||||
# define ENGINE_CTRL_LOAD_SECTION 7/* Load data from a given
|
|
||||||
* section in the already
|
|
||||||
* loaded configuration */
|
|
||||||
|
|
||||||
/*
|
|
||||||
* These control commands allow an application to deal with an arbitrary
|
|
||||||
* engine in a dynamic way. Warn: Negative return values indicate errors FOR
|
|
||||||
* THESE COMMANDS because zero is used to indicate 'end-of-list'. Other
|
|
||||||
* commands, including ENGINE-specific command types, return zero for an
|
|
||||||
* error. An ENGINE can choose to implement these ctrl functions, and can
|
|
||||||
* internally manage things however it chooses - it does so by setting the
|
|
||||||
* ENGINE_FLAGS_MANUAL_CMD_CTRL flag (using ENGINE_set_flags()). Otherwise
|
|
||||||
* the ENGINE_ctrl() code handles this on the ENGINE's behalf using the
|
|
||||||
* cmd_defns data (set using ENGINE_set_cmd_defns()). This means an ENGINE's
|
|
||||||
* ctrl() handler need only implement its own commands - the above "meta"
|
|
||||||
* commands will be taken care of.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Returns non-zero if the supplied ENGINE has a ctrl() handler. If "not",
|
|
||||||
* then all the remaining control commands will return failure, so it is
|
|
||||||
* worth checking this first if the caller is trying to "discover" the
|
|
||||||
* engine's capabilities and doesn't want errors generated unnecessarily.
|
|
||||||
*/
|
|
||||||
# define ENGINE_CTRL_HAS_CTRL_FUNCTION 10
|
|
||||||
/*
|
|
||||||
* Returns a positive command number for the first command supported by the
|
|
||||||
* engine. Returns zero if no ctrl commands are supported.
|
|
||||||
*/
|
|
||||||
# define ENGINE_CTRL_GET_FIRST_CMD_TYPE 11
|
|
||||||
/*
|
|
||||||
* The 'long' argument specifies a command implemented by the engine, and the
|
|
||||||
* return value is the next command supported, or zero if there are no more.
|
|
||||||
*/
|
|
||||||
# define ENGINE_CTRL_GET_NEXT_CMD_TYPE 12
|
|
||||||
/*
|
|
||||||
* The 'void*' argument is a command name (cast from 'const char *'), and the
|
|
||||||
* return value is the command that corresponds to it.
|
|
||||||
*/
|
|
||||||
# define ENGINE_CTRL_GET_CMD_FROM_NAME 13
|
|
||||||
/*
|
|
||||||
* The next two allow a command to be converted into its corresponding string
|
|
||||||
* form. In each case, the 'long' argument supplies the command. In the
|
|
||||||
* NAME_LEN case, the return value is the length of the command name (not
|
|
||||||
* counting a trailing EOL). In the NAME case, the 'void*' argument must be a
|
|
||||||
* string buffer large enough, and it will be populated with the name of the
|
|
||||||
* command (WITH a trailing EOL).
|
|
||||||
*/
|
|
||||||
# define ENGINE_CTRL_GET_NAME_LEN_FROM_CMD 14
|
|
||||||
# define ENGINE_CTRL_GET_NAME_FROM_CMD 15
|
|
||||||
/* The next two are similar but give a "short description" of a command. */
|
|
||||||
# define ENGINE_CTRL_GET_DESC_LEN_FROM_CMD 16
|
|
||||||
# define ENGINE_CTRL_GET_DESC_FROM_CMD 17
|
|
||||||
/*
|
|
||||||
* With this command, the return value is the OR'd combination of
|
|
||||||
* ENGINE_CMD_FLAG_*** values that indicate what kind of input a given
|
|
||||||
* engine-specific ctrl command expects.
|
|
||||||
*/
|
|
||||||
# define ENGINE_CTRL_GET_CMD_FLAGS 18
|
|
||||||
|
|
||||||
/*
|
|
||||||
* ENGINE implementations should start the numbering of their own control
|
|
||||||
* commands from this value. (ie. ENGINE_CMD_BASE, ENGINE_CMD_BASE + 1, etc).
|
|
||||||
*/
|
|
||||||
# define ENGINE_CMD_BASE 200
|
|
||||||
|
|
||||||
/*
|
|
||||||
* NB: These 2 nCipher "chil" control commands are deprecated, and their
|
|
||||||
* functionality is now available through ENGINE-specific control commands
|
|
||||||
* (exposed through the above-mentioned 'CMD'-handling). Code using these 2
|
|
||||||
* commands should be migrated to the more general command handling before
|
|
||||||
* these are removed.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* Flags specific to the nCipher "chil" engine */
|
|
||||||
# define ENGINE_CTRL_CHIL_SET_FORKCHECK 100
|
|
||||||
/*
|
|
||||||
* Depending on the value of the (long)i argument, this sets or
|
|
||||||
* unsets the SimpleForkCheck flag in the CHIL API to enable or
|
|
||||||
* disable checking and workarounds for applications that fork().
|
|
||||||
*/
|
|
||||||
# define ENGINE_CTRL_CHIL_NO_LOCKING 101
|
|
||||||
/*
|
|
||||||
* This prevents the initialisation function from providing mutex
|
|
||||||
* callbacks to the nCipher library.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/*
|
|
||||||
* If an ENGINE supports its own specific control commands and wishes the
|
|
||||||
* framework to handle the above 'ENGINE_CMD_***'-manipulation commands on
|
|
||||||
* its behalf, it should supply a null-terminated array of ENGINE_CMD_DEFN
|
|
||||||
* entries to ENGINE_set_cmd_defns(). It should also implement a ctrl()
|
|
||||||
* handler that supports the stated commands (ie. the "cmd_num" entries as
|
|
||||||
* described by the array). NB: The array must be ordered in increasing order
|
|
||||||
* of cmd_num. "null-terminated" means that the last ENGINE_CMD_DEFN element
|
|
||||||
* has cmd_num set to zero and/or cmd_name set to NULL.
|
|
||||||
*/
|
|
||||||
typedef struct ENGINE_CMD_DEFN_st {
|
|
||||||
unsigned int cmd_num; /* The command number */
|
|
||||||
const char *cmd_name; /* The command name itself */
|
|
||||||
const char *cmd_desc; /* A short description of the command */
|
|
||||||
unsigned int cmd_flags; /* The input the command expects */
|
|
||||||
} ENGINE_CMD_DEFN;
|
|
||||||
|
|
||||||
/* Generic function pointer */
|
|
||||||
typedef int (*ENGINE_GEN_FUNC_PTR) (void);
|
|
||||||
/* Generic function pointer taking no arguments */
|
|
||||||
typedef int (*ENGINE_GEN_INT_FUNC_PTR) (ENGINE *);
|
|
||||||
/* Specific control function pointer */
|
|
||||||
typedef int (*ENGINE_CTRL_FUNC_PTR) (ENGINE *, int, long, void *,
|
|
||||||
void (*f) (void));
|
|
||||||
/* Generic load_key function pointer */
|
|
||||||
typedef EVP_PKEY *(*ENGINE_LOAD_KEY_PTR)(ENGINE *, const char *,
|
|
||||||
UI_METHOD *ui_method,
|
|
||||||
void *callback_data);
|
|
||||||
typedef int (*ENGINE_SSL_CLIENT_CERT_PTR) (ENGINE *, SSL *ssl,
|
|
||||||
STACK_OF(X509_NAME) *ca_dn,
|
|
||||||
X509 **pcert, EVP_PKEY **pkey,
|
|
||||||
STACK_OF(X509) **pother,
|
|
||||||
UI_METHOD *ui_method,
|
|
||||||
void *callback_data);
|
|
||||||
/*-
|
|
||||||
* These callback types are for an ENGINE's handler for cipher and digest logic.
|
|
||||||
* These handlers have these prototypes;
|
|
||||||
* int foo(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid);
|
|
||||||
* int foo(ENGINE *e, const EVP_MD **digest, const int **nids, int nid);
|
|
||||||
* Looking at how to implement these handlers in the case of cipher support, if
|
|
||||||
* the framework wants the EVP_CIPHER for 'nid', it will call;
|
|
||||||
* foo(e, &p_evp_cipher, NULL, nid); (return zero for failure)
|
|
||||||
* If the framework wants a list of supported 'nid's, it will call;
|
|
||||||
* foo(e, NULL, &p_nids, 0); (returns number of 'nids' or -1 for error)
|
|
||||||
*/
|
|
||||||
/*
|
|
||||||
* Returns to a pointer to the array of supported cipher 'nid's. If the
|
|
||||||
* second parameter is non-NULL it is set to the size of the returned array.
|
|
||||||
*/
|
|
||||||
typedef int (*ENGINE_CIPHERS_PTR) (ENGINE *, const EVP_CIPHER **,
|
|
||||||
const int **, int);
|
|
||||||
typedef int (*ENGINE_DIGESTS_PTR) (ENGINE *, const EVP_MD **, const int **,
|
|
||||||
int);
|
|
||||||
typedef int (*ENGINE_PKEY_METHS_PTR) (ENGINE *, EVP_PKEY_METHOD **,
|
|
||||||
const int **, int);
|
|
||||||
typedef int (*ENGINE_PKEY_ASN1_METHS_PTR) (ENGINE *, EVP_PKEY_ASN1_METHOD **,
|
|
||||||
const int **, int);
|
|
||||||
/*
|
|
||||||
* STRUCTURE functions ... all of these functions deal with pointers to
|
|
||||||
* ENGINE structures where the pointers have a "structural reference". This
|
|
||||||
* means that their reference is to allowed access to the structure but it
|
|
||||||
* does not imply that the structure is functional. To simply increment or
|
|
||||||
* decrement the structural reference count, use ENGINE_by_id and
|
|
||||||
* ENGINE_free. NB: This is not required when iterating using ENGINE_get_next
|
|
||||||
* as it will automatically decrement the structural reference count of the
|
|
||||||
* "current" ENGINE and increment the structural reference count of the
|
|
||||||
* ENGINE it returns (unless it is NULL).
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* Get the first/last "ENGINE" type available. */
|
|
||||||
ENGINE *ENGINE_get_first(void);
|
|
||||||
ENGINE *ENGINE_get_last(void);
|
|
||||||
/* Iterate to the next/previous "ENGINE" type (NULL = end of the list). */
|
|
||||||
ENGINE *ENGINE_get_next(ENGINE *e);
|
|
||||||
ENGINE *ENGINE_get_prev(ENGINE *e);
|
|
||||||
/* Add another "ENGINE" type into the array. */
|
|
||||||
int ENGINE_add(ENGINE *e);
|
|
||||||
/* Remove an existing "ENGINE" type from the array. */
|
|
||||||
int ENGINE_remove(ENGINE *e);
|
|
||||||
/* Retrieve an engine from the list by its unique "id" value. */
|
|
||||||
ENGINE *ENGINE_by_id(const char *id);
|
|
||||||
/* Add all the built-in engines. */
|
|
||||||
void ENGINE_load_openssl(void);
|
|
||||||
void ENGINE_load_dynamic(void);
|
|
||||||
# ifndef OPENSSL_NO_STATIC_ENGINE
|
|
||||||
void ENGINE_load_4758cca(void);
|
|
||||||
void ENGINE_load_aep(void);
|
|
||||||
void ENGINE_load_atalla(void);
|
|
||||||
void ENGINE_load_chil(void);
|
|
||||||
void ENGINE_load_cswift(void);
|
|
||||||
void ENGINE_load_nuron(void);
|
|
||||||
void ENGINE_load_sureware(void);
|
|
||||||
void ENGINE_load_ubsec(void);
|
|
||||||
void ENGINE_load_padlock(void);
|
|
||||||
void ENGINE_load_capi(void);
|
|
||||||
# ifndef OPENSSL_NO_GMP
|
|
||||||
void ENGINE_load_gmp(void);
|
|
||||||
# endif
|
|
||||||
# ifndef OPENSSL_NO_GOST
|
|
||||||
void ENGINE_load_gost(void);
|
|
||||||
# endif
|
|
||||||
# endif
|
|
||||||
void ENGINE_load_cryptodev(void);
|
|
||||||
void ENGINE_load_rdrand(void);
|
|
||||||
void ENGINE_load_builtin_engines(void);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation
|
|
||||||
* "registry" handling.
|
|
||||||
*/
|
|
||||||
unsigned int ENGINE_get_table_flags(void);
|
|
||||||
void ENGINE_set_table_flags(unsigned int flags);
|
|
||||||
|
|
||||||
/*- Manage registration of ENGINEs per "table". For each type, there are 3
|
|
||||||
* functions;
|
|
||||||
* ENGINE_register_***(e) - registers the implementation from 'e' (if it has one)
|
|
||||||
* ENGINE_unregister_***(e) - unregister the implementation from 'e'
|
|
||||||
* ENGINE_register_all_***() - call ENGINE_register_***() for each 'e' in the list
|
|
||||||
* Cleanup is automatically registered from each table when required, so
|
|
||||||
* ENGINE_cleanup() will reverse any "register" operations.
|
|
||||||
*/
|
|
||||||
|
|
||||||
int ENGINE_register_RSA(ENGINE *e);
|
|
||||||
void ENGINE_unregister_RSA(ENGINE *e);
|
|
||||||
void ENGINE_register_all_RSA(void);
|
|
||||||
|
|
||||||
int ENGINE_register_DSA(ENGINE *e);
|
|
||||||
void ENGINE_unregister_DSA(ENGINE *e);
|
|
||||||
void ENGINE_register_all_DSA(void);
|
|
||||||
|
|
||||||
int ENGINE_register_ECDH(ENGINE *e);
|
|
||||||
void ENGINE_unregister_ECDH(ENGINE *e);
|
|
||||||
void ENGINE_register_all_ECDH(void);
|
|
||||||
|
|
||||||
int ENGINE_register_ECDSA(ENGINE *e);
|
|
||||||
void ENGINE_unregister_ECDSA(ENGINE *e);
|
|
||||||
void ENGINE_register_all_ECDSA(void);
|
|
||||||
|
|
||||||
int ENGINE_register_DH(ENGINE *e);
|
|
||||||
void ENGINE_unregister_DH(ENGINE *e);
|
|
||||||
void ENGINE_register_all_DH(void);
|
|
||||||
|
|
||||||
int ENGINE_register_RAND(ENGINE *e);
|
|
||||||
void ENGINE_unregister_RAND(ENGINE *e);
|
|
||||||
void ENGINE_register_all_RAND(void);
|
|
||||||
|
|
||||||
int ENGINE_register_STORE(ENGINE *e);
|
|
||||||
void ENGINE_unregister_STORE(ENGINE *e);
|
|
||||||
void ENGINE_register_all_STORE(void);
|
|
||||||
|
|
||||||
int ENGINE_register_ciphers(ENGINE *e);
|
|
||||||
void ENGINE_unregister_ciphers(ENGINE *e);
|
|
||||||
void ENGINE_register_all_ciphers(void);
|
|
||||||
|
|
||||||
int ENGINE_register_digests(ENGINE *e);
|
|
||||||
void ENGINE_unregister_digests(ENGINE *e);
|
|
||||||
void ENGINE_register_all_digests(void);
|
|
||||||
|
|
||||||
int ENGINE_register_pkey_meths(ENGINE *e);
|
|
||||||
void ENGINE_unregister_pkey_meths(ENGINE *e);
|
|
||||||
void ENGINE_register_all_pkey_meths(void);
|
|
||||||
|
|
||||||
int ENGINE_register_pkey_asn1_meths(ENGINE *e);
|
|
||||||
void ENGINE_unregister_pkey_asn1_meths(ENGINE *e);
|
|
||||||
void ENGINE_register_all_pkey_asn1_meths(void);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* These functions register all support from the above categories. Note, use
|
|
||||||
* of these functions can result in static linkage of code your application
|
|
||||||
* may not need. If you only need a subset of functionality, consider using
|
|
||||||
* more selective initialisation.
|
|
||||||
*/
|
|
||||||
int ENGINE_register_complete(ENGINE *e);
|
|
||||||
int ENGINE_register_all_complete(void);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Send parametrised control commands to the engine. The possibilities to
|
|
||||||
* send down an integer, a pointer to data or a function pointer are
|
|
||||||
* provided. Any of the parameters may or may not be NULL, depending on the
|
|
||||||
* command number. In actuality, this function only requires a structural
|
|
||||||
* (rather than functional) reference to an engine, but many control commands
|
|
||||||
* may require the engine be functional. The caller should be aware of trying
|
|
||||||
* commands that require an operational ENGINE, and only use functional
|
|
||||||
* references in such situations.
|
|
||||||
*/
|
|
||||||
int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This function tests if an ENGINE-specific command is usable as a
|
|
||||||
* "setting". Eg. in an application's config file that gets processed through
|
|
||||||
* ENGINE_ctrl_cmd_string(). If this returns zero, it is not available to
|
|
||||||
* ENGINE_ctrl_cmd_string(), only ENGINE_ctrl().
|
|
||||||
*/
|
|
||||||
int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This function works like ENGINE_ctrl() with the exception of taking a
|
|
||||||
* command name instead of a command number, and can handle optional
|
|
||||||
* commands. See the comment on ENGINE_ctrl_cmd_string() for an explanation
|
|
||||||
* on how to use the cmd_name and cmd_optional.
|
|
||||||
*/
|
|
||||||
int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
|
|
||||||
long i, void *p, void (*f) (void), int cmd_optional);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This function passes a command-name and argument to an ENGINE. The
|
|
||||||
* cmd_name is converted to a command number and the control command is
|
|
||||||
* called using 'arg' as an argument (unless the ENGINE doesn't support such
|
|
||||||
* a command, in which case no control command is called). The command is
|
|
||||||
* checked for input flags, and if necessary the argument will be converted
|
|
||||||
* to a numeric value. If cmd_optional is non-zero, then if the ENGINE
|
|
||||||
* doesn't support the given cmd_name the return value will be success
|
|
||||||
* anyway. This function is intended for applications to use so that users
|
|
||||||
* (or config files) can supply engine-specific config data to the ENGINE at
|
|
||||||
* run-time to control behaviour of specific engines. As such, it shouldn't
|
|
||||||
* be used for calling ENGINE_ctrl() functions that return data, deal with
|
|
||||||
* binary data, or that are otherwise supposed to be used directly through
|
|
||||||
* ENGINE_ctrl() in application code. Any "return" data from an ENGINE_ctrl()
|
|
||||||
* operation in this function will be lost - the return value is interpreted
|
|
||||||
* as failure if the return value is zero, success otherwise, and this
|
|
||||||
* function returns a boolean value as a result. In other words, vendors of
|
|
||||||
* 'ENGINE'-enabled devices should write ENGINE implementations with
|
|
||||||
* parameterisations that work in this scheme, so that compliant ENGINE-based
|
|
||||||
* applications can work consistently with the same configuration for the
|
|
||||||
* same ENGINE-enabled devices, across applications.
|
|
||||||
*/
|
|
||||||
int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
|
|
||||||
int cmd_optional);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* These functions are useful for manufacturing new ENGINE structures. They
|
|
||||||
* don't address reference counting at all - one uses them to populate an
|
|
||||||
* ENGINE structure with personalised implementations of things prior to
|
|
||||||
* using it directly or adding it to the builtin ENGINE list in OpenSSL.
|
|
||||||
* These are also here so that the ENGINE structure doesn't have to be
|
|
||||||
* exposed and break binary compatibility!
|
|
||||||
*/
|
|
||||||
ENGINE *ENGINE_new(void);
|
|
||||||
int ENGINE_free(ENGINE *e);
|
|
||||||
int ENGINE_up_ref(ENGINE *e);
|
|
||||||
int ENGINE_set_id(ENGINE *e, const char *id);
|
|
||||||
int ENGINE_set_name(ENGINE *e, const char *name);
|
|
||||||
int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
|
|
||||||
int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
|
|
||||||
int ENGINE_set_ECDH(ENGINE *e, const ECDH_METHOD *ecdh_meth);
|
|
||||||
int ENGINE_set_ECDSA(ENGINE *e, const ECDSA_METHOD *ecdsa_meth);
|
|
||||||
int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
|
|
||||||
int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
|
|
||||||
int ENGINE_set_STORE(ENGINE *e, const STORE_METHOD *store_meth);
|
|
||||||
int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
|
|
||||||
int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
|
|
||||||
int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
|
|
||||||
int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
|
|
||||||
int ENGINE_set_load_privkey_function(ENGINE *e,
|
|
||||||
ENGINE_LOAD_KEY_PTR loadpriv_f);
|
|
||||||
int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
|
|
||||||
int ENGINE_set_load_ssl_client_cert_function(ENGINE *e,
|
|
||||||
ENGINE_SSL_CLIENT_CERT_PTR
|
|
||||||
loadssl_f);
|
|
||||||
int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
|
|
||||||
int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
|
|
||||||
int ENGINE_set_pkey_meths(ENGINE *e, ENGINE_PKEY_METHS_PTR f);
|
|
||||||
int ENGINE_set_pkey_asn1_meths(ENGINE *e, ENGINE_PKEY_ASN1_METHS_PTR f);
|
|
||||||
int ENGINE_set_flags(ENGINE *e, int flags);
|
|
||||||
int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
|
|
||||||
/* These functions allow control over any per-structure ENGINE data. */
|
|
||||||
int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
|
|
||||||
CRYPTO_EX_dup *dup_func,
|
|
||||||
CRYPTO_EX_free *free_func);
|
|
||||||
int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg);
|
|
||||||
void *ENGINE_get_ex_data(const ENGINE *e, int idx);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This function cleans up anything that needs it. Eg. the ENGINE_add()
|
|
||||||
* function automatically ensures the list cleanup function is registered to
|
|
||||||
* be called from ENGINE_cleanup(). Similarly, all ENGINE_register_***
|
|
||||||
* functions ensure ENGINE_cleanup() will clean up after them.
|
|
||||||
*/
|
|
||||||
void ENGINE_cleanup(void);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* These return values from within the ENGINE structure. These can be useful
|
|
||||||
* with functional references as well as structural references - it depends
|
|
||||||
* which you obtained. Using the result for functional purposes if you only
|
|
||||||
* obtained a structural reference may be problematic!
|
|
||||||
*/
|
|
||||||
const char *ENGINE_get_id(const ENGINE *e);
|
|
||||||
const char *ENGINE_get_name(const ENGINE *e);
|
|
||||||
const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
|
|
||||||
const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
|
|
||||||
const ECDH_METHOD *ENGINE_get_ECDH(const ENGINE *e);
|
|
||||||
const ECDSA_METHOD *ENGINE_get_ECDSA(const ENGINE *e);
|
|
||||||
const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
|
|
||||||
const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
|
|
||||||
const STORE_METHOD *ENGINE_get_STORE(const ENGINE *e);
|
|
||||||
ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
|
|
||||||
ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
|
|
||||||
ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
|
|
||||||
ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
|
|
||||||
ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
|
|
||||||
ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
|
|
||||||
ENGINE_SSL_CLIENT_CERT_PTR ENGINE_get_ssl_client_cert_function(const ENGINE
|
|
||||||
*e);
|
|
||||||
ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
|
|
||||||
ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
|
|
||||||
ENGINE_PKEY_METHS_PTR ENGINE_get_pkey_meths(const ENGINE *e);
|
|
||||||
ENGINE_PKEY_ASN1_METHS_PTR ENGINE_get_pkey_asn1_meths(const ENGINE *e);
|
|
||||||
const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
|
|
||||||
const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
|
|
||||||
const EVP_PKEY_METHOD *ENGINE_get_pkey_meth(ENGINE *e, int nid);
|
|
||||||
const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth(ENGINE *e, int nid);
|
|
||||||
const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth_str(ENGINE *e,
|
|
||||||
const char *str,
|
|
||||||
int len);
|
|
||||||
const EVP_PKEY_ASN1_METHOD *ENGINE_pkey_asn1_find_str(ENGINE **pe,
|
|
||||||
const char *str,
|
|
||||||
int len);
|
|
||||||
const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
|
|
||||||
int ENGINE_get_flags(const ENGINE *e);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* FUNCTIONAL functions. These functions deal with ENGINE structures that
|
|
||||||
* have (or will) be initialised for use. Broadly speaking, the structural
|
|
||||||
* functions are useful for iterating the list of available engine types,
|
|
||||||
* creating new engine types, and other "list" operations. These functions
|
|
||||||
* actually deal with ENGINEs that are to be used. As such these functions
|
|
||||||
* can fail (if applicable) when particular engines are unavailable - eg. if
|
|
||||||
* a hardware accelerator is not attached or not functioning correctly. Each
|
|
||||||
* ENGINE has 2 reference counts; structural and functional. Every time a
|
|
||||||
* functional reference is obtained or released, a corresponding structural
|
|
||||||
* reference is automatically obtained or released too.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Initialise a engine type for use (or up its reference count if it's
|
|
||||||
* already in use). This will fail if the engine is not currently operational
|
|
||||||
* and cannot initialise.
|
|
||||||
*/
|
|
||||||
int ENGINE_init(ENGINE *e);
|
|
||||||
/*
|
|
||||||
* Free a functional reference to a engine type. This does not require a
|
|
||||||
* corresponding call to ENGINE_free as it also releases a structural
|
|
||||||
* reference.
|
|
||||||
*/
|
|
||||||
int ENGINE_finish(ENGINE *e);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* The following functions handle keys that are stored in some secondary
|
|
||||||
* location, handled by the engine. The storage may be on a card or
|
|
||||||
* whatever.
|
|
||||||
*/
|
|
||||||
EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
|
|
||||||
UI_METHOD *ui_method, void *callback_data);
|
|
||||||
EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
|
|
||||||
UI_METHOD *ui_method, void *callback_data);
|
|
||||||
int ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s,
|
|
||||||
STACK_OF(X509_NAME) *ca_dn, X509 **pcert,
|
|
||||||
EVP_PKEY **ppkey, STACK_OF(X509) **pother,
|
|
||||||
UI_METHOD *ui_method, void *callback_data);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This returns a pointer for the current ENGINE structure that is (by
|
|
||||||
* default) performing any RSA operations. The value returned is an
|
|
||||||
* incremented reference, so it should be free'd (ENGINE_finish) before it is
|
|
||||||
* discarded.
|
|
||||||
*/
|
|
||||||
ENGINE *ENGINE_get_default_RSA(void);
|
|
||||||
/* Same for the other "methods" */
|
|
||||||
ENGINE *ENGINE_get_default_DSA(void);
|
|
||||||
ENGINE *ENGINE_get_default_ECDH(void);
|
|
||||||
ENGINE *ENGINE_get_default_ECDSA(void);
|
|
||||||
ENGINE *ENGINE_get_default_DH(void);
|
|
||||||
ENGINE *ENGINE_get_default_RAND(void);
|
|
||||||
/*
|
|
||||||
* These functions can be used to get a functional reference to perform
|
|
||||||
* ciphering or digesting corresponding to "nid".
|
|
||||||
*/
|
|
||||||
ENGINE *ENGINE_get_cipher_engine(int nid);
|
|
||||||
ENGINE *ENGINE_get_digest_engine(int nid);
|
|
||||||
ENGINE *ENGINE_get_pkey_meth_engine(int nid);
|
|
||||||
ENGINE *ENGINE_get_pkey_asn1_meth_engine(int nid);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This sets a new default ENGINE structure for performing RSA operations. If
|
|
||||||
* the result is non-zero (success) then the ENGINE structure will have had
|
|
||||||
* its reference count up'd so the caller should still free their own
|
|
||||||
* reference 'e'.
|
|
||||||
*/
|
|
||||||
int ENGINE_set_default_RSA(ENGINE *e);
|
|
||||||
int ENGINE_set_default_string(ENGINE *e, const char *def_list);
|
|
||||||
/* Same for the other "methods" */
|
|
||||||
int ENGINE_set_default_DSA(ENGINE *e);
|
|
||||||
int ENGINE_set_default_ECDH(ENGINE *e);
|
|
||||||
int ENGINE_set_default_ECDSA(ENGINE *e);
|
|
||||||
int ENGINE_set_default_DH(ENGINE *e);
|
|
||||||
int ENGINE_set_default_RAND(ENGINE *e);
|
|
||||||
int ENGINE_set_default_ciphers(ENGINE *e);
|
|
||||||
int ENGINE_set_default_digests(ENGINE *e);
|
|
||||||
int ENGINE_set_default_pkey_meths(ENGINE *e);
|
|
||||||
int ENGINE_set_default_pkey_asn1_meths(ENGINE *e);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* The combination "set" - the flags are bitwise "OR"d from the
|
|
||||||
* ENGINE_METHOD_*** defines above. As with the "ENGINE_register_complete()"
|
|
||||||
* function, this function can result in unnecessary static linkage. If your
|
|
||||||
* application requires only specific functionality, consider using more
|
|
||||||
* selective functions.
|
|
||||||
*/
|
|
||||||
int ENGINE_set_default(ENGINE *e, unsigned int flags);
|
|
||||||
|
|
||||||
void ENGINE_add_conf_module(void);
|
|
||||||
|
|
||||||
/* Deprecated functions ... */
|
|
||||||
/* int ENGINE_clear_defaults(void); */
|
|
||||||
|
|
||||||
/**************************/
|
|
||||||
/* DYNAMIC ENGINE SUPPORT */
|
|
||||||
/**************************/
|
|
||||||
|
|
||||||
/* Binary/behaviour compatibility levels */
|
|
||||||
# define OSSL_DYNAMIC_VERSION (unsigned long)0x00020000
|
|
||||||
/*
|
|
||||||
* Binary versions older than this are too old for us (whether we're a loader
|
|
||||||
* or a loadee)
|
|
||||||
*/
|
|
||||||
# define OSSL_DYNAMIC_OLDEST (unsigned long)0x00020000
|
|
||||||
|
|
||||||
/*
|
|
||||||
* When compiling an ENGINE entirely as an external shared library, loadable
|
|
||||||
* by the "dynamic" ENGINE, these types are needed. The 'dynamic_fns'
|
|
||||||
* structure type provides the calling application's (or library's) error
|
|
||||||
* functionality and memory management function pointers to the loaded
|
|
||||||
* library. These should be used/set in the loaded library code so that the
|
|
||||||
* loading application's 'state' will be used/changed in all operations. The
|
|
||||||
* 'static_state' pointer allows the loaded library to know if it shares the
|
|
||||||
* same static data as the calling application (or library), and thus whether
|
|
||||||
* these callbacks need to be set or not.
|
|
||||||
*/
|
|
||||||
typedef void *(*dyn_MEM_malloc_cb) (size_t);
|
|
||||||
typedef void *(*dyn_MEM_realloc_cb) (void *, size_t);
|
|
||||||
typedef void (*dyn_MEM_free_cb) (void *);
|
|
||||||
typedef struct st_dynamic_MEM_fns {
|
|
||||||
dyn_MEM_malloc_cb malloc_cb;
|
|
||||||
dyn_MEM_realloc_cb realloc_cb;
|
|
||||||
dyn_MEM_free_cb free_cb;
|
|
||||||
} dynamic_MEM_fns;
|
|
||||||
/*
|
|
||||||
* FIXME: Perhaps the memory and locking code (crypto.h) should declare and
|
|
||||||
* use these types so we (and any other dependant code) can simplify a bit??
|
|
||||||
*/
|
|
||||||
typedef void (*dyn_lock_locking_cb) (int, int, const char *, int);
|
|
||||||
typedef int (*dyn_lock_add_lock_cb) (int *, int, int, const char *, int);
|
|
||||||
typedef struct CRYPTO_dynlock_value *(*dyn_dynlock_create_cb) (const char *,
|
|
||||||
int);
|
|
||||||
typedef void (*dyn_dynlock_lock_cb) (int, struct CRYPTO_dynlock_value *,
|
|
||||||
const char *, int);
|
|
||||||
typedef void (*dyn_dynlock_destroy_cb) (struct CRYPTO_dynlock_value *,
|
|
||||||
const char *, int);
|
|
||||||
typedef struct st_dynamic_LOCK_fns {
|
|
||||||
dyn_lock_locking_cb lock_locking_cb;
|
|
||||||
dyn_lock_add_lock_cb lock_add_lock_cb;
|
|
||||||
dyn_dynlock_create_cb dynlock_create_cb;
|
|
||||||
dyn_dynlock_lock_cb dynlock_lock_cb;
|
|
||||||
dyn_dynlock_destroy_cb dynlock_destroy_cb;
|
|
||||||
} dynamic_LOCK_fns;
|
|
||||||
/* The top-level structure */
|
|
||||||
typedef struct st_dynamic_fns {
|
|
||||||
void *static_state;
|
|
||||||
const ERR_FNS *err_fns;
|
|
||||||
const CRYPTO_EX_DATA_IMPL *ex_data_fns;
|
|
||||||
dynamic_MEM_fns mem_fns;
|
|
||||||
dynamic_LOCK_fns lock_fns;
|
|
||||||
} dynamic_fns;
|
|
||||||
|
|
||||||
/*
|
|
||||||
* The version checking function should be of this prototype. NB: The
|
|
||||||
* ossl_version value passed in is the OSSL_DYNAMIC_VERSION of the loading
|
|
||||||
* code. If this function returns zero, it indicates a (potential) version
|
|
||||||
* incompatibility and the loaded library doesn't believe it can proceed.
|
|
||||||
* Otherwise, the returned value is the (latest) version supported by the
|
|
||||||
* loading library. The loader may still decide that the loaded code's
|
|
||||||
* version is unsatisfactory and could veto the load. The function is
|
|
||||||
* expected to be implemented with the symbol name "v_check", and a default
|
|
||||||
* implementation can be fully instantiated with
|
|
||||||
* IMPLEMENT_DYNAMIC_CHECK_FN().
|
|
||||||
*/
|
|
||||||
typedef unsigned long (*dynamic_v_check_fn) (unsigned long ossl_version);
|
|
||||||
# define IMPLEMENT_DYNAMIC_CHECK_FN() \
|
|
||||||
OPENSSL_EXPORT unsigned long v_check(unsigned long v); \
|
|
||||||
OPENSSL_EXPORT unsigned long v_check(unsigned long v) { \
|
|
||||||
if(v >= OSSL_DYNAMIC_OLDEST) return OSSL_DYNAMIC_VERSION; \
|
|
||||||
return 0; }
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This function is passed the ENGINE structure to initialise with its own
|
|
||||||
* function and command settings. It should not adjust the structural or
|
|
||||||
* functional reference counts. If this function returns zero, (a) the load
|
|
||||||
* will be aborted, (b) the previous ENGINE state will be memcpy'd back onto
|
|
||||||
* the structure, and (c) the shared library will be unloaded. So
|
|
||||||
* implementations should do their own internal cleanup in failure
|
|
||||||
* circumstances otherwise they could leak. The 'id' parameter, if non-NULL,
|
|
||||||
* represents the ENGINE id that the loader is looking for. If this is NULL,
|
|
||||||
* the shared library can choose to return failure or to initialise a
|
|
||||||
* 'default' ENGINE. If non-NULL, the shared library must initialise only an
|
|
||||||
* ENGINE matching the passed 'id'. The function is expected to be
|
|
||||||
* implemented with the symbol name "bind_engine". A standard implementation
|
|
||||||
* can be instantiated with IMPLEMENT_DYNAMIC_BIND_FN(fn) where the parameter
|
|
||||||
* 'fn' is a callback function that populates the ENGINE structure and
|
|
||||||
* returns an int value (zero for failure). 'fn' should have prototype;
|
|
||||||
* [static] int fn(ENGINE *e, const char *id);
|
|
||||||
*/
|
|
||||||
typedef int (*dynamic_bind_engine) (ENGINE *e, const char *id,
|
|
||||||
const dynamic_fns *fns);
|
|
||||||
# define IMPLEMENT_DYNAMIC_BIND_FN(fn) \
|
|
||||||
OPENSSL_EXPORT \
|
|
||||||
int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns); \
|
|
||||||
OPENSSL_EXPORT \
|
|
||||||
int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \
|
|
||||||
if(ENGINE_get_static_state() == fns->static_state) goto skip_cbs; \
|
|
||||||
if(!CRYPTO_set_mem_functions(fns->mem_fns.malloc_cb, \
|
|
||||||
fns->mem_fns.realloc_cb, fns->mem_fns.free_cb)) \
|
|
||||||
return 0; \
|
|
||||||
CRYPTO_set_locking_callback(fns->lock_fns.lock_locking_cb); \
|
|
||||||
CRYPTO_set_add_lock_callback(fns->lock_fns.lock_add_lock_cb); \
|
|
||||||
CRYPTO_set_dynlock_create_callback(fns->lock_fns.dynlock_create_cb); \
|
|
||||||
CRYPTO_set_dynlock_lock_callback(fns->lock_fns.dynlock_lock_cb); \
|
|
||||||
CRYPTO_set_dynlock_destroy_callback(fns->lock_fns.dynlock_destroy_cb); \
|
|
||||||
if(!CRYPTO_set_ex_data_implementation(fns->ex_data_fns)) \
|
|
||||||
return 0; \
|
|
||||||
if(!ERR_set_implementation(fns->err_fns)) return 0; \
|
|
||||||
skip_cbs: \
|
|
||||||
if(!fn(e,id)) return 0; \
|
|
||||||
return 1; }
|
|
||||||
|
|
||||||
/*
|
|
||||||
* If the loading application (or library) and the loaded ENGINE library
|
|
||||||
* share the same static data (eg. they're both dynamically linked to the
|
|
||||||
* same libcrypto.so) we need a way to avoid trying to set system callbacks -
|
|
||||||
* this would fail, and for the same reason that it's unnecessary to try. If
|
|
||||||
* the loaded ENGINE has (or gets from through the loader) its own copy of
|
|
||||||
* the libcrypto static data, we will need to set the callbacks. The easiest
|
|
||||||
* way to detect this is to have a function that returns a pointer to some
|
|
||||||
* static data and let the loading application and loaded ENGINE compare
|
|
||||||
* their respective values.
|
|
||||||
*/
|
|
||||||
void *ENGINE_get_static_state(void);
|
|
||||||
|
|
||||||
# if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)
|
|
||||||
void ENGINE_setup_bsd_cryptodev(void);
|
|
||||||
# endif
|
|
||||||
|
|
||||||
/* BEGIN ERROR CODES */
|
|
||||||
/*
|
|
||||||
* The following lines are auto generated by the script mkerr.pl. Any changes
|
|
||||||
* made after this point may be overwritten when the script is next run.
|
|
||||||
*/
|
|
||||||
void ERR_load_ENGINE_strings(void);
|
|
||||||
|
|
||||||
/* Error codes for the ENGINE functions. */
|
|
||||||
|
|
||||||
/* Function codes. */
|
|
||||||
# define ENGINE_F_DYNAMIC_CTRL 180
|
|
||||||
# define ENGINE_F_DYNAMIC_GET_DATA_CTX 181
|
|
||||||
# define ENGINE_F_DYNAMIC_LOAD 182
|
|
||||||
# define ENGINE_F_DYNAMIC_SET_DATA_CTX 183
|
|
||||||
# define ENGINE_F_ENGINE_ADD 105
|
|
||||||
# define ENGINE_F_ENGINE_BY_ID 106
|
|
||||||
# define ENGINE_F_ENGINE_CMD_IS_EXECUTABLE 170
|
|
||||||
# define ENGINE_F_ENGINE_CTRL 142
|
|
||||||
# define ENGINE_F_ENGINE_CTRL_CMD 178
|
|
||||||
# define ENGINE_F_ENGINE_CTRL_CMD_STRING 171
|
|
||||||
# define ENGINE_F_ENGINE_FINISH 107
|
|
||||||
# define ENGINE_F_ENGINE_FREE_UTIL 108
|
|
||||||
# define ENGINE_F_ENGINE_GET_CIPHER 185
|
|
||||||
# define ENGINE_F_ENGINE_GET_DEFAULT_TYPE 177
|
|
||||||
# define ENGINE_F_ENGINE_GET_DIGEST 186
|
|
||||||
# define ENGINE_F_ENGINE_GET_NEXT 115
|
|
||||||
# define ENGINE_F_ENGINE_GET_PKEY_ASN1_METH 193
|
|
||||||
# define ENGINE_F_ENGINE_GET_PKEY_METH 192
|
|
||||||
# define ENGINE_F_ENGINE_GET_PREV 116
|
|
||||||
# define ENGINE_F_ENGINE_INIT 119
|
|
||||||
# define ENGINE_F_ENGINE_LIST_ADD 120
|
|
||||||
# define ENGINE_F_ENGINE_LIST_REMOVE 121
|
|
||||||
# define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY 150
|
|
||||||
# define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY 151
|
|
||||||
# define ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT 194
|
|
||||||
# define ENGINE_F_ENGINE_NEW 122
|
|
||||||
# define ENGINE_F_ENGINE_REMOVE 123
|
|
||||||
# define ENGINE_F_ENGINE_SET_DEFAULT_STRING 189
|
|
||||||
# define ENGINE_F_ENGINE_SET_DEFAULT_TYPE 126
|
|
||||||
# define ENGINE_F_ENGINE_SET_ID 129
|
|
||||||
# define ENGINE_F_ENGINE_SET_NAME 130
|
|
||||||
# define ENGINE_F_ENGINE_TABLE_REGISTER 184
|
|
||||||
# define ENGINE_F_ENGINE_UNLOAD_KEY 152
|
|
||||||
# define ENGINE_F_ENGINE_UNLOCKED_FINISH 191
|
|
||||||
# define ENGINE_F_ENGINE_UP_REF 190
|
|
||||||
# define ENGINE_F_INT_CTRL_HELPER 172
|
|
||||||
# define ENGINE_F_INT_ENGINE_CONFIGURE 188
|
|
||||||
# define ENGINE_F_INT_ENGINE_MODULE_INIT 187
|
|
||||||
# define ENGINE_F_LOG_MESSAGE 141
|
|
||||||
|
|
||||||
/* Reason codes. */
|
|
||||||
# define ENGINE_R_ALREADY_LOADED 100
|
|
||||||
# define ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER 133
|
|
||||||
# define ENGINE_R_CMD_NOT_EXECUTABLE 134
|
|
||||||
# define ENGINE_R_COMMAND_TAKES_INPUT 135
|
|
||||||
# define ENGINE_R_COMMAND_TAKES_NO_INPUT 136
|
|
||||||
# define ENGINE_R_CONFLICTING_ENGINE_ID 103
|
|
||||||
# define ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED 119
|
|
||||||
# define ENGINE_R_DH_NOT_IMPLEMENTED 139
|
|
||||||
# define ENGINE_R_DSA_NOT_IMPLEMENTED 140
|
|
||||||
# define ENGINE_R_DSO_FAILURE 104
|
|
||||||
# define ENGINE_R_DSO_NOT_FOUND 132
|
|
||||||
# define ENGINE_R_ENGINES_SECTION_ERROR 148
|
|
||||||
# define ENGINE_R_ENGINE_CONFIGURATION_ERROR 102
|
|
||||||
# define ENGINE_R_ENGINE_IS_NOT_IN_LIST 105
|
|
||||||
# define ENGINE_R_ENGINE_SECTION_ERROR 149
|
|
||||||
# define ENGINE_R_FAILED_LOADING_PRIVATE_KEY 128
|
|
||||||
# define ENGINE_R_FAILED_LOADING_PUBLIC_KEY 129
|
|
||||||
# define ENGINE_R_FINISH_FAILED 106
|
|
||||||
# define ENGINE_R_GET_HANDLE_FAILED 107
|
|
||||||
# define ENGINE_R_ID_OR_NAME_MISSING 108
|
|
||||||
# define ENGINE_R_INIT_FAILED 109
|
|
||||||
# define ENGINE_R_INTERNAL_LIST_ERROR 110
|
|
||||||
# define ENGINE_R_INVALID_ARGUMENT 143
|
|
||||||
# define ENGINE_R_INVALID_CMD_NAME 137
|
|
||||||
# define ENGINE_R_INVALID_CMD_NUMBER 138
|
|
||||||
# define ENGINE_R_INVALID_INIT_VALUE 151
|
|
||||||
# define ENGINE_R_INVALID_STRING 150
|
|
||||||
# define ENGINE_R_NOT_INITIALISED 117
|
|
||||||
# define ENGINE_R_NOT_LOADED 112
|
|
||||||
# define ENGINE_R_NO_CONTROL_FUNCTION 120
|
|
||||||
# define ENGINE_R_NO_INDEX 144
|
|
||||||
# define ENGINE_R_NO_LOAD_FUNCTION 125
|
|
||||||
# define ENGINE_R_NO_REFERENCE 130
|
|
||||||
# define ENGINE_R_NO_SUCH_ENGINE 116
|
|
||||||
# define ENGINE_R_NO_UNLOAD_FUNCTION 126
|
|
||||||
# define ENGINE_R_PROVIDE_PARAMETERS 113
|
|
||||||
# define ENGINE_R_RSA_NOT_IMPLEMENTED 141
|
|
||||||
# define ENGINE_R_UNIMPLEMENTED_CIPHER 146
|
|
||||||
# define ENGINE_R_UNIMPLEMENTED_DIGEST 147
|
|
||||||
# define ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD 101
|
|
||||||
# define ENGINE_R_VERSION_INCOMPATIBILITY 145
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#endif
|
|
|
@ -1,105 +0,0 @@
|
||||||
/* crypto/idea/idea.h */
|
|
||||||
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
|
|
||||||
* All rights reserved.
|
|
||||||
*
|
|
||||||
* This package is an SSL implementation written
|
|
||||||
* by Eric Young (eay@cryptsoft.com).
|
|
||||||
* The implementation was written so as to conform with Netscapes SSL.
|
|
||||||
*
|
|
||||||
* This library is free for commercial and non-commercial use as long as
|
|
||||||
* the following conditions are aheared to. The following conditions
|
|
||||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
||||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
||||||
* included with this distribution is covered by the same copyright terms
|
|
||||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
||||||
* the code are not to be removed.
|
|
||||||
* If this package is used in a product, Eric Young should be given attribution
|
|
||||||
* as the author of the parts of the library used.
|
|
||||||
* This can be in the form of a textual message at program startup or
|
|
||||||
* in documentation (online or textual) provided with the package.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. All advertising materials mentioning features or use of this software
|
|
||||||
* must display the following acknowledgement:
|
|
||||||
* "This product includes cryptographic software written by
|
|
||||||
* Eric Young (eay@cryptsoft.com)"
|
|
||||||
* The word 'cryptographic' can be left out if the rouines from the library
|
|
||||||
* being used are not cryptographic related :-).
|
|
||||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
||||||
* the apps directory (application code) you must include an acknowledgement:
|
|
||||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
||||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
||||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
||||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
* SUCH DAMAGE.
|
|
||||||
*
|
|
||||||
* The licence and distribution terms for any publically available version or
|
|
||||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
||||||
* copied and put under another distribution licence
|
|
||||||
* [including the GNU Public Licence.]
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_IDEA_H
|
|
||||||
# define HEADER_IDEA_H
|
|
||||||
|
|
||||||
# include <openssl/opensslconf.h>/* IDEA_INT, OPENSSL_NO_IDEA */
|
|
||||||
|
|
||||||
# ifdef OPENSSL_NO_IDEA
|
|
||||||
# error IDEA is disabled.
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# define IDEA_ENCRYPT 1
|
|
||||||
# define IDEA_DECRYPT 0
|
|
||||||
|
|
||||||
# define IDEA_BLOCK 8
|
|
||||||
# define IDEA_KEY_LENGTH 16
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
typedef struct idea_key_st {
|
|
||||||
IDEA_INT data[9][6];
|
|
||||||
} IDEA_KEY_SCHEDULE;
|
|
||||||
|
|
||||||
const char *idea_options(void);
|
|
||||||
void idea_ecb_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
IDEA_KEY_SCHEDULE *ks);
|
|
||||||
# ifdef OPENSSL_FIPS
|
|
||||||
void private_idea_set_encrypt_key(const unsigned char *key,
|
|
||||||
IDEA_KEY_SCHEDULE *ks);
|
|
||||||
# endif
|
|
||||||
void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks);
|
|
||||||
void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk);
|
|
||||||
void idea_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
|
|
||||||
int enc);
|
|
||||||
void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
|
|
||||||
int *num, int enc);
|
|
||||||
void idea_ofb64_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
|
|
||||||
int *num);
|
|
||||||
void idea_encrypt(unsigned long *in, IDEA_KEY_SCHEDULE *ks);
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif
|
|
|
@ -1,240 +0,0 @@
|
||||||
/* krb5_asn.h */
|
|
||||||
/*
|
|
||||||
* Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project, **
|
|
||||||
* using ocsp/{*.h,*asn*.c} as a starting point
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
*
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
*
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in
|
|
||||||
* the documentation and/or other materials provided with the
|
|
||||||
* distribution.
|
|
||||||
*
|
|
||||||
* 3. All advertising materials mentioning features or use of this
|
|
||||||
* software must display the following acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
|
||||||
*
|
|
||||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* prior written permission. For written permission, please contact
|
|
||||||
* openssl-core@openssl.org.
|
|
||||||
*
|
|
||||||
* 5. Products derived from this software may not be called "OpenSSL"
|
|
||||||
* nor may "OpenSSL" appear in their names without prior written
|
|
||||||
* permission of the OpenSSL Project.
|
|
||||||
*
|
|
||||||
* 6. Redistributions of any form whatsoever must retain the following
|
|
||||||
* acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
||||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
||||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
||||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
||||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
||||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
||||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
||||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
||||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
* ====================================================================
|
|
||||||
*
|
|
||||||
* This product includes cryptographic software written by Eric Young
|
|
||||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
|
||||||
* Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_KRB5_ASN_H
|
|
||||||
# define HEADER_KRB5_ASN_H
|
|
||||||
|
|
||||||
/*
|
|
||||||
* #include <krb5.h>
|
|
||||||
*/
|
|
||||||
# include <openssl/safestack.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/*
|
|
||||||
* ASN.1 from Kerberos RFC 1510
|
|
||||||
*/
|
|
||||||
|
|
||||||
/*- EncryptedData ::= SEQUENCE {
|
|
||||||
* etype[0] INTEGER, -- EncryptionType
|
|
||||||
* kvno[1] INTEGER OPTIONAL,
|
|
||||||
* cipher[2] OCTET STRING -- ciphertext
|
|
||||||
* }
|
|
||||||
*/
|
|
||||||
typedef struct krb5_encdata_st {
|
|
||||||
ASN1_INTEGER *etype;
|
|
||||||
ASN1_INTEGER *kvno;
|
|
||||||
ASN1_OCTET_STRING *cipher;
|
|
||||||
} KRB5_ENCDATA;
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(KRB5_ENCDATA)
|
|
||||||
|
|
||||||
/*- PrincipalName ::= SEQUENCE {
|
|
||||||
* name-type[0] INTEGER,
|
|
||||||
* name-string[1] SEQUENCE OF GeneralString
|
|
||||||
* }
|
|
||||||
*/
|
|
||||||
typedef struct krb5_princname_st {
|
|
||||||
ASN1_INTEGER *nametype;
|
|
||||||
STACK_OF(ASN1_GENERALSTRING) *namestring;
|
|
||||||
} KRB5_PRINCNAME;
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(KRB5_PRINCNAME)
|
|
||||||
|
|
||||||
/*- Ticket ::= [APPLICATION 1] SEQUENCE {
|
|
||||||
* tkt-vno[0] INTEGER,
|
|
||||||
* realm[1] Realm,
|
|
||||||
* sname[2] PrincipalName,
|
|
||||||
* enc-part[3] EncryptedData
|
|
||||||
* }
|
|
||||||
*/
|
|
||||||
typedef struct krb5_tktbody_st {
|
|
||||||
ASN1_INTEGER *tktvno;
|
|
||||||
ASN1_GENERALSTRING *realm;
|
|
||||||
KRB5_PRINCNAME *sname;
|
|
||||||
KRB5_ENCDATA *encdata;
|
|
||||||
} KRB5_TKTBODY;
|
|
||||||
|
|
||||||
typedef STACK_OF(KRB5_TKTBODY) KRB5_TICKET;
|
|
||||||
DECLARE_STACK_OF(KRB5_TKTBODY)
|
|
||||||
|
|
||||||
/*- AP-REQ ::= [APPLICATION 14] SEQUENCE {
|
|
||||||
* pvno[0] INTEGER,
|
|
||||||
* msg-type[1] INTEGER,
|
|
||||||
* ap-options[2] APOptions,
|
|
||||||
* ticket[3] Ticket,
|
|
||||||
* authenticator[4] EncryptedData
|
|
||||||
* }
|
|
||||||
*
|
|
||||||
* APOptions ::= BIT STRING {
|
|
||||||
* reserved(0), use-session-key(1), mutual-required(2) }
|
|
||||||
*/
|
|
||||||
typedef struct krb5_ap_req_st {
|
|
||||||
ASN1_INTEGER *pvno;
|
|
||||||
ASN1_INTEGER *msgtype;
|
|
||||||
ASN1_BIT_STRING *apoptions;
|
|
||||||
KRB5_TICKET *ticket;
|
|
||||||
KRB5_ENCDATA *authenticator;
|
|
||||||
} KRB5_APREQBODY;
|
|
||||||
|
|
||||||
typedef STACK_OF(KRB5_APREQBODY) KRB5_APREQ;
|
|
||||||
DECLARE_STACK_OF(KRB5_APREQBODY)
|
|
||||||
|
|
||||||
/* Authenticator Stuff */
|
|
||||||
|
|
||||||
/*- Checksum ::= SEQUENCE {
|
|
||||||
* cksumtype[0] INTEGER,
|
|
||||||
* checksum[1] OCTET STRING
|
|
||||||
* }
|
|
||||||
*/
|
|
||||||
typedef struct krb5_checksum_st {
|
|
||||||
ASN1_INTEGER *ctype;
|
|
||||||
ASN1_OCTET_STRING *checksum;
|
|
||||||
} KRB5_CHECKSUM;
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(KRB5_CHECKSUM)
|
|
||||||
|
|
||||||
/*- EncryptionKey ::= SEQUENCE {
|
|
||||||
* keytype[0] INTEGER,
|
|
||||||
* keyvalue[1] OCTET STRING
|
|
||||||
* }
|
|
||||||
*/
|
|
||||||
typedef struct krb5_encryptionkey_st {
|
|
||||||
ASN1_INTEGER *ktype;
|
|
||||||
ASN1_OCTET_STRING *keyvalue;
|
|
||||||
} KRB5_ENCKEY;
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(KRB5_ENCKEY)
|
|
||||||
|
|
||||||
/*- AuthorizationData ::= SEQUENCE OF SEQUENCE {
|
|
||||||
* ad-type[0] INTEGER,
|
|
||||||
* ad-data[1] OCTET STRING
|
|
||||||
* }
|
|
||||||
*/
|
|
||||||
typedef struct krb5_authorization_st {
|
|
||||||
ASN1_INTEGER *adtype;
|
|
||||||
ASN1_OCTET_STRING *addata;
|
|
||||||
} KRB5_AUTHDATA;
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(KRB5_AUTHDATA)
|
|
||||||
|
|
||||||
/*- -- Unencrypted authenticator
|
|
||||||
* Authenticator ::= [APPLICATION 2] SEQUENCE {
|
|
||||||
* authenticator-vno[0] INTEGER,
|
|
||||||
* crealm[1] Realm,
|
|
||||||
* cname[2] PrincipalName,
|
|
||||||
* cksum[3] Checksum OPTIONAL,
|
|
||||||
* cusec[4] INTEGER,
|
|
||||||
* ctime[5] KerberosTime,
|
|
||||||
* subkey[6] EncryptionKey OPTIONAL,
|
|
||||||
* seq-number[7] INTEGER OPTIONAL,
|
|
||||||
* authorization-data[8] AuthorizationData OPTIONAL
|
|
||||||
* }
|
|
||||||
*/
|
|
||||||
typedef struct krb5_authenticator_st {
|
|
||||||
ASN1_INTEGER *avno;
|
|
||||||
ASN1_GENERALSTRING *crealm;
|
|
||||||
KRB5_PRINCNAME *cname;
|
|
||||||
KRB5_CHECKSUM *cksum;
|
|
||||||
ASN1_INTEGER *cusec;
|
|
||||||
ASN1_GENERALIZEDTIME *ctime;
|
|
||||||
KRB5_ENCKEY *subkey;
|
|
||||||
ASN1_INTEGER *seqnum;
|
|
||||||
KRB5_AUTHDATA *authorization;
|
|
||||||
} KRB5_AUTHENTBODY;
|
|
||||||
|
|
||||||
typedef STACK_OF(KRB5_AUTHENTBODY) KRB5_AUTHENT;
|
|
||||||
DECLARE_STACK_OF(KRB5_AUTHENTBODY)
|
|
||||||
|
|
||||||
/*- DECLARE_ASN1_FUNCTIONS(type) = DECLARE_ASN1_FUNCTIONS_name(type, type) =
|
|
||||||
* type *name##_new(void);
|
|
||||||
* void name##_free(type *a);
|
|
||||||
* DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) =
|
|
||||||
* DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) =
|
|
||||||
* type *d2i_##name(type **a, const unsigned char **in, long len);
|
|
||||||
* int i2d_##name(type *a, unsigned char **out);
|
|
||||||
* DECLARE_ASN1_ITEM(itname) = OPENSSL_EXTERN const ASN1_ITEM itname##_it
|
|
||||||
*/
|
|
||||||
|
|
||||||
DECLARE_ASN1_FUNCTIONS(KRB5_ENCDATA)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(KRB5_PRINCNAME)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(KRB5_TKTBODY)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(KRB5_APREQBODY)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(KRB5_TICKET)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(KRB5_APREQ)
|
|
||||||
|
|
||||||
DECLARE_ASN1_FUNCTIONS(KRB5_CHECKSUM)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(KRB5_ENCKEY)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(KRB5_AUTHDATA)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(KRB5_AUTHENTBODY)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(KRB5_AUTHENT)
|
|
||||||
|
|
||||||
/* BEGIN ERROR CODES */
|
|
||||||
/*
|
|
||||||
* The following lines are auto generated by the script mkerr.pl. Any changes
|
|
||||||
* made after this point may be overwritten when the script is next run.
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#endif
|
|
|
@ -1,119 +0,0 @@
|
||||||
/* crypto/md4/md4.h */
|
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
|
||||||
* All rights reserved.
|
|
||||||
*
|
|
||||||
* This package is an SSL implementation written
|
|
||||||
* by Eric Young (eay@cryptsoft.com).
|
|
||||||
* The implementation was written so as to conform with Netscapes SSL.
|
|
||||||
*
|
|
||||||
* This library is free for commercial and non-commercial use as long as
|
|
||||||
* the following conditions are aheared to. The following conditions
|
|
||||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
||||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
||||||
* included with this distribution is covered by the same copyright terms
|
|
||||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
||||||
* the code are not to be removed.
|
|
||||||
* If this package is used in a product, Eric Young should be given attribution
|
|
||||||
* as the author of the parts of the library used.
|
|
||||||
* This can be in the form of a textual message at program startup or
|
|
||||||
* in documentation (online or textual) provided with the package.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. All advertising materials mentioning features or use of this software
|
|
||||||
* must display the following acknowledgement:
|
|
||||||
* "This product includes cryptographic software written by
|
|
||||||
* Eric Young (eay@cryptsoft.com)"
|
|
||||||
* The word 'cryptographic' can be left out if the rouines from the library
|
|
||||||
* being used are not cryptographic related :-).
|
|
||||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
||||||
* the apps directory (application code) you must include an acknowledgement:
|
|
||||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
||||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
||||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
||||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
* SUCH DAMAGE.
|
|
||||||
*
|
|
||||||
* The licence and distribution terms for any publically available version or
|
|
||||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
||||||
* copied and put under another distribution licence
|
|
||||||
* [including the GNU Public Licence.]
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_MD4_H
|
|
||||||
# define HEADER_MD4_H
|
|
||||||
|
|
||||||
# include <openssl/e_os2.h>
|
|
||||||
# include <stddef.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
# ifdef OPENSSL_NO_MD4
|
|
||||||
# error MD4 is disabled.
|
|
||||||
# endif
|
|
||||||
|
|
||||||
/*-
|
|
||||||
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
|
||||||
* ! MD4_LONG has to be at least 32 bits wide. If it's wider, then !
|
|
||||||
* ! MD4_LONG_LOG2 has to be defined along. !
|
|
||||||
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
|
||||||
*/
|
|
||||||
|
|
||||||
# if defined(__LP32__)
|
|
||||||
# define MD4_LONG unsigned long
|
|
||||||
# elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
|
|
||||||
# define MD4_LONG unsigned long
|
|
||||||
# define MD4_LONG_LOG2 3
|
|
||||||
/*
|
|
||||||
* _CRAY note. I could declare short, but I have no idea what impact
|
|
||||||
* does it have on performance on none-T3E machines. I could declare
|
|
||||||
* int, but at least on C90 sizeof(int) can be chosen at compile time.
|
|
||||||
* So I've chosen long...
|
|
||||||
* <appro@fy.chalmers.se>
|
|
||||||
*/
|
|
||||||
# else
|
|
||||||
# define MD4_LONG unsigned int
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# define MD4_CBLOCK 64
|
|
||||||
# define MD4_LBLOCK (MD4_CBLOCK/4)
|
|
||||||
# define MD4_DIGEST_LENGTH 16
|
|
||||||
|
|
||||||
typedef struct MD4state_st {
|
|
||||||
MD4_LONG A, B, C, D;
|
|
||||||
MD4_LONG Nl, Nh;
|
|
||||||
MD4_LONG data[MD4_LBLOCK];
|
|
||||||
unsigned int num;
|
|
||||||
} MD4_CTX;
|
|
||||||
|
|
||||||
# ifdef OPENSSL_FIPS
|
|
||||||
int private_MD4_Init(MD4_CTX *c);
|
|
||||||
# endif
|
|
||||||
int MD4_Init(MD4_CTX *c);
|
|
||||||
int MD4_Update(MD4_CTX *c, const void *data, size_t len);
|
|
||||||
int MD4_Final(unsigned char *md, MD4_CTX *c);
|
|
||||||
unsigned char *MD4(const unsigned char *d, size_t n, unsigned char *md);
|
|
||||||
void MD4_Transform(MD4_CTX *c, const unsigned char *b);
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif
|
|
|
@ -1,119 +0,0 @@
|
||||||
/* crypto/md5/md5.h */
|
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
|
||||||
* All rights reserved.
|
|
||||||
*
|
|
||||||
* This package is an SSL implementation written
|
|
||||||
* by Eric Young (eay@cryptsoft.com).
|
|
||||||
* The implementation was written so as to conform with Netscapes SSL.
|
|
||||||
*
|
|
||||||
* This library is free for commercial and non-commercial use as long as
|
|
||||||
* the following conditions are aheared to. The following conditions
|
|
||||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
||||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
||||||
* included with this distribution is covered by the same copyright terms
|
|
||||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
||||||
* the code are not to be removed.
|
|
||||||
* If this package is used in a product, Eric Young should be given attribution
|
|
||||||
* as the author of the parts of the library used.
|
|
||||||
* This can be in the form of a textual message at program startup or
|
|
||||||
* in documentation (online or textual) provided with the package.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. All advertising materials mentioning features or use of this software
|
|
||||||
* must display the following acknowledgement:
|
|
||||||
* "This product includes cryptographic software written by
|
|
||||||
* Eric Young (eay@cryptsoft.com)"
|
|
||||||
* The word 'cryptographic' can be left out if the rouines from the library
|
|
||||||
* being used are not cryptographic related :-).
|
|
||||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
||||||
* the apps directory (application code) you must include an acknowledgement:
|
|
||||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
||||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
||||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
||||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
* SUCH DAMAGE.
|
|
||||||
*
|
|
||||||
* The licence and distribution terms for any publically available version or
|
|
||||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
||||||
* copied and put under another distribution licence
|
|
||||||
* [including the GNU Public Licence.]
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_MD5_H
|
|
||||||
# define HEADER_MD5_H
|
|
||||||
|
|
||||||
# include <openssl/e_os2.h>
|
|
||||||
# include <stddef.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
# ifdef OPENSSL_NO_MD5
|
|
||||||
# error MD5 is disabled.
|
|
||||||
# endif
|
|
||||||
|
|
||||||
/*
|
|
||||||
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
|
||||||
* ! MD5_LONG has to be at least 32 bits wide. If it's wider, then !
|
|
||||||
* ! MD5_LONG_LOG2 has to be defined along. !
|
|
||||||
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
|
||||||
*/
|
|
||||||
|
|
||||||
# if defined(__LP32__)
|
|
||||||
# define MD5_LONG unsigned long
|
|
||||||
# elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
|
|
||||||
# define MD5_LONG unsigned long
|
|
||||||
# define MD5_LONG_LOG2 3
|
|
||||||
/*
|
|
||||||
* _CRAY note. I could declare short, but I have no idea what impact
|
|
||||||
* does it have on performance on none-T3E machines. I could declare
|
|
||||||
* int, but at least on C90 sizeof(int) can be chosen at compile time.
|
|
||||||
* So I've chosen long...
|
|
||||||
* <appro@fy.chalmers.se>
|
|
||||||
*/
|
|
||||||
# else
|
|
||||||
# define MD5_LONG unsigned int
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# define MD5_CBLOCK 64
|
|
||||||
# define MD5_LBLOCK (MD5_CBLOCK/4)
|
|
||||||
# define MD5_DIGEST_LENGTH 16
|
|
||||||
|
|
||||||
typedef struct MD5state_st {
|
|
||||||
MD5_LONG A, B, C, D;
|
|
||||||
MD5_LONG Nl, Nh;
|
|
||||||
MD5_LONG data[MD5_LBLOCK];
|
|
||||||
unsigned int num;
|
|
||||||
} MD5_CTX;
|
|
||||||
|
|
||||||
# ifdef OPENSSL_FIPS
|
|
||||||
int private_MD5_Init(MD5_CTX *c);
|
|
||||||
# endif
|
|
||||||
int MD5_Init(MD5_CTX *c);
|
|
||||||
int MD5_Update(MD5_CTX *c, const void *data, size_t len);
|
|
||||||
int MD5_Final(unsigned char *md, MD5_CTX *c);
|
|
||||||
unsigned char *MD5(const unsigned char *d, size_t n, unsigned char *md);
|
|
||||||
void MD5_Transform(MD5_CTX *c, const unsigned char *b);
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif
|
|
|
@ -1,94 +0,0 @@
|
||||||
/* crypto/mdc2/mdc2.h */
|
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
|
||||||
* All rights reserved.
|
|
||||||
*
|
|
||||||
* This package is an SSL implementation written
|
|
||||||
* by Eric Young (eay@cryptsoft.com).
|
|
||||||
* The implementation was written so as to conform with Netscapes SSL.
|
|
||||||
*
|
|
||||||
* This library is free for commercial and non-commercial use as long as
|
|
||||||
* the following conditions are aheared to. The following conditions
|
|
||||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
||||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
||||||
* included with this distribution is covered by the same copyright terms
|
|
||||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
||||||
* the code are not to be removed.
|
|
||||||
* If this package is used in a product, Eric Young should be given attribution
|
|
||||||
* as the author of the parts of the library used.
|
|
||||||
* This can be in the form of a textual message at program startup or
|
|
||||||
* in documentation (online or textual) provided with the package.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. All advertising materials mentioning features or use of this software
|
|
||||||
* must display the following acknowledgement:
|
|
||||||
* "This product includes cryptographic software written by
|
|
||||||
* Eric Young (eay@cryptsoft.com)"
|
|
||||||
* The word 'cryptographic' can be left out if the rouines from the library
|
|
||||||
* being used are not cryptographic related :-).
|
|
||||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
||||||
* the apps directory (application code) you must include an acknowledgement:
|
|
||||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
||||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
||||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
||||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
* SUCH DAMAGE.
|
|
||||||
*
|
|
||||||
* The licence and distribution terms for any publically available version or
|
|
||||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
||||||
* copied and put under another distribution licence
|
|
||||||
* [including the GNU Public Licence.]
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_MDC2_H
|
|
||||||
# define HEADER_MDC2_H
|
|
||||||
|
|
||||||
# include <openssl/des.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
# ifdef OPENSSL_NO_MDC2
|
|
||||||
# error MDC2 is disabled.
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# define MDC2_BLOCK 8
|
|
||||||
# define MDC2_DIGEST_LENGTH 16
|
|
||||||
|
|
||||||
typedef struct mdc2_ctx_st {
|
|
||||||
unsigned int num;
|
|
||||||
unsigned char data[MDC2_BLOCK];
|
|
||||||
DES_cblock h, hh;
|
|
||||||
int pad_type; /* either 1 or 2, default 1 */
|
|
||||||
} MDC2_CTX;
|
|
||||||
|
|
||||||
# ifdef OPENSSL_FIPS
|
|
||||||
int private_MDC2_Init(MDC2_CTX *c);
|
|
||||||
# endif
|
|
||||||
int MDC2_Init(MDC2_CTX *c);
|
|
||||||
int MDC2_Update(MDC2_CTX *c, const unsigned char *data, size_t len);
|
|
||||||
int MDC2_Final(unsigned char *md, MDC2_CTX *c);
|
|
||||||
unsigned char *MDC2(const unsigned char *d, size_t n, unsigned char *md);
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif
|
|
|
@ -1,163 +0,0 @@
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 2008 The OpenSSL Project. All rights reserved.
|
|
||||||
*
|
|
||||||
* Rights for redistribution and usage in source and binary
|
|
||||||
* forms are granted according to the OpenSSL license.
|
|
||||||
*/
|
|
||||||
|
|
||||||
#include <stddef.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
typedef void (*block128_f) (const unsigned char in[16],
|
|
||||||
unsigned char out[16], const void *key);
|
|
||||||
|
|
||||||
typedef void (*cbc128_f) (const unsigned char *in, unsigned char *out,
|
|
||||||
size_t len, const void *key,
|
|
||||||
unsigned char ivec[16], int enc);
|
|
||||||
|
|
||||||
typedef void (*ctr128_f) (const unsigned char *in, unsigned char *out,
|
|
||||||
size_t blocks, const void *key,
|
|
||||||
const unsigned char ivec[16]);
|
|
||||||
|
|
||||||
typedef void (*ccm128_f) (const unsigned char *in, unsigned char *out,
|
|
||||||
size_t blocks, const void *key,
|
|
||||||
const unsigned char ivec[16],
|
|
||||||
unsigned char cmac[16]);
|
|
||||||
|
|
||||||
void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t len, const void *key,
|
|
||||||
unsigned char ivec[16], block128_f block);
|
|
||||||
void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t len, const void *key,
|
|
||||||
unsigned char ivec[16], block128_f block);
|
|
||||||
|
|
||||||
void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t len, const void *key,
|
|
||||||
unsigned char ivec[16],
|
|
||||||
unsigned char ecount_buf[16], unsigned int *num,
|
|
||||||
block128_f block);
|
|
||||||
|
|
||||||
void CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t len, const void *key,
|
|
||||||
unsigned char ivec[16],
|
|
||||||
unsigned char ecount_buf[16],
|
|
||||||
unsigned int *num, ctr128_f ctr);
|
|
||||||
|
|
||||||
void CRYPTO_ofb128_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t len, const void *key,
|
|
||||||
unsigned char ivec[16], int *num,
|
|
||||||
block128_f block);
|
|
||||||
|
|
||||||
void CRYPTO_cfb128_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t len, const void *key,
|
|
||||||
unsigned char ivec[16], int *num,
|
|
||||||
int enc, block128_f block);
|
|
||||||
void CRYPTO_cfb128_8_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t length, const void *key,
|
|
||||||
unsigned char ivec[16], int *num,
|
|
||||||
int enc, block128_f block);
|
|
||||||
void CRYPTO_cfb128_1_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t bits, const void *key,
|
|
||||||
unsigned char ivec[16], int *num,
|
|
||||||
int enc, block128_f block);
|
|
||||||
|
|
||||||
size_t CRYPTO_cts128_encrypt_block(const unsigned char *in,
|
|
||||||
unsigned char *out, size_t len,
|
|
||||||
const void *key, unsigned char ivec[16],
|
|
||||||
block128_f block);
|
|
||||||
size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t len, const void *key,
|
|
||||||
unsigned char ivec[16], cbc128_f cbc);
|
|
||||||
size_t CRYPTO_cts128_decrypt_block(const unsigned char *in,
|
|
||||||
unsigned char *out, size_t len,
|
|
||||||
const void *key, unsigned char ivec[16],
|
|
||||||
block128_f block);
|
|
||||||
size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t len, const void *key,
|
|
||||||
unsigned char ivec[16], cbc128_f cbc);
|
|
||||||
|
|
||||||
size_t CRYPTO_nistcts128_encrypt_block(const unsigned char *in,
|
|
||||||
unsigned char *out, size_t len,
|
|
||||||
const void *key,
|
|
||||||
unsigned char ivec[16],
|
|
||||||
block128_f block);
|
|
||||||
size_t CRYPTO_nistcts128_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t len, const void *key,
|
|
||||||
unsigned char ivec[16], cbc128_f cbc);
|
|
||||||
size_t CRYPTO_nistcts128_decrypt_block(const unsigned char *in,
|
|
||||||
unsigned char *out, size_t len,
|
|
||||||
const void *key,
|
|
||||||
unsigned char ivec[16],
|
|
||||||
block128_f block);
|
|
||||||
size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t len, const void *key,
|
|
||||||
unsigned char ivec[16], cbc128_f cbc);
|
|
||||||
|
|
||||||
typedef struct gcm128_context GCM128_CONTEXT;
|
|
||||||
|
|
||||||
GCM128_CONTEXT *CRYPTO_gcm128_new(void *key, block128_f block);
|
|
||||||
void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx, void *key, block128_f block);
|
|
||||||
void CRYPTO_gcm128_setiv(GCM128_CONTEXT *ctx, const unsigned char *iv,
|
|
||||||
size_t len);
|
|
||||||
int CRYPTO_gcm128_aad(GCM128_CONTEXT *ctx, const unsigned char *aad,
|
|
||||||
size_t len);
|
|
||||||
int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx,
|
|
||||||
const unsigned char *in, unsigned char *out,
|
|
||||||
size_t len);
|
|
||||||
int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx,
|
|
||||||
const unsigned char *in, unsigned char *out,
|
|
||||||
size_t len);
|
|
||||||
int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx,
|
|
||||||
const unsigned char *in, unsigned char *out,
|
|
||||||
size_t len, ctr128_f stream);
|
|
||||||
int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx,
|
|
||||||
const unsigned char *in, unsigned char *out,
|
|
||||||
size_t len, ctr128_f stream);
|
|
||||||
int CRYPTO_gcm128_finish(GCM128_CONTEXT *ctx, const unsigned char *tag,
|
|
||||||
size_t len);
|
|
||||||
void CRYPTO_gcm128_tag(GCM128_CONTEXT *ctx, unsigned char *tag, size_t len);
|
|
||||||
void CRYPTO_gcm128_release(GCM128_CONTEXT *ctx);
|
|
||||||
|
|
||||||
typedef struct ccm128_context CCM128_CONTEXT;
|
|
||||||
|
|
||||||
void CRYPTO_ccm128_init(CCM128_CONTEXT *ctx,
|
|
||||||
unsigned int M, unsigned int L, void *key,
|
|
||||||
block128_f block);
|
|
||||||
int CRYPTO_ccm128_setiv(CCM128_CONTEXT *ctx, const unsigned char *nonce,
|
|
||||||
size_t nlen, size_t mlen);
|
|
||||||
void CRYPTO_ccm128_aad(CCM128_CONTEXT *ctx, const unsigned char *aad,
|
|
||||||
size_t alen);
|
|
||||||
int CRYPTO_ccm128_encrypt(CCM128_CONTEXT *ctx, const unsigned char *inp,
|
|
||||||
unsigned char *out, size_t len);
|
|
||||||
int CRYPTO_ccm128_decrypt(CCM128_CONTEXT *ctx, const unsigned char *inp,
|
|
||||||
unsigned char *out, size_t len);
|
|
||||||
int CRYPTO_ccm128_encrypt_ccm64(CCM128_CONTEXT *ctx, const unsigned char *inp,
|
|
||||||
unsigned char *out, size_t len,
|
|
||||||
ccm128_f stream);
|
|
||||||
int CRYPTO_ccm128_decrypt_ccm64(CCM128_CONTEXT *ctx, const unsigned char *inp,
|
|
||||||
unsigned char *out, size_t len,
|
|
||||||
ccm128_f stream);
|
|
||||||
size_t CRYPTO_ccm128_tag(CCM128_CONTEXT *ctx, unsigned char *tag, size_t len);
|
|
||||||
|
|
||||||
typedef struct xts128_context XTS128_CONTEXT;
|
|
||||||
|
|
||||||
int CRYPTO_xts128_encrypt(const XTS128_CONTEXT *ctx,
|
|
||||||
const unsigned char iv[16],
|
|
||||||
const unsigned char *inp, unsigned char *out,
|
|
||||||
size_t len, int enc);
|
|
||||||
|
|
||||||
size_t CRYPTO_128_wrap(void *key, const unsigned char *iv,
|
|
||||||
unsigned char *out,
|
|
||||||
const unsigned char *in, size_t inlen,
|
|
||||||
block128_f block);
|
|
||||||
|
|
||||||
size_t CRYPTO_128_unwrap(void *key, const unsigned char *iv,
|
|
||||||
unsigned char *out,
|
|
||||||
const unsigned char *in, size_t inlen,
|
|
||||||
block128_f block);
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
|
@ -1,637 +0,0 @@
|
||||||
/* ocsp.h */
|
|
||||||
/*
|
|
||||||
* Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
|
|
||||||
* project.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/*
|
|
||||||
* History: This file was transfered to Richard Levitte from CertCo by Kathy
|
|
||||||
* Weinhold in mid-spring 2000 to be included in OpenSSL or released as a
|
|
||||||
* patch kit.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
*
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
*
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in
|
|
||||||
* the documentation and/or other materials provided with the
|
|
||||||
* distribution.
|
|
||||||
*
|
|
||||||
* 3. All advertising materials mentioning features or use of this
|
|
||||||
* software must display the following acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
|
||||||
*
|
|
||||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* prior written permission. For written permission, please contact
|
|
||||||
* openssl-core@openssl.org.
|
|
||||||
*
|
|
||||||
* 5. Products derived from this software may not be called "OpenSSL"
|
|
||||||
* nor may "OpenSSL" appear in their names without prior written
|
|
||||||
* permission of the OpenSSL Project.
|
|
||||||
*
|
|
||||||
* 6. Redistributions of any form whatsoever must retain the following
|
|
||||||
* acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
||||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
||||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
||||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
||||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
||||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
||||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
||||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
||||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
* ====================================================================
|
|
||||||
*
|
|
||||||
* This product includes cryptographic software written by Eric Young
|
|
||||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
|
||||||
* Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_OCSP_H
|
|
||||||
# define HEADER_OCSP_H
|
|
||||||
|
|
||||||
# include <openssl/ossl_typ.h>
|
|
||||||
# include <openssl/x509.h>
|
|
||||||
# include <openssl/x509v3.h>
|
|
||||||
# include <openssl/safestack.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* Various flags and values */
|
|
||||||
|
|
||||||
# define OCSP_DEFAULT_NONCE_LENGTH 16
|
|
||||||
|
|
||||||
# define OCSP_NOCERTS 0x1
|
|
||||||
# define OCSP_NOINTERN 0x2
|
|
||||||
# define OCSP_NOSIGS 0x4
|
|
||||||
# define OCSP_NOCHAIN 0x8
|
|
||||||
# define OCSP_NOVERIFY 0x10
|
|
||||||
# define OCSP_NOEXPLICIT 0x20
|
|
||||||
# define OCSP_NOCASIGN 0x40
|
|
||||||
# define OCSP_NODELEGATED 0x80
|
|
||||||
# define OCSP_NOCHECKS 0x100
|
|
||||||
# define OCSP_TRUSTOTHER 0x200
|
|
||||||
# define OCSP_RESPID_KEY 0x400
|
|
||||||
# define OCSP_NOTIME 0x800
|
|
||||||
|
|
||||||
/*- CertID ::= SEQUENCE {
|
|
||||||
* hashAlgorithm AlgorithmIdentifier,
|
|
||||||
* issuerNameHash OCTET STRING, -- Hash of Issuer's DN
|
|
||||||
* issuerKeyHash OCTET STRING, -- Hash of Issuers public key (excluding the tag & length fields)
|
|
||||||
* serialNumber CertificateSerialNumber }
|
|
||||||
*/
|
|
||||||
typedef struct ocsp_cert_id_st {
|
|
||||||
X509_ALGOR *hashAlgorithm;
|
|
||||||
ASN1_OCTET_STRING *issuerNameHash;
|
|
||||||
ASN1_OCTET_STRING *issuerKeyHash;
|
|
||||||
ASN1_INTEGER *serialNumber;
|
|
||||||
} OCSP_CERTID;
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(OCSP_CERTID)
|
|
||||||
|
|
||||||
/*- Request ::= SEQUENCE {
|
|
||||||
* reqCert CertID,
|
|
||||||
* singleRequestExtensions [0] EXPLICIT Extensions OPTIONAL }
|
|
||||||
*/
|
|
||||||
typedef struct ocsp_one_request_st {
|
|
||||||
OCSP_CERTID *reqCert;
|
|
||||||
STACK_OF(X509_EXTENSION) *singleRequestExtensions;
|
|
||||||
} OCSP_ONEREQ;
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(OCSP_ONEREQ)
|
|
||||||
DECLARE_ASN1_SET_OF(OCSP_ONEREQ)
|
|
||||||
|
|
||||||
/*- TBSRequest ::= SEQUENCE {
|
|
||||||
* version [0] EXPLICIT Version DEFAULT v1,
|
|
||||||
* requestorName [1] EXPLICIT GeneralName OPTIONAL,
|
|
||||||
* requestList SEQUENCE OF Request,
|
|
||||||
* requestExtensions [2] EXPLICIT Extensions OPTIONAL }
|
|
||||||
*/
|
|
||||||
typedef struct ocsp_req_info_st {
|
|
||||||
ASN1_INTEGER *version;
|
|
||||||
GENERAL_NAME *requestorName;
|
|
||||||
STACK_OF(OCSP_ONEREQ) *requestList;
|
|
||||||
STACK_OF(X509_EXTENSION) *requestExtensions;
|
|
||||||
} OCSP_REQINFO;
|
|
||||||
|
|
||||||
/*- Signature ::= SEQUENCE {
|
|
||||||
* signatureAlgorithm AlgorithmIdentifier,
|
|
||||||
* signature BIT STRING,
|
|
||||||
* certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
|
|
||||||
*/
|
|
||||||
typedef struct ocsp_signature_st {
|
|
||||||
X509_ALGOR *signatureAlgorithm;
|
|
||||||
ASN1_BIT_STRING *signature;
|
|
||||||
STACK_OF(X509) *certs;
|
|
||||||
} OCSP_SIGNATURE;
|
|
||||||
|
|
||||||
/*- OCSPRequest ::= SEQUENCE {
|
|
||||||
* tbsRequest TBSRequest,
|
|
||||||
* optionalSignature [0] EXPLICIT Signature OPTIONAL }
|
|
||||||
*/
|
|
||||||
typedef struct ocsp_request_st {
|
|
||||||
OCSP_REQINFO *tbsRequest;
|
|
||||||
OCSP_SIGNATURE *optionalSignature; /* OPTIONAL */
|
|
||||||
} OCSP_REQUEST;
|
|
||||||
|
|
||||||
/*- OCSPResponseStatus ::= ENUMERATED {
|
|
||||||
* successful (0), --Response has valid confirmations
|
|
||||||
* malformedRequest (1), --Illegal confirmation request
|
|
||||||
* internalError (2), --Internal error in issuer
|
|
||||||
* tryLater (3), --Try again later
|
|
||||||
* --(4) is not used
|
|
||||||
* sigRequired (5), --Must sign the request
|
|
||||||
* unauthorized (6) --Request unauthorized
|
|
||||||
* }
|
|
||||||
*/
|
|
||||||
# define OCSP_RESPONSE_STATUS_SUCCESSFUL 0
|
|
||||||
# define OCSP_RESPONSE_STATUS_MALFORMEDREQUEST 1
|
|
||||||
# define OCSP_RESPONSE_STATUS_INTERNALERROR 2
|
|
||||||
# define OCSP_RESPONSE_STATUS_TRYLATER 3
|
|
||||||
# define OCSP_RESPONSE_STATUS_SIGREQUIRED 5
|
|
||||||
# define OCSP_RESPONSE_STATUS_UNAUTHORIZED 6
|
|
||||||
|
|
||||||
/*- ResponseBytes ::= SEQUENCE {
|
|
||||||
* responseType OBJECT IDENTIFIER,
|
|
||||||
* response OCTET STRING }
|
|
||||||
*/
|
|
||||||
typedef struct ocsp_resp_bytes_st {
|
|
||||||
ASN1_OBJECT *responseType;
|
|
||||||
ASN1_OCTET_STRING *response;
|
|
||||||
} OCSP_RESPBYTES;
|
|
||||||
|
|
||||||
/*- OCSPResponse ::= SEQUENCE {
|
|
||||||
* responseStatus OCSPResponseStatus,
|
|
||||||
* responseBytes [0] EXPLICIT ResponseBytes OPTIONAL }
|
|
||||||
*/
|
|
||||||
struct ocsp_response_st {
|
|
||||||
ASN1_ENUMERATED *responseStatus;
|
|
||||||
OCSP_RESPBYTES *responseBytes;
|
|
||||||
};
|
|
||||||
|
|
||||||
/*- ResponderID ::= CHOICE {
|
|
||||||
* byName [1] Name,
|
|
||||||
* byKey [2] KeyHash }
|
|
||||||
*/
|
|
||||||
# define V_OCSP_RESPID_NAME 0
|
|
||||||
# define V_OCSP_RESPID_KEY 1
|
|
||||||
struct ocsp_responder_id_st {
|
|
||||||
int type;
|
|
||||||
union {
|
|
||||||
X509_NAME *byName;
|
|
||||||
ASN1_OCTET_STRING *byKey;
|
|
||||||
} value;
|
|
||||||
};
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(OCSP_RESPID)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(OCSP_RESPID)
|
|
||||||
|
|
||||||
/*- KeyHash ::= OCTET STRING --SHA-1 hash of responder's public key
|
|
||||||
* --(excluding the tag and length fields)
|
|
||||||
*/
|
|
||||||
|
|
||||||
/*- RevokedInfo ::= SEQUENCE {
|
|
||||||
* revocationTime GeneralizedTime,
|
|
||||||
* revocationReason [0] EXPLICIT CRLReason OPTIONAL }
|
|
||||||
*/
|
|
||||||
typedef struct ocsp_revoked_info_st {
|
|
||||||
ASN1_GENERALIZEDTIME *revocationTime;
|
|
||||||
ASN1_ENUMERATED *revocationReason;
|
|
||||||
} OCSP_REVOKEDINFO;
|
|
||||||
|
|
||||||
/*- CertStatus ::= CHOICE {
|
|
||||||
* good [0] IMPLICIT NULL,
|
|
||||||
* revoked [1] IMPLICIT RevokedInfo,
|
|
||||||
* unknown [2] IMPLICIT UnknownInfo }
|
|
||||||
*/
|
|
||||||
# define V_OCSP_CERTSTATUS_GOOD 0
|
|
||||||
# define V_OCSP_CERTSTATUS_REVOKED 1
|
|
||||||
# define V_OCSP_CERTSTATUS_UNKNOWN 2
|
|
||||||
typedef struct ocsp_cert_status_st {
|
|
||||||
int type;
|
|
||||||
union {
|
|
||||||
ASN1_NULL *good;
|
|
||||||
OCSP_REVOKEDINFO *revoked;
|
|
||||||
ASN1_NULL *unknown;
|
|
||||||
} value;
|
|
||||||
} OCSP_CERTSTATUS;
|
|
||||||
|
|
||||||
/*- SingleResponse ::= SEQUENCE {
|
|
||||||
* certID CertID,
|
|
||||||
* certStatus CertStatus,
|
|
||||||
* thisUpdate GeneralizedTime,
|
|
||||||
* nextUpdate [0] EXPLICIT GeneralizedTime OPTIONAL,
|
|
||||||
* singleExtensions [1] EXPLICIT Extensions OPTIONAL }
|
|
||||||
*/
|
|
||||||
typedef struct ocsp_single_response_st {
|
|
||||||
OCSP_CERTID *certId;
|
|
||||||
OCSP_CERTSTATUS *certStatus;
|
|
||||||
ASN1_GENERALIZEDTIME *thisUpdate;
|
|
||||||
ASN1_GENERALIZEDTIME *nextUpdate;
|
|
||||||
STACK_OF(X509_EXTENSION) *singleExtensions;
|
|
||||||
} OCSP_SINGLERESP;
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(OCSP_SINGLERESP)
|
|
||||||
DECLARE_ASN1_SET_OF(OCSP_SINGLERESP)
|
|
||||||
|
|
||||||
/*- ResponseData ::= SEQUENCE {
|
|
||||||
* version [0] EXPLICIT Version DEFAULT v1,
|
|
||||||
* responderID ResponderID,
|
|
||||||
* producedAt GeneralizedTime,
|
|
||||||
* responses SEQUENCE OF SingleResponse,
|
|
||||||
* responseExtensions [1] EXPLICIT Extensions OPTIONAL }
|
|
||||||
*/
|
|
||||||
typedef struct ocsp_response_data_st {
|
|
||||||
ASN1_INTEGER *version;
|
|
||||||
OCSP_RESPID *responderId;
|
|
||||||
ASN1_GENERALIZEDTIME *producedAt;
|
|
||||||
STACK_OF(OCSP_SINGLERESP) *responses;
|
|
||||||
STACK_OF(X509_EXTENSION) *responseExtensions;
|
|
||||||
} OCSP_RESPDATA;
|
|
||||||
|
|
||||||
/*- BasicOCSPResponse ::= SEQUENCE {
|
|
||||||
* tbsResponseData ResponseData,
|
|
||||||
* signatureAlgorithm AlgorithmIdentifier,
|
|
||||||
* signature BIT STRING,
|
|
||||||
* certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
|
|
||||||
*/
|
|
||||||
/*
|
|
||||||
* Note 1: The value for "signature" is specified in the OCSP rfc2560 as
|
|
||||||
* follows: "The value for the signature SHALL be computed on the hash of
|
|
||||||
* the DER encoding ResponseData." This means that you must hash the
|
|
||||||
* DER-encoded tbsResponseData, and then run it through a crypto-signing
|
|
||||||
* function, which will (at least w/RSA) do a hash-'n'-private-encrypt
|
|
||||||
* operation. This seems a bit odd, but that's the spec. Also note that
|
|
||||||
* the data structures do not leave anywhere to independently specify the
|
|
||||||
* algorithm used for the initial hash. So, we look at the
|
|
||||||
* signature-specification algorithm, and try to do something intelligent.
|
|
||||||
* -- Kathy Weinhold, CertCo
|
|
||||||
*/
|
|
||||||
/*
|
|
||||||
* Note 2: It seems that the mentioned passage from RFC 2560 (section
|
|
||||||
* 4.2.1) is open for interpretation. I've done tests against another
|
|
||||||
* responder, and found that it doesn't do the double hashing that the RFC
|
|
||||||
* seems to say one should. Therefore, all relevant functions take a flag
|
|
||||||
* saying which variant should be used. -- Richard Levitte, OpenSSL team
|
|
||||||
* and CeloCom
|
|
||||||
*/
|
|
||||||
typedef struct ocsp_basic_response_st {
|
|
||||||
OCSP_RESPDATA *tbsResponseData;
|
|
||||||
X509_ALGOR *signatureAlgorithm;
|
|
||||||
ASN1_BIT_STRING *signature;
|
|
||||||
STACK_OF(X509) *certs;
|
|
||||||
} OCSP_BASICRESP;
|
|
||||||
|
|
||||||
/*-
|
|
||||||
* CRLReason ::= ENUMERATED {
|
|
||||||
* unspecified (0),
|
|
||||||
* keyCompromise (1),
|
|
||||||
* cACompromise (2),
|
|
||||||
* affiliationChanged (3),
|
|
||||||
* superseded (4),
|
|
||||||
* cessationOfOperation (5),
|
|
||||||
* certificateHold (6),
|
|
||||||
* removeFromCRL (8) }
|
|
||||||
*/
|
|
||||||
# define OCSP_REVOKED_STATUS_NOSTATUS -1
|
|
||||||
# define OCSP_REVOKED_STATUS_UNSPECIFIED 0
|
|
||||||
# define OCSP_REVOKED_STATUS_KEYCOMPROMISE 1
|
|
||||||
# define OCSP_REVOKED_STATUS_CACOMPROMISE 2
|
|
||||||
# define OCSP_REVOKED_STATUS_AFFILIATIONCHANGED 3
|
|
||||||
# define OCSP_REVOKED_STATUS_SUPERSEDED 4
|
|
||||||
# define OCSP_REVOKED_STATUS_CESSATIONOFOPERATION 5
|
|
||||||
# define OCSP_REVOKED_STATUS_CERTIFICATEHOLD 6
|
|
||||||
# define OCSP_REVOKED_STATUS_REMOVEFROMCRL 8
|
|
||||||
|
|
||||||
/*-
|
|
||||||
* CrlID ::= SEQUENCE {
|
|
||||||
* crlUrl [0] EXPLICIT IA5String OPTIONAL,
|
|
||||||
* crlNum [1] EXPLICIT INTEGER OPTIONAL,
|
|
||||||
* crlTime [2] EXPLICIT GeneralizedTime OPTIONAL }
|
|
||||||
*/
|
|
||||||
typedef struct ocsp_crl_id_st {
|
|
||||||
ASN1_IA5STRING *crlUrl;
|
|
||||||
ASN1_INTEGER *crlNum;
|
|
||||||
ASN1_GENERALIZEDTIME *crlTime;
|
|
||||||
} OCSP_CRLID;
|
|
||||||
|
|
||||||
/*-
|
|
||||||
* ServiceLocator ::= SEQUENCE {
|
|
||||||
* issuer Name,
|
|
||||||
* locator AuthorityInfoAccessSyntax OPTIONAL }
|
|
||||||
*/
|
|
||||||
typedef struct ocsp_service_locator_st {
|
|
||||||
X509_NAME *issuer;
|
|
||||||
STACK_OF(ACCESS_DESCRIPTION) *locator;
|
|
||||||
} OCSP_SERVICELOC;
|
|
||||||
|
|
||||||
# define PEM_STRING_OCSP_REQUEST "OCSP REQUEST"
|
|
||||||
# define PEM_STRING_OCSP_RESPONSE "OCSP RESPONSE"
|
|
||||||
|
|
||||||
# define d2i_OCSP_REQUEST_bio(bp,p) ASN1_d2i_bio_of(OCSP_REQUEST,OCSP_REQUEST_new,d2i_OCSP_REQUEST,bp,p)
|
|
||||||
|
|
||||||
# define d2i_OCSP_RESPONSE_bio(bp,p) ASN1_d2i_bio_of(OCSP_RESPONSE,OCSP_RESPONSE_new,d2i_OCSP_RESPONSE,bp,p)
|
|
||||||
|
|
||||||
# define PEM_read_bio_OCSP_REQUEST(bp,x,cb) (OCSP_REQUEST *)PEM_ASN1_read_bio( \
|
|
||||||
(char *(*)())d2i_OCSP_REQUEST,PEM_STRING_OCSP_REQUEST,bp,(char **)x,cb,NULL)
|
|
||||||
|
|
||||||
# define PEM_read_bio_OCSP_RESPONSE(bp,x,cb)(OCSP_RESPONSE *)PEM_ASN1_read_bio(\
|
|
||||||
(char *(*)())d2i_OCSP_RESPONSE,PEM_STRING_OCSP_RESPONSE,bp,(char **)x,cb,NULL)
|
|
||||||
|
|
||||||
# define PEM_write_bio_OCSP_REQUEST(bp,o) \
|
|
||||||
PEM_ASN1_write_bio((int (*)())i2d_OCSP_REQUEST,PEM_STRING_OCSP_REQUEST,\
|
|
||||||
bp,(char *)o, NULL,NULL,0,NULL,NULL)
|
|
||||||
|
|
||||||
# define PEM_write_bio_OCSP_RESPONSE(bp,o) \
|
|
||||||
PEM_ASN1_write_bio((int (*)())i2d_OCSP_RESPONSE,PEM_STRING_OCSP_RESPONSE,\
|
|
||||||
bp,(char *)o, NULL,NULL,0,NULL,NULL)
|
|
||||||
|
|
||||||
# define i2d_OCSP_RESPONSE_bio(bp,o) ASN1_i2d_bio_of(OCSP_RESPONSE,i2d_OCSP_RESPONSE,bp,o)
|
|
||||||
|
|
||||||
# define i2d_OCSP_REQUEST_bio(bp,o) ASN1_i2d_bio_of(OCSP_REQUEST,i2d_OCSP_REQUEST,bp,o)
|
|
||||||
|
|
||||||
# define OCSP_REQUEST_sign(o,pkey,md) \
|
|
||||||
ASN1_item_sign(ASN1_ITEM_rptr(OCSP_REQINFO),\
|
|
||||||
o->optionalSignature->signatureAlgorithm,NULL,\
|
|
||||||
o->optionalSignature->signature,o->tbsRequest,pkey,md)
|
|
||||||
|
|
||||||
# define OCSP_BASICRESP_sign(o,pkey,md,d) \
|
|
||||||
ASN1_item_sign(ASN1_ITEM_rptr(OCSP_RESPDATA),o->signatureAlgorithm,NULL,\
|
|
||||||
o->signature,o->tbsResponseData,pkey,md)
|
|
||||||
|
|
||||||
# define OCSP_REQUEST_verify(a,r) ASN1_item_verify(ASN1_ITEM_rptr(OCSP_REQINFO),\
|
|
||||||
a->optionalSignature->signatureAlgorithm,\
|
|
||||||
a->optionalSignature->signature,a->tbsRequest,r)
|
|
||||||
|
|
||||||
# define OCSP_BASICRESP_verify(a,r,d) ASN1_item_verify(ASN1_ITEM_rptr(OCSP_RESPDATA),\
|
|
||||||
a->signatureAlgorithm,a->signature,a->tbsResponseData,r)
|
|
||||||
|
|
||||||
# define ASN1_BIT_STRING_digest(data,type,md,len) \
|
|
||||||
ASN1_item_digest(ASN1_ITEM_rptr(ASN1_BIT_STRING),type,data,md,len)
|
|
||||||
|
|
||||||
# define OCSP_CERTSTATUS_dup(cs)\
|
|
||||||
(OCSP_CERTSTATUS*)ASN1_dup((int(*)())i2d_OCSP_CERTSTATUS,\
|
|
||||||
(char *(*)())d2i_OCSP_CERTSTATUS,(char *)(cs))
|
|
||||||
|
|
||||||
OCSP_CERTID *OCSP_CERTID_dup(OCSP_CERTID *id);
|
|
||||||
|
|
||||||
OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, const char *path, OCSP_REQUEST *req);
|
|
||||||
OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, const char *path, OCSP_REQUEST *req,
|
|
||||||
int maxline);
|
|
||||||
int OCSP_REQ_CTX_nbio(OCSP_REQ_CTX *rctx);
|
|
||||||
int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx);
|
|
||||||
OCSP_REQ_CTX *OCSP_REQ_CTX_new(BIO *io, int maxline);
|
|
||||||
void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx);
|
|
||||||
void OCSP_set_max_response_length(OCSP_REQ_CTX *rctx, unsigned long len);
|
|
||||||
int OCSP_REQ_CTX_i2d(OCSP_REQ_CTX *rctx, const ASN1_ITEM *it,
|
|
||||||
ASN1_VALUE *val);
|
|
||||||
int OCSP_REQ_CTX_nbio_d2i(OCSP_REQ_CTX *rctx, ASN1_VALUE **pval,
|
|
||||||
const ASN1_ITEM *it);
|
|
||||||
BIO *OCSP_REQ_CTX_get0_mem_bio(OCSP_REQ_CTX *rctx);
|
|
||||||
int OCSP_REQ_CTX_i2d(OCSP_REQ_CTX *rctx, const ASN1_ITEM *it,
|
|
||||||
ASN1_VALUE *val);
|
|
||||||
int OCSP_REQ_CTX_http(OCSP_REQ_CTX *rctx, const char *op, const char *path);
|
|
||||||
int OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, OCSP_REQUEST *req);
|
|
||||||
int OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx,
|
|
||||||
const char *name, const char *value);
|
|
||||||
|
|
||||||
OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, X509 *subject, X509 *issuer);
|
|
||||||
|
|
||||||
OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst,
|
|
||||||
X509_NAME *issuerName,
|
|
||||||
ASN1_BIT_STRING *issuerKey,
|
|
||||||
ASN1_INTEGER *serialNumber);
|
|
||||||
|
|
||||||
OCSP_ONEREQ *OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid);
|
|
||||||
|
|
||||||
int OCSP_request_add1_nonce(OCSP_REQUEST *req, unsigned char *val, int len);
|
|
||||||
int OCSP_basic_add1_nonce(OCSP_BASICRESP *resp, unsigned char *val, int len);
|
|
||||||
int OCSP_check_nonce(OCSP_REQUEST *req, OCSP_BASICRESP *bs);
|
|
||||||
int OCSP_copy_nonce(OCSP_BASICRESP *resp, OCSP_REQUEST *req);
|
|
||||||
|
|
||||||
int OCSP_request_set1_name(OCSP_REQUEST *req, X509_NAME *nm);
|
|
||||||
int OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert);
|
|
||||||
|
|
||||||
int OCSP_request_sign(OCSP_REQUEST *req,
|
|
||||||
X509 *signer,
|
|
||||||
EVP_PKEY *key,
|
|
||||||
const EVP_MD *dgst,
|
|
||||||
STACK_OF(X509) *certs, unsigned long flags);
|
|
||||||
|
|
||||||
int OCSP_response_status(OCSP_RESPONSE *resp);
|
|
||||||
OCSP_BASICRESP *OCSP_response_get1_basic(OCSP_RESPONSE *resp);
|
|
||||||
|
|
||||||
int OCSP_resp_count(OCSP_BASICRESP *bs);
|
|
||||||
OCSP_SINGLERESP *OCSP_resp_get0(OCSP_BASICRESP *bs, int idx);
|
|
||||||
int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last);
|
|
||||||
int OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason,
|
|
||||||
ASN1_GENERALIZEDTIME **revtime,
|
|
||||||
ASN1_GENERALIZEDTIME **thisupd,
|
|
||||||
ASN1_GENERALIZEDTIME **nextupd);
|
|
||||||
int OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status,
|
|
||||||
int *reason,
|
|
||||||
ASN1_GENERALIZEDTIME **revtime,
|
|
||||||
ASN1_GENERALIZEDTIME **thisupd,
|
|
||||||
ASN1_GENERALIZEDTIME **nextupd);
|
|
||||||
int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd,
|
|
||||||
ASN1_GENERALIZEDTIME *nextupd, long sec, long maxsec);
|
|
||||||
|
|
||||||
int OCSP_request_verify(OCSP_REQUEST *req, STACK_OF(X509) *certs,
|
|
||||||
X509_STORE *store, unsigned long flags);
|
|
||||||
|
|
||||||
int OCSP_parse_url(const char *url, char **phost, char **pport, char **ppath,
|
|
||||||
int *pssl);
|
|
||||||
|
|
||||||
int OCSP_id_issuer_cmp(OCSP_CERTID *a, OCSP_CERTID *b);
|
|
||||||
int OCSP_id_cmp(OCSP_CERTID *a, OCSP_CERTID *b);
|
|
||||||
|
|
||||||
int OCSP_request_onereq_count(OCSP_REQUEST *req);
|
|
||||||
OCSP_ONEREQ *OCSP_request_onereq_get0(OCSP_REQUEST *req, int i);
|
|
||||||
OCSP_CERTID *OCSP_onereq_get0_id(OCSP_ONEREQ *one);
|
|
||||||
int OCSP_id_get0_info(ASN1_OCTET_STRING **piNameHash, ASN1_OBJECT **pmd,
|
|
||||||
ASN1_OCTET_STRING **pikeyHash,
|
|
||||||
ASN1_INTEGER **pserial, OCSP_CERTID *cid);
|
|
||||||
int OCSP_request_is_signed(OCSP_REQUEST *req);
|
|
||||||
OCSP_RESPONSE *OCSP_response_create(int status, OCSP_BASICRESP *bs);
|
|
||||||
OCSP_SINGLERESP *OCSP_basic_add1_status(OCSP_BASICRESP *rsp,
|
|
||||||
OCSP_CERTID *cid,
|
|
||||||
int status, int reason,
|
|
||||||
ASN1_TIME *revtime,
|
|
||||||
ASN1_TIME *thisupd,
|
|
||||||
ASN1_TIME *nextupd);
|
|
||||||
int OCSP_basic_add1_cert(OCSP_BASICRESP *resp, X509 *cert);
|
|
||||||
int OCSP_basic_sign(OCSP_BASICRESP *brsp,
|
|
||||||
X509 *signer, EVP_PKEY *key, const EVP_MD *dgst,
|
|
||||||
STACK_OF(X509) *certs, unsigned long flags);
|
|
||||||
|
|
||||||
X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim);
|
|
||||||
|
|
||||||
X509_EXTENSION *OCSP_accept_responses_new(char **oids);
|
|
||||||
|
|
||||||
X509_EXTENSION *OCSP_archive_cutoff_new(char *tim);
|
|
||||||
|
|
||||||
X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME *issuer, char **urls);
|
|
||||||
|
|
||||||
int OCSP_REQUEST_get_ext_count(OCSP_REQUEST *x);
|
|
||||||
int OCSP_REQUEST_get_ext_by_NID(OCSP_REQUEST *x, int nid, int lastpos);
|
|
||||||
int OCSP_REQUEST_get_ext_by_OBJ(OCSP_REQUEST *x, ASN1_OBJECT *obj,
|
|
||||||
int lastpos);
|
|
||||||
int OCSP_REQUEST_get_ext_by_critical(OCSP_REQUEST *x, int crit, int lastpos);
|
|
||||||
X509_EXTENSION *OCSP_REQUEST_get_ext(OCSP_REQUEST *x, int loc);
|
|
||||||
X509_EXTENSION *OCSP_REQUEST_delete_ext(OCSP_REQUEST *x, int loc);
|
|
||||||
void *OCSP_REQUEST_get1_ext_d2i(OCSP_REQUEST *x, int nid, int *crit,
|
|
||||||
int *idx);
|
|
||||||
int OCSP_REQUEST_add1_ext_i2d(OCSP_REQUEST *x, int nid, void *value, int crit,
|
|
||||||
unsigned long flags);
|
|
||||||
int OCSP_REQUEST_add_ext(OCSP_REQUEST *x, X509_EXTENSION *ex, int loc);
|
|
||||||
|
|
||||||
int OCSP_ONEREQ_get_ext_count(OCSP_ONEREQ *x);
|
|
||||||
int OCSP_ONEREQ_get_ext_by_NID(OCSP_ONEREQ *x, int nid, int lastpos);
|
|
||||||
int OCSP_ONEREQ_get_ext_by_OBJ(OCSP_ONEREQ *x, ASN1_OBJECT *obj, int lastpos);
|
|
||||||
int OCSP_ONEREQ_get_ext_by_critical(OCSP_ONEREQ *x, int crit, int lastpos);
|
|
||||||
X509_EXTENSION *OCSP_ONEREQ_get_ext(OCSP_ONEREQ *x, int loc);
|
|
||||||
X509_EXTENSION *OCSP_ONEREQ_delete_ext(OCSP_ONEREQ *x, int loc);
|
|
||||||
void *OCSP_ONEREQ_get1_ext_d2i(OCSP_ONEREQ *x, int nid, int *crit, int *idx);
|
|
||||||
int OCSP_ONEREQ_add1_ext_i2d(OCSP_ONEREQ *x, int nid, void *value, int crit,
|
|
||||||
unsigned long flags);
|
|
||||||
int OCSP_ONEREQ_add_ext(OCSP_ONEREQ *x, X509_EXTENSION *ex, int loc);
|
|
||||||
|
|
||||||
int OCSP_BASICRESP_get_ext_count(OCSP_BASICRESP *x);
|
|
||||||
int OCSP_BASICRESP_get_ext_by_NID(OCSP_BASICRESP *x, int nid, int lastpos);
|
|
||||||
int OCSP_BASICRESP_get_ext_by_OBJ(OCSP_BASICRESP *x, ASN1_OBJECT *obj,
|
|
||||||
int lastpos);
|
|
||||||
int OCSP_BASICRESP_get_ext_by_critical(OCSP_BASICRESP *x, int crit,
|
|
||||||
int lastpos);
|
|
||||||
X509_EXTENSION *OCSP_BASICRESP_get_ext(OCSP_BASICRESP *x, int loc);
|
|
||||||
X509_EXTENSION *OCSP_BASICRESP_delete_ext(OCSP_BASICRESP *x, int loc);
|
|
||||||
void *OCSP_BASICRESP_get1_ext_d2i(OCSP_BASICRESP *x, int nid, int *crit,
|
|
||||||
int *idx);
|
|
||||||
int OCSP_BASICRESP_add1_ext_i2d(OCSP_BASICRESP *x, int nid, void *value,
|
|
||||||
int crit, unsigned long flags);
|
|
||||||
int OCSP_BASICRESP_add_ext(OCSP_BASICRESP *x, X509_EXTENSION *ex, int loc);
|
|
||||||
|
|
||||||
int OCSP_SINGLERESP_get_ext_count(OCSP_SINGLERESP *x);
|
|
||||||
int OCSP_SINGLERESP_get_ext_by_NID(OCSP_SINGLERESP *x, int nid, int lastpos);
|
|
||||||
int OCSP_SINGLERESP_get_ext_by_OBJ(OCSP_SINGLERESP *x, ASN1_OBJECT *obj,
|
|
||||||
int lastpos);
|
|
||||||
int OCSP_SINGLERESP_get_ext_by_critical(OCSP_SINGLERESP *x, int crit,
|
|
||||||
int lastpos);
|
|
||||||
X509_EXTENSION *OCSP_SINGLERESP_get_ext(OCSP_SINGLERESP *x, int loc);
|
|
||||||
X509_EXTENSION *OCSP_SINGLERESP_delete_ext(OCSP_SINGLERESP *x, int loc);
|
|
||||||
void *OCSP_SINGLERESP_get1_ext_d2i(OCSP_SINGLERESP *x, int nid, int *crit,
|
|
||||||
int *idx);
|
|
||||||
int OCSP_SINGLERESP_add1_ext_i2d(OCSP_SINGLERESP *x, int nid, void *value,
|
|
||||||
int crit, unsigned long flags);
|
|
||||||
int OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, int loc);
|
|
||||||
|
|
||||||
DECLARE_ASN1_FUNCTIONS(OCSP_SINGLERESP)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(OCSP_CERTSTATUS)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(OCSP_REVOKEDINFO)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(OCSP_BASICRESP)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(OCSP_RESPDATA)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(OCSP_RESPID)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(OCSP_RESPONSE)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(OCSP_RESPBYTES)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(OCSP_ONEREQ)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(OCSP_CERTID)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(OCSP_REQUEST)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(OCSP_SIGNATURE)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(OCSP_REQINFO)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(OCSP_CRLID)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(OCSP_SERVICELOC)
|
|
||||||
|
|
||||||
const char *OCSP_response_status_str(long s);
|
|
||||||
const char *OCSP_cert_status_str(long s);
|
|
||||||
const char *OCSP_crl_reason_str(long s);
|
|
||||||
|
|
||||||
int OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST *a, unsigned long flags);
|
|
||||||
int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE *o, unsigned long flags);
|
|
||||||
|
|
||||||
int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
|
|
||||||
X509_STORE *st, unsigned long flags);
|
|
||||||
|
|
||||||
/* BEGIN ERROR CODES */
|
|
||||||
/*
|
|
||||||
* The following lines are auto generated by the script mkerr.pl. Any changes
|
|
||||||
* made after this point may be overwritten when the script is next run.
|
|
||||||
*/
|
|
||||||
void ERR_load_OCSP_strings(void);
|
|
||||||
|
|
||||||
/* Error codes for the OCSP functions. */
|
|
||||||
|
|
||||||
/* Function codes. */
|
|
||||||
# define OCSP_F_ASN1_STRING_ENCODE 100
|
|
||||||
# define OCSP_F_D2I_OCSP_NONCE 102
|
|
||||||
# define OCSP_F_OCSP_BASIC_ADD1_STATUS 103
|
|
||||||
# define OCSP_F_OCSP_BASIC_SIGN 104
|
|
||||||
# define OCSP_F_OCSP_BASIC_VERIFY 105
|
|
||||||
# define OCSP_F_OCSP_CERT_ID_NEW 101
|
|
||||||
# define OCSP_F_OCSP_CHECK_DELEGATED 106
|
|
||||||
# define OCSP_F_OCSP_CHECK_IDS 107
|
|
||||||
# define OCSP_F_OCSP_CHECK_ISSUER 108
|
|
||||||
# define OCSP_F_OCSP_CHECK_VALIDITY 115
|
|
||||||
# define OCSP_F_OCSP_MATCH_ISSUERID 109
|
|
||||||
# define OCSP_F_OCSP_PARSE_URL 114
|
|
||||||
# define OCSP_F_OCSP_REQUEST_SIGN 110
|
|
||||||
# define OCSP_F_OCSP_REQUEST_VERIFY 116
|
|
||||||
# define OCSP_F_OCSP_RESPONSE_GET1_BASIC 111
|
|
||||||
# define OCSP_F_OCSP_SENDREQ_BIO 112
|
|
||||||
# define OCSP_F_OCSP_SENDREQ_NBIO 117
|
|
||||||
# define OCSP_F_PARSE_HTTP_LINE1 118
|
|
||||||
# define OCSP_F_REQUEST_VERIFY 113
|
|
||||||
|
|
||||||
/* Reason codes. */
|
|
||||||
# define OCSP_R_BAD_DATA 100
|
|
||||||
# define OCSP_R_CERTIFICATE_VERIFY_ERROR 101
|
|
||||||
# define OCSP_R_DIGEST_ERR 102
|
|
||||||
# define OCSP_R_ERROR_IN_NEXTUPDATE_FIELD 122
|
|
||||||
# define OCSP_R_ERROR_IN_THISUPDATE_FIELD 123
|
|
||||||
# define OCSP_R_ERROR_PARSING_URL 121
|
|
||||||
# define OCSP_R_MISSING_OCSPSIGNING_USAGE 103
|
|
||||||
# define OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE 124
|
|
||||||
# define OCSP_R_NOT_BASIC_RESPONSE 104
|
|
||||||
# define OCSP_R_NO_CERTIFICATES_IN_CHAIN 105
|
|
||||||
# define OCSP_R_NO_CONTENT 106
|
|
||||||
# define OCSP_R_NO_PUBLIC_KEY 107
|
|
||||||
# define OCSP_R_NO_RESPONSE_DATA 108
|
|
||||||
# define OCSP_R_NO_REVOKED_TIME 109
|
|
||||||
# define OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 110
|
|
||||||
# define OCSP_R_REQUEST_NOT_SIGNED 128
|
|
||||||
# define OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA 111
|
|
||||||
# define OCSP_R_ROOT_CA_NOT_TRUSTED 112
|
|
||||||
# define OCSP_R_SERVER_READ_ERROR 113
|
|
||||||
# define OCSP_R_SERVER_RESPONSE_ERROR 114
|
|
||||||
# define OCSP_R_SERVER_RESPONSE_PARSE_ERROR 115
|
|
||||||
# define OCSP_R_SERVER_WRITE_ERROR 116
|
|
||||||
# define OCSP_R_SIGNATURE_FAILURE 117
|
|
||||||
# define OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND 118
|
|
||||||
# define OCSP_R_STATUS_EXPIRED 125
|
|
||||||
# define OCSP_R_STATUS_NOT_YET_VALID 126
|
|
||||||
# define OCSP_R_STATUS_TOO_OLD 127
|
|
||||||
# define OCSP_R_UNKNOWN_MESSAGE_DIGEST 119
|
|
||||||
# define OCSP_R_UNKNOWN_NID 120
|
|
||||||
# define OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE 129
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#endif
|
|
|
@ -1,342 +0,0 @@
|
||||||
/* pkcs12.h */
|
|
||||||
/*
|
|
||||||
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
|
|
||||||
* 1999.
|
|
||||||
*/
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
*
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
*
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in
|
|
||||||
* the documentation and/or other materials provided with the
|
|
||||||
* distribution.
|
|
||||||
*
|
|
||||||
* 3. All advertising materials mentioning features or use of this
|
|
||||||
* software must display the following acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
|
||||||
*
|
|
||||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* prior written permission. For written permission, please contact
|
|
||||||
* licensing@OpenSSL.org.
|
|
||||||
*
|
|
||||||
* 5. Products derived from this software may not be called "OpenSSL"
|
|
||||||
* nor may "OpenSSL" appear in their names without prior written
|
|
||||||
* permission of the OpenSSL Project.
|
|
||||||
*
|
|
||||||
* 6. Redistributions of any form whatsoever must retain the following
|
|
||||||
* acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
||||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
||||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
||||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
||||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
||||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
||||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
||||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
||||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
* ====================================================================
|
|
||||||
*
|
|
||||||
* This product includes cryptographic software written by Eric Young
|
|
||||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
|
||||||
* Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_PKCS12_H
|
|
||||||
# define HEADER_PKCS12_H
|
|
||||||
|
|
||||||
# include <openssl/bio.h>
|
|
||||||
# include <openssl/x509.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
# define PKCS12_KEY_ID 1
|
|
||||||
# define PKCS12_IV_ID 2
|
|
||||||
# define PKCS12_MAC_ID 3
|
|
||||||
|
|
||||||
/* Default iteration count */
|
|
||||||
# ifndef PKCS12_DEFAULT_ITER
|
|
||||||
# define PKCS12_DEFAULT_ITER PKCS5_DEFAULT_ITER
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# define PKCS12_MAC_KEY_LENGTH 20
|
|
||||||
|
|
||||||
# define PKCS12_SALT_LEN 8
|
|
||||||
|
|
||||||
/* Uncomment out next line for unicode password and names, otherwise ASCII */
|
|
||||||
|
|
||||||
/*
|
|
||||||
* #define PBE_UNICODE
|
|
||||||
*/
|
|
||||||
|
|
||||||
# ifdef PBE_UNICODE
|
|
||||||
# define PKCS12_key_gen PKCS12_key_gen_uni
|
|
||||||
# define PKCS12_add_friendlyname PKCS12_add_friendlyname_uni
|
|
||||||
# else
|
|
||||||
# define PKCS12_key_gen PKCS12_key_gen_asc
|
|
||||||
# define PKCS12_add_friendlyname PKCS12_add_friendlyname_asc
|
|
||||||
# endif
|
|
||||||
|
|
||||||
/* MS key usage constants */
|
|
||||||
|
|
||||||
# define KEY_EX 0x10
|
|
||||||
# define KEY_SIG 0x80
|
|
||||||
|
|
||||||
typedef struct {
|
|
||||||
X509_SIG *dinfo;
|
|
||||||
ASN1_OCTET_STRING *salt;
|
|
||||||
ASN1_INTEGER *iter; /* defaults to 1 */
|
|
||||||
} PKCS12_MAC_DATA;
|
|
||||||
|
|
||||||
typedef struct {
|
|
||||||
ASN1_INTEGER *version;
|
|
||||||
PKCS12_MAC_DATA *mac;
|
|
||||||
PKCS7 *authsafes;
|
|
||||||
} PKCS12;
|
|
||||||
|
|
||||||
typedef struct {
|
|
||||||
ASN1_OBJECT *type;
|
|
||||||
union {
|
|
||||||
struct pkcs12_bag_st *bag; /* secret, crl and certbag */
|
|
||||||
struct pkcs8_priv_key_info_st *keybag; /* keybag */
|
|
||||||
X509_SIG *shkeybag; /* shrouded key bag */
|
|
||||||
STACK_OF(PKCS12_SAFEBAG) *safes;
|
|
||||||
ASN1_TYPE *other;
|
|
||||||
} value;
|
|
||||||
STACK_OF(X509_ATTRIBUTE) *attrib;
|
|
||||||
} PKCS12_SAFEBAG;
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(PKCS12_SAFEBAG)
|
|
||||||
DECLARE_ASN1_SET_OF(PKCS12_SAFEBAG)
|
|
||||||
DECLARE_PKCS12_STACK_OF(PKCS12_SAFEBAG)
|
|
||||||
|
|
||||||
typedef struct pkcs12_bag_st {
|
|
||||||
ASN1_OBJECT *type;
|
|
||||||
union {
|
|
||||||
ASN1_OCTET_STRING *x509cert;
|
|
||||||
ASN1_OCTET_STRING *x509crl;
|
|
||||||
ASN1_OCTET_STRING *octet;
|
|
||||||
ASN1_IA5STRING *sdsicert;
|
|
||||||
ASN1_TYPE *other; /* Secret or other bag */
|
|
||||||
} value;
|
|
||||||
} PKCS12_BAGS;
|
|
||||||
|
|
||||||
# define PKCS12_ERROR 0
|
|
||||||
# define PKCS12_OK 1
|
|
||||||
|
|
||||||
/* Compatibility macros */
|
|
||||||
|
|
||||||
# define M_PKCS12_x5092certbag PKCS12_x5092certbag
|
|
||||||
# define M_PKCS12_x509crl2certbag PKCS12_x509crl2certbag
|
|
||||||
|
|
||||||
# define M_PKCS12_certbag2x509 PKCS12_certbag2x509
|
|
||||||
# define M_PKCS12_certbag2x509crl PKCS12_certbag2x509crl
|
|
||||||
|
|
||||||
# define M_PKCS12_unpack_p7data PKCS12_unpack_p7data
|
|
||||||
# define M_PKCS12_pack_authsafes PKCS12_pack_authsafes
|
|
||||||
# define M_PKCS12_unpack_authsafes PKCS12_unpack_authsafes
|
|
||||||
# define M_PKCS12_unpack_p7encdata PKCS12_unpack_p7encdata
|
|
||||||
|
|
||||||
# define M_PKCS12_decrypt_skey PKCS12_decrypt_skey
|
|
||||||
# define M_PKCS8_decrypt PKCS8_decrypt
|
|
||||||
|
|
||||||
# define M_PKCS12_bag_type(bg) OBJ_obj2nid((bg)->type)
|
|
||||||
# define M_PKCS12_cert_bag_type(bg) OBJ_obj2nid((bg)->value.bag->type)
|
|
||||||
# define M_PKCS12_crl_bag_type M_PKCS12_cert_bag_type
|
|
||||||
|
|
||||||
# define PKCS12_get_attr(bag, attr_nid) \
|
|
||||||
PKCS12_get_attr_gen(bag->attrib, attr_nid)
|
|
||||||
|
|
||||||
# define PKCS8_get_attr(p8, attr_nid) \
|
|
||||||
PKCS12_get_attr_gen(p8->attributes, attr_nid)
|
|
||||||
|
|
||||||
# define PKCS12_mac_present(p12) ((p12)->mac ? 1 : 0)
|
|
||||||
|
|
||||||
PKCS12_SAFEBAG *PKCS12_x5092certbag(X509 *x509);
|
|
||||||
PKCS12_SAFEBAG *PKCS12_x509crl2certbag(X509_CRL *crl);
|
|
||||||
X509 *PKCS12_certbag2x509(PKCS12_SAFEBAG *bag);
|
|
||||||
X509_CRL *PKCS12_certbag2x509crl(PKCS12_SAFEBAG *bag);
|
|
||||||
|
|
||||||
PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it,
|
|
||||||
int nid1, int nid2);
|
|
||||||
PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8);
|
|
||||||
PKCS8_PRIV_KEY_INFO *PKCS8_decrypt(X509_SIG *p8, const char *pass,
|
|
||||||
int passlen);
|
|
||||||
PKCS8_PRIV_KEY_INFO *PKCS12_decrypt_skey(PKCS12_SAFEBAG *bag,
|
|
||||||
const char *pass, int passlen);
|
|
||||||
X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher,
|
|
||||||
const char *pass, int passlen, unsigned char *salt,
|
|
||||||
int saltlen, int iter, PKCS8_PRIV_KEY_INFO *p8);
|
|
||||||
PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char *pass,
|
|
||||||
int passlen, unsigned char *salt,
|
|
||||||
int saltlen, int iter,
|
|
||||||
PKCS8_PRIV_KEY_INFO *p8);
|
|
||||||
PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk);
|
|
||||||
STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7);
|
|
||||||
PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen,
|
|
||||||
unsigned char *salt, int saltlen, int iter,
|
|
||||||
STACK_OF(PKCS12_SAFEBAG) *bags);
|
|
||||||
STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7encdata(PKCS7 *p7, const char *pass,
|
|
||||||
int passlen);
|
|
||||||
|
|
||||||
int PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes);
|
|
||||||
STACK_OF(PKCS7) *PKCS12_unpack_authsafes(PKCS12 *p12);
|
|
||||||
|
|
||||||
int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name,
|
|
||||||
int namelen);
|
|
||||||
int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name,
|
|
||||||
int namelen);
|
|
||||||
int PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name,
|
|
||||||
int namelen);
|
|
||||||
int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag,
|
|
||||||
const unsigned char *name, int namelen);
|
|
||||||
int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage);
|
|
||||||
ASN1_TYPE *PKCS12_get_attr_gen(STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid);
|
|
||||||
char *PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag);
|
|
||||||
unsigned char *PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass,
|
|
||||||
int passlen, unsigned char *in, int inlen,
|
|
||||||
unsigned char **data, int *datalen,
|
|
||||||
int en_de);
|
|
||||||
void *PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it,
|
|
||||||
const char *pass, int passlen,
|
|
||||||
ASN1_OCTET_STRING *oct, int zbuf);
|
|
||||||
ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor,
|
|
||||||
const ASN1_ITEM *it,
|
|
||||||
const char *pass, int passlen,
|
|
||||||
void *obj, int zbuf);
|
|
||||||
PKCS12 *PKCS12_init(int mode);
|
|
||||||
int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
|
|
||||||
int saltlen, int id, int iter, int n,
|
|
||||||
unsigned char *out, const EVP_MD *md_type);
|
|
||||||
int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
|
|
||||||
int saltlen, int id, int iter, int n,
|
|
||||||
unsigned char *out, const EVP_MD *md_type);
|
|
||||||
int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
|
|
||||||
ASN1_TYPE *param, const EVP_CIPHER *cipher,
|
|
||||||
const EVP_MD *md_type, int en_de);
|
|
||||||
int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
|
|
||||||
unsigned char *mac, unsigned int *maclen);
|
|
||||||
int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen);
|
|
||||||
int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen,
|
|
||||||
unsigned char *salt, int saltlen, int iter,
|
|
||||||
const EVP_MD *md_type);
|
|
||||||
int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt,
|
|
||||||
int saltlen, const EVP_MD *md_type);
|
|
||||||
unsigned char *OPENSSL_asc2uni(const char *asc, int asclen,
|
|
||||||
unsigned char **uni, int *unilen);
|
|
||||||
char *OPENSSL_uni2asc(unsigned char *uni, int unilen);
|
|
||||||
|
|
||||||
DECLARE_ASN1_FUNCTIONS(PKCS12)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(PKCS12_MAC_DATA)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(PKCS12_SAFEBAG)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(PKCS12_BAGS)
|
|
||||||
|
|
||||||
DECLARE_ASN1_ITEM(PKCS12_SAFEBAGS)
|
|
||||||
DECLARE_ASN1_ITEM(PKCS12_AUTHSAFES)
|
|
||||||
|
|
||||||
void PKCS12_PBE_add(void);
|
|
||||||
int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
|
|
||||||
STACK_OF(X509) **ca);
|
|
||||||
PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
|
|
||||||
STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter,
|
|
||||||
int mac_iter, int keytype);
|
|
||||||
|
|
||||||
PKCS12_SAFEBAG *PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert);
|
|
||||||
PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags,
|
|
||||||
EVP_PKEY *key, int key_usage, int iter,
|
|
||||||
int key_nid, char *pass);
|
|
||||||
int PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags,
|
|
||||||
int safe_nid, int iter, char *pass);
|
|
||||||
PKCS12 *PKCS12_add_safes(STACK_OF(PKCS7) *safes, int p7_nid);
|
|
||||||
|
|
||||||
int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12);
|
|
||||||
int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12);
|
|
||||||
PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12);
|
|
||||||
PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12);
|
|
||||||
int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass);
|
|
||||||
|
|
||||||
/* BEGIN ERROR CODES */
|
|
||||||
/*
|
|
||||||
* The following lines are auto generated by the script mkerr.pl. Any changes
|
|
||||||
* made after this point may be overwritten when the script is next run.
|
|
||||||
*/
|
|
||||||
void ERR_load_PKCS12_strings(void);
|
|
||||||
|
|
||||||
/* Error codes for the PKCS12 functions. */
|
|
||||||
|
|
||||||
/* Function codes. */
|
|
||||||
# define PKCS12_F_PARSE_BAG 129
|
|
||||||
# define PKCS12_F_PARSE_BAGS 103
|
|
||||||
# define PKCS12_F_PKCS12_ADD_FRIENDLYNAME 100
|
|
||||||
# define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC 127
|
|
||||||
# define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI 102
|
|
||||||
# define PKCS12_F_PKCS12_ADD_LOCALKEYID 104
|
|
||||||
# define PKCS12_F_PKCS12_CREATE 105
|
|
||||||
# define PKCS12_F_PKCS12_GEN_MAC 107
|
|
||||||
# define PKCS12_F_PKCS12_INIT 109
|
|
||||||
# define PKCS12_F_PKCS12_ITEM_DECRYPT_D2I 106
|
|
||||||
# define PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT 108
|
|
||||||
# define PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG 117
|
|
||||||
# define PKCS12_F_PKCS12_KEY_GEN_ASC 110
|
|
||||||
# define PKCS12_F_PKCS12_KEY_GEN_UNI 111
|
|
||||||
# define PKCS12_F_PKCS12_MAKE_KEYBAG 112
|
|
||||||
# define PKCS12_F_PKCS12_MAKE_SHKEYBAG 113
|
|
||||||
# define PKCS12_F_PKCS12_NEWPASS 128
|
|
||||||
# define PKCS12_F_PKCS12_PACK_P7DATA 114
|
|
||||||
# define PKCS12_F_PKCS12_PACK_P7ENCDATA 115
|
|
||||||
# define PKCS12_F_PKCS12_PARSE 118
|
|
||||||
# define PKCS12_F_PKCS12_PBE_CRYPT 119
|
|
||||||
# define PKCS12_F_PKCS12_PBE_KEYIVGEN 120
|
|
||||||
# define PKCS12_F_PKCS12_SETUP_MAC 122
|
|
||||||
# define PKCS12_F_PKCS12_SET_MAC 123
|
|
||||||
# define PKCS12_F_PKCS12_UNPACK_AUTHSAFES 130
|
|
||||||
# define PKCS12_F_PKCS12_UNPACK_P7DATA 131
|
|
||||||
# define PKCS12_F_PKCS12_VERIFY_MAC 126
|
|
||||||
# define PKCS12_F_PKCS8_ADD_KEYUSAGE 124
|
|
||||||
# define PKCS12_F_PKCS8_ENCRYPT 125
|
|
||||||
|
|
||||||
/* Reason codes. */
|
|
||||||
# define PKCS12_R_CANT_PACK_STRUCTURE 100
|
|
||||||
# define PKCS12_R_CONTENT_TYPE_NOT_DATA 121
|
|
||||||
# define PKCS12_R_DECODE_ERROR 101
|
|
||||||
# define PKCS12_R_ENCODE_ERROR 102
|
|
||||||
# define PKCS12_R_ENCRYPT_ERROR 103
|
|
||||||
# define PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE 120
|
|
||||||
# define PKCS12_R_INVALID_NULL_ARGUMENT 104
|
|
||||||
# define PKCS12_R_INVALID_NULL_PKCS12_POINTER 105
|
|
||||||
# define PKCS12_R_IV_GEN_ERROR 106
|
|
||||||
# define PKCS12_R_KEY_GEN_ERROR 107
|
|
||||||
# define PKCS12_R_MAC_ABSENT 108
|
|
||||||
# define PKCS12_R_MAC_GENERATION_ERROR 109
|
|
||||||
# define PKCS12_R_MAC_SETUP_ERROR 110
|
|
||||||
# define PKCS12_R_MAC_STRING_SET_ERROR 111
|
|
||||||
# define PKCS12_R_MAC_VERIFY_ERROR 112
|
|
||||||
# define PKCS12_R_MAC_VERIFY_FAILURE 113
|
|
||||||
# define PKCS12_R_PARSE_ERROR 114
|
|
||||||
# define PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR 115
|
|
||||||
# define PKCS12_R_PKCS12_CIPHERFINAL_ERROR 116
|
|
||||||
# define PKCS12_R_PKCS12_PBE_CRYPT_ERROR 117
|
|
||||||
# define PKCS12_R_UNKNOWN_DIGEST_ALGORITHM 118
|
|
||||||
# define PKCS12_R_UNSUPPORTED_PKCS12_MODE 119
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#endif
|
|
|
@ -1,150 +0,0 @@
|
||||||
/* crypto/rand/rand.h */
|
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
|
||||||
* All rights reserved.
|
|
||||||
*
|
|
||||||
* This package is an SSL implementation written
|
|
||||||
* by Eric Young (eay@cryptsoft.com).
|
|
||||||
* The implementation was written so as to conform with Netscapes SSL.
|
|
||||||
*
|
|
||||||
* This library is free for commercial and non-commercial use as long as
|
|
||||||
* the following conditions are aheared to. The following conditions
|
|
||||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
||||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
||||||
* included with this distribution is covered by the same copyright terms
|
|
||||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
||||||
* the code are not to be removed.
|
|
||||||
* If this package is used in a product, Eric Young should be given attribution
|
|
||||||
* as the author of the parts of the library used.
|
|
||||||
* This can be in the form of a textual message at program startup or
|
|
||||||
* in documentation (online or textual) provided with the package.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. All advertising materials mentioning features or use of this software
|
|
||||||
* must display the following acknowledgement:
|
|
||||||
* "This product includes cryptographic software written by
|
|
||||||
* Eric Young (eay@cryptsoft.com)"
|
|
||||||
* The word 'cryptographic' can be left out if the rouines from the library
|
|
||||||
* being used are not cryptographic related :-).
|
|
||||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
||||||
* the apps directory (application code) you must include an acknowledgement:
|
|
||||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
||||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
||||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
||||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
* SUCH DAMAGE.
|
|
||||||
*
|
|
||||||
* The licence and distribution terms for any publically available version or
|
|
||||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
||||||
* copied and put under another distribution licence
|
|
||||||
* [including the GNU Public Licence.]
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_RAND_H
|
|
||||||
# define HEADER_RAND_H
|
|
||||||
|
|
||||||
# include <stdlib.h>
|
|
||||||
# include <openssl/ossl_typ.h>
|
|
||||||
# include <openssl/e_os2.h>
|
|
||||||
|
|
||||||
# if defined(OPENSSL_SYS_WINDOWS)
|
|
||||||
# include <windows.h>
|
|
||||||
# endif
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
# if defined(OPENSSL_FIPS)
|
|
||||||
# define FIPS_RAND_SIZE_T size_t
|
|
||||||
# endif
|
|
||||||
|
|
||||||
/* Already defined in ossl_typ.h */
|
|
||||||
/* typedef struct rand_meth_st RAND_METHOD; */
|
|
||||||
|
|
||||||
struct rand_meth_st {
|
|
||||||
void (*seed) (const void *buf, int num);
|
|
||||||
int (*bytes) (unsigned char *buf, int num);
|
|
||||||
void (*cleanup) (void);
|
|
||||||
void (*add) (const void *buf, int num, double entropy);
|
|
||||||
int (*pseudorand) (unsigned char *buf, int num);
|
|
||||||
int (*status) (void);
|
|
||||||
};
|
|
||||||
|
|
||||||
# ifdef BN_DEBUG
|
|
||||||
extern int rand_predictable;
|
|
||||||
# endif
|
|
||||||
|
|
||||||
int RAND_set_rand_method(const RAND_METHOD *meth);
|
|
||||||
const RAND_METHOD *RAND_get_rand_method(void);
|
|
||||||
# ifndef OPENSSL_NO_ENGINE
|
|
||||||
int RAND_set_rand_engine(ENGINE *engine);
|
|
||||||
# endif
|
|
||||||
RAND_METHOD *RAND_SSLeay(void);
|
|
||||||
void RAND_cleanup(void);
|
|
||||||
int RAND_bytes(unsigned char *buf, int num);
|
|
||||||
int RAND_pseudo_bytes(unsigned char *buf, int num);
|
|
||||||
void RAND_seed(const void *buf, int num);
|
|
||||||
void RAND_add(const void *buf, int num, double entropy);
|
|
||||||
int RAND_load_file(const char *file, long max_bytes);
|
|
||||||
int RAND_write_file(const char *file);
|
|
||||||
const char *RAND_file_name(char *file, size_t num);
|
|
||||||
int RAND_status(void);
|
|
||||||
int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes);
|
|
||||||
int RAND_egd(const char *path);
|
|
||||||
int RAND_egd_bytes(const char *path, int bytes);
|
|
||||||
int RAND_poll(void);
|
|
||||||
|
|
||||||
# if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
|
|
||||||
|
|
||||||
void RAND_screen(void);
|
|
||||||
int RAND_event(UINT, WPARAM, LPARAM);
|
|
||||||
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# ifdef OPENSSL_FIPS
|
|
||||||
void RAND_set_fips_drbg_type(int type, int flags);
|
|
||||||
int RAND_init_fips(void);
|
|
||||||
# endif
|
|
||||||
|
|
||||||
/* BEGIN ERROR CODES */
|
|
||||||
/*
|
|
||||||
* The following lines are auto generated by the script mkerr.pl. Any changes
|
|
||||||
* made after this point may be overwritten when the script is next run.
|
|
||||||
*/
|
|
||||||
void ERR_load_RAND_strings(void);
|
|
||||||
|
|
||||||
/* Error codes for the RAND functions. */
|
|
||||||
|
|
||||||
/* Function codes. */
|
|
||||||
# define RAND_F_RAND_GET_RAND_METHOD 101
|
|
||||||
# define RAND_F_RAND_INIT_FIPS 102
|
|
||||||
# define RAND_F_SSLEAY_RAND_BYTES 100
|
|
||||||
|
|
||||||
/* Reason codes. */
|
|
||||||
# define RAND_R_DUAL_EC_DRBG_DISABLED 104
|
|
||||||
# define RAND_R_ERROR_INITIALISING_DRBG 102
|
|
||||||
# define RAND_R_ERROR_INSTANTIATING_DRBG 103
|
|
||||||
# define RAND_R_NO_FIPS_RANDOM_METHOD_SET 101
|
|
||||||
# define RAND_R_PRNG_NOT_SEEDED 100
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#endif
|
|
|
@ -1,103 +0,0 @@
|
||||||
/* crypto/rc2/rc2.h */
|
|
||||||
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
|
|
||||||
* All rights reserved.
|
|
||||||
*
|
|
||||||
* This package is an SSL implementation written
|
|
||||||
* by Eric Young (eay@cryptsoft.com).
|
|
||||||
* The implementation was written so as to conform with Netscapes SSL.
|
|
||||||
*
|
|
||||||
* This library is free for commercial and non-commercial use as long as
|
|
||||||
* the following conditions are aheared to. The following conditions
|
|
||||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
||||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
||||||
* included with this distribution is covered by the same copyright terms
|
|
||||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
||||||
* the code are not to be removed.
|
|
||||||
* If this package is used in a product, Eric Young should be given attribution
|
|
||||||
* as the author of the parts of the library used.
|
|
||||||
* This can be in the form of a textual message at program startup or
|
|
||||||
* in documentation (online or textual) provided with the package.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. All advertising materials mentioning features or use of this software
|
|
||||||
* must display the following acknowledgement:
|
|
||||||
* "This product includes cryptographic software written by
|
|
||||||
* Eric Young (eay@cryptsoft.com)"
|
|
||||||
* The word 'cryptographic' can be left out if the rouines from the library
|
|
||||||
* being used are not cryptographic related :-).
|
|
||||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
||||||
* the apps directory (application code) you must include an acknowledgement:
|
|
||||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
||||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
||||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
||||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
* SUCH DAMAGE.
|
|
||||||
*
|
|
||||||
* The licence and distribution terms for any publically available version or
|
|
||||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
||||||
* copied and put under another distribution licence
|
|
||||||
* [including the GNU Public Licence.]
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_RC2_H
|
|
||||||
# define HEADER_RC2_H
|
|
||||||
|
|
||||||
# include <openssl/opensslconf.h>/* OPENSSL_NO_RC2, RC2_INT */
|
|
||||||
# ifdef OPENSSL_NO_RC2
|
|
||||||
# error RC2 is disabled.
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# define RC2_ENCRYPT 1
|
|
||||||
# define RC2_DECRYPT 0
|
|
||||||
|
|
||||||
# define RC2_BLOCK 8
|
|
||||||
# define RC2_KEY_LENGTH 16
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
typedef struct rc2_key_st {
|
|
||||||
RC2_INT data[64];
|
|
||||||
} RC2_KEY;
|
|
||||||
|
|
||||||
# ifdef OPENSSL_FIPS
|
|
||||||
void private_RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,
|
|
||||||
int bits);
|
|
||||||
# endif
|
|
||||||
void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits);
|
|
||||||
void RC2_ecb_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
RC2_KEY *key, int enc);
|
|
||||||
void RC2_encrypt(unsigned long *data, RC2_KEY *key);
|
|
||||||
void RC2_decrypt(unsigned long *data, RC2_KEY *key);
|
|
||||||
void RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
|
|
||||||
RC2_KEY *ks, unsigned char *iv, int enc);
|
|
||||||
void RC2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
long length, RC2_KEY *schedule, unsigned char *ivec,
|
|
||||||
int *num, int enc);
|
|
||||||
void RC2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
long length, RC2_KEY *schedule, unsigned char *ivec,
|
|
||||||
int *num);
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif
|
|
|
@ -1,88 +0,0 @@
|
||||||
/* crypto/rc4/rc4.h */
|
|
||||||
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
|
|
||||||
* All rights reserved.
|
|
||||||
*
|
|
||||||
* This package is an SSL implementation written
|
|
||||||
* by Eric Young (eay@cryptsoft.com).
|
|
||||||
* The implementation was written so as to conform with Netscapes SSL.
|
|
||||||
*
|
|
||||||
* This library is free for commercial and non-commercial use as long as
|
|
||||||
* the following conditions are aheared to. The following conditions
|
|
||||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
||||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
||||||
* included with this distribution is covered by the same copyright terms
|
|
||||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
||||||
* the code are not to be removed.
|
|
||||||
* If this package is used in a product, Eric Young should be given attribution
|
|
||||||
* as the author of the parts of the library used.
|
|
||||||
* This can be in the form of a textual message at program startup or
|
|
||||||
* in documentation (online or textual) provided with the package.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. All advertising materials mentioning features or use of this software
|
|
||||||
* must display the following acknowledgement:
|
|
||||||
* "This product includes cryptographic software written by
|
|
||||||
* Eric Young (eay@cryptsoft.com)"
|
|
||||||
* The word 'cryptographic' can be left out if the rouines from the library
|
|
||||||
* being used are not cryptographic related :-).
|
|
||||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
||||||
* the apps directory (application code) you must include an acknowledgement:
|
|
||||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
||||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
||||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
||||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
* SUCH DAMAGE.
|
|
||||||
*
|
|
||||||
* The licence and distribution terms for any publically available version or
|
|
||||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
||||||
* copied and put under another distribution licence
|
|
||||||
* [including the GNU Public Licence.]
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_RC4_H
|
|
||||||
# define HEADER_RC4_H
|
|
||||||
|
|
||||||
# include <openssl/opensslconf.h>/* OPENSSL_NO_RC4, RC4_INT */
|
|
||||||
# ifdef OPENSSL_NO_RC4
|
|
||||||
# error RC4 is disabled.
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# include <stddef.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
typedef struct rc4_key_st {
|
|
||||||
RC4_INT x, y;
|
|
||||||
RC4_INT data[256];
|
|
||||||
} RC4_KEY;
|
|
||||||
|
|
||||||
const char *RC4_options(void);
|
|
||||||
void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
|
|
||||||
void private_RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
|
|
||||||
void RC4(RC4_KEY *key, size_t len, const unsigned char *indata,
|
|
||||||
unsigned char *outdata);
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif
|
|
|
@ -1,105 +0,0 @@
|
||||||
/* crypto/ripemd/ripemd.h */
|
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
|
||||||
* All rights reserved.
|
|
||||||
*
|
|
||||||
* This package is an SSL implementation written
|
|
||||||
* by Eric Young (eay@cryptsoft.com).
|
|
||||||
* The implementation was written so as to conform with Netscapes SSL.
|
|
||||||
*
|
|
||||||
* This library is free for commercial and non-commercial use as long as
|
|
||||||
* the following conditions are aheared to. The following conditions
|
|
||||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
||||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
||||||
* included with this distribution is covered by the same copyright terms
|
|
||||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
||||||
* the code are not to be removed.
|
|
||||||
* If this package is used in a product, Eric Young should be given attribution
|
|
||||||
* as the author of the parts of the library used.
|
|
||||||
* This can be in the form of a textual message at program startup or
|
|
||||||
* in documentation (online or textual) provided with the package.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. All advertising materials mentioning features or use of this software
|
|
||||||
* must display the following acknowledgement:
|
|
||||||
* "This product includes cryptographic software written by
|
|
||||||
* Eric Young (eay@cryptsoft.com)"
|
|
||||||
* The word 'cryptographic' can be left out if the rouines from the library
|
|
||||||
* being used are not cryptographic related :-).
|
|
||||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
||||||
* the apps directory (application code) you must include an acknowledgement:
|
|
||||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
||||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
||||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
||||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
* SUCH DAMAGE.
|
|
||||||
*
|
|
||||||
* The licence and distribution terms for any publically available version or
|
|
||||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
||||||
* copied and put under another distribution licence
|
|
||||||
* [including the GNU Public Licence.]
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_RIPEMD_H
|
|
||||||
# define HEADER_RIPEMD_H
|
|
||||||
|
|
||||||
# include <openssl/e_os2.h>
|
|
||||||
# include <stddef.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
# ifdef OPENSSL_NO_RIPEMD
|
|
||||||
# error RIPEMD is disabled.
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# if defined(__LP32__)
|
|
||||||
# define RIPEMD160_LONG unsigned long
|
|
||||||
# elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
|
|
||||||
# define RIPEMD160_LONG unsigned long
|
|
||||||
# define RIPEMD160_LONG_LOG2 3
|
|
||||||
# else
|
|
||||||
# define RIPEMD160_LONG unsigned int
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# define RIPEMD160_CBLOCK 64
|
|
||||||
# define RIPEMD160_LBLOCK (RIPEMD160_CBLOCK/4)
|
|
||||||
# define RIPEMD160_DIGEST_LENGTH 20
|
|
||||||
|
|
||||||
typedef struct RIPEMD160state_st {
|
|
||||||
RIPEMD160_LONG A, B, C, D, E;
|
|
||||||
RIPEMD160_LONG Nl, Nh;
|
|
||||||
RIPEMD160_LONG data[RIPEMD160_LBLOCK];
|
|
||||||
unsigned int num;
|
|
||||||
} RIPEMD160_CTX;
|
|
||||||
|
|
||||||
# ifdef OPENSSL_FIPS
|
|
||||||
int private_RIPEMD160_Init(RIPEMD160_CTX *c);
|
|
||||||
# endif
|
|
||||||
int RIPEMD160_Init(RIPEMD160_CTX *c);
|
|
||||||
int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, size_t len);
|
|
||||||
int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c);
|
|
||||||
unsigned char *RIPEMD160(const unsigned char *d, size_t n, unsigned char *md);
|
|
||||||
void RIPEMD160_Transform(RIPEMD160_CTX *c, const unsigned char *b);
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif
|
|
|
@ -1,149 +0,0 @@
|
||||||
/*
|
|
||||||
* Copyright (c) 2007 KISA(Korea Information Security Agency). All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Neither the name of author nor the names of its contributors may
|
|
||||||
* be used to endorse or promote products derived from this software
|
|
||||||
* without specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
|
||||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
||||||
* ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
||||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
* SUCH DAMAGE.
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
*
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
*
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in
|
|
||||||
* the documentation and/or other materials provided with the
|
|
||||||
* distribution.
|
|
||||||
*
|
|
||||||
* 3. All advertising materials mentioning features or use of this
|
|
||||||
* software must display the following acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
|
||||||
*
|
|
||||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* prior written permission. For written permission, please contact
|
|
||||||
* openssl-core@openssl.org.
|
|
||||||
*
|
|
||||||
* 5. Products derived from this software may not be called "OpenSSL"
|
|
||||||
* nor may "OpenSSL" appear in their names without prior written
|
|
||||||
* permission of the OpenSSL Project.
|
|
||||||
*
|
|
||||||
* 6. Redistributions of any form whatsoever must retain the following
|
|
||||||
* acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
||||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
||||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
||||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
||||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
||||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
||||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
||||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
||||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
* ====================================================================
|
|
||||||
*
|
|
||||||
* This product includes cryptographic software written by Eric Young
|
|
||||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
|
||||||
* Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_SEED_H
|
|
||||||
# define HEADER_SEED_H
|
|
||||||
|
|
||||||
# include <openssl/opensslconf.h>
|
|
||||||
# include <openssl/e_os2.h>
|
|
||||||
# include <openssl/crypto.h>
|
|
||||||
|
|
||||||
# ifdef OPENSSL_NO_SEED
|
|
||||||
# error SEED is disabled.
|
|
||||||
# endif
|
|
||||||
|
|
||||||
/* look whether we need 'long' to get 32 bits */
|
|
||||||
# ifdef AES_LONG
|
|
||||||
# ifndef SEED_LONG
|
|
||||||
# define SEED_LONG 1
|
|
||||||
# endif
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# if !defined(NO_SYS_TYPES_H)
|
|
||||||
# include <sys/types.h>
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# define SEED_BLOCK_SIZE 16
|
|
||||||
# define SEED_KEY_LENGTH 16
|
|
||||||
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
typedef struct seed_key_st {
|
|
||||||
# ifdef SEED_LONG
|
|
||||||
unsigned long data[32];
|
|
||||||
# else
|
|
||||||
unsigned int data[32];
|
|
||||||
# endif
|
|
||||||
} SEED_KEY_SCHEDULE;
|
|
||||||
|
|
||||||
# ifdef OPENSSL_FIPS
|
|
||||||
void private_SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH],
|
|
||||||
SEED_KEY_SCHEDULE *ks);
|
|
||||||
# endif
|
|
||||||
void SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH],
|
|
||||||
SEED_KEY_SCHEDULE *ks);
|
|
||||||
|
|
||||||
void SEED_encrypt(const unsigned char s[SEED_BLOCK_SIZE],
|
|
||||||
unsigned char d[SEED_BLOCK_SIZE],
|
|
||||||
const SEED_KEY_SCHEDULE *ks);
|
|
||||||
void SEED_decrypt(const unsigned char s[SEED_BLOCK_SIZE],
|
|
||||||
unsigned char d[SEED_BLOCK_SIZE],
|
|
||||||
const SEED_KEY_SCHEDULE *ks);
|
|
||||||
|
|
||||||
void SEED_ecb_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
const SEED_KEY_SCHEDULE *ks, int enc);
|
|
||||||
void SEED_cbc_encrypt(const unsigned char *in, unsigned char *out, size_t len,
|
|
||||||
const SEED_KEY_SCHEDULE *ks,
|
|
||||||
unsigned char ivec[SEED_BLOCK_SIZE], int enc);
|
|
||||||
void SEED_cfb128_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t len, const SEED_KEY_SCHEDULE *ks,
|
|
||||||
unsigned char ivec[SEED_BLOCK_SIZE], int *num,
|
|
||||||
int enc);
|
|
||||||
void SEED_ofb128_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t len, const SEED_KEY_SCHEDULE *ks,
|
|
||||||
unsigned char ivec[SEED_BLOCK_SIZE], int *num);
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif /* HEADER_SEED_H */
|
|
|
@ -1,169 +0,0 @@
|
||||||
/* crypto/srp/srp.h */
|
|
||||||
/*
|
|
||||||
* Written by Christophe Renou (christophe.renou@edelweb.fr) with the
|
|
||||||
* precious help of Peter Sylvester (peter.sylvester@edelweb.fr) for the
|
|
||||||
* EdelKey project and contributed to the OpenSSL project 2004.
|
|
||||||
*/
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 2004 The OpenSSL Project. All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
*
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
*
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in
|
|
||||||
* the documentation and/or other materials provided with the
|
|
||||||
* distribution.
|
|
||||||
*
|
|
||||||
* 3. All advertising materials mentioning features or use of this
|
|
||||||
* software must display the following acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
|
||||||
*
|
|
||||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* prior written permission. For written permission, please contact
|
|
||||||
* licensing@OpenSSL.org.
|
|
||||||
*
|
|
||||||
* 5. Products derived from this software may not be called "OpenSSL"
|
|
||||||
* nor may "OpenSSL" appear in their names without prior written
|
|
||||||
* permission of the OpenSSL Project.
|
|
||||||
*
|
|
||||||
* 6. Redistributions of any form whatsoever must retain the following
|
|
||||||
* acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
||||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
||||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
||||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
||||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
||||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
||||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
||||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
||||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
* ====================================================================
|
|
||||||
*
|
|
||||||
* This product includes cryptographic software written by Eric Young
|
|
||||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
|
||||||
* Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
#ifndef __SRP_H__
|
|
||||||
# define __SRP_H__
|
|
||||||
|
|
||||||
# ifndef OPENSSL_NO_SRP
|
|
||||||
|
|
||||||
# include <stdio.h>
|
|
||||||
# include <string.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
# include <openssl/safestack.h>
|
|
||||||
# include <openssl/bn.h>
|
|
||||||
# include <openssl/crypto.h>
|
|
||||||
|
|
||||||
typedef struct SRP_gN_cache_st {
|
|
||||||
char *b64_bn;
|
|
||||||
BIGNUM *bn;
|
|
||||||
} SRP_gN_cache;
|
|
||||||
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(SRP_gN_cache)
|
|
||||||
|
|
||||||
typedef struct SRP_user_pwd_st {
|
|
||||||
char *id;
|
|
||||||
BIGNUM *s;
|
|
||||||
BIGNUM *v;
|
|
||||||
const BIGNUM *g;
|
|
||||||
const BIGNUM *N;
|
|
||||||
char *info;
|
|
||||||
} SRP_user_pwd;
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(SRP_user_pwd)
|
|
||||||
|
|
||||||
typedef struct SRP_VBASE_st {
|
|
||||||
STACK_OF(SRP_user_pwd) *users_pwd;
|
|
||||||
STACK_OF(SRP_gN_cache) *gN_cache;
|
|
||||||
/* to simulate a user */
|
|
||||||
char *seed_key;
|
|
||||||
BIGNUM *default_g;
|
|
||||||
BIGNUM *default_N;
|
|
||||||
} SRP_VBASE;
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Structure interne pour retenir les couples N et g
|
|
||||||
*/
|
|
||||||
typedef struct SRP_gN_st {
|
|
||||||
char *id;
|
|
||||||
BIGNUM *g;
|
|
||||||
BIGNUM *N;
|
|
||||||
} SRP_gN;
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(SRP_gN)
|
|
||||||
|
|
||||||
SRP_VBASE *SRP_VBASE_new(char *seed_key);
|
|
||||||
int SRP_VBASE_free(SRP_VBASE *vb);
|
|
||||||
int SRP_VBASE_init(SRP_VBASE *vb, char *verifier_file);
|
|
||||||
SRP_user_pwd *SRP_VBASE_get_by_user(SRP_VBASE *vb, char *username);
|
|
||||||
char *SRP_create_verifier(const char *user, const char *pass, char **salt,
|
|
||||||
char **verifier, const char *N, const char *g);
|
|
||||||
int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt,
|
|
||||||
BIGNUM **verifier, BIGNUM *N, BIGNUM *g);
|
|
||||||
|
|
||||||
# define SRP_NO_ERROR 0
|
|
||||||
# define SRP_ERR_VBASE_INCOMPLETE_FILE 1
|
|
||||||
# define SRP_ERR_VBASE_BN_LIB 2
|
|
||||||
# define SRP_ERR_OPEN_FILE 3
|
|
||||||
# define SRP_ERR_MEMORY 4
|
|
||||||
|
|
||||||
# define DB_srptype 0
|
|
||||||
# define DB_srpverifier 1
|
|
||||||
# define DB_srpsalt 2
|
|
||||||
# define DB_srpid 3
|
|
||||||
# define DB_srpgN 4
|
|
||||||
# define DB_srpinfo 5
|
|
||||||
# undef DB_NUMBER
|
|
||||||
# define DB_NUMBER 6
|
|
||||||
|
|
||||||
# define DB_SRP_INDEX 'I'
|
|
||||||
# define DB_SRP_VALID 'V'
|
|
||||||
# define DB_SRP_REVOKED 'R'
|
|
||||||
# define DB_SRP_MODIF 'v'
|
|
||||||
|
|
||||||
/* see srp.c */
|
|
||||||
char *SRP_check_known_gN_param(BIGNUM *g, BIGNUM *N);
|
|
||||||
SRP_gN *SRP_get_default_gN(const char *id);
|
|
||||||
|
|
||||||
/* server side .... */
|
|
||||||
BIGNUM *SRP_Calc_server_key(BIGNUM *A, BIGNUM *v, BIGNUM *u, BIGNUM *b,
|
|
||||||
BIGNUM *N);
|
|
||||||
BIGNUM *SRP_Calc_B(BIGNUM *b, BIGNUM *N, BIGNUM *g, BIGNUM *v);
|
|
||||||
int SRP_Verify_A_mod_N(BIGNUM *A, BIGNUM *N);
|
|
||||||
BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N);
|
|
||||||
|
|
||||||
/* client side .... */
|
|
||||||
BIGNUM *SRP_Calc_x(BIGNUM *s, const char *user, const char *pass);
|
|
||||||
BIGNUM *SRP_Calc_A(BIGNUM *a, BIGNUM *N, BIGNUM *g);
|
|
||||||
BIGNUM *SRP_Calc_client_key(BIGNUM *N, BIGNUM *B, BIGNUM *g, BIGNUM *x,
|
|
||||||
BIGNUM *a, BIGNUM *u);
|
|
||||||
int SRP_Verify_B_mod_N(BIGNUM *B, BIGNUM *N);
|
|
||||||
|
|
||||||
# define SRP_MINIMAL_N 1024
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
# endif
|
|
||||||
#endif
|
|
|
@ -1,862 +0,0 @@
|
||||||
/* crypto/ts/ts.h */
|
|
||||||
/*
|
|
||||||
* Written by Zoltan Glozik (zglozik@opentsa.org) for the OpenSSL project
|
|
||||||
* 2002, 2003, 2004.
|
|
||||||
*/
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
*
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
*
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in
|
|
||||||
* the documentation and/or other materials provided with the
|
|
||||||
* distribution.
|
|
||||||
*
|
|
||||||
* 3. All advertising materials mentioning features or use of this
|
|
||||||
* software must display the following acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
|
||||||
*
|
|
||||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* prior written permission. For written permission, please contact
|
|
||||||
* licensing@OpenSSL.org.
|
|
||||||
*
|
|
||||||
* 5. Products derived from this software may not be called "OpenSSL"
|
|
||||||
* nor may "OpenSSL" appear in their names without prior written
|
|
||||||
* permission of the OpenSSL Project.
|
|
||||||
*
|
|
||||||
* 6. Redistributions of any form whatsoever must retain the following
|
|
||||||
* acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
||||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
||||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
||||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
||||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
||||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
||||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
||||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
||||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
* ====================================================================
|
|
||||||
*
|
|
||||||
* This product includes cryptographic software written by Eric Young
|
|
||||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
|
||||||
* Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_TS_H
|
|
||||||
# define HEADER_TS_H
|
|
||||||
|
|
||||||
# include <openssl/opensslconf.h>
|
|
||||||
# include <openssl/symhacks.h>
|
|
||||||
# ifndef OPENSSL_NO_BUFFER
|
|
||||||
# include <openssl/buffer.h>
|
|
||||||
# endif
|
|
||||||
# ifndef OPENSSL_NO_EVP
|
|
||||||
# include <openssl/evp.h>
|
|
||||||
# endif
|
|
||||||
# ifndef OPENSSL_NO_BIO
|
|
||||||
# include <openssl/bio.h>
|
|
||||||
# endif
|
|
||||||
# include <openssl/stack.h>
|
|
||||||
# include <openssl/asn1.h>
|
|
||||||
# include <openssl/safestack.h>
|
|
||||||
|
|
||||||
# ifndef OPENSSL_NO_RSA
|
|
||||||
# include <openssl/rsa.h>
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# ifndef OPENSSL_NO_DSA
|
|
||||||
# include <openssl/dsa.h>
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# ifndef OPENSSL_NO_DH
|
|
||||||
# include <openssl/dh.h>
|
|
||||||
# endif
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
# ifdef WIN32
|
|
||||||
/* Under Win32 this is defined in wincrypt.h */
|
|
||||||
# undef X509_NAME
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# include <openssl/x509.h>
|
|
||||||
# include <openssl/x509v3.h>
|
|
||||||
|
|
||||||
/*-
|
|
||||||
MessageImprint ::= SEQUENCE {
|
|
||||||
hashAlgorithm AlgorithmIdentifier,
|
|
||||||
hashedMessage OCTET STRING }
|
|
||||||
*/
|
|
||||||
|
|
||||||
typedef struct TS_msg_imprint_st {
|
|
||||||
X509_ALGOR *hash_algo;
|
|
||||||
ASN1_OCTET_STRING *hashed_msg;
|
|
||||||
} TS_MSG_IMPRINT;
|
|
||||||
|
|
||||||
/*-
|
|
||||||
TimeStampReq ::= SEQUENCE {
|
|
||||||
version INTEGER { v1(1) },
|
|
||||||
messageImprint MessageImprint,
|
|
||||||
--a hash algorithm OID and the hash value of the data to be
|
|
||||||
--time-stamped
|
|
||||||
reqPolicy TSAPolicyId OPTIONAL,
|
|
||||||
nonce INTEGER OPTIONAL,
|
|
||||||
certReq BOOLEAN DEFAULT FALSE,
|
|
||||||
extensions [0] IMPLICIT Extensions OPTIONAL }
|
|
||||||
*/
|
|
||||||
|
|
||||||
typedef struct TS_req_st {
|
|
||||||
ASN1_INTEGER *version;
|
|
||||||
TS_MSG_IMPRINT *msg_imprint;
|
|
||||||
ASN1_OBJECT *policy_id; /* OPTIONAL */
|
|
||||||
ASN1_INTEGER *nonce; /* OPTIONAL */
|
|
||||||
ASN1_BOOLEAN cert_req; /* DEFAULT FALSE */
|
|
||||||
STACK_OF(X509_EXTENSION) *extensions; /* [0] OPTIONAL */
|
|
||||||
} TS_REQ;
|
|
||||||
|
|
||||||
/*-
|
|
||||||
Accuracy ::= SEQUENCE {
|
|
||||||
seconds INTEGER OPTIONAL,
|
|
||||||
millis [0] INTEGER (1..999) OPTIONAL,
|
|
||||||
micros [1] INTEGER (1..999) OPTIONAL }
|
|
||||||
*/
|
|
||||||
|
|
||||||
typedef struct TS_accuracy_st {
|
|
||||||
ASN1_INTEGER *seconds;
|
|
||||||
ASN1_INTEGER *millis;
|
|
||||||
ASN1_INTEGER *micros;
|
|
||||||
} TS_ACCURACY;
|
|
||||||
|
|
||||||
/*-
|
|
||||||
TSTInfo ::= SEQUENCE {
|
|
||||||
version INTEGER { v1(1) },
|
|
||||||
policy TSAPolicyId,
|
|
||||||
messageImprint MessageImprint,
|
|
||||||
-- MUST have the same value as the similar field in
|
|
||||||
-- TimeStampReq
|
|
||||||
serialNumber INTEGER,
|
|
||||||
-- Time-Stamping users MUST be ready to accommodate integers
|
|
||||||
-- up to 160 bits.
|
|
||||||
genTime GeneralizedTime,
|
|
||||||
accuracy Accuracy OPTIONAL,
|
|
||||||
ordering BOOLEAN DEFAULT FALSE,
|
|
||||||
nonce INTEGER OPTIONAL,
|
|
||||||
-- MUST be present if the similar field was present
|
|
||||||
-- in TimeStampReq. In that case it MUST have the same value.
|
|
||||||
tsa [0] GeneralName OPTIONAL,
|
|
||||||
extensions [1] IMPLICIT Extensions OPTIONAL }
|
|
||||||
*/
|
|
||||||
|
|
||||||
typedef struct TS_tst_info_st {
|
|
||||||
ASN1_INTEGER *version;
|
|
||||||
ASN1_OBJECT *policy_id;
|
|
||||||
TS_MSG_IMPRINT *msg_imprint;
|
|
||||||
ASN1_INTEGER *serial;
|
|
||||||
ASN1_GENERALIZEDTIME *time;
|
|
||||||
TS_ACCURACY *accuracy;
|
|
||||||
ASN1_BOOLEAN ordering;
|
|
||||||
ASN1_INTEGER *nonce;
|
|
||||||
GENERAL_NAME *tsa;
|
|
||||||
STACK_OF(X509_EXTENSION) *extensions;
|
|
||||||
} TS_TST_INFO;
|
|
||||||
|
|
||||||
/*-
|
|
||||||
PKIStatusInfo ::= SEQUENCE {
|
|
||||||
status PKIStatus,
|
|
||||||
statusString PKIFreeText OPTIONAL,
|
|
||||||
failInfo PKIFailureInfo OPTIONAL }
|
|
||||||
|
|
||||||
From RFC 1510 - section 3.1.1:
|
|
||||||
PKIFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String
|
|
||||||
-- text encoded as UTF-8 String (note: each UTF8String SHOULD
|
|
||||||
-- include an RFC 1766 language tag to indicate the language
|
|
||||||
-- of the contained text)
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* Possible values for status. See ts_resp_print.c && ts_resp_verify.c. */
|
|
||||||
|
|
||||||
# define TS_STATUS_GRANTED 0
|
|
||||||
# define TS_STATUS_GRANTED_WITH_MODS 1
|
|
||||||
# define TS_STATUS_REJECTION 2
|
|
||||||
# define TS_STATUS_WAITING 3
|
|
||||||
# define TS_STATUS_REVOCATION_WARNING 4
|
|
||||||
# define TS_STATUS_REVOCATION_NOTIFICATION 5
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Possible values for failure_info. See ts_resp_print.c && ts_resp_verify.c
|
|
||||||
*/
|
|
||||||
|
|
||||||
# define TS_INFO_BAD_ALG 0
|
|
||||||
# define TS_INFO_BAD_REQUEST 2
|
|
||||||
# define TS_INFO_BAD_DATA_FORMAT 5
|
|
||||||
# define TS_INFO_TIME_NOT_AVAILABLE 14
|
|
||||||
# define TS_INFO_UNACCEPTED_POLICY 15
|
|
||||||
# define TS_INFO_UNACCEPTED_EXTENSION 16
|
|
||||||
# define TS_INFO_ADD_INFO_NOT_AVAILABLE 17
|
|
||||||
# define TS_INFO_SYSTEM_FAILURE 25
|
|
||||||
|
|
||||||
typedef struct TS_status_info_st {
|
|
||||||
ASN1_INTEGER *status;
|
|
||||||
STACK_OF(ASN1_UTF8STRING) *text;
|
|
||||||
ASN1_BIT_STRING *failure_info;
|
|
||||||
} TS_STATUS_INFO;
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(ASN1_UTF8STRING)
|
|
||||||
DECLARE_ASN1_SET_OF(ASN1_UTF8STRING)
|
|
||||||
|
|
||||||
/*-
|
|
||||||
TimeStampResp ::= SEQUENCE {
|
|
||||||
status PKIStatusInfo,
|
|
||||||
timeStampToken TimeStampToken OPTIONAL }
|
|
||||||
*/
|
|
||||||
|
|
||||||
typedef struct TS_resp_st {
|
|
||||||
TS_STATUS_INFO *status_info;
|
|
||||||
PKCS7 *token;
|
|
||||||
TS_TST_INFO *tst_info;
|
|
||||||
} TS_RESP;
|
|
||||||
|
|
||||||
/* The structure below would belong to the ESS component. */
|
|
||||||
|
|
||||||
/*-
|
|
||||||
IssuerSerial ::= SEQUENCE {
|
|
||||||
issuer GeneralNames,
|
|
||||||
serialNumber CertificateSerialNumber
|
|
||||||
}
|
|
||||||
*/
|
|
||||||
|
|
||||||
typedef struct ESS_issuer_serial {
|
|
||||||
STACK_OF(GENERAL_NAME) *issuer;
|
|
||||||
ASN1_INTEGER *serial;
|
|
||||||
} ESS_ISSUER_SERIAL;
|
|
||||||
|
|
||||||
/*-
|
|
||||||
ESSCertID ::= SEQUENCE {
|
|
||||||
certHash Hash,
|
|
||||||
issuerSerial IssuerSerial OPTIONAL
|
|
||||||
}
|
|
||||||
*/
|
|
||||||
|
|
||||||
typedef struct ESS_cert_id {
|
|
||||||
ASN1_OCTET_STRING *hash; /* Always SHA-1 digest. */
|
|
||||||
ESS_ISSUER_SERIAL *issuer_serial;
|
|
||||||
} ESS_CERT_ID;
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(ESS_CERT_ID)
|
|
||||||
DECLARE_ASN1_SET_OF(ESS_CERT_ID)
|
|
||||||
|
|
||||||
/*-
|
|
||||||
SigningCertificate ::= SEQUENCE {
|
|
||||||
certs SEQUENCE OF ESSCertID,
|
|
||||||
policies SEQUENCE OF PolicyInformation OPTIONAL
|
|
||||||
}
|
|
||||||
*/
|
|
||||||
|
|
||||||
typedef struct ESS_signing_cert {
|
|
||||||
STACK_OF(ESS_CERT_ID) *cert_ids;
|
|
||||||
STACK_OF(POLICYINFO) *policy_info;
|
|
||||||
} ESS_SIGNING_CERT;
|
|
||||||
|
|
||||||
TS_REQ *TS_REQ_new(void);
|
|
||||||
void TS_REQ_free(TS_REQ *a);
|
|
||||||
int i2d_TS_REQ(const TS_REQ *a, unsigned char **pp);
|
|
||||||
TS_REQ *d2i_TS_REQ(TS_REQ **a, const unsigned char **pp, long length);
|
|
||||||
|
|
||||||
TS_REQ *TS_REQ_dup(TS_REQ *a);
|
|
||||||
|
|
||||||
TS_REQ *d2i_TS_REQ_fp(FILE *fp, TS_REQ **a);
|
|
||||||
int i2d_TS_REQ_fp(FILE *fp, TS_REQ *a);
|
|
||||||
TS_REQ *d2i_TS_REQ_bio(BIO *fp, TS_REQ **a);
|
|
||||||
int i2d_TS_REQ_bio(BIO *fp, TS_REQ *a);
|
|
||||||
|
|
||||||
TS_MSG_IMPRINT *TS_MSG_IMPRINT_new(void);
|
|
||||||
void TS_MSG_IMPRINT_free(TS_MSG_IMPRINT *a);
|
|
||||||
int i2d_TS_MSG_IMPRINT(const TS_MSG_IMPRINT *a, unsigned char **pp);
|
|
||||||
TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT(TS_MSG_IMPRINT **a,
|
|
||||||
const unsigned char **pp, long length);
|
|
||||||
|
|
||||||
TS_MSG_IMPRINT *TS_MSG_IMPRINT_dup(TS_MSG_IMPRINT *a);
|
|
||||||
|
|
||||||
TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT **a);
|
|
||||||
int i2d_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT *a);
|
|
||||||
TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_bio(BIO *fp, TS_MSG_IMPRINT **a);
|
|
||||||
int i2d_TS_MSG_IMPRINT_bio(BIO *fp, TS_MSG_IMPRINT *a);
|
|
||||||
|
|
||||||
TS_RESP *TS_RESP_new(void);
|
|
||||||
void TS_RESP_free(TS_RESP *a);
|
|
||||||
int i2d_TS_RESP(const TS_RESP *a, unsigned char **pp);
|
|
||||||
TS_RESP *d2i_TS_RESP(TS_RESP **a, const unsigned char **pp, long length);
|
|
||||||
TS_TST_INFO *PKCS7_to_TS_TST_INFO(PKCS7 *token);
|
|
||||||
TS_RESP *TS_RESP_dup(TS_RESP *a);
|
|
||||||
|
|
||||||
TS_RESP *d2i_TS_RESP_fp(FILE *fp, TS_RESP **a);
|
|
||||||
int i2d_TS_RESP_fp(FILE *fp, TS_RESP *a);
|
|
||||||
TS_RESP *d2i_TS_RESP_bio(BIO *fp, TS_RESP **a);
|
|
||||||
int i2d_TS_RESP_bio(BIO *fp, TS_RESP *a);
|
|
||||||
|
|
||||||
TS_STATUS_INFO *TS_STATUS_INFO_new(void);
|
|
||||||
void TS_STATUS_INFO_free(TS_STATUS_INFO *a);
|
|
||||||
int i2d_TS_STATUS_INFO(const TS_STATUS_INFO *a, unsigned char **pp);
|
|
||||||
TS_STATUS_INFO *d2i_TS_STATUS_INFO(TS_STATUS_INFO **a,
|
|
||||||
const unsigned char **pp, long length);
|
|
||||||
TS_STATUS_INFO *TS_STATUS_INFO_dup(TS_STATUS_INFO *a);
|
|
||||||
|
|
||||||
TS_TST_INFO *TS_TST_INFO_new(void);
|
|
||||||
void TS_TST_INFO_free(TS_TST_INFO *a);
|
|
||||||
int i2d_TS_TST_INFO(const TS_TST_INFO *a, unsigned char **pp);
|
|
||||||
TS_TST_INFO *d2i_TS_TST_INFO(TS_TST_INFO **a, const unsigned char **pp,
|
|
||||||
long length);
|
|
||||||
TS_TST_INFO *TS_TST_INFO_dup(TS_TST_INFO *a);
|
|
||||||
|
|
||||||
TS_TST_INFO *d2i_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO **a);
|
|
||||||
int i2d_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO *a);
|
|
||||||
TS_TST_INFO *d2i_TS_TST_INFO_bio(BIO *fp, TS_TST_INFO **a);
|
|
||||||
int i2d_TS_TST_INFO_bio(BIO *fp, TS_TST_INFO *a);
|
|
||||||
|
|
||||||
TS_ACCURACY *TS_ACCURACY_new(void);
|
|
||||||
void TS_ACCURACY_free(TS_ACCURACY *a);
|
|
||||||
int i2d_TS_ACCURACY(const TS_ACCURACY *a, unsigned char **pp);
|
|
||||||
TS_ACCURACY *d2i_TS_ACCURACY(TS_ACCURACY **a, const unsigned char **pp,
|
|
||||||
long length);
|
|
||||||
TS_ACCURACY *TS_ACCURACY_dup(TS_ACCURACY *a);
|
|
||||||
|
|
||||||
ESS_ISSUER_SERIAL *ESS_ISSUER_SERIAL_new(void);
|
|
||||||
void ESS_ISSUER_SERIAL_free(ESS_ISSUER_SERIAL *a);
|
|
||||||
int i2d_ESS_ISSUER_SERIAL(const ESS_ISSUER_SERIAL *a, unsigned char **pp);
|
|
||||||
ESS_ISSUER_SERIAL *d2i_ESS_ISSUER_SERIAL(ESS_ISSUER_SERIAL **a,
|
|
||||||
const unsigned char **pp,
|
|
||||||
long length);
|
|
||||||
ESS_ISSUER_SERIAL *ESS_ISSUER_SERIAL_dup(ESS_ISSUER_SERIAL *a);
|
|
||||||
|
|
||||||
ESS_CERT_ID *ESS_CERT_ID_new(void);
|
|
||||||
void ESS_CERT_ID_free(ESS_CERT_ID *a);
|
|
||||||
int i2d_ESS_CERT_ID(const ESS_CERT_ID *a, unsigned char **pp);
|
|
||||||
ESS_CERT_ID *d2i_ESS_CERT_ID(ESS_CERT_ID **a, const unsigned char **pp,
|
|
||||||
long length);
|
|
||||||
ESS_CERT_ID *ESS_CERT_ID_dup(ESS_CERT_ID *a);
|
|
||||||
|
|
||||||
ESS_SIGNING_CERT *ESS_SIGNING_CERT_new(void);
|
|
||||||
void ESS_SIGNING_CERT_free(ESS_SIGNING_CERT *a);
|
|
||||||
int i2d_ESS_SIGNING_CERT(const ESS_SIGNING_CERT *a, unsigned char **pp);
|
|
||||||
ESS_SIGNING_CERT *d2i_ESS_SIGNING_CERT(ESS_SIGNING_CERT **a,
|
|
||||||
const unsigned char **pp, long length);
|
|
||||||
ESS_SIGNING_CERT *ESS_SIGNING_CERT_dup(ESS_SIGNING_CERT *a);
|
|
||||||
|
|
||||||
void ERR_load_TS_strings(void);
|
|
||||||
|
|
||||||
int TS_REQ_set_version(TS_REQ *a, long version);
|
|
||||||
long TS_REQ_get_version(const TS_REQ *a);
|
|
||||||
|
|
||||||
int TS_REQ_set_msg_imprint(TS_REQ *a, TS_MSG_IMPRINT *msg_imprint);
|
|
||||||
TS_MSG_IMPRINT *TS_REQ_get_msg_imprint(TS_REQ *a);
|
|
||||||
|
|
||||||
int TS_MSG_IMPRINT_set_algo(TS_MSG_IMPRINT *a, X509_ALGOR *alg);
|
|
||||||
X509_ALGOR *TS_MSG_IMPRINT_get_algo(TS_MSG_IMPRINT *a);
|
|
||||||
|
|
||||||
int TS_MSG_IMPRINT_set_msg(TS_MSG_IMPRINT *a, unsigned char *d, int len);
|
|
||||||
ASN1_OCTET_STRING *TS_MSG_IMPRINT_get_msg(TS_MSG_IMPRINT *a);
|
|
||||||
|
|
||||||
int TS_REQ_set_policy_id(TS_REQ *a, ASN1_OBJECT *policy);
|
|
||||||
ASN1_OBJECT *TS_REQ_get_policy_id(TS_REQ *a);
|
|
||||||
|
|
||||||
int TS_REQ_set_nonce(TS_REQ *a, const ASN1_INTEGER *nonce);
|
|
||||||
const ASN1_INTEGER *TS_REQ_get_nonce(const TS_REQ *a);
|
|
||||||
|
|
||||||
int TS_REQ_set_cert_req(TS_REQ *a, int cert_req);
|
|
||||||
int TS_REQ_get_cert_req(const TS_REQ *a);
|
|
||||||
|
|
||||||
STACK_OF(X509_EXTENSION) *TS_REQ_get_exts(TS_REQ *a);
|
|
||||||
void TS_REQ_ext_free(TS_REQ *a);
|
|
||||||
int TS_REQ_get_ext_count(TS_REQ *a);
|
|
||||||
int TS_REQ_get_ext_by_NID(TS_REQ *a, int nid, int lastpos);
|
|
||||||
int TS_REQ_get_ext_by_OBJ(TS_REQ *a, ASN1_OBJECT *obj, int lastpos);
|
|
||||||
int TS_REQ_get_ext_by_critical(TS_REQ *a, int crit, int lastpos);
|
|
||||||
X509_EXTENSION *TS_REQ_get_ext(TS_REQ *a, int loc);
|
|
||||||
X509_EXTENSION *TS_REQ_delete_ext(TS_REQ *a, int loc);
|
|
||||||
int TS_REQ_add_ext(TS_REQ *a, X509_EXTENSION *ex, int loc);
|
|
||||||
void *TS_REQ_get_ext_d2i(TS_REQ *a, int nid, int *crit, int *idx);
|
|
||||||
|
|
||||||
/* Function declarations for TS_REQ defined in ts/ts_req_print.c */
|
|
||||||
|
|
||||||
int TS_REQ_print_bio(BIO *bio, TS_REQ *a);
|
|
||||||
|
|
||||||
/* Function declarations for TS_RESP defined in ts/ts_resp_utils.c */
|
|
||||||
|
|
||||||
int TS_RESP_set_status_info(TS_RESP *a, TS_STATUS_INFO *info);
|
|
||||||
TS_STATUS_INFO *TS_RESP_get_status_info(TS_RESP *a);
|
|
||||||
|
|
||||||
/* Caller loses ownership of PKCS7 and TS_TST_INFO objects. */
|
|
||||||
void TS_RESP_set_tst_info(TS_RESP *a, PKCS7 *p7, TS_TST_INFO *tst_info);
|
|
||||||
PKCS7 *TS_RESP_get_token(TS_RESP *a);
|
|
||||||
TS_TST_INFO *TS_RESP_get_tst_info(TS_RESP *a);
|
|
||||||
|
|
||||||
int TS_TST_INFO_set_version(TS_TST_INFO *a, long version);
|
|
||||||
long TS_TST_INFO_get_version(const TS_TST_INFO *a);
|
|
||||||
|
|
||||||
int TS_TST_INFO_set_policy_id(TS_TST_INFO *a, ASN1_OBJECT *policy_id);
|
|
||||||
ASN1_OBJECT *TS_TST_INFO_get_policy_id(TS_TST_INFO *a);
|
|
||||||
|
|
||||||
int TS_TST_INFO_set_msg_imprint(TS_TST_INFO *a, TS_MSG_IMPRINT *msg_imprint);
|
|
||||||
TS_MSG_IMPRINT *TS_TST_INFO_get_msg_imprint(TS_TST_INFO *a);
|
|
||||||
|
|
||||||
int TS_TST_INFO_set_serial(TS_TST_INFO *a, const ASN1_INTEGER *serial);
|
|
||||||
const ASN1_INTEGER *TS_TST_INFO_get_serial(const TS_TST_INFO *a);
|
|
||||||
|
|
||||||
int TS_TST_INFO_set_time(TS_TST_INFO *a, const ASN1_GENERALIZEDTIME *gtime);
|
|
||||||
const ASN1_GENERALIZEDTIME *TS_TST_INFO_get_time(const TS_TST_INFO *a);
|
|
||||||
|
|
||||||
int TS_TST_INFO_set_accuracy(TS_TST_INFO *a, TS_ACCURACY *accuracy);
|
|
||||||
TS_ACCURACY *TS_TST_INFO_get_accuracy(TS_TST_INFO *a);
|
|
||||||
|
|
||||||
int TS_ACCURACY_set_seconds(TS_ACCURACY *a, const ASN1_INTEGER *seconds);
|
|
||||||
const ASN1_INTEGER *TS_ACCURACY_get_seconds(const TS_ACCURACY *a);
|
|
||||||
|
|
||||||
int TS_ACCURACY_set_millis(TS_ACCURACY *a, const ASN1_INTEGER *millis);
|
|
||||||
const ASN1_INTEGER *TS_ACCURACY_get_millis(const TS_ACCURACY *a);
|
|
||||||
|
|
||||||
int TS_ACCURACY_set_micros(TS_ACCURACY *a, const ASN1_INTEGER *micros);
|
|
||||||
const ASN1_INTEGER *TS_ACCURACY_get_micros(const TS_ACCURACY *a);
|
|
||||||
|
|
||||||
int TS_TST_INFO_set_ordering(TS_TST_INFO *a, int ordering);
|
|
||||||
int TS_TST_INFO_get_ordering(const TS_TST_INFO *a);
|
|
||||||
|
|
||||||
int TS_TST_INFO_set_nonce(TS_TST_INFO *a, const ASN1_INTEGER *nonce);
|
|
||||||
const ASN1_INTEGER *TS_TST_INFO_get_nonce(const TS_TST_INFO *a);
|
|
||||||
|
|
||||||
int TS_TST_INFO_set_tsa(TS_TST_INFO *a, GENERAL_NAME *tsa);
|
|
||||||
GENERAL_NAME *TS_TST_INFO_get_tsa(TS_TST_INFO *a);
|
|
||||||
|
|
||||||
STACK_OF(X509_EXTENSION) *TS_TST_INFO_get_exts(TS_TST_INFO *a);
|
|
||||||
void TS_TST_INFO_ext_free(TS_TST_INFO *a);
|
|
||||||
int TS_TST_INFO_get_ext_count(TS_TST_INFO *a);
|
|
||||||
int TS_TST_INFO_get_ext_by_NID(TS_TST_INFO *a, int nid, int lastpos);
|
|
||||||
int TS_TST_INFO_get_ext_by_OBJ(TS_TST_INFO *a, ASN1_OBJECT *obj, int lastpos);
|
|
||||||
int TS_TST_INFO_get_ext_by_critical(TS_TST_INFO *a, int crit, int lastpos);
|
|
||||||
X509_EXTENSION *TS_TST_INFO_get_ext(TS_TST_INFO *a, int loc);
|
|
||||||
X509_EXTENSION *TS_TST_INFO_delete_ext(TS_TST_INFO *a, int loc);
|
|
||||||
int TS_TST_INFO_add_ext(TS_TST_INFO *a, X509_EXTENSION *ex, int loc);
|
|
||||||
void *TS_TST_INFO_get_ext_d2i(TS_TST_INFO *a, int nid, int *crit, int *idx);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Declarations related to response generation, defined in ts/ts_resp_sign.c.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* Optional flags for response generation. */
|
|
||||||
|
|
||||||
/* Don't include the TSA name in response. */
|
|
||||||
# define TS_TSA_NAME 0x01
|
|
||||||
|
|
||||||
/* Set ordering to true in response. */
|
|
||||||
# define TS_ORDERING 0x02
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Include the signer certificate and the other specified certificates in
|
|
||||||
* the ESS signing certificate attribute beside the PKCS7 signed data.
|
|
||||||
* Only the signer certificates is included by default.
|
|
||||||
*/
|
|
||||||
# define TS_ESS_CERT_ID_CHAIN 0x04
|
|
||||||
|
|
||||||
/* Forward declaration. */
|
|
||||||
struct TS_resp_ctx;
|
|
||||||
|
|
||||||
/* This must return a unique number less than 160 bits long. */
|
|
||||||
typedef ASN1_INTEGER *(*TS_serial_cb) (struct TS_resp_ctx *, void *);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This must return the seconds and microseconds since Jan 1, 1970 in the sec
|
|
||||||
* and usec variables allocated by the caller. Return non-zero for success
|
|
||||||
* and zero for failure.
|
|
||||||
*/
|
|
||||||
typedef int (*TS_time_cb) (struct TS_resp_ctx *, void *, long *sec,
|
|
||||||
long *usec);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This must process the given extension. It can modify the TS_TST_INFO
|
|
||||||
* object of the context. Return values: !0 (processed), 0 (error, it must
|
|
||||||
* set the status info/failure info of the response).
|
|
||||||
*/
|
|
||||||
typedef int (*TS_extension_cb) (struct TS_resp_ctx *, X509_EXTENSION *,
|
|
||||||
void *);
|
|
||||||
|
|
||||||
typedef struct TS_resp_ctx {
|
|
||||||
X509 *signer_cert;
|
|
||||||
EVP_PKEY *signer_key;
|
|
||||||
STACK_OF(X509) *certs; /* Certs to include in signed data. */
|
|
||||||
STACK_OF(ASN1_OBJECT) *policies; /* Acceptable policies. */
|
|
||||||
ASN1_OBJECT *default_policy; /* It may appear in policies, too. */
|
|
||||||
STACK_OF(EVP_MD) *mds; /* Acceptable message digests. */
|
|
||||||
ASN1_INTEGER *seconds; /* accuracy, 0 means not specified. */
|
|
||||||
ASN1_INTEGER *millis; /* accuracy, 0 means not specified. */
|
|
||||||
ASN1_INTEGER *micros; /* accuracy, 0 means not specified. */
|
|
||||||
unsigned clock_precision_digits; /* fraction of seconds in time stamp
|
|
||||||
* token. */
|
|
||||||
unsigned flags; /* Optional info, see values above. */
|
|
||||||
/* Callback functions. */
|
|
||||||
TS_serial_cb serial_cb;
|
|
||||||
void *serial_cb_data; /* User data for serial_cb. */
|
|
||||||
TS_time_cb time_cb;
|
|
||||||
void *time_cb_data; /* User data for time_cb. */
|
|
||||||
TS_extension_cb extension_cb;
|
|
||||||
void *extension_cb_data; /* User data for extension_cb. */
|
|
||||||
/* These members are used only while creating the response. */
|
|
||||||
TS_REQ *request;
|
|
||||||
TS_RESP *response;
|
|
||||||
TS_TST_INFO *tst_info;
|
|
||||||
} TS_RESP_CTX;
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(EVP_MD)
|
|
||||||
DECLARE_ASN1_SET_OF(EVP_MD)
|
|
||||||
|
|
||||||
/* Creates a response context that can be used for generating responses. */
|
|
||||||
TS_RESP_CTX *TS_RESP_CTX_new(void);
|
|
||||||
void TS_RESP_CTX_free(TS_RESP_CTX *ctx);
|
|
||||||
|
|
||||||
/* This parameter must be set. */
|
|
||||||
int TS_RESP_CTX_set_signer_cert(TS_RESP_CTX *ctx, X509 *signer);
|
|
||||||
|
|
||||||
/* This parameter must be set. */
|
|
||||||
int TS_RESP_CTX_set_signer_key(TS_RESP_CTX *ctx, EVP_PKEY *key);
|
|
||||||
|
|
||||||
/* This parameter must be set. */
|
|
||||||
int TS_RESP_CTX_set_def_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *def_policy);
|
|
||||||
|
|
||||||
/* No additional certs are included in the response by default. */
|
|
||||||
int TS_RESP_CTX_set_certs(TS_RESP_CTX *ctx, STACK_OF(X509) *certs);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Adds a new acceptable policy, only the default policy is accepted by
|
|
||||||
* default.
|
|
||||||
*/
|
|
||||||
int TS_RESP_CTX_add_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *policy);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Adds a new acceptable message digest. Note that no message digests are
|
|
||||||
* accepted by default. The md argument is shared with the caller.
|
|
||||||
*/
|
|
||||||
int TS_RESP_CTX_add_md(TS_RESP_CTX *ctx, const EVP_MD *md);
|
|
||||||
|
|
||||||
/* Accuracy is not included by default. */
|
|
||||||
int TS_RESP_CTX_set_accuracy(TS_RESP_CTX *ctx,
|
|
||||||
int secs, int millis, int micros);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Clock precision digits, i.e. the number of decimal digits: '0' means sec,
|
|
||||||
* '3' msec, '6' usec, and so on. Default is 0.
|
|
||||||
*/
|
|
||||||
int TS_RESP_CTX_set_clock_precision_digits(TS_RESP_CTX *ctx,
|
|
||||||
unsigned clock_precision_digits);
|
|
||||||
/* At most we accept usec precision. */
|
|
||||||
# define TS_MAX_CLOCK_PRECISION_DIGITS 6
|
|
||||||
|
|
||||||
/* No flags are set by default. */
|
|
||||||
void TS_RESP_CTX_add_flags(TS_RESP_CTX *ctx, int flags);
|
|
||||||
|
|
||||||
/* Default callback always returns a constant. */
|
|
||||||
void TS_RESP_CTX_set_serial_cb(TS_RESP_CTX *ctx, TS_serial_cb cb, void *data);
|
|
||||||
|
|
||||||
/* Default callback uses the gettimeofday() and gmtime() system calls. */
|
|
||||||
void TS_RESP_CTX_set_time_cb(TS_RESP_CTX *ctx, TS_time_cb cb, void *data);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Default callback rejects all extensions. The extension callback is called
|
|
||||||
* when the TS_TST_INFO object is already set up and not signed yet.
|
|
||||||
*/
|
|
||||||
/* FIXME: extension handling is not tested yet. */
|
|
||||||
void TS_RESP_CTX_set_extension_cb(TS_RESP_CTX *ctx,
|
|
||||||
TS_extension_cb cb, void *data);
|
|
||||||
|
|
||||||
/* The following methods can be used in the callbacks. */
|
|
||||||
int TS_RESP_CTX_set_status_info(TS_RESP_CTX *ctx,
|
|
||||||
int status, const char *text);
|
|
||||||
|
|
||||||
/* Sets the status info only if it is still TS_STATUS_GRANTED. */
|
|
||||||
int TS_RESP_CTX_set_status_info_cond(TS_RESP_CTX *ctx,
|
|
||||||
int status, const char *text);
|
|
||||||
|
|
||||||
int TS_RESP_CTX_add_failure_info(TS_RESP_CTX *ctx, int failure);
|
|
||||||
|
|
||||||
/* The get methods below can be used in the extension callback. */
|
|
||||||
TS_REQ *TS_RESP_CTX_get_request(TS_RESP_CTX *ctx);
|
|
||||||
|
|
||||||
TS_TST_INFO *TS_RESP_CTX_get_tst_info(TS_RESP_CTX *ctx);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Creates the signed TS_TST_INFO and puts it in TS_RESP.
|
|
||||||
* In case of errors it sets the status info properly.
|
|
||||||
* Returns NULL only in case of memory allocation/fatal error.
|
|
||||||
*/
|
|
||||||
TS_RESP *TS_RESP_create_response(TS_RESP_CTX *ctx, BIO *req_bio);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Declarations related to response verification,
|
|
||||||
* they are defined in ts/ts_resp_verify.c.
|
|
||||||
*/
|
|
||||||
|
|
||||||
int TS_RESP_verify_signature(PKCS7 *token, STACK_OF(X509) *certs,
|
|
||||||
X509_STORE *store, X509 **signer_out);
|
|
||||||
|
|
||||||
/* Context structure for the generic verify method. */
|
|
||||||
|
|
||||||
/* Verify the signer's certificate and the signature of the response. */
|
|
||||||
# define TS_VFY_SIGNATURE (1u << 0)
|
|
||||||
/* Verify the version number of the response. */
|
|
||||||
# define TS_VFY_VERSION (1u << 1)
|
|
||||||
/* Verify if the policy supplied by the user matches the policy of the TSA. */
|
|
||||||
# define TS_VFY_POLICY (1u << 2)
|
|
||||||
/*
|
|
||||||
* Verify the message imprint provided by the user. This flag should not be
|
|
||||||
* specified with TS_VFY_DATA.
|
|
||||||
*/
|
|
||||||
# define TS_VFY_IMPRINT (1u << 3)
|
|
||||||
/*
|
|
||||||
* Verify the message imprint computed by the verify method from the user
|
|
||||||
* provided data and the MD algorithm of the response. This flag should not
|
|
||||||
* be specified with TS_VFY_IMPRINT.
|
|
||||||
*/
|
|
||||||
# define TS_VFY_DATA (1u << 4)
|
|
||||||
/* Verify the nonce value. */
|
|
||||||
# define TS_VFY_NONCE (1u << 5)
|
|
||||||
/* Verify if the TSA name field matches the signer certificate. */
|
|
||||||
# define TS_VFY_SIGNER (1u << 6)
|
|
||||||
/* Verify if the TSA name field equals to the user provided name. */
|
|
||||||
# define TS_VFY_TSA_NAME (1u << 7)
|
|
||||||
|
|
||||||
/* You can use the following convenience constants. */
|
|
||||||
# define TS_VFY_ALL_IMPRINT (TS_VFY_SIGNATURE \
|
|
||||||
| TS_VFY_VERSION \
|
|
||||||
| TS_VFY_POLICY \
|
|
||||||
| TS_VFY_IMPRINT \
|
|
||||||
| TS_VFY_NONCE \
|
|
||||||
| TS_VFY_SIGNER \
|
|
||||||
| TS_VFY_TSA_NAME)
|
|
||||||
# define TS_VFY_ALL_DATA (TS_VFY_SIGNATURE \
|
|
||||||
| TS_VFY_VERSION \
|
|
||||||
| TS_VFY_POLICY \
|
|
||||||
| TS_VFY_DATA \
|
|
||||||
| TS_VFY_NONCE \
|
|
||||||
| TS_VFY_SIGNER \
|
|
||||||
| TS_VFY_TSA_NAME)
|
|
||||||
|
|
||||||
typedef struct TS_verify_ctx {
|
|
||||||
/* Set this to the union of TS_VFY_... flags you want to carry out. */
|
|
||||||
unsigned flags;
|
|
||||||
/* Must be set only with TS_VFY_SIGNATURE. certs is optional. */
|
|
||||||
X509_STORE *store;
|
|
||||||
STACK_OF(X509) *certs;
|
|
||||||
/* Must be set only with TS_VFY_POLICY. */
|
|
||||||
ASN1_OBJECT *policy;
|
|
||||||
/*
|
|
||||||
* Must be set only with TS_VFY_IMPRINT. If md_alg is NULL, the
|
|
||||||
* algorithm from the response is used.
|
|
||||||
*/
|
|
||||||
X509_ALGOR *md_alg;
|
|
||||||
unsigned char *imprint;
|
|
||||||
unsigned imprint_len;
|
|
||||||
/* Must be set only with TS_VFY_DATA. */
|
|
||||||
BIO *data;
|
|
||||||
/* Must be set only with TS_VFY_TSA_NAME. */
|
|
||||||
ASN1_INTEGER *nonce;
|
|
||||||
/* Must be set only with TS_VFY_TSA_NAME. */
|
|
||||||
GENERAL_NAME *tsa_name;
|
|
||||||
} TS_VERIFY_CTX;
|
|
||||||
|
|
||||||
int TS_RESP_verify_response(TS_VERIFY_CTX *ctx, TS_RESP *response);
|
|
||||||
int TS_RESP_verify_token(TS_VERIFY_CTX *ctx, PKCS7 *token);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Declarations related to response verification context,
|
|
||||||
* they are defined in ts/ts_verify_ctx.c.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* Set all fields to zero. */
|
|
||||||
TS_VERIFY_CTX *TS_VERIFY_CTX_new(void);
|
|
||||||
void TS_VERIFY_CTX_init(TS_VERIFY_CTX *ctx);
|
|
||||||
void TS_VERIFY_CTX_free(TS_VERIFY_CTX *ctx);
|
|
||||||
void TS_VERIFY_CTX_cleanup(TS_VERIFY_CTX *ctx);
|
|
||||||
|
|
||||||
/*-
|
|
||||||
* If ctx is NULL, it allocates and returns a new object, otherwise
|
|
||||||
* it returns ctx. It initialises all the members as follows:
|
|
||||||
* flags = TS_VFY_ALL_IMPRINT & ~(TS_VFY_TSA_NAME | TS_VFY_SIGNATURE)
|
|
||||||
* certs = NULL
|
|
||||||
* store = NULL
|
|
||||||
* policy = policy from the request or NULL if absent (in this case
|
|
||||||
* TS_VFY_POLICY is cleared from flags as well)
|
|
||||||
* md_alg = MD algorithm from request
|
|
||||||
* imprint, imprint_len = imprint from request
|
|
||||||
* data = NULL
|
|
||||||
* nonce, nonce_len = nonce from the request or NULL if absent (in this case
|
|
||||||
* TS_VFY_NONCE is cleared from flags as well)
|
|
||||||
* tsa_name = NULL
|
|
||||||
* Important: after calling this method TS_VFY_SIGNATURE should be added!
|
|
||||||
*/
|
|
||||||
TS_VERIFY_CTX *TS_REQ_to_TS_VERIFY_CTX(TS_REQ *req, TS_VERIFY_CTX *ctx);
|
|
||||||
|
|
||||||
/* Function declarations for TS_RESP defined in ts/ts_resp_print.c */
|
|
||||||
|
|
||||||
int TS_RESP_print_bio(BIO *bio, TS_RESP *a);
|
|
||||||
int TS_STATUS_INFO_print_bio(BIO *bio, TS_STATUS_INFO *a);
|
|
||||||
int TS_TST_INFO_print_bio(BIO *bio, TS_TST_INFO *a);
|
|
||||||
|
|
||||||
/* Common utility functions defined in ts/ts_lib.c */
|
|
||||||
|
|
||||||
int TS_ASN1_INTEGER_print_bio(BIO *bio, const ASN1_INTEGER *num);
|
|
||||||
int TS_OBJ_print_bio(BIO *bio, const ASN1_OBJECT *obj);
|
|
||||||
int TS_ext_print_bio(BIO *bio, const STACK_OF(X509_EXTENSION) *extensions);
|
|
||||||
int TS_X509_ALGOR_print_bio(BIO *bio, const X509_ALGOR *alg);
|
|
||||||
int TS_MSG_IMPRINT_print_bio(BIO *bio, TS_MSG_IMPRINT *msg);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Function declarations for handling configuration options, defined in
|
|
||||||
* ts/ts_conf.c
|
|
||||||
*/
|
|
||||||
|
|
||||||
X509 *TS_CONF_load_cert(const char *file);
|
|
||||||
STACK_OF(X509) *TS_CONF_load_certs(const char *file);
|
|
||||||
EVP_PKEY *TS_CONF_load_key(const char *file, const char *pass);
|
|
||||||
const char *TS_CONF_get_tsa_section(CONF *conf, const char *section);
|
|
||||||
int TS_CONF_set_serial(CONF *conf, const char *section, TS_serial_cb cb,
|
|
||||||
TS_RESP_CTX *ctx);
|
|
||||||
int TS_CONF_set_crypto_device(CONF *conf, const char *section,
|
|
||||||
const char *device);
|
|
||||||
int TS_CONF_set_default_engine(const char *name);
|
|
||||||
int TS_CONF_set_signer_cert(CONF *conf, const char *section,
|
|
||||||
const char *cert, TS_RESP_CTX *ctx);
|
|
||||||
int TS_CONF_set_certs(CONF *conf, const char *section, const char *certs,
|
|
||||||
TS_RESP_CTX *ctx);
|
|
||||||
int TS_CONF_set_signer_key(CONF *conf, const char *section,
|
|
||||||
const char *key, const char *pass,
|
|
||||||
TS_RESP_CTX *ctx);
|
|
||||||
int TS_CONF_set_def_policy(CONF *conf, const char *section,
|
|
||||||
const char *policy, TS_RESP_CTX *ctx);
|
|
||||||
int TS_CONF_set_policies(CONF *conf, const char *section, TS_RESP_CTX *ctx);
|
|
||||||
int TS_CONF_set_digests(CONF *conf, const char *section, TS_RESP_CTX *ctx);
|
|
||||||
int TS_CONF_set_accuracy(CONF *conf, const char *section, TS_RESP_CTX *ctx);
|
|
||||||
int TS_CONF_set_clock_precision_digits(CONF *conf, const char *section,
|
|
||||||
TS_RESP_CTX *ctx);
|
|
||||||
int TS_CONF_set_ordering(CONF *conf, const char *section, TS_RESP_CTX *ctx);
|
|
||||||
int TS_CONF_set_tsa_name(CONF *conf, const char *section, TS_RESP_CTX *ctx);
|
|
||||||
int TS_CONF_set_ess_cert_id_chain(CONF *conf, const char *section,
|
|
||||||
TS_RESP_CTX *ctx);
|
|
||||||
|
|
||||||
/* -------------------------------------------------- */
|
|
||||||
/* BEGIN ERROR CODES */
|
|
||||||
/*
|
|
||||||
* The following lines are auto generated by the script mkerr.pl. Any changes
|
|
||||||
* made after this point may be overwritten when the script is next run.
|
|
||||||
*/
|
|
||||||
void ERR_load_TS_strings(void);
|
|
||||||
|
|
||||||
/* Error codes for the TS functions. */
|
|
||||||
|
|
||||||
/* Function codes. */
|
|
||||||
# define TS_F_D2I_TS_RESP 147
|
|
||||||
# define TS_F_DEF_SERIAL_CB 110
|
|
||||||
# define TS_F_DEF_TIME_CB 111
|
|
||||||
# define TS_F_ESS_ADD_SIGNING_CERT 112
|
|
||||||
# define TS_F_ESS_CERT_ID_NEW_INIT 113
|
|
||||||
# define TS_F_ESS_SIGNING_CERT_NEW_INIT 114
|
|
||||||
# define TS_F_INT_TS_RESP_VERIFY_TOKEN 149
|
|
||||||
# define TS_F_PKCS7_TO_TS_TST_INFO 148
|
|
||||||
# define TS_F_TS_ACCURACY_SET_MICROS 115
|
|
||||||
# define TS_F_TS_ACCURACY_SET_MILLIS 116
|
|
||||||
# define TS_F_TS_ACCURACY_SET_SECONDS 117
|
|
||||||
# define TS_F_TS_CHECK_IMPRINTS 100
|
|
||||||
# define TS_F_TS_CHECK_NONCES 101
|
|
||||||
# define TS_F_TS_CHECK_POLICY 102
|
|
||||||
# define TS_F_TS_CHECK_SIGNING_CERTS 103
|
|
||||||
# define TS_F_TS_CHECK_STATUS_INFO 104
|
|
||||||
# define TS_F_TS_COMPUTE_IMPRINT 145
|
|
||||||
# define TS_F_TS_CONF_SET_DEFAULT_ENGINE 146
|
|
||||||
# define TS_F_TS_GET_STATUS_TEXT 105
|
|
||||||
# define TS_F_TS_MSG_IMPRINT_SET_ALGO 118
|
|
||||||
# define TS_F_TS_REQ_SET_MSG_IMPRINT 119
|
|
||||||
# define TS_F_TS_REQ_SET_NONCE 120
|
|
||||||
# define TS_F_TS_REQ_SET_POLICY_ID 121
|
|
||||||
# define TS_F_TS_RESP_CREATE_RESPONSE 122
|
|
||||||
# define TS_F_TS_RESP_CREATE_TST_INFO 123
|
|
||||||
# define TS_F_TS_RESP_CTX_ADD_FAILURE_INFO 124
|
|
||||||
# define TS_F_TS_RESP_CTX_ADD_MD 125
|
|
||||||
# define TS_F_TS_RESP_CTX_ADD_POLICY 126
|
|
||||||
# define TS_F_TS_RESP_CTX_NEW 127
|
|
||||||
# define TS_F_TS_RESP_CTX_SET_ACCURACY 128
|
|
||||||
# define TS_F_TS_RESP_CTX_SET_CERTS 129
|
|
||||||
# define TS_F_TS_RESP_CTX_SET_DEF_POLICY 130
|
|
||||||
# define TS_F_TS_RESP_CTX_SET_SIGNER_CERT 131
|
|
||||||
# define TS_F_TS_RESP_CTX_SET_STATUS_INFO 132
|
|
||||||
# define TS_F_TS_RESP_GET_POLICY 133
|
|
||||||
# define TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION 134
|
|
||||||
# define TS_F_TS_RESP_SET_STATUS_INFO 135
|
|
||||||
# define TS_F_TS_RESP_SET_TST_INFO 150
|
|
||||||
# define TS_F_TS_RESP_SIGN 136
|
|
||||||
# define TS_F_TS_RESP_VERIFY_SIGNATURE 106
|
|
||||||
# define TS_F_TS_RESP_VERIFY_TOKEN 107
|
|
||||||
# define TS_F_TS_TST_INFO_SET_ACCURACY 137
|
|
||||||
# define TS_F_TS_TST_INFO_SET_MSG_IMPRINT 138
|
|
||||||
# define TS_F_TS_TST_INFO_SET_NONCE 139
|
|
||||||
# define TS_F_TS_TST_INFO_SET_POLICY_ID 140
|
|
||||||
# define TS_F_TS_TST_INFO_SET_SERIAL 141
|
|
||||||
# define TS_F_TS_TST_INFO_SET_TIME 142
|
|
||||||
# define TS_F_TS_TST_INFO_SET_TSA 143
|
|
||||||
# define TS_F_TS_VERIFY 108
|
|
||||||
# define TS_F_TS_VERIFY_CERT 109
|
|
||||||
# define TS_F_TS_VERIFY_CTX_NEW 144
|
|
||||||
|
|
||||||
/* Reason codes. */
|
|
||||||
# define TS_R_BAD_PKCS7_TYPE 132
|
|
||||||
# define TS_R_BAD_TYPE 133
|
|
||||||
# define TS_R_CERTIFICATE_VERIFY_ERROR 100
|
|
||||||
# define TS_R_COULD_NOT_SET_ENGINE 127
|
|
||||||
# define TS_R_COULD_NOT_SET_TIME 115
|
|
||||||
# define TS_R_D2I_TS_RESP_INT_FAILED 128
|
|
||||||
# define TS_R_DETACHED_CONTENT 134
|
|
||||||
# define TS_R_ESS_ADD_SIGNING_CERT_ERROR 116
|
|
||||||
# define TS_R_ESS_SIGNING_CERTIFICATE_ERROR 101
|
|
||||||
# define TS_R_INVALID_NULL_POINTER 102
|
|
||||||
# define TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE 117
|
|
||||||
# define TS_R_MESSAGE_IMPRINT_MISMATCH 103
|
|
||||||
# define TS_R_NONCE_MISMATCH 104
|
|
||||||
# define TS_R_NONCE_NOT_RETURNED 105
|
|
||||||
# define TS_R_NO_CONTENT 106
|
|
||||||
# define TS_R_NO_TIME_STAMP_TOKEN 107
|
|
||||||
# define TS_R_PKCS7_ADD_SIGNATURE_ERROR 118
|
|
||||||
# define TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR 119
|
|
||||||
# define TS_R_PKCS7_TO_TS_TST_INFO_FAILED 129
|
|
||||||
# define TS_R_POLICY_MISMATCH 108
|
|
||||||
# define TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 120
|
|
||||||
# define TS_R_RESPONSE_SETUP_ERROR 121
|
|
||||||
# define TS_R_SIGNATURE_FAILURE 109
|
|
||||||
# define TS_R_THERE_MUST_BE_ONE_SIGNER 110
|
|
||||||
# define TS_R_TIME_SYSCALL_ERROR 122
|
|
||||||
# define TS_R_TOKEN_NOT_PRESENT 130
|
|
||||||
# define TS_R_TOKEN_PRESENT 131
|
|
||||||
# define TS_R_TSA_NAME_MISMATCH 111
|
|
||||||
# define TS_R_TSA_UNTRUSTED 112
|
|
||||||
# define TS_R_TST_INFO_SETUP_ERROR 123
|
|
||||||
# define TS_R_TS_DATASIGN 124
|
|
||||||
# define TS_R_UNACCEPTABLE_POLICY 125
|
|
||||||
# define TS_R_UNSUPPORTED_MD_ALGORITHM 126
|
|
||||||
# define TS_R_UNSUPPORTED_VERSION 113
|
|
||||||
# define TS_R_WRONG_CONTENT_TYPE 114
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#endif
|
|
|
@ -1,112 +0,0 @@
|
||||||
/* crypto/txt_db/txt_db.h */
|
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
|
||||||
* All rights reserved.
|
|
||||||
*
|
|
||||||
* This package is an SSL implementation written
|
|
||||||
* by Eric Young (eay@cryptsoft.com).
|
|
||||||
* The implementation was written so as to conform with Netscapes SSL.
|
|
||||||
*
|
|
||||||
* This library is free for commercial and non-commercial use as long as
|
|
||||||
* the following conditions are aheared to. The following conditions
|
|
||||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
||||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
||||||
* included with this distribution is covered by the same copyright terms
|
|
||||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
||||||
* the code are not to be removed.
|
|
||||||
* If this package is used in a product, Eric Young should be given attribution
|
|
||||||
* as the author of the parts of the library used.
|
|
||||||
* This can be in the form of a textual message at program startup or
|
|
||||||
* in documentation (online or textual) provided with the package.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. All advertising materials mentioning features or use of this software
|
|
||||||
* must display the following acknowledgement:
|
|
||||||
* "This product includes cryptographic software written by
|
|
||||||
* Eric Young (eay@cryptsoft.com)"
|
|
||||||
* The word 'cryptographic' can be left out if the rouines from the library
|
|
||||||
* being used are not cryptographic related :-).
|
|
||||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
||||||
* the apps directory (application code) you must include an acknowledgement:
|
|
||||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
||||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
||||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
||||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
* SUCH DAMAGE.
|
|
||||||
*
|
|
||||||
* The licence and distribution terms for any publically available version or
|
|
||||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
||||||
* copied and put under another distribution licence
|
|
||||||
* [including the GNU Public Licence.]
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_TXT_DB_H
|
|
||||||
# define HEADER_TXT_DB_H
|
|
||||||
|
|
||||||
# include <openssl/opensslconf.h>
|
|
||||||
# ifndef OPENSSL_NO_BIO
|
|
||||||
# include <openssl/bio.h>
|
|
||||||
# endif
|
|
||||||
# include <openssl/stack.h>
|
|
||||||
# include <openssl/lhash.h>
|
|
||||||
|
|
||||||
# define DB_ERROR_OK 0
|
|
||||||
# define DB_ERROR_MALLOC 1
|
|
||||||
# define DB_ERROR_INDEX_CLASH 2
|
|
||||||
# define DB_ERROR_INDEX_OUT_OF_RANGE 3
|
|
||||||
# define DB_ERROR_NO_INDEX 4
|
|
||||||
# define DB_ERROR_INSERT_INDEX_CLASH 5
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
typedef OPENSSL_STRING *OPENSSL_PSTRING;
|
|
||||||
DECLARE_SPECIAL_STACK_OF(OPENSSL_PSTRING, OPENSSL_STRING)
|
|
||||||
|
|
||||||
typedef struct txt_db_st {
|
|
||||||
int num_fields;
|
|
||||||
STACK_OF(OPENSSL_PSTRING) *data;
|
|
||||||
LHASH_OF(OPENSSL_STRING) **index;
|
|
||||||
int (**qual) (OPENSSL_STRING *);
|
|
||||||
long error;
|
|
||||||
long arg1;
|
|
||||||
long arg2;
|
|
||||||
OPENSSL_STRING *arg_row;
|
|
||||||
} TXT_DB;
|
|
||||||
|
|
||||||
# ifndef OPENSSL_NO_BIO
|
|
||||||
TXT_DB *TXT_DB_read(BIO *in, int num);
|
|
||||||
long TXT_DB_write(BIO *out, TXT_DB *db);
|
|
||||||
# else
|
|
||||||
TXT_DB *TXT_DB_read(char *in, int num);
|
|
||||||
long TXT_DB_write(char *out, TXT_DB *db);
|
|
||||||
# endif
|
|
||||||
int TXT_DB_create_index(TXT_DB *db, int field, int (*qual) (OPENSSL_STRING *),
|
|
||||||
LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp);
|
|
||||||
void TXT_DB_free(TXT_DB *db);
|
|
||||||
OPENSSL_STRING *TXT_DB_get_by_index(TXT_DB *db, int idx,
|
|
||||||
OPENSSL_STRING *value);
|
|
||||||
int TXT_DB_insert(TXT_DB *db, OPENSSL_STRING *value);
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif
|
|
|
@ -1,415 +0,0 @@
|
||||||
/* crypto/ui/ui.h -*- mode:C; c-file-style: "eay" -*- */
|
|
||||||
/*
|
|
||||||
* Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
|
|
||||||
* 2001.
|
|
||||||
*/
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 2001 The OpenSSL Project. All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
*
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
*
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in
|
|
||||||
* the documentation and/or other materials provided with the
|
|
||||||
* distribution.
|
|
||||||
*
|
|
||||||
* 3. All advertising materials mentioning features or use of this
|
|
||||||
* software must display the following acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
|
||||||
*
|
|
||||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* prior written permission. For written permission, please contact
|
|
||||||
* openssl-core@openssl.org.
|
|
||||||
*
|
|
||||||
* 5. Products derived from this software may not be called "OpenSSL"
|
|
||||||
* nor may "OpenSSL" appear in their names without prior written
|
|
||||||
* permission of the OpenSSL Project.
|
|
||||||
*
|
|
||||||
* 6. Redistributions of any form whatsoever must retain the following
|
|
||||||
* acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
||||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
||||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
||||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
||||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
||||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
||||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
||||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
||||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
* ====================================================================
|
|
||||||
*
|
|
||||||
* This product includes cryptographic software written by Eric Young
|
|
||||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
|
||||||
* Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_UI_H
|
|
||||||
# define HEADER_UI_H
|
|
||||||
|
|
||||||
# ifndef OPENSSL_NO_DEPRECATED
|
|
||||||
# include <openssl/crypto.h>
|
|
||||||
# endif
|
|
||||||
# include <openssl/safestack.h>
|
|
||||||
# include <openssl/ossl_typ.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* Declared already in ossl_typ.h */
|
|
||||||
/* typedef struct ui_st UI; */
|
|
||||||
/* typedef struct ui_method_st UI_METHOD; */
|
|
||||||
|
|
||||||
/*
|
|
||||||
* All the following functions return -1 or NULL on error and in some cases
|
|
||||||
* (UI_process()) -2 if interrupted or in some other way cancelled. When
|
|
||||||
* everything is fine, they return 0, a positive value or a non-NULL pointer,
|
|
||||||
* all depending on their purpose.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* Creators and destructor. */
|
|
||||||
UI *UI_new(void);
|
|
||||||
UI *UI_new_method(const UI_METHOD *method);
|
|
||||||
void UI_free(UI *ui);
|
|
||||||
|
|
||||||
/*-
|
|
||||||
The following functions are used to add strings to be printed and prompt
|
|
||||||
strings to prompt for data. The names are UI_{add,dup}_<function>_string
|
|
||||||
and UI_{add,dup}_input_boolean.
|
|
||||||
|
|
||||||
UI_{add,dup}_<function>_string have the following meanings:
|
|
||||||
add add a text or prompt string. The pointers given to these
|
|
||||||
functions are used verbatim, no copying is done.
|
|
||||||
dup make a copy of the text or prompt string, then add the copy
|
|
||||||
to the collection of strings in the user interface.
|
|
||||||
<function>
|
|
||||||
The function is a name for the functionality that the given
|
|
||||||
string shall be used for. It can be one of:
|
|
||||||
input use the string as data prompt.
|
|
||||||
verify use the string as verification prompt. This
|
|
||||||
is used to verify a previous input.
|
|
||||||
info use the string for informational output.
|
|
||||||
error use the string for error output.
|
|
||||||
Honestly, there's currently no difference between info and error for the
|
|
||||||
moment.
|
|
||||||
|
|
||||||
UI_{add,dup}_input_boolean have the same semantics for "add" and "dup",
|
|
||||||
and are typically used when one wants to prompt for a yes/no response.
|
|
||||||
|
|
||||||
All of the functions in this group take a UI and a prompt string.
|
|
||||||
The string input and verify addition functions also take a flag argument,
|
|
||||||
a buffer for the result to end up with, a minimum input size and a maximum
|
|
||||||
input size (the result buffer MUST be large enough to be able to contain
|
|
||||||
the maximum number of characters). Additionally, the verify addition
|
|
||||||
functions takes another buffer to compare the result against.
|
|
||||||
The boolean input functions take an action description string (which should
|
|
||||||
be safe to ignore if the expected user action is obvious, for example with
|
|
||||||
a dialog box with an OK button and a Cancel button), a string of acceptable
|
|
||||||
characters to mean OK and to mean Cancel. The two last strings are checked
|
|
||||||
to make sure they don't have common characters. Additionally, the same
|
|
||||||
flag argument as for the string input is taken, as well as a result buffer.
|
|
||||||
The result buffer is required to be at least one byte long. Depending on
|
|
||||||
the answer, the first character from the OK or the Cancel character strings
|
|
||||||
will be stored in the first byte of the result buffer. No NUL will be
|
|
||||||
added, so the result is *not* a string.
|
|
||||||
|
|
||||||
On success, the all return an index of the added information. That index
|
|
||||||
is usefull when retrieving results with UI_get0_result(). */
|
|
||||||
int UI_add_input_string(UI *ui, const char *prompt, int flags,
|
|
||||||
char *result_buf, int minsize, int maxsize);
|
|
||||||
int UI_dup_input_string(UI *ui, const char *prompt, int flags,
|
|
||||||
char *result_buf, int minsize, int maxsize);
|
|
||||||
int UI_add_verify_string(UI *ui, const char *prompt, int flags,
|
|
||||||
char *result_buf, int minsize, int maxsize,
|
|
||||||
const char *test_buf);
|
|
||||||
int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
|
|
||||||
char *result_buf, int minsize, int maxsize,
|
|
||||||
const char *test_buf);
|
|
||||||
int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
|
|
||||||
const char *ok_chars, const char *cancel_chars,
|
|
||||||
int flags, char *result_buf);
|
|
||||||
int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
|
|
||||||
const char *ok_chars, const char *cancel_chars,
|
|
||||||
int flags, char *result_buf);
|
|
||||||
int UI_add_info_string(UI *ui, const char *text);
|
|
||||||
int UI_dup_info_string(UI *ui, const char *text);
|
|
||||||
int UI_add_error_string(UI *ui, const char *text);
|
|
||||||
int UI_dup_error_string(UI *ui, const char *text);
|
|
||||||
|
|
||||||
/* These are the possible flags. They can be or'ed together. */
|
|
||||||
/* Use to have echoing of input */
|
|
||||||
# define UI_INPUT_FLAG_ECHO 0x01
|
|
||||||
/*
|
|
||||||
* Use a default password. Where that password is found is completely up to
|
|
||||||
* the application, it might for example be in the user data set with
|
|
||||||
* UI_add_user_data(). It is not recommended to have more than one input in
|
|
||||||
* each UI being marked with this flag, or the application might get
|
|
||||||
* confused.
|
|
||||||
*/
|
|
||||||
# define UI_INPUT_FLAG_DEFAULT_PWD 0x02
|
|
||||||
|
|
||||||
/*-
|
|
||||||
* The user of these routines may want to define flags of their own. The core
|
|
||||||
* UI won't look at those, but will pass them on to the method routines. They
|
|
||||||
* must use higher bits so they don't get confused with the UI bits above.
|
|
||||||
* UI_INPUT_FLAG_USER_BASE tells which is the lowest bit to use. A good
|
|
||||||
* example of use is this:
|
|
||||||
*
|
|
||||||
* #define MY_UI_FLAG1 (0x01 << UI_INPUT_FLAG_USER_BASE)
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
# define UI_INPUT_FLAG_USER_BASE 16
|
|
||||||
|
|
||||||
/*-
|
|
||||||
* The following function helps construct a prompt. object_desc is a
|
|
||||||
* textual short description of the object, for example "pass phrase",
|
|
||||||
* and object_name is the name of the object (might be a card name or
|
|
||||||
* a file name.
|
|
||||||
* The returned string shall always be allocated on the heap with
|
|
||||||
* OPENSSL_malloc(), and need to be free'd with OPENSSL_free().
|
|
||||||
*
|
|
||||||
* If the ui_method doesn't contain a pointer to a user-defined prompt
|
|
||||||
* constructor, a default string is built, looking like this:
|
|
||||||
*
|
|
||||||
* "Enter {object_desc} for {object_name}:"
|
|
||||||
*
|
|
||||||
* So, if object_desc has the value "pass phrase" and object_name has
|
|
||||||
* the value "foo.key", the resulting string is:
|
|
||||||
*
|
|
||||||
* "Enter pass phrase for foo.key:"
|
|
||||||
*/
|
|
||||||
char *UI_construct_prompt(UI *ui_method,
|
|
||||||
const char *object_desc, const char *object_name);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* The following function is used to store a pointer to user-specific data.
|
|
||||||
* Any previous such pointer will be returned and replaced.
|
|
||||||
*
|
|
||||||
* For callback purposes, this function makes a lot more sense than using
|
|
||||||
* ex_data, since the latter requires that different parts of OpenSSL or
|
|
||||||
* applications share the same ex_data index.
|
|
||||||
*
|
|
||||||
* Note that the UI_OpenSSL() method completely ignores the user data. Other
|
|
||||||
* methods may not, however.
|
|
||||||
*/
|
|
||||||
void *UI_add_user_data(UI *ui, void *user_data);
|
|
||||||
/* We need a user data retrieving function as well. */
|
|
||||||
void *UI_get0_user_data(UI *ui);
|
|
||||||
|
|
||||||
/* Return the result associated with a prompt given with the index i. */
|
|
||||||
const char *UI_get0_result(UI *ui, int i);
|
|
||||||
|
|
||||||
/* When all strings have been added, process the whole thing. */
|
|
||||||
int UI_process(UI *ui);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Give a user interface parametrised control commands. This can be used to
|
|
||||||
* send down an integer, a data pointer or a function pointer, as well as be
|
|
||||||
* used to get information from a UI.
|
|
||||||
*/
|
|
||||||
int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f) (void));
|
|
||||||
|
|
||||||
/* The commands */
|
|
||||||
/*
|
|
||||||
* Use UI_CONTROL_PRINT_ERRORS with the value 1 to have UI_process print the
|
|
||||||
* OpenSSL error stack before printing any info or added error messages and
|
|
||||||
* before any prompting.
|
|
||||||
*/
|
|
||||||
# define UI_CTRL_PRINT_ERRORS 1
|
|
||||||
/*
|
|
||||||
* Check if a UI_process() is possible to do again with the same instance of
|
|
||||||
* a user interface. This makes UI_ctrl() return 1 if it is redoable, and 0
|
|
||||||
* if not.
|
|
||||||
*/
|
|
||||||
# define UI_CTRL_IS_REDOABLE 2
|
|
||||||
|
|
||||||
/* Some methods may use extra data */
|
|
||||||
# define UI_set_app_data(s,arg) UI_set_ex_data(s,0,arg)
|
|
||||||
# define UI_get_app_data(s) UI_get_ex_data(s,0)
|
|
||||||
int UI_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
|
|
||||||
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
|
|
||||||
int UI_set_ex_data(UI *r, int idx, void *arg);
|
|
||||||
void *UI_get_ex_data(UI *r, int idx);
|
|
||||||
|
|
||||||
/* Use specific methods instead of the built-in one */
|
|
||||||
void UI_set_default_method(const UI_METHOD *meth);
|
|
||||||
const UI_METHOD *UI_get_default_method(void);
|
|
||||||
const UI_METHOD *UI_get_method(UI *ui);
|
|
||||||
const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
|
|
||||||
|
|
||||||
/* The method with all the built-in thingies */
|
|
||||||
UI_METHOD *UI_OpenSSL(void);
|
|
||||||
|
|
||||||
/* ---------- For method writers ---------- */
|
|
||||||
/*-
|
|
||||||
A method contains a number of functions that implement the low level
|
|
||||||
of the User Interface. The functions are:
|
|
||||||
|
|
||||||
an opener This function starts a session, maybe by opening
|
|
||||||
a channel to a tty, or by opening a window.
|
|
||||||
a writer This function is called to write a given string,
|
|
||||||
maybe to the tty, maybe as a field label in a
|
|
||||||
window.
|
|
||||||
a flusher This function is called to flush everything that
|
|
||||||
has been output so far. It can be used to actually
|
|
||||||
display a dialog box after it has been built.
|
|
||||||
a reader This function is called to read a given prompt,
|
|
||||||
maybe from the tty, maybe from a field in a
|
|
||||||
window. Note that it's called wth all string
|
|
||||||
structures, not only the prompt ones, so it must
|
|
||||||
check such things itself.
|
|
||||||
a closer This function closes the session, maybe by closing
|
|
||||||
the channel to the tty, or closing the window.
|
|
||||||
|
|
||||||
All these functions are expected to return:
|
|
||||||
|
|
||||||
0 on error.
|
|
||||||
1 on success.
|
|
||||||
-1 on out-of-band events, for example if some prompting has
|
|
||||||
been canceled (by pressing Ctrl-C, for example). This is
|
|
||||||
only checked when returned by the flusher or the reader.
|
|
||||||
|
|
||||||
The way this is used, the opener is first called, then the writer for all
|
|
||||||
strings, then the flusher, then the reader for all strings and finally the
|
|
||||||
closer. Note that if you want to prompt from a terminal or other command
|
|
||||||
line interface, the best is to have the reader also write the prompts
|
|
||||||
instead of having the writer do it. If you want to prompt from a dialog
|
|
||||||
box, the writer can be used to build up the contents of the box, and the
|
|
||||||
flusher to actually display the box and run the event loop until all data
|
|
||||||
has been given, after which the reader only grabs the given data and puts
|
|
||||||
them back into the UI strings.
|
|
||||||
|
|
||||||
All method functions take a UI as argument. Additionally, the writer and
|
|
||||||
the reader take a UI_STRING.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/*
|
|
||||||
* The UI_STRING type is the data structure that contains all the needed info
|
|
||||||
* about a string or a prompt, including test data for a verification prompt.
|
|
||||||
*/
|
|
||||||
typedef struct ui_string_st UI_STRING;
|
|
||||||
DECLARE_STACK_OF(UI_STRING)
|
|
||||||
|
|
||||||
/*
|
|
||||||
* The different types of strings that are currently supported. This is only
|
|
||||||
* needed by method authors.
|
|
||||||
*/
|
|
||||||
enum UI_string_types {
|
|
||||||
UIT_NONE = 0,
|
|
||||||
UIT_PROMPT, /* Prompt for a string */
|
|
||||||
UIT_VERIFY, /* Prompt for a string and verify */
|
|
||||||
UIT_BOOLEAN, /* Prompt for a yes/no response */
|
|
||||||
UIT_INFO, /* Send info to the user */
|
|
||||||
UIT_ERROR /* Send an error message to the user */
|
|
||||||
};
|
|
||||||
|
|
||||||
/* Create and manipulate methods */
|
|
||||||
UI_METHOD *UI_create_method(char *name);
|
|
||||||
void UI_destroy_method(UI_METHOD *ui_method);
|
|
||||||
int UI_method_set_opener(UI_METHOD *method, int (*opener) (UI *ui));
|
|
||||||
int UI_method_set_writer(UI_METHOD *method,
|
|
||||||
int (*writer) (UI *ui, UI_STRING *uis));
|
|
||||||
int UI_method_set_flusher(UI_METHOD *method, int (*flusher) (UI *ui));
|
|
||||||
int UI_method_set_reader(UI_METHOD *method,
|
|
||||||
int (*reader) (UI *ui, UI_STRING *uis));
|
|
||||||
int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui));
|
|
||||||
int UI_method_set_prompt_constructor(UI_METHOD *method,
|
|
||||||
char *(*prompt_constructor) (UI *ui,
|
|
||||||
const char
|
|
||||||
*object_desc,
|
|
||||||
const char
|
|
||||||
*object_name));
|
|
||||||
int (*UI_method_get_opener(UI_METHOD *method)) (UI *);
|
|
||||||
int (*UI_method_get_writer(UI_METHOD *method)) (UI *, UI_STRING *);
|
|
||||||
int (*UI_method_get_flusher(UI_METHOD *method)) (UI *);
|
|
||||||
int (*UI_method_get_reader(UI_METHOD *method)) (UI *, UI_STRING *);
|
|
||||||
int (*UI_method_get_closer(UI_METHOD *method)) (UI *);
|
|
||||||
char *(*UI_method_get_prompt_constructor(UI_METHOD *method)) (UI *,
|
|
||||||
const char *,
|
|
||||||
const char *);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* The following functions are helpers for method writers to access relevant
|
|
||||||
* data from a UI_STRING.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* Return type of the UI_STRING */
|
|
||||||
enum UI_string_types UI_get_string_type(UI_STRING *uis);
|
|
||||||
/* Return input flags of the UI_STRING */
|
|
||||||
int UI_get_input_flags(UI_STRING *uis);
|
|
||||||
/* Return the actual string to output (the prompt, info or error) */
|
|
||||||
const char *UI_get0_output_string(UI_STRING *uis);
|
|
||||||
/*
|
|
||||||
* Return the optional action string to output (the boolean promtp
|
|
||||||
* instruction)
|
|
||||||
*/
|
|
||||||
const char *UI_get0_action_string(UI_STRING *uis);
|
|
||||||
/* Return the result of a prompt */
|
|
||||||
const char *UI_get0_result_string(UI_STRING *uis);
|
|
||||||
/*
|
|
||||||
* Return the string to test the result against. Only useful with verifies.
|
|
||||||
*/
|
|
||||||
const char *UI_get0_test_string(UI_STRING *uis);
|
|
||||||
/* Return the required minimum size of the result */
|
|
||||||
int UI_get_result_minsize(UI_STRING *uis);
|
|
||||||
/* Return the required maximum size of the result */
|
|
||||||
int UI_get_result_maxsize(UI_STRING *uis);
|
|
||||||
/* Set the result of a UI_STRING. */
|
|
||||||
int UI_set_result(UI *ui, UI_STRING *uis, const char *result);
|
|
||||||
|
|
||||||
/* A couple of popular utility functions */
|
|
||||||
int UI_UTIL_read_pw_string(char *buf, int length, const char *prompt,
|
|
||||||
int verify);
|
|
||||||
int UI_UTIL_read_pw(char *buf, char *buff, int size, const char *prompt,
|
|
||||||
int verify);
|
|
||||||
|
|
||||||
/* BEGIN ERROR CODES */
|
|
||||||
/*
|
|
||||||
* The following lines are auto generated by the script mkerr.pl. Any changes
|
|
||||||
* made after this point may be overwritten when the script is next run.
|
|
||||||
*/
|
|
||||||
void ERR_load_UI_strings(void);
|
|
||||||
|
|
||||||
/* Error codes for the UI functions. */
|
|
||||||
|
|
||||||
/* Function codes. */
|
|
||||||
# define UI_F_GENERAL_ALLOCATE_BOOLEAN 108
|
|
||||||
# define UI_F_GENERAL_ALLOCATE_PROMPT 109
|
|
||||||
# define UI_F_GENERAL_ALLOCATE_STRING 100
|
|
||||||
# define UI_F_UI_CTRL 111
|
|
||||||
# define UI_F_UI_DUP_ERROR_STRING 101
|
|
||||||
# define UI_F_UI_DUP_INFO_STRING 102
|
|
||||||
# define UI_F_UI_DUP_INPUT_BOOLEAN 110
|
|
||||||
# define UI_F_UI_DUP_INPUT_STRING 103
|
|
||||||
# define UI_F_UI_DUP_VERIFY_STRING 106
|
|
||||||
# define UI_F_UI_GET0_RESULT 107
|
|
||||||
# define UI_F_UI_NEW_METHOD 104
|
|
||||||
# define UI_F_UI_SET_RESULT 105
|
|
||||||
|
|
||||||
/* Reason codes. */
|
|
||||||
# define UI_R_COMMON_OK_AND_CANCEL_CHARACTERS 104
|
|
||||||
# define UI_R_INDEX_TOO_LARGE 102
|
|
||||||
# define UI_R_INDEX_TOO_SMALL 103
|
|
||||||
# define UI_R_NO_RESULT_BUFFER 105
|
|
||||||
# define UI_R_RESULT_TOO_LARGE 100
|
|
||||||
# define UI_R_RESULT_TOO_SMALL 101
|
|
||||||
# define UI_R_UNKNOWN_CONTROL_COMMAND 106
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#endif
|
|
|
@ -1,88 +0,0 @@
|
||||||
/* crypto/ui/ui.h -*- mode:C; c-file-style: "eay" -*- */
|
|
||||||
/*
|
|
||||||
* Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
|
|
||||||
* 2001.
|
|
||||||
*/
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 2001 The OpenSSL Project. All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
*
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
*
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in
|
|
||||||
* the documentation and/or other materials provided with the
|
|
||||||
* distribution.
|
|
||||||
*
|
|
||||||
* 3. All advertising materials mentioning features or use of this
|
|
||||||
* software must display the following acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
|
||||||
*
|
|
||||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* prior written permission. For written permission, please contact
|
|
||||||
* openssl-core@openssl.org.
|
|
||||||
*
|
|
||||||
* 5. Products derived from this software may not be called "OpenSSL"
|
|
||||||
* nor may "OpenSSL" appear in their names without prior written
|
|
||||||
* permission of the OpenSSL Project.
|
|
||||||
*
|
|
||||||
* 6. Redistributions of any form whatsoever must retain the following
|
|
||||||
* acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
||||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
||||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
||||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
||||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
||||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
||||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
||||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
||||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
* ====================================================================
|
|
||||||
*
|
|
||||||
* This product includes cryptographic software written by Eric Young
|
|
||||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
|
||||||
* Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_UI_COMPAT_H
|
|
||||||
# define HEADER_UI_COMPAT_H
|
|
||||||
|
|
||||||
# include <openssl/opensslconf.h>
|
|
||||||
# include <openssl/ui.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/*
|
|
||||||
* The following functions were previously part of the DES section, and are
|
|
||||||
* provided here for backward compatibility reasons.
|
|
||||||
*/
|
|
||||||
|
|
||||||
# define des_read_pw_string(b,l,p,v) \
|
|
||||||
_ossl_old_des_read_pw_string((b),(l),(p),(v))
|
|
||||||
# define des_read_pw(b,bf,s,p,v) \
|
|
||||||
_ossl_old_des_read_pw((b),(bf),(s),(p),(v))
|
|
||||||
|
|
||||||
int _ossl_old_des_read_pw_string(char *buf, int length, const char *prompt,
|
|
||||||
int verify);
|
|
||||||
int _ossl_old_des_read_pw(char *buf, char *buff, int size, const char *prompt,
|
|
||||||
int verify);
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#endif
|
|
|
@ -1,41 +0,0 @@
|
||||||
#ifndef HEADER_WHRLPOOL_H
|
|
||||||
# define HEADER_WHRLPOOL_H
|
|
||||||
|
|
||||||
# include <openssl/e_os2.h>
|
|
||||||
# include <stddef.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
# define WHIRLPOOL_DIGEST_LENGTH (512/8)
|
|
||||||
# define WHIRLPOOL_BBLOCK 512
|
|
||||||
# define WHIRLPOOL_COUNTER (256/8)
|
|
||||||
|
|
||||||
typedef struct {
|
|
||||||
union {
|
|
||||||
unsigned char c[WHIRLPOOL_DIGEST_LENGTH];
|
|
||||||
/* double q is here to ensure 64-bit alignment */
|
|
||||||
double q[WHIRLPOOL_DIGEST_LENGTH / sizeof(double)];
|
|
||||||
} H;
|
|
||||||
unsigned char data[WHIRLPOOL_BBLOCK / 8];
|
|
||||||
unsigned int bitoff;
|
|
||||||
size_t bitlen[WHIRLPOOL_COUNTER / sizeof(size_t)];
|
|
||||||
} WHIRLPOOL_CTX;
|
|
||||||
|
|
||||||
# ifndef OPENSSL_NO_WHIRLPOOL
|
|
||||||
# ifdef OPENSSL_FIPS
|
|
||||||
int private_WHIRLPOOL_Init(WHIRLPOOL_CTX *c);
|
|
||||||
# endif
|
|
||||||
int WHIRLPOOL_Init(WHIRLPOOL_CTX *c);
|
|
||||||
int WHIRLPOOL_Update(WHIRLPOOL_CTX *c, const void *inp, size_t bytes);
|
|
||||||
void WHIRLPOOL_BitUpdate(WHIRLPOOL_CTX *c, const void *inp, size_t bits);
|
|
||||||
int WHIRLPOOL_Final(unsigned char *md, WHIRLPOOL_CTX *c);
|
|
||||||
unsigned char *WHIRLPOOL(const void *inp, size_t bytes, unsigned char *md);
|
|
||||||
# endif
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif
|
|
File diff suppressed because it is too large
Load Diff
|
@ -1,149 +0,0 @@
|
||||||
/* crypto/aes/aes.h -*- mode:C; c-file-style: "eay" -*- */
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
*
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
*
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in
|
|
||||||
* the documentation and/or other materials provided with the
|
|
||||||
* distribution.
|
|
||||||
*
|
|
||||||
* 3. All advertising materials mentioning features or use of this
|
|
||||||
* software must display the following acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
|
||||||
*
|
|
||||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* prior written permission. For written permission, please contact
|
|
||||||
* openssl-core@openssl.org.
|
|
||||||
*
|
|
||||||
* 5. Products derived from this software may not be called "OpenSSL"
|
|
||||||
* nor may "OpenSSL" appear in their names without prior written
|
|
||||||
* permission of the OpenSSL Project.
|
|
||||||
*
|
|
||||||
* 6. Redistributions of any form whatsoever must retain the following
|
|
||||||
* acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
||||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
||||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
||||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
||||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
||||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
||||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
||||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
||||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
* ====================================================================
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_AES_H
|
|
||||||
# define HEADER_AES_H
|
|
||||||
|
|
||||||
# include <openssl/opensslconf.h>
|
|
||||||
|
|
||||||
# ifdef OPENSSL_NO_AES
|
|
||||||
# error AES is disabled.
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# include <stddef.h>
|
|
||||||
|
|
||||||
# define AES_ENCRYPT 1
|
|
||||||
# define AES_DECRYPT 0
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Because array size can't be a const in C, the following two are macros.
|
|
||||||
* Both sizes are in bytes.
|
|
||||||
*/
|
|
||||||
# define AES_MAXNR 14
|
|
||||||
# define AES_BLOCK_SIZE 16
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* This should be a hidden type, but EVP requires that the size be known */
|
|
||||||
struct aes_key_st {
|
|
||||||
# ifdef AES_LONG
|
|
||||||
unsigned long rd_key[4 * (AES_MAXNR + 1)];
|
|
||||||
# else
|
|
||||||
unsigned int rd_key[4 * (AES_MAXNR + 1)];
|
|
||||||
# endif
|
|
||||||
int rounds;
|
|
||||||
};
|
|
||||||
typedef struct aes_key_st AES_KEY;
|
|
||||||
|
|
||||||
const char *AES_options(void);
|
|
||||||
|
|
||||||
int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
|
|
||||||
AES_KEY *key);
|
|
||||||
int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
|
|
||||||
AES_KEY *key);
|
|
||||||
|
|
||||||
int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
|
|
||||||
AES_KEY *key);
|
|
||||||
int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
|
|
||||||
AES_KEY *key);
|
|
||||||
|
|
||||||
void AES_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
const AES_KEY *key);
|
|
||||||
void AES_decrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
const AES_KEY *key);
|
|
||||||
|
|
||||||
void AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
const AES_KEY *key, const int enc);
|
|
||||||
void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t length, const AES_KEY *key,
|
|
||||||
unsigned char *ivec, const int enc);
|
|
||||||
void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t length, const AES_KEY *key,
|
|
||||||
unsigned char *ivec, int *num, const int enc);
|
|
||||||
void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t length, const AES_KEY *key,
|
|
||||||
unsigned char *ivec, int *num, const int enc);
|
|
||||||
void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t length, const AES_KEY *key,
|
|
||||||
unsigned char *ivec, int *num, const int enc);
|
|
||||||
void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t length, const AES_KEY *key,
|
|
||||||
unsigned char *ivec, int *num);
|
|
||||||
void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t length, const AES_KEY *key,
|
|
||||||
unsigned char ivec[AES_BLOCK_SIZE],
|
|
||||||
unsigned char ecount_buf[AES_BLOCK_SIZE],
|
|
||||||
unsigned int *num);
|
|
||||||
/* NB: the IV is _two_ blocks long */
|
|
||||||
void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t length, const AES_KEY *key,
|
|
||||||
unsigned char *ivec, const int enc);
|
|
||||||
/* NB: the IV is _four_ blocks long */
|
|
||||||
void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t length, const AES_KEY *key,
|
|
||||||
const AES_KEY *key2, const unsigned char *ivec,
|
|
||||||
const int enc);
|
|
||||||
|
|
||||||
int AES_wrap_key(AES_KEY *key, const unsigned char *iv,
|
|
||||||
unsigned char *out,
|
|
||||||
const unsigned char *in, unsigned int inlen);
|
|
||||||
int AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
|
|
||||||
unsigned char *out,
|
|
||||||
const unsigned char *in, unsigned int inlen);
|
|
||||||
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif /* !HEADER_AES_H */
|
|
|
@ -1,973 +0,0 @@
|
||||||
/* asn1t.h */
|
|
||||||
/*
|
|
||||||
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
|
|
||||||
* 2000.
|
|
||||||
*/
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
*
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
*
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in
|
|
||||||
* the documentation and/or other materials provided with the
|
|
||||||
* distribution.
|
|
||||||
*
|
|
||||||
* 3. All advertising materials mentioning features or use of this
|
|
||||||
* software must display the following acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
|
||||||
*
|
|
||||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* prior written permission. For written permission, please contact
|
|
||||||
* licensing@OpenSSL.org.
|
|
||||||
*
|
|
||||||
* 5. Products derived from this software may not be called "OpenSSL"
|
|
||||||
* nor may "OpenSSL" appear in their names without prior written
|
|
||||||
* permission of the OpenSSL Project.
|
|
||||||
*
|
|
||||||
* 6. Redistributions of any form whatsoever must retain the following
|
|
||||||
* acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
||||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
||||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
||||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
||||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
||||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
||||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
||||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
||||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
* ====================================================================
|
|
||||||
*
|
|
||||||
* This product includes cryptographic software written by Eric Young
|
|
||||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
|
||||||
* Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
#ifndef HEADER_ASN1T_H
|
|
||||||
# define HEADER_ASN1T_H
|
|
||||||
|
|
||||||
# include <stddef.h>
|
|
||||||
# include <openssl/e_os2.h>
|
|
||||||
# include <openssl/asn1.h>
|
|
||||||
|
|
||||||
# ifdef OPENSSL_BUILD_SHLIBCRYPTO
|
|
||||||
# undef OPENSSL_EXTERN
|
|
||||||
# define OPENSSL_EXTERN OPENSSL_EXPORT
|
|
||||||
# endif
|
|
||||||
|
|
||||||
/* ASN1 template defines, structures and functions */
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
|
|
||||||
|
|
||||||
/* Macro to obtain ASN1_ADB pointer from a type (only used internally) */
|
|
||||||
# define ASN1_ADB_ptr(iptr) ((const ASN1_ADB *)(iptr))
|
|
||||||
|
|
||||||
/* Macros for start and end of ASN1_ITEM definition */
|
|
||||||
|
|
||||||
# define ASN1_ITEM_start(itname) \
|
|
||||||
OPENSSL_GLOBAL const ASN1_ITEM itname##_it = {
|
|
||||||
|
|
||||||
# define ASN1_ITEM_end(itname) \
|
|
||||||
};
|
|
||||||
|
|
||||||
# else
|
|
||||||
|
|
||||||
/* Macro to obtain ASN1_ADB pointer from a type (only used internally) */
|
|
||||||
# define ASN1_ADB_ptr(iptr) ((const ASN1_ADB *)(iptr()))
|
|
||||||
|
|
||||||
/* Macros for start and end of ASN1_ITEM definition */
|
|
||||||
|
|
||||||
# define ASN1_ITEM_start(itname) \
|
|
||||||
const ASN1_ITEM * itname##_it(void) \
|
|
||||||
{ \
|
|
||||||
static const ASN1_ITEM local_it = {
|
|
||||||
|
|
||||||
# define ASN1_ITEM_end(itname) \
|
|
||||||
}; \
|
|
||||||
return &local_it; \
|
|
||||||
}
|
|
||||||
|
|
||||||
# endif
|
|
||||||
|
|
||||||
/* Macros to aid ASN1 template writing */
|
|
||||||
|
|
||||||
# define ASN1_ITEM_TEMPLATE(tname) \
|
|
||||||
static const ASN1_TEMPLATE tname##_item_tt
|
|
||||||
|
|
||||||
# define ASN1_ITEM_TEMPLATE_END(tname) \
|
|
||||||
;\
|
|
||||||
ASN1_ITEM_start(tname) \
|
|
||||||
ASN1_ITYPE_PRIMITIVE,\
|
|
||||||
-1,\
|
|
||||||
&tname##_item_tt,\
|
|
||||||
0,\
|
|
||||||
NULL,\
|
|
||||||
0,\
|
|
||||||
#tname \
|
|
||||||
ASN1_ITEM_end(tname)
|
|
||||||
|
|
||||||
/* This is a ASN1 type which just embeds a template */
|
|
||||||
|
|
||||||
/*-
|
|
||||||
* This pair helps declare a SEQUENCE. We can do:
|
|
||||||
*
|
|
||||||
* ASN1_SEQUENCE(stname) = {
|
|
||||||
* ... SEQUENCE components ...
|
|
||||||
* } ASN1_SEQUENCE_END(stname)
|
|
||||||
*
|
|
||||||
* This will produce an ASN1_ITEM called stname_it
|
|
||||||
* for a structure called stname.
|
|
||||||
*
|
|
||||||
* If you want the same structure but a different
|
|
||||||
* name then use:
|
|
||||||
*
|
|
||||||
* ASN1_SEQUENCE(itname) = {
|
|
||||||
* ... SEQUENCE components ...
|
|
||||||
* } ASN1_SEQUENCE_END_name(stname, itname)
|
|
||||||
*
|
|
||||||
* This will create an item called itname_it using
|
|
||||||
* a structure called stname.
|
|
||||||
*/
|
|
||||||
|
|
||||||
# define ASN1_SEQUENCE(tname) \
|
|
||||||
static const ASN1_TEMPLATE tname##_seq_tt[]
|
|
||||||
|
|
||||||
# define ASN1_SEQUENCE_END(stname) ASN1_SEQUENCE_END_name(stname, stname)
|
|
||||||
|
|
||||||
# define ASN1_SEQUENCE_END_name(stname, tname) \
|
|
||||||
;\
|
|
||||||
ASN1_ITEM_start(tname) \
|
|
||||||
ASN1_ITYPE_SEQUENCE,\
|
|
||||||
V_ASN1_SEQUENCE,\
|
|
||||||
tname##_seq_tt,\
|
|
||||||
sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
|
|
||||||
NULL,\
|
|
||||||
sizeof(stname),\
|
|
||||||
#stname \
|
|
||||||
ASN1_ITEM_end(tname)
|
|
||||||
|
|
||||||
# define ASN1_NDEF_SEQUENCE(tname) \
|
|
||||||
ASN1_SEQUENCE(tname)
|
|
||||||
|
|
||||||
# define ASN1_NDEF_SEQUENCE_cb(tname, cb) \
|
|
||||||
ASN1_SEQUENCE_cb(tname, cb)
|
|
||||||
|
|
||||||
# define ASN1_SEQUENCE_cb(tname, cb) \
|
|
||||||
static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
|
|
||||||
ASN1_SEQUENCE(tname)
|
|
||||||
|
|
||||||
# define ASN1_BROKEN_SEQUENCE(tname) \
|
|
||||||
static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_BROKEN, 0, 0, 0, 0}; \
|
|
||||||
ASN1_SEQUENCE(tname)
|
|
||||||
|
|
||||||
# define ASN1_SEQUENCE_ref(tname, cb, lck) \
|
|
||||||
static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), lck, cb, 0}; \
|
|
||||||
ASN1_SEQUENCE(tname)
|
|
||||||
|
|
||||||
# define ASN1_SEQUENCE_enc(tname, enc, cb) \
|
|
||||||
static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_ENCODING, 0, 0, cb, offsetof(tname, enc)}; \
|
|
||||||
ASN1_SEQUENCE(tname)
|
|
||||||
|
|
||||||
# define ASN1_NDEF_SEQUENCE_END(tname) \
|
|
||||||
;\
|
|
||||||
ASN1_ITEM_start(tname) \
|
|
||||||
ASN1_ITYPE_NDEF_SEQUENCE,\
|
|
||||||
V_ASN1_SEQUENCE,\
|
|
||||||
tname##_seq_tt,\
|
|
||||||
sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
|
|
||||||
NULL,\
|
|
||||||
sizeof(tname),\
|
|
||||||
#tname \
|
|
||||||
ASN1_ITEM_end(tname)
|
|
||||||
|
|
||||||
# define ASN1_BROKEN_SEQUENCE_END(stname) ASN1_SEQUENCE_END_ref(stname, stname)
|
|
||||||
|
|
||||||
# define ASN1_SEQUENCE_END_enc(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
|
|
||||||
|
|
||||||
# define ASN1_SEQUENCE_END_cb(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
|
|
||||||
|
|
||||||
# define ASN1_SEQUENCE_END_ref(stname, tname) \
|
|
||||||
;\
|
|
||||||
ASN1_ITEM_start(tname) \
|
|
||||||
ASN1_ITYPE_SEQUENCE,\
|
|
||||||
V_ASN1_SEQUENCE,\
|
|
||||||
tname##_seq_tt,\
|
|
||||||
sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
|
|
||||||
&tname##_aux,\
|
|
||||||
sizeof(stname),\
|
|
||||||
#stname \
|
|
||||||
ASN1_ITEM_end(tname)
|
|
||||||
|
|
||||||
# define ASN1_NDEF_SEQUENCE_END_cb(stname, tname) \
|
|
||||||
;\
|
|
||||||
ASN1_ITEM_start(tname) \
|
|
||||||
ASN1_ITYPE_NDEF_SEQUENCE,\
|
|
||||||
V_ASN1_SEQUENCE,\
|
|
||||||
tname##_seq_tt,\
|
|
||||||
sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
|
|
||||||
&tname##_aux,\
|
|
||||||
sizeof(stname),\
|
|
||||||
#stname \
|
|
||||||
ASN1_ITEM_end(tname)
|
|
||||||
|
|
||||||
/*-
|
|
||||||
* This pair helps declare a CHOICE type. We can do:
|
|
||||||
*
|
|
||||||
* ASN1_CHOICE(chname) = {
|
|
||||||
* ... CHOICE options ...
|
|
||||||
* ASN1_CHOICE_END(chname)
|
|
||||||
*
|
|
||||||
* This will produce an ASN1_ITEM called chname_it
|
|
||||||
* for a structure called chname. The structure
|
|
||||||
* definition must look like this:
|
|
||||||
* typedef struct {
|
|
||||||
* int type;
|
|
||||||
* union {
|
|
||||||
* ASN1_SOMETHING *opt1;
|
|
||||||
* ASN1_SOMEOTHER *opt2;
|
|
||||||
* } value;
|
|
||||||
* } chname;
|
|
||||||
*
|
|
||||||
* the name of the selector must be 'type'.
|
|
||||||
* to use an alternative selector name use the
|
|
||||||
* ASN1_CHOICE_END_selector() version.
|
|
||||||
*/
|
|
||||||
|
|
||||||
# define ASN1_CHOICE(tname) \
|
|
||||||
static const ASN1_TEMPLATE tname##_ch_tt[]
|
|
||||||
|
|
||||||
# define ASN1_CHOICE_cb(tname, cb) \
|
|
||||||
static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
|
|
||||||
ASN1_CHOICE(tname)
|
|
||||||
|
|
||||||
# define ASN1_CHOICE_END(stname) ASN1_CHOICE_END_name(stname, stname)
|
|
||||||
|
|
||||||
# define ASN1_CHOICE_END_name(stname, tname) ASN1_CHOICE_END_selector(stname, tname, type)
|
|
||||||
|
|
||||||
# define ASN1_CHOICE_END_selector(stname, tname, selname) \
|
|
||||||
;\
|
|
||||||
ASN1_ITEM_start(tname) \
|
|
||||||
ASN1_ITYPE_CHOICE,\
|
|
||||||
offsetof(stname,selname) ,\
|
|
||||||
tname##_ch_tt,\
|
|
||||||
sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\
|
|
||||||
NULL,\
|
|
||||||
sizeof(stname),\
|
|
||||||
#stname \
|
|
||||||
ASN1_ITEM_end(tname)
|
|
||||||
|
|
||||||
# define ASN1_CHOICE_END_cb(stname, tname, selname) \
|
|
||||||
;\
|
|
||||||
ASN1_ITEM_start(tname) \
|
|
||||||
ASN1_ITYPE_CHOICE,\
|
|
||||||
offsetof(stname,selname) ,\
|
|
||||||
tname##_ch_tt,\
|
|
||||||
sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\
|
|
||||||
&tname##_aux,\
|
|
||||||
sizeof(stname),\
|
|
||||||
#stname \
|
|
||||||
ASN1_ITEM_end(tname)
|
|
||||||
|
|
||||||
/* This helps with the template wrapper form of ASN1_ITEM */
|
|
||||||
|
|
||||||
# define ASN1_EX_TEMPLATE_TYPE(flags, tag, name, type) { \
|
|
||||||
(flags), (tag), 0,\
|
|
||||||
#name, ASN1_ITEM_ref(type) }
|
|
||||||
|
|
||||||
/* These help with SEQUENCE or CHOICE components */
|
|
||||||
|
|
||||||
/* used to declare other types */
|
|
||||||
|
|
||||||
# define ASN1_EX_TYPE(flags, tag, stname, field, type) { \
|
|
||||||
(flags), (tag), offsetof(stname, field),\
|
|
||||||
#field, ASN1_ITEM_ref(type) }
|
|
||||||
|
|
||||||
/* used when the structure is combined with the parent */
|
|
||||||
|
|
||||||
# define ASN1_EX_COMBINE(flags, tag, type) { \
|
|
||||||
(flags)|ASN1_TFLG_COMBINE, (tag), 0, NULL, ASN1_ITEM_ref(type) }
|
|
||||||
|
|
||||||
/* implicit and explicit helper macros */
|
|
||||||
|
|
||||||
# define ASN1_IMP_EX(stname, field, type, tag, ex) \
|
|
||||||
ASN1_EX_TYPE(ASN1_TFLG_IMPLICIT | ex, tag, stname, field, type)
|
|
||||||
|
|
||||||
# define ASN1_EXP_EX(stname, field, type, tag, ex) \
|
|
||||||
ASN1_EX_TYPE(ASN1_TFLG_EXPLICIT | ex, tag, stname, field, type)
|
|
||||||
|
|
||||||
/* Any defined by macros: the field used is in the table itself */
|
|
||||||
|
|
||||||
# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
|
|
||||||
# define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, (const ASN1_ITEM *)&(tblname##_adb) }
|
|
||||||
# define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, (const ASN1_ITEM *)&(tblname##_adb) }
|
|
||||||
# else
|
|
||||||
# define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, tblname##_adb }
|
|
||||||
# define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, tblname##_adb }
|
|
||||||
# endif
|
|
||||||
/* Plain simple type */
|
|
||||||
# define ASN1_SIMPLE(stname, field, type) ASN1_EX_TYPE(0,0, stname, field, type)
|
|
||||||
|
|
||||||
/* OPTIONAL simple type */
|
|
||||||
# define ASN1_OPT(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_OPTIONAL, 0, stname, field, type)
|
|
||||||
|
|
||||||
/* IMPLICIT tagged simple type */
|
|
||||||
# define ASN1_IMP(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, 0)
|
|
||||||
|
|
||||||
/* IMPLICIT tagged OPTIONAL simple type */
|
|
||||||
# define ASN1_IMP_OPT(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
|
|
||||||
|
|
||||||
/* Same as above but EXPLICIT */
|
|
||||||
|
|
||||||
# define ASN1_EXP(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, 0)
|
|
||||||
# define ASN1_EXP_OPT(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
|
|
||||||
|
|
||||||
/* SEQUENCE OF type */
|
|
||||||
# define ASN1_SEQUENCE_OF(stname, field, type) \
|
|
||||||
ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, stname, field, type)
|
|
||||||
|
|
||||||
/* OPTIONAL SEQUENCE OF */
|
|
||||||
# define ASN1_SEQUENCE_OF_OPT(stname, field, type) \
|
|
||||||
ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
|
|
||||||
|
|
||||||
/* Same as above but for SET OF */
|
|
||||||
|
|
||||||
# define ASN1_SET_OF(stname, field, type) \
|
|
||||||
ASN1_EX_TYPE(ASN1_TFLG_SET_OF, 0, stname, field, type)
|
|
||||||
|
|
||||||
# define ASN1_SET_OF_OPT(stname, field, type) \
|
|
||||||
ASN1_EX_TYPE(ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
|
|
||||||
|
|
||||||
/* Finally compound types of SEQUENCE, SET, IMPLICIT, EXPLICIT and OPTIONAL */
|
|
||||||
|
|
||||||
# define ASN1_IMP_SET_OF(stname, field, type, tag) \
|
|
||||||
ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
|
|
||||||
|
|
||||||
# define ASN1_EXP_SET_OF(stname, field, type, tag) \
|
|
||||||
ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
|
|
||||||
|
|
||||||
# define ASN1_IMP_SET_OF_OPT(stname, field, type, tag) \
|
|
||||||
ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
|
|
||||||
|
|
||||||
# define ASN1_EXP_SET_OF_OPT(stname, field, type, tag) \
|
|
||||||
ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
|
|
||||||
|
|
||||||
# define ASN1_IMP_SEQUENCE_OF(stname, field, type, tag) \
|
|
||||||
ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
|
|
||||||
|
|
||||||
# define ASN1_IMP_SEQUENCE_OF_OPT(stname, field, type, tag) \
|
|
||||||
ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
|
|
||||||
|
|
||||||
# define ASN1_EXP_SEQUENCE_OF(stname, field, type, tag) \
|
|
||||||
ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
|
|
||||||
|
|
||||||
# define ASN1_EXP_SEQUENCE_OF_OPT(stname, field, type, tag) \
|
|
||||||
ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
|
|
||||||
|
|
||||||
/* EXPLICIT using indefinite length constructed form */
|
|
||||||
# define ASN1_NDEF_EXP(stname, field, type, tag) \
|
|
||||||
ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_NDEF)
|
|
||||||
|
|
||||||
/* EXPLICIT OPTIONAL using indefinite length constructed form */
|
|
||||||
# define ASN1_NDEF_EXP_OPT(stname, field, type, tag) \
|
|
||||||
ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_NDEF)
|
|
||||||
|
|
||||||
/* Macros for the ASN1_ADB structure */
|
|
||||||
|
|
||||||
# define ASN1_ADB(name) \
|
|
||||||
static const ASN1_ADB_TABLE name##_adbtbl[]
|
|
||||||
|
|
||||||
# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
|
|
||||||
|
|
||||||
# define ASN1_ADB_END(name, flags, field, app_table, def, none) \
|
|
||||||
;\
|
|
||||||
static const ASN1_ADB name##_adb = {\
|
|
||||||
flags,\
|
|
||||||
offsetof(name, field),\
|
|
||||||
app_table,\
|
|
||||||
name##_adbtbl,\
|
|
||||||
sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\
|
|
||||||
def,\
|
|
||||||
none\
|
|
||||||
}
|
|
||||||
|
|
||||||
# else
|
|
||||||
|
|
||||||
# define ASN1_ADB_END(name, flags, field, app_table, def, none) \
|
|
||||||
;\
|
|
||||||
static const ASN1_ITEM *name##_adb(void) \
|
|
||||||
{ \
|
|
||||||
static const ASN1_ADB internal_adb = \
|
|
||||||
{\
|
|
||||||
flags,\
|
|
||||||
offsetof(name, field),\
|
|
||||||
app_table,\
|
|
||||||
name##_adbtbl,\
|
|
||||||
sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\
|
|
||||||
def,\
|
|
||||||
none\
|
|
||||||
}; \
|
|
||||||
return (const ASN1_ITEM *) &internal_adb; \
|
|
||||||
} \
|
|
||||||
void dummy_function(void)
|
|
||||||
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# define ADB_ENTRY(val, template) {val, template}
|
|
||||||
|
|
||||||
# define ASN1_ADB_TEMPLATE(name) \
|
|
||||||
static const ASN1_TEMPLATE name##_tt
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This is the ASN1 template structure that defines a wrapper round the
|
|
||||||
* actual type. It determines the actual position of the field in the value
|
|
||||||
* structure, various flags such as OPTIONAL and the field name.
|
|
||||||
*/
|
|
||||||
|
|
||||||
struct ASN1_TEMPLATE_st {
|
|
||||||
unsigned long flags; /* Various flags */
|
|
||||||
long tag; /* tag, not used if no tagging */
|
|
||||||
unsigned long offset; /* Offset of this field in structure */
|
|
||||||
# ifndef NO_ASN1_FIELD_NAMES
|
|
||||||
const char *field_name; /* Field name */
|
|
||||||
# endif
|
|
||||||
ASN1_ITEM_EXP *item; /* Relevant ASN1_ITEM or ASN1_ADB */
|
|
||||||
};
|
|
||||||
|
|
||||||
/* Macro to extract ASN1_ITEM and ASN1_ADB pointer from ASN1_TEMPLATE */
|
|
||||||
|
|
||||||
# define ASN1_TEMPLATE_item(t) (t->item_ptr)
|
|
||||||
# define ASN1_TEMPLATE_adb(t) (t->item_ptr)
|
|
||||||
|
|
||||||
typedef struct ASN1_ADB_TABLE_st ASN1_ADB_TABLE;
|
|
||||||
typedef struct ASN1_ADB_st ASN1_ADB;
|
|
||||||
|
|
||||||
struct ASN1_ADB_st {
|
|
||||||
unsigned long flags; /* Various flags */
|
|
||||||
unsigned long offset; /* Offset of selector field */
|
|
||||||
STACK_OF(ASN1_ADB_TABLE) **app_items; /* Application defined items */
|
|
||||||
const ASN1_ADB_TABLE *tbl; /* Table of possible types */
|
|
||||||
long tblcount; /* Number of entries in tbl */
|
|
||||||
const ASN1_TEMPLATE *default_tt; /* Type to use if no match */
|
|
||||||
const ASN1_TEMPLATE *null_tt; /* Type to use if selector is NULL */
|
|
||||||
};
|
|
||||||
|
|
||||||
struct ASN1_ADB_TABLE_st {
|
|
||||||
long value; /* NID for an object or value for an int */
|
|
||||||
const ASN1_TEMPLATE tt; /* item for this value */
|
|
||||||
};
|
|
||||||
|
|
||||||
/* template flags */
|
|
||||||
|
|
||||||
/* Field is optional */
|
|
||||||
# define ASN1_TFLG_OPTIONAL (0x1)
|
|
||||||
|
|
||||||
/* Field is a SET OF */
|
|
||||||
# define ASN1_TFLG_SET_OF (0x1 << 1)
|
|
||||||
|
|
||||||
/* Field is a SEQUENCE OF */
|
|
||||||
# define ASN1_TFLG_SEQUENCE_OF (0x2 << 1)
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Special case: this refers to a SET OF that will be sorted into DER order
|
|
||||||
* when encoded *and* the corresponding STACK will be modified to match the
|
|
||||||
* new order.
|
|
||||||
*/
|
|
||||||
# define ASN1_TFLG_SET_ORDER (0x3 << 1)
|
|
||||||
|
|
||||||
/* Mask for SET OF or SEQUENCE OF */
|
|
||||||
# define ASN1_TFLG_SK_MASK (0x3 << 1)
|
|
||||||
|
|
||||||
/*
|
|
||||||
* These flags mean the tag should be taken from the tag field. If EXPLICIT
|
|
||||||
* then the underlying type is used for the inner tag.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* IMPLICIT tagging */
|
|
||||||
# define ASN1_TFLG_IMPTAG (0x1 << 3)
|
|
||||||
|
|
||||||
/* EXPLICIT tagging, inner tag from underlying type */
|
|
||||||
# define ASN1_TFLG_EXPTAG (0x2 << 3)
|
|
||||||
|
|
||||||
# define ASN1_TFLG_TAG_MASK (0x3 << 3)
|
|
||||||
|
|
||||||
/* context specific IMPLICIT */
|
|
||||||
# define ASN1_TFLG_IMPLICIT ASN1_TFLG_IMPTAG|ASN1_TFLG_CONTEXT
|
|
||||||
|
|
||||||
/* context specific EXPLICIT */
|
|
||||||
# define ASN1_TFLG_EXPLICIT ASN1_TFLG_EXPTAG|ASN1_TFLG_CONTEXT
|
|
||||||
|
|
||||||
/*
|
|
||||||
* If tagging is in force these determine the type of tag to use. Otherwise
|
|
||||||
* the tag is determined by the underlying type. These values reflect the
|
|
||||||
* actual octet format.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* Universal tag */
|
|
||||||
# define ASN1_TFLG_UNIVERSAL (0x0<<6)
|
|
||||||
/* Application tag */
|
|
||||||
# define ASN1_TFLG_APPLICATION (0x1<<6)
|
|
||||||
/* Context specific tag */
|
|
||||||
# define ASN1_TFLG_CONTEXT (0x2<<6)
|
|
||||||
/* Private tag */
|
|
||||||
# define ASN1_TFLG_PRIVATE (0x3<<6)
|
|
||||||
|
|
||||||
# define ASN1_TFLG_TAG_CLASS (0x3<<6)
|
|
||||||
|
|
||||||
/*
|
|
||||||
* These are for ANY DEFINED BY type. In this case the 'item' field points to
|
|
||||||
* an ASN1_ADB structure which contains a table of values to decode the
|
|
||||||
* relevant type
|
|
||||||
*/
|
|
||||||
|
|
||||||
# define ASN1_TFLG_ADB_MASK (0x3<<8)
|
|
||||||
|
|
||||||
# define ASN1_TFLG_ADB_OID (0x1<<8)
|
|
||||||
|
|
||||||
# define ASN1_TFLG_ADB_INT (0x1<<9)
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This flag means a parent structure is passed instead of the field: this is
|
|
||||||
* useful is a SEQUENCE is being combined with a CHOICE for example. Since
|
|
||||||
* this means the structure and item name will differ we need to use the
|
|
||||||
* ASN1_CHOICE_END_name() macro for example.
|
|
||||||
*/
|
|
||||||
|
|
||||||
# define ASN1_TFLG_COMBINE (0x1<<10)
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This flag when present in a SEQUENCE OF, SET OF or EXPLICIT causes
|
|
||||||
* indefinite length constructed encoding to be used if required.
|
|
||||||
*/
|
|
||||||
|
|
||||||
# define ASN1_TFLG_NDEF (0x1<<11)
|
|
||||||
|
|
||||||
/* This is the actual ASN1 item itself */
|
|
||||||
|
|
||||||
struct ASN1_ITEM_st {
|
|
||||||
char itype; /* The item type, primitive, SEQUENCE, CHOICE
|
|
||||||
* or extern */
|
|
||||||
long utype; /* underlying type */
|
|
||||||
const ASN1_TEMPLATE *templates; /* If SEQUENCE or CHOICE this contains
|
|
||||||
* the contents */
|
|
||||||
long tcount; /* Number of templates if SEQUENCE or CHOICE */
|
|
||||||
const void *funcs; /* functions that handle this type */
|
|
||||||
long size; /* Structure size (usually) */
|
|
||||||
# ifndef NO_ASN1_FIELD_NAMES
|
|
||||||
const char *sname; /* Structure name */
|
|
||||||
# endif
|
|
||||||
};
|
|
||||||
|
|
||||||
/*-
|
|
||||||
* These are values for the itype field and
|
|
||||||
* determine how the type is interpreted.
|
|
||||||
*
|
|
||||||
* For PRIMITIVE types the underlying type
|
|
||||||
* determines the behaviour if items is NULL.
|
|
||||||
*
|
|
||||||
* Otherwise templates must contain a single
|
|
||||||
* template and the type is treated in the
|
|
||||||
* same way as the type specified in the template.
|
|
||||||
*
|
|
||||||
* For SEQUENCE types the templates field points
|
|
||||||
* to the members, the size field is the
|
|
||||||
* structure size.
|
|
||||||
*
|
|
||||||
* For CHOICE types the templates field points
|
|
||||||
* to each possible member (typically a union)
|
|
||||||
* and the 'size' field is the offset of the
|
|
||||||
* selector.
|
|
||||||
*
|
|
||||||
* The 'funcs' field is used for application
|
|
||||||
* specific functions.
|
|
||||||
*
|
|
||||||
* For COMPAT types the funcs field gives a
|
|
||||||
* set of functions that handle this type, this
|
|
||||||
* supports the old d2i, i2d convention.
|
|
||||||
*
|
|
||||||
* The EXTERN type uses a new style d2i/i2d.
|
|
||||||
* The new style should be used where possible
|
|
||||||
* because it avoids things like the d2i IMPLICIT
|
|
||||||
* hack.
|
|
||||||
*
|
|
||||||
* MSTRING is a multiple string type, it is used
|
|
||||||
* for a CHOICE of character strings where the
|
|
||||||
* actual strings all occupy an ASN1_STRING
|
|
||||||
* structure. In this case the 'utype' field
|
|
||||||
* has a special meaning, it is used as a mask
|
|
||||||
* of acceptable types using the B_ASN1 constants.
|
|
||||||
*
|
|
||||||
* NDEF_SEQUENCE is the same as SEQUENCE except
|
|
||||||
* that it will use indefinite length constructed
|
|
||||||
* encoding if requested.
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
|
|
||||||
# define ASN1_ITYPE_PRIMITIVE 0x0
|
|
||||||
|
|
||||||
# define ASN1_ITYPE_SEQUENCE 0x1
|
|
||||||
|
|
||||||
# define ASN1_ITYPE_CHOICE 0x2
|
|
||||||
|
|
||||||
# define ASN1_ITYPE_COMPAT 0x3
|
|
||||||
|
|
||||||
# define ASN1_ITYPE_EXTERN 0x4
|
|
||||||
|
|
||||||
# define ASN1_ITYPE_MSTRING 0x5
|
|
||||||
|
|
||||||
# define ASN1_ITYPE_NDEF_SEQUENCE 0x6
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Cache for ASN1 tag and length, so we don't keep re-reading it for things
|
|
||||||
* like CHOICE
|
|
||||||
*/
|
|
||||||
|
|
||||||
struct ASN1_TLC_st {
|
|
||||||
char valid; /* Values below are valid */
|
|
||||||
int ret; /* return value */
|
|
||||||
long plen; /* length */
|
|
||||||
int ptag; /* class value */
|
|
||||||
int pclass; /* class value */
|
|
||||||
int hdrlen; /* header length */
|
|
||||||
};
|
|
||||||
|
|
||||||
/* Typedefs for ASN1 function pointers */
|
|
||||||
|
|
||||||
typedef ASN1_VALUE *ASN1_new_func(void);
|
|
||||||
typedef void ASN1_free_func(ASN1_VALUE *a);
|
|
||||||
typedef ASN1_VALUE *ASN1_d2i_func(ASN1_VALUE **a, const unsigned char **in,
|
|
||||||
long length);
|
|
||||||
typedef int ASN1_i2d_func(ASN1_VALUE *a, unsigned char **in);
|
|
||||||
|
|
||||||
typedef int ASN1_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
|
|
||||||
const ASN1_ITEM *it, int tag, int aclass, char opt,
|
|
||||||
ASN1_TLC *ctx);
|
|
||||||
|
|
||||||
typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
|
|
||||||
const ASN1_ITEM *it, int tag, int aclass);
|
|
||||||
typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
|
|
||||||
typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
|
|
||||||
|
|
||||||
typedef int ASN1_ex_print_func(BIO *out, ASN1_VALUE **pval,
|
|
||||||
int indent, const char *fname,
|
|
||||||
const ASN1_PCTX *pctx);
|
|
||||||
|
|
||||||
typedef int ASN1_primitive_i2c(ASN1_VALUE **pval, unsigned char *cont,
|
|
||||||
int *putype, const ASN1_ITEM *it);
|
|
||||||
typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, const unsigned char *cont,
|
|
||||||
int len, int utype, char *free_cont,
|
|
||||||
const ASN1_ITEM *it);
|
|
||||||
typedef int ASN1_primitive_print(BIO *out, ASN1_VALUE **pval,
|
|
||||||
const ASN1_ITEM *it, int indent,
|
|
||||||
const ASN1_PCTX *pctx);
|
|
||||||
|
|
||||||
typedef struct ASN1_COMPAT_FUNCS_st {
|
|
||||||
ASN1_new_func *asn1_new;
|
|
||||||
ASN1_free_func *asn1_free;
|
|
||||||
ASN1_d2i_func *asn1_d2i;
|
|
||||||
ASN1_i2d_func *asn1_i2d;
|
|
||||||
} ASN1_COMPAT_FUNCS;
|
|
||||||
|
|
||||||
typedef struct ASN1_EXTERN_FUNCS_st {
|
|
||||||
void *app_data;
|
|
||||||
ASN1_ex_new_func *asn1_ex_new;
|
|
||||||
ASN1_ex_free_func *asn1_ex_free;
|
|
||||||
ASN1_ex_free_func *asn1_ex_clear;
|
|
||||||
ASN1_ex_d2i *asn1_ex_d2i;
|
|
||||||
ASN1_ex_i2d *asn1_ex_i2d;
|
|
||||||
ASN1_ex_print_func *asn1_ex_print;
|
|
||||||
} ASN1_EXTERN_FUNCS;
|
|
||||||
|
|
||||||
typedef struct ASN1_PRIMITIVE_FUNCS_st {
|
|
||||||
void *app_data;
|
|
||||||
unsigned long flags;
|
|
||||||
ASN1_ex_new_func *prim_new;
|
|
||||||
ASN1_ex_free_func *prim_free;
|
|
||||||
ASN1_ex_free_func *prim_clear;
|
|
||||||
ASN1_primitive_c2i *prim_c2i;
|
|
||||||
ASN1_primitive_i2c *prim_i2c;
|
|
||||||
ASN1_primitive_print *prim_print;
|
|
||||||
} ASN1_PRIMITIVE_FUNCS;
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This is the ASN1_AUX structure: it handles various miscellaneous
|
|
||||||
* requirements. For example the use of reference counts and an informational
|
|
||||||
* callback. The "informational callback" is called at various points during
|
|
||||||
* the ASN1 encoding and decoding. It can be used to provide minor
|
|
||||||
* customisation of the structures used. This is most useful where the
|
|
||||||
* supplied routines *almost* do the right thing but need some extra help at
|
|
||||||
* a few points. If the callback returns zero then it is assumed a fatal
|
|
||||||
* error has occurred and the main operation should be abandoned. If major
|
|
||||||
* changes in the default behaviour are required then an external type is
|
|
||||||
* more appropriate.
|
|
||||||
*/
|
|
||||||
|
|
||||||
typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it,
|
|
||||||
void *exarg);
|
|
||||||
|
|
||||||
typedef struct ASN1_AUX_st {
|
|
||||||
void *app_data;
|
|
||||||
int flags;
|
|
||||||
int ref_offset; /* Offset of reference value */
|
|
||||||
int ref_lock; /* Lock type to use */
|
|
||||||
ASN1_aux_cb *asn1_cb;
|
|
||||||
int enc_offset; /* Offset of ASN1_ENCODING structure */
|
|
||||||
} ASN1_AUX;
|
|
||||||
|
|
||||||
/* For print related callbacks exarg points to this structure */
|
|
||||||
typedef struct ASN1_PRINT_ARG_st {
|
|
||||||
BIO *out;
|
|
||||||
int indent;
|
|
||||||
const ASN1_PCTX *pctx;
|
|
||||||
} ASN1_PRINT_ARG;
|
|
||||||
|
|
||||||
/* For streaming related callbacks exarg points to this structure */
|
|
||||||
typedef struct ASN1_STREAM_ARG_st {
|
|
||||||
/* BIO to stream through */
|
|
||||||
BIO *out;
|
|
||||||
/* BIO with filters appended */
|
|
||||||
BIO *ndef_bio;
|
|
||||||
/* Streaming I/O boundary */
|
|
||||||
unsigned char **boundary;
|
|
||||||
} ASN1_STREAM_ARG;
|
|
||||||
|
|
||||||
/* Flags in ASN1_AUX */
|
|
||||||
|
|
||||||
/* Use a reference count */
|
|
||||||
# define ASN1_AFLG_REFCOUNT 1
|
|
||||||
/* Save the encoding of structure (useful for signatures) */
|
|
||||||
# define ASN1_AFLG_ENCODING 2
|
|
||||||
/* The Sequence length is invalid */
|
|
||||||
# define ASN1_AFLG_BROKEN 4
|
|
||||||
|
|
||||||
/* operation values for asn1_cb */
|
|
||||||
|
|
||||||
# define ASN1_OP_NEW_PRE 0
|
|
||||||
# define ASN1_OP_NEW_POST 1
|
|
||||||
# define ASN1_OP_FREE_PRE 2
|
|
||||||
# define ASN1_OP_FREE_POST 3
|
|
||||||
# define ASN1_OP_D2I_PRE 4
|
|
||||||
# define ASN1_OP_D2I_POST 5
|
|
||||||
# define ASN1_OP_I2D_PRE 6
|
|
||||||
# define ASN1_OP_I2D_POST 7
|
|
||||||
# define ASN1_OP_PRINT_PRE 8
|
|
||||||
# define ASN1_OP_PRINT_POST 9
|
|
||||||
# define ASN1_OP_STREAM_PRE 10
|
|
||||||
# define ASN1_OP_STREAM_POST 11
|
|
||||||
# define ASN1_OP_DETACHED_PRE 12
|
|
||||||
# define ASN1_OP_DETACHED_POST 13
|
|
||||||
|
|
||||||
/* Macro to implement a primitive type */
|
|
||||||
# define IMPLEMENT_ASN1_TYPE(stname) IMPLEMENT_ASN1_TYPE_ex(stname, stname, 0)
|
|
||||||
# define IMPLEMENT_ASN1_TYPE_ex(itname, vname, ex) \
|
|
||||||
ASN1_ITEM_start(itname) \
|
|
||||||
ASN1_ITYPE_PRIMITIVE, V_##vname, NULL, 0, NULL, ex, #itname \
|
|
||||||
ASN1_ITEM_end(itname)
|
|
||||||
|
|
||||||
/* Macro to implement a multi string type */
|
|
||||||
# define IMPLEMENT_ASN1_MSTRING(itname, mask) \
|
|
||||||
ASN1_ITEM_start(itname) \
|
|
||||||
ASN1_ITYPE_MSTRING, mask, NULL, 0, NULL, sizeof(ASN1_STRING), #itname \
|
|
||||||
ASN1_ITEM_end(itname)
|
|
||||||
|
|
||||||
/* Macro to implement an ASN1_ITEM in terms of old style funcs */
|
|
||||||
|
|
||||||
# define IMPLEMENT_COMPAT_ASN1(sname) IMPLEMENT_COMPAT_ASN1_type(sname, V_ASN1_SEQUENCE)
|
|
||||||
|
|
||||||
# define IMPLEMENT_COMPAT_ASN1_type(sname, tag) \
|
|
||||||
static const ASN1_COMPAT_FUNCS sname##_ff = { \
|
|
||||||
(ASN1_new_func *)sname##_new, \
|
|
||||||
(ASN1_free_func *)sname##_free, \
|
|
||||||
(ASN1_d2i_func *)d2i_##sname, \
|
|
||||||
(ASN1_i2d_func *)i2d_##sname, \
|
|
||||||
}; \
|
|
||||||
ASN1_ITEM_start(sname) \
|
|
||||||
ASN1_ITYPE_COMPAT, \
|
|
||||||
tag, \
|
|
||||||
NULL, \
|
|
||||||
0, \
|
|
||||||
&sname##_ff, \
|
|
||||||
0, \
|
|
||||||
#sname \
|
|
||||||
ASN1_ITEM_end(sname)
|
|
||||||
|
|
||||||
# define IMPLEMENT_EXTERN_ASN1(sname, tag, fptrs) \
|
|
||||||
ASN1_ITEM_start(sname) \
|
|
||||||
ASN1_ITYPE_EXTERN, \
|
|
||||||
tag, \
|
|
||||||
NULL, \
|
|
||||||
0, \
|
|
||||||
&fptrs, \
|
|
||||||
0, \
|
|
||||||
#sname \
|
|
||||||
ASN1_ITEM_end(sname)
|
|
||||||
|
|
||||||
/* Macro to implement standard functions in terms of ASN1_ITEM structures */
|
|
||||||
|
|
||||||
# define IMPLEMENT_ASN1_FUNCTIONS(stname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, stname, stname)
|
|
||||||
|
|
||||||
# define IMPLEMENT_ASN1_FUNCTIONS_name(stname, itname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, itname)
|
|
||||||
|
|
||||||
# define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \
|
|
||||||
IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname)
|
|
||||||
|
|
||||||
# define IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(stname) \
|
|
||||||
IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(static, stname, stname, stname)
|
|
||||||
|
|
||||||
# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS(stname) \
|
|
||||||
IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, stname, stname)
|
|
||||||
|
|
||||||
# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(pre, stname, itname, fname) \
|
|
||||||
pre stname *fname##_new(void) \
|
|
||||||
{ \
|
|
||||||
return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
|
|
||||||
} \
|
|
||||||
pre void fname##_free(stname *a) \
|
|
||||||
{ \
|
|
||||||
ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
|
|
||||||
}
|
|
||||||
|
|
||||||
# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \
|
|
||||||
stname *fname##_new(void) \
|
|
||||||
{ \
|
|
||||||
return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
|
|
||||||
} \
|
|
||||||
void fname##_free(stname *a) \
|
|
||||||
{ \
|
|
||||||
ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
|
|
||||||
}
|
|
||||||
|
|
||||||
# define IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, fname) \
|
|
||||||
IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
|
|
||||||
IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
|
|
||||||
|
|
||||||
# define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
|
|
||||||
stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
|
|
||||||
{ \
|
|
||||||
return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\
|
|
||||||
} \
|
|
||||||
int i2d_##fname(stname *a, unsigned char **out) \
|
|
||||||
{ \
|
|
||||||
return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
|
|
||||||
}
|
|
||||||
|
|
||||||
# define IMPLEMENT_ASN1_NDEF_FUNCTION(stname) \
|
|
||||||
int i2d_##stname##_NDEF(stname *a, unsigned char **out) \
|
|
||||||
{ \
|
|
||||||
return ASN1_item_ndef_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(stname));\
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This includes evil casts to remove const: they will go away when full ASN1
|
|
||||||
* constification is done.
|
|
||||||
*/
|
|
||||||
# define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
|
|
||||||
stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
|
|
||||||
{ \
|
|
||||||
return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\
|
|
||||||
} \
|
|
||||||
int i2d_##fname(const stname *a, unsigned char **out) \
|
|
||||||
{ \
|
|
||||||
return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
|
|
||||||
}
|
|
||||||
|
|
||||||
# define IMPLEMENT_ASN1_DUP_FUNCTION(stname) \
|
|
||||||
stname * stname##_dup(stname *x) \
|
|
||||||
{ \
|
|
||||||
return ASN1_item_dup(ASN1_ITEM_rptr(stname), x); \
|
|
||||||
}
|
|
||||||
|
|
||||||
# define IMPLEMENT_ASN1_PRINT_FUNCTION(stname) \
|
|
||||||
IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, stname, stname)
|
|
||||||
|
|
||||||
# define IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, itname, fname) \
|
|
||||||
int fname##_print_ctx(BIO *out, stname *x, int indent, \
|
|
||||||
const ASN1_PCTX *pctx) \
|
|
||||||
{ \
|
|
||||||
return ASN1_item_print(out, (ASN1_VALUE *)x, indent, \
|
|
||||||
ASN1_ITEM_rptr(itname), pctx); \
|
|
||||||
}
|
|
||||||
|
|
||||||
# define IMPLEMENT_ASN1_FUNCTIONS_const(name) \
|
|
||||||
IMPLEMENT_ASN1_FUNCTIONS_const_fname(name, name, name)
|
|
||||||
|
|
||||||
# define IMPLEMENT_ASN1_FUNCTIONS_const_fname(stname, itname, fname) \
|
|
||||||
IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
|
|
||||||
IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
|
|
||||||
|
|
||||||
/* external definitions for primitive types */
|
|
||||||
|
|
||||||
DECLARE_ASN1_ITEM(ASN1_BOOLEAN)
|
|
||||||
DECLARE_ASN1_ITEM(ASN1_TBOOLEAN)
|
|
||||||
DECLARE_ASN1_ITEM(ASN1_FBOOLEAN)
|
|
||||||
DECLARE_ASN1_ITEM(ASN1_SEQUENCE)
|
|
||||||
DECLARE_ASN1_ITEM(CBIGNUM)
|
|
||||||
DECLARE_ASN1_ITEM(BIGNUM)
|
|
||||||
DECLARE_ASN1_ITEM(LONG)
|
|
||||||
DECLARE_ASN1_ITEM(ZLONG)
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(ASN1_VALUE)
|
|
||||||
|
|
||||||
/* Functions used internally by the ASN1 code */
|
|
||||||
|
|
||||||
int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
|
|
||||||
void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
|
|
||||||
int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
|
|
||||||
int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
|
|
||||||
|
|
||||||
void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
|
|
||||||
int ASN1_template_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
|
|
||||||
const ASN1_TEMPLATE *tt);
|
|
||||||
int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
|
|
||||||
const ASN1_ITEM *it, int tag, int aclass, char opt,
|
|
||||||
ASN1_TLC *ctx);
|
|
||||||
|
|
||||||
int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
|
|
||||||
const ASN1_ITEM *it, int tag, int aclass);
|
|
||||||
int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out,
|
|
||||||
const ASN1_TEMPLATE *tt);
|
|
||||||
void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
|
|
||||||
|
|
||||||
int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
|
|
||||||
const ASN1_ITEM *it);
|
|
||||||
int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
|
|
||||||
int utype, char *free_cont, const ASN1_ITEM *it);
|
|
||||||
|
|
||||||
int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it);
|
|
||||||
int asn1_set_choice_selector(ASN1_VALUE **pval, int value,
|
|
||||||
const ASN1_ITEM *it);
|
|
||||||
|
|
||||||
ASN1_VALUE **asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
|
|
||||||
|
|
||||||
const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt,
|
|
||||||
int nullerr);
|
|
||||||
|
|
||||||
int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it);
|
|
||||||
|
|
||||||
void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it);
|
|
||||||
void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
|
|
||||||
int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval,
|
|
||||||
const ASN1_ITEM *it);
|
|
||||||
int asn1_enc_save(ASN1_VALUE **pval, const unsigned char *in, int inlen,
|
|
||||||
const ASN1_ITEM *it);
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#endif
|
|
|
@ -1,130 +0,0 @@
|
||||||
/* crypto/bf/blowfish.h */
|
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
|
||||||
* All rights reserved.
|
|
||||||
*
|
|
||||||
* This package is an SSL implementation written
|
|
||||||
* by Eric Young (eay@cryptsoft.com).
|
|
||||||
* The implementation was written so as to conform with Netscapes SSL.
|
|
||||||
*
|
|
||||||
* This library is free for commercial and non-commercial use as long as
|
|
||||||
* the following conditions are aheared to. The following conditions
|
|
||||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
||||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
||||||
* included with this distribution is covered by the same copyright terms
|
|
||||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
||||||
* the code are not to be removed.
|
|
||||||
* If this package is used in a product, Eric Young should be given attribution
|
|
||||||
* as the author of the parts of the library used.
|
|
||||||
* This can be in the form of a textual message at program startup or
|
|
||||||
* in documentation (online or textual) provided with the package.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. All advertising materials mentioning features or use of this software
|
|
||||||
* must display the following acknowledgement:
|
|
||||||
* "This product includes cryptographic software written by
|
|
||||||
* Eric Young (eay@cryptsoft.com)"
|
|
||||||
* The word 'cryptographic' can be left out if the rouines from the library
|
|
||||||
* being used are not cryptographic related :-).
|
|
||||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
||||||
* the apps directory (application code) you must include an acknowledgement:
|
|
||||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
||||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
||||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
||||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
* SUCH DAMAGE.
|
|
||||||
*
|
|
||||||
* The licence and distribution terms for any publically available version or
|
|
||||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
||||||
* copied and put under another distribution licence
|
|
||||||
* [including the GNU Public Licence.]
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_BLOWFISH_H
|
|
||||||
# define HEADER_BLOWFISH_H
|
|
||||||
|
|
||||||
# include <openssl/e_os2.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
# ifdef OPENSSL_NO_BF
|
|
||||||
# error BF is disabled.
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# define BF_ENCRYPT 1
|
|
||||||
# define BF_DECRYPT 0
|
|
||||||
|
|
||||||
/*-
|
|
||||||
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
|
||||||
* ! BF_LONG has to be at least 32 bits wide. If it's wider, then !
|
|
||||||
* ! BF_LONG_LOG2 has to be defined along. !
|
|
||||||
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
|
||||||
*/
|
|
||||||
|
|
||||||
# if defined(__LP32__)
|
|
||||||
# define BF_LONG unsigned long
|
|
||||||
# elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
|
|
||||||
# define BF_LONG unsigned long
|
|
||||||
# define BF_LONG_LOG2 3
|
|
||||||
/*
|
|
||||||
* _CRAY note. I could declare short, but I have no idea what impact
|
|
||||||
* does it have on performance on none-T3E machines. I could declare
|
|
||||||
* int, but at least on C90 sizeof(int) can be chosen at compile time.
|
|
||||||
* So I've chosen long...
|
|
||||||
* <appro@fy.chalmers.se>
|
|
||||||
*/
|
|
||||||
# else
|
|
||||||
# define BF_LONG unsigned int
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# define BF_ROUNDS 16
|
|
||||||
# define BF_BLOCK 8
|
|
||||||
|
|
||||||
typedef struct bf_key_st {
|
|
||||||
BF_LONG P[BF_ROUNDS + 2];
|
|
||||||
BF_LONG S[4 * 256];
|
|
||||||
} BF_KEY;
|
|
||||||
|
|
||||||
# ifdef OPENSSL_FIPS
|
|
||||||
void private_BF_set_key(BF_KEY *key, int len, const unsigned char *data);
|
|
||||||
# endif
|
|
||||||
void BF_set_key(BF_KEY *key, int len, const unsigned char *data);
|
|
||||||
|
|
||||||
void BF_encrypt(BF_LONG *data, const BF_KEY *key);
|
|
||||||
void BF_decrypt(BF_LONG *data, const BF_KEY *key);
|
|
||||||
|
|
||||||
void BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
const BF_KEY *key, int enc);
|
|
||||||
void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
|
|
||||||
const BF_KEY *schedule, unsigned char *ivec, int enc);
|
|
||||||
void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
long length, const BF_KEY *schedule,
|
|
||||||
unsigned char *ivec, int *num, int enc);
|
|
||||||
void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
long length, const BF_KEY *schedule,
|
|
||||||
unsigned char *ivec, int *num);
|
|
||||||
const char *BF_options(void);
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif
|
|
|
@ -1,132 +0,0 @@
|
||||||
/* crypto/camellia/camellia.h -*- mode:C; c-file-style: "eay" -*- */
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
*
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
*
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in
|
|
||||||
* the documentation and/or other materials provided with the
|
|
||||||
* distribution.
|
|
||||||
*
|
|
||||||
* 3. All advertising materials mentioning features or use of this
|
|
||||||
* software must display the following acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
|
||||||
*
|
|
||||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* prior written permission. For written permission, please contact
|
|
||||||
* openssl-core@openssl.org.
|
|
||||||
*
|
|
||||||
* 5. Products derived from this software may not be called "OpenSSL"
|
|
||||||
* nor may "OpenSSL" appear in their names without prior written
|
|
||||||
* permission of the OpenSSL Project.
|
|
||||||
*
|
|
||||||
* 6. Redistributions of any form whatsoever must retain the following
|
|
||||||
* acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
||||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
||||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
||||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
||||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
||||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
||||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
||||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
||||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
* ====================================================================
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_CAMELLIA_H
|
|
||||||
# define HEADER_CAMELLIA_H
|
|
||||||
|
|
||||||
# include <openssl/opensslconf.h>
|
|
||||||
|
|
||||||
# ifdef OPENSSL_NO_CAMELLIA
|
|
||||||
# error CAMELLIA is disabled.
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# include <stddef.h>
|
|
||||||
|
|
||||||
# define CAMELLIA_ENCRYPT 1
|
|
||||||
# define CAMELLIA_DECRYPT 0
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Because array size can't be a const in C, the following two are macros.
|
|
||||||
* Both sizes are in bytes.
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* This should be a hidden type, but EVP requires that the size be known */
|
|
||||||
|
|
||||||
# define CAMELLIA_BLOCK_SIZE 16
|
|
||||||
# define CAMELLIA_TABLE_BYTE_LEN 272
|
|
||||||
# define CAMELLIA_TABLE_WORD_LEN (CAMELLIA_TABLE_BYTE_LEN / 4)
|
|
||||||
|
|
||||||
typedef unsigned int KEY_TABLE_TYPE[CAMELLIA_TABLE_WORD_LEN]; /* to match
|
|
||||||
* with WORD */
|
|
||||||
|
|
||||||
struct camellia_key_st {
|
|
||||||
union {
|
|
||||||
double d; /* ensures 64-bit align */
|
|
||||||
KEY_TABLE_TYPE rd_key;
|
|
||||||
} u;
|
|
||||||
int grand_rounds;
|
|
||||||
};
|
|
||||||
typedef struct camellia_key_st CAMELLIA_KEY;
|
|
||||||
|
|
||||||
# ifdef OPENSSL_FIPS
|
|
||||||
int private_Camellia_set_key(const unsigned char *userKey, const int bits,
|
|
||||||
CAMELLIA_KEY *key);
|
|
||||||
# endif
|
|
||||||
int Camellia_set_key(const unsigned char *userKey, const int bits,
|
|
||||||
CAMELLIA_KEY *key);
|
|
||||||
|
|
||||||
void Camellia_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
const CAMELLIA_KEY *key);
|
|
||||||
void Camellia_decrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
const CAMELLIA_KEY *key);
|
|
||||||
|
|
||||||
void Camellia_ecb_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
const CAMELLIA_KEY *key, const int enc);
|
|
||||||
void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t length, const CAMELLIA_KEY *key,
|
|
||||||
unsigned char *ivec, const int enc);
|
|
||||||
void Camellia_cfb128_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t length, const CAMELLIA_KEY *key,
|
|
||||||
unsigned char *ivec, int *num, const int enc);
|
|
||||||
void Camellia_cfb1_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t length, const CAMELLIA_KEY *key,
|
|
||||||
unsigned char *ivec, int *num, const int enc);
|
|
||||||
void Camellia_cfb8_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t length, const CAMELLIA_KEY *key,
|
|
||||||
unsigned char *ivec, int *num, const int enc);
|
|
||||||
void Camellia_ofb128_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t length, const CAMELLIA_KEY *key,
|
|
||||||
unsigned char *ivec, int *num);
|
|
||||||
void Camellia_ctr128_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t length, const CAMELLIA_KEY *key,
|
|
||||||
unsigned char ivec[CAMELLIA_BLOCK_SIZE],
|
|
||||||
unsigned char ecount_buf[CAMELLIA_BLOCK_SIZE],
|
|
||||||
unsigned int *num);
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif /* !HEADER_Camellia_H */
|
|
|
@ -1,107 +0,0 @@
|
||||||
/* crypto/cast/cast.h */
|
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
|
||||||
* All rights reserved.
|
|
||||||
*
|
|
||||||
* This package is an SSL implementation written
|
|
||||||
* by Eric Young (eay@cryptsoft.com).
|
|
||||||
* The implementation was written so as to conform with Netscapes SSL.
|
|
||||||
*
|
|
||||||
* This library is free for commercial and non-commercial use as long as
|
|
||||||
* the following conditions are aheared to. The following conditions
|
|
||||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
||||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
||||||
* included with this distribution is covered by the same copyright terms
|
|
||||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
||||||
* the code are not to be removed.
|
|
||||||
* If this package is used in a product, Eric Young should be given attribution
|
|
||||||
* as the author of the parts of the library used.
|
|
||||||
* This can be in the form of a textual message at program startup or
|
|
||||||
* in documentation (online or textual) provided with the package.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. All advertising materials mentioning features or use of this software
|
|
||||||
* must display the following acknowledgement:
|
|
||||||
* "This product includes cryptographic software written by
|
|
||||||
* Eric Young (eay@cryptsoft.com)"
|
|
||||||
* The word 'cryptographic' can be left out if the rouines from the library
|
|
||||||
* being used are not cryptographic related :-).
|
|
||||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
||||||
* the apps directory (application code) you must include an acknowledgement:
|
|
||||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
||||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
||||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
||||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
* SUCH DAMAGE.
|
|
||||||
*
|
|
||||||
* The licence and distribution terms for any publically available version or
|
|
||||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
||||||
* copied and put under another distribution licence
|
|
||||||
* [including the GNU Public Licence.]
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_CAST_H
|
|
||||||
# define HEADER_CAST_H
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
# include <openssl/opensslconf.h>
|
|
||||||
|
|
||||||
# ifdef OPENSSL_NO_CAST
|
|
||||||
# error CAST is disabled.
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# define CAST_ENCRYPT 1
|
|
||||||
# define CAST_DECRYPT 0
|
|
||||||
|
|
||||||
# define CAST_LONG unsigned int
|
|
||||||
|
|
||||||
# define CAST_BLOCK 8
|
|
||||||
# define CAST_KEY_LENGTH 16
|
|
||||||
|
|
||||||
typedef struct cast_key_st {
|
|
||||||
CAST_LONG data[32];
|
|
||||||
int short_key; /* Use reduced rounds for short key */
|
|
||||||
} CAST_KEY;
|
|
||||||
|
|
||||||
# ifdef OPENSSL_FIPS
|
|
||||||
void private_CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
|
|
||||||
# endif
|
|
||||||
void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
|
|
||||||
void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
const CAST_KEY *key, int enc);
|
|
||||||
void CAST_encrypt(CAST_LONG *data, const CAST_KEY *key);
|
|
||||||
void CAST_decrypt(CAST_LONG *data, const CAST_KEY *key);
|
|
||||||
void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
long length, const CAST_KEY *ks, unsigned char *iv,
|
|
||||||
int enc);
|
|
||||||
void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
long length, const CAST_KEY *schedule,
|
|
||||||
unsigned char *ivec, int *num, int enc);
|
|
||||||
void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
long length, const CAST_KEY *schedule,
|
|
||||||
unsigned char *ivec, int *num);
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif
|
|
|
@ -1,82 +0,0 @@
|
||||||
/* crypto/cmac/cmac.h */
|
|
||||||
/*
|
|
||||||
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
|
||||||
* project.
|
|
||||||
*/
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 2010 The OpenSSL Project. All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
*
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
*
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in
|
|
||||||
* the documentation and/or other materials provided with the
|
|
||||||
* distribution.
|
|
||||||
*
|
|
||||||
* 3. All advertising materials mentioning features or use of this
|
|
||||||
* software must display the following acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
|
||||||
*
|
|
||||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* prior written permission. For written permission, please contact
|
|
||||||
* licensing@OpenSSL.org.
|
|
||||||
*
|
|
||||||
* 5. Products derived from this software may not be called "OpenSSL"
|
|
||||||
* nor may "OpenSSL" appear in their names without prior written
|
|
||||||
* permission of the OpenSSL Project.
|
|
||||||
*
|
|
||||||
* 6. Redistributions of any form whatsoever must retain the following
|
|
||||||
* acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
||||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
||||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
||||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
||||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
||||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
||||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
||||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
||||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
* ====================================================================
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_CMAC_H
|
|
||||||
# define HEADER_CMAC_H
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
# include <openssl/evp.h>
|
|
||||||
|
|
||||||
/* Opaque */
|
|
||||||
typedef struct CMAC_CTX_st CMAC_CTX;
|
|
||||||
|
|
||||||
CMAC_CTX *CMAC_CTX_new(void);
|
|
||||||
void CMAC_CTX_cleanup(CMAC_CTX *ctx);
|
|
||||||
void CMAC_CTX_free(CMAC_CTX *ctx);
|
|
||||||
EVP_CIPHER_CTX *CMAC_CTX_get0_cipher_ctx(CMAC_CTX *ctx);
|
|
||||||
int CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in);
|
|
||||||
|
|
||||||
int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
|
|
||||||
const EVP_CIPHER *cipher, ENGINE *impl);
|
|
||||||
int CMAC_Update(CMAC_CTX *ctx, const void *data, size_t dlen);
|
|
||||||
int CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen);
|
|
||||||
int CMAC_resume(CMAC_CTX *ctx);
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#endif
|
|
|
@ -1,555 +0,0 @@
|
||||||
/* crypto/cms/cms.h */
|
|
||||||
/*
|
|
||||||
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
|
||||||
* project.
|
|
||||||
*/
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 2008 The OpenSSL Project. All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
*
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
*
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in
|
|
||||||
* the documentation and/or other materials provided with the
|
|
||||||
* distribution.
|
|
||||||
*
|
|
||||||
* 3. All advertising materials mentioning features or use of this
|
|
||||||
* software must display the following acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
|
||||||
*
|
|
||||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* prior written permission. For written permission, please contact
|
|
||||||
* licensing@OpenSSL.org.
|
|
||||||
*
|
|
||||||
* 5. Products derived from this software may not be called "OpenSSL"
|
|
||||||
* nor may "OpenSSL" appear in their names without prior written
|
|
||||||
* permission of the OpenSSL Project.
|
|
||||||
*
|
|
||||||
* 6. Redistributions of any form whatsoever must retain the following
|
|
||||||
* acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
||||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
||||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
||||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
||||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
||||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
||||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
||||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
||||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
* ====================================================================
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_CMS_H
|
|
||||||
# define HEADER_CMS_H
|
|
||||||
|
|
||||||
# include <openssl/x509.h>
|
|
||||||
|
|
||||||
# ifdef OPENSSL_NO_CMS
|
|
||||||
# error CMS is disabled.
|
|
||||||
# endif
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
typedef struct CMS_ContentInfo_st CMS_ContentInfo;
|
|
||||||
typedef struct CMS_SignerInfo_st CMS_SignerInfo;
|
|
||||||
typedef struct CMS_CertificateChoices CMS_CertificateChoices;
|
|
||||||
typedef struct CMS_RevocationInfoChoice_st CMS_RevocationInfoChoice;
|
|
||||||
typedef struct CMS_RecipientInfo_st CMS_RecipientInfo;
|
|
||||||
typedef struct CMS_ReceiptRequest_st CMS_ReceiptRequest;
|
|
||||||
typedef struct CMS_Receipt_st CMS_Receipt;
|
|
||||||
typedef struct CMS_RecipientEncryptedKey_st CMS_RecipientEncryptedKey;
|
|
||||||
typedef struct CMS_OtherKeyAttribute_st CMS_OtherKeyAttribute;
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(CMS_SignerInfo)
|
|
||||||
DECLARE_STACK_OF(GENERAL_NAMES)
|
|
||||||
DECLARE_STACK_OF(CMS_RecipientEncryptedKey)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(CMS_ReceiptRequest)
|
|
||||||
DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
|
|
||||||
|
|
||||||
# define CMS_SIGNERINFO_ISSUER_SERIAL 0
|
|
||||||
# define CMS_SIGNERINFO_KEYIDENTIFIER 1
|
|
||||||
|
|
||||||
# define CMS_RECIPINFO_NONE -1
|
|
||||||
# define CMS_RECIPINFO_TRANS 0
|
|
||||||
# define CMS_RECIPINFO_AGREE 1
|
|
||||||
# define CMS_RECIPINFO_KEK 2
|
|
||||||
# define CMS_RECIPINFO_PASS 3
|
|
||||||
# define CMS_RECIPINFO_OTHER 4
|
|
||||||
|
|
||||||
/* S/MIME related flags */
|
|
||||||
|
|
||||||
# define CMS_TEXT 0x1
|
|
||||||
# define CMS_NOCERTS 0x2
|
|
||||||
# define CMS_NO_CONTENT_VERIFY 0x4
|
|
||||||
# define CMS_NO_ATTR_VERIFY 0x8
|
|
||||||
# define CMS_NOSIGS \
|
|
||||||
(CMS_NO_CONTENT_VERIFY|CMS_NO_ATTR_VERIFY)
|
|
||||||
# define CMS_NOINTERN 0x10
|
|
||||||
# define CMS_NO_SIGNER_CERT_VERIFY 0x20
|
|
||||||
# define CMS_NOVERIFY 0x20
|
|
||||||
# define CMS_DETACHED 0x40
|
|
||||||
# define CMS_BINARY 0x80
|
|
||||||
# define CMS_NOATTR 0x100
|
|
||||||
# define CMS_NOSMIMECAP 0x200
|
|
||||||
# define CMS_NOOLDMIMETYPE 0x400
|
|
||||||
# define CMS_CRLFEOL 0x800
|
|
||||||
# define CMS_STREAM 0x1000
|
|
||||||
# define CMS_NOCRL 0x2000
|
|
||||||
# define CMS_PARTIAL 0x4000
|
|
||||||
# define CMS_REUSE_DIGEST 0x8000
|
|
||||||
# define CMS_USE_KEYID 0x10000
|
|
||||||
# define CMS_DEBUG_DECRYPT 0x20000
|
|
||||||
# define CMS_KEY_PARAM 0x40000
|
|
||||||
|
|
||||||
const ASN1_OBJECT *CMS_get0_type(CMS_ContentInfo *cms);
|
|
||||||
|
|
||||||
BIO *CMS_dataInit(CMS_ContentInfo *cms, BIO *icont);
|
|
||||||
int CMS_dataFinal(CMS_ContentInfo *cms, BIO *bio);
|
|
||||||
|
|
||||||
ASN1_OCTET_STRING **CMS_get0_content(CMS_ContentInfo *cms);
|
|
||||||
int CMS_is_detached(CMS_ContentInfo *cms);
|
|
||||||
int CMS_set_detached(CMS_ContentInfo *cms, int detached);
|
|
||||||
|
|
||||||
# ifdef HEADER_PEM_H
|
|
||||||
DECLARE_PEM_rw_const(CMS, CMS_ContentInfo)
|
|
||||||
# endif
|
|
||||||
int CMS_stream(unsigned char ***boundary, CMS_ContentInfo *cms);
|
|
||||||
CMS_ContentInfo *d2i_CMS_bio(BIO *bp, CMS_ContentInfo **cms);
|
|
||||||
int i2d_CMS_bio(BIO *bp, CMS_ContentInfo *cms);
|
|
||||||
|
|
||||||
BIO *BIO_new_CMS(BIO *out, CMS_ContentInfo *cms);
|
|
||||||
int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags);
|
|
||||||
int PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *in,
|
|
||||||
int flags);
|
|
||||||
CMS_ContentInfo *SMIME_read_CMS(BIO *bio, BIO **bcont);
|
|
||||||
int SMIME_write_CMS(BIO *bio, CMS_ContentInfo *cms, BIO *data, int flags);
|
|
||||||
|
|
||||||
int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont,
|
|
||||||
unsigned int flags);
|
|
||||||
|
|
||||||
CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey,
|
|
||||||
STACK_OF(X509) *certs, BIO *data,
|
|
||||||
unsigned int flags);
|
|
||||||
|
|
||||||
CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
|
|
||||||
X509 *signcert, EVP_PKEY *pkey,
|
|
||||||
STACK_OF(X509) *certs, unsigned int flags);
|
|
||||||
|
|
||||||
int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags);
|
|
||||||
CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags);
|
|
||||||
|
|
||||||
int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
|
|
||||||
unsigned int flags);
|
|
||||||
CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md,
|
|
||||||
unsigned int flags);
|
|
||||||
|
|
||||||
int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms,
|
|
||||||
const unsigned char *key, size_t keylen,
|
|
||||||
BIO *dcont, BIO *out, unsigned int flags);
|
|
||||||
|
|
||||||
CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
|
|
||||||
const unsigned char *key,
|
|
||||||
size_t keylen, unsigned int flags);
|
|
||||||
|
|
||||||
int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph,
|
|
||||||
const unsigned char *key, size_t keylen);
|
|
||||||
|
|
||||||
int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
|
|
||||||
X509_STORE *store, BIO *dcont, BIO *out, unsigned int flags);
|
|
||||||
|
|
||||||
int CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms,
|
|
||||||
STACK_OF(X509) *certs,
|
|
||||||
X509_STORE *store, unsigned int flags);
|
|
||||||
|
|
||||||
STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms);
|
|
||||||
|
|
||||||
CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in,
|
|
||||||
const EVP_CIPHER *cipher, unsigned int flags);
|
|
||||||
|
|
||||||
int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pkey, X509 *cert,
|
|
||||||
BIO *dcont, BIO *out, unsigned int flags);
|
|
||||||
|
|
||||||
int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert);
|
|
||||||
int CMS_decrypt_set1_key(CMS_ContentInfo *cms,
|
|
||||||
unsigned char *key, size_t keylen,
|
|
||||||
unsigned char *id, size_t idlen);
|
|
||||||
int CMS_decrypt_set1_password(CMS_ContentInfo *cms,
|
|
||||||
unsigned char *pass, ossl_ssize_t passlen);
|
|
||||||
|
|
||||||
STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
|
|
||||||
int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
|
|
||||||
EVP_PKEY_CTX *CMS_RecipientInfo_get0_pkey_ctx(CMS_RecipientInfo *ri);
|
|
||||||
CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher);
|
|
||||||
CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms,
|
|
||||||
X509 *recip, unsigned int flags);
|
|
||||||
int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey);
|
|
||||||
int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert);
|
|
||||||
int CMS_RecipientInfo_ktri_get0_algs(CMS_RecipientInfo *ri,
|
|
||||||
EVP_PKEY **pk, X509 **recip,
|
|
||||||
X509_ALGOR **palg);
|
|
||||||
int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri,
|
|
||||||
ASN1_OCTET_STRING **keyid,
|
|
||||||
X509_NAME **issuer,
|
|
||||||
ASN1_INTEGER **sno);
|
|
||||||
|
|
||||||
CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid,
|
|
||||||
unsigned char *key, size_t keylen,
|
|
||||||
unsigned char *id, size_t idlen,
|
|
||||||
ASN1_GENERALIZEDTIME *date,
|
|
||||||
ASN1_OBJECT *otherTypeId,
|
|
||||||
ASN1_TYPE *otherType);
|
|
||||||
|
|
||||||
int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri,
|
|
||||||
X509_ALGOR **palg,
|
|
||||||
ASN1_OCTET_STRING **pid,
|
|
||||||
ASN1_GENERALIZEDTIME **pdate,
|
|
||||||
ASN1_OBJECT **potherid,
|
|
||||||
ASN1_TYPE **pothertype);
|
|
||||||
|
|
||||||
int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri,
|
|
||||||
unsigned char *key, size_t keylen);
|
|
||||||
|
|
||||||
int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri,
|
|
||||||
const unsigned char *id, size_t idlen);
|
|
||||||
|
|
||||||
int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri,
|
|
||||||
unsigned char *pass,
|
|
||||||
ossl_ssize_t passlen);
|
|
||||||
|
|
||||||
CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
|
|
||||||
int iter, int wrap_nid,
|
|
||||||
int pbe_nid,
|
|
||||||
unsigned char *pass,
|
|
||||||
ossl_ssize_t passlen,
|
|
||||||
const EVP_CIPHER *kekciph);
|
|
||||||
|
|
||||||
int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
|
|
||||||
int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
|
|
||||||
|
|
||||||
int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
|
|
||||||
unsigned int flags);
|
|
||||||
CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags);
|
|
||||||
|
|
||||||
int CMS_set1_eContentType(CMS_ContentInfo *cms, const ASN1_OBJECT *oid);
|
|
||||||
const ASN1_OBJECT *CMS_get0_eContentType(CMS_ContentInfo *cms);
|
|
||||||
|
|
||||||
CMS_CertificateChoices *CMS_add0_CertificateChoices(CMS_ContentInfo *cms);
|
|
||||||
int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert);
|
|
||||||
int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert);
|
|
||||||
STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms);
|
|
||||||
|
|
||||||
CMS_RevocationInfoChoice *CMS_add0_RevocationInfoChoice(CMS_ContentInfo *cms);
|
|
||||||
int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl);
|
|
||||||
int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl);
|
|
||||||
STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms);
|
|
||||||
|
|
||||||
int CMS_SignedData_init(CMS_ContentInfo *cms);
|
|
||||||
CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
|
|
||||||
X509 *signer, EVP_PKEY *pk, const EVP_MD *md,
|
|
||||||
unsigned int flags);
|
|
||||||
EVP_PKEY_CTX *CMS_SignerInfo_get0_pkey_ctx(CMS_SignerInfo *si);
|
|
||||||
EVP_MD_CTX *CMS_SignerInfo_get0_md_ctx(CMS_SignerInfo *si);
|
|
||||||
STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms);
|
|
||||||
|
|
||||||
void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer);
|
|
||||||
int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si,
|
|
||||||
ASN1_OCTET_STRING **keyid,
|
|
||||||
X509_NAME **issuer, ASN1_INTEGER **sno);
|
|
||||||
int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert);
|
|
||||||
int CMS_set1_signers_certs(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
|
|
||||||
unsigned int flags);
|
|
||||||
void CMS_SignerInfo_get0_algs(CMS_SignerInfo *si, EVP_PKEY **pk,
|
|
||||||
X509 **signer, X509_ALGOR **pdig,
|
|
||||||
X509_ALGOR **psig);
|
|
||||||
ASN1_OCTET_STRING *CMS_SignerInfo_get0_signature(CMS_SignerInfo *si);
|
|
||||||
int CMS_SignerInfo_sign(CMS_SignerInfo *si);
|
|
||||||
int CMS_SignerInfo_verify(CMS_SignerInfo *si);
|
|
||||||
int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain);
|
|
||||||
|
|
||||||
int CMS_add_smimecap(CMS_SignerInfo *si, STACK_OF(X509_ALGOR) *algs);
|
|
||||||
int CMS_add_simple_smimecap(STACK_OF(X509_ALGOR) **algs,
|
|
||||||
int algnid, int keysize);
|
|
||||||
int CMS_add_standard_smimecap(STACK_OF(X509_ALGOR) **smcap);
|
|
||||||
|
|
||||||
int CMS_signed_get_attr_count(const CMS_SignerInfo *si);
|
|
||||||
int CMS_signed_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
|
|
||||||
int lastpos);
|
|
||||||
int CMS_signed_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
|
|
||||||
int lastpos);
|
|
||||||
X509_ATTRIBUTE *CMS_signed_get_attr(const CMS_SignerInfo *si, int loc);
|
|
||||||
X509_ATTRIBUTE *CMS_signed_delete_attr(CMS_SignerInfo *si, int loc);
|
|
||||||
int CMS_signed_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr);
|
|
||||||
int CMS_signed_add1_attr_by_OBJ(CMS_SignerInfo *si,
|
|
||||||
const ASN1_OBJECT *obj, int type,
|
|
||||||
const void *bytes, int len);
|
|
||||||
int CMS_signed_add1_attr_by_NID(CMS_SignerInfo *si,
|
|
||||||
int nid, int type,
|
|
||||||
const void *bytes, int len);
|
|
||||||
int CMS_signed_add1_attr_by_txt(CMS_SignerInfo *si,
|
|
||||||
const char *attrname, int type,
|
|
||||||
const void *bytes, int len);
|
|
||||||
void *CMS_signed_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
|
|
||||||
int lastpos, int type);
|
|
||||||
|
|
||||||
int CMS_unsigned_get_attr_count(const CMS_SignerInfo *si);
|
|
||||||
int CMS_unsigned_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
|
|
||||||
int lastpos);
|
|
||||||
int CMS_unsigned_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
|
|
||||||
int lastpos);
|
|
||||||
X509_ATTRIBUTE *CMS_unsigned_get_attr(const CMS_SignerInfo *si, int loc);
|
|
||||||
X509_ATTRIBUTE *CMS_unsigned_delete_attr(CMS_SignerInfo *si, int loc);
|
|
||||||
int CMS_unsigned_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr);
|
|
||||||
int CMS_unsigned_add1_attr_by_OBJ(CMS_SignerInfo *si,
|
|
||||||
const ASN1_OBJECT *obj, int type,
|
|
||||||
const void *bytes, int len);
|
|
||||||
int CMS_unsigned_add1_attr_by_NID(CMS_SignerInfo *si,
|
|
||||||
int nid, int type,
|
|
||||||
const void *bytes, int len);
|
|
||||||
int CMS_unsigned_add1_attr_by_txt(CMS_SignerInfo *si,
|
|
||||||
const char *attrname, int type,
|
|
||||||
const void *bytes, int len);
|
|
||||||
void *CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
|
|
||||||
int lastpos, int type);
|
|
||||||
|
|
||||||
# ifdef HEADER_X509V3_H
|
|
||||||
|
|
||||||
int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr);
|
|
||||||
CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
|
|
||||||
int allorfirst,
|
|
||||||
STACK_OF(GENERAL_NAMES)
|
|
||||||
*receiptList, STACK_OF(GENERAL_NAMES)
|
|
||||||
*receiptsTo);
|
|
||||||
int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr);
|
|
||||||
void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr,
|
|
||||||
ASN1_STRING **pcid,
|
|
||||||
int *pallorfirst,
|
|
||||||
STACK_OF(GENERAL_NAMES) **plist,
|
|
||||||
STACK_OF(GENERAL_NAMES) **prto);
|
|
||||||
# endif
|
|
||||||
int CMS_RecipientInfo_kari_get0_alg(CMS_RecipientInfo *ri,
|
|
||||||
X509_ALGOR **palg,
|
|
||||||
ASN1_OCTET_STRING **pukm);
|
|
||||||
STACK_OF(CMS_RecipientEncryptedKey)
|
|
||||||
*CMS_RecipientInfo_kari_get0_reks(CMS_RecipientInfo *ri);
|
|
||||||
|
|
||||||
int CMS_RecipientInfo_kari_get0_orig_id(CMS_RecipientInfo *ri,
|
|
||||||
X509_ALGOR **pubalg,
|
|
||||||
ASN1_BIT_STRING **pubkey,
|
|
||||||
ASN1_OCTET_STRING **keyid,
|
|
||||||
X509_NAME **issuer,
|
|
||||||
ASN1_INTEGER **sno);
|
|
||||||
|
|
||||||
int CMS_RecipientInfo_kari_orig_id_cmp(CMS_RecipientInfo *ri, X509 *cert);
|
|
||||||
|
|
||||||
int CMS_RecipientEncryptedKey_get0_id(CMS_RecipientEncryptedKey *rek,
|
|
||||||
ASN1_OCTET_STRING **keyid,
|
|
||||||
ASN1_GENERALIZEDTIME **tm,
|
|
||||||
CMS_OtherKeyAttribute **other,
|
|
||||||
X509_NAME **issuer, ASN1_INTEGER **sno);
|
|
||||||
int CMS_RecipientEncryptedKey_cert_cmp(CMS_RecipientEncryptedKey *rek,
|
|
||||||
X509 *cert);
|
|
||||||
int CMS_RecipientInfo_kari_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pk);
|
|
||||||
EVP_CIPHER_CTX *CMS_RecipientInfo_kari_get0_ctx(CMS_RecipientInfo *ri);
|
|
||||||
int CMS_RecipientInfo_kari_decrypt(CMS_ContentInfo *cms,
|
|
||||||
CMS_RecipientInfo *ri,
|
|
||||||
CMS_RecipientEncryptedKey *rek);
|
|
||||||
|
|
||||||
int CMS_SharedInfo_encode(unsigned char **pder, X509_ALGOR *kekalg,
|
|
||||||
ASN1_OCTET_STRING *ukm, int keylen);
|
|
||||||
|
|
||||||
/* BEGIN ERROR CODES */
|
|
||||||
/*
|
|
||||||
* The following lines are auto generated by the script mkerr.pl. Any changes
|
|
||||||
* made after this point may be overwritten when the script is next run.
|
|
||||||
*/
|
|
||||||
void ERR_load_CMS_strings(void);
|
|
||||||
|
|
||||||
/* Error codes for the CMS functions. */
|
|
||||||
|
|
||||||
/* Function codes. */
|
|
||||||
# define CMS_F_CHECK_CONTENT 99
|
|
||||||
# define CMS_F_CMS_ADD0_CERT 164
|
|
||||||
# define CMS_F_CMS_ADD0_RECIPIENT_KEY 100
|
|
||||||
# define CMS_F_CMS_ADD0_RECIPIENT_PASSWORD 165
|
|
||||||
# define CMS_F_CMS_ADD1_RECEIPTREQUEST 158
|
|
||||||
# define CMS_F_CMS_ADD1_RECIPIENT_CERT 101
|
|
||||||
# define CMS_F_CMS_ADD1_SIGNER 102
|
|
||||||
# define CMS_F_CMS_ADD1_SIGNINGTIME 103
|
|
||||||
# define CMS_F_CMS_COMPRESS 104
|
|
||||||
# define CMS_F_CMS_COMPRESSEDDATA_CREATE 105
|
|
||||||
# define CMS_F_CMS_COMPRESSEDDATA_INIT_BIO 106
|
|
||||||
# define CMS_F_CMS_COPY_CONTENT 107
|
|
||||||
# define CMS_F_CMS_COPY_MESSAGEDIGEST 108
|
|
||||||
# define CMS_F_CMS_DATA 109
|
|
||||||
# define CMS_F_CMS_DATAFINAL 110
|
|
||||||
# define CMS_F_CMS_DATAINIT 111
|
|
||||||
# define CMS_F_CMS_DECRYPT 112
|
|
||||||
# define CMS_F_CMS_DECRYPT_SET1_KEY 113
|
|
||||||
# define CMS_F_CMS_DECRYPT_SET1_PASSWORD 166
|
|
||||||
# define CMS_F_CMS_DECRYPT_SET1_PKEY 114
|
|
||||||
# define CMS_F_CMS_DIGESTALGORITHM_FIND_CTX 115
|
|
||||||
# define CMS_F_CMS_DIGESTALGORITHM_INIT_BIO 116
|
|
||||||
# define CMS_F_CMS_DIGESTEDDATA_DO_FINAL 117
|
|
||||||
# define CMS_F_CMS_DIGEST_VERIFY 118
|
|
||||||
# define CMS_F_CMS_ENCODE_RECEIPT 161
|
|
||||||
# define CMS_F_CMS_ENCRYPT 119
|
|
||||||
# define CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO 120
|
|
||||||
# define CMS_F_CMS_ENCRYPTEDDATA_DECRYPT 121
|
|
||||||
# define CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT 122
|
|
||||||
# define CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY 123
|
|
||||||
# define CMS_F_CMS_ENVELOPEDDATA_CREATE 124
|
|
||||||
# define CMS_F_CMS_ENVELOPEDDATA_INIT_BIO 125
|
|
||||||
# define CMS_F_CMS_ENVELOPED_DATA_INIT 126
|
|
||||||
# define CMS_F_CMS_ENV_ASN1_CTRL 171
|
|
||||||
# define CMS_F_CMS_FINAL 127
|
|
||||||
# define CMS_F_CMS_GET0_CERTIFICATE_CHOICES 128
|
|
||||||
# define CMS_F_CMS_GET0_CONTENT 129
|
|
||||||
# define CMS_F_CMS_GET0_ECONTENT_TYPE 130
|
|
||||||
# define CMS_F_CMS_GET0_ENVELOPED 131
|
|
||||||
# define CMS_F_CMS_GET0_REVOCATION_CHOICES 132
|
|
||||||
# define CMS_F_CMS_GET0_SIGNED 133
|
|
||||||
# define CMS_F_CMS_MSGSIGDIGEST_ADD1 162
|
|
||||||
# define CMS_F_CMS_RECEIPTREQUEST_CREATE0 159
|
|
||||||
# define CMS_F_CMS_RECEIPT_VERIFY 160
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_DECRYPT 134
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_ENCRYPT 169
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT 178
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG 175
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID 173
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_REKS 172
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_KARI_ORIG_ID_CMP 174
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT 135
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT 136
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID 137
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP 138
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP 139
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT 140
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT 141
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS 142
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID 143
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT 167
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_SET0_KEY 144
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD 168
|
|
||||||
# define CMS_F_CMS_RECIPIENTINFO_SET0_PKEY 145
|
|
||||||
# define CMS_F_CMS_SD_ASN1_CTRL 170
|
|
||||||
# define CMS_F_CMS_SET1_IAS 176
|
|
||||||
# define CMS_F_CMS_SET1_KEYID 177
|
|
||||||
# define CMS_F_CMS_SET1_SIGNERIDENTIFIER 146
|
|
||||||
# define CMS_F_CMS_SET_DETACHED 147
|
|
||||||
# define CMS_F_CMS_SIGN 148
|
|
||||||
# define CMS_F_CMS_SIGNED_DATA_INIT 149
|
|
||||||
# define CMS_F_CMS_SIGNERINFO_CONTENT_SIGN 150
|
|
||||||
# define CMS_F_CMS_SIGNERINFO_SIGN 151
|
|
||||||
# define CMS_F_CMS_SIGNERINFO_VERIFY 152
|
|
||||||
# define CMS_F_CMS_SIGNERINFO_VERIFY_CERT 153
|
|
||||||
# define CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT 154
|
|
||||||
# define CMS_F_CMS_SIGN_RECEIPT 163
|
|
||||||
# define CMS_F_CMS_STREAM 155
|
|
||||||
# define CMS_F_CMS_UNCOMPRESS 156
|
|
||||||
# define CMS_F_CMS_VERIFY 157
|
|
||||||
|
|
||||||
/* Reason codes. */
|
|
||||||
# define CMS_R_ADD_SIGNER_ERROR 99
|
|
||||||
# define CMS_R_CERTIFICATE_ALREADY_PRESENT 175
|
|
||||||
# define CMS_R_CERTIFICATE_HAS_NO_KEYID 160
|
|
||||||
# define CMS_R_CERTIFICATE_VERIFY_ERROR 100
|
|
||||||
# define CMS_R_CIPHER_INITIALISATION_ERROR 101
|
|
||||||
# define CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR 102
|
|
||||||
# define CMS_R_CMS_DATAFINAL_ERROR 103
|
|
||||||
# define CMS_R_CMS_LIB 104
|
|
||||||
# define CMS_R_CONTENTIDENTIFIER_MISMATCH 170
|
|
||||||
# define CMS_R_CONTENT_NOT_FOUND 105
|
|
||||||
# define CMS_R_CONTENT_TYPE_MISMATCH 171
|
|
||||||
# define CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA 106
|
|
||||||
# define CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA 107
|
|
||||||
# define CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA 108
|
|
||||||
# define CMS_R_CONTENT_VERIFY_ERROR 109
|
|
||||||
# define CMS_R_CTRL_ERROR 110
|
|
||||||
# define CMS_R_CTRL_FAILURE 111
|
|
||||||
# define CMS_R_DECRYPT_ERROR 112
|
|
||||||
# define CMS_R_DIGEST_ERROR 161
|
|
||||||
# define CMS_R_ERROR_GETTING_PUBLIC_KEY 113
|
|
||||||
# define CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE 114
|
|
||||||
# define CMS_R_ERROR_SETTING_KEY 115
|
|
||||||
# define CMS_R_ERROR_SETTING_RECIPIENTINFO 116
|
|
||||||
# define CMS_R_INVALID_ENCRYPTED_KEY_LENGTH 117
|
|
||||||
# define CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER 176
|
|
||||||
# define CMS_R_INVALID_KEY_LENGTH 118
|
|
||||||
# define CMS_R_MD_BIO_INIT_ERROR 119
|
|
||||||
# define CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH 120
|
|
||||||
# define CMS_R_MESSAGEDIGEST_WRONG_LENGTH 121
|
|
||||||
# define CMS_R_MSGSIGDIGEST_ERROR 172
|
|
||||||
# define CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE 162
|
|
||||||
# define CMS_R_MSGSIGDIGEST_WRONG_LENGTH 163
|
|
||||||
# define CMS_R_NEED_ONE_SIGNER 164
|
|
||||||
# define CMS_R_NOT_A_SIGNED_RECEIPT 165
|
|
||||||
# define CMS_R_NOT_ENCRYPTED_DATA 122
|
|
||||||
# define CMS_R_NOT_KEK 123
|
|
||||||
# define CMS_R_NOT_KEY_AGREEMENT 181
|
|
||||||
# define CMS_R_NOT_KEY_TRANSPORT 124
|
|
||||||
# define CMS_R_NOT_PWRI 177
|
|
||||||
# define CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 125
|
|
||||||
# define CMS_R_NO_CIPHER 126
|
|
||||||
# define CMS_R_NO_CONTENT 127
|
|
||||||
# define CMS_R_NO_CONTENT_TYPE 173
|
|
||||||
# define CMS_R_NO_DEFAULT_DIGEST 128
|
|
||||||
# define CMS_R_NO_DIGEST_SET 129
|
|
||||||
# define CMS_R_NO_KEY 130
|
|
||||||
# define CMS_R_NO_KEY_OR_CERT 174
|
|
||||||
# define CMS_R_NO_MATCHING_DIGEST 131
|
|
||||||
# define CMS_R_NO_MATCHING_RECIPIENT 132
|
|
||||||
# define CMS_R_NO_MATCHING_SIGNATURE 166
|
|
||||||
# define CMS_R_NO_MSGSIGDIGEST 167
|
|
||||||
# define CMS_R_NO_PASSWORD 178
|
|
||||||
# define CMS_R_NO_PRIVATE_KEY 133
|
|
||||||
# define CMS_R_NO_PUBLIC_KEY 134
|
|
||||||
# define CMS_R_NO_RECEIPT_REQUEST 168
|
|
||||||
# define CMS_R_NO_SIGNERS 135
|
|
||||||
# define CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 136
|
|
||||||
# define CMS_R_RECEIPT_DECODE_ERROR 169
|
|
||||||
# define CMS_R_RECIPIENT_ERROR 137
|
|
||||||
# define CMS_R_SIGNER_CERTIFICATE_NOT_FOUND 138
|
|
||||||
# define CMS_R_SIGNFINAL_ERROR 139
|
|
||||||
# define CMS_R_SMIME_TEXT_ERROR 140
|
|
||||||
# define CMS_R_STORE_INIT_ERROR 141
|
|
||||||
# define CMS_R_TYPE_NOT_COMPRESSED_DATA 142
|
|
||||||
# define CMS_R_TYPE_NOT_DATA 143
|
|
||||||
# define CMS_R_TYPE_NOT_DIGESTED_DATA 144
|
|
||||||
# define CMS_R_TYPE_NOT_ENCRYPTED_DATA 145
|
|
||||||
# define CMS_R_TYPE_NOT_ENVELOPED_DATA 146
|
|
||||||
# define CMS_R_UNABLE_TO_FINALIZE_CONTEXT 147
|
|
||||||
# define CMS_R_UNKNOWN_CIPHER 148
|
|
||||||
# define CMS_R_UNKNOWN_DIGEST_ALGORIHM 149
|
|
||||||
# define CMS_R_UNKNOWN_ID 150
|
|
||||||
# define CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM 151
|
|
||||||
# define CMS_R_UNSUPPORTED_CONTENT_TYPE 152
|
|
||||||
# define CMS_R_UNSUPPORTED_KEK_ALGORITHM 153
|
|
||||||
# define CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM 179
|
|
||||||
# define CMS_R_UNSUPPORTED_RECIPIENT_TYPE 154
|
|
||||||
# define CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE 155
|
|
||||||
# define CMS_R_UNSUPPORTED_TYPE 156
|
|
||||||
# define CMS_R_UNWRAP_ERROR 157
|
|
||||||
# define CMS_R_UNWRAP_FAILURE 180
|
|
||||||
# define CMS_R_VERIFICATION_FAILURE 158
|
|
||||||
# define CMS_R_WRAP_ERROR 159
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#endif
|
|
|
@ -1,267 +0,0 @@
|
||||||
/* crypto/conf/conf.h */
|
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
|
||||||
* All rights reserved.
|
|
||||||
*
|
|
||||||
* This package is an SSL implementation written
|
|
||||||
* by Eric Young (eay@cryptsoft.com).
|
|
||||||
* The implementation was written so as to conform with Netscapes SSL.
|
|
||||||
*
|
|
||||||
* This library is free for commercial and non-commercial use as long as
|
|
||||||
* the following conditions are aheared to. The following conditions
|
|
||||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
||||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
||||||
* included with this distribution is covered by the same copyright terms
|
|
||||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
||||||
* the code are not to be removed.
|
|
||||||
* If this package is used in a product, Eric Young should be given attribution
|
|
||||||
* as the author of the parts of the library used.
|
|
||||||
* This can be in the form of a textual message at program startup or
|
|
||||||
* in documentation (online or textual) provided with the package.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. All advertising materials mentioning features or use of this software
|
|
||||||
* must display the following acknowledgement:
|
|
||||||
* "This product includes cryptographic software written by
|
|
||||||
* Eric Young (eay@cryptsoft.com)"
|
|
||||||
* The word 'cryptographic' can be left out if the rouines from the library
|
|
||||||
* being used are not cryptographic related :-).
|
|
||||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
||||||
* the apps directory (application code) you must include an acknowledgement:
|
|
||||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
||||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
||||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
||||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
* SUCH DAMAGE.
|
|
||||||
*
|
|
||||||
* The licence and distribution terms for any publically available version or
|
|
||||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
||||||
* copied and put under another distribution licence
|
|
||||||
* [including the GNU Public Licence.]
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_CONF_H
|
|
||||||
# define HEADER_CONF_H
|
|
||||||
|
|
||||||
# include <openssl/bio.h>
|
|
||||||
# include <openssl/lhash.h>
|
|
||||||
# include <openssl/stack.h>
|
|
||||||
# include <openssl/safestack.h>
|
|
||||||
# include <openssl/e_os2.h>
|
|
||||||
|
|
||||||
# include <openssl/ossl_typ.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
typedef struct {
|
|
||||||
char *section;
|
|
||||||
char *name;
|
|
||||||
char *value;
|
|
||||||
} CONF_VALUE;
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(CONF_VALUE)
|
|
||||||
DECLARE_LHASH_OF(CONF_VALUE);
|
|
||||||
|
|
||||||
struct conf_st;
|
|
||||||
struct conf_method_st;
|
|
||||||
typedef struct conf_method_st CONF_METHOD;
|
|
||||||
|
|
||||||
struct conf_method_st {
|
|
||||||
const char *name;
|
|
||||||
CONF *(*create) (CONF_METHOD *meth);
|
|
||||||
int (*init) (CONF *conf);
|
|
||||||
int (*destroy) (CONF *conf);
|
|
||||||
int (*destroy_data) (CONF *conf);
|
|
||||||
int (*load_bio) (CONF *conf, BIO *bp, long *eline);
|
|
||||||
int (*dump) (const CONF *conf, BIO *bp);
|
|
||||||
int (*is_number) (const CONF *conf, char c);
|
|
||||||
int (*to_int) (const CONF *conf, char c);
|
|
||||||
int (*load) (CONF *conf, const char *name, long *eline);
|
|
||||||
};
|
|
||||||
|
|
||||||
/* Module definitions */
|
|
||||||
|
|
||||||
typedef struct conf_imodule_st CONF_IMODULE;
|
|
||||||
typedef struct conf_module_st CONF_MODULE;
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(CONF_MODULE)
|
|
||||||
DECLARE_STACK_OF(CONF_IMODULE)
|
|
||||||
|
|
||||||
/* DSO module function typedefs */
|
|
||||||
typedef int conf_init_func (CONF_IMODULE *md, const CONF *cnf);
|
|
||||||
typedef void conf_finish_func (CONF_IMODULE *md);
|
|
||||||
|
|
||||||
# define CONF_MFLAGS_IGNORE_ERRORS 0x1
|
|
||||||
# define CONF_MFLAGS_IGNORE_RETURN_CODES 0x2
|
|
||||||
# define CONF_MFLAGS_SILENT 0x4
|
|
||||||
# define CONF_MFLAGS_NO_DSO 0x8
|
|
||||||
# define CONF_MFLAGS_IGNORE_MISSING_FILE 0x10
|
|
||||||
# define CONF_MFLAGS_DEFAULT_SECTION 0x20
|
|
||||||
|
|
||||||
int CONF_set_default_method(CONF_METHOD *meth);
|
|
||||||
void CONF_set_nconf(CONF *conf, LHASH_OF(CONF_VALUE) *hash);
|
|
||||||
LHASH_OF(CONF_VALUE) *CONF_load(LHASH_OF(CONF_VALUE) *conf, const char *file,
|
|
||||||
long *eline);
|
|
||||||
# ifndef OPENSSL_NO_FP_API
|
|
||||||
LHASH_OF(CONF_VALUE) *CONF_load_fp(LHASH_OF(CONF_VALUE) *conf, FILE *fp,
|
|
||||||
long *eline);
|
|
||||||
# endif
|
|
||||||
LHASH_OF(CONF_VALUE) *CONF_load_bio(LHASH_OF(CONF_VALUE) *conf, BIO *bp,
|
|
||||||
long *eline);
|
|
||||||
STACK_OF(CONF_VALUE) *CONF_get_section(LHASH_OF(CONF_VALUE) *conf,
|
|
||||||
const char *section);
|
|
||||||
char *CONF_get_string(LHASH_OF(CONF_VALUE) *conf, const char *group,
|
|
||||||
const char *name);
|
|
||||||
long CONF_get_number(LHASH_OF(CONF_VALUE) *conf, const char *group,
|
|
||||||
const char *name);
|
|
||||||
void CONF_free(LHASH_OF(CONF_VALUE) *conf);
|
|
||||||
int CONF_dump_fp(LHASH_OF(CONF_VALUE) *conf, FILE *out);
|
|
||||||
int CONF_dump_bio(LHASH_OF(CONF_VALUE) *conf, BIO *out);
|
|
||||||
|
|
||||||
void OPENSSL_config(const char *config_name);
|
|
||||||
void OPENSSL_no_config(void);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* New conf code. The semantics are different from the functions above. If
|
|
||||||
* that wasn't the case, the above functions would have been replaced
|
|
||||||
*/
|
|
||||||
|
|
||||||
struct conf_st {
|
|
||||||
CONF_METHOD *meth;
|
|
||||||
void *meth_data;
|
|
||||||
LHASH_OF(CONF_VALUE) *data;
|
|
||||||
};
|
|
||||||
|
|
||||||
CONF *NCONF_new(CONF_METHOD *meth);
|
|
||||||
CONF_METHOD *NCONF_default(void);
|
|
||||||
CONF_METHOD *NCONF_WIN32(void);
|
|
||||||
# if 0 /* Just to give you an idea of what I have in
|
|
||||||
* mind */
|
|
||||||
CONF_METHOD *NCONF_XML(void);
|
|
||||||
# endif
|
|
||||||
void NCONF_free(CONF *conf);
|
|
||||||
void NCONF_free_data(CONF *conf);
|
|
||||||
|
|
||||||
int NCONF_load(CONF *conf, const char *file, long *eline);
|
|
||||||
# ifndef OPENSSL_NO_FP_API
|
|
||||||
int NCONF_load_fp(CONF *conf, FILE *fp, long *eline);
|
|
||||||
# endif
|
|
||||||
int NCONF_load_bio(CONF *conf, BIO *bp, long *eline);
|
|
||||||
STACK_OF(CONF_VALUE) *NCONF_get_section(const CONF *conf,
|
|
||||||
const char *section);
|
|
||||||
char *NCONF_get_string(const CONF *conf, const char *group, const char *name);
|
|
||||||
int NCONF_get_number_e(const CONF *conf, const char *group, const char *name,
|
|
||||||
long *result);
|
|
||||||
int NCONF_dump_fp(const CONF *conf, FILE *out);
|
|
||||||
int NCONF_dump_bio(const CONF *conf, BIO *out);
|
|
||||||
|
|
||||||
# if 0 /* The following function has no error
|
|
||||||
* checking, and should therefore be avoided */
|
|
||||||
long NCONF_get_number(CONF *conf, char *group, char *name);
|
|
||||||
# else
|
|
||||||
# define NCONF_get_number(c,g,n,r) NCONF_get_number_e(c,g,n,r)
|
|
||||||
# endif
|
|
||||||
|
|
||||||
/* Module functions */
|
|
||||||
|
|
||||||
int CONF_modules_load(const CONF *cnf, const char *appname,
|
|
||||||
unsigned long flags);
|
|
||||||
int CONF_modules_load_file(const char *filename, const char *appname,
|
|
||||||
unsigned long flags);
|
|
||||||
void CONF_modules_unload(int all);
|
|
||||||
void CONF_modules_finish(void);
|
|
||||||
void CONF_modules_free(void);
|
|
||||||
int CONF_module_add(const char *name, conf_init_func *ifunc,
|
|
||||||
conf_finish_func *ffunc);
|
|
||||||
|
|
||||||
const char *CONF_imodule_get_name(const CONF_IMODULE *md);
|
|
||||||
const char *CONF_imodule_get_value(const CONF_IMODULE *md);
|
|
||||||
void *CONF_imodule_get_usr_data(const CONF_IMODULE *md);
|
|
||||||
void CONF_imodule_set_usr_data(CONF_IMODULE *md, void *usr_data);
|
|
||||||
CONF_MODULE *CONF_imodule_get_module(const CONF_IMODULE *md);
|
|
||||||
unsigned long CONF_imodule_get_flags(const CONF_IMODULE *md);
|
|
||||||
void CONF_imodule_set_flags(CONF_IMODULE *md, unsigned long flags);
|
|
||||||
void *CONF_module_get_usr_data(CONF_MODULE *pmod);
|
|
||||||
void CONF_module_set_usr_data(CONF_MODULE *pmod, void *usr_data);
|
|
||||||
|
|
||||||
char *CONF_get1_default_config_file(void);
|
|
||||||
|
|
||||||
int CONF_parse_list(const char *list, int sep, int nospc,
|
|
||||||
int (*list_cb) (const char *elem, int len, void *usr),
|
|
||||||
void *arg);
|
|
||||||
|
|
||||||
void OPENSSL_load_builtin_modules(void);
|
|
||||||
|
|
||||||
/* BEGIN ERROR CODES */
|
|
||||||
/*
|
|
||||||
* The following lines are auto generated by the script mkerr.pl. Any changes
|
|
||||||
* made after this point may be overwritten when the script is next run.
|
|
||||||
*/
|
|
||||||
void ERR_load_CONF_strings(void);
|
|
||||||
|
|
||||||
/* Error codes for the CONF functions. */
|
|
||||||
|
|
||||||
/* Function codes. */
|
|
||||||
# define CONF_F_CONF_DUMP_FP 104
|
|
||||||
# define CONF_F_CONF_LOAD 100
|
|
||||||
# define CONF_F_CONF_LOAD_BIO 102
|
|
||||||
# define CONF_F_CONF_LOAD_FP 103
|
|
||||||
# define CONF_F_CONF_MODULES_LOAD 116
|
|
||||||
# define CONF_F_CONF_PARSE_LIST 119
|
|
||||||
# define CONF_F_DEF_LOAD 120
|
|
||||||
# define CONF_F_DEF_LOAD_BIO 121
|
|
||||||
# define CONF_F_MODULE_INIT 115
|
|
||||||
# define CONF_F_MODULE_LOAD_DSO 117
|
|
||||||
# define CONF_F_MODULE_RUN 118
|
|
||||||
# define CONF_F_NCONF_DUMP_BIO 105
|
|
||||||
# define CONF_F_NCONF_DUMP_FP 106
|
|
||||||
# define CONF_F_NCONF_GET_NUMBER 107
|
|
||||||
# define CONF_F_NCONF_GET_NUMBER_E 112
|
|
||||||
# define CONF_F_NCONF_GET_SECTION 108
|
|
||||||
# define CONF_F_NCONF_GET_STRING 109
|
|
||||||
# define CONF_F_NCONF_LOAD 113
|
|
||||||
# define CONF_F_NCONF_LOAD_BIO 110
|
|
||||||
# define CONF_F_NCONF_LOAD_FP 114
|
|
||||||
# define CONF_F_NCONF_NEW 111
|
|
||||||
# define CONF_F_STR_COPY 101
|
|
||||||
|
|
||||||
/* Reason codes. */
|
|
||||||
# define CONF_R_ERROR_LOADING_DSO 110
|
|
||||||
# define CONF_R_LIST_CANNOT_BE_NULL 115
|
|
||||||
# define CONF_R_MISSING_CLOSE_SQUARE_BRACKET 100
|
|
||||||
# define CONF_R_MISSING_EQUAL_SIGN 101
|
|
||||||
# define CONF_R_MISSING_FINISH_FUNCTION 111
|
|
||||||
# define CONF_R_MISSING_INIT_FUNCTION 112
|
|
||||||
# define CONF_R_MODULE_INITIALIZATION_ERROR 109
|
|
||||||
# define CONF_R_NO_CLOSE_BRACE 102
|
|
||||||
# define CONF_R_NO_CONF 105
|
|
||||||
# define CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE 106
|
|
||||||
# define CONF_R_NO_SECTION 107
|
|
||||||
# define CONF_R_NO_SUCH_FILE 114
|
|
||||||
# define CONF_R_NO_VALUE 108
|
|
||||||
# define CONF_R_UNABLE_TO_CREATE_NEW_SECTION 103
|
|
||||||
# define CONF_R_UNKNOWN_MODULE_NAME 113
|
|
||||||
# define CONF_R_VARIABLE_HAS_NO_VALUE 104
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#endif
|
|
|
@ -1,89 +0,0 @@
|
||||||
/* conf_api.h */
|
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
|
||||||
* All rights reserved.
|
|
||||||
*
|
|
||||||
* This package is an SSL implementation written
|
|
||||||
* by Eric Young (eay@cryptsoft.com).
|
|
||||||
* The implementation was written so as to conform with Netscapes SSL.
|
|
||||||
*
|
|
||||||
* This library is free for commercial and non-commercial use as long as
|
|
||||||
* the following conditions are aheared to. The following conditions
|
|
||||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
||||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
||||||
* included with this distribution is covered by the same copyright terms
|
|
||||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
||||||
* the code are not to be removed.
|
|
||||||
* If this package is used in a product, Eric Young should be given attribution
|
|
||||||
* as the author of the parts of the library used.
|
|
||||||
* This can be in the form of a textual message at program startup or
|
|
||||||
* in documentation (online or textual) provided with the package.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. All advertising materials mentioning features or use of this software
|
|
||||||
* must display the following acknowledgement:
|
|
||||||
* "This product includes cryptographic software written by
|
|
||||||
* Eric Young (eay@cryptsoft.com)"
|
|
||||||
* The word 'cryptographic' can be left out if the rouines from the library
|
|
||||||
* being used are not cryptographic related :-).
|
|
||||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
||||||
* the apps directory (application code) you must include an acknowledgement:
|
|
||||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
||||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
||||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
||||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
* SUCH DAMAGE.
|
|
||||||
*
|
|
||||||
* The licence and distribution terms for any publically available version or
|
|
||||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
||||||
* copied and put under another distribution licence
|
|
||||||
* [including the GNU Public Licence.]
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_CONF_API_H
|
|
||||||
# define HEADER_CONF_API_H
|
|
||||||
|
|
||||||
# include <openssl/lhash.h>
|
|
||||||
# include <openssl/conf.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* Up until OpenSSL 0.9.5a, this was new_section */
|
|
||||||
CONF_VALUE *_CONF_new_section(CONF *conf, const char *section);
|
|
||||||
/* Up until OpenSSL 0.9.5a, this was get_section */
|
|
||||||
CONF_VALUE *_CONF_get_section(const CONF *conf, const char *section);
|
|
||||||
/* Up until OpenSSL 0.9.5a, this was CONF_get_section */
|
|
||||||
STACK_OF(CONF_VALUE) *_CONF_get_section_values(const CONF *conf,
|
|
||||||
const char *section);
|
|
||||||
|
|
||||||
int _CONF_add_string(CONF *conf, CONF_VALUE *section, CONF_VALUE *value);
|
|
||||||
char *_CONF_get_string(const CONF *conf, const char *section,
|
|
||||||
const char *name);
|
|
||||||
long _CONF_get_number(const CONF *conf, const char *section,
|
|
||||||
const char *name);
|
|
||||||
|
|
||||||
int _CONF_new_data(CONF *conf);
|
|
||||||
void _CONF_free_data(CONF *conf);
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#endif
|
|
|
@ -1,257 +0,0 @@
|
||||||
/* crypto/des/des.h */
|
|
||||||
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
|
|
||||||
* All rights reserved.
|
|
||||||
*
|
|
||||||
* This package is an SSL implementation written
|
|
||||||
* by Eric Young (eay@cryptsoft.com).
|
|
||||||
* The implementation was written so as to conform with Netscapes SSL.
|
|
||||||
*
|
|
||||||
* This library is free for commercial and non-commercial use as long as
|
|
||||||
* the following conditions are aheared to. The following conditions
|
|
||||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
||||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
||||||
* included with this distribution is covered by the same copyright terms
|
|
||||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
||||||
* the code are not to be removed.
|
|
||||||
* If this package is used in a product, Eric Young should be given attribution
|
|
||||||
* as the author of the parts of the library used.
|
|
||||||
* This can be in the form of a textual message at program startup or
|
|
||||||
* in documentation (online or textual) provided with the package.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. All advertising materials mentioning features or use of this software
|
|
||||||
* must display the following acknowledgement:
|
|
||||||
* "This product includes cryptographic software written by
|
|
||||||
* Eric Young (eay@cryptsoft.com)"
|
|
||||||
* The word 'cryptographic' can be left out if the rouines from the library
|
|
||||||
* being used are not cryptographic related :-).
|
|
||||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
||||||
* the apps directory (application code) you must include an acknowledgement:
|
|
||||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
||||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
||||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
||||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
* SUCH DAMAGE.
|
|
||||||
*
|
|
||||||
* The licence and distribution terms for any publically available version or
|
|
||||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
||||||
* copied and put under another distribution licence
|
|
||||||
* [including the GNU Public Licence.]
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_NEW_DES_H
|
|
||||||
# define HEADER_NEW_DES_H
|
|
||||||
|
|
||||||
# include <openssl/e_os2.h> /* OPENSSL_EXTERN, OPENSSL_NO_DES, DES_LONG
|
|
||||||
* (via openssl/opensslconf.h */
|
|
||||||
|
|
||||||
# ifdef OPENSSL_NO_DES
|
|
||||||
# error DES is disabled.
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# ifdef OPENSSL_BUILD_SHLIBCRYPTO
|
|
||||||
# undef OPENSSL_EXTERN
|
|
||||||
# define OPENSSL_EXTERN OPENSSL_EXPORT
|
|
||||||
# endif
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
typedef unsigned char DES_cblock[8];
|
|
||||||
typedef /* const */ unsigned char const_DES_cblock[8];
|
|
||||||
/*
|
|
||||||
* With "const", gcc 2.8.1 on Solaris thinks that DES_cblock * and
|
|
||||||
* const_DES_cblock * are incompatible pointer types.
|
|
||||||
*/
|
|
||||||
|
|
||||||
typedef struct DES_ks {
|
|
||||||
union {
|
|
||||||
DES_cblock cblock;
|
|
||||||
/*
|
|
||||||
* make sure things are correct size on machines with 8 byte longs
|
|
||||||
*/
|
|
||||||
DES_LONG deslong[2];
|
|
||||||
} ks[16];
|
|
||||||
} DES_key_schedule;
|
|
||||||
|
|
||||||
# ifndef OPENSSL_DISABLE_OLD_DES_SUPPORT
|
|
||||||
# ifndef OPENSSL_ENABLE_OLD_DES_SUPPORT
|
|
||||||
# define OPENSSL_ENABLE_OLD_DES_SUPPORT
|
|
||||||
# endif
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# ifdef OPENSSL_ENABLE_OLD_DES_SUPPORT
|
|
||||||
# include <openssl/des_old.h>
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# define DES_KEY_SZ (sizeof(DES_cblock))
|
|
||||||
# define DES_SCHEDULE_SZ (sizeof(DES_key_schedule))
|
|
||||||
|
|
||||||
# define DES_ENCRYPT 1
|
|
||||||
# define DES_DECRYPT 0
|
|
||||||
|
|
||||||
# define DES_CBC_MODE 0
|
|
||||||
# define DES_PCBC_MODE 1
|
|
||||||
|
|
||||||
# define DES_ecb2_encrypt(i,o,k1,k2,e) \
|
|
||||||
DES_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
|
|
||||||
|
|
||||||
# define DES_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
|
|
||||||
DES_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
|
|
||||||
|
|
||||||
# define DES_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
|
|
||||||
DES_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
|
|
||||||
|
|
||||||
# define DES_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
|
|
||||||
DES_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
|
|
||||||
|
|
||||||
OPENSSL_DECLARE_GLOBAL(int, DES_check_key); /* defaults to false */
|
|
||||||
# define DES_check_key OPENSSL_GLOBAL_REF(DES_check_key)
|
|
||||||
OPENSSL_DECLARE_GLOBAL(int, DES_rw_mode); /* defaults to DES_PCBC_MODE */
|
|
||||||
# define DES_rw_mode OPENSSL_GLOBAL_REF(DES_rw_mode)
|
|
||||||
|
|
||||||
const char *DES_options(void);
|
|
||||||
void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
|
|
||||||
DES_key_schedule *ks1, DES_key_schedule *ks2,
|
|
||||||
DES_key_schedule *ks3, int enc);
|
|
||||||
DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
|
|
||||||
long length, DES_key_schedule *schedule,
|
|
||||||
const_DES_cblock *ivec);
|
|
||||||
/* DES_cbc_encrypt does not update the IV! Use DES_ncbc_encrypt instead. */
|
|
||||||
void DES_cbc_encrypt(const unsigned char *input, unsigned char *output,
|
|
||||||
long length, DES_key_schedule *schedule,
|
|
||||||
DES_cblock *ivec, int enc);
|
|
||||||
void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
|
|
||||||
long length, DES_key_schedule *schedule,
|
|
||||||
DES_cblock *ivec, int enc);
|
|
||||||
void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
|
|
||||||
long length, DES_key_schedule *schedule,
|
|
||||||
DES_cblock *ivec, const_DES_cblock *inw,
|
|
||||||
const_DES_cblock *outw, int enc);
|
|
||||||
void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
|
|
||||||
long length, DES_key_schedule *schedule,
|
|
||||||
DES_cblock *ivec, int enc);
|
|
||||||
void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
|
|
||||||
DES_key_schedule *ks, int enc);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This is the DES encryption function that gets called by just about every
|
|
||||||
* other DES routine in the library. You should not use this function except
|
|
||||||
* to implement 'modes' of DES. I say this because the functions that call
|
|
||||||
* this routine do the conversion from 'char *' to long, and this needs to be
|
|
||||||
* done to make sure 'non-aligned' memory access do not occur. The
|
|
||||||
* characters are loaded 'little endian'. Data is a pointer to 2 unsigned
|
|
||||||
* long's and ks is the DES_key_schedule to use. enc, is non zero specifies
|
|
||||||
* encryption, zero if decryption.
|
|
||||||
*/
|
|
||||||
void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This functions is the same as DES_encrypt1() except that the DES initial
|
|
||||||
* permutation (IP) and final permutation (FP) have been left out. As for
|
|
||||||
* DES_encrypt1(), you should not use this function. It is used by the
|
|
||||||
* routines in the library that implement triple DES. IP() DES_encrypt2()
|
|
||||||
* DES_encrypt2() DES_encrypt2() FP() is the same as DES_encrypt1()
|
|
||||||
* DES_encrypt1() DES_encrypt1() except faster :-).
|
|
||||||
*/
|
|
||||||
void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks, int enc);
|
|
||||||
|
|
||||||
void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1,
|
|
||||||
DES_key_schedule *ks2, DES_key_schedule *ks3);
|
|
||||||
void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1,
|
|
||||||
DES_key_schedule *ks2, DES_key_schedule *ks3);
|
|
||||||
void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
|
|
||||||
long length,
|
|
||||||
DES_key_schedule *ks1, DES_key_schedule *ks2,
|
|
||||||
DES_key_schedule *ks3, DES_cblock *ivec, int enc);
|
|
||||||
void DES_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
long length,
|
|
||||||
DES_key_schedule *ks1, DES_key_schedule *ks2,
|
|
||||||
DES_key_schedule *ks3,
|
|
||||||
DES_cblock *ivec1, DES_cblock *ivec2, int enc);
|
|
||||||
void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
long length, DES_key_schedule *ks1,
|
|
||||||
DES_key_schedule *ks2, DES_key_schedule *ks3,
|
|
||||||
DES_cblock *ivec, int *num, int enc);
|
|
||||||
void DES_ede3_cfb_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
int numbits, long length, DES_key_schedule *ks1,
|
|
||||||
DES_key_schedule *ks2, DES_key_schedule *ks3,
|
|
||||||
DES_cblock *ivec, int enc);
|
|
||||||
void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
long length, DES_key_schedule *ks1,
|
|
||||||
DES_key_schedule *ks2, DES_key_schedule *ks3,
|
|
||||||
DES_cblock *ivec, int *num);
|
|
||||||
# if 0
|
|
||||||
void DES_xwhite_in2out(const_DES_cblock *DES_key, const_DES_cblock *in_white,
|
|
||||||
DES_cblock *out_white);
|
|
||||||
# endif
|
|
||||||
|
|
||||||
int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched,
|
|
||||||
DES_cblock *iv);
|
|
||||||
int DES_enc_write(int fd, const void *buf, int len, DES_key_schedule *sched,
|
|
||||||
DES_cblock *iv);
|
|
||||||
char *DES_fcrypt(const char *buf, const char *salt, char *ret);
|
|
||||||
char *DES_crypt(const char *buf, const char *salt);
|
|
||||||
void DES_ofb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
|
|
||||||
long length, DES_key_schedule *schedule,
|
|
||||||
DES_cblock *ivec);
|
|
||||||
void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
|
|
||||||
long length, DES_key_schedule *schedule,
|
|
||||||
DES_cblock *ivec, int enc);
|
|
||||||
DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
|
|
||||||
long length, int out_count, DES_cblock *seed);
|
|
||||||
int DES_random_key(DES_cblock *ret);
|
|
||||||
void DES_set_odd_parity(DES_cblock *key);
|
|
||||||
int DES_check_key_parity(const_DES_cblock *key);
|
|
||||||
int DES_is_weak_key(const_DES_cblock *key);
|
|
||||||
/*
|
|
||||||
* DES_set_key (= set_key = DES_key_sched = key_sched) calls
|
|
||||||
* DES_set_key_checked if global variable DES_check_key is set,
|
|
||||||
* DES_set_key_unchecked otherwise.
|
|
||||||
*/
|
|
||||||
int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
|
|
||||||
int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
|
|
||||||
int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
|
|
||||||
void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
|
|
||||||
# ifdef OPENSSL_FIPS
|
|
||||||
void private_DES_set_key_unchecked(const_DES_cblock *key,
|
|
||||||
DES_key_schedule *schedule);
|
|
||||||
# endif
|
|
||||||
void DES_string_to_key(const char *str, DES_cblock *key);
|
|
||||||
void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
|
|
||||||
void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
long length, DES_key_schedule *schedule,
|
|
||||||
DES_cblock *ivec, int *num, int enc);
|
|
||||||
void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
long length, DES_key_schedule *schedule,
|
|
||||||
DES_cblock *ivec, int *num);
|
|
||||||
|
|
||||||
int DES_read_password(DES_cblock *key, const char *prompt, int verify);
|
|
||||||
int DES_read_2passwords(DES_cblock *key1, DES_cblock *key2,
|
|
||||||
const char *prompt, int verify);
|
|
||||||
|
|
||||||
# define DES_fixup_key_parity DES_set_odd_parity
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif
|
|
|
@ -1,497 +0,0 @@
|
||||||
/* crypto/des/des_old.h -*- mode:C; c-file-style: "eay" -*- */
|
|
||||||
|
|
||||||
/*-
|
|
||||||
* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
|
|
||||||
*
|
|
||||||
* The function names in here are deprecated and are only present to
|
|
||||||
* provide an interface compatible with openssl 0.9.6 and older as
|
|
||||||
* well as libdes. OpenSSL now provides functions where "des_" has
|
|
||||||
* been replaced with "DES_" in the names, to make it possible to
|
|
||||||
* make incompatible changes that are needed for C type security and
|
|
||||||
* other stuff.
|
|
||||||
*
|
|
||||||
* This include files has two compatibility modes:
|
|
||||||
*
|
|
||||||
* - If OPENSSL_DES_LIBDES_COMPATIBILITY is defined, you get an API
|
|
||||||
* that is compatible with libdes and SSLeay.
|
|
||||||
* - If OPENSSL_DES_LIBDES_COMPATIBILITY isn't defined, you get an
|
|
||||||
* API that is compatible with OpenSSL 0.9.5x to 0.9.6x.
|
|
||||||
*
|
|
||||||
* Note that these modes break earlier snapshots of OpenSSL, where
|
|
||||||
* libdes compatibility was the only available mode or (later on) the
|
|
||||||
* prefered compatibility mode. However, after much consideration
|
|
||||||
* (and more or less violent discussions with external parties), it
|
|
||||||
* was concluded that OpenSSL should be compatible with earlier versions
|
|
||||||
* of itself before anything else. Also, in all honesty, libdes is
|
|
||||||
* an old beast that shouldn't really be used any more.
|
|
||||||
*
|
|
||||||
* Please consider starting to use the DES_ functions rather than the
|
|
||||||
* des_ ones. The des_ functions will disappear completely before
|
|
||||||
* OpenSSL 1.0!
|
|
||||||
*
|
|
||||||
* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
|
|
||||||
*/
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
|
|
||||||
* 2001.
|
|
||||||
*/
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
*
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
*
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in
|
|
||||||
* the documentation and/or other materials provided with the
|
|
||||||
* distribution.
|
|
||||||
*
|
|
||||||
* 3. All advertising materials mentioning features or use of this
|
|
||||||
* software must display the following acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
|
||||||
*
|
|
||||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* prior written permission. For written permission, please contact
|
|
||||||
* openssl-core@openssl.org.
|
|
||||||
*
|
|
||||||
* 5. Products derived from this software may not be called "OpenSSL"
|
|
||||||
* nor may "OpenSSL" appear in their names without prior written
|
|
||||||
* permission of the OpenSSL Project.
|
|
||||||
*
|
|
||||||
* 6. Redistributions of any form whatsoever must retain the following
|
|
||||||
* acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
||||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
||||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
||||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
||||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
||||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
||||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
||||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
||||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
* ====================================================================
|
|
||||||
*
|
|
||||||
* This product includes cryptographic software written by Eric Young
|
|
||||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
|
||||||
* Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_DES_H
|
|
||||||
# define HEADER_DES_H
|
|
||||||
|
|
||||||
# include <openssl/e_os2.h> /* OPENSSL_EXTERN, OPENSSL_NO_DES, DES_LONG */
|
|
||||||
|
|
||||||
# ifdef OPENSSL_NO_DES
|
|
||||||
# error DES is disabled.
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# ifndef HEADER_NEW_DES_H
|
|
||||||
# error You must include des.h, not des_old.h directly.
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# ifdef _KERBEROS_DES_H
|
|
||||||
# error <openssl/des_old.h> replaces <kerberos/des.h>.
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# include <openssl/symhacks.h>
|
|
||||||
|
|
||||||
# ifdef OPENSSL_BUILD_SHLIBCRYPTO
|
|
||||||
# undef OPENSSL_EXTERN
|
|
||||||
# define OPENSSL_EXTERN OPENSSL_EXPORT
|
|
||||||
# endif
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
# ifdef _
|
|
||||||
# undef _
|
|
||||||
# endif
|
|
||||||
|
|
||||||
typedef unsigned char _ossl_old_des_cblock[8];
|
|
||||||
typedef struct _ossl_old_des_ks_struct {
|
|
||||||
union {
|
|
||||||
_ossl_old_des_cblock _;
|
|
||||||
/*
|
|
||||||
* make sure things are correct size on machines with 8 byte longs
|
|
||||||
*/
|
|
||||||
DES_LONG pad[2];
|
|
||||||
} ks;
|
|
||||||
} _ossl_old_des_key_schedule[16];
|
|
||||||
|
|
||||||
# ifndef OPENSSL_DES_LIBDES_COMPATIBILITY
|
|
||||||
# define des_cblock DES_cblock
|
|
||||||
# define const_des_cblock const_DES_cblock
|
|
||||||
# define des_key_schedule DES_key_schedule
|
|
||||||
# define des_ecb3_encrypt(i,o,k1,k2,k3,e)\
|
|
||||||
DES_ecb3_encrypt((i),(o),&(k1),&(k2),&(k3),(e))
|
|
||||||
# define des_ede3_cbc_encrypt(i,o,l,k1,k2,k3,iv,e)\
|
|
||||||
DES_ede3_cbc_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(e))
|
|
||||||
# define des_ede3_cbcm_encrypt(i,o,l,k1,k2,k3,iv1,iv2,e)\
|
|
||||||
DES_ede3_cbcm_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv1),(iv2),(e))
|
|
||||||
# define des_ede3_cfb64_encrypt(i,o,l,k1,k2,k3,iv,n,e)\
|
|
||||||
DES_ede3_cfb64_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(n),(e))
|
|
||||||
# define des_ede3_ofb64_encrypt(i,o,l,k1,k2,k3,iv,n)\
|
|
||||||
DES_ede3_ofb64_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(n))
|
|
||||||
# define des_options()\
|
|
||||||
DES_options()
|
|
||||||
# define des_cbc_cksum(i,o,l,k,iv)\
|
|
||||||
DES_cbc_cksum((i),(o),(l),&(k),(iv))
|
|
||||||
# define des_cbc_encrypt(i,o,l,k,iv,e)\
|
|
||||||
DES_cbc_encrypt((i),(o),(l),&(k),(iv),(e))
|
|
||||||
# define des_ncbc_encrypt(i,o,l,k,iv,e)\
|
|
||||||
DES_ncbc_encrypt((i),(o),(l),&(k),(iv),(e))
|
|
||||||
# define des_xcbc_encrypt(i,o,l,k,iv,inw,outw,e)\
|
|
||||||
DES_xcbc_encrypt((i),(o),(l),&(k),(iv),(inw),(outw),(e))
|
|
||||||
# define des_cfb_encrypt(i,o,n,l,k,iv,e)\
|
|
||||||
DES_cfb_encrypt((i),(o),(n),(l),&(k),(iv),(e))
|
|
||||||
# define des_ecb_encrypt(i,o,k,e)\
|
|
||||||
DES_ecb_encrypt((i),(o),&(k),(e))
|
|
||||||
# define des_encrypt1(d,k,e)\
|
|
||||||
DES_encrypt1((d),&(k),(e))
|
|
||||||
# define des_encrypt2(d,k,e)\
|
|
||||||
DES_encrypt2((d),&(k),(e))
|
|
||||||
# define des_encrypt3(d,k1,k2,k3)\
|
|
||||||
DES_encrypt3((d),&(k1),&(k2),&(k3))
|
|
||||||
# define des_decrypt3(d,k1,k2,k3)\
|
|
||||||
DES_decrypt3((d),&(k1),&(k2),&(k3))
|
|
||||||
# define des_xwhite_in2out(k,i,o)\
|
|
||||||
DES_xwhite_in2out((k),(i),(o))
|
|
||||||
# define des_enc_read(f,b,l,k,iv)\
|
|
||||||
DES_enc_read((f),(b),(l),&(k),(iv))
|
|
||||||
# define des_enc_write(f,b,l,k,iv)\
|
|
||||||
DES_enc_write((f),(b),(l),&(k),(iv))
|
|
||||||
# define des_fcrypt(b,s,r)\
|
|
||||||
DES_fcrypt((b),(s),(r))
|
|
||||||
# if 0
|
|
||||||
# define des_crypt(b,s)\
|
|
||||||
DES_crypt((b),(s))
|
|
||||||
# if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) && !defined(__OpenBSD__)
|
|
||||||
# define crypt(b,s)\
|
|
||||||
DES_crypt((b),(s))
|
|
||||||
# endif
|
|
||||||
# endif
|
|
||||||
# define des_ofb_encrypt(i,o,n,l,k,iv)\
|
|
||||||
DES_ofb_encrypt((i),(o),(n),(l),&(k),(iv))
|
|
||||||
# define des_pcbc_encrypt(i,o,l,k,iv,e)\
|
|
||||||
DES_pcbc_encrypt((i),(o),(l),&(k),(iv),(e))
|
|
||||||
# define des_quad_cksum(i,o,l,c,s)\
|
|
||||||
DES_quad_cksum((i),(o),(l),(c),(s))
|
|
||||||
# define des_random_seed(k)\
|
|
||||||
_ossl_096_des_random_seed((k))
|
|
||||||
# define des_random_key(r)\
|
|
||||||
DES_random_key((r))
|
|
||||||
# define des_read_password(k,p,v) \
|
|
||||||
DES_read_password((k),(p),(v))
|
|
||||||
# define des_read_2passwords(k1,k2,p,v) \
|
|
||||||
DES_read_2passwords((k1),(k2),(p),(v))
|
|
||||||
# define des_set_odd_parity(k)\
|
|
||||||
DES_set_odd_parity((k))
|
|
||||||
# define des_check_key_parity(k)\
|
|
||||||
DES_check_key_parity((k))
|
|
||||||
# define des_is_weak_key(k)\
|
|
||||||
DES_is_weak_key((k))
|
|
||||||
# define des_set_key(k,ks)\
|
|
||||||
DES_set_key((k),&(ks))
|
|
||||||
# define des_key_sched(k,ks)\
|
|
||||||
DES_key_sched((k),&(ks))
|
|
||||||
# define des_set_key_checked(k,ks)\
|
|
||||||
DES_set_key_checked((k),&(ks))
|
|
||||||
# define des_set_key_unchecked(k,ks)\
|
|
||||||
DES_set_key_unchecked((k),&(ks))
|
|
||||||
# define des_string_to_key(s,k)\
|
|
||||||
DES_string_to_key((s),(k))
|
|
||||||
# define des_string_to_2keys(s,k1,k2)\
|
|
||||||
DES_string_to_2keys((s),(k1),(k2))
|
|
||||||
# define des_cfb64_encrypt(i,o,l,ks,iv,n,e)\
|
|
||||||
DES_cfb64_encrypt((i),(o),(l),&(ks),(iv),(n),(e))
|
|
||||||
# define des_ofb64_encrypt(i,o,l,ks,iv,n)\
|
|
||||||
DES_ofb64_encrypt((i),(o),(l),&(ks),(iv),(n))
|
|
||||||
|
|
||||||
# define des_ecb2_encrypt(i,o,k1,k2,e) \
|
|
||||||
des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
|
|
||||||
|
|
||||||
# define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
|
|
||||||
des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
|
|
||||||
|
|
||||||
# define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
|
|
||||||
des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
|
|
||||||
|
|
||||||
# define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
|
|
||||||
des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
|
|
||||||
|
|
||||||
# define des_check_key DES_check_key
|
|
||||||
# define des_rw_mode DES_rw_mode
|
|
||||||
# else /* libdes compatibility */
|
|
||||||
/*
|
|
||||||
* Map all symbol names to _ossl_old_des_* form, so we avoid all clashes with
|
|
||||||
* libdes
|
|
||||||
*/
|
|
||||||
# define des_cblock _ossl_old_des_cblock
|
|
||||||
# define des_key_schedule _ossl_old_des_key_schedule
|
|
||||||
# define des_ecb3_encrypt(i,o,k1,k2,k3,e)\
|
|
||||||
_ossl_old_des_ecb3_encrypt((i),(o),(k1),(k2),(k3),(e))
|
|
||||||
# define des_ede3_cbc_encrypt(i,o,l,k1,k2,k3,iv,e)\
|
|
||||||
_ossl_old_des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(e))
|
|
||||||
# define des_ede3_cfb64_encrypt(i,o,l,k1,k2,k3,iv,n,e)\
|
|
||||||
_ossl_old_des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(n),(e))
|
|
||||||
# define des_ede3_ofb64_encrypt(i,o,l,k1,k2,k3,iv,n)\
|
|
||||||
_ossl_old_des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(n))
|
|
||||||
# define des_options()\
|
|
||||||
_ossl_old_des_options()
|
|
||||||
# define des_cbc_cksum(i,o,l,k,iv)\
|
|
||||||
_ossl_old_des_cbc_cksum((i),(o),(l),(k),(iv))
|
|
||||||
# define des_cbc_encrypt(i,o,l,k,iv,e)\
|
|
||||||
_ossl_old_des_cbc_encrypt((i),(o),(l),(k),(iv),(e))
|
|
||||||
# define des_ncbc_encrypt(i,o,l,k,iv,e)\
|
|
||||||
_ossl_old_des_ncbc_encrypt((i),(o),(l),(k),(iv),(e))
|
|
||||||
# define des_xcbc_encrypt(i,o,l,k,iv,inw,outw,e)\
|
|
||||||
_ossl_old_des_xcbc_encrypt((i),(o),(l),(k),(iv),(inw),(outw),(e))
|
|
||||||
# define des_cfb_encrypt(i,o,n,l,k,iv,e)\
|
|
||||||
_ossl_old_des_cfb_encrypt((i),(o),(n),(l),(k),(iv),(e))
|
|
||||||
# define des_ecb_encrypt(i,o,k,e)\
|
|
||||||
_ossl_old_des_ecb_encrypt((i),(o),(k),(e))
|
|
||||||
# define des_encrypt(d,k,e)\
|
|
||||||
_ossl_old_des_encrypt((d),(k),(e))
|
|
||||||
# define des_encrypt2(d,k,e)\
|
|
||||||
_ossl_old_des_encrypt2((d),(k),(e))
|
|
||||||
# define des_encrypt3(d,k1,k2,k3)\
|
|
||||||
_ossl_old_des_encrypt3((d),(k1),(k2),(k3))
|
|
||||||
# define des_decrypt3(d,k1,k2,k3)\
|
|
||||||
_ossl_old_des_decrypt3((d),(k1),(k2),(k3))
|
|
||||||
# define des_xwhite_in2out(k,i,o)\
|
|
||||||
_ossl_old_des_xwhite_in2out((k),(i),(o))
|
|
||||||
# define des_enc_read(f,b,l,k,iv)\
|
|
||||||
_ossl_old_des_enc_read((f),(b),(l),(k),(iv))
|
|
||||||
# define des_enc_write(f,b,l,k,iv)\
|
|
||||||
_ossl_old_des_enc_write((f),(b),(l),(k),(iv))
|
|
||||||
# define des_fcrypt(b,s,r)\
|
|
||||||
_ossl_old_des_fcrypt((b),(s),(r))
|
|
||||||
# define des_crypt(b,s)\
|
|
||||||
_ossl_old_des_crypt((b),(s))
|
|
||||||
# if 0
|
|
||||||
# define crypt(b,s)\
|
|
||||||
_ossl_old_crypt((b),(s))
|
|
||||||
# endif
|
|
||||||
# define des_ofb_encrypt(i,o,n,l,k,iv)\
|
|
||||||
_ossl_old_des_ofb_encrypt((i),(o),(n),(l),(k),(iv))
|
|
||||||
# define des_pcbc_encrypt(i,o,l,k,iv,e)\
|
|
||||||
_ossl_old_des_pcbc_encrypt((i),(o),(l),(k),(iv),(e))
|
|
||||||
# define des_quad_cksum(i,o,l,c,s)\
|
|
||||||
_ossl_old_des_quad_cksum((i),(o),(l),(c),(s))
|
|
||||||
# define des_random_seed(k)\
|
|
||||||
_ossl_old_des_random_seed((k))
|
|
||||||
# define des_random_key(r)\
|
|
||||||
_ossl_old_des_random_key((r))
|
|
||||||
# define des_read_password(k,p,v) \
|
|
||||||
_ossl_old_des_read_password((k),(p),(v))
|
|
||||||
# define des_read_2passwords(k1,k2,p,v) \
|
|
||||||
_ossl_old_des_read_2passwords((k1),(k2),(p),(v))
|
|
||||||
# define des_set_odd_parity(k)\
|
|
||||||
_ossl_old_des_set_odd_parity((k))
|
|
||||||
# define des_is_weak_key(k)\
|
|
||||||
_ossl_old_des_is_weak_key((k))
|
|
||||||
# define des_set_key(k,ks)\
|
|
||||||
_ossl_old_des_set_key((k),(ks))
|
|
||||||
# define des_key_sched(k,ks)\
|
|
||||||
_ossl_old_des_key_sched((k),(ks))
|
|
||||||
# define des_string_to_key(s,k)\
|
|
||||||
_ossl_old_des_string_to_key((s),(k))
|
|
||||||
# define des_string_to_2keys(s,k1,k2)\
|
|
||||||
_ossl_old_des_string_to_2keys((s),(k1),(k2))
|
|
||||||
# define des_cfb64_encrypt(i,o,l,ks,iv,n,e)\
|
|
||||||
_ossl_old_des_cfb64_encrypt((i),(o),(l),(ks),(iv),(n),(e))
|
|
||||||
# define des_ofb64_encrypt(i,o,l,ks,iv,n)\
|
|
||||||
_ossl_old_des_ofb64_encrypt((i),(o),(l),(ks),(iv),(n))
|
|
||||||
|
|
||||||
# define des_ecb2_encrypt(i,o,k1,k2,e) \
|
|
||||||
des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
|
|
||||||
|
|
||||||
# define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
|
|
||||||
des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
|
|
||||||
|
|
||||||
# define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
|
|
||||||
des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
|
|
||||||
|
|
||||||
# define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
|
|
||||||
des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
|
|
||||||
|
|
||||||
# define des_check_key DES_check_key
|
|
||||||
# define des_rw_mode DES_rw_mode
|
|
||||||
# endif
|
|
||||||
|
|
||||||
const char *_ossl_old_des_options(void);
|
|
||||||
void _ossl_old_des_ecb3_encrypt(_ossl_old_des_cblock *input,
|
|
||||||
_ossl_old_des_cblock *output,
|
|
||||||
_ossl_old_des_key_schedule ks1,
|
|
||||||
_ossl_old_des_key_schedule ks2,
|
|
||||||
_ossl_old_des_key_schedule ks3, int enc);
|
|
||||||
DES_LONG _ossl_old_des_cbc_cksum(_ossl_old_des_cblock *input,
|
|
||||||
_ossl_old_des_cblock *output, long length,
|
|
||||||
_ossl_old_des_key_schedule schedule,
|
|
||||||
_ossl_old_des_cblock *ivec);
|
|
||||||
void _ossl_old_des_cbc_encrypt(_ossl_old_des_cblock *input,
|
|
||||||
_ossl_old_des_cblock *output, long length,
|
|
||||||
_ossl_old_des_key_schedule schedule,
|
|
||||||
_ossl_old_des_cblock *ivec, int enc);
|
|
||||||
void _ossl_old_des_ncbc_encrypt(_ossl_old_des_cblock *input,
|
|
||||||
_ossl_old_des_cblock *output, long length,
|
|
||||||
_ossl_old_des_key_schedule schedule,
|
|
||||||
_ossl_old_des_cblock *ivec, int enc);
|
|
||||||
void _ossl_old_des_xcbc_encrypt(_ossl_old_des_cblock *input,
|
|
||||||
_ossl_old_des_cblock *output, long length,
|
|
||||||
_ossl_old_des_key_schedule schedule,
|
|
||||||
_ossl_old_des_cblock *ivec,
|
|
||||||
_ossl_old_des_cblock *inw,
|
|
||||||
_ossl_old_des_cblock *outw, int enc);
|
|
||||||
void _ossl_old_des_cfb_encrypt(unsigned char *in, unsigned char *out,
|
|
||||||
int numbits, long length,
|
|
||||||
_ossl_old_des_key_schedule schedule,
|
|
||||||
_ossl_old_des_cblock *ivec, int enc);
|
|
||||||
void _ossl_old_des_ecb_encrypt(_ossl_old_des_cblock *input,
|
|
||||||
_ossl_old_des_cblock *output,
|
|
||||||
_ossl_old_des_key_schedule ks, int enc);
|
|
||||||
void _ossl_old_des_encrypt(DES_LONG *data, _ossl_old_des_key_schedule ks,
|
|
||||||
int enc);
|
|
||||||
void _ossl_old_des_encrypt2(DES_LONG *data, _ossl_old_des_key_schedule ks,
|
|
||||||
int enc);
|
|
||||||
void _ossl_old_des_encrypt3(DES_LONG *data, _ossl_old_des_key_schedule ks1,
|
|
||||||
_ossl_old_des_key_schedule ks2,
|
|
||||||
_ossl_old_des_key_schedule ks3);
|
|
||||||
void _ossl_old_des_decrypt3(DES_LONG *data, _ossl_old_des_key_schedule ks1,
|
|
||||||
_ossl_old_des_key_schedule ks2,
|
|
||||||
_ossl_old_des_key_schedule ks3);
|
|
||||||
void _ossl_old_des_ede3_cbc_encrypt(_ossl_old_des_cblock *input,
|
|
||||||
_ossl_old_des_cblock *output, long length,
|
|
||||||
_ossl_old_des_key_schedule ks1,
|
|
||||||
_ossl_old_des_key_schedule ks2,
|
|
||||||
_ossl_old_des_key_schedule ks3,
|
|
||||||
_ossl_old_des_cblock *ivec, int enc);
|
|
||||||
void _ossl_old_des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out,
|
|
||||||
long length,
|
|
||||||
_ossl_old_des_key_schedule ks1,
|
|
||||||
_ossl_old_des_key_schedule ks2,
|
|
||||||
_ossl_old_des_key_schedule ks3,
|
|
||||||
_ossl_old_des_cblock *ivec, int *num,
|
|
||||||
int enc);
|
|
||||||
void _ossl_old_des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out,
|
|
||||||
long length,
|
|
||||||
_ossl_old_des_key_schedule ks1,
|
|
||||||
_ossl_old_des_key_schedule ks2,
|
|
||||||
_ossl_old_des_key_schedule ks3,
|
|
||||||
_ossl_old_des_cblock *ivec, int *num);
|
|
||||||
# if 0
|
|
||||||
void _ossl_old_des_xwhite_in2out(_ossl_old_des_cblock (*des_key),
|
|
||||||
_ossl_old_des_cblock (*in_white),
|
|
||||||
_ossl_old_des_cblock (*out_white));
|
|
||||||
# endif
|
|
||||||
|
|
||||||
int _ossl_old_des_enc_read(int fd, char *buf, int len,
|
|
||||||
_ossl_old_des_key_schedule sched,
|
|
||||||
_ossl_old_des_cblock *iv);
|
|
||||||
int _ossl_old_des_enc_write(int fd, char *buf, int len,
|
|
||||||
_ossl_old_des_key_schedule sched,
|
|
||||||
_ossl_old_des_cblock *iv);
|
|
||||||
char *_ossl_old_des_fcrypt(const char *buf, const char *salt, char *ret);
|
|
||||||
char *_ossl_old_des_crypt(const char *buf, const char *salt);
|
|
||||||
# if !defined(PERL5) && !defined(NeXT)
|
|
||||||
char *_ossl_old_crypt(const char *buf, const char *salt);
|
|
||||||
# endif
|
|
||||||
void _ossl_old_des_ofb_encrypt(unsigned char *in, unsigned char *out,
|
|
||||||
int numbits, long length,
|
|
||||||
_ossl_old_des_key_schedule schedule,
|
|
||||||
_ossl_old_des_cblock *ivec);
|
|
||||||
void _ossl_old_des_pcbc_encrypt(_ossl_old_des_cblock *input,
|
|
||||||
_ossl_old_des_cblock *output, long length,
|
|
||||||
_ossl_old_des_key_schedule schedule,
|
|
||||||
_ossl_old_des_cblock *ivec, int enc);
|
|
||||||
DES_LONG _ossl_old_des_quad_cksum(_ossl_old_des_cblock *input,
|
|
||||||
_ossl_old_des_cblock *output, long length,
|
|
||||||
int out_count, _ossl_old_des_cblock *seed);
|
|
||||||
void _ossl_old_des_random_seed(_ossl_old_des_cblock key);
|
|
||||||
void _ossl_old_des_random_key(_ossl_old_des_cblock ret);
|
|
||||||
int _ossl_old_des_read_password(_ossl_old_des_cblock *key, const char *prompt,
|
|
||||||
int verify);
|
|
||||||
int _ossl_old_des_read_2passwords(_ossl_old_des_cblock *key1,
|
|
||||||
_ossl_old_des_cblock *key2,
|
|
||||||
const char *prompt, int verify);
|
|
||||||
void _ossl_old_des_set_odd_parity(_ossl_old_des_cblock *key);
|
|
||||||
int _ossl_old_des_is_weak_key(_ossl_old_des_cblock *key);
|
|
||||||
int _ossl_old_des_set_key(_ossl_old_des_cblock *key,
|
|
||||||
_ossl_old_des_key_schedule schedule);
|
|
||||||
int _ossl_old_des_key_sched(_ossl_old_des_cblock *key,
|
|
||||||
_ossl_old_des_key_schedule schedule);
|
|
||||||
void _ossl_old_des_string_to_key(char *str, _ossl_old_des_cblock *key);
|
|
||||||
void _ossl_old_des_string_to_2keys(char *str, _ossl_old_des_cblock *key1,
|
|
||||||
_ossl_old_des_cblock *key2);
|
|
||||||
void _ossl_old_des_cfb64_encrypt(unsigned char *in, unsigned char *out,
|
|
||||||
long length,
|
|
||||||
_ossl_old_des_key_schedule schedule,
|
|
||||||
_ossl_old_des_cblock *ivec, int *num,
|
|
||||||
int enc);
|
|
||||||
void _ossl_old_des_ofb64_encrypt(unsigned char *in, unsigned char *out,
|
|
||||||
long length,
|
|
||||||
_ossl_old_des_key_schedule schedule,
|
|
||||||
_ossl_old_des_cblock *ivec, int *num);
|
|
||||||
|
|
||||||
void _ossl_096_des_random_seed(des_cblock *key);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* The following definitions provide compatibility with the MIT Kerberos
|
|
||||||
* library. The _ossl_old_des_key_schedule structure is not binary
|
|
||||||
* compatible.
|
|
||||||
*/
|
|
||||||
|
|
||||||
# define _KERBEROS_DES_H
|
|
||||||
|
|
||||||
# define KRBDES_ENCRYPT DES_ENCRYPT
|
|
||||||
# define KRBDES_DECRYPT DES_DECRYPT
|
|
||||||
|
|
||||||
# ifdef KERBEROS
|
|
||||||
# define ENCRYPT DES_ENCRYPT
|
|
||||||
# define DECRYPT DES_DECRYPT
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# ifndef NCOMPAT
|
|
||||||
# define C_Block des_cblock
|
|
||||||
# define Key_schedule des_key_schedule
|
|
||||||
# define KEY_SZ DES_KEY_SZ
|
|
||||||
# define string_to_key des_string_to_key
|
|
||||||
# define read_pw_string des_read_pw_string
|
|
||||||
# define random_key des_random_key
|
|
||||||
# define pcbc_encrypt des_pcbc_encrypt
|
|
||||||
# define set_key des_set_key
|
|
||||||
# define key_sched des_key_sched
|
|
||||||
# define ecb_encrypt des_ecb_encrypt
|
|
||||||
# define cbc_encrypt des_cbc_encrypt
|
|
||||||
# define ncbc_encrypt des_ncbc_encrypt
|
|
||||||
# define xcbc_encrypt des_xcbc_encrypt
|
|
||||||
# define cbc_cksum des_cbc_cksum
|
|
||||||
# define quad_cksum des_quad_cksum
|
|
||||||
# define check_parity des_check_key_parity
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# define des_fixup_key_parity DES_fixup_key_parity
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* for DES_read_pw_string et al */
|
|
||||||
# include <openssl/ui_compat.h>
|
|
||||||
|
|
||||||
#endif
|
|
|
@ -1,451 +0,0 @@
|
||||||
/* dso.h -*- mode:C; c-file-style: "eay" -*- */
|
|
||||||
/*
|
|
||||||
* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
|
|
||||||
* 2000.
|
|
||||||
*/
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
*
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
*
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in
|
|
||||||
* the documentation and/or other materials provided with the
|
|
||||||
* distribution.
|
|
||||||
*
|
|
||||||
* 3. All advertising materials mentioning features or use of this
|
|
||||||
* software must display the following acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
|
||||||
*
|
|
||||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* prior written permission. For written permission, please contact
|
|
||||||
* licensing@OpenSSL.org.
|
|
||||||
*
|
|
||||||
* 5. Products derived from this software may not be called "OpenSSL"
|
|
||||||
* nor may "OpenSSL" appear in their names without prior written
|
|
||||||
* permission of the OpenSSL Project.
|
|
||||||
*
|
|
||||||
* 6. Redistributions of any form whatsoever must retain the following
|
|
||||||
* acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
||||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
||||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
||||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
||||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
||||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
||||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
||||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
||||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
* ====================================================================
|
|
||||||
*
|
|
||||||
* This product includes cryptographic software written by Eric Young
|
|
||||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
|
||||||
* Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_DSO_H
|
|
||||||
# define HEADER_DSO_H
|
|
||||||
|
|
||||||
# include <openssl/crypto.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* These values are used as commands to DSO_ctrl() */
|
|
||||||
# define DSO_CTRL_GET_FLAGS 1
|
|
||||||
# define DSO_CTRL_SET_FLAGS 2
|
|
||||||
# define DSO_CTRL_OR_FLAGS 3
|
|
||||||
|
|
||||||
/*
|
|
||||||
* By default, DSO_load() will translate the provided filename into a form
|
|
||||||
* typical for the platform (more specifically the DSO_METHOD) using the
|
|
||||||
* dso_name_converter function of the method. Eg. win32 will transform "blah"
|
|
||||||
* into "blah.dll", and dlfcn will transform it into "libblah.so". The
|
|
||||||
* behaviour can be overriden by setting the name_converter callback in the
|
|
||||||
* DSO object (using DSO_set_name_converter()). This callback could even
|
|
||||||
* utilise the DSO_METHOD's converter too if it only wants to override
|
|
||||||
* behaviour for one or two possible DSO methods. However, the following flag
|
|
||||||
* can be set in a DSO to prevent *any* native name-translation at all - eg.
|
|
||||||
* if the caller has prompted the user for a path to a driver library so the
|
|
||||||
* filename should be interpreted as-is.
|
|
||||||
*/
|
|
||||||
# define DSO_FLAG_NO_NAME_TRANSLATION 0x01
|
|
||||||
/*
|
|
||||||
* An extra flag to give if only the extension should be added as
|
|
||||||
* translation. This is obviously only of importance on Unix and other
|
|
||||||
* operating systems where the translation also may prefix the name with
|
|
||||||
* something, like 'lib', and ignored everywhere else. This flag is also
|
|
||||||
* ignored if DSO_FLAG_NO_NAME_TRANSLATION is used at the same time.
|
|
||||||
*/
|
|
||||||
# define DSO_FLAG_NAME_TRANSLATION_EXT_ONLY 0x02
|
|
||||||
|
|
||||||
/*
|
|
||||||
* The following flag controls the translation of symbol names to upper case.
|
|
||||||
* This is currently only being implemented for OpenVMS.
|
|
||||||
*/
|
|
||||||
# define DSO_FLAG_UPCASE_SYMBOL 0x10
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This flag loads the library with public symbols. Meaning: The exported
|
|
||||||
* symbols of this library are public to all libraries loaded after this
|
|
||||||
* library. At the moment only implemented in unix.
|
|
||||||
*/
|
|
||||||
# define DSO_FLAG_GLOBAL_SYMBOLS 0x20
|
|
||||||
|
|
||||||
typedef void (*DSO_FUNC_TYPE) (void);
|
|
||||||
|
|
||||||
typedef struct dso_st DSO;
|
|
||||||
|
|
||||||
/*
|
|
||||||
* The function prototype used for method functions (or caller-provided
|
|
||||||
* callbacks) that transform filenames. They are passed a DSO structure
|
|
||||||
* pointer (or NULL if they are to be used independantly of a DSO object) and
|
|
||||||
* a filename to transform. They should either return NULL (if there is an
|
|
||||||
* error condition) or a newly allocated string containing the transformed
|
|
||||||
* form that the caller will need to free with OPENSSL_free() when done.
|
|
||||||
*/
|
|
||||||
typedef char *(*DSO_NAME_CONVERTER_FUNC)(DSO *, const char *);
|
|
||||||
/*
|
|
||||||
* The function prototype used for method functions (or caller-provided
|
|
||||||
* callbacks) that merge two file specifications. They are passed a DSO
|
|
||||||
* structure pointer (or NULL if they are to be used independantly of a DSO
|
|
||||||
* object) and two file specifications to merge. They should either return
|
|
||||||
* NULL (if there is an error condition) or a newly allocated string
|
|
||||||
* containing the result of merging that the caller will need to free with
|
|
||||||
* OPENSSL_free() when done. Here, merging means that bits and pieces are
|
|
||||||
* taken from each of the file specifications and added together in whatever
|
|
||||||
* fashion that is sensible for the DSO method in question. The only rule
|
|
||||||
* that really applies is that if the two specification contain pieces of the
|
|
||||||
* same type, the copy from the first string takes priority. One could see
|
|
||||||
* it as the first specification is the one given by the user and the second
|
|
||||||
* being a bunch of defaults to add on if they're missing in the first.
|
|
||||||
*/
|
|
||||||
typedef char *(*DSO_MERGER_FUNC)(DSO *, const char *, const char *);
|
|
||||||
|
|
||||||
typedef struct dso_meth_st {
|
|
||||||
const char *name;
|
|
||||||
/*
|
|
||||||
* Loads a shared library, NB: new DSO_METHODs must ensure that a
|
|
||||||
* successful load populates the loaded_filename field, and likewise a
|
|
||||||
* successful unload OPENSSL_frees and NULLs it out.
|
|
||||||
*/
|
|
||||||
int (*dso_load) (DSO *dso);
|
|
||||||
/* Unloads a shared library */
|
|
||||||
int (*dso_unload) (DSO *dso);
|
|
||||||
/* Binds a variable */
|
|
||||||
void *(*dso_bind_var) (DSO *dso, const char *symname);
|
|
||||||
/*
|
|
||||||
* Binds a function - assumes a return type of DSO_FUNC_TYPE. This should
|
|
||||||
* be cast to the real function prototype by the caller. Platforms that
|
|
||||||
* don't have compatible representations for different prototypes (this
|
|
||||||
* is possible within ANSI C) are highly unlikely to have shared
|
|
||||||
* libraries at all, let alone a DSO_METHOD implemented for them.
|
|
||||||
*/
|
|
||||||
DSO_FUNC_TYPE (*dso_bind_func) (DSO *dso, const char *symname);
|
|
||||||
/* I don't think this would actually be used in any circumstances. */
|
|
||||||
# if 0
|
|
||||||
/* Unbinds a variable */
|
|
||||||
int (*dso_unbind_var) (DSO *dso, char *symname, void *symptr);
|
|
||||||
/* Unbinds a function */
|
|
||||||
int (*dso_unbind_func) (DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
|
|
||||||
# endif
|
|
||||||
/*
|
|
||||||
* The generic (yuck) "ctrl()" function. NB: Negative return values
|
|
||||||
* (rather than zero) indicate errors.
|
|
||||||
*/
|
|
||||||
long (*dso_ctrl) (DSO *dso, int cmd, long larg, void *parg);
|
|
||||||
/*
|
|
||||||
* The default DSO_METHOD-specific function for converting filenames to a
|
|
||||||
* canonical native form.
|
|
||||||
*/
|
|
||||||
DSO_NAME_CONVERTER_FUNC dso_name_converter;
|
|
||||||
/*
|
|
||||||
* The default DSO_METHOD-specific function for converting filenames to a
|
|
||||||
* canonical native form.
|
|
||||||
*/
|
|
||||||
DSO_MERGER_FUNC dso_merger;
|
|
||||||
/* [De]Initialisation handlers. */
|
|
||||||
int (*init) (DSO *dso);
|
|
||||||
int (*finish) (DSO *dso);
|
|
||||||
/* Return pathname of the module containing location */
|
|
||||||
int (*pathbyaddr) (void *addr, char *path, int sz);
|
|
||||||
/* Perform global symbol lookup, i.e. among *all* modules */
|
|
||||||
void *(*globallookup) (const char *symname);
|
|
||||||
} DSO_METHOD;
|
|
||||||
|
|
||||||
/**********************************************************************/
|
|
||||||
/* The low-level handle type used to refer to a loaded shared library */
|
|
||||||
|
|
||||||
struct dso_st {
|
|
||||||
DSO_METHOD *meth;
|
|
||||||
/*
|
|
||||||
* Standard dlopen uses a (void *). Win32 uses a HANDLE. VMS doesn't use
|
|
||||||
* anything but will need to cache the filename for use in the dso_bind
|
|
||||||
* handler. All in all, let each method control its own destiny.
|
|
||||||
* "Handles" and such go in a STACK.
|
|
||||||
*/
|
|
||||||
STACK_OF(void) *meth_data;
|
|
||||||
int references;
|
|
||||||
int flags;
|
|
||||||
/*
|
|
||||||
* For use by applications etc ... use this for your bits'n'pieces, don't
|
|
||||||
* touch meth_data!
|
|
||||||
*/
|
|
||||||
CRYPTO_EX_DATA ex_data;
|
|
||||||
/*
|
|
||||||
* If this callback function pointer is set to non-NULL, then it will be
|
|
||||||
* used in DSO_load() in place of meth->dso_name_converter. NB: This
|
|
||||||
* should normally set using DSO_set_name_converter().
|
|
||||||
*/
|
|
||||||
DSO_NAME_CONVERTER_FUNC name_converter;
|
|
||||||
/*
|
|
||||||
* If this callback function pointer is set to non-NULL, then it will be
|
|
||||||
* used in DSO_load() in place of meth->dso_merger. NB: This should
|
|
||||||
* normally set using DSO_set_merger().
|
|
||||||
*/
|
|
||||||
DSO_MERGER_FUNC merger;
|
|
||||||
/*
|
|
||||||
* This is populated with (a copy of) the platform-independant filename
|
|
||||||
* used for this DSO.
|
|
||||||
*/
|
|
||||||
char *filename;
|
|
||||||
/*
|
|
||||||
* This is populated with (a copy of) the translated filename by which
|
|
||||||
* the DSO was actually loaded. It is NULL iff the DSO is not currently
|
|
||||||
* loaded. NB: This is here because the filename translation process may
|
|
||||||
* involve a callback being invoked more than once not only to convert to
|
|
||||||
* a platform-specific form, but also to try different filenames in the
|
|
||||||
* process of trying to perform a load. As such, this variable can be
|
|
||||||
* used to indicate (a) whether this DSO structure corresponds to a
|
|
||||||
* loaded library or not, and (b) the filename with which it was actually
|
|
||||||
* loaded.
|
|
||||||
*/
|
|
||||||
char *loaded_filename;
|
|
||||||
};
|
|
||||||
|
|
||||||
DSO *DSO_new(void);
|
|
||||||
DSO *DSO_new_method(DSO_METHOD *method);
|
|
||||||
int DSO_free(DSO *dso);
|
|
||||||
int DSO_flags(DSO *dso);
|
|
||||||
int DSO_up_ref(DSO *dso);
|
|
||||||
long DSO_ctrl(DSO *dso, int cmd, long larg, void *parg);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This function sets the DSO's name_converter callback. If it is non-NULL,
|
|
||||||
* then it will be used instead of the associated DSO_METHOD's function. If
|
|
||||||
* oldcb is non-NULL then it is set to the function pointer value being
|
|
||||||
* replaced. Return value is non-zero for success.
|
|
||||||
*/
|
|
||||||
int DSO_set_name_converter(DSO *dso, DSO_NAME_CONVERTER_FUNC cb,
|
|
||||||
DSO_NAME_CONVERTER_FUNC *oldcb);
|
|
||||||
/*
|
|
||||||
* These functions can be used to get/set the platform-independant filename
|
|
||||||
* used for a DSO. NB: set will fail if the DSO is already loaded.
|
|
||||||
*/
|
|
||||||
const char *DSO_get_filename(DSO *dso);
|
|
||||||
int DSO_set_filename(DSO *dso, const char *filename);
|
|
||||||
/*
|
|
||||||
* This function will invoke the DSO's name_converter callback to translate a
|
|
||||||
* filename, or if the callback isn't set it will instead use the DSO_METHOD's
|
|
||||||
* converter. If "filename" is NULL, the "filename" in the DSO itself will be
|
|
||||||
* used. If the DSO_FLAG_NO_NAME_TRANSLATION flag is set, then the filename is
|
|
||||||
* simply duplicated. NB: This function is usually called from within a
|
|
||||||
* DSO_METHOD during the processing of a DSO_load() call, and is exposed so
|
|
||||||
* that caller-created DSO_METHODs can do the same thing. A non-NULL return
|
|
||||||
* value will need to be OPENSSL_free()'d.
|
|
||||||
*/
|
|
||||||
char *DSO_convert_filename(DSO *dso, const char *filename);
|
|
||||||
/*
|
|
||||||
* This function will invoke the DSO's merger callback to merge two file
|
|
||||||
* specifications, or if the callback isn't set it will instead use the
|
|
||||||
* DSO_METHOD's merger. A non-NULL return value will need to be
|
|
||||||
* OPENSSL_free()'d.
|
|
||||||
*/
|
|
||||||
char *DSO_merge(DSO *dso, const char *filespec1, const char *filespec2);
|
|
||||||
/*
|
|
||||||
* If the DSO is currently loaded, this returns the filename that it was
|
|
||||||
* loaded under, otherwise it returns NULL. So it is also useful as a test as
|
|
||||||
* to whether the DSO is currently loaded. NB: This will not necessarily
|
|
||||||
* return the same value as DSO_convert_filename(dso, dso->filename), because
|
|
||||||
* the DSO_METHOD's load function may have tried a variety of filenames (with
|
|
||||||
* and/or without the aid of the converters) before settling on the one it
|
|
||||||
* actually loaded.
|
|
||||||
*/
|
|
||||||
const char *DSO_get_loaded_filename(DSO *dso);
|
|
||||||
|
|
||||||
void DSO_set_default_method(DSO_METHOD *meth);
|
|
||||||
DSO_METHOD *DSO_get_default_method(void);
|
|
||||||
DSO_METHOD *DSO_get_method(DSO *dso);
|
|
||||||
DSO_METHOD *DSO_set_method(DSO *dso, DSO_METHOD *meth);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* The all-singing all-dancing load function, you normally pass NULL for the
|
|
||||||
* first and third parameters. Use DSO_up and DSO_free for subsequent
|
|
||||||
* reference count handling. Any flags passed in will be set in the
|
|
||||||
* constructed DSO after its init() function but before the load operation.
|
|
||||||
* If 'dso' is non-NULL, 'flags' is ignored.
|
|
||||||
*/
|
|
||||||
DSO *DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags);
|
|
||||||
|
|
||||||
/* This function binds to a variable inside a shared library. */
|
|
||||||
void *DSO_bind_var(DSO *dso, const char *symname);
|
|
||||||
|
|
||||||
/* This function binds to a function inside a shared library. */
|
|
||||||
DSO_FUNC_TYPE DSO_bind_func(DSO *dso, const char *symname);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This method is the default, but will beg, borrow, or steal whatever method
|
|
||||||
* should be the default on any particular platform (including
|
|
||||||
* DSO_METH_null() if necessary).
|
|
||||||
*/
|
|
||||||
DSO_METHOD *DSO_METHOD_openssl(void);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This method is defined for all platforms - if a platform has no DSO
|
|
||||||
* support then this will be the only method!
|
|
||||||
*/
|
|
||||||
DSO_METHOD *DSO_METHOD_null(void);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* If DSO_DLFCN is defined, the standard dlfcn.h-style functions (dlopen,
|
|
||||||
* dlclose, dlsym, etc) will be used and incorporated into this method. If
|
|
||||||
* not, this method will return NULL.
|
|
||||||
*/
|
|
||||||
DSO_METHOD *DSO_METHOD_dlfcn(void);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* If DSO_DL is defined, the standard dl.h-style functions (shl_load,
|
|
||||||
* shl_unload, shl_findsym, etc) will be used and incorporated into this
|
|
||||||
* method. If not, this method will return NULL.
|
|
||||||
*/
|
|
||||||
DSO_METHOD *DSO_METHOD_dl(void);
|
|
||||||
|
|
||||||
/* If WIN32 is defined, use DLLs. If not, return NULL. */
|
|
||||||
DSO_METHOD *DSO_METHOD_win32(void);
|
|
||||||
|
|
||||||
/* If VMS is defined, use shared images. If not, return NULL. */
|
|
||||||
DSO_METHOD *DSO_METHOD_vms(void);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This function writes null-terminated pathname of DSO module containing
|
|
||||||
* 'addr' into 'sz' large caller-provided 'path' and returns the number of
|
|
||||||
* characters [including trailing zero] written to it. If 'sz' is 0 or
|
|
||||||
* negative, 'path' is ignored and required amount of charachers [including
|
|
||||||
* trailing zero] to accomodate pathname is returned. If 'addr' is NULL, then
|
|
||||||
* pathname of cryptolib itself is returned. Negative or zero return value
|
|
||||||
* denotes error.
|
|
||||||
*/
|
|
||||||
int DSO_pathbyaddr(void *addr, char *path, int sz);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This function should be used with caution! It looks up symbols in *all*
|
|
||||||
* loaded modules and if module gets unloaded by somebody else attempt to
|
|
||||||
* dereference the pointer is doomed to have fatal consequences. Primary
|
|
||||||
* usage for this function is to probe *core* system functionality, e.g.
|
|
||||||
* check if getnameinfo(3) is available at run-time without bothering about
|
|
||||||
* OS-specific details such as libc.so.versioning or where does it actually
|
|
||||||
* reside: in libc itself or libsocket.
|
|
||||||
*/
|
|
||||||
void *DSO_global_lookup(const char *name);
|
|
||||||
|
|
||||||
/* If BeOS is defined, use shared images. If not, return NULL. */
|
|
||||||
DSO_METHOD *DSO_METHOD_beos(void);
|
|
||||||
|
|
||||||
/* BEGIN ERROR CODES */
|
|
||||||
/*
|
|
||||||
* The following lines are auto generated by the script mkerr.pl. Any changes
|
|
||||||
* made after this point may be overwritten when the script is next run.
|
|
||||||
*/
|
|
||||||
void ERR_load_DSO_strings(void);
|
|
||||||
|
|
||||||
/* Error codes for the DSO functions. */
|
|
||||||
|
|
||||||
/* Function codes. */
|
|
||||||
# define DSO_F_BEOS_BIND_FUNC 144
|
|
||||||
# define DSO_F_BEOS_BIND_VAR 145
|
|
||||||
# define DSO_F_BEOS_LOAD 146
|
|
||||||
# define DSO_F_BEOS_NAME_CONVERTER 147
|
|
||||||
# define DSO_F_BEOS_UNLOAD 148
|
|
||||||
# define DSO_F_DLFCN_BIND_FUNC 100
|
|
||||||
# define DSO_F_DLFCN_BIND_VAR 101
|
|
||||||
# define DSO_F_DLFCN_LOAD 102
|
|
||||||
# define DSO_F_DLFCN_MERGER 130
|
|
||||||
# define DSO_F_DLFCN_NAME_CONVERTER 123
|
|
||||||
# define DSO_F_DLFCN_UNLOAD 103
|
|
||||||
# define DSO_F_DL_BIND_FUNC 104
|
|
||||||
# define DSO_F_DL_BIND_VAR 105
|
|
||||||
# define DSO_F_DL_LOAD 106
|
|
||||||
# define DSO_F_DL_MERGER 131
|
|
||||||
# define DSO_F_DL_NAME_CONVERTER 124
|
|
||||||
# define DSO_F_DL_UNLOAD 107
|
|
||||||
# define DSO_F_DSO_BIND_FUNC 108
|
|
||||||
# define DSO_F_DSO_BIND_VAR 109
|
|
||||||
# define DSO_F_DSO_CONVERT_FILENAME 126
|
|
||||||
# define DSO_F_DSO_CTRL 110
|
|
||||||
# define DSO_F_DSO_FREE 111
|
|
||||||
# define DSO_F_DSO_GET_FILENAME 127
|
|
||||||
# define DSO_F_DSO_GET_LOADED_FILENAME 128
|
|
||||||
# define DSO_F_DSO_GLOBAL_LOOKUP 139
|
|
||||||
# define DSO_F_DSO_LOAD 112
|
|
||||||
# define DSO_F_DSO_MERGE 132
|
|
||||||
# define DSO_F_DSO_NEW_METHOD 113
|
|
||||||
# define DSO_F_DSO_PATHBYADDR 140
|
|
||||||
# define DSO_F_DSO_SET_FILENAME 129
|
|
||||||
# define DSO_F_DSO_SET_NAME_CONVERTER 122
|
|
||||||
# define DSO_F_DSO_UP_REF 114
|
|
||||||
# define DSO_F_GLOBAL_LOOKUP_FUNC 138
|
|
||||||
# define DSO_F_PATHBYADDR 137
|
|
||||||
# define DSO_F_VMS_BIND_SYM 115
|
|
||||||
# define DSO_F_VMS_LOAD 116
|
|
||||||
# define DSO_F_VMS_MERGER 133
|
|
||||||
# define DSO_F_VMS_UNLOAD 117
|
|
||||||
# define DSO_F_WIN32_BIND_FUNC 118
|
|
||||||
# define DSO_F_WIN32_BIND_VAR 119
|
|
||||||
# define DSO_F_WIN32_GLOBALLOOKUP 142
|
|
||||||
# define DSO_F_WIN32_GLOBALLOOKUP_FUNC 143
|
|
||||||
# define DSO_F_WIN32_JOINER 135
|
|
||||||
# define DSO_F_WIN32_LOAD 120
|
|
||||||
# define DSO_F_WIN32_MERGER 134
|
|
||||||
# define DSO_F_WIN32_NAME_CONVERTER 125
|
|
||||||
# define DSO_F_WIN32_PATHBYADDR 141
|
|
||||||
# define DSO_F_WIN32_SPLITTER 136
|
|
||||||
# define DSO_F_WIN32_UNLOAD 121
|
|
||||||
|
|
||||||
/* Reason codes. */
|
|
||||||
# define DSO_R_CTRL_FAILED 100
|
|
||||||
# define DSO_R_DSO_ALREADY_LOADED 110
|
|
||||||
# define DSO_R_EMPTY_FILE_STRUCTURE 113
|
|
||||||
# define DSO_R_FAILURE 114
|
|
||||||
# define DSO_R_FILENAME_TOO_BIG 101
|
|
||||||
# define DSO_R_FINISH_FAILED 102
|
|
||||||
# define DSO_R_INCORRECT_FILE_SYNTAX 115
|
|
||||||
# define DSO_R_LOAD_FAILED 103
|
|
||||||
# define DSO_R_NAME_TRANSLATION_FAILED 109
|
|
||||||
# define DSO_R_NO_FILENAME 111
|
|
||||||
# define DSO_R_NO_FILE_SPECIFICATION 116
|
|
||||||
# define DSO_R_NULL_HANDLE 104
|
|
||||||
# define DSO_R_SET_FILENAME_FAILED 112
|
|
||||||
# define DSO_R_STACK_ERROR 105
|
|
||||||
# define DSO_R_SYM_FAILURE 106
|
|
||||||
# define DSO_R_UNLOAD_FAILED 107
|
|
||||||
# define DSO_R_UNSUPPORTED 108
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#endif
|
|
|
@ -1,26 +0,0 @@
|
||||||
/* crypto/ebcdic.h */
|
|
||||||
|
|
||||||
#ifndef HEADER_EBCDIC_H
|
|
||||||
# define HEADER_EBCDIC_H
|
|
||||||
|
|
||||||
# include <sys/types.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* Avoid name clashes with other applications */
|
|
||||||
# define os_toascii _openssl_os_toascii
|
|
||||||
# define os_toebcdic _openssl_os_toebcdic
|
|
||||||
# define ebcdic2ascii _openssl_ebcdic2ascii
|
|
||||||
# define ascii2ebcdic _openssl_ascii2ebcdic
|
|
||||||
|
|
||||||
extern const unsigned char os_toascii[256];
|
|
||||||
extern const unsigned char os_toebcdic[256];
|
|
||||||
void *ebcdic2ascii(void *dest, const void *srce, size_t count);
|
|
||||||
void *ascii2ebcdic(void *dest, const void *srce, size_t count);
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#endif
|
|
|
@ -1,960 +0,0 @@
|
||||||
/* openssl/engine.h */
|
|
||||||
/*
|
|
||||||
* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
|
|
||||||
* 2000.
|
|
||||||
*/
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
*
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
*
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in
|
|
||||||
* the documentation and/or other materials provided with the
|
|
||||||
* distribution.
|
|
||||||
*
|
|
||||||
* 3. All advertising materials mentioning features or use of this
|
|
||||||
* software must display the following acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
|
||||||
*
|
|
||||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* prior written permission. For written permission, please contact
|
|
||||||
* licensing@OpenSSL.org.
|
|
||||||
*
|
|
||||||
* 5. Products derived from this software may not be called "OpenSSL"
|
|
||||||
* nor may "OpenSSL" appear in their names without prior written
|
|
||||||
* permission of the OpenSSL Project.
|
|
||||||
*
|
|
||||||
* 6. Redistributions of any form whatsoever must retain the following
|
|
||||||
* acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
||||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
||||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
||||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
||||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
||||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
||||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
||||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
||||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
* ====================================================================
|
|
||||||
*
|
|
||||||
* This product includes cryptographic software written by Eric Young
|
|
||||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
|
||||||
* Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
|
|
||||||
* ECDH support in OpenSSL originally developed by
|
|
||||||
* SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_ENGINE_H
|
|
||||||
# define HEADER_ENGINE_H
|
|
||||||
|
|
||||||
# include <openssl/opensslconf.h>
|
|
||||||
|
|
||||||
# ifdef OPENSSL_NO_ENGINE
|
|
||||||
# error ENGINE is disabled.
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# ifndef OPENSSL_NO_DEPRECATED
|
|
||||||
# include <openssl/bn.h>
|
|
||||||
# ifndef OPENSSL_NO_RSA
|
|
||||||
# include <openssl/rsa.h>
|
|
||||||
# endif
|
|
||||||
# ifndef OPENSSL_NO_DSA
|
|
||||||
# include <openssl/dsa.h>
|
|
||||||
# endif
|
|
||||||
# ifndef OPENSSL_NO_DH
|
|
||||||
# include <openssl/dh.h>
|
|
||||||
# endif
|
|
||||||
# ifndef OPENSSL_NO_ECDH
|
|
||||||
# include <openssl/ecdh.h>
|
|
||||||
# endif
|
|
||||||
# ifndef OPENSSL_NO_ECDSA
|
|
||||||
# include <openssl/ecdsa.h>
|
|
||||||
# endif
|
|
||||||
# include <openssl/rand.h>
|
|
||||||
# include <openssl/ui.h>
|
|
||||||
# include <openssl/err.h>
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# include <openssl/ossl_typ.h>
|
|
||||||
# include <openssl/symhacks.h>
|
|
||||||
|
|
||||||
# include <openssl/x509.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/*
|
|
||||||
* These flags are used to control combinations of algorithm (methods) by
|
|
||||||
* bitwise "OR"ing.
|
|
||||||
*/
|
|
||||||
# define ENGINE_METHOD_RSA (unsigned int)0x0001
|
|
||||||
# define ENGINE_METHOD_DSA (unsigned int)0x0002
|
|
||||||
# define ENGINE_METHOD_DH (unsigned int)0x0004
|
|
||||||
# define ENGINE_METHOD_RAND (unsigned int)0x0008
|
|
||||||
# define ENGINE_METHOD_ECDH (unsigned int)0x0010
|
|
||||||
# define ENGINE_METHOD_ECDSA (unsigned int)0x0020
|
|
||||||
# define ENGINE_METHOD_CIPHERS (unsigned int)0x0040
|
|
||||||
# define ENGINE_METHOD_DIGESTS (unsigned int)0x0080
|
|
||||||
# define ENGINE_METHOD_STORE (unsigned int)0x0100
|
|
||||||
# define ENGINE_METHOD_PKEY_METHS (unsigned int)0x0200
|
|
||||||
# define ENGINE_METHOD_PKEY_ASN1_METHS (unsigned int)0x0400
|
|
||||||
/* Obvious all-or-nothing cases. */
|
|
||||||
# define ENGINE_METHOD_ALL (unsigned int)0xFFFF
|
|
||||||
# define ENGINE_METHOD_NONE (unsigned int)0x0000
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This(ese) flag(s) controls behaviour of the ENGINE_TABLE mechanism used
|
|
||||||
* internally to control registration of ENGINE implementations, and can be
|
|
||||||
* set by ENGINE_set_table_flags(). The "NOINIT" flag prevents attempts to
|
|
||||||
* initialise registered ENGINEs if they are not already initialised.
|
|
||||||
*/
|
|
||||||
# define ENGINE_TABLE_FLAG_NOINIT (unsigned int)0x0001
|
|
||||||
|
|
||||||
/* ENGINE flags that can be set by ENGINE_set_flags(). */
|
|
||||||
/* Not used */
|
|
||||||
/* #define ENGINE_FLAGS_MALLOCED 0x0001 */
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This flag is for ENGINEs that wish to handle the various 'CMD'-related
|
|
||||||
* control commands on their own. Without this flag, ENGINE_ctrl() handles
|
|
||||||
* these control commands on behalf of the ENGINE using their "cmd_defns"
|
|
||||||
* data.
|
|
||||||
*/
|
|
||||||
# define ENGINE_FLAGS_MANUAL_CMD_CTRL (int)0x0002
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This flag is for ENGINEs who return new duplicate structures when found
|
|
||||||
* via "ENGINE_by_id()". When an ENGINE must store state (eg. if
|
|
||||||
* ENGINE_ctrl() commands are called in sequence as part of some stateful
|
|
||||||
* process like key-generation setup and execution), it can set this flag -
|
|
||||||
* then each attempt to obtain the ENGINE will result in it being copied into
|
|
||||||
* a new structure. Normally, ENGINEs don't declare this flag so
|
|
||||||
* ENGINE_by_id() just increments the existing ENGINE's structural reference
|
|
||||||
* count.
|
|
||||||
*/
|
|
||||||
# define ENGINE_FLAGS_BY_ID_COPY (int)0x0004
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This flag if for an ENGINE that does not want its methods registered as
|
|
||||||
* part of ENGINE_register_all_complete() for example if the methods are not
|
|
||||||
* usable as default methods.
|
|
||||||
*/
|
|
||||||
|
|
||||||
# define ENGINE_FLAGS_NO_REGISTER_ALL (int)0x0008
|
|
||||||
|
|
||||||
/*
|
|
||||||
* ENGINEs can support their own command types, and these flags are used in
|
|
||||||
* ENGINE_CTRL_GET_CMD_FLAGS to indicate to the caller what kind of input
|
|
||||||
* each command expects. Currently only numeric and string input is
|
|
||||||
* supported. If a control command supports none of the _NUMERIC, _STRING, or
|
|
||||||
* _NO_INPUT options, then it is regarded as an "internal" control command -
|
|
||||||
* and not for use in config setting situations. As such, they're not
|
|
||||||
* available to the ENGINE_ctrl_cmd_string() function, only raw ENGINE_ctrl()
|
|
||||||
* access. Changes to this list of 'command types' should be reflected
|
|
||||||
* carefully in ENGINE_cmd_is_executable() and ENGINE_ctrl_cmd_string().
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* accepts a 'long' input value (3rd parameter to ENGINE_ctrl) */
|
|
||||||
# define ENGINE_CMD_FLAG_NUMERIC (unsigned int)0x0001
|
|
||||||
/*
|
|
||||||
* accepts string input (cast from 'void*' to 'const char *', 4th parameter
|
|
||||||
* to ENGINE_ctrl)
|
|
||||||
*/
|
|
||||||
# define ENGINE_CMD_FLAG_STRING (unsigned int)0x0002
|
|
||||||
/*
|
|
||||||
* Indicates that the control command takes *no* input. Ie. the control
|
|
||||||
* command is unparameterised.
|
|
||||||
*/
|
|
||||||
# define ENGINE_CMD_FLAG_NO_INPUT (unsigned int)0x0004
|
|
||||||
/*
|
|
||||||
* Indicates that the control command is internal. This control command won't
|
|
||||||
* be shown in any output, and is only usable through the ENGINE_ctrl_cmd()
|
|
||||||
* function.
|
|
||||||
*/
|
|
||||||
# define ENGINE_CMD_FLAG_INTERNAL (unsigned int)0x0008
|
|
||||||
|
|
||||||
/*
|
|
||||||
* NB: These 3 control commands are deprecated and should not be used.
|
|
||||||
* ENGINEs relying on these commands should compile conditional support for
|
|
||||||
* compatibility (eg. if these symbols are defined) but should also migrate
|
|
||||||
* the same functionality to their own ENGINE-specific control functions that
|
|
||||||
* can be "discovered" by calling applications. The fact these control
|
|
||||||
* commands wouldn't be "executable" (ie. usable by text-based config)
|
|
||||||
* doesn't change the fact that application code can find and use them
|
|
||||||
* without requiring per-ENGINE hacking.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/*
|
|
||||||
* These flags are used to tell the ctrl function what should be done. All
|
|
||||||
* command numbers are shared between all engines, even if some don't make
|
|
||||||
* sense to some engines. In such a case, they do nothing but return the
|
|
||||||
* error ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED.
|
|
||||||
*/
|
|
||||||
# define ENGINE_CTRL_SET_LOGSTREAM 1
|
|
||||||
# define ENGINE_CTRL_SET_PASSWORD_CALLBACK 2
|
|
||||||
# define ENGINE_CTRL_HUP 3/* Close and reinitialise
|
|
||||||
* any handles/connections
|
|
||||||
* etc. */
|
|
||||||
# define ENGINE_CTRL_SET_USER_INTERFACE 4/* Alternative to callback */
|
|
||||||
# define ENGINE_CTRL_SET_CALLBACK_DATA 5/* User-specific data, used
|
|
||||||
* when calling the password
|
|
||||||
* callback and the user
|
|
||||||
* interface */
|
|
||||||
# define ENGINE_CTRL_LOAD_CONFIGURATION 6/* Load a configuration,
|
|
||||||
* given a string that
|
|
||||||
* represents a file name
|
|
||||||
* or so */
|
|
||||||
# define ENGINE_CTRL_LOAD_SECTION 7/* Load data from a given
|
|
||||||
* section in the already
|
|
||||||
* loaded configuration */
|
|
||||||
|
|
||||||
/*
|
|
||||||
* These control commands allow an application to deal with an arbitrary
|
|
||||||
* engine in a dynamic way. Warn: Negative return values indicate errors FOR
|
|
||||||
* THESE COMMANDS because zero is used to indicate 'end-of-list'. Other
|
|
||||||
* commands, including ENGINE-specific command types, return zero for an
|
|
||||||
* error. An ENGINE can choose to implement these ctrl functions, and can
|
|
||||||
* internally manage things however it chooses - it does so by setting the
|
|
||||||
* ENGINE_FLAGS_MANUAL_CMD_CTRL flag (using ENGINE_set_flags()). Otherwise
|
|
||||||
* the ENGINE_ctrl() code handles this on the ENGINE's behalf using the
|
|
||||||
* cmd_defns data (set using ENGINE_set_cmd_defns()). This means an ENGINE's
|
|
||||||
* ctrl() handler need only implement its own commands - the above "meta"
|
|
||||||
* commands will be taken care of.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Returns non-zero if the supplied ENGINE has a ctrl() handler. If "not",
|
|
||||||
* then all the remaining control commands will return failure, so it is
|
|
||||||
* worth checking this first if the caller is trying to "discover" the
|
|
||||||
* engine's capabilities and doesn't want errors generated unnecessarily.
|
|
||||||
*/
|
|
||||||
# define ENGINE_CTRL_HAS_CTRL_FUNCTION 10
|
|
||||||
/*
|
|
||||||
* Returns a positive command number for the first command supported by the
|
|
||||||
* engine. Returns zero if no ctrl commands are supported.
|
|
||||||
*/
|
|
||||||
# define ENGINE_CTRL_GET_FIRST_CMD_TYPE 11
|
|
||||||
/*
|
|
||||||
* The 'long' argument specifies a command implemented by the engine, and the
|
|
||||||
* return value is the next command supported, or zero if there are no more.
|
|
||||||
*/
|
|
||||||
# define ENGINE_CTRL_GET_NEXT_CMD_TYPE 12
|
|
||||||
/*
|
|
||||||
* The 'void*' argument is a command name (cast from 'const char *'), and the
|
|
||||||
* return value is the command that corresponds to it.
|
|
||||||
*/
|
|
||||||
# define ENGINE_CTRL_GET_CMD_FROM_NAME 13
|
|
||||||
/*
|
|
||||||
* The next two allow a command to be converted into its corresponding string
|
|
||||||
* form. In each case, the 'long' argument supplies the command. In the
|
|
||||||
* NAME_LEN case, the return value is the length of the command name (not
|
|
||||||
* counting a trailing EOL). In the NAME case, the 'void*' argument must be a
|
|
||||||
* string buffer large enough, and it will be populated with the name of the
|
|
||||||
* command (WITH a trailing EOL).
|
|
||||||
*/
|
|
||||||
# define ENGINE_CTRL_GET_NAME_LEN_FROM_CMD 14
|
|
||||||
# define ENGINE_CTRL_GET_NAME_FROM_CMD 15
|
|
||||||
/* The next two are similar but give a "short description" of a command. */
|
|
||||||
# define ENGINE_CTRL_GET_DESC_LEN_FROM_CMD 16
|
|
||||||
# define ENGINE_CTRL_GET_DESC_FROM_CMD 17
|
|
||||||
/*
|
|
||||||
* With this command, the return value is the OR'd combination of
|
|
||||||
* ENGINE_CMD_FLAG_*** values that indicate what kind of input a given
|
|
||||||
* engine-specific ctrl command expects.
|
|
||||||
*/
|
|
||||||
# define ENGINE_CTRL_GET_CMD_FLAGS 18
|
|
||||||
|
|
||||||
/*
|
|
||||||
* ENGINE implementations should start the numbering of their own control
|
|
||||||
* commands from this value. (ie. ENGINE_CMD_BASE, ENGINE_CMD_BASE + 1, etc).
|
|
||||||
*/
|
|
||||||
# define ENGINE_CMD_BASE 200
|
|
||||||
|
|
||||||
/*
|
|
||||||
* NB: These 2 nCipher "chil" control commands are deprecated, and their
|
|
||||||
* functionality is now available through ENGINE-specific control commands
|
|
||||||
* (exposed through the above-mentioned 'CMD'-handling). Code using these 2
|
|
||||||
* commands should be migrated to the more general command handling before
|
|
||||||
* these are removed.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* Flags specific to the nCipher "chil" engine */
|
|
||||||
# define ENGINE_CTRL_CHIL_SET_FORKCHECK 100
|
|
||||||
/*
|
|
||||||
* Depending on the value of the (long)i argument, this sets or
|
|
||||||
* unsets the SimpleForkCheck flag in the CHIL API to enable or
|
|
||||||
* disable checking and workarounds for applications that fork().
|
|
||||||
*/
|
|
||||||
# define ENGINE_CTRL_CHIL_NO_LOCKING 101
|
|
||||||
/*
|
|
||||||
* This prevents the initialisation function from providing mutex
|
|
||||||
* callbacks to the nCipher library.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/*
|
|
||||||
* If an ENGINE supports its own specific control commands and wishes the
|
|
||||||
* framework to handle the above 'ENGINE_CMD_***'-manipulation commands on
|
|
||||||
* its behalf, it should supply a null-terminated array of ENGINE_CMD_DEFN
|
|
||||||
* entries to ENGINE_set_cmd_defns(). It should also implement a ctrl()
|
|
||||||
* handler that supports the stated commands (ie. the "cmd_num" entries as
|
|
||||||
* described by the array). NB: The array must be ordered in increasing order
|
|
||||||
* of cmd_num. "null-terminated" means that the last ENGINE_CMD_DEFN element
|
|
||||||
* has cmd_num set to zero and/or cmd_name set to NULL.
|
|
||||||
*/
|
|
||||||
typedef struct ENGINE_CMD_DEFN_st {
|
|
||||||
unsigned int cmd_num; /* The command number */
|
|
||||||
const char *cmd_name; /* The command name itself */
|
|
||||||
const char *cmd_desc; /* A short description of the command */
|
|
||||||
unsigned int cmd_flags; /* The input the command expects */
|
|
||||||
} ENGINE_CMD_DEFN;
|
|
||||||
|
|
||||||
/* Generic function pointer */
|
|
||||||
typedef int (*ENGINE_GEN_FUNC_PTR) (void);
|
|
||||||
/* Generic function pointer taking no arguments */
|
|
||||||
typedef int (*ENGINE_GEN_INT_FUNC_PTR) (ENGINE *);
|
|
||||||
/* Specific control function pointer */
|
|
||||||
typedef int (*ENGINE_CTRL_FUNC_PTR) (ENGINE *, int, long, void *,
|
|
||||||
void (*f) (void));
|
|
||||||
/* Generic load_key function pointer */
|
|
||||||
typedef EVP_PKEY *(*ENGINE_LOAD_KEY_PTR)(ENGINE *, const char *,
|
|
||||||
UI_METHOD *ui_method,
|
|
||||||
void *callback_data);
|
|
||||||
typedef int (*ENGINE_SSL_CLIENT_CERT_PTR) (ENGINE *, SSL *ssl,
|
|
||||||
STACK_OF(X509_NAME) *ca_dn,
|
|
||||||
X509 **pcert, EVP_PKEY **pkey,
|
|
||||||
STACK_OF(X509) **pother,
|
|
||||||
UI_METHOD *ui_method,
|
|
||||||
void *callback_data);
|
|
||||||
/*-
|
|
||||||
* These callback types are for an ENGINE's handler for cipher and digest logic.
|
|
||||||
* These handlers have these prototypes;
|
|
||||||
* int foo(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid);
|
|
||||||
* int foo(ENGINE *e, const EVP_MD **digest, const int **nids, int nid);
|
|
||||||
* Looking at how to implement these handlers in the case of cipher support, if
|
|
||||||
* the framework wants the EVP_CIPHER for 'nid', it will call;
|
|
||||||
* foo(e, &p_evp_cipher, NULL, nid); (return zero for failure)
|
|
||||||
* If the framework wants a list of supported 'nid's, it will call;
|
|
||||||
* foo(e, NULL, &p_nids, 0); (returns number of 'nids' or -1 for error)
|
|
||||||
*/
|
|
||||||
/*
|
|
||||||
* Returns to a pointer to the array of supported cipher 'nid's. If the
|
|
||||||
* second parameter is non-NULL it is set to the size of the returned array.
|
|
||||||
*/
|
|
||||||
typedef int (*ENGINE_CIPHERS_PTR) (ENGINE *, const EVP_CIPHER **,
|
|
||||||
const int **, int);
|
|
||||||
typedef int (*ENGINE_DIGESTS_PTR) (ENGINE *, const EVP_MD **, const int **,
|
|
||||||
int);
|
|
||||||
typedef int (*ENGINE_PKEY_METHS_PTR) (ENGINE *, EVP_PKEY_METHOD **,
|
|
||||||
const int **, int);
|
|
||||||
typedef int (*ENGINE_PKEY_ASN1_METHS_PTR) (ENGINE *, EVP_PKEY_ASN1_METHOD **,
|
|
||||||
const int **, int);
|
|
||||||
/*
|
|
||||||
* STRUCTURE functions ... all of these functions deal with pointers to
|
|
||||||
* ENGINE structures where the pointers have a "structural reference". This
|
|
||||||
* means that their reference is to allowed access to the structure but it
|
|
||||||
* does not imply that the structure is functional. To simply increment or
|
|
||||||
* decrement the structural reference count, use ENGINE_by_id and
|
|
||||||
* ENGINE_free. NB: This is not required when iterating using ENGINE_get_next
|
|
||||||
* as it will automatically decrement the structural reference count of the
|
|
||||||
* "current" ENGINE and increment the structural reference count of the
|
|
||||||
* ENGINE it returns (unless it is NULL).
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* Get the first/last "ENGINE" type available. */
|
|
||||||
ENGINE *ENGINE_get_first(void);
|
|
||||||
ENGINE *ENGINE_get_last(void);
|
|
||||||
/* Iterate to the next/previous "ENGINE" type (NULL = end of the list). */
|
|
||||||
ENGINE *ENGINE_get_next(ENGINE *e);
|
|
||||||
ENGINE *ENGINE_get_prev(ENGINE *e);
|
|
||||||
/* Add another "ENGINE" type into the array. */
|
|
||||||
int ENGINE_add(ENGINE *e);
|
|
||||||
/* Remove an existing "ENGINE" type from the array. */
|
|
||||||
int ENGINE_remove(ENGINE *e);
|
|
||||||
/* Retrieve an engine from the list by its unique "id" value. */
|
|
||||||
ENGINE *ENGINE_by_id(const char *id);
|
|
||||||
/* Add all the built-in engines. */
|
|
||||||
void ENGINE_load_openssl(void);
|
|
||||||
void ENGINE_load_dynamic(void);
|
|
||||||
# ifndef OPENSSL_NO_STATIC_ENGINE
|
|
||||||
void ENGINE_load_4758cca(void);
|
|
||||||
void ENGINE_load_aep(void);
|
|
||||||
void ENGINE_load_atalla(void);
|
|
||||||
void ENGINE_load_chil(void);
|
|
||||||
void ENGINE_load_cswift(void);
|
|
||||||
void ENGINE_load_nuron(void);
|
|
||||||
void ENGINE_load_sureware(void);
|
|
||||||
void ENGINE_load_ubsec(void);
|
|
||||||
void ENGINE_load_padlock(void);
|
|
||||||
void ENGINE_load_capi(void);
|
|
||||||
# ifndef OPENSSL_NO_GMP
|
|
||||||
void ENGINE_load_gmp(void);
|
|
||||||
# endif
|
|
||||||
# ifndef OPENSSL_NO_GOST
|
|
||||||
void ENGINE_load_gost(void);
|
|
||||||
# endif
|
|
||||||
# endif
|
|
||||||
void ENGINE_load_cryptodev(void);
|
|
||||||
void ENGINE_load_rdrand(void);
|
|
||||||
void ENGINE_load_builtin_engines(void);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation
|
|
||||||
* "registry" handling.
|
|
||||||
*/
|
|
||||||
unsigned int ENGINE_get_table_flags(void);
|
|
||||||
void ENGINE_set_table_flags(unsigned int flags);
|
|
||||||
|
|
||||||
/*- Manage registration of ENGINEs per "table". For each type, there are 3
|
|
||||||
* functions;
|
|
||||||
* ENGINE_register_***(e) - registers the implementation from 'e' (if it has one)
|
|
||||||
* ENGINE_unregister_***(e) - unregister the implementation from 'e'
|
|
||||||
* ENGINE_register_all_***() - call ENGINE_register_***() for each 'e' in the list
|
|
||||||
* Cleanup is automatically registered from each table when required, so
|
|
||||||
* ENGINE_cleanup() will reverse any "register" operations.
|
|
||||||
*/
|
|
||||||
|
|
||||||
int ENGINE_register_RSA(ENGINE *e);
|
|
||||||
void ENGINE_unregister_RSA(ENGINE *e);
|
|
||||||
void ENGINE_register_all_RSA(void);
|
|
||||||
|
|
||||||
int ENGINE_register_DSA(ENGINE *e);
|
|
||||||
void ENGINE_unregister_DSA(ENGINE *e);
|
|
||||||
void ENGINE_register_all_DSA(void);
|
|
||||||
|
|
||||||
int ENGINE_register_ECDH(ENGINE *e);
|
|
||||||
void ENGINE_unregister_ECDH(ENGINE *e);
|
|
||||||
void ENGINE_register_all_ECDH(void);
|
|
||||||
|
|
||||||
int ENGINE_register_ECDSA(ENGINE *e);
|
|
||||||
void ENGINE_unregister_ECDSA(ENGINE *e);
|
|
||||||
void ENGINE_register_all_ECDSA(void);
|
|
||||||
|
|
||||||
int ENGINE_register_DH(ENGINE *e);
|
|
||||||
void ENGINE_unregister_DH(ENGINE *e);
|
|
||||||
void ENGINE_register_all_DH(void);
|
|
||||||
|
|
||||||
int ENGINE_register_RAND(ENGINE *e);
|
|
||||||
void ENGINE_unregister_RAND(ENGINE *e);
|
|
||||||
void ENGINE_register_all_RAND(void);
|
|
||||||
|
|
||||||
int ENGINE_register_STORE(ENGINE *e);
|
|
||||||
void ENGINE_unregister_STORE(ENGINE *e);
|
|
||||||
void ENGINE_register_all_STORE(void);
|
|
||||||
|
|
||||||
int ENGINE_register_ciphers(ENGINE *e);
|
|
||||||
void ENGINE_unregister_ciphers(ENGINE *e);
|
|
||||||
void ENGINE_register_all_ciphers(void);
|
|
||||||
|
|
||||||
int ENGINE_register_digests(ENGINE *e);
|
|
||||||
void ENGINE_unregister_digests(ENGINE *e);
|
|
||||||
void ENGINE_register_all_digests(void);
|
|
||||||
|
|
||||||
int ENGINE_register_pkey_meths(ENGINE *e);
|
|
||||||
void ENGINE_unregister_pkey_meths(ENGINE *e);
|
|
||||||
void ENGINE_register_all_pkey_meths(void);
|
|
||||||
|
|
||||||
int ENGINE_register_pkey_asn1_meths(ENGINE *e);
|
|
||||||
void ENGINE_unregister_pkey_asn1_meths(ENGINE *e);
|
|
||||||
void ENGINE_register_all_pkey_asn1_meths(void);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* These functions register all support from the above categories. Note, use
|
|
||||||
* of these functions can result in static linkage of code your application
|
|
||||||
* may not need. If you only need a subset of functionality, consider using
|
|
||||||
* more selective initialisation.
|
|
||||||
*/
|
|
||||||
int ENGINE_register_complete(ENGINE *e);
|
|
||||||
int ENGINE_register_all_complete(void);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Send parametrised control commands to the engine. The possibilities to
|
|
||||||
* send down an integer, a pointer to data or a function pointer are
|
|
||||||
* provided. Any of the parameters may or may not be NULL, depending on the
|
|
||||||
* command number. In actuality, this function only requires a structural
|
|
||||||
* (rather than functional) reference to an engine, but many control commands
|
|
||||||
* may require the engine be functional. The caller should be aware of trying
|
|
||||||
* commands that require an operational ENGINE, and only use functional
|
|
||||||
* references in such situations.
|
|
||||||
*/
|
|
||||||
int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This function tests if an ENGINE-specific command is usable as a
|
|
||||||
* "setting". Eg. in an application's config file that gets processed through
|
|
||||||
* ENGINE_ctrl_cmd_string(). If this returns zero, it is not available to
|
|
||||||
* ENGINE_ctrl_cmd_string(), only ENGINE_ctrl().
|
|
||||||
*/
|
|
||||||
int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This function works like ENGINE_ctrl() with the exception of taking a
|
|
||||||
* command name instead of a command number, and can handle optional
|
|
||||||
* commands. See the comment on ENGINE_ctrl_cmd_string() for an explanation
|
|
||||||
* on how to use the cmd_name and cmd_optional.
|
|
||||||
*/
|
|
||||||
int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
|
|
||||||
long i, void *p, void (*f) (void), int cmd_optional);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This function passes a command-name and argument to an ENGINE. The
|
|
||||||
* cmd_name is converted to a command number and the control command is
|
|
||||||
* called using 'arg' as an argument (unless the ENGINE doesn't support such
|
|
||||||
* a command, in which case no control command is called). The command is
|
|
||||||
* checked for input flags, and if necessary the argument will be converted
|
|
||||||
* to a numeric value. If cmd_optional is non-zero, then if the ENGINE
|
|
||||||
* doesn't support the given cmd_name the return value will be success
|
|
||||||
* anyway. This function is intended for applications to use so that users
|
|
||||||
* (or config files) can supply engine-specific config data to the ENGINE at
|
|
||||||
* run-time to control behaviour of specific engines. As such, it shouldn't
|
|
||||||
* be used for calling ENGINE_ctrl() functions that return data, deal with
|
|
||||||
* binary data, or that are otherwise supposed to be used directly through
|
|
||||||
* ENGINE_ctrl() in application code. Any "return" data from an ENGINE_ctrl()
|
|
||||||
* operation in this function will be lost - the return value is interpreted
|
|
||||||
* as failure if the return value is zero, success otherwise, and this
|
|
||||||
* function returns a boolean value as a result. In other words, vendors of
|
|
||||||
* 'ENGINE'-enabled devices should write ENGINE implementations with
|
|
||||||
* parameterisations that work in this scheme, so that compliant ENGINE-based
|
|
||||||
* applications can work consistently with the same configuration for the
|
|
||||||
* same ENGINE-enabled devices, across applications.
|
|
||||||
*/
|
|
||||||
int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
|
|
||||||
int cmd_optional);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* These functions are useful for manufacturing new ENGINE structures. They
|
|
||||||
* don't address reference counting at all - one uses them to populate an
|
|
||||||
* ENGINE structure with personalised implementations of things prior to
|
|
||||||
* using it directly or adding it to the builtin ENGINE list in OpenSSL.
|
|
||||||
* These are also here so that the ENGINE structure doesn't have to be
|
|
||||||
* exposed and break binary compatibility!
|
|
||||||
*/
|
|
||||||
ENGINE *ENGINE_new(void);
|
|
||||||
int ENGINE_free(ENGINE *e);
|
|
||||||
int ENGINE_up_ref(ENGINE *e);
|
|
||||||
int ENGINE_set_id(ENGINE *e, const char *id);
|
|
||||||
int ENGINE_set_name(ENGINE *e, const char *name);
|
|
||||||
int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
|
|
||||||
int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
|
|
||||||
int ENGINE_set_ECDH(ENGINE *e, const ECDH_METHOD *ecdh_meth);
|
|
||||||
int ENGINE_set_ECDSA(ENGINE *e, const ECDSA_METHOD *ecdsa_meth);
|
|
||||||
int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
|
|
||||||
int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
|
|
||||||
int ENGINE_set_STORE(ENGINE *e, const STORE_METHOD *store_meth);
|
|
||||||
int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
|
|
||||||
int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
|
|
||||||
int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
|
|
||||||
int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
|
|
||||||
int ENGINE_set_load_privkey_function(ENGINE *e,
|
|
||||||
ENGINE_LOAD_KEY_PTR loadpriv_f);
|
|
||||||
int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
|
|
||||||
int ENGINE_set_load_ssl_client_cert_function(ENGINE *e,
|
|
||||||
ENGINE_SSL_CLIENT_CERT_PTR
|
|
||||||
loadssl_f);
|
|
||||||
int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
|
|
||||||
int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
|
|
||||||
int ENGINE_set_pkey_meths(ENGINE *e, ENGINE_PKEY_METHS_PTR f);
|
|
||||||
int ENGINE_set_pkey_asn1_meths(ENGINE *e, ENGINE_PKEY_ASN1_METHS_PTR f);
|
|
||||||
int ENGINE_set_flags(ENGINE *e, int flags);
|
|
||||||
int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
|
|
||||||
/* These functions allow control over any per-structure ENGINE data. */
|
|
||||||
int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
|
|
||||||
CRYPTO_EX_dup *dup_func,
|
|
||||||
CRYPTO_EX_free *free_func);
|
|
||||||
int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg);
|
|
||||||
void *ENGINE_get_ex_data(const ENGINE *e, int idx);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This function cleans up anything that needs it. Eg. the ENGINE_add()
|
|
||||||
* function automatically ensures the list cleanup function is registered to
|
|
||||||
* be called from ENGINE_cleanup(). Similarly, all ENGINE_register_***
|
|
||||||
* functions ensure ENGINE_cleanup() will clean up after them.
|
|
||||||
*/
|
|
||||||
void ENGINE_cleanup(void);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* These return values from within the ENGINE structure. These can be useful
|
|
||||||
* with functional references as well as structural references - it depends
|
|
||||||
* which you obtained. Using the result for functional purposes if you only
|
|
||||||
* obtained a structural reference may be problematic!
|
|
||||||
*/
|
|
||||||
const char *ENGINE_get_id(const ENGINE *e);
|
|
||||||
const char *ENGINE_get_name(const ENGINE *e);
|
|
||||||
const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
|
|
||||||
const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
|
|
||||||
const ECDH_METHOD *ENGINE_get_ECDH(const ENGINE *e);
|
|
||||||
const ECDSA_METHOD *ENGINE_get_ECDSA(const ENGINE *e);
|
|
||||||
const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
|
|
||||||
const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
|
|
||||||
const STORE_METHOD *ENGINE_get_STORE(const ENGINE *e);
|
|
||||||
ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
|
|
||||||
ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
|
|
||||||
ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
|
|
||||||
ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
|
|
||||||
ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
|
|
||||||
ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
|
|
||||||
ENGINE_SSL_CLIENT_CERT_PTR ENGINE_get_ssl_client_cert_function(const ENGINE
|
|
||||||
*e);
|
|
||||||
ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
|
|
||||||
ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
|
|
||||||
ENGINE_PKEY_METHS_PTR ENGINE_get_pkey_meths(const ENGINE *e);
|
|
||||||
ENGINE_PKEY_ASN1_METHS_PTR ENGINE_get_pkey_asn1_meths(const ENGINE *e);
|
|
||||||
const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
|
|
||||||
const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
|
|
||||||
const EVP_PKEY_METHOD *ENGINE_get_pkey_meth(ENGINE *e, int nid);
|
|
||||||
const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth(ENGINE *e, int nid);
|
|
||||||
const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth_str(ENGINE *e,
|
|
||||||
const char *str,
|
|
||||||
int len);
|
|
||||||
const EVP_PKEY_ASN1_METHOD *ENGINE_pkey_asn1_find_str(ENGINE **pe,
|
|
||||||
const char *str,
|
|
||||||
int len);
|
|
||||||
const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
|
|
||||||
int ENGINE_get_flags(const ENGINE *e);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* FUNCTIONAL functions. These functions deal with ENGINE structures that
|
|
||||||
* have (or will) be initialised for use. Broadly speaking, the structural
|
|
||||||
* functions are useful for iterating the list of available engine types,
|
|
||||||
* creating new engine types, and other "list" operations. These functions
|
|
||||||
* actually deal with ENGINEs that are to be used. As such these functions
|
|
||||||
* can fail (if applicable) when particular engines are unavailable - eg. if
|
|
||||||
* a hardware accelerator is not attached or not functioning correctly. Each
|
|
||||||
* ENGINE has 2 reference counts; structural and functional. Every time a
|
|
||||||
* functional reference is obtained or released, a corresponding structural
|
|
||||||
* reference is automatically obtained or released too.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Initialise a engine type for use (or up its reference count if it's
|
|
||||||
* already in use). This will fail if the engine is not currently operational
|
|
||||||
* and cannot initialise.
|
|
||||||
*/
|
|
||||||
int ENGINE_init(ENGINE *e);
|
|
||||||
/*
|
|
||||||
* Free a functional reference to a engine type. This does not require a
|
|
||||||
* corresponding call to ENGINE_free as it also releases a structural
|
|
||||||
* reference.
|
|
||||||
*/
|
|
||||||
int ENGINE_finish(ENGINE *e);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* The following functions handle keys that are stored in some secondary
|
|
||||||
* location, handled by the engine. The storage may be on a card or
|
|
||||||
* whatever.
|
|
||||||
*/
|
|
||||||
EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
|
|
||||||
UI_METHOD *ui_method, void *callback_data);
|
|
||||||
EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
|
|
||||||
UI_METHOD *ui_method, void *callback_data);
|
|
||||||
int ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s,
|
|
||||||
STACK_OF(X509_NAME) *ca_dn, X509 **pcert,
|
|
||||||
EVP_PKEY **ppkey, STACK_OF(X509) **pother,
|
|
||||||
UI_METHOD *ui_method, void *callback_data);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This returns a pointer for the current ENGINE structure that is (by
|
|
||||||
* default) performing any RSA operations. The value returned is an
|
|
||||||
* incremented reference, so it should be free'd (ENGINE_finish) before it is
|
|
||||||
* discarded.
|
|
||||||
*/
|
|
||||||
ENGINE *ENGINE_get_default_RSA(void);
|
|
||||||
/* Same for the other "methods" */
|
|
||||||
ENGINE *ENGINE_get_default_DSA(void);
|
|
||||||
ENGINE *ENGINE_get_default_ECDH(void);
|
|
||||||
ENGINE *ENGINE_get_default_ECDSA(void);
|
|
||||||
ENGINE *ENGINE_get_default_DH(void);
|
|
||||||
ENGINE *ENGINE_get_default_RAND(void);
|
|
||||||
/*
|
|
||||||
* These functions can be used to get a functional reference to perform
|
|
||||||
* ciphering or digesting corresponding to "nid".
|
|
||||||
*/
|
|
||||||
ENGINE *ENGINE_get_cipher_engine(int nid);
|
|
||||||
ENGINE *ENGINE_get_digest_engine(int nid);
|
|
||||||
ENGINE *ENGINE_get_pkey_meth_engine(int nid);
|
|
||||||
ENGINE *ENGINE_get_pkey_asn1_meth_engine(int nid);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This sets a new default ENGINE structure for performing RSA operations. If
|
|
||||||
* the result is non-zero (success) then the ENGINE structure will have had
|
|
||||||
* its reference count up'd so the caller should still free their own
|
|
||||||
* reference 'e'.
|
|
||||||
*/
|
|
||||||
int ENGINE_set_default_RSA(ENGINE *e);
|
|
||||||
int ENGINE_set_default_string(ENGINE *e, const char *def_list);
|
|
||||||
/* Same for the other "methods" */
|
|
||||||
int ENGINE_set_default_DSA(ENGINE *e);
|
|
||||||
int ENGINE_set_default_ECDH(ENGINE *e);
|
|
||||||
int ENGINE_set_default_ECDSA(ENGINE *e);
|
|
||||||
int ENGINE_set_default_DH(ENGINE *e);
|
|
||||||
int ENGINE_set_default_RAND(ENGINE *e);
|
|
||||||
int ENGINE_set_default_ciphers(ENGINE *e);
|
|
||||||
int ENGINE_set_default_digests(ENGINE *e);
|
|
||||||
int ENGINE_set_default_pkey_meths(ENGINE *e);
|
|
||||||
int ENGINE_set_default_pkey_asn1_meths(ENGINE *e);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* The combination "set" - the flags are bitwise "OR"d from the
|
|
||||||
* ENGINE_METHOD_*** defines above. As with the "ENGINE_register_complete()"
|
|
||||||
* function, this function can result in unnecessary static linkage. If your
|
|
||||||
* application requires only specific functionality, consider using more
|
|
||||||
* selective functions.
|
|
||||||
*/
|
|
||||||
int ENGINE_set_default(ENGINE *e, unsigned int flags);
|
|
||||||
|
|
||||||
void ENGINE_add_conf_module(void);
|
|
||||||
|
|
||||||
/* Deprecated functions ... */
|
|
||||||
/* int ENGINE_clear_defaults(void); */
|
|
||||||
|
|
||||||
/**************************/
|
|
||||||
/* DYNAMIC ENGINE SUPPORT */
|
|
||||||
/**************************/
|
|
||||||
|
|
||||||
/* Binary/behaviour compatibility levels */
|
|
||||||
# define OSSL_DYNAMIC_VERSION (unsigned long)0x00020000
|
|
||||||
/*
|
|
||||||
* Binary versions older than this are too old for us (whether we're a loader
|
|
||||||
* or a loadee)
|
|
||||||
*/
|
|
||||||
# define OSSL_DYNAMIC_OLDEST (unsigned long)0x00020000
|
|
||||||
|
|
||||||
/*
|
|
||||||
* When compiling an ENGINE entirely as an external shared library, loadable
|
|
||||||
* by the "dynamic" ENGINE, these types are needed. The 'dynamic_fns'
|
|
||||||
* structure type provides the calling application's (or library's) error
|
|
||||||
* functionality and memory management function pointers to the loaded
|
|
||||||
* library. These should be used/set in the loaded library code so that the
|
|
||||||
* loading application's 'state' will be used/changed in all operations. The
|
|
||||||
* 'static_state' pointer allows the loaded library to know if it shares the
|
|
||||||
* same static data as the calling application (or library), and thus whether
|
|
||||||
* these callbacks need to be set or not.
|
|
||||||
*/
|
|
||||||
typedef void *(*dyn_MEM_malloc_cb) (size_t);
|
|
||||||
typedef void *(*dyn_MEM_realloc_cb) (void *, size_t);
|
|
||||||
typedef void (*dyn_MEM_free_cb) (void *);
|
|
||||||
typedef struct st_dynamic_MEM_fns {
|
|
||||||
dyn_MEM_malloc_cb malloc_cb;
|
|
||||||
dyn_MEM_realloc_cb realloc_cb;
|
|
||||||
dyn_MEM_free_cb free_cb;
|
|
||||||
} dynamic_MEM_fns;
|
|
||||||
/*
|
|
||||||
* FIXME: Perhaps the memory and locking code (crypto.h) should declare and
|
|
||||||
* use these types so we (and any other dependant code) can simplify a bit??
|
|
||||||
*/
|
|
||||||
typedef void (*dyn_lock_locking_cb) (int, int, const char *, int);
|
|
||||||
typedef int (*dyn_lock_add_lock_cb) (int *, int, int, const char *, int);
|
|
||||||
typedef struct CRYPTO_dynlock_value *(*dyn_dynlock_create_cb) (const char *,
|
|
||||||
int);
|
|
||||||
typedef void (*dyn_dynlock_lock_cb) (int, struct CRYPTO_dynlock_value *,
|
|
||||||
const char *, int);
|
|
||||||
typedef void (*dyn_dynlock_destroy_cb) (struct CRYPTO_dynlock_value *,
|
|
||||||
const char *, int);
|
|
||||||
typedef struct st_dynamic_LOCK_fns {
|
|
||||||
dyn_lock_locking_cb lock_locking_cb;
|
|
||||||
dyn_lock_add_lock_cb lock_add_lock_cb;
|
|
||||||
dyn_dynlock_create_cb dynlock_create_cb;
|
|
||||||
dyn_dynlock_lock_cb dynlock_lock_cb;
|
|
||||||
dyn_dynlock_destroy_cb dynlock_destroy_cb;
|
|
||||||
} dynamic_LOCK_fns;
|
|
||||||
/* The top-level structure */
|
|
||||||
typedef struct st_dynamic_fns {
|
|
||||||
void *static_state;
|
|
||||||
const ERR_FNS *err_fns;
|
|
||||||
const CRYPTO_EX_DATA_IMPL *ex_data_fns;
|
|
||||||
dynamic_MEM_fns mem_fns;
|
|
||||||
dynamic_LOCK_fns lock_fns;
|
|
||||||
} dynamic_fns;
|
|
||||||
|
|
||||||
/*
|
|
||||||
* The version checking function should be of this prototype. NB: The
|
|
||||||
* ossl_version value passed in is the OSSL_DYNAMIC_VERSION of the loading
|
|
||||||
* code. If this function returns zero, it indicates a (potential) version
|
|
||||||
* incompatibility and the loaded library doesn't believe it can proceed.
|
|
||||||
* Otherwise, the returned value is the (latest) version supported by the
|
|
||||||
* loading library. The loader may still decide that the loaded code's
|
|
||||||
* version is unsatisfactory and could veto the load. The function is
|
|
||||||
* expected to be implemented with the symbol name "v_check", and a default
|
|
||||||
* implementation can be fully instantiated with
|
|
||||||
* IMPLEMENT_DYNAMIC_CHECK_FN().
|
|
||||||
*/
|
|
||||||
typedef unsigned long (*dynamic_v_check_fn) (unsigned long ossl_version);
|
|
||||||
# define IMPLEMENT_DYNAMIC_CHECK_FN() \
|
|
||||||
OPENSSL_EXPORT unsigned long v_check(unsigned long v); \
|
|
||||||
OPENSSL_EXPORT unsigned long v_check(unsigned long v) { \
|
|
||||||
if(v >= OSSL_DYNAMIC_OLDEST) return OSSL_DYNAMIC_VERSION; \
|
|
||||||
return 0; }
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This function is passed the ENGINE structure to initialise with its own
|
|
||||||
* function and command settings. It should not adjust the structural or
|
|
||||||
* functional reference counts. If this function returns zero, (a) the load
|
|
||||||
* will be aborted, (b) the previous ENGINE state will be memcpy'd back onto
|
|
||||||
* the structure, and (c) the shared library will be unloaded. So
|
|
||||||
* implementations should do their own internal cleanup in failure
|
|
||||||
* circumstances otherwise they could leak. The 'id' parameter, if non-NULL,
|
|
||||||
* represents the ENGINE id that the loader is looking for. If this is NULL,
|
|
||||||
* the shared library can choose to return failure or to initialise a
|
|
||||||
* 'default' ENGINE. If non-NULL, the shared library must initialise only an
|
|
||||||
* ENGINE matching the passed 'id'. The function is expected to be
|
|
||||||
* implemented with the symbol name "bind_engine". A standard implementation
|
|
||||||
* can be instantiated with IMPLEMENT_DYNAMIC_BIND_FN(fn) where the parameter
|
|
||||||
* 'fn' is a callback function that populates the ENGINE structure and
|
|
||||||
* returns an int value (zero for failure). 'fn' should have prototype;
|
|
||||||
* [static] int fn(ENGINE *e, const char *id);
|
|
||||||
*/
|
|
||||||
typedef int (*dynamic_bind_engine) (ENGINE *e, const char *id,
|
|
||||||
const dynamic_fns *fns);
|
|
||||||
# define IMPLEMENT_DYNAMIC_BIND_FN(fn) \
|
|
||||||
OPENSSL_EXPORT \
|
|
||||||
int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns); \
|
|
||||||
OPENSSL_EXPORT \
|
|
||||||
int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \
|
|
||||||
if(ENGINE_get_static_state() == fns->static_state) goto skip_cbs; \
|
|
||||||
if(!CRYPTO_set_mem_functions(fns->mem_fns.malloc_cb, \
|
|
||||||
fns->mem_fns.realloc_cb, fns->mem_fns.free_cb)) \
|
|
||||||
return 0; \
|
|
||||||
CRYPTO_set_locking_callback(fns->lock_fns.lock_locking_cb); \
|
|
||||||
CRYPTO_set_add_lock_callback(fns->lock_fns.lock_add_lock_cb); \
|
|
||||||
CRYPTO_set_dynlock_create_callback(fns->lock_fns.dynlock_create_cb); \
|
|
||||||
CRYPTO_set_dynlock_lock_callback(fns->lock_fns.dynlock_lock_cb); \
|
|
||||||
CRYPTO_set_dynlock_destroy_callback(fns->lock_fns.dynlock_destroy_cb); \
|
|
||||||
if(!CRYPTO_set_ex_data_implementation(fns->ex_data_fns)) \
|
|
||||||
return 0; \
|
|
||||||
if(!ERR_set_implementation(fns->err_fns)) return 0; \
|
|
||||||
skip_cbs: \
|
|
||||||
if(!fn(e,id)) return 0; \
|
|
||||||
return 1; }
|
|
||||||
|
|
||||||
/*
|
|
||||||
* If the loading application (or library) and the loaded ENGINE library
|
|
||||||
* share the same static data (eg. they're both dynamically linked to the
|
|
||||||
* same libcrypto.so) we need a way to avoid trying to set system callbacks -
|
|
||||||
* this would fail, and for the same reason that it's unnecessary to try. If
|
|
||||||
* the loaded ENGINE has (or gets from through the loader) its own copy of
|
|
||||||
* the libcrypto static data, we will need to set the callbacks. The easiest
|
|
||||||
* way to detect this is to have a function that returns a pointer to some
|
|
||||||
* static data and let the loading application and loaded ENGINE compare
|
|
||||||
* their respective values.
|
|
||||||
*/
|
|
||||||
void *ENGINE_get_static_state(void);
|
|
||||||
|
|
||||||
# if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)
|
|
||||||
void ENGINE_setup_bsd_cryptodev(void);
|
|
||||||
# endif
|
|
||||||
|
|
||||||
/* BEGIN ERROR CODES */
|
|
||||||
/*
|
|
||||||
* The following lines are auto generated by the script mkerr.pl. Any changes
|
|
||||||
* made after this point may be overwritten when the script is next run.
|
|
||||||
*/
|
|
||||||
void ERR_load_ENGINE_strings(void);
|
|
||||||
|
|
||||||
/* Error codes for the ENGINE functions. */
|
|
||||||
|
|
||||||
/* Function codes. */
|
|
||||||
# define ENGINE_F_DYNAMIC_CTRL 180
|
|
||||||
# define ENGINE_F_DYNAMIC_GET_DATA_CTX 181
|
|
||||||
# define ENGINE_F_DYNAMIC_LOAD 182
|
|
||||||
# define ENGINE_F_DYNAMIC_SET_DATA_CTX 183
|
|
||||||
# define ENGINE_F_ENGINE_ADD 105
|
|
||||||
# define ENGINE_F_ENGINE_BY_ID 106
|
|
||||||
# define ENGINE_F_ENGINE_CMD_IS_EXECUTABLE 170
|
|
||||||
# define ENGINE_F_ENGINE_CTRL 142
|
|
||||||
# define ENGINE_F_ENGINE_CTRL_CMD 178
|
|
||||||
# define ENGINE_F_ENGINE_CTRL_CMD_STRING 171
|
|
||||||
# define ENGINE_F_ENGINE_FINISH 107
|
|
||||||
# define ENGINE_F_ENGINE_FREE_UTIL 108
|
|
||||||
# define ENGINE_F_ENGINE_GET_CIPHER 185
|
|
||||||
# define ENGINE_F_ENGINE_GET_DEFAULT_TYPE 177
|
|
||||||
# define ENGINE_F_ENGINE_GET_DIGEST 186
|
|
||||||
# define ENGINE_F_ENGINE_GET_NEXT 115
|
|
||||||
# define ENGINE_F_ENGINE_GET_PKEY_ASN1_METH 193
|
|
||||||
# define ENGINE_F_ENGINE_GET_PKEY_METH 192
|
|
||||||
# define ENGINE_F_ENGINE_GET_PREV 116
|
|
||||||
# define ENGINE_F_ENGINE_INIT 119
|
|
||||||
# define ENGINE_F_ENGINE_LIST_ADD 120
|
|
||||||
# define ENGINE_F_ENGINE_LIST_REMOVE 121
|
|
||||||
# define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY 150
|
|
||||||
# define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY 151
|
|
||||||
# define ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT 194
|
|
||||||
# define ENGINE_F_ENGINE_NEW 122
|
|
||||||
# define ENGINE_F_ENGINE_REMOVE 123
|
|
||||||
# define ENGINE_F_ENGINE_SET_DEFAULT_STRING 189
|
|
||||||
# define ENGINE_F_ENGINE_SET_DEFAULT_TYPE 126
|
|
||||||
# define ENGINE_F_ENGINE_SET_ID 129
|
|
||||||
# define ENGINE_F_ENGINE_SET_NAME 130
|
|
||||||
# define ENGINE_F_ENGINE_TABLE_REGISTER 184
|
|
||||||
# define ENGINE_F_ENGINE_UNLOAD_KEY 152
|
|
||||||
# define ENGINE_F_ENGINE_UNLOCKED_FINISH 191
|
|
||||||
# define ENGINE_F_ENGINE_UP_REF 190
|
|
||||||
# define ENGINE_F_INT_CTRL_HELPER 172
|
|
||||||
# define ENGINE_F_INT_ENGINE_CONFIGURE 188
|
|
||||||
# define ENGINE_F_INT_ENGINE_MODULE_INIT 187
|
|
||||||
# define ENGINE_F_LOG_MESSAGE 141
|
|
||||||
|
|
||||||
/* Reason codes. */
|
|
||||||
# define ENGINE_R_ALREADY_LOADED 100
|
|
||||||
# define ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER 133
|
|
||||||
# define ENGINE_R_CMD_NOT_EXECUTABLE 134
|
|
||||||
# define ENGINE_R_COMMAND_TAKES_INPUT 135
|
|
||||||
# define ENGINE_R_COMMAND_TAKES_NO_INPUT 136
|
|
||||||
# define ENGINE_R_CONFLICTING_ENGINE_ID 103
|
|
||||||
# define ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED 119
|
|
||||||
# define ENGINE_R_DH_NOT_IMPLEMENTED 139
|
|
||||||
# define ENGINE_R_DSA_NOT_IMPLEMENTED 140
|
|
||||||
# define ENGINE_R_DSO_FAILURE 104
|
|
||||||
# define ENGINE_R_DSO_NOT_FOUND 132
|
|
||||||
# define ENGINE_R_ENGINES_SECTION_ERROR 148
|
|
||||||
# define ENGINE_R_ENGINE_CONFIGURATION_ERROR 102
|
|
||||||
# define ENGINE_R_ENGINE_IS_NOT_IN_LIST 105
|
|
||||||
# define ENGINE_R_ENGINE_SECTION_ERROR 149
|
|
||||||
# define ENGINE_R_FAILED_LOADING_PRIVATE_KEY 128
|
|
||||||
# define ENGINE_R_FAILED_LOADING_PUBLIC_KEY 129
|
|
||||||
# define ENGINE_R_FINISH_FAILED 106
|
|
||||||
# define ENGINE_R_GET_HANDLE_FAILED 107
|
|
||||||
# define ENGINE_R_ID_OR_NAME_MISSING 108
|
|
||||||
# define ENGINE_R_INIT_FAILED 109
|
|
||||||
# define ENGINE_R_INTERNAL_LIST_ERROR 110
|
|
||||||
# define ENGINE_R_INVALID_ARGUMENT 143
|
|
||||||
# define ENGINE_R_INVALID_CMD_NAME 137
|
|
||||||
# define ENGINE_R_INVALID_CMD_NUMBER 138
|
|
||||||
# define ENGINE_R_INVALID_INIT_VALUE 151
|
|
||||||
# define ENGINE_R_INVALID_STRING 150
|
|
||||||
# define ENGINE_R_NOT_INITIALISED 117
|
|
||||||
# define ENGINE_R_NOT_LOADED 112
|
|
||||||
# define ENGINE_R_NO_CONTROL_FUNCTION 120
|
|
||||||
# define ENGINE_R_NO_INDEX 144
|
|
||||||
# define ENGINE_R_NO_LOAD_FUNCTION 125
|
|
||||||
# define ENGINE_R_NO_REFERENCE 130
|
|
||||||
# define ENGINE_R_NO_SUCH_ENGINE 116
|
|
||||||
# define ENGINE_R_NO_UNLOAD_FUNCTION 126
|
|
||||||
# define ENGINE_R_PROVIDE_PARAMETERS 113
|
|
||||||
# define ENGINE_R_RSA_NOT_IMPLEMENTED 141
|
|
||||||
# define ENGINE_R_UNIMPLEMENTED_CIPHER 146
|
|
||||||
# define ENGINE_R_UNIMPLEMENTED_DIGEST 147
|
|
||||||
# define ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD 101
|
|
||||||
# define ENGINE_R_VERSION_INCOMPATIBILITY 145
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#endif
|
|
|
@ -1,105 +0,0 @@
|
||||||
/* crypto/idea/idea.h */
|
|
||||||
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
|
|
||||||
* All rights reserved.
|
|
||||||
*
|
|
||||||
* This package is an SSL implementation written
|
|
||||||
* by Eric Young (eay@cryptsoft.com).
|
|
||||||
* The implementation was written so as to conform with Netscapes SSL.
|
|
||||||
*
|
|
||||||
* This library is free for commercial and non-commercial use as long as
|
|
||||||
* the following conditions are aheared to. The following conditions
|
|
||||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
||||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
||||||
* included with this distribution is covered by the same copyright terms
|
|
||||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
||||||
* the code are not to be removed.
|
|
||||||
* If this package is used in a product, Eric Young should be given attribution
|
|
||||||
* as the author of the parts of the library used.
|
|
||||||
* This can be in the form of a textual message at program startup or
|
|
||||||
* in documentation (online or textual) provided with the package.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. All advertising materials mentioning features or use of this software
|
|
||||||
* must display the following acknowledgement:
|
|
||||||
* "This product includes cryptographic software written by
|
|
||||||
* Eric Young (eay@cryptsoft.com)"
|
|
||||||
* The word 'cryptographic' can be left out if the rouines from the library
|
|
||||||
* being used are not cryptographic related :-).
|
|
||||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
||||||
* the apps directory (application code) you must include an acknowledgement:
|
|
||||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
||||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
||||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
||||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
* SUCH DAMAGE.
|
|
||||||
*
|
|
||||||
* The licence and distribution terms for any publically available version or
|
|
||||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
||||||
* copied and put under another distribution licence
|
|
||||||
* [including the GNU Public Licence.]
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_IDEA_H
|
|
||||||
# define HEADER_IDEA_H
|
|
||||||
|
|
||||||
# include <openssl/opensslconf.h>/* IDEA_INT, OPENSSL_NO_IDEA */
|
|
||||||
|
|
||||||
# ifdef OPENSSL_NO_IDEA
|
|
||||||
# error IDEA is disabled.
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# define IDEA_ENCRYPT 1
|
|
||||||
# define IDEA_DECRYPT 0
|
|
||||||
|
|
||||||
# define IDEA_BLOCK 8
|
|
||||||
# define IDEA_KEY_LENGTH 16
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
typedef struct idea_key_st {
|
|
||||||
IDEA_INT data[9][6];
|
|
||||||
} IDEA_KEY_SCHEDULE;
|
|
||||||
|
|
||||||
const char *idea_options(void);
|
|
||||||
void idea_ecb_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
IDEA_KEY_SCHEDULE *ks);
|
|
||||||
# ifdef OPENSSL_FIPS
|
|
||||||
void private_idea_set_encrypt_key(const unsigned char *key,
|
|
||||||
IDEA_KEY_SCHEDULE *ks);
|
|
||||||
# endif
|
|
||||||
void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks);
|
|
||||||
void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk);
|
|
||||||
void idea_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
|
|
||||||
int enc);
|
|
||||||
void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
|
|
||||||
int *num, int enc);
|
|
||||||
void idea_ofb64_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
|
|
||||||
int *num);
|
|
||||||
void idea_encrypt(unsigned long *in, IDEA_KEY_SCHEDULE *ks);
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif
|
|
|
@ -1,240 +0,0 @@
|
||||||
/* krb5_asn.h */
|
|
||||||
/*
|
|
||||||
* Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project, **
|
|
||||||
* using ocsp/{*.h,*asn*.c} as a starting point
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
*
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
*
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in
|
|
||||||
* the documentation and/or other materials provided with the
|
|
||||||
* distribution.
|
|
||||||
*
|
|
||||||
* 3. All advertising materials mentioning features or use of this
|
|
||||||
* software must display the following acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
|
||||||
*
|
|
||||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* prior written permission. For written permission, please contact
|
|
||||||
* openssl-core@openssl.org.
|
|
||||||
*
|
|
||||||
* 5. Products derived from this software may not be called "OpenSSL"
|
|
||||||
* nor may "OpenSSL" appear in their names without prior written
|
|
||||||
* permission of the OpenSSL Project.
|
|
||||||
*
|
|
||||||
* 6. Redistributions of any form whatsoever must retain the following
|
|
||||||
* acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
||||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
||||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
||||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
||||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
||||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
||||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
||||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
||||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
* ====================================================================
|
|
||||||
*
|
|
||||||
* This product includes cryptographic software written by Eric Young
|
|
||||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
|
||||||
* Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_KRB5_ASN_H
|
|
||||||
# define HEADER_KRB5_ASN_H
|
|
||||||
|
|
||||||
/*
|
|
||||||
* #include <krb5.h>
|
|
||||||
*/
|
|
||||||
# include <openssl/safestack.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/*
|
|
||||||
* ASN.1 from Kerberos RFC 1510
|
|
||||||
*/
|
|
||||||
|
|
||||||
/*- EncryptedData ::= SEQUENCE {
|
|
||||||
* etype[0] INTEGER, -- EncryptionType
|
|
||||||
* kvno[1] INTEGER OPTIONAL,
|
|
||||||
* cipher[2] OCTET STRING -- ciphertext
|
|
||||||
* }
|
|
||||||
*/
|
|
||||||
typedef struct krb5_encdata_st {
|
|
||||||
ASN1_INTEGER *etype;
|
|
||||||
ASN1_INTEGER *kvno;
|
|
||||||
ASN1_OCTET_STRING *cipher;
|
|
||||||
} KRB5_ENCDATA;
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(KRB5_ENCDATA)
|
|
||||||
|
|
||||||
/*- PrincipalName ::= SEQUENCE {
|
|
||||||
* name-type[0] INTEGER,
|
|
||||||
* name-string[1] SEQUENCE OF GeneralString
|
|
||||||
* }
|
|
||||||
*/
|
|
||||||
typedef struct krb5_princname_st {
|
|
||||||
ASN1_INTEGER *nametype;
|
|
||||||
STACK_OF(ASN1_GENERALSTRING) *namestring;
|
|
||||||
} KRB5_PRINCNAME;
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(KRB5_PRINCNAME)
|
|
||||||
|
|
||||||
/*- Ticket ::= [APPLICATION 1] SEQUENCE {
|
|
||||||
* tkt-vno[0] INTEGER,
|
|
||||||
* realm[1] Realm,
|
|
||||||
* sname[2] PrincipalName,
|
|
||||||
* enc-part[3] EncryptedData
|
|
||||||
* }
|
|
||||||
*/
|
|
||||||
typedef struct krb5_tktbody_st {
|
|
||||||
ASN1_INTEGER *tktvno;
|
|
||||||
ASN1_GENERALSTRING *realm;
|
|
||||||
KRB5_PRINCNAME *sname;
|
|
||||||
KRB5_ENCDATA *encdata;
|
|
||||||
} KRB5_TKTBODY;
|
|
||||||
|
|
||||||
typedef STACK_OF(KRB5_TKTBODY) KRB5_TICKET;
|
|
||||||
DECLARE_STACK_OF(KRB5_TKTBODY)
|
|
||||||
|
|
||||||
/*- AP-REQ ::= [APPLICATION 14] SEQUENCE {
|
|
||||||
* pvno[0] INTEGER,
|
|
||||||
* msg-type[1] INTEGER,
|
|
||||||
* ap-options[2] APOptions,
|
|
||||||
* ticket[3] Ticket,
|
|
||||||
* authenticator[4] EncryptedData
|
|
||||||
* }
|
|
||||||
*
|
|
||||||
* APOptions ::= BIT STRING {
|
|
||||||
* reserved(0), use-session-key(1), mutual-required(2) }
|
|
||||||
*/
|
|
||||||
typedef struct krb5_ap_req_st {
|
|
||||||
ASN1_INTEGER *pvno;
|
|
||||||
ASN1_INTEGER *msgtype;
|
|
||||||
ASN1_BIT_STRING *apoptions;
|
|
||||||
KRB5_TICKET *ticket;
|
|
||||||
KRB5_ENCDATA *authenticator;
|
|
||||||
} KRB5_APREQBODY;
|
|
||||||
|
|
||||||
typedef STACK_OF(KRB5_APREQBODY) KRB5_APREQ;
|
|
||||||
DECLARE_STACK_OF(KRB5_APREQBODY)
|
|
||||||
|
|
||||||
/* Authenticator Stuff */
|
|
||||||
|
|
||||||
/*- Checksum ::= SEQUENCE {
|
|
||||||
* cksumtype[0] INTEGER,
|
|
||||||
* checksum[1] OCTET STRING
|
|
||||||
* }
|
|
||||||
*/
|
|
||||||
typedef struct krb5_checksum_st {
|
|
||||||
ASN1_INTEGER *ctype;
|
|
||||||
ASN1_OCTET_STRING *checksum;
|
|
||||||
} KRB5_CHECKSUM;
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(KRB5_CHECKSUM)
|
|
||||||
|
|
||||||
/*- EncryptionKey ::= SEQUENCE {
|
|
||||||
* keytype[0] INTEGER,
|
|
||||||
* keyvalue[1] OCTET STRING
|
|
||||||
* }
|
|
||||||
*/
|
|
||||||
typedef struct krb5_encryptionkey_st {
|
|
||||||
ASN1_INTEGER *ktype;
|
|
||||||
ASN1_OCTET_STRING *keyvalue;
|
|
||||||
} KRB5_ENCKEY;
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(KRB5_ENCKEY)
|
|
||||||
|
|
||||||
/*- AuthorizationData ::= SEQUENCE OF SEQUENCE {
|
|
||||||
* ad-type[0] INTEGER,
|
|
||||||
* ad-data[1] OCTET STRING
|
|
||||||
* }
|
|
||||||
*/
|
|
||||||
typedef struct krb5_authorization_st {
|
|
||||||
ASN1_INTEGER *adtype;
|
|
||||||
ASN1_OCTET_STRING *addata;
|
|
||||||
} KRB5_AUTHDATA;
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(KRB5_AUTHDATA)
|
|
||||||
|
|
||||||
/*- -- Unencrypted authenticator
|
|
||||||
* Authenticator ::= [APPLICATION 2] SEQUENCE {
|
|
||||||
* authenticator-vno[0] INTEGER,
|
|
||||||
* crealm[1] Realm,
|
|
||||||
* cname[2] PrincipalName,
|
|
||||||
* cksum[3] Checksum OPTIONAL,
|
|
||||||
* cusec[4] INTEGER,
|
|
||||||
* ctime[5] KerberosTime,
|
|
||||||
* subkey[6] EncryptionKey OPTIONAL,
|
|
||||||
* seq-number[7] INTEGER OPTIONAL,
|
|
||||||
* authorization-data[8] AuthorizationData OPTIONAL
|
|
||||||
* }
|
|
||||||
*/
|
|
||||||
typedef struct krb5_authenticator_st {
|
|
||||||
ASN1_INTEGER *avno;
|
|
||||||
ASN1_GENERALSTRING *crealm;
|
|
||||||
KRB5_PRINCNAME *cname;
|
|
||||||
KRB5_CHECKSUM *cksum;
|
|
||||||
ASN1_INTEGER *cusec;
|
|
||||||
ASN1_GENERALIZEDTIME *ctime;
|
|
||||||
KRB5_ENCKEY *subkey;
|
|
||||||
ASN1_INTEGER *seqnum;
|
|
||||||
KRB5_AUTHDATA *authorization;
|
|
||||||
} KRB5_AUTHENTBODY;
|
|
||||||
|
|
||||||
typedef STACK_OF(KRB5_AUTHENTBODY) KRB5_AUTHENT;
|
|
||||||
DECLARE_STACK_OF(KRB5_AUTHENTBODY)
|
|
||||||
|
|
||||||
/*- DECLARE_ASN1_FUNCTIONS(type) = DECLARE_ASN1_FUNCTIONS_name(type, type) =
|
|
||||||
* type *name##_new(void);
|
|
||||||
* void name##_free(type *a);
|
|
||||||
* DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) =
|
|
||||||
* DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) =
|
|
||||||
* type *d2i_##name(type **a, const unsigned char **in, long len);
|
|
||||||
* int i2d_##name(type *a, unsigned char **out);
|
|
||||||
* DECLARE_ASN1_ITEM(itname) = OPENSSL_EXTERN const ASN1_ITEM itname##_it
|
|
||||||
*/
|
|
||||||
|
|
||||||
DECLARE_ASN1_FUNCTIONS(KRB5_ENCDATA)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(KRB5_PRINCNAME)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(KRB5_TKTBODY)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(KRB5_APREQBODY)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(KRB5_TICKET)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(KRB5_APREQ)
|
|
||||||
|
|
||||||
DECLARE_ASN1_FUNCTIONS(KRB5_CHECKSUM)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(KRB5_ENCKEY)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(KRB5_AUTHDATA)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(KRB5_AUTHENTBODY)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(KRB5_AUTHENT)
|
|
||||||
|
|
||||||
/* BEGIN ERROR CODES */
|
|
||||||
/*
|
|
||||||
* The following lines are auto generated by the script mkerr.pl. Any changes
|
|
||||||
* made after this point may be overwritten when the script is next run.
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#endif
|
|
|
@ -1,119 +0,0 @@
|
||||||
/* crypto/md4/md4.h */
|
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
|
||||||
* All rights reserved.
|
|
||||||
*
|
|
||||||
* This package is an SSL implementation written
|
|
||||||
* by Eric Young (eay@cryptsoft.com).
|
|
||||||
* The implementation was written so as to conform with Netscapes SSL.
|
|
||||||
*
|
|
||||||
* This library is free for commercial and non-commercial use as long as
|
|
||||||
* the following conditions are aheared to. The following conditions
|
|
||||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
||||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
||||||
* included with this distribution is covered by the same copyright terms
|
|
||||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
||||||
* the code are not to be removed.
|
|
||||||
* If this package is used in a product, Eric Young should be given attribution
|
|
||||||
* as the author of the parts of the library used.
|
|
||||||
* This can be in the form of a textual message at program startup or
|
|
||||||
* in documentation (online or textual) provided with the package.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. All advertising materials mentioning features or use of this software
|
|
||||||
* must display the following acknowledgement:
|
|
||||||
* "This product includes cryptographic software written by
|
|
||||||
* Eric Young (eay@cryptsoft.com)"
|
|
||||||
* The word 'cryptographic' can be left out if the rouines from the library
|
|
||||||
* being used are not cryptographic related :-).
|
|
||||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
||||||
* the apps directory (application code) you must include an acknowledgement:
|
|
||||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
||||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
||||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
||||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
* SUCH DAMAGE.
|
|
||||||
*
|
|
||||||
* The licence and distribution terms for any publically available version or
|
|
||||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
||||||
* copied and put under another distribution licence
|
|
||||||
* [including the GNU Public Licence.]
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_MD4_H
|
|
||||||
# define HEADER_MD4_H
|
|
||||||
|
|
||||||
# include <openssl/e_os2.h>
|
|
||||||
# include <stddef.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
# ifdef OPENSSL_NO_MD4
|
|
||||||
# error MD4 is disabled.
|
|
||||||
# endif
|
|
||||||
|
|
||||||
/*-
|
|
||||||
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
|
||||||
* ! MD4_LONG has to be at least 32 bits wide. If it's wider, then !
|
|
||||||
* ! MD4_LONG_LOG2 has to be defined along. !
|
|
||||||
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
|
||||||
*/
|
|
||||||
|
|
||||||
# if defined(__LP32__)
|
|
||||||
# define MD4_LONG unsigned long
|
|
||||||
# elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
|
|
||||||
# define MD4_LONG unsigned long
|
|
||||||
# define MD4_LONG_LOG2 3
|
|
||||||
/*
|
|
||||||
* _CRAY note. I could declare short, but I have no idea what impact
|
|
||||||
* does it have on performance on none-T3E machines. I could declare
|
|
||||||
* int, but at least on C90 sizeof(int) can be chosen at compile time.
|
|
||||||
* So I've chosen long...
|
|
||||||
* <appro@fy.chalmers.se>
|
|
||||||
*/
|
|
||||||
# else
|
|
||||||
# define MD4_LONG unsigned int
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# define MD4_CBLOCK 64
|
|
||||||
# define MD4_LBLOCK (MD4_CBLOCK/4)
|
|
||||||
# define MD4_DIGEST_LENGTH 16
|
|
||||||
|
|
||||||
typedef struct MD4state_st {
|
|
||||||
MD4_LONG A, B, C, D;
|
|
||||||
MD4_LONG Nl, Nh;
|
|
||||||
MD4_LONG data[MD4_LBLOCK];
|
|
||||||
unsigned int num;
|
|
||||||
} MD4_CTX;
|
|
||||||
|
|
||||||
# ifdef OPENSSL_FIPS
|
|
||||||
int private_MD4_Init(MD4_CTX *c);
|
|
||||||
# endif
|
|
||||||
int MD4_Init(MD4_CTX *c);
|
|
||||||
int MD4_Update(MD4_CTX *c, const void *data, size_t len);
|
|
||||||
int MD4_Final(unsigned char *md, MD4_CTX *c);
|
|
||||||
unsigned char *MD4(const unsigned char *d, size_t n, unsigned char *md);
|
|
||||||
void MD4_Transform(MD4_CTX *c, const unsigned char *b);
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif
|
|
|
@ -1,119 +0,0 @@
|
||||||
/* crypto/md5/md5.h */
|
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
|
||||||
* All rights reserved.
|
|
||||||
*
|
|
||||||
* This package is an SSL implementation written
|
|
||||||
* by Eric Young (eay@cryptsoft.com).
|
|
||||||
* The implementation was written so as to conform with Netscapes SSL.
|
|
||||||
*
|
|
||||||
* This library is free for commercial and non-commercial use as long as
|
|
||||||
* the following conditions are aheared to. The following conditions
|
|
||||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
||||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
||||||
* included with this distribution is covered by the same copyright terms
|
|
||||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
||||||
* the code are not to be removed.
|
|
||||||
* If this package is used in a product, Eric Young should be given attribution
|
|
||||||
* as the author of the parts of the library used.
|
|
||||||
* This can be in the form of a textual message at program startup or
|
|
||||||
* in documentation (online or textual) provided with the package.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. All advertising materials mentioning features or use of this software
|
|
||||||
* must display the following acknowledgement:
|
|
||||||
* "This product includes cryptographic software written by
|
|
||||||
* Eric Young (eay@cryptsoft.com)"
|
|
||||||
* The word 'cryptographic' can be left out if the rouines from the library
|
|
||||||
* being used are not cryptographic related :-).
|
|
||||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
||||||
* the apps directory (application code) you must include an acknowledgement:
|
|
||||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
||||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
||||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
||||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
* SUCH DAMAGE.
|
|
||||||
*
|
|
||||||
* The licence and distribution terms for any publically available version or
|
|
||||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
||||||
* copied and put under another distribution licence
|
|
||||||
* [including the GNU Public Licence.]
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_MD5_H
|
|
||||||
# define HEADER_MD5_H
|
|
||||||
|
|
||||||
# include <openssl/e_os2.h>
|
|
||||||
# include <stddef.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
# ifdef OPENSSL_NO_MD5
|
|
||||||
# error MD5 is disabled.
|
|
||||||
# endif
|
|
||||||
|
|
||||||
/*
|
|
||||||
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
|
||||||
* ! MD5_LONG has to be at least 32 bits wide. If it's wider, then !
|
|
||||||
* ! MD5_LONG_LOG2 has to be defined along. !
|
|
||||||
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
|
||||||
*/
|
|
||||||
|
|
||||||
# if defined(__LP32__)
|
|
||||||
# define MD5_LONG unsigned long
|
|
||||||
# elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
|
|
||||||
# define MD5_LONG unsigned long
|
|
||||||
# define MD5_LONG_LOG2 3
|
|
||||||
/*
|
|
||||||
* _CRAY note. I could declare short, but I have no idea what impact
|
|
||||||
* does it have on performance on none-T3E machines. I could declare
|
|
||||||
* int, but at least on C90 sizeof(int) can be chosen at compile time.
|
|
||||||
* So I've chosen long...
|
|
||||||
* <appro@fy.chalmers.se>
|
|
||||||
*/
|
|
||||||
# else
|
|
||||||
# define MD5_LONG unsigned int
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# define MD5_CBLOCK 64
|
|
||||||
# define MD5_LBLOCK (MD5_CBLOCK/4)
|
|
||||||
# define MD5_DIGEST_LENGTH 16
|
|
||||||
|
|
||||||
typedef struct MD5state_st {
|
|
||||||
MD5_LONG A, B, C, D;
|
|
||||||
MD5_LONG Nl, Nh;
|
|
||||||
MD5_LONG data[MD5_LBLOCK];
|
|
||||||
unsigned int num;
|
|
||||||
} MD5_CTX;
|
|
||||||
|
|
||||||
# ifdef OPENSSL_FIPS
|
|
||||||
int private_MD5_Init(MD5_CTX *c);
|
|
||||||
# endif
|
|
||||||
int MD5_Init(MD5_CTX *c);
|
|
||||||
int MD5_Update(MD5_CTX *c, const void *data, size_t len);
|
|
||||||
int MD5_Final(unsigned char *md, MD5_CTX *c);
|
|
||||||
unsigned char *MD5(const unsigned char *d, size_t n, unsigned char *md);
|
|
||||||
void MD5_Transform(MD5_CTX *c, const unsigned char *b);
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif
|
|
|
@ -1,94 +0,0 @@
|
||||||
/* crypto/mdc2/mdc2.h */
|
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
|
||||||
* All rights reserved.
|
|
||||||
*
|
|
||||||
* This package is an SSL implementation written
|
|
||||||
* by Eric Young (eay@cryptsoft.com).
|
|
||||||
* The implementation was written so as to conform with Netscapes SSL.
|
|
||||||
*
|
|
||||||
* This library is free for commercial and non-commercial use as long as
|
|
||||||
* the following conditions are aheared to. The following conditions
|
|
||||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
||||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
||||||
* included with this distribution is covered by the same copyright terms
|
|
||||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
||||||
* the code are not to be removed.
|
|
||||||
* If this package is used in a product, Eric Young should be given attribution
|
|
||||||
* as the author of the parts of the library used.
|
|
||||||
* This can be in the form of a textual message at program startup or
|
|
||||||
* in documentation (online or textual) provided with the package.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. All advertising materials mentioning features or use of this software
|
|
||||||
* must display the following acknowledgement:
|
|
||||||
* "This product includes cryptographic software written by
|
|
||||||
* Eric Young (eay@cryptsoft.com)"
|
|
||||||
* The word 'cryptographic' can be left out if the rouines from the library
|
|
||||||
* being used are not cryptographic related :-).
|
|
||||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
||||||
* the apps directory (application code) you must include an acknowledgement:
|
|
||||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
||||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
||||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
||||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
* SUCH DAMAGE.
|
|
||||||
*
|
|
||||||
* The licence and distribution terms for any publically available version or
|
|
||||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
||||||
* copied and put under another distribution licence
|
|
||||||
* [including the GNU Public Licence.]
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_MDC2_H
|
|
||||||
# define HEADER_MDC2_H
|
|
||||||
|
|
||||||
# include <openssl/des.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
# ifdef OPENSSL_NO_MDC2
|
|
||||||
# error MDC2 is disabled.
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# define MDC2_BLOCK 8
|
|
||||||
# define MDC2_DIGEST_LENGTH 16
|
|
||||||
|
|
||||||
typedef struct mdc2_ctx_st {
|
|
||||||
unsigned int num;
|
|
||||||
unsigned char data[MDC2_BLOCK];
|
|
||||||
DES_cblock h, hh;
|
|
||||||
int pad_type; /* either 1 or 2, default 1 */
|
|
||||||
} MDC2_CTX;
|
|
||||||
|
|
||||||
# ifdef OPENSSL_FIPS
|
|
||||||
int private_MDC2_Init(MDC2_CTX *c);
|
|
||||||
# endif
|
|
||||||
int MDC2_Init(MDC2_CTX *c);
|
|
||||||
int MDC2_Update(MDC2_CTX *c, const unsigned char *data, size_t len);
|
|
||||||
int MDC2_Final(unsigned char *md, MDC2_CTX *c);
|
|
||||||
unsigned char *MDC2(const unsigned char *d, size_t n, unsigned char *md);
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif
|
|
|
@ -1,163 +0,0 @@
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 2008 The OpenSSL Project. All rights reserved.
|
|
||||||
*
|
|
||||||
* Rights for redistribution and usage in source and binary
|
|
||||||
* forms are granted according to the OpenSSL license.
|
|
||||||
*/
|
|
||||||
|
|
||||||
#include <stddef.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
typedef void (*block128_f) (const unsigned char in[16],
|
|
||||||
unsigned char out[16], const void *key);
|
|
||||||
|
|
||||||
typedef void (*cbc128_f) (const unsigned char *in, unsigned char *out,
|
|
||||||
size_t len, const void *key,
|
|
||||||
unsigned char ivec[16], int enc);
|
|
||||||
|
|
||||||
typedef void (*ctr128_f) (const unsigned char *in, unsigned char *out,
|
|
||||||
size_t blocks, const void *key,
|
|
||||||
const unsigned char ivec[16]);
|
|
||||||
|
|
||||||
typedef void (*ccm128_f) (const unsigned char *in, unsigned char *out,
|
|
||||||
size_t blocks, const void *key,
|
|
||||||
const unsigned char ivec[16],
|
|
||||||
unsigned char cmac[16]);
|
|
||||||
|
|
||||||
void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t len, const void *key,
|
|
||||||
unsigned char ivec[16], block128_f block);
|
|
||||||
void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t len, const void *key,
|
|
||||||
unsigned char ivec[16], block128_f block);
|
|
||||||
|
|
||||||
void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t len, const void *key,
|
|
||||||
unsigned char ivec[16],
|
|
||||||
unsigned char ecount_buf[16], unsigned int *num,
|
|
||||||
block128_f block);
|
|
||||||
|
|
||||||
void CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t len, const void *key,
|
|
||||||
unsigned char ivec[16],
|
|
||||||
unsigned char ecount_buf[16],
|
|
||||||
unsigned int *num, ctr128_f ctr);
|
|
||||||
|
|
||||||
void CRYPTO_ofb128_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t len, const void *key,
|
|
||||||
unsigned char ivec[16], int *num,
|
|
||||||
block128_f block);
|
|
||||||
|
|
||||||
void CRYPTO_cfb128_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t len, const void *key,
|
|
||||||
unsigned char ivec[16], int *num,
|
|
||||||
int enc, block128_f block);
|
|
||||||
void CRYPTO_cfb128_8_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t length, const void *key,
|
|
||||||
unsigned char ivec[16], int *num,
|
|
||||||
int enc, block128_f block);
|
|
||||||
void CRYPTO_cfb128_1_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t bits, const void *key,
|
|
||||||
unsigned char ivec[16], int *num,
|
|
||||||
int enc, block128_f block);
|
|
||||||
|
|
||||||
size_t CRYPTO_cts128_encrypt_block(const unsigned char *in,
|
|
||||||
unsigned char *out, size_t len,
|
|
||||||
const void *key, unsigned char ivec[16],
|
|
||||||
block128_f block);
|
|
||||||
size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t len, const void *key,
|
|
||||||
unsigned char ivec[16], cbc128_f cbc);
|
|
||||||
size_t CRYPTO_cts128_decrypt_block(const unsigned char *in,
|
|
||||||
unsigned char *out, size_t len,
|
|
||||||
const void *key, unsigned char ivec[16],
|
|
||||||
block128_f block);
|
|
||||||
size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t len, const void *key,
|
|
||||||
unsigned char ivec[16], cbc128_f cbc);
|
|
||||||
|
|
||||||
size_t CRYPTO_nistcts128_encrypt_block(const unsigned char *in,
|
|
||||||
unsigned char *out, size_t len,
|
|
||||||
const void *key,
|
|
||||||
unsigned char ivec[16],
|
|
||||||
block128_f block);
|
|
||||||
size_t CRYPTO_nistcts128_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t len, const void *key,
|
|
||||||
unsigned char ivec[16], cbc128_f cbc);
|
|
||||||
size_t CRYPTO_nistcts128_decrypt_block(const unsigned char *in,
|
|
||||||
unsigned char *out, size_t len,
|
|
||||||
const void *key,
|
|
||||||
unsigned char ivec[16],
|
|
||||||
block128_f block);
|
|
||||||
size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t len, const void *key,
|
|
||||||
unsigned char ivec[16], cbc128_f cbc);
|
|
||||||
|
|
||||||
typedef struct gcm128_context GCM128_CONTEXT;
|
|
||||||
|
|
||||||
GCM128_CONTEXT *CRYPTO_gcm128_new(void *key, block128_f block);
|
|
||||||
void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx, void *key, block128_f block);
|
|
||||||
void CRYPTO_gcm128_setiv(GCM128_CONTEXT *ctx, const unsigned char *iv,
|
|
||||||
size_t len);
|
|
||||||
int CRYPTO_gcm128_aad(GCM128_CONTEXT *ctx, const unsigned char *aad,
|
|
||||||
size_t len);
|
|
||||||
int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx,
|
|
||||||
const unsigned char *in, unsigned char *out,
|
|
||||||
size_t len);
|
|
||||||
int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx,
|
|
||||||
const unsigned char *in, unsigned char *out,
|
|
||||||
size_t len);
|
|
||||||
int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx,
|
|
||||||
const unsigned char *in, unsigned char *out,
|
|
||||||
size_t len, ctr128_f stream);
|
|
||||||
int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx,
|
|
||||||
const unsigned char *in, unsigned char *out,
|
|
||||||
size_t len, ctr128_f stream);
|
|
||||||
int CRYPTO_gcm128_finish(GCM128_CONTEXT *ctx, const unsigned char *tag,
|
|
||||||
size_t len);
|
|
||||||
void CRYPTO_gcm128_tag(GCM128_CONTEXT *ctx, unsigned char *tag, size_t len);
|
|
||||||
void CRYPTO_gcm128_release(GCM128_CONTEXT *ctx);
|
|
||||||
|
|
||||||
typedef struct ccm128_context CCM128_CONTEXT;
|
|
||||||
|
|
||||||
void CRYPTO_ccm128_init(CCM128_CONTEXT *ctx,
|
|
||||||
unsigned int M, unsigned int L, void *key,
|
|
||||||
block128_f block);
|
|
||||||
int CRYPTO_ccm128_setiv(CCM128_CONTEXT *ctx, const unsigned char *nonce,
|
|
||||||
size_t nlen, size_t mlen);
|
|
||||||
void CRYPTO_ccm128_aad(CCM128_CONTEXT *ctx, const unsigned char *aad,
|
|
||||||
size_t alen);
|
|
||||||
int CRYPTO_ccm128_encrypt(CCM128_CONTEXT *ctx, const unsigned char *inp,
|
|
||||||
unsigned char *out, size_t len);
|
|
||||||
int CRYPTO_ccm128_decrypt(CCM128_CONTEXT *ctx, const unsigned char *inp,
|
|
||||||
unsigned char *out, size_t len);
|
|
||||||
int CRYPTO_ccm128_encrypt_ccm64(CCM128_CONTEXT *ctx, const unsigned char *inp,
|
|
||||||
unsigned char *out, size_t len,
|
|
||||||
ccm128_f stream);
|
|
||||||
int CRYPTO_ccm128_decrypt_ccm64(CCM128_CONTEXT *ctx, const unsigned char *inp,
|
|
||||||
unsigned char *out, size_t len,
|
|
||||||
ccm128_f stream);
|
|
||||||
size_t CRYPTO_ccm128_tag(CCM128_CONTEXT *ctx, unsigned char *tag, size_t len);
|
|
||||||
|
|
||||||
typedef struct xts128_context XTS128_CONTEXT;
|
|
||||||
|
|
||||||
int CRYPTO_xts128_encrypt(const XTS128_CONTEXT *ctx,
|
|
||||||
const unsigned char iv[16],
|
|
||||||
const unsigned char *inp, unsigned char *out,
|
|
||||||
size_t len, int enc);
|
|
||||||
|
|
||||||
size_t CRYPTO_128_wrap(void *key, const unsigned char *iv,
|
|
||||||
unsigned char *out,
|
|
||||||
const unsigned char *in, size_t inlen,
|
|
||||||
block128_f block);
|
|
||||||
|
|
||||||
size_t CRYPTO_128_unwrap(void *key, const unsigned char *iv,
|
|
||||||
unsigned char *out,
|
|
||||||
const unsigned char *in, size_t inlen,
|
|
||||||
block128_f block);
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
|
@ -1,637 +0,0 @@
|
||||||
/* ocsp.h */
|
|
||||||
/*
|
|
||||||
* Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
|
|
||||||
* project.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/*
|
|
||||||
* History: This file was transfered to Richard Levitte from CertCo by Kathy
|
|
||||||
* Weinhold in mid-spring 2000 to be included in OpenSSL or released as a
|
|
||||||
* patch kit.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
*
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
*
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in
|
|
||||||
* the documentation and/or other materials provided with the
|
|
||||||
* distribution.
|
|
||||||
*
|
|
||||||
* 3. All advertising materials mentioning features or use of this
|
|
||||||
* software must display the following acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
|
||||||
*
|
|
||||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* prior written permission. For written permission, please contact
|
|
||||||
* openssl-core@openssl.org.
|
|
||||||
*
|
|
||||||
* 5. Products derived from this software may not be called "OpenSSL"
|
|
||||||
* nor may "OpenSSL" appear in their names without prior written
|
|
||||||
* permission of the OpenSSL Project.
|
|
||||||
*
|
|
||||||
* 6. Redistributions of any form whatsoever must retain the following
|
|
||||||
* acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
||||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
||||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
||||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
||||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
||||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
||||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
||||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
||||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
* ====================================================================
|
|
||||||
*
|
|
||||||
* This product includes cryptographic software written by Eric Young
|
|
||||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
|
||||||
* Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_OCSP_H
|
|
||||||
# define HEADER_OCSP_H
|
|
||||||
|
|
||||||
# include <openssl/ossl_typ.h>
|
|
||||||
# include <openssl/x509.h>
|
|
||||||
# include <openssl/x509v3.h>
|
|
||||||
# include <openssl/safestack.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* Various flags and values */
|
|
||||||
|
|
||||||
# define OCSP_DEFAULT_NONCE_LENGTH 16
|
|
||||||
|
|
||||||
# define OCSP_NOCERTS 0x1
|
|
||||||
# define OCSP_NOINTERN 0x2
|
|
||||||
# define OCSP_NOSIGS 0x4
|
|
||||||
# define OCSP_NOCHAIN 0x8
|
|
||||||
# define OCSP_NOVERIFY 0x10
|
|
||||||
# define OCSP_NOEXPLICIT 0x20
|
|
||||||
# define OCSP_NOCASIGN 0x40
|
|
||||||
# define OCSP_NODELEGATED 0x80
|
|
||||||
# define OCSP_NOCHECKS 0x100
|
|
||||||
# define OCSP_TRUSTOTHER 0x200
|
|
||||||
# define OCSP_RESPID_KEY 0x400
|
|
||||||
# define OCSP_NOTIME 0x800
|
|
||||||
|
|
||||||
/*- CertID ::= SEQUENCE {
|
|
||||||
* hashAlgorithm AlgorithmIdentifier,
|
|
||||||
* issuerNameHash OCTET STRING, -- Hash of Issuer's DN
|
|
||||||
* issuerKeyHash OCTET STRING, -- Hash of Issuers public key (excluding the tag & length fields)
|
|
||||||
* serialNumber CertificateSerialNumber }
|
|
||||||
*/
|
|
||||||
typedef struct ocsp_cert_id_st {
|
|
||||||
X509_ALGOR *hashAlgorithm;
|
|
||||||
ASN1_OCTET_STRING *issuerNameHash;
|
|
||||||
ASN1_OCTET_STRING *issuerKeyHash;
|
|
||||||
ASN1_INTEGER *serialNumber;
|
|
||||||
} OCSP_CERTID;
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(OCSP_CERTID)
|
|
||||||
|
|
||||||
/*- Request ::= SEQUENCE {
|
|
||||||
* reqCert CertID,
|
|
||||||
* singleRequestExtensions [0] EXPLICIT Extensions OPTIONAL }
|
|
||||||
*/
|
|
||||||
typedef struct ocsp_one_request_st {
|
|
||||||
OCSP_CERTID *reqCert;
|
|
||||||
STACK_OF(X509_EXTENSION) *singleRequestExtensions;
|
|
||||||
} OCSP_ONEREQ;
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(OCSP_ONEREQ)
|
|
||||||
DECLARE_ASN1_SET_OF(OCSP_ONEREQ)
|
|
||||||
|
|
||||||
/*- TBSRequest ::= SEQUENCE {
|
|
||||||
* version [0] EXPLICIT Version DEFAULT v1,
|
|
||||||
* requestorName [1] EXPLICIT GeneralName OPTIONAL,
|
|
||||||
* requestList SEQUENCE OF Request,
|
|
||||||
* requestExtensions [2] EXPLICIT Extensions OPTIONAL }
|
|
||||||
*/
|
|
||||||
typedef struct ocsp_req_info_st {
|
|
||||||
ASN1_INTEGER *version;
|
|
||||||
GENERAL_NAME *requestorName;
|
|
||||||
STACK_OF(OCSP_ONEREQ) *requestList;
|
|
||||||
STACK_OF(X509_EXTENSION) *requestExtensions;
|
|
||||||
} OCSP_REQINFO;
|
|
||||||
|
|
||||||
/*- Signature ::= SEQUENCE {
|
|
||||||
* signatureAlgorithm AlgorithmIdentifier,
|
|
||||||
* signature BIT STRING,
|
|
||||||
* certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
|
|
||||||
*/
|
|
||||||
typedef struct ocsp_signature_st {
|
|
||||||
X509_ALGOR *signatureAlgorithm;
|
|
||||||
ASN1_BIT_STRING *signature;
|
|
||||||
STACK_OF(X509) *certs;
|
|
||||||
} OCSP_SIGNATURE;
|
|
||||||
|
|
||||||
/*- OCSPRequest ::= SEQUENCE {
|
|
||||||
* tbsRequest TBSRequest,
|
|
||||||
* optionalSignature [0] EXPLICIT Signature OPTIONAL }
|
|
||||||
*/
|
|
||||||
typedef struct ocsp_request_st {
|
|
||||||
OCSP_REQINFO *tbsRequest;
|
|
||||||
OCSP_SIGNATURE *optionalSignature; /* OPTIONAL */
|
|
||||||
} OCSP_REQUEST;
|
|
||||||
|
|
||||||
/*- OCSPResponseStatus ::= ENUMERATED {
|
|
||||||
* successful (0), --Response has valid confirmations
|
|
||||||
* malformedRequest (1), --Illegal confirmation request
|
|
||||||
* internalError (2), --Internal error in issuer
|
|
||||||
* tryLater (3), --Try again later
|
|
||||||
* --(4) is not used
|
|
||||||
* sigRequired (5), --Must sign the request
|
|
||||||
* unauthorized (6) --Request unauthorized
|
|
||||||
* }
|
|
||||||
*/
|
|
||||||
# define OCSP_RESPONSE_STATUS_SUCCESSFUL 0
|
|
||||||
# define OCSP_RESPONSE_STATUS_MALFORMEDREQUEST 1
|
|
||||||
# define OCSP_RESPONSE_STATUS_INTERNALERROR 2
|
|
||||||
# define OCSP_RESPONSE_STATUS_TRYLATER 3
|
|
||||||
# define OCSP_RESPONSE_STATUS_SIGREQUIRED 5
|
|
||||||
# define OCSP_RESPONSE_STATUS_UNAUTHORIZED 6
|
|
||||||
|
|
||||||
/*- ResponseBytes ::= SEQUENCE {
|
|
||||||
* responseType OBJECT IDENTIFIER,
|
|
||||||
* response OCTET STRING }
|
|
||||||
*/
|
|
||||||
typedef struct ocsp_resp_bytes_st {
|
|
||||||
ASN1_OBJECT *responseType;
|
|
||||||
ASN1_OCTET_STRING *response;
|
|
||||||
} OCSP_RESPBYTES;
|
|
||||||
|
|
||||||
/*- OCSPResponse ::= SEQUENCE {
|
|
||||||
* responseStatus OCSPResponseStatus,
|
|
||||||
* responseBytes [0] EXPLICIT ResponseBytes OPTIONAL }
|
|
||||||
*/
|
|
||||||
struct ocsp_response_st {
|
|
||||||
ASN1_ENUMERATED *responseStatus;
|
|
||||||
OCSP_RESPBYTES *responseBytes;
|
|
||||||
};
|
|
||||||
|
|
||||||
/*- ResponderID ::= CHOICE {
|
|
||||||
* byName [1] Name,
|
|
||||||
* byKey [2] KeyHash }
|
|
||||||
*/
|
|
||||||
# define V_OCSP_RESPID_NAME 0
|
|
||||||
# define V_OCSP_RESPID_KEY 1
|
|
||||||
struct ocsp_responder_id_st {
|
|
||||||
int type;
|
|
||||||
union {
|
|
||||||
X509_NAME *byName;
|
|
||||||
ASN1_OCTET_STRING *byKey;
|
|
||||||
} value;
|
|
||||||
};
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(OCSP_RESPID)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(OCSP_RESPID)
|
|
||||||
|
|
||||||
/*- KeyHash ::= OCTET STRING --SHA-1 hash of responder's public key
|
|
||||||
* --(excluding the tag and length fields)
|
|
||||||
*/
|
|
||||||
|
|
||||||
/*- RevokedInfo ::= SEQUENCE {
|
|
||||||
* revocationTime GeneralizedTime,
|
|
||||||
* revocationReason [0] EXPLICIT CRLReason OPTIONAL }
|
|
||||||
*/
|
|
||||||
typedef struct ocsp_revoked_info_st {
|
|
||||||
ASN1_GENERALIZEDTIME *revocationTime;
|
|
||||||
ASN1_ENUMERATED *revocationReason;
|
|
||||||
} OCSP_REVOKEDINFO;
|
|
||||||
|
|
||||||
/*- CertStatus ::= CHOICE {
|
|
||||||
* good [0] IMPLICIT NULL,
|
|
||||||
* revoked [1] IMPLICIT RevokedInfo,
|
|
||||||
* unknown [2] IMPLICIT UnknownInfo }
|
|
||||||
*/
|
|
||||||
# define V_OCSP_CERTSTATUS_GOOD 0
|
|
||||||
# define V_OCSP_CERTSTATUS_REVOKED 1
|
|
||||||
# define V_OCSP_CERTSTATUS_UNKNOWN 2
|
|
||||||
typedef struct ocsp_cert_status_st {
|
|
||||||
int type;
|
|
||||||
union {
|
|
||||||
ASN1_NULL *good;
|
|
||||||
OCSP_REVOKEDINFO *revoked;
|
|
||||||
ASN1_NULL *unknown;
|
|
||||||
} value;
|
|
||||||
} OCSP_CERTSTATUS;
|
|
||||||
|
|
||||||
/*- SingleResponse ::= SEQUENCE {
|
|
||||||
* certID CertID,
|
|
||||||
* certStatus CertStatus,
|
|
||||||
* thisUpdate GeneralizedTime,
|
|
||||||
* nextUpdate [0] EXPLICIT GeneralizedTime OPTIONAL,
|
|
||||||
* singleExtensions [1] EXPLICIT Extensions OPTIONAL }
|
|
||||||
*/
|
|
||||||
typedef struct ocsp_single_response_st {
|
|
||||||
OCSP_CERTID *certId;
|
|
||||||
OCSP_CERTSTATUS *certStatus;
|
|
||||||
ASN1_GENERALIZEDTIME *thisUpdate;
|
|
||||||
ASN1_GENERALIZEDTIME *nextUpdate;
|
|
||||||
STACK_OF(X509_EXTENSION) *singleExtensions;
|
|
||||||
} OCSP_SINGLERESP;
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(OCSP_SINGLERESP)
|
|
||||||
DECLARE_ASN1_SET_OF(OCSP_SINGLERESP)
|
|
||||||
|
|
||||||
/*- ResponseData ::= SEQUENCE {
|
|
||||||
* version [0] EXPLICIT Version DEFAULT v1,
|
|
||||||
* responderID ResponderID,
|
|
||||||
* producedAt GeneralizedTime,
|
|
||||||
* responses SEQUENCE OF SingleResponse,
|
|
||||||
* responseExtensions [1] EXPLICIT Extensions OPTIONAL }
|
|
||||||
*/
|
|
||||||
typedef struct ocsp_response_data_st {
|
|
||||||
ASN1_INTEGER *version;
|
|
||||||
OCSP_RESPID *responderId;
|
|
||||||
ASN1_GENERALIZEDTIME *producedAt;
|
|
||||||
STACK_OF(OCSP_SINGLERESP) *responses;
|
|
||||||
STACK_OF(X509_EXTENSION) *responseExtensions;
|
|
||||||
} OCSP_RESPDATA;
|
|
||||||
|
|
||||||
/*- BasicOCSPResponse ::= SEQUENCE {
|
|
||||||
* tbsResponseData ResponseData,
|
|
||||||
* signatureAlgorithm AlgorithmIdentifier,
|
|
||||||
* signature BIT STRING,
|
|
||||||
* certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
|
|
||||||
*/
|
|
||||||
/*
|
|
||||||
* Note 1: The value for "signature" is specified in the OCSP rfc2560 as
|
|
||||||
* follows: "The value for the signature SHALL be computed on the hash of
|
|
||||||
* the DER encoding ResponseData." This means that you must hash the
|
|
||||||
* DER-encoded tbsResponseData, and then run it through a crypto-signing
|
|
||||||
* function, which will (at least w/RSA) do a hash-'n'-private-encrypt
|
|
||||||
* operation. This seems a bit odd, but that's the spec. Also note that
|
|
||||||
* the data structures do not leave anywhere to independently specify the
|
|
||||||
* algorithm used for the initial hash. So, we look at the
|
|
||||||
* signature-specification algorithm, and try to do something intelligent.
|
|
||||||
* -- Kathy Weinhold, CertCo
|
|
||||||
*/
|
|
||||||
/*
|
|
||||||
* Note 2: It seems that the mentioned passage from RFC 2560 (section
|
|
||||||
* 4.2.1) is open for interpretation. I've done tests against another
|
|
||||||
* responder, and found that it doesn't do the double hashing that the RFC
|
|
||||||
* seems to say one should. Therefore, all relevant functions take a flag
|
|
||||||
* saying which variant should be used. -- Richard Levitte, OpenSSL team
|
|
||||||
* and CeloCom
|
|
||||||
*/
|
|
||||||
typedef struct ocsp_basic_response_st {
|
|
||||||
OCSP_RESPDATA *tbsResponseData;
|
|
||||||
X509_ALGOR *signatureAlgorithm;
|
|
||||||
ASN1_BIT_STRING *signature;
|
|
||||||
STACK_OF(X509) *certs;
|
|
||||||
} OCSP_BASICRESP;
|
|
||||||
|
|
||||||
/*-
|
|
||||||
* CRLReason ::= ENUMERATED {
|
|
||||||
* unspecified (0),
|
|
||||||
* keyCompromise (1),
|
|
||||||
* cACompromise (2),
|
|
||||||
* affiliationChanged (3),
|
|
||||||
* superseded (4),
|
|
||||||
* cessationOfOperation (5),
|
|
||||||
* certificateHold (6),
|
|
||||||
* removeFromCRL (8) }
|
|
||||||
*/
|
|
||||||
# define OCSP_REVOKED_STATUS_NOSTATUS -1
|
|
||||||
# define OCSP_REVOKED_STATUS_UNSPECIFIED 0
|
|
||||||
# define OCSP_REVOKED_STATUS_KEYCOMPROMISE 1
|
|
||||||
# define OCSP_REVOKED_STATUS_CACOMPROMISE 2
|
|
||||||
# define OCSP_REVOKED_STATUS_AFFILIATIONCHANGED 3
|
|
||||||
# define OCSP_REVOKED_STATUS_SUPERSEDED 4
|
|
||||||
# define OCSP_REVOKED_STATUS_CESSATIONOFOPERATION 5
|
|
||||||
# define OCSP_REVOKED_STATUS_CERTIFICATEHOLD 6
|
|
||||||
# define OCSP_REVOKED_STATUS_REMOVEFROMCRL 8
|
|
||||||
|
|
||||||
/*-
|
|
||||||
* CrlID ::= SEQUENCE {
|
|
||||||
* crlUrl [0] EXPLICIT IA5String OPTIONAL,
|
|
||||||
* crlNum [1] EXPLICIT INTEGER OPTIONAL,
|
|
||||||
* crlTime [2] EXPLICIT GeneralizedTime OPTIONAL }
|
|
||||||
*/
|
|
||||||
typedef struct ocsp_crl_id_st {
|
|
||||||
ASN1_IA5STRING *crlUrl;
|
|
||||||
ASN1_INTEGER *crlNum;
|
|
||||||
ASN1_GENERALIZEDTIME *crlTime;
|
|
||||||
} OCSP_CRLID;
|
|
||||||
|
|
||||||
/*-
|
|
||||||
* ServiceLocator ::= SEQUENCE {
|
|
||||||
* issuer Name,
|
|
||||||
* locator AuthorityInfoAccessSyntax OPTIONAL }
|
|
||||||
*/
|
|
||||||
typedef struct ocsp_service_locator_st {
|
|
||||||
X509_NAME *issuer;
|
|
||||||
STACK_OF(ACCESS_DESCRIPTION) *locator;
|
|
||||||
} OCSP_SERVICELOC;
|
|
||||||
|
|
||||||
# define PEM_STRING_OCSP_REQUEST "OCSP REQUEST"
|
|
||||||
# define PEM_STRING_OCSP_RESPONSE "OCSP RESPONSE"
|
|
||||||
|
|
||||||
# define d2i_OCSP_REQUEST_bio(bp,p) ASN1_d2i_bio_of(OCSP_REQUEST,OCSP_REQUEST_new,d2i_OCSP_REQUEST,bp,p)
|
|
||||||
|
|
||||||
# define d2i_OCSP_RESPONSE_bio(bp,p) ASN1_d2i_bio_of(OCSP_RESPONSE,OCSP_RESPONSE_new,d2i_OCSP_RESPONSE,bp,p)
|
|
||||||
|
|
||||||
# define PEM_read_bio_OCSP_REQUEST(bp,x,cb) (OCSP_REQUEST *)PEM_ASN1_read_bio( \
|
|
||||||
(char *(*)())d2i_OCSP_REQUEST,PEM_STRING_OCSP_REQUEST,bp,(char **)x,cb,NULL)
|
|
||||||
|
|
||||||
# define PEM_read_bio_OCSP_RESPONSE(bp,x,cb)(OCSP_RESPONSE *)PEM_ASN1_read_bio(\
|
|
||||||
(char *(*)())d2i_OCSP_RESPONSE,PEM_STRING_OCSP_RESPONSE,bp,(char **)x,cb,NULL)
|
|
||||||
|
|
||||||
# define PEM_write_bio_OCSP_REQUEST(bp,o) \
|
|
||||||
PEM_ASN1_write_bio((int (*)())i2d_OCSP_REQUEST,PEM_STRING_OCSP_REQUEST,\
|
|
||||||
bp,(char *)o, NULL,NULL,0,NULL,NULL)
|
|
||||||
|
|
||||||
# define PEM_write_bio_OCSP_RESPONSE(bp,o) \
|
|
||||||
PEM_ASN1_write_bio((int (*)())i2d_OCSP_RESPONSE,PEM_STRING_OCSP_RESPONSE,\
|
|
||||||
bp,(char *)o, NULL,NULL,0,NULL,NULL)
|
|
||||||
|
|
||||||
# define i2d_OCSP_RESPONSE_bio(bp,o) ASN1_i2d_bio_of(OCSP_RESPONSE,i2d_OCSP_RESPONSE,bp,o)
|
|
||||||
|
|
||||||
# define i2d_OCSP_REQUEST_bio(bp,o) ASN1_i2d_bio_of(OCSP_REQUEST,i2d_OCSP_REQUEST,bp,o)
|
|
||||||
|
|
||||||
# define OCSP_REQUEST_sign(o,pkey,md) \
|
|
||||||
ASN1_item_sign(ASN1_ITEM_rptr(OCSP_REQINFO),\
|
|
||||||
o->optionalSignature->signatureAlgorithm,NULL,\
|
|
||||||
o->optionalSignature->signature,o->tbsRequest,pkey,md)
|
|
||||||
|
|
||||||
# define OCSP_BASICRESP_sign(o,pkey,md,d) \
|
|
||||||
ASN1_item_sign(ASN1_ITEM_rptr(OCSP_RESPDATA),o->signatureAlgorithm,NULL,\
|
|
||||||
o->signature,o->tbsResponseData,pkey,md)
|
|
||||||
|
|
||||||
# define OCSP_REQUEST_verify(a,r) ASN1_item_verify(ASN1_ITEM_rptr(OCSP_REQINFO),\
|
|
||||||
a->optionalSignature->signatureAlgorithm,\
|
|
||||||
a->optionalSignature->signature,a->tbsRequest,r)
|
|
||||||
|
|
||||||
# define OCSP_BASICRESP_verify(a,r,d) ASN1_item_verify(ASN1_ITEM_rptr(OCSP_RESPDATA),\
|
|
||||||
a->signatureAlgorithm,a->signature,a->tbsResponseData,r)
|
|
||||||
|
|
||||||
# define ASN1_BIT_STRING_digest(data,type,md,len) \
|
|
||||||
ASN1_item_digest(ASN1_ITEM_rptr(ASN1_BIT_STRING),type,data,md,len)
|
|
||||||
|
|
||||||
# define OCSP_CERTSTATUS_dup(cs)\
|
|
||||||
(OCSP_CERTSTATUS*)ASN1_dup((int(*)())i2d_OCSP_CERTSTATUS,\
|
|
||||||
(char *(*)())d2i_OCSP_CERTSTATUS,(char *)(cs))
|
|
||||||
|
|
||||||
OCSP_CERTID *OCSP_CERTID_dup(OCSP_CERTID *id);
|
|
||||||
|
|
||||||
OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, const char *path, OCSP_REQUEST *req);
|
|
||||||
OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, const char *path, OCSP_REQUEST *req,
|
|
||||||
int maxline);
|
|
||||||
int OCSP_REQ_CTX_nbio(OCSP_REQ_CTX *rctx);
|
|
||||||
int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx);
|
|
||||||
OCSP_REQ_CTX *OCSP_REQ_CTX_new(BIO *io, int maxline);
|
|
||||||
void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx);
|
|
||||||
void OCSP_set_max_response_length(OCSP_REQ_CTX *rctx, unsigned long len);
|
|
||||||
int OCSP_REQ_CTX_i2d(OCSP_REQ_CTX *rctx, const ASN1_ITEM *it,
|
|
||||||
ASN1_VALUE *val);
|
|
||||||
int OCSP_REQ_CTX_nbio_d2i(OCSP_REQ_CTX *rctx, ASN1_VALUE **pval,
|
|
||||||
const ASN1_ITEM *it);
|
|
||||||
BIO *OCSP_REQ_CTX_get0_mem_bio(OCSP_REQ_CTX *rctx);
|
|
||||||
int OCSP_REQ_CTX_i2d(OCSP_REQ_CTX *rctx, const ASN1_ITEM *it,
|
|
||||||
ASN1_VALUE *val);
|
|
||||||
int OCSP_REQ_CTX_http(OCSP_REQ_CTX *rctx, const char *op, const char *path);
|
|
||||||
int OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, OCSP_REQUEST *req);
|
|
||||||
int OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx,
|
|
||||||
const char *name, const char *value);
|
|
||||||
|
|
||||||
OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, X509 *subject, X509 *issuer);
|
|
||||||
|
|
||||||
OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst,
|
|
||||||
X509_NAME *issuerName,
|
|
||||||
ASN1_BIT_STRING *issuerKey,
|
|
||||||
ASN1_INTEGER *serialNumber);
|
|
||||||
|
|
||||||
OCSP_ONEREQ *OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid);
|
|
||||||
|
|
||||||
int OCSP_request_add1_nonce(OCSP_REQUEST *req, unsigned char *val, int len);
|
|
||||||
int OCSP_basic_add1_nonce(OCSP_BASICRESP *resp, unsigned char *val, int len);
|
|
||||||
int OCSP_check_nonce(OCSP_REQUEST *req, OCSP_BASICRESP *bs);
|
|
||||||
int OCSP_copy_nonce(OCSP_BASICRESP *resp, OCSP_REQUEST *req);
|
|
||||||
|
|
||||||
int OCSP_request_set1_name(OCSP_REQUEST *req, X509_NAME *nm);
|
|
||||||
int OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert);
|
|
||||||
|
|
||||||
int OCSP_request_sign(OCSP_REQUEST *req,
|
|
||||||
X509 *signer,
|
|
||||||
EVP_PKEY *key,
|
|
||||||
const EVP_MD *dgst,
|
|
||||||
STACK_OF(X509) *certs, unsigned long flags);
|
|
||||||
|
|
||||||
int OCSP_response_status(OCSP_RESPONSE *resp);
|
|
||||||
OCSP_BASICRESP *OCSP_response_get1_basic(OCSP_RESPONSE *resp);
|
|
||||||
|
|
||||||
int OCSP_resp_count(OCSP_BASICRESP *bs);
|
|
||||||
OCSP_SINGLERESP *OCSP_resp_get0(OCSP_BASICRESP *bs, int idx);
|
|
||||||
int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last);
|
|
||||||
int OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason,
|
|
||||||
ASN1_GENERALIZEDTIME **revtime,
|
|
||||||
ASN1_GENERALIZEDTIME **thisupd,
|
|
||||||
ASN1_GENERALIZEDTIME **nextupd);
|
|
||||||
int OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status,
|
|
||||||
int *reason,
|
|
||||||
ASN1_GENERALIZEDTIME **revtime,
|
|
||||||
ASN1_GENERALIZEDTIME **thisupd,
|
|
||||||
ASN1_GENERALIZEDTIME **nextupd);
|
|
||||||
int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd,
|
|
||||||
ASN1_GENERALIZEDTIME *nextupd, long sec, long maxsec);
|
|
||||||
|
|
||||||
int OCSP_request_verify(OCSP_REQUEST *req, STACK_OF(X509) *certs,
|
|
||||||
X509_STORE *store, unsigned long flags);
|
|
||||||
|
|
||||||
int OCSP_parse_url(const char *url, char **phost, char **pport, char **ppath,
|
|
||||||
int *pssl);
|
|
||||||
|
|
||||||
int OCSP_id_issuer_cmp(OCSP_CERTID *a, OCSP_CERTID *b);
|
|
||||||
int OCSP_id_cmp(OCSP_CERTID *a, OCSP_CERTID *b);
|
|
||||||
|
|
||||||
int OCSP_request_onereq_count(OCSP_REQUEST *req);
|
|
||||||
OCSP_ONEREQ *OCSP_request_onereq_get0(OCSP_REQUEST *req, int i);
|
|
||||||
OCSP_CERTID *OCSP_onereq_get0_id(OCSP_ONEREQ *one);
|
|
||||||
int OCSP_id_get0_info(ASN1_OCTET_STRING **piNameHash, ASN1_OBJECT **pmd,
|
|
||||||
ASN1_OCTET_STRING **pikeyHash,
|
|
||||||
ASN1_INTEGER **pserial, OCSP_CERTID *cid);
|
|
||||||
int OCSP_request_is_signed(OCSP_REQUEST *req);
|
|
||||||
OCSP_RESPONSE *OCSP_response_create(int status, OCSP_BASICRESP *bs);
|
|
||||||
OCSP_SINGLERESP *OCSP_basic_add1_status(OCSP_BASICRESP *rsp,
|
|
||||||
OCSP_CERTID *cid,
|
|
||||||
int status, int reason,
|
|
||||||
ASN1_TIME *revtime,
|
|
||||||
ASN1_TIME *thisupd,
|
|
||||||
ASN1_TIME *nextupd);
|
|
||||||
int OCSP_basic_add1_cert(OCSP_BASICRESP *resp, X509 *cert);
|
|
||||||
int OCSP_basic_sign(OCSP_BASICRESP *brsp,
|
|
||||||
X509 *signer, EVP_PKEY *key, const EVP_MD *dgst,
|
|
||||||
STACK_OF(X509) *certs, unsigned long flags);
|
|
||||||
|
|
||||||
X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim);
|
|
||||||
|
|
||||||
X509_EXTENSION *OCSP_accept_responses_new(char **oids);
|
|
||||||
|
|
||||||
X509_EXTENSION *OCSP_archive_cutoff_new(char *tim);
|
|
||||||
|
|
||||||
X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME *issuer, char **urls);
|
|
||||||
|
|
||||||
int OCSP_REQUEST_get_ext_count(OCSP_REQUEST *x);
|
|
||||||
int OCSP_REQUEST_get_ext_by_NID(OCSP_REQUEST *x, int nid, int lastpos);
|
|
||||||
int OCSP_REQUEST_get_ext_by_OBJ(OCSP_REQUEST *x, ASN1_OBJECT *obj,
|
|
||||||
int lastpos);
|
|
||||||
int OCSP_REQUEST_get_ext_by_critical(OCSP_REQUEST *x, int crit, int lastpos);
|
|
||||||
X509_EXTENSION *OCSP_REQUEST_get_ext(OCSP_REQUEST *x, int loc);
|
|
||||||
X509_EXTENSION *OCSP_REQUEST_delete_ext(OCSP_REQUEST *x, int loc);
|
|
||||||
void *OCSP_REQUEST_get1_ext_d2i(OCSP_REQUEST *x, int nid, int *crit,
|
|
||||||
int *idx);
|
|
||||||
int OCSP_REQUEST_add1_ext_i2d(OCSP_REQUEST *x, int nid, void *value, int crit,
|
|
||||||
unsigned long flags);
|
|
||||||
int OCSP_REQUEST_add_ext(OCSP_REQUEST *x, X509_EXTENSION *ex, int loc);
|
|
||||||
|
|
||||||
int OCSP_ONEREQ_get_ext_count(OCSP_ONEREQ *x);
|
|
||||||
int OCSP_ONEREQ_get_ext_by_NID(OCSP_ONEREQ *x, int nid, int lastpos);
|
|
||||||
int OCSP_ONEREQ_get_ext_by_OBJ(OCSP_ONEREQ *x, ASN1_OBJECT *obj, int lastpos);
|
|
||||||
int OCSP_ONEREQ_get_ext_by_critical(OCSP_ONEREQ *x, int crit, int lastpos);
|
|
||||||
X509_EXTENSION *OCSP_ONEREQ_get_ext(OCSP_ONEREQ *x, int loc);
|
|
||||||
X509_EXTENSION *OCSP_ONEREQ_delete_ext(OCSP_ONEREQ *x, int loc);
|
|
||||||
void *OCSP_ONEREQ_get1_ext_d2i(OCSP_ONEREQ *x, int nid, int *crit, int *idx);
|
|
||||||
int OCSP_ONEREQ_add1_ext_i2d(OCSP_ONEREQ *x, int nid, void *value, int crit,
|
|
||||||
unsigned long flags);
|
|
||||||
int OCSP_ONEREQ_add_ext(OCSP_ONEREQ *x, X509_EXTENSION *ex, int loc);
|
|
||||||
|
|
||||||
int OCSP_BASICRESP_get_ext_count(OCSP_BASICRESP *x);
|
|
||||||
int OCSP_BASICRESP_get_ext_by_NID(OCSP_BASICRESP *x, int nid, int lastpos);
|
|
||||||
int OCSP_BASICRESP_get_ext_by_OBJ(OCSP_BASICRESP *x, ASN1_OBJECT *obj,
|
|
||||||
int lastpos);
|
|
||||||
int OCSP_BASICRESP_get_ext_by_critical(OCSP_BASICRESP *x, int crit,
|
|
||||||
int lastpos);
|
|
||||||
X509_EXTENSION *OCSP_BASICRESP_get_ext(OCSP_BASICRESP *x, int loc);
|
|
||||||
X509_EXTENSION *OCSP_BASICRESP_delete_ext(OCSP_BASICRESP *x, int loc);
|
|
||||||
void *OCSP_BASICRESP_get1_ext_d2i(OCSP_BASICRESP *x, int nid, int *crit,
|
|
||||||
int *idx);
|
|
||||||
int OCSP_BASICRESP_add1_ext_i2d(OCSP_BASICRESP *x, int nid, void *value,
|
|
||||||
int crit, unsigned long flags);
|
|
||||||
int OCSP_BASICRESP_add_ext(OCSP_BASICRESP *x, X509_EXTENSION *ex, int loc);
|
|
||||||
|
|
||||||
int OCSP_SINGLERESP_get_ext_count(OCSP_SINGLERESP *x);
|
|
||||||
int OCSP_SINGLERESP_get_ext_by_NID(OCSP_SINGLERESP *x, int nid, int lastpos);
|
|
||||||
int OCSP_SINGLERESP_get_ext_by_OBJ(OCSP_SINGLERESP *x, ASN1_OBJECT *obj,
|
|
||||||
int lastpos);
|
|
||||||
int OCSP_SINGLERESP_get_ext_by_critical(OCSP_SINGLERESP *x, int crit,
|
|
||||||
int lastpos);
|
|
||||||
X509_EXTENSION *OCSP_SINGLERESP_get_ext(OCSP_SINGLERESP *x, int loc);
|
|
||||||
X509_EXTENSION *OCSP_SINGLERESP_delete_ext(OCSP_SINGLERESP *x, int loc);
|
|
||||||
void *OCSP_SINGLERESP_get1_ext_d2i(OCSP_SINGLERESP *x, int nid, int *crit,
|
|
||||||
int *idx);
|
|
||||||
int OCSP_SINGLERESP_add1_ext_i2d(OCSP_SINGLERESP *x, int nid, void *value,
|
|
||||||
int crit, unsigned long flags);
|
|
||||||
int OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, int loc);
|
|
||||||
|
|
||||||
DECLARE_ASN1_FUNCTIONS(OCSP_SINGLERESP)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(OCSP_CERTSTATUS)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(OCSP_REVOKEDINFO)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(OCSP_BASICRESP)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(OCSP_RESPDATA)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(OCSP_RESPID)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(OCSP_RESPONSE)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(OCSP_RESPBYTES)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(OCSP_ONEREQ)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(OCSP_CERTID)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(OCSP_REQUEST)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(OCSP_SIGNATURE)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(OCSP_REQINFO)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(OCSP_CRLID)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(OCSP_SERVICELOC)
|
|
||||||
|
|
||||||
const char *OCSP_response_status_str(long s);
|
|
||||||
const char *OCSP_cert_status_str(long s);
|
|
||||||
const char *OCSP_crl_reason_str(long s);
|
|
||||||
|
|
||||||
int OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST *a, unsigned long flags);
|
|
||||||
int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE *o, unsigned long flags);
|
|
||||||
|
|
||||||
int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
|
|
||||||
X509_STORE *st, unsigned long flags);
|
|
||||||
|
|
||||||
/* BEGIN ERROR CODES */
|
|
||||||
/*
|
|
||||||
* The following lines are auto generated by the script mkerr.pl. Any changes
|
|
||||||
* made after this point may be overwritten when the script is next run.
|
|
||||||
*/
|
|
||||||
void ERR_load_OCSP_strings(void);
|
|
||||||
|
|
||||||
/* Error codes for the OCSP functions. */
|
|
||||||
|
|
||||||
/* Function codes. */
|
|
||||||
# define OCSP_F_ASN1_STRING_ENCODE 100
|
|
||||||
# define OCSP_F_D2I_OCSP_NONCE 102
|
|
||||||
# define OCSP_F_OCSP_BASIC_ADD1_STATUS 103
|
|
||||||
# define OCSP_F_OCSP_BASIC_SIGN 104
|
|
||||||
# define OCSP_F_OCSP_BASIC_VERIFY 105
|
|
||||||
# define OCSP_F_OCSP_CERT_ID_NEW 101
|
|
||||||
# define OCSP_F_OCSP_CHECK_DELEGATED 106
|
|
||||||
# define OCSP_F_OCSP_CHECK_IDS 107
|
|
||||||
# define OCSP_F_OCSP_CHECK_ISSUER 108
|
|
||||||
# define OCSP_F_OCSP_CHECK_VALIDITY 115
|
|
||||||
# define OCSP_F_OCSP_MATCH_ISSUERID 109
|
|
||||||
# define OCSP_F_OCSP_PARSE_URL 114
|
|
||||||
# define OCSP_F_OCSP_REQUEST_SIGN 110
|
|
||||||
# define OCSP_F_OCSP_REQUEST_VERIFY 116
|
|
||||||
# define OCSP_F_OCSP_RESPONSE_GET1_BASIC 111
|
|
||||||
# define OCSP_F_OCSP_SENDREQ_BIO 112
|
|
||||||
# define OCSP_F_OCSP_SENDREQ_NBIO 117
|
|
||||||
# define OCSP_F_PARSE_HTTP_LINE1 118
|
|
||||||
# define OCSP_F_REQUEST_VERIFY 113
|
|
||||||
|
|
||||||
/* Reason codes. */
|
|
||||||
# define OCSP_R_BAD_DATA 100
|
|
||||||
# define OCSP_R_CERTIFICATE_VERIFY_ERROR 101
|
|
||||||
# define OCSP_R_DIGEST_ERR 102
|
|
||||||
# define OCSP_R_ERROR_IN_NEXTUPDATE_FIELD 122
|
|
||||||
# define OCSP_R_ERROR_IN_THISUPDATE_FIELD 123
|
|
||||||
# define OCSP_R_ERROR_PARSING_URL 121
|
|
||||||
# define OCSP_R_MISSING_OCSPSIGNING_USAGE 103
|
|
||||||
# define OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE 124
|
|
||||||
# define OCSP_R_NOT_BASIC_RESPONSE 104
|
|
||||||
# define OCSP_R_NO_CERTIFICATES_IN_CHAIN 105
|
|
||||||
# define OCSP_R_NO_CONTENT 106
|
|
||||||
# define OCSP_R_NO_PUBLIC_KEY 107
|
|
||||||
# define OCSP_R_NO_RESPONSE_DATA 108
|
|
||||||
# define OCSP_R_NO_REVOKED_TIME 109
|
|
||||||
# define OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 110
|
|
||||||
# define OCSP_R_REQUEST_NOT_SIGNED 128
|
|
||||||
# define OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA 111
|
|
||||||
# define OCSP_R_ROOT_CA_NOT_TRUSTED 112
|
|
||||||
# define OCSP_R_SERVER_READ_ERROR 113
|
|
||||||
# define OCSP_R_SERVER_RESPONSE_ERROR 114
|
|
||||||
# define OCSP_R_SERVER_RESPONSE_PARSE_ERROR 115
|
|
||||||
# define OCSP_R_SERVER_WRITE_ERROR 116
|
|
||||||
# define OCSP_R_SIGNATURE_FAILURE 117
|
|
||||||
# define OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND 118
|
|
||||||
# define OCSP_R_STATUS_EXPIRED 125
|
|
||||||
# define OCSP_R_STATUS_NOT_YET_VALID 126
|
|
||||||
# define OCSP_R_STATUS_TOO_OLD 127
|
|
||||||
# define OCSP_R_UNKNOWN_MESSAGE_DIGEST 119
|
|
||||||
# define OCSP_R_UNKNOWN_NID 120
|
|
||||||
# define OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE 129
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#endif
|
|
|
@ -1,342 +0,0 @@
|
||||||
/* pkcs12.h */
|
|
||||||
/*
|
|
||||||
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
|
|
||||||
* 1999.
|
|
||||||
*/
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
*
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
*
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in
|
|
||||||
* the documentation and/or other materials provided with the
|
|
||||||
* distribution.
|
|
||||||
*
|
|
||||||
* 3. All advertising materials mentioning features or use of this
|
|
||||||
* software must display the following acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
|
||||||
*
|
|
||||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* prior written permission. For written permission, please contact
|
|
||||||
* licensing@OpenSSL.org.
|
|
||||||
*
|
|
||||||
* 5. Products derived from this software may not be called "OpenSSL"
|
|
||||||
* nor may "OpenSSL" appear in their names without prior written
|
|
||||||
* permission of the OpenSSL Project.
|
|
||||||
*
|
|
||||||
* 6. Redistributions of any form whatsoever must retain the following
|
|
||||||
* acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
||||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
||||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
||||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
||||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
||||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
||||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
||||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
||||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
* ====================================================================
|
|
||||||
*
|
|
||||||
* This product includes cryptographic software written by Eric Young
|
|
||||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
|
||||||
* Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_PKCS12_H
|
|
||||||
# define HEADER_PKCS12_H
|
|
||||||
|
|
||||||
# include <openssl/bio.h>
|
|
||||||
# include <openssl/x509.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
# define PKCS12_KEY_ID 1
|
|
||||||
# define PKCS12_IV_ID 2
|
|
||||||
# define PKCS12_MAC_ID 3
|
|
||||||
|
|
||||||
/* Default iteration count */
|
|
||||||
# ifndef PKCS12_DEFAULT_ITER
|
|
||||||
# define PKCS12_DEFAULT_ITER PKCS5_DEFAULT_ITER
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# define PKCS12_MAC_KEY_LENGTH 20
|
|
||||||
|
|
||||||
# define PKCS12_SALT_LEN 8
|
|
||||||
|
|
||||||
/* Uncomment out next line for unicode password and names, otherwise ASCII */
|
|
||||||
|
|
||||||
/*
|
|
||||||
* #define PBE_UNICODE
|
|
||||||
*/
|
|
||||||
|
|
||||||
# ifdef PBE_UNICODE
|
|
||||||
# define PKCS12_key_gen PKCS12_key_gen_uni
|
|
||||||
# define PKCS12_add_friendlyname PKCS12_add_friendlyname_uni
|
|
||||||
# else
|
|
||||||
# define PKCS12_key_gen PKCS12_key_gen_asc
|
|
||||||
# define PKCS12_add_friendlyname PKCS12_add_friendlyname_asc
|
|
||||||
# endif
|
|
||||||
|
|
||||||
/* MS key usage constants */
|
|
||||||
|
|
||||||
# define KEY_EX 0x10
|
|
||||||
# define KEY_SIG 0x80
|
|
||||||
|
|
||||||
typedef struct {
|
|
||||||
X509_SIG *dinfo;
|
|
||||||
ASN1_OCTET_STRING *salt;
|
|
||||||
ASN1_INTEGER *iter; /* defaults to 1 */
|
|
||||||
} PKCS12_MAC_DATA;
|
|
||||||
|
|
||||||
typedef struct {
|
|
||||||
ASN1_INTEGER *version;
|
|
||||||
PKCS12_MAC_DATA *mac;
|
|
||||||
PKCS7 *authsafes;
|
|
||||||
} PKCS12;
|
|
||||||
|
|
||||||
typedef struct {
|
|
||||||
ASN1_OBJECT *type;
|
|
||||||
union {
|
|
||||||
struct pkcs12_bag_st *bag; /* secret, crl and certbag */
|
|
||||||
struct pkcs8_priv_key_info_st *keybag; /* keybag */
|
|
||||||
X509_SIG *shkeybag; /* shrouded key bag */
|
|
||||||
STACK_OF(PKCS12_SAFEBAG) *safes;
|
|
||||||
ASN1_TYPE *other;
|
|
||||||
} value;
|
|
||||||
STACK_OF(X509_ATTRIBUTE) *attrib;
|
|
||||||
} PKCS12_SAFEBAG;
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(PKCS12_SAFEBAG)
|
|
||||||
DECLARE_ASN1_SET_OF(PKCS12_SAFEBAG)
|
|
||||||
DECLARE_PKCS12_STACK_OF(PKCS12_SAFEBAG)
|
|
||||||
|
|
||||||
typedef struct pkcs12_bag_st {
|
|
||||||
ASN1_OBJECT *type;
|
|
||||||
union {
|
|
||||||
ASN1_OCTET_STRING *x509cert;
|
|
||||||
ASN1_OCTET_STRING *x509crl;
|
|
||||||
ASN1_OCTET_STRING *octet;
|
|
||||||
ASN1_IA5STRING *sdsicert;
|
|
||||||
ASN1_TYPE *other; /* Secret or other bag */
|
|
||||||
} value;
|
|
||||||
} PKCS12_BAGS;
|
|
||||||
|
|
||||||
# define PKCS12_ERROR 0
|
|
||||||
# define PKCS12_OK 1
|
|
||||||
|
|
||||||
/* Compatibility macros */
|
|
||||||
|
|
||||||
# define M_PKCS12_x5092certbag PKCS12_x5092certbag
|
|
||||||
# define M_PKCS12_x509crl2certbag PKCS12_x509crl2certbag
|
|
||||||
|
|
||||||
# define M_PKCS12_certbag2x509 PKCS12_certbag2x509
|
|
||||||
# define M_PKCS12_certbag2x509crl PKCS12_certbag2x509crl
|
|
||||||
|
|
||||||
# define M_PKCS12_unpack_p7data PKCS12_unpack_p7data
|
|
||||||
# define M_PKCS12_pack_authsafes PKCS12_pack_authsafes
|
|
||||||
# define M_PKCS12_unpack_authsafes PKCS12_unpack_authsafes
|
|
||||||
# define M_PKCS12_unpack_p7encdata PKCS12_unpack_p7encdata
|
|
||||||
|
|
||||||
# define M_PKCS12_decrypt_skey PKCS12_decrypt_skey
|
|
||||||
# define M_PKCS8_decrypt PKCS8_decrypt
|
|
||||||
|
|
||||||
# define M_PKCS12_bag_type(bg) OBJ_obj2nid((bg)->type)
|
|
||||||
# define M_PKCS12_cert_bag_type(bg) OBJ_obj2nid((bg)->value.bag->type)
|
|
||||||
# define M_PKCS12_crl_bag_type M_PKCS12_cert_bag_type
|
|
||||||
|
|
||||||
# define PKCS12_get_attr(bag, attr_nid) \
|
|
||||||
PKCS12_get_attr_gen(bag->attrib, attr_nid)
|
|
||||||
|
|
||||||
# define PKCS8_get_attr(p8, attr_nid) \
|
|
||||||
PKCS12_get_attr_gen(p8->attributes, attr_nid)
|
|
||||||
|
|
||||||
# define PKCS12_mac_present(p12) ((p12)->mac ? 1 : 0)
|
|
||||||
|
|
||||||
PKCS12_SAFEBAG *PKCS12_x5092certbag(X509 *x509);
|
|
||||||
PKCS12_SAFEBAG *PKCS12_x509crl2certbag(X509_CRL *crl);
|
|
||||||
X509 *PKCS12_certbag2x509(PKCS12_SAFEBAG *bag);
|
|
||||||
X509_CRL *PKCS12_certbag2x509crl(PKCS12_SAFEBAG *bag);
|
|
||||||
|
|
||||||
PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it,
|
|
||||||
int nid1, int nid2);
|
|
||||||
PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8);
|
|
||||||
PKCS8_PRIV_KEY_INFO *PKCS8_decrypt(X509_SIG *p8, const char *pass,
|
|
||||||
int passlen);
|
|
||||||
PKCS8_PRIV_KEY_INFO *PKCS12_decrypt_skey(PKCS12_SAFEBAG *bag,
|
|
||||||
const char *pass, int passlen);
|
|
||||||
X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher,
|
|
||||||
const char *pass, int passlen, unsigned char *salt,
|
|
||||||
int saltlen, int iter, PKCS8_PRIV_KEY_INFO *p8);
|
|
||||||
PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char *pass,
|
|
||||||
int passlen, unsigned char *salt,
|
|
||||||
int saltlen, int iter,
|
|
||||||
PKCS8_PRIV_KEY_INFO *p8);
|
|
||||||
PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk);
|
|
||||||
STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7);
|
|
||||||
PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen,
|
|
||||||
unsigned char *salt, int saltlen, int iter,
|
|
||||||
STACK_OF(PKCS12_SAFEBAG) *bags);
|
|
||||||
STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7encdata(PKCS7 *p7, const char *pass,
|
|
||||||
int passlen);
|
|
||||||
|
|
||||||
int PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes);
|
|
||||||
STACK_OF(PKCS7) *PKCS12_unpack_authsafes(PKCS12 *p12);
|
|
||||||
|
|
||||||
int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name,
|
|
||||||
int namelen);
|
|
||||||
int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name,
|
|
||||||
int namelen);
|
|
||||||
int PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name,
|
|
||||||
int namelen);
|
|
||||||
int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag,
|
|
||||||
const unsigned char *name, int namelen);
|
|
||||||
int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage);
|
|
||||||
ASN1_TYPE *PKCS12_get_attr_gen(STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid);
|
|
||||||
char *PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag);
|
|
||||||
unsigned char *PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass,
|
|
||||||
int passlen, unsigned char *in, int inlen,
|
|
||||||
unsigned char **data, int *datalen,
|
|
||||||
int en_de);
|
|
||||||
void *PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it,
|
|
||||||
const char *pass, int passlen,
|
|
||||||
ASN1_OCTET_STRING *oct, int zbuf);
|
|
||||||
ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor,
|
|
||||||
const ASN1_ITEM *it,
|
|
||||||
const char *pass, int passlen,
|
|
||||||
void *obj, int zbuf);
|
|
||||||
PKCS12 *PKCS12_init(int mode);
|
|
||||||
int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
|
|
||||||
int saltlen, int id, int iter, int n,
|
|
||||||
unsigned char *out, const EVP_MD *md_type);
|
|
||||||
int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
|
|
||||||
int saltlen, int id, int iter, int n,
|
|
||||||
unsigned char *out, const EVP_MD *md_type);
|
|
||||||
int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
|
|
||||||
ASN1_TYPE *param, const EVP_CIPHER *cipher,
|
|
||||||
const EVP_MD *md_type, int en_de);
|
|
||||||
int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
|
|
||||||
unsigned char *mac, unsigned int *maclen);
|
|
||||||
int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen);
|
|
||||||
int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen,
|
|
||||||
unsigned char *salt, int saltlen, int iter,
|
|
||||||
const EVP_MD *md_type);
|
|
||||||
int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt,
|
|
||||||
int saltlen, const EVP_MD *md_type);
|
|
||||||
unsigned char *OPENSSL_asc2uni(const char *asc, int asclen,
|
|
||||||
unsigned char **uni, int *unilen);
|
|
||||||
char *OPENSSL_uni2asc(unsigned char *uni, int unilen);
|
|
||||||
|
|
||||||
DECLARE_ASN1_FUNCTIONS(PKCS12)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(PKCS12_MAC_DATA)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(PKCS12_SAFEBAG)
|
|
||||||
DECLARE_ASN1_FUNCTIONS(PKCS12_BAGS)
|
|
||||||
|
|
||||||
DECLARE_ASN1_ITEM(PKCS12_SAFEBAGS)
|
|
||||||
DECLARE_ASN1_ITEM(PKCS12_AUTHSAFES)
|
|
||||||
|
|
||||||
void PKCS12_PBE_add(void);
|
|
||||||
int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
|
|
||||||
STACK_OF(X509) **ca);
|
|
||||||
PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
|
|
||||||
STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter,
|
|
||||||
int mac_iter, int keytype);
|
|
||||||
|
|
||||||
PKCS12_SAFEBAG *PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert);
|
|
||||||
PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags,
|
|
||||||
EVP_PKEY *key, int key_usage, int iter,
|
|
||||||
int key_nid, char *pass);
|
|
||||||
int PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags,
|
|
||||||
int safe_nid, int iter, char *pass);
|
|
||||||
PKCS12 *PKCS12_add_safes(STACK_OF(PKCS7) *safes, int p7_nid);
|
|
||||||
|
|
||||||
int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12);
|
|
||||||
int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12);
|
|
||||||
PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12);
|
|
||||||
PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12);
|
|
||||||
int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass);
|
|
||||||
|
|
||||||
/* BEGIN ERROR CODES */
|
|
||||||
/*
|
|
||||||
* The following lines are auto generated by the script mkerr.pl. Any changes
|
|
||||||
* made after this point may be overwritten when the script is next run.
|
|
||||||
*/
|
|
||||||
void ERR_load_PKCS12_strings(void);
|
|
||||||
|
|
||||||
/* Error codes for the PKCS12 functions. */
|
|
||||||
|
|
||||||
/* Function codes. */
|
|
||||||
# define PKCS12_F_PARSE_BAG 129
|
|
||||||
# define PKCS12_F_PARSE_BAGS 103
|
|
||||||
# define PKCS12_F_PKCS12_ADD_FRIENDLYNAME 100
|
|
||||||
# define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC 127
|
|
||||||
# define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI 102
|
|
||||||
# define PKCS12_F_PKCS12_ADD_LOCALKEYID 104
|
|
||||||
# define PKCS12_F_PKCS12_CREATE 105
|
|
||||||
# define PKCS12_F_PKCS12_GEN_MAC 107
|
|
||||||
# define PKCS12_F_PKCS12_INIT 109
|
|
||||||
# define PKCS12_F_PKCS12_ITEM_DECRYPT_D2I 106
|
|
||||||
# define PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT 108
|
|
||||||
# define PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG 117
|
|
||||||
# define PKCS12_F_PKCS12_KEY_GEN_ASC 110
|
|
||||||
# define PKCS12_F_PKCS12_KEY_GEN_UNI 111
|
|
||||||
# define PKCS12_F_PKCS12_MAKE_KEYBAG 112
|
|
||||||
# define PKCS12_F_PKCS12_MAKE_SHKEYBAG 113
|
|
||||||
# define PKCS12_F_PKCS12_NEWPASS 128
|
|
||||||
# define PKCS12_F_PKCS12_PACK_P7DATA 114
|
|
||||||
# define PKCS12_F_PKCS12_PACK_P7ENCDATA 115
|
|
||||||
# define PKCS12_F_PKCS12_PARSE 118
|
|
||||||
# define PKCS12_F_PKCS12_PBE_CRYPT 119
|
|
||||||
# define PKCS12_F_PKCS12_PBE_KEYIVGEN 120
|
|
||||||
# define PKCS12_F_PKCS12_SETUP_MAC 122
|
|
||||||
# define PKCS12_F_PKCS12_SET_MAC 123
|
|
||||||
# define PKCS12_F_PKCS12_UNPACK_AUTHSAFES 130
|
|
||||||
# define PKCS12_F_PKCS12_UNPACK_P7DATA 131
|
|
||||||
# define PKCS12_F_PKCS12_VERIFY_MAC 126
|
|
||||||
# define PKCS12_F_PKCS8_ADD_KEYUSAGE 124
|
|
||||||
# define PKCS12_F_PKCS8_ENCRYPT 125
|
|
||||||
|
|
||||||
/* Reason codes. */
|
|
||||||
# define PKCS12_R_CANT_PACK_STRUCTURE 100
|
|
||||||
# define PKCS12_R_CONTENT_TYPE_NOT_DATA 121
|
|
||||||
# define PKCS12_R_DECODE_ERROR 101
|
|
||||||
# define PKCS12_R_ENCODE_ERROR 102
|
|
||||||
# define PKCS12_R_ENCRYPT_ERROR 103
|
|
||||||
# define PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE 120
|
|
||||||
# define PKCS12_R_INVALID_NULL_ARGUMENT 104
|
|
||||||
# define PKCS12_R_INVALID_NULL_PKCS12_POINTER 105
|
|
||||||
# define PKCS12_R_IV_GEN_ERROR 106
|
|
||||||
# define PKCS12_R_KEY_GEN_ERROR 107
|
|
||||||
# define PKCS12_R_MAC_ABSENT 108
|
|
||||||
# define PKCS12_R_MAC_GENERATION_ERROR 109
|
|
||||||
# define PKCS12_R_MAC_SETUP_ERROR 110
|
|
||||||
# define PKCS12_R_MAC_STRING_SET_ERROR 111
|
|
||||||
# define PKCS12_R_MAC_VERIFY_ERROR 112
|
|
||||||
# define PKCS12_R_MAC_VERIFY_FAILURE 113
|
|
||||||
# define PKCS12_R_PARSE_ERROR 114
|
|
||||||
# define PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR 115
|
|
||||||
# define PKCS12_R_PKCS12_CIPHERFINAL_ERROR 116
|
|
||||||
# define PKCS12_R_PKCS12_PBE_CRYPT_ERROR 117
|
|
||||||
# define PKCS12_R_UNKNOWN_DIGEST_ALGORITHM 118
|
|
||||||
# define PKCS12_R_UNSUPPORTED_PKCS12_MODE 119
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#endif
|
|
|
@ -1,150 +0,0 @@
|
||||||
/* crypto/rand/rand.h */
|
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
|
||||||
* All rights reserved.
|
|
||||||
*
|
|
||||||
* This package is an SSL implementation written
|
|
||||||
* by Eric Young (eay@cryptsoft.com).
|
|
||||||
* The implementation was written so as to conform with Netscapes SSL.
|
|
||||||
*
|
|
||||||
* This library is free for commercial and non-commercial use as long as
|
|
||||||
* the following conditions are aheared to. The following conditions
|
|
||||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
||||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
||||||
* included with this distribution is covered by the same copyright terms
|
|
||||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
||||||
* the code are not to be removed.
|
|
||||||
* If this package is used in a product, Eric Young should be given attribution
|
|
||||||
* as the author of the parts of the library used.
|
|
||||||
* This can be in the form of a textual message at program startup or
|
|
||||||
* in documentation (online or textual) provided with the package.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. All advertising materials mentioning features or use of this software
|
|
||||||
* must display the following acknowledgement:
|
|
||||||
* "This product includes cryptographic software written by
|
|
||||||
* Eric Young (eay@cryptsoft.com)"
|
|
||||||
* The word 'cryptographic' can be left out if the rouines from the library
|
|
||||||
* being used are not cryptographic related :-).
|
|
||||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
||||||
* the apps directory (application code) you must include an acknowledgement:
|
|
||||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
||||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
||||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
||||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
* SUCH DAMAGE.
|
|
||||||
*
|
|
||||||
* The licence and distribution terms for any publically available version or
|
|
||||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
||||||
* copied and put under another distribution licence
|
|
||||||
* [including the GNU Public Licence.]
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_RAND_H
|
|
||||||
# define HEADER_RAND_H
|
|
||||||
|
|
||||||
# include <stdlib.h>
|
|
||||||
# include <openssl/ossl_typ.h>
|
|
||||||
# include <openssl/e_os2.h>
|
|
||||||
|
|
||||||
# if defined(OPENSSL_SYS_WINDOWS)
|
|
||||||
# include <windows.h>
|
|
||||||
# endif
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
# if defined(OPENSSL_FIPS)
|
|
||||||
# define FIPS_RAND_SIZE_T size_t
|
|
||||||
# endif
|
|
||||||
|
|
||||||
/* Already defined in ossl_typ.h */
|
|
||||||
/* typedef struct rand_meth_st RAND_METHOD; */
|
|
||||||
|
|
||||||
struct rand_meth_st {
|
|
||||||
void (*seed) (const void *buf, int num);
|
|
||||||
int (*bytes) (unsigned char *buf, int num);
|
|
||||||
void (*cleanup) (void);
|
|
||||||
void (*add) (const void *buf, int num, double entropy);
|
|
||||||
int (*pseudorand) (unsigned char *buf, int num);
|
|
||||||
int (*status) (void);
|
|
||||||
};
|
|
||||||
|
|
||||||
# ifdef BN_DEBUG
|
|
||||||
extern int rand_predictable;
|
|
||||||
# endif
|
|
||||||
|
|
||||||
int RAND_set_rand_method(const RAND_METHOD *meth);
|
|
||||||
const RAND_METHOD *RAND_get_rand_method(void);
|
|
||||||
# ifndef OPENSSL_NO_ENGINE
|
|
||||||
int RAND_set_rand_engine(ENGINE *engine);
|
|
||||||
# endif
|
|
||||||
RAND_METHOD *RAND_SSLeay(void);
|
|
||||||
void RAND_cleanup(void);
|
|
||||||
int RAND_bytes(unsigned char *buf, int num);
|
|
||||||
int RAND_pseudo_bytes(unsigned char *buf, int num);
|
|
||||||
void RAND_seed(const void *buf, int num);
|
|
||||||
void RAND_add(const void *buf, int num, double entropy);
|
|
||||||
int RAND_load_file(const char *file, long max_bytes);
|
|
||||||
int RAND_write_file(const char *file);
|
|
||||||
const char *RAND_file_name(char *file, size_t num);
|
|
||||||
int RAND_status(void);
|
|
||||||
int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes);
|
|
||||||
int RAND_egd(const char *path);
|
|
||||||
int RAND_egd_bytes(const char *path, int bytes);
|
|
||||||
int RAND_poll(void);
|
|
||||||
|
|
||||||
# if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
|
|
||||||
|
|
||||||
void RAND_screen(void);
|
|
||||||
int RAND_event(UINT, WPARAM, LPARAM);
|
|
||||||
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# ifdef OPENSSL_FIPS
|
|
||||||
void RAND_set_fips_drbg_type(int type, int flags);
|
|
||||||
int RAND_init_fips(void);
|
|
||||||
# endif
|
|
||||||
|
|
||||||
/* BEGIN ERROR CODES */
|
|
||||||
/*
|
|
||||||
* The following lines are auto generated by the script mkerr.pl. Any changes
|
|
||||||
* made after this point may be overwritten when the script is next run.
|
|
||||||
*/
|
|
||||||
void ERR_load_RAND_strings(void);
|
|
||||||
|
|
||||||
/* Error codes for the RAND functions. */
|
|
||||||
|
|
||||||
/* Function codes. */
|
|
||||||
# define RAND_F_RAND_GET_RAND_METHOD 101
|
|
||||||
# define RAND_F_RAND_INIT_FIPS 102
|
|
||||||
# define RAND_F_SSLEAY_RAND_BYTES 100
|
|
||||||
|
|
||||||
/* Reason codes. */
|
|
||||||
# define RAND_R_DUAL_EC_DRBG_DISABLED 104
|
|
||||||
# define RAND_R_ERROR_INITIALISING_DRBG 102
|
|
||||||
# define RAND_R_ERROR_INSTANTIATING_DRBG 103
|
|
||||||
# define RAND_R_NO_FIPS_RANDOM_METHOD_SET 101
|
|
||||||
# define RAND_R_PRNG_NOT_SEEDED 100
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#endif
|
|
|
@ -1,103 +0,0 @@
|
||||||
/* crypto/rc2/rc2.h */
|
|
||||||
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
|
|
||||||
* All rights reserved.
|
|
||||||
*
|
|
||||||
* This package is an SSL implementation written
|
|
||||||
* by Eric Young (eay@cryptsoft.com).
|
|
||||||
* The implementation was written so as to conform with Netscapes SSL.
|
|
||||||
*
|
|
||||||
* This library is free for commercial and non-commercial use as long as
|
|
||||||
* the following conditions are aheared to. The following conditions
|
|
||||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
||||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
||||||
* included with this distribution is covered by the same copyright terms
|
|
||||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
||||||
* the code are not to be removed.
|
|
||||||
* If this package is used in a product, Eric Young should be given attribution
|
|
||||||
* as the author of the parts of the library used.
|
|
||||||
* This can be in the form of a textual message at program startup or
|
|
||||||
* in documentation (online or textual) provided with the package.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. All advertising materials mentioning features or use of this software
|
|
||||||
* must display the following acknowledgement:
|
|
||||||
* "This product includes cryptographic software written by
|
|
||||||
* Eric Young (eay@cryptsoft.com)"
|
|
||||||
* The word 'cryptographic' can be left out if the rouines from the library
|
|
||||||
* being used are not cryptographic related :-).
|
|
||||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
||||||
* the apps directory (application code) you must include an acknowledgement:
|
|
||||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
||||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
||||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
||||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
* SUCH DAMAGE.
|
|
||||||
*
|
|
||||||
* The licence and distribution terms for any publically available version or
|
|
||||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
||||||
* copied and put under another distribution licence
|
|
||||||
* [including the GNU Public Licence.]
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_RC2_H
|
|
||||||
# define HEADER_RC2_H
|
|
||||||
|
|
||||||
# include <openssl/opensslconf.h>/* OPENSSL_NO_RC2, RC2_INT */
|
|
||||||
# ifdef OPENSSL_NO_RC2
|
|
||||||
# error RC2 is disabled.
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# define RC2_ENCRYPT 1
|
|
||||||
# define RC2_DECRYPT 0
|
|
||||||
|
|
||||||
# define RC2_BLOCK 8
|
|
||||||
# define RC2_KEY_LENGTH 16
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
typedef struct rc2_key_st {
|
|
||||||
RC2_INT data[64];
|
|
||||||
} RC2_KEY;
|
|
||||||
|
|
||||||
# ifdef OPENSSL_FIPS
|
|
||||||
void private_RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,
|
|
||||||
int bits);
|
|
||||||
# endif
|
|
||||||
void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits);
|
|
||||||
void RC2_ecb_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
RC2_KEY *key, int enc);
|
|
||||||
void RC2_encrypt(unsigned long *data, RC2_KEY *key);
|
|
||||||
void RC2_decrypt(unsigned long *data, RC2_KEY *key);
|
|
||||||
void RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
|
|
||||||
RC2_KEY *ks, unsigned char *iv, int enc);
|
|
||||||
void RC2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
long length, RC2_KEY *schedule, unsigned char *ivec,
|
|
||||||
int *num, int enc);
|
|
||||||
void RC2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
long length, RC2_KEY *schedule, unsigned char *ivec,
|
|
||||||
int *num);
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif
|
|
|
@ -1,88 +0,0 @@
|
||||||
/* crypto/rc4/rc4.h */
|
|
||||||
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
|
|
||||||
* All rights reserved.
|
|
||||||
*
|
|
||||||
* This package is an SSL implementation written
|
|
||||||
* by Eric Young (eay@cryptsoft.com).
|
|
||||||
* The implementation was written so as to conform with Netscapes SSL.
|
|
||||||
*
|
|
||||||
* This library is free for commercial and non-commercial use as long as
|
|
||||||
* the following conditions are aheared to. The following conditions
|
|
||||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
||||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
||||||
* included with this distribution is covered by the same copyright terms
|
|
||||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
||||||
* the code are not to be removed.
|
|
||||||
* If this package is used in a product, Eric Young should be given attribution
|
|
||||||
* as the author of the parts of the library used.
|
|
||||||
* This can be in the form of a textual message at program startup or
|
|
||||||
* in documentation (online or textual) provided with the package.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. All advertising materials mentioning features or use of this software
|
|
||||||
* must display the following acknowledgement:
|
|
||||||
* "This product includes cryptographic software written by
|
|
||||||
* Eric Young (eay@cryptsoft.com)"
|
|
||||||
* The word 'cryptographic' can be left out if the rouines from the library
|
|
||||||
* being used are not cryptographic related :-).
|
|
||||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
||||||
* the apps directory (application code) you must include an acknowledgement:
|
|
||||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
||||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
||||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
||||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
* SUCH DAMAGE.
|
|
||||||
*
|
|
||||||
* The licence and distribution terms for any publically available version or
|
|
||||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
||||||
* copied and put under another distribution licence
|
|
||||||
* [including the GNU Public Licence.]
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_RC4_H
|
|
||||||
# define HEADER_RC4_H
|
|
||||||
|
|
||||||
# include <openssl/opensslconf.h>/* OPENSSL_NO_RC4, RC4_INT */
|
|
||||||
# ifdef OPENSSL_NO_RC4
|
|
||||||
# error RC4 is disabled.
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# include <stddef.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
typedef struct rc4_key_st {
|
|
||||||
RC4_INT x, y;
|
|
||||||
RC4_INT data[256];
|
|
||||||
} RC4_KEY;
|
|
||||||
|
|
||||||
const char *RC4_options(void);
|
|
||||||
void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
|
|
||||||
void private_RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
|
|
||||||
void RC4(RC4_KEY *key, size_t len, const unsigned char *indata,
|
|
||||||
unsigned char *outdata);
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif
|
|
|
@ -1,105 +0,0 @@
|
||||||
/* crypto/ripemd/ripemd.h */
|
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
|
||||||
* All rights reserved.
|
|
||||||
*
|
|
||||||
* This package is an SSL implementation written
|
|
||||||
* by Eric Young (eay@cryptsoft.com).
|
|
||||||
* The implementation was written so as to conform with Netscapes SSL.
|
|
||||||
*
|
|
||||||
* This library is free for commercial and non-commercial use as long as
|
|
||||||
* the following conditions are aheared to. The following conditions
|
|
||||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
||||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
||||||
* included with this distribution is covered by the same copyright terms
|
|
||||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
||||||
* the code are not to be removed.
|
|
||||||
* If this package is used in a product, Eric Young should be given attribution
|
|
||||||
* as the author of the parts of the library used.
|
|
||||||
* This can be in the form of a textual message at program startup or
|
|
||||||
* in documentation (online or textual) provided with the package.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. All advertising materials mentioning features or use of this software
|
|
||||||
* must display the following acknowledgement:
|
|
||||||
* "This product includes cryptographic software written by
|
|
||||||
* Eric Young (eay@cryptsoft.com)"
|
|
||||||
* The word 'cryptographic' can be left out if the rouines from the library
|
|
||||||
* being used are not cryptographic related :-).
|
|
||||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
||||||
* the apps directory (application code) you must include an acknowledgement:
|
|
||||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
||||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
||||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
||||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
* SUCH DAMAGE.
|
|
||||||
*
|
|
||||||
* The licence and distribution terms for any publically available version or
|
|
||||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
||||||
* copied and put under another distribution licence
|
|
||||||
* [including the GNU Public Licence.]
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_RIPEMD_H
|
|
||||||
# define HEADER_RIPEMD_H
|
|
||||||
|
|
||||||
# include <openssl/e_os2.h>
|
|
||||||
# include <stddef.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
# ifdef OPENSSL_NO_RIPEMD
|
|
||||||
# error RIPEMD is disabled.
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# if defined(__LP32__)
|
|
||||||
# define RIPEMD160_LONG unsigned long
|
|
||||||
# elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
|
|
||||||
# define RIPEMD160_LONG unsigned long
|
|
||||||
# define RIPEMD160_LONG_LOG2 3
|
|
||||||
# else
|
|
||||||
# define RIPEMD160_LONG unsigned int
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# define RIPEMD160_CBLOCK 64
|
|
||||||
# define RIPEMD160_LBLOCK (RIPEMD160_CBLOCK/4)
|
|
||||||
# define RIPEMD160_DIGEST_LENGTH 20
|
|
||||||
|
|
||||||
typedef struct RIPEMD160state_st {
|
|
||||||
RIPEMD160_LONG A, B, C, D, E;
|
|
||||||
RIPEMD160_LONG Nl, Nh;
|
|
||||||
RIPEMD160_LONG data[RIPEMD160_LBLOCK];
|
|
||||||
unsigned int num;
|
|
||||||
} RIPEMD160_CTX;
|
|
||||||
|
|
||||||
# ifdef OPENSSL_FIPS
|
|
||||||
int private_RIPEMD160_Init(RIPEMD160_CTX *c);
|
|
||||||
# endif
|
|
||||||
int RIPEMD160_Init(RIPEMD160_CTX *c);
|
|
||||||
int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, size_t len);
|
|
||||||
int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c);
|
|
||||||
unsigned char *RIPEMD160(const unsigned char *d, size_t n, unsigned char *md);
|
|
||||||
void RIPEMD160_Transform(RIPEMD160_CTX *c, const unsigned char *b);
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif
|
|
|
@ -1,149 +0,0 @@
|
||||||
/*
|
|
||||||
* Copyright (c) 2007 KISA(Korea Information Security Agency). All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Neither the name of author nor the names of its contributors may
|
|
||||||
* be used to endorse or promote products derived from this software
|
|
||||||
* without specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
|
||||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
||||||
* ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
||||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
* SUCH DAMAGE.
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
*
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
*
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in
|
|
||||||
* the documentation and/or other materials provided with the
|
|
||||||
* distribution.
|
|
||||||
*
|
|
||||||
* 3. All advertising materials mentioning features or use of this
|
|
||||||
* software must display the following acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
|
||||||
*
|
|
||||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* prior written permission. For written permission, please contact
|
|
||||||
* openssl-core@openssl.org.
|
|
||||||
*
|
|
||||||
* 5. Products derived from this software may not be called "OpenSSL"
|
|
||||||
* nor may "OpenSSL" appear in their names without prior written
|
|
||||||
* permission of the OpenSSL Project.
|
|
||||||
*
|
|
||||||
* 6. Redistributions of any form whatsoever must retain the following
|
|
||||||
* acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
||||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
||||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
||||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
||||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
||||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
||||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
||||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
||||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
* ====================================================================
|
|
||||||
*
|
|
||||||
* This product includes cryptographic software written by Eric Young
|
|
||||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
|
||||||
* Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_SEED_H
|
|
||||||
# define HEADER_SEED_H
|
|
||||||
|
|
||||||
# include <openssl/opensslconf.h>
|
|
||||||
# include <openssl/e_os2.h>
|
|
||||||
# include <openssl/crypto.h>
|
|
||||||
|
|
||||||
# ifdef OPENSSL_NO_SEED
|
|
||||||
# error SEED is disabled.
|
|
||||||
# endif
|
|
||||||
|
|
||||||
/* look whether we need 'long' to get 32 bits */
|
|
||||||
# ifdef AES_LONG
|
|
||||||
# ifndef SEED_LONG
|
|
||||||
# define SEED_LONG 1
|
|
||||||
# endif
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# if !defined(NO_SYS_TYPES_H)
|
|
||||||
# include <sys/types.h>
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# define SEED_BLOCK_SIZE 16
|
|
||||||
# define SEED_KEY_LENGTH 16
|
|
||||||
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
typedef struct seed_key_st {
|
|
||||||
# ifdef SEED_LONG
|
|
||||||
unsigned long data[32];
|
|
||||||
# else
|
|
||||||
unsigned int data[32];
|
|
||||||
# endif
|
|
||||||
} SEED_KEY_SCHEDULE;
|
|
||||||
|
|
||||||
# ifdef OPENSSL_FIPS
|
|
||||||
void private_SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH],
|
|
||||||
SEED_KEY_SCHEDULE *ks);
|
|
||||||
# endif
|
|
||||||
void SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH],
|
|
||||||
SEED_KEY_SCHEDULE *ks);
|
|
||||||
|
|
||||||
void SEED_encrypt(const unsigned char s[SEED_BLOCK_SIZE],
|
|
||||||
unsigned char d[SEED_BLOCK_SIZE],
|
|
||||||
const SEED_KEY_SCHEDULE *ks);
|
|
||||||
void SEED_decrypt(const unsigned char s[SEED_BLOCK_SIZE],
|
|
||||||
unsigned char d[SEED_BLOCK_SIZE],
|
|
||||||
const SEED_KEY_SCHEDULE *ks);
|
|
||||||
|
|
||||||
void SEED_ecb_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
const SEED_KEY_SCHEDULE *ks, int enc);
|
|
||||||
void SEED_cbc_encrypt(const unsigned char *in, unsigned char *out, size_t len,
|
|
||||||
const SEED_KEY_SCHEDULE *ks,
|
|
||||||
unsigned char ivec[SEED_BLOCK_SIZE], int enc);
|
|
||||||
void SEED_cfb128_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t len, const SEED_KEY_SCHEDULE *ks,
|
|
||||||
unsigned char ivec[SEED_BLOCK_SIZE], int *num,
|
|
||||||
int enc);
|
|
||||||
void SEED_ofb128_encrypt(const unsigned char *in, unsigned char *out,
|
|
||||||
size_t len, const SEED_KEY_SCHEDULE *ks,
|
|
||||||
unsigned char ivec[SEED_BLOCK_SIZE], int *num);
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif /* HEADER_SEED_H */
|
|
|
@ -1,169 +0,0 @@
|
||||||
/* crypto/srp/srp.h */
|
|
||||||
/*
|
|
||||||
* Written by Christophe Renou (christophe.renou@edelweb.fr) with the
|
|
||||||
* precious help of Peter Sylvester (peter.sylvester@edelweb.fr) for the
|
|
||||||
* EdelKey project and contributed to the OpenSSL project 2004.
|
|
||||||
*/
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 2004 The OpenSSL Project. All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
*
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
*
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in
|
|
||||||
* the documentation and/or other materials provided with the
|
|
||||||
* distribution.
|
|
||||||
*
|
|
||||||
* 3. All advertising materials mentioning features or use of this
|
|
||||||
* software must display the following acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
|
||||||
*
|
|
||||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* prior written permission. For written permission, please contact
|
|
||||||
* licensing@OpenSSL.org.
|
|
||||||
*
|
|
||||||
* 5. Products derived from this software may not be called "OpenSSL"
|
|
||||||
* nor may "OpenSSL" appear in their names without prior written
|
|
||||||
* permission of the OpenSSL Project.
|
|
||||||
*
|
|
||||||
* 6. Redistributions of any form whatsoever must retain the following
|
|
||||||
* acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
||||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
||||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
||||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
||||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
||||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
||||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
||||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
||||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
* ====================================================================
|
|
||||||
*
|
|
||||||
* This product includes cryptographic software written by Eric Young
|
|
||||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
|
||||||
* Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
#ifndef __SRP_H__
|
|
||||||
# define __SRP_H__
|
|
||||||
|
|
||||||
# ifndef OPENSSL_NO_SRP
|
|
||||||
|
|
||||||
# include <stdio.h>
|
|
||||||
# include <string.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
# include <openssl/safestack.h>
|
|
||||||
# include <openssl/bn.h>
|
|
||||||
# include <openssl/crypto.h>
|
|
||||||
|
|
||||||
typedef struct SRP_gN_cache_st {
|
|
||||||
char *b64_bn;
|
|
||||||
BIGNUM *bn;
|
|
||||||
} SRP_gN_cache;
|
|
||||||
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(SRP_gN_cache)
|
|
||||||
|
|
||||||
typedef struct SRP_user_pwd_st {
|
|
||||||
char *id;
|
|
||||||
BIGNUM *s;
|
|
||||||
BIGNUM *v;
|
|
||||||
const BIGNUM *g;
|
|
||||||
const BIGNUM *N;
|
|
||||||
char *info;
|
|
||||||
} SRP_user_pwd;
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(SRP_user_pwd)
|
|
||||||
|
|
||||||
typedef struct SRP_VBASE_st {
|
|
||||||
STACK_OF(SRP_user_pwd) *users_pwd;
|
|
||||||
STACK_OF(SRP_gN_cache) *gN_cache;
|
|
||||||
/* to simulate a user */
|
|
||||||
char *seed_key;
|
|
||||||
BIGNUM *default_g;
|
|
||||||
BIGNUM *default_N;
|
|
||||||
} SRP_VBASE;
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Structure interne pour retenir les couples N et g
|
|
||||||
*/
|
|
||||||
typedef struct SRP_gN_st {
|
|
||||||
char *id;
|
|
||||||
BIGNUM *g;
|
|
||||||
BIGNUM *N;
|
|
||||||
} SRP_gN;
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(SRP_gN)
|
|
||||||
|
|
||||||
SRP_VBASE *SRP_VBASE_new(char *seed_key);
|
|
||||||
int SRP_VBASE_free(SRP_VBASE *vb);
|
|
||||||
int SRP_VBASE_init(SRP_VBASE *vb, char *verifier_file);
|
|
||||||
SRP_user_pwd *SRP_VBASE_get_by_user(SRP_VBASE *vb, char *username);
|
|
||||||
char *SRP_create_verifier(const char *user, const char *pass, char **salt,
|
|
||||||
char **verifier, const char *N, const char *g);
|
|
||||||
int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt,
|
|
||||||
BIGNUM **verifier, BIGNUM *N, BIGNUM *g);
|
|
||||||
|
|
||||||
# define SRP_NO_ERROR 0
|
|
||||||
# define SRP_ERR_VBASE_INCOMPLETE_FILE 1
|
|
||||||
# define SRP_ERR_VBASE_BN_LIB 2
|
|
||||||
# define SRP_ERR_OPEN_FILE 3
|
|
||||||
# define SRP_ERR_MEMORY 4
|
|
||||||
|
|
||||||
# define DB_srptype 0
|
|
||||||
# define DB_srpverifier 1
|
|
||||||
# define DB_srpsalt 2
|
|
||||||
# define DB_srpid 3
|
|
||||||
# define DB_srpgN 4
|
|
||||||
# define DB_srpinfo 5
|
|
||||||
# undef DB_NUMBER
|
|
||||||
# define DB_NUMBER 6
|
|
||||||
|
|
||||||
# define DB_SRP_INDEX 'I'
|
|
||||||
# define DB_SRP_VALID 'V'
|
|
||||||
# define DB_SRP_REVOKED 'R'
|
|
||||||
# define DB_SRP_MODIF 'v'
|
|
||||||
|
|
||||||
/* see srp.c */
|
|
||||||
char *SRP_check_known_gN_param(BIGNUM *g, BIGNUM *N);
|
|
||||||
SRP_gN *SRP_get_default_gN(const char *id);
|
|
||||||
|
|
||||||
/* server side .... */
|
|
||||||
BIGNUM *SRP_Calc_server_key(BIGNUM *A, BIGNUM *v, BIGNUM *u, BIGNUM *b,
|
|
||||||
BIGNUM *N);
|
|
||||||
BIGNUM *SRP_Calc_B(BIGNUM *b, BIGNUM *N, BIGNUM *g, BIGNUM *v);
|
|
||||||
int SRP_Verify_A_mod_N(BIGNUM *A, BIGNUM *N);
|
|
||||||
BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N);
|
|
||||||
|
|
||||||
/* client side .... */
|
|
||||||
BIGNUM *SRP_Calc_x(BIGNUM *s, const char *user, const char *pass);
|
|
||||||
BIGNUM *SRP_Calc_A(BIGNUM *a, BIGNUM *N, BIGNUM *g);
|
|
||||||
BIGNUM *SRP_Calc_client_key(BIGNUM *N, BIGNUM *B, BIGNUM *g, BIGNUM *x,
|
|
||||||
BIGNUM *a, BIGNUM *u);
|
|
||||||
int SRP_Verify_B_mod_N(BIGNUM *B, BIGNUM *N);
|
|
||||||
|
|
||||||
# define SRP_MINIMAL_N 1024
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
# endif
|
|
||||||
#endif
|
|
|
@ -1,862 +0,0 @@
|
||||||
/* crypto/ts/ts.h */
|
|
||||||
/*
|
|
||||||
* Written by Zoltan Glozik (zglozik@opentsa.org) for the OpenSSL project
|
|
||||||
* 2002, 2003, 2004.
|
|
||||||
*/
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
*
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
*
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in
|
|
||||||
* the documentation and/or other materials provided with the
|
|
||||||
* distribution.
|
|
||||||
*
|
|
||||||
* 3. All advertising materials mentioning features or use of this
|
|
||||||
* software must display the following acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
|
||||||
*
|
|
||||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* prior written permission. For written permission, please contact
|
|
||||||
* licensing@OpenSSL.org.
|
|
||||||
*
|
|
||||||
* 5. Products derived from this software may not be called "OpenSSL"
|
|
||||||
* nor may "OpenSSL" appear in their names without prior written
|
|
||||||
* permission of the OpenSSL Project.
|
|
||||||
*
|
|
||||||
* 6. Redistributions of any form whatsoever must retain the following
|
|
||||||
* acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
||||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
||||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
||||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
||||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
||||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
||||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
||||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
||||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
* ====================================================================
|
|
||||||
*
|
|
||||||
* This product includes cryptographic software written by Eric Young
|
|
||||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
|
||||||
* Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_TS_H
|
|
||||||
# define HEADER_TS_H
|
|
||||||
|
|
||||||
# include <openssl/opensslconf.h>
|
|
||||||
# include <openssl/symhacks.h>
|
|
||||||
# ifndef OPENSSL_NO_BUFFER
|
|
||||||
# include <openssl/buffer.h>
|
|
||||||
# endif
|
|
||||||
# ifndef OPENSSL_NO_EVP
|
|
||||||
# include <openssl/evp.h>
|
|
||||||
# endif
|
|
||||||
# ifndef OPENSSL_NO_BIO
|
|
||||||
# include <openssl/bio.h>
|
|
||||||
# endif
|
|
||||||
# include <openssl/stack.h>
|
|
||||||
# include <openssl/asn1.h>
|
|
||||||
# include <openssl/safestack.h>
|
|
||||||
|
|
||||||
# ifndef OPENSSL_NO_RSA
|
|
||||||
# include <openssl/rsa.h>
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# ifndef OPENSSL_NO_DSA
|
|
||||||
# include <openssl/dsa.h>
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# ifndef OPENSSL_NO_DH
|
|
||||||
# include <openssl/dh.h>
|
|
||||||
# endif
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
# ifdef WIN32
|
|
||||||
/* Under Win32 this is defined in wincrypt.h */
|
|
||||||
# undef X509_NAME
|
|
||||||
# endif
|
|
||||||
|
|
||||||
# include <openssl/x509.h>
|
|
||||||
# include <openssl/x509v3.h>
|
|
||||||
|
|
||||||
/*-
|
|
||||||
MessageImprint ::= SEQUENCE {
|
|
||||||
hashAlgorithm AlgorithmIdentifier,
|
|
||||||
hashedMessage OCTET STRING }
|
|
||||||
*/
|
|
||||||
|
|
||||||
typedef struct TS_msg_imprint_st {
|
|
||||||
X509_ALGOR *hash_algo;
|
|
||||||
ASN1_OCTET_STRING *hashed_msg;
|
|
||||||
} TS_MSG_IMPRINT;
|
|
||||||
|
|
||||||
/*-
|
|
||||||
TimeStampReq ::= SEQUENCE {
|
|
||||||
version INTEGER { v1(1) },
|
|
||||||
messageImprint MessageImprint,
|
|
||||||
--a hash algorithm OID and the hash value of the data to be
|
|
||||||
--time-stamped
|
|
||||||
reqPolicy TSAPolicyId OPTIONAL,
|
|
||||||
nonce INTEGER OPTIONAL,
|
|
||||||
certReq BOOLEAN DEFAULT FALSE,
|
|
||||||
extensions [0] IMPLICIT Extensions OPTIONAL }
|
|
||||||
*/
|
|
||||||
|
|
||||||
typedef struct TS_req_st {
|
|
||||||
ASN1_INTEGER *version;
|
|
||||||
TS_MSG_IMPRINT *msg_imprint;
|
|
||||||
ASN1_OBJECT *policy_id; /* OPTIONAL */
|
|
||||||
ASN1_INTEGER *nonce; /* OPTIONAL */
|
|
||||||
ASN1_BOOLEAN cert_req; /* DEFAULT FALSE */
|
|
||||||
STACK_OF(X509_EXTENSION) *extensions; /* [0] OPTIONAL */
|
|
||||||
} TS_REQ;
|
|
||||||
|
|
||||||
/*-
|
|
||||||
Accuracy ::= SEQUENCE {
|
|
||||||
seconds INTEGER OPTIONAL,
|
|
||||||
millis [0] INTEGER (1..999) OPTIONAL,
|
|
||||||
micros [1] INTEGER (1..999) OPTIONAL }
|
|
||||||
*/
|
|
||||||
|
|
||||||
typedef struct TS_accuracy_st {
|
|
||||||
ASN1_INTEGER *seconds;
|
|
||||||
ASN1_INTEGER *millis;
|
|
||||||
ASN1_INTEGER *micros;
|
|
||||||
} TS_ACCURACY;
|
|
||||||
|
|
||||||
/*-
|
|
||||||
TSTInfo ::= SEQUENCE {
|
|
||||||
version INTEGER { v1(1) },
|
|
||||||
policy TSAPolicyId,
|
|
||||||
messageImprint MessageImprint,
|
|
||||||
-- MUST have the same value as the similar field in
|
|
||||||
-- TimeStampReq
|
|
||||||
serialNumber INTEGER,
|
|
||||||
-- Time-Stamping users MUST be ready to accommodate integers
|
|
||||||
-- up to 160 bits.
|
|
||||||
genTime GeneralizedTime,
|
|
||||||
accuracy Accuracy OPTIONAL,
|
|
||||||
ordering BOOLEAN DEFAULT FALSE,
|
|
||||||
nonce INTEGER OPTIONAL,
|
|
||||||
-- MUST be present if the similar field was present
|
|
||||||
-- in TimeStampReq. In that case it MUST have the same value.
|
|
||||||
tsa [0] GeneralName OPTIONAL,
|
|
||||||
extensions [1] IMPLICIT Extensions OPTIONAL }
|
|
||||||
*/
|
|
||||||
|
|
||||||
typedef struct TS_tst_info_st {
|
|
||||||
ASN1_INTEGER *version;
|
|
||||||
ASN1_OBJECT *policy_id;
|
|
||||||
TS_MSG_IMPRINT *msg_imprint;
|
|
||||||
ASN1_INTEGER *serial;
|
|
||||||
ASN1_GENERALIZEDTIME *time;
|
|
||||||
TS_ACCURACY *accuracy;
|
|
||||||
ASN1_BOOLEAN ordering;
|
|
||||||
ASN1_INTEGER *nonce;
|
|
||||||
GENERAL_NAME *tsa;
|
|
||||||
STACK_OF(X509_EXTENSION) *extensions;
|
|
||||||
} TS_TST_INFO;
|
|
||||||
|
|
||||||
/*-
|
|
||||||
PKIStatusInfo ::= SEQUENCE {
|
|
||||||
status PKIStatus,
|
|
||||||
statusString PKIFreeText OPTIONAL,
|
|
||||||
failInfo PKIFailureInfo OPTIONAL }
|
|
||||||
|
|
||||||
From RFC 1510 - section 3.1.1:
|
|
||||||
PKIFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String
|
|
||||||
-- text encoded as UTF-8 String (note: each UTF8String SHOULD
|
|
||||||
-- include an RFC 1766 language tag to indicate the language
|
|
||||||
-- of the contained text)
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* Possible values for status. See ts_resp_print.c && ts_resp_verify.c. */
|
|
||||||
|
|
||||||
# define TS_STATUS_GRANTED 0
|
|
||||||
# define TS_STATUS_GRANTED_WITH_MODS 1
|
|
||||||
# define TS_STATUS_REJECTION 2
|
|
||||||
# define TS_STATUS_WAITING 3
|
|
||||||
# define TS_STATUS_REVOCATION_WARNING 4
|
|
||||||
# define TS_STATUS_REVOCATION_NOTIFICATION 5
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Possible values for failure_info. See ts_resp_print.c && ts_resp_verify.c
|
|
||||||
*/
|
|
||||||
|
|
||||||
# define TS_INFO_BAD_ALG 0
|
|
||||||
# define TS_INFO_BAD_REQUEST 2
|
|
||||||
# define TS_INFO_BAD_DATA_FORMAT 5
|
|
||||||
# define TS_INFO_TIME_NOT_AVAILABLE 14
|
|
||||||
# define TS_INFO_UNACCEPTED_POLICY 15
|
|
||||||
# define TS_INFO_UNACCEPTED_EXTENSION 16
|
|
||||||
# define TS_INFO_ADD_INFO_NOT_AVAILABLE 17
|
|
||||||
# define TS_INFO_SYSTEM_FAILURE 25
|
|
||||||
|
|
||||||
typedef struct TS_status_info_st {
|
|
||||||
ASN1_INTEGER *status;
|
|
||||||
STACK_OF(ASN1_UTF8STRING) *text;
|
|
||||||
ASN1_BIT_STRING *failure_info;
|
|
||||||
} TS_STATUS_INFO;
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(ASN1_UTF8STRING)
|
|
||||||
DECLARE_ASN1_SET_OF(ASN1_UTF8STRING)
|
|
||||||
|
|
||||||
/*-
|
|
||||||
TimeStampResp ::= SEQUENCE {
|
|
||||||
status PKIStatusInfo,
|
|
||||||
timeStampToken TimeStampToken OPTIONAL }
|
|
||||||
*/
|
|
||||||
|
|
||||||
typedef struct TS_resp_st {
|
|
||||||
TS_STATUS_INFO *status_info;
|
|
||||||
PKCS7 *token;
|
|
||||||
TS_TST_INFO *tst_info;
|
|
||||||
} TS_RESP;
|
|
||||||
|
|
||||||
/* The structure below would belong to the ESS component. */
|
|
||||||
|
|
||||||
/*-
|
|
||||||
IssuerSerial ::= SEQUENCE {
|
|
||||||
issuer GeneralNames,
|
|
||||||
serialNumber CertificateSerialNumber
|
|
||||||
}
|
|
||||||
*/
|
|
||||||
|
|
||||||
typedef struct ESS_issuer_serial {
|
|
||||||
STACK_OF(GENERAL_NAME) *issuer;
|
|
||||||
ASN1_INTEGER *serial;
|
|
||||||
} ESS_ISSUER_SERIAL;
|
|
||||||
|
|
||||||
/*-
|
|
||||||
ESSCertID ::= SEQUENCE {
|
|
||||||
certHash Hash,
|
|
||||||
issuerSerial IssuerSerial OPTIONAL
|
|
||||||
}
|
|
||||||
*/
|
|
||||||
|
|
||||||
typedef struct ESS_cert_id {
|
|
||||||
ASN1_OCTET_STRING *hash; /* Always SHA-1 digest. */
|
|
||||||
ESS_ISSUER_SERIAL *issuer_serial;
|
|
||||||
} ESS_CERT_ID;
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(ESS_CERT_ID)
|
|
||||||
DECLARE_ASN1_SET_OF(ESS_CERT_ID)
|
|
||||||
|
|
||||||
/*-
|
|
||||||
SigningCertificate ::= SEQUENCE {
|
|
||||||
certs SEQUENCE OF ESSCertID,
|
|
||||||
policies SEQUENCE OF PolicyInformation OPTIONAL
|
|
||||||
}
|
|
||||||
*/
|
|
||||||
|
|
||||||
typedef struct ESS_signing_cert {
|
|
||||||
STACK_OF(ESS_CERT_ID) *cert_ids;
|
|
||||||
STACK_OF(POLICYINFO) *policy_info;
|
|
||||||
} ESS_SIGNING_CERT;
|
|
||||||
|
|
||||||
TS_REQ *TS_REQ_new(void);
|
|
||||||
void TS_REQ_free(TS_REQ *a);
|
|
||||||
int i2d_TS_REQ(const TS_REQ *a, unsigned char **pp);
|
|
||||||
TS_REQ *d2i_TS_REQ(TS_REQ **a, const unsigned char **pp, long length);
|
|
||||||
|
|
||||||
TS_REQ *TS_REQ_dup(TS_REQ *a);
|
|
||||||
|
|
||||||
TS_REQ *d2i_TS_REQ_fp(FILE *fp, TS_REQ **a);
|
|
||||||
int i2d_TS_REQ_fp(FILE *fp, TS_REQ *a);
|
|
||||||
TS_REQ *d2i_TS_REQ_bio(BIO *fp, TS_REQ **a);
|
|
||||||
int i2d_TS_REQ_bio(BIO *fp, TS_REQ *a);
|
|
||||||
|
|
||||||
TS_MSG_IMPRINT *TS_MSG_IMPRINT_new(void);
|
|
||||||
void TS_MSG_IMPRINT_free(TS_MSG_IMPRINT *a);
|
|
||||||
int i2d_TS_MSG_IMPRINT(const TS_MSG_IMPRINT *a, unsigned char **pp);
|
|
||||||
TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT(TS_MSG_IMPRINT **a,
|
|
||||||
const unsigned char **pp, long length);
|
|
||||||
|
|
||||||
TS_MSG_IMPRINT *TS_MSG_IMPRINT_dup(TS_MSG_IMPRINT *a);
|
|
||||||
|
|
||||||
TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT **a);
|
|
||||||
int i2d_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT *a);
|
|
||||||
TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_bio(BIO *fp, TS_MSG_IMPRINT **a);
|
|
||||||
int i2d_TS_MSG_IMPRINT_bio(BIO *fp, TS_MSG_IMPRINT *a);
|
|
||||||
|
|
||||||
TS_RESP *TS_RESP_new(void);
|
|
||||||
void TS_RESP_free(TS_RESP *a);
|
|
||||||
int i2d_TS_RESP(const TS_RESP *a, unsigned char **pp);
|
|
||||||
TS_RESP *d2i_TS_RESP(TS_RESP **a, const unsigned char **pp, long length);
|
|
||||||
TS_TST_INFO *PKCS7_to_TS_TST_INFO(PKCS7 *token);
|
|
||||||
TS_RESP *TS_RESP_dup(TS_RESP *a);
|
|
||||||
|
|
||||||
TS_RESP *d2i_TS_RESP_fp(FILE *fp, TS_RESP **a);
|
|
||||||
int i2d_TS_RESP_fp(FILE *fp, TS_RESP *a);
|
|
||||||
TS_RESP *d2i_TS_RESP_bio(BIO *fp, TS_RESP **a);
|
|
||||||
int i2d_TS_RESP_bio(BIO *fp, TS_RESP *a);
|
|
||||||
|
|
||||||
TS_STATUS_INFO *TS_STATUS_INFO_new(void);
|
|
||||||
void TS_STATUS_INFO_free(TS_STATUS_INFO *a);
|
|
||||||
int i2d_TS_STATUS_INFO(const TS_STATUS_INFO *a, unsigned char **pp);
|
|
||||||
TS_STATUS_INFO *d2i_TS_STATUS_INFO(TS_STATUS_INFO **a,
|
|
||||||
const unsigned char **pp, long length);
|
|
||||||
TS_STATUS_INFO *TS_STATUS_INFO_dup(TS_STATUS_INFO *a);
|
|
||||||
|
|
||||||
TS_TST_INFO *TS_TST_INFO_new(void);
|
|
||||||
void TS_TST_INFO_free(TS_TST_INFO *a);
|
|
||||||
int i2d_TS_TST_INFO(const TS_TST_INFO *a, unsigned char **pp);
|
|
||||||
TS_TST_INFO *d2i_TS_TST_INFO(TS_TST_INFO **a, const unsigned char **pp,
|
|
||||||
long length);
|
|
||||||
TS_TST_INFO *TS_TST_INFO_dup(TS_TST_INFO *a);
|
|
||||||
|
|
||||||
TS_TST_INFO *d2i_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO **a);
|
|
||||||
int i2d_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO *a);
|
|
||||||
TS_TST_INFO *d2i_TS_TST_INFO_bio(BIO *fp, TS_TST_INFO **a);
|
|
||||||
int i2d_TS_TST_INFO_bio(BIO *fp, TS_TST_INFO *a);
|
|
||||||
|
|
||||||
TS_ACCURACY *TS_ACCURACY_new(void);
|
|
||||||
void TS_ACCURACY_free(TS_ACCURACY *a);
|
|
||||||
int i2d_TS_ACCURACY(const TS_ACCURACY *a, unsigned char **pp);
|
|
||||||
TS_ACCURACY *d2i_TS_ACCURACY(TS_ACCURACY **a, const unsigned char **pp,
|
|
||||||
long length);
|
|
||||||
TS_ACCURACY *TS_ACCURACY_dup(TS_ACCURACY *a);
|
|
||||||
|
|
||||||
ESS_ISSUER_SERIAL *ESS_ISSUER_SERIAL_new(void);
|
|
||||||
void ESS_ISSUER_SERIAL_free(ESS_ISSUER_SERIAL *a);
|
|
||||||
int i2d_ESS_ISSUER_SERIAL(const ESS_ISSUER_SERIAL *a, unsigned char **pp);
|
|
||||||
ESS_ISSUER_SERIAL *d2i_ESS_ISSUER_SERIAL(ESS_ISSUER_SERIAL **a,
|
|
||||||
const unsigned char **pp,
|
|
||||||
long length);
|
|
||||||
ESS_ISSUER_SERIAL *ESS_ISSUER_SERIAL_dup(ESS_ISSUER_SERIAL *a);
|
|
||||||
|
|
||||||
ESS_CERT_ID *ESS_CERT_ID_new(void);
|
|
||||||
void ESS_CERT_ID_free(ESS_CERT_ID *a);
|
|
||||||
int i2d_ESS_CERT_ID(const ESS_CERT_ID *a, unsigned char **pp);
|
|
||||||
ESS_CERT_ID *d2i_ESS_CERT_ID(ESS_CERT_ID **a, const unsigned char **pp,
|
|
||||||
long length);
|
|
||||||
ESS_CERT_ID *ESS_CERT_ID_dup(ESS_CERT_ID *a);
|
|
||||||
|
|
||||||
ESS_SIGNING_CERT *ESS_SIGNING_CERT_new(void);
|
|
||||||
void ESS_SIGNING_CERT_free(ESS_SIGNING_CERT *a);
|
|
||||||
int i2d_ESS_SIGNING_CERT(const ESS_SIGNING_CERT *a, unsigned char **pp);
|
|
||||||
ESS_SIGNING_CERT *d2i_ESS_SIGNING_CERT(ESS_SIGNING_CERT **a,
|
|
||||||
const unsigned char **pp, long length);
|
|
||||||
ESS_SIGNING_CERT *ESS_SIGNING_CERT_dup(ESS_SIGNING_CERT *a);
|
|
||||||
|
|
||||||
void ERR_load_TS_strings(void);
|
|
||||||
|
|
||||||
int TS_REQ_set_version(TS_REQ *a, long version);
|
|
||||||
long TS_REQ_get_version(const TS_REQ *a);
|
|
||||||
|
|
||||||
int TS_REQ_set_msg_imprint(TS_REQ *a, TS_MSG_IMPRINT *msg_imprint);
|
|
||||||
TS_MSG_IMPRINT *TS_REQ_get_msg_imprint(TS_REQ *a);
|
|
||||||
|
|
||||||
int TS_MSG_IMPRINT_set_algo(TS_MSG_IMPRINT *a, X509_ALGOR *alg);
|
|
||||||
X509_ALGOR *TS_MSG_IMPRINT_get_algo(TS_MSG_IMPRINT *a);
|
|
||||||
|
|
||||||
int TS_MSG_IMPRINT_set_msg(TS_MSG_IMPRINT *a, unsigned char *d, int len);
|
|
||||||
ASN1_OCTET_STRING *TS_MSG_IMPRINT_get_msg(TS_MSG_IMPRINT *a);
|
|
||||||
|
|
||||||
int TS_REQ_set_policy_id(TS_REQ *a, ASN1_OBJECT *policy);
|
|
||||||
ASN1_OBJECT *TS_REQ_get_policy_id(TS_REQ *a);
|
|
||||||
|
|
||||||
int TS_REQ_set_nonce(TS_REQ *a, const ASN1_INTEGER *nonce);
|
|
||||||
const ASN1_INTEGER *TS_REQ_get_nonce(const TS_REQ *a);
|
|
||||||
|
|
||||||
int TS_REQ_set_cert_req(TS_REQ *a, int cert_req);
|
|
||||||
int TS_REQ_get_cert_req(const TS_REQ *a);
|
|
||||||
|
|
||||||
STACK_OF(X509_EXTENSION) *TS_REQ_get_exts(TS_REQ *a);
|
|
||||||
void TS_REQ_ext_free(TS_REQ *a);
|
|
||||||
int TS_REQ_get_ext_count(TS_REQ *a);
|
|
||||||
int TS_REQ_get_ext_by_NID(TS_REQ *a, int nid, int lastpos);
|
|
||||||
int TS_REQ_get_ext_by_OBJ(TS_REQ *a, ASN1_OBJECT *obj, int lastpos);
|
|
||||||
int TS_REQ_get_ext_by_critical(TS_REQ *a, int crit, int lastpos);
|
|
||||||
X509_EXTENSION *TS_REQ_get_ext(TS_REQ *a, int loc);
|
|
||||||
X509_EXTENSION *TS_REQ_delete_ext(TS_REQ *a, int loc);
|
|
||||||
int TS_REQ_add_ext(TS_REQ *a, X509_EXTENSION *ex, int loc);
|
|
||||||
void *TS_REQ_get_ext_d2i(TS_REQ *a, int nid, int *crit, int *idx);
|
|
||||||
|
|
||||||
/* Function declarations for TS_REQ defined in ts/ts_req_print.c */
|
|
||||||
|
|
||||||
int TS_REQ_print_bio(BIO *bio, TS_REQ *a);
|
|
||||||
|
|
||||||
/* Function declarations for TS_RESP defined in ts/ts_resp_utils.c */
|
|
||||||
|
|
||||||
int TS_RESP_set_status_info(TS_RESP *a, TS_STATUS_INFO *info);
|
|
||||||
TS_STATUS_INFO *TS_RESP_get_status_info(TS_RESP *a);
|
|
||||||
|
|
||||||
/* Caller loses ownership of PKCS7 and TS_TST_INFO objects. */
|
|
||||||
void TS_RESP_set_tst_info(TS_RESP *a, PKCS7 *p7, TS_TST_INFO *tst_info);
|
|
||||||
PKCS7 *TS_RESP_get_token(TS_RESP *a);
|
|
||||||
TS_TST_INFO *TS_RESP_get_tst_info(TS_RESP *a);
|
|
||||||
|
|
||||||
int TS_TST_INFO_set_version(TS_TST_INFO *a, long version);
|
|
||||||
long TS_TST_INFO_get_version(const TS_TST_INFO *a);
|
|
||||||
|
|
||||||
int TS_TST_INFO_set_policy_id(TS_TST_INFO *a, ASN1_OBJECT *policy_id);
|
|
||||||
ASN1_OBJECT *TS_TST_INFO_get_policy_id(TS_TST_INFO *a);
|
|
||||||
|
|
||||||
int TS_TST_INFO_set_msg_imprint(TS_TST_INFO *a, TS_MSG_IMPRINT *msg_imprint);
|
|
||||||
TS_MSG_IMPRINT *TS_TST_INFO_get_msg_imprint(TS_TST_INFO *a);
|
|
||||||
|
|
||||||
int TS_TST_INFO_set_serial(TS_TST_INFO *a, const ASN1_INTEGER *serial);
|
|
||||||
const ASN1_INTEGER *TS_TST_INFO_get_serial(const TS_TST_INFO *a);
|
|
||||||
|
|
||||||
int TS_TST_INFO_set_time(TS_TST_INFO *a, const ASN1_GENERALIZEDTIME *gtime);
|
|
||||||
const ASN1_GENERALIZEDTIME *TS_TST_INFO_get_time(const TS_TST_INFO *a);
|
|
||||||
|
|
||||||
int TS_TST_INFO_set_accuracy(TS_TST_INFO *a, TS_ACCURACY *accuracy);
|
|
||||||
TS_ACCURACY *TS_TST_INFO_get_accuracy(TS_TST_INFO *a);
|
|
||||||
|
|
||||||
int TS_ACCURACY_set_seconds(TS_ACCURACY *a, const ASN1_INTEGER *seconds);
|
|
||||||
const ASN1_INTEGER *TS_ACCURACY_get_seconds(const TS_ACCURACY *a);
|
|
||||||
|
|
||||||
int TS_ACCURACY_set_millis(TS_ACCURACY *a, const ASN1_INTEGER *millis);
|
|
||||||
const ASN1_INTEGER *TS_ACCURACY_get_millis(const TS_ACCURACY *a);
|
|
||||||
|
|
||||||
int TS_ACCURACY_set_micros(TS_ACCURACY *a, const ASN1_INTEGER *micros);
|
|
||||||
const ASN1_INTEGER *TS_ACCURACY_get_micros(const TS_ACCURACY *a);
|
|
||||||
|
|
||||||
int TS_TST_INFO_set_ordering(TS_TST_INFO *a, int ordering);
|
|
||||||
int TS_TST_INFO_get_ordering(const TS_TST_INFO *a);
|
|
||||||
|
|
||||||
int TS_TST_INFO_set_nonce(TS_TST_INFO *a, const ASN1_INTEGER *nonce);
|
|
||||||
const ASN1_INTEGER *TS_TST_INFO_get_nonce(const TS_TST_INFO *a);
|
|
||||||
|
|
||||||
int TS_TST_INFO_set_tsa(TS_TST_INFO *a, GENERAL_NAME *tsa);
|
|
||||||
GENERAL_NAME *TS_TST_INFO_get_tsa(TS_TST_INFO *a);
|
|
||||||
|
|
||||||
STACK_OF(X509_EXTENSION) *TS_TST_INFO_get_exts(TS_TST_INFO *a);
|
|
||||||
void TS_TST_INFO_ext_free(TS_TST_INFO *a);
|
|
||||||
int TS_TST_INFO_get_ext_count(TS_TST_INFO *a);
|
|
||||||
int TS_TST_INFO_get_ext_by_NID(TS_TST_INFO *a, int nid, int lastpos);
|
|
||||||
int TS_TST_INFO_get_ext_by_OBJ(TS_TST_INFO *a, ASN1_OBJECT *obj, int lastpos);
|
|
||||||
int TS_TST_INFO_get_ext_by_critical(TS_TST_INFO *a, int crit, int lastpos);
|
|
||||||
X509_EXTENSION *TS_TST_INFO_get_ext(TS_TST_INFO *a, int loc);
|
|
||||||
X509_EXTENSION *TS_TST_INFO_delete_ext(TS_TST_INFO *a, int loc);
|
|
||||||
int TS_TST_INFO_add_ext(TS_TST_INFO *a, X509_EXTENSION *ex, int loc);
|
|
||||||
void *TS_TST_INFO_get_ext_d2i(TS_TST_INFO *a, int nid, int *crit, int *idx);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Declarations related to response generation, defined in ts/ts_resp_sign.c.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* Optional flags for response generation. */
|
|
||||||
|
|
||||||
/* Don't include the TSA name in response. */
|
|
||||||
# define TS_TSA_NAME 0x01
|
|
||||||
|
|
||||||
/* Set ordering to true in response. */
|
|
||||||
# define TS_ORDERING 0x02
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Include the signer certificate and the other specified certificates in
|
|
||||||
* the ESS signing certificate attribute beside the PKCS7 signed data.
|
|
||||||
* Only the signer certificates is included by default.
|
|
||||||
*/
|
|
||||||
# define TS_ESS_CERT_ID_CHAIN 0x04
|
|
||||||
|
|
||||||
/* Forward declaration. */
|
|
||||||
struct TS_resp_ctx;
|
|
||||||
|
|
||||||
/* This must return a unique number less than 160 bits long. */
|
|
||||||
typedef ASN1_INTEGER *(*TS_serial_cb) (struct TS_resp_ctx *, void *);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This must return the seconds and microseconds since Jan 1, 1970 in the sec
|
|
||||||
* and usec variables allocated by the caller. Return non-zero for success
|
|
||||||
* and zero for failure.
|
|
||||||
*/
|
|
||||||
typedef int (*TS_time_cb) (struct TS_resp_ctx *, void *, long *sec,
|
|
||||||
long *usec);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This must process the given extension. It can modify the TS_TST_INFO
|
|
||||||
* object of the context. Return values: !0 (processed), 0 (error, it must
|
|
||||||
* set the status info/failure info of the response).
|
|
||||||
*/
|
|
||||||
typedef int (*TS_extension_cb) (struct TS_resp_ctx *, X509_EXTENSION *,
|
|
||||||
void *);
|
|
||||||
|
|
||||||
typedef struct TS_resp_ctx {
|
|
||||||
X509 *signer_cert;
|
|
||||||
EVP_PKEY *signer_key;
|
|
||||||
STACK_OF(X509) *certs; /* Certs to include in signed data. */
|
|
||||||
STACK_OF(ASN1_OBJECT) *policies; /* Acceptable policies. */
|
|
||||||
ASN1_OBJECT *default_policy; /* It may appear in policies, too. */
|
|
||||||
STACK_OF(EVP_MD) *mds; /* Acceptable message digests. */
|
|
||||||
ASN1_INTEGER *seconds; /* accuracy, 0 means not specified. */
|
|
||||||
ASN1_INTEGER *millis; /* accuracy, 0 means not specified. */
|
|
||||||
ASN1_INTEGER *micros; /* accuracy, 0 means not specified. */
|
|
||||||
unsigned clock_precision_digits; /* fraction of seconds in time stamp
|
|
||||||
* token. */
|
|
||||||
unsigned flags; /* Optional info, see values above. */
|
|
||||||
/* Callback functions. */
|
|
||||||
TS_serial_cb serial_cb;
|
|
||||||
void *serial_cb_data; /* User data for serial_cb. */
|
|
||||||
TS_time_cb time_cb;
|
|
||||||
void *time_cb_data; /* User data for time_cb. */
|
|
||||||
TS_extension_cb extension_cb;
|
|
||||||
void *extension_cb_data; /* User data for extension_cb. */
|
|
||||||
/* These members are used only while creating the response. */
|
|
||||||
TS_REQ *request;
|
|
||||||
TS_RESP *response;
|
|
||||||
TS_TST_INFO *tst_info;
|
|
||||||
} TS_RESP_CTX;
|
|
||||||
|
|
||||||
DECLARE_STACK_OF(EVP_MD)
|
|
||||||
DECLARE_ASN1_SET_OF(EVP_MD)
|
|
||||||
|
|
||||||
/* Creates a response context that can be used for generating responses. */
|
|
||||||
TS_RESP_CTX *TS_RESP_CTX_new(void);
|
|
||||||
void TS_RESP_CTX_free(TS_RESP_CTX *ctx);
|
|
||||||
|
|
||||||
/* This parameter must be set. */
|
|
||||||
int TS_RESP_CTX_set_signer_cert(TS_RESP_CTX *ctx, X509 *signer);
|
|
||||||
|
|
||||||
/* This parameter must be set. */
|
|
||||||
int TS_RESP_CTX_set_signer_key(TS_RESP_CTX *ctx, EVP_PKEY *key);
|
|
||||||
|
|
||||||
/* This parameter must be set. */
|
|
||||||
int TS_RESP_CTX_set_def_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *def_policy);
|
|
||||||
|
|
||||||
/* No additional certs are included in the response by default. */
|
|
||||||
int TS_RESP_CTX_set_certs(TS_RESP_CTX *ctx, STACK_OF(X509) *certs);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Adds a new acceptable policy, only the default policy is accepted by
|
|
||||||
* default.
|
|
||||||
*/
|
|
||||||
int TS_RESP_CTX_add_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *policy);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Adds a new acceptable message digest. Note that no message digests are
|
|
||||||
* accepted by default. The md argument is shared with the caller.
|
|
||||||
*/
|
|
||||||
int TS_RESP_CTX_add_md(TS_RESP_CTX *ctx, const EVP_MD *md);
|
|
||||||
|
|
||||||
/* Accuracy is not included by default. */
|
|
||||||
int TS_RESP_CTX_set_accuracy(TS_RESP_CTX *ctx,
|
|
||||||
int secs, int millis, int micros);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Clock precision digits, i.e. the number of decimal digits: '0' means sec,
|
|
||||||
* '3' msec, '6' usec, and so on. Default is 0.
|
|
||||||
*/
|
|
||||||
int TS_RESP_CTX_set_clock_precision_digits(TS_RESP_CTX *ctx,
|
|
||||||
unsigned clock_precision_digits);
|
|
||||||
/* At most we accept usec precision. */
|
|
||||||
# define TS_MAX_CLOCK_PRECISION_DIGITS 6
|
|
||||||
|
|
||||||
/* No flags are set by default. */
|
|
||||||
void TS_RESP_CTX_add_flags(TS_RESP_CTX *ctx, int flags);
|
|
||||||
|
|
||||||
/* Default callback always returns a constant. */
|
|
||||||
void TS_RESP_CTX_set_serial_cb(TS_RESP_CTX *ctx, TS_serial_cb cb, void *data);
|
|
||||||
|
|
||||||
/* Default callback uses the gettimeofday() and gmtime() system calls. */
|
|
||||||
void TS_RESP_CTX_set_time_cb(TS_RESP_CTX *ctx, TS_time_cb cb, void *data);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Default callback rejects all extensions. The extension callback is called
|
|
||||||
* when the TS_TST_INFO object is already set up and not signed yet.
|
|
||||||
*/
|
|
||||||
/* FIXME: extension handling is not tested yet. */
|
|
||||||
void TS_RESP_CTX_set_extension_cb(TS_RESP_CTX *ctx,
|
|
||||||
TS_extension_cb cb, void *data);
|
|
||||||
|
|
||||||
/* The following methods can be used in the callbacks. */
|
|
||||||
int TS_RESP_CTX_set_status_info(TS_RESP_CTX *ctx,
|
|
||||||
int status, const char *text);
|
|
||||||
|
|
||||||
/* Sets the status info only if it is still TS_STATUS_GRANTED. */
|
|
||||||
int TS_RESP_CTX_set_status_info_cond(TS_RESP_CTX *ctx,
|
|
||||||
int status, const char *text);
|
|
||||||
|
|
||||||
int TS_RESP_CTX_add_failure_info(TS_RESP_CTX *ctx, int failure);
|
|
||||||
|
|
||||||
/* The get methods below can be used in the extension callback. */
|
|
||||||
TS_REQ *TS_RESP_CTX_get_request(TS_RESP_CTX *ctx);
|
|
||||||
|
|
||||||
TS_TST_INFO *TS_RESP_CTX_get_tst_info(TS_RESP_CTX *ctx);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Creates the signed TS_TST_INFO and puts it in TS_RESP.
|
|
||||||
* In case of errors it sets the status info properly.
|
|
||||||
* Returns NULL only in case of memory allocation/fatal error.
|
|
||||||
*/
|
|
||||||
TS_RESP *TS_RESP_create_response(TS_RESP_CTX *ctx, BIO *req_bio);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Declarations related to response verification,
|
|
||||||
* they are defined in ts/ts_resp_verify.c.
|
|
||||||
*/
|
|
||||||
|
|
||||||
int TS_RESP_verify_signature(PKCS7 *token, STACK_OF(X509) *certs,
|
|
||||||
X509_STORE *store, X509 **signer_out);
|
|
||||||
|
|
||||||
/* Context structure for the generic verify method. */
|
|
||||||
|
|
||||||
/* Verify the signer's certificate and the signature of the response. */
|
|
||||||
# define TS_VFY_SIGNATURE (1u << 0)
|
|
||||||
/* Verify the version number of the response. */
|
|
||||||
# define TS_VFY_VERSION (1u << 1)
|
|
||||||
/* Verify if the policy supplied by the user matches the policy of the TSA. */
|
|
||||||
# define TS_VFY_POLICY (1u << 2)
|
|
||||||
/*
|
|
||||||
* Verify the message imprint provided by the user. This flag should not be
|
|
||||||
* specified with TS_VFY_DATA.
|
|
||||||
*/
|
|
||||||
# define TS_VFY_IMPRINT (1u << 3)
|
|
||||||
/*
|
|
||||||
* Verify the message imprint computed by the verify method from the user
|
|
||||||
* provided data and the MD algorithm of the response. This flag should not
|
|
||||||
* be specified with TS_VFY_IMPRINT.
|
|
||||||
*/
|
|
||||||
# define TS_VFY_DATA (1u << 4)
|
|
||||||
/* Verify the nonce value. */
|
|
||||||
# define TS_VFY_NONCE (1u << 5)
|
|
||||||
/* Verify if the TSA name field matches the signer certificate. */
|
|
||||||
# define TS_VFY_SIGNER (1u << 6)
|
|
||||||
/* Verify if the TSA name field equals to the user provided name. */
|
|
||||||
# define TS_VFY_TSA_NAME (1u << 7)
|
|
||||||
|
|
||||||
/* You can use the following convenience constants. */
|
|
||||||
# define TS_VFY_ALL_IMPRINT (TS_VFY_SIGNATURE \
|
|
||||||
| TS_VFY_VERSION \
|
|
||||||
| TS_VFY_POLICY \
|
|
||||||
| TS_VFY_IMPRINT \
|
|
||||||
| TS_VFY_NONCE \
|
|
||||||
| TS_VFY_SIGNER \
|
|
||||||
| TS_VFY_TSA_NAME)
|
|
||||||
# define TS_VFY_ALL_DATA (TS_VFY_SIGNATURE \
|
|
||||||
| TS_VFY_VERSION \
|
|
||||||
| TS_VFY_POLICY \
|
|
||||||
| TS_VFY_DATA \
|
|
||||||
| TS_VFY_NONCE \
|
|
||||||
| TS_VFY_SIGNER \
|
|
||||||
| TS_VFY_TSA_NAME)
|
|
||||||
|
|
||||||
typedef struct TS_verify_ctx {
|
|
||||||
/* Set this to the union of TS_VFY_... flags you want to carry out. */
|
|
||||||
unsigned flags;
|
|
||||||
/* Must be set only with TS_VFY_SIGNATURE. certs is optional. */
|
|
||||||
X509_STORE *store;
|
|
||||||
STACK_OF(X509) *certs;
|
|
||||||
/* Must be set only with TS_VFY_POLICY. */
|
|
||||||
ASN1_OBJECT *policy;
|
|
||||||
/*
|
|
||||||
* Must be set only with TS_VFY_IMPRINT. If md_alg is NULL, the
|
|
||||||
* algorithm from the response is used.
|
|
||||||
*/
|
|
||||||
X509_ALGOR *md_alg;
|
|
||||||
unsigned char *imprint;
|
|
||||||
unsigned imprint_len;
|
|
||||||
/* Must be set only with TS_VFY_DATA. */
|
|
||||||
BIO *data;
|
|
||||||
/* Must be set only with TS_VFY_TSA_NAME. */
|
|
||||||
ASN1_INTEGER *nonce;
|
|
||||||
/* Must be set only with TS_VFY_TSA_NAME. */
|
|
||||||
GENERAL_NAME *tsa_name;
|
|
||||||
} TS_VERIFY_CTX;
|
|
||||||
|
|
||||||
int TS_RESP_verify_response(TS_VERIFY_CTX *ctx, TS_RESP *response);
|
|
||||||
int TS_RESP_verify_token(TS_VERIFY_CTX *ctx, PKCS7 *token);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Declarations related to response verification context,
|
|
||||||
* they are defined in ts/ts_verify_ctx.c.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* Set all fields to zero. */
|
|
||||||
TS_VERIFY_CTX *TS_VERIFY_CTX_new(void);
|
|
||||||
void TS_VERIFY_CTX_init(TS_VERIFY_CTX *ctx);
|
|
||||||
void TS_VERIFY_CTX_free(TS_VERIFY_CTX *ctx);
|
|
||||||
void TS_VERIFY_CTX_cleanup(TS_VERIFY_CTX *ctx);
|
|
||||||
|
|
||||||
/*-
|
|
||||||
* If ctx is NULL, it allocates and returns a new object, otherwise
|
|
||||||
* it returns ctx. It initialises all the members as follows:
|
|
||||||
* flags = TS_VFY_ALL_IMPRINT & ~(TS_VFY_TSA_NAME | TS_VFY_SIGNATURE)
|
|
||||||
* certs = NULL
|
|
||||||
* store = NULL
|
|
||||||
* policy = policy from the request or NULL if absent (in this case
|
|
||||||
* TS_VFY_POLICY is cleared from flags as well)
|
|
||||||
* md_alg = MD algorithm from request
|
|
||||||
* imprint, imprint_len = imprint from request
|
|
||||||
* data = NULL
|
|
||||||
* nonce, nonce_len = nonce from the request or NULL if absent (in this case
|
|
||||||
* TS_VFY_NONCE is cleared from flags as well)
|
|
||||||
* tsa_name = NULL
|
|
||||||
* Important: after calling this method TS_VFY_SIGNATURE should be added!
|
|
||||||
*/
|
|
||||||
TS_VERIFY_CTX *TS_REQ_to_TS_VERIFY_CTX(TS_REQ *req, TS_VERIFY_CTX *ctx);
|
|
||||||
|
|
||||||
/* Function declarations for TS_RESP defined in ts/ts_resp_print.c */
|
|
||||||
|
|
||||||
int TS_RESP_print_bio(BIO *bio, TS_RESP *a);
|
|
||||||
int TS_STATUS_INFO_print_bio(BIO *bio, TS_STATUS_INFO *a);
|
|
||||||
int TS_TST_INFO_print_bio(BIO *bio, TS_TST_INFO *a);
|
|
||||||
|
|
||||||
/* Common utility functions defined in ts/ts_lib.c */
|
|
||||||
|
|
||||||
int TS_ASN1_INTEGER_print_bio(BIO *bio, const ASN1_INTEGER *num);
|
|
||||||
int TS_OBJ_print_bio(BIO *bio, const ASN1_OBJECT *obj);
|
|
||||||
int TS_ext_print_bio(BIO *bio, const STACK_OF(X509_EXTENSION) *extensions);
|
|
||||||
int TS_X509_ALGOR_print_bio(BIO *bio, const X509_ALGOR *alg);
|
|
||||||
int TS_MSG_IMPRINT_print_bio(BIO *bio, TS_MSG_IMPRINT *msg);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Function declarations for handling configuration options, defined in
|
|
||||||
* ts/ts_conf.c
|
|
||||||
*/
|
|
||||||
|
|
||||||
X509 *TS_CONF_load_cert(const char *file);
|
|
||||||
STACK_OF(X509) *TS_CONF_load_certs(const char *file);
|
|
||||||
EVP_PKEY *TS_CONF_load_key(const char *file, const char *pass);
|
|
||||||
const char *TS_CONF_get_tsa_section(CONF *conf, const char *section);
|
|
||||||
int TS_CONF_set_serial(CONF *conf, const char *section, TS_serial_cb cb,
|
|
||||||
TS_RESP_CTX *ctx);
|
|
||||||
int TS_CONF_set_crypto_device(CONF *conf, const char *section,
|
|
||||||
const char *device);
|
|
||||||
int TS_CONF_set_default_engine(const char *name);
|
|
||||||
int TS_CONF_set_signer_cert(CONF *conf, const char *section,
|
|
||||||
const char *cert, TS_RESP_CTX *ctx);
|
|
||||||
int TS_CONF_set_certs(CONF *conf, const char *section, const char *certs,
|
|
||||||
TS_RESP_CTX *ctx);
|
|
||||||
int TS_CONF_set_signer_key(CONF *conf, const char *section,
|
|
||||||
const char *key, const char *pass,
|
|
||||||
TS_RESP_CTX *ctx);
|
|
||||||
int TS_CONF_set_def_policy(CONF *conf, const char *section,
|
|
||||||
const char *policy, TS_RESP_CTX *ctx);
|
|
||||||
int TS_CONF_set_policies(CONF *conf, const char *section, TS_RESP_CTX *ctx);
|
|
||||||
int TS_CONF_set_digests(CONF *conf, const char *section, TS_RESP_CTX *ctx);
|
|
||||||
int TS_CONF_set_accuracy(CONF *conf, const char *section, TS_RESP_CTX *ctx);
|
|
||||||
int TS_CONF_set_clock_precision_digits(CONF *conf, const char *section,
|
|
||||||
TS_RESP_CTX *ctx);
|
|
||||||
int TS_CONF_set_ordering(CONF *conf, const char *section, TS_RESP_CTX *ctx);
|
|
||||||
int TS_CONF_set_tsa_name(CONF *conf, const char *section, TS_RESP_CTX *ctx);
|
|
||||||
int TS_CONF_set_ess_cert_id_chain(CONF *conf, const char *section,
|
|
||||||
TS_RESP_CTX *ctx);
|
|
||||||
|
|
||||||
/* -------------------------------------------------- */
|
|
||||||
/* BEGIN ERROR CODES */
|
|
||||||
/*
|
|
||||||
* The following lines are auto generated by the script mkerr.pl. Any changes
|
|
||||||
* made after this point may be overwritten when the script is next run.
|
|
||||||
*/
|
|
||||||
void ERR_load_TS_strings(void);
|
|
||||||
|
|
||||||
/* Error codes for the TS functions. */
|
|
||||||
|
|
||||||
/* Function codes. */
|
|
||||||
# define TS_F_D2I_TS_RESP 147
|
|
||||||
# define TS_F_DEF_SERIAL_CB 110
|
|
||||||
# define TS_F_DEF_TIME_CB 111
|
|
||||||
# define TS_F_ESS_ADD_SIGNING_CERT 112
|
|
||||||
# define TS_F_ESS_CERT_ID_NEW_INIT 113
|
|
||||||
# define TS_F_ESS_SIGNING_CERT_NEW_INIT 114
|
|
||||||
# define TS_F_INT_TS_RESP_VERIFY_TOKEN 149
|
|
||||||
# define TS_F_PKCS7_TO_TS_TST_INFO 148
|
|
||||||
# define TS_F_TS_ACCURACY_SET_MICROS 115
|
|
||||||
# define TS_F_TS_ACCURACY_SET_MILLIS 116
|
|
||||||
# define TS_F_TS_ACCURACY_SET_SECONDS 117
|
|
||||||
# define TS_F_TS_CHECK_IMPRINTS 100
|
|
||||||
# define TS_F_TS_CHECK_NONCES 101
|
|
||||||
# define TS_F_TS_CHECK_POLICY 102
|
|
||||||
# define TS_F_TS_CHECK_SIGNING_CERTS 103
|
|
||||||
# define TS_F_TS_CHECK_STATUS_INFO 104
|
|
||||||
# define TS_F_TS_COMPUTE_IMPRINT 145
|
|
||||||
# define TS_F_TS_CONF_SET_DEFAULT_ENGINE 146
|
|
||||||
# define TS_F_TS_GET_STATUS_TEXT 105
|
|
||||||
# define TS_F_TS_MSG_IMPRINT_SET_ALGO 118
|
|
||||||
# define TS_F_TS_REQ_SET_MSG_IMPRINT 119
|
|
||||||
# define TS_F_TS_REQ_SET_NONCE 120
|
|
||||||
# define TS_F_TS_REQ_SET_POLICY_ID 121
|
|
||||||
# define TS_F_TS_RESP_CREATE_RESPONSE 122
|
|
||||||
# define TS_F_TS_RESP_CREATE_TST_INFO 123
|
|
||||||
# define TS_F_TS_RESP_CTX_ADD_FAILURE_INFO 124
|
|
||||||
# define TS_F_TS_RESP_CTX_ADD_MD 125
|
|
||||||
# define TS_F_TS_RESP_CTX_ADD_POLICY 126
|
|
||||||
# define TS_F_TS_RESP_CTX_NEW 127
|
|
||||||
# define TS_F_TS_RESP_CTX_SET_ACCURACY 128
|
|
||||||
# define TS_F_TS_RESP_CTX_SET_CERTS 129
|
|
||||||
# define TS_F_TS_RESP_CTX_SET_DEF_POLICY 130
|
|
||||||
# define TS_F_TS_RESP_CTX_SET_SIGNER_CERT 131
|
|
||||||
# define TS_F_TS_RESP_CTX_SET_STATUS_INFO 132
|
|
||||||
# define TS_F_TS_RESP_GET_POLICY 133
|
|
||||||
# define TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION 134
|
|
||||||
# define TS_F_TS_RESP_SET_STATUS_INFO 135
|
|
||||||
# define TS_F_TS_RESP_SET_TST_INFO 150
|
|
||||||
# define TS_F_TS_RESP_SIGN 136
|
|
||||||
# define TS_F_TS_RESP_VERIFY_SIGNATURE 106
|
|
||||||
# define TS_F_TS_RESP_VERIFY_TOKEN 107
|
|
||||||
# define TS_F_TS_TST_INFO_SET_ACCURACY 137
|
|
||||||
# define TS_F_TS_TST_INFO_SET_MSG_IMPRINT 138
|
|
||||||
# define TS_F_TS_TST_INFO_SET_NONCE 139
|
|
||||||
# define TS_F_TS_TST_INFO_SET_POLICY_ID 140
|
|
||||||
# define TS_F_TS_TST_INFO_SET_SERIAL 141
|
|
||||||
# define TS_F_TS_TST_INFO_SET_TIME 142
|
|
||||||
# define TS_F_TS_TST_INFO_SET_TSA 143
|
|
||||||
# define TS_F_TS_VERIFY 108
|
|
||||||
# define TS_F_TS_VERIFY_CERT 109
|
|
||||||
# define TS_F_TS_VERIFY_CTX_NEW 144
|
|
||||||
|
|
||||||
/* Reason codes. */
|
|
||||||
# define TS_R_BAD_PKCS7_TYPE 132
|
|
||||||
# define TS_R_BAD_TYPE 133
|
|
||||||
# define TS_R_CERTIFICATE_VERIFY_ERROR 100
|
|
||||||
# define TS_R_COULD_NOT_SET_ENGINE 127
|
|
||||||
# define TS_R_COULD_NOT_SET_TIME 115
|
|
||||||
# define TS_R_D2I_TS_RESP_INT_FAILED 128
|
|
||||||
# define TS_R_DETACHED_CONTENT 134
|
|
||||||
# define TS_R_ESS_ADD_SIGNING_CERT_ERROR 116
|
|
||||||
# define TS_R_ESS_SIGNING_CERTIFICATE_ERROR 101
|
|
||||||
# define TS_R_INVALID_NULL_POINTER 102
|
|
||||||
# define TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE 117
|
|
||||||
# define TS_R_MESSAGE_IMPRINT_MISMATCH 103
|
|
||||||
# define TS_R_NONCE_MISMATCH 104
|
|
||||||
# define TS_R_NONCE_NOT_RETURNED 105
|
|
||||||
# define TS_R_NO_CONTENT 106
|
|
||||||
# define TS_R_NO_TIME_STAMP_TOKEN 107
|
|
||||||
# define TS_R_PKCS7_ADD_SIGNATURE_ERROR 118
|
|
||||||
# define TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR 119
|
|
||||||
# define TS_R_PKCS7_TO_TS_TST_INFO_FAILED 129
|
|
||||||
# define TS_R_POLICY_MISMATCH 108
|
|
||||||
# define TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 120
|
|
||||||
# define TS_R_RESPONSE_SETUP_ERROR 121
|
|
||||||
# define TS_R_SIGNATURE_FAILURE 109
|
|
||||||
# define TS_R_THERE_MUST_BE_ONE_SIGNER 110
|
|
||||||
# define TS_R_TIME_SYSCALL_ERROR 122
|
|
||||||
# define TS_R_TOKEN_NOT_PRESENT 130
|
|
||||||
# define TS_R_TOKEN_PRESENT 131
|
|
||||||
# define TS_R_TSA_NAME_MISMATCH 111
|
|
||||||
# define TS_R_TSA_UNTRUSTED 112
|
|
||||||
# define TS_R_TST_INFO_SETUP_ERROR 123
|
|
||||||
# define TS_R_TS_DATASIGN 124
|
|
||||||
# define TS_R_UNACCEPTABLE_POLICY 125
|
|
||||||
# define TS_R_UNSUPPORTED_MD_ALGORITHM 126
|
|
||||||
# define TS_R_UNSUPPORTED_VERSION 113
|
|
||||||
# define TS_R_WRONG_CONTENT_TYPE 114
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#endif
|
|
|
@ -1,112 +0,0 @@
|
||||||
/* crypto/txt_db/txt_db.h */
|
|
||||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
|
||||||
* All rights reserved.
|
|
||||||
*
|
|
||||||
* This package is an SSL implementation written
|
|
||||||
* by Eric Young (eay@cryptsoft.com).
|
|
||||||
* The implementation was written so as to conform with Netscapes SSL.
|
|
||||||
*
|
|
||||||
* This library is free for commercial and non-commercial use as long as
|
|
||||||
* the following conditions are aheared to. The following conditions
|
|
||||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
|
||||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
|
||||||
* included with this distribution is covered by the same copyright terms
|
|
||||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
|
||||||
* the code are not to be removed.
|
|
||||||
* If this package is used in a product, Eric Young should be given attribution
|
|
||||||
* as the author of the parts of the library used.
|
|
||||||
* This can be in the form of a textual message at program startup or
|
|
||||||
* in documentation (online or textual) provided with the package.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. All advertising materials mentioning features or use of this software
|
|
||||||
* must display the following acknowledgement:
|
|
||||||
* "This product includes cryptographic software written by
|
|
||||||
* Eric Young (eay@cryptsoft.com)"
|
|
||||||
* The word 'cryptographic' can be left out if the rouines from the library
|
|
||||||
* being used are not cryptographic related :-).
|
|
||||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
||||||
* the apps directory (application code) you must include an acknowledgement:
|
|
||||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
||||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
||||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
||||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
* SUCH DAMAGE.
|
|
||||||
*
|
|
||||||
* The licence and distribution terms for any publically available version or
|
|
||||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
||||||
* copied and put under another distribution licence
|
|
||||||
* [including the GNU Public Licence.]
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_TXT_DB_H
|
|
||||||
# define HEADER_TXT_DB_H
|
|
||||||
|
|
||||||
# include <openssl/opensslconf.h>
|
|
||||||
# ifndef OPENSSL_NO_BIO
|
|
||||||
# include <openssl/bio.h>
|
|
||||||
# endif
|
|
||||||
# include <openssl/stack.h>
|
|
||||||
# include <openssl/lhash.h>
|
|
||||||
|
|
||||||
# define DB_ERROR_OK 0
|
|
||||||
# define DB_ERROR_MALLOC 1
|
|
||||||
# define DB_ERROR_INDEX_CLASH 2
|
|
||||||
# define DB_ERROR_INDEX_OUT_OF_RANGE 3
|
|
||||||
# define DB_ERROR_NO_INDEX 4
|
|
||||||
# define DB_ERROR_INSERT_INDEX_CLASH 5
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
typedef OPENSSL_STRING *OPENSSL_PSTRING;
|
|
||||||
DECLARE_SPECIAL_STACK_OF(OPENSSL_PSTRING, OPENSSL_STRING)
|
|
||||||
|
|
||||||
typedef struct txt_db_st {
|
|
||||||
int num_fields;
|
|
||||||
STACK_OF(OPENSSL_PSTRING) *data;
|
|
||||||
LHASH_OF(OPENSSL_STRING) **index;
|
|
||||||
int (**qual) (OPENSSL_STRING *);
|
|
||||||
long error;
|
|
||||||
long arg1;
|
|
||||||
long arg2;
|
|
||||||
OPENSSL_STRING *arg_row;
|
|
||||||
} TXT_DB;
|
|
||||||
|
|
||||||
# ifndef OPENSSL_NO_BIO
|
|
||||||
TXT_DB *TXT_DB_read(BIO *in, int num);
|
|
||||||
long TXT_DB_write(BIO *out, TXT_DB *db);
|
|
||||||
# else
|
|
||||||
TXT_DB *TXT_DB_read(char *in, int num);
|
|
||||||
long TXT_DB_write(char *out, TXT_DB *db);
|
|
||||||
# endif
|
|
||||||
int TXT_DB_create_index(TXT_DB *db, int field, int (*qual) (OPENSSL_STRING *),
|
|
||||||
LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp);
|
|
||||||
void TXT_DB_free(TXT_DB *db);
|
|
||||||
OPENSSL_STRING *TXT_DB_get_by_index(TXT_DB *db, int idx,
|
|
||||||
OPENSSL_STRING *value);
|
|
||||||
int TXT_DB_insert(TXT_DB *db, OPENSSL_STRING *value);
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif
|
|
|
@ -1,415 +0,0 @@
|
||||||
/* crypto/ui/ui.h -*- mode:C; c-file-style: "eay" -*- */
|
|
||||||
/*
|
|
||||||
* Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
|
|
||||||
* 2001.
|
|
||||||
*/
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 2001 The OpenSSL Project. All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
*
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
*
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in
|
|
||||||
* the documentation and/or other materials provided with the
|
|
||||||
* distribution.
|
|
||||||
*
|
|
||||||
* 3. All advertising materials mentioning features or use of this
|
|
||||||
* software must display the following acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
|
||||||
*
|
|
||||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* prior written permission. For written permission, please contact
|
|
||||||
* openssl-core@openssl.org.
|
|
||||||
*
|
|
||||||
* 5. Products derived from this software may not be called "OpenSSL"
|
|
||||||
* nor may "OpenSSL" appear in their names without prior written
|
|
||||||
* permission of the OpenSSL Project.
|
|
||||||
*
|
|
||||||
* 6. Redistributions of any form whatsoever must retain the following
|
|
||||||
* acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
||||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
||||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
||||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
||||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
||||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
||||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
||||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
||||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
* ====================================================================
|
|
||||||
*
|
|
||||||
* This product includes cryptographic software written by Eric Young
|
|
||||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
|
||||||
* Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_UI_H
|
|
||||||
# define HEADER_UI_H
|
|
||||||
|
|
||||||
# ifndef OPENSSL_NO_DEPRECATED
|
|
||||||
# include <openssl/crypto.h>
|
|
||||||
# endif
|
|
||||||
# include <openssl/safestack.h>
|
|
||||||
# include <openssl/ossl_typ.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* Declared already in ossl_typ.h */
|
|
||||||
/* typedef struct ui_st UI; */
|
|
||||||
/* typedef struct ui_method_st UI_METHOD; */
|
|
||||||
|
|
||||||
/*
|
|
||||||
* All the following functions return -1 or NULL on error and in some cases
|
|
||||||
* (UI_process()) -2 if interrupted or in some other way cancelled. When
|
|
||||||
* everything is fine, they return 0, a positive value or a non-NULL pointer,
|
|
||||||
* all depending on their purpose.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* Creators and destructor. */
|
|
||||||
UI *UI_new(void);
|
|
||||||
UI *UI_new_method(const UI_METHOD *method);
|
|
||||||
void UI_free(UI *ui);
|
|
||||||
|
|
||||||
/*-
|
|
||||||
The following functions are used to add strings to be printed and prompt
|
|
||||||
strings to prompt for data. The names are UI_{add,dup}_<function>_string
|
|
||||||
and UI_{add,dup}_input_boolean.
|
|
||||||
|
|
||||||
UI_{add,dup}_<function>_string have the following meanings:
|
|
||||||
add add a text or prompt string. The pointers given to these
|
|
||||||
functions are used verbatim, no copying is done.
|
|
||||||
dup make a copy of the text or prompt string, then add the copy
|
|
||||||
to the collection of strings in the user interface.
|
|
||||||
<function>
|
|
||||||
The function is a name for the functionality that the given
|
|
||||||
string shall be used for. It can be one of:
|
|
||||||
input use the string as data prompt.
|
|
||||||
verify use the string as verification prompt. This
|
|
||||||
is used to verify a previous input.
|
|
||||||
info use the string for informational output.
|
|
||||||
error use the string for error output.
|
|
||||||
Honestly, there's currently no difference between info and error for the
|
|
||||||
moment.
|
|
||||||
|
|
||||||
UI_{add,dup}_input_boolean have the same semantics for "add" and "dup",
|
|
||||||
and are typically used when one wants to prompt for a yes/no response.
|
|
||||||
|
|
||||||
All of the functions in this group take a UI and a prompt string.
|
|
||||||
The string input and verify addition functions also take a flag argument,
|
|
||||||
a buffer for the result to end up with, a minimum input size and a maximum
|
|
||||||
input size (the result buffer MUST be large enough to be able to contain
|
|
||||||
the maximum number of characters). Additionally, the verify addition
|
|
||||||
functions takes another buffer to compare the result against.
|
|
||||||
The boolean input functions take an action description string (which should
|
|
||||||
be safe to ignore if the expected user action is obvious, for example with
|
|
||||||
a dialog box with an OK button and a Cancel button), a string of acceptable
|
|
||||||
characters to mean OK and to mean Cancel. The two last strings are checked
|
|
||||||
to make sure they don't have common characters. Additionally, the same
|
|
||||||
flag argument as for the string input is taken, as well as a result buffer.
|
|
||||||
The result buffer is required to be at least one byte long. Depending on
|
|
||||||
the answer, the first character from the OK or the Cancel character strings
|
|
||||||
will be stored in the first byte of the result buffer. No NUL will be
|
|
||||||
added, so the result is *not* a string.
|
|
||||||
|
|
||||||
On success, the all return an index of the added information. That index
|
|
||||||
is usefull when retrieving results with UI_get0_result(). */
|
|
||||||
int UI_add_input_string(UI *ui, const char *prompt, int flags,
|
|
||||||
char *result_buf, int minsize, int maxsize);
|
|
||||||
int UI_dup_input_string(UI *ui, const char *prompt, int flags,
|
|
||||||
char *result_buf, int minsize, int maxsize);
|
|
||||||
int UI_add_verify_string(UI *ui, const char *prompt, int flags,
|
|
||||||
char *result_buf, int minsize, int maxsize,
|
|
||||||
const char *test_buf);
|
|
||||||
int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
|
|
||||||
char *result_buf, int minsize, int maxsize,
|
|
||||||
const char *test_buf);
|
|
||||||
int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
|
|
||||||
const char *ok_chars, const char *cancel_chars,
|
|
||||||
int flags, char *result_buf);
|
|
||||||
int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
|
|
||||||
const char *ok_chars, const char *cancel_chars,
|
|
||||||
int flags, char *result_buf);
|
|
||||||
int UI_add_info_string(UI *ui, const char *text);
|
|
||||||
int UI_dup_info_string(UI *ui, const char *text);
|
|
||||||
int UI_add_error_string(UI *ui, const char *text);
|
|
||||||
int UI_dup_error_string(UI *ui, const char *text);
|
|
||||||
|
|
||||||
/* These are the possible flags. They can be or'ed together. */
|
|
||||||
/* Use to have echoing of input */
|
|
||||||
# define UI_INPUT_FLAG_ECHO 0x01
|
|
||||||
/*
|
|
||||||
* Use a default password. Where that password is found is completely up to
|
|
||||||
* the application, it might for example be in the user data set with
|
|
||||||
* UI_add_user_data(). It is not recommended to have more than one input in
|
|
||||||
* each UI being marked with this flag, or the application might get
|
|
||||||
* confused.
|
|
||||||
*/
|
|
||||||
# define UI_INPUT_FLAG_DEFAULT_PWD 0x02
|
|
||||||
|
|
||||||
/*-
|
|
||||||
* The user of these routines may want to define flags of their own. The core
|
|
||||||
* UI won't look at those, but will pass them on to the method routines. They
|
|
||||||
* must use higher bits so they don't get confused with the UI bits above.
|
|
||||||
* UI_INPUT_FLAG_USER_BASE tells which is the lowest bit to use. A good
|
|
||||||
* example of use is this:
|
|
||||||
*
|
|
||||||
* #define MY_UI_FLAG1 (0x01 << UI_INPUT_FLAG_USER_BASE)
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
# define UI_INPUT_FLAG_USER_BASE 16
|
|
||||||
|
|
||||||
/*-
|
|
||||||
* The following function helps construct a prompt. object_desc is a
|
|
||||||
* textual short description of the object, for example "pass phrase",
|
|
||||||
* and object_name is the name of the object (might be a card name or
|
|
||||||
* a file name.
|
|
||||||
* The returned string shall always be allocated on the heap with
|
|
||||||
* OPENSSL_malloc(), and need to be free'd with OPENSSL_free().
|
|
||||||
*
|
|
||||||
* If the ui_method doesn't contain a pointer to a user-defined prompt
|
|
||||||
* constructor, a default string is built, looking like this:
|
|
||||||
*
|
|
||||||
* "Enter {object_desc} for {object_name}:"
|
|
||||||
*
|
|
||||||
* So, if object_desc has the value "pass phrase" and object_name has
|
|
||||||
* the value "foo.key", the resulting string is:
|
|
||||||
*
|
|
||||||
* "Enter pass phrase for foo.key:"
|
|
||||||
*/
|
|
||||||
char *UI_construct_prompt(UI *ui_method,
|
|
||||||
const char *object_desc, const char *object_name);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* The following function is used to store a pointer to user-specific data.
|
|
||||||
* Any previous such pointer will be returned and replaced.
|
|
||||||
*
|
|
||||||
* For callback purposes, this function makes a lot more sense than using
|
|
||||||
* ex_data, since the latter requires that different parts of OpenSSL or
|
|
||||||
* applications share the same ex_data index.
|
|
||||||
*
|
|
||||||
* Note that the UI_OpenSSL() method completely ignores the user data. Other
|
|
||||||
* methods may not, however.
|
|
||||||
*/
|
|
||||||
void *UI_add_user_data(UI *ui, void *user_data);
|
|
||||||
/* We need a user data retrieving function as well. */
|
|
||||||
void *UI_get0_user_data(UI *ui);
|
|
||||||
|
|
||||||
/* Return the result associated with a prompt given with the index i. */
|
|
||||||
const char *UI_get0_result(UI *ui, int i);
|
|
||||||
|
|
||||||
/* When all strings have been added, process the whole thing. */
|
|
||||||
int UI_process(UI *ui);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Give a user interface parametrised control commands. This can be used to
|
|
||||||
* send down an integer, a data pointer or a function pointer, as well as be
|
|
||||||
* used to get information from a UI.
|
|
||||||
*/
|
|
||||||
int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f) (void));
|
|
||||||
|
|
||||||
/* The commands */
|
|
||||||
/*
|
|
||||||
* Use UI_CONTROL_PRINT_ERRORS with the value 1 to have UI_process print the
|
|
||||||
* OpenSSL error stack before printing any info or added error messages and
|
|
||||||
* before any prompting.
|
|
||||||
*/
|
|
||||||
# define UI_CTRL_PRINT_ERRORS 1
|
|
||||||
/*
|
|
||||||
* Check if a UI_process() is possible to do again with the same instance of
|
|
||||||
* a user interface. This makes UI_ctrl() return 1 if it is redoable, and 0
|
|
||||||
* if not.
|
|
||||||
*/
|
|
||||||
# define UI_CTRL_IS_REDOABLE 2
|
|
||||||
|
|
||||||
/* Some methods may use extra data */
|
|
||||||
# define UI_set_app_data(s,arg) UI_set_ex_data(s,0,arg)
|
|
||||||
# define UI_get_app_data(s) UI_get_ex_data(s,0)
|
|
||||||
int UI_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
|
|
||||||
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
|
|
||||||
int UI_set_ex_data(UI *r, int idx, void *arg);
|
|
||||||
void *UI_get_ex_data(UI *r, int idx);
|
|
||||||
|
|
||||||
/* Use specific methods instead of the built-in one */
|
|
||||||
void UI_set_default_method(const UI_METHOD *meth);
|
|
||||||
const UI_METHOD *UI_get_default_method(void);
|
|
||||||
const UI_METHOD *UI_get_method(UI *ui);
|
|
||||||
const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
|
|
||||||
|
|
||||||
/* The method with all the built-in thingies */
|
|
||||||
UI_METHOD *UI_OpenSSL(void);
|
|
||||||
|
|
||||||
/* ---------- For method writers ---------- */
|
|
||||||
/*-
|
|
||||||
A method contains a number of functions that implement the low level
|
|
||||||
of the User Interface. The functions are:
|
|
||||||
|
|
||||||
an opener This function starts a session, maybe by opening
|
|
||||||
a channel to a tty, or by opening a window.
|
|
||||||
a writer This function is called to write a given string,
|
|
||||||
maybe to the tty, maybe as a field label in a
|
|
||||||
window.
|
|
||||||
a flusher This function is called to flush everything that
|
|
||||||
has been output so far. It can be used to actually
|
|
||||||
display a dialog box after it has been built.
|
|
||||||
a reader This function is called to read a given prompt,
|
|
||||||
maybe from the tty, maybe from a field in a
|
|
||||||
window. Note that it's called wth all string
|
|
||||||
structures, not only the prompt ones, so it must
|
|
||||||
check such things itself.
|
|
||||||
a closer This function closes the session, maybe by closing
|
|
||||||
the channel to the tty, or closing the window.
|
|
||||||
|
|
||||||
All these functions are expected to return:
|
|
||||||
|
|
||||||
0 on error.
|
|
||||||
1 on success.
|
|
||||||
-1 on out-of-band events, for example if some prompting has
|
|
||||||
been canceled (by pressing Ctrl-C, for example). This is
|
|
||||||
only checked when returned by the flusher or the reader.
|
|
||||||
|
|
||||||
The way this is used, the opener is first called, then the writer for all
|
|
||||||
strings, then the flusher, then the reader for all strings and finally the
|
|
||||||
closer. Note that if you want to prompt from a terminal or other command
|
|
||||||
line interface, the best is to have the reader also write the prompts
|
|
||||||
instead of having the writer do it. If you want to prompt from a dialog
|
|
||||||
box, the writer can be used to build up the contents of the box, and the
|
|
||||||
flusher to actually display the box and run the event loop until all data
|
|
||||||
has been given, after which the reader only grabs the given data and puts
|
|
||||||
them back into the UI strings.
|
|
||||||
|
|
||||||
All method functions take a UI as argument. Additionally, the writer and
|
|
||||||
the reader take a UI_STRING.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/*
|
|
||||||
* The UI_STRING type is the data structure that contains all the needed info
|
|
||||||
* about a string or a prompt, including test data for a verification prompt.
|
|
||||||
*/
|
|
||||||
typedef struct ui_string_st UI_STRING;
|
|
||||||
DECLARE_STACK_OF(UI_STRING)
|
|
||||||
|
|
||||||
/*
|
|
||||||
* The different types of strings that are currently supported. This is only
|
|
||||||
* needed by method authors.
|
|
||||||
*/
|
|
||||||
enum UI_string_types {
|
|
||||||
UIT_NONE = 0,
|
|
||||||
UIT_PROMPT, /* Prompt for a string */
|
|
||||||
UIT_VERIFY, /* Prompt for a string and verify */
|
|
||||||
UIT_BOOLEAN, /* Prompt for a yes/no response */
|
|
||||||
UIT_INFO, /* Send info to the user */
|
|
||||||
UIT_ERROR /* Send an error message to the user */
|
|
||||||
};
|
|
||||||
|
|
||||||
/* Create and manipulate methods */
|
|
||||||
UI_METHOD *UI_create_method(char *name);
|
|
||||||
void UI_destroy_method(UI_METHOD *ui_method);
|
|
||||||
int UI_method_set_opener(UI_METHOD *method, int (*opener) (UI *ui));
|
|
||||||
int UI_method_set_writer(UI_METHOD *method,
|
|
||||||
int (*writer) (UI *ui, UI_STRING *uis));
|
|
||||||
int UI_method_set_flusher(UI_METHOD *method, int (*flusher) (UI *ui));
|
|
||||||
int UI_method_set_reader(UI_METHOD *method,
|
|
||||||
int (*reader) (UI *ui, UI_STRING *uis));
|
|
||||||
int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui));
|
|
||||||
int UI_method_set_prompt_constructor(UI_METHOD *method,
|
|
||||||
char *(*prompt_constructor) (UI *ui,
|
|
||||||
const char
|
|
||||||
*object_desc,
|
|
||||||
const char
|
|
||||||
*object_name));
|
|
||||||
int (*UI_method_get_opener(UI_METHOD *method)) (UI *);
|
|
||||||
int (*UI_method_get_writer(UI_METHOD *method)) (UI *, UI_STRING *);
|
|
||||||
int (*UI_method_get_flusher(UI_METHOD *method)) (UI *);
|
|
||||||
int (*UI_method_get_reader(UI_METHOD *method)) (UI *, UI_STRING *);
|
|
||||||
int (*UI_method_get_closer(UI_METHOD *method)) (UI *);
|
|
||||||
char *(*UI_method_get_prompt_constructor(UI_METHOD *method)) (UI *,
|
|
||||||
const char *,
|
|
||||||
const char *);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* The following functions are helpers for method writers to access relevant
|
|
||||||
* data from a UI_STRING.
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* Return type of the UI_STRING */
|
|
||||||
enum UI_string_types UI_get_string_type(UI_STRING *uis);
|
|
||||||
/* Return input flags of the UI_STRING */
|
|
||||||
int UI_get_input_flags(UI_STRING *uis);
|
|
||||||
/* Return the actual string to output (the prompt, info or error) */
|
|
||||||
const char *UI_get0_output_string(UI_STRING *uis);
|
|
||||||
/*
|
|
||||||
* Return the optional action string to output (the boolean promtp
|
|
||||||
* instruction)
|
|
||||||
*/
|
|
||||||
const char *UI_get0_action_string(UI_STRING *uis);
|
|
||||||
/* Return the result of a prompt */
|
|
||||||
const char *UI_get0_result_string(UI_STRING *uis);
|
|
||||||
/*
|
|
||||||
* Return the string to test the result against. Only useful with verifies.
|
|
||||||
*/
|
|
||||||
const char *UI_get0_test_string(UI_STRING *uis);
|
|
||||||
/* Return the required minimum size of the result */
|
|
||||||
int UI_get_result_minsize(UI_STRING *uis);
|
|
||||||
/* Return the required maximum size of the result */
|
|
||||||
int UI_get_result_maxsize(UI_STRING *uis);
|
|
||||||
/* Set the result of a UI_STRING. */
|
|
||||||
int UI_set_result(UI *ui, UI_STRING *uis, const char *result);
|
|
||||||
|
|
||||||
/* A couple of popular utility functions */
|
|
||||||
int UI_UTIL_read_pw_string(char *buf, int length, const char *prompt,
|
|
||||||
int verify);
|
|
||||||
int UI_UTIL_read_pw(char *buf, char *buff, int size, const char *prompt,
|
|
||||||
int verify);
|
|
||||||
|
|
||||||
/* BEGIN ERROR CODES */
|
|
||||||
/*
|
|
||||||
* The following lines are auto generated by the script mkerr.pl. Any changes
|
|
||||||
* made after this point may be overwritten when the script is next run.
|
|
||||||
*/
|
|
||||||
void ERR_load_UI_strings(void);
|
|
||||||
|
|
||||||
/* Error codes for the UI functions. */
|
|
||||||
|
|
||||||
/* Function codes. */
|
|
||||||
# define UI_F_GENERAL_ALLOCATE_BOOLEAN 108
|
|
||||||
# define UI_F_GENERAL_ALLOCATE_PROMPT 109
|
|
||||||
# define UI_F_GENERAL_ALLOCATE_STRING 100
|
|
||||||
# define UI_F_UI_CTRL 111
|
|
||||||
# define UI_F_UI_DUP_ERROR_STRING 101
|
|
||||||
# define UI_F_UI_DUP_INFO_STRING 102
|
|
||||||
# define UI_F_UI_DUP_INPUT_BOOLEAN 110
|
|
||||||
# define UI_F_UI_DUP_INPUT_STRING 103
|
|
||||||
# define UI_F_UI_DUP_VERIFY_STRING 106
|
|
||||||
# define UI_F_UI_GET0_RESULT 107
|
|
||||||
# define UI_F_UI_NEW_METHOD 104
|
|
||||||
# define UI_F_UI_SET_RESULT 105
|
|
||||||
|
|
||||||
/* Reason codes. */
|
|
||||||
# define UI_R_COMMON_OK_AND_CANCEL_CHARACTERS 104
|
|
||||||
# define UI_R_INDEX_TOO_LARGE 102
|
|
||||||
# define UI_R_INDEX_TOO_SMALL 103
|
|
||||||
# define UI_R_NO_RESULT_BUFFER 105
|
|
||||||
# define UI_R_RESULT_TOO_LARGE 100
|
|
||||||
# define UI_R_RESULT_TOO_SMALL 101
|
|
||||||
# define UI_R_UNKNOWN_CONTROL_COMMAND 106
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#endif
|
|
|
@ -1,88 +0,0 @@
|
||||||
/* crypto/ui/ui.h -*- mode:C; c-file-style: "eay" -*- */
|
|
||||||
/*
|
|
||||||
* Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
|
|
||||||
* 2001.
|
|
||||||
*/
|
|
||||||
/* ====================================================================
|
|
||||||
* Copyright (c) 2001 The OpenSSL Project. All rights reserved.
|
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
*
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
*
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in
|
|
||||||
* the documentation and/or other materials provided with the
|
|
||||||
* distribution.
|
|
||||||
*
|
|
||||||
* 3. All advertising materials mentioning features or use of this
|
|
||||||
* software must display the following acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
|
||||||
*
|
|
||||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* prior written permission. For written permission, please contact
|
|
||||||
* openssl-core@openssl.org.
|
|
||||||
*
|
|
||||||
* 5. Products derived from this software may not be called "OpenSSL"
|
|
||||||
* nor may "OpenSSL" appear in their names without prior written
|
|
||||||
* permission of the OpenSSL Project.
|
|
||||||
*
|
|
||||||
* 6. Redistributions of any form whatsoever must retain the following
|
|
||||||
* acknowledgment:
|
|
||||||
* "This product includes software developed by the OpenSSL Project
|
|
||||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
||||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
||||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
||||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
||||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
||||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
||||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
||||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
||||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
||||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
* ====================================================================
|
|
||||||
*
|
|
||||||
* This product includes cryptographic software written by Eric Young
|
|
||||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
|
||||||
* Hudson (tjh@cryptsoft.com).
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef HEADER_UI_COMPAT_H
|
|
||||||
# define HEADER_UI_COMPAT_H
|
|
||||||
|
|
||||||
# include <openssl/opensslconf.h>
|
|
||||||
# include <openssl/ui.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/*
|
|
||||||
* The following functions were previously part of the DES section, and are
|
|
||||||
* provided here for backward compatibility reasons.
|
|
||||||
*/
|
|
||||||
|
|
||||||
# define des_read_pw_string(b,l,p,v) \
|
|
||||||
_ossl_old_des_read_pw_string((b),(l),(p),(v))
|
|
||||||
# define des_read_pw(b,bf,s,p,v) \
|
|
||||||
_ossl_old_des_read_pw((b),(bf),(s),(p),(v))
|
|
||||||
|
|
||||||
int _ossl_old_des_read_pw_string(char *buf, int length, const char *prompt,
|
|
||||||
int verify);
|
|
||||||
int _ossl_old_des_read_pw(char *buf, char *buff, int size, const char *prompt,
|
|
||||||
int verify);
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#endif
|
|
|
@ -1,41 +0,0 @@
|
||||||
#ifndef HEADER_WHRLPOOL_H
|
|
||||||
# define HEADER_WHRLPOOL_H
|
|
||||||
|
|
||||||
# include <openssl/e_os2.h>
|
|
||||||
# include <stddef.h>
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C" {
|
|
||||||
#endif
|
|
||||||
|
|
||||||
# define WHIRLPOOL_DIGEST_LENGTH (512/8)
|
|
||||||
# define WHIRLPOOL_BBLOCK 512
|
|
||||||
# define WHIRLPOOL_COUNTER (256/8)
|
|
||||||
|
|
||||||
typedef struct {
|
|
||||||
union {
|
|
||||||
unsigned char c[WHIRLPOOL_DIGEST_LENGTH];
|
|
||||||
/* double q is here to ensure 64-bit alignment */
|
|
||||||
double q[WHIRLPOOL_DIGEST_LENGTH / sizeof(double)];
|
|
||||||
} H;
|
|
||||||
unsigned char data[WHIRLPOOL_BBLOCK / 8];
|
|
||||||
unsigned int bitoff;
|
|
||||||
size_t bitlen[WHIRLPOOL_COUNTER / sizeof(size_t)];
|
|
||||||
} WHIRLPOOL_CTX;
|
|
||||||
|
|
||||||
# ifndef OPENSSL_NO_WHIRLPOOL
|
|
||||||
# ifdef OPENSSL_FIPS
|
|
||||||
int private_WHIRLPOOL_Init(WHIRLPOOL_CTX *c);
|
|
||||||
# endif
|
|
||||||
int WHIRLPOOL_Init(WHIRLPOOL_CTX *c);
|
|
||||||
int WHIRLPOOL_Update(WHIRLPOOL_CTX *c, const void *inp, size_t bytes);
|
|
||||||
void WHIRLPOOL_BitUpdate(WHIRLPOOL_CTX *c, const void *inp, size_t bits);
|
|
||||||
int WHIRLPOOL_Final(unsigned char *md, WHIRLPOOL_CTX *c);
|
|
||||||
unsigned char *WHIRLPOOL(const void *inp, size_t bytes, unsigned char *md);
|
|
||||||
# endif
|
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#endif
|
|
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue