Checking in Win32 and Win64 binaries #4587
This commit is contained in:
parent
25cce186dd
commit
db631ac61d
|
@ -0,0 +1,127 @@
|
||||||
|
|
||||||
|
LICENSE ISSUES
|
||||||
|
==============
|
||||||
|
|
||||||
|
The OpenSSL toolkit stays under a dual license, i.e. both the conditions of
|
||||||
|
the OpenSSL License and the original SSLeay license apply to the toolkit.
|
||||||
|
See below for the actual license texts. Actually both licenses are BSD-style
|
||||||
|
Open Source licenses. In case of any license issues related to OpenSSL
|
||||||
|
please contact openssl-core@openssl.org.
|
||||||
|
|
||||||
|
OpenSSL License
|
||||||
|
---------------
|
||||||
|
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1998-2011 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* openssl-core@openssl.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
Original SSLeay License
|
||||||
|
-----------------------
|
||||||
|
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,878 @@
|
||||||
|
/* crypto/bio/bio.h */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_BIO_H
|
||||||
|
# define HEADER_BIO_H
|
||||||
|
|
||||||
|
# include <openssl/e_os2.h>
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_FP_API
|
||||||
|
# include <stdio.h>
|
||||||
|
# endif
|
||||||
|
# include <stdarg.h>
|
||||||
|
|
||||||
|
# include <openssl/crypto.h>
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_SCTP
|
||||||
|
# ifndef OPENSSL_SYS_VMS
|
||||||
|
# include <stdint.h>
|
||||||
|
# else
|
||||||
|
# include <inttypes.h>
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* These are the 'types' of BIOs */
|
||||||
|
# define BIO_TYPE_NONE 0
|
||||||
|
# define BIO_TYPE_MEM (1|0x0400)
|
||||||
|
# define BIO_TYPE_FILE (2|0x0400)
|
||||||
|
|
||||||
|
# define BIO_TYPE_FD (4|0x0400|0x0100)
|
||||||
|
# define BIO_TYPE_SOCKET (5|0x0400|0x0100)
|
||||||
|
# define BIO_TYPE_NULL (6|0x0400)
|
||||||
|
# define BIO_TYPE_SSL (7|0x0200)
|
||||||
|
# define BIO_TYPE_MD (8|0x0200)/* passive filter */
|
||||||
|
# define BIO_TYPE_BUFFER (9|0x0200)/* filter */
|
||||||
|
# define BIO_TYPE_CIPHER (10|0x0200)/* filter */
|
||||||
|
# define BIO_TYPE_BASE64 (11|0x0200)/* filter */
|
||||||
|
# define BIO_TYPE_CONNECT (12|0x0400|0x0100)/* socket - connect */
|
||||||
|
# define BIO_TYPE_ACCEPT (13|0x0400|0x0100)/* socket for accept */
|
||||||
|
# define BIO_TYPE_PROXY_CLIENT (14|0x0200)/* client proxy BIO */
|
||||||
|
# define BIO_TYPE_PROXY_SERVER (15|0x0200)/* server proxy BIO */
|
||||||
|
# define BIO_TYPE_NBIO_TEST (16|0x0200)/* server proxy BIO */
|
||||||
|
# define BIO_TYPE_NULL_FILTER (17|0x0200)
|
||||||
|
# define BIO_TYPE_BER (18|0x0200)/* BER -> bin filter */
|
||||||
|
# define BIO_TYPE_BIO (19|0x0400)/* (half a) BIO pair */
|
||||||
|
# define BIO_TYPE_LINEBUFFER (20|0x0200)/* filter */
|
||||||
|
# define BIO_TYPE_DGRAM (21|0x0400|0x0100)
|
||||||
|
# ifndef OPENSSL_NO_SCTP
|
||||||
|
# define BIO_TYPE_DGRAM_SCTP (24|0x0400|0x0100)
|
||||||
|
# endif
|
||||||
|
# define BIO_TYPE_ASN1 (22|0x0200)/* filter */
|
||||||
|
# define BIO_TYPE_COMP (23|0x0200)/* filter */
|
||||||
|
|
||||||
|
# define BIO_TYPE_DESCRIPTOR 0x0100/* socket, fd, connect or accept */
|
||||||
|
# define BIO_TYPE_FILTER 0x0200
|
||||||
|
# define BIO_TYPE_SOURCE_SINK 0x0400
|
||||||
|
|
||||||
|
/*
|
||||||
|
* BIO_FILENAME_READ|BIO_CLOSE to open or close on free.
|
||||||
|
* BIO_set_fp(in,stdin,BIO_NOCLOSE);
|
||||||
|
*/
|
||||||
|
# define BIO_NOCLOSE 0x00
|
||||||
|
# define BIO_CLOSE 0x01
|
||||||
|
|
||||||
|
/*
|
||||||
|
* These are used in the following macros and are passed to BIO_ctrl()
|
||||||
|
*/
|
||||||
|
# define BIO_CTRL_RESET 1/* opt - rewind/zero etc */
|
||||||
|
# define BIO_CTRL_EOF 2/* opt - are we at the eof */
|
||||||
|
# define BIO_CTRL_INFO 3/* opt - extra tit-bits */
|
||||||
|
# define BIO_CTRL_SET 4/* man - set the 'IO' type */
|
||||||
|
# define BIO_CTRL_GET 5/* man - get the 'IO' type */
|
||||||
|
# define BIO_CTRL_PUSH 6/* opt - internal, used to signify change */
|
||||||
|
# define BIO_CTRL_POP 7/* opt - internal, used to signify change */
|
||||||
|
# define BIO_CTRL_GET_CLOSE 8/* man - set the 'close' on free */
|
||||||
|
# define BIO_CTRL_SET_CLOSE 9/* man - set the 'close' on free */
|
||||||
|
# define BIO_CTRL_PENDING 10/* opt - is their more data buffered */
|
||||||
|
# define BIO_CTRL_FLUSH 11/* opt - 'flush' buffered output */
|
||||||
|
# define BIO_CTRL_DUP 12/* man - extra stuff for 'duped' BIO */
|
||||||
|
# define BIO_CTRL_WPENDING 13/* opt - number of bytes still to write */
|
||||||
|
/* callback is int cb(BIO *bio,state,ret); */
|
||||||
|
# define BIO_CTRL_SET_CALLBACK 14/* opt - set callback function */
|
||||||
|
# define BIO_CTRL_GET_CALLBACK 15/* opt - set callback function */
|
||||||
|
|
||||||
|
# define BIO_CTRL_SET_FILENAME 30/* BIO_s_file special */
|
||||||
|
|
||||||
|
/* dgram BIO stuff */
|
||||||
|
# define BIO_CTRL_DGRAM_CONNECT 31/* BIO dgram special */
|
||||||
|
# define BIO_CTRL_DGRAM_SET_CONNECTED 32/* allow for an externally connected
|
||||||
|
* socket to be passed in */
|
||||||
|
# define BIO_CTRL_DGRAM_SET_RECV_TIMEOUT 33/* setsockopt, essentially */
|
||||||
|
# define BIO_CTRL_DGRAM_GET_RECV_TIMEOUT 34/* getsockopt, essentially */
|
||||||
|
# define BIO_CTRL_DGRAM_SET_SEND_TIMEOUT 35/* setsockopt, essentially */
|
||||||
|
# define BIO_CTRL_DGRAM_GET_SEND_TIMEOUT 36/* getsockopt, essentially */
|
||||||
|
|
||||||
|
# define BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP 37/* flag whether the last */
|
||||||
|
# define BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP 38/* I/O operation tiemd out */
|
||||||
|
|
||||||
|
/* #ifdef IP_MTU_DISCOVER */
|
||||||
|
# define BIO_CTRL_DGRAM_MTU_DISCOVER 39/* set DF bit on egress packets */
|
||||||
|
/* #endif */
|
||||||
|
|
||||||
|
# define BIO_CTRL_DGRAM_QUERY_MTU 40/* as kernel for current MTU */
|
||||||
|
# define BIO_CTRL_DGRAM_GET_FALLBACK_MTU 47
|
||||||
|
# define BIO_CTRL_DGRAM_GET_MTU 41/* get cached value for MTU */
|
||||||
|
# define BIO_CTRL_DGRAM_SET_MTU 42/* set cached value for MTU.
|
||||||
|
* want to use this if asking
|
||||||
|
* the kernel fails */
|
||||||
|
|
||||||
|
# define BIO_CTRL_DGRAM_MTU_EXCEEDED 43/* check whether the MTU was
|
||||||
|
* exceed in the previous write
|
||||||
|
* operation */
|
||||||
|
|
||||||
|
# define BIO_CTRL_DGRAM_GET_PEER 46
|
||||||
|
# define BIO_CTRL_DGRAM_SET_PEER 44/* Destination for the data */
|
||||||
|
|
||||||
|
# define BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT 45/* Next DTLS handshake timeout
|
||||||
|
* to adjust socket timeouts */
|
||||||
|
# define BIO_CTRL_DGRAM_SET_DONT_FRAG 48
|
||||||
|
|
||||||
|
# define BIO_CTRL_DGRAM_GET_MTU_OVERHEAD 49
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_SCTP
|
||||||
|
/* SCTP stuff */
|
||||||
|
# define BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE 50
|
||||||
|
# define BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY 51
|
||||||
|
# define BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY 52
|
||||||
|
# define BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD 53
|
||||||
|
# define BIO_CTRL_DGRAM_SCTP_GET_SNDINFO 60
|
||||||
|
# define BIO_CTRL_DGRAM_SCTP_SET_SNDINFO 61
|
||||||
|
# define BIO_CTRL_DGRAM_SCTP_GET_RCVINFO 62
|
||||||
|
# define BIO_CTRL_DGRAM_SCTP_SET_RCVINFO 63
|
||||||
|
# define BIO_CTRL_DGRAM_SCTP_GET_PRINFO 64
|
||||||
|
# define BIO_CTRL_DGRAM_SCTP_SET_PRINFO 65
|
||||||
|
# define BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN 70
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* modifiers */
|
||||||
|
# define BIO_FP_READ 0x02
|
||||||
|
# define BIO_FP_WRITE 0x04
|
||||||
|
# define BIO_FP_APPEND 0x08
|
||||||
|
# define BIO_FP_TEXT 0x10
|
||||||
|
|
||||||
|
# define BIO_FLAGS_READ 0x01
|
||||||
|
# define BIO_FLAGS_WRITE 0x02
|
||||||
|
# define BIO_FLAGS_IO_SPECIAL 0x04
|
||||||
|
# define BIO_FLAGS_RWS (BIO_FLAGS_READ|BIO_FLAGS_WRITE|BIO_FLAGS_IO_SPECIAL)
|
||||||
|
# define BIO_FLAGS_SHOULD_RETRY 0x08
|
||||||
|
# ifndef BIO_FLAGS_UPLINK
|
||||||
|
/*
|
||||||
|
* "UPLINK" flag denotes file descriptors provided by application. It
|
||||||
|
* defaults to 0, as most platforms don't require UPLINK interface.
|
||||||
|
*/
|
||||||
|
# define BIO_FLAGS_UPLINK 0
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* Used in BIO_gethostbyname() */
|
||||||
|
# define BIO_GHBN_CTRL_HITS 1
|
||||||
|
# define BIO_GHBN_CTRL_MISSES 2
|
||||||
|
# define BIO_GHBN_CTRL_CACHE_SIZE 3
|
||||||
|
# define BIO_GHBN_CTRL_GET_ENTRY 4
|
||||||
|
# define BIO_GHBN_CTRL_FLUSH 5
|
||||||
|
|
||||||
|
/* Mostly used in the SSL BIO */
|
||||||
|
/*-
|
||||||
|
* Not used anymore
|
||||||
|
* #define BIO_FLAGS_PROTOCOL_DELAYED_READ 0x10
|
||||||
|
* #define BIO_FLAGS_PROTOCOL_DELAYED_WRITE 0x20
|
||||||
|
* #define BIO_FLAGS_PROTOCOL_STARTUP 0x40
|
||||||
|
*/
|
||||||
|
|
||||||
|
# define BIO_FLAGS_BASE64_NO_NL 0x100
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This is used with memory BIOs: it means we shouldn't free up or change the
|
||||||
|
* data in any way.
|
||||||
|
*/
|
||||||
|
# define BIO_FLAGS_MEM_RDONLY 0x200
|
||||||
|
|
||||||
|
typedef struct bio_st BIO;
|
||||||
|
|
||||||
|
void BIO_set_flags(BIO *b, int flags);
|
||||||
|
int BIO_test_flags(const BIO *b, int flags);
|
||||||
|
void BIO_clear_flags(BIO *b, int flags);
|
||||||
|
|
||||||
|
# define BIO_get_flags(b) BIO_test_flags(b, ~(0x0))
|
||||||
|
# define BIO_set_retry_special(b) \
|
||||||
|
BIO_set_flags(b, (BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY))
|
||||||
|
# define BIO_set_retry_read(b) \
|
||||||
|
BIO_set_flags(b, (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY))
|
||||||
|
# define BIO_set_retry_write(b) \
|
||||||
|
BIO_set_flags(b, (BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY))
|
||||||
|
|
||||||
|
/* These are normally used internally in BIOs */
|
||||||
|
# define BIO_clear_retry_flags(b) \
|
||||||
|
BIO_clear_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
|
||||||
|
# define BIO_get_retry_flags(b) \
|
||||||
|
BIO_test_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
|
||||||
|
|
||||||
|
/* These should be used by the application to tell why we should retry */
|
||||||
|
# define BIO_should_read(a) BIO_test_flags(a, BIO_FLAGS_READ)
|
||||||
|
# define BIO_should_write(a) BIO_test_flags(a, BIO_FLAGS_WRITE)
|
||||||
|
# define BIO_should_io_special(a) BIO_test_flags(a, BIO_FLAGS_IO_SPECIAL)
|
||||||
|
# define BIO_retry_type(a) BIO_test_flags(a, BIO_FLAGS_RWS)
|
||||||
|
# define BIO_should_retry(a) BIO_test_flags(a, BIO_FLAGS_SHOULD_RETRY)
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The next three are used in conjunction with the BIO_should_io_special()
|
||||||
|
* condition. After this returns true, BIO *BIO_get_retry_BIO(BIO *bio, int
|
||||||
|
* *reason); will walk the BIO stack and return the 'reason' for the special
|
||||||
|
* and the offending BIO. Given a BIO, BIO_get_retry_reason(bio) will return
|
||||||
|
* the code.
|
||||||
|
*/
|
||||||
|
/*
|
||||||
|
* Returned from the SSL bio when the certificate retrieval code had an error
|
||||||
|
*/
|
||||||
|
# define BIO_RR_SSL_X509_LOOKUP 0x01
|
||||||
|
/* Returned from the connect BIO when a connect would have blocked */
|
||||||
|
# define BIO_RR_CONNECT 0x02
|
||||||
|
/* Returned from the accept BIO when an accept would have blocked */
|
||||||
|
# define BIO_RR_ACCEPT 0x03
|
||||||
|
|
||||||
|
/* These are passed by the BIO callback */
|
||||||
|
# define BIO_CB_FREE 0x01
|
||||||
|
# define BIO_CB_READ 0x02
|
||||||
|
# define BIO_CB_WRITE 0x03
|
||||||
|
# define BIO_CB_PUTS 0x04
|
||||||
|
# define BIO_CB_GETS 0x05
|
||||||
|
# define BIO_CB_CTRL 0x06
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The callback is called before and after the underling operation, The
|
||||||
|
* BIO_CB_RETURN flag indicates if it is after the call
|
||||||
|
*/
|
||||||
|
# define BIO_CB_RETURN 0x80
|
||||||
|
# define BIO_CB_return(a) ((a)|BIO_CB_RETURN))
|
||||||
|
# define BIO_cb_pre(a) (!((a)&BIO_CB_RETURN))
|
||||||
|
# define BIO_cb_post(a) ((a)&BIO_CB_RETURN)
|
||||||
|
|
||||||
|
long (*BIO_get_callback(const BIO *b)) (struct bio_st *, int, const char *,
|
||||||
|
int, long, long);
|
||||||
|
void BIO_set_callback(BIO *b,
|
||||||
|
long (*callback) (struct bio_st *, int, const char *,
|
||||||
|
int, long, long));
|
||||||
|
char *BIO_get_callback_arg(const BIO *b);
|
||||||
|
void BIO_set_callback_arg(BIO *b, char *arg);
|
||||||
|
|
||||||
|
const char *BIO_method_name(const BIO *b);
|
||||||
|
int BIO_method_type(const BIO *b);
|
||||||
|
|
||||||
|
typedef void bio_info_cb (struct bio_st *, int, const char *, int, long,
|
||||||
|
long);
|
||||||
|
|
||||||
|
typedef struct bio_method_st {
|
||||||
|
int type;
|
||||||
|
const char *name;
|
||||||
|
int (*bwrite) (BIO *, const char *, int);
|
||||||
|
int (*bread) (BIO *, char *, int);
|
||||||
|
int (*bputs) (BIO *, const char *);
|
||||||
|
int (*bgets) (BIO *, char *, int);
|
||||||
|
long (*ctrl) (BIO *, int, long, void *);
|
||||||
|
int (*create) (BIO *);
|
||||||
|
int (*destroy) (BIO *);
|
||||||
|
long (*callback_ctrl) (BIO *, int, bio_info_cb *);
|
||||||
|
} BIO_METHOD;
|
||||||
|
|
||||||
|
struct bio_st {
|
||||||
|
BIO_METHOD *method;
|
||||||
|
/* bio, mode, argp, argi, argl, ret */
|
||||||
|
long (*callback) (struct bio_st *, int, const char *, int, long, long);
|
||||||
|
char *cb_arg; /* first argument for the callback */
|
||||||
|
int init;
|
||||||
|
int shutdown;
|
||||||
|
int flags; /* extra storage */
|
||||||
|
int retry_reason;
|
||||||
|
int num;
|
||||||
|
void *ptr;
|
||||||
|
struct bio_st *next_bio; /* used by filter BIOs */
|
||||||
|
struct bio_st *prev_bio; /* used by filter BIOs */
|
||||||
|
int references;
|
||||||
|
unsigned long num_read;
|
||||||
|
unsigned long num_write;
|
||||||
|
CRYPTO_EX_DATA ex_data;
|
||||||
|
};
|
||||||
|
|
||||||
|
DECLARE_STACK_OF(BIO)
|
||||||
|
|
||||||
|
typedef struct bio_f_buffer_ctx_struct {
|
||||||
|
/*-
|
||||||
|
* Buffers are setup like this:
|
||||||
|
*
|
||||||
|
* <---------------------- size ----------------------->
|
||||||
|
* +---------------------------------------------------+
|
||||||
|
* | consumed | remaining | free space |
|
||||||
|
* +---------------------------------------------------+
|
||||||
|
* <-- off --><------- len ------->
|
||||||
|
*/
|
||||||
|
/*- BIO *bio; *//*
|
||||||
|
* this is now in the BIO struct
|
||||||
|
*/
|
||||||
|
int ibuf_size; /* how big is the input buffer */
|
||||||
|
int obuf_size; /* how big is the output buffer */
|
||||||
|
char *ibuf; /* the char array */
|
||||||
|
int ibuf_len; /* how many bytes are in it */
|
||||||
|
int ibuf_off; /* write/read offset */
|
||||||
|
char *obuf; /* the char array */
|
||||||
|
int obuf_len; /* how many bytes are in it */
|
||||||
|
int obuf_off; /* write/read offset */
|
||||||
|
} BIO_F_BUFFER_CTX;
|
||||||
|
|
||||||
|
/* Prefix and suffix callback in ASN1 BIO */
|
||||||
|
typedef int asn1_ps_func (BIO *b, unsigned char **pbuf, int *plen,
|
||||||
|
void *parg);
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_SCTP
|
||||||
|
/* SCTP parameter structs */
|
||||||
|
struct bio_dgram_sctp_sndinfo {
|
||||||
|
uint16_t snd_sid;
|
||||||
|
uint16_t snd_flags;
|
||||||
|
uint32_t snd_ppid;
|
||||||
|
uint32_t snd_context;
|
||||||
|
};
|
||||||
|
|
||||||
|
struct bio_dgram_sctp_rcvinfo {
|
||||||
|
uint16_t rcv_sid;
|
||||||
|
uint16_t rcv_ssn;
|
||||||
|
uint16_t rcv_flags;
|
||||||
|
uint32_t rcv_ppid;
|
||||||
|
uint32_t rcv_tsn;
|
||||||
|
uint32_t rcv_cumtsn;
|
||||||
|
uint32_t rcv_context;
|
||||||
|
};
|
||||||
|
|
||||||
|
struct bio_dgram_sctp_prinfo {
|
||||||
|
uint16_t pr_policy;
|
||||||
|
uint32_t pr_value;
|
||||||
|
};
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* connect BIO stuff */
|
||||||
|
# define BIO_CONN_S_BEFORE 1
|
||||||
|
# define BIO_CONN_S_GET_IP 2
|
||||||
|
# define BIO_CONN_S_GET_PORT 3
|
||||||
|
# define BIO_CONN_S_CREATE_SOCKET 4
|
||||||
|
# define BIO_CONN_S_CONNECT 5
|
||||||
|
# define BIO_CONN_S_OK 6
|
||||||
|
# define BIO_CONN_S_BLOCKED_CONNECT 7
|
||||||
|
# define BIO_CONN_S_NBIO 8
|
||||||
|
/*
|
||||||
|
* #define BIO_CONN_get_param_hostname BIO_ctrl
|
||||||
|
*/
|
||||||
|
|
||||||
|
# define BIO_C_SET_CONNECT 100
|
||||||
|
# define BIO_C_DO_STATE_MACHINE 101
|
||||||
|
# define BIO_C_SET_NBIO 102
|
||||||
|
# define BIO_C_SET_PROXY_PARAM 103
|
||||||
|
# define BIO_C_SET_FD 104
|
||||||
|
# define BIO_C_GET_FD 105
|
||||||
|
# define BIO_C_SET_FILE_PTR 106
|
||||||
|
# define BIO_C_GET_FILE_PTR 107
|
||||||
|
# define BIO_C_SET_FILENAME 108
|
||||||
|
# define BIO_C_SET_SSL 109
|
||||||
|
# define BIO_C_GET_SSL 110
|
||||||
|
# define BIO_C_SET_MD 111
|
||||||
|
# define BIO_C_GET_MD 112
|
||||||
|
# define BIO_C_GET_CIPHER_STATUS 113
|
||||||
|
# define BIO_C_SET_BUF_MEM 114
|
||||||
|
# define BIO_C_GET_BUF_MEM_PTR 115
|
||||||
|
# define BIO_C_GET_BUFF_NUM_LINES 116
|
||||||
|
# define BIO_C_SET_BUFF_SIZE 117
|
||||||
|
# define BIO_C_SET_ACCEPT 118
|
||||||
|
# define BIO_C_SSL_MODE 119
|
||||||
|
# define BIO_C_GET_MD_CTX 120
|
||||||
|
# define BIO_C_GET_PROXY_PARAM 121
|
||||||
|
# define BIO_C_SET_BUFF_READ_DATA 122/* data to read first */
|
||||||
|
# define BIO_C_GET_CONNECT 123
|
||||||
|
# define BIO_C_GET_ACCEPT 124
|
||||||
|
# define BIO_C_SET_SSL_RENEGOTIATE_BYTES 125
|
||||||
|
# define BIO_C_GET_SSL_NUM_RENEGOTIATES 126
|
||||||
|
# define BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT 127
|
||||||
|
# define BIO_C_FILE_SEEK 128
|
||||||
|
# define BIO_C_GET_CIPHER_CTX 129
|
||||||
|
# define BIO_C_SET_BUF_MEM_EOF_RETURN 130/* return end of input
|
||||||
|
* value */
|
||||||
|
# define BIO_C_SET_BIND_MODE 131
|
||||||
|
# define BIO_C_GET_BIND_MODE 132
|
||||||
|
# define BIO_C_FILE_TELL 133
|
||||||
|
# define BIO_C_GET_SOCKS 134
|
||||||
|
# define BIO_C_SET_SOCKS 135
|
||||||
|
|
||||||
|
# define BIO_C_SET_WRITE_BUF_SIZE 136/* for BIO_s_bio */
|
||||||
|
# define BIO_C_GET_WRITE_BUF_SIZE 137
|
||||||
|
# define BIO_C_MAKE_BIO_PAIR 138
|
||||||
|
# define BIO_C_DESTROY_BIO_PAIR 139
|
||||||
|
# define BIO_C_GET_WRITE_GUARANTEE 140
|
||||||
|
# define BIO_C_GET_READ_REQUEST 141
|
||||||
|
# define BIO_C_SHUTDOWN_WR 142
|
||||||
|
# define BIO_C_NREAD0 143
|
||||||
|
# define BIO_C_NREAD 144
|
||||||
|
# define BIO_C_NWRITE0 145
|
||||||
|
# define BIO_C_NWRITE 146
|
||||||
|
# define BIO_C_RESET_READ_REQUEST 147
|
||||||
|
# define BIO_C_SET_MD_CTX 148
|
||||||
|
|
||||||
|
# define BIO_C_SET_PREFIX 149
|
||||||
|
# define BIO_C_GET_PREFIX 150
|
||||||
|
# define BIO_C_SET_SUFFIX 151
|
||||||
|
# define BIO_C_GET_SUFFIX 152
|
||||||
|
|
||||||
|
# define BIO_C_SET_EX_ARG 153
|
||||||
|
# define BIO_C_GET_EX_ARG 154
|
||||||
|
|
||||||
|
# define BIO_set_app_data(s,arg) BIO_set_ex_data(s,0,arg)
|
||||||
|
# define BIO_get_app_data(s) BIO_get_ex_data(s,0)
|
||||||
|
|
||||||
|
/* BIO_s_connect() and BIO_s_socks4a_connect() */
|
||||||
|
# define BIO_set_conn_hostname(b,name) BIO_ctrl(b,BIO_C_SET_CONNECT,0,(char *)name)
|
||||||
|
# define BIO_set_conn_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,1,(char *)port)
|
||||||
|
# define BIO_set_conn_ip(b,ip) BIO_ctrl(b,BIO_C_SET_CONNECT,2,(char *)ip)
|
||||||
|
# define BIO_set_conn_int_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,3,(char *)port)
|
||||||
|
# define BIO_get_conn_hostname(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0)
|
||||||
|
# define BIO_get_conn_port(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1)
|
||||||
|
# define BIO_get_conn_ip(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,2)
|
||||||
|
# define BIO_get_conn_int_port(b) BIO_int_ctrl(b,BIO_C_GET_CONNECT,3,0)
|
||||||
|
|
||||||
|
# define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL)
|
||||||
|
|
||||||
|
/* BIO_s_accept_socket() */
|
||||||
|
# define BIO_set_accept_port(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0,(char *)name)
|
||||||
|
# define BIO_get_accept_port(b) BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0)
|
||||||
|
/* #define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) */
|
||||||
|
# define BIO_set_nbio_accept(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,1,(n)?(void *)"a":NULL)
|
||||||
|
# define BIO_set_accept_bios(b,bio) BIO_ctrl(b,BIO_C_SET_ACCEPT,2,(char *)bio)
|
||||||
|
|
||||||
|
# define BIO_BIND_NORMAL 0
|
||||||
|
# define BIO_BIND_REUSEADDR_IF_UNUSED 1
|
||||||
|
# define BIO_BIND_REUSEADDR 2
|
||||||
|
# define BIO_set_bind_mode(b,mode) BIO_ctrl(b,BIO_C_SET_BIND_MODE,mode,NULL)
|
||||||
|
# define BIO_get_bind_mode(b,mode) BIO_ctrl(b,BIO_C_GET_BIND_MODE,0,NULL)
|
||||||
|
|
||||||
|
# define BIO_do_connect(b) BIO_do_handshake(b)
|
||||||
|
# define BIO_do_accept(b) BIO_do_handshake(b)
|
||||||
|
# define BIO_do_handshake(b) BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)
|
||||||
|
|
||||||
|
/* BIO_s_proxy_client() */
|
||||||
|
# define BIO_set_url(b,url) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,0,(char *)(url))
|
||||||
|
# define BIO_set_proxies(b,p) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,1,(char *)(p))
|
||||||
|
/* BIO_set_nbio(b,n) */
|
||||||
|
# define BIO_set_filter_bio(b,s) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,2,(char *)(s))
|
||||||
|
/* BIO *BIO_get_filter_bio(BIO *bio); */
|
||||||
|
# define BIO_set_proxy_cb(b,cb) BIO_callback_ctrl(b,BIO_C_SET_PROXY_PARAM,3,(void *(*cb)()))
|
||||||
|
# define BIO_set_proxy_header(b,sk) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,4,(char *)sk)
|
||||||
|
# define BIO_set_no_connect_return(b,bool) BIO_int_ctrl(b,BIO_C_SET_PROXY_PARAM,5,bool)
|
||||||
|
|
||||||
|
# define BIO_get_proxy_header(b,skp) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,0,(char *)skp)
|
||||||
|
# define BIO_get_proxies(b,pxy_p) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,1,(char *)(pxy_p))
|
||||||
|
# define BIO_get_url(b,url) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,2,(char *)(url))
|
||||||
|
# define BIO_get_no_connect_return(b) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,5,NULL)
|
||||||
|
|
||||||
|
# define BIO_set_fd(b,fd,c) BIO_int_ctrl(b,BIO_C_SET_FD,c,fd)
|
||||||
|
# define BIO_get_fd(b,c) BIO_ctrl(b,BIO_C_GET_FD,0,(char *)c)
|
||||||
|
|
||||||
|
# define BIO_set_fp(b,fp,c) BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,(char *)fp)
|
||||||
|
# define BIO_get_fp(b,fpp) BIO_ctrl(b,BIO_C_GET_FILE_PTR,0,(char *)fpp)
|
||||||
|
|
||||||
|
# define BIO_seek(b,ofs) (int)BIO_ctrl(b,BIO_C_FILE_SEEK,ofs,NULL)
|
||||||
|
# define BIO_tell(b) (int)BIO_ctrl(b,BIO_C_FILE_TELL,0,NULL)
|
||||||
|
|
||||||
|
/*
|
||||||
|
* name is cast to lose const, but might be better to route through a
|
||||||
|
* function so we can do it safely
|
||||||
|
*/
|
||||||
|
# ifdef CONST_STRICT
|
||||||
|
/*
|
||||||
|
* If you are wondering why this isn't defined, its because CONST_STRICT is
|
||||||
|
* purely a compile-time kludge to allow const to be checked.
|
||||||
|
*/
|
||||||
|
int BIO_read_filename(BIO *b, const char *name);
|
||||||
|
# else
|
||||||
|
# define BIO_read_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
|
||||||
|
BIO_CLOSE|BIO_FP_READ,(char *)name)
|
||||||
|
# endif
|
||||||
|
# define BIO_write_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
|
||||||
|
BIO_CLOSE|BIO_FP_WRITE,name)
|
||||||
|
# define BIO_append_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
|
||||||
|
BIO_CLOSE|BIO_FP_APPEND,name)
|
||||||
|
# define BIO_rw_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
|
||||||
|
BIO_CLOSE|BIO_FP_READ|BIO_FP_WRITE,name)
|
||||||
|
|
||||||
|
/*
|
||||||
|
* WARNING WARNING, this ups the reference count on the read bio of the SSL
|
||||||
|
* structure. This is because the ssl read BIO is now pointed to by the
|
||||||
|
* next_bio field in the bio. So when you free the BIO, make sure you are
|
||||||
|
* doing a BIO_free_all() to catch the underlying BIO.
|
||||||
|
*/
|
||||||
|
# define BIO_set_ssl(b,ssl,c) BIO_ctrl(b,BIO_C_SET_SSL,c,(char *)ssl)
|
||||||
|
# define BIO_get_ssl(b,sslp) BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)sslp)
|
||||||
|
# define BIO_set_ssl_mode(b,client) BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL)
|
||||||
|
# define BIO_set_ssl_renegotiate_bytes(b,num) \
|
||||||
|
BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL);
|
||||||
|
# define BIO_get_num_renegotiates(b) \
|
||||||
|
BIO_ctrl(b,BIO_C_GET_SSL_NUM_RENEGOTIATES,0,NULL);
|
||||||
|
# define BIO_set_ssl_renegotiate_timeout(b,seconds) \
|
||||||
|
BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL);
|
||||||
|
|
||||||
|
/* defined in evp.h */
|
||||||
|
/* #define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,1,(char *)md) */
|
||||||
|
|
||||||
|
# define BIO_get_mem_data(b,pp) BIO_ctrl(b,BIO_CTRL_INFO,0,(char *)pp)
|
||||||
|
# define BIO_set_mem_buf(b,bm,c) BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,(char *)bm)
|
||||||
|
# define BIO_get_mem_ptr(b,pp) BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0,(char *)pp)
|
||||||
|
# define BIO_set_mem_eof_return(b,v) \
|
||||||
|
BIO_ctrl(b,BIO_C_SET_BUF_MEM_EOF_RETURN,v,NULL)
|
||||||
|
|
||||||
|
/* For the BIO_f_buffer() type */
|
||||||
|
# define BIO_get_buffer_num_lines(b) BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL)
|
||||||
|
# define BIO_set_buffer_size(b,size) BIO_ctrl(b,BIO_C_SET_BUFF_SIZE,size,NULL)
|
||||||
|
# define BIO_set_read_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,0)
|
||||||
|
# define BIO_set_write_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,1)
|
||||||
|
# define BIO_set_buffer_read_data(b,buf,num) BIO_ctrl(b,BIO_C_SET_BUFF_READ_DATA,num,buf)
|
||||||
|
|
||||||
|
/* Don't use the next one unless you know what you are doing :-) */
|
||||||
|
# define BIO_dup_state(b,ret) BIO_ctrl(b,BIO_CTRL_DUP,0,(char *)(ret))
|
||||||
|
|
||||||
|
# define BIO_reset(b) (int)BIO_ctrl(b,BIO_CTRL_RESET,0,NULL)
|
||||||
|
# define BIO_eof(b) (int)BIO_ctrl(b,BIO_CTRL_EOF,0,NULL)
|
||||||
|
# define BIO_set_close(b,c) (int)BIO_ctrl(b,BIO_CTRL_SET_CLOSE,(c),NULL)
|
||||||
|
# define BIO_get_close(b) (int)BIO_ctrl(b,BIO_CTRL_GET_CLOSE,0,NULL)
|
||||||
|
# define BIO_pending(b) (int)BIO_ctrl(b,BIO_CTRL_PENDING,0,NULL)
|
||||||
|
# define BIO_wpending(b) (int)BIO_ctrl(b,BIO_CTRL_WPENDING,0,NULL)
|
||||||
|
/* ...pending macros have inappropriate return type */
|
||||||
|
size_t BIO_ctrl_pending(BIO *b);
|
||||||
|
size_t BIO_ctrl_wpending(BIO *b);
|
||||||
|
# define BIO_flush(b) (int)BIO_ctrl(b,BIO_CTRL_FLUSH,0,NULL)
|
||||||
|
# define BIO_get_info_callback(b,cbp) (int)BIO_ctrl(b,BIO_CTRL_GET_CALLBACK,0, \
|
||||||
|
cbp)
|
||||||
|
# define BIO_set_info_callback(b,cb) (int)BIO_callback_ctrl(b,BIO_CTRL_SET_CALLBACK,cb)
|
||||||
|
|
||||||
|
/* For the BIO_f_buffer() type */
|
||||||
|
# define BIO_buffer_get_num_lines(b) BIO_ctrl(b,BIO_CTRL_GET,0,NULL)
|
||||||
|
|
||||||
|
/* For BIO_s_bio() */
|
||||||
|
# define BIO_set_write_buf_size(b,size) (int)BIO_ctrl(b,BIO_C_SET_WRITE_BUF_SIZE,size,NULL)
|
||||||
|
# define BIO_get_write_buf_size(b,size) (size_t)BIO_ctrl(b,BIO_C_GET_WRITE_BUF_SIZE,size,NULL)
|
||||||
|
# define BIO_make_bio_pair(b1,b2) (int)BIO_ctrl(b1,BIO_C_MAKE_BIO_PAIR,0,b2)
|
||||||
|
# define BIO_destroy_bio_pair(b) (int)BIO_ctrl(b,BIO_C_DESTROY_BIO_PAIR,0,NULL)
|
||||||
|
# define BIO_shutdown_wr(b) (int)BIO_ctrl(b, BIO_C_SHUTDOWN_WR, 0, NULL)
|
||||||
|
/* macros with inappropriate type -- but ...pending macros use int too: */
|
||||||
|
# define BIO_get_write_guarantee(b) (int)BIO_ctrl(b,BIO_C_GET_WRITE_GUARANTEE,0,NULL)
|
||||||
|
# define BIO_get_read_request(b) (int)BIO_ctrl(b,BIO_C_GET_READ_REQUEST,0,NULL)
|
||||||
|
size_t BIO_ctrl_get_write_guarantee(BIO *b);
|
||||||
|
size_t BIO_ctrl_get_read_request(BIO *b);
|
||||||
|
int BIO_ctrl_reset_read_request(BIO *b);
|
||||||
|
|
||||||
|
/* ctrl macros for dgram */
|
||||||
|
# define BIO_ctrl_dgram_connect(b,peer) \
|
||||||
|
(int)BIO_ctrl(b,BIO_CTRL_DGRAM_CONNECT,0, (char *)peer)
|
||||||
|
# define BIO_ctrl_set_connected(b, state, peer) \
|
||||||
|
(int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_CONNECTED, state, (char *)peer)
|
||||||
|
# define BIO_dgram_recv_timedout(b) \
|
||||||
|
(int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP, 0, NULL)
|
||||||
|
# define BIO_dgram_send_timedout(b) \
|
||||||
|
(int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP, 0, NULL)
|
||||||
|
# define BIO_dgram_get_peer(b,peer) \
|
||||||
|
(int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_PEER, 0, (char *)peer)
|
||||||
|
# define BIO_dgram_set_peer(b,peer) \
|
||||||
|
(int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, (char *)peer)
|
||||||
|
# define BIO_dgram_get_mtu_overhead(b) \
|
||||||
|
(unsigned int)BIO_ctrl((b), BIO_CTRL_DGRAM_GET_MTU_OVERHEAD, 0, NULL)
|
||||||
|
|
||||||
|
/* These two aren't currently implemented */
|
||||||
|
/* int BIO_get_ex_num(BIO *bio); */
|
||||||
|
/* void BIO_set_ex_free_func(BIO *bio,int idx,void (*cb)()); */
|
||||||
|
int BIO_set_ex_data(BIO *bio, int idx, void *data);
|
||||||
|
void *BIO_get_ex_data(BIO *bio, int idx);
|
||||||
|
int BIO_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
|
||||||
|
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
|
||||||
|
unsigned long BIO_number_read(BIO *bio);
|
||||||
|
unsigned long BIO_number_written(BIO *bio);
|
||||||
|
|
||||||
|
/* For BIO_f_asn1() */
|
||||||
|
int BIO_asn1_set_prefix(BIO *b, asn1_ps_func *prefix,
|
||||||
|
asn1_ps_func *prefix_free);
|
||||||
|
int BIO_asn1_get_prefix(BIO *b, asn1_ps_func **pprefix,
|
||||||
|
asn1_ps_func **pprefix_free);
|
||||||
|
int BIO_asn1_set_suffix(BIO *b, asn1_ps_func *suffix,
|
||||||
|
asn1_ps_func *suffix_free);
|
||||||
|
int BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix,
|
||||||
|
asn1_ps_func **psuffix_free);
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_FP_API
|
||||||
|
BIO_METHOD *BIO_s_file(void);
|
||||||
|
BIO *BIO_new_file(const char *filename, const char *mode);
|
||||||
|
BIO *BIO_new_fp(FILE *stream, int close_flag);
|
||||||
|
# define BIO_s_file_internal BIO_s_file
|
||||||
|
# endif
|
||||||
|
BIO *BIO_new(BIO_METHOD *type);
|
||||||
|
int BIO_set(BIO *a, BIO_METHOD *type);
|
||||||
|
int BIO_free(BIO *a);
|
||||||
|
void BIO_vfree(BIO *a);
|
||||||
|
int BIO_read(BIO *b, void *data, int len);
|
||||||
|
int BIO_gets(BIO *bp, char *buf, int size);
|
||||||
|
int BIO_write(BIO *b, const void *data, int len);
|
||||||
|
int BIO_puts(BIO *bp, const char *buf);
|
||||||
|
int BIO_indent(BIO *b, int indent, int max);
|
||||||
|
long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
|
||||||
|
long BIO_callback_ctrl(BIO *b, int cmd,
|
||||||
|
void (*fp) (struct bio_st *, int, const char *, int,
|
||||||
|
long, long));
|
||||||
|
char *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
|
||||||
|
long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
|
||||||
|
BIO *BIO_push(BIO *b, BIO *append);
|
||||||
|
BIO *BIO_pop(BIO *b);
|
||||||
|
void BIO_free_all(BIO *a);
|
||||||
|
BIO *BIO_find_type(BIO *b, int bio_type);
|
||||||
|
BIO *BIO_next(BIO *b);
|
||||||
|
BIO *BIO_get_retry_BIO(BIO *bio, int *reason);
|
||||||
|
int BIO_get_retry_reason(BIO *bio);
|
||||||
|
BIO *BIO_dup_chain(BIO *in);
|
||||||
|
|
||||||
|
int BIO_nread0(BIO *bio, char **buf);
|
||||||
|
int BIO_nread(BIO *bio, char **buf, int num);
|
||||||
|
int BIO_nwrite0(BIO *bio, char **buf);
|
||||||
|
int BIO_nwrite(BIO *bio, char **buf, int num);
|
||||||
|
|
||||||
|
long BIO_debug_callback(BIO *bio, int cmd, const char *argp, int argi,
|
||||||
|
long argl, long ret);
|
||||||
|
|
||||||
|
BIO_METHOD *BIO_s_mem(void);
|
||||||
|
BIO *BIO_new_mem_buf(void *buf, int len);
|
||||||
|
BIO_METHOD *BIO_s_socket(void);
|
||||||
|
BIO_METHOD *BIO_s_connect(void);
|
||||||
|
BIO_METHOD *BIO_s_accept(void);
|
||||||
|
BIO_METHOD *BIO_s_fd(void);
|
||||||
|
# ifndef OPENSSL_SYS_OS2
|
||||||
|
BIO_METHOD *BIO_s_log(void);
|
||||||
|
# endif
|
||||||
|
BIO_METHOD *BIO_s_bio(void);
|
||||||
|
BIO_METHOD *BIO_s_null(void);
|
||||||
|
BIO_METHOD *BIO_f_null(void);
|
||||||
|
BIO_METHOD *BIO_f_buffer(void);
|
||||||
|
# ifdef OPENSSL_SYS_VMS
|
||||||
|
BIO_METHOD *BIO_f_linebuffer(void);
|
||||||
|
# endif
|
||||||
|
BIO_METHOD *BIO_f_nbio_test(void);
|
||||||
|
# ifndef OPENSSL_NO_DGRAM
|
||||||
|
BIO_METHOD *BIO_s_datagram(void);
|
||||||
|
# ifndef OPENSSL_NO_SCTP
|
||||||
|
BIO_METHOD *BIO_s_datagram_sctp(void);
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* BIO_METHOD *BIO_f_ber(void); */
|
||||||
|
|
||||||
|
int BIO_sock_should_retry(int i);
|
||||||
|
int BIO_sock_non_fatal_error(int error);
|
||||||
|
int BIO_dgram_non_fatal_error(int error);
|
||||||
|
|
||||||
|
int BIO_fd_should_retry(int i);
|
||||||
|
int BIO_fd_non_fatal_error(int error);
|
||||||
|
int BIO_dump_cb(int (*cb) (const void *data, size_t len, void *u),
|
||||||
|
void *u, const char *s, int len);
|
||||||
|
int BIO_dump_indent_cb(int (*cb) (const void *data, size_t len, void *u),
|
||||||
|
void *u, const char *s, int len, int indent);
|
||||||
|
int BIO_dump(BIO *b, const char *bytes, int len);
|
||||||
|
int BIO_dump_indent(BIO *b, const char *bytes, int len, int indent);
|
||||||
|
# ifndef OPENSSL_NO_FP_API
|
||||||
|
int BIO_dump_fp(FILE *fp, const char *s, int len);
|
||||||
|
int BIO_dump_indent_fp(FILE *fp, const char *s, int len, int indent);
|
||||||
|
# endif
|
||||||
|
int BIO_hex_string(BIO *out, int indent, int width, unsigned char *data,
|
||||||
|
int datalen);
|
||||||
|
|
||||||
|
struct hostent *BIO_gethostbyname(const char *name);
|
||||||
|
/*-
|
||||||
|
* We might want a thread-safe interface too:
|
||||||
|
* struct hostent *BIO_gethostbyname_r(const char *name,
|
||||||
|
* struct hostent *result, void *buffer, size_t buflen);
|
||||||
|
* or something similar (caller allocates a struct hostent,
|
||||||
|
* pointed to by "result", and additional buffer space for the various
|
||||||
|
* substructures; if the buffer does not suffice, NULL is returned
|
||||||
|
* and an appropriate error code is set).
|
||||||
|
*/
|
||||||
|
int BIO_sock_error(int sock);
|
||||||
|
int BIO_socket_ioctl(int fd, long type, void *arg);
|
||||||
|
int BIO_socket_nbio(int fd, int mode);
|
||||||
|
int BIO_get_port(const char *str, unsigned short *port_ptr);
|
||||||
|
int BIO_get_host_ip(const char *str, unsigned char *ip);
|
||||||
|
int BIO_get_accept_socket(char *host_port, int mode);
|
||||||
|
int BIO_accept(int sock, char **ip_port);
|
||||||
|
int BIO_sock_init(void);
|
||||||
|
void BIO_sock_cleanup(void);
|
||||||
|
int BIO_set_tcp_ndelay(int sock, int turn_on);
|
||||||
|
|
||||||
|
BIO *BIO_new_socket(int sock, int close_flag);
|
||||||
|
BIO *BIO_new_dgram(int fd, int close_flag);
|
||||||
|
# ifndef OPENSSL_NO_SCTP
|
||||||
|
BIO *BIO_new_dgram_sctp(int fd, int close_flag);
|
||||||
|
int BIO_dgram_is_sctp(BIO *bio);
|
||||||
|
int BIO_dgram_sctp_notification_cb(BIO *b,
|
||||||
|
void (*handle_notifications) (BIO *bio,
|
||||||
|
void
|
||||||
|
*context,
|
||||||
|
void *buf),
|
||||||
|
void *context);
|
||||||
|
int BIO_dgram_sctp_wait_for_dry(BIO *b);
|
||||||
|
int BIO_dgram_sctp_msg_waiting(BIO *b);
|
||||||
|
# endif
|
||||||
|
BIO *BIO_new_fd(int fd, int close_flag);
|
||||||
|
BIO *BIO_new_connect(const char *host_port);
|
||||||
|
BIO *BIO_new_accept(const char *host_port);
|
||||||
|
|
||||||
|
int BIO_new_bio_pair(BIO **bio1, size_t writebuf1,
|
||||||
|
BIO **bio2, size_t writebuf2);
|
||||||
|
/*
|
||||||
|
* If successful, returns 1 and in *bio1, *bio2 two BIO pair endpoints.
|
||||||
|
* Otherwise returns 0 and sets *bio1 and *bio2 to NULL. Size 0 uses default
|
||||||
|
* value.
|
||||||
|
*/
|
||||||
|
|
||||||
|
void BIO_copy_next_retry(BIO *b);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);
|
||||||
|
*/
|
||||||
|
|
||||||
|
# ifdef __GNUC__
|
||||||
|
# define __bio_h__attr__ __attribute__
|
||||||
|
# else
|
||||||
|
# define __bio_h__attr__(x)
|
||||||
|
# endif
|
||||||
|
int BIO_printf(BIO *bio, const char *format, ...)
|
||||||
|
__bio_h__attr__((__format__(__printf__, 2, 3)));
|
||||||
|
int BIO_vprintf(BIO *bio, const char *format, va_list args)
|
||||||
|
__bio_h__attr__((__format__(__printf__, 2, 0)));
|
||||||
|
int BIO_snprintf(char *buf, size_t n, const char *format, ...)
|
||||||
|
__bio_h__attr__((__format__(__printf__, 3, 4)));
|
||||||
|
int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)
|
||||||
|
__bio_h__attr__((__format__(__printf__, 3, 0)));
|
||||||
|
# undef __bio_h__attr__
|
||||||
|
|
||||||
|
/* BEGIN ERROR CODES */
|
||||||
|
/*
|
||||||
|
* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||||
|
* made after this point may be overwritten when the script is next run.
|
||||||
|
*/
|
||||||
|
void ERR_load_BIO_strings(void);
|
||||||
|
|
||||||
|
/* Error codes for the BIO functions. */
|
||||||
|
|
||||||
|
/* Function codes. */
|
||||||
|
# define BIO_F_ACPT_STATE 100
|
||||||
|
# define BIO_F_BIO_ACCEPT 101
|
||||||
|
# define BIO_F_BIO_BER_GET_HEADER 102
|
||||||
|
# define BIO_F_BIO_CALLBACK_CTRL 131
|
||||||
|
# define BIO_F_BIO_CTRL 103
|
||||||
|
# define BIO_F_BIO_GETHOSTBYNAME 120
|
||||||
|
# define BIO_F_BIO_GETS 104
|
||||||
|
# define BIO_F_BIO_GET_ACCEPT_SOCKET 105
|
||||||
|
# define BIO_F_BIO_GET_HOST_IP 106
|
||||||
|
# define BIO_F_BIO_GET_PORT 107
|
||||||
|
# define BIO_F_BIO_MAKE_PAIR 121
|
||||||
|
# define BIO_F_BIO_NEW 108
|
||||||
|
# define BIO_F_BIO_NEW_FILE 109
|
||||||
|
# define BIO_F_BIO_NEW_MEM_BUF 126
|
||||||
|
# define BIO_F_BIO_NREAD 123
|
||||||
|
# define BIO_F_BIO_NREAD0 124
|
||||||
|
# define BIO_F_BIO_NWRITE 125
|
||||||
|
# define BIO_F_BIO_NWRITE0 122
|
||||||
|
# define BIO_F_BIO_PUTS 110
|
||||||
|
# define BIO_F_BIO_READ 111
|
||||||
|
# define BIO_F_BIO_SOCK_INIT 112
|
||||||
|
# define BIO_F_BIO_WRITE 113
|
||||||
|
# define BIO_F_BUFFER_CTRL 114
|
||||||
|
# define BIO_F_CONN_CTRL 127
|
||||||
|
# define BIO_F_CONN_STATE 115
|
||||||
|
# define BIO_F_DGRAM_SCTP_READ 132
|
||||||
|
# define BIO_F_FILE_CTRL 116
|
||||||
|
# define BIO_F_FILE_READ 130
|
||||||
|
# define BIO_F_LINEBUFFER_CTRL 129
|
||||||
|
# define BIO_F_MEM_READ 128
|
||||||
|
# define BIO_F_MEM_WRITE 117
|
||||||
|
# define BIO_F_SSL_NEW 118
|
||||||
|
# define BIO_F_WSASTARTUP 119
|
||||||
|
|
||||||
|
/* Reason codes. */
|
||||||
|
# define BIO_R_ACCEPT_ERROR 100
|
||||||
|
# define BIO_R_BAD_FOPEN_MODE 101
|
||||||
|
# define BIO_R_BAD_HOSTNAME_LOOKUP 102
|
||||||
|
# define BIO_R_BROKEN_PIPE 124
|
||||||
|
# define BIO_R_CONNECT_ERROR 103
|
||||||
|
# define BIO_R_EOF_ON_MEMORY_BIO 127
|
||||||
|
# define BIO_R_ERROR_SETTING_NBIO 104
|
||||||
|
# define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET 105
|
||||||
|
# define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET 106
|
||||||
|
# define BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET 107
|
||||||
|
# define BIO_R_INVALID_ARGUMENT 125
|
||||||
|
# define BIO_R_INVALID_IP_ADDRESS 108
|
||||||
|
# define BIO_R_IN_USE 123
|
||||||
|
# define BIO_R_KEEPALIVE 109
|
||||||
|
# define BIO_R_NBIO_CONNECT_ERROR 110
|
||||||
|
# define BIO_R_NO_ACCEPT_PORT_SPECIFIED 111
|
||||||
|
# define BIO_R_NO_HOSTNAME_SPECIFIED 112
|
||||||
|
# define BIO_R_NO_PORT_DEFINED 113
|
||||||
|
# define BIO_R_NO_PORT_SPECIFIED 114
|
||||||
|
# define BIO_R_NO_SUCH_FILE 128
|
||||||
|
# define BIO_R_NULL_PARAMETER 115
|
||||||
|
# define BIO_R_TAG_MISMATCH 116
|
||||||
|
# define BIO_R_UNABLE_TO_BIND_SOCKET 117
|
||||||
|
# define BIO_R_UNABLE_TO_CREATE_SOCKET 118
|
||||||
|
# define BIO_R_UNABLE_TO_LISTEN_SOCKET 119
|
||||||
|
# define BIO_R_UNINITIALIZED 120
|
||||||
|
# define BIO_R_UNSUPPORTED_METHOD 121
|
||||||
|
# define BIO_R_WRITE_TO_READ_ONLY_BIO 126
|
||||||
|
# define BIO_R_WSASTARTUP 122
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
|
@ -0,0 +1,934 @@
|
||||||
|
/* crypto/bn/bn.h */
|
||||||
|
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* openssl-core@openssl.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
|
||||||
|
*
|
||||||
|
* Portions of the attached software ("Contribution") are developed by
|
||||||
|
* SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
|
||||||
|
*
|
||||||
|
* The Contribution is licensed pursuant to the Eric Young open source
|
||||||
|
* license provided above.
|
||||||
|
*
|
||||||
|
* The binary polynomial arithmetic software is originally written by
|
||||||
|
* Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_BN_H
|
||||||
|
# define HEADER_BN_H
|
||||||
|
|
||||||
|
# include <openssl/e_os2.h>
|
||||||
|
# ifndef OPENSSL_NO_FP_API
|
||||||
|
# include <stdio.h> /* FILE */
|
||||||
|
# endif
|
||||||
|
# include <openssl/ossl_typ.h>
|
||||||
|
# include <openssl/crypto.h>
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* These preprocessor symbols control various aspects of the bignum headers
|
||||||
|
* and library code. They're not defined by any "normal" configuration, as
|
||||||
|
* they are intended for development and testing purposes. NB: defining all
|
||||||
|
* three can be useful for debugging application code as well as openssl
|
||||||
|
* itself. BN_DEBUG - turn on various debugging alterations to the bignum
|
||||||
|
* code BN_DEBUG_RAND - uses random poisoning of unused words to trip up
|
||||||
|
* mismanagement of bignum internals. You must also define BN_DEBUG.
|
||||||
|
*/
|
||||||
|
/* #define BN_DEBUG */
|
||||||
|
/* #define BN_DEBUG_RAND */
|
||||||
|
|
||||||
|
# ifndef OPENSSL_SMALL_FOOTPRINT
|
||||||
|
# define BN_MUL_COMBA
|
||||||
|
# define BN_SQR_COMBA
|
||||||
|
# define BN_RECURSION
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This next option uses the C libraries (2 word)/(1 word) function. If it is
|
||||||
|
* not defined, I use my C version (which is slower). The reason for this
|
||||||
|
* flag is that when the particular C compiler library routine is used, and
|
||||||
|
* the library is linked with a different compiler, the library is missing.
|
||||||
|
* This mostly happens when the library is built with gcc and then linked
|
||||||
|
* using normal cc. This would be a common occurrence because gcc normally
|
||||||
|
* produces code that is 2 times faster than system compilers for the big
|
||||||
|
* number stuff. For machines with only one compiler (or shared libraries),
|
||||||
|
* this should be on. Again this in only really a problem on machines using
|
||||||
|
* "long long's", are 32bit, and are not using my assembler code.
|
||||||
|
*/
|
||||||
|
# if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS) || \
|
||||||
|
defined(OPENSSL_SYS_WIN32) || defined(linux)
|
||||||
|
# ifndef BN_DIV2W
|
||||||
|
# define BN_DIV2W
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* assuming long is 64bit - this is the DEC Alpha unsigned long long is only
|
||||||
|
* 64 bits :-(, don't define BN_LLONG for the DEC Alpha
|
||||||
|
*/
|
||||||
|
# ifdef SIXTY_FOUR_BIT_LONG
|
||||||
|
# define BN_ULLONG unsigned long long
|
||||||
|
# define BN_ULONG unsigned long
|
||||||
|
# define BN_LONG long
|
||||||
|
# define BN_BITS 128
|
||||||
|
# define BN_BYTES 8
|
||||||
|
# define BN_BITS2 64
|
||||||
|
# define BN_BITS4 32
|
||||||
|
# define BN_MASK (0xffffffffffffffffffffffffffffffffLL)
|
||||||
|
# define BN_MASK2 (0xffffffffffffffffL)
|
||||||
|
# define BN_MASK2l (0xffffffffL)
|
||||||
|
# define BN_MASK2h (0xffffffff00000000L)
|
||||||
|
# define BN_MASK2h1 (0xffffffff80000000L)
|
||||||
|
# define BN_TBIT (0x8000000000000000L)
|
||||||
|
# define BN_DEC_CONV (10000000000000000000UL)
|
||||||
|
# define BN_DEC_FMT1 "%lu"
|
||||||
|
# define BN_DEC_FMT2 "%019lu"
|
||||||
|
# define BN_DEC_NUM 19
|
||||||
|
# define BN_HEX_FMT1 "%lX"
|
||||||
|
# define BN_HEX_FMT2 "%016lX"
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This is where the long long data type is 64 bits, but long is 32. For
|
||||||
|
* machines where there are 64bit registers, this is the mode to use. IRIX,
|
||||||
|
* on R4000 and above should use this mode, along with the relevant assembler
|
||||||
|
* code :-). Do NOT define BN_LLONG.
|
||||||
|
*/
|
||||||
|
# ifdef SIXTY_FOUR_BIT
|
||||||
|
# undef BN_LLONG
|
||||||
|
# undef BN_ULLONG
|
||||||
|
# define BN_ULONG unsigned long long
|
||||||
|
# define BN_LONG long long
|
||||||
|
# define BN_BITS 128
|
||||||
|
# define BN_BYTES 8
|
||||||
|
# define BN_BITS2 64
|
||||||
|
# define BN_BITS4 32
|
||||||
|
# define BN_MASK2 (0xffffffffffffffffLL)
|
||||||
|
# define BN_MASK2l (0xffffffffL)
|
||||||
|
# define BN_MASK2h (0xffffffff00000000LL)
|
||||||
|
# define BN_MASK2h1 (0xffffffff80000000LL)
|
||||||
|
# define BN_TBIT (0x8000000000000000LL)
|
||||||
|
# define BN_DEC_CONV (10000000000000000000ULL)
|
||||||
|
# define BN_DEC_FMT1 "%llu"
|
||||||
|
# define BN_DEC_FMT2 "%019llu"
|
||||||
|
# define BN_DEC_NUM 19
|
||||||
|
# define BN_HEX_FMT1 "%llX"
|
||||||
|
# define BN_HEX_FMT2 "%016llX"
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifdef THIRTY_TWO_BIT
|
||||||
|
# ifdef BN_LLONG
|
||||||
|
# if defined(_WIN32) && !defined(__GNUC__)
|
||||||
|
# define BN_ULLONG unsigned __int64
|
||||||
|
# define BN_MASK (0xffffffffffffffffI64)
|
||||||
|
# else
|
||||||
|
# define BN_ULLONG unsigned long long
|
||||||
|
# define BN_MASK (0xffffffffffffffffLL)
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
# define BN_ULONG unsigned int
|
||||||
|
# define BN_LONG int
|
||||||
|
# define BN_BITS 64
|
||||||
|
# define BN_BYTES 4
|
||||||
|
# define BN_BITS2 32
|
||||||
|
# define BN_BITS4 16
|
||||||
|
# define BN_MASK2 (0xffffffffL)
|
||||||
|
# define BN_MASK2l (0xffff)
|
||||||
|
# define BN_MASK2h1 (0xffff8000L)
|
||||||
|
# define BN_MASK2h (0xffff0000L)
|
||||||
|
# define BN_TBIT (0x80000000L)
|
||||||
|
# define BN_DEC_CONV (1000000000L)
|
||||||
|
# define BN_DEC_FMT1 "%u"
|
||||||
|
# define BN_DEC_FMT2 "%09u"
|
||||||
|
# define BN_DEC_NUM 9
|
||||||
|
# define BN_HEX_FMT1 "%X"
|
||||||
|
# define BN_HEX_FMT2 "%08X"
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# define BN_DEFAULT_BITS 1280
|
||||||
|
|
||||||
|
# define BN_FLG_MALLOCED 0x01
|
||||||
|
# define BN_FLG_STATIC_DATA 0x02
|
||||||
|
|
||||||
|
/*
|
||||||
|
* avoid leaking exponent information through timing,
|
||||||
|
* BN_mod_exp_mont() will call BN_mod_exp_mont_consttime,
|
||||||
|
* BN_div() will call BN_div_no_branch,
|
||||||
|
* BN_mod_inverse() will call BN_mod_inverse_no_branch.
|
||||||
|
*/
|
||||||
|
# define BN_FLG_CONSTTIME 0x04
|
||||||
|
|
||||||
|
# ifdef OPENSSL_NO_DEPRECATED
|
||||||
|
/* deprecated name for the flag */
|
||||||
|
# define BN_FLG_EXP_CONSTTIME BN_FLG_CONSTTIME
|
||||||
|
/*
|
||||||
|
* avoid leaking exponent information through timings
|
||||||
|
* (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime)
|
||||||
|
*/
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_DEPRECATED
|
||||||
|
# define BN_FLG_FREE 0x8000
|
||||||
|
/* used for debuging */
|
||||||
|
# endif
|
||||||
|
# define BN_set_flags(b,n) ((b)->flags|=(n))
|
||||||
|
# define BN_get_flags(b,n) ((b)->flags&(n))
|
||||||
|
|
||||||
|
/*
|
||||||
|
* get a clone of a BIGNUM with changed flags, for *temporary* use only (the
|
||||||
|
* two BIGNUMs cannot not be used in parallel!)
|
||||||
|
*/
|
||||||
|
# define BN_with_flags(dest,b,n) ((dest)->d=(b)->d, \
|
||||||
|
(dest)->top=(b)->top, \
|
||||||
|
(dest)->dmax=(b)->dmax, \
|
||||||
|
(dest)->neg=(b)->neg, \
|
||||||
|
(dest)->flags=(((dest)->flags & BN_FLG_MALLOCED) \
|
||||||
|
| ((b)->flags & ~BN_FLG_MALLOCED) \
|
||||||
|
| BN_FLG_STATIC_DATA \
|
||||||
|
| (n)))
|
||||||
|
|
||||||
|
/* Already declared in ossl_typ.h */
|
||||||
|
# if 0
|
||||||
|
typedef struct bignum_st BIGNUM;
|
||||||
|
/* Used for temp variables (declaration hidden in bn_lcl.h) */
|
||||||
|
typedef struct bignum_ctx BN_CTX;
|
||||||
|
typedef struct bn_blinding_st BN_BLINDING;
|
||||||
|
typedef struct bn_mont_ctx_st BN_MONT_CTX;
|
||||||
|
typedef struct bn_recp_ctx_st BN_RECP_CTX;
|
||||||
|
typedef struct bn_gencb_st BN_GENCB;
|
||||||
|
# endif
|
||||||
|
|
||||||
|
struct bignum_st {
|
||||||
|
BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit
|
||||||
|
* chunks. */
|
||||||
|
int top; /* Index of last used d +1. */
|
||||||
|
/* The next are internal book keeping for bn_expand. */
|
||||||
|
int dmax; /* Size of the d array. */
|
||||||
|
int neg; /* one if the number is negative */
|
||||||
|
int flags;
|
||||||
|
};
|
||||||
|
|
||||||
|
/* Used for montgomery multiplication */
|
||||||
|
struct bn_mont_ctx_st {
|
||||||
|
int ri; /* number of bits in R */
|
||||||
|
BIGNUM RR; /* used to convert to montgomery form */
|
||||||
|
BIGNUM N; /* The modulus */
|
||||||
|
BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1 (Ni is only
|
||||||
|
* stored for bignum algorithm) */
|
||||||
|
BN_ULONG n0[2]; /* least significant word(s) of Ni; (type
|
||||||
|
* changed with 0.9.9, was "BN_ULONG n0;"
|
||||||
|
* before) */
|
||||||
|
int flags;
|
||||||
|
};
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Used for reciprocal division/mod functions It cannot be shared between
|
||||||
|
* threads
|
||||||
|
*/
|
||||||
|
struct bn_recp_ctx_st {
|
||||||
|
BIGNUM N; /* the divisor */
|
||||||
|
BIGNUM Nr; /* the reciprocal */
|
||||||
|
int num_bits;
|
||||||
|
int shift;
|
||||||
|
int flags;
|
||||||
|
};
|
||||||
|
|
||||||
|
/* Used for slow "generation" functions. */
|
||||||
|
struct bn_gencb_st {
|
||||||
|
unsigned int ver; /* To handle binary (in)compatibility */
|
||||||
|
void *arg; /* callback-specific data */
|
||||||
|
union {
|
||||||
|
/* if(ver==1) - handles old style callbacks */
|
||||||
|
void (*cb_1) (int, int, void *);
|
||||||
|
/* if(ver==2) - new callback style */
|
||||||
|
int (*cb_2) (int, int, BN_GENCB *);
|
||||||
|
} cb;
|
||||||
|
};
|
||||||
|
/* Wrapper function to make using BN_GENCB easier, */
|
||||||
|
int BN_GENCB_call(BN_GENCB *cb, int a, int b);
|
||||||
|
/* Macro to populate a BN_GENCB structure with an "old"-style callback */
|
||||||
|
# define BN_GENCB_set_old(gencb, callback, cb_arg) { \
|
||||||
|
BN_GENCB *tmp_gencb = (gencb); \
|
||||||
|
tmp_gencb->ver = 1; \
|
||||||
|
tmp_gencb->arg = (cb_arg); \
|
||||||
|
tmp_gencb->cb.cb_1 = (callback); }
|
||||||
|
/* Macro to populate a BN_GENCB structure with a "new"-style callback */
|
||||||
|
# define BN_GENCB_set(gencb, callback, cb_arg) { \
|
||||||
|
BN_GENCB *tmp_gencb = (gencb); \
|
||||||
|
tmp_gencb->ver = 2; \
|
||||||
|
tmp_gencb->arg = (cb_arg); \
|
||||||
|
tmp_gencb->cb.cb_2 = (callback); }
|
||||||
|
|
||||||
|
# define BN_prime_checks 0 /* default: select number of iterations based
|
||||||
|
* on the size of the number */
|
||||||
|
|
||||||
|
/*
|
||||||
|
* number of Miller-Rabin iterations for an error rate of less than 2^-80 for
|
||||||
|
* random 'b'-bit input, b >= 100 (taken from table 4.4 in the Handbook of
|
||||||
|
* Applied Cryptography [Menezes, van Oorschot, Vanstone; CRC Press 1996];
|
||||||
|
* original paper: Damgaard, Landrock, Pomerance: Average case error
|
||||||
|
* estimates for the strong probable prime test. -- Math. Comp. 61 (1993)
|
||||||
|
* 177-194)
|
||||||
|
*/
|
||||||
|
# define BN_prime_checks_for_size(b) ((b) >= 1300 ? 2 : \
|
||||||
|
(b) >= 850 ? 3 : \
|
||||||
|
(b) >= 650 ? 4 : \
|
||||||
|
(b) >= 550 ? 5 : \
|
||||||
|
(b) >= 450 ? 6 : \
|
||||||
|
(b) >= 400 ? 7 : \
|
||||||
|
(b) >= 350 ? 8 : \
|
||||||
|
(b) >= 300 ? 9 : \
|
||||||
|
(b) >= 250 ? 12 : \
|
||||||
|
(b) >= 200 ? 15 : \
|
||||||
|
(b) >= 150 ? 18 : \
|
||||||
|
/* b >= 100 */ 27)
|
||||||
|
|
||||||
|
# define BN_num_bytes(a) ((BN_num_bits(a)+7)/8)
|
||||||
|
|
||||||
|
/* Note that BN_abs_is_word didn't work reliably for w == 0 until 0.9.8 */
|
||||||
|
# define BN_abs_is_word(a,w) ((((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w))) || \
|
||||||
|
(((w) == 0) && ((a)->top == 0)))
|
||||||
|
# define BN_is_zero(a) ((a)->top == 0)
|
||||||
|
# define BN_is_one(a) (BN_abs_is_word((a),1) && !(a)->neg)
|
||||||
|
# define BN_is_word(a,w) (BN_abs_is_word((a),(w)) && (!(w) || !(a)->neg))
|
||||||
|
# define BN_is_odd(a) (((a)->top > 0) && ((a)->d[0] & 1))
|
||||||
|
|
||||||
|
# define BN_one(a) (BN_set_word((a),1))
|
||||||
|
# define BN_zero_ex(a) \
|
||||||
|
do { \
|
||||||
|
BIGNUM *_tmp_bn = (a); \
|
||||||
|
_tmp_bn->top = 0; \
|
||||||
|
_tmp_bn->neg = 0; \
|
||||||
|
} while(0)
|
||||||
|
# ifdef OPENSSL_NO_DEPRECATED
|
||||||
|
# define BN_zero(a) BN_zero_ex(a)
|
||||||
|
# else
|
||||||
|
# define BN_zero(a) (BN_set_word((a),0))
|
||||||
|
# endif
|
||||||
|
|
||||||
|
const BIGNUM *BN_value_one(void);
|
||||||
|
char *BN_options(void);
|
||||||
|
BN_CTX *BN_CTX_new(void);
|
||||||
|
# ifndef OPENSSL_NO_DEPRECATED
|
||||||
|
void BN_CTX_init(BN_CTX *c);
|
||||||
|
# endif
|
||||||
|
void BN_CTX_free(BN_CTX *c);
|
||||||
|
void BN_CTX_start(BN_CTX *ctx);
|
||||||
|
BIGNUM *BN_CTX_get(BN_CTX *ctx);
|
||||||
|
void BN_CTX_end(BN_CTX *ctx);
|
||||||
|
int BN_rand(BIGNUM *rnd, int bits, int top, int bottom);
|
||||||
|
int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom);
|
||||||
|
int BN_rand_range(BIGNUM *rnd, const BIGNUM *range);
|
||||||
|
int BN_pseudo_rand_range(BIGNUM *rnd, const BIGNUM *range);
|
||||||
|
int BN_num_bits(const BIGNUM *a);
|
||||||
|
int BN_num_bits_word(BN_ULONG);
|
||||||
|
BIGNUM *BN_new(void);
|
||||||
|
void BN_init(BIGNUM *);
|
||||||
|
void BN_clear_free(BIGNUM *a);
|
||||||
|
BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b);
|
||||||
|
void BN_swap(BIGNUM *a, BIGNUM *b);
|
||||||
|
BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
|
||||||
|
int BN_bn2bin(const BIGNUM *a, unsigned char *to);
|
||||||
|
BIGNUM *BN_mpi2bn(const unsigned char *s, int len, BIGNUM *ret);
|
||||||
|
int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
|
||||||
|
int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
|
||||||
|
int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
|
||||||
|
int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
|
||||||
|
int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
|
||||||
|
int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
|
||||||
|
int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx);
|
||||||
|
/** BN_set_negative sets sign of a BIGNUM
|
||||||
|
* \param b pointer to the BIGNUM object
|
||||||
|
* \param n 0 if the BIGNUM b should be positive and a value != 0 otherwise
|
||||||
|
*/
|
||||||
|
void BN_set_negative(BIGNUM *b, int n);
|
||||||
|
/** BN_is_negative returns 1 if the BIGNUM is negative
|
||||||
|
* \param a pointer to the BIGNUM object
|
||||||
|
* \return 1 if a < 0 and 0 otherwise
|
||||||
|
*/
|
||||||
|
# define BN_is_negative(a) ((a)->neg != 0)
|
||||||
|
|
||||||
|
int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
|
||||||
|
BN_CTX *ctx);
|
||||||
|
# define BN_mod(rem,m,d,ctx) BN_div(NULL,(rem),(m),(d),(ctx))
|
||||||
|
int BN_nnmod(BIGNUM *r, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx);
|
||||||
|
int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
|
||||||
|
BN_CTX *ctx);
|
||||||
|
int BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
||||||
|
const BIGNUM *m);
|
||||||
|
int BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
|
||||||
|
BN_CTX *ctx);
|
||||||
|
int BN_mod_sub_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
||||||
|
const BIGNUM *m);
|
||||||
|
int BN_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
|
||||||
|
BN_CTX *ctx);
|
||||||
|
int BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
|
||||||
|
int BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
|
||||||
|
int BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *m);
|
||||||
|
int BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m,
|
||||||
|
BN_CTX *ctx);
|
||||||
|
int BN_mod_lshift_quick(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m);
|
||||||
|
|
||||||
|
BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w);
|
||||||
|
BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w);
|
||||||
|
int BN_mul_word(BIGNUM *a, BN_ULONG w);
|
||||||
|
int BN_add_word(BIGNUM *a, BN_ULONG w);
|
||||||
|
int BN_sub_word(BIGNUM *a, BN_ULONG w);
|
||||||
|
int BN_set_word(BIGNUM *a, BN_ULONG w);
|
||||||
|
BN_ULONG BN_get_word(const BIGNUM *a);
|
||||||
|
|
||||||
|
int BN_cmp(const BIGNUM *a, const BIGNUM *b);
|
||||||
|
void BN_free(BIGNUM *a);
|
||||||
|
int BN_is_bit_set(const BIGNUM *a, int n);
|
||||||
|
int BN_lshift(BIGNUM *r, const BIGNUM *a, int n);
|
||||||
|
int BN_lshift1(BIGNUM *r, const BIGNUM *a);
|
||||||
|
int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
|
||||||
|
|
||||||
|
int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
|
||||||
|
const BIGNUM *m, BN_CTX *ctx);
|
||||||
|
int BN_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
|
||||||
|
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
|
||||||
|
int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
|
||||||
|
const BIGNUM *m, BN_CTX *ctx,
|
||||||
|
BN_MONT_CTX *in_mont);
|
||||||
|
int BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p,
|
||||||
|
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
|
||||||
|
int BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1, const BIGNUM *p1,
|
||||||
|
const BIGNUM *a2, const BIGNUM *p2, const BIGNUM *m,
|
||||||
|
BN_CTX *ctx, BN_MONT_CTX *m_ctx);
|
||||||
|
int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
|
||||||
|
const BIGNUM *m, BN_CTX *ctx);
|
||||||
|
|
||||||
|
int BN_mask_bits(BIGNUM *a, int n);
|
||||||
|
# ifndef OPENSSL_NO_FP_API
|
||||||
|
int BN_print_fp(FILE *fp, const BIGNUM *a);
|
||||||
|
# endif
|
||||||
|
# ifdef HEADER_BIO_H
|
||||||
|
int BN_print(BIO *fp, const BIGNUM *a);
|
||||||
|
# else
|
||||||
|
int BN_print(void *fp, const BIGNUM *a);
|
||||||
|
# endif
|
||||||
|
int BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx);
|
||||||
|
int BN_rshift(BIGNUM *r, const BIGNUM *a, int n);
|
||||||
|
int BN_rshift1(BIGNUM *r, const BIGNUM *a);
|
||||||
|
void BN_clear(BIGNUM *a);
|
||||||
|
BIGNUM *BN_dup(const BIGNUM *a);
|
||||||
|
int BN_ucmp(const BIGNUM *a, const BIGNUM *b);
|
||||||
|
int BN_set_bit(BIGNUM *a, int n);
|
||||||
|
int BN_clear_bit(BIGNUM *a, int n);
|
||||||
|
char *BN_bn2hex(const BIGNUM *a);
|
||||||
|
char *BN_bn2dec(const BIGNUM *a);
|
||||||
|
int BN_hex2bn(BIGNUM **a, const char *str);
|
||||||
|
int BN_dec2bn(BIGNUM **a, const char *str);
|
||||||
|
int BN_asc2bn(BIGNUM **a, const char *str);
|
||||||
|
int BN_gcd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
|
||||||
|
int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); /* returns
|
||||||
|
* -2 for
|
||||||
|
* error */
|
||||||
|
BIGNUM *BN_mod_inverse(BIGNUM *ret,
|
||||||
|
const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx);
|
||||||
|
BIGNUM *BN_mod_sqrt(BIGNUM *ret,
|
||||||
|
const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx);
|
||||||
|
|
||||||
|
void BN_consttime_swap(BN_ULONG swap, BIGNUM *a, BIGNUM *b, int nwords);
|
||||||
|
|
||||||
|
/* Deprecated versions */
|
||||||
|
# ifndef OPENSSL_NO_DEPRECATED
|
||||||
|
BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe,
|
||||||
|
const BIGNUM *add, const BIGNUM *rem,
|
||||||
|
void (*callback) (int, int, void *), void *cb_arg);
|
||||||
|
int BN_is_prime(const BIGNUM *p, int nchecks,
|
||||||
|
void (*callback) (int, int, void *),
|
||||||
|
BN_CTX *ctx, void *cb_arg);
|
||||||
|
int BN_is_prime_fasttest(const BIGNUM *p, int nchecks,
|
||||||
|
void (*callback) (int, int, void *), BN_CTX *ctx,
|
||||||
|
void *cb_arg, int do_trial_division);
|
||||||
|
# endif /* !defined(OPENSSL_NO_DEPRECATED) */
|
||||||
|
|
||||||
|
/* Newer versions */
|
||||||
|
int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
|
||||||
|
const BIGNUM *rem, BN_GENCB *cb);
|
||||||
|
int BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, BN_GENCB *cb);
|
||||||
|
int BN_is_prime_fasttest_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx,
|
||||||
|
int do_trial_division, BN_GENCB *cb);
|
||||||
|
|
||||||
|
int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx);
|
||||||
|
|
||||||
|
int BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
|
||||||
|
const BIGNUM *Xp, const BIGNUM *Xp1,
|
||||||
|
const BIGNUM *Xp2, const BIGNUM *e, BN_CTX *ctx,
|
||||||
|
BN_GENCB *cb);
|
||||||
|
int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, BIGNUM *Xp1,
|
||||||
|
BIGNUM *Xp2, const BIGNUM *Xp, const BIGNUM *e,
|
||||||
|
BN_CTX *ctx, BN_GENCB *cb);
|
||||||
|
|
||||||
|
BN_MONT_CTX *BN_MONT_CTX_new(void);
|
||||||
|
void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
|
||||||
|
int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
||||||
|
BN_MONT_CTX *mont, BN_CTX *ctx);
|
||||||
|
# define BN_to_montgomery(r,a,mont,ctx) BN_mod_mul_montgomery(\
|
||||||
|
(r),(a),&((mont)->RR),(mont),(ctx))
|
||||||
|
int BN_from_montgomery(BIGNUM *r, const BIGNUM *a,
|
||||||
|
BN_MONT_CTX *mont, BN_CTX *ctx);
|
||||||
|
void BN_MONT_CTX_free(BN_MONT_CTX *mont);
|
||||||
|
int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx);
|
||||||
|
BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from);
|
||||||
|
BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock,
|
||||||
|
const BIGNUM *mod, BN_CTX *ctx);
|
||||||
|
|
||||||
|
/* BN_BLINDING flags */
|
||||||
|
# define BN_BLINDING_NO_UPDATE 0x00000001
|
||||||
|
# define BN_BLINDING_NO_RECREATE 0x00000002
|
||||||
|
|
||||||
|
BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod);
|
||||||
|
void BN_BLINDING_free(BN_BLINDING *b);
|
||||||
|
int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx);
|
||||||
|
int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
|
||||||
|
int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
|
||||||
|
int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *);
|
||||||
|
int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
|
||||||
|
BN_CTX *);
|
||||||
|
# ifndef OPENSSL_NO_DEPRECATED
|
||||||
|
unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *);
|
||||||
|
void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long);
|
||||||
|
# endif
|
||||||
|
CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *);
|
||||||
|
unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
|
||||||
|
void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
|
||||||
|
BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
|
||||||
|
const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
|
||||||
|
int (*bn_mod_exp) (BIGNUM *r,
|
||||||
|
const BIGNUM *a,
|
||||||
|
const BIGNUM *p,
|
||||||
|
const BIGNUM *m,
|
||||||
|
BN_CTX *ctx,
|
||||||
|
BN_MONT_CTX *m_ctx),
|
||||||
|
BN_MONT_CTX *m_ctx);
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_DEPRECATED
|
||||||
|
void BN_set_params(int mul, int high, int low, int mont);
|
||||||
|
int BN_get_params(int which); /* 0, mul, 1 high, 2 low, 3 mont */
|
||||||
|
# endif
|
||||||
|
|
||||||
|
void BN_RECP_CTX_init(BN_RECP_CTX *recp);
|
||||||
|
BN_RECP_CTX *BN_RECP_CTX_new(void);
|
||||||
|
void BN_RECP_CTX_free(BN_RECP_CTX *recp);
|
||||||
|
int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *rdiv, BN_CTX *ctx);
|
||||||
|
int BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y,
|
||||||
|
BN_RECP_CTX *recp, BN_CTX *ctx);
|
||||||
|
int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
|
||||||
|
const BIGNUM *m, BN_CTX *ctx);
|
||||||
|
int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
|
||||||
|
BN_RECP_CTX *recp, BN_CTX *ctx);
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_EC2M
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Functions for arithmetic over binary polynomials represented by BIGNUMs.
|
||||||
|
* The BIGNUM::neg property of BIGNUMs representing binary polynomials is
|
||||||
|
* ignored. Note that input arguments are not const so that their bit arrays
|
||||||
|
* can be expanded to the appropriate size if needed.
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* r = a + b
|
||||||
|
*/
|
||||||
|
int BN_GF2m_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
|
||||||
|
# define BN_GF2m_sub(r, a, b) BN_GF2m_add(r, a, b)
|
||||||
|
/*
|
||||||
|
* r=a mod p
|
||||||
|
*/
|
||||||
|
int BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p);
|
||||||
|
/* r = (a * b) mod p */
|
||||||
|
int BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
||||||
|
const BIGNUM *p, BN_CTX *ctx);
|
||||||
|
/* r = (a * a) mod p */
|
||||||
|
int BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
|
||||||
|
/* r = (1 / b) mod p */
|
||||||
|
int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *b, const BIGNUM *p, BN_CTX *ctx);
|
||||||
|
/* r = (a / b) mod p */
|
||||||
|
int BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
||||||
|
const BIGNUM *p, BN_CTX *ctx);
|
||||||
|
/* r = (a ^ b) mod p */
|
||||||
|
int BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
||||||
|
const BIGNUM *p, BN_CTX *ctx);
|
||||||
|
/* r = sqrt(a) mod p */
|
||||||
|
int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
|
||||||
|
BN_CTX *ctx);
|
||||||
|
/* r^2 + r = a mod p */
|
||||||
|
int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
|
||||||
|
BN_CTX *ctx);
|
||||||
|
# define BN_GF2m_cmp(a, b) BN_ucmp((a), (b))
|
||||||
|
/*-
|
||||||
|
* Some functions allow for representation of the irreducible polynomials
|
||||||
|
* as an unsigned int[], say p. The irreducible f(t) is then of the form:
|
||||||
|
* t^p[0] + t^p[1] + ... + t^p[k]
|
||||||
|
* where m = p[0] > p[1] > ... > p[k] = 0.
|
||||||
|
*/
|
||||||
|
/* r = a mod p */
|
||||||
|
int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const int p[]);
|
||||||
|
/* r = (a * b) mod p */
|
||||||
|
int BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
||||||
|
const int p[], BN_CTX *ctx);
|
||||||
|
/* r = (a * a) mod p */
|
||||||
|
int BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const int p[],
|
||||||
|
BN_CTX *ctx);
|
||||||
|
/* r = (1 / b) mod p */
|
||||||
|
int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *b, const int p[],
|
||||||
|
BN_CTX *ctx);
|
||||||
|
/* r = (a / b) mod p */
|
||||||
|
int BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
||||||
|
const int p[], BN_CTX *ctx);
|
||||||
|
/* r = (a ^ b) mod p */
|
||||||
|
int BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
||||||
|
const int p[], BN_CTX *ctx);
|
||||||
|
/* r = sqrt(a) mod p */
|
||||||
|
int BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a,
|
||||||
|
const int p[], BN_CTX *ctx);
|
||||||
|
/* r^2 + r = a mod p */
|
||||||
|
int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a,
|
||||||
|
const int p[], BN_CTX *ctx);
|
||||||
|
int BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max);
|
||||||
|
int BN_GF2m_arr2poly(const int p[], BIGNUM *a);
|
||||||
|
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* faster mod functions for the 'NIST primes' 0 <= a < p^2
|
||||||
|
*/
|
||||||
|
int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
|
||||||
|
int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
|
||||||
|
int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
|
||||||
|
int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
|
||||||
|
int BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
|
||||||
|
|
||||||
|
const BIGNUM *BN_get0_nist_prime_192(void);
|
||||||
|
const BIGNUM *BN_get0_nist_prime_224(void);
|
||||||
|
const BIGNUM *BN_get0_nist_prime_256(void);
|
||||||
|
const BIGNUM *BN_get0_nist_prime_384(void);
|
||||||
|
const BIGNUM *BN_get0_nist_prime_521(void);
|
||||||
|
|
||||||
|
/* library internal functions */
|
||||||
|
|
||||||
|
# define bn_expand(a,bits) ((((((bits+BN_BITS2-1))/BN_BITS2)) <= (a)->dmax)?\
|
||||||
|
(a):bn_expand2((a),(bits+BN_BITS2-1)/BN_BITS2))
|
||||||
|
# define bn_wexpand(a,words) (((words) <= (a)->dmax)?(a):bn_expand2((a),(words)))
|
||||||
|
BIGNUM *bn_expand2(BIGNUM *a, int words);
|
||||||
|
# ifndef OPENSSL_NO_DEPRECATED
|
||||||
|
BIGNUM *bn_dup_expand(const BIGNUM *a, int words); /* unused */
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/*-
|
||||||
|
* Bignum consistency macros
|
||||||
|
* There is one "API" macro, bn_fix_top(), for stripping leading zeroes from
|
||||||
|
* bignum data after direct manipulations on the data. There is also an
|
||||||
|
* "internal" macro, bn_check_top(), for verifying that there are no leading
|
||||||
|
* zeroes. Unfortunately, some auditing is required due to the fact that
|
||||||
|
* bn_fix_top() has become an overabused duct-tape because bignum data is
|
||||||
|
* occasionally passed around in an inconsistent state. So the following
|
||||||
|
* changes have been made to sort this out;
|
||||||
|
* - bn_fix_top()s implementation has been moved to bn_correct_top()
|
||||||
|
* - if BN_DEBUG isn't defined, bn_fix_top() maps to bn_correct_top(), and
|
||||||
|
* bn_check_top() is as before.
|
||||||
|
* - if BN_DEBUG *is* defined;
|
||||||
|
* - bn_check_top() tries to pollute unused words even if the bignum 'top' is
|
||||||
|
* consistent. (ed: only if BN_DEBUG_RAND is defined)
|
||||||
|
* - bn_fix_top() maps to bn_check_top() rather than "fixing" anything.
|
||||||
|
* The idea is to have debug builds flag up inconsistent bignums when they
|
||||||
|
* occur. If that occurs in a bn_fix_top(), we examine the code in question; if
|
||||||
|
* the use of bn_fix_top() was appropriate (ie. it follows directly after code
|
||||||
|
* that manipulates the bignum) it is converted to bn_correct_top(), and if it
|
||||||
|
* was not appropriate, we convert it permanently to bn_check_top() and track
|
||||||
|
* down the cause of the bug. Eventually, no internal code should be using the
|
||||||
|
* bn_fix_top() macro. External applications and libraries should try this with
|
||||||
|
* their own code too, both in terms of building against the openssl headers
|
||||||
|
* with BN_DEBUG defined *and* linking with a version of OpenSSL built with it
|
||||||
|
* defined. This not only improves external code, it provides more test
|
||||||
|
* coverage for openssl's own code.
|
||||||
|
*/
|
||||||
|
|
||||||
|
# ifdef BN_DEBUG
|
||||||
|
|
||||||
|
/* We only need assert() when debugging */
|
||||||
|
# include <assert.h>
|
||||||
|
|
||||||
|
# ifdef BN_DEBUG_RAND
|
||||||
|
/* To avoid "make update" cvs wars due to BN_DEBUG, use some tricks */
|
||||||
|
# ifndef RAND_pseudo_bytes
|
||||||
|
int RAND_pseudo_bytes(unsigned char *buf, int num);
|
||||||
|
# define BN_DEBUG_TRIX
|
||||||
|
# endif
|
||||||
|
# define bn_pollute(a) \
|
||||||
|
do { \
|
||||||
|
const BIGNUM *_bnum1 = (a); \
|
||||||
|
if(_bnum1->top < _bnum1->dmax) { \
|
||||||
|
unsigned char _tmp_char; \
|
||||||
|
/* We cast away const without the compiler knowing, any \
|
||||||
|
* *genuinely* constant variables that aren't mutable \
|
||||||
|
* wouldn't be constructed with top!=dmax. */ \
|
||||||
|
BN_ULONG *_not_const; \
|
||||||
|
memcpy(&_not_const, &_bnum1->d, sizeof(BN_ULONG*)); \
|
||||||
|
RAND_pseudo_bytes(&_tmp_char, 1); \
|
||||||
|
memset((unsigned char *)(_not_const + _bnum1->top), _tmp_char, \
|
||||||
|
(_bnum1->dmax - _bnum1->top) * sizeof(BN_ULONG)); \
|
||||||
|
} \
|
||||||
|
} while(0)
|
||||||
|
# ifdef BN_DEBUG_TRIX
|
||||||
|
# undef RAND_pseudo_bytes
|
||||||
|
# endif
|
||||||
|
# else
|
||||||
|
# define bn_pollute(a)
|
||||||
|
# endif
|
||||||
|
# define bn_check_top(a) \
|
||||||
|
do { \
|
||||||
|
const BIGNUM *_bnum2 = (a); \
|
||||||
|
if (_bnum2 != NULL) { \
|
||||||
|
assert((_bnum2->top == 0) || \
|
||||||
|
(_bnum2->d[_bnum2->top - 1] != 0)); \
|
||||||
|
bn_pollute(_bnum2); \
|
||||||
|
} \
|
||||||
|
} while(0)
|
||||||
|
|
||||||
|
# define bn_fix_top(a) bn_check_top(a)
|
||||||
|
|
||||||
|
# define bn_check_size(bn, bits) bn_wcheck_size(bn, ((bits+BN_BITS2-1))/BN_BITS2)
|
||||||
|
# define bn_wcheck_size(bn, words) \
|
||||||
|
do { \
|
||||||
|
const BIGNUM *_bnum2 = (bn); \
|
||||||
|
assert((words) <= (_bnum2)->dmax && (words) >= (_bnum2)->top); \
|
||||||
|
/* avoid unused variable warning with NDEBUG */ \
|
||||||
|
(void)(_bnum2); \
|
||||||
|
} while(0)
|
||||||
|
|
||||||
|
# else /* !BN_DEBUG */
|
||||||
|
|
||||||
|
# define bn_pollute(a)
|
||||||
|
# define bn_check_top(a)
|
||||||
|
# define bn_fix_top(a) bn_correct_top(a)
|
||||||
|
# define bn_check_size(bn, bits)
|
||||||
|
# define bn_wcheck_size(bn, words)
|
||||||
|
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# define bn_correct_top(a) \
|
||||||
|
{ \
|
||||||
|
BN_ULONG *ftl; \
|
||||||
|
int tmp_top = (a)->top; \
|
||||||
|
if (tmp_top > 0) \
|
||||||
|
{ \
|
||||||
|
for (ftl= &((a)->d[tmp_top-1]); tmp_top > 0; tmp_top--) \
|
||||||
|
if (*(ftl--)) break; \
|
||||||
|
(a)->top = tmp_top; \
|
||||||
|
} \
|
||||||
|
bn_pollute(a); \
|
||||||
|
}
|
||||||
|
|
||||||
|
BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num,
|
||||||
|
BN_ULONG w);
|
||||||
|
BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w);
|
||||||
|
void bn_sqr_words(BN_ULONG *rp, const BN_ULONG *ap, int num);
|
||||||
|
BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d);
|
||||||
|
BN_ULONG bn_add_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
|
||||||
|
int num);
|
||||||
|
BN_ULONG bn_sub_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
|
||||||
|
int num);
|
||||||
|
|
||||||
|
/* Primes from RFC 2409 */
|
||||||
|
BIGNUM *get_rfc2409_prime_768(BIGNUM *bn);
|
||||||
|
BIGNUM *get_rfc2409_prime_1024(BIGNUM *bn);
|
||||||
|
|
||||||
|
/* Primes from RFC 3526 */
|
||||||
|
BIGNUM *get_rfc3526_prime_1536(BIGNUM *bn);
|
||||||
|
BIGNUM *get_rfc3526_prime_2048(BIGNUM *bn);
|
||||||
|
BIGNUM *get_rfc3526_prime_3072(BIGNUM *bn);
|
||||||
|
BIGNUM *get_rfc3526_prime_4096(BIGNUM *bn);
|
||||||
|
BIGNUM *get_rfc3526_prime_6144(BIGNUM *bn);
|
||||||
|
BIGNUM *get_rfc3526_prime_8192(BIGNUM *bn);
|
||||||
|
|
||||||
|
int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom);
|
||||||
|
|
||||||
|
/* BEGIN ERROR CODES */
|
||||||
|
/*
|
||||||
|
* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||||
|
* made after this point may be overwritten when the script is next run.
|
||||||
|
*/
|
||||||
|
void ERR_load_BN_strings(void);
|
||||||
|
|
||||||
|
/* Error codes for the BN functions. */
|
||||||
|
|
||||||
|
/* Function codes. */
|
||||||
|
# define BN_F_BNRAND 127
|
||||||
|
# define BN_F_BN_BLINDING_CONVERT_EX 100
|
||||||
|
# define BN_F_BN_BLINDING_CREATE_PARAM 128
|
||||||
|
# define BN_F_BN_BLINDING_INVERT_EX 101
|
||||||
|
# define BN_F_BN_BLINDING_NEW 102
|
||||||
|
# define BN_F_BN_BLINDING_UPDATE 103
|
||||||
|
# define BN_F_BN_BN2DEC 104
|
||||||
|
# define BN_F_BN_BN2HEX 105
|
||||||
|
# define BN_F_BN_CTX_GET 116
|
||||||
|
# define BN_F_BN_CTX_NEW 106
|
||||||
|
# define BN_F_BN_CTX_START 129
|
||||||
|
# define BN_F_BN_DIV 107
|
||||||
|
# define BN_F_BN_DIV_NO_BRANCH 138
|
||||||
|
# define BN_F_BN_DIV_RECP 130
|
||||||
|
# define BN_F_BN_EXP 123
|
||||||
|
# define BN_F_BN_EXPAND2 108
|
||||||
|
# define BN_F_BN_EXPAND_INTERNAL 120
|
||||||
|
# define BN_F_BN_GF2M_MOD 131
|
||||||
|
# define BN_F_BN_GF2M_MOD_EXP 132
|
||||||
|
# define BN_F_BN_GF2M_MOD_MUL 133
|
||||||
|
# define BN_F_BN_GF2M_MOD_SOLVE_QUAD 134
|
||||||
|
# define BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR 135
|
||||||
|
# define BN_F_BN_GF2M_MOD_SQR 136
|
||||||
|
# define BN_F_BN_GF2M_MOD_SQRT 137
|
||||||
|
# define BN_F_BN_MOD_EXP2_MONT 118
|
||||||
|
# define BN_F_BN_MOD_EXP_MONT 109
|
||||||
|
# define BN_F_BN_MOD_EXP_MONT_CONSTTIME 124
|
||||||
|
# define BN_F_BN_MOD_EXP_MONT_WORD 117
|
||||||
|
# define BN_F_BN_MOD_EXP_RECP 125
|
||||||
|
# define BN_F_BN_MOD_EXP_SIMPLE 126
|
||||||
|
# define BN_F_BN_MOD_INVERSE 110
|
||||||
|
# define BN_F_BN_MOD_INVERSE_NO_BRANCH 139
|
||||||
|
# define BN_F_BN_MOD_LSHIFT_QUICK 119
|
||||||
|
# define BN_F_BN_MOD_MUL_RECIPROCAL 111
|
||||||
|
# define BN_F_BN_MOD_SQRT 121
|
||||||
|
# define BN_F_BN_MPI2BN 112
|
||||||
|
# define BN_F_BN_NEW 113
|
||||||
|
# define BN_F_BN_RAND 114
|
||||||
|
# define BN_F_BN_RAND_RANGE 122
|
||||||
|
# define BN_F_BN_USUB 115
|
||||||
|
|
||||||
|
/* Reason codes. */
|
||||||
|
# define BN_R_ARG2_LT_ARG3 100
|
||||||
|
# define BN_R_BAD_RECIPROCAL 101
|
||||||
|
# define BN_R_BIGNUM_TOO_LONG 114
|
||||||
|
# define BN_R_CALLED_WITH_EVEN_MODULUS 102
|
||||||
|
# define BN_R_DIV_BY_ZERO 103
|
||||||
|
# define BN_R_ENCODING_ERROR 104
|
||||||
|
# define BN_R_EXPAND_ON_STATIC_BIGNUM_DATA 105
|
||||||
|
# define BN_R_INPUT_NOT_REDUCED 110
|
||||||
|
# define BN_R_INVALID_LENGTH 106
|
||||||
|
# define BN_R_INVALID_RANGE 115
|
||||||
|
# define BN_R_NOT_A_SQUARE 111
|
||||||
|
# define BN_R_NOT_INITIALIZED 107
|
||||||
|
# define BN_R_NO_INVERSE 108
|
||||||
|
# define BN_R_NO_SOLUTION 116
|
||||||
|
# define BN_R_P_IS_NOT_PRIME 112
|
||||||
|
# define BN_R_TOO_MANY_ITERATIONS 113
|
||||||
|
# define BN_R_TOO_MANY_TEMPORARY_VARIABLES 109
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
|
@ -0,0 +1,119 @@
|
||||||
|
/* crypto/buffer/buffer.h */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_BUFFER_H
|
||||||
|
# define HEADER_BUFFER_H
|
||||||
|
|
||||||
|
# include <openssl/ossl_typ.h>
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
# include <stddef.h>
|
||||||
|
|
||||||
|
# if !defined(NO_SYS_TYPES_H)
|
||||||
|
# include <sys/types.h>
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* Already declared in ossl_typ.h */
|
||||||
|
/* typedef struct buf_mem_st BUF_MEM; */
|
||||||
|
|
||||||
|
struct buf_mem_st {
|
||||||
|
size_t length; /* current number of bytes */
|
||||||
|
char *data;
|
||||||
|
size_t max; /* size of buffer */
|
||||||
|
};
|
||||||
|
|
||||||
|
BUF_MEM *BUF_MEM_new(void);
|
||||||
|
void BUF_MEM_free(BUF_MEM *a);
|
||||||
|
int BUF_MEM_grow(BUF_MEM *str, size_t len);
|
||||||
|
int BUF_MEM_grow_clean(BUF_MEM *str, size_t len);
|
||||||
|
size_t BUF_strnlen(const char *str, size_t maxlen);
|
||||||
|
char *BUF_strdup(const char *str);
|
||||||
|
char *BUF_strndup(const char *str, size_t siz);
|
||||||
|
void *BUF_memdup(const void *data, size_t siz);
|
||||||
|
void BUF_reverse(unsigned char *out, const unsigned char *in, size_t siz);
|
||||||
|
|
||||||
|
/* safe string functions */
|
||||||
|
size_t BUF_strlcpy(char *dst, const char *src, size_t siz);
|
||||||
|
size_t BUF_strlcat(char *dst, const char *src, size_t siz);
|
||||||
|
|
||||||
|
/* BEGIN ERROR CODES */
|
||||||
|
/*
|
||||||
|
* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||||
|
* made after this point may be overwritten when the script is next run.
|
||||||
|
*/
|
||||||
|
void ERR_load_BUF_strings(void);
|
||||||
|
|
||||||
|
/* Error codes for the BUF functions. */
|
||||||
|
|
||||||
|
/* Function codes. */
|
||||||
|
# define BUF_F_BUF_MEMDUP 103
|
||||||
|
# define BUF_F_BUF_MEM_GROW 100
|
||||||
|
# define BUF_F_BUF_MEM_GROW_CLEAN 105
|
||||||
|
# define BUF_F_BUF_MEM_NEW 101
|
||||||
|
# define BUF_F_BUF_STRDUP 102
|
||||||
|
# define BUF_F_BUF_STRNDUP 104
|
||||||
|
|
||||||
|
/* Reason codes. */
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
|
@ -0,0 +1,79 @@
|
||||||
|
|
||||||
|
#ifndef HEADER_COMP_H
|
||||||
|
# define HEADER_COMP_H
|
||||||
|
|
||||||
|
# include <openssl/crypto.h>
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
typedef struct comp_ctx_st COMP_CTX;
|
||||||
|
|
||||||
|
typedef struct comp_method_st {
|
||||||
|
int type; /* NID for compression library */
|
||||||
|
const char *name; /* A text string to identify the library */
|
||||||
|
int (*init) (COMP_CTX *ctx);
|
||||||
|
void (*finish) (COMP_CTX *ctx);
|
||||||
|
int (*compress) (COMP_CTX *ctx,
|
||||||
|
unsigned char *out, unsigned int olen,
|
||||||
|
unsigned char *in, unsigned int ilen);
|
||||||
|
int (*expand) (COMP_CTX *ctx,
|
||||||
|
unsigned char *out, unsigned int olen,
|
||||||
|
unsigned char *in, unsigned int ilen);
|
||||||
|
/*
|
||||||
|
* The following two do NOTHING, but are kept for backward compatibility
|
||||||
|
*/
|
||||||
|
long (*ctrl) (void);
|
||||||
|
long (*callback_ctrl) (void);
|
||||||
|
} COMP_METHOD;
|
||||||
|
|
||||||
|
struct comp_ctx_st {
|
||||||
|
COMP_METHOD *meth;
|
||||||
|
unsigned long compress_in;
|
||||||
|
unsigned long compress_out;
|
||||||
|
unsigned long expand_in;
|
||||||
|
unsigned long expand_out;
|
||||||
|
CRYPTO_EX_DATA ex_data;
|
||||||
|
};
|
||||||
|
|
||||||
|
COMP_CTX *COMP_CTX_new(COMP_METHOD *meth);
|
||||||
|
void COMP_CTX_free(COMP_CTX *ctx);
|
||||||
|
int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen,
|
||||||
|
unsigned char *in, int ilen);
|
||||||
|
int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen,
|
||||||
|
unsigned char *in, int ilen);
|
||||||
|
COMP_METHOD *COMP_rle(void);
|
||||||
|
COMP_METHOD *COMP_zlib(void);
|
||||||
|
void COMP_zlib_cleanup(void);
|
||||||
|
|
||||||
|
# ifdef HEADER_BIO_H
|
||||||
|
# ifdef ZLIB
|
||||||
|
BIO_METHOD *BIO_f_zlib(void);
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* BEGIN ERROR CODES */
|
||||||
|
/*
|
||||||
|
* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||||
|
* made after this point may be overwritten when the script is next run.
|
||||||
|
*/
|
||||||
|
void ERR_load_COMP_strings(void);
|
||||||
|
|
||||||
|
/* Error codes for the COMP functions. */
|
||||||
|
|
||||||
|
/* Function codes. */
|
||||||
|
# define COMP_F_BIO_ZLIB_FLUSH 99
|
||||||
|
# define COMP_F_BIO_ZLIB_NEW 100
|
||||||
|
# define COMP_F_BIO_ZLIB_READ 101
|
||||||
|
# define COMP_F_BIO_ZLIB_WRITE 102
|
||||||
|
|
||||||
|
/* Reason codes. */
|
||||||
|
# define COMP_R_ZLIB_DEFLATE_ERROR 99
|
||||||
|
# define COMP_R_ZLIB_INFLATE_ERROR 100
|
||||||
|
# define COMP_R_ZLIB_NOT_SUPPORTED 101
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
|
@ -0,0 +1,661 @@
|
||||||
|
/* crypto/crypto.h */
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* openssl-core@openssl.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
|
||||||
|
* ECDH support in OpenSSL originally developed by
|
||||||
|
* SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_CRYPTO_H
|
||||||
|
# define HEADER_CRYPTO_H
|
||||||
|
|
||||||
|
# include <stdlib.h>
|
||||||
|
|
||||||
|
# include <openssl/e_os2.h>
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_FP_API
|
||||||
|
# include <stdio.h>
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# include <openssl/stack.h>
|
||||||
|
# include <openssl/safestack.h>
|
||||||
|
# include <openssl/opensslv.h>
|
||||||
|
# include <openssl/ossl_typ.h>
|
||||||
|
|
||||||
|
# ifdef CHARSET_EBCDIC
|
||||||
|
# include <openssl/ebcdic.h>
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Resolve problems on some operating systems with symbol names that clash
|
||||||
|
* one way or another
|
||||||
|
*/
|
||||||
|
# include <openssl/symhacks.h>
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* Backward compatibility to SSLeay */
|
||||||
|
/*
|
||||||
|
* This is more to be used to check the correct DLL is being used in the MS
|
||||||
|
* world.
|
||||||
|
*/
|
||||||
|
# define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER
|
||||||
|
# define SSLEAY_VERSION 0
|
||||||
|
/* #define SSLEAY_OPTIONS 1 no longer supported */
|
||||||
|
# define SSLEAY_CFLAGS 2
|
||||||
|
# define SSLEAY_BUILT_ON 3
|
||||||
|
# define SSLEAY_PLATFORM 4
|
||||||
|
# define SSLEAY_DIR 5
|
||||||
|
|
||||||
|
/* Already declared in ossl_typ.h */
|
||||||
|
# if 0
|
||||||
|
typedef struct crypto_ex_data_st CRYPTO_EX_DATA;
|
||||||
|
/* Called when a new object is created */
|
||||||
|
typedef int CRYPTO_EX_new (void *parent, void *ptr, CRYPTO_EX_DATA *ad,
|
||||||
|
int idx, long argl, void *argp);
|
||||||
|
/* Called when an object is free()ed */
|
||||||
|
typedef void CRYPTO_EX_free (void *parent, void *ptr, CRYPTO_EX_DATA *ad,
|
||||||
|
int idx, long argl, void *argp);
|
||||||
|
/* Called when we need to dup an object */
|
||||||
|
typedef int CRYPTO_EX_dup (CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from,
|
||||||
|
void *from_d, int idx, long argl, void *argp);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* A generic structure to pass assorted data in a expandable way */
|
||||||
|
typedef struct openssl_item_st {
|
||||||
|
int code;
|
||||||
|
void *value; /* Not used for flag attributes */
|
||||||
|
size_t value_size; /* Max size of value for output, length for
|
||||||
|
* input */
|
||||||
|
size_t *value_length; /* Returned length of value for output */
|
||||||
|
} OPENSSL_ITEM;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* When changing the CRYPTO_LOCK_* list, be sure to maintin the text lock
|
||||||
|
* names in cryptlib.c
|
||||||
|
*/
|
||||||
|
|
||||||
|
# define CRYPTO_LOCK_ERR 1
|
||||||
|
# define CRYPTO_LOCK_EX_DATA 2
|
||||||
|
# define CRYPTO_LOCK_X509 3
|
||||||
|
# define CRYPTO_LOCK_X509_INFO 4
|
||||||
|
# define CRYPTO_LOCK_X509_PKEY 5
|
||||||
|
# define CRYPTO_LOCK_X509_CRL 6
|
||||||
|
# define CRYPTO_LOCK_X509_REQ 7
|
||||||
|
# define CRYPTO_LOCK_DSA 8
|
||||||
|
# define CRYPTO_LOCK_RSA 9
|
||||||
|
# define CRYPTO_LOCK_EVP_PKEY 10
|
||||||
|
# define CRYPTO_LOCK_X509_STORE 11
|
||||||
|
# define CRYPTO_LOCK_SSL_CTX 12
|
||||||
|
# define CRYPTO_LOCK_SSL_CERT 13
|
||||||
|
# define CRYPTO_LOCK_SSL_SESSION 14
|
||||||
|
# define CRYPTO_LOCK_SSL_SESS_CERT 15
|
||||||
|
# define CRYPTO_LOCK_SSL 16
|
||||||
|
# define CRYPTO_LOCK_SSL_METHOD 17
|
||||||
|
# define CRYPTO_LOCK_RAND 18
|
||||||
|
# define CRYPTO_LOCK_RAND2 19
|
||||||
|
# define CRYPTO_LOCK_MALLOC 20
|
||||||
|
# define CRYPTO_LOCK_BIO 21
|
||||||
|
# define CRYPTO_LOCK_GETHOSTBYNAME 22
|
||||||
|
# define CRYPTO_LOCK_GETSERVBYNAME 23
|
||||||
|
# define CRYPTO_LOCK_READDIR 24
|
||||||
|
# define CRYPTO_LOCK_RSA_BLINDING 25
|
||||||
|
# define CRYPTO_LOCK_DH 26
|
||||||
|
# define CRYPTO_LOCK_MALLOC2 27
|
||||||
|
# define CRYPTO_LOCK_DSO 28
|
||||||
|
# define CRYPTO_LOCK_DYNLOCK 29
|
||||||
|
# define CRYPTO_LOCK_ENGINE 30
|
||||||
|
# define CRYPTO_LOCK_UI 31
|
||||||
|
# define CRYPTO_LOCK_ECDSA 32
|
||||||
|
# define CRYPTO_LOCK_EC 33
|
||||||
|
# define CRYPTO_LOCK_ECDH 34
|
||||||
|
# define CRYPTO_LOCK_BN 35
|
||||||
|
# define CRYPTO_LOCK_EC_PRE_COMP 36
|
||||||
|
# define CRYPTO_LOCK_STORE 37
|
||||||
|
# define CRYPTO_LOCK_COMP 38
|
||||||
|
# define CRYPTO_LOCK_FIPS 39
|
||||||
|
# define CRYPTO_LOCK_FIPS2 40
|
||||||
|
# define CRYPTO_NUM_LOCKS 41
|
||||||
|
|
||||||
|
# define CRYPTO_LOCK 1
|
||||||
|
# define CRYPTO_UNLOCK 2
|
||||||
|
# define CRYPTO_READ 4
|
||||||
|
# define CRYPTO_WRITE 8
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_LOCKING
|
||||||
|
# ifndef CRYPTO_w_lock
|
||||||
|
# define CRYPTO_w_lock(type) \
|
||||||
|
CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
|
||||||
|
# define CRYPTO_w_unlock(type) \
|
||||||
|
CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
|
||||||
|
# define CRYPTO_r_lock(type) \
|
||||||
|
CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__)
|
||||||
|
# define CRYPTO_r_unlock(type) \
|
||||||
|
CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__)
|
||||||
|
# define CRYPTO_add(addr,amount,type) \
|
||||||
|
CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__)
|
||||||
|
# endif
|
||||||
|
# else
|
||||||
|
# define CRYPTO_w_lock(a)
|
||||||
|
# define CRYPTO_w_unlock(a)
|
||||||
|
# define CRYPTO_r_lock(a)
|
||||||
|
# define CRYPTO_r_unlock(a)
|
||||||
|
# define CRYPTO_add(a,b,c) ((*(a))+=(b))
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Some applications as well as some parts of OpenSSL need to allocate and
|
||||||
|
* deallocate locks in a dynamic fashion. The following typedef makes this
|
||||||
|
* possible in a type-safe manner.
|
||||||
|
*/
|
||||||
|
/* struct CRYPTO_dynlock_value has to be defined by the application. */
|
||||||
|
typedef struct {
|
||||||
|
int references;
|
||||||
|
struct CRYPTO_dynlock_value *data;
|
||||||
|
} CRYPTO_dynlock;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The following can be used to detect memory leaks in the SSLeay library. It
|
||||||
|
* used, it turns on malloc checking
|
||||||
|
*/
|
||||||
|
|
||||||
|
# define CRYPTO_MEM_CHECK_OFF 0x0/* an enume */
|
||||||
|
# define CRYPTO_MEM_CHECK_ON 0x1/* a bit */
|
||||||
|
# define CRYPTO_MEM_CHECK_ENABLE 0x2/* a bit */
|
||||||
|
# define CRYPTO_MEM_CHECK_DISABLE 0x3/* an enume */
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The following are bit values to turn on or off options connected to the
|
||||||
|
* malloc checking functionality
|
||||||
|
*/
|
||||||
|
|
||||||
|
/* Adds time to the memory checking information */
|
||||||
|
# define V_CRYPTO_MDEBUG_TIME 0x1/* a bit */
|
||||||
|
/* Adds thread number to the memory checking information */
|
||||||
|
# define V_CRYPTO_MDEBUG_THREAD 0x2/* a bit */
|
||||||
|
|
||||||
|
# define V_CRYPTO_MDEBUG_ALL (V_CRYPTO_MDEBUG_TIME | V_CRYPTO_MDEBUG_THREAD)
|
||||||
|
|
||||||
|
/* predec of the BIO type */
|
||||||
|
typedef struct bio_st BIO_dummy;
|
||||||
|
|
||||||
|
struct crypto_ex_data_st {
|
||||||
|
STACK_OF(void) *sk;
|
||||||
|
/* gcc is screwing up this data structure :-( */
|
||||||
|
int dummy;
|
||||||
|
};
|
||||||
|
DECLARE_STACK_OF(void)
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This stuff is basically class callback functions The current classes are
|
||||||
|
* SSL_CTX, SSL, SSL_SESSION, and a few more
|
||||||
|
*/
|
||||||
|
|
||||||
|
typedef struct crypto_ex_data_func_st {
|
||||||
|
long argl; /* Arbitary long */
|
||||||
|
void *argp; /* Arbitary void * */
|
||||||
|
CRYPTO_EX_new *new_func;
|
||||||
|
CRYPTO_EX_free *free_func;
|
||||||
|
CRYPTO_EX_dup *dup_func;
|
||||||
|
} CRYPTO_EX_DATA_FUNCS;
|
||||||
|
|
||||||
|
DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS)
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Per class, we have a STACK of CRYPTO_EX_DATA_FUNCS for each CRYPTO_EX_DATA
|
||||||
|
* entry.
|
||||||
|
*/
|
||||||
|
|
||||||
|
# define CRYPTO_EX_INDEX_BIO 0
|
||||||
|
# define CRYPTO_EX_INDEX_SSL 1
|
||||||
|
# define CRYPTO_EX_INDEX_SSL_CTX 2
|
||||||
|
# define CRYPTO_EX_INDEX_SSL_SESSION 3
|
||||||
|
# define CRYPTO_EX_INDEX_X509_STORE 4
|
||||||
|
# define CRYPTO_EX_INDEX_X509_STORE_CTX 5
|
||||||
|
# define CRYPTO_EX_INDEX_RSA 6
|
||||||
|
# define CRYPTO_EX_INDEX_DSA 7
|
||||||
|
# define CRYPTO_EX_INDEX_DH 8
|
||||||
|
# define CRYPTO_EX_INDEX_ENGINE 9
|
||||||
|
# define CRYPTO_EX_INDEX_X509 10
|
||||||
|
# define CRYPTO_EX_INDEX_UI 11
|
||||||
|
# define CRYPTO_EX_INDEX_ECDSA 12
|
||||||
|
# define CRYPTO_EX_INDEX_ECDH 13
|
||||||
|
# define CRYPTO_EX_INDEX_COMP 14
|
||||||
|
# define CRYPTO_EX_INDEX_STORE 15
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Dynamically assigned indexes start from this value (don't use directly,
|
||||||
|
* use via CRYPTO_ex_data_new_class).
|
||||||
|
*/
|
||||||
|
# define CRYPTO_EX_INDEX_USER 100
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This is the default callbacks, but we can have others as well: this is
|
||||||
|
* needed in Win32 where the application malloc and the library malloc may
|
||||||
|
* not be the same.
|
||||||
|
*/
|
||||||
|
# define CRYPTO_malloc_init() CRYPTO_set_mem_functions(\
|
||||||
|
malloc, realloc, free)
|
||||||
|
|
||||||
|
# if defined CRYPTO_MDEBUG_ALL || defined CRYPTO_MDEBUG_TIME || defined CRYPTO_MDEBUG_THREAD
|
||||||
|
# ifndef CRYPTO_MDEBUG /* avoid duplicate #define */
|
||||||
|
# define CRYPTO_MDEBUG
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Set standard debugging functions (not done by default unless CRYPTO_MDEBUG
|
||||||
|
* is defined)
|
||||||
|
*/
|
||||||
|
# define CRYPTO_malloc_debug_init() do {\
|
||||||
|
CRYPTO_set_mem_debug_functions(\
|
||||||
|
CRYPTO_dbg_malloc,\
|
||||||
|
CRYPTO_dbg_realloc,\
|
||||||
|
CRYPTO_dbg_free,\
|
||||||
|
CRYPTO_dbg_set_options,\
|
||||||
|
CRYPTO_dbg_get_options);\
|
||||||
|
} while(0)
|
||||||
|
|
||||||
|
int CRYPTO_mem_ctrl(int mode);
|
||||||
|
int CRYPTO_is_mem_check_on(void);
|
||||||
|
|
||||||
|
/* for applications */
|
||||||
|
# define MemCheck_start() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON)
|
||||||
|
# define MemCheck_stop() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_OFF)
|
||||||
|
|
||||||
|
/* for library-internal use */
|
||||||
|
# define MemCheck_on() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE)
|
||||||
|
# define MemCheck_off() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE)
|
||||||
|
# define is_MemCheck_on() CRYPTO_is_mem_check_on()
|
||||||
|
|
||||||
|
# define OPENSSL_malloc(num) CRYPTO_malloc((int)num,__FILE__,__LINE__)
|
||||||
|
# define OPENSSL_strdup(str) CRYPTO_strdup((str),__FILE__,__LINE__)
|
||||||
|
# define OPENSSL_realloc(addr,num) \
|
||||||
|
CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__)
|
||||||
|
# define OPENSSL_realloc_clean(addr,old_num,num) \
|
||||||
|
CRYPTO_realloc_clean(addr,old_num,num,__FILE__,__LINE__)
|
||||||
|
# define OPENSSL_remalloc(addr,num) \
|
||||||
|
CRYPTO_remalloc((char **)addr,(int)num,__FILE__,__LINE__)
|
||||||
|
# define OPENSSL_freeFunc CRYPTO_free
|
||||||
|
# define OPENSSL_free(addr) CRYPTO_free(addr)
|
||||||
|
|
||||||
|
# define OPENSSL_malloc_locked(num) \
|
||||||
|
CRYPTO_malloc_locked((int)num,__FILE__,__LINE__)
|
||||||
|
# define OPENSSL_free_locked(addr) CRYPTO_free_locked(addr)
|
||||||
|
|
||||||
|
const char *SSLeay_version(int type);
|
||||||
|
unsigned long SSLeay(void);
|
||||||
|
|
||||||
|
int OPENSSL_issetugid(void);
|
||||||
|
|
||||||
|
/* An opaque type representing an implementation of "ex_data" support */
|
||||||
|
typedef struct st_CRYPTO_EX_DATA_IMPL CRYPTO_EX_DATA_IMPL;
|
||||||
|
/* Return an opaque pointer to the current "ex_data" implementation */
|
||||||
|
const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void);
|
||||||
|
/* Sets the "ex_data" implementation to be used (if it's not too late) */
|
||||||
|
int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i);
|
||||||
|
/* Get a new "ex_data" class, and return the corresponding "class_index" */
|
||||||
|
int CRYPTO_ex_data_new_class(void);
|
||||||
|
/* Within a given class, get/register a new index */
|
||||||
|
int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp,
|
||||||
|
CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
|
||||||
|
CRYPTO_EX_free *free_func);
|
||||||
|
/*
|
||||||
|
* Initialise/duplicate/free CRYPTO_EX_DATA variables corresponding to a
|
||||||
|
* given class (invokes whatever per-class callbacks are applicable)
|
||||||
|
*/
|
||||||
|
int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad);
|
||||||
|
int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to,
|
||||||
|
CRYPTO_EX_DATA *from);
|
||||||
|
void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad);
|
||||||
|
/*
|
||||||
|
* Get/set data in a CRYPTO_EX_DATA variable corresponding to a particular
|
||||||
|
* index (relative to the class type involved)
|
||||||
|
*/
|
||||||
|
int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val);
|
||||||
|
void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad, int idx);
|
||||||
|
/*
|
||||||
|
* This function cleans up all "ex_data" state. It mustn't be called under
|
||||||
|
* potential race-conditions.
|
||||||
|
*/
|
||||||
|
void CRYPTO_cleanup_all_ex_data(void);
|
||||||
|
|
||||||
|
int CRYPTO_get_new_lockid(char *name);
|
||||||
|
|
||||||
|
int CRYPTO_num_locks(void); /* return CRYPTO_NUM_LOCKS (shared libs!) */
|
||||||
|
void CRYPTO_lock(int mode, int type, const char *file, int line);
|
||||||
|
void CRYPTO_set_locking_callback(void (*func) (int mode, int type,
|
||||||
|
const char *file, int line));
|
||||||
|
void (*CRYPTO_get_locking_callback(void)) (int mode, int type,
|
||||||
|
const char *file, int line);
|
||||||
|
void CRYPTO_set_add_lock_callback(int (*func)
|
||||||
|
(int *num, int mount, int type,
|
||||||
|
const char *file, int line));
|
||||||
|
int (*CRYPTO_get_add_lock_callback(void)) (int *num, int mount, int type,
|
||||||
|
const char *file, int line);
|
||||||
|
|
||||||
|
/* Don't use this structure directly. */
|
||||||
|
typedef struct crypto_threadid_st {
|
||||||
|
void *ptr;
|
||||||
|
unsigned long val;
|
||||||
|
} CRYPTO_THREADID;
|
||||||
|
/* Only use CRYPTO_THREADID_set_[numeric|pointer]() within callbacks */
|
||||||
|
void CRYPTO_THREADID_set_numeric(CRYPTO_THREADID *id, unsigned long val);
|
||||||
|
void CRYPTO_THREADID_set_pointer(CRYPTO_THREADID *id, void *ptr);
|
||||||
|
int CRYPTO_THREADID_set_callback(void (*threadid_func) (CRYPTO_THREADID *));
|
||||||
|
void (*CRYPTO_THREADID_get_callback(void)) (CRYPTO_THREADID *);
|
||||||
|
void CRYPTO_THREADID_current(CRYPTO_THREADID *id);
|
||||||
|
int CRYPTO_THREADID_cmp(const CRYPTO_THREADID *a, const CRYPTO_THREADID *b);
|
||||||
|
void CRYPTO_THREADID_cpy(CRYPTO_THREADID *dest, const CRYPTO_THREADID *src);
|
||||||
|
unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id);
|
||||||
|
# ifndef OPENSSL_NO_DEPRECATED
|
||||||
|
void CRYPTO_set_id_callback(unsigned long (*func) (void));
|
||||||
|
unsigned long (*CRYPTO_get_id_callback(void)) (void);
|
||||||
|
unsigned long CRYPTO_thread_id(void);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
const char *CRYPTO_get_lock_name(int type);
|
||||||
|
int CRYPTO_add_lock(int *pointer, int amount, int type, const char *file,
|
||||||
|
int line);
|
||||||
|
|
||||||
|
int CRYPTO_get_new_dynlockid(void);
|
||||||
|
void CRYPTO_destroy_dynlockid(int i);
|
||||||
|
struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i);
|
||||||
|
void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value
|
||||||
|
*(*dyn_create_function) (const char
|
||||||
|
*file,
|
||||||
|
int line));
|
||||||
|
void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function)
|
||||||
|
(int mode,
|
||||||
|
struct CRYPTO_dynlock_value *l,
|
||||||
|
const char *file, int line));
|
||||||
|
void CRYPTO_set_dynlock_destroy_callback(void (*dyn_destroy_function)
|
||||||
|
(struct CRYPTO_dynlock_value *l,
|
||||||
|
const char *file, int line));
|
||||||
|
struct CRYPTO_dynlock_value
|
||||||
|
*(*CRYPTO_get_dynlock_create_callback(void)) (const char *file, int line);
|
||||||
|
void (*CRYPTO_get_dynlock_lock_callback(void)) (int mode,
|
||||||
|
struct CRYPTO_dynlock_value
|
||||||
|
*l, const char *file,
|
||||||
|
int line);
|
||||||
|
void (*CRYPTO_get_dynlock_destroy_callback(void)) (struct CRYPTO_dynlock_value
|
||||||
|
*l, const char *file,
|
||||||
|
int line);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* CRYPTO_set_mem_functions includes CRYPTO_set_locked_mem_functions -- call
|
||||||
|
* the latter last if you need different functions
|
||||||
|
*/
|
||||||
|
int CRYPTO_set_mem_functions(void *(*m) (size_t), void *(*r) (void *, size_t),
|
||||||
|
void (*f) (void *));
|
||||||
|
int CRYPTO_set_locked_mem_functions(void *(*m) (size_t),
|
||||||
|
void (*free_func) (void *));
|
||||||
|
int CRYPTO_set_mem_ex_functions(void *(*m) (size_t, const char *, int),
|
||||||
|
void *(*r) (void *, size_t, const char *,
|
||||||
|
int), void (*f) (void *));
|
||||||
|
int CRYPTO_set_locked_mem_ex_functions(void *(*m) (size_t, const char *, int),
|
||||||
|
void (*free_func) (void *));
|
||||||
|
int CRYPTO_set_mem_debug_functions(void (*m)
|
||||||
|
(void *, int, const char *, int, int),
|
||||||
|
void (*r) (void *, void *, int,
|
||||||
|
const char *, int, int),
|
||||||
|
void (*f) (void *, int), void (*so) (long),
|
||||||
|
long (*go) (void));
|
||||||
|
void CRYPTO_get_mem_functions(void *(**m) (size_t),
|
||||||
|
void *(**r) (void *, size_t),
|
||||||
|
void (**f) (void *));
|
||||||
|
void CRYPTO_get_locked_mem_functions(void *(**m) (size_t),
|
||||||
|
void (**f) (void *));
|
||||||
|
void CRYPTO_get_mem_ex_functions(void *(**m) (size_t, const char *, int),
|
||||||
|
void *(**r) (void *, size_t, const char *,
|
||||||
|
int), void (**f) (void *));
|
||||||
|
void CRYPTO_get_locked_mem_ex_functions(void
|
||||||
|
*(**m) (size_t, const char *, int),
|
||||||
|
void (**f) (void *));
|
||||||
|
void CRYPTO_get_mem_debug_functions(void (**m)
|
||||||
|
(void *, int, const char *, int, int),
|
||||||
|
void (**r) (void *, void *, int,
|
||||||
|
const char *, int, int),
|
||||||
|
void (**f) (void *, int),
|
||||||
|
void (**so) (long), long (**go) (void));
|
||||||
|
|
||||||
|
void *CRYPTO_malloc_locked(int num, const char *file, int line);
|
||||||
|
void CRYPTO_free_locked(void *ptr);
|
||||||
|
void *CRYPTO_malloc(int num, const char *file, int line);
|
||||||
|
char *CRYPTO_strdup(const char *str, const char *file, int line);
|
||||||
|
void CRYPTO_free(void *ptr);
|
||||||
|
void *CRYPTO_realloc(void *addr, int num, const char *file, int line);
|
||||||
|
void *CRYPTO_realloc_clean(void *addr, int old_num, int num, const char *file,
|
||||||
|
int line);
|
||||||
|
void *CRYPTO_remalloc(void *addr, int num, const char *file, int line);
|
||||||
|
|
||||||
|
void OPENSSL_cleanse(void *ptr, size_t len);
|
||||||
|
|
||||||
|
void CRYPTO_set_mem_debug_options(long bits);
|
||||||
|
long CRYPTO_get_mem_debug_options(void);
|
||||||
|
|
||||||
|
# define CRYPTO_push_info(info) \
|
||||||
|
CRYPTO_push_info_(info, __FILE__, __LINE__);
|
||||||
|
int CRYPTO_push_info_(const char *info, const char *file, int line);
|
||||||
|
int CRYPTO_pop_info(void);
|
||||||
|
int CRYPTO_remove_all_info(void);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Default debugging functions (enabled by CRYPTO_malloc_debug_init() macro;
|
||||||
|
* used as default in CRYPTO_MDEBUG compilations):
|
||||||
|
*/
|
||||||
|
/*-
|
||||||
|
* The last argument has the following significance:
|
||||||
|
*
|
||||||
|
* 0: called before the actual memory allocation has taken place
|
||||||
|
* 1: called after the actual memory allocation has taken place
|
||||||
|
*/
|
||||||
|
void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line,
|
||||||
|
int before_p);
|
||||||
|
void CRYPTO_dbg_realloc(void *addr1, void *addr2, int num, const char *file,
|
||||||
|
int line, int before_p);
|
||||||
|
void CRYPTO_dbg_free(void *addr, int before_p);
|
||||||
|
/*-
|
||||||
|
* Tell the debugging code about options. By default, the following values
|
||||||
|
* apply:
|
||||||
|
*
|
||||||
|
* 0: Clear all options.
|
||||||
|
* V_CRYPTO_MDEBUG_TIME (1): Set the "Show Time" option.
|
||||||
|
* V_CRYPTO_MDEBUG_THREAD (2): Set the "Show Thread Number" option.
|
||||||
|
* V_CRYPTO_MDEBUG_ALL (3): 1 + 2
|
||||||
|
*/
|
||||||
|
void CRYPTO_dbg_set_options(long bits);
|
||||||
|
long CRYPTO_dbg_get_options(void);
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_FP_API
|
||||||
|
void CRYPTO_mem_leaks_fp(FILE *);
|
||||||
|
# endif
|
||||||
|
void CRYPTO_mem_leaks(struct bio_st *bio);
|
||||||
|
/* unsigned long order, char *file, int line, int num_bytes, char *addr */
|
||||||
|
typedef void *CRYPTO_MEM_LEAK_CB (unsigned long, const char *, int, int,
|
||||||
|
void *);
|
||||||
|
void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb);
|
||||||
|
|
||||||
|
/* die if we have to */
|
||||||
|
void OpenSSLDie(const char *file, int line, const char *assertion);
|
||||||
|
# define OPENSSL_assert(e) (void)((e) ? 0 : (OpenSSLDie(__FILE__, __LINE__, #e),1))
|
||||||
|
|
||||||
|
unsigned long *OPENSSL_ia32cap_loc(void);
|
||||||
|
# define OPENSSL_ia32cap (*(OPENSSL_ia32cap_loc()))
|
||||||
|
int OPENSSL_isservice(void);
|
||||||
|
|
||||||
|
int FIPS_mode(void);
|
||||||
|
int FIPS_mode_set(int r);
|
||||||
|
|
||||||
|
void OPENSSL_init(void);
|
||||||
|
|
||||||
|
# define fips_md_init(alg) fips_md_init_ctx(alg, alg)
|
||||||
|
|
||||||
|
# ifdef OPENSSL_FIPS
|
||||||
|
# define fips_md_init_ctx(alg, cx) \
|
||||||
|
int alg##_Init(cx##_CTX *c) \
|
||||||
|
{ \
|
||||||
|
if (FIPS_mode()) OpenSSLDie(__FILE__, __LINE__, \
|
||||||
|
"Low level API call to digest " #alg " forbidden in FIPS mode!"); \
|
||||||
|
return private_##alg##_Init(c); \
|
||||||
|
} \
|
||||||
|
int private_##alg##_Init(cx##_CTX *c)
|
||||||
|
|
||||||
|
# define fips_cipher_abort(alg) \
|
||||||
|
if (FIPS_mode()) OpenSSLDie(__FILE__, __LINE__, \
|
||||||
|
"Low level API call to cipher " #alg " forbidden in FIPS mode!")
|
||||||
|
|
||||||
|
# else
|
||||||
|
# define fips_md_init_ctx(alg, cx) \
|
||||||
|
int alg##_Init(cx##_CTX *c)
|
||||||
|
# define fips_cipher_abort(alg) while(0)
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* CRYPTO_memcmp returns zero iff the |len| bytes at |a| and |b| are equal.
|
||||||
|
* It takes an amount of time dependent on |len|, but independent of the
|
||||||
|
* contents of |a| and |b|. Unlike memcmp, it cannot be used to put elements
|
||||||
|
* into a defined order as the return value when a != b is undefined, other
|
||||||
|
* than to be non-zero.
|
||||||
|
*/
|
||||||
|
int CRYPTO_memcmp(const void *a, const void *b, size_t len);
|
||||||
|
|
||||||
|
/* BEGIN ERROR CODES */
|
||||||
|
/*
|
||||||
|
* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||||
|
* made after this point may be overwritten when the script is next run.
|
||||||
|
*/
|
||||||
|
void ERR_load_CRYPTO_strings(void);
|
||||||
|
|
||||||
|
/* Error codes for the CRYPTO functions. */
|
||||||
|
|
||||||
|
/* Function codes. */
|
||||||
|
# define CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX 100
|
||||||
|
# define CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID 103
|
||||||
|
# define CRYPTO_F_CRYPTO_GET_NEW_LOCKID 101
|
||||||
|
# define CRYPTO_F_CRYPTO_SET_EX_DATA 102
|
||||||
|
# define CRYPTO_F_DEF_ADD_INDEX 104
|
||||||
|
# define CRYPTO_F_DEF_GET_CLASS 105
|
||||||
|
# define CRYPTO_F_FIPS_MODE_SET 109
|
||||||
|
# define CRYPTO_F_INT_DUP_EX_DATA 106
|
||||||
|
# define CRYPTO_F_INT_FREE_EX_DATA 107
|
||||||
|
# define CRYPTO_F_INT_NEW_EX_DATA 108
|
||||||
|
|
||||||
|
/* Reason codes. */
|
||||||
|
# define CRYPTO_R_FIPS_MODE_NOT_SUPPORTED 101
|
||||||
|
# define CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK 100
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
|
@ -0,0 +1,392 @@
|
||||||
|
/* crypto/dh/dh.h */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_DH_H
|
||||||
|
# define HEADER_DH_H
|
||||||
|
|
||||||
|
# include <openssl/e_os2.h>
|
||||||
|
|
||||||
|
# ifdef OPENSSL_NO_DH
|
||||||
|
# error DH is disabled.
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_BIO
|
||||||
|
# include <openssl/bio.h>
|
||||||
|
# endif
|
||||||
|
# include <openssl/ossl_typ.h>
|
||||||
|
# ifndef OPENSSL_NO_DEPRECATED
|
||||||
|
# include <openssl/bn.h>
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef OPENSSL_DH_MAX_MODULUS_BITS
|
||||||
|
# define OPENSSL_DH_MAX_MODULUS_BITS 10000
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# define DH_FLAG_CACHE_MONT_P 0x01
|
||||||
|
|
||||||
|
/*
|
||||||
|
* new with 0.9.7h; the built-in DH
|
||||||
|
* implementation now uses constant time
|
||||||
|
* modular exponentiation for secret exponents
|
||||||
|
* by default. This flag causes the
|
||||||
|
* faster variable sliding window method to
|
||||||
|
* be used for all exponents.
|
||||||
|
*/
|
||||||
|
# define DH_FLAG_NO_EXP_CONSTTIME 0x02
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If this flag is set the DH method is FIPS compliant and can be used in
|
||||||
|
* FIPS mode. This is set in the validated module method. If an application
|
||||||
|
* sets this flag in its own methods it is its reposibility to ensure the
|
||||||
|
* result is compliant.
|
||||||
|
*/
|
||||||
|
|
||||||
|
# define DH_FLAG_FIPS_METHOD 0x0400
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If this flag is set the operations normally disabled in FIPS mode are
|
||||||
|
* permitted it is then the applications responsibility to ensure that the
|
||||||
|
* usage is compliant.
|
||||||
|
*/
|
||||||
|
|
||||||
|
# define DH_FLAG_NON_FIPS_ALLOW 0x0400
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* Already defined in ossl_typ.h */
|
||||||
|
/* typedef struct dh_st DH; */
|
||||||
|
/* typedef struct dh_method DH_METHOD; */
|
||||||
|
|
||||||
|
struct dh_method {
|
||||||
|
const char *name;
|
||||||
|
/* Methods here */
|
||||||
|
int (*generate_key) (DH *dh);
|
||||||
|
int (*compute_key) (unsigned char *key, const BIGNUM *pub_key, DH *dh);
|
||||||
|
/* Can be null */
|
||||||
|
int (*bn_mod_exp) (const DH *dh, BIGNUM *r, const BIGNUM *a,
|
||||||
|
const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
|
||||||
|
BN_MONT_CTX *m_ctx);
|
||||||
|
int (*init) (DH *dh);
|
||||||
|
int (*finish) (DH *dh);
|
||||||
|
int flags;
|
||||||
|
char *app_data;
|
||||||
|
/* If this is non-NULL, it will be used to generate parameters */
|
||||||
|
int (*generate_params) (DH *dh, int prime_len, int generator,
|
||||||
|
BN_GENCB *cb);
|
||||||
|
};
|
||||||
|
|
||||||
|
struct dh_st {
|
||||||
|
/*
|
||||||
|
* This first argument is used to pick up errors when a DH is passed
|
||||||
|
* instead of a EVP_PKEY
|
||||||
|
*/
|
||||||
|
int pad;
|
||||||
|
int version;
|
||||||
|
BIGNUM *p;
|
||||||
|
BIGNUM *g;
|
||||||
|
long length; /* optional */
|
||||||
|
BIGNUM *pub_key; /* g^x */
|
||||||
|
BIGNUM *priv_key; /* x */
|
||||||
|
int flags;
|
||||||
|
BN_MONT_CTX *method_mont_p;
|
||||||
|
/* Place holders if we want to do X9.42 DH */
|
||||||
|
BIGNUM *q;
|
||||||
|
BIGNUM *j;
|
||||||
|
unsigned char *seed;
|
||||||
|
int seedlen;
|
||||||
|
BIGNUM *counter;
|
||||||
|
int references;
|
||||||
|
CRYPTO_EX_DATA ex_data;
|
||||||
|
const DH_METHOD *meth;
|
||||||
|
ENGINE *engine;
|
||||||
|
};
|
||||||
|
|
||||||
|
# define DH_GENERATOR_2 2
|
||||||
|
/* #define DH_GENERATOR_3 3 */
|
||||||
|
# define DH_GENERATOR_5 5
|
||||||
|
|
||||||
|
/* DH_check error codes */
|
||||||
|
# define DH_CHECK_P_NOT_PRIME 0x01
|
||||||
|
# define DH_CHECK_P_NOT_SAFE_PRIME 0x02
|
||||||
|
# define DH_UNABLE_TO_CHECK_GENERATOR 0x04
|
||||||
|
# define DH_NOT_SUITABLE_GENERATOR 0x08
|
||||||
|
# define DH_CHECK_Q_NOT_PRIME 0x10
|
||||||
|
# define DH_CHECK_INVALID_Q_VALUE 0x20
|
||||||
|
# define DH_CHECK_INVALID_J_VALUE 0x40
|
||||||
|
|
||||||
|
/* DH_check_pub_key error codes */
|
||||||
|
# define DH_CHECK_PUBKEY_TOO_SMALL 0x01
|
||||||
|
# define DH_CHECK_PUBKEY_TOO_LARGE 0x02
|
||||||
|
|
||||||
|
/*
|
||||||
|
* primes p where (p-1)/2 is prime too are called "safe"; we define this for
|
||||||
|
* backward compatibility:
|
||||||
|
*/
|
||||||
|
# define DH_CHECK_P_NOT_STRONG_PRIME DH_CHECK_P_NOT_SAFE_PRIME
|
||||||
|
|
||||||
|
# define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
|
||||||
|
(char *(*)())d2i_DHparams,(fp),(unsigned char **)(x))
|
||||||
|
# define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \
|
||||||
|
(unsigned char *)(x))
|
||||||
|
# define d2i_DHparams_bio(bp,x) ASN1_d2i_bio_of(DH,DH_new,d2i_DHparams,bp,x)
|
||||||
|
# define i2d_DHparams_bio(bp,x) ASN1_i2d_bio_of_const(DH,i2d_DHparams,bp,x)
|
||||||
|
|
||||||
|
DH *DHparams_dup(DH *);
|
||||||
|
|
||||||
|
const DH_METHOD *DH_OpenSSL(void);
|
||||||
|
|
||||||
|
void DH_set_default_method(const DH_METHOD *meth);
|
||||||
|
const DH_METHOD *DH_get_default_method(void);
|
||||||
|
int DH_set_method(DH *dh, const DH_METHOD *meth);
|
||||||
|
DH *DH_new_method(ENGINE *engine);
|
||||||
|
|
||||||
|
DH *DH_new(void);
|
||||||
|
void DH_free(DH *dh);
|
||||||
|
int DH_up_ref(DH *dh);
|
||||||
|
int DH_size(const DH *dh);
|
||||||
|
int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
|
||||||
|
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
|
||||||
|
int DH_set_ex_data(DH *d, int idx, void *arg);
|
||||||
|
void *DH_get_ex_data(DH *d, int idx);
|
||||||
|
|
||||||
|
/* Deprecated version */
|
||||||
|
# ifndef OPENSSL_NO_DEPRECATED
|
||||||
|
DH *DH_generate_parameters(int prime_len, int generator,
|
||||||
|
void (*callback) (int, int, void *), void *cb_arg);
|
||||||
|
# endif /* !defined(OPENSSL_NO_DEPRECATED) */
|
||||||
|
|
||||||
|
/* New version */
|
||||||
|
int DH_generate_parameters_ex(DH *dh, int prime_len, int generator,
|
||||||
|
BN_GENCB *cb);
|
||||||
|
|
||||||
|
int DH_check(const DH *dh, int *codes);
|
||||||
|
int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *codes);
|
||||||
|
int DH_generate_key(DH *dh);
|
||||||
|
int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh);
|
||||||
|
int DH_compute_key_padded(unsigned char *key, const BIGNUM *pub_key, DH *dh);
|
||||||
|
DH *d2i_DHparams(DH **a, const unsigned char **pp, long length);
|
||||||
|
int i2d_DHparams(const DH *a, unsigned char **pp);
|
||||||
|
DH *d2i_DHxparams(DH **a, const unsigned char **pp, long length);
|
||||||
|
int i2d_DHxparams(const DH *a, unsigned char **pp);
|
||||||
|
# ifndef OPENSSL_NO_FP_API
|
||||||
|
int DHparams_print_fp(FILE *fp, const DH *x);
|
||||||
|
# endif
|
||||||
|
# ifndef OPENSSL_NO_BIO
|
||||||
|
int DHparams_print(BIO *bp, const DH *x);
|
||||||
|
# else
|
||||||
|
int DHparams_print(char *bp, const DH *x);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* RFC 5114 parameters */
|
||||||
|
DH *DH_get_1024_160(void);
|
||||||
|
DH *DH_get_2048_224(void);
|
||||||
|
DH *DH_get_2048_256(void);
|
||||||
|
|
||||||
|
/* RFC2631 KDF */
|
||||||
|
int DH_KDF_X9_42(unsigned char *out, size_t outlen,
|
||||||
|
const unsigned char *Z, size_t Zlen,
|
||||||
|
ASN1_OBJECT *key_oid,
|
||||||
|
const unsigned char *ukm, size_t ukmlen, const EVP_MD *md);
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
|
||||||
|
EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, len, NULL)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set_dh_paramgen_subprime_len(ctx, len) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
|
||||||
|
EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN, len, NULL)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set_dh_paramgen_type(ctx, typ) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
|
||||||
|
EVP_PKEY_CTRL_DH_PARAMGEN_TYPE, typ, NULL)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, gen) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
|
||||||
|
EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR, gen, NULL)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set_dh_rfc5114(ctx, gen) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN, \
|
||||||
|
EVP_PKEY_CTRL_DH_RFC5114, gen, NULL)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set_dhx_rfc5114(ctx, gen) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN, \
|
||||||
|
EVP_PKEY_CTRL_DH_RFC5114, gen, NULL)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set_dh_kdf_type(ctx, kdf) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
|
||||||
|
EVP_PKEY_OP_DERIVE, \
|
||||||
|
EVP_PKEY_CTRL_DH_KDF_TYPE, kdf, NULL)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_get_dh_kdf_type(ctx) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
|
||||||
|
EVP_PKEY_OP_DERIVE, \
|
||||||
|
EVP_PKEY_CTRL_DH_KDF_TYPE, -2, NULL)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set0_dh_kdf_oid(ctx, oid) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
|
||||||
|
EVP_PKEY_OP_DERIVE, \
|
||||||
|
EVP_PKEY_CTRL_DH_KDF_OID, 0, (void *)oid)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_get0_dh_kdf_oid(ctx, poid) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
|
||||||
|
EVP_PKEY_OP_DERIVE, \
|
||||||
|
EVP_PKEY_CTRL_GET_DH_KDF_OID, 0, (void *)poid)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set_dh_kdf_md(ctx, md) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
|
||||||
|
EVP_PKEY_OP_DERIVE, \
|
||||||
|
EVP_PKEY_CTRL_DH_KDF_MD, 0, (void *)md)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_get_dh_kdf_md(ctx, pmd) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
|
||||||
|
EVP_PKEY_OP_DERIVE, \
|
||||||
|
EVP_PKEY_CTRL_GET_DH_KDF_MD, 0, (void *)pmd)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set_dh_kdf_outlen(ctx, len) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
|
||||||
|
EVP_PKEY_OP_DERIVE, \
|
||||||
|
EVP_PKEY_CTRL_DH_KDF_OUTLEN, len, NULL)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_get_dh_kdf_outlen(ctx, plen) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
|
||||||
|
EVP_PKEY_OP_DERIVE, \
|
||||||
|
EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN, 0, (void *)plen)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set0_dh_kdf_ukm(ctx, p, plen) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
|
||||||
|
EVP_PKEY_OP_DERIVE, \
|
||||||
|
EVP_PKEY_CTRL_DH_KDF_UKM, plen, (void *)p)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_get0_dh_kdf_ukm(ctx, p) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
|
||||||
|
EVP_PKEY_OP_DERIVE, \
|
||||||
|
EVP_PKEY_CTRL_GET_DH_KDF_UKM, 0, (void *)p)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN (EVP_PKEY_ALG_CTRL + 1)
|
||||||
|
# define EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR (EVP_PKEY_ALG_CTRL + 2)
|
||||||
|
# define EVP_PKEY_CTRL_DH_RFC5114 (EVP_PKEY_ALG_CTRL + 3)
|
||||||
|
# define EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN (EVP_PKEY_ALG_CTRL + 4)
|
||||||
|
# define EVP_PKEY_CTRL_DH_PARAMGEN_TYPE (EVP_PKEY_ALG_CTRL + 5)
|
||||||
|
# define EVP_PKEY_CTRL_DH_KDF_TYPE (EVP_PKEY_ALG_CTRL + 6)
|
||||||
|
# define EVP_PKEY_CTRL_DH_KDF_MD (EVP_PKEY_ALG_CTRL + 7)
|
||||||
|
# define EVP_PKEY_CTRL_GET_DH_KDF_MD (EVP_PKEY_ALG_CTRL + 8)
|
||||||
|
# define EVP_PKEY_CTRL_DH_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 9)
|
||||||
|
# define EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 10)
|
||||||
|
# define EVP_PKEY_CTRL_DH_KDF_UKM (EVP_PKEY_ALG_CTRL + 11)
|
||||||
|
# define EVP_PKEY_CTRL_GET_DH_KDF_UKM (EVP_PKEY_ALG_CTRL + 12)
|
||||||
|
# define EVP_PKEY_CTRL_DH_KDF_OID (EVP_PKEY_ALG_CTRL + 13)
|
||||||
|
# define EVP_PKEY_CTRL_GET_DH_KDF_OID (EVP_PKEY_ALG_CTRL + 14)
|
||||||
|
|
||||||
|
/* KDF types */
|
||||||
|
# define EVP_PKEY_DH_KDF_NONE 1
|
||||||
|
# define EVP_PKEY_DH_KDF_X9_42 2
|
||||||
|
|
||||||
|
/* BEGIN ERROR CODES */
|
||||||
|
/*
|
||||||
|
* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||||
|
* made after this point may be overwritten when the script is next run.
|
||||||
|
*/
|
||||||
|
void ERR_load_DH_strings(void);
|
||||||
|
|
||||||
|
/* Error codes for the DH functions. */
|
||||||
|
|
||||||
|
/* Function codes. */
|
||||||
|
# define DH_F_COMPUTE_KEY 102
|
||||||
|
# define DH_F_DHPARAMS_PRINT_FP 101
|
||||||
|
# define DH_F_DH_BUILTIN_GENPARAMS 106
|
||||||
|
# define DH_F_DH_CMS_DECRYPT 117
|
||||||
|
# define DH_F_DH_CMS_SET_PEERKEY 118
|
||||||
|
# define DH_F_DH_CMS_SET_SHARED_INFO 119
|
||||||
|
# define DH_F_DH_COMPUTE_KEY 114
|
||||||
|
# define DH_F_DH_GENERATE_KEY 115
|
||||||
|
# define DH_F_DH_GENERATE_PARAMETERS_EX 116
|
||||||
|
# define DH_F_DH_NEW_METHOD 105
|
||||||
|
# define DH_F_DH_PARAM_DECODE 107
|
||||||
|
# define DH_F_DH_PRIV_DECODE 110
|
||||||
|
# define DH_F_DH_PRIV_ENCODE 111
|
||||||
|
# define DH_F_DH_PUB_DECODE 108
|
||||||
|
# define DH_F_DH_PUB_ENCODE 109
|
||||||
|
# define DH_F_DO_DH_PRINT 100
|
||||||
|
# define DH_F_GENERATE_KEY 103
|
||||||
|
# define DH_F_GENERATE_PARAMETERS 104
|
||||||
|
# define DH_F_PKEY_DH_DERIVE 112
|
||||||
|
# define DH_F_PKEY_DH_KEYGEN 113
|
||||||
|
|
||||||
|
/* Reason codes. */
|
||||||
|
# define DH_R_BAD_GENERATOR 101
|
||||||
|
# define DH_R_BN_DECODE_ERROR 109
|
||||||
|
# define DH_R_BN_ERROR 106
|
||||||
|
# define DH_R_DECODE_ERROR 104
|
||||||
|
# define DH_R_INVALID_PUBKEY 102
|
||||||
|
# define DH_R_KDF_PARAMETER_ERROR 112
|
||||||
|
# define DH_R_KEYS_NOT_SET 108
|
||||||
|
# define DH_R_KEY_SIZE_TOO_SMALL 110
|
||||||
|
# define DH_R_MODULUS_TOO_LARGE 103
|
||||||
|
# define DH_R_NON_FIPS_METHOD 111
|
||||||
|
# define DH_R_NO_PARAMETERS_SET 107
|
||||||
|
# define DH_R_NO_PRIVATE_VALUE 100
|
||||||
|
# define DH_R_PARAMETER_ENCODING_ERROR 105
|
||||||
|
# define DH_R_PEER_KEY_ERROR 113
|
||||||
|
# define DH_R_SHARED_INFO_ERROR 114
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
|
@ -0,0 +1,332 @@
|
||||||
|
/* crypto/dsa/dsa.h */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The DSS routines are based on patches supplied by
|
||||||
|
* Steven Schoch <schoch@sheba.arc.nasa.gov>. He basically did the
|
||||||
|
* work and I have just tweaked them a little to fit into my
|
||||||
|
* stylistic vision for SSLeay :-) */
|
||||||
|
|
||||||
|
#ifndef HEADER_DSA_H
|
||||||
|
# define HEADER_DSA_H
|
||||||
|
|
||||||
|
# include <openssl/e_os2.h>
|
||||||
|
|
||||||
|
# ifdef OPENSSL_NO_DSA
|
||||||
|
# error DSA is disabled.
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_BIO
|
||||||
|
# include <openssl/bio.h>
|
||||||
|
# endif
|
||||||
|
# include <openssl/crypto.h>
|
||||||
|
# include <openssl/ossl_typ.h>
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_DEPRECATED
|
||||||
|
# include <openssl/bn.h>
|
||||||
|
# ifndef OPENSSL_NO_DH
|
||||||
|
# include <openssl/dh.h>
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef OPENSSL_DSA_MAX_MODULUS_BITS
|
||||||
|
# define OPENSSL_DSA_MAX_MODULUS_BITS 10000
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# define DSA_FLAG_CACHE_MONT_P 0x01
|
||||||
|
/*
|
||||||
|
* new with 0.9.7h; the built-in DSA implementation now uses constant time
|
||||||
|
* modular exponentiation for secret exponents by default. This flag causes
|
||||||
|
* the faster variable sliding window method to be used for all exponents.
|
||||||
|
*/
|
||||||
|
# define DSA_FLAG_NO_EXP_CONSTTIME 0x02
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If this flag is set the DSA method is FIPS compliant and can be used in
|
||||||
|
* FIPS mode. This is set in the validated module method. If an application
|
||||||
|
* sets this flag in its own methods it is its reposibility to ensure the
|
||||||
|
* result is compliant.
|
||||||
|
*/
|
||||||
|
|
||||||
|
# define DSA_FLAG_FIPS_METHOD 0x0400
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If this flag is set the operations normally disabled in FIPS mode are
|
||||||
|
* permitted it is then the applications responsibility to ensure that the
|
||||||
|
* usage is compliant.
|
||||||
|
*/
|
||||||
|
|
||||||
|
# define DSA_FLAG_NON_FIPS_ALLOW 0x0400
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* Already defined in ossl_typ.h */
|
||||||
|
/* typedef struct dsa_st DSA; */
|
||||||
|
/* typedef struct dsa_method DSA_METHOD; */
|
||||||
|
|
||||||
|
typedef struct DSA_SIG_st {
|
||||||
|
BIGNUM *r;
|
||||||
|
BIGNUM *s;
|
||||||
|
} DSA_SIG;
|
||||||
|
|
||||||
|
struct dsa_method {
|
||||||
|
const char *name;
|
||||||
|
DSA_SIG *(*dsa_do_sign) (const unsigned char *dgst, int dlen, DSA *dsa);
|
||||||
|
int (*dsa_sign_setup) (DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
|
||||||
|
BIGNUM **rp);
|
||||||
|
int (*dsa_do_verify) (const unsigned char *dgst, int dgst_len,
|
||||||
|
DSA_SIG *sig, DSA *dsa);
|
||||||
|
int (*dsa_mod_exp) (DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
|
||||||
|
BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
|
||||||
|
BN_MONT_CTX *in_mont);
|
||||||
|
/* Can be null */
|
||||||
|
int (*bn_mod_exp) (DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
|
||||||
|
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
|
||||||
|
int (*init) (DSA *dsa);
|
||||||
|
int (*finish) (DSA *dsa);
|
||||||
|
int flags;
|
||||||
|
char *app_data;
|
||||||
|
/* If this is non-NULL, it is used to generate DSA parameters */
|
||||||
|
int (*dsa_paramgen) (DSA *dsa, int bits,
|
||||||
|
const unsigned char *seed, int seed_len,
|
||||||
|
int *counter_ret, unsigned long *h_ret,
|
||||||
|
BN_GENCB *cb);
|
||||||
|
/* If this is non-NULL, it is used to generate DSA keys */
|
||||||
|
int (*dsa_keygen) (DSA *dsa);
|
||||||
|
};
|
||||||
|
|
||||||
|
struct dsa_st {
|
||||||
|
/*
|
||||||
|
* This first variable is used to pick up errors where a DSA is passed
|
||||||
|
* instead of of a EVP_PKEY
|
||||||
|
*/
|
||||||
|
int pad;
|
||||||
|
long version;
|
||||||
|
int write_params;
|
||||||
|
BIGNUM *p;
|
||||||
|
BIGNUM *q; /* == 20 */
|
||||||
|
BIGNUM *g;
|
||||||
|
BIGNUM *pub_key; /* y public key */
|
||||||
|
BIGNUM *priv_key; /* x private key */
|
||||||
|
BIGNUM *kinv; /* Signing pre-calc */
|
||||||
|
BIGNUM *r; /* Signing pre-calc */
|
||||||
|
int flags;
|
||||||
|
/* Normally used to cache montgomery values */
|
||||||
|
BN_MONT_CTX *method_mont_p;
|
||||||
|
int references;
|
||||||
|
CRYPTO_EX_DATA ex_data;
|
||||||
|
const DSA_METHOD *meth;
|
||||||
|
/* functional reference if 'meth' is ENGINE-provided */
|
||||||
|
ENGINE *engine;
|
||||||
|
};
|
||||||
|
|
||||||
|
# define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \
|
||||||
|
(char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x))
|
||||||
|
# define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \
|
||||||
|
(unsigned char *)(x))
|
||||||
|
# define d2i_DSAparams_bio(bp,x) ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSAparams,bp,x)
|
||||||
|
# define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio_of_const(DSA,i2d_DSAparams,bp,x)
|
||||||
|
|
||||||
|
DSA *DSAparams_dup(DSA *x);
|
||||||
|
DSA_SIG *DSA_SIG_new(void);
|
||||||
|
void DSA_SIG_free(DSA_SIG *a);
|
||||||
|
int i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp);
|
||||||
|
DSA_SIG *d2i_DSA_SIG(DSA_SIG **v, const unsigned char **pp, long length);
|
||||||
|
|
||||||
|
DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
|
||||||
|
int DSA_do_verify(const unsigned char *dgst, int dgst_len,
|
||||||
|
DSA_SIG *sig, DSA *dsa);
|
||||||
|
|
||||||
|
const DSA_METHOD *DSA_OpenSSL(void);
|
||||||
|
|
||||||
|
void DSA_set_default_method(const DSA_METHOD *);
|
||||||
|
const DSA_METHOD *DSA_get_default_method(void);
|
||||||
|
int DSA_set_method(DSA *dsa, const DSA_METHOD *);
|
||||||
|
|
||||||
|
DSA *DSA_new(void);
|
||||||
|
DSA *DSA_new_method(ENGINE *engine);
|
||||||
|
void DSA_free(DSA *r);
|
||||||
|
/* "up" the DSA object's reference count */
|
||||||
|
int DSA_up_ref(DSA *r);
|
||||||
|
int DSA_size(const DSA *);
|
||||||
|
/* next 4 return -1 on error */
|
||||||
|
int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp);
|
||||||
|
int DSA_sign(int type, const unsigned char *dgst, int dlen,
|
||||||
|
unsigned char *sig, unsigned int *siglen, DSA *dsa);
|
||||||
|
int DSA_verify(int type, const unsigned char *dgst, int dgst_len,
|
||||||
|
const unsigned char *sigbuf, int siglen, DSA *dsa);
|
||||||
|
int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
|
||||||
|
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
|
||||||
|
int DSA_set_ex_data(DSA *d, int idx, void *arg);
|
||||||
|
void *DSA_get_ex_data(DSA *d, int idx);
|
||||||
|
|
||||||
|
DSA *d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length);
|
||||||
|
DSA *d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length);
|
||||||
|
DSA *d2i_DSAparams(DSA **a, const unsigned char **pp, long length);
|
||||||
|
|
||||||
|
/* Deprecated version */
|
||||||
|
# ifndef OPENSSL_NO_DEPRECATED
|
||||||
|
DSA *DSA_generate_parameters(int bits,
|
||||||
|
unsigned char *seed, int seed_len,
|
||||||
|
int *counter_ret, unsigned long *h_ret, void
|
||||||
|
(*callback) (int, int, void *), void *cb_arg);
|
||||||
|
# endif /* !defined(OPENSSL_NO_DEPRECATED) */
|
||||||
|
|
||||||
|
/* New version */
|
||||||
|
int DSA_generate_parameters_ex(DSA *dsa, int bits,
|
||||||
|
const unsigned char *seed, int seed_len,
|
||||||
|
int *counter_ret, unsigned long *h_ret,
|
||||||
|
BN_GENCB *cb);
|
||||||
|
|
||||||
|
int DSA_generate_key(DSA *a);
|
||||||
|
int i2d_DSAPublicKey(const DSA *a, unsigned char **pp);
|
||||||
|
int i2d_DSAPrivateKey(const DSA *a, unsigned char **pp);
|
||||||
|
int i2d_DSAparams(const DSA *a, unsigned char **pp);
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_BIO
|
||||||
|
int DSAparams_print(BIO *bp, const DSA *x);
|
||||||
|
int DSA_print(BIO *bp, const DSA *x, int off);
|
||||||
|
# endif
|
||||||
|
# ifndef OPENSSL_NO_FP_API
|
||||||
|
int DSAparams_print_fp(FILE *fp, const DSA *x);
|
||||||
|
int DSA_print_fp(FILE *bp, const DSA *x, int off);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# define DSS_prime_checks 50
|
||||||
|
/*
|
||||||
|
* Primality test according to FIPS PUB 186[-1], Appendix 2.1: 50 rounds of
|
||||||
|
* Rabin-Miller
|
||||||
|
*/
|
||||||
|
# define DSA_is_prime(n, callback, cb_arg) \
|
||||||
|
BN_is_prime(n, DSS_prime_checks, callback, NULL, cb_arg)
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_DH
|
||||||
|
/*
|
||||||
|
* Convert DSA structure (key or just parameters) into DH structure (be
|
||||||
|
* careful to avoid small subgroup attacks when using this!)
|
||||||
|
*/
|
||||||
|
DH *DSA_dup_DH(const DSA *r);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \
|
||||||
|
EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, nbits, NULL)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTRL_DSA_PARAMGEN_BITS (EVP_PKEY_ALG_CTRL + 1)
|
||||||
|
# define EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS (EVP_PKEY_ALG_CTRL + 2)
|
||||||
|
# define EVP_PKEY_CTRL_DSA_PARAMGEN_MD (EVP_PKEY_ALG_CTRL + 3)
|
||||||
|
|
||||||
|
/* BEGIN ERROR CODES */
|
||||||
|
/*
|
||||||
|
* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||||
|
* made after this point may be overwritten when the script is next run.
|
||||||
|
*/
|
||||||
|
void ERR_load_DSA_strings(void);
|
||||||
|
|
||||||
|
/* Error codes for the DSA functions. */
|
||||||
|
|
||||||
|
/* Function codes. */
|
||||||
|
# define DSA_F_D2I_DSA_SIG 110
|
||||||
|
# define DSA_F_DO_DSA_PRINT 104
|
||||||
|
# define DSA_F_DSAPARAMS_PRINT 100
|
||||||
|
# define DSA_F_DSAPARAMS_PRINT_FP 101
|
||||||
|
# define DSA_F_DSA_BUILTIN_PARAMGEN2 126
|
||||||
|
# define DSA_F_DSA_DO_SIGN 112
|
||||||
|
# define DSA_F_DSA_DO_VERIFY 113
|
||||||
|
# define DSA_F_DSA_GENERATE_KEY 124
|
||||||
|
# define DSA_F_DSA_GENERATE_PARAMETERS_EX 123
|
||||||
|
# define DSA_F_DSA_NEW_METHOD 103
|
||||||
|
# define DSA_F_DSA_PARAM_DECODE 119
|
||||||
|
# define DSA_F_DSA_PRINT_FP 105
|
||||||
|
# define DSA_F_DSA_PRIV_DECODE 115
|
||||||
|
# define DSA_F_DSA_PRIV_ENCODE 116
|
||||||
|
# define DSA_F_DSA_PUB_DECODE 117
|
||||||
|
# define DSA_F_DSA_PUB_ENCODE 118
|
||||||
|
# define DSA_F_DSA_SIGN 106
|
||||||
|
# define DSA_F_DSA_SIGN_SETUP 107
|
||||||
|
# define DSA_F_DSA_SIG_NEW 109
|
||||||
|
# define DSA_F_DSA_SIG_PRINT 125
|
||||||
|
# define DSA_F_DSA_VERIFY 108
|
||||||
|
# define DSA_F_I2D_DSA_SIG 111
|
||||||
|
# define DSA_F_OLD_DSA_PRIV_DECODE 122
|
||||||
|
# define DSA_F_PKEY_DSA_CTRL 120
|
||||||
|
# define DSA_F_PKEY_DSA_KEYGEN 121
|
||||||
|
# define DSA_F_SIG_CB 114
|
||||||
|
|
||||||
|
/* Reason codes. */
|
||||||
|
# define DSA_R_BAD_Q_VALUE 102
|
||||||
|
# define DSA_R_BN_DECODE_ERROR 108
|
||||||
|
# define DSA_R_BN_ERROR 109
|
||||||
|
# define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100
|
||||||
|
# define DSA_R_DECODE_ERROR 104
|
||||||
|
# define DSA_R_INVALID_DIGEST_TYPE 106
|
||||||
|
# define DSA_R_INVALID_PARAMETERS 112
|
||||||
|
# define DSA_R_MISSING_PARAMETERS 101
|
||||||
|
# define DSA_R_MODULUS_TOO_LARGE 103
|
||||||
|
# define DSA_R_NEED_NEW_SETUP_VALUES 110
|
||||||
|
# define DSA_R_NON_FIPS_DSA_METHOD 111
|
||||||
|
# define DSA_R_NO_PARAMETERS_SET 107
|
||||||
|
# define DSA_R_PARAMETER_ENCODING_ERROR 105
|
||||||
|
# define DSA_R_Q_NOT_PRIME 113
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
|
@ -0,0 +1,271 @@
|
||||||
|
/* ssl/dtls1.h */
|
||||||
|
/*
|
||||||
|
* DTLS implementation written by Nagendra Modadugu
|
||||||
|
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* openssl-core@OpenSSL.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_DTLS1_H
|
||||||
|
# define HEADER_DTLS1_H
|
||||||
|
|
||||||
|
# include <openssl/buffer.h>
|
||||||
|
# include <openssl/pqueue.h>
|
||||||
|
# ifdef OPENSSL_SYS_VMS
|
||||||
|
# include <resource.h>
|
||||||
|
# include <sys/timeb.h>
|
||||||
|
# endif
|
||||||
|
# ifdef OPENSSL_SYS_WIN32
|
||||||
|
/* Needed for struct timeval */
|
||||||
|
# include <winsock.h>
|
||||||
|
# elif defined(OPENSSL_SYS_NETWARE) && !defined(_WINSOCK2API_)
|
||||||
|
# include <sys/timeval.h>
|
||||||
|
# else
|
||||||
|
# if defined(OPENSSL_SYS_VXWORKS)
|
||||||
|
# include <sys/times.h>
|
||||||
|
# else
|
||||||
|
# include <sys/time.h>
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
# define DTLS1_VERSION 0xFEFF
|
||||||
|
# define DTLS1_2_VERSION 0xFEFD
|
||||||
|
# define DTLS_MAX_VERSION DTLS1_2_VERSION
|
||||||
|
|
||||||
|
# define DTLS1_BAD_VER 0x0100
|
||||||
|
|
||||||
|
/* Special value for method supporting multiple versions */
|
||||||
|
# define DTLS_ANY_VERSION 0x1FFFF
|
||||||
|
|
||||||
|
# if 0
|
||||||
|
/* this alert description is not specified anywhere... */
|
||||||
|
# define DTLS1_AD_MISSING_HANDSHAKE_MESSAGE 110
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* lengths of messages */
|
||||||
|
# define DTLS1_COOKIE_LENGTH 256
|
||||||
|
|
||||||
|
# define DTLS1_RT_HEADER_LENGTH 13
|
||||||
|
|
||||||
|
# define DTLS1_HM_HEADER_LENGTH 12
|
||||||
|
|
||||||
|
# define DTLS1_HM_BAD_FRAGMENT -2
|
||||||
|
# define DTLS1_HM_FRAGMENT_RETRY -3
|
||||||
|
|
||||||
|
# define DTLS1_CCS_HEADER_LENGTH 1
|
||||||
|
|
||||||
|
# ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
|
||||||
|
# define DTLS1_AL_HEADER_LENGTH 7
|
||||||
|
# else
|
||||||
|
# define DTLS1_AL_HEADER_LENGTH 2
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_SSL_INTERN
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_SCTP
|
||||||
|
# define DTLS1_SCTP_AUTH_LABEL "EXPORTER_DTLS_OVER_SCTP"
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* Max MTU overhead we know about so far is 40 for IPv6 + 8 for UDP */
|
||||||
|
# define DTLS1_MAX_MTU_OVERHEAD 48
|
||||||
|
|
||||||
|
typedef struct dtls1_bitmap_st {
|
||||||
|
unsigned long map; /* track 32 packets on 32-bit systems and 64
|
||||||
|
* - on 64-bit systems */
|
||||||
|
unsigned char max_seq_num[8]; /* max record number seen so far, 64-bit
|
||||||
|
* value in big-endian encoding */
|
||||||
|
} DTLS1_BITMAP;
|
||||||
|
|
||||||
|
struct dtls1_retransmit_state {
|
||||||
|
EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */
|
||||||
|
EVP_MD_CTX *write_hash; /* used for mac generation */
|
||||||
|
# ifndef OPENSSL_NO_COMP
|
||||||
|
COMP_CTX *compress; /* compression */
|
||||||
|
# else
|
||||||
|
char *compress;
|
||||||
|
# endif
|
||||||
|
SSL_SESSION *session;
|
||||||
|
unsigned short epoch;
|
||||||
|
};
|
||||||
|
|
||||||
|
struct hm_header_st {
|
||||||
|
unsigned char type;
|
||||||
|
unsigned long msg_len;
|
||||||
|
unsigned short seq;
|
||||||
|
unsigned long frag_off;
|
||||||
|
unsigned long frag_len;
|
||||||
|
unsigned int is_ccs;
|
||||||
|
struct dtls1_retransmit_state saved_retransmit_state;
|
||||||
|
};
|
||||||
|
|
||||||
|
struct ccs_header_st {
|
||||||
|
unsigned char type;
|
||||||
|
unsigned short seq;
|
||||||
|
};
|
||||||
|
|
||||||
|
struct dtls1_timeout_st {
|
||||||
|
/* Number of read timeouts so far */
|
||||||
|
unsigned int read_timeouts;
|
||||||
|
/* Number of write timeouts so far */
|
||||||
|
unsigned int write_timeouts;
|
||||||
|
/* Number of alerts received so far */
|
||||||
|
unsigned int num_alerts;
|
||||||
|
};
|
||||||
|
|
||||||
|
typedef struct record_pqueue_st {
|
||||||
|
unsigned short epoch;
|
||||||
|
pqueue q;
|
||||||
|
} record_pqueue;
|
||||||
|
|
||||||
|
typedef struct hm_fragment_st {
|
||||||
|
struct hm_header_st msg_header;
|
||||||
|
unsigned char *fragment;
|
||||||
|
unsigned char *reassembly;
|
||||||
|
} hm_fragment;
|
||||||
|
|
||||||
|
typedef struct dtls1_state_st {
|
||||||
|
unsigned int send_cookie;
|
||||||
|
unsigned char cookie[DTLS1_COOKIE_LENGTH];
|
||||||
|
unsigned char rcvd_cookie[DTLS1_COOKIE_LENGTH];
|
||||||
|
unsigned int cookie_len;
|
||||||
|
/*
|
||||||
|
* The current data and handshake epoch. This is initially
|
||||||
|
* undefined, and starts at zero once the initial handshake is
|
||||||
|
* completed
|
||||||
|
*/
|
||||||
|
unsigned short r_epoch;
|
||||||
|
unsigned short w_epoch;
|
||||||
|
/* records being received in the current epoch */
|
||||||
|
DTLS1_BITMAP bitmap;
|
||||||
|
/* renegotiation starts a new set of sequence numbers */
|
||||||
|
DTLS1_BITMAP next_bitmap;
|
||||||
|
/* handshake message numbers */
|
||||||
|
unsigned short handshake_write_seq;
|
||||||
|
unsigned short next_handshake_write_seq;
|
||||||
|
unsigned short handshake_read_seq;
|
||||||
|
/* save last sequence number for retransmissions */
|
||||||
|
unsigned char last_write_sequence[8];
|
||||||
|
/* Received handshake records (processed and unprocessed) */
|
||||||
|
record_pqueue unprocessed_rcds;
|
||||||
|
record_pqueue processed_rcds;
|
||||||
|
/* Buffered handshake messages */
|
||||||
|
pqueue buffered_messages;
|
||||||
|
/* Buffered (sent) handshake records */
|
||||||
|
pqueue sent_messages;
|
||||||
|
/*
|
||||||
|
* Buffered application records. Only for records between CCS and
|
||||||
|
* Finished to prevent either protocol violation or unnecessary message
|
||||||
|
* loss.
|
||||||
|
*/
|
||||||
|
record_pqueue buffered_app_data;
|
||||||
|
/* Is set when listening for new connections with dtls1_listen() */
|
||||||
|
unsigned int listen;
|
||||||
|
unsigned int link_mtu; /* max on-the-wire DTLS packet size */
|
||||||
|
unsigned int mtu; /* max DTLS packet size */
|
||||||
|
struct hm_header_st w_msg_hdr;
|
||||||
|
struct hm_header_st r_msg_hdr;
|
||||||
|
struct dtls1_timeout_st timeout;
|
||||||
|
/*
|
||||||
|
* Indicates when the last handshake msg or heartbeat sent will timeout
|
||||||
|
*/
|
||||||
|
struct timeval next_timeout;
|
||||||
|
/* Timeout duration */
|
||||||
|
unsigned short timeout_duration;
|
||||||
|
/*
|
||||||
|
* storage for Alert/Handshake protocol data received but not yet
|
||||||
|
* processed by ssl3_read_bytes:
|
||||||
|
*/
|
||||||
|
unsigned char alert_fragment[DTLS1_AL_HEADER_LENGTH];
|
||||||
|
unsigned int alert_fragment_len;
|
||||||
|
unsigned char handshake_fragment[DTLS1_HM_HEADER_LENGTH];
|
||||||
|
unsigned int handshake_fragment_len;
|
||||||
|
unsigned int retransmitting;
|
||||||
|
/*
|
||||||
|
* Set when the handshake is ready to process peer's ChangeCipherSpec message.
|
||||||
|
* Cleared after the message has been processed.
|
||||||
|
*/
|
||||||
|
unsigned int change_cipher_spec_ok;
|
||||||
|
# ifndef OPENSSL_NO_SCTP
|
||||||
|
/* used when SSL_ST_XX_FLUSH is entered */
|
||||||
|
int next_state;
|
||||||
|
int shutdown_received;
|
||||||
|
# endif
|
||||||
|
} DTLS1_STATE;
|
||||||
|
|
||||||
|
typedef struct dtls1_record_data_st {
|
||||||
|
unsigned char *packet;
|
||||||
|
unsigned int packet_length;
|
||||||
|
SSL3_BUFFER rbuf;
|
||||||
|
SSL3_RECORD rrec;
|
||||||
|
# ifndef OPENSSL_NO_SCTP
|
||||||
|
struct bio_dgram_sctp_rcvinfo recordinfo;
|
||||||
|
# endif
|
||||||
|
} DTLS1_RECORD_DATA;
|
||||||
|
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* Timeout multipliers (timeout slice is defined in apps/timeouts.h */
|
||||||
|
# define DTLS1_TMO_READ_COUNT 2
|
||||||
|
# define DTLS1_TMO_WRITE_COUNT 2
|
||||||
|
|
||||||
|
# define DTLS1_TMO_ALERT_COUNT 12
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
|
@ -0,0 +1,322 @@
|
||||||
|
/* e_os2.h */
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* openssl-core@openssl.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <openssl/opensslconf.h>
|
||||||
|
|
||||||
|
#ifndef HEADER_E_OS2_H
|
||||||
|
# define HEADER_E_OS2_H
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/******************************************************************************
|
||||||
|
* Detect operating systems. This probably needs completing.
|
||||||
|
* The result is that at least one OPENSSL_SYS_os macro should be defined.
|
||||||
|
* However, if none is defined, Unix is assumed.
|
||||||
|
**/
|
||||||
|
|
||||||
|
# define OPENSSL_SYS_UNIX
|
||||||
|
|
||||||
|
/* ---------------------- Macintosh, before MacOS X ----------------------- */
|
||||||
|
# if defined(__MWERKS__) && defined(macintosh) || defined(OPENSSL_SYSNAME_MAC)
|
||||||
|
# undef OPENSSL_SYS_UNIX
|
||||||
|
# define OPENSSL_SYS_MACINTOSH_CLASSIC
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* ---------------------- NetWare ----------------------------------------- */
|
||||||
|
# if defined(NETWARE) || defined(OPENSSL_SYSNAME_NETWARE)
|
||||||
|
# undef OPENSSL_SYS_UNIX
|
||||||
|
# define OPENSSL_SYS_NETWARE
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* --------------------- Microsoft operating systems ---------------------- */
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Note that MSDOS actually denotes 32-bit environments running on top of
|
||||||
|
* MS-DOS, such as DJGPP one.
|
||||||
|
*/
|
||||||
|
# if defined(OPENSSL_SYSNAME_MSDOS)
|
||||||
|
# undef OPENSSL_SYS_UNIX
|
||||||
|
# define OPENSSL_SYS_MSDOS
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* For 32 bit environment, there seems to be the CygWin environment and then
|
||||||
|
* all the others that try to do the same thing Microsoft does...
|
||||||
|
*/
|
||||||
|
# if defined(OPENSSL_SYSNAME_UWIN)
|
||||||
|
# undef OPENSSL_SYS_UNIX
|
||||||
|
# define OPENSSL_SYS_WIN32_UWIN
|
||||||
|
# else
|
||||||
|
# if defined(__CYGWIN__) || defined(OPENSSL_SYSNAME_CYGWIN)
|
||||||
|
# undef OPENSSL_SYS_UNIX
|
||||||
|
# define OPENSSL_SYS_WIN32_CYGWIN
|
||||||
|
# else
|
||||||
|
# if defined(_WIN32) || defined(OPENSSL_SYSNAME_WIN32)
|
||||||
|
# undef OPENSSL_SYS_UNIX
|
||||||
|
# define OPENSSL_SYS_WIN32
|
||||||
|
# endif
|
||||||
|
# if defined(OPENSSL_SYSNAME_WINNT)
|
||||||
|
# undef OPENSSL_SYS_UNIX
|
||||||
|
# define OPENSSL_SYS_WINNT
|
||||||
|
# endif
|
||||||
|
# if defined(OPENSSL_SYSNAME_WINCE)
|
||||||
|
# undef OPENSSL_SYS_UNIX
|
||||||
|
# define OPENSSL_SYS_WINCE
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* Anything that tries to look like Microsoft is "Windows" */
|
||||||
|
# if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WINNT) || defined(OPENSSL_SYS_WINCE)
|
||||||
|
# undef OPENSSL_SYS_UNIX
|
||||||
|
# define OPENSSL_SYS_WINDOWS
|
||||||
|
# ifndef OPENSSL_SYS_MSDOS
|
||||||
|
# define OPENSSL_SYS_MSDOS
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* DLL settings. This part is a bit tough, because it's up to the
|
||||||
|
* application implementor how he or she will link the application, so it
|
||||||
|
* requires some macro to be used.
|
||||||
|
*/
|
||||||
|
# ifdef OPENSSL_SYS_WINDOWS
|
||||||
|
# ifndef OPENSSL_OPT_WINDLL
|
||||||
|
# if defined(_WINDLL) /* This is used when building OpenSSL to
|
||||||
|
* indicate that DLL linkage should be used */
|
||||||
|
# define OPENSSL_OPT_WINDLL
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* ------------------------------- OpenVMS -------------------------------- */
|
||||||
|
# if defined(__VMS) || defined(VMS) || defined(OPENSSL_SYSNAME_VMS)
|
||||||
|
# undef OPENSSL_SYS_UNIX
|
||||||
|
# define OPENSSL_SYS_VMS
|
||||||
|
# if defined(__DECC)
|
||||||
|
# define OPENSSL_SYS_VMS_DECC
|
||||||
|
# elif defined(__DECCXX)
|
||||||
|
# define OPENSSL_SYS_VMS_DECC
|
||||||
|
# define OPENSSL_SYS_VMS_DECCXX
|
||||||
|
# else
|
||||||
|
# define OPENSSL_SYS_VMS_NODECC
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* -------------------------------- OS/2 ---------------------------------- */
|
||||||
|
# if defined(__EMX__) || defined(__OS2__)
|
||||||
|
# undef OPENSSL_SYS_UNIX
|
||||||
|
# define OPENSSL_SYS_OS2
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* -------------------------------- Unix ---------------------------------- */
|
||||||
|
# ifdef OPENSSL_SYS_UNIX
|
||||||
|
# if defined(linux) || defined(__linux__) || defined(OPENSSL_SYSNAME_LINUX)
|
||||||
|
# define OPENSSL_SYS_LINUX
|
||||||
|
# endif
|
||||||
|
# ifdef OPENSSL_SYSNAME_MPE
|
||||||
|
# define OPENSSL_SYS_MPE
|
||||||
|
# endif
|
||||||
|
# ifdef OPENSSL_SYSNAME_SNI
|
||||||
|
# define OPENSSL_SYS_SNI
|
||||||
|
# endif
|
||||||
|
# ifdef OPENSSL_SYSNAME_ULTRASPARC
|
||||||
|
# define OPENSSL_SYS_ULTRASPARC
|
||||||
|
# endif
|
||||||
|
# ifdef OPENSSL_SYSNAME_NEWS4
|
||||||
|
# define OPENSSL_SYS_NEWS4
|
||||||
|
# endif
|
||||||
|
# ifdef OPENSSL_SYSNAME_MACOSX
|
||||||
|
# define OPENSSL_SYS_MACOSX
|
||||||
|
# endif
|
||||||
|
# ifdef OPENSSL_SYSNAME_MACOSX_RHAPSODY
|
||||||
|
# define OPENSSL_SYS_MACOSX_RHAPSODY
|
||||||
|
# define OPENSSL_SYS_MACOSX
|
||||||
|
# endif
|
||||||
|
# ifdef OPENSSL_SYSNAME_SUNOS
|
||||||
|
# define OPENSSL_SYS_SUNOS
|
||||||
|
# endif
|
||||||
|
# if defined(_CRAY) || defined(OPENSSL_SYSNAME_CRAY)
|
||||||
|
# define OPENSSL_SYS_CRAY
|
||||||
|
# endif
|
||||||
|
# if defined(_AIX) || defined(OPENSSL_SYSNAME_AIX)
|
||||||
|
# define OPENSSL_SYS_AIX
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* -------------------------------- VOS ----------------------------------- */
|
||||||
|
# if defined(__VOS__) || defined(OPENSSL_SYSNAME_VOS)
|
||||||
|
# define OPENSSL_SYS_VOS
|
||||||
|
# ifdef __HPPA__
|
||||||
|
# define OPENSSL_SYS_VOS_HPPA
|
||||||
|
# endif
|
||||||
|
# ifdef __IA32__
|
||||||
|
# define OPENSSL_SYS_VOS_IA32
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* ------------------------------ VxWorks --------------------------------- */
|
||||||
|
# ifdef OPENSSL_SYSNAME_VXWORKS
|
||||||
|
# define OPENSSL_SYS_VXWORKS
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* -------------------------------- BeOS ---------------------------------- */
|
||||||
|
# if defined(__BEOS__)
|
||||||
|
# define OPENSSL_SYS_BEOS
|
||||||
|
# include <sys/socket.h>
|
||||||
|
# if defined(BONE_VERSION)
|
||||||
|
# define OPENSSL_SYS_BEOS_BONE
|
||||||
|
# else
|
||||||
|
# define OPENSSL_SYS_BEOS_R5
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/**
|
||||||
|
* That's it for OS-specific stuff
|
||||||
|
*****************************************************************************/
|
||||||
|
|
||||||
|
/* Specials for I/O an exit */
|
||||||
|
# ifdef OPENSSL_SYS_MSDOS
|
||||||
|
# define OPENSSL_UNISTD_IO <io.h>
|
||||||
|
# define OPENSSL_DECLARE_EXIT extern void exit(int);
|
||||||
|
# else
|
||||||
|
# define OPENSSL_UNISTD_IO OPENSSL_UNISTD
|
||||||
|
# define OPENSSL_DECLARE_EXIT /* declared in unistd.h */
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/*-
|
||||||
|
* Definitions of OPENSSL_GLOBAL and OPENSSL_EXTERN, to define and declare
|
||||||
|
* certain global symbols that, with some compilers under VMS, have to be
|
||||||
|
* defined and declared explicitely with globaldef and globalref.
|
||||||
|
* Definitions of OPENSSL_EXPORT and OPENSSL_IMPORT, to define and declare
|
||||||
|
* DLL exports and imports for compilers under Win32. These are a little
|
||||||
|
* more complicated to use. Basically, for any library that exports some
|
||||||
|
* global variables, the following code must be present in the header file
|
||||||
|
* that declares them, before OPENSSL_EXTERN is used:
|
||||||
|
*
|
||||||
|
* #ifdef SOME_BUILD_FLAG_MACRO
|
||||||
|
* # undef OPENSSL_EXTERN
|
||||||
|
* # define OPENSSL_EXTERN OPENSSL_EXPORT
|
||||||
|
* #endif
|
||||||
|
*
|
||||||
|
* The default is to have OPENSSL_EXPORT, OPENSSL_IMPORT and OPENSSL_GLOBAL
|
||||||
|
* have some generally sensible values, and for OPENSSL_EXTERN to have the
|
||||||
|
* value OPENSSL_IMPORT.
|
||||||
|
*/
|
||||||
|
|
||||||
|
# if defined(OPENSSL_SYS_VMS_NODECC)
|
||||||
|
# define OPENSSL_EXPORT globalref
|
||||||
|
# define OPENSSL_IMPORT globalref
|
||||||
|
# define OPENSSL_GLOBAL globaldef
|
||||||
|
# elif defined(OPENSSL_SYS_WINDOWS) && defined(OPENSSL_OPT_WINDLL)
|
||||||
|
# define OPENSSL_EXPORT extern __declspec(dllexport)
|
||||||
|
# define OPENSSL_IMPORT extern __declspec(dllimport)
|
||||||
|
# define OPENSSL_GLOBAL
|
||||||
|
# else
|
||||||
|
# define OPENSSL_EXPORT extern
|
||||||
|
# define OPENSSL_IMPORT extern
|
||||||
|
# define OPENSSL_GLOBAL
|
||||||
|
# endif
|
||||||
|
# define OPENSSL_EXTERN OPENSSL_IMPORT
|
||||||
|
|
||||||
|
/*-
|
||||||
|
* Macros to allow global variables to be reached through function calls when
|
||||||
|
* required (if a shared library version requires it, for example.
|
||||||
|
* The way it's done allows definitions like this:
|
||||||
|
*
|
||||||
|
* // in foobar.c
|
||||||
|
* OPENSSL_IMPLEMENT_GLOBAL(int,foobar,0)
|
||||||
|
* // in foobar.h
|
||||||
|
* OPENSSL_DECLARE_GLOBAL(int,foobar);
|
||||||
|
* #define foobar OPENSSL_GLOBAL_REF(foobar)
|
||||||
|
*/
|
||||||
|
# ifdef OPENSSL_EXPORT_VAR_AS_FUNCTION
|
||||||
|
# define OPENSSL_IMPLEMENT_GLOBAL(type,name,value) \
|
||||||
|
type *_shadow_##name(void) \
|
||||||
|
{ static type _hide_##name=value; return &_hide_##name; }
|
||||||
|
# define OPENSSL_DECLARE_GLOBAL(type,name) type *_shadow_##name(void)
|
||||||
|
# define OPENSSL_GLOBAL_REF(name) (*(_shadow_##name()))
|
||||||
|
# else
|
||||||
|
# define OPENSSL_IMPLEMENT_GLOBAL(type,name,value) OPENSSL_GLOBAL type _shadow_##name=value;
|
||||||
|
# define OPENSSL_DECLARE_GLOBAL(type,name) OPENSSL_EXPORT type _shadow_##name
|
||||||
|
# define OPENSSL_GLOBAL_REF(name) _shadow_##name
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) && macintosh==1 && !defined(MAC_OS_GUSI_SOURCE)
|
||||||
|
# define ossl_ssize_t long
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifdef OPENSSL_SYS_MSDOS
|
||||||
|
# define ossl_ssize_t long
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# if defined(NeXT) || defined(OPENSSL_SYS_NEWS4) || defined(OPENSSL_SYS_SUNOS)
|
||||||
|
# define ssize_t int
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# if defined(__ultrix) && !defined(ssize_t)
|
||||||
|
# define ossl_ssize_t int
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef ossl_ssize_t
|
||||||
|
# define ossl_ssize_t ssize_t
|
||||||
|
# endif
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,134 @@
|
||||||
|
/* crypto/ecdh/ecdh.h */
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
|
||||||
|
*
|
||||||
|
* The Elliptic Curve Public-Key Crypto Library (ECC Code) included
|
||||||
|
* herein is developed by SUN MICROSYSTEMS, INC., and is contributed
|
||||||
|
* to the OpenSSL project.
|
||||||
|
*
|
||||||
|
* The ECC Code is licensed pursuant to the OpenSSL open source
|
||||||
|
* license provided below.
|
||||||
|
*
|
||||||
|
* The ECDH software is originally written by Douglas Stebila of
|
||||||
|
* Sun Microsystems Laboratories.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 2000-2002 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* licensing@OpenSSL.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
#ifndef HEADER_ECDH_H
|
||||||
|
# define HEADER_ECDH_H
|
||||||
|
|
||||||
|
# include <openssl/opensslconf.h>
|
||||||
|
|
||||||
|
# ifdef OPENSSL_NO_ECDH
|
||||||
|
# error ECDH is disabled.
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# include <openssl/ec.h>
|
||||||
|
# include <openssl/ossl_typ.h>
|
||||||
|
# ifndef OPENSSL_NO_DEPRECATED
|
||||||
|
# include <openssl/bn.h>
|
||||||
|
# endif
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
# define EC_FLAG_COFACTOR_ECDH 0x1000
|
||||||
|
|
||||||
|
const ECDH_METHOD *ECDH_OpenSSL(void);
|
||||||
|
|
||||||
|
void ECDH_set_default_method(const ECDH_METHOD *);
|
||||||
|
const ECDH_METHOD *ECDH_get_default_method(void);
|
||||||
|
int ECDH_set_method(EC_KEY *, const ECDH_METHOD *);
|
||||||
|
|
||||||
|
int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
|
||||||
|
EC_KEY *ecdh, void *(*KDF) (const void *in, size_t inlen,
|
||||||
|
void *out, size_t *outlen));
|
||||||
|
|
||||||
|
int ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new
|
||||||
|
*new_func, CRYPTO_EX_dup *dup_func,
|
||||||
|
CRYPTO_EX_free *free_func);
|
||||||
|
int ECDH_set_ex_data(EC_KEY *d, int idx, void *arg);
|
||||||
|
void *ECDH_get_ex_data(EC_KEY *d, int idx);
|
||||||
|
|
||||||
|
int ECDH_KDF_X9_62(unsigned char *out, size_t outlen,
|
||||||
|
const unsigned char *Z, size_t Zlen,
|
||||||
|
const unsigned char *sinfo, size_t sinfolen,
|
||||||
|
const EVP_MD *md);
|
||||||
|
|
||||||
|
/* BEGIN ERROR CODES */
|
||||||
|
/*
|
||||||
|
* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||||
|
* made after this point may be overwritten when the script is next run.
|
||||||
|
*/
|
||||||
|
void ERR_load_ECDH_strings(void);
|
||||||
|
|
||||||
|
/* Error codes for the ECDH functions. */
|
||||||
|
|
||||||
|
/* Function codes. */
|
||||||
|
# define ECDH_F_ECDH_CHECK 102
|
||||||
|
# define ECDH_F_ECDH_COMPUTE_KEY 100
|
||||||
|
# define ECDH_F_ECDH_DATA_NEW_METHOD 101
|
||||||
|
|
||||||
|
/* Reason codes. */
|
||||||
|
# define ECDH_R_KDF_FAILED 102
|
||||||
|
# define ECDH_R_NON_FIPS_METHOD 103
|
||||||
|
# define ECDH_R_NO_PRIVATE_VALUE 100
|
||||||
|
# define ECDH_R_POINT_ARITHMETIC_FAILURE 101
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
|
@ -0,0 +1,335 @@
|
||||||
|
/* crypto/ecdsa/ecdsa.h */
|
||||||
|
/**
|
||||||
|
* \file crypto/ecdsa/ecdsa.h Include file for the OpenSSL ECDSA functions
|
||||||
|
* \author Written by Nils Larsch for the OpenSSL project
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* licensing@OpenSSL.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
#ifndef HEADER_ECDSA_H
|
||||||
|
# define HEADER_ECDSA_H
|
||||||
|
|
||||||
|
# include <openssl/opensslconf.h>
|
||||||
|
|
||||||
|
# ifdef OPENSSL_NO_ECDSA
|
||||||
|
# error ECDSA is disabled.
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# include <openssl/ec.h>
|
||||||
|
# include <openssl/ossl_typ.h>
|
||||||
|
# ifndef OPENSSL_NO_DEPRECATED
|
||||||
|
# include <openssl/bn.h>
|
||||||
|
# endif
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
typedef struct ECDSA_SIG_st {
|
||||||
|
BIGNUM *r;
|
||||||
|
BIGNUM *s;
|
||||||
|
} ECDSA_SIG;
|
||||||
|
|
||||||
|
/** Allocates and initialize a ECDSA_SIG structure
|
||||||
|
* \return pointer to a ECDSA_SIG structure or NULL if an error occurred
|
||||||
|
*/
|
||||||
|
ECDSA_SIG *ECDSA_SIG_new(void);
|
||||||
|
|
||||||
|
/** frees a ECDSA_SIG structure
|
||||||
|
* \param sig pointer to the ECDSA_SIG structure
|
||||||
|
*/
|
||||||
|
void ECDSA_SIG_free(ECDSA_SIG *sig);
|
||||||
|
|
||||||
|
/** DER encode content of ECDSA_SIG object (note: this function modifies *pp
|
||||||
|
* (*pp += length of the DER encoded signature)).
|
||||||
|
* \param sig pointer to the ECDSA_SIG object
|
||||||
|
* \param pp pointer to a unsigned char pointer for the output or NULL
|
||||||
|
* \return the length of the DER encoded ECDSA_SIG object or 0
|
||||||
|
*/
|
||||||
|
int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
|
||||||
|
|
||||||
|
/** Decodes a DER encoded ECDSA signature (note: this function changes *pp
|
||||||
|
* (*pp += len)).
|
||||||
|
* \param sig pointer to ECDSA_SIG pointer (may be NULL)
|
||||||
|
* \param pp memory buffer with the DER encoded signature
|
||||||
|
* \param len length of the buffer
|
||||||
|
* \return pointer to the decoded ECDSA_SIG structure (or NULL)
|
||||||
|
*/
|
||||||
|
ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
|
||||||
|
|
||||||
|
/** Computes the ECDSA signature of the given hash value using
|
||||||
|
* the supplied private key and returns the created signature.
|
||||||
|
* \param dgst pointer to the hash value
|
||||||
|
* \param dgst_len length of the hash value
|
||||||
|
* \param eckey EC_KEY object containing a private EC key
|
||||||
|
* \return pointer to a ECDSA_SIG structure or NULL if an error occurred
|
||||||
|
*/
|
||||||
|
ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len,
|
||||||
|
EC_KEY *eckey);
|
||||||
|
|
||||||
|
/** Computes ECDSA signature of a given hash value using the supplied
|
||||||
|
* private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
|
||||||
|
* \param dgst pointer to the hash value to sign
|
||||||
|
* \param dgstlen length of the hash value
|
||||||
|
* \param kinv BIGNUM with a pre-computed inverse k (optional)
|
||||||
|
* \param rp BIGNUM with a pre-computed rp value (optioanl),
|
||||||
|
* see ECDSA_sign_setup
|
||||||
|
* \param eckey EC_KEY object containing a private EC key
|
||||||
|
* \return pointer to a ECDSA_SIG structure or NULL if an error occurred
|
||||||
|
*/
|
||||||
|
ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
|
||||||
|
const BIGNUM *kinv, const BIGNUM *rp,
|
||||||
|
EC_KEY *eckey);
|
||||||
|
|
||||||
|
/** Verifies that the supplied signature is a valid ECDSA
|
||||||
|
* signature of the supplied hash value using the supplied public key.
|
||||||
|
* \param dgst pointer to the hash value
|
||||||
|
* \param dgst_len length of the hash value
|
||||||
|
* \param sig ECDSA_SIG structure
|
||||||
|
* \param eckey EC_KEY object containing a public EC key
|
||||||
|
* \return 1 if the signature is valid, 0 if the signature is invalid
|
||||||
|
* and -1 on error
|
||||||
|
*/
|
||||||
|
int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
|
||||||
|
const ECDSA_SIG *sig, EC_KEY *eckey);
|
||||||
|
|
||||||
|
const ECDSA_METHOD *ECDSA_OpenSSL(void);
|
||||||
|
|
||||||
|
/** Sets the default ECDSA method
|
||||||
|
* \param meth new default ECDSA_METHOD
|
||||||
|
*/
|
||||||
|
void ECDSA_set_default_method(const ECDSA_METHOD *meth);
|
||||||
|
|
||||||
|
/** Returns the default ECDSA method
|
||||||
|
* \return pointer to ECDSA_METHOD structure containing the default method
|
||||||
|
*/
|
||||||
|
const ECDSA_METHOD *ECDSA_get_default_method(void);
|
||||||
|
|
||||||
|
/** Sets method to be used for the ECDSA operations
|
||||||
|
* \param eckey EC_KEY object
|
||||||
|
* \param meth new method
|
||||||
|
* \return 1 on success and 0 otherwise
|
||||||
|
*/
|
||||||
|
int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth);
|
||||||
|
|
||||||
|
/** Returns the maximum length of the DER encoded signature
|
||||||
|
* \param eckey EC_KEY object
|
||||||
|
* \return numbers of bytes required for the DER encoded signature
|
||||||
|
*/
|
||||||
|
int ECDSA_size(const EC_KEY *eckey);
|
||||||
|
|
||||||
|
/** Precompute parts of the signing operation
|
||||||
|
* \param eckey EC_KEY object containing a private EC key
|
||||||
|
* \param ctx BN_CTX object (optional)
|
||||||
|
* \param kinv BIGNUM pointer for the inverse of k
|
||||||
|
* \param rp BIGNUM pointer for x coordinate of k * generator
|
||||||
|
* \return 1 on success and 0 otherwise
|
||||||
|
*/
|
||||||
|
int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **rp);
|
||||||
|
|
||||||
|
/** Computes ECDSA signature of a given hash value using the supplied
|
||||||
|
* private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
|
||||||
|
* \param type this parameter is ignored
|
||||||
|
* \param dgst pointer to the hash value to sign
|
||||||
|
* \param dgstlen length of the hash value
|
||||||
|
* \param sig memory for the DER encoded created signature
|
||||||
|
* \param siglen pointer to the length of the returned signature
|
||||||
|
* \param eckey EC_KEY object containing a private EC key
|
||||||
|
* \return 1 on success and 0 otherwise
|
||||||
|
*/
|
||||||
|
int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
|
||||||
|
unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
|
||||||
|
|
||||||
|
/** Computes ECDSA signature of a given hash value using the supplied
|
||||||
|
* private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
|
||||||
|
* \param type this parameter is ignored
|
||||||
|
* \param dgst pointer to the hash value to sign
|
||||||
|
* \param dgstlen length of the hash value
|
||||||
|
* \param sig buffer to hold the DER encoded signature
|
||||||
|
* \param siglen pointer to the length of the returned signature
|
||||||
|
* \param kinv BIGNUM with a pre-computed inverse k (optional)
|
||||||
|
* \param rp BIGNUM with a pre-computed rp value (optioanl),
|
||||||
|
* see ECDSA_sign_setup
|
||||||
|
* \param eckey EC_KEY object containing a private EC key
|
||||||
|
* \return 1 on success and 0 otherwise
|
||||||
|
*/
|
||||||
|
int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen,
|
||||||
|
unsigned char *sig, unsigned int *siglen,
|
||||||
|
const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);
|
||||||
|
|
||||||
|
/** Verifies that the given signature is valid ECDSA signature
|
||||||
|
* of the supplied hash value using the specified public key.
|
||||||
|
* \param type this parameter is ignored
|
||||||
|
* \param dgst pointer to the hash value
|
||||||
|
* \param dgstlen length of the hash value
|
||||||
|
* \param sig pointer to the DER encoded signature
|
||||||
|
* \param siglen length of the DER encoded signature
|
||||||
|
* \param eckey EC_KEY object containing a public EC key
|
||||||
|
* \return 1 if the signature is valid, 0 if the signature is invalid
|
||||||
|
* and -1 on error
|
||||||
|
*/
|
||||||
|
int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
|
||||||
|
const unsigned char *sig, int siglen, EC_KEY *eckey);
|
||||||
|
|
||||||
|
/* the standard ex_data functions */
|
||||||
|
int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new
|
||||||
|
*new_func, CRYPTO_EX_dup *dup_func,
|
||||||
|
CRYPTO_EX_free *free_func);
|
||||||
|
int ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg);
|
||||||
|
void *ECDSA_get_ex_data(EC_KEY *d, int idx);
|
||||||
|
|
||||||
|
/** Allocates and initialize a ECDSA_METHOD structure
|
||||||
|
* \param ecdsa_method pointer to ECDSA_METHOD to copy. (May be NULL)
|
||||||
|
* \return pointer to a ECDSA_METHOD structure or NULL if an error occurred
|
||||||
|
*/
|
||||||
|
|
||||||
|
ECDSA_METHOD *ECDSA_METHOD_new(ECDSA_METHOD *ecdsa_method);
|
||||||
|
|
||||||
|
/** frees a ECDSA_METHOD structure
|
||||||
|
* \param ecdsa_method pointer to the ECDSA_METHOD structure
|
||||||
|
*/
|
||||||
|
void ECDSA_METHOD_free(ECDSA_METHOD *ecdsa_method);
|
||||||
|
|
||||||
|
/** Sets application specific data in the ECDSA_METHOD
|
||||||
|
* \param ecdsa_method pointer to existing ECDSA_METHOD
|
||||||
|
* \param app application specific data to set
|
||||||
|
*/
|
||||||
|
|
||||||
|
void ECDSA_METHOD_set_app_data(ECDSA_METHOD *ecdsa_method, void *app);
|
||||||
|
|
||||||
|
/** Returns application specific data from a ECDSA_METHOD structure
|
||||||
|
* \param ecdsa_method pointer to ECDSA_METHOD structure
|
||||||
|
* \return pointer to application specific data.
|
||||||
|
*/
|
||||||
|
|
||||||
|
void *ECDSA_METHOD_get_app_data(ECDSA_METHOD *ecdsa_method);
|
||||||
|
|
||||||
|
/** Set the ECDSA_do_sign function in the ECDSA_METHOD
|
||||||
|
* \param ecdsa_method pointer to existing ECDSA_METHOD
|
||||||
|
* \param ecdsa_do_sign a funtion of type ECDSA_do_sign
|
||||||
|
*/
|
||||||
|
|
||||||
|
void ECDSA_METHOD_set_sign(ECDSA_METHOD *ecdsa_method,
|
||||||
|
ECDSA_SIG *(*ecdsa_do_sign) (const unsigned char
|
||||||
|
*dgst, int dgst_len,
|
||||||
|
const BIGNUM *inv,
|
||||||
|
const BIGNUM *rp,
|
||||||
|
EC_KEY *eckey));
|
||||||
|
|
||||||
|
/** Set the ECDSA_sign_setup function in the ECDSA_METHOD
|
||||||
|
* \param ecdsa_method pointer to existing ECDSA_METHOD
|
||||||
|
* \param ecdsa_sign_setup a funtion of type ECDSA_sign_setup
|
||||||
|
*/
|
||||||
|
|
||||||
|
void ECDSA_METHOD_set_sign_setup(ECDSA_METHOD *ecdsa_method,
|
||||||
|
int (*ecdsa_sign_setup) (EC_KEY *eckey,
|
||||||
|
BN_CTX *ctx,
|
||||||
|
BIGNUM **kinv,
|
||||||
|
BIGNUM **r));
|
||||||
|
|
||||||
|
/** Set the ECDSA_do_verify function in the ECDSA_METHOD
|
||||||
|
* \param ecdsa_method pointer to existing ECDSA_METHOD
|
||||||
|
* \param ecdsa_do_verify a funtion of type ECDSA_do_verify
|
||||||
|
*/
|
||||||
|
|
||||||
|
void ECDSA_METHOD_set_verify(ECDSA_METHOD *ecdsa_method,
|
||||||
|
int (*ecdsa_do_verify) (const unsigned char
|
||||||
|
*dgst, int dgst_len,
|
||||||
|
const ECDSA_SIG *sig,
|
||||||
|
EC_KEY *eckey));
|
||||||
|
|
||||||
|
void ECDSA_METHOD_set_flags(ECDSA_METHOD *ecdsa_method, int flags);
|
||||||
|
|
||||||
|
/** Set the flags field in the ECDSA_METHOD
|
||||||
|
* \param ecdsa_method pointer to existing ECDSA_METHOD
|
||||||
|
* \param flags flags value to set
|
||||||
|
*/
|
||||||
|
|
||||||
|
void ECDSA_METHOD_set_name(ECDSA_METHOD *ecdsa_method, char *name);
|
||||||
|
|
||||||
|
/** Set the name field in the ECDSA_METHOD
|
||||||
|
* \param ecdsa_method pointer to existing ECDSA_METHOD
|
||||||
|
* \param name name to set
|
||||||
|
*/
|
||||||
|
|
||||||
|
/* BEGIN ERROR CODES */
|
||||||
|
/*
|
||||||
|
* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||||
|
* made after this point may be overwritten when the script is next run.
|
||||||
|
*/
|
||||||
|
void ERR_load_ECDSA_strings(void);
|
||||||
|
|
||||||
|
/* Error codes for the ECDSA functions. */
|
||||||
|
|
||||||
|
/* Function codes. */
|
||||||
|
# define ECDSA_F_ECDSA_CHECK 104
|
||||||
|
# define ECDSA_F_ECDSA_DATA_NEW_METHOD 100
|
||||||
|
# define ECDSA_F_ECDSA_DO_SIGN 101
|
||||||
|
# define ECDSA_F_ECDSA_DO_VERIFY 102
|
||||||
|
# define ECDSA_F_ECDSA_METHOD_NEW 105
|
||||||
|
# define ECDSA_F_ECDSA_SIGN_SETUP 103
|
||||||
|
|
||||||
|
/* Reason codes. */
|
||||||
|
# define ECDSA_R_BAD_SIGNATURE 100
|
||||||
|
# define ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 101
|
||||||
|
# define ECDSA_R_ERR_EC_LIB 102
|
||||||
|
# define ECDSA_R_MISSING_PARAMETERS 103
|
||||||
|
# define ECDSA_R_NEED_NEW_SETUP_VALUES 106
|
||||||
|
# define ECDSA_R_NON_FIPS_METHOD 107
|
||||||
|
# define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED 104
|
||||||
|
# define ECDSA_R_SIGNATURE_MALLOC_FAILED 105
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
|
@ -0,0 +1,389 @@
|
||||||
|
/* crypto/err/err.h */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* openssl-core@openssl.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_ERR_H
|
||||||
|
# define HEADER_ERR_H
|
||||||
|
|
||||||
|
# include <openssl/e_os2.h>
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_FP_API
|
||||||
|
# include <stdio.h>
|
||||||
|
# include <stdlib.h>
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# include <openssl/ossl_typ.h>
|
||||||
|
# ifndef OPENSSL_NO_BIO
|
||||||
|
# include <openssl/bio.h>
|
||||||
|
# endif
|
||||||
|
# ifndef OPENSSL_NO_LHASH
|
||||||
|
# include <openssl/lhash.h>
|
||||||
|
# endif
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_ERR
|
||||||
|
# define ERR_PUT_error(a,b,c,d,e) ERR_put_error(a,b,c,d,e)
|
||||||
|
# else
|
||||||
|
# define ERR_PUT_error(a,b,c,d,e) ERR_put_error(a,b,c,NULL,0)
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# include <errno.h>
|
||||||
|
|
||||||
|
# define ERR_TXT_MALLOCED 0x01
|
||||||
|
# define ERR_TXT_STRING 0x02
|
||||||
|
|
||||||
|
# define ERR_FLAG_MARK 0x01
|
||||||
|
|
||||||
|
# define ERR_NUM_ERRORS 16
|
||||||
|
typedef struct err_state_st {
|
||||||
|
CRYPTO_THREADID tid;
|
||||||
|
int err_flags[ERR_NUM_ERRORS];
|
||||||
|
unsigned long err_buffer[ERR_NUM_ERRORS];
|
||||||
|
char *err_data[ERR_NUM_ERRORS];
|
||||||
|
int err_data_flags[ERR_NUM_ERRORS];
|
||||||
|
const char *err_file[ERR_NUM_ERRORS];
|
||||||
|
int err_line[ERR_NUM_ERRORS];
|
||||||
|
int top, bottom;
|
||||||
|
} ERR_STATE;
|
||||||
|
|
||||||
|
/* library */
|
||||||
|
# define ERR_LIB_NONE 1
|
||||||
|
# define ERR_LIB_SYS 2
|
||||||
|
# define ERR_LIB_BN 3
|
||||||
|
# define ERR_LIB_RSA 4
|
||||||
|
# define ERR_LIB_DH 5
|
||||||
|
# define ERR_LIB_EVP 6
|
||||||
|
# define ERR_LIB_BUF 7
|
||||||
|
# define ERR_LIB_OBJ 8
|
||||||
|
# define ERR_LIB_PEM 9
|
||||||
|
# define ERR_LIB_DSA 10
|
||||||
|
# define ERR_LIB_X509 11
|
||||||
|
/* #define ERR_LIB_METH 12 */
|
||||||
|
# define ERR_LIB_ASN1 13
|
||||||
|
# define ERR_LIB_CONF 14
|
||||||
|
# define ERR_LIB_CRYPTO 15
|
||||||
|
# define ERR_LIB_EC 16
|
||||||
|
# define ERR_LIB_SSL 20
|
||||||
|
/* #define ERR_LIB_SSL23 21 */
|
||||||
|
/* #define ERR_LIB_SSL2 22 */
|
||||||
|
/* #define ERR_LIB_SSL3 23 */
|
||||||
|
/* #define ERR_LIB_RSAREF 30 */
|
||||||
|
/* #define ERR_LIB_PROXY 31 */
|
||||||
|
# define ERR_LIB_BIO 32
|
||||||
|
# define ERR_LIB_PKCS7 33
|
||||||
|
# define ERR_LIB_X509V3 34
|
||||||
|
# define ERR_LIB_PKCS12 35
|
||||||
|
# define ERR_LIB_RAND 36
|
||||||
|
# define ERR_LIB_DSO 37
|
||||||
|
# define ERR_LIB_ENGINE 38
|
||||||
|
# define ERR_LIB_OCSP 39
|
||||||
|
# define ERR_LIB_UI 40
|
||||||
|
# define ERR_LIB_COMP 41
|
||||||
|
# define ERR_LIB_ECDSA 42
|
||||||
|
# define ERR_LIB_ECDH 43
|
||||||
|
# define ERR_LIB_STORE 44
|
||||||
|
# define ERR_LIB_FIPS 45
|
||||||
|
# define ERR_LIB_CMS 46
|
||||||
|
# define ERR_LIB_TS 47
|
||||||
|
# define ERR_LIB_HMAC 48
|
||||||
|
# define ERR_LIB_JPAKE 49
|
||||||
|
|
||||||
|
# define ERR_LIB_USER 128
|
||||||
|
|
||||||
|
# define SYSerr(f,r) ERR_PUT_error(ERR_LIB_SYS,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define BNerr(f,r) ERR_PUT_error(ERR_LIB_BN,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define RSAerr(f,r) ERR_PUT_error(ERR_LIB_RSA,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define DHerr(f,r) ERR_PUT_error(ERR_LIB_DH,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define EVPerr(f,r) ERR_PUT_error(ERR_LIB_EVP,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define BUFerr(f,r) ERR_PUT_error(ERR_LIB_BUF,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define OBJerr(f,r) ERR_PUT_error(ERR_LIB_OBJ,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define PEMerr(f,r) ERR_PUT_error(ERR_LIB_PEM,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define DSAerr(f,r) ERR_PUT_error(ERR_LIB_DSA,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define X509err(f,r) ERR_PUT_error(ERR_LIB_X509,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define ASN1err(f,r) ERR_PUT_error(ERR_LIB_ASN1,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define CONFerr(f,r) ERR_PUT_error(ERR_LIB_CONF,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define CRYPTOerr(f,r) ERR_PUT_error(ERR_LIB_CRYPTO,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define ECerr(f,r) ERR_PUT_error(ERR_LIB_EC,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define SSLerr(f,r) ERR_PUT_error(ERR_LIB_SSL,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define BIOerr(f,r) ERR_PUT_error(ERR_LIB_BIO,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define PKCS7err(f,r) ERR_PUT_error(ERR_LIB_PKCS7,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define X509V3err(f,r) ERR_PUT_error(ERR_LIB_X509V3,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define PKCS12err(f,r) ERR_PUT_error(ERR_LIB_PKCS12,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define RANDerr(f,r) ERR_PUT_error(ERR_LIB_RAND,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define DSOerr(f,r) ERR_PUT_error(ERR_LIB_DSO,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define ENGINEerr(f,r) ERR_PUT_error(ERR_LIB_ENGINE,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define OCSPerr(f,r) ERR_PUT_error(ERR_LIB_OCSP,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define UIerr(f,r) ERR_PUT_error(ERR_LIB_UI,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define COMPerr(f,r) ERR_PUT_error(ERR_LIB_COMP,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define ECDSAerr(f,r) ERR_PUT_error(ERR_LIB_ECDSA,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define ECDHerr(f,r) ERR_PUT_error(ERR_LIB_ECDH,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define STOREerr(f,r) ERR_PUT_error(ERR_LIB_STORE,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define FIPSerr(f,r) ERR_PUT_error(ERR_LIB_FIPS,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define CMSerr(f,r) ERR_PUT_error(ERR_LIB_CMS,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define TSerr(f,r) ERR_PUT_error(ERR_LIB_TS,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define HMACerr(f,r) ERR_PUT_error(ERR_LIB_HMAC,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define JPAKEerr(f,r) ERR_PUT_error(ERR_LIB_JPAKE,(f),(r),__FILE__,__LINE__)
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Borland C seems too stupid to be able to shift and do longs in the
|
||||||
|
* pre-processor :-(
|
||||||
|
*/
|
||||||
|
# define ERR_PACK(l,f,r) (((((unsigned long)l)&0xffL)*0x1000000)| \
|
||||||
|
((((unsigned long)f)&0xfffL)*0x1000)| \
|
||||||
|
((((unsigned long)r)&0xfffL)))
|
||||||
|
# define ERR_GET_LIB(l) (int)((((unsigned long)l)>>24L)&0xffL)
|
||||||
|
# define ERR_GET_FUNC(l) (int)((((unsigned long)l)>>12L)&0xfffL)
|
||||||
|
# define ERR_GET_REASON(l) (int)((l)&0xfffL)
|
||||||
|
# define ERR_FATAL_ERROR(l) (int)((l)&ERR_R_FATAL)
|
||||||
|
|
||||||
|
/* OS functions */
|
||||||
|
# define SYS_F_FOPEN 1
|
||||||
|
# define SYS_F_CONNECT 2
|
||||||
|
# define SYS_F_GETSERVBYNAME 3
|
||||||
|
# define SYS_F_SOCKET 4
|
||||||
|
# define SYS_F_IOCTLSOCKET 5
|
||||||
|
# define SYS_F_BIND 6
|
||||||
|
# define SYS_F_LISTEN 7
|
||||||
|
# define SYS_F_ACCEPT 8
|
||||||
|
# define SYS_F_WSASTARTUP 9/* Winsock stuff */
|
||||||
|
# define SYS_F_OPENDIR 10
|
||||||
|
# define SYS_F_FREAD 11
|
||||||
|
|
||||||
|
/* reasons */
|
||||||
|
# define ERR_R_SYS_LIB ERR_LIB_SYS/* 2 */
|
||||||
|
# define ERR_R_BN_LIB ERR_LIB_BN/* 3 */
|
||||||
|
# define ERR_R_RSA_LIB ERR_LIB_RSA/* 4 */
|
||||||
|
# define ERR_R_DH_LIB ERR_LIB_DH/* 5 */
|
||||||
|
# define ERR_R_EVP_LIB ERR_LIB_EVP/* 6 */
|
||||||
|
# define ERR_R_BUF_LIB ERR_LIB_BUF/* 7 */
|
||||||
|
# define ERR_R_OBJ_LIB ERR_LIB_OBJ/* 8 */
|
||||||
|
# define ERR_R_PEM_LIB ERR_LIB_PEM/* 9 */
|
||||||
|
# define ERR_R_DSA_LIB ERR_LIB_DSA/* 10 */
|
||||||
|
# define ERR_R_X509_LIB ERR_LIB_X509/* 11 */
|
||||||
|
# define ERR_R_ASN1_LIB ERR_LIB_ASN1/* 13 */
|
||||||
|
# define ERR_R_CONF_LIB ERR_LIB_CONF/* 14 */
|
||||||
|
# define ERR_R_CRYPTO_LIB ERR_LIB_CRYPTO/* 15 */
|
||||||
|
# define ERR_R_EC_LIB ERR_LIB_EC/* 16 */
|
||||||
|
# define ERR_R_SSL_LIB ERR_LIB_SSL/* 20 */
|
||||||
|
# define ERR_R_BIO_LIB ERR_LIB_BIO/* 32 */
|
||||||
|
# define ERR_R_PKCS7_LIB ERR_LIB_PKCS7/* 33 */
|
||||||
|
# define ERR_R_X509V3_LIB ERR_LIB_X509V3/* 34 */
|
||||||
|
# define ERR_R_PKCS12_LIB ERR_LIB_PKCS12/* 35 */
|
||||||
|
# define ERR_R_RAND_LIB ERR_LIB_RAND/* 36 */
|
||||||
|
# define ERR_R_DSO_LIB ERR_LIB_DSO/* 37 */
|
||||||
|
# define ERR_R_ENGINE_LIB ERR_LIB_ENGINE/* 38 */
|
||||||
|
# define ERR_R_OCSP_LIB ERR_LIB_OCSP/* 39 */
|
||||||
|
# define ERR_R_UI_LIB ERR_LIB_UI/* 40 */
|
||||||
|
# define ERR_R_COMP_LIB ERR_LIB_COMP/* 41 */
|
||||||
|
# define ERR_R_ECDSA_LIB ERR_LIB_ECDSA/* 42 */
|
||||||
|
# define ERR_R_ECDH_LIB ERR_LIB_ECDH/* 43 */
|
||||||
|
# define ERR_R_STORE_LIB ERR_LIB_STORE/* 44 */
|
||||||
|
# define ERR_R_TS_LIB ERR_LIB_TS/* 45 */
|
||||||
|
|
||||||
|
# define ERR_R_NESTED_ASN1_ERROR 58
|
||||||
|
# define ERR_R_BAD_ASN1_OBJECT_HEADER 59
|
||||||
|
# define ERR_R_BAD_GET_ASN1_OBJECT_CALL 60
|
||||||
|
# define ERR_R_EXPECTING_AN_ASN1_SEQUENCE 61
|
||||||
|
# define ERR_R_ASN1_LENGTH_MISMATCH 62
|
||||||
|
# define ERR_R_MISSING_ASN1_EOS 63
|
||||||
|
|
||||||
|
/* fatal error */
|
||||||
|
# define ERR_R_FATAL 64
|
||||||
|
# define ERR_R_MALLOC_FAILURE (1|ERR_R_FATAL)
|
||||||
|
# define ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED (2|ERR_R_FATAL)
|
||||||
|
# define ERR_R_PASSED_NULL_PARAMETER (3|ERR_R_FATAL)
|
||||||
|
# define ERR_R_INTERNAL_ERROR (4|ERR_R_FATAL)
|
||||||
|
# define ERR_R_DISABLED (5|ERR_R_FATAL)
|
||||||
|
|
||||||
|
/*
|
||||||
|
* 99 is the maximum possible ERR_R_... code, higher values are reserved for
|
||||||
|
* the individual libraries
|
||||||
|
*/
|
||||||
|
|
||||||
|
typedef struct ERR_string_data_st {
|
||||||
|
unsigned long error;
|
||||||
|
const char *string;
|
||||||
|
} ERR_STRING_DATA;
|
||||||
|
|
||||||
|
void ERR_put_error(int lib, int func, int reason, const char *file, int line);
|
||||||
|
void ERR_set_error_data(char *data, int flags);
|
||||||
|
|
||||||
|
unsigned long ERR_get_error(void);
|
||||||
|
unsigned long ERR_get_error_line(const char **file, int *line);
|
||||||
|
unsigned long ERR_get_error_line_data(const char **file, int *line,
|
||||||
|
const char **data, int *flags);
|
||||||
|
unsigned long ERR_peek_error(void);
|
||||||
|
unsigned long ERR_peek_error_line(const char **file, int *line);
|
||||||
|
unsigned long ERR_peek_error_line_data(const char **file, int *line,
|
||||||
|
const char **data, int *flags);
|
||||||
|
unsigned long ERR_peek_last_error(void);
|
||||||
|
unsigned long ERR_peek_last_error_line(const char **file, int *line);
|
||||||
|
unsigned long ERR_peek_last_error_line_data(const char **file, int *line,
|
||||||
|
const char **data, int *flags);
|
||||||
|
void ERR_clear_error(void);
|
||||||
|
char *ERR_error_string(unsigned long e, char *buf);
|
||||||
|
void ERR_error_string_n(unsigned long e, char *buf, size_t len);
|
||||||
|
const char *ERR_lib_error_string(unsigned long e);
|
||||||
|
const char *ERR_func_error_string(unsigned long e);
|
||||||
|
const char *ERR_reason_error_string(unsigned long e);
|
||||||
|
void ERR_print_errors_cb(int (*cb) (const char *str, size_t len, void *u),
|
||||||
|
void *u);
|
||||||
|
# ifndef OPENSSL_NO_FP_API
|
||||||
|
void ERR_print_errors_fp(FILE *fp);
|
||||||
|
# endif
|
||||||
|
# ifndef OPENSSL_NO_BIO
|
||||||
|
void ERR_print_errors(BIO *bp);
|
||||||
|
# endif
|
||||||
|
void ERR_add_error_data(int num, ...);
|
||||||
|
void ERR_add_error_vdata(int num, va_list args);
|
||||||
|
void ERR_load_strings(int lib, ERR_STRING_DATA str[]);
|
||||||
|
void ERR_unload_strings(int lib, ERR_STRING_DATA str[]);
|
||||||
|
void ERR_load_ERR_strings(void);
|
||||||
|
void ERR_load_crypto_strings(void);
|
||||||
|
void ERR_free_strings(void);
|
||||||
|
|
||||||
|
void ERR_remove_thread_state(const CRYPTO_THREADID *tid);
|
||||||
|
# ifndef OPENSSL_NO_DEPRECATED
|
||||||
|
void ERR_remove_state(unsigned long pid); /* if zero we look it up */
|
||||||
|
# endif
|
||||||
|
ERR_STATE *ERR_get_state(void);
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_LHASH
|
||||||
|
LHASH_OF(ERR_STRING_DATA) *ERR_get_string_table(void);
|
||||||
|
LHASH_OF(ERR_STATE) *ERR_get_err_state_table(void);
|
||||||
|
void ERR_release_err_state_table(LHASH_OF(ERR_STATE) **hash);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
int ERR_get_next_error_library(void);
|
||||||
|
|
||||||
|
int ERR_set_mark(void);
|
||||||
|
int ERR_pop_to_mark(void);
|
||||||
|
|
||||||
|
/* Already defined in ossl_typ.h */
|
||||||
|
/* typedef struct st_ERR_FNS ERR_FNS; */
|
||||||
|
/*
|
||||||
|
* An application can use this function and provide the return value to
|
||||||
|
* loaded modules that should use the application's ERR state/functionality
|
||||||
|
*/
|
||||||
|
const ERR_FNS *ERR_get_implementation(void);
|
||||||
|
/*
|
||||||
|
* A loaded module should call this function prior to any ERR operations
|
||||||
|
* using the application's "ERR_FNS".
|
||||||
|
*/
|
||||||
|
int ERR_set_implementation(const ERR_FNS *fns);
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#endif
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,109 @@
|
||||||
|
/* crypto/hmac/hmac.h */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
#ifndef HEADER_HMAC_H
|
||||||
|
# define HEADER_HMAC_H
|
||||||
|
|
||||||
|
# include <openssl/opensslconf.h>
|
||||||
|
|
||||||
|
# ifdef OPENSSL_NO_HMAC
|
||||||
|
# error HMAC is disabled.
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# include <openssl/evp.h>
|
||||||
|
|
||||||
|
# define HMAC_MAX_MD_CBLOCK 128/* largest known is SHA512 */
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
typedef struct hmac_ctx_st {
|
||||||
|
const EVP_MD *md;
|
||||||
|
EVP_MD_CTX md_ctx;
|
||||||
|
EVP_MD_CTX i_ctx;
|
||||||
|
EVP_MD_CTX o_ctx;
|
||||||
|
unsigned int key_length;
|
||||||
|
unsigned char key[HMAC_MAX_MD_CBLOCK];
|
||||||
|
} HMAC_CTX;
|
||||||
|
|
||||||
|
# define HMAC_size(e) (EVP_MD_size((e)->md))
|
||||||
|
|
||||||
|
void HMAC_CTX_init(HMAC_CTX *ctx);
|
||||||
|
void HMAC_CTX_cleanup(HMAC_CTX *ctx);
|
||||||
|
|
||||||
|
/* deprecated */
|
||||||
|
# define HMAC_cleanup(ctx) HMAC_CTX_cleanup(ctx)
|
||||||
|
|
||||||
|
/* deprecated */
|
||||||
|
int HMAC_Init(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md);
|
||||||
|
int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
|
||||||
|
const EVP_MD *md, ENGINE *impl);
|
||||||
|
int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len);
|
||||||
|
int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
|
||||||
|
unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
|
||||||
|
const unsigned char *d, size_t n, unsigned char *md,
|
||||||
|
unsigned int *md_len);
|
||||||
|
int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);
|
||||||
|
|
||||||
|
void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags);
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#endif
|
|
@ -0,0 +1,197 @@
|
||||||
|
/* ssl/kssl.h -*- mode: C; c-file-style: "eay" -*- */
|
||||||
|
/*
|
||||||
|
* Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project
|
||||||
|
* 2000. project 2000.
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* licensing@OpenSSL.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
** 19990701 VRS Started.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef KSSL_H
|
||||||
|
# define KSSL_H
|
||||||
|
|
||||||
|
# include <openssl/opensslconf.h>
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_KRB5
|
||||||
|
|
||||||
|
# include <stdio.h>
|
||||||
|
# include <ctype.h>
|
||||||
|
# include <krb5.h>
|
||||||
|
# ifdef OPENSSL_SYS_WIN32
|
||||||
|
/*
|
||||||
|
* These can sometimes get redefined indirectly by krb5 header files after
|
||||||
|
* they get undefed in ossl_typ.h
|
||||||
|
*/
|
||||||
|
# undef X509_NAME
|
||||||
|
# undef X509_EXTENSIONS
|
||||||
|
# undef OCSP_REQUEST
|
||||||
|
# undef OCSP_RESPONSE
|
||||||
|
# endif
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Depending on which KRB5 implementation used, some types from
|
||||||
|
* the other may be missing. Resolve that here and now
|
||||||
|
*/
|
||||||
|
# ifdef KRB5_HEIMDAL
|
||||||
|
typedef unsigned char krb5_octet;
|
||||||
|
# define FAR
|
||||||
|
# else
|
||||||
|
|
||||||
|
# ifndef FAR
|
||||||
|
# define FAR
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/*-
|
||||||
|
* Uncomment this to debug kssl problems or
|
||||||
|
* to trace usage of the Kerberos session key
|
||||||
|
*
|
||||||
|
* #define KSSL_DEBUG
|
||||||
|
*/
|
||||||
|
|
||||||
|
# ifndef KRB5SVC
|
||||||
|
# define KRB5SVC "host"
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef KRB5KEYTAB
|
||||||
|
# define KRB5KEYTAB "/etc/krb5.keytab"
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef KRB5SENDAUTH
|
||||||
|
# define KRB5SENDAUTH 1
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef KRB5CHECKAUTH
|
||||||
|
# define KRB5CHECKAUTH 1
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef KSSL_CLOCKSKEW
|
||||||
|
# define KSSL_CLOCKSKEW 300;
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# define KSSL_ERR_MAX 255
|
||||||
|
typedef struct kssl_err_st {
|
||||||
|
int reason;
|
||||||
|
char text[KSSL_ERR_MAX + 1];
|
||||||
|
} KSSL_ERR;
|
||||||
|
|
||||||
|
/*- Context for passing
|
||||||
|
* (1) Kerberos session key to SSL, and
|
||||||
|
* (2) Config data between application and SSL lib
|
||||||
|
*/
|
||||||
|
typedef struct kssl_ctx_st {
|
||||||
|
/* used by: disposition: */
|
||||||
|
char *service_name; /* C,S default ok (kssl) */
|
||||||
|
char *service_host; /* C input, REQUIRED */
|
||||||
|
char *client_princ; /* S output from krb5 ticket */
|
||||||
|
char *keytab_file; /* S NULL (/etc/krb5.keytab) */
|
||||||
|
char *cred_cache; /* C NULL (default) */
|
||||||
|
krb5_enctype enctype;
|
||||||
|
int length;
|
||||||
|
krb5_octet FAR *key;
|
||||||
|
} KSSL_CTX;
|
||||||
|
|
||||||
|
# define KSSL_CLIENT 1
|
||||||
|
# define KSSL_SERVER 2
|
||||||
|
# define KSSL_SERVICE 3
|
||||||
|
# define KSSL_KEYTAB 4
|
||||||
|
|
||||||
|
# define KSSL_CTX_OK 0
|
||||||
|
# define KSSL_CTX_ERR 1
|
||||||
|
# define KSSL_NOMEM 2
|
||||||
|
|
||||||
|
/* Public (for use by applications that use OpenSSL with Kerberos 5 support */
|
||||||
|
krb5_error_code kssl_ctx_setstring(KSSL_CTX *kssl_ctx, int which, char *text);
|
||||||
|
KSSL_CTX *kssl_ctx_new(void);
|
||||||
|
KSSL_CTX *kssl_ctx_free(KSSL_CTX *kssl_ctx);
|
||||||
|
void kssl_ctx_show(KSSL_CTX *kssl_ctx);
|
||||||
|
krb5_error_code kssl_ctx_setprinc(KSSL_CTX *kssl_ctx, int which,
|
||||||
|
krb5_data *realm, krb5_data *entity,
|
||||||
|
int nentities);
|
||||||
|
krb5_error_code kssl_cget_tkt(KSSL_CTX *kssl_ctx, krb5_data **enc_tktp,
|
||||||
|
krb5_data *authenp, KSSL_ERR *kssl_err);
|
||||||
|
krb5_error_code kssl_sget_tkt(KSSL_CTX *kssl_ctx, krb5_data *indata,
|
||||||
|
krb5_ticket_times *ttimes, KSSL_ERR *kssl_err);
|
||||||
|
krb5_error_code kssl_ctx_setkey(KSSL_CTX *kssl_ctx, krb5_keyblock *session);
|
||||||
|
void kssl_err_set(KSSL_ERR *kssl_err, int reason, char *text);
|
||||||
|
void kssl_krb5_free_data_contents(krb5_context context, krb5_data *data);
|
||||||
|
krb5_error_code kssl_build_principal_2(krb5_context context,
|
||||||
|
krb5_principal *princ, int rlen,
|
||||||
|
const char *realm, int slen,
|
||||||
|
const char *svc, int hlen,
|
||||||
|
const char *host);
|
||||||
|
krb5_error_code kssl_validate_times(krb5_timestamp atime,
|
||||||
|
krb5_ticket_times *ttimes);
|
||||||
|
krb5_error_code kssl_check_authent(KSSL_CTX *kssl_ctx, krb5_data *authentp,
|
||||||
|
krb5_timestamp *atimep,
|
||||||
|
KSSL_ERR *kssl_err);
|
||||||
|
unsigned char *kssl_skip_confound(krb5_enctype enctype, unsigned char *authn);
|
||||||
|
|
||||||
|
void SSL_set0_kssl_ctx(SSL *s, KSSL_CTX *kctx);
|
||||||
|
KSSL_CTX *SSL_get0_kssl_ctx(SSL *s);
|
||||||
|
char *kssl_ctx_get0_client_princ(KSSL_CTX *kctx);
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
# endif /* OPENSSL_NO_KRB5 */
|
||||||
|
#endif /* KSSL_H */
|
|
@ -0,0 +1,240 @@
|
||||||
|
/* crypto/lhash/lhash.h */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Header for dynamic hash table routines Author - Eric Young
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_LHASH_H
|
||||||
|
# define HEADER_LHASH_H
|
||||||
|
|
||||||
|
# include <openssl/e_os2.h>
|
||||||
|
# ifndef OPENSSL_NO_FP_API
|
||||||
|
# include <stdio.h>
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_BIO
|
||||||
|
# include <openssl/bio.h>
|
||||||
|
# endif
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
typedef struct lhash_node_st {
|
||||||
|
void *data;
|
||||||
|
struct lhash_node_st *next;
|
||||||
|
# ifndef OPENSSL_NO_HASH_COMP
|
||||||
|
unsigned long hash;
|
||||||
|
# endif
|
||||||
|
} LHASH_NODE;
|
||||||
|
|
||||||
|
typedef int (*LHASH_COMP_FN_TYPE) (const void *, const void *);
|
||||||
|
typedef unsigned long (*LHASH_HASH_FN_TYPE) (const void *);
|
||||||
|
typedef void (*LHASH_DOALL_FN_TYPE) (void *);
|
||||||
|
typedef void (*LHASH_DOALL_ARG_FN_TYPE) (void *, void *);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Macros for declaring and implementing type-safe wrappers for LHASH
|
||||||
|
* callbacks. This way, callbacks can be provided to LHASH structures without
|
||||||
|
* function pointer casting and the macro-defined callbacks provide
|
||||||
|
* per-variable casting before deferring to the underlying type-specific
|
||||||
|
* callbacks. NB: It is possible to place a "static" in front of both the
|
||||||
|
* DECLARE and IMPLEMENT macros if the functions are strictly internal.
|
||||||
|
*/
|
||||||
|
|
||||||
|
/* First: "hash" functions */
|
||||||
|
# define DECLARE_LHASH_HASH_FN(name, o_type) \
|
||||||
|
unsigned long name##_LHASH_HASH(const void *);
|
||||||
|
# define IMPLEMENT_LHASH_HASH_FN(name, o_type) \
|
||||||
|
unsigned long name##_LHASH_HASH(const void *arg) { \
|
||||||
|
const o_type *a = arg; \
|
||||||
|
return name##_hash(a); }
|
||||||
|
# define LHASH_HASH_FN(name) name##_LHASH_HASH
|
||||||
|
|
||||||
|
/* Second: "compare" functions */
|
||||||
|
# define DECLARE_LHASH_COMP_FN(name, o_type) \
|
||||||
|
int name##_LHASH_COMP(const void *, const void *);
|
||||||
|
# define IMPLEMENT_LHASH_COMP_FN(name, o_type) \
|
||||||
|
int name##_LHASH_COMP(const void *arg1, const void *arg2) { \
|
||||||
|
const o_type *a = arg1; \
|
||||||
|
const o_type *b = arg2; \
|
||||||
|
return name##_cmp(a,b); }
|
||||||
|
# define LHASH_COMP_FN(name) name##_LHASH_COMP
|
||||||
|
|
||||||
|
/* Third: "doall" functions */
|
||||||
|
# define DECLARE_LHASH_DOALL_FN(name, o_type) \
|
||||||
|
void name##_LHASH_DOALL(void *);
|
||||||
|
# define IMPLEMENT_LHASH_DOALL_FN(name, o_type) \
|
||||||
|
void name##_LHASH_DOALL(void *arg) { \
|
||||||
|
o_type *a = arg; \
|
||||||
|
name##_doall(a); }
|
||||||
|
# define LHASH_DOALL_FN(name) name##_LHASH_DOALL
|
||||||
|
|
||||||
|
/* Fourth: "doall_arg" functions */
|
||||||
|
# define DECLARE_LHASH_DOALL_ARG_FN(name, o_type, a_type) \
|
||||||
|
void name##_LHASH_DOALL_ARG(void *, void *);
|
||||||
|
# define IMPLEMENT_LHASH_DOALL_ARG_FN(name, o_type, a_type) \
|
||||||
|
void name##_LHASH_DOALL_ARG(void *arg1, void *arg2) { \
|
||||||
|
o_type *a = arg1; \
|
||||||
|
a_type *b = arg2; \
|
||||||
|
name##_doall_arg(a, b); }
|
||||||
|
# define LHASH_DOALL_ARG_FN(name) name##_LHASH_DOALL_ARG
|
||||||
|
|
||||||
|
typedef struct lhash_st {
|
||||||
|
LHASH_NODE **b;
|
||||||
|
LHASH_COMP_FN_TYPE comp;
|
||||||
|
LHASH_HASH_FN_TYPE hash;
|
||||||
|
unsigned int num_nodes;
|
||||||
|
unsigned int num_alloc_nodes;
|
||||||
|
unsigned int p;
|
||||||
|
unsigned int pmax;
|
||||||
|
unsigned long up_load; /* load times 256 */
|
||||||
|
unsigned long down_load; /* load times 256 */
|
||||||
|
unsigned long num_items;
|
||||||
|
unsigned long num_expands;
|
||||||
|
unsigned long num_expand_reallocs;
|
||||||
|
unsigned long num_contracts;
|
||||||
|
unsigned long num_contract_reallocs;
|
||||||
|
unsigned long num_hash_calls;
|
||||||
|
unsigned long num_comp_calls;
|
||||||
|
unsigned long num_insert;
|
||||||
|
unsigned long num_replace;
|
||||||
|
unsigned long num_delete;
|
||||||
|
unsigned long num_no_delete;
|
||||||
|
unsigned long num_retrieve;
|
||||||
|
unsigned long num_retrieve_miss;
|
||||||
|
unsigned long num_hash_comps;
|
||||||
|
int error;
|
||||||
|
} _LHASH; /* Do not use _LHASH directly, use LHASH_OF
|
||||||
|
* and friends */
|
||||||
|
|
||||||
|
# define LH_LOAD_MULT 256
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Indicates a malloc() error in the last call, this is only bad in
|
||||||
|
* lh_insert().
|
||||||
|
*/
|
||||||
|
# define lh_error(lh) ((lh)->error)
|
||||||
|
|
||||||
|
_LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c);
|
||||||
|
void lh_free(_LHASH *lh);
|
||||||
|
void *lh_insert(_LHASH *lh, void *data);
|
||||||
|
void *lh_delete(_LHASH *lh, const void *data);
|
||||||
|
void *lh_retrieve(_LHASH *lh, const void *data);
|
||||||
|
void lh_doall(_LHASH *lh, LHASH_DOALL_FN_TYPE func);
|
||||||
|
void lh_doall_arg(_LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg);
|
||||||
|
unsigned long lh_strhash(const char *c);
|
||||||
|
unsigned long lh_num_items(const _LHASH *lh);
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_FP_API
|
||||||
|
void lh_stats(const _LHASH *lh, FILE *out);
|
||||||
|
void lh_node_stats(const _LHASH *lh, FILE *out);
|
||||||
|
void lh_node_usage_stats(const _LHASH *lh, FILE *out);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_BIO
|
||||||
|
void lh_stats_bio(const _LHASH *lh, BIO *out);
|
||||||
|
void lh_node_stats_bio(const _LHASH *lh, BIO *out);
|
||||||
|
void lh_node_usage_stats_bio(const _LHASH *lh, BIO *out);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* Type checking... */
|
||||||
|
|
||||||
|
# define LHASH_OF(type) struct lhash_st_##type
|
||||||
|
|
||||||
|
# define DECLARE_LHASH_OF(type) LHASH_OF(type) { int dummy; }
|
||||||
|
|
||||||
|
# define CHECKED_LHASH_OF(type,lh) \
|
||||||
|
((_LHASH *)CHECKED_PTR_OF(LHASH_OF(type),lh))
|
||||||
|
|
||||||
|
/* Define wrapper functions. */
|
||||||
|
# define LHM_lh_new(type, name) \
|
||||||
|
((LHASH_OF(type) *)lh_new(LHASH_HASH_FN(name), LHASH_COMP_FN(name)))
|
||||||
|
# define LHM_lh_error(type, lh) \
|
||||||
|
lh_error(CHECKED_LHASH_OF(type,lh))
|
||||||
|
# define LHM_lh_insert(type, lh, inst) \
|
||||||
|
((type *)lh_insert(CHECKED_LHASH_OF(type, lh), \
|
||||||
|
CHECKED_PTR_OF(type, inst)))
|
||||||
|
# define LHM_lh_retrieve(type, lh, inst) \
|
||||||
|
((type *)lh_retrieve(CHECKED_LHASH_OF(type, lh), \
|
||||||
|
CHECKED_PTR_OF(type, inst)))
|
||||||
|
# define LHM_lh_delete(type, lh, inst) \
|
||||||
|
((type *)lh_delete(CHECKED_LHASH_OF(type, lh), \
|
||||||
|
CHECKED_PTR_OF(type, inst)))
|
||||||
|
# define LHM_lh_doall(type, lh,fn) lh_doall(CHECKED_LHASH_OF(type, lh), fn)
|
||||||
|
# define LHM_lh_doall_arg(type, lh, fn, arg_type, arg) \
|
||||||
|
lh_doall_arg(CHECKED_LHASH_OF(type, lh), fn, CHECKED_PTR_OF(arg_type, arg))
|
||||||
|
# define LHM_lh_num_items(type, lh) lh_num_items(CHECKED_LHASH_OF(type, lh))
|
||||||
|
# define LHM_lh_down_load(type, lh) (CHECKED_LHASH_OF(type, lh)->down_load)
|
||||||
|
# define LHM_lh_node_stats_bio(type, lh, out) \
|
||||||
|
lh_node_stats_bio(CHECKED_LHASH_OF(type, lh), out)
|
||||||
|
# define LHM_lh_node_usage_stats_bio(type, lh, out) \
|
||||||
|
lh_node_usage_stats_bio(CHECKED_LHASH_OF(type, lh), out)
|
||||||
|
# define LHM_lh_stats_bio(type, lh, out) \
|
||||||
|
lh_stats_bio(CHECKED_LHASH_OF(type, lh), out)
|
||||||
|
# define LHM_lh_free(type, lh) lh_free(CHECKED_LHASH_OF(type, lh))
|
||||||
|
|
||||||
|
DECLARE_LHASH_OF(OPENSSL_STRING);
|
||||||
|
DECLARE_LHASH_OF(OPENSSL_CSTRING);
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#endif
|
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,259 @@
|
||||||
|
/* opensslconf.h */
|
||||||
|
/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
/* OpenSSL was configured with the following options: */
|
||||||
|
#ifndef OPENSSL_SYSNAME_WIN32
|
||||||
|
# define OPENSSL_SYSNAME_WIN32
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_DOING_MAKEDEPEND
|
||||||
|
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
|
||||||
|
# define OPENSSL_NO_EC_NISTP_64_GCC_128
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_GMP
|
||||||
|
# define OPENSSL_NO_GMP
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_JPAKE
|
||||||
|
# define OPENSSL_NO_JPAKE
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_KRB5
|
||||||
|
# define OPENSSL_NO_KRB5
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_LIBUNBOUND
|
||||||
|
# define OPENSSL_NO_LIBUNBOUND
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_MD2
|
||||||
|
# define OPENSSL_NO_MD2
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_RC5
|
||||||
|
# define OPENSSL_NO_RC5
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_RFC3779
|
||||||
|
# define OPENSSL_NO_RFC3779
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_SCTP
|
||||||
|
# define OPENSSL_NO_SCTP
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_SSL_TRACE
|
||||||
|
# define OPENSSL_NO_SSL_TRACE
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_STORE
|
||||||
|
# define OPENSSL_NO_STORE
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_UNIT_TEST
|
||||||
|
# define OPENSSL_NO_UNIT_TEST
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#endif /* OPENSSL_DOING_MAKEDEPEND */
|
||||||
|
|
||||||
|
#ifndef OPENSSL_THREADS
|
||||||
|
# define OPENSSL_THREADS
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* The OPENSSL_NO_* macros are also defined as NO_* if the application
|
||||||
|
asks for it. This is a transient feature that is provided for those
|
||||||
|
who haven't had the time to do the appropriate changes in their
|
||||||
|
applications. */
|
||||||
|
#ifdef OPENSSL_ALGORITHM_DEFINES
|
||||||
|
# if defined(OPENSSL_NO_EC_NISTP_64_GCC_128) && !defined(NO_EC_NISTP_64_GCC_128)
|
||||||
|
# define NO_EC_NISTP_64_GCC_128
|
||||||
|
# endif
|
||||||
|
# if defined(OPENSSL_NO_GMP) && !defined(NO_GMP)
|
||||||
|
# define NO_GMP
|
||||||
|
# endif
|
||||||
|
# if defined(OPENSSL_NO_JPAKE) && !defined(NO_JPAKE)
|
||||||
|
# define NO_JPAKE
|
||||||
|
# endif
|
||||||
|
# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
|
||||||
|
# define NO_KRB5
|
||||||
|
# endif
|
||||||
|
# if defined(OPENSSL_NO_LIBUNBOUND) && !defined(NO_LIBUNBOUND)
|
||||||
|
# define NO_LIBUNBOUND
|
||||||
|
# endif
|
||||||
|
# if defined(OPENSSL_NO_MD2) && !defined(NO_MD2)
|
||||||
|
# define NO_MD2
|
||||||
|
# endif
|
||||||
|
# if defined(OPENSSL_NO_RC5) && !defined(NO_RC5)
|
||||||
|
# define NO_RC5
|
||||||
|
# endif
|
||||||
|
# if defined(OPENSSL_NO_RFC3779) && !defined(NO_RFC3779)
|
||||||
|
# define NO_RFC3779
|
||||||
|
# endif
|
||||||
|
# if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP)
|
||||||
|
# define NO_SCTP
|
||||||
|
# endif
|
||||||
|
# if defined(OPENSSL_NO_SSL_TRACE) && !defined(NO_SSL_TRACE)
|
||||||
|
# define NO_SSL_TRACE
|
||||||
|
# endif
|
||||||
|
# if defined(OPENSSL_NO_STORE) && !defined(NO_STORE)
|
||||||
|
# define NO_STORE
|
||||||
|
# endif
|
||||||
|
# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST)
|
||||||
|
# define NO_UNIT_TEST
|
||||||
|
# endif
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#define OPENSSL_CPUID_OBJ
|
||||||
|
|
||||||
|
/* crypto/opensslconf.h.in */
|
||||||
|
|
||||||
|
/* Generate 80386 code? */
|
||||||
|
#undef I386_ONLY
|
||||||
|
|
||||||
|
#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
|
||||||
|
#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
|
||||||
|
#define ENGINESDIR "/usr/local/ssl/lib/engines"
|
||||||
|
#define OPENSSLDIR "/usr/local/ssl"
|
||||||
|
#endif
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#undef OPENSSL_UNISTD
|
||||||
|
#define OPENSSL_UNISTD <unistd.h>
|
||||||
|
|
||||||
|
#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
|
||||||
|
#define OPENSSL_EXPORT_VAR_AS_FUNCTION
|
||||||
|
|
||||||
|
#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
|
||||||
|
#define IDEA_INT unsigned int
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(HEADER_MD2_H) && !defined(MD2_INT)
|
||||||
|
#define MD2_INT unsigned int
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(HEADER_RC2_H) && !defined(RC2_INT)
|
||||||
|
/* I need to put in a mod for the alpha - eay */
|
||||||
|
#define RC2_INT unsigned int
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(HEADER_RC4_H)
|
||||||
|
#if !defined(RC4_INT)
|
||||||
|
/* using int types make the structure larger but make the code faster
|
||||||
|
* on most boxes I have tested - up to %20 faster. */
|
||||||
|
/*
|
||||||
|
* I don't know what does "most" mean, but declaring "int" is a must on:
|
||||||
|
* - Intel P6 because partial register stalls are very expensive;
|
||||||
|
* - elder Alpha because it lacks byte load/store instructions;
|
||||||
|
*/
|
||||||
|
#define RC4_INT unsigned int
|
||||||
|
#endif
|
||||||
|
#if !defined(RC4_CHUNK)
|
||||||
|
/*
|
||||||
|
* This enables code handling data aligned at natural CPU word
|
||||||
|
* boundary. See crypto/rc4/rc4_enc.c for further details.
|
||||||
|
*/
|
||||||
|
#undef RC4_CHUNK
|
||||||
|
#endif
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG)
|
||||||
|
/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
|
||||||
|
* %20 speed up (longs are 8 bytes, int's are 4). */
|
||||||
|
#ifndef DES_LONG
|
||||||
|
#define DES_LONG unsigned long
|
||||||
|
#endif
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
|
||||||
|
#define CONFIG_HEADER_BN_H
|
||||||
|
#define BN_LLONG
|
||||||
|
|
||||||
|
/* Should we define BN_DIV2W here? */
|
||||||
|
|
||||||
|
/* Only one for the following should be defined */
|
||||||
|
#undef SIXTY_FOUR_BIT_LONG
|
||||||
|
#undef SIXTY_FOUR_BIT
|
||||||
|
#define THIRTY_TWO_BIT
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
|
||||||
|
#define CONFIG_HEADER_RC4_LOCL_H
|
||||||
|
/* if this is defined data[i] is used instead of *data, this is a %20
|
||||||
|
* speedup on x86 */
|
||||||
|
#define RC4_INDEX
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
|
||||||
|
#define CONFIG_HEADER_BF_LOCL_H
|
||||||
|
#undef BF_PTR
|
||||||
|
#endif /* HEADER_BF_LOCL_H */
|
||||||
|
|
||||||
|
#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
|
||||||
|
#define CONFIG_HEADER_DES_LOCL_H
|
||||||
|
#ifndef DES_DEFAULT_OPTIONS
|
||||||
|
/* the following is tweaked from a config script, that is why it is a
|
||||||
|
* protected undef/define */
|
||||||
|
#ifndef DES_PTR
|
||||||
|
#undef DES_PTR
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* This helps C compiler generate the correct code for multiple functional
|
||||||
|
* units. It reduces register dependancies at the expense of 2 more
|
||||||
|
* registers */
|
||||||
|
#ifndef DES_RISC1
|
||||||
|
#undef DES_RISC1
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef DES_RISC2
|
||||||
|
#undef DES_RISC2
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(DES_RISC1) && defined(DES_RISC2)
|
||||||
|
YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* Unroll the inner loop, this sometimes helps, sometimes hinders.
|
||||||
|
* Very mucy CPU dependant */
|
||||||
|
#ifndef DES_UNROLL
|
||||||
|
#undef DES_UNROLL
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* These default values were supplied by
|
||||||
|
* Peter Gutman <pgut001@cs.auckland.ac.nz>
|
||||||
|
* They are only used if nothing else has been defined */
|
||||||
|
#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
|
||||||
|
/* Special defines which change the way the code is built depending on the
|
||||||
|
CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
|
||||||
|
even newer MIPS CPU's, but at the moment one size fits all for
|
||||||
|
optimization options. Older Sparc's work better with only UNROLL, but
|
||||||
|
there's no way to tell at compile time what it is you're running on */
|
||||||
|
|
||||||
|
#if defined( sun ) /* Newer Sparc's */
|
||||||
|
# define DES_PTR
|
||||||
|
# define DES_RISC1
|
||||||
|
# define DES_UNROLL
|
||||||
|
#elif defined( __ultrix ) /* Older MIPS */
|
||||||
|
# define DES_PTR
|
||||||
|
# define DES_RISC2
|
||||||
|
# define DES_UNROLL
|
||||||
|
#elif defined( __osf1__ ) /* Alpha */
|
||||||
|
# define DES_PTR
|
||||||
|
# define DES_RISC2
|
||||||
|
#elif defined ( _AIX ) /* RS6000 */
|
||||||
|
/* Unknown */
|
||||||
|
#elif defined( __hpux ) /* HP-PA */
|
||||||
|
/* Unknown */
|
||||||
|
#elif defined( __aux ) /* 68K */
|
||||||
|
/* Unknown */
|
||||||
|
#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */
|
||||||
|
# define DES_UNROLL
|
||||||
|
#elif defined( __sgi ) /* Newer MIPS */
|
||||||
|
# define DES_PTR
|
||||||
|
# define DES_RISC2
|
||||||
|
# define DES_UNROLL
|
||||||
|
#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */
|
||||||
|
# define DES_PTR
|
||||||
|
# define DES_RISC1
|
||||||
|
# define DES_UNROLL
|
||||||
|
#endif /* Systems-specific speed defines */
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#endif /* DES_DEFAULT_OPTIONS */
|
||||||
|
#endif /* HEADER_DES_LOCL_H */
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
|
@ -0,0 +1,97 @@
|
||||||
|
#ifndef HEADER_OPENSSLV_H
|
||||||
|
# define HEADER_OPENSSLV_H
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/*-
|
||||||
|
* Numeric release version identifier:
|
||||||
|
* MNNFFPPS: major minor fix patch status
|
||||||
|
* The status nibble has one of the values 0 for development, 1 to e for betas
|
||||||
|
* 1 to 14, and f for release. The patch level is exactly that.
|
||||||
|
* For example:
|
||||||
|
* 0.9.3-dev 0x00903000
|
||||||
|
* 0.9.3-beta1 0x00903001
|
||||||
|
* 0.9.3-beta2-dev 0x00903002
|
||||||
|
* 0.9.3-beta2 0x00903002 (same as ...beta2-dev)
|
||||||
|
* 0.9.3 0x0090300f
|
||||||
|
* 0.9.3a 0x0090301f
|
||||||
|
* 0.9.4 0x0090400f
|
||||||
|
* 1.2.3z 0x102031af
|
||||||
|
*
|
||||||
|
* For continuity reasons (because 0.9.5 is already out, and is coded
|
||||||
|
* 0x00905100), between 0.9.5 and 0.9.6 the coding of the patch level
|
||||||
|
* part is slightly different, by setting the highest bit. This means
|
||||||
|
* that 0.9.5a looks like this: 0x0090581f. At 0.9.6, we can start
|
||||||
|
* with 0x0090600S...
|
||||||
|
*
|
||||||
|
* (Prior to 0.9.3-dev a different scheme was used: 0.9.2b is 0x0922.)
|
||||||
|
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
|
||||||
|
* major minor fix final patch/beta)
|
||||||
|
*/
|
||||||
|
# define OPENSSL_VERSION_NUMBER 0x1000200fL
|
||||||
|
# ifdef OPENSSL_FIPS
|
||||||
|
# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2-fips 22 Jan 2015"
|
||||||
|
# else
|
||||||
|
# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2 22 Jan 2015"
|
||||||
|
# endif
|
||||||
|
# define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
|
||||||
|
|
||||||
|
/*-
|
||||||
|
* The macros below are to be used for shared library (.so, .dll, ...)
|
||||||
|
* versioning. That kind of versioning works a bit differently between
|
||||||
|
* operating systems. The most usual scheme is to set a major and a minor
|
||||||
|
* number, and have the runtime loader check that the major number is equal
|
||||||
|
* to what it was at application link time, while the minor number has to
|
||||||
|
* be greater or equal to what it was at application link time. With this
|
||||||
|
* scheme, the version number is usually part of the file name, like this:
|
||||||
|
*
|
||||||
|
* libcrypto.so.0.9
|
||||||
|
*
|
||||||
|
* Some unixen also make a softlink with the major verson number only:
|
||||||
|
*
|
||||||
|
* libcrypto.so.0
|
||||||
|
*
|
||||||
|
* On Tru64 and IRIX 6.x it works a little bit differently. There, the
|
||||||
|
* shared library version is stored in the file, and is actually a series
|
||||||
|
* of versions, separated by colons. The rightmost version present in the
|
||||||
|
* library when linking an application is stored in the application to be
|
||||||
|
* matched at run time. When the application is run, a check is done to
|
||||||
|
* see if the library version stored in the application matches any of the
|
||||||
|
* versions in the version string of the library itself.
|
||||||
|
* This version string can be constructed in any way, depending on what
|
||||||
|
* kind of matching is desired. However, to implement the same scheme as
|
||||||
|
* the one used in the other unixen, all compatible versions, from lowest
|
||||||
|
* to highest, should be part of the string. Consecutive builds would
|
||||||
|
* give the following versions strings:
|
||||||
|
*
|
||||||
|
* 3.0
|
||||||
|
* 3.0:3.1
|
||||||
|
* 3.0:3.1:3.2
|
||||||
|
* 4.0
|
||||||
|
* 4.0:4.1
|
||||||
|
*
|
||||||
|
* Notice how version 4 is completely incompatible with version, and
|
||||||
|
* therefore give the breach you can see.
|
||||||
|
*
|
||||||
|
* There may be other schemes as well that I haven't yet discovered.
|
||||||
|
*
|
||||||
|
* So, here's the way it works here: first of all, the library version
|
||||||
|
* number doesn't need at all to match the overall OpenSSL version.
|
||||||
|
* However, it's nice and more understandable if it actually does.
|
||||||
|
* The current library version is stored in the macro SHLIB_VERSION_NUMBER,
|
||||||
|
* which is just a piece of text in the format "M.m.e" (Major, minor, edit).
|
||||||
|
* For the sake of Tru64, IRIX, and any other OS that behaves in similar ways,
|
||||||
|
* we need to keep a history of version numbers, which is done in the
|
||||||
|
* macro SHLIB_VERSION_HISTORY. The numbers are separated by colons and
|
||||||
|
* should only keep the versions that are binary compatible with the current.
|
||||||
|
*/
|
||||||
|
# define SHLIB_VERSION_HISTORY ""
|
||||||
|
# define SHLIB_VERSION_NUMBER "1.0.0"
|
||||||
|
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif /* HEADER_OPENSSLV_H */
|
|
@ -0,0 +1,211 @@
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* openssl-core@openssl.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_OPENSSL_TYPES_H
|
||||||
|
# define HEADER_OPENSSL_TYPES_H
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
# include <openssl/e_os2.h>
|
||||||
|
|
||||||
|
# ifdef NO_ASN1_TYPEDEFS
|
||||||
|
# define ASN1_INTEGER ASN1_STRING
|
||||||
|
# define ASN1_ENUMERATED ASN1_STRING
|
||||||
|
# define ASN1_BIT_STRING ASN1_STRING
|
||||||
|
# define ASN1_OCTET_STRING ASN1_STRING
|
||||||
|
# define ASN1_PRINTABLESTRING ASN1_STRING
|
||||||
|
# define ASN1_T61STRING ASN1_STRING
|
||||||
|
# define ASN1_IA5STRING ASN1_STRING
|
||||||
|
# define ASN1_UTCTIME ASN1_STRING
|
||||||
|
# define ASN1_GENERALIZEDTIME ASN1_STRING
|
||||||
|
# define ASN1_TIME ASN1_STRING
|
||||||
|
# define ASN1_GENERALSTRING ASN1_STRING
|
||||||
|
# define ASN1_UNIVERSALSTRING ASN1_STRING
|
||||||
|
# define ASN1_BMPSTRING ASN1_STRING
|
||||||
|
# define ASN1_VISIBLESTRING ASN1_STRING
|
||||||
|
# define ASN1_UTF8STRING ASN1_STRING
|
||||||
|
# define ASN1_BOOLEAN int
|
||||||
|
# define ASN1_NULL int
|
||||||
|
# else
|
||||||
|
typedef struct asn1_string_st ASN1_INTEGER;
|
||||||
|
typedef struct asn1_string_st ASN1_ENUMERATED;
|
||||||
|
typedef struct asn1_string_st ASN1_BIT_STRING;
|
||||||
|
typedef struct asn1_string_st ASN1_OCTET_STRING;
|
||||||
|
typedef struct asn1_string_st ASN1_PRINTABLESTRING;
|
||||||
|
typedef struct asn1_string_st ASN1_T61STRING;
|
||||||
|
typedef struct asn1_string_st ASN1_IA5STRING;
|
||||||
|
typedef struct asn1_string_st ASN1_GENERALSTRING;
|
||||||
|
typedef struct asn1_string_st ASN1_UNIVERSALSTRING;
|
||||||
|
typedef struct asn1_string_st ASN1_BMPSTRING;
|
||||||
|
typedef struct asn1_string_st ASN1_UTCTIME;
|
||||||
|
typedef struct asn1_string_st ASN1_TIME;
|
||||||
|
typedef struct asn1_string_st ASN1_GENERALIZEDTIME;
|
||||||
|
typedef struct asn1_string_st ASN1_VISIBLESTRING;
|
||||||
|
typedef struct asn1_string_st ASN1_UTF8STRING;
|
||||||
|
typedef struct asn1_string_st ASN1_STRING;
|
||||||
|
typedef int ASN1_BOOLEAN;
|
||||||
|
typedef int ASN1_NULL;
|
||||||
|
# endif
|
||||||
|
|
||||||
|
typedef struct asn1_object_st ASN1_OBJECT;
|
||||||
|
|
||||||
|
typedef struct ASN1_ITEM_st ASN1_ITEM;
|
||||||
|
typedef struct asn1_pctx_st ASN1_PCTX;
|
||||||
|
|
||||||
|
# ifdef OPENSSL_SYS_WIN32
|
||||||
|
# undef X509_NAME
|
||||||
|
# undef X509_EXTENSIONS
|
||||||
|
# undef X509_CERT_PAIR
|
||||||
|
# undef PKCS7_ISSUER_AND_SERIAL
|
||||||
|
# undef OCSP_REQUEST
|
||||||
|
# undef OCSP_RESPONSE
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifdef BIGNUM
|
||||||
|
# undef BIGNUM
|
||||||
|
# endif
|
||||||
|
typedef struct bignum_st BIGNUM;
|
||||||
|
typedef struct bignum_ctx BN_CTX;
|
||||||
|
typedef struct bn_blinding_st BN_BLINDING;
|
||||||
|
typedef struct bn_mont_ctx_st BN_MONT_CTX;
|
||||||
|
typedef struct bn_recp_ctx_st BN_RECP_CTX;
|
||||||
|
typedef struct bn_gencb_st BN_GENCB;
|
||||||
|
|
||||||
|
typedef struct buf_mem_st BUF_MEM;
|
||||||
|
|
||||||
|
typedef struct evp_cipher_st EVP_CIPHER;
|
||||||
|
typedef struct evp_cipher_ctx_st EVP_CIPHER_CTX;
|
||||||
|
typedef struct env_md_st EVP_MD;
|
||||||
|
typedef struct env_md_ctx_st EVP_MD_CTX;
|
||||||
|
typedef struct evp_pkey_st EVP_PKEY;
|
||||||
|
|
||||||
|
typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
|
||||||
|
|
||||||
|
typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
|
||||||
|
typedef struct evp_pkey_ctx_st EVP_PKEY_CTX;
|
||||||
|
|
||||||
|
typedef struct dh_st DH;
|
||||||
|
typedef struct dh_method DH_METHOD;
|
||||||
|
|
||||||
|
typedef struct dsa_st DSA;
|
||||||
|
typedef struct dsa_method DSA_METHOD;
|
||||||
|
|
||||||
|
typedef struct rsa_st RSA;
|
||||||
|
typedef struct rsa_meth_st RSA_METHOD;
|
||||||
|
|
||||||
|
typedef struct rand_meth_st RAND_METHOD;
|
||||||
|
|
||||||
|
typedef struct ecdh_method ECDH_METHOD;
|
||||||
|
typedef struct ecdsa_method ECDSA_METHOD;
|
||||||
|
|
||||||
|
typedef struct x509_st X509;
|
||||||
|
typedef struct X509_algor_st X509_ALGOR;
|
||||||
|
typedef struct X509_crl_st X509_CRL;
|
||||||
|
typedef struct x509_crl_method_st X509_CRL_METHOD;
|
||||||
|
typedef struct x509_revoked_st X509_REVOKED;
|
||||||
|
typedef struct X509_name_st X509_NAME;
|
||||||
|
typedef struct X509_pubkey_st X509_PUBKEY;
|
||||||
|
typedef struct x509_store_st X509_STORE;
|
||||||
|
typedef struct x509_store_ctx_st X509_STORE_CTX;
|
||||||
|
|
||||||
|
typedef struct pkcs8_priv_key_info_st PKCS8_PRIV_KEY_INFO;
|
||||||
|
|
||||||
|
typedef struct v3_ext_ctx X509V3_CTX;
|
||||||
|
typedef struct conf_st CONF;
|
||||||
|
|
||||||
|
typedef struct store_st STORE;
|
||||||
|
typedef struct store_method_st STORE_METHOD;
|
||||||
|
|
||||||
|
typedef struct ui_st UI;
|
||||||
|
typedef struct ui_method_st UI_METHOD;
|
||||||
|
|
||||||
|
typedef struct st_ERR_FNS ERR_FNS;
|
||||||
|
|
||||||
|
typedef struct engine_st ENGINE;
|
||||||
|
typedef struct ssl_st SSL;
|
||||||
|
typedef struct ssl_ctx_st SSL_CTX;
|
||||||
|
|
||||||
|
typedef struct X509_POLICY_NODE_st X509_POLICY_NODE;
|
||||||
|
typedef struct X509_POLICY_LEVEL_st X509_POLICY_LEVEL;
|
||||||
|
typedef struct X509_POLICY_TREE_st X509_POLICY_TREE;
|
||||||
|
typedef struct X509_POLICY_CACHE_st X509_POLICY_CACHE;
|
||||||
|
|
||||||
|
typedef struct AUTHORITY_KEYID_st AUTHORITY_KEYID;
|
||||||
|
typedef struct DIST_POINT_st DIST_POINT;
|
||||||
|
typedef struct ISSUING_DIST_POINT_st ISSUING_DIST_POINT;
|
||||||
|
typedef struct NAME_CONSTRAINTS_st NAME_CONSTRAINTS;
|
||||||
|
|
||||||
|
/* If placed in pkcs12.h, we end up with a circular depency with pkcs7.h */
|
||||||
|
# define DECLARE_PKCS12_STACK_OF(type)/* Nothing */
|
||||||
|
# define IMPLEMENT_PKCS12_STACK_OF(type)/* Nothing */
|
||||||
|
|
||||||
|
typedef struct crypto_ex_data_st CRYPTO_EX_DATA;
|
||||||
|
/* Callback types for crypto.h */
|
||||||
|
typedef int CRYPTO_EX_new (void *parent, void *ptr, CRYPTO_EX_DATA *ad,
|
||||||
|
int idx, long argl, void *argp);
|
||||||
|
typedef void CRYPTO_EX_free (void *parent, void *ptr, CRYPTO_EX_DATA *ad,
|
||||||
|
int idx, long argl, void *argp);
|
||||||
|
typedef int CRYPTO_EX_dup (CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from,
|
||||||
|
void *from_d, int idx, long argl, void *argp);
|
||||||
|
|
||||||
|
typedef struct ocsp_req_ctx_st OCSP_REQ_CTX;
|
||||||
|
typedef struct ocsp_response_st OCSP_RESPONSE;
|
||||||
|
typedef struct ocsp_responder_id_st OCSP_RESPID;
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif /* def HEADER_OPENSSL_TYPES_H */
|
|
@ -0,0 +1,615 @@
|
||||||
|
/* crypto/pem/pem.h */
|
||||||
|
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_PEM_H
|
||||||
|
# define HEADER_PEM_H
|
||||||
|
|
||||||
|
# include <openssl/e_os2.h>
|
||||||
|
# ifndef OPENSSL_NO_BIO
|
||||||
|
# include <openssl/bio.h>
|
||||||
|
# endif
|
||||||
|
# ifndef OPENSSL_NO_STACK
|
||||||
|
# include <openssl/stack.h>
|
||||||
|
# endif
|
||||||
|
# include <openssl/evp.h>
|
||||||
|
# include <openssl/x509.h>
|
||||||
|
# include <openssl/pem2.h>
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
# define PEM_BUFSIZE 1024
|
||||||
|
|
||||||
|
# define PEM_OBJ_UNDEF 0
|
||||||
|
# define PEM_OBJ_X509 1
|
||||||
|
# define PEM_OBJ_X509_REQ 2
|
||||||
|
# define PEM_OBJ_CRL 3
|
||||||
|
# define PEM_OBJ_SSL_SESSION 4
|
||||||
|
# define PEM_OBJ_PRIV_KEY 10
|
||||||
|
# define PEM_OBJ_PRIV_RSA 11
|
||||||
|
# define PEM_OBJ_PRIV_DSA 12
|
||||||
|
# define PEM_OBJ_PRIV_DH 13
|
||||||
|
# define PEM_OBJ_PUB_RSA 14
|
||||||
|
# define PEM_OBJ_PUB_DSA 15
|
||||||
|
# define PEM_OBJ_PUB_DH 16
|
||||||
|
# define PEM_OBJ_DHPARAMS 17
|
||||||
|
# define PEM_OBJ_DSAPARAMS 18
|
||||||
|
# define PEM_OBJ_PRIV_RSA_PUBLIC 19
|
||||||
|
# define PEM_OBJ_PRIV_ECDSA 20
|
||||||
|
# define PEM_OBJ_PUB_ECDSA 21
|
||||||
|
# define PEM_OBJ_ECPARAMETERS 22
|
||||||
|
|
||||||
|
# define PEM_ERROR 30
|
||||||
|
# define PEM_DEK_DES_CBC 40
|
||||||
|
# define PEM_DEK_IDEA_CBC 45
|
||||||
|
# define PEM_DEK_DES_EDE 50
|
||||||
|
# define PEM_DEK_DES_ECB 60
|
||||||
|
# define PEM_DEK_RSA 70
|
||||||
|
# define PEM_DEK_RSA_MD2 80
|
||||||
|
# define PEM_DEK_RSA_MD5 90
|
||||||
|
|
||||||
|
# define PEM_MD_MD2 NID_md2
|
||||||
|
# define PEM_MD_MD5 NID_md5
|
||||||
|
# define PEM_MD_SHA NID_sha
|
||||||
|
# define PEM_MD_MD2_RSA NID_md2WithRSAEncryption
|
||||||
|
# define PEM_MD_MD5_RSA NID_md5WithRSAEncryption
|
||||||
|
# define PEM_MD_SHA_RSA NID_sha1WithRSAEncryption
|
||||||
|
|
||||||
|
# define PEM_STRING_X509_OLD "X509 CERTIFICATE"
|
||||||
|
# define PEM_STRING_X509 "CERTIFICATE"
|
||||||
|
# define PEM_STRING_X509_PAIR "CERTIFICATE PAIR"
|
||||||
|
# define PEM_STRING_X509_TRUSTED "TRUSTED CERTIFICATE"
|
||||||
|
# define PEM_STRING_X509_REQ_OLD "NEW CERTIFICATE REQUEST"
|
||||||
|
# define PEM_STRING_X509_REQ "CERTIFICATE REQUEST"
|
||||||
|
# define PEM_STRING_X509_CRL "X509 CRL"
|
||||||
|
# define PEM_STRING_EVP_PKEY "ANY PRIVATE KEY"
|
||||||
|
# define PEM_STRING_PUBLIC "PUBLIC KEY"
|
||||||
|
# define PEM_STRING_RSA "RSA PRIVATE KEY"
|
||||||
|
# define PEM_STRING_RSA_PUBLIC "RSA PUBLIC KEY"
|
||||||
|
# define PEM_STRING_DSA "DSA PRIVATE KEY"
|
||||||
|
# define PEM_STRING_DSA_PUBLIC "DSA PUBLIC KEY"
|
||||||
|
# define PEM_STRING_PKCS7 "PKCS7"
|
||||||
|
# define PEM_STRING_PKCS7_SIGNED "PKCS #7 SIGNED DATA"
|
||||||
|
# define PEM_STRING_PKCS8 "ENCRYPTED PRIVATE KEY"
|
||||||
|
# define PEM_STRING_PKCS8INF "PRIVATE KEY"
|
||||||
|
# define PEM_STRING_DHPARAMS "DH PARAMETERS"
|
||||||
|
# define PEM_STRING_DHXPARAMS "X9.42 DH PARAMETERS"
|
||||||
|
# define PEM_STRING_SSL_SESSION "SSL SESSION PARAMETERS"
|
||||||
|
# define PEM_STRING_DSAPARAMS "DSA PARAMETERS"
|
||||||
|
# define PEM_STRING_ECDSA_PUBLIC "ECDSA PUBLIC KEY"
|
||||||
|
# define PEM_STRING_ECPARAMETERS "EC PARAMETERS"
|
||||||
|
# define PEM_STRING_ECPRIVATEKEY "EC PRIVATE KEY"
|
||||||
|
# define PEM_STRING_PARAMETERS "PARAMETERS"
|
||||||
|
# define PEM_STRING_CMS "CMS"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Note that this structure is initialised by PEM_SealInit and cleaned up
|
||||||
|
* by PEM_SealFinal (at least for now)
|
||||||
|
*/
|
||||||
|
typedef struct PEM_Encode_Seal_st {
|
||||||
|
EVP_ENCODE_CTX encode;
|
||||||
|
EVP_MD_CTX md;
|
||||||
|
EVP_CIPHER_CTX cipher;
|
||||||
|
} PEM_ENCODE_SEAL_CTX;
|
||||||
|
|
||||||
|
/* enc_type is one off */
|
||||||
|
# define PEM_TYPE_ENCRYPTED 10
|
||||||
|
# define PEM_TYPE_MIC_ONLY 20
|
||||||
|
# define PEM_TYPE_MIC_CLEAR 30
|
||||||
|
# define PEM_TYPE_CLEAR 40
|
||||||
|
|
||||||
|
typedef struct pem_recip_st {
|
||||||
|
char *name;
|
||||||
|
X509_NAME *dn;
|
||||||
|
int cipher;
|
||||||
|
int key_enc;
|
||||||
|
/* char iv[8]; unused and wrong size */
|
||||||
|
} PEM_USER;
|
||||||
|
|
||||||
|
typedef struct pem_ctx_st {
|
||||||
|
int type; /* what type of object */
|
||||||
|
struct {
|
||||||
|
int version;
|
||||||
|
int mode;
|
||||||
|
} proc_type;
|
||||||
|
|
||||||
|
char *domain;
|
||||||
|
|
||||||
|
struct {
|
||||||
|
int cipher;
|
||||||
|
/*-
|
||||||
|
unused, and wrong size
|
||||||
|
unsigned char iv[8]; */
|
||||||
|
} DEK_info;
|
||||||
|
|
||||||
|
PEM_USER *originator;
|
||||||
|
|
||||||
|
int num_recipient;
|
||||||
|
PEM_USER **recipient;
|
||||||
|
/*-
|
||||||
|
XXX(ben): don#t think this is used!
|
||||||
|
STACK *x509_chain; / * certificate chain */
|
||||||
|
EVP_MD *md; /* signature type */
|
||||||
|
|
||||||
|
int md_enc; /* is the md encrypted or not? */
|
||||||
|
int md_len; /* length of md_data */
|
||||||
|
char *md_data; /* message digest, could be pkey encrypted */
|
||||||
|
|
||||||
|
EVP_CIPHER *dec; /* date encryption cipher */
|
||||||
|
int key_len; /* key length */
|
||||||
|
unsigned char *key; /* key */
|
||||||
|
/*-
|
||||||
|
unused, and wrong size
|
||||||
|
unsigned char iv[8]; */
|
||||||
|
|
||||||
|
int data_enc; /* is the data encrypted */
|
||||||
|
int data_len;
|
||||||
|
unsigned char *data;
|
||||||
|
} PEM_CTX;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* These macros make the PEM_read/PEM_write functions easier to maintain and
|
||||||
|
* write. Now they are all implemented with either: IMPLEMENT_PEM_rw(...) or
|
||||||
|
* IMPLEMENT_PEM_rw_cb(...)
|
||||||
|
*/
|
||||||
|
|
||||||
|
# ifdef OPENSSL_NO_FP_API
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_read_fp(name, type, str, asn1) /**/
|
||||||
|
# define IMPLEMENT_PEM_write_fp(name, type, str, asn1) /**/
|
||||||
|
# define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) /**/
|
||||||
|
# define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) /**/
|
||||||
|
# define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) /**/
|
||||||
|
# else
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \
|
||||||
|
type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u)\
|
||||||
|
{ \
|
||||||
|
return PEM_ASN1_read((d2i_of_void *)d2i_##asn1, str,fp,(void **)x,cb,u); \
|
||||||
|
}
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \
|
||||||
|
int PEM_write_##name(FILE *fp, type *x) \
|
||||||
|
{ \
|
||||||
|
return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,NULL,NULL,0,NULL,NULL); \
|
||||||
|
}
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) \
|
||||||
|
int PEM_write_##name(FILE *fp, const type *x) \
|
||||||
|
{ \
|
||||||
|
return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,(void *)x,NULL,NULL,0,NULL,NULL); \
|
||||||
|
}
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \
|
||||||
|
int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
|
||||||
|
unsigned char *kstr, int klen, pem_password_cb *cb, \
|
||||||
|
void *u) \
|
||||||
|
{ \
|
||||||
|
return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \
|
||||||
|
}
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) \
|
||||||
|
int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
|
||||||
|
unsigned char *kstr, int klen, pem_password_cb *cb, \
|
||||||
|
void *u) \
|
||||||
|
{ \
|
||||||
|
return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \
|
||||||
|
}
|
||||||
|
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
|
||||||
|
type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u)\
|
||||||
|
{ \
|
||||||
|
return PEM_ASN1_read_bio((d2i_of_void *)d2i_##asn1, str,bp,(void **)x,cb,u); \
|
||||||
|
}
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
|
||||||
|
int PEM_write_bio_##name(BIO *bp, type *x) \
|
||||||
|
{ \
|
||||||
|
return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,NULL,NULL,0,NULL,NULL); \
|
||||||
|
}
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \
|
||||||
|
int PEM_write_bio_##name(BIO *bp, const type *x) \
|
||||||
|
{ \
|
||||||
|
return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,NULL,NULL,0,NULL,NULL); \
|
||||||
|
}
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
|
||||||
|
int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
|
||||||
|
unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
|
||||||
|
{ \
|
||||||
|
return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,enc,kstr,klen,cb,u); \
|
||||||
|
}
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \
|
||||||
|
int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
|
||||||
|
unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
|
||||||
|
{ \
|
||||||
|
return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,enc,kstr,klen,cb,u); \
|
||||||
|
}
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_write(name, type, str, asn1) \
|
||||||
|
IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
|
||||||
|
IMPLEMENT_PEM_write_fp(name, type, str, asn1)
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_write_const(name, type, str, asn1) \
|
||||||
|
IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \
|
||||||
|
IMPLEMENT_PEM_write_fp_const(name, type, str, asn1)
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_write_cb(name, type, str, asn1) \
|
||||||
|
IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
|
||||||
|
IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1)
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_write_cb_const(name, type, str, asn1) \
|
||||||
|
IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \
|
||||||
|
IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1)
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_read(name, type, str, asn1) \
|
||||||
|
IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
|
||||||
|
IMPLEMENT_PEM_read_fp(name, type, str, asn1)
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_rw(name, type, str, asn1) \
|
||||||
|
IMPLEMENT_PEM_read(name, type, str, asn1) \
|
||||||
|
IMPLEMENT_PEM_write(name, type, str, asn1)
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_rw_const(name, type, str, asn1) \
|
||||||
|
IMPLEMENT_PEM_read(name, type, str, asn1) \
|
||||||
|
IMPLEMENT_PEM_write_const(name, type, str, asn1)
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_rw_cb(name, type, str, asn1) \
|
||||||
|
IMPLEMENT_PEM_read(name, type, str, asn1) \
|
||||||
|
IMPLEMENT_PEM_write_cb(name, type, str, asn1)
|
||||||
|
|
||||||
|
/* These are the same except they are for the declarations */
|
||||||
|
|
||||||
|
# if defined(OPENSSL_NO_FP_API)
|
||||||
|
|
||||||
|
# define DECLARE_PEM_read_fp(name, type) /**/
|
||||||
|
# define DECLARE_PEM_write_fp(name, type) /**/
|
||||||
|
# define DECLARE_PEM_write_cb_fp(name, type) /**/
|
||||||
|
# else
|
||||||
|
|
||||||
|
# define DECLARE_PEM_read_fp(name, type) \
|
||||||
|
type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u);
|
||||||
|
|
||||||
|
# define DECLARE_PEM_write_fp(name, type) \
|
||||||
|
int PEM_write_##name(FILE *fp, type *x);
|
||||||
|
|
||||||
|
# define DECLARE_PEM_write_fp_const(name, type) \
|
||||||
|
int PEM_write_##name(FILE *fp, const type *x);
|
||||||
|
|
||||||
|
# define DECLARE_PEM_write_cb_fp(name, type) \
|
||||||
|
int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
|
||||||
|
unsigned char *kstr, int klen, pem_password_cb *cb, void *u);
|
||||||
|
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_BIO
|
||||||
|
# define DECLARE_PEM_read_bio(name, type) \
|
||||||
|
type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u);
|
||||||
|
|
||||||
|
# define DECLARE_PEM_write_bio(name, type) \
|
||||||
|
int PEM_write_bio_##name(BIO *bp, type *x);
|
||||||
|
|
||||||
|
# define DECLARE_PEM_write_bio_const(name, type) \
|
||||||
|
int PEM_write_bio_##name(BIO *bp, const type *x);
|
||||||
|
|
||||||
|
# define DECLARE_PEM_write_cb_bio(name, type) \
|
||||||
|
int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
|
||||||
|
unsigned char *kstr, int klen, pem_password_cb *cb, void *u);
|
||||||
|
|
||||||
|
# else
|
||||||
|
|
||||||
|
# define DECLARE_PEM_read_bio(name, type) /**/
|
||||||
|
# define DECLARE_PEM_write_bio(name, type) /**/
|
||||||
|
# define DECLARE_PEM_write_bio_const(name, type) /**/
|
||||||
|
# define DECLARE_PEM_write_cb_bio(name, type) /**/
|
||||||
|
# endif
|
||||||
|
# define DECLARE_PEM_write(name, type) \
|
||||||
|
DECLARE_PEM_write_bio(name, type) \
|
||||||
|
DECLARE_PEM_write_fp(name, type)
|
||||||
|
# define DECLARE_PEM_write_const(name, type) \
|
||||||
|
DECLARE_PEM_write_bio_const(name, type) \
|
||||||
|
DECLARE_PEM_write_fp_const(name, type)
|
||||||
|
# define DECLARE_PEM_write_cb(name, type) \
|
||||||
|
DECLARE_PEM_write_cb_bio(name, type) \
|
||||||
|
DECLARE_PEM_write_cb_fp(name, type)
|
||||||
|
# define DECLARE_PEM_read(name, type) \
|
||||||
|
DECLARE_PEM_read_bio(name, type) \
|
||||||
|
DECLARE_PEM_read_fp(name, type)
|
||||||
|
# define DECLARE_PEM_rw(name, type) \
|
||||||
|
DECLARE_PEM_read(name, type) \
|
||||||
|
DECLARE_PEM_write(name, type)
|
||||||
|
# define DECLARE_PEM_rw_const(name, type) \
|
||||||
|
DECLARE_PEM_read(name, type) \
|
||||||
|
DECLARE_PEM_write_const(name, type)
|
||||||
|
# define DECLARE_PEM_rw_cb(name, type) \
|
||||||
|
DECLARE_PEM_read(name, type) \
|
||||||
|
DECLARE_PEM_write_cb(name, type)
|
||||||
|
# if 1
|
||||||
|
/* "userdata": new with OpenSSL 0.9.4 */
|
||||||
|
typedef int pem_password_cb (char *buf, int size, int rwflag, void *userdata);
|
||||||
|
# else
|
||||||
|
/* OpenSSL 0.9.3, 0.9.3a */
|
||||||
|
typedef int pem_password_cb (char *buf, int size, int rwflag);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher);
|
||||||
|
int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *len,
|
||||||
|
pem_password_cb *callback, void *u);
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_BIO
|
||||||
|
int PEM_read_bio(BIO *bp, char **name, char **header,
|
||||||
|
unsigned char **data, long *len);
|
||||||
|
int PEM_write_bio(BIO *bp, const char *name, const char *hdr,
|
||||||
|
const unsigned char *data, long len);
|
||||||
|
int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm,
|
||||||
|
const char *name, BIO *bp, pem_password_cb *cb,
|
||||||
|
void *u);
|
||||||
|
void *PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp, void **x,
|
||||||
|
pem_password_cb *cb, void *u);
|
||||||
|
int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x,
|
||||||
|
const EVP_CIPHER *enc, unsigned char *kstr, int klen,
|
||||||
|
pem_password_cb *cb, void *u);
|
||||||
|
|
||||||
|
STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk,
|
||||||
|
pem_password_cb *cb, void *u);
|
||||||
|
int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
|
||||||
|
unsigned char *kstr, int klen,
|
||||||
|
pem_password_cb *cd, void *u);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
int PEM_read(FILE *fp, char **name, char **header,
|
||||||
|
unsigned char **data, long *len);
|
||||||
|
int PEM_write(FILE *fp, const char *name, const char *hdr,
|
||||||
|
const unsigned char *data, long len);
|
||||||
|
void *PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x,
|
||||||
|
pem_password_cb *cb, void *u);
|
||||||
|
int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp,
|
||||||
|
void *x, const EVP_CIPHER *enc, unsigned char *kstr,
|
||||||
|
int klen, pem_password_cb *callback, void *u);
|
||||||
|
STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk,
|
||||||
|
pem_password_cb *cb, void *u);
|
||||||
|
|
||||||
|
int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type,
|
||||||
|
EVP_MD *md_type, unsigned char **ek, int *ekl,
|
||||||
|
unsigned char *iv, EVP_PKEY **pubk, int npubk);
|
||||||
|
void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
|
||||||
|
unsigned char *in, int inl);
|
||||||
|
int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
|
||||||
|
unsigned char *out, int *outl, EVP_PKEY *priv);
|
||||||
|
|
||||||
|
void PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type);
|
||||||
|
void PEM_SignUpdate(EVP_MD_CTX *ctx, unsigned char *d, unsigned int cnt);
|
||||||
|
int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
|
||||||
|
unsigned int *siglen, EVP_PKEY *pkey);
|
||||||
|
|
||||||
|
int PEM_def_callback(char *buf, int num, int w, void *key);
|
||||||
|
void PEM_proc_type(char *buf, int type);
|
||||||
|
void PEM_dek_info(char *buf, const char *type, int len, char *str);
|
||||||
|
|
||||||
|
# include <openssl/symhacks.h>
|
||||||
|
|
||||||
|
DECLARE_PEM_rw(X509, X509)
|
||||||
|
DECLARE_PEM_rw(X509_AUX, X509)
|
||||||
|
DECLARE_PEM_rw(X509_CERT_PAIR, X509_CERT_PAIR)
|
||||||
|
DECLARE_PEM_rw(X509_REQ, X509_REQ)
|
||||||
|
DECLARE_PEM_write(X509_REQ_NEW, X509_REQ)
|
||||||
|
DECLARE_PEM_rw(X509_CRL, X509_CRL)
|
||||||
|
DECLARE_PEM_rw(PKCS7, PKCS7)
|
||||||
|
DECLARE_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE)
|
||||||
|
DECLARE_PEM_rw(PKCS8, X509_SIG)
|
||||||
|
DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO)
|
||||||
|
# ifndef OPENSSL_NO_RSA
|
||||||
|
DECLARE_PEM_rw_cb(RSAPrivateKey, RSA)
|
||||||
|
DECLARE_PEM_rw_const(RSAPublicKey, RSA)
|
||||||
|
DECLARE_PEM_rw(RSA_PUBKEY, RSA)
|
||||||
|
# endif
|
||||||
|
# ifndef OPENSSL_NO_DSA
|
||||||
|
DECLARE_PEM_rw_cb(DSAPrivateKey, DSA)
|
||||||
|
DECLARE_PEM_rw(DSA_PUBKEY, DSA)
|
||||||
|
DECLARE_PEM_rw_const(DSAparams, DSA)
|
||||||
|
# endif
|
||||||
|
# ifndef OPENSSL_NO_EC
|
||||||
|
DECLARE_PEM_rw_const(ECPKParameters, EC_GROUP)
|
||||||
|
DECLARE_PEM_rw_cb(ECPrivateKey, EC_KEY)
|
||||||
|
DECLARE_PEM_rw(EC_PUBKEY, EC_KEY)
|
||||||
|
# endif
|
||||||
|
# ifndef OPENSSL_NO_DH
|
||||||
|
DECLARE_PEM_rw_const(DHparams, DH)
|
||||||
|
DECLARE_PEM_write_const(DHxparams, DH)
|
||||||
|
# endif
|
||||||
|
DECLARE_PEM_rw_cb(PrivateKey, EVP_PKEY)
|
||||||
|
DECLARE_PEM_rw(PUBKEY, EVP_PKEY)
|
||||||
|
|
||||||
|
int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
|
||||||
|
char *kstr, int klen,
|
||||||
|
pem_password_cb *cb, void *u);
|
||||||
|
int PEM_write_bio_PKCS8PrivateKey(BIO *, EVP_PKEY *, const EVP_CIPHER *,
|
||||||
|
char *, int, pem_password_cb *, void *);
|
||||||
|
int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
|
||||||
|
char *kstr, int klen,
|
||||||
|
pem_password_cb *cb, void *u);
|
||||||
|
int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
|
||||||
|
char *kstr, int klen,
|
||||||
|
pem_password_cb *cb, void *u);
|
||||||
|
EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
|
||||||
|
void *u);
|
||||||
|
|
||||||
|
int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
|
||||||
|
char *kstr, int klen,
|
||||||
|
pem_password_cb *cb, void *u);
|
||||||
|
int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid,
|
||||||
|
char *kstr, int klen,
|
||||||
|
pem_password_cb *cb, void *u);
|
||||||
|
int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
|
||||||
|
char *kstr, int klen,
|
||||||
|
pem_password_cb *cb, void *u);
|
||||||
|
|
||||||
|
EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb,
|
||||||
|
void *u);
|
||||||
|
|
||||||
|
int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
|
||||||
|
char *kstr, int klen, pem_password_cb *cd,
|
||||||
|
void *u);
|
||||||
|
|
||||||
|
EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x);
|
||||||
|
int PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x);
|
||||||
|
|
||||||
|
EVP_PKEY *b2i_PrivateKey(const unsigned char **in, long length);
|
||||||
|
EVP_PKEY *b2i_PublicKey(const unsigned char **in, long length);
|
||||||
|
EVP_PKEY *b2i_PrivateKey_bio(BIO *in);
|
||||||
|
EVP_PKEY *b2i_PublicKey_bio(BIO *in);
|
||||||
|
int i2b_PrivateKey_bio(BIO *out, EVP_PKEY *pk);
|
||||||
|
int i2b_PublicKey_bio(BIO *out, EVP_PKEY *pk);
|
||||||
|
# ifndef OPENSSL_NO_RC4
|
||||||
|
EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u);
|
||||||
|
int i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel,
|
||||||
|
pem_password_cb *cb, void *u);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* BEGIN ERROR CODES */
|
||||||
|
/*
|
||||||
|
* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||||
|
* made after this point may be overwritten when the script is next run.
|
||||||
|
*/
|
||||||
|
void ERR_load_PEM_strings(void);
|
||||||
|
|
||||||
|
/* Error codes for the PEM functions. */
|
||||||
|
|
||||||
|
/* Function codes. */
|
||||||
|
# define PEM_F_B2I_DSS 127
|
||||||
|
# define PEM_F_B2I_PVK_BIO 128
|
||||||
|
# define PEM_F_B2I_RSA 129
|
||||||
|
# define PEM_F_CHECK_BITLEN_DSA 130
|
||||||
|
# define PEM_F_CHECK_BITLEN_RSA 131
|
||||||
|
# define PEM_F_D2I_PKCS8PRIVATEKEY_BIO 120
|
||||||
|
# define PEM_F_D2I_PKCS8PRIVATEKEY_FP 121
|
||||||
|
# define PEM_F_DO_B2I 132
|
||||||
|
# define PEM_F_DO_B2I_BIO 133
|
||||||
|
# define PEM_F_DO_BLOB_HEADER 134
|
||||||
|
# define PEM_F_DO_PK8PKEY 126
|
||||||
|
# define PEM_F_DO_PK8PKEY_FP 125
|
||||||
|
# define PEM_F_DO_PVK_BODY 135
|
||||||
|
# define PEM_F_DO_PVK_HEADER 136
|
||||||
|
# define PEM_F_I2B_PVK 137
|
||||||
|
# define PEM_F_I2B_PVK_BIO 138
|
||||||
|
# define PEM_F_LOAD_IV 101
|
||||||
|
# define PEM_F_PEM_ASN1_READ 102
|
||||||
|
# define PEM_F_PEM_ASN1_READ_BIO 103
|
||||||
|
# define PEM_F_PEM_ASN1_WRITE 104
|
||||||
|
# define PEM_F_PEM_ASN1_WRITE_BIO 105
|
||||||
|
# define PEM_F_PEM_DEF_CALLBACK 100
|
||||||
|
# define PEM_F_PEM_DO_HEADER 106
|
||||||
|
# define PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY 118
|
||||||
|
# define PEM_F_PEM_GET_EVP_CIPHER_INFO 107
|
||||||
|
# define PEM_F_PEM_PK8PKEY 119
|
||||||
|
# define PEM_F_PEM_READ 108
|
||||||
|
# define PEM_F_PEM_READ_BIO 109
|
||||||
|
# define PEM_F_PEM_READ_BIO_DHPARAMS 141
|
||||||
|
# define PEM_F_PEM_READ_BIO_PARAMETERS 140
|
||||||
|
# define PEM_F_PEM_READ_BIO_PRIVATEKEY 123
|
||||||
|
# define PEM_F_PEM_READ_DHPARAMS 142
|
||||||
|
# define PEM_F_PEM_READ_PRIVATEKEY 124
|
||||||
|
# define PEM_F_PEM_SEALFINAL 110
|
||||||
|
# define PEM_F_PEM_SEALINIT 111
|
||||||
|
# define PEM_F_PEM_SIGNFINAL 112
|
||||||
|
# define PEM_F_PEM_WRITE 113
|
||||||
|
# define PEM_F_PEM_WRITE_BIO 114
|
||||||
|
# define PEM_F_PEM_WRITE_PRIVATEKEY 139
|
||||||
|
# define PEM_F_PEM_X509_INFO_READ 115
|
||||||
|
# define PEM_F_PEM_X509_INFO_READ_BIO 116
|
||||||
|
# define PEM_F_PEM_X509_INFO_WRITE_BIO 117
|
||||||
|
|
||||||
|
/* Reason codes. */
|
||||||
|
# define PEM_R_BAD_BASE64_DECODE 100
|
||||||
|
# define PEM_R_BAD_DECRYPT 101
|
||||||
|
# define PEM_R_BAD_END_LINE 102
|
||||||
|
# define PEM_R_BAD_IV_CHARS 103
|
||||||
|
# define PEM_R_BAD_MAGIC_NUMBER 116
|
||||||
|
# define PEM_R_BAD_PASSWORD_READ 104
|
||||||
|
# define PEM_R_BAD_VERSION_NUMBER 117
|
||||||
|
# define PEM_R_BIO_WRITE_FAILURE 118
|
||||||
|
# define PEM_R_CIPHER_IS_NULL 127
|
||||||
|
# define PEM_R_ERROR_CONVERTING_PRIVATE_KEY 115
|
||||||
|
# define PEM_R_EXPECTING_PRIVATE_KEY_BLOB 119
|
||||||
|
# define PEM_R_EXPECTING_PUBLIC_KEY_BLOB 120
|
||||||
|
# define PEM_R_INCONSISTENT_HEADER 121
|
||||||
|
# define PEM_R_KEYBLOB_HEADER_PARSE_ERROR 122
|
||||||
|
# define PEM_R_KEYBLOB_TOO_SHORT 123
|
||||||
|
# define PEM_R_NOT_DEK_INFO 105
|
||||||
|
# define PEM_R_NOT_ENCRYPTED 106
|
||||||
|
# define PEM_R_NOT_PROC_TYPE 107
|
||||||
|
# define PEM_R_NO_START_LINE 108
|
||||||
|
# define PEM_R_PROBLEMS_GETTING_PASSWORD 109
|
||||||
|
# define PEM_R_PUBLIC_KEY_NO_RSA 110
|
||||||
|
# define PEM_R_PVK_DATA_TOO_SHORT 124
|
||||||
|
# define PEM_R_PVK_TOO_SHORT 125
|
||||||
|
# define PEM_R_READ_KEY 111
|
||||||
|
# define PEM_R_SHORT_HEADER 112
|
||||||
|
# define PEM_R_UNSUPPORTED_CIPHER 113
|
||||||
|
# define PEM_R_UNSUPPORTED_ENCRYPTION 114
|
||||||
|
# define PEM_R_UNSUPPORTED_KEY_COMPONENTS 126
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
|
@ -0,0 +1,70 @@
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* licensing@OpenSSL.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This header only exists to break a circular dependency between pem and err
|
||||||
|
* Ben 30 Jan 1999.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef HEADER_PEM_H
|
||||||
|
void ERR_load_PEM_strings(void);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
|
@ -0,0 +1,481 @@
|
||||||
|
/* crypto/pkcs7/pkcs7.h */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_PKCS7_H
|
||||||
|
# define HEADER_PKCS7_H
|
||||||
|
|
||||||
|
# include <openssl/asn1.h>
|
||||||
|
# include <openssl/bio.h>
|
||||||
|
# include <openssl/e_os2.h>
|
||||||
|
|
||||||
|
# include <openssl/symhacks.h>
|
||||||
|
# include <openssl/ossl_typ.h>
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
# ifdef OPENSSL_SYS_WIN32
|
||||||
|
/* Under Win32 thes are defined in wincrypt.h */
|
||||||
|
# undef PKCS7_ISSUER_AND_SERIAL
|
||||||
|
# undef PKCS7_SIGNER_INFO
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/*-
|
||||||
|
Encryption_ID DES-CBC
|
||||||
|
Digest_ID MD5
|
||||||
|
Digest_Encryption_ID rsaEncryption
|
||||||
|
Key_Encryption_ID rsaEncryption
|
||||||
|
*/
|
||||||
|
|
||||||
|
typedef struct pkcs7_issuer_and_serial_st {
|
||||||
|
X509_NAME *issuer;
|
||||||
|
ASN1_INTEGER *serial;
|
||||||
|
} PKCS7_ISSUER_AND_SERIAL;
|
||||||
|
|
||||||
|
typedef struct pkcs7_signer_info_st {
|
||||||
|
ASN1_INTEGER *version; /* version 1 */
|
||||||
|
PKCS7_ISSUER_AND_SERIAL *issuer_and_serial;
|
||||||
|
X509_ALGOR *digest_alg;
|
||||||
|
STACK_OF(X509_ATTRIBUTE) *auth_attr; /* [ 0 ] */
|
||||||
|
X509_ALGOR *digest_enc_alg;
|
||||||
|
ASN1_OCTET_STRING *enc_digest;
|
||||||
|
STACK_OF(X509_ATTRIBUTE) *unauth_attr; /* [ 1 ] */
|
||||||
|
/* The private key to sign with */
|
||||||
|
EVP_PKEY *pkey;
|
||||||
|
} PKCS7_SIGNER_INFO;
|
||||||
|
|
||||||
|
DECLARE_STACK_OF(PKCS7_SIGNER_INFO)
|
||||||
|
DECLARE_ASN1_SET_OF(PKCS7_SIGNER_INFO)
|
||||||
|
|
||||||
|
typedef struct pkcs7_recip_info_st {
|
||||||
|
ASN1_INTEGER *version; /* version 0 */
|
||||||
|
PKCS7_ISSUER_AND_SERIAL *issuer_and_serial;
|
||||||
|
X509_ALGOR *key_enc_algor;
|
||||||
|
ASN1_OCTET_STRING *enc_key;
|
||||||
|
X509 *cert; /* get the pub-key from this */
|
||||||
|
} PKCS7_RECIP_INFO;
|
||||||
|
|
||||||
|
DECLARE_STACK_OF(PKCS7_RECIP_INFO)
|
||||||
|
DECLARE_ASN1_SET_OF(PKCS7_RECIP_INFO)
|
||||||
|
|
||||||
|
typedef struct pkcs7_signed_st {
|
||||||
|
ASN1_INTEGER *version; /* version 1 */
|
||||||
|
STACK_OF(X509_ALGOR) *md_algs; /* md used */
|
||||||
|
STACK_OF(X509) *cert; /* [ 0 ] */
|
||||||
|
STACK_OF(X509_CRL) *crl; /* [ 1 ] */
|
||||||
|
STACK_OF(PKCS7_SIGNER_INFO) *signer_info;
|
||||||
|
struct pkcs7_st *contents;
|
||||||
|
} PKCS7_SIGNED;
|
||||||
|
/*
|
||||||
|
* The above structure is very very similar to PKCS7_SIGN_ENVELOPE. How about
|
||||||
|
* merging the two
|
||||||
|
*/
|
||||||
|
|
||||||
|
typedef struct pkcs7_enc_content_st {
|
||||||
|
ASN1_OBJECT *content_type;
|
||||||
|
X509_ALGOR *algorithm;
|
||||||
|
ASN1_OCTET_STRING *enc_data; /* [ 0 ] */
|
||||||
|
const EVP_CIPHER *cipher;
|
||||||
|
} PKCS7_ENC_CONTENT;
|
||||||
|
|
||||||
|
typedef struct pkcs7_enveloped_st {
|
||||||
|
ASN1_INTEGER *version; /* version 0 */
|
||||||
|
STACK_OF(PKCS7_RECIP_INFO) *recipientinfo;
|
||||||
|
PKCS7_ENC_CONTENT *enc_data;
|
||||||
|
} PKCS7_ENVELOPE;
|
||||||
|
|
||||||
|
typedef struct pkcs7_signedandenveloped_st {
|
||||||
|
ASN1_INTEGER *version; /* version 1 */
|
||||||
|
STACK_OF(X509_ALGOR) *md_algs; /* md used */
|
||||||
|
STACK_OF(X509) *cert; /* [ 0 ] */
|
||||||
|
STACK_OF(X509_CRL) *crl; /* [ 1 ] */
|
||||||
|
STACK_OF(PKCS7_SIGNER_INFO) *signer_info;
|
||||||
|
PKCS7_ENC_CONTENT *enc_data;
|
||||||
|
STACK_OF(PKCS7_RECIP_INFO) *recipientinfo;
|
||||||
|
} PKCS7_SIGN_ENVELOPE;
|
||||||
|
|
||||||
|
typedef struct pkcs7_digest_st {
|
||||||
|
ASN1_INTEGER *version; /* version 0 */
|
||||||
|
X509_ALGOR *md; /* md used */
|
||||||
|
struct pkcs7_st *contents;
|
||||||
|
ASN1_OCTET_STRING *digest;
|
||||||
|
} PKCS7_DIGEST;
|
||||||
|
|
||||||
|
typedef struct pkcs7_encrypted_st {
|
||||||
|
ASN1_INTEGER *version; /* version 0 */
|
||||||
|
PKCS7_ENC_CONTENT *enc_data;
|
||||||
|
} PKCS7_ENCRYPT;
|
||||||
|
|
||||||
|
typedef struct pkcs7_st {
|
||||||
|
/*
|
||||||
|
* The following is non NULL if it contains ASN1 encoding of this
|
||||||
|
* structure
|
||||||
|
*/
|
||||||
|
unsigned char *asn1;
|
||||||
|
long length;
|
||||||
|
# define PKCS7_S_HEADER 0
|
||||||
|
# define PKCS7_S_BODY 1
|
||||||
|
# define PKCS7_S_TAIL 2
|
||||||
|
int state; /* used during processing */
|
||||||
|
int detached;
|
||||||
|
ASN1_OBJECT *type;
|
||||||
|
/* content as defined by the type */
|
||||||
|
/*
|
||||||
|
* all encryption/message digests are applied to the 'contents', leaving
|
||||||
|
* out the 'type' field.
|
||||||
|
*/
|
||||||
|
union {
|
||||||
|
char *ptr;
|
||||||
|
/* NID_pkcs7_data */
|
||||||
|
ASN1_OCTET_STRING *data;
|
||||||
|
/* NID_pkcs7_signed */
|
||||||
|
PKCS7_SIGNED *sign;
|
||||||
|
/* NID_pkcs7_enveloped */
|
||||||
|
PKCS7_ENVELOPE *enveloped;
|
||||||
|
/* NID_pkcs7_signedAndEnveloped */
|
||||||
|
PKCS7_SIGN_ENVELOPE *signed_and_enveloped;
|
||||||
|
/* NID_pkcs7_digest */
|
||||||
|
PKCS7_DIGEST *digest;
|
||||||
|
/* NID_pkcs7_encrypted */
|
||||||
|
PKCS7_ENCRYPT *encrypted;
|
||||||
|
/* Anything else */
|
||||||
|
ASN1_TYPE *other;
|
||||||
|
} d;
|
||||||
|
} PKCS7;
|
||||||
|
|
||||||
|
DECLARE_STACK_OF(PKCS7)
|
||||||
|
DECLARE_ASN1_SET_OF(PKCS7)
|
||||||
|
DECLARE_PKCS12_STACK_OF(PKCS7)
|
||||||
|
|
||||||
|
# define PKCS7_OP_SET_DETACHED_SIGNATURE 1
|
||||||
|
# define PKCS7_OP_GET_DETACHED_SIGNATURE 2
|
||||||
|
|
||||||
|
# define PKCS7_get_signed_attributes(si) ((si)->auth_attr)
|
||||||
|
# define PKCS7_get_attributes(si) ((si)->unauth_attr)
|
||||||
|
|
||||||
|
# define PKCS7_type_is_signed(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_signed)
|
||||||
|
# define PKCS7_type_is_encrypted(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_encrypted)
|
||||||
|
# define PKCS7_type_is_enveloped(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_enveloped)
|
||||||
|
# define PKCS7_type_is_signedAndEnveloped(a) \
|
||||||
|
(OBJ_obj2nid((a)->type) == NID_pkcs7_signedAndEnveloped)
|
||||||
|
# define PKCS7_type_is_data(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_data)
|
||||||
|
# define PKCS7_type_is_digest(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_digest)
|
||||||
|
|
||||||
|
# define PKCS7_set_detached(p,v) \
|
||||||
|
PKCS7_ctrl(p,PKCS7_OP_SET_DETACHED_SIGNATURE,v,NULL)
|
||||||
|
# define PKCS7_get_detached(p) \
|
||||||
|
PKCS7_ctrl(p,PKCS7_OP_GET_DETACHED_SIGNATURE,0,NULL)
|
||||||
|
|
||||||
|
# define PKCS7_is_detached(p7) (PKCS7_type_is_signed(p7) && PKCS7_get_detached(p7))
|
||||||
|
|
||||||
|
/* S/MIME related flags */
|
||||||
|
|
||||||
|
# define PKCS7_TEXT 0x1
|
||||||
|
# define PKCS7_NOCERTS 0x2
|
||||||
|
# define PKCS7_NOSIGS 0x4
|
||||||
|
# define PKCS7_NOCHAIN 0x8
|
||||||
|
# define PKCS7_NOINTERN 0x10
|
||||||
|
# define PKCS7_NOVERIFY 0x20
|
||||||
|
# define PKCS7_DETACHED 0x40
|
||||||
|
# define PKCS7_BINARY 0x80
|
||||||
|
# define PKCS7_NOATTR 0x100
|
||||||
|
# define PKCS7_NOSMIMECAP 0x200
|
||||||
|
# define PKCS7_NOOLDMIMETYPE 0x400
|
||||||
|
# define PKCS7_CRLFEOL 0x800
|
||||||
|
# define PKCS7_STREAM 0x1000
|
||||||
|
# define PKCS7_NOCRL 0x2000
|
||||||
|
# define PKCS7_PARTIAL 0x4000
|
||||||
|
# define PKCS7_REUSE_DIGEST 0x8000
|
||||||
|
|
||||||
|
/* Flags: for compatibility with older code */
|
||||||
|
|
||||||
|
# define SMIME_TEXT PKCS7_TEXT
|
||||||
|
# define SMIME_NOCERTS PKCS7_NOCERTS
|
||||||
|
# define SMIME_NOSIGS PKCS7_NOSIGS
|
||||||
|
# define SMIME_NOCHAIN PKCS7_NOCHAIN
|
||||||
|
# define SMIME_NOINTERN PKCS7_NOINTERN
|
||||||
|
# define SMIME_NOVERIFY PKCS7_NOVERIFY
|
||||||
|
# define SMIME_DETACHED PKCS7_DETACHED
|
||||||
|
# define SMIME_BINARY PKCS7_BINARY
|
||||||
|
# define SMIME_NOATTR PKCS7_NOATTR
|
||||||
|
|
||||||
|
DECLARE_ASN1_FUNCTIONS(PKCS7_ISSUER_AND_SERIAL)
|
||||||
|
|
||||||
|
int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,
|
||||||
|
const EVP_MD *type, unsigned char *md,
|
||||||
|
unsigned int *len);
|
||||||
|
# ifndef OPENSSL_NO_FP_API
|
||||||
|
PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7);
|
||||||
|
int i2d_PKCS7_fp(FILE *fp, PKCS7 *p7);
|
||||||
|
# endif
|
||||||
|
PKCS7 *PKCS7_dup(PKCS7 *p7);
|
||||||
|
PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7);
|
||||||
|
int i2d_PKCS7_bio(BIO *bp, PKCS7 *p7);
|
||||||
|
int i2d_PKCS7_bio_stream(BIO *out, PKCS7 *p7, BIO *in, int flags);
|
||||||
|
int PEM_write_bio_PKCS7_stream(BIO *out, PKCS7 *p7, BIO *in, int flags);
|
||||||
|
|
||||||
|
DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNER_INFO)
|
||||||
|
DECLARE_ASN1_FUNCTIONS(PKCS7_RECIP_INFO)
|
||||||
|
DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNED)
|
||||||
|
DECLARE_ASN1_FUNCTIONS(PKCS7_ENC_CONTENT)
|
||||||
|
DECLARE_ASN1_FUNCTIONS(PKCS7_ENVELOPE)
|
||||||
|
DECLARE_ASN1_FUNCTIONS(PKCS7_SIGN_ENVELOPE)
|
||||||
|
DECLARE_ASN1_FUNCTIONS(PKCS7_DIGEST)
|
||||||
|
DECLARE_ASN1_FUNCTIONS(PKCS7_ENCRYPT)
|
||||||
|
DECLARE_ASN1_FUNCTIONS(PKCS7)
|
||||||
|
|
||||||
|
DECLARE_ASN1_ITEM(PKCS7_ATTR_SIGN)
|
||||||
|
DECLARE_ASN1_ITEM(PKCS7_ATTR_VERIFY)
|
||||||
|
|
||||||
|
DECLARE_ASN1_NDEF_FUNCTION(PKCS7)
|
||||||
|
DECLARE_ASN1_PRINT_FUNCTION(PKCS7)
|
||||||
|
|
||||||
|
long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg);
|
||||||
|
|
||||||
|
int PKCS7_set_type(PKCS7 *p7, int type);
|
||||||
|
int PKCS7_set0_type_other(PKCS7 *p7, int type, ASN1_TYPE *other);
|
||||||
|
int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data);
|
||||||
|
int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
|
||||||
|
const EVP_MD *dgst);
|
||||||
|
int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si);
|
||||||
|
int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i);
|
||||||
|
int PKCS7_add_certificate(PKCS7 *p7, X509 *x509);
|
||||||
|
int PKCS7_add_crl(PKCS7 *p7, X509_CRL *x509);
|
||||||
|
int PKCS7_content_new(PKCS7 *p7, int nid);
|
||||||
|
int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx,
|
||||||
|
BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si);
|
||||||
|
int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
|
||||||
|
X509 *x509);
|
||||||
|
|
||||||
|
BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio);
|
||||||
|
int PKCS7_dataFinal(PKCS7 *p7, BIO *bio);
|
||||||
|
BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert);
|
||||||
|
|
||||||
|
PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509,
|
||||||
|
EVP_PKEY *pkey, const EVP_MD *dgst);
|
||||||
|
X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si);
|
||||||
|
int PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md);
|
||||||
|
STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7);
|
||||||
|
|
||||||
|
PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509);
|
||||||
|
void PKCS7_SIGNER_INFO_get0_algs(PKCS7_SIGNER_INFO *si, EVP_PKEY **pk,
|
||||||
|
X509_ALGOR **pdig, X509_ALGOR **psig);
|
||||||
|
void PKCS7_RECIP_INFO_get0_alg(PKCS7_RECIP_INFO *ri, X509_ALGOR **penc);
|
||||||
|
int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri);
|
||||||
|
int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509);
|
||||||
|
int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher);
|
||||||
|
int PKCS7_stream(unsigned char ***boundary, PKCS7 *p7);
|
||||||
|
|
||||||
|
PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx);
|
||||||
|
ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk);
|
||||||
|
int PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int type,
|
||||||
|
void *data);
|
||||||
|
int PKCS7_add_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,
|
||||||
|
void *value);
|
||||||
|
ASN1_TYPE *PKCS7_get_attribute(PKCS7_SIGNER_INFO *si, int nid);
|
||||||
|
ASN1_TYPE *PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO *si, int nid);
|
||||||
|
int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si,
|
||||||
|
STACK_OF(X509_ATTRIBUTE) *sk);
|
||||||
|
int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si,
|
||||||
|
STACK_OF(X509_ATTRIBUTE) *sk);
|
||||||
|
|
||||||
|
PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
|
||||||
|
BIO *data, int flags);
|
||||||
|
|
||||||
|
PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7,
|
||||||
|
X509 *signcert, EVP_PKEY *pkey,
|
||||||
|
const EVP_MD *md, int flags);
|
||||||
|
|
||||||
|
int PKCS7_final(PKCS7 *p7, BIO *data, int flags);
|
||||||
|
int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
|
||||||
|
BIO *indata, BIO *out, int flags);
|
||||||
|
STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs,
|
||||||
|
int flags);
|
||||||
|
PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher,
|
||||||
|
int flags);
|
||||||
|
int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data,
|
||||||
|
int flags);
|
||||||
|
|
||||||
|
int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si,
|
||||||
|
STACK_OF(X509_ALGOR) *cap);
|
||||||
|
STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si);
|
||||||
|
int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg);
|
||||||
|
|
||||||
|
int PKCS7_add_attrib_content_type(PKCS7_SIGNER_INFO *si, ASN1_OBJECT *coid);
|
||||||
|
int PKCS7_add0_attrib_signing_time(PKCS7_SIGNER_INFO *si, ASN1_TIME *t);
|
||||||
|
int PKCS7_add1_attrib_digest(PKCS7_SIGNER_INFO *si,
|
||||||
|
const unsigned char *md, int mdlen);
|
||||||
|
|
||||||
|
int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags);
|
||||||
|
PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont);
|
||||||
|
|
||||||
|
BIO *BIO_new_PKCS7(BIO *out, PKCS7 *p7);
|
||||||
|
|
||||||
|
/* BEGIN ERROR CODES */
|
||||||
|
/*
|
||||||
|
* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||||
|
* made after this point may be overwritten when the script is next run.
|
||||||
|
*/
|
||||||
|
void ERR_load_PKCS7_strings(void);
|
||||||
|
|
||||||
|
/* Error codes for the PKCS7 functions. */
|
||||||
|
|
||||||
|
/* Function codes. */
|
||||||
|
# define PKCS7_F_B64_READ_PKCS7 120
|
||||||
|
# define PKCS7_F_B64_WRITE_PKCS7 121
|
||||||
|
# define PKCS7_F_DO_PKCS7_SIGNED_ATTRIB 136
|
||||||
|
# define PKCS7_F_I2D_PKCS7_BIO_STREAM 140
|
||||||
|
# define PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME 135
|
||||||
|
# define PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP 118
|
||||||
|
# define PKCS7_F_PKCS7_ADD_CERTIFICATE 100
|
||||||
|
# define PKCS7_F_PKCS7_ADD_CRL 101
|
||||||
|
# define PKCS7_F_PKCS7_ADD_RECIPIENT_INFO 102
|
||||||
|
# define PKCS7_F_PKCS7_ADD_SIGNATURE 131
|
||||||
|
# define PKCS7_F_PKCS7_ADD_SIGNER 103
|
||||||
|
# define PKCS7_F_PKCS7_BIO_ADD_DIGEST 125
|
||||||
|
# define PKCS7_F_PKCS7_COPY_EXISTING_DIGEST 138
|
||||||
|
# define PKCS7_F_PKCS7_CTRL 104
|
||||||
|
# define PKCS7_F_PKCS7_DATADECODE 112
|
||||||
|
# define PKCS7_F_PKCS7_DATAFINAL 128
|
||||||
|
# define PKCS7_F_PKCS7_DATAINIT 105
|
||||||
|
# define PKCS7_F_PKCS7_DATASIGN 106
|
||||||
|
# define PKCS7_F_PKCS7_DATAVERIFY 107
|
||||||
|
# define PKCS7_F_PKCS7_DECRYPT 114
|
||||||
|
# define PKCS7_F_PKCS7_DECRYPT_RINFO 133
|
||||||
|
# define PKCS7_F_PKCS7_ENCODE_RINFO 132
|
||||||
|
# define PKCS7_F_PKCS7_ENCRYPT 115
|
||||||
|
# define PKCS7_F_PKCS7_FINAL 134
|
||||||
|
# define PKCS7_F_PKCS7_FIND_DIGEST 127
|
||||||
|
# define PKCS7_F_PKCS7_GET0_SIGNERS 124
|
||||||
|
# define PKCS7_F_PKCS7_RECIP_INFO_SET 130
|
||||||
|
# define PKCS7_F_PKCS7_SET_CIPHER 108
|
||||||
|
# define PKCS7_F_PKCS7_SET_CONTENT 109
|
||||||
|
# define PKCS7_F_PKCS7_SET_DIGEST 126
|
||||||
|
# define PKCS7_F_PKCS7_SET_TYPE 110
|
||||||
|
# define PKCS7_F_PKCS7_SIGN 116
|
||||||
|
# define PKCS7_F_PKCS7_SIGNATUREVERIFY 113
|
||||||
|
# define PKCS7_F_PKCS7_SIGNER_INFO_SET 129
|
||||||
|
# define PKCS7_F_PKCS7_SIGNER_INFO_SIGN 139
|
||||||
|
# define PKCS7_F_PKCS7_SIGN_ADD_SIGNER 137
|
||||||
|
# define PKCS7_F_PKCS7_SIMPLE_SMIMECAP 119
|
||||||
|
# define PKCS7_F_PKCS7_VERIFY 117
|
||||||
|
# define PKCS7_F_SMIME_READ_PKCS7 122
|
||||||
|
# define PKCS7_F_SMIME_TEXT 123
|
||||||
|
|
||||||
|
/* Reason codes. */
|
||||||
|
# define PKCS7_R_CERTIFICATE_VERIFY_ERROR 117
|
||||||
|
# define PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 144
|
||||||
|
# define PKCS7_R_CIPHER_NOT_INITIALIZED 116
|
||||||
|
# define PKCS7_R_CONTENT_AND_DATA_PRESENT 118
|
||||||
|
# define PKCS7_R_CTRL_ERROR 152
|
||||||
|
# define PKCS7_R_DECODE_ERROR 130
|
||||||
|
# define PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH 100
|
||||||
|
# define PKCS7_R_DECRYPT_ERROR 119
|
||||||
|
# define PKCS7_R_DIGEST_FAILURE 101
|
||||||
|
# define PKCS7_R_ENCRYPTION_CTRL_FAILURE 149
|
||||||
|
# define PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 150
|
||||||
|
# define PKCS7_R_ERROR_ADDING_RECIPIENT 120
|
||||||
|
# define PKCS7_R_ERROR_SETTING_CIPHER 121
|
||||||
|
# define PKCS7_R_INVALID_MIME_TYPE 131
|
||||||
|
# define PKCS7_R_INVALID_NULL_POINTER 143
|
||||||
|
# define PKCS7_R_INVALID_SIGNED_DATA_TYPE 155
|
||||||
|
# define PKCS7_R_MIME_NO_CONTENT_TYPE 132
|
||||||
|
# define PKCS7_R_MIME_PARSE_ERROR 133
|
||||||
|
# define PKCS7_R_MIME_SIG_PARSE_ERROR 134
|
||||||
|
# define PKCS7_R_MISSING_CERIPEND_INFO 103
|
||||||
|
# define PKCS7_R_NO_CONTENT 122
|
||||||
|
# define PKCS7_R_NO_CONTENT_TYPE 135
|
||||||
|
# define PKCS7_R_NO_DEFAULT_DIGEST 151
|
||||||
|
# define PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND 154
|
||||||
|
# define PKCS7_R_NO_MULTIPART_BODY_FAILURE 136
|
||||||
|
# define PKCS7_R_NO_MULTIPART_BOUNDARY 137
|
||||||
|
# define PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE 115
|
||||||
|
# define PKCS7_R_NO_RECIPIENT_MATCHES_KEY 146
|
||||||
|
# define PKCS7_R_NO_SIGNATURES_ON_DATA 123
|
||||||
|
# define PKCS7_R_NO_SIGNERS 142
|
||||||
|
# define PKCS7_R_NO_SIG_CONTENT_TYPE 138
|
||||||
|
# define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE 104
|
||||||
|
# define PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR 124
|
||||||
|
# define PKCS7_R_PKCS7_ADD_SIGNER_ERROR 153
|
||||||
|
# define PKCS7_R_PKCS7_DATAFINAL 126
|
||||||
|
# define PKCS7_R_PKCS7_DATAFINAL_ERROR 125
|
||||||
|
# define PKCS7_R_PKCS7_DATASIGN 145
|
||||||
|
# define PKCS7_R_PKCS7_PARSE_ERROR 139
|
||||||
|
# define PKCS7_R_PKCS7_SIG_PARSE_ERROR 140
|
||||||
|
# define PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 127
|
||||||
|
# define PKCS7_R_SIGNATURE_FAILURE 105
|
||||||
|
# define PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND 128
|
||||||
|
# define PKCS7_R_SIGNING_CTRL_FAILURE 147
|
||||||
|
# define PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 148
|
||||||
|
# define PKCS7_R_SIG_INVALID_MIME_TYPE 141
|
||||||
|
# define PKCS7_R_SMIME_TEXT_ERROR 129
|
||||||
|
# define PKCS7_R_UNABLE_TO_FIND_CERTIFICATE 106
|
||||||
|
# define PKCS7_R_UNABLE_TO_FIND_MEM_BIO 107
|
||||||
|
# define PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST 108
|
||||||
|
# define PKCS7_R_UNKNOWN_DIGEST_TYPE 109
|
||||||
|
# define PKCS7_R_UNKNOWN_OPERATION 110
|
||||||
|
# define PKCS7_R_UNSUPPORTED_CIPHER_TYPE 111
|
||||||
|
# define PKCS7_R_UNSUPPORTED_CONTENT_TYPE 112
|
||||||
|
# define PKCS7_R_WRONG_CONTENT_TYPE 113
|
||||||
|
# define PKCS7_R_WRONG_PKCS7_TYPE 114
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
|
@ -0,0 +1,99 @@
|
||||||
|
/* crypto/pqueue/pqueue.h */
|
||||||
|
/*
|
||||||
|
* DTLS implementation written by Nagendra Modadugu
|
||||||
|
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* openssl-core@OpenSSL.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_PQUEUE_H
|
||||||
|
# define HEADER_PQUEUE_H
|
||||||
|
|
||||||
|
# include <stdio.h>
|
||||||
|
# include <stdlib.h>
|
||||||
|
# include <string.h>
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
typedef struct _pqueue *pqueue;
|
||||||
|
|
||||||
|
typedef struct _pitem {
|
||||||
|
unsigned char priority[8]; /* 64-bit value in big-endian encoding */
|
||||||
|
void *data;
|
||||||
|
struct _pitem *next;
|
||||||
|
} pitem;
|
||||||
|
|
||||||
|
typedef struct _pitem *piterator;
|
||||||
|
|
||||||
|
pitem *pitem_new(unsigned char *prio64be, void *data);
|
||||||
|
void pitem_free(pitem *item);
|
||||||
|
|
||||||
|
pqueue pqueue_new(void);
|
||||||
|
void pqueue_free(pqueue pq);
|
||||||
|
|
||||||
|
pitem *pqueue_insert(pqueue pq, pitem *item);
|
||||||
|
pitem *pqueue_peek(pqueue pq);
|
||||||
|
pitem *pqueue_pop(pqueue pq);
|
||||||
|
pitem *pqueue_find(pqueue pq, unsigned char *prio64be);
|
||||||
|
pitem *pqueue_iterator(pqueue pq);
|
||||||
|
pitem *pqueue_next(piterator *iter);
|
||||||
|
|
||||||
|
void pqueue_print(pqueue pq);
|
||||||
|
int pqueue_size(pqueue pq);
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif /* ! HEADER_PQUEUE_H */
|
|
@ -0,0 +1,664 @@
|
||||||
|
/* crypto/rsa/rsa.h */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_RSA_H
|
||||||
|
# define HEADER_RSA_H
|
||||||
|
|
||||||
|
# include <openssl/asn1.h>
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_BIO
|
||||||
|
# include <openssl/bio.h>
|
||||||
|
# endif
|
||||||
|
# include <openssl/crypto.h>
|
||||||
|
# include <openssl/ossl_typ.h>
|
||||||
|
# ifndef OPENSSL_NO_DEPRECATED
|
||||||
|
# include <openssl/bn.h>
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifdef OPENSSL_NO_RSA
|
||||||
|
# error RSA is disabled.
|
||||||
|
# endif
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* Declared already in ossl_typ.h */
|
||||||
|
/* typedef struct rsa_st RSA; */
|
||||||
|
/* typedef struct rsa_meth_st RSA_METHOD; */
|
||||||
|
|
||||||
|
struct rsa_meth_st {
|
||||||
|
const char *name;
|
||||||
|
int (*rsa_pub_enc) (int flen, const unsigned char *from,
|
||||||
|
unsigned char *to, RSA *rsa, int padding);
|
||||||
|
int (*rsa_pub_dec) (int flen, const unsigned char *from,
|
||||||
|
unsigned char *to, RSA *rsa, int padding);
|
||||||
|
int (*rsa_priv_enc) (int flen, const unsigned char *from,
|
||||||
|
unsigned char *to, RSA *rsa, int padding);
|
||||||
|
int (*rsa_priv_dec) (int flen, const unsigned char *from,
|
||||||
|
unsigned char *to, RSA *rsa, int padding);
|
||||||
|
/* Can be null */
|
||||||
|
int (*rsa_mod_exp) (BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx);
|
||||||
|
/* Can be null */
|
||||||
|
int (*bn_mod_exp) (BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
|
||||||
|
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
|
||||||
|
/* called at new */
|
||||||
|
int (*init) (RSA *rsa);
|
||||||
|
/* called at free */
|
||||||
|
int (*finish) (RSA *rsa);
|
||||||
|
/* RSA_METHOD_FLAG_* things */
|
||||||
|
int flags;
|
||||||
|
/* may be needed! */
|
||||||
|
char *app_data;
|
||||||
|
/*
|
||||||
|
* New sign and verify functions: some libraries don't allow arbitrary
|
||||||
|
* data to be signed/verified: this allows them to be used. Note: for
|
||||||
|
* this to work the RSA_public_decrypt() and RSA_private_encrypt() should
|
||||||
|
* *NOT* be used RSA_sign(), RSA_verify() should be used instead. Note:
|
||||||
|
* for backwards compatibility this functionality is only enabled if the
|
||||||
|
* RSA_FLAG_SIGN_VER option is set in 'flags'.
|
||||||
|
*/
|
||||||
|
int (*rsa_sign) (int type,
|
||||||
|
const unsigned char *m, unsigned int m_length,
|
||||||
|
unsigned char *sigret, unsigned int *siglen,
|
||||||
|
const RSA *rsa);
|
||||||
|
int (*rsa_verify) (int dtype, const unsigned char *m,
|
||||||
|
unsigned int m_length, const unsigned char *sigbuf,
|
||||||
|
unsigned int siglen, const RSA *rsa);
|
||||||
|
/*
|
||||||
|
* If this callback is NULL, the builtin software RSA key-gen will be
|
||||||
|
* used. This is for behavioural compatibility whilst the code gets
|
||||||
|
* rewired, but one day it would be nice to assume there are no such
|
||||||
|
* things as "builtin software" implementations.
|
||||||
|
*/
|
||||||
|
int (*rsa_keygen) (RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
|
||||||
|
};
|
||||||
|
|
||||||
|
struct rsa_st {
|
||||||
|
/*
|
||||||
|
* The first parameter is used to pickup errors where this is passed
|
||||||
|
* instead of aEVP_PKEY, it is set to 0
|
||||||
|
*/
|
||||||
|
int pad;
|
||||||
|
long version;
|
||||||
|
const RSA_METHOD *meth;
|
||||||
|
/* functional reference if 'meth' is ENGINE-provided */
|
||||||
|
ENGINE *engine;
|
||||||
|
BIGNUM *n;
|
||||||
|
BIGNUM *e;
|
||||||
|
BIGNUM *d;
|
||||||
|
BIGNUM *p;
|
||||||
|
BIGNUM *q;
|
||||||
|
BIGNUM *dmp1;
|
||||||
|
BIGNUM *dmq1;
|
||||||
|
BIGNUM *iqmp;
|
||||||
|
/* be careful using this if the RSA structure is shared */
|
||||||
|
CRYPTO_EX_DATA ex_data;
|
||||||
|
int references;
|
||||||
|
int flags;
|
||||||
|
/* Used to cache montgomery values */
|
||||||
|
BN_MONT_CTX *_method_mod_n;
|
||||||
|
BN_MONT_CTX *_method_mod_p;
|
||||||
|
BN_MONT_CTX *_method_mod_q;
|
||||||
|
/*
|
||||||
|
* all BIGNUM values are actually in the following data, if it is not
|
||||||
|
* NULL
|
||||||
|
*/
|
||||||
|
char *bignum_data;
|
||||||
|
BN_BLINDING *blinding;
|
||||||
|
BN_BLINDING *mt_blinding;
|
||||||
|
};
|
||||||
|
|
||||||
|
# ifndef OPENSSL_RSA_MAX_MODULUS_BITS
|
||||||
|
# define OPENSSL_RSA_MAX_MODULUS_BITS 16384
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef OPENSSL_RSA_SMALL_MODULUS_BITS
|
||||||
|
# define OPENSSL_RSA_SMALL_MODULUS_BITS 3072
|
||||||
|
# endif
|
||||||
|
# ifndef OPENSSL_RSA_MAX_PUBEXP_BITS
|
||||||
|
|
||||||
|
/* exponent limit enforced for "large" modulus only */
|
||||||
|
# define OPENSSL_RSA_MAX_PUBEXP_BITS 64
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# define RSA_3 0x3L
|
||||||
|
# define RSA_F4 0x10001L
|
||||||
|
|
||||||
|
# define RSA_METHOD_FLAG_NO_CHECK 0x0001/* don't check pub/private
|
||||||
|
* match */
|
||||||
|
|
||||||
|
# define RSA_FLAG_CACHE_PUBLIC 0x0002
|
||||||
|
# define RSA_FLAG_CACHE_PRIVATE 0x0004
|
||||||
|
# define RSA_FLAG_BLINDING 0x0008
|
||||||
|
# define RSA_FLAG_THREAD_SAFE 0x0010
|
||||||
|
/*
|
||||||
|
* This flag means the private key operations will be handled by rsa_mod_exp
|
||||||
|
* and that they do not depend on the private key components being present:
|
||||||
|
* for example a key stored in external hardware. Without this flag
|
||||||
|
* bn_mod_exp gets called when private key components are absent.
|
||||||
|
*/
|
||||||
|
# define RSA_FLAG_EXT_PKEY 0x0020
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This flag in the RSA_METHOD enables the new rsa_sign, rsa_verify
|
||||||
|
* functions.
|
||||||
|
*/
|
||||||
|
# define RSA_FLAG_SIGN_VER 0x0040
|
||||||
|
|
||||||
|
/*
|
||||||
|
* new with 0.9.6j and 0.9.7b; the built-in
|
||||||
|
* RSA implementation now uses blinding by
|
||||||
|
* default (ignoring RSA_FLAG_BLINDING),
|
||||||
|
* but other engines might not need it
|
||||||
|
*/
|
||||||
|
# define RSA_FLAG_NO_BLINDING 0x0080
|
||||||
|
/*
|
||||||
|
* new with 0.9.8f; the built-in RSA
|
||||||
|
* implementation now uses constant time
|
||||||
|
* operations by default in private key operations,
|
||||||
|
* e.g., constant time modular exponentiation,
|
||||||
|
* modular inverse without leaking branches,
|
||||||
|
* division without leaking branches. This
|
||||||
|
* flag disables these constant time
|
||||||
|
* operations and results in faster RSA
|
||||||
|
* private key operations.
|
||||||
|
*/
|
||||||
|
# define RSA_FLAG_NO_CONSTTIME 0x0100
|
||||||
|
# ifdef OPENSSL_USE_DEPRECATED
|
||||||
|
/* deprecated name for the flag*/
|
||||||
|
/*
|
||||||
|
* new with 0.9.7h; the built-in RSA
|
||||||
|
* implementation now uses constant time
|
||||||
|
* modular exponentiation for secret exponents
|
||||||
|
* by default. This flag causes the
|
||||||
|
* faster variable sliding window method to
|
||||||
|
* be used for all exponents.
|
||||||
|
*/
|
||||||
|
# define RSA_FLAG_NO_EXP_CONSTTIME RSA_FLAG_NO_CONSTTIME
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set_rsa_padding(ctx, pad) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, EVP_PKEY_CTRL_RSA_PADDING, \
|
||||||
|
pad, NULL)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_get_rsa_padding(ctx, ppad) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, \
|
||||||
|
EVP_PKEY_CTRL_GET_RSA_PADDING, 0, ppad)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, len) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
|
||||||
|
(EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
|
||||||
|
EVP_PKEY_CTRL_RSA_PSS_SALTLEN, \
|
||||||
|
len, NULL)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_get_rsa_pss_saltlen(ctx, plen) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
|
||||||
|
(EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
|
||||||
|
EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN, \
|
||||||
|
0, plen)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \
|
||||||
|
EVP_PKEY_CTRL_RSA_KEYGEN_BITS, bits, NULL)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set_rsa_keygen_pubexp(ctx, pubexp) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \
|
||||||
|
EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, 0, pubexp)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, md) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
|
||||||
|
EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT, \
|
||||||
|
EVP_PKEY_CTRL_RSA_MGF1_MD, 0, (void *)md)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set_rsa_oaep_md(ctx, md) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT, \
|
||||||
|
EVP_PKEY_CTRL_RSA_OAEP_MD, 0, (void *)md)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_get_rsa_mgf1_md(ctx, pmd) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
|
||||||
|
EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT, \
|
||||||
|
EVP_PKEY_CTRL_GET_RSA_MGF1_MD, 0, (void *)pmd)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_get_rsa_oaep_md(ctx, pmd) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT, \
|
||||||
|
EVP_PKEY_CTRL_GET_RSA_OAEP_MD, 0, (void *)pmd)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, l, llen) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT, \
|
||||||
|
EVP_PKEY_CTRL_RSA_OAEP_LABEL, llen, (void *)l)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_get0_rsa_oaep_label(ctx, l) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT, \
|
||||||
|
EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL, 0, (void *)l)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTRL_RSA_PADDING (EVP_PKEY_ALG_CTRL + 1)
|
||||||
|
# define EVP_PKEY_CTRL_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 2)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTRL_RSA_KEYGEN_BITS (EVP_PKEY_ALG_CTRL + 3)
|
||||||
|
# define EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP (EVP_PKEY_ALG_CTRL + 4)
|
||||||
|
# define EVP_PKEY_CTRL_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 5)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTRL_GET_RSA_PADDING (EVP_PKEY_ALG_CTRL + 6)
|
||||||
|
# define EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 7)
|
||||||
|
# define EVP_PKEY_CTRL_GET_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 8)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTRL_RSA_OAEP_MD (EVP_PKEY_ALG_CTRL + 9)
|
||||||
|
# define EVP_PKEY_CTRL_RSA_OAEP_LABEL (EVP_PKEY_ALG_CTRL + 10)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTRL_GET_RSA_OAEP_MD (EVP_PKEY_ALG_CTRL + 11)
|
||||||
|
# define EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL (EVP_PKEY_ALG_CTRL + 12)
|
||||||
|
|
||||||
|
# define RSA_PKCS1_PADDING 1
|
||||||
|
# define RSA_SSLV23_PADDING 2
|
||||||
|
# define RSA_NO_PADDING 3
|
||||||
|
# define RSA_PKCS1_OAEP_PADDING 4
|
||||||
|
# define RSA_X931_PADDING 5
|
||||||
|
/* EVP_PKEY_ only */
|
||||||
|
# define RSA_PKCS1_PSS_PADDING 6
|
||||||
|
|
||||||
|
# define RSA_PKCS1_PADDING_SIZE 11
|
||||||
|
|
||||||
|
# define RSA_set_app_data(s,arg) RSA_set_ex_data(s,0,arg)
|
||||||
|
# define RSA_get_app_data(s) RSA_get_ex_data(s,0)
|
||||||
|
|
||||||
|
RSA *RSA_new(void);
|
||||||
|
RSA *RSA_new_method(ENGINE *engine);
|
||||||
|
int RSA_size(const RSA *rsa);
|
||||||
|
|
||||||
|
/* Deprecated version */
|
||||||
|
# ifndef OPENSSL_NO_DEPRECATED
|
||||||
|
RSA *RSA_generate_key(int bits, unsigned long e, void
|
||||||
|
(*callback) (int, int, void *), void *cb_arg);
|
||||||
|
# endif /* !defined(OPENSSL_NO_DEPRECATED) */
|
||||||
|
|
||||||
|
/* New version */
|
||||||
|
int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
|
||||||
|
|
||||||
|
int RSA_check_key(const RSA *);
|
||||||
|
/* next 4 return -1 on error */
|
||||||
|
int RSA_public_encrypt(int flen, const unsigned char *from,
|
||||||
|
unsigned char *to, RSA *rsa, int padding);
|
||||||
|
int RSA_private_encrypt(int flen, const unsigned char *from,
|
||||||
|
unsigned char *to, RSA *rsa, int padding);
|
||||||
|
int RSA_public_decrypt(int flen, const unsigned char *from,
|
||||||
|
unsigned char *to, RSA *rsa, int padding);
|
||||||
|
int RSA_private_decrypt(int flen, const unsigned char *from,
|
||||||
|
unsigned char *to, RSA *rsa, int padding);
|
||||||
|
void RSA_free(RSA *r);
|
||||||
|
/* "up" the RSA object's reference count */
|
||||||
|
int RSA_up_ref(RSA *r);
|
||||||
|
|
||||||
|
int RSA_flags(const RSA *r);
|
||||||
|
|
||||||
|
void RSA_set_default_method(const RSA_METHOD *meth);
|
||||||
|
const RSA_METHOD *RSA_get_default_method(void);
|
||||||
|
const RSA_METHOD *RSA_get_method(const RSA *rsa);
|
||||||
|
int RSA_set_method(RSA *rsa, const RSA_METHOD *meth);
|
||||||
|
|
||||||
|
/* This function needs the memory locking malloc callbacks to be installed */
|
||||||
|
int RSA_memory_lock(RSA *r);
|
||||||
|
|
||||||
|
/* these are the actual SSLeay RSA functions */
|
||||||
|
const RSA_METHOD *RSA_PKCS1_SSLeay(void);
|
||||||
|
|
||||||
|
const RSA_METHOD *RSA_null_method(void);
|
||||||
|
|
||||||
|
DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPublicKey)
|
||||||
|
DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPrivateKey)
|
||||||
|
|
||||||
|
typedef struct rsa_pss_params_st {
|
||||||
|
X509_ALGOR *hashAlgorithm;
|
||||||
|
X509_ALGOR *maskGenAlgorithm;
|
||||||
|
ASN1_INTEGER *saltLength;
|
||||||
|
ASN1_INTEGER *trailerField;
|
||||||
|
} RSA_PSS_PARAMS;
|
||||||
|
|
||||||
|
DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
|
||||||
|
|
||||||
|
typedef struct rsa_oaep_params_st {
|
||||||
|
X509_ALGOR *hashFunc;
|
||||||
|
X509_ALGOR *maskGenFunc;
|
||||||
|
X509_ALGOR *pSourceFunc;
|
||||||
|
} RSA_OAEP_PARAMS;
|
||||||
|
|
||||||
|
DECLARE_ASN1_FUNCTIONS(RSA_OAEP_PARAMS)
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_FP_API
|
||||||
|
int RSA_print_fp(FILE *fp, const RSA *r, int offset);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_BIO
|
||||||
|
int RSA_print(BIO *bp, const RSA *r, int offset);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_RC4
|
||||||
|
int i2d_RSA_NET(const RSA *a, unsigned char **pp,
|
||||||
|
int (*cb) (char *buf, int len, const char *prompt,
|
||||||
|
int verify), int sgckey);
|
||||||
|
RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length,
|
||||||
|
int (*cb) (char *buf, int len, const char *prompt,
|
||||||
|
int verify), int sgckey);
|
||||||
|
|
||||||
|
int i2d_Netscape_RSA(const RSA *a, unsigned char **pp,
|
||||||
|
int (*cb) (char *buf, int len, const char *prompt,
|
||||||
|
int verify));
|
||||||
|
RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length,
|
||||||
|
int (*cb) (char *buf, int len, const char *prompt,
|
||||||
|
int verify));
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The following 2 functions sign and verify a X509_SIG ASN1 object inside
|
||||||
|
* PKCS#1 padded RSA encryption
|
||||||
|
*/
|
||||||
|
int RSA_sign(int type, const unsigned char *m, unsigned int m_length,
|
||||||
|
unsigned char *sigret, unsigned int *siglen, RSA *rsa);
|
||||||
|
int RSA_verify(int type, const unsigned char *m, unsigned int m_length,
|
||||||
|
const unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The following 2 function sign and verify a ASN1_OCTET_STRING object inside
|
||||||
|
* PKCS#1 padded RSA encryption
|
||||||
|
*/
|
||||||
|
int RSA_sign_ASN1_OCTET_STRING(int type,
|
||||||
|
const unsigned char *m, unsigned int m_length,
|
||||||
|
unsigned char *sigret, unsigned int *siglen,
|
||||||
|
RSA *rsa);
|
||||||
|
int RSA_verify_ASN1_OCTET_STRING(int type, const unsigned char *m,
|
||||||
|
unsigned int m_length, unsigned char *sigbuf,
|
||||||
|
unsigned int siglen, RSA *rsa);
|
||||||
|
|
||||||
|
int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
|
||||||
|
void RSA_blinding_off(RSA *rsa);
|
||||||
|
BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *ctx);
|
||||||
|
|
||||||
|
int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
|
||||||
|
const unsigned char *f, int fl);
|
||||||
|
int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
|
||||||
|
const unsigned char *f, int fl,
|
||||||
|
int rsa_len);
|
||||||
|
int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
|
||||||
|
const unsigned char *f, int fl);
|
||||||
|
int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
|
||||||
|
const unsigned char *f, int fl,
|
||||||
|
int rsa_len);
|
||||||
|
int PKCS1_MGF1(unsigned char *mask, long len, const unsigned char *seed,
|
||||||
|
long seedlen, const EVP_MD *dgst);
|
||||||
|
int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
|
||||||
|
const unsigned char *f, int fl,
|
||||||
|
const unsigned char *p, int pl);
|
||||||
|
int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
|
||||||
|
const unsigned char *f, int fl, int rsa_len,
|
||||||
|
const unsigned char *p, int pl);
|
||||||
|
int RSA_padding_add_PKCS1_OAEP_mgf1(unsigned char *to, int tlen,
|
||||||
|
const unsigned char *from, int flen,
|
||||||
|
const unsigned char *param, int plen,
|
||||||
|
const EVP_MD *md, const EVP_MD *mgf1md);
|
||||||
|
int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen,
|
||||||
|
const unsigned char *from, int flen,
|
||||||
|
int num, const unsigned char *param,
|
||||||
|
int plen, const EVP_MD *md,
|
||||||
|
const EVP_MD *mgf1md);
|
||||||
|
int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
|
||||||
|
const unsigned char *f, int fl);
|
||||||
|
int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
|
||||||
|
const unsigned char *f, int fl, int rsa_len);
|
||||||
|
int RSA_padding_add_none(unsigned char *to, int tlen, const unsigned char *f,
|
||||||
|
int fl);
|
||||||
|
int RSA_padding_check_none(unsigned char *to, int tlen,
|
||||||
|
const unsigned char *f, int fl, int rsa_len);
|
||||||
|
int RSA_padding_add_X931(unsigned char *to, int tlen, const unsigned char *f,
|
||||||
|
int fl);
|
||||||
|
int RSA_padding_check_X931(unsigned char *to, int tlen,
|
||||||
|
const unsigned char *f, int fl, int rsa_len);
|
||||||
|
int RSA_X931_hash_id(int nid);
|
||||||
|
|
||||||
|
int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
|
||||||
|
const EVP_MD *Hash, const unsigned char *EM,
|
||||||
|
int sLen);
|
||||||
|
int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
|
||||||
|
const unsigned char *mHash, const EVP_MD *Hash,
|
||||||
|
int sLen);
|
||||||
|
|
||||||
|
int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
|
||||||
|
const EVP_MD *Hash, const EVP_MD *mgf1Hash,
|
||||||
|
const unsigned char *EM, int sLen);
|
||||||
|
|
||||||
|
int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
|
||||||
|
const unsigned char *mHash,
|
||||||
|
const EVP_MD *Hash, const EVP_MD *mgf1Hash,
|
||||||
|
int sLen);
|
||||||
|
|
||||||
|
int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
|
||||||
|
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
|
||||||
|
int RSA_set_ex_data(RSA *r, int idx, void *arg);
|
||||||
|
void *RSA_get_ex_data(const RSA *r, int idx);
|
||||||
|
|
||||||
|
RSA *RSAPublicKey_dup(RSA *rsa);
|
||||||
|
RSA *RSAPrivateKey_dup(RSA *rsa);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If this flag is set the RSA method is FIPS compliant and can be used in
|
||||||
|
* FIPS mode. This is set in the validated module method. If an application
|
||||||
|
* sets this flag in its own methods it is its responsibility to ensure the
|
||||||
|
* result is compliant.
|
||||||
|
*/
|
||||||
|
|
||||||
|
# define RSA_FLAG_FIPS_METHOD 0x0400
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If this flag is set the operations normally disabled in FIPS mode are
|
||||||
|
* permitted it is then the applications responsibility to ensure that the
|
||||||
|
* usage is compliant.
|
||||||
|
*/
|
||||||
|
|
||||||
|
# define RSA_FLAG_NON_FIPS_ALLOW 0x0400
|
||||||
|
/*
|
||||||
|
* Application has decided PRNG is good enough to generate a key: don't
|
||||||
|
* check.
|
||||||
|
*/
|
||||||
|
# define RSA_FLAG_CHECKED 0x0800
|
||||||
|
|
||||||
|
/* BEGIN ERROR CODES */
|
||||||
|
/*
|
||||||
|
* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||||
|
* made after this point may be overwritten when the script is next run.
|
||||||
|
*/
|
||||||
|
void ERR_load_RSA_strings(void);
|
||||||
|
|
||||||
|
/* Error codes for the RSA functions. */
|
||||||
|
|
||||||
|
/* Function codes. */
|
||||||
|
# define RSA_F_CHECK_PADDING_MD 140
|
||||||
|
# define RSA_F_DO_RSA_PRINT 146
|
||||||
|
# define RSA_F_INT_RSA_VERIFY 145
|
||||||
|
# define RSA_F_MEMORY_LOCK 100
|
||||||
|
# define RSA_F_OLD_RSA_PRIV_DECODE 147
|
||||||
|
# define RSA_F_PKEY_RSA_CTRL 143
|
||||||
|
# define RSA_F_PKEY_RSA_CTRL_STR 144
|
||||||
|
# define RSA_F_PKEY_RSA_SIGN 142
|
||||||
|
# define RSA_F_PKEY_RSA_VERIFY 154
|
||||||
|
# define RSA_F_PKEY_RSA_VERIFYRECOVER 141
|
||||||
|
# define RSA_F_RSA_ALGOR_TO_MD 157
|
||||||
|
# define RSA_F_RSA_BUILTIN_KEYGEN 129
|
||||||
|
# define RSA_F_RSA_CHECK_KEY 123
|
||||||
|
# define RSA_F_RSA_CMS_DECRYPT 158
|
||||||
|
# define RSA_F_RSA_EAY_PRIVATE_DECRYPT 101
|
||||||
|
# define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 102
|
||||||
|
# define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103
|
||||||
|
# define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104
|
||||||
|
# define RSA_F_RSA_GENERATE_KEY 105
|
||||||
|
# define RSA_F_RSA_GENERATE_KEY_EX 155
|
||||||
|
# define RSA_F_RSA_ITEM_VERIFY 156
|
||||||
|
# define RSA_F_RSA_MEMORY_LOCK 130
|
||||||
|
# define RSA_F_RSA_MGF1_TO_MD 159
|
||||||
|
# define RSA_F_RSA_NEW_METHOD 106
|
||||||
|
# define RSA_F_RSA_NULL 124
|
||||||
|
# define RSA_F_RSA_NULL_MOD_EXP 131
|
||||||
|
# define RSA_F_RSA_NULL_PRIVATE_DECRYPT 132
|
||||||
|
# define RSA_F_RSA_NULL_PRIVATE_ENCRYPT 133
|
||||||
|
# define RSA_F_RSA_NULL_PUBLIC_DECRYPT 134
|
||||||
|
# define RSA_F_RSA_NULL_PUBLIC_ENCRYPT 135
|
||||||
|
# define RSA_F_RSA_PADDING_ADD_NONE 107
|
||||||
|
# define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121
|
||||||
|
# define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1 160
|
||||||
|
# define RSA_F_RSA_PADDING_ADD_PKCS1_PSS 125
|
||||||
|
# define RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1 148
|
||||||
|
# define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108
|
||||||
|
# define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 109
|
||||||
|
# define RSA_F_RSA_PADDING_ADD_SSLV23 110
|
||||||
|
# define RSA_F_RSA_PADDING_ADD_X931 127
|
||||||
|
# define RSA_F_RSA_PADDING_CHECK_NONE 111
|
||||||
|
# define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP 122
|
||||||
|
# define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1 161
|
||||||
|
# define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 112
|
||||||
|
# define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 113
|
||||||
|
# define RSA_F_RSA_PADDING_CHECK_SSLV23 114
|
||||||
|
# define RSA_F_RSA_PADDING_CHECK_X931 128
|
||||||
|
# define RSA_F_RSA_PRINT 115
|
||||||
|
# define RSA_F_RSA_PRINT_FP 116
|
||||||
|
# define RSA_F_RSA_PRIVATE_DECRYPT 150
|
||||||
|
# define RSA_F_RSA_PRIVATE_ENCRYPT 151
|
||||||
|
# define RSA_F_RSA_PRIV_DECODE 137
|
||||||
|
# define RSA_F_RSA_PRIV_ENCODE 138
|
||||||
|
# define RSA_F_RSA_PSS_TO_CTX 162
|
||||||
|
# define RSA_F_RSA_PUBLIC_DECRYPT 152
|
||||||
|
# define RSA_F_RSA_PUBLIC_ENCRYPT 153
|
||||||
|
# define RSA_F_RSA_PUB_DECODE 139
|
||||||
|
# define RSA_F_RSA_SETUP_BLINDING 136
|
||||||
|
# define RSA_F_RSA_SIGN 117
|
||||||
|
# define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118
|
||||||
|
# define RSA_F_RSA_VERIFY 119
|
||||||
|
# define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 120
|
||||||
|
# define RSA_F_RSA_VERIFY_PKCS1_PSS 126
|
||||||
|
# define RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1 149
|
||||||
|
|
||||||
|
/* Reason codes. */
|
||||||
|
# define RSA_R_ALGORITHM_MISMATCH 100
|
||||||
|
# define RSA_R_BAD_E_VALUE 101
|
||||||
|
# define RSA_R_BAD_FIXED_HEADER_DECRYPT 102
|
||||||
|
# define RSA_R_BAD_PAD_BYTE_COUNT 103
|
||||||
|
# define RSA_R_BAD_SIGNATURE 104
|
||||||
|
# define RSA_R_BLOCK_TYPE_IS_NOT_01 106
|
||||||
|
# define RSA_R_BLOCK_TYPE_IS_NOT_02 107
|
||||||
|
# define RSA_R_DATA_GREATER_THAN_MOD_LEN 108
|
||||||
|
# define RSA_R_DATA_TOO_LARGE 109
|
||||||
|
# define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 110
|
||||||
|
# define RSA_R_DATA_TOO_LARGE_FOR_MODULUS 132
|
||||||
|
# define RSA_R_DATA_TOO_SMALL 111
|
||||||
|
# define RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE 122
|
||||||
|
# define RSA_R_DIGEST_DOES_NOT_MATCH 166
|
||||||
|
# define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY 112
|
||||||
|
# define RSA_R_DMP1_NOT_CONGRUENT_TO_D 124
|
||||||
|
# define RSA_R_DMQ1_NOT_CONGRUENT_TO_D 125
|
||||||
|
# define RSA_R_D_E_NOT_CONGRUENT_TO_1 123
|
||||||
|
# define RSA_R_FIRST_OCTET_INVALID 133
|
||||||
|
# define RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE 144
|
||||||
|
# define RSA_R_INVALID_DIGEST 160
|
||||||
|
# define RSA_R_INVALID_DIGEST_LENGTH 143
|
||||||
|
# define RSA_R_INVALID_HEADER 137
|
||||||
|
# define RSA_R_INVALID_KEYBITS 145
|
||||||
|
# define RSA_R_INVALID_LABEL 161
|
||||||
|
# define RSA_R_INVALID_MESSAGE_LENGTH 131
|
||||||
|
# define RSA_R_INVALID_MGF1_MD 156
|
||||||
|
# define RSA_R_INVALID_OAEP_PARAMETERS 162
|
||||||
|
# define RSA_R_INVALID_PADDING 138
|
||||||
|
# define RSA_R_INVALID_PADDING_MODE 141
|
||||||
|
# define RSA_R_INVALID_PSS_PARAMETERS 149
|
||||||
|
# define RSA_R_INVALID_PSS_SALTLEN 146
|
||||||
|
# define RSA_R_INVALID_SALT_LENGTH 150
|
||||||
|
# define RSA_R_INVALID_TRAILER 139
|
||||||
|
# define RSA_R_INVALID_X931_DIGEST 142
|
||||||
|
# define RSA_R_IQMP_NOT_INVERSE_OF_Q 126
|
||||||
|
# define RSA_R_KEY_SIZE_TOO_SMALL 120
|
||||||
|
# define RSA_R_LAST_OCTET_INVALID 134
|
||||||
|
# define RSA_R_MODULUS_TOO_LARGE 105
|
||||||
|
# define RSA_R_NON_FIPS_RSA_METHOD 157
|
||||||
|
# define RSA_R_NO_PUBLIC_EXPONENT 140
|
||||||
|
# define RSA_R_NULL_BEFORE_BLOCK_MISSING 113
|
||||||
|
# define RSA_R_N_DOES_NOT_EQUAL_P_Q 127
|
||||||
|
# define RSA_R_OAEP_DECODING_ERROR 121
|
||||||
|
# define RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 158
|
||||||
|
# define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 148
|
||||||
|
# define RSA_R_PADDING_CHECK_FAILED 114
|
||||||
|
# define RSA_R_PKCS_DECODING_ERROR 159
|
||||||
|
# define RSA_R_P_NOT_PRIME 128
|
||||||
|
# define RSA_R_Q_NOT_PRIME 129
|
||||||
|
# define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED 130
|
||||||
|
# define RSA_R_SLEN_CHECK_FAILED 136
|
||||||
|
# define RSA_R_SLEN_RECOVERY_FAILED 135
|
||||||
|
# define RSA_R_SSLV3_ROLLBACK_ATTACK 115
|
||||||
|
# define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
|
||||||
|
# define RSA_R_UNKNOWN_ALGORITHM_TYPE 117
|
||||||
|
# define RSA_R_UNKNOWN_DIGEST 163
|
||||||
|
# define RSA_R_UNKNOWN_MASK_DIGEST 151
|
||||||
|
# define RSA_R_UNKNOWN_PADDING_TYPE 118
|
||||||
|
# define RSA_R_UNKNOWN_PSS_DIGEST 152
|
||||||
|
# define RSA_R_UNSUPPORTED_ENCRYPTION_TYPE 164
|
||||||
|
# define RSA_R_UNSUPPORTED_LABEL_SOURCE 165
|
||||||
|
# define RSA_R_UNSUPPORTED_MASK_ALGORITHM 153
|
||||||
|
# define RSA_R_UNSUPPORTED_MASK_PARAMETER 154
|
||||||
|
# define RSA_R_UNSUPPORTED_SIGNATURE_TYPE 155
|
||||||
|
# define RSA_R_VALUE_MISSING 147
|
||||||
|
# define RSA_R_WRONG_SIGNATURE_LENGTH 119
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,214 @@
|
||||||
|
/* crypto/sha/sha.h */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_SHA_H
|
||||||
|
# define HEADER_SHA_H
|
||||||
|
|
||||||
|
# include <openssl/e_os2.h>
|
||||||
|
# include <stddef.h>
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
# if defined(OPENSSL_NO_SHA) || (defined(OPENSSL_NO_SHA0) && defined(OPENSSL_NO_SHA1))
|
||||||
|
# error SHA is disabled.
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# if defined(OPENSSL_FIPS)
|
||||||
|
# define FIPS_SHA_SIZE_T size_t
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/*-
|
||||||
|
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
||||||
|
* ! SHA_LONG has to be at least 32 bits wide. If it's wider, then !
|
||||||
|
* ! SHA_LONG_LOG2 has to be defined along. !
|
||||||
|
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
||||||
|
*/
|
||||||
|
|
||||||
|
# if defined(__LP32__)
|
||||||
|
# define SHA_LONG unsigned long
|
||||||
|
# elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
|
||||||
|
# define SHA_LONG unsigned long
|
||||||
|
# define SHA_LONG_LOG2 3
|
||||||
|
# else
|
||||||
|
# define SHA_LONG unsigned int
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# define SHA_LBLOCK 16
|
||||||
|
# define SHA_CBLOCK (SHA_LBLOCK*4)/* SHA treats input data as a
|
||||||
|
* contiguous array of 32 bit wide
|
||||||
|
* big-endian values. */
|
||||||
|
# define SHA_LAST_BLOCK (SHA_CBLOCK-8)
|
||||||
|
# define SHA_DIGEST_LENGTH 20
|
||||||
|
|
||||||
|
typedef struct SHAstate_st {
|
||||||
|
SHA_LONG h0, h1, h2, h3, h4;
|
||||||
|
SHA_LONG Nl, Nh;
|
||||||
|
SHA_LONG data[SHA_LBLOCK];
|
||||||
|
unsigned int num;
|
||||||
|
} SHA_CTX;
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_SHA0
|
||||||
|
# ifdef OPENSSL_FIPS
|
||||||
|
int private_SHA_Init(SHA_CTX *c);
|
||||||
|
# endif
|
||||||
|
int SHA_Init(SHA_CTX *c);
|
||||||
|
int SHA_Update(SHA_CTX *c, const void *data, size_t len);
|
||||||
|
int SHA_Final(unsigned char *md, SHA_CTX *c);
|
||||||
|
unsigned char *SHA(const unsigned char *d, size_t n, unsigned char *md);
|
||||||
|
void SHA_Transform(SHA_CTX *c, const unsigned char *data);
|
||||||
|
# endif
|
||||||
|
# ifndef OPENSSL_NO_SHA1
|
||||||
|
# ifdef OPENSSL_FIPS
|
||||||
|
int private_SHA1_Init(SHA_CTX *c);
|
||||||
|
# endif
|
||||||
|
int SHA1_Init(SHA_CTX *c);
|
||||||
|
int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
|
||||||
|
int SHA1_Final(unsigned char *md, SHA_CTX *c);
|
||||||
|
unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md);
|
||||||
|
void SHA1_Transform(SHA_CTX *c, const unsigned char *data);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# define SHA256_CBLOCK (SHA_LBLOCK*4)/* SHA-256 treats input data as a
|
||||||
|
* contiguous array of 32 bit wide
|
||||||
|
* big-endian values. */
|
||||||
|
# define SHA224_DIGEST_LENGTH 28
|
||||||
|
# define SHA256_DIGEST_LENGTH 32
|
||||||
|
|
||||||
|
typedef struct SHA256state_st {
|
||||||
|
SHA_LONG h[8];
|
||||||
|
SHA_LONG Nl, Nh;
|
||||||
|
SHA_LONG data[SHA_LBLOCK];
|
||||||
|
unsigned int num, md_len;
|
||||||
|
} SHA256_CTX;
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_SHA256
|
||||||
|
# ifdef OPENSSL_FIPS
|
||||||
|
int private_SHA224_Init(SHA256_CTX *c);
|
||||||
|
int private_SHA256_Init(SHA256_CTX *c);
|
||||||
|
# endif
|
||||||
|
int SHA224_Init(SHA256_CTX *c);
|
||||||
|
int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
|
||||||
|
int SHA224_Final(unsigned char *md, SHA256_CTX *c);
|
||||||
|
unsigned char *SHA224(const unsigned char *d, size_t n, unsigned char *md);
|
||||||
|
int SHA256_Init(SHA256_CTX *c);
|
||||||
|
int SHA256_Update(SHA256_CTX *c, const void *data, size_t len);
|
||||||
|
int SHA256_Final(unsigned char *md, SHA256_CTX *c);
|
||||||
|
unsigned char *SHA256(const unsigned char *d, size_t n, unsigned char *md);
|
||||||
|
void SHA256_Transform(SHA256_CTX *c, const unsigned char *data);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# define SHA384_DIGEST_LENGTH 48
|
||||||
|
# define SHA512_DIGEST_LENGTH 64
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_SHA512
|
||||||
|
/*
|
||||||
|
* Unlike 32-bit digest algorithms, SHA-512 *relies* on SHA_LONG64
|
||||||
|
* being exactly 64-bit wide. See Implementation Notes in sha512.c
|
||||||
|
* for further details.
|
||||||
|
*/
|
||||||
|
/*
|
||||||
|
* SHA-512 treats input data as a
|
||||||
|
* contiguous array of 64 bit
|
||||||
|
* wide big-endian values.
|
||||||
|
*/
|
||||||
|
# define SHA512_CBLOCK (SHA_LBLOCK*8)
|
||||||
|
# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
|
||||||
|
# define SHA_LONG64 unsigned __int64
|
||||||
|
# define U64(C) C##UI64
|
||||||
|
# elif defined(__arch64__)
|
||||||
|
# define SHA_LONG64 unsigned long
|
||||||
|
# define U64(C) C##UL
|
||||||
|
# else
|
||||||
|
# define SHA_LONG64 unsigned long long
|
||||||
|
# define U64(C) C##ULL
|
||||||
|
# endif
|
||||||
|
|
||||||
|
typedef struct SHA512state_st {
|
||||||
|
SHA_LONG64 h[8];
|
||||||
|
SHA_LONG64 Nl, Nh;
|
||||||
|
union {
|
||||||
|
SHA_LONG64 d[SHA_LBLOCK];
|
||||||
|
unsigned char p[SHA512_CBLOCK];
|
||||||
|
} u;
|
||||||
|
unsigned int num, md_len;
|
||||||
|
} SHA512_CTX;
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_SHA512
|
||||||
|
# ifdef OPENSSL_FIPS
|
||||||
|
int private_SHA384_Init(SHA512_CTX *c);
|
||||||
|
int private_SHA512_Init(SHA512_CTX *c);
|
||||||
|
# endif
|
||||||
|
int SHA384_Init(SHA512_CTX *c);
|
||||||
|
int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
|
||||||
|
int SHA384_Final(unsigned char *md, SHA512_CTX *c);
|
||||||
|
unsigned char *SHA384(const unsigned char *d, size_t n, unsigned char *md);
|
||||||
|
int SHA512_Init(SHA512_CTX *c);
|
||||||
|
int SHA512_Update(SHA512_CTX *c, const void *data, size_t len);
|
||||||
|
int SHA512_Final(unsigned char *md, SHA512_CTX *c);
|
||||||
|
unsigned char *SHA512(const unsigned char *d, size_t n, unsigned char *md);
|
||||||
|
void SHA512_Transform(SHA512_CTX *c, const unsigned char *data);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#endif
|
|
@ -0,0 +1,147 @@
|
||||||
|
/* ssl/srtp.h */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* openssl-core@openssl.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
/*
|
||||||
|
* DTLS code by Eric Rescorla <ekr@rtfm.com>
|
||||||
|
*
|
||||||
|
* Copyright (C) 2006, Network Resonance, Inc. Copyright (C) 2011, RTFM, Inc.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_D1_SRTP_H
|
||||||
|
# define HEADER_D1_SRTP_H
|
||||||
|
|
||||||
|
# include <openssl/ssl.h>
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
# define SRTP_AES128_CM_SHA1_80 0x0001
|
||||||
|
# define SRTP_AES128_CM_SHA1_32 0x0002
|
||||||
|
# define SRTP_AES128_F8_SHA1_80 0x0003
|
||||||
|
# define SRTP_AES128_F8_SHA1_32 0x0004
|
||||||
|
# define SRTP_NULL_SHA1_80 0x0005
|
||||||
|
# define SRTP_NULL_SHA1_32 0x0006
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_SRTP
|
||||||
|
|
||||||
|
int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles);
|
||||||
|
int SSL_set_tlsext_use_srtp(SSL *ctx, const char *profiles);
|
||||||
|
|
||||||
|
STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *ssl);
|
||||||
|
SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s);
|
||||||
|
|
||||||
|
# endif
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#endif
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,265 @@
|
||||||
|
/* ssl/ssl2.h */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_SSL2_H
|
||||||
|
# define HEADER_SSL2_H
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* Protocol Version Codes */
|
||||||
|
# define SSL2_VERSION 0x0002
|
||||||
|
# define SSL2_VERSION_MAJOR 0x00
|
||||||
|
# define SSL2_VERSION_MINOR 0x02
|
||||||
|
/* #define SSL2_CLIENT_VERSION 0x0002 */
|
||||||
|
/* #define SSL2_SERVER_VERSION 0x0002 */
|
||||||
|
|
||||||
|
/* Protocol Message Codes */
|
||||||
|
# define SSL2_MT_ERROR 0
|
||||||
|
# define SSL2_MT_CLIENT_HELLO 1
|
||||||
|
# define SSL2_MT_CLIENT_MASTER_KEY 2
|
||||||
|
# define SSL2_MT_CLIENT_FINISHED 3
|
||||||
|
# define SSL2_MT_SERVER_HELLO 4
|
||||||
|
# define SSL2_MT_SERVER_VERIFY 5
|
||||||
|
# define SSL2_MT_SERVER_FINISHED 6
|
||||||
|
# define SSL2_MT_REQUEST_CERTIFICATE 7
|
||||||
|
# define SSL2_MT_CLIENT_CERTIFICATE 8
|
||||||
|
|
||||||
|
/* Error Message Codes */
|
||||||
|
# define SSL2_PE_UNDEFINED_ERROR 0x0000
|
||||||
|
# define SSL2_PE_NO_CIPHER 0x0001
|
||||||
|
# define SSL2_PE_NO_CERTIFICATE 0x0002
|
||||||
|
# define SSL2_PE_BAD_CERTIFICATE 0x0004
|
||||||
|
# define SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE 0x0006
|
||||||
|
|
||||||
|
/* Cipher Kind Values */
|
||||||
|
# define SSL2_CK_NULL_WITH_MD5 0x02000000/* v3 */
|
||||||
|
# define SSL2_CK_RC4_128_WITH_MD5 0x02010080
|
||||||
|
# define SSL2_CK_RC4_128_EXPORT40_WITH_MD5 0x02020080
|
||||||
|
# define SSL2_CK_RC2_128_CBC_WITH_MD5 0x02030080
|
||||||
|
# define SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5 0x02040080
|
||||||
|
# define SSL2_CK_IDEA_128_CBC_WITH_MD5 0x02050080
|
||||||
|
# define SSL2_CK_DES_64_CBC_WITH_MD5 0x02060040
|
||||||
|
# define SSL2_CK_DES_64_CBC_WITH_SHA 0x02060140/* v3 */
|
||||||
|
# define SSL2_CK_DES_192_EDE3_CBC_WITH_MD5 0x020700c0
|
||||||
|
# define SSL2_CK_DES_192_EDE3_CBC_WITH_SHA 0x020701c0/* v3 */
|
||||||
|
# define SSL2_CK_RC4_64_WITH_MD5 0x02080080/* MS hack */
|
||||||
|
|
||||||
|
# define SSL2_CK_DES_64_CFB64_WITH_MD5_1 0x02ff0800/* SSLeay */
|
||||||
|
# define SSL2_CK_NULL 0x02ff0810/* SSLeay */
|
||||||
|
|
||||||
|
# define SSL2_TXT_DES_64_CFB64_WITH_MD5_1 "DES-CFB-M1"
|
||||||
|
# define SSL2_TXT_NULL_WITH_MD5 "NULL-MD5"
|
||||||
|
# define SSL2_TXT_RC4_128_WITH_MD5 "RC4-MD5"
|
||||||
|
# define SSL2_TXT_RC4_128_EXPORT40_WITH_MD5 "EXP-RC4-MD5"
|
||||||
|
# define SSL2_TXT_RC2_128_CBC_WITH_MD5 "RC2-CBC-MD5"
|
||||||
|
# define SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 "EXP-RC2-CBC-MD5"
|
||||||
|
# define SSL2_TXT_IDEA_128_CBC_WITH_MD5 "IDEA-CBC-MD5"
|
||||||
|
# define SSL2_TXT_DES_64_CBC_WITH_MD5 "DES-CBC-MD5"
|
||||||
|
# define SSL2_TXT_DES_64_CBC_WITH_SHA "DES-CBC-SHA"
|
||||||
|
# define SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5 "DES-CBC3-MD5"
|
||||||
|
# define SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA "DES-CBC3-SHA"
|
||||||
|
# define SSL2_TXT_RC4_64_WITH_MD5 "RC4-64-MD5"
|
||||||
|
|
||||||
|
# define SSL2_TXT_NULL "NULL"
|
||||||
|
|
||||||
|
/* Flags for the SSL_CIPHER.algorithm2 field */
|
||||||
|
# define SSL2_CF_5_BYTE_ENC 0x01
|
||||||
|
# define SSL2_CF_8_BYTE_ENC 0x02
|
||||||
|
|
||||||
|
/* Certificate Type Codes */
|
||||||
|
# define SSL2_CT_X509_CERTIFICATE 0x01
|
||||||
|
|
||||||
|
/* Authentication Type Code */
|
||||||
|
# define SSL2_AT_MD5_WITH_RSA_ENCRYPTION 0x01
|
||||||
|
|
||||||
|
# define SSL2_MAX_SSL_SESSION_ID_LENGTH 32
|
||||||
|
|
||||||
|
/* Upper/Lower Bounds */
|
||||||
|
# define SSL2_MAX_MASTER_KEY_LENGTH_IN_BITS 256
|
||||||
|
# ifdef OPENSSL_SYS_MPE
|
||||||
|
# define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER 29998u
|
||||||
|
# else
|
||||||
|
# define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER 32767u
|
||||||
|
/* 2^15-1 */
|
||||||
|
# endif
|
||||||
|
# define SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER 16383/* 2^14-1 */
|
||||||
|
|
||||||
|
# define SSL2_CHALLENGE_LENGTH 16
|
||||||
|
/*
|
||||||
|
* #define SSL2_CHALLENGE_LENGTH 32
|
||||||
|
*/
|
||||||
|
# define SSL2_MIN_CHALLENGE_LENGTH 16
|
||||||
|
# define SSL2_MAX_CHALLENGE_LENGTH 32
|
||||||
|
# define SSL2_CONNECTION_ID_LENGTH 16
|
||||||
|
# define SSL2_MAX_CONNECTION_ID_LENGTH 16
|
||||||
|
# define SSL2_SSL_SESSION_ID_LENGTH 16
|
||||||
|
# define SSL2_MAX_CERT_CHALLENGE_LENGTH 32
|
||||||
|
# define SSL2_MIN_CERT_CHALLENGE_LENGTH 16
|
||||||
|
# define SSL2_MAX_KEY_MATERIAL_LENGTH 24
|
||||||
|
|
||||||
|
# ifndef HEADER_SSL_LOCL_H
|
||||||
|
# define CERT char
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_SSL_INTERN
|
||||||
|
|
||||||
|
typedef struct ssl2_state_st {
|
||||||
|
int three_byte_header;
|
||||||
|
int clear_text; /* clear text */
|
||||||
|
int escape; /* not used in SSLv2 */
|
||||||
|
int ssl2_rollback; /* used if SSLv23 rolled back to SSLv2 */
|
||||||
|
/*
|
||||||
|
* non-blocking io info, used to make sure the same args were passwd
|
||||||
|
*/
|
||||||
|
unsigned int wnum; /* number of bytes sent so far */
|
||||||
|
int wpend_tot;
|
||||||
|
const unsigned char *wpend_buf;
|
||||||
|
int wpend_off; /* offset to data to write */
|
||||||
|
int wpend_len; /* number of bytes passwd to write */
|
||||||
|
int wpend_ret; /* number of bytes to return to caller */
|
||||||
|
/* buffer raw data */
|
||||||
|
int rbuf_left;
|
||||||
|
int rbuf_offs;
|
||||||
|
unsigned char *rbuf;
|
||||||
|
unsigned char *wbuf;
|
||||||
|
unsigned char *write_ptr; /* used to point to the start due to 2/3 byte
|
||||||
|
* header. */
|
||||||
|
unsigned int padding;
|
||||||
|
unsigned int rlength; /* passed to ssl2_enc */
|
||||||
|
int ract_data_length; /* Set when things are encrypted. */
|
||||||
|
unsigned int wlength; /* passed to ssl2_enc */
|
||||||
|
int wact_data_length; /* Set when things are decrypted. */
|
||||||
|
unsigned char *ract_data;
|
||||||
|
unsigned char *wact_data;
|
||||||
|
unsigned char *mac_data;
|
||||||
|
unsigned char *read_key;
|
||||||
|
unsigned char *write_key;
|
||||||
|
/* Stuff specifically to do with this SSL session */
|
||||||
|
unsigned int challenge_length;
|
||||||
|
unsigned char challenge[SSL2_MAX_CHALLENGE_LENGTH];
|
||||||
|
unsigned int conn_id_length;
|
||||||
|
unsigned char conn_id[SSL2_MAX_CONNECTION_ID_LENGTH];
|
||||||
|
unsigned int key_material_length;
|
||||||
|
unsigned char key_material[SSL2_MAX_KEY_MATERIAL_LENGTH * 2];
|
||||||
|
unsigned long read_sequence;
|
||||||
|
unsigned long write_sequence;
|
||||||
|
struct {
|
||||||
|
unsigned int conn_id_length;
|
||||||
|
unsigned int cert_type;
|
||||||
|
unsigned int cert_length;
|
||||||
|
unsigned int csl;
|
||||||
|
unsigned int clear;
|
||||||
|
unsigned int enc;
|
||||||
|
unsigned char ccl[SSL2_MAX_CERT_CHALLENGE_LENGTH];
|
||||||
|
unsigned int cipher_spec_length;
|
||||||
|
unsigned int session_id_length;
|
||||||
|
unsigned int clen;
|
||||||
|
unsigned int rlen;
|
||||||
|
} tmp;
|
||||||
|
} SSL2_STATE;
|
||||||
|
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* SSLv2 */
|
||||||
|
/* client */
|
||||||
|
# define SSL2_ST_SEND_CLIENT_HELLO_A (0x10|SSL_ST_CONNECT)
|
||||||
|
# define SSL2_ST_SEND_CLIENT_HELLO_B (0x11|SSL_ST_CONNECT)
|
||||||
|
# define SSL2_ST_GET_SERVER_HELLO_A (0x20|SSL_ST_CONNECT)
|
||||||
|
# define SSL2_ST_GET_SERVER_HELLO_B (0x21|SSL_ST_CONNECT)
|
||||||
|
# define SSL2_ST_SEND_CLIENT_MASTER_KEY_A (0x30|SSL_ST_CONNECT)
|
||||||
|
# define SSL2_ST_SEND_CLIENT_MASTER_KEY_B (0x31|SSL_ST_CONNECT)
|
||||||
|
# define SSL2_ST_SEND_CLIENT_FINISHED_A (0x40|SSL_ST_CONNECT)
|
||||||
|
# define SSL2_ST_SEND_CLIENT_FINISHED_B (0x41|SSL_ST_CONNECT)
|
||||||
|
# define SSL2_ST_SEND_CLIENT_CERTIFICATE_A (0x50|SSL_ST_CONNECT)
|
||||||
|
# define SSL2_ST_SEND_CLIENT_CERTIFICATE_B (0x51|SSL_ST_CONNECT)
|
||||||
|
# define SSL2_ST_SEND_CLIENT_CERTIFICATE_C (0x52|SSL_ST_CONNECT)
|
||||||
|
# define SSL2_ST_SEND_CLIENT_CERTIFICATE_D (0x53|SSL_ST_CONNECT)
|
||||||
|
# define SSL2_ST_GET_SERVER_VERIFY_A (0x60|SSL_ST_CONNECT)
|
||||||
|
# define SSL2_ST_GET_SERVER_VERIFY_B (0x61|SSL_ST_CONNECT)
|
||||||
|
# define SSL2_ST_GET_SERVER_FINISHED_A (0x70|SSL_ST_CONNECT)
|
||||||
|
# define SSL2_ST_GET_SERVER_FINISHED_B (0x71|SSL_ST_CONNECT)
|
||||||
|
# define SSL2_ST_CLIENT_START_ENCRYPTION (0x80|SSL_ST_CONNECT)
|
||||||
|
# define SSL2_ST_X509_GET_CLIENT_CERTIFICATE (0x90|SSL_ST_CONNECT)
|
||||||
|
/* server */
|
||||||
|
# define SSL2_ST_GET_CLIENT_HELLO_A (0x10|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_GET_CLIENT_HELLO_B (0x11|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_GET_CLIENT_HELLO_C (0x12|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_SEND_SERVER_HELLO_A (0x20|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_SEND_SERVER_HELLO_B (0x21|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_GET_CLIENT_MASTER_KEY_A (0x30|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_GET_CLIENT_MASTER_KEY_B (0x31|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_SEND_SERVER_VERIFY_A (0x40|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_SEND_SERVER_VERIFY_B (0x41|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_SEND_SERVER_VERIFY_C (0x42|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_GET_CLIENT_FINISHED_A (0x50|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_GET_CLIENT_FINISHED_B (0x51|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_SEND_SERVER_FINISHED_A (0x60|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_SEND_SERVER_FINISHED_B (0x61|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_SEND_REQUEST_CERTIFICATE_A (0x70|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_SEND_REQUEST_CERTIFICATE_B (0x71|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_SEND_REQUEST_CERTIFICATE_C (0x72|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_SEND_REQUEST_CERTIFICATE_D (0x73|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_SERVER_START_ENCRYPTION (0x80|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_X509_GET_SERVER_CERTIFICATE (0x90|SSL_ST_ACCEPT)
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
|
@ -0,0 +1,84 @@
|
||||||
|
/* ssl/ssl23.h */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_SSL23_H
|
||||||
|
# define HEADER_SSL23_H
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* client
|
||||||
|
*/
|
||||||
|
/* write to server */
|
||||||
|
# define SSL23_ST_CW_CLNT_HELLO_A (0x210|SSL_ST_CONNECT)
|
||||||
|
# define SSL23_ST_CW_CLNT_HELLO_B (0x211|SSL_ST_CONNECT)
|
||||||
|
/* read from server */
|
||||||
|
# define SSL23_ST_CR_SRVR_HELLO_A (0x220|SSL_ST_CONNECT)
|
||||||
|
# define SSL23_ST_CR_SRVR_HELLO_B (0x221|SSL_ST_CONNECT)
|
||||||
|
|
||||||
|
/* server */
|
||||||
|
/* read from client */
|
||||||
|
# define SSL23_ST_SR_CLNT_HELLO_A (0x210|SSL_ST_ACCEPT)
|
||||||
|
# define SSL23_ST_SR_CLNT_HELLO_B (0x211|SSL_ST_ACCEPT)
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
|
@ -0,0 +1,774 @@
|
||||||
|
/* ssl/ssl3.h */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* openssl-core@openssl.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
|
||||||
|
* ECC cipher suite support in OpenSSL originally developed by
|
||||||
|
* SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_SSL3_H
|
||||||
|
# define HEADER_SSL3_H
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_COMP
|
||||||
|
# include <openssl/comp.h>
|
||||||
|
# endif
|
||||||
|
# include <openssl/buffer.h>
|
||||||
|
# include <openssl/evp.h>
|
||||||
|
# include <openssl/ssl.h>
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Signalling cipher suite value from RFC 5746
|
||||||
|
* (TLS_EMPTY_RENEGOTIATION_INFO_SCSV)
|
||||||
|
*/
|
||||||
|
# define SSL3_CK_SCSV 0x030000FF
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Signalling cipher suite value from draft-ietf-tls-downgrade-scsv-00
|
||||||
|
* (TLS_FALLBACK_SCSV)
|
||||||
|
*/
|
||||||
|
# define SSL3_CK_FALLBACK_SCSV 0x03005600
|
||||||
|
|
||||||
|
# define SSL3_CK_RSA_NULL_MD5 0x03000001
|
||||||
|
# define SSL3_CK_RSA_NULL_SHA 0x03000002
|
||||||
|
# define SSL3_CK_RSA_RC4_40_MD5 0x03000003
|
||||||
|
# define SSL3_CK_RSA_RC4_128_MD5 0x03000004
|
||||||
|
# define SSL3_CK_RSA_RC4_128_SHA 0x03000005
|
||||||
|
# define SSL3_CK_RSA_RC2_40_MD5 0x03000006
|
||||||
|
# define SSL3_CK_RSA_IDEA_128_SHA 0x03000007
|
||||||
|
# define SSL3_CK_RSA_DES_40_CBC_SHA 0x03000008
|
||||||
|
# define SSL3_CK_RSA_DES_64_CBC_SHA 0x03000009
|
||||||
|
# define SSL3_CK_RSA_DES_192_CBC3_SHA 0x0300000A
|
||||||
|
|
||||||
|
# define SSL3_CK_DH_DSS_DES_40_CBC_SHA 0x0300000B
|
||||||
|
# define SSL3_CK_DH_DSS_DES_64_CBC_SHA 0x0300000C
|
||||||
|
# define SSL3_CK_DH_DSS_DES_192_CBC3_SHA 0x0300000D
|
||||||
|
# define SSL3_CK_DH_RSA_DES_40_CBC_SHA 0x0300000E
|
||||||
|
# define SSL3_CK_DH_RSA_DES_64_CBC_SHA 0x0300000F
|
||||||
|
# define SSL3_CK_DH_RSA_DES_192_CBC3_SHA 0x03000010
|
||||||
|
|
||||||
|
# define SSL3_CK_EDH_DSS_DES_40_CBC_SHA 0x03000011
|
||||||
|
# define SSL3_CK_DHE_DSS_DES_40_CBC_SHA SSL3_CK_EDH_DSS_DES_40_CBC_SHA
|
||||||
|
# define SSL3_CK_EDH_DSS_DES_64_CBC_SHA 0x03000012
|
||||||
|
# define SSL3_CK_DHE_DSS_DES_64_CBC_SHA SSL3_CK_EDH_DSS_DES_64_CBC_SHA
|
||||||
|
# define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA 0x03000013
|
||||||
|
# define SSL3_CK_DHE_DSS_DES_192_CBC3_SHA SSL3_CK_EDH_DSS_DES_192_CBC3_SHA
|
||||||
|
# define SSL3_CK_EDH_RSA_DES_40_CBC_SHA 0x03000014
|
||||||
|
# define SSL3_CK_DHE_RSA_DES_40_CBC_SHA SSL3_CK_EDH_RSA_DES_40_CBC_SHA
|
||||||
|
# define SSL3_CK_EDH_RSA_DES_64_CBC_SHA 0x03000015
|
||||||
|
# define SSL3_CK_DHE_RSA_DES_64_CBC_SHA SSL3_CK_EDH_RSA_DES_64_CBC_SHA
|
||||||
|
# define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA 0x03000016
|
||||||
|
# define SSL3_CK_DHE_RSA_DES_192_CBC3_SHA SSL3_CK_EDH_RSA_DES_192_CBC3_SHA
|
||||||
|
|
||||||
|
# define SSL3_CK_ADH_RC4_40_MD5 0x03000017
|
||||||
|
# define SSL3_CK_ADH_RC4_128_MD5 0x03000018
|
||||||
|
# define SSL3_CK_ADH_DES_40_CBC_SHA 0x03000019
|
||||||
|
# define SSL3_CK_ADH_DES_64_CBC_SHA 0x0300001A
|
||||||
|
# define SSL3_CK_ADH_DES_192_CBC_SHA 0x0300001B
|
||||||
|
|
||||||
|
# if 0
|
||||||
|
# define SSL3_CK_FZA_DMS_NULL_SHA 0x0300001C
|
||||||
|
# define SSL3_CK_FZA_DMS_FZA_SHA 0x0300001D
|
||||||
|
# if 0 /* Because it clashes with KRB5, is never
|
||||||
|
* used any more, and is safe to remove
|
||||||
|
* according to David Hopwood
|
||||||
|
* <david.hopwood@zetnet.co.uk> of the
|
||||||
|
* ietf-tls list */
|
||||||
|
# define SSL3_CK_FZA_DMS_RC4_SHA 0x0300001E
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* VRS Additional Kerberos5 entries
|
||||||
|
*/
|
||||||
|
# define SSL3_CK_KRB5_DES_64_CBC_SHA 0x0300001E
|
||||||
|
# define SSL3_CK_KRB5_DES_192_CBC3_SHA 0x0300001F
|
||||||
|
# define SSL3_CK_KRB5_RC4_128_SHA 0x03000020
|
||||||
|
# define SSL3_CK_KRB5_IDEA_128_CBC_SHA 0x03000021
|
||||||
|
# define SSL3_CK_KRB5_DES_64_CBC_MD5 0x03000022
|
||||||
|
# define SSL3_CK_KRB5_DES_192_CBC3_MD5 0x03000023
|
||||||
|
# define SSL3_CK_KRB5_RC4_128_MD5 0x03000024
|
||||||
|
# define SSL3_CK_KRB5_IDEA_128_CBC_MD5 0x03000025
|
||||||
|
|
||||||
|
# define SSL3_CK_KRB5_DES_40_CBC_SHA 0x03000026
|
||||||
|
# define SSL3_CK_KRB5_RC2_40_CBC_SHA 0x03000027
|
||||||
|
# define SSL3_CK_KRB5_RC4_40_SHA 0x03000028
|
||||||
|
# define SSL3_CK_KRB5_DES_40_CBC_MD5 0x03000029
|
||||||
|
# define SSL3_CK_KRB5_RC2_40_CBC_MD5 0x0300002A
|
||||||
|
# define SSL3_CK_KRB5_RC4_40_MD5 0x0300002B
|
||||||
|
|
||||||
|
# define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5"
|
||||||
|
# define SSL3_TXT_RSA_NULL_SHA "NULL-SHA"
|
||||||
|
# define SSL3_TXT_RSA_RC4_40_MD5 "EXP-RC4-MD5"
|
||||||
|
# define SSL3_TXT_RSA_RC4_128_MD5 "RC4-MD5"
|
||||||
|
# define SSL3_TXT_RSA_RC4_128_SHA "RC4-SHA"
|
||||||
|
# define SSL3_TXT_RSA_RC2_40_MD5 "EXP-RC2-CBC-MD5"
|
||||||
|
# define SSL3_TXT_RSA_IDEA_128_SHA "IDEA-CBC-SHA"
|
||||||
|
# define SSL3_TXT_RSA_DES_40_CBC_SHA "EXP-DES-CBC-SHA"
|
||||||
|
# define SSL3_TXT_RSA_DES_64_CBC_SHA "DES-CBC-SHA"
|
||||||
|
# define SSL3_TXT_RSA_DES_192_CBC3_SHA "DES-CBC3-SHA"
|
||||||
|
|
||||||
|
# define SSL3_TXT_DH_DSS_DES_40_CBC_SHA "EXP-DH-DSS-DES-CBC-SHA"
|
||||||
|
# define SSL3_TXT_DH_DSS_DES_64_CBC_SHA "DH-DSS-DES-CBC-SHA"
|
||||||
|
# define SSL3_TXT_DH_DSS_DES_192_CBC3_SHA "DH-DSS-DES-CBC3-SHA"
|
||||||
|
# define SSL3_TXT_DH_RSA_DES_40_CBC_SHA "EXP-DH-RSA-DES-CBC-SHA"
|
||||||
|
# define SSL3_TXT_DH_RSA_DES_64_CBC_SHA "DH-RSA-DES-CBC-SHA"
|
||||||
|
# define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA "DH-RSA-DES-CBC3-SHA"
|
||||||
|
|
||||||
|
# define SSL3_TXT_DHE_DSS_DES_40_CBC_SHA "EXP-DHE-DSS-DES-CBC-SHA"
|
||||||
|
# define SSL3_TXT_DHE_DSS_DES_64_CBC_SHA "DHE-DSS-DES-CBC-SHA"
|
||||||
|
# define SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA "DHE-DSS-DES-CBC3-SHA"
|
||||||
|
# define SSL3_TXT_DHE_RSA_DES_40_CBC_SHA "EXP-DHE-RSA-DES-CBC-SHA"
|
||||||
|
# define SSL3_TXT_DHE_RSA_DES_64_CBC_SHA "DHE-RSA-DES-CBC-SHA"
|
||||||
|
# define SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA "DHE-RSA-DES-CBC3-SHA"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This next block of six "EDH" labels is for backward compatibility with
|
||||||
|
* older versions of OpenSSL. New code should use the six "DHE" labels above
|
||||||
|
* instead:
|
||||||
|
*/
|
||||||
|
# define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA "EXP-EDH-DSS-DES-CBC-SHA"
|
||||||
|
# define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA "EDH-DSS-DES-CBC-SHA"
|
||||||
|
# define SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA "EDH-DSS-DES-CBC3-SHA"
|
||||||
|
# define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA "EXP-EDH-RSA-DES-CBC-SHA"
|
||||||
|
# define SSL3_TXT_EDH_RSA_DES_64_CBC_SHA "EDH-RSA-DES-CBC-SHA"
|
||||||
|
# define SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA "EDH-RSA-DES-CBC3-SHA"
|
||||||
|
|
||||||
|
# define SSL3_TXT_ADH_RC4_40_MD5 "EXP-ADH-RC4-MD5"
|
||||||
|
# define SSL3_TXT_ADH_RC4_128_MD5 "ADH-RC4-MD5"
|
||||||
|
# define SSL3_TXT_ADH_DES_40_CBC_SHA "EXP-ADH-DES-CBC-SHA"
|
||||||
|
# define SSL3_TXT_ADH_DES_64_CBC_SHA "ADH-DES-CBC-SHA"
|
||||||
|
# define SSL3_TXT_ADH_DES_192_CBC_SHA "ADH-DES-CBC3-SHA"
|
||||||
|
|
||||||
|
# if 0
|
||||||
|
# define SSL3_TXT_FZA_DMS_NULL_SHA "FZA-NULL-SHA"
|
||||||
|
# define SSL3_TXT_FZA_DMS_FZA_SHA "FZA-FZA-CBC-SHA"
|
||||||
|
# define SSL3_TXT_FZA_DMS_RC4_SHA "FZA-RC4-SHA"
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# define SSL3_TXT_KRB5_DES_64_CBC_SHA "KRB5-DES-CBC-SHA"
|
||||||
|
# define SSL3_TXT_KRB5_DES_192_CBC3_SHA "KRB5-DES-CBC3-SHA"
|
||||||
|
# define SSL3_TXT_KRB5_RC4_128_SHA "KRB5-RC4-SHA"
|
||||||
|
# define SSL3_TXT_KRB5_IDEA_128_CBC_SHA "KRB5-IDEA-CBC-SHA"
|
||||||
|
# define SSL3_TXT_KRB5_DES_64_CBC_MD5 "KRB5-DES-CBC-MD5"
|
||||||
|
# define SSL3_TXT_KRB5_DES_192_CBC3_MD5 "KRB5-DES-CBC3-MD5"
|
||||||
|
# define SSL3_TXT_KRB5_RC4_128_MD5 "KRB5-RC4-MD5"
|
||||||
|
# define SSL3_TXT_KRB5_IDEA_128_CBC_MD5 "KRB5-IDEA-CBC-MD5"
|
||||||
|
|
||||||
|
# define SSL3_TXT_KRB5_DES_40_CBC_SHA "EXP-KRB5-DES-CBC-SHA"
|
||||||
|
# define SSL3_TXT_KRB5_RC2_40_CBC_SHA "EXP-KRB5-RC2-CBC-SHA"
|
||||||
|
# define SSL3_TXT_KRB5_RC4_40_SHA "EXP-KRB5-RC4-SHA"
|
||||||
|
# define SSL3_TXT_KRB5_DES_40_CBC_MD5 "EXP-KRB5-DES-CBC-MD5"
|
||||||
|
# define SSL3_TXT_KRB5_RC2_40_CBC_MD5 "EXP-KRB5-RC2-CBC-MD5"
|
||||||
|
# define SSL3_TXT_KRB5_RC4_40_MD5 "EXP-KRB5-RC4-MD5"
|
||||||
|
|
||||||
|
# define SSL3_SSL_SESSION_ID_LENGTH 32
|
||||||
|
# define SSL3_MAX_SSL_SESSION_ID_LENGTH 32
|
||||||
|
|
||||||
|
# define SSL3_MASTER_SECRET_SIZE 48
|
||||||
|
# define SSL3_RANDOM_SIZE 32
|
||||||
|
# define SSL3_SESSION_ID_SIZE 32
|
||||||
|
# define SSL3_RT_HEADER_LENGTH 5
|
||||||
|
|
||||||
|
# define SSL3_HM_HEADER_LENGTH 4
|
||||||
|
|
||||||
|
# ifndef SSL3_ALIGN_PAYLOAD
|
||||||
|
/*
|
||||||
|
* Some will argue that this increases memory footprint, but it's not
|
||||||
|
* actually true. Point is that malloc has to return at least 64-bit aligned
|
||||||
|
* pointers, meaning that allocating 5 bytes wastes 3 bytes in either case.
|
||||||
|
* Suggested pre-gaping simply moves these wasted bytes from the end of
|
||||||
|
* allocated region to its front, but makes data payload aligned, which
|
||||||
|
* improves performance:-)
|
||||||
|
*/
|
||||||
|
# define SSL3_ALIGN_PAYLOAD 8
|
||||||
|
# else
|
||||||
|
# if (SSL3_ALIGN_PAYLOAD&(SSL3_ALIGN_PAYLOAD-1))!=0
|
||||||
|
# error "insane SSL3_ALIGN_PAYLOAD"
|
||||||
|
# undef SSL3_ALIGN_PAYLOAD
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This is the maximum MAC (digest) size used by the SSL library. Currently
|
||||||
|
* maximum of 20 is used by SHA1, but we reserve for future extension for
|
||||||
|
* 512-bit hashes.
|
||||||
|
*/
|
||||||
|
|
||||||
|
# define SSL3_RT_MAX_MD_SIZE 64
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Maximum block size used in all ciphersuites. Currently 16 for AES.
|
||||||
|
*/
|
||||||
|
|
||||||
|
# define SSL_RT_MAX_CIPHER_BLOCK_SIZE 16
|
||||||
|
|
||||||
|
# define SSL3_RT_MAX_EXTRA (16384)
|
||||||
|
|
||||||
|
/* Maximum plaintext length: defined by SSL/TLS standards */
|
||||||
|
# define SSL3_RT_MAX_PLAIN_LENGTH 16384
|
||||||
|
/* Maximum compression overhead: defined by SSL/TLS standards */
|
||||||
|
# define SSL3_RT_MAX_COMPRESSED_OVERHEAD 1024
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The standards give a maximum encryption overhead of 1024 bytes. In
|
||||||
|
* practice the value is lower than this. The overhead is the maximum number
|
||||||
|
* of padding bytes (256) plus the mac size.
|
||||||
|
*/
|
||||||
|
# define SSL3_RT_MAX_ENCRYPTED_OVERHEAD (256 + SSL3_RT_MAX_MD_SIZE)
|
||||||
|
|
||||||
|
/*
|
||||||
|
* OpenSSL currently only uses a padding length of at most one block so the
|
||||||
|
* send overhead is smaller.
|
||||||
|
*/
|
||||||
|
|
||||||
|
# define SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD \
|
||||||
|
(SSL_RT_MAX_CIPHER_BLOCK_SIZE + SSL3_RT_MAX_MD_SIZE)
|
||||||
|
|
||||||
|
/* If compression isn't used don't include the compression overhead */
|
||||||
|
|
||||||
|
# ifdef OPENSSL_NO_COMP
|
||||||
|
# define SSL3_RT_MAX_COMPRESSED_LENGTH SSL3_RT_MAX_PLAIN_LENGTH
|
||||||
|
# else
|
||||||
|
# define SSL3_RT_MAX_COMPRESSED_LENGTH \
|
||||||
|
(SSL3_RT_MAX_PLAIN_LENGTH+SSL3_RT_MAX_COMPRESSED_OVERHEAD)
|
||||||
|
# endif
|
||||||
|
# define SSL3_RT_MAX_ENCRYPTED_LENGTH \
|
||||||
|
(SSL3_RT_MAX_ENCRYPTED_OVERHEAD+SSL3_RT_MAX_COMPRESSED_LENGTH)
|
||||||
|
# define SSL3_RT_MAX_PACKET_SIZE \
|
||||||
|
(SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH)
|
||||||
|
|
||||||
|
# define SSL3_MD_CLIENT_FINISHED_CONST "\x43\x4C\x4E\x54"
|
||||||
|
# define SSL3_MD_SERVER_FINISHED_CONST "\x53\x52\x56\x52"
|
||||||
|
|
||||||
|
# define SSL3_VERSION 0x0300
|
||||||
|
# define SSL3_VERSION_MAJOR 0x03
|
||||||
|
# define SSL3_VERSION_MINOR 0x00
|
||||||
|
|
||||||
|
# define SSL3_RT_CHANGE_CIPHER_SPEC 20
|
||||||
|
# define SSL3_RT_ALERT 21
|
||||||
|
# define SSL3_RT_HANDSHAKE 22
|
||||||
|
# define SSL3_RT_APPLICATION_DATA 23
|
||||||
|
# define TLS1_RT_HEARTBEAT 24
|
||||||
|
|
||||||
|
/* Pseudo content types to indicate additional parameters */
|
||||||
|
# define TLS1_RT_CRYPTO 0x1000
|
||||||
|
# define TLS1_RT_CRYPTO_PREMASTER (TLS1_RT_CRYPTO | 0x1)
|
||||||
|
# define TLS1_RT_CRYPTO_CLIENT_RANDOM (TLS1_RT_CRYPTO | 0x2)
|
||||||
|
# define TLS1_RT_CRYPTO_SERVER_RANDOM (TLS1_RT_CRYPTO | 0x3)
|
||||||
|
# define TLS1_RT_CRYPTO_MASTER (TLS1_RT_CRYPTO | 0x4)
|
||||||
|
|
||||||
|
# define TLS1_RT_CRYPTO_READ 0x0000
|
||||||
|
# define TLS1_RT_CRYPTO_WRITE 0x0100
|
||||||
|
# define TLS1_RT_CRYPTO_MAC (TLS1_RT_CRYPTO | 0x5)
|
||||||
|
# define TLS1_RT_CRYPTO_KEY (TLS1_RT_CRYPTO | 0x6)
|
||||||
|
# define TLS1_RT_CRYPTO_IV (TLS1_RT_CRYPTO | 0x7)
|
||||||
|
# define TLS1_RT_CRYPTO_FIXED_IV (TLS1_RT_CRYPTO | 0x8)
|
||||||
|
|
||||||
|
/* Pseudo content type for SSL/TLS header info */
|
||||||
|
# define SSL3_RT_HEADER 0x100
|
||||||
|
|
||||||
|
# define SSL3_AL_WARNING 1
|
||||||
|
# define SSL3_AL_FATAL 2
|
||||||
|
|
||||||
|
# define SSL3_AD_CLOSE_NOTIFY 0
|
||||||
|
# define SSL3_AD_UNEXPECTED_MESSAGE 10/* fatal */
|
||||||
|
# define SSL3_AD_BAD_RECORD_MAC 20/* fatal */
|
||||||
|
# define SSL3_AD_DECOMPRESSION_FAILURE 30/* fatal */
|
||||||
|
# define SSL3_AD_HANDSHAKE_FAILURE 40/* fatal */
|
||||||
|
# define SSL3_AD_NO_CERTIFICATE 41
|
||||||
|
# define SSL3_AD_BAD_CERTIFICATE 42
|
||||||
|
# define SSL3_AD_UNSUPPORTED_CERTIFICATE 43
|
||||||
|
# define SSL3_AD_CERTIFICATE_REVOKED 44
|
||||||
|
# define SSL3_AD_CERTIFICATE_EXPIRED 45
|
||||||
|
# define SSL3_AD_CERTIFICATE_UNKNOWN 46
|
||||||
|
# define SSL3_AD_ILLEGAL_PARAMETER 47/* fatal */
|
||||||
|
|
||||||
|
# define TLS1_HB_REQUEST 1
|
||||||
|
# define TLS1_HB_RESPONSE 2
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_SSL_INTERN
|
||||||
|
|
||||||
|
typedef struct ssl3_record_st {
|
||||||
|
/* type of record */
|
||||||
|
/*
|
||||||
|
* r
|
||||||
|
*/ int type;
|
||||||
|
/* How many bytes available */
|
||||||
|
/*
|
||||||
|
* rw
|
||||||
|
*/ unsigned int length;
|
||||||
|
/* read/write offset into 'buf' */
|
||||||
|
/*
|
||||||
|
* r
|
||||||
|
*/ unsigned int off;
|
||||||
|
/* pointer to the record data */
|
||||||
|
/*
|
||||||
|
* rw
|
||||||
|
*/ unsigned char *data;
|
||||||
|
/* where the decode bytes are */
|
||||||
|
/*
|
||||||
|
* rw
|
||||||
|
*/ unsigned char *input;
|
||||||
|
/* only used with decompression - malloc()ed */
|
||||||
|
/*
|
||||||
|
* r
|
||||||
|
*/ unsigned char *comp;
|
||||||
|
/* epoch number, needed by DTLS1 */
|
||||||
|
/*
|
||||||
|
* r
|
||||||
|
*/ unsigned long epoch;
|
||||||
|
/* sequence number, needed by DTLS1 */
|
||||||
|
/*
|
||||||
|
* r
|
||||||
|
*/ unsigned char seq_num[8];
|
||||||
|
} SSL3_RECORD;
|
||||||
|
|
||||||
|
typedef struct ssl3_buffer_st {
|
||||||
|
/* at least SSL3_RT_MAX_PACKET_SIZE bytes, see ssl3_setup_buffers() */
|
||||||
|
unsigned char *buf;
|
||||||
|
/* buffer size */
|
||||||
|
size_t len;
|
||||||
|
/* where to 'copy from' */
|
||||||
|
int offset;
|
||||||
|
/* how many bytes left */
|
||||||
|
int left;
|
||||||
|
} SSL3_BUFFER;
|
||||||
|
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# define SSL3_CT_RSA_SIGN 1
|
||||||
|
# define SSL3_CT_DSS_SIGN 2
|
||||||
|
# define SSL3_CT_RSA_FIXED_DH 3
|
||||||
|
# define SSL3_CT_DSS_FIXED_DH 4
|
||||||
|
# define SSL3_CT_RSA_EPHEMERAL_DH 5
|
||||||
|
# define SSL3_CT_DSS_EPHEMERAL_DH 6
|
||||||
|
# define SSL3_CT_FORTEZZA_DMS 20
|
||||||
|
/*
|
||||||
|
* SSL3_CT_NUMBER is used to size arrays and it must be large enough to
|
||||||
|
* contain all of the cert types defined either for SSLv3 and TLSv1.
|
||||||
|
*/
|
||||||
|
# define SSL3_CT_NUMBER 9
|
||||||
|
|
||||||
|
# define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001
|
||||||
|
# define SSL3_FLAGS_DELAY_CLIENT_FINISHED 0x0002
|
||||||
|
# define SSL3_FLAGS_POP_BUFFER 0x0004
|
||||||
|
# define TLS1_FLAGS_TLS_PADDING_BUG 0x0008
|
||||||
|
# define TLS1_FLAGS_SKIP_CERT_VERIFY 0x0010
|
||||||
|
# define TLS1_FLAGS_KEEP_HANDSHAKE 0x0020
|
||||||
|
/*
|
||||||
|
* Set when the handshake is ready to process peer's ChangeCipherSpec message.
|
||||||
|
* Cleared after the message has been processed.
|
||||||
|
*/
|
||||||
|
# define SSL3_FLAGS_CCS_OK 0x0080
|
||||||
|
|
||||||
|
/* SSL3_FLAGS_SGC_RESTART_DONE is no longer used */
|
||||||
|
# define SSL3_FLAGS_SGC_RESTART_DONE 0x0040
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_SSL_INTERN
|
||||||
|
|
||||||
|
typedef struct ssl3_state_st {
|
||||||
|
long flags;
|
||||||
|
int delay_buf_pop_ret;
|
||||||
|
unsigned char read_sequence[8];
|
||||||
|
int read_mac_secret_size;
|
||||||
|
unsigned char read_mac_secret[EVP_MAX_MD_SIZE];
|
||||||
|
unsigned char write_sequence[8];
|
||||||
|
int write_mac_secret_size;
|
||||||
|
unsigned char write_mac_secret[EVP_MAX_MD_SIZE];
|
||||||
|
unsigned char server_random[SSL3_RANDOM_SIZE];
|
||||||
|
unsigned char client_random[SSL3_RANDOM_SIZE];
|
||||||
|
/* flags for countermeasure against known-IV weakness */
|
||||||
|
int need_empty_fragments;
|
||||||
|
int empty_fragment_done;
|
||||||
|
/* The value of 'extra' when the buffers were initialized */
|
||||||
|
int init_extra;
|
||||||
|
SSL3_BUFFER rbuf; /* read IO goes into here */
|
||||||
|
SSL3_BUFFER wbuf; /* write IO goes into here */
|
||||||
|
SSL3_RECORD rrec; /* each decoded record goes in here */
|
||||||
|
SSL3_RECORD wrec; /* goes out from here */
|
||||||
|
/*
|
||||||
|
* storage for Alert/Handshake protocol data received but not yet
|
||||||
|
* processed by ssl3_read_bytes:
|
||||||
|
*/
|
||||||
|
unsigned char alert_fragment[2];
|
||||||
|
unsigned int alert_fragment_len;
|
||||||
|
unsigned char handshake_fragment[4];
|
||||||
|
unsigned int handshake_fragment_len;
|
||||||
|
/* partial write - check the numbers match */
|
||||||
|
unsigned int wnum; /* number of bytes sent so far */
|
||||||
|
int wpend_tot; /* number bytes written */
|
||||||
|
int wpend_type;
|
||||||
|
int wpend_ret; /* number of bytes submitted */
|
||||||
|
const unsigned char *wpend_buf;
|
||||||
|
/* used during startup, digest all incoming/outgoing packets */
|
||||||
|
BIO *handshake_buffer;
|
||||||
|
/*
|
||||||
|
* When set of handshake digests is determined, buffer is hashed and
|
||||||
|
* freed and MD_CTX-es for all required digests are stored in this array
|
||||||
|
*/
|
||||||
|
EVP_MD_CTX **handshake_dgst;
|
||||||
|
/*
|
||||||
|
* Set whenever an expected ChangeCipherSpec message is processed.
|
||||||
|
* Unset when the peer's Finished message is received.
|
||||||
|
* Unexpected ChangeCipherSpec messages trigger a fatal alert.
|
||||||
|
*/
|
||||||
|
int change_cipher_spec;
|
||||||
|
int warn_alert;
|
||||||
|
int fatal_alert;
|
||||||
|
/*
|
||||||
|
* we allow one fatal and one warning alert to be outstanding, send close
|
||||||
|
* alert via the warning alert
|
||||||
|
*/
|
||||||
|
int alert_dispatch;
|
||||||
|
unsigned char send_alert[2];
|
||||||
|
/*
|
||||||
|
* This flag is set when we should renegotiate ASAP, basically when there
|
||||||
|
* is no more data in the read or write buffers
|
||||||
|
*/
|
||||||
|
int renegotiate;
|
||||||
|
int total_renegotiations;
|
||||||
|
int num_renegotiations;
|
||||||
|
int in_read_app_data;
|
||||||
|
/*
|
||||||
|
* Opaque PRF input as used for the current handshake. These fields are
|
||||||
|
* used only if TLSEXT_TYPE_opaque_prf_input is defined (otherwise, they
|
||||||
|
* are merely present to improve binary compatibility)
|
||||||
|
*/
|
||||||
|
void *client_opaque_prf_input;
|
||||||
|
size_t client_opaque_prf_input_len;
|
||||||
|
void *server_opaque_prf_input;
|
||||||
|
size_t server_opaque_prf_input_len;
|
||||||
|
struct {
|
||||||
|
/* actually only needs to be 16+20 */
|
||||||
|
unsigned char cert_verify_md[EVP_MAX_MD_SIZE * 2];
|
||||||
|
/* actually only need to be 16+20 for SSLv3 and 12 for TLS */
|
||||||
|
unsigned char finish_md[EVP_MAX_MD_SIZE * 2];
|
||||||
|
int finish_md_len;
|
||||||
|
unsigned char peer_finish_md[EVP_MAX_MD_SIZE * 2];
|
||||||
|
int peer_finish_md_len;
|
||||||
|
unsigned long message_size;
|
||||||
|
int message_type;
|
||||||
|
/* used to hold the new cipher we are going to use */
|
||||||
|
const SSL_CIPHER *new_cipher;
|
||||||
|
# ifndef OPENSSL_NO_DH
|
||||||
|
DH *dh;
|
||||||
|
# endif
|
||||||
|
# ifndef OPENSSL_NO_ECDH
|
||||||
|
EC_KEY *ecdh; /* holds short lived ECDH key */
|
||||||
|
# endif
|
||||||
|
/* used when SSL_ST_FLUSH_DATA is entered */
|
||||||
|
int next_state;
|
||||||
|
int reuse_message;
|
||||||
|
/* used for certificate requests */
|
||||||
|
int cert_req;
|
||||||
|
int ctype_num;
|
||||||
|
char ctype[SSL3_CT_NUMBER];
|
||||||
|
STACK_OF(X509_NAME) *ca_names;
|
||||||
|
int use_rsa_tmp;
|
||||||
|
int key_block_length;
|
||||||
|
unsigned char *key_block;
|
||||||
|
const EVP_CIPHER *new_sym_enc;
|
||||||
|
const EVP_MD *new_hash;
|
||||||
|
int new_mac_pkey_type;
|
||||||
|
int new_mac_secret_size;
|
||||||
|
# ifndef OPENSSL_NO_COMP
|
||||||
|
const SSL_COMP *new_compression;
|
||||||
|
# else
|
||||||
|
char *new_compression;
|
||||||
|
# endif
|
||||||
|
int cert_request;
|
||||||
|
} tmp;
|
||||||
|
|
||||||
|
/* Connection binding to prevent renegotiation attacks */
|
||||||
|
unsigned char previous_client_finished[EVP_MAX_MD_SIZE];
|
||||||
|
unsigned char previous_client_finished_len;
|
||||||
|
unsigned char previous_server_finished[EVP_MAX_MD_SIZE];
|
||||||
|
unsigned char previous_server_finished_len;
|
||||||
|
int send_connection_binding; /* TODOEKR */
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_NEXTPROTONEG
|
||||||
|
/*
|
||||||
|
* Set if we saw the Next Protocol Negotiation extension from our peer.
|
||||||
|
*/
|
||||||
|
int next_proto_neg_seen;
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_TLSEXT
|
||||||
|
# ifndef OPENSSL_NO_EC
|
||||||
|
/*
|
||||||
|
* This is set to true if we believe that this is a version of Safari
|
||||||
|
* running on OS X 10.6 or newer. We wish to know this because Safari on
|
||||||
|
* 10.8 .. 10.8.3 has broken ECDHE-ECDSA support.
|
||||||
|
*/
|
||||||
|
char is_probably_safari;
|
||||||
|
# endif /* !OPENSSL_NO_EC */
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ALPN information (we are in the process of transitioning from NPN to
|
||||||
|
* ALPN.)
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* In a server these point to the selected ALPN protocol after the
|
||||||
|
* ClientHello has been processed. In a client these contain the protocol
|
||||||
|
* that the server selected once the ServerHello has been processed.
|
||||||
|
*/
|
||||||
|
unsigned char *alpn_selected;
|
||||||
|
unsigned alpn_selected_len;
|
||||||
|
# endif /* OPENSSL_NO_TLSEXT */
|
||||||
|
} SSL3_STATE;
|
||||||
|
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* SSLv3 */
|
||||||
|
/*
|
||||||
|
* client
|
||||||
|
*/
|
||||||
|
/* extra state */
|
||||||
|
# define SSL3_ST_CW_FLUSH (0x100|SSL_ST_CONNECT)
|
||||||
|
# ifndef OPENSSL_NO_SCTP
|
||||||
|
# define DTLS1_SCTP_ST_CW_WRITE_SOCK (0x310|SSL_ST_CONNECT)
|
||||||
|
# define DTLS1_SCTP_ST_CR_READ_SOCK (0x320|SSL_ST_CONNECT)
|
||||||
|
# endif
|
||||||
|
/* write to server */
|
||||||
|
# define SSL3_ST_CW_CLNT_HELLO_A (0x110|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CW_CLNT_HELLO_B (0x111|SSL_ST_CONNECT)
|
||||||
|
/* read from server */
|
||||||
|
# define SSL3_ST_CR_SRVR_HELLO_A (0x120|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CR_SRVR_HELLO_B (0x121|SSL_ST_CONNECT)
|
||||||
|
# define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A (0x126|SSL_ST_CONNECT)
|
||||||
|
# define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B (0x127|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CR_CERT_A (0x130|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CR_CERT_B (0x131|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CR_KEY_EXCH_A (0x140|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CR_KEY_EXCH_B (0x141|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CR_CERT_REQ_A (0x150|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CR_CERT_REQ_B (0x151|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CR_SRVR_DONE_A (0x160|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CR_SRVR_DONE_B (0x161|SSL_ST_CONNECT)
|
||||||
|
/* write to server */
|
||||||
|
# define SSL3_ST_CW_CERT_A (0x170|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CW_CERT_B (0x171|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CW_CERT_C (0x172|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CW_CERT_D (0x173|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CW_KEY_EXCH_A (0x180|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CW_KEY_EXCH_B (0x181|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CW_CERT_VRFY_A (0x190|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CW_CERT_VRFY_B (0x191|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CW_CHANGE_A (0x1A0|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CW_CHANGE_B (0x1A1|SSL_ST_CONNECT)
|
||||||
|
# ifndef OPENSSL_NO_NEXTPROTONEG
|
||||||
|
# define SSL3_ST_CW_NEXT_PROTO_A (0x200|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CW_NEXT_PROTO_B (0x201|SSL_ST_CONNECT)
|
||||||
|
# endif
|
||||||
|
# define SSL3_ST_CW_FINISHED_A (0x1B0|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CW_FINISHED_B (0x1B1|SSL_ST_CONNECT)
|
||||||
|
/* read from server */
|
||||||
|
# define SSL3_ST_CR_CHANGE_A (0x1C0|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CR_CHANGE_B (0x1C1|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CR_FINISHED_A (0x1D0|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CR_FINISHED_B (0x1D1|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CR_SESSION_TICKET_A (0x1E0|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CR_SESSION_TICKET_B (0x1E1|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CR_CERT_STATUS_A (0x1F0|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CR_CERT_STATUS_B (0x1F1|SSL_ST_CONNECT)
|
||||||
|
|
||||||
|
/* server */
|
||||||
|
/* extra state */
|
||||||
|
# define SSL3_ST_SW_FLUSH (0x100|SSL_ST_ACCEPT)
|
||||||
|
# ifndef OPENSSL_NO_SCTP
|
||||||
|
# define DTLS1_SCTP_ST_SW_WRITE_SOCK (0x310|SSL_ST_ACCEPT)
|
||||||
|
# define DTLS1_SCTP_ST_SR_READ_SOCK (0x320|SSL_ST_ACCEPT)
|
||||||
|
# endif
|
||||||
|
/* read from client */
|
||||||
|
/* Do not change the number values, they do matter */
|
||||||
|
# define SSL3_ST_SR_CLNT_HELLO_A (0x110|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SR_CLNT_HELLO_B (0x111|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SR_CLNT_HELLO_C (0x112|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SR_CLNT_HELLO_D (0x115|SSL_ST_ACCEPT)
|
||||||
|
/* write to client */
|
||||||
|
# define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A (0x113|SSL_ST_ACCEPT)
|
||||||
|
# define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B (0x114|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_HELLO_REQ_A (0x120|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_HELLO_REQ_B (0x121|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_HELLO_REQ_C (0x122|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_SRVR_HELLO_A (0x130|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_SRVR_HELLO_B (0x131|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_CERT_A (0x140|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_CERT_B (0x141|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_KEY_EXCH_A (0x150|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_KEY_EXCH_B (0x151|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_CERT_REQ_A (0x160|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_CERT_REQ_B (0x161|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_SRVR_DONE_A (0x170|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_SRVR_DONE_B (0x171|SSL_ST_ACCEPT)
|
||||||
|
/* read from client */
|
||||||
|
# define SSL3_ST_SR_CERT_A (0x180|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SR_CERT_B (0x181|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SR_KEY_EXCH_A (0x190|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SR_KEY_EXCH_B (0x191|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SR_CERT_VRFY_A (0x1A0|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT)
|
||||||
|
# ifndef OPENSSL_NO_NEXTPROTONEG
|
||||||
|
# define SSL3_ST_SR_NEXT_PROTO_A (0x210|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SR_NEXT_PROTO_B (0x211|SSL_ST_ACCEPT)
|
||||||
|
# endif
|
||||||
|
# define SSL3_ST_SR_FINISHED_A (0x1C0|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SR_FINISHED_B (0x1C1|SSL_ST_ACCEPT)
|
||||||
|
/* write to client */
|
||||||
|
# define SSL3_ST_SW_CHANGE_A (0x1D0|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_CHANGE_B (0x1D1|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_FINISHED_A (0x1E0|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_FINISHED_B (0x1E1|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_SESSION_TICKET_A (0x1F0|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_SESSION_TICKET_B (0x1F1|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_CERT_STATUS_A (0x200|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_CERT_STATUS_B (0x201|SSL_ST_ACCEPT)
|
||||||
|
|
||||||
|
# define SSL3_MT_HELLO_REQUEST 0
|
||||||
|
# define SSL3_MT_CLIENT_HELLO 1
|
||||||
|
# define SSL3_MT_SERVER_HELLO 2
|
||||||
|
# define SSL3_MT_NEWSESSION_TICKET 4
|
||||||
|
# define SSL3_MT_CERTIFICATE 11
|
||||||
|
# define SSL3_MT_SERVER_KEY_EXCHANGE 12
|
||||||
|
# define SSL3_MT_CERTIFICATE_REQUEST 13
|
||||||
|
# define SSL3_MT_SERVER_DONE 14
|
||||||
|
# define SSL3_MT_CERTIFICATE_VERIFY 15
|
||||||
|
# define SSL3_MT_CLIENT_KEY_EXCHANGE 16
|
||||||
|
# define SSL3_MT_FINISHED 20
|
||||||
|
# define SSL3_MT_CERTIFICATE_STATUS 22
|
||||||
|
# ifndef OPENSSL_NO_NEXTPROTONEG
|
||||||
|
# define SSL3_MT_NEXT_PROTO 67
|
||||||
|
# endif
|
||||||
|
# define DTLS1_MT_HELLO_VERIFY_REQUEST 3
|
||||||
|
|
||||||
|
# define SSL3_MT_CCS 1
|
||||||
|
|
||||||
|
/* These are used when changing over to a new cipher */
|
||||||
|
# define SSL3_CC_READ 0x01
|
||||||
|
# define SSL3_CC_WRITE 0x02
|
||||||
|
# define SSL3_CC_CLIENT 0x10
|
||||||
|
# define SSL3_CC_SERVER 0x20
|
||||||
|
# define SSL3_CHANGE_CIPHER_CLIENT_WRITE (SSL3_CC_CLIENT|SSL3_CC_WRITE)
|
||||||
|
# define SSL3_CHANGE_CIPHER_SERVER_READ (SSL3_CC_SERVER|SSL3_CC_READ)
|
||||||
|
# define SSL3_CHANGE_CIPHER_CLIENT_READ (SSL3_CC_CLIENT|SSL3_CC_READ)
|
||||||
|
# define SSL3_CHANGE_CIPHER_SERVER_WRITE (SSL3_CC_SERVER|SSL3_CC_WRITE)
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
|
@ -0,0 +1,107 @@
|
||||||
|
/* crypto/stack/stack.h */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_STACK_H
|
||||||
|
# define HEADER_STACK_H
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
typedef struct stack_st {
|
||||||
|
int num;
|
||||||
|
char **data;
|
||||||
|
int sorted;
|
||||||
|
int num_alloc;
|
||||||
|
int (*comp) (const void *, const void *);
|
||||||
|
} _STACK; /* Use STACK_OF(...) instead */
|
||||||
|
|
||||||
|
# define M_sk_num(sk) ((sk) ? (sk)->num:-1)
|
||||||
|
# define M_sk_value(sk,n) ((sk) ? (sk)->data[n] : NULL)
|
||||||
|
|
||||||
|
int sk_num(const _STACK *);
|
||||||
|
void *sk_value(const _STACK *, int);
|
||||||
|
|
||||||
|
void *sk_set(_STACK *, int, void *);
|
||||||
|
|
||||||
|
_STACK *sk_new(int (*cmp) (const void *, const void *));
|
||||||
|
_STACK *sk_new_null(void);
|
||||||
|
void sk_free(_STACK *);
|
||||||
|
void sk_pop_free(_STACK *st, void (*func) (void *));
|
||||||
|
_STACK *sk_deep_copy(_STACK *, void *(*)(void *), void (*)(void *));
|
||||||
|
int sk_insert(_STACK *sk, void *data, int where);
|
||||||
|
void *sk_delete(_STACK *st, int loc);
|
||||||
|
void *sk_delete_ptr(_STACK *st, void *p);
|
||||||
|
int sk_find(_STACK *st, void *data);
|
||||||
|
int sk_find_ex(_STACK *st, void *data);
|
||||||
|
int sk_push(_STACK *st, void *data);
|
||||||
|
int sk_unshift(_STACK *st, void *data);
|
||||||
|
void *sk_shift(_STACK *st);
|
||||||
|
void *sk_pop(_STACK *st);
|
||||||
|
void sk_zero(_STACK *st);
|
||||||
|
int (*sk_set_cmp_func(_STACK *sk, int (*c) (const void *, const void *)))
|
||||||
|
(const void *, const void *);
|
||||||
|
_STACK *sk_dup(_STACK *st);
|
||||||
|
void sk_sort(_STACK *st);
|
||||||
|
int sk_is_sorted(const _STACK *st);
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#endif
|
|
@ -0,0 +1,516 @@
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* openssl-core@openssl.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_SYMHACKS_H
|
||||||
|
# define HEADER_SYMHACKS_H
|
||||||
|
|
||||||
|
# include <openssl/e_os2.h>
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Hacks to solve the problem with linkers incapable of handling very long
|
||||||
|
* symbol names. In the case of VMS, the limit is 31 characters on VMS for
|
||||||
|
* VAX.
|
||||||
|
*/
|
||||||
|
/*
|
||||||
|
* Note that this affects util/libeay.num and util/ssleay.num... you may
|
||||||
|
* change those manually, but that's not recommended, as those files are
|
||||||
|
* controlled centrally and updated on Unix, and the central definition may
|
||||||
|
* disagree with yours, which in turn may come with shareable library
|
||||||
|
* incompatibilities.
|
||||||
|
*/
|
||||||
|
# ifdef OPENSSL_SYS_VMS
|
||||||
|
|
||||||
|
/* Hack a long name in crypto/ex_data.c */
|
||||||
|
# undef CRYPTO_get_ex_data_implementation
|
||||||
|
# define CRYPTO_get_ex_data_implementation CRYPTO_get_ex_data_impl
|
||||||
|
# undef CRYPTO_set_ex_data_implementation
|
||||||
|
# define CRYPTO_set_ex_data_implementation CRYPTO_set_ex_data_impl
|
||||||
|
|
||||||
|
/* Hack a long name in crypto/asn1/a_mbstr.c */
|
||||||
|
# undef ASN1_STRING_set_default_mask_asc
|
||||||
|
# define ASN1_STRING_set_default_mask_asc ASN1_STRING_set_def_mask_asc
|
||||||
|
|
||||||
|
# if 0 /* No longer needed, since safestack macro
|
||||||
|
* magic does the job */
|
||||||
|
/* Hack the names created with DECLARE_ASN1_SET_OF(PKCS7_SIGNER_INFO) */
|
||||||
|
# undef i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO
|
||||||
|
# define i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO i2d_ASN1_SET_OF_PKCS7_SIGINF
|
||||||
|
# undef d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO
|
||||||
|
# define d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO d2i_ASN1_SET_OF_PKCS7_SIGINF
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# if 0 /* No longer needed, since safestack macro
|
||||||
|
* magic does the job */
|
||||||
|
/* Hack the names created with DECLARE_ASN1_SET_OF(PKCS7_RECIP_INFO) */
|
||||||
|
# undef i2d_ASN1_SET_OF_PKCS7_RECIP_INFO
|
||||||
|
# define i2d_ASN1_SET_OF_PKCS7_RECIP_INFO i2d_ASN1_SET_OF_PKCS7_RECINF
|
||||||
|
# undef d2i_ASN1_SET_OF_PKCS7_RECIP_INFO
|
||||||
|
# define d2i_ASN1_SET_OF_PKCS7_RECIP_INFO d2i_ASN1_SET_OF_PKCS7_RECINF
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# if 0 /* No longer needed, since safestack macro
|
||||||
|
* magic does the job */
|
||||||
|
/* Hack the names created with DECLARE_ASN1_SET_OF(ACCESS_DESCRIPTION) */
|
||||||
|
# undef i2d_ASN1_SET_OF_ACCESS_DESCRIPTION
|
||||||
|
# define i2d_ASN1_SET_OF_ACCESS_DESCRIPTION i2d_ASN1_SET_OF_ACC_DESC
|
||||||
|
# undef d2i_ASN1_SET_OF_ACCESS_DESCRIPTION
|
||||||
|
# define d2i_ASN1_SET_OF_ACCESS_DESCRIPTION d2i_ASN1_SET_OF_ACC_DESC
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* Hack the names created with DECLARE_PEM_rw(NETSCAPE_CERT_SEQUENCE) */
|
||||||
|
# undef PEM_read_NETSCAPE_CERT_SEQUENCE
|
||||||
|
# define PEM_read_NETSCAPE_CERT_SEQUENCE PEM_read_NS_CERT_SEQ
|
||||||
|
# undef PEM_write_NETSCAPE_CERT_SEQUENCE
|
||||||
|
# define PEM_write_NETSCAPE_CERT_SEQUENCE PEM_write_NS_CERT_SEQ
|
||||||
|
# undef PEM_read_bio_NETSCAPE_CERT_SEQUENCE
|
||||||
|
# define PEM_read_bio_NETSCAPE_CERT_SEQUENCE PEM_read_bio_NS_CERT_SEQ
|
||||||
|
# undef PEM_write_bio_NETSCAPE_CERT_SEQUENCE
|
||||||
|
# define PEM_write_bio_NETSCAPE_CERT_SEQUENCE PEM_write_bio_NS_CERT_SEQ
|
||||||
|
# undef PEM_write_cb_bio_NETSCAPE_CERT_SEQUENCE
|
||||||
|
# define PEM_write_cb_bio_NETSCAPE_CERT_SEQUENCE PEM_write_cb_bio_NS_CERT_SEQ
|
||||||
|
|
||||||
|
/* Hack the names created with DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO) */
|
||||||
|
# undef PEM_read_PKCS8_PRIV_KEY_INFO
|
||||||
|
# define PEM_read_PKCS8_PRIV_KEY_INFO PEM_read_P8_PRIV_KEY_INFO
|
||||||
|
# undef PEM_write_PKCS8_PRIV_KEY_INFO
|
||||||
|
# define PEM_write_PKCS8_PRIV_KEY_INFO PEM_write_P8_PRIV_KEY_INFO
|
||||||
|
# undef PEM_read_bio_PKCS8_PRIV_KEY_INFO
|
||||||
|
# define PEM_read_bio_PKCS8_PRIV_KEY_INFO PEM_read_bio_P8_PRIV_KEY_INFO
|
||||||
|
# undef PEM_write_bio_PKCS8_PRIV_KEY_INFO
|
||||||
|
# define PEM_write_bio_PKCS8_PRIV_KEY_INFO PEM_write_bio_P8_PRIV_KEY_INFO
|
||||||
|
# undef PEM_write_cb_bio_PKCS8_PRIV_KEY_INFO
|
||||||
|
# define PEM_write_cb_bio_PKCS8_PRIV_KEY_INFO PEM_wrt_cb_bio_P8_PRIV_KEY_INFO
|
||||||
|
|
||||||
|
/* Hack other PEM names */
|
||||||
|
# undef PEM_write_bio_PKCS8PrivateKey_nid
|
||||||
|
# define PEM_write_bio_PKCS8PrivateKey_nid PEM_write_bio_PKCS8PrivKey_nid
|
||||||
|
|
||||||
|
/* Hack some long X509 names */
|
||||||
|
# undef X509_REVOKED_get_ext_by_critical
|
||||||
|
# define X509_REVOKED_get_ext_by_critical X509_REVOKED_get_ext_by_critic
|
||||||
|
# undef X509_policy_tree_get0_user_policies
|
||||||
|
# define X509_policy_tree_get0_user_policies X509_pcy_tree_get0_usr_policies
|
||||||
|
# undef X509_policy_node_get0_qualifiers
|
||||||
|
# define X509_policy_node_get0_qualifiers X509_pcy_node_get0_qualifiers
|
||||||
|
# undef X509_STORE_CTX_get_explicit_policy
|
||||||
|
# define X509_STORE_CTX_get_explicit_policy X509_STORE_CTX_get_expl_policy
|
||||||
|
# undef X509_STORE_CTX_get0_current_issuer
|
||||||
|
# define X509_STORE_CTX_get0_current_issuer X509_STORE_CTX_get0_cur_issuer
|
||||||
|
|
||||||
|
/* Hack some long CRYPTO names */
|
||||||
|
# undef CRYPTO_set_dynlock_destroy_callback
|
||||||
|
# define CRYPTO_set_dynlock_destroy_callback CRYPTO_set_dynlock_destroy_cb
|
||||||
|
# undef CRYPTO_set_dynlock_create_callback
|
||||||
|
# define CRYPTO_set_dynlock_create_callback CRYPTO_set_dynlock_create_cb
|
||||||
|
# undef CRYPTO_set_dynlock_lock_callback
|
||||||
|
# define CRYPTO_set_dynlock_lock_callback CRYPTO_set_dynlock_lock_cb
|
||||||
|
# undef CRYPTO_get_dynlock_lock_callback
|
||||||
|
# define CRYPTO_get_dynlock_lock_callback CRYPTO_get_dynlock_lock_cb
|
||||||
|
# undef CRYPTO_get_dynlock_destroy_callback
|
||||||
|
# define CRYPTO_get_dynlock_destroy_callback CRYPTO_get_dynlock_destroy_cb
|
||||||
|
# undef CRYPTO_get_dynlock_create_callback
|
||||||
|
# define CRYPTO_get_dynlock_create_callback CRYPTO_get_dynlock_create_cb
|
||||||
|
# undef CRYPTO_set_locked_mem_ex_functions
|
||||||
|
# define CRYPTO_set_locked_mem_ex_functions CRYPTO_set_locked_mem_ex_funcs
|
||||||
|
# undef CRYPTO_get_locked_mem_ex_functions
|
||||||
|
# define CRYPTO_get_locked_mem_ex_functions CRYPTO_get_locked_mem_ex_funcs
|
||||||
|
|
||||||
|
/* Hack some long SSL/TLS names */
|
||||||
|
# undef SSL_CTX_set_default_verify_paths
|
||||||
|
# define SSL_CTX_set_default_verify_paths SSL_CTX_set_def_verify_paths
|
||||||
|
# undef SSL_get_ex_data_X509_STORE_CTX_idx
|
||||||
|
# define SSL_get_ex_data_X509_STORE_CTX_idx SSL_get_ex_d_X509_STORE_CTX_idx
|
||||||
|
# undef SSL_add_file_cert_subjects_to_stack
|
||||||
|
# define SSL_add_file_cert_subjects_to_stack SSL_add_file_cert_subjs_to_stk
|
||||||
|
# undef SSL_add_dir_cert_subjects_to_stack
|
||||||
|
# define SSL_add_dir_cert_subjects_to_stack SSL_add_dir_cert_subjs_to_stk
|
||||||
|
# undef SSL_CTX_use_certificate_chain_file
|
||||||
|
# define SSL_CTX_use_certificate_chain_file SSL_CTX_use_cert_chain_file
|
||||||
|
# undef SSL_CTX_set_cert_verify_callback
|
||||||
|
# define SSL_CTX_set_cert_verify_callback SSL_CTX_set_cert_verify_cb
|
||||||
|
# undef SSL_CTX_set_default_passwd_cb_userdata
|
||||||
|
# define SSL_CTX_set_default_passwd_cb_userdata SSL_CTX_set_def_passwd_cb_ud
|
||||||
|
# undef SSL_COMP_get_compression_methods
|
||||||
|
# define SSL_COMP_get_compression_methods SSL_COMP_get_compress_methods
|
||||||
|
# undef SSL_COMP_set0_compression_methods
|
||||||
|
# define SSL_COMP_set0_compression_methods SSL_COMP_set0_compress_methods
|
||||||
|
# undef SSL_COMP_free_compression_methods
|
||||||
|
# define SSL_COMP_free_compression_methods SSL_COMP_free_compress_methods
|
||||||
|
# undef ssl_add_clienthello_renegotiate_ext
|
||||||
|
# define ssl_add_clienthello_renegotiate_ext ssl_add_clienthello_reneg_ext
|
||||||
|
# undef ssl_add_serverhello_renegotiate_ext
|
||||||
|
# define ssl_add_serverhello_renegotiate_ext ssl_add_serverhello_reneg_ext
|
||||||
|
# undef ssl_parse_clienthello_renegotiate_ext
|
||||||
|
# define ssl_parse_clienthello_renegotiate_ext ssl_parse_clienthello_reneg_ext
|
||||||
|
# undef ssl_parse_serverhello_renegotiate_ext
|
||||||
|
# define ssl_parse_serverhello_renegotiate_ext ssl_parse_serverhello_reneg_ext
|
||||||
|
# undef SSL_srp_server_param_with_username
|
||||||
|
# define SSL_srp_server_param_with_username SSL_srp_server_param_with_un
|
||||||
|
# undef SSL_CTX_set_srp_client_pwd_callback
|
||||||
|
# define SSL_CTX_set_srp_client_pwd_callback SSL_CTX_set_srp_client_pwd_cb
|
||||||
|
# undef SSL_CTX_set_srp_verify_param_callback
|
||||||
|
# define SSL_CTX_set_srp_verify_param_callback SSL_CTX_set_srp_vfy_param_cb
|
||||||
|
# undef SSL_CTX_set_srp_username_callback
|
||||||
|
# define SSL_CTX_set_srp_username_callback SSL_CTX_set_srp_un_cb
|
||||||
|
# undef ssl_add_clienthello_use_srtp_ext
|
||||||
|
# define ssl_add_clienthello_use_srtp_ext ssl_add_clihello_use_srtp_ext
|
||||||
|
# undef ssl_add_serverhello_use_srtp_ext
|
||||||
|
# define ssl_add_serverhello_use_srtp_ext ssl_add_serhello_use_srtp_ext
|
||||||
|
# undef ssl_parse_clienthello_use_srtp_ext
|
||||||
|
# define ssl_parse_clienthello_use_srtp_ext ssl_parse_clihello_use_srtp_ext
|
||||||
|
# undef ssl_parse_serverhello_use_srtp_ext
|
||||||
|
# define ssl_parse_serverhello_use_srtp_ext ssl_parse_serhello_use_srtp_ext
|
||||||
|
# undef SSL_CTX_set_next_protos_advertised_cb
|
||||||
|
# define SSL_CTX_set_next_protos_advertised_cb SSL_CTX_set_next_protos_adv_cb
|
||||||
|
# undef SSL_CTX_set_next_proto_select_cb
|
||||||
|
# define SSL_CTX_set_next_proto_select_cb SSL_CTX_set_next_proto_sel_cb
|
||||||
|
|
||||||
|
# undef tls1_send_server_supplemental_data
|
||||||
|
# define tls1_send_server_supplemental_data tls1_send_server_suppl_data
|
||||||
|
# undef tls1_send_client_supplemental_data
|
||||||
|
# define tls1_send_client_supplemental_data tls1_send_client_suppl_data
|
||||||
|
# undef tls1_get_server_supplemental_data
|
||||||
|
# define tls1_get_server_supplemental_data tls1_get_server_suppl_data
|
||||||
|
# undef tls1_get_client_supplemental_data
|
||||||
|
# define tls1_get_client_supplemental_data tls1_get_client_suppl_data
|
||||||
|
|
||||||
|
# undef ssl3_cbc_record_digest_supported
|
||||||
|
# define ssl3_cbc_record_digest_supported ssl3_cbc_record_digest_support
|
||||||
|
# undef ssl_check_clienthello_tlsext_late
|
||||||
|
# define ssl_check_clienthello_tlsext_late ssl_check_clihello_tlsext_late
|
||||||
|
# undef ssl_check_clienthello_tlsext_early
|
||||||
|
# define ssl_check_clienthello_tlsext_early ssl_check_clihello_tlsext_early
|
||||||
|
|
||||||
|
/* Hack some RSA long names */
|
||||||
|
# undef RSA_padding_check_PKCS1_OAEP_mgf1
|
||||||
|
# define RSA_padding_check_PKCS1_OAEP_mgf1 RSA_pad_check_PKCS1_OAEP_mgf1
|
||||||
|
|
||||||
|
/* Hack some ENGINE long names */
|
||||||
|
# undef ENGINE_get_default_BN_mod_exp_crt
|
||||||
|
# define ENGINE_get_default_BN_mod_exp_crt ENGINE_get_def_BN_mod_exp_crt
|
||||||
|
# undef ENGINE_set_default_BN_mod_exp_crt
|
||||||
|
# define ENGINE_set_default_BN_mod_exp_crt ENGINE_set_def_BN_mod_exp_crt
|
||||||
|
# undef ENGINE_set_load_privkey_function
|
||||||
|
# define ENGINE_set_load_privkey_function ENGINE_set_load_privkey_fn
|
||||||
|
# undef ENGINE_get_load_privkey_function
|
||||||
|
# define ENGINE_get_load_privkey_function ENGINE_get_load_privkey_fn
|
||||||
|
# undef ENGINE_unregister_pkey_asn1_meths
|
||||||
|
# define ENGINE_unregister_pkey_asn1_meths ENGINE_unreg_pkey_asn1_meths
|
||||||
|
# undef ENGINE_register_all_pkey_asn1_meths
|
||||||
|
# define ENGINE_register_all_pkey_asn1_meths ENGINE_reg_all_pkey_asn1_meths
|
||||||
|
# undef ENGINE_set_default_pkey_asn1_meths
|
||||||
|
# define ENGINE_set_default_pkey_asn1_meths ENGINE_set_def_pkey_asn1_meths
|
||||||
|
# undef ENGINE_get_pkey_asn1_meth_engine
|
||||||
|
# define ENGINE_get_pkey_asn1_meth_engine ENGINE_get_pkey_asn1_meth_eng
|
||||||
|
# undef ENGINE_set_load_ssl_client_cert_function
|
||||||
|
# define ENGINE_set_load_ssl_client_cert_function \
|
||||||
|
ENGINE_set_ld_ssl_clnt_cert_fn
|
||||||
|
# undef ENGINE_get_ssl_client_cert_function
|
||||||
|
# define ENGINE_get_ssl_client_cert_function ENGINE_get_ssl_client_cert_fn
|
||||||
|
|
||||||
|
/* Hack some long OCSP names */
|
||||||
|
# undef OCSP_REQUEST_get_ext_by_critical
|
||||||
|
# define OCSP_REQUEST_get_ext_by_critical OCSP_REQUEST_get_ext_by_crit
|
||||||
|
# undef OCSP_BASICRESP_get_ext_by_critical
|
||||||
|
# define OCSP_BASICRESP_get_ext_by_critical OCSP_BASICRESP_get_ext_by_crit
|
||||||
|
# undef OCSP_SINGLERESP_get_ext_by_critical
|
||||||
|
# define OCSP_SINGLERESP_get_ext_by_critical OCSP_SINGLERESP_get_ext_by_crit
|
||||||
|
|
||||||
|
/* Hack some long DES names */
|
||||||
|
# undef _ossl_old_des_ede3_cfb64_encrypt
|
||||||
|
# define _ossl_old_des_ede3_cfb64_encrypt _ossl_odes_ede3_cfb64_encrypt
|
||||||
|
# undef _ossl_old_des_ede3_ofb64_encrypt
|
||||||
|
# define _ossl_old_des_ede3_ofb64_encrypt _ossl_odes_ede3_ofb64_encrypt
|
||||||
|
|
||||||
|
/* Hack some long EVP names */
|
||||||
|
# undef OPENSSL_add_all_algorithms_noconf
|
||||||
|
# define OPENSSL_add_all_algorithms_noconf OPENSSL_add_all_algo_noconf
|
||||||
|
# undef OPENSSL_add_all_algorithms_conf
|
||||||
|
# define OPENSSL_add_all_algorithms_conf OPENSSL_add_all_algo_conf
|
||||||
|
# undef EVP_PKEY_meth_set_verify_recover
|
||||||
|
# define EVP_PKEY_meth_set_verify_recover EVP_PKEY_meth_set_vrfy_recover
|
||||||
|
|
||||||
|
/* Hack some long EC names */
|
||||||
|
# undef EC_GROUP_set_point_conversion_form
|
||||||
|
# define EC_GROUP_set_point_conversion_form EC_GROUP_set_point_conv_form
|
||||||
|
# undef EC_GROUP_get_point_conversion_form
|
||||||
|
# define EC_GROUP_get_point_conversion_form EC_GROUP_get_point_conv_form
|
||||||
|
# undef EC_GROUP_clear_free_all_extra_data
|
||||||
|
# define EC_GROUP_clear_free_all_extra_data EC_GROUP_clr_free_all_xtra_data
|
||||||
|
# undef EC_KEY_set_public_key_affine_coordinates
|
||||||
|
# define EC_KEY_set_public_key_affine_coordinates \
|
||||||
|
EC_KEY_set_pub_key_aff_coords
|
||||||
|
# undef EC_POINT_set_Jprojective_coordinates_GFp
|
||||||
|
# define EC_POINT_set_Jprojective_coordinates_GFp \
|
||||||
|
EC_POINT_set_Jproj_coords_GFp
|
||||||
|
# undef EC_POINT_get_Jprojective_coordinates_GFp
|
||||||
|
# define EC_POINT_get_Jprojective_coordinates_GFp \
|
||||||
|
EC_POINT_get_Jproj_coords_GFp
|
||||||
|
# undef EC_POINT_set_affine_coordinates_GFp
|
||||||
|
# define EC_POINT_set_affine_coordinates_GFp EC_POINT_set_affine_coords_GFp
|
||||||
|
# undef EC_POINT_get_affine_coordinates_GFp
|
||||||
|
# define EC_POINT_get_affine_coordinates_GFp EC_POINT_get_affine_coords_GFp
|
||||||
|
# undef EC_POINT_set_compressed_coordinates_GFp
|
||||||
|
# define EC_POINT_set_compressed_coordinates_GFp EC_POINT_set_compr_coords_GFp
|
||||||
|
# undef EC_POINT_set_affine_coordinates_GF2m
|
||||||
|
# define EC_POINT_set_affine_coordinates_GF2m EC_POINT_set_affine_coords_GF2m
|
||||||
|
# undef EC_POINT_get_affine_coordinates_GF2m
|
||||||
|
# define EC_POINT_get_affine_coordinates_GF2m EC_POINT_get_affine_coords_GF2m
|
||||||
|
# undef EC_POINT_set_compressed_coordinates_GF2m
|
||||||
|
# define EC_POINT_set_compressed_coordinates_GF2m \
|
||||||
|
EC_POINT_set_compr_coords_GF2m
|
||||||
|
# undef ec_GF2m_simple_group_clear_finish
|
||||||
|
# define ec_GF2m_simple_group_clear_finish ec_GF2m_simple_grp_clr_finish
|
||||||
|
# undef ec_GF2m_simple_group_check_discriminant
|
||||||
|
# define ec_GF2m_simple_group_check_discriminant ec_GF2m_simple_grp_chk_discrim
|
||||||
|
# undef ec_GF2m_simple_point_clear_finish
|
||||||
|
# define ec_GF2m_simple_point_clear_finish ec_GF2m_simple_pt_clr_finish
|
||||||
|
# undef ec_GF2m_simple_point_set_to_infinity
|
||||||
|
# define ec_GF2m_simple_point_set_to_infinity ec_GF2m_simple_pt_set_to_inf
|
||||||
|
# undef ec_GF2m_simple_points_make_affine
|
||||||
|
# define ec_GF2m_simple_points_make_affine ec_GF2m_simple_pts_make_affine
|
||||||
|
# undef ec_GF2m_simple_point_set_affine_coordinates
|
||||||
|
# define ec_GF2m_simple_point_set_affine_coordinates \
|
||||||
|
ec_GF2m_smp_pt_set_af_coords
|
||||||
|
# undef ec_GF2m_simple_point_get_affine_coordinates
|
||||||
|
# define ec_GF2m_simple_point_get_affine_coordinates \
|
||||||
|
ec_GF2m_smp_pt_get_af_coords
|
||||||
|
# undef ec_GF2m_simple_set_compressed_coordinates
|
||||||
|
# define ec_GF2m_simple_set_compressed_coordinates \
|
||||||
|
ec_GF2m_smp_set_compr_coords
|
||||||
|
# undef ec_GFp_simple_group_set_curve_GFp
|
||||||
|
# define ec_GFp_simple_group_set_curve_GFp ec_GFp_simple_grp_set_curve_GFp
|
||||||
|
# undef ec_GFp_simple_group_get_curve_GFp
|
||||||
|
# define ec_GFp_simple_group_get_curve_GFp ec_GFp_simple_grp_get_curve_GFp
|
||||||
|
# undef ec_GFp_simple_group_clear_finish
|
||||||
|
# define ec_GFp_simple_group_clear_finish ec_GFp_simple_grp_clear_finish
|
||||||
|
# undef ec_GFp_simple_group_set_generator
|
||||||
|
# define ec_GFp_simple_group_set_generator ec_GFp_simple_grp_set_generator
|
||||||
|
# undef ec_GFp_simple_group_get0_generator
|
||||||
|
# define ec_GFp_simple_group_get0_generator ec_GFp_simple_grp_gt0_generator
|
||||||
|
# undef ec_GFp_simple_group_get_cofactor
|
||||||
|
# define ec_GFp_simple_group_get_cofactor ec_GFp_simple_grp_get_cofactor
|
||||||
|
# undef ec_GFp_simple_point_clear_finish
|
||||||
|
# define ec_GFp_simple_point_clear_finish ec_GFp_simple_pt_clear_finish
|
||||||
|
# undef ec_GFp_simple_point_set_to_infinity
|
||||||
|
# define ec_GFp_simple_point_set_to_infinity ec_GFp_simple_pt_set_to_inf
|
||||||
|
# undef ec_GFp_simple_points_make_affine
|
||||||
|
# define ec_GFp_simple_points_make_affine ec_GFp_simple_pts_make_affine
|
||||||
|
# undef ec_GFp_simple_set_Jprojective_coordinates_GFp
|
||||||
|
# define ec_GFp_simple_set_Jprojective_coordinates_GFp \
|
||||||
|
ec_GFp_smp_set_Jproj_coords_GFp
|
||||||
|
# undef ec_GFp_simple_get_Jprojective_coordinates_GFp
|
||||||
|
# define ec_GFp_simple_get_Jprojective_coordinates_GFp \
|
||||||
|
ec_GFp_smp_get_Jproj_coords_GFp
|
||||||
|
# undef ec_GFp_simple_point_set_affine_coordinates_GFp
|
||||||
|
# define ec_GFp_simple_point_set_affine_coordinates_GFp \
|
||||||
|
ec_GFp_smp_pt_set_af_coords_GFp
|
||||||
|
# undef ec_GFp_simple_point_get_affine_coordinates_GFp
|
||||||
|
# define ec_GFp_simple_point_get_affine_coordinates_GFp \
|
||||||
|
ec_GFp_smp_pt_get_af_coords_GFp
|
||||||
|
# undef ec_GFp_simple_set_compressed_coordinates_GFp
|
||||||
|
# define ec_GFp_simple_set_compressed_coordinates_GFp \
|
||||||
|
ec_GFp_smp_set_compr_coords_GFp
|
||||||
|
# undef ec_GFp_simple_point_set_affine_coordinates
|
||||||
|
# define ec_GFp_simple_point_set_affine_coordinates \
|
||||||
|
ec_GFp_smp_pt_set_af_coords
|
||||||
|
# undef ec_GFp_simple_point_get_affine_coordinates
|
||||||
|
# define ec_GFp_simple_point_get_affine_coordinates \
|
||||||
|
ec_GFp_smp_pt_get_af_coords
|
||||||
|
# undef ec_GFp_simple_set_compressed_coordinates
|
||||||
|
# define ec_GFp_simple_set_compressed_coordinates \
|
||||||
|
ec_GFp_smp_set_compr_coords
|
||||||
|
# undef ec_GFp_simple_group_check_discriminant
|
||||||
|
# define ec_GFp_simple_group_check_discriminant ec_GFp_simple_grp_chk_discrim
|
||||||
|
|
||||||
|
/* Hack som long STORE names */
|
||||||
|
# undef STORE_method_set_initialise_function
|
||||||
|
# define STORE_method_set_initialise_function STORE_meth_set_initialise_fn
|
||||||
|
# undef STORE_method_set_cleanup_function
|
||||||
|
# define STORE_method_set_cleanup_function STORE_meth_set_cleanup_fn
|
||||||
|
# undef STORE_method_set_generate_function
|
||||||
|
# define STORE_method_set_generate_function STORE_meth_set_generate_fn
|
||||||
|
# undef STORE_method_set_modify_function
|
||||||
|
# define STORE_method_set_modify_function STORE_meth_set_modify_fn
|
||||||
|
# undef STORE_method_set_revoke_function
|
||||||
|
# define STORE_method_set_revoke_function STORE_meth_set_revoke_fn
|
||||||
|
# undef STORE_method_set_delete_function
|
||||||
|
# define STORE_method_set_delete_function STORE_meth_set_delete_fn
|
||||||
|
# undef STORE_method_set_list_start_function
|
||||||
|
# define STORE_method_set_list_start_function STORE_meth_set_list_start_fn
|
||||||
|
# undef STORE_method_set_list_next_function
|
||||||
|
# define STORE_method_set_list_next_function STORE_meth_set_list_next_fn
|
||||||
|
# undef STORE_method_set_list_end_function
|
||||||
|
# define STORE_method_set_list_end_function STORE_meth_set_list_end_fn
|
||||||
|
# undef STORE_method_set_update_store_function
|
||||||
|
# define STORE_method_set_update_store_function STORE_meth_set_update_store_fn
|
||||||
|
# undef STORE_method_set_lock_store_function
|
||||||
|
# define STORE_method_set_lock_store_function STORE_meth_set_lock_store_fn
|
||||||
|
# undef STORE_method_set_unlock_store_function
|
||||||
|
# define STORE_method_set_unlock_store_function STORE_meth_set_unlock_store_fn
|
||||||
|
# undef STORE_method_get_initialise_function
|
||||||
|
# define STORE_method_get_initialise_function STORE_meth_get_initialise_fn
|
||||||
|
# undef STORE_method_get_cleanup_function
|
||||||
|
# define STORE_method_get_cleanup_function STORE_meth_get_cleanup_fn
|
||||||
|
# undef STORE_method_get_generate_function
|
||||||
|
# define STORE_method_get_generate_function STORE_meth_get_generate_fn
|
||||||
|
# undef STORE_method_get_modify_function
|
||||||
|
# define STORE_method_get_modify_function STORE_meth_get_modify_fn
|
||||||
|
# undef STORE_method_get_revoke_function
|
||||||
|
# define STORE_method_get_revoke_function STORE_meth_get_revoke_fn
|
||||||
|
# undef STORE_method_get_delete_function
|
||||||
|
# define STORE_method_get_delete_function STORE_meth_get_delete_fn
|
||||||
|
# undef STORE_method_get_list_start_function
|
||||||
|
# define STORE_method_get_list_start_function STORE_meth_get_list_start_fn
|
||||||
|
# undef STORE_method_get_list_next_function
|
||||||
|
# define STORE_method_get_list_next_function STORE_meth_get_list_next_fn
|
||||||
|
# undef STORE_method_get_list_end_function
|
||||||
|
# define STORE_method_get_list_end_function STORE_meth_get_list_end_fn
|
||||||
|
# undef STORE_method_get_update_store_function
|
||||||
|
# define STORE_method_get_update_store_function STORE_meth_get_update_store_fn
|
||||||
|
# undef STORE_method_get_lock_store_function
|
||||||
|
# define STORE_method_get_lock_store_function STORE_meth_get_lock_store_fn
|
||||||
|
# undef STORE_method_get_unlock_store_function
|
||||||
|
# define STORE_method_get_unlock_store_function STORE_meth_get_unlock_store_fn
|
||||||
|
|
||||||
|
/* Hack some long TS names */
|
||||||
|
# undef TS_RESP_CTX_set_status_info_cond
|
||||||
|
# define TS_RESP_CTX_set_status_info_cond TS_RESP_CTX_set_stat_info_cond
|
||||||
|
# undef TS_RESP_CTX_set_clock_precision_digits
|
||||||
|
# define TS_RESP_CTX_set_clock_precision_digits TS_RESP_CTX_set_clk_prec_digits
|
||||||
|
# undef TS_CONF_set_clock_precision_digits
|
||||||
|
# define TS_CONF_set_clock_precision_digits TS_CONF_set_clk_prec_digits
|
||||||
|
|
||||||
|
/* Hack some long CMS names */
|
||||||
|
# undef CMS_RecipientInfo_ktri_get0_algs
|
||||||
|
# define CMS_RecipientInfo_ktri_get0_algs CMS_RecipInfo_ktri_get0_algs
|
||||||
|
# undef CMS_RecipientInfo_ktri_get0_signer_id
|
||||||
|
# define CMS_RecipientInfo_ktri_get0_signer_id CMS_RecipInfo_ktri_get0_sigr_id
|
||||||
|
# undef CMS_OtherRevocationInfoFormat_it
|
||||||
|
# define CMS_OtherRevocationInfoFormat_it CMS_OtherRevocInfoFormat_it
|
||||||
|
# undef CMS_KeyAgreeRecipientIdentifier_it
|
||||||
|
# define CMS_KeyAgreeRecipientIdentifier_it CMS_KeyAgreeRecipIdentifier_it
|
||||||
|
# undef CMS_OriginatorIdentifierOrKey_it
|
||||||
|
# define CMS_OriginatorIdentifierOrKey_it CMS_OriginatorIdOrKey_it
|
||||||
|
# undef cms_SignerIdentifier_get0_signer_id
|
||||||
|
# define cms_SignerIdentifier_get0_signer_id cms_SignerId_get0_signer_id
|
||||||
|
# undef CMS_RecipientInfo_kari_get0_orig_id
|
||||||
|
# define CMS_RecipientInfo_kari_get0_orig_id CMS_RecipInfo_kari_get0_orig_id
|
||||||
|
# undef CMS_RecipientInfo_kari_get0_reks
|
||||||
|
# define CMS_RecipientInfo_kari_get0_reks CMS_RecipInfo_kari_get0_reks
|
||||||
|
# undef CMS_RecipientEncryptedKey_cert_cmp
|
||||||
|
# define CMS_RecipientEncryptedKey_cert_cmp CMS_RecipEncryptedKey_cert_cmp
|
||||||
|
# undef CMS_RecipientInfo_kari_set0_pkey
|
||||||
|
# define CMS_RecipientInfo_kari_set0_pkey CMS_RecipInfo_kari_set0_pkey
|
||||||
|
# undef CMS_RecipientEncryptedKey_get0_id
|
||||||
|
# define CMS_RecipientEncryptedKey_get0_id CMS_RecipEncryptedKey_get0_id
|
||||||
|
# undef CMS_RecipientInfo_kari_orig_id_cmp
|
||||||
|
# define CMS_RecipientInfo_kari_orig_id_cmp CMS_RecipInfo_kari_orig_id_cmp
|
||||||
|
|
||||||
|
/* Hack some long DTLS1 names */
|
||||||
|
# undef dtls1_retransmit_buffered_messages
|
||||||
|
# define dtls1_retransmit_buffered_messages dtls1_retransmit_buffered_msgs
|
||||||
|
|
||||||
|
/* Hack some long SRP names */
|
||||||
|
# undef SRP_generate_server_master_secret
|
||||||
|
# define SRP_generate_server_master_secret SRP_gen_server_master_secret
|
||||||
|
# undef SRP_generate_client_master_secret
|
||||||
|
# define SRP_generate_client_master_secret SRP_gen_client_master_secret
|
||||||
|
|
||||||
|
/* Hack some long UI names */
|
||||||
|
# undef UI_method_get_prompt_constructor
|
||||||
|
# define UI_method_get_prompt_constructor UI_method_get_prompt_constructr
|
||||||
|
# undef UI_method_set_prompt_constructor
|
||||||
|
# define UI_method_set_prompt_constructor UI_method_set_prompt_constructr
|
||||||
|
|
||||||
|
# endif /* defined OPENSSL_SYS_VMS */
|
||||||
|
|
||||||
|
/* Case insensitive linking causes problems.... */
|
||||||
|
# if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2)
|
||||||
|
# undef ERR_load_CRYPTO_strings
|
||||||
|
# define ERR_load_CRYPTO_strings ERR_load_CRYPTOlib_strings
|
||||||
|
# undef OCSP_crlID_new
|
||||||
|
# define OCSP_crlID_new OCSP_crlID2_new
|
||||||
|
|
||||||
|
# undef d2i_ECPARAMETERS
|
||||||
|
# define d2i_ECPARAMETERS d2i_UC_ECPARAMETERS
|
||||||
|
# undef i2d_ECPARAMETERS
|
||||||
|
# define i2d_ECPARAMETERS i2d_UC_ECPARAMETERS
|
||||||
|
# undef d2i_ECPKPARAMETERS
|
||||||
|
# define d2i_ECPKPARAMETERS d2i_UC_ECPKPARAMETERS
|
||||||
|
# undef i2d_ECPKPARAMETERS
|
||||||
|
# define i2d_ECPKPARAMETERS i2d_UC_ECPKPARAMETERS
|
||||||
|
|
||||||
|
/*
|
||||||
|
* These functions do not seem to exist! However, I'm paranoid... Original
|
||||||
|
* command in x509v3.h: These functions are being redefined in another
|
||||||
|
* directory, and clash when the linker is case-insensitive, so let's hide
|
||||||
|
* them a little, by giving them an extra 'o' at the beginning of the name...
|
||||||
|
*/
|
||||||
|
# undef X509v3_cleanup_extensions
|
||||||
|
# define X509v3_cleanup_extensions oX509v3_cleanup_extensions
|
||||||
|
# undef X509v3_add_extension
|
||||||
|
# define X509v3_add_extension oX509v3_add_extension
|
||||||
|
# undef X509v3_add_netscape_extensions
|
||||||
|
# define X509v3_add_netscape_extensions oX509v3_add_netscape_extensions
|
||||||
|
# undef X509v3_add_standard_extensions
|
||||||
|
# define X509v3_add_standard_extensions oX509v3_add_standard_extensions
|
||||||
|
|
||||||
|
/* This one clashes with CMS_data_create */
|
||||||
|
# undef cms_Data_create
|
||||||
|
# define cms_Data_create priv_cms_Data_create
|
||||||
|
|
||||||
|
# endif
|
||||||
|
|
||||||
|
#endif /* ! defined HEADER_VMS_IDHACKS_H */
|
|
@ -0,0 +1,813 @@
|
||||||
|
/* ssl/tls1.h */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* openssl-core@openssl.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
|
||||||
|
*
|
||||||
|
* Portions of the attached software ("Contribution") are developed by
|
||||||
|
* SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
|
||||||
|
*
|
||||||
|
* The Contribution is licensed pursuant to the OpenSSL open source
|
||||||
|
* license provided above.
|
||||||
|
*
|
||||||
|
* ECC cipher suite support in OpenSSL originally written by
|
||||||
|
* Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright 2005 Nokia. All rights reserved.
|
||||||
|
*
|
||||||
|
* The portions of the attached software ("Contribution") is developed by
|
||||||
|
* Nokia Corporation and is licensed pursuant to the OpenSSL open source
|
||||||
|
* license.
|
||||||
|
*
|
||||||
|
* The Contribution, originally written by Mika Kousa and Pasi Eronen of
|
||||||
|
* Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
|
||||||
|
* support (see RFC 4279) to OpenSSL.
|
||||||
|
*
|
||||||
|
* No patent licenses or other rights except those expressly stated in
|
||||||
|
* the OpenSSL open source license shall be deemed granted or received
|
||||||
|
* expressly, by implication, estoppel, or otherwise.
|
||||||
|
*
|
||||||
|
* No assurances are provided by Nokia that the Contribution does not
|
||||||
|
* infringe the patent or other intellectual property rights of any third
|
||||||
|
* party or that the license provides you with all the necessary rights
|
||||||
|
* to make use of the Contribution.
|
||||||
|
*
|
||||||
|
* THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
|
||||||
|
* ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
|
||||||
|
* SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
|
||||||
|
* OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
|
||||||
|
* OTHERWISE.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_TLS1_H
|
||||||
|
# define HEADER_TLS1_H
|
||||||
|
|
||||||
|
# include <openssl/buffer.h>
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
# define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 0
|
||||||
|
|
||||||
|
# define TLS1_VERSION 0x0301
|
||||||
|
# define TLS1_1_VERSION 0x0302
|
||||||
|
# define TLS1_2_VERSION 0x0303
|
||||||
|
# define TLS_MAX_VERSION TLS1_2_VERSION
|
||||||
|
|
||||||
|
# define TLS1_VERSION_MAJOR 0x03
|
||||||
|
# define TLS1_VERSION_MINOR 0x01
|
||||||
|
|
||||||
|
# define TLS1_1_VERSION_MAJOR 0x03
|
||||||
|
# define TLS1_1_VERSION_MINOR 0x02
|
||||||
|
|
||||||
|
# define TLS1_2_VERSION_MAJOR 0x03
|
||||||
|
# define TLS1_2_VERSION_MINOR 0x03
|
||||||
|
|
||||||
|
# define TLS1_get_version(s) \
|
||||||
|
((s->version >> 8) == TLS1_VERSION_MAJOR ? s->version : 0)
|
||||||
|
|
||||||
|
# define TLS1_get_client_version(s) \
|
||||||
|
((s->client_version >> 8) == TLS1_VERSION_MAJOR ? s->client_version : 0)
|
||||||
|
|
||||||
|
# define TLS1_AD_DECRYPTION_FAILED 21
|
||||||
|
# define TLS1_AD_RECORD_OVERFLOW 22
|
||||||
|
# define TLS1_AD_UNKNOWN_CA 48/* fatal */
|
||||||
|
# define TLS1_AD_ACCESS_DENIED 49/* fatal */
|
||||||
|
# define TLS1_AD_DECODE_ERROR 50/* fatal */
|
||||||
|
# define TLS1_AD_DECRYPT_ERROR 51
|
||||||
|
# define TLS1_AD_EXPORT_RESTRICTION 60/* fatal */
|
||||||
|
# define TLS1_AD_PROTOCOL_VERSION 70/* fatal */
|
||||||
|
# define TLS1_AD_INSUFFICIENT_SECURITY 71/* fatal */
|
||||||
|
# define TLS1_AD_INTERNAL_ERROR 80/* fatal */
|
||||||
|
# define TLS1_AD_INAPPROPRIATE_FALLBACK 86/* fatal */
|
||||||
|
# define TLS1_AD_USER_CANCELLED 90
|
||||||
|
# define TLS1_AD_NO_RENEGOTIATION 100
|
||||||
|
/* codes 110-114 are from RFC3546 */
|
||||||
|
# define TLS1_AD_UNSUPPORTED_EXTENSION 110
|
||||||
|
# define TLS1_AD_CERTIFICATE_UNOBTAINABLE 111
|
||||||
|
# define TLS1_AD_UNRECOGNIZED_NAME 112
|
||||||
|
# define TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE 113
|
||||||
|
# define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE 114
|
||||||
|
# define TLS1_AD_UNKNOWN_PSK_IDENTITY 115/* fatal */
|
||||||
|
|
||||||
|
/* ExtensionType values from RFC3546 / RFC4366 / RFC6066 */
|
||||||
|
# define TLSEXT_TYPE_server_name 0
|
||||||
|
# define TLSEXT_TYPE_max_fragment_length 1
|
||||||
|
# define TLSEXT_TYPE_client_certificate_url 2
|
||||||
|
# define TLSEXT_TYPE_trusted_ca_keys 3
|
||||||
|
# define TLSEXT_TYPE_truncated_hmac 4
|
||||||
|
# define TLSEXT_TYPE_status_request 5
|
||||||
|
/* ExtensionType values from RFC4681 */
|
||||||
|
# define TLSEXT_TYPE_user_mapping 6
|
||||||
|
/* ExtensionType values from RFC5878 */
|
||||||
|
# define TLSEXT_TYPE_client_authz 7
|
||||||
|
# define TLSEXT_TYPE_server_authz 8
|
||||||
|
/* ExtensionType values from RFC6091 */
|
||||||
|
# define TLSEXT_TYPE_cert_type 9
|
||||||
|
|
||||||
|
/* ExtensionType values from RFC4492 */
|
||||||
|
# define TLSEXT_TYPE_elliptic_curves 10
|
||||||
|
# define TLSEXT_TYPE_ec_point_formats 11
|
||||||
|
|
||||||
|
/* ExtensionType value from RFC5054 */
|
||||||
|
# define TLSEXT_TYPE_srp 12
|
||||||
|
|
||||||
|
/* ExtensionType values from RFC5246 */
|
||||||
|
# define TLSEXT_TYPE_signature_algorithms 13
|
||||||
|
|
||||||
|
/* ExtensionType value from RFC5764 */
|
||||||
|
# define TLSEXT_TYPE_use_srtp 14
|
||||||
|
|
||||||
|
/* ExtensionType value from RFC5620 */
|
||||||
|
# define TLSEXT_TYPE_heartbeat 15
|
||||||
|
|
||||||
|
/* ExtensionType value from draft-ietf-tls-applayerprotoneg-00 */
|
||||||
|
# define TLSEXT_TYPE_application_layer_protocol_negotiation 16
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ExtensionType value for TLS padding extension.
|
||||||
|
* http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml
|
||||||
|
* http://tools.ietf.org/html/draft-agl-tls-padding-03
|
||||||
|
*/
|
||||||
|
# define TLSEXT_TYPE_padding 21
|
||||||
|
|
||||||
|
/* ExtensionType value from RFC4507 */
|
||||||
|
# define TLSEXT_TYPE_session_ticket 35
|
||||||
|
|
||||||
|
/* ExtensionType value from draft-rescorla-tls-opaque-prf-input-00.txt */
|
||||||
|
# if 0
|
||||||
|
/*
|
||||||
|
* will have to be provided externally for now ,
|
||||||
|
* i.e. build with -DTLSEXT_TYPE_opaque_prf_input=38183
|
||||||
|
* using whatever extension number you'd like to try
|
||||||
|
*/
|
||||||
|
# define TLSEXT_TYPE_opaque_prf_input ??
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* Temporary extension type */
|
||||||
|
# define TLSEXT_TYPE_renegotiate 0xff01
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_NEXTPROTONEG
|
||||||
|
/* This is not an IANA defined extension number */
|
||||||
|
# define TLSEXT_TYPE_next_proto_neg 13172
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* NameType value from RFC 3546 */
|
||||||
|
# define TLSEXT_NAMETYPE_host_name 0
|
||||||
|
/* status request value from RFC 3546 */
|
||||||
|
# define TLSEXT_STATUSTYPE_ocsp 1
|
||||||
|
|
||||||
|
/* ECPointFormat values from draft-ietf-tls-ecc-12 */
|
||||||
|
# define TLSEXT_ECPOINTFORMAT_first 0
|
||||||
|
# define TLSEXT_ECPOINTFORMAT_uncompressed 0
|
||||||
|
# define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime 1
|
||||||
|
# define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2 2
|
||||||
|
# define TLSEXT_ECPOINTFORMAT_last 2
|
||||||
|
|
||||||
|
/* Signature and hash algorithms from RFC 5246 */
|
||||||
|
|
||||||
|
# define TLSEXT_signature_anonymous 0
|
||||||
|
# define TLSEXT_signature_rsa 1
|
||||||
|
# define TLSEXT_signature_dsa 2
|
||||||
|
# define TLSEXT_signature_ecdsa 3
|
||||||
|
|
||||||
|
/* Total number of different signature algorithms */
|
||||||
|
# define TLSEXT_signature_num 4
|
||||||
|
|
||||||
|
# define TLSEXT_hash_none 0
|
||||||
|
# define TLSEXT_hash_md5 1
|
||||||
|
# define TLSEXT_hash_sha1 2
|
||||||
|
# define TLSEXT_hash_sha224 3
|
||||||
|
# define TLSEXT_hash_sha256 4
|
||||||
|
# define TLSEXT_hash_sha384 5
|
||||||
|
# define TLSEXT_hash_sha512 6
|
||||||
|
|
||||||
|
/* Total number of different digest algorithms */
|
||||||
|
|
||||||
|
# define TLSEXT_hash_num 7
|
||||||
|
|
||||||
|
/* Flag set for unrecognised algorithms */
|
||||||
|
# define TLSEXT_nid_unknown 0x1000000
|
||||||
|
|
||||||
|
/* ECC curves */
|
||||||
|
|
||||||
|
# define TLSEXT_curve_P_256 23
|
||||||
|
# define TLSEXT_curve_P_384 24
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_TLSEXT
|
||||||
|
|
||||||
|
# define TLSEXT_MAXLEN_host_name 255
|
||||||
|
|
||||||
|
const char *SSL_get_servername(const SSL *s, const int type);
|
||||||
|
int SSL_get_servername_type(const SSL *s);
|
||||||
|
/*
|
||||||
|
* SSL_export_keying_material exports a value derived from the master secret,
|
||||||
|
* as specified in RFC 5705. It writes |olen| bytes to |out| given a label and
|
||||||
|
* optional context. (Since a zero length context is allowed, the |use_context|
|
||||||
|
* flag controls whether a context is included.) It returns 1 on success and
|
||||||
|
* zero otherwise.
|
||||||
|
*/
|
||||||
|
int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
|
||||||
|
const char *label, size_t llen,
|
||||||
|
const unsigned char *p, size_t plen,
|
||||||
|
int use_context);
|
||||||
|
|
||||||
|
int SSL_get_sigalgs(SSL *s, int idx,
|
||||||
|
int *psign, int *phash, int *psignandhash,
|
||||||
|
unsigned char *rsig, unsigned char *rhash);
|
||||||
|
|
||||||
|
int SSL_get_shared_sigalgs(SSL *s, int idx,
|
||||||
|
int *psign, int *phash, int *psignandhash,
|
||||||
|
unsigned char *rsig, unsigned char *rhash);
|
||||||
|
|
||||||
|
int SSL_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain);
|
||||||
|
|
||||||
|
# define SSL_set_tlsext_host_name(s,name) \
|
||||||
|
SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name,(char *)name)
|
||||||
|
|
||||||
|
# define SSL_set_tlsext_debug_callback(ssl, cb) \
|
||||||
|
SSL_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_CB,(void (*)(void))cb)
|
||||||
|
|
||||||
|
# define SSL_set_tlsext_debug_arg(ssl, arg) \
|
||||||
|
SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_ARG,0, (void *)arg)
|
||||||
|
|
||||||
|
# define SSL_set_tlsext_status_type(ssl, type) \
|
||||||
|
SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE,type, NULL)
|
||||||
|
|
||||||
|
# define SSL_get_tlsext_status_exts(ssl, arg) \
|
||||||
|
SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS,0, (void *)arg)
|
||||||
|
|
||||||
|
# define SSL_set_tlsext_status_exts(ssl, arg) \
|
||||||
|
SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS,0, (void *)arg)
|
||||||
|
|
||||||
|
# define SSL_get_tlsext_status_ids(ssl, arg) \
|
||||||
|
SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS,0, (void *)arg)
|
||||||
|
|
||||||
|
# define SSL_set_tlsext_status_ids(ssl, arg) \
|
||||||
|
SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS,0, (void *)arg)
|
||||||
|
|
||||||
|
# define SSL_get_tlsext_status_ocsp_resp(ssl, arg) \
|
||||||
|
SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP,0, (void *)arg)
|
||||||
|
|
||||||
|
# define SSL_set_tlsext_status_ocsp_resp(ssl, arg, arglen) \
|
||||||
|
SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP,arglen, (void *)arg)
|
||||||
|
|
||||||
|
# define SSL_CTX_set_tlsext_servername_callback(ctx, cb) \
|
||||||
|
SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_CB,(void (*)(void))cb)
|
||||||
|
|
||||||
|
# define SSL_TLSEXT_ERR_OK 0
|
||||||
|
# define SSL_TLSEXT_ERR_ALERT_WARNING 1
|
||||||
|
# define SSL_TLSEXT_ERR_ALERT_FATAL 2
|
||||||
|
# define SSL_TLSEXT_ERR_NOACK 3
|
||||||
|
|
||||||
|
# define SSL_CTX_set_tlsext_servername_arg(ctx, arg) \
|
||||||
|
SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG,0, (void *)arg)
|
||||||
|
|
||||||
|
# define SSL_CTX_get_tlsext_ticket_keys(ctx, keys, keylen) \
|
||||||
|
SSL_CTX_ctrl((ctx),SSL_CTRL_GET_TLSEXT_TICKET_KEYS,(keylen),(keys))
|
||||||
|
# define SSL_CTX_set_tlsext_ticket_keys(ctx, keys, keylen) \
|
||||||
|
SSL_CTX_ctrl((ctx),SSL_CTRL_SET_TLSEXT_TICKET_KEYS,(keylen),(keys))
|
||||||
|
|
||||||
|
# define SSL_CTX_set_tlsext_status_cb(ssl, cb) \
|
||||||
|
SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB,(void (*)(void))cb)
|
||||||
|
|
||||||
|
# define SSL_CTX_set_tlsext_status_arg(ssl, arg) \
|
||||||
|
SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG,0, (void *)arg)
|
||||||
|
|
||||||
|
# define SSL_set_tlsext_opaque_prf_input(s, src, len) \
|
||||||
|
SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT, len, src)
|
||||||
|
# define SSL_CTX_set_tlsext_opaque_prf_input_callback(ctx, cb) \
|
||||||
|
SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB, (void (*)(void))cb)
|
||||||
|
# define SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(ctx, arg) \
|
||||||
|
SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG, 0, arg)
|
||||||
|
|
||||||
|
# define SSL_CTX_set_tlsext_ticket_key_cb(ssl, cb) \
|
||||||
|
SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_HEARTBEATS
|
||||||
|
# define SSL_TLSEXT_HB_ENABLED 0x01
|
||||||
|
# define SSL_TLSEXT_HB_DONT_SEND_REQUESTS 0x02
|
||||||
|
# define SSL_TLSEXT_HB_DONT_RECV_REQUESTS 0x04
|
||||||
|
|
||||||
|
# define SSL_get_tlsext_heartbeat_pending(ssl) \
|
||||||
|
SSL_ctrl((ssl),SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING,0,NULL)
|
||||||
|
# define SSL_set_tlsext_heartbeat_no_requests(ssl, arg) \
|
||||||
|
SSL_ctrl((ssl),SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS,arg,NULL)
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* PSK ciphersuites from 4279 */
|
||||||
|
# define TLS1_CK_PSK_WITH_RC4_128_SHA 0x0300008A
|
||||||
|
# define TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA 0x0300008B
|
||||||
|
# define TLS1_CK_PSK_WITH_AES_128_CBC_SHA 0x0300008C
|
||||||
|
# define TLS1_CK_PSK_WITH_AES_256_CBC_SHA 0x0300008D
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Additional TLS ciphersuites from expired Internet Draft
|
||||||
|
* draft-ietf-tls-56-bit-ciphersuites-01.txt (available if
|
||||||
|
* TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES is defined, see s3_lib.c). We
|
||||||
|
* actually treat them like SSL 3.0 ciphers, which we probably shouldn't.
|
||||||
|
* Note that the first two are actually not in the IDs.
|
||||||
|
*/
|
||||||
|
# define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5 0x03000060/* not in
|
||||||
|
* ID */
|
||||||
|
# define TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 0x03000061/* not in
|
||||||
|
* ID */
|
||||||
|
# define TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA 0x03000062
|
||||||
|
# define TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA 0x03000063
|
||||||
|
# define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA 0x03000064
|
||||||
|
# define TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA 0x03000065
|
||||||
|
# define TLS1_CK_DHE_DSS_WITH_RC4_128_SHA 0x03000066
|
||||||
|
|
||||||
|
/* AES ciphersuites from RFC3268 */
|
||||||
|
|
||||||
|
# define TLS1_CK_RSA_WITH_AES_128_SHA 0x0300002F
|
||||||
|
# define TLS1_CK_DH_DSS_WITH_AES_128_SHA 0x03000030
|
||||||
|
# define TLS1_CK_DH_RSA_WITH_AES_128_SHA 0x03000031
|
||||||
|
# define TLS1_CK_DHE_DSS_WITH_AES_128_SHA 0x03000032
|
||||||
|
# define TLS1_CK_DHE_RSA_WITH_AES_128_SHA 0x03000033
|
||||||
|
# define TLS1_CK_ADH_WITH_AES_128_SHA 0x03000034
|
||||||
|
|
||||||
|
# define TLS1_CK_RSA_WITH_AES_256_SHA 0x03000035
|
||||||
|
# define TLS1_CK_DH_DSS_WITH_AES_256_SHA 0x03000036
|
||||||
|
# define TLS1_CK_DH_RSA_WITH_AES_256_SHA 0x03000037
|
||||||
|
# define TLS1_CK_DHE_DSS_WITH_AES_256_SHA 0x03000038
|
||||||
|
# define TLS1_CK_DHE_RSA_WITH_AES_256_SHA 0x03000039
|
||||||
|
# define TLS1_CK_ADH_WITH_AES_256_SHA 0x0300003A
|
||||||
|
|
||||||
|
/* TLS v1.2 ciphersuites */
|
||||||
|
# define TLS1_CK_RSA_WITH_NULL_SHA256 0x0300003B
|
||||||
|
# define TLS1_CK_RSA_WITH_AES_128_SHA256 0x0300003C
|
||||||
|
# define TLS1_CK_RSA_WITH_AES_256_SHA256 0x0300003D
|
||||||
|
# define TLS1_CK_DH_DSS_WITH_AES_128_SHA256 0x0300003E
|
||||||
|
# define TLS1_CK_DH_RSA_WITH_AES_128_SHA256 0x0300003F
|
||||||
|
# define TLS1_CK_DHE_DSS_WITH_AES_128_SHA256 0x03000040
|
||||||
|
|
||||||
|
/* Camellia ciphersuites from RFC4132 */
|
||||||
|
# define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000041
|
||||||
|
# define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA 0x03000042
|
||||||
|
# define TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000043
|
||||||
|
# define TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA 0x03000044
|
||||||
|
# define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000045
|
||||||
|
# define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA 0x03000046
|
||||||
|
|
||||||
|
/* TLS v1.2 ciphersuites */
|
||||||
|
# define TLS1_CK_DHE_RSA_WITH_AES_128_SHA256 0x03000067
|
||||||
|
# define TLS1_CK_DH_DSS_WITH_AES_256_SHA256 0x03000068
|
||||||
|
# define TLS1_CK_DH_RSA_WITH_AES_256_SHA256 0x03000069
|
||||||
|
# define TLS1_CK_DHE_DSS_WITH_AES_256_SHA256 0x0300006A
|
||||||
|
# define TLS1_CK_DHE_RSA_WITH_AES_256_SHA256 0x0300006B
|
||||||
|
# define TLS1_CK_ADH_WITH_AES_128_SHA256 0x0300006C
|
||||||
|
# define TLS1_CK_ADH_WITH_AES_256_SHA256 0x0300006D
|
||||||
|
|
||||||
|
/* Camellia ciphersuites from RFC4132 */
|
||||||
|
# define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000084
|
||||||
|
# define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA 0x03000085
|
||||||
|
# define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000086
|
||||||
|
# define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA 0x03000087
|
||||||
|
# define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000088
|
||||||
|
# define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA 0x03000089
|
||||||
|
|
||||||
|
/* SEED ciphersuites from RFC4162 */
|
||||||
|
# define TLS1_CK_RSA_WITH_SEED_SHA 0x03000096
|
||||||
|
# define TLS1_CK_DH_DSS_WITH_SEED_SHA 0x03000097
|
||||||
|
# define TLS1_CK_DH_RSA_WITH_SEED_SHA 0x03000098
|
||||||
|
# define TLS1_CK_DHE_DSS_WITH_SEED_SHA 0x03000099
|
||||||
|
# define TLS1_CK_DHE_RSA_WITH_SEED_SHA 0x0300009A
|
||||||
|
# define TLS1_CK_ADH_WITH_SEED_SHA 0x0300009B
|
||||||
|
|
||||||
|
/* TLS v1.2 GCM ciphersuites from RFC5288 */
|
||||||
|
# define TLS1_CK_RSA_WITH_AES_128_GCM_SHA256 0x0300009C
|
||||||
|
# define TLS1_CK_RSA_WITH_AES_256_GCM_SHA384 0x0300009D
|
||||||
|
# define TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256 0x0300009E
|
||||||
|
# define TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384 0x0300009F
|
||||||
|
# define TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256 0x030000A0
|
||||||
|
# define TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384 0x030000A1
|
||||||
|
# define TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256 0x030000A2
|
||||||
|
# define TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384 0x030000A3
|
||||||
|
# define TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256 0x030000A4
|
||||||
|
# define TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384 0x030000A5
|
||||||
|
# define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256 0x030000A6
|
||||||
|
# define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384 0x030000A7
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ECC ciphersuites from draft-ietf-tls-ecc-12.txt with changes soon to be in
|
||||||
|
* draft 13
|
||||||
|
*/
|
||||||
|
# define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA 0x0300C001
|
||||||
|
# define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA 0x0300C002
|
||||||
|
# define TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA 0x0300C003
|
||||||
|
# define TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0x0300C004
|
||||||
|
# define TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0x0300C005
|
||||||
|
|
||||||
|
# define TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA 0x0300C006
|
||||||
|
# define TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA 0x0300C007
|
||||||
|
# define TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA 0x0300C008
|
||||||
|
# define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0x0300C009
|
||||||
|
# define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0x0300C00A
|
||||||
|
|
||||||
|
# define TLS1_CK_ECDH_RSA_WITH_NULL_SHA 0x0300C00B
|
||||||
|
# define TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA 0x0300C00C
|
||||||
|
# define TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA 0x0300C00D
|
||||||
|
# define TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA 0x0300C00E
|
||||||
|
# define TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA 0x0300C00F
|
||||||
|
|
||||||
|
# define TLS1_CK_ECDHE_RSA_WITH_NULL_SHA 0x0300C010
|
||||||
|
# define TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA 0x0300C011
|
||||||
|
# define TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA 0x0300C012
|
||||||
|
# define TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA 0x0300C013
|
||||||
|
# define TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA 0x0300C014
|
||||||
|
|
||||||
|
# define TLS1_CK_ECDH_anon_WITH_NULL_SHA 0x0300C015
|
||||||
|
# define TLS1_CK_ECDH_anon_WITH_RC4_128_SHA 0x0300C016
|
||||||
|
# define TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA 0x0300C017
|
||||||
|
# define TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA 0x0300C018
|
||||||
|
# define TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA 0x0300C019
|
||||||
|
|
||||||
|
/* SRP ciphersuites from RFC 5054 */
|
||||||
|
# define TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA 0x0300C01A
|
||||||
|
# define TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA 0x0300C01B
|
||||||
|
# define TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA 0x0300C01C
|
||||||
|
# define TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA 0x0300C01D
|
||||||
|
# define TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA 0x0300C01E
|
||||||
|
# define TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA 0x0300C01F
|
||||||
|
# define TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA 0x0300C020
|
||||||
|
# define TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA 0x0300C021
|
||||||
|
# define TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA 0x0300C022
|
||||||
|
|
||||||
|
/* ECDH HMAC based ciphersuites from RFC5289 */
|
||||||
|
|
||||||
|
# define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256 0x0300C023
|
||||||
|
# define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384 0x0300C024
|
||||||
|
# define TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256 0x0300C025
|
||||||
|
# define TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384 0x0300C026
|
||||||
|
# define TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256 0x0300C027
|
||||||
|
# define TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384 0x0300C028
|
||||||
|
# define TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256 0x0300C029
|
||||||
|
# define TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384 0x0300C02A
|
||||||
|
|
||||||
|
/* ECDH GCM based ciphersuites from RFC5289 */
|
||||||
|
# define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0x0300C02B
|
||||||
|
# define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0x0300C02C
|
||||||
|
# define TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0x0300C02D
|
||||||
|
# define TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0x0300C02E
|
||||||
|
# define TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0x0300C02F
|
||||||
|
# define TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0x0300C030
|
||||||
|
# define TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256 0x0300C031
|
||||||
|
# define TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384 0x0300C032
|
||||||
|
|
||||||
|
/*
|
||||||
|
* XXX * Backward compatibility alert: + * Older versions of OpenSSL gave
|
||||||
|
* some DHE ciphers names with "EDH" + * instead of "DHE". Going forward, we
|
||||||
|
* should be using DHE + * everywhere, though we may indefinitely maintain
|
||||||
|
* aliases for users + * or configurations that used "EDH" +
|
||||||
|
*/
|
||||||
|
# define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5 "EXP1024-RC4-MD5"
|
||||||
|
# define TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 "EXP1024-RC2-CBC-MD5"
|
||||||
|
# define TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA "EXP1024-DES-CBC-SHA"
|
||||||
|
# define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA "EXP1024-DHE-DSS-DES-CBC-SHA"
|
||||||
|
# define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA "EXP1024-RC4-SHA"
|
||||||
|
# define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA "EXP1024-DHE-DSS-RC4-SHA"
|
||||||
|
# define TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA "DHE-DSS-RC4-SHA"
|
||||||
|
|
||||||
|
/* AES ciphersuites from RFC3268 */
|
||||||
|
# define TLS1_TXT_RSA_WITH_AES_128_SHA "AES128-SHA"
|
||||||
|
# define TLS1_TXT_DH_DSS_WITH_AES_128_SHA "DH-DSS-AES128-SHA"
|
||||||
|
# define TLS1_TXT_DH_RSA_WITH_AES_128_SHA "DH-RSA-AES128-SHA"
|
||||||
|
# define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA "DHE-DSS-AES128-SHA"
|
||||||
|
# define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA "DHE-RSA-AES128-SHA"
|
||||||
|
# define TLS1_TXT_ADH_WITH_AES_128_SHA "ADH-AES128-SHA"
|
||||||
|
|
||||||
|
# define TLS1_TXT_RSA_WITH_AES_256_SHA "AES256-SHA"
|
||||||
|
# define TLS1_TXT_DH_DSS_WITH_AES_256_SHA "DH-DSS-AES256-SHA"
|
||||||
|
# define TLS1_TXT_DH_RSA_WITH_AES_256_SHA "DH-RSA-AES256-SHA"
|
||||||
|
# define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA "DHE-DSS-AES256-SHA"
|
||||||
|
# define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA "DHE-RSA-AES256-SHA"
|
||||||
|
# define TLS1_TXT_ADH_WITH_AES_256_SHA "ADH-AES256-SHA"
|
||||||
|
|
||||||
|
/* ECC ciphersuites from draft-ietf-tls-ecc-01.txt (Mar 15, 2001) */
|
||||||
|
# define TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA "ECDH-ECDSA-NULL-SHA"
|
||||||
|
# define TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA "ECDH-ECDSA-RC4-SHA"
|
||||||
|
# define TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA "ECDH-ECDSA-DES-CBC3-SHA"
|
||||||
|
# define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA "ECDH-ECDSA-AES128-SHA"
|
||||||
|
# define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA "ECDH-ECDSA-AES256-SHA"
|
||||||
|
|
||||||
|
# define TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA "ECDHE-ECDSA-NULL-SHA"
|
||||||
|
# define TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA "ECDHE-ECDSA-RC4-SHA"
|
||||||
|
# define TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA "ECDHE-ECDSA-DES-CBC3-SHA"
|
||||||
|
# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA "ECDHE-ECDSA-AES128-SHA"
|
||||||
|
# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA "ECDHE-ECDSA-AES256-SHA"
|
||||||
|
|
||||||
|
# define TLS1_TXT_ECDH_RSA_WITH_NULL_SHA "ECDH-RSA-NULL-SHA"
|
||||||
|
# define TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA "ECDH-RSA-RC4-SHA"
|
||||||
|
# define TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA "ECDH-RSA-DES-CBC3-SHA"
|
||||||
|
# define TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA "ECDH-RSA-AES128-SHA"
|
||||||
|
# define TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA "ECDH-RSA-AES256-SHA"
|
||||||
|
|
||||||
|
# define TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA "ECDHE-RSA-NULL-SHA"
|
||||||
|
# define TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA "ECDHE-RSA-RC4-SHA"
|
||||||
|
# define TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA "ECDHE-RSA-DES-CBC3-SHA"
|
||||||
|
# define TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA "ECDHE-RSA-AES128-SHA"
|
||||||
|
# define TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA "ECDHE-RSA-AES256-SHA"
|
||||||
|
|
||||||
|
# define TLS1_TXT_ECDH_anon_WITH_NULL_SHA "AECDH-NULL-SHA"
|
||||||
|
# define TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA "AECDH-RC4-SHA"
|
||||||
|
# define TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA "AECDH-DES-CBC3-SHA"
|
||||||
|
# define TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA "AECDH-AES128-SHA"
|
||||||
|
# define TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA "AECDH-AES256-SHA"
|
||||||
|
|
||||||
|
/* PSK ciphersuites from RFC 4279 */
|
||||||
|
# define TLS1_TXT_PSK_WITH_RC4_128_SHA "PSK-RC4-SHA"
|
||||||
|
# define TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA "PSK-3DES-EDE-CBC-SHA"
|
||||||
|
# define TLS1_TXT_PSK_WITH_AES_128_CBC_SHA "PSK-AES128-CBC-SHA"
|
||||||
|
# define TLS1_TXT_PSK_WITH_AES_256_CBC_SHA "PSK-AES256-CBC-SHA"
|
||||||
|
|
||||||
|
/* SRP ciphersuite from RFC 5054 */
|
||||||
|
# define TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA "SRP-3DES-EDE-CBC-SHA"
|
||||||
|
# define TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA "SRP-RSA-3DES-EDE-CBC-SHA"
|
||||||
|
# define TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA "SRP-DSS-3DES-EDE-CBC-SHA"
|
||||||
|
# define TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA "SRP-AES-128-CBC-SHA"
|
||||||
|
# define TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA "SRP-RSA-AES-128-CBC-SHA"
|
||||||
|
# define TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA "SRP-DSS-AES-128-CBC-SHA"
|
||||||
|
# define TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA "SRP-AES-256-CBC-SHA"
|
||||||
|
# define TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA "SRP-RSA-AES-256-CBC-SHA"
|
||||||
|
# define TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA "SRP-DSS-AES-256-CBC-SHA"
|
||||||
|
|
||||||
|
/* Camellia ciphersuites from RFC4132 */
|
||||||
|
# define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA "CAMELLIA128-SHA"
|
||||||
|
# define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA "DH-DSS-CAMELLIA128-SHA"
|
||||||
|
# define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA "DH-RSA-CAMELLIA128-SHA"
|
||||||
|
# define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA "DHE-DSS-CAMELLIA128-SHA"
|
||||||
|
# define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA "DHE-RSA-CAMELLIA128-SHA"
|
||||||
|
# define TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA "ADH-CAMELLIA128-SHA"
|
||||||
|
|
||||||
|
# define TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA "CAMELLIA256-SHA"
|
||||||
|
# define TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA "DH-DSS-CAMELLIA256-SHA"
|
||||||
|
# define TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA "DH-RSA-CAMELLIA256-SHA"
|
||||||
|
# define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA "DHE-DSS-CAMELLIA256-SHA"
|
||||||
|
# define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA "DHE-RSA-CAMELLIA256-SHA"
|
||||||
|
# define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA "ADH-CAMELLIA256-SHA"
|
||||||
|
|
||||||
|
/* SEED ciphersuites from RFC4162 */
|
||||||
|
# define TLS1_TXT_RSA_WITH_SEED_SHA "SEED-SHA"
|
||||||
|
# define TLS1_TXT_DH_DSS_WITH_SEED_SHA "DH-DSS-SEED-SHA"
|
||||||
|
# define TLS1_TXT_DH_RSA_WITH_SEED_SHA "DH-RSA-SEED-SHA"
|
||||||
|
# define TLS1_TXT_DHE_DSS_WITH_SEED_SHA "DHE-DSS-SEED-SHA"
|
||||||
|
# define TLS1_TXT_DHE_RSA_WITH_SEED_SHA "DHE-RSA-SEED-SHA"
|
||||||
|
# define TLS1_TXT_ADH_WITH_SEED_SHA "ADH-SEED-SHA"
|
||||||
|
|
||||||
|
/* TLS v1.2 ciphersuites */
|
||||||
|
# define TLS1_TXT_RSA_WITH_NULL_SHA256 "NULL-SHA256"
|
||||||
|
# define TLS1_TXT_RSA_WITH_AES_128_SHA256 "AES128-SHA256"
|
||||||
|
# define TLS1_TXT_RSA_WITH_AES_256_SHA256 "AES256-SHA256"
|
||||||
|
# define TLS1_TXT_DH_DSS_WITH_AES_128_SHA256 "DH-DSS-AES128-SHA256"
|
||||||
|
# define TLS1_TXT_DH_RSA_WITH_AES_128_SHA256 "DH-RSA-AES128-SHA256"
|
||||||
|
# define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256 "DHE-DSS-AES128-SHA256"
|
||||||
|
# define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256 "DHE-RSA-AES128-SHA256"
|
||||||
|
# define TLS1_TXT_DH_DSS_WITH_AES_256_SHA256 "DH-DSS-AES256-SHA256"
|
||||||
|
# define TLS1_TXT_DH_RSA_WITH_AES_256_SHA256 "DH-RSA-AES256-SHA256"
|
||||||
|
# define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256 "DHE-DSS-AES256-SHA256"
|
||||||
|
# define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256 "DHE-RSA-AES256-SHA256"
|
||||||
|
# define TLS1_TXT_ADH_WITH_AES_128_SHA256 "ADH-AES128-SHA256"
|
||||||
|
# define TLS1_TXT_ADH_WITH_AES_256_SHA256 "ADH-AES256-SHA256"
|
||||||
|
|
||||||
|
/* TLS v1.2 GCM ciphersuites from RFC5288 */
|
||||||
|
# define TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256 "AES128-GCM-SHA256"
|
||||||
|
# define TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384 "AES256-GCM-SHA384"
|
||||||
|
# define TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256 "DHE-RSA-AES128-GCM-SHA256"
|
||||||
|
# define TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384 "DHE-RSA-AES256-GCM-SHA384"
|
||||||
|
# define TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256 "DH-RSA-AES128-GCM-SHA256"
|
||||||
|
# define TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384 "DH-RSA-AES256-GCM-SHA384"
|
||||||
|
# define TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256 "DHE-DSS-AES128-GCM-SHA256"
|
||||||
|
# define TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384 "DHE-DSS-AES256-GCM-SHA384"
|
||||||
|
# define TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256 "DH-DSS-AES128-GCM-SHA256"
|
||||||
|
# define TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384 "DH-DSS-AES256-GCM-SHA384"
|
||||||
|
# define TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256 "ADH-AES128-GCM-SHA256"
|
||||||
|
# define TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384 "ADH-AES256-GCM-SHA384"
|
||||||
|
|
||||||
|
/* ECDH HMAC based ciphersuites from RFC5289 */
|
||||||
|
|
||||||
|
# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256 "ECDHE-ECDSA-AES128-SHA256"
|
||||||
|
# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384 "ECDHE-ECDSA-AES256-SHA384"
|
||||||
|
# define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256 "ECDH-ECDSA-AES128-SHA256"
|
||||||
|
# define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384 "ECDH-ECDSA-AES256-SHA384"
|
||||||
|
# define TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256 "ECDHE-RSA-AES128-SHA256"
|
||||||
|
# define TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384 "ECDHE-RSA-AES256-SHA384"
|
||||||
|
# define TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256 "ECDH-RSA-AES128-SHA256"
|
||||||
|
# define TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384 "ECDH-RSA-AES256-SHA384"
|
||||||
|
|
||||||
|
/* ECDH GCM based ciphersuites from RFC5289 */
|
||||||
|
# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 "ECDHE-ECDSA-AES128-GCM-SHA256"
|
||||||
|
# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 "ECDHE-ECDSA-AES256-GCM-SHA384"
|
||||||
|
# define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 "ECDH-ECDSA-AES128-GCM-SHA256"
|
||||||
|
# define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 "ECDH-ECDSA-AES256-GCM-SHA384"
|
||||||
|
# define TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256 "ECDHE-RSA-AES128-GCM-SHA256"
|
||||||
|
# define TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384 "ECDHE-RSA-AES256-GCM-SHA384"
|
||||||
|
# define TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256 "ECDH-RSA-AES128-GCM-SHA256"
|
||||||
|
# define TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384 "ECDH-RSA-AES256-GCM-SHA384"
|
||||||
|
|
||||||
|
# define TLS_CT_RSA_SIGN 1
|
||||||
|
# define TLS_CT_DSS_SIGN 2
|
||||||
|
# define TLS_CT_RSA_FIXED_DH 3
|
||||||
|
# define TLS_CT_DSS_FIXED_DH 4
|
||||||
|
# define TLS_CT_ECDSA_SIGN 64
|
||||||
|
# define TLS_CT_RSA_FIXED_ECDH 65
|
||||||
|
# define TLS_CT_ECDSA_FIXED_ECDH 66
|
||||||
|
# define TLS_CT_GOST94_SIGN 21
|
||||||
|
# define TLS_CT_GOST01_SIGN 22
|
||||||
|
/*
|
||||||
|
* when correcting this number, correct also SSL3_CT_NUMBER in ssl3.h (see
|
||||||
|
* comment there)
|
||||||
|
*/
|
||||||
|
# define TLS_CT_NUMBER 9
|
||||||
|
|
||||||
|
# define TLS1_FINISH_MAC_LENGTH 12
|
||||||
|
|
||||||
|
# define TLS_MD_MAX_CONST_SIZE 20
|
||||||
|
# define TLS_MD_CLIENT_FINISH_CONST "client finished"
|
||||||
|
# define TLS_MD_CLIENT_FINISH_CONST_SIZE 15
|
||||||
|
# define TLS_MD_SERVER_FINISH_CONST "server finished"
|
||||||
|
# define TLS_MD_SERVER_FINISH_CONST_SIZE 15
|
||||||
|
# define TLS_MD_SERVER_WRITE_KEY_CONST "server write key"
|
||||||
|
# define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE 16
|
||||||
|
# define TLS_MD_KEY_EXPANSION_CONST "key expansion"
|
||||||
|
# define TLS_MD_KEY_EXPANSION_CONST_SIZE 13
|
||||||
|
# define TLS_MD_CLIENT_WRITE_KEY_CONST "client write key"
|
||||||
|
# define TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE 16
|
||||||
|
# define TLS_MD_SERVER_WRITE_KEY_CONST "server write key"
|
||||||
|
# define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE 16
|
||||||
|
# define TLS_MD_IV_BLOCK_CONST "IV block"
|
||||||
|
# define TLS_MD_IV_BLOCK_CONST_SIZE 8
|
||||||
|
# define TLS_MD_MASTER_SECRET_CONST "master secret"
|
||||||
|
# define TLS_MD_MASTER_SECRET_CONST_SIZE 13
|
||||||
|
|
||||||
|
# ifdef CHARSET_EBCDIC
|
||||||
|
# undef TLS_MD_CLIENT_FINISH_CONST
|
||||||
|
/*
|
||||||
|
* client finished
|
||||||
|
*/
|
||||||
|
# define TLS_MD_CLIENT_FINISH_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x66\x69\x6e\x69\x73\x68\x65\x64"
|
||||||
|
|
||||||
|
# undef TLS_MD_SERVER_FINISH_CONST
|
||||||
|
/*
|
||||||
|
* server finished
|
||||||
|
*/
|
||||||
|
# define TLS_MD_SERVER_FINISH_CONST "\x73\x65\x72\x76\x65\x72\x20\x66\x69\x6e\x69\x73\x68\x65\x64"
|
||||||
|
|
||||||
|
# undef TLS_MD_SERVER_WRITE_KEY_CONST
|
||||||
|
/*
|
||||||
|
* server write key
|
||||||
|
*/
|
||||||
|
# define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
|
||||||
|
|
||||||
|
# undef TLS_MD_KEY_EXPANSION_CONST
|
||||||
|
/*
|
||||||
|
* key expansion
|
||||||
|
*/
|
||||||
|
# define TLS_MD_KEY_EXPANSION_CONST "\x6b\x65\x79\x20\x65\x78\x70\x61\x6e\x73\x69\x6f\x6e"
|
||||||
|
|
||||||
|
# undef TLS_MD_CLIENT_WRITE_KEY_CONST
|
||||||
|
/*
|
||||||
|
* client write key
|
||||||
|
*/
|
||||||
|
# define TLS_MD_CLIENT_WRITE_KEY_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
|
||||||
|
|
||||||
|
# undef TLS_MD_SERVER_WRITE_KEY_CONST
|
||||||
|
/*
|
||||||
|
* server write key
|
||||||
|
*/
|
||||||
|
# define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
|
||||||
|
|
||||||
|
# undef TLS_MD_IV_BLOCK_CONST
|
||||||
|
/*
|
||||||
|
* IV block
|
||||||
|
*/
|
||||||
|
# define TLS_MD_IV_BLOCK_CONST "\x49\x56\x20\x62\x6c\x6f\x63\x6b"
|
||||||
|
|
||||||
|
# undef TLS_MD_MASTER_SECRET_CONST
|
||||||
|
/*
|
||||||
|
* master secret
|
||||||
|
*/
|
||||||
|
# define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74"
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* TLS Session Ticket extension struct */
|
||||||
|
struct tls_session_ticket_ext_st {
|
||||||
|
unsigned short length;
|
||||||
|
void *data;
|
||||||
|
};
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,641 @@
|
||||||
|
/* crypto/x509/x509_vfy.h */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_X509_H
|
||||||
|
# include <openssl/x509.h>
|
||||||
|
/*
|
||||||
|
* openssl/x509.h ends up #include-ing this file at about the only
|
||||||
|
* appropriate moment.
|
||||||
|
*/
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef HEADER_X509_VFY_H
|
||||||
|
# define HEADER_X509_VFY_H
|
||||||
|
|
||||||
|
# include <openssl/opensslconf.h>
|
||||||
|
# ifndef OPENSSL_NO_LHASH
|
||||||
|
# include <openssl/lhash.h>
|
||||||
|
# endif
|
||||||
|
# include <openssl/bio.h>
|
||||||
|
# include <openssl/crypto.h>
|
||||||
|
# include <openssl/symhacks.h>
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
# if 0
|
||||||
|
/* Outer object */
|
||||||
|
typedef struct x509_hash_dir_st {
|
||||||
|
int num_dirs;
|
||||||
|
char **dirs;
|
||||||
|
int *dirs_type;
|
||||||
|
int num_dirs_alloced;
|
||||||
|
} X509_HASH_DIR_CTX;
|
||||||
|
# endif
|
||||||
|
|
||||||
|
typedef struct x509_file_st {
|
||||||
|
int num_paths; /* number of paths to files or directories */
|
||||||
|
int num_alloced;
|
||||||
|
char **paths; /* the list of paths or directories */
|
||||||
|
int *path_type;
|
||||||
|
} X509_CERT_FILE_CTX;
|
||||||
|
|
||||||
|
/*******************************/
|
||||||
|
/*-
|
||||||
|
SSL_CTX -> X509_STORE
|
||||||
|
-> X509_LOOKUP
|
||||||
|
->X509_LOOKUP_METHOD
|
||||||
|
-> X509_LOOKUP
|
||||||
|
->X509_LOOKUP_METHOD
|
||||||
|
|
||||||
|
SSL -> X509_STORE_CTX
|
||||||
|
->X509_STORE
|
||||||
|
|
||||||
|
The X509_STORE holds the tables etc for verification stuff.
|
||||||
|
A X509_STORE_CTX is used while validating a single certificate.
|
||||||
|
The X509_STORE has X509_LOOKUPs for looking up certs.
|
||||||
|
The X509_STORE then calls a function to actually verify the
|
||||||
|
certificate chain.
|
||||||
|
*/
|
||||||
|
|
||||||
|
# define X509_LU_RETRY -1
|
||||||
|
# define X509_LU_FAIL 0
|
||||||
|
# define X509_LU_X509 1
|
||||||
|
# define X509_LU_CRL 2
|
||||||
|
# define X509_LU_PKEY 3
|
||||||
|
|
||||||
|
typedef struct x509_object_st {
|
||||||
|
/* one of the above types */
|
||||||
|
int type;
|
||||||
|
union {
|
||||||
|
char *ptr;
|
||||||
|
X509 *x509;
|
||||||
|
X509_CRL *crl;
|
||||||
|
EVP_PKEY *pkey;
|
||||||
|
} data;
|
||||||
|
} X509_OBJECT;
|
||||||
|
|
||||||
|
typedef struct x509_lookup_st X509_LOOKUP;
|
||||||
|
|
||||||
|
DECLARE_STACK_OF(X509_LOOKUP)
|
||||||
|
DECLARE_STACK_OF(X509_OBJECT)
|
||||||
|
|
||||||
|
/* This is a static that defines the function interface */
|
||||||
|
typedef struct x509_lookup_method_st {
|
||||||
|
const char *name;
|
||||||
|
int (*new_item) (X509_LOOKUP *ctx);
|
||||||
|
void (*free) (X509_LOOKUP *ctx);
|
||||||
|
int (*init) (X509_LOOKUP *ctx);
|
||||||
|
int (*shutdown) (X509_LOOKUP *ctx);
|
||||||
|
int (*ctrl) (X509_LOOKUP *ctx, int cmd, const char *argc, long argl,
|
||||||
|
char **ret);
|
||||||
|
int (*get_by_subject) (X509_LOOKUP *ctx, int type, X509_NAME *name,
|
||||||
|
X509_OBJECT *ret);
|
||||||
|
int (*get_by_issuer_serial) (X509_LOOKUP *ctx, int type, X509_NAME *name,
|
||||||
|
ASN1_INTEGER *serial, X509_OBJECT *ret);
|
||||||
|
int (*get_by_fingerprint) (X509_LOOKUP *ctx, int type,
|
||||||
|
unsigned char *bytes, int len,
|
||||||
|
X509_OBJECT *ret);
|
||||||
|
int (*get_by_alias) (X509_LOOKUP *ctx, int type, char *str, int len,
|
||||||
|
X509_OBJECT *ret);
|
||||||
|
} X509_LOOKUP_METHOD;
|
||||||
|
|
||||||
|
typedef struct X509_VERIFY_PARAM_ID_st X509_VERIFY_PARAM_ID;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This structure hold all parameters associated with a verify operation by
|
||||||
|
* including an X509_VERIFY_PARAM structure in related structures the
|
||||||
|
* parameters used can be customized
|
||||||
|
*/
|
||||||
|
|
||||||
|
typedef struct X509_VERIFY_PARAM_st {
|
||||||
|
char *name;
|
||||||
|
time_t check_time; /* Time to use */
|
||||||
|
unsigned long inh_flags; /* Inheritance flags */
|
||||||
|
unsigned long flags; /* Various verify flags */
|
||||||
|
int purpose; /* purpose to check untrusted certificates */
|
||||||
|
int trust; /* trust setting to check */
|
||||||
|
int depth; /* Verify depth */
|
||||||
|
STACK_OF(ASN1_OBJECT) *policies; /* Permissible policies */
|
||||||
|
X509_VERIFY_PARAM_ID *id; /* opaque ID data */
|
||||||
|
} X509_VERIFY_PARAM;
|
||||||
|
|
||||||
|
DECLARE_STACK_OF(X509_VERIFY_PARAM)
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This is used to hold everything. It is used for all certificate
|
||||||
|
* validation. Once we have a certificate chain, the 'verify' function is
|
||||||
|
* then called to actually check the cert chain.
|
||||||
|
*/
|
||||||
|
struct x509_store_st {
|
||||||
|
/* The following is a cache of trusted certs */
|
||||||
|
int cache; /* if true, stash any hits */
|
||||||
|
STACK_OF(X509_OBJECT) *objs; /* Cache of all objects */
|
||||||
|
/* These are external lookup methods */
|
||||||
|
STACK_OF(X509_LOOKUP) *get_cert_methods;
|
||||||
|
X509_VERIFY_PARAM *param;
|
||||||
|
/* Callbacks for various operations */
|
||||||
|
/* called to verify a certificate */
|
||||||
|
int (*verify) (X509_STORE_CTX *ctx);
|
||||||
|
/* error callback */
|
||||||
|
int (*verify_cb) (int ok, X509_STORE_CTX *ctx);
|
||||||
|
/* get issuers cert from ctx */
|
||||||
|
int (*get_issuer) (X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
|
||||||
|
/* check issued */
|
||||||
|
int (*check_issued) (X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
|
||||||
|
/* Check revocation status of chain */
|
||||||
|
int (*check_revocation) (X509_STORE_CTX *ctx);
|
||||||
|
/* retrieve CRL */
|
||||||
|
int (*get_crl) (X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x);
|
||||||
|
/* Check CRL validity */
|
||||||
|
int (*check_crl) (X509_STORE_CTX *ctx, X509_CRL *crl);
|
||||||
|
/* Check certificate against CRL */
|
||||||
|
int (*cert_crl) (X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x);
|
||||||
|
STACK_OF(X509) *(*lookup_certs) (X509_STORE_CTX *ctx, X509_NAME *nm);
|
||||||
|
STACK_OF(X509_CRL) *(*lookup_crls) (X509_STORE_CTX *ctx, X509_NAME *nm);
|
||||||
|
int (*cleanup) (X509_STORE_CTX *ctx);
|
||||||
|
CRYPTO_EX_DATA ex_data;
|
||||||
|
int references;
|
||||||
|
} /* X509_STORE */ ;
|
||||||
|
|
||||||
|
int X509_STORE_set_depth(X509_STORE *store, int depth);
|
||||||
|
|
||||||
|
# define X509_STORE_set_verify_cb_func(ctx,func) ((ctx)->verify_cb=(func))
|
||||||
|
# define X509_STORE_set_verify_func(ctx,func) ((ctx)->verify=(func))
|
||||||
|
|
||||||
|
/* This is the functions plus an instance of the local variables. */
|
||||||
|
struct x509_lookup_st {
|
||||||
|
int init; /* have we been started */
|
||||||
|
int skip; /* don't use us. */
|
||||||
|
X509_LOOKUP_METHOD *method; /* the functions */
|
||||||
|
char *method_data; /* method data */
|
||||||
|
X509_STORE *store_ctx; /* who owns us */
|
||||||
|
} /* X509_LOOKUP */ ;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This is a used when verifying cert chains. Since the gathering of the
|
||||||
|
* cert chain can take some time (and have to be 'retried', this needs to be
|
||||||
|
* kept and passed around.
|
||||||
|
*/
|
||||||
|
struct x509_store_ctx_st { /* X509_STORE_CTX */
|
||||||
|
X509_STORE *ctx;
|
||||||
|
/* used when looking up certs */
|
||||||
|
int current_method;
|
||||||
|
/* The following are set by the caller */
|
||||||
|
/* The cert to check */
|
||||||
|
X509 *cert;
|
||||||
|
/* chain of X509s - untrusted - passed in */
|
||||||
|
STACK_OF(X509) *untrusted;
|
||||||
|
/* set of CRLs passed in */
|
||||||
|
STACK_OF(X509_CRL) *crls;
|
||||||
|
X509_VERIFY_PARAM *param;
|
||||||
|
/* Other info for use with get_issuer() */
|
||||||
|
void *other_ctx;
|
||||||
|
/* Callbacks for various operations */
|
||||||
|
/* called to verify a certificate */
|
||||||
|
int (*verify) (X509_STORE_CTX *ctx);
|
||||||
|
/* error callback */
|
||||||
|
int (*verify_cb) (int ok, X509_STORE_CTX *ctx);
|
||||||
|
/* get issuers cert from ctx */
|
||||||
|
int (*get_issuer) (X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
|
||||||
|
/* check issued */
|
||||||
|
int (*check_issued) (X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
|
||||||
|
/* Check revocation status of chain */
|
||||||
|
int (*check_revocation) (X509_STORE_CTX *ctx);
|
||||||
|
/* retrieve CRL */
|
||||||
|
int (*get_crl) (X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x);
|
||||||
|
/* Check CRL validity */
|
||||||
|
int (*check_crl) (X509_STORE_CTX *ctx, X509_CRL *crl);
|
||||||
|
/* Check certificate against CRL */
|
||||||
|
int (*cert_crl) (X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x);
|
||||||
|
int (*check_policy) (X509_STORE_CTX *ctx);
|
||||||
|
STACK_OF(X509) *(*lookup_certs) (X509_STORE_CTX *ctx, X509_NAME *nm);
|
||||||
|
STACK_OF(X509_CRL) *(*lookup_crls) (X509_STORE_CTX *ctx, X509_NAME *nm);
|
||||||
|
int (*cleanup) (X509_STORE_CTX *ctx);
|
||||||
|
/* The following is built up */
|
||||||
|
/* if 0, rebuild chain */
|
||||||
|
int valid;
|
||||||
|
/* index of last untrusted cert */
|
||||||
|
int last_untrusted;
|
||||||
|
/* chain of X509s - built up and trusted */
|
||||||
|
STACK_OF(X509) *chain;
|
||||||
|
/* Valid policy tree */
|
||||||
|
X509_POLICY_TREE *tree;
|
||||||
|
/* Require explicit policy value */
|
||||||
|
int explicit_policy;
|
||||||
|
/* When something goes wrong, this is why */
|
||||||
|
int error_depth;
|
||||||
|
int error;
|
||||||
|
X509 *current_cert;
|
||||||
|
/* cert currently being tested as valid issuer */
|
||||||
|
X509 *current_issuer;
|
||||||
|
/* current CRL */
|
||||||
|
X509_CRL *current_crl;
|
||||||
|
/* score of current CRL */
|
||||||
|
int current_crl_score;
|
||||||
|
/* Reason mask */
|
||||||
|
unsigned int current_reasons;
|
||||||
|
/* For CRL path validation: parent context */
|
||||||
|
X509_STORE_CTX *parent;
|
||||||
|
CRYPTO_EX_DATA ex_data;
|
||||||
|
} /* X509_STORE_CTX */ ;
|
||||||
|
|
||||||
|
void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
|
||||||
|
|
||||||
|
# define X509_STORE_CTX_set_app_data(ctx,data) \
|
||||||
|
X509_STORE_CTX_set_ex_data(ctx,0,data)
|
||||||
|
# define X509_STORE_CTX_get_app_data(ctx) \
|
||||||
|
X509_STORE_CTX_get_ex_data(ctx,0)
|
||||||
|
|
||||||
|
# define X509_L_FILE_LOAD 1
|
||||||
|
# define X509_L_ADD_DIR 2
|
||||||
|
|
||||||
|
# define X509_LOOKUP_load_file(x,name,type) \
|
||||||
|
X509_LOOKUP_ctrl((x),X509_L_FILE_LOAD,(name),(long)(type),NULL)
|
||||||
|
|
||||||
|
# define X509_LOOKUP_add_dir(x,name,type) \
|
||||||
|
X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(long)(type),NULL)
|
||||||
|
|
||||||
|
# define X509_V_OK 0
|
||||||
|
/* illegal error (for uninitialized values, to avoid X509_V_OK): 1 */
|
||||||
|
|
||||||
|
# define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT 2
|
||||||
|
# define X509_V_ERR_UNABLE_TO_GET_CRL 3
|
||||||
|
# define X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE 4
|
||||||
|
# define X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE 5
|
||||||
|
# define X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY 6
|
||||||
|
# define X509_V_ERR_CERT_SIGNATURE_FAILURE 7
|
||||||
|
# define X509_V_ERR_CRL_SIGNATURE_FAILURE 8
|
||||||
|
# define X509_V_ERR_CERT_NOT_YET_VALID 9
|
||||||
|
# define X509_V_ERR_CERT_HAS_EXPIRED 10
|
||||||
|
# define X509_V_ERR_CRL_NOT_YET_VALID 11
|
||||||
|
# define X509_V_ERR_CRL_HAS_EXPIRED 12
|
||||||
|
# define X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD 13
|
||||||
|
# define X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD 14
|
||||||
|
# define X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD 15
|
||||||
|
# define X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD 16
|
||||||
|
# define X509_V_ERR_OUT_OF_MEM 17
|
||||||
|
# define X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT 18
|
||||||
|
# define X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN 19
|
||||||
|
# define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY 20
|
||||||
|
# define X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE 21
|
||||||
|
# define X509_V_ERR_CERT_CHAIN_TOO_LONG 22
|
||||||
|
# define X509_V_ERR_CERT_REVOKED 23
|
||||||
|
# define X509_V_ERR_INVALID_CA 24
|
||||||
|
# define X509_V_ERR_PATH_LENGTH_EXCEEDED 25
|
||||||
|
# define X509_V_ERR_INVALID_PURPOSE 26
|
||||||
|
# define X509_V_ERR_CERT_UNTRUSTED 27
|
||||||
|
# define X509_V_ERR_CERT_REJECTED 28
|
||||||
|
/* These are 'informational' when looking for issuer cert */
|
||||||
|
# define X509_V_ERR_SUBJECT_ISSUER_MISMATCH 29
|
||||||
|
# define X509_V_ERR_AKID_SKID_MISMATCH 30
|
||||||
|
# define X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH 31
|
||||||
|
# define X509_V_ERR_KEYUSAGE_NO_CERTSIGN 32
|
||||||
|
|
||||||
|
# define X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER 33
|
||||||
|
# define X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION 34
|
||||||
|
# define X509_V_ERR_KEYUSAGE_NO_CRL_SIGN 35
|
||||||
|
# define X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION 36
|
||||||
|
# define X509_V_ERR_INVALID_NON_CA 37
|
||||||
|
# define X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED 38
|
||||||
|
# define X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE 39
|
||||||
|
# define X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED 40
|
||||||
|
|
||||||
|
# define X509_V_ERR_INVALID_EXTENSION 41
|
||||||
|
# define X509_V_ERR_INVALID_POLICY_EXTENSION 42
|
||||||
|
# define X509_V_ERR_NO_EXPLICIT_POLICY 43
|
||||||
|
# define X509_V_ERR_DIFFERENT_CRL_SCOPE 44
|
||||||
|
# define X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE 45
|
||||||
|
|
||||||
|
# define X509_V_ERR_UNNESTED_RESOURCE 46
|
||||||
|
|
||||||
|
# define X509_V_ERR_PERMITTED_VIOLATION 47
|
||||||
|
# define X509_V_ERR_EXCLUDED_VIOLATION 48
|
||||||
|
# define X509_V_ERR_SUBTREE_MINMAX 49
|
||||||
|
# define X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE 51
|
||||||
|
# define X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX 52
|
||||||
|
# define X509_V_ERR_UNSUPPORTED_NAME_SYNTAX 53
|
||||||
|
# define X509_V_ERR_CRL_PATH_VALIDATION_ERROR 54
|
||||||
|
|
||||||
|
/* Suite B mode algorithm violation */
|
||||||
|
# define X509_V_ERR_SUITE_B_INVALID_VERSION 56
|
||||||
|
# define X509_V_ERR_SUITE_B_INVALID_ALGORITHM 57
|
||||||
|
# define X509_V_ERR_SUITE_B_INVALID_CURVE 58
|
||||||
|
# define X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM 59
|
||||||
|
# define X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED 60
|
||||||
|
# define X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 61
|
||||||
|
|
||||||
|
/* Host, email and IP check errors */
|
||||||
|
# define X509_V_ERR_HOSTNAME_MISMATCH 62
|
||||||
|
# define X509_V_ERR_EMAIL_MISMATCH 63
|
||||||
|
# define X509_V_ERR_IP_ADDRESS_MISMATCH 64
|
||||||
|
|
||||||
|
/* The application is not happy */
|
||||||
|
# define X509_V_ERR_APPLICATION_VERIFICATION 50
|
||||||
|
|
||||||
|
/* Certificate verify flags */
|
||||||
|
|
||||||
|
/* Send issuer+subject checks to verify_cb */
|
||||||
|
# define X509_V_FLAG_CB_ISSUER_CHECK 0x1
|
||||||
|
/* Use check time instead of current time */
|
||||||
|
# define X509_V_FLAG_USE_CHECK_TIME 0x2
|
||||||
|
/* Lookup CRLs */
|
||||||
|
# define X509_V_FLAG_CRL_CHECK 0x4
|
||||||
|
/* Lookup CRLs for whole chain */
|
||||||
|
# define X509_V_FLAG_CRL_CHECK_ALL 0x8
|
||||||
|
/* Ignore unhandled critical extensions */
|
||||||
|
# define X509_V_FLAG_IGNORE_CRITICAL 0x10
|
||||||
|
/* Disable workarounds for broken certificates */
|
||||||
|
# define X509_V_FLAG_X509_STRICT 0x20
|
||||||
|
/* Enable proxy certificate validation */
|
||||||
|
# define X509_V_FLAG_ALLOW_PROXY_CERTS 0x40
|
||||||
|
/* Enable policy checking */
|
||||||
|
# define X509_V_FLAG_POLICY_CHECK 0x80
|
||||||
|
/* Policy variable require-explicit-policy */
|
||||||
|
# define X509_V_FLAG_EXPLICIT_POLICY 0x100
|
||||||
|
/* Policy variable inhibit-any-policy */
|
||||||
|
# define X509_V_FLAG_INHIBIT_ANY 0x200
|
||||||
|
/* Policy variable inhibit-policy-mapping */
|
||||||
|
# define X509_V_FLAG_INHIBIT_MAP 0x400
|
||||||
|
/* Notify callback that policy is OK */
|
||||||
|
# define X509_V_FLAG_NOTIFY_POLICY 0x800
|
||||||
|
/* Extended CRL features such as indirect CRLs, alternate CRL signing keys */
|
||||||
|
# define X509_V_FLAG_EXTENDED_CRL_SUPPORT 0x1000
|
||||||
|
/* Delta CRL support */
|
||||||
|
# define X509_V_FLAG_USE_DELTAS 0x2000
|
||||||
|
/* Check selfsigned CA signature */
|
||||||
|
# define X509_V_FLAG_CHECK_SS_SIGNATURE 0x4000
|
||||||
|
/* Use trusted store first */
|
||||||
|
# define X509_V_FLAG_TRUSTED_FIRST 0x8000
|
||||||
|
/* Suite B 128 bit only mode: not normally used */
|
||||||
|
# define X509_V_FLAG_SUITEB_128_LOS_ONLY 0x10000
|
||||||
|
/* Suite B 192 bit only mode */
|
||||||
|
# define X509_V_FLAG_SUITEB_192_LOS 0x20000
|
||||||
|
/* Suite B 128 bit mode allowing 192 bit algorithms */
|
||||||
|
# define X509_V_FLAG_SUITEB_128_LOS 0x30000
|
||||||
|
|
||||||
|
/* Allow partial chains if at least one certificate is in trusted store */
|
||||||
|
# define X509_V_FLAG_PARTIAL_CHAIN 0x80000
|
||||||
|
|
||||||
|
# define X509_VP_FLAG_DEFAULT 0x1
|
||||||
|
# define X509_VP_FLAG_OVERWRITE 0x2
|
||||||
|
# define X509_VP_FLAG_RESET_FLAGS 0x4
|
||||||
|
# define X509_VP_FLAG_LOCKED 0x8
|
||||||
|
# define X509_VP_FLAG_ONCE 0x10
|
||||||
|
|
||||||
|
/* Internal use: mask of policy related options */
|
||||||
|
# define X509_V_FLAG_POLICY_MASK (X509_V_FLAG_POLICY_CHECK \
|
||||||
|
| X509_V_FLAG_EXPLICIT_POLICY \
|
||||||
|
| X509_V_FLAG_INHIBIT_ANY \
|
||||||
|
| X509_V_FLAG_INHIBIT_MAP)
|
||||||
|
|
||||||
|
int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type,
|
||||||
|
X509_NAME *name);
|
||||||
|
X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h,
|
||||||
|
int type, X509_NAME *name);
|
||||||
|
X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h,
|
||||||
|
X509_OBJECT *x);
|
||||||
|
void X509_OBJECT_up_ref_count(X509_OBJECT *a);
|
||||||
|
void X509_OBJECT_free_contents(X509_OBJECT *a);
|
||||||
|
X509_STORE *X509_STORE_new(void);
|
||||||
|
void X509_STORE_free(X509_STORE *v);
|
||||||
|
|
||||||
|
STACK_OF(X509) *X509_STORE_get1_certs(X509_STORE_CTX *st, X509_NAME *nm);
|
||||||
|
STACK_OF(X509_CRL) *X509_STORE_get1_crls(X509_STORE_CTX *st, X509_NAME *nm);
|
||||||
|
int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags);
|
||||||
|
int X509_STORE_set_purpose(X509_STORE *ctx, int purpose);
|
||||||
|
int X509_STORE_set_trust(X509_STORE *ctx, int trust);
|
||||||
|
int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *pm);
|
||||||
|
|
||||||
|
void X509_STORE_set_verify_cb(X509_STORE *ctx,
|
||||||
|
int (*verify_cb) (int, X509_STORE_CTX *));
|
||||||
|
|
||||||
|
void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
|
||||||
|
STACK_OF(X509_CRL) *(*cb) (X509_STORE_CTX
|
||||||
|
*ctx,
|
||||||
|
X509_NAME *nm));
|
||||||
|
|
||||||
|
X509_STORE_CTX *X509_STORE_CTX_new(void);
|
||||||
|
|
||||||
|
int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
|
||||||
|
|
||||||
|
void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
|
||||||
|
int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
|
||||||
|
X509 *x509, STACK_OF(X509) *chain);
|
||||||
|
void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
|
||||||
|
void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
|
||||||
|
|
||||||
|
X509_STORE *X509_STORE_CTX_get0_store(X509_STORE_CTX *ctx);
|
||||||
|
|
||||||
|
X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m);
|
||||||
|
|
||||||
|
X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void);
|
||||||
|
X509_LOOKUP_METHOD *X509_LOOKUP_file(void);
|
||||||
|
|
||||||
|
int X509_STORE_add_cert(X509_STORE *ctx, X509 *x);
|
||||||
|
int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);
|
||||||
|
|
||||||
|
int X509_STORE_get_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name,
|
||||||
|
X509_OBJECT *ret);
|
||||||
|
|
||||||
|
int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc,
|
||||||
|
long argl, char **ret);
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_STDIO
|
||||||
|
int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type);
|
||||||
|
int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type);
|
||||||
|
int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method);
|
||||||
|
void X509_LOOKUP_free(X509_LOOKUP *ctx);
|
||||||
|
int X509_LOOKUP_init(X509_LOOKUP *ctx);
|
||||||
|
int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name,
|
||||||
|
X509_OBJECT *ret);
|
||||||
|
int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name,
|
||||||
|
ASN1_INTEGER *serial, X509_OBJECT *ret);
|
||||||
|
int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type,
|
||||||
|
unsigned char *bytes, int len,
|
||||||
|
X509_OBJECT *ret);
|
||||||
|
int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str, int len,
|
||||||
|
X509_OBJECT *ret);
|
||||||
|
int X509_LOOKUP_shutdown(X509_LOOKUP *ctx);
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_STDIO
|
||||||
|
int X509_STORE_load_locations(X509_STORE *ctx,
|
||||||
|
const char *file, const char *dir);
|
||||||
|
int X509_STORE_set_default_paths(X509_STORE *ctx);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
int X509_STORE_CTX_get_ex_new_index(long argl, void *argp,
|
||||||
|
CRYPTO_EX_new *new_func,
|
||||||
|
CRYPTO_EX_dup *dup_func,
|
||||||
|
CRYPTO_EX_free *free_func);
|
||||||
|
int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data);
|
||||||
|
void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx);
|
||||||
|
int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
|
||||||
|
void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int s);
|
||||||
|
int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
|
||||||
|
X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
|
||||||
|
X509 *X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx);
|
||||||
|
X509_CRL *X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx);
|
||||||
|
X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx);
|
||||||
|
STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx);
|
||||||
|
STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
|
||||||
|
void X509_STORE_CTX_set_cert(X509_STORE_CTX *c, X509 *x);
|
||||||
|
void X509_STORE_CTX_set_chain(X509_STORE_CTX *c, STACK_OF(X509) *sk);
|
||||||
|
void X509_STORE_CTX_set0_crls(X509_STORE_CTX *c, STACK_OF(X509_CRL) *sk);
|
||||||
|
int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose);
|
||||||
|
int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust);
|
||||||
|
int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
|
||||||
|
int purpose, int trust);
|
||||||
|
void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags);
|
||||||
|
void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags,
|
||||||
|
time_t t);
|
||||||
|
void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
|
||||||
|
int (*verify_cb) (int, X509_STORE_CTX *));
|
||||||
|
|
||||||
|
X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx);
|
||||||
|
int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx);
|
||||||
|
|
||||||
|
X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx);
|
||||||
|
void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param);
|
||||||
|
int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name);
|
||||||
|
|
||||||
|
/* X509_VERIFY_PARAM functions */
|
||||||
|
|
||||||
|
X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void);
|
||||||
|
void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param);
|
||||||
|
int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *to,
|
||||||
|
const X509_VERIFY_PARAM *from);
|
||||||
|
int X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to,
|
||||||
|
const X509_VERIFY_PARAM *from);
|
||||||
|
int X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM *param, const char *name);
|
||||||
|
int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
|
||||||
|
unsigned long flags);
|
||||||
|
int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
|
||||||
|
unsigned long flags);
|
||||||
|
unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
|
||||||
|
int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
|
||||||
|
int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
|
||||||
|
void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
|
||||||
|
void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
|
||||||
|
int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
|
||||||
|
ASN1_OBJECT *policy);
|
||||||
|
int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
|
||||||
|
STACK_OF(ASN1_OBJECT) *policies);
|
||||||
|
|
||||||
|
int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
|
||||||
|
const char *name, size_t namelen);
|
||||||
|
int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
|
||||||
|
const char *name, size_t namelen);
|
||||||
|
void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
|
||||||
|
unsigned int flags);
|
||||||
|
char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *);
|
||||||
|
int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
|
||||||
|
const char *email, size_t emaillen);
|
||||||
|
int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
|
||||||
|
const unsigned char *ip, size_t iplen);
|
||||||
|
int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param,
|
||||||
|
const char *ipasc);
|
||||||
|
|
||||||
|
int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
|
||||||
|
const char *X509_VERIFY_PARAM_get0_name(const X509_VERIFY_PARAM *param);
|
||||||
|
|
||||||
|
int X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM *param);
|
||||||
|
int X509_VERIFY_PARAM_get_count(void);
|
||||||
|
const X509_VERIFY_PARAM *X509_VERIFY_PARAM_get0(int id);
|
||||||
|
const X509_VERIFY_PARAM *X509_VERIFY_PARAM_lookup(const char *name);
|
||||||
|
void X509_VERIFY_PARAM_table_cleanup(void);
|
||||||
|
|
||||||
|
int X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy,
|
||||||
|
STACK_OF(X509) *certs,
|
||||||
|
STACK_OF(ASN1_OBJECT) *policy_oids, unsigned int flags);
|
||||||
|
|
||||||
|
void X509_policy_tree_free(X509_POLICY_TREE *tree);
|
||||||
|
|
||||||
|
int X509_policy_tree_level_count(const X509_POLICY_TREE *tree);
|
||||||
|
X509_POLICY_LEVEL *X509_policy_tree_get0_level(const X509_POLICY_TREE *tree,
|
||||||
|
int i);
|
||||||
|
|
||||||
|
STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_policies(const
|
||||||
|
X509_POLICY_TREE
|
||||||
|
*tree);
|
||||||
|
|
||||||
|
STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_user_policies(const
|
||||||
|
X509_POLICY_TREE
|
||||||
|
*tree);
|
||||||
|
|
||||||
|
int X509_policy_level_node_count(X509_POLICY_LEVEL *level);
|
||||||
|
|
||||||
|
X509_POLICY_NODE *X509_policy_level_get0_node(X509_POLICY_LEVEL *level,
|
||||||
|
int i);
|
||||||
|
|
||||||
|
const ASN1_OBJECT *X509_policy_node_get0_policy(const X509_POLICY_NODE *node);
|
||||||
|
|
||||||
|
STACK_OF(POLICYQUALINFO) *X509_policy_node_get0_qualifiers(const
|
||||||
|
X509_POLICY_NODE
|
||||||
|
*node);
|
||||||
|
const X509_POLICY_NODE *X509_policy_node_get0_parent(const X509_POLICY_NODE
|
||||||
|
*node);
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
Binary file not shown.
Binary file not shown.
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,878 @@
|
||||||
|
/* crypto/bio/bio.h */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_BIO_H
|
||||||
|
# define HEADER_BIO_H
|
||||||
|
|
||||||
|
# include <openssl/e_os2.h>
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_FP_API
|
||||||
|
# include <stdio.h>
|
||||||
|
# endif
|
||||||
|
# include <stdarg.h>
|
||||||
|
|
||||||
|
# include <openssl/crypto.h>
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_SCTP
|
||||||
|
# ifndef OPENSSL_SYS_VMS
|
||||||
|
# include <stdint.h>
|
||||||
|
# else
|
||||||
|
# include <inttypes.h>
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* These are the 'types' of BIOs */
|
||||||
|
# define BIO_TYPE_NONE 0
|
||||||
|
# define BIO_TYPE_MEM (1|0x0400)
|
||||||
|
# define BIO_TYPE_FILE (2|0x0400)
|
||||||
|
|
||||||
|
# define BIO_TYPE_FD (4|0x0400|0x0100)
|
||||||
|
# define BIO_TYPE_SOCKET (5|0x0400|0x0100)
|
||||||
|
# define BIO_TYPE_NULL (6|0x0400)
|
||||||
|
# define BIO_TYPE_SSL (7|0x0200)
|
||||||
|
# define BIO_TYPE_MD (8|0x0200)/* passive filter */
|
||||||
|
# define BIO_TYPE_BUFFER (9|0x0200)/* filter */
|
||||||
|
# define BIO_TYPE_CIPHER (10|0x0200)/* filter */
|
||||||
|
# define BIO_TYPE_BASE64 (11|0x0200)/* filter */
|
||||||
|
# define BIO_TYPE_CONNECT (12|0x0400|0x0100)/* socket - connect */
|
||||||
|
# define BIO_TYPE_ACCEPT (13|0x0400|0x0100)/* socket for accept */
|
||||||
|
# define BIO_TYPE_PROXY_CLIENT (14|0x0200)/* client proxy BIO */
|
||||||
|
# define BIO_TYPE_PROXY_SERVER (15|0x0200)/* server proxy BIO */
|
||||||
|
# define BIO_TYPE_NBIO_TEST (16|0x0200)/* server proxy BIO */
|
||||||
|
# define BIO_TYPE_NULL_FILTER (17|0x0200)
|
||||||
|
# define BIO_TYPE_BER (18|0x0200)/* BER -> bin filter */
|
||||||
|
# define BIO_TYPE_BIO (19|0x0400)/* (half a) BIO pair */
|
||||||
|
# define BIO_TYPE_LINEBUFFER (20|0x0200)/* filter */
|
||||||
|
# define BIO_TYPE_DGRAM (21|0x0400|0x0100)
|
||||||
|
# ifndef OPENSSL_NO_SCTP
|
||||||
|
# define BIO_TYPE_DGRAM_SCTP (24|0x0400|0x0100)
|
||||||
|
# endif
|
||||||
|
# define BIO_TYPE_ASN1 (22|0x0200)/* filter */
|
||||||
|
# define BIO_TYPE_COMP (23|0x0200)/* filter */
|
||||||
|
|
||||||
|
# define BIO_TYPE_DESCRIPTOR 0x0100/* socket, fd, connect or accept */
|
||||||
|
# define BIO_TYPE_FILTER 0x0200
|
||||||
|
# define BIO_TYPE_SOURCE_SINK 0x0400
|
||||||
|
|
||||||
|
/*
|
||||||
|
* BIO_FILENAME_READ|BIO_CLOSE to open or close on free.
|
||||||
|
* BIO_set_fp(in,stdin,BIO_NOCLOSE);
|
||||||
|
*/
|
||||||
|
# define BIO_NOCLOSE 0x00
|
||||||
|
# define BIO_CLOSE 0x01
|
||||||
|
|
||||||
|
/*
|
||||||
|
* These are used in the following macros and are passed to BIO_ctrl()
|
||||||
|
*/
|
||||||
|
# define BIO_CTRL_RESET 1/* opt - rewind/zero etc */
|
||||||
|
# define BIO_CTRL_EOF 2/* opt - are we at the eof */
|
||||||
|
# define BIO_CTRL_INFO 3/* opt - extra tit-bits */
|
||||||
|
# define BIO_CTRL_SET 4/* man - set the 'IO' type */
|
||||||
|
# define BIO_CTRL_GET 5/* man - get the 'IO' type */
|
||||||
|
# define BIO_CTRL_PUSH 6/* opt - internal, used to signify change */
|
||||||
|
# define BIO_CTRL_POP 7/* opt - internal, used to signify change */
|
||||||
|
# define BIO_CTRL_GET_CLOSE 8/* man - set the 'close' on free */
|
||||||
|
# define BIO_CTRL_SET_CLOSE 9/* man - set the 'close' on free */
|
||||||
|
# define BIO_CTRL_PENDING 10/* opt - is their more data buffered */
|
||||||
|
# define BIO_CTRL_FLUSH 11/* opt - 'flush' buffered output */
|
||||||
|
# define BIO_CTRL_DUP 12/* man - extra stuff for 'duped' BIO */
|
||||||
|
# define BIO_CTRL_WPENDING 13/* opt - number of bytes still to write */
|
||||||
|
/* callback is int cb(BIO *bio,state,ret); */
|
||||||
|
# define BIO_CTRL_SET_CALLBACK 14/* opt - set callback function */
|
||||||
|
# define BIO_CTRL_GET_CALLBACK 15/* opt - set callback function */
|
||||||
|
|
||||||
|
# define BIO_CTRL_SET_FILENAME 30/* BIO_s_file special */
|
||||||
|
|
||||||
|
/* dgram BIO stuff */
|
||||||
|
# define BIO_CTRL_DGRAM_CONNECT 31/* BIO dgram special */
|
||||||
|
# define BIO_CTRL_DGRAM_SET_CONNECTED 32/* allow for an externally connected
|
||||||
|
* socket to be passed in */
|
||||||
|
# define BIO_CTRL_DGRAM_SET_RECV_TIMEOUT 33/* setsockopt, essentially */
|
||||||
|
# define BIO_CTRL_DGRAM_GET_RECV_TIMEOUT 34/* getsockopt, essentially */
|
||||||
|
# define BIO_CTRL_DGRAM_SET_SEND_TIMEOUT 35/* setsockopt, essentially */
|
||||||
|
# define BIO_CTRL_DGRAM_GET_SEND_TIMEOUT 36/* getsockopt, essentially */
|
||||||
|
|
||||||
|
# define BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP 37/* flag whether the last */
|
||||||
|
# define BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP 38/* I/O operation tiemd out */
|
||||||
|
|
||||||
|
/* #ifdef IP_MTU_DISCOVER */
|
||||||
|
# define BIO_CTRL_DGRAM_MTU_DISCOVER 39/* set DF bit on egress packets */
|
||||||
|
/* #endif */
|
||||||
|
|
||||||
|
# define BIO_CTRL_DGRAM_QUERY_MTU 40/* as kernel for current MTU */
|
||||||
|
# define BIO_CTRL_DGRAM_GET_FALLBACK_MTU 47
|
||||||
|
# define BIO_CTRL_DGRAM_GET_MTU 41/* get cached value for MTU */
|
||||||
|
# define BIO_CTRL_DGRAM_SET_MTU 42/* set cached value for MTU.
|
||||||
|
* want to use this if asking
|
||||||
|
* the kernel fails */
|
||||||
|
|
||||||
|
# define BIO_CTRL_DGRAM_MTU_EXCEEDED 43/* check whether the MTU was
|
||||||
|
* exceed in the previous write
|
||||||
|
* operation */
|
||||||
|
|
||||||
|
# define BIO_CTRL_DGRAM_GET_PEER 46
|
||||||
|
# define BIO_CTRL_DGRAM_SET_PEER 44/* Destination for the data */
|
||||||
|
|
||||||
|
# define BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT 45/* Next DTLS handshake timeout
|
||||||
|
* to adjust socket timeouts */
|
||||||
|
# define BIO_CTRL_DGRAM_SET_DONT_FRAG 48
|
||||||
|
|
||||||
|
# define BIO_CTRL_DGRAM_GET_MTU_OVERHEAD 49
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_SCTP
|
||||||
|
/* SCTP stuff */
|
||||||
|
# define BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE 50
|
||||||
|
# define BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY 51
|
||||||
|
# define BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY 52
|
||||||
|
# define BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD 53
|
||||||
|
# define BIO_CTRL_DGRAM_SCTP_GET_SNDINFO 60
|
||||||
|
# define BIO_CTRL_DGRAM_SCTP_SET_SNDINFO 61
|
||||||
|
# define BIO_CTRL_DGRAM_SCTP_GET_RCVINFO 62
|
||||||
|
# define BIO_CTRL_DGRAM_SCTP_SET_RCVINFO 63
|
||||||
|
# define BIO_CTRL_DGRAM_SCTP_GET_PRINFO 64
|
||||||
|
# define BIO_CTRL_DGRAM_SCTP_SET_PRINFO 65
|
||||||
|
# define BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN 70
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* modifiers */
|
||||||
|
# define BIO_FP_READ 0x02
|
||||||
|
# define BIO_FP_WRITE 0x04
|
||||||
|
# define BIO_FP_APPEND 0x08
|
||||||
|
# define BIO_FP_TEXT 0x10
|
||||||
|
|
||||||
|
# define BIO_FLAGS_READ 0x01
|
||||||
|
# define BIO_FLAGS_WRITE 0x02
|
||||||
|
# define BIO_FLAGS_IO_SPECIAL 0x04
|
||||||
|
# define BIO_FLAGS_RWS (BIO_FLAGS_READ|BIO_FLAGS_WRITE|BIO_FLAGS_IO_SPECIAL)
|
||||||
|
# define BIO_FLAGS_SHOULD_RETRY 0x08
|
||||||
|
# ifndef BIO_FLAGS_UPLINK
|
||||||
|
/*
|
||||||
|
* "UPLINK" flag denotes file descriptors provided by application. It
|
||||||
|
* defaults to 0, as most platforms don't require UPLINK interface.
|
||||||
|
*/
|
||||||
|
# define BIO_FLAGS_UPLINK 0
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* Used in BIO_gethostbyname() */
|
||||||
|
# define BIO_GHBN_CTRL_HITS 1
|
||||||
|
# define BIO_GHBN_CTRL_MISSES 2
|
||||||
|
# define BIO_GHBN_CTRL_CACHE_SIZE 3
|
||||||
|
# define BIO_GHBN_CTRL_GET_ENTRY 4
|
||||||
|
# define BIO_GHBN_CTRL_FLUSH 5
|
||||||
|
|
||||||
|
/* Mostly used in the SSL BIO */
|
||||||
|
/*-
|
||||||
|
* Not used anymore
|
||||||
|
* #define BIO_FLAGS_PROTOCOL_DELAYED_READ 0x10
|
||||||
|
* #define BIO_FLAGS_PROTOCOL_DELAYED_WRITE 0x20
|
||||||
|
* #define BIO_FLAGS_PROTOCOL_STARTUP 0x40
|
||||||
|
*/
|
||||||
|
|
||||||
|
# define BIO_FLAGS_BASE64_NO_NL 0x100
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This is used with memory BIOs: it means we shouldn't free up or change the
|
||||||
|
* data in any way.
|
||||||
|
*/
|
||||||
|
# define BIO_FLAGS_MEM_RDONLY 0x200
|
||||||
|
|
||||||
|
typedef struct bio_st BIO;
|
||||||
|
|
||||||
|
void BIO_set_flags(BIO *b, int flags);
|
||||||
|
int BIO_test_flags(const BIO *b, int flags);
|
||||||
|
void BIO_clear_flags(BIO *b, int flags);
|
||||||
|
|
||||||
|
# define BIO_get_flags(b) BIO_test_flags(b, ~(0x0))
|
||||||
|
# define BIO_set_retry_special(b) \
|
||||||
|
BIO_set_flags(b, (BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY))
|
||||||
|
# define BIO_set_retry_read(b) \
|
||||||
|
BIO_set_flags(b, (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY))
|
||||||
|
# define BIO_set_retry_write(b) \
|
||||||
|
BIO_set_flags(b, (BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY))
|
||||||
|
|
||||||
|
/* These are normally used internally in BIOs */
|
||||||
|
# define BIO_clear_retry_flags(b) \
|
||||||
|
BIO_clear_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
|
||||||
|
# define BIO_get_retry_flags(b) \
|
||||||
|
BIO_test_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
|
||||||
|
|
||||||
|
/* These should be used by the application to tell why we should retry */
|
||||||
|
# define BIO_should_read(a) BIO_test_flags(a, BIO_FLAGS_READ)
|
||||||
|
# define BIO_should_write(a) BIO_test_flags(a, BIO_FLAGS_WRITE)
|
||||||
|
# define BIO_should_io_special(a) BIO_test_flags(a, BIO_FLAGS_IO_SPECIAL)
|
||||||
|
# define BIO_retry_type(a) BIO_test_flags(a, BIO_FLAGS_RWS)
|
||||||
|
# define BIO_should_retry(a) BIO_test_flags(a, BIO_FLAGS_SHOULD_RETRY)
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The next three are used in conjunction with the BIO_should_io_special()
|
||||||
|
* condition. After this returns true, BIO *BIO_get_retry_BIO(BIO *bio, int
|
||||||
|
* *reason); will walk the BIO stack and return the 'reason' for the special
|
||||||
|
* and the offending BIO. Given a BIO, BIO_get_retry_reason(bio) will return
|
||||||
|
* the code.
|
||||||
|
*/
|
||||||
|
/*
|
||||||
|
* Returned from the SSL bio when the certificate retrieval code had an error
|
||||||
|
*/
|
||||||
|
# define BIO_RR_SSL_X509_LOOKUP 0x01
|
||||||
|
/* Returned from the connect BIO when a connect would have blocked */
|
||||||
|
# define BIO_RR_CONNECT 0x02
|
||||||
|
/* Returned from the accept BIO when an accept would have blocked */
|
||||||
|
# define BIO_RR_ACCEPT 0x03
|
||||||
|
|
||||||
|
/* These are passed by the BIO callback */
|
||||||
|
# define BIO_CB_FREE 0x01
|
||||||
|
# define BIO_CB_READ 0x02
|
||||||
|
# define BIO_CB_WRITE 0x03
|
||||||
|
# define BIO_CB_PUTS 0x04
|
||||||
|
# define BIO_CB_GETS 0x05
|
||||||
|
# define BIO_CB_CTRL 0x06
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The callback is called before and after the underling operation, The
|
||||||
|
* BIO_CB_RETURN flag indicates if it is after the call
|
||||||
|
*/
|
||||||
|
# define BIO_CB_RETURN 0x80
|
||||||
|
# define BIO_CB_return(a) ((a)|BIO_CB_RETURN))
|
||||||
|
# define BIO_cb_pre(a) (!((a)&BIO_CB_RETURN))
|
||||||
|
# define BIO_cb_post(a) ((a)&BIO_CB_RETURN)
|
||||||
|
|
||||||
|
long (*BIO_get_callback(const BIO *b)) (struct bio_st *, int, const char *,
|
||||||
|
int, long, long);
|
||||||
|
void BIO_set_callback(BIO *b,
|
||||||
|
long (*callback) (struct bio_st *, int, const char *,
|
||||||
|
int, long, long));
|
||||||
|
char *BIO_get_callback_arg(const BIO *b);
|
||||||
|
void BIO_set_callback_arg(BIO *b, char *arg);
|
||||||
|
|
||||||
|
const char *BIO_method_name(const BIO *b);
|
||||||
|
int BIO_method_type(const BIO *b);
|
||||||
|
|
||||||
|
typedef void bio_info_cb (struct bio_st *, int, const char *, int, long,
|
||||||
|
long);
|
||||||
|
|
||||||
|
typedef struct bio_method_st {
|
||||||
|
int type;
|
||||||
|
const char *name;
|
||||||
|
int (*bwrite) (BIO *, const char *, int);
|
||||||
|
int (*bread) (BIO *, char *, int);
|
||||||
|
int (*bputs) (BIO *, const char *);
|
||||||
|
int (*bgets) (BIO *, char *, int);
|
||||||
|
long (*ctrl) (BIO *, int, long, void *);
|
||||||
|
int (*create) (BIO *);
|
||||||
|
int (*destroy) (BIO *);
|
||||||
|
long (*callback_ctrl) (BIO *, int, bio_info_cb *);
|
||||||
|
} BIO_METHOD;
|
||||||
|
|
||||||
|
struct bio_st {
|
||||||
|
BIO_METHOD *method;
|
||||||
|
/* bio, mode, argp, argi, argl, ret */
|
||||||
|
long (*callback) (struct bio_st *, int, const char *, int, long, long);
|
||||||
|
char *cb_arg; /* first argument for the callback */
|
||||||
|
int init;
|
||||||
|
int shutdown;
|
||||||
|
int flags; /* extra storage */
|
||||||
|
int retry_reason;
|
||||||
|
int num;
|
||||||
|
void *ptr;
|
||||||
|
struct bio_st *next_bio; /* used by filter BIOs */
|
||||||
|
struct bio_st *prev_bio; /* used by filter BIOs */
|
||||||
|
int references;
|
||||||
|
unsigned long num_read;
|
||||||
|
unsigned long num_write;
|
||||||
|
CRYPTO_EX_DATA ex_data;
|
||||||
|
};
|
||||||
|
|
||||||
|
DECLARE_STACK_OF(BIO)
|
||||||
|
|
||||||
|
typedef struct bio_f_buffer_ctx_struct {
|
||||||
|
/*-
|
||||||
|
* Buffers are setup like this:
|
||||||
|
*
|
||||||
|
* <---------------------- size ----------------------->
|
||||||
|
* +---------------------------------------------------+
|
||||||
|
* | consumed | remaining | free space |
|
||||||
|
* +---------------------------------------------------+
|
||||||
|
* <-- off --><------- len ------->
|
||||||
|
*/
|
||||||
|
/*- BIO *bio; *//*
|
||||||
|
* this is now in the BIO struct
|
||||||
|
*/
|
||||||
|
int ibuf_size; /* how big is the input buffer */
|
||||||
|
int obuf_size; /* how big is the output buffer */
|
||||||
|
char *ibuf; /* the char array */
|
||||||
|
int ibuf_len; /* how many bytes are in it */
|
||||||
|
int ibuf_off; /* write/read offset */
|
||||||
|
char *obuf; /* the char array */
|
||||||
|
int obuf_len; /* how many bytes are in it */
|
||||||
|
int obuf_off; /* write/read offset */
|
||||||
|
} BIO_F_BUFFER_CTX;
|
||||||
|
|
||||||
|
/* Prefix and suffix callback in ASN1 BIO */
|
||||||
|
typedef int asn1_ps_func (BIO *b, unsigned char **pbuf, int *plen,
|
||||||
|
void *parg);
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_SCTP
|
||||||
|
/* SCTP parameter structs */
|
||||||
|
struct bio_dgram_sctp_sndinfo {
|
||||||
|
uint16_t snd_sid;
|
||||||
|
uint16_t snd_flags;
|
||||||
|
uint32_t snd_ppid;
|
||||||
|
uint32_t snd_context;
|
||||||
|
};
|
||||||
|
|
||||||
|
struct bio_dgram_sctp_rcvinfo {
|
||||||
|
uint16_t rcv_sid;
|
||||||
|
uint16_t rcv_ssn;
|
||||||
|
uint16_t rcv_flags;
|
||||||
|
uint32_t rcv_ppid;
|
||||||
|
uint32_t rcv_tsn;
|
||||||
|
uint32_t rcv_cumtsn;
|
||||||
|
uint32_t rcv_context;
|
||||||
|
};
|
||||||
|
|
||||||
|
struct bio_dgram_sctp_prinfo {
|
||||||
|
uint16_t pr_policy;
|
||||||
|
uint32_t pr_value;
|
||||||
|
};
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* connect BIO stuff */
|
||||||
|
# define BIO_CONN_S_BEFORE 1
|
||||||
|
# define BIO_CONN_S_GET_IP 2
|
||||||
|
# define BIO_CONN_S_GET_PORT 3
|
||||||
|
# define BIO_CONN_S_CREATE_SOCKET 4
|
||||||
|
# define BIO_CONN_S_CONNECT 5
|
||||||
|
# define BIO_CONN_S_OK 6
|
||||||
|
# define BIO_CONN_S_BLOCKED_CONNECT 7
|
||||||
|
# define BIO_CONN_S_NBIO 8
|
||||||
|
/*
|
||||||
|
* #define BIO_CONN_get_param_hostname BIO_ctrl
|
||||||
|
*/
|
||||||
|
|
||||||
|
# define BIO_C_SET_CONNECT 100
|
||||||
|
# define BIO_C_DO_STATE_MACHINE 101
|
||||||
|
# define BIO_C_SET_NBIO 102
|
||||||
|
# define BIO_C_SET_PROXY_PARAM 103
|
||||||
|
# define BIO_C_SET_FD 104
|
||||||
|
# define BIO_C_GET_FD 105
|
||||||
|
# define BIO_C_SET_FILE_PTR 106
|
||||||
|
# define BIO_C_GET_FILE_PTR 107
|
||||||
|
# define BIO_C_SET_FILENAME 108
|
||||||
|
# define BIO_C_SET_SSL 109
|
||||||
|
# define BIO_C_GET_SSL 110
|
||||||
|
# define BIO_C_SET_MD 111
|
||||||
|
# define BIO_C_GET_MD 112
|
||||||
|
# define BIO_C_GET_CIPHER_STATUS 113
|
||||||
|
# define BIO_C_SET_BUF_MEM 114
|
||||||
|
# define BIO_C_GET_BUF_MEM_PTR 115
|
||||||
|
# define BIO_C_GET_BUFF_NUM_LINES 116
|
||||||
|
# define BIO_C_SET_BUFF_SIZE 117
|
||||||
|
# define BIO_C_SET_ACCEPT 118
|
||||||
|
# define BIO_C_SSL_MODE 119
|
||||||
|
# define BIO_C_GET_MD_CTX 120
|
||||||
|
# define BIO_C_GET_PROXY_PARAM 121
|
||||||
|
# define BIO_C_SET_BUFF_READ_DATA 122/* data to read first */
|
||||||
|
# define BIO_C_GET_CONNECT 123
|
||||||
|
# define BIO_C_GET_ACCEPT 124
|
||||||
|
# define BIO_C_SET_SSL_RENEGOTIATE_BYTES 125
|
||||||
|
# define BIO_C_GET_SSL_NUM_RENEGOTIATES 126
|
||||||
|
# define BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT 127
|
||||||
|
# define BIO_C_FILE_SEEK 128
|
||||||
|
# define BIO_C_GET_CIPHER_CTX 129
|
||||||
|
# define BIO_C_SET_BUF_MEM_EOF_RETURN 130/* return end of input
|
||||||
|
* value */
|
||||||
|
# define BIO_C_SET_BIND_MODE 131
|
||||||
|
# define BIO_C_GET_BIND_MODE 132
|
||||||
|
# define BIO_C_FILE_TELL 133
|
||||||
|
# define BIO_C_GET_SOCKS 134
|
||||||
|
# define BIO_C_SET_SOCKS 135
|
||||||
|
|
||||||
|
# define BIO_C_SET_WRITE_BUF_SIZE 136/* for BIO_s_bio */
|
||||||
|
# define BIO_C_GET_WRITE_BUF_SIZE 137
|
||||||
|
# define BIO_C_MAKE_BIO_PAIR 138
|
||||||
|
# define BIO_C_DESTROY_BIO_PAIR 139
|
||||||
|
# define BIO_C_GET_WRITE_GUARANTEE 140
|
||||||
|
# define BIO_C_GET_READ_REQUEST 141
|
||||||
|
# define BIO_C_SHUTDOWN_WR 142
|
||||||
|
# define BIO_C_NREAD0 143
|
||||||
|
# define BIO_C_NREAD 144
|
||||||
|
# define BIO_C_NWRITE0 145
|
||||||
|
# define BIO_C_NWRITE 146
|
||||||
|
# define BIO_C_RESET_READ_REQUEST 147
|
||||||
|
# define BIO_C_SET_MD_CTX 148
|
||||||
|
|
||||||
|
# define BIO_C_SET_PREFIX 149
|
||||||
|
# define BIO_C_GET_PREFIX 150
|
||||||
|
# define BIO_C_SET_SUFFIX 151
|
||||||
|
# define BIO_C_GET_SUFFIX 152
|
||||||
|
|
||||||
|
# define BIO_C_SET_EX_ARG 153
|
||||||
|
# define BIO_C_GET_EX_ARG 154
|
||||||
|
|
||||||
|
# define BIO_set_app_data(s,arg) BIO_set_ex_data(s,0,arg)
|
||||||
|
# define BIO_get_app_data(s) BIO_get_ex_data(s,0)
|
||||||
|
|
||||||
|
/* BIO_s_connect() and BIO_s_socks4a_connect() */
|
||||||
|
# define BIO_set_conn_hostname(b,name) BIO_ctrl(b,BIO_C_SET_CONNECT,0,(char *)name)
|
||||||
|
# define BIO_set_conn_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,1,(char *)port)
|
||||||
|
# define BIO_set_conn_ip(b,ip) BIO_ctrl(b,BIO_C_SET_CONNECT,2,(char *)ip)
|
||||||
|
# define BIO_set_conn_int_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,3,(char *)port)
|
||||||
|
# define BIO_get_conn_hostname(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0)
|
||||||
|
# define BIO_get_conn_port(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1)
|
||||||
|
# define BIO_get_conn_ip(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,2)
|
||||||
|
# define BIO_get_conn_int_port(b) BIO_int_ctrl(b,BIO_C_GET_CONNECT,3,0)
|
||||||
|
|
||||||
|
# define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL)
|
||||||
|
|
||||||
|
/* BIO_s_accept_socket() */
|
||||||
|
# define BIO_set_accept_port(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0,(char *)name)
|
||||||
|
# define BIO_get_accept_port(b) BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0)
|
||||||
|
/* #define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) */
|
||||||
|
# define BIO_set_nbio_accept(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,1,(n)?(void *)"a":NULL)
|
||||||
|
# define BIO_set_accept_bios(b,bio) BIO_ctrl(b,BIO_C_SET_ACCEPT,2,(char *)bio)
|
||||||
|
|
||||||
|
# define BIO_BIND_NORMAL 0
|
||||||
|
# define BIO_BIND_REUSEADDR_IF_UNUSED 1
|
||||||
|
# define BIO_BIND_REUSEADDR 2
|
||||||
|
# define BIO_set_bind_mode(b,mode) BIO_ctrl(b,BIO_C_SET_BIND_MODE,mode,NULL)
|
||||||
|
# define BIO_get_bind_mode(b,mode) BIO_ctrl(b,BIO_C_GET_BIND_MODE,0,NULL)
|
||||||
|
|
||||||
|
# define BIO_do_connect(b) BIO_do_handshake(b)
|
||||||
|
# define BIO_do_accept(b) BIO_do_handshake(b)
|
||||||
|
# define BIO_do_handshake(b) BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)
|
||||||
|
|
||||||
|
/* BIO_s_proxy_client() */
|
||||||
|
# define BIO_set_url(b,url) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,0,(char *)(url))
|
||||||
|
# define BIO_set_proxies(b,p) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,1,(char *)(p))
|
||||||
|
/* BIO_set_nbio(b,n) */
|
||||||
|
# define BIO_set_filter_bio(b,s) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,2,(char *)(s))
|
||||||
|
/* BIO *BIO_get_filter_bio(BIO *bio); */
|
||||||
|
# define BIO_set_proxy_cb(b,cb) BIO_callback_ctrl(b,BIO_C_SET_PROXY_PARAM,3,(void *(*cb)()))
|
||||||
|
# define BIO_set_proxy_header(b,sk) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,4,(char *)sk)
|
||||||
|
# define BIO_set_no_connect_return(b,bool) BIO_int_ctrl(b,BIO_C_SET_PROXY_PARAM,5,bool)
|
||||||
|
|
||||||
|
# define BIO_get_proxy_header(b,skp) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,0,(char *)skp)
|
||||||
|
# define BIO_get_proxies(b,pxy_p) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,1,(char *)(pxy_p))
|
||||||
|
# define BIO_get_url(b,url) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,2,(char *)(url))
|
||||||
|
# define BIO_get_no_connect_return(b) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,5,NULL)
|
||||||
|
|
||||||
|
# define BIO_set_fd(b,fd,c) BIO_int_ctrl(b,BIO_C_SET_FD,c,fd)
|
||||||
|
# define BIO_get_fd(b,c) BIO_ctrl(b,BIO_C_GET_FD,0,(char *)c)
|
||||||
|
|
||||||
|
# define BIO_set_fp(b,fp,c) BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,(char *)fp)
|
||||||
|
# define BIO_get_fp(b,fpp) BIO_ctrl(b,BIO_C_GET_FILE_PTR,0,(char *)fpp)
|
||||||
|
|
||||||
|
# define BIO_seek(b,ofs) (int)BIO_ctrl(b,BIO_C_FILE_SEEK,ofs,NULL)
|
||||||
|
# define BIO_tell(b) (int)BIO_ctrl(b,BIO_C_FILE_TELL,0,NULL)
|
||||||
|
|
||||||
|
/*
|
||||||
|
* name is cast to lose const, but might be better to route through a
|
||||||
|
* function so we can do it safely
|
||||||
|
*/
|
||||||
|
# ifdef CONST_STRICT
|
||||||
|
/*
|
||||||
|
* If you are wondering why this isn't defined, its because CONST_STRICT is
|
||||||
|
* purely a compile-time kludge to allow const to be checked.
|
||||||
|
*/
|
||||||
|
int BIO_read_filename(BIO *b, const char *name);
|
||||||
|
# else
|
||||||
|
# define BIO_read_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
|
||||||
|
BIO_CLOSE|BIO_FP_READ,(char *)name)
|
||||||
|
# endif
|
||||||
|
# define BIO_write_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
|
||||||
|
BIO_CLOSE|BIO_FP_WRITE,name)
|
||||||
|
# define BIO_append_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
|
||||||
|
BIO_CLOSE|BIO_FP_APPEND,name)
|
||||||
|
# define BIO_rw_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
|
||||||
|
BIO_CLOSE|BIO_FP_READ|BIO_FP_WRITE,name)
|
||||||
|
|
||||||
|
/*
|
||||||
|
* WARNING WARNING, this ups the reference count on the read bio of the SSL
|
||||||
|
* structure. This is because the ssl read BIO is now pointed to by the
|
||||||
|
* next_bio field in the bio. So when you free the BIO, make sure you are
|
||||||
|
* doing a BIO_free_all() to catch the underlying BIO.
|
||||||
|
*/
|
||||||
|
# define BIO_set_ssl(b,ssl,c) BIO_ctrl(b,BIO_C_SET_SSL,c,(char *)ssl)
|
||||||
|
# define BIO_get_ssl(b,sslp) BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)sslp)
|
||||||
|
# define BIO_set_ssl_mode(b,client) BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL)
|
||||||
|
# define BIO_set_ssl_renegotiate_bytes(b,num) \
|
||||||
|
BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL);
|
||||||
|
# define BIO_get_num_renegotiates(b) \
|
||||||
|
BIO_ctrl(b,BIO_C_GET_SSL_NUM_RENEGOTIATES,0,NULL);
|
||||||
|
# define BIO_set_ssl_renegotiate_timeout(b,seconds) \
|
||||||
|
BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL);
|
||||||
|
|
||||||
|
/* defined in evp.h */
|
||||||
|
/* #define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,1,(char *)md) */
|
||||||
|
|
||||||
|
# define BIO_get_mem_data(b,pp) BIO_ctrl(b,BIO_CTRL_INFO,0,(char *)pp)
|
||||||
|
# define BIO_set_mem_buf(b,bm,c) BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,(char *)bm)
|
||||||
|
# define BIO_get_mem_ptr(b,pp) BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0,(char *)pp)
|
||||||
|
# define BIO_set_mem_eof_return(b,v) \
|
||||||
|
BIO_ctrl(b,BIO_C_SET_BUF_MEM_EOF_RETURN,v,NULL)
|
||||||
|
|
||||||
|
/* For the BIO_f_buffer() type */
|
||||||
|
# define BIO_get_buffer_num_lines(b) BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL)
|
||||||
|
# define BIO_set_buffer_size(b,size) BIO_ctrl(b,BIO_C_SET_BUFF_SIZE,size,NULL)
|
||||||
|
# define BIO_set_read_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,0)
|
||||||
|
# define BIO_set_write_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,1)
|
||||||
|
# define BIO_set_buffer_read_data(b,buf,num) BIO_ctrl(b,BIO_C_SET_BUFF_READ_DATA,num,buf)
|
||||||
|
|
||||||
|
/* Don't use the next one unless you know what you are doing :-) */
|
||||||
|
# define BIO_dup_state(b,ret) BIO_ctrl(b,BIO_CTRL_DUP,0,(char *)(ret))
|
||||||
|
|
||||||
|
# define BIO_reset(b) (int)BIO_ctrl(b,BIO_CTRL_RESET,0,NULL)
|
||||||
|
# define BIO_eof(b) (int)BIO_ctrl(b,BIO_CTRL_EOF,0,NULL)
|
||||||
|
# define BIO_set_close(b,c) (int)BIO_ctrl(b,BIO_CTRL_SET_CLOSE,(c),NULL)
|
||||||
|
# define BIO_get_close(b) (int)BIO_ctrl(b,BIO_CTRL_GET_CLOSE,0,NULL)
|
||||||
|
# define BIO_pending(b) (int)BIO_ctrl(b,BIO_CTRL_PENDING,0,NULL)
|
||||||
|
# define BIO_wpending(b) (int)BIO_ctrl(b,BIO_CTRL_WPENDING,0,NULL)
|
||||||
|
/* ...pending macros have inappropriate return type */
|
||||||
|
size_t BIO_ctrl_pending(BIO *b);
|
||||||
|
size_t BIO_ctrl_wpending(BIO *b);
|
||||||
|
# define BIO_flush(b) (int)BIO_ctrl(b,BIO_CTRL_FLUSH,0,NULL)
|
||||||
|
# define BIO_get_info_callback(b,cbp) (int)BIO_ctrl(b,BIO_CTRL_GET_CALLBACK,0, \
|
||||||
|
cbp)
|
||||||
|
# define BIO_set_info_callback(b,cb) (int)BIO_callback_ctrl(b,BIO_CTRL_SET_CALLBACK,cb)
|
||||||
|
|
||||||
|
/* For the BIO_f_buffer() type */
|
||||||
|
# define BIO_buffer_get_num_lines(b) BIO_ctrl(b,BIO_CTRL_GET,0,NULL)
|
||||||
|
|
||||||
|
/* For BIO_s_bio() */
|
||||||
|
# define BIO_set_write_buf_size(b,size) (int)BIO_ctrl(b,BIO_C_SET_WRITE_BUF_SIZE,size,NULL)
|
||||||
|
# define BIO_get_write_buf_size(b,size) (size_t)BIO_ctrl(b,BIO_C_GET_WRITE_BUF_SIZE,size,NULL)
|
||||||
|
# define BIO_make_bio_pair(b1,b2) (int)BIO_ctrl(b1,BIO_C_MAKE_BIO_PAIR,0,b2)
|
||||||
|
# define BIO_destroy_bio_pair(b) (int)BIO_ctrl(b,BIO_C_DESTROY_BIO_PAIR,0,NULL)
|
||||||
|
# define BIO_shutdown_wr(b) (int)BIO_ctrl(b, BIO_C_SHUTDOWN_WR, 0, NULL)
|
||||||
|
/* macros with inappropriate type -- but ...pending macros use int too: */
|
||||||
|
# define BIO_get_write_guarantee(b) (int)BIO_ctrl(b,BIO_C_GET_WRITE_GUARANTEE,0,NULL)
|
||||||
|
# define BIO_get_read_request(b) (int)BIO_ctrl(b,BIO_C_GET_READ_REQUEST,0,NULL)
|
||||||
|
size_t BIO_ctrl_get_write_guarantee(BIO *b);
|
||||||
|
size_t BIO_ctrl_get_read_request(BIO *b);
|
||||||
|
int BIO_ctrl_reset_read_request(BIO *b);
|
||||||
|
|
||||||
|
/* ctrl macros for dgram */
|
||||||
|
# define BIO_ctrl_dgram_connect(b,peer) \
|
||||||
|
(int)BIO_ctrl(b,BIO_CTRL_DGRAM_CONNECT,0, (char *)peer)
|
||||||
|
# define BIO_ctrl_set_connected(b, state, peer) \
|
||||||
|
(int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_CONNECTED, state, (char *)peer)
|
||||||
|
# define BIO_dgram_recv_timedout(b) \
|
||||||
|
(int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP, 0, NULL)
|
||||||
|
# define BIO_dgram_send_timedout(b) \
|
||||||
|
(int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP, 0, NULL)
|
||||||
|
# define BIO_dgram_get_peer(b,peer) \
|
||||||
|
(int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_PEER, 0, (char *)peer)
|
||||||
|
# define BIO_dgram_set_peer(b,peer) \
|
||||||
|
(int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, (char *)peer)
|
||||||
|
# define BIO_dgram_get_mtu_overhead(b) \
|
||||||
|
(unsigned int)BIO_ctrl((b), BIO_CTRL_DGRAM_GET_MTU_OVERHEAD, 0, NULL)
|
||||||
|
|
||||||
|
/* These two aren't currently implemented */
|
||||||
|
/* int BIO_get_ex_num(BIO *bio); */
|
||||||
|
/* void BIO_set_ex_free_func(BIO *bio,int idx,void (*cb)()); */
|
||||||
|
int BIO_set_ex_data(BIO *bio, int idx, void *data);
|
||||||
|
void *BIO_get_ex_data(BIO *bio, int idx);
|
||||||
|
int BIO_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
|
||||||
|
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
|
||||||
|
unsigned long BIO_number_read(BIO *bio);
|
||||||
|
unsigned long BIO_number_written(BIO *bio);
|
||||||
|
|
||||||
|
/* For BIO_f_asn1() */
|
||||||
|
int BIO_asn1_set_prefix(BIO *b, asn1_ps_func *prefix,
|
||||||
|
asn1_ps_func *prefix_free);
|
||||||
|
int BIO_asn1_get_prefix(BIO *b, asn1_ps_func **pprefix,
|
||||||
|
asn1_ps_func **pprefix_free);
|
||||||
|
int BIO_asn1_set_suffix(BIO *b, asn1_ps_func *suffix,
|
||||||
|
asn1_ps_func *suffix_free);
|
||||||
|
int BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix,
|
||||||
|
asn1_ps_func **psuffix_free);
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_FP_API
|
||||||
|
BIO_METHOD *BIO_s_file(void);
|
||||||
|
BIO *BIO_new_file(const char *filename, const char *mode);
|
||||||
|
BIO *BIO_new_fp(FILE *stream, int close_flag);
|
||||||
|
# define BIO_s_file_internal BIO_s_file
|
||||||
|
# endif
|
||||||
|
BIO *BIO_new(BIO_METHOD *type);
|
||||||
|
int BIO_set(BIO *a, BIO_METHOD *type);
|
||||||
|
int BIO_free(BIO *a);
|
||||||
|
void BIO_vfree(BIO *a);
|
||||||
|
int BIO_read(BIO *b, void *data, int len);
|
||||||
|
int BIO_gets(BIO *bp, char *buf, int size);
|
||||||
|
int BIO_write(BIO *b, const void *data, int len);
|
||||||
|
int BIO_puts(BIO *bp, const char *buf);
|
||||||
|
int BIO_indent(BIO *b, int indent, int max);
|
||||||
|
long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
|
||||||
|
long BIO_callback_ctrl(BIO *b, int cmd,
|
||||||
|
void (*fp) (struct bio_st *, int, const char *, int,
|
||||||
|
long, long));
|
||||||
|
char *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
|
||||||
|
long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
|
||||||
|
BIO *BIO_push(BIO *b, BIO *append);
|
||||||
|
BIO *BIO_pop(BIO *b);
|
||||||
|
void BIO_free_all(BIO *a);
|
||||||
|
BIO *BIO_find_type(BIO *b, int bio_type);
|
||||||
|
BIO *BIO_next(BIO *b);
|
||||||
|
BIO *BIO_get_retry_BIO(BIO *bio, int *reason);
|
||||||
|
int BIO_get_retry_reason(BIO *bio);
|
||||||
|
BIO *BIO_dup_chain(BIO *in);
|
||||||
|
|
||||||
|
int BIO_nread0(BIO *bio, char **buf);
|
||||||
|
int BIO_nread(BIO *bio, char **buf, int num);
|
||||||
|
int BIO_nwrite0(BIO *bio, char **buf);
|
||||||
|
int BIO_nwrite(BIO *bio, char **buf, int num);
|
||||||
|
|
||||||
|
long BIO_debug_callback(BIO *bio, int cmd, const char *argp, int argi,
|
||||||
|
long argl, long ret);
|
||||||
|
|
||||||
|
BIO_METHOD *BIO_s_mem(void);
|
||||||
|
BIO *BIO_new_mem_buf(void *buf, int len);
|
||||||
|
BIO_METHOD *BIO_s_socket(void);
|
||||||
|
BIO_METHOD *BIO_s_connect(void);
|
||||||
|
BIO_METHOD *BIO_s_accept(void);
|
||||||
|
BIO_METHOD *BIO_s_fd(void);
|
||||||
|
# ifndef OPENSSL_SYS_OS2
|
||||||
|
BIO_METHOD *BIO_s_log(void);
|
||||||
|
# endif
|
||||||
|
BIO_METHOD *BIO_s_bio(void);
|
||||||
|
BIO_METHOD *BIO_s_null(void);
|
||||||
|
BIO_METHOD *BIO_f_null(void);
|
||||||
|
BIO_METHOD *BIO_f_buffer(void);
|
||||||
|
# ifdef OPENSSL_SYS_VMS
|
||||||
|
BIO_METHOD *BIO_f_linebuffer(void);
|
||||||
|
# endif
|
||||||
|
BIO_METHOD *BIO_f_nbio_test(void);
|
||||||
|
# ifndef OPENSSL_NO_DGRAM
|
||||||
|
BIO_METHOD *BIO_s_datagram(void);
|
||||||
|
# ifndef OPENSSL_NO_SCTP
|
||||||
|
BIO_METHOD *BIO_s_datagram_sctp(void);
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* BIO_METHOD *BIO_f_ber(void); */
|
||||||
|
|
||||||
|
int BIO_sock_should_retry(int i);
|
||||||
|
int BIO_sock_non_fatal_error(int error);
|
||||||
|
int BIO_dgram_non_fatal_error(int error);
|
||||||
|
|
||||||
|
int BIO_fd_should_retry(int i);
|
||||||
|
int BIO_fd_non_fatal_error(int error);
|
||||||
|
int BIO_dump_cb(int (*cb) (const void *data, size_t len, void *u),
|
||||||
|
void *u, const char *s, int len);
|
||||||
|
int BIO_dump_indent_cb(int (*cb) (const void *data, size_t len, void *u),
|
||||||
|
void *u, const char *s, int len, int indent);
|
||||||
|
int BIO_dump(BIO *b, const char *bytes, int len);
|
||||||
|
int BIO_dump_indent(BIO *b, const char *bytes, int len, int indent);
|
||||||
|
# ifndef OPENSSL_NO_FP_API
|
||||||
|
int BIO_dump_fp(FILE *fp, const char *s, int len);
|
||||||
|
int BIO_dump_indent_fp(FILE *fp, const char *s, int len, int indent);
|
||||||
|
# endif
|
||||||
|
int BIO_hex_string(BIO *out, int indent, int width, unsigned char *data,
|
||||||
|
int datalen);
|
||||||
|
|
||||||
|
struct hostent *BIO_gethostbyname(const char *name);
|
||||||
|
/*-
|
||||||
|
* We might want a thread-safe interface too:
|
||||||
|
* struct hostent *BIO_gethostbyname_r(const char *name,
|
||||||
|
* struct hostent *result, void *buffer, size_t buflen);
|
||||||
|
* or something similar (caller allocates a struct hostent,
|
||||||
|
* pointed to by "result", and additional buffer space for the various
|
||||||
|
* substructures; if the buffer does not suffice, NULL is returned
|
||||||
|
* and an appropriate error code is set).
|
||||||
|
*/
|
||||||
|
int BIO_sock_error(int sock);
|
||||||
|
int BIO_socket_ioctl(int fd, long type, void *arg);
|
||||||
|
int BIO_socket_nbio(int fd, int mode);
|
||||||
|
int BIO_get_port(const char *str, unsigned short *port_ptr);
|
||||||
|
int BIO_get_host_ip(const char *str, unsigned char *ip);
|
||||||
|
int BIO_get_accept_socket(char *host_port, int mode);
|
||||||
|
int BIO_accept(int sock, char **ip_port);
|
||||||
|
int BIO_sock_init(void);
|
||||||
|
void BIO_sock_cleanup(void);
|
||||||
|
int BIO_set_tcp_ndelay(int sock, int turn_on);
|
||||||
|
|
||||||
|
BIO *BIO_new_socket(int sock, int close_flag);
|
||||||
|
BIO *BIO_new_dgram(int fd, int close_flag);
|
||||||
|
# ifndef OPENSSL_NO_SCTP
|
||||||
|
BIO *BIO_new_dgram_sctp(int fd, int close_flag);
|
||||||
|
int BIO_dgram_is_sctp(BIO *bio);
|
||||||
|
int BIO_dgram_sctp_notification_cb(BIO *b,
|
||||||
|
void (*handle_notifications) (BIO *bio,
|
||||||
|
void
|
||||||
|
*context,
|
||||||
|
void *buf),
|
||||||
|
void *context);
|
||||||
|
int BIO_dgram_sctp_wait_for_dry(BIO *b);
|
||||||
|
int BIO_dgram_sctp_msg_waiting(BIO *b);
|
||||||
|
# endif
|
||||||
|
BIO *BIO_new_fd(int fd, int close_flag);
|
||||||
|
BIO *BIO_new_connect(const char *host_port);
|
||||||
|
BIO *BIO_new_accept(const char *host_port);
|
||||||
|
|
||||||
|
int BIO_new_bio_pair(BIO **bio1, size_t writebuf1,
|
||||||
|
BIO **bio2, size_t writebuf2);
|
||||||
|
/*
|
||||||
|
* If successful, returns 1 and in *bio1, *bio2 two BIO pair endpoints.
|
||||||
|
* Otherwise returns 0 and sets *bio1 and *bio2 to NULL. Size 0 uses default
|
||||||
|
* value.
|
||||||
|
*/
|
||||||
|
|
||||||
|
void BIO_copy_next_retry(BIO *b);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);
|
||||||
|
*/
|
||||||
|
|
||||||
|
# ifdef __GNUC__
|
||||||
|
# define __bio_h__attr__ __attribute__
|
||||||
|
# else
|
||||||
|
# define __bio_h__attr__(x)
|
||||||
|
# endif
|
||||||
|
int BIO_printf(BIO *bio, const char *format, ...)
|
||||||
|
__bio_h__attr__((__format__(__printf__, 2, 3)));
|
||||||
|
int BIO_vprintf(BIO *bio, const char *format, va_list args)
|
||||||
|
__bio_h__attr__((__format__(__printf__, 2, 0)));
|
||||||
|
int BIO_snprintf(char *buf, size_t n, const char *format, ...)
|
||||||
|
__bio_h__attr__((__format__(__printf__, 3, 4)));
|
||||||
|
int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)
|
||||||
|
__bio_h__attr__((__format__(__printf__, 3, 0)));
|
||||||
|
# undef __bio_h__attr__
|
||||||
|
|
||||||
|
/* BEGIN ERROR CODES */
|
||||||
|
/*
|
||||||
|
* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||||
|
* made after this point may be overwritten when the script is next run.
|
||||||
|
*/
|
||||||
|
void ERR_load_BIO_strings(void);
|
||||||
|
|
||||||
|
/* Error codes for the BIO functions. */
|
||||||
|
|
||||||
|
/* Function codes. */
|
||||||
|
# define BIO_F_ACPT_STATE 100
|
||||||
|
# define BIO_F_BIO_ACCEPT 101
|
||||||
|
# define BIO_F_BIO_BER_GET_HEADER 102
|
||||||
|
# define BIO_F_BIO_CALLBACK_CTRL 131
|
||||||
|
# define BIO_F_BIO_CTRL 103
|
||||||
|
# define BIO_F_BIO_GETHOSTBYNAME 120
|
||||||
|
# define BIO_F_BIO_GETS 104
|
||||||
|
# define BIO_F_BIO_GET_ACCEPT_SOCKET 105
|
||||||
|
# define BIO_F_BIO_GET_HOST_IP 106
|
||||||
|
# define BIO_F_BIO_GET_PORT 107
|
||||||
|
# define BIO_F_BIO_MAKE_PAIR 121
|
||||||
|
# define BIO_F_BIO_NEW 108
|
||||||
|
# define BIO_F_BIO_NEW_FILE 109
|
||||||
|
# define BIO_F_BIO_NEW_MEM_BUF 126
|
||||||
|
# define BIO_F_BIO_NREAD 123
|
||||||
|
# define BIO_F_BIO_NREAD0 124
|
||||||
|
# define BIO_F_BIO_NWRITE 125
|
||||||
|
# define BIO_F_BIO_NWRITE0 122
|
||||||
|
# define BIO_F_BIO_PUTS 110
|
||||||
|
# define BIO_F_BIO_READ 111
|
||||||
|
# define BIO_F_BIO_SOCK_INIT 112
|
||||||
|
# define BIO_F_BIO_WRITE 113
|
||||||
|
# define BIO_F_BUFFER_CTRL 114
|
||||||
|
# define BIO_F_CONN_CTRL 127
|
||||||
|
# define BIO_F_CONN_STATE 115
|
||||||
|
# define BIO_F_DGRAM_SCTP_READ 132
|
||||||
|
# define BIO_F_FILE_CTRL 116
|
||||||
|
# define BIO_F_FILE_READ 130
|
||||||
|
# define BIO_F_LINEBUFFER_CTRL 129
|
||||||
|
# define BIO_F_MEM_READ 128
|
||||||
|
# define BIO_F_MEM_WRITE 117
|
||||||
|
# define BIO_F_SSL_NEW 118
|
||||||
|
# define BIO_F_WSASTARTUP 119
|
||||||
|
|
||||||
|
/* Reason codes. */
|
||||||
|
# define BIO_R_ACCEPT_ERROR 100
|
||||||
|
# define BIO_R_BAD_FOPEN_MODE 101
|
||||||
|
# define BIO_R_BAD_HOSTNAME_LOOKUP 102
|
||||||
|
# define BIO_R_BROKEN_PIPE 124
|
||||||
|
# define BIO_R_CONNECT_ERROR 103
|
||||||
|
# define BIO_R_EOF_ON_MEMORY_BIO 127
|
||||||
|
# define BIO_R_ERROR_SETTING_NBIO 104
|
||||||
|
# define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET 105
|
||||||
|
# define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET 106
|
||||||
|
# define BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET 107
|
||||||
|
# define BIO_R_INVALID_ARGUMENT 125
|
||||||
|
# define BIO_R_INVALID_IP_ADDRESS 108
|
||||||
|
# define BIO_R_IN_USE 123
|
||||||
|
# define BIO_R_KEEPALIVE 109
|
||||||
|
# define BIO_R_NBIO_CONNECT_ERROR 110
|
||||||
|
# define BIO_R_NO_ACCEPT_PORT_SPECIFIED 111
|
||||||
|
# define BIO_R_NO_HOSTNAME_SPECIFIED 112
|
||||||
|
# define BIO_R_NO_PORT_DEFINED 113
|
||||||
|
# define BIO_R_NO_PORT_SPECIFIED 114
|
||||||
|
# define BIO_R_NO_SUCH_FILE 128
|
||||||
|
# define BIO_R_NULL_PARAMETER 115
|
||||||
|
# define BIO_R_TAG_MISMATCH 116
|
||||||
|
# define BIO_R_UNABLE_TO_BIND_SOCKET 117
|
||||||
|
# define BIO_R_UNABLE_TO_CREATE_SOCKET 118
|
||||||
|
# define BIO_R_UNABLE_TO_LISTEN_SOCKET 119
|
||||||
|
# define BIO_R_UNINITIALIZED 120
|
||||||
|
# define BIO_R_UNSUPPORTED_METHOD 121
|
||||||
|
# define BIO_R_WRITE_TO_READ_ONLY_BIO 126
|
||||||
|
# define BIO_R_WSASTARTUP 122
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
|
@ -0,0 +1,934 @@
|
||||||
|
/* crypto/bn/bn.h */
|
||||||
|
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* openssl-core@openssl.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
|
||||||
|
*
|
||||||
|
* Portions of the attached software ("Contribution") are developed by
|
||||||
|
* SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
|
||||||
|
*
|
||||||
|
* The Contribution is licensed pursuant to the Eric Young open source
|
||||||
|
* license provided above.
|
||||||
|
*
|
||||||
|
* The binary polynomial arithmetic software is originally written by
|
||||||
|
* Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_BN_H
|
||||||
|
# define HEADER_BN_H
|
||||||
|
|
||||||
|
# include <openssl/e_os2.h>
|
||||||
|
# ifndef OPENSSL_NO_FP_API
|
||||||
|
# include <stdio.h> /* FILE */
|
||||||
|
# endif
|
||||||
|
# include <openssl/ossl_typ.h>
|
||||||
|
# include <openssl/crypto.h>
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* These preprocessor symbols control various aspects of the bignum headers
|
||||||
|
* and library code. They're not defined by any "normal" configuration, as
|
||||||
|
* they are intended for development and testing purposes. NB: defining all
|
||||||
|
* three can be useful for debugging application code as well as openssl
|
||||||
|
* itself. BN_DEBUG - turn on various debugging alterations to the bignum
|
||||||
|
* code BN_DEBUG_RAND - uses random poisoning of unused words to trip up
|
||||||
|
* mismanagement of bignum internals. You must also define BN_DEBUG.
|
||||||
|
*/
|
||||||
|
/* #define BN_DEBUG */
|
||||||
|
/* #define BN_DEBUG_RAND */
|
||||||
|
|
||||||
|
# ifndef OPENSSL_SMALL_FOOTPRINT
|
||||||
|
# define BN_MUL_COMBA
|
||||||
|
# define BN_SQR_COMBA
|
||||||
|
# define BN_RECURSION
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This next option uses the C libraries (2 word)/(1 word) function. If it is
|
||||||
|
* not defined, I use my C version (which is slower). The reason for this
|
||||||
|
* flag is that when the particular C compiler library routine is used, and
|
||||||
|
* the library is linked with a different compiler, the library is missing.
|
||||||
|
* This mostly happens when the library is built with gcc and then linked
|
||||||
|
* using normal cc. This would be a common occurrence because gcc normally
|
||||||
|
* produces code that is 2 times faster than system compilers for the big
|
||||||
|
* number stuff. For machines with only one compiler (or shared libraries),
|
||||||
|
* this should be on. Again this in only really a problem on machines using
|
||||||
|
* "long long's", are 32bit, and are not using my assembler code.
|
||||||
|
*/
|
||||||
|
# if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS) || \
|
||||||
|
defined(OPENSSL_SYS_WIN32) || defined(linux)
|
||||||
|
# ifndef BN_DIV2W
|
||||||
|
# define BN_DIV2W
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* assuming long is 64bit - this is the DEC Alpha unsigned long long is only
|
||||||
|
* 64 bits :-(, don't define BN_LLONG for the DEC Alpha
|
||||||
|
*/
|
||||||
|
# ifdef SIXTY_FOUR_BIT_LONG
|
||||||
|
# define BN_ULLONG unsigned long long
|
||||||
|
# define BN_ULONG unsigned long
|
||||||
|
# define BN_LONG long
|
||||||
|
# define BN_BITS 128
|
||||||
|
# define BN_BYTES 8
|
||||||
|
# define BN_BITS2 64
|
||||||
|
# define BN_BITS4 32
|
||||||
|
# define BN_MASK (0xffffffffffffffffffffffffffffffffLL)
|
||||||
|
# define BN_MASK2 (0xffffffffffffffffL)
|
||||||
|
# define BN_MASK2l (0xffffffffL)
|
||||||
|
# define BN_MASK2h (0xffffffff00000000L)
|
||||||
|
# define BN_MASK2h1 (0xffffffff80000000L)
|
||||||
|
# define BN_TBIT (0x8000000000000000L)
|
||||||
|
# define BN_DEC_CONV (10000000000000000000UL)
|
||||||
|
# define BN_DEC_FMT1 "%lu"
|
||||||
|
# define BN_DEC_FMT2 "%019lu"
|
||||||
|
# define BN_DEC_NUM 19
|
||||||
|
# define BN_HEX_FMT1 "%lX"
|
||||||
|
# define BN_HEX_FMT2 "%016lX"
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This is where the long long data type is 64 bits, but long is 32. For
|
||||||
|
* machines where there are 64bit registers, this is the mode to use. IRIX,
|
||||||
|
* on R4000 and above should use this mode, along with the relevant assembler
|
||||||
|
* code :-). Do NOT define BN_LLONG.
|
||||||
|
*/
|
||||||
|
# ifdef SIXTY_FOUR_BIT
|
||||||
|
# undef BN_LLONG
|
||||||
|
# undef BN_ULLONG
|
||||||
|
# define BN_ULONG unsigned long long
|
||||||
|
# define BN_LONG long long
|
||||||
|
# define BN_BITS 128
|
||||||
|
# define BN_BYTES 8
|
||||||
|
# define BN_BITS2 64
|
||||||
|
# define BN_BITS4 32
|
||||||
|
# define BN_MASK2 (0xffffffffffffffffLL)
|
||||||
|
# define BN_MASK2l (0xffffffffL)
|
||||||
|
# define BN_MASK2h (0xffffffff00000000LL)
|
||||||
|
# define BN_MASK2h1 (0xffffffff80000000LL)
|
||||||
|
# define BN_TBIT (0x8000000000000000LL)
|
||||||
|
# define BN_DEC_CONV (10000000000000000000ULL)
|
||||||
|
# define BN_DEC_FMT1 "%llu"
|
||||||
|
# define BN_DEC_FMT2 "%019llu"
|
||||||
|
# define BN_DEC_NUM 19
|
||||||
|
# define BN_HEX_FMT1 "%llX"
|
||||||
|
# define BN_HEX_FMT2 "%016llX"
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifdef THIRTY_TWO_BIT
|
||||||
|
# ifdef BN_LLONG
|
||||||
|
# if defined(_WIN32) && !defined(__GNUC__)
|
||||||
|
# define BN_ULLONG unsigned __int64
|
||||||
|
# define BN_MASK (0xffffffffffffffffI64)
|
||||||
|
# else
|
||||||
|
# define BN_ULLONG unsigned long long
|
||||||
|
# define BN_MASK (0xffffffffffffffffLL)
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
# define BN_ULONG unsigned int
|
||||||
|
# define BN_LONG int
|
||||||
|
# define BN_BITS 64
|
||||||
|
# define BN_BYTES 4
|
||||||
|
# define BN_BITS2 32
|
||||||
|
# define BN_BITS4 16
|
||||||
|
# define BN_MASK2 (0xffffffffL)
|
||||||
|
# define BN_MASK2l (0xffff)
|
||||||
|
# define BN_MASK2h1 (0xffff8000L)
|
||||||
|
# define BN_MASK2h (0xffff0000L)
|
||||||
|
# define BN_TBIT (0x80000000L)
|
||||||
|
# define BN_DEC_CONV (1000000000L)
|
||||||
|
# define BN_DEC_FMT1 "%u"
|
||||||
|
# define BN_DEC_FMT2 "%09u"
|
||||||
|
# define BN_DEC_NUM 9
|
||||||
|
# define BN_HEX_FMT1 "%X"
|
||||||
|
# define BN_HEX_FMT2 "%08X"
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# define BN_DEFAULT_BITS 1280
|
||||||
|
|
||||||
|
# define BN_FLG_MALLOCED 0x01
|
||||||
|
# define BN_FLG_STATIC_DATA 0x02
|
||||||
|
|
||||||
|
/*
|
||||||
|
* avoid leaking exponent information through timing,
|
||||||
|
* BN_mod_exp_mont() will call BN_mod_exp_mont_consttime,
|
||||||
|
* BN_div() will call BN_div_no_branch,
|
||||||
|
* BN_mod_inverse() will call BN_mod_inverse_no_branch.
|
||||||
|
*/
|
||||||
|
# define BN_FLG_CONSTTIME 0x04
|
||||||
|
|
||||||
|
# ifdef OPENSSL_NO_DEPRECATED
|
||||||
|
/* deprecated name for the flag */
|
||||||
|
# define BN_FLG_EXP_CONSTTIME BN_FLG_CONSTTIME
|
||||||
|
/*
|
||||||
|
* avoid leaking exponent information through timings
|
||||||
|
* (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime)
|
||||||
|
*/
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_DEPRECATED
|
||||||
|
# define BN_FLG_FREE 0x8000
|
||||||
|
/* used for debuging */
|
||||||
|
# endif
|
||||||
|
# define BN_set_flags(b,n) ((b)->flags|=(n))
|
||||||
|
# define BN_get_flags(b,n) ((b)->flags&(n))
|
||||||
|
|
||||||
|
/*
|
||||||
|
* get a clone of a BIGNUM with changed flags, for *temporary* use only (the
|
||||||
|
* two BIGNUMs cannot not be used in parallel!)
|
||||||
|
*/
|
||||||
|
# define BN_with_flags(dest,b,n) ((dest)->d=(b)->d, \
|
||||||
|
(dest)->top=(b)->top, \
|
||||||
|
(dest)->dmax=(b)->dmax, \
|
||||||
|
(dest)->neg=(b)->neg, \
|
||||||
|
(dest)->flags=(((dest)->flags & BN_FLG_MALLOCED) \
|
||||||
|
| ((b)->flags & ~BN_FLG_MALLOCED) \
|
||||||
|
| BN_FLG_STATIC_DATA \
|
||||||
|
| (n)))
|
||||||
|
|
||||||
|
/* Already declared in ossl_typ.h */
|
||||||
|
# if 0
|
||||||
|
typedef struct bignum_st BIGNUM;
|
||||||
|
/* Used for temp variables (declaration hidden in bn_lcl.h) */
|
||||||
|
typedef struct bignum_ctx BN_CTX;
|
||||||
|
typedef struct bn_blinding_st BN_BLINDING;
|
||||||
|
typedef struct bn_mont_ctx_st BN_MONT_CTX;
|
||||||
|
typedef struct bn_recp_ctx_st BN_RECP_CTX;
|
||||||
|
typedef struct bn_gencb_st BN_GENCB;
|
||||||
|
# endif
|
||||||
|
|
||||||
|
struct bignum_st {
|
||||||
|
BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit
|
||||||
|
* chunks. */
|
||||||
|
int top; /* Index of last used d +1. */
|
||||||
|
/* The next are internal book keeping for bn_expand. */
|
||||||
|
int dmax; /* Size of the d array. */
|
||||||
|
int neg; /* one if the number is negative */
|
||||||
|
int flags;
|
||||||
|
};
|
||||||
|
|
||||||
|
/* Used for montgomery multiplication */
|
||||||
|
struct bn_mont_ctx_st {
|
||||||
|
int ri; /* number of bits in R */
|
||||||
|
BIGNUM RR; /* used to convert to montgomery form */
|
||||||
|
BIGNUM N; /* The modulus */
|
||||||
|
BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1 (Ni is only
|
||||||
|
* stored for bignum algorithm) */
|
||||||
|
BN_ULONG n0[2]; /* least significant word(s) of Ni; (type
|
||||||
|
* changed with 0.9.9, was "BN_ULONG n0;"
|
||||||
|
* before) */
|
||||||
|
int flags;
|
||||||
|
};
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Used for reciprocal division/mod functions It cannot be shared between
|
||||||
|
* threads
|
||||||
|
*/
|
||||||
|
struct bn_recp_ctx_st {
|
||||||
|
BIGNUM N; /* the divisor */
|
||||||
|
BIGNUM Nr; /* the reciprocal */
|
||||||
|
int num_bits;
|
||||||
|
int shift;
|
||||||
|
int flags;
|
||||||
|
};
|
||||||
|
|
||||||
|
/* Used for slow "generation" functions. */
|
||||||
|
struct bn_gencb_st {
|
||||||
|
unsigned int ver; /* To handle binary (in)compatibility */
|
||||||
|
void *arg; /* callback-specific data */
|
||||||
|
union {
|
||||||
|
/* if(ver==1) - handles old style callbacks */
|
||||||
|
void (*cb_1) (int, int, void *);
|
||||||
|
/* if(ver==2) - new callback style */
|
||||||
|
int (*cb_2) (int, int, BN_GENCB *);
|
||||||
|
} cb;
|
||||||
|
};
|
||||||
|
/* Wrapper function to make using BN_GENCB easier, */
|
||||||
|
int BN_GENCB_call(BN_GENCB *cb, int a, int b);
|
||||||
|
/* Macro to populate a BN_GENCB structure with an "old"-style callback */
|
||||||
|
# define BN_GENCB_set_old(gencb, callback, cb_arg) { \
|
||||||
|
BN_GENCB *tmp_gencb = (gencb); \
|
||||||
|
tmp_gencb->ver = 1; \
|
||||||
|
tmp_gencb->arg = (cb_arg); \
|
||||||
|
tmp_gencb->cb.cb_1 = (callback); }
|
||||||
|
/* Macro to populate a BN_GENCB structure with a "new"-style callback */
|
||||||
|
# define BN_GENCB_set(gencb, callback, cb_arg) { \
|
||||||
|
BN_GENCB *tmp_gencb = (gencb); \
|
||||||
|
tmp_gencb->ver = 2; \
|
||||||
|
tmp_gencb->arg = (cb_arg); \
|
||||||
|
tmp_gencb->cb.cb_2 = (callback); }
|
||||||
|
|
||||||
|
# define BN_prime_checks 0 /* default: select number of iterations based
|
||||||
|
* on the size of the number */
|
||||||
|
|
||||||
|
/*
|
||||||
|
* number of Miller-Rabin iterations for an error rate of less than 2^-80 for
|
||||||
|
* random 'b'-bit input, b >= 100 (taken from table 4.4 in the Handbook of
|
||||||
|
* Applied Cryptography [Menezes, van Oorschot, Vanstone; CRC Press 1996];
|
||||||
|
* original paper: Damgaard, Landrock, Pomerance: Average case error
|
||||||
|
* estimates for the strong probable prime test. -- Math. Comp. 61 (1993)
|
||||||
|
* 177-194)
|
||||||
|
*/
|
||||||
|
# define BN_prime_checks_for_size(b) ((b) >= 1300 ? 2 : \
|
||||||
|
(b) >= 850 ? 3 : \
|
||||||
|
(b) >= 650 ? 4 : \
|
||||||
|
(b) >= 550 ? 5 : \
|
||||||
|
(b) >= 450 ? 6 : \
|
||||||
|
(b) >= 400 ? 7 : \
|
||||||
|
(b) >= 350 ? 8 : \
|
||||||
|
(b) >= 300 ? 9 : \
|
||||||
|
(b) >= 250 ? 12 : \
|
||||||
|
(b) >= 200 ? 15 : \
|
||||||
|
(b) >= 150 ? 18 : \
|
||||||
|
/* b >= 100 */ 27)
|
||||||
|
|
||||||
|
# define BN_num_bytes(a) ((BN_num_bits(a)+7)/8)
|
||||||
|
|
||||||
|
/* Note that BN_abs_is_word didn't work reliably for w == 0 until 0.9.8 */
|
||||||
|
# define BN_abs_is_word(a,w) ((((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w))) || \
|
||||||
|
(((w) == 0) && ((a)->top == 0)))
|
||||||
|
# define BN_is_zero(a) ((a)->top == 0)
|
||||||
|
# define BN_is_one(a) (BN_abs_is_word((a),1) && !(a)->neg)
|
||||||
|
# define BN_is_word(a,w) (BN_abs_is_word((a),(w)) && (!(w) || !(a)->neg))
|
||||||
|
# define BN_is_odd(a) (((a)->top > 0) && ((a)->d[0] & 1))
|
||||||
|
|
||||||
|
# define BN_one(a) (BN_set_word((a),1))
|
||||||
|
# define BN_zero_ex(a) \
|
||||||
|
do { \
|
||||||
|
BIGNUM *_tmp_bn = (a); \
|
||||||
|
_tmp_bn->top = 0; \
|
||||||
|
_tmp_bn->neg = 0; \
|
||||||
|
} while(0)
|
||||||
|
# ifdef OPENSSL_NO_DEPRECATED
|
||||||
|
# define BN_zero(a) BN_zero_ex(a)
|
||||||
|
# else
|
||||||
|
# define BN_zero(a) (BN_set_word((a),0))
|
||||||
|
# endif
|
||||||
|
|
||||||
|
const BIGNUM *BN_value_one(void);
|
||||||
|
char *BN_options(void);
|
||||||
|
BN_CTX *BN_CTX_new(void);
|
||||||
|
# ifndef OPENSSL_NO_DEPRECATED
|
||||||
|
void BN_CTX_init(BN_CTX *c);
|
||||||
|
# endif
|
||||||
|
void BN_CTX_free(BN_CTX *c);
|
||||||
|
void BN_CTX_start(BN_CTX *ctx);
|
||||||
|
BIGNUM *BN_CTX_get(BN_CTX *ctx);
|
||||||
|
void BN_CTX_end(BN_CTX *ctx);
|
||||||
|
int BN_rand(BIGNUM *rnd, int bits, int top, int bottom);
|
||||||
|
int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom);
|
||||||
|
int BN_rand_range(BIGNUM *rnd, const BIGNUM *range);
|
||||||
|
int BN_pseudo_rand_range(BIGNUM *rnd, const BIGNUM *range);
|
||||||
|
int BN_num_bits(const BIGNUM *a);
|
||||||
|
int BN_num_bits_word(BN_ULONG);
|
||||||
|
BIGNUM *BN_new(void);
|
||||||
|
void BN_init(BIGNUM *);
|
||||||
|
void BN_clear_free(BIGNUM *a);
|
||||||
|
BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b);
|
||||||
|
void BN_swap(BIGNUM *a, BIGNUM *b);
|
||||||
|
BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
|
||||||
|
int BN_bn2bin(const BIGNUM *a, unsigned char *to);
|
||||||
|
BIGNUM *BN_mpi2bn(const unsigned char *s, int len, BIGNUM *ret);
|
||||||
|
int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
|
||||||
|
int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
|
||||||
|
int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
|
||||||
|
int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
|
||||||
|
int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
|
||||||
|
int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
|
||||||
|
int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx);
|
||||||
|
/** BN_set_negative sets sign of a BIGNUM
|
||||||
|
* \param b pointer to the BIGNUM object
|
||||||
|
* \param n 0 if the BIGNUM b should be positive and a value != 0 otherwise
|
||||||
|
*/
|
||||||
|
void BN_set_negative(BIGNUM *b, int n);
|
||||||
|
/** BN_is_negative returns 1 if the BIGNUM is negative
|
||||||
|
* \param a pointer to the BIGNUM object
|
||||||
|
* \return 1 if a < 0 and 0 otherwise
|
||||||
|
*/
|
||||||
|
# define BN_is_negative(a) ((a)->neg != 0)
|
||||||
|
|
||||||
|
int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
|
||||||
|
BN_CTX *ctx);
|
||||||
|
# define BN_mod(rem,m,d,ctx) BN_div(NULL,(rem),(m),(d),(ctx))
|
||||||
|
int BN_nnmod(BIGNUM *r, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx);
|
||||||
|
int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
|
||||||
|
BN_CTX *ctx);
|
||||||
|
int BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
||||||
|
const BIGNUM *m);
|
||||||
|
int BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
|
||||||
|
BN_CTX *ctx);
|
||||||
|
int BN_mod_sub_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
||||||
|
const BIGNUM *m);
|
||||||
|
int BN_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
|
||||||
|
BN_CTX *ctx);
|
||||||
|
int BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
|
||||||
|
int BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
|
||||||
|
int BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *m);
|
||||||
|
int BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m,
|
||||||
|
BN_CTX *ctx);
|
||||||
|
int BN_mod_lshift_quick(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m);
|
||||||
|
|
||||||
|
BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w);
|
||||||
|
BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w);
|
||||||
|
int BN_mul_word(BIGNUM *a, BN_ULONG w);
|
||||||
|
int BN_add_word(BIGNUM *a, BN_ULONG w);
|
||||||
|
int BN_sub_word(BIGNUM *a, BN_ULONG w);
|
||||||
|
int BN_set_word(BIGNUM *a, BN_ULONG w);
|
||||||
|
BN_ULONG BN_get_word(const BIGNUM *a);
|
||||||
|
|
||||||
|
int BN_cmp(const BIGNUM *a, const BIGNUM *b);
|
||||||
|
void BN_free(BIGNUM *a);
|
||||||
|
int BN_is_bit_set(const BIGNUM *a, int n);
|
||||||
|
int BN_lshift(BIGNUM *r, const BIGNUM *a, int n);
|
||||||
|
int BN_lshift1(BIGNUM *r, const BIGNUM *a);
|
||||||
|
int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
|
||||||
|
|
||||||
|
int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
|
||||||
|
const BIGNUM *m, BN_CTX *ctx);
|
||||||
|
int BN_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
|
||||||
|
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
|
||||||
|
int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
|
||||||
|
const BIGNUM *m, BN_CTX *ctx,
|
||||||
|
BN_MONT_CTX *in_mont);
|
||||||
|
int BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p,
|
||||||
|
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
|
||||||
|
int BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1, const BIGNUM *p1,
|
||||||
|
const BIGNUM *a2, const BIGNUM *p2, const BIGNUM *m,
|
||||||
|
BN_CTX *ctx, BN_MONT_CTX *m_ctx);
|
||||||
|
int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
|
||||||
|
const BIGNUM *m, BN_CTX *ctx);
|
||||||
|
|
||||||
|
int BN_mask_bits(BIGNUM *a, int n);
|
||||||
|
# ifndef OPENSSL_NO_FP_API
|
||||||
|
int BN_print_fp(FILE *fp, const BIGNUM *a);
|
||||||
|
# endif
|
||||||
|
# ifdef HEADER_BIO_H
|
||||||
|
int BN_print(BIO *fp, const BIGNUM *a);
|
||||||
|
# else
|
||||||
|
int BN_print(void *fp, const BIGNUM *a);
|
||||||
|
# endif
|
||||||
|
int BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx);
|
||||||
|
int BN_rshift(BIGNUM *r, const BIGNUM *a, int n);
|
||||||
|
int BN_rshift1(BIGNUM *r, const BIGNUM *a);
|
||||||
|
void BN_clear(BIGNUM *a);
|
||||||
|
BIGNUM *BN_dup(const BIGNUM *a);
|
||||||
|
int BN_ucmp(const BIGNUM *a, const BIGNUM *b);
|
||||||
|
int BN_set_bit(BIGNUM *a, int n);
|
||||||
|
int BN_clear_bit(BIGNUM *a, int n);
|
||||||
|
char *BN_bn2hex(const BIGNUM *a);
|
||||||
|
char *BN_bn2dec(const BIGNUM *a);
|
||||||
|
int BN_hex2bn(BIGNUM **a, const char *str);
|
||||||
|
int BN_dec2bn(BIGNUM **a, const char *str);
|
||||||
|
int BN_asc2bn(BIGNUM **a, const char *str);
|
||||||
|
int BN_gcd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
|
||||||
|
int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); /* returns
|
||||||
|
* -2 for
|
||||||
|
* error */
|
||||||
|
BIGNUM *BN_mod_inverse(BIGNUM *ret,
|
||||||
|
const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx);
|
||||||
|
BIGNUM *BN_mod_sqrt(BIGNUM *ret,
|
||||||
|
const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx);
|
||||||
|
|
||||||
|
void BN_consttime_swap(BN_ULONG swap, BIGNUM *a, BIGNUM *b, int nwords);
|
||||||
|
|
||||||
|
/* Deprecated versions */
|
||||||
|
# ifndef OPENSSL_NO_DEPRECATED
|
||||||
|
BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe,
|
||||||
|
const BIGNUM *add, const BIGNUM *rem,
|
||||||
|
void (*callback) (int, int, void *), void *cb_arg);
|
||||||
|
int BN_is_prime(const BIGNUM *p, int nchecks,
|
||||||
|
void (*callback) (int, int, void *),
|
||||||
|
BN_CTX *ctx, void *cb_arg);
|
||||||
|
int BN_is_prime_fasttest(const BIGNUM *p, int nchecks,
|
||||||
|
void (*callback) (int, int, void *), BN_CTX *ctx,
|
||||||
|
void *cb_arg, int do_trial_division);
|
||||||
|
# endif /* !defined(OPENSSL_NO_DEPRECATED) */
|
||||||
|
|
||||||
|
/* Newer versions */
|
||||||
|
int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
|
||||||
|
const BIGNUM *rem, BN_GENCB *cb);
|
||||||
|
int BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, BN_GENCB *cb);
|
||||||
|
int BN_is_prime_fasttest_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx,
|
||||||
|
int do_trial_division, BN_GENCB *cb);
|
||||||
|
|
||||||
|
int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx);
|
||||||
|
|
||||||
|
int BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
|
||||||
|
const BIGNUM *Xp, const BIGNUM *Xp1,
|
||||||
|
const BIGNUM *Xp2, const BIGNUM *e, BN_CTX *ctx,
|
||||||
|
BN_GENCB *cb);
|
||||||
|
int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, BIGNUM *Xp1,
|
||||||
|
BIGNUM *Xp2, const BIGNUM *Xp, const BIGNUM *e,
|
||||||
|
BN_CTX *ctx, BN_GENCB *cb);
|
||||||
|
|
||||||
|
BN_MONT_CTX *BN_MONT_CTX_new(void);
|
||||||
|
void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
|
||||||
|
int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
||||||
|
BN_MONT_CTX *mont, BN_CTX *ctx);
|
||||||
|
# define BN_to_montgomery(r,a,mont,ctx) BN_mod_mul_montgomery(\
|
||||||
|
(r),(a),&((mont)->RR),(mont),(ctx))
|
||||||
|
int BN_from_montgomery(BIGNUM *r, const BIGNUM *a,
|
||||||
|
BN_MONT_CTX *mont, BN_CTX *ctx);
|
||||||
|
void BN_MONT_CTX_free(BN_MONT_CTX *mont);
|
||||||
|
int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx);
|
||||||
|
BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from);
|
||||||
|
BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock,
|
||||||
|
const BIGNUM *mod, BN_CTX *ctx);
|
||||||
|
|
||||||
|
/* BN_BLINDING flags */
|
||||||
|
# define BN_BLINDING_NO_UPDATE 0x00000001
|
||||||
|
# define BN_BLINDING_NO_RECREATE 0x00000002
|
||||||
|
|
||||||
|
BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod);
|
||||||
|
void BN_BLINDING_free(BN_BLINDING *b);
|
||||||
|
int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx);
|
||||||
|
int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
|
||||||
|
int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
|
||||||
|
int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *);
|
||||||
|
int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
|
||||||
|
BN_CTX *);
|
||||||
|
# ifndef OPENSSL_NO_DEPRECATED
|
||||||
|
unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *);
|
||||||
|
void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long);
|
||||||
|
# endif
|
||||||
|
CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *);
|
||||||
|
unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
|
||||||
|
void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
|
||||||
|
BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
|
||||||
|
const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
|
||||||
|
int (*bn_mod_exp) (BIGNUM *r,
|
||||||
|
const BIGNUM *a,
|
||||||
|
const BIGNUM *p,
|
||||||
|
const BIGNUM *m,
|
||||||
|
BN_CTX *ctx,
|
||||||
|
BN_MONT_CTX *m_ctx),
|
||||||
|
BN_MONT_CTX *m_ctx);
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_DEPRECATED
|
||||||
|
void BN_set_params(int mul, int high, int low, int mont);
|
||||||
|
int BN_get_params(int which); /* 0, mul, 1 high, 2 low, 3 mont */
|
||||||
|
# endif
|
||||||
|
|
||||||
|
void BN_RECP_CTX_init(BN_RECP_CTX *recp);
|
||||||
|
BN_RECP_CTX *BN_RECP_CTX_new(void);
|
||||||
|
void BN_RECP_CTX_free(BN_RECP_CTX *recp);
|
||||||
|
int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *rdiv, BN_CTX *ctx);
|
||||||
|
int BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y,
|
||||||
|
BN_RECP_CTX *recp, BN_CTX *ctx);
|
||||||
|
int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
|
||||||
|
const BIGNUM *m, BN_CTX *ctx);
|
||||||
|
int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
|
||||||
|
BN_RECP_CTX *recp, BN_CTX *ctx);
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_EC2M
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Functions for arithmetic over binary polynomials represented by BIGNUMs.
|
||||||
|
* The BIGNUM::neg property of BIGNUMs representing binary polynomials is
|
||||||
|
* ignored. Note that input arguments are not const so that their bit arrays
|
||||||
|
* can be expanded to the appropriate size if needed.
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* r = a + b
|
||||||
|
*/
|
||||||
|
int BN_GF2m_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
|
||||||
|
# define BN_GF2m_sub(r, a, b) BN_GF2m_add(r, a, b)
|
||||||
|
/*
|
||||||
|
* r=a mod p
|
||||||
|
*/
|
||||||
|
int BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p);
|
||||||
|
/* r = (a * b) mod p */
|
||||||
|
int BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
||||||
|
const BIGNUM *p, BN_CTX *ctx);
|
||||||
|
/* r = (a * a) mod p */
|
||||||
|
int BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
|
||||||
|
/* r = (1 / b) mod p */
|
||||||
|
int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *b, const BIGNUM *p, BN_CTX *ctx);
|
||||||
|
/* r = (a / b) mod p */
|
||||||
|
int BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
||||||
|
const BIGNUM *p, BN_CTX *ctx);
|
||||||
|
/* r = (a ^ b) mod p */
|
||||||
|
int BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
||||||
|
const BIGNUM *p, BN_CTX *ctx);
|
||||||
|
/* r = sqrt(a) mod p */
|
||||||
|
int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
|
||||||
|
BN_CTX *ctx);
|
||||||
|
/* r^2 + r = a mod p */
|
||||||
|
int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
|
||||||
|
BN_CTX *ctx);
|
||||||
|
# define BN_GF2m_cmp(a, b) BN_ucmp((a), (b))
|
||||||
|
/*-
|
||||||
|
* Some functions allow for representation of the irreducible polynomials
|
||||||
|
* as an unsigned int[], say p. The irreducible f(t) is then of the form:
|
||||||
|
* t^p[0] + t^p[1] + ... + t^p[k]
|
||||||
|
* where m = p[0] > p[1] > ... > p[k] = 0.
|
||||||
|
*/
|
||||||
|
/* r = a mod p */
|
||||||
|
int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const int p[]);
|
||||||
|
/* r = (a * b) mod p */
|
||||||
|
int BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
||||||
|
const int p[], BN_CTX *ctx);
|
||||||
|
/* r = (a * a) mod p */
|
||||||
|
int BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const int p[],
|
||||||
|
BN_CTX *ctx);
|
||||||
|
/* r = (1 / b) mod p */
|
||||||
|
int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *b, const int p[],
|
||||||
|
BN_CTX *ctx);
|
||||||
|
/* r = (a / b) mod p */
|
||||||
|
int BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
||||||
|
const int p[], BN_CTX *ctx);
|
||||||
|
/* r = (a ^ b) mod p */
|
||||||
|
int BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
||||||
|
const int p[], BN_CTX *ctx);
|
||||||
|
/* r = sqrt(a) mod p */
|
||||||
|
int BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a,
|
||||||
|
const int p[], BN_CTX *ctx);
|
||||||
|
/* r^2 + r = a mod p */
|
||||||
|
int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a,
|
||||||
|
const int p[], BN_CTX *ctx);
|
||||||
|
int BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max);
|
||||||
|
int BN_GF2m_arr2poly(const int p[], BIGNUM *a);
|
||||||
|
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* faster mod functions for the 'NIST primes' 0 <= a < p^2
|
||||||
|
*/
|
||||||
|
int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
|
||||||
|
int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
|
||||||
|
int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
|
||||||
|
int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
|
||||||
|
int BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
|
||||||
|
|
||||||
|
const BIGNUM *BN_get0_nist_prime_192(void);
|
||||||
|
const BIGNUM *BN_get0_nist_prime_224(void);
|
||||||
|
const BIGNUM *BN_get0_nist_prime_256(void);
|
||||||
|
const BIGNUM *BN_get0_nist_prime_384(void);
|
||||||
|
const BIGNUM *BN_get0_nist_prime_521(void);
|
||||||
|
|
||||||
|
/* library internal functions */
|
||||||
|
|
||||||
|
# define bn_expand(a,bits) ((((((bits+BN_BITS2-1))/BN_BITS2)) <= (a)->dmax)?\
|
||||||
|
(a):bn_expand2((a),(bits+BN_BITS2-1)/BN_BITS2))
|
||||||
|
# define bn_wexpand(a,words) (((words) <= (a)->dmax)?(a):bn_expand2((a),(words)))
|
||||||
|
BIGNUM *bn_expand2(BIGNUM *a, int words);
|
||||||
|
# ifndef OPENSSL_NO_DEPRECATED
|
||||||
|
BIGNUM *bn_dup_expand(const BIGNUM *a, int words); /* unused */
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/*-
|
||||||
|
* Bignum consistency macros
|
||||||
|
* There is one "API" macro, bn_fix_top(), for stripping leading zeroes from
|
||||||
|
* bignum data after direct manipulations on the data. There is also an
|
||||||
|
* "internal" macro, bn_check_top(), for verifying that there are no leading
|
||||||
|
* zeroes. Unfortunately, some auditing is required due to the fact that
|
||||||
|
* bn_fix_top() has become an overabused duct-tape because bignum data is
|
||||||
|
* occasionally passed around in an inconsistent state. So the following
|
||||||
|
* changes have been made to sort this out;
|
||||||
|
* - bn_fix_top()s implementation has been moved to bn_correct_top()
|
||||||
|
* - if BN_DEBUG isn't defined, bn_fix_top() maps to bn_correct_top(), and
|
||||||
|
* bn_check_top() is as before.
|
||||||
|
* - if BN_DEBUG *is* defined;
|
||||||
|
* - bn_check_top() tries to pollute unused words even if the bignum 'top' is
|
||||||
|
* consistent. (ed: only if BN_DEBUG_RAND is defined)
|
||||||
|
* - bn_fix_top() maps to bn_check_top() rather than "fixing" anything.
|
||||||
|
* The idea is to have debug builds flag up inconsistent bignums when they
|
||||||
|
* occur. If that occurs in a bn_fix_top(), we examine the code in question; if
|
||||||
|
* the use of bn_fix_top() was appropriate (ie. it follows directly after code
|
||||||
|
* that manipulates the bignum) it is converted to bn_correct_top(), and if it
|
||||||
|
* was not appropriate, we convert it permanently to bn_check_top() and track
|
||||||
|
* down the cause of the bug. Eventually, no internal code should be using the
|
||||||
|
* bn_fix_top() macro. External applications and libraries should try this with
|
||||||
|
* their own code too, both in terms of building against the openssl headers
|
||||||
|
* with BN_DEBUG defined *and* linking with a version of OpenSSL built with it
|
||||||
|
* defined. This not only improves external code, it provides more test
|
||||||
|
* coverage for openssl's own code.
|
||||||
|
*/
|
||||||
|
|
||||||
|
# ifdef BN_DEBUG
|
||||||
|
|
||||||
|
/* We only need assert() when debugging */
|
||||||
|
# include <assert.h>
|
||||||
|
|
||||||
|
# ifdef BN_DEBUG_RAND
|
||||||
|
/* To avoid "make update" cvs wars due to BN_DEBUG, use some tricks */
|
||||||
|
# ifndef RAND_pseudo_bytes
|
||||||
|
int RAND_pseudo_bytes(unsigned char *buf, int num);
|
||||||
|
# define BN_DEBUG_TRIX
|
||||||
|
# endif
|
||||||
|
# define bn_pollute(a) \
|
||||||
|
do { \
|
||||||
|
const BIGNUM *_bnum1 = (a); \
|
||||||
|
if(_bnum1->top < _bnum1->dmax) { \
|
||||||
|
unsigned char _tmp_char; \
|
||||||
|
/* We cast away const without the compiler knowing, any \
|
||||||
|
* *genuinely* constant variables that aren't mutable \
|
||||||
|
* wouldn't be constructed with top!=dmax. */ \
|
||||||
|
BN_ULONG *_not_const; \
|
||||||
|
memcpy(&_not_const, &_bnum1->d, sizeof(BN_ULONG*)); \
|
||||||
|
RAND_pseudo_bytes(&_tmp_char, 1); \
|
||||||
|
memset((unsigned char *)(_not_const + _bnum1->top), _tmp_char, \
|
||||||
|
(_bnum1->dmax - _bnum1->top) * sizeof(BN_ULONG)); \
|
||||||
|
} \
|
||||||
|
} while(0)
|
||||||
|
# ifdef BN_DEBUG_TRIX
|
||||||
|
# undef RAND_pseudo_bytes
|
||||||
|
# endif
|
||||||
|
# else
|
||||||
|
# define bn_pollute(a)
|
||||||
|
# endif
|
||||||
|
# define bn_check_top(a) \
|
||||||
|
do { \
|
||||||
|
const BIGNUM *_bnum2 = (a); \
|
||||||
|
if (_bnum2 != NULL) { \
|
||||||
|
assert((_bnum2->top == 0) || \
|
||||||
|
(_bnum2->d[_bnum2->top - 1] != 0)); \
|
||||||
|
bn_pollute(_bnum2); \
|
||||||
|
} \
|
||||||
|
} while(0)
|
||||||
|
|
||||||
|
# define bn_fix_top(a) bn_check_top(a)
|
||||||
|
|
||||||
|
# define bn_check_size(bn, bits) bn_wcheck_size(bn, ((bits+BN_BITS2-1))/BN_BITS2)
|
||||||
|
# define bn_wcheck_size(bn, words) \
|
||||||
|
do { \
|
||||||
|
const BIGNUM *_bnum2 = (bn); \
|
||||||
|
assert((words) <= (_bnum2)->dmax && (words) >= (_bnum2)->top); \
|
||||||
|
/* avoid unused variable warning with NDEBUG */ \
|
||||||
|
(void)(_bnum2); \
|
||||||
|
} while(0)
|
||||||
|
|
||||||
|
# else /* !BN_DEBUG */
|
||||||
|
|
||||||
|
# define bn_pollute(a)
|
||||||
|
# define bn_check_top(a)
|
||||||
|
# define bn_fix_top(a) bn_correct_top(a)
|
||||||
|
# define bn_check_size(bn, bits)
|
||||||
|
# define bn_wcheck_size(bn, words)
|
||||||
|
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# define bn_correct_top(a) \
|
||||||
|
{ \
|
||||||
|
BN_ULONG *ftl; \
|
||||||
|
int tmp_top = (a)->top; \
|
||||||
|
if (tmp_top > 0) \
|
||||||
|
{ \
|
||||||
|
for (ftl= &((a)->d[tmp_top-1]); tmp_top > 0; tmp_top--) \
|
||||||
|
if (*(ftl--)) break; \
|
||||||
|
(a)->top = tmp_top; \
|
||||||
|
} \
|
||||||
|
bn_pollute(a); \
|
||||||
|
}
|
||||||
|
|
||||||
|
BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num,
|
||||||
|
BN_ULONG w);
|
||||||
|
BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w);
|
||||||
|
void bn_sqr_words(BN_ULONG *rp, const BN_ULONG *ap, int num);
|
||||||
|
BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d);
|
||||||
|
BN_ULONG bn_add_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
|
||||||
|
int num);
|
||||||
|
BN_ULONG bn_sub_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
|
||||||
|
int num);
|
||||||
|
|
||||||
|
/* Primes from RFC 2409 */
|
||||||
|
BIGNUM *get_rfc2409_prime_768(BIGNUM *bn);
|
||||||
|
BIGNUM *get_rfc2409_prime_1024(BIGNUM *bn);
|
||||||
|
|
||||||
|
/* Primes from RFC 3526 */
|
||||||
|
BIGNUM *get_rfc3526_prime_1536(BIGNUM *bn);
|
||||||
|
BIGNUM *get_rfc3526_prime_2048(BIGNUM *bn);
|
||||||
|
BIGNUM *get_rfc3526_prime_3072(BIGNUM *bn);
|
||||||
|
BIGNUM *get_rfc3526_prime_4096(BIGNUM *bn);
|
||||||
|
BIGNUM *get_rfc3526_prime_6144(BIGNUM *bn);
|
||||||
|
BIGNUM *get_rfc3526_prime_8192(BIGNUM *bn);
|
||||||
|
|
||||||
|
int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom);
|
||||||
|
|
||||||
|
/* BEGIN ERROR CODES */
|
||||||
|
/*
|
||||||
|
* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||||
|
* made after this point may be overwritten when the script is next run.
|
||||||
|
*/
|
||||||
|
void ERR_load_BN_strings(void);
|
||||||
|
|
||||||
|
/* Error codes for the BN functions. */
|
||||||
|
|
||||||
|
/* Function codes. */
|
||||||
|
# define BN_F_BNRAND 127
|
||||||
|
# define BN_F_BN_BLINDING_CONVERT_EX 100
|
||||||
|
# define BN_F_BN_BLINDING_CREATE_PARAM 128
|
||||||
|
# define BN_F_BN_BLINDING_INVERT_EX 101
|
||||||
|
# define BN_F_BN_BLINDING_NEW 102
|
||||||
|
# define BN_F_BN_BLINDING_UPDATE 103
|
||||||
|
# define BN_F_BN_BN2DEC 104
|
||||||
|
# define BN_F_BN_BN2HEX 105
|
||||||
|
# define BN_F_BN_CTX_GET 116
|
||||||
|
# define BN_F_BN_CTX_NEW 106
|
||||||
|
# define BN_F_BN_CTX_START 129
|
||||||
|
# define BN_F_BN_DIV 107
|
||||||
|
# define BN_F_BN_DIV_NO_BRANCH 138
|
||||||
|
# define BN_F_BN_DIV_RECP 130
|
||||||
|
# define BN_F_BN_EXP 123
|
||||||
|
# define BN_F_BN_EXPAND2 108
|
||||||
|
# define BN_F_BN_EXPAND_INTERNAL 120
|
||||||
|
# define BN_F_BN_GF2M_MOD 131
|
||||||
|
# define BN_F_BN_GF2M_MOD_EXP 132
|
||||||
|
# define BN_F_BN_GF2M_MOD_MUL 133
|
||||||
|
# define BN_F_BN_GF2M_MOD_SOLVE_QUAD 134
|
||||||
|
# define BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR 135
|
||||||
|
# define BN_F_BN_GF2M_MOD_SQR 136
|
||||||
|
# define BN_F_BN_GF2M_MOD_SQRT 137
|
||||||
|
# define BN_F_BN_MOD_EXP2_MONT 118
|
||||||
|
# define BN_F_BN_MOD_EXP_MONT 109
|
||||||
|
# define BN_F_BN_MOD_EXP_MONT_CONSTTIME 124
|
||||||
|
# define BN_F_BN_MOD_EXP_MONT_WORD 117
|
||||||
|
# define BN_F_BN_MOD_EXP_RECP 125
|
||||||
|
# define BN_F_BN_MOD_EXP_SIMPLE 126
|
||||||
|
# define BN_F_BN_MOD_INVERSE 110
|
||||||
|
# define BN_F_BN_MOD_INVERSE_NO_BRANCH 139
|
||||||
|
# define BN_F_BN_MOD_LSHIFT_QUICK 119
|
||||||
|
# define BN_F_BN_MOD_MUL_RECIPROCAL 111
|
||||||
|
# define BN_F_BN_MOD_SQRT 121
|
||||||
|
# define BN_F_BN_MPI2BN 112
|
||||||
|
# define BN_F_BN_NEW 113
|
||||||
|
# define BN_F_BN_RAND 114
|
||||||
|
# define BN_F_BN_RAND_RANGE 122
|
||||||
|
# define BN_F_BN_USUB 115
|
||||||
|
|
||||||
|
/* Reason codes. */
|
||||||
|
# define BN_R_ARG2_LT_ARG3 100
|
||||||
|
# define BN_R_BAD_RECIPROCAL 101
|
||||||
|
# define BN_R_BIGNUM_TOO_LONG 114
|
||||||
|
# define BN_R_CALLED_WITH_EVEN_MODULUS 102
|
||||||
|
# define BN_R_DIV_BY_ZERO 103
|
||||||
|
# define BN_R_ENCODING_ERROR 104
|
||||||
|
# define BN_R_EXPAND_ON_STATIC_BIGNUM_DATA 105
|
||||||
|
# define BN_R_INPUT_NOT_REDUCED 110
|
||||||
|
# define BN_R_INVALID_LENGTH 106
|
||||||
|
# define BN_R_INVALID_RANGE 115
|
||||||
|
# define BN_R_NOT_A_SQUARE 111
|
||||||
|
# define BN_R_NOT_INITIALIZED 107
|
||||||
|
# define BN_R_NO_INVERSE 108
|
||||||
|
# define BN_R_NO_SOLUTION 116
|
||||||
|
# define BN_R_P_IS_NOT_PRIME 112
|
||||||
|
# define BN_R_TOO_MANY_ITERATIONS 113
|
||||||
|
# define BN_R_TOO_MANY_TEMPORARY_VARIABLES 109
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
|
@ -0,0 +1,119 @@
|
||||||
|
/* crypto/buffer/buffer.h */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_BUFFER_H
|
||||||
|
# define HEADER_BUFFER_H
|
||||||
|
|
||||||
|
# include <openssl/ossl_typ.h>
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
# include <stddef.h>
|
||||||
|
|
||||||
|
# if !defined(NO_SYS_TYPES_H)
|
||||||
|
# include <sys/types.h>
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* Already declared in ossl_typ.h */
|
||||||
|
/* typedef struct buf_mem_st BUF_MEM; */
|
||||||
|
|
||||||
|
struct buf_mem_st {
|
||||||
|
size_t length; /* current number of bytes */
|
||||||
|
char *data;
|
||||||
|
size_t max; /* size of buffer */
|
||||||
|
};
|
||||||
|
|
||||||
|
BUF_MEM *BUF_MEM_new(void);
|
||||||
|
void BUF_MEM_free(BUF_MEM *a);
|
||||||
|
int BUF_MEM_grow(BUF_MEM *str, size_t len);
|
||||||
|
int BUF_MEM_grow_clean(BUF_MEM *str, size_t len);
|
||||||
|
size_t BUF_strnlen(const char *str, size_t maxlen);
|
||||||
|
char *BUF_strdup(const char *str);
|
||||||
|
char *BUF_strndup(const char *str, size_t siz);
|
||||||
|
void *BUF_memdup(const void *data, size_t siz);
|
||||||
|
void BUF_reverse(unsigned char *out, const unsigned char *in, size_t siz);
|
||||||
|
|
||||||
|
/* safe string functions */
|
||||||
|
size_t BUF_strlcpy(char *dst, const char *src, size_t siz);
|
||||||
|
size_t BUF_strlcat(char *dst, const char *src, size_t siz);
|
||||||
|
|
||||||
|
/* BEGIN ERROR CODES */
|
||||||
|
/*
|
||||||
|
* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||||
|
* made after this point may be overwritten when the script is next run.
|
||||||
|
*/
|
||||||
|
void ERR_load_BUF_strings(void);
|
||||||
|
|
||||||
|
/* Error codes for the BUF functions. */
|
||||||
|
|
||||||
|
/* Function codes. */
|
||||||
|
# define BUF_F_BUF_MEMDUP 103
|
||||||
|
# define BUF_F_BUF_MEM_GROW 100
|
||||||
|
# define BUF_F_BUF_MEM_GROW_CLEAN 105
|
||||||
|
# define BUF_F_BUF_MEM_NEW 101
|
||||||
|
# define BUF_F_BUF_STRDUP 102
|
||||||
|
# define BUF_F_BUF_STRNDUP 104
|
||||||
|
|
||||||
|
/* Reason codes. */
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
|
@ -0,0 +1,79 @@
|
||||||
|
|
||||||
|
#ifndef HEADER_COMP_H
|
||||||
|
# define HEADER_COMP_H
|
||||||
|
|
||||||
|
# include <openssl/crypto.h>
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
typedef struct comp_ctx_st COMP_CTX;
|
||||||
|
|
||||||
|
typedef struct comp_method_st {
|
||||||
|
int type; /* NID for compression library */
|
||||||
|
const char *name; /* A text string to identify the library */
|
||||||
|
int (*init) (COMP_CTX *ctx);
|
||||||
|
void (*finish) (COMP_CTX *ctx);
|
||||||
|
int (*compress) (COMP_CTX *ctx,
|
||||||
|
unsigned char *out, unsigned int olen,
|
||||||
|
unsigned char *in, unsigned int ilen);
|
||||||
|
int (*expand) (COMP_CTX *ctx,
|
||||||
|
unsigned char *out, unsigned int olen,
|
||||||
|
unsigned char *in, unsigned int ilen);
|
||||||
|
/*
|
||||||
|
* The following two do NOTHING, but are kept for backward compatibility
|
||||||
|
*/
|
||||||
|
long (*ctrl) (void);
|
||||||
|
long (*callback_ctrl) (void);
|
||||||
|
} COMP_METHOD;
|
||||||
|
|
||||||
|
struct comp_ctx_st {
|
||||||
|
COMP_METHOD *meth;
|
||||||
|
unsigned long compress_in;
|
||||||
|
unsigned long compress_out;
|
||||||
|
unsigned long expand_in;
|
||||||
|
unsigned long expand_out;
|
||||||
|
CRYPTO_EX_DATA ex_data;
|
||||||
|
};
|
||||||
|
|
||||||
|
COMP_CTX *COMP_CTX_new(COMP_METHOD *meth);
|
||||||
|
void COMP_CTX_free(COMP_CTX *ctx);
|
||||||
|
int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen,
|
||||||
|
unsigned char *in, int ilen);
|
||||||
|
int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen,
|
||||||
|
unsigned char *in, int ilen);
|
||||||
|
COMP_METHOD *COMP_rle(void);
|
||||||
|
COMP_METHOD *COMP_zlib(void);
|
||||||
|
void COMP_zlib_cleanup(void);
|
||||||
|
|
||||||
|
# ifdef HEADER_BIO_H
|
||||||
|
# ifdef ZLIB
|
||||||
|
BIO_METHOD *BIO_f_zlib(void);
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* BEGIN ERROR CODES */
|
||||||
|
/*
|
||||||
|
* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||||
|
* made after this point may be overwritten when the script is next run.
|
||||||
|
*/
|
||||||
|
void ERR_load_COMP_strings(void);
|
||||||
|
|
||||||
|
/* Error codes for the COMP functions. */
|
||||||
|
|
||||||
|
/* Function codes. */
|
||||||
|
# define COMP_F_BIO_ZLIB_FLUSH 99
|
||||||
|
# define COMP_F_BIO_ZLIB_NEW 100
|
||||||
|
# define COMP_F_BIO_ZLIB_READ 101
|
||||||
|
# define COMP_F_BIO_ZLIB_WRITE 102
|
||||||
|
|
||||||
|
/* Reason codes. */
|
||||||
|
# define COMP_R_ZLIB_DEFLATE_ERROR 99
|
||||||
|
# define COMP_R_ZLIB_INFLATE_ERROR 100
|
||||||
|
# define COMP_R_ZLIB_NOT_SUPPORTED 101
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
|
@ -0,0 +1,661 @@
|
||||||
|
/* crypto/crypto.h */
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* openssl-core@openssl.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
|
||||||
|
* ECDH support in OpenSSL originally developed by
|
||||||
|
* SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_CRYPTO_H
|
||||||
|
# define HEADER_CRYPTO_H
|
||||||
|
|
||||||
|
# include <stdlib.h>
|
||||||
|
|
||||||
|
# include <openssl/e_os2.h>
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_FP_API
|
||||||
|
# include <stdio.h>
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# include <openssl/stack.h>
|
||||||
|
# include <openssl/safestack.h>
|
||||||
|
# include <openssl/opensslv.h>
|
||||||
|
# include <openssl/ossl_typ.h>
|
||||||
|
|
||||||
|
# ifdef CHARSET_EBCDIC
|
||||||
|
# include <openssl/ebcdic.h>
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Resolve problems on some operating systems with symbol names that clash
|
||||||
|
* one way or another
|
||||||
|
*/
|
||||||
|
# include <openssl/symhacks.h>
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* Backward compatibility to SSLeay */
|
||||||
|
/*
|
||||||
|
* This is more to be used to check the correct DLL is being used in the MS
|
||||||
|
* world.
|
||||||
|
*/
|
||||||
|
# define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER
|
||||||
|
# define SSLEAY_VERSION 0
|
||||||
|
/* #define SSLEAY_OPTIONS 1 no longer supported */
|
||||||
|
# define SSLEAY_CFLAGS 2
|
||||||
|
# define SSLEAY_BUILT_ON 3
|
||||||
|
# define SSLEAY_PLATFORM 4
|
||||||
|
# define SSLEAY_DIR 5
|
||||||
|
|
||||||
|
/* Already declared in ossl_typ.h */
|
||||||
|
# if 0
|
||||||
|
typedef struct crypto_ex_data_st CRYPTO_EX_DATA;
|
||||||
|
/* Called when a new object is created */
|
||||||
|
typedef int CRYPTO_EX_new (void *parent, void *ptr, CRYPTO_EX_DATA *ad,
|
||||||
|
int idx, long argl, void *argp);
|
||||||
|
/* Called when an object is free()ed */
|
||||||
|
typedef void CRYPTO_EX_free (void *parent, void *ptr, CRYPTO_EX_DATA *ad,
|
||||||
|
int idx, long argl, void *argp);
|
||||||
|
/* Called when we need to dup an object */
|
||||||
|
typedef int CRYPTO_EX_dup (CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from,
|
||||||
|
void *from_d, int idx, long argl, void *argp);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* A generic structure to pass assorted data in a expandable way */
|
||||||
|
typedef struct openssl_item_st {
|
||||||
|
int code;
|
||||||
|
void *value; /* Not used for flag attributes */
|
||||||
|
size_t value_size; /* Max size of value for output, length for
|
||||||
|
* input */
|
||||||
|
size_t *value_length; /* Returned length of value for output */
|
||||||
|
} OPENSSL_ITEM;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* When changing the CRYPTO_LOCK_* list, be sure to maintin the text lock
|
||||||
|
* names in cryptlib.c
|
||||||
|
*/
|
||||||
|
|
||||||
|
# define CRYPTO_LOCK_ERR 1
|
||||||
|
# define CRYPTO_LOCK_EX_DATA 2
|
||||||
|
# define CRYPTO_LOCK_X509 3
|
||||||
|
# define CRYPTO_LOCK_X509_INFO 4
|
||||||
|
# define CRYPTO_LOCK_X509_PKEY 5
|
||||||
|
# define CRYPTO_LOCK_X509_CRL 6
|
||||||
|
# define CRYPTO_LOCK_X509_REQ 7
|
||||||
|
# define CRYPTO_LOCK_DSA 8
|
||||||
|
# define CRYPTO_LOCK_RSA 9
|
||||||
|
# define CRYPTO_LOCK_EVP_PKEY 10
|
||||||
|
# define CRYPTO_LOCK_X509_STORE 11
|
||||||
|
# define CRYPTO_LOCK_SSL_CTX 12
|
||||||
|
# define CRYPTO_LOCK_SSL_CERT 13
|
||||||
|
# define CRYPTO_LOCK_SSL_SESSION 14
|
||||||
|
# define CRYPTO_LOCK_SSL_SESS_CERT 15
|
||||||
|
# define CRYPTO_LOCK_SSL 16
|
||||||
|
# define CRYPTO_LOCK_SSL_METHOD 17
|
||||||
|
# define CRYPTO_LOCK_RAND 18
|
||||||
|
# define CRYPTO_LOCK_RAND2 19
|
||||||
|
# define CRYPTO_LOCK_MALLOC 20
|
||||||
|
# define CRYPTO_LOCK_BIO 21
|
||||||
|
# define CRYPTO_LOCK_GETHOSTBYNAME 22
|
||||||
|
# define CRYPTO_LOCK_GETSERVBYNAME 23
|
||||||
|
# define CRYPTO_LOCK_READDIR 24
|
||||||
|
# define CRYPTO_LOCK_RSA_BLINDING 25
|
||||||
|
# define CRYPTO_LOCK_DH 26
|
||||||
|
# define CRYPTO_LOCK_MALLOC2 27
|
||||||
|
# define CRYPTO_LOCK_DSO 28
|
||||||
|
# define CRYPTO_LOCK_DYNLOCK 29
|
||||||
|
# define CRYPTO_LOCK_ENGINE 30
|
||||||
|
# define CRYPTO_LOCK_UI 31
|
||||||
|
# define CRYPTO_LOCK_ECDSA 32
|
||||||
|
# define CRYPTO_LOCK_EC 33
|
||||||
|
# define CRYPTO_LOCK_ECDH 34
|
||||||
|
# define CRYPTO_LOCK_BN 35
|
||||||
|
# define CRYPTO_LOCK_EC_PRE_COMP 36
|
||||||
|
# define CRYPTO_LOCK_STORE 37
|
||||||
|
# define CRYPTO_LOCK_COMP 38
|
||||||
|
# define CRYPTO_LOCK_FIPS 39
|
||||||
|
# define CRYPTO_LOCK_FIPS2 40
|
||||||
|
# define CRYPTO_NUM_LOCKS 41
|
||||||
|
|
||||||
|
# define CRYPTO_LOCK 1
|
||||||
|
# define CRYPTO_UNLOCK 2
|
||||||
|
# define CRYPTO_READ 4
|
||||||
|
# define CRYPTO_WRITE 8
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_LOCKING
|
||||||
|
# ifndef CRYPTO_w_lock
|
||||||
|
# define CRYPTO_w_lock(type) \
|
||||||
|
CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
|
||||||
|
# define CRYPTO_w_unlock(type) \
|
||||||
|
CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
|
||||||
|
# define CRYPTO_r_lock(type) \
|
||||||
|
CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__)
|
||||||
|
# define CRYPTO_r_unlock(type) \
|
||||||
|
CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__)
|
||||||
|
# define CRYPTO_add(addr,amount,type) \
|
||||||
|
CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__)
|
||||||
|
# endif
|
||||||
|
# else
|
||||||
|
# define CRYPTO_w_lock(a)
|
||||||
|
# define CRYPTO_w_unlock(a)
|
||||||
|
# define CRYPTO_r_lock(a)
|
||||||
|
# define CRYPTO_r_unlock(a)
|
||||||
|
# define CRYPTO_add(a,b,c) ((*(a))+=(b))
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Some applications as well as some parts of OpenSSL need to allocate and
|
||||||
|
* deallocate locks in a dynamic fashion. The following typedef makes this
|
||||||
|
* possible in a type-safe manner.
|
||||||
|
*/
|
||||||
|
/* struct CRYPTO_dynlock_value has to be defined by the application. */
|
||||||
|
typedef struct {
|
||||||
|
int references;
|
||||||
|
struct CRYPTO_dynlock_value *data;
|
||||||
|
} CRYPTO_dynlock;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The following can be used to detect memory leaks in the SSLeay library. It
|
||||||
|
* used, it turns on malloc checking
|
||||||
|
*/
|
||||||
|
|
||||||
|
# define CRYPTO_MEM_CHECK_OFF 0x0/* an enume */
|
||||||
|
# define CRYPTO_MEM_CHECK_ON 0x1/* a bit */
|
||||||
|
# define CRYPTO_MEM_CHECK_ENABLE 0x2/* a bit */
|
||||||
|
# define CRYPTO_MEM_CHECK_DISABLE 0x3/* an enume */
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The following are bit values to turn on or off options connected to the
|
||||||
|
* malloc checking functionality
|
||||||
|
*/
|
||||||
|
|
||||||
|
/* Adds time to the memory checking information */
|
||||||
|
# define V_CRYPTO_MDEBUG_TIME 0x1/* a bit */
|
||||||
|
/* Adds thread number to the memory checking information */
|
||||||
|
# define V_CRYPTO_MDEBUG_THREAD 0x2/* a bit */
|
||||||
|
|
||||||
|
# define V_CRYPTO_MDEBUG_ALL (V_CRYPTO_MDEBUG_TIME | V_CRYPTO_MDEBUG_THREAD)
|
||||||
|
|
||||||
|
/* predec of the BIO type */
|
||||||
|
typedef struct bio_st BIO_dummy;
|
||||||
|
|
||||||
|
struct crypto_ex_data_st {
|
||||||
|
STACK_OF(void) *sk;
|
||||||
|
/* gcc is screwing up this data structure :-( */
|
||||||
|
int dummy;
|
||||||
|
};
|
||||||
|
DECLARE_STACK_OF(void)
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This stuff is basically class callback functions The current classes are
|
||||||
|
* SSL_CTX, SSL, SSL_SESSION, and a few more
|
||||||
|
*/
|
||||||
|
|
||||||
|
typedef struct crypto_ex_data_func_st {
|
||||||
|
long argl; /* Arbitary long */
|
||||||
|
void *argp; /* Arbitary void * */
|
||||||
|
CRYPTO_EX_new *new_func;
|
||||||
|
CRYPTO_EX_free *free_func;
|
||||||
|
CRYPTO_EX_dup *dup_func;
|
||||||
|
} CRYPTO_EX_DATA_FUNCS;
|
||||||
|
|
||||||
|
DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS)
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Per class, we have a STACK of CRYPTO_EX_DATA_FUNCS for each CRYPTO_EX_DATA
|
||||||
|
* entry.
|
||||||
|
*/
|
||||||
|
|
||||||
|
# define CRYPTO_EX_INDEX_BIO 0
|
||||||
|
# define CRYPTO_EX_INDEX_SSL 1
|
||||||
|
# define CRYPTO_EX_INDEX_SSL_CTX 2
|
||||||
|
# define CRYPTO_EX_INDEX_SSL_SESSION 3
|
||||||
|
# define CRYPTO_EX_INDEX_X509_STORE 4
|
||||||
|
# define CRYPTO_EX_INDEX_X509_STORE_CTX 5
|
||||||
|
# define CRYPTO_EX_INDEX_RSA 6
|
||||||
|
# define CRYPTO_EX_INDEX_DSA 7
|
||||||
|
# define CRYPTO_EX_INDEX_DH 8
|
||||||
|
# define CRYPTO_EX_INDEX_ENGINE 9
|
||||||
|
# define CRYPTO_EX_INDEX_X509 10
|
||||||
|
# define CRYPTO_EX_INDEX_UI 11
|
||||||
|
# define CRYPTO_EX_INDEX_ECDSA 12
|
||||||
|
# define CRYPTO_EX_INDEX_ECDH 13
|
||||||
|
# define CRYPTO_EX_INDEX_COMP 14
|
||||||
|
# define CRYPTO_EX_INDEX_STORE 15
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Dynamically assigned indexes start from this value (don't use directly,
|
||||||
|
* use via CRYPTO_ex_data_new_class).
|
||||||
|
*/
|
||||||
|
# define CRYPTO_EX_INDEX_USER 100
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This is the default callbacks, but we can have others as well: this is
|
||||||
|
* needed in Win32 where the application malloc and the library malloc may
|
||||||
|
* not be the same.
|
||||||
|
*/
|
||||||
|
# define CRYPTO_malloc_init() CRYPTO_set_mem_functions(\
|
||||||
|
malloc, realloc, free)
|
||||||
|
|
||||||
|
# if defined CRYPTO_MDEBUG_ALL || defined CRYPTO_MDEBUG_TIME || defined CRYPTO_MDEBUG_THREAD
|
||||||
|
# ifndef CRYPTO_MDEBUG /* avoid duplicate #define */
|
||||||
|
# define CRYPTO_MDEBUG
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Set standard debugging functions (not done by default unless CRYPTO_MDEBUG
|
||||||
|
* is defined)
|
||||||
|
*/
|
||||||
|
# define CRYPTO_malloc_debug_init() do {\
|
||||||
|
CRYPTO_set_mem_debug_functions(\
|
||||||
|
CRYPTO_dbg_malloc,\
|
||||||
|
CRYPTO_dbg_realloc,\
|
||||||
|
CRYPTO_dbg_free,\
|
||||||
|
CRYPTO_dbg_set_options,\
|
||||||
|
CRYPTO_dbg_get_options);\
|
||||||
|
} while(0)
|
||||||
|
|
||||||
|
int CRYPTO_mem_ctrl(int mode);
|
||||||
|
int CRYPTO_is_mem_check_on(void);
|
||||||
|
|
||||||
|
/* for applications */
|
||||||
|
# define MemCheck_start() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON)
|
||||||
|
# define MemCheck_stop() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_OFF)
|
||||||
|
|
||||||
|
/* for library-internal use */
|
||||||
|
# define MemCheck_on() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE)
|
||||||
|
# define MemCheck_off() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE)
|
||||||
|
# define is_MemCheck_on() CRYPTO_is_mem_check_on()
|
||||||
|
|
||||||
|
# define OPENSSL_malloc(num) CRYPTO_malloc((int)num,__FILE__,__LINE__)
|
||||||
|
# define OPENSSL_strdup(str) CRYPTO_strdup((str),__FILE__,__LINE__)
|
||||||
|
# define OPENSSL_realloc(addr,num) \
|
||||||
|
CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__)
|
||||||
|
# define OPENSSL_realloc_clean(addr,old_num,num) \
|
||||||
|
CRYPTO_realloc_clean(addr,old_num,num,__FILE__,__LINE__)
|
||||||
|
# define OPENSSL_remalloc(addr,num) \
|
||||||
|
CRYPTO_remalloc((char **)addr,(int)num,__FILE__,__LINE__)
|
||||||
|
# define OPENSSL_freeFunc CRYPTO_free
|
||||||
|
# define OPENSSL_free(addr) CRYPTO_free(addr)
|
||||||
|
|
||||||
|
# define OPENSSL_malloc_locked(num) \
|
||||||
|
CRYPTO_malloc_locked((int)num,__FILE__,__LINE__)
|
||||||
|
# define OPENSSL_free_locked(addr) CRYPTO_free_locked(addr)
|
||||||
|
|
||||||
|
const char *SSLeay_version(int type);
|
||||||
|
unsigned long SSLeay(void);
|
||||||
|
|
||||||
|
int OPENSSL_issetugid(void);
|
||||||
|
|
||||||
|
/* An opaque type representing an implementation of "ex_data" support */
|
||||||
|
typedef struct st_CRYPTO_EX_DATA_IMPL CRYPTO_EX_DATA_IMPL;
|
||||||
|
/* Return an opaque pointer to the current "ex_data" implementation */
|
||||||
|
const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void);
|
||||||
|
/* Sets the "ex_data" implementation to be used (if it's not too late) */
|
||||||
|
int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i);
|
||||||
|
/* Get a new "ex_data" class, and return the corresponding "class_index" */
|
||||||
|
int CRYPTO_ex_data_new_class(void);
|
||||||
|
/* Within a given class, get/register a new index */
|
||||||
|
int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp,
|
||||||
|
CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
|
||||||
|
CRYPTO_EX_free *free_func);
|
||||||
|
/*
|
||||||
|
* Initialise/duplicate/free CRYPTO_EX_DATA variables corresponding to a
|
||||||
|
* given class (invokes whatever per-class callbacks are applicable)
|
||||||
|
*/
|
||||||
|
int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad);
|
||||||
|
int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to,
|
||||||
|
CRYPTO_EX_DATA *from);
|
||||||
|
void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad);
|
||||||
|
/*
|
||||||
|
* Get/set data in a CRYPTO_EX_DATA variable corresponding to a particular
|
||||||
|
* index (relative to the class type involved)
|
||||||
|
*/
|
||||||
|
int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val);
|
||||||
|
void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad, int idx);
|
||||||
|
/*
|
||||||
|
* This function cleans up all "ex_data" state. It mustn't be called under
|
||||||
|
* potential race-conditions.
|
||||||
|
*/
|
||||||
|
void CRYPTO_cleanup_all_ex_data(void);
|
||||||
|
|
||||||
|
int CRYPTO_get_new_lockid(char *name);
|
||||||
|
|
||||||
|
int CRYPTO_num_locks(void); /* return CRYPTO_NUM_LOCKS (shared libs!) */
|
||||||
|
void CRYPTO_lock(int mode, int type, const char *file, int line);
|
||||||
|
void CRYPTO_set_locking_callback(void (*func) (int mode, int type,
|
||||||
|
const char *file, int line));
|
||||||
|
void (*CRYPTO_get_locking_callback(void)) (int mode, int type,
|
||||||
|
const char *file, int line);
|
||||||
|
void CRYPTO_set_add_lock_callback(int (*func)
|
||||||
|
(int *num, int mount, int type,
|
||||||
|
const char *file, int line));
|
||||||
|
int (*CRYPTO_get_add_lock_callback(void)) (int *num, int mount, int type,
|
||||||
|
const char *file, int line);
|
||||||
|
|
||||||
|
/* Don't use this structure directly. */
|
||||||
|
typedef struct crypto_threadid_st {
|
||||||
|
void *ptr;
|
||||||
|
unsigned long val;
|
||||||
|
} CRYPTO_THREADID;
|
||||||
|
/* Only use CRYPTO_THREADID_set_[numeric|pointer]() within callbacks */
|
||||||
|
void CRYPTO_THREADID_set_numeric(CRYPTO_THREADID *id, unsigned long val);
|
||||||
|
void CRYPTO_THREADID_set_pointer(CRYPTO_THREADID *id, void *ptr);
|
||||||
|
int CRYPTO_THREADID_set_callback(void (*threadid_func) (CRYPTO_THREADID *));
|
||||||
|
void (*CRYPTO_THREADID_get_callback(void)) (CRYPTO_THREADID *);
|
||||||
|
void CRYPTO_THREADID_current(CRYPTO_THREADID *id);
|
||||||
|
int CRYPTO_THREADID_cmp(const CRYPTO_THREADID *a, const CRYPTO_THREADID *b);
|
||||||
|
void CRYPTO_THREADID_cpy(CRYPTO_THREADID *dest, const CRYPTO_THREADID *src);
|
||||||
|
unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id);
|
||||||
|
# ifndef OPENSSL_NO_DEPRECATED
|
||||||
|
void CRYPTO_set_id_callback(unsigned long (*func) (void));
|
||||||
|
unsigned long (*CRYPTO_get_id_callback(void)) (void);
|
||||||
|
unsigned long CRYPTO_thread_id(void);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
const char *CRYPTO_get_lock_name(int type);
|
||||||
|
int CRYPTO_add_lock(int *pointer, int amount, int type, const char *file,
|
||||||
|
int line);
|
||||||
|
|
||||||
|
int CRYPTO_get_new_dynlockid(void);
|
||||||
|
void CRYPTO_destroy_dynlockid(int i);
|
||||||
|
struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i);
|
||||||
|
void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value
|
||||||
|
*(*dyn_create_function) (const char
|
||||||
|
*file,
|
||||||
|
int line));
|
||||||
|
void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function)
|
||||||
|
(int mode,
|
||||||
|
struct CRYPTO_dynlock_value *l,
|
||||||
|
const char *file, int line));
|
||||||
|
void CRYPTO_set_dynlock_destroy_callback(void (*dyn_destroy_function)
|
||||||
|
(struct CRYPTO_dynlock_value *l,
|
||||||
|
const char *file, int line));
|
||||||
|
struct CRYPTO_dynlock_value
|
||||||
|
*(*CRYPTO_get_dynlock_create_callback(void)) (const char *file, int line);
|
||||||
|
void (*CRYPTO_get_dynlock_lock_callback(void)) (int mode,
|
||||||
|
struct CRYPTO_dynlock_value
|
||||||
|
*l, const char *file,
|
||||||
|
int line);
|
||||||
|
void (*CRYPTO_get_dynlock_destroy_callback(void)) (struct CRYPTO_dynlock_value
|
||||||
|
*l, const char *file,
|
||||||
|
int line);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* CRYPTO_set_mem_functions includes CRYPTO_set_locked_mem_functions -- call
|
||||||
|
* the latter last if you need different functions
|
||||||
|
*/
|
||||||
|
int CRYPTO_set_mem_functions(void *(*m) (size_t), void *(*r) (void *, size_t),
|
||||||
|
void (*f) (void *));
|
||||||
|
int CRYPTO_set_locked_mem_functions(void *(*m) (size_t),
|
||||||
|
void (*free_func) (void *));
|
||||||
|
int CRYPTO_set_mem_ex_functions(void *(*m) (size_t, const char *, int),
|
||||||
|
void *(*r) (void *, size_t, const char *,
|
||||||
|
int), void (*f) (void *));
|
||||||
|
int CRYPTO_set_locked_mem_ex_functions(void *(*m) (size_t, const char *, int),
|
||||||
|
void (*free_func) (void *));
|
||||||
|
int CRYPTO_set_mem_debug_functions(void (*m)
|
||||||
|
(void *, int, const char *, int, int),
|
||||||
|
void (*r) (void *, void *, int,
|
||||||
|
const char *, int, int),
|
||||||
|
void (*f) (void *, int), void (*so) (long),
|
||||||
|
long (*go) (void));
|
||||||
|
void CRYPTO_get_mem_functions(void *(**m) (size_t),
|
||||||
|
void *(**r) (void *, size_t),
|
||||||
|
void (**f) (void *));
|
||||||
|
void CRYPTO_get_locked_mem_functions(void *(**m) (size_t),
|
||||||
|
void (**f) (void *));
|
||||||
|
void CRYPTO_get_mem_ex_functions(void *(**m) (size_t, const char *, int),
|
||||||
|
void *(**r) (void *, size_t, const char *,
|
||||||
|
int), void (**f) (void *));
|
||||||
|
void CRYPTO_get_locked_mem_ex_functions(void
|
||||||
|
*(**m) (size_t, const char *, int),
|
||||||
|
void (**f) (void *));
|
||||||
|
void CRYPTO_get_mem_debug_functions(void (**m)
|
||||||
|
(void *, int, const char *, int, int),
|
||||||
|
void (**r) (void *, void *, int,
|
||||||
|
const char *, int, int),
|
||||||
|
void (**f) (void *, int),
|
||||||
|
void (**so) (long), long (**go) (void));
|
||||||
|
|
||||||
|
void *CRYPTO_malloc_locked(int num, const char *file, int line);
|
||||||
|
void CRYPTO_free_locked(void *ptr);
|
||||||
|
void *CRYPTO_malloc(int num, const char *file, int line);
|
||||||
|
char *CRYPTO_strdup(const char *str, const char *file, int line);
|
||||||
|
void CRYPTO_free(void *ptr);
|
||||||
|
void *CRYPTO_realloc(void *addr, int num, const char *file, int line);
|
||||||
|
void *CRYPTO_realloc_clean(void *addr, int old_num, int num, const char *file,
|
||||||
|
int line);
|
||||||
|
void *CRYPTO_remalloc(void *addr, int num, const char *file, int line);
|
||||||
|
|
||||||
|
void OPENSSL_cleanse(void *ptr, size_t len);
|
||||||
|
|
||||||
|
void CRYPTO_set_mem_debug_options(long bits);
|
||||||
|
long CRYPTO_get_mem_debug_options(void);
|
||||||
|
|
||||||
|
# define CRYPTO_push_info(info) \
|
||||||
|
CRYPTO_push_info_(info, __FILE__, __LINE__);
|
||||||
|
int CRYPTO_push_info_(const char *info, const char *file, int line);
|
||||||
|
int CRYPTO_pop_info(void);
|
||||||
|
int CRYPTO_remove_all_info(void);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Default debugging functions (enabled by CRYPTO_malloc_debug_init() macro;
|
||||||
|
* used as default in CRYPTO_MDEBUG compilations):
|
||||||
|
*/
|
||||||
|
/*-
|
||||||
|
* The last argument has the following significance:
|
||||||
|
*
|
||||||
|
* 0: called before the actual memory allocation has taken place
|
||||||
|
* 1: called after the actual memory allocation has taken place
|
||||||
|
*/
|
||||||
|
void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line,
|
||||||
|
int before_p);
|
||||||
|
void CRYPTO_dbg_realloc(void *addr1, void *addr2, int num, const char *file,
|
||||||
|
int line, int before_p);
|
||||||
|
void CRYPTO_dbg_free(void *addr, int before_p);
|
||||||
|
/*-
|
||||||
|
* Tell the debugging code about options. By default, the following values
|
||||||
|
* apply:
|
||||||
|
*
|
||||||
|
* 0: Clear all options.
|
||||||
|
* V_CRYPTO_MDEBUG_TIME (1): Set the "Show Time" option.
|
||||||
|
* V_CRYPTO_MDEBUG_THREAD (2): Set the "Show Thread Number" option.
|
||||||
|
* V_CRYPTO_MDEBUG_ALL (3): 1 + 2
|
||||||
|
*/
|
||||||
|
void CRYPTO_dbg_set_options(long bits);
|
||||||
|
long CRYPTO_dbg_get_options(void);
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_FP_API
|
||||||
|
void CRYPTO_mem_leaks_fp(FILE *);
|
||||||
|
# endif
|
||||||
|
void CRYPTO_mem_leaks(struct bio_st *bio);
|
||||||
|
/* unsigned long order, char *file, int line, int num_bytes, char *addr */
|
||||||
|
typedef void *CRYPTO_MEM_LEAK_CB (unsigned long, const char *, int, int,
|
||||||
|
void *);
|
||||||
|
void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb);
|
||||||
|
|
||||||
|
/* die if we have to */
|
||||||
|
void OpenSSLDie(const char *file, int line, const char *assertion);
|
||||||
|
# define OPENSSL_assert(e) (void)((e) ? 0 : (OpenSSLDie(__FILE__, __LINE__, #e),1))
|
||||||
|
|
||||||
|
unsigned long *OPENSSL_ia32cap_loc(void);
|
||||||
|
# define OPENSSL_ia32cap (*(OPENSSL_ia32cap_loc()))
|
||||||
|
int OPENSSL_isservice(void);
|
||||||
|
|
||||||
|
int FIPS_mode(void);
|
||||||
|
int FIPS_mode_set(int r);
|
||||||
|
|
||||||
|
void OPENSSL_init(void);
|
||||||
|
|
||||||
|
# define fips_md_init(alg) fips_md_init_ctx(alg, alg)
|
||||||
|
|
||||||
|
# ifdef OPENSSL_FIPS
|
||||||
|
# define fips_md_init_ctx(alg, cx) \
|
||||||
|
int alg##_Init(cx##_CTX *c) \
|
||||||
|
{ \
|
||||||
|
if (FIPS_mode()) OpenSSLDie(__FILE__, __LINE__, \
|
||||||
|
"Low level API call to digest " #alg " forbidden in FIPS mode!"); \
|
||||||
|
return private_##alg##_Init(c); \
|
||||||
|
} \
|
||||||
|
int private_##alg##_Init(cx##_CTX *c)
|
||||||
|
|
||||||
|
# define fips_cipher_abort(alg) \
|
||||||
|
if (FIPS_mode()) OpenSSLDie(__FILE__, __LINE__, \
|
||||||
|
"Low level API call to cipher " #alg " forbidden in FIPS mode!")
|
||||||
|
|
||||||
|
# else
|
||||||
|
# define fips_md_init_ctx(alg, cx) \
|
||||||
|
int alg##_Init(cx##_CTX *c)
|
||||||
|
# define fips_cipher_abort(alg) while(0)
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* CRYPTO_memcmp returns zero iff the |len| bytes at |a| and |b| are equal.
|
||||||
|
* It takes an amount of time dependent on |len|, but independent of the
|
||||||
|
* contents of |a| and |b|. Unlike memcmp, it cannot be used to put elements
|
||||||
|
* into a defined order as the return value when a != b is undefined, other
|
||||||
|
* than to be non-zero.
|
||||||
|
*/
|
||||||
|
int CRYPTO_memcmp(const void *a, const void *b, size_t len);
|
||||||
|
|
||||||
|
/* BEGIN ERROR CODES */
|
||||||
|
/*
|
||||||
|
* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||||
|
* made after this point may be overwritten when the script is next run.
|
||||||
|
*/
|
||||||
|
void ERR_load_CRYPTO_strings(void);
|
||||||
|
|
||||||
|
/* Error codes for the CRYPTO functions. */
|
||||||
|
|
||||||
|
/* Function codes. */
|
||||||
|
# define CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX 100
|
||||||
|
# define CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID 103
|
||||||
|
# define CRYPTO_F_CRYPTO_GET_NEW_LOCKID 101
|
||||||
|
# define CRYPTO_F_CRYPTO_SET_EX_DATA 102
|
||||||
|
# define CRYPTO_F_DEF_ADD_INDEX 104
|
||||||
|
# define CRYPTO_F_DEF_GET_CLASS 105
|
||||||
|
# define CRYPTO_F_FIPS_MODE_SET 109
|
||||||
|
# define CRYPTO_F_INT_DUP_EX_DATA 106
|
||||||
|
# define CRYPTO_F_INT_FREE_EX_DATA 107
|
||||||
|
# define CRYPTO_F_INT_NEW_EX_DATA 108
|
||||||
|
|
||||||
|
/* Reason codes. */
|
||||||
|
# define CRYPTO_R_FIPS_MODE_NOT_SUPPORTED 101
|
||||||
|
# define CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK 100
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
|
@ -0,0 +1,392 @@
|
||||||
|
/* crypto/dh/dh.h */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_DH_H
|
||||||
|
# define HEADER_DH_H
|
||||||
|
|
||||||
|
# include <openssl/e_os2.h>
|
||||||
|
|
||||||
|
# ifdef OPENSSL_NO_DH
|
||||||
|
# error DH is disabled.
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_BIO
|
||||||
|
# include <openssl/bio.h>
|
||||||
|
# endif
|
||||||
|
# include <openssl/ossl_typ.h>
|
||||||
|
# ifndef OPENSSL_NO_DEPRECATED
|
||||||
|
# include <openssl/bn.h>
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef OPENSSL_DH_MAX_MODULUS_BITS
|
||||||
|
# define OPENSSL_DH_MAX_MODULUS_BITS 10000
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# define DH_FLAG_CACHE_MONT_P 0x01
|
||||||
|
|
||||||
|
/*
|
||||||
|
* new with 0.9.7h; the built-in DH
|
||||||
|
* implementation now uses constant time
|
||||||
|
* modular exponentiation for secret exponents
|
||||||
|
* by default. This flag causes the
|
||||||
|
* faster variable sliding window method to
|
||||||
|
* be used for all exponents.
|
||||||
|
*/
|
||||||
|
# define DH_FLAG_NO_EXP_CONSTTIME 0x02
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If this flag is set the DH method is FIPS compliant and can be used in
|
||||||
|
* FIPS mode. This is set in the validated module method. If an application
|
||||||
|
* sets this flag in its own methods it is its reposibility to ensure the
|
||||||
|
* result is compliant.
|
||||||
|
*/
|
||||||
|
|
||||||
|
# define DH_FLAG_FIPS_METHOD 0x0400
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If this flag is set the operations normally disabled in FIPS mode are
|
||||||
|
* permitted it is then the applications responsibility to ensure that the
|
||||||
|
* usage is compliant.
|
||||||
|
*/
|
||||||
|
|
||||||
|
# define DH_FLAG_NON_FIPS_ALLOW 0x0400
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* Already defined in ossl_typ.h */
|
||||||
|
/* typedef struct dh_st DH; */
|
||||||
|
/* typedef struct dh_method DH_METHOD; */
|
||||||
|
|
||||||
|
struct dh_method {
|
||||||
|
const char *name;
|
||||||
|
/* Methods here */
|
||||||
|
int (*generate_key) (DH *dh);
|
||||||
|
int (*compute_key) (unsigned char *key, const BIGNUM *pub_key, DH *dh);
|
||||||
|
/* Can be null */
|
||||||
|
int (*bn_mod_exp) (const DH *dh, BIGNUM *r, const BIGNUM *a,
|
||||||
|
const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
|
||||||
|
BN_MONT_CTX *m_ctx);
|
||||||
|
int (*init) (DH *dh);
|
||||||
|
int (*finish) (DH *dh);
|
||||||
|
int flags;
|
||||||
|
char *app_data;
|
||||||
|
/* If this is non-NULL, it will be used to generate parameters */
|
||||||
|
int (*generate_params) (DH *dh, int prime_len, int generator,
|
||||||
|
BN_GENCB *cb);
|
||||||
|
};
|
||||||
|
|
||||||
|
struct dh_st {
|
||||||
|
/*
|
||||||
|
* This first argument is used to pick up errors when a DH is passed
|
||||||
|
* instead of a EVP_PKEY
|
||||||
|
*/
|
||||||
|
int pad;
|
||||||
|
int version;
|
||||||
|
BIGNUM *p;
|
||||||
|
BIGNUM *g;
|
||||||
|
long length; /* optional */
|
||||||
|
BIGNUM *pub_key; /* g^x */
|
||||||
|
BIGNUM *priv_key; /* x */
|
||||||
|
int flags;
|
||||||
|
BN_MONT_CTX *method_mont_p;
|
||||||
|
/* Place holders if we want to do X9.42 DH */
|
||||||
|
BIGNUM *q;
|
||||||
|
BIGNUM *j;
|
||||||
|
unsigned char *seed;
|
||||||
|
int seedlen;
|
||||||
|
BIGNUM *counter;
|
||||||
|
int references;
|
||||||
|
CRYPTO_EX_DATA ex_data;
|
||||||
|
const DH_METHOD *meth;
|
||||||
|
ENGINE *engine;
|
||||||
|
};
|
||||||
|
|
||||||
|
# define DH_GENERATOR_2 2
|
||||||
|
/* #define DH_GENERATOR_3 3 */
|
||||||
|
# define DH_GENERATOR_5 5
|
||||||
|
|
||||||
|
/* DH_check error codes */
|
||||||
|
# define DH_CHECK_P_NOT_PRIME 0x01
|
||||||
|
# define DH_CHECK_P_NOT_SAFE_PRIME 0x02
|
||||||
|
# define DH_UNABLE_TO_CHECK_GENERATOR 0x04
|
||||||
|
# define DH_NOT_SUITABLE_GENERATOR 0x08
|
||||||
|
# define DH_CHECK_Q_NOT_PRIME 0x10
|
||||||
|
# define DH_CHECK_INVALID_Q_VALUE 0x20
|
||||||
|
# define DH_CHECK_INVALID_J_VALUE 0x40
|
||||||
|
|
||||||
|
/* DH_check_pub_key error codes */
|
||||||
|
# define DH_CHECK_PUBKEY_TOO_SMALL 0x01
|
||||||
|
# define DH_CHECK_PUBKEY_TOO_LARGE 0x02
|
||||||
|
|
||||||
|
/*
|
||||||
|
* primes p where (p-1)/2 is prime too are called "safe"; we define this for
|
||||||
|
* backward compatibility:
|
||||||
|
*/
|
||||||
|
# define DH_CHECK_P_NOT_STRONG_PRIME DH_CHECK_P_NOT_SAFE_PRIME
|
||||||
|
|
||||||
|
# define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
|
||||||
|
(char *(*)())d2i_DHparams,(fp),(unsigned char **)(x))
|
||||||
|
# define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \
|
||||||
|
(unsigned char *)(x))
|
||||||
|
# define d2i_DHparams_bio(bp,x) ASN1_d2i_bio_of(DH,DH_new,d2i_DHparams,bp,x)
|
||||||
|
# define i2d_DHparams_bio(bp,x) ASN1_i2d_bio_of_const(DH,i2d_DHparams,bp,x)
|
||||||
|
|
||||||
|
DH *DHparams_dup(DH *);
|
||||||
|
|
||||||
|
const DH_METHOD *DH_OpenSSL(void);
|
||||||
|
|
||||||
|
void DH_set_default_method(const DH_METHOD *meth);
|
||||||
|
const DH_METHOD *DH_get_default_method(void);
|
||||||
|
int DH_set_method(DH *dh, const DH_METHOD *meth);
|
||||||
|
DH *DH_new_method(ENGINE *engine);
|
||||||
|
|
||||||
|
DH *DH_new(void);
|
||||||
|
void DH_free(DH *dh);
|
||||||
|
int DH_up_ref(DH *dh);
|
||||||
|
int DH_size(const DH *dh);
|
||||||
|
int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
|
||||||
|
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
|
||||||
|
int DH_set_ex_data(DH *d, int idx, void *arg);
|
||||||
|
void *DH_get_ex_data(DH *d, int idx);
|
||||||
|
|
||||||
|
/* Deprecated version */
|
||||||
|
# ifndef OPENSSL_NO_DEPRECATED
|
||||||
|
DH *DH_generate_parameters(int prime_len, int generator,
|
||||||
|
void (*callback) (int, int, void *), void *cb_arg);
|
||||||
|
# endif /* !defined(OPENSSL_NO_DEPRECATED) */
|
||||||
|
|
||||||
|
/* New version */
|
||||||
|
int DH_generate_parameters_ex(DH *dh, int prime_len, int generator,
|
||||||
|
BN_GENCB *cb);
|
||||||
|
|
||||||
|
int DH_check(const DH *dh, int *codes);
|
||||||
|
int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *codes);
|
||||||
|
int DH_generate_key(DH *dh);
|
||||||
|
int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh);
|
||||||
|
int DH_compute_key_padded(unsigned char *key, const BIGNUM *pub_key, DH *dh);
|
||||||
|
DH *d2i_DHparams(DH **a, const unsigned char **pp, long length);
|
||||||
|
int i2d_DHparams(const DH *a, unsigned char **pp);
|
||||||
|
DH *d2i_DHxparams(DH **a, const unsigned char **pp, long length);
|
||||||
|
int i2d_DHxparams(const DH *a, unsigned char **pp);
|
||||||
|
# ifndef OPENSSL_NO_FP_API
|
||||||
|
int DHparams_print_fp(FILE *fp, const DH *x);
|
||||||
|
# endif
|
||||||
|
# ifndef OPENSSL_NO_BIO
|
||||||
|
int DHparams_print(BIO *bp, const DH *x);
|
||||||
|
# else
|
||||||
|
int DHparams_print(char *bp, const DH *x);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* RFC 5114 parameters */
|
||||||
|
DH *DH_get_1024_160(void);
|
||||||
|
DH *DH_get_2048_224(void);
|
||||||
|
DH *DH_get_2048_256(void);
|
||||||
|
|
||||||
|
/* RFC2631 KDF */
|
||||||
|
int DH_KDF_X9_42(unsigned char *out, size_t outlen,
|
||||||
|
const unsigned char *Z, size_t Zlen,
|
||||||
|
ASN1_OBJECT *key_oid,
|
||||||
|
const unsigned char *ukm, size_t ukmlen, const EVP_MD *md);
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
|
||||||
|
EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, len, NULL)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set_dh_paramgen_subprime_len(ctx, len) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
|
||||||
|
EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN, len, NULL)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set_dh_paramgen_type(ctx, typ) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
|
||||||
|
EVP_PKEY_CTRL_DH_PARAMGEN_TYPE, typ, NULL)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, gen) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
|
||||||
|
EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR, gen, NULL)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set_dh_rfc5114(ctx, gen) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN, \
|
||||||
|
EVP_PKEY_CTRL_DH_RFC5114, gen, NULL)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set_dhx_rfc5114(ctx, gen) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN, \
|
||||||
|
EVP_PKEY_CTRL_DH_RFC5114, gen, NULL)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set_dh_kdf_type(ctx, kdf) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
|
||||||
|
EVP_PKEY_OP_DERIVE, \
|
||||||
|
EVP_PKEY_CTRL_DH_KDF_TYPE, kdf, NULL)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_get_dh_kdf_type(ctx) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
|
||||||
|
EVP_PKEY_OP_DERIVE, \
|
||||||
|
EVP_PKEY_CTRL_DH_KDF_TYPE, -2, NULL)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set0_dh_kdf_oid(ctx, oid) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
|
||||||
|
EVP_PKEY_OP_DERIVE, \
|
||||||
|
EVP_PKEY_CTRL_DH_KDF_OID, 0, (void *)oid)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_get0_dh_kdf_oid(ctx, poid) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
|
||||||
|
EVP_PKEY_OP_DERIVE, \
|
||||||
|
EVP_PKEY_CTRL_GET_DH_KDF_OID, 0, (void *)poid)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set_dh_kdf_md(ctx, md) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
|
||||||
|
EVP_PKEY_OP_DERIVE, \
|
||||||
|
EVP_PKEY_CTRL_DH_KDF_MD, 0, (void *)md)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_get_dh_kdf_md(ctx, pmd) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
|
||||||
|
EVP_PKEY_OP_DERIVE, \
|
||||||
|
EVP_PKEY_CTRL_GET_DH_KDF_MD, 0, (void *)pmd)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set_dh_kdf_outlen(ctx, len) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
|
||||||
|
EVP_PKEY_OP_DERIVE, \
|
||||||
|
EVP_PKEY_CTRL_DH_KDF_OUTLEN, len, NULL)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_get_dh_kdf_outlen(ctx, plen) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
|
||||||
|
EVP_PKEY_OP_DERIVE, \
|
||||||
|
EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN, 0, (void *)plen)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set0_dh_kdf_ukm(ctx, p, plen) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
|
||||||
|
EVP_PKEY_OP_DERIVE, \
|
||||||
|
EVP_PKEY_CTRL_DH_KDF_UKM, plen, (void *)p)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_get0_dh_kdf_ukm(ctx, p) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
|
||||||
|
EVP_PKEY_OP_DERIVE, \
|
||||||
|
EVP_PKEY_CTRL_GET_DH_KDF_UKM, 0, (void *)p)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN (EVP_PKEY_ALG_CTRL + 1)
|
||||||
|
# define EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR (EVP_PKEY_ALG_CTRL + 2)
|
||||||
|
# define EVP_PKEY_CTRL_DH_RFC5114 (EVP_PKEY_ALG_CTRL + 3)
|
||||||
|
# define EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN (EVP_PKEY_ALG_CTRL + 4)
|
||||||
|
# define EVP_PKEY_CTRL_DH_PARAMGEN_TYPE (EVP_PKEY_ALG_CTRL + 5)
|
||||||
|
# define EVP_PKEY_CTRL_DH_KDF_TYPE (EVP_PKEY_ALG_CTRL + 6)
|
||||||
|
# define EVP_PKEY_CTRL_DH_KDF_MD (EVP_PKEY_ALG_CTRL + 7)
|
||||||
|
# define EVP_PKEY_CTRL_GET_DH_KDF_MD (EVP_PKEY_ALG_CTRL + 8)
|
||||||
|
# define EVP_PKEY_CTRL_DH_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 9)
|
||||||
|
# define EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 10)
|
||||||
|
# define EVP_PKEY_CTRL_DH_KDF_UKM (EVP_PKEY_ALG_CTRL + 11)
|
||||||
|
# define EVP_PKEY_CTRL_GET_DH_KDF_UKM (EVP_PKEY_ALG_CTRL + 12)
|
||||||
|
# define EVP_PKEY_CTRL_DH_KDF_OID (EVP_PKEY_ALG_CTRL + 13)
|
||||||
|
# define EVP_PKEY_CTRL_GET_DH_KDF_OID (EVP_PKEY_ALG_CTRL + 14)
|
||||||
|
|
||||||
|
/* KDF types */
|
||||||
|
# define EVP_PKEY_DH_KDF_NONE 1
|
||||||
|
# define EVP_PKEY_DH_KDF_X9_42 2
|
||||||
|
|
||||||
|
/* BEGIN ERROR CODES */
|
||||||
|
/*
|
||||||
|
* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||||
|
* made after this point may be overwritten when the script is next run.
|
||||||
|
*/
|
||||||
|
void ERR_load_DH_strings(void);
|
||||||
|
|
||||||
|
/* Error codes for the DH functions. */
|
||||||
|
|
||||||
|
/* Function codes. */
|
||||||
|
# define DH_F_COMPUTE_KEY 102
|
||||||
|
# define DH_F_DHPARAMS_PRINT_FP 101
|
||||||
|
# define DH_F_DH_BUILTIN_GENPARAMS 106
|
||||||
|
# define DH_F_DH_CMS_DECRYPT 117
|
||||||
|
# define DH_F_DH_CMS_SET_PEERKEY 118
|
||||||
|
# define DH_F_DH_CMS_SET_SHARED_INFO 119
|
||||||
|
# define DH_F_DH_COMPUTE_KEY 114
|
||||||
|
# define DH_F_DH_GENERATE_KEY 115
|
||||||
|
# define DH_F_DH_GENERATE_PARAMETERS_EX 116
|
||||||
|
# define DH_F_DH_NEW_METHOD 105
|
||||||
|
# define DH_F_DH_PARAM_DECODE 107
|
||||||
|
# define DH_F_DH_PRIV_DECODE 110
|
||||||
|
# define DH_F_DH_PRIV_ENCODE 111
|
||||||
|
# define DH_F_DH_PUB_DECODE 108
|
||||||
|
# define DH_F_DH_PUB_ENCODE 109
|
||||||
|
# define DH_F_DO_DH_PRINT 100
|
||||||
|
# define DH_F_GENERATE_KEY 103
|
||||||
|
# define DH_F_GENERATE_PARAMETERS 104
|
||||||
|
# define DH_F_PKEY_DH_DERIVE 112
|
||||||
|
# define DH_F_PKEY_DH_KEYGEN 113
|
||||||
|
|
||||||
|
/* Reason codes. */
|
||||||
|
# define DH_R_BAD_GENERATOR 101
|
||||||
|
# define DH_R_BN_DECODE_ERROR 109
|
||||||
|
# define DH_R_BN_ERROR 106
|
||||||
|
# define DH_R_DECODE_ERROR 104
|
||||||
|
# define DH_R_INVALID_PUBKEY 102
|
||||||
|
# define DH_R_KDF_PARAMETER_ERROR 112
|
||||||
|
# define DH_R_KEYS_NOT_SET 108
|
||||||
|
# define DH_R_KEY_SIZE_TOO_SMALL 110
|
||||||
|
# define DH_R_MODULUS_TOO_LARGE 103
|
||||||
|
# define DH_R_NON_FIPS_METHOD 111
|
||||||
|
# define DH_R_NO_PARAMETERS_SET 107
|
||||||
|
# define DH_R_NO_PRIVATE_VALUE 100
|
||||||
|
# define DH_R_PARAMETER_ENCODING_ERROR 105
|
||||||
|
# define DH_R_PEER_KEY_ERROR 113
|
||||||
|
# define DH_R_SHARED_INFO_ERROR 114
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
|
@ -0,0 +1,332 @@
|
||||||
|
/* crypto/dsa/dsa.h */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The DSS routines are based on patches supplied by
|
||||||
|
* Steven Schoch <schoch@sheba.arc.nasa.gov>. He basically did the
|
||||||
|
* work and I have just tweaked them a little to fit into my
|
||||||
|
* stylistic vision for SSLeay :-) */
|
||||||
|
|
||||||
|
#ifndef HEADER_DSA_H
|
||||||
|
# define HEADER_DSA_H
|
||||||
|
|
||||||
|
# include <openssl/e_os2.h>
|
||||||
|
|
||||||
|
# ifdef OPENSSL_NO_DSA
|
||||||
|
# error DSA is disabled.
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_BIO
|
||||||
|
# include <openssl/bio.h>
|
||||||
|
# endif
|
||||||
|
# include <openssl/crypto.h>
|
||||||
|
# include <openssl/ossl_typ.h>
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_DEPRECATED
|
||||||
|
# include <openssl/bn.h>
|
||||||
|
# ifndef OPENSSL_NO_DH
|
||||||
|
# include <openssl/dh.h>
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef OPENSSL_DSA_MAX_MODULUS_BITS
|
||||||
|
# define OPENSSL_DSA_MAX_MODULUS_BITS 10000
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# define DSA_FLAG_CACHE_MONT_P 0x01
|
||||||
|
/*
|
||||||
|
* new with 0.9.7h; the built-in DSA implementation now uses constant time
|
||||||
|
* modular exponentiation for secret exponents by default. This flag causes
|
||||||
|
* the faster variable sliding window method to be used for all exponents.
|
||||||
|
*/
|
||||||
|
# define DSA_FLAG_NO_EXP_CONSTTIME 0x02
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If this flag is set the DSA method is FIPS compliant and can be used in
|
||||||
|
* FIPS mode. This is set in the validated module method. If an application
|
||||||
|
* sets this flag in its own methods it is its reposibility to ensure the
|
||||||
|
* result is compliant.
|
||||||
|
*/
|
||||||
|
|
||||||
|
# define DSA_FLAG_FIPS_METHOD 0x0400
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If this flag is set the operations normally disabled in FIPS mode are
|
||||||
|
* permitted it is then the applications responsibility to ensure that the
|
||||||
|
* usage is compliant.
|
||||||
|
*/
|
||||||
|
|
||||||
|
# define DSA_FLAG_NON_FIPS_ALLOW 0x0400
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* Already defined in ossl_typ.h */
|
||||||
|
/* typedef struct dsa_st DSA; */
|
||||||
|
/* typedef struct dsa_method DSA_METHOD; */
|
||||||
|
|
||||||
|
typedef struct DSA_SIG_st {
|
||||||
|
BIGNUM *r;
|
||||||
|
BIGNUM *s;
|
||||||
|
} DSA_SIG;
|
||||||
|
|
||||||
|
struct dsa_method {
|
||||||
|
const char *name;
|
||||||
|
DSA_SIG *(*dsa_do_sign) (const unsigned char *dgst, int dlen, DSA *dsa);
|
||||||
|
int (*dsa_sign_setup) (DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
|
||||||
|
BIGNUM **rp);
|
||||||
|
int (*dsa_do_verify) (const unsigned char *dgst, int dgst_len,
|
||||||
|
DSA_SIG *sig, DSA *dsa);
|
||||||
|
int (*dsa_mod_exp) (DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
|
||||||
|
BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
|
||||||
|
BN_MONT_CTX *in_mont);
|
||||||
|
/* Can be null */
|
||||||
|
int (*bn_mod_exp) (DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
|
||||||
|
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
|
||||||
|
int (*init) (DSA *dsa);
|
||||||
|
int (*finish) (DSA *dsa);
|
||||||
|
int flags;
|
||||||
|
char *app_data;
|
||||||
|
/* If this is non-NULL, it is used to generate DSA parameters */
|
||||||
|
int (*dsa_paramgen) (DSA *dsa, int bits,
|
||||||
|
const unsigned char *seed, int seed_len,
|
||||||
|
int *counter_ret, unsigned long *h_ret,
|
||||||
|
BN_GENCB *cb);
|
||||||
|
/* If this is non-NULL, it is used to generate DSA keys */
|
||||||
|
int (*dsa_keygen) (DSA *dsa);
|
||||||
|
};
|
||||||
|
|
||||||
|
struct dsa_st {
|
||||||
|
/*
|
||||||
|
* This first variable is used to pick up errors where a DSA is passed
|
||||||
|
* instead of of a EVP_PKEY
|
||||||
|
*/
|
||||||
|
int pad;
|
||||||
|
long version;
|
||||||
|
int write_params;
|
||||||
|
BIGNUM *p;
|
||||||
|
BIGNUM *q; /* == 20 */
|
||||||
|
BIGNUM *g;
|
||||||
|
BIGNUM *pub_key; /* y public key */
|
||||||
|
BIGNUM *priv_key; /* x private key */
|
||||||
|
BIGNUM *kinv; /* Signing pre-calc */
|
||||||
|
BIGNUM *r; /* Signing pre-calc */
|
||||||
|
int flags;
|
||||||
|
/* Normally used to cache montgomery values */
|
||||||
|
BN_MONT_CTX *method_mont_p;
|
||||||
|
int references;
|
||||||
|
CRYPTO_EX_DATA ex_data;
|
||||||
|
const DSA_METHOD *meth;
|
||||||
|
/* functional reference if 'meth' is ENGINE-provided */
|
||||||
|
ENGINE *engine;
|
||||||
|
};
|
||||||
|
|
||||||
|
# define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \
|
||||||
|
(char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x))
|
||||||
|
# define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \
|
||||||
|
(unsigned char *)(x))
|
||||||
|
# define d2i_DSAparams_bio(bp,x) ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSAparams,bp,x)
|
||||||
|
# define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio_of_const(DSA,i2d_DSAparams,bp,x)
|
||||||
|
|
||||||
|
DSA *DSAparams_dup(DSA *x);
|
||||||
|
DSA_SIG *DSA_SIG_new(void);
|
||||||
|
void DSA_SIG_free(DSA_SIG *a);
|
||||||
|
int i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp);
|
||||||
|
DSA_SIG *d2i_DSA_SIG(DSA_SIG **v, const unsigned char **pp, long length);
|
||||||
|
|
||||||
|
DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
|
||||||
|
int DSA_do_verify(const unsigned char *dgst, int dgst_len,
|
||||||
|
DSA_SIG *sig, DSA *dsa);
|
||||||
|
|
||||||
|
const DSA_METHOD *DSA_OpenSSL(void);
|
||||||
|
|
||||||
|
void DSA_set_default_method(const DSA_METHOD *);
|
||||||
|
const DSA_METHOD *DSA_get_default_method(void);
|
||||||
|
int DSA_set_method(DSA *dsa, const DSA_METHOD *);
|
||||||
|
|
||||||
|
DSA *DSA_new(void);
|
||||||
|
DSA *DSA_new_method(ENGINE *engine);
|
||||||
|
void DSA_free(DSA *r);
|
||||||
|
/* "up" the DSA object's reference count */
|
||||||
|
int DSA_up_ref(DSA *r);
|
||||||
|
int DSA_size(const DSA *);
|
||||||
|
/* next 4 return -1 on error */
|
||||||
|
int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp);
|
||||||
|
int DSA_sign(int type, const unsigned char *dgst, int dlen,
|
||||||
|
unsigned char *sig, unsigned int *siglen, DSA *dsa);
|
||||||
|
int DSA_verify(int type, const unsigned char *dgst, int dgst_len,
|
||||||
|
const unsigned char *sigbuf, int siglen, DSA *dsa);
|
||||||
|
int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
|
||||||
|
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
|
||||||
|
int DSA_set_ex_data(DSA *d, int idx, void *arg);
|
||||||
|
void *DSA_get_ex_data(DSA *d, int idx);
|
||||||
|
|
||||||
|
DSA *d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length);
|
||||||
|
DSA *d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length);
|
||||||
|
DSA *d2i_DSAparams(DSA **a, const unsigned char **pp, long length);
|
||||||
|
|
||||||
|
/* Deprecated version */
|
||||||
|
# ifndef OPENSSL_NO_DEPRECATED
|
||||||
|
DSA *DSA_generate_parameters(int bits,
|
||||||
|
unsigned char *seed, int seed_len,
|
||||||
|
int *counter_ret, unsigned long *h_ret, void
|
||||||
|
(*callback) (int, int, void *), void *cb_arg);
|
||||||
|
# endif /* !defined(OPENSSL_NO_DEPRECATED) */
|
||||||
|
|
||||||
|
/* New version */
|
||||||
|
int DSA_generate_parameters_ex(DSA *dsa, int bits,
|
||||||
|
const unsigned char *seed, int seed_len,
|
||||||
|
int *counter_ret, unsigned long *h_ret,
|
||||||
|
BN_GENCB *cb);
|
||||||
|
|
||||||
|
int DSA_generate_key(DSA *a);
|
||||||
|
int i2d_DSAPublicKey(const DSA *a, unsigned char **pp);
|
||||||
|
int i2d_DSAPrivateKey(const DSA *a, unsigned char **pp);
|
||||||
|
int i2d_DSAparams(const DSA *a, unsigned char **pp);
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_BIO
|
||||||
|
int DSAparams_print(BIO *bp, const DSA *x);
|
||||||
|
int DSA_print(BIO *bp, const DSA *x, int off);
|
||||||
|
# endif
|
||||||
|
# ifndef OPENSSL_NO_FP_API
|
||||||
|
int DSAparams_print_fp(FILE *fp, const DSA *x);
|
||||||
|
int DSA_print_fp(FILE *bp, const DSA *x, int off);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# define DSS_prime_checks 50
|
||||||
|
/*
|
||||||
|
* Primality test according to FIPS PUB 186[-1], Appendix 2.1: 50 rounds of
|
||||||
|
* Rabin-Miller
|
||||||
|
*/
|
||||||
|
# define DSA_is_prime(n, callback, cb_arg) \
|
||||||
|
BN_is_prime(n, DSS_prime_checks, callback, NULL, cb_arg)
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_DH
|
||||||
|
/*
|
||||||
|
* Convert DSA structure (key or just parameters) into DH structure (be
|
||||||
|
* careful to avoid small subgroup attacks when using this!)
|
||||||
|
*/
|
||||||
|
DH *DSA_dup_DH(const DSA *r);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \
|
||||||
|
EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, nbits, NULL)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTRL_DSA_PARAMGEN_BITS (EVP_PKEY_ALG_CTRL + 1)
|
||||||
|
# define EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS (EVP_PKEY_ALG_CTRL + 2)
|
||||||
|
# define EVP_PKEY_CTRL_DSA_PARAMGEN_MD (EVP_PKEY_ALG_CTRL + 3)
|
||||||
|
|
||||||
|
/* BEGIN ERROR CODES */
|
||||||
|
/*
|
||||||
|
* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||||
|
* made after this point may be overwritten when the script is next run.
|
||||||
|
*/
|
||||||
|
void ERR_load_DSA_strings(void);
|
||||||
|
|
||||||
|
/* Error codes for the DSA functions. */
|
||||||
|
|
||||||
|
/* Function codes. */
|
||||||
|
# define DSA_F_D2I_DSA_SIG 110
|
||||||
|
# define DSA_F_DO_DSA_PRINT 104
|
||||||
|
# define DSA_F_DSAPARAMS_PRINT 100
|
||||||
|
# define DSA_F_DSAPARAMS_PRINT_FP 101
|
||||||
|
# define DSA_F_DSA_BUILTIN_PARAMGEN2 126
|
||||||
|
# define DSA_F_DSA_DO_SIGN 112
|
||||||
|
# define DSA_F_DSA_DO_VERIFY 113
|
||||||
|
# define DSA_F_DSA_GENERATE_KEY 124
|
||||||
|
# define DSA_F_DSA_GENERATE_PARAMETERS_EX 123
|
||||||
|
# define DSA_F_DSA_NEW_METHOD 103
|
||||||
|
# define DSA_F_DSA_PARAM_DECODE 119
|
||||||
|
# define DSA_F_DSA_PRINT_FP 105
|
||||||
|
# define DSA_F_DSA_PRIV_DECODE 115
|
||||||
|
# define DSA_F_DSA_PRIV_ENCODE 116
|
||||||
|
# define DSA_F_DSA_PUB_DECODE 117
|
||||||
|
# define DSA_F_DSA_PUB_ENCODE 118
|
||||||
|
# define DSA_F_DSA_SIGN 106
|
||||||
|
# define DSA_F_DSA_SIGN_SETUP 107
|
||||||
|
# define DSA_F_DSA_SIG_NEW 109
|
||||||
|
# define DSA_F_DSA_SIG_PRINT 125
|
||||||
|
# define DSA_F_DSA_VERIFY 108
|
||||||
|
# define DSA_F_I2D_DSA_SIG 111
|
||||||
|
# define DSA_F_OLD_DSA_PRIV_DECODE 122
|
||||||
|
# define DSA_F_PKEY_DSA_CTRL 120
|
||||||
|
# define DSA_F_PKEY_DSA_KEYGEN 121
|
||||||
|
# define DSA_F_SIG_CB 114
|
||||||
|
|
||||||
|
/* Reason codes. */
|
||||||
|
# define DSA_R_BAD_Q_VALUE 102
|
||||||
|
# define DSA_R_BN_DECODE_ERROR 108
|
||||||
|
# define DSA_R_BN_ERROR 109
|
||||||
|
# define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100
|
||||||
|
# define DSA_R_DECODE_ERROR 104
|
||||||
|
# define DSA_R_INVALID_DIGEST_TYPE 106
|
||||||
|
# define DSA_R_INVALID_PARAMETERS 112
|
||||||
|
# define DSA_R_MISSING_PARAMETERS 101
|
||||||
|
# define DSA_R_MODULUS_TOO_LARGE 103
|
||||||
|
# define DSA_R_NEED_NEW_SETUP_VALUES 110
|
||||||
|
# define DSA_R_NON_FIPS_DSA_METHOD 111
|
||||||
|
# define DSA_R_NO_PARAMETERS_SET 107
|
||||||
|
# define DSA_R_PARAMETER_ENCODING_ERROR 105
|
||||||
|
# define DSA_R_Q_NOT_PRIME 113
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
|
@ -0,0 +1,271 @@
|
||||||
|
/* ssl/dtls1.h */
|
||||||
|
/*
|
||||||
|
* DTLS implementation written by Nagendra Modadugu
|
||||||
|
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* openssl-core@OpenSSL.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_DTLS1_H
|
||||||
|
# define HEADER_DTLS1_H
|
||||||
|
|
||||||
|
# include <openssl/buffer.h>
|
||||||
|
# include <openssl/pqueue.h>
|
||||||
|
# ifdef OPENSSL_SYS_VMS
|
||||||
|
# include <resource.h>
|
||||||
|
# include <sys/timeb.h>
|
||||||
|
# endif
|
||||||
|
# ifdef OPENSSL_SYS_WIN32
|
||||||
|
/* Needed for struct timeval */
|
||||||
|
# include <winsock.h>
|
||||||
|
# elif defined(OPENSSL_SYS_NETWARE) && !defined(_WINSOCK2API_)
|
||||||
|
# include <sys/timeval.h>
|
||||||
|
# else
|
||||||
|
# if defined(OPENSSL_SYS_VXWORKS)
|
||||||
|
# include <sys/times.h>
|
||||||
|
# else
|
||||||
|
# include <sys/time.h>
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
# define DTLS1_VERSION 0xFEFF
|
||||||
|
# define DTLS1_2_VERSION 0xFEFD
|
||||||
|
# define DTLS_MAX_VERSION DTLS1_2_VERSION
|
||||||
|
|
||||||
|
# define DTLS1_BAD_VER 0x0100
|
||||||
|
|
||||||
|
/* Special value for method supporting multiple versions */
|
||||||
|
# define DTLS_ANY_VERSION 0x1FFFF
|
||||||
|
|
||||||
|
# if 0
|
||||||
|
/* this alert description is not specified anywhere... */
|
||||||
|
# define DTLS1_AD_MISSING_HANDSHAKE_MESSAGE 110
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* lengths of messages */
|
||||||
|
# define DTLS1_COOKIE_LENGTH 256
|
||||||
|
|
||||||
|
# define DTLS1_RT_HEADER_LENGTH 13
|
||||||
|
|
||||||
|
# define DTLS1_HM_HEADER_LENGTH 12
|
||||||
|
|
||||||
|
# define DTLS1_HM_BAD_FRAGMENT -2
|
||||||
|
# define DTLS1_HM_FRAGMENT_RETRY -3
|
||||||
|
|
||||||
|
# define DTLS1_CCS_HEADER_LENGTH 1
|
||||||
|
|
||||||
|
# ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
|
||||||
|
# define DTLS1_AL_HEADER_LENGTH 7
|
||||||
|
# else
|
||||||
|
# define DTLS1_AL_HEADER_LENGTH 2
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_SSL_INTERN
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_SCTP
|
||||||
|
# define DTLS1_SCTP_AUTH_LABEL "EXPORTER_DTLS_OVER_SCTP"
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* Max MTU overhead we know about so far is 40 for IPv6 + 8 for UDP */
|
||||||
|
# define DTLS1_MAX_MTU_OVERHEAD 48
|
||||||
|
|
||||||
|
typedef struct dtls1_bitmap_st {
|
||||||
|
unsigned long map; /* track 32 packets on 32-bit systems and 64
|
||||||
|
* - on 64-bit systems */
|
||||||
|
unsigned char max_seq_num[8]; /* max record number seen so far, 64-bit
|
||||||
|
* value in big-endian encoding */
|
||||||
|
} DTLS1_BITMAP;
|
||||||
|
|
||||||
|
struct dtls1_retransmit_state {
|
||||||
|
EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */
|
||||||
|
EVP_MD_CTX *write_hash; /* used for mac generation */
|
||||||
|
# ifndef OPENSSL_NO_COMP
|
||||||
|
COMP_CTX *compress; /* compression */
|
||||||
|
# else
|
||||||
|
char *compress;
|
||||||
|
# endif
|
||||||
|
SSL_SESSION *session;
|
||||||
|
unsigned short epoch;
|
||||||
|
};
|
||||||
|
|
||||||
|
struct hm_header_st {
|
||||||
|
unsigned char type;
|
||||||
|
unsigned long msg_len;
|
||||||
|
unsigned short seq;
|
||||||
|
unsigned long frag_off;
|
||||||
|
unsigned long frag_len;
|
||||||
|
unsigned int is_ccs;
|
||||||
|
struct dtls1_retransmit_state saved_retransmit_state;
|
||||||
|
};
|
||||||
|
|
||||||
|
struct ccs_header_st {
|
||||||
|
unsigned char type;
|
||||||
|
unsigned short seq;
|
||||||
|
};
|
||||||
|
|
||||||
|
struct dtls1_timeout_st {
|
||||||
|
/* Number of read timeouts so far */
|
||||||
|
unsigned int read_timeouts;
|
||||||
|
/* Number of write timeouts so far */
|
||||||
|
unsigned int write_timeouts;
|
||||||
|
/* Number of alerts received so far */
|
||||||
|
unsigned int num_alerts;
|
||||||
|
};
|
||||||
|
|
||||||
|
typedef struct record_pqueue_st {
|
||||||
|
unsigned short epoch;
|
||||||
|
pqueue q;
|
||||||
|
} record_pqueue;
|
||||||
|
|
||||||
|
typedef struct hm_fragment_st {
|
||||||
|
struct hm_header_st msg_header;
|
||||||
|
unsigned char *fragment;
|
||||||
|
unsigned char *reassembly;
|
||||||
|
} hm_fragment;
|
||||||
|
|
||||||
|
typedef struct dtls1_state_st {
|
||||||
|
unsigned int send_cookie;
|
||||||
|
unsigned char cookie[DTLS1_COOKIE_LENGTH];
|
||||||
|
unsigned char rcvd_cookie[DTLS1_COOKIE_LENGTH];
|
||||||
|
unsigned int cookie_len;
|
||||||
|
/*
|
||||||
|
* The current data and handshake epoch. This is initially
|
||||||
|
* undefined, and starts at zero once the initial handshake is
|
||||||
|
* completed
|
||||||
|
*/
|
||||||
|
unsigned short r_epoch;
|
||||||
|
unsigned short w_epoch;
|
||||||
|
/* records being received in the current epoch */
|
||||||
|
DTLS1_BITMAP bitmap;
|
||||||
|
/* renegotiation starts a new set of sequence numbers */
|
||||||
|
DTLS1_BITMAP next_bitmap;
|
||||||
|
/* handshake message numbers */
|
||||||
|
unsigned short handshake_write_seq;
|
||||||
|
unsigned short next_handshake_write_seq;
|
||||||
|
unsigned short handshake_read_seq;
|
||||||
|
/* save last sequence number for retransmissions */
|
||||||
|
unsigned char last_write_sequence[8];
|
||||||
|
/* Received handshake records (processed and unprocessed) */
|
||||||
|
record_pqueue unprocessed_rcds;
|
||||||
|
record_pqueue processed_rcds;
|
||||||
|
/* Buffered handshake messages */
|
||||||
|
pqueue buffered_messages;
|
||||||
|
/* Buffered (sent) handshake records */
|
||||||
|
pqueue sent_messages;
|
||||||
|
/*
|
||||||
|
* Buffered application records. Only for records between CCS and
|
||||||
|
* Finished to prevent either protocol violation or unnecessary message
|
||||||
|
* loss.
|
||||||
|
*/
|
||||||
|
record_pqueue buffered_app_data;
|
||||||
|
/* Is set when listening for new connections with dtls1_listen() */
|
||||||
|
unsigned int listen;
|
||||||
|
unsigned int link_mtu; /* max on-the-wire DTLS packet size */
|
||||||
|
unsigned int mtu; /* max DTLS packet size */
|
||||||
|
struct hm_header_st w_msg_hdr;
|
||||||
|
struct hm_header_st r_msg_hdr;
|
||||||
|
struct dtls1_timeout_st timeout;
|
||||||
|
/*
|
||||||
|
* Indicates when the last handshake msg or heartbeat sent will timeout
|
||||||
|
*/
|
||||||
|
struct timeval next_timeout;
|
||||||
|
/* Timeout duration */
|
||||||
|
unsigned short timeout_duration;
|
||||||
|
/*
|
||||||
|
* storage for Alert/Handshake protocol data received but not yet
|
||||||
|
* processed by ssl3_read_bytes:
|
||||||
|
*/
|
||||||
|
unsigned char alert_fragment[DTLS1_AL_HEADER_LENGTH];
|
||||||
|
unsigned int alert_fragment_len;
|
||||||
|
unsigned char handshake_fragment[DTLS1_HM_HEADER_LENGTH];
|
||||||
|
unsigned int handshake_fragment_len;
|
||||||
|
unsigned int retransmitting;
|
||||||
|
/*
|
||||||
|
* Set when the handshake is ready to process peer's ChangeCipherSpec message.
|
||||||
|
* Cleared after the message has been processed.
|
||||||
|
*/
|
||||||
|
unsigned int change_cipher_spec_ok;
|
||||||
|
# ifndef OPENSSL_NO_SCTP
|
||||||
|
/* used when SSL_ST_XX_FLUSH is entered */
|
||||||
|
int next_state;
|
||||||
|
int shutdown_received;
|
||||||
|
# endif
|
||||||
|
} DTLS1_STATE;
|
||||||
|
|
||||||
|
typedef struct dtls1_record_data_st {
|
||||||
|
unsigned char *packet;
|
||||||
|
unsigned int packet_length;
|
||||||
|
SSL3_BUFFER rbuf;
|
||||||
|
SSL3_RECORD rrec;
|
||||||
|
# ifndef OPENSSL_NO_SCTP
|
||||||
|
struct bio_dgram_sctp_rcvinfo recordinfo;
|
||||||
|
# endif
|
||||||
|
} DTLS1_RECORD_DATA;
|
||||||
|
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* Timeout multipliers (timeout slice is defined in apps/timeouts.h */
|
||||||
|
# define DTLS1_TMO_READ_COUNT 2
|
||||||
|
# define DTLS1_TMO_WRITE_COUNT 2
|
||||||
|
|
||||||
|
# define DTLS1_TMO_ALERT_COUNT 12
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
|
@ -0,0 +1,322 @@
|
||||||
|
/* e_os2.h */
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* openssl-core@openssl.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <openssl/opensslconf.h>
|
||||||
|
|
||||||
|
#ifndef HEADER_E_OS2_H
|
||||||
|
# define HEADER_E_OS2_H
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/******************************************************************************
|
||||||
|
* Detect operating systems. This probably needs completing.
|
||||||
|
* The result is that at least one OPENSSL_SYS_os macro should be defined.
|
||||||
|
* However, if none is defined, Unix is assumed.
|
||||||
|
**/
|
||||||
|
|
||||||
|
# define OPENSSL_SYS_UNIX
|
||||||
|
|
||||||
|
/* ---------------------- Macintosh, before MacOS X ----------------------- */
|
||||||
|
# if defined(__MWERKS__) && defined(macintosh) || defined(OPENSSL_SYSNAME_MAC)
|
||||||
|
# undef OPENSSL_SYS_UNIX
|
||||||
|
# define OPENSSL_SYS_MACINTOSH_CLASSIC
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* ---------------------- NetWare ----------------------------------------- */
|
||||||
|
# if defined(NETWARE) || defined(OPENSSL_SYSNAME_NETWARE)
|
||||||
|
# undef OPENSSL_SYS_UNIX
|
||||||
|
# define OPENSSL_SYS_NETWARE
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* --------------------- Microsoft operating systems ---------------------- */
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Note that MSDOS actually denotes 32-bit environments running on top of
|
||||||
|
* MS-DOS, such as DJGPP one.
|
||||||
|
*/
|
||||||
|
# if defined(OPENSSL_SYSNAME_MSDOS)
|
||||||
|
# undef OPENSSL_SYS_UNIX
|
||||||
|
# define OPENSSL_SYS_MSDOS
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* For 32 bit environment, there seems to be the CygWin environment and then
|
||||||
|
* all the others that try to do the same thing Microsoft does...
|
||||||
|
*/
|
||||||
|
# if defined(OPENSSL_SYSNAME_UWIN)
|
||||||
|
# undef OPENSSL_SYS_UNIX
|
||||||
|
# define OPENSSL_SYS_WIN32_UWIN
|
||||||
|
# else
|
||||||
|
# if defined(__CYGWIN__) || defined(OPENSSL_SYSNAME_CYGWIN)
|
||||||
|
# undef OPENSSL_SYS_UNIX
|
||||||
|
# define OPENSSL_SYS_WIN32_CYGWIN
|
||||||
|
# else
|
||||||
|
# if defined(_WIN32) || defined(OPENSSL_SYSNAME_WIN32)
|
||||||
|
# undef OPENSSL_SYS_UNIX
|
||||||
|
# define OPENSSL_SYS_WIN32
|
||||||
|
# endif
|
||||||
|
# if defined(OPENSSL_SYSNAME_WINNT)
|
||||||
|
# undef OPENSSL_SYS_UNIX
|
||||||
|
# define OPENSSL_SYS_WINNT
|
||||||
|
# endif
|
||||||
|
# if defined(OPENSSL_SYSNAME_WINCE)
|
||||||
|
# undef OPENSSL_SYS_UNIX
|
||||||
|
# define OPENSSL_SYS_WINCE
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* Anything that tries to look like Microsoft is "Windows" */
|
||||||
|
# if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WINNT) || defined(OPENSSL_SYS_WINCE)
|
||||||
|
# undef OPENSSL_SYS_UNIX
|
||||||
|
# define OPENSSL_SYS_WINDOWS
|
||||||
|
# ifndef OPENSSL_SYS_MSDOS
|
||||||
|
# define OPENSSL_SYS_MSDOS
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* DLL settings. This part is a bit tough, because it's up to the
|
||||||
|
* application implementor how he or she will link the application, so it
|
||||||
|
* requires some macro to be used.
|
||||||
|
*/
|
||||||
|
# ifdef OPENSSL_SYS_WINDOWS
|
||||||
|
# ifndef OPENSSL_OPT_WINDLL
|
||||||
|
# if defined(_WINDLL) /* This is used when building OpenSSL to
|
||||||
|
* indicate that DLL linkage should be used */
|
||||||
|
# define OPENSSL_OPT_WINDLL
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* ------------------------------- OpenVMS -------------------------------- */
|
||||||
|
# if defined(__VMS) || defined(VMS) || defined(OPENSSL_SYSNAME_VMS)
|
||||||
|
# undef OPENSSL_SYS_UNIX
|
||||||
|
# define OPENSSL_SYS_VMS
|
||||||
|
# if defined(__DECC)
|
||||||
|
# define OPENSSL_SYS_VMS_DECC
|
||||||
|
# elif defined(__DECCXX)
|
||||||
|
# define OPENSSL_SYS_VMS_DECC
|
||||||
|
# define OPENSSL_SYS_VMS_DECCXX
|
||||||
|
# else
|
||||||
|
# define OPENSSL_SYS_VMS_NODECC
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* -------------------------------- OS/2 ---------------------------------- */
|
||||||
|
# if defined(__EMX__) || defined(__OS2__)
|
||||||
|
# undef OPENSSL_SYS_UNIX
|
||||||
|
# define OPENSSL_SYS_OS2
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* -------------------------------- Unix ---------------------------------- */
|
||||||
|
# ifdef OPENSSL_SYS_UNIX
|
||||||
|
# if defined(linux) || defined(__linux__) || defined(OPENSSL_SYSNAME_LINUX)
|
||||||
|
# define OPENSSL_SYS_LINUX
|
||||||
|
# endif
|
||||||
|
# ifdef OPENSSL_SYSNAME_MPE
|
||||||
|
# define OPENSSL_SYS_MPE
|
||||||
|
# endif
|
||||||
|
# ifdef OPENSSL_SYSNAME_SNI
|
||||||
|
# define OPENSSL_SYS_SNI
|
||||||
|
# endif
|
||||||
|
# ifdef OPENSSL_SYSNAME_ULTRASPARC
|
||||||
|
# define OPENSSL_SYS_ULTRASPARC
|
||||||
|
# endif
|
||||||
|
# ifdef OPENSSL_SYSNAME_NEWS4
|
||||||
|
# define OPENSSL_SYS_NEWS4
|
||||||
|
# endif
|
||||||
|
# ifdef OPENSSL_SYSNAME_MACOSX
|
||||||
|
# define OPENSSL_SYS_MACOSX
|
||||||
|
# endif
|
||||||
|
# ifdef OPENSSL_SYSNAME_MACOSX_RHAPSODY
|
||||||
|
# define OPENSSL_SYS_MACOSX_RHAPSODY
|
||||||
|
# define OPENSSL_SYS_MACOSX
|
||||||
|
# endif
|
||||||
|
# ifdef OPENSSL_SYSNAME_SUNOS
|
||||||
|
# define OPENSSL_SYS_SUNOS
|
||||||
|
# endif
|
||||||
|
# if defined(_CRAY) || defined(OPENSSL_SYSNAME_CRAY)
|
||||||
|
# define OPENSSL_SYS_CRAY
|
||||||
|
# endif
|
||||||
|
# if defined(_AIX) || defined(OPENSSL_SYSNAME_AIX)
|
||||||
|
# define OPENSSL_SYS_AIX
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* -------------------------------- VOS ----------------------------------- */
|
||||||
|
# if defined(__VOS__) || defined(OPENSSL_SYSNAME_VOS)
|
||||||
|
# define OPENSSL_SYS_VOS
|
||||||
|
# ifdef __HPPA__
|
||||||
|
# define OPENSSL_SYS_VOS_HPPA
|
||||||
|
# endif
|
||||||
|
# ifdef __IA32__
|
||||||
|
# define OPENSSL_SYS_VOS_IA32
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* ------------------------------ VxWorks --------------------------------- */
|
||||||
|
# ifdef OPENSSL_SYSNAME_VXWORKS
|
||||||
|
# define OPENSSL_SYS_VXWORKS
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* -------------------------------- BeOS ---------------------------------- */
|
||||||
|
# if defined(__BEOS__)
|
||||||
|
# define OPENSSL_SYS_BEOS
|
||||||
|
# include <sys/socket.h>
|
||||||
|
# if defined(BONE_VERSION)
|
||||||
|
# define OPENSSL_SYS_BEOS_BONE
|
||||||
|
# else
|
||||||
|
# define OPENSSL_SYS_BEOS_R5
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/**
|
||||||
|
* That's it for OS-specific stuff
|
||||||
|
*****************************************************************************/
|
||||||
|
|
||||||
|
/* Specials for I/O an exit */
|
||||||
|
# ifdef OPENSSL_SYS_MSDOS
|
||||||
|
# define OPENSSL_UNISTD_IO <io.h>
|
||||||
|
# define OPENSSL_DECLARE_EXIT extern void exit(int);
|
||||||
|
# else
|
||||||
|
# define OPENSSL_UNISTD_IO OPENSSL_UNISTD
|
||||||
|
# define OPENSSL_DECLARE_EXIT /* declared in unistd.h */
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/*-
|
||||||
|
* Definitions of OPENSSL_GLOBAL and OPENSSL_EXTERN, to define and declare
|
||||||
|
* certain global symbols that, with some compilers under VMS, have to be
|
||||||
|
* defined and declared explicitely with globaldef and globalref.
|
||||||
|
* Definitions of OPENSSL_EXPORT and OPENSSL_IMPORT, to define and declare
|
||||||
|
* DLL exports and imports for compilers under Win32. These are a little
|
||||||
|
* more complicated to use. Basically, for any library that exports some
|
||||||
|
* global variables, the following code must be present in the header file
|
||||||
|
* that declares them, before OPENSSL_EXTERN is used:
|
||||||
|
*
|
||||||
|
* #ifdef SOME_BUILD_FLAG_MACRO
|
||||||
|
* # undef OPENSSL_EXTERN
|
||||||
|
* # define OPENSSL_EXTERN OPENSSL_EXPORT
|
||||||
|
* #endif
|
||||||
|
*
|
||||||
|
* The default is to have OPENSSL_EXPORT, OPENSSL_IMPORT and OPENSSL_GLOBAL
|
||||||
|
* have some generally sensible values, and for OPENSSL_EXTERN to have the
|
||||||
|
* value OPENSSL_IMPORT.
|
||||||
|
*/
|
||||||
|
|
||||||
|
# if defined(OPENSSL_SYS_VMS_NODECC)
|
||||||
|
# define OPENSSL_EXPORT globalref
|
||||||
|
# define OPENSSL_IMPORT globalref
|
||||||
|
# define OPENSSL_GLOBAL globaldef
|
||||||
|
# elif defined(OPENSSL_SYS_WINDOWS) && defined(OPENSSL_OPT_WINDLL)
|
||||||
|
# define OPENSSL_EXPORT extern __declspec(dllexport)
|
||||||
|
# define OPENSSL_IMPORT extern __declspec(dllimport)
|
||||||
|
# define OPENSSL_GLOBAL
|
||||||
|
# else
|
||||||
|
# define OPENSSL_EXPORT extern
|
||||||
|
# define OPENSSL_IMPORT extern
|
||||||
|
# define OPENSSL_GLOBAL
|
||||||
|
# endif
|
||||||
|
# define OPENSSL_EXTERN OPENSSL_IMPORT
|
||||||
|
|
||||||
|
/*-
|
||||||
|
* Macros to allow global variables to be reached through function calls when
|
||||||
|
* required (if a shared library version requires it, for example.
|
||||||
|
* The way it's done allows definitions like this:
|
||||||
|
*
|
||||||
|
* // in foobar.c
|
||||||
|
* OPENSSL_IMPLEMENT_GLOBAL(int,foobar,0)
|
||||||
|
* // in foobar.h
|
||||||
|
* OPENSSL_DECLARE_GLOBAL(int,foobar);
|
||||||
|
* #define foobar OPENSSL_GLOBAL_REF(foobar)
|
||||||
|
*/
|
||||||
|
# ifdef OPENSSL_EXPORT_VAR_AS_FUNCTION
|
||||||
|
# define OPENSSL_IMPLEMENT_GLOBAL(type,name,value) \
|
||||||
|
type *_shadow_##name(void) \
|
||||||
|
{ static type _hide_##name=value; return &_hide_##name; }
|
||||||
|
# define OPENSSL_DECLARE_GLOBAL(type,name) type *_shadow_##name(void)
|
||||||
|
# define OPENSSL_GLOBAL_REF(name) (*(_shadow_##name()))
|
||||||
|
# else
|
||||||
|
# define OPENSSL_IMPLEMENT_GLOBAL(type,name,value) OPENSSL_GLOBAL type _shadow_##name=value;
|
||||||
|
# define OPENSSL_DECLARE_GLOBAL(type,name) OPENSSL_EXPORT type _shadow_##name
|
||||||
|
# define OPENSSL_GLOBAL_REF(name) _shadow_##name
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) && macintosh==1 && !defined(MAC_OS_GUSI_SOURCE)
|
||||||
|
# define ossl_ssize_t long
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifdef OPENSSL_SYS_MSDOS
|
||||||
|
# define ossl_ssize_t long
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# if defined(NeXT) || defined(OPENSSL_SYS_NEWS4) || defined(OPENSSL_SYS_SUNOS)
|
||||||
|
# define ssize_t int
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# if defined(__ultrix) && !defined(ssize_t)
|
||||||
|
# define ossl_ssize_t int
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef ossl_ssize_t
|
||||||
|
# define ossl_ssize_t ssize_t
|
||||||
|
# endif
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,134 @@
|
||||||
|
/* crypto/ecdh/ecdh.h */
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
|
||||||
|
*
|
||||||
|
* The Elliptic Curve Public-Key Crypto Library (ECC Code) included
|
||||||
|
* herein is developed by SUN MICROSYSTEMS, INC., and is contributed
|
||||||
|
* to the OpenSSL project.
|
||||||
|
*
|
||||||
|
* The ECC Code is licensed pursuant to the OpenSSL open source
|
||||||
|
* license provided below.
|
||||||
|
*
|
||||||
|
* The ECDH software is originally written by Douglas Stebila of
|
||||||
|
* Sun Microsystems Laboratories.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 2000-2002 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* licensing@OpenSSL.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
#ifndef HEADER_ECDH_H
|
||||||
|
# define HEADER_ECDH_H
|
||||||
|
|
||||||
|
# include <openssl/opensslconf.h>
|
||||||
|
|
||||||
|
# ifdef OPENSSL_NO_ECDH
|
||||||
|
# error ECDH is disabled.
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# include <openssl/ec.h>
|
||||||
|
# include <openssl/ossl_typ.h>
|
||||||
|
# ifndef OPENSSL_NO_DEPRECATED
|
||||||
|
# include <openssl/bn.h>
|
||||||
|
# endif
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
# define EC_FLAG_COFACTOR_ECDH 0x1000
|
||||||
|
|
||||||
|
const ECDH_METHOD *ECDH_OpenSSL(void);
|
||||||
|
|
||||||
|
void ECDH_set_default_method(const ECDH_METHOD *);
|
||||||
|
const ECDH_METHOD *ECDH_get_default_method(void);
|
||||||
|
int ECDH_set_method(EC_KEY *, const ECDH_METHOD *);
|
||||||
|
|
||||||
|
int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
|
||||||
|
EC_KEY *ecdh, void *(*KDF) (const void *in, size_t inlen,
|
||||||
|
void *out, size_t *outlen));
|
||||||
|
|
||||||
|
int ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new
|
||||||
|
*new_func, CRYPTO_EX_dup *dup_func,
|
||||||
|
CRYPTO_EX_free *free_func);
|
||||||
|
int ECDH_set_ex_data(EC_KEY *d, int idx, void *arg);
|
||||||
|
void *ECDH_get_ex_data(EC_KEY *d, int idx);
|
||||||
|
|
||||||
|
int ECDH_KDF_X9_62(unsigned char *out, size_t outlen,
|
||||||
|
const unsigned char *Z, size_t Zlen,
|
||||||
|
const unsigned char *sinfo, size_t sinfolen,
|
||||||
|
const EVP_MD *md);
|
||||||
|
|
||||||
|
/* BEGIN ERROR CODES */
|
||||||
|
/*
|
||||||
|
* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||||
|
* made after this point may be overwritten when the script is next run.
|
||||||
|
*/
|
||||||
|
void ERR_load_ECDH_strings(void);
|
||||||
|
|
||||||
|
/* Error codes for the ECDH functions. */
|
||||||
|
|
||||||
|
/* Function codes. */
|
||||||
|
# define ECDH_F_ECDH_CHECK 102
|
||||||
|
# define ECDH_F_ECDH_COMPUTE_KEY 100
|
||||||
|
# define ECDH_F_ECDH_DATA_NEW_METHOD 101
|
||||||
|
|
||||||
|
/* Reason codes. */
|
||||||
|
# define ECDH_R_KDF_FAILED 102
|
||||||
|
# define ECDH_R_NON_FIPS_METHOD 103
|
||||||
|
# define ECDH_R_NO_PRIVATE_VALUE 100
|
||||||
|
# define ECDH_R_POINT_ARITHMETIC_FAILURE 101
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
|
@ -0,0 +1,335 @@
|
||||||
|
/* crypto/ecdsa/ecdsa.h */
|
||||||
|
/**
|
||||||
|
* \file crypto/ecdsa/ecdsa.h Include file for the OpenSSL ECDSA functions
|
||||||
|
* \author Written by Nils Larsch for the OpenSSL project
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* licensing@OpenSSL.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
#ifndef HEADER_ECDSA_H
|
||||||
|
# define HEADER_ECDSA_H
|
||||||
|
|
||||||
|
# include <openssl/opensslconf.h>
|
||||||
|
|
||||||
|
# ifdef OPENSSL_NO_ECDSA
|
||||||
|
# error ECDSA is disabled.
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# include <openssl/ec.h>
|
||||||
|
# include <openssl/ossl_typ.h>
|
||||||
|
# ifndef OPENSSL_NO_DEPRECATED
|
||||||
|
# include <openssl/bn.h>
|
||||||
|
# endif
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
typedef struct ECDSA_SIG_st {
|
||||||
|
BIGNUM *r;
|
||||||
|
BIGNUM *s;
|
||||||
|
} ECDSA_SIG;
|
||||||
|
|
||||||
|
/** Allocates and initialize a ECDSA_SIG structure
|
||||||
|
* \return pointer to a ECDSA_SIG structure or NULL if an error occurred
|
||||||
|
*/
|
||||||
|
ECDSA_SIG *ECDSA_SIG_new(void);
|
||||||
|
|
||||||
|
/** frees a ECDSA_SIG structure
|
||||||
|
* \param sig pointer to the ECDSA_SIG structure
|
||||||
|
*/
|
||||||
|
void ECDSA_SIG_free(ECDSA_SIG *sig);
|
||||||
|
|
||||||
|
/** DER encode content of ECDSA_SIG object (note: this function modifies *pp
|
||||||
|
* (*pp += length of the DER encoded signature)).
|
||||||
|
* \param sig pointer to the ECDSA_SIG object
|
||||||
|
* \param pp pointer to a unsigned char pointer for the output or NULL
|
||||||
|
* \return the length of the DER encoded ECDSA_SIG object or 0
|
||||||
|
*/
|
||||||
|
int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
|
||||||
|
|
||||||
|
/** Decodes a DER encoded ECDSA signature (note: this function changes *pp
|
||||||
|
* (*pp += len)).
|
||||||
|
* \param sig pointer to ECDSA_SIG pointer (may be NULL)
|
||||||
|
* \param pp memory buffer with the DER encoded signature
|
||||||
|
* \param len length of the buffer
|
||||||
|
* \return pointer to the decoded ECDSA_SIG structure (or NULL)
|
||||||
|
*/
|
||||||
|
ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
|
||||||
|
|
||||||
|
/** Computes the ECDSA signature of the given hash value using
|
||||||
|
* the supplied private key and returns the created signature.
|
||||||
|
* \param dgst pointer to the hash value
|
||||||
|
* \param dgst_len length of the hash value
|
||||||
|
* \param eckey EC_KEY object containing a private EC key
|
||||||
|
* \return pointer to a ECDSA_SIG structure or NULL if an error occurred
|
||||||
|
*/
|
||||||
|
ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len,
|
||||||
|
EC_KEY *eckey);
|
||||||
|
|
||||||
|
/** Computes ECDSA signature of a given hash value using the supplied
|
||||||
|
* private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
|
||||||
|
* \param dgst pointer to the hash value to sign
|
||||||
|
* \param dgstlen length of the hash value
|
||||||
|
* \param kinv BIGNUM with a pre-computed inverse k (optional)
|
||||||
|
* \param rp BIGNUM with a pre-computed rp value (optioanl),
|
||||||
|
* see ECDSA_sign_setup
|
||||||
|
* \param eckey EC_KEY object containing a private EC key
|
||||||
|
* \return pointer to a ECDSA_SIG structure or NULL if an error occurred
|
||||||
|
*/
|
||||||
|
ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
|
||||||
|
const BIGNUM *kinv, const BIGNUM *rp,
|
||||||
|
EC_KEY *eckey);
|
||||||
|
|
||||||
|
/** Verifies that the supplied signature is a valid ECDSA
|
||||||
|
* signature of the supplied hash value using the supplied public key.
|
||||||
|
* \param dgst pointer to the hash value
|
||||||
|
* \param dgst_len length of the hash value
|
||||||
|
* \param sig ECDSA_SIG structure
|
||||||
|
* \param eckey EC_KEY object containing a public EC key
|
||||||
|
* \return 1 if the signature is valid, 0 if the signature is invalid
|
||||||
|
* and -1 on error
|
||||||
|
*/
|
||||||
|
int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
|
||||||
|
const ECDSA_SIG *sig, EC_KEY *eckey);
|
||||||
|
|
||||||
|
const ECDSA_METHOD *ECDSA_OpenSSL(void);
|
||||||
|
|
||||||
|
/** Sets the default ECDSA method
|
||||||
|
* \param meth new default ECDSA_METHOD
|
||||||
|
*/
|
||||||
|
void ECDSA_set_default_method(const ECDSA_METHOD *meth);
|
||||||
|
|
||||||
|
/** Returns the default ECDSA method
|
||||||
|
* \return pointer to ECDSA_METHOD structure containing the default method
|
||||||
|
*/
|
||||||
|
const ECDSA_METHOD *ECDSA_get_default_method(void);
|
||||||
|
|
||||||
|
/** Sets method to be used for the ECDSA operations
|
||||||
|
* \param eckey EC_KEY object
|
||||||
|
* \param meth new method
|
||||||
|
* \return 1 on success and 0 otherwise
|
||||||
|
*/
|
||||||
|
int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth);
|
||||||
|
|
||||||
|
/** Returns the maximum length of the DER encoded signature
|
||||||
|
* \param eckey EC_KEY object
|
||||||
|
* \return numbers of bytes required for the DER encoded signature
|
||||||
|
*/
|
||||||
|
int ECDSA_size(const EC_KEY *eckey);
|
||||||
|
|
||||||
|
/** Precompute parts of the signing operation
|
||||||
|
* \param eckey EC_KEY object containing a private EC key
|
||||||
|
* \param ctx BN_CTX object (optional)
|
||||||
|
* \param kinv BIGNUM pointer for the inverse of k
|
||||||
|
* \param rp BIGNUM pointer for x coordinate of k * generator
|
||||||
|
* \return 1 on success and 0 otherwise
|
||||||
|
*/
|
||||||
|
int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **rp);
|
||||||
|
|
||||||
|
/** Computes ECDSA signature of a given hash value using the supplied
|
||||||
|
* private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
|
||||||
|
* \param type this parameter is ignored
|
||||||
|
* \param dgst pointer to the hash value to sign
|
||||||
|
* \param dgstlen length of the hash value
|
||||||
|
* \param sig memory for the DER encoded created signature
|
||||||
|
* \param siglen pointer to the length of the returned signature
|
||||||
|
* \param eckey EC_KEY object containing a private EC key
|
||||||
|
* \return 1 on success and 0 otherwise
|
||||||
|
*/
|
||||||
|
int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
|
||||||
|
unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
|
||||||
|
|
||||||
|
/** Computes ECDSA signature of a given hash value using the supplied
|
||||||
|
* private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
|
||||||
|
* \param type this parameter is ignored
|
||||||
|
* \param dgst pointer to the hash value to sign
|
||||||
|
* \param dgstlen length of the hash value
|
||||||
|
* \param sig buffer to hold the DER encoded signature
|
||||||
|
* \param siglen pointer to the length of the returned signature
|
||||||
|
* \param kinv BIGNUM with a pre-computed inverse k (optional)
|
||||||
|
* \param rp BIGNUM with a pre-computed rp value (optioanl),
|
||||||
|
* see ECDSA_sign_setup
|
||||||
|
* \param eckey EC_KEY object containing a private EC key
|
||||||
|
* \return 1 on success and 0 otherwise
|
||||||
|
*/
|
||||||
|
int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen,
|
||||||
|
unsigned char *sig, unsigned int *siglen,
|
||||||
|
const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);
|
||||||
|
|
||||||
|
/** Verifies that the given signature is valid ECDSA signature
|
||||||
|
* of the supplied hash value using the specified public key.
|
||||||
|
* \param type this parameter is ignored
|
||||||
|
* \param dgst pointer to the hash value
|
||||||
|
* \param dgstlen length of the hash value
|
||||||
|
* \param sig pointer to the DER encoded signature
|
||||||
|
* \param siglen length of the DER encoded signature
|
||||||
|
* \param eckey EC_KEY object containing a public EC key
|
||||||
|
* \return 1 if the signature is valid, 0 if the signature is invalid
|
||||||
|
* and -1 on error
|
||||||
|
*/
|
||||||
|
int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
|
||||||
|
const unsigned char *sig, int siglen, EC_KEY *eckey);
|
||||||
|
|
||||||
|
/* the standard ex_data functions */
|
||||||
|
int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new
|
||||||
|
*new_func, CRYPTO_EX_dup *dup_func,
|
||||||
|
CRYPTO_EX_free *free_func);
|
||||||
|
int ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg);
|
||||||
|
void *ECDSA_get_ex_data(EC_KEY *d, int idx);
|
||||||
|
|
||||||
|
/** Allocates and initialize a ECDSA_METHOD structure
|
||||||
|
* \param ecdsa_method pointer to ECDSA_METHOD to copy. (May be NULL)
|
||||||
|
* \return pointer to a ECDSA_METHOD structure or NULL if an error occurred
|
||||||
|
*/
|
||||||
|
|
||||||
|
ECDSA_METHOD *ECDSA_METHOD_new(ECDSA_METHOD *ecdsa_method);
|
||||||
|
|
||||||
|
/** frees a ECDSA_METHOD structure
|
||||||
|
* \param ecdsa_method pointer to the ECDSA_METHOD structure
|
||||||
|
*/
|
||||||
|
void ECDSA_METHOD_free(ECDSA_METHOD *ecdsa_method);
|
||||||
|
|
||||||
|
/** Sets application specific data in the ECDSA_METHOD
|
||||||
|
* \param ecdsa_method pointer to existing ECDSA_METHOD
|
||||||
|
* \param app application specific data to set
|
||||||
|
*/
|
||||||
|
|
||||||
|
void ECDSA_METHOD_set_app_data(ECDSA_METHOD *ecdsa_method, void *app);
|
||||||
|
|
||||||
|
/** Returns application specific data from a ECDSA_METHOD structure
|
||||||
|
* \param ecdsa_method pointer to ECDSA_METHOD structure
|
||||||
|
* \return pointer to application specific data.
|
||||||
|
*/
|
||||||
|
|
||||||
|
void *ECDSA_METHOD_get_app_data(ECDSA_METHOD *ecdsa_method);
|
||||||
|
|
||||||
|
/** Set the ECDSA_do_sign function in the ECDSA_METHOD
|
||||||
|
* \param ecdsa_method pointer to existing ECDSA_METHOD
|
||||||
|
* \param ecdsa_do_sign a funtion of type ECDSA_do_sign
|
||||||
|
*/
|
||||||
|
|
||||||
|
void ECDSA_METHOD_set_sign(ECDSA_METHOD *ecdsa_method,
|
||||||
|
ECDSA_SIG *(*ecdsa_do_sign) (const unsigned char
|
||||||
|
*dgst, int dgst_len,
|
||||||
|
const BIGNUM *inv,
|
||||||
|
const BIGNUM *rp,
|
||||||
|
EC_KEY *eckey));
|
||||||
|
|
||||||
|
/** Set the ECDSA_sign_setup function in the ECDSA_METHOD
|
||||||
|
* \param ecdsa_method pointer to existing ECDSA_METHOD
|
||||||
|
* \param ecdsa_sign_setup a funtion of type ECDSA_sign_setup
|
||||||
|
*/
|
||||||
|
|
||||||
|
void ECDSA_METHOD_set_sign_setup(ECDSA_METHOD *ecdsa_method,
|
||||||
|
int (*ecdsa_sign_setup) (EC_KEY *eckey,
|
||||||
|
BN_CTX *ctx,
|
||||||
|
BIGNUM **kinv,
|
||||||
|
BIGNUM **r));
|
||||||
|
|
||||||
|
/** Set the ECDSA_do_verify function in the ECDSA_METHOD
|
||||||
|
* \param ecdsa_method pointer to existing ECDSA_METHOD
|
||||||
|
* \param ecdsa_do_verify a funtion of type ECDSA_do_verify
|
||||||
|
*/
|
||||||
|
|
||||||
|
void ECDSA_METHOD_set_verify(ECDSA_METHOD *ecdsa_method,
|
||||||
|
int (*ecdsa_do_verify) (const unsigned char
|
||||||
|
*dgst, int dgst_len,
|
||||||
|
const ECDSA_SIG *sig,
|
||||||
|
EC_KEY *eckey));
|
||||||
|
|
||||||
|
void ECDSA_METHOD_set_flags(ECDSA_METHOD *ecdsa_method, int flags);
|
||||||
|
|
||||||
|
/** Set the flags field in the ECDSA_METHOD
|
||||||
|
* \param ecdsa_method pointer to existing ECDSA_METHOD
|
||||||
|
* \param flags flags value to set
|
||||||
|
*/
|
||||||
|
|
||||||
|
void ECDSA_METHOD_set_name(ECDSA_METHOD *ecdsa_method, char *name);
|
||||||
|
|
||||||
|
/** Set the name field in the ECDSA_METHOD
|
||||||
|
* \param ecdsa_method pointer to existing ECDSA_METHOD
|
||||||
|
* \param name name to set
|
||||||
|
*/
|
||||||
|
|
||||||
|
/* BEGIN ERROR CODES */
|
||||||
|
/*
|
||||||
|
* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||||
|
* made after this point may be overwritten when the script is next run.
|
||||||
|
*/
|
||||||
|
void ERR_load_ECDSA_strings(void);
|
||||||
|
|
||||||
|
/* Error codes for the ECDSA functions. */
|
||||||
|
|
||||||
|
/* Function codes. */
|
||||||
|
# define ECDSA_F_ECDSA_CHECK 104
|
||||||
|
# define ECDSA_F_ECDSA_DATA_NEW_METHOD 100
|
||||||
|
# define ECDSA_F_ECDSA_DO_SIGN 101
|
||||||
|
# define ECDSA_F_ECDSA_DO_VERIFY 102
|
||||||
|
# define ECDSA_F_ECDSA_METHOD_NEW 105
|
||||||
|
# define ECDSA_F_ECDSA_SIGN_SETUP 103
|
||||||
|
|
||||||
|
/* Reason codes. */
|
||||||
|
# define ECDSA_R_BAD_SIGNATURE 100
|
||||||
|
# define ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 101
|
||||||
|
# define ECDSA_R_ERR_EC_LIB 102
|
||||||
|
# define ECDSA_R_MISSING_PARAMETERS 103
|
||||||
|
# define ECDSA_R_NEED_NEW_SETUP_VALUES 106
|
||||||
|
# define ECDSA_R_NON_FIPS_METHOD 107
|
||||||
|
# define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED 104
|
||||||
|
# define ECDSA_R_SIGNATURE_MALLOC_FAILED 105
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
|
@ -0,0 +1,389 @@
|
||||||
|
/* crypto/err/err.h */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* openssl-core@openssl.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_ERR_H
|
||||||
|
# define HEADER_ERR_H
|
||||||
|
|
||||||
|
# include <openssl/e_os2.h>
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_FP_API
|
||||||
|
# include <stdio.h>
|
||||||
|
# include <stdlib.h>
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# include <openssl/ossl_typ.h>
|
||||||
|
# ifndef OPENSSL_NO_BIO
|
||||||
|
# include <openssl/bio.h>
|
||||||
|
# endif
|
||||||
|
# ifndef OPENSSL_NO_LHASH
|
||||||
|
# include <openssl/lhash.h>
|
||||||
|
# endif
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_ERR
|
||||||
|
# define ERR_PUT_error(a,b,c,d,e) ERR_put_error(a,b,c,d,e)
|
||||||
|
# else
|
||||||
|
# define ERR_PUT_error(a,b,c,d,e) ERR_put_error(a,b,c,NULL,0)
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# include <errno.h>
|
||||||
|
|
||||||
|
# define ERR_TXT_MALLOCED 0x01
|
||||||
|
# define ERR_TXT_STRING 0x02
|
||||||
|
|
||||||
|
# define ERR_FLAG_MARK 0x01
|
||||||
|
|
||||||
|
# define ERR_NUM_ERRORS 16
|
||||||
|
typedef struct err_state_st {
|
||||||
|
CRYPTO_THREADID tid;
|
||||||
|
int err_flags[ERR_NUM_ERRORS];
|
||||||
|
unsigned long err_buffer[ERR_NUM_ERRORS];
|
||||||
|
char *err_data[ERR_NUM_ERRORS];
|
||||||
|
int err_data_flags[ERR_NUM_ERRORS];
|
||||||
|
const char *err_file[ERR_NUM_ERRORS];
|
||||||
|
int err_line[ERR_NUM_ERRORS];
|
||||||
|
int top, bottom;
|
||||||
|
} ERR_STATE;
|
||||||
|
|
||||||
|
/* library */
|
||||||
|
# define ERR_LIB_NONE 1
|
||||||
|
# define ERR_LIB_SYS 2
|
||||||
|
# define ERR_LIB_BN 3
|
||||||
|
# define ERR_LIB_RSA 4
|
||||||
|
# define ERR_LIB_DH 5
|
||||||
|
# define ERR_LIB_EVP 6
|
||||||
|
# define ERR_LIB_BUF 7
|
||||||
|
# define ERR_LIB_OBJ 8
|
||||||
|
# define ERR_LIB_PEM 9
|
||||||
|
# define ERR_LIB_DSA 10
|
||||||
|
# define ERR_LIB_X509 11
|
||||||
|
/* #define ERR_LIB_METH 12 */
|
||||||
|
# define ERR_LIB_ASN1 13
|
||||||
|
# define ERR_LIB_CONF 14
|
||||||
|
# define ERR_LIB_CRYPTO 15
|
||||||
|
# define ERR_LIB_EC 16
|
||||||
|
# define ERR_LIB_SSL 20
|
||||||
|
/* #define ERR_LIB_SSL23 21 */
|
||||||
|
/* #define ERR_LIB_SSL2 22 */
|
||||||
|
/* #define ERR_LIB_SSL3 23 */
|
||||||
|
/* #define ERR_LIB_RSAREF 30 */
|
||||||
|
/* #define ERR_LIB_PROXY 31 */
|
||||||
|
# define ERR_LIB_BIO 32
|
||||||
|
# define ERR_LIB_PKCS7 33
|
||||||
|
# define ERR_LIB_X509V3 34
|
||||||
|
# define ERR_LIB_PKCS12 35
|
||||||
|
# define ERR_LIB_RAND 36
|
||||||
|
# define ERR_LIB_DSO 37
|
||||||
|
# define ERR_LIB_ENGINE 38
|
||||||
|
# define ERR_LIB_OCSP 39
|
||||||
|
# define ERR_LIB_UI 40
|
||||||
|
# define ERR_LIB_COMP 41
|
||||||
|
# define ERR_LIB_ECDSA 42
|
||||||
|
# define ERR_LIB_ECDH 43
|
||||||
|
# define ERR_LIB_STORE 44
|
||||||
|
# define ERR_LIB_FIPS 45
|
||||||
|
# define ERR_LIB_CMS 46
|
||||||
|
# define ERR_LIB_TS 47
|
||||||
|
# define ERR_LIB_HMAC 48
|
||||||
|
# define ERR_LIB_JPAKE 49
|
||||||
|
|
||||||
|
# define ERR_LIB_USER 128
|
||||||
|
|
||||||
|
# define SYSerr(f,r) ERR_PUT_error(ERR_LIB_SYS,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define BNerr(f,r) ERR_PUT_error(ERR_LIB_BN,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define RSAerr(f,r) ERR_PUT_error(ERR_LIB_RSA,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define DHerr(f,r) ERR_PUT_error(ERR_LIB_DH,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define EVPerr(f,r) ERR_PUT_error(ERR_LIB_EVP,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define BUFerr(f,r) ERR_PUT_error(ERR_LIB_BUF,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define OBJerr(f,r) ERR_PUT_error(ERR_LIB_OBJ,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define PEMerr(f,r) ERR_PUT_error(ERR_LIB_PEM,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define DSAerr(f,r) ERR_PUT_error(ERR_LIB_DSA,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define X509err(f,r) ERR_PUT_error(ERR_LIB_X509,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define ASN1err(f,r) ERR_PUT_error(ERR_LIB_ASN1,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define CONFerr(f,r) ERR_PUT_error(ERR_LIB_CONF,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define CRYPTOerr(f,r) ERR_PUT_error(ERR_LIB_CRYPTO,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define ECerr(f,r) ERR_PUT_error(ERR_LIB_EC,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define SSLerr(f,r) ERR_PUT_error(ERR_LIB_SSL,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define BIOerr(f,r) ERR_PUT_error(ERR_LIB_BIO,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define PKCS7err(f,r) ERR_PUT_error(ERR_LIB_PKCS7,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define X509V3err(f,r) ERR_PUT_error(ERR_LIB_X509V3,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define PKCS12err(f,r) ERR_PUT_error(ERR_LIB_PKCS12,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define RANDerr(f,r) ERR_PUT_error(ERR_LIB_RAND,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define DSOerr(f,r) ERR_PUT_error(ERR_LIB_DSO,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define ENGINEerr(f,r) ERR_PUT_error(ERR_LIB_ENGINE,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define OCSPerr(f,r) ERR_PUT_error(ERR_LIB_OCSP,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define UIerr(f,r) ERR_PUT_error(ERR_LIB_UI,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define COMPerr(f,r) ERR_PUT_error(ERR_LIB_COMP,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define ECDSAerr(f,r) ERR_PUT_error(ERR_LIB_ECDSA,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define ECDHerr(f,r) ERR_PUT_error(ERR_LIB_ECDH,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define STOREerr(f,r) ERR_PUT_error(ERR_LIB_STORE,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define FIPSerr(f,r) ERR_PUT_error(ERR_LIB_FIPS,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define CMSerr(f,r) ERR_PUT_error(ERR_LIB_CMS,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define TSerr(f,r) ERR_PUT_error(ERR_LIB_TS,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define HMACerr(f,r) ERR_PUT_error(ERR_LIB_HMAC,(f),(r),__FILE__,__LINE__)
|
||||||
|
# define JPAKEerr(f,r) ERR_PUT_error(ERR_LIB_JPAKE,(f),(r),__FILE__,__LINE__)
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Borland C seems too stupid to be able to shift and do longs in the
|
||||||
|
* pre-processor :-(
|
||||||
|
*/
|
||||||
|
# define ERR_PACK(l,f,r) (((((unsigned long)l)&0xffL)*0x1000000)| \
|
||||||
|
((((unsigned long)f)&0xfffL)*0x1000)| \
|
||||||
|
((((unsigned long)r)&0xfffL)))
|
||||||
|
# define ERR_GET_LIB(l) (int)((((unsigned long)l)>>24L)&0xffL)
|
||||||
|
# define ERR_GET_FUNC(l) (int)((((unsigned long)l)>>12L)&0xfffL)
|
||||||
|
# define ERR_GET_REASON(l) (int)((l)&0xfffL)
|
||||||
|
# define ERR_FATAL_ERROR(l) (int)((l)&ERR_R_FATAL)
|
||||||
|
|
||||||
|
/* OS functions */
|
||||||
|
# define SYS_F_FOPEN 1
|
||||||
|
# define SYS_F_CONNECT 2
|
||||||
|
# define SYS_F_GETSERVBYNAME 3
|
||||||
|
# define SYS_F_SOCKET 4
|
||||||
|
# define SYS_F_IOCTLSOCKET 5
|
||||||
|
# define SYS_F_BIND 6
|
||||||
|
# define SYS_F_LISTEN 7
|
||||||
|
# define SYS_F_ACCEPT 8
|
||||||
|
# define SYS_F_WSASTARTUP 9/* Winsock stuff */
|
||||||
|
# define SYS_F_OPENDIR 10
|
||||||
|
# define SYS_F_FREAD 11
|
||||||
|
|
||||||
|
/* reasons */
|
||||||
|
# define ERR_R_SYS_LIB ERR_LIB_SYS/* 2 */
|
||||||
|
# define ERR_R_BN_LIB ERR_LIB_BN/* 3 */
|
||||||
|
# define ERR_R_RSA_LIB ERR_LIB_RSA/* 4 */
|
||||||
|
# define ERR_R_DH_LIB ERR_LIB_DH/* 5 */
|
||||||
|
# define ERR_R_EVP_LIB ERR_LIB_EVP/* 6 */
|
||||||
|
# define ERR_R_BUF_LIB ERR_LIB_BUF/* 7 */
|
||||||
|
# define ERR_R_OBJ_LIB ERR_LIB_OBJ/* 8 */
|
||||||
|
# define ERR_R_PEM_LIB ERR_LIB_PEM/* 9 */
|
||||||
|
# define ERR_R_DSA_LIB ERR_LIB_DSA/* 10 */
|
||||||
|
# define ERR_R_X509_LIB ERR_LIB_X509/* 11 */
|
||||||
|
# define ERR_R_ASN1_LIB ERR_LIB_ASN1/* 13 */
|
||||||
|
# define ERR_R_CONF_LIB ERR_LIB_CONF/* 14 */
|
||||||
|
# define ERR_R_CRYPTO_LIB ERR_LIB_CRYPTO/* 15 */
|
||||||
|
# define ERR_R_EC_LIB ERR_LIB_EC/* 16 */
|
||||||
|
# define ERR_R_SSL_LIB ERR_LIB_SSL/* 20 */
|
||||||
|
# define ERR_R_BIO_LIB ERR_LIB_BIO/* 32 */
|
||||||
|
# define ERR_R_PKCS7_LIB ERR_LIB_PKCS7/* 33 */
|
||||||
|
# define ERR_R_X509V3_LIB ERR_LIB_X509V3/* 34 */
|
||||||
|
# define ERR_R_PKCS12_LIB ERR_LIB_PKCS12/* 35 */
|
||||||
|
# define ERR_R_RAND_LIB ERR_LIB_RAND/* 36 */
|
||||||
|
# define ERR_R_DSO_LIB ERR_LIB_DSO/* 37 */
|
||||||
|
# define ERR_R_ENGINE_LIB ERR_LIB_ENGINE/* 38 */
|
||||||
|
# define ERR_R_OCSP_LIB ERR_LIB_OCSP/* 39 */
|
||||||
|
# define ERR_R_UI_LIB ERR_LIB_UI/* 40 */
|
||||||
|
# define ERR_R_COMP_LIB ERR_LIB_COMP/* 41 */
|
||||||
|
# define ERR_R_ECDSA_LIB ERR_LIB_ECDSA/* 42 */
|
||||||
|
# define ERR_R_ECDH_LIB ERR_LIB_ECDH/* 43 */
|
||||||
|
# define ERR_R_STORE_LIB ERR_LIB_STORE/* 44 */
|
||||||
|
# define ERR_R_TS_LIB ERR_LIB_TS/* 45 */
|
||||||
|
|
||||||
|
# define ERR_R_NESTED_ASN1_ERROR 58
|
||||||
|
# define ERR_R_BAD_ASN1_OBJECT_HEADER 59
|
||||||
|
# define ERR_R_BAD_GET_ASN1_OBJECT_CALL 60
|
||||||
|
# define ERR_R_EXPECTING_AN_ASN1_SEQUENCE 61
|
||||||
|
# define ERR_R_ASN1_LENGTH_MISMATCH 62
|
||||||
|
# define ERR_R_MISSING_ASN1_EOS 63
|
||||||
|
|
||||||
|
/* fatal error */
|
||||||
|
# define ERR_R_FATAL 64
|
||||||
|
# define ERR_R_MALLOC_FAILURE (1|ERR_R_FATAL)
|
||||||
|
# define ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED (2|ERR_R_FATAL)
|
||||||
|
# define ERR_R_PASSED_NULL_PARAMETER (3|ERR_R_FATAL)
|
||||||
|
# define ERR_R_INTERNAL_ERROR (4|ERR_R_FATAL)
|
||||||
|
# define ERR_R_DISABLED (5|ERR_R_FATAL)
|
||||||
|
|
||||||
|
/*
|
||||||
|
* 99 is the maximum possible ERR_R_... code, higher values are reserved for
|
||||||
|
* the individual libraries
|
||||||
|
*/
|
||||||
|
|
||||||
|
typedef struct ERR_string_data_st {
|
||||||
|
unsigned long error;
|
||||||
|
const char *string;
|
||||||
|
} ERR_STRING_DATA;
|
||||||
|
|
||||||
|
void ERR_put_error(int lib, int func, int reason, const char *file, int line);
|
||||||
|
void ERR_set_error_data(char *data, int flags);
|
||||||
|
|
||||||
|
unsigned long ERR_get_error(void);
|
||||||
|
unsigned long ERR_get_error_line(const char **file, int *line);
|
||||||
|
unsigned long ERR_get_error_line_data(const char **file, int *line,
|
||||||
|
const char **data, int *flags);
|
||||||
|
unsigned long ERR_peek_error(void);
|
||||||
|
unsigned long ERR_peek_error_line(const char **file, int *line);
|
||||||
|
unsigned long ERR_peek_error_line_data(const char **file, int *line,
|
||||||
|
const char **data, int *flags);
|
||||||
|
unsigned long ERR_peek_last_error(void);
|
||||||
|
unsigned long ERR_peek_last_error_line(const char **file, int *line);
|
||||||
|
unsigned long ERR_peek_last_error_line_data(const char **file, int *line,
|
||||||
|
const char **data, int *flags);
|
||||||
|
void ERR_clear_error(void);
|
||||||
|
char *ERR_error_string(unsigned long e, char *buf);
|
||||||
|
void ERR_error_string_n(unsigned long e, char *buf, size_t len);
|
||||||
|
const char *ERR_lib_error_string(unsigned long e);
|
||||||
|
const char *ERR_func_error_string(unsigned long e);
|
||||||
|
const char *ERR_reason_error_string(unsigned long e);
|
||||||
|
void ERR_print_errors_cb(int (*cb) (const char *str, size_t len, void *u),
|
||||||
|
void *u);
|
||||||
|
# ifndef OPENSSL_NO_FP_API
|
||||||
|
void ERR_print_errors_fp(FILE *fp);
|
||||||
|
# endif
|
||||||
|
# ifndef OPENSSL_NO_BIO
|
||||||
|
void ERR_print_errors(BIO *bp);
|
||||||
|
# endif
|
||||||
|
void ERR_add_error_data(int num, ...);
|
||||||
|
void ERR_add_error_vdata(int num, va_list args);
|
||||||
|
void ERR_load_strings(int lib, ERR_STRING_DATA str[]);
|
||||||
|
void ERR_unload_strings(int lib, ERR_STRING_DATA str[]);
|
||||||
|
void ERR_load_ERR_strings(void);
|
||||||
|
void ERR_load_crypto_strings(void);
|
||||||
|
void ERR_free_strings(void);
|
||||||
|
|
||||||
|
void ERR_remove_thread_state(const CRYPTO_THREADID *tid);
|
||||||
|
# ifndef OPENSSL_NO_DEPRECATED
|
||||||
|
void ERR_remove_state(unsigned long pid); /* if zero we look it up */
|
||||||
|
# endif
|
||||||
|
ERR_STATE *ERR_get_state(void);
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_LHASH
|
||||||
|
LHASH_OF(ERR_STRING_DATA) *ERR_get_string_table(void);
|
||||||
|
LHASH_OF(ERR_STATE) *ERR_get_err_state_table(void);
|
||||||
|
void ERR_release_err_state_table(LHASH_OF(ERR_STATE) **hash);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
int ERR_get_next_error_library(void);
|
||||||
|
|
||||||
|
int ERR_set_mark(void);
|
||||||
|
int ERR_pop_to_mark(void);
|
||||||
|
|
||||||
|
/* Already defined in ossl_typ.h */
|
||||||
|
/* typedef struct st_ERR_FNS ERR_FNS; */
|
||||||
|
/*
|
||||||
|
* An application can use this function and provide the return value to
|
||||||
|
* loaded modules that should use the application's ERR state/functionality
|
||||||
|
*/
|
||||||
|
const ERR_FNS *ERR_get_implementation(void);
|
||||||
|
/*
|
||||||
|
* A loaded module should call this function prior to any ERR operations
|
||||||
|
* using the application's "ERR_FNS".
|
||||||
|
*/
|
||||||
|
int ERR_set_implementation(const ERR_FNS *fns);
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#endif
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,109 @@
|
||||||
|
/* crypto/hmac/hmac.h */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
#ifndef HEADER_HMAC_H
|
||||||
|
# define HEADER_HMAC_H
|
||||||
|
|
||||||
|
# include <openssl/opensslconf.h>
|
||||||
|
|
||||||
|
# ifdef OPENSSL_NO_HMAC
|
||||||
|
# error HMAC is disabled.
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# include <openssl/evp.h>
|
||||||
|
|
||||||
|
# define HMAC_MAX_MD_CBLOCK 128/* largest known is SHA512 */
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
typedef struct hmac_ctx_st {
|
||||||
|
const EVP_MD *md;
|
||||||
|
EVP_MD_CTX md_ctx;
|
||||||
|
EVP_MD_CTX i_ctx;
|
||||||
|
EVP_MD_CTX o_ctx;
|
||||||
|
unsigned int key_length;
|
||||||
|
unsigned char key[HMAC_MAX_MD_CBLOCK];
|
||||||
|
} HMAC_CTX;
|
||||||
|
|
||||||
|
# define HMAC_size(e) (EVP_MD_size((e)->md))
|
||||||
|
|
||||||
|
void HMAC_CTX_init(HMAC_CTX *ctx);
|
||||||
|
void HMAC_CTX_cleanup(HMAC_CTX *ctx);
|
||||||
|
|
||||||
|
/* deprecated */
|
||||||
|
# define HMAC_cleanup(ctx) HMAC_CTX_cleanup(ctx)
|
||||||
|
|
||||||
|
/* deprecated */
|
||||||
|
int HMAC_Init(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md);
|
||||||
|
int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
|
||||||
|
const EVP_MD *md, ENGINE *impl);
|
||||||
|
int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len);
|
||||||
|
int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
|
||||||
|
unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
|
||||||
|
const unsigned char *d, size_t n, unsigned char *md,
|
||||||
|
unsigned int *md_len);
|
||||||
|
int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);
|
||||||
|
|
||||||
|
void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags);
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#endif
|
|
@ -0,0 +1,197 @@
|
||||||
|
/* ssl/kssl.h -*- mode: C; c-file-style: "eay" -*- */
|
||||||
|
/*
|
||||||
|
* Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project
|
||||||
|
* 2000. project 2000.
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* licensing@OpenSSL.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
** 19990701 VRS Started.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef KSSL_H
|
||||||
|
# define KSSL_H
|
||||||
|
|
||||||
|
# include <openssl/opensslconf.h>
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_KRB5
|
||||||
|
|
||||||
|
# include <stdio.h>
|
||||||
|
# include <ctype.h>
|
||||||
|
# include <krb5.h>
|
||||||
|
# ifdef OPENSSL_SYS_WIN32
|
||||||
|
/*
|
||||||
|
* These can sometimes get redefined indirectly by krb5 header files after
|
||||||
|
* they get undefed in ossl_typ.h
|
||||||
|
*/
|
||||||
|
# undef X509_NAME
|
||||||
|
# undef X509_EXTENSIONS
|
||||||
|
# undef OCSP_REQUEST
|
||||||
|
# undef OCSP_RESPONSE
|
||||||
|
# endif
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Depending on which KRB5 implementation used, some types from
|
||||||
|
* the other may be missing. Resolve that here and now
|
||||||
|
*/
|
||||||
|
# ifdef KRB5_HEIMDAL
|
||||||
|
typedef unsigned char krb5_octet;
|
||||||
|
# define FAR
|
||||||
|
# else
|
||||||
|
|
||||||
|
# ifndef FAR
|
||||||
|
# define FAR
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/*-
|
||||||
|
* Uncomment this to debug kssl problems or
|
||||||
|
* to trace usage of the Kerberos session key
|
||||||
|
*
|
||||||
|
* #define KSSL_DEBUG
|
||||||
|
*/
|
||||||
|
|
||||||
|
# ifndef KRB5SVC
|
||||||
|
# define KRB5SVC "host"
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef KRB5KEYTAB
|
||||||
|
# define KRB5KEYTAB "/etc/krb5.keytab"
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef KRB5SENDAUTH
|
||||||
|
# define KRB5SENDAUTH 1
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef KRB5CHECKAUTH
|
||||||
|
# define KRB5CHECKAUTH 1
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef KSSL_CLOCKSKEW
|
||||||
|
# define KSSL_CLOCKSKEW 300;
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# define KSSL_ERR_MAX 255
|
||||||
|
typedef struct kssl_err_st {
|
||||||
|
int reason;
|
||||||
|
char text[KSSL_ERR_MAX + 1];
|
||||||
|
} KSSL_ERR;
|
||||||
|
|
||||||
|
/*- Context for passing
|
||||||
|
* (1) Kerberos session key to SSL, and
|
||||||
|
* (2) Config data between application and SSL lib
|
||||||
|
*/
|
||||||
|
typedef struct kssl_ctx_st {
|
||||||
|
/* used by: disposition: */
|
||||||
|
char *service_name; /* C,S default ok (kssl) */
|
||||||
|
char *service_host; /* C input, REQUIRED */
|
||||||
|
char *client_princ; /* S output from krb5 ticket */
|
||||||
|
char *keytab_file; /* S NULL (/etc/krb5.keytab) */
|
||||||
|
char *cred_cache; /* C NULL (default) */
|
||||||
|
krb5_enctype enctype;
|
||||||
|
int length;
|
||||||
|
krb5_octet FAR *key;
|
||||||
|
} KSSL_CTX;
|
||||||
|
|
||||||
|
# define KSSL_CLIENT 1
|
||||||
|
# define KSSL_SERVER 2
|
||||||
|
# define KSSL_SERVICE 3
|
||||||
|
# define KSSL_KEYTAB 4
|
||||||
|
|
||||||
|
# define KSSL_CTX_OK 0
|
||||||
|
# define KSSL_CTX_ERR 1
|
||||||
|
# define KSSL_NOMEM 2
|
||||||
|
|
||||||
|
/* Public (for use by applications that use OpenSSL with Kerberos 5 support */
|
||||||
|
krb5_error_code kssl_ctx_setstring(KSSL_CTX *kssl_ctx, int which, char *text);
|
||||||
|
KSSL_CTX *kssl_ctx_new(void);
|
||||||
|
KSSL_CTX *kssl_ctx_free(KSSL_CTX *kssl_ctx);
|
||||||
|
void kssl_ctx_show(KSSL_CTX *kssl_ctx);
|
||||||
|
krb5_error_code kssl_ctx_setprinc(KSSL_CTX *kssl_ctx, int which,
|
||||||
|
krb5_data *realm, krb5_data *entity,
|
||||||
|
int nentities);
|
||||||
|
krb5_error_code kssl_cget_tkt(KSSL_CTX *kssl_ctx, krb5_data **enc_tktp,
|
||||||
|
krb5_data *authenp, KSSL_ERR *kssl_err);
|
||||||
|
krb5_error_code kssl_sget_tkt(KSSL_CTX *kssl_ctx, krb5_data *indata,
|
||||||
|
krb5_ticket_times *ttimes, KSSL_ERR *kssl_err);
|
||||||
|
krb5_error_code kssl_ctx_setkey(KSSL_CTX *kssl_ctx, krb5_keyblock *session);
|
||||||
|
void kssl_err_set(KSSL_ERR *kssl_err, int reason, char *text);
|
||||||
|
void kssl_krb5_free_data_contents(krb5_context context, krb5_data *data);
|
||||||
|
krb5_error_code kssl_build_principal_2(krb5_context context,
|
||||||
|
krb5_principal *princ, int rlen,
|
||||||
|
const char *realm, int slen,
|
||||||
|
const char *svc, int hlen,
|
||||||
|
const char *host);
|
||||||
|
krb5_error_code kssl_validate_times(krb5_timestamp atime,
|
||||||
|
krb5_ticket_times *ttimes);
|
||||||
|
krb5_error_code kssl_check_authent(KSSL_CTX *kssl_ctx, krb5_data *authentp,
|
||||||
|
krb5_timestamp *atimep,
|
||||||
|
KSSL_ERR *kssl_err);
|
||||||
|
unsigned char *kssl_skip_confound(krb5_enctype enctype, unsigned char *authn);
|
||||||
|
|
||||||
|
void SSL_set0_kssl_ctx(SSL *s, KSSL_CTX *kctx);
|
||||||
|
KSSL_CTX *SSL_get0_kssl_ctx(SSL *s);
|
||||||
|
char *kssl_ctx_get0_client_princ(KSSL_CTX *kctx);
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
# endif /* OPENSSL_NO_KRB5 */
|
||||||
|
#endif /* KSSL_H */
|
|
@ -0,0 +1,240 @@
|
||||||
|
/* crypto/lhash/lhash.h */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Header for dynamic hash table routines Author - Eric Young
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_LHASH_H
|
||||||
|
# define HEADER_LHASH_H
|
||||||
|
|
||||||
|
# include <openssl/e_os2.h>
|
||||||
|
# ifndef OPENSSL_NO_FP_API
|
||||||
|
# include <stdio.h>
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_BIO
|
||||||
|
# include <openssl/bio.h>
|
||||||
|
# endif
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
typedef struct lhash_node_st {
|
||||||
|
void *data;
|
||||||
|
struct lhash_node_st *next;
|
||||||
|
# ifndef OPENSSL_NO_HASH_COMP
|
||||||
|
unsigned long hash;
|
||||||
|
# endif
|
||||||
|
} LHASH_NODE;
|
||||||
|
|
||||||
|
typedef int (*LHASH_COMP_FN_TYPE) (const void *, const void *);
|
||||||
|
typedef unsigned long (*LHASH_HASH_FN_TYPE) (const void *);
|
||||||
|
typedef void (*LHASH_DOALL_FN_TYPE) (void *);
|
||||||
|
typedef void (*LHASH_DOALL_ARG_FN_TYPE) (void *, void *);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Macros for declaring and implementing type-safe wrappers for LHASH
|
||||||
|
* callbacks. This way, callbacks can be provided to LHASH structures without
|
||||||
|
* function pointer casting and the macro-defined callbacks provide
|
||||||
|
* per-variable casting before deferring to the underlying type-specific
|
||||||
|
* callbacks. NB: It is possible to place a "static" in front of both the
|
||||||
|
* DECLARE and IMPLEMENT macros if the functions are strictly internal.
|
||||||
|
*/
|
||||||
|
|
||||||
|
/* First: "hash" functions */
|
||||||
|
# define DECLARE_LHASH_HASH_FN(name, o_type) \
|
||||||
|
unsigned long name##_LHASH_HASH(const void *);
|
||||||
|
# define IMPLEMENT_LHASH_HASH_FN(name, o_type) \
|
||||||
|
unsigned long name##_LHASH_HASH(const void *arg) { \
|
||||||
|
const o_type *a = arg; \
|
||||||
|
return name##_hash(a); }
|
||||||
|
# define LHASH_HASH_FN(name) name##_LHASH_HASH
|
||||||
|
|
||||||
|
/* Second: "compare" functions */
|
||||||
|
# define DECLARE_LHASH_COMP_FN(name, o_type) \
|
||||||
|
int name##_LHASH_COMP(const void *, const void *);
|
||||||
|
# define IMPLEMENT_LHASH_COMP_FN(name, o_type) \
|
||||||
|
int name##_LHASH_COMP(const void *arg1, const void *arg2) { \
|
||||||
|
const o_type *a = arg1; \
|
||||||
|
const o_type *b = arg2; \
|
||||||
|
return name##_cmp(a,b); }
|
||||||
|
# define LHASH_COMP_FN(name) name##_LHASH_COMP
|
||||||
|
|
||||||
|
/* Third: "doall" functions */
|
||||||
|
# define DECLARE_LHASH_DOALL_FN(name, o_type) \
|
||||||
|
void name##_LHASH_DOALL(void *);
|
||||||
|
# define IMPLEMENT_LHASH_DOALL_FN(name, o_type) \
|
||||||
|
void name##_LHASH_DOALL(void *arg) { \
|
||||||
|
o_type *a = arg; \
|
||||||
|
name##_doall(a); }
|
||||||
|
# define LHASH_DOALL_FN(name) name##_LHASH_DOALL
|
||||||
|
|
||||||
|
/* Fourth: "doall_arg" functions */
|
||||||
|
# define DECLARE_LHASH_DOALL_ARG_FN(name, o_type, a_type) \
|
||||||
|
void name##_LHASH_DOALL_ARG(void *, void *);
|
||||||
|
# define IMPLEMENT_LHASH_DOALL_ARG_FN(name, o_type, a_type) \
|
||||||
|
void name##_LHASH_DOALL_ARG(void *arg1, void *arg2) { \
|
||||||
|
o_type *a = arg1; \
|
||||||
|
a_type *b = arg2; \
|
||||||
|
name##_doall_arg(a, b); }
|
||||||
|
# define LHASH_DOALL_ARG_FN(name) name##_LHASH_DOALL_ARG
|
||||||
|
|
||||||
|
typedef struct lhash_st {
|
||||||
|
LHASH_NODE **b;
|
||||||
|
LHASH_COMP_FN_TYPE comp;
|
||||||
|
LHASH_HASH_FN_TYPE hash;
|
||||||
|
unsigned int num_nodes;
|
||||||
|
unsigned int num_alloc_nodes;
|
||||||
|
unsigned int p;
|
||||||
|
unsigned int pmax;
|
||||||
|
unsigned long up_load; /* load times 256 */
|
||||||
|
unsigned long down_load; /* load times 256 */
|
||||||
|
unsigned long num_items;
|
||||||
|
unsigned long num_expands;
|
||||||
|
unsigned long num_expand_reallocs;
|
||||||
|
unsigned long num_contracts;
|
||||||
|
unsigned long num_contract_reallocs;
|
||||||
|
unsigned long num_hash_calls;
|
||||||
|
unsigned long num_comp_calls;
|
||||||
|
unsigned long num_insert;
|
||||||
|
unsigned long num_replace;
|
||||||
|
unsigned long num_delete;
|
||||||
|
unsigned long num_no_delete;
|
||||||
|
unsigned long num_retrieve;
|
||||||
|
unsigned long num_retrieve_miss;
|
||||||
|
unsigned long num_hash_comps;
|
||||||
|
int error;
|
||||||
|
} _LHASH; /* Do not use _LHASH directly, use LHASH_OF
|
||||||
|
* and friends */
|
||||||
|
|
||||||
|
# define LH_LOAD_MULT 256
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Indicates a malloc() error in the last call, this is only bad in
|
||||||
|
* lh_insert().
|
||||||
|
*/
|
||||||
|
# define lh_error(lh) ((lh)->error)
|
||||||
|
|
||||||
|
_LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c);
|
||||||
|
void lh_free(_LHASH *lh);
|
||||||
|
void *lh_insert(_LHASH *lh, void *data);
|
||||||
|
void *lh_delete(_LHASH *lh, const void *data);
|
||||||
|
void *lh_retrieve(_LHASH *lh, const void *data);
|
||||||
|
void lh_doall(_LHASH *lh, LHASH_DOALL_FN_TYPE func);
|
||||||
|
void lh_doall_arg(_LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg);
|
||||||
|
unsigned long lh_strhash(const char *c);
|
||||||
|
unsigned long lh_num_items(const _LHASH *lh);
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_FP_API
|
||||||
|
void lh_stats(const _LHASH *lh, FILE *out);
|
||||||
|
void lh_node_stats(const _LHASH *lh, FILE *out);
|
||||||
|
void lh_node_usage_stats(const _LHASH *lh, FILE *out);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_BIO
|
||||||
|
void lh_stats_bio(const _LHASH *lh, BIO *out);
|
||||||
|
void lh_node_stats_bio(const _LHASH *lh, BIO *out);
|
||||||
|
void lh_node_usage_stats_bio(const _LHASH *lh, BIO *out);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* Type checking... */
|
||||||
|
|
||||||
|
# define LHASH_OF(type) struct lhash_st_##type
|
||||||
|
|
||||||
|
# define DECLARE_LHASH_OF(type) LHASH_OF(type) { int dummy; }
|
||||||
|
|
||||||
|
# define CHECKED_LHASH_OF(type,lh) \
|
||||||
|
((_LHASH *)CHECKED_PTR_OF(LHASH_OF(type),lh))
|
||||||
|
|
||||||
|
/* Define wrapper functions. */
|
||||||
|
# define LHM_lh_new(type, name) \
|
||||||
|
((LHASH_OF(type) *)lh_new(LHASH_HASH_FN(name), LHASH_COMP_FN(name)))
|
||||||
|
# define LHM_lh_error(type, lh) \
|
||||||
|
lh_error(CHECKED_LHASH_OF(type,lh))
|
||||||
|
# define LHM_lh_insert(type, lh, inst) \
|
||||||
|
((type *)lh_insert(CHECKED_LHASH_OF(type, lh), \
|
||||||
|
CHECKED_PTR_OF(type, inst)))
|
||||||
|
# define LHM_lh_retrieve(type, lh, inst) \
|
||||||
|
((type *)lh_retrieve(CHECKED_LHASH_OF(type, lh), \
|
||||||
|
CHECKED_PTR_OF(type, inst)))
|
||||||
|
# define LHM_lh_delete(type, lh, inst) \
|
||||||
|
((type *)lh_delete(CHECKED_LHASH_OF(type, lh), \
|
||||||
|
CHECKED_PTR_OF(type, inst)))
|
||||||
|
# define LHM_lh_doall(type, lh,fn) lh_doall(CHECKED_LHASH_OF(type, lh), fn)
|
||||||
|
# define LHM_lh_doall_arg(type, lh, fn, arg_type, arg) \
|
||||||
|
lh_doall_arg(CHECKED_LHASH_OF(type, lh), fn, CHECKED_PTR_OF(arg_type, arg))
|
||||||
|
# define LHM_lh_num_items(type, lh) lh_num_items(CHECKED_LHASH_OF(type, lh))
|
||||||
|
# define LHM_lh_down_load(type, lh) (CHECKED_LHASH_OF(type, lh)->down_load)
|
||||||
|
# define LHM_lh_node_stats_bio(type, lh, out) \
|
||||||
|
lh_node_stats_bio(CHECKED_LHASH_OF(type, lh), out)
|
||||||
|
# define LHM_lh_node_usage_stats_bio(type, lh, out) \
|
||||||
|
lh_node_usage_stats_bio(CHECKED_LHASH_OF(type, lh), out)
|
||||||
|
# define LHM_lh_stats_bio(type, lh, out) \
|
||||||
|
lh_stats_bio(CHECKED_LHASH_OF(type, lh), out)
|
||||||
|
# define LHM_lh_free(type, lh) lh_free(CHECKED_LHASH_OF(type, lh))
|
||||||
|
|
||||||
|
DECLARE_LHASH_OF(OPENSSL_STRING);
|
||||||
|
DECLARE_LHASH_OF(OPENSSL_CSTRING);
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#endif
|
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,259 @@
|
||||||
|
/* opensslconf.h */
|
||||||
|
/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
/* OpenSSL was configured with the following options: */
|
||||||
|
#ifndef OPENSSL_SYSNAME_WIN64A
|
||||||
|
# define OPENSSL_SYSNAME_WIN64A
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_DOING_MAKEDEPEND
|
||||||
|
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
|
||||||
|
# define OPENSSL_NO_EC_NISTP_64_GCC_128
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_GMP
|
||||||
|
# define OPENSSL_NO_GMP
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_JPAKE
|
||||||
|
# define OPENSSL_NO_JPAKE
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_KRB5
|
||||||
|
# define OPENSSL_NO_KRB5
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_LIBUNBOUND
|
||||||
|
# define OPENSSL_NO_LIBUNBOUND
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_MD2
|
||||||
|
# define OPENSSL_NO_MD2
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_RC5
|
||||||
|
# define OPENSSL_NO_RC5
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_RFC3779
|
||||||
|
# define OPENSSL_NO_RFC3779
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_SCTP
|
||||||
|
# define OPENSSL_NO_SCTP
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_SSL_TRACE
|
||||||
|
# define OPENSSL_NO_SSL_TRACE
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_STORE
|
||||||
|
# define OPENSSL_NO_STORE
|
||||||
|
#endif
|
||||||
|
#ifndef OPENSSL_NO_UNIT_TEST
|
||||||
|
# define OPENSSL_NO_UNIT_TEST
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#endif /* OPENSSL_DOING_MAKEDEPEND */
|
||||||
|
|
||||||
|
#ifndef OPENSSL_THREADS
|
||||||
|
# define OPENSSL_THREADS
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* The OPENSSL_NO_* macros are also defined as NO_* if the application
|
||||||
|
asks for it. This is a transient feature that is provided for those
|
||||||
|
who haven't had the time to do the appropriate changes in their
|
||||||
|
applications. */
|
||||||
|
#ifdef OPENSSL_ALGORITHM_DEFINES
|
||||||
|
# if defined(OPENSSL_NO_EC_NISTP_64_GCC_128) && !defined(NO_EC_NISTP_64_GCC_128)
|
||||||
|
# define NO_EC_NISTP_64_GCC_128
|
||||||
|
# endif
|
||||||
|
# if defined(OPENSSL_NO_GMP) && !defined(NO_GMP)
|
||||||
|
# define NO_GMP
|
||||||
|
# endif
|
||||||
|
# if defined(OPENSSL_NO_JPAKE) && !defined(NO_JPAKE)
|
||||||
|
# define NO_JPAKE
|
||||||
|
# endif
|
||||||
|
# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
|
||||||
|
# define NO_KRB5
|
||||||
|
# endif
|
||||||
|
# if defined(OPENSSL_NO_LIBUNBOUND) && !defined(NO_LIBUNBOUND)
|
||||||
|
# define NO_LIBUNBOUND
|
||||||
|
# endif
|
||||||
|
# if defined(OPENSSL_NO_MD2) && !defined(NO_MD2)
|
||||||
|
# define NO_MD2
|
||||||
|
# endif
|
||||||
|
# if defined(OPENSSL_NO_RC5) && !defined(NO_RC5)
|
||||||
|
# define NO_RC5
|
||||||
|
# endif
|
||||||
|
# if defined(OPENSSL_NO_RFC3779) && !defined(NO_RFC3779)
|
||||||
|
# define NO_RFC3779
|
||||||
|
# endif
|
||||||
|
# if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP)
|
||||||
|
# define NO_SCTP
|
||||||
|
# endif
|
||||||
|
# if defined(OPENSSL_NO_SSL_TRACE) && !defined(NO_SSL_TRACE)
|
||||||
|
# define NO_SSL_TRACE
|
||||||
|
# endif
|
||||||
|
# if defined(OPENSSL_NO_STORE) && !defined(NO_STORE)
|
||||||
|
# define NO_STORE
|
||||||
|
# endif
|
||||||
|
# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST)
|
||||||
|
# define NO_UNIT_TEST
|
||||||
|
# endif
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#define OPENSSL_CPUID_OBJ
|
||||||
|
|
||||||
|
/* crypto/opensslconf.h.in */
|
||||||
|
|
||||||
|
/* Generate 80386 code? */
|
||||||
|
#undef I386_ONLY
|
||||||
|
|
||||||
|
#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
|
||||||
|
#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
|
||||||
|
#define ENGINESDIR "/usr/local/ssl/lib/engines"
|
||||||
|
#define OPENSSLDIR "/usr/local/ssl"
|
||||||
|
#endif
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#undef OPENSSL_UNISTD
|
||||||
|
#define OPENSSL_UNISTD <unistd.h>
|
||||||
|
|
||||||
|
#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
|
||||||
|
#define OPENSSL_EXPORT_VAR_AS_FUNCTION
|
||||||
|
|
||||||
|
#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
|
||||||
|
#define IDEA_INT unsigned int
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(HEADER_MD2_H) && !defined(MD2_INT)
|
||||||
|
#define MD2_INT unsigned int
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(HEADER_RC2_H) && !defined(RC2_INT)
|
||||||
|
/* I need to put in a mod for the alpha - eay */
|
||||||
|
#define RC2_INT unsigned int
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(HEADER_RC4_H)
|
||||||
|
#if !defined(RC4_INT)
|
||||||
|
/* using int types make the structure larger but make the code faster
|
||||||
|
* on most boxes I have tested - up to %20 faster. */
|
||||||
|
/*
|
||||||
|
* I don't know what does "most" mean, but declaring "int" is a must on:
|
||||||
|
* - Intel P6 because partial register stalls are very expensive;
|
||||||
|
* - elder Alpha because it lacks byte load/store instructions;
|
||||||
|
*/
|
||||||
|
#define RC4_INT unsigned int
|
||||||
|
#endif
|
||||||
|
#if !defined(RC4_CHUNK)
|
||||||
|
/*
|
||||||
|
* This enables code handling data aligned at natural CPU word
|
||||||
|
* boundary. See crypto/rc4/rc4_enc.c for further details.
|
||||||
|
*/
|
||||||
|
#define RC4_CHUNK unsigned long long
|
||||||
|
#endif
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG)
|
||||||
|
/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
|
||||||
|
* %20 speed up (longs are 8 bytes, int's are 4). */
|
||||||
|
#ifndef DES_LONG
|
||||||
|
#define DES_LONG unsigned int
|
||||||
|
#endif
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
|
||||||
|
#define CONFIG_HEADER_BN_H
|
||||||
|
#undef BN_LLONG
|
||||||
|
|
||||||
|
/* Should we define BN_DIV2W here? */
|
||||||
|
|
||||||
|
/* Only one for the following should be defined */
|
||||||
|
#undef SIXTY_FOUR_BIT_LONG
|
||||||
|
#define SIXTY_FOUR_BIT
|
||||||
|
#undef THIRTY_TWO_BIT
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
|
||||||
|
#define CONFIG_HEADER_RC4_LOCL_H
|
||||||
|
/* if this is defined data[i] is used instead of *data, this is a %20
|
||||||
|
* speedup on x86 */
|
||||||
|
#undef RC4_INDEX
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
|
||||||
|
#define CONFIG_HEADER_BF_LOCL_H
|
||||||
|
#undef BF_PTR
|
||||||
|
#endif /* HEADER_BF_LOCL_H */
|
||||||
|
|
||||||
|
#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
|
||||||
|
#define CONFIG_HEADER_DES_LOCL_H
|
||||||
|
#ifndef DES_DEFAULT_OPTIONS
|
||||||
|
/* the following is tweaked from a config script, that is why it is a
|
||||||
|
* protected undef/define */
|
||||||
|
#ifndef DES_PTR
|
||||||
|
#undef DES_PTR
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* This helps C compiler generate the correct code for multiple functional
|
||||||
|
* units. It reduces register dependancies at the expense of 2 more
|
||||||
|
* registers */
|
||||||
|
#ifndef DES_RISC1
|
||||||
|
#undef DES_RISC1
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef DES_RISC2
|
||||||
|
#undef DES_RISC2
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(DES_RISC1) && defined(DES_RISC2)
|
||||||
|
YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* Unroll the inner loop, this sometimes helps, sometimes hinders.
|
||||||
|
* Very mucy CPU dependant */
|
||||||
|
#ifndef DES_UNROLL
|
||||||
|
#undef DES_UNROLL
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* These default values were supplied by
|
||||||
|
* Peter Gutman <pgut001@cs.auckland.ac.nz>
|
||||||
|
* They are only used if nothing else has been defined */
|
||||||
|
#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
|
||||||
|
/* Special defines which change the way the code is built depending on the
|
||||||
|
CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
|
||||||
|
even newer MIPS CPU's, but at the moment one size fits all for
|
||||||
|
optimization options. Older Sparc's work better with only UNROLL, but
|
||||||
|
there's no way to tell at compile time what it is you're running on */
|
||||||
|
|
||||||
|
#if defined( sun ) /* Newer Sparc's */
|
||||||
|
# define DES_PTR
|
||||||
|
# define DES_RISC1
|
||||||
|
# define DES_UNROLL
|
||||||
|
#elif defined( __ultrix ) /* Older MIPS */
|
||||||
|
# define DES_PTR
|
||||||
|
# define DES_RISC2
|
||||||
|
# define DES_UNROLL
|
||||||
|
#elif defined( __osf1__ ) /* Alpha */
|
||||||
|
# define DES_PTR
|
||||||
|
# define DES_RISC2
|
||||||
|
#elif defined ( _AIX ) /* RS6000 */
|
||||||
|
/* Unknown */
|
||||||
|
#elif defined( __hpux ) /* HP-PA */
|
||||||
|
/* Unknown */
|
||||||
|
#elif defined( __aux ) /* 68K */
|
||||||
|
/* Unknown */
|
||||||
|
#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */
|
||||||
|
# define DES_UNROLL
|
||||||
|
#elif defined( __sgi ) /* Newer MIPS */
|
||||||
|
# define DES_PTR
|
||||||
|
# define DES_RISC2
|
||||||
|
# define DES_UNROLL
|
||||||
|
#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */
|
||||||
|
# define DES_PTR
|
||||||
|
# define DES_RISC1
|
||||||
|
# define DES_UNROLL
|
||||||
|
#endif /* Systems-specific speed defines */
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#endif /* DES_DEFAULT_OPTIONS */
|
||||||
|
#endif /* HEADER_DES_LOCL_H */
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
|
@ -0,0 +1,97 @@
|
||||||
|
#ifndef HEADER_OPENSSLV_H
|
||||||
|
# define HEADER_OPENSSLV_H
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/*-
|
||||||
|
* Numeric release version identifier:
|
||||||
|
* MNNFFPPS: major minor fix patch status
|
||||||
|
* The status nibble has one of the values 0 for development, 1 to e for betas
|
||||||
|
* 1 to 14, and f for release. The patch level is exactly that.
|
||||||
|
* For example:
|
||||||
|
* 0.9.3-dev 0x00903000
|
||||||
|
* 0.9.3-beta1 0x00903001
|
||||||
|
* 0.9.3-beta2-dev 0x00903002
|
||||||
|
* 0.9.3-beta2 0x00903002 (same as ...beta2-dev)
|
||||||
|
* 0.9.3 0x0090300f
|
||||||
|
* 0.9.3a 0x0090301f
|
||||||
|
* 0.9.4 0x0090400f
|
||||||
|
* 1.2.3z 0x102031af
|
||||||
|
*
|
||||||
|
* For continuity reasons (because 0.9.5 is already out, and is coded
|
||||||
|
* 0x00905100), between 0.9.5 and 0.9.6 the coding of the patch level
|
||||||
|
* part is slightly different, by setting the highest bit. This means
|
||||||
|
* that 0.9.5a looks like this: 0x0090581f. At 0.9.6, we can start
|
||||||
|
* with 0x0090600S...
|
||||||
|
*
|
||||||
|
* (Prior to 0.9.3-dev a different scheme was used: 0.9.2b is 0x0922.)
|
||||||
|
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
|
||||||
|
* major minor fix final patch/beta)
|
||||||
|
*/
|
||||||
|
# define OPENSSL_VERSION_NUMBER 0x1000200fL
|
||||||
|
# ifdef OPENSSL_FIPS
|
||||||
|
# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2-fips 22 Jan 2015"
|
||||||
|
# else
|
||||||
|
# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2 22 Jan 2015"
|
||||||
|
# endif
|
||||||
|
# define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
|
||||||
|
|
||||||
|
/*-
|
||||||
|
* The macros below are to be used for shared library (.so, .dll, ...)
|
||||||
|
* versioning. That kind of versioning works a bit differently between
|
||||||
|
* operating systems. The most usual scheme is to set a major and a minor
|
||||||
|
* number, and have the runtime loader check that the major number is equal
|
||||||
|
* to what it was at application link time, while the minor number has to
|
||||||
|
* be greater or equal to what it was at application link time. With this
|
||||||
|
* scheme, the version number is usually part of the file name, like this:
|
||||||
|
*
|
||||||
|
* libcrypto.so.0.9
|
||||||
|
*
|
||||||
|
* Some unixen also make a softlink with the major verson number only:
|
||||||
|
*
|
||||||
|
* libcrypto.so.0
|
||||||
|
*
|
||||||
|
* On Tru64 and IRIX 6.x it works a little bit differently. There, the
|
||||||
|
* shared library version is stored in the file, and is actually a series
|
||||||
|
* of versions, separated by colons. The rightmost version present in the
|
||||||
|
* library when linking an application is stored in the application to be
|
||||||
|
* matched at run time. When the application is run, a check is done to
|
||||||
|
* see if the library version stored in the application matches any of the
|
||||||
|
* versions in the version string of the library itself.
|
||||||
|
* This version string can be constructed in any way, depending on what
|
||||||
|
* kind of matching is desired. However, to implement the same scheme as
|
||||||
|
* the one used in the other unixen, all compatible versions, from lowest
|
||||||
|
* to highest, should be part of the string. Consecutive builds would
|
||||||
|
* give the following versions strings:
|
||||||
|
*
|
||||||
|
* 3.0
|
||||||
|
* 3.0:3.1
|
||||||
|
* 3.0:3.1:3.2
|
||||||
|
* 4.0
|
||||||
|
* 4.0:4.1
|
||||||
|
*
|
||||||
|
* Notice how version 4 is completely incompatible with version, and
|
||||||
|
* therefore give the breach you can see.
|
||||||
|
*
|
||||||
|
* There may be other schemes as well that I haven't yet discovered.
|
||||||
|
*
|
||||||
|
* So, here's the way it works here: first of all, the library version
|
||||||
|
* number doesn't need at all to match the overall OpenSSL version.
|
||||||
|
* However, it's nice and more understandable if it actually does.
|
||||||
|
* The current library version is stored in the macro SHLIB_VERSION_NUMBER,
|
||||||
|
* which is just a piece of text in the format "M.m.e" (Major, minor, edit).
|
||||||
|
* For the sake of Tru64, IRIX, and any other OS that behaves in similar ways,
|
||||||
|
* we need to keep a history of version numbers, which is done in the
|
||||||
|
* macro SHLIB_VERSION_HISTORY. The numbers are separated by colons and
|
||||||
|
* should only keep the versions that are binary compatible with the current.
|
||||||
|
*/
|
||||||
|
# define SHLIB_VERSION_HISTORY ""
|
||||||
|
# define SHLIB_VERSION_NUMBER "1.0.0"
|
||||||
|
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif /* HEADER_OPENSSLV_H */
|
|
@ -0,0 +1,211 @@
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* openssl-core@openssl.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_OPENSSL_TYPES_H
|
||||||
|
# define HEADER_OPENSSL_TYPES_H
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
# include <openssl/e_os2.h>
|
||||||
|
|
||||||
|
# ifdef NO_ASN1_TYPEDEFS
|
||||||
|
# define ASN1_INTEGER ASN1_STRING
|
||||||
|
# define ASN1_ENUMERATED ASN1_STRING
|
||||||
|
# define ASN1_BIT_STRING ASN1_STRING
|
||||||
|
# define ASN1_OCTET_STRING ASN1_STRING
|
||||||
|
# define ASN1_PRINTABLESTRING ASN1_STRING
|
||||||
|
# define ASN1_T61STRING ASN1_STRING
|
||||||
|
# define ASN1_IA5STRING ASN1_STRING
|
||||||
|
# define ASN1_UTCTIME ASN1_STRING
|
||||||
|
# define ASN1_GENERALIZEDTIME ASN1_STRING
|
||||||
|
# define ASN1_TIME ASN1_STRING
|
||||||
|
# define ASN1_GENERALSTRING ASN1_STRING
|
||||||
|
# define ASN1_UNIVERSALSTRING ASN1_STRING
|
||||||
|
# define ASN1_BMPSTRING ASN1_STRING
|
||||||
|
# define ASN1_VISIBLESTRING ASN1_STRING
|
||||||
|
# define ASN1_UTF8STRING ASN1_STRING
|
||||||
|
# define ASN1_BOOLEAN int
|
||||||
|
# define ASN1_NULL int
|
||||||
|
# else
|
||||||
|
typedef struct asn1_string_st ASN1_INTEGER;
|
||||||
|
typedef struct asn1_string_st ASN1_ENUMERATED;
|
||||||
|
typedef struct asn1_string_st ASN1_BIT_STRING;
|
||||||
|
typedef struct asn1_string_st ASN1_OCTET_STRING;
|
||||||
|
typedef struct asn1_string_st ASN1_PRINTABLESTRING;
|
||||||
|
typedef struct asn1_string_st ASN1_T61STRING;
|
||||||
|
typedef struct asn1_string_st ASN1_IA5STRING;
|
||||||
|
typedef struct asn1_string_st ASN1_GENERALSTRING;
|
||||||
|
typedef struct asn1_string_st ASN1_UNIVERSALSTRING;
|
||||||
|
typedef struct asn1_string_st ASN1_BMPSTRING;
|
||||||
|
typedef struct asn1_string_st ASN1_UTCTIME;
|
||||||
|
typedef struct asn1_string_st ASN1_TIME;
|
||||||
|
typedef struct asn1_string_st ASN1_GENERALIZEDTIME;
|
||||||
|
typedef struct asn1_string_st ASN1_VISIBLESTRING;
|
||||||
|
typedef struct asn1_string_st ASN1_UTF8STRING;
|
||||||
|
typedef struct asn1_string_st ASN1_STRING;
|
||||||
|
typedef int ASN1_BOOLEAN;
|
||||||
|
typedef int ASN1_NULL;
|
||||||
|
# endif
|
||||||
|
|
||||||
|
typedef struct asn1_object_st ASN1_OBJECT;
|
||||||
|
|
||||||
|
typedef struct ASN1_ITEM_st ASN1_ITEM;
|
||||||
|
typedef struct asn1_pctx_st ASN1_PCTX;
|
||||||
|
|
||||||
|
# ifdef OPENSSL_SYS_WIN32
|
||||||
|
# undef X509_NAME
|
||||||
|
# undef X509_EXTENSIONS
|
||||||
|
# undef X509_CERT_PAIR
|
||||||
|
# undef PKCS7_ISSUER_AND_SERIAL
|
||||||
|
# undef OCSP_REQUEST
|
||||||
|
# undef OCSP_RESPONSE
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifdef BIGNUM
|
||||||
|
# undef BIGNUM
|
||||||
|
# endif
|
||||||
|
typedef struct bignum_st BIGNUM;
|
||||||
|
typedef struct bignum_ctx BN_CTX;
|
||||||
|
typedef struct bn_blinding_st BN_BLINDING;
|
||||||
|
typedef struct bn_mont_ctx_st BN_MONT_CTX;
|
||||||
|
typedef struct bn_recp_ctx_st BN_RECP_CTX;
|
||||||
|
typedef struct bn_gencb_st BN_GENCB;
|
||||||
|
|
||||||
|
typedef struct buf_mem_st BUF_MEM;
|
||||||
|
|
||||||
|
typedef struct evp_cipher_st EVP_CIPHER;
|
||||||
|
typedef struct evp_cipher_ctx_st EVP_CIPHER_CTX;
|
||||||
|
typedef struct env_md_st EVP_MD;
|
||||||
|
typedef struct env_md_ctx_st EVP_MD_CTX;
|
||||||
|
typedef struct evp_pkey_st EVP_PKEY;
|
||||||
|
|
||||||
|
typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
|
||||||
|
|
||||||
|
typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
|
||||||
|
typedef struct evp_pkey_ctx_st EVP_PKEY_CTX;
|
||||||
|
|
||||||
|
typedef struct dh_st DH;
|
||||||
|
typedef struct dh_method DH_METHOD;
|
||||||
|
|
||||||
|
typedef struct dsa_st DSA;
|
||||||
|
typedef struct dsa_method DSA_METHOD;
|
||||||
|
|
||||||
|
typedef struct rsa_st RSA;
|
||||||
|
typedef struct rsa_meth_st RSA_METHOD;
|
||||||
|
|
||||||
|
typedef struct rand_meth_st RAND_METHOD;
|
||||||
|
|
||||||
|
typedef struct ecdh_method ECDH_METHOD;
|
||||||
|
typedef struct ecdsa_method ECDSA_METHOD;
|
||||||
|
|
||||||
|
typedef struct x509_st X509;
|
||||||
|
typedef struct X509_algor_st X509_ALGOR;
|
||||||
|
typedef struct X509_crl_st X509_CRL;
|
||||||
|
typedef struct x509_crl_method_st X509_CRL_METHOD;
|
||||||
|
typedef struct x509_revoked_st X509_REVOKED;
|
||||||
|
typedef struct X509_name_st X509_NAME;
|
||||||
|
typedef struct X509_pubkey_st X509_PUBKEY;
|
||||||
|
typedef struct x509_store_st X509_STORE;
|
||||||
|
typedef struct x509_store_ctx_st X509_STORE_CTX;
|
||||||
|
|
||||||
|
typedef struct pkcs8_priv_key_info_st PKCS8_PRIV_KEY_INFO;
|
||||||
|
|
||||||
|
typedef struct v3_ext_ctx X509V3_CTX;
|
||||||
|
typedef struct conf_st CONF;
|
||||||
|
|
||||||
|
typedef struct store_st STORE;
|
||||||
|
typedef struct store_method_st STORE_METHOD;
|
||||||
|
|
||||||
|
typedef struct ui_st UI;
|
||||||
|
typedef struct ui_method_st UI_METHOD;
|
||||||
|
|
||||||
|
typedef struct st_ERR_FNS ERR_FNS;
|
||||||
|
|
||||||
|
typedef struct engine_st ENGINE;
|
||||||
|
typedef struct ssl_st SSL;
|
||||||
|
typedef struct ssl_ctx_st SSL_CTX;
|
||||||
|
|
||||||
|
typedef struct X509_POLICY_NODE_st X509_POLICY_NODE;
|
||||||
|
typedef struct X509_POLICY_LEVEL_st X509_POLICY_LEVEL;
|
||||||
|
typedef struct X509_POLICY_TREE_st X509_POLICY_TREE;
|
||||||
|
typedef struct X509_POLICY_CACHE_st X509_POLICY_CACHE;
|
||||||
|
|
||||||
|
typedef struct AUTHORITY_KEYID_st AUTHORITY_KEYID;
|
||||||
|
typedef struct DIST_POINT_st DIST_POINT;
|
||||||
|
typedef struct ISSUING_DIST_POINT_st ISSUING_DIST_POINT;
|
||||||
|
typedef struct NAME_CONSTRAINTS_st NAME_CONSTRAINTS;
|
||||||
|
|
||||||
|
/* If placed in pkcs12.h, we end up with a circular depency with pkcs7.h */
|
||||||
|
# define DECLARE_PKCS12_STACK_OF(type)/* Nothing */
|
||||||
|
# define IMPLEMENT_PKCS12_STACK_OF(type)/* Nothing */
|
||||||
|
|
||||||
|
typedef struct crypto_ex_data_st CRYPTO_EX_DATA;
|
||||||
|
/* Callback types for crypto.h */
|
||||||
|
typedef int CRYPTO_EX_new (void *parent, void *ptr, CRYPTO_EX_DATA *ad,
|
||||||
|
int idx, long argl, void *argp);
|
||||||
|
typedef void CRYPTO_EX_free (void *parent, void *ptr, CRYPTO_EX_DATA *ad,
|
||||||
|
int idx, long argl, void *argp);
|
||||||
|
typedef int CRYPTO_EX_dup (CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from,
|
||||||
|
void *from_d, int idx, long argl, void *argp);
|
||||||
|
|
||||||
|
typedef struct ocsp_req_ctx_st OCSP_REQ_CTX;
|
||||||
|
typedef struct ocsp_response_st OCSP_RESPONSE;
|
||||||
|
typedef struct ocsp_responder_id_st OCSP_RESPID;
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif /* def HEADER_OPENSSL_TYPES_H */
|
|
@ -0,0 +1,615 @@
|
||||||
|
/* crypto/pem/pem.h */
|
||||||
|
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_PEM_H
|
||||||
|
# define HEADER_PEM_H
|
||||||
|
|
||||||
|
# include <openssl/e_os2.h>
|
||||||
|
# ifndef OPENSSL_NO_BIO
|
||||||
|
# include <openssl/bio.h>
|
||||||
|
# endif
|
||||||
|
# ifndef OPENSSL_NO_STACK
|
||||||
|
# include <openssl/stack.h>
|
||||||
|
# endif
|
||||||
|
# include <openssl/evp.h>
|
||||||
|
# include <openssl/x509.h>
|
||||||
|
# include <openssl/pem2.h>
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
# define PEM_BUFSIZE 1024
|
||||||
|
|
||||||
|
# define PEM_OBJ_UNDEF 0
|
||||||
|
# define PEM_OBJ_X509 1
|
||||||
|
# define PEM_OBJ_X509_REQ 2
|
||||||
|
# define PEM_OBJ_CRL 3
|
||||||
|
# define PEM_OBJ_SSL_SESSION 4
|
||||||
|
# define PEM_OBJ_PRIV_KEY 10
|
||||||
|
# define PEM_OBJ_PRIV_RSA 11
|
||||||
|
# define PEM_OBJ_PRIV_DSA 12
|
||||||
|
# define PEM_OBJ_PRIV_DH 13
|
||||||
|
# define PEM_OBJ_PUB_RSA 14
|
||||||
|
# define PEM_OBJ_PUB_DSA 15
|
||||||
|
# define PEM_OBJ_PUB_DH 16
|
||||||
|
# define PEM_OBJ_DHPARAMS 17
|
||||||
|
# define PEM_OBJ_DSAPARAMS 18
|
||||||
|
# define PEM_OBJ_PRIV_RSA_PUBLIC 19
|
||||||
|
# define PEM_OBJ_PRIV_ECDSA 20
|
||||||
|
# define PEM_OBJ_PUB_ECDSA 21
|
||||||
|
# define PEM_OBJ_ECPARAMETERS 22
|
||||||
|
|
||||||
|
# define PEM_ERROR 30
|
||||||
|
# define PEM_DEK_DES_CBC 40
|
||||||
|
# define PEM_DEK_IDEA_CBC 45
|
||||||
|
# define PEM_DEK_DES_EDE 50
|
||||||
|
# define PEM_DEK_DES_ECB 60
|
||||||
|
# define PEM_DEK_RSA 70
|
||||||
|
# define PEM_DEK_RSA_MD2 80
|
||||||
|
# define PEM_DEK_RSA_MD5 90
|
||||||
|
|
||||||
|
# define PEM_MD_MD2 NID_md2
|
||||||
|
# define PEM_MD_MD5 NID_md5
|
||||||
|
# define PEM_MD_SHA NID_sha
|
||||||
|
# define PEM_MD_MD2_RSA NID_md2WithRSAEncryption
|
||||||
|
# define PEM_MD_MD5_RSA NID_md5WithRSAEncryption
|
||||||
|
# define PEM_MD_SHA_RSA NID_sha1WithRSAEncryption
|
||||||
|
|
||||||
|
# define PEM_STRING_X509_OLD "X509 CERTIFICATE"
|
||||||
|
# define PEM_STRING_X509 "CERTIFICATE"
|
||||||
|
# define PEM_STRING_X509_PAIR "CERTIFICATE PAIR"
|
||||||
|
# define PEM_STRING_X509_TRUSTED "TRUSTED CERTIFICATE"
|
||||||
|
# define PEM_STRING_X509_REQ_OLD "NEW CERTIFICATE REQUEST"
|
||||||
|
# define PEM_STRING_X509_REQ "CERTIFICATE REQUEST"
|
||||||
|
# define PEM_STRING_X509_CRL "X509 CRL"
|
||||||
|
# define PEM_STRING_EVP_PKEY "ANY PRIVATE KEY"
|
||||||
|
# define PEM_STRING_PUBLIC "PUBLIC KEY"
|
||||||
|
# define PEM_STRING_RSA "RSA PRIVATE KEY"
|
||||||
|
# define PEM_STRING_RSA_PUBLIC "RSA PUBLIC KEY"
|
||||||
|
# define PEM_STRING_DSA "DSA PRIVATE KEY"
|
||||||
|
# define PEM_STRING_DSA_PUBLIC "DSA PUBLIC KEY"
|
||||||
|
# define PEM_STRING_PKCS7 "PKCS7"
|
||||||
|
# define PEM_STRING_PKCS7_SIGNED "PKCS #7 SIGNED DATA"
|
||||||
|
# define PEM_STRING_PKCS8 "ENCRYPTED PRIVATE KEY"
|
||||||
|
# define PEM_STRING_PKCS8INF "PRIVATE KEY"
|
||||||
|
# define PEM_STRING_DHPARAMS "DH PARAMETERS"
|
||||||
|
# define PEM_STRING_DHXPARAMS "X9.42 DH PARAMETERS"
|
||||||
|
# define PEM_STRING_SSL_SESSION "SSL SESSION PARAMETERS"
|
||||||
|
# define PEM_STRING_DSAPARAMS "DSA PARAMETERS"
|
||||||
|
# define PEM_STRING_ECDSA_PUBLIC "ECDSA PUBLIC KEY"
|
||||||
|
# define PEM_STRING_ECPARAMETERS "EC PARAMETERS"
|
||||||
|
# define PEM_STRING_ECPRIVATEKEY "EC PRIVATE KEY"
|
||||||
|
# define PEM_STRING_PARAMETERS "PARAMETERS"
|
||||||
|
# define PEM_STRING_CMS "CMS"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Note that this structure is initialised by PEM_SealInit and cleaned up
|
||||||
|
* by PEM_SealFinal (at least for now)
|
||||||
|
*/
|
||||||
|
typedef struct PEM_Encode_Seal_st {
|
||||||
|
EVP_ENCODE_CTX encode;
|
||||||
|
EVP_MD_CTX md;
|
||||||
|
EVP_CIPHER_CTX cipher;
|
||||||
|
} PEM_ENCODE_SEAL_CTX;
|
||||||
|
|
||||||
|
/* enc_type is one off */
|
||||||
|
# define PEM_TYPE_ENCRYPTED 10
|
||||||
|
# define PEM_TYPE_MIC_ONLY 20
|
||||||
|
# define PEM_TYPE_MIC_CLEAR 30
|
||||||
|
# define PEM_TYPE_CLEAR 40
|
||||||
|
|
||||||
|
typedef struct pem_recip_st {
|
||||||
|
char *name;
|
||||||
|
X509_NAME *dn;
|
||||||
|
int cipher;
|
||||||
|
int key_enc;
|
||||||
|
/* char iv[8]; unused and wrong size */
|
||||||
|
} PEM_USER;
|
||||||
|
|
||||||
|
typedef struct pem_ctx_st {
|
||||||
|
int type; /* what type of object */
|
||||||
|
struct {
|
||||||
|
int version;
|
||||||
|
int mode;
|
||||||
|
} proc_type;
|
||||||
|
|
||||||
|
char *domain;
|
||||||
|
|
||||||
|
struct {
|
||||||
|
int cipher;
|
||||||
|
/*-
|
||||||
|
unused, and wrong size
|
||||||
|
unsigned char iv[8]; */
|
||||||
|
} DEK_info;
|
||||||
|
|
||||||
|
PEM_USER *originator;
|
||||||
|
|
||||||
|
int num_recipient;
|
||||||
|
PEM_USER **recipient;
|
||||||
|
/*-
|
||||||
|
XXX(ben): don#t think this is used!
|
||||||
|
STACK *x509_chain; / * certificate chain */
|
||||||
|
EVP_MD *md; /* signature type */
|
||||||
|
|
||||||
|
int md_enc; /* is the md encrypted or not? */
|
||||||
|
int md_len; /* length of md_data */
|
||||||
|
char *md_data; /* message digest, could be pkey encrypted */
|
||||||
|
|
||||||
|
EVP_CIPHER *dec; /* date encryption cipher */
|
||||||
|
int key_len; /* key length */
|
||||||
|
unsigned char *key; /* key */
|
||||||
|
/*-
|
||||||
|
unused, and wrong size
|
||||||
|
unsigned char iv[8]; */
|
||||||
|
|
||||||
|
int data_enc; /* is the data encrypted */
|
||||||
|
int data_len;
|
||||||
|
unsigned char *data;
|
||||||
|
} PEM_CTX;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* These macros make the PEM_read/PEM_write functions easier to maintain and
|
||||||
|
* write. Now they are all implemented with either: IMPLEMENT_PEM_rw(...) or
|
||||||
|
* IMPLEMENT_PEM_rw_cb(...)
|
||||||
|
*/
|
||||||
|
|
||||||
|
# ifdef OPENSSL_NO_FP_API
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_read_fp(name, type, str, asn1) /**/
|
||||||
|
# define IMPLEMENT_PEM_write_fp(name, type, str, asn1) /**/
|
||||||
|
# define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) /**/
|
||||||
|
# define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) /**/
|
||||||
|
# define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) /**/
|
||||||
|
# else
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \
|
||||||
|
type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u)\
|
||||||
|
{ \
|
||||||
|
return PEM_ASN1_read((d2i_of_void *)d2i_##asn1, str,fp,(void **)x,cb,u); \
|
||||||
|
}
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \
|
||||||
|
int PEM_write_##name(FILE *fp, type *x) \
|
||||||
|
{ \
|
||||||
|
return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,NULL,NULL,0,NULL,NULL); \
|
||||||
|
}
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) \
|
||||||
|
int PEM_write_##name(FILE *fp, const type *x) \
|
||||||
|
{ \
|
||||||
|
return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,(void *)x,NULL,NULL,0,NULL,NULL); \
|
||||||
|
}
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \
|
||||||
|
int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
|
||||||
|
unsigned char *kstr, int klen, pem_password_cb *cb, \
|
||||||
|
void *u) \
|
||||||
|
{ \
|
||||||
|
return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \
|
||||||
|
}
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) \
|
||||||
|
int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
|
||||||
|
unsigned char *kstr, int klen, pem_password_cb *cb, \
|
||||||
|
void *u) \
|
||||||
|
{ \
|
||||||
|
return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \
|
||||||
|
}
|
||||||
|
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
|
||||||
|
type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u)\
|
||||||
|
{ \
|
||||||
|
return PEM_ASN1_read_bio((d2i_of_void *)d2i_##asn1, str,bp,(void **)x,cb,u); \
|
||||||
|
}
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
|
||||||
|
int PEM_write_bio_##name(BIO *bp, type *x) \
|
||||||
|
{ \
|
||||||
|
return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,NULL,NULL,0,NULL,NULL); \
|
||||||
|
}
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \
|
||||||
|
int PEM_write_bio_##name(BIO *bp, const type *x) \
|
||||||
|
{ \
|
||||||
|
return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,NULL,NULL,0,NULL,NULL); \
|
||||||
|
}
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
|
||||||
|
int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
|
||||||
|
unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
|
||||||
|
{ \
|
||||||
|
return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,enc,kstr,klen,cb,u); \
|
||||||
|
}
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \
|
||||||
|
int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
|
||||||
|
unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
|
||||||
|
{ \
|
||||||
|
return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,enc,kstr,klen,cb,u); \
|
||||||
|
}
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_write(name, type, str, asn1) \
|
||||||
|
IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
|
||||||
|
IMPLEMENT_PEM_write_fp(name, type, str, asn1)
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_write_const(name, type, str, asn1) \
|
||||||
|
IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \
|
||||||
|
IMPLEMENT_PEM_write_fp_const(name, type, str, asn1)
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_write_cb(name, type, str, asn1) \
|
||||||
|
IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
|
||||||
|
IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1)
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_write_cb_const(name, type, str, asn1) \
|
||||||
|
IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \
|
||||||
|
IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1)
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_read(name, type, str, asn1) \
|
||||||
|
IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
|
||||||
|
IMPLEMENT_PEM_read_fp(name, type, str, asn1)
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_rw(name, type, str, asn1) \
|
||||||
|
IMPLEMENT_PEM_read(name, type, str, asn1) \
|
||||||
|
IMPLEMENT_PEM_write(name, type, str, asn1)
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_rw_const(name, type, str, asn1) \
|
||||||
|
IMPLEMENT_PEM_read(name, type, str, asn1) \
|
||||||
|
IMPLEMENT_PEM_write_const(name, type, str, asn1)
|
||||||
|
|
||||||
|
# define IMPLEMENT_PEM_rw_cb(name, type, str, asn1) \
|
||||||
|
IMPLEMENT_PEM_read(name, type, str, asn1) \
|
||||||
|
IMPLEMENT_PEM_write_cb(name, type, str, asn1)
|
||||||
|
|
||||||
|
/* These are the same except they are for the declarations */
|
||||||
|
|
||||||
|
# if defined(OPENSSL_NO_FP_API)
|
||||||
|
|
||||||
|
# define DECLARE_PEM_read_fp(name, type) /**/
|
||||||
|
# define DECLARE_PEM_write_fp(name, type) /**/
|
||||||
|
# define DECLARE_PEM_write_cb_fp(name, type) /**/
|
||||||
|
# else
|
||||||
|
|
||||||
|
# define DECLARE_PEM_read_fp(name, type) \
|
||||||
|
type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u);
|
||||||
|
|
||||||
|
# define DECLARE_PEM_write_fp(name, type) \
|
||||||
|
int PEM_write_##name(FILE *fp, type *x);
|
||||||
|
|
||||||
|
# define DECLARE_PEM_write_fp_const(name, type) \
|
||||||
|
int PEM_write_##name(FILE *fp, const type *x);
|
||||||
|
|
||||||
|
# define DECLARE_PEM_write_cb_fp(name, type) \
|
||||||
|
int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
|
||||||
|
unsigned char *kstr, int klen, pem_password_cb *cb, void *u);
|
||||||
|
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_BIO
|
||||||
|
# define DECLARE_PEM_read_bio(name, type) \
|
||||||
|
type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u);
|
||||||
|
|
||||||
|
# define DECLARE_PEM_write_bio(name, type) \
|
||||||
|
int PEM_write_bio_##name(BIO *bp, type *x);
|
||||||
|
|
||||||
|
# define DECLARE_PEM_write_bio_const(name, type) \
|
||||||
|
int PEM_write_bio_##name(BIO *bp, const type *x);
|
||||||
|
|
||||||
|
# define DECLARE_PEM_write_cb_bio(name, type) \
|
||||||
|
int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
|
||||||
|
unsigned char *kstr, int klen, pem_password_cb *cb, void *u);
|
||||||
|
|
||||||
|
# else
|
||||||
|
|
||||||
|
# define DECLARE_PEM_read_bio(name, type) /**/
|
||||||
|
# define DECLARE_PEM_write_bio(name, type) /**/
|
||||||
|
# define DECLARE_PEM_write_bio_const(name, type) /**/
|
||||||
|
# define DECLARE_PEM_write_cb_bio(name, type) /**/
|
||||||
|
# endif
|
||||||
|
# define DECLARE_PEM_write(name, type) \
|
||||||
|
DECLARE_PEM_write_bio(name, type) \
|
||||||
|
DECLARE_PEM_write_fp(name, type)
|
||||||
|
# define DECLARE_PEM_write_const(name, type) \
|
||||||
|
DECLARE_PEM_write_bio_const(name, type) \
|
||||||
|
DECLARE_PEM_write_fp_const(name, type)
|
||||||
|
# define DECLARE_PEM_write_cb(name, type) \
|
||||||
|
DECLARE_PEM_write_cb_bio(name, type) \
|
||||||
|
DECLARE_PEM_write_cb_fp(name, type)
|
||||||
|
# define DECLARE_PEM_read(name, type) \
|
||||||
|
DECLARE_PEM_read_bio(name, type) \
|
||||||
|
DECLARE_PEM_read_fp(name, type)
|
||||||
|
# define DECLARE_PEM_rw(name, type) \
|
||||||
|
DECLARE_PEM_read(name, type) \
|
||||||
|
DECLARE_PEM_write(name, type)
|
||||||
|
# define DECLARE_PEM_rw_const(name, type) \
|
||||||
|
DECLARE_PEM_read(name, type) \
|
||||||
|
DECLARE_PEM_write_const(name, type)
|
||||||
|
# define DECLARE_PEM_rw_cb(name, type) \
|
||||||
|
DECLARE_PEM_read(name, type) \
|
||||||
|
DECLARE_PEM_write_cb(name, type)
|
||||||
|
# if 1
|
||||||
|
/* "userdata": new with OpenSSL 0.9.4 */
|
||||||
|
typedef int pem_password_cb (char *buf, int size, int rwflag, void *userdata);
|
||||||
|
# else
|
||||||
|
/* OpenSSL 0.9.3, 0.9.3a */
|
||||||
|
typedef int pem_password_cb (char *buf, int size, int rwflag);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher);
|
||||||
|
int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *len,
|
||||||
|
pem_password_cb *callback, void *u);
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_BIO
|
||||||
|
int PEM_read_bio(BIO *bp, char **name, char **header,
|
||||||
|
unsigned char **data, long *len);
|
||||||
|
int PEM_write_bio(BIO *bp, const char *name, const char *hdr,
|
||||||
|
const unsigned char *data, long len);
|
||||||
|
int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm,
|
||||||
|
const char *name, BIO *bp, pem_password_cb *cb,
|
||||||
|
void *u);
|
||||||
|
void *PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp, void **x,
|
||||||
|
pem_password_cb *cb, void *u);
|
||||||
|
int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x,
|
||||||
|
const EVP_CIPHER *enc, unsigned char *kstr, int klen,
|
||||||
|
pem_password_cb *cb, void *u);
|
||||||
|
|
||||||
|
STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk,
|
||||||
|
pem_password_cb *cb, void *u);
|
||||||
|
int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
|
||||||
|
unsigned char *kstr, int klen,
|
||||||
|
pem_password_cb *cd, void *u);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
int PEM_read(FILE *fp, char **name, char **header,
|
||||||
|
unsigned char **data, long *len);
|
||||||
|
int PEM_write(FILE *fp, const char *name, const char *hdr,
|
||||||
|
const unsigned char *data, long len);
|
||||||
|
void *PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x,
|
||||||
|
pem_password_cb *cb, void *u);
|
||||||
|
int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp,
|
||||||
|
void *x, const EVP_CIPHER *enc, unsigned char *kstr,
|
||||||
|
int klen, pem_password_cb *callback, void *u);
|
||||||
|
STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk,
|
||||||
|
pem_password_cb *cb, void *u);
|
||||||
|
|
||||||
|
int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type,
|
||||||
|
EVP_MD *md_type, unsigned char **ek, int *ekl,
|
||||||
|
unsigned char *iv, EVP_PKEY **pubk, int npubk);
|
||||||
|
void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
|
||||||
|
unsigned char *in, int inl);
|
||||||
|
int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
|
||||||
|
unsigned char *out, int *outl, EVP_PKEY *priv);
|
||||||
|
|
||||||
|
void PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type);
|
||||||
|
void PEM_SignUpdate(EVP_MD_CTX *ctx, unsigned char *d, unsigned int cnt);
|
||||||
|
int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
|
||||||
|
unsigned int *siglen, EVP_PKEY *pkey);
|
||||||
|
|
||||||
|
int PEM_def_callback(char *buf, int num, int w, void *key);
|
||||||
|
void PEM_proc_type(char *buf, int type);
|
||||||
|
void PEM_dek_info(char *buf, const char *type, int len, char *str);
|
||||||
|
|
||||||
|
# include <openssl/symhacks.h>
|
||||||
|
|
||||||
|
DECLARE_PEM_rw(X509, X509)
|
||||||
|
DECLARE_PEM_rw(X509_AUX, X509)
|
||||||
|
DECLARE_PEM_rw(X509_CERT_PAIR, X509_CERT_PAIR)
|
||||||
|
DECLARE_PEM_rw(X509_REQ, X509_REQ)
|
||||||
|
DECLARE_PEM_write(X509_REQ_NEW, X509_REQ)
|
||||||
|
DECLARE_PEM_rw(X509_CRL, X509_CRL)
|
||||||
|
DECLARE_PEM_rw(PKCS7, PKCS7)
|
||||||
|
DECLARE_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE)
|
||||||
|
DECLARE_PEM_rw(PKCS8, X509_SIG)
|
||||||
|
DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO)
|
||||||
|
# ifndef OPENSSL_NO_RSA
|
||||||
|
DECLARE_PEM_rw_cb(RSAPrivateKey, RSA)
|
||||||
|
DECLARE_PEM_rw_const(RSAPublicKey, RSA)
|
||||||
|
DECLARE_PEM_rw(RSA_PUBKEY, RSA)
|
||||||
|
# endif
|
||||||
|
# ifndef OPENSSL_NO_DSA
|
||||||
|
DECLARE_PEM_rw_cb(DSAPrivateKey, DSA)
|
||||||
|
DECLARE_PEM_rw(DSA_PUBKEY, DSA)
|
||||||
|
DECLARE_PEM_rw_const(DSAparams, DSA)
|
||||||
|
# endif
|
||||||
|
# ifndef OPENSSL_NO_EC
|
||||||
|
DECLARE_PEM_rw_const(ECPKParameters, EC_GROUP)
|
||||||
|
DECLARE_PEM_rw_cb(ECPrivateKey, EC_KEY)
|
||||||
|
DECLARE_PEM_rw(EC_PUBKEY, EC_KEY)
|
||||||
|
# endif
|
||||||
|
# ifndef OPENSSL_NO_DH
|
||||||
|
DECLARE_PEM_rw_const(DHparams, DH)
|
||||||
|
DECLARE_PEM_write_const(DHxparams, DH)
|
||||||
|
# endif
|
||||||
|
DECLARE_PEM_rw_cb(PrivateKey, EVP_PKEY)
|
||||||
|
DECLARE_PEM_rw(PUBKEY, EVP_PKEY)
|
||||||
|
|
||||||
|
int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
|
||||||
|
char *kstr, int klen,
|
||||||
|
pem_password_cb *cb, void *u);
|
||||||
|
int PEM_write_bio_PKCS8PrivateKey(BIO *, EVP_PKEY *, const EVP_CIPHER *,
|
||||||
|
char *, int, pem_password_cb *, void *);
|
||||||
|
int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
|
||||||
|
char *kstr, int klen,
|
||||||
|
pem_password_cb *cb, void *u);
|
||||||
|
int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
|
||||||
|
char *kstr, int klen,
|
||||||
|
pem_password_cb *cb, void *u);
|
||||||
|
EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
|
||||||
|
void *u);
|
||||||
|
|
||||||
|
int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
|
||||||
|
char *kstr, int klen,
|
||||||
|
pem_password_cb *cb, void *u);
|
||||||
|
int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid,
|
||||||
|
char *kstr, int klen,
|
||||||
|
pem_password_cb *cb, void *u);
|
||||||
|
int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
|
||||||
|
char *kstr, int klen,
|
||||||
|
pem_password_cb *cb, void *u);
|
||||||
|
|
||||||
|
EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb,
|
||||||
|
void *u);
|
||||||
|
|
||||||
|
int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
|
||||||
|
char *kstr, int klen, pem_password_cb *cd,
|
||||||
|
void *u);
|
||||||
|
|
||||||
|
EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x);
|
||||||
|
int PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x);
|
||||||
|
|
||||||
|
EVP_PKEY *b2i_PrivateKey(const unsigned char **in, long length);
|
||||||
|
EVP_PKEY *b2i_PublicKey(const unsigned char **in, long length);
|
||||||
|
EVP_PKEY *b2i_PrivateKey_bio(BIO *in);
|
||||||
|
EVP_PKEY *b2i_PublicKey_bio(BIO *in);
|
||||||
|
int i2b_PrivateKey_bio(BIO *out, EVP_PKEY *pk);
|
||||||
|
int i2b_PublicKey_bio(BIO *out, EVP_PKEY *pk);
|
||||||
|
# ifndef OPENSSL_NO_RC4
|
||||||
|
EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u);
|
||||||
|
int i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel,
|
||||||
|
pem_password_cb *cb, void *u);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* BEGIN ERROR CODES */
|
||||||
|
/*
|
||||||
|
* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||||
|
* made after this point may be overwritten when the script is next run.
|
||||||
|
*/
|
||||||
|
void ERR_load_PEM_strings(void);
|
||||||
|
|
||||||
|
/* Error codes for the PEM functions. */
|
||||||
|
|
||||||
|
/* Function codes. */
|
||||||
|
# define PEM_F_B2I_DSS 127
|
||||||
|
# define PEM_F_B2I_PVK_BIO 128
|
||||||
|
# define PEM_F_B2I_RSA 129
|
||||||
|
# define PEM_F_CHECK_BITLEN_DSA 130
|
||||||
|
# define PEM_F_CHECK_BITLEN_RSA 131
|
||||||
|
# define PEM_F_D2I_PKCS8PRIVATEKEY_BIO 120
|
||||||
|
# define PEM_F_D2I_PKCS8PRIVATEKEY_FP 121
|
||||||
|
# define PEM_F_DO_B2I 132
|
||||||
|
# define PEM_F_DO_B2I_BIO 133
|
||||||
|
# define PEM_F_DO_BLOB_HEADER 134
|
||||||
|
# define PEM_F_DO_PK8PKEY 126
|
||||||
|
# define PEM_F_DO_PK8PKEY_FP 125
|
||||||
|
# define PEM_F_DO_PVK_BODY 135
|
||||||
|
# define PEM_F_DO_PVK_HEADER 136
|
||||||
|
# define PEM_F_I2B_PVK 137
|
||||||
|
# define PEM_F_I2B_PVK_BIO 138
|
||||||
|
# define PEM_F_LOAD_IV 101
|
||||||
|
# define PEM_F_PEM_ASN1_READ 102
|
||||||
|
# define PEM_F_PEM_ASN1_READ_BIO 103
|
||||||
|
# define PEM_F_PEM_ASN1_WRITE 104
|
||||||
|
# define PEM_F_PEM_ASN1_WRITE_BIO 105
|
||||||
|
# define PEM_F_PEM_DEF_CALLBACK 100
|
||||||
|
# define PEM_F_PEM_DO_HEADER 106
|
||||||
|
# define PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY 118
|
||||||
|
# define PEM_F_PEM_GET_EVP_CIPHER_INFO 107
|
||||||
|
# define PEM_F_PEM_PK8PKEY 119
|
||||||
|
# define PEM_F_PEM_READ 108
|
||||||
|
# define PEM_F_PEM_READ_BIO 109
|
||||||
|
# define PEM_F_PEM_READ_BIO_DHPARAMS 141
|
||||||
|
# define PEM_F_PEM_READ_BIO_PARAMETERS 140
|
||||||
|
# define PEM_F_PEM_READ_BIO_PRIVATEKEY 123
|
||||||
|
# define PEM_F_PEM_READ_DHPARAMS 142
|
||||||
|
# define PEM_F_PEM_READ_PRIVATEKEY 124
|
||||||
|
# define PEM_F_PEM_SEALFINAL 110
|
||||||
|
# define PEM_F_PEM_SEALINIT 111
|
||||||
|
# define PEM_F_PEM_SIGNFINAL 112
|
||||||
|
# define PEM_F_PEM_WRITE 113
|
||||||
|
# define PEM_F_PEM_WRITE_BIO 114
|
||||||
|
# define PEM_F_PEM_WRITE_PRIVATEKEY 139
|
||||||
|
# define PEM_F_PEM_X509_INFO_READ 115
|
||||||
|
# define PEM_F_PEM_X509_INFO_READ_BIO 116
|
||||||
|
# define PEM_F_PEM_X509_INFO_WRITE_BIO 117
|
||||||
|
|
||||||
|
/* Reason codes. */
|
||||||
|
# define PEM_R_BAD_BASE64_DECODE 100
|
||||||
|
# define PEM_R_BAD_DECRYPT 101
|
||||||
|
# define PEM_R_BAD_END_LINE 102
|
||||||
|
# define PEM_R_BAD_IV_CHARS 103
|
||||||
|
# define PEM_R_BAD_MAGIC_NUMBER 116
|
||||||
|
# define PEM_R_BAD_PASSWORD_READ 104
|
||||||
|
# define PEM_R_BAD_VERSION_NUMBER 117
|
||||||
|
# define PEM_R_BIO_WRITE_FAILURE 118
|
||||||
|
# define PEM_R_CIPHER_IS_NULL 127
|
||||||
|
# define PEM_R_ERROR_CONVERTING_PRIVATE_KEY 115
|
||||||
|
# define PEM_R_EXPECTING_PRIVATE_KEY_BLOB 119
|
||||||
|
# define PEM_R_EXPECTING_PUBLIC_KEY_BLOB 120
|
||||||
|
# define PEM_R_INCONSISTENT_HEADER 121
|
||||||
|
# define PEM_R_KEYBLOB_HEADER_PARSE_ERROR 122
|
||||||
|
# define PEM_R_KEYBLOB_TOO_SHORT 123
|
||||||
|
# define PEM_R_NOT_DEK_INFO 105
|
||||||
|
# define PEM_R_NOT_ENCRYPTED 106
|
||||||
|
# define PEM_R_NOT_PROC_TYPE 107
|
||||||
|
# define PEM_R_NO_START_LINE 108
|
||||||
|
# define PEM_R_PROBLEMS_GETTING_PASSWORD 109
|
||||||
|
# define PEM_R_PUBLIC_KEY_NO_RSA 110
|
||||||
|
# define PEM_R_PVK_DATA_TOO_SHORT 124
|
||||||
|
# define PEM_R_PVK_TOO_SHORT 125
|
||||||
|
# define PEM_R_READ_KEY 111
|
||||||
|
# define PEM_R_SHORT_HEADER 112
|
||||||
|
# define PEM_R_UNSUPPORTED_CIPHER 113
|
||||||
|
# define PEM_R_UNSUPPORTED_ENCRYPTION 114
|
||||||
|
# define PEM_R_UNSUPPORTED_KEY_COMPONENTS 126
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
|
@ -0,0 +1,70 @@
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* licensing@OpenSSL.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This header only exists to break a circular dependency between pem and err
|
||||||
|
* Ben 30 Jan 1999.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef HEADER_PEM_H
|
||||||
|
void ERR_load_PEM_strings(void);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
|
@ -0,0 +1,481 @@
|
||||||
|
/* crypto/pkcs7/pkcs7.h */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_PKCS7_H
|
||||||
|
# define HEADER_PKCS7_H
|
||||||
|
|
||||||
|
# include <openssl/asn1.h>
|
||||||
|
# include <openssl/bio.h>
|
||||||
|
# include <openssl/e_os2.h>
|
||||||
|
|
||||||
|
# include <openssl/symhacks.h>
|
||||||
|
# include <openssl/ossl_typ.h>
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
# ifdef OPENSSL_SYS_WIN32
|
||||||
|
/* Under Win32 thes are defined in wincrypt.h */
|
||||||
|
# undef PKCS7_ISSUER_AND_SERIAL
|
||||||
|
# undef PKCS7_SIGNER_INFO
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/*-
|
||||||
|
Encryption_ID DES-CBC
|
||||||
|
Digest_ID MD5
|
||||||
|
Digest_Encryption_ID rsaEncryption
|
||||||
|
Key_Encryption_ID rsaEncryption
|
||||||
|
*/
|
||||||
|
|
||||||
|
typedef struct pkcs7_issuer_and_serial_st {
|
||||||
|
X509_NAME *issuer;
|
||||||
|
ASN1_INTEGER *serial;
|
||||||
|
} PKCS7_ISSUER_AND_SERIAL;
|
||||||
|
|
||||||
|
typedef struct pkcs7_signer_info_st {
|
||||||
|
ASN1_INTEGER *version; /* version 1 */
|
||||||
|
PKCS7_ISSUER_AND_SERIAL *issuer_and_serial;
|
||||||
|
X509_ALGOR *digest_alg;
|
||||||
|
STACK_OF(X509_ATTRIBUTE) *auth_attr; /* [ 0 ] */
|
||||||
|
X509_ALGOR *digest_enc_alg;
|
||||||
|
ASN1_OCTET_STRING *enc_digest;
|
||||||
|
STACK_OF(X509_ATTRIBUTE) *unauth_attr; /* [ 1 ] */
|
||||||
|
/* The private key to sign with */
|
||||||
|
EVP_PKEY *pkey;
|
||||||
|
} PKCS7_SIGNER_INFO;
|
||||||
|
|
||||||
|
DECLARE_STACK_OF(PKCS7_SIGNER_INFO)
|
||||||
|
DECLARE_ASN1_SET_OF(PKCS7_SIGNER_INFO)
|
||||||
|
|
||||||
|
typedef struct pkcs7_recip_info_st {
|
||||||
|
ASN1_INTEGER *version; /* version 0 */
|
||||||
|
PKCS7_ISSUER_AND_SERIAL *issuer_and_serial;
|
||||||
|
X509_ALGOR *key_enc_algor;
|
||||||
|
ASN1_OCTET_STRING *enc_key;
|
||||||
|
X509 *cert; /* get the pub-key from this */
|
||||||
|
} PKCS7_RECIP_INFO;
|
||||||
|
|
||||||
|
DECLARE_STACK_OF(PKCS7_RECIP_INFO)
|
||||||
|
DECLARE_ASN1_SET_OF(PKCS7_RECIP_INFO)
|
||||||
|
|
||||||
|
typedef struct pkcs7_signed_st {
|
||||||
|
ASN1_INTEGER *version; /* version 1 */
|
||||||
|
STACK_OF(X509_ALGOR) *md_algs; /* md used */
|
||||||
|
STACK_OF(X509) *cert; /* [ 0 ] */
|
||||||
|
STACK_OF(X509_CRL) *crl; /* [ 1 ] */
|
||||||
|
STACK_OF(PKCS7_SIGNER_INFO) *signer_info;
|
||||||
|
struct pkcs7_st *contents;
|
||||||
|
} PKCS7_SIGNED;
|
||||||
|
/*
|
||||||
|
* The above structure is very very similar to PKCS7_SIGN_ENVELOPE. How about
|
||||||
|
* merging the two
|
||||||
|
*/
|
||||||
|
|
||||||
|
typedef struct pkcs7_enc_content_st {
|
||||||
|
ASN1_OBJECT *content_type;
|
||||||
|
X509_ALGOR *algorithm;
|
||||||
|
ASN1_OCTET_STRING *enc_data; /* [ 0 ] */
|
||||||
|
const EVP_CIPHER *cipher;
|
||||||
|
} PKCS7_ENC_CONTENT;
|
||||||
|
|
||||||
|
typedef struct pkcs7_enveloped_st {
|
||||||
|
ASN1_INTEGER *version; /* version 0 */
|
||||||
|
STACK_OF(PKCS7_RECIP_INFO) *recipientinfo;
|
||||||
|
PKCS7_ENC_CONTENT *enc_data;
|
||||||
|
} PKCS7_ENVELOPE;
|
||||||
|
|
||||||
|
typedef struct pkcs7_signedandenveloped_st {
|
||||||
|
ASN1_INTEGER *version; /* version 1 */
|
||||||
|
STACK_OF(X509_ALGOR) *md_algs; /* md used */
|
||||||
|
STACK_OF(X509) *cert; /* [ 0 ] */
|
||||||
|
STACK_OF(X509_CRL) *crl; /* [ 1 ] */
|
||||||
|
STACK_OF(PKCS7_SIGNER_INFO) *signer_info;
|
||||||
|
PKCS7_ENC_CONTENT *enc_data;
|
||||||
|
STACK_OF(PKCS7_RECIP_INFO) *recipientinfo;
|
||||||
|
} PKCS7_SIGN_ENVELOPE;
|
||||||
|
|
||||||
|
typedef struct pkcs7_digest_st {
|
||||||
|
ASN1_INTEGER *version; /* version 0 */
|
||||||
|
X509_ALGOR *md; /* md used */
|
||||||
|
struct pkcs7_st *contents;
|
||||||
|
ASN1_OCTET_STRING *digest;
|
||||||
|
} PKCS7_DIGEST;
|
||||||
|
|
||||||
|
typedef struct pkcs7_encrypted_st {
|
||||||
|
ASN1_INTEGER *version; /* version 0 */
|
||||||
|
PKCS7_ENC_CONTENT *enc_data;
|
||||||
|
} PKCS7_ENCRYPT;
|
||||||
|
|
||||||
|
typedef struct pkcs7_st {
|
||||||
|
/*
|
||||||
|
* The following is non NULL if it contains ASN1 encoding of this
|
||||||
|
* structure
|
||||||
|
*/
|
||||||
|
unsigned char *asn1;
|
||||||
|
long length;
|
||||||
|
# define PKCS7_S_HEADER 0
|
||||||
|
# define PKCS7_S_BODY 1
|
||||||
|
# define PKCS7_S_TAIL 2
|
||||||
|
int state; /* used during processing */
|
||||||
|
int detached;
|
||||||
|
ASN1_OBJECT *type;
|
||||||
|
/* content as defined by the type */
|
||||||
|
/*
|
||||||
|
* all encryption/message digests are applied to the 'contents', leaving
|
||||||
|
* out the 'type' field.
|
||||||
|
*/
|
||||||
|
union {
|
||||||
|
char *ptr;
|
||||||
|
/* NID_pkcs7_data */
|
||||||
|
ASN1_OCTET_STRING *data;
|
||||||
|
/* NID_pkcs7_signed */
|
||||||
|
PKCS7_SIGNED *sign;
|
||||||
|
/* NID_pkcs7_enveloped */
|
||||||
|
PKCS7_ENVELOPE *enveloped;
|
||||||
|
/* NID_pkcs7_signedAndEnveloped */
|
||||||
|
PKCS7_SIGN_ENVELOPE *signed_and_enveloped;
|
||||||
|
/* NID_pkcs7_digest */
|
||||||
|
PKCS7_DIGEST *digest;
|
||||||
|
/* NID_pkcs7_encrypted */
|
||||||
|
PKCS7_ENCRYPT *encrypted;
|
||||||
|
/* Anything else */
|
||||||
|
ASN1_TYPE *other;
|
||||||
|
} d;
|
||||||
|
} PKCS7;
|
||||||
|
|
||||||
|
DECLARE_STACK_OF(PKCS7)
|
||||||
|
DECLARE_ASN1_SET_OF(PKCS7)
|
||||||
|
DECLARE_PKCS12_STACK_OF(PKCS7)
|
||||||
|
|
||||||
|
# define PKCS7_OP_SET_DETACHED_SIGNATURE 1
|
||||||
|
# define PKCS7_OP_GET_DETACHED_SIGNATURE 2
|
||||||
|
|
||||||
|
# define PKCS7_get_signed_attributes(si) ((si)->auth_attr)
|
||||||
|
# define PKCS7_get_attributes(si) ((si)->unauth_attr)
|
||||||
|
|
||||||
|
# define PKCS7_type_is_signed(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_signed)
|
||||||
|
# define PKCS7_type_is_encrypted(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_encrypted)
|
||||||
|
# define PKCS7_type_is_enveloped(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_enveloped)
|
||||||
|
# define PKCS7_type_is_signedAndEnveloped(a) \
|
||||||
|
(OBJ_obj2nid((a)->type) == NID_pkcs7_signedAndEnveloped)
|
||||||
|
# define PKCS7_type_is_data(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_data)
|
||||||
|
# define PKCS7_type_is_digest(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_digest)
|
||||||
|
|
||||||
|
# define PKCS7_set_detached(p,v) \
|
||||||
|
PKCS7_ctrl(p,PKCS7_OP_SET_DETACHED_SIGNATURE,v,NULL)
|
||||||
|
# define PKCS7_get_detached(p) \
|
||||||
|
PKCS7_ctrl(p,PKCS7_OP_GET_DETACHED_SIGNATURE,0,NULL)
|
||||||
|
|
||||||
|
# define PKCS7_is_detached(p7) (PKCS7_type_is_signed(p7) && PKCS7_get_detached(p7))
|
||||||
|
|
||||||
|
/* S/MIME related flags */
|
||||||
|
|
||||||
|
# define PKCS7_TEXT 0x1
|
||||||
|
# define PKCS7_NOCERTS 0x2
|
||||||
|
# define PKCS7_NOSIGS 0x4
|
||||||
|
# define PKCS7_NOCHAIN 0x8
|
||||||
|
# define PKCS7_NOINTERN 0x10
|
||||||
|
# define PKCS7_NOVERIFY 0x20
|
||||||
|
# define PKCS7_DETACHED 0x40
|
||||||
|
# define PKCS7_BINARY 0x80
|
||||||
|
# define PKCS7_NOATTR 0x100
|
||||||
|
# define PKCS7_NOSMIMECAP 0x200
|
||||||
|
# define PKCS7_NOOLDMIMETYPE 0x400
|
||||||
|
# define PKCS7_CRLFEOL 0x800
|
||||||
|
# define PKCS7_STREAM 0x1000
|
||||||
|
# define PKCS7_NOCRL 0x2000
|
||||||
|
# define PKCS7_PARTIAL 0x4000
|
||||||
|
# define PKCS7_REUSE_DIGEST 0x8000
|
||||||
|
|
||||||
|
/* Flags: for compatibility with older code */
|
||||||
|
|
||||||
|
# define SMIME_TEXT PKCS7_TEXT
|
||||||
|
# define SMIME_NOCERTS PKCS7_NOCERTS
|
||||||
|
# define SMIME_NOSIGS PKCS7_NOSIGS
|
||||||
|
# define SMIME_NOCHAIN PKCS7_NOCHAIN
|
||||||
|
# define SMIME_NOINTERN PKCS7_NOINTERN
|
||||||
|
# define SMIME_NOVERIFY PKCS7_NOVERIFY
|
||||||
|
# define SMIME_DETACHED PKCS7_DETACHED
|
||||||
|
# define SMIME_BINARY PKCS7_BINARY
|
||||||
|
# define SMIME_NOATTR PKCS7_NOATTR
|
||||||
|
|
||||||
|
DECLARE_ASN1_FUNCTIONS(PKCS7_ISSUER_AND_SERIAL)
|
||||||
|
|
||||||
|
int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,
|
||||||
|
const EVP_MD *type, unsigned char *md,
|
||||||
|
unsigned int *len);
|
||||||
|
# ifndef OPENSSL_NO_FP_API
|
||||||
|
PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7);
|
||||||
|
int i2d_PKCS7_fp(FILE *fp, PKCS7 *p7);
|
||||||
|
# endif
|
||||||
|
PKCS7 *PKCS7_dup(PKCS7 *p7);
|
||||||
|
PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7);
|
||||||
|
int i2d_PKCS7_bio(BIO *bp, PKCS7 *p7);
|
||||||
|
int i2d_PKCS7_bio_stream(BIO *out, PKCS7 *p7, BIO *in, int flags);
|
||||||
|
int PEM_write_bio_PKCS7_stream(BIO *out, PKCS7 *p7, BIO *in, int flags);
|
||||||
|
|
||||||
|
DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNER_INFO)
|
||||||
|
DECLARE_ASN1_FUNCTIONS(PKCS7_RECIP_INFO)
|
||||||
|
DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNED)
|
||||||
|
DECLARE_ASN1_FUNCTIONS(PKCS7_ENC_CONTENT)
|
||||||
|
DECLARE_ASN1_FUNCTIONS(PKCS7_ENVELOPE)
|
||||||
|
DECLARE_ASN1_FUNCTIONS(PKCS7_SIGN_ENVELOPE)
|
||||||
|
DECLARE_ASN1_FUNCTIONS(PKCS7_DIGEST)
|
||||||
|
DECLARE_ASN1_FUNCTIONS(PKCS7_ENCRYPT)
|
||||||
|
DECLARE_ASN1_FUNCTIONS(PKCS7)
|
||||||
|
|
||||||
|
DECLARE_ASN1_ITEM(PKCS7_ATTR_SIGN)
|
||||||
|
DECLARE_ASN1_ITEM(PKCS7_ATTR_VERIFY)
|
||||||
|
|
||||||
|
DECLARE_ASN1_NDEF_FUNCTION(PKCS7)
|
||||||
|
DECLARE_ASN1_PRINT_FUNCTION(PKCS7)
|
||||||
|
|
||||||
|
long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg);
|
||||||
|
|
||||||
|
int PKCS7_set_type(PKCS7 *p7, int type);
|
||||||
|
int PKCS7_set0_type_other(PKCS7 *p7, int type, ASN1_TYPE *other);
|
||||||
|
int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data);
|
||||||
|
int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
|
||||||
|
const EVP_MD *dgst);
|
||||||
|
int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si);
|
||||||
|
int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i);
|
||||||
|
int PKCS7_add_certificate(PKCS7 *p7, X509 *x509);
|
||||||
|
int PKCS7_add_crl(PKCS7 *p7, X509_CRL *x509);
|
||||||
|
int PKCS7_content_new(PKCS7 *p7, int nid);
|
||||||
|
int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx,
|
||||||
|
BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si);
|
||||||
|
int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
|
||||||
|
X509 *x509);
|
||||||
|
|
||||||
|
BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio);
|
||||||
|
int PKCS7_dataFinal(PKCS7 *p7, BIO *bio);
|
||||||
|
BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert);
|
||||||
|
|
||||||
|
PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509,
|
||||||
|
EVP_PKEY *pkey, const EVP_MD *dgst);
|
||||||
|
X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si);
|
||||||
|
int PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md);
|
||||||
|
STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7);
|
||||||
|
|
||||||
|
PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509);
|
||||||
|
void PKCS7_SIGNER_INFO_get0_algs(PKCS7_SIGNER_INFO *si, EVP_PKEY **pk,
|
||||||
|
X509_ALGOR **pdig, X509_ALGOR **psig);
|
||||||
|
void PKCS7_RECIP_INFO_get0_alg(PKCS7_RECIP_INFO *ri, X509_ALGOR **penc);
|
||||||
|
int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri);
|
||||||
|
int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509);
|
||||||
|
int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher);
|
||||||
|
int PKCS7_stream(unsigned char ***boundary, PKCS7 *p7);
|
||||||
|
|
||||||
|
PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx);
|
||||||
|
ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk);
|
||||||
|
int PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int type,
|
||||||
|
void *data);
|
||||||
|
int PKCS7_add_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,
|
||||||
|
void *value);
|
||||||
|
ASN1_TYPE *PKCS7_get_attribute(PKCS7_SIGNER_INFO *si, int nid);
|
||||||
|
ASN1_TYPE *PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO *si, int nid);
|
||||||
|
int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si,
|
||||||
|
STACK_OF(X509_ATTRIBUTE) *sk);
|
||||||
|
int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si,
|
||||||
|
STACK_OF(X509_ATTRIBUTE) *sk);
|
||||||
|
|
||||||
|
PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
|
||||||
|
BIO *data, int flags);
|
||||||
|
|
||||||
|
PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7,
|
||||||
|
X509 *signcert, EVP_PKEY *pkey,
|
||||||
|
const EVP_MD *md, int flags);
|
||||||
|
|
||||||
|
int PKCS7_final(PKCS7 *p7, BIO *data, int flags);
|
||||||
|
int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
|
||||||
|
BIO *indata, BIO *out, int flags);
|
||||||
|
STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs,
|
||||||
|
int flags);
|
||||||
|
PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher,
|
||||||
|
int flags);
|
||||||
|
int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data,
|
||||||
|
int flags);
|
||||||
|
|
||||||
|
int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si,
|
||||||
|
STACK_OF(X509_ALGOR) *cap);
|
||||||
|
STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si);
|
||||||
|
int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg);
|
||||||
|
|
||||||
|
int PKCS7_add_attrib_content_type(PKCS7_SIGNER_INFO *si, ASN1_OBJECT *coid);
|
||||||
|
int PKCS7_add0_attrib_signing_time(PKCS7_SIGNER_INFO *si, ASN1_TIME *t);
|
||||||
|
int PKCS7_add1_attrib_digest(PKCS7_SIGNER_INFO *si,
|
||||||
|
const unsigned char *md, int mdlen);
|
||||||
|
|
||||||
|
int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags);
|
||||||
|
PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont);
|
||||||
|
|
||||||
|
BIO *BIO_new_PKCS7(BIO *out, PKCS7 *p7);
|
||||||
|
|
||||||
|
/* BEGIN ERROR CODES */
|
||||||
|
/*
|
||||||
|
* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||||
|
* made after this point may be overwritten when the script is next run.
|
||||||
|
*/
|
||||||
|
void ERR_load_PKCS7_strings(void);
|
||||||
|
|
||||||
|
/* Error codes for the PKCS7 functions. */
|
||||||
|
|
||||||
|
/* Function codes. */
|
||||||
|
# define PKCS7_F_B64_READ_PKCS7 120
|
||||||
|
# define PKCS7_F_B64_WRITE_PKCS7 121
|
||||||
|
# define PKCS7_F_DO_PKCS7_SIGNED_ATTRIB 136
|
||||||
|
# define PKCS7_F_I2D_PKCS7_BIO_STREAM 140
|
||||||
|
# define PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME 135
|
||||||
|
# define PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP 118
|
||||||
|
# define PKCS7_F_PKCS7_ADD_CERTIFICATE 100
|
||||||
|
# define PKCS7_F_PKCS7_ADD_CRL 101
|
||||||
|
# define PKCS7_F_PKCS7_ADD_RECIPIENT_INFO 102
|
||||||
|
# define PKCS7_F_PKCS7_ADD_SIGNATURE 131
|
||||||
|
# define PKCS7_F_PKCS7_ADD_SIGNER 103
|
||||||
|
# define PKCS7_F_PKCS7_BIO_ADD_DIGEST 125
|
||||||
|
# define PKCS7_F_PKCS7_COPY_EXISTING_DIGEST 138
|
||||||
|
# define PKCS7_F_PKCS7_CTRL 104
|
||||||
|
# define PKCS7_F_PKCS7_DATADECODE 112
|
||||||
|
# define PKCS7_F_PKCS7_DATAFINAL 128
|
||||||
|
# define PKCS7_F_PKCS7_DATAINIT 105
|
||||||
|
# define PKCS7_F_PKCS7_DATASIGN 106
|
||||||
|
# define PKCS7_F_PKCS7_DATAVERIFY 107
|
||||||
|
# define PKCS7_F_PKCS7_DECRYPT 114
|
||||||
|
# define PKCS7_F_PKCS7_DECRYPT_RINFO 133
|
||||||
|
# define PKCS7_F_PKCS7_ENCODE_RINFO 132
|
||||||
|
# define PKCS7_F_PKCS7_ENCRYPT 115
|
||||||
|
# define PKCS7_F_PKCS7_FINAL 134
|
||||||
|
# define PKCS7_F_PKCS7_FIND_DIGEST 127
|
||||||
|
# define PKCS7_F_PKCS7_GET0_SIGNERS 124
|
||||||
|
# define PKCS7_F_PKCS7_RECIP_INFO_SET 130
|
||||||
|
# define PKCS7_F_PKCS7_SET_CIPHER 108
|
||||||
|
# define PKCS7_F_PKCS7_SET_CONTENT 109
|
||||||
|
# define PKCS7_F_PKCS7_SET_DIGEST 126
|
||||||
|
# define PKCS7_F_PKCS7_SET_TYPE 110
|
||||||
|
# define PKCS7_F_PKCS7_SIGN 116
|
||||||
|
# define PKCS7_F_PKCS7_SIGNATUREVERIFY 113
|
||||||
|
# define PKCS7_F_PKCS7_SIGNER_INFO_SET 129
|
||||||
|
# define PKCS7_F_PKCS7_SIGNER_INFO_SIGN 139
|
||||||
|
# define PKCS7_F_PKCS7_SIGN_ADD_SIGNER 137
|
||||||
|
# define PKCS7_F_PKCS7_SIMPLE_SMIMECAP 119
|
||||||
|
# define PKCS7_F_PKCS7_VERIFY 117
|
||||||
|
# define PKCS7_F_SMIME_READ_PKCS7 122
|
||||||
|
# define PKCS7_F_SMIME_TEXT 123
|
||||||
|
|
||||||
|
/* Reason codes. */
|
||||||
|
# define PKCS7_R_CERTIFICATE_VERIFY_ERROR 117
|
||||||
|
# define PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 144
|
||||||
|
# define PKCS7_R_CIPHER_NOT_INITIALIZED 116
|
||||||
|
# define PKCS7_R_CONTENT_AND_DATA_PRESENT 118
|
||||||
|
# define PKCS7_R_CTRL_ERROR 152
|
||||||
|
# define PKCS7_R_DECODE_ERROR 130
|
||||||
|
# define PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH 100
|
||||||
|
# define PKCS7_R_DECRYPT_ERROR 119
|
||||||
|
# define PKCS7_R_DIGEST_FAILURE 101
|
||||||
|
# define PKCS7_R_ENCRYPTION_CTRL_FAILURE 149
|
||||||
|
# define PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 150
|
||||||
|
# define PKCS7_R_ERROR_ADDING_RECIPIENT 120
|
||||||
|
# define PKCS7_R_ERROR_SETTING_CIPHER 121
|
||||||
|
# define PKCS7_R_INVALID_MIME_TYPE 131
|
||||||
|
# define PKCS7_R_INVALID_NULL_POINTER 143
|
||||||
|
# define PKCS7_R_INVALID_SIGNED_DATA_TYPE 155
|
||||||
|
# define PKCS7_R_MIME_NO_CONTENT_TYPE 132
|
||||||
|
# define PKCS7_R_MIME_PARSE_ERROR 133
|
||||||
|
# define PKCS7_R_MIME_SIG_PARSE_ERROR 134
|
||||||
|
# define PKCS7_R_MISSING_CERIPEND_INFO 103
|
||||||
|
# define PKCS7_R_NO_CONTENT 122
|
||||||
|
# define PKCS7_R_NO_CONTENT_TYPE 135
|
||||||
|
# define PKCS7_R_NO_DEFAULT_DIGEST 151
|
||||||
|
# define PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND 154
|
||||||
|
# define PKCS7_R_NO_MULTIPART_BODY_FAILURE 136
|
||||||
|
# define PKCS7_R_NO_MULTIPART_BOUNDARY 137
|
||||||
|
# define PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE 115
|
||||||
|
# define PKCS7_R_NO_RECIPIENT_MATCHES_KEY 146
|
||||||
|
# define PKCS7_R_NO_SIGNATURES_ON_DATA 123
|
||||||
|
# define PKCS7_R_NO_SIGNERS 142
|
||||||
|
# define PKCS7_R_NO_SIG_CONTENT_TYPE 138
|
||||||
|
# define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE 104
|
||||||
|
# define PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR 124
|
||||||
|
# define PKCS7_R_PKCS7_ADD_SIGNER_ERROR 153
|
||||||
|
# define PKCS7_R_PKCS7_DATAFINAL 126
|
||||||
|
# define PKCS7_R_PKCS7_DATAFINAL_ERROR 125
|
||||||
|
# define PKCS7_R_PKCS7_DATASIGN 145
|
||||||
|
# define PKCS7_R_PKCS7_PARSE_ERROR 139
|
||||||
|
# define PKCS7_R_PKCS7_SIG_PARSE_ERROR 140
|
||||||
|
# define PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 127
|
||||||
|
# define PKCS7_R_SIGNATURE_FAILURE 105
|
||||||
|
# define PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND 128
|
||||||
|
# define PKCS7_R_SIGNING_CTRL_FAILURE 147
|
||||||
|
# define PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 148
|
||||||
|
# define PKCS7_R_SIG_INVALID_MIME_TYPE 141
|
||||||
|
# define PKCS7_R_SMIME_TEXT_ERROR 129
|
||||||
|
# define PKCS7_R_UNABLE_TO_FIND_CERTIFICATE 106
|
||||||
|
# define PKCS7_R_UNABLE_TO_FIND_MEM_BIO 107
|
||||||
|
# define PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST 108
|
||||||
|
# define PKCS7_R_UNKNOWN_DIGEST_TYPE 109
|
||||||
|
# define PKCS7_R_UNKNOWN_OPERATION 110
|
||||||
|
# define PKCS7_R_UNSUPPORTED_CIPHER_TYPE 111
|
||||||
|
# define PKCS7_R_UNSUPPORTED_CONTENT_TYPE 112
|
||||||
|
# define PKCS7_R_WRONG_CONTENT_TYPE 113
|
||||||
|
# define PKCS7_R_WRONG_PKCS7_TYPE 114
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
|
@ -0,0 +1,99 @@
|
||||||
|
/* crypto/pqueue/pqueue.h */
|
||||||
|
/*
|
||||||
|
* DTLS implementation written by Nagendra Modadugu
|
||||||
|
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* openssl-core@OpenSSL.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_PQUEUE_H
|
||||||
|
# define HEADER_PQUEUE_H
|
||||||
|
|
||||||
|
# include <stdio.h>
|
||||||
|
# include <stdlib.h>
|
||||||
|
# include <string.h>
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
typedef struct _pqueue *pqueue;
|
||||||
|
|
||||||
|
typedef struct _pitem {
|
||||||
|
unsigned char priority[8]; /* 64-bit value in big-endian encoding */
|
||||||
|
void *data;
|
||||||
|
struct _pitem *next;
|
||||||
|
} pitem;
|
||||||
|
|
||||||
|
typedef struct _pitem *piterator;
|
||||||
|
|
||||||
|
pitem *pitem_new(unsigned char *prio64be, void *data);
|
||||||
|
void pitem_free(pitem *item);
|
||||||
|
|
||||||
|
pqueue pqueue_new(void);
|
||||||
|
void pqueue_free(pqueue pq);
|
||||||
|
|
||||||
|
pitem *pqueue_insert(pqueue pq, pitem *item);
|
||||||
|
pitem *pqueue_peek(pqueue pq);
|
||||||
|
pitem *pqueue_pop(pqueue pq);
|
||||||
|
pitem *pqueue_find(pqueue pq, unsigned char *prio64be);
|
||||||
|
pitem *pqueue_iterator(pqueue pq);
|
||||||
|
pitem *pqueue_next(piterator *iter);
|
||||||
|
|
||||||
|
void pqueue_print(pqueue pq);
|
||||||
|
int pqueue_size(pqueue pq);
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif /* ! HEADER_PQUEUE_H */
|
|
@ -0,0 +1,664 @@
|
||||||
|
/* crypto/rsa/rsa.h */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_RSA_H
|
||||||
|
# define HEADER_RSA_H
|
||||||
|
|
||||||
|
# include <openssl/asn1.h>
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_BIO
|
||||||
|
# include <openssl/bio.h>
|
||||||
|
# endif
|
||||||
|
# include <openssl/crypto.h>
|
||||||
|
# include <openssl/ossl_typ.h>
|
||||||
|
# ifndef OPENSSL_NO_DEPRECATED
|
||||||
|
# include <openssl/bn.h>
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifdef OPENSSL_NO_RSA
|
||||||
|
# error RSA is disabled.
|
||||||
|
# endif
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* Declared already in ossl_typ.h */
|
||||||
|
/* typedef struct rsa_st RSA; */
|
||||||
|
/* typedef struct rsa_meth_st RSA_METHOD; */
|
||||||
|
|
||||||
|
struct rsa_meth_st {
|
||||||
|
const char *name;
|
||||||
|
int (*rsa_pub_enc) (int flen, const unsigned char *from,
|
||||||
|
unsigned char *to, RSA *rsa, int padding);
|
||||||
|
int (*rsa_pub_dec) (int flen, const unsigned char *from,
|
||||||
|
unsigned char *to, RSA *rsa, int padding);
|
||||||
|
int (*rsa_priv_enc) (int flen, const unsigned char *from,
|
||||||
|
unsigned char *to, RSA *rsa, int padding);
|
||||||
|
int (*rsa_priv_dec) (int flen, const unsigned char *from,
|
||||||
|
unsigned char *to, RSA *rsa, int padding);
|
||||||
|
/* Can be null */
|
||||||
|
int (*rsa_mod_exp) (BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx);
|
||||||
|
/* Can be null */
|
||||||
|
int (*bn_mod_exp) (BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
|
||||||
|
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
|
||||||
|
/* called at new */
|
||||||
|
int (*init) (RSA *rsa);
|
||||||
|
/* called at free */
|
||||||
|
int (*finish) (RSA *rsa);
|
||||||
|
/* RSA_METHOD_FLAG_* things */
|
||||||
|
int flags;
|
||||||
|
/* may be needed! */
|
||||||
|
char *app_data;
|
||||||
|
/*
|
||||||
|
* New sign and verify functions: some libraries don't allow arbitrary
|
||||||
|
* data to be signed/verified: this allows them to be used. Note: for
|
||||||
|
* this to work the RSA_public_decrypt() and RSA_private_encrypt() should
|
||||||
|
* *NOT* be used RSA_sign(), RSA_verify() should be used instead. Note:
|
||||||
|
* for backwards compatibility this functionality is only enabled if the
|
||||||
|
* RSA_FLAG_SIGN_VER option is set in 'flags'.
|
||||||
|
*/
|
||||||
|
int (*rsa_sign) (int type,
|
||||||
|
const unsigned char *m, unsigned int m_length,
|
||||||
|
unsigned char *sigret, unsigned int *siglen,
|
||||||
|
const RSA *rsa);
|
||||||
|
int (*rsa_verify) (int dtype, const unsigned char *m,
|
||||||
|
unsigned int m_length, const unsigned char *sigbuf,
|
||||||
|
unsigned int siglen, const RSA *rsa);
|
||||||
|
/*
|
||||||
|
* If this callback is NULL, the builtin software RSA key-gen will be
|
||||||
|
* used. This is for behavioural compatibility whilst the code gets
|
||||||
|
* rewired, but one day it would be nice to assume there are no such
|
||||||
|
* things as "builtin software" implementations.
|
||||||
|
*/
|
||||||
|
int (*rsa_keygen) (RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
|
||||||
|
};
|
||||||
|
|
||||||
|
struct rsa_st {
|
||||||
|
/*
|
||||||
|
* The first parameter is used to pickup errors where this is passed
|
||||||
|
* instead of aEVP_PKEY, it is set to 0
|
||||||
|
*/
|
||||||
|
int pad;
|
||||||
|
long version;
|
||||||
|
const RSA_METHOD *meth;
|
||||||
|
/* functional reference if 'meth' is ENGINE-provided */
|
||||||
|
ENGINE *engine;
|
||||||
|
BIGNUM *n;
|
||||||
|
BIGNUM *e;
|
||||||
|
BIGNUM *d;
|
||||||
|
BIGNUM *p;
|
||||||
|
BIGNUM *q;
|
||||||
|
BIGNUM *dmp1;
|
||||||
|
BIGNUM *dmq1;
|
||||||
|
BIGNUM *iqmp;
|
||||||
|
/* be careful using this if the RSA structure is shared */
|
||||||
|
CRYPTO_EX_DATA ex_data;
|
||||||
|
int references;
|
||||||
|
int flags;
|
||||||
|
/* Used to cache montgomery values */
|
||||||
|
BN_MONT_CTX *_method_mod_n;
|
||||||
|
BN_MONT_CTX *_method_mod_p;
|
||||||
|
BN_MONT_CTX *_method_mod_q;
|
||||||
|
/*
|
||||||
|
* all BIGNUM values are actually in the following data, if it is not
|
||||||
|
* NULL
|
||||||
|
*/
|
||||||
|
char *bignum_data;
|
||||||
|
BN_BLINDING *blinding;
|
||||||
|
BN_BLINDING *mt_blinding;
|
||||||
|
};
|
||||||
|
|
||||||
|
# ifndef OPENSSL_RSA_MAX_MODULUS_BITS
|
||||||
|
# define OPENSSL_RSA_MAX_MODULUS_BITS 16384
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef OPENSSL_RSA_SMALL_MODULUS_BITS
|
||||||
|
# define OPENSSL_RSA_SMALL_MODULUS_BITS 3072
|
||||||
|
# endif
|
||||||
|
# ifndef OPENSSL_RSA_MAX_PUBEXP_BITS
|
||||||
|
|
||||||
|
/* exponent limit enforced for "large" modulus only */
|
||||||
|
# define OPENSSL_RSA_MAX_PUBEXP_BITS 64
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# define RSA_3 0x3L
|
||||||
|
# define RSA_F4 0x10001L
|
||||||
|
|
||||||
|
# define RSA_METHOD_FLAG_NO_CHECK 0x0001/* don't check pub/private
|
||||||
|
* match */
|
||||||
|
|
||||||
|
# define RSA_FLAG_CACHE_PUBLIC 0x0002
|
||||||
|
# define RSA_FLAG_CACHE_PRIVATE 0x0004
|
||||||
|
# define RSA_FLAG_BLINDING 0x0008
|
||||||
|
# define RSA_FLAG_THREAD_SAFE 0x0010
|
||||||
|
/*
|
||||||
|
* This flag means the private key operations will be handled by rsa_mod_exp
|
||||||
|
* and that they do not depend on the private key components being present:
|
||||||
|
* for example a key stored in external hardware. Without this flag
|
||||||
|
* bn_mod_exp gets called when private key components are absent.
|
||||||
|
*/
|
||||||
|
# define RSA_FLAG_EXT_PKEY 0x0020
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This flag in the RSA_METHOD enables the new rsa_sign, rsa_verify
|
||||||
|
* functions.
|
||||||
|
*/
|
||||||
|
# define RSA_FLAG_SIGN_VER 0x0040
|
||||||
|
|
||||||
|
/*
|
||||||
|
* new with 0.9.6j and 0.9.7b; the built-in
|
||||||
|
* RSA implementation now uses blinding by
|
||||||
|
* default (ignoring RSA_FLAG_BLINDING),
|
||||||
|
* but other engines might not need it
|
||||||
|
*/
|
||||||
|
# define RSA_FLAG_NO_BLINDING 0x0080
|
||||||
|
/*
|
||||||
|
* new with 0.9.8f; the built-in RSA
|
||||||
|
* implementation now uses constant time
|
||||||
|
* operations by default in private key operations,
|
||||||
|
* e.g., constant time modular exponentiation,
|
||||||
|
* modular inverse without leaking branches,
|
||||||
|
* division without leaking branches. This
|
||||||
|
* flag disables these constant time
|
||||||
|
* operations and results in faster RSA
|
||||||
|
* private key operations.
|
||||||
|
*/
|
||||||
|
# define RSA_FLAG_NO_CONSTTIME 0x0100
|
||||||
|
# ifdef OPENSSL_USE_DEPRECATED
|
||||||
|
/* deprecated name for the flag*/
|
||||||
|
/*
|
||||||
|
* new with 0.9.7h; the built-in RSA
|
||||||
|
* implementation now uses constant time
|
||||||
|
* modular exponentiation for secret exponents
|
||||||
|
* by default. This flag causes the
|
||||||
|
* faster variable sliding window method to
|
||||||
|
* be used for all exponents.
|
||||||
|
*/
|
||||||
|
# define RSA_FLAG_NO_EXP_CONSTTIME RSA_FLAG_NO_CONSTTIME
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set_rsa_padding(ctx, pad) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, EVP_PKEY_CTRL_RSA_PADDING, \
|
||||||
|
pad, NULL)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_get_rsa_padding(ctx, ppad) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, \
|
||||||
|
EVP_PKEY_CTRL_GET_RSA_PADDING, 0, ppad)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, len) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
|
||||||
|
(EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
|
||||||
|
EVP_PKEY_CTRL_RSA_PSS_SALTLEN, \
|
||||||
|
len, NULL)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_get_rsa_pss_saltlen(ctx, plen) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
|
||||||
|
(EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
|
||||||
|
EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN, \
|
||||||
|
0, plen)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \
|
||||||
|
EVP_PKEY_CTRL_RSA_KEYGEN_BITS, bits, NULL)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set_rsa_keygen_pubexp(ctx, pubexp) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \
|
||||||
|
EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, 0, pubexp)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, md) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
|
||||||
|
EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT, \
|
||||||
|
EVP_PKEY_CTRL_RSA_MGF1_MD, 0, (void *)md)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set_rsa_oaep_md(ctx, md) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT, \
|
||||||
|
EVP_PKEY_CTRL_RSA_OAEP_MD, 0, (void *)md)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_get_rsa_mgf1_md(ctx, pmd) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
|
||||||
|
EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT, \
|
||||||
|
EVP_PKEY_CTRL_GET_RSA_MGF1_MD, 0, (void *)pmd)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_get_rsa_oaep_md(ctx, pmd) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT, \
|
||||||
|
EVP_PKEY_CTRL_GET_RSA_OAEP_MD, 0, (void *)pmd)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, l, llen) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT, \
|
||||||
|
EVP_PKEY_CTRL_RSA_OAEP_LABEL, llen, (void *)l)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTX_get0_rsa_oaep_label(ctx, l) \
|
||||||
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT, \
|
||||||
|
EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL, 0, (void *)l)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTRL_RSA_PADDING (EVP_PKEY_ALG_CTRL + 1)
|
||||||
|
# define EVP_PKEY_CTRL_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 2)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTRL_RSA_KEYGEN_BITS (EVP_PKEY_ALG_CTRL + 3)
|
||||||
|
# define EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP (EVP_PKEY_ALG_CTRL + 4)
|
||||||
|
# define EVP_PKEY_CTRL_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 5)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTRL_GET_RSA_PADDING (EVP_PKEY_ALG_CTRL + 6)
|
||||||
|
# define EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 7)
|
||||||
|
# define EVP_PKEY_CTRL_GET_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 8)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTRL_RSA_OAEP_MD (EVP_PKEY_ALG_CTRL + 9)
|
||||||
|
# define EVP_PKEY_CTRL_RSA_OAEP_LABEL (EVP_PKEY_ALG_CTRL + 10)
|
||||||
|
|
||||||
|
# define EVP_PKEY_CTRL_GET_RSA_OAEP_MD (EVP_PKEY_ALG_CTRL + 11)
|
||||||
|
# define EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL (EVP_PKEY_ALG_CTRL + 12)
|
||||||
|
|
||||||
|
# define RSA_PKCS1_PADDING 1
|
||||||
|
# define RSA_SSLV23_PADDING 2
|
||||||
|
# define RSA_NO_PADDING 3
|
||||||
|
# define RSA_PKCS1_OAEP_PADDING 4
|
||||||
|
# define RSA_X931_PADDING 5
|
||||||
|
/* EVP_PKEY_ only */
|
||||||
|
# define RSA_PKCS1_PSS_PADDING 6
|
||||||
|
|
||||||
|
# define RSA_PKCS1_PADDING_SIZE 11
|
||||||
|
|
||||||
|
# define RSA_set_app_data(s,arg) RSA_set_ex_data(s,0,arg)
|
||||||
|
# define RSA_get_app_data(s) RSA_get_ex_data(s,0)
|
||||||
|
|
||||||
|
RSA *RSA_new(void);
|
||||||
|
RSA *RSA_new_method(ENGINE *engine);
|
||||||
|
int RSA_size(const RSA *rsa);
|
||||||
|
|
||||||
|
/* Deprecated version */
|
||||||
|
# ifndef OPENSSL_NO_DEPRECATED
|
||||||
|
RSA *RSA_generate_key(int bits, unsigned long e, void
|
||||||
|
(*callback) (int, int, void *), void *cb_arg);
|
||||||
|
# endif /* !defined(OPENSSL_NO_DEPRECATED) */
|
||||||
|
|
||||||
|
/* New version */
|
||||||
|
int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
|
||||||
|
|
||||||
|
int RSA_check_key(const RSA *);
|
||||||
|
/* next 4 return -1 on error */
|
||||||
|
int RSA_public_encrypt(int flen, const unsigned char *from,
|
||||||
|
unsigned char *to, RSA *rsa, int padding);
|
||||||
|
int RSA_private_encrypt(int flen, const unsigned char *from,
|
||||||
|
unsigned char *to, RSA *rsa, int padding);
|
||||||
|
int RSA_public_decrypt(int flen, const unsigned char *from,
|
||||||
|
unsigned char *to, RSA *rsa, int padding);
|
||||||
|
int RSA_private_decrypt(int flen, const unsigned char *from,
|
||||||
|
unsigned char *to, RSA *rsa, int padding);
|
||||||
|
void RSA_free(RSA *r);
|
||||||
|
/* "up" the RSA object's reference count */
|
||||||
|
int RSA_up_ref(RSA *r);
|
||||||
|
|
||||||
|
int RSA_flags(const RSA *r);
|
||||||
|
|
||||||
|
void RSA_set_default_method(const RSA_METHOD *meth);
|
||||||
|
const RSA_METHOD *RSA_get_default_method(void);
|
||||||
|
const RSA_METHOD *RSA_get_method(const RSA *rsa);
|
||||||
|
int RSA_set_method(RSA *rsa, const RSA_METHOD *meth);
|
||||||
|
|
||||||
|
/* This function needs the memory locking malloc callbacks to be installed */
|
||||||
|
int RSA_memory_lock(RSA *r);
|
||||||
|
|
||||||
|
/* these are the actual SSLeay RSA functions */
|
||||||
|
const RSA_METHOD *RSA_PKCS1_SSLeay(void);
|
||||||
|
|
||||||
|
const RSA_METHOD *RSA_null_method(void);
|
||||||
|
|
||||||
|
DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPublicKey)
|
||||||
|
DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPrivateKey)
|
||||||
|
|
||||||
|
typedef struct rsa_pss_params_st {
|
||||||
|
X509_ALGOR *hashAlgorithm;
|
||||||
|
X509_ALGOR *maskGenAlgorithm;
|
||||||
|
ASN1_INTEGER *saltLength;
|
||||||
|
ASN1_INTEGER *trailerField;
|
||||||
|
} RSA_PSS_PARAMS;
|
||||||
|
|
||||||
|
DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
|
||||||
|
|
||||||
|
typedef struct rsa_oaep_params_st {
|
||||||
|
X509_ALGOR *hashFunc;
|
||||||
|
X509_ALGOR *maskGenFunc;
|
||||||
|
X509_ALGOR *pSourceFunc;
|
||||||
|
} RSA_OAEP_PARAMS;
|
||||||
|
|
||||||
|
DECLARE_ASN1_FUNCTIONS(RSA_OAEP_PARAMS)
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_FP_API
|
||||||
|
int RSA_print_fp(FILE *fp, const RSA *r, int offset);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_BIO
|
||||||
|
int RSA_print(BIO *bp, const RSA *r, int offset);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_RC4
|
||||||
|
int i2d_RSA_NET(const RSA *a, unsigned char **pp,
|
||||||
|
int (*cb) (char *buf, int len, const char *prompt,
|
||||||
|
int verify), int sgckey);
|
||||||
|
RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length,
|
||||||
|
int (*cb) (char *buf, int len, const char *prompt,
|
||||||
|
int verify), int sgckey);
|
||||||
|
|
||||||
|
int i2d_Netscape_RSA(const RSA *a, unsigned char **pp,
|
||||||
|
int (*cb) (char *buf, int len, const char *prompt,
|
||||||
|
int verify));
|
||||||
|
RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length,
|
||||||
|
int (*cb) (char *buf, int len, const char *prompt,
|
||||||
|
int verify));
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The following 2 functions sign and verify a X509_SIG ASN1 object inside
|
||||||
|
* PKCS#1 padded RSA encryption
|
||||||
|
*/
|
||||||
|
int RSA_sign(int type, const unsigned char *m, unsigned int m_length,
|
||||||
|
unsigned char *sigret, unsigned int *siglen, RSA *rsa);
|
||||||
|
int RSA_verify(int type, const unsigned char *m, unsigned int m_length,
|
||||||
|
const unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The following 2 function sign and verify a ASN1_OCTET_STRING object inside
|
||||||
|
* PKCS#1 padded RSA encryption
|
||||||
|
*/
|
||||||
|
int RSA_sign_ASN1_OCTET_STRING(int type,
|
||||||
|
const unsigned char *m, unsigned int m_length,
|
||||||
|
unsigned char *sigret, unsigned int *siglen,
|
||||||
|
RSA *rsa);
|
||||||
|
int RSA_verify_ASN1_OCTET_STRING(int type, const unsigned char *m,
|
||||||
|
unsigned int m_length, unsigned char *sigbuf,
|
||||||
|
unsigned int siglen, RSA *rsa);
|
||||||
|
|
||||||
|
int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
|
||||||
|
void RSA_blinding_off(RSA *rsa);
|
||||||
|
BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *ctx);
|
||||||
|
|
||||||
|
int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
|
||||||
|
const unsigned char *f, int fl);
|
||||||
|
int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
|
||||||
|
const unsigned char *f, int fl,
|
||||||
|
int rsa_len);
|
||||||
|
int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
|
||||||
|
const unsigned char *f, int fl);
|
||||||
|
int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
|
||||||
|
const unsigned char *f, int fl,
|
||||||
|
int rsa_len);
|
||||||
|
int PKCS1_MGF1(unsigned char *mask, long len, const unsigned char *seed,
|
||||||
|
long seedlen, const EVP_MD *dgst);
|
||||||
|
int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
|
||||||
|
const unsigned char *f, int fl,
|
||||||
|
const unsigned char *p, int pl);
|
||||||
|
int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
|
||||||
|
const unsigned char *f, int fl, int rsa_len,
|
||||||
|
const unsigned char *p, int pl);
|
||||||
|
int RSA_padding_add_PKCS1_OAEP_mgf1(unsigned char *to, int tlen,
|
||||||
|
const unsigned char *from, int flen,
|
||||||
|
const unsigned char *param, int plen,
|
||||||
|
const EVP_MD *md, const EVP_MD *mgf1md);
|
||||||
|
int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen,
|
||||||
|
const unsigned char *from, int flen,
|
||||||
|
int num, const unsigned char *param,
|
||||||
|
int plen, const EVP_MD *md,
|
||||||
|
const EVP_MD *mgf1md);
|
||||||
|
int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
|
||||||
|
const unsigned char *f, int fl);
|
||||||
|
int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
|
||||||
|
const unsigned char *f, int fl, int rsa_len);
|
||||||
|
int RSA_padding_add_none(unsigned char *to, int tlen, const unsigned char *f,
|
||||||
|
int fl);
|
||||||
|
int RSA_padding_check_none(unsigned char *to, int tlen,
|
||||||
|
const unsigned char *f, int fl, int rsa_len);
|
||||||
|
int RSA_padding_add_X931(unsigned char *to, int tlen, const unsigned char *f,
|
||||||
|
int fl);
|
||||||
|
int RSA_padding_check_X931(unsigned char *to, int tlen,
|
||||||
|
const unsigned char *f, int fl, int rsa_len);
|
||||||
|
int RSA_X931_hash_id(int nid);
|
||||||
|
|
||||||
|
int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
|
||||||
|
const EVP_MD *Hash, const unsigned char *EM,
|
||||||
|
int sLen);
|
||||||
|
int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
|
||||||
|
const unsigned char *mHash, const EVP_MD *Hash,
|
||||||
|
int sLen);
|
||||||
|
|
||||||
|
int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
|
||||||
|
const EVP_MD *Hash, const EVP_MD *mgf1Hash,
|
||||||
|
const unsigned char *EM, int sLen);
|
||||||
|
|
||||||
|
int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
|
||||||
|
const unsigned char *mHash,
|
||||||
|
const EVP_MD *Hash, const EVP_MD *mgf1Hash,
|
||||||
|
int sLen);
|
||||||
|
|
||||||
|
int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
|
||||||
|
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
|
||||||
|
int RSA_set_ex_data(RSA *r, int idx, void *arg);
|
||||||
|
void *RSA_get_ex_data(const RSA *r, int idx);
|
||||||
|
|
||||||
|
RSA *RSAPublicKey_dup(RSA *rsa);
|
||||||
|
RSA *RSAPrivateKey_dup(RSA *rsa);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If this flag is set the RSA method is FIPS compliant and can be used in
|
||||||
|
* FIPS mode. This is set in the validated module method. If an application
|
||||||
|
* sets this flag in its own methods it is its responsibility to ensure the
|
||||||
|
* result is compliant.
|
||||||
|
*/
|
||||||
|
|
||||||
|
# define RSA_FLAG_FIPS_METHOD 0x0400
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If this flag is set the operations normally disabled in FIPS mode are
|
||||||
|
* permitted it is then the applications responsibility to ensure that the
|
||||||
|
* usage is compliant.
|
||||||
|
*/
|
||||||
|
|
||||||
|
# define RSA_FLAG_NON_FIPS_ALLOW 0x0400
|
||||||
|
/*
|
||||||
|
* Application has decided PRNG is good enough to generate a key: don't
|
||||||
|
* check.
|
||||||
|
*/
|
||||||
|
# define RSA_FLAG_CHECKED 0x0800
|
||||||
|
|
||||||
|
/* BEGIN ERROR CODES */
|
||||||
|
/*
|
||||||
|
* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||||
|
* made after this point may be overwritten when the script is next run.
|
||||||
|
*/
|
||||||
|
void ERR_load_RSA_strings(void);
|
||||||
|
|
||||||
|
/* Error codes for the RSA functions. */
|
||||||
|
|
||||||
|
/* Function codes. */
|
||||||
|
# define RSA_F_CHECK_PADDING_MD 140
|
||||||
|
# define RSA_F_DO_RSA_PRINT 146
|
||||||
|
# define RSA_F_INT_RSA_VERIFY 145
|
||||||
|
# define RSA_F_MEMORY_LOCK 100
|
||||||
|
# define RSA_F_OLD_RSA_PRIV_DECODE 147
|
||||||
|
# define RSA_F_PKEY_RSA_CTRL 143
|
||||||
|
# define RSA_F_PKEY_RSA_CTRL_STR 144
|
||||||
|
# define RSA_F_PKEY_RSA_SIGN 142
|
||||||
|
# define RSA_F_PKEY_RSA_VERIFY 154
|
||||||
|
# define RSA_F_PKEY_RSA_VERIFYRECOVER 141
|
||||||
|
# define RSA_F_RSA_ALGOR_TO_MD 157
|
||||||
|
# define RSA_F_RSA_BUILTIN_KEYGEN 129
|
||||||
|
# define RSA_F_RSA_CHECK_KEY 123
|
||||||
|
# define RSA_F_RSA_CMS_DECRYPT 158
|
||||||
|
# define RSA_F_RSA_EAY_PRIVATE_DECRYPT 101
|
||||||
|
# define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 102
|
||||||
|
# define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103
|
||||||
|
# define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104
|
||||||
|
# define RSA_F_RSA_GENERATE_KEY 105
|
||||||
|
# define RSA_F_RSA_GENERATE_KEY_EX 155
|
||||||
|
# define RSA_F_RSA_ITEM_VERIFY 156
|
||||||
|
# define RSA_F_RSA_MEMORY_LOCK 130
|
||||||
|
# define RSA_F_RSA_MGF1_TO_MD 159
|
||||||
|
# define RSA_F_RSA_NEW_METHOD 106
|
||||||
|
# define RSA_F_RSA_NULL 124
|
||||||
|
# define RSA_F_RSA_NULL_MOD_EXP 131
|
||||||
|
# define RSA_F_RSA_NULL_PRIVATE_DECRYPT 132
|
||||||
|
# define RSA_F_RSA_NULL_PRIVATE_ENCRYPT 133
|
||||||
|
# define RSA_F_RSA_NULL_PUBLIC_DECRYPT 134
|
||||||
|
# define RSA_F_RSA_NULL_PUBLIC_ENCRYPT 135
|
||||||
|
# define RSA_F_RSA_PADDING_ADD_NONE 107
|
||||||
|
# define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121
|
||||||
|
# define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1 160
|
||||||
|
# define RSA_F_RSA_PADDING_ADD_PKCS1_PSS 125
|
||||||
|
# define RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1 148
|
||||||
|
# define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108
|
||||||
|
# define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 109
|
||||||
|
# define RSA_F_RSA_PADDING_ADD_SSLV23 110
|
||||||
|
# define RSA_F_RSA_PADDING_ADD_X931 127
|
||||||
|
# define RSA_F_RSA_PADDING_CHECK_NONE 111
|
||||||
|
# define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP 122
|
||||||
|
# define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1 161
|
||||||
|
# define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 112
|
||||||
|
# define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 113
|
||||||
|
# define RSA_F_RSA_PADDING_CHECK_SSLV23 114
|
||||||
|
# define RSA_F_RSA_PADDING_CHECK_X931 128
|
||||||
|
# define RSA_F_RSA_PRINT 115
|
||||||
|
# define RSA_F_RSA_PRINT_FP 116
|
||||||
|
# define RSA_F_RSA_PRIVATE_DECRYPT 150
|
||||||
|
# define RSA_F_RSA_PRIVATE_ENCRYPT 151
|
||||||
|
# define RSA_F_RSA_PRIV_DECODE 137
|
||||||
|
# define RSA_F_RSA_PRIV_ENCODE 138
|
||||||
|
# define RSA_F_RSA_PSS_TO_CTX 162
|
||||||
|
# define RSA_F_RSA_PUBLIC_DECRYPT 152
|
||||||
|
# define RSA_F_RSA_PUBLIC_ENCRYPT 153
|
||||||
|
# define RSA_F_RSA_PUB_DECODE 139
|
||||||
|
# define RSA_F_RSA_SETUP_BLINDING 136
|
||||||
|
# define RSA_F_RSA_SIGN 117
|
||||||
|
# define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118
|
||||||
|
# define RSA_F_RSA_VERIFY 119
|
||||||
|
# define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 120
|
||||||
|
# define RSA_F_RSA_VERIFY_PKCS1_PSS 126
|
||||||
|
# define RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1 149
|
||||||
|
|
||||||
|
/* Reason codes. */
|
||||||
|
# define RSA_R_ALGORITHM_MISMATCH 100
|
||||||
|
# define RSA_R_BAD_E_VALUE 101
|
||||||
|
# define RSA_R_BAD_FIXED_HEADER_DECRYPT 102
|
||||||
|
# define RSA_R_BAD_PAD_BYTE_COUNT 103
|
||||||
|
# define RSA_R_BAD_SIGNATURE 104
|
||||||
|
# define RSA_R_BLOCK_TYPE_IS_NOT_01 106
|
||||||
|
# define RSA_R_BLOCK_TYPE_IS_NOT_02 107
|
||||||
|
# define RSA_R_DATA_GREATER_THAN_MOD_LEN 108
|
||||||
|
# define RSA_R_DATA_TOO_LARGE 109
|
||||||
|
# define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 110
|
||||||
|
# define RSA_R_DATA_TOO_LARGE_FOR_MODULUS 132
|
||||||
|
# define RSA_R_DATA_TOO_SMALL 111
|
||||||
|
# define RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE 122
|
||||||
|
# define RSA_R_DIGEST_DOES_NOT_MATCH 166
|
||||||
|
# define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY 112
|
||||||
|
# define RSA_R_DMP1_NOT_CONGRUENT_TO_D 124
|
||||||
|
# define RSA_R_DMQ1_NOT_CONGRUENT_TO_D 125
|
||||||
|
# define RSA_R_D_E_NOT_CONGRUENT_TO_1 123
|
||||||
|
# define RSA_R_FIRST_OCTET_INVALID 133
|
||||||
|
# define RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE 144
|
||||||
|
# define RSA_R_INVALID_DIGEST 160
|
||||||
|
# define RSA_R_INVALID_DIGEST_LENGTH 143
|
||||||
|
# define RSA_R_INVALID_HEADER 137
|
||||||
|
# define RSA_R_INVALID_KEYBITS 145
|
||||||
|
# define RSA_R_INVALID_LABEL 161
|
||||||
|
# define RSA_R_INVALID_MESSAGE_LENGTH 131
|
||||||
|
# define RSA_R_INVALID_MGF1_MD 156
|
||||||
|
# define RSA_R_INVALID_OAEP_PARAMETERS 162
|
||||||
|
# define RSA_R_INVALID_PADDING 138
|
||||||
|
# define RSA_R_INVALID_PADDING_MODE 141
|
||||||
|
# define RSA_R_INVALID_PSS_PARAMETERS 149
|
||||||
|
# define RSA_R_INVALID_PSS_SALTLEN 146
|
||||||
|
# define RSA_R_INVALID_SALT_LENGTH 150
|
||||||
|
# define RSA_R_INVALID_TRAILER 139
|
||||||
|
# define RSA_R_INVALID_X931_DIGEST 142
|
||||||
|
# define RSA_R_IQMP_NOT_INVERSE_OF_Q 126
|
||||||
|
# define RSA_R_KEY_SIZE_TOO_SMALL 120
|
||||||
|
# define RSA_R_LAST_OCTET_INVALID 134
|
||||||
|
# define RSA_R_MODULUS_TOO_LARGE 105
|
||||||
|
# define RSA_R_NON_FIPS_RSA_METHOD 157
|
||||||
|
# define RSA_R_NO_PUBLIC_EXPONENT 140
|
||||||
|
# define RSA_R_NULL_BEFORE_BLOCK_MISSING 113
|
||||||
|
# define RSA_R_N_DOES_NOT_EQUAL_P_Q 127
|
||||||
|
# define RSA_R_OAEP_DECODING_ERROR 121
|
||||||
|
# define RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 158
|
||||||
|
# define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 148
|
||||||
|
# define RSA_R_PADDING_CHECK_FAILED 114
|
||||||
|
# define RSA_R_PKCS_DECODING_ERROR 159
|
||||||
|
# define RSA_R_P_NOT_PRIME 128
|
||||||
|
# define RSA_R_Q_NOT_PRIME 129
|
||||||
|
# define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED 130
|
||||||
|
# define RSA_R_SLEN_CHECK_FAILED 136
|
||||||
|
# define RSA_R_SLEN_RECOVERY_FAILED 135
|
||||||
|
# define RSA_R_SSLV3_ROLLBACK_ATTACK 115
|
||||||
|
# define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
|
||||||
|
# define RSA_R_UNKNOWN_ALGORITHM_TYPE 117
|
||||||
|
# define RSA_R_UNKNOWN_DIGEST 163
|
||||||
|
# define RSA_R_UNKNOWN_MASK_DIGEST 151
|
||||||
|
# define RSA_R_UNKNOWN_PADDING_TYPE 118
|
||||||
|
# define RSA_R_UNKNOWN_PSS_DIGEST 152
|
||||||
|
# define RSA_R_UNSUPPORTED_ENCRYPTION_TYPE 164
|
||||||
|
# define RSA_R_UNSUPPORTED_LABEL_SOURCE 165
|
||||||
|
# define RSA_R_UNSUPPORTED_MASK_ALGORITHM 153
|
||||||
|
# define RSA_R_UNSUPPORTED_MASK_PARAMETER 154
|
||||||
|
# define RSA_R_UNSUPPORTED_SIGNATURE_TYPE 155
|
||||||
|
# define RSA_R_VALUE_MISSING 147
|
||||||
|
# define RSA_R_WRONG_SIGNATURE_LENGTH 119
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,214 @@
|
||||||
|
/* crypto/sha/sha.h */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_SHA_H
|
||||||
|
# define HEADER_SHA_H
|
||||||
|
|
||||||
|
# include <openssl/e_os2.h>
|
||||||
|
# include <stddef.h>
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
# if defined(OPENSSL_NO_SHA) || (defined(OPENSSL_NO_SHA0) && defined(OPENSSL_NO_SHA1))
|
||||||
|
# error SHA is disabled.
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# if defined(OPENSSL_FIPS)
|
||||||
|
# define FIPS_SHA_SIZE_T size_t
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/*-
|
||||||
|
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
||||||
|
* ! SHA_LONG has to be at least 32 bits wide. If it's wider, then !
|
||||||
|
* ! SHA_LONG_LOG2 has to be defined along. !
|
||||||
|
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
||||||
|
*/
|
||||||
|
|
||||||
|
# if defined(__LP32__)
|
||||||
|
# define SHA_LONG unsigned long
|
||||||
|
# elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
|
||||||
|
# define SHA_LONG unsigned long
|
||||||
|
# define SHA_LONG_LOG2 3
|
||||||
|
# else
|
||||||
|
# define SHA_LONG unsigned int
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# define SHA_LBLOCK 16
|
||||||
|
# define SHA_CBLOCK (SHA_LBLOCK*4)/* SHA treats input data as a
|
||||||
|
* contiguous array of 32 bit wide
|
||||||
|
* big-endian values. */
|
||||||
|
# define SHA_LAST_BLOCK (SHA_CBLOCK-8)
|
||||||
|
# define SHA_DIGEST_LENGTH 20
|
||||||
|
|
||||||
|
typedef struct SHAstate_st {
|
||||||
|
SHA_LONG h0, h1, h2, h3, h4;
|
||||||
|
SHA_LONG Nl, Nh;
|
||||||
|
SHA_LONG data[SHA_LBLOCK];
|
||||||
|
unsigned int num;
|
||||||
|
} SHA_CTX;
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_SHA0
|
||||||
|
# ifdef OPENSSL_FIPS
|
||||||
|
int private_SHA_Init(SHA_CTX *c);
|
||||||
|
# endif
|
||||||
|
int SHA_Init(SHA_CTX *c);
|
||||||
|
int SHA_Update(SHA_CTX *c, const void *data, size_t len);
|
||||||
|
int SHA_Final(unsigned char *md, SHA_CTX *c);
|
||||||
|
unsigned char *SHA(const unsigned char *d, size_t n, unsigned char *md);
|
||||||
|
void SHA_Transform(SHA_CTX *c, const unsigned char *data);
|
||||||
|
# endif
|
||||||
|
# ifndef OPENSSL_NO_SHA1
|
||||||
|
# ifdef OPENSSL_FIPS
|
||||||
|
int private_SHA1_Init(SHA_CTX *c);
|
||||||
|
# endif
|
||||||
|
int SHA1_Init(SHA_CTX *c);
|
||||||
|
int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
|
||||||
|
int SHA1_Final(unsigned char *md, SHA_CTX *c);
|
||||||
|
unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md);
|
||||||
|
void SHA1_Transform(SHA_CTX *c, const unsigned char *data);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# define SHA256_CBLOCK (SHA_LBLOCK*4)/* SHA-256 treats input data as a
|
||||||
|
* contiguous array of 32 bit wide
|
||||||
|
* big-endian values. */
|
||||||
|
# define SHA224_DIGEST_LENGTH 28
|
||||||
|
# define SHA256_DIGEST_LENGTH 32
|
||||||
|
|
||||||
|
typedef struct SHA256state_st {
|
||||||
|
SHA_LONG h[8];
|
||||||
|
SHA_LONG Nl, Nh;
|
||||||
|
SHA_LONG data[SHA_LBLOCK];
|
||||||
|
unsigned int num, md_len;
|
||||||
|
} SHA256_CTX;
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_SHA256
|
||||||
|
# ifdef OPENSSL_FIPS
|
||||||
|
int private_SHA224_Init(SHA256_CTX *c);
|
||||||
|
int private_SHA256_Init(SHA256_CTX *c);
|
||||||
|
# endif
|
||||||
|
int SHA224_Init(SHA256_CTX *c);
|
||||||
|
int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
|
||||||
|
int SHA224_Final(unsigned char *md, SHA256_CTX *c);
|
||||||
|
unsigned char *SHA224(const unsigned char *d, size_t n, unsigned char *md);
|
||||||
|
int SHA256_Init(SHA256_CTX *c);
|
||||||
|
int SHA256_Update(SHA256_CTX *c, const void *data, size_t len);
|
||||||
|
int SHA256_Final(unsigned char *md, SHA256_CTX *c);
|
||||||
|
unsigned char *SHA256(const unsigned char *d, size_t n, unsigned char *md);
|
||||||
|
void SHA256_Transform(SHA256_CTX *c, const unsigned char *data);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# define SHA384_DIGEST_LENGTH 48
|
||||||
|
# define SHA512_DIGEST_LENGTH 64
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_SHA512
|
||||||
|
/*
|
||||||
|
* Unlike 32-bit digest algorithms, SHA-512 *relies* on SHA_LONG64
|
||||||
|
* being exactly 64-bit wide. See Implementation Notes in sha512.c
|
||||||
|
* for further details.
|
||||||
|
*/
|
||||||
|
/*
|
||||||
|
* SHA-512 treats input data as a
|
||||||
|
* contiguous array of 64 bit
|
||||||
|
* wide big-endian values.
|
||||||
|
*/
|
||||||
|
# define SHA512_CBLOCK (SHA_LBLOCK*8)
|
||||||
|
# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
|
||||||
|
# define SHA_LONG64 unsigned __int64
|
||||||
|
# define U64(C) C##UI64
|
||||||
|
# elif defined(__arch64__)
|
||||||
|
# define SHA_LONG64 unsigned long
|
||||||
|
# define U64(C) C##UL
|
||||||
|
# else
|
||||||
|
# define SHA_LONG64 unsigned long long
|
||||||
|
# define U64(C) C##ULL
|
||||||
|
# endif
|
||||||
|
|
||||||
|
typedef struct SHA512state_st {
|
||||||
|
SHA_LONG64 h[8];
|
||||||
|
SHA_LONG64 Nl, Nh;
|
||||||
|
union {
|
||||||
|
SHA_LONG64 d[SHA_LBLOCK];
|
||||||
|
unsigned char p[SHA512_CBLOCK];
|
||||||
|
} u;
|
||||||
|
unsigned int num, md_len;
|
||||||
|
} SHA512_CTX;
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_SHA512
|
||||||
|
# ifdef OPENSSL_FIPS
|
||||||
|
int private_SHA384_Init(SHA512_CTX *c);
|
||||||
|
int private_SHA512_Init(SHA512_CTX *c);
|
||||||
|
# endif
|
||||||
|
int SHA384_Init(SHA512_CTX *c);
|
||||||
|
int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
|
||||||
|
int SHA384_Final(unsigned char *md, SHA512_CTX *c);
|
||||||
|
unsigned char *SHA384(const unsigned char *d, size_t n, unsigned char *md);
|
||||||
|
int SHA512_Init(SHA512_CTX *c);
|
||||||
|
int SHA512_Update(SHA512_CTX *c, const void *data, size_t len);
|
||||||
|
int SHA512_Final(unsigned char *md, SHA512_CTX *c);
|
||||||
|
unsigned char *SHA512(const unsigned char *d, size_t n, unsigned char *md);
|
||||||
|
void SHA512_Transform(SHA512_CTX *c, const unsigned char *data);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#endif
|
|
@ -0,0 +1,147 @@
|
||||||
|
/* ssl/srtp.h */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* openssl-core@openssl.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
/*
|
||||||
|
* DTLS code by Eric Rescorla <ekr@rtfm.com>
|
||||||
|
*
|
||||||
|
* Copyright (C) 2006, Network Resonance, Inc. Copyright (C) 2011, RTFM, Inc.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_D1_SRTP_H
|
||||||
|
# define HEADER_D1_SRTP_H
|
||||||
|
|
||||||
|
# include <openssl/ssl.h>
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
# define SRTP_AES128_CM_SHA1_80 0x0001
|
||||||
|
# define SRTP_AES128_CM_SHA1_32 0x0002
|
||||||
|
# define SRTP_AES128_F8_SHA1_80 0x0003
|
||||||
|
# define SRTP_AES128_F8_SHA1_32 0x0004
|
||||||
|
# define SRTP_NULL_SHA1_80 0x0005
|
||||||
|
# define SRTP_NULL_SHA1_32 0x0006
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_SRTP
|
||||||
|
|
||||||
|
int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles);
|
||||||
|
int SSL_set_tlsext_use_srtp(SSL *ctx, const char *profiles);
|
||||||
|
|
||||||
|
STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *ssl);
|
||||||
|
SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s);
|
||||||
|
|
||||||
|
# endif
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#endif
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,265 @@
|
||||||
|
/* ssl/ssl2.h */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_SSL2_H
|
||||||
|
# define HEADER_SSL2_H
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/* Protocol Version Codes */
|
||||||
|
# define SSL2_VERSION 0x0002
|
||||||
|
# define SSL2_VERSION_MAJOR 0x00
|
||||||
|
# define SSL2_VERSION_MINOR 0x02
|
||||||
|
/* #define SSL2_CLIENT_VERSION 0x0002 */
|
||||||
|
/* #define SSL2_SERVER_VERSION 0x0002 */
|
||||||
|
|
||||||
|
/* Protocol Message Codes */
|
||||||
|
# define SSL2_MT_ERROR 0
|
||||||
|
# define SSL2_MT_CLIENT_HELLO 1
|
||||||
|
# define SSL2_MT_CLIENT_MASTER_KEY 2
|
||||||
|
# define SSL2_MT_CLIENT_FINISHED 3
|
||||||
|
# define SSL2_MT_SERVER_HELLO 4
|
||||||
|
# define SSL2_MT_SERVER_VERIFY 5
|
||||||
|
# define SSL2_MT_SERVER_FINISHED 6
|
||||||
|
# define SSL2_MT_REQUEST_CERTIFICATE 7
|
||||||
|
# define SSL2_MT_CLIENT_CERTIFICATE 8
|
||||||
|
|
||||||
|
/* Error Message Codes */
|
||||||
|
# define SSL2_PE_UNDEFINED_ERROR 0x0000
|
||||||
|
# define SSL2_PE_NO_CIPHER 0x0001
|
||||||
|
# define SSL2_PE_NO_CERTIFICATE 0x0002
|
||||||
|
# define SSL2_PE_BAD_CERTIFICATE 0x0004
|
||||||
|
# define SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE 0x0006
|
||||||
|
|
||||||
|
/* Cipher Kind Values */
|
||||||
|
# define SSL2_CK_NULL_WITH_MD5 0x02000000/* v3 */
|
||||||
|
# define SSL2_CK_RC4_128_WITH_MD5 0x02010080
|
||||||
|
# define SSL2_CK_RC4_128_EXPORT40_WITH_MD5 0x02020080
|
||||||
|
# define SSL2_CK_RC2_128_CBC_WITH_MD5 0x02030080
|
||||||
|
# define SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5 0x02040080
|
||||||
|
# define SSL2_CK_IDEA_128_CBC_WITH_MD5 0x02050080
|
||||||
|
# define SSL2_CK_DES_64_CBC_WITH_MD5 0x02060040
|
||||||
|
# define SSL2_CK_DES_64_CBC_WITH_SHA 0x02060140/* v3 */
|
||||||
|
# define SSL2_CK_DES_192_EDE3_CBC_WITH_MD5 0x020700c0
|
||||||
|
# define SSL2_CK_DES_192_EDE3_CBC_WITH_SHA 0x020701c0/* v3 */
|
||||||
|
# define SSL2_CK_RC4_64_WITH_MD5 0x02080080/* MS hack */
|
||||||
|
|
||||||
|
# define SSL2_CK_DES_64_CFB64_WITH_MD5_1 0x02ff0800/* SSLeay */
|
||||||
|
# define SSL2_CK_NULL 0x02ff0810/* SSLeay */
|
||||||
|
|
||||||
|
# define SSL2_TXT_DES_64_CFB64_WITH_MD5_1 "DES-CFB-M1"
|
||||||
|
# define SSL2_TXT_NULL_WITH_MD5 "NULL-MD5"
|
||||||
|
# define SSL2_TXT_RC4_128_WITH_MD5 "RC4-MD5"
|
||||||
|
# define SSL2_TXT_RC4_128_EXPORT40_WITH_MD5 "EXP-RC4-MD5"
|
||||||
|
# define SSL2_TXT_RC2_128_CBC_WITH_MD5 "RC2-CBC-MD5"
|
||||||
|
# define SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 "EXP-RC2-CBC-MD5"
|
||||||
|
# define SSL2_TXT_IDEA_128_CBC_WITH_MD5 "IDEA-CBC-MD5"
|
||||||
|
# define SSL2_TXT_DES_64_CBC_WITH_MD5 "DES-CBC-MD5"
|
||||||
|
# define SSL2_TXT_DES_64_CBC_WITH_SHA "DES-CBC-SHA"
|
||||||
|
# define SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5 "DES-CBC3-MD5"
|
||||||
|
# define SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA "DES-CBC3-SHA"
|
||||||
|
# define SSL2_TXT_RC4_64_WITH_MD5 "RC4-64-MD5"
|
||||||
|
|
||||||
|
# define SSL2_TXT_NULL "NULL"
|
||||||
|
|
||||||
|
/* Flags for the SSL_CIPHER.algorithm2 field */
|
||||||
|
# define SSL2_CF_5_BYTE_ENC 0x01
|
||||||
|
# define SSL2_CF_8_BYTE_ENC 0x02
|
||||||
|
|
||||||
|
/* Certificate Type Codes */
|
||||||
|
# define SSL2_CT_X509_CERTIFICATE 0x01
|
||||||
|
|
||||||
|
/* Authentication Type Code */
|
||||||
|
# define SSL2_AT_MD5_WITH_RSA_ENCRYPTION 0x01
|
||||||
|
|
||||||
|
# define SSL2_MAX_SSL_SESSION_ID_LENGTH 32
|
||||||
|
|
||||||
|
/* Upper/Lower Bounds */
|
||||||
|
# define SSL2_MAX_MASTER_KEY_LENGTH_IN_BITS 256
|
||||||
|
# ifdef OPENSSL_SYS_MPE
|
||||||
|
# define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER 29998u
|
||||||
|
# else
|
||||||
|
# define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER 32767u
|
||||||
|
/* 2^15-1 */
|
||||||
|
# endif
|
||||||
|
# define SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER 16383/* 2^14-1 */
|
||||||
|
|
||||||
|
# define SSL2_CHALLENGE_LENGTH 16
|
||||||
|
/*
|
||||||
|
* #define SSL2_CHALLENGE_LENGTH 32
|
||||||
|
*/
|
||||||
|
# define SSL2_MIN_CHALLENGE_LENGTH 16
|
||||||
|
# define SSL2_MAX_CHALLENGE_LENGTH 32
|
||||||
|
# define SSL2_CONNECTION_ID_LENGTH 16
|
||||||
|
# define SSL2_MAX_CONNECTION_ID_LENGTH 16
|
||||||
|
# define SSL2_SSL_SESSION_ID_LENGTH 16
|
||||||
|
# define SSL2_MAX_CERT_CHALLENGE_LENGTH 32
|
||||||
|
# define SSL2_MIN_CERT_CHALLENGE_LENGTH 16
|
||||||
|
# define SSL2_MAX_KEY_MATERIAL_LENGTH 24
|
||||||
|
|
||||||
|
# ifndef HEADER_SSL_LOCL_H
|
||||||
|
# define CERT char
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_SSL_INTERN
|
||||||
|
|
||||||
|
typedef struct ssl2_state_st {
|
||||||
|
int three_byte_header;
|
||||||
|
int clear_text; /* clear text */
|
||||||
|
int escape; /* not used in SSLv2 */
|
||||||
|
int ssl2_rollback; /* used if SSLv23 rolled back to SSLv2 */
|
||||||
|
/*
|
||||||
|
* non-blocking io info, used to make sure the same args were passwd
|
||||||
|
*/
|
||||||
|
unsigned int wnum; /* number of bytes sent so far */
|
||||||
|
int wpend_tot;
|
||||||
|
const unsigned char *wpend_buf;
|
||||||
|
int wpend_off; /* offset to data to write */
|
||||||
|
int wpend_len; /* number of bytes passwd to write */
|
||||||
|
int wpend_ret; /* number of bytes to return to caller */
|
||||||
|
/* buffer raw data */
|
||||||
|
int rbuf_left;
|
||||||
|
int rbuf_offs;
|
||||||
|
unsigned char *rbuf;
|
||||||
|
unsigned char *wbuf;
|
||||||
|
unsigned char *write_ptr; /* used to point to the start due to 2/3 byte
|
||||||
|
* header. */
|
||||||
|
unsigned int padding;
|
||||||
|
unsigned int rlength; /* passed to ssl2_enc */
|
||||||
|
int ract_data_length; /* Set when things are encrypted. */
|
||||||
|
unsigned int wlength; /* passed to ssl2_enc */
|
||||||
|
int wact_data_length; /* Set when things are decrypted. */
|
||||||
|
unsigned char *ract_data;
|
||||||
|
unsigned char *wact_data;
|
||||||
|
unsigned char *mac_data;
|
||||||
|
unsigned char *read_key;
|
||||||
|
unsigned char *write_key;
|
||||||
|
/* Stuff specifically to do with this SSL session */
|
||||||
|
unsigned int challenge_length;
|
||||||
|
unsigned char challenge[SSL2_MAX_CHALLENGE_LENGTH];
|
||||||
|
unsigned int conn_id_length;
|
||||||
|
unsigned char conn_id[SSL2_MAX_CONNECTION_ID_LENGTH];
|
||||||
|
unsigned int key_material_length;
|
||||||
|
unsigned char key_material[SSL2_MAX_KEY_MATERIAL_LENGTH * 2];
|
||||||
|
unsigned long read_sequence;
|
||||||
|
unsigned long write_sequence;
|
||||||
|
struct {
|
||||||
|
unsigned int conn_id_length;
|
||||||
|
unsigned int cert_type;
|
||||||
|
unsigned int cert_length;
|
||||||
|
unsigned int csl;
|
||||||
|
unsigned int clear;
|
||||||
|
unsigned int enc;
|
||||||
|
unsigned char ccl[SSL2_MAX_CERT_CHALLENGE_LENGTH];
|
||||||
|
unsigned int cipher_spec_length;
|
||||||
|
unsigned int session_id_length;
|
||||||
|
unsigned int clen;
|
||||||
|
unsigned int rlen;
|
||||||
|
} tmp;
|
||||||
|
} SSL2_STATE;
|
||||||
|
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* SSLv2 */
|
||||||
|
/* client */
|
||||||
|
# define SSL2_ST_SEND_CLIENT_HELLO_A (0x10|SSL_ST_CONNECT)
|
||||||
|
# define SSL2_ST_SEND_CLIENT_HELLO_B (0x11|SSL_ST_CONNECT)
|
||||||
|
# define SSL2_ST_GET_SERVER_HELLO_A (0x20|SSL_ST_CONNECT)
|
||||||
|
# define SSL2_ST_GET_SERVER_HELLO_B (0x21|SSL_ST_CONNECT)
|
||||||
|
# define SSL2_ST_SEND_CLIENT_MASTER_KEY_A (0x30|SSL_ST_CONNECT)
|
||||||
|
# define SSL2_ST_SEND_CLIENT_MASTER_KEY_B (0x31|SSL_ST_CONNECT)
|
||||||
|
# define SSL2_ST_SEND_CLIENT_FINISHED_A (0x40|SSL_ST_CONNECT)
|
||||||
|
# define SSL2_ST_SEND_CLIENT_FINISHED_B (0x41|SSL_ST_CONNECT)
|
||||||
|
# define SSL2_ST_SEND_CLIENT_CERTIFICATE_A (0x50|SSL_ST_CONNECT)
|
||||||
|
# define SSL2_ST_SEND_CLIENT_CERTIFICATE_B (0x51|SSL_ST_CONNECT)
|
||||||
|
# define SSL2_ST_SEND_CLIENT_CERTIFICATE_C (0x52|SSL_ST_CONNECT)
|
||||||
|
# define SSL2_ST_SEND_CLIENT_CERTIFICATE_D (0x53|SSL_ST_CONNECT)
|
||||||
|
# define SSL2_ST_GET_SERVER_VERIFY_A (0x60|SSL_ST_CONNECT)
|
||||||
|
# define SSL2_ST_GET_SERVER_VERIFY_B (0x61|SSL_ST_CONNECT)
|
||||||
|
# define SSL2_ST_GET_SERVER_FINISHED_A (0x70|SSL_ST_CONNECT)
|
||||||
|
# define SSL2_ST_GET_SERVER_FINISHED_B (0x71|SSL_ST_CONNECT)
|
||||||
|
# define SSL2_ST_CLIENT_START_ENCRYPTION (0x80|SSL_ST_CONNECT)
|
||||||
|
# define SSL2_ST_X509_GET_CLIENT_CERTIFICATE (0x90|SSL_ST_CONNECT)
|
||||||
|
/* server */
|
||||||
|
# define SSL2_ST_GET_CLIENT_HELLO_A (0x10|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_GET_CLIENT_HELLO_B (0x11|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_GET_CLIENT_HELLO_C (0x12|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_SEND_SERVER_HELLO_A (0x20|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_SEND_SERVER_HELLO_B (0x21|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_GET_CLIENT_MASTER_KEY_A (0x30|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_GET_CLIENT_MASTER_KEY_B (0x31|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_SEND_SERVER_VERIFY_A (0x40|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_SEND_SERVER_VERIFY_B (0x41|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_SEND_SERVER_VERIFY_C (0x42|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_GET_CLIENT_FINISHED_A (0x50|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_GET_CLIENT_FINISHED_B (0x51|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_SEND_SERVER_FINISHED_A (0x60|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_SEND_SERVER_FINISHED_B (0x61|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_SEND_REQUEST_CERTIFICATE_A (0x70|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_SEND_REQUEST_CERTIFICATE_B (0x71|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_SEND_REQUEST_CERTIFICATE_C (0x72|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_SEND_REQUEST_CERTIFICATE_D (0x73|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_SERVER_START_ENCRYPTION (0x80|SSL_ST_ACCEPT)
|
||||||
|
# define SSL2_ST_X509_GET_SERVER_CERTIFICATE (0x90|SSL_ST_ACCEPT)
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
|
@ -0,0 +1,84 @@
|
||||||
|
/* ssl/ssl23.h */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_SSL23_H
|
||||||
|
# define HEADER_SSL23_H
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* client
|
||||||
|
*/
|
||||||
|
/* write to server */
|
||||||
|
# define SSL23_ST_CW_CLNT_HELLO_A (0x210|SSL_ST_CONNECT)
|
||||||
|
# define SSL23_ST_CW_CLNT_HELLO_B (0x211|SSL_ST_CONNECT)
|
||||||
|
/* read from server */
|
||||||
|
# define SSL23_ST_CR_SRVR_HELLO_A (0x220|SSL_ST_CONNECT)
|
||||||
|
# define SSL23_ST_CR_SRVR_HELLO_B (0x221|SSL_ST_CONNECT)
|
||||||
|
|
||||||
|
/* server */
|
||||||
|
/* read from client */
|
||||||
|
# define SSL23_ST_SR_CLNT_HELLO_A (0x210|SSL_ST_ACCEPT)
|
||||||
|
# define SSL23_ST_SR_CLNT_HELLO_B (0x211|SSL_ST_ACCEPT)
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
|
@ -0,0 +1,774 @@
|
||||||
|
/* ssl/ssl3.h */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* openssl-core@openssl.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
|
||||||
|
* ECC cipher suite support in OpenSSL originally developed by
|
||||||
|
* SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_SSL3_H
|
||||||
|
# define HEADER_SSL3_H
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_COMP
|
||||||
|
# include <openssl/comp.h>
|
||||||
|
# endif
|
||||||
|
# include <openssl/buffer.h>
|
||||||
|
# include <openssl/evp.h>
|
||||||
|
# include <openssl/ssl.h>
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Signalling cipher suite value from RFC 5746
|
||||||
|
* (TLS_EMPTY_RENEGOTIATION_INFO_SCSV)
|
||||||
|
*/
|
||||||
|
# define SSL3_CK_SCSV 0x030000FF
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Signalling cipher suite value from draft-ietf-tls-downgrade-scsv-00
|
||||||
|
* (TLS_FALLBACK_SCSV)
|
||||||
|
*/
|
||||||
|
# define SSL3_CK_FALLBACK_SCSV 0x03005600
|
||||||
|
|
||||||
|
# define SSL3_CK_RSA_NULL_MD5 0x03000001
|
||||||
|
# define SSL3_CK_RSA_NULL_SHA 0x03000002
|
||||||
|
# define SSL3_CK_RSA_RC4_40_MD5 0x03000003
|
||||||
|
# define SSL3_CK_RSA_RC4_128_MD5 0x03000004
|
||||||
|
# define SSL3_CK_RSA_RC4_128_SHA 0x03000005
|
||||||
|
# define SSL3_CK_RSA_RC2_40_MD5 0x03000006
|
||||||
|
# define SSL3_CK_RSA_IDEA_128_SHA 0x03000007
|
||||||
|
# define SSL3_CK_RSA_DES_40_CBC_SHA 0x03000008
|
||||||
|
# define SSL3_CK_RSA_DES_64_CBC_SHA 0x03000009
|
||||||
|
# define SSL3_CK_RSA_DES_192_CBC3_SHA 0x0300000A
|
||||||
|
|
||||||
|
# define SSL3_CK_DH_DSS_DES_40_CBC_SHA 0x0300000B
|
||||||
|
# define SSL3_CK_DH_DSS_DES_64_CBC_SHA 0x0300000C
|
||||||
|
# define SSL3_CK_DH_DSS_DES_192_CBC3_SHA 0x0300000D
|
||||||
|
# define SSL3_CK_DH_RSA_DES_40_CBC_SHA 0x0300000E
|
||||||
|
# define SSL3_CK_DH_RSA_DES_64_CBC_SHA 0x0300000F
|
||||||
|
# define SSL3_CK_DH_RSA_DES_192_CBC3_SHA 0x03000010
|
||||||
|
|
||||||
|
# define SSL3_CK_EDH_DSS_DES_40_CBC_SHA 0x03000011
|
||||||
|
# define SSL3_CK_DHE_DSS_DES_40_CBC_SHA SSL3_CK_EDH_DSS_DES_40_CBC_SHA
|
||||||
|
# define SSL3_CK_EDH_DSS_DES_64_CBC_SHA 0x03000012
|
||||||
|
# define SSL3_CK_DHE_DSS_DES_64_CBC_SHA SSL3_CK_EDH_DSS_DES_64_CBC_SHA
|
||||||
|
# define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA 0x03000013
|
||||||
|
# define SSL3_CK_DHE_DSS_DES_192_CBC3_SHA SSL3_CK_EDH_DSS_DES_192_CBC3_SHA
|
||||||
|
# define SSL3_CK_EDH_RSA_DES_40_CBC_SHA 0x03000014
|
||||||
|
# define SSL3_CK_DHE_RSA_DES_40_CBC_SHA SSL3_CK_EDH_RSA_DES_40_CBC_SHA
|
||||||
|
# define SSL3_CK_EDH_RSA_DES_64_CBC_SHA 0x03000015
|
||||||
|
# define SSL3_CK_DHE_RSA_DES_64_CBC_SHA SSL3_CK_EDH_RSA_DES_64_CBC_SHA
|
||||||
|
# define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA 0x03000016
|
||||||
|
# define SSL3_CK_DHE_RSA_DES_192_CBC3_SHA SSL3_CK_EDH_RSA_DES_192_CBC3_SHA
|
||||||
|
|
||||||
|
# define SSL3_CK_ADH_RC4_40_MD5 0x03000017
|
||||||
|
# define SSL3_CK_ADH_RC4_128_MD5 0x03000018
|
||||||
|
# define SSL3_CK_ADH_DES_40_CBC_SHA 0x03000019
|
||||||
|
# define SSL3_CK_ADH_DES_64_CBC_SHA 0x0300001A
|
||||||
|
# define SSL3_CK_ADH_DES_192_CBC_SHA 0x0300001B
|
||||||
|
|
||||||
|
# if 0
|
||||||
|
# define SSL3_CK_FZA_DMS_NULL_SHA 0x0300001C
|
||||||
|
# define SSL3_CK_FZA_DMS_FZA_SHA 0x0300001D
|
||||||
|
# if 0 /* Because it clashes with KRB5, is never
|
||||||
|
* used any more, and is safe to remove
|
||||||
|
* according to David Hopwood
|
||||||
|
* <david.hopwood@zetnet.co.uk> of the
|
||||||
|
* ietf-tls list */
|
||||||
|
# define SSL3_CK_FZA_DMS_RC4_SHA 0x0300001E
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* VRS Additional Kerberos5 entries
|
||||||
|
*/
|
||||||
|
# define SSL3_CK_KRB5_DES_64_CBC_SHA 0x0300001E
|
||||||
|
# define SSL3_CK_KRB5_DES_192_CBC3_SHA 0x0300001F
|
||||||
|
# define SSL3_CK_KRB5_RC4_128_SHA 0x03000020
|
||||||
|
# define SSL3_CK_KRB5_IDEA_128_CBC_SHA 0x03000021
|
||||||
|
# define SSL3_CK_KRB5_DES_64_CBC_MD5 0x03000022
|
||||||
|
# define SSL3_CK_KRB5_DES_192_CBC3_MD5 0x03000023
|
||||||
|
# define SSL3_CK_KRB5_RC4_128_MD5 0x03000024
|
||||||
|
# define SSL3_CK_KRB5_IDEA_128_CBC_MD5 0x03000025
|
||||||
|
|
||||||
|
# define SSL3_CK_KRB5_DES_40_CBC_SHA 0x03000026
|
||||||
|
# define SSL3_CK_KRB5_RC2_40_CBC_SHA 0x03000027
|
||||||
|
# define SSL3_CK_KRB5_RC4_40_SHA 0x03000028
|
||||||
|
# define SSL3_CK_KRB5_DES_40_CBC_MD5 0x03000029
|
||||||
|
# define SSL3_CK_KRB5_RC2_40_CBC_MD5 0x0300002A
|
||||||
|
# define SSL3_CK_KRB5_RC4_40_MD5 0x0300002B
|
||||||
|
|
||||||
|
# define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5"
|
||||||
|
# define SSL3_TXT_RSA_NULL_SHA "NULL-SHA"
|
||||||
|
# define SSL3_TXT_RSA_RC4_40_MD5 "EXP-RC4-MD5"
|
||||||
|
# define SSL3_TXT_RSA_RC4_128_MD5 "RC4-MD5"
|
||||||
|
# define SSL3_TXT_RSA_RC4_128_SHA "RC4-SHA"
|
||||||
|
# define SSL3_TXT_RSA_RC2_40_MD5 "EXP-RC2-CBC-MD5"
|
||||||
|
# define SSL3_TXT_RSA_IDEA_128_SHA "IDEA-CBC-SHA"
|
||||||
|
# define SSL3_TXT_RSA_DES_40_CBC_SHA "EXP-DES-CBC-SHA"
|
||||||
|
# define SSL3_TXT_RSA_DES_64_CBC_SHA "DES-CBC-SHA"
|
||||||
|
# define SSL3_TXT_RSA_DES_192_CBC3_SHA "DES-CBC3-SHA"
|
||||||
|
|
||||||
|
# define SSL3_TXT_DH_DSS_DES_40_CBC_SHA "EXP-DH-DSS-DES-CBC-SHA"
|
||||||
|
# define SSL3_TXT_DH_DSS_DES_64_CBC_SHA "DH-DSS-DES-CBC-SHA"
|
||||||
|
# define SSL3_TXT_DH_DSS_DES_192_CBC3_SHA "DH-DSS-DES-CBC3-SHA"
|
||||||
|
# define SSL3_TXT_DH_RSA_DES_40_CBC_SHA "EXP-DH-RSA-DES-CBC-SHA"
|
||||||
|
# define SSL3_TXT_DH_RSA_DES_64_CBC_SHA "DH-RSA-DES-CBC-SHA"
|
||||||
|
# define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA "DH-RSA-DES-CBC3-SHA"
|
||||||
|
|
||||||
|
# define SSL3_TXT_DHE_DSS_DES_40_CBC_SHA "EXP-DHE-DSS-DES-CBC-SHA"
|
||||||
|
# define SSL3_TXT_DHE_DSS_DES_64_CBC_SHA "DHE-DSS-DES-CBC-SHA"
|
||||||
|
# define SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA "DHE-DSS-DES-CBC3-SHA"
|
||||||
|
# define SSL3_TXT_DHE_RSA_DES_40_CBC_SHA "EXP-DHE-RSA-DES-CBC-SHA"
|
||||||
|
# define SSL3_TXT_DHE_RSA_DES_64_CBC_SHA "DHE-RSA-DES-CBC-SHA"
|
||||||
|
# define SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA "DHE-RSA-DES-CBC3-SHA"
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This next block of six "EDH" labels is for backward compatibility with
|
||||||
|
* older versions of OpenSSL. New code should use the six "DHE" labels above
|
||||||
|
* instead:
|
||||||
|
*/
|
||||||
|
# define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA "EXP-EDH-DSS-DES-CBC-SHA"
|
||||||
|
# define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA "EDH-DSS-DES-CBC-SHA"
|
||||||
|
# define SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA "EDH-DSS-DES-CBC3-SHA"
|
||||||
|
# define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA "EXP-EDH-RSA-DES-CBC-SHA"
|
||||||
|
# define SSL3_TXT_EDH_RSA_DES_64_CBC_SHA "EDH-RSA-DES-CBC-SHA"
|
||||||
|
# define SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA "EDH-RSA-DES-CBC3-SHA"
|
||||||
|
|
||||||
|
# define SSL3_TXT_ADH_RC4_40_MD5 "EXP-ADH-RC4-MD5"
|
||||||
|
# define SSL3_TXT_ADH_RC4_128_MD5 "ADH-RC4-MD5"
|
||||||
|
# define SSL3_TXT_ADH_DES_40_CBC_SHA "EXP-ADH-DES-CBC-SHA"
|
||||||
|
# define SSL3_TXT_ADH_DES_64_CBC_SHA "ADH-DES-CBC-SHA"
|
||||||
|
# define SSL3_TXT_ADH_DES_192_CBC_SHA "ADH-DES-CBC3-SHA"
|
||||||
|
|
||||||
|
# if 0
|
||||||
|
# define SSL3_TXT_FZA_DMS_NULL_SHA "FZA-NULL-SHA"
|
||||||
|
# define SSL3_TXT_FZA_DMS_FZA_SHA "FZA-FZA-CBC-SHA"
|
||||||
|
# define SSL3_TXT_FZA_DMS_RC4_SHA "FZA-RC4-SHA"
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# define SSL3_TXT_KRB5_DES_64_CBC_SHA "KRB5-DES-CBC-SHA"
|
||||||
|
# define SSL3_TXT_KRB5_DES_192_CBC3_SHA "KRB5-DES-CBC3-SHA"
|
||||||
|
# define SSL3_TXT_KRB5_RC4_128_SHA "KRB5-RC4-SHA"
|
||||||
|
# define SSL3_TXT_KRB5_IDEA_128_CBC_SHA "KRB5-IDEA-CBC-SHA"
|
||||||
|
# define SSL3_TXT_KRB5_DES_64_CBC_MD5 "KRB5-DES-CBC-MD5"
|
||||||
|
# define SSL3_TXT_KRB5_DES_192_CBC3_MD5 "KRB5-DES-CBC3-MD5"
|
||||||
|
# define SSL3_TXT_KRB5_RC4_128_MD5 "KRB5-RC4-MD5"
|
||||||
|
# define SSL3_TXT_KRB5_IDEA_128_CBC_MD5 "KRB5-IDEA-CBC-MD5"
|
||||||
|
|
||||||
|
# define SSL3_TXT_KRB5_DES_40_CBC_SHA "EXP-KRB5-DES-CBC-SHA"
|
||||||
|
# define SSL3_TXT_KRB5_RC2_40_CBC_SHA "EXP-KRB5-RC2-CBC-SHA"
|
||||||
|
# define SSL3_TXT_KRB5_RC4_40_SHA "EXP-KRB5-RC4-SHA"
|
||||||
|
# define SSL3_TXT_KRB5_DES_40_CBC_MD5 "EXP-KRB5-DES-CBC-MD5"
|
||||||
|
# define SSL3_TXT_KRB5_RC2_40_CBC_MD5 "EXP-KRB5-RC2-CBC-MD5"
|
||||||
|
# define SSL3_TXT_KRB5_RC4_40_MD5 "EXP-KRB5-RC4-MD5"
|
||||||
|
|
||||||
|
# define SSL3_SSL_SESSION_ID_LENGTH 32
|
||||||
|
# define SSL3_MAX_SSL_SESSION_ID_LENGTH 32
|
||||||
|
|
||||||
|
# define SSL3_MASTER_SECRET_SIZE 48
|
||||||
|
# define SSL3_RANDOM_SIZE 32
|
||||||
|
# define SSL3_SESSION_ID_SIZE 32
|
||||||
|
# define SSL3_RT_HEADER_LENGTH 5
|
||||||
|
|
||||||
|
# define SSL3_HM_HEADER_LENGTH 4
|
||||||
|
|
||||||
|
# ifndef SSL3_ALIGN_PAYLOAD
|
||||||
|
/*
|
||||||
|
* Some will argue that this increases memory footprint, but it's not
|
||||||
|
* actually true. Point is that malloc has to return at least 64-bit aligned
|
||||||
|
* pointers, meaning that allocating 5 bytes wastes 3 bytes in either case.
|
||||||
|
* Suggested pre-gaping simply moves these wasted bytes from the end of
|
||||||
|
* allocated region to its front, but makes data payload aligned, which
|
||||||
|
* improves performance:-)
|
||||||
|
*/
|
||||||
|
# define SSL3_ALIGN_PAYLOAD 8
|
||||||
|
# else
|
||||||
|
# if (SSL3_ALIGN_PAYLOAD&(SSL3_ALIGN_PAYLOAD-1))!=0
|
||||||
|
# error "insane SSL3_ALIGN_PAYLOAD"
|
||||||
|
# undef SSL3_ALIGN_PAYLOAD
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This is the maximum MAC (digest) size used by the SSL library. Currently
|
||||||
|
* maximum of 20 is used by SHA1, but we reserve for future extension for
|
||||||
|
* 512-bit hashes.
|
||||||
|
*/
|
||||||
|
|
||||||
|
# define SSL3_RT_MAX_MD_SIZE 64
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Maximum block size used in all ciphersuites. Currently 16 for AES.
|
||||||
|
*/
|
||||||
|
|
||||||
|
# define SSL_RT_MAX_CIPHER_BLOCK_SIZE 16
|
||||||
|
|
||||||
|
# define SSL3_RT_MAX_EXTRA (16384)
|
||||||
|
|
||||||
|
/* Maximum plaintext length: defined by SSL/TLS standards */
|
||||||
|
# define SSL3_RT_MAX_PLAIN_LENGTH 16384
|
||||||
|
/* Maximum compression overhead: defined by SSL/TLS standards */
|
||||||
|
# define SSL3_RT_MAX_COMPRESSED_OVERHEAD 1024
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The standards give a maximum encryption overhead of 1024 bytes. In
|
||||||
|
* practice the value is lower than this. The overhead is the maximum number
|
||||||
|
* of padding bytes (256) plus the mac size.
|
||||||
|
*/
|
||||||
|
# define SSL3_RT_MAX_ENCRYPTED_OVERHEAD (256 + SSL3_RT_MAX_MD_SIZE)
|
||||||
|
|
||||||
|
/*
|
||||||
|
* OpenSSL currently only uses a padding length of at most one block so the
|
||||||
|
* send overhead is smaller.
|
||||||
|
*/
|
||||||
|
|
||||||
|
# define SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD \
|
||||||
|
(SSL_RT_MAX_CIPHER_BLOCK_SIZE + SSL3_RT_MAX_MD_SIZE)
|
||||||
|
|
||||||
|
/* If compression isn't used don't include the compression overhead */
|
||||||
|
|
||||||
|
# ifdef OPENSSL_NO_COMP
|
||||||
|
# define SSL3_RT_MAX_COMPRESSED_LENGTH SSL3_RT_MAX_PLAIN_LENGTH
|
||||||
|
# else
|
||||||
|
# define SSL3_RT_MAX_COMPRESSED_LENGTH \
|
||||||
|
(SSL3_RT_MAX_PLAIN_LENGTH+SSL3_RT_MAX_COMPRESSED_OVERHEAD)
|
||||||
|
# endif
|
||||||
|
# define SSL3_RT_MAX_ENCRYPTED_LENGTH \
|
||||||
|
(SSL3_RT_MAX_ENCRYPTED_OVERHEAD+SSL3_RT_MAX_COMPRESSED_LENGTH)
|
||||||
|
# define SSL3_RT_MAX_PACKET_SIZE \
|
||||||
|
(SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH)
|
||||||
|
|
||||||
|
# define SSL3_MD_CLIENT_FINISHED_CONST "\x43\x4C\x4E\x54"
|
||||||
|
# define SSL3_MD_SERVER_FINISHED_CONST "\x53\x52\x56\x52"
|
||||||
|
|
||||||
|
# define SSL3_VERSION 0x0300
|
||||||
|
# define SSL3_VERSION_MAJOR 0x03
|
||||||
|
# define SSL3_VERSION_MINOR 0x00
|
||||||
|
|
||||||
|
# define SSL3_RT_CHANGE_CIPHER_SPEC 20
|
||||||
|
# define SSL3_RT_ALERT 21
|
||||||
|
# define SSL3_RT_HANDSHAKE 22
|
||||||
|
# define SSL3_RT_APPLICATION_DATA 23
|
||||||
|
# define TLS1_RT_HEARTBEAT 24
|
||||||
|
|
||||||
|
/* Pseudo content types to indicate additional parameters */
|
||||||
|
# define TLS1_RT_CRYPTO 0x1000
|
||||||
|
# define TLS1_RT_CRYPTO_PREMASTER (TLS1_RT_CRYPTO | 0x1)
|
||||||
|
# define TLS1_RT_CRYPTO_CLIENT_RANDOM (TLS1_RT_CRYPTO | 0x2)
|
||||||
|
# define TLS1_RT_CRYPTO_SERVER_RANDOM (TLS1_RT_CRYPTO | 0x3)
|
||||||
|
# define TLS1_RT_CRYPTO_MASTER (TLS1_RT_CRYPTO | 0x4)
|
||||||
|
|
||||||
|
# define TLS1_RT_CRYPTO_READ 0x0000
|
||||||
|
# define TLS1_RT_CRYPTO_WRITE 0x0100
|
||||||
|
# define TLS1_RT_CRYPTO_MAC (TLS1_RT_CRYPTO | 0x5)
|
||||||
|
# define TLS1_RT_CRYPTO_KEY (TLS1_RT_CRYPTO | 0x6)
|
||||||
|
# define TLS1_RT_CRYPTO_IV (TLS1_RT_CRYPTO | 0x7)
|
||||||
|
# define TLS1_RT_CRYPTO_FIXED_IV (TLS1_RT_CRYPTO | 0x8)
|
||||||
|
|
||||||
|
/* Pseudo content type for SSL/TLS header info */
|
||||||
|
# define SSL3_RT_HEADER 0x100
|
||||||
|
|
||||||
|
# define SSL3_AL_WARNING 1
|
||||||
|
# define SSL3_AL_FATAL 2
|
||||||
|
|
||||||
|
# define SSL3_AD_CLOSE_NOTIFY 0
|
||||||
|
# define SSL3_AD_UNEXPECTED_MESSAGE 10/* fatal */
|
||||||
|
# define SSL3_AD_BAD_RECORD_MAC 20/* fatal */
|
||||||
|
# define SSL3_AD_DECOMPRESSION_FAILURE 30/* fatal */
|
||||||
|
# define SSL3_AD_HANDSHAKE_FAILURE 40/* fatal */
|
||||||
|
# define SSL3_AD_NO_CERTIFICATE 41
|
||||||
|
# define SSL3_AD_BAD_CERTIFICATE 42
|
||||||
|
# define SSL3_AD_UNSUPPORTED_CERTIFICATE 43
|
||||||
|
# define SSL3_AD_CERTIFICATE_REVOKED 44
|
||||||
|
# define SSL3_AD_CERTIFICATE_EXPIRED 45
|
||||||
|
# define SSL3_AD_CERTIFICATE_UNKNOWN 46
|
||||||
|
# define SSL3_AD_ILLEGAL_PARAMETER 47/* fatal */
|
||||||
|
|
||||||
|
# define TLS1_HB_REQUEST 1
|
||||||
|
# define TLS1_HB_RESPONSE 2
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_SSL_INTERN
|
||||||
|
|
||||||
|
typedef struct ssl3_record_st {
|
||||||
|
/* type of record */
|
||||||
|
/*
|
||||||
|
* r
|
||||||
|
*/ int type;
|
||||||
|
/* How many bytes available */
|
||||||
|
/*
|
||||||
|
* rw
|
||||||
|
*/ unsigned int length;
|
||||||
|
/* read/write offset into 'buf' */
|
||||||
|
/*
|
||||||
|
* r
|
||||||
|
*/ unsigned int off;
|
||||||
|
/* pointer to the record data */
|
||||||
|
/*
|
||||||
|
* rw
|
||||||
|
*/ unsigned char *data;
|
||||||
|
/* where the decode bytes are */
|
||||||
|
/*
|
||||||
|
* rw
|
||||||
|
*/ unsigned char *input;
|
||||||
|
/* only used with decompression - malloc()ed */
|
||||||
|
/*
|
||||||
|
* r
|
||||||
|
*/ unsigned char *comp;
|
||||||
|
/* epoch number, needed by DTLS1 */
|
||||||
|
/*
|
||||||
|
* r
|
||||||
|
*/ unsigned long epoch;
|
||||||
|
/* sequence number, needed by DTLS1 */
|
||||||
|
/*
|
||||||
|
* r
|
||||||
|
*/ unsigned char seq_num[8];
|
||||||
|
} SSL3_RECORD;
|
||||||
|
|
||||||
|
typedef struct ssl3_buffer_st {
|
||||||
|
/* at least SSL3_RT_MAX_PACKET_SIZE bytes, see ssl3_setup_buffers() */
|
||||||
|
unsigned char *buf;
|
||||||
|
/* buffer size */
|
||||||
|
size_t len;
|
||||||
|
/* where to 'copy from' */
|
||||||
|
int offset;
|
||||||
|
/* how many bytes left */
|
||||||
|
int left;
|
||||||
|
} SSL3_BUFFER;
|
||||||
|
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# define SSL3_CT_RSA_SIGN 1
|
||||||
|
# define SSL3_CT_DSS_SIGN 2
|
||||||
|
# define SSL3_CT_RSA_FIXED_DH 3
|
||||||
|
# define SSL3_CT_DSS_FIXED_DH 4
|
||||||
|
# define SSL3_CT_RSA_EPHEMERAL_DH 5
|
||||||
|
# define SSL3_CT_DSS_EPHEMERAL_DH 6
|
||||||
|
# define SSL3_CT_FORTEZZA_DMS 20
|
||||||
|
/*
|
||||||
|
* SSL3_CT_NUMBER is used to size arrays and it must be large enough to
|
||||||
|
* contain all of the cert types defined either for SSLv3 and TLSv1.
|
||||||
|
*/
|
||||||
|
# define SSL3_CT_NUMBER 9
|
||||||
|
|
||||||
|
# define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001
|
||||||
|
# define SSL3_FLAGS_DELAY_CLIENT_FINISHED 0x0002
|
||||||
|
# define SSL3_FLAGS_POP_BUFFER 0x0004
|
||||||
|
# define TLS1_FLAGS_TLS_PADDING_BUG 0x0008
|
||||||
|
# define TLS1_FLAGS_SKIP_CERT_VERIFY 0x0010
|
||||||
|
# define TLS1_FLAGS_KEEP_HANDSHAKE 0x0020
|
||||||
|
/*
|
||||||
|
* Set when the handshake is ready to process peer's ChangeCipherSpec message.
|
||||||
|
* Cleared after the message has been processed.
|
||||||
|
*/
|
||||||
|
# define SSL3_FLAGS_CCS_OK 0x0080
|
||||||
|
|
||||||
|
/* SSL3_FLAGS_SGC_RESTART_DONE is no longer used */
|
||||||
|
# define SSL3_FLAGS_SGC_RESTART_DONE 0x0040
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_SSL_INTERN
|
||||||
|
|
||||||
|
typedef struct ssl3_state_st {
|
||||||
|
long flags;
|
||||||
|
int delay_buf_pop_ret;
|
||||||
|
unsigned char read_sequence[8];
|
||||||
|
int read_mac_secret_size;
|
||||||
|
unsigned char read_mac_secret[EVP_MAX_MD_SIZE];
|
||||||
|
unsigned char write_sequence[8];
|
||||||
|
int write_mac_secret_size;
|
||||||
|
unsigned char write_mac_secret[EVP_MAX_MD_SIZE];
|
||||||
|
unsigned char server_random[SSL3_RANDOM_SIZE];
|
||||||
|
unsigned char client_random[SSL3_RANDOM_SIZE];
|
||||||
|
/* flags for countermeasure against known-IV weakness */
|
||||||
|
int need_empty_fragments;
|
||||||
|
int empty_fragment_done;
|
||||||
|
/* The value of 'extra' when the buffers were initialized */
|
||||||
|
int init_extra;
|
||||||
|
SSL3_BUFFER rbuf; /* read IO goes into here */
|
||||||
|
SSL3_BUFFER wbuf; /* write IO goes into here */
|
||||||
|
SSL3_RECORD rrec; /* each decoded record goes in here */
|
||||||
|
SSL3_RECORD wrec; /* goes out from here */
|
||||||
|
/*
|
||||||
|
* storage for Alert/Handshake protocol data received but not yet
|
||||||
|
* processed by ssl3_read_bytes:
|
||||||
|
*/
|
||||||
|
unsigned char alert_fragment[2];
|
||||||
|
unsigned int alert_fragment_len;
|
||||||
|
unsigned char handshake_fragment[4];
|
||||||
|
unsigned int handshake_fragment_len;
|
||||||
|
/* partial write - check the numbers match */
|
||||||
|
unsigned int wnum; /* number of bytes sent so far */
|
||||||
|
int wpend_tot; /* number bytes written */
|
||||||
|
int wpend_type;
|
||||||
|
int wpend_ret; /* number of bytes submitted */
|
||||||
|
const unsigned char *wpend_buf;
|
||||||
|
/* used during startup, digest all incoming/outgoing packets */
|
||||||
|
BIO *handshake_buffer;
|
||||||
|
/*
|
||||||
|
* When set of handshake digests is determined, buffer is hashed and
|
||||||
|
* freed and MD_CTX-es for all required digests are stored in this array
|
||||||
|
*/
|
||||||
|
EVP_MD_CTX **handshake_dgst;
|
||||||
|
/*
|
||||||
|
* Set whenever an expected ChangeCipherSpec message is processed.
|
||||||
|
* Unset when the peer's Finished message is received.
|
||||||
|
* Unexpected ChangeCipherSpec messages trigger a fatal alert.
|
||||||
|
*/
|
||||||
|
int change_cipher_spec;
|
||||||
|
int warn_alert;
|
||||||
|
int fatal_alert;
|
||||||
|
/*
|
||||||
|
* we allow one fatal and one warning alert to be outstanding, send close
|
||||||
|
* alert via the warning alert
|
||||||
|
*/
|
||||||
|
int alert_dispatch;
|
||||||
|
unsigned char send_alert[2];
|
||||||
|
/*
|
||||||
|
* This flag is set when we should renegotiate ASAP, basically when there
|
||||||
|
* is no more data in the read or write buffers
|
||||||
|
*/
|
||||||
|
int renegotiate;
|
||||||
|
int total_renegotiations;
|
||||||
|
int num_renegotiations;
|
||||||
|
int in_read_app_data;
|
||||||
|
/*
|
||||||
|
* Opaque PRF input as used for the current handshake. These fields are
|
||||||
|
* used only if TLSEXT_TYPE_opaque_prf_input is defined (otherwise, they
|
||||||
|
* are merely present to improve binary compatibility)
|
||||||
|
*/
|
||||||
|
void *client_opaque_prf_input;
|
||||||
|
size_t client_opaque_prf_input_len;
|
||||||
|
void *server_opaque_prf_input;
|
||||||
|
size_t server_opaque_prf_input_len;
|
||||||
|
struct {
|
||||||
|
/* actually only needs to be 16+20 */
|
||||||
|
unsigned char cert_verify_md[EVP_MAX_MD_SIZE * 2];
|
||||||
|
/* actually only need to be 16+20 for SSLv3 and 12 for TLS */
|
||||||
|
unsigned char finish_md[EVP_MAX_MD_SIZE * 2];
|
||||||
|
int finish_md_len;
|
||||||
|
unsigned char peer_finish_md[EVP_MAX_MD_SIZE * 2];
|
||||||
|
int peer_finish_md_len;
|
||||||
|
unsigned long message_size;
|
||||||
|
int message_type;
|
||||||
|
/* used to hold the new cipher we are going to use */
|
||||||
|
const SSL_CIPHER *new_cipher;
|
||||||
|
# ifndef OPENSSL_NO_DH
|
||||||
|
DH *dh;
|
||||||
|
# endif
|
||||||
|
# ifndef OPENSSL_NO_ECDH
|
||||||
|
EC_KEY *ecdh; /* holds short lived ECDH key */
|
||||||
|
# endif
|
||||||
|
/* used when SSL_ST_FLUSH_DATA is entered */
|
||||||
|
int next_state;
|
||||||
|
int reuse_message;
|
||||||
|
/* used for certificate requests */
|
||||||
|
int cert_req;
|
||||||
|
int ctype_num;
|
||||||
|
char ctype[SSL3_CT_NUMBER];
|
||||||
|
STACK_OF(X509_NAME) *ca_names;
|
||||||
|
int use_rsa_tmp;
|
||||||
|
int key_block_length;
|
||||||
|
unsigned char *key_block;
|
||||||
|
const EVP_CIPHER *new_sym_enc;
|
||||||
|
const EVP_MD *new_hash;
|
||||||
|
int new_mac_pkey_type;
|
||||||
|
int new_mac_secret_size;
|
||||||
|
# ifndef OPENSSL_NO_COMP
|
||||||
|
const SSL_COMP *new_compression;
|
||||||
|
# else
|
||||||
|
char *new_compression;
|
||||||
|
# endif
|
||||||
|
int cert_request;
|
||||||
|
} tmp;
|
||||||
|
|
||||||
|
/* Connection binding to prevent renegotiation attacks */
|
||||||
|
unsigned char previous_client_finished[EVP_MAX_MD_SIZE];
|
||||||
|
unsigned char previous_client_finished_len;
|
||||||
|
unsigned char previous_server_finished[EVP_MAX_MD_SIZE];
|
||||||
|
unsigned char previous_server_finished_len;
|
||||||
|
int send_connection_binding; /* TODOEKR */
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_NEXTPROTONEG
|
||||||
|
/*
|
||||||
|
* Set if we saw the Next Protocol Negotiation extension from our peer.
|
||||||
|
*/
|
||||||
|
int next_proto_neg_seen;
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_TLSEXT
|
||||||
|
# ifndef OPENSSL_NO_EC
|
||||||
|
/*
|
||||||
|
* This is set to true if we believe that this is a version of Safari
|
||||||
|
* running on OS X 10.6 or newer. We wish to know this because Safari on
|
||||||
|
* 10.8 .. 10.8.3 has broken ECDHE-ECDSA support.
|
||||||
|
*/
|
||||||
|
char is_probably_safari;
|
||||||
|
# endif /* !OPENSSL_NO_EC */
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ALPN information (we are in the process of transitioning from NPN to
|
||||||
|
* ALPN.)
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* In a server these point to the selected ALPN protocol after the
|
||||||
|
* ClientHello has been processed. In a client these contain the protocol
|
||||||
|
* that the server selected once the ServerHello has been processed.
|
||||||
|
*/
|
||||||
|
unsigned char *alpn_selected;
|
||||||
|
unsigned alpn_selected_len;
|
||||||
|
# endif /* OPENSSL_NO_TLSEXT */
|
||||||
|
} SSL3_STATE;
|
||||||
|
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* SSLv3 */
|
||||||
|
/*
|
||||||
|
* client
|
||||||
|
*/
|
||||||
|
/* extra state */
|
||||||
|
# define SSL3_ST_CW_FLUSH (0x100|SSL_ST_CONNECT)
|
||||||
|
# ifndef OPENSSL_NO_SCTP
|
||||||
|
# define DTLS1_SCTP_ST_CW_WRITE_SOCK (0x310|SSL_ST_CONNECT)
|
||||||
|
# define DTLS1_SCTP_ST_CR_READ_SOCK (0x320|SSL_ST_CONNECT)
|
||||||
|
# endif
|
||||||
|
/* write to server */
|
||||||
|
# define SSL3_ST_CW_CLNT_HELLO_A (0x110|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CW_CLNT_HELLO_B (0x111|SSL_ST_CONNECT)
|
||||||
|
/* read from server */
|
||||||
|
# define SSL3_ST_CR_SRVR_HELLO_A (0x120|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CR_SRVR_HELLO_B (0x121|SSL_ST_CONNECT)
|
||||||
|
# define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A (0x126|SSL_ST_CONNECT)
|
||||||
|
# define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B (0x127|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CR_CERT_A (0x130|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CR_CERT_B (0x131|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CR_KEY_EXCH_A (0x140|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CR_KEY_EXCH_B (0x141|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CR_CERT_REQ_A (0x150|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CR_CERT_REQ_B (0x151|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CR_SRVR_DONE_A (0x160|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CR_SRVR_DONE_B (0x161|SSL_ST_CONNECT)
|
||||||
|
/* write to server */
|
||||||
|
# define SSL3_ST_CW_CERT_A (0x170|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CW_CERT_B (0x171|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CW_CERT_C (0x172|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CW_CERT_D (0x173|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CW_KEY_EXCH_A (0x180|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CW_KEY_EXCH_B (0x181|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CW_CERT_VRFY_A (0x190|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CW_CERT_VRFY_B (0x191|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CW_CHANGE_A (0x1A0|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CW_CHANGE_B (0x1A1|SSL_ST_CONNECT)
|
||||||
|
# ifndef OPENSSL_NO_NEXTPROTONEG
|
||||||
|
# define SSL3_ST_CW_NEXT_PROTO_A (0x200|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CW_NEXT_PROTO_B (0x201|SSL_ST_CONNECT)
|
||||||
|
# endif
|
||||||
|
# define SSL3_ST_CW_FINISHED_A (0x1B0|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CW_FINISHED_B (0x1B1|SSL_ST_CONNECT)
|
||||||
|
/* read from server */
|
||||||
|
# define SSL3_ST_CR_CHANGE_A (0x1C0|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CR_CHANGE_B (0x1C1|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CR_FINISHED_A (0x1D0|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CR_FINISHED_B (0x1D1|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CR_SESSION_TICKET_A (0x1E0|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CR_SESSION_TICKET_B (0x1E1|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CR_CERT_STATUS_A (0x1F0|SSL_ST_CONNECT)
|
||||||
|
# define SSL3_ST_CR_CERT_STATUS_B (0x1F1|SSL_ST_CONNECT)
|
||||||
|
|
||||||
|
/* server */
|
||||||
|
/* extra state */
|
||||||
|
# define SSL3_ST_SW_FLUSH (0x100|SSL_ST_ACCEPT)
|
||||||
|
# ifndef OPENSSL_NO_SCTP
|
||||||
|
# define DTLS1_SCTP_ST_SW_WRITE_SOCK (0x310|SSL_ST_ACCEPT)
|
||||||
|
# define DTLS1_SCTP_ST_SR_READ_SOCK (0x320|SSL_ST_ACCEPT)
|
||||||
|
# endif
|
||||||
|
/* read from client */
|
||||||
|
/* Do not change the number values, they do matter */
|
||||||
|
# define SSL3_ST_SR_CLNT_HELLO_A (0x110|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SR_CLNT_HELLO_B (0x111|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SR_CLNT_HELLO_C (0x112|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SR_CLNT_HELLO_D (0x115|SSL_ST_ACCEPT)
|
||||||
|
/* write to client */
|
||||||
|
# define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A (0x113|SSL_ST_ACCEPT)
|
||||||
|
# define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B (0x114|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_HELLO_REQ_A (0x120|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_HELLO_REQ_B (0x121|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_HELLO_REQ_C (0x122|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_SRVR_HELLO_A (0x130|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_SRVR_HELLO_B (0x131|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_CERT_A (0x140|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_CERT_B (0x141|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_KEY_EXCH_A (0x150|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_KEY_EXCH_B (0x151|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_CERT_REQ_A (0x160|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_CERT_REQ_B (0x161|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_SRVR_DONE_A (0x170|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_SRVR_DONE_B (0x171|SSL_ST_ACCEPT)
|
||||||
|
/* read from client */
|
||||||
|
# define SSL3_ST_SR_CERT_A (0x180|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SR_CERT_B (0x181|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SR_KEY_EXCH_A (0x190|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SR_KEY_EXCH_B (0x191|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SR_CERT_VRFY_A (0x1A0|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT)
|
||||||
|
# ifndef OPENSSL_NO_NEXTPROTONEG
|
||||||
|
# define SSL3_ST_SR_NEXT_PROTO_A (0x210|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SR_NEXT_PROTO_B (0x211|SSL_ST_ACCEPT)
|
||||||
|
# endif
|
||||||
|
# define SSL3_ST_SR_FINISHED_A (0x1C0|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SR_FINISHED_B (0x1C1|SSL_ST_ACCEPT)
|
||||||
|
/* write to client */
|
||||||
|
# define SSL3_ST_SW_CHANGE_A (0x1D0|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_CHANGE_B (0x1D1|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_FINISHED_A (0x1E0|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_FINISHED_B (0x1E1|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_SESSION_TICKET_A (0x1F0|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_SESSION_TICKET_B (0x1F1|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_CERT_STATUS_A (0x200|SSL_ST_ACCEPT)
|
||||||
|
# define SSL3_ST_SW_CERT_STATUS_B (0x201|SSL_ST_ACCEPT)
|
||||||
|
|
||||||
|
# define SSL3_MT_HELLO_REQUEST 0
|
||||||
|
# define SSL3_MT_CLIENT_HELLO 1
|
||||||
|
# define SSL3_MT_SERVER_HELLO 2
|
||||||
|
# define SSL3_MT_NEWSESSION_TICKET 4
|
||||||
|
# define SSL3_MT_CERTIFICATE 11
|
||||||
|
# define SSL3_MT_SERVER_KEY_EXCHANGE 12
|
||||||
|
# define SSL3_MT_CERTIFICATE_REQUEST 13
|
||||||
|
# define SSL3_MT_SERVER_DONE 14
|
||||||
|
# define SSL3_MT_CERTIFICATE_VERIFY 15
|
||||||
|
# define SSL3_MT_CLIENT_KEY_EXCHANGE 16
|
||||||
|
# define SSL3_MT_FINISHED 20
|
||||||
|
# define SSL3_MT_CERTIFICATE_STATUS 22
|
||||||
|
# ifndef OPENSSL_NO_NEXTPROTONEG
|
||||||
|
# define SSL3_MT_NEXT_PROTO 67
|
||||||
|
# endif
|
||||||
|
# define DTLS1_MT_HELLO_VERIFY_REQUEST 3
|
||||||
|
|
||||||
|
# define SSL3_MT_CCS 1
|
||||||
|
|
||||||
|
/* These are used when changing over to a new cipher */
|
||||||
|
# define SSL3_CC_READ 0x01
|
||||||
|
# define SSL3_CC_WRITE 0x02
|
||||||
|
# define SSL3_CC_CLIENT 0x10
|
||||||
|
# define SSL3_CC_SERVER 0x20
|
||||||
|
# define SSL3_CHANGE_CIPHER_CLIENT_WRITE (SSL3_CC_CLIENT|SSL3_CC_WRITE)
|
||||||
|
# define SSL3_CHANGE_CIPHER_SERVER_READ (SSL3_CC_SERVER|SSL3_CC_READ)
|
||||||
|
# define SSL3_CHANGE_CIPHER_CLIENT_READ (SSL3_CC_CLIENT|SSL3_CC_READ)
|
||||||
|
# define SSL3_CHANGE_CIPHER_SERVER_WRITE (SSL3_CC_SERVER|SSL3_CC_WRITE)
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
|
@ -0,0 +1,107 @@
|
||||||
|
/* crypto/stack/stack.h */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_STACK_H
|
||||||
|
# define HEADER_STACK_H
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
typedef struct stack_st {
|
||||||
|
int num;
|
||||||
|
char **data;
|
||||||
|
int sorted;
|
||||||
|
int num_alloc;
|
||||||
|
int (*comp) (const void *, const void *);
|
||||||
|
} _STACK; /* Use STACK_OF(...) instead */
|
||||||
|
|
||||||
|
# define M_sk_num(sk) ((sk) ? (sk)->num:-1)
|
||||||
|
# define M_sk_value(sk,n) ((sk) ? (sk)->data[n] : NULL)
|
||||||
|
|
||||||
|
int sk_num(const _STACK *);
|
||||||
|
void *sk_value(const _STACK *, int);
|
||||||
|
|
||||||
|
void *sk_set(_STACK *, int, void *);
|
||||||
|
|
||||||
|
_STACK *sk_new(int (*cmp) (const void *, const void *));
|
||||||
|
_STACK *sk_new_null(void);
|
||||||
|
void sk_free(_STACK *);
|
||||||
|
void sk_pop_free(_STACK *st, void (*func) (void *));
|
||||||
|
_STACK *sk_deep_copy(_STACK *, void *(*)(void *), void (*)(void *));
|
||||||
|
int sk_insert(_STACK *sk, void *data, int where);
|
||||||
|
void *sk_delete(_STACK *st, int loc);
|
||||||
|
void *sk_delete_ptr(_STACK *st, void *p);
|
||||||
|
int sk_find(_STACK *st, void *data);
|
||||||
|
int sk_find_ex(_STACK *st, void *data);
|
||||||
|
int sk_push(_STACK *st, void *data);
|
||||||
|
int sk_unshift(_STACK *st, void *data);
|
||||||
|
void *sk_shift(_STACK *st);
|
||||||
|
void *sk_pop(_STACK *st);
|
||||||
|
void sk_zero(_STACK *st);
|
||||||
|
int (*sk_set_cmp_func(_STACK *sk, int (*c) (const void *, const void *)))
|
||||||
|
(const void *, const void *);
|
||||||
|
_STACK *sk_dup(_STACK *st);
|
||||||
|
void sk_sort(_STACK *st);
|
||||||
|
int sk_is_sorted(const _STACK *st);
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#endif
|
|
@ -0,0 +1,516 @@
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* openssl-core@openssl.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_SYMHACKS_H
|
||||||
|
# define HEADER_SYMHACKS_H
|
||||||
|
|
||||||
|
# include <openssl/e_os2.h>
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Hacks to solve the problem with linkers incapable of handling very long
|
||||||
|
* symbol names. In the case of VMS, the limit is 31 characters on VMS for
|
||||||
|
* VAX.
|
||||||
|
*/
|
||||||
|
/*
|
||||||
|
* Note that this affects util/libeay.num and util/ssleay.num... you may
|
||||||
|
* change those manually, but that's not recommended, as those files are
|
||||||
|
* controlled centrally and updated on Unix, and the central definition may
|
||||||
|
* disagree with yours, which in turn may come with shareable library
|
||||||
|
* incompatibilities.
|
||||||
|
*/
|
||||||
|
# ifdef OPENSSL_SYS_VMS
|
||||||
|
|
||||||
|
/* Hack a long name in crypto/ex_data.c */
|
||||||
|
# undef CRYPTO_get_ex_data_implementation
|
||||||
|
# define CRYPTO_get_ex_data_implementation CRYPTO_get_ex_data_impl
|
||||||
|
# undef CRYPTO_set_ex_data_implementation
|
||||||
|
# define CRYPTO_set_ex_data_implementation CRYPTO_set_ex_data_impl
|
||||||
|
|
||||||
|
/* Hack a long name in crypto/asn1/a_mbstr.c */
|
||||||
|
# undef ASN1_STRING_set_default_mask_asc
|
||||||
|
# define ASN1_STRING_set_default_mask_asc ASN1_STRING_set_def_mask_asc
|
||||||
|
|
||||||
|
# if 0 /* No longer needed, since safestack macro
|
||||||
|
* magic does the job */
|
||||||
|
/* Hack the names created with DECLARE_ASN1_SET_OF(PKCS7_SIGNER_INFO) */
|
||||||
|
# undef i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO
|
||||||
|
# define i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO i2d_ASN1_SET_OF_PKCS7_SIGINF
|
||||||
|
# undef d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO
|
||||||
|
# define d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO d2i_ASN1_SET_OF_PKCS7_SIGINF
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# if 0 /* No longer needed, since safestack macro
|
||||||
|
* magic does the job */
|
||||||
|
/* Hack the names created with DECLARE_ASN1_SET_OF(PKCS7_RECIP_INFO) */
|
||||||
|
# undef i2d_ASN1_SET_OF_PKCS7_RECIP_INFO
|
||||||
|
# define i2d_ASN1_SET_OF_PKCS7_RECIP_INFO i2d_ASN1_SET_OF_PKCS7_RECINF
|
||||||
|
# undef d2i_ASN1_SET_OF_PKCS7_RECIP_INFO
|
||||||
|
# define d2i_ASN1_SET_OF_PKCS7_RECIP_INFO d2i_ASN1_SET_OF_PKCS7_RECINF
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# if 0 /* No longer needed, since safestack macro
|
||||||
|
* magic does the job */
|
||||||
|
/* Hack the names created with DECLARE_ASN1_SET_OF(ACCESS_DESCRIPTION) */
|
||||||
|
# undef i2d_ASN1_SET_OF_ACCESS_DESCRIPTION
|
||||||
|
# define i2d_ASN1_SET_OF_ACCESS_DESCRIPTION i2d_ASN1_SET_OF_ACC_DESC
|
||||||
|
# undef d2i_ASN1_SET_OF_ACCESS_DESCRIPTION
|
||||||
|
# define d2i_ASN1_SET_OF_ACCESS_DESCRIPTION d2i_ASN1_SET_OF_ACC_DESC
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* Hack the names created with DECLARE_PEM_rw(NETSCAPE_CERT_SEQUENCE) */
|
||||||
|
# undef PEM_read_NETSCAPE_CERT_SEQUENCE
|
||||||
|
# define PEM_read_NETSCAPE_CERT_SEQUENCE PEM_read_NS_CERT_SEQ
|
||||||
|
# undef PEM_write_NETSCAPE_CERT_SEQUENCE
|
||||||
|
# define PEM_write_NETSCAPE_CERT_SEQUENCE PEM_write_NS_CERT_SEQ
|
||||||
|
# undef PEM_read_bio_NETSCAPE_CERT_SEQUENCE
|
||||||
|
# define PEM_read_bio_NETSCAPE_CERT_SEQUENCE PEM_read_bio_NS_CERT_SEQ
|
||||||
|
# undef PEM_write_bio_NETSCAPE_CERT_SEQUENCE
|
||||||
|
# define PEM_write_bio_NETSCAPE_CERT_SEQUENCE PEM_write_bio_NS_CERT_SEQ
|
||||||
|
# undef PEM_write_cb_bio_NETSCAPE_CERT_SEQUENCE
|
||||||
|
# define PEM_write_cb_bio_NETSCAPE_CERT_SEQUENCE PEM_write_cb_bio_NS_CERT_SEQ
|
||||||
|
|
||||||
|
/* Hack the names created with DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO) */
|
||||||
|
# undef PEM_read_PKCS8_PRIV_KEY_INFO
|
||||||
|
# define PEM_read_PKCS8_PRIV_KEY_INFO PEM_read_P8_PRIV_KEY_INFO
|
||||||
|
# undef PEM_write_PKCS8_PRIV_KEY_INFO
|
||||||
|
# define PEM_write_PKCS8_PRIV_KEY_INFO PEM_write_P8_PRIV_KEY_INFO
|
||||||
|
# undef PEM_read_bio_PKCS8_PRIV_KEY_INFO
|
||||||
|
# define PEM_read_bio_PKCS8_PRIV_KEY_INFO PEM_read_bio_P8_PRIV_KEY_INFO
|
||||||
|
# undef PEM_write_bio_PKCS8_PRIV_KEY_INFO
|
||||||
|
# define PEM_write_bio_PKCS8_PRIV_KEY_INFO PEM_write_bio_P8_PRIV_KEY_INFO
|
||||||
|
# undef PEM_write_cb_bio_PKCS8_PRIV_KEY_INFO
|
||||||
|
# define PEM_write_cb_bio_PKCS8_PRIV_KEY_INFO PEM_wrt_cb_bio_P8_PRIV_KEY_INFO
|
||||||
|
|
||||||
|
/* Hack other PEM names */
|
||||||
|
# undef PEM_write_bio_PKCS8PrivateKey_nid
|
||||||
|
# define PEM_write_bio_PKCS8PrivateKey_nid PEM_write_bio_PKCS8PrivKey_nid
|
||||||
|
|
||||||
|
/* Hack some long X509 names */
|
||||||
|
# undef X509_REVOKED_get_ext_by_critical
|
||||||
|
# define X509_REVOKED_get_ext_by_critical X509_REVOKED_get_ext_by_critic
|
||||||
|
# undef X509_policy_tree_get0_user_policies
|
||||||
|
# define X509_policy_tree_get0_user_policies X509_pcy_tree_get0_usr_policies
|
||||||
|
# undef X509_policy_node_get0_qualifiers
|
||||||
|
# define X509_policy_node_get0_qualifiers X509_pcy_node_get0_qualifiers
|
||||||
|
# undef X509_STORE_CTX_get_explicit_policy
|
||||||
|
# define X509_STORE_CTX_get_explicit_policy X509_STORE_CTX_get_expl_policy
|
||||||
|
# undef X509_STORE_CTX_get0_current_issuer
|
||||||
|
# define X509_STORE_CTX_get0_current_issuer X509_STORE_CTX_get0_cur_issuer
|
||||||
|
|
||||||
|
/* Hack some long CRYPTO names */
|
||||||
|
# undef CRYPTO_set_dynlock_destroy_callback
|
||||||
|
# define CRYPTO_set_dynlock_destroy_callback CRYPTO_set_dynlock_destroy_cb
|
||||||
|
# undef CRYPTO_set_dynlock_create_callback
|
||||||
|
# define CRYPTO_set_dynlock_create_callback CRYPTO_set_dynlock_create_cb
|
||||||
|
# undef CRYPTO_set_dynlock_lock_callback
|
||||||
|
# define CRYPTO_set_dynlock_lock_callback CRYPTO_set_dynlock_lock_cb
|
||||||
|
# undef CRYPTO_get_dynlock_lock_callback
|
||||||
|
# define CRYPTO_get_dynlock_lock_callback CRYPTO_get_dynlock_lock_cb
|
||||||
|
# undef CRYPTO_get_dynlock_destroy_callback
|
||||||
|
# define CRYPTO_get_dynlock_destroy_callback CRYPTO_get_dynlock_destroy_cb
|
||||||
|
# undef CRYPTO_get_dynlock_create_callback
|
||||||
|
# define CRYPTO_get_dynlock_create_callback CRYPTO_get_dynlock_create_cb
|
||||||
|
# undef CRYPTO_set_locked_mem_ex_functions
|
||||||
|
# define CRYPTO_set_locked_mem_ex_functions CRYPTO_set_locked_mem_ex_funcs
|
||||||
|
# undef CRYPTO_get_locked_mem_ex_functions
|
||||||
|
# define CRYPTO_get_locked_mem_ex_functions CRYPTO_get_locked_mem_ex_funcs
|
||||||
|
|
||||||
|
/* Hack some long SSL/TLS names */
|
||||||
|
# undef SSL_CTX_set_default_verify_paths
|
||||||
|
# define SSL_CTX_set_default_verify_paths SSL_CTX_set_def_verify_paths
|
||||||
|
# undef SSL_get_ex_data_X509_STORE_CTX_idx
|
||||||
|
# define SSL_get_ex_data_X509_STORE_CTX_idx SSL_get_ex_d_X509_STORE_CTX_idx
|
||||||
|
# undef SSL_add_file_cert_subjects_to_stack
|
||||||
|
# define SSL_add_file_cert_subjects_to_stack SSL_add_file_cert_subjs_to_stk
|
||||||
|
# undef SSL_add_dir_cert_subjects_to_stack
|
||||||
|
# define SSL_add_dir_cert_subjects_to_stack SSL_add_dir_cert_subjs_to_stk
|
||||||
|
# undef SSL_CTX_use_certificate_chain_file
|
||||||
|
# define SSL_CTX_use_certificate_chain_file SSL_CTX_use_cert_chain_file
|
||||||
|
# undef SSL_CTX_set_cert_verify_callback
|
||||||
|
# define SSL_CTX_set_cert_verify_callback SSL_CTX_set_cert_verify_cb
|
||||||
|
# undef SSL_CTX_set_default_passwd_cb_userdata
|
||||||
|
# define SSL_CTX_set_default_passwd_cb_userdata SSL_CTX_set_def_passwd_cb_ud
|
||||||
|
# undef SSL_COMP_get_compression_methods
|
||||||
|
# define SSL_COMP_get_compression_methods SSL_COMP_get_compress_methods
|
||||||
|
# undef SSL_COMP_set0_compression_methods
|
||||||
|
# define SSL_COMP_set0_compression_methods SSL_COMP_set0_compress_methods
|
||||||
|
# undef SSL_COMP_free_compression_methods
|
||||||
|
# define SSL_COMP_free_compression_methods SSL_COMP_free_compress_methods
|
||||||
|
# undef ssl_add_clienthello_renegotiate_ext
|
||||||
|
# define ssl_add_clienthello_renegotiate_ext ssl_add_clienthello_reneg_ext
|
||||||
|
# undef ssl_add_serverhello_renegotiate_ext
|
||||||
|
# define ssl_add_serverhello_renegotiate_ext ssl_add_serverhello_reneg_ext
|
||||||
|
# undef ssl_parse_clienthello_renegotiate_ext
|
||||||
|
# define ssl_parse_clienthello_renegotiate_ext ssl_parse_clienthello_reneg_ext
|
||||||
|
# undef ssl_parse_serverhello_renegotiate_ext
|
||||||
|
# define ssl_parse_serverhello_renegotiate_ext ssl_parse_serverhello_reneg_ext
|
||||||
|
# undef SSL_srp_server_param_with_username
|
||||||
|
# define SSL_srp_server_param_with_username SSL_srp_server_param_with_un
|
||||||
|
# undef SSL_CTX_set_srp_client_pwd_callback
|
||||||
|
# define SSL_CTX_set_srp_client_pwd_callback SSL_CTX_set_srp_client_pwd_cb
|
||||||
|
# undef SSL_CTX_set_srp_verify_param_callback
|
||||||
|
# define SSL_CTX_set_srp_verify_param_callback SSL_CTX_set_srp_vfy_param_cb
|
||||||
|
# undef SSL_CTX_set_srp_username_callback
|
||||||
|
# define SSL_CTX_set_srp_username_callback SSL_CTX_set_srp_un_cb
|
||||||
|
# undef ssl_add_clienthello_use_srtp_ext
|
||||||
|
# define ssl_add_clienthello_use_srtp_ext ssl_add_clihello_use_srtp_ext
|
||||||
|
# undef ssl_add_serverhello_use_srtp_ext
|
||||||
|
# define ssl_add_serverhello_use_srtp_ext ssl_add_serhello_use_srtp_ext
|
||||||
|
# undef ssl_parse_clienthello_use_srtp_ext
|
||||||
|
# define ssl_parse_clienthello_use_srtp_ext ssl_parse_clihello_use_srtp_ext
|
||||||
|
# undef ssl_parse_serverhello_use_srtp_ext
|
||||||
|
# define ssl_parse_serverhello_use_srtp_ext ssl_parse_serhello_use_srtp_ext
|
||||||
|
# undef SSL_CTX_set_next_protos_advertised_cb
|
||||||
|
# define SSL_CTX_set_next_protos_advertised_cb SSL_CTX_set_next_protos_adv_cb
|
||||||
|
# undef SSL_CTX_set_next_proto_select_cb
|
||||||
|
# define SSL_CTX_set_next_proto_select_cb SSL_CTX_set_next_proto_sel_cb
|
||||||
|
|
||||||
|
# undef tls1_send_server_supplemental_data
|
||||||
|
# define tls1_send_server_supplemental_data tls1_send_server_suppl_data
|
||||||
|
# undef tls1_send_client_supplemental_data
|
||||||
|
# define tls1_send_client_supplemental_data tls1_send_client_suppl_data
|
||||||
|
# undef tls1_get_server_supplemental_data
|
||||||
|
# define tls1_get_server_supplemental_data tls1_get_server_suppl_data
|
||||||
|
# undef tls1_get_client_supplemental_data
|
||||||
|
# define tls1_get_client_supplemental_data tls1_get_client_suppl_data
|
||||||
|
|
||||||
|
# undef ssl3_cbc_record_digest_supported
|
||||||
|
# define ssl3_cbc_record_digest_supported ssl3_cbc_record_digest_support
|
||||||
|
# undef ssl_check_clienthello_tlsext_late
|
||||||
|
# define ssl_check_clienthello_tlsext_late ssl_check_clihello_tlsext_late
|
||||||
|
# undef ssl_check_clienthello_tlsext_early
|
||||||
|
# define ssl_check_clienthello_tlsext_early ssl_check_clihello_tlsext_early
|
||||||
|
|
||||||
|
/* Hack some RSA long names */
|
||||||
|
# undef RSA_padding_check_PKCS1_OAEP_mgf1
|
||||||
|
# define RSA_padding_check_PKCS1_OAEP_mgf1 RSA_pad_check_PKCS1_OAEP_mgf1
|
||||||
|
|
||||||
|
/* Hack some ENGINE long names */
|
||||||
|
# undef ENGINE_get_default_BN_mod_exp_crt
|
||||||
|
# define ENGINE_get_default_BN_mod_exp_crt ENGINE_get_def_BN_mod_exp_crt
|
||||||
|
# undef ENGINE_set_default_BN_mod_exp_crt
|
||||||
|
# define ENGINE_set_default_BN_mod_exp_crt ENGINE_set_def_BN_mod_exp_crt
|
||||||
|
# undef ENGINE_set_load_privkey_function
|
||||||
|
# define ENGINE_set_load_privkey_function ENGINE_set_load_privkey_fn
|
||||||
|
# undef ENGINE_get_load_privkey_function
|
||||||
|
# define ENGINE_get_load_privkey_function ENGINE_get_load_privkey_fn
|
||||||
|
# undef ENGINE_unregister_pkey_asn1_meths
|
||||||
|
# define ENGINE_unregister_pkey_asn1_meths ENGINE_unreg_pkey_asn1_meths
|
||||||
|
# undef ENGINE_register_all_pkey_asn1_meths
|
||||||
|
# define ENGINE_register_all_pkey_asn1_meths ENGINE_reg_all_pkey_asn1_meths
|
||||||
|
# undef ENGINE_set_default_pkey_asn1_meths
|
||||||
|
# define ENGINE_set_default_pkey_asn1_meths ENGINE_set_def_pkey_asn1_meths
|
||||||
|
# undef ENGINE_get_pkey_asn1_meth_engine
|
||||||
|
# define ENGINE_get_pkey_asn1_meth_engine ENGINE_get_pkey_asn1_meth_eng
|
||||||
|
# undef ENGINE_set_load_ssl_client_cert_function
|
||||||
|
# define ENGINE_set_load_ssl_client_cert_function \
|
||||||
|
ENGINE_set_ld_ssl_clnt_cert_fn
|
||||||
|
# undef ENGINE_get_ssl_client_cert_function
|
||||||
|
# define ENGINE_get_ssl_client_cert_function ENGINE_get_ssl_client_cert_fn
|
||||||
|
|
||||||
|
/* Hack some long OCSP names */
|
||||||
|
# undef OCSP_REQUEST_get_ext_by_critical
|
||||||
|
# define OCSP_REQUEST_get_ext_by_critical OCSP_REQUEST_get_ext_by_crit
|
||||||
|
# undef OCSP_BASICRESP_get_ext_by_critical
|
||||||
|
# define OCSP_BASICRESP_get_ext_by_critical OCSP_BASICRESP_get_ext_by_crit
|
||||||
|
# undef OCSP_SINGLERESP_get_ext_by_critical
|
||||||
|
# define OCSP_SINGLERESP_get_ext_by_critical OCSP_SINGLERESP_get_ext_by_crit
|
||||||
|
|
||||||
|
/* Hack some long DES names */
|
||||||
|
# undef _ossl_old_des_ede3_cfb64_encrypt
|
||||||
|
# define _ossl_old_des_ede3_cfb64_encrypt _ossl_odes_ede3_cfb64_encrypt
|
||||||
|
# undef _ossl_old_des_ede3_ofb64_encrypt
|
||||||
|
# define _ossl_old_des_ede3_ofb64_encrypt _ossl_odes_ede3_ofb64_encrypt
|
||||||
|
|
||||||
|
/* Hack some long EVP names */
|
||||||
|
# undef OPENSSL_add_all_algorithms_noconf
|
||||||
|
# define OPENSSL_add_all_algorithms_noconf OPENSSL_add_all_algo_noconf
|
||||||
|
# undef OPENSSL_add_all_algorithms_conf
|
||||||
|
# define OPENSSL_add_all_algorithms_conf OPENSSL_add_all_algo_conf
|
||||||
|
# undef EVP_PKEY_meth_set_verify_recover
|
||||||
|
# define EVP_PKEY_meth_set_verify_recover EVP_PKEY_meth_set_vrfy_recover
|
||||||
|
|
||||||
|
/* Hack some long EC names */
|
||||||
|
# undef EC_GROUP_set_point_conversion_form
|
||||||
|
# define EC_GROUP_set_point_conversion_form EC_GROUP_set_point_conv_form
|
||||||
|
# undef EC_GROUP_get_point_conversion_form
|
||||||
|
# define EC_GROUP_get_point_conversion_form EC_GROUP_get_point_conv_form
|
||||||
|
# undef EC_GROUP_clear_free_all_extra_data
|
||||||
|
# define EC_GROUP_clear_free_all_extra_data EC_GROUP_clr_free_all_xtra_data
|
||||||
|
# undef EC_KEY_set_public_key_affine_coordinates
|
||||||
|
# define EC_KEY_set_public_key_affine_coordinates \
|
||||||
|
EC_KEY_set_pub_key_aff_coords
|
||||||
|
# undef EC_POINT_set_Jprojective_coordinates_GFp
|
||||||
|
# define EC_POINT_set_Jprojective_coordinates_GFp \
|
||||||
|
EC_POINT_set_Jproj_coords_GFp
|
||||||
|
# undef EC_POINT_get_Jprojective_coordinates_GFp
|
||||||
|
# define EC_POINT_get_Jprojective_coordinates_GFp \
|
||||||
|
EC_POINT_get_Jproj_coords_GFp
|
||||||
|
# undef EC_POINT_set_affine_coordinates_GFp
|
||||||
|
# define EC_POINT_set_affine_coordinates_GFp EC_POINT_set_affine_coords_GFp
|
||||||
|
# undef EC_POINT_get_affine_coordinates_GFp
|
||||||
|
# define EC_POINT_get_affine_coordinates_GFp EC_POINT_get_affine_coords_GFp
|
||||||
|
# undef EC_POINT_set_compressed_coordinates_GFp
|
||||||
|
# define EC_POINT_set_compressed_coordinates_GFp EC_POINT_set_compr_coords_GFp
|
||||||
|
# undef EC_POINT_set_affine_coordinates_GF2m
|
||||||
|
# define EC_POINT_set_affine_coordinates_GF2m EC_POINT_set_affine_coords_GF2m
|
||||||
|
# undef EC_POINT_get_affine_coordinates_GF2m
|
||||||
|
# define EC_POINT_get_affine_coordinates_GF2m EC_POINT_get_affine_coords_GF2m
|
||||||
|
# undef EC_POINT_set_compressed_coordinates_GF2m
|
||||||
|
# define EC_POINT_set_compressed_coordinates_GF2m \
|
||||||
|
EC_POINT_set_compr_coords_GF2m
|
||||||
|
# undef ec_GF2m_simple_group_clear_finish
|
||||||
|
# define ec_GF2m_simple_group_clear_finish ec_GF2m_simple_grp_clr_finish
|
||||||
|
# undef ec_GF2m_simple_group_check_discriminant
|
||||||
|
# define ec_GF2m_simple_group_check_discriminant ec_GF2m_simple_grp_chk_discrim
|
||||||
|
# undef ec_GF2m_simple_point_clear_finish
|
||||||
|
# define ec_GF2m_simple_point_clear_finish ec_GF2m_simple_pt_clr_finish
|
||||||
|
# undef ec_GF2m_simple_point_set_to_infinity
|
||||||
|
# define ec_GF2m_simple_point_set_to_infinity ec_GF2m_simple_pt_set_to_inf
|
||||||
|
# undef ec_GF2m_simple_points_make_affine
|
||||||
|
# define ec_GF2m_simple_points_make_affine ec_GF2m_simple_pts_make_affine
|
||||||
|
# undef ec_GF2m_simple_point_set_affine_coordinates
|
||||||
|
# define ec_GF2m_simple_point_set_affine_coordinates \
|
||||||
|
ec_GF2m_smp_pt_set_af_coords
|
||||||
|
# undef ec_GF2m_simple_point_get_affine_coordinates
|
||||||
|
# define ec_GF2m_simple_point_get_affine_coordinates \
|
||||||
|
ec_GF2m_smp_pt_get_af_coords
|
||||||
|
# undef ec_GF2m_simple_set_compressed_coordinates
|
||||||
|
# define ec_GF2m_simple_set_compressed_coordinates \
|
||||||
|
ec_GF2m_smp_set_compr_coords
|
||||||
|
# undef ec_GFp_simple_group_set_curve_GFp
|
||||||
|
# define ec_GFp_simple_group_set_curve_GFp ec_GFp_simple_grp_set_curve_GFp
|
||||||
|
# undef ec_GFp_simple_group_get_curve_GFp
|
||||||
|
# define ec_GFp_simple_group_get_curve_GFp ec_GFp_simple_grp_get_curve_GFp
|
||||||
|
# undef ec_GFp_simple_group_clear_finish
|
||||||
|
# define ec_GFp_simple_group_clear_finish ec_GFp_simple_grp_clear_finish
|
||||||
|
# undef ec_GFp_simple_group_set_generator
|
||||||
|
# define ec_GFp_simple_group_set_generator ec_GFp_simple_grp_set_generator
|
||||||
|
# undef ec_GFp_simple_group_get0_generator
|
||||||
|
# define ec_GFp_simple_group_get0_generator ec_GFp_simple_grp_gt0_generator
|
||||||
|
# undef ec_GFp_simple_group_get_cofactor
|
||||||
|
# define ec_GFp_simple_group_get_cofactor ec_GFp_simple_grp_get_cofactor
|
||||||
|
# undef ec_GFp_simple_point_clear_finish
|
||||||
|
# define ec_GFp_simple_point_clear_finish ec_GFp_simple_pt_clear_finish
|
||||||
|
# undef ec_GFp_simple_point_set_to_infinity
|
||||||
|
# define ec_GFp_simple_point_set_to_infinity ec_GFp_simple_pt_set_to_inf
|
||||||
|
# undef ec_GFp_simple_points_make_affine
|
||||||
|
# define ec_GFp_simple_points_make_affine ec_GFp_simple_pts_make_affine
|
||||||
|
# undef ec_GFp_simple_set_Jprojective_coordinates_GFp
|
||||||
|
# define ec_GFp_simple_set_Jprojective_coordinates_GFp \
|
||||||
|
ec_GFp_smp_set_Jproj_coords_GFp
|
||||||
|
# undef ec_GFp_simple_get_Jprojective_coordinates_GFp
|
||||||
|
# define ec_GFp_simple_get_Jprojective_coordinates_GFp \
|
||||||
|
ec_GFp_smp_get_Jproj_coords_GFp
|
||||||
|
# undef ec_GFp_simple_point_set_affine_coordinates_GFp
|
||||||
|
# define ec_GFp_simple_point_set_affine_coordinates_GFp \
|
||||||
|
ec_GFp_smp_pt_set_af_coords_GFp
|
||||||
|
# undef ec_GFp_simple_point_get_affine_coordinates_GFp
|
||||||
|
# define ec_GFp_simple_point_get_affine_coordinates_GFp \
|
||||||
|
ec_GFp_smp_pt_get_af_coords_GFp
|
||||||
|
# undef ec_GFp_simple_set_compressed_coordinates_GFp
|
||||||
|
# define ec_GFp_simple_set_compressed_coordinates_GFp \
|
||||||
|
ec_GFp_smp_set_compr_coords_GFp
|
||||||
|
# undef ec_GFp_simple_point_set_affine_coordinates
|
||||||
|
# define ec_GFp_simple_point_set_affine_coordinates \
|
||||||
|
ec_GFp_smp_pt_set_af_coords
|
||||||
|
# undef ec_GFp_simple_point_get_affine_coordinates
|
||||||
|
# define ec_GFp_simple_point_get_affine_coordinates \
|
||||||
|
ec_GFp_smp_pt_get_af_coords
|
||||||
|
# undef ec_GFp_simple_set_compressed_coordinates
|
||||||
|
# define ec_GFp_simple_set_compressed_coordinates \
|
||||||
|
ec_GFp_smp_set_compr_coords
|
||||||
|
# undef ec_GFp_simple_group_check_discriminant
|
||||||
|
# define ec_GFp_simple_group_check_discriminant ec_GFp_simple_grp_chk_discrim
|
||||||
|
|
||||||
|
/* Hack som long STORE names */
|
||||||
|
# undef STORE_method_set_initialise_function
|
||||||
|
# define STORE_method_set_initialise_function STORE_meth_set_initialise_fn
|
||||||
|
# undef STORE_method_set_cleanup_function
|
||||||
|
# define STORE_method_set_cleanup_function STORE_meth_set_cleanup_fn
|
||||||
|
# undef STORE_method_set_generate_function
|
||||||
|
# define STORE_method_set_generate_function STORE_meth_set_generate_fn
|
||||||
|
# undef STORE_method_set_modify_function
|
||||||
|
# define STORE_method_set_modify_function STORE_meth_set_modify_fn
|
||||||
|
# undef STORE_method_set_revoke_function
|
||||||
|
# define STORE_method_set_revoke_function STORE_meth_set_revoke_fn
|
||||||
|
# undef STORE_method_set_delete_function
|
||||||
|
# define STORE_method_set_delete_function STORE_meth_set_delete_fn
|
||||||
|
# undef STORE_method_set_list_start_function
|
||||||
|
# define STORE_method_set_list_start_function STORE_meth_set_list_start_fn
|
||||||
|
# undef STORE_method_set_list_next_function
|
||||||
|
# define STORE_method_set_list_next_function STORE_meth_set_list_next_fn
|
||||||
|
# undef STORE_method_set_list_end_function
|
||||||
|
# define STORE_method_set_list_end_function STORE_meth_set_list_end_fn
|
||||||
|
# undef STORE_method_set_update_store_function
|
||||||
|
# define STORE_method_set_update_store_function STORE_meth_set_update_store_fn
|
||||||
|
# undef STORE_method_set_lock_store_function
|
||||||
|
# define STORE_method_set_lock_store_function STORE_meth_set_lock_store_fn
|
||||||
|
# undef STORE_method_set_unlock_store_function
|
||||||
|
# define STORE_method_set_unlock_store_function STORE_meth_set_unlock_store_fn
|
||||||
|
# undef STORE_method_get_initialise_function
|
||||||
|
# define STORE_method_get_initialise_function STORE_meth_get_initialise_fn
|
||||||
|
# undef STORE_method_get_cleanup_function
|
||||||
|
# define STORE_method_get_cleanup_function STORE_meth_get_cleanup_fn
|
||||||
|
# undef STORE_method_get_generate_function
|
||||||
|
# define STORE_method_get_generate_function STORE_meth_get_generate_fn
|
||||||
|
# undef STORE_method_get_modify_function
|
||||||
|
# define STORE_method_get_modify_function STORE_meth_get_modify_fn
|
||||||
|
# undef STORE_method_get_revoke_function
|
||||||
|
# define STORE_method_get_revoke_function STORE_meth_get_revoke_fn
|
||||||
|
# undef STORE_method_get_delete_function
|
||||||
|
# define STORE_method_get_delete_function STORE_meth_get_delete_fn
|
||||||
|
# undef STORE_method_get_list_start_function
|
||||||
|
# define STORE_method_get_list_start_function STORE_meth_get_list_start_fn
|
||||||
|
# undef STORE_method_get_list_next_function
|
||||||
|
# define STORE_method_get_list_next_function STORE_meth_get_list_next_fn
|
||||||
|
# undef STORE_method_get_list_end_function
|
||||||
|
# define STORE_method_get_list_end_function STORE_meth_get_list_end_fn
|
||||||
|
# undef STORE_method_get_update_store_function
|
||||||
|
# define STORE_method_get_update_store_function STORE_meth_get_update_store_fn
|
||||||
|
# undef STORE_method_get_lock_store_function
|
||||||
|
# define STORE_method_get_lock_store_function STORE_meth_get_lock_store_fn
|
||||||
|
# undef STORE_method_get_unlock_store_function
|
||||||
|
# define STORE_method_get_unlock_store_function STORE_meth_get_unlock_store_fn
|
||||||
|
|
||||||
|
/* Hack some long TS names */
|
||||||
|
# undef TS_RESP_CTX_set_status_info_cond
|
||||||
|
# define TS_RESP_CTX_set_status_info_cond TS_RESP_CTX_set_stat_info_cond
|
||||||
|
# undef TS_RESP_CTX_set_clock_precision_digits
|
||||||
|
# define TS_RESP_CTX_set_clock_precision_digits TS_RESP_CTX_set_clk_prec_digits
|
||||||
|
# undef TS_CONF_set_clock_precision_digits
|
||||||
|
# define TS_CONF_set_clock_precision_digits TS_CONF_set_clk_prec_digits
|
||||||
|
|
||||||
|
/* Hack some long CMS names */
|
||||||
|
# undef CMS_RecipientInfo_ktri_get0_algs
|
||||||
|
# define CMS_RecipientInfo_ktri_get0_algs CMS_RecipInfo_ktri_get0_algs
|
||||||
|
# undef CMS_RecipientInfo_ktri_get0_signer_id
|
||||||
|
# define CMS_RecipientInfo_ktri_get0_signer_id CMS_RecipInfo_ktri_get0_sigr_id
|
||||||
|
# undef CMS_OtherRevocationInfoFormat_it
|
||||||
|
# define CMS_OtherRevocationInfoFormat_it CMS_OtherRevocInfoFormat_it
|
||||||
|
# undef CMS_KeyAgreeRecipientIdentifier_it
|
||||||
|
# define CMS_KeyAgreeRecipientIdentifier_it CMS_KeyAgreeRecipIdentifier_it
|
||||||
|
# undef CMS_OriginatorIdentifierOrKey_it
|
||||||
|
# define CMS_OriginatorIdentifierOrKey_it CMS_OriginatorIdOrKey_it
|
||||||
|
# undef cms_SignerIdentifier_get0_signer_id
|
||||||
|
# define cms_SignerIdentifier_get0_signer_id cms_SignerId_get0_signer_id
|
||||||
|
# undef CMS_RecipientInfo_kari_get0_orig_id
|
||||||
|
# define CMS_RecipientInfo_kari_get0_orig_id CMS_RecipInfo_kari_get0_orig_id
|
||||||
|
# undef CMS_RecipientInfo_kari_get0_reks
|
||||||
|
# define CMS_RecipientInfo_kari_get0_reks CMS_RecipInfo_kari_get0_reks
|
||||||
|
# undef CMS_RecipientEncryptedKey_cert_cmp
|
||||||
|
# define CMS_RecipientEncryptedKey_cert_cmp CMS_RecipEncryptedKey_cert_cmp
|
||||||
|
# undef CMS_RecipientInfo_kari_set0_pkey
|
||||||
|
# define CMS_RecipientInfo_kari_set0_pkey CMS_RecipInfo_kari_set0_pkey
|
||||||
|
# undef CMS_RecipientEncryptedKey_get0_id
|
||||||
|
# define CMS_RecipientEncryptedKey_get0_id CMS_RecipEncryptedKey_get0_id
|
||||||
|
# undef CMS_RecipientInfo_kari_orig_id_cmp
|
||||||
|
# define CMS_RecipientInfo_kari_orig_id_cmp CMS_RecipInfo_kari_orig_id_cmp
|
||||||
|
|
||||||
|
/* Hack some long DTLS1 names */
|
||||||
|
# undef dtls1_retransmit_buffered_messages
|
||||||
|
# define dtls1_retransmit_buffered_messages dtls1_retransmit_buffered_msgs
|
||||||
|
|
||||||
|
/* Hack some long SRP names */
|
||||||
|
# undef SRP_generate_server_master_secret
|
||||||
|
# define SRP_generate_server_master_secret SRP_gen_server_master_secret
|
||||||
|
# undef SRP_generate_client_master_secret
|
||||||
|
# define SRP_generate_client_master_secret SRP_gen_client_master_secret
|
||||||
|
|
||||||
|
/* Hack some long UI names */
|
||||||
|
# undef UI_method_get_prompt_constructor
|
||||||
|
# define UI_method_get_prompt_constructor UI_method_get_prompt_constructr
|
||||||
|
# undef UI_method_set_prompt_constructor
|
||||||
|
# define UI_method_set_prompt_constructor UI_method_set_prompt_constructr
|
||||||
|
|
||||||
|
# endif /* defined OPENSSL_SYS_VMS */
|
||||||
|
|
||||||
|
/* Case insensitive linking causes problems.... */
|
||||||
|
# if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2)
|
||||||
|
# undef ERR_load_CRYPTO_strings
|
||||||
|
# define ERR_load_CRYPTO_strings ERR_load_CRYPTOlib_strings
|
||||||
|
# undef OCSP_crlID_new
|
||||||
|
# define OCSP_crlID_new OCSP_crlID2_new
|
||||||
|
|
||||||
|
# undef d2i_ECPARAMETERS
|
||||||
|
# define d2i_ECPARAMETERS d2i_UC_ECPARAMETERS
|
||||||
|
# undef i2d_ECPARAMETERS
|
||||||
|
# define i2d_ECPARAMETERS i2d_UC_ECPARAMETERS
|
||||||
|
# undef d2i_ECPKPARAMETERS
|
||||||
|
# define d2i_ECPKPARAMETERS d2i_UC_ECPKPARAMETERS
|
||||||
|
# undef i2d_ECPKPARAMETERS
|
||||||
|
# define i2d_ECPKPARAMETERS i2d_UC_ECPKPARAMETERS
|
||||||
|
|
||||||
|
/*
|
||||||
|
* These functions do not seem to exist! However, I'm paranoid... Original
|
||||||
|
* command in x509v3.h: These functions are being redefined in another
|
||||||
|
* directory, and clash when the linker is case-insensitive, so let's hide
|
||||||
|
* them a little, by giving them an extra 'o' at the beginning of the name...
|
||||||
|
*/
|
||||||
|
# undef X509v3_cleanup_extensions
|
||||||
|
# define X509v3_cleanup_extensions oX509v3_cleanup_extensions
|
||||||
|
# undef X509v3_add_extension
|
||||||
|
# define X509v3_add_extension oX509v3_add_extension
|
||||||
|
# undef X509v3_add_netscape_extensions
|
||||||
|
# define X509v3_add_netscape_extensions oX509v3_add_netscape_extensions
|
||||||
|
# undef X509v3_add_standard_extensions
|
||||||
|
# define X509v3_add_standard_extensions oX509v3_add_standard_extensions
|
||||||
|
|
||||||
|
/* This one clashes with CMS_data_create */
|
||||||
|
# undef cms_Data_create
|
||||||
|
# define cms_Data_create priv_cms_Data_create
|
||||||
|
|
||||||
|
# endif
|
||||||
|
|
||||||
|
#endif /* ! defined HEADER_VMS_IDHACKS_H */
|
|
@ -0,0 +1,813 @@
|
||||||
|
/* ssl/tls1.h */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
*
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
*
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
* the documentation and/or other materials provided with the
|
||||||
|
* distribution.
|
||||||
|
*
|
||||||
|
* 3. All advertising materials mentioning features or use of this
|
||||||
|
* software must display the following acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* prior written permission. For written permission, please contact
|
||||||
|
* openssl-core@openssl.org.
|
||||||
|
*
|
||||||
|
* 5. Products derived from this software may not be called "OpenSSL"
|
||||||
|
* nor may "OpenSSL" appear in their names without prior written
|
||||||
|
* permission of the OpenSSL Project.
|
||||||
|
*
|
||||||
|
* 6. Redistributions of any form whatsoever must retain the following
|
||||||
|
* acknowledgment:
|
||||||
|
* "This product includes software developed by the OpenSSL Project
|
||||||
|
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||||
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||||
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||||
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
* ====================================================================
|
||||||
|
*
|
||||||
|
* This product includes cryptographic software written by Eric Young
|
||||||
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||||
|
* Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
|
||||||
|
*
|
||||||
|
* Portions of the attached software ("Contribution") are developed by
|
||||||
|
* SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
|
||||||
|
*
|
||||||
|
* The Contribution is licensed pursuant to the OpenSSL open source
|
||||||
|
* license provided above.
|
||||||
|
*
|
||||||
|
* ECC cipher suite support in OpenSSL originally written by
|
||||||
|
* Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
/* ====================================================================
|
||||||
|
* Copyright 2005 Nokia. All rights reserved.
|
||||||
|
*
|
||||||
|
* The portions of the attached software ("Contribution") is developed by
|
||||||
|
* Nokia Corporation and is licensed pursuant to the OpenSSL open source
|
||||||
|
* license.
|
||||||
|
*
|
||||||
|
* The Contribution, originally written by Mika Kousa and Pasi Eronen of
|
||||||
|
* Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
|
||||||
|
* support (see RFC 4279) to OpenSSL.
|
||||||
|
*
|
||||||
|
* No patent licenses or other rights except those expressly stated in
|
||||||
|
* the OpenSSL open source license shall be deemed granted or received
|
||||||
|
* expressly, by implication, estoppel, or otherwise.
|
||||||
|
*
|
||||||
|
* No assurances are provided by Nokia that the Contribution does not
|
||||||
|
* infringe the patent or other intellectual property rights of any third
|
||||||
|
* party or that the license provides you with all the necessary rights
|
||||||
|
* to make use of the Contribution.
|
||||||
|
*
|
||||||
|
* THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
|
||||||
|
* ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
|
||||||
|
* SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
|
||||||
|
* OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
|
||||||
|
* OTHERWISE.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_TLS1_H
|
||||||
|
# define HEADER_TLS1_H
|
||||||
|
|
||||||
|
# include <openssl/buffer.h>
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
# define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 0
|
||||||
|
|
||||||
|
# define TLS1_VERSION 0x0301
|
||||||
|
# define TLS1_1_VERSION 0x0302
|
||||||
|
# define TLS1_2_VERSION 0x0303
|
||||||
|
# define TLS_MAX_VERSION TLS1_2_VERSION
|
||||||
|
|
||||||
|
# define TLS1_VERSION_MAJOR 0x03
|
||||||
|
# define TLS1_VERSION_MINOR 0x01
|
||||||
|
|
||||||
|
# define TLS1_1_VERSION_MAJOR 0x03
|
||||||
|
# define TLS1_1_VERSION_MINOR 0x02
|
||||||
|
|
||||||
|
# define TLS1_2_VERSION_MAJOR 0x03
|
||||||
|
# define TLS1_2_VERSION_MINOR 0x03
|
||||||
|
|
||||||
|
# define TLS1_get_version(s) \
|
||||||
|
((s->version >> 8) == TLS1_VERSION_MAJOR ? s->version : 0)
|
||||||
|
|
||||||
|
# define TLS1_get_client_version(s) \
|
||||||
|
((s->client_version >> 8) == TLS1_VERSION_MAJOR ? s->client_version : 0)
|
||||||
|
|
||||||
|
# define TLS1_AD_DECRYPTION_FAILED 21
|
||||||
|
# define TLS1_AD_RECORD_OVERFLOW 22
|
||||||
|
# define TLS1_AD_UNKNOWN_CA 48/* fatal */
|
||||||
|
# define TLS1_AD_ACCESS_DENIED 49/* fatal */
|
||||||
|
# define TLS1_AD_DECODE_ERROR 50/* fatal */
|
||||||
|
# define TLS1_AD_DECRYPT_ERROR 51
|
||||||
|
# define TLS1_AD_EXPORT_RESTRICTION 60/* fatal */
|
||||||
|
# define TLS1_AD_PROTOCOL_VERSION 70/* fatal */
|
||||||
|
# define TLS1_AD_INSUFFICIENT_SECURITY 71/* fatal */
|
||||||
|
# define TLS1_AD_INTERNAL_ERROR 80/* fatal */
|
||||||
|
# define TLS1_AD_INAPPROPRIATE_FALLBACK 86/* fatal */
|
||||||
|
# define TLS1_AD_USER_CANCELLED 90
|
||||||
|
# define TLS1_AD_NO_RENEGOTIATION 100
|
||||||
|
/* codes 110-114 are from RFC3546 */
|
||||||
|
# define TLS1_AD_UNSUPPORTED_EXTENSION 110
|
||||||
|
# define TLS1_AD_CERTIFICATE_UNOBTAINABLE 111
|
||||||
|
# define TLS1_AD_UNRECOGNIZED_NAME 112
|
||||||
|
# define TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE 113
|
||||||
|
# define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE 114
|
||||||
|
# define TLS1_AD_UNKNOWN_PSK_IDENTITY 115/* fatal */
|
||||||
|
|
||||||
|
/* ExtensionType values from RFC3546 / RFC4366 / RFC6066 */
|
||||||
|
# define TLSEXT_TYPE_server_name 0
|
||||||
|
# define TLSEXT_TYPE_max_fragment_length 1
|
||||||
|
# define TLSEXT_TYPE_client_certificate_url 2
|
||||||
|
# define TLSEXT_TYPE_trusted_ca_keys 3
|
||||||
|
# define TLSEXT_TYPE_truncated_hmac 4
|
||||||
|
# define TLSEXT_TYPE_status_request 5
|
||||||
|
/* ExtensionType values from RFC4681 */
|
||||||
|
# define TLSEXT_TYPE_user_mapping 6
|
||||||
|
/* ExtensionType values from RFC5878 */
|
||||||
|
# define TLSEXT_TYPE_client_authz 7
|
||||||
|
# define TLSEXT_TYPE_server_authz 8
|
||||||
|
/* ExtensionType values from RFC6091 */
|
||||||
|
# define TLSEXT_TYPE_cert_type 9
|
||||||
|
|
||||||
|
/* ExtensionType values from RFC4492 */
|
||||||
|
# define TLSEXT_TYPE_elliptic_curves 10
|
||||||
|
# define TLSEXT_TYPE_ec_point_formats 11
|
||||||
|
|
||||||
|
/* ExtensionType value from RFC5054 */
|
||||||
|
# define TLSEXT_TYPE_srp 12
|
||||||
|
|
||||||
|
/* ExtensionType values from RFC5246 */
|
||||||
|
# define TLSEXT_TYPE_signature_algorithms 13
|
||||||
|
|
||||||
|
/* ExtensionType value from RFC5764 */
|
||||||
|
# define TLSEXT_TYPE_use_srtp 14
|
||||||
|
|
||||||
|
/* ExtensionType value from RFC5620 */
|
||||||
|
# define TLSEXT_TYPE_heartbeat 15
|
||||||
|
|
||||||
|
/* ExtensionType value from draft-ietf-tls-applayerprotoneg-00 */
|
||||||
|
# define TLSEXT_TYPE_application_layer_protocol_negotiation 16
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ExtensionType value for TLS padding extension.
|
||||||
|
* http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml
|
||||||
|
* http://tools.ietf.org/html/draft-agl-tls-padding-03
|
||||||
|
*/
|
||||||
|
# define TLSEXT_TYPE_padding 21
|
||||||
|
|
||||||
|
/* ExtensionType value from RFC4507 */
|
||||||
|
# define TLSEXT_TYPE_session_ticket 35
|
||||||
|
|
||||||
|
/* ExtensionType value from draft-rescorla-tls-opaque-prf-input-00.txt */
|
||||||
|
# if 0
|
||||||
|
/*
|
||||||
|
* will have to be provided externally for now ,
|
||||||
|
* i.e. build with -DTLSEXT_TYPE_opaque_prf_input=38183
|
||||||
|
* using whatever extension number you'd like to try
|
||||||
|
*/
|
||||||
|
# define TLSEXT_TYPE_opaque_prf_input ??
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* Temporary extension type */
|
||||||
|
# define TLSEXT_TYPE_renegotiate 0xff01
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_NEXTPROTONEG
|
||||||
|
/* This is not an IANA defined extension number */
|
||||||
|
# define TLSEXT_TYPE_next_proto_neg 13172
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* NameType value from RFC 3546 */
|
||||||
|
# define TLSEXT_NAMETYPE_host_name 0
|
||||||
|
/* status request value from RFC 3546 */
|
||||||
|
# define TLSEXT_STATUSTYPE_ocsp 1
|
||||||
|
|
||||||
|
/* ECPointFormat values from draft-ietf-tls-ecc-12 */
|
||||||
|
# define TLSEXT_ECPOINTFORMAT_first 0
|
||||||
|
# define TLSEXT_ECPOINTFORMAT_uncompressed 0
|
||||||
|
# define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime 1
|
||||||
|
# define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2 2
|
||||||
|
# define TLSEXT_ECPOINTFORMAT_last 2
|
||||||
|
|
||||||
|
/* Signature and hash algorithms from RFC 5246 */
|
||||||
|
|
||||||
|
# define TLSEXT_signature_anonymous 0
|
||||||
|
# define TLSEXT_signature_rsa 1
|
||||||
|
# define TLSEXT_signature_dsa 2
|
||||||
|
# define TLSEXT_signature_ecdsa 3
|
||||||
|
|
||||||
|
/* Total number of different signature algorithms */
|
||||||
|
# define TLSEXT_signature_num 4
|
||||||
|
|
||||||
|
# define TLSEXT_hash_none 0
|
||||||
|
# define TLSEXT_hash_md5 1
|
||||||
|
# define TLSEXT_hash_sha1 2
|
||||||
|
# define TLSEXT_hash_sha224 3
|
||||||
|
# define TLSEXT_hash_sha256 4
|
||||||
|
# define TLSEXT_hash_sha384 5
|
||||||
|
# define TLSEXT_hash_sha512 6
|
||||||
|
|
||||||
|
/* Total number of different digest algorithms */
|
||||||
|
|
||||||
|
# define TLSEXT_hash_num 7
|
||||||
|
|
||||||
|
/* Flag set for unrecognised algorithms */
|
||||||
|
# define TLSEXT_nid_unknown 0x1000000
|
||||||
|
|
||||||
|
/* ECC curves */
|
||||||
|
|
||||||
|
# define TLSEXT_curve_P_256 23
|
||||||
|
# define TLSEXT_curve_P_384 24
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_TLSEXT
|
||||||
|
|
||||||
|
# define TLSEXT_MAXLEN_host_name 255
|
||||||
|
|
||||||
|
const char *SSL_get_servername(const SSL *s, const int type);
|
||||||
|
int SSL_get_servername_type(const SSL *s);
|
||||||
|
/*
|
||||||
|
* SSL_export_keying_material exports a value derived from the master secret,
|
||||||
|
* as specified in RFC 5705. It writes |olen| bytes to |out| given a label and
|
||||||
|
* optional context. (Since a zero length context is allowed, the |use_context|
|
||||||
|
* flag controls whether a context is included.) It returns 1 on success and
|
||||||
|
* zero otherwise.
|
||||||
|
*/
|
||||||
|
int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
|
||||||
|
const char *label, size_t llen,
|
||||||
|
const unsigned char *p, size_t plen,
|
||||||
|
int use_context);
|
||||||
|
|
||||||
|
int SSL_get_sigalgs(SSL *s, int idx,
|
||||||
|
int *psign, int *phash, int *psignandhash,
|
||||||
|
unsigned char *rsig, unsigned char *rhash);
|
||||||
|
|
||||||
|
int SSL_get_shared_sigalgs(SSL *s, int idx,
|
||||||
|
int *psign, int *phash, int *psignandhash,
|
||||||
|
unsigned char *rsig, unsigned char *rhash);
|
||||||
|
|
||||||
|
int SSL_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain);
|
||||||
|
|
||||||
|
# define SSL_set_tlsext_host_name(s,name) \
|
||||||
|
SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name,(char *)name)
|
||||||
|
|
||||||
|
# define SSL_set_tlsext_debug_callback(ssl, cb) \
|
||||||
|
SSL_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_CB,(void (*)(void))cb)
|
||||||
|
|
||||||
|
# define SSL_set_tlsext_debug_arg(ssl, arg) \
|
||||||
|
SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_ARG,0, (void *)arg)
|
||||||
|
|
||||||
|
# define SSL_set_tlsext_status_type(ssl, type) \
|
||||||
|
SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE,type, NULL)
|
||||||
|
|
||||||
|
# define SSL_get_tlsext_status_exts(ssl, arg) \
|
||||||
|
SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS,0, (void *)arg)
|
||||||
|
|
||||||
|
# define SSL_set_tlsext_status_exts(ssl, arg) \
|
||||||
|
SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS,0, (void *)arg)
|
||||||
|
|
||||||
|
# define SSL_get_tlsext_status_ids(ssl, arg) \
|
||||||
|
SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS,0, (void *)arg)
|
||||||
|
|
||||||
|
# define SSL_set_tlsext_status_ids(ssl, arg) \
|
||||||
|
SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS,0, (void *)arg)
|
||||||
|
|
||||||
|
# define SSL_get_tlsext_status_ocsp_resp(ssl, arg) \
|
||||||
|
SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP,0, (void *)arg)
|
||||||
|
|
||||||
|
# define SSL_set_tlsext_status_ocsp_resp(ssl, arg, arglen) \
|
||||||
|
SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP,arglen, (void *)arg)
|
||||||
|
|
||||||
|
# define SSL_CTX_set_tlsext_servername_callback(ctx, cb) \
|
||||||
|
SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_CB,(void (*)(void))cb)
|
||||||
|
|
||||||
|
# define SSL_TLSEXT_ERR_OK 0
|
||||||
|
# define SSL_TLSEXT_ERR_ALERT_WARNING 1
|
||||||
|
# define SSL_TLSEXT_ERR_ALERT_FATAL 2
|
||||||
|
# define SSL_TLSEXT_ERR_NOACK 3
|
||||||
|
|
||||||
|
# define SSL_CTX_set_tlsext_servername_arg(ctx, arg) \
|
||||||
|
SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG,0, (void *)arg)
|
||||||
|
|
||||||
|
# define SSL_CTX_get_tlsext_ticket_keys(ctx, keys, keylen) \
|
||||||
|
SSL_CTX_ctrl((ctx),SSL_CTRL_GET_TLSEXT_TICKET_KEYS,(keylen),(keys))
|
||||||
|
# define SSL_CTX_set_tlsext_ticket_keys(ctx, keys, keylen) \
|
||||||
|
SSL_CTX_ctrl((ctx),SSL_CTRL_SET_TLSEXT_TICKET_KEYS,(keylen),(keys))
|
||||||
|
|
||||||
|
# define SSL_CTX_set_tlsext_status_cb(ssl, cb) \
|
||||||
|
SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB,(void (*)(void))cb)
|
||||||
|
|
||||||
|
# define SSL_CTX_set_tlsext_status_arg(ssl, arg) \
|
||||||
|
SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG,0, (void *)arg)
|
||||||
|
|
||||||
|
# define SSL_set_tlsext_opaque_prf_input(s, src, len) \
|
||||||
|
SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT, len, src)
|
||||||
|
# define SSL_CTX_set_tlsext_opaque_prf_input_callback(ctx, cb) \
|
||||||
|
SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB, (void (*)(void))cb)
|
||||||
|
# define SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(ctx, arg) \
|
||||||
|
SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG, 0, arg)
|
||||||
|
|
||||||
|
# define SSL_CTX_set_tlsext_ticket_key_cb(ssl, cb) \
|
||||||
|
SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_HEARTBEATS
|
||||||
|
# define SSL_TLSEXT_HB_ENABLED 0x01
|
||||||
|
# define SSL_TLSEXT_HB_DONT_SEND_REQUESTS 0x02
|
||||||
|
# define SSL_TLSEXT_HB_DONT_RECV_REQUESTS 0x04
|
||||||
|
|
||||||
|
# define SSL_get_tlsext_heartbeat_pending(ssl) \
|
||||||
|
SSL_ctrl((ssl),SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING,0,NULL)
|
||||||
|
# define SSL_set_tlsext_heartbeat_no_requests(ssl, arg) \
|
||||||
|
SSL_ctrl((ssl),SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS,arg,NULL)
|
||||||
|
# endif
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* PSK ciphersuites from 4279 */
|
||||||
|
# define TLS1_CK_PSK_WITH_RC4_128_SHA 0x0300008A
|
||||||
|
# define TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA 0x0300008B
|
||||||
|
# define TLS1_CK_PSK_WITH_AES_128_CBC_SHA 0x0300008C
|
||||||
|
# define TLS1_CK_PSK_WITH_AES_256_CBC_SHA 0x0300008D
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Additional TLS ciphersuites from expired Internet Draft
|
||||||
|
* draft-ietf-tls-56-bit-ciphersuites-01.txt (available if
|
||||||
|
* TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES is defined, see s3_lib.c). We
|
||||||
|
* actually treat them like SSL 3.0 ciphers, which we probably shouldn't.
|
||||||
|
* Note that the first two are actually not in the IDs.
|
||||||
|
*/
|
||||||
|
# define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5 0x03000060/* not in
|
||||||
|
* ID */
|
||||||
|
# define TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 0x03000061/* not in
|
||||||
|
* ID */
|
||||||
|
# define TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA 0x03000062
|
||||||
|
# define TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA 0x03000063
|
||||||
|
# define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA 0x03000064
|
||||||
|
# define TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA 0x03000065
|
||||||
|
# define TLS1_CK_DHE_DSS_WITH_RC4_128_SHA 0x03000066
|
||||||
|
|
||||||
|
/* AES ciphersuites from RFC3268 */
|
||||||
|
|
||||||
|
# define TLS1_CK_RSA_WITH_AES_128_SHA 0x0300002F
|
||||||
|
# define TLS1_CK_DH_DSS_WITH_AES_128_SHA 0x03000030
|
||||||
|
# define TLS1_CK_DH_RSA_WITH_AES_128_SHA 0x03000031
|
||||||
|
# define TLS1_CK_DHE_DSS_WITH_AES_128_SHA 0x03000032
|
||||||
|
# define TLS1_CK_DHE_RSA_WITH_AES_128_SHA 0x03000033
|
||||||
|
# define TLS1_CK_ADH_WITH_AES_128_SHA 0x03000034
|
||||||
|
|
||||||
|
# define TLS1_CK_RSA_WITH_AES_256_SHA 0x03000035
|
||||||
|
# define TLS1_CK_DH_DSS_WITH_AES_256_SHA 0x03000036
|
||||||
|
# define TLS1_CK_DH_RSA_WITH_AES_256_SHA 0x03000037
|
||||||
|
# define TLS1_CK_DHE_DSS_WITH_AES_256_SHA 0x03000038
|
||||||
|
# define TLS1_CK_DHE_RSA_WITH_AES_256_SHA 0x03000039
|
||||||
|
# define TLS1_CK_ADH_WITH_AES_256_SHA 0x0300003A
|
||||||
|
|
||||||
|
/* TLS v1.2 ciphersuites */
|
||||||
|
# define TLS1_CK_RSA_WITH_NULL_SHA256 0x0300003B
|
||||||
|
# define TLS1_CK_RSA_WITH_AES_128_SHA256 0x0300003C
|
||||||
|
# define TLS1_CK_RSA_WITH_AES_256_SHA256 0x0300003D
|
||||||
|
# define TLS1_CK_DH_DSS_WITH_AES_128_SHA256 0x0300003E
|
||||||
|
# define TLS1_CK_DH_RSA_WITH_AES_128_SHA256 0x0300003F
|
||||||
|
# define TLS1_CK_DHE_DSS_WITH_AES_128_SHA256 0x03000040
|
||||||
|
|
||||||
|
/* Camellia ciphersuites from RFC4132 */
|
||||||
|
# define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000041
|
||||||
|
# define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA 0x03000042
|
||||||
|
# define TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000043
|
||||||
|
# define TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA 0x03000044
|
||||||
|
# define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000045
|
||||||
|
# define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA 0x03000046
|
||||||
|
|
||||||
|
/* TLS v1.2 ciphersuites */
|
||||||
|
# define TLS1_CK_DHE_RSA_WITH_AES_128_SHA256 0x03000067
|
||||||
|
# define TLS1_CK_DH_DSS_WITH_AES_256_SHA256 0x03000068
|
||||||
|
# define TLS1_CK_DH_RSA_WITH_AES_256_SHA256 0x03000069
|
||||||
|
# define TLS1_CK_DHE_DSS_WITH_AES_256_SHA256 0x0300006A
|
||||||
|
# define TLS1_CK_DHE_RSA_WITH_AES_256_SHA256 0x0300006B
|
||||||
|
# define TLS1_CK_ADH_WITH_AES_128_SHA256 0x0300006C
|
||||||
|
# define TLS1_CK_ADH_WITH_AES_256_SHA256 0x0300006D
|
||||||
|
|
||||||
|
/* Camellia ciphersuites from RFC4132 */
|
||||||
|
# define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000084
|
||||||
|
# define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA 0x03000085
|
||||||
|
# define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000086
|
||||||
|
# define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA 0x03000087
|
||||||
|
# define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000088
|
||||||
|
# define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA 0x03000089
|
||||||
|
|
||||||
|
/* SEED ciphersuites from RFC4162 */
|
||||||
|
# define TLS1_CK_RSA_WITH_SEED_SHA 0x03000096
|
||||||
|
# define TLS1_CK_DH_DSS_WITH_SEED_SHA 0x03000097
|
||||||
|
# define TLS1_CK_DH_RSA_WITH_SEED_SHA 0x03000098
|
||||||
|
# define TLS1_CK_DHE_DSS_WITH_SEED_SHA 0x03000099
|
||||||
|
# define TLS1_CK_DHE_RSA_WITH_SEED_SHA 0x0300009A
|
||||||
|
# define TLS1_CK_ADH_WITH_SEED_SHA 0x0300009B
|
||||||
|
|
||||||
|
/* TLS v1.2 GCM ciphersuites from RFC5288 */
|
||||||
|
# define TLS1_CK_RSA_WITH_AES_128_GCM_SHA256 0x0300009C
|
||||||
|
# define TLS1_CK_RSA_WITH_AES_256_GCM_SHA384 0x0300009D
|
||||||
|
# define TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256 0x0300009E
|
||||||
|
# define TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384 0x0300009F
|
||||||
|
# define TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256 0x030000A0
|
||||||
|
# define TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384 0x030000A1
|
||||||
|
# define TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256 0x030000A2
|
||||||
|
# define TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384 0x030000A3
|
||||||
|
# define TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256 0x030000A4
|
||||||
|
# define TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384 0x030000A5
|
||||||
|
# define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256 0x030000A6
|
||||||
|
# define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384 0x030000A7
|
||||||
|
|
||||||
|
/*
|
||||||
|
* ECC ciphersuites from draft-ietf-tls-ecc-12.txt with changes soon to be in
|
||||||
|
* draft 13
|
||||||
|
*/
|
||||||
|
# define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA 0x0300C001
|
||||||
|
# define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA 0x0300C002
|
||||||
|
# define TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA 0x0300C003
|
||||||
|
# define TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0x0300C004
|
||||||
|
# define TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0x0300C005
|
||||||
|
|
||||||
|
# define TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA 0x0300C006
|
||||||
|
# define TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA 0x0300C007
|
||||||
|
# define TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA 0x0300C008
|
||||||
|
# define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0x0300C009
|
||||||
|
# define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0x0300C00A
|
||||||
|
|
||||||
|
# define TLS1_CK_ECDH_RSA_WITH_NULL_SHA 0x0300C00B
|
||||||
|
# define TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA 0x0300C00C
|
||||||
|
# define TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA 0x0300C00D
|
||||||
|
# define TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA 0x0300C00E
|
||||||
|
# define TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA 0x0300C00F
|
||||||
|
|
||||||
|
# define TLS1_CK_ECDHE_RSA_WITH_NULL_SHA 0x0300C010
|
||||||
|
# define TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA 0x0300C011
|
||||||
|
# define TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA 0x0300C012
|
||||||
|
# define TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA 0x0300C013
|
||||||
|
# define TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA 0x0300C014
|
||||||
|
|
||||||
|
# define TLS1_CK_ECDH_anon_WITH_NULL_SHA 0x0300C015
|
||||||
|
# define TLS1_CK_ECDH_anon_WITH_RC4_128_SHA 0x0300C016
|
||||||
|
# define TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA 0x0300C017
|
||||||
|
# define TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA 0x0300C018
|
||||||
|
# define TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA 0x0300C019
|
||||||
|
|
||||||
|
/* SRP ciphersuites from RFC 5054 */
|
||||||
|
# define TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA 0x0300C01A
|
||||||
|
# define TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA 0x0300C01B
|
||||||
|
# define TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA 0x0300C01C
|
||||||
|
# define TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA 0x0300C01D
|
||||||
|
# define TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA 0x0300C01E
|
||||||
|
# define TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA 0x0300C01F
|
||||||
|
# define TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA 0x0300C020
|
||||||
|
# define TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA 0x0300C021
|
||||||
|
# define TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA 0x0300C022
|
||||||
|
|
||||||
|
/* ECDH HMAC based ciphersuites from RFC5289 */
|
||||||
|
|
||||||
|
# define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256 0x0300C023
|
||||||
|
# define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384 0x0300C024
|
||||||
|
# define TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256 0x0300C025
|
||||||
|
# define TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384 0x0300C026
|
||||||
|
# define TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256 0x0300C027
|
||||||
|
# define TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384 0x0300C028
|
||||||
|
# define TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256 0x0300C029
|
||||||
|
# define TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384 0x0300C02A
|
||||||
|
|
||||||
|
/* ECDH GCM based ciphersuites from RFC5289 */
|
||||||
|
# define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0x0300C02B
|
||||||
|
# define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0x0300C02C
|
||||||
|
# define TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0x0300C02D
|
||||||
|
# define TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0x0300C02E
|
||||||
|
# define TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0x0300C02F
|
||||||
|
# define TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0x0300C030
|
||||||
|
# define TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256 0x0300C031
|
||||||
|
# define TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384 0x0300C032
|
||||||
|
|
||||||
|
/*
|
||||||
|
* XXX * Backward compatibility alert: + * Older versions of OpenSSL gave
|
||||||
|
* some DHE ciphers names with "EDH" + * instead of "DHE". Going forward, we
|
||||||
|
* should be using DHE + * everywhere, though we may indefinitely maintain
|
||||||
|
* aliases for users + * or configurations that used "EDH" +
|
||||||
|
*/
|
||||||
|
# define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5 "EXP1024-RC4-MD5"
|
||||||
|
# define TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 "EXP1024-RC2-CBC-MD5"
|
||||||
|
# define TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA "EXP1024-DES-CBC-SHA"
|
||||||
|
# define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA "EXP1024-DHE-DSS-DES-CBC-SHA"
|
||||||
|
# define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA "EXP1024-RC4-SHA"
|
||||||
|
# define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA "EXP1024-DHE-DSS-RC4-SHA"
|
||||||
|
# define TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA "DHE-DSS-RC4-SHA"
|
||||||
|
|
||||||
|
/* AES ciphersuites from RFC3268 */
|
||||||
|
# define TLS1_TXT_RSA_WITH_AES_128_SHA "AES128-SHA"
|
||||||
|
# define TLS1_TXT_DH_DSS_WITH_AES_128_SHA "DH-DSS-AES128-SHA"
|
||||||
|
# define TLS1_TXT_DH_RSA_WITH_AES_128_SHA "DH-RSA-AES128-SHA"
|
||||||
|
# define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA "DHE-DSS-AES128-SHA"
|
||||||
|
# define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA "DHE-RSA-AES128-SHA"
|
||||||
|
# define TLS1_TXT_ADH_WITH_AES_128_SHA "ADH-AES128-SHA"
|
||||||
|
|
||||||
|
# define TLS1_TXT_RSA_WITH_AES_256_SHA "AES256-SHA"
|
||||||
|
# define TLS1_TXT_DH_DSS_WITH_AES_256_SHA "DH-DSS-AES256-SHA"
|
||||||
|
# define TLS1_TXT_DH_RSA_WITH_AES_256_SHA "DH-RSA-AES256-SHA"
|
||||||
|
# define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA "DHE-DSS-AES256-SHA"
|
||||||
|
# define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA "DHE-RSA-AES256-SHA"
|
||||||
|
# define TLS1_TXT_ADH_WITH_AES_256_SHA "ADH-AES256-SHA"
|
||||||
|
|
||||||
|
/* ECC ciphersuites from draft-ietf-tls-ecc-01.txt (Mar 15, 2001) */
|
||||||
|
# define TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA "ECDH-ECDSA-NULL-SHA"
|
||||||
|
# define TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA "ECDH-ECDSA-RC4-SHA"
|
||||||
|
# define TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA "ECDH-ECDSA-DES-CBC3-SHA"
|
||||||
|
# define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA "ECDH-ECDSA-AES128-SHA"
|
||||||
|
# define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA "ECDH-ECDSA-AES256-SHA"
|
||||||
|
|
||||||
|
# define TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA "ECDHE-ECDSA-NULL-SHA"
|
||||||
|
# define TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA "ECDHE-ECDSA-RC4-SHA"
|
||||||
|
# define TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA "ECDHE-ECDSA-DES-CBC3-SHA"
|
||||||
|
# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA "ECDHE-ECDSA-AES128-SHA"
|
||||||
|
# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA "ECDHE-ECDSA-AES256-SHA"
|
||||||
|
|
||||||
|
# define TLS1_TXT_ECDH_RSA_WITH_NULL_SHA "ECDH-RSA-NULL-SHA"
|
||||||
|
# define TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA "ECDH-RSA-RC4-SHA"
|
||||||
|
# define TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA "ECDH-RSA-DES-CBC3-SHA"
|
||||||
|
# define TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA "ECDH-RSA-AES128-SHA"
|
||||||
|
# define TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA "ECDH-RSA-AES256-SHA"
|
||||||
|
|
||||||
|
# define TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA "ECDHE-RSA-NULL-SHA"
|
||||||
|
# define TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA "ECDHE-RSA-RC4-SHA"
|
||||||
|
# define TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA "ECDHE-RSA-DES-CBC3-SHA"
|
||||||
|
# define TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA "ECDHE-RSA-AES128-SHA"
|
||||||
|
# define TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA "ECDHE-RSA-AES256-SHA"
|
||||||
|
|
||||||
|
# define TLS1_TXT_ECDH_anon_WITH_NULL_SHA "AECDH-NULL-SHA"
|
||||||
|
# define TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA "AECDH-RC4-SHA"
|
||||||
|
# define TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA "AECDH-DES-CBC3-SHA"
|
||||||
|
# define TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA "AECDH-AES128-SHA"
|
||||||
|
# define TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA "AECDH-AES256-SHA"
|
||||||
|
|
||||||
|
/* PSK ciphersuites from RFC 4279 */
|
||||||
|
# define TLS1_TXT_PSK_WITH_RC4_128_SHA "PSK-RC4-SHA"
|
||||||
|
# define TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA "PSK-3DES-EDE-CBC-SHA"
|
||||||
|
# define TLS1_TXT_PSK_WITH_AES_128_CBC_SHA "PSK-AES128-CBC-SHA"
|
||||||
|
# define TLS1_TXT_PSK_WITH_AES_256_CBC_SHA "PSK-AES256-CBC-SHA"
|
||||||
|
|
||||||
|
/* SRP ciphersuite from RFC 5054 */
|
||||||
|
# define TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA "SRP-3DES-EDE-CBC-SHA"
|
||||||
|
# define TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA "SRP-RSA-3DES-EDE-CBC-SHA"
|
||||||
|
# define TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA "SRP-DSS-3DES-EDE-CBC-SHA"
|
||||||
|
# define TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA "SRP-AES-128-CBC-SHA"
|
||||||
|
# define TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA "SRP-RSA-AES-128-CBC-SHA"
|
||||||
|
# define TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA "SRP-DSS-AES-128-CBC-SHA"
|
||||||
|
# define TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA "SRP-AES-256-CBC-SHA"
|
||||||
|
# define TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA "SRP-RSA-AES-256-CBC-SHA"
|
||||||
|
# define TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA "SRP-DSS-AES-256-CBC-SHA"
|
||||||
|
|
||||||
|
/* Camellia ciphersuites from RFC4132 */
|
||||||
|
# define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA "CAMELLIA128-SHA"
|
||||||
|
# define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA "DH-DSS-CAMELLIA128-SHA"
|
||||||
|
# define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA "DH-RSA-CAMELLIA128-SHA"
|
||||||
|
# define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA "DHE-DSS-CAMELLIA128-SHA"
|
||||||
|
# define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA "DHE-RSA-CAMELLIA128-SHA"
|
||||||
|
# define TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA "ADH-CAMELLIA128-SHA"
|
||||||
|
|
||||||
|
# define TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA "CAMELLIA256-SHA"
|
||||||
|
# define TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA "DH-DSS-CAMELLIA256-SHA"
|
||||||
|
# define TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA "DH-RSA-CAMELLIA256-SHA"
|
||||||
|
# define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA "DHE-DSS-CAMELLIA256-SHA"
|
||||||
|
# define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA "DHE-RSA-CAMELLIA256-SHA"
|
||||||
|
# define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA "ADH-CAMELLIA256-SHA"
|
||||||
|
|
||||||
|
/* SEED ciphersuites from RFC4162 */
|
||||||
|
# define TLS1_TXT_RSA_WITH_SEED_SHA "SEED-SHA"
|
||||||
|
# define TLS1_TXT_DH_DSS_WITH_SEED_SHA "DH-DSS-SEED-SHA"
|
||||||
|
# define TLS1_TXT_DH_RSA_WITH_SEED_SHA "DH-RSA-SEED-SHA"
|
||||||
|
# define TLS1_TXT_DHE_DSS_WITH_SEED_SHA "DHE-DSS-SEED-SHA"
|
||||||
|
# define TLS1_TXT_DHE_RSA_WITH_SEED_SHA "DHE-RSA-SEED-SHA"
|
||||||
|
# define TLS1_TXT_ADH_WITH_SEED_SHA "ADH-SEED-SHA"
|
||||||
|
|
||||||
|
/* TLS v1.2 ciphersuites */
|
||||||
|
# define TLS1_TXT_RSA_WITH_NULL_SHA256 "NULL-SHA256"
|
||||||
|
# define TLS1_TXT_RSA_WITH_AES_128_SHA256 "AES128-SHA256"
|
||||||
|
# define TLS1_TXT_RSA_WITH_AES_256_SHA256 "AES256-SHA256"
|
||||||
|
# define TLS1_TXT_DH_DSS_WITH_AES_128_SHA256 "DH-DSS-AES128-SHA256"
|
||||||
|
# define TLS1_TXT_DH_RSA_WITH_AES_128_SHA256 "DH-RSA-AES128-SHA256"
|
||||||
|
# define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256 "DHE-DSS-AES128-SHA256"
|
||||||
|
# define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256 "DHE-RSA-AES128-SHA256"
|
||||||
|
# define TLS1_TXT_DH_DSS_WITH_AES_256_SHA256 "DH-DSS-AES256-SHA256"
|
||||||
|
# define TLS1_TXT_DH_RSA_WITH_AES_256_SHA256 "DH-RSA-AES256-SHA256"
|
||||||
|
# define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256 "DHE-DSS-AES256-SHA256"
|
||||||
|
# define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256 "DHE-RSA-AES256-SHA256"
|
||||||
|
# define TLS1_TXT_ADH_WITH_AES_128_SHA256 "ADH-AES128-SHA256"
|
||||||
|
# define TLS1_TXT_ADH_WITH_AES_256_SHA256 "ADH-AES256-SHA256"
|
||||||
|
|
||||||
|
/* TLS v1.2 GCM ciphersuites from RFC5288 */
|
||||||
|
# define TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256 "AES128-GCM-SHA256"
|
||||||
|
# define TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384 "AES256-GCM-SHA384"
|
||||||
|
# define TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256 "DHE-RSA-AES128-GCM-SHA256"
|
||||||
|
# define TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384 "DHE-RSA-AES256-GCM-SHA384"
|
||||||
|
# define TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256 "DH-RSA-AES128-GCM-SHA256"
|
||||||
|
# define TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384 "DH-RSA-AES256-GCM-SHA384"
|
||||||
|
# define TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256 "DHE-DSS-AES128-GCM-SHA256"
|
||||||
|
# define TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384 "DHE-DSS-AES256-GCM-SHA384"
|
||||||
|
# define TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256 "DH-DSS-AES128-GCM-SHA256"
|
||||||
|
# define TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384 "DH-DSS-AES256-GCM-SHA384"
|
||||||
|
# define TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256 "ADH-AES128-GCM-SHA256"
|
||||||
|
# define TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384 "ADH-AES256-GCM-SHA384"
|
||||||
|
|
||||||
|
/* ECDH HMAC based ciphersuites from RFC5289 */
|
||||||
|
|
||||||
|
# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256 "ECDHE-ECDSA-AES128-SHA256"
|
||||||
|
# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384 "ECDHE-ECDSA-AES256-SHA384"
|
||||||
|
# define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256 "ECDH-ECDSA-AES128-SHA256"
|
||||||
|
# define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384 "ECDH-ECDSA-AES256-SHA384"
|
||||||
|
# define TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256 "ECDHE-RSA-AES128-SHA256"
|
||||||
|
# define TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384 "ECDHE-RSA-AES256-SHA384"
|
||||||
|
# define TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256 "ECDH-RSA-AES128-SHA256"
|
||||||
|
# define TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384 "ECDH-RSA-AES256-SHA384"
|
||||||
|
|
||||||
|
/* ECDH GCM based ciphersuites from RFC5289 */
|
||||||
|
# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 "ECDHE-ECDSA-AES128-GCM-SHA256"
|
||||||
|
# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 "ECDHE-ECDSA-AES256-GCM-SHA384"
|
||||||
|
# define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 "ECDH-ECDSA-AES128-GCM-SHA256"
|
||||||
|
# define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 "ECDH-ECDSA-AES256-GCM-SHA384"
|
||||||
|
# define TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256 "ECDHE-RSA-AES128-GCM-SHA256"
|
||||||
|
# define TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384 "ECDHE-RSA-AES256-GCM-SHA384"
|
||||||
|
# define TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256 "ECDH-RSA-AES128-GCM-SHA256"
|
||||||
|
# define TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384 "ECDH-RSA-AES256-GCM-SHA384"
|
||||||
|
|
||||||
|
# define TLS_CT_RSA_SIGN 1
|
||||||
|
# define TLS_CT_DSS_SIGN 2
|
||||||
|
# define TLS_CT_RSA_FIXED_DH 3
|
||||||
|
# define TLS_CT_DSS_FIXED_DH 4
|
||||||
|
# define TLS_CT_ECDSA_SIGN 64
|
||||||
|
# define TLS_CT_RSA_FIXED_ECDH 65
|
||||||
|
# define TLS_CT_ECDSA_FIXED_ECDH 66
|
||||||
|
# define TLS_CT_GOST94_SIGN 21
|
||||||
|
# define TLS_CT_GOST01_SIGN 22
|
||||||
|
/*
|
||||||
|
* when correcting this number, correct also SSL3_CT_NUMBER in ssl3.h (see
|
||||||
|
* comment there)
|
||||||
|
*/
|
||||||
|
# define TLS_CT_NUMBER 9
|
||||||
|
|
||||||
|
# define TLS1_FINISH_MAC_LENGTH 12
|
||||||
|
|
||||||
|
# define TLS_MD_MAX_CONST_SIZE 20
|
||||||
|
# define TLS_MD_CLIENT_FINISH_CONST "client finished"
|
||||||
|
# define TLS_MD_CLIENT_FINISH_CONST_SIZE 15
|
||||||
|
# define TLS_MD_SERVER_FINISH_CONST "server finished"
|
||||||
|
# define TLS_MD_SERVER_FINISH_CONST_SIZE 15
|
||||||
|
# define TLS_MD_SERVER_WRITE_KEY_CONST "server write key"
|
||||||
|
# define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE 16
|
||||||
|
# define TLS_MD_KEY_EXPANSION_CONST "key expansion"
|
||||||
|
# define TLS_MD_KEY_EXPANSION_CONST_SIZE 13
|
||||||
|
# define TLS_MD_CLIENT_WRITE_KEY_CONST "client write key"
|
||||||
|
# define TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE 16
|
||||||
|
# define TLS_MD_SERVER_WRITE_KEY_CONST "server write key"
|
||||||
|
# define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE 16
|
||||||
|
# define TLS_MD_IV_BLOCK_CONST "IV block"
|
||||||
|
# define TLS_MD_IV_BLOCK_CONST_SIZE 8
|
||||||
|
# define TLS_MD_MASTER_SECRET_CONST "master secret"
|
||||||
|
# define TLS_MD_MASTER_SECRET_CONST_SIZE 13
|
||||||
|
|
||||||
|
# ifdef CHARSET_EBCDIC
|
||||||
|
# undef TLS_MD_CLIENT_FINISH_CONST
|
||||||
|
/*
|
||||||
|
* client finished
|
||||||
|
*/
|
||||||
|
# define TLS_MD_CLIENT_FINISH_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x66\x69\x6e\x69\x73\x68\x65\x64"
|
||||||
|
|
||||||
|
# undef TLS_MD_SERVER_FINISH_CONST
|
||||||
|
/*
|
||||||
|
* server finished
|
||||||
|
*/
|
||||||
|
# define TLS_MD_SERVER_FINISH_CONST "\x73\x65\x72\x76\x65\x72\x20\x66\x69\x6e\x69\x73\x68\x65\x64"
|
||||||
|
|
||||||
|
# undef TLS_MD_SERVER_WRITE_KEY_CONST
|
||||||
|
/*
|
||||||
|
* server write key
|
||||||
|
*/
|
||||||
|
# define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
|
||||||
|
|
||||||
|
# undef TLS_MD_KEY_EXPANSION_CONST
|
||||||
|
/*
|
||||||
|
* key expansion
|
||||||
|
*/
|
||||||
|
# define TLS_MD_KEY_EXPANSION_CONST "\x6b\x65\x79\x20\x65\x78\x70\x61\x6e\x73\x69\x6f\x6e"
|
||||||
|
|
||||||
|
# undef TLS_MD_CLIENT_WRITE_KEY_CONST
|
||||||
|
/*
|
||||||
|
* client write key
|
||||||
|
*/
|
||||||
|
# define TLS_MD_CLIENT_WRITE_KEY_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
|
||||||
|
|
||||||
|
# undef TLS_MD_SERVER_WRITE_KEY_CONST
|
||||||
|
/*
|
||||||
|
* server write key
|
||||||
|
*/
|
||||||
|
# define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
|
||||||
|
|
||||||
|
# undef TLS_MD_IV_BLOCK_CONST
|
||||||
|
/*
|
||||||
|
* IV block
|
||||||
|
*/
|
||||||
|
# define TLS_MD_IV_BLOCK_CONST "\x49\x56\x20\x62\x6c\x6f\x63\x6b"
|
||||||
|
|
||||||
|
# undef TLS_MD_MASTER_SECRET_CONST
|
||||||
|
/*
|
||||||
|
* master secret
|
||||||
|
*/
|
||||||
|
# define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74"
|
||||||
|
# endif
|
||||||
|
|
||||||
|
/* TLS Session Ticket extension struct */
|
||||||
|
struct tls_session_ticket_ext_st {
|
||||||
|
unsigned short length;
|
||||||
|
void *data;
|
||||||
|
};
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,641 @@
|
||||||
|
/* crypto/x509/x509_vfy.h */
|
||||||
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* This package is an SSL implementation written
|
||||||
|
* by Eric Young (eay@cryptsoft.com).
|
||||||
|
* The implementation was written so as to conform with Netscapes SSL.
|
||||||
|
*
|
||||||
|
* This library is free for commercial and non-commercial use as long as
|
||||||
|
* the following conditions are aheared to. The following conditions
|
||||||
|
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||||
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||||
|
* included with this distribution is covered by the same copyright terms
|
||||||
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||||
|
*
|
||||||
|
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||||
|
* the code are not to be removed.
|
||||||
|
* If this package is used in a product, Eric Young should be given attribution
|
||||||
|
* as the author of the parts of the library used.
|
||||||
|
* This can be in the form of a textual message at program startup or
|
||||||
|
* in documentation (online or textual) provided with the package.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. All advertising materials mentioning features or use of this software
|
||||||
|
* must display the following acknowledgement:
|
||||||
|
* "This product includes cryptographic software written by
|
||||||
|
* Eric Young (eay@cryptsoft.com)"
|
||||||
|
* The word 'cryptographic' can be left out if the rouines from the library
|
||||||
|
* being used are not cryptographic related :-).
|
||||||
|
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||||
|
* the apps directory (application code) you must include an acknowledgement:
|
||||||
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* The licence and distribution terms for any publically available version or
|
||||||
|
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||||
|
* copied and put under another distribution licence
|
||||||
|
* [including the GNU Public Licence.]
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef HEADER_X509_H
|
||||||
|
# include <openssl/x509.h>
|
||||||
|
/*
|
||||||
|
* openssl/x509.h ends up #include-ing this file at about the only
|
||||||
|
* appropriate moment.
|
||||||
|
*/
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef HEADER_X509_VFY_H
|
||||||
|
# define HEADER_X509_VFY_H
|
||||||
|
|
||||||
|
# include <openssl/opensslconf.h>
|
||||||
|
# ifndef OPENSSL_NO_LHASH
|
||||||
|
# include <openssl/lhash.h>
|
||||||
|
# endif
|
||||||
|
# include <openssl/bio.h>
|
||||||
|
# include <openssl/crypto.h>
|
||||||
|
# include <openssl/symhacks.h>
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
extern "C" {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
# if 0
|
||||||
|
/* Outer object */
|
||||||
|
typedef struct x509_hash_dir_st {
|
||||||
|
int num_dirs;
|
||||||
|
char **dirs;
|
||||||
|
int *dirs_type;
|
||||||
|
int num_dirs_alloced;
|
||||||
|
} X509_HASH_DIR_CTX;
|
||||||
|
# endif
|
||||||
|
|
||||||
|
typedef struct x509_file_st {
|
||||||
|
int num_paths; /* number of paths to files or directories */
|
||||||
|
int num_alloced;
|
||||||
|
char **paths; /* the list of paths or directories */
|
||||||
|
int *path_type;
|
||||||
|
} X509_CERT_FILE_CTX;
|
||||||
|
|
||||||
|
/*******************************/
|
||||||
|
/*-
|
||||||
|
SSL_CTX -> X509_STORE
|
||||||
|
-> X509_LOOKUP
|
||||||
|
->X509_LOOKUP_METHOD
|
||||||
|
-> X509_LOOKUP
|
||||||
|
->X509_LOOKUP_METHOD
|
||||||
|
|
||||||
|
SSL -> X509_STORE_CTX
|
||||||
|
->X509_STORE
|
||||||
|
|
||||||
|
The X509_STORE holds the tables etc for verification stuff.
|
||||||
|
A X509_STORE_CTX is used while validating a single certificate.
|
||||||
|
The X509_STORE has X509_LOOKUPs for looking up certs.
|
||||||
|
The X509_STORE then calls a function to actually verify the
|
||||||
|
certificate chain.
|
||||||
|
*/
|
||||||
|
|
||||||
|
# define X509_LU_RETRY -1
|
||||||
|
# define X509_LU_FAIL 0
|
||||||
|
# define X509_LU_X509 1
|
||||||
|
# define X509_LU_CRL 2
|
||||||
|
# define X509_LU_PKEY 3
|
||||||
|
|
||||||
|
typedef struct x509_object_st {
|
||||||
|
/* one of the above types */
|
||||||
|
int type;
|
||||||
|
union {
|
||||||
|
char *ptr;
|
||||||
|
X509 *x509;
|
||||||
|
X509_CRL *crl;
|
||||||
|
EVP_PKEY *pkey;
|
||||||
|
} data;
|
||||||
|
} X509_OBJECT;
|
||||||
|
|
||||||
|
typedef struct x509_lookup_st X509_LOOKUP;
|
||||||
|
|
||||||
|
DECLARE_STACK_OF(X509_LOOKUP)
|
||||||
|
DECLARE_STACK_OF(X509_OBJECT)
|
||||||
|
|
||||||
|
/* This is a static that defines the function interface */
|
||||||
|
typedef struct x509_lookup_method_st {
|
||||||
|
const char *name;
|
||||||
|
int (*new_item) (X509_LOOKUP *ctx);
|
||||||
|
void (*free) (X509_LOOKUP *ctx);
|
||||||
|
int (*init) (X509_LOOKUP *ctx);
|
||||||
|
int (*shutdown) (X509_LOOKUP *ctx);
|
||||||
|
int (*ctrl) (X509_LOOKUP *ctx, int cmd, const char *argc, long argl,
|
||||||
|
char **ret);
|
||||||
|
int (*get_by_subject) (X509_LOOKUP *ctx, int type, X509_NAME *name,
|
||||||
|
X509_OBJECT *ret);
|
||||||
|
int (*get_by_issuer_serial) (X509_LOOKUP *ctx, int type, X509_NAME *name,
|
||||||
|
ASN1_INTEGER *serial, X509_OBJECT *ret);
|
||||||
|
int (*get_by_fingerprint) (X509_LOOKUP *ctx, int type,
|
||||||
|
unsigned char *bytes, int len,
|
||||||
|
X509_OBJECT *ret);
|
||||||
|
int (*get_by_alias) (X509_LOOKUP *ctx, int type, char *str, int len,
|
||||||
|
X509_OBJECT *ret);
|
||||||
|
} X509_LOOKUP_METHOD;
|
||||||
|
|
||||||
|
typedef struct X509_VERIFY_PARAM_ID_st X509_VERIFY_PARAM_ID;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This structure hold all parameters associated with a verify operation by
|
||||||
|
* including an X509_VERIFY_PARAM structure in related structures the
|
||||||
|
* parameters used can be customized
|
||||||
|
*/
|
||||||
|
|
||||||
|
typedef struct X509_VERIFY_PARAM_st {
|
||||||
|
char *name;
|
||||||
|
time_t check_time; /* Time to use */
|
||||||
|
unsigned long inh_flags; /* Inheritance flags */
|
||||||
|
unsigned long flags; /* Various verify flags */
|
||||||
|
int purpose; /* purpose to check untrusted certificates */
|
||||||
|
int trust; /* trust setting to check */
|
||||||
|
int depth; /* Verify depth */
|
||||||
|
STACK_OF(ASN1_OBJECT) *policies; /* Permissible policies */
|
||||||
|
X509_VERIFY_PARAM_ID *id; /* opaque ID data */
|
||||||
|
} X509_VERIFY_PARAM;
|
||||||
|
|
||||||
|
DECLARE_STACK_OF(X509_VERIFY_PARAM)
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This is used to hold everything. It is used for all certificate
|
||||||
|
* validation. Once we have a certificate chain, the 'verify' function is
|
||||||
|
* then called to actually check the cert chain.
|
||||||
|
*/
|
||||||
|
struct x509_store_st {
|
||||||
|
/* The following is a cache of trusted certs */
|
||||||
|
int cache; /* if true, stash any hits */
|
||||||
|
STACK_OF(X509_OBJECT) *objs; /* Cache of all objects */
|
||||||
|
/* These are external lookup methods */
|
||||||
|
STACK_OF(X509_LOOKUP) *get_cert_methods;
|
||||||
|
X509_VERIFY_PARAM *param;
|
||||||
|
/* Callbacks for various operations */
|
||||||
|
/* called to verify a certificate */
|
||||||
|
int (*verify) (X509_STORE_CTX *ctx);
|
||||||
|
/* error callback */
|
||||||
|
int (*verify_cb) (int ok, X509_STORE_CTX *ctx);
|
||||||
|
/* get issuers cert from ctx */
|
||||||
|
int (*get_issuer) (X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
|
||||||
|
/* check issued */
|
||||||
|
int (*check_issued) (X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
|
||||||
|
/* Check revocation status of chain */
|
||||||
|
int (*check_revocation) (X509_STORE_CTX *ctx);
|
||||||
|
/* retrieve CRL */
|
||||||
|
int (*get_crl) (X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x);
|
||||||
|
/* Check CRL validity */
|
||||||
|
int (*check_crl) (X509_STORE_CTX *ctx, X509_CRL *crl);
|
||||||
|
/* Check certificate against CRL */
|
||||||
|
int (*cert_crl) (X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x);
|
||||||
|
STACK_OF(X509) *(*lookup_certs) (X509_STORE_CTX *ctx, X509_NAME *nm);
|
||||||
|
STACK_OF(X509_CRL) *(*lookup_crls) (X509_STORE_CTX *ctx, X509_NAME *nm);
|
||||||
|
int (*cleanup) (X509_STORE_CTX *ctx);
|
||||||
|
CRYPTO_EX_DATA ex_data;
|
||||||
|
int references;
|
||||||
|
} /* X509_STORE */ ;
|
||||||
|
|
||||||
|
int X509_STORE_set_depth(X509_STORE *store, int depth);
|
||||||
|
|
||||||
|
# define X509_STORE_set_verify_cb_func(ctx,func) ((ctx)->verify_cb=(func))
|
||||||
|
# define X509_STORE_set_verify_func(ctx,func) ((ctx)->verify=(func))
|
||||||
|
|
||||||
|
/* This is the functions plus an instance of the local variables. */
|
||||||
|
struct x509_lookup_st {
|
||||||
|
int init; /* have we been started */
|
||||||
|
int skip; /* don't use us. */
|
||||||
|
X509_LOOKUP_METHOD *method; /* the functions */
|
||||||
|
char *method_data; /* method data */
|
||||||
|
X509_STORE *store_ctx; /* who owns us */
|
||||||
|
} /* X509_LOOKUP */ ;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This is a used when verifying cert chains. Since the gathering of the
|
||||||
|
* cert chain can take some time (and have to be 'retried', this needs to be
|
||||||
|
* kept and passed around.
|
||||||
|
*/
|
||||||
|
struct x509_store_ctx_st { /* X509_STORE_CTX */
|
||||||
|
X509_STORE *ctx;
|
||||||
|
/* used when looking up certs */
|
||||||
|
int current_method;
|
||||||
|
/* The following are set by the caller */
|
||||||
|
/* The cert to check */
|
||||||
|
X509 *cert;
|
||||||
|
/* chain of X509s - untrusted - passed in */
|
||||||
|
STACK_OF(X509) *untrusted;
|
||||||
|
/* set of CRLs passed in */
|
||||||
|
STACK_OF(X509_CRL) *crls;
|
||||||
|
X509_VERIFY_PARAM *param;
|
||||||
|
/* Other info for use with get_issuer() */
|
||||||
|
void *other_ctx;
|
||||||
|
/* Callbacks for various operations */
|
||||||
|
/* called to verify a certificate */
|
||||||
|
int (*verify) (X509_STORE_CTX *ctx);
|
||||||
|
/* error callback */
|
||||||
|
int (*verify_cb) (int ok, X509_STORE_CTX *ctx);
|
||||||
|
/* get issuers cert from ctx */
|
||||||
|
int (*get_issuer) (X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
|
||||||
|
/* check issued */
|
||||||
|
int (*check_issued) (X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
|
||||||
|
/* Check revocation status of chain */
|
||||||
|
int (*check_revocation) (X509_STORE_CTX *ctx);
|
||||||
|
/* retrieve CRL */
|
||||||
|
int (*get_crl) (X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x);
|
||||||
|
/* Check CRL validity */
|
||||||
|
int (*check_crl) (X509_STORE_CTX *ctx, X509_CRL *crl);
|
||||||
|
/* Check certificate against CRL */
|
||||||
|
int (*cert_crl) (X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x);
|
||||||
|
int (*check_policy) (X509_STORE_CTX *ctx);
|
||||||
|
STACK_OF(X509) *(*lookup_certs) (X509_STORE_CTX *ctx, X509_NAME *nm);
|
||||||
|
STACK_OF(X509_CRL) *(*lookup_crls) (X509_STORE_CTX *ctx, X509_NAME *nm);
|
||||||
|
int (*cleanup) (X509_STORE_CTX *ctx);
|
||||||
|
/* The following is built up */
|
||||||
|
/* if 0, rebuild chain */
|
||||||
|
int valid;
|
||||||
|
/* index of last untrusted cert */
|
||||||
|
int last_untrusted;
|
||||||
|
/* chain of X509s - built up and trusted */
|
||||||
|
STACK_OF(X509) *chain;
|
||||||
|
/* Valid policy tree */
|
||||||
|
X509_POLICY_TREE *tree;
|
||||||
|
/* Require explicit policy value */
|
||||||
|
int explicit_policy;
|
||||||
|
/* When something goes wrong, this is why */
|
||||||
|
int error_depth;
|
||||||
|
int error;
|
||||||
|
X509 *current_cert;
|
||||||
|
/* cert currently being tested as valid issuer */
|
||||||
|
X509 *current_issuer;
|
||||||
|
/* current CRL */
|
||||||
|
X509_CRL *current_crl;
|
||||||
|
/* score of current CRL */
|
||||||
|
int current_crl_score;
|
||||||
|
/* Reason mask */
|
||||||
|
unsigned int current_reasons;
|
||||||
|
/* For CRL path validation: parent context */
|
||||||
|
X509_STORE_CTX *parent;
|
||||||
|
CRYPTO_EX_DATA ex_data;
|
||||||
|
} /* X509_STORE_CTX */ ;
|
||||||
|
|
||||||
|
void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
|
||||||
|
|
||||||
|
# define X509_STORE_CTX_set_app_data(ctx,data) \
|
||||||
|
X509_STORE_CTX_set_ex_data(ctx,0,data)
|
||||||
|
# define X509_STORE_CTX_get_app_data(ctx) \
|
||||||
|
X509_STORE_CTX_get_ex_data(ctx,0)
|
||||||
|
|
||||||
|
# define X509_L_FILE_LOAD 1
|
||||||
|
# define X509_L_ADD_DIR 2
|
||||||
|
|
||||||
|
# define X509_LOOKUP_load_file(x,name,type) \
|
||||||
|
X509_LOOKUP_ctrl((x),X509_L_FILE_LOAD,(name),(long)(type),NULL)
|
||||||
|
|
||||||
|
# define X509_LOOKUP_add_dir(x,name,type) \
|
||||||
|
X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(long)(type),NULL)
|
||||||
|
|
||||||
|
# define X509_V_OK 0
|
||||||
|
/* illegal error (for uninitialized values, to avoid X509_V_OK): 1 */
|
||||||
|
|
||||||
|
# define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT 2
|
||||||
|
# define X509_V_ERR_UNABLE_TO_GET_CRL 3
|
||||||
|
# define X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE 4
|
||||||
|
# define X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE 5
|
||||||
|
# define X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY 6
|
||||||
|
# define X509_V_ERR_CERT_SIGNATURE_FAILURE 7
|
||||||
|
# define X509_V_ERR_CRL_SIGNATURE_FAILURE 8
|
||||||
|
# define X509_V_ERR_CERT_NOT_YET_VALID 9
|
||||||
|
# define X509_V_ERR_CERT_HAS_EXPIRED 10
|
||||||
|
# define X509_V_ERR_CRL_NOT_YET_VALID 11
|
||||||
|
# define X509_V_ERR_CRL_HAS_EXPIRED 12
|
||||||
|
# define X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD 13
|
||||||
|
# define X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD 14
|
||||||
|
# define X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD 15
|
||||||
|
# define X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD 16
|
||||||
|
# define X509_V_ERR_OUT_OF_MEM 17
|
||||||
|
# define X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT 18
|
||||||
|
# define X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN 19
|
||||||
|
# define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY 20
|
||||||
|
# define X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE 21
|
||||||
|
# define X509_V_ERR_CERT_CHAIN_TOO_LONG 22
|
||||||
|
# define X509_V_ERR_CERT_REVOKED 23
|
||||||
|
# define X509_V_ERR_INVALID_CA 24
|
||||||
|
# define X509_V_ERR_PATH_LENGTH_EXCEEDED 25
|
||||||
|
# define X509_V_ERR_INVALID_PURPOSE 26
|
||||||
|
# define X509_V_ERR_CERT_UNTRUSTED 27
|
||||||
|
# define X509_V_ERR_CERT_REJECTED 28
|
||||||
|
/* These are 'informational' when looking for issuer cert */
|
||||||
|
# define X509_V_ERR_SUBJECT_ISSUER_MISMATCH 29
|
||||||
|
# define X509_V_ERR_AKID_SKID_MISMATCH 30
|
||||||
|
# define X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH 31
|
||||||
|
# define X509_V_ERR_KEYUSAGE_NO_CERTSIGN 32
|
||||||
|
|
||||||
|
# define X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER 33
|
||||||
|
# define X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION 34
|
||||||
|
# define X509_V_ERR_KEYUSAGE_NO_CRL_SIGN 35
|
||||||
|
# define X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION 36
|
||||||
|
# define X509_V_ERR_INVALID_NON_CA 37
|
||||||
|
# define X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED 38
|
||||||
|
# define X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE 39
|
||||||
|
# define X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED 40
|
||||||
|
|
||||||
|
# define X509_V_ERR_INVALID_EXTENSION 41
|
||||||
|
# define X509_V_ERR_INVALID_POLICY_EXTENSION 42
|
||||||
|
# define X509_V_ERR_NO_EXPLICIT_POLICY 43
|
||||||
|
# define X509_V_ERR_DIFFERENT_CRL_SCOPE 44
|
||||||
|
# define X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE 45
|
||||||
|
|
||||||
|
# define X509_V_ERR_UNNESTED_RESOURCE 46
|
||||||
|
|
||||||
|
# define X509_V_ERR_PERMITTED_VIOLATION 47
|
||||||
|
# define X509_V_ERR_EXCLUDED_VIOLATION 48
|
||||||
|
# define X509_V_ERR_SUBTREE_MINMAX 49
|
||||||
|
# define X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE 51
|
||||||
|
# define X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX 52
|
||||||
|
# define X509_V_ERR_UNSUPPORTED_NAME_SYNTAX 53
|
||||||
|
# define X509_V_ERR_CRL_PATH_VALIDATION_ERROR 54
|
||||||
|
|
||||||
|
/* Suite B mode algorithm violation */
|
||||||
|
# define X509_V_ERR_SUITE_B_INVALID_VERSION 56
|
||||||
|
# define X509_V_ERR_SUITE_B_INVALID_ALGORITHM 57
|
||||||
|
# define X509_V_ERR_SUITE_B_INVALID_CURVE 58
|
||||||
|
# define X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM 59
|
||||||
|
# define X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED 60
|
||||||
|
# define X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 61
|
||||||
|
|
||||||
|
/* Host, email and IP check errors */
|
||||||
|
# define X509_V_ERR_HOSTNAME_MISMATCH 62
|
||||||
|
# define X509_V_ERR_EMAIL_MISMATCH 63
|
||||||
|
# define X509_V_ERR_IP_ADDRESS_MISMATCH 64
|
||||||
|
|
||||||
|
/* The application is not happy */
|
||||||
|
# define X509_V_ERR_APPLICATION_VERIFICATION 50
|
||||||
|
|
||||||
|
/* Certificate verify flags */
|
||||||
|
|
||||||
|
/* Send issuer+subject checks to verify_cb */
|
||||||
|
# define X509_V_FLAG_CB_ISSUER_CHECK 0x1
|
||||||
|
/* Use check time instead of current time */
|
||||||
|
# define X509_V_FLAG_USE_CHECK_TIME 0x2
|
||||||
|
/* Lookup CRLs */
|
||||||
|
# define X509_V_FLAG_CRL_CHECK 0x4
|
||||||
|
/* Lookup CRLs for whole chain */
|
||||||
|
# define X509_V_FLAG_CRL_CHECK_ALL 0x8
|
||||||
|
/* Ignore unhandled critical extensions */
|
||||||
|
# define X509_V_FLAG_IGNORE_CRITICAL 0x10
|
||||||
|
/* Disable workarounds for broken certificates */
|
||||||
|
# define X509_V_FLAG_X509_STRICT 0x20
|
||||||
|
/* Enable proxy certificate validation */
|
||||||
|
# define X509_V_FLAG_ALLOW_PROXY_CERTS 0x40
|
||||||
|
/* Enable policy checking */
|
||||||
|
# define X509_V_FLAG_POLICY_CHECK 0x80
|
||||||
|
/* Policy variable require-explicit-policy */
|
||||||
|
# define X509_V_FLAG_EXPLICIT_POLICY 0x100
|
||||||
|
/* Policy variable inhibit-any-policy */
|
||||||
|
# define X509_V_FLAG_INHIBIT_ANY 0x200
|
||||||
|
/* Policy variable inhibit-policy-mapping */
|
||||||
|
# define X509_V_FLAG_INHIBIT_MAP 0x400
|
||||||
|
/* Notify callback that policy is OK */
|
||||||
|
# define X509_V_FLAG_NOTIFY_POLICY 0x800
|
||||||
|
/* Extended CRL features such as indirect CRLs, alternate CRL signing keys */
|
||||||
|
# define X509_V_FLAG_EXTENDED_CRL_SUPPORT 0x1000
|
||||||
|
/* Delta CRL support */
|
||||||
|
# define X509_V_FLAG_USE_DELTAS 0x2000
|
||||||
|
/* Check selfsigned CA signature */
|
||||||
|
# define X509_V_FLAG_CHECK_SS_SIGNATURE 0x4000
|
||||||
|
/* Use trusted store first */
|
||||||
|
# define X509_V_FLAG_TRUSTED_FIRST 0x8000
|
||||||
|
/* Suite B 128 bit only mode: not normally used */
|
||||||
|
# define X509_V_FLAG_SUITEB_128_LOS_ONLY 0x10000
|
||||||
|
/* Suite B 192 bit only mode */
|
||||||
|
# define X509_V_FLAG_SUITEB_192_LOS 0x20000
|
||||||
|
/* Suite B 128 bit mode allowing 192 bit algorithms */
|
||||||
|
# define X509_V_FLAG_SUITEB_128_LOS 0x30000
|
||||||
|
|
||||||
|
/* Allow partial chains if at least one certificate is in trusted store */
|
||||||
|
# define X509_V_FLAG_PARTIAL_CHAIN 0x80000
|
||||||
|
|
||||||
|
# define X509_VP_FLAG_DEFAULT 0x1
|
||||||
|
# define X509_VP_FLAG_OVERWRITE 0x2
|
||||||
|
# define X509_VP_FLAG_RESET_FLAGS 0x4
|
||||||
|
# define X509_VP_FLAG_LOCKED 0x8
|
||||||
|
# define X509_VP_FLAG_ONCE 0x10
|
||||||
|
|
||||||
|
/* Internal use: mask of policy related options */
|
||||||
|
# define X509_V_FLAG_POLICY_MASK (X509_V_FLAG_POLICY_CHECK \
|
||||||
|
| X509_V_FLAG_EXPLICIT_POLICY \
|
||||||
|
| X509_V_FLAG_INHIBIT_ANY \
|
||||||
|
| X509_V_FLAG_INHIBIT_MAP)
|
||||||
|
|
||||||
|
int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type,
|
||||||
|
X509_NAME *name);
|
||||||
|
X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h,
|
||||||
|
int type, X509_NAME *name);
|
||||||
|
X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h,
|
||||||
|
X509_OBJECT *x);
|
||||||
|
void X509_OBJECT_up_ref_count(X509_OBJECT *a);
|
||||||
|
void X509_OBJECT_free_contents(X509_OBJECT *a);
|
||||||
|
X509_STORE *X509_STORE_new(void);
|
||||||
|
void X509_STORE_free(X509_STORE *v);
|
||||||
|
|
||||||
|
STACK_OF(X509) *X509_STORE_get1_certs(X509_STORE_CTX *st, X509_NAME *nm);
|
||||||
|
STACK_OF(X509_CRL) *X509_STORE_get1_crls(X509_STORE_CTX *st, X509_NAME *nm);
|
||||||
|
int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags);
|
||||||
|
int X509_STORE_set_purpose(X509_STORE *ctx, int purpose);
|
||||||
|
int X509_STORE_set_trust(X509_STORE *ctx, int trust);
|
||||||
|
int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *pm);
|
||||||
|
|
||||||
|
void X509_STORE_set_verify_cb(X509_STORE *ctx,
|
||||||
|
int (*verify_cb) (int, X509_STORE_CTX *));
|
||||||
|
|
||||||
|
void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
|
||||||
|
STACK_OF(X509_CRL) *(*cb) (X509_STORE_CTX
|
||||||
|
*ctx,
|
||||||
|
X509_NAME *nm));
|
||||||
|
|
||||||
|
X509_STORE_CTX *X509_STORE_CTX_new(void);
|
||||||
|
|
||||||
|
int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
|
||||||
|
|
||||||
|
void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
|
||||||
|
int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
|
||||||
|
X509 *x509, STACK_OF(X509) *chain);
|
||||||
|
void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
|
||||||
|
void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
|
||||||
|
|
||||||
|
X509_STORE *X509_STORE_CTX_get0_store(X509_STORE_CTX *ctx);
|
||||||
|
|
||||||
|
X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m);
|
||||||
|
|
||||||
|
X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void);
|
||||||
|
X509_LOOKUP_METHOD *X509_LOOKUP_file(void);
|
||||||
|
|
||||||
|
int X509_STORE_add_cert(X509_STORE *ctx, X509 *x);
|
||||||
|
int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);
|
||||||
|
|
||||||
|
int X509_STORE_get_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name,
|
||||||
|
X509_OBJECT *ret);
|
||||||
|
|
||||||
|
int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc,
|
||||||
|
long argl, char **ret);
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_STDIO
|
||||||
|
int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type);
|
||||||
|
int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type);
|
||||||
|
int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method);
|
||||||
|
void X509_LOOKUP_free(X509_LOOKUP *ctx);
|
||||||
|
int X509_LOOKUP_init(X509_LOOKUP *ctx);
|
||||||
|
int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name,
|
||||||
|
X509_OBJECT *ret);
|
||||||
|
int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name,
|
||||||
|
ASN1_INTEGER *serial, X509_OBJECT *ret);
|
||||||
|
int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type,
|
||||||
|
unsigned char *bytes, int len,
|
||||||
|
X509_OBJECT *ret);
|
||||||
|
int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str, int len,
|
||||||
|
X509_OBJECT *ret);
|
||||||
|
int X509_LOOKUP_shutdown(X509_LOOKUP *ctx);
|
||||||
|
|
||||||
|
# ifndef OPENSSL_NO_STDIO
|
||||||
|
int X509_STORE_load_locations(X509_STORE *ctx,
|
||||||
|
const char *file, const char *dir);
|
||||||
|
int X509_STORE_set_default_paths(X509_STORE *ctx);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
int X509_STORE_CTX_get_ex_new_index(long argl, void *argp,
|
||||||
|
CRYPTO_EX_new *new_func,
|
||||||
|
CRYPTO_EX_dup *dup_func,
|
||||||
|
CRYPTO_EX_free *free_func);
|
||||||
|
int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data);
|
||||||
|
void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx);
|
||||||
|
int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
|
||||||
|
void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int s);
|
||||||
|
int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
|
||||||
|
X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
|
||||||
|
X509 *X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx);
|
||||||
|
X509_CRL *X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx);
|
||||||
|
X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx);
|
||||||
|
STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx);
|
||||||
|
STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
|
||||||
|
void X509_STORE_CTX_set_cert(X509_STORE_CTX *c, X509 *x);
|
||||||
|
void X509_STORE_CTX_set_chain(X509_STORE_CTX *c, STACK_OF(X509) *sk);
|
||||||
|
void X509_STORE_CTX_set0_crls(X509_STORE_CTX *c, STACK_OF(X509_CRL) *sk);
|
||||||
|
int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose);
|
||||||
|
int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust);
|
||||||
|
int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
|
||||||
|
int purpose, int trust);
|
||||||
|
void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags);
|
||||||
|
void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags,
|
||||||
|
time_t t);
|
||||||
|
void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
|
||||||
|
int (*verify_cb) (int, X509_STORE_CTX *));
|
||||||
|
|
||||||
|
X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx);
|
||||||
|
int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx);
|
||||||
|
|
||||||
|
X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx);
|
||||||
|
void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param);
|
||||||
|
int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name);
|
||||||
|
|
||||||
|
/* X509_VERIFY_PARAM functions */
|
||||||
|
|
||||||
|
X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void);
|
||||||
|
void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param);
|
||||||
|
int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *to,
|
||||||
|
const X509_VERIFY_PARAM *from);
|
||||||
|
int X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to,
|
||||||
|
const X509_VERIFY_PARAM *from);
|
||||||
|
int X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM *param, const char *name);
|
||||||
|
int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
|
||||||
|
unsigned long flags);
|
||||||
|
int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
|
||||||
|
unsigned long flags);
|
||||||
|
unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
|
||||||
|
int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
|
||||||
|
int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
|
||||||
|
void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
|
||||||
|
void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
|
||||||
|
int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
|
||||||
|
ASN1_OBJECT *policy);
|
||||||
|
int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
|
||||||
|
STACK_OF(ASN1_OBJECT) *policies);
|
||||||
|
|
||||||
|
int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
|
||||||
|
const char *name, size_t namelen);
|
||||||
|
int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
|
||||||
|
const char *name, size_t namelen);
|
||||||
|
void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
|
||||||
|
unsigned int flags);
|
||||||
|
char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *);
|
||||||
|
int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
|
||||||
|
const char *email, size_t emaillen);
|
||||||
|
int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
|
||||||
|
const unsigned char *ip, size_t iplen);
|
||||||
|
int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param,
|
||||||
|
const char *ipasc);
|
||||||
|
|
||||||
|
int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
|
||||||
|
const char *X509_VERIFY_PARAM_get0_name(const X509_VERIFY_PARAM *param);
|
||||||
|
|
||||||
|
int X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM *param);
|
||||||
|
int X509_VERIFY_PARAM_get_count(void);
|
||||||
|
const X509_VERIFY_PARAM *X509_VERIFY_PARAM_get0(int id);
|
||||||
|
const X509_VERIFY_PARAM *X509_VERIFY_PARAM_lookup(const char *name);
|
||||||
|
void X509_VERIFY_PARAM_table_cleanup(void);
|
||||||
|
|
||||||
|
int X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy,
|
||||||
|
STACK_OF(X509) *certs,
|
||||||
|
STACK_OF(ASN1_OBJECT) *policy_oids, unsigned int flags);
|
||||||
|
|
||||||
|
void X509_policy_tree_free(X509_POLICY_TREE *tree);
|
||||||
|
|
||||||
|
int X509_policy_tree_level_count(const X509_POLICY_TREE *tree);
|
||||||
|
X509_POLICY_LEVEL *X509_policy_tree_get0_level(const X509_POLICY_TREE *tree,
|
||||||
|
int i);
|
||||||
|
|
||||||
|
STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_policies(const
|
||||||
|
X509_POLICY_TREE
|
||||||
|
*tree);
|
||||||
|
|
||||||
|
STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_user_policies(const
|
||||||
|
X509_POLICY_TREE
|
||||||
|
*tree);
|
||||||
|
|
||||||
|
int X509_policy_level_node_count(X509_POLICY_LEVEL *level);
|
||||||
|
|
||||||
|
X509_POLICY_NODE *X509_policy_level_get0_node(X509_POLICY_LEVEL *level,
|
||||||
|
int i);
|
||||||
|
|
||||||
|
const ASN1_OBJECT *X509_policy_node_get0_policy(const X509_POLICY_NODE *node);
|
||||||
|
|
||||||
|
STACK_OF(POLICYQUALINFO) *X509_policy_node_get0_qualifiers(const
|
||||||
|
X509_POLICY_NODE
|
||||||
|
*node);
|
||||||
|
const X509_POLICY_NODE *X509_policy_node_get0_parent(const X509_POLICY_NODE
|
||||||
|
*node);
|
||||||
|
|
||||||
|
#ifdef __cplusplus
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
#endif
|
Binary file not shown.
Binary file not shown.
Loading…
Reference in New Issue