moonlight-stream/moonlight-ios
1
0
Fork 0
mirror of https://github.com/moonlight-stream/moonlight-ios.git synced 2026-04-02 22:16:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

Rebuild OpenSSL with bitcode for macOS, iOS, and tvOS

Browse Source
This commit is contained in:
Cameron Gutman
2018-08-25 20:34:36 -07:00
parent b0b9a614f3
commit b04a4e72ff
83 changed files with 25288 additions and 23069 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
libs/openssl/include/openssl/aes.h
View File

@@ -1,4 +1,4 @@
/* crypto/aes/aes.h -*- mode:C; c-file-style: "eay" -*- */
/* crypto/aes/aes.h */
/* ====================================================================
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
*
@@ -63,8 +63,10 @@
# define AES_ENCRYPT 1
# define AES_DECRYPT 0
/* Because array size can't be a const in C, the following two are macros.
Both sizes are in bytes. */
/*
* Because array size can't be a const in C, the following two are macros.
* Both sizes are in bytes.
*/
# define AES_MAXNR 14
# define AES_BLOCK_SIZE 16

233
libs/openssl/include/openssl/asn1.h
View File

@@ -129,7 +129,6 @@ extern "C" {
# define V_ASN1_GENERALSTRING 27 /**/
# define V_ASN1_UNIVERSALSTRING 28 /**/
# define V_ASN1_BMPSTRING 30
/* For use with d2i_ASN1_type_bytes() */
# define B_ASN1_NUMERICSTRING 0x0001
# define B_ASN1_PRINTABLESTRING 0x0002
@@ -150,32 +149,30 @@ extern "C" {
# define B_ASN1_UTCTIME 0x4000
# define B_ASN1_GENERALIZEDTIME 0x8000
# define B_ASN1_SEQUENCE 0x10000
/* For use with ASN1_mbstring_copy() */
# define MBSTRING_FLAG 0x1000
# define MBSTRING_UTF8 (MBSTRING_FLAG)
# define MBSTRING_ASC (MBSTRING_FLAG|1)
# define MBSTRING_BMP (MBSTRING_FLAG|2)
# define MBSTRING_UNIV (MBSTRING_FLAG|4)
# define SMIME_OLDMIME 0x400
# define SMIME_CRLFEOL 0x800
# define SMIME_STREAM 0x1000
struct X509_algor_st;
DECLARE_STACK_OF(X509_ALGOR)
# define DECLARE_ASN1_SET_OF(type)/* filled in by mkstack.pl */
# define IMPLEMENT_ASN1_SET_OF(type)/* nothing, no longer needed */
/* We MUST make sure that, except for constness, asn1_ctx_st and
asn1_const_ctx are exactly the same. Fortunately, as soon as
the old ASN1 parsing macros are gone, we can throw this away
as well... */
typedef struct asn1_ctx_st
{
/*
* We MUST make sure that, except for constness, asn1_ctx_st and
* asn1_const_ctx are exactly the same. Fortunately, as soon as the old ASN1
* parsing macros are gone, we can throw this away as well...
*/
typedef struct asn1_ctx_st {
unsigned char *p; /* work char pointer */
int eos; /* end of sequence read for indefinite encoding */
int eos; /* end of sequence read for indefinite
* encoding */
int error; /* error code to use when returning an error */
int inf; /* constructed if 0x20, indefinite is 0x21 */
int tag; /* tag from last 'get object' */
@@ -187,10 +184,10 @@ typedef struct asn1_ctx_st
int line; /* used in error processing */
} ASN1_CTX;
typedef struct asn1_const_ctx_st
{
typedef struct asn1_const_ctx_st {
const unsigned char *p; /* work char pointer */
int eos; /* end of sequence read for indefinite encoding */
int eos; /* end of sequence read for indefinite
* encoding */
int error; /* error code to use when returning an error */
int inf; /* constructed if 0x20, indefinite is 0x21 */
int tag; /* tag from last 'get object' */
@@ -202,58 +199,62 @@ typedef struct asn1_const_ctx_st
int line; /* used in error processing */
} ASN1_const_CTX;
/* These are used internally in the ASN1_OBJECT to keep track of
* whether the names and data need to be free()ed */
/*
* These are used internally in the ASN1_OBJECT to keep track of whether the
* names and data need to be free()ed
*/
# define ASN1_OBJECT_FLAG_DYNAMIC 0x01/* internal use */
# define ASN1_OBJECT_FLAG_CRITICAL 0x02/* critical x509v3 object id */
# define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04/* internal use */
# define ASN1_OBJECT_FLAG_DYNAMIC_DATA 0x08/* internal use */
typedef struct asn1_object_st
{
struct asn1_object_st {
const char *sn, *ln;
int nid;
int length;
const unsigned char *data; /* data remains const after init */
int flags; /* Should we free this one */
} ASN1_OBJECT;
};
# define ASN1_STRING_FLAG_BITS_LEFT 0x08/* Set if 0x07 has bits left value */
/* This indicates that the ASN1_STRING is not a real value but just a place
* holder for the location where indefinite length constructed data should
* be inserted in the memory buffer
/*
* This indicates that the ASN1_STRING is not a real value but just a place
* holder for the location where indefinite length constructed data should be
* inserted in the memory buffer
*/
# define ASN1_STRING_FLAG_NDEF 0x010
/* This flag is used by the CMS code to indicate that a string is not
* complete and is a place holder for content when it had all been
* accessed. The flag will be reset when content has been written to it.
/*
* This flag is used by the CMS code to indicate that a string is not
* complete and is a place holder for content when it had all been accessed.
* The flag will be reset when content has been written to it.
*/
# define ASN1_STRING_FLAG_CONT 0x020
/* This flag is used by ASN1 code to indicate an ASN1_STRING is an MSTRING
/*
* This flag is used by ASN1 code to indicate an ASN1_STRING is an MSTRING
* type.
*/
# define ASN1_STRING_FLAG_MSTRING 0x040
/* This is the base type that holds just about everything :-) */
struct asn1_string_st
{
struct asn1_string_st {
int length;
int type;
unsigned char *data;
/* The value of the following field depends on the type being
* held. It is mostly being used for BIT_STRING so if the
* input data has a non-zero 'unused bits' value, it will be
* handled correctly */
/*
* The value of the following field depends on the type being held. It
* is mostly being used for BIT_STRING so if the input data has a
* non-zero 'unused bits' value, it will be handled correctly
*/
long flags;
};
/* ASN1_ENCODING structure: this is used to save the received
* encoding of an ASN1 type. This is useful to get round
* problems with invalid encodings which can break signatures.
/*
* ASN1_ENCODING structure: this is used to save the received encoding of an
* ASN1 type. This is useful to get round problems with invalid encodings
* which can break signatures.
*/
typedef struct ASN1_ENCODING_st
{
typedef struct ASN1_ENCODING_st {
unsigned char *enc; /* DER encoding */
long len; /* Length of encoding */
int modified; /* set to 1 if 'enc' is invalid */
@@ -289,8 +290,8 @@ DECLARE_STACK_OF(ASN1_STRING_TABLE)
# define ub_title 64
# define ub_email_address 128
/* Declarations for template structures: for full definitions
* see asn1t.h
/*
* Declarations for template structures: for full definitions see asn1t.h
*/
typedef struct ASN1_TEMPLATE_st ASN1_TEMPLATE;
typedef struct ASN1_TLC_st ASN1_TLC;
@@ -361,7 +362,8 @@ typedef struct ASN1_VALUE_st ASN1_VALUE;
TYPEDEF_D2I2D_OF(void);
/* The following macros and typedefs allow an ASN1_ITEM
/*-
* The following macros and typedefs allow an ASN1_ITEM
* to be embedded in a structure and referenced. Since
* the ASN1_ITEM pointers need to be globally accessible
* (possibly from shared libraries) they may exist in
@@ -414,8 +416,9 @@ typedef const ASN1_ITEM ASN1_ITEM_EXP;
# else
/* Platforms that can't easily handle shared global variables are declared
* as functions returning ASN1_ITEM pointers.
/*
* Platforms that can't easily handle shared global variables are declared as
* functions returning ASN1_ITEM pointers.
*/
/* ASN1_ITEM pointer exported type */
@@ -436,24 +439,22 @@ typedef const ASN1_ITEM * ASN1_ITEM_EXP(void);
/* Parameters used by ASN1_STRING_print_ex() */
/* These determine which characters to escape:
* RFC2253 special characters, control characters and
* MSB set characters
/*
* These determine which characters to escape: RFC2253 special characters,
* control characters and MSB set characters
*/
# define ASN1_STRFLGS_ESC_2253 1
# define ASN1_STRFLGS_ESC_CTRL 2
# define ASN1_STRFLGS_ESC_MSB 4
/* This flag determines how we do escaping: normally
* RC2253 backslash only, set this to use backslash and
* quote.
/*
* This flag determines how we do escaping: normally RC2253 backslash only,
* set this to use backslash and quote.
*/
# define ASN1_STRFLGS_ESC_QUOTE 8
/* These three flags are internal use only. */
/* Character is a valid PrintableString character */
@@ -463,19 +464,21 @@ typedef const ASN1_ITEM * ASN1_ITEM_EXP(void);
/* Character needs escaping if it is the last character */
# define CHARTYPE_LAST_ESC_2253 0x40
/* NB the internal flags are safely reused below by flags
* handled at the top level.
/*
* NB the internal flags are safely reused below by flags handled at the top
* level.
*/
/* If this is set we convert all character strings
* to UTF8 first
/*
* If this is set we convert all character strings to UTF8 first
*/
# define ASN1_STRFLGS_UTF8_CONVERT 0x10
/* If this is set we don't attempt to interpret content:
* just assume all strings are 1 byte per character. This
* will produce some pretty odd looking output!
/*
* If this is set we don't attempt to interpret content: just assume all
* strings are 1 byte per character. This will produce some pretty odd
* looking output!
*/
# define ASN1_STRFLGS_IGNORE_TYPE 0x20
@@ -483,27 +486,27 @@ typedef const ASN1_ITEM * ASN1_ITEM_EXP(void);
/* If this is set we include the string type in the output */
# define ASN1_STRFLGS_SHOW_TYPE 0x40
/* This determines which strings to display and which to
* 'dump' (hex dump of content octets or DER encoding). We can
* only dump non character strings or everything. If we
* don't dump 'unknown' they are interpreted as character
* strings with 1 octet per character and are subject to
* the usual escaping options.
/*
* This determines which strings to display and which to 'dump' (hex dump of
* content octets or DER encoding). We can only dump non character strings or
* everything. If we don't dump 'unknown' they are interpreted as character
* strings with 1 octet per character and are subject to the usual escaping
* options.
*/
# define ASN1_STRFLGS_DUMP_ALL 0x80
# define ASN1_STRFLGS_DUMP_UNKNOWN 0x100
/* These determine what 'dumping' does, we can dump the
* content octets or the DER encoding: both use the
* RFC2253 #XXXXX notation.
/*
* These determine what 'dumping' does, we can dump the content octets or the
* DER encoding: both use the RFC2253 #XXXXX notation.
*/
# define ASN1_STRFLGS_DUMP_DER 0x200
/* All the string flags consistent with RFC2253,
* escaping control characters isn't essential in
* RFC2253 but it is advisable anyway.
/*
* All the string flags consistent with RFC2253, escaping control characters
* isn't essential in RFC2253 but it is advisable anyway.
*/
# define ASN1_STRFLGS_RFC2253 (ASN1_STRFLGS_ESC_2253 | \
@@ -518,8 +521,7 @@ DECLARE_ASN1_SET_OF(ASN1_INTEGER)
DECLARE_STACK_OF(ASN1_GENERALSTRING)
typedef struct asn1_type_st
{
typedef struct asn1_type_st {
int type;
union {
char *ptr;
@@ -540,8 +542,10 @@ typedef struct asn1_type_st
ASN1_GENERALIZEDTIME *generalizedtime;
ASN1_VISIBLESTRING *visiblestring;
ASN1_UTF8STRING *utf8string;
/* set and sequence are left complete and still
* contain the set or sequence bytes */
/*
* set and sequence are left complete and still contain the set or
* sequence bytes
*/
ASN1_STRING *set;
ASN1_STRING *sequence;
ASN1_VALUE *asn1_value;
@@ -556,8 +560,7 @@ typedef STACK_OF(ASN1_TYPE) ASN1_SEQUENCE_ANY;
DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY)
DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SET_ANY)
typedef struct NETSCAPE_X509_st
{
typedef struct NETSCAPE_X509_st {
ASN1_OCTET_STRING *header;
X509 *cert;
} NETSCAPE_X509;
@@ -569,7 +572,6 @@ typedef struct BIT_STRING_BITNAME_st {
const char *sname;
} BIT_STRING_BITNAME;
# define M_ASN1_STRING_length(x) ((x)->length)
# define M_ASN1_STRING_length_set(x, n) ((x)->length = (n))
# define M_ASN1_STRING_type(x) ((x)->type)
@@ -776,7 +778,7 @@ DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE)
int ASN1_TYPE_get(ASN1_TYPE *a);
void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value);
int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value);
int ASN1_TYPE_cmp(ASN1_TYPE *a, ASN1_TYPE *b);
int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b);
ASN1_OBJECT *ASN1_OBJECT_new(void);
void ASN1_OBJECT_free(ASN1_OBJECT *a);
@@ -793,12 +795,15 @@ DECLARE_ASN1_SET_OF(ASN1_OBJECT)
ASN1_STRING *ASN1_STRING_new(void);
void ASN1_STRING_free(ASN1_STRING *a);
void ASN1_STRING_clear_free(ASN1_STRING *a);
int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str);
ASN1_STRING *ASN1_STRING_dup(const ASN1_STRING *a);
ASN1_STRING *ASN1_STRING_type_new(int type);
int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b);
/* Since this is used to store all sorts of things, via macros, for now, make
its data void * */
/*
* Since this is used to store all sorts of things, via macros, for now,
* make its data void *
*/
int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);
void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len);
int ASN1_STRING_length(const ASN1_STRING *x);
@@ -808,10 +813,9 @@ unsigned char * ASN1_STRING_data(ASN1_STRING *x);
DECLARE_ASN1_FUNCTIONS(ASN1_BIT_STRING)
int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp);
ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,const unsigned char **pp,
long length);
int ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d,
int length );
ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,
const unsigned char **pp, long length);
int ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d, int length);
int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value);
int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n);
int ASN1_BIT_STRING_check(ASN1_BIT_STRING *a,
@@ -839,7 +843,7 @@ int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y);
DECLARE_ASN1_FUNCTIONS(ASN1_ENUMERATED)
int ASN1_UTCTIME_check(ASN1_UTCTIME *a);
int ASN1_UTCTIME_check(const ASN1_UTCTIME *a);
ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
int offset_day, long offset_sec);
@@ -849,16 +853,22 @@ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s);
# endif
int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *a);
ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,time_t t);
int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *a);
ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
time_t t);
ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
time_t t, int offset_day, long offset_sec);
time_t t, int offset_day,
long offset_sec);
int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str);
int ASN1_TIME_diff(int *pday, int *psec,
const ASN1_TIME *from, const ASN1_TIME *to);
DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING)
ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(const ASN1_OCTET_STRING *a);
int ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a, const ASN1_OCTET_STRING *b);
int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, const unsigned char *data, int len);
int ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a,
const ASN1_OCTET_STRING *b);
int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, const unsigned char *data,
int len);
DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING)
DECLARE_ASN1_FUNCTIONS(ASN1_UNIVERSALSTRING)
@@ -887,17 +897,17 @@ ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s,time_t t);
ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t,
int offset_day, long offset_sec);
int ASN1_TIME_check(ASN1_TIME *t);
ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME **out);
ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME
**out);
int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
int i2d_ASN1_SET(STACK_OF(OPENSSL_BLOCK) *a, unsigned char **pp,
i2d_of_void *i2d, int ex_tag, int ex_class,
int is_set);
i2d_of_void *i2d, int ex_tag, int ex_class, int is_set);
STACK_OF(OPENSSL_BLOCK) *d2i_ASN1_SET(STACK_OF(OPENSSL_BLOCK) **a,
const unsigned char **pp,
long length, d2i_of_void *d2i,
void (*free_func)(OPENSSL_BLOCK), int ex_tag,
int ex_class);
void (*free_func) (OPENSSL_BLOCK),
int ex_tag, int ex_class);
# ifndef OPENSSL_NO_BIO
int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a);
@@ -1030,7 +1040,8 @@ int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags);
int ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num,
unsigned char *buf, int off);
int ASN1_parse(BIO *bp, const unsigned char *pp, long len, int indent);
int ASN1_parse_dump(BIO *bp,const unsigned char *pp,long len,int indent,int dump);
int ASN1_parse_dump(BIO *bp, const unsigned char *pp, long len, int indent,
int dump);
# endif
const char *ASN1_tag2str(int tag);
@@ -1040,17 +1051,16 @@ DECLARE_ASN1_FUNCTIONS(NETSCAPE_X509)
int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s);
int ASN1_TYPE_set_octetstring(ASN1_TYPE *a,
unsigned char *data, int len);
int ASN1_TYPE_get_octetstring(ASN1_TYPE *a,
unsigned char *data, int max_len);
int ASN1_TYPE_set_octetstring(ASN1_TYPE *a, unsigned char *data, int len);
int ASN1_TYPE_get_octetstring(ASN1_TYPE *a, unsigned char *data, int max_len);
int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num,
unsigned char *data, int len);
int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a, long *num,
unsigned char *data, int max_len);
STACK_OF(OPENSSL_BLOCK) *ASN1_seq_unpack(const unsigned char *buf, int len,
d2i_of_void *d2i, void (*free_func)(OPENSSL_BLOCK));
d2i_of_void *d2i,
void (*free_func) (OPENSSL_BLOCK));
unsigned char *ASN1_seq_pack(STACK_OF(OPENSSL_BLOCK) *safes, i2d_of_void *i2d,
unsigned char **buf, int *len);
void *ASN1_unpack_string(ASN1_STRING *oct, d2i_of_void *d2i);
@@ -1063,7 +1073,8 @@ ASN1_STRING *ASN1_pack_string(void *obj, i2d_of_void *i2d,
CHECKED_I2D_OF(type, i2d), \
oct))
ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_OCTET_STRING **oct);
ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it,
ASN1_OCTET_STRING **oct);
void ASN1_STRING_set_default_mask(unsigned long mask);
int ASN1_STRING_set_default_mask_asc(const char *p);
@@ -1075,7 +1086,8 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
long minsize, long maxsize);
ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out,
const unsigned char *in, int inlen, int inform, int nid);
const unsigned char *in, int inlen,
int inform, int nid);
ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid);
int ASN1_STRING_TABLE_add(int, long, long, unsigned long, unsigned long);
void ASN1_STRING_TABLE_cleanup(void);
@@ -1085,9 +1097,11 @@ void ASN1_STRING_TABLE_cleanup(void);
/* Old API compatible functions */
ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it);
void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it);
ASN1_VALUE * ASN1_item_d2i(ASN1_VALUE **val, const unsigned char **in, long len, const ASN1_ITEM *it);
ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **val, const unsigned char **in,
long len, const ASN1_ITEM *it);
int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it);
int ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it);
int ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out,
const ASN1_ITEM *it);
void ASN1_add_oid_module(void);
@@ -1137,18 +1151,17 @@ BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it);
int i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
const ASN1_ITEM *it);
int PEM_write_bio_ASN1_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
const char *hdr,
const ASN1_ITEM *it);
const char *hdr, const ASN1_ITEM *it);
int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
int ctype_nid, int econt_nid,
STACK_OF(X509_ALGOR) *mdalgs,
const ASN1_ITEM *it);
STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it);
ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it);
int SMIME_crlf_copy(BIO *in, BIO *out, int flags);
int SMIME_text(BIO *in, BIO *out);
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_ASN1_strings(void);
@@ -1329,6 +1342,7 @@ void ERR_load_ASN1_strings(void);
# define ASN1_R_ILLEGAL_TIME_VALUE 184
# define ASN1_R_INTEGER_NOT_ASCII_FORMAT 185
# define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG 128
# define ASN1_R_INVALID_BIT_STRING_BITS_LEFT 220
# define ASN1_R_INVALID_BMPSTRING_LENGTH 129
# define ASN1_R_INVALID_DIGIT 130
# define ASN1_R_INVALID_MIME_TYPE 205
@@ -1378,6 +1392,7 @@ void ERR_load_ASN1_strings(void);
# define ASN1_R_TIME_NOT_ASCII_FORMAT 193
# define ASN1_R_TOO_LONG 155
# define ASN1_R_TYPE_NOT_CONSTRUCTED 156
# define ASN1_R_TYPE_NOT_PRIMITIVE 218
# define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 157
# define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 158
# define ASN1_R_UNEXPECTED_EOC 159

13
libs/openssl/include/openssl/asn1_mac.h
View File

@@ -361,16 +361,17 @@ err:\
if (((arg)=func()) == NULL) return(NULL)
# define M_ASN1_New_Error(a) \
/* err: ASN1_MAC_H_err((a),ERR_R_NESTED_ASN1_ERROR,c.line); \
/*- err: ASN1_MAC_H_err((a),ERR_R_NESTED_ASN1_ERROR,c.line); \
return(NULL);*/ \
err2: ASN1_MAC_H_err((a),ERR_R_MALLOC_FAILURE,c.line); \
return(NULL)
/* BIG UGLY WARNING! This is so damn ugly I wanna puke. Unfortunately,
some macros that use ASN1_const_CTX still insist on writing in the input
stream. ARGH! ARGH! ARGH! Let's get rid of this macro package.
Please? -- Richard Levitte */
/*
* BIG UGLY WARNING! This is so damn ugly I wanna puke. Unfortunately, some
* macros that use ASN1_const_CTX still insist on writing in the input
* stream. ARGH! ARGH! ARGH! Let's get rid of this macro package. Please? --
* Richard Levitte
*/
# define M_ASN1_next (*((unsigned char *)(c.p)))
# define M_ASN1_next_prev (*((unsigned char *)(c.q)))

167
libs/openssl/include/openssl/asn1t.h
View File

@@ -1,6 +1,7 @@
/* asn1t.h */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2000.
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
* 2000.
*/
/* ====================================================================
* Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
@@ -73,13 +74,11 @@
extern "C" {
#endif
# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
/* Macro to obtain ASN1_ADB pointer from a type (only used internally) */
# define ASN1_ADB_ptr(iptr) ((const ASN1_ADB *)(iptr))
/* Macros for start and end of ASN1_ITEM definition */
# define ASN1_ITEM_start(itname) \
@@ -93,7 +92,6 @@ extern "C" {
/* Macro to obtain ASN1_ADB pointer from a type (only used internally) */
# define ASN1_ADB_ptr(iptr) ((const ASN1_ADB *)(iptr()))
/* Macros for start and end of ASN1_ITEM definition */
# define ASN1_ITEM_start(itname) \
@@ -108,7 +106,6 @@ extern "C" {
# endif
/* Macros to aid ASN1 template writing */
# define ASN1_ITEM_TEMPLATE(tname) \
@@ -126,10 +123,10 @@ extern "C" {
#tname \
ASN1_ITEM_end(tname)
/* This is a ASN1 type which just embeds a template */
/* This pair helps declare a SEQUENCE. We can do:
/*-
* This pair helps declare a SEQUENCE. We can do:
*
* ASN1_SEQUENCE(stname) = {
* ... SEQUENCE components ...
@@ -230,8 +227,8 @@ extern "C" {
#stname \
ASN1_ITEM_end(tname)
/* This pair helps declare a CHOICE type. We can do:
/*-
* This pair helps declare a CHOICE type. We can do:
*
* ASN1_CHOICE(chname) = {
* ... CHOICE options ...
@@ -437,10 +434,10 @@ extern "C" {
# define ASN1_ADB_TEMPLATE(name) \
static const ASN1_TEMPLATE name##_tt
/* This is the ASN1 template structure that defines
* a wrapper round the actual type. It determines the
* actual position of the field in the value structure,
* various flags such as OPTIONAL and the field name.
/*
* This is the ASN1 template structure that defines a wrapper round the
* actual type. It determines the actual position of the field in the value
* structure, various flags such as OPTIONAL and the field name.
*/
struct ASN1_TEMPLATE_st {
@@ -487,25 +484,24 @@ struct ASN1_ADB_TABLE_st {
/* Field is a SEQUENCE OF */
# define ASN1_TFLG_SEQUENCE_OF (0x2 << 1)
/* Special case: this refers to a SET OF that
* will be sorted into DER order when encoded *and*
* the corresponding STACK will be modified to match
* the new order.
/*
* Special case: this refers to a SET OF that will be sorted into DER order
* when encoded *and* the corresponding STACK will be modified to match the
* new order.
*/
# define ASN1_TFLG_SET_ORDER (0x3 << 1)
/* Mask for SET OF or SEQUENCE OF */
# define ASN1_TFLG_SK_MASK (0x3 << 1)
/* These flags mean the tag should be taken from the
* tag field. If EXPLICIT then the underlying type
* is used for the inner tag.
/*
* These flags mean the tag should be taken from the tag field. If EXPLICIT
* then the underlying type is used for the inner tag.
*/
/* IMPLICIT tagging */
# define ASN1_TFLG_IMPTAG (0x1 << 3)
/* EXPLICIT tagging, inner tag from underlying type */
# define ASN1_TFLG_EXPTAG (0x2 << 3)
@@ -517,10 +513,10 @@ struct ASN1_ADB_TABLE_st {
/* context specific EXPLICIT */
# define ASN1_TFLG_EXPLICIT ASN1_TFLG_EXPTAG|ASN1_TFLG_CONTEXT
/* If tagging is in force these determine the
* type of tag to use. Otherwise the tag is
* determined by the underlying type. These
* values reflect the actual octet format.
/*
* If tagging is in force these determine the type of tag to use. Otherwise
* the tag is determined by the underlying type. These values reflect the
* actual octet format.
*/
/* Universal tag */
@@ -534,9 +530,9 @@ struct ASN1_ADB_TABLE_st {
# define ASN1_TFLG_TAG_CLASS (0x3<<6)
/* These are for ANY DEFINED BY type. In this case
* the 'item' field points to an ASN1_ADB structure
* which contains a table of values to decode the
/*
* These are for ANY DEFINED BY type. In this case the 'item' field points to
* an ASN1_ADB structure which contains a table of values to decode the
* relevant type
*/
@@ -546,19 +542,18 @@ struct ASN1_ADB_TABLE_st {
# define ASN1_TFLG_ADB_INT (0x1<<9)
/* This flag means a parent structure is passed
* instead of the field: this is useful is a
* SEQUENCE is being combined with a CHOICE for
* example. Since this means the structure and
* item name will differ we need to use the
/*
* This flag means a parent structure is passed instead of the field: this is
* useful is a SEQUENCE is being combined with a CHOICE for example. Since
* this means the structure and item name will differ we need to use the
* ASN1_CHOICE_END_name() macro for example.
*/
# define ASN1_TFLG_COMBINE (0x1<<10)
/* This flag when present in a SEQUENCE OF, SET OF
* or EXPLICIT causes indefinite length constructed
* encoding to be used if required.
/*
* This flag when present in a SEQUENCE OF, SET OF or EXPLICIT causes
* indefinite length constructed encoding to be used if required.
*/
# define ASN1_TFLG_NDEF (0x1<<11)
@@ -566,9 +561,11 @@ struct ASN1_ADB_TABLE_st {
/* This is the actual ASN1 item itself */
struct ASN1_ITEM_st {
char itype; /* The item type, primitive, SEQUENCE, CHOICE or extern */
char itype; /* The item type, primitive, SEQUENCE, CHOICE
* or extern */
long utype; /* underlying type */
const ASN1_TEMPLATE *templates; /* If SEQUENCE or CHOICE this contains the contents */
const ASN1_TEMPLATE *templates; /* If SEQUENCE or CHOICE this contains
* the contents */
long tcount; /* Number of templates if SEQUENCE or CHOICE */
const void *funcs; /* functions that handle this type */
long size; /* Structure size (usually) */
@@ -577,7 +574,8 @@ const char *sname; /* Structure name */
# endif
};
/* These are values for the itype field and
/*-
* These are values for the itype field and
* determine how the type is interpreted.
*
* For PRIMITIVE types the underlying type
@@ -635,8 +633,8 @@ const char *sname; /* Structure name */
# define ASN1_ITYPE_NDEF_SEQUENCE 0x6
/* Cache for ASN1 tag and length, so we
* don't keep re-reading it for things
/*
* Cache for ASN1 tag and length, so we don't keep re-reading it for things
* like CHOICE
*/
@@ -653,13 +651,16 @@ struct ASN1_TLC_st{
typedef ASN1_VALUE *ASN1_new_func(void);
typedef void ASN1_free_func(ASN1_VALUE *a);
typedef ASN1_VALUE * ASN1_d2i_func(ASN1_VALUE **a, const unsigned char ** in, long length);
typedef ASN1_VALUE *ASN1_d2i_func(ASN1_VALUE **a, const unsigned char **in,
long length);
typedef int ASN1_i2d_func(ASN1_VALUE *a, unsigned char **in);
typedef int ASN1_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it,
int tag, int aclass, char opt, ASN1_TLC *ctx);
typedef int ASN1_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
const ASN1_ITEM *it, int tag, int aclass, char opt,
ASN1_TLC *ctx);
typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass);
typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
const ASN1_ITEM *it, int tag, int aclass);
typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
@@ -667,9 +668,14 @@ typedef int ASN1_ex_print_func(BIO *out, ASN1_VALUE **pval,
int indent, const char *fname,
const ASN1_PCTX *pctx);
typedef int ASN1_primitive_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it);
typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
typedef int ASN1_primitive_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it, int indent, const ASN1_PCTX *pctx);
typedef int ASN1_primitive_i2c(ASN1_VALUE **pval, unsigned char *cont,
int *putype, const ASN1_ITEM *it);
typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, const unsigned char *cont,
int len, int utype, char *free_cont,
const ASN1_ITEM *it);
typedef int ASN1_primitive_print(BIO *out, ASN1_VALUE **pval,
const ASN1_ITEM *it, int indent,
const ASN1_PCTX *pctx);
typedef struct ASN1_COMPAT_FUNCS_st {
ASN1_new_func *asn1_new;
@@ -699,21 +705,17 @@ typedef struct ASN1_PRIMITIVE_FUNCS_st {
ASN1_primitive_print *prim_print;
} ASN1_PRIMITIVE_FUNCS;
/* This is the ASN1_AUX structure: it handles various
* miscellaneous requirements. For example the use of
* reference counts and an informational callback.
*
* The "informational callback" is called at various
* points during the ASN1 encoding and decoding. It can
* be used to provide minor customisation of the structures
* used. This is most useful where the supplied routines
* *almost* do the right thing but need some extra help
* at a few points. If the callback returns zero then
* it is assumed a fatal error has occurred and the
* main operation should be abandoned.
*
* If major changes in the default behaviour are required
* then an external type is more appropriate.
/*
* This is the ASN1_AUX structure: it handles various miscellaneous
* requirements. For example the use of reference counts and an informational
* callback. The "informational callback" is called at various points during
* the ASN1 encoding and decoding. It can be used to provide minor
* customisation of the structures used. This is most useful where the
* supplied routines *almost* do the right thing but need some extra help at
* a few points. If the callback returns zero then it is assumed a fatal
* error has occurred and the main operation should be abandoned. If major
* changes in the default behaviour are required then an external type is
* more appropriate.
*/
typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it,
@@ -871,8 +873,9 @@ typedef struct ASN1_STREAM_ARG_st {
return ASN1_item_ndef_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(stname));\
}
/* This includes evil casts to remove const: they will go away when full
* ASN1 constification is done.
/*
* This includes evil casts to remove const: they will go away when full ASN1
* constification is done.
*/
# define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
@@ -929,30 +932,40 @@ int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
int ASN1_template_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_TEMPLATE *tt);
int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it,
int tag, int aclass, char opt, ASN1_TLC *ctx);
int ASN1_template_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
const ASN1_TEMPLATE *tt);
int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
const ASN1_ITEM *it, int tag, int aclass, char opt,
ASN1_TLC *ctx);
int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass);
int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_TEMPLATE *tt);
int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
const ASN1_ITEM *it, int tag, int aclass);
int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out,
const ASN1_TEMPLATE *tt);
void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it);
int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
const ASN1_ITEM *it);
int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
int utype, char *free_cont, const ASN1_ITEM *it);
int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it);
int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it);
int asn1_set_choice_selector(ASN1_VALUE **pval, int value,
const ASN1_ITEM *it);
ASN1_VALUE **asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, int nullerr);
const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt,
int nullerr);
int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it);
void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it);
void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, const ASN1_ITEM *it);
int asn1_enc_save(ASN1_VALUE **pval, const unsigned char *in, int inlen, const ASN1_ITEM *it);
int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval,
const ASN1_ITEM *it);
int asn1_enc_save(ASN1_VALUE **pval, const unsigned char *in, int inlen,
const ASN1_ITEM *it);
#ifdef __cplusplus
}

192
libs/openssl/include/openssl/bio.h
View File

@@ -113,13 +113,16 @@ extern "C" {
# define BIO_TYPE_FILTER 0x0200
# define BIO_TYPE_SOURCE_SINK 0x0400
/* BIO_FILENAME_READ|BIO_CLOSE to open or close on free.
* BIO_set_fp(in,stdin,BIO_NOCLOSE); */
/*
* BIO_FILENAME_READ|BIO_CLOSE to open or close on free.
* BIO_set_fp(in,stdin,BIO_NOCLOSE);
*/
# define BIO_NOCLOSE 0x00
# define BIO_CLOSE 0x01
/* These are used in the following macros and are passed to
* BIO_ctrl() */
/*
* These are used in the following macros and are passed to BIO_ctrl()
*/
# define BIO_CTRL_RESET 1/* opt - rewind/zero etc */
# define BIO_CTRL_EOF 2/* opt - are we at the eof */
# define BIO_CTRL_INFO 3/* opt - extra tit-bits */
@@ -141,9 +144,8 @@ extern "C" {
/* dgram BIO stuff */
# define BIO_CTRL_DGRAM_CONNECT 31/* BIO dgram special */
#define BIO_CTRL_DGRAM_SET_CONNECTED 32 /* allow for an externally
* connected socket to be
* passed in */
# define BIO_CTRL_DGRAM_SET_CONNECTED 32/* allow for an externally connected
* socket to be passed in */
# define BIO_CTRL_DGRAM_SET_RECV_TIMEOUT 33/* setsockopt, essentially */
# define BIO_CTRL_DGRAM_GET_RECV_TIMEOUT 34/* getsockopt, essentially */
# define BIO_CTRL_DGRAM_SET_SEND_TIMEOUT 35/* setsockopt, essentially */
@@ -159,21 +161,22 @@ extern "C" {
# define BIO_CTRL_DGRAM_QUERY_MTU 40/* as kernel for current MTU */
# define BIO_CTRL_DGRAM_GET_FALLBACK_MTU 47
# define BIO_CTRL_DGRAM_GET_MTU 41/* get cached value for MTU */
#define BIO_CTRL_DGRAM_SET_MTU 42 /* set cached value for
* MTU. want to use this
* if asking the kernel
* fails */
# define BIO_CTRL_DGRAM_SET_MTU 42/* set cached value for MTU.
* want to use this if asking
* the kernel fails */
#define BIO_CTRL_DGRAM_MTU_EXCEEDED 43 /* check whether the MTU
* was exceed in the
* previous write
# define BIO_CTRL_DGRAM_MTU_EXCEEDED 43/* check whether the MTU was
* exceed in the previous write
* operation */
# define BIO_CTRL_DGRAM_GET_PEER 46
# define BIO_CTRL_DGRAM_SET_PEER 44/* Destination for the data */
#define BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT 45 /* Next DTLS handshake timeout to
* adjust socket timeouts */
# define BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT 45/* Next DTLS handshake timeout
* to adjust socket timeouts */
# define BIO_CTRL_DGRAM_SET_DONT_FRAG 48
# define BIO_CTRL_DGRAM_GET_MTU_OVERHEAD 49
# ifndef OPENSSL_NO_SCTP
/* SCTP stuff */
@@ -202,8 +205,10 @@ extern "C" {
# define BIO_FLAGS_RWS (BIO_FLAGS_READ|BIO_FLAGS_WRITE|BIO_FLAGS_IO_SPECIAL)
# define BIO_FLAGS_SHOULD_RETRY 0x08
# ifndef BIO_FLAGS_UPLINK
/* "UPLINK" flag denotes file descriptors provided by application.
It defaults to 0, as most platforms don't require UPLINK interface. */
/*
* "UPLINK" flag denotes file descriptors provided by application. It
* defaults to 0, as most platforms don't require UPLINK interface.
*/
# define BIO_FLAGS_UPLINK 0
# endif
@@ -215,7 +220,8 @@ extern "C" {
# define BIO_GHBN_CTRL_FLUSH 5
/* Mostly used in the SSL BIO */
/* Not used anymore
/*-
* Not used anymore
* #define BIO_FLAGS_PROTOCOL_DELAYED_READ 0x10
* #define BIO_FLAGS_PROTOCOL_DELAYED_WRITE 0x20
* #define BIO_FLAGS_PROTOCOL_STARTUP 0x40
@@ -223,7 +229,8 @@ extern "C" {
# define BIO_FLAGS_BASE64_NO_NL 0x100
/* This is used with memory BIOs: it means we shouldn't free up or change the
/*
* This is used with memory BIOs: it means we shouldn't free up or change the
* data in any way.
*/
# define BIO_FLAGS_MEM_RDONLY 0x200
@@ -255,12 +262,16 @@ void BIO_clear_flags(BIO *b, int flags);
# define BIO_retry_type(a) BIO_test_flags(a, BIO_FLAGS_RWS)
# define BIO_should_retry(a) BIO_test_flags(a, BIO_FLAGS_SHOULD_RETRY)
/* The next three are used in conjunction with the
* BIO_should_io_special() condition. After this returns true,
* BIO *BIO_get_retry_BIO(BIO *bio, int *reason); will walk the BIO
* stack and return the 'reason' for the special and the offending BIO.
* Given a BIO, BIO_get_retry_reason(bio) will return the code. */
/* Returned from the SSL bio when the certificate retrieval code had an error */
/*
* The next three are used in conjunction with the BIO_should_io_special()
* condition. After this returns true, BIO *BIO_get_retry_BIO(BIO *bio, int
* *reason); will walk the BIO stack and return the 'reason' for the special
* and the offending BIO. Given a BIO, BIO_get_retry_reason(bio) will return
* the code.
*/
/*
* Returned from the SSL bio when the certificate retrieval code had an error
*/
# define BIO_RR_SSL_X509_LOOKUP 0x01
/* Returned from the connect BIO when a connect would have blocked */
# define BIO_RR_CONNECT 0x02
@@ -275,26 +286,30 @@ void BIO_clear_flags(BIO *b, int flags);
# define BIO_CB_GETS 0x05
# define BIO_CB_CTRL 0x06
/* The callback is called before and after the underling operation,
* The BIO_CB_RETURN flag indicates if it is after the call */
/*
* The callback is called before and after the underling operation, The
* BIO_CB_RETURN flag indicates if it is after the call
*/
# define BIO_CB_RETURN 0x80
#define BIO_CB_return(a) ((a)|BIO_CB_RETURN))
# define BIO_CB_return(a) ((a)|BIO_CB_RETURN)
# define BIO_cb_pre(a) (!((a)&BIO_CB_RETURN))
# define BIO_cb_post(a) ((a)&BIO_CB_RETURN)
long (*BIO_get_callback(const BIO *b)) (struct bio_st *,int,const char *,int, long,long);
long (*BIO_get_callback(const BIO *b)) (struct bio_st *, int, const char *,
int, long, long);
void BIO_set_callback(BIO *b,
long (*callback)(struct bio_st *,int,const char *,int, long,long));
long (*callback) (struct bio_st *, int, const char *,
int, long, long));
char *BIO_get_callback_arg(const BIO *b);
void BIO_set_callback_arg(BIO *b, char *arg);
const char *BIO_method_name(const BIO *b);
int BIO_method_type(const BIO *b);
typedef void bio_info_cb(struct bio_st *, int, const char *, int, long, long);
typedef void bio_info_cb (struct bio_st *, int, const char *, int, long,
long);
typedef struct bio_method_st
{
typedef struct bio_method_st {
int type;
const char *name;
int (*bwrite) (BIO *, const char *, int);
@@ -307,13 +322,11 @@ typedef struct bio_method_st
long (*callback_ctrl) (BIO *, int, bio_info_cb *);
} BIO_METHOD;
struct bio_st
{
struct bio_st {
BIO_METHOD *method;
/* bio, mode, argp, argi, argl, ret */
long (*callback) (struct bio_st *, int, const char *, int, long, long);
char *cb_arg; /* first argument for the callback */
int init;
int shutdown;
int flags; /* extra storage */
@@ -325,15 +338,14 @@ struct bio_st
int references;
unsigned long num_read;
unsigned long num_write;
CRYPTO_EX_DATA ex_data;
};
DECLARE_STACK_OF(BIO)
typedef struct bio_f_buffer_ctx_struct
{
/* Buffers are setup like this:
typedef struct bio_f_buffer_ctx_struct {
/*-
* Buffers are setup like this:
*
* <---------------------- size ----------------------->
* +---------------------------------------------------+
@@ -341,35 +353,33 @@ typedef struct bio_f_buffer_ctx_struct
* +---------------------------------------------------+
* <-- off --><------- len ------->
*/
/* BIO *bio; */ /* this is now in the BIO struct */
/*- BIO *bio; *//*
* this is now in the BIO struct
*/
int ibuf_size; /* how big is the input buffer */
int obuf_size; /* how big is the output buffer */
char *ibuf; /* the char array */
int ibuf_len; /* how many bytes are in it */
int ibuf_off; /* write/read offset */
char *obuf; /* the char array */
int obuf_len; /* how many bytes are in it */
int obuf_off; /* write/read offset */
} BIO_F_BUFFER_CTX;
/* Prefix and suffix callback in ASN1 BIO */
typedef int asn1_ps_func(BIO *b, unsigned char **pbuf, int *plen, void *parg);
typedef int asn1_ps_func (BIO *b, unsigned char **pbuf, int *plen,
void *parg);
# ifndef OPENSSL_NO_SCTP
/* SCTP parameter structs */
struct bio_dgram_sctp_sndinfo
{
struct bio_dgram_sctp_sndinfo {
uint16_t snd_sid;
uint16_t snd_flags;
uint32_t snd_ppid;
uint32_t snd_context;
};
struct bio_dgram_sctp_rcvinfo
{
struct bio_dgram_sctp_rcvinfo {
uint16_t rcv_sid;
uint16_t rcv_ssn;
uint16_t rcv_flags;
@@ -379,8 +389,7 @@ struct bio_dgram_sctp_rcvinfo
uint32_t rcv_context;
};
struct bio_dgram_sctp_prinfo
{
struct bio_dgram_sctp_prinfo {
uint16_t pr_policy;
uint32_t pr_value;
};
@@ -395,7 +404,9 @@ struct bio_dgram_sctp_prinfo
# define BIO_CONN_S_OK 6
# define BIO_CONN_S_BLOCKED_CONNECT 7
# define BIO_CONN_S_NBIO 8
/*#define BIO_CONN_get_param_hostname BIO_ctrl */
/*
* #define BIO_CONN_get_param_hostname BIO_ctrl
*/
# define BIO_C_SET_CONNECT 100
# define BIO_C_DO_STATE_MACHINE 101
@@ -427,7 +438,8 @@ struct bio_dgram_sctp_prinfo
# define BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT 127
# define BIO_C_FILE_SEEK 128
# define BIO_C_GET_CIPHER_CTX 129
#define BIO_C_SET_BUF_MEM_EOF_RETURN 130/*return end of input value*/
# define BIO_C_SET_BUF_MEM_EOF_RETURN 130/* return end of input
* value */
# define BIO_C_SET_BIND_MODE 131
# define BIO_C_GET_BIND_MODE 132
# define BIO_C_FILE_TELL 133
@@ -467,12 +479,11 @@ struct bio_dgram_sctp_prinfo
# define BIO_get_conn_hostname(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0)
# define BIO_get_conn_port(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1)
# define BIO_get_conn_ip(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,2)
#define BIO_get_conn_int_port(b) BIO_int_ctrl(b,BIO_C_GET_CONNECT,3,0)
# define BIO_get_conn_int_port(b) BIO_ctrl(b,BIO_C_GET_CONNECT,3,NULL)
# define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL)
/* BIO_s_accept_socket() */
/* BIO_s_accept() */
# define BIO_set_accept_port(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0,(char *)name)
# define BIO_get_accept_port(b) BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0)
/* #define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) */
@@ -485,6 +496,7 @@ struct bio_dgram_sctp_prinfo
# define BIO_set_bind_mode(b,mode) BIO_ctrl(b,BIO_C_SET_BIND_MODE,mode,NULL)
# define BIO_get_bind_mode(b,mode) BIO_ctrl(b,BIO_C_GET_BIND_MODE,0,NULL)
/* BIO_s_accept() and BIO_s_connect() */
# define BIO_do_connect(b) BIO_do_handshake(b)
# define BIO_do_accept(b) BIO_do_handshake(b)
# define BIO_do_handshake(b) BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)
@@ -504,19 +516,25 @@ struct bio_dgram_sctp_prinfo
# define BIO_get_url(b,url) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,2,(char *)(url))
# define BIO_get_no_connect_return(b) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,5,NULL)
/* BIO_s_datagram(), BIO_s_fd(), BIO_s_socket(), BIO_s_accept() and BIO_s_connect() */
# define BIO_set_fd(b,fd,c) BIO_int_ctrl(b,BIO_C_SET_FD,c,fd)
# define BIO_get_fd(b,c) BIO_ctrl(b,BIO_C_GET_FD,0,(char *)c)
/* BIO_s_file() */
# define BIO_set_fp(b,fp,c) BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,(char *)fp)
# define BIO_get_fp(b,fpp) BIO_ctrl(b,BIO_C_GET_FILE_PTR,0,(char *)fpp)
/* BIO_s_fd() and BIO_s_file() */
# define BIO_seek(b,ofs) (int)BIO_ctrl(b,BIO_C_FILE_SEEK,ofs,NULL)
# define BIO_tell(b) (int)BIO_ctrl(b,BIO_C_FILE_TELL,0,NULL)
/* name is cast to lose const, but might be better to route through a function
so we can do it safely */
/*
* name is cast to lose const, but might be better to route through a
* function so we can do it safely
*/
# ifdef CONST_STRICT
/* If you are wondering why this isn't defined, its because CONST_STRICT is
/*
* If you are wondering why this isn't defined, its because CONST_STRICT is
* purely a compile-time kludge to allow const to be checked.
*/
int BIO_read_filename(BIO *b, const char *name);
@@ -531,19 +549,21 @@ int BIO_read_filename(BIO *b,const char *name);
# define BIO_rw_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
BIO_CLOSE|BIO_FP_READ|BIO_FP_WRITE,name)
/* WARNING WARNING, this ups the reference count on the read bio of the
* SSL structure. This is because the ssl read BIO is now pointed to by
* the next_bio field in the bio. So when you free the BIO, make sure
* you are doing a BIO_free_all() to catch the underlying BIO. */
/*
* WARNING WARNING, this ups the reference count on the read bio of the SSL
* structure. This is because the ssl read BIO is now pointed to by the
* next_bio field in the bio. So when you free the BIO, make sure you are
* doing a BIO_free_all() to catch the underlying BIO.
*/
# define BIO_set_ssl(b,ssl,c) BIO_ctrl(b,BIO_C_SET_SSL,c,(char *)ssl)
# define BIO_get_ssl(b,sslp) BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)sslp)
# define BIO_set_ssl_mode(b,client) BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL)
# define BIO_set_ssl_renegotiate_bytes(b,num) \
BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL);
BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL)
# define BIO_get_num_renegotiates(b) \
BIO_ctrl(b,BIO_C_GET_SSL_NUM_RENEGOTIATES,0,NULL);
BIO_ctrl(b,BIO_C_GET_SSL_NUM_RENEGOTIATES,0,NULL)
# define BIO_set_ssl_renegotiate_timeout(b,seconds) \
BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL);
BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL)
/* defined in evp.h */
/* #define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,1,(char *)md) */
@@ -607,6 +627,8 @@ int BIO_ctrl_reset_read_request(BIO *b);
(int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_PEER, 0, (char *)peer)
# define BIO_dgram_set_peer(b,peer) \
(int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, (char *)peer)
# define BIO_dgram_get_mtu_overhead(b) \
(unsigned int)BIO_ctrl((b), BIO_CTRL_DGRAM_GET_MTU_OVERHEAD, 0, NULL)
/* These two aren't currently implemented */
/* int BIO_get_ex_num(BIO *bio); */
@@ -644,7 +666,9 @@ int BIO_write(BIO *b, const void *data, int len);
int BIO_puts(BIO *bp, const char *buf);
int BIO_indent(BIO *b, int indent, int max);
long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
long BIO_callback_ctrl(BIO *b, int cmd, void (*fp)(struct bio_st *, int, const char *, int, long, long));
long BIO_callback_ctrl(BIO *b, int cmd,
void (*fp) (struct bio_st *, int, const char *, int,
long, long));
char *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
BIO *BIO_push(BIO *b, BIO *append);
@@ -665,7 +689,7 @@ long BIO_debug_callback(BIO *bio,int cmd,const char *argp,int argi,
long argl, long ret);
BIO_METHOD *BIO_s_mem(void);
BIO *BIO_new_mem_buf(void *buf, int len);
BIO *BIO_new_mem_buf(const void *buf, int len);
BIO_METHOD *BIO_s_socket(void);
BIO_METHOD *BIO_s_connect(void);
BIO_METHOD *BIO_s_accept(void);
@@ -706,8 +730,12 @@ int BIO_dump_indent(BIO *b,const char *bytes,int len,int indent);
int BIO_dump_fp(FILE *fp, const char *s, int len);
int BIO_dump_indent_fp(FILE *fp, const char *s, int len, int indent);
# endif
int BIO_hex_string(BIO *out, int indent, int width, unsigned char *data,
int datalen);
struct hostent *BIO_gethostbyname(const char *name);
/* We might want a thread-safe interface too:
/*-
* We might want a thread-safe interface too:
* struct hostent *BIO_gethostbyname_r(const char *name,
* struct hostent *result, void *buffer, size_t buflen);
* or something similar (caller allocates a struct hostent,
@@ -732,25 +760,31 @@ BIO *BIO_new_dgram(int fd, int close_flag);
BIO *BIO_new_dgram_sctp(int fd, int close_flag);
int BIO_dgram_is_sctp(BIO *bio);
int BIO_dgram_sctp_notification_cb(BIO *b,
void (*handle_notifications)(BIO *bio, void *context, void *buf),
void (*handle_notifications) (BIO *bio,
void
*context,
void *buf),
void *context);
int BIO_dgram_sctp_wait_for_dry(BIO *b);
int BIO_dgram_sctp_msg_waiting(BIO *b);
# endif
BIO *BIO_new_fd(int fd, int close_flag);
BIO *BIO_new_connect(char *host_port);
BIO *BIO_new_accept(char *host_port);
BIO *BIO_new_connect(const char *host_port);
BIO *BIO_new_accept(const char *host_port);
int BIO_new_bio_pair(BIO **bio1, size_t writebuf1,
BIO **bio2, size_t writebuf2);
/* If successful, returns 1 and in *bio1, *bio2 two BIO pair endpoints.
* Otherwise returns 0 and sets *bio1 and *bio2 to NULL.
* Size 0 uses default value.
/*
* If successful, returns 1 and in *bio1, *bio2 two BIO pair endpoints.
* Otherwise returns 0 and sets *bio1 and *bio2 to NULL. Size 0 uses default
* value.
*/
void BIO_copy_next_retry(BIO *b);
/*long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);*/
/*
* long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);
*/
# ifdef __GNUC__
# define __bio_h__attr__ __attribute__
@@ -768,7 +802,8 @@ int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)
# undef __bio_h__attr__
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_BIO_strings(void);
@@ -802,6 +837,7 @@ void ERR_load_BIO_strings(void);
# define BIO_F_CONN_CTRL 127
# define BIO_F_CONN_STATE 115
# define BIO_F_DGRAM_SCTP_READ 132
# define BIO_F_DGRAM_SCTP_WRITE 133
# define BIO_F_FILE_CTRL 116
# define BIO_F_FILE_READ 130
# define BIO_F_LINEBUFFER_CTRL 129

15
libs/openssl/include/openssl/blowfish.h
View File

@@ -72,7 +72,7 @@ extern "C" {
# define BF_ENCRYPT 1
# define BF_DECRYPT 0
/*
/*-
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
* ! BF_LONG has to be at least 32 bits wide. If it's wider, then !
* ! BF_LONG_LOG2 has to be defined along. !
@@ -98,8 +98,7 @@ extern "C" {
# define BF_ROUNDS 16
# define BF_BLOCK 8
typedef struct bf_key_st
{
typedef struct bf_key_st {
BF_LONG P[BF_ROUNDS + 2];
BF_LONG S[4 * 256];
} BF_KEY;
@@ -116,10 +115,12 @@ void BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
const BF_KEY *key, int enc);
void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
const BF_KEY *schedule, unsigned char *ivec, int enc);
void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length,
const BF_KEY *schedule, unsigned char *ivec, int *num, int enc);
void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out, long length,
const BF_KEY *schedule, unsigned char *ivec, int *num);
void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out,
long length, const BF_KEY *schedule,
unsigned char *ivec, int *num, int enc);
void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out,
long length, const BF_KEY *schedule,
unsigned char *ivec, int *num);
const char *BF_options(void);
#ifdef __cplusplus

311
libs/openssl/include/openssl/bn.h
View File

@@ -125,6 +125,7 @@
#ifndef HEADER_BN_H
# define HEADER_BN_H
# include <limits.h>
# include <openssl/e_os2.h>
# ifndef OPENSSL_NO_FP_API
# include <stdio.h> /* FILE */
@@ -136,13 +137,13 @@
extern "C" {
#endif
/* These preprocessor symbols control various aspects of the bignum headers and
* library code. They're not defined by any "normal" configuration, as they are
* intended for development and testing purposes. NB: defining all three can be
* useful for debugging application code as well as openssl itself.
*
* BN_DEBUG - turn on various debugging alterations to the bignum code
* BN_DEBUG_RAND - uses random poisoning of unused words to trip up
/*
* These preprocessor symbols control various aspects of the bignum headers
* and library code. They're not defined by any "normal" configuration, as
* they are intended for development and testing purposes. NB: defining all
* three can be useful for debugging application code as well as openssl
* itself. BN_DEBUG - turn on various debugging alterations to the bignum
* code BN_DEBUG_RAND - uses random poisoning of unused words to trip up
* mismanagement of bignum internals. You must also define BN_DEBUG.
*/
/* #define BN_DEBUG */
@@ -154,17 +155,18 @@ extern "C" {
# define BN_RECURSION
# endif
/* This next option uses the C libraries (2 word)/(1 word) function.
* If it is not defined, I use my C version (which is slower).
* The reason for this flag is that when the particular C compiler
* library routine is used, and the library is linked with a different
* compiler, the library is missing. This mostly happens when the
* library is built with gcc and then linked using normal cc. This would
* be a common occurrence because gcc normally produces code that is
* 2 times faster than system compilers for the big number stuff.
* For machines with only one compiler (or shared libraries), this should
* be on. Again this in only really a problem on machines
* using "long long's", are 32bit, and are not using my assembler code. */
/*
* This next option uses the C libraries (2 word)/(1 word) function. If it is
* not defined, I use my C version (which is slower). The reason for this
* flag is that when the particular C compiler library routine is used, and
* the library is linked with a different compiler, the library is missing.
* This mostly happens when the library is built with gcc and then linked
* using normal cc. This would be a common occurrence because gcc normally
* produces code that is 2 times faster than system compilers for the big
* number stuff. For machines with only one compiler (or shared libraries),
* this should be on. Again this in only really a problem on machines using
* "long long's", are 32bit, and are not using my assembler code.
*/
# if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS) || \
defined(OPENSSL_SYS_WIN32) || defined(linux)
# ifndef BN_DIV2W
@@ -172,9 +174,10 @@ extern "C" {
# endif
# endif
/* assuming long is 64bit - this is the DEC Alpha
* unsigned long long is only 64 bits :-(, don't define
* BN_LLONG for the DEC Alpha */
/*
* assuming long is 64bit - this is the DEC Alpha unsigned long long is only
* 64 bits :-(, don't define BN_LLONG for the DEC Alpha
*/
# ifdef SIXTY_FOUR_BIT_LONG
# define BN_ULLONG unsigned long long
# define BN_ULONG unsigned long
@@ -197,10 +200,11 @@ extern "C" {
# define BN_HEX_FMT2 "%016lX"
# endif
/* This is where the long long data type is 64 bits, but long is 32.
* For machines where there are 64bit registers, this is the mode to use.
* IRIX, on R4000 and above should use this mode, along with the relevant
* assembler code :-). Do NOT define BN_LLONG.
/*
* This is where the long long data type is 64 bits, but long is 32. For
* machines where there are 64bit registers, this is the mode to use. IRIX,
* on R4000 and above should use this mode, along with the relevant assembler
* code :-). Do NOT define BN_LLONG.
*/
# ifdef SIXTY_FOUR_BIT
# undef BN_LLONG
@@ -253,48 +257,39 @@ extern "C" {
# define BN_HEX_FMT2 "%08X"
# endif
/* 2011-02-22 SMS.
* In various places, a size_t variable or a type cast to size_t was
* used to perform integer-only operations on pointers. This failed on
* VMS with 64-bit pointers (CC /POINTER_SIZE = 64) because size_t is
* still only 32 bits. What's needed in these cases is an integer type
* with the same size as a pointer, which size_t is not certain to be.
* The only fix here is VMS-specific.
*/
#if defined(OPENSSL_SYS_VMS)
# if __INITIAL_POINTER_SIZE == 64
# define PTR_SIZE_INT long long
# else /* __INITIAL_POINTER_SIZE == 64 */
# define PTR_SIZE_INT int
# endif /* __INITIAL_POINTER_SIZE == 64 [else] */
#else /* defined(OPENSSL_SYS_VMS) */
# define PTR_SIZE_INT size_t
#endif /* defined(OPENSSL_SYS_VMS) [else] */
# define BN_DEFAULT_BITS 1280
# define BN_FLG_MALLOCED 0x01
# define BN_FLG_STATIC_DATA 0x02
#define BN_FLG_CONSTTIME 0x04 /* avoid leaking exponent information through timing,
/*
* avoid leaking exponent information through timing,
* BN_mod_exp_mont() will call BN_mod_exp_mont_consttime,
* BN_div() will call BN_div_no_branch,
* BN_mod_inverse() will call BN_mod_inverse_no_branch.
*/
# define BN_FLG_CONSTTIME 0x04
#ifndef OPENSSL_NO_DEPRECATED
#define BN_FLG_EXP_CONSTTIME BN_FLG_CONSTTIME /* deprecated name for the flag */
/* avoid leaking exponent information through timings
* (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime) */
# ifdef OPENSSL_NO_DEPRECATED
/* deprecated name for the flag */
# define BN_FLG_EXP_CONSTTIME BN_FLG_CONSTTIME
/*
* avoid leaking exponent information through timings
* (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime)
*/
# endif
# ifndef OPENSSL_NO_DEPRECATED
#define BN_FLG_FREE 0x8000 /* used for debuging */
# define BN_FLG_FREE 0x8000
/* used for debuging */
# endif
# define BN_set_flags(b,n) ((b)->flags|=(n))
# define BN_get_flags(b,n) ((b)->flags&(n))
/* get a clone of a BIGNUM with changed flags, for *temporary* use only
* (the two BIGNUMs cannot not be used in parallel!) */
/*
* get a clone of a BIGNUM with changed flags, for *temporary* use only (the
* two BIGNUMs cannot not be used in parallel!)
*/
# define BN_with_flags(dest,b,n) ((dest)->d=(b)->d, \
(dest)->top=(b)->top, \
(dest)->dmax=(b)->dmax, \
@@ -315,9 +310,9 @@ typedef struct bn_recp_ctx_st BN_RECP_CTX;
typedef struct bn_gencb_st BN_GENCB;
# endif
struct bignum_st
{
BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit chunks. */
struct bignum_st {
BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit
* chunks. */
int top; /* Index of last used d +1. */
/* The next are internal book keeping for bn_expand. */
int dmax; /* Size of the d array. */
@@ -326,23 +321,23 @@ struct bignum_st
};
/* Used for montgomery multiplication */
struct bn_mont_ctx_st
{
struct bn_mont_ctx_st {
int ri; /* number of bits in R */
BIGNUM RR; /* used to convert to montgomery form */
BIGNUM N; /* The modulus */
BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1
* (Ni is only stored for bignum algorithm) */
BN_ULONG n0[2];/* least significant word(s) of Ni;
(type changed with 0.9.9, was "BN_ULONG n0;" before) */
BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1 (Ni is only
* stored for bignum algorithm) */
BN_ULONG n0[2]; /* least significant word(s) of Ni; (type
* changed with 0.9.9, was "BN_ULONG n0;"
* before) */
int flags;
};
/* Used for reciprocal division/mod functions
* It cannot be shared between threads
/*
* Used for reciprocal division/mod functions It cannot be shared between
* threads
*/
struct bn_recp_ctx_st
{
struct bn_recp_ctx_st {
BIGNUM N; /* the divisor */
BIGNUM Nr; /* the reciprocal */
int num_bits;
@@ -351,12 +346,10 @@ struct bn_recp_ctx_st
};
/* Used for slow "generation" functions. */
struct bn_gencb_st
{
struct bn_gencb_st {
unsigned int ver; /* To handle binary (in)compatibility */
void *arg; /* callback-specific data */
union
{
union {
/* if(ver==1) - handles old style callbacks */
void (*cb_1) (int, int, void *);
/* if(ver==2) - new callback style */
@@ -378,14 +371,17 @@ int BN_GENCB_call(BN_GENCB *cb, int a, int b);
tmp_gencb->arg = (cb_arg); \
tmp_gencb->cb.cb_2 = (callback); }
#define BN_prime_checks 0 /* default: select number of iterations
based on the size of the number */
# define BN_prime_checks 0 /* default: select number of iterations based
* on the size of the number */
/* number of Miller-Rabin iterations for an error rate of less than 2^-80
* for random 'b'-bit input, b >= 100 (taken from table 4.4 in the Handbook
* of Applied Cryptography [Menezes, van Oorschot, Vanstone; CRC Press 1996];
* original paper: Damgaard, Landrock, Pomerance: Average case error estimates
* for the strong probable prime test. -- Math. Comp. 61 (1993) 177-194) */
/*
* number of Miller-Rabin iterations for an error rate of less than 2^-80 for
* random 'b'-bit input, b >= 100 (taken from table 4.4 in the Handbook of
* Applied Cryptography [Menezes, van Oorschot, Vanstone; CRC Press 1996];
* original paper: Damgaard, Landrock, Pomerance: Average case error
* estimates for the strong probable prime test. -- Math. Comp. 61 (1993)
* 177-194)
*/
# define BN_prime_checks_for_size(b) ((b) >= 1300 ? 2 : \
(b) >= 850 ? 3 : \
(b) >= 650 ? 4 : \
@@ -468,16 +464,21 @@ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
BN_CTX *ctx);
# define BN_mod(rem,m,d,ctx) BN_div(NULL,(rem),(m),(d),(ctx))
int BN_nnmod(BIGNUM *r, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx);
int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx);
int BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m);
int BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx);
int BN_mod_sub_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m);
int BN_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
const BIGNUM *m, BN_CTX *ctx);
int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
BN_CTX *ctx);
int BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
const BIGNUM *m);
int BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
BN_CTX *ctx);
int BN_mod_sub_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
const BIGNUM *m);
int BN_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
BN_CTX *ctx);
int BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
int BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
int BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *m);
int BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m, BN_CTX *ctx);
int BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m,
BN_CTX *ctx);
int BN_mod_lshift_quick(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m);
BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w);
@@ -500,7 +501,8 @@ int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
int BN_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont);
const BIGNUM *m, BN_CTX *ctx,
BN_MONT_CTX *in_mont);
int BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
int BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1, const BIGNUM *p1,
@@ -532,7 +534,9 @@ int BN_hex2bn(BIGNUM **a, const char *str);
int BN_dec2bn(BIGNUM **a, const char *str);
int BN_asc2bn(BIGNUM **a, const char *str);
int BN_gcd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
int BN_kronecker(const BIGNUM *a,const BIGNUM *b,BN_CTX *ctx); /* returns -2 for error */
int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); /* returns
* -2 for
* error */
BIGNUM *BN_mod_inverse(BIGNUM *ret,
const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx);
BIGNUM *BN_mod_sqrt(BIGNUM *ret,
@@ -549,8 +553,8 @@ int BN_is_prime(const BIGNUM *p,int nchecks,
void (*callback) (int, int, void *),
BN_CTX *ctx, void *cb_arg);
int BN_is_prime_fasttest(const BIGNUM *p, int nchecks,
void (*callback)(int,int,void *),BN_CTX *ctx,void *cb_arg,
int do_trial_division);
void (*callback) (int, int, void *), BN_CTX *ctx,
void *cb_arg, int do_trial_division);
# endif /* !defined(OPENSSL_NO_DEPRECATED) */
/* Newer versions */
@@ -563,13 +567,12 @@ int BN_is_prime_fasttest_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx,
int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx);
int BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
const BIGNUM *Xp, const BIGNUM *Xp1, const BIGNUM *Xp2,
const BIGNUM *e, BN_CTX *ctx, BN_GENCB *cb);
int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
BIGNUM *Xp1, BIGNUM *Xp2,
const BIGNUM *Xp,
const BIGNUM *e, BN_CTX *ctx,
const BIGNUM *Xp, const BIGNUM *Xp1,
const BIGNUM *Xp2, const BIGNUM *e, BN_CTX *ctx,
BN_GENCB *cb);
int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, BIGNUM *Xp1,
BIGNUM *Xp2, const BIGNUM *Xp, const BIGNUM *e,
BN_CTX *ctx, BN_GENCB *cb);
BN_MONT_CTX *BN_MONT_CTX_new(void);
void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
@@ -595,7 +598,8 @@ int BN_BLINDING_update(BN_BLINDING *b,BN_CTX *ctx);
int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *);
int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *);
int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
BN_CTX *);
# ifndef OPENSSL_NO_DEPRECATED
unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *);
void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long);
@@ -605,8 +609,12 @@ unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx),
int (*bn_mod_exp) (BIGNUM *r,
const BIGNUM *a,
const BIGNUM *p,
const BIGNUM *m,
BN_CTX *ctx,
BN_MONT_CTX *m_ctx),
BN_MONT_CTX *m_ctx);
# ifndef OPENSSL_NO_DEPRECATED
@@ -627,61 +635,79 @@ int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
# ifndef OPENSSL_NO_EC2M
/* Functions for arithmetic over binary polynomials represented by BIGNUMs.
*
/*
* Functions for arithmetic over binary polynomials represented by BIGNUMs.
* The BIGNUM::neg property of BIGNUMs representing binary polynomials is
* ignored.
*
* Note that input arguments are not const so that their bit arrays can
* be expanded to the appropriate size if needed.
* ignored. Note that input arguments are not const so that their bit arrays
* can be expanded to the appropriate size if needed.
*/
int BN_GF2m_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); /*r = a + b*/
/*
* r = a + b
*/
int BN_GF2m_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
# define BN_GF2m_sub(r, a, b) BN_GF2m_add(r, a, b)
int BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p); /*r=a mod p*/
/*
* r=a mod p
*/
int BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p);
/* r = (a * b) mod p */
int BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
const BIGNUM *p, BN_CTX *ctx); /* r = (a * b) mod p */
int BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
BN_CTX *ctx); /* r = (a * a) mod p */
int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *b, const BIGNUM *p,
BN_CTX *ctx); /* r = (1 / b) mod p */
const BIGNUM *p, BN_CTX *ctx);
/* r = (a * a) mod p */
int BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
/* r = (1 / b) mod p */
int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *b, const BIGNUM *p, BN_CTX *ctx);
/* r = (a / b) mod p */
int BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
const BIGNUM *p, BN_CTX *ctx); /* r = (a / b) mod p */
const BIGNUM *p, BN_CTX *ctx);
/* r = (a ^ b) mod p */
int BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
const BIGNUM *p, BN_CTX *ctx); /* r = (a ^ b) mod p */
const BIGNUM *p, BN_CTX *ctx);
/* r = sqrt(a) mod p */
int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
BN_CTX *ctx); /* r = sqrt(a) mod p */
BN_CTX *ctx);
/* r^2 + r = a mod p */
int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
BN_CTX *ctx); /* r^2 + r = a mod p */
BN_CTX *ctx);
# define BN_GF2m_cmp(a, b) BN_ucmp((a), (b))
/* Some functions allow for representation of the irreducible polynomials
/*-
* Some functions allow for representation of the irreducible polynomials
* as an unsigned int[], say p. The irreducible f(t) is then of the form:
* t^p[0] + t^p[1] + ... + t^p[k]
* where m = p[0] > p[1] > ... > p[k] = 0.
*/
int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const int p[]);
/* r = a mod p */
int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const int p[]);
/* r = (a * b) mod p */
int BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
const int p[], BN_CTX *ctx); /* r = (a * b) mod p */
const int p[], BN_CTX *ctx);
/* r = (a * a) mod p */
int BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const int p[],
BN_CTX *ctx); /* r = (a * a) mod p */
BN_CTX *ctx);
/* r = (1 / b) mod p */
int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *b, const int p[],
BN_CTX *ctx); /* r = (1 / b) mod p */
BN_CTX *ctx);
/* r = (a / b) mod p */
int BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
const int p[], BN_CTX *ctx); /* r = (a / b) mod p */
const int p[], BN_CTX *ctx);
/* r = (a ^ b) mod p */
int BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
const int p[], BN_CTX *ctx); /* r = (a ^ b) mod p */
const int p[], BN_CTX *ctx);
/* r = sqrt(a) mod p */
int BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a,
const int p[], BN_CTX *ctx); /* r = sqrt(a) mod p */
const int p[], BN_CTX *ctx);
/* r^2 + r = a mod p */
int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a,
const int p[], BN_CTX *ctx); /* r^2 + r = a mod p */
const int p[], BN_CTX *ctx);
int BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max);
int BN_GF2m_arr2poly(const int p[], BIGNUM *a);
# endif
/* faster mod functions for the 'NIST primes'
* 0 <= a < p^2 */
/*
* faster mod functions for the 'NIST primes' 0 <= a < p^2
*/
int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
@@ -696,15 +722,25 @@ const BIGNUM *BN_get0_nist_prime_521(void);
/* library internal functions */
#define bn_expand(a,bits) ((((((bits+BN_BITS2-1))/BN_BITS2)) <= (a)->dmax)?\
(a):bn_expand2((a),(bits+BN_BITS2-1)/BN_BITS2))
# define bn_expand(a,bits) \
( \
bits > (INT_MAX - BN_BITS2 + 1) ? \
NULL \
: \
(((bits+BN_BITS2-1)/BN_BITS2) <= (a)->dmax) ? \
(a) \
: \
bn_expand2((a),(bits+BN_BITS2-1)/BN_BITS2) \
)
# define bn_wexpand(a,words) (((words) <= (a)->dmax)?(a):bn_expand2((a),(words)))
BIGNUM *bn_expand2(BIGNUM *a, int words);
# ifndef OPENSSL_NO_DEPRECATED
BIGNUM *bn_dup_expand(const BIGNUM *a, int words); /* unused */
# endif
/* Bignum consistency macros
/*-
* Bignum consistency macros
* There is one "API" macro, bn_fix_top(), for stripping leading zeroes from
* bignum data after direct manipulations on the data. There is also an
* "internal" macro, bn_check_top(), for verifying that there are no leading
@@ -753,6 +789,7 @@ int RAND_pseudo_bytes(unsigned char *buf,int num);
* wouldn't be constructed with top!=dmax. */ \
BN_ULONG *_not_const; \
memcpy(&_not_const, &_bnum1->d, sizeof(BN_ULONG*)); \
/* Debug only - safe to ignore error return */ \
RAND_pseudo_bytes(&_tmp_char, 1); \
memset((unsigned char *)(_not_const + _bnum1->top), _tmp_char, \
(_bnum1->dmax - _bnum1->top) * sizeof(BN_ULONG)); \
@@ -780,7 +817,9 @@ int RAND_pseudo_bytes(unsigned char *buf,int num);
# define bn_wcheck_size(bn, words) \
do { \
const BIGNUM *_bnum2 = (bn); \
assert(words <= (_bnum2)->dmax && words >= (_bnum2)->top); \
assert((words) <= (_bnum2)->dmax && (words) >= (_bnum2)->top); \
/* avoid unused variable warning with NDEBUG */ \
(void)(_bnum2); \
} while(0)
# else /* !BN_DEBUG */
@@ -803,15 +842,20 @@ int RAND_pseudo_bytes(unsigned char *buf,int num);
if (*(ftl--)) break; \
(a)->top = tmp_top; \
} \
if ((a)->top == 0) \
(a)->neg = 0; \
bn_pollute(a); \
}
BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w);
BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num,
BN_ULONG w);
BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w);
void bn_sqr_words(BN_ULONG *rp, const BN_ULONG *ap, int num);
BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d);
BN_ULONG bn_add_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int num);
BN_ULONG bn_sub_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int num);
BN_ULONG bn_add_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
int num);
BN_ULONG bn_sub_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
int num);
/* Primes from RFC 2409 */
BIGNUM *get_rfc2409_prime_768(BIGNUM *bn);
@@ -828,7 +872,8 @@ BIGNUM *get_rfc3526_prime_8192(BIGNUM *bn);
int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom);
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_BN_strings(void);
@@ -860,6 +905,7 @@ void ERR_load_BN_strings(void);
# define BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR 135
# define BN_F_BN_GF2M_MOD_SQR 136
# define BN_F_BN_GF2M_MOD_SQRT 137
# define BN_F_BN_LSHIFT 145
# define BN_F_BN_MOD_EXP2_MONT 118
# define BN_F_BN_MOD_EXP_MONT 109
# define BN_F_BN_MOD_EXP_MONT_CONSTTIME 124
@@ -875,12 +921,14 @@ void ERR_load_BN_strings(void);
# define BN_F_BN_NEW 113
# define BN_F_BN_RAND 114
# define BN_F_BN_RAND_RANGE 122
# define BN_F_BN_RSHIFT 146
# define BN_F_BN_USUB 115
/* Reason codes. */
# define BN_R_ARG2_LT_ARG3 100
# define BN_R_BAD_RECIPROCAL 101
# define BN_R_BIGNUM_TOO_LONG 114
# define BN_R_BITS_TOO_SMALL 118
# define BN_R_CALLED_WITH_EVEN_MODULUS 102
# define BN_R_DIV_BY_ZERO 103
# define BN_R_ENCODING_ERROR 104
@@ -888,6 +936,7 @@ void ERR_load_BN_strings(void);
# define BN_R_INPUT_NOT_REDUCED 110
# define BN_R_INVALID_LENGTH 106
# define BN_R_INVALID_RANGE 115
# define BN_R_INVALID_SHIFT 119
# define BN_R_NOT_A_SQUARE 111
# define BN_R_NOT_INITIALIZED 107
# define BN_R_NO_INVERSE 108

14
libs/openssl/include/openssl/buffer.h
View File

@@ -74,8 +74,7 @@ extern "C" {
/* Already declared in ossl_typ.h */
/* typedef struct buf_mem_st BUF_MEM; */
struct buf_mem_st
{
struct buf_mem_st {
size_t length; /* current number of bytes */
char *data;
size_t max; /* size of buffer */
@@ -85,8 +84,15 @@ BUF_MEM *BUF_MEM_new(void);
void BUF_MEM_free(BUF_MEM *a);
int BUF_MEM_grow(BUF_MEM *str, size_t len);
int BUF_MEM_grow_clean(BUF_MEM *str, size_t len);
size_t BUF_strnlen(const char *str, size_t maxlen);
char *BUF_strdup(const char *str);
/*
* Like strndup, but in addition, explicitly guarantees to never read past the
* first |siz| bytes of |str|.
*/
char *BUF_strndup(const char *str, size_t siz);
void *BUF_memdup(const void *data, size_t siz);
void BUF_reverse(unsigned char *out, const unsigned char *in, size_t siz);
@@ -94,9 +100,9 @@ void BUF_reverse(unsigned char *out, const unsigned char *in, size_t siz);
size_t BUF_strlcpy(char *dst, const char *src, size_t siz);
size_t BUF_strlcat(char *dst, const char *src, size_t siz);
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_BUF_strings(void);

14
libs/openssl/include/openssl/camellia.h
View File

@@ -1,4 +1,4 @@
/* crypto/camellia/camellia.h -*- mode:C; c-file-style: "eay" -*- */
/* crypto/camellia/camellia.h */
/* ====================================================================
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
*
@@ -63,8 +63,10 @@
# define CAMELLIA_ENCRYPT 1
# define CAMELLIA_DECRYPT 0
/* Because array size can't be a const in C, the following two are macros.
Both sizes are in bytes. */
/*
* Because array size can't be a const in C, the following two are macros.
* Both sizes are in bytes.
*/
#ifdef __cplusplus
extern "C" {
@@ -76,10 +78,10 @@ extern "C" {
# define CAMELLIA_TABLE_BYTE_LEN 272
# define CAMELLIA_TABLE_WORD_LEN (CAMELLIA_TABLE_BYTE_LEN / 4)
typedef unsigned int KEY_TABLE_TYPE[CAMELLIA_TABLE_WORD_LEN]; /* to match with WORD */
typedef unsigned int KEY_TABLE_TYPE[CAMELLIA_TABLE_WORD_LEN]; /* to match
* with WORD */
struct camellia_key_st
{
struct camellia_key_st {
union {
double d; /* ensures 64-bit align */
KEY_TABLE_TYPE rd_key;

20
libs/openssl/include/openssl/cast.h
View File

@@ -77,8 +77,7 @@ extern "C" {
# define CAST_BLOCK 8
# define CAST_KEY_LENGTH 16
typedef struct cast_key_st
{
typedef struct cast_key_st {
CAST_LONG data[32];
int short_key; /* Use reduced rounds for short key */
} CAST_KEY;
@@ -87,18 +86,19 @@ typedef struct cast_key_st
void private_CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
# endif
void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out, const CAST_KEY *key,
int enc);
void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out,
const CAST_KEY *key, int enc);
void CAST_encrypt(CAST_LONG *data, const CAST_KEY *key);
void CAST_decrypt(CAST_LONG *data, const CAST_KEY *key);
void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
const CAST_KEY *ks, unsigned char *iv, int enc);
void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out,
long length, const CAST_KEY *ks, unsigned char *iv,
int enc);
void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out,
long length, const CAST_KEY *schedule, unsigned char *ivec,
int *num, int enc);
long length, const CAST_KEY *schedule,
unsigned char *ivec, int *num, int enc);
void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out,
long length, const CAST_KEY *schedule, unsigned char *ivec,
int *num);
long length, const CAST_KEY *schedule,
unsigned char *ivec, int *num);
#ifdef __cplusplus
}

4
libs/openssl/include/openssl/cmac.h
View File

@@ -1,5 +1,6 @@
/* crypto/cmac/cmac.h */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
*/
/* ====================================================================
@@ -51,7 +52,6 @@
* ====================================================================
*/
#ifndef HEADER_CMAC_H
# define HEADER_CMAC_H

98
libs/openssl/include/openssl/cms.h
View File

@@ -1,5 +1,6 @@
/* crypto/cms/cms.h */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
*/
/* ====================================================================
@@ -51,7 +52,6 @@
* ====================================================================
*/
#ifndef HEADER_CMS_H
# define HEADER_CMS_H
@@ -65,7 +65,6 @@
extern "C" {
#endif
typedef struct CMS_ContentInfo_st CMS_ContentInfo;
typedef struct CMS_SignerInfo_st CMS_SignerInfo;
typedef struct CMS_CertificateChoices CMS_CertificateChoices;
@@ -73,9 +72,12 @@ typedef struct CMS_RevocationInfoChoice_st CMS_RevocationInfoChoice;
typedef struct CMS_RecipientInfo_st CMS_RecipientInfo;
typedef struct CMS_ReceiptRequest_st CMS_ReceiptRequest;
typedef struct CMS_Receipt_st CMS_Receipt;
typedef struct CMS_RecipientEncryptedKey_st CMS_RecipientEncryptedKey;
typedef struct CMS_OtherKeyAttribute_st CMS_OtherKeyAttribute;
DECLARE_STACK_OF(CMS_SignerInfo)
DECLARE_STACK_OF(GENERAL_NAMES)
DECLARE_STACK_OF(CMS_RecipientEncryptedKey)
DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
DECLARE_ASN1_FUNCTIONS(CMS_ReceiptRequest)
DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
@@ -83,6 +85,7 @@ DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
# define CMS_SIGNERINFO_ISSUER_SERIAL 0
# define CMS_SIGNERINFO_KEYIDENTIFIER 1
# define CMS_RECIPINFO_NONE -1
# define CMS_RECIPINFO_TRANS 0
# define CMS_RECIPINFO_AGREE 1
# define CMS_RECIPINFO_KEK 2
@@ -112,6 +115,7 @@ DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
# define CMS_REUSE_DIGEST 0x8000
# define CMS_USE_KEYID 0x10000
# define CMS_DEBUG_DECRYPT 0x20000
# define CMS_KEY_PARAM 0x40000
const ASN1_OBJECT *CMS_get0_type(CMS_ContentInfo *cms);
@@ -125,26 +129,27 @@ int CMS_set_detached(CMS_ContentInfo *cms, int detached);
# ifdef HEADER_PEM_H
DECLARE_PEM_rw_const(CMS, CMS_ContentInfo)
# endif
int CMS_stream(unsigned char ***boundary, CMS_ContentInfo *cms);
CMS_ContentInfo *d2i_CMS_bio(BIO *bp, CMS_ContentInfo **cms);
int i2d_CMS_bio(BIO *bp, CMS_ContentInfo *cms);
BIO *BIO_new_CMS(BIO *out, CMS_ContentInfo *cms);
int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags);
int PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags);
int PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *in,
int flags);
CMS_ContentInfo *SMIME_read_CMS(BIO *bio, BIO **bcont);
int SMIME_write_CMS(BIO *bio, CMS_ContentInfo *cms, BIO *data, int flags);
int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont, unsigned int flags);
int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont,
unsigned int flags);
CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
BIO *data, unsigned int flags);
CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey,
STACK_OF(X509) *certs, BIO *data,
unsigned int flags);
CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
X509 *signcert, EVP_PKEY *pkey,
STACK_OF(X509) *certs,
unsigned int flags);
STACK_OF(X509) *certs, unsigned int flags);
int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags);
CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags);
@@ -159,8 +164,8 @@ int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms,
BIO *dcont, BIO *out, unsigned int flags);
CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
const unsigned char *key, size_t keylen,
unsigned int flags);
const unsigned char *key,
size_t keylen, unsigned int flags);
int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph,
const unsigned char *key, size_t keylen);
@@ -178,8 +183,7 @@ CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in,
const EVP_CIPHER *cipher, unsigned int flags);
int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pkey, X509 *cert,
BIO *dcont, BIO *out,
unsigned int flags);
BIO *dcont, BIO *out, unsigned int flags);
int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert);
int CMS_decrypt_set1_key(CMS_ContentInfo *cms,
@@ -190,6 +194,7 @@ int CMS_decrypt_set1_password(CMS_ContentInfo *cms,
STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
EVP_PKEY_CTX *CMS_RecipientInfo_get0_pkey_ctx(CMS_RecipientInfo *ri);
CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher);
CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms,
X509 *recip, unsigned int flags);
@@ -200,7 +205,8 @@ int CMS_RecipientInfo_ktri_get0_algs(CMS_RecipientInfo *ri,
X509_ALGOR **palg);
int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri,
ASN1_OCTET_STRING **keyid,
X509_NAME **issuer, ASN1_INTEGER **sno);
X509_NAME **issuer,
ASN1_INTEGER **sno);
CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid,
unsigned char *key, size_t keylen,
@@ -227,12 +233,14 @@ int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri,
ossl_ssize_t passlen);
CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
int iter, int wrap_nid, int pbe_nid,
int iter, int wrap_nid,
int pbe_nid,
unsigned char *pass,
ossl_ssize_t passlen,
const EVP_CIPHER *kekciph);
int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
unsigned int flags);
@@ -255,6 +263,8 @@ int CMS_SignedData_init(CMS_ContentInfo *cms);
CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
X509 *signer, EVP_PKEY *pk, const EVP_MD *md,
unsigned int flags);
EVP_PKEY_CTX *CMS_SignerInfo_get0_pkey_ctx(CMS_SignerInfo *si);
EVP_MD_CTX *CMS_SignerInfo_get0_md_ctx(CMS_SignerInfo *si);
STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms);
void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer);
@@ -264,8 +274,10 @@ int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si,
int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert);
int CMS_set1_signers_certs(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
unsigned int flags);
void CMS_SignerInfo_get0_algs(CMS_SignerInfo *si, EVP_PKEY **pk, X509 **signer,
X509_ALGOR **pdig, X509_ALGOR **psig);
void CMS_SignerInfo_get0_algs(CMS_SignerInfo *si, EVP_PKEY **pk,
X509 **signer, X509_ALGOR **pdig,
X509_ALGOR **psig);
ASN1_OCTET_STRING *CMS_SignerInfo_get0_signature(CMS_SignerInfo *si);
int CMS_SignerInfo_sign(CMS_SignerInfo *si);
int CMS_SignerInfo_verify(CMS_SignerInfo *si);
int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain);
@@ -320,19 +332,50 @@ void *CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr);
CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
int allorfirst,
STACK_OF(GENERAL_NAMES) *receiptList,
STACK_OF(GENERAL_NAMES) *receiptsTo);
STACK_OF(GENERAL_NAMES)
*receiptList, STACK_OF(GENERAL_NAMES)
*receiptsTo);
int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr);
void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr,
ASN1_STRING **pcid,
int *pallorfirst,
STACK_OF(GENERAL_NAMES) **plist,
STACK_OF(GENERAL_NAMES) **prto);
# endif
int CMS_RecipientInfo_kari_get0_alg(CMS_RecipientInfo *ri,
X509_ALGOR **palg,
ASN1_OCTET_STRING **pukm);
STACK_OF(CMS_RecipientEncryptedKey)
*CMS_RecipientInfo_kari_get0_reks(CMS_RecipientInfo *ri);
int CMS_RecipientInfo_kari_get0_orig_id(CMS_RecipientInfo *ri,
X509_ALGOR **pubalg,
ASN1_BIT_STRING **pubkey,
ASN1_OCTET_STRING **keyid,
X509_NAME **issuer,
ASN1_INTEGER **sno);
int CMS_RecipientInfo_kari_orig_id_cmp(CMS_RecipientInfo *ri, X509 *cert);
int CMS_RecipientEncryptedKey_get0_id(CMS_RecipientEncryptedKey *rek,
ASN1_OCTET_STRING **keyid,
ASN1_GENERALIZEDTIME **tm,
CMS_OtherKeyAttribute **other,
X509_NAME **issuer, ASN1_INTEGER **sno);
int CMS_RecipientEncryptedKey_cert_cmp(CMS_RecipientEncryptedKey *rek,
X509 *cert);
int CMS_RecipientInfo_kari_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pk);
EVP_CIPHER_CTX *CMS_RecipientInfo_kari_get0_ctx(CMS_RecipientInfo *ri);
int CMS_RecipientInfo_kari_decrypt(CMS_ContentInfo *cms,
CMS_RecipientInfo *ri,
CMS_RecipientEncryptedKey *rek);
int CMS_SharedInfo_encode(unsigned char **pder, X509_ALGOR *kekalg,
ASN1_OCTET_STRING *ukm, int keylen);
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_CMS_strings(void);
@@ -373,6 +416,7 @@ void ERR_load_CMS_strings(void);
# define CMS_F_CMS_ENVELOPEDDATA_CREATE 124
# define CMS_F_CMS_ENVELOPEDDATA_INIT_BIO 125
# define CMS_F_CMS_ENVELOPED_DATA_INIT 126
# define CMS_F_CMS_ENV_ASN1_CTRL 171
# define CMS_F_CMS_FINAL 127
# define CMS_F_CMS_GET0_CERTIFICATE_CHOICES 128
# define CMS_F_CMS_GET0_CONTENT 129
@@ -384,6 +428,12 @@ void ERR_load_CMS_strings(void);
# define CMS_F_CMS_RECEIPTREQUEST_CREATE0 159
# define CMS_F_CMS_RECEIPT_VERIFY 160
# define CMS_F_CMS_RECIPIENTINFO_DECRYPT 134
# define CMS_F_CMS_RECIPIENTINFO_ENCRYPT 169
# define CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT 178
# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG 175
# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID 173
# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_REKS 172
# define CMS_F_CMS_RECIPIENTINFO_KARI_ORIG_ID_CMP 174
# define CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT 135
# define CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT 136
# define CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID 137
@@ -397,6 +447,9 @@ void ERR_load_CMS_strings(void);
# define CMS_F_CMS_RECIPIENTINFO_SET0_KEY 144
# define CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD 168
# define CMS_F_CMS_RECIPIENTINFO_SET0_PKEY 145
# define CMS_F_CMS_SD_ASN1_CTRL 170
# define CMS_F_CMS_SET1_IAS 176
# define CMS_F_CMS_SET1_KEYID 177
# define CMS_F_CMS_SET1_SIGNERIDENTIFIER 146
# define CMS_F_CMS_SET_DETACHED 147
# define CMS_F_CMS_SIGN 148
@@ -448,6 +501,7 @@ void ERR_load_CMS_strings(void);
# define CMS_R_NOT_A_SIGNED_RECEIPT 165
# define CMS_R_NOT_ENCRYPTED_DATA 122
# define CMS_R_NOT_KEK 123
# define CMS_R_NOT_KEY_AGREEMENT 181
# define CMS_R_NOT_KEY_TRANSPORT 124
# define CMS_R_NOT_PWRI 177
# define CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 125

21
libs/openssl/include/openssl/comp.h
View File

@@ -4,14 +4,17 @@
# include <openssl/crypto.h>
# ifdef OPENSSL_NO_COMP
# error COMP is disabled.
# endif
#ifdef __cplusplus
extern "C" {
#endif
typedef struct comp_ctx_st COMP_CTX;
typedef struct comp_method_st
{
struct comp_method_st {
int type; /* NID for compression library */
const char *name; /* A text string to identify the library */
int (*init) (COMP_CTX *ctx);
@@ -22,23 +25,22 @@ typedef struct comp_method_st
int (*expand) (COMP_CTX *ctx,
unsigned char *out, unsigned int olen,
unsigned char *in, unsigned int ilen);
/* The following two do NOTHING, but are kept for backward compatibility */
/*
* The following two do NOTHING, but are kept for backward compatibility
*/
long (*ctrl) (void);
long (*callback_ctrl) (void);
} COMP_METHOD;
};
struct comp_ctx_st
{
struct comp_ctx_st {
COMP_METHOD *meth;
unsigned long compress_in;
unsigned long compress_out;
unsigned long expand_in;
unsigned long expand_out;
CRYPTO_EX_DATA ex_data;
};
COMP_CTX *COMP_CTX_new(COMP_METHOD *meth);
void COMP_CTX_free(COMP_CTX *ctx);
int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen,
@@ -56,7 +58,8 @@ BIO_METHOD *BIO_f_zlib(void);
# endif
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_COMP_strings(void);

35
libs/openssl/include/openssl/conf.h
View File

@@ -71,8 +71,7 @@
extern "C" {
#endif
typedef struct
{
typedef struct {
char *section;
char *name;
char *value;
@@ -85,8 +84,7 @@ struct conf_st;
struct conf_method_st;
typedef struct conf_method_st CONF_METHOD;
struct conf_method_st
{
struct conf_method_st {
const char *name;
CONF *(*create) (CONF_METHOD *meth);
int (*init) (CONF *conf);
@@ -126,7 +124,8 @@ LHASH_OF(CONF_VALUE) *CONF_load(LHASH_OF(CONF_VALUE) *conf,const char *file,
LHASH_OF(CONF_VALUE) *CONF_load_fp(LHASH_OF(CONF_VALUE) *conf, FILE *fp,
long *eline);
# endif
LHASH_OF(CONF_VALUE) *CONF_load_bio(LHASH_OF(CONF_VALUE) *conf, BIO *bp,long *eline);
LHASH_OF(CONF_VALUE) *CONF_load_bio(LHASH_OF(CONF_VALUE) *conf, BIO *bp,
long *eline);
STACK_OF(CONF_VALUE) *CONF_get_section(LHASH_OF(CONF_VALUE) *conf,
const char *section);
char *CONF_get_string(LHASH_OF(CONF_VALUE) *conf, const char *group,
@@ -140,11 +139,12 @@ int CONF_dump_bio(LHASH_OF(CONF_VALUE) *conf, BIO *out);
void OPENSSL_config(const char *config_name);
void OPENSSL_no_config(void);
/* New conf code. The semantics are different from the functions above.
If that wasn't the case, the above functions would have been replaced */
/*
* New conf code. The semantics are different from the functions above. If
* that wasn't the case, the above functions would have been replaced
*/
struct conf_st
{
struct conf_st {
CONF_METHOD *meth;
void *meth_data;
LHASH_OF(CONF_VALUE) *data;
@@ -153,7 +153,8 @@ struct conf_st
CONF *NCONF_new(CONF_METHOD *meth);
CONF_METHOD *NCONF_default(void);
CONF_METHOD *NCONF_WIN32(void);
#if 0 /* Just to give you an idea of what I have in mind */
# if 0 /* Just to give you an idea of what I have in
* mind */
CONF_METHOD *NCONF_XML(void);
# endif
void NCONF_free(CONF *conf);
@@ -164,15 +165,16 @@ int NCONF_load(CONF *conf,const char *file,long *eline);
int NCONF_load_fp(CONF *conf, FILE *fp, long *eline);
# endif
int NCONF_load_bio(CONF *conf, BIO *bp, long *eline);
STACK_OF(CONF_VALUE) *NCONF_get_section(const CONF *conf,const char *section);
STACK_OF(CONF_VALUE) *NCONF_get_section(const CONF *conf,
const char *section);
char *NCONF_get_string(const CONF *conf, const char *group, const char *name);
int NCONF_get_number_e(const CONF *conf, const char *group, const char *name,
long *result);
int NCONF_dump_fp(const CONF *conf, FILE *out);
int NCONF_dump_bio(const CONF *conf, BIO *out);
#if 0 /* The following function has no error checking,
and should therefore be avoided */
# if 0 /* The following function has no error
* checking, and should therefore be avoided */
long NCONF_get_number(CONF *conf, char *group, char *name);
# else
# define NCONF_get_number(c,g,n,r) NCONF_get_number_e(c,g,n,r)
@@ -203,12 +205,14 @@ void CONF_module_set_usr_data(CONF_MODULE *pmod, void *usr_data);
char *CONF_get1_default_config_file(void);
int CONF_parse_list(const char *list, int sep, int nospc,
int (*list_cb)(const char *elem, int len, void *usr), void *arg);
int (*list_cb) (const char *elem, int len, void *usr),
void *arg);
void OPENSSL_load_builtin_modules(void);
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_CONF_strings(void);
@@ -255,6 +259,7 @@ void ERR_load_CONF_strings(void);
# define CONF_R_NO_VALUE 108
# define CONF_R_UNABLE_TO_CREATE_NEW_SECTION 103
# define CONF_R_UNKNOWN_MODULE_NAME 113
# define CONF_R_VARIABLE_EXPANSION_TOO_LONG 116
# define CONF_R_VARIABLE_HAS_NO_VALUE 104
#ifdef __cplusplus

4
libs/openssl/include/openssl/conf_api.h
View File

@@ -77,7 +77,8 @@ STACK_OF(CONF_VALUE) *_CONF_get_section_values(const CONF *conf,
int _CONF_add_string(CONF *conf, CONF_VALUE *section, CONF_VALUE *value);
char *_CONF_get_string(const CONF *conf, const char *section,
const char *name);
long _CONF_get_number(const CONF *conf, const char *section, const char *name);
long _CONF_get_number(const CONF *conf, const char *section,
const char *name);
int _CONF_new_data(CONF *conf);
void _CONF_free_data(CONF *conf);
@@ -86,4 +87,3 @@ void _CONF_free_data(CONF *conf);
}
#endif
#endif

232
libs/openssl/include/openssl/crypto.h
View File

@@ -134,8 +134,10 @@
# include <openssl/ebcdic.h>
# endif
/* Resolve problems on some operating systems with symbol names that clash
one way or another */
/*
* Resolve problems on some operating systems with symbol names that clash
* one way or another
*/
# include <openssl/symhacks.h>
#ifdef __cplusplus
@@ -143,8 +145,10 @@ extern "C" {
#endif
/* Backward compatibility to SSLeay */
/* This is more to be used to check the correct DLL is being used
* in the MS world. */
/*
* This is more to be used to check the correct DLL is being used in the MS
* world.
*/
# define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER
# define SSLEAY_VERSION 0
/* #define SSLEAY_OPTIONS 1 no longer supported */
@@ -163,21 +167,21 @@ typedef int CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
typedef void CRYPTO_EX_free (void *parent, void *ptr, CRYPTO_EX_DATA *ad,
int idx, long argl, void *argp);
/* Called when we need to dup an object */
typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d,
int idx, long argl, void *argp);
typedef int CRYPTO_EX_dup (CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from,
void *from_d, int idx, long argl, void *argp);
# endif
/* A generic structure to pass assorted data in a expandable way */
typedef struct openssl_item_st
{
typedef struct openssl_item_st {
int code;
void *value; /* Not used for flag attributes */
size_t value_size; /* Max size of value for output, length for input */
size_t value_size; /* Max size of value for output, length for
* input */
size_t *value_length; /* Returned length of value for output */
} OPENSSL_ITEM;
/* When changing the CRYPTO_LOCK_* list, be sure to maintin the text lock
/*
* When changing the CRYPTO_LOCK_* list, be sure to maintin the text lock
* names in cryptlib.c
*/
@@ -249,27 +253,31 @@ typedef struct openssl_item_st
# define CRYPTO_add(a,b,c) ((*(a))+=(b))
# endif
/* Some applications as well as some parts of OpenSSL need to allocate
and deallocate locks in a dynamic fashion. The following typedef
makes this possible in a type-safe manner. */
/*
* Some applications as well as some parts of OpenSSL need to allocate and
* deallocate locks in a dynamic fashion. The following typedef makes this
* possible in a type-safe manner.
*/
/* struct CRYPTO_dynlock_value has to be defined by the application. */
typedef struct
{
typedef struct {
int references;
struct CRYPTO_dynlock_value *data;
} CRYPTO_dynlock;
/* The following can be used to detect memory leaks in the SSLeay library.
* It used, it turns on malloc checking */
/*
* The following can be used to detect memory leaks in the SSLeay library. It
* used, it turns on malloc checking
*/
# define CRYPTO_MEM_CHECK_OFF 0x0/* an enume */
# define CRYPTO_MEM_CHECK_ON 0x1/* a bit */
# define CRYPTO_MEM_CHECK_ENABLE 0x2/* a bit */
# define CRYPTO_MEM_CHECK_DISABLE 0x3/* an enume */
/* The following are bit values to turn on or off options connected to the
* malloc checking functionality */
/*
* The following are bit values to turn on or off options connected to the
* malloc checking functionality
*/
/* Adds time to the memory checking information */
# define V_CRYPTO_MDEBUG_TIME 0x1/* a bit */
@@ -278,22 +286,22 @@ typedef struct
# define V_CRYPTO_MDEBUG_ALL (V_CRYPTO_MDEBUG_TIME | V_CRYPTO_MDEBUG_THREAD)
/* predec of the BIO type */
typedef struct bio_st BIO_dummy;
struct crypto_ex_data_st
{
struct crypto_ex_data_st {
STACK_OF(void) *sk;
int dummy; /* gcc is screwing up this data structure :-( */
/* gcc is screwing up this data structure :-( */
int dummy;
};
DECLARE_STACK_OF(void)
/* This stuff is basically class callback functions
* The current classes are SSL_CTX, SSL, SSL_SESSION, and a few more */
/*
* This stuff is basically class callback functions The current classes are
* SSL_CTX, SSL, SSL_SESSION, and a few more
*/
typedef struct crypto_ex_data_func_st
{
typedef struct crypto_ex_data_func_st {
long argl; /* Arbitary long */
void *argp; /* Arbitary void * */
CRYPTO_EX_new *new_func;
@@ -303,7 +311,8 @@ typedef struct crypto_ex_data_func_st
DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS)
/* Per class, we have a STACK of CRYPTO_EX_DATA_FUNCS for each CRYPTO_EX_DATA
/*
* Per class, we have a STACK of CRYPTO_EX_DATA_FUNCS for each CRYPTO_EX_DATA
* entry.
*/
@@ -324,14 +333,16 @@ DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS)
# define CRYPTO_EX_INDEX_COMP 14
# define CRYPTO_EX_INDEX_STORE 15
/* Dynamically assigned indexes start from this value (don't use directly, use
* via CRYPTO_ex_data_new_class). */
/*
* Dynamically assigned indexes start from this value (don't use directly,
* use via CRYPTO_ex_data_new_class).
*/
# define CRYPTO_EX_INDEX_USER 100
/* This is the default callbacks, but we can have others as well:
* this is needed in Win32 where the application malloc and the
* library malloc may not be the same.
/*
* This is the default callbacks, but we can have others as well: this is
* needed in Win32 where the application malloc and the library malloc may
* not be the same.
*/
# define CRYPTO_malloc_init() CRYPTO_set_mem_functions(\
malloc, realloc, free)
@@ -342,8 +353,10 @@ DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS)
# endif
# endif
/* Set standard debugging functions (not done by default
* unless CRYPTO_MDEBUG is defined) */
/*
* Set standard debugging functions (not done by default unless CRYPTO_MDEBUG
* is defined)
*/
# define CRYPTO_malloc_debug_init() do {\
CRYPTO_set_mem_debug_functions(\
CRYPTO_dbg_malloc,\
@@ -380,7 +393,6 @@ int CRYPTO_is_mem_check_on(void);
CRYPTO_malloc_locked((int)num,__FILE__,__LINE__)
# define OPENSSL_free_locked(addr) CRYPTO_free_locked(addr)
const char *SSLeay_version(int type);
unsigned long SSLeay(void);
@@ -398,18 +410,24 @@ int CRYPTO_ex_data_new_class(void);
int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp,
CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
CRYPTO_EX_free *free_func);
/* Initialise/duplicate/free CRYPTO_EX_DATA variables corresponding to a given
* class (invokes whatever per-class callbacks are applicable) */
/*
* Initialise/duplicate/free CRYPTO_EX_DATA variables corresponding to a
* given class (invokes whatever per-class callbacks are applicable)
*/
int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad);
int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to,
CRYPTO_EX_DATA *from);
void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad);
/* Get/set data in a CRYPTO_EX_DATA variable corresponding to a particular index
* (relative to the class type involved) */
/*
* Get/set data in a CRYPTO_EX_DATA variable corresponding to a particular
* index (relative to the class type involved)
*/
int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val);
void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad, int idx);
/* This function cleans up all "ex_data" state. It mustn't be called under
* potential race-conditions. */
/*
* This function cleans up all "ex_data" state. It mustn't be called under
* potential race-conditions.
*/
void CRYPTO_cleanup_all_ex_data(void);
int CRYPTO_get_new_lockid(char *name);
@@ -418,16 +436,16 @@ int CRYPTO_num_locks(void); /* return CRYPTO_NUM_LOCKS (shared libs!) */
void CRYPTO_lock(int mode, int type, const char *file, int line);
void CRYPTO_set_locking_callback(void (*func) (int mode, int type,
const char *file, int line));
void (*CRYPTO_get_locking_callback(void))(int mode,int type,const char *file,
int line);
void CRYPTO_set_add_lock_callback(int (*func)(int *num,int mount,int type,
void (*CRYPTO_get_locking_callback(void)) (int mode, int type,
const char *file, int line);
void CRYPTO_set_add_lock_callback(int (*func)
(int *num, int mount, int type,
const char *file, int line));
int (*CRYPTO_get_add_lock_callback(void)) (int *num, int mount, int type,
const char *file, int line);
/* Don't use this structure directly. */
typedef struct crypto_threadid_st
{
typedef struct crypto_threadid_st {
void *ptr;
unsigned long val;
} CRYPTO_THREADID;
@@ -453,39 +471,63 @@ int CRYPTO_add_lock(int *pointer,int amount,int type, const char *file,
int CRYPTO_get_new_dynlockid(void);
void CRYPTO_destroy_dynlockid(int i);
struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i);
void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *(*dyn_create_function)(const char *file, int line));
void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function)(int mode, struct CRYPTO_dynlock_value *l, const char *file, int line));
void CRYPTO_set_dynlock_destroy_callback(void (*dyn_destroy_function)(struct CRYPTO_dynlock_value *l, const char *file, int line));
struct CRYPTO_dynlock_value *(*CRYPTO_get_dynlock_create_callback(void))(const char *file,int line);
void (*CRYPTO_get_dynlock_lock_callback(void))(int mode, struct CRYPTO_dynlock_value *l, const char *file,int line);
void (*CRYPTO_get_dynlock_destroy_callback(void))(struct CRYPTO_dynlock_value *l, const char *file,int line);
void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value
*(*dyn_create_function) (const char
*file,
int line));
void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function)
(int mode,
struct CRYPTO_dynlock_value *l,
const char *file, int line));
void CRYPTO_set_dynlock_destroy_callback(void (*dyn_destroy_function)
(struct CRYPTO_dynlock_value *l,
const char *file, int line));
struct CRYPTO_dynlock_value
*(*CRYPTO_get_dynlock_create_callback(void)) (const char *file, int line);
void (*CRYPTO_get_dynlock_lock_callback(void)) (int mode,
struct CRYPTO_dynlock_value
*l, const char *file,
int line);
void (*CRYPTO_get_dynlock_destroy_callback(void)) (struct CRYPTO_dynlock_value
*l, const char *file,
int line);
/* CRYPTO_set_mem_functions includes CRYPTO_set_locked_mem_functions --
* call the latter last if you need different functions */
int CRYPTO_set_mem_functions(void *(*m)(size_t),void *(*r)(void *,size_t), void (*f)(void *));
int CRYPTO_set_locked_mem_functions(void *(*m)(size_t), void (*free_func)(void *));
int CRYPTO_set_mem_ex_functions(void *(*m)(size_t,const char *,int),
void *(*r)(void *,size_t,const char *,int),
/*
* CRYPTO_set_mem_functions includes CRYPTO_set_locked_mem_functions -- call
* the latter last if you need different functions
*/
int CRYPTO_set_mem_functions(void *(*m) (size_t), void *(*r) (void *, size_t),
void (*f) (void *));
int CRYPTO_set_locked_mem_functions(void *(*m) (size_t),
void (*free_func) (void *));
int CRYPTO_set_mem_ex_functions(void *(*m) (size_t, const char *, int),
void *(*r) (void *, size_t, const char *,
int), void (*f) (void *));
int CRYPTO_set_locked_mem_ex_functions(void *(*m) (size_t, const char *, int),
void (*free_func) (void *));
int CRYPTO_set_mem_debug_functions(void (*m)(void *,int,const char *,int,int),
void (*r)(void *,void *,int,const char *,int,int),
void (*f)(void *,int),
void (*so)(long),
int CRYPTO_set_mem_debug_functions(void (*m)
(void *, int, const char *, int, int),
void (*r) (void *, void *, int,
const char *, int, int),
void (*f) (void *, int), void (*so) (long),
long (*go) (void));
void CRYPTO_get_mem_functions(void *(**m)(size_t),void *(**r)(void *, size_t), void (**f)(void *));
void CRYPTO_get_locked_mem_functions(void *(**m)(size_t), void (**f)(void *));
void CRYPTO_get_mem_functions(void *(**m) (size_t),
void *(**r) (void *, size_t),
void (**f) (void *));
void CRYPTO_get_locked_mem_functions(void *(**m) (size_t),
void (**f) (void *));
void CRYPTO_get_mem_ex_functions(void *(**m) (size_t, const char *, int),
void *(**r)(void *, size_t,const char *,int),
void *(**r) (void *, size_t, const char *,
int), void (**f) (void *));
void CRYPTO_get_locked_mem_ex_functions(void
*(**m) (size_t, const char *, int),
void (**f) (void *));
void CRYPTO_get_locked_mem_ex_functions(void *(**m)(size_t,const char *,int),
void (**f)(void *));
void CRYPTO_get_mem_debug_functions(void (**m)(void *,int,const char *,int,int),
void (**r)(void *,void *,int,const char *,int,int),
void CRYPTO_get_mem_debug_functions(void (**m)
(void *, int, const char *, int, int),
void (**r) (void *, void *, int,
const char *, int, int),
void (**f) (void *, int),
void (**so)(long),
long (**go)(void));
void (**so) (long), long (**go) (void));
void *CRYPTO_malloc_locked(int num, const char *file, int line);
void CRYPTO_free_locked(void *ptr);
@@ -508,18 +550,23 @@ int CRYPTO_push_info_(const char *info, const char *file, int line);
int CRYPTO_pop_info(void);
int CRYPTO_remove_all_info(void);
/* Default debugging functions (enabled by CRYPTO_malloc_debug_init() macro;
* used as default in CRYPTO_MDEBUG compilations): */
/* The last argument has the following significance:
/*
* Default debugging functions (enabled by CRYPTO_malloc_debug_init() macro;
* used as default in CRYPTO_MDEBUG compilations):
*/
/*-
* The last argument has the following significance:
*
* 0: called before the actual memory allocation has taken place
* 1: called after the actual memory allocation has taken place
*/
void CRYPTO_dbg_malloc(void *addr,int num,const char *file,int line,int before_p);
void CRYPTO_dbg_realloc(void *addr1,void *addr2,int num,const char *file,int line,int before_p);
void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line,
int before_p);
void CRYPTO_dbg_realloc(void *addr1, void *addr2, int num, const char *file,
int line, int before_p);
void CRYPTO_dbg_free(void *addr, int before_p);
/* Tell the debugging code about options. By default, the following values
/*-
* Tell the debugging code about options. By default, the following values
* apply:
*
* 0: Clear all options.
@@ -530,13 +577,13 @@ void CRYPTO_dbg_free(void *addr,int before_p);
void CRYPTO_dbg_set_options(long bits);
long CRYPTO_dbg_get_options(void);
# ifndef OPENSSL_NO_FP_API
void CRYPTO_mem_leaks_fp(FILE *);
# endif
void CRYPTO_mem_leaks(struct bio_st *bio);
/* unsigned long order, char *file, int line, int num_bytes, char *addr */
typedef void *CRYPTO_MEM_LEAK_CB(unsigned long, const char *, int, int, void *);
typedef void *CRYPTO_MEM_LEAK_CB (unsigned long, const char *, int, int,
void *);
void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb);
/* die if we have to */
@@ -574,15 +621,18 @@ void OPENSSL_init(void);
# define fips_cipher_abort(alg) while(0)
# endif
/* CRYPTO_memcmp returns zero iff the |len| bytes at |a| and |b| are equal. It
* takes an amount of time dependent on |len|, but independent of the contents
* of |a| and |b|. Unlike memcmp, it cannot be used to put elements into a
* defined order as the return value when a != b is undefined, other than to be
* non-zero. */
int CRYPTO_memcmp(const void *a, const void *b, size_t len);
/*
* CRYPTO_memcmp returns zero iff the |len| bytes at |a| and |b| are equal.
* It takes an amount of time dependent on |len|, but independent of the
* contents of |a| and |b|. Unlike memcmp, it cannot be used to put elements
* into a defined order as the return value when a != b is undefined, other
* than to be non-zero.
*/
int CRYPTO_memcmp(const volatile void *a, const volatile void *b, size_t len);
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_CRYPTO_strings(void);

105
libs/openssl/include/openssl/des.h
View File

@@ -59,8 +59,8 @@
#ifndef HEADER_NEW_DES_H
# define HEADER_NEW_DES_H
#include <openssl/e_os2.h> /* OPENSSL_EXTERN, OPENSSL_NO_DES,
DES_LONG (via openssl/opensslconf.h */
# include <openssl/e_os2.h> /* OPENSSL_EXTERN, OPENSSL_NO_DES, DES_LONG
* (via openssl/opensslconf.h */
# ifdef OPENSSL_NO_DES
# error DES is disabled.
@@ -77,16 +77,17 @@ extern "C" {
typedef unsigned char DES_cblock[8];
typedef /* const */ unsigned char const_DES_cblock[8];
/* With "const", gcc 2.8.1 on Solaris thinks that DES_cblock *
* and const_DES_cblock * are incompatible pointer types. */
/*
* With "const", gcc 2.8.1 on Solaris thinks that DES_cblock * and
* const_DES_cblock * are incompatible pointer types.
*/
typedef struct DES_ks
{
union
{
typedef struct DES_ks {
union {
DES_cblock cblock;
/* make sure things are correct size on machines with
* 8 byte longs */
/*
* make sure things are correct size on machines with 8 byte longs
*/
DES_LONG deslong[2];
} ks[16];
} DES_key_schedule;
@@ -136,37 +137,41 @@ DES_LONG DES_cbc_cksum(const unsigned char *input,DES_cblock *output,
const_DES_cblock *ivec);
/* DES_cbc_encrypt does not update the IV! Use DES_ncbc_encrypt instead. */
void DES_cbc_encrypt(const unsigned char *input, unsigned char *output,
long length,DES_key_schedule *schedule,DES_cblock *ivec,
int enc);
long length, DES_key_schedule *schedule,
DES_cblock *ivec, int enc);
void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
long length,DES_key_schedule *schedule,DES_cblock *ivec,
int enc);
long length, DES_key_schedule *schedule,
DES_cblock *ivec, int enc);
void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
long length,DES_key_schedule *schedule,DES_cblock *ivec,
const_DES_cblock *inw,const_DES_cblock *outw,int enc);
long length, DES_key_schedule *schedule,
DES_cblock *ivec, const_DES_cblock *inw,
const_DES_cblock *outw, int enc);
void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
long length,DES_key_schedule *schedule,DES_cblock *ivec,
int enc);
long length, DES_key_schedule *schedule,
DES_cblock *ivec, int enc);
void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
DES_key_schedule *ks, int enc);
/* This is the DES encryption function that gets called by just about
every other DES routine in the library. You should not use this
function except to implement 'modes' of DES. I say this because the
functions that call this routine do the conversion from 'char *' to
long, and this needs to be done to make sure 'non-aligned' memory
access do not occur. The characters are loaded 'little endian'.
Data is a pointer to 2 unsigned long's and ks is the
DES_key_schedule to use. enc, is non zero specifies encryption,
zero if decryption. */
/*
* This is the DES encryption function that gets called by just about every
* other DES routine in the library. You should not use this function except
* to implement 'modes' of DES. I say this because the functions that call
* this routine do the conversion from 'char *' to long, and this needs to be
* done to make sure 'non-aligned' memory access do not occur. The
* characters are loaded 'little endian'. Data is a pointer to 2 unsigned
* long's and ks is the DES_key_schedule to use. enc, is non zero specifies
* encryption, zero if decryption.
*/
void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc);
/* This functions is the same as DES_encrypt1() except that the DES
initial permutation (IP) and final permutation (FP) have been left
out. As for DES_encrypt1(), you should not use this function.
It is used by the routines in the library that implement triple DES.
IP() DES_encrypt2() DES_encrypt2() DES_encrypt2() FP() is the same
as DES_encrypt1() DES_encrypt1() DES_encrypt1() except faster :-). */
/*
* This functions is the same as DES_encrypt1() except that the DES initial
* permutation (IP) and final permutation (FP) have been left out. As for
* DES_encrypt1(), you should not use this function. It is used by the
* routines in the library that implement triple DES. IP() DES_encrypt2()
* DES_encrypt2() DES_encrypt2() FP() is the same as DES_encrypt1()
* DES_encrypt1() DES_encrypt1() except faster :-).
*/
void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks, int enc);
void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1,
@@ -181,8 +186,7 @@ void DES_ede3_cbcm_encrypt(const unsigned char *in,unsigned char *out,
long length,
DES_key_schedule *ks1, DES_key_schedule *ks2,
DES_key_schedule *ks3,
DES_cblock *ivec1,DES_cblock *ivec2,
int enc);
DES_cblock *ivec1, DES_cblock *ivec2, int enc);
void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
long length, DES_key_schedule *ks1,
DES_key_schedule *ks2, DES_key_schedule *ks3,
@@ -207,37 +211,42 @@ int DES_enc_write(int fd,const void *buf,int len,DES_key_schedule *sched,
char *DES_fcrypt(const char *buf, const char *salt, char *ret);
char *DES_crypt(const char *buf, const char *salt);
void DES_ofb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
long length,DES_key_schedule *schedule,DES_cblock *ivec);
long length, DES_key_schedule *schedule,
DES_cblock *ivec);
void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
long length,DES_key_schedule *schedule,DES_cblock *ivec,
int enc);
long length, DES_key_schedule *schedule,
DES_cblock *ivec, int enc);
DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
long length, int out_count, DES_cblock *seed);
int DES_random_key(DES_cblock *ret);
void DES_set_odd_parity(DES_cblock *key);
int DES_check_key_parity(const_DES_cblock *key);
int DES_is_weak_key(const_DES_cblock *key);
/* DES_set_key (= set_key = DES_key_sched = key_sched) calls
/*
* DES_set_key (= set_key = DES_key_sched = key_sched) calls
* DES_set_key_checked if global variable DES_check_key is set,
* DES_set_key_unchecked otherwise. */
* DES_set_key_unchecked otherwise.
*/
int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
# ifdef OPENSSL_FIPS
void private_DES_set_key_unchecked(const_DES_cblock *key,DES_key_schedule *schedule);
void private_DES_set_key_unchecked(const_DES_cblock *key,
DES_key_schedule *schedule);
# endif
void DES_string_to_key(const char *str, DES_cblock *key);
void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
void DES_cfb64_encrypt(const unsigned char *in,unsigned char *out,long length,
DES_key_schedule *schedule,DES_cblock *ivec,int *num,
int enc);
void DES_ofb64_encrypt(const unsigned char *in,unsigned char *out,long length,
DES_key_schedule *schedule,DES_cblock *ivec,int *num);
void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
long length, DES_key_schedule *schedule,
DES_cblock *ivec, int *num, int enc);
void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
long length, DES_key_schedule *schedule,
DES_cblock *ivec, int *num);
int DES_read_password(DES_cblock *key, const char *prompt, int verify);
int DES_read_2passwords(DES_cblock *key1, DES_cblock *key2, const char *prompt,
int verify);
int DES_read_2passwords(DES_cblock *key1, DES_cblock *key2,
const char *prompt, int verify);
# define DES_fixup_key_parity DES_set_odd_parity

163
libs/openssl/include/openssl/des_old.h
View File

@@ -1,6 +1,7 @@
/* crypto/des/des_old.h -*- mode:C; c-file-style: "eay" -*- */
/* crypto/des/des_old.h */
/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
/*-
* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
*
* The function names in here are deprecated and are only present to
* provide an interface compatible with openssl 0.9.6 and older as
@@ -31,8 +32,9 @@
* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
*/
/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
* project 2001.
/*
* Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
* 2001.
*/
/* ====================================================================
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
@@ -121,12 +123,12 @@ extern "C" {
# endif
typedef unsigned char _ossl_old_des_cblock[8];
typedef struct _ossl_old_des_ks_struct
{
typedef struct _ossl_old_des_ks_struct {
union {
_ossl_old_des_cblock _;
/* make sure things are correct size on machines with
* 8 byte longs */
/*
* make sure things are correct size on machines with 8 byte longs
*/
DES_LONG pad[2];
} ks;
} _ossl_old_des_key_schedule[16];
@@ -220,7 +222,6 @@ typedef struct _ossl_old_des_ks_struct
# define des_ofb64_encrypt(i,o,l,ks,iv,n)\
DES_ofb64_encrypt((i),(o),(l),&(ks),(iv),(n))
# define des_ecb2_encrypt(i,o,k1,k2,e) \
des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
@@ -236,8 +237,10 @@ typedef struct _ossl_old_des_ks_struct
# define des_check_key DES_check_key
# define des_rw_mode DES_rw_mode
# else /* libdes compatibility */
/* Map all symbol names to _ossl_old_des_* form, so we avoid all
clashes with libdes */
/*
* Map all symbol names to _ossl_old_des_* form, so we avoid all clashes with
* libdes
*/
# define des_cblock _ossl_old_des_cblock
# define des_key_schedule _ossl_old_des_key_schedule
# define des_ecb3_encrypt(i,o,k1,k2,k3,e)\
@@ -315,7 +318,6 @@ typedef struct _ossl_old_des_ks_struct
# define des_ofb64_encrypt(i,o,l,ks,iv,n)\
_ossl_old_des_ofb64_encrypt((i),(o),(l),(ks),(iv),(n))
# define des_ecb2_encrypt(i,o,k1,k2,e) \
des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
@@ -333,45 +335,76 @@ typedef struct _ossl_old_des_ks_struct
# endif
const char *_ossl_old_des_options(void);
void _ossl_old_des_ecb3_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
_ossl_old_des_key_schedule ks1,_ossl_old_des_key_schedule ks2,
void _ossl_old_des_ecb3_encrypt(_ossl_old_des_cblock *input,
_ossl_old_des_cblock *output,
_ossl_old_des_key_schedule ks1,
_ossl_old_des_key_schedule ks2,
_ossl_old_des_key_schedule ks3, int enc);
DES_LONG _ossl_old_des_cbc_cksum(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
long length,_ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec);
void _ossl_old_des_cbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
_ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc);
void _ossl_old_des_ncbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
_ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc);
void _ossl_old_des_xcbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
_ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec,
_ossl_old_des_cblock *inw,_ossl_old_des_cblock *outw,int enc);
void _ossl_old_des_cfb_encrypt(unsigned char *in,unsigned char *out,int numbits,
long length,_ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc);
void _ossl_old_des_ecb_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
DES_LONG _ossl_old_des_cbc_cksum(_ossl_old_des_cblock *input,
_ossl_old_des_cblock *output, long length,
_ossl_old_des_key_schedule schedule,
_ossl_old_des_cblock *ivec);
void _ossl_old_des_cbc_encrypt(_ossl_old_des_cblock *input,
_ossl_old_des_cblock *output, long length,
_ossl_old_des_key_schedule schedule,
_ossl_old_des_cblock *ivec, int enc);
void _ossl_old_des_ncbc_encrypt(_ossl_old_des_cblock *input,
_ossl_old_des_cblock *output, long length,
_ossl_old_des_key_schedule schedule,
_ossl_old_des_cblock *ivec, int enc);
void _ossl_old_des_xcbc_encrypt(_ossl_old_des_cblock *input,
_ossl_old_des_cblock *output, long length,
_ossl_old_des_key_schedule schedule,
_ossl_old_des_cblock *ivec,
_ossl_old_des_cblock *inw,
_ossl_old_des_cblock *outw, int enc);
void _ossl_old_des_cfb_encrypt(unsigned char *in, unsigned char *out,
int numbits, long length,
_ossl_old_des_key_schedule schedule,
_ossl_old_des_cblock *ivec, int enc);
void _ossl_old_des_ecb_encrypt(_ossl_old_des_cblock *input,
_ossl_old_des_cblock *output,
_ossl_old_des_key_schedule ks, int enc);
void _ossl_old_des_encrypt(DES_LONG *data,_ossl_old_des_key_schedule ks, int enc);
void _ossl_old_des_encrypt2(DES_LONG *data,_ossl_old_des_key_schedule ks, int enc);
void _ossl_old_des_encrypt(DES_LONG *data, _ossl_old_des_key_schedule ks,
int enc);
void _ossl_old_des_encrypt2(DES_LONG *data, _ossl_old_des_key_schedule ks,
int enc);
void _ossl_old_des_encrypt3(DES_LONG *data, _ossl_old_des_key_schedule ks1,
_ossl_old_des_key_schedule ks2, _ossl_old_des_key_schedule ks3);
_ossl_old_des_key_schedule ks2,
_ossl_old_des_key_schedule ks3);
void _ossl_old_des_decrypt3(DES_LONG *data, _ossl_old_des_key_schedule ks1,
_ossl_old_des_key_schedule ks2, _ossl_old_des_key_schedule ks3);
void _ossl_old_des_ede3_cbc_encrypt(_ossl_old_des_cblock *input, _ossl_old_des_cblock *output,
long length, _ossl_old_des_key_schedule ks1, _ossl_old_des_key_schedule ks2,
_ossl_old_des_key_schedule ks3, _ossl_old_des_cblock *ivec, int enc);
_ossl_old_des_key_schedule ks2,
_ossl_old_des_key_schedule ks3);
void _ossl_old_des_ede3_cbc_encrypt(_ossl_old_des_cblock *input,
_ossl_old_des_cblock *output, long length,
_ossl_old_des_key_schedule ks1,
_ossl_old_des_key_schedule ks2,
_ossl_old_des_key_schedule ks3,
_ossl_old_des_cblock *ivec, int enc);
void _ossl_old_des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out,
long length, _ossl_old_des_key_schedule ks1, _ossl_old_des_key_schedule ks2,
_ossl_old_des_key_schedule ks3, _ossl_old_des_cblock *ivec, int *num, int enc);
long length,
_ossl_old_des_key_schedule ks1,
_ossl_old_des_key_schedule ks2,
_ossl_old_des_key_schedule ks3,
_ossl_old_des_cblock *ivec, int *num,
int enc);
void _ossl_old_des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out,
long length, _ossl_old_des_key_schedule ks1, _ossl_old_des_key_schedule ks2,
_ossl_old_des_key_schedule ks3, _ossl_old_des_cblock *ivec, int *num);
long length,
_ossl_old_des_key_schedule ks1,
_ossl_old_des_key_schedule ks2,
_ossl_old_des_key_schedule ks3,
_ossl_old_des_cblock *ivec, int *num);
# if 0
void _ossl_old_des_xwhite_in2out(_ossl_old_des_cblock (*des_key), _ossl_old_des_cblock (*in_white),
void _ossl_old_des_xwhite_in2out(_ossl_old_des_cblock (*des_key),
_ossl_old_des_cblock (*in_white),
_ossl_old_des_cblock (*out_white));
# endif
int _ossl_old_des_enc_read(int fd,char *buf,int len,_ossl_old_des_key_schedule sched,
int _ossl_old_des_enc_read(int fd, char *buf, int len,
_ossl_old_des_key_schedule sched,
_ossl_old_des_cblock *iv);
int _ossl_old_des_enc_write(int fd,char *buf,int len,_ossl_old_des_key_schedule sched,
int _ossl_old_des_enc_write(int fd, char *buf, int len,
_ossl_old_des_key_schedule sched,
_ossl_old_des_cblock *iv);
char *_ossl_old_des_fcrypt(const char *buf, const char *salt, char *ret);
char *_ossl_old_des_crypt(const char *buf, const char *salt);
@@ -379,31 +412,49 @@ char *_ossl_old_des_crypt(const char *buf,const char *salt);
char *_ossl_old_crypt(const char *buf, const char *salt);
# endif
void _ossl_old_des_ofb_encrypt(unsigned char *in, unsigned char *out,
int numbits,long length,_ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec);
void _ossl_old_des_pcbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
_ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc);
DES_LONG _ossl_old_des_quad_cksum(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
long length,int out_count,_ossl_old_des_cblock *seed);
int numbits, long length,
_ossl_old_des_key_schedule schedule,
_ossl_old_des_cblock *ivec);
void _ossl_old_des_pcbc_encrypt(_ossl_old_des_cblock *input,
_ossl_old_des_cblock *output, long length,
_ossl_old_des_key_schedule schedule,
_ossl_old_des_cblock *ivec, int enc);
DES_LONG _ossl_old_des_quad_cksum(_ossl_old_des_cblock *input,
_ossl_old_des_cblock *output, long length,
int out_count, _ossl_old_des_cblock *seed);
void _ossl_old_des_random_seed(_ossl_old_des_cblock key);
void _ossl_old_des_random_key(_ossl_old_des_cblock ret);
int _ossl_old_des_read_password(_ossl_old_des_cblock *key,const char *prompt,int verify);
int _ossl_old_des_read_2passwords(_ossl_old_des_cblock *key1,_ossl_old_des_cblock *key2,
int _ossl_old_des_read_password(_ossl_old_des_cblock *key, const char *prompt,
int verify);
int _ossl_old_des_read_2passwords(_ossl_old_des_cblock *key1,
_ossl_old_des_cblock *key2,
const char *prompt, int verify);
void _ossl_old_des_set_odd_parity(_ossl_old_des_cblock *key);
int _ossl_old_des_is_weak_key(_ossl_old_des_cblock *key);
int _ossl_old_des_set_key(_ossl_old_des_cblock *key,_ossl_old_des_key_schedule schedule);
int _ossl_old_des_key_sched(_ossl_old_des_cblock *key,_ossl_old_des_key_schedule schedule);
int _ossl_old_des_set_key(_ossl_old_des_cblock *key,
_ossl_old_des_key_schedule schedule);
int _ossl_old_des_key_sched(_ossl_old_des_cblock *key,
_ossl_old_des_key_schedule schedule);
void _ossl_old_des_string_to_key(char *str, _ossl_old_des_cblock *key);
void _ossl_old_des_string_to_2keys(char *str,_ossl_old_des_cblock *key1,_ossl_old_des_cblock *key2);
void _ossl_old_des_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
_ossl_old_des_key_schedule schedule, _ossl_old_des_cblock *ivec, int *num, int enc);
void _ossl_old_des_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
_ossl_old_des_key_schedule schedule, _ossl_old_des_cblock *ivec, int *num);
void _ossl_old_des_string_to_2keys(char *str, _ossl_old_des_cblock *key1,
_ossl_old_des_cblock *key2);
void _ossl_old_des_cfb64_encrypt(unsigned char *in, unsigned char *out,
long length,
_ossl_old_des_key_schedule schedule,
_ossl_old_des_cblock *ivec, int *num,
int enc);
void _ossl_old_des_ofb64_encrypt(unsigned char *in, unsigned char *out,
long length,
_ossl_old_des_key_schedule schedule,
_ossl_old_des_cblock *ivec, int *num);
void _ossl_096_des_random_seed(des_cblock *key);
/* The following definitions provide compatibility with the MIT Kerberos
* library. The _ossl_old_des_key_schedule structure is not binary compatible. */
/*
* The following definitions provide compatibility with the MIT Kerberos
* library. The _ossl_old_des_key_schedule structure is not binary
* compatible.
*/
# define _KERBEROS_DES_H

186
libs/openssl/include/openssl/dh.h
View File

@@ -78,23 +78,28 @@
# endif
# define DH_FLAG_CACHE_MONT_P 0x01
#define DH_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DH
/*
* new with 0.9.7h; the built-in DH
* implementation now uses constant time
* modular exponentiation for secret exponents
* by default. This flag causes the
* faster variable sliding window method to
* be used for all exponents.
*/
# define DH_FLAG_NO_EXP_CONSTTIME 0x02
/* If this flag is set the DH method is FIPS compliant and can be used
* in FIPS mode. This is set in the validated module method. If an
* application sets this flag in its own methods it is its reposibility
* to ensure the result is compliant.
/*
* If this flag is set the DH method is FIPS compliant and can be used in
* FIPS mode. This is set in the validated module method. If an application
* sets this flag in its own methods it is its reposibility to ensure the
* result is compliant.
*/
# define DH_FLAG_FIPS_METHOD 0x0400
/* If this flag is set the operations normally disabled in FIPS mode are
/*
* If this flag is set the operations normally disabled in FIPS mode are
* permitted it is then the applications responsibility to ensure that the
* usage is compliant.
*/
@@ -109,36 +114,36 @@ extern "C" {
/* typedef struct dh_st DH; */
/* typedef struct dh_method DH_METHOD; */
struct dh_method
{
struct dh_method {
const char *name;
/* Methods here */
int (*generate_key) (DH *dh);
int (*compute_key) (unsigned char *key, const BIGNUM *pub_key, DH *dh);
/* Can be null */
int (*bn_mod_exp) (const DH *dh, BIGNUM *r, const BIGNUM *a,
const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
BN_MONT_CTX *m_ctx); /* Can be null */
BN_MONT_CTX *m_ctx);
int (*init) (DH *dh);
int (*finish) (DH *dh);
int flags;
char *app_data;
/* If this is non-NULL, it will be used to generate parameters */
int (*generate_params)(DH *dh, int prime_len, int generator, BN_GENCB *cb);
int (*generate_params) (DH *dh, int prime_len, int generator,
BN_GENCB *cb);
};
struct dh_st
{
/* This first argument is used to pick up errors when
* a DH is passed instead of a EVP_PKEY */
struct dh_st {
/*
* This first argument is used to pick up errors when a DH is passed
* instead of a EVP_PKEY
*/
int pad;
int version;
BIGNUM *p;
BIGNUM *g;
long length; /* optional */
BIGNUM *pub_key; /* g^x */
BIGNUM *pub_key; /* g^x % p */
BIGNUM *priv_key; /* x */
int flags;
BN_MONT_CTX *method_mont_p;
/* Place holders if we want to do X9.42 DH */
@@ -147,7 +152,6 @@ struct dh_st
unsigned char *seed;
int seedlen;
BIGNUM *counter;
int references;
CRYPTO_EX_DATA ex_data;
const DH_METHOD *meth;
@@ -163,21 +167,44 @@ struct dh_st
# define DH_CHECK_P_NOT_SAFE_PRIME 0x02
# define DH_UNABLE_TO_CHECK_GENERATOR 0x04
# define DH_NOT_SUITABLE_GENERATOR 0x08
# define DH_CHECK_Q_NOT_PRIME 0x10
# define DH_CHECK_INVALID_Q_VALUE 0x20
# define DH_CHECK_INVALID_J_VALUE 0x40
/* DH_check_pub_key error codes */
# define DH_CHECK_PUBKEY_TOO_SMALL 0x01
# define DH_CHECK_PUBKEY_TOO_LARGE 0x02
# define DH_CHECK_PUBKEY_INVALID 0x04
/* primes p where (p-1)/2 is prime too are called "safe"; we define
this for backward compatibility: */
/*
* primes p where (p-1)/2 is prime too are called "safe"; we define this for
* backward compatibility:
*/
# define DH_CHECK_P_NOT_STRONG_PRIME DH_CHECK_P_NOT_SAFE_PRIME
#define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
(char *(*)())d2i_DHparams,(fp),(unsigned char **)(x))
#define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \
(unsigned char *)(x))
#define d2i_DHparams_bio(bp,x) ASN1_d2i_bio_of(DH,DH_new,d2i_DHparams,bp,x)
#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio_of_const(DH,i2d_DHparams,bp,x)
# define d2i_DHparams_fp(fp,x) \
(DH *)ASN1_d2i_fp((char *(*)())DH_new, \
(char *(*)())d2i_DHparams, \
(fp), \
(unsigned char **)(x))
# define i2d_DHparams_fp(fp,x) \
ASN1_i2d_fp(i2d_DHparams,(fp), (unsigned char *)(x))
# define d2i_DHparams_bio(bp,x) \
ASN1_d2i_bio_of(DH, DH_new, d2i_DHparams, bp, x)
# define i2d_DHparams_bio(bp,x) \
ASN1_i2d_bio_of_const(DH,i2d_DHparams,bp,x)
# define d2i_DHxparams_fp(fp,x) \
(DH *)ASN1_d2i_fp((char *(*)())DH_new, \
(char *(*)())d2i_DHxparams, \
(fp), \
(unsigned char **)(x))
# define i2d_DHxparams_fp(fp,x) \
ASN1_i2d_fp(i2d_DHxparams,(fp), (unsigned char *)(x))
# define d2i_DHxparams_bio(bp,x) \
ASN1_d2i_bio_of(DH, DH_new, d2i_DHxparams, bp, x)
# define i2d_DHxparams_bio(bp,x) \
ASN1_i2d_bio_of_const(DH, i2d_DHxparams, bp, x)
DH *DHparams_dup(DH *);
@@ -204,14 +231,18 @@ DH * DH_generate_parameters(int prime_len,int generator,
# endif /* !defined(OPENSSL_NO_DEPRECATED) */
/* New version */
int DH_generate_parameters_ex(DH *dh, int prime_len,int generator, BN_GENCB *cb);
int DH_generate_parameters_ex(DH *dh, int prime_len, int generator,
BN_GENCB *cb);
int DH_check(const DH *dh, int *codes);
int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *codes);
int DH_generate_key(DH *dh);
int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh);
int DH_compute_key_padded(unsigned char *key, const BIGNUM *pub_key, DH *dh);
DH *d2i_DHparams(DH **a, const unsigned char **pp, long length);
int i2d_DHparams(const DH *a, unsigned char **pp);
DH *d2i_DHxparams(DH **a, const unsigned char **pp, long length);
int i2d_DHxparams(const DH *a, unsigned char **pp);
# ifndef OPENSSL_NO_FP_API
int DHparams_print_fp(FILE *fp, const DH *x);
# endif
@@ -221,20 +252,113 @@ int DHparams_print(BIO *bp, const DH *x);
int DHparams_print(char *bp, const DH *x);
# endif
/* RFC 5114 parameters */
DH *DH_get_1024_160(void);
DH *DH_get_2048_224(void);
DH *DH_get_2048_256(void);
/* RFC2631 KDF */
int DH_KDF_X9_42(unsigned char *out, size_t outlen,
const unsigned char *Z, size_t Zlen,
ASN1_OBJECT *key_oid,
const unsigned char *ukm, size_t ukmlen, const EVP_MD *md);
# define EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, len, NULL)
# define EVP_PKEY_CTX_set_dh_paramgen_subprime_len(ctx, len) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN, len, NULL)
# define EVP_PKEY_CTX_set_dh_paramgen_type(ctx, typ) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
EVP_PKEY_CTRL_DH_PARAMGEN_TYPE, typ, NULL)
# define EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, gen) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR, gen, NULL)
# define EVP_PKEY_CTX_set_dh_rfc5114(ctx, gen) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN, \
EVP_PKEY_CTRL_DH_RFC5114, gen, NULL)
# define EVP_PKEY_CTX_set_dhx_rfc5114(ctx, gen) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN, \
EVP_PKEY_CTRL_DH_RFC5114, gen, NULL)
# define EVP_PKEY_CTX_set_dh_kdf_type(ctx, kdf) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_DH_KDF_TYPE, kdf, NULL)
# define EVP_PKEY_CTX_get_dh_kdf_type(ctx) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_DH_KDF_TYPE, -2, NULL)
# define EVP_PKEY_CTX_set0_dh_kdf_oid(ctx, oid) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_DH_KDF_OID, 0, (void *)oid)
# define EVP_PKEY_CTX_get0_dh_kdf_oid(ctx, poid) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_GET_DH_KDF_OID, 0, (void *)poid)
# define EVP_PKEY_CTX_set_dh_kdf_md(ctx, md) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_DH_KDF_MD, 0, (void *)md)
# define EVP_PKEY_CTX_get_dh_kdf_md(ctx, pmd) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_GET_DH_KDF_MD, 0, (void *)pmd)
# define EVP_PKEY_CTX_set_dh_kdf_outlen(ctx, len) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_DH_KDF_OUTLEN, len, NULL)
# define EVP_PKEY_CTX_get_dh_kdf_outlen(ctx, plen) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN, 0, (void *)plen)
# define EVP_PKEY_CTX_set0_dh_kdf_ukm(ctx, p, plen) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_DH_KDF_UKM, plen, (void *)p)
# define EVP_PKEY_CTX_get0_dh_kdf_ukm(ctx, p) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_GET_DH_KDF_UKM, 0, (void *)p)
# define EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN (EVP_PKEY_ALG_CTRL + 1)
# define EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR (EVP_PKEY_ALG_CTRL + 2)
# define EVP_PKEY_CTRL_DH_RFC5114 (EVP_PKEY_ALG_CTRL + 3)
# define EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN (EVP_PKEY_ALG_CTRL + 4)
# define EVP_PKEY_CTRL_DH_PARAMGEN_TYPE (EVP_PKEY_ALG_CTRL + 5)
# define EVP_PKEY_CTRL_DH_KDF_TYPE (EVP_PKEY_ALG_CTRL + 6)
# define EVP_PKEY_CTRL_DH_KDF_MD (EVP_PKEY_ALG_CTRL + 7)
# define EVP_PKEY_CTRL_GET_DH_KDF_MD (EVP_PKEY_ALG_CTRL + 8)
# define EVP_PKEY_CTRL_DH_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 9)
# define EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 10)
# define EVP_PKEY_CTRL_DH_KDF_UKM (EVP_PKEY_ALG_CTRL + 11)
# define EVP_PKEY_CTRL_GET_DH_KDF_UKM (EVP_PKEY_ALG_CTRL + 12)
# define EVP_PKEY_CTRL_DH_KDF_OID (EVP_PKEY_ALG_CTRL + 13)
# define EVP_PKEY_CTRL_GET_DH_KDF_OID (EVP_PKEY_ALG_CTRL + 14)
/* KDF types */
# define EVP_PKEY_DH_KDF_NONE 1
# define EVP_PKEY_DH_KDF_X9_42 2
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_DH_strings(void);
@@ -245,6 +369,9 @@ void ERR_load_DH_strings(void);
# define DH_F_COMPUTE_KEY 102
# define DH_F_DHPARAMS_PRINT_FP 101
# define DH_F_DH_BUILTIN_GENPARAMS 106
# define DH_F_DH_CMS_DECRYPT 117
# define DH_F_DH_CMS_SET_PEERKEY 118
# define DH_F_DH_CMS_SET_SHARED_INFO 119
# define DH_F_DH_COMPUTE_KEY 114
# define DH_F_DH_GENERATE_KEY 115
# define DH_F_DH_GENERATE_PARAMETERS_EX 116
@@ -266,6 +393,7 @@ void ERR_load_DH_strings(void);
# define DH_R_BN_ERROR 106
# define DH_R_DECODE_ERROR 104
# define DH_R_INVALID_PUBKEY 102
# define DH_R_KDF_PARAMETER_ERROR 112
# define DH_R_KEYS_NOT_SET 108
# define DH_R_KEY_SIZE_TOO_SMALL 110
# define DH_R_MODULUS_TOO_LARGE 103
@@ -273,6 +401,8 @@ void ERR_load_DH_strings(void);
# define DH_R_NO_PARAMETERS_SET 107
# define DH_R_NO_PRIVATE_VALUE 100
# define DH_R_PARAMETER_ENCODING_ERROR 105
# define DH_R_PEER_KEY_ERROR 113
# define DH_R_SHARED_INFO_ERROR 114
#ifdef __cplusplus
}

67
libs/openssl/include/openssl/dsa.h
View File

@@ -89,23 +89,24 @@
# endif
# define DSA_FLAG_CACHE_MONT_P 0x01
#define DSA_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DSA
* implementation now uses constant time
* modular exponentiation for secret exponents
* by default. This flag causes the
* faster variable sliding window method to
* be used for all exponents.
/*
* new with 0.9.7h; the built-in DSA implementation now uses constant time
* modular exponentiation for secret exponents by default. This flag causes
* the faster variable sliding window method to be used for all exponents.
*/
# define DSA_FLAG_NO_EXP_CONSTTIME 0x02
/* If this flag is set the DSA method is FIPS compliant and can be used
* in FIPS mode. This is set in the validated module method. If an
* application sets this flag in its own methods it is its reposibility
* to ensure the result is compliant.
/*
* If this flag is set the DSA method is FIPS compliant and can be used in
* FIPS mode. This is set in the validated module method. If an application
* sets this flag in its own methods it is its reposibility to ensure the
* result is compliant.
*/
# define DSA_FLAG_FIPS_METHOD 0x0400
/* If this flag is set the operations normally disabled in FIPS mode are
/*
* If this flag is set the operations normally disabled in FIPS mode are
* permitted it is then the applications responsibility to ensure that the
* usage is compliant.
*/
@@ -120,14 +121,12 @@ extern "C" {
/* typedef struct dsa_st DSA; */
/* typedef struct dsa_method DSA_METHOD; */
typedef struct DSA_SIG_st
{
typedef struct DSA_SIG_st {
BIGNUM *r;
BIGNUM *s;
} DSA_SIG;
struct dsa_method
{
struct dsa_method {
const char *name;
DSA_SIG *(*dsa_do_sign) (const unsigned char *dgst, int dlen, DSA *dsa);
int (*dsa_sign_setup) (DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
@@ -137,9 +136,9 @@ struct dsa_method
int (*dsa_mod_exp) (DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
BN_MONT_CTX *in_mont);
/* Can be null */
int (*bn_mod_exp) (DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx,
BN_MONT_CTX *m_ctx); /* Can be null */
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
int (*init) (DSA *dsa);
int (*finish) (DSA *dsa);
int flags;
@@ -153,23 +152,21 @@ struct dsa_method
int (*dsa_keygen) (DSA *dsa);
};
struct dsa_st
{
/* This first variable is used to pick up errors where
* a DSA is passed instead of of a EVP_PKEY */
struct dsa_st {
/*
* This first variable is used to pick up errors where a DSA is passed
* instead of of a EVP_PKEY
*/
int pad;
long version;
int write_params;
BIGNUM *p;
BIGNUM *q; /* == 20 */
BIGNUM *g;
BIGNUM *pub_key; /* y public key */
BIGNUM *priv_key; /* x private key */
BIGNUM *kinv; /* Signing pre-calc */
BIGNUM *r; /* Signing pre-calc */
int flags;
/* Normally used to cache montgomery values */
BN_MONT_CTX *method_mont_p;
@@ -187,7 +184,6 @@ struct dsa_st
# define d2i_DSAparams_bio(bp,x) ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSAparams,bp,x)
# define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio_of_const(DSA,i2d_DSAparams,bp,x)
DSA *DSAparams_dup(DSA *x);
DSA_SIG *DSA_SIG_new(void);
void DSA_SIG_free(DSA_SIG *a);
@@ -236,7 +232,8 @@ DSA * DSA_generate_parameters(int bits,
/* New version */
int DSA_generate_parameters_ex(DSA *dsa, int bits,
const unsigned char *seed, int seed_len,
int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
int *counter_ret, unsigned long *h_ret,
BN_GENCB *cb);
int DSA_generate_key(DSA *a);
int i2d_DSAPublicKey(const DSA *a, unsigned char **pp);
@@ -253,14 +250,18 @@ int DSA_print_fp(FILE *bp, const DSA *x, int off);
# endif
# define DSS_prime_checks 50
/* Primality test according to FIPS PUB 186[-1], Appendix 2.1:
* 50 rounds of Rabin-Miller */
/*
* Primality test according to FIPS PUB 186[-1], Appendix 2.1: 50 rounds of
* Rabin-Miller
*/
# define DSA_is_prime(n, callback, cb_arg) \
BN_is_prime(n, DSS_prime_checks, callback, NULL, cb_arg)
# ifndef OPENSSL_NO_DH
/* Convert DSA structure (key or just parameters) into DH structure
* (be careful to avoid small subgroup attacks when using this!) */
/*
* Convert DSA structure (key or just parameters) into DH structure (be
* careful to avoid small subgroup attacks when using this!)
*/
DH *DSA_dup_DH(const DSA *r);
# endif
@@ -273,7 +274,8 @@ DH *DSA_dup_DH(const DSA *r);
# define EVP_PKEY_CTRL_DSA_PARAMGEN_MD (EVP_PKEY_ALG_CTRL + 3)
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_DSA_strings(void);
@@ -285,6 +287,7 @@ void ERR_load_DSA_strings(void);
# define DSA_F_DO_DSA_PRINT 104
# define DSA_F_DSAPARAMS_PRINT 100
# define DSA_F_DSAPARAMS_PRINT_FP 101
# define DSA_F_DSA_BUILTIN_PARAMGEN2 126
# define DSA_F_DSA_DO_SIGN 112
# define DSA_F_DSA_DO_VERIFY 113
# define DSA_F_DSA_GENERATE_KEY 124
@@ -314,12 +317,14 @@ void ERR_load_DSA_strings(void);
# define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100
# define DSA_R_DECODE_ERROR 104
# define DSA_R_INVALID_DIGEST_TYPE 106
# define DSA_R_INVALID_PARAMETERS 112
# define DSA_R_MISSING_PARAMETERS 101
# define DSA_R_MODULUS_TOO_LARGE 103
# define DSA_R_NEED_NEW_SETUP_VALUES 110
# define DSA_R_NON_FIPS_DSA_METHOD 111
# define DSA_R_NO_PARAMETERS_SET 107
# define DSA_R_PARAMETER_ENCODING_ERROR 105
# define DSA_R_Q_NOT_PRIME 113
#ifdef __cplusplus
}

320
libs/openssl/include/openssl/dso.h
View File

@@ -1,6 +1,7 @@
/* dso.h -*- mode:C; c-file-style: "eay" -*- */
/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
* project 2000.
/* dso.h */
/*
* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
* 2000.
*/
/* ====================================================================
* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
@@ -70,86 +71,92 @@ extern "C" {
# define DSO_CTRL_SET_FLAGS 2
# define DSO_CTRL_OR_FLAGS 3
/* By default, DSO_load() will translate the provided filename into a form
/*
* By default, DSO_load() will translate the provided filename into a form
* typical for the platform (more specifically the DSO_METHOD) using the
* dso_name_converter function of the method. Eg. win32 will transform "blah"
* into "blah.dll", and dlfcn will transform it into "libblah.so". The
* behaviour can be overriden by setting the name_converter callback in the DSO
* object (using DSO_set_name_converter()). This callback could even utilise
* the DSO_METHOD's converter too if it only wants to override behaviour for
* one or two possible DSO methods. However, the following flag can be set in a
* DSO to prevent *any* native name-translation at all - eg. if the caller has
* prompted the user for a path to a driver library so the filename should be
* interpreted as-is. */
* behaviour can be overriden by setting the name_converter callback in the
* DSO object (using DSO_set_name_converter()). This callback could even
* utilise the DSO_METHOD's converter too if it only wants to override
* behaviour for one or two possible DSO methods. However, the following flag
* can be set in a DSO to prevent *any* native name-translation at all - eg.
* if the caller has prompted the user for a path to a driver library so the
* filename should be interpreted as-is.
*/
# define DSO_FLAG_NO_NAME_TRANSLATION 0x01
/* An extra flag to give if only the extension should be added as
* translation. This is obviously only of importance on Unix and
* other operating systems where the translation also may prefix
* the name with something, like 'lib', and ignored everywhere else.
* This flag is also ignored if DSO_FLAG_NO_NAME_TRANSLATION is used
* at the same time. */
/*
* An extra flag to give if only the extension should be added as
* translation. This is obviously only of importance on Unix and other
* operating systems where the translation also may prefix the name with
* something, like 'lib', and ignored everywhere else. This flag is also
* ignored if DSO_FLAG_NO_NAME_TRANSLATION is used at the same time.
*/
# define DSO_FLAG_NAME_TRANSLATION_EXT_ONLY 0x02
/* The following flag controls the translation of symbol names to upper
* case. This is currently only being implemented for OpenVMS.
/*
* The following flag controls the translation of symbol names to upper case.
* This is currently only being implemented for OpenVMS.
*/
# define DSO_FLAG_UPCASE_SYMBOL 0x10
/* This flag loads the library with public symbols.
* Meaning: The exported symbols of this library are public
* to all libraries loaded after this library.
* At the moment only implemented in unix.
/*
* This flag loads the library with public symbols. Meaning: The exported
* symbols of this library are public to all libraries loaded after this
* library. At the moment only implemented in unix.
*/
# define DSO_FLAG_GLOBAL_SYMBOLS 0x20
typedef void (*DSO_FUNC_TYPE) (void);
typedef struct dso_st DSO;
/* The function prototype used for method functions (or caller-provided
* callbacks) that transform filenames. They are passed a DSO structure pointer
* (or NULL if they are to be used independantly of a DSO object) and a
* filename to transform. They should either return NULL (if there is an error
* condition) or a newly allocated string containing the transformed form that
* the caller will need to free with OPENSSL_free() when done. */
/*
* The function prototype used for method functions (or caller-provided
* callbacks) that transform filenames. They are passed a DSO structure
* pointer (or NULL if they are to be used independantly of a DSO object) and
* a filename to transform. They should either return NULL (if there is an
* error condition) or a newly allocated string containing the transformed
* form that the caller will need to free with OPENSSL_free() when done.
*/
typedef char *(*DSO_NAME_CONVERTER_FUNC)(DSO *, const char *);
/* The function prototype used for method functions (or caller-provided
* callbacks) that merge two file specifications. They are passed a
* DSO structure pointer (or NULL if they are to be used independantly of
* a DSO object) and two file specifications to merge. They should
* either return NULL (if there is an error condition) or a newly allocated
* string containing the result of merging that the caller will need
* to free with OPENSSL_free() when done.
* Here, merging means that bits and pieces are taken from each of the
* file specifications and added together in whatever fashion that is
* sensible for the DSO method in question. The only rule that really
* applies is that if the two specification contain pieces of the same
* type, the copy from the first string takes priority. One could see
* it as the first specification is the one given by the user and the
* second being a bunch of defaults to add on if they're missing in the
* first. */
/*
* The function prototype used for method functions (or caller-provided
* callbacks) that merge two file specifications. They are passed a DSO
* structure pointer (or NULL if they are to be used independantly of a DSO
* object) and two file specifications to merge. They should either return
* NULL (if there is an error condition) or a newly allocated string
* containing the result of merging that the caller will need to free with
* OPENSSL_free() when done. Here, merging means that bits and pieces are
* taken from each of the file specifications and added together in whatever
* fashion that is sensible for the DSO method in question. The only rule
* that really applies is that if the two specification contain pieces of the
* same type, the copy from the first string takes priority. One could see
* it as the first specification is the one given by the user and the second
* being a bunch of defaults to add on if they're missing in the first.
*/
typedef char *(*DSO_MERGER_FUNC)(DSO *, const char *, const char *);
typedef struct dso_meth_st
{
typedef struct dso_meth_st {
const char *name;
/* Loads a shared library, NB: new DSO_METHODs must ensure that a
/*
* Loads a shared library, NB: new DSO_METHODs must ensure that a
* successful load populates the loaded_filename field, and likewise a
* successful unload OPENSSL_frees and NULLs it out. */
* successful unload OPENSSL_frees and NULLs it out.
*/
int (*dso_load) (DSO *dso);
/* Unloads a shared library */
int (*dso_unload) (DSO *dso);
/* Binds a variable */
void *(*dso_bind_var) (DSO *dso, const char *symname);
/* Binds a function - assumes a return type of DSO_FUNC_TYPE.
* This should be cast to the real function prototype by the
* caller. Platforms that don't have compatible representations
* for different prototypes (this is possible within ANSI C)
* are highly unlikely to have shared libraries at all, let
* alone a DSO_METHOD implemented for them. */
/*
* Binds a function - assumes a return type of DSO_FUNC_TYPE. This should
* be cast to the real function prototype by the caller. Platforms that
* don't have compatible representations for different prototypes (this
* is possible within ANSI C) are highly unlikely to have shared
* libraries at all, let alone a DSO_METHOD implemented for them.
*/
DSO_FUNC_TYPE (*dso_bind_func) (DSO *dso, const char *symname);
/* I don't think this would actually be used in any circumstances. */
# if 0
/* Unbinds a variable */
@@ -157,20 +164,24 @@ typedef struct dso_meth_st
/* Unbinds a function */
int (*dso_unbind_func) (DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
# endif
/* The generic (yuck) "ctrl()" function. NB: Negative return
* values (rather than zero) indicate errors. */
/*
* The generic (yuck) "ctrl()" function. NB: Negative return values
* (rather than zero) indicate errors.
*/
long (*dso_ctrl) (DSO *dso, int cmd, long larg, void *parg);
/* The default DSO_METHOD-specific function for converting filenames to
* a canonical native form. */
/*
* The default DSO_METHOD-specific function for converting filenames to a
* canonical native form.
*/
DSO_NAME_CONVERTER_FUNC dso_name_converter;
/* The default DSO_METHOD-specific function for converting filenames to
* a canonical native form. */
/*
* The default DSO_METHOD-specific function for converting filenames to a
* canonical native form.
*/
DSO_MERGER_FUNC dso_merger;
/* [De]Initialisation handlers. */
int (*init) (DSO *dso);
int (*finish) (DSO *dso);
/* Return pathname of the module containing location */
int (*pathbyaddr) (void *addr, char *path, int sz);
/* Perform global symbol lookup, i.e. among *all* modules */
@@ -180,44 +191,53 @@ typedef struct dso_meth_st
/**********************************************************************/
/* The low-level handle type used to refer to a loaded shared library */
struct dso_st
{
struct dso_st {
DSO_METHOD *meth;
/* Standard dlopen uses a (void *). Win32 uses a HANDLE. VMS
* doesn't use anything but will need to cache the filename
* for use in the dso_bind handler. All in all, let each
* method control its own destiny. "Handles" and such go in
* a STACK. */
/*
* Standard dlopen uses a (void *). Win32 uses a HANDLE. VMS doesn't use
* anything but will need to cache the filename for use in the dso_bind
* handler. All in all, let each method control its own destiny.
* "Handles" and such go in a STACK.
*/
STACK_OF(void) *meth_data;
int references;
int flags;
/* For use by applications etc ... use this for your bits'n'pieces,
* don't touch meth_data! */
/*
* For use by applications etc ... use this for your bits'n'pieces, don't
* touch meth_data!
*/
CRYPTO_EX_DATA ex_data;
/* If this callback function pointer is set to non-NULL, then it will
* be used in DSO_load() in place of meth->dso_name_converter. NB: This
* should normally set using DSO_set_name_converter(). */
/*
* If this callback function pointer is set to non-NULL, then it will be
* used in DSO_load() in place of meth->dso_name_converter. NB: This
* should normally set using DSO_set_name_converter().
*/
DSO_NAME_CONVERTER_FUNC name_converter;
/* If this callback function pointer is set to non-NULL, then it will
* be used in DSO_load() in place of meth->dso_merger. NB: This
* should normally set using DSO_set_merger(). */
/*
* If this callback function pointer is set to non-NULL, then it will be
* used in DSO_load() in place of meth->dso_merger. NB: This should
* normally set using DSO_set_merger().
*/
DSO_MERGER_FUNC merger;
/* This is populated with (a copy of) the platform-independant
* filename used for this DSO. */
/*
* This is populated with (a copy of) the platform-independant filename
* used for this DSO.
*/
char *filename;
/* This is populated with (a copy of) the translated filename by which
/*
* This is populated with (a copy of) the translated filename by which
* the DSO was actually loaded. It is NULL iff the DSO is not currently
* loaded. NB: This is here because the filename translation process
* may involve a callback being invoked more than once not only to
* convert to a platform-specific form, but also to try different
* filenames in the process of trying to perform a load. As such, this
* variable can be used to indicate (a) whether this DSO structure
* corresponds to a loaded library or not, and (b) the filename with
* which it was actually loaded. */
* loaded. NB: This is here because the filename translation process may
* involve a callback being invoked more than once not only to convert to
* a platform-specific form, but also to try different filenames in the
* process of trying to perform a load. As such, this variable can be
* used to indicate (a) whether this DSO structure corresponds to a
* loaded library or not, and (b) the filename with which it was actually
* loaded.
*/
char *loaded_filename;
};
DSO *DSO_new(void);
DSO *DSO_new_method(DSO_METHOD *method);
int DSO_free(DSO *dso);
@@ -225,37 +245,47 @@ int DSO_flags(DSO *dso);
int DSO_up_ref(DSO *dso);
long DSO_ctrl(DSO *dso, int cmd, long larg, void *parg);
/* This function sets the DSO's name_converter callback. If it is non-NULL,
/*
* This function sets the DSO's name_converter callback. If it is non-NULL,
* then it will be used instead of the associated DSO_METHOD's function. If
* oldcb is non-NULL then it is set to the function pointer value being
* replaced. Return value is non-zero for success. */
* replaced. Return value is non-zero for success.
*/
int DSO_set_name_converter(DSO *dso, DSO_NAME_CONVERTER_FUNC cb,
DSO_NAME_CONVERTER_FUNC *oldcb);
/* These functions can be used to get/set the platform-independant filename
* used for a DSO. NB: set will fail if the DSO is already loaded. */
/*
* These functions can be used to get/set the platform-independant filename
* used for a DSO. NB: set will fail if the DSO is already loaded.
*/
const char *DSO_get_filename(DSO *dso);
int DSO_set_filename(DSO *dso, const char *filename);
/* This function will invoke the DSO's name_converter callback to translate a
/*
* This function will invoke the DSO's name_converter callback to translate a
* filename, or if the callback isn't set it will instead use the DSO_METHOD's
* converter. If "filename" is NULL, the "filename" in the DSO itself will be
* used. If the DSO_FLAG_NO_NAME_TRANSLATION flag is set, then the filename is
* simply duplicated. NB: This function is usually called from within a
* DSO_METHOD during the processing of a DSO_load() call, and is exposed so that
* caller-created DSO_METHODs can do the same thing. A non-NULL return value
* will need to be OPENSSL_free()'d. */
* DSO_METHOD during the processing of a DSO_load() call, and is exposed so
* that caller-created DSO_METHODs can do the same thing. A non-NULL return
* value will need to be OPENSSL_free()'d.
*/
char *DSO_convert_filename(DSO *dso, const char *filename);
/* This function will invoke the DSO's merger callback to merge two file
/*
* This function will invoke the DSO's merger callback to merge two file
* specifications, or if the callback isn't set it will instead use the
* DSO_METHOD's merger. A non-NULL return value will need to be
* OPENSSL_free()'d. */
* OPENSSL_free()'d.
*/
char *DSO_merge(DSO *dso, const char *filespec1, const char *filespec2);
/* If the DSO is currently loaded, this returns the filename that it was loaded
* under, otherwise it returns NULL. So it is also useful as a test as to
* whether the DSO is currently loaded. NB: This will not necessarily return
* the same value as DSO_convert_filename(dso, dso->filename), because the
* DSO_METHOD's load function may have tried a variety of filenames (with
/*
* If the DSO is currently loaded, this returns the filename that it was
* loaded under, otherwise it returns NULL. So it is also useful as a test as
* to whether the DSO is currently loaded. NB: This will not necessarily
* return the same value as DSO_convert_filename(dso, dso->filename), because
* the DSO_METHOD's load function may have tried a variety of filenames (with
* and/or without the aid of the converters) before settling on the one it
* actually loaded. */
* actually loaded.
*/
const char *DSO_get_loaded_filename(DSO *dso);
void DSO_set_default_method(DSO_METHOD *meth);
@@ -263,11 +293,13 @@ DSO_METHOD *DSO_get_default_method(void);
DSO_METHOD *DSO_get_method(DSO *dso);
DSO_METHOD *DSO_set_method(DSO *dso, DSO_METHOD *meth);
/* The all-singing all-dancing load function, you normally pass NULL
* for the first and third parameters. Use DSO_up and DSO_free for
* subsequent reference count handling. Any flags passed in will be set
* in the constructed DSO after its init() function but before the
* load operation. If 'dso' is non-NULL, 'flags' is ignored. */
/*
* The all-singing all-dancing load function, you normally pass NULL for the
* first and third parameters. Use DSO_up and DSO_free for subsequent
* reference count handling. Any flags passed in will be set in the
* constructed DSO after its init() function but before the load operation.
* If 'dso' is non-NULL, 'flags' is ignored.
*/
DSO *DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags);
/* This function binds to a variable inside a shared library. */
@@ -276,23 +308,31 @@ void *DSO_bind_var(DSO *dso, const char *symname);
/* This function binds to a function inside a shared library. */
DSO_FUNC_TYPE DSO_bind_func(DSO *dso, const char *symname);
/* This method is the default, but will beg, borrow, or steal whatever
* method should be the default on any particular platform (including
* DSO_METH_null() if necessary). */
/*
* This method is the default, but will beg, borrow, or steal whatever method
* should be the default on any particular platform (including
* DSO_METH_null() if necessary).
*/
DSO_METHOD *DSO_METHOD_openssl(void);
/* This method is defined for all platforms - if a platform has no
* DSO support then this will be the only method! */
/*
* This method is defined for all platforms - if a platform has no DSO
* support then this will be the only method!
*/
DSO_METHOD *DSO_METHOD_null(void);
/* If DSO_DLFCN is defined, the standard dlfcn.h-style functions
* (dlopen, dlclose, dlsym, etc) will be used and incorporated into
* this method. If not, this method will return NULL. */
/*
* If DSO_DLFCN is defined, the standard dlfcn.h-style functions (dlopen,
* dlclose, dlsym, etc) will be used and incorporated into this method. If
* not, this method will return NULL.
*/
DSO_METHOD *DSO_METHOD_dlfcn(void);
/* If DSO_DL is defined, the standard dl.h-style functions (shl_load,
* shl_unload, shl_findsym, etc) will be used and incorporated into
* this method. If not, this method will return NULL. */
/*
* If DSO_DL is defined, the standard dl.h-style functions (shl_load,
* shl_unload, shl_findsym, etc) will be used and incorporated into this
* method. If not, this method will return NULL.
*/
DSO_METHOD *DSO_METHOD_dl(void);
/* If WIN32 is defined, use DLLs. If not, return NULL. */
@@ -301,32 +341,34 @@ DSO_METHOD *DSO_METHOD_win32(void);
/* If VMS is defined, use shared images. If not, return NULL. */
DSO_METHOD *DSO_METHOD_vms(void);
/* This function writes null-terminated pathname of DSO module
* containing 'addr' into 'sz' large caller-provided 'path' and
* returns the number of characters [including trailing zero]
* written to it. If 'sz' is 0 or negative, 'path' is ignored and
* required amount of charachers [including trailing zero] to
* accomodate pathname is returned. If 'addr' is NULL, then
* pathname of cryptolib itself is returned. Negative or zero
* return value denotes error.
/*
* This function writes null-terminated pathname of DSO module containing
* 'addr' into 'sz' large caller-provided 'path' and returns the number of
* characters [including trailing zero] written to it. If 'sz' is 0 or
* negative, 'path' is ignored and required amount of charachers [including
* trailing zero] to accomodate pathname is returned. If 'addr' is NULL, then
* pathname of cryptolib itself is returned. Negative or zero return value
* denotes error.
*/
int DSO_pathbyaddr(void *addr, char *path, int sz);
/* This function should be used with caution! It looks up symbols in
* *all* loaded modules and if module gets unloaded by somebody else
* attempt to dereference the pointer is doomed to have fatal
* consequences. Primary usage for this function is to probe *core*
* system functionality, e.g. check if getnameinfo(3) is available
* at run-time without bothering about OS-specific details such as
* libc.so.versioning or where does it actually reside: in libc
* itself or libsocket. */
/*
* This function should be used with caution! It looks up symbols in *all*
* loaded modules and if module gets unloaded by somebody else attempt to
* dereference the pointer is doomed to have fatal consequences. Primary
* usage for this function is to probe *core* system functionality, e.g.
* check if getnameinfo(3) is available at run-time without bothering about
* OS-specific details such as libc.so.versioning or where does it actually
* reside: in libc itself or libsocket.
*/
void *DSO_global_lookup(const char *name);
/* If BeOS is defined, use shared images. If not, return NULL. */
DSO_METHOD *DSO_METHOD_beos(void);
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_DSO_strings(void);

93
libs/openssl/include/openssl/dtls1.h
View File

@@ -84,8 +84,15 @@ extern "C" {
#endif
# define DTLS1_VERSION 0xFEFF
# define DTLS1_2_VERSION 0xFEFD
# define DTLS_MAX_VERSION DTLS1_2_VERSION
# define DTLS1_VERSION_MAJOR 0xFE
# define DTLS1_BAD_VER 0x0100
/* Special value for method supporting multiple versions */
# define DTLS_ANY_VERSION 0x1FFFF
# if 0
/* this alert description is not specified anywhere... */
# define DTLS1_AD_MISSING_HANDSHAKE_MESSAGE 110
@@ -115,17 +122,17 @@ extern "C" {
# define DTLS1_SCTP_AUTH_LABEL "EXPORTER_DTLS_OVER_SCTP"
# endif
typedef struct dtls1_bitmap_st
{
unsigned long map; /* track 32 packets on 32-bit systems
and 64 - on 64-bit systems */
unsigned char max_seq_num[8]; /* max record number seen so far,
64-bit value in big-endian
encoding */
/* Max MTU overhead we know about so far is 40 for IPv6 + 8 for UDP */
# define DTLS1_MAX_MTU_OVERHEAD 48
typedef struct dtls1_bitmap_st {
unsigned long map; /* track 32 packets on 32-bit systems and 64
* - on 64-bit systems */
unsigned char max_seq_num[8]; /* max record number seen so far, 64-bit
* value in big-endian encoding */
} DTLS1_BITMAP;
struct dtls1_retransmit_state
{
struct dtls1_retransmit_state {
EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */
EVP_MD_CTX *write_hash; /* used for mac generation */
# ifndef OPENSSL_NO_COMP
@@ -137,8 +144,7 @@ struct dtls1_retransmit_state
unsigned short epoch;
};
struct hm_header_st
{
struct hm_header_st {
unsigned char type;
unsigned long msg_len;
unsigned short seq;
@@ -148,44 +154,36 @@ struct hm_header_st
struct dtls1_retransmit_state saved_retransmit_state;
};
struct ccs_header_st
{
struct ccs_header_st {
unsigned char type;
unsigned short seq;
};
struct dtls1_timeout_st
{
struct dtls1_timeout_st {
/* Number of read timeouts so far */
unsigned int read_timeouts;
/* Number of write timeouts so far */
unsigned int write_timeouts;
/* Number of alerts received so far */
unsigned int num_alerts;
};
typedef struct record_pqueue_st
{
typedef struct record_pqueue_st {
unsigned short epoch;
pqueue q;
} record_pqueue;
typedef struct hm_fragment_st
{
typedef struct hm_fragment_st {
struct hm_header_st msg_header;
unsigned char *fragment;
unsigned char *reassembly;
} hm_fragment;
typedef struct dtls1_state_st
{
typedef struct dtls1_state_st {
unsigned int send_cookie;
unsigned char cookie[DTLS1_COOKIE_LENGTH];
unsigned char rcvd_cookie[DTLS1_COOKIE_LENGTH];
unsigned int cookie_len;
/*
* The current data and handshake epoch. This is initially
* undefined, and starts at zero once the initial handshake is
@@ -193,76 +191,64 @@ typedef struct dtls1_state_st
*/
unsigned short r_epoch;
unsigned short w_epoch;
/* records being received in the current epoch */
DTLS1_BITMAP bitmap;
/* renegotiation starts a new set of sequence numbers */
DTLS1_BITMAP next_bitmap;
/* handshake message numbers */
unsigned short handshake_write_seq;
unsigned short next_handshake_write_seq;
unsigned short handshake_read_seq;
/* save last sequence number for retransmissions */
unsigned char last_write_sequence[8];
/* Received handshake records (processed and unprocessed) */
record_pqueue unprocessed_rcds;
record_pqueue processed_rcds;
/* Buffered handshake messages */
pqueue buffered_messages;
/* Buffered (sent) handshake records */
pqueue sent_messages;
/* Buffered application records.
* Only for records between CCS and Finished
* to prevent either protocol violation or
* unnecessary message loss.
/*
* Buffered application records. Only for records between CCS and
* Finished to prevent either protocol violation or unnecessary message
* loss.
*/
record_pqueue buffered_app_data;
/* Is set when listening for new connections with dtls1_listen() */
unsigned int listen;
unsigned int link_mtu; /* max on-the-wire DTLS packet size */
unsigned int mtu; /* max DTLS packet size */
struct hm_header_st w_msg_hdr;
struct hm_header_st r_msg_hdr;
struct dtls1_timeout_st timeout;
/* Indicates when the last handshake msg or heartbeat sent will timeout */
/*
* Indicates when the last handshake msg or heartbeat sent will timeout
*/
struct timeval next_timeout;
/* Timeout duration */
unsigned short timeout_duration;
/* storage for Alert/Handshake protocol data received but not
* yet processed by ssl3_read_bytes: */
/*
* storage for Alert/Handshake protocol data received but not yet
* processed by ssl3_read_bytes:
*/
unsigned char alert_fragment[DTLS1_AL_HEADER_LENGTH];
unsigned int alert_fragment_len;
unsigned char handshake_fragment[DTLS1_HM_HEADER_LENGTH];
unsigned int handshake_fragment_len;
unsigned int retransmitting;
/*
* Set when the handshake is ready to process peer's ChangeCipherSpec message.
* Cleared after the message has been processed.
*/
unsigned int change_cipher_spec_ok;
# ifndef OPENSSL_NO_SCTP
/* used when SSL_ST_XX_FLUSH is entered */
int next_state;
int shutdown_received;
# endif
} DTLS1_STATE;
typedef struct dtls1_record_data_st
{
typedef struct dtls1_record_data_st {
unsigned char *packet;
unsigned int packet_length;
SSL3_BUFFER rbuf;
@@ -284,4 +270,3 @@ typedef struct dtls1_record_data_st
}
#endif
#endif

107
libs/openssl/include/openssl/e_os2.h
View File

@@ -70,34 +70,38 @@ extern "C" {
# define OPENSSL_SYS_UNIX
/* ----------------------- Macintosh, before MacOS X ----------------------- */
/* ---------------------- Macintosh, before MacOS X ----------------------- */
# if defined(__MWERKS__) && defined(macintosh) || defined(OPENSSL_SYSNAME_MAC)
# undef OPENSSL_SYS_UNIX
# define OPENSSL_SYS_MACINTOSH_CLASSIC
# endif
/* ----------------------- NetWare ----------------------------------------- */
/* ---------------------- NetWare ----------------------------------------- */
# if defined(NETWARE) || defined(OPENSSL_SYSNAME_NETWARE)
# undef OPENSSL_SYS_UNIX
# define OPENSSL_SYS_NETWARE
# endif
/* ---------------------- Microsoft operating systems ---------------------- */
/* --------------------- Microsoft operating systems ---------------------- */
/* Note that MSDOS actually denotes 32-bit environments running on top of
MS-DOS, such as DJGPP one. */
/*
* Note that MSDOS actually denotes 32-bit environments running on top of
* MS-DOS, such as DJGPP one.
*/
# if defined(OPENSSL_SYSNAME_MSDOS)
# undef OPENSSL_SYS_UNIX
# define OPENSSL_SYS_MSDOS
# endif
/* For 32 bit environment, there seems to be the CygWin environment and then
all the others that try to do the same thing Microsoft does... */
/*
* For 32 bit environment, there seems to be the CygWin environment and then
* all the others that try to do the same thing Microsoft does...
*/
# if defined(OPENSSL_SYSNAME_UWIN)
# undef OPENSSL_SYS_UNIX
# define OPENSSL_SYS_WIN32_UWIN
# else
# if defined(__CYGWIN32__) || defined(OPENSSL_SYSNAME_CYGWIN32)
# if defined(__CYGWIN__) || defined(OPENSSL_SYSNAME_CYGWIN)
# undef OPENSSL_SYS_UNIX
# define OPENSSL_SYS_WIN32_CYGWIN
# else
@@ -105,6 +109,12 @@ extern "C" {
# undef OPENSSL_SYS_UNIX
# define OPENSSL_SYS_WIN32
# endif
# if defined(_WIN64) || defined(OPENSSL_SYSNAME_WIN64)
# undef OPENSSL_SYS_UNIX
# if !defined(OPENSSL_SYS_WIN64)
# define OPENSSL_SYS_WIN64
# endif
# endif
# if defined(OPENSSL_SYSNAME_WINNT)
# undef OPENSSL_SYS_UNIX
# define OPENSSL_SYS_WINNT
@@ -117,7 +127,7 @@ extern "C" {
# endif
/* Anything that tries to look like Microsoft is "Windows" */
#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WINNT) || defined(OPENSSL_SYS_WINCE)
# if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN64) || defined(OPENSSL_SYS_WINNT) || defined(OPENSSL_SYS_WINCE)
# undef OPENSSL_SYS_UNIX
# define OPENSSL_SYS_WINDOWS
# ifndef OPENSSL_SYS_MSDOS
@@ -125,19 +135,21 @@ extern "C" {
# endif
# endif
/* DLL settings. This part is a bit tough, because it's up to the application
implementor how he or she will link the application, so it requires some
macro to be used. */
/*
* DLL settings. This part is a bit tough, because it's up to the
* application implementor how he or she will link the application, so it
* requires some macro to be used.
*/
# ifdef OPENSSL_SYS_WINDOWS
# ifndef OPENSSL_OPT_WINDLL
# if defined(_WINDLL) /* This is used when building OpenSSL to indicate that
DLL linkage should be used */
# if defined(_WINDLL) /* This is used when building OpenSSL to
* indicate that DLL linkage should be used */
# define OPENSSL_OPT_WINDLL
# endif
# endif
# endif
/* -------------------------------- OpenVMS -------------------------------- */
/* ------------------------------- OpenVMS -------------------------------- */
# if defined(__VMS) || defined(VMS) || defined(OPENSSL_SYSNAME_VMS)
# undef OPENSSL_SYS_UNIX
# define OPENSSL_SYS_VMS
@@ -151,13 +163,13 @@ extern "C" {
# endif
# endif
/* --------------------------------- OS/2 ---------------------------------- */
/* -------------------------------- OS/2 ---------------------------------- */
# if defined(__EMX__) || defined(__OS2__)
# undef OPENSSL_SYS_UNIX
# define OPENSSL_SYS_OS2
# endif
/* --------------------------------- Unix ---------------------------------- */
/* -------------------------------- Unix ---------------------------------- */
# ifdef OPENSSL_SYS_UNIX
# if defined(linux) || defined(__linux__) || defined(OPENSSL_SYSNAME_LINUX)
# define OPENSSL_SYS_LINUX
@@ -192,7 +204,7 @@ extern "C" {
# endif
# endif
/* --------------------------------- VOS ----------------------------------- */
/* -------------------------------- VOS ----------------------------------- */
# if defined(__VOS__) || defined(OPENSSL_SYSNAME_VOS)
# define OPENSSL_SYS_VOS
# ifdef __HPPA__
@@ -203,12 +215,12 @@ extern "C" {
# endif
# endif
/* ------------------------------- VxWorks --------------------------------- */
/* ------------------------------ VxWorks --------------------------------- */
# ifdef OPENSSL_SYSNAME_VXWORKS
# define OPENSSL_SYS_VXWORKS
# endif
/* --------------------------------- BeOS ---------------------------------- */
/* -------------------------------- BeOS ---------------------------------- */
# if defined(__BEOS__)
# define OPENSSL_SYS_BEOS
# include <sys/socket.h>
@@ -223,7 +235,6 @@ extern "C" {
* That's it for OS-specific stuff
*****************************************************************************/
/* Specials for I/O an exit */
# ifdef OPENSSL_SYS_MSDOS
# define OPENSSL_UNISTD_IO <io.h>
@@ -233,23 +244,24 @@ extern "C" {
# define OPENSSL_DECLARE_EXIT /* declared in unistd.h */
# endif
/* Definitions of OPENSSL_GLOBAL and OPENSSL_EXTERN, to define and declare
certain global symbols that, with some compilers under VMS, have to be
defined and declared explicitely with globaldef and globalref.
Definitions of OPENSSL_EXPORT and OPENSSL_IMPORT, to define and declare
DLL exports and imports for compilers under Win32. These are a little
more complicated to use. Basically, for any library that exports some
global variables, the following code must be present in the header file
that declares them, before OPENSSL_EXTERN is used:
#ifdef SOME_BUILD_FLAG_MACRO
# undef OPENSSL_EXTERN
# define OPENSSL_EXTERN OPENSSL_EXPORT
#endif
The default is to have OPENSSL_EXPORT, OPENSSL_IMPORT and OPENSSL_GLOBAL
have some generally sensible values, and for OPENSSL_EXTERN to have the
value OPENSSL_IMPORT.
/*-
* Definitions of OPENSSL_GLOBAL and OPENSSL_EXTERN, to define and declare
* certain global symbols that, with some compilers under VMS, have to be
* defined and declared explicitely with globaldef and globalref.
* Definitions of OPENSSL_EXPORT and OPENSSL_IMPORT, to define and declare
* DLL exports and imports for compilers under Win32. These are a little
* more complicated to use. Basically, for any library that exports some
* global variables, the following code must be present in the header file
* that declares them, before OPENSSL_EXTERN is used:
*
* #ifdef SOME_BUILD_FLAG_MACRO
* # undef OPENSSL_EXTERN
* # define OPENSSL_EXTERN OPENSSL_EXPORT
* #endif
*
* The default is to have OPENSSL_EXPORT, OPENSSL_IMPORT and OPENSSL_GLOBAL
* have some generally sensible values, and for OPENSSL_EXTERN to have the
* value OPENSSL_IMPORT.
*/
# if defined(OPENSSL_SYS_VMS_NODECC)
@@ -267,15 +279,16 @@ extern "C" {
# endif
# define OPENSSL_EXTERN OPENSSL_IMPORT
/* Macros to allow global variables to be reached through function calls when
required (if a shared library version requires it, for example.
The way it's done allows definitions like this:
// in foobar.c
OPENSSL_IMPLEMENT_GLOBAL(int,foobar,0)
// in foobar.h
OPENSSL_DECLARE_GLOBAL(int,foobar);
#define foobar OPENSSL_GLOBAL_REF(foobar)
/*-
* Macros to allow global variables to be reached through function calls when
* required (if a shared library version requires it, for example.
* The way it's done allows definitions like this:
*
* // in foobar.c
* OPENSSL_IMPLEMENT_GLOBAL(int,foobar,0)
* // in foobar.h
* OPENSSL_DECLARE_GLOBAL(int,foobar);
* #define foobar OPENSSL_GLOBAL_REF(foobar)
*/
# ifdef OPENSSL_EXPORT_VAR_AS_FUNCTION
# define OPENSSL_IMPLEMENT_GLOBAL(type,name,value) \

7
libs/openssl/include/openssl/ebcdic.h
View File

@@ -5,6 +5,10 @@
# include <sys/types.h>
#ifdef __cplusplus
extern "C" {
#endif
/* Avoid name clashes with other applications */
# define os_toascii _openssl_os_toascii
# define os_toebcdic _openssl_os_toebcdic
@@ -16,4 +20,7 @@ extern const unsigned char os_toebcdic[256];
void *ebcdic2ascii(void *dest, const void *srce, size_t count);
void *ascii2ebcdic(void *dest, const void *srce, size_t count);
#ifdef __cplusplus
}
#endif
#endif

223
libs/openssl/include/openssl/ec.h
View File

@@ -96,7 +96,6 @@ extern "C" {
# endif
# endif
# ifndef OPENSSL_ECC_MAX_FIELD_BITS
# define OPENSSL_ECC_MAX_FIELD_BITS 661
# endif
@@ -107,18 +106,17 @@ typedef enum {
/** the point is encoded as z||x, where the octet z specifies
* which solution of the quadratic equation y is */
POINT_CONVERSION_COMPRESSED = 2,
/** the point is encoded as z||x||y, where z is the octet 0x02 */
/** the point is encoded as z||x||y, where z is the octet 0x04 */
POINT_CONVERSION_UNCOMPRESSED = 4,
/** the point is encoded as z||x||y, where the octet z specifies
* which solution of the quadratic equation y is */
POINT_CONVERSION_HYBRID = 6
} point_conversion_form_t;
typedef struct ec_method_st EC_METHOD;
typedef struct ec_group_st
/*
/*-
EC_METHOD *meth;
-- field definition
-- curve coefficients
@@ -130,7 +128,6 @@ typedef struct ec_group_st
typedef struct ec_point_st EC_POINT;
/********************************************************************/
/* EC_METHODs for curves over GF(p) */
/********************************************************************/
@@ -180,7 +177,6 @@ const EC_METHOD *EC_GF2m_simple_method(void);
# endif
/********************************************************************/
/* EC_GROUP functions */
/********************************************************************/
@@ -235,7 +231,8 @@ int EC_METHOD_get_field_type(const EC_METHOD *meth);
* in the group of all points on the elliptic curve.
* \return 1 on success and 0 if an error occured
*/
int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor);
int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
const BIGNUM *order, const BIGNUM *cofactor);
/** Returns the generator of a EC_GROUP object.
* \param group EC_GROUP object
@@ -243,6 +240,12 @@ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, const BIG
*/
const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
/** Returns the montgomery data for order(Generator)
* \param group EC_GROUP object
* \return the currently used generator (possibly NULL).
*/
BN_MONT_CTX *EC_GROUP_get_mont_data(const EC_GROUP *group);
/** Gets the order of a EC_GROUP
* \param group EC_GROUP object
* \param order BIGNUM to which the order is copied
@@ -257,7 +260,8 @@ int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
*/
int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor,
BN_CTX *ctx);
/** Sets the name of a EC_GROUP object
* \param group EC_GROUP object
@@ -274,7 +278,8 @@ int EC_GROUP_get_curve_name(const EC_GROUP *group);
void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
void EC_GROUP_set_point_conversion_form(EC_GROUP *group, point_conversion_form_t form);
void EC_GROUP_set_point_conversion_form(EC_GROUP *group,
point_conversion_form_t form);
point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
@@ -289,7 +294,8 @@ size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
*/
int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
const BIGNUM *b, BN_CTX *ctx);
/** Gets the parameter of the ec over GFp defined by y^2 = x^3 + a*x + b
* \param group EC_GROUP object
@@ -299,7 +305,8 @@ int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, co
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
*/
int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a,
BIGNUM *b, BN_CTX *ctx);
# ifndef OPENSSL_NO_EC2M
/** Sets the parameter of a ec over GF2m defined by y^2 + x*y = x^3 + a*x^2 + b
@@ -310,7 +317,8 @@ int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
*/
int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
const BIGNUM *b, BN_CTX *ctx);
/** Gets the parameter of the ec over GF2m defined by y^2 + x*y = x^3 + a*x^2 + b
* \param group EC_GROUP object
@@ -320,7 +328,8 @@ int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, c
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
*/
int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p, BIGNUM *a,
BIGNUM *b, BN_CTX *ctx);
# endif
/** Returns the number of bits needed to represent a field element
* \param group EC_GROUP object
@@ -350,8 +359,10 @@ int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
*/
int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
/* EC_GROUP_new_GF*() calls EC_GROUP_new() and EC_GROUP_set_GF*()
* after choosing an appropriate EC_METHOD */
/*
* EC_GROUP_new_GF*() calls EC_GROUP_new() and EC_GROUP_set_GF*() after
* choosing an appropriate EC_METHOD
*/
/** Creates a new EC_GROUP object with the specified parameters defined
* over GFp (defined by the equation y^2 = x^3 + a*x + b)
@@ -361,7 +372,8 @@ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
* \param ctx BN_CTX object (optional)
* \return newly created EC_GROUP object with the specified parameters
*/
EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a,
const BIGNUM *b, BN_CTX *ctx);
# ifndef OPENSSL_NO_EC2M
/** Creates a new EC_GROUP object with the specified parameters defined
* over GF2m (defined by the equation y^2 + x*y = x^3 + a*x^2 + b)
@@ -371,7 +383,8 @@ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM
* \param ctx BN_CTX object (optional)
* \return newly created EC_GROUP object with the specified parameters
*/
EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a,
const BIGNUM *b, BN_CTX *ctx);
# endif
/** Creates a EC_GROUP object with a curve specified by a NID
* \param nid NID of the OID of the curve name
@@ -380,7 +393,6 @@ EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a, const BIGNUM
*/
EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
/********************************************************************/
/* handling of internal curves */
/********************************************************************/
@@ -390,12 +402,16 @@ typedef struct {
const char *comment;
} EC_builtin_curve;
/* EC_builtin_curves(EC_builtin_curve *r, size_t size) returns number
* of all available curves or zero if a error occurred.
* In case r ist not zero nitems EC_builtin_curve structures
* are filled with the data of the first nitems internal groups */
/*
* EC_builtin_curves(EC_builtin_curve *r, size_t size) returns number of all
* available curves or zero if a error occurred. In case r ist not zero
* nitems EC_builtin_curve structures are filled with the data of the first
* nitems internal groups
*/
size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems);
const char *EC_curve_nid2nist(int nid);
int EC_curve_nist2nid(const char *name);
/********************************************************************/
/* EC_POINT functions */
@@ -454,8 +470,10 @@ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
*/
int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *ctx);
int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
EC_POINT *p, const BIGNUM *x,
const BIGNUM *y, const BIGNUM *z,
BN_CTX *ctx);
/** Gets the jacobian projective coordinates of a EC_POINT over GFp
* \param group underlying EC_GROUP object
@@ -467,7 +485,9 @@ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
* \return 1 on success and 0 if an error occured
*/
int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
const EC_POINT *p, BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *ctx);
const EC_POINT *p, BIGNUM *x,
BIGNUM *y, BIGNUM *z,
BN_CTX *ctx);
/** Sets the affine coordinates of a EC_POINT over GFp
* \param group underlying EC_GROUP object
@@ -478,7 +498,8 @@ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
* \return 1 on success and 0 if an error occured
*/
int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx);
const BIGNUM *x, const BIGNUM *y,
BN_CTX *ctx);
/** Gets the affine coordinates of a EC_POINT over GFp
* \param group underlying EC_GROUP object
@@ -489,7 +510,8 @@ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
* \return 1 on success and 0 if an error occured
*/
int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
const EC_POINT *p, BIGNUM *x,
BIGNUM *y, BN_CTX *ctx);
/** Sets the x9.62 compressed coordinates of a EC_POINT over GFp
* \param group underlying EC_GROUP object
@@ -499,8 +521,9 @@ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
*/
int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
const BIGNUM *x, int y_bit, BN_CTX *ctx);
int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
EC_POINT *p, const BIGNUM *x,
int y_bit, BN_CTX *ctx);
# ifndef OPENSSL_NO_EC2M
/** Sets the affine coordinates of a EC_POINT over GF2m
* \param group underlying EC_GROUP object
@@ -511,7 +534,8 @@ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
* \return 1 on success and 0 if an error occured
*/
int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx);
const BIGNUM *x, const BIGNUM *y,
BN_CTX *ctx);
/** Gets the affine coordinates of a EC_POINT over GF2m
* \param group underlying EC_GROUP object
@@ -522,7 +546,8 @@ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
* \return 1 on success and 0 if an error occured
*/
int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
const EC_POINT *p, BIGNUM *x,
BIGNUM *y, BN_CTX *ctx);
/** Sets the x9.62 compressed coordinates of a EC_POINT over GF2m
* \param group underlying EC_GROUP object
@@ -532,8 +557,9 @@ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
*/
int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
const BIGNUM *x, int y_bit, BN_CTX *ctx);
int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
EC_POINT *p, const BIGNUM *x,
int y_bit, BN_CTX *ctx);
# endif
/** Encodes a EC_POINT object to a octet string
* \param group underlying EC_GROUP object
@@ -570,7 +596,6 @@ char *EC_POINT_point2hex(const EC_GROUP *, const EC_POINT *,
EC_POINT *EC_POINT_hex2point(const EC_GROUP *, const char *,
EC_POINT *, BN_CTX *);
/********************************************************************/
/* functions for doing EC_POINT arithmetic */
/********************************************************************/
@@ -583,7 +608,8 @@ EC_POINT *EC_POINT_hex2point(const EC_GROUP *, const char *,
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
*/
int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx);
int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
const EC_POINT *b, BN_CTX *ctx);
/** Computes the double of a EC_POINT
* \param group underlying EC_GROUP object
@@ -592,7 +618,8 @@ int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const EC
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
*/
int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx);
int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
BN_CTX *ctx);
/** Computes the inverse of a EC_POINT
* \param group underlying EC_GROUP object
@@ -615,7 +642,8 @@ int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *p);
* \param ctx BN_CTX object (optional)
* \return 1 if point if on the curve and 0 otherwise
*/
int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *ctx);
int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point,
BN_CTX *ctx);
/** Compares two EC_POINTs
* \param group underlying EC_GROUP object
@@ -624,12 +652,14 @@ int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *c
* \param ctx BN_CTX object (optional)
* \return 0 if both points are equal and a value != 0 otherwise
*/
int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx);
int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b,
BN_CTX *ctx);
int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx);
int EC_POINTs_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[], BN_CTX *ctx);
int EC_POINTs_make_affine(const EC_GROUP *group, size_t num,
EC_POINT *points[], BN_CTX *ctx);
/** Computes r = generator * n sum_{i=0}^num p[i] * m[i]
/** Computes r = generator * n sum_{i=0}^{num-1} p[i] * m[i]
* \param group underlying EC_GROUP object
* \param r EC_POINT object for the result
* \param n BIGNUM with the multiplier for the group generator (optional)
@@ -639,7 +669,9 @@ int EC_POINTs_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[],
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
*/
int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, size_t num, const EC_POINT *p[], const BIGNUM *m[], BN_CTX *ctx);
int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n,
size_t num, const EC_POINT *p[], const BIGNUM *m[],
BN_CTX *ctx);
/** Computes r = generator * n + q * m
* \param group underlying EC_GROUP object
@@ -650,7 +682,8 @@ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, size_t nu
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
*/
int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx);
int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n,
const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx);
/** Stores multiples of generator for faster point multiplication
* \param group EC_GROUP object
@@ -665,13 +698,14 @@ int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
*/
int EC_GROUP_have_precompute_mult(const EC_GROUP *group);
/********************************************************************/
/* ASN1 stuff */
/********************************************************************/
/* EC_GROUP_get_basis_type() returns the NID of the basis type
* used to represent the field elements */
/*
* EC_GROUP_get_basis_type() returns the NID of the basis type used to
* represent the field elements
*/
int EC_GROUP_get_basis_type(const EC_GROUP *);
# ifndef OPENSSL_NO_EC2M
int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
@@ -700,7 +734,6 @@ int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off);
int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off);
# endif
/********************************************************************/
/* EC_KEY functions */
/********************************************************************/
@@ -805,7 +838,9 @@ point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
/* functions to set/get method specific data */
void *EC_KEY_get_key_method_data(EC_KEY *key,
void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
void *(*dup_func) (void *),
void (*free_func) (void *),
void (*clear_free_func) (void *));
/** Sets the key method data of an EC_KEY object, if none has yet been set.
* \param key EC_KEY object
* \param data opaque data to install.
@@ -815,7 +850,9 @@ void *EC_KEY_get_key_method_data(EC_KEY *key,
* \return the previously set data pointer, or NULL if |data| was inserted.
*/
void *EC_KEY_insert_key_method_data(EC_KEY *key, void *data,
void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
void *(*dup_func) (void *),
void (*free_func) (void *),
void (*clear_free_func) (void *));
/* wrapper functions for the underlying EC_GROUP object */
void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
@@ -846,8 +883,8 @@ int EC_KEY_check_key(const EC_KEY *key);
* \param y public key y coordinate
* \return 1 on success and 0 otherwise.
*/
int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x,
BIGNUM *y);
/********************************************************************/
/* de- and encoding functions for SEC1 ECPrivateKey */
@@ -869,7 +906,6 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **key, const unsigned char **in, long len);
*/
int i2d_ECPrivateKey(EC_KEY *key, unsigned char **out);
/********************************************************************/
/* de- and encoding functions for EC parameters */
/********************************************************************/
@@ -891,7 +927,6 @@ EC_KEY *d2i_ECParameters(EC_KEY **key, const unsigned char **in, long len);
*/
int i2d_ECParameters(EC_KEY *key, unsigned char **out);
/********************************************************************/
/* de- and encoding functions for EC public key */
/* (octet string, not DER -- hence 'o2i' and 'i2o') */
@@ -960,14 +995,82 @@ int EC_KEY_print_fp(FILE *fp, const EC_KEY *key, int off);
# endif
# define EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, nid) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, EVP_PKEY_OP_PARAMGEN, \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN, \
EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID, nid, NULL)
# define EVP_PKEY_CTX_set_ec_param_enc(ctx, flag) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN, \
EVP_PKEY_CTRL_EC_PARAM_ENC, flag, NULL)
# define EVP_PKEY_CTX_set_ecdh_cofactor_mode(ctx, flag) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_EC_ECDH_COFACTOR, flag, NULL)
# define EVP_PKEY_CTX_get_ecdh_cofactor_mode(ctx) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_EC_ECDH_COFACTOR, -2, NULL)
# define EVP_PKEY_CTX_set_ecdh_kdf_type(ctx, kdf) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_EC_KDF_TYPE, kdf, NULL)
# define EVP_PKEY_CTX_get_ecdh_kdf_type(ctx) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_EC_KDF_TYPE, -2, NULL)
# define EVP_PKEY_CTX_set_ecdh_kdf_md(ctx, md) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_EC_KDF_MD, 0, (void *)md)
# define EVP_PKEY_CTX_get_ecdh_kdf_md(ctx, pmd) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_GET_EC_KDF_MD, 0, (void *)pmd)
# define EVP_PKEY_CTX_set_ecdh_kdf_outlen(ctx, len) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_EC_KDF_OUTLEN, len, NULL)
# define EVP_PKEY_CTX_get_ecdh_kdf_outlen(ctx, plen) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN, 0, (void *)plen)
# define EVP_PKEY_CTX_set0_ecdh_kdf_ukm(ctx, p, plen) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_EC_KDF_UKM, plen, (void *)p)
# define EVP_PKEY_CTX_get0_ecdh_kdf_ukm(ctx, p) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_GET_EC_KDF_UKM, 0, (void *)p)
# define EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID (EVP_PKEY_ALG_CTRL + 1)
# define EVP_PKEY_CTRL_EC_PARAM_ENC (EVP_PKEY_ALG_CTRL + 2)
# define EVP_PKEY_CTRL_EC_ECDH_COFACTOR (EVP_PKEY_ALG_CTRL + 3)
# define EVP_PKEY_CTRL_EC_KDF_TYPE (EVP_PKEY_ALG_CTRL + 4)
# define EVP_PKEY_CTRL_EC_KDF_MD (EVP_PKEY_ALG_CTRL + 5)
# define EVP_PKEY_CTRL_GET_EC_KDF_MD (EVP_PKEY_ALG_CTRL + 6)
# define EVP_PKEY_CTRL_EC_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 7)
# define EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 8)
# define EVP_PKEY_CTRL_EC_KDF_UKM (EVP_PKEY_ALG_CTRL + 9)
# define EVP_PKEY_CTRL_GET_EC_KDF_UKM (EVP_PKEY_ALG_CTRL + 10)
/* KDF types */
# define EVP_PKEY_ECDH_KDF_NONE 1
# define EVP_PKEY_ECDH_KDF_X9_62 2
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_EC_strings(void);
@@ -981,6 +1084,8 @@ void ERR_load_EC_strings(void);
# define EC_F_D2I_ECPKPARAMETERS 145
# define EC_F_D2I_ECPRIVATEKEY 146
# define EC_F_DO_EC_KEY_PRINT 221
# define EC_F_ECDH_CMS_DECRYPT 238
# define EC_F_ECDH_CMS_SET_SHARED_INFO 239
# define EC_F_ECKEY_PARAM2TYPE 223
# define EC_F_ECKEY_PARAM_DECODE 212
# define EC_F_ECKEY_PRIV_DECODE 213
@@ -992,6 +1097,12 @@ void ERR_load_EC_strings(void);
# define EC_F_ECPARAMETERS_PRINT_FP 148
# define EC_F_ECPKPARAMETERS_PRINT 149
# define EC_F_ECPKPARAMETERS_PRINT_FP 150
# define EC_F_ECP_NISTZ256_GET_AFFINE 240
# define EC_F_ECP_NISTZ256_MULT_PRECOMPUTE 243
# define EC_F_ECP_NISTZ256_POINTS_MUL 241
# define EC_F_ECP_NISTZ256_PRE_COMP_NEW 244
# define EC_F_ECP_NISTZ256_SET_WORDS 245
# define EC_F_ECP_NISTZ256_WINDOWED_MUL 242
# define EC_F_ECP_NIST_MOD_192 203
# define EC_F_ECP_NIST_MOD_224 204
# define EC_F_ECP_NIST_MOD_256 205
@@ -1131,6 +1242,7 @@ void ERR_load_EC_strings(void);
# define EC_R_INVALID_COMPRESSED_POINT 110
# define EC_R_INVALID_COMPRESSION_BIT 109
# define EC_R_INVALID_CURVE 141
# define EC_R_INVALID_DIGEST 151
# define EC_R_INVALID_DIGEST_TYPE 138
# define EC_R_INVALID_ENCODING 102
# define EC_R_INVALID_FIELD 103
@@ -1139,6 +1251,7 @@ void ERR_load_EC_strings(void);
# define EC_R_INVALID_PENTANOMIAL_BASIS 132
# define EC_R_INVALID_PRIVATE_KEY 123
# define EC_R_INVALID_TRINOMIAL_BASIS 137
# define EC_R_KDF_PARAMETER_ERROR 148
# define EC_R_KEYS_NOT_SET 140
# define EC_R_MISSING_PARAMETERS 124
# define EC_R_MISSING_PRIVATE_KEY 125
@@ -1149,9 +1262,11 @@ void ERR_load_EC_strings(void);
# define EC_R_NO_FIELD_MOD 133
# define EC_R_NO_PARAMETERS_SET 139
# define EC_R_PASSED_NULL_PARAMETER 134
# define EC_R_PEER_KEY_ERROR 149
# define EC_R_PKPARAMETERS2GROUP_FAILURE 127
# define EC_R_POINT_AT_INFINITY 106
# define EC_R_POINT_IS_NOT_ON_CURVE 107
# define EC_R_SHARED_INFO_ERROR 150
# define EC_R_SLOT_FULL 108
# define EC_R_UNDEFINED_GENERATOR 113
# define EC_R_UNDEFINED_ORDER 128

17
libs/openssl/include/openssl/ecdh.h
View File

@@ -85,23 +85,32 @@
extern "C" {
#endif
# define EC_FLAG_COFACTOR_ECDH 0x1000
const ECDH_METHOD *ECDH_OpenSSL(void);
void ECDH_set_default_method(const ECDH_METHOD *);
const ECDH_METHOD *ECDH_get_default_method(void);
int ECDH_set_method(EC_KEY *, const ECDH_METHOD *);
int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen));
int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
EC_KEY *ecdh, void *(*KDF) (const void *in, size_t inlen,
void *out, size_t *outlen));
int ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new
*new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
*new_func, CRYPTO_EX_dup *dup_func,
CRYPTO_EX_free *free_func);
int ECDH_set_ex_data(EC_KEY *d, int idx, void *arg);
void *ECDH_get_ex_data(EC_KEY *d, int idx);
int ECDH_KDF_X9_62(unsigned char *out, size_t outlen,
const unsigned char *Z, size_t Zlen,
const unsigned char *sinfo, size_t sinfolen,
const EVP_MD *md);
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_ECDH_strings(void);

97
libs/openssl/include/openssl/ecdsa.h
View File

@@ -75,8 +75,7 @@
extern "C" {
#endif
typedef struct ECDSA_SIG_st
{
typedef struct ECDSA_SIG_st {
BIGNUM *r;
BIGNUM *s;
} ECDSA_SIG;
@@ -115,7 +114,8 @@ ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
* \param eckey EC_KEY object containing a private EC key
* \return pointer to a ECDSA_SIG structure or NULL if an error occurred
*/
ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst,int dgst_len,EC_KEY *eckey);
ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len,
EC_KEY *eckey);
/** Computes ECDSA signature of a given hash value using the supplied
* private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
@@ -128,7 +128,8 @@ ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst,int dgst_len,EC_KEY *eckey);
* \return pointer to a ECDSA_SIG structure or NULL if an error occurred
*/
ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);
const BIGNUM *kinv, const BIGNUM *rp,
EC_KEY *eckey);
/** Verifies that the supplied signature is a valid ECDSA
* signature of the supplied hash value using the supplied public key.
@@ -174,8 +175,7 @@ int ECDSA_size(const EC_KEY *eckey);
* \param rp BIGNUM pointer for x coordinate of k * generator
* \return 1 on success and 0 otherwise
*/
int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv,
BIGNUM **rp);
int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **rp);
/** Computes ECDSA signature of a given hash value using the supplied
* private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
@@ -190,7 +190,6 @@ int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv,
int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
/** Computes ECDSA signature of a given hash value using the supplied
* private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
* \param type this parameter is ignored
@@ -205,8 +204,8 @@ int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
* \return 1 on success and 0 otherwise
*/
int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen,
unsigned char *sig, unsigned int *siglen, const BIGNUM *kinv,
const BIGNUM *rp, EC_KEY *eckey);
unsigned char *sig, unsigned int *siglen,
const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);
/** Verifies that the given signature is valid ECDSA signature
* of the supplied hash value using the specified public key.
@@ -224,13 +223,88 @@ int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
/* the standard ex_data functions */
int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new
*new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
*new_func, CRYPTO_EX_dup *dup_func,
CRYPTO_EX_free *free_func);
int ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg);
void *ECDSA_get_ex_data(EC_KEY *d, int idx);
/** Allocates and initialize a ECDSA_METHOD structure
* \param ecdsa_method pointer to ECDSA_METHOD to copy. (May be NULL)
* \return pointer to a ECDSA_METHOD structure or NULL if an error occurred
*/
ECDSA_METHOD *ECDSA_METHOD_new(const ECDSA_METHOD *ecdsa_method);
/** frees a ECDSA_METHOD structure
* \param ecdsa_method pointer to the ECDSA_METHOD structure
*/
void ECDSA_METHOD_free(ECDSA_METHOD *ecdsa_method);
/** Sets application specific data in the ECDSA_METHOD
* \param ecdsa_method pointer to existing ECDSA_METHOD
* \param app application specific data to set
*/
void ECDSA_METHOD_set_app_data(ECDSA_METHOD *ecdsa_method, void *app);
/** Returns application specific data from a ECDSA_METHOD structure
* \param ecdsa_method pointer to ECDSA_METHOD structure
* \return pointer to application specific data.
*/
void *ECDSA_METHOD_get_app_data(ECDSA_METHOD *ecdsa_method);
/** Set the ECDSA_do_sign function in the ECDSA_METHOD
* \param ecdsa_method pointer to existing ECDSA_METHOD
* \param ecdsa_do_sign a funtion of type ECDSA_do_sign
*/
void ECDSA_METHOD_set_sign(ECDSA_METHOD *ecdsa_method,
ECDSA_SIG *(*ecdsa_do_sign) (const unsigned char
*dgst, int dgst_len,
const BIGNUM *inv,
const BIGNUM *rp,
EC_KEY *eckey));
/** Set the ECDSA_sign_setup function in the ECDSA_METHOD
* \param ecdsa_method pointer to existing ECDSA_METHOD
* \param ecdsa_sign_setup a funtion of type ECDSA_sign_setup
*/
void ECDSA_METHOD_set_sign_setup(ECDSA_METHOD *ecdsa_method,
int (*ecdsa_sign_setup) (EC_KEY *eckey,
BN_CTX *ctx,
BIGNUM **kinv,
BIGNUM **r));
/** Set the ECDSA_do_verify function in the ECDSA_METHOD
* \param ecdsa_method pointer to existing ECDSA_METHOD
* \param ecdsa_do_verify a funtion of type ECDSA_do_verify
*/
void ECDSA_METHOD_set_verify(ECDSA_METHOD *ecdsa_method,
int (*ecdsa_do_verify) (const unsigned char
*dgst, int dgst_len,
const ECDSA_SIG *sig,
EC_KEY *eckey));
void ECDSA_METHOD_set_flags(ECDSA_METHOD *ecdsa_method, int flags);
/** Set the flags field in the ECDSA_METHOD
* \param ecdsa_method pointer to existing ECDSA_METHOD
* \param flags flags value to set
*/
void ECDSA_METHOD_set_name(ECDSA_METHOD *ecdsa_method, char *name);
/** Set the name field in the ECDSA_METHOD
* \param ecdsa_method pointer to existing ECDSA_METHOD
* \param name name to set
*/
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_ECDSA_strings(void);
@@ -242,6 +316,7 @@ void ERR_load_ECDSA_strings(void);
# define ECDSA_F_ECDSA_DATA_NEW_METHOD 100
# define ECDSA_F_ECDSA_DO_SIGN 101
# define ECDSA_F_ECDSA_DO_VERIFY 102
# define ECDSA_F_ECDSA_METHOD_NEW 105
# define ECDSA_F_ECDSA_SIGN_SETUP 103
/* Reason codes. */

650
libs/openssl/include/openssl/engine.h
View File

@@ -1,6 +1,7 @@
/* openssl/engine.h */
/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
* project 2000.
/*
* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
* 2000.
*/
/* ====================================================================
* Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved.
@@ -101,8 +102,10 @@
extern "C" {
#endif
/* These flags are used to control combinations of algorithm (methods)
* by bitwise "OR"ing. */
/*
* These flags are used to control combinations of algorithm (methods) by
* bitwise "OR"ing.
*/
# define ENGINE_METHOD_RSA (unsigned int)0x0001
# define ENGINE_METHOD_DSA (unsigned int)0x0002
# define ENGINE_METHOD_DH (unsigned int)0x0004
@@ -118,161 +121,206 @@ extern "C" {
# define ENGINE_METHOD_ALL (unsigned int)0xFFFF
# define ENGINE_METHOD_NONE (unsigned int)0x0000
/* This(ese) flag(s) controls behaviour of the ENGINE_TABLE mechanism used
* internally to control registration of ENGINE implementations, and can be set
* by ENGINE_set_table_flags(). The "NOINIT" flag prevents attempts to
* initialise registered ENGINEs if they are not already initialised. */
/*
* This(ese) flag(s) controls behaviour of the ENGINE_TABLE mechanism used
* internally to control registration of ENGINE implementations, and can be
* set by ENGINE_set_table_flags(). The "NOINIT" flag prevents attempts to
* initialise registered ENGINEs if they are not already initialised.
*/
# define ENGINE_TABLE_FLAG_NOINIT (unsigned int)0x0001
/* ENGINE flags that can be set by ENGINE_set_flags(). */
/* #define ENGINE_FLAGS_MALLOCED 0x0001 */ /* Not used */
/* Not used */
/* #define ENGINE_FLAGS_MALLOCED 0x0001 */
/* This flag is for ENGINEs that wish to handle the various 'CMD'-related
* control commands on their own. Without this flag, ENGINE_ctrl() handles these
* control commands on behalf of the ENGINE using their "cmd_defns" data. */
/*
* This flag is for ENGINEs that wish to handle the various 'CMD'-related
* control commands on their own. Without this flag, ENGINE_ctrl() handles
* these control commands on behalf of the ENGINE using their "cmd_defns"
* data.
*/
# define ENGINE_FLAGS_MANUAL_CMD_CTRL (int)0x0002
/* This flag is for ENGINEs who return new duplicate structures when found via
* "ENGINE_by_id()". When an ENGINE must store state (eg. if ENGINE_ctrl()
* commands are called in sequence as part of some stateful process like
* key-generation setup and execution), it can set this flag - then each attempt
* to obtain the ENGINE will result in it being copied into a new structure.
* Normally, ENGINEs don't declare this flag so ENGINE_by_id() just increments
* the existing ENGINE's structural reference count. */
/*
* This flag is for ENGINEs who return new duplicate structures when found
* via "ENGINE_by_id()". When an ENGINE must store state (eg. if
* ENGINE_ctrl() commands are called in sequence as part of some stateful
* process like key-generation setup and execution), it can set this flag -
* then each attempt to obtain the ENGINE will result in it being copied into
* a new structure. Normally, ENGINEs don't declare this flag so
* ENGINE_by_id() just increments the existing ENGINE's structural reference
* count.
*/
# define ENGINE_FLAGS_BY_ID_COPY (int)0x0004
/* This flag if for an ENGINE that does not want its methods registered as
* part of ENGINE_register_all_complete() for example if the methods are
* not usable as default methods.
/*
* This flag if for an ENGINE that does not want its methods registered as
* part of ENGINE_register_all_complete() for example if the methods are not
* usable as default methods.
*/
# define ENGINE_FLAGS_NO_REGISTER_ALL (int)0x0008
/* ENGINEs can support their own command types, and these flags are used in
* ENGINE_CTRL_GET_CMD_FLAGS to indicate to the caller what kind of input each
* command expects. Currently only numeric and string input is supported. If a
* control command supports none of the _NUMERIC, _STRING, or _NO_INPUT options,
* then it is regarded as an "internal" control command - and not for use in
* config setting situations. As such, they're not available to the
* ENGINE_ctrl_cmd_string() function, only raw ENGINE_ctrl() access. Changes to
* this list of 'command types' should be reflected carefully in
* ENGINE_cmd_is_executable() and ENGINE_ctrl_cmd_string(). */
/*
* ENGINEs can support their own command types, and these flags are used in
* ENGINE_CTRL_GET_CMD_FLAGS to indicate to the caller what kind of input
* each command expects. Currently only numeric and string input is
* supported. If a control command supports none of the _NUMERIC, _STRING, or
* _NO_INPUT options, then it is regarded as an "internal" control command -
* and not for use in config setting situations. As such, they're not
* available to the ENGINE_ctrl_cmd_string() function, only raw ENGINE_ctrl()
* access. Changes to this list of 'command types' should be reflected
* carefully in ENGINE_cmd_is_executable() and ENGINE_ctrl_cmd_string().
*/
/* accepts a 'long' input value (3rd parameter to ENGINE_ctrl) */
# define ENGINE_CMD_FLAG_NUMERIC (unsigned int)0x0001
/* accepts string input (cast from 'void*' to 'const char *', 4th parameter to
* ENGINE_ctrl) */
/*
* accepts string input (cast from 'void*' to 'const char *', 4th parameter
* to ENGINE_ctrl)
*/
# define ENGINE_CMD_FLAG_STRING (unsigned int)0x0002
/* Indicates that the control command takes *no* input. Ie. the control command
* is unparameterised. */
/*
* Indicates that the control command takes *no* input. Ie. the control
* command is unparameterised.
*/
# define ENGINE_CMD_FLAG_NO_INPUT (unsigned int)0x0004
/* Indicates that the control command is internal. This control command won't
/*
* Indicates that the control command is internal. This control command won't
* be shown in any output, and is only usable through the ENGINE_ctrl_cmd()
* function. */
* function.
*/
# define ENGINE_CMD_FLAG_INTERNAL (unsigned int)0x0008
/* NB: These 3 control commands are deprecated and should not be used. ENGINEs
* relying on these commands should compile conditional support for
* compatibility (eg. if these symbols are defined) but should also migrate the
* same functionality to their own ENGINE-specific control functions that can be
* "discovered" by calling applications. The fact these control commands
* wouldn't be "executable" (ie. usable by text-based config) doesn't change the
* fact that application code can find and use them without requiring per-ENGINE
* hacking. */
/*
* NB: These 3 control commands are deprecated and should not be used.
* ENGINEs relying on these commands should compile conditional support for
* compatibility (eg. if these symbols are defined) but should also migrate
* the same functionality to their own ENGINE-specific control functions that
* can be "discovered" by calling applications. The fact these control
* commands wouldn't be "executable" (ie. usable by text-based config)
* doesn't change the fact that application code can find and use them
* without requiring per-ENGINE hacking.
*/
/* These flags are used to tell the ctrl function what should be done.
* All command numbers are shared between all engines, even if some don't
* make sense to some engines. In such a case, they do nothing but return
* the error ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED. */
/*
* These flags are used to tell the ctrl function what should be done. All
* command numbers are shared between all engines, even if some don't make
* sense to some engines. In such a case, they do nothing but return the
* error ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED.
*/
# define ENGINE_CTRL_SET_LOGSTREAM 1
# define ENGINE_CTRL_SET_PASSWORD_CALLBACK 2
#define ENGINE_CTRL_HUP 3 /* Close and reinitialise any
handles/connections etc. */
# define ENGINE_CTRL_HUP 3/* Close and reinitialise
* any handles/connections
* etc. */
# define ENGINE_CTRL_SET_USER_INTERFACE 4/* Alternative to callback */
# define ENGINE_CTRL_SET_CALLBACK_DATA 5/* User-specific data, used
when calling the password
callback and the user
interface */
#define ENGINE_CTRL_LOAD_CONFIGURATION 6 /* Load a configuration, given
a string that represents a
file name or so */
* when calling the password
* callback and the user
* interface */
# define ENGINE_CTRL_LOAD_CONFIGURATION 6/* Load a configuration,
* given a string that
* represents a file name
* or so */
# define ENGINE_CTRL_LOAD_SECTION 7/* Load data from a given
section in the already loaded
configuration */
* section in the already
* loaded configuration */
/* These control commands allow an application to deal with an arbitrary engine
* in a dynamic way. Warn: Negative return values indicate errors FOR THESE
* COMMANDS because zero is used to indicate 'end-of-list'. Other commands,
* including ENGINE-specific command types, return zero for an error.
*
* An ENGINE can choose to implement these ctrl functions, and can internally
* manage things however it chooses - it does so by setting the
* ENGINE_FLAGS_MANUAL_CMD_CTRL flag (using ENGINE_set_flags()). Otherwise the
* ENGINE_ctrl() code handles this on the ENGINE's behalf using the cmd_defns
* data (set using ENGINE_set_cmd_defns()). This means an ENGINE's ctrl()
* handler need only implement its own commands - the above "meta" commands will
* be taken care of. */
/*
* These control commands allow an application to deal with an arbitrary
* engine in a dynamic way. Warn: Negative return values indicate errors FOR
* THESE COMMANDS because zero is used to indicate 'end-of-list'. Other
* commands, including ENGINE-specific command types, return zero for an
* error. An ENGINE can choose to implement these ctrl functions, and can
* internally manage things however it chooses - it does so by setting the
* ENGINE_FLAGS_MANUAL_CMD_CTRL flag (using ENGINE_set_flags()). Otherwise
* the ENGINE_ctrl() code handles this on the ENGINE's behalf using the
* cmd_defns data (set using ENGINE_set_cmd_defns()). This means an ENGINE's
* ctrl() handler need only implement its own commands - the above "meta"
* commands will be taken care of.
*/
/* Returns non-zero if the supplied ENGINE has a ctrl() handler. If "not", then
* all the remaining control commands will return failure, so it is worth
* checking this first if the caller is trying to "discover" the engine's
* capabilities and doesn't want errors generated unnecessarily. */
/*
* Returns non-zero if the supplied ENGINE has a ctrl() handler. If "not",
* then all the remaining control commands will return failure, so it is
* worth checking this first if the caller is trying to "discover" the
* engine's capabilities and doesn't want errors generated unnecessarily.
*/
# define ENGINE_CTRL_HAS_CTRL_FUNCTION 10
/* Returns a positive command number for the first command supported by the
* engine. Returns zero if no ctrl commands are supported. */
/*
* Returns a positive command number for the first command supported by the
* engine. Returns zero if no ctrl commands are supported.
*/
# define ENGINE_CTRL_GET_FIRST_CMD_TYPE 11
/* The 'long' argument specifies a command implemented by the engine, and the
* return value is the next command supported, or zero if there are no more. */
/*
* The 'long' argument specifies a command implemented by the engine, and the
* return value is the next command supported, or zero if there are no more.
*/
# define ENGINE_CTRL_GET_NEXT_CMD_TYPE 12
/* The 'void*' argument is a command name (cast from 'const char *'), and the
* return value is the command that corresponds to it. */
/*
* The 'void*' argument is a command name (cast from 'const char *'), and the
* return value is the command that corresponds to it.
*/
# define ENGINE_CTRL_GET_CMD_FROM_NAME 13
/* The next two allow a command to be converted into its corresponding string
* form. In each case, the 'long' argument supplies the command. In the NAME_LEN
* case, the return value is the length of the command name (not counting a
* trailing EOL). In the NAME case, the 'void*' argument must be a string buffer
* large enough, and it will be populated with the name of the command (WITH a
* trailing EOL). */
/*
* The next two allow a command to be converted into its corresponding string
* form. In each case, the 'long' argument supplies the command. In the
* NAME_LEN case, the return value is the length of the command name (not
* counting a trailing EOL). In the NAME case, the 'void*' argument must be a
* string buffer large enough, and it will be populated with the name of the
* command (WITH a trailing EOL).
*/
# define ENGINE_CTRL_GET_NAME_LEN_FROM_CMD 14
# define ENGINE_CTRL_GET_NAME_FROM_CMD 15
/* The next two are similar but give a "short description" of a command. */
# define ENGINE_CTRL_GET_DESC_LEN_FROM_CMD 16
# define ENGINE_CTRL_GET_DESC_FROM_CMD 17
/* With this command, the return value is the OR'd combination of
/*
* With this command, the return value is the OR'd combination of
* ENGINE_CMD_FLAG_*** values that indicate what kind of input a given
* engine-specific ctrl command expects. */
* engine-specific ctrl command expects.
*/
# define ENGINE_CTRL_GET_CMD_FLAGS 18
/* ENGINE implementations should start the numbering of their own control
* commands from this value. (ie. ENGINE_CMD_BASE, ENGINE_CMD_BASE + 1, etc). */
/*
* ENGINE implementations should start the numbering of their own control
* commands from this value. (ie. ENGINE_CMD_BASE, ENGINE_CMD_BASE + 1, etc).
*/
# define ENGINE_CMD_BASE 200
/* NB: These 2 nCipher "chil" control commands are deprecated, and their
/*
* NB: These 2 nCipher "chil" control commands are deprecated, and their
* functionality is now available through ENGINE-specific control commands
* (exposed through the above-mentioned 'CMD'-handling). Code using these 2
* commands should be migrated to the more general command handling before these
* are removed. */
* commands should be migrated to the more general command handling before
* these are removed.
*/
/* Flags specific to the nCipher "chil" engine */
# define ENGINE_CTRL_CHIL_SET_FORKCHECK 100
/* Depending on the value of the (long)i argument, this sets or
/*
* Depending on the value of the (long)i argument, this sets or
* unsets the SimpleForkCheck flag in the CHIL API to enable or
* disable checking and workarounds for applications that fork().
*/
# define ENGINE_CTRL_CHIL_NO_LOCKING 101
/* This prevents the initialisation function from providing mutex
* callbacks to the nCipher library. */
/*
* This prevents the initialisation function from providing mutex
* callbacks to the nCipher library.
*/
/* If an ENGINE supports its own specific control commands and wishes the
* framework to handle the above 'ENGINE_CMD_***'-manipulation commands on its
* behalf, it should supply a null-terminated array of ENGINE_CMD_DEFN entries
* to ENGINE_set_cmd_defns(). It should also implement a ctrl() handler that
* supports the stated commands (ie. the "cmd_num" entries as described by the
* array). NB: The array must be ordered in increasing order of cmd_num.
* "null-terminated" means that the last ENGINE_CMD_DEFN element has cmd_num set
* to zero and/or cmd_name set to NULL. */
typedef struct ENGINE_CMD_DEFN_st
{
/*
* If an ENGINE supports its own specific control commands and wishes the
* framework to handle the above 'ENGINE_CMD_***'-manipulation commands on
* its behalf, it should supply a null-terminated array of ENGINE_CMD_DEFN
* entries to ENGINE_set_cmd_defns(). It should also implement a ctrl()
* handler that supports the stated commands (ie. the "cmd_num" entries as
* described by the array). NB: The array must be ordered in increasing order
* of cmd_num. "null-terminated" means that the last ENGINE_CMD_DEFN element
* has cmd_num set to zero and/or cmd_name set to NULL.
*/
typedef struct ENGINE_CMD_DEFN_st {
unsigned int cmd_num; /* The command number */
const char *cmd_name; /* The command name itself */
const char *cmd_desc; /* A short description of the command */
@@ -284,14 +332,20 @@ typedef int (*ENGINE_GEN_FUNC_PTR)(void);
/* Generic function pointer taking no arguments */
typedef int (*ENGINE_GEN_INT_FUNC_PTR) (ENGINE *);
/* Specific control function pointer */
typedef int (*ENGINE_CTRL_FUNC_PTR)(ENGINE *, int, long, void *, void (*f)(void));
typedef int (*ENGINE_CTRL_FUNC_PTR) (ENGINE *, int, long, void *,
void (*f) (void));
/* Generic load_key function pointer */
typedef EVP_PKEY *(*ENGINE_LOAD_KEY_PTR)(ENGINE *, const char *,
UI_METHOD *ui_method, void *callback_data);
UI_METHOD *ui_method,
void *callback_data);
typedef int (*ENGINE_SSL_CLIENT_CERT_PTR) (ENGINE *, SSL *ssl,
STACK_OF(X509_NAME) *ca_dn, X509 **pcert, EVP_PKEY **pkey,
STACK_OF(X509) **pother, UI_METHOD *ui_method, void *callback_data);
/* These callback types are for an ENGINE's handler for cipher and digest logic.
STACK_OF(X509_NAME) *ca_dn,
X509 **pcert, EVP_PKEY **pkey,
STACK_OF(X509) **pother,
UI_METHOD *ui_method,
void *callback_data);
/*-
* These callback types are for an ENGINE's handler for cipher and digest logic.
* These handlers have these prototypes;
* int foo(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid);
* int foo(ENGINE *e, const EVP_MD **digest, const int **nids, int nid);
@@ -301,21 +355,29 @@ typedef int (*ENGINE_SSL_CLIENT_CERT_PTR)(ENGINE *, SSL *ssl,
* If the framework wants a list of supported 'nid's, it will call;
* foo(e, NULL, &p_nids, 0); (returns number of 'nids' or -1 for error)
*/
/* Returns to a pointer to the array of supported cipher 'nid's. If the second
* parameter is non-NULL it is set to the size of the returned array. */
typedef int (*ENGINE_CIPHERS_PTR)(ENGINE *, const EVP_CIPHER **, const int **, int);
typedef int (*ENGINE_DIGESTS_PTR)(ENGINE *, const EVP_MD **, const int **, int);
typedef int (*ENGINE_PKEY_METHS_PTR)(ENGINE *, EVP_PKEY_METHOD **, const int **, int);
typedef int (*ENGINE_PKEY_ASN1_METHS_PTR)(ENGINE *, EVP_PKEY_ASN1_METHOD **, const int **, int);
/* STRUCTURE functions ... all of these functions deal with pointers to ENGINE
* structures where the pointers have a "structural reference". This means that
* their reference is to allowed access to the structure but it does not imply
* that the structure is functional. To simply increment or decrement the
* structural reference count, use ENGINE_by_id and ENGINE_free. NB: This is not
* required when iterating using ENGINE_get_next as it will automatically
* decrement the structural reference count of the "current" ENGINE and
* increment the structural reference count of the ENGINE it returns (unless it
* is NULL). */
/*
* Returns to a pointer to the array of supported cipher 'nid's. If the
* second parameter is non-NULL it is set to the size of the returned array.
*/
typedef int (*ENGINE_CIPHERS_PTR) (ENGINE *, const EVP_CIPHER **,
const int **, int);
typedef int (*ENGINE_DIGESTS_PTR) (ENGINE *, const EVP_MD **, const int **,
int);
typedef int (*ENGINE_PKEY_METHS_PTR) (ENGINE *, EVP_PKEY_METHOD **,
const int **, int);
typedef int (*ENGINE_PKEY_ASN1_METHS_PTR) (ENGINE *, EVP_PKEY_ASN1_METHOD **,
const int **, int);
/*
* STRUCTURE functions ... all of these functions deal with pointers to
* ENGINE structures where the pointers have a "structural reference". This
* means that their reference is to allowed access to the structure but it
* does not imply that the structure is functional. To simply increment or
* decrement the structural reference count, use ENGINE_by_id and
* ENGINE_free. NB: This is not required when iterating using ENGINE_get_next
* as it will automatically decrement the structural reference count of the
* "current" ENGINE and increment the structural reference count of the
* ENGINE it returns (unless it is NULL).
*/
/* Get the first/last "ENGINE" type available. */
ENGINE *ENGINE_get_first(void);
@@ -351,22 +413,24 @@ void ENGINE_load_gost(void);
# endif
# endif
void ENGINE_load_cryptodev(void);
void ENGINE_load_rsax(void);
void ENGINE_load_rdrand(void);
void ENGINE_load_builtin_engines(void);
/* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation
* "registry" handling. */
/*
* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation
* "registry" handling.
*/
unsigned int ENGINE_get_table_flags(void);
void ENGINE_set_table_flags(unsigned int flags);
/* Manage registration of ENGINEs per "table". For each type, there are 3
/*- Manage registration of ENGINEs per "table". For each type, there are 3
* functions;
* ENGINE_register_***(e) - registers the implementation from 'e' (if it has one)
* ENGINE_unregister_***(e) - unregister the implementation from 'e'
* ENGINE_register_all_***() - call ENGINE_register_***() for each 'e' in the list
* Cleanup is automatically registered from each table when required, so
* ENGINE_cleanup() will reverse any "register" operations. */
* ENGINE_cleanup() will reverse any "register" operations.
*/
int ENGINE_register_RSA(ENGINE *e);
void ENGINE_unregister_RSA(ENGINE *e);
@@ -412,63 +476,77 @@ int ENGINE_register_pkey_asn1_meths(ENGINE *e);
void ENGINE_unregister_pkey_asn1_meths(ENGINE *e);
void ENGINE_register_all_pkey_asn1_meths(void);
/* These functions register all support from the above categories. Note, use of
* these functions can result in static linkage of code your application may not
* need. If you only need a subset of functionality, consider using more
* selective initialisation. */
/*
* These functions register all support from the above categories. Note, use
* of these functions can result in static linkage of code your application
* may not need. If you only need a subset of functionality, consider using
* more selective initialisation.
*/
int ENGINE_register_complete(ENGINE *e);
int ENGINE_register_all_complete(void);
/* Send parametrised control commands to the engine. The possibilities to send
* down an integer, a pointer to data or a function pointer are provided. Any of
* the parameters may or may not be NULL, depending on the command number. In
* actuality, this function only requires a structural (rather than functional)
* reference to an engine, but many control commands may require the engine be
* functional. The caller should be aware of trying commands that require an
* operational ENGINE, and only use functional references in such situations. */
/*
* Send parametrised control commands to the engine. The possibilities to
* send down an integer, a pointer to data or a function pointer are
* provided. Any of the parameters may or may not be NULL, depending on the
* command number. In actuality, this function only requires a structural
* (rather than functional) reference to an engine, but many control commands
* may require the engine be functional. The caller should be aware of trying
* commands that require an operational ENGINE, and only use functional
* references in such situations.
*/
int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
/* This function tests if an ENGINE-specific command is usable as a "setting".
* Eg. in an application's config file that gets processed through
/*
* This function tests if an ENGINE-specific command is usable as a
* "setting". Eg. in an application's config file that gets processed through
* ENGINE_ctrl_cmd_string(). If this returns zero, it is not available to
* ENGINE_ctrl_cmd_string(), only ENGINE_ctrl(). */
* ENGINE_ctrl_cmd_string(), only ENGINE_ctrl().
*/
int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
/* This function works like ENGINE_ctrl() with the exception of taking a
* command name instead of a command number, and can handle optional commands.
* See the comment on ENGINE_ctrl_cmd_string() for an explanation on how to
* use the cmd_name and cmd_optional. */
/*
* This function works like ENGINE_ctrl() with the exception of taking a
* command name instead of a command number, and can handle optional
* commands. See the comment on ENGINE_ctrl_cmd_string() for an explanation
* on how to use the cmd_name and cmd_optional.
*/
int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
long i, void *p, void (*f) (void), int cmd_optional);
/* This function passes a command-name and argument to an ENGINE. The cmd_name
* is converted to a command number and the control command is called using
* 'arg' as an argument (unless the ENGINE doesn't support such a command, in
* which case no control command is called). The command is checked for input
* flags, and if necessary the argument will be converted to a numeric value. If
* cmd_optional is non-zero, then if the ENGINE doesn't support the given
* cmd_name the return value will be success anyway. This function is intended
* for applications to use so that users (or config files) can supply
* engine-specific config data to the ENGINE at run-time to control behaviour of
* specific engines. As such, it shouldn't be used for calling ENGINE_ctrl()
* functions that return data, deal with binary data, or that are otherwise
* supposed to be used directly through ENGINE_ctrl() in application code. Any
* "return" data from an ENGINE_ctrl() operation in this function will be lost -
* the return value is interpreted as failure if the return value is zero,
* success otherwise, and this function returns a boolean value as a result. In
* other words, vendors of 'ENGINE'-enabled devices should write ENGINE
* implementations with parameterisations that work in this scheme, so that
* compliant ENGINE-based applications can work consistently with the same
* configuration for the same ENGINE-enabled devices, across applications. */
/*
* This function passes a command-name and argument to an ENGINE. The
* cmd_name is converted to a command number and the control command is
* called using 'arg' as an argument (unless the ENGINE doesn't support such
* a command, in which case no control command is called). The command is
* checked for input flags, and if necessary the argument will be converted
* to a numeric value. If cmd_optional is non-zero, then if the ENGINE
* doesn't support the given cmd_name the return value will be success
* anyway. This function is intended for applications to use so that users
* (or config files) can supply engine-specific config data to the ENGINE at
* run-time to control behaviour of specific engines. As such, it shouldn't
* be used for calling ENGINE_ctrl() functions that return data, deal with
* binary data, or that are otherwise supposed to be used directly through
* ENGINE_ctrl() in application code. Any "return" data from an ENGINE_ctrl()
* operation in this function will be lost - the return value is interpreted
* as failure if the return value is zero, success otherwise, and this
* function returns a boolean value as a result. In other words, vendors of
* 'ENGINE'-enabled devices should write ENGINE implementations with
* parameterisations that work in this scheme, so that compliant ENGINE-based
* applications can work consistently with the same configuration for the
* same ENGINE-enabled devices, across applications.
*/
int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
int cmd_optional);
/* These functions are useful for manufacturing new ENGINE structures. They
* don't address reference counting at all - one uses them to populate an ENGINE
* structure with personalised implementations of things prior to using it
* directly or adding it to the builtin ENGINE list in OpenSSL. These are also
* here so that the ENGINE structure doesn't have to be exposed and break binary
* compatibility! */
/*
* These functions are useful for manufacturing new ENGINE structures. They
* don't address reference counting at all - one uses them to populate an
* ENGINE structure with personalised implementations of things prior to
* using it directly or adding it to the builtin ENGINE list in OpenSSL.
* These are also here so that the ENGINE structure doesn't have to be
* exposed and break binary compatibility!
*/
ENGINE *ENGINE_new(void);
int ENGINE_free(ENGINE *e);
int ENGINE_up_ref(ENGINE *e);
@@ -485,10 +563,12 @@ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
int ENGINE_set_load_privkey_function(ENGINE *e,
ENGINE_LOAD_KEY_PTR loadpriv_f);
int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
int ENGINE_set_load_ssl_client_cert_function(ENGINE *e,
ENGINE_SSL_CLIENT_CERT_PTR loadssl_f);
ENGINE_SSL_CLIENT_CERT_PTR
loadssl_f);
int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
int ENGINE_set_pkey_meths(ENGINE *e, ENGINE_PKEY_METHS_PTR f);
@@ -497,20 +577,25 @@ int ENGINE_set_flags(ENGINE *e, int flags);
int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
/* These functions allow control over any per-structure ENGINE data. */
int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
CRYPTO_EX_dup *dup_func,
CRYPTO_EX_free *free_func);
int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg);
void *ENGINE_get_ex_data(const ENGINE *e, int idx);
/* This function cleans up anything that needs it. Eg. the ENGINE_add() function
* automatically ensures the list cleanup function is registered to be called
* from ENGINE_cleanup(). Similarly, all ENGINE_register_*** functions ensure
* ENGINE_cleanup() will clean up after them. */
/*
* This function cleans up anything that needs it. Eg. the ENGINE_add()
* function automatically ensures the list cleanup function is registered to
* be called from ENGINE_cleanup(). Similarly, all ENGINE_register_***
* functions ensure ENGINE_cleanup() will clean up after them.
*/
void ENGINE_cleanup(void);
/* These return values from within the ENGINE structure. These can be useful
/*
* These return values from within the ENGINE structure. These can be useful
* with functional references as well as structural references - it depends
* which you obtained. Using the result for functional purposes if you only
* obtained a structural reference may be problematic! */
* obtained a structural reference may be problematic!
*/
const char *ENGINE_get_id(const ENGINE *e);
const char *ENGINE_get_name(const ENGINE *e);
const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
@@ -526,7 +611,8 @@ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
ENGINE_SSL_CLIENT_CERT_PTR ENGINE_get_ssl_client_cert_function(const ENGINE *e);
ENGINE_SSL_CLIENT_CERT_PTR ENGINE_get_ssl_client_cert_function(const ENGINE
*e);
ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
ENGINE_PKEY_METHS_PTR ENGINE_get_pkey_meths(const ENGINE *e);
@@ -536,49 +622,60 @@ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
const EVP_PKEY_METHOD *ENGINE_get_pkey_meth(ENGINE *e, int nid);
const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth(ENGINE *e, int nid);
const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth_str(ENGINE *e,
const char *str, int len);
const char *str,
int len);
const EVP_PKEY_ASN1_METHOD *ENGINE_pkey_asn1_find_str(ENGINE **pe,
const char *str, int len);
const char *str,
int len);
const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
int ENGINE_get_flags(const ENGINE *e);
/* FUNCTIONAL functions. These functions deal with ENGINE structures
* that have (or will) be initialised for use. Broadly speaking, the
* structural functions are useful for iterating the list of available
* engine types, creating new engine types, and other "list" operations.
* These functions actually deal with ENGINEs that are to be used. As
* such these functions can fail (if applicable) when particular
* engines are unavailable - eg. if a hardware accelerator is not
* attached or not functioning correctly. Each ENGINE has 2 reference
* counts; structural and functional. Every time a functional reference
* is obtained or released, a corresponding structural reference is
* automatically obtained or released too. */
/*
* FUNCTIONAL functions. These functions deal with ENGINE structures that
* have (or will) be initialised for use. Broadly speaking, the structural
* functions are useful for iterating the list of available engine types,
* creating new engine types, and other "list" operations. These functions
* actually deal with ENGINEs that are to be used. As such these functions
* can fail (if applicable) when particular engines are unavailable - eg. if
* a hardware accelerator is not attached or not functioning correctly. Each
* ENGINE has 2 reference counts; structural and functional. Every time a
* functional reference is obtained or released, a corresponding structural
* reference is automatically obtained or released too.
*/
/* Initialise a engine type for use (or up its reference count if it's
* already in use). This will fail if the engine is not currently
* operational and cannot initialise. */
/*
* Initialise a engine type for use (or up its reference count if it's
* already in use). This will fail if the engine is not currently operational
* and cannot initialise.
*/
int ENGINE_init(ENGINE *e);
/* Free a functional reference to a engine type. This does not require
* a corresponding call to ENGINE_free as it also releases a structural
* reference. */
/*
* Free a functional reference to a engine type. This does not require a
* corresponding call to ENGINE_free as it also releases a structural
* reference.
*/
int ENGINE_finish(ENGINE *e);
/* The following functions handle keys that are stored in some secondary
/*
* The following functions handle keys that are stored in some secondary
* location, handled by the engine. The storage may be on a card or
* whatever. */
* whatever.
*/
EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
UI_METHOD *ui_method, void *callback_data);
EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
UI_METHOD *ui_method, void *callback_data);
int ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s,
STACK_OF(X509_NAME) *ca_dn, X509 **pcert, EVP_PKEY **ppkey,
STACK_OF(X509) **pother,
STACK_OF(X509_NAME) *ca_dn, X509 **pcert,
EVP_PKEY **ppkey, STACK_OF(X509) **pother,
UI_METHOD *ui_method, void *callback_data);
/* This returns a pointer for the current ENGINE structure that
* is (by default) performing any RSA operations. The value returned
* is an incremented reference, so it should be free'd (ENGINE_finish)
* before it is discarded. */
/*
* This returns a pointer for the current ENGINE structure that is (by
* default) performing any RSA operations. The value returned is an
* incremented reference, so it should be free'd (ENGINE_finish) before it is
* discarded.
*/
ENGINE *ENGINE_get_default_RSA(void);
/* Same for the other "methods" */
ENGINE *ENGINE_get_default_DSA(void);
@@ -586,17 +683,21 @@ ENGINE *ENGINE_get_default_ECDH(void);
ENGINE *ENGINE_get_default_ECDSA(void);
ENGINE *ENGINE_get_default_DH(void);
ENGINE *ENGINE_get_default_RAND(void);
/* These functions can be used to get a functional reference to perform
* ciphering or digesting corresponding to "nid". */
/*
* These functions can be used to get a functional reference to perform
* ciphering or digesting corresponding to "nid".
*/
ENGINE *ENGINE_get_cipher_engine(int nid);
ENGINE *ENGINE_get_digest_engine(int nid);
ENGINE *ENGINE_get_pkey_meth_engine(int nid);
ENGINE *ENGINE_get_pkey_asn1_meth_engine(int nid);
/* This sets a new default ENGINE structure for performing RSA
* operations. If the result is non-zero (success) then the ENGINE
* structure will have had its reference count up'd so the caller
* should still free their own reference 'e'. */
/*
* This sets a new default ENGINE structure for performing RSA operations. If
* the result is non-zero (success) then the ENGINE structure will have had
* its reference count up'd so the caller should still free their own
* reference 'e'.
*/
int ENGINE_set_default_RSA(ENGINE *e);
int ENGINE_set_default_string(ENGINE *e, const char *def_list);
/* Same for the other "methods" */
@@ -610,11 +711,13 @@ int ENGINE_set_default_digests(ENGINE *e);
int ENGINE_set_default_pkey_meths(ENGINE *e);
int ENGINE_set_default_pkey_asn1_meths(ENGINE *e);
/* The combination "set" - the flags are bitwise "OR"d from the
/*
* The combination "set" - the flags are bitwise "OR"d from the
* ENGINE_METHOD_*** defines above. As with the "ENGINE_register_complete()"
* function, this function can result in unnecessary static linkage. If your
* application requires only specific functionality, consider using more
* selective functions. */
* selective functions.
*/
int ENGINE_set_default(ENGINE *e, unsigned int flags);
void ENGINE_add_conf_module(void);
@@ -628,19 +731,23 @@ void ENGINE_add_conf_module(void);
/* Binary/behaviour compatibility levels */
# define OSSL_DYNAMIC_VERSION (unsigned long)0x00020000
/* Binary versions older than this are too old for us (whether we're a loader or
* a loadee) */
/*
* Binary versions older than this are too old for us (whether we're a loader
* or a loadee)
*/
# define OSSL_DYNAMIC_OLDEST (unsigned long)0x00020000
/* When compiling an ENGINE entirely as an external shared library, loadable by
* the "dynamic" ENGINE, these types are needed. The 'dynamic_fns' structure
* type provides the calling application's (or library's) error functionality
* and memory management function pointers to the loaded library. These should
* be used/set in the loaded library code so that the loading application's
* 'state' will be used/changed in all operations. The 'static_state' pointer
* allows the loaded library to know if it shares the same static data as the
* calling application (or library), and thus whether these callbacks need to be
* set or not. */
/*
* When compiling an ENGINE entirely as an external shared library, loadable
* by the "dynamic" ENGINE, these types are needed. The 'dynamic_fns'
* structure type provides the calling application's (or library's) error
* functionality and memory management function pointers to the loaded
* library. These should be used/set in the loaded library code so that the
* loading application's 'state' will be used/changed in all operations. The
* 'static_state' pointer allows the loaded library to know if it shares the
* same static data as the calling application (or library), and thus whether
* these callbacks need to be set or not.
*/
typedef void *(*dyn_MEM_malloc_cb) (size_t);
typedef void *(*dyn_MEM_realloc_cb) (void *, size_t);
typedef void (*dyn_MEM_free_cb) (void *);
@@ -649,12 +756,14 @@ typedef struct st_dynamic_MEM_fns {
dyn_MEM_realloc_cb realloc_cb;
dyn_MEM_free_cb free_cb;
} dynamic_MEM_fns;
/* FIXME: Perhaps the memory and locking code (crypto.h) should declare and use
* these types so we (and any other dependant code) can simplify a bit?? */
/*
* FIXME: Perhaps the memory and locking code (crypto.h) should declare and
* use these types so we (and any other dependant code) can simplify a bit??
*/
typedef void (*dyn_lock_locking_cb) (int, int, const char *, int);
typedef int (*dyn_lock_add_lock_cb) (int *, int, int, const char *, int);
typedef struct CRYPTO_dynlock_value *(*dyn_dynlock_create_cb)(
const char *,int);
typedef struct CRYPTO_dynlock_value *(*dyn_dynlock_create_cb) (const char *,
int);
typedef void (*dyn_dynlock_lock_cb) (int, struct CRYPTO_dynlock_value *,
const char *, int);
typedef void (*dyn_dynlock_destroy_cb) (struct CRYPTO_dynlock_value *,
@@ -675,15 +784,18 @@ typedef struct st_dynamic_fns {
dynamic_LOCK_fns lock_fns;
} dynamic_fns;
/* The version checking function should be of this prototype. NB: The
* ossl_version value passed in is the OSSL_DYNAMIC_VERSION of the loading code.
* If this function returns zero, it indicates a (potential) version
/*
* The version checking function should be of this prototype. NB: The
* ossl_version value passed in is the OSSL_DYNAMIC_VERSION of the loading
* code. If this function returns zero, it indicates a (potential) version
* incompatibility and the loaded library doesn't believe it can proceed.
* Otherwise, the returned value is the (latest) version supported by the
* loading library. The loader may still decide that the loaded code's version
* is unsatisfactory and could veto the load. The function is expected to
* be implemented with the symbol name "v_check", and a default implementation
* can be fully instantiated with IMPLEMENT_DYNAMIC_CHECK_FN(). */
* loading library. The loader may still decide that the loaded code's
* version is unsatisfactory and could veto the load. The function is
* expected to be implemented with the symbol name "v_check", and a default
* implementation can be fully instantiated with
* IMPLEMENT_DYNAMIC_CHECK_FN().
*/
typedef unsigned long (*dynamic_v_check_fn) (unsigned long ossl_version);
# define IMPLEMENT_DYNAMIC_CHECK_FN() \
OPENSSL_EXPORT unsigned long v_check(unsigned long v); \
@@ -691,21 +803,24 @@ typedef unsigned long (*dynamic_v_check_fn)(unsigned long ossl_version);
if(v >= OSSL_DYNAMIC_OLDEST) return OSSL_DYNAMIC_VERSION; \
return 0; }
/* This function is passed the ENGINE structure to initialise with its own
/*
* This function is passed the ENGINE structure to initialise with its own
* function and command settings. It should not adjust the structural or
* functional reference counts. If this function returns zero, (a) the load will
* be aborted, (b) the previous ENGINE state will be memcpy'd back onto the
* structure, and (c) the shared library will be unloaded. So implementations
* should do their own internal cleanup in failure circumstances otherwise they
* could leak. The 'id' parameter, if non-NULL, represents the ENGINE id that
* the loader is looking for. If this is NULL, the shared library can choose to
* return failure or to initialise a 'default' ENGINE. If non-NULL, the shared
* library must initialise only an ENGINE matching the passed 'id'. The function
* is expected to be implemented with the symbol name "bind_engine". A standard
* implementation can be instantiated with IMPLEMENT_DYNAMIC_BIND_FN(fn) where
* the parameter 'fn' is a callback function that populates the ENGINE structure
* and returns an int value (zero for failure). 'fn' should have prototype;
* [static] int fn(ENGINE *e, const char *id); */
* functional reference counts. If this function returns zero, (a) the load
* will be aborted, (b) the previous ENGINE state will be memcpy'd back onto
* the structure, and (c) the shared library will be unloaded. So
* implementations should do their own internal cleanup in failure
* circumstances otherwise they could leak. The 'id' parameter, if non-NULL,
* represents the ENGINE id that the loader is looking for. If this is NULL,
* the shared library can choose to return failure or to initialise a
* 'default' ENGINE. If non-NULL, the shared library must initialise only an
* ENGINE matching the passed 'id'. The function is expected to be
* implemented with the symbol name "bind_engine". A standard implementation
* can be instantiated with IMPLEMENT_DYNAMIC_BIND_FN(fn) where the parameter
* 'fn' is a callback function that populates the ENGINE structure and
* returns an int value (zero for failure). 'fn' should have prototype;
* [static] int fn(ENGINE *e, const char *id);
*/
typedef int (*dynamic_bind_engine) (ENGINE *e, const char *id,
const dynamic_fns *fns);
# define IMPLEMENT_DYNAMIC_BIND_FN(fn) \
@@ -729,15 +844,17 @@ typedef int (*dynamic_bind_engine)(ENGINE *e, const char *id,
if(!fn(e,id)) return 0; \
return 1; }
/* If the loading application (or library) and the loaded ENGINE library share
* the same static data (eg. they're both dynamically linked to the same
* libcrypto.so) we need a way to avoid trying to set system callbacks - this
* would fail, and for the same reason that it's unnecessary to try. If the
* loaded ENGINE has (or gets from through the loader) its own copy of the
* libcrypto static data, we will need to set the callbacks. The easiest way to
* detect this is to have a function that returns a pointer to some static data
* and let the loading application and loaded ENGINE compare their respective
* values. */
/*
* If the loading application (or library) and the loaded ENGINE library
* share the same static data (eg. they're both dynamically linked to the
* same libcrypto.so) we need a way to avoid trying to set system callbacks -
* this would fail, and for the same reason that it's unnecessary to try. If
* the loaded ENGINE has (or gets from through the loader) its own copy of
* the libcrypto static data, we will need to set the callbacks. The easiest
* way to detect this is to have a function that returns a pointer to some
* static data and let the loading application and loaded ENGINE compare
* their respective values.
*/
void *ENGINE_get_static_state(void);
# if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)
@@ -745,7 +862,8 @@ void ENGINE_setup_bsd_cryptodev(void);
# endif
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_ENGINE_strings(void);

34
libs/openssl/include/openssl/err.h
View File

@@ -145,8 +145,7 @@ extern "C" {
# define ERR_FLAG_MARK 0x01
# define ERR_NUM_ERRORS 16
typedef struct err_state_st
{
typedef struct err_state_st {
CRYPTO_THREADID tid;
int err_flags[ERR_NUM_ERRORS];
unsigned long err_buffer[ERR_NUM_ERRORS];
@@ -235,8 +234,10 @@ typedef struct err_state_st
# define HMACerr(f,r) ERR_PUT_error(ERR_LIB_HMAC,(f),(r),__FILE__,__LINE__)
# define JPAKEerr(f,r) ERR_PUT_error(ERR_LIB_JPAKE,(f),(r),__FILE__,__LINE__)
/* Borland C seems too stupid to be able to shift and do longs in
* the pre-processor :-( */
/*
* Borland C seems too stupid to be able to shift and do longs in the
* pre-processor :-(
*/
# define ERR_PACK(l,f,r) (((((unsigned long)l)&0xffL)*0x1000000)| \
((((unsigned long)f)&0xfffL)*0x1000)| \
((((unsigned long)r)&0xfffL)))
@@ -245,7 +246,6 @@ typedef struct err_state_st
# define ERR_GET_REASON(l) (int)((l)&0xfffL)
# define ERR_FATAL_ERROR(l) (int)((l)&ERR_R_FATAL)
/* OS functions */
# define SYS_F_FOPEN 1
# define SYS_F_CONNECT 2
@@ -258,7 +258,7 @@ typedef struct err_state_st
# define SYS_F_WSASTARTUP 9/* Winsock stuff */
# define SYS_F_OPENDIR 10
# define SYS_F_FREAD 11
# define SYS_F_FFLUSH 18
/* reasons */
# define ERR_R_SYS_LIB ERR_LIB_SYS/* 2 */
@@ -306,12 +306,12 @@ typedef struct err_state_st
# define ERR_R_INTERNAL_ERROR (4|ERR_R_FATAL)
# define ERR_R_DISABLED (5|ERR_R_FATAL)
/* 99 is the maximum possible ERR_R_... code, higher values
* are reserved for the individual libraries */
/*
* 99 is the maximum possible ERR_R_... code, higher values are reserved for
* the individual libraries
*/
typedef struct ERR_string_data_st
{
typedef struct ERR_string_data_st {
unsigned long error;
const char *string;
} ERR_STRING_DATA;
@@ -372,11 +372,15 @@ int ERR_pop_to_mark(void);
/* Already defined in ossl_typ.h */
/* typedef struct st_ERR_FNS ERR_FNS; */
/* An application can use this function and provide the return value to loaded
* modules that should use the application's ERR state/functionality */
/*
* An application can use this function and provide the return value to
* loaded modules that should use the application's ERR state/functionality
*/
const ERR_FNS *ERR_get_implementation(void);
/* A loaded module should call this function prior to any ERR operations using
* the application's "ERR_FNS". */
/*
* A loaded module should call this function prior to any ERR operations
* using the application's "ERR_FNS".
*/
int ERR_set_implementation(const ERR_FNS *fns);
#ifdef __cplusplus

419
libs/openssl/include/openssl/evp.h
View File

@@ -75,7 +75,7 @@
# include <openssl/bio.h>
# endif
/*
/*-
#define EVP_RC2_KEY_SIZE 16
#define EVP_RC4_KEY_SIZE 16
#define EVP_BLOWFISH_KEY_SIZE 16
@@ -103,7 +103,6 @@
# define EVP_PKS_RSA 0x0100
# define EVP_PKS_DSA 0x0200
# define EVP_PKS_EC 0x0400
#define EVP_PKT_EXP 0x1000 /* <= 512 bit key */
# define EVP_PKEY_NONE NID_undef
# define EVP_PKEY_RSA NID_rsaEncryption
@@ -114,6 +113,7 @@
# define EVP_PKEY_DSA3 NID_dsaWithSHA1
# define EVP_PKEY_DSA4 NID_dsaWithSHA1_2
# define EVP_PKEY_DH NID_dhKeyAgreement
# define EVP_PKEY_DHX NID_dhpublicnumber
# define EVP_PKEY_EC NID_X9_62_id_ecPublicKey
# define EVP_PKEY_HMAC NID_hmac
# define EVP_PKEY_CMAC NID_cmac
@@ -122,11 +122,11 @@
extern "C" {
#endif
/* Type needs to be a bit field
* Sub-type needs to be for variations on the method, as in, can it do
* arbitrary encryption.... */
struct evp_pkey_st
{
/*
* Type needs to be a bit field Sub-type needs to be for variations on the
* method, as in, can it do arbitrary encryption....
*/
struct evp_pkey_st {
int type;
int save_type;
int references;
@@ -157,8 +157,7 @@ struct evp_pkey_st
# define EVP_PKEY_MO_DECRYPT 0x0008
# ifndef EVP_MD
struct env_md_st
{
struct env_md_st {
int type;
int pkey_type;
int md_size;
@@ -168,7 +167,6 @@ struct env_md_st
int (*final) (EVP_MD_CTX *ctx, unsigned char *md);
int (*copy) (EVP_MD_CTX *to, const EVP_MD_CTX *from);
int (*cleanup) (EVP_MD_CTX *ctx);
/* FIXME: prototype these some day */
int (*sign) (int type, const unsigned char *m, unsigned int m_length,
unsigned char *sigret, unsigned int *siglen, void *key);
@@ -186,16 +184,20 @@ typedef int evp_sign_method(int type,const unsigned char *m,
unsigned int m_length, unsigned char *sigret,
unsigned int *siglen, void *key);
typedef int evp_verify_method(int type, const unsigned char *m,
unsigned int m_length,const unsigned char *sigbuf,
unsigned int m_length,
const unsigned char *sigbuf,
unsigned int siglen, void *key);
#define EVP_MD_FLAG_ONESHOT 0x0001 /* digest can only handle a single
* block */
/* digest can only handle a single block */
# define EVP_MD_FLAG_ONESHOT 0x0001
#define EVP_MD_FLAG_PKEY_DIGEST 0x0002 /* digest is a "clone" digest used
/*
* digest is a "clone" digest used
* which is a copy of an existing
* one for a specific public key type.
* EVP_dss1() etc */
* EVP_dss1() etc
*/
# define EVP_MD_FLAG_PKEY_DIGEST 0x0002
/* Digest uses EVP_PKEY_METHOD for signing instead of MD specific signing */
@@ -217,7 +219,8 @@ typedef int evp_verify_method(int type,const unsigned char *m,
# define EVP_MD_FLAG_DIGALGID_CUSTOM 0x0018
#define EVP_MD_FLAG_FIPS 0x0400 /* Note if suitable for use in FIPS mode */
/* Note if suitable for use in FIPS mode */
# define EVP_MD_FLAG_FIPS 0x0400
/* Digest ctrls */
@@ -262,10 +265,10 @@ typedef int evp_verify_method(int type,const unsigned char *m,
# endif /* !EVP_MD */
struct env_md_ctx_st
{
struct env_md_ctx_st {
const EVP_MD *digest;
ENGINE *engine; /* functional reference if 'digest' is ENGINE-provided */
ENGINE *engine; /* functional reference if 'digest' is
* ENGINE-provided */
unsigned long flags;
void *md_data;
/* Public key context for sign/verify */
@@ -276,20 +279,22 @@ struct env_md_ctx_st
/* values for EVP_MD_CTX flags */
#define EVP_MD_CTX_FLAG_ONESHOT 0x0001 /* digest update will be called
* once only */
# define EVP_MD_CTX_FLAG_ONESHOT 0x0001/* digest update will be
* called once only */
# define EVP_MD_CTX_FLAG_CLEANED 0x0002/* context has already been
* cleaned */
# define EVP_MD_CTX_FLAG_REUSE 0x0004/* Don't free up ctx->md_data
* in EVP_MD_CTX_cleanup */
/* FIPS and pad options are ignored in 1.0.0, definitions are here
* so we don't accidentally reuse the values for other purposes.
/*
* FIPS and pad options are ignored in 1.0.0, definitions are here so we
* don't accidentally reuse the values for other purposes.
*/
#define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW 0x0008 /* Allow use of non FIPS digest
* in FIPS mode */
# define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW 0x0008/* Allow use of non FIPS
* digest in FIPS mode */
/* The following PAD options are also currently ignored in 1.0.0, digest
/*
* The following PAD options are also currently ignored in 1.0.0, digest
* parameters are handled through EVP_DigestSign*() and EVP_DigestVerify*()
* instead.
*/
@@ -300,23 +305,32 @@ struct env_md_ctx_st
# define EVP_MD_CTX_FLAG_NO_INIT 0x0100/* Don't initialize md_data */
struct evp_cipher_st
{
struct evp_cipher_st {
int nid;
int block_size;
int key_len; /* Default value for variable length ciphers */
/* Default value for variable length ciphers */
int key_len;
int iv_len;
unsigned long flags; /* Various flags */
/* Various flags */
unsigned long flags;
/* init key */
int (*init) (EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc); /* init key */
const unsigned char *iv, int enc);
/* encrypt/decrypt data */
int (*do_cipher) (EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t inl);/* encrypt/decrypt data */
int (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */
int ctx_size; /* how big ctx->cipher_data needs to be */
int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Populate a ASN1_TYPE with parameters */
int (*get_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Get parameters from a ASN1_TYPE */
int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr); /* Miscellaneous operations */
void *app_data; /* Application data */
const unsigned char *in, size_t inl);
/* cleanup ctx */
int (*cleanup) (EVP_CIPHER_CTX *);
/* how big ctx->cipher_data needs to be */
int ctx_size;
/* Populate a ASN1_TYPE with parameters */
int (*set_asn1_parameters) (EVP_CIPHER_CTX *, ASN1_TYPE *);
/* Get parameters from a ASN1_TYPE */
int (*get_asn1_parameters) (EVP_CIPHER_CTX *, ASN1_TYPE *);
/* Miscellaneous operations */
int (*ctrl) (EVP_CIPHER_CTX *, int type, int arg, void *ptr);
/* Application data */
void *app_data;
} /* EVP_CIPHER */ ;
/* Values for cipher flags */
@@ -332,6 +346,7 @@ struct evp_cipher_st
# define EVP_CIPH_GCM_MODE 0x6
# define EVP_CIPH_CCM_MODE 0x7
# define EVP_CIPH_XTS_MODE 0x10001
# define EVP_CIPH_WRAP_MODE 0x10002
# define EVP_CIPH_MODE 0xF0007
/* Set if variable length cipher */
# define EVP_CIPH_VARIABLE_LENGTH 0x8
@@ -357,11 +372,19 @@ struct evp_cipher_st
# define EVP_CIPH_FLAG_FIPS 0x4000
/* Allow non FIPS cipher in FIPS mode */
# define EVP_CIPH_FLAG_NON_FIPS_ALLOW 0x8000
/* Cipher handles any and all padding logic as well
* as finalisation.
/*
* Cipher handles any and all padding logic as well as finalisation.
*/
# define EVP_CIPH_FLAG_CUSTOM_CIPHER 0x100000
# define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000
# define EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK 0x400000
/*
* Cipher context flag to indicate we can handle wrap mode: if allowed in
* older applications it could overflow buffers.
*/
# define EVP_CIPHER_CTX_FLAG_WRAP_ALLOW 0x1
/* ctrl() values */
@@ -384,9 +407,10 @@ struct evp_cipher_st
# define EVP_CTRL_CCM_SET_TAG EVP_CTRL_GCM_SET_TAG
# define EVP_CTRL_CCM_SET_L 0x14
# define EVP_CTRL_CCM_SET_MSGLEN 0x15
/* AEAD cipher deduces payload length and returns number of bytes
* required to store MAC and eventual padding. Subsequent call to
* EVP_Cipher even appends/verifies MAC.
/*
* AEAD cipher deduces payload length and returns number of bytes required to
* store MAC and eventual padding. Subsequent call to EVP_Cipher even
* appends/verifies MAC.
*/
# define EVP_CTRL_AEAD_TLS1_AAD 0x16
/* Used by composite AEAD ciphers, no-op in GCM, CCM... */
@@ -394,6 +418,21 @@ struct evp_cipher_st
/* Set the GCM invocation field, decrypt only */
# define EVP_CTRL_GCM_SET_IV_INV 0x18
# define EVP_CTRL_TLS1_1_MULTIBLOCK_AAD 0x19
# define EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT 0x1a
# define EVP_CTRL_TLS1_1_MULTIBLOCK_DECRYPT 0x1b
# define EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE 0x1c
/* RFC 5246 defines additional data to be 13 bytes in length */
# define EVP_AEAD_TLS1_AAD_LEN 13
typedef struct {
unsigned char *out;
const unsigned char *inp;
size_t len;
unsigned int interleave;
} EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM;
/* GCM TLS constants */
/* Length of fixed part of IV derived from PRF */
# define EVP_GCM_TLS_FIXED_IV_LEN 4
@@ -402,24 +441,21 @@ struct evp_cipher_st
/* Length of tag for TLS */
# define EVP_GCM_TLS_TAG_LEN 16
typedef struct evp_cipher_info_st
{
typedef struct evp_cipher_info_st {
const EVP_CIPHER *cipher;
unsigned char iv[EVP_MAX_IV_LENGTH];
} EVP_CIPHER_INFO;
struct evp_cipher_ctx_st
{
struct evp_cipher_ctx_st {
const EVP_CIPHER *cipher;
ENGINE *engine; /* functional reference if 'cipher' is ENGINE-provided */
ENGINE *engine; /* functional reference if 'cipher' is
* ENGINE-provided */
int encrypt; /* encrypt or decrypt */
int buf_len; /* number we have left */
unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */
unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */
unsigned char buf[EVP_MAX_BLOCK_LENGTH]; /* saved partial block */
int num; /* used by cfb/ofb/ctr mode */
void *app_data; /* application stuff */
int key_len; /* May change for variable length cipher */
unsigned long flags; /* Various flags */
@@ -429,23 +465,27 @@ struct evp_cipher_ctx_st
unsigned char final[EVP_MAX_BLOCK_LENGTH]; /* possible final block */
} /* EVP_CIPHER_CTX */ ;
typedef struct evp_Encode_Ctx_st
{
int num; /* number saved in a partial encode/decode */
int length; /* The length is either the output line length
* (in input bytes) or the shortest input line
* length that is ok. Once decoding begins,
* the length is adjusted up each time a longer
* line is decoded */
unsigned char enc_data[80]; /* data to encode */
int line_num; /* number read on current line */
typedef struct evp_Encode_Ctx_st {
/* number saved in a partial encode/decode */
int num;
/*
* The length is either the output line length (in input bytes) or the
* shortest input line length that is ok. Once decoding begins, the
* length is adjusted up each time a longer line is decoded
*/
int length;
/* data to encode */
unsigned char enc_data[80];
/* number read on current line */
int line_num;
int expect_nl;
} EVP_ENCODE_CTX;
/* Password based encryption function */
typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
ASN1_TYPE *param, const EVP_CIPHER *cipher,
const EVP_MD *md, int en_de);
typedef int (EVP_PBE_KEYGEN) (EVP_CIPHER_CTX *ctx, const char *pass,
int passlen, ASN1_TYPE *param,
const EVP_CIPHER *cipher, const EVP_MD *md,
int en_de);
# ifndef OPENSSL_NO_RSA
# define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
@@ -532,9 +572,7 @@ void BIO_set_md(BIO *,const EVP_MD *md);
# define BIO_get_cipher_ctx(b,c_pp) BIO_ctrl(b,BIO_C_GET_CIPHER_CTX,0,(char *)c_pp)
int EVP_Cipher(EVP_CIPHER_CTX *c,
unsigned char *out,
const unsigned char *in,
unsigned int inl);
unsigned char *out, const unsigned char *in, unsigned int inl);
# define EVP_add_cipher_alias(n,alias) \
OBJ_NAME_add((alias),OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS,(n))
@@ -554,24 +592,26 @@ void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
int EVP_DigestUpdate(EVP_MD_CTX *ctx,const void *d,
size_t cnt);
int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
int EVP_Digest(const void *data, size_t count,
unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl);
unsigned char *md, unsigned int *size, const EVP_MD *type,
ENGINE *impl);
int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in);
int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
int EVP_read_pw_string(char *buf, int length, const char *prompt, int verify);
int EVP_read_pw_string_min(char *buf,int minlen,int maxlen,const char *prompt,int verify);
int EVP_read_pw_string_min(char *buf, int minlen, int maxlen,
const char *prompt, int verify);
void EVP_set_pw_prompt(const char *prompt);
char *EVP_get_pw_prompt(void);
int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
const unsigned char *salt, const unsigned char *data,
int datal, int count, unsigned char *key,unsigned char *iv);
int datal, int count, unsigned char *key,
unsigned char *iv);
void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags);
void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags);
@@ -579,30 +619,32 @@ int EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx,int flags);
int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
const unsigned char *key, const unsigned char *iv);
int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
const unsigned char *key, const unsigned char *iv);
int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
int *outl, const unsigned char *in, int inl);
int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
ENGINE *impl, const unsigned char *key,
const unsigned char *iv);
int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
const unsigned char *in, int inl);
int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
const unsigned char *key, const unsigned char *iv);
int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
const unsigned char *key, const unsigned char *iv);
int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
int *outl, const unsigned char *in, int inl);
int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
ENGINE *impl, const unsigned char *key,
const unsigned char *iv);
int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
const unsigned char *in, int inl);
int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
const unsigned char *key, const unsigned char *iv,
int enc);
int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
const unsigned char *key,const unsigned char *iv,
int enc);
int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
int *outl, const unsigned char *in, int inl);
int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
ENGINE *impl, const unsigned char *key,
const unsigned char *iv, int enc);
int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
const unsigned char *in, int inl);
int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
@@ -620,7 +662,7 @@ int EVP_DigestSignFinal(EVP_MD_CTX *ctx,
int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx,
unsigned char *sig, size_t siglen);
const unsigned char *sig, size_t siglen);
int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
const unsigned char *ek, int ekl, const unsigned char *iv,
@@ -725,8 +767,12 @@ const EVP_CIPHER *EVP_des_cbc(void);
const EVP_CIPHER *EVP_des_ede_cbc(void);
const EVP_CIPHER *EVP_des_ede3_cbc(void);
const EVP_CIPHER *EVP_desx_cbc(void);
/* This should now be supported through the dev_crypto ENGINE. But also, why are
* rc4 and md5 declarations made here inside a "NO_DES" precompiler branch? */
const EVP_CIPHER *EVP_des_ede3_wrap(void);
/*
* This should now be supported through the dev_crypto ENGINE. But also, why
* are rc4 and md5 declarations made here inside a "NO_DES" precompiler
* branch?
*/
# if 0
# ifdef OPENSSL_OPENBSD_DEV_CRYPTO
const EVP_CIPHER *EVP_dev_crypto_des_ede3_cbc(void);
@@ -791,6 +837,7 @@ const EVP_CIPHER *EVP_aes_128_ctr(void);
const EVP_CIPHER *EVP_aes_128_ccm(void);
const EVP_CIPHER *EVP_aes_128_gcm(void);
const EVP_CIPHER *EVP_aes_128_xts(void);
const EVP_CIPHER *EVP_aes_128_wrap(void);
const EVP_CIPHER *EVP_aes_192_ecb(void);
const EVP_CIPHER *EVP_aes_192_cbc(void);
const EVP_CIPHER *EVP_aes_192_cfb1(void);
@@ -801,6 +848,7 @@ const EVP_CIPHER *EVP_aes_192_ofb(void);
const EVP_CIPHER *EVP_aes_192_ctr(void);
const EVP_CIPHER *EVP_aes_192_ccm(void);
const EVP_CIPHER *EVP_aes_192_gcm(void);
const EVP_CIPHER *EVP_aes_192_wrap(void);
const EVP_CIPHER *EVP_aes_256_ecb(void);
const EVP_CIPHER *EVP_aes_256_cbc(void);
const EVP_CIPHER *EVP_aes_256_cfb1(void);
@@ -812,10 +860,15 @@ const EVP_CIPHER *EVP_aes_256_ctr(void);
const EVP_CIPHER *EVP_aes_256_ccm(void);
const EVP_CIPHER *EVP_aes_256_gcm(void);
const EVP_CIPHER *EVP_aes_256_xts(void);
const EVP_CIPHER *EVP_aes_256_wrap(void);
# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void);
const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void);
# endif
# ifndef OPENSSL_NO_SHA256
const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha256(void);
const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha256(void);
# endif
# endif
# ifndef OPENSSL_NO_CAMELLIA
const EVP_CIPHER *EVP_camellia_128_ecb(void);
@@ -874,14 +927,18 @@ const EVP_MD *EVP_get_digestbyname(const char *name);
void EVP_cleanup(void);
void EVP_CIPHER_do_all(void (*fn) (const EVP_CIPHER *ciph,
const char *from, const char *to, void *x), void *arg);
void EVP_CIPHER_do_all_sorted(void (*fn)(const EVP_CIPHER *ciph,
const char *from, const char *to, void *x), void *arg);
const char *from, const char *to, void *x),
void *arg);
void EVP_CIPHER_do_all_sorted(void (*fn)
(const EVP_CIPHER *ciph, const char *from,
const char *to, void *x), void *arg);
void EVP_MD_do_all(void (*fn) (const EVP_MD *ciph,
const char *from, const char *to, void *x), void *arg);
void EVP_MD_do_all_sorted(void (*fn)(const EVP_MD *ciph,
const char *from, const char *to, void *x), void *arg);
const char *from, const char *to, void *x),
void *arg);
void EVP_MD_do_all_sorted(void (*fn)
(const EVP_MD *ciph, const char *from,
const char *to, void *x), void *arg);
int EVP_PKEY_decrypt_old(unsigned char *dec_key,
const unsigned char *enc_key, int enc_key_len,
@@ -961,18 +1018,17 @@ int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c,ASN1_TYPE *type);
/* PKCS5 password based encryption */
int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md,
int en_de);
ASN1_TYPE *param, const EVP_CIPHER *cipher,
const EVP_MD *md, int en_de);
int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
const unsigned char *salt, int saltlen, int iter,
int keylen, unsigned char *out);
int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
const unsigned char *salt, int saltlen, int iter,
const EVP_MD *digest,
int keylen, unsigned char *out);
const EVP_MD *digest, int keylen, unsigned char *out);
int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md,
int en_de);
ASN1_TYPE *param, const EVP_CIPHER *cipher,
const EVP_MD *md, int en_de);
void PKCS5_PBE_add(void);
@@ -986,12 +1042,12 @@ int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
/* Is an PRF type OID */
# define EVP_PBE_TYPE_PRF 0x1
int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid,
EVP_PBE_KEYGEN *keygen);
int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid,
int md_nid, EVP_PBE_KEYGEN *keygen);
int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
EVP_PBE_KEYGEN *keygen);
int EVP_PBE_find(int type, int pbe_nid,
int *pcnid, int *pmnid, EVP_PBE_KEYGEN **pkeygen);
int EVP_PBE_find(int type, int pbe_nid, int *pcnid, int *pmnid,
EVP_PBE_KEYGEN **pkeygen);
void EVP_PBE_cleanup(void);
# define ASN1_PKEY_ALIAS 0x1
@@ -1003,6 +1059,7 @@ void EVP_PBE_cleanup(void);
# define ASN1_PKEY_CTRL_DEFAULT_MD_NID 0x3
# define ASN1_PKEY_CTRL_CMS_SIGN 0x5
# define ASN1_PKEY_CTRL_CMS_ENVELOPE 0x7
# define ASN1_PKEY_CTRL_CMS_RI_TYPE 0x8
int EVP_PKEY_asn1_get_count(void);
const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx);
@@ -1011,37 +1068,54 @@ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe,
const char *str, int len);
int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
int EVP_PKEY_asn1_add_alias(int to, int from);
int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *pkey_base_id, int *ppkey_flags,
const char **pinfo, const char **ppem_str,
int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *pkey_base_id,
int *ppkey_flags, const char **pinfo,
const char **ppem_str,
const EVP_PKEY_ASN1_METHOD *ameth);
const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(EVP_PKEY *pkey);
EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
const char *pem_str, const char *info);
const char *pem_str,
const char *info);
void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
const EVP_PKEY_ASN1_METHOD *src);
void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
int (*pub_decode)(EVP_PKEY *pk, X509_PUBKEY *pub),
int (*pub_encode)(X509_PUBKEY *pub, const EVP_PKEY *pk),
int (*pub_cmp)(const EVP_PKEY *a, const EVP_PKEY *b),
int (*pub_print)(BIO *out, const EVP_PKEY *pkey, int indent,
ASN1_PCTX *pctx),
int (*pub_decode) (EVP_PKEY *pk,
X509_PUBKEY *pub),
int (*pub_encode) (X509_PUBKEY *pub,
const EVP_PKEY *pk),
int (*pub_cmp) (const EVP_PKEY *a,
const EVP_PKEY *b),
int (*pub_print) (BIO *out,
const EVP_PKEY *pkey,
int indent, ASN1_PCTX *pctx),
int (*pkey_size) (const EVP_PKEY *pk),
int (*pkey_bits) (const EVP_PKEY *pk));
void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
int (*priv_decode)(EVP_PKEY *pk, PKCS8_PRIV_KEY_INFO *p8inf),
int (*priv_encode)(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk),
int (*priv_print)(BIO *out, const EVP_PKEY *pkey, int indent,
int (*priv_decode) (EVP_PKEY *pk,
PKCS8_PRIV_KEY_INFO
*p8inf),
int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8,
const EVP_PKEY *pk),
int (*priv_print) (BIO *out,
const EVP_PKEY *pkey,
int indent,
ASN1_PCTX *pctx));
void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
int (*param_decode) (EVP_PKEY *pkey,
const unsigned char **pder, int derlen),
int (*param_encode)(const EVP_PKEY *pkey, unsigned char **pder),
const unsigned char **pder,
int derlen),
int (*param_encode) (const EVP_PKEY *pkey,
unsigned char **pder),
int (*param_missing) (const EVP_PKEY *pk),
int (*param_copy)(EVP_PKEY *to, const EVP_PKEY *from),
int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b),
int (*param_print)(BIO *out, const EVP_PKEY *pkey, int indent,
int (*param_copy) (EVP_PKEY *to,
const EVP_PKEY *from),
int (*param_cmp) (const EVP_PKEY *a,
const EVP_PKEY *b),
int (*param_print) (BIO *out,
const EVP_PKEY *pkey,
int indent,
ASN1_PCTX *pctx));
void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
@@ -1049,7 +1123,19 @@ void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
int (*pkey_ctrl) (EVP_PKEY *pkey, int op,
long arg1, void *arg2));
void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth,
int (*item_verify) (EVP_MD_CTX *ctx,
const ASN1_ITEM *it,
void *asn,
X509_ALGOR *a,
ASN1_BIT_STRING *sig,
EVP_PKEY *pkey),
int (*item_sign) (EVP_MD_CTX *ctx,
const ASN1_ITEM *it,
void *asn,
X509_ALGOR *alg1,
X509_ALGOR *alg2,
ASN1_BIT_STRING *sig));
# define EVP_PKEY_OP_UNDEFINED 0
# define EVP_PKEY_OP_PARAMGEN (1<<1)
@@ -1080,6 +1166,10 @@ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG, \
EVP_PKEY_CTRL_MD, 0, (void *)md)
# define EVP_PKEY_CTX_get_signature_md(ctx, pmd) \
EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG, \
EVP_PKEY_CTRL_GET_MD, 0, (void *)pmd)
# define EVP_PKEY_CTRL_MD 1
# define EVP_PKEY_CTRL_PEER_KEY 2
@@ -1101,12 +1191,13 @@ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
# define EVP_PKEY_CTRL_CIPHER 12
# define EVP_PKEY_CTRL_GET_MD 13
# define EVP_PKEY_ALG_CTRL 0x1000
# define EVP_PKEY_FLAG_AUTOARGLEN 2
/* Method handles all operations: don't assume any digest related
* defaults.
/*
* Method handles all operations: don't assume any digest related defaults.
*/
# define EVP_PKEY_FLAG_SIGCTX_CUSTOM 4
@@ -1184,70 +1275,102 @@ void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
int (*init) (EVP_PKEY_CTX *ctx));
void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src));
int (*copy) (EVP_PKEY_CTX *dst,
EVP_PKEY_CTX *src));
void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
void (*cleanup) (EVP_PKEY_CTX *ctx));
void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
int (*paramgen_init) (EVP_PKEY_CTX *ctx),
int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey));
int (*paramgen) (EVP_PKEY_CTX *ctx,
EVP_PKEY *pkey));
void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
int (*keygen_init) (EVP_PKEY_CTX *ctx),
int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey));
int (*keygen) (EVP_PKEY_CTX *ctx,
EVP_PKEY *pkey));
void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
int (*sign_init) (EVP_PKEY_CTX *ctx),
int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
const unsigned char *tbs, size_t tbslen));
int (*sign) (EVP_PKEY_CTX *ctx,
unsigned char *sig, size_t *siglen,
const unsigned char *tbs,
size_t tbslen));
void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
int (*verify_init) (EVP_PKEY_CTX *ctx),
int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
const unsigned char *tbs, size_t tbslen));
int (*verify) (EVP_PKEY_CTX *ctx,
const unsigned char *sig,
size_t siglen,
const unsigned char *tbs,
size_t tbslen));
void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
int (*verify_recover_init)(EVP_PKEY_CTX *ctx),
int (*verify_recover)(EVP_PKEY_CTX *ctx,
unsigned char *sig, size_t *siglen,
const unsigned char *tbs, size_t tbslen));
int (*verify_recover_init) (EVP_PKEY_CTX
*ctx),
int (*verify_recover) (EVP_PKEY_CTX
*ctx,
unsigned char
*sig,
size_t *siglen,
const unsigned
char *tbs,
size_t tbslen));
void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
int (*signctx_init) (EVP_PKEY_CTX *ctx,
EVP_MD_CTX *mctx),
int (*signctx) (EVP_PKEY_CTX *ctx,
unsigned char *sig,
size_t *siglen,
EVP_MD_CTX *mctx));
void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig,int siglen,
int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
EVP_MD_CTX *mctx),
int (*verifyctx) (EVP_PKEY_CTX *ctx,
const unsigned char *sig,
int siglen,
EVP_MD_CTX *mctx));
void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
int (*encrypt_init) (EVP_PKEY_CTX *ctx),
int (*encryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen));
int (*encryptfn) (EVP_PKEY_CTX *ctx,
unsigned char *out,
size_t *outlen,
const unsigned char *in,
size_t inlen));
void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
int (*decrypt_init) (EVP_PKEY_CTX *ctx),
int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen));
int (*decrypt) (EVP_PKEY_CTX *ctx,
unsigned char *out,
size_t *outlen,
const unsigned char *in,
size_t inlen));
void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
int (*derive_init) (EVP_PKEY_CTX *ctx),
int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen));
int (*derive) (EVP_PKEY_CTX *ctx,
unsigned char *key,
size_t *keylen));
void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2),
int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
void *p2),
int (*ctrl_str) (EVP_PKEY_CTX *ctx,
const char *type, const char *value));
const char *type,
const char *value));
void EVP_add_alg_module(void);
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_EVP_strings(void);
/* Error codes for the EVP functions. */
@@ -1256,11 +1379,13 @@ void ERR_load_EVP_strings(void);
# define EVP_F_AESNI_INIT_KEY 165
# define EVP_F_AESNI_XTS_CIPHER 176
# define EVP_F_AES_INIT_KEY 133
# define EVP_F_AES_T4_INIT_KEY 178
# define EVP_F_AES_XTS 172
# define EVP_F_AES_XTS_CIPHER 175
# define EVP_F_ALG_MODULE_INIT 177
# define EVP_F_CAMELLIA_INIT_KEY 159
# define EVP_F_CMAC_INIT 173
# define EVP_F_CMLL_T4_INIT_KEY 179
# define EVP_F_D2I_PKEY 100
# define EVP_F_DO_SIGVER_INIT 161
# define EVP_F_DSAPKEY2PKCS8 134
@@ -1365,6 +1490,7 @@ void ERR_load_EVP_strings(void);
# define EVP_R_INPUT_NOT_INITIALIZED 111
# define EVP_R_INVALID_DIGEST 152
# define EVP_R_INVALID_FIPS_MODE 168
# define EVP_R_INVALID_KEY 171
# define EVP_R_INVALID_KEY_LENGTH 130
# define EVP_R_INVALID_OPERATION 148
# define EVP_R_IV_TOO_LARGE 102
@@ -1400,6 +1526,7 @@ void ERR_load_EVP_strings(void);
# define EVP_R_UNSUPPORTED_PRF 125
# define EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM 118
# define EVP_R_UNSUPPORTED_SALT_TYPE 126
# define EVP_R_WRAP_MODE_NOT_ALLOWED 170
# define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109
# define EVP_R_WRONG_PUBLIC_KEY_TYPE 110

11
libs/openssl/include/openssl/hmac.h
View File

@@ -72,8 +72,7 @@
extern "C" {
#endif
typedef struct hmac_ctx_st
{
typedef struct hmac_ctx_st {
const EVP_MD *md;
EVP_MD_CTX md_ctx;
EVP_MD_CTX i_ctx;
@@ -84,14 +83,14 @@ typedef struct hmac_ctx_st
# define HMAC_size(e) (EVP_MD_size((e)->md))
void HMAC_CTX_init(HMAC_CTX *ctx);
void HMAC_CTX_cleanup(HMAC_CTX *ctx);
#define HMAC_cleanup(ctx) HMAC_CTX_cleanup(ctx) /* deprecated */
/* deprecated */
# define HMAC_cleanup(ctx) HMAC_CTX_cleanup(ctx)
int HMAC_Init(HMAC_CTX *ctx, const void *key, int len,
const EVP_MD *md); /* deprecated */
/* deprecated */
int HMAC_Init(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md);
int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
const EVP_MD *md, ENGINE *impl);
int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len);

12
libs/openssl/include/openssl/idea.h
View File

@@ -75,8 +75,7 @@
extern "C" {
#endif
typedef struct idea_key_st
{
typedef struct idea_key_st {
IDEA_INT data[9][6];
} IDEA_KEY_SCHEDULE;
@@ -84,17 +83,20 @@ const char *idea_options(void);
void idea_ecb_encrypt(const unsigned char *in, unsigned char *out,
IDEA_KEY_SCHEDULE *ks);
# ifdef OPENSSL_FIPS
void private_idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks);
void private_idea_set_encrypt_key(const unsigned char *key,
IDEA_KEY_SCHEDULE *ks);
# endif
void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks);
void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk);
void idea_cbc_encrypt(const unsigned char *in, unsigned char *out,
long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,int enc);
long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
int enc);
void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out,
long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
int *num, int enc);
void idea_ofb64_encrypt(const unsigned char *in, unsigned char *out,
long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv, int *num);
long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
int *num);
void idea_encrypt(unsigned long *in, IDEA_KEY_SCHEDULE *ks);
#ifdef __cplusplus
}

162
libs/openssl/include/openssl/krb5_asn.h
View File

@@ -1,6 +1,7 @@
/* krb5_asn.h */
/* Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project,
** using ocsp/{*.h,*asn*.c} as a starting point
/*
* Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project, **
* using ocsp/{*.h,*asn*.c} as a starting point
*/
/* ====================================================================
@@ -61,7 +62,7 @@
# define HEADER_KRB5_ASN_H
/*
#include <krb5.h>
* #include <krb5.h>
*/
# include <openssl/safestack.h>
@@ -69,18 +70,17 @@
extern "C" {
#endif
/* ASN.1 from Kerberos RFC 1510
/*
* ASN.1 from Kerberos RFC 1510
*/
/* EncryptedData ::= SEQUENCE {
** etype[0] INTEGER, -- EncryptionType
** kvno[1] INTEGER OPTIONAL,
** cipher[2] OCTET STRING -- ciphertext
** }
/*- EncryptedData ::= SEQUENCE {
* etype[0] INTEGER, -- EncryptionType
* kvno[1] INTEGER OPTIONAL,
* cipher[2] OCTET STRING -- ciphertext
* }
*/
typedef struct krb5_encdata_st
{
typedef struct krb5_encdata_st {
ASN1_INTEGER *etype;
ASN1_INTEGER *kvno;
ASN1_OCTET_STRING *cipher;
@@ -88,29 +88,26 @@ typedef struct krb5_encdata_st
DECLARE_STACK_OF(KRB5_ENCDATA)
/* PrincipalName ::= SEQUENCE {
** name-type[0] INTEGER,
** name-string[1] SEQUENCE OF GeneralString
** }
/*- PrincipalName ::= SEQUENCE {
* name-type[0] INTEGER,
* name-string[1] SEQUENCE OF GeneralString
* }
*/
typedef struct krb5_princname_st
{
typedef struct krb5_princname_st {
ASN1_INTEGER *nametype;
STACK_OF(ASN1_GENERALSTRING) *namestring;
} KRB5_PRINCNAME;
DECLARE_STACK_OF(KRB5_PRINCNAME)
/* Ticket ::= [APPLICATION 1] SEQUENCE {
** tkt-vno[0] INTEGER,
** realm[1] Realm,
** sname[2] PrincipalName,
** enc-part[3] EncryptedData
** }
/*- Ticket ::= [APPLICATION 1] SEQUENCE {
* tkt-vno[0] INTEGER,
* realm[1] Realm,
* sname[2] PrincipalName,
* enc-part[3] EncryptedData
* }
*/
typedef struct krb5_tktbody_st
{
typedef struct krb5_tktbody_st {
ASN1_INTEGER *tktvno;
ASN1_GENERALSTRING *realm;
KRB5_PRINCNAME *sname;
@@ -120,20 +117,18 @@ typedef struct krb5_tktbody_st
typedef STACK_OF(KRB5_TKTBODY) KRB5_TICKET;
DECLARE_STACK_OF(KRB5_TKTBODY)
/* AP-REQ ::= [APPLICATION 14] SEQUENCE {
** pvno[0] INTEGER,
** msg-type[1] INTEGER,
** ap-options[2] APOptions,
** ticket[3] Ticket,
** authenticator[4] EncryptedData
** }
**
** APOptions ::= BIT STRING {
** reserved(0), use-session-key(1), mutual-required(2) }
/*- AP-REQ ::= [APPLICATION 14] SEQUENCE {
* pvno[0] INTEGER,
* msg-type[1] INTEGER,
* ap-options[2] APOptions,
* ticket[3] Ticket,
* authenticator[4] EncryptedData
* }
*
* APOptions ::= BIT STRING {
* reserved(0), use-session-key(1), mutual-required(2) }
*/
typedef struct krb5_ap_req_st
{
typedef struct krb5_ap_req_st {
ASN1_INTEGER *pvno;
ASN1_INTEGER *msgtype;
ASN1_BIT_STRING *apoptions;
@@ -144,67 +139,58 @@ typedef struct krb5_ap_req_st
typedef STACK_OF(KRB5_APREQBODY) KRB5_APREQ;
DECLARE_STACK_OF(KRB5_APREQBODY)
/* Authenticator Stuff */
/* Checksum ::= SEQUENCE {
** cksumtype[0] INTEGER,
** checksum[1] OCTET STRING
** }
/*- Checksum ::= SEQUENCE {
* cksumtype[0] INTEGER,
* checksum[1] OCTET STRING
* }
*/
typedef struct krb5_checksum_st
{
typedef struct krb5_checksum_st {
ASN1_INTEGER *ctype;
ASN1_OCTET_STRING *checksum;
} KRB5_CHECKSUM;
DECLARE_STACK_OF(KRB5_CHECKSUM)
/* EncryptionKey ::= SEQUENCE {
** keytype[0] INTEGER,
** keyvalue[1] OCTET STRING
** }
/*- EncryptionKey ::= SEQUENCE {
* keytype[0] INTEGER,
* keyvalue[1] OCTET STRING
* }
*/
typedef struct krb5_encryptionkey_st
{
typedef struct krb5_encryptionkey_st {
ASN1_INTEGER *ktype;
ASN1_OCTET_STRING *keyvalue;
} KRB5_ENCKEY;
DECLARE_STACK_OF(KRB5_ENCKEY)
/* AuthorizationData ::= SEQUENCE OF SEQUENCE {
** ad-type[0] INTEGER,
** ad-data[1] OCTET STRING
** }
/*- AuthorizationData ::= SEQUENCE OF SEQUENCE {
* ad-type[0] INTEGER,
* ad-data[1] OCTET STRING
* }
*/
typedef struct krb5_authorization_st
{
typedef struct krb5_authorization_st {
ASN1_INTEGER *adtype;
ASN1_OCTET_STRING *addata;
} KRB5_AUTHDATA;
DECLARE_STACK_OF(KRB5_AUTHDATA)
/* -- Unencrypted authenticator
** Authenticator ::= [APPLICATION 2] SEQUENCE {
** authenticator-vno[0] INTEGER,
** crealm[1] Realm,
** cname[2] PrincipalName,
** cksum[3] Checksum OPTIONAL,
** cusec[4] INTEGER,
** ctime[5] KerberosTime,
** subkey[6] EncryptionKey OPTIONAL,
** seq-number[7] INTEGER OPTIONAL,
** authorization-data[8] AuthorizationData OPTIONAL
** }
/*- -- Unencrypted authenticator
* Authenticator ::= [APPLICATION 2] SEQUENCE {
* authenticator-vno[0] INTEGER,
* crealm[1] Realm,
* cname[2] PrincipalName,
* cksum[3] Checksum OPTIONAL,
* cusec[4] INTEGER,
* ctime[5] KerberosTime,
* subkey[6] EncryptionKey OPTIONAL,
* seq-number[7] INTEGER OPTIONAL,
* authorization-data[8] AuthorizationData OPTIONAL
* }
*/
typedef struct krb5_authenticator_st
{
typedef struct krb5_authenticator_st {
ASN1_INTEGER *avno;
ASN1_GENERALSTRING *crealm;
KRB5_PRINCNAME *cname;
@@ -219,15 +205,14 @@ typedef struct krb5_authenticator_st
typedef STACK_OF(KRB5_AUTHENTBODY) KRB5_AUTHENT;
DECLARE_STACK_OF(KRB5_AUTHENTBODY)
/* DECLARE_ASN1_FUNCTIONS(type) = DECLARE_ASN1_FUNCTIONS_name(type, type) =
** type *name##_new(void);
** void name##_free(type *a);
** DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) =
** DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) =
** type *d2i_##name(type **a, const unsigned char **in, long len);
** int i2d_##name(type *a, unsigned char **out);
** DECLARE_ASN1_ITEM(itname) = OPENSSL_EXTERN const ASN1_ITEM itname##_it
/*- DECLARE_ASN1_FUNCTIONS(type) = DECLARE_ASN1_FUNCTIONS_name(type, type) =
* type *name##_new(void);
* void name##_free(type *a);
* DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) =
* DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) =
* type *d2i_##name(type **a, const unsigned char **in, long len);
* int i2d_##name(type *a, unsigned char **out);
* DECLARE_ASN1_ITEM(itname) = OPENSSL_EXTERN const ASN1_ITEM itname##_it
*/
DECLARE_ASN1_FUNCTIONS(KRB5_ENCDATA)
@@ -243,9 +228,9 @@ DECLARE_ASN1_FUNCTIONS(KRB5_AUTHDATA)
DECLARE_ASN1_FUNCTIONS(KRB5_AUTHENTBODY)
DECLARE_ASN1_FUNCTIONS(KRB5_AUTHENT)
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
@@ -253,4 +238,3 @@ DECLARE_ASN1_FUNCTIONS(KRB5_AUTHENT)
}
#endif
#endif

47
libs/openssl/include/openssl/kssl.h
View File

@@ -1,6 +1,7 @@
/* ssl/kssl.h -*- mode: C; c-file-style: "eay" -*- */
/* Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project 2000.
* project 2000.
/* ssl/kssl.h */
/*
* Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project
* 2000. project 2000.
*/
/* ====================================================================
* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
@@ -71,8 +72,9 @@
# include <ctype.h>
# include <krb5.h>
# ifdef OPENSSL_SYS_WIN32
/* These can sometimes get redefined indirectly by krb5 header files
* after they get undefed in ossl_typ.h
/*
* These can sometimes get redefined indirectly by krb5 header files after
* they get undefed in ossl_typ.h
*/
# undef X509_NAME
# undef X509_EXTENSIONS
@@ -85,8 +87,8 @@ extern "C" {
#endif
/*
** Depending on which KRB5 implementation used, some types from
** the other may be missing. Resolve that here and now
* Depending on which KRB5 implementation used, some types from
* the other may be missing. Resolve that here and now
*/
# ifdef KRB5_HEIMDAL
typedef unsigned char krb5_octet;
@@ -99,10 +101,11 @@ typedef unsigned char krb5_octet;
# endif
/* Uncomment this to debug kssl problems or
** to trace usage of the Kerberos session key
**
** #define KSSL_DEBUG
/*-
* Uncomment this to debug kssl problems or
* to trace usage of the Kerberos session key
*
* #define KSSL_DEBUG
*/
# ifndef KRB5SVC
@@ -131,13 +134,11 @@ typedef struct kssl_err_st {
char text[KSSL_ERR_MAX + 1];
} KSSL_ERR;
/* Context for passing
** (1) Kerberos session key to SSL, and
** (2) Config data between application and SSL lib
/*- Context for passing
* (1) Kerberos session key to SSL, and
* (2) Config data between application and SSL lib
*/
typedef struct kssl_ctx_st
{
typedef struct kssl_ctx_st {
/* used by: disposition: */
char *service_name; /* C,S default ok (kssl) */
char *service_host; /* C input, REQUIRED */
@@ -164,7 +165,8 @@ KSSL_CTX *kssl_ctx_new(void);
KSSL_CTX *kssl_ctx_free(KSSL_CTX *kssl_ctx);
void kssl_ctx_show(KSSL_CTX *kssl_ctx);
krb5_error_code kssl_ctx_setprinc(KSSL_CTX *kssl_ctx, int which,
krb5_data *realm, krb5_data *entity, int nentities);
krb5_data *realm, krb5_data *entity,
int nentities);
krb5_error_code kssl_cget_tkt(KSSL_CTX *kssl_ctx, krb5_data **enc_tktp,
krb5_data *authenp, KSSL_ERR *kssl_err);
krb5_error_code kssl_sget_tkt(KSSL_CTX *kssl_ctx, krb5_data *indata,
@@ -173,12 +175,15 @@ krb5_error_code kssl_ctx_setkey(KSSL_CTX *kssl_ctx, krb5_keyblock *session);
void kssl_err_set(KSSL_ERR *kssl_err, int reason, char *text);
void kssl_krb5_free_data_contents(krb5_context context, krb5_data *data);
krb5_error_code kssl_build_principal_2(krb5_context context,
krb5_principal *princ, int rlen, const char *realm,
int slen, const char *svc, int hlen, const char *host);
krb5_principal *princ, int rlen,
const char *realm, int slen,
const char *svc, int hlen,
const char *host);
krb5_error_code kssl_validate_times(krb5_timestamp atime,
krb5_ticket_times *ttimes);
krb5_error_code kssl_check_authent(KSSL_CTX *kssl_ctx, krb5_data *authentp,
krb5_timestamp *atimep, KSSL_ERR *kssl_err);
krb5_timestamp *atimep,
KSSL_ERR *kssl_err);
unsigned char *kssl_skip_confound(krb5_enctype enctype, unsigned char *authn);
void SSL_set0_kssl_ctx(SSL *s, KSSL_CTX *kctx);

33
libs/openssl/include/openssl/lhash.h
View File

@@ -56,8 +56,8 @@
* [including the GNU Public Licence.]
*/
/* Header for dynamic hash table routines
* Author - Eric Young
/*
* Header for dynamic hash table routines Author - Eric Young
*/
#ifndef HEADER_LHASH_H
@@ -76,8 +76,7 @@
extern "C" {
#endif
typedef struct lhash_node_st
{
typedef struct lhash_node_st {
void *data;
struct lhash_node_st *next;
# ifndef OPENSSL_NO_HASH_COMP
@@ -90,12 +89,14 @@ typedef unsigned long (*LHASH_HASH_FN_TYPE)(const void *);
typedef void (*LHASH_DOALL_FN_TYPE) (void *);
typedef void (*LHASH_DOALL_ARG_FN_TYPE) (void *, void *);
/* Macros for declaring and implementing type-safe wrappers for LHASH callbacks.
* This way, callbacks can be provided to LHASH structures without function
* pointer casting and the macro-defined callbacks provide per-variable casting
* before deferring to the underlying type-specific callbacks. NB: It is
* possible to place a "static" in front of both the DECLARE and IMPLEMENT
* macros if the functions are strictly internal. */
/*
* Macros for declaring and implementing type-safe wrappers for LHASH
* callbacks. This way, callbacks can be provided to LHASH structures without
* function pointer casting and the macro-defined callbacks provide
* per-variable casting before deferring to the underlying type-specific
* callbacks. NB: It is possible to place a "static" in front of both the
* DECLARE and IMPLEMENT macros if the functions are strictly internal.
*/
/* First: "hash" functions */
# define DECLARE_LHASH_HASH_FN(name, o_type) \
@@ -135,8 +136,7 @@ typedef void (*LHASH_DOALL_ARG_FN_TYPE)(void *, void *);
name##_doall_arg(a, b); }
# define LHASH_DOALL_ARG_FN(name) name##_LHASH_DOALL_ARG
typedef struct lhash_st
{
typedef struct lhash_st {
LHASH_NODE **b;
LHASH_COMP_FN_TYPE comp;
LHASH_HASH_FN_TYPE hash;
@@ -147,7 +147,6 @@ typedef struct lhash_st
unsigned long up_load; /* load times 256 */
unsigned long down_load; /* load times 256 */
unsigned long num_items;
unsigned long num_expands;
unsigned long num_expand_reallocs;
unsigned long num_contracts;
@@ -161,15 +160,16 @@ typedef struct lhash_st
unsigned long num_retrieve;
unsigned long num_retrieve_miss;
unsigned long num_hash_comps;
int error;
} _LHASH; /* Do not use _LHASH directly, use LHASH_OF
* and friends */
# define LH_LOAD_MULT 256
/* Indicates a malloc() error in the last call, this is only bad
* in lh_insert(). */
/*
* Indicates a malloc() error in the last call, this is only bad in
* lh_insert().
*/
# define lh_error(lh) ((lh)->error)
_LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c);
@@ -238,4 +238,3 @@ DECLARE_LHASH_OF(OPENSSL_CSTRING);
#endif
#endif

5
libs/openssl/include/openssl/md4.h
View File

@@ -70,7 +70,7 @@ extern "C" {
# error MD4 is disabled.
# endif
/*
/*-
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
* ! MD4_LONG has to be at least 32 bits wide. If it's wider, then !
* ! MD4_LONG_LOG2 has to be defined along. !
@@ -97,8 +97,7 @@ extern "C" {
# define MD4_LBLOCK (MD4_CBLOCK/4)
# define MD4_DIGEST_LENGTH 16
typedef struct MD4state_st
{
typedef struct MD4state_st {
MD4_LONG A, B, C, D;
MD4_LONG Nl, Nh;
MD4_LONG data[MD4_LBLOCK];

3
libs/openssl/include/openssl/md5.h
View File

@@ -97,8 +97,7 @@ extern "C" {
# define MD5_LBLOCK (MD5_CBLOCK/4)
# define MD5_DIGEST_LENGTH 16
typedef struct MD5state_st
{
typedef struct MD5state_st {
MD5_LONG A, B, C, D;
MD5_LONG Nl, Nh;
MD5_LONG data[MD5_LBLOCK];

8
libs/openssl/include/openssl/mdc2.h
View File

@@ -72,27 +72,23 @@ extern "C" {
# define MDC2_BLOCK 8
# define MDC2_DIGEST_LENGTH 16
typedef struct mdc2_ctx_st
{
typedef struct mdc2_ctx_st {
unsigned int num;
unsigned char data[MDC2_BLOCK];
DES_cblock h, hh;
int pad_type; /* either 1 or 2, default 1 */
} MDC2_CTX;
# ifdef OPENSSL_FIPS
int private_MDC2_Init(MDC2_CTX *c);
# endif
int MDC2_Init(MDC2_CTX *c);
int MDC2_Update(MDC2_CTX *c, const unsigned char *data, size_t len);
int MDC2_Final(unsigned char *md, MDC2_CTX *c);
unsigned char *MDC2(const unsigned char *d, size_t n,
unsigned char *md);
unsigned char *MDC2(const unsigned char *d, size_t n, unsigned char *md);
#ifdef __cplusplus
}
#endif
#endif

94
libs/openssl/include/openssl/modes.h
View File

@@ -7,9 +7,11 @@
#include <stddef.h>
#ifdef __cplusplus
extern "C" {
#endif
typedef void (*block128_f) (const unsigned char in[16],
unsigned char out[16],
const void *key);
unsigned char out[16], const void *key);
typedef void (*cbc128_f) (const unsigned char *in, unsigned char *out,
size_t len, const void *key,
@@ -21,7 +23,8 @@ typedef void (*ctr128_f)(const unsigned char *in, unsigned char *out,
typedef void (*ccm128_f) (const unsigned char *in, unsigned char *out,
size_t blocks, const void *key,
const unsigned char ivec[16],unsigned char cmac[16]);
const unsigned char ivec[16],
unsigned char cmac[16]);
void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const void *key,
@@ -32,12 +35,14 @@ void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const void *key,
unsigned char ivec[16], unsigned char ecount_buf[16],
unsigned int *num, block128_f block);
unsigned char ivec[16],
unsigned char ecount_buf[16], unsigned int *num,
block128_f block);
void CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out,
size_t len, const void *key,
unsigned char ivec[16], unsigned char ecount_buf[16],
unsigned char ivec[16],
unsigned char ecount_buf[16],
unsigned int *num, ctr128_f ctr);
void CRYPTO_ofb128_encrypt(const unsigned char *in, unsigned char *out,
@@ -58,28 +63,34 @@ void CRYPTO_cfb128_1_encrypt(const unsigned char *in, unsigned char *out,
unsigned char ivec[16], int *num,
int enc, block128_f block);
size_t CRYPTO_cts128_encrypt_block(const unsigned char *in, unsigned char *out,
size_t len, const void *key,
unsigned char ivec[16], block128_f block);
size_t CRYPTO_cts128_encrypt_block(const unsigned char *in,
unsigned char *out, size_t len,
const void *key, unsigned char ivec[16],
block128_f block);
size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const void *key,
unsigned char ivec[16], cbc128_f cbc);
size_t CRYPTO_cts128_decrypt_block(const unsigned char *in, unsigned char *out,
size_t len, const void *key,
unsigned char ivec[16], block128_f block);
size_t CRYPTO_cts128_decrypt_block(const unsigned char *in,
unsigned char *out, size_t len,
const void *key, unsigned char ivec[16],
block128_f block);
size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
size_t len, const void *key,
unsigned char ivec[16], cbc128_f cbc);
size_t CRYPTO_nistcts128_encrypt_block(const unsigned char *in, unsigned char *out,
size_t len, const void *key,
unsigned char ivec[16], block128_f block);
size_t CRYPTO_nistcts128_encrypt_block(const unsigned char *in,
unsigned char *out, size_t len,
const void *key,
unsigned char ivec[16],
block128_f block);
size_t CRYPTO_nistcts128_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const void *key,
unsigned char ivec[16], cbc128_f cbc);
size_t CRYPTO_nistcts128_decrypt_block(const unsigned char *in, unsigned char *out,
size_t len, const void *key,
unsigned char ivec[16], block128_f block);
size_t CRYPTO_nistcts128_decrypt_block(const unsigned char *in,
unsigned char *out, size_t len,
const void *key,
unsigned char ivec[16],
block128_f block);
size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out,
size_t len, const void *key,
unsigned char ivec[16], cbc128_f cbc);
@@ -112,24 +123,41 @@ void CRYPTO_gcm128_release(GCM128_CONTEXT *ctx);
typedef struct ccm128_context CCM128_CONTEXT;
void CRYPTO_ccm128_init(CCM128_CONTEXT *ctx,
unsigned int M, unsigned int L, void *key,block128_f block);
int CRYPTO_ccm128_setiv(CCM128_CONTEXT *ctx,
const unsigned char *nonce, size_t nlen, size_t mlen);
void CRYPTO_ccm128_aad(CCM128_CONTEXT *ctx,
const unsigned char *aad, size_t alen);
int CRYPTO_ccm128_encrypt(CCM128_CONTEXT *ctx,
const unsigned char *inp, unsigned char *out, size_t len);
int CRYPTO_ccm128_decrypt(CCM128_CONTEXT *ctx,
const unsigned char *inp, unsigned char *out, size_t len);
int CRYPTO_ccm128_encrypt_ccm64(CCM128_CONTEXT *ctx,
const unsigned char *inp, unsigned char *out, size_t len,
unsigned int M, unsigned int L, void *key,
block128_f block);
int CRYPTO_ccm128_setiv(CCM128_CONTEXT *ctx, const unsigned char *nonce,
size_t nlen, size_t mlen);
void CRYPTO_ccm128_aad(CCM128_CONTEXT *ctx, const unsigned char *aad,
size_t alen);
int CRYPTO_ccm128_encrypt(CCM128_CONTEXT *ctx, const unsigned char *inp,
unsigned char *out, size_t len);
int CRYPTO_ccm128_decrypt(CCM128_CONTEXT *ctx, const unsigned char *inp,
unsigned char *out, size_t len);
int CRYPTO_ccm128_encrypt_ccm64(CCM128_CONTEXT *ctx, const unsigned char *inp,
unsigned char *out, size_t len,
ccm128_f stream);
int CRYPTO_ccm128_decrypt_ccm64(CCM128_CONTEXT *ctx,
const unsigned char *inp, unsigned char *out, size_t len,
int CRYPTO_ccm128_decrypt_ccm64(CCM128_CONTEXT *ctx, const unsigned char *inp,
unsigned char *out, size_t len,
ccm128_f stream);
size_t CRYPTO_ccm128_tag(CCM128_CONTEXT *ctx, unsigned char *tag, size_t len);
typedef struct xts128_context XTS128_CONTEXT;
int CRYPTO_xts128_encrypt(const XTS128_CONTEXT *ctx, const unsigned char iv[16],
const unsigned char *inp, unsigned char *out, size_t len, int enc);
int CRYPTO_xts128_encrypt(const XTS128_CONTEXT *ctx,
const unsigned char iv[16],
const unsigned char *inp, unsigned char *out,
size_t len, int enc);
size_t CRYPTO_128_wrap(void *key, const unsigned char *iv,
unsigned char *out,
const unsigned char *in, size_t inlen,
block128_f block);
size_t CRYPTO_128_unwrap(void *key, const unsigned char *iv,
unsigned char *out,
const unsigned char *in, size_t inlen,
block128_f block);
#ifdef __cplusplus
}
#endif

168
libs/openssl/include/openssl/obj_mac.h
View File

@@ -1,8 +1,8 @@
/* crypto/objects/obj_mac.h */
/* THIS FILE IS GENERATED FROM objects.txt by objects.pl via the
* following command:
* perl objects.pl objects.txt obj_mac.num obj_mac.h
/*
* THIS FILE IS GENERATED FROM objects.txt by objects.pl via the following
* command: perl objects.pl objects.txt obj_mac.num obj_mac.h
*/
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
@@ -590,6 +590,11 @@
#define NID_mgf1 911
#define OBJ_mgf1 OBJ_pkcs1,8L
#define SN_pSpecified "PSPECIFIED"
#define LN_pSpecified "pSpecified"
#define NID_pSpecified 935
#define OBJ_pSpecified OBJ_pkcs1,9L
#define SN_rsassaPss "RSASSA-PSS"
#define LN_rsassaPss "rsassaPss"
#define NID_rsassaPss 912
@@ -4030,3 +4035,160 @@
#define LN_aes_256_cbc_hmac_sha1 "aes-256-cbc-hmac-sha1"
#define NID_aes_256_cbc_hmac_sha1 918
#define SN_aes_128_cbc_hmac_sha256 "AES-128-CBC-HMAC-SHA256"
#define LN_aes_128_cbc_hmac_sha256 "aes-128-cbc-hmac-sha256"
#define NID_aes_128_cbc_hmac_sha256 948
#define SN_aes_192_cbc_hmac_sha256 "AES-192-CBC-HMAC-SHA256"
#define LN_aes_192_cbc_hmac_sha256 "aes-192-cbc-hmac-sha256"
#define NID_aes_192_cbc_hmac_sha256 949
#define SN_aes_256_cbc_hmac_sha256 "AES-256-CBC-HMAC-SHA256"
#define LN_aes_256_cbc_hmac_sha256 "aes-256-cbc-hmac-sha256"
#define NID_aes_256_cbc_hmac_sha256 950
#define SN_dhpublicnumber "dhpublicnumber"
#define LN_dhpublicnumber "X9.42 DH"
#define NID_dhpublicnumber 920
#define OBJ_dhpublicnumber OBJ_ISO_US,10046L,2L,1L
#define SN_brainpoolP160r1 "brainpoolP160r1"
#define NID_brainpoolP160r1 921
#define OBJ_brainpoolP160r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,1L
#define SN_brainpoolP160t1 "brainpoolP160t1"
#define NID_brainpoolP160t1 922
#define OBJ_brainpoolP160t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,2L
#define SN_brainpoolP192r1 "brainpoolP192r1"
#define NID_brainpoolP192r1 923
#define OBJ_brainpoolP192r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,3L
#define SN_brainpoolP192t1 "brainpoolP192t1"
#define NID_brainpoolP192t1 924
#define OBJ_brainpoolP192t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,4L
#define SN_brainpoolP224r1 "brainpoolP224r1"
#define NID_brainpoolP224r1 925
#define OBJ_brainpoolP224r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,5L
#define SN_brainpoolP224t1 "brainpoolP224t1"
#define NID_brainpoolP224t1 926
#define OBJ_brainpoolP224t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,6L
#define SN_brainpoolP256r1 "brainpoolP256r1"
#define NID_brainpoolP256r1 927
#define OBJ_brainpoolP256r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,7L
#define SN_brainpoolP256t1 "brainpoolP256t1"
#define NID_brainpoolP256t1 928
#define OBJ_brainpoolP256t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,8L
#define SN_brainpoolP320r1 "brainpoolP320r1"
#define NID_brainpoolP320r1 929
#define OBJ_brainpoolP320r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,9L
#define SN_brainpoolP320t1 "brainpoolP320t1"
#define NID_brainpoolP320t1 930
#define OBJ_brainpoolP320t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,10L
#define SN_brainpoolP384r1 "brainpoolP384r1"
#define NID_brainpoolP384r1 931
#define OBJ_brainpoolP384r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,11L
#define SN_brainpoolP384t1 "brainpoolP384t1"
#define NID_brainpoolP384t1 932
#define OBJ_brainpoolP384t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,12L
#define SN_brainpoolP512r1 "brainpoolP512r1"
#define NID_brainpoolP512r1 933
#define OBJ_brainpoolP512r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,13L
#define SN_brainpoolP512t1 "brainpoolP512t1"
#define NID_brainpoolP512t1 934
#define OBJ_brainpoolP512t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,14L
#define OBJ_x9_63_scheme 1L,3L,133L,16L,840L,63L,0L
#define OBJ_secg_scheme OBJ_certicom_arc,1L
#define SN_dhSinglePass_stdDH_sha1kdf_scheme "dhSinglePass-stdDH-sha1kdf-scheme"
#define NID_dhSinglePass_stdDH_sha1kdf_scheme 936
#define OBJ_dhSinglePass_stdDH_sha1kdf_scheme OBJ_x9_63_scheme,2L
#define SN_dhSinglePass_stdDH_sha224kdf_scheme "dhSinglePass-stdDH-sha224kdf-scheme"
#define NID_dhSinglePass_stdDH_sha224kdf_scheme 937
#define OBJ_dhSinglePass_stdDH_sha224kdf_scheme OBJ_secg_scheme,11L,0L
#define SN_dhSinglePass_stdDH_sha256kdf_scheme "dhSinglePass-stdDH-sha256kdf-scheme"
#define NID_dhSinglePass_stdDH_sha256kdf_scheme 938
#define OBJ_dhSinglePass_stdDH_sha256kdf_scheme OBJ_secg_scheme,11L,1L
#define SN_dhSinglePass_stdDH_sha384kdf_scheme "dhSinglePass-stdDH-sha384kdf-scheme"
#define NID_dhSinglePass_stdDH_sha384kdf_scheme 939
#define OBJ_dhSinglePass_stdDH_sha384kdf_scheme OBJ_secg_scheme,11L,2L
#define SN_dhSinglePass_stdDH_sha512kdf_scheme "dhSinglePass-stdDH-sha512kdf-scheme"
#define NID_dhSinglePass_stdDH_sha512kdf_scheme 940
#define OBJ_dhSinglePass_stdDH_sha512kdf_scheme OBJ_secg_scheme,11L,3L
#define SN_dhSinglePass_cofactorDH_sha1kdf_scheme "dhSinglePass-cofactorDH-sha1kdf-scheme"
#define NID_dhSinglePass_cofactorDH_sha1kdf_scheme 941
#define OBJ_dhSinglePass_cofactorDH_sha1kdf_scheme OBJ_x9_63_scheme,3L
#define SN_dhSinglePass_cofactorDH_sha224kdf_scheme "dhSinglePass-cofactorDH-sha224kdf-scheme"
#define NID_dhSinglePass_cofactorDH_sha224kdf_scheme 942
#define OBJ_dhSinglePass_cofactorDH_sha224kdf_scheme OBJ_secg_scheme,14L,0L
#define SN_dhSinglePass_cofactorDH_sha256kdf_scheme "dhSinglePass-cofactorDH-sha256kdf-scheme"
#define NID_dhSinglePass_cofactorDH_sha256kdf_scheme 943
#define OBJ_dhSinglePass_cofactorDH_sha256kdf_scheme OBJ_secg_scheme,14L,1L
#define SN_dhSinglePass_cofactorDH_sha384kdf_scheme "dhSinglePass-cofactorDH-sha384kdf-scheme"
#define NID_dhSinglePass_cofactorDH_sha384kdf_scheme 944
#define OBJ_dhSinglePass_cofactorDH_sha384kdf_scheme OBJ_secg_scheme,14L,2L
#define SN_dhSinglePass_cofactorDH_sha512kdf_scheme "dhSinglePass-cofactorDH-sha512kdf-scheme"
#define NID_dhSinglePass_cofactorDH_sha512kdf_scheme 945
#define OBJ_dhSinglePass_cofactorDH_sha512kdf_scheme OBJ_secg_scheme,14L,3L
#define SN_dh_std_kdf "dh-std-kdf"
#define NID_dh_std_kdf 946
#define SN_dh_cofactor_kdf "dh-cofactor-kdf"
#define NID_dh_cofactor_kdf 947
#define SN_ct_precert_scts "ct_precert_scts"
#define LN_ct_precert_scts "CT Precertificate SCTs"
#define NID_ct_precert_scts 951
#define OBJ_ct_precert_scts 1L,3L,6L,1L,4L,1L,11129L,2L,4L,2L
#define SN_ct_precert_poison "ct_precert_poison"
#define LN_ct_precert_poison "CT Precertificate Poison"
#define NID_ct_precert_poison 952
#define OBJ_ct_precert_poison 1L,3L,6L,1L,4L,1L,11129L,2L,4L,3L
#define SN_ct_precert_signer "ct_precert_signer"
#define LN_ct_precert_signer "CT Precertificate Signer"
#define NID_ct_precert_signer 953
#define OBJ_ct_precert_signer 1L,3L,6L,1L,4L,1L,11129L,2L,4L,4L
#define SN_ct_cert_scts "ct_cert_scts"
#define LN_ct_cert_scts "CT Certificate SCTs"
#define NID_ct_cert_scts 954
#define OBJ_ct_cert_scts 1L,3L,6L,1L,4L,1L,11129L,2L,4L,5L
#define SN_jurisdictionLocalityName "jurisdictionL"
#define LN_jurisdictionLocalityName "jurisdictionLocalityName"
#define NID_jurisdictionLocalityName 955
#define OBJ_jurisdictionLocalityName 1L,3L,6L,1L,4L,1L,311L,60L,2L,1L,1L
#define SN_jurisdictionStateOrProvinceName "jurisdictionST"
#define LN_jurisdictionStateOrProvinceName "jurisdictionStateOrProvinceName"
#define NID_jurisdictionStateOrProvinceName 956
#define OBJ_jurisdictionStateOrProvinceName 1L,3L,6L,1L,4L,1L,311L,60L,2L,1L,2L
#define SN_jurisdictionCountryName "jurisdictionC"
#define LN_jurisdictionCountryName "jurisdictionCountryName"
#define NID_jurisdictionCountryName 957
#define OBJ_jurisdictionCountryName 1L,3L,6L,1L,4L,1L,311L,60L,2L,1L,3L

31
libs/openssl/include/openssl/objects.h
View File

@@ -389,9 +389,10 @@
# define NID_pbeWithSHA1AndRC2_CBC 68
# define OBJ_pbeWithSHA1AndRC2_CBC OBJ_pkcs,5L,11L
/* proposed by microsoft to RSA as pbeWithSHA1AndRC4: it is now
* defined explicitly in PKCS#5 v2.0 as id-PBKDF2 which is something
* completely different.
/*
* proposed by microsoft to RSA as pbeWithSHA1AndRC4: it is now defined
* explicitly in PKCS#5 v2.0 as id-PBKDF2 which is something completely
* different.
*/
# define LN_id_pbkdf2 "PBKDF2"
# define NID_id_pbkdf2 69
@@ -604,7 +605,8 @@
# define NID_pbeWithMD5AndCast5_CBC 112
# define OBJ_pbeWithMD5AndCast5_CBC 1L,2L,840L,113533L,7L,66L,12L
/* This is one sun will soon be using :-(
/*-
* This is one sun will soon be using :-(
* id-dsa-with-sha1 ID ::= {
* iso(1) member-body(2) us(840) x9-57 (10040) x9cm(4) 3 }
*/
@@ -632,14 +634,17 @@
# define NID_ripemd160 117
# define OBJ_ripemd160 1L,3L,36L,3L,2L,1L
/* The name should actually be rsaSignatureWithripemd160, but I'm going
* to continue using the convention I'm using with the other ciphers */
/*
* The name should actually be rsaSignatureWithripemd160, but I'm going to
* continue using the convention I'm using with the other ciphers
*/
# define SN_ripemd160WithRSA "RSA-RIPEMD160"
# define LN_ripemd160WithRSA "ripemd160WithRSA"
# define NID_ripemd160WithRSA 119
# define OBJ_ripemd160WithRSA 1L,3L,36L,3L,3L,1L,2L
/* Taken from rfc2040
/*-
* Taken from rfc2040
* RC5_CBC_Parameters ::= SEQUENCE {
* version INTEGER (v1_0(16)),
* rounds INTEGER (8..127),
@@ -976,8 +981,7 @@
extern "C" {
#endif
typedef struct obj_name_st
{
typedef struct obj_name_st {
int type;
int alias;
const char *name;
@@ -986,7 +990,6 @@ typedef struct obj_name_st
# define OBJ_create_and_add_object(a,b,c) OBJ_create(a,b,c)
int OBJ_NAME_init(void);
int OBJ_NAME_new_index(unsigned long (*hash_func) (const char *),
int (*cmp_func) (const char *, const char *),
@@ -997,7 +1000,8 @@ int OBJ_NAME_remove(const char *name,int type);
void OBJ_NAME_cleanup(int type); /* -1 for everything */
void OBJ_NAME_do_all(int type, void (*fn) (const OBJ_NAME *, void *arg),
void *arg);
void OBJ_NAME_do_all_sorted(int type,void (*fn)(const OBJ_NAME *,void *arg),
void OBJ_NAME_do_all_sorted(int type,
void (*fn) (const OBJ_NAME *, void *arg),
void *arg);
ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o);
@@ -1028,7 +1032,7 @@ const void * OBJ_bsearch_ex_(const void *key,const void *base,int num,
# define DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN(type1, type2, nm) \
type2 * OBJ_bsearch_##nm(type1 *key, type2 const *base, int num)
/*
/*-
* Unsolved problem: if a type is actually a pointer type, like
* nid_triple is, then its impossible to get a const where you need
* it. Consider:
@@ -1112,7 +1116,8 @@ extern int obj_cleanup_defer;
void check_defer(int nid);
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_OBJ_strings(void);

200
libs/openssl/include/openssl/ocsp.h
View File

@@ -1,11 +1,14 @@
/* ocsp.h */
/* Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
* project. */
/*
* Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
* project.
*/
/* History:
This file was transfered to Richard Levitte from CertCo by Kathy
Weinhold in mid-spring 2000 to be included in OpenSSL or released
as a patch kit. */
/*
* History: This file was transfered to Richard Levitte from CertCo by Kathy
* Weinhold in mid-spring 2000 to be included in OpenSSL or released as a
* patch kit.
*/
/* ====================================================================
* Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
@@ -90,14 +93,13 @@ extern "C" {
# define OCSP_RESPID_KEY 0x400
# define OCSP_NOTIME 0x800
/* CertID ::= SEQUENCE {
/*- CertID ::= SEQUENCE {
* hashAlgorithm AlgorithmIdentifier,
* issuerNameHash OCTET STRING, -- Hash of Issuer's DN
* issuerKeyHash OCTET STRING, -- Hash of Issuers public key (excluding the tag & length fields)
* serialNumber CertificateSerialNumber }
*/
typedef struct ocsp_cert_id_st
{
typedef struct ocsp_cert_id_st {
X509_ALGOR *hashAlgorithm;
ASN1_OCTET_STRING *issuerNameHash;
ASN1_OCTET_STRING *issuerKeyHash;
@@ -106,12 +108,11 @@ typedef struct ocsp_cert_id_st
DECLARE_STACK_OF(OCSP_CERTID)
/* Request ::= SEQUENCE {
/*- Request ::= SEQUENCE {
* reqCert CertID,
* singleRequestExtensions [0] EXPLICIT Extensions OPTIONAL }
*/
typedef struct ocsp_one_request_st
{
typedef struct ocsp_one_request_st {
OCSP_CERTID *reqCert;
STACK_OF(X509_EXTENSION) *singleRequestExtensions;
} OCSP_ONEREQ;
@@ -119,44 +120,40 @@ typedef struct ocsp_one_request_st
DECLARE_STACK_OF(OCSP_ONEREQ)
DECLARE_ASN1_SET_OF(OCSP_ONEREQ)
/* TBSRequest ::= SEQUENCE {
/*- TBSRequest ::= SEQUENCE {
* version [0] EXPLICIT Version DEFAULT v1,
* requestorName [1] EXPLICIT GeneralName OPTIONAL,
* requestList SEQUENCE OF Request,
* requestExtensions [2] EXPLICIT Extensions OPTIONAL }
*/
typedef struct ocsp_req_info_st
{
typedef struct ocsp_req_info_st {
ASN1_INTEGER *version;
GENERAL_NAME *requestorName;
STACK_OF(OCSP_ONEREQ) *requestList;
STACK_OF(X509_EXTENSION) *requestExtensions;
} OCSP_REQINFO;
/* Signature ::= SEQUENCE {
/*- Signature ::= SEQUENCE {
* signatureAlgorithm AlgorithmIdentifier,
* signature BIT STRING,
* certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
*/
typedef struct ocsp_signature_st
{
typedef struct ocsp_signature_st {
X509_ALGOR *signatureAlgorithm;
ASN1_BIT_STRING *signature;
STACK_OF(X509) *certs;
} OCSP_SIGNATURE;
/* OCSPRequest ::= SEQUENCE {
/*- OCSPRequest ::= SEQUENCE {
* tbsRequest TBSRequest,
* optionalSignature [0] EXPLICIT Signature OPTIONAL }
*/
typedef struct ocsp_request_st
{
typedef struct ocsp_request_st {
OCSP_REQINFO *tbsRequest;
OCSP_SIGNATURE *optionalSignature; /* OPTIONAL */
} OCSP_REQUEST;
/* OCSPResponseStatus ::= ENUMERATED {
/*- OCSPResponseStatus ::= ENUMERATED {
* successful (0), --Response has valid confirmations
* malformedRequest (1), --Illegal confirmation request
* internalError (2), --Internal error in issuer
@@ -173,34 +170,31 @@ typedef struct ocsp_request_st
# define OCSP_RESPONSE_STATUS_SIGREQUIRED 5
# define OCSP_RESPONSE_STATUS_UNAUTHORIZED 6
/* ResponseBytes ::= SEQUENCE {
/*- ResponseBytes ::= SEQUENCE {
* responseType OBJECT IDENTIFIER,
* response OCTET STRING }
*/
typedef struct ocsp_resp_bytes_st
{
typedef struct ocsp_resp_bytes_st {
ASN1_OBJECT *responseType;
ASN1_OCTET_STRING *response;
} OCSP_RESPBYTES;
/* OCSPResponse ::= SEQUENCE {
/*- OCSPResponse ::= SEQUENCE {
* responseStatus OCSPResponseStatus,
* responseBytes [0] EXPLICIT ResponseBytes OPTIONAL }
*/
struct ocsp_response_st
{
struct ocsp_response_st {
ASN1_ENUMERATED *responseStatus;
OCSP_RESPBYTES *responseBytes;
};
/* ResponderID ::= CHOICE {
/*- ResponderID ::= CHOICE {
* byName [1] Name,
* byKey [2] KeyHash }
*/
# define V_OCSP_RESPID_NAME 0
# define V_OCSP_RESPID_KEY 1
struct ocsp_responder_id_st
{
struct ocsp_responder_id_st {
int type;
union {
X509_NAME *byName;
@@ -211,21 +205,20 @@ struct ocsp_responder_id_st
DECLARE_STACK_OF(OCSP_RESPID)
DECLARE_ASN1_FUNCTIONS(OCSP_RESPID)
/* KeyHash ::= OCTET STRING --SHA-1 hash of responder's public key
/*- KeyHash ::= OCTET STRING --SHA-1 hash of responder's public key
* --(excluding the tag and length fields)
*/
/* RevokedInfo ::= SEQUENCE {
/*- RevokedInfo ::= SEQUENCE {
* revocationTime GeneralizedTime,
* revocationReason [0] EXPLICIT CRLReason OPTIONAL }
*/
typedef struct ocsp_revoked_info_st
{
typedef struct ocsp_revoked_info_st {
ASN1_GENERALIZEDTIME *revocationTime;
ASN1_ENUMERATED *revocationReason;
} OCSP_REVOKEDINFO;
/* CertStatus ::= CHOICE {
/*- CertStatus ::= CHOICE {
* good [0] IMPLICIT NULL,
* revoked [1] IMPLICIT RevokedInfo,
* unknown [2] IMPLICIT UnknownInfo }
@@ -233,8 +226,7 @@ typedef struct ocsp_revoked_info_st
# define V_OCSP_CERTSTATUS_GOOD 0
# define V_OCSP_CERTSTATUS_REVOKED 1
# define V_OCSP_CERTSTATUS_UNKNOWN 2
typedef struct ocsp_cert_status_st
{
typedef struct ocsp_cert_status_st {
int type;
union {
ASN1_NULL *good;
@@ -243,15 +235,14 @@ typedef struct ocsp_cert_status_st
} value;
} OCSP_CERTSTATUS;
/* SingleResponse ::= SEQUENCE {
/*- SingleResponse ::= SEQUENCE {
* certID CertID,
* certStatus CertStatus,
* thisUpdate GeneralizedTime,
* nextUpdate [0] EXPLICIT GeneralizedTime OPTIONAL,
* singleExtensions [1] EXPLICIT Extensions OPTIONAL }
*/
typedef struct ocsp_single_response_st
{
typedef struct ocsp_single_response_st {
OCSP_CERTID *certId;
OCSP_CERTSTATUS *certStatus;
ASN1_GENERALIZEDTIME *thisUpdate;
@@ -262,15 +253,14 @@ typedef struct ocsp_single_response_st
DECLARE_STACK_OF(OCSP_SINGLERESP)
DECLARE_ASN1_SET_OF(OCSP_SINGLERESP)
/* ResponseData ::= SEQUENCE {
/*- ResponseData ::= SEQUENCE {
* version [0] EXPLICIT Version DEFAULT v1,
* responderID ResponderID,
* producedAt GeneralizedTime,
* responses SEQUENCE OF SingleResponse,
* responseExtensions [1] EXPLICIT Extensions OPTIONAL }
*/
typedef struct ocsp_response_data_st
{
typedef struct ocsp_response_data_st {
ASN1_INTEGER *version;
OCSP_RESPID *responderId;
ASN1_GENERALIZEDTIME *producedAt;
@@ -278,37 +268,40 @@ typedef struct ocsp_response_data_st
STACK_OF(X509_EXTENSION) *responseExtensions;
} OCSP_RESPDATA;
/* BasicOCSPResponse ::= SEQUENCE {
/*- BasicOCSPResponse ::= SEQUENCE {
* tbsResponseData ResponseData,
* signatureAlgorithm AlgorithmIdentifier,
* signature BIT STRING,
* certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
*/
/* Note 1:
The value for "signature" is specified in the OCSP rfc2560 as follows:
"The value for the signature SHALL be computed on the hash of the DER
encoding ResponseData." This means that you must hash the DER-encoded
tbsResponseData, and then run it through a crypto-signing function, which
will (at least w/RSA) do a hash-'n'-private-encrypt operation. This seems
a bit odd, but that's the spec. Also note that the data structures do not
leave anywhere to independently specify the algorithm used for the initial
hash. So, we look at the signature-specification algorithm, and try to do
something intelligent. -- Kathy Weinhold, CertCo */
/* Note 2:
It seems that the mentioned passage from RFC 2560 (section 4.2.1) is open
for interpretation. I've done tests against another responder, and found
that it doesn't do the double hashing that the RFC seems to say one
should. Therefore, all relevant functions take a flag saying which
variant should be used. -- Richard Levitte, OpenSSL team and CeloCom */
typedef struct ocsp_basic_response_st
{
/*
* Note 1: The value for "signature" is specified in the OCSP rfc2560 as
* follows: "The value for the signature SHALL be computed on the hash of
* the DER encoding ResponseData." This means that you must hash the
* DER-encoded tbsResponseData, and then run it through a crypto-signing
* function, which will (at least w/RSA) do a hash-'n'-private-encrypt
* operation. This seems a bit odd, but that's the spec. Also note that
* the data structures do not leave anywhere to independently specify the
* algorithm used for the initial hash. So, we look at the
* signature-specification algorithm, and try to do something intelligent.
* -- Kathy Weinhold, CertCo
*/
/*
* Note 2: It seems that the mentioned passage from RFC 2560 (section
* 4.2.1) is open for interpretation. I've done tests against another
* responder, and found that it doesn't do the double hashing that the RFC
* seems to say one should. Therefore, all relevant functions take a flag
* saying which variant should be used. -- Richard Levitte, OpenSSL team
* and CeloCom
*/
typedef struct ocsp_basic_response_st {
OCSP_RESPDATA *tbsResponseData;
X509_ALGOR *signatureAlgorithm;
ASN1_BIT_STRING *signature;
STACK_OF(X509) *certs;
} OCSP_BASICRESP;
/*
/*-
* CRLReason ::= ENUMERATED {
* unspecified (0),
* keyCompromise (1),
@@ -329,24 +322,24 @@ typedef struct ocsp_basic_response_st
# define OCSP_REVOKED_STATUS_CERTIFICATEHOLD 6
# define OCSP_REVOKED_STATUS_REMOVEFROMCRL 8
/* CrlID ::= SEQUENCE {
/*-
* CrlID ::= SEQUENCE {
* crlUrl [0] EXPLICIT IA5String OPTIONAL,
* crlNum [1] EXPLICIT INTEGER OPTIONAL,
* crlTime [2] EXPLICIT GeneralizedTime OPTIONAL }
*/
typedef struct ocsp_crl_id_st
{
typedef struct ocsp_crl_id_st {
ASN1_IA5STRING *crlUrl;
ASN1_INTEGER *crlNum;
ASN1_GENERALIZEDTIME *crlTime;
} OCSP_CRLID;
/* ServiceLocator ::= SEQUENCE {
/*-
* ServiceLocator ::= SEQUENCE {
* issuer Name,
* locator AuthorityInfoAccessSyntax OPTIONAL }
*/
typedef struct ocsp_service_locator_st
{
typedef struct ocsp_service_locator_st {
X509_NAME *issuer;
STACK_OF(ACCESS_DESCRIPTION) *locator;
} OCSP_SERVICELOC;
@@ -401,11 +394,22 @@ typedef struct ocsp_service_locator_st
OCSP_CERTID *OCSP_CERTID_dup(OCSP_CERTID *id);
OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, char *path, OCSP_REQUEST *req);
OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, char *path, OCSP_REQUEST *req,
OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, const char *path, OCSP_REQUEST *req);
OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, const char *path, OCSP_REQUEST *req,
int maxline);
int OCSP_REQ_CTX_nbio(OCSP_REQ_CTX *rctx);
int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx);
OCSP_REQ_CTX *OCSP_REQ_CTX_new(BIO *io, int maxline);
void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx);
void OCSP_set_max_response_length(OCSP_REQ_CTX *rctx, unsigned long len);
int OCSP_REQ_CTX_i2d(OCSP_REQ_CTX *rctx, const ASN1_ITEM *it,
ASN1_VALUE *val);
int OCSP_REQ_CTX_nbio_d2i(OCSP_REQ_CTX *rctx, ASN1_VALUE **pval,
const ASN1_ITEM *it);
BIO *OCSP_REQ_CTX_get0_mem_bio(OCSP_REQ_CTX *rctx);
int OCSP_REQ_CTX_i2d(OCSP_REQ_CTX *rctx, const ASN1_ITEM *it,
ASN1_VALUE *val);
int OCSP_REQ_CTX_http(OCSP_REQ_CTX *rctx, const char *op, const char *path);
int OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, OCSP_REQUEST *req);
int OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx,
const char *name, const char *value);
@@ -431,8 +435,7 @@ int OCSP_request_sign(OCSP_REQUEST *req,
X509 *signer,
EVP_PKEY *key,
const EVP_MD *dgst,
STACK_OF(X509) *certs,
unsigned long flags);
STACK_OF(X509) *certs, unsigned long flags);
int OCSP_response_status(OCSP_RESPONSE *resp);
OCSP_BASICRESP *OCSP_response_get1_basic(OCSP_RESPONSE *resp);
@@ -450,12 +453,13 @@ int OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status,
ASN1_GENERALIZEDTIME **thisupd,
ASN1_GENERALIZEDTIME **nextupd);
int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd,
ASN1_GENERALIZEDTIME *nextupd,
long sec, long maxsec);
ASN1_GENERALIZEDTIME *nextupd, long sec, long maxsec);
int OCSP_request_verify(OCSP_REQUEST *req, STACK_OF(X509) *certs, X509_STORE *store, unsigned long flags);
int OCSP_request_verify(OCSP_REQUEST *req, STACK_OF(X509) *certs,
X509_STORE *store, unsigned long flags);
int OCSP_parse_url(char *url, char **phost, char **pport, char **ppath, int *pssl);
int OCSP_parse_url(const char *url, char **phost, char **pport, char **ppath,
int *pssl);
int OCSP_id_issuer_cmp(OCSP_CERTID *a, OCSP_CERTID *b);
int OCSP_id_cmp(OCSP_CERTID *a, OCSP_CERTID *b);
@@ -472,7 +476,8 @@ OCSP_SINGLERESP *OCSP_basic_add1_status(OCSP_BASICRESP *rsp,
OCSP_CERTID *cid,
int status, int reason,
ASN1_TIME *revtime,
ASN1_TIME *thisupd, ASN1_TIME *nextupd);
ASN1_TIME *thisupd,
ASN1_TIME *nextupd);
int OCSP_basic_add1_cert(OCSP_BASICRESP *resp, X509 *cert);
int OCSP_basic_sign(OCSP_BASICRESP *brsp,
X509 *signer, EVP_PKEY *key, const EVP_MD *dgst,
@@ -488,11 +493,13 @@ X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME* issuer, char **urls);
int OCSP_REQUEST_get_ext_count(OCSP_REQUEST *x);
int OCSP_REQUEST_get_ext_by_NID(OCSP_REQUEST *x, int nid, int lastpos);
int OCSP_REQUEST_get_ext_by_OBJ(OCSP_REQUEST *x, ASN1_OBJECT *obj, int lastpos);
int OCSP_REQUEST_get_ext_by_OBJ(OCSP_REQUEST *x, ASN1_OBJECT *obj,
int lastpos);
int OCSP_REQUEST_get_ext_by_critical(OCSP_REQUEST *x, int crit, int lastpos);
X509_EXTENSION *OCSP_REQUEST_get_ext(OCSP_REQUEST *x, int loc);
X509_EXTENSION *OCSP_REQUEST_delete_ext(OCSP_REQUEST *x, int loc);
void *OCSP_REQUEST_get1_ext_d2i(OCSP_REQUEST *x, int nid, int *crit, int *idx);
void *OCSP_REQUEST_get1_ext_d2i(OCSP_REQUEST *x, int nid, int *crit,
int *idx);
int OCSP_REQUEST_add1_ext_i2d(OCSP_REQUEST *x, int nid, void *value, int crit,
unsigned long flags);
int OCSP_REQUEST_add_ext(OCSP_REQUEST *x, X509_EXTENSION *ex, int loc);
@@ -510,24 +517,30 @@ int OCSP_ONEREQ_add_ext(OCSP_ONEREQ *x, X509_EXTENSION *ex, int loc);
int OCSP_BASICRESP_get_ext_count(OCSP_BASICRESP *x);
int OCSP_BASICRESP_get_ext_by_NID(OCSP_BASICRESP *x, int nid, int lastpos);
int OCSP_BASICRESP_get_ext_by_OBJ(OCSP_BASICRESP *x, ASN1_OBJECT *obj, int lastpos);
int OCSP_BASICRESP_get_ext_by_critical(OCSP_BASICRESP *x, int crit, int lastpos);
int OCSP_BASICRESP_get_ext_by_OBJ(OCSP_BASICRESP *x, ASN1_OBJECT *obj,
int lastpos);
int OCSP_BASICRESP_get_ext_by_critical(OCSP_BASICRESP *x, int crit,
int lastpos);
X509_EXTENSION *OCSP_BASICRESP_get_ext(OCSP_BASICRESP *x, int loc);
X509_EXTENSION *OCSP_BASICRESP_delete_ext(OCSP_BASICRESP *x, int loc);
void *OCSP_BASICRESP_get1_ext_d2i(OCSP_BASICRESP *x, int nid, int *crit, int *idx);
int OCSP_BASICRESP_add1_ext_i2d(OCSP_BASICRESP *x, int nid, void *value, int crit,
unsigned long flags);
void *OCSP_BASICRESP_get1_ext_d2i(OCSP_BASICRESP *x, int nid, int *crit,
int *idx);
int OCSP_BASICRESP_add1_ext_i2d(OCSP_BASICRESP *x, int nid, void *value,
int crit, unsigned long flags);
int OCSP_BASICRESP_add_ext(OCSP_BASICRESP *x, X509_EXTENSION *ex, int loc);
int OCSP_SINGLERESP_get_ext_count(OCSP_SINGLERESP *x);
int OCSP_SINGLERESP_get_ext_by_NID(OCSP_SINGLERESP *x, int nid, int lastpos);
int OCSP_SINGLERESP_get_ext_by_OBJ(OCSP_SINGLERESP *x, ASN1_OBJECT *obj, int lastpos);
int OCSP_SINGLERESP_get_ext_by_critical(OCSP_SINGLERESP *x, int crit, int lastpos);
int OCSP_SINGLERESP_get_ext_by_OBJ(OCSP_SINGLERESP *x, ASN1_OBJECT *obj,
int lastpos);
int OCSP_SINGLERESP_get_ext_by_critical(OCSP_SINGLERESP *x, int crit,
int lastpos);
X509_EXTENSION *OCSP_SINGLERESP_get_ext(OCSP_SINGLERESP *x, int loc);
X509_EXTENSION *OCSP_SINGLERESP_delete_ext(OCSP_SINGLERESP *x, int loc);
void *OCSP_SINGLERESP_get1_ext_d2i(OCSP_SINGLERESP *x, int nid, int *crit, int *idx);
int OCSP_SINGLERESP_add1_ext_i2d(OCSP_SINGLERESP *x, int nid, void *value, int crit,
unsigned long flags);
void *OCSP_SINGLERESP_get1_ext_d2i(OCSP_SINGLERESP *x, int nid, int *crit,
int *idx);
int OCSP_SINGLERESP_add1_ext_i2d(OCSP_SINGLERESP *x, int nid, void *value,
int crit, unsigned long flags);
int OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, int loc);
DECLARE_ASN1_FUNCTIONS(OCSP_SINGLERESP)
@@ -557,7 +570,8 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
X509_STORE *st, unsigned long flags);
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_OCSP_strings(void);

60
libs/openssl/include/openssl/opensslconf.h
View File

@@ -1,7 +1,13 @@
/* opensslconf.h */
/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
#ifdef __cplusplus
extern "C" {
#endif
/* OpenSSL was configured with the following options: */
#ifndef OPENSSL_SYSNAME_MACOSX
# define OPENSSL_SYSNAME_MACOSX
#endif
#ifndef OPENSSL_DOING_MAKEDEPEND
@@ -17,6 +23,9 @@
#ifndef OPENSSL_NO_KRB5
# define OPENSSL_NO_KRB5
#endif
#ifndef OPENSSL_NO_LIBUNBOUND
# define OPENSSL_NO_LIBUNBOUND
#endif
#ifndef OPENSSL_NO_MD2
# define OPENSSL_NO_MD2
#endif
@@ -29,15 +38,30 @@
#ifndef OPENSSL_NO_SCTP
# define OPENSSL_NO_SCTP
#endif
#ifndef OPENSSL_NO_SSL_TRACE
# define OPENSSL_NO_SSL_TRACE
#endif
#ifndef OPENSSL_NO_SSL2
# define OPENSSL_NO_SSL2
#endif
#ifndef OPENSSL_NO_STORE
# define OPENSSL_NO_STORE
#endif
#ifndef OPENSSL_NO_UNIT_TEST
# define OPENSSL_NO_UNIT_TEST
#endif
#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
# define OPENSSL_NO_WEAK_SSL_CIPHERS
#endif
#endif /* OPENSSL_DOING_MAKEDEPEND */
#ifndef OPENSSL_THREADS
# define OPENSSL_THREADS
#endif
#ifndef OPENSSL_NO_ASM
# define OPENSSL_NO_ASM
#endif
#ifndef OPENSSL_NO_DYNAMIC_ENGINE
# define OPENSSL_NO_DYNAMIC_ENGINE
#endif
@@ -59,6 +83,9 @@
# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
# define NO_KRB5
# endif
# if defined(OPENSSL_NO_LIBUNBOUND) && !defined(NO_LIBUNBOUND)
# define NO_LIBUNBOUND
# endif
# if defined(OPENSSL_NO_MD2) && !defined(NO_MD2)
# define NO_MD2
# endif
@@ -71,9 +98,21 @@
# if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP)
# define NO_SCTP
# endif
# if defined(OPENSSL_NO_SSL_TRACE) && !defined(NO_SSL_TRACE)
# define NO_SSL_TRACE
# endif
# if defined(OPENSSL_NO_SSL2) && !defined(NO_SSL2)
# define NO_SSL2
# endif
# if defined(OPENSSL_NO_STORE) && !defined(NO_STORE)
# define NO_STORE
# endif
# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST)
# define NO_UNIT_TEST
# endif
# if defined(OPENSSL_NO_WEAK_SSL_CIPHERS) && !defined(NO_WEAK_SSL_CIPHERS)
# define NO_WEAK_SSL_CIPHERS
# endif
#endif
/* crypto/opensslconf.h.in */
@@ -83,8 +122,8 @@
#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
#define ENGINESDIR "/tmp/openssl-1.0.1h-i386/lib/engines"
#define OPENSSLDIR "/tmp/openssl-1.0.1h-i386"
#define ENGINESDIR "/tmp/openssl-1.0.2l-x86_64/lib/engines"
#define OPENSSLDIR "/tmp/openssl-1.0.2l-x86_64"
#endif
#endif
@@ -122,7 +161,7 @@
* This enables code handling data aligned at natural CPU word
* boundary. See crypto/rc4/rc4_enc.c for further details.
*/
#undef RC4_CHUNK
#define RC4_CHUNK unsigned long
#endif
#endif
@@ -136,21 +175,21 @@
#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
#define CONFIG_HEADER_BN_H
#define BN_LLONG
#undef BN_LLONG
/* Should we define BN_DIV2W here? */
/* Only one for the following should be defined */
#undef SIXTY_FOUR_BIT_LONG
#define SIXTY_FOUR_BIT_LONG
#undef SIXTY_FOUR_BIT
#define THIRTY_TWO_BIT
#undef THIRTY_TWO_BIT
#endif
#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
#define CONFIG_HEADER_RC4_LOCL_H
/* if this is defined data[i] is used instead of *data, this is a %20
* speedup on x86 */
#define RC4_INDEX
#undef RC4_INDEX
#endif
#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
@@ -179,7 +218,7 @@
#endif
#if defined(DES_RISC1) && defined(DES_RISC2)
YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
#error YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
#endif
/* Unroll the inner loop, this sometimes helps, sometimes hinders.
@@ -198,7 +237,7 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
optimization options. Older Sparc's work better with only UNROLL, but
there's no way to tell at compile time what it is you're running on */
#if defined( sun ) /* Newer Sparc's */
#if defined( __sun ) || defined ( sun ) /* Newer Sparc's */
# define DES_PTR
# define DES_RISC1
# define DES_UNROLL
@@ -230,3 +269,6 @@ YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
#endif /* DES_DEFAULT_OPTIONS */
#endif /* HEADER_DES_LOCL_H */
#ifdef __cplusplus
}
#endif

20
libs/openssl/include/openssl/opensslv.h
View File

@@ -1,7 +1,12 @@
#ifndef HEADER_OPENSSLV_H
# define HEADER_OPENSSLV_H
/* Numeric release version identifier:
#ifdef __cplusplus
extern "C" {
#endif
/*-
* Numeric release version identifier:
* MNNFFPPS: major minor fix patch status
* The status nibble has one of the values 0 for development, 1 to e for betas
* 1 to 14, and f for release. The patch level is exactly that.
@@ -25,16 +30,16 @@
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta)
*/
#define OPENSSL_VERSION_NUMBER 0x1000108fL
# define OPENSSL_VERSION_NUMBER 0x100020cfL
# ifdef OPENSSL_FIPS
#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1h-fips 5 Jun 2014"
# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2l-fips 25 May 2017"
# else
#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1h 5 Jun 2014"
# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2l 25 May 2017"
# endif
# define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
/* The macros below are to be used for shared library (.so, .dll, ...)
/*-
* The macros below are to be used for shared library (.so, .dll, ...)
* versioning. That kind of versioning works a bit differently between
* operating systems. The most usual scheme is to set a major and a minor
* number, and have the runtime loader check that the major number is equal
@@ -86,4 +91,7 @@
# define SHLIB_VERSION_NUMBER "1.0.0"
#ifdef __cplusplus
}
#endif
#endif /* HEADER_OPENSSLV_H */

15
libs/openssl/include/openssl/ossl_typ.h
View File

@@ -55,6 +55,10 @@
#ifndef HEADER_OPENSSL_TYPES_H
# define HEADER_OPENSSL_TYPES_H
#ifdef __cplusplus
extern "C" {
#endif
# include <openssl/e_os2.h>
# ifdef NO_ASN1_TYPEDEFS
@@ -96,6 +100,8 @@ typedef int ASN1_BOOLEAN;
typedef int ASN1_NULL;
# endif
typedef struct asn1_object_st ASN1_OBJECT;
typedef struct ASN1_ITEM_st ASN1_ITEM;
typedef struct asn1_pctx_st ASN1_PCTX;
@@ -172,6 +178,8 @@ typedef struct engine_st ENGINE;
typedef struct ssl_st SSL;
typedef struct ssl_ctx_st SSL_CTX;
typedef struct comp_method_st COMP_METHOD;
typedef struct X509_POLICY_NODE_st X509_POLICY_NODE;
typedef struct X509_POLICY_LEVEL_st X509_POLICY_LEVEL;
typedef struct X509_POLICY_TREE_st X509_POLICY_TREE;
@@ -192,11 +200,14 @@ typedef int CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
int idx, long argl, void *argp);
typedef void CRYPTO_EX_free (void *parent, void *ptr, CRYPTO_EX_DATA *ad,
int idx, long argl, void *argp);
typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d,
int idx, long argl, void *argp);
typedef int CRYPTO_EX_dup (CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from,
void *from_d, int idx, long argl, void *argp);
typedef struct ocsp_req_ctx_st OCSP_REQ_CTX;
typedef struct ocsp_response_st OCSP_RESPONSE;
typedef struct ocsp_responder_id_st OCSP_RESPID;
#ifdef __cplusplus
}
#endif
#endif /* def HEADER_OPENSSL_TYPES_H */

110
libs/openssl/include/openssl/pem.h
View File

@@ -129,6 +129,7 @@ extern "C" {
# define PEM_STRING_PKCS8 "ENCRYPTED PRIVATE KEY"
# define PEM_STRING_PKCS8INF "PRIVATE KEY"
# define PEM_STRING_DHPARAMS "DH PARAMETERS"
# define PEM_STRING_DHXPARAMS "X9.42 DH PARAMETERS"
# define PEM_STRING_SSL_SESSION "SSL SESSION PARAMETERS"
# define PEM_STRING_DSAPARAMS "DSA PARAMETERS"
# define PEM_STRING_ECDSA_PUBLIC "ECDSA PUBLIC KEY"
@@ -137,10 +138,11 @@ extern "C" {
# define PEM_STRING_PARAMETERS "PARAMETERS"
# define PEM_STRING_CMS "CMS"
/* Note that this structure is initialised by PEM_SealInit and cleaned up
by PEM_SealFinal (at least for now) */
typedef struct PEM_Encode_Seal_st
{
/*
* Note that this structure is initialised by PEM_SealInit and cleaned up
* by PEM_SealFinal (at least for now)
*/
typedef struct PEM_Encode_Seal_st {
EVP_ENCODE_CTX encode;
EVP_MD_CTX md;
EVP_CIPHER_CTX cipher;
@@ -152,20 +154,16 @@ typedef struct PEM_Encode_Seal_st
# define PEM_TYPE_MIC_CLEAR 30
# define PEM_TYPE_CLEAR 40
typedef struct pem_recip_st
{
typedef struct pem_recip_st {
char *name;
X509_NAME *dn;
int cipher;
int key_enc;
/* char iv[8]; unused and wrong size */
} PEM_USER;
typedef struct pem_ctx_st
{
typedef struct pem_ctx_st {
int type; /* what type of object */
struct {
int version;
int mode;
@@ -175,7 +173,8 @@ typedef struct pem_ctx_st
struct {
int cipher;
/* unused, and wrong size
/*-
unused, and wrong size
unsigned char iv[8]; */
} DEK_info;
@@ -183,8 +182,8 @@ typedef struct pem_ctx_st
int num_recipient;
PEM_USER **recipient;
/* XXX(ben): don#t think this is used!
/*-
XXX(ben): don#t think this is used!
STACK *x509_chain; / * certificate chain */
EVP_MD *md; /* signature type */
@@ -195,18 +194,19 @@ typedef struct pem_ctx_st
EVP_CIPHER *dec; /* date encryption cipher */
int key_len; /* key length */
unsigned char *key; /* key */
/* unused, and wrong size
/*-
unused, and wrong size
unsigned char iv[8]; */
int data_enc; /* is the data encrypted */
int data_len;
unsigned char *data;
} PEM_CTX;
/* These macros make the PEM_read/PEM_write functions easier to maintain and
* write. Now they are all implemented with either:
* IMPLEMENT_PEM_rw(...) or IMPLEMENT_PEM_rw_cb(...)
/*
* These macros make the PEM_read/PEM_write functions easier to maintain and
* write. Now they are all implemented with either: IMPLEMENT_PEM_rw(...) or
* IMPLEMENT_PEM_rw_cb(...)
*/
# ifdef OPENSSL_NO_FP_API
@@ -216,7 +216,6 @@ typedef struct pem_ctx_st
# define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) /**/
# define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) /**/
# define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) /**/
# else
# define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \
@@ -326,7 +325,6 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
# define DECLARE_PEM_read_fp(name, type) /**/
# define DECLARE_PEM_write_fp(name, type) /**/
# define DECLARE_PEM_write_cb_fp(name, type) /**/
# else
# define DECLARE_PEM_read_fp(name, type) \
@@ -364,37 +362,28 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
# define DECLARE_PEM_write_bio(name, type) /**/
# define DECLARE_PEM_write_bio_const(name, type) /**/
# define DECLARE_PEM_write_cb_bio(name, type) /**/
# endif
# define DECLARE_PEM_write(name, type) \
DECLARE_PEM_write_bio(name, type) \
DECLARE_PEM_write_fp(name, type)
# define DECLARE_PEM_write_const(name, type) \
DECLARE_PEM_write_bio_const(name, type) \
DECLARE_PEM_write_fp_const(name, type)
# define DECLARE_PEM_write_cb(name, type) \
DECLARE_PEM_write_cb_bio(name, type) \
DECLARE_PEM_write_cb_fp(name, type)
# define DECLARE_PEM_read(name, type) \
DECLARE_PEM_read_bio(name, type) \
DECLARE_PEM_read_fp(name, type)
# define DECLARE_PEM_rw(name, type) \
DECLARE_PEM_read(name, type) \
DECLARE_PEM_write(name, type)
# define DECLARE_PEM_rw_const(name, type) \
DECLARE_PEM_read(name, type) \
DECLARE_PEM_write_const(name, type)
# define DECLARE_PEM_rw_cb(name, type) \
DECLARE_PEM_read(name, type) \
DECLARE_PEM_write_cb(name, type)
# if 1
/* "userdata": new with OpenSSL 0.9.4 */
typedef int pem_password_cb (char *buf, int size, int rwflag, void *userdata);
@@ -410,24 +399,28 @@ int PEM_do_header (EVP_CIPHER_INFO *cipher, unsigned char *data,long *len,
# ifndef OPENSSL_NO_BIO
int PEM_read_bio(BIO *bp, char **name, char **header,
unsigned char **data, long *len);
int PEM_write_bio(BIO *bp,const char *name,char *hdr,unsigned char *data,
long len);
int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm, const char *name, BIO *bp,
int PEM_write_bio(BIO *bp, const char *name, const char *hdr,
const unsigned char *data, long len);
int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm,
const char *name, BIO *bp, pem_password_cb *cb,
void *u);
void *PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp, void **x,
pem_password_cb *cb, void *u);
void * PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp,
void **x, pem_password_cb *cb, void *u);
int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x,
const EVP_CIPHER *enc, unsigned char *kstr, int klen,
pem_password_cb *cb, void *u);
STACK_OF(X509_INFO) * PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u);
STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk,
pem_password_cb *cb, void *u);
int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
unsigned char *kstr, int klen, pem_password_cb *cd, void *u);
unsigned char *kstr, int klen,
pem_password_cb *cd, void *u);
# endif
int PEM_read(FILE *fp, char **name, char **header,
unsigned char **data, long *len);
int PEM_write(FILE *fp,char *name,char *hdr,unsigned char *data,long len);
int PEM_write(FILE *fp, const char *name, const char *hdr,
const unsigned char *data, long len);
void *PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x,
pem_password_cb *cb, void *u);
int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp,
@@ -453,61 +446,38 @@ int PEM_def_callback(char *buf, int num, int w, void *key);
void PEM_proc_type(char *buf, int type);
void PEM_dek_info(char *buf, const char *type, int len, char *str);
# include <openssl/symhacks.h>
DECLARE_PEM_rw(X509, X509)
DECLARE_PEM_rw(X509_AUX, X509)
DECLARE_PEM_rw(X509_CERT_PAIR, X509_CERT_PAIR)
DECLARE_PEM_rw(X509_REQ, X509_REQ)
DECLARE_PEM_write(X509_REQ_NEW, X509_REQ)
DECLARE_PEM_rw(X509_CRL, X509_CRL)
DECLARE_PEM_rw(PKCS7, PKCS7)
DECLARE_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE)
DECLARE_PEM_rw(PKCS8, X509_SIG)
DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO)
# ifndef OPENSSL_NO_RSA
DECLARE_PEM_rw_cb(RSAPrivateKey, RSA)
DECLARE_PEM_rw_const(RSAPublicKey, RSA)
DECLARE_PEM_rw(RSA_PUBKEY, RSA)
# endif
# ifndef OPENSSL_NO_DSA
DECLARE_PEM_rw_cb(DSAPrivateKey, DSA)
DECLARE_PEM_rw(DSA_PUBKEY, DSA)
DECLARE_PEM_rw_const(DSAparams, DSA)
# endif
# ifndef OPENSSL_NO_EC
DECLARE_PEM_rw_const(ECPKParameters, EC_GROUP)
DECLARE_PEM_rw_cb(ECPrivateKey, EC_KEY)
DECLARE_PEM_rw(EC_PUBKEY, EC_KEY)
# endif
# ifndef OPENSSL_NO_DH
DECLARE_PEM_rw_const(DHparams, DH)
DECLARE_PEM_write_const(DHxparams, DH)
# endif
DECLARE_PEM_rw_cb(PrivateKey, EVP_PKEY)
DECLARE_PEM_rw(PUBKEY, EVP_PKEY)
int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
@@ -521,7 +491,8 @@ int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
char *kstr, int klen,
pem_password_cb *cb, void *u);
EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u);
EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
void *u);
int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
char *kstr, int klen,
@@ -533,15 +504,16 @@ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
char *kstr, int klen,
pem_password_cb *cb, void *u);
EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u);
EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb,
void *u);
int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
char *kstr,int klen, pem_password_cb *cd, void *u);
char *kstr, int klen, pem_password_cb *cd,
void *u);
EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x);
int PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x);
EVP_PKEY *b2i_PrivateKey(const unsigned char **in, long length);
EVP_PKEY *b2i_PublicKey(const unsigned char **in, long length);
EVP_PKEY *b2i_PrivateKey_bio(BIO *in);
@@ -554,11 +526,12 @@ int i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel,
pem_password_cb *cb, void *u);
# endif
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_PEM_strings(void);
/* Error codes for the PEM functions. */
@@ -592,8 +565,10 @@ void ERR_load_PEM_strings(void);
# define PEM_F_PEM_PK8PKEY 119
# define PEM_F_PEM_READ 108
# define PEM_F_PEM_READ_BIO 109
# define PEM_F_PEM_READ_BIO_DHPARAMS 141
# define PEM_F_PEM_READ_BIO_PARAMETERS 140
# define PEM_F_PEM_READ_BIO_PRIVATEKEY 123
# define PEM_F_PEM_READ_DHPARAMS 142
# define PEM_F_PEM_READ_PRIVATEKEY 124
# define PEM_F_PEM_SEALFINAL 110
# define PEM_F_PEM_SEALINIT 111
@@ -618,6 +593,7 @@ void ERR_load_PEM_strings(void);
# define PEM_R_ERROR_CONVERTING_PRIVATE_KEY 115
# define PEM_R_EXPECTING_PRIVATE_KEY_BLOB 119
# define PEM_R_EXPECTING_PUBLIC_KEY_BLOB 120
# define PEM_R_HEADER_TOO_LONG 128
# define PEM_R_INCONSISTENT_HEADER 121
# define PEM_R_KEYBLOB_HEADER_PARSE_ERROR 122
# define PEM_R_KEYBLOB_TOO_SHORT 123

63
libs/openssl/include/openssl/pkcs12.h
View File

@@ -1,6 +1,7 @@
/* pkcs12.h */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
* 1999.
*/
/* ====================================================================
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
@@ -81,7 +82,9 @@ extern "C" {
/* Uncomment out next line for unicode password and names, otherwise ASCII */
/*#define PBE_UNICODE*/
/*
* #define PBE_UNICODE
*/
# ifdef PBE_UNICODE
# define PKCS12_key_gen PKCS12_key_gen_uni
@@ -166,22 +169,21 @@ union {
# define PKCS12_mac_present(p12) ((p12)->mac ? 1 : 0)
PKCS12_SAFEBAG *PKCS12_x5092certbag(X509 *x509);
PKCS12_SAFEBAG *PKCS12_x509crl2certbag(X509_CRL *crl);
X509 *PKCS12_certbag2x509(PKCS12_SAFEBAG *bag);
X509_CRL *PKCS12_certbag2x509crl(PKCS12_SAFEBAG *bag);
PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it, int nid1,
int nid2);
PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it,
int nid1, int nid2);
PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8);
PKCS8_PRIV_KEY_INFO *PKCS8_decrypt(X509_SIG *p8, const char *pass, int passlen);
PKCS8_PRIV_KEY_INFO *PKCS12_decrypt_skey(PKCS12_SAFEBAG *bag, const char *pass,
PKCS8_PRIV_KEY_INFO *PKCS8_decrypt(X509_SIG *p8, const char *pass,
int passlen);
PKCS8_PRIV_KEY_INFO *PKCS12_decrypt_skey(PKCS12_SAFEBAG *bag,
const char *pass, int passlen);
X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher,
const char *pass, int passlen,
unsigned char *salt, int saltlen, int iter,
PKCS8_PRIV_KEY_INFO *p8);
const char *pass, int passlen, unsigned char *salt,
int saltlen, int iter, PKCS8_PRIV_KEY_INFO *p8);
PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char *pass,
int passlen, unsigned char *salt,
int saltlen, int iter,
@@ -191,37 +193,44 @@ STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7);
PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen,
unsigned char *salt, int saltlen, int iter,
STACK_OF(PKCS12_SAFEBAG) *bags);
STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7encdata(PKCS7 *p7, const char *pass, int passlen);
STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7encdata(PKCS7 *p7, const char *pass,
int passlen);
int PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes);
STACK_OF(PKCS7) *PKCS12_unpack_authsafes(PKCS12 *p12);
int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name, int namelen);
int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name,
int namelen);
int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name,
int namelen);
int PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name,
int namelen);
int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag, const unsigned char *name,
int namelen);
int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag,
const unsigned char *name, int namelen);
int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage);
ASN1_TYPE *PKCS12_get_attr_gen(STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid);
char *PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag);
unsigned char *PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass,
int passlen, unsigned char *in, int inlen,
unsigned char **data, int *datalen, int en_de);
unsigned char **data, int *datalen,
int en_de);
void *PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it,
const char *pass, int passlen, ASN1_OCTET_STRING *oct, int zbuf);
ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor, const ASN1_ITEM *it,
const char *pass, int passlen,
ASN1_OCTET_STRING *oct, int zbuf);
ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor,
const ASN1_ITEM *it,
const char *pass, int passlen,
void *obj, int zbuf);
PKCS12 *PKCS12_init(int mode);
int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
int saltlen, int id, int iter, int n,
unsigned char *out, const EVP_MD *md_type);
int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int id, int iter, int n, unsigned char *out, const EVP_MD *md_type);
int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
int saltlen, int id, int iter, int n,
unsigned char *out, const EVP_MD *md_type);
int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md_type,
int en_de);
ASN1_TYPE *param, const EVP_CIPHER *cipher,
const EVP_MD *md_type, int en_de);
int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
unsigned char *mac, unsigned int *maclen);
int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen);
@@ -230,7 +239,8 @@ int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen,
const EVP_MD *md_type);
int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt,
int saltlen, const EVP_MD *md_type);
unsigned char *OPENSSL_asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen);
unsigned char *OPENSSL_asc2uni(const char *asc, int asclen,
unsigned char **uni, int *unilen);
char *OPENSSL_uni2asc(unsigned char *uni, int unilen);
DECLARE_ASN1_FUNCTIONS(PKCS12)
@@ -249,8 +259,8 @@ PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
int mac_iter, int keytype);
PKCS12_SAFEBAG *PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert);
PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags, EVP_PKEY *key,
int key_usage, int iter,
PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags,
EVP_PKEY *key, int key_usage, int iter,
int key_nid, char *pass);
int PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags,
int safe_nid, int iter, char *pass);
@@ -260,10 +270,11 @@ int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12);
int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12);
PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12);
PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12);
int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass);
int PKCS12_newpass(PKCS12 *p12, const char *oldpass, const char *newpass);
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_PKCS12_strings(void);

91
libs/openssl/include/openssl/pkcs7.h
View File

@@ -76,21 +76,19 @@ extern "C" {
# undef PKCS7_SIGNER_INFO
# endif
/*
/*-
Encryption_ID DES-CBC
Digest_ID MD5
Digest_Encryption_ID rsaEncryption
Key_Encryption_ID rsaEncryption
*/
typedef struct pkcs7_issuer_and_serial_st
{
typedef struct pkcs7_issuer_and_serial_st {
X509_NAME *issuer;
ASN1_INTEGER *serial;
} PKCS7_ISSUER_AND_SERIAL;
typedef struct pkcs7_signer_info_st
{
typedef struct pkcs7_signer_info_st {
ASN1_INTEGER *version; /* version 1 */
PKCS7_ISSUER_AND_SERIAL *issuer_and_serial;
X509_ALGOR *digest_alg;
@@ -98,7 +96,6 @@ typedef struct pkcs7_signer_info_st
X509_ALGOR *digest_enc_alg;
ASN1_OCTET_STRING *enc_digest;
STACK_OF(X509_ATTRIBUTE) *unauth_attr; /* [ 1 ] */
/* The private key to sign with */
EVP_PKEY *pkey;
} PKCS7_SIGNER_INFO;
@@ -106,8 +103,7 @@ typedef struct pkcs7_signer_info_st
DECLARE_STACK_OF(PKCS7_SIGNER_INFO)
DECLARE_ASN1_SET_OF(PKCS7_SIGNER_INFO)
typedef struct pkcs7_recip_info_st
{
typedef struct pkcs7_recip_info_st {
ASN1_INTEGER *version; /* version 0 */
PKCS7_ISSUER_AND_SERIAL *issuer_and_serial;
X509_ALGOR *key_enc_algor;
@@ -118,99 +114,86 @@ typedef struct pkcs7_recip_info_st
DECLARE_STACK_OF(PKCS7_RECIP_INFO)
DECLARE_ASN1_SET_OF(PKCS7_RECIP_INFO)
typedef struct pkcs7_signed_st
{
typedef struct pkcs7_signed_st {
ASN1_INTEGER *version; /* version 1 */
STACK_OF(X509_ALGOR) *md_algs; /* md used */
STACK_OF(X509) *cert; /* [ 0 ] */
STACK_OF(X509_CRL) *crl; /* [ 1 ] */
STACK_OF(PKCS7_SIGNER_INFO) *signer_info;
struct pkcs7_st *contents;
} PKCS7_SIGNED;
/* The above structure is very very similar to PKCS7_SIGN_ENVELOPE.
* How about merging the two */
/*
* The above structure is very very similar to PKCS7_SIGN_ENVELOPE. How about
* merging the two
*/
typedef struct pkcs7_enc_content_st
{
typedef struct pkcs7_enc_content_st {
ASN1_OBJECT *content_type;
X509_ALGOR *algorithm;
ASN1_OCTET_STRING *enc_data; /* [ 0 ] */
const EVP_CIPHER *cipher;
} PKCS7_ENC_CONTENT;
typedef struct pkcs7_enveloped_st
{
typedef struct pkcs7_enveloped_st {
ASN1_INTEGER *version; /* version 0 */
STACK_OF(PKCS7_RECIP_INFO) *recipientinfo;
PKCS7_ENC_CONTENT *enc_data;
} PKCS7_ENVELOPE;
typedef struct pkcs7_signedandenveloped_st
{
typedef struct pkcs7_signedandenveloped_st {
ASN1_INTEGER *version; /* version 1 */
STACK_OF(X509_ALGOR) *md_algs; /* md used */
STACK_OF(X509) *cert; /* [ 0 ] */
STACK_OF(X509_CRL) *crl; /* [ 1 ] */
STACK_OF(PKCS7_SIGNER_INFO) *signer_info;
PKCS7_ENC_CONTENT *enc_data;
STACK_OF(PKCS7_RECIP_INFO) *recipientinfo;
} PKCS7_SIGN_ENVELOPE;
typedef struct pkcs7_digest_st
{
typedef struct pkcs7_digest_st {
ASN1_INTEGER *version; /* version 0 */
X509_ALGOR *md; /* md used */
struct pkcs7_st *contents;
ASN1_OCTET_STRING *digest;
} PKCS7_DIGEST;
typedef struct pkcs7_encrypted_st
{
typedef struct pkcs7_encrypted_st {
ASN1_INTEGER *version; /* version 0 */
PKCS7_ENC_CONTENT *enc_data;
} PKCS7_ENCRYPT;
typedef struct pkcs7_st
{
/* The following is non NULL if it contains ASN1 encoding of
* this structure */
typedef struct pkcs7_st {
/*
* The following is non NULL if it contains ASN1 encoding of this
* structure
*/
unsigned char *asn1;
long length;
# define PKCS7_S_HEADER 0
# define PKCS7_S_BODY 1
# define PKCS7_S_TAIL 2
int state; /* used during processing */
int detached;
ASN1_OBJECT *type;
/* content as defined by the type */
/* all encryption/message digests are applied to the 'contents',
* leaving out the 'type' field. */
/*
* all encryption/message digests are applied to the 'contents', leaving
* out the 'type' field.
*/
union {
char *ptr;
/* NID_pkcs7_data */
ASN1_OCTET_STRING *data;
/* NID_pkcs7_signed */
PKCS7_SIGNED *sign;
/* NID_pkcs7_enveloped */
PKCS7_ENVELOPE *enveloped;
/* NID_pkcs7_signedAndEnveloped */
PKCS7_SIGN_ENVELOPE *signed_and_enveloped;
/* NID_pkcs7_digest */
PKCS7_DIGEST *digest;
/* NID_pkcs7_encrypted */
PKCS7_ENCRYPT *encrypted;
/* Anything else */
ASN1_TYPE *other;
} d;
@@ -233,10 +216,6 @@ DECLARE_PKCS12_STACK_OF(PKCS7)
(OBJ_obj2nid((a)->type) == NID_pkcs7_signedAndEnveloped)
# define PKCS7_type_is_data(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_data)
# define PKCS7_type_is_digest(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_digest)
#define PKCS7_type_is_encrypted(a) \
(OBJ_obj2nid((a)->type) == NID_pkcs7_encrypted)
#define PKCS7_type_is_digest(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_digest)
# define PKCS7_set_detached(p,v) \
PKCS7_ctrl(p,PKCS7_OP_SET_DETACHED_SIGNATURE,v,NULL)
@@ -278,8 +257,9 @@ DECLARE_PKCS12_STACK_OF(PKCS7)
DECLARE_ASN1_FUNCTIONS(PKCS7_ISSUER_AND_SERIAL)
int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,const EVP_MD *type,
unsigned char *md,unsigned int *len);
int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,
const EVP_MD *type, unsigned char *md,
unsigned int *len);
# ifndef OPENSSL_NO_FP_API
PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7);
int i2d_PKCS7_fp(FILE *fp, PKCS7 *p7);
@@ -327,7 +307,6 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio);
int PKCS7_dataFinal(PKCS7 *p7, BIO *bio);
BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert);
PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509,
EVP_PKEY *pkey, const EVP_MD *dgst);
X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si);
@@ -353,23 +332,25 @@ ASN1_TYPE *PKCS7_get_attribute(PKCS7_SIGNER_INFO *si, int nid);
ASN1_TYPE *PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO *si, int nid);
int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si,
STACK_OF(X509_ATTRIBUTE) *sk);
int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si,STACK_OF(X509_ATTRIBUTE) *sk);
int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si,
STACK_OF(X509_ATTRIBUTE) *sk);
PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
BIO *data, int flags);
PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7,
X509 *signcert, EVP_PKEY *pkey, const EVP_MD *md,
int flags);
X509 *signcert, EVP_PKEY *pkey,
const EVP_MD *md, int flags);
int PKCS7_final(PKCS7 *p7, BIO *data, int flags);
int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
BIO *indata, BIO *out, int flags);
STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags);
STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs,
int flags);
PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher,
int flags);
int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags);
int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data,
int flags);
int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si,
STACK_OF(X509_ALGOR) *cap);
@@ -386,9 +367,9 @@ PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont);
BIO *BIO_new_PKCS7(BIO *out, PKCS7 *p7);
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_PKCS7_strings(void);

9
libs/openssl/include/openssl/pqueue.h
View File

@@ -64,10 +64,12 @@
# include <stdlib.h>
# include <string.h>
#ifdef __cplusplus
extern "C" {
#endif
typedef struct _pqueue *pqueue;
typedef struct _pitem
{
typedef struct _pitem {
unsigned char priority[8]; /* 64-bit value in big-endian encoding */
void *data;
struct _pitem *next;
@@ -91,4 +93,7 @@ pitem *pqueue_next(piterator *iter);
void pqueue_print(pqueue pq);
int pqueue_size(pqueue pq);
#ifdef __cplusplus
}
#endif
#endif /* ! HEADER_PQUEUE_H */

6
libs/openssl/include/openssl/rand.h
View File

@@ -78,8 +78,7 @@ extern "C" {
/* Already defined in ossl_typ.h */
/* typedef struct rand_meth_st RAND_METHOD; */
struct rand_meth_st
{
struct rand_meth_st {
void (*seed) (const void *buf, int num);
int (*bytes) (unsigned char *buf, int num);
void (*cleanup) (void);
@@ -125,7 +124,8 @@ int RAND_init_fips(void);
# endif
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_RAND_strings(void);

10
libs/openssl/include/openssl/rc2.h
View File

@@ -74,17 +74,17 @@
extern "C" {
#endif
typedef struct rc2_key_st
{
typedef struct rc2_key_st {
RC2_INT data[64];
} RC2_KEY;
# ifdef OPENSSL_FIPS
void private_RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits);
void private_RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,
int bits);
# endif
void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits);
void RC2_ecb_encrypt(const unsigned char *in,unsigned char *out,RC2_KEY *key,
int enc);
void RC2_ecb_encrypt(const unsigned char *in, unsigned char *out,
RC2_KEY *key, int enc);
void RC2_encrypt(unsigned long *data, RC2_KEY *key);
void RC2_decrypt(unsigned long *data, RC2_KEY *key);
void RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,

4
libs/openssl/include/openssl/rc4.h
View File

@@ -70,13 +70,11 @@
extern "C" {
#endif
typedef struct rc4_key_st
{
typedef struct rc4_key_st {
RC4_INT x, y;
RC4_INT data[256];
} RC4_KEY;
const char *RC4_options(void);
void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
void private_RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);

6
libs/openssl/include/openssl/ripemd.h
View File

@@ -83,8 +83,7 @@ extern "C" {
# define RIPEMD160_LBLOCK (RIPEMD160_CBLOCK/4)
# define RIPEMD160_DIGEST_LENGTH 20
typedef struct RIPEMD160state_st
{
typedef struct RIPEMD160state_st {
RIPEMD160_LONG A, B, C, D, E;
RIPEMD160_LONG Nl, Nh;
RIPEMD160_LONG data[RIPEMD160_LBLOCK];
@@ -97,8 +96,7 @@ int private_RIPEMD160_Init(RIPEMD160_CTX *c);
int RIPEMD160_Init(RIPEMD160_CTX *c);
int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, size_t len);
int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c);
unsigned char *RIPEMD160(const unsigned char *d, size_t n,
unsigned char *md);
unsigned char *RIPEMD160(const unsigned char *d, size_t n, unsigned char *md);
void RIPEMD160_Transform(RIPEMD160_CTX *c, const unsigned char *b);
#ifdef __cplusplus
}

254
libs/openssl/include/openssl/rsa.h
View File

@@ -82,54 +82,58 @@ extern "C" {
/* typedef struct rsa_st RSA; */
/* typedef struct rsa_meth_st RSA_METHOD; */
struct rsa_meth_st
{
struct rsa_meth_st {
const char *name;
int (*rsa_pub_enc) (int flen, const unsigned char *from,
unsigned char *to,
RSA *rsa,int padding);
unsigned char *to, RSA *rsa, int padding);
int (*rsa_pub_dec) (int flen, const unsigned char *from,
unsigned char *to,
RSA *rsa,int padding);
unsigned char *to, RSA *rsa, int padding);
int (*rsa_priv_enc) (int flen, const unsigned char *from,
unsigned char *to,
RSA *rsa,int padding);
unsigned char *to, RSA *rsa, int padding);
int (*rsa_priv_dec) (int flen, const unsigned char *from,
unsigned char *to,
RSA *rsa,int padding);
int (*rsa_mod_exp)(BIGNUM *r0,const BIGNUM *I,RSA *rsa,BN_CTX *ctx); /* Can be null */
unsigned char *to, RSA *rsa, int padding);
/* Can be null */
int (*rsa_mod_exp) (BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx);
/* Can be null */
int (*bn_mod_exp) (BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx,
BN_MONT_CTX *m_ctx); /* Can be null */
int (*init)(RSA *rsa); /* called at new */
int (*finish)(RSA *rsa); /* called at free */
int flags; /* RSA_METHOD_FLAG_* things */
char *app_data; /* may be needed! */
/* New sign and verify functions: some libraries don't allow arbitrary data
* to be signed/verified: this allows them to be used. Note: for this to work
* the RSA_public_decrypt() and RSA_private_encrypt() should *NOT* be used
* RSA_sign(), RSA_verify() should be used instead. Note: for backwards
* compatibility this functionality is only enabled if the RSA_FLAG_SIGN_VER
* option is set in 'flags'.
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
/* called at new */
int (*init) (RSA *rsa);
/* called at free */
int (*finish) (RSA *rsa);
/* RSA_METHOD_FLAG_* things */
int flags;
/* may be needed! */
char *app_data;
/*
* New sign and verify functions: some libraries don't allow arbitrary
* data to be signed/verified: this allows them to be used. Note: for
* this to work the RSA_public_decrypt() and RSA_private_encrypt() should
* *NOT* be used RSA_sign(), RSA_verify() should be used instead. Note:
* for backwards compatibility this functionality is only enabled if the
* RSA_FLAG_SIGN_VER option is set in 'flags'.
*/
int (*rsa_sign) (int type,
const unsigned char *m, unsigned int m_length,
unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
int (*rsa_verify)(int dtype,
const unsigned char *m, unsigned int m_length,
const unsigned char *sigbuf, unsigned int siglen,
unsigned char *sigret, unsigned int *siglen,
const RSA *rsa);
/* If this callback is NULL, the builtin software RSA key-gen will be used. This
* is for behavioural compatibility whilst the code gets rewired, but one day
* it would be nice to assume there are no such things as "builtin software"
* implementations. */
int (*rsa_verify) (int dtype, const unsigned char *m,
unsigned int m_length, const unsigned char *sigbuf,
unsigned int siglen, const RSA *rsa);
/*
* If this callback is NULL, the builtin software RSA key-gen will be
* used. This is for behavioural compatibility whilst the code gets
* rewired, but one day it would be nice to assume there are no such
* things as "builtin software" implementations.
*/
int (*rsa_keygen) (RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
};
struct rsa_st
{
/* The first parameter is used to pickup errors where
* this is passed instead of aEVP_PKEY, it is set to 0 */
struct rsa_st {
/*
* The first parameter is used to pickup errors where this is passed
* instead of aEVP_PKEY, it is set to 0
*/
int pad;
long version;
const RSA_METHOD *meth;
@@ -147,14 +151,14 @@ struct rsa_st
CRYPTO_EX_DATA ex_data;
int references;
int flags;
/* Used to cache montgomery values */
BN_MONT_CTX *_method_mod_n;
BN_MONT_CTX *_method_mod_p;
BN_MONT_CTX *_method_mod_q;
/* all BIGNUM values are actually in the following data, if it is not
* NULL */
/*
* all BIGNUM values are actually in the following data, if it is not
* NULL
*/
char *bignum_data;
BN_BLINDING *blinding;
BN_BLINDING *mt_blinding;
@@ -168,35 +172,44 @@ struct rsa_st
# define OPENSSL_RSA_SMALL_MODULUS_BITS 3072
# endif
# ifndef OPENSSL_RSA_MAX_PUBEXP_BITS
# define OPENSSL_RSA_MAX_PUBEXP_BITS 64 /* exponent limit enforced for "large" modulus only */
/* exponent limit enforced for "large" modulus only */
# define OPENSSL_RSA_MAX_PUBEXP_BITS 64
# endif
# define RSA_3 0x3L
# define RSA_F4 0x10001L
#define RSA_METHOD_FLAG_NO_CHECK 0x0001 /* don't check pub/private match */
# define RSA_METHOD_FLAG_NO_CHECK 0x0001/* don't check pub/private
* match */
# define RSA_FLAG_CACHE_PUBLIC 0x0002
# define RSA_FLAG_CACHE_PRIVATE 0x0004
# define RSA_FLAG_BLINDING 0x0008
# define RSA_FLAG_THREAD_SAFE 0x0010
/* This flag means the private key operations will be handled by rsa_mod_exp
/*
* This flag means the private key operations will be handled by rsa_mod_exp
* and that they do not depend on the private key components being present:
* for example a key stored in external hardware. Without this flag bn_mod_exp
* gets called when private key components are absent.
* for example a key stored in external hardware. Without this flag
* bn_mod_exp gets called when private key components are absent.
*/
# define RSA_FLAG_EXT_PKEY 0x0020
/* This flag in the RSA_METHOD enables the new rsa_sign, rsa_verify functions.
/*
* This flag in the RSA_METHOD enables the new rsa_sign, rsa_verify
* functions.
*/
# define RSA_FLAG_SIGN_VER 0x0040
#define RSA_FLAG_NO_BLINDING 0x0080 /* new with 0.9.6j and 0.9.7b; the built-in
/*
* new with 0.9.6j and 0.9.7b; the built-in
* RSA implementation now uses blinding by
* default (ignoring RSA_FLAG_BLINDING),
* but other engines might not need it
*/
#define RSA_FLAG_NO_CONSTTIME 0x0100 /* new with 0.9.8f; the built-in RSA
# define RSA_FLAG_NO_BLINDING 0x0080
/*
* new with 0.9.8f; the built-in RSA
* implementation now uses constant time
* operations by default in private key operations,
* e.g., constant time modular exponentiation,
@@ -206,18 +219,20 @@ struct rsa_st
* operations and results in faster RSA
* private key operations.
*/
#ifndef OPENSSL_NO_DEPRECATED
#define RSA_FLAG_NO_EXP_CONSTTIME RSA_FLAG_NO_CONSTTIME /* deprecated name for the flag*/
/* new with 0.9.7h; the built-in RSA
# define RSA_FLAG_NO_CONSTTIME 0x0100
# ifdef OPENSSL_USE_DEPRECATED
/* deprecated name for the flag*/
/*
* new with 0.9.7h; the built-in RSA
* implementation now uses constant time
* modular exponentiation for secret exponents
* by default. This flag causes the
* faster variable sliding window method to
* be used for all exponents.
*/
# define RSA_FLAG_NO_EXP_CONSTTIME RSA_FLAG_NO_CONSTTIME
# endif
# define EVP_PKEY_CTX_set_rsa_padding(ctx, pad) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, EVP_PKEY_CTRL_RSA_PADDING, \
pad, NULL)
@@ -247,13 +262,31 @@ struct rsa_st
EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, 0, pubexp)
# define EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, md) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_SIG, \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT, \
EVP_PKEY_CTRL_RSA_MGF1_MD, 0, (void *)md)
# define EVP_PKEY_CTX_set_rsa_oaep_md(ctx, md) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT, \
EVP_PKEY_CTRL_RSA_OAEP_MD, 0, (void *)md)
# define EVP_PKEY_CTX_get_rsa_mgf1_md(ctx, pmd) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_SIG, \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT, \
EVP_PKEY_CTRL_GET_RSA_MGF1_MD, 0, (void *)pmd)
# define EVP_PKEY_CTX_get_rsa_oaep_md(ctx, pmd) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT, \
EVP_PKEY_CTRL_GET_RSA_OAEP_MD, 0, (void *)pmd)
# define EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, l, llen) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT, \
EVP_PKEY_CTRL_RSA_OAEP_LABEL, llen, (void *)l)
# define EVP_PKEY_CTX_get0_rsa_oaep_label(ctx, l) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT, \
EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL, 0, (void *)l)
# define EVP_PKEY_CTRL_RSA_PADDING (EVP_PKEY_ALG_CTRL + 1)
# define EVP_PKEY_CTRL_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 2)
@@ -265,6 +298,12 @@ struct rsa_st
# define EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 7)
# define EVP_PKEY_CTRL_GET_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 8)
# define EVP_PKEY_CTRL_RSA_OAEP_MD (EVP_PKEY_ALG_CTRL + 9)
# define EVP_PKEY_CTRL_RSA_OAEP_LABEL (EVP_PKEY_ALG_CTRL + 10)
# define EVP_PKEY_CTRL_GET_RSA_OAEP_MD (EVP_PKEY_ALG_CTRL + 11)
# define EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL (EVP_PKEY_ALG_CTRL + 12)
# define RSA_PKCS1_PADDING 1
# define RSA_SSLV23_PADDING 2
# define RSA_NO_PADDING 3
@@ -323,8 +362,7 @@ const RSA_METHOD *RSA_null_method(void);
DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPublicKey)
DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPrivateKey)
typedef struct rsa_pss_params_st
{
typedef struct rsa_pss_params_st {
X509_ALGOR *hashAlgorithm;
X509_ALGOR *maskGenAlgorithm;
ASN1_INTEGER *saltLength;
@@ -333,6 +371,14 @@ typedef struct rsa_pss_params_st
DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
typedef struct rsa_oaep_params_st {
X509_ALGOR *hashFunc;
X509_ALGOR *maskGenFunc;
X509_ALGOR *pSourceFunc;
} RSA_OAEP_PARAMS;
DECLARE_ASN1_FUNCTIONS(RSA_OAEP_PARAMS)
# ifndef OPENSSL_NO_FP_API
int RSA_print_fp(FILE *fp, const RSA *r, int offset);
# endif
@@ -343,11 +389,11 @@ int RSA_print(BIO *bp, const RSA *r,int offset);
# ifndef OPENSSL_NO_RC4
int i2d_RSA_NET(const RSA *a, unsigned char **pp,
int (*cb)(char *buf, int len, const char *prompt, int verify),
int sgckey);
int (*cb) (char *buf, int len, const char *prompt,
int verify), int sgckey);
RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length,
int (*cb)(char *buf, int len, const char *prompt, int verify),
int sgckey);
int (*cb) (char *buf, int len, const char *prompt,
int verify), int sgckey);
int i2d_Netscape_RSA(const RSA *a, unsigned char **pp,
int (*cb) (char *buf, int len, const char *prompt,
@@ -357,21 +403,26 @@ RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length,
int verify));
# endif
/* The following 2 functions sign and verify a X509_SIG ASN1 object
* inside PKCS#1 padded RSA encryption */
/*
* The following 2 functions sign and verify a X509_SIG ASN1 object inside
* PKCS#1 padded RSA encryption
*/
int RSA_sign(int type, const unsigned char *m, unsigned int m_length,
unsigned char *sigret, unsigned int *siglen, RSA *rsa);
int RSA_verify(int type, const unsigned char *m, unsigned int m_length,
const unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
/* The following 2 function sign and verify a ASN1_OCTET_STRING
* object inside PKCS#1 padded RSA encryption */
/*
* The following 2 function sign and verify a ASN1_OCTET_STRING object inside
* PKCS#1 padded RSA encryption
*/
int RSA_sign_ASN1_OCTET_STRING(int type,
const unsigned char *m, unsigned int m_length,
unsigned char *sigret, unsigned int *siglen, RSA *rsa);
int RSA_verify_ASN1_OCTET_STRING(int type,
const unsigned char *m, unsigned int m_length,
unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
unsigned char *sigret, unsigned int *siglen,
RSA *rsa);
int RSA_verify_ASN1_OCTET_STRING(int type, const unsigned char *m,
unsigned int m_length, unsigned char *sigbuf,
unsigned int siglen, RSA *rsa);
int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
void RSA_blinding_off(RSA *rsa);
@@ -380,38 +431,50 @@ BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *ctx);
int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
const unsigned char *f, int fl);
int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
const unsigned char *f,int fl,int rsa_len);
const unsigned char *f, int fl,
int rsa_len);
int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
const unsigned char *f, int fl);
int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
const unsigned char *f,int fl,int rsa_len);
int PKCS1_MGF1(unsigned char *mask, long len,
const unsigned char *seed, long seedlen, const EVP_MD *dgst);
const unsigned char *f, int fl,
int rsa_len);
int PKCS1_MGF1(unsigned char *mask, long len, const unsigned char *seed,
long seedlen, const EVP_MD *dgst);
int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
const unsigned char *f, int fl,
const unsigned char *p, int pl);
int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
const unsigned char *f, int fl, int rsa_len,
const unsigned char *p, int pl);
int RSA_padding_add_PKCS1_OAEP_mgf1(unsigned char *to, int tlen,
const unsigned char *from, int flen,
const unsigned char *param, int plen,
const EVP_MD *md, const EVP_MD *mgf1md);
int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen,
const unsigned char *from, int flen,
int num, const unsigned char *param,
int plen, const EVP_MD *md,
const EVP_MD *mgf1md);
int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
const unsigned char *f, int fl);
int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
const unsigned char *f, int fl, int rsa_len);
int RSA_padding_add_none(unsigned char *to,int tlen,
const unsigned char *f,int fl);
int RSA_padding_add_none(unsigned char *to, int tlen, const unsigned char *f,
int fl);
int RSA_padding_check_none(unsigned char *to, int tlen,
const unsigned char *f, int fl, int rsa_len);
int RSA_padding_add_X931(unsigned char *to,int tlen,
const unsigned char *f,int fl);
int RSA_padding_add_X931(unsigned char *to, int tlen, const unsigned char *f,
int fl);
int RSA_padding_check_X931(unsigned char *to, int tlen,
const unsigned char *f, int fl, int rsa_len);
int RSA_X931_hash_id(int nid);
int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
const EVP_MD *Hash, const unsigned char *EM, int sLen);
const EVP_MD *Hash, const unsigned char *EM,
int sLen);
int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
const unsigned char *mHash,
const EVP_MD *Hash, int sLen);
const unsigned char *mHash, const EVP_MD *Hash,
int sLen);
int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
const EVP_MD *Hash, const EVP_MD *mgf1Hash,
@@ -419,7 +482,8 @@ int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
const unsigned char *mHash,
const EVP_MD *Hash, const EVP_MD *mgf1Hash, int sLen);
const EVP_MD *Hash, const EVP_MD *mgf1Hash,
int sLen);
int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
@@ -429,27 +493,31 @@ void *RSA_get_ex_data(const RSA *r, int idx);
RSA *RSAPublicKey_dup(RSA *rsa);
RSA *RSAPrivateKey_dup(RSA *rsa);
/* If this flag is set the RSA method is FIPS compliant and can be used
* in FIPS mode. This is set in the validated module method. If an
* application sets this flag in its own methods it is its responsibility
* to ensure the result is compliant.
/*
* If this flag is set the RSA method is FIPS compliant and can be used in
* FIPS mode. This is set in the validated module method. If an application
* sets this flag in its own methods it is its responsibility to ensure the
* result is compliant.
*/
# define RSA_FLAG_FIPS_METHOD 0x0400
/* If this flag is set the operations normally disabled in FIPS mode are
/*
* If this flag is set the operations normally disabled in FIPS mode are
* permitted it is then the applications responsibility to ensure that the
* usage is compliant.
*/
# define RSA_FLAG_NON_FIPS_ALLOW 0x0400
/* Application has decided PRNG is good enough to generate a key: don't
/*
* Application has decided PRNG is good enough to generate a key: don't
* check.
*/
# define RSA_FLAG_CHECKED 0x0800
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_RSA_strings(void);
@@ -467,8 +535,10 @@ void ERR_load_RSA_strings(void);
# define RSA_F_PKEY_RSA_SIGN 142
# define RSA_F_PKEY_RSA_VERIFY 154
# define RSA_F_PKEY_RSA_VERIFYRECOVER 141
# define RSA_F_RSA_ALGOR_TO_MD 157
# define RSA_F_RSA_BUILTIN_KEYGEN 129
# define RSA_F_RSA_CHECK_KEY 123
# define RSA_F_RSA_CMS_DECRYPT 158
# define RSA_F_RSA_EAY_PRIVATE_DECRYPT 101
# define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 102
# define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103
@@ -477,6 +547,7 @@ void ERR_load_RSA_strings(void);
# define RSA_F_RSA_GENERATE_KEY_EX 155
# define RSA_F_RSA_ITEM_VERIFY 156
# define RSA_F_RSA_MEMORY_LOCK 130
# define RSA_F_RSA_MGF1_TO_MD 159
# define RSA_F_RSA_NEW_METHOD 106
# define RSA_F_RSA_NULL 124
# define RSA_F_RSA_NULL_MOD_EXP 131
@@ -486,6 +557,7 @@ void ERR_load_RSA_strings(void);
# define RSA_F_RSA_NULL_PUBLIC_ENCRYPT 135
# define RSA_F_RSA_PADDING_ADD_NONE 107
# define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121
# define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1 160
# define RSA_F_RSA_PADDING_ADD_PKCS1_PSS 125
# define RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1 148
# define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108
@@ -494,6 +566,7 @@ void ERR_load_RSA_strings(void);
# define RSA_F_RSA_PADDING_ADD_X931 127
# define RSA_F_RSA_PADDING_CHECK_NONE 111
# define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP 122
# define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1 161
# define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 112
# define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 113
# define RSA_F_RSA_PADDING_CHECK_SSLV23 114
@@ -504,6 +577,7 @@ void ERR_load_RSA_strings(void);
# define RSA_F_RSA_PRIVATE_ENCRYPT 151
# define RSA_F_RSA_PRIV_DECODE 137
# define RSA_F_RSA_PRIV_ENCODE 138
# define RSA_F_RSA_PSS_TO_CTX 162
# define RSA_F_RSA_PUBLIC_DECRYPT 152
# define RSA_F_RSA_PUBLIC_ENCRYPT 153
# define RSA_F_RSA_PUB_DECODE 139
@@ -529,17 +603,21 @@ void ERR_load_RSA_strings(void);
# define RSA_R_DATA_TOO_LARGE_FOR_MODULUS 132
# define RSA_R_DATA_TOO_SMALL 111
# define RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE 122
# define RSA_R_DIGEST_DOES_NOT_MATCH 166
# define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY 112
# define RSA_R_DMP1_NOT_CONGRUENT_TO_D 124
# define RSA_R_DMQ1_NOT_CONGRUENT_TO_D 125
# define RSA_R_D_E_NOT_CONGRUENT_TO_1 123
# define RSA_R_FIRST_OCTET_INVALID 133
# define RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE 144
# define RSA_R_INVALID_DIGEST 160
# define RSA_R_INVALID_DIGEST_LENGTH 143
# define RSA_R_INVALID_HEADER 137
# define RSA_R_INVALID_KEYBITS 145
# define RSA_R_INVALID_LABEL 161
# define RSA_R_INVALID_MESSAGE_LENGTH 131
# define RSA_R_INVALID_MGF1_MD 156
# define RSA_R_INVALID_OAEP_PARAMETERS 162
# define RSA_R_INVALID_PADDING 138
# define RSA_R_INVALID_PADDING_MODE 141
# define RSA_R_INVALID_PSS_PARAMETERS 149
@@ -559,6 +637,7 @@ void ERR_load_RSA_strings(void);
# define RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 158
# define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 148
# define RSA_R_PADDING_CHECK_FAILED 114
# define RSA_R_PKCS_DECODING_ERROR 159
# define RSA_R_P_NOT_PRIME 128
# define RSA_R_Q_NOT_PRIME 129
# define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED 130
@@ -567,9 +646,12 @@ void ERR_load_RSA_strings(void);
# define RSA_R_SSLV3_ROLLBACK_ATTACK 115
# define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
# define RSA_R_UNKNOWN_ALGORITHM_TYPE 117
# define RSA_R_UNKNOWN_DIGEST 163
# define RSA_R_UNKNOWN_MASK_DIGEST 151
# define RSA_R_UNKNOWN_PADDING_TYPE 118
# define RSA_R_UNKNOWN_PSS_DIGEST 152
# define RSA_R_UNSUPPORTED_ENCRYPTION_TYPE 164
# define RSA_R_UNSUPPORTED_LABEL_SOURCE 165
# define RSA_R_UNSUPPORTED_MASK_ALGORITHM 153
# define RSA_R_UNSUPPORTED_MASK_PARAMETER 154
# define RSA_R_UNSUPPORTED_SIGNATURE_TYPE 155

339
libs/openssl/include/openssl/safestack.h
View File

File diff suppressed because it is too large Load Diff

34
libs/openssl/include/openssl/seed.h
View File

@@ -77,7 +77,6 @@
*
*/
#ifndef HEADER_SEED_H
# define HEADER_SEED_H
@@ -89,7 +88,8 @@
# error SEED is disabled.
# endif
#ifdef AES_LONG /* look whether we need 'long' to get 32 bits */
/* look whether we need 'long' to get 32 bits */
# ifdef AES_LONG
# ifndef SEED_LONG
# define SEED_LONG 1
# endif
@@ -107,7 +107,6 @@
extern "C" {
#endif
typedef struct seed_key_st {
# ifdef SEED_LONG
unsigned long data[32];
@@ -117,20 +116,31 @@ typedef struct seed_key_st {
} SEED_KEY_SCHEDULE;
# ifdef OPENSSL_FIPS
void private_SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH], SEED_KEY_SCHEDULE *ks);
void private_SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH],
SEED_KEY_SCHEDULE *ks);
# endif
void SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH], SEED_KEY_SCHEDULE *ks);
void SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH],
SEED_KEY_SCHEDULE *ks);
void SEED_encrypt(const unsigned char s[SEED_BLOCK_SIZE], unsigned char d[SEED_BLOCK_SIZE], const SEED_KEY_SCHEDULE *ks);
void SEED_decrypt(const unsigned char s[SEED_BLOCK_SIZE], unsigned char d[SEED_BLOCK_SIZE], const SEED_KEY_SCHEDULE *ks);
void SEED_encrypt(const unsigned char s[SEED_BLOCK_SIZE],
unsigned char d[SEED_BLOCK_SIZE],
const SEED_KEY_SCHEDULE *ks);
void SEED_decrypt(const unsigned char s[SEED_BLOCK_SIZE],
unsigned char d[SEED_BLOCK_SIZE],
const SEED_KEY_SCHEDULE *ks);
void SEED_ecb_encrypt(const unsigned char *in, unsigned char *out, const SEED_KEY_SCHEDULE *ks, int enc);
void SEED_cbc_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const SEED_KEY_SCHEDULE *ks, unsigned char ivec[SEED_BLOCK_SIZE], int enc);
void SEED_ecb_encrypt(const unsigned char *in, unsigned char *out,
const SEED_KEY_SCHEDULE *ks, int enc);
void SEED_cbc_encrypt(const unsigned char *in, unsigned char *out, size_t len,
const SEED_KEY_SCHEDULE *ks,
unsigned char ivec[SEED_BLOCK_SIZE], int enc);
void SEED_cfb128_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const SEED_KEY_SCHEDULE *ks, unsigned char ivec[SEED_BLOCK_SIZE], int *num, int enc);
size_t len, const SEED_KEY_SCHEDULE *ks,
unsigned char ivec[SEED_BLOCK_SIZE], int *num,
int enc);
void SEED_ofb128_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const SEED_KEY_SCHEDULE *ks, unsigned char ivec[SEED_BLOCK_SIZE], int *num);
size_t len, const SEED_KEY_SCHEDULE *ks,
unsigned char ivec[SEED_BLOCK_SIZE], int *num);
#ifdef __cplusplus
}

26
libs/openssl/include/openssl/sha.h
View File

@@ -74,7 +74,7 @@ extern "C" {
# define FIPS_SHA_SIZE_T size_t
# endif
/*
/*-
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
* ! SHA_LONG has to be at least 32 bits wide. If it's wider, then !
* ! SHA_LONG_LOG2 has to be defined along. !
@@ -92,13 +92,12 @@ extern "C" {
# define SHA_LBLOCK 16
# define SHA_CBLOCK (SHA_LBLOCK*4)/* SHA treats input data as a
* contiguous array of 32 bit
* wide big-endian values. */
* contiguous array of 32 bit wide
* big-endian values. */
# define SHA_LAST_BLOCK (SHA_CBLOCK-8)
# define SHA_DIGEST_LENGTH 20
typedef struct SHAstate_st
{
typedef struct SHAstate_st {
SHA_LONG h0, h1, h2, h3, h4;
SHA_LONG Nl, Nh;
SHA_LONG data[SHA_LBLOCK];
@@ -127,13 +126,12 @@ void SHA1_Transform(SHA_CTX *c, const unsigned char *data);
# endif
# define SHA256_CBLOCK (SHA_LBLOCK*4)/* SHA-256 treats input data as a
* contiguous array of 32 bit
* wide big-endian values. */
* contiguous array of 32 bit wide
* big-endian values. */
# define SHA224_DIGEST_LENGTH 28
# define SHA256_DIGEST_LENGTH 32
typedef struct SHA256state_st
{
typedef struct SHA256state_st {
SHA_LONG h[8];
SHA_LONG Nl, Nh;
SHA_LONG data[SHA_LBLOCK];
@@ -165,9 +163,12 @@ void SHA256_Transform(SHA256_CTX *c, const unsigned char *data);
* being exactly 64-bit wide. See Implementation Notes in sha512.c
* for further details.
*/
#define SHA512_CBLOCK (SHA_LBLOCK*8) /* SHA-512 treats input data as a
/*
* SHA-512 treats input data as a
* contiguous array of 64 bit
* wide big-endian values. */
* wide big-endian values.
*/
# define SHA512_CBLOCK (SHA_LBLOCK*8)
# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
# define SHA_LONG64 unsigned __int64
# define U64(C) C##UI64
@@ -179,8 +180,7 @@ void SHA256_Transform(SHA256_CTX *c, const unsigned char *data);
# define U64(C) C##ULL
# endif
typedef struct SHA512state_st
{
typedef struct SHA512state_st {
SHA_LONG64 h[8];
SHA_LONG64 Nl, Nh;
union {

47
libs/openssl/include/openssl/srp.h
View File

@@ -1,7 +1,8 @@
/* crypto/srp/srp.h */
/* Written by Christophe Renou (christophe.renou@edelweb.fr) with
* the precious help of Peter Sylvester (peter.sylvester@edelweb.fr)
* for the EdelKey project and contributed to the OpenSSL project 2004.
/*
* Written by Christophe Renou (christophe.renou@edelweb.fr) with the
* precious help of Peter Sylvester (peter.sylvester@edelweb.fr) for the
* EdelKey project and contributed to the OpenSSL project 2004.
*/
/* ====================================================================
* Copyright (c) 2004 The OpenSSL Project. All rights reserved.
@@ -72,8 +73,7 @@ extern "C" {
# include <openssl/bn.h>
# include <openssl/crypto.h>
typedef struct SRP_gN_cache_st
{
typedef struct SRP_gN_cache_st {
char *b64_bn;
BIGNUM *bn;
} SRP_gN_cache;
@@ -81,20 +81,23 @@ typedef struct SRP_gN_cache_st
DECLARE_STACK_OF(SRP_gN_cache)
typedef struct SRP_user_pwd_st
{
typedef struct SRP_user_pwd_st {
/* Owned by us. */
char *id;
BIGNUM *s;
BIGNUM *v;
/* Not owned by us. */
const BIGNUM *g;
const BIGNUM *N;
/* Owned by us. */
char *info;
} SRP_user_pwd;
DECLARE_STACK_OF(SRP_user_pwd)
typedef struct SRP_VBASE_st
{
void SRP_user_pwd_free(SRP_user_pwd *user_pwd);
typedef struct SRP_VBASE_st {
STACK_OF(SRP_user_pwd) *users_pwd;
STACK_OF(SRP_gN_cache) *gN_cache;
/* to simulate a user */
@@ -103,10 +106,10 @@ typedef struct SRP_VBASE_st
BIGNUM *default_N;
} SRP_VBASE;
/*Structure interne pour retenir les couples N et g*/
typedef struct SRP_gN_st
{
/*
* Structure interne pour retenir les couples N et g
*/
typedef struct SRP_gN_st {
char *id;
BIGNUM *g;
BIGNUM *N;
@@ -117,11 +120,16 @@ DECLARE_STACK_OF(SRP_gN)
SRP_VBASE *SRP_VBASE_new(char *seed_key);
int SRP_VBASE_free(SRP_VBASE *vb);
int SRP_VBASE_init(SRP_VBASE *vb, char *verifier_file);
/* This method ignores the configured seed and fails for an unknown user. */
SRP_user_pwd *SRP_VBASE_get_by_user(SRP_VBASE *vb, char *username);
/* NOTE: unlike in SRP_VBASE_get_by_user, caller owns the returned pointer.*/
SRP_user_pwd *SRP_VBASE_get1_by_user(SRP_VBASE *vb, char *username);
char *SRP_create_verifier(const char *user, const char *pass, char **salt,
char **verifier, const char *N, const char *g);
int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt, BIGNUM **verifier, BIGNUM *N, BIGNUM *g);
int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt,
BIGNUM **verifier, BIGNUM *N, BIGNUM *g);
# define SRP_NO_ERROR 0
# define SRP_ERR_VBASE_INCOMPLETE_FILE 1
@@ -143,23 +151,22 @@ int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt, BI
# define DB_SRP_REVOKED 'R'
# define DB_SRP_MODIF 'v'
/* see srp.c */
char *SRP_check_known_gN_param(BIGNUM *g, BIGNUM *N);
SRP_gN *SRP_get_default_gN(const char *id);
/* server side .... */
BIGNUM *SRP_Calc_server_key(BIGNUM *A, BIGNUM *v, BIGNUM *u, BIGNUM *b, BIGNUM *N);
BIGNUM *SRP_Calc_server_key(BIGNUM *A, BIGNUM *v, BIGNUM *u, BIGNUM *b,
BIGNUM *N);
BIGNUM *SRP_Calc_B(BIGNUM *b, BIGNUM *N, BIGNUM *g, BIGNUM *v);
int SRP_Verify_A_mod_N(BIGNUM *A, BIGNUM *N);
BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N);
/* client side .... */
BIGNUM *SRP_Calc_x(BIGNUM *s, const char *user, const char *pass);
BIGNUM *SRP_Calc_A(BIGNUM *a, BIGNUM *N, BIGNUM *g);
BIGNUM *SRP_Calc_client_key(BIGNUM *N, BIGNUM *B, BIGNUM *g, BIGNUM *x, BIGNUM *a, BIGNUM *u);
BIGNUM *SRP_Calc_client_key(BIGNUM *N, BIGNUM *B, BIGNUM *g, BIGNUM *x,
BIGNUM *a, BIGNUM *u);
int SRP_Verify_B_mod_N(BIGNUM *B, BIGNUM *N);
# define SRP_MINIMAL_N 1024

18
libs/openssl/include/openssl/srtp.h
View File

@@ -1,4 +1,4 @@
/* ssl/tls1.h */
/* ssl/srtp.h */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -109,20 +109,20 @@
*
*/
/*
DTLS code by Eric Rescorla <ekr@rtfm.com>
Copyright (C) 2006, Network Resonance, Inc.
Copyright (C) 2011, RTFM, Inc.
* DTLS code by Eric Rescorla <ekr@rtfm.com>
*
* Copyright (C) 2006, Network Resonance, Inc. Copyright (C) 2011, RTFM, Inc.
*/
#ifndef HEADER_D1_SRTP_H
# define HEADER_D1_SRTP_H
# include <openssl/ssl.h>
#ifdef __cplusplus
extern "C" {
#endif
# define SRTP_AES128_CM_SHA1_80 0x0001
# define SRTP_AES128_CM_SHA1_32 0x0002
# define SRTP_AES128_F8_SHA1_80 0x0003
@@ -130,16 +130,18 @@ extern "C" {
# define SRTP_NULL_SHA1_80 0x0005
# define SRTP_NULL_SHA1_32 0x0006
# ifndef OPENSSL_NO_SRTP
int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles);
int SSL_set_tlsext_use_srtp(SSL *ctx, const char *profiles);
SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s);
STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *ssl);
SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s);
# endif
#ifdef __cplusplus
}
#endif
#endif

1403
libs/openssl/include/openssl/ssl.h
View File

File diff suppressed because it is too large Load Diff

29
libs/openssl/include/openssl/ssl2.h
View File

@@ -136,12 +136,15 @@ extern "C" {
# ifdef OPENSSL_SYS_MPE
# define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER 29998u
# else
#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER 32767u /* 2^15-1 */
# define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER 32767u
/* 2^15-1 */
# endif
# define SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER 16383/* 2^14-1 */
# define SSL2_CHALLENGE_LENGTH 16
/*#define SSL2_CHALLENGE_LENGTH 32 */
/*
* #define SSL2_CHALLENGE_LENGTH 32
*/
# define SSL2_MIN_CHALLENGE_LENGTH 16
# define SSL2_MAX_CHALLENGE_LENGTH 32
# define SSL2_CONNECTION_ID_LENGTH 16
@@ -157,32 +160,27 @@ extern "C" {
# ifndef OPENSSL_NO_SSL_INTERN
typedef struct ssl2_state_st
{
typedef struct ssl2_state_st {
int three_byte_header;
int clear_text; /* clear text */
int escape; /* not used in SSLv2 */
int ssl2_rollback; /* used if SSLv23 rolled back to SSLv2 */
/* non-blocking io info, used to make sure the same
* args were passwd */
/*
* non-blocking io info, used to make sure the same args were passwd
*/
unsigned int wnum; /* number of bytes sent so far */
int wpend_tot;
const unsigned char *wpend_buf;
int wpend_off; /* offset to data to write */
int wpend_len; /* number of bytes passwd to write */
int wpend_ret; /* number of bytes to return to caller */
/* buffer raw data */
int rbuf_left;
int rbuf_offs;
unsigned char *rbuf;
unsigned char *wbuf;
unsigned char *write_ptr;/* used to point to the start due to
* 2/3 byte header. */
unsigned char *write_ptr; /* used to point to the start due to 2/3 byte
* header. */
unsigned int padding;
unsigned int rlength; /* passed to ssl2_enc */
int ract_data_length; /* Set when things are encrypted. */
@@ -191,10 +189,8 @@ typedef struct ssl2_state_st
unsigned char *ract_data;
unsigned char *wact_data;
unsigned char *mac_data;
unsigned char *read_key;
unsigned char *write_key;
/* Stuff specifically to do with this SSL session */
unsigned int challenge_length;
unsigned char challenge[SSL2_MAX_CHALLENGE_LENGTH];
@@ -202,10 +198,8 @@ typedef struct ssl2_state_st
unsigned char conn_id[SSL2_MAX_CONNECTION_ID_LENGTH];
unsigned int key_material_length;
unsigned char key_material[SSL2_MAX_KEY_MATERIAL_LENGTH * 2];
unsigned long read_sequence;
unsigned long write_sequence;
struct {
unsigned int conn_id_length;
unsigned int cert_type;
@@ -269,4 +263,3 @@ typedef struct ssl2_state_st
}
#endif
#endif

5
libs/openssl/include/openssl/ssl23.h
View File

@@ -63,7 +63,9 @@
extern "C" {
#endif
/*client */
/*
* client
*/
/* write to server */
# define SSL23_ST_CW_CLNT_HELLO_A (0x210|SSL_ST_CONNECT)
# define SSL23_ST_CW_CLNT_HELLO_B (0x211|SSL_ST_CONNECT)
@@ -80,4 +82,3 @@ extern "C" {
}
#endif
#endif

276
libs/openssl/include/openssl/ssl3.h
View File

@@ -128,9 +128,18 @@
extern "C" {
#endif
/* Signalling cipher suite value: from draft-ietf-tls-renegotiation-03.txt */
/*
* Signalling cipher suite value from RFC 5746
* (TLS_EMPTY_RENEGOTIATION_INFO_SCSV)
*/
# define SSL3_CK_SCSV 0x030000FF
/*
* Signalling cipher suite value from draft-ietf-tls-downgrade-scsv-00
* (TLS_FALLBACK_SCSV)
*/
# define SSL3_CK_FALLBACK_SCSV 0x03005600
# define SSL3_CK_RSA_NULL_MD5 0x03000001
# define SSL3_CK_RSA_NULL_SHA 0x03000002
# define SSL3_CK_RSA_RC4_40_MD5 0x03000003
@@ -150,11 +159,17 @@ extern "C" {
# define SSL3_CK_DH_RSA_DES_192_CBC3_SHA 0x03000010
# define SSL3_CK_EDH_DSS_DES_40_CBC_SHA 0x03000011
# define SSL3_CK_DHE_DSS_DES_40_CBC_SHA SSL3_CK_EDH_DSS_DES_40_CBC_SHA
# define SSL3_CK_EDH_DSS_DES_64_CBC_SHA 0x03000012
# define SSL3_CK_DHE_DSS_DES_64_CBC_SHA SSL3_CK_EDH_DSS_DES_64_CBC_SHA
# define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA 0x03000013
# define SSL3_CK_DHE_DSS_DES_192_CBC3_SHA SSL3_CK_EDH_DSS_DES_192_CBC3_SHA
# define SSL3_CK_EDH_RSA_DES_40_CBC_SHA 0x03000014
# define SSL3_CK_DHE_RSA_DES_40_CBC_SHA SSL3_CK_EDH_RSA_DES_40_CBC_SHA
# define SSL3_CK_EDH_RSA_DES_64_CBC_SHA 0x03000015
# define SSL3_CK_DHE_RSA_DES_64_CBC_SHA SSL3_CK_EDH_RSA_DES_64_CBC_SHA
# define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA 0x03000016
# define SSL3_CK_DHE_RSA_DES_192_CBC3_SHA SSL3_CK_EDH_RSA_DES_192_CBC3_SHA
# define SSL3_CK_ADH_RC4_40_MD5 0x03000017
# define SSL3_CK_ADH_RC4_128_MD5 0x03000018
@@ -165,14 +180,17 @@ extern "C" {
# if 0
# define SSL3_CK_FZA_DMS_NULL_SHA 0x0300001C
# define SSL3_CK_FZA_DMS_FZA_SHA 0x0300001D
#if 0 /* Because it clashes with KRB5, is never used any more, and is safe
to remove according to David Hopwood <david.hopwood@zetnet.co.uk>
of the ietf-tls list */
# if 0 /* Because it clashes with KRB5, is never
* used any more, and is safe to remove
* according to David Hopwood
* <david.hopwood@zetnet.co.uk> of the
* ietf-tls list */
# define SSL3_CK_FZA_DMS_RC4_SHA 0x0300001E
# endif
# endif
/* VRS Additional Kerberos5 entries
/*
* VRS Additional Kerberos5 entries
*/
# define SSL3_CK_KRB5_DES_64_CBC_SHA 0x0300001E
# define SSL3_CK_KRB5_DES_192_CBC3_SHA 0x0300001F
@@ -208,6 +226,18 @@ extern "C" {
# define SSL3_TXT_DH_RSA_DES_64_CBC_SHA "DH-RSA-DES-CBC-SHA"
# define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA "DH-RSA-DES-CBC3-SHA"
# define SSL3_TXT_DHE_DSS_DES_40_CBC_SHA "EXP-DHE-DSS-DES-CBC-SHA"
# define SSL3_TXT_DHE_DSS_DES_64_CBC_SHA "DHE-DSS-DES-CBC-SHA"
# define SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA "DHE-DSS-DES-CBC3-SHA"
# define SSL3_TXT_DHE_RSA_DES_40_CBC_SHA "EXP-DHE-RSA-DES-CBC-SHA"
# define SSL3_TXT_DHE_RSA_DES_64_CBC_SHA "DHE-RSA-DES-CBC-SHA"
# define SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA "DHE-RSA-DES-CBC3-SHA"
/*
* This next block of six "EDH" labels is for backward compatibility with
* older versions of OpenSSL. New code should use the six "DHE" labels above
* instead:
*/
# define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA "EXP-EDH-DSS-DES-CBC-SHA"
# define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA "EDH-DSS-DES-CBC-SHA"
# define SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA "EDH-DSS-DES-CBC3-SHA"
@@ -251,13 +281,17 @@ extern "C" {
# define SSL3_SESSION_ID_SIZE 32
# define SSL3_RT_HEADER_LENGTH 5
# define SSL3_HM_HEADER_LENGTH 4
# ifndef SSL3_ALIGN_PAYLOAD
/* Some will argue that this increases memory footprint, but it's
* not actually true. Point is that malloc has to return at least
* 64-bit aligned pointers, meaning that allocating 5 bytes wastes
* 3 bytes in either case. Suggested pre-gaping simply moves these
* wasted bytes from the end of allocated region to its front,
* but makes data payload aligned, which improves performance:-) */
/*
* Some will argue that this increases memory footprint, but it's not
* actually true. Point is that malloc has to return at least 64-bit aligned
* pointers, meaning that allocating 5 bytes wastes 3 bytes in either case.
* Suggested pre-gaping simply moves these wasted bytes from the end of
* allocated region to its front, but makes data payload aligned, which
* improves performance:-)
*/
# define SSL3_ALIGN_PAYLOAD 8
# else
# if (SSL3_ALIGN_PAYLOAD&(SSL3_ALIGN_PAYLOAD-1))!=0
@@ -266,14 +300,16 @@ extern "C" {
# endif
# endif
/* This is the maximum MAC (digest) size used by the SSL library.
* Currently maximum of 20 is used by SHA1, but we reserve for
* future extension for 512-bit hashes.
/*
* This is the maximum MAC (digest) size used by the SSL library. Currently
* maximum of 20 is used by SHA1, but we reserve for future extension for
* 512-bit hashes.
*/
# define SSL3_RT_MAX_MD_SIZE 64
/* Maximum block size used in all ciphersuites. Currently 16 for AES.
/*
* Maximum block size used in all ciphersuites. Currently 16 for AES.
*/
# define SSL_RT_MAX_CIPHER_BLOCK_SIZE 16
@@ -285,14 +321,16 @@ extern "C" {
/* Maximum compression overhead: defined by SSL/TLS standards */
# define SSL3_RT_MAX_COMPRESSED_OVERHEAD 1024
/* The standards give a maximum encryption overhead of 1024 bytes.
* In practice the value is lower than this. The overhead is the maximum
* number of padding bytes (256) plus the mac size.
/*
* The standards give a maximum encryption overhead of 1024 bytes. In
* practice the value is lower than this. The overhead is the maximum number
* of padding bytes (256) plus the mac size.
*/
# define SSL3_RT_MAX_ENCRYPTED_OVERHEAD (256 + SSL3_RT_MAX_MD_SIZE)
/* OpenSSL currently only uses a padding length of at most one block so
* the send overhead is smaller.
/*
* OpenSSL currently only uses a padding length of at most one block so the
* send overhead is smaller.
*/
# define SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD \
@@ -324,6 +362,23 @@ extern "C" {
# define SSL3_RT_APPLICATION_DATA 23
# define TLS1_RT_HEARTBEAT 24
/* Pseudo content types to indicate additional parameters */
# define TLS1_RT_CRYPTO 0x1000
# define TLS1_RT_CRYPTO_PREMASTER (TLS1_RT_CRYPTO | 0x1)
# define TLS1_RT_CRYPTO_CLIENT_RANDOM (TLS1_RT_CRYPTO | 0x2)
# define TLS1_RT_CRYPTO_SERVER_RANDOM (TLS1_RT_CRYPTO | 0x3)
# define TLS1_RT_CRYPTO_MASTER (TLS1_RT_CRYPTO | 0x4)
# define TLS1_RT_CRYPTO_READ 0x0000
# define TLS1_RT_CRYPTO_WRITE 0x0100
# define TLS1_RT_CRYPTO_MAC (TLS1_RT_CRYPTO | 0x5)
# define TLS1_RT_CRYPTO_KEY (TLS1_RT_CRYPTO | 0x6)
# define TLS1_RT_CRYPTO_IV (TLS1_RT_CRYPTO | 0x7)
# define TLS1_RT_CRYPTO_FIXED_IV (TLS1_RT_CRYPTO | 0x8)
/* Pseudo content type for SSL/TLS header info */
# define SSL3_RT_HEADER 0x100
# define SSL3_AL_WARNING 1
# define SSL3_AL_FATAL 2
@@ -345,25 +400,50 @@ extern "C" {
# ifndef OPENSSL_NO_SSL_INTERN
typedef struct ssl3_record_st
{
/*r */ int type; /* type of record */
/*rw*/ unsigned int length; /* How many bytes available */
/*r */ unsigned int off; /* read/write offset into 'buf' */
/*rw*/ unsigned char *data; /* pointer to the record data */
/*rw*/ unsigned char *input; /* where the decode bytes are */
/*r */ unsigned char *comp; /* only used with decompression - malloc()ed */
/*r */ unsigned long epoch; /* epoch number, needed by DTLS1 */
/*r */ unsigned char seq_num[8]; /* sequence number, needed by DTLS1 */
typedef struct ssl3_record_st {
/* type of record */
/*
* r
*/ int type;
/* How many bytes available */
/*
* rw
*/ unsigned int length;
/* read/write offset into 'buf' */
/*
* r
*/ unsigned int off;
/* pointer to the record data */
/*
* rw
*/ unsigned char *data;
/* where the decode bytes are */
/*
* rw
*/ unsigned char *input;
/* only used with decompression - malloc()ed */
/*
* r
*/ unsigned char *comp;
/* epoch number, needed by DTLS1 */
/*
* r
*/ unsigned long epoch;
/* sequence number, needed by DTLS1 */
/*
* r
*/ unsigned char seq_num[8];
} SSL3_RECORD;
typedef struct ssl3_buffer_st
{
unsigned char *buf; /* at least SSL3_RT_MAX_PACKET_SIZE bytes,
* see ssl3_setup_buffers() */
size_t len; /* buffer size */
int offset; /* where to 'copy from' */
int left; /* how many bytes left */
typedef struct ssl3_buffer_st {
/* at least SSL3_RT_MAX_PACKET_SIZE bytes, see ssl3_setup_buffers() */
unsigned char *buf;
/* buffer size */
size_t len;
/* where to 'copy from' */
int offset;
/* how many bytes left */
int left;
} SSL3_BUFFER;
# endif
@@ -375,148 +455,130 @@ typedef struct ssl3_buffer_st
# define SSL3_CT_RSA_EPHEMERAL_DH 5
# define SSL3_CT_DSS_EPHEMERAL_DH 6
# define SSL3_CT_FORTEZZA_DMS 20
/* SSL3_CT_NUMBER is used to size arrays and it must be large
* enough to contain all of the cert types defined either for
* SSLv3 and TLSv1.
/*
* SSL3_CT_NUMBER is used to size arrays and it must be large enough to
* contain all of the cert types defined either for SSLv3 and TLSv1.
*/
# define SSL3_CT_NUMBER 9
# define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001
# define SSL3_FLAGS_DELAY_CLIENT_FINISHED 0x0002
# define SSL3_FLAGS_POP_BUFFER 0x0004
# define TLS1_FLAGS_TLS_PADDING_BUG 0x0008
# define TLS1_FLAGS_SKIP_CERT_VERIFY 0x0010
# define TLS1_FLAGS_KEEP_HANDSHAKE 0x0020
/*
* Set when the handshake is ready to process peer's ChangeCipherSpec message.
* Cleared after the message has been processed.
*/
# define SSL3_FLAGS_CCS_OK 0x0080
/* SSL3_FLAGS_SGC_RESTART_DONE is set when we
* restart a handshake because of MS SGC and so prevents us
* from restarting the handshake in a loop. It's reset on a
* renegotiation, so effectively limits the client to one restart
* per negotiation. This limits the possibility of a DDoS
* attack where the client handshakes in a loop using SGC to
* restart. Servers which permit renegotiation can still be
* effected, but we can't prevent that.
*/
/* SSL3_FLAGS_SGC_RESTART_DONE is no longer used */
# define SSL3_FLAGS_SGC_RESTART_DONE 0x0040
# ifndef OPENSSL_NO_SSL_INTERN
typedef struct ssl3_state_st
{
typedef struct ssl3_state_st {
long flags;
int delay_buf_pop_ret;
unsigned char read_sequence[8];
int read_mac_secret_size;
unsigned char read_mac_secret[EVP_MAX_MD_SIZE];
unsigned char write_sequence[8];
int write_mac_secret_size;
unsigned char write_mac_secret[EVP_MAX_MD_SIZE];
unsigned char server_random[SSL3_RANDOM_SIZE];
unsigned char client_random[SSL3_RANDOM_SIZE];
/* flags for countermeasure against known-IV weakness */
int need_empty_fragments;
int empty_fragment_done;
/* The value of 'extra' when the buffers were initialized */
int init_extra;
SSL3_BUFFER rbuf; /* read IO goes into here */
SSL3_BUFFER wbuf; /* write IO goes into here */
SSL3_RECORD rrec; /* each decoded record goes in here */
SSL3_RECORD wrec; /* goes out from here */
/* storage for Alert/Handshake protocol data received but not
* yet processed by ssl3_read_bytes: */
/*
* storage for Alert/Handshake protocol data received but not yet
* processed by ssl3_read_bytes:
*/
unsigned char alert_fragment[2];
unsigned int alert_fragment_len;
unsigned char handshake_fragment[4];
unsigned int handshake_fragment_len;
/* partial write - check the numbers match */
unsigned int wnum; /* number of bytes sent so far */
int wpend_tot; /* number bytes written */
int wpend_type;
int wpend_ret; /* number of bytes submitted */
const unsigned char *wpend_buf;
/* used during startup, digest all incoming/outgoing packets */
BIO *handshake_buffer;
/* When set of handshake digests is determined, buffer is hashed
* and freed and MD_CTX-es for all required digests are stored in
* this array */
/*
* When set of handshake digests is determined, buffer is hashed and
* freed and MD_CTX-es for all required digests are stored in this array
*/
EVP_MD_CTX **handshake_dgst;
/* this is set whenerver we see a change_cipher_spec message
* come in when we are not looking for one */
/*
* Set whenever an expected ChangeCipherSpec message is processed.
* Unset when the peer's Finished message is received.
* Unexpected ChangeCipherSpec messages trigger a fatal alert.
*/
int change_cipher_spec;
int warn_alert;
int fatal_alert;
/* we allow one fatal and one warning alert to be outstanding,
* send close alert via the warning alert */
/*
* we allow one fatal and one warning alert to be outstanding, send close
* alert via the warning alert
*/
int alert_dispatch;
unsigned char send_alert[2];
/* This flag is set when we should renegotiate ASAP, basically when
* there is no more data in the read or write buffers */
/*
* This flag is set when we should renegotiate ASAP, basically when there
* is no more data in the read or write buffers
*/
int renegotiate;
int total_renegotiations;
int num_renegotiations;
int in_read_app_data;
/* Opaque PRF input as used for the current handshake.
* These fields are used only if TLSEXT_TYPE_opaque_prf_input is defined
* (otherwise, they are merely present to improve binary compatibility) */
/*
* Opaque PRF input as used for the current handshake. These fields are
* used only if TLSEXT_TYPE_opaque_prf_input is defined (otherwise, they
* are merely present to improve binary compatibility)
*/
void *client_opaque_prf_input;
size_t client_opaque_prf_input_len;
void *server_opaque_prf_input;
size_t server_opaque_prf_input_len;
struct {
/* actually only needs to be 16+20 */
unsigned char cert_verify_md[EVP_MAX_MD_SIZE * 2];
/* actually only need to be 16+20 for SSLv3 and 12 for TLS */
unsigned char finish_md[EVP_MAX_MD_SIZE * 2];
int finish_md_len;
unsigned char peer_finish_md[EVP_MAX_MD_SIZE * 2];
int peer_finish_md_len;
unsigned long message_size;
int message_type;
/* used to hold the new cipher we are going to use */
const SSL_CIPHER *new_cipher;
# ifndef OPENSSL_NO_DH
DH *dh;
# endif
# ifndef OPENSSL_NO_ECDH
EC_KEY *ecdh; /* holds short lived ECDH key */
# endif
/* used when SSL_ST_FLUSH_DATA is entered */
int next_state;
int reuse_message;
/* used for certificate requests */
int cert_req;
int ctype_num;
char ctype[SSL3_CT_NUMBER];
STACK_OF(X509_NAME) *ca_names;
int use_rsa_tmp;
int key_block_length;
unsigned char *key_block;
const EVP_CIPHER *new_sym_enc;
const EVP_MD *new_hash;
int new_mac_pkey_type;
@@ -537,24 +599,43 @@ typedef struct ssl3_state_st
int send_connection_binding; /* TODOEKR */
# ifndef OPENSSL_NO_NEXTPROTONEG
/* Set if we saw the Next Protocol Negotiation extension from our peer. */
/*
* Set if we saw the Next Protocol Negotiation extension from our peer.
*/
int next_proto_neg_seen;
# endif
# ifndef OPENSSL_NO_TLSEXT
# ifndef OPENSSL_NO_EC
/* This is set to true if we believe that this is a version of Safari
* running on OS X 10.6 or newer. We wish to know this because Safari
* on 10.8 .. 10.8.3 has broken ECDHE-ECDSA support. */
/*
* This is set to true if we believe that this is a version of Safari
* running on OS X 10.6 or newer. We wish to know this because Safari on
* 10.8 .. 10.8.3 has broken ECDHE-ECDSA support.
*/
char is_probably_safari;
# endif /* !OPENSSL_NO_EC */
#endif /* !OPENSSL_NO_TLSEXT */
/*
* ALPN information (we are in the process of transitioning from NPN to
* ALPN.)
*/
/*
* In a server these point to the selected ALPN protocol after the
* ClientHello has been processed. In a client these contain the protocol
* that the server selected once the ServerHello has been processed.
*/
unsigned char *alpn_selected;
unsigned alpn_selected_len;
# endif /* OPENSSL_NO_TLSEXT */
} SSL3_STATE;
# endif
/* SSLv3 */
/*client */
/*
* client
*/
/* extra state */
# define SSL3_ST_CW_FLUSH (0x100|SSL_ST_CONNECT)
# ifndef OPENSSL_NO_SCTP
@@ -616,6 +697,7 @@ typedef struct ssl3_state_st
# define SSL3_ST_SR_CLNT_HELLO_A (0x110|SSL_ST_ACCEPT)
# define SSL3_ST_SR_CLNT_HELLO_B (0x111|SSL_ST_ACCEPT)
# define SSL3_ST_SR_CLNT_HELLO_C (0x112|SSL_ST_ACCEPT)
# define SSL3_ST_SR_CLNT_HELLO_D (0x115|SSL_ST_ACCEPT)
/* write to client */
# define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A (0x113|SSL_ST_ACCEPT)
# define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B (0x114|SSL_ST_ACCEPT)
@@ -674,7 +756,6 @@ typedef struct ssl3_state_st
# endif
# define DTLS1_MT_HELLO_VERIFY_REQUEST 3
# define SSL3_MT_CCS 1
/* These are used when changing over to a new cipher */
@@ -691,4 +772,3 @@ typedef struct ssl3_state_st
}
#endif
#endif

5
libs/openssl/include/openssl/stack.h
View File

@@ -63,12 +63,10 @@
extern "C" {
#endif
typedef struct stack_st
{
typedef struct stack_st {
int num;
char **data;
int sorted;
int num_alloc;
int (*comp) (const void *, const void *);
} _STACK; /* Use STACK_OF(...) instead */
@@ -85,6 +83,7 @@ _STACK *sk_new(int (*cmp)(const void *, const void *));
_STACK *sk_new_null(void);
void sk_free(_STACK *);
void sk_pop_free(_STACK *st, void (*func) (void *));
_STACK *sk_deep_copy(_STACK *, void *(*)(void *), void (*)(void *));
int sk_insert(_STACK *sk, void *data, int where);
void *sk_delete(_STACK *st, int loc);
void *sk_delete_ptr(_STACK *st, void *p);

77
libs/openssl/include/openssl/symhacks.h
View File

@@ -57,14 +57,18 @@
# include <openssl/e_os2.h>
/* Hacks to solve the problem with linkers incapable of handling very long
symbol names. In the case of VMS, the limit is 31 characters on VMS for
VAX. */
/* Note that this affects util/libeay.num and util/ssleay.num... you may
change those manually, but that's not recommended, as those files are
controlled centrally and updated on Unix, and the central definition
may disagree with yours, which in turn may come with shareable library
incompatibilities. */
/*
* Hacks to solve the problem with linkers incapable of handling very long
* symbol names. In the case of VMS, the limit is 31 characters on VMS for
* VAX.
*/
/*
* Note that this affects util/libeay.num and util/ssleay.num... you may
* change those manually, but that's not recommended, as those files are
* controlled centrally and updated on Unix, and the central definition may
* disagree with yours, which in turn may come with shareable library
* incompatibilities.
*/
# ifdef OPENSSL_SYS_VMS
/* Hack a long name in crypto/ex_data.c */
@@ -77,7 +81,8 @@
# undef ASN1_STRING_set_default_mask_asc
# define ASN1_STRING_set_default_mask_asc ASN1_STRING_set_def_mask_asc
#if 0 /* No longer needed, since safestack macro magic does the job */
# if 0 /* No longer needed, since safestack macro
* magic does the job */
/* Hack the names created with DECLARE_ASN1_SET_OF(PKCS7_SIGNER_INFO) */
# undef i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO
# define i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO i2d_ASN1_SET_OF_PKCS7_SIGINF
@@ -85,7 +90,8 @@
# define d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO d2i_ASN1_SET_OF_PKCS7_SIGINF
# endif
#if 0 /* No longer needed, since safestack macro magic does the job */
# if 0 /* No longer needed, since safestack macro
* magic does the job */
/* Hack the names created with DECLARE_ASN1_SET_OF(PKCS7_RECIP_INFO) */
# undef i2d_ASN1_SET_OF_PKCS7_RECIP_INFO
# define i2d_ASN1_SET_OF_PKCS7_RECIP_INFO i2d_ASN1_SET_OF_PKCS7_RECINF
@@ -93,7 +99,8 @@
# define d2i_ASN1_SET_OF_PKCS7_RECIP_INFO d2i_ASN1_SET_OF_PKCS7_RECINF
# endif
#if 0 /* No longer needed, since safestack macro magic does the job */
# if 0 /* No longer needed, since safestack macro
* magic does the job */
/* Hack the names created with DECLARE_ASN1_SET_OF(ACCESS_DESCRIPTION) */
# undef i2d_ASN1_SET_OF_ACCESS_DESCRIPTION
# define i2d_ASN1_SET_OF_ACCESS_DESCRIPTION i2d_ASN1_SET_OF_ACC_DESC
@@ -159,7 +166,7 @@
# undef CRYPTO_get_locked_mem_ex_functions
# define CRYPTO_get_locked_mem_ex_functions CRYPTO_get_locked_mem_ex_funcs
/* Hack some long SSL names */
/* Hack some long SSL/TLS names */
# undef SSL_CTX_set_default_verify_paths
# define SSL_CTX_set_default_verify_paths SSL_CTX_set_def_verify_paths
# undef SSL_get_ex_data_X509_STORE_CTX_idx
@@ -176,6 +183,10 @@
# define SSL_CTX_set_default_passwd_cb_userdata SSL_CTX_set_def_passwd_cb_ud
# undef SSL_COMP_get_compression_methods
# define SSL_COMP_get_compression_methods SSL_COMP_get_compress_methods
# undef SSL_COMP_set0_compression_methods
# define SSL_COMP_set0_compression_methods SSL_COMP_set0_compress_methods
# undef SSL_COMP_free_compression_methods
# define SSL_COMP_free_compression_methods SSL_COMP_free_compress_methods
# undef ssl_add_clienthello_renegotiate_ext
# define ssl_add_clienthello_renegotiate_ext ssl_add_clienthello_reneg_ext
# undef ssl_add_serverhello_renegotiate_ext
@@ -204,6 +215,16 @@
# define SSL_CTX_set_next_protos_advertised_cb SSL_CTX_set_next_protos_adv_cb
# undef SSL_CTX_set_next_proto_select_cb
# define SSL_CTX_set_next_proto_select_cb SSL_CTX_set_next_proto_sel_cb
# undef tls1_send_server_supplemental_data
# define tls1_send_server_supplemental_data tls1_send_server_suppl_data
# undef tls1_send_client_supplemental_data
# define tls1_send_client_supplemental_data tls1_send_client_suppl_data
# undef tls1_get_server_supplemental_data
# define tls1_get_server_supplemental_data tls1_get_server_suppl_data
# undef tls1_get_client_supplemental_data
# define tls1_get_client_supplemental_data tls1_get_client_suppl_data
# undef ssl3_cbc_record_digest_supported
# define ssl3_cbc_record_digest_supported ssl3_cbc_record_digest_support
# undef ssl_check_clienthello_tlsext_late
@@ -211,7 +232,11 @@
# undef ssl_check_clienthello_tlsext_early
# define ssl_check_clienthello_tlsext_early ssl_check_clihello_tlsext_early
/* Hack some long ENGINE names */
/* Hack some RSA long names */
# undef RSA_padding_check_PKCS1_OAEP_mgf1
# define RSA_padding_check_PKCS1_OAEP_mgf1 RSA_pad_check_PKCS1_OAEP_mgf1
/* Hack some ENGINE long names */
# undef ENGINE_get_default_BN_mod_exp_crt
# define ENGINE_get_default_BN_mod_exp_crt ENGINE_get_def_BN_mod_exp_crt
# undef ENGINE_set_default_BN_mod_exp_crt
@@ -420,6 +445,18 @@
# define CMS_OriginatorIdentifierOrKey_it CMS_OriginatorIdOrKey_it
# undef cms_SignerIdentifier_get0_signer_id
# define cms_SignerIdentifier_get0_signer_id cms_SignerId_get0_signer_id
# undef CMS_RecipientInfo_kari_get0_orig_id
# define CMS_RecipientInfo_kari_get0_orig_id CMS_RecipInfo_kari_get0_orig_id
# undef CMS_RecipientInfo_kari_get0_reks
# define CMS_RecipientInfo_kari_get0_reks CMS_RecipInfo_kari_get0_reks
# undef CMS_RecipientEncryptedKey_cert_cmp
# define CMS_RecipientEncryptedKey_cert_cmp CMS_RecipEncryptedKey_cert_cmp
# undef CMS_RecipientInfo_kari_set0_pkey
# define CMS_RecipientInfo_kari_set0_pkey CMS_RecipInfo_kari_set0_pkey
# undef CMS_RecipientEncryptedKey_get0_id
# define CMS_RecipientEncryptedKey_get0_id CMS_RecipEncryptedKey_get0_id
# undef CMS_RecipientInfo_kari_orig_id_cmp
# define CMS_RecipientInfo_kari_orig_id_cmp CMS_RecipInfo_kari_orig_id_cmp
/* Hack some long DTLS1 names */
# undef dtls1_retransmit_buffered_messages
@@ -439,7 +476,6 @@
# endif /* defined OPENSSL_SYS_VMS */
/* Case insensitive linking causes problems.... */
# if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2)
# undef ERR_load_CRYPTO_strings
@@ -456,12 +492,12 @@
# undef i2d_ECPKPARAMETERS
# define i2d_ECPKPARAMETERS i2d_UC_ECPKPARAMETERS
/* These functions do not seem to exist! However, I'm paranoid...
Original command in x509v3.h:
These functions are being redefined in another directory,
and clash when the linker is case-insensitive, so let's
hide them a little, by giving them an extra 'o' at the
beginning of the name... */
/*
* These functions do not seem to exist! However, I'm paranoid... Original
* command in x509v3.h: These functions are being redefined in another
* directory, and clash when the linker is case-insensitive, so let's hide
* them a little, by giving them an extra 'o' at the beginning of the name...
*/
# undef X509v3_cleanup_extensions
# define X509v3_cleanup_extensions oX509v3_cleanup_extensions
# undef X509v3_add_extension
@@ -477,5 +513,4 @@
# endif
#endif /* ! defined HEADER_VMS_IDHACKS_H */

171
libs/openssl/include/openssl/tls1.h
View File

@@ -159,17 +159,19 @@ extern "C" {
# define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 0
#define TLS1_2_VERSION 0x0303
#define TLS1_2_VERSION_MAJOR 0x03
#define TLS1_2_VERSION_MINOR 0x03
# define TLS1_VERSION 0x0301
# define TLS1_1_VERSION 0x0302
# define TLS1_2_VERSION 0x0303
# define TLS_MAX_VERSION TLS1_2_VERSION
# define TLS1_VERSION_MAJOR 0x03
# define TLS1_VERSION_MINOR 0x01
# define TLS1_1_VERSION_MAJOR 0x03
# define TLS1_1_VERSION_MINOR 0x02
#define TLS1_VERSION 0x0301
#define TLS1_VERSION_MAJOR 0x03
#define TLS1_VERSION_MINOR 0x01
# define TLS1_2_VERSION_MAJOR 0x03
# define TLS1_2_VERSION_MINOR 0x03
# define TLS1_get_version(s) \
((s->version >> 8) == TLS1_VERSION_MAJOR ? s->version : 0)
@@ -187,6 +189,7 @@ extern "C" {
# define TLS1_AD_PROTOCOL_VERSION 70/* fatal */
# define TLS1_AD_INSUFFICIENT_SECURITY 71/* fatal */
# define TLS1_AD_INTERNAL_ERROR 80/* fatal */
# define TLS1_AD_INAPPROPRIATE_FALLBACK 86/* fatal */
# define TLS1_AD_USER_CANCELLED 90
# define TLS1_AD_NO_RENEGOTIATION 100
/* codes 110-114 are from RFC3546 */
@@ -206,11 +209,9 @@ extern "C" {
# define TLSEXT_TYPE_status_request 5
/* ExtensionType values from RFC4681 */
# define TLSEXT_TYPE_user_mapping 6
/* ExtensionType values from RFC5878 */
# define TLSEXT_TYPE_client_authz 7
# define TLSEXT_TYPE_server_authz 8
/* ExtensionType values from RFC6091 */
# define TLSEXT_TYPE_cert_type 9
@@ -230,9 +231,12 @@ extern "C" {
/* ExtensionType value from RFC5620 */
# define TLSEXT_TYPE_heartbeat 15
/* ExtensionType value for TLS padding extension.
* http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml
* http://tools.ietf.org/html/draft-agl-tls-padding-03
/* ExtensionType value from RFC7301 */
# define TLSEXT_TYPE_application_layer_protocol_negotiation 16
/*
* ExtensionType value for TLS padding extension.
* http://tools.ietf.org/html/draft-agl-tls-padding
*/
# define TLSEXT_TYPE_padding 21
@@ -240,10 +244,13 @@ extern "C" {
# define TLSEXT_TYPE_session_ticket 35
/* ExtensionType value from draft-rescorla-tls-opaque-prf-input-00.txt */
#if 0 /* will have to be provided externally for now ,
# if 0
/*
* will have to be provided externally for now ,
* i.e. build with -DTLSEXT_TYPE_opaque_prf_input=38183
* using whatever extension number you'd like to try */
# define TLSEXT_TYPE_opaque_prf_input ?? */
* using whatever extension number you'd like to try
*/
# define TLSEXT_TYPE_opaque_prf_input ??
# endif
/* Temporary extension type */
@@ -259,7 +266,7 @@ extern "C" {
/* status request value from RFC3546 */
# define TLSEXT_STATUSTYPE_ocsp 1
/* ECPointFormat values from draft-ietf-tls-ecc-12 */
/* ECPointFormat values from RFC4492 */
# define TLSEXT_ECPOINTFORMAT_first 0
# define TLSEXT_ECPOINTFORMAT_uncompressed 0
# define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime 1
@@ -267,12 +274,14 @@ extern "C" {
# define TLSEXT_ECPOINTFORMAT_last 2
/* Signature and hash algorithms from RFC5246 */
# define TLSEXT_signature_anonymous 0
# define TLSEXT_signature_rsa 1
# define TLSEXT_signature_dsa 2
# define TLSEXT_signature_ecdsa 3
/* Total number of different signature algorithms */
# define TLSEXT_signature_num 4
# define TLSEXT_hash_none 0
# define TLSEXT_hash_md5 1
# define TLSEXT_hash_sha1 2
@@ -281,23 +290,46 @@ extern "C" {
# define TLSEXT_hash_sha384 5
# define TLSEXT_hash_sha512 6
/* Total number of different digest algorithms */
# define TLSEXT_hash_num 7
/* Flag set for unrecognised algorithms */
# define TLSEXT_nid_unknown 0x1000000
/* ECC curves */
# define TLSEXT_curve_P_256 23
# define TLSEXT_curve_P_384 24
# ifndef OPENSSL_NO_TLSEXT
# define TLSEXT_MAXLEN_host_name 255
const char *SSL_get_servername(const SSL *s, const int type);
int SSL_get_servername_type(const SSL *s);
/* SSL_export_keying_material exports a value derived from the master secret,
/*
* SSL_export_keying_material exports a value derived from the master secret,
* as specified in RFC 5705. It writes |olen| bytes to |out| given a label and
* optional context. (Since a zero length context is allowed, the |use_context|
* flag controls whether a context is included.)
*
* It returns 1 on success and zero otherwise.
* flag controls whether a context is included.) It returns 1 on success and
* zero otherwise.
*/
int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
const char *label, size_t llen, const unsigned char *p, size_t plen,
const char *label, size_t llen,
const unsigned char *p, size_t plen,
int use_context);
int SSL_get_sigalgs(SSL *s, int idx,
int *psign, int *phash, int *psignandhash,
unsigned char *rsig, unsigned char *rhash);
int SSL_get_shared_sigalgs(SSL *s, int idx,
int *psign, int *phash, int *psignandhash,
unsigned char *rsig, unsigned char *rhash);
int SSL_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain);
# define SSL_set_tlsext_host_name(s,name) \
SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name,(char *)name)
@@ -378,13 +410,17 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
# define TLS1_CK_PSK_WITH_AES_128_CBC_SHA 0x0300008C
# define TLS1_CK_PSK_WITH_AES_256_CBC_SHA 0x0300008D
/* Additional TLS ciphersuites from expired Internet Draft
* draft-ietf-tls-56-bit-ciphersuites-01.txt
* (available if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES is defined, see
* s3_lib.c). We actually treat them like SSL 3.0 ciphers, which we probably
* shouldn't. Note that the first two are actually not in the IDs. */
#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5 0x03000060 /* not in ID */
#define TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 0x03000061 /* not in ID */
/*
* Additional TLS ciphersuites from expired Internet Draft
* draft-ietf-tls-56-bit-ciphersuites-01.txt (available if
* TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES is defined, see s3_lib.c). We
* actually treat them like SSL 3.0 ciphers, which we probably shouldn't.
* Note that the first two are actually not in the IDs.
*/
# define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5 0x03000060/* not in
* ID */
# define TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 0x03000061/* not in
* ID */
# define TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA 0x03000062
# define TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA 0x03000063
# define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA 0x03000064
@@ -392,7 +428,6 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
# define TLS1_CK_DHE_DSS_WITH_RC4_128_SHA 0x03000066
/* AES ciphersuites from RFC3268 */
# define TLS1_CK_RSA_WITH_AES_128_SHA 0x0300002F
# define TLS1_CK_DH_DSS_WITH_AES_128_SHA 0x03000030
# define TLS1_CK_DH_RSA_WITH_AES_128_SHA 0x03000031
@@ -462,7 +497,10 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
# define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256 0x030000A6
# define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384 0x030000A7
/* ECC ciphersuites from draft-ietf-tls-ecc-12.txt with changes soon to be in draft 13 */
/*
* ECC ciphersuites from draft-ietf-tls-ecc-12.txt with changes soon to be in
* draft 13
*/
# define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA 0x0300C001
# define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA 0x0300C002
# define TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA 0x0300C003
@@ -525,13 +563,12 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
# define TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256 0x0300C031
# define TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384 0x0300C032
/* XXX
* Inconsistency alert:
* The OpenSSL names of ciphers with ephemeral DH here include the string
* "DHE", while elsewhere it has always been "EDH".
* (The alias for the list of all such ciphers also is "EDH".)
* The specifications speak of "EDH"; maybe we should allow both forms
* for everything. */
/*
* XXX * Backward compatibility alert: + * Older versions of OpenSSL gave
* some DHE ciphers names with "EDH" + * instead of "DHE". Going forward, we
* should be using DHE + * everywhere, though we may indefinitely maintain
* aliases for users + * or configurations that used "EDH" +
*/
# define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5 "EXP1024-RC4-MD5"
# define TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 "EXP1024-RC2-CBC-MD5"
# define TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA "EXP1024-DES-CBC-SHA"
@@ -555,7 +592,7 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
# define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA "DHE-RSA-AES256-SHA"
# define TLS1_TXT_ADH_WITH_AES_256_SHA "ADH-AES256-SHA"
/* ECC ciphersuites from draft-ietf-tls-ecc-01.txt (Mar 15, 2001) */
/* ECC ciphersuites from RFC4492 */
# define TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA "ECDH-ECDSA-NULL-SHA"
# define TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA "ECDH-ECDSA-RC4-SHA"
# define TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA "ECDH-ECDSA-DES-CBC3-SHA"
@@ -685,8 +722,10 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
# define TLS_CT_ECDSA_FIXED_ECDH 66
# define TLS_CT_GOST94_SIGN 21
# define TLS_CT_GOST01_SIGN 22
/* when correcting this number, correct also SSL3_CT_NUMBER in ssl3.h (see
* comment there) */
/*
* when correcting this number, correct also SSL3_CT_NUMBER in ssl3.h (see
* comment there)
*/
# define TLS_CT_NUMBER 9
# define TLS1_FINISH_MAC_LENGTH 12
@@ -711,26 +750,56 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
# ifdef CHARSET_EBCDIC
# undef TLS_MD_CLIENT_FINISH_CONST
#define TLS_MD_CLIENT_FINISH_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x66\x69\x6e\x69\x73\x68\x65\x64" /*client finished*/
/*
* client finished
*/
# define TLS_MD_CLIENT_FINISH_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x66\x69\x6e\x69\x73\x68\x65\x64"
# undef TLS_MD_SERVER_FINISH_CONST
#define TLS_MD_SERVER_FINISH_CONST "\x73\x65\x72\x76\x65\x72\x20\x66\x69\x6e\x69\x73\x68\x65\x64" /*server finished*/
/*
* server finished
*/
# define TLS_MD_SERVER_FINISH_CONST "\x73\x65\x72\x76\x65\x72\x20\x66\x69\x6e\x69\x73\x68\x65\x64"
# undef TLS_MD_SERVER_WRITE_KEY_CONST
#define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79" /*server write key*/
/*
* server write key
*/
# define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
# undef TLS_MD_KEY_EXPANSION_CONST
#define TLS_MD_KEY_EXPANSION_CONST "\x6b\x65\x79\x20\x65\x78\x70\x61\x6e\x73\x69\x6f\x6e" /*key expansion*/
/*
* key expansion
*/
# define TLS_MD_KEY_EXPANSION_CONST "\x6b\x65\x79\x20\x65\x78\x70\x61\x6e\x73\x69\x6f\x6e"
# undef TLS_MD_CLIENT_WRITE_KEY_CONST
#define TLS_MD_CLIENT_WRITE_KEY_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79" /*client write key*/
/*
* client write key
*/
# define TLS_MD_CLIENT_WRITE_KEY_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
# undef TLS_MD_SERVER_WRITE_KEY_CONST
#define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79" /*server write key*/
/*
* server write key
*/
# define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
# undef TLS_MD_IV_BLOCK_CONST
#define TLS_MD_IV_BLOCK_CONST "\x49\x56\x20\x62\x6c\x6f\x63\x6b" /*IV block*/
/*
* IV block
*/
# define TLS_MD_IV_BLOCK_CONST "\x49\x56\x20\x62\x6c\x6f\x63\x6b"
# undef TLS_MD_MASTER_SECRET_CONST
#define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74" /*master secret*/
/*
* master secret
*/
# define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74"
# endif
/* TLS Session Ticket extension struct */
struct tls_session_ticket_ext_st
{
struct tls_session_ticket_ext_st {
unsigned short length;
void *data;
};

173
libs/openssl/include/openssl/ts.h
View File

@@ -1,6 +1,7 @@
/* crypto/ts/ts.h */
/* Written by Zoltan Glozik (zglozik@opentsa.org) for the OpenSSL
* project 2002, 2003, 2004.
/*
* Written by Zoltan Glozik (zglozik@opentsa.org) for the OpenSSL project
* 2002, 2003, 2004.
*/
/* ====================================================================
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
@@ -98,19 +99,18 @@ extern "C" {
# include <openssl/x509.h>
# include <openssl/x509v3.h>
/*
/*-
MessageImprint ::= SEQUENCE {
hashAlgorithm AlgorithmIdentifier,
hashedMessage OCTET STRING }
*/
typedef struct TS_msg_imprint_st
{
typedef struct TS_msg_imprint_st {
X509_ALGOR *hash_algo;
ASN1_OCTET_STRING *hashed_msg;
} TS_MSG_IMPRINT;
/*
/*-
TimeStampReq ::= SEQUENCE {
version INTEGER { v1(1) },
messageImprint MessageImprint,
@@ -122,8 +122,7 @@ TimeStampReq ::= SEQUENCE {
extensions [0] IMPLICIT Extensions OPTIONAL }
*/
typedef struct TS_req_st
{
typedef struct TS_req_st {
ASN1_INTEGER *version;
TS_MSG_IMPRINT *msg_imprint;
ASN1_OBJECT *policy_id; /* OPTIONAL */
@@ -132,21 +131,20 @@ typedef struct TS_req_st
STACK_OF(X509_EXTENSION) *extensions; /* [0] OPTIONAL */
} TS_REQ;
/*
/*-
Accuracy ::= SEQUENCE {
seconds INTEGER OPTIONAL,
millis [0] INTEGER (1..999) OPTIONAL,
micros [1] INTEGER (1..999) OPTIONAL }
*/
typedef struct TS_accuracy_st
{
typedef struct TS_accuracy_st {
ASN1_INTEGER *seconds;
ASN1_INTEGER *millis;
ASN1_INTEGER *micros;
} TS_ACCURACY;
/*
/*-
TSTInfo ::= SEQUENCE {
version INTEGER { v1(1) },
policy TSAPolicyId,
@@ -166,8 +164,7 @@ TSTInfo ::= SEQUENCE {
extensions [1] IMPLICIT Extensions OPTIONAL }
*/
typedef struct TS_tst_info_st
{
typedef struct TS_tst_info_st {
ASN1_INTEGER *version;
ASN1_OBJECT *policy_id;
TS_MSG_IMPRINT *msg_imprint;
@@ -180,7 +177,7 @@ typedef struct TS_tst_info_st
STACK_OF(X509_EXTENSION) *extensions;
} TS_TST_INFO;
/*
/*-
PKIStatusInfo ::= SEQUENCE {
status PKIStatus,
statusString PKIFreeText OPTIONAL,
@@ -202,7 +199,9 @@ PKIFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String
# define TS_STATUS_REVOCATION_WARNING 4
# define TS_STATUS_REVOCATION_NOTIFICATION 5
/* Possible values for failure_info. See ts_resp_print.c && ts_resp_verify.c */
/*
* Possible values for failure_info. See ts_resp_print.c && ts_resp_verify.c
*/
# define TS_INFO_BAD_ALG 0
# define TS_INFO_BAD_REQUEST 2
@@ -213,8 +212,7 @@ PKIFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String
# define TS_INFO_ADD_INFO_NOT_AVAILABLE 17
# define TS_INFO_SYSTEM_FAILURE 25
typedef struct TS_status_info_st
{
typedef struct TS_status_info_st {
ASN1_INTEGER *status;
STACK_OF(ASN1_UTF8STRING) *text;
ASN1_BIT_STRING *failure_info;
@@ -223,14 +221,13 @@ typedef struct TS_status_info_st
DECLARE_STACK_OF(ASN1_UTF8STRING)
DECLARE_ASN1_SET_OF(ASN1_UTF8STRING)
/*
/*-
TimeStampResp ::= SEQUENCE {
status PKIStatusInfo,
timeStampToken TimeStampToken OPTIONAL }
*/
typedef struct TS_resp_st
{
typedef struct TS_resp_st {
TS_STATUS_INFO *status_info;
PKCS7 *token;
TS_TST_INFO *tst_info;
@@ -238,28 +235,26 @@ typedef struct TS_resp_st
/* The structure below would belong to the ESS component. */
/*
/*-
IssuerSerial ::= SEQUENCE {
issuer GeneralNames,
serialNumber CertificateSerialNumber
}
*/
typedef struct ESS_issuer_serial
{
typedef struct ESS_issuer_serial {
STACK_OF(GENERAL_NAME) *issuer;
ASN1_INTEGER *serial;
} ESS_ISSUER_SERIAL;
/*
/*-
ESSCertID ::= SEQUENCE {
certHash Hash,
issuerSerial IssuerSerial OPTIONAL
}
*/
typedef struct ESS_cert_id
{
typedef struct ESS_cert_id {
ASN1_OCTET_STRING *hash; /* Always SHA-1 digest. */
ESS_ISSUER_SERIAL *issuer_serial;
} ESS_CERT_ID;
@@ -267,20 +262,18 @@ typedef struct ESS_cert_id
DECLARE_STACK_OF(ESS_CERT_ID)
DECLARE_ASN1_SET_OF(ESS_CERT_ID)
/*
/*-
SigningCertificate ::= SEQUENCE {
certs SEQUENCE OF ESSCertID,
policies SEQUENCE OF PolicyInformation OPTIONAL
}
*/
typedef struct ESS_signing_cert
{
typedef struct ESS_signing_cert {
STACK_OF(ESS_CERT_ID) *cert_ids;
STACK_OF(POLICYINFO) *policy_info;
} ESS_SIGNING_CERT;
TS_REQ *TS_REQ_new(void);
void TS_REQ_free(TS_REQ *a);
int i2d_TS_REQ(const TS_REQ *a, unsigned char **pp);
@@ -346,10 +339,10 @@ TS_ACCURACY *TS_ACCURACY_dup(TS_ACCURACY *a);
ESS_ISSUER_SERIAL *ESS_ISSUER_SERIAL_new(void);
void ESS_ISSUER_SERIAL_free(ESS_ISSUER_SERIAL *a);
int i2d_ESS_ISSUER_SERIAL(const ESS_ISSUER_SERIAL *a,
unsigned char **pp);
int i2d_ESS_ISSUER_SERIAL(const ESS_ISSUER_SERIAL *a, unsigned char **pp);
ESS_ISSUER_SERIAL *d2i_ESS_ISSUER_SERIAL(ESS_ISSUER_SERIAL **a,
const unsigned char **pp, long length);
const unsigned char **pp,
long length);
ESS_ISSUER_SERIAL *ESS_ISSUER_SERIAL_dup(ESS_ISSUER_SERIAL *a);
ESS_CERT_ID *ESS_CERT_ID_new(void);
@@ -361,8 +354,7 @@ ESS_CERT_ID *ESS_CERT_ID_dup(ESS_CERT_ID *a);
ESS_SIGNING_CERT *ESS_SIGNING_CERT_new(void);
void ESS_SIGNING_CERT_free(ESS_SIGNING_CERT *a);
int i2d_ESS_SIGNING_CERT(const ESS_SIGNING_CERT *a,
unsigned char **pp);
int i2d_ESS_SIGNING_CERT(const ESS_SIGNING_CERT *a, unsigned char **pp);
ESS_SIGNING_CERT *d2i_ESS_SIGNING_CERT(ESS_SIGNING_CERT **a,
const unsigned char **pp, long length);
ESS_SIGNING_CERT *ESS_SIGNING_CERT_dup(ESS_SIGNING_CERT *a);
@@ -462,7 +454,9 @@ X509_EXTENSION *TS_TST_INFO_delete_ext(TS_TST_INFO *a, int loc);
int TS_TST_INFO_add_ext(TS_TST_INFO *a, X509_EXTENSION *ex, int loc);
void *TS_TST_INFO_get_ext_d2i(TS_TST_INFO *a, int nid, int *crit, int *idx);
/* Declarations related to response generation, defined in ts/ts_resp_sign.c. */
/*
* Declarations related to response generation, defined in ts/ts_resp_sign.c.
*/
/* Optional flags for response generation. */
@@ -485,20 +479,23 @@ struct TS_resp_ctx;
/* This must return a unique number less than 160 bits long. */
typedef ASN1_INTEGER *(*TS_serial_cb) (struct TS_resp_ctx *, void *);
/* This must return the seconds and microseconds since Jan 1, 1970 in
the sec and usec variables allocated by the caller.
Return non-zero for success and zero for failure. */
typedef int (*TS_time_cb)(struct TS_resp_ctx *, void *, long *sec, long *usec);
/* This must process the given extension.
* It can modify the TS_TST_INFO object of the context.
* Return values: !0 (processed), 0 (error, it must set the
* status info/failure info of the response).
/*
* This must return the seconds and microseconds since Jan 1, 1970 in the sec
* and usec variables allocated by the caller. Return non-zero for success
* and zero for failure.
*/
typedef int (*TS_extension_cb)(struct TS_resp_ctx *, X509_EXTENSION *, void *);
typedef int (*TS_time_cb) (struct TS_resp_ctx *, void *, long *sec,
long *usec);
typedef struct TS_resp_ctx
{
/*
* This must process the given extension. It can modify the TS_TST_INFO
* object of the context. Return values: !0 (processed), 0 (error, it must
* set the status info/failure info of the response).
*/
typedef int (*TS_extension_cb) (struct TS_resp_ctx *, X509_EXTENSION *,
void *);
typedef struct TS_resp_ctx {
X509 *signer_cert;
EVP_PKEY *signer_key;
STACK_OF(X509) *certs; /* Certs to include in signed data. */
@@ -508,20 +505,16 @@ typedef struct TS_resp_ctx
ASN1_INTEGER *seconds; /* accuracy, 0 means not specified. */
ASN1_INTEGER *millis; /* accuracy, 0 means not specified. */
ASN1_INTEGER *micros; /* accuracy, 0 means not specified. */
unsigned clock_precision_digits; /* fraction of seconds in
time stamp token. */
unsigned clock_precision_digits; /* fraction of seconds in time stamp
* token. */
unsigned flags; /* Optional info, see values above. */
/* Callback functions. */
TS_serial_cb serial_cb;
void *serial_cb_data; /* User data for serial_cb. */
TS_time_cb time_cb;
void *time_cb_data; /* User data for time_cb. */
TS_extension_cb extension_cb;
void *extension_cb_data; /* User data for extension_cb. */
/* These members are used only while creating the response. */
TS_REQ *request;
TS_RESP *response;
@@ -547,25 +540,34 @@ int TS_RESP_CTX_set_def_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *def_policy);
/* No additional certs are included in the response by default. */
int TS_RESP_CTX_set_certs(TS_RESP_CTX *ctx, STACK_OF(X509) *certs);
/* Adds a new acceptable policy, only the default policy
is accepted by default. */
/*
* Adds a new acceptable policy, only the default policy is accepted by
* default.
*/
int TS_RESP_CTX_add_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *policy);
/* Adds a new acceptable message digest. Note that no message digests
are accepted by default. The md argument is shared with the caller. */
/*
* Adds a new acceptable message digest. Note that no message digests are
* accepted by default. The md argument is shared with the caller.
*/
int TS_RESP_CTX_add_md(TS_RESP_CTX *ctx, const EVP_MD *md);
/* Accuracy is not included by default. */
int TS_RESP_CTX_set_accuracy(TS_RESP_CTX *ctx,
int secs, int millis, int micros);
/* Clock precision digits, i.e. the number of decimal digits:
'0' means sec, '3' msec, '6' usec, and so on. Default is 0. */
/*
* Clock precision digits, i.e. the number of decimal digits: '0' means sec,
* '3' msec, '6' usec, and so on. Default is 0.
*/
int TS_RESP_CTX_set_clock_precision_digits(TS_RESP_CTX *ctx,
unsigned clock_precision_digits);
/* At most we accept usec precision. */
# define TS_MAX_CLOCK_PRECISION_DIGITS 6
/* Maximum status message length */
# define TS_MAX_STATUS_LENGTH (1024 * 1024)
/* No flags are set by default. */
void TS_RESP_CTX_add_flags(TS_RESP_CTX *ctx, int flags);
@@ -575,8 +577,10 @@ void TS_RESP_CTX_set_serial_cb(TS_RESP_CTX *ctx, TS_serial_cb cb, void *data);
/* Default callback uses the gettimeofday() and gmtime() system calls. */
void TS_RESP_CTX_set_time_cb(TS_RESP_CTX *ctx, TS_time_cb cb, void *data);
/* Default callback rejects all extensions. The extension callback is called
* when the TS_TST_INFO object is already set up and not signed yet. */
/*
* Default callback rejects all extensions. The extension callback is called
* when the TS_TST_INFO object is already set up and not signed yet.
*/
/* FIXME: extension handling is not tested yet. */
void TS_RESP_CTX_set_extension_cb(TS_RESP_CTX *ctx,
TS_extension_cb cb, void *data);
@@ -619,12 +623,16 @@ int TS_RESP_verify_signature(PKCS7 *token, STACK_OF(X509) *certs,
# define TS_VFY_VERSION (1u << 1)
/* Verify if the policy supplied by the user matches the policy of the TSA. */
# define TS_VFY_POLICY (1u << 2)
/* Verify the message imprint provided by the user. This flag should not be
specified with TS_VFY_DATA. */
/*
* Verify the message imprint provided by the user. This flag should not be
* specified with TS_VFY_DATA.
*/
# define TS_VFY_IMPRINT (1u << 3)
/* Verify the message imprint computed by the verify method from the user
provided data and the MD algorithm of the response. This flag should not be
specified with TS_VFY_IMPRINT. */
/*
* Verify the message imprint computed by the verify method from the user
* provided data and the MD algorithm of the response. This flag should not
* be specified with TS_VFY_IMPRINT.
*/
# define TS_VFY_DATA (1u << 4)
/* Verify the nonce value. */
# define TS_VFY_NONCE (1u << 5)
@@ -649,30 +657,25 @@ int TS_RESP_verify_signature(PKCS7 *token, STACK_OF(X509) *certs,
| TS_VFY_SIGNER \
| TS_VFY_TSA_NAME)
typedef struct TS_verify_ctx
{
typedef struct TS_verify_ctx {
/* Set this to the union of TS_VFY_... flags you want to carry out. */
unsigned flags;
/* Must be set only with TS_VFY_SIGNATURE. certs is optional. */
X509_STORE *store;
STACK_OF(X509) *certs;
/* Must be set only with TS_VFY_POLICY. */
ASN1_OBJECT *policy;
/* Must be set only with TS_VFY_IMPRINT. If md_alg is NULL,
the algorithm from the response is used. */
/*
* Must be set only with TS_VFY_IMPRINT. If md_alg is NULL, the
* algorithm from the response is used.
*/
X509_ALGOR *md_alg;
unsigned char *imprint;
unsigned imprint_len;
/* Must be set only with TS_VFY_DATA. */
BIO *data;
/* Must be set only with TS_VFY_TSA_NAME. */
ASN1_INTEGER *nonce;
/* Must be set only with TS_VFY_TSA_NAME. */
GENERAL_NAME *tsa_name;
} TS_VERIFY_CTX;
@@ -691,7 +694,7 @@ void TS_VERIFY_CTX_init(TS_VERIFY_CTX *ctx);
void TS_VERIFY_CTX_free(TS_VERIFY_CTX *ctx);
void TS_VERIFY_CTX_cleanup(TS_VERIFY_CTX *ctx);
/*
/*-
* If ctx is NULL, it allocates and returns a new object, otherwise
* it returns ctx. It initialises all the members as follows:
* flags = TS_VFY_ALL_IMPRINT & ~(TS_VFY_TSA_NAME | TS_VFY_SIGNATURE)
@@ -723,8 +726,10 @@ int TS_ext_print_bio(BIO *bio, const STACK_OF(X509_EXTENSION) *extensions);
int TS_X509_ALGOR_print_bio(BIO *bio, const X509_ALGOR *alg);
int TS_MSG_IMPRINT_print_bio(BIO *bio, TS_MSG_IMPRINT *msg);
/* Function declarations for handling configuration options,
defined in ts/ts_conf.c */
/*
* Function declarations for handling configuration options, defined in
* ts/ts_conf.c
*/
X509 *TS_CONF_load_cert(const char *file);
STACK_OF(X509) *TS_CONF_load_certs(const char *file);
@@ -740,7 +745,8 @@ int TS_CONF_set_signer_cert(CONF *conf, const char *section,
int TS_CONF_set_certs(CONF *conf, const char *section, const char *certs,
TS_RESP_CTX *ctx);
int TS_CONF_set_signer_key(CONF *conf, const char *section,
const char *key, const char *pass, TS_RESP_CTX *ctx);
const char *key, const char *pass,
TS_RESP_CTX *ctx);
int TS_CONF_set_def_policy(CONF *conf, const char *section,
const char *policy, TS_RESP_CTX *ctx);
int TS_CONF_set_policies(CONF *conf, const char *section, TS_RESP_CTX *ctx);
@@ -755,7 +761,8 @@ int TS_CONF_set_ess_cert_id_chain(CONF *conf, const char *section,
/* -------------------------------------------------- */
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_TS_strings(void);

6
libs/openssl/include/openssl/txt_db.h
View File

@@ -80,8 +80,7 @@ extern "C" {
typedef OPENSSL_STRING *OPENSSL_PSTRING;
DECLARE_SPECIAL_STACK_OF(OPENSSL_PSTRING, OPENSSL_STRING)
typedef struct txt_db_st
{
typedef struct txt_db_st {
int num_fields;
STACK_OF(OPENSSL_PSTRING) *data;
LHASH_OF(OPENSSL_STRING) **index;
@@ -102,7 +101,8 @@ long TXT_DB_write(char *out, TXT_DB *db);
int TXT_DB_create_index(TXT_DB *db, int field, int (*qual) (OPENSSL_STRING *),
LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp);
void TXT_DB_free(TXT_DB *db);
OPENSSL_STRING *TXT_DB_get_by_index(TXT_DB *db, int idx, OPENSSL_STRING *value);
OPENSSL_STRING *TXT_DB_get_by_index(TXT_DB *db, int idx,
OPENSSL_STRING *value);
int TXT_DB_insert(TXT_DB *db, OPENSSL_STRING *value);
#ifdef __cplusplus

198
libs/openssl/include/openssl/ui.h
View File

@@ -1,6 +1,7 @@
/* crypto/ui/ui.h -*- mode:C; c-file-style: "eay" -*- */
/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
* project 2001.
/* crypto/ui/ui.h */
/*
* Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
* 2001.
*/
/* ====================================================================
* Copyright (c) 2001 The OpenSSL Project. All rights reserved.
@@ -73,18 +74,20 @@ extern "C" {
/* typedef struct ui_st UI; */
/* typedef struct ui_method_st UI_METHOD; */
/* All the following functions return -1 or NULL on error and in some cases
(UI_process()) -2 if interrupted or in some other way cancelled.
When everything is fine, they return 0, a positive value or a non-NULL
pointer, all depending on their purpose. */
/*
* All the following functions return -1 or NULL on error and in some cases
* (UI_process()) -2 if interrupted or in some other way cancelled. When
* everything is fine, they return 0, a positive value or a non-NULL pointer,
* all depending on their purpose.
*/
/* Creators and destructor. */
UI *UI_new(void);
UI *UI_new_method(const UI_METHOD *method);
void UI_free(UI *ui);
/* The following functions are used to add strings to be printed and prompt
/*-
The following functions are used to add strings to be printed and prompt
strings to prompt for data. The names are UI_{add,dup}_<function>_string
and UI_{add,dup}_input_boolean.
@@ -107,7 +110,6 @@ void UI_free(UI *ui);
UI_{add,dup}_input_boolean have the same semantics for "add" and "dup",
and are typically used when one wants to prompt for a yes/no response.
All of the functions in this group take a UI and a prompt string.
The string input and verify addition functions also take a flag argument,
a buffer for the result to end up with, a minimum input size and a maximum
@@ -132,9 +134,11 @@ int UI_add_input_string(UI *ui, const char *prompt, int flags,
int UI_dup_input_string(UI *ui, const char *prompt, int flags,
char *result_buf, int minsize, int maxsize);
int UI_add_verify_string(UI *ui, const char *prompt, int flags,
char *result_buf, int minsize, int maxsize, const char *test_buf);
char *result_buf, int minsize, int maxsize,
const char *test_buf);
int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
char *result_buf, int minsize, int maxsize, const char *test_buf);
char *result_buf, int minsize, int maxsize,
const char *test_buf);
int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
const char *ok_chars, const char *cancel_chars,
int flags, char *result_buf);
@@ -149,55 +153,59 @@ int UI_dup_error_string(UI *ui, const char *text);
/* These are the possible flags. They can be or'ed together. */
/* Use to have echoing of input */
# define UI_INPUT_FLAG_ECHO 0x01
/* Use a default password. Where that password is found is completely
up to the application, it might for example be in the user data set
with UI_add_user_data(). It is not recommended to have more than
one input in each UI being marked with this flag, or the application
might get confused. */
/*
* Use a default password. Where that password is found is completely up to
* the application, it might for example be in the user data set with
* UI_add_user_data(). It is not recommended to have more than one input in
* each UI being marked with this flag, or the application might get
* confused.
*/
# define UI_INPUT_FLAG_DEFAULT_PWD 0x02
/* The user of these routines may want to define flags of their own. The core
UI won't look at those, but will pass them on to the method routines. They
must use higher bits so they don't get confused with the UI bits above.
UI_INPUT_FLAG_USER_BASE tells which is the lowest bit to use. A good
example of use is this:
#define MY_UI_FLAG1 (0x01 << UI_INPUT_FLAG_USER_BASE)
/*-
* The user of these routines may want to define flags of their own. The core
* UI won't look at those, but will pass them on to the method routines. They
* must use higher bits so they don't get confused with the UI bits above.
* UI_INPUT_FLAG_USER_BASE tells which is the lowest bit to use. A good
* example of use is this:
*
* #define MY_UI_FLAG1 (0x01 << UI_INPUT_FLAG_USER_BASE)
*
*/
# define UI_INPUT_FLAG_USER_BASE 16
/* The following function helps construct a prompt. object_desc is a
textual short description of the object, for example "pass phrase",
and object_name is the name of the object (might be a card name or
a file name.
The returned string shall always be allocated on the heap with
OPENSSL_malloc(), and need to be free'd with OPENSSL_free().
If the ui_method doesn't contain a pointer to a user-defined prompt
constructor, a default string is built, looking like this:
"Enter {object_desc} for {object_name}:"
So, if object_desc has the value "pass phrase" and object_name has
the value "foo.key", the resulting string is:
"Enter pass phrase for foo.key:"
/*-
* The following function helps construct a prompt. object_desc is a
* textual short description of the object, for example "pass phrase",
* and object_name is the name of the object (might be a card name or
* a file name.
* The returned string shall always be allocated on the heap with
* OPENSSL_malloc(), and need to be free'd with OPENSSL_free().
*
* If the ui_method doesn't contain a pointer to a user-defined prompt
* constructor, a default string is built, looking like this:
*
* "Enter {object_desc} for {object_name}:"
*
* So, if object_desc has the value "pass phrase" and object_name has
* the value "foo.key", the resulting string is:
*
* "Enter pass phrase for foo.key:"
*/
char *UI_construct_prompt(UI *ui_method,
const char *object_desc, const char *object_name);
/* The following function is used to store a pointer to user-specific data.
Any previous such pointer will be returned and replaced.
For callback purposes, this function makes a lot more sense than using
ex_data, since the latter requires that different parts of OpenSSL or
applications share the same ex_data index.
Note that the UI_OpenSSL() method completely ignores the user data.
Other methods may not, however. */
/*
* The following function is used to store a pointer to user-specific data.
* Any previous such pointer will be returned and replaced.
*
* For callback purposes, this function makes a lot more sense than using
* ex_data, since the latter requires that different parts of OpenSSL or
* applications share the same ex_data index.
*
* Note that the UI_OpenSSL() method completely ignores the user data. Other
* methods may not, however.
*/
void *UI_add_user_data(UI *ui, void *user_data);
/* We need a user data retrieving function as well. */
void *UI_get0_user_data(UI *ui);
@@ -208,22 +216,27 @@ const char *UI_get0_result(UI *ui, int i);
/* When all strings have been added, process the whole thing. */
int UI_process(UI *ui);
/* Give a user interface parametrised control commands. This can be used to
send down an integer, a data pointer or a function pointer, as well as
be used to get information from a UI. */
/*
* Give a user interface parametrised control commands. This can be used to
* send down an integer, a data pointer or a function pointer, as well as be
* used to get information from a UI.
*/
int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f) (void));
/* The commands */
/* Use UI_CONTROL_PRINT_ERRORS with the value 1 to have UI_process print the
OpenSSL error stack before printing any info or added error messages and
before any prompting. */
/*
* Use UI_CONTROL_PRINT_ERRORS with the value 1 to have UI_process print the
* OpenSSL error stack before printing any info or added error messages and
* before any prompting.
*/
# define UI_CTRL_PRINT_ERRORS 1
/* Check if a UI_process() is possible to do again with the same instance of
a user interface. This makes UI_ctrl() return 1 if it is redoable, and 0
if not. */
/*
* Check if a UI_process() is possible to do again with the same instance of
* a user interface. This makes UI_ctrl() return 1 if it is redoable, and 0
* if not.
*/
# define UI_CTRL_IS_REDOABLE 2
/* Some methods may use extra data */
# define UI_set_app_data(s,arg) UI_set_ex_data(s,0,arg)
# define UI_get_app_data(s) UI_get_ex_data(s,0)
@@ -241,9 +254,9 @@ const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
/* The method with all the built-in thingies */
UI_METHOD *UI_OpenSSL(void);
/* ---------- For method writers ---------- */
/* A method contains a number of functions that implement the low level
/*-
A method contains a number of functions that implement the low level
of the User Interface. The functions are:
an opener This function starts a session, maybe by opening
@@ -284,16 +297,18 @@ UI_METHOD *UI_OpenSSL(void);
the reader take a UI_STRING.
*/
/* The UI_STRING type is the data structure that contains all the needed info
about a string or a prompt, including test data for a verification prompt.
/*
* The UI_STRING type is the data structure that contains all the needed info
* about a string or a prompt, including test data for a verification prompt.
*/
typedef struct ui_string_st UI_STRING;
DECLARE_STACK_OF(UI_STRING)
/* The different types of strings that are currently supported.
This is only needed by method authors. */
enum UI_string_types
{
/*
* The different types of strings that are currently supported. This is only
* needed by method authors.
*/
enum UI_string_types {
UIT_NONE = 0,
UIT_PROMPT, /* Prompt for a string */
UIT_VERIFY, /* Prompt for a string and verify */
@@ -306,20 +321,31 @@ enum UI_string_types
UI_METHOD *UI_create_method(char *name);
void UI_destroy_method(UI_METHOD *ui_method);
int UI_method_set_opener(UI_METHOD *method, int (*opener) (UI *ui));
int UI_method_set_writer(UI_METHOD *method, int (*writer)(UI *ui, UI_STRING *uis));
int UI_method_set_writer(UI_METHOD *method,
int (*writer) (UI *ui, UI_STRING *uis));
int UI_method_set_flusher(UI_METHOD *method, int (*flusher) (UI *ui));
int UI_method_set_reader(UI_METHOD *method, int (*reader)(UI *ui, UI_STRING *uis));
int UI_method_set_reader(UI_METHOD *method,
int (*reader) (UI *ui, UI_STRING *uis));
int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui));
int UI_method_set_prompt_constructor(UI_METHOD *method, char *(*prompt_constructor)(UI* ui, const char* object_desc, const char* object_name));
int UI_method_set_prompt_constructor(UI_METHOD *method,
char *(*prompt_constructor) (UI *ui,
const char
*object_desc,
const char
*object_name));
int (*UI_method_get_opener(UI_METHOD *method)) (UI *);
int (*UI_method_get_writer(UI_METHOD *method)) (UI *, UI_STRING *);
int (*UI_method_get_flusher(UI_METHOD *method)) (UI *);
int (*UI_method_get_reader(UI_METHOD *method)) (UI *, UI_STRING *);
int (*UI_method_get_closer(UI_METHOD *method)) (UI *);
char * (*UI_method_get_prompt_constructor(UI_METHOD *method))(UI*, const char*, const char*);
char *(*UI_method_get_prompt_constructor(UI_METHOD *method)) (UI *,
const char *,
const char *);
/* The following functions are helpers for method writers to access relevant
data from a UI_STRING. */
/*
* The following functions are helpers for method writers to access relevant
* data from a UI_STRING.
*/
/* Return type of the UI_STRING */
enum UI_string_types UI_get_string_type(UI_STRING *uis);
@@ -327,11 +353,16 @@ enum UI_string_types UI_get_string_type(UI_STRING *uis);
int UI_get_input_flags(UI_STRING *uis);
/* Return the actual string to output (the prompt, info or error) */
const char *UI_get0_output_string(UI_STRING *uis);
/* Return the optional action string to output (the boolean promtp instruction) */
/*
* Return the optional action string to output (the boolean promtp
* instruction)
*/
const char *UI_get0_action_string(UI_STRING *uis);
/* Return the result of a prompt */
const char *UI_get0_result_string(UI_STRING *uis);
/* Return the string to test the result against. Only useful with verifies. */
/*
* Return the string to test the result against. Only useful with verifies.
*/
const char *UI_get0_test_string(UI_STRING *uis);
/* Return the required minimum size of the result */
int UI_get_result_minsize(UI_STRING *uis);
@@ -340,14 +371,15 @@ int UI_get_result_maxsize(UI_STRING *uis);
/* Set the result of a UI_STRING. */
int UI_set_result(UI *ui, UI_STRING *uis, const char *result);
/* A couple of popular utility functions */
int UI_UTIL_read_pw_string(char *buf,int length,const char *prompt,int verify);
int UI_UTIL_read_pw(char *buf,char *buff,int size,const char *prompt,int verify);
int UI_UTIL_read_pw_string(char *buf, int length, const char *prompt,
int verify);
int UI_UTIL_read_pw(char *buf, char *buff, int size, const char *prompt,
int verify);
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_UI_strings(void);

19
libs/openssl/include/openssl/ui_compat.h
View File

@@ -1,6 +1,7 @@
/* crypto/ui/ui.h -*- mode:C; c-file-style: "eay" -*- */
/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
* project 2001.
/* crypto/ui/ui.h */
/*
* Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
* 2001.
*/
/* ====================================================================
* Copyright (c) 2001 The OpenSSL Project. All rights reserved.
@@ -66,16 +67,20 @@
extern "C" {
#endif
/* The following functions were previously part of the DES section,
and are provided here for backward compatibility reasons. */
/*
* The following functions were previously part of the DES section, and are
* provided here for backward compatibility reasons.
*/
# define des_read_pw_string(b,l,p,v) \
_ossl_old_des_read_pw_string((b),(l),(p),(v))
# define des_read_pw(b,bf,s,p,v) \
_ossl_old_des_read_pw((b),(bf),(s),(p),(v))
int _ossl_old_des_read_pw_string(char *buf,int length,const char *prompt,int verify);
int _ossl_old_des_read_pw(char *buf,char *buff,int size,const char *prompt,int verify);
int _ossl_old_des_read_pw_string(char *buf, int length, const char *prompt,
int verify);
int _ossl_old_des_read_pw(char *buf, char *buff, int size, const char *prompt,
int verify);
#ifdef __cplusplus
}

337
libs/openssl/include/openssl/x509.h
View File

@@ -134,15 +134,13 @@ extern "C" {
# define X509v3_KU_DECIPHER_ONLY 0x8000
# define X509v3_KU_UNDEF 0xffff
typedef struct X509_objects_st
{
typedef struct X509_objects_st {
int nid;
int (*a2i) (void);
int (*i2a) (void);
} X509_OBJECTS;
struct X509_algor_st
{
struct X509_algor_st {
ASN1_OBJECT *algorithm;
ASN1_TYPE *parameter;
} /* X509_ALGOR */ ;
@@ -151,27 +149,23 @@ DECLARE_ASN1_SET_OF(X509_ALGOR)
typedef STACK_OF(X509_ALGOR) X509_ALGORS;
typedef struct X509_val_st
{
typedef struct X509_val_st {
ASN1_TIME *notBefore;
ASN1_TIME *notAfter;
} X509_VAL;
struct X509_pubkey_st
{
struct X509_pubkey_st {
X509_ALGOR *algor;
ASN1_BIT_STRING *public_key;
EVP_PKEY *pkey;
};
typedef struct X509_sig_st
{
typedef struct X509_sig_st {
X509_ALGOR *algor;
ASN1_OCTET_STRING *digest;
} X509_SIG;
typedef struct X509_name_entry_st
{
typedef struct X509_name_entry_st {
ASN1_OBJECT *object;
ASN1_STRING *value;
int set;
@@ -182,8 +176,7 @@ DECLARE_STACK_OF(X509_NAME_ENTRY)
DECLARE_ASN1_SET_OF(X509_NAME_ENTRY)
/* we always keep X509_NAMEs in 2 forms. */
struct X509_name_st
{
struct X509_name_st {
STACK_OF(X509_NAME_ENTRY) *entries;
int modified; /* true if 'bytes' needs to be built */
# ifndef OPENSSL_NO_BUFFER
@@ -200,8 +193,7 @@ DECLARE_STACK_OF(X509_NAME)
# define X509_EX_V_NETSCAPE_HACK 0x8000
# define X509_EX_V_INIT 0x0001
typedef struct X509_extension_st
{
typedef struct X509_extension_st {
ASN1_OBJECT *object;
ASN1_BOOLEAN critical;
ASN1_OCTET_STRING *value;
@@ -213,23 +205,25 @@ DECLARE_STACK_OF(X509_EXTENSION)
DECLARE_ASN1_SET_OF(X509_EXTENSION)
/* a sequence of these are used */
typedef struct x509_attributes_st
{
typedef struct x509_attributes_st {
ASN1_OBJECT *object;
int single; /* 0 for a set, 1 for a single item (which is wrong) */
int single; /* 0 for a set, 1 for a single item (which is
* wrong) */
union {
char *ptr;
/* 0 */ STACK_OF(ASN1_TYPE) *set;
/* 1 */ ASN1_TYPE *single;
/*
* 0
*/ STACK_OF(ASN1_TYPE) *set;
/*
* 1
*/ ASN1_TYPE *single;
} value;
} X509_ATTRIBUTE;
DECLARE_STACK_OF(X509_ATTRIBUTE)
DECLARE_ASN1_SET_OF(X509_ATTRIBUTE)
typedef struct X509_req_info_st
{
typedef struct X509_req_info_st {
ASN1_ENCODING enc;
ASN1_INTEGER *version;
X509_NAME *subject;
@@ -238,16 +232,14 @@ typedef struct X509_req_info_st
STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
} X509_REQ_INFO;
typedef struct X509_req_st
{
typedef struct X509_req_st {
X509_REQ_INFO *req_info;
X509_ALGOR *sig_alg;
ASN1_BIT_STRING *signature;
int references;
} X509_REQ;
typedef struct x509_cinf_st
{
typedef struct x509_cinf_st {
ASN1_INTEGER *version; /* [ 0 ] default of v1 */
ASN1_INTEGER *serialNumber;
X509_ALGOR *signature;
@@ -261,14 +253,13 @@ typedef struct x509_cinf_st
ASN1_ENCODING enc;
} X509_CINF;
/* This stuff is certificate "auxiliary info"
* it contains details which are useful in certificate
* stores and databases. When used this is tagged onto
/*
* This stuff is certificate "auxiliary info" it contains details which are
* useful in certificate stores and databases. When used this is tagged onto
* the end of the certificate itself
*/
typedef struct x509_cert_aux_st
{
typedef struct x509_cert_aux_st {
STACK_OF(ASN1_OBJECT) *trust; /* trusted uses */
STACK_OF(ASN1_OBJECT) *reject; /* rejected uses */
ASN1_UTF8STRING *alias; /* "friendly name" */
@@ -276,8 +267,7 @@ typedef struct x509_cert_aux_st
STACK_OF(X509_ALGOR) *other; /* other unspecified info */
} X509_CERT_AUX;
struct x509_st
{
struct x509_st {
X509_CINF *cert_info;
X509_ALGOR *sig_alg;
ASN1_BIT_STRING *signature;
@@ -346,7 +336,6 @@ typedef struct x509_cert_pair_st {
# define X509_TRUST_MIN 1
# define X509_TRUST_MAX 8
/* trust_flags values */
# define X509_TRUST_DYNAMIC 1
# define X509_TRUST_DYNAMIC_NAME 2
@@ -372,6 +361,7 @@ typedef struct x509_cert_pair_st {
# define X509_FLAG_NO_SIGDUMP (1L << 9)
# define X509_FLAG_NO_AUX (1L << 10)
# define X509_FLAG_NO_ATTRIBUTES (1L << 11)
# define X509_FLAG_NO_IDS (1L << 12)
/* Flags specific to X509_NAME_print_ex() */
@@ -379,7 +369,8 @@ typedef struct x509_cert_pair_st {
# define XN_FLAG_SEP_MASK (0xf << 16)
#define XN_FLAG_COMPAT 0 /* Traditional SSLeay: use old X509_NAME_print */
# define XN_FLAG_COMPAT 0/* Traditional SSLeay: use old
* X509_NAME_print */
# define XN_FLAG_SEP_COMMA_PLUS (1 << 16)/* RFC2253 ,+ */
# define XN_FLAG_SEP_CPLUS_SPC (2 << 16)/* ,+ spaced: more readable */
# define XN_FLAG_SEP_SPLUS_SPC (3 << 16)/* ;+ spaced */
@@ -398,13 +389,15 @@ typedef struct x509_cert_pair_st {
# define XN_FLAG_SPC_EQ (1 << 23)/* Put spaces round '=' */
/* This determines if we dump fields we don't recognise:
* RFC2253 requires this.
/*
* This determines if we dump fields we don't recognise: RFC2253 requires
* this.
*/
# define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24)
#define XN_FLAG_FN_ALIGN (1 << 25) /* Align field names to 20 characters */
# define XN_FLAG_FN_ALIGN (1 << 25)/* Align field names to 20
* characters */
/* Complete set of RFC2253 flags */
@@ -431,8 +424,7 @@ typedef struct x509_cert_pair_st {
XN_FLAG_FN_LN | \
XN_FLAG_FN_ALIGN)
struct x509_revoked_st
{
struct x509_revoked_st {
ASN1_INTEGER *serialNumber;
ASN1_TIME *revocationDate;
STACK_OF(X509_EXTENSION) /* optional */ *extensions;
@@ -446,8 +438,7 @@ struct x509_revoked_st
DECLARE_STACK_OF(X509_REVOKED)
DECLARE_ASN1_SET_OF(X509_REVOKED)
typedef struct X509_crl_info_st
{
typedef struct X509_crl_info_st {
ASN1_INTEGER *version;
X509_ALGOR *sig_alg;
X509_NAME *issuer;
@@ -458,8 +449,7 @@ typedef struct X509_crl_info_st
ASN1_ENCODING enc;
} X509_CRL_INFO;
struct X509_crl_st
{
struct X509_crl_st {
/* actual signature */
X509_CRL_INFO *crl;
X509_ALGOR *sig_alg;
@@ -486,69 +476,59 @@ struct X509_crl_st
DECLARE_STACK_OF(X509_CRL)
DECLARE_ASN1_SET_OF(X509_CRL)
typedef struct private_key_st
{
typedef struct private_key_st {
int version;
/* The PKCS#8 data types */
X509_ALGOR *enc_algor;
ASN1_OCTET_STRING *enc_pkey; /* encrypted pub key */
/* When decrypted, the following will not be NULL */
EVP_PKEY *dec_pkey;
/* used to encrypt and decrypt */
int key_length;
char *key_data;
int key_free; /* true if we should auto free key_data */
/* expanded version of 'enc_algor' */
EVP_CIPHER_INFO cipher;
int references;
} X509_PKEY;
# ifndef OPENSSL_NO_EVP
typedef struct X509_info_st
{
typedef struct X509_info_st {
X509 *x509;
X509_CRL *crl;
X509_PKEY *x_pkey;
EVP_CIPHER_INFO enc_cipher;
int enc_len;
char *enc_data;
int references;
} X509_INFO;
DECLARE_STACK_OF(X509_INFO)
# endif
/* The next 2 structures and their 8 routines were sent to me by
* Pat Richard <patr@x509.com> and are used to manipulate
* Netscapes spki structures - useful if you are writing a CA web page
/*
* The next 2 structures and their 8 routines were sent to me by Pat Richard
* <patr@x509.com> and are used to manipulate Netscapes spki structures -
* useful if you are writing a CA web page
*/
typedef struct Netscape_spkac_st
{
typedef struct Netscape_spkac_st {
X509_PUBKEY *pubkey;
ASN1_IA5STRING *challenge; /* challenge sent in atlas >= PR2 */
} NETSCAPE_SPKAC;
typedef struct Netscape_spki_st
{
typedef struct Netscape_spki_st {
NETSCAPE_SPKAC *spkac; /* signed public key and challenge */
X509_ALGOR *sig_algor;
ASN1_BIT_STRING *signature;
} NETSCAPE_SPKI;
/* Netscape certificate sequence structure */
typedef struct Netscape_certificate_sequence
{
typedef struct Netscape_certificate_sequence {
ASN1_OBJECT *type;
STACK_OF(X509) *certs;
} NETSCAPE_CERT_SEQUENCE;
/* Unused (and iv length is wrong)
/*- Unused (and iv length is wrong)
typedef struct CBCParameter_st
{
unsigned char iv[8];
@@ -570,18 +550,18 @@ X509_ALGOR *encryption;
} PBE2PARAM;
typedef struct PBKDF2PARAM_st {
ASN1_TYPE *salt; /* Usually OCTET STRING but could be anything */
/* Usually OCTET STRING but could be anything */
ASN1_TYPE *salt;
ASN1_INTEGER *iter;
ASN1_INTEGER *keylength;
X509_ALGOR *prf;
} PBKDF2PARAM;
/* PKCS#8 private key info structure */
struct pkcs8_priv_key_info_st
{
int broken; /* Flag for various broken formats */
struct pkcs8_priv_key_info_st {
/* Flag for various broken formats */
int broken;
# define PKCS8_OK 0
# define PKCS8_NO_OCTET 1
# define PKCS8_EMBEDDED_PARAM 2
@@ -589,7 +569,8 @@ struct pkcs8_priv_key_info_st
# define PKCS8_NEG_PRIVKEY 4
ASN1_INTEGER *version;
X509_ALGOR *pkeyalg;
ASN1_TYPE *pkey; /* Should be OCTET STRING but some are broken */
/* Should be OCTET STRING but some are broken */
ASN1_TYPE *pkey;
STACK_OF(X509_ATTRIBUTE) *attributes;
};
@@ -625,22 +606,25 @@ extern "C" {
# define X509_CRL_get_REVOKED(x) ((x)->crl->revoked)
void X509_CRL_set_default_method(const X509_CRL_METHOD *meth);
X509_CRL_METHOD *X509_CRL_METHOD_new(
int (*crl_init)(X509_CRL *crl),
X509_CRL_METHOD *X509_CRL_METHOD_new(int (*crl_init) (X509_CRL *crl),
int (*crl_free) (X509_CRL *crl),
int (*crl_lookup)(X509_CRL *crl, X509_REVOKED **ret,
ASN1_INTEGER *ser, X509_NAME *issuer),
int (*crl_verify)(X509_CRL *crl, EVP_PKEY *pk));
int (*crl_lookup) (X509_CRL *crl,
X509_REVOKED **ret,
ASN1_INTEGER *ser,
X509_NAME *issuer),
int (*crl_verify) (X509_CRL *crl,
EVP_PKEY *pk));
void X509_CRL_METHOD_free(X509_CRL_METHOD *m);
void X509_CRL_set_meth_data(X509_CRL *crl, void *dat);
void *X509_CRL_get_meth_data(X509_CRL *crl);
/* This one is only used so that a binary form can output, as in
* i2d_X509_NAME(X509_get_X509_PUBKEY(x),&buf) */
/*
* This one is only used so that a binary form can output, as in
* i2d_X509_NAME(X509_get_X509_PUBKEY(x),&buf)
*/
# define X509_get_X509_PUBKEY(x) ((x)->cert_info->key)
const char *X509_verify_cert_error_string(long n);
# ifndef OPENSSL_NO_EVP
@@ -662,10 +646,12 @@ int X509_signature_print(BIO *bp,X509_ALGOR *alg, ASN1_STRING *sig);
int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx);
int X509_http_nbio(OCSP_REQ_CTX *rctx, X509 **pcert);
int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md);
int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx);
int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md);
int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx);
int X509_CRL_http_nbio(OCSP_REQ_CTX *rctx, X509_CRL **pcrl);
int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md);
int X509_pubkey_digest(const X509 *data, const EVP_MD *type,
@@ -762,12 +748,15 @@ X509 *X509_dup(X509 *x509);
X509_ATTRIBUTE *X509_ATTRIBUTE_dup(X509_ATTRIBUTE *xa);
X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex);
X509_CRL *X509_CRL_dup(X509_CRL *crl);
X509_REVOKED *X509_REVOKED_dup(X509_REVOKED *rev);
X509_REQ *X509_REQ_dup(X509_REQ *req);
X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn);
int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval);
int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype,
void *pval);
void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval,
X509_ALGOR *algor);
void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md);
int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b);
X509_NAME *X509_NAME_dup(X509_NAME *xn);
X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne);
@@ -797,25 +786,20 @@ DECLARE_ASN1_FUNCTIONS(X509_PUBKEY)
int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key);
int X509_get_pubkey_parameters(EVP_PKEY *pkey,
STACK_OF(X509) *chain);
int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain);
int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp);
EVP_PKEY * d2i_PUBKEY(EVP_PKEY **a,const unsigned char **pp,
long length);
EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length);
# ifndef OPENSSL_NO_RSA
int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp);
RSA * d2i_RSA_PUBKEY(RSA **a,const unsigned char **pp,
long length);
RSA *d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length);
# endif
# ifndef OPENSSL_NO_DSA
int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp);
DSA * d2i_DSA_PUBKEY(DSA **a,const unsigned char **pp,
long length);
DSA *d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length);
# endif
# ifndef OPENSSL_NO_EC
int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp);
EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp,
long length);
EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length);
# endif
DECLARE_ASN1_FUNCTIONS(X509_SIG)
@@ -848,11 +832,18 @@ void *X509_get_ex_data(X509 *r, int idx);
int i2d_X509_AUX(X509 *a, unsigned char **pp);
X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length);
int i2d_re_X509_tbs(X509 *x, unsigned char **pp);
void X509_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg,
const X509 *x);
int X509_get_signature_nid(const X509 *x);
int X509_alias_set1(X509 *x, unsigned char *name, int len);
int X509_keyid_set1(X509 *x, unsigned char *id, int len);
unsigned char *X509_alias_get0(X509 *x, int *len);
unsigned char *X509_keyid_get0(X509 *x, int *len);
int (*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int);
int (*X509_TRUST_set_default(int (*trust) (int, X509 *, int))) (int, X509 *,
int);
int X509_TRUST_set(int *t, int trust);
int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj);
int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj);
@@ -871,7 +862,8 @@ int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x);
X509_PKEY *X509_PKEY_new(void);
void X509_PKEY_free(X509_PKEY *a);
int i2d_X509_PKEY(X509_PKEY *a, unsigned char **pp);
X509_PKEY * d2i_X509_PKEY(X509_PKEY **a,const unsigned char **pp,long length);
X509_PKEY *d2i_X509_PKEY(X509_PKEY **a, const unsigned char **pp,
long length);
DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKI)
DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKAC)
@@ -898,12 +890,12 @@ int ASN1_item_digest(const ASN1_ITEM *it,const EVP_MD *type,void *data,
int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *algor1,
ASN1_BIT_STRING *signature, void *data, EVP_PKEY *pkey);
int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
ASN1_BIT_STRING *signature,
void *data, EVP_PKEY *pkey, const EVP_MD *type);
int ASN1_item_sign_ctx(const ASN1_ITEM *it,
X509_ALGOR *algor1, X509_ALGOR *algor2,
ASN1_BIT_STRING *signature, void *asn, EVP_MD_CTX *ctx);
int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1,
X509_ALGOR *algor2, ASN1_BIT_STRING *signature, void *data,
EVP_PKEY *pkey, const EVP_MD *type);
int ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1,
X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
void *asn, EVP_MD_CTX *ctx);
# endif
int X509_set_version(X509 *x, long version);
@@ -932,8 +924,7 @@ int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts,
int nid);
int X509_REQ_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts);
int X509_REQ_get_attr_count(const X509_REQ *req);
int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid,
int lastpos);
int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid, int lastpos);
int X509_REQ_get_attr_by_OBJ(const X509_REQ *req, ASN1_OBJECT *obj,
int lastpos);
X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc);
@@ -958,9 +949,17 @@ int X509_CRL_sort(X509_CRL *crl);
int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial);
int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm);
X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer,
EVP_PKEY *skey, const EVP_MD *md, unsigned int flags);
int X509_REQ_check_private_key(X509_REQ *x509, EVP_PKEY *pkey);
int X509_check_private_key(X509 *x509, EVP_PKEY *pkey);
int X509_chain_check_suiteb(int *perror_depth,
X509 *x, STACK_OF(X509) *chain,
unsigned long flags);
int X509_CRL_check_suiteb(X509_CRL *crl, EVP_PKEY *pk, unsigned long flags);
STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain);
int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b);
unsigned long X509_issuer_and_serial_hash(X509 *a);
@@ -984,33 +983,39 @@ unsigned long X509_NAME_hash_old(X509_NAME *x);
int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b);
int X509_CRL_match(const X509_CRL *a, const X509_CRL *b);
# ifndef OPENSSL_NO_FP_API
int X509_print_ex_fp(FILE *bp,X509 *x, unsigned long nmflag, unsigned long cflag);
int X509_print_ex_fp(FILE *bp, X509 *x, unsigned long nmflag,
unsigned long cflag);
int X509_print_fp(FILE *bp, X509 *x);
int X509_CRL_print_fp(FILE *bp, X509_CRL *x);
int X509_REQ_print_fp(FILE *bp, X509_REQ *req);
int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags);
int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent,
unsigned long flags);
# endif
# ifndef OPENSSL_NO_BIO
int X509_NAME_print(BIO *bp, X509_NAME *name, int obase);
int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags);
int X509_print_ex(BIO *bp,X509 *x, unsigned long nmflag, unsigned long cflag);
int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent,
unsigned long flags);
int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflag,
unsigned long cflag);
int X509_print(BIO *bp, X509 *x);
int X509_ocspid_print(BIO *bp, X509 *x);
int X509_CERT_AUX_print(BIO *bp, X509_CERT_AUX *x, int indent);
int X509_CRL_print(BIO *bp, X509_CRL *x);
int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflag, unsigned long cflag);
int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflag,
unsigned long cflag);
int X509_REQ_print(BIO *bp, X509_REQ *req);
# endif
int X509_NAME_entry_count(X509_NAME *name);
int X509_NAME_get_text_by_NID(X509_NAME *name, int nid,
char *buf,int len);
int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf, int len);
int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj,
char *buf, int len);
/* NOTE: you should be passsing -1, not 0 as lastpos. The functions that use
* lastpos, search after that position on. */
/*
* NOTE: you should be passsing -1, not 0 as lastpos. The functions that use
* lastpos, search after that position on.
*/
int X509_NAME_get_index_by_NID(X509_NAME *name, int nid, int lastpos);
int X509_NAME_get_index_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj,
int lastpos);
@@ -1019,20 +1024,26 @@ X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc);
int X509_NAME_add_entry(X509_NAME *name, X509_NAME_ENTRY *ne,
int loc, int set);
int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type,
unsigned char *bytes, int len, int loc, int set);
unsigned char *bytes, int len, int loc,
int set);
int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type,
unsigned char *bytes, int len, int loc, int set);
unsigned char *bytes, int len, int loc,
int set);
X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne,
const char *field, int type, const unsigned char *bytes, int len);
X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
int type,unsigned char *bytes, int len);
int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type,
const unsigned char *bytes, int len, int loc, int set);
X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
ASN1_OBJECT *obj, int type,const unsigned char *bytes,
const char *field, int type,
const unsigned char *bytes,
int len);
int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne,
ASN1_OBJECT *obj);
X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
int type, unsigned char *bytes,
int len);
int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type,
const unsigned char *bytes, int len, int loc,
int set);
X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
ASN1_OBJECT *obj, int type,
const unsigned char *bytes,
int len);
int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj);
int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
const unsigned char *bytes, int len);
ASN1_OBJECT *X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne);
@@ -1074,7 +1085,8 @@ int X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value, int crit,
int X509_REVOKED_get_ext_count(X509_REVOKED *x);
int X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, int lastpos);
int X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x,ASN1_OBJECT *obj,int lastpos);
int X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x, ASN1_OBJECT *obj,
int lastpos);
int X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, int lastpos);
X509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *x, int loc);
X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
@@ -1084,13 +1096,14 @@ int X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid, void *value, int crit,
unsigned long flags);
X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex,
int nid, int crit, ASN1_OCTET_STRING *data);
int nid, int crit,
ASN1_OCTET_STRING *data);
X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex,
ASN1_OBJECT *obj,int crit,ASN1_OCTET_STRING *data);
ASN1_OBJECT *obj, int crit,
ASN1_OCTET_STRING *data);
int X509_EXTENSION_set_object(X509_EXTENSION *ex, ASN1_OBJECT *obj);
int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit);
int X509_EXTENSION_set_data(X509_EXTENSION *ex,
ASN1_OCTET_STRING *data);
int X509_EXTENSION_set_data(X509_EXTENSION *ex, ASN1_OCTET_STRING *data);
ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex);
ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);
int X509_EXTENSION_get_critical(X509_EXTENSION *ex);
@@ -1098,40 +1111,50 @@ int X509_EXTENSION_get_critical(X509_EXTENSION *ex);
int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x);
int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid,
int lastpos);
int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, ASN1_OBJECT *obj,
int lastpos);
int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk,
ASN1_OBJECT *obj, int lastpos);
X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc);
X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc);
STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
X509_ATTRIBUTE *attr);
STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x,
const ASN1_OBJECT *obj, int type,
const unsigned char *bytes, int len);
STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x,
int nid, int type,
const unsigned char *bytes, int len);
STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x,
const char *attrname, int type,
const unsigned char *bytes, int len);
void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x,
ASN1_OBJECT *obj, int lastpos, int type);
STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE)
**x, const ASN1_OBJECT *obj,
int type,
const unsigned char *bytes,
int len);
STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE)
**x, int nid, int type,
const unsigned char *bytes,
int len);
STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE)
**x, const char *attrname,
int type,
const unsigned char *bytes,
int len);
void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x, ASN1_OBJECT *obj,
int lastpos, int type);
X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
int atrtype, const void *data, int len);
int atrtype, const void *data,
int len);
X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
const ASN1_OBJECT *obj, int atrtype, const void *data, int len);
const ASN1_OBJECT *obj,
int atrtype, const void *data,
int len);
X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr,
const char *atrname, int type, const unsigned char *bytes, int len);
const char *atrname, int type,
const unsigned char *bytes,
int len);
int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj);
int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *data, int len);
void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx,
int atrtype, void *data);
int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype,
const void *data, int len);
void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx, int atrtype,
void *data);
int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr);
ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr);
ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx);
int EVP_PKEY_get_attr_count(const EVP_PKEY *key);
int EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid,
int lastpos);
int EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid, int lastpos);
int EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, ASN1_OBJECT *obj,
int lastpos);
X509_ATTRIBUTE *EVP_PKEY_get_attr(const EVP_PKEY *key, int loc);
@@ -1186,16 +1209,14 @@ int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj,
unsigned char *penc, int penclen);
int PKCS8_pkey_get0(ASN1_OBJECT **ppkalg,
const unsigned char **pk, int *ppklen,
X509_ALGOR **pa,
PKCS8_PRIV_KEY_INFO *p8);
X509_ALGOR **pa, PKCS8_PRIV_KEY_INFO *p8);
int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
int ptype, void *pval,
unsigned char *penc, int penclen);
int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
const unsigned char **pk, int *ppklen,
X509_ALGOR **pa,
X509_PUBKEY *pub);
X509_ALGOR **pa, X509_PUBKEY *pub);
int X509_check_trust(X509 *x, int id, int flags);
int X509_TRUST_get_count(void);
@@ -1209,9 +1230,11 @@ char *X509_TRUST_get0_name(X509_TRUST *xp);
int X509_TRUST_get_trust(X509_TRUST *xp);
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_X509_strings(void);
/* Error codes for the X509 functions. */
@@ -1219,6 +1242,7 @@ void ERR_load_X509_strings(void);
/* Function codes. */
# define X509_F_ADD_CERT_DIR 100
# define X509_F_BY_FILE_CTRL 101
# define X509_F_CHECK_NAME_CONSTRAINTS 106
# define X509_F_CHECK_POLICY 145
# define X509_F_DIR_CTRL 102
# define X509_F_GET_CERT_BY_SUBJECT 103
@@ -1232,6 +1256,7 @@ void ERR_load_X509_strings(void);
# define X509_F_X509_ATTRIBUTE_GET0_DATA 139
# define X509_F_X509_ATTRIBUTE_SET1_DATA 138
# define X509_F_X509_CHECK_PRIVATE_KEY 128
# define X509_F_X509_CRL_DIFF 105
# define X509_F_X509_CRL_PRINT_FP 147
# define X509_F_X509_EXTENSION_CREATE_BY_NID 108
# define X509_F_X509_EXTENSION_CREATE_BY_OBJ 109
@@ -1264,20 +1289,28 @@ void ERR_load_X509_strings(void);
# define X509_F_X509_VERIFY_CERT 127
/* Reason codes. */
# define X509_R_AKID_MISMATCH 110
# define X509_R_BAD_X509_FILETYPE 100
# define X509_R_BASE64_DECODE_ERROR 118
# define X509_R_CANT_CHECK_DH_KEY 114
# define X509_R_CERT_ALREADY_IN_HASH_TABLE 101
# define X509_R_CRL_ALREADY_DELTA 127
# define X509_R_CRL_VERIFY_FAILURE 131
# define X509_R_ERR_ASN1_LIB 102
# define X509_R_IDP_MISMATCH 128
# define X509_R_INVALID_DIRECTORY 113
# define X509_R_INVALID_FIELD_NAME 119
# define X509_R_INVALID_TRUST 123
# define X509_R_ISSUER_MISMATCH 129
# define X509_R_KEY_TYPE_MISMATCH 115
# define X509_R_KEY_VALUES_MISMATCH 116
# define X509_R_LOADING_CERT_DIR 103
# define X509_R_LOADING_DEFAULTS 104
# define X509_R_METHOD_NOT_SUPPORTED 124
# define X509_R_NAME_TOO_LONG 134
# define X509_R_NEWER_CRL_NOT_NEWER 132
# define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105
# define X509_R_NO_CRL_NUMBER 130
# define X509_R_PUBLIC_KEY_DECODE_ERROR 125
# define X509_R_PUBLIC_KEY_ENCODE_ERROR 126
# define X509_R_SHOULD_RETRY 106

281
libs/openssl/include/openssl/x509_vfy.h
View File

@@ -58,8 +58,10 @@
#ifndef HEADER_X509_H
# include <openssl/x509.h>
/* openssl/x509.h ends up #include-ing this file at about the only
* appropriate moment. */
/*
* openssl/x509.h ends up #include-ing this file at about the only
* appropriate moment.
*/
#endif
#ifndef HEADER_X509_VFY_H
@@ -79,8 +81,7 @@ extern "C" {
# if 0
/* Outer object */
typedef struct x509_hash_dir_st
{
typedef struct x509_hash_dir_st {
int num_dirs;
char **dirs;
int *dirs_type;
@@ -88,8 +89,7 @@ typedef struct x509_hash_dir_st
} X509_HASH_DIR_CTX;
# endif
typedef struct x509_file_st
{
typedef struct x509_file_st {
int num_paths; /* number of paths to files or directories */
int num_alloced;
char **paths; /* the list of paths or directories */
@@ -97,7 +97,7 @@ typedef struct x509_file_st
} X509_CERT_FILE_CTX;
/*******************************/
/*
/*-
SSL_CTX -> X509_STORE
-> X509_LOOKUP
->X509_LOOKUP_METHOD
@@ -120,8 +120,7 @@ certificate chain.
# define X509_LU_CRL 2
# define X509_LU_PKEY 3
typedef struct x509_object_st
{
typedef struct x509_object_st {
/* one of the above types */
int type;
union {
@@ -138,8 +137,7 @@ DECLARE_STACK_OF(X509_LOOKUP)
DECLARE_STACK_OF(X509_OBJECT)
/* This is a static that defines the function interface */
typedef struct x509_lookup_method_st
{
typedef struct x509_lookup_method_st {
const char *name;
int (*new_item) (X509_LOOKUP *ctx);
void (*free) (X509_LOOKUP *ctx);
@@ -158,13 +156,15 @@ typedef struct x509_lookup_method_st
X509_OBJECT *ret);
} X509_LOOKUP_METHOD;
/* This structure hold all parameters associated with a verify operation
* by including an X509_VERIFY_PARAM structure in related structures the
typedef struct X509_VERIFY_PARAM_ID_st X509_VERIFY_PARAM_ID;
/*
* This structure hold all parameters associated with a verify operation by
* including an X509_VERIFY_PARAM structure in related structures the
* parameters used can be customized
*/
typedef struct X509_VERIFY_PARAM_st
{
typedef struct X509_VERIFY_PARAM_st {
char *name;
time_t check_time; /* Time to use */
unsigned long inh_flags; /* Inheritance flags */
@@ -173,37 +173,43 @@ typedef struct X509_VERIFY_PARAM_st
int trust; /* trust setting to check */
int depth; /* Verify depth */
STACK_OF(ASN1_OBJECT) *policies; /* Permissible policies */
X509_VERIFY_PARAM_ID *id; /* opaque ID data */
} X509_VERIFY_PARAM;
DECLARE_STACK_OF(X509_VERIFY_PARAM)
/* This is used to hold everything. It is used for all certificate
* validation. Once we have a certificate chain, the 'verify'
* function is then called to actually check the cert chain. */
struct x509_store_st
{
/*
* This is used to hold everything. It is used for all certificate
* validation. Once we have a certificate chain, the 'verify' function is
* then called to actually check the cert chain.
*/
struct x509_store_st {
/* The following is a cache of trusted certs */
int cache; /* if true, stash any hits */
STACK_OF(X509_OBJECT) *objs; /* Cache of all objects */
/* These are external lookup methods */
STACK_OF(X509_LOOKUP) *get_cert_methods;
X509_VERIFY_PARAM *param;
/* Callbacks for various operations */
int (*verify)(X509_STORE_CTX *ctx); /* called to verify a certificate */
int (*verify_cb)(int ok,X509_STORE_CTX *ctx); /* error callback */
int (*get_issuer)(X509 **issuer, X509_STORE_CTX *ctx, X509 *x); /* get issuers cert from ctx */
int (*check_issued)(X509_STORE_CTX *ctx, X509 *x, X509 *issuer); /* check issued */
int (*check_revocation)(X509_STORE_CTX *ctx); /* Check revocation status of chain */
int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x); /* retrieve CRL */
int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */
int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */
/* called to verify a certificate */
int (*verify) (X509_STORE_CTX *ctx);
/* error callback */
int (*verify_cb) (int ok, X509_STORE_CTX *ctx);
/* get issuers cert from ctx */
int (*get_issuer) (X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
/* check issued */
int (*check_issued) (X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
/* Check revocation status of chain */
int (*check_revocation) (X509_STORE_CTX *ctx);
/* retrieve CRL */
int (*get_crl) (X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x);
/* Check CRL validity */
int (*check_crl) (X509_STORE_CTX *ctx, X509_CRL *crl);
/* Check certificate against CRL */
int (*cert_crl) (X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x);
STACK_OF(X509) *(*lookup_certs) (X509_STORE_CTX *ctx, X509_NAME *nm);
STACK_OF(X509_CRL) *(*lookup_crls) (X509_STORE_CTX *ctx, X509_NAME *nm);
int (*cleanup) (X509_STORE_CTX *ctx);
CRYPTO_EX_DATA ex_data;
int references;
} /* X509_STORE */ ;
@@ -214,66 +220,79 @@ int X509_STORE_set_depth(X509_STORE *store, int depth);
# define X509_STORE_set_verify_func(ctx,func) ((ctx)->verify=(func))
/* This is the functions plus an instance of the local variables. */
struct x509_lookup_st
{
struct x509_lookup_st {
int init; /* have we been started */
int skip; /* don't use us. */
X509_LOOKUP_METHOD *method; /* the functions */
char *method_data; /* method data */
X509_STORE *store_ctx; /* who owns us */
} /* X509_LOOKUP */ ;
/* This is a used when verifying cert chains. Since the
* gathering of the cert chain can take some time (and have to be
* 'retried', this needs to be kept and passed around. */
struct x509_store_ctx_st /* X509_STORE_CTX */
{
/*
* This is a used when verifying cert chains. Since the gathering of the
* cert chain can take some time (and have to be 'retried', this needs to be
* kept and passed around.
*/
struct x509_store_ctx_st { /* X509_STORE_CTX */
X509_STORE *ctx;
int current_method; /* used when looking up certs */
/* used when looking up certs */
int current_method;
/* The following are set by the caller */
X509 *cert; /* The cert to check */
STACK_OF(X509) *untrusted; /* chain of X509s - untrusted - passed in */
STACK_OF(X509_CRL) *crls; /* set of CRLs passed in */
/* The cert to check */
X509 *cert;
/* chain of X509s - untrusted - passed in */
STACK_OF(X509) *untrusted;
/* set of CRLs passed in */
STACK_OF(X509_CRL) *crls;
X509_VERIFY_PARAM *param;
void *other_ctx; /* Other info for use with get_issuer() */
/* Other info for use with get_issuer() */
void *other_ctx;
/* Callbacks for various operations */
int (*verify)(X509_STORE_CTX *ctx); /* called to verify a certificate */
int (*verify_cb)(int ok,X509_STORE_CTX *ctx); /* error callback */
int (*get_issuer)(X509 **issuer, X509_STORE_CTX *ctx, X509 *x); /* get issuers cert from ctx */
int (*check_issued)(X509_STORE_CTX *ctx, X509 *x, X509 *issuer); /* check issued */
int (*check_revocation)(X509_STORE_CTX *ctx); /* Check revocation status of chain */
int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x); /* retrieve CRL */
int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */
int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */
/* called to verify a certificate */
int (*verify) (X509_STORE_CTX *ctx);
/* error callback */
int (*verify_cb) (int ok, X509_STORE_CTX *ctx);
/* get issuers cert from ctx */
int (*get_issuer) (X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
/* check issued */
int (*check_issued) (X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
/* Check revocation status of chain */
int (*check_revocation) (X509_STORE_CTX *ctx);
/* retrieve CRL */
int (*get_crl) (X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x);
/* Check CRL validity */
int (*check_crl) (X509_STORE_CTX *ctx, X509_CRL *crl);
/* Check certificate against CRL */
int (*cert_crl) (X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x);
int (*check_policy) (X509_STORE_CTX *ctx);
STACK_OF(X509) *(*lookup_certs) (X509_STORE_CTX *ctx, X509_NAME *nm);
STACK_OF(X509_CRL) *(*lookup_crls) (X509_STORE_CTX *ctx, X509_NAME *nm);
int (*cleanup) (X509_STORE_CTX *ctx);
/* The following is built up */
int valid; /* if 0, rebuild chain */
int last_untrusted; /* index of last untrusted cert */
STACK_OF(X509) *chain; /* chain of X509s - built up and trusted */
X509_POLICY_TREE *tree; /* Valid policy tree */
int explicit_policy; /* Require explicit policy value */
/* if 0, rebuild chain */
int valid;
/* index of last untrusted cert */
int last_untrusted;
/* chain of X509s - built up and trusted */
STACK_OF(X509) *chain;
/* Valid policy tree */
X509_POLICY_TREE *tree;
/* Require explicit policy value */
int explicit_policy;
/* When something goes wrong, this is why */
int error_depth;
int error;
X509 *current_cert;
X509 *current_issuer; /* cert currently being tested as valid issuer */
X509_CRL *current_crl; /* current CRL */
int current_crl_score; /* score of current CRL */
unsigned int current_reasons; /* Reason mask */
X509_STORE_CTX *parent; /* For CRL path validation: parent context */
/* cert currently being tested as valid issuer */
X509 *current_issuer;
/* current CRL */
X509_CRL *current_crl;
/* score of current CRL */
int current_crl_score;
/* Reason mask */
unsigned int current_reasons;
/* For CRL path validation: parent context */
X509_STORE_CTX *parent;
CRYPTO_EX_DATA ex_data;
} /* X509_STORE_CTX */ ;
@@ -294,7 +313,7 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(long)(type),NULL)
# define X509_V_OK 0
/* illegal error (for uninitialized values, to avoid X509_V_OK): 1 */
# define X509_V_ERR_UNSPECIFIED 1
# define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT 2
# define X509_V_ERR_UNABLE_TO_GET_CRL 3
@@ -349,13 +368,31 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
# define X509_V_ERR_PERMITTED_VIOLATION 47
# define X509_V_ERR_EXCLUDED_VIOLATION 48
# define X509_V_ERR_SUBTREE_MINMAX 49
# define X509_V_ERR_APPLICATION_VERIFICATION 50
# define X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE 51
# define X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX 52
# define X509_V_ERR_UNSUPPORTED_NAME_SYNTAX 53
# define X509_V_ERR_CRL_PATH_VALIDATION_ERROR 54
/* The application is not happy */
#define X509_V_ERR_APPLICATION_VERIFICATION 50
/* Suite B mode algorithm violation */
# define X509_V_ERR_SUITE_B_INVALID_VERSION 56
# define X509_V_ERR_SUITE_B_INVALID_ALGORITHM 57
# define X509_V_ERR_SUITE_B_INVALID_CURVE 58
# define X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM 59
# define X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED 60
# define X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 61
/* Host, email and IP check errors */
# define X509_V_ERR_HOSTNAME_MISMATCH 62
# define X509_V_ERR_EMAIL_MISMATCH 63
# define X509_V_ERR_IP_ADDRESS_MISMATCH 64
/* Caller error */
# define X509_V_ERR_INVALID_CALL 65
/* Issuer lookup error */
# define X509_V_ERR_STORE_LOOKUP 66
# define X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION 67
/* Certificate verify flags */
@@ -389,7 +426,23 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
# define X509_V_FLAG_USE_DELTAS 0x2000
/* Check selfsigned CA signature */
# define X509_V_FLAG_CHECK_SS_SIGNATURE 0x4000
/* Use trusted store first */
# define X509_V_FLAG_TRUSTED_FIRST 0x8000
/* Suite B 128 bit only mode: not normally used */
# define X509_V_FLAG_SUITEB_128_LOS_ONLY 0x10000
/* Suite B 192 bit only mode */
# define X509_V_FLAG_SUITEB_192_LOS 0x20000
/* Suite B 128 bit mode allowing 192 bit algorithms */
# define X509_V_FLAG_SUITEB_128_LOS 0x30000
/* Allow partial chains if at least one certificate is in trusted store */
# define X509_V_FLAG_PARTIAL_CHAIN 0x80000
/*
* If the initial chain is not trusted, do not attempt to build an alternative
* chain. Alternate chain checking was introduced in 1.0.2b. Setting this flag
* will force the behaviour to match that of previous versions.
*/
# define X509_V_FLAG_NO_ALT_CHAINS 0x100000
# define X509_VP_FLAG_DEFAULT 0x1
# define X509_VP_FLAG_OVERWRITE 0x2
@@ -405,8 +458,10 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type,
X509_NAME *name);
X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h,int type,X509_NAME *name);
X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h, X509_OBJECT *x);
X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h,
int type, X509_NAME *name);
X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h,
X509_OBJECT *x);
void X509_OBJECT_up_ref_count(X509_OBJECT *a);
void X509_OBJECT_free_contents(X509_OBJECT *a);
X509_STORE *X509_STORE_new(void);
@@ -422,6 +477,11 @@ int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *pm);
void X509_STORE_set_verify_cb(X509_STORE *ctx,
int (*verify_cb) (int, X509_STORE_CTX *));
void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
STACK_OF(X509_CRL) *(*cb) (X509_STORE_CTX
*ctx,
X509_NAME *nm));
X509_STORE_CTX *X509_STORE_CTX_new(void);
int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
@@ -432,6 +492,8 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
X509_STORE *X509_STORE_CTX_get0_store(X509_STORE_CTX *ctx);
X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m);
X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void);
@@ -452,7 +514,6 @@ int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type);
int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type);
# endif
X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method);
void X509_LOOKUP_free(X509_LOOKUP *ctx);
int X509_LOOKUP_init(X509_LOOKUP *ctx);
@@ -461,9 +522,10 @@ int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name,
int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name,
ASN1_INTEGER *serial, X509_OBJECT *ret);
int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type,
unsigned char *bytes, int len, X509_OBJECT *ret);
int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str,
int len, X509_OBJECT *ret);
unsigned char *bytes, int len,
X509_OBJECT *ret);
int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str, int len,
X509_OBJECT *ret);
int X509_LOOKUP_shutdown(X509_LOOKUP *ctx);
# ifndef OPENSSL_NO_STDIO
@@ -472,8 +534,10 @@ int X509_STORE_load_locations (X509_STORE *ctx,
int X509_STORE_set_default_paths(X509_STORE *ctx);
# endif
int X509_STORE_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
int X509_STORE_CTX_get_ex_new_index(long argl, void *argp,
CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func,
CRYPTO_EX_free *free_func);
int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data);
void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx);
int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
@@ -514,7 +578,8 @@ int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *to,
int X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to,
const X509_VERIFY_PARAM *from);
int X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM *param, const char *name);
int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param, unsigned long flags);
int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
unsigned long flags);
int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
unsigned long flags);
unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
@@ -526,42 +591,62 @@ int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
ASN1_OBJECT *policy);
int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
STACK_OF(ASN1_OBJECT) *policies);
int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
const char *name, size_t namelen);
int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
const char *name, size_t namelen);
void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
unsigned int flags);
char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *);
int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
const char *email, size_t emaillen);
int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
const unsigned char *ip, size_t iplen);
int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param,
const char *ipasc);
int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
const char *X509_VERIFY_PARAM_get0_name(const X509_VERIFY_PARAM *param);
int X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM *param);
int X509_VERIFY_PARAM_get_count(void);
const X509_VERIFY_PARAM *X509_VERIFY_PARAM_get0(int id);
const X509_VERIFY_PARAM *X509_VERIFY_PARAM_lookup(const char *name);
void X509_VERIFY_PARAM_table_cleanup(void);
int X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy,
STACK_OF(X509) *certs,
STACK_OF(ASN1_OBJECT) *policy_oids,
unsigned int flags);
STACK_OF(ASN1_OBJECT) *policy_oids, unsigned int flags);
void X509_policy_tree_free(X509_POLICY_TREE *tree);
int X509_policy_tree_level_count(const X509_POLICY_TREE *tree);
X509_POLICY_LEVEL *
X509_policy_tree_get0_level(const X509_POLICY_TREE *tree, int i);
X509_POLICY_LEVEL *X509_policy_tree_get0_level(const X509_POLICY_TREE *tree,
int i);
STACK_OF(X509_POLICY_NODE) *
X509_policy_tree_get0_policies(const X509_POLICY_TREE *tree);
STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_policies(const
X509_POLICY_TREE
*tree);
STACK_OF(X509_POLICY_NODE) *
X509_policy_tree_get0_user_policies(const X509_POLICY_TREE *tree);
STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_user_policies(const
X509_POLICY_TREE
*tree);
int X509_policy_level_node_count(X509_POLICY_LEVEL *level);
X509_POLICY_NODE *X509_policy_level_get0_node(X509_POLICY_LEVEL *level, int i);
X509_POLICY_NODE *X509_policy_level_get0_node(X509_POLICY_LEVEL *level,
int i);
const ASN1_OBJECT *X509_policy_node_get0_policy(const X509_POLICY_NODE *node);
STACK_OF(POLICYQUALINFO) *
X509_policy_node_get0_qualifiers(const X509_POLICY_NODE *node);
const X509_POLICY_NODE *
X509_policy_node_get0_parent(const X509_POLICY_NODE *node);
STACK_OF(POLICYQUALINFO) *X509_policy_node_get0_qualifiers(const
X509_POLICY_NODE
*node);
const X509_POLICY_NODE *X509_policy_node_get0_parent(const X509_POLICY_NODE
*node);
#ifdef __cplusplus
}
#endif
#endif

162
libs/openssl/include/openssl/x509v3.h
View File

@@ -1,6 +1,7 @@
/* x509v3.h */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
* 1999.
*/
/* ====================================================================
* Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved.
@@ -66,6 +67,13 @@
extern "C" {
#endif
# ifdef OPENSSL_SYS_WIN32
/* Under Win32 these are defined in wincrypt.h */
# undef X509_NAME
# undef X509_CERT_PAIR
# undef X509_EXTENSIONS
# endif
/* Forward reference */
struct v3_ext_method;
struct v3_ext_ctx;
@@ -82,7 +90,8 @@ typedef STACK_OF(CONF_VALUE) *
typedef void *(*X509V3_EXT_V2I)(const struct v3_ext_method *method,
struct v3_ext_ctx *ctx,
STACK_OF(CONF_VALUE) *values);
typedef char * (*X509V3_EXT_I2S)(const struct v3_ext_method *method, void *ext);
typedef char *(*X509V3_EXT_I2S)(const struct v3_ext_method *method,
void *ext);
typedef void *(*X509V3_EXT_S2I)(const struct v3_ext_method *method,
struct v3_ext_ctx *ctx, const char *str);
typedef int (*X509V3_EXT_I2R) (const struct v3_ext_method *method, void *ext,
@@ -102,19 +111,15 @@ X509V3_EXT_NEW ext_new;
X509V3_EXT_FREE ext_free;
X509V3_EXT_D2I d2i;
X509V3_EXT_I2D i2d;
/* The following pair is used for string extensions */
X509V3_EXT_I2S i2s;
X509V3_EXT_S2I s2i;
/* The following pair is used for multi-valued extensions */
X509V3_EXT_I2V i2v;
X509V3_EXT_V2I v2i;
/* The following are used for raw extensions */
X509V3_EXT_I2R i2r;
X509V3_EXT_R2I r2i;
void *usr_data; /* Any extension specific data */
};
@@ -154,7 +159,6 @@ int ca;
ASN1_INTEGER *pathlen;
} BASIC_CONSTRAINTS;
typedef struct PKEY_USAGE_PERIOD_st {
ASN1_GENERALIZEDTIME *notBefore;
ASN1_GENERALIZEDTIME *notAfter;
@@ -171,7 +175,6 @@ typedef struct EDIPartyName_st {
} EDIPARTYNAME;
typedef struct GENERAL_NAME_st {
# define GEN_OTHERNAME 0
# define GEN_EMAIL 1
# define GEN_DNS 2
@@ -181,7 +184,6 @@ typedef struct GENERAL_NAME_st {
# define GEN_URI 6
# define GEN_IPADD 7
# define GEN_RID 8
int type;
union {
char *ptr;
@@ -194,11 +196,11 @@ union {
ASN1_IA5STRING *uniformResourceIdentifier;
ASN1_OCTET_STRING *iPAddress;
ASN1_OBJECT *registeredID;
/* Old names */
ASN1_OCTET_STRING *ip; /* iPAddress */
X509_NAME *dirn; /* dirn */
ASN1_IA5STRING *ia5;/* rfc822Name, dNSName, uniformResourceIdentifier */
ASN1_IA5STRING *ia5; /* rfc822Name, dNSName,
* uniformResourceIdentifier */
ASN1_OBJECT *rid; /* registeredID */
ASN1_TYPE *other; /* x400Address */
} d;
@@ -338,14 +340,12 @@ typedef struct POLICY_CONSTRAINTS_st {
} POLICY_CONSTRAINTS;
/* Proxy certificate structures, see RFC 3820 */
typedef struct PROXY_POLICY_st
{
typedef struct PROXY_POLICY_st {
ASN1_OBJECT *policyLanguage;
ASN1_OCTET_STRING *policy;
} PROXY_POLICY;
typedef struct PROXY_CERT_INFO_EXTENSION_st
{
typedef struct PROXY_CERT_INFO_EXTENSION_st {
ASN1_INTEGER *pcPathLengthConstraint;
PROXY_POLICY *proxyPolicy;
} PROXY_CERT_INFO_EXTENSION;
@@ -353,8 +353,7 @@ typedef struct PROXY_CERT_INFO_EXTENSION_st
DECLARE_ASN1_FUNCTIONS(PROXY_POLICY)
DECLARE_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION)
struct ISSUING_DIST_POINT_st
{
struct ISSUING_DIST_POINT_st {
DIST_POINT_NAME *distpoint;
int onlyuser;
int onlyCA;
@@ -403,7 +402,6 @@ struct ISSUING_DIST_POINT_st
# define EXT_END { -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}
/* X509_PURPOSE stuff */
# define EXFLAG_BCONS 0x1
@@ -414,7 +412,6 @@ struct ISSUING_DIST_POINT_st
# define EXFLAG_CA 0x10
/* Really self issued not necessarily self signed */
# define EXFLAG_SI 0x20
#define EXFLAG_SS 0x20
# define EXFLAG_V1 0x40
# define EXFLAG_INVALID 0x80
# define EXFLAG_SET 0x100
@@ -423,6 +420,8 @@ struct ISSUING_DIST_POINT_st
# define EXFLAG_INVALID_POLICY 0x800
# define EXFLAG_FRESHEST 0x1000
/* Self signed */
# define EXFLAG_SS 0x2000
# define KU_DIGITAL_SIGNATURE 0x0080
# define KU_NON_REPUDIATION 0x0040
@@ -451,6 +450,7 @@ struct ISSUING_DIST_POINT_st
# define XKU_OCSP_SIGN 0x20
# define XKU_TIMESTAMP 0x40
# define XKU_DVCS 0x80
# define XKU_ANYEKU 0x100
# define X509_PURPOSE_DYNAMIC 0x1
# define X509_PURPOSE_DYNAMIC_NAME 0x2
@@ -459,8 +459,7 @@ typedef struct x509_purpose_st {
int purpose;
int trust; /* Default trust ID */
int flags;
int (*check_purpose)(const struct x509_purpose_st *,
const X509 *, int);
int (*check_purpose) (const struct x509_purpose_st *, const X509 *, int);
char *name;
char *sname;
void *usr_data;
@@ -510,8 +509,10 @@ DECLARE_ASN1_FUNCTIONS(SXNET)
DECLARE_ASN1_FUNCTIONS(SXNETID)
int SXNET_add_id_asc(SXNET **psx, char *zone, char *user, int userlen);
int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user, int userlen);
int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *izone, char *user, int userlen);
int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user,
int userlen);
int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *izone, char *user,
int userlen);
ASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, char *zone);
ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone);
@@ -525,21 +526,23 @@ DECLARE_ASN1_FUNCTIONS(GENERAL_NAME)
GENERAL_NAME *GENERAL_NAME_dup(GENERAL_NAME *a);
int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b);
ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
X509V3_CTX *ctx,
STACK_OF(CONF_VALUE) *nval);
STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
ASN1_BIT_STRING *bits,
STACK_OF(CONF_VALUE) *extlist);
STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret);
STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
GENERAL_NAME *gen,
STACK_OF(CONF_VALUE) *ret);
int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen);
DECLARE_ASN1_FUNCTIONS(GENERAL_NAMES)
STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
GENERAL_NAMES *gen, STACK_OF(CONF_VALUE) *extlist);
GENERAL_NAMES *gen,
STACK_OF(CONF_VALUE) *extlist);
GENERAL_NAMES *v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method,
X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
@@ -553,8 +556,10 @@ int GENERAL_NAME_set0_othername(GENERAL_NAME *gen,
int GENERAL_NAME_get0_otherName(GENERAL_NAME *gen,
ASN1_OBJECT **poid, ASN1_TYPE **pvalue);
char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5);
ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str);
char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
ASN1_OCTET_STRING *ia5);
ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
X509V3_CTX *ctx, char *str);
DECLARE_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE)
int i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION *a);
@@ -591,26 +596,35 @@ DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_CONSTRAINTS)
DECLARE_ASN1_ITEM(POLICY_CONSTRAINTS)
GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out,
const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
int gen_type, char *value, int is_nc);
const X509V3_EXT_METHOD *method,
X509V3_CTX *ctx, int gen_type, char *value,
int is_nc);
# ifdef HEADER_CONF_H
GENERAL_NAME *v2i_GENERAL_NAME(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
CONF_VALUE *cnf);
GENERAL_NAME *v2i_GENERAL_NAME(const X509V3_EXT_METHOD *method,
X509V3_CTX *ctx, CONF_VALUE *cnf);
GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
const X509V3_EXT_METHOD *method,
X509V3_CTX *ctx, CONF_VALUE *cnf, int is_nc);
X509V3_CTX *ctx, CONF_VALUE *cnf,
int is_nc);
void X509V3_conf_free(CONF_VALUE *val);
X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid, char *value);
X509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, char *name, char *value);
int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, char *section, STACK_OF(X509_EXTENSION) **sk);
int X509V3_EXT_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, X509 *cert);
int X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, X509_REQ *req);
int X509V3_EXT_CRL_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, X509_CRL *crl);
X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid,
char *value);
X509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, char *name,
char *value);
int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, char *section,
STACK_OF(X509_EXTENSION) **sk);
int X509V3_EXT_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section,
X509 *cert);
int X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section,
X509_REQ *req);
int X509V3_EXT_CRL_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section,
X509_CRL *crl);
X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
int ext_nid, char *value);
X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf,
X509V3_CTX *ctx, int ext_nid,
char *value);
X509_EXTENSION *X509V3_EXT_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
char *name, char *value);
int X509V3_EXT_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
@@ -646,7 +660,8 @@ int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint,
char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint);
ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *meth, char *value);
char *i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint);
char * i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint);
char *i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *meth,
ASN1_ENUMERATED *aint);
int X509V3_EXT_add(X509V3_EXT_METHOD *ext);
int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist);
int X509V3_EXT_add_alias(int nid_to, int nid_from);
@@ -657,11 +672,13 @@ const X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid);
int X509V3_add_standard_extensions(void);
STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line);
void *X509V3_EXT_d2i(X509_EXTENSION *ext);
void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx);
void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit,
int *idx);
int X509V3_EXT_free(int nid, void *ext_data);
X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc);
int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value, int crit, unsigned long flags);
int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
int crit, unsigned long flags);
char *hex_to_string(const unsigned char *buffer, long len);
unsigned char *string_to_hex(const char *str, long *len);
@@ -669,10 +686,13 @@ int name_cmp(const char *name, const char *cmp);
void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent,
int ml);
int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int indent);
int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag,
int indent);
int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
int X509V3_extensions_print(BIO *out, char *title, STACK_OF(X509_EXTENSION) *exts, unsigned long flag, int indent);
int X509V3_extensions_print(BIO *out, char *title,
STACK_OF(X509_EXTENSION) *exts,
unsigned long flag, int indent);
int X509_check_ca(X509 *x);
int X509_check_purpose(X509 *x, int id, int ca);
@@ -697,6 +717,34 @@ STACK_OF(OPENSSL_STRING) *X509_get1_email(X509 *x);
STACK_OF(OPENSSL_STRING) *X509_REQ_get1_email(X509_REQ *x);
void X509_email_free(STACK_OF(OPENSSL_STRING) *sk);
STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(X509 *x);
/* Flags for X509_check_* functions */
/*
* Always check subject name for host match even if subject alt names present
*/
# define X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT 0x1
/* Disable wildcard matching for dnsName fields and common name. */
# define X509_CHECK_FLAG_NO_WILDCARDS 0x2
/* Wildcards must not match a partial label. */
# define X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS 0x4
/* Allow (non-partial) wildcards to match multiple labels. */
# define X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS 0x8
/* Constraint verifier subdomain patterns to match a single labels. */
# define X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS 0x10
/*
* Match reference identifiers starting with "." to any sub-domain.
* This is a non-public flag, turned on implicitly when the subject
* reference identity is a DNS name.
*/
# define _X509_CHECK_FLAG_DOT_SUBDOMAINS 0x8000
int X509_check_host(X509 *x, const char *chk, size_t chklen,
unsigned int flags, char **peername);
int X509_check_email(X509 *x, const char *chk, size_t chklen,
unsigned int flags);
int X509_check_ip(X509 *x, const unsigned char *chk, size_t chklen,
unsigned int flags);
int X509_check_ip_asc(X509 *x, const char *ipasc, unsigned int flags);
ASN1_OCTET_STRING *a2i_IPADDRESS(const char *ipasc);
ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc);
@@ -747,7 +795,6 @@ DECLARE_ASN1_FUNCTIONS(ASIdOrRange)
DECLARE_ASN1_FUNCTIONS(ASIdentifierChoice)
DECLARE_ASN1_FUNCTIONS(ASIdentifiers)
typedef struct IPAddressRange_st {
ASN1_BIT_STRING *min, *max;
} IPAddressRange;
@@ -848,16 +895,15 @@ int v3_addr_subset(IPAddrBlocks *a, IPAddrBlocks *b);
int v3_asid_validate_path(X509_STORE_CTX *);
int v3_addr_validate_path(X509_STORE_CTX *);
int v3_asid_validate_resource_set(STACK_OF(X509) *chain,
ASIdentifiers *ext,
int allow_inheritance);
ASIdentifiers *ext, int allow_inheritance);
int v3_addr_validate_resource_set(STACK_OF(X509) *chain,
IPAddrBlocks *ext,
int allow_inheritance);
IPAddrBlocks *ext, int allow_inheritance);
# endif /* OPENSSL_NO_RFC3779 */
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_X509V3_strings(void);
@@ -922,6 +968,7 @@ void ERR_load_X509V3_strings(void);
# define X509V3_F_X509V3_EXT_ADD 104
# define X509V3_F_X509V3_EXT_ADD_ALIAS 106
# define X509V3_F_X509V3_EXT_CONF 107
# define X509V3_F_X509V3_EXT_FREE 165
# define X509V3_F_X509V3_EXT_I2D 136
# define X509V3_F_X509V3_EXT_NCONF 152
# define X509V3_F_X509V3_GET_SECTION 142
@@ -936,6 +983,7 @@ void ERR_load_X509V3_strings(void);
# define X509V3_R_BAD_OBJECT 119
# define X509V3_R_BN_DEC2BN_ERROR 100
# define X509V3_R_BN_TO_ASN1_INTEGER_ERROR 101
# define X509V3_R_CANNOT_FIND_FREE_FUNCTION 168
# define X509V3_R_DIRNAME_ERROR 149
# define X509V3_R_DISTPOINT_ALREADY_SET 160
# define X509V3_R_DUPLICATE_ZONE_ID 133
@@ -951,13 +999,13 @@ void ERR_load_X509V3_strings(void);
# define X509V3_R_ILLEGAL_EMPTY_EXTENSION 151
# define X509V3_R_ILLEGAL_HEX_DIGIT 113
# define X509V3_R_INCORRECT_POLICY_SYNTAX_TAG 152
#define X509V3_R_INVALID_MULTIPLE_RDNS 161
# define X509V3_R_INVALID_ASNUMBER 162
# define X509V3_R_INVALID_ASRANGE 163
# define X509V3_R_INVALID_BOOLEAN_STRING 104
# define X509V3_R_INVALID_EXTENSION_STRING 105
# define X509V3_R_INVALID_INHERITANCE 165
# define X509V3_R_INVALID_IPADDRESS 166
# define X509V3_R_INVALID_MULTIPLE_RDNS 161
# define X509V3_R_INVALID_NAME 106
# define X509V3_R_INVALID_NULL_ARGUMENT 107
# define X509V3_R_INVALID_NULL_NAME 108

BIN
libs/openssl/lib/iOS/libcrypto.a Normal file
View File

Binary file not shown.

BIN
libs/openssl/lib/iOS/libssl.a Normal file
View File

Binary file not shown.

BIN
libs/openssl/lib/libcrypto.a
View File

Binary file not shown.

BIN
libs/openssl/lib/libssl.a
View File

Binary file not shown.

BIN
libs/openssl/lib/macOS/libcrypto.a Normal file
View File

Binary file not shown.

BIN
libs/openssl/lib/macOS/libssl.a Normal file
View File

Binary file not shown.

BIN
libs/openssl/lib/tvOS/libcrypto.a Normal file
View File

Binary file not shown.

BIN
libs/openssl/lib/tvOS/libssl.a Normal file
View File

Binary file not shown.