Enable TLS on iOS
This commit is contained in:
bossiel
parent
10722b880e
commit
1c341c76f7
|
|
@ -90,6 +90,11 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
|
|||
int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
|
||||
AES_KEY *key);
|
||||
|
||||
int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
|
||||
AES_KEY *key);
|
||||
int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
|
||||
AES_KEY *key);
|
||||
|
||||
void AES_encrypt(const unsigned char *in, unsigned char *out,
|
||||
const AES_KEY *key);
|
||||
void AES_decrypt(const unsigned char *in, unsigned char *out,
|
||||
|
|
|
|||
|
|
@ -235,7 +235,7 @@ typedef struct asn1_object_st
|
|||
*/
|
||||
#define ASN1_STRING_FLAG_MSTRING 0x040
|
||||
/* This is the base type that holds just about everything :-) */
|
||||
typedef struct asn1_string_st
|
||||
struct asn1_string_st
|
||||
{
|
||||
int length;
|
||||
int type;
|
||||
|
|
@ -245,7 +245,7 @@ typedef struct asn1_string_st
|
|||
* input data has a non-zero 'unused bits' value, it will be
|
||||
* handled correctly */
|
||||
long flags;
|
||||
} ASN1_STRING;
|
||||
};
|
||||
|
||||
/* ASN1_ENCODING structure: this is used to save the received
|
||||
* encoding of an ASN1 type. This is useful to get round
|
||||
|
|
@ -293,7 +293,6 @@ DECLARE_STACK_OF(ASN1_STRING_TABLE)
|
|||
* see asn1t.h
|
||||
*/
|
||||
typedef struct ASN1_TEMPLATE_st ASN1_TEMPLATE;
|
||||
typedef struct ASN1_ITEM_st ASN1_ITEM;
|
||||
typedef struct ASN1_TLC_st ASN1_TLC;
|
||||
/* This is just an opaque pointer */
|
||||
typedef struct ASN1_VALUE_st ASN1_VALUE;
|
||||
|
|
@ -1067,7 +1066,7 @@ ASN1_STRING *ASN1_pack_string(void *obj, i2d_of_void *i2d,
|
|||
ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_OCTET_STRING **oct);
|
||||
|
||||
void ASN1_STRING_set_default_mask(unsigned long mask);
|
||||
int ASN1_STRING_set_default_mask_asc(char *p);
|
||||
int ASN1_STRING_set_default_mask_asc(const char *p);
|
||||
unsigned long ASN1_STRING_get_default_mask(void);
|
||||
int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len,
|
||||
int inform, unsigned long mask);
|
||||
|
|
@ -1194,6 +1193,7 @@ void ERR_load_ASN1_strings(void);
|
|||
#define ASN1_F_ASN1_ITEM_I2D_FP 193
|
||||
#define ASN1_F_ASN1_ITEM_PACK 198
|
||||
#define ASN1_F_ASN1_ITEM_SIGN 195
|
||||
#define ASN1_F_ASN1_ITEM_SIGN_CTX 220
|
||||
#define ASN1_F_ASN1_ITEM_UNPACK 199
|
||||
#define ASN1_F_ASN1_ITEM_VERIFY 197
|
||||
#define ASN1_F_ASN1_MBSTRING_NCOPY 122
|
||||
|
|
@ -1266,6 +1266,7 @@ void ERR_load_ASN1_strings(void);
|
|||
#define ASN1_F_PKCS5_PBE2_SET_IV 167
|
||||
#define ASN1_F_PKCS5_PBE_SET 202
|
||||
#define ASN1_F_PKCS5_PBE_SET0_ALGOR 215
|
||||
#define ASN1_F_PKCS5_PBKDF2_SET 219
|
||||
#define ASN1_F_SMIME_READ_ASN1 212
|
||||
#define ASN1_F_SMIME_TEXT 213
|
||||
#define ASN1_F_X509_CINF_NEW 168
|
||||
|
|
@ -1291,6 +1292,7 @@ void ERR_load_ASN1_strings(void);
|
|||
#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 106
|
||||
#define ASN1_R_BUFFER_TOO_SMALL 107
|
||||
#define ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 108
|
||||
#define ASN1_R_CONTEXT_NOT_INITIALISED 217
|
||||
#define ASN1_R_DATA_IS_WRONG 109
|
||||
#define ASN1_R_DECODE_ERROR 110
|
||||
#define ASN1_R_DECODING_ERROR 111
|
||||
|
|
|
|||
|
|
@ -68,6 +68,10 @@
|
|||
|
||||
#include <openssl/crypto.h>
|
||||
|
||||
#ifndef OPENSSL_NO_SCTP
|
||||
#include <stdint.h>
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
|
@ -95,6 +99,9 @@ extern "C" {
|
|||
#define BIO_TYPE_BIO (19|0x0400) /* (half a) BIO pair */
|
||||
#define BIO_TYPE_LINEBUFFER (20|0x0200) /* filter */
|
||||
#define BIO_TYPE_DGRAM (21|0x0400|0x0100)
|
||||
#ifndef OPENSSL_NO_SCTP
|
||||
#define BIO_TYPE_DGRAM_SCTP (24|0x0400|0x0100)
|
||||
#endif
|
||||
#define BIO_TYPE_ASN1 (22|0x0200) /* filter */
|
||||
#define BIO_TYPE_COMP (23|0x0200) /* filter */
|
||||
|
||||
|
|
@ -161,7 +168,22 @@ extern "C" {
|
|||
#define BIO_CTRL_DGRAM_SET_PEER 44 /* Destination for the data */
|
||||
|
||||
#define BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT 45 /* Next DTLS handshake timeout to
|
||||
* adjust socket timeouts */
|
||||
* adjust socket timeouts */
|
||||
|
||||
#ifndef OPENSSL_NO_SCTP
|
||||
/* SCTP stuff */
|
||||
#define BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE 50
|
||||
#define BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY 51
|
||||
#define BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY 52
|
||||
#define BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD 53
|
||||
#define BIO_CTRL_DGRAM_SCTP_GET_SNDINFO 60
|
||||
#define BIO_CTRL_DGRAM_SCTP_SET_SNDINFO 61
|
||||
#define BIO_CTRL_DGRAM_SCTP_GET_RCVINFO 62
|
||||
#define BIO_CTRL_DGRAM_SCTP_SET_RCVINFO 63
|
||||
#define BIO_CTRL_DGRAM_SCTP_GET_PRINFO 64
|
||||
#define BIO_CTRL_DGRAM_SCTP_SET_PRINFO 65
|
||||
#define BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN 70
|
||||
#endif
|
||||
|
||||
/* modifiers */
|
||||
#define BIO_FP_READ 0x02
|
||||
|
|
@ -306,6 +328,15 @@ DECLARE_STACK_OF(BIO)
|
|||
|
||||
typedef struct bio_f_buffer_ctx_struct
|
||||
{
|
||||
/* Buffers are setup like this:
|
||||
*
|
||||
* <---------------------- size ----------------------->
|
||||
* +---------------------------------------------------+
|
||||
* | consumed | remaining | free space |
|
||||
* +---------------------------------------------------+
|
||||
* <-- off --><------- len ------->
|
||||
*/
|
||||
|
||||
/* BIO *bio; */ /* this is now in the BIO struct */
|
||||
int ibuf_size; /* how big is the input buffer */
|
||||
int obuf_size; /* how big is the output buffer */
|
||||
|
|
@ -322,6 +353,34 @@ typedef struct bio_f_buffer_ctx_struct
|
|||
/* Prefix and suffix callback in ASN1 BIO */
|
||||
typedef int asn1_ps_func(BIO *b, unsigned char **pbuf, int *plen, void *parg);
|
||||
|
||||
#ifndef OPENSSL_NO_SCTP
|
||||
/* SCTP parameter structs */
|
||||
struct bio_dgram_sctp_sndinfo
|
||||
{
|
||||
uint16_t snd_sid;
|
||||
uint16_t snd_flags;
|
||||
uint32_t snd_ppid;
|
||||
uint32_t snd_context;
|
||||
};
|
||||
|
||||
struct bio_dgram_sctp_rcvinfo
|
||||
{
|
||||
uint16_t rcv_sid;
|
||||
uint16_t rcv_ssn;
|
||||
uint16_t rcv_flags;
|
||||
uint32_t rcv_ppid;
|
||||
uint32_t rcv_tsn;
|
||||
uint32_t rcv_cumtsn;
|
||||
uint32_t rcv_context;
|
||||
};
|
||||
|
||||
struct bio_dgram_sctp_prinfo
|
||||
{
|
||||
uint16_t pr_policy;
|
||||
uint32_t pr_value;
|
||||
};
|
||||
#endif
|
||||
|
||||
/* connect BIO stuff */
|
||||
#define BIO_CONN_S_BEFORE 1
|
||||
#define BIO_CONN_S_GET_IP 2
|
||||
|
|
@ -619,6 +678,9 @@ BIO_METHOD *BIO_f_linebuffer(void);
|
|||
BIO_METHOD *BIO_f_nbio_test(void);
|
||||
#ifndef OPENSSL_NO_DGRAM
|
||||
BIO_METHOD *BIO_s_datagram(void);
|
||||
#ifndef OPENSSL_NO_SCTP
|
||||
BIO_METHOD *BIO_s_datagram_sctp(void);
|
||||
#endif
|
||||
#endif
|
||||
|
||||
/* BIO_METHOD *BIO_f_ber(void); */
|
||||
|
|
@ -661,6 +723,15 @@ int BIO_set_tcp_ndelay(int sock,int turn_on);
|
|||
|
||||
BIO *BIO_new_socket(int sock, int close_flag);
|
||||
BIO *BIO_new_dgram(int fd, int close_flag);
|
||||
#ifndef OPENSSL_NO_SCTP
|
||||
BIO *BIO_new_dgram_sctp(int fd, int close_flag);
|
||||
int BIO_dgram_is_sctp(BIO *bio);
|
||||
int BIO_dgram_sctp_notification_cb(BIO *b,
|
||||
void (*handle_notifications)(BIO *bio, void *context, void *buf),
|
||||
void *context);
|
||||
int BIO_dgram_sctp_wait_for_dry(BIO *b);
|
||||
int BIO_dgram_sctp_msg_waiting(BIO *b);
|
||||
#endif
|
||||
BIO *BIO_new_fd(int fd, int close_flag);
|
||||
BIO *BIO_new_connect(char *host_port);
|
||||
BIO *BIO_new_accept(char *host_port);
|
||||
|
|
@ -725,6 +796,7 @@ void ERR_load_BIO_strings(void);
|
|||
#define BIO_F_BUFFER_CTRL 114
|
||||
#define BIO_F_CONN_CTRL 127
|
||||
#define BIO_F_CONN_STATE 115
|
||||
#define BIO_F_DGRAM_SCTP_READ 132
|
||||
#define BIO_F_FILE_CTRL 116
|
||||
#define BIO_F_FILE_READ 130
|
||||
#define BIO_F_LINEBUFFER_CTRL 129
|
||||
|
|
|
|||
|
|
@ -104,7 +104,9 @@ typedef struct bf_key_st
|
|||
BF_LONG S[4*256];
|
||||
} BF_KEY;
|
||||
|
||||
|
||||
#ifdef OPENSSL_FIPS
|
||||
void private_BF_set_key(BF_KEY *key, int len, const unsigned char *data);
|
||||
#endif
|
||||
void BF_set_key(BF_KEY *key, int len, const unsigned char *data);
|
||||
|
||||
void BF_encrypt(BF_LONG *data,const BF_KEY *key);
|
||||
|
|
|
|||
|
|
@ -253,6 +253,24 @@ extern "C" {
|
|||
#define BN_HEX_FMT2 "%08X"
|
||||
#endif
|
||||
|
||||
/* 2011-02-22 SMS.
|
||||
* In various places, a size_t variable or a type cast to size_t was
|
||||
* used to perform integer-only operations on pointers. This failed on
|
||||
* VMS with 64-bit pointers (CC /POINTER_SIZE = 64) because size_t is
|
||||
* still only 32 bits. What's needed in these cases is an integer type
|
||||
* with the same size as a pointer, which size_t is not certain to be.
|
||||
* The only fix here is VMS-specific.
|
||||
*/
|
||||
#if defined(OPENSSL_SYS_VMS)
|
||||
# if __INITIAL_POINTER_SIZE == 64
|
||||
# define PTR_SIZE_INT long long
|
||||
# else /* __INITIAL_POINTER_SIZE == 64 */
|
||||
# define PTR_SIZE_INT int
|
||||
# endif /* __INITIAL_POINTER_SIZE == 64 [else] */
|
||||
#else /* defined(OPENSSL_SYS_VMS) */
|
||||
# define PTR_SIZE_INT size_t
|
||||
#endif /* defined(OPENSSL_SYS_VMS) [else] */
|
||||
|
||||
#define BN_DEFAULT_BITS 1280
|
||||
|
||||
#define BN_FLG_MALLOCED 0x01
|
||||
|
|
@ -540,6 +558,17 @@ int BN_is_prime_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx, BN_GENCB *cb);
|
|||
int BN_is_prime_fasttest_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx,
|
||||
int do_trial_division, BN_GENCB *cb);
|
||||
|
||||
int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx);
|
||||
|
||||
int BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
|
||||
const BIGNUM *Xp, const BIGNUM *Xp1, const BIGNUM *Xp2,
|
||||
const BIGNUM *e, BN_CTX *ctx, BN_GENCB *cb);
|
||||
int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
|
||||
BIGNUM *Xp1, BIGNUM *Xp2,
|
||||
const BIGNUM *Xp,
|
||||
const BIGNUM *e, BN_CTX *ctx,
|
||||
BN_GENCB *cb);
|
||||
|
||||
BN_MONT_CTX *BN_MONT_CTX_new(void );
|
||||
void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
|
||||
int BN_mod_mul_montgomery(BIGNUM *r,const BIGNUM *a,const BIGNUM *b,
|
||||
|
|
@ -594,6 +623,8 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
|
|||
int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
|
||||
BN_RECP_CTX *recp, BN_CTX *ctx);
|
||||
|
||||
#ifndef OPENSSL_NO_EC2M
|
||||
|
||||
/* Functions for arithmetic over binary polynomials represented by BIGNUMs.
|
||||
*
|
||||
* The BIGNUM::neg property of BIGNUMs representing binary polynomials is
|
||||
|
|
@ -645,6 +676,8 @@ int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a,
|
|||
int BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max);
|
||||
int BN_GF2m_arr2poly(const int p[], BIGNUM *a);
|
||||
|
||||
#endif
|
||||
|
||||
/* faster mod functions for the 'NIST primes'
|
||||
* 0 <= a < p^2 */
|
||||
int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
|
||||
|
|
|
|||
|
|
@ -88,6 +88,10 @@ struct camellia_key_st
|
|||
};
|
||||
typedef struct camellia_key_st CAMELLIA_KEY;
|
||||
|
||||
#ifdef OPENSSL_FIPS
|
||||
int private_Camellia_set_key(const unsigned char *userKey, const int bits,
|
||||
CAMELLIA_KEY *key);
|
||||
#endif
|
||||
int Camellia_set_key(const unsigned char *userKey, const int bits,
|
||||
CAMELLIA_KEY *key);
|
||||
|
||||
|
|
|
|||
|
|
@ -83,7 +83,9 @@ typedef struct cast_key_st
|
|||
int short_key; /* Use reduced rounds for short key */
|
||||
} CAST_KEY;
|
||||
|
||||
|
||||
#ifdef OPENSSL_FIPS
|
||||
void private_CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
|
||||
#endif
|
||||
void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
|
||||
void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out, const CAST_KEY *key,
|
||||
int enc);
|
||||
|
|
|
|||
|
|
@ -0,0 +1,82 @@
|
|||
/* crypto/cmac/cmac.h */
|
||||
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
||||
* project.
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2010 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* licensing@OpenSSL.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*/
|
||||
|
||||
|
||||
#ifndef HEADER_CMAC_H
|
||||
#define HEADER_CMAC_H
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
#include <openssl/evp.h>
|
||||
|
||||
/* Opaque */
|
||||
typedef struct CMAC_CTX_st CMAC_CTX;
|
||||
|
||||
CMAC_CTX *CMAC_CTX_new(void);
|
||||
void CMAC_CTX_cleanup(CMAC_CTX *ctx);
|
||||
void CMAC_CTX_free(CMAC_CTX *ctx);
|
||||
EVP_CIPHER_CTX *CMAC_CTX_get0_cipher_ctx(CMAC_CTX *ctx);
|
||||
int CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in);
|
||||
|
||||
int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
|
||||
const EVP_CIPHER *cipher, ENGINE *impl);
|
||||
int CMAC_Update(CMAC_CTX *ctx, const void *data, size_t dlen);
|
||||
int CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen);
|
||||
int CMAC_resume(CMAC_CTX *ctx);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
#endif
|
||||
|
|
@ -184,6 +184,8 @@ int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert);
|
|||
int CMS_decrypt_set1_key(CMS_ContentInfo *cms,
|
||||
unsigned char *key, size_t keylen,
|
||||
unsigned char *id, size_t idlen);
|
||||
int CMS_decrypt_set1_password(CMS_ContentInfo *cms,
|
||||
unsigned char *pass, ossl_ssize_t passlen);
|
||||
|
||||
STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
|
||||
int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
|
||||
|
|
@ -219,6 +221,16 @@ int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri,
|
|||
int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri,
|
||||
const unsigned char *id, size_t idlen);
|
||||
|
||||
int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri,
|
||||
unsigned char *pass,
|
||||
ossl_ssize_t passlen);
|
||||
|
||||
CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
|
||||
int iter, int wrap_nid, int pbe_nid,
|
||||
unsigned char *pass,
|
||||
ossl_ssize_t passlen,
|
||||
const EVP_CIPHER *kekciph);
|
||||
|
||||
int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
|
||||
|
||||
int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
|
||||
|
|
@ -330,6 +342,7 @@ void ERR_load_CMS_strings(void);
|
|||
#define CMS_F_CHECK_CONTENT 99
|
||||
#define CMS_F_CMS_ADD0_CERT 164
|
||||
#define CMS_F_CMS_ADD0_RECIPIENT_KEY 100
|
||||
#define CMS_F_CMS_ADD0_RECIPIENT_PASSWORD 165
|
||||
#define CMS_F_CMS_ADD1_RECEIPTREQUEST 158
|
||||
#define CMS_F_CMS_ADD1_RECIPIENT_CERT 101
|
||||
#define CMS_F_CMS_ADD1_SIGNER 102
|
||||
|
|
@ -344,6 +357,7 @@ void ERR_load_CMS_strings(void);
|
|||
#define CMS_F_CMS_DATAINIT 111
|
||||
#define CMS_F_CMS_DECRYPT 112
|
||||
#define CMS_F_CMS_DECRYPT_SET1_KEY 113
|
||||
#define CMS_F_CMS_DECRYPT_SET1_PASSWORD 166
|
||||
#define CMS_F_CMS_DECRYPT_SET1_PKEY 114
|
||||
#define CMS_F_CMS_DIGESTALGORITHM_FIND_CTX 115
|
||||
#define CMS_F_CMS_DIGESTALGORITHM_INIT_BIO 116
|
||||
|
|
@ -378,7 +392,9 @@ void ERR_load_CMS_strings(void);
|
|||
#define CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT 141
|
||||
#define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS 142
|
||||
#define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID 143
|
||||
#define CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT 167
|
||||
#define CMS_F_CMS_RECIPIENTINFO_SET0_KEY 144
|
||||
#define CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD 168
|
||||
#define CMS_F_CMS_RECIPIENTINFO_SET0_PKEY 145
|
||||
#define CMS_F_CMS_SET1_SIGNERIDENTIFIER 146
|
||||
#define CMS_F_CMS_SET_DETACHED 147
|
||||
|
|
@ -419,6 +435,7 @@ void ERR_load_CMS_strings(void);
|
|||
#define CMS_R_ERROR_SETTING_KEY 115
|
||||
#define CMS_R_ERROR_SETTING_RECIPIENTINFO 116
|
||||
#define CMS_R_INVALID_ENCRYPTED_KEY_LENGTH 117
|
||||
#define CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER 176
|
||||
#define CMS_R_INVALID_KEY_LENGTH 118
|
||||
#define CMS_R_MD_BIO_INIT_ERROR 119
|
||||
#define CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH 120
|
||||
|
|
@ -431,6 +448,7 @@ void ERR_load_CMS_strings(void);
|
|||
#define CMS_R_NOT_ENCRYPTED_DATA 122
|
||||
#define CMS_R_NOT_KEK 123
|
||||
#define CMS_R_NOT_KEY_TRANSPORT 124
|
||||
#define CMS_R_NOT_PWRI 177
|
||||
#define CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 125
|
||||
#define CMS_R_NO_CIPHER 126
|
||||
#define CMS_R_NO_CONTENT 127
|
||||
|
|
@ -443,6 +461,7 @@ void ERR_load_CMS_strings(void);
|
|||
#define CMS_R_NO_MATCHING_RECIPIENT 132
|
||||
#define CMS_R_NO_MATCHING_SIGNATURE 166
|
||||
#define CMS_R_NO_MSGSIGDIGEST 167
|
||||
#define CMS_R_NO_PASSWORD 178
|
||||
#define CMS_R_NO_PRIVATE_KEY 133
|
||||
#define CMS_R_NO_PUBLIC_KEY 134
|
||||
#define CMS_R_NO_RECEIPT_REQUEST 168
|
||||
|
|
@ -466,10 +485,12 @@ void ERR_load_CMS_strings(void);
|
|||
#define CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM 151
|
||||
#define CMS_R_UNSUPPORTED_CONTENT_TYPE 152
|
||||
#define CMS_R_UNSUPPORTED_KEK_ALGORITHM 153
|
||||
#define CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM 179
|
||||
#define CMS_R_UNSUPPORTED_RECIPIENT_TYPE 154
|
||||
#define CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE 155
|
||||
#define CMS_R_UNSUPPORTED_TYPE 156
|
||||
#define CMS_R_UNWRAP_ERROR 157
|
||||
#define CMS_R_UNWRAP_FAILURE 180
|
||||
#define CMS_R_VERIFICATION_FAILURE 158
|
||||
#define CMS_R_WRAP_ERROR 159
|
||||
|
||||
|
|
|
|||
|
|
@ -547,6 +547,33 @@ unsigned long *OPENSSL_ia32cap_loc(void);
|
|||
#define OPENSSL_ia32cap (*(OPENSSL_ia32cap_loc()))
|
||||
int OPENSSL_isservice(void);
|
||||
|
||||
int FIPS_mode(void);
|
||||
int FIPS_mode_set(int r);
|
||||
|
||||
void OPENSSL_init(void);
|
||||
|
||||
#define fips_md_init(alg) fips_md_init_ctx(alg, alg)
|
||||
|
||||
#ifdef OPENSSL_FIPS
|
||||
#define fips_md_init_ctx(alg, cx) \
|
||||
int alg##_Init(cx##_CTX *c) \
|
||||
{ \
|
||||
if (FIPS_mode()) OpenSSLDie(__FILE__, __LINE__, \
|
||||
"Low level API call to digest " #alg " forbidden in FIPS mode!"); \
|
||||
return private_##alg##_Init(c); \
|
||||
} \
|
||||
int private_##alg##_Init(cx##_CTX *c)
|
||||
|
||||
#define fips_cipher_abort(alg) \
|
||||
if (FIPS_mode()) OpenSSLDie(__FILE__, __LINE__, \
|
||||
"Low level API call to cipher " #alg " forbidden in FIPS mode!")
|
||||
|
||||
#else
|
||||
#define fips_md_init_ctx(alg, cx) \
|
||||
int alg##_Init(cx##_CTX *c)
|
||||
#define fips_cipher_abort(alg) while(0)
|
||||
#endif
|
||||
|
||||
/* BEGIN ERROR CODES */
|
||||
/* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||
* made after this point may be overwritten when the script is next run.
|
||||
|
|
@ -562,11 +589,13 @@ void ERR_load_CRYPTO_strings(void);
|
|||
#define CRYPTO_F_CRYPTO_SET_EX_DATA 102
|
||||
#define CRYPTO_F_DEF_ADD_INDEX 104
|
||||
#define CRYPTO_F_DEF_GET_CLASS 105
|
||||
#define CRYPTO_F_FIPS_MODE_SET 109
|
||||
#define CRYPTO_F_INT_DUP_EX_DATA 106
|
||||
#define CRYPTO_F_INT_FREE_EX_DATA 107
|
||||
#define CRYPTO_F_INT_NEW_EX_DATA 108
|
||||
|
||||
/* Reason codes. */
|
||||
#define CRYPTO_R_FIPS_MODE_NOT_SUPPORTED 101
|
||||
#define CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK 100
|
||||
|
||||
#ifdef __cplusplus
|
||||
|
|
|
|||
|
|
@ -224,6 +224,9 @@ int DES_set_key(const_DES_cblock *key,DES_key_schedule *schedule);
|
|||
int DES_key_sched(const_DES_cblock *key,DES_key_schedule *schedule);
|
||||
int DES_set_key_checked(const_DES_cblock *key,DES_key_schedule *schedule);
|
||||
void DES_set_key_unchecked(const_DES_cblock *key,DES_key_schedule *schedule);
|
||||
#ifdef OPENSSL_FIPS
|
||||
void private_DES_set_key_unchecked(const_DES_cblock *key,DES_key_schedule *schedule);
|
||||
#endif
|
||||
void DES_string_to_key(const char *str,DES_cblock *key);
|
||||
void DES_string_to_2keys(const char *str,DES_cblock *key1,DES_cblock *key2);
|
||||
void DES_cfb64_encrypt(const unsigned char *in,unsigned char *out,long length,
|
||||
|
|
|
|||
|
|
@ -86,6 +86,21 @@
|
|||
* be used for all exponents.
|
||||
*/
|
||||
|
||||
/* If this flag is set the DH method is FIPS compliant and can be used
|
||||
* in FIPS mode. This is set in the validated module method. If an
|
||||
* application sets this flag in its own methods it is its reposibility
|
||||
* to ensure the result is compliant.
|
||||
*/
|
||||
|
||||
#define DH_FLAG_FIPS_METHOD 0x0400
|
||||
|
||||
/* If this flag is set the operations normally disabled in FIPS mode are
|
||||
* permitted it is then the applications responsibility to ensure that the
|
||||
* usage is compliant.
|
||||
*/
|
||||
|
||||
#define DH_FLAG_NON_FIPS_ALLOW 0x0400
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
|
@ -230,6 +245,9 @@ void ERR_load_DH_strings(void);
|
|||
#define DH_F_COMPUTE_KEY 102
|
||||
#define DH_F_DHPARAMS_PRINT_FP 101
|
||||
#define DH_F_DH_BUILTIN_GENPARAMS 106
|
||||
#define DH_F_DH_COMPUTE_KEY 114
|
||||
#define DH_F_DH_GENERATE_KEY 115
|
||||
#define DH_F_DH_GENERATE_PARAMETERS_EX 116
|
||||
#define DH_F_DH_NEW_METHOD 105
|
||||
#define DH_F_DH_PARAM_DECODE 107
|
||||
#define DH_F_DH_PRIV_DECODE 110
|
||||
|
|
@ -249,7 +267,9 @@ void ERR_load_DH_strings(void);
|
|||
#define DH_R_DECODE_ERROR 104
|
||||
#define DH_R_INVALID_PUBKEY 102
|
||||
#define DH_R_KEYS_NOT_SET 108
|
||||
#define DH_R_KEY_SIZE_TOO_SMALL 110
|
||||
#define DH_R_MODULUS_TOO_LARGE 103
|
||||
#define DH_R_NON_FIPS_METHOD 111
|
||||
#define DH_R_NO_PARAMETERS_SET 107
|
||||
#define DH_R_NO_PRIVATE_VALUE 100
|
||||
#define DH_R_PARAMETER_ENCODING_ERROR 105
|
||||
|
|
|
|||
|
|
@ -97,6 +97,21 @@
|
|||
* be used for all exponents.
|
||||
*/
|
||||
|
||||
/* If this flag is set the DSA method is FIPS compliant and can be used
|
||||
* in FIPS mode. This is set in the validated module method. If an
|
||||
* application sets this flag in its own methods it is its reposibility
|
||||
* to ensure the result is compliant.
|
||||
*/
|
||||
|
||||
#define DSA_FLAG_FIPS_METHOD 0x0400
|
||||
|
||||
/* If this flag is set the operations normally disabled in FIPS mode are
|
||||
* permitted it is then the applications responsibility to ensure that the
|
||||
* usage is compliant.
|
||||
*/
|
||||
|
||||
#define DSA_FLAG_NON_FIPS_ALLOW 0x0400
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
|
@ -272,6 +287,8 @@ void ERR_load_DSA_strings(void);
|
|||
#define DSA_F_DSAPARAMS_PRINT_FP 101
|
||||
#define DSA_F_DSA_DO_SIGN 112
|
||||
#define DSA_F_DSA_DO_VERIFY 113
|
||||
#define DSA_F_DSA_GENERATE_KEY 124
|
||||
#define DSA_F_DSA_GENERATE_PARAMETERS_EX 123
|
||||
#define DSA_F_DSA_NEW_METHOD 103
|
||||
#define DSA_F_DSA_PARAM_DECODE 119
|
||||
#define DSA_F_DSA_PRINT_FP 105
|
||||
|
|
@ -282,6 +299,7 @@ void ERR_load_DSA_strings(void);
|
|||
#define DSA_F_DSA_SIGN 106
|
||||
#define DSA_F_DSA_SIGN_SETUP 107
|
||||
#define DSA_F_DSA_SIG_NEW 109
|
||||
#define DSA_F_DSA_SIG_PRINT 125
|
||||
#define DSA_F_DSA_VERIFY 108
|
||||
#define DSA_F_I2D_DSA_SIG 111
|
||||
#define DSA_F_OLD_DSA_PRIV_DECODE 122
|
||||
|
|
@ -298,6 +316,8 @@ void ERR_load_DSA_strings(void);
|
|||
#define DSA_R_INVALID_DIGEST_TYPE 106
|
||||
#define DSA_R_MISSING_PARAMETERS 101
|
||||
#define DSA_R_MODULUS_TOO_LARGE 103
|
||||
#define DSA_R_NEED_NEW_SETUP_VALUES 110
|
||||
#define DSA_R_NON_FIPS_DSA_METHOD 111
|
||||
#define DSA_R_NO_PARAMETERS_SET 107
|
||||
#define DSA_R_PARAMETER_ENCODING_ERROR 105
|
||||
|
||||
|
|
|
|||
|
|
@ -105,6 +105,11 @@ extern "C" {
|
|||
#define DTLS1_AL_HEADER_LENGTH 2
|
||||
#endif
|
||||
|
||||
#ifndef OPENSSL_NO_SSL_INTERN
|
||||
|
||||
#ifndef OPENSSL_NO_SCTP
|
||||
#define DTLS1_SCTP_AUTH_LABEL "EXPORTER_DTLS_OVER_SCTP"
|
||||
#endif
|
||||
|
||||
typedef struct dtls1_bitmap_st
|
||||
{
|
||||
|
|
@ -167,6 +172,7 @@ typedef struct hm_fragment_st
|
|||
{
|
||||
struct hm_header_st msg_header;
|
||||
unsigned char *fragment;
|
||||
unsigned char *reassembly;
|
||||
} hm_fragment;
|
||||
|
||||
typedef struct dtls1_state_st
|
||||
|
|
@ -226,7 +232,7 @@ typedef struct dtls1_state_st
|
|||
|
||||
struct dtls1_timeout_st timeout;
|
||||
|
||||
/* Indicates when the last handshake msg sent will timeout */
|
||||
/* Indicates when the last handshake msg or heartbeat sent will timeout */
|
||||
struct timeval next_timeout;
|
||||
|
||||
/* Timeout duration */
|
||||
|
|
@ -242,6 +248,13 @@ typedef struct dtls1_state_st
|
|||
unsigned int retransmitting;
|
||||
unsigned int change_cipher_spec_ok;
|
||||
|
||||
#ifndef OPENSSL_NO_SCTP
|
||||
/* used when SSL_ST_XX_FLUSH is entered */
|
||||
int next_state;
|
||||
|
||||
int shutdown_received;
|
||||
#endif
|
||||
|
||||
} DTLS1_STATE;
|
||||
|
||||
typedef struct dtls1_record_data_st
|
||||
|
|
@ -250,8 +263,12 @@ typedef struct dtls1_record_data_st
|
|||
unsigned int packet_length;
|
||||
SSL3_BUFFER rbuf;
|
||||
SSL3_RECORD rrec;
|
||||
#ifndef OPENSSL_NO_SCTP
|
||||
struct bio_dgram_sctp_rcvinfo recordinfo;
|
||||
#endif
|
||||
} DTLS1_RECORD_DATA;
|
||||
|
||||
#endif
|
||||
|
||||
/* Timeout multipliers (timeout slice is defined in apps/timeouts.h */
|
||||
#define DTLS1_TMO_READ_COUNT 2
|
||||
|
|
|
|||
|
|
@ -193,8 +193,14 @@ extern "C" {
|
|||
#endif
|
||||
|
||||
/* --------------------------------- VOS ----------------------------------- */
|
||||
#ifdef OPENSSL_SYSNAME_VOS
|
||||
#if defined(__VOS__) || defined(OPENSSL_SYSNAME_VOS)
|
||||
# define OPENSSL_SYS_VOS
|
||||
#ifdef __HPPA__
|
||||
# define OPENSSL_SYS_VOS_HPPA
|
||||
#endif
|
||||
#ifdef __IA32__
|
||||
# define OPENSSL_SYS_VOS_IA32
|
||||
#endif
|
||||
#endif
|
||||
|
||||
/* ------------------------------- VxWorks --------------------------------- */
|
||||
|
|
@ -283,6 +289,26 @@ extern "C" {
|
|||
# define OPENSSL_GLOBAL_REF(name) _shadow_##name
|
||||
#endif
|
||||
|
||||
#if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) && macintosh==1 && !defined(MAC_OS_GUSI_SOURCE)
|
||||
# define ossl_ssize_t long
|
||||
#endif
|
||||
|
||||
#ifdef OPENSSL_SYS_MSDOS
|
||||
# define ossl_ssize_t long
|
||||
#endif
|
||||
|
||||
#if defined(NeXT) || defined(OPENSSL_SYS_NEWS4) || defined(OPENSSL_SYS_SUNOS)
|
||||
# define ssize_t int
|
||||
#endif
|
||||
|
||||
#if defined(__ultrix) && !defined(ssize_t)
|
||||
# define ossl_ssize_t int
|
||||
#endif
|
||||
|
||||
#ifndef ossl_ssize_t
|
||||
# define ossl_ssize_t ssize_t
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
|
|
|||
|
|
@ -151,7 +151,24 @@ const EC_METHOD *EC_GFp_mont_method(void);
|
|||
*/
|
||||
const EC_METHOD *EC_GFp_nist_method(void);
|
||||
|
||||
#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
|
||||
/** Returns 64-bit optimized methods for nistp224
|
||||
* \return EC_METHOD object
|
||||
*/
|
||||
const EC_METHOD *EC_GFp_nistp224_method(void);
|
||||
|
||||
/** Returns 64-bit optimized methods for nistp256
|
||||
* \return EC_METHOD object
|
||||
*/
|
||||
const EC_METHOD *EC_GFp_nistp256_method(void);
|
||||
|
||||
/** Returns 64-bit optimized methods for nistp521
|
||||
* \return EC_METHOD object
|
||||
*/
|
||||
const EC_METHOD *EC_GFp_nistp521_method(void);
|
||||
#endif
|
||||
|
||||
#ifndef OPENSSL_NO_EC2M
|
||||
/********************************************************************/
|
||||
/* EC_METHOD for curves over GF(2^m) */
|
||||
/********************************************************************/
|
||||
|
|
@ -161,6 +178,8 @@ const EC_METHOD *EC_GFp_nist_method(void);
|
|||
*/
|
||||
const EC_METHOD *EC_GF2m_simple_method(void);
|
||||
|
||||
#endif
|
||||
|
||||
|
||||
/********************************************************************/
|
||||
/* EC_GROUP functions */
|
||||
|
|
@ -282,6 +301,7 @@ int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, co
|
|||
*/
|
||||
int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
|
||||
|
||||
#ifndef OPENSSL_NO_EC2M
|
||||
/** Sets the parameter of a ec over GF2m defined by y^2 + x*y = x^3 + a*x^2 + b
|
||||
* \param group EC_GROUP object
|
||||
* \param p BIGNUM with the polynomial defining the underlying field
|
||||
|
|
@ -301,7 +321,7 @@ int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, c
|
|||
* \return 1 on success and 0 if an error occured
|
||||
*/
|
||||
int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
|
||||
|
||||
#endif
|
||||
/** Returns the number of bits needed to represent a field element
|
||||
* \param group EC_GROUP object
|
||||
* \return number of bits needed to represent a field element
|
||||
|
|
@ -342,7 +362,7 @@ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
|
|||
* \return newly created EC_GROUP object with the specified parameters
|
||||
*/
|
||||
EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
|
||||
|
||||
#ifndef OPENSSL_NO_EC2M
|
||||
/** Creates a new EC_GROUP object with the specified parameters defined
|
||||
* over GF2m (defined by the equation y^2 + x*y = x^3 + a*x^2 + b)
|
||||
* \param p BIGNUM with the polynomial defining the underlying field
|
||||
|
|
@ -352,7 +372,7 @@ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM
|
|||
* \return newly created EC_GROUP object with the specified parameters
|
||||
*/
|
||||
EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
|
||||
|
||||
#endif
|
||||
/** Creates a EC_GROUP object with a curve specified by a NID
|
||||
* \param nid NID of the OID of the curve name
|
||||
* \return newly created EC_GROUP object with specified curve or NULL
|
||||
|
|
@ -481,7 +501,7 @@ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
|
|||
*/
|
||||
int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
|
||||
const BIGNUM *x, int y_bit, BN_CTX *ctx);
|
||||
|
||||
#ifndef OPENSSL_NO_EC2M
|
||||
/** Sets the affine coordinates of a EC_POINT over GF2m
|
||||
* \param group underlying EC_GROUP object
|
||||
* \param p EC_POINT object
|
||||
|
|
@ -514,7 +534,7 @@ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
|
|||
*/
|
||||
int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
|
||||
const BIGNUM *x, int y_bit, BN_CTX *ctx);
|
||||
|
||||
#endif
|
||||
/** Encodes a EC_POINT object to a octet string
|
||||
* \param group underlying EC_GROUP object
|
||||
* \param p EC_POINT object
|
||||
|
|
@ -653,9 +673,11 @@ int EC_GROUP_have_precompute_mult(const EC_GROUP *group);
|
|||
/* EC_GROUP_get_basis_type() returns the NID of the basis type
|
||||
* used to represent the field elements */
|
||||
int EC_GROUP_get_basis_type(const EC_GROUP *);
|
||||
#ifndef OPENSSL_NO_EC2M
|
||||
int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
|
||||
int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
|
||||
unsigned int *k2, unsigned int *k3);
|
||||
#endif
|
||||
|
||||
#define OPENSSL_EC_NAMED_CURVE 0x001
|
||||
|
||||
|
|
@ -689,11 +711,21 @@ typedef struct ec_key_st EC_KEY;
|
|||
#define EC_PKEY_NO_PARAMETERS 0x001
|
||||
#define EC_PKEY_NO_PUBKEY 0x002
|
||||
|
||||
/* some values for the flags field */
|
||||
#define EC_FLAG_NON_FIPS_ALLOW 0x1
|
||||
#define EC_FLAG_FIPS_CHECKED 0x2
|
||||
|
||||
/** Creates a new EC_KEY object.
|
||||
* \return EC_KEY object or NULL if an error occurred.
|
||||
*/
|
||||
EC_KEY *EC_KEY_new(void);
|
||||
|
||||
int EC_KEY_get_flags(const EC_KEY *key);
|
||||
|
||||
void EC_KEY_set_flags(EC_KEY *key, int flags);
|
||||
|
||||
void EC_KEY_clear_flags(EC_KEY *key, int flags);
|
||||
|
||||
/** Creates a new EC_KEY object using a named curve as underlying
|
||||
* EC_GROUP object.
|
||||
* \param nid NID of the named curve.
|
||||
|
|
@ -799,6 +831,15 @@ int EC_KEY_generate_key(EC_KEY *key);
|
|||
*/
|
||||
int EC_KEY_check_key(const EC_KEY *key);
|
||||
|
||||
/** Sets a public key from affine coordindates performing
|
||||
* neccessary NIST PKV tests.
|
||||
* \param key the EC_KEY object
|
||||
* \param x public key x coordinate
|
||||
* \param y public key y coordinate
|
||||
* \return 1 on success and 0 otherwise.
|
||||
*/
|
||||
int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
|
||||
|
||||
|
||||
/********************************************************************/
|
||||
/* de- and encoding functions for SEC1 ECPrivateKey */
|
||||
|
|
@ -926,6 +967,7 @@ void ERR_load_EC_strings(void);
|
|||
/* Error codes for the EC functions. */
|
||||
|
||||
/* Function codes. */
|
||||
#define EC_F_BN_TO_FELEM 224
|
||||
#define EC_F_COMPUTE_WNAF 143
|
||||
#define EC_F_D2I_ECPARAMETERS 144
|
||||
#define EC_F_D2I_ECPKPARAMETERS 145
|
||||
|
|
@ -968,6 +1010,15 @@ void ERR_load_EC_strings(void);
|
|||
#define EC_F_EC_GFP_MONT_FIELD_SQR 132
|
||||
#define EC_F_EC_GFP_MONT_GROUP_SET_CURVE 189
|
||||
#define EC_F_EC_GFP_MONT_GROUP_SET_CURVE_GFP 135
|
||||
#define EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE 225
|
||||
#define EC_F_EC_GFP_NISTP224_POINTS_MUL 228
|
||||
#define EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES 226
|
||||
#define EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE 230
|
||||
#define EC_F_EC_GFP_NISTP256_POINTS_MUL 231
|
||||
#define EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES 232
|
||||
#define EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE 233
|
||||
#define EC_F_EC_GFP_NISTP521_POINTS_MUL 234
|
||||
#define EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES 235
|
||||
#define EC_F_EC_GFP_NIST_FIELD_MUL 200
|
||||
#define EC_F_EC_GFP_NIST_FIELD_SQR 201
|
||||
#define EC_F_EC_GFP_NIST_GROUP_SET_CURVE 202
|
||||
|
|
@ -1010,6 +1061,7 @@ void ERR_load_EC_strings(void);
|
|||
#define EC_F_EC_KEY_NEW 182
|
||||
#define EC_F_EC_KEY_PRINT 180
|
||||
#define EC_F_EC_KEY_PRINT_FP 181
|
||||
#define EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES 229
|
||||
#define EC_F_EC_POINTS_MAKE_AFFINE 136
|
||||
#define EC_F_EC_POINT_ADD 112
|
||||
#define EC_F_EC_POINT_CMP 113
|
||||
|
|
@ -1040,6 +1092,9 @@ void ERR_load_EC_strings(void);
|
|||
#define EC_F_I2D_ECPKPARAMETERS 191
|
||||
#define EC_F_I2D_ECPRIVATEKEY 192
|
||||
#define EC_F_I2O_ECPUBLICKEY 151
|
||||
#define EC_F_NISTP224_PRE_COMP_NEW 227
|
||||
#define EC_F_NISTP256_PRE_COMP_NEW 236
|
||||
#define EC_F_NISTP521_PRE_COMP_NEW 237
|
||||
#define EC_F_O2I_ECPUBLICKEY 152
|
||||
#define EC_F_OLD_EC_PRIV_DECODE 222
|
||||
#define EC_F_PKEY_EC_CTRL 197
|
||||
|
|
@ -1052,12 +1107,15 @@ void ERR_load_EC_strings(void);
|
|||
/* Reason codes. */
|
||||
#define EC_R_ASN1_ERROR 115
|
||||
#define EC_R_ASN1_UNKNOWN_FIELD 116
|
||||
#define EC_R_BIGNUM_OUT_OF_RANGE 144
|
||||
#define EC_R_BUFFER_TOO_SMALL 100
|
||||
#define EC_R_COORDINATES_OUT_OF_RANGE 146
|
||||
#define EC_R_D2I_ECPKPARAMETERS_FAILURE 117
|
||||
#define EC_R_DECODE_ERROR 142
|
||||
#define EC_R_DISCRIMINANT_IS_ZERO 118
|
||||
#define EC_R_EC_GROUP_NEW_BY_NAME_FAILURE 119
|
||||
#define EC_R_FIELD_TOO_LARGE 143
|
||||
#define EC_R_GF2M_NOT_SUPPORTED 147
|
||||
#define EC_R_GROUP2PKPARAMETERS_FAILURE 120
|
||||
#define EC_R_I2D_ECPKPARAMETERS_FAILURE 121
|
||||
#define EC_R_INCOMPATIBLE_OBJECTS 101
|
||||
|
|
@ -1092,6 +1150,7 @@ void ERR_load_EC_strings(void);
|
|||
#define EC_R_UNKNOWN_GROUP 129
|
||||
#define EC_R_UNKNOWN_ORDER 114
|
||||
#define EC_R_UNSUPPORTED_FIELD 131
|
||||
#define EC_R_WRONG_CURVE_PARAMETERS 145
|
||||
#define EC_R_WRONG_ORDER 130
|
||||
|
||||
#ifdef __cplusplus
|
||||
|
|
|
|||
|
|
@ -109,11 +109,13 @@ void ERR_load_ECDH_strings(void);
|
|||
/* Error codes for the ECDH functions. */
|
||||
|
||||
/* Function codes. */
|
||||
#define ECDH_F_ECDH_CHECK 102
|
||||
#define ECDH_F_ECDH_COMPUTE_KEY 100
|
||||
#define ECDH_F_ECDH_DATA_NEW_METHOD 101
|
||||
|
||||
/* Reason codes. */
|
||||
#define ECDH_R_KDF_FAILED 102
|
||||
#define ECDH_R_NON_FIPS_METHOD 103
|
||||
#define ECDH_R_NO_PRIVATE_VALUE 100
|
||||
#define ECDH_R_POINT_ARITHMETIC_FAILURE 101
|
||||
|
||||
|
|
|
|||
|
|
@ -238,6 +238,7 @@ void ERR_load_ECDSA_strings(void);
|
|||
/* Error codes for the ECDSA functions. */
|
||||
|
||||
/* Function codes. */
|
||||
#define ECDSA_F_ECDSA_CHECK 104
|
||||
#define ECDSA_F_ECDSA_DATA_NEW_METHOD 100
|
||||
#define ECDSA_F_ECDSA_DO_SIGN 101
|
||||
#define ECDSA_F_ECDSA_DO_VERIFY 102
|
||||
|
|
@ -249,6 +250,7 @@ void ERR_load_ECDSA_strings(void);
|
|||
#define ECDSA_R_ERR_EC_LIB 102
|
||||
#define ECDSA_R_MISSING_PARAMETERS 103
|
||||
#define ECDSA_R_NEED_NEW_SETUP_VALUES 106
|
||||
#define ECDSA_R_NON_FIPS_METHOD 107
|
||||
#define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED 104
|
||||
#define ECDSA_R_SIGNATURE_MALLOC_FAILED 105
|
||||
|
||||
|
|
|
|||
|
|
@ -141,6 +141,13 @@ extern "C" {
|
|||
* the existing ENGINE's structural reference count. */
|
||||
#define ENGINE_FLAGS_BY_ID_COPY (int)0x0004
|
||||
|
||||
/* This flag if for an ENGINE that does not want its methods registered as
|
||||
* part of ENGINE_register_all_complete() for example if the methods are
|
||||
* not usable as default methods.
|
||||
*/
|
||||
|
||||
#define ENGINE_FLAGS_NO_REGISTER_ALL (int)0x0008
|
||||
|
||||
/* ENGINEs can support their own command types, and these flags are used in
|
||||
* ENGINE_CTRL_GET_CMD_FLAGS to indicate to the caller what kind of input each
|
||||
* command expects. Currently only numeric and string input is supported. If a
|
||||
|
|
@ -344,6 +351,8 @@ void ENGINE_load_gost(void);
|
|||
#endif
|
||||
#endif
|
||||
void ENGINE_load_cryptodev(void);
|
||||
void ENGINE_load_rsax(void);
|
||||
void ENGINE_load_rdrand(void);
|
||||
void ENGINE_load_builtin_engines(void);
|
||||
|
||||
/* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation
|
||||
|
|
@ -677,6 +686,7 @@ typedef struct st_dynamic_fns {
|
|||
* can be fully instantiated with IMPLEMENT_DYNAMIC_CHECK_FN(). */
|
||||
typedef unsigned long (*dynamic_v_check_fn)(unsigned long ossl_version);
|
||||
#define IMPLEMENT_DYNAMIC_CHECK_FN() \
|
||||
OPENSSL_EXPORT unsigned long v_check(unsigned long v); \
|
||||
OPENSSL_EXPORT unsigned long v_check(unsigned long v) { \
|
||||
if(v >= OSSL_DYNAMIC_OLDEST) return OSSL_DYNAMIC_VERSION; \
|
||||
return 0; }
|
||||
|
|
@ -699,6 +709,8 @@ typedef unsigned long (*dynamic_v_check_fn)(unsigned long ossl_version);
|
|||
typedef int (*dynamic_bind_engine)(ENGINE *e, const char *id,
|
||||
const dynamic_fns *fns);
|
||||
#define IMPLEMENT_DYNAMIC_BIND_FN(fn) \
|
||||
OPENSSL_EXPORT \
|
||||
int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns); \
|
||||
OPENSSL_EXPORT \
|
||||
int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \
|
||||
if(ENGINE_get_static_state() == fns->static_state) goto skip_cbs; \
|
||||
|
|
|
|||
|
|
@ -344,8 +344,9 @@ void ERR_print_errors_fp(FILE *fp);
|
|||
#endif
|
||||
#ifndef OPENSSL_NO_BIO
|
||||
void ERR_print_errors(BIO *bp);
|
||||
void ERR_add_error_data(int num, ...);
|
||||
#endif
|
||||
void ERR_add_error_data(int num, ...);
|
||||
void ERR_add_error_vdata(int num, va_list args);
|
||||
void ERR_load_strings(int lib,ERR_STRING_DATA str[]);
|
||||
void ERR_unload_strings(int lib,ERR_STRING_DATA str[]);
|
||||
void ERR_load_ERR_strings(void);
|
||||
|
|
|
|||
|
|
@ -83,7 +83,7 @@
|
|||
#define EVP_RC5_32_12_16_KEY_SIZE 16
|
||||
*/
|
||||
#define EVP_MAX_MD_SIZE 64 /* longest known is SHA512 */
|
||||
#define EVP_MAX_KEY_LENGTH 32
|
||||
#define EVP_MAX_KEY_LENGTH 64
|
||||
#define EVP_MAX_IV_LENGTH 16
|
||||
#define EVP_MAX_BLOCK_LENGTH 32
|
||||
|
||||
|
|
@ -116,6 +116,7 @@
|
|||
#define EVP_PKEY_DH NID_dhKeyAgreement
|
||||
#define EVP_PKEY_EC NID_X9_62_id_ecPublicKey
|
||||
#define EVP_PKEY_HMAC NID_hmac
|
||||
#define EVP_PKEY_CMAC NID_cmac
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
|
|
@ -216,6 +217,8 @@ typedef int evp_verify_method(int type,const unsigned char *m,
|
|||
|
||||
#define EVP_MD_FLAG_DIGALGID_CUSTOM 0x0018
|
||||
|
||||
#define EVP_MD_FLAG_FIPS 0x0400 /* Note if suitable for use in FIPS mode */
|
||||
|
||||
/* Digest ctrls */
|
||||
|
||||
#define EVP_MD_CTRL_DIGALGID 0x1
|
||||
|
|
@ -325,6 +328,10 @@ struct evp_cipher_st
|
|||
#define EVP_CIPH_CBC_MODE 0x2
|
||||
#define EVP_CIPH_CFB_MODE 0x3
|
||||
#define EVP_CIPH_OFB_MODE 0x4
|
||||
#define EVP_CIPH_CTR_MODE 0x5
|
||||
#define EVP_CIPH_GCM_MODE 0x6
|
||||
#define EVP_CIPH_CCM_MODE 0x7
|
||||
#define EVP_CIPH_XTS_MODE 0x10001
|
||||
#define EVP_CIPH_MODE 0xF0007
|
||||
/* Set if variable length cipher */
|
||||
#define EVP_CIPH_VARIABLE_LENGTH 0x8
|
||||
|
|
@ -346,6 +353,15 @@ struct evp_cipher_st
|
|||
#define EVP_CIPH_FLAG_DEFAULT_ASN1 0x1000
|
||||
/* Buffer length in bits not bytes: CFB1 mode only */
|
||||
#define EVP_CIPH_FLAG_LENGTH_BITS 0x2000
|
||||
/* Note if suitable for use in FIPS mode */
|
||||
#define EVP_CIPH_FLAG_FIPS 0x4000
|
||||
/* Allow non FIPS cipher in FIPS mode */
|
||||
#define EVP_CIPH_FLAG_NON_FIPS_ALLOW 0x8000
|
||||
/* Cipher handles any and all padding logic as well
|
||||
* as finalisation.
|
||||
*/
|
||||
#define EVP_CIPH_FLAG_CUSTOM_CIPHER 0x100000
|
||||
#define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000
|
||||
|
||||
/* ctrl() values */
|
||||
|
||||
|
|
@ -358,6 +374,34 @@ struct evp_cipher_st
|
|||
#define EVP_CTRL_RAND_KEY 0x6
|
||||
#define EVP_CTRL_PBE_PRF_NID 0x7
|
||||
#define EVP_CTRL_COPY 0x8
|
||||
#define EVP_CTRL_GCM_SET_IVLEN 0x9
|
||||
#define EVP_CTRL_GCM_GET_TAG 0x10
|
||||
#define EVP_CTRL_GCM_SET_TAG 0x11
|
||||
#define EVP_CTRL_GCM_SET_IV_FIXED 0x12
|
||||
#define EVP_CTRL_GCM_IV_GEN 0x13
|
||||
#define EVP_CTRL_CCM_SET_IVLEN EVP_CTRL_GCM_SET_IVLEN
|
||||
#define EVP_CTRL_CCM_GET_TAG EVP_CTRL_GCM_GET_TAG
|
||||
#define EVP_CTRL_CCM_SET_TAG EVP_CTRL_GCM_SET_TAG
|
||||
#define EVP_CTRL_CCM_SET_L 0x14
|
||||
#define EVP_CTRL_CCM_SET_MSGLEN 0x15
|
||||
/* AEAD cipher deduces payload length and returns number of bytes
|
||||
* required to store MAC and eventual padding. Subsequent call to
|
||||
* EVP_Cipher even appends/verifies MAC.
|
||||
*/
|
||||
#define EVP_CTRL_AEAD_TLS1_AAD 0x16
|
||||
/* Used by composite AEAD ciphers, no-op in GCM, CCM... */
|
||||
#define EVP_CTRL_AEAD_SET_MAC_KEY 0x17
|
||||
/* Set the GCM invocation field, decrypt only */
|
||||
#define EVP_CTRL_GCM_SET_IV_INV 0x18
|
||||
|
||||
/* GCM TLS constants */
|
||||
/* Length of fixed part of IV derived from PRF */
|
||||
#define EVP_GCM_TLS_FIXED_IV_LEN 4
|
||||
/* Length of explicit part of IV part of TLS records */
|
||||
#define EVP_GCM_TLS_EXPLICIT_IV_LEN 8
|
||||
/* Length of tag for TLS */
|
||||
#define EVP_GCM_TLS_TAG_LEN 16
|
||||
|
||||
|
||||
typedef struct evp_cipher_info_st
|
||||
{
|
||||
|
|
@ -375,7 +419,7 @@ struct evp_cipher_ctx_st
|
|||
unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */
|
||||
unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */
|
||||
unsigned char buf[EVP_MAX_BLOCK_LENGTH];/* saved partial block */
|
||||
int num; /* used by cfb/ofb mode */
|
||||
int num; /* used by cfb/ofb/ctr mode */
|
||||
|
||||
void *app_data; /* application stuff */
|
||||
int key_len; /* May change for variable length cipher */
|
||||
|
|
@ -695,6 +739,9 @@ const EVP_MD *EVP_dev_crypto_md5(void);
|
|||
#ifndef OPENSSL_NO_RC4
|
||||
const EVP_CIPHER *EVP_rc4(void);
|
||||
const EVP_CIPHER *EVP_rc4_40(void);
|
||||
#ifndef OPENSSL_NO_MD5
|
||||
const EVP_CIPHER *EVP_rc4_hmac_md5(void);
|
||||
#endif
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_IDEA
|
||||
const EVP_CIPHER *EVP_idea_ecb(void);
|
||||
|
|
@ -741,9 +788,10 @@ const EVP_CIPHER *EVP_aes_128_cfb8(void);
|
|||
const EVP_CIPHER *EVP_aes_128_cfb128(void);
|
||||
# define EVP_aes_128_cfb EVP_aes_128_cfb128
|
||||
const EVP_CIPHER *EVP_aes_128_ofb(void);
|
||||
#if 0
|
||||
const EVP_CIPHER *EVP_aes_128_ctr(void);
|
||||
#endif
|
||||
const EVP_CIPHER *EVP_aes_128_gcm(void);
|
||||
const EVP_CIPHER *EVP_aes_128_ccm(void);
|
||||
const EVP_CIPHER *EVP_aes_128_xts(void);
|
||||
const EVP_CIPHER *EVP_aes_192_ecb(void);
|
||||
const EVP_CIPHER *EVP_aes_192_cbc(void);
|
||||
const EVP_CIPHER *EVP_aes_192_cfb1(void);
|
||||
|
|
@ -751,9 +799,9 @@ const EVP_CIPHER *EVP_aes_192_cfb8(void);
|
|||
const EVP_CIPHER *EVP_aes_192_cfb128(void);
|
||||
# define EVP_aes_192_cfb EVP_aes_192_cfb128
|
||||
const EVP_CIPHER *EVP_aes_192_ofb(void);
|
||||
#if 0
|
||||
const EVP_CIPHER *EVP_aes_192_ctr(void);
|
||||
#endif
|
||||
const EVP_CIPHER *EVP_aes_192_gcm(void);
|
||||
const EVP_CIPHER *EVP_aes_192_ccm(void);
|
||||
const EVP_CIPHER *EVP_aes_256_ecb(void);
|
||||
const EVP_CIPHER *EVP_aes_256_cbc(void);
|
||||
const EVP_CIPHER *EVP_aes_256_cfb1(void);
|
||||
|
|
@ -761,8 +809,13 @@ const EVP_CIPHER *EVP_aes_256_cfb8(void);
|
|||
const EVP_CIPHER *EVP_aes_256_cfb128(void);
|
||||
# define EVP_aes_256_cfb EVP_aes_256_cfb128
|
||||
const EVP_CIPHER *EVP_aes_256_ofb(void);
|
||||
#if 0
|
||||
const EVP_CIPHER *EVP_aes_256_ctr(void);
|
||||
const EVP_CIPHER *EVP_aes_256_gcm(void);
|
||||
const EVP_CIPHER *EVP_aes_256_ccm(void);
|
||||
const EVP_CIPHER *EVP_aes_256_xts(void);
|
||||
#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
|
||||
const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void);
|
||||
const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void);
|
||||
#endif
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_CAMELLIA
|
||||
|
|
@ -1047,13 +1100,22 @@ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
|
|||
#define EVP_PKEY_CTRL_CMS_DECRYPT 10
|
||||
#define EVP_PKEY_CTRL_CMS_SIGN 11
|
||||
|
||||
#define EVP_PKEY_CTRL_CIPHER 12
|
||||
|
||||
#define EVP_PKEY_ALG_CTRL 0x1000
|
||||
|
||||
|
||||
#define EVP_PKEY_FLAG_AUTOARGLEN 2
|
||||
/* Method handles all operations: don't assume any digest related
|
||||
* defaults.
|
||||
*/
|
||||
#define EVP_PKEY_FLAG_SIGCTX_CUSTOM 4
|
||||
|
||||
const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
|
||||
EVP_PKEY_METHOD* EVP_PKEY_meth_new(int id, int flags);
|
||||
void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags,
|
||||
const EVP_PKEY_METHOD *meth);
|
||||
void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
|
||||
void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
|
||||
int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
|
||||
|
||||
|
|
@ -1071,7 +1133,7 @@ int EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx);
|
|||
void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen);
|
||||
|
||||
EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e,
|
||||
unsigned char *key, int keylen);
|
||||
const unsigned char *key, int keylen);
|
||||
|
||||
void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data);
|
||||
void *EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx);
|
||||
|
|
@ -1190,8 +1252,13 @@ void ERR_load_EVP_strings(void);
|
|||
/* Error codes for the EVP functions. */
|
||||
|
||||
/* Function codes. */
|
||||
#define EVP_F_AESNI_INIT_KEY 165
|
||||
#define EVP_F_AESNI_XTS_CIPHER 176
|
||||
#define EVP_F_AES_INIT_KEY 133
|
||||
#define EVP_F_AES_XTS 172
|
||||
#define EVP_F_AES_XTS_CIPHER 175
|
||||
#define EVP_F_CAMELLIA_INIT_KEY 159
|
||||
#define EVP_F_CMAC_INIT 173
|
||||
#define EVP_F_D2I_PKEY 100
|
||||
#define EVP_F_DO_SIGVER_INIT 161
|
||||
#define EVP_F_DSAPKEY2PKCS8 134
|
||||
|
|
@ -1246,15 +1313,24 @@ void ERR_load_EVP_strings(void);
|
|||
#define EVP_F_EVP_RIJNDAEL 126
|
||||
#define EVP_F_EVP_SIGNFINAL 107
|
||||
#define EVP_F_EVP_VERIFYFINAL 108
|
||||
#define EVP_F_FIPS_CIPHERINIT 166
|
||||
#define EVP_F_FIPS_CIPHER_CTX_COPY 170
|
||||
#define EVP_F_FIPS_CIPHER_CTX_CTRL 167
|
||||
#define EVP_F_FIPS_CIPHER_CTX_SET_KEY_LENGTH 171
|
||||
#define EVP_F_FIPS_DIGESTINIT 168
|
||||
#define EVP_F_FIPS_MD_CTX_COPY 169
|
||||
#define EVP_F_HMAC_INIT_EX 174
|
||||
#define EVP_F_INT_CTX_NEW 157
|
||||
#define EVP_F_PKCS5_PBE_KEYIVGEN 117
|
||||
#define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118
|
||||
#define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN 164
|
||||
#define EVP_F_PKCS8_SET_BROKEN 112
|
||||
#define EVP_F_PKEY_SET_TYPE 158
|
||||
#define EVP_F_RC2_MAGIC_TO_METH 109
|
||||
#define EVP_F_RC5_CTRL 125
|
||||
|
||||
/* Reason codes. */
|
||||
#define EVP_R_AES_IV_SETUP_FAILED 162
|
||||
#define EVP_R_AES_KEY_SETUP_FAILED 143
|
||||
#define EVP_R_ASN1_LIB 140
|
||||
#define EVP_R_BAD_BLOCK_LENGTH 136
|
||||
|
|
@ -1272,6 +1348,7 @@ void ERR_load_EVP_strings(void);
|
|||
#define EVP_R_DECODE_ERROR 114
|
||||
#define EVP_R_DIFFERENT_KEY_TYPES 101
|
||||
#define EVP_R_DIFFERENT_PARAMETERS 153
|
||||
#define EVP_R_DISABLED_FOR_FIPS 163
|
||||
#define EVP_R_ENCODE_ERROR 115
|
||||
#define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119
|
||||
#define EVP_R_EXPECTING_AN_RSA_KEY 127
|
||||
|
|
@ -1303,6 +1380,7 @@ void ERR_load_EVP_strings(void);
|
|||
#define EVP_R_PRIVATE_KEY_DECODE_ERROR 145
|
||||
#define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146
|
||||
#define EVP_R_PUBLIC_KEY_NOT_RSA 106
|
||||
#define EVP_R_TOO_LARGE 164
|
||||
#define EVP_R_UNKNOWN_CIPHER 160
|
||||
#define EVP_R_UNKNOWN_DIGEST 161
|
||||
#define EVP_R_UNKNOWN_PBE_ALGORITHM 121
|
||||
|
|
|
|||
|
|
@ -83,6 +83,9 @@ typedef struct idea_key_st
|
|||
const char *idea_options(void);
|
||||
void idea_ecb_encrypt(const unsigned char *in, unsigned char *out,
|
||||
IDEA_KEY_SCHEDULE *ks);
|
||||
#ifdef OPENSSL_FIPS
|
||||
void private_idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks);
|
||||
#endif
|
||||
void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks);
|
||||
void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk);
|
||||
void idea_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
||||
|
|
|
|||
|
|
@ -172,6 +172,10 @@ krb5_error_code kssl_check_authent(KSSL_CTX *kssl_ctx, krb5_data *authentp,
|
|||
krb5_timestamp *atimep, KSSL_ERR *kssl_err);
|
||||
unsigned char *kssl_skip_confound(krb5_enctype enctype, unsigned char *authn);
|
||||
|
||||
void SSL_set0_kssl_ctx(SSL *s, KSSL_CTX *kctx);
|
||||
KSSL_CTX * SSL_get0_kssl_ctx(SSL *s);
|
||||
char *kssl_ctx_get0_client_princ(KSSL_CTX *kctx);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
|
|
|||
|
|
@ -105,6 +105,9 @@ typedef struct MD4state_st
|
|||
unsigned int num;
|
||||
} MD4_CTX;
|
||||
|
||||
#ifdef OPENSSL_FIPS
|
||||
int private_MD4_Init(MD4_CTX *c);
|
||||
#endif
|
||||
int MD4_Init(MD4_CTX *c);
|
||||
int MD4_Update(MD4_CTX *c, const void *data, size_t len);
|
||||
int MD4_Final(unsigned char *md, MD4_CTX *c);
|
||||
|
|
|
|||
|
|
@ -105,6 +105,9 @@ typedef struct MD5state_st
|
|||
unsigned int num;
|
||||
} MD5_CTX;
|
||||
|
||||
#ifdef OPENSSL_FIPS
|
||||
int private_MD5_Init(MD5_CTX *c);
|
||||
#endif
|
||||
int MD5_Init(MD5_CTX *c);
|
||||
int MD5_Update(MD5_CTX *c, const void *data, size_t len);
|
||||
int MD5_Final(unsigned char *md, MD5_CTX *c);
|
||||
|
|
|
|||
|
|
@ -81,6 +81,9 @@ typedef struct mdc2_ctx_st
|
|||
} MDC2_CTX;
|
||||
|
||||
|
||||
#ifdef OPENSSL_FIPS
|
||||
int private_MDC2_Init(MDC2_CTX *c);
|
||||
#endif
|
||||
int MDC2_Init(MDC2_CTX *c);
|
||||
int MDC2_Update(MDC2_CTX *c, const unsigned char *data, size_t len);
|
||||
int MDC2_Final(unsigned char *md, MDC2_CTX *c);
|
||||
|
|
|
|||
|
|
@ -15,6 +15,14 @@ typedef void (*cbc128_f)(const unsigned char *in, unsigned char *out,
|
|||
size_t len, const void *key,
|
||||
unsigned char ivec[16], int enc);
|
||||
|
||||
typedef void (*ctr128_f)(const unsigned char *in, unsigned char *out,
|
||||
size_t blocks, const void *key,
|
||||
const unsigned char ivec[16]);
|
||||
|
||||
typedef void (*ccm128_f)(const unsigned char *in, unsigned char *out,
|
||||
size_t blocks, const void *key,
|
||||
const unsigned char ivec[16],unsigned char cmac[16]);
|
||||
|
||||
void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const void *key,
|
||||
unsigned char ivec[16], block128_f block);
|
||||
|
|
@ -27,6 +35,11 @@ void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out,
|
|||
unsigned char ivec[16], unsigned char ecount_buf[16],
|
||||
unsigned int *num, block128_f block);
|
||||
|
||||
void CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const void *key,
|
||||
unsigned char ivec[16], unsigned char ecount_buf[16],
|
||||
unsigned int *num, ctr128_f ctr);
|
||||
|
||||
void CRYPTO_ofb128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const void *key,
|
||||
unsigned char ivec[16], int *num,
|
||||
|
|
@ -57,3 +70,66 @@ size_t CRYPTO_cts128_decrypt_block(const unsigned char *in, unsigned char *out,
|
|||
size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const void *key,
|
||||
unsigned char ivec[16], cbc128_f cbc);
|
||||
|
||||
size_t CRYPTO_nistcts128_encrypt_block(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const void *key,
|
||||
unsigned char ivec[16], block128_f block);
|
||||
size_t CRYPTO_nistcts128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const void *key,
|
||||
unsigned char ivec[16], cbc128_f cbc);
|
||||
size_t CRYPTO_nistcts128_decrypt_block(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const void *key,
|
||||
unsigned char ivec[16], block128_f block);
|
||||
size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const void *key,
|
||||
unsigned char ivec[16], cbc128_f cbc);
|
||||
|
||||
typedef struct gcm128_context GCM128_CONTEXT;
|
||||
|
||||
GCM128_CONTEXT *CRYPTO_gcm128_new(void *key, block128_f block);
|
||||
void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx,void *key,block128_f block);
|
||||
void CRYPTO_gcm128_setiv(GCM128_CONTEXT *ctx, const unsigned char *iv,
|
||||
size_t len);
|
||||
int CRYPTO_gcm128_aad(GCM128_CONTEXT *ctx, const unsigned char *aad,
|
||||
size_t len);
|
||||
int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx,
|
||||
const unsigned char *in, unsigned char *out,
|
||||
size_t len);
|
||||
int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx,
|
||||
const unsigned char *in, unsigned char *out,
|
||||
size_t len);
|
||||
int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx,
|
||||
const unsigned char *in, unsigned char *out,
|
||||
size_t len, ctr128_f stream);
|
||||
int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx,
|
||||
const unsigned char *in, unsigned char *out,
|
||||
size_t len, ctr128_f stream);
|
||||
int CRYPTO_gcm128_finish(GCM128_CONTEXT *ctx,const unsigned char *tag,
|
||||
size_t len);
|
||||
void CRYPTO_gcm128_tag(GCM128_CONTEXT *ctx, unsigned char *tag, size_t len);
|
||||
void CRYPTO_gcm128_release(GCM128_CONTEXT *ctx);
|
||||
|
||||
typedef struct ccm128_context CCM128_CONTEXT;
|
||||
|
||||
void CRYPTO_ccm128_init(CCM128_CONTEXT *ctx,
|
||||
unsigned int M, unsigned int L, void *key,block128_f block);
|
||||
int CRYPTO_ccm128_setiv(CCM128_CONTEXT *ctx,
|
||||
const unsigned char *nonce, size_t nlen, size_t mlen);
|
||||
void CRYPTO_ccm128_aad(CCM128_CONTEXT *ctx,
|
||||
const unsigned char *aad, size_t alen);
|
||||
int CRYPTO_ccm128_encrypt(CCM128_CONTEXT *ctx,
|
||||
const unsigned char *inp, unsigned char *out, size_t len);
|
||||
int CRYPTO_ccm128_decrypt(CCM128_CONTEXT *ctx,
|
||||
const unsigned char *inp, unsigned char *out, size_t len);
|
||||
int CRYPTO_ccm128_encrypt_ccm64(CCM128_CONTEXT *ctx,
|
||||
const unsigned char *inp, unsigned char *out, size_t len,
|
||||
ccm128_f stream);
|
||||
int CRYPTO_ccm128_decrypt_ccm64(CCM128_CONTEXT *ctx,
|
||||
const unsigned char *inp, unsigned char *out, size_t len,
|
||||
ccm128_f stream);
|
||||
size_t CRYPTO_ccm128_tag(CCM128_CONTEXT *ctx, unsigned char *tag, size_t len);
|
||||
|
||||
typedef struct xts128_context XTS128_CONTEXT;
|
||||
|
||||
int CRYPTO_xts128_encrypt(const XTS128_CONTEXT *ctx, const unsigned char iv[16],
|
||||
const unsigned char *inp, unsigned char *out, size_t len, int enc);
|
||||
|
|
|
|||
|
|
@ -580,6 +580,21 @@
|
|||
#define NID_sha1WithRSAEncryption 65
|
||||
#define OBJ_sha1WithRSAEncryption OBJ_pkcs1,5L
|
||||
|
||||
#define SN_rsaesOaep "RSAES-OAEP"
|
||||
#define LN_rsaesOaep "rsaesOaep"
|
||||
#define NID_rsaesOaep 919
|
||||
#define OBJ_rsaesOaep OBJ_pkcs1,7L
|
||||
|
||||
#define SN_mgf1 "MGF1"
|
||||
#define LN_mgf1 "mgf1"
|
||||
#define NID_mgf1 911
|
||||
#define OBJ_mgf1 OBJ_pkcs1,8L
|
||||
|
||||
#define SN_rsassaPss "RSASSA-PSS"
|
||||
#define LN_rsassaPss "rsassaPss"
|
||||
#define NID_rsassaPss 912
|
||||
#define OBJ_rsassaPss OBJ_pkcs1,10L
|
||||
|
||||
#define SN_sha256WithRSAEncryption "RSA-SHA256"
|
||||
#define LN_sha256WithRSAEncryption "sha256WithRSAEncryption"
|
||||
#define NID_sha256WithRSAEncryption 668
|
||||
|
|
@ -981,6 +996,10 @@
|
|||
#define NID_id_smime_alg_CMSRC2wrap 247
|
||||
#define OBJ_id_smime_alg_CMSRC2wrap OBJ_id_smime_alg,7L
|
||||
|
||||
#define SN_id_alg_PWRI_KEK "id-alg-PWRI-KEK"
|
||||
#define NID_id_alg_PWRI_KEK 893
|
||||
#define OBJ_id_alg_PWRI_KEK OBJ_id_smime_alg,9L
|
||||
|
||||
#define SN_id_smime_cd_ldap "id-smime-cd-ldap"
|
||||
#define NID_id_smime_cd_ldap 248
|
||||
#define OBJ_id_smime_cd_ldap OBJ_id_smime_cd,1L
|
||||
|
|
@ -2399,6 +2418,11 @@
|
|||
#define NID_no_rev_avail 403
|
||||
#define OBJ_no_rev_avail OBJ_id_ce,56L
|
||||
|
||||
#define SN_anyExtendedKeyUsage "anyExtendedKeyUsage"
|
||||
#define LN_anyExtendedKeyUsage "Any Extended Key Usage"
|
||||
#define NID_anyExtendedKeyUsage 910
|
||||
#define OBJ_anyExtendedKeyUsage OBJ_ext_key_usage,0L
|
||||
|
||||
#define SN_netscape "Netscape"
|
||||
#define LN_netscape "Netscape Communications Corp."
|
||||
#define NID_netscape 57
|
||||
|
|
@ -2586,6 +2610,24 @@
|
|||
#define NID_aes_128_cfb128 421
|
||||
#define OBJ_aes_128_cfb128 OBJ_aes,4L
|
||||
|
||||
#define SN_id_aes128_wrap "id-aes128-wrap"
|
||||
#define NID_id_aes128_wrap 788
|
||||
#define OBJ_id_aes128_wrap OBJ_aes,5L
|
||||
|
||||
#define SN_aes_128_gcm "id-aes128-GCM"
|
||||
#define LN_aes_128_gcm "aes-128-gcm"
|
||||
#define NID_aes_128_gcm 895
|
||||
#define OBJ_aes_128_gcm OBJ_aes,6L
|
||||
|
||||
#define SN_aes_128_ccm "id-aes128-CCM"
|
||||
#define LN_aes_128_ccm "aes-128-ccm"
|
||||
#define NID_aes_128_ccm 896
|
||||
#define OBJ_aes_128_ccm OBJ_aes,7L
|
||||
|
||||
#define SN_id_aes128_wrap_pad "id-aes128-wrap-pad"
|
||||
#define NID_id_aes128_wrap_pad 897
|
||||
#define OBJ_id_aes128_wrap_pad OBJ_aes,8L
|
||||
|
||||
#define SN_aes_192_ecb "AES-192-ECB"
|
||||
#define LN_aes_192_ecb "aes-192-ecb"
|
||||
#define NID_aes_192_ecb 422
|
||||
|
|
@ -2606,6 +2648,24 @@
|
|||
#define NID_aes_192_cfb128 425
|
||||
#define OBJ_aes_192_cfb128 OBJ_aes,24L
|
||||
|
||||
#define SN_id_aes192_wrap "id-aes192-wrap"
|
||||
#define NID_id_aes192_wrap 789
|
||||
#define OBJ_id_aes192_wrap OBJ_aes,25L
|
||||
|
||||
#define SN_aes_192_gcm "id-aes192-GCM"
|
||||
#define LN_aes_192_gcm "aes-192-gcm"
|
||||
#define NID_aes_192_gcm 898
|
||||
#define OBJ_aes_192_gcm OBJ_aes,26L
|
||||
|
||||
#define SN_aes_192_ccm "id-aes192-CCM"
|
||||
#define LN_aes_192_ccm "aes-192-ccm"
|
||||
#define NID_aes_192_ccm 899
|
||||
#define OBJ_aes_192_ccm OBJ_aes,27L
|
||||
|
||||
#define SN_id_aes192_wrap_pad "id-aes192-wrap-pad"
|
||||
#define NID_id_aes192_wrap_pad 900
|
||||
#define OBJ_id_aes192_wrap_pad OBJ_aes,28L
|
||||
|
||||
#define SN_aes_256_ecb "AES-256-ECB"
|
||||
#define LN_aes_256_ecb "aes-256-ecb"
|
||||
#define NID_aes_256_ecb 426
|
||||
|
|
@ -2626,6 +2686,24 @@
|
|||
#define NID_aes_256_cfb128 429
|
||||
#define OBJ_aes_256_cfb128 OBJ_aes,44L
|
||||
|
||||
#define SN_id_aes256_wrap "id-aes256-wrap"
|
||||
#define NID_id_aes256_wrap 790
|
||||
#define OBJ_id_aes256_wrap OBJ_aes,45L
|
||||
|
||||
#define SN_aes_256_gcm "id-aes256-GCM"
|
||||
#define LN_aes_256_gcm "aes-256-gcm"
|
||||
#define NID_aes_256_gcm 901
|
||||
#define OBJ_aes_256_gcm OBJ_aes,46L
|
||||
|
||||
#define SN_aes_256_ccm "id-aes256-CCM"
|
||||
#define LN_aes_256_ccm "aes-256-ccm"
|
||||
#define NID_aes_256_ccm 902
|
||||
#define OBJ_aes_256_ccm OBJ_aes,47L
|
||||
|
||||
#define SN_id_aes256_wrap_pad "id-aes256-wrap-pad"
|
||||
#define NID_id_aes256_wrap_pad 903
|
||||
#define OBJ_id_aes256_wrap_pad OBJ_aes,48L
|
||||
|
||||
#define SN_aes_128_cfb1 "AES-128-CFB1"
|
||||
#define LN_aes_128_cfb1 "aes-128-cfb1"
|
||||
#define NID_aes_128_cfb1 650
|
||||
|
|
@ -2650,6 +2728,26 @@
|
|||
#define LN_aes_256_cfb8 "aes-256-cfb8"
|
||||
#define NID_aes_256_cfb8 655
|
||||
|
||||
#define SN_aes_128_ctr "AES-128-CTR"
|
||||
#define LN_aes_128_ctr "aes-128-ctr"
|
||||
#define NID_aes_128_ctr 904
|
||||
|
||||
#define SN_aes_192_ctr "AES-192-CTR"
|
||||
#define LN_aes_192_ctr "aes-192-ctr"
|
||||
#define NID_aes_192_ctr 905
|
||||
|
||||
#define SN_aes_256_ctr "AES-256-CTR"
|
||||
#define LN_aes_256_ctr "aes-256-ctr"
|
||||
#define NID_aes_256_ctr 906
|
||||
|
||||
#define SN_aes_128_xts "AES-128-XTS"
|
||||
#define LN_aes_128_xts "aes-128-xts"
|
||||
#define NID_aes_128_xts 913
|
||||
|
||||
#define SN_aes_256_xts "AES-256-XTS"
|
||||
#define LN_aes_256_xts "aes-256-xts"
|
||||
#define NID_aes_256_xts 914
|
||||
|
||||
#define SN_des_cfb1 "DES-CFB1"
|
||||
#define LN_des_cfb1 "des-cfb1"
|
||||
#define NID_des_cfb1 656
|
||||
|
|
@ -2666,18 +2764,6 @@
|
|||
#define LN_des_ede3_cfb8 "des-ede3-cfb8"
|
||||
#define NID_des_ede3_cfb8 659
|
||||
|
||||
#define SN_id_aes128_wrap "id-aes128-wrap"
|
||||
#define NID_id_aes128_wrap 788
|
||||
#define OBJ_id_aes128_wrap OBJ_aes,5L
|
||||
|
||||
#define SN_id_aes192_wrap "id-aes192-wrap"
|
||||
#define NID_id_aes192_wrap 789
|
||||
#define OBJ_id_aes192_wrap OBJ_aes,25L
|
||||
|
||||
#define SN_id_aes256_wrap "id-aes256-wrap"
|
||||
#define NID_id_aes256_wrap 790
|
||||
#define OBJ_id_aes256_wrap OBJ_aes,45L
|
||||
|
||||
#define OBJ_nist_hashalgs OBJ_nistAlgorithms,2L
|
||||
|
||||
#define SN_sha256 "SHA256"
|
||||
|
|
@ -3810,6 +3896,18 @@
|
|||
#define NID_camellia_256_cbc 753
|
||||
#define OBJ_camellia_256_cbc 1L,2L,392L,200011L,61L,1L,1L,1L,4L
|
||||
|
||||
#define SN_id_camellia128_wrap "id-camellia128-wrap"
|
||||
#define NID_id_camellia128_wrap 907
|
||||
#define OBJ_id_camellia128_wrap 1L,2L,392L,200011L,61L,1L,1L,3L,2L
|
||||
|
||||
#define SN_id_camellia192_wrap "id-camellia192-wrap"
|
||||
#define NID_id_camellia192_wrap 908
|
||||
#define OBJ_id_camellia192_wrap 1L,2L,392L,200011L,61L,1L,1L,3L,3L
|
||||
|
||||
#define SN_id_camellia256_wrap "id-camellia256-wrap"
|
||||
#define NID_id_camellia256_wrap 909
|
||||
#define OBJ_id_camellia256_wrap 1L,2L,392L,200011L,61L,1L,1L,3L,4L
|
||||
|
||||
#define OBJ_ntt_ds 0L,3L,4401L,5L
|
||||
|
||||
#define OBJ_camellia OBJ_ntt_ds,3L,1L,9L
|
||||
|
|
@ -3912,3 +4010,23 @@
|
|||
#define LN_hmac "hmac"
|
||||
#define NID_hmac 855
|
||||
|
||||
#define SN_cmac "CMAC"
|
||||
#define LN_cmac "cmac"
|
||||
#define NID_cmac 894
|
||||
|
||||
#define SN_rc4_hmac_md5 "RC4-HMAC-MD5"
|
||||
#define LN_rc4_hmac_md5 "rc4-hmac-md5"
|
||||
#define NID_rc4_hmac_md5 915
|
||||
|
||||
#define SN_aes_128_cbc_hmac_sha1 "AES-128-CBC-HMAC-SHA1"
|
||||
#define LN_aes_128_cbc_hmac_sha1 "aes-128-cbc-hmac-sha1"
|
||||
#define NID_aes_128_cbc_hmac_sha1 916
|
||||
|
||||
#define SN_aes_192_cbc_hmac_sha1 "AES-192-CBC-HMAC-SHA1"
|
||||
#define LN_aes_192_cbc_hmac_sha1 "aes-192-cbc-hmac-sha1"
|
||||
#define NID_aes_192_cbc_hmac_sha1 917
|
||||
|
||||
#define SN_aes_256_cbc_hmac_sha1 "AES-256-CBC-HMAC-SHA1"
|
||||
#define LN_aes_256_cbc_hmac_sha1 "aes-256-cbc-hmac-sha1"
|
||||
#define NID_aes_256_cbc_hmac_sha1 918
|
||||
|
||||
|
|
|
|||
|
|
@ -5,6 +5,9 @@
|
|||
#ifndef OPENSSL_DOING_MAKEDEPEND
|
||||
|
||||
|
||||
#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
|
||||
# define OPENSSL_NO_EC_NISTP_64_GCC_128
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_GMP
|
||||
# define OPENSSL_NO_GMP
|
||||
#endif
|
||||
|
|
@ -23,6 +26,9 @@
|
|||
#ifndef OPENSSL_NO_RFC3779
|
||||
# define OPENSSL_NO_RFC3779
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_SCTP
|
||||
# define OPENSSL_NO_SCTP
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_STORE
|
||||
# define OPENSSL_NO_STORE
|
||||
#endif
|
||||
|
|
@ -41,6 +47,9 @@
|
|||
who haven't had the time to do the appropriate changes in their
|
||||
applications. */
|
||||
#ifdef OPENSSL_ALGORITHM_DEFINES
|
||||
# if defined(OPENSSL_NO_EC_NISTP_64_GCC_128) && !defined(NO_EC_NISTP_64_GCC_128)
|
||||
# define NO_EC_NISTP_64_GCC_128
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_GMP) && !defined(NO_GMP)
|
||||
# define NO_GMP
|
||||
# endif
|
||||
|
|
@ -59,6 +68,9 @@
|
|||
# if defined(OPENSSL_NO_RFC3779) && !defined(NO_RFC3779)
|
||||
# define NO_RFC3779
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP)
|
||||
# define NO_SCTP
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_STORE) && !defined(NO_STORE)
|
||||
# define NO_STORE
|
||||
# endif
|
||||
|
|
@ -71,8 +83,8 @@
|
|||
|
||||
#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
|
||||
#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
|
||||
#define ENGINESDIR "/Users/laurent/Projects/OpenSSL/openssl-1.0.0/iPhoneSimulator-i386/lib/engines"
|
||||
#define OPENSSLDIR "/Users/laurent/Projects/OpenSSL/openssl-1.0.0/iPhoneSimulator-i386"
|
||||
#define ENGINESDIR "/Users/diopmamadou/Documents/tmp/openssl-1.0.1-beta2/ios/armv6/lib/engines"
|
||||
#define OPENSSLDIR "/Users/diopmamadou/Documents/tmp/openssl-1.0.1-beta2"
|
||||
#endif
|
||||
#endif
|
||||
|
||||
|
|
|
|||
|
|
@ -25,11 +25,11 @@
|
|||
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
|
||||
* major minor fix final patch/beta)
|
||||
*/
|
||||
#define OPENSSL_VERSION_NUMBER 0x1000000fL
|
||||
#define OPENSSL_VERSION_NUMBER 0x10001002L
|
||||
#ifdef OPENSSL_FIPS
|
||||
#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0-fips 29 Mar 2010"
|
||||
#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1-fips-beta2 19 Jan 2012"
|
||||
#else
|
||||
#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0 29 Mar 2010"
|
||||
#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1-beta2 19 Jan 2012"
|
||||
#endif
|
||||
#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
|
||||
|
||||
|
|
|
|||
|
|
@ -91,10 +91,12 @@ typedef struct asn1_string_st ASN1_TIME;
|
|||
typedef struct asn1_string_st ASN1_GENERALIZEDTIME;
|
||||
typedef struct asn1_string_st ASN1_VISIBLESTRING;
|
||||
typedef struct asn1_string_st ASN1_UTF8STRING;
|
||||
typedef struct asn1_string_st ASN1_STRING;
|
||||
typedef int ASN1_BOOLEAN;
|
||||
typedef int ASN1_NULL;
|
||||
#endif
|
||||
|
||||
typedef struct ASN1_ITEM_st ASN1_ITEM;
|
||||
typedef struct asn1_pctx_st ASN1_PCTX;
|
||||
|
||||
#ifdef OPENSSL_SYS_WIN32
|
||||
|
|
|
|||
|
|
@ -548,10 +548,11 @@ EVP_PKEY *b2i_PrivateKey_bio(BIO *in);
|
|||
EVP_PKEY *b2i_PublicKey_bio(BIO *in);
|
||||
int i2b_PrivateKey_bio(BIO *out, EVP_PKEY *pk);
|
||||
int i2b_PublicKey_bio(BIO *out, EVP_PKEY *pk);
|
||||
|
||||
#ifndef OPENSSL_NO_RC4
|
||||
EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u);
|
||||
int i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel,
|
||||
pem_password_cb *cb, void *u);
|
||||
#endif
|
||||
|
||||
|
||||
/* BEGIN ERROR CODES */
|
||||
|
|
|
|||
|
|
@ -119,6 +119,11 @@ int RAND_event(UINT, WPARAM, LPARAM);
|
|||
|
||||
#endif
|
||||
|
||||
#ifdef OPENSSL_FIPS
|
||||
void RAND_set_fips_drbg_type(int type, int flags);
|
||||
int RAND_init_fips(void);
|
||||
#endif
|
||||
|
||||
/* BEGIN ERROR CODES */
|
||||
/* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||
* made after this point may be overwritten when the script is next run.
|
||||
|
|
@ -129,9 +134,13 @@ void ERR_load_RAND_strings(void);
|
|||
|
||||
/* Function codes. */
|
||||
#define RAND_F_RAND_GET_RAND_METHOD 101
|
||||
#define RAND_F_RAND_INIT_FIPS 102
|
||||
#define RAND_F_SSLEAY_RAND_BYTES 100
|
||||
|
||||
/* Reason codes. */
|
||||
#define RAND_R_ERROR_INITIALISING_DRBG 102
|
||||
#define RAND_R_ERROR_INSTANTIATING_DRBG 103
|
||||
#define RAND_R_NO_FIPS_RANDOM_METHOD_SET 101
|
||||
#define RAND_R_PRNG_NOT_SEEDED 100
|
||||
|
||||
#ifdef __cplusplus
|
||||
|
|
|
|||
|
|
@ -79,7 +79,9 @@ typedef struct rc2_key_st
|
|||
RC2_INT data[64];
|
||||
} RC2_KEY;
|
||||
|
||||
|
||||
#ifdef OPENSSL_FIPS
|
||||
void private_RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits);
|
||||
#endif
|
||||
void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits);
|
||||
void RC2_ecb_encrypt(const unsigned char *in,unsigned char *out,RC2_KEY *key,
|
||||
int enc);
|
||||
|
|
|
|||
|
|
@ -79,6 +79,7 @@ typedef struct rc4_key_st
|
|||
|
||||
const char *RC4_options(void);
|
||||
void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
|
||||
void private_RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
|
||||
void RC4(RC4_KEY *key, size_t len, const unsigned char *indata,
|
||||
unsigned char *outdata);
|
||||
|
||||
|
|
|
|||
|
|
@ -91,6 +91,9 @@ typedef struct RIPEMD160state_st
|
|||
unsigned int num;
|
||||
} RIPEMD160_CTX;
|
||||
|
||||
#ifdef OPENSSL_FIPS
|
||||
int private_RIPEMD160_Init(RIPEMD160_CTX *c);
|
||||
#endif
|
||||
int RIPEMD160_Init(RIPEMD160_CTX *c);
|
||||
int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, size_t len);
|
||||
int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c);
|
||||
|
|
|
|||
|
|
@ -222,12 +222,22 @@ struct rsa_st
|
|||
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, EVP_PKEY_CTRL_RSA_PADDING, \
|
||||
pad, NULL)
|
||||
|
||||
#define EVP_PKEY_CTX_get_rsa_padding(ctx, ppad) \
|
||||
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, \
|
||||
EVP_PKEY_CTRL_GET_RSA_PADDING, 0, ppad)
|
||||
|
||||
#define EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, len) \
|
||||
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
|
||||
(EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
|
||||
EVP_PKEY_CTRL_RSA_PSS_SALTLEN, \
|
||||
len, NULL)
|
||||
|
||||
#define EVP_PKEY_CTX_get_rsa_pss_saltlen(ctx, plen) \
|
||||
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
|
||||
(EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
|
||||
EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN, \
|
||||
0, plen)
|
||||
|
||||
#define EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits) \
|
||||
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \
|
||||
EVP_PKEY_CTRL_RSA_KEYGEN_BITS, bits, NULL)
|
||||
|
|
@ -236,11 +246,24 @@ struct rsa_st
|
|||
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \
|
||||
EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, 0, pubexp)
|
||||
|
||||
#define EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, md) \
|
||||
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_SIG, \
|
||||
EVP_PKEY_CTRL_RSA_MGF1_MD, 0, (void *)md)
|
||||
|
||||
#define EVP_PKEY_CTX_get_rsa_mgf1_md(ctx, pmd) \
|
||||
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_SIG, \
|
||||
EVP_PKEY_CTRL_GET_RSA_MGF1_MD, 0, (void *)pmd)
|
||||
|
||||
#define EVP_PKEY_CTRL_RSA_PADDING (EVP_PKEY_ALG_CTRL + 1)
|
||||
#define EVP_PKEY_CTRL_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 2)
|
||||
|
||||
#define EVP_PKEY_CTRL_RSA_KEYGEN_BITS (EVP_PKEY_ALG_CTRL + 3)
|
||||
#define EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP (EVP_PKEY_ALG_CTRL + 4)
|
||||
#define EVP_PKEY_CTRL_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 5)
|
||||
|
||||
#define EVP_PKEY_CTRL_GET_RSA_PADDING (EVP_PKEY_ALG_CTRL + 6)
|
||||
#define EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 7)
|
||||
#define EVP_PKEY_CTRL_GET_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 8)
|
||||
|
||||
#define RSA_PKCS1_PADDING 1
|
||||
#define RSA_SSLV23_PADDING 2
|
||||
|
|
@ -300,6 +323,16 @@ const RSA_METHOD *RSA_null_method(void);
|
|||
DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPublicKey)
|
||||
DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPrivateKey)
|
||||
|
||||
typedef struct rsa_pss_params_st
|
||||
{
|
||||
X509_ALGOR *hashAlgorithm;
|
||||
X509_ALGOR *maskGenAlgorithm;
|
||||
ASN1_INTEGER *saltLength;
|
||||
ASN1_INTEGER *trailerField;
|
||||
} RSA_PSS_PARAMS;
|
||||
|
||||
DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
|
||||
|
||||
#ifndef OPENSSL_NO_FP_API
|
||||
int RSA_print_fp(FILE *fp, const RSA *r,int offset);
|
||||
#endif
|
||||
|
|
@ -380,6 +413,14 @@ int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
|
|||
const unsigned char *mHash,
|
||||
const EVP_MD *Hash, int sLen);
|
||||
|
||||
int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
|
||||
const EVP_MD *Hash, const EVP_MD *mgf1Hash,
|
||||
const unsigned char *EM, int sLen);
|
||||
|
||||
int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
|
||||
const unsigned char *mHash,
|
||||
const EVP_MD *Hash, const EVP_MD *mgf1Hash, int sLen);
|
||||
|
||||
int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
|
||||
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
|
||||
int RSA_set_ex_data(RSA *r,int idx,void *arg);
|
||||
|
|
@ -388,6 +429,25 @@ void *RSA_get_ex_data(const RSA *r, int idx);
|
|||
RSA *RSAPublicKey_dup(RSA *rsa);
|
||||
RSA *RSAPrivateKey_dup(RSA *rsa);
|
||||
|
||||
/* If this flag is set the RSA method is FIPS compliant and can be used
|
||||
* in FIPS mode. This is set in the validated module method. If an
|
||||
* application sets this flag in its own methods it is its responsibility
|
||||
* to ensure the result is compliant.
|
||||
*/
|
||||
|
||||
#define RSA_FLAG_FIPS_METHOD 0x0400
|
||||
|
||||
/* If this flag is set the operations normally disabled in FIPS mode are
|
||||
* permitted it is then the applications responsibility to ensure that the
|
||||
* usage is compliant.
|
||||
*/
|
||||
|
||||
#define RSA_FLAG_NON_FIPS_ALLOW 0x0400
|
||||
/* Application has decided PRNG is good enough to generate a key: don't
|
||||
* check.
|
||||
*/
|
||||
#define RSA_FLAG_CHECKED 0x0800
|
||||
|
||||
/* BEGIN ERROR CODES */
|
||||
/* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||
* made after this point may be overwritten when the script is next run.
|
||||
|
|
@ -405,6 +465,7 @@ void ERR_load_RSA_strings(void);
|
|||
#define RSA_F_PKEY_RSA_CTRL 143
|
||||
#define RSA_F_PKEY_RSA_CTRL_STR 144
|
||||
#define RSA_F_PKEY_RSA_SIGN 142
|
||||
#define RSA_F_PKEY_RSA_VERIFY 154
|
||||
#define RSA_F_PKEY_RSA_VERIFYRECOVER 141
|
||||
#define RSA_F_RSA_BUILTIN_KEYGEN 129
|
||||
#define RSA_F_RSA_CHECK_KEY 123
|
||||
|
|
@ -413,6 +474,8 @@ void ERR_load_RSA_strings(void);
|
|||
#define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103
|
||||
#define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104
|
||||
#define RSA_F_RSA_GENERATE_KEY 105
|
||||
#define RSA_F_RSA_GENERATE_KEY_EX 155
|
||||
#define RSA_F_RSA_ITEM_VERIFY 156
|
||||
#define RSA_F_RSA_MEMORY_LOCK 130
|
||||
#define RSA_F_RSA_NEW_METHOD 106
|
||||
#define RSA_F_RSA_NULL 124
|
||||
|
|
@ -424,6 +487,7 @@ void ERR_load_RSA_strings(void);
|
|||
#define RSA_F_RSA_PADDING_ADD_NONE 107
|
||||
#define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121
|
||||
#define RSA_F_RSA_PADDING_ADD_PKCS1_PSS 125
|
||||
#define RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1 148
|
||||
#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108
|
||||
#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 109
|
||||
#define RSA_F_RSA_PADDING_ADD_SSLV23 110
|
||||
|
|
@ -436,8 +500,12 @@ void ERR_load_RSA_strings(void);
|
|||
#define RSA_F_RSA_PADDING_CHECK_X931 128
|
||||
#define RSA_F_RSA_PRINT 115
|
||||
#define RSA_F_RSA_PRINT_FP 116
|
||||
#define RSA_F_RSA_PRIVATE_DECRYPT 150
|
||||
#define RSA_F_RSA_PRIVATE_ENCRYPT 151
|
||||
#define RSA_F_RSA_PRIV_DECODE 137
|
||||
#define RSA_F_RSA_PRIV_ENCODE 138
|
||||
#define RSA_F_RSA_PUBLIC_DECRYPT 152
|
||||
#define RSA_F_RSA_PUBLIC_ENCRYPT 153
|
||||
#define RSA_F_RSA_PUB_DECODE 139
|
||||
#define RSA_F_RSA_SETUP_BLINDING 136
|
||||
#define RSA_F_RSA_SIGN 117
|
||||
|
|
@ -445,6 +513,7 @@ void ERR_load_RSA_strings(void);
|
|||
#define RSA_F_RSA_VERIFY 119
|
||||
#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 120
|
||||
#define RSA_F_RSA_VERIFY_PKCS1_PSS 126
|
||||
#define RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1 149
|
||||
|
||||
/* Reason codes. */
|
||||
#define RSA_R_ALGORITHM_MISMATCH 100
|
||||
|
|
@ -470,19 +539,24 @@ void ERR_load_RSA_strings(void);
|
|||
#define RSA_R_INVALID_HEADER 137
|
||||
#define RSA_R_INVALID_KEYBITS 145
|
||||
#define RSA_R_INVALID_MESSAGE_LENGTH 131
|
||||
#define RSA_R_INVALID_MGF1_MD 156
|
||||
#define RSA_R_INVALID_PADDING 138
|
||||
#define RSA_R_INVALID_PADDING_MODE 141
|
||||
#define RSA_R_INVALID_PSS_PARAMETERS 149
|
||||
#define RSA_R_INVALID_PSS_SALTLEN 146
|
||||
#define RSA_R_INVALID_SALT_LENGTH 150
|
||||
#define RSA_R_INVALID_TRAILER 139
|
||||
#define RSA_R_INVALID_X931_DIGEST 142
|
||||
#define RSA_R_IQMP_NOT_INVERSE_OF_Q 126
|
||||
#define RSA_R_KEY_SIZE_TOO_SMALL 120
|
||||
#define RSA_R_LAST_OCTET_INVALID 134
|
||||
#define RSA_R_MODULUS_TOO_LARGE 105
|
||||
#define RSA_R_NON_FIPS_RSA_METHOD 157
|
||||
#define RSA_R_NO_PUBLIC_EXPONENT 140
|
||||
#define RSA_R_NULL_BEFORE_BLOCK_MISSING 113
|
||||
#define RSA_R_N_DOES_NOT_EQUAL_P_Q 127
|
||||
#define RSA_R_OAEP_DECODING_ERROR 121
|
||||
#define RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 158
|
||||
#define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 148
|
||||
#define RSA_R_PADDING_CHECK_FAILED 114
|
||||
#define RSA_R_P_NOT_PRIME 128
|
||||
|
|
@ -493,7 +567,12 @@ void ERR_load_RSA_strings(void);
|
|||
#define RSA_R_SSLV3_ROLLBACK_ATTACK 115
|
||||
#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
|
||||
#define RSA_R_UNKNOWN_ALGORITHM_TYPE 117
|
||||
#define RSA_R_UNKNOWN_MASK_DIGEST 151
|
||||
#define RSA_R_UNKNOWN_PADDING_TYPE 118
|
||||
#define RSA_R_UNKNOWN_PSS_DIGEST 152
|
||||
#define RSA_R_UNSUPPORTED_MASK_ALGORITHM 153
|
||||
#define RSA_R_UNSUPPORTED_MASK_PARAMETER 154
|
||||
#define RSA_R_UNSUPPORTED_SIGNATURE_TYPE 155
|
||||
#define RSA_R_VALUE_MISSING 147
|
||||
#define RSA_R_WRONG_SIGNATURE_LENGTH 119
|
||||
|
||||
|
|
|
|||
|
|
@ -179,7 +179,8 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_BLOCK, void)
|
|||
sk_is_sorted(CHECKED_STACK_OF(type, st))
|
||||
|
||||
#define SKM_ASN1_SET_OF_d2i(type, st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
|
||||
(STACK_OF(type) *)d2i_ASN1_SET(CHECKED_STACK_OF(type, st), \
|
||||
(STACK_OF(type) *)d2i_ASN1_SET( \
|
||||
(STACK_OF(OPENSSL_BLOCK) **)CHECKED_PTR_OF(STACK_OF(type)*, st), \
|
||||
pp, length, \
|
||||
CHECKED_D2I_OF(type, d2i_func), \
|
||||
CHECKED_SK_FREE_FUNC(type, free_func), \
|
||||
|
|
@ -1458,6 +1459,94 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_BLOCK, void)
|
|||
#define sk_POLICY_MAPPING_sort(st) SKM_sk_sort(POLICY_MAPPING, (st))
|
||||
#define sk_POLICY_MAPPING_is_sorted(st) SKM_sk_is_sorted(POLICY_MAPPING, (st))
|
||||
|
||||
#define sk_SRP_gN_new(cmp) SKM_sk_new(SRP_gN, (cmp))
|
||||
#define sk_SRP_gN_new_null() SKM_sk_new_null(SRP_gN)
|
||||
#define sk_SRP_gN_free(st) SKM_sk_free(SRP_gN, (st))
|
||||
#define sk_SRP_gN_num(st) SKM_sk_num(SRP_gN, (st))
|
||||
#define sk_SRP_gN_value(st, i) SKM_sk_value(SRP_gN, (st), (i))
|
||||
#define sk_SRP_gN_set(st, i, val) SKM_sk_set(SRP_gN, (st), (i), (val))
|
||||
#define sk_SRP_gN_zero(st) SKM_sk_zero(SRP_gN, (st))
|
||||
#define sk_SRP_gN_push(st, val) SKM_sk_push(SRP_gN, (st), (val))
|
||||
#define sk_SRP_gN_unshift(st, val) SKM_sk_unshift(SRP_gN, (st), (val))
|
||||
#define sk_SRP_gN_find(st, val) SKM_sk_find(SRP_gN, (st), (val))
|
||||
#define sk_SRP_gN_find_ex(st, val) SKM_sk_find_ex(SRP_gN, (st), (val))
|
||||
#define sk_SRP_gN_delete(st, i) SKM_sk_delete(SRP_gN, (st), (i))
|
||||
#define sk_SRP_gN_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRP_gN, (st), (ptr))
|
||||
#define sk_SRP_gN_insert(st, val, i) SKM_sk_insert(SRP_gN, (st), (val), (i))
|
||||
#define sk_SRP_gN_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRP_gN, (st), (cmp))
|
||||
#define sk_SRP_gN_dup(st) SKM_sk_dup(SRP_gN, st)
|
||||
#define sk_SRP_gN_pop_free(st, free_func) SKM_sk_pop_free(SRP_gN, (st), (free_func))
|
||||
#define sk_SRP_gN_shift(st) SKM_sk_shift(SRP_gN, (st))
|
||||
#define sk_SRP_gN_pop(st) SKM_sk_pop(SRP_gN, (st))
|
||||
#define sk_SRP_gN_sort(st) SKM_sk_sort(SRP_gN, (st))
|
||||
#define sk_SRP_gN_is_sorted(st) SKM_sk_is_sorted(SRP_gN, (st))
|
||||
|
||||
#define sk_SRP_gN_cache_new(cmp) SKM_sk_new(SRP_gN_cache, (cmp))
|
||||
#define sk_SRP_gN_cache_new_null() SKM_sk_new_null(SRP_gN_cache)
|
||||
#define sk_SRP_gN_cache_free(st) SKM_sk_free(SRP_gN_cache, (st))
|
||||
#define sk_SRP_gN_cache_num(st) SKM_sk_num(SRP_gN_cache, (st))
|
||||
#define sk_SRP_gN_cache_value(st, i) SKM_sk_value(SRP_gN_cache, (st), (i))
|
||||
#define sk_SRP_gN_cache_set(st, i, val) SKM_sk_set(SRP_gN_cache, (st), (i), (val))
|
||||
#define sk_SRP_gN_cache_zero(st) SKM_sk_zero(SRP_gN_cache, (st))
|
||||
#define sk_SRP_gN_cache_push(st, val) SKM_sk_push(SRP_gN_cache, (st), (val))
|
||||
#define sk_SRP_gN_cache_unshift(st, val) SKM_sk_unshift(SRP_gN_cache, (st), (val))
|
||||
#define sk_SRP_gN_cache_find(st, val) SKM_sk_find(SRP_gN_cache, (st), (val))
|
||||
#define sk_SRP_gN_cache_find_ex(st, val) SKM_sk_find_ex(SRP_gN_cache, (st), (val))
|
||||
#define sk_SRP_gN_cache_delete(st, i) SKM_sk_delete(SRP_gN_cache, (st), (i))
|
||||
#define sk_SRP_gN_cache_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRP_gN_cache, (st), (ptr))
|
||||
#define sk_SRP_gN_cache_insert(st, val, i) SKM_sk_insert(SRP_gN_cache, (st), (val), (i))
|
||||
#define sk_SRP_gN_cache_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRP_gN_cache, (st), (cmp))
|
||||
#define sk_SRP_gN_cache_dup(st) SKM_sk_dup(SRP_gN_cache, st)
|
||||
#define sk_SRP_gN_cache_pop_free(st, free_func) SKM_sk_pop_free(SRP_gN_cache, (st), (free_func))
|
||||
#define sk_SRP_gN_cache_shift(st) SKM_sk_shift(SRP_gN_cache, (st))
|
||||
#define sk_SRP_gN_cache_pop(st) SKM_sk_pop(SRP_gN_cache, (st))
|
||||
#define sk_SRP_gN_cache_sort(st) SKM_sk_sort(SRP_gN_cache, (st))
|
||||
#define sk_SRP_gN_cache_is_sorted(st) SKM_sk_is_sorted(SRP_gN_cache, (st))
|
||||
|
||||
#define sk_SRP_user_pwd_new(cmp) SKM_sk_new(SRP_user_pwd, (cmp))
|
||||
#define sk_SRP_user_pwd_new_null() SKM_sk_new_null(SRP_user_pwd)
|
||||
#define sk_SRP_user_pwd_free(st) SKM_sk_free(SRP_user_pwd, (st))
|
||||
#define sk_SRP_user_pwd_num(st) SKM_sk_num(SRP_user_pwd, (st))
|
||||
#define sk_SRP_user_pwd_value(st, i) SKM_sk_value(SRP_user_pwd, (st), (i))
|
||||
#define sk_SRP_user_pwd_set(st, i, val) SKM_sk_set(SRP_user_pwd, (st), (i), (val))
|
||||
#define sk_SRP_user_pwd_zero(st) SKM_sk_zero(SRP_user_pwd, (st))
|
||||
#define sk_SRP_user_pwd_push(st, val) SKM_sk_push(SRP_user_pwd, (st), (val))
|
||||
#define sk_SRP_user_pwd_unshift(st, val) SKM_sk_unshift(SRP_user_pwd, (st), (val))
|
||||
#define sk_SRP_user_pwd_find(st, val) SKM_sk_find(SRP_user_pwd, (st), (val))
|
||||
#define sk_SRP_user_pwd_find_ex(st, val) SKM_sk_find_ex(SRP_user_pwd, (st), (val))
|
||||
#define sk_SRP_user_pwd_delete(st, i) SKM_sk_delete(SRP_user_pwd, (st), (i))
|
||||
#define sk_SRP_user_pwd_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRP_user_pwd, (st), (ptr))
|
||||
#define sk_SRP_user_pwd_insert(st, val, i) SKM_sk_insert(SRP_user_pwd, (st), (val), (i))
|
||||
#define sk_SRP_user_pwd_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRP_user_pwd, (st), (cmp))
|
||||
#define sk_SRP_user_pwd_dup(st) SKM_sk_dup(SRP_user_pwd, st)
|
||||
#define sk_SRP_user_pwd_pop_free(st, free_func) SKM_sk_pop_free(SRP_user_pwd, (st), (free_func))
|
||||
#define sk_SRP_user_pwd_shift(st) SKM_sk_shift(SRP_user_pwd, (st))
|
||||
#define sk_SRP_user_pwd_pop(st) SKM_sk_pop(SRP_user_pwd, (st))
|
||||
#define sk_SRP_user_pwd_sort(st) SKM_sk_sort(SRP_user_pwd, (st))
|
||||
#define sk_SRP_user_pwd_is_sorted(st) SKM_sk_is_sorted(SRP_user_pwd, (st))
|
||||
|
||||
#define sk_SRTP_PROTECTION_PROFILE_new(cmp) SKM_sk_new(SRTP_PROTECTION_PROFILE, (cmp))
|
||||
#define sk_SRTP_PROTECTION_PROFILE_new_null() SKM_sk_new_null(SRTP_PROTECTION_PROFILE)
|
||||
#define sk_SRTP_PROTECTION_PROFILE_free(st) SKM_sk_free(SRTP_PROTECTION_PROFILE, (st))
|
||||
#define sk_SRTP_PROTECTION_PROFILE_num(st) SKM_sk_num(SRTP_PROTECTION_PROFILE, (st))
|
||||
#define sk_SRTP_PROTECTION_PROFILE_value(st, i) SKM_sk_value(SRTP_PROTECTION_PROFILE, (st), (i))
|
||||
#define sk_SRTP_PROTECTION_PROFILE_set(st, i, val) SKM_sk_set(SRTP_PROTECTION_PROFILE, (st), (i), (val))
|
||||
#define sk_SRTP_PROTECTION_PROFILE_zero(st) SKM_sk_zero(SRTP_PROTECTION_PROFILE, (st))
|
||||
#define sk_SRTP_PROTECTION_PROFILE_push(st, val) SKM_sk_push(SRTP_PROTECTION_PROFILE, (st), (val))
|
||||
#define sk_SRTP_PROTECTION_PROFILE_unshift(st, val) SKM_sk_unshift(SRTP_PROTECTION_PROFILE, (st), (val))
|
||||
#define sk_SRTP_PROTECTION_PROFILE_find(st, val) SKM_sk_find(SRTP_PROTECTION_PROFILE, (st), (val))
|
||||
#define sk_SRTP_PROTECTION_PROFILE_find_ex(st, val) SKM_sk_find_ex(SRTP_PROTECTION_PROFILE, (st), (val))
|
||||
#define sk_SRTP_PROTECTION_PROFILE_delete(st, i) SKM_sk_delete(SRTP_PROTECTION_PROFILE, (st), (i))
|
||||
#define sk_SRTP_PROTECTION_PROFILE_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRTP_PROTECTION_PROFILE, (st), (ptr))
|
||||
#define sk_SRTP_PROTECTION_PROFILE_insert(st, val, i) SKM_sk_insert(SRTP_PROTECTION_PROFILE, (st), (val), (i))
|
||||
#define sk_SRTP_PROTECTION_PROFILE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRTP_PROTECTION_PROFILE, (st), (cmp))
|
||||
#define sk_SRTP_PROTECTION_PROFILE_dup(st) SKM_sk_dup(SRTP_PROTECTION_PROFILE, st)
|
||||
#define sk_SRTP_PROTECTION_PROFILE_pop_free(st, free_func) SKM_sk_pop_free(SRTP_PROTECTION_PROFILE, (st), (free_func))
|
||||
#define sk_SRTP_PROTECTION_PROFILE_shift(st) SKM_sk_shift(SRTP_PROTECTION_PROFILE, (st))
|
||||
#define sk_SRTP_PROTECTION_PROFILE_pop(st) SKM_sk_pop(SRTP_PROTECTION_PROFILE, (st))
|
||||
#define sk_SRTP_PROTECTION_PROFILE_sort(st) SKM_sk_sort(SRTP_PROTECTION_PROFILE, (st))
|
||||
#define sk_SRTP_PROTECTION_PROFILE_is_sorted(st) SKM_sk_is_sorted(SRTP_PROTECTION_PROFILE, (st))
|
||||
|
||||
#define sk_SSL_CIPHER_new(cmp) SKM_sk_new(SSL_CIPHER, (cmp))
|
||||
#define sk_SSL_CIPHER_new_null() SKM_sk_new_null(SSL_CIPHER)
|
||||
#define sk_SSL_CIPHER_free(st) SKM_sk_free(SSL_CIPHER, (st))
|
||||
|
|
@ -2030,81 +2119,81 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_BLOCK, void)
|
|||
#define sk_void_sort(st) SKM_sk_sort(void, (st))
|
||||
#define sk_void_is_sorted(st) SKM_sk_is_sorted(void, (st))
|
||||
|
||||
#define sk_OPENSSL_STRING_new(cmp) ((STACK_OF(OPENSSL_STRING) *)sk_new(CHECKED_SK_CMP_FUNC(char, cmp)))
|
||||
#define sk_OPENSSL_STRING_new_null() ((STACK_OF(OPENSSL_STRING) *)sk_new_null())
|
||||
#define sk_OPENSSL_STRING_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val))
|
||||
#define sk_OPENSSL_STRING_find(st, val) sk_find(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val))
|
||||
#define sk_OPENSSL_STRING_value(st, i) ((OPENSSL_STRING)sk_value(CHECKED_STACK_OF(OPENSSL_STRING, st), i))
|
||||
#define sk_OPENSSL_STRING_num(st) SKM_sk_num(OPENSSL_STRING, st)
|
||||
#define sk_OPENSSL_STRING_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_SK_FREE_FUNC2(OPENSSL_STRING, free_func))
|
||||
#define sk_OPENSSL_STRING_insert(st, val, i) sk_insert(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val), i)
|
||||
#define sk_OPENSSL_STRING_free(st) SKM_sk_free(OPENSSL_STRING, st)
|
||||
#define sk_OPENSSL_STRING_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_STRING, st), i, CHECKED_PTR_OF(char, val))
|
||||
#define sk_OPENSSL_STRING_zero(st) SKM_sk_zero(OPENSSL_STRING, (st))
|
||||
#define sk_OPENSSL_STRING_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val))
|
||||
#define sk_OPENSSL_STRING_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_CONST_PTR_OF(char, val))
|
||||
#define sk_OPENSSL_STRING_delete(st, i) SKM_sk_delete(OPENSSL_STRING, (st), (i))
|
||||
#define sk_OPENSSL_STRING_delete_ptr(st, ptr) (OPENSSL_STRING *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, ptr))
|
||||
#define sk_OPENSSL_STRING_set_cmp_func(st, cmp) \
|
||||
((int (*)(const char * const *,const char * const *)) \
|
||||
sk_set_cmp_func(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_SK_CMP_FUNC(char, cmp)))
|
||||
#define sk_OPENSSL_STRING_dup(st) SKM_sk_dup(OPENSSL_STRING, st)
|
||||
#define sk_OPENSSL_STRING_shift(st) SKM_sk_shift(OPENSSL_STRING, (st))
|
||||
#define sk_OPENSSL_STRING_pop(st) (char *)sk_pop(CHECKED_STACK_OF(OPENSSL_STRING, st))
|
||||
#define sk_OPENSSL_STRING_sort(st) SKM_sk_sort(OPENSSL_STRING, (st))
|
||||
#define sk_OPENSSL_STRING_is_sorted(st) SKM_sk_is_sorted(OPENSSL_STRING, (st))
|
||||
|
||||
|
||||
#define sk_OPENSSL_BLOCK_new(cmp) ((STACK_OF(OPENSSL_BLOCK) *)sk_new(CHECKED_SK_CMP_FUNC(void, cmp)))
|
||||
#define sk_OPENSSL_BLOCK_new_null() ((STACK_OF(OPENSSL_BLOCK) *)sk_new_null())
|
||||
#define sk_OPENSSL_BLOCK_push(st, val) sk_push(CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_PTR_OF(void, val))
|
||||
#define sk_OPENSSL_BLOCK_find(st, val) sk_find(CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_PTR_OF(void, val))
|
||||
#define sk_OPENSSL_BLOCK_value(st, i) ((OPENSSL_BLOCK)sk_value(CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), i))
|
||||
#define sk_OPENSSL_BLOCK_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val))
|
||||
#define sk_OPENSSL_BLOCK_find(st, val) sk_find(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val))
|
||||
#define sk_OPENSSL_BLOCK_value(st, i) ((OPENSSL_BLOCK)sk_value(CHECKED_STACK_OF(OPENSSL_BLOCK, st), i))
|
||||
#define sk_OPENSSL_BLOCK_num(st) SKM_sk_num(OPENSSL_BLOCK, st)
|
||||
#define sk_OPENSSL_BLOCK_pop_free(st, free_func) sk_pop_free(CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_SK_FREE_FUNC2(OPENSSL_BLOCK, free_func))
|
||||
#define sk_OPENSSL_BLOCK_insert(st, val, i) sk_insert(CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_PTR_OF(void, val), i)
|
||||
#define sk_OPENSSL_BLOCK_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_SK_FREE_FUNC2(OPENSSL_BLOCK, free_func))
|
||||
#define sk_OPENSSL_BLOCK_insert(st, val, i) sk_insert(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val), i)
|
||||
#define sk_OPENSSL_BLOCK_free(st) SKM_sk_free(OPENSSL_BLOCK, st)
|
||||
#define sk_OPENSSL_BLOCK_set(st, i, val) sk_set((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), i, CHECKED_PTR_OF(void, val))
|
||||
#define sk_OPENSSL_BLOCK_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_BLOCK, st), i, CHECKED_PTR_OF(void, val))
|
||||
#define sk_OPENSSL_BLOCK_zero(st) SKM_sk_zero(OPENSSL_BLOCK, (st))
|
||||
#define sk_OPENSSL_BLOCK_unshift(st, val) sk_unshift((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_PTR_OF(void, val))
|
||||
#define sk_OPENSSL_BLOCK_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val))
|
||||
#define sk_OPENSSL_BLOCK_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_CONST_PTR_OF(void, val))
|
||||
#define sk_OPENSSL_BLOCK_delete(st, i) SKM_sk_delete(OPENSSL_BLOCK, (st), (i))
|
||||
#define sk_OPENSSL_BLOCK_delete_ptr(st, ptr) (OPENSSL_BLOCK *)sk_delete_ptr((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_PTR_OF(void, ptr))
|
||||
#define sk_OPENSSL_BLOCK_delete_ptr(st, ptr) (OPENSSL_BLOCK *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, ptr))
|
||||
#define sk_OPENSSL_BLOCK_set_cmp_func(st, cmp) \
|
||||
((int (*)(const void * const *,const void * const *)) \
|
||||
sk_set_cmp_func((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_SK_CMP_FUNC(void, cmp)))
|
||||
sk_set_cmp_func(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_SK_CMP_FUNC(void, cmp)))
|
||||
#define sk_OPENSSL_BLOCK_dup(st) SKM_sk_dup(OPENSSL_BLOCK, st)
|
||||
#define sk_OPENSSL_BLOCK_shift(st) SKM_sk_shift(OPENSSL_BLOCK, (st))
|
||||
#define sk_OPENSSL_BLOCK_pop(st) (void *)sk_pop((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_BLOCK), st))
|
||||
#define sk_OPENSSL_BLOCK_pop(st) (void *)sk_pop(CHECKED_STACK_OF(OPENSSL_BLOCK, st))
|
||||
#define sk_OPENSSL_BLOCK_sort(st) SKM_sk_sort(OPENSSL_BLOCK, (st))
|
||||
#define sk_OPENSSL_BLOCK_is_sorted(st) SKM_sk_is_sorted(OPENSSL_BLOCK, (st))
|
||||
|
||||
|
||||
#define sk_OPENSSL_PSTRING_new(cmp) ((STACK_OF(OPENSSL_PSTRING) *)sk_new(CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp)))
|
||||
#define sk_OPENSSL_PSTRING_new_null() ((STACK_OF(OPENSSL_PSTRING) *)sk_new_null())
|
||||
#define sk_OPENSSL_PSTRING_push(st, val) sk_push(CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_PTR_OF(OPENSSL_STRING, val))
|
||||
#define sk_OPENSSL_PSTRING_find(st, val) sk_find(CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_PTR_OF(OPENSSL_STRING, val))
|
||||
#define sk_OPENSSL_PSTRING_value(st, i) ((OPENSSL_PSTRING)sk_value(CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), i))
|
||||
#define sk_OPENSSL_PSTRING_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val))
|
||||
#define sk_OPENSSL_PSTRING_find(st, val) sk_find(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val))
|
||||
#define sk_OPENSSL_PSTRING_value(st, i) ((OPENSSL_PSTRING)sk_value(CHECKED_STACK_OF(OPENSSL_PSTRING, st), i))
|
||||
#define sk_OPENSSL_PSTRING_num(st) SKM_sk_num(OPENSSL_PSTRING, st)
|
||||
#define sk_OPENSSL_PSTRING_pop_free(st, free_func) sk_pop_free(CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_SK_FREE_FUNC2(OPENSSL_PSTRING, free_func))
|
||||
#define sk_OPENSSL_PSTRING_insert(st, val, i) sk_insert(CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_PTR_OF(OPENSSL_STRING, val), i)
|
||||
#define sk_OPENSSL_PSTRING_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_FREE_FUNC2(OPENSSL_PSTRING, free_func))
|
||||
#define sk_OPENSSL_PSTRING_insert(st, val, i) sk_insert(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val), i)
|
||||
#define sk_OPENSSL_PSTRING_free(st) SKM_sk_free(OPENSSL_PSTRING, st)
|
||||
#define sk_OPENSSL_PSTRING_set(st, i, val) sk_set((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), i, CHECKED_PTR_OF(OPENSSL_STRING, val))
|
||||
#define sk_OPENSSL_PSTRING_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_PSTRING, st), i, CHECKED_PTR_OF(OPENSSL_STRING, val))
|
||||
#define sk_OPENSSL_PSTRING_zero(st) SKM_sk_zero(OPENSSL_PSTRING, (st))
|
||||
#define sk_OPENSSL_PSTRING_unshift(st, val) sk_unshift((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_PTR_OF(OPENSSL_STRING, val))
|
||||
#define sk_OPENSSL_PSTRING_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val))
|
||||
#define sk_OPENSSL_PSTRING_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_CONST_PTR_OF(OPENSSL_STRING, val))
|
||||
#define sk_OPENSSL_PSTRING_delete(st, i) SKM_sk_delete(OPENSSL_PSTRING, (st), (i))
|
||||
#define sk_OPENSSL_PSTRING_delete_ptr(st, ptr) (OPENSSL_PSTRING *)sk_delete_ptr((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_PTR_OF(OPENSSL_STRING, ptr))
|
||||
#define sk_OPENSSL_PSTRING_delete_ptr(st, ptr) (OPENSSL_PSTRING *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, ptr))
|
||||
#define sk_OPENSSL_PSTRING_set_cmp_func(st, cmp) \
|
||||
((int (*)(const OPENSSL_STRING * const *,const OPENSSL_STRING * const *)) \
|
||||
sk_set_cmp_func((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp)))
|
||||
sk_set_cmp_func(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp)))
|
||||
#define sk_OPENSSL_PSTRING_dup(st) SKM_sk_dup(OPENSSL_PSTRING, st)
|
||||
#define sk_OPENSSL_PSTRING_shift(st) SKM_sk_shift(OPENSSL_PSTRING, (st))
|
||||
#define sk_OPENSSL_PSTRING_pop(st) (OPENSSL_STRING *)sk_pop((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_PSTRING), st))
|
||||
#define sk_OPENSSL_PSTRING_pop(st) (OPENSSL_STRING *)sk_pop(CHECKED_STACK_OF(OPENSSL_PSTRING, st))
|
||||
#define sk_OPENSSL_PSTRING_sort(st) SKM_sk_sort(OPENSSL_PSTRING, (st))
|
||||
#define sk_OPENSSL_PSTRING_is_sorted(st) SKM_sk_is_sorted(OPENSSL_PSTRING, (st))
|
||||
|
||||
|
||||
#define sk_OPENSSL_STRING_new(cmp) ((STACK_OF(OPENSSL_STRING) *)sk_new(CHECKED_SK_CMP_FUNC(char, cmp)))
|
||||
#define sk_OPENSSL_STRING_new_null() ((STACK_OF(OPENSSL_STRING) *)sk_new_null())
|
||||
#define sk_OPENSSL_STRING_push(st, val) sk_push(CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_PTR_OF(char, val))
|
||||
#define sk_OPENSSL_STRING_find(st, val) sk_find(CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_PTR_OF(char, val))
|
||||
#define sk_OPENSSL_STRING_value(st, i) ((OPENSSL_STRING)sk_value(CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st), i))
|
||||
#define sk_OPENSSL_STRING_num(st) SKM_sk_num(OPENSSL_STRING, st)
|
||||
#define sk_OPENSSL_STRING_pop_free(st, free_func) sk_pop_free(CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_SK_FREE_FUNC2(OPENSSL_STRING, free_func))
|
||||
#define sk_OPENSSL_STRING_insert(st, val, i) sk_insert(CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_PTR_OF(char, val), i)
|
||||
#define sk_OPENSSL_STRING_free(st) SKM_sk_free(OPENSSL_STRING, st)
|
||||
#define sk_OPENSSL_STRING_set(st, i, val) sk_set((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st), i, CHECKED_PTR_OF(char, val))
|
||||
#define sk_OPENSSL_STRING_zero(st) SKM_sk_zero(OPENSSL_STRING, (st))
|
||||
#define sk_OPENSSL_STRING_unshift(st, val) sk_unshift((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_PTR_OF(char, val))
|
||||
#define sk_OPENSSL_STRING_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_CONST_PTR_OF(char, val))
|
||||
#define sk_OPENSSL_STRING_delete(st, i) SKM_sk_delete(OPENSSL_STRING, (st), (i))
|
||||
#define sk_OPENSSL_STRING_delete_ptr(st, ptr) (OPENSSL_STRING *)sk_delete_ptr((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_PTR_OF(char, ptr))
|
||||
#define sk_OPENSSL_STRING_set_cmp_func(st, cmp) \
|
||||
((int (*)(const char * const *,const char * const *)) \
|
||||
sk_set_cmp_func((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_SK_CMP_FUNC(char, cmp)))
|
||||
#define sk_OPENSSL_STRING_dup(st) SKM_sk_dup(OPENSSL_STRING, st)
|
||||
#define sk_OPENSSL_STRING_shift(st) SKM_sk_shift(OPENSSL_STRING, (st))
|
||||
#define sk_OPENSSL_STRING_pop(st) (char *)sk_pop((_STACK *)CHECKED_PTR_OF(STACK_OF(OPENSSL_STRING), st))
|
||||
#define sk_OPENSSL_STRING_sort(st) SKM_sk_sort(OPENSSL_STRING, (st))
|
||||
#define sk_OPENSSL_STRING_is_sorted(st) SKM_sk_is_sorted(OPENSSL_STRING, (st))
|
||||
|
||||
|
||||
#define d2i_ASN1_SET_OF_ACCESS_DESCRIPTION(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
|
||||
SKM_ASN1_SET_OF_d2i(ACCESS_DESCRIPTION, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
|
||||
#define i2d_ASN1_SET_OF_ACCESS_DESCRIPTION(st, pp, i2d_func, ex_tag, ex_class, is_set) \
|
||||
|
|
|
|||
|
|
@ -116,7 +116,9 @@ typedef struct seed_key_st {
|
|||
#endif
|
||||
} SEED_KEY_SCHEDULE;
|
||||
|
||||
|
||||
#ifdef OPENSSL_FIPS
|
||||
void private_SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH], SEED_KEY_SCHEDULE *ks);
|
||||
#endif
|
||||
void SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH], SEED_KEY_SCHEDULE *ks);
|
||||
|
||||
void SEED_encrypt(const unsigned char s[SEED_BLOCK_SIZE], unsigned char d[SEED_BLOCK_SIZE], const SEED_KEY_SCHEDULE *ks);
|
||||
|
|
|
|||
|
|
@ -106,6 +106,9 @@ typedef struct SHAstate_st
|
|||
} SHA_CTX;
|
||||
|
||||
#ifndef OPENSSL_NO_SHA0
|
||||
#ifdef OPENSSL_FIPS
|
||||
int private_SHA_Init(SHA_CTX *c);
|
||||
#endif
|
||||
int SHA_Init(SHA_CTX *c);
|
||||
int SHA_Update(SHA_CTX *c, const void *data, size_t len);
|
||||
int SHA_Final(unsigned char *md, SHA_CTX *c);
|
||||
|
|
@ -113,6 +116,9 @@ unsigned char *SHA(const unsigned char *d, size_t n, unsigned char *md);
|
|||
void SHA_Transform(SHA_CTX *c, const unsigned char *data);
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_SHA1
|
||||
#ifdef OPENSSL_FIPS
|
||||
int private_SHA1_Init(SHA_CTX *c);
|
||||
#endif
|
||||
int SHA1_Init(SHA_CTX *c);
|
||||
int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
|
||||
int SHA1_Final(unsigned char *md, SHA_CTX *c);
|
||||
|
|
@ -135,6 +141,10 @@ typedef struct SHA256state_st
|
|||
} SHA256_CTX;
|
||||
|
||||
#ifndef OPENSSL_NO_SHA256
|
||||
#ifdef OPENSSL_FIPS
|
||||
int private_SHA224_Init(SHA256_CTX *c);
|
||||
int private_SHA256_Init(SHA256_CTX *c);
|
||||
#endif
|
||||
int SHA224_Init(SHA256_CTX *c);
|
||||
int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
|
||||
int SHA224_Final(unsigned char *md, SHA256_CTX *c);
|
||||
|
|
@ -182,6 +192,10 @@ typedef struct SHA512state_st
|
|||
#endif
|
||||
|
||||
#ifndef OPENSSL_NO_SHA512
|
||||
#ifdef OPENSSL_FIPS
|
||||
int private_SHA384_Init(SHA512_CTX *c);
|
||||
int private_SHA512_Init(SHA512_CTX *c);
|
||||
#endif
|
||||
int SHA384_Init(SHA512_CTX *c);
|
||||
int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
|
||||
int SHA384_Final(unsigned char *md, SHA512_CTX *c);
|
||||
|
|
|
|||
|
|
@ -0,0 +1,172 @@
|
|||
/* crypto/srp/srp.h */
|
||||
/* Written by Christophe Renou (christophe.renou@edelweb.fr) with
|
||||
* the precious help of Peter Sylvester (peter.sylvester@edelweb.fr)
|
||||
* for the EdelKey project and contributed to the OpenSSL project 2004.
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2004 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* licensing@OpenSSL.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*
|
||||
* This product includes cryptographic software written by Eric Young
|
||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||
* Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
*/
|
||||
#ifndef __SRP_H__
|
||||
#define __SRP_H__
|
||||
|
||||
#ifndef OPENSSL_NO_SRP
|
||||
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
#include <openssl/safestack.h>
|
||||
#include <openssl/bn.h>
|
||||
#include <openssl/crypto.h>
|
||||
|
||||
typedef struct SRP_gN_cache_st
|
||||
{
|
||||
char *b64_bn;
|
||||
BIGNUM *bn;
|
||||
} SRP_gN_cache;
|
||||
|
||||
|
||||
DECLARE_STACK_OF(SRP_gN_cache)
|
||||
|
||||
typedef struct SRP_user_pwd_st
|
||||
{
|
||||
char *id;
|
||||
BIGNUM *s;
|
||||
BIGNUM *v;
|
||||
const BIGNUM *g;
|
||||
const BIGNUM *N;
|
||||
char *info;
|
||||
} SRP_user_pwd;
|
||||
|
||||
DECLARE_STACK_OF(SRP_user_pwd)
|
||||
|
||||
typedef struct SRP_VBASE_st
|
||||
{
|
||||
STACK_OF(SRP_user_pwd) *users_pwd;
|
||||
STACK_OF(SRP_gN_cache) *gN_cache;
|
||||
/* to simulate a user */
|
||||
char *seed_key;
|
||||
BIGNUM *default_g;
|
||||
BIGNUM *default_N;
|
||||
} SRP_VBASE;
|
||||
|
||||
|
||||
/*Structure interne pour retenir les couples N et g*/
|
||||
typedef struct SRP_gN_st
|
||||
{
|
||||
char *id;
|
||||
BIGNUM *g;
|
||||
BIGNUM *N;
|
||||
} SRP_gN;
|
||||
|
||||
DECLARE_STACK_OF(SRP_gN)
|
||||
|
||||
SRP_VBASE *SRP_VBASE_new(char *seed_key);
|
||||
int SRP_VBASE_free(SRP_VBASE *vb);
|
||||
int SRP_VBASE_init(SRP_VBASE *vb, char * verifier_file);
|
||||
SRP_user_pwd *SRP_VBASE_get_by_user(SRP_VBASE *vb, char *username);
|
||||
char *SRP_create_verifier(const char *user, const char *pass, char **salt,
|
||||
char **verifier, const char *N, const char *g);
|
||||
int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt, BIGNUM **verifier, BIGNUM *N, BIGNUM *g);
|
||||
|
||||
|
||||
#define SRP_NO_ERROR 0
|
||||
#define SRP_ERR_VBASE_INCOMPLETE_FILE 1
|
||||
#define SRP_ERR_VBASE_BN_LIB 2
|
||||
#define SRP_ERR_OPEN_FILE 3
|
||||
#define SRP_ERR_MEMORY 4
|
||||
|
||||
#define DB_srptype 0
|
||||
#define DB_srpverifier 1
|
||||
#define DB_srpsalt 2
|
||||
#define DB_srpid 3
|
||||
#define DB_srpgN 4
|
||||
#define DB_srpinfo 5
|
||||
#undef DB_NUMBER
|
||||
#define DB_NUMBER 6
|
||||
|
||||
#define DB_SRP_INDEX 'I'
|
||||
#define DB_SRP_VALID 'V'
|
||||
#define DB_SRP_REVOKED 'R'
|
||||
#define DB_SRP_MODIF 'v'
|
||||
|
||||
|
||||
/* see srp.c */
|
||||
char * SRP_check_known_gN_param(BIGNUM* g, BIGNUM* N);
|
||||
SRP_gN *SRP_get_default_gN(const char * id) ;
|
||||
|
||||
/* server side .... */
|
||||
BIGNUM *SRP_Calc_server_key(BIGNUM *A, BIGNUM *v, BIGNUM *u, BIGNUM *b, BIGNUM *N);
|
||||
BIGNUM *SRP_Calc_B(BIGNUM *b, BIGNUM *N, BIGNUM *g, BIGNUM *v);
|
||||
int SRP_Verify_A_mod_N(BIGNUM *A, BIGNUM *N);
|
||||
BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N) ;
|
||||
|
||||
|
||||
|
||||
/* client side .... */
|
||||
BIGNUM *SRP_Calc_x(BIGNUM *s, const char *user, const char *pass);
|
||||
BIGNUM *SRP_Calc_A(BIGNUM *a, BIGNUM *N, BIGNUM *g);
|
||||
BIGNUM *SRP_Calc_client_key(BIGNUM *N, BIGNUM *B, BIGNUM *g, BIGNUM *x, BIGNUM *a, BIGNUM *u);
|
||||
int SRP_Verify_B_mod_N(BIGNUM *B, BIGNUM *N);
|
||||
|
||||
#define SRP_MINIMAL_N 1024
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif
|
||||
#endif
|
||||
|
|
@ -0,0 +1,145 @@
|
|||
/* ssl/tls1.h */
|
||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||
* All rights reserved.
|
||||
*
|
||||
* This package is an SSL implementation written
|
||||
* by Eric Young (eay@cryptsoft.com).
|
||||
* The implementation was written so as to conform with Netscapes SSL.
|
||||
*
|
||||
* This library is free for commercial and non-commercial use as long as
|
||||
* the following conditions are aheared to. The following conditions
|
||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||
* included with this distribution is covered by the same copyright terms
|
||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||
* the code are not to be removed.
|
||||
* If this package is used in a product, Eric Young should be given attribution
|
||||
* as the author of the parts of the library used.
|
||||
* This can be in the form of a textual message at program startup or
|
||||
* in documentation (online or textual) provided with the package.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. All advertising materials mentioning features or use of this software
|
||||
* must display the following acknowledgement:
|
||||
* "This product includes cryptographic software written by
|
||||
* Eric Young (eay@cryptsoft.com)"
|
||||
* The word 'cryptographic' can be left out if the rouines from the library
|
||||
* being used are not cryptographic related :-).
|
||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||
* the apps directory (application code) you must include an acknowledgement:
|
||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* The licence and distribution terms for any publically available version or
|
||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||
* copied and put under another distribution licence
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* openssl-core@openssl.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*
|
||||
* This product includes cryptographic software written by Eric Young
|
||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||
* Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
*/
|
||||
/*
|
||||
DTLS code by Eric Rescorla <ekr@rtfm.com>
|
||||
|
||||
Copyright (C) 2006, Network Resonance, Inc.
|
||||
Copyright (C) 2011, RTFM, Inc.
|
||||
*/
|
||||
|
||||
#ifndef HEADER_D1_SRTP_H
|
||||
#define HEADER_D1_SRTP_H
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
|
||||
#define SRTP_AES128_CM_SHA1_80 0x0001
|
||||
#define SRTP_AES128_CM_SHA1_32 0x0002
|
||||
#define SRTP_AES128_F8_SHA1_80 0x0003
|
||||
#define SRTP_AES128_F8_SHA1_32 0x0004
|
||||
#define SRTP_NULL_SHA1_80 0x0005
|
||||
#define SRTP_NULL_SHA1_32 0x0006
|
||||
|
||||
int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles);
|
||||
int SSL_set_tlsext_use_srtp(SSL *ctx, const char *profiles);
|
||||
SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s);
|
||||
|
||||
STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *ssl);
|
||||
SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif
|
||||
|
||||
|
|
@ -252,6 +252,7 @@ extern "C" {
|
|||
#define SSL_TXT_kEECDH "kEECDH"
|
||||
#define SSL_TXT_kPSK "kPSK"
|
||||
#define SSL_TXT_kGOST "kGOST"
|
||||
#define SSL_TXT_kSRP "kSRP"
|
||||
|
||||
#define SSL_TXT_aRSA "aRSA"
|
||||
#define SSL_TXT_aDSS "aDSS"
|
||||
|
|
@ -275,6 +276,7 @@ extern "C" {
|
|||
#define SSL_TXT_ECDSA "ECDSA"
|
||||
#define SSL_TXT_KRB5 "KRB5"
|
||||
#define SSL_TXT_PSK "PSK"
|
||||
#define SSL_TXT_SRP "SRP"
|
||||
|
||||
#define SSL_TXT_DES "DES"
|
||||
#define SSL_TXT_3DES "3DES"
|
||||
|
|
@ -285,6 +287,7 @@ extern "C" {
|
|||
#define SSL_TXT_AES128 "AES128"
|
||||
#define SSL_TXT_AES256 "AES256"
|
||||
#define SSL_TXT_AES "AES"
|
||||
#define SSL_TXT_AES_GCM "AESGCM"
|
||||
#define SSL_TXT_CAMELLIA128 "CAMELLIA128"
|
||||
#define SSL_TXT_CAMELLIA256 "CAMELLIA256"
|
||||
#define SSL_TXT_CAMELLIA "CAMELLIA"
|
||||
|
|
@ -294,10 +297,14 @@ extern "C" {
|
|||
#define SSL_TXT_SHA "SHA" /* same as "SHA1" */
|
||||
#define SSL_TXT_GOST94 "GOST94"
|
||||
#define SSL_TXT_GOST89MAC "GOST89MAC"
|
||||
#define SSL_TXT_SHA256 "SHA256"
|
||||
#define SSL_TXT_SHA384 "SHA384"
|
||||
|
||||
#define SSL_TXT_SSLV2 "SSLv2"
|
||||
#define SSL_TXT_SSLV3 "SSLv3"
|
||||
#define SSL_TXT_TLSV1 "TLSv1"
|
||||
#define SSL_TXT_TLSV1_1 "TLSv1.1"
|
||||
#define SSL_TXT_TLSV1_2 "TLSv1.2"
|
||||
|
||||
#define SSL_TXT_EXP "EXP"
|
||||
#define SSL_TXT_EXPORT "EXPORT"
|
||||
|
|
@ -356,9 +363,29 @@ extern "C" {
|
|||
* in SSL_CTX. */
|
||||
typedef struct ssl_st *ssl_crock_st;
|
||||
typedef struct tls_session_ticket_ext_st TLS_SESSION_TICKET_EXT;
|
||||
typedef struct ssl_method_st SSL_METHOD;
|
||||
typedef struct ssl_cipher_st SSL_CIPHER;
|
||||
typedef struct ssl_session_st SSL_SESSION;
|
||||
|
||||
DECLARE_STACK_OF(SSL_CIPHER)
|
||||
|
||||
/* SRTP protection profiles for use with the use_srtp extension (RFC 5764)*/
|
||||
typedef struct srtp_protection_profile_st
|
||||
{
|
||||
const char *name;
|
||||
unsigned long id;
|
||||
} SRTP_PROTECTION_PROFILE;
|
||||
|
||||
DECLARE_STACK_OF(SRTP_PROTECTION_PROFILE)
|
||||
|
||||
typedef int (*tls_session_ticket_ext_cb_fn)(SSL *s, const unsigned char *data, int len, void *arg);
|
||||
typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len, STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg);
|
||||
|
||||
|
||||
#ifndef OPENSSL_NO_SSL_INTERN
|
||||
|
||||
/* used to hold info on the particular ciphers used */
|
||||
typedef struct ssl_cipher_st
|
||||
struct ssl_cipher_st
|
||||
{
|
||||
int valid;
|
||||
const char *name; /* text name */
|
||||
|
|
@ -375,15 +402,11 @@ typedef struct ssl_cipher_st
|
|||
unsigned long algorithm2; /* Extra flags */
|
||||
int strength_bits; /* Number of bits really used */
|
||||
int alg_bits; /* Number of bits for algorithm */
|
||||
} SSL_CIPHER;
|
||||
};
|
||||
|
||||
DECLARE_STACK_OF(SSL_CIPHER)
|
||||
|
||||
typedef int (*tls_session_ticket_ext_cb_fn)(SSL *s, const unsigned char *data, int len, void *arg);
|
||||
typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len, STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg);
|
||||
|
||||
/* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */
|
||||
typedef struct ssl_method_st
|
||||
struct ssl_method_st
|
||||
{
|
||||
int version;
|
||||
int (*ssl_new)(SSL *s);
|
||||
|
|
@ -416,7 +439,7 @@ typedef struct ssl_method_st
|
|||
int (*ssl_version)(void);
|
||||
long (*ssl_callback_ctrl)(SSL *s, int cb_id, void (*fp)(void));
|
||||
long (*ssl_ctx_callback_ctrl)(SSL_CTX *s, int cb_id, void (*fp)(void));
|
||||
} SSL_METHOD;
|
||||
};
|
||||
|
||||
/* Lets make this into an ASN.1 type structure as follows
|
||||
* SSL_SESSION_ID ::= SEQUENCE {
|
||||
|
|
@ -433,14 +456,17 @@ typedef struct ssl_method_st
|
|||
* Session_ID_context [ 4 ] EXPLICIT OCTET STRING, -- the Session ID context
|
||||
* Verify_result [ 5 ] EXPLICIT INTEGER, -- X509_V_... code for `Peer'
|
||||
* HostName [ 6 ] EXPLICIT OCTET STRING, -- optional HostName from servername TLS extension
|
||||
* ECPointFormatList [ 7 ] OCTET STRING, -- optional EC point format list from TLS extension
|
||||
* PSK_identity_hint [ 8 ] EXPLICIT OCTET STRING, -- optional PSK identity hint
|
||||
* PSK_identity [ 9 ] EXPLICIT OCTET STRING -- optional PSK identity
|
||||
* PSK_identity_hint [ 7 ] EXPLICIT OCTET STRING, -- optional PSK identity hint
|
||||
* PSK_identity [ 8 ] EXPLICIT OCTET STRING, -- optional PSK identity
|
||||
* Ticket_lifetime_hint [9] EXPLICIT INTEGER, -- server's lifetime hint for session ticket
|
||||
* Ticket [10] EXPLICIT OCTET STRING, -- session ticket (clients only)
|
||||
* Compression_meth [11] EXPLICIT OCTET STRING, -- optional compression method
|
||||
* SRP_username [ 12 ] EXPLICIT OCTET STRING -- optional SRP username
|
||||
* }
|
||||
* Look in ssl/ssl_asn1.c for more details
|
||||
* I'm using EXPLICIT tags so I can read the damn things using asn1parse :-).
|
||||
*/
|
||||
typedef struct ssl_session_st
|
||||
struct ssl_session_st
|
||||
{
|
||||
int ssl_version; /* what ssl version session info is
|
||||
* being kept in here? */
|
||||
|
|
@ -512,8 +538,12 @@ typedef struct ssl_session_st
|
|||
size_t tlsext_ticklen; /* Session ticket length */
|
||||
long tlsext_tick_lifetime_hint; /* Session lifetime hint in seconds */
|
||||
#endif
|
||||
} SSL_SESSION;
|
||||
#ifndef OPENSSL_NO_SRP
|
||||
char *srp_username;
|
||||
#endif
|
||||
};
|
||||
|
||||
#endif
|
||||
|
||||
#define SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001L
|
||||
#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L
|
||||
|
|
@ -526,6 +556,7 @@ typedef struct ssl_session_st
|
|||
#define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L
|
||||
#define SSL_OP_TLS_D5_BUG 0x00000100L
|
||||
#define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L
|
||||
#define SSL_OP_NO_TLSv1_1 0x00000400L
|
||||
|
||||
/* Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added
|
||||
* in OpenSSL 0.9.6d. Usually (depending on the application protocol)
|
||||
|
|
@ -536,7 +567,7 @@ typedef struct ssl_session_st
|
|||
|
||||
/* SSL_OP_ALL: various bug workarounds that should be rather harmless.
|
||||
* This used to be 0x000FFFFFL before 0.9.7. */
|
||||
#define SSL_OP_ALL 0x80000FFFL
|
||||
#define SSL_OP_ALL 0x80000BFFL
|
||||
|
||||
/* DTLS options */
|
||||
#define SSL_OP_NO_QUERY_MTU 0x00001000L
|
||||
|
|
@ -572,11 +603,16 @@ typedef struct ssl_session_st
|
|||
#define SSL_OP_NO_SSLv2 0x01000000L
|
||||
#define SSL_OP_NO_SSLv3 0x02000000L
|
||||
#define SSL_OP_NO_TLSv1 0x04000000L
|
||||
#define SSL_OP_NO_TLSv1_2 0x08000000L
|
||||
|
||||
/* These next two were never actually used for anything since SSLeay
|
||||
* zap so we have some more flags.
|
||||
*/
|
||||
/* The next flag deliberately changes the ciphertest, this is a check
|
||||
* for the PKCS#1 attack */
|
||||
#define SSL_OP_PKCS1_CHECK_1 0x08000000L
|
||||
#define SSL_OP_PKCS1_CHECK_2 0x10000000L
|
||||
#define SSL_OP_PKCS1_CHECK_1 0x0
|
||||
#define SSL_OP_PKCS1_CHECK_2 0x0
|
||||
|
||||
#define SSL_OP_NETSCAPE_CA_DN_BUG 0x20000000L
|
||||
#define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x40000000L
|
||||
/* Make server add server-hello extension from early version of
|
||||
|
|
@ -637,12 +673,53 @@ typedef struct ssl_session_st
|
|||
#define SSL_get_secure_renegotiation_support(ssl) \
|
||||
SSL_ctrl((ssl), SSL_CTRL_GET_RI_SUPPORT, 0, NULL)
|
||||
|
||||
#ifndef OPENSSL_NO_HEARTBEATS
|
||||
#define SSL_heartbeat(ssl) \
|
||||
SSL_ctrl((ssl),SSL_CTRL_TLS_EXT_SEND_HEARTBEAT,0,NULL)
|
||||
#endif
|
||||
|
||||
void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
|
||||
void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
|
||||
#define SSL_CTX_set_msg_callback_arg(ctx, arg) SSL_CTX_ctrl((ctx), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
|
||||
#define SSL_set_msg_callback_arg(ssl, arg) SSL_ctrl((ssl), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
|
||||
|
||||
#ifndef OPENSSL_NO_SRP
|
||||
|
||||
#ifndef OPENSSL_NO_SSL_INTERN
|
||||
|
||||
typedef struct srp_ctx_st
|
||||
{
|
||||
/* param for all the callbacks */
|
||||
void *SRP_cb_arg;
|
||||
/* set client Hello login callback */
|
||||
int (*TLS_ext_srp_username_callback)(SSL *, int *, void *);
|
||||
/* set SRP N/g param callback for verification */
|
||||
int (*SRP_verify_param_callback)(SSL *, void *);
|
||||
/* set SRP client passwd callback */
|
||||
char *(*SRP_give_srp_client_pwd_callback)(SSL *, void *);
|
||||
|
||||
char *login;
|
||||
BIGNUM *N,*g,*s,*B,*A;
|
||||
BIGNUM *a,*b,*v;
|
||||
char *info;
|
||||
int strength;
|
||||
|
||||
unsigned long srp_Mask;
|
||||
} SRP_CTX;
|
||||
|
||||
#endif
|
||||
|
||||
/* see tls_srp.c */
|
||||
int SSL_SRP_CTX_init(SSL *s);
|
||||
int SSL_CTX_SRP_CTX_init(SSL_CTX *ctx);
|
||||
int SSL_SRP_CTX_free(SSL *ctx);
|
||||
int SSL_CTX_SRP_CTX_free(SSL_CTX *ctx);
|
||||
int SSL_srp_server_param_with_username(SSL *s, int *ad);
|
||||
int SRP_generate_server_master_secret(SSL *s,unsigned char *master_key);
|
||||
int SRP_Calc_A_param(SSL *s);
|
||||
int SRP_generate_client_master_secret(SSL *s,unsigned char *master_key);
|
||||
|
||||
#endif
|
||||
|
||||
#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32)
|
||||
#define SSL_MAX_CERT_LIST_DEFAULT 1024*30 /* 30k max cert list :-) */
|
||||
|
|
@ -668,7 +745,11 @@ void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int con
|
|||
typedef int (*GEN_SESSION_CB)(const SSL *ssl, unsigned char *id,
|
||||
unsigned int *id_len);
|
||||
|
||||
typedef struct ssl_comp_st
|
||||
typedef struct ssl_comp_st SSL_COMP;
|
||||
|
||||
#ifndef OPENSSL_NO_SSL_INTERN
|
||||
|
||||
struct ssl_comp_st
|
||||
{
|
||||
int id;
|
||||
const char *name;
|
||||
|
|
@ -677,7 +758,7 @@ typedef struct ssl_comp_st
|
|||
#else
|
||||
char *method;
|
||||
#endif
|
||||
} SSL_COMP;
|
||||
};
|
||||
|
||||
DECLARE_STACK_OF(SSL_COMP)
|
||||
DECLARE_LHASH_OF(SSL_SESSION);
|
||||
|
|
@ -847,9 +928,28 @@ struct ssl_ctx_st
|
|||
int (*tlsext_status_cb)(SSL *ssl, void *arg);
|
||||
void *tlsext_status_arg;
|
||||
|
||||
# ifndef OPENSSL_NO_NEXTPROTONEG
|
||||
/* Next protocol negotiation information */
|
||||
/* (for experimental NPN extension). */
|
||||
|
||||
/* For a server, this contains a callback function by which the set of
|
||||
* advertised protocols can be provided. */
|
||||
int (*next_protos_advertised_cb)(SSL *s, const unsigned char **buf,
|
||||
unsigned int *len, void *arg);
|
||||
void *next_protos_advertised_cb_arg;
|
||||
/* For a client, this contains a callback function that selects the
|
||||
* next protocol from the list provided by the server. */
|
||||
int (*next_proto_select_cb)(SSL *s, unsigned char **out,
|
||||
unsigned char *outlen,
|
||||
const unsigned char *in,
|
||||
unsigned int inlen,
|
||||
void *arg);
|
||||
void *next_proto_select_cb_arg;
|
||||
|
||||
/* draft-rescorla-tls-opaque-prf-input-00.txt information */
|
||||
int (*tlsext_opaque_prf_input_callback)(SSL *, void *peerinput, size_t len, void *arg);
|
||||
void *tlsext_opaque_prf_input_callback_arg;
|
||||
# endif
|
||||
#endif
|
||||
|
||||
#ifndef OPENSSL_NO_PSK
|
||||
|
|
@ -866,9 +966,19 @@ struct ssl_ctx_st
|
|||
unsigned int freelist_max_len;
|
||||
struct ssl3_buf_freelist_st *wbuf_freelist;
|
||||
struct ssl3_buf_freelist_st *rbuf_freelist;
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_SRP
|
||||
SRP_CTX srp_ctx; /* ctx for SRP authentication */
|
||||
#endif
|
||||
|
||||
#ifndef OPENSSL_NO_TLSEXT
|
||||
/* SRTP profiles we are willing to do from RFC 5764 */
|
||||
STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles;
|
||||
#endif
|
||||
};
|
||||
|
||||
#endif
|
||||
|
||||
#define SSL_SESS_CACHE_OFF 0x0000
|
||||
#define SSL_SESS_CACHE_CLIENT 0x0001
|
||||
#define SSL_SESS_CACHE_SERVER 0x0002
|
||||
|
|
@ -921,6 +1031,32 @@ int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e);
|
|||
#endif
|
||||
void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx, int (*app_gen_cookie_cb)(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len));
|
||||
void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx, int (*app_verify_cookie_cb)(SSL *ssl, unsigned char *cookie, unsigned int cookie_len));
|
||||
#ifndef OPENSSL_NO_NEXTPROTONEG
|
||||
void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *s,
|
||||
int (*cb) (SSL *ssl,
|
||||
const unsigned char **out,
|
||||
unsigned int *outlen,
|
||||
void *arg),
|
||||
void *arg);
|
||||
void SSL_CTX_set_next_proto_select_cb(SSL_CTX *s,
|
||||
int (*cb) (SSL *ssl,
|
||||
unsigned char **out,
|
||||
unsigned char *outlen,
|
||||
const unsigned char *in,
|
||||
unsigned int inlen,
|
||||
void *arg),
|
||||
void *arg);
|
||||
|
||||
int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
|
||||
const unsigned char *in, unsigned int inlen,
|
||||
const unsigned char *client, unsigned int client_len);
|
||||
void SSL_get0_next_proto_negotiated(const SSL *s,
|
||||
const unsigned char **data, unsigned *len);
|
||||
|
||||
#define OPENSSL_NPN_UNSUPPORTED 0
|
||||
#define OPENSSL_NPN_NEGOTIATED 1
|
||||
#define OPENSSL_NPN_NO_OVERLAP 2
|
||||
#endif
|
||||
|
||||
#ifndef OPENSSL_NO_PSK
|
||||
/* the maximum length of the buffer given to callbacks containing the
|
||||
|
|
@ -961,6 +1097,8 @@ const char *SSL_get_psk_identity(const SSL *s);
|
|||
#define SSL_MAC_FLAG_READ_MAC_STREAM 1
|
||||
#define SSL_MAC_FLAG_WRITE_MAC_STREAM 2
|
||||
|
||||
#ifndef OPENSSL_NO_SSL_INTERN
|
||||
|
||||
struct ssl_st
|
||||
{
|
||||
/* protocol version
|
||||
|
|
@ -1005,12 +1143,14 @@ struct ssl_st
|
|||
|
||||
int server; /* are we the server side? - mostly used by SSL_clear*/
|
||||
|
||||
int new_session;/* 1 if we are to use a new session.
|
||||
* 2 if we are a server and are inside a handshake
|
||||
* (i.e. not just sending a HelloRequest)
|
||||
int new_session;/* Generate a new session or reuse an old one.
|
||||
* NB: For servers, the 'new' session may actually be a previously
|
||||
* cached session or even the previous session unless
|
||||
* SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */
|
||||
int renegotiate;/* 1 if we are renegotiating.
|
||||
* 2 if we are a server and are inside a handshake
|
||||
* (i.e. not just sending a HelloRequest) */
|
||||
|
||||
int quiet_shutdown;/* don't send shutdown packets */
|
||||
int shutdown; /* we have shut things down, 0x01 sent, 0x02
|
||||
* for received */
|
||||
|
|
@ -1108,6 +1248,10 @@ struct ssl_st
|
|||
unsigned char *psk, unsigned int max_psk_len);
|
||||
#endif
|
||||
|
||||
#ifndef OPENSSL_NO_SRP
|
||||
SRP_CTX srp_ctx; /* ctx for SRP authentication */
|
||||
#endif
|
||||
|
||||
SSL_CTX *ctx;
|
||||
/* set this flag to 1 and a sleep(1) is put into all SSL_read()
|
||||
* and SSL_write() calls, good for nbio debuging :-) */
|
||||
|
|
@ -1177,12 +1321,38 @@ struct ssl_st
|
|||
void *tls_session_secret_cb_arg;
|
||||
|
||||
SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */
|
||||
|
||||
#ifndef OPENSSL_NO_NEXTPROTONEG
|
||||
/* Next protocol negotiation. For the client, this is the protocol that
|
||||
* we sent in NextProtocol and is set when handling ServerHello
|
||||
* extensions.
|
||||
*
|
||||
* For a server, this is the client's selected_protocol from
|
||||
* NextProtocol and is set when handling the NextProtocol message,
|
||||
* before the Finished message. */
|
||||
unsigned char *next_proto_negotiated;
|
||||
unsigned char next_proto_negotiated_len;
|
||||
#endif
|
||||
|
||||
#define session_ctx initial_ctx
|
||||
|
||||
STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles; /* What we'll do */
|
||||
SRTP_PROTECTION_PROFILE *srtp_profile; /* What's been chosen */
|
||||
|
||||
unsigned int tlsext_heartbeat; /* Is use of the Heartbeat extension negotiated?
|
||||
0: disabled
|
||||
1: enabled
|
||||
2: enabled, but not allowed to send Requests
|
||||
*/
|
||||
unsigned int tlsext_hb_pending; /* Indicates if a HeartbeatRequest is in flight */
|
||||
unsigned int tlsext_hb_seq; /* HeartbeatRequest sequence number */
|
||||
#else
|
||||
#define session_ctx ctx
|
||||
#endif /* OPENSSL_NO_TLSEXT */
|
||||
};
|
||||
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
|
@ -1192,6 +1362,7 @@ struct ssl_st
|
|||
#include <openssl/tls1.h> /* This is mostly sslv3 with a few tweaks */
|
||||
#include <openssl/dtls1.h> /* Datagram TLS */
|
||||
#include <openssl/ssl23.h>
|
||||
#include <openssl/srtp.h> /* Support for the use_srtp extension */
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
|
|
@ -1408,6 +1579,20 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
|
|||
#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP 71
|
||||
|
||||
#define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB 72
|
||||
|
||||
#define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB 75
|
||||
#define SSL_CTRL_SET_SRP_VERIFY_PARAM_CB 76
|
||||
#define SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB 77
|
||||
|
||||
#define SSL_CTRL_SET_SRP_ARG 78
|
||||
#define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME 79
|
||||
#define SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH 80
|
||||
#define SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD 81
|
||||
#ifndef OPENSSL_NO_HEARTBEATS
|
||||
#define SSL_CTRL_TLS_EXT_SEND_HEARTBEAT 85
|
||||
#define SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING 86
|
||||
#define SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS 87
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#define DTLS_CTRL_GET_TIMEOUT 73
|
||||
|
|
@ -1418,6 +1603,9 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
|
|||
#define SSL_CTRL_CLEAR_OPTIONS 77
|
||||
#define SSL_CTRL_CLEAR_MODE 78
|
||||
|
||||
#define SSL_CTRL_GET_EXTRA_CHAIN_CERTS 82
|
||||
#define SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS 83
|
||||
|
||||
#define DTLSv1_get_timeout(ssl, arg) \
|
||||
SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg)
|
||||
#define DTLSv1_handle_timeout(ssl) \
|
||||
|
|
@ -1454,6 +1642,10 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
|
|||
|
||||
#define SSL_CTX_add_extra_chain_cert(ctx,x509) \
|
||||
SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509)
|
||||
#define SSL_CTX_get_extra_chain_certs(ctx,px509) \
|
||||
SSL_CTX_ctrl(ctx,SSL_CTRL_GET_EXTRA_CHAIN_CERTS,0,px509)
|
||||
#define SSL_CTX_clear_extra_chain_certs(ctx) \
|
||||
SSL_CTX_ctrl(ctx,SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS,0,NULL)
|
||||
|
||||
#ifndef OPENSSL_NO_BIO
|
||||
BIO_METHOD *BIO_f_ssl(void);
|
||||
|
|
@ -1481,6 +1673,7 @@ const SSL_CIPHER *SSL_get_current_cipher(const SSL *s);
|
|||
int SSL_CIPHER_get_bits(const SSL_CIPHER *c,int *alg_bits);
|
||||
char * SSL_CIPHER_get_version(const SSL_CIPHER *c);
|
||||
const char * SSL_CIPHER_get_name(const SSL_CIPHER *c);
|
||||
unsigned long SSL_CIPHER_get_id(const SSL_CIPHER *c);
|
||||
|
||||
int SSL_get_fd(const SSL *s);
|
||||
int SSL_get_rfd(const SSL *s);
|
||||
|
|
@ -1546,10 +1739,14 @@ long SSL_SESSION_set_time(SSL_SESSION *s, long t);
|
|||
long SSL_SESSION_get_timeout(const SSL_SESSION *s);
|
||||
long SSL_SESSION_set_timeout(SSL_SESSION *s, long t);
|
||||
void SSL_copy_session_id(SSL *to,const SSL *from);
|
||||
X509 *SSL_SESSION_get0_peer(SSL_SESSION *s);
|
||||
int SSL_SESSION_set1_id_context(SSL_SESSION *s,const unsigned char *sid_ctx,
|
||||
unsigned int sid_ctx_len);
|
||||
|
||||
SSL_SESSION *SSL_SESSION_new(void);
|
||||
const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s,
|
||||
unsigned int *len);
|
||||
unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s);
|
||||
#ifndef OPENSSL_NO_FP_API
|
||||
int SSL_SESSION_print_fp(FILE *fp,const SSL_SESSION *ses);
|
||||
#endif
|
||||
|
|
@ -1612,6 +1809,30 @@ int SSL_set_trust(SSL *s, int trust);
|
|||
int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm);
|
||||
int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm);
|
||||
|
||||
#ifndef OPENSSL_NO_SRP
|
||||
int SSL_CTX_set_srp_username(SSL_CTX *ctx,char *name);
|
||||
int SSL_CTX_set_srp_password(SSL_CTX *ctx,char *password);
|
||||
int SSL_CTX_set_srp_strength(SSL_CTX *ctx, int strength);
|
||||
int SSL_CTX_set_srp_client_pwd_callback(SSL_CTX *ctx,
|
||||
char *(*cb)(SSL *,void *));
|
||||
int SSL_CTX_set_srp_verify_param_callback(SSL_CTX *ctx,
|
||||
int (*cb)(SSL *,void *));
|
||||
int SSL_CTX_set_srp_username_callback(SSL_CTX *ctx,
|
||||
int (*cb)(SSL *,int *,void *));
|
||||
int SSL_CTX_set_srp_cb_arg(SSL_CTX *ctx, void *arg);
|
||||
|
||||
int SSL_set_srp_server_param(SSL *s, const BIGNUM *N, const BIGNUM *g,
|
||||
BIGNUM *sa, BIGNUM *v, char *info);
|
||||
int SSL_set_srp_server_param_pw(SSL *s, const char *user, const char *pass,
|
||||
const char *grp);
|
||||
|
||||
BIGNUM *SSL_get_srp_g(SSL *s);
|
||||
BIGNUM *SSL_get_srp_N(SSL *s);
|
||||
|
||||
char *SSL_get_srp_username(SSL *s);
|
||||
char *SSL_get_srp_userinfo(SSL *s);
|
||||
#endif
|
||||
|
||||
void SSL_free(SSL *ssl);
|
||||
int SSL_accept(SSL *ssl);
|
||||
int SSL_connect(SSL *ssl);
|
||||
|
|
@ -1647,6 +1868,15 @@ const SSL_METHOD *TLSv1_method(void); /* TLSv1.0 */
|
|||
const SSL_METHOD *TLSv1_server_method(void); /* TLSv1.0 */
|
||||
const SSL_METHOD *TLSv1_client_method(void); /* TLSv1.0 */
|
||||
|
||||
const SSL_METHOD *TLSv1_1_method(void); /* TLSv1.1 */
|
||||
const SSL_METHOD *TLSv1_1_server_method(void); /* TLSv1.1 */
|
||||
const SSL_METHOD *TLSv1_1_client_method(void); /* TLSv1.1 */
|
||||
|
||||
const SSL_METHOD *TLSv1_2_method(void); /* TLSv1.2 */
|
||||
const SSL_METHOD *TLSv1_2_server_method(void); /* TLSv1.2 */
|
||||
const SSL_METHOD *TLSv1_2_client_method(void); /* TLSv1.2 */
|
||||
|
||||
|
||||
const SSL_METHOD *DTLSv1_method(void); /* DTLSv1.0 */
|
||||
const SSL_METHOD *DTLSv1_server_method(void); /* DTLSv1.0 */
|
||||
const SSL_METHOD *DTLSv1_client_method(void); /* DTLSv1.0 */
|
||||
|
|
@ -1655,6 +1885,7 @@ STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s);
|
|||
|
||||
int SSL_do_handshake(SSL *s);
|
||||
int SSL_renegotiate(SSL *s);
|
||||
int SSL_renegotiate_abbreviated(SSL *s);
|
||||
int SSL_renegotiate_pending(SSL *s);
|
||||
int SSL_shutdown(SSL *s);
|
||||
|
||||
|
|
@ -1706,6 +1937,7 @@ void SSL_set_info_callback(SSL *ssl,
|
|||
void (*cb)(const SSL *ssl,int type,int val));
|
||||
void (*SSL_get_info_callback(const SSL *ssl))(const SSL *ssl,int type,int val);
|
||||
int SSL_state(const SSL *ssl);
|
||||
void SSL_set_state(SSL *ssl, int state);
|
||||
|
||||
void SSL_set_verify_result(SSL *ssl,long v);
|
||||
long SSL_get_verify_result(const SSL *ssl);
|
||||
|
|
@ -1806,6 +2038,9 @@ int SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb,
|
|||
/* Pre-shared secret session resumption functions */
|
||||
int SSL_set_session_secret_cb(SSL *s, tls_session_secret_cb_fn tls_session_secret_cb, void *arg);
|
||||
|
||||
void SSL_set_debug(SSL *s, int debug);
|
||||
int SSL_cache_hit(SSL *s);
|
||||
|
||||
/* BEGIN ERROR CODES */
|
||||
/* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||
* made after this point may be overwritten when the script is next run.
|
||||
|
|
@ -1833,6 +2068,7 @@ void ERR_load_SSL_strings(void);
|
|||
#define SSL_F_DTLS1_GET_MESSAGE_FRAGMENT 253
|
||||
#define SSL_F_DTLS1_GET_RECORD 254
|
||||
#define SSL_F_DTLS1_HANDLE_TIMEOUT 297
|
||||
#define SSL_F_DTLS1_HEARTBEAT 314
|
||||
#define SSL_F_DTLS1_OUTPUT_CERT_CHAIN 255
|
||||
#define SSL_F_DTLS1_PREPROCESS_FRAGMENT 288
|
||||
#define SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE 256
|
||||
|
|
@ -1882,6 +2118,7 @@ void ERR_load_SSL_strings(void);
|
|||
#define SSL_F_SSL3_CALLBACK_CTRL 233
|
||||
#define SSL_F_SSL3_CHANGE_CIPHER_STATE 129
|
||||
#define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130
|
||||
#define SSL_F_SSL3_CHECK_CLIENT_HELLO 315
|
||||
#define SSL_F_SSL3_CLIENT_HELLO 131
|
||||
#define SSL_F_SSL3_CONNECT 132
|
||||
#define SSL_F_SSL3_CTRL 213
|
||||
|
|
@ -1900,6 +2137,7 @@ void ERR_load_SSL_strings(void);
|
|||
#define SSL_F_SSL3_GET_KEY_EXCHANGE 141
|
||||
#define SSL_F_SSL3_GET_MESSAGE 142
|
||||
#define SSL_F_SSL3_GET_NEW_SESSION_TICKET 283
|
||||
#define SSL_F_SSL3_GET_NEXT_PROTO 305
|
||||
#define SSL_F_SSL3_GET_RECORD 143
|
||||
#define SSL_F_SSL3_GET_SERVER_CERTIFICATE 144
|
||||
#define SSL_F_SSL3_GET_SERVER_DONE 145
|
||||
|
|
@ -1924,10 +2162,12 @@ void ERR_load_SSL_strings(void);
|
|||
#define SSL_F_SSL3_WRITE_PENDING 159
|
||||
#define SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT 298
|
||||
#define SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT 277
|
||||
#define SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT 307
|
||||
#define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK 215
|
||||
#define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK 216
|
||||
#define SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT 299
|
||||
#define SSL_F_SSL_ADD_SERVERHELLO_TLSEXT 278
|
||||
#define SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT 308
|
||||
#define SSL_F_SSL_BAD_METHOD 160
|
||||
#define SSL_F_SSL_BYTES_TO_CIPHER_LIST 161
|
||||
#define SSL_F_SSL_CERT_DUP 221
|
||||
|
|
@ -1944,6 +2184,7 @@ void ERR_load_SSL_strings(void);
|
|||
#define SSL_F_SSL_CREATE_CIPHER_LIST 166
|
||||
#define SSL_F_SSL_CTRL 232
|
||||
#define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168
|
||||
#define SSL_F_SSL_CTX_MAKE_PROFILES 309
|
||||
#define SSL_F_SSL_CTX_NEW 169
|
||||
#define SSL_F_SSL_CTX_SET_CIPHER_LIST 269
|
||||
#define SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE 290
|
||||
|
|
@ -1972,8 +2213,10 @@ void ERR_load_SSL_strings(void);
|
|||
#define SSL_F_SSL_NEW 186
|
||||
#define SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT 300
|
||||
#define SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT 302
|
||||
#define SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT 310
|
||||
#define SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT 301
|
||||
#define SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT 303
|
||||
#define SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT 311
|
||||
#define SSL_F_SSL_PEEK 270
|
||||
#define SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT 281
|
||||
#define SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT 282
|
||||
|
|
@ -1982,6 +2225,7 @@ void ERR_load_SSL_strings(void);
|
|||
#define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 188
|
||||
#define SSL_F_SSL_SESSION_NEW 189
|
||||
#define SSL_F_SSL_SESSION_PRINT_FP 190
|
||||
#define SSL_F_SSL_SESSION_SET1_ID_CONTEXT 306
|
||||
#define SSL_F_SSL_SESS_CERT_NEW 225
|
||||
#define SSL_F_SSL_SET_CERT 191
|
||||
#define SSL_F_SSL_SET_CIPHER_LIST 271
|
||||
|
|
@ -1995,6 +2239,7 @@ void ERR_load_SSL_strings(void);
|
|||
#define SSL_F_SSL_SET_TRUST 228
|
||||
#define SSL_F_SSL_SET_WFD 196
|
||||
#define SSL_F_SSL_SHUTDOWN 224
|
||||
#define SSL_F_SSL_SRP_CTX_INIT 304
|
||||
#define SSL_F_SSL_UNDEFINED_CONST_FUNCTION 243
|
||||
#define SSL_F_SSL_UNDEFINED_FUNCTION 197
|
||||
#define SSL_F_SSL_UNDEFINED_VOID_FUNCTION 244
|
||||
|
|
@ -2014,6 +2259,8 @@ void ERR_load_SSL_strings(void);
|
|||
#define SSL_F_TLS1_CHANGE_CIPHER_STATE 209
|
||||
#define SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT 274
|
||||
#define SSL_F_TLS1_ENC 210
|
||||
#define SSL_F_TLS1_EXPORT_KEYING_MATERIAL 312
|
||||
#define SSL_F_TLS1_HEARTBEAT 313
|
||||
#define SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT 275
|
||||
#define SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT 276
|
||||
#define SSL_F_TLS1_PRF 284
|
||||
|
|
@ -2053,6 +2300,12 @@ void ERR_load_SSL_strings(void);
|
|||
#define SSL_R_BAD_RSA_MODULUS_LENGTH 121
|
||||
#define SSL_R_BAD_RSA_SIGNATURE 122
|
||||
#define SSL_R_BAD_SIGNATURE 123
|
||||
#define SSL_R_BAD_SRP_A_LENGTH 346
|
||||
#define SSL_R_BAD_SRP_B_LENGTH 347
|
||||
#define SSL_R_BAD_SRP_G_LENGTH 348
|
||||
#define SSL_R_BAD_SRP_N_LENGTH 349
|
||||
#define SSL_R_BAD_SRP_S_LENGTH 350
|
||||
#define SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST 360
|
||||
#define SSL_R_BAD_SSL_FILETYPE 124
|
||||
#define SSL_R_BAD_SSL_SESSION_ID_LENGTH 125
|
||||
#define SSL_R_BAD_STATE 126
|
||||
|
|
@ -2091,12 +2344,15 @@ void ERR_load_SSL_strings(void);
|
|||
#define SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE 322
|
||||
#define SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE 323
|
||||
#define SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER 310
|
||||
#define SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST 361
|
||||
#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150
|
||||
#define SSL_R_ERROR_GENERATING_TMP_RSA_KEY 282
|
||||
#define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151
|
||||
#define SSL_R_EXCESSIVE_MESSAGE_SIZE 152
|
||||
#define SSL_R_EXTRA_DATA_IN_MESSAGE 153
|
||||
#define SSL_R_GOT_A_FIN_BEFORE_A_CCS 154
|
||||
#define SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS 355
|
||||
#define SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION 356
|
||||
#define SSL_R_HTTPS_PROXY_REQUEST 155
|
||||
#define SSL_R_HTTP_REQUEST 156
|
||||
#define SSL_R_ILLEGAL_PADDING 283
|
||||
|
|
@ -2105,6 +2361,7 @@ void ERR_load_SSL_strings(void);
|
|||
#define SSL_R_INVALID_COMMAND 280
|
||||
#define SSL_R_INVALID_COMPRESSION_ALGORITHM 341
|
||||
#define SSL_R_INVALID_PURPOSE 278
|
||||
#define SSL_R_INVALID_SRP_USERNAME 351
|
||||
#define SSL_R_INVALID_STATUS_RESPONSE 328
|
||||
#define SSL_R_INVALID_TICKET_KEYS_LENGTH 325
|
||||
#define SSL_R_INVALID_TRUST 279
|
||||
|
|
@ -2134,11 +2391,14 @@ void ERR_load_SSL_strings(void);
|
|||
#define SSL_R_MISSING_RSA_CERTIFICATE 168
|
||||
#define SSL_R_MISSING_RSA_ENCRYPTING_CERT 169
|
||||
#define SSL_R_MISSING_RSA_SIGNING_CERT 170
|
||||
#define SSL_R_MISSING_SRP_PARAM 352
|
||||
#define SSL_R_MISSING_SRP_USERNAME 353
|
||||
#define SSL_R_MISSING_TMP_DH_KEY 171
|
||||
#define SSL_R_MISSING_TMP_ECDH_KEY 311
|
||||
#define SSL_R_MISSING_TMP_RSA_KEY 172
|
||||
#define SSL_R_MISSING_TMP_RSA_PKEY 173
|
||||
#define SSL_R_MISSING_VERIFY_MESSAGE 174
|
||||
#define SSL_R_MULTIPLE_SGC_RESTARTS 370
|
||||
#define SSL_R_NON_SSLV2_INITIAL_PACKET 175
|
||||
#define SSL_R_NO_CERTIFICATES_RETURNED 176
|
||||
#define SSL_R_NO_CERTIFICATE_ASSIGNED 177
|
||||
|
|
@ -2162,6 +2422,7 @@ void ERR_load_SSL_strings(void);
|
|||
#define SSL_R_NO_RENEGOTIATION 339
|
||||
#define SSL_R_NO_REQUIRED_DIGEST 324
|
||||
#define SSL_R_NO_SHARED_CIPHER 193
|
||||
#define SSL_R_NO_SRTP_PROFILES 362
|
||||
#define SSL_R_NO_VERIFY_CALLBACK 194
|
||||
#define SSL_R_NULL_SSL_CTX 195
|
||||
#define SSL_R_NULL_SSL_METHOD_PASSED 196
|
||||
|
|
@ -2205,7 +2466,12 @@ void ERR_load_SSL_strings(void);
|
|||
#define SSL_R_SERVERHELLO_TLSEXT 275
|
||||
#define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277
|
||||
#define SSL_R_SHORT_READ 219
|
||||
#define SSL_R_SIGNATURE_ALGORITHMS_ERROR 359
|
||||
#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220
|
||||
#define SSL_R_SRP_A_CALC 354
|
||||
#define SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES 363
|
||||
#define SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG 364
|
||||
#define SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE 365
|
||||
#define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221
|
||||
#define SSL_R_SSL2_CONNECTION_ID_TOO_LONG 299
|
||||
#define SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT 321
|
||||
|
|
@ -2250,6 +2516,9 @@ void ERR_load_SSL_strings(void);
|
|||
#define SSL_R_TLSV1_UNRECOGNIZED_NAME 1112
|
||||
#define SSL_R_TLSV1_UNSUPPORTED_EXTENSION 1110
|
||||
#define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER 232
|
||||
#define SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT 368
|
||||
#define SSL_R_TLS_HEARTBEAT_PENDING 369
|
||||
#define SSL_R_TLS_ILLEGAL_EXPORTER_LABEL 367
|
||||
#define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 157
|
||||
#define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
|
||||
#define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 234
|
||||
|
|
@ -2271,6 +2540,7 @@ void ERR_load_SSL_strings(void);
|
|||
#define SSL_R_UNKNOWN_CERTIFICATE_TYPE 247
|
||||
#define SSL_R_UNKNOWN_CIPHER_RETURNED 248
|
||||
#define SSL_R_UNKNOWN_CIPHER_TYPE 249
|
||||
#define SSL_R_UNKNOWN_DIGEST 357
|
||||
#define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE 250
|
||||
#define SSL_R_UNKNOWN_PKEY_TYPE 251
|
||||
#define SSL_R_UNKNOWN_PROTOCOL 252
|
||||
|
|
@ -2285,12 +2555,14 @@ void ERR_load_SSL_strings(void);
|
|||
#define SSL_R_UNSUPPORTED_PROTOCOL 258
|
||||
#define SSL_R_UNSUPPORTED_SSL_VERSION 259
|
||||
#define SSL_R_UNSUPPORTED_STATUS_TYPE 329
|
||||
#define SSL_R_USE_SRTP_NOT_NEGOTIATED 366
|
||||
#define SSL_R_WRITE_BIO_NOT_SET 260
|
||||
#define SSL_R_WRONG_CIPHER_RETURNED 261
|
||||
#define SSL_R_WRONG_MESSAGE_TYPE 262
|
||||
#define SSL_R_WRONG_NUMBER_OF_KEY_BITS 263
|
||||
#define SSL_R_WRONG_SIGNATURE_LENGTH 264
|
||||
#define SSL_R_WRONG_SIGNATURE_SIZE 265
|
||||
#define SSL_R_WRONG_SIGNATURE_TYPE 358
|
||||
#define SSL_R_WRONG_SSL_VERSION 266
|
||||
#define SSL_R_WRONG_VERSION_NUMBER 267
|
||||
#define SSL_R_X509_LIB 268
|
||||
|
|
|
|||
|
|
@ -155,6 +155,8 @@ extern "C" {
|
|||
#define CERT char
|
||||
#endif
|
||||
|
||||
#ifndef OPENSSL_NO_SSL_INTERN
|
||||
|
||||
typedef struct ssl2_state_st
|
||||
{
|
||||
int three_byte_header;
|
||||
|
|
@ -219,6 +221,8 @@ typedef struct ssl2_state_st
|
|||
} tmp;
|
||||
} SSL2_STATE;
|
||||
|
||||
#endif
|
||||
|
||||
/* SSLv2 */
|
||||
/* client */
|
||||
#define SSL2_ST_SEND_CLIENT_HELLO_A (0x10|SSL_ST_CONNECT)
|
||||
|
|
|
|||
|
|
@ -322,6 +322,7 @@ extern "C" {
|
|||
#define SSL3_RT_ALERT 21
|
||||
#define SSL3_RT_HANDSHAKE 22
|
||||
#define SSL3_RT_APPLICATION_DATA 23
|
||||
#define TLS1_RT_HEARTBEAT 24
|
||||
|
||||
#define SSL3_AL_WARNING 1
|
||||
#define SSL3_AL_FATAL 2
|
||||
|
|
@ -339,6 +340,11 @@ extern "C" {
|
|||
#define SSL3_AD_CERTIFICATE_UNKNOWN 46
|
||||
#define SSL3_AD_ILLEGAL_PARAMETER 47 /* fatal */
|
||||
|
||||
#define TLS1_HB_REQUEST 1
|
||||
#define TLS1_HB_RESPONSE 2
|
||||
|
||||
#ifndef OPENSSL_NO_SSL_INTERN
|
||||
|
||||
typedef struct ssl3_record_st
|
||||
{
|
||||
/*r */ int type; /* type of record */
|
||||
|
|
@ -360,6 +366,8 @@ typedef struct ssl3_buffer_st
|
|||
int left; /* how many bytes left */
|
||||
} SSL3_BUFFER;
|
||||
|
||||
#endif
|
||||
|
||||
#define SSL3_CT_RSA_SIGN 1
|
||||
#define SSL3_CT_DSS_SIGN 2
|
||||
#define SSL3_CT_RSA_FIXED_DH 3
|
||||
|
|
@ -379,6 +387,20 @@ typedef struct ssl3_buffer_st
|
|||
#define SSL3_FLAGS_POP_BUFFER 0x0004
|
||||
#define TLS1_FLAGS_TLS_PADDING_BUG 0x0008
|
||||
#define TLS1_FLAGS_SKIP_CERT_VERIFY 0x0010
|
||||
#define TLS1_FLAGS_KEEP_HANDSHAKE 0x0020
|
||||
|
||||
/* SSL3_FLAGS_SGC_RESTART_DONE is set when we
|
||||
* restart a handshake because of MS SGC and so prevents us
|
||||
* from restarting the handshake in a loop. It's reset on a
|
||||
* renegotiation, so effectively limits the client to one restart
|
||||
* per negotiation. This limits the possibility of a DDoS
|
||||
* attack where the client handshakes in a loop using SGC to
|
||||
* restart. Servers which permit renegotiation can still be
|
||||
* effected, but we can't prevent that.
|
||||
*/
|
||||
#define SSL3_FLAGS_SGC_RESTART_DONE 0x0040
|
||||
|
||||
#ifndef OPENSSL_NO_SSL_INTERN
|
||||
|
||||
typedef struct ssl3_state_st
|
||||
{
|
||||
|
|
@ -455,6 +477,11 @@ typedef struct ssl3_state_st
|
|||
void *server_opaque_prf_input;
|
||||
size_t server_opaque_prf_input_len;
|
||||
|
||||
#ifndef OPENSSL_NO_NEXTPROTONEG
|
||||
/* Set if we saw the Next Protocol Negotiation extension from our peer. */
|
||||
int next_proto_neg_seen;
|
||||
#endif
|
||||
|
||||
struct {
|
||||
/* actually only needs to be 16+20 */
|
||||
unsigned char cert_verify_md[EVP_MAX_MD_SIZE*2];
|
||||
|
|
@ -464,7 +491,7 @@ typedef struct ssl3_state_st
|
|||
int finish_md_len;
|
||||
unsigned char peer_finish_md[EVP_MAX_MD_SIZE*2];
|
||||
int peer_finish_md_len;
|
||||
|
||||
|
||||
unsigned long message_size;
|
||||
int message_type;
|
||||
|
||||
|
|
@ -514,11 +541,16 @@ typedef struct ssl3_state_st
|
|||
int send_connection_binding; /* TODOEKR */
|
||||
} SSL3_STATE;
|
||||
|
||||
#endif
|
||||
|
||||
/* SSLv3 */
|
||||
/*client */
|
||||
/* extra state */
|
||||
#define SSL3_ST_CW_FLUSH (0x100|SSL_ST_CONNECT)
|
||||
#ifndef OPENSSL_NO_SCTP
|
||||
#define DTLS1_SCTP_ST_CW_WRITE_SOCK (0x310|SSL_ST_CONNECT)
|
||||
#define DTLS1_SCTP_ST_CR_READ_SOCK (0x320|SSL_ST_CONNECT)
|
||||
#endif
|
||||
/* write to server */
|
||||
#define SSL3_ST_CW_CLNT_HELLO_A (0x110|SSL_ST_CONNECT)
|
||||
#define SSL3_ST_CW_CLNT_HELLO_B (0x111|SSL_ST_CONNECT)
|
||||
|
|
@ -546,6 +578,8 @@ typedef struct ssl3_state_st
|
|||
#define SSL3_ST_CW_CERT_VRFY_B (0x191|SSL_ST_CONNECT)
|
||||
#define SSL3_ST_CW_CHANGE_A (0x1A0|SSL_ST_CONNECT)
|
||||
#define SSL3_ST_CW_CHANGE_B (0x1A1|SSL_ST_CONNECT)
|
||||
#define SSL3_ST_CW_NEXT_PROTO_A (0x200|SSL_ST_CONNECT)
|
||||
#define SSL3_ST_CW_NEXT_PROTO_B (0x201|SSL_ST_CONNECT)
|
||||
#define SSL3_ST_CW_FINISHED_A (0x1B0|SSL_ST_CONNECT)
|
||||
#define SSL3_ST_CW_FINISHED_B (0x1B1|SSL_ST_CONNECT)
|
||||
/* read from server */
|
||||
|
|
@ -561,6 +595,10 @@ typedef struct ssl3_state_st
|
|||
/* server */
|
||||
/* extra state */
|
||||
#define SSL3_ST_SW_FLUSH (0x100|SSL_ST_ACCEPT)
|
||||
#ifndef OPENSSL_NO_SCTP
|
||||
#define DTLS1_SCTP_ST_SW_WRITE_SOCK (0x310|SSL_ST_ACCEPT)
|
||||
#define DTLS1_SCTP_ST_SR_READ_SOCK (0x320|SSL_ST_ACCEPT)
|
||||
#endif
|
||||
/* read from client */
|
||||
/* Do not change the number values, they do matter */
|
||||
#define SSL3_ST_SR_CLNT_HELLO_A (0x110|SSL_ST_ACCEPT)
|
||||
|
|
@ -591,6 +629,8 @@ typedef struct ssl3_state_st
|
|||
#define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT)
|
||||
#define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT)
|
||||
#define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT)
|
||||
#define SSL3_ST_SR_NEXT_PROTO_A (0x210|SSL_ST_ACCEPT)
|
||||
#define SSL3_ST_SR_NEXT_PROTO_B (0x211|SSL_ST_ACCEPT)
|
||||
#define SSL3_ST_SR_FINISHED_A (0x1C0|SSL_ST_ACCEPT)
|
||||
#define SSL3_ST_SR_FINISHED_B (0x1C1|SSL_ST_ACCEPT)
|
||||
/* write to client */
|
||||
|
|
@ -615,6 +655,7 @@ typedef struct ssl3_state_st
|
|||
#define SSL3_MT_CLIENT_KEY_EXCHANGE 16
|
||||
#define SSL3_MT_FINISHED 20
|
||||
#define SSL3_MT_CERTIFICATE_STATUS 22
|
||||
#define SSL3_MT_NEXT_PROTO 67
|
||||
#define DTLS1_MT_HELLO_VERIFY_REQUEST 3
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -176,7 +176,6 @@
|
|||
#define SSL_CTX_set_default_passwd_cb_userdata SSL_CTX_set_def_passwd_cb_ud
|
||||
#undef SSL_COMP_get_compression_methods
|
||||
#define SSL_COMP_get_compression_methods SSL_COMP_get_compress_methods
|
||||
|
||||
#undef ssl_add_clienthello_renegotiate_ext
|
||||
#define ssl_add_clienthello_renegotiate_ext ssl_add_clienthello_reneg_ext
|
||||
#undef ssl_add_serverhello_renegotiate_ext
|
||||
|
|
@ -185,6 +184,26 @@
|
|||
#define ssl_parse_clienthello_renegotiate_ext ssl_parse_clienthello_reneg_ext
|
||||
#undef ssl_parse_serverhello_renegotiate_ext
|
||||
#define ssl_parse_serverhello_renegotiate_ext ssl_parse_serverhello_reneg_ext
|
||||
#undef SSL_srp_server_param_with_username
|
||||
#define SSL_srp_server_param_with_username SSL_srp_server_param_with_un
|
||||
#undef SSL_CTX_set_srp_client_pwd_callback
|
||||
#define SSL_CTX_set_srp_client_pwd_callback SSL_CTX_set_srp_client_pwd_cb
|
||||
#undef SSL_CTX_set_srp_verify_param_callback
|
||||
#define SSL_CTX_set_srp_verify_param_callback SSL_CTX_set_srp_vfy_param_cb
|
||||
#undef SSL_CTX_set_srp_username_callback
|
||||
#define SSL_CTX_set_srp_username_callback SSL_CTX_set_srp_un_cb
|
||||
#undef ssl_add_clienthello_use_srtp_ext
|
||||
#define ssl_add_clienthello_use_srtp_ext ssl_add_clihello_use_srtp_ext
|
||||
#undef ssl_add_serverhello_use_srtp_ext
|
||||
#define ssl_add_serverhello_use_srtp_ext ssl_add_serhello_use_srtp_ext
|
||||
#undef ssl_parse_clienthello_use_srtp_ext
|
||||
#define ssl_parse_clienthello_use_srtp_ext ssl_parse_clihello_use_srtp_ext
|
||||
#undef ssl_parse_serverhello_use_srtp_ext
|
||||
#define ssl_parse_serverhello_use_srtp_ext ssl_parse_serhello_use_srtp_ext
|
||||
#undef SSL_CTX_set_next_protos_advertised_cb
|
||||
#define SSL_CTX_set_next_protos_advertised_cb SSL_CTX_set_next_protos_adv_cb
|
||||
#undef SSL_CTX_set_next_proto_select_cb
|
||||
#define SSL_CTX_set_next_proto_select_cb SSL_CTX_set_next_proto_sel_cb
|
||||
|
||||
/* Hack some long ENGINE names */
|
||||
#undef ENGINE_get_default_BN_mod_exp_crt
|
||||
|
|
@ -238,6 +257,9 @@
|
|||
#define EC_GROUP_get_point_conversion_form EC_GROUP_get_point_conv_form
|
||||
#undef EC_GROUP_clear_free_all_extra_data
|
||||
#define EC_GROUP_clear_free_all_extra_data EC_GROUP_clr_free_all_xtra_data
|
||||
#undef EC_KEY_set_public_key_affine_coordinates
|
||||
#define EC_KEY_set_public_key_affine_coordinates \
|
||||
EC_KEY_set_pub_key_aff_coords
|
||||
#undef EC_POINT_set_Jprojective_coordinates_GFp
|
||||
#define EC_POINT_set_Jprojective_coordinates_GFp \
|
||||
EC_POINT_set_Jproj_coords_GFp
|
||||
|
|
@ -399,6 +421,18 @@
|
|||
#undef dtls1_retransmit_buffered_messages
|
||||
#define dtls1_retransmit_buffered_messages dtls1_retransmit_buffered_msgs
|
||||
|
||||
/* Hack some long SRP names */
|
||||
#undef SRP_generate_server_master_secret
|
||||
#define SRP_generate_server_master_secret SRP_gen_server_master_secret
|
||||
#undef SRP_generate_client_master_secret
|
||||
#define SRP_generate_client_master_secret SRP_gen_client_master_secret
|
||||
|
||||
/* Hack some long UI names */
|
||||
#undef UI_method_get_prompt_constructor
|
||||
#define UI_method_get_prompt_constructor UI_method_get_prompt_constructr
|
||||
#undef UI_method_set_prompt_constructor
|
||||
#define UI_method_set_prompt_constructor UI_method_set_prompt_constructr
|
||||
|
||||
#endif /* defined OPENSSL_SYS_VMS */
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -159,10 +159,24 @@ extern "C" {
|
|||
|
||||
#define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 0
|
||||
|
||||
#define TLS1_2_VERSION 0x0303
|
||||
#define TLS1_2_VERSION_MAJOR 0x03
|
||||
#define TLS1_2_VERSION_MINOR 0x03
|
||||
|
||||
#define TLS1_1_VERSION 0x0302
|
||||
#define TLS1_1_VERSION_MAJOR 0x03
|
||||
#define TLS1_1_VERSION_MINOR 0x02
|
||||
|
||||
#define TLS1_VERSION 0x0301
|
||||
#define TLS1_VERSION_MAJOR 0x03
|
||||
#define TLS1_VERSION_MINOR 0x01
|
||||
|
||||
#define TLS1_get_version(s) \
|
||||
((s->version >> 8) == TLS1_VERSION_MAJOR ? s->version : 0)
|
||||
|
||||
#define TLS1_get_client_version(s) \
|
||||
((s->client_version >> 8) == TLS1_VERSION_MAJOR ? s->client_version : 0)
|
||||
|
||||
#define TLS1_AD_DECRYPTION_FAILED 21
|
||||
#define TLS1_AD_RECORD_OVERFLOW 22
|
||||
#define TLS1_AD_UNKNOWN_CA 48 /* fatal */
|
||||
|
|
@ -193,6 +207,9 @@ extern "C" {
|
|||
/* ExtensionType values from RFC4492 */
|
||||
#define TLSEXT_TYPE_elliptic_curves 10
|
||||
#define TLSEXT_TYPE_ec_point_formats 11
|
||||
/* ExtensionType value from RFC5054 */
|
||||
#define TLSEXT_TYPE_srp 12
|
||||
#define TLSEXT_TYPE_signature_algorithms 13
|
||||
#define TLSEXT_TYPE_session_ticket 35
|
||||
/* ExtensionType value from draft-rescorla-tls-opaque-prf-input-00.txt */
|
||||
#if 0 /* will have to be provided externally for now ,
|
||||
|
|
@ -204,6 +221,11 @@ extern "C" {
|
|||
/* Temporary extension type */
|
||||
#define TLSEXT_TYPE_renegotiate 0xff01
|
||||
|
||||
#ifndef OPENSSL_NO_NEXTPROTONEG
|
||||
/* This is not an IANA defined extension number */
|
||||
#define TLSEXT_TYPE_next_proto_neg 13172
|
||||
#endif
|
||||
|
||||
/* NameType value from RFC 3546 */
|
||||
#define TLSEXT_NAMETYPE_host_name 0
|
||||
/* status request value from RFC 3546 */
|
||||
|
|
@ -216,12 +238,43 @@ extern "C" {
|
|||
#define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2 2
|
||||
#define TLSEXT_ECPOINTFORMAT_last 2
|
||||
|
||||
/* Signature and hash algorithms from RFC 5246 */
|
||||
|
||||
#define TLSEXT_signature_anonymous 0
|
||||
#define TLSEXT_signature_rsa 1
|
||||
#define TLSEXT_signature_dsa 2
|
||||
#define TLSEXT_signature_ecdsa 3
|
||||
|
||||
#define TLSEXT_hash_none 0
|
||||
#define TLSEXT_hash_md5 1
|
||||
#define TLSEXT_hash_sha1 2
|
||||
#define TLSEXT_hash_sha224 3
|
||||
#define TLSEXT_hash_sha256 4
|
||||
#define TLSEXT_hash_sha384 5
|
||||
#define TLSEXT_hash_sha512 6
|
||||
|
||||
/* ExtensionType value from RFC5764 */
|
||||
#define TLSEXT_TYPE_use_srtp 14
|
||||
|
||||
/* Heartbeat extension */
|
||||
#define TLSEXT_TYPE_heartbeat 15
|
||||
|
||||
#ifndef OPENSSL_NO_TLSEXT
|
||||
|
||||
#define TLSEXT_MAXLEN_host_name 255
|
||||
|
||||
const char *SSL_get_servername(const SSL *s, const int type) ;
|
||||
int SSL_get_servername_type(const SSL *s) ;
|
||||
const char *SSL_get_servername(const SSL *s, const int type);
|
||||
int SSL_get_servername_type(const SSL *s);
|
||||
/* SSL_export_keying_material exports a value derived from the master secret,
|
||||
* as specified in RFC 5705. It writes |olen| bytes to |out| given a label and
|
||||
* optional context. (Since a zero length context is allowed, the |use_context|
|
||||
* flag controls whether a context is included.)
|
||||
*
|
||||
* It returns 1 on success and zero otherwise.
|
||||
*/
|
||||
int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
|
||||
const char *label, size_t llen, const unsigned char *p, size_t plen,
|
||||
int use_context);
|
||||
|
||||
#define SSL_set_tlsext_host_name(s,name) \
|
||||
SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name,(char *)name)
|
||||
|
|
@ -285,6 +338,16 @@ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG, 0, arg)
|
|||
#define SSL_CTX_set_tlsext_ticket_key_cb(ssl, cb) \
|
||||
SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
|
||||
|
||||
#ifndef OPENSSL_NO_HEARTBEATS
|
||||
#define SSL_TLSEXT_HB_ENABLED 0x01
|
||||
#define SSL_TLSEXT_HB_DONT_SEND_REQUESTS 0x02
|
||||
#define SSL_TLSEXT_HB_DONT_RECV_REQUESTS 0x04
|
||||
|
||||
#define SSL_get_tlsext_heartbeat_pending(ssl) \
|
||||
SSL_ctrl((ssl),SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING,0,NULL)
|
||||
#define SSL_set_tlsext_heartbeat_no_requests(ssl, arg) \
|
||||
SSL_ctrl((ssl),SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS,arg,NULL)
|
||||
#endif
|
||||
#endif
|
||||
|
||||
/* PSK ciphersuites from 4279 */
|
||||
|
|
@ -322,6 +385,14 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
|
|||
#define TLS1_CK_DHE_RSA_WITH_AES_256_SHA 0x03000039
|
||||
#define TLS1_CK_ADH_WITH_AES_256_SHA 0x0300003A
|
||||
|
||||
/* TLS v1.2 ciphersuites */
|
||||
#define TLS1_CK_RSA_WITH_NULL_SHA256 0x0300003B
|
||||
#define TLS1_CK_RSA_WITH_AES_128_SHA256 0x0300003C
|
||||
#define TLS1_CK_RSA_WITH_AES_256_SHA256 0x0300003D
|
||||
#define TLS1_CK_DH_DSS_WITH_AES_128_SHA256 0x0300003E
|
||||
#define TLS1_CK_DH_RSA_WITH_AES_128_SHA256 0x0300003F
|
||||
#define TLS1_CK_DHE_DSS_WITH_AES_128_SHA256 0x03000040
|
||||
|
||||
/* Camellia ciphersuites from RFC4132 */
|
||||
#define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000041
|
||||
#define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA 0x03000042
|
||||
|
|
@ -330,6 +401,16 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
|
|||
#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000045
|
||||
#define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA 0x03000046
|
||||
|
||||
/* TLS v1.2 ciphersuites */
|
||||
#define TLS1_CK_DHE_RSA_WITH_AES_128_SHA256 0x03000067
|
||||
#define TLS1_CK_DH_DSS_WITH_AES_256_SHA256 0x03000068
|
||||
#define TLS1_CK_DH_RSA_WITH_AES_256_SHA256 0x03000069
|
||||
#define TLS1_CK_DHE_DSS_WITH_AES_256_SHA256 0x0300006A
|
||||
#define TLS1_CK_DHE_RSA_WITH_AES_256_SHA256 0x0300006B
|
||||
#define TLS1_CK_ADH_WITH_AES_128_SHA256 0x0300006C
|
||||
#define TLS1_CK_ADH_WITH_AES_256_SHA256 0x0300006D
|
||||
|
||||
/* Camellia ciphersuites from RFC4132 */
|
||||
#define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000084
|
||||
#define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA 0x03000085
|
||||
#define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000086
|
||||
|
|
@ -345,6 +426,20 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
|
|||
#define TLS1_CK_DHE_RSA_WITH_SEED_SHA 0x0300009A
|
||||
#define TLS1_CK_ADH_WITH_SEED_SHA 0x0300009B
|
||||
|
||||
/* TLS v1.2 GCM ciphersuites from RFC5288 */
|
||||
#define TLS1_CK_RSA_WITH_AES_128_GCM_SHA256 0x0300009C
|
||||
#define TLS1_CK_RSA_WITH_AES_256_GCM_SHA384 0x0300009D
|
||||
#define TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256 0x0300009E
|
||||
#define TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384 0x0300009F
|
||||
#define TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256 0x030000A0
|
||||
#define TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384 0x030000A1
|
||||
#define TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256 0x030000A2
|
||||
#define TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384 0x030000A3
|
||||
#define TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256 0x030000A4
|
||||
#define TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384 0x030000A5
|
||||
#define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256 0x030000A6
|
||||
#define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384 0x030000A7
|
||||
|
||||
/* ECC ciphersuites from draft-ietf-tls-ecc-12.txt with changes soon to be in draft 13 */
|
||||
#define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA 0x0300C001
|
||||
#define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA 0x0300C002
|
||||
|
|
@ -376,6 +471,38 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
|
|||
#define TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA 0x0300C018
|
||||
#define TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA 0x0300C019
|
||||
|
||||
/* SRP ciphersuites from RFC 5054 */
|
||||
#define TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA 0x0300C01A
|
||||
#define TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA 0x0300C01B
|
||||
#define TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA 0x0300C01C
|
||||
#define TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA 0x0300C01D
|
||||
#define TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA 0x0300C01E
|
||||
#define TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA 0x0300C01F
|
||||
#define TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA 0x0300C020
|
||||
#define TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA 0x0300C021
|
||||
#define TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA 0x0300C022
|
||||
|
||||
/* ECDH HMAC based ciphersuites from RFC5289 */
|
||||
|
||||
#define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256 0x0300C023
|
||||
#define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384 0x0300C024
|
||||
#define TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256 0x0300C025
|
||||
#define TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384 0x0300C026
|
||||
#define TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256 0x0300C027
|
||||
#define TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384 0x0300C028
|
||||
#define TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256 0x0300C029
|
||||
#define TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384 0x0300C02A
|
||||
|
||||
/* ECDH GCM based ciphersuites from RFC5289 */
|
||||
#define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0x0300C02B
|
||||
#define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0x0300C02C
|
||||
#define TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0x0300C02D
|
||||
#define TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0x0300C02E
|
||||
#define TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0x0300C02F
|
||||
#define TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0x0300C030
|
||||
#define TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256 0x0300C031
|
||||
#define TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384 0x0300C032
|
||||
|
||||
/* XXX
|
||||
* Inconsistency alert:
|
||||
* The OpenSSL names of ciphers with ephemeral DH here include the string
|
||||
|
|
@ -443,6 +570,17 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
|
|||
#define TLS1_TXT_PSK_WITH_AES_128_CBC_SHA "PSK-AES128-CBC-SHA"
|
||||
#define TLS1_TXT_PSK_WITH_AES_256_CBC_SHA "PSK-AES256-CBC-SHA"
|
||||
|
||||
/* SRP ciphersuite from RFC 5054 */
|
||||
#define TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA "SRP-3DES-EDE-CBC-SHA"
|
||||
#define TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA "SRP-RSA-3DES-EDE-CBC-SHA"
|
||||
#define TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA "SRP-DSS-3DES-EDE-CBC-SHA"
|
||||
#define TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA "SRP-AES-128-CBC-SHA"
|
||||
#define TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA "SRP-RSA-AES-128-CBC-SHA"
|
||||
#define TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA "SRP-DSS-AES-128-CBC-SHA"
|
||||
#define TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA "SRP-AES-256-CBC-SHA"
|
||||
#define TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA "SRP-RSA-AES-256-CBC-SHA"
|
||||
#define TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA "SRP-DSS-AES-256-CBC-SHA"
|
||||
|
||||
/* Camellia ciphersuites from RFC4132 */
|
||||
#define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA "CAMELLIA128-SHA"
|
||||
#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA "DH-DSS-CAMELLIA128-SHA"
|
||||
|
|
@ -466,6 +604,55 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
|
|||
#define TLS1_TXT_DHE_RSA_WITH_SEED_SHA "DHE-RSA-SEED-SHA"
|
||||
#define TLS1_TXT_ADH_WITH_SEED_SHA "ADH-SEED-SHA"
|
||||
|
||||
/* TLS v1.2 ciphersuites */
|
||||
#define TLS1_TXT_RSA_WITH_NULL_SHA256 "NULL-SHA256"
|
||||
#define TLS1_TXT_RSA_WITH_AES_128_SHA256 "AES128-SHA256"
|
||||
#define TLS1_TXT_RSA_WITH_AES_256_SHA256 "AES256-SHA256"
|
||||
#define TLS1_TXT_DH_DSS_WITH_AES_128_SHA256 "DH-DSS-AES128-SHA256"
|
||||
#define TLS1_TXT_DH_RSA_WITH_AES_128_SHA256 "DH-RSA-AES128-SHA256"
|
||||
#define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256 "DHE-DSS-AES128-SHA256"
|
||||
#define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256 "DHE-RSA-AES128-SHA256"
|
||||
#define TLS1_TXT_DH_DSS_WITH_AES_256_SHA256 "DH-DSS-AES256-SHA256"
|
||||
#define TLS1_TXT_DH_RSA_WITH_AES_256_SHA256 "DH-RSA-AES256-SHA256"
|
||||
#define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256 "DHE-DSS-AES256-SHA256"
|
||||
#define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256 "DHE-RSA-AES256-SHA256"
|
||||
#define TLS1_TXT_ADH_WITH_AES_128_SHA256 "ADH-AES128-SHA256"
|
||||
#define TLS1_TXT_ADH_WITH_AES_256_SHA256 "ADH-AES256-SHA256"
|
||||
|
||||
/* TLS v1.2 GCM ciphersuites from RFC5288 */
|
||||
#define TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256 "AES128-GCM-SHA256"
|
||||
#define TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384 "AES256-GCM-SHA384"
|
||||
#define TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256 "DHE-RSA-AES128-GCM-SHA256"
|
||||
#define TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384 "DHE-RSA-AES256-GCM-SHA384"
|
||||
#define TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256 "DH-RSA-AES128-GCM-SHA256"
|
||||
#define TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384 "DH-RSA-AES256-GCM-SHA384"
|
||||
#define TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256 "DHE-DSS-AES128-GCM-SHA256"
|
||||
#define TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384 "DHE-DSS-AES256-GCM-SHA384"
|
||||
#define TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256 "DH-DSS-AES128-GCM-SHA256"
|
||||
#define TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384 "DH-DSS-AES256-GCM-SHA384"
|
||||
#define TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256 "ADH-AES128-GCM-SHA256"
|
||||
#define TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384 "ADH-AES256-GCM-SHA384"
|
||||
|
||||
/* ECDH HMAC based ciphersuites from RFC5289 */
|
||||
|
||||
#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256 "ECDHE-ECDSA-AES128-SHA256"
|
||||
#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384 "ECDHE-ECDSA-AES256-SHA384"
|
||||
#define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256 "ECDH-ECDSA-AES128-SHA256"
|
||||
#define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384 "ECDH-ECDSA-AES256-SHA384"
|
||||
#define TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256 "ECDHE-RSA-AES128-SHA256"
|
||||
#define TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384 "ECDHE-RSA-AES256-SHA384"
|
||||
#define TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256 "ECDH-RSA-AES128-SHA256"
|
||||
#define TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384 "ECDH-RSA-AES256-SHA384"
|
||||
|
||||
/* ECDH GCM based ciphersuites from RFC5289 */
|
||||
#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 "ECDHE-ECDSA-AES128-GCM-SHA256"
|
||||
#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 "ECDHE-ECDSA-AES256-GCM-SHA384"
|
||||
#define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 "ECDH-ECDSA-AES128-GCM-SHA256"
|
||||
#define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 "ECDH-ECDSA-AES256-GCM-SHA384"
|
||||
#define TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256 "ECDHE-RSA-AES128-GCM-SHA256"
|
||||
#define TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384 "ECDHE-RSA-AES256-GCM-SHA384"
|
||||
#define TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256 "ECDH-RSA-AES128-GCM-SHA256"
|
||||
#define TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384 "ECDH-RSA-AES256-GCM-SHA384"
|
||||
|
||||
#define TLS_CT_RSA_SIGN 1
|
||||
#define TLS_CT_DSS_SIGN 2
|
||||
|
|
|
|||
|
|
@ -316,7 +316,7 @@ int (*UI_method_get_writer(UI_METHOD *method))(UI*,UI_STRING*);
|
|||
int (*UI_method_get_flusher(UI_METHOD *method))(UI*);
|
||||
int (*UI_method_get_reader(UI_METHOD *method))(UI*,UI_STRING*);
|
||||
int (*UI_method_get_closer(UI_METHOD *method))(UI*);
|
||||
char* (*UI_method_get_prompt_constructor(UI_METHOD *method))(UI*, const char*, const char*);
|
||||
char * (*UI_method_get_prompt_constructor(UI_METHOD *method))(UI*, const char*, const char*);
|
||||
|
||||
/* The following functions are helpers for method writers to access relevant
|
||||
data from a UI_STRING. */
|
||||
|
|
|
|||
|
|
@ -24,6 +24,9 @@ typedef struct {
|
|||
} WHIRLPOOL_CTX;
|
||||
|
||||
#ifndef OPENSSL_NO_WHIRLPOOL
|
||||
#ifdef OPENSSL_FIPS
|
||||
int private_WHIRLPOOL_Init(WHIRLPOOL_CTX *c);
|
||||
#endif
|
||||
int WHIRLPOOL_Init (WHIRLPOOL_CTX *c);
|
||||
int WHIRLPOOL_Update (WHIRLPOOL_CTX *c,const void *inp,size_t bytes);
|
||||
void WHIRLPOOL_BitUpdate(WHIRLPOOL_CTX *c,const void *inp,size_t bits);
|
||||
|
|
|
|||
|
|
@ -258,6 +258,7 @@ typedef struct x509_cinf_st
|
|||
ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */
|
||||
ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */
|
||||
STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */
|
||||
ASN1_ENCODING enc;
|
||||
} X509_CINF;
|
||||
|
||||
/* This stuff is certificate "auxiliary info"
|
||||
|
|
@ -656,11 +657,15 @@ int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey);
|
|||
|
||||
int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki);
|
||||
|
||||
int X509_signature_dump(BIO *bp,const ASN1_STRING *sig, int indent);
|
||||
int X509_signature_print(BIO *bp,X509_ALGOR *alg, ASN1_STRING *sig);
|
||||
|
||||
int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
|
||||
int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx);
|
||||
int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md);
|
||||
int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx);
|
||||
int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md);
|
||||
int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx);
|
||||
int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md);
|
||||
|
||||
int X509_pubkey_digest(const X509 *data,const EVP_MD *type,
|
||||
|
|
@ -762,6 +767,7 @@ X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn);
|
|||
int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval);
|
||||
void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval,
|
||||
X509_ALGOR *algor);
|
||||
void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md);
|
||||
|
||||
X509_NAME *X509_NAME_dup(X509_NAME *xn);
|
||||
X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne);
|
||||
|
|
@ -895,6 +901,9 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *algor1,
|
|||
int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
|
||||
ASN1_BIT_STRING *signature,
|
||||
void *data, EVP_PKEY *pkey, const EVP_MD *type);
|
||||
int ASN1_item_sign_ctx(const ASN1_ITEM *it,
|
||||
X509_ALGOR *algor1, X509_ALGOR *algor2,
|
||||
ASN1_BIT_STRING *signature, void *asn, EVP_MD_CTX *ctx);
|
||||
#endif
|
||||
|
||||
int X509_set_version(X509 *x,long version);
|
||||
|
|
@ -1160,6 +1169,9 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
|
|||
unsigned char *salt, int saltlen,
|
||||
unsigned char *aiv, int prf_nid);
|
||||
|
||||
X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
|
||||
int prf_nid, int keylen);
|
||||
|
||||
/* PKCS#8 utilities */
|
||||
|
||||
DECLARE_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO)
|
||||
|
|
|
|||
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
|
@ -37,7 +37,9 @@
|
|||
#include "tsk_safeobj.h"
|
||||
#include "tsk_thread.h"
|
||||
|
||||
#define TNET_CIPHER_LIST "AES128-SHA"
|
||||
#ifndef TNET_CIPHER_LIST
|
||||
# define TNET_CIPHER_LIST "AES128-SHA"
|
||||
#endif
|
||||
|
||||
#if TNET_HAVE_OPENSSL_H || HAVE_OPENSSL_H
|
||||
# include <openssl/ssl.h>
|
||||
|
|
@ -101,7 +103,7 @@ int tnet_tls_socket_isok(const tnet_tls_socket_handle_t* self)
|
|||
|
||||
int tnet_tls_socket_connect(tnet_tls_socket_handle_t* self)
|
||||
{
|
||||
#if !TNET_HAVE_OPENSSL_H || !HAVE_OPENSSL_H
|
||||
#if !TNET_HAVE_OPENSSL_H && !HAVE_OPENSSL_H
|
||||
TSK_DEBUG_ERROR("You MUST enable OpenSSL");
|
||||
return -200;
|
||||
#else
|
||||
|
|
@ -152,7 +154,7 @@ int tnet_tls_socket_connect(tnet_tls_socket_handle_t* self)
|
|||
|
||||
int tnet_tls_socket_write(tnet_tls_socket_handle_t* self, const void* data, tsk_size_t size)
|
||||
{
|
||||
#if !TNET_HAVE_OPENSSL_H || !HAVE_OPENSSL_H
|
||||
#if !TNET_HAVE_OPENSSL_H && !HAVE_OPENSSL_H
|
||||
TSK_DEBUG_ERROR("You MUST enable OpenSSL");
|
||||
return -200;
|
||||
#else
|
||||
|
|
@ -229,7 +231,7 @@ ssl_write:
|
|||
|
||||
int tnet_tls_socket_recv(tnet_tls_socket_handle_t* self, void** data, tsk_size_t *size, int *isEncrypted)
|
||||
{
|
||||
#if !TNET_HAVE_OPENSSL_H || !HAVE_OPENSSL_H
|
||||
#if !TNET_HAVE_OPENSSL_H && !HAVE_OPENSSL_H
|
||||
TSK_DEBUG_ERROR("You MUST enable OpenSSL");
|
||||
return -200;
|
||||
#else
|
||||
|
|
@ -320,7 +322,7 @@ bail:
|
|||
|
||||
int tnet_tls_socket_init(tnet_tls_socket_t* socket)
|
||||
{
|
||||
#if !TNET_HAVE_OPENSSL_H || !HAVE_OPENSSL_H
|
||||
#if !TNET_HAVE_OPENSSL_H && !HAVE_OPENSSL_H
|
||||
TSK_DEBUG_ERROR("You MUST enable OpenSSL");
|
||||
return -200;
|
||||
#else
|
||||
|
|
@ -331,7 +333,7 @@ int tnet_tls_socket_init(tnet_tls_socket_t* socket)
|
|||
}
|
||||
|
||||
/* Sets SSL method */
|
||||
socket->ssl_meth = socket->isClient ? TLSv1_client_method() : TLSv1_server_method();
|
||||
socket->ssl_meth = (SSL_METHOD *) (socket->isClient ? TLSv1_client_method() : TLSv1_server_method());
|
||||
|
||||
/* Creates the context */
|
||||
if(!(socket->ssl_ctx = SSL_CTX_new(socket->ssl_meth))){
|
||||
|
|
@ -370,7 +372,7 @@ int tnet_tls_socket_init(tnet_tls_socket_t* socket)
|
|||
}
|
||||
/* Sets trusted CAs and CA file */
|
||||
if((ret = SSL_CTX_load_verify_locations(socket->ssl_ctx, socket->tlsfile_ca, socket->tlsdir_cas)) < 1) {
|
||||
TSK_DEBUG_ERROR("SSL_CTX_load_verify_locations failed [%s].", ret);
|
||||
TSK_DEBUG_ERROR("SSL_CTX_load_verify_locations failed [%d].", ret);
|
||||
return -5;
|
||||
}
|
||||
/* Server verification */
|
||||
|
|
@ -422,7 +424,7 @@ static tsk_object_t* tnet_tls_socket_ctor(tsk_object_t * self, va_list * app)
|
|||
socket->isClient = va_arg(*app, tsk_bool_t);
|
||||
|
||||
/* Mutual authentication requires that the TLS client-side also hold a certificate. */
|
||||
if(socket->tlsfile_pvk && socket->tlsfile_pbk && socket->tlsfile_ca){
|
||||
if(!tsk_strnullORempty(socket->tlsfile_pvk) && !tsk_strnullORempty(socket->tlsfile_pbk) && !tsk_strnullORempty(socket->tlsfile_ca)){
|
||||
socket->mutual_auth = tsk_true;
|
||||
}
|
||||
else{
|
||||
|
|
|
|||
|
|
@ -713,7 +713,9 @@ void *tnet_transport_mainthread(void *param)
|
|||
TSK_FREE(buffer);
|
||||
continue;
|
||||
}
|
||||
len = tlslen;
|
||||
if(ret == 0){
|
||||
len = ret = tlslen;
|
||||
}
|
||||
}
|
||||
}
|
||||
else {
|
||||
|
|
@ -723,14 +725,14 @@ void *tnet_transport_mainthread(void *param)
|
|||
else {
|
||||
ret = tnet_sockfd_recvfrom(active_socket->fd, buffer, len, 0, (struct sockaddr*)&remote_addr);
|
||||
}
|
||||
}
|
||||
|
||||
if(ret < 0){
|
||||
TSK_FREE(buffer);
|
||||
|
||||
if(ret < 0){
|
||||
TSK_FREE(buffer);
|
||||
|
||||
removeSocket(i, context);
|
||||
TNET_PRINT_LAST_ERROR("recv/recvfrom have failed.");
|
||||
continue;
|
||||
}
|
||||
removeSocket(i, context);
|
||||
TNET_PRINT_LAST_ERROR("recv/recvfrom have failed.");
|
||||
continue;
|
||||
}
|
||||
|
||||
if((len != (tsk_size_t)ret) && len){
|
||||
|
|
|
|||
Loading…
Reference in New Issue