- Adds support for DTLS-SRTP on Android using openssl 1.0.1e
- Interop with Chrome DTLS-SRTP implementation
This commit is contained in:
parent
bd47d03256
commit
bbbc54ec81
|
@ -58,6 +58,8 @@
|
|||
#error AES is disabled.
|
||||
#endif
|
||||
|
||||
#include <stddef.h>
|
||||
|
||||
#define AES_ENCRYPT 1
|
||||
#define AES_DECRYPT 0
|
||||
|
||||
|
@ -88,6 +90,11 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
|
|||
int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
|
||||
AES_KEY *key);
|
||||
|
||||
int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
|
||||
AES_KEY *key);
|
||||
int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
|
||||
AES_KEY *key);
|
||||
|
||||
void AES_encrypt(const unsigned char *in, unsigned char *out,
|
||||
const AES_KEY *key);
|
||||
void AES_decrypt(const unsigned char *in, unsigned char *out,
|
||||
|
@ -96,37 +103,32 @@ void AES_decrypt(const unsigned char *in, unsigned char *out,
|
|||
void AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
|
||||
const AES_KEY *key, const int enc);
|
||||
void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
||||
const unsigned long length, const AES_KEY *key,
|
||||
size_t length, const AES_KEY *key,
|
||||
unsigned char *ivec, const int enc);
|
||||
void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
const unsigned long length, const AES_KEY *key,
|
||||
size_t length, const AES_KEY *key,
|
||||
unsigned char *ivec, int *num, const int enc);
|
||||
void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
|
||||
const unsigned long length, const AES_KEY *key,
|
||||
size_t length, const AES_KEY *key,
|
||||
unsigned char *ivec, int *num, const int enc);
|
||||
void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
|
||||
const unsigned long length, const AES_KEY *key,
|
||||
size_t length, const AES_KEY *key,
|
||||
unsigned char *ivec, int *num, const int enc);
|
||||
void AES_cfbr_encrypt_block(const unsigned char *in,unsigned char *out,
|
||||
const int nbits,const AES_KEY *key,
|
||||
unsigned char *ivec,const int enc);
|
||||
void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
const unsigned long length, const AES_KEY *key,
|
||||
size_t length, const AES_KEY *key,
|
||||
unsigned char *ivec, int *num);
|
||||
void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
const unsigned long length, const AES_KEY *key,
|
||||
size_t length, const AES_KEY *key,
|
||||
unsigned char ivec[AES_BLOCK_SIZE],
|
||||
unsigned char ecount_buf[AES_BLOCK_SIZE],
|
||||
unsigned int *num);
|
||||
|
||||
/* For IGE, see also http://www.links.org/files/openssl-ige.pdf */
|
||||
/* NB: the IV is _two_ blocks long */
|
||||
void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
|
||||
const unsigned long length, const AES_KEY *key,
|
||||
size_t length, const AES_KEY *key,
|
||||
unsigned char *ivec, const int enc);
|
||||
/* NB: the IV is _four_ blocks long */
|
||||
void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
|
||||
const unsigned long length, const AES_KEY *key,
|
||||
size_t length, const AES_KEY *key,
|
||||
const AES_KEY *key2, const unsigned char *ivec,
|
||||
const int enc);
|
||||
|
||||
|
@ -137,6 +139,7 @@ int AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
|
|||
unsigned char *out,
|
||||
const unsigned char *in, unsigned int inlen);
|
||||
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
|
|
@ -213,7 +213,7 @@ typedef struct asn1_object_st
|
|||
const char *sn,*ln;
|
||||
int nid;
|
||||
int length;
|
||||
unsigned char *data;
|
||||
const unsigned char *data; /* data remains const after init */
|
||||
int flags; /* Should we free this one */
|
||||
} ASN1_OBJECT;
|
||||
|
||||
|
@ -228,10 +228,14 @@ typedef struct asn1_object_st
|
|||
* complete and is a place holder for content when it had all been
|
||||
* accessed. The flag will be reset when content has been written to it.
|
||||
*/
|
||||
#define ASN1_STRING_FLAG_CONT 0x020
|
||||
|
||||
#define ASN1_STRING_FLAG_CONT 0x020
|
||||
/* This flag is used by ASN1 code to indicate an ASN1_STRING is an MSTRING
|
||||
* type.
|
||||
*/
|
||||
#define ASN1_STRING_FLAG_MSTRING 0x040
|
||||
/* This is the base type that holds just about everything :-) */
|
||||
typedef struct asn1_string_st
|
||||
struct asn1_string_st
|
||||
{
|
||||
int length;
|
||||
int type;
|
||||
|
@ -241,7 +245,7 @@ typedef struct asn1_string_st
|
|||
* input data has a non-zero 'unused bits' value, it will be
|
||||
* handled correctly */
|
||||
long flags;
|
||||
} ASN1_STRING;
|
||||
};
|
||||
|
||||
/* ASN1_ENCODING structure: this is used to save the received
|
||||
* encoding of an ASN1 type. This is useful to get round
|
||||
|
@ -289,7 +293,6 @@ DECLARE_STACK_OF(ASN1_STRING_TABLE)
|
|||
* see asn1t.h
|
||||
*/
|
||||
typedef struct ASN1_TEMPLATE_st ASN1_TEMPLATE;
|
||||
typedef struct ASN1_ITEM_st ASN1_ITEM;
|
||||
typedef struct ASN1_TLC_st ASN1_TLC;
|
||||
/* This is just an opaque pointer */
|
||||
typedef struct ASN1_VALUE_st ASN1_VALUE;
|
||||
|
@ -330,6 +333,13 @@ typedef struct ASN1_VALUE_st ASN1_VALUE;
|
|||
type *name##_new(void); \
|
||||
void name##_free(type *a);
|
||||
|
||||
#define DECLARE_ASN1_PRINT_FUNCTION(stname) \
|
||||
DECLARE_ASN1_PRINT_FUNCTION_fname(stname, stname)
|
||||
|
||||
#define DECLARE_ASN1_PRINT_FUNCTION_fname(stname, fname) \
|
||||
int fname##_print_ctx(BIO *out, stname *x, int indent, \
|
||||
const ASN1_PCTX *pctx);
|
||||
|
||||
#define D2I_OF(type) type *(*)(type **,const unsigned char **,long)
|
||||
#define I2D_OF(type) int (*)(type *,unsigned char **)
|
||||
#define I2D_OF_const(type) int (*)(const type *,unsigned char **)
|
||||
|
@ -534,28 +544,23 @@ typedef struct asn1_type_st
|
|||
* contain the set or sequence bytes */
|
||||
ASN1_STRING * set;
|
||||
ASN1_STRING * sequence;
|
||||
ASN1_VALUE * asn1_value;
|
||||
ASN1_VALUE * asn1_value;
|
||||
} value;
|
||||
} ASN1_TYPE;
|
||||
|
||||
DECLARE_STACK_OF(ASN1_TYPE)
|
||||
DECLARE_ASN1_SET_OF(ASN1_TYPE)
|
||||
|
||||
typedef struct asn1_method_st
|
||||
{
|
||||
i2d_of_void *i2d;
|
||||
d2i_of_void *d2i;
|
||||
void *(*create)(void);
|
||||
void (*destroy)(void *);
|
||||
} ASN1_METHOD;
|
||||
typedef STACK_OF(ASN1_TYPE) ASN1_SEQUENCE_ANY;
|
||||
|
||||
/* This is used when parsing some Netscape objects */
|
||||
typedef struct asn1_header_st
|
||||
DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY)
|
||||
DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SET_ANY)
|
||||
|
||||
typedef struct NETSCAPE_X509_st
|
||||
{
|
||||
ASN1_OCTET_STRING *header;
|
||||
void *data;
|
||||
ASN1_METHOD *meth;
|
||||
} ASN1_HEADER;
|
||||
X509 *cert;
|
||||
} NETSCAPE_X509;
|
||||
|
||||
/* This is used to contain a list of bit names */
|
||||
typedef struct BIT_STRING_BITNAME_st {
|
||||
|
@ -575,32 +580,34 @@ typedef struct BIT_STRING_BITNAME_st {
|
|||
ASN1_STRING_type_new(V_ASN1_BIT_STRING)
|
||||
#define M_ASN1_BIT_STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
|
||||
#define M_ASN1_BIT_STRING_dup(a) (ASN1_BIT_STRING *)\
|
||||
ASN1_STRING_dup((ASN1_STRING *)a)
|
||||
ASN1_STRING_dup((const ASN1_STRING *)a)
|
||||
#define M_ASN1_BIT_STRING_cmp(a,b) ASN1_STRING_cmp(\
|
||||
(ASN1_STRING *)a,(ASN1_STRING *)b)
|
||||
(const ASN1_STRING *)a,(const ASN1_STRING *)b)
|
||||
#define M_ASN1_BIT_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c)
|
||||
|
||||
#define M_ASN1_INTEGER_new() (ASN1_INTEGER *)\
|
||||
ASN1_STRING_type_new(V_ASN1_INTEGER)
|
||||
#define M_ASN1_INTEGER_free(a) ASN1_STRING_free((ASN1_STRING *)a)
|
||||
#define M_ASN1_INTEGER_dup(a) (ASN1_INTEGER *)ASN1_STRING_dup((ASN1_STRING *)a)
|
||||
#define M_ASN1_INTEGER_dup(a) (ASN1_INTEGER *)\
|
||||
ASN1_STRING_dup((const ASN1_STRING *)a)
|
||||
#define M_ASN1_INTEGER_cmp(a,b) ASN1_STRING_cmp(\
|
||||
(ASN1_STRING *)a,(ASN1_STRING *)b)
|
||||
(const ASN1_STRING *)a,(const ASN1_STRING *)b)
|
||||
|
||||
#define M_ASN1_ENUMERATED_new() (ASN1_ENUMERATED *)\
|
||||
ASN1_STRING_type_new(V_ASN1_ENUMERATED)
|
||||
#define M_ASN1_ENUMERATED_free(a) ASN1_STRING_free((ASN1_STRING *)a)
|
||||
#define M_ASN1_ENUMERATED_dup(a) (ASN1_ENUMERATED *)ASN1_STRING_dup((ASN1_STRING *)a)
|
||||
#define M_ASN1_ENUMERATED_dup(a) (ASN1_ENUMERATED *)\
|
||||
ASN1_STRING_dup((const ASN1_STRING *)a)
|
||||
#define M_ASN1_ENUMERATED_cmp(a,b) ASN1_STRING_cmp(\
|
||||
(ASN1_STRING *)a,(ASN1_STRING *)b)
|
||||
(const ASN1_STRING *)a,(const ASN1_STRING *)b)
|
||||
|
||||
#define M_ASN1_OCTET_STRING_new() (ASN1_OCTET_STRING *)\
|
||||
ASN1_STRING_type_new(V_ASN1_OCTET_STRING)
|
||||
#define M_ASN1_OCTET_STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
|
||||
#define M_ASN1_OCTET_STRING_dup(a) (ASN1_OCTET_STRING *)\
|
||||
ASN1_STRING_dup((ASN1_STRING *)a)
|
||||
ASN1_STRING_dup((const ASN1_STRING *)a)
|
||||
#define M_ASN1_OCTET_STRING_cmp(a,b) ASN1_STRING_cmp(\
|
||||
(ASN1_STRING *)a,(ASN1_STRING *)b)
|
||||
(const ASN1_STRING *)a,(const ASN1_STRING *)b)
|
||||
#define M_ASN1_OCTET_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c)
|
||||
#define M_ASN1_OCTET_STRING_print(a,b) ASN1_STRING_print(a,(ASN1_STRING *)b)
|
||||
#define M_i2d_ASN1_OCTET_STRING(a,pp) \
|
||||
|
@ -612,6 +619,7 @@ typedef struct BIT_STRING_BITNAME_st {
|
|||
B_ASN1_GENERALIZEDTIME
|
||||
|
||||
#define B_ASN1_PRINTABLE \
|
||||
B_ASN1_NUMERICSTRING| \
|
||||
B_ASN1_PRINTABLESTRING| \
|
||||
B_ASN1_T61STRING| \
|
||||
B_ASN1_IA5STRING| \
|
||||
|
@ -683,7 +691,7 @@ typedef struct BIT_STRING_BITNAME_st {
|
|||
ASN1_STRING_type_new(V_ASN1_IA5STRING)
|
||||
#define M_ASN1_IA5STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
|
||||
#define M_ASN1_IA5STRING_dup(a) \
|
||||
(ASN1_IA5STRING *)ASN1_STRING_dup((ASN1_STRING *)a)
|
||||
(ASN1_IA5STRING *)ASN1_STRING_dup((const ASN1_STRING *)a)
|
||||
#define M_i2d_ASN1_IA5STRING(a,pp) \
|
||||
i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_IA5STRING,\
|
||||
V_ASN1_UNIVERSAL)
|
||||
|
@ -694,18 +702,20 @@ typedef struct BIT_STRING_BITNAME_st {
|
|||
#define M_ASN1_UTCTIME_new() (ASN1_UTCTIME *)\
|
||||
ASN1_STRING_type_new(V_ASN1_UTCTIME)
|
||||
#define M_ASN1_UTCTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a)
|
||||
#define M_ASN1_UTCTIME_dup(a) (ASN1_UTCTIME *)ASN1_STRING_dup((ASN1_STRING *)a)
|
||||
#define M_ASN1_UTCTIME_dup(a) (ASN1_UTCTIME *)\
|
||||
ASN1_STRING_dup((const ASN1_STRING *)a)
|
||||
|
||||
#define M_ASN1_GENERALIZEDTIME_new() (ASN1_GENERALIZEDTIME *)\
|
||||
ASN1_STRING_type_new(V_ASN1_GENERALIZEDTIME)
|
||||
#define M_ASN1_GENERALIZEDTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a)
|
||||
#define M_ASN1_GENERALIZEDTIME_dup(a) (ASN1_GENERALIZEDTIME *)ASN1_STRING_dup(\
|
||||
(ASN1_STRING *)a)
|
||||
(const ASN1_STRING *)a)
|
||||
|
||||
#define M_ASN1_TIME_new() (ASN1_TIME *)\
|
||||
ASN1_STRING_type_new(V_ASN1_UTCTIME)
|
||||
#define M_ASN1_TIME_free(a) ASN1_STRING_free((ASN1_STRING *)a)
|
||||
#define M_ASN1_TIME_dup(a) (ASN1_TIME *)ASN1_STRING_dup((ASN1_STRING *)a)
|
||||
#define M_ASN1_TIME_dup(a) (ASN1_TIME *)\
|
||||
ASN1_STRING_dup((const ASN1_STRING *)a)
|
||||
|
||||
#define M_ASN1_GENERALSTRING_new() (ASN1_GENERALSTRING *)\
|
||||
ASN1_STRING_type_new(V_ASN1_GENERALSTRING)
|
||||
|
@ -766,6 +776,7 @@ DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE)
|
|||
int ASN1_TYPE_get(ASN1_TYPE *a);
|
||||
void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value);
|
||||
int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value);
|
||||
int ASN1_TYPE_cmp(ASN1_TYPE *a, ASN1_TYPE *b);
|
||||
|
||||
ASN1_OBJECT * ASN1_OBJECT_new(void );
|
||||
void ASN1_OBJECT_free(ASN1_OBJECT *a);
|
||||
|
@ -782,14 +793,15 @@ DECLARE_ASN1_SET_OF(ASN1_OBJECT)
|
|||
|
||||
ASN1_STRING * ASN1_STRING_new(void);
|
||||
void ASN1_STRING_free(ASN1_STRING *a);
|
||||
ASN1_STRING * ASN1_STRING_dup(ASN1_STRING *a);
|
||||
int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str);
|
||||
ASN1_STRING * ASN1_STRING_dup(const ASN1_STRING *a);
|
||||
ASN1_STRING * ASN1_STRING_type_new(int type );
|
||||
int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b);
|
||||
int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b);
|
||||
/* Since this is used to store all sorts of things, via macros, for now, make
|
||||
its data void * */
|
||||
int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);
|
||||
void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len);
|
||||
int ASN1_STRING_length(ASN1_STRING *x);
|
||||
int ASN1_STRING_length(const ASN1_STRING *x);
|
||||
void ASN1_STRING_length_set(ASN1_STRING *x, int n);
|
||||
int ASN1_STRING_type(ASN1_STRING *x);
|
||||
unsigned char * ASN1_STRING_data(ASN1_STRING *x);
|
||||
|
@ -802,6 +814,8 @@ int ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d,
|
|||
int length );
|
||||
int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value);
|
||||
int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n);
|
||||
int ASN1_BIT_STRING_check(ASN1_BIT_STRING *a,
|
||||
unsigned char *flags, int flags_len);
|
||||
|
||||
#ifndef OPENSSL_NO_BIO
|
||||
int ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs,
|
||||
|
@ -820,13 +834,15 @@ ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a,const unsigned char **pp,
|
|||
long length);
|
||||
ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a,const unsigned char **pp,
|
||||
long length);
|
||||
ASN1_INTEGER * ASN1_INTEGER_dup(ASN1_INTEGER *x);
|
||||
int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y);
|
||||
ASN1_INTEGER * ASN1_INTEGER_dup(const ASN1_INTEGER *x);
|
||||
int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y);
|
||||
|
||||
DECLARE_ASN1_FUNCTIONS(ASN1_ENUMERATED)
|
||||
|
||||
int ASN1_UTCTIME_check(ASN1_UTCTIME *a);
|
||||
ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s,time_t t);
|
||||
ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
|
||||
int offset_day, long offset_sec);
|
||||
int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
|
||||
int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
|
||||
#if 0
|
||||
|
@ -835,11 +851,13 @@ time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s);
|
|||
|
||||
int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *a);
|
||||
ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,time_t t);
|
||||
ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
|
||||
time_t t, int offset_day, long offset_sec);
|
||||
int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str);
|
||||
|
||||
DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING)
|
||||
ASN1_OCTET_STRING * ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *a);
|
||||
int ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b);
|
||||
ASN1_OCTET_STRING * ASN1_OCTET_STRING_dup(const ASN1_OCTET_STRING *a);
|
||||
int ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a, const ASN1_OCTET_STRING *b);
|
||||
int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, const unsigned char *data, int len);
|
||||
|
||||
DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING)
|
||||
|
@ -866,14 +884,20 @@ DECLARE_ASN1_FUNCTIONS(ASN1_TIME)
|
|||
DECLARE_ASN1_ITEM(ASN1_OCTET_STRING_NDEF)
|
||||
|
||||
ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s,time_t t);
|
||||
ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s,time_t t,
|
||||
int offset_day, long offset_sec);
|
||||
int ASN1_TIME_check(ASN1_TIME *t);
|
||||
ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME **out);
|
||||
int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
|
||||
|
||||
int i2d_ASN1_SET(STACK *a, unsigned char **pp,
|
||||
i2d_of_void *i2d, int ex_tag, int ex_class, int is_set);
|
||||
STACK * d2i_ASN1_SET(STACK **a, const unsigned char **pp, long length,
|
||||
d2i_of_void *d2i, void (*free_func)(void *),
|
||||
int ex_tag, int ex_class);
|
||||
int i2d_ASN1_SET(STACK_OF(OPENSSL_BLOCK) *a, unsigned char **pp,
|
||||
i2d_of_void *i2d, int ex_tag, int ex_class,
|
||||
int is_set);
|
||||
STACK_OF(OPENSSL_BLOCK) *d2i_ASN1_SET(STACK_OF(OPENSSL_BLOCK) **a,
|
||||
const unsigned char **pp,
|
||||
long length, d2i_of_void *d2i,
|
||||
void (*free_func)(OPENSSL_BLOCK), int ex_tag,
|
||||
int ex_class);
|
||||
|
||||
#ifndef OPENSSL_NO_BIO
|
||||
int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a);
|
||||
|
@ -891,9 +915,9 @@ ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data,int len,
|
|||
const char *sn, const char *ln);
|
||||
|
||||
int ASN1_INTEGER_set(ASN1_INTEGER *a, long v);
|
||||
long ASN1_INTEGER_get(ASN1_INTEGER *a);
|
||||
ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai);
|
||||
BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai,BIGNUM *bn);
|
||||
long ASN1_INTEGER_get(const ASN1_INTEGER *a);
|
||||
ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai);
|
||||
BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai,BIGNUM *bn);
|
||||
|
||||
int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
|
||||
long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a);
|
||||
|
@ -927,7 +951,7 @@ int ASN1_put_eoc(unsigned char **pp);
|
|||
int ASN1_object_size(int constructed, int length, int tag);
|
||||
|
||||
/* Used to implement other functions */
|
||||
void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, char *x);
|
||||
void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x);
|
||||
|
||||
#define ASN1_dup_of(type,i2d,d2i,x) \
|
||||
((type*)ASN1_dup(CHECKED_I2D_OF(type, i2d), \
|
||||
|
@ -998,30 +1022,24 @@ int ASN1_i2d_bio(i2d_of_void *i2d,BIO *out, unsigned char *x);
|
|||
CHECKED_PTR_OF(const type, x)))
|
||||
|
||||
int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x);
|
||||
int ASN1_UTCTIME_print(BIO *fp,ASN1_UTCTIME *a);
|
||||
int ASN1_GENERALIZEDTIME_print(BIO *fp,ASN1_GENERALIZEDTIME *a);
|
||||
int ASN1_TIME_print(BIO *fp,ASN1_TIME *a);
|
||||
int ASN1_STRING_print(BIO *bp,ASN1_STRING *v);
|
||||
int ASN1_UTCTIME_print(BIO *fp, const ASN1_UTCTIME *a);
|
||||
int ASN1_GENERALIZEDTIME_print(BIO *fp, const ASN1_GENERALIZEDTIME *a);
|
||||
int ASN1_TIME_print(BIO *fp, const ASN1_TIME *a);
|
||||
int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v);
|
||||
int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags);
|
||||
int ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num,
|
||||
unsigned char *buf, int off);
|
||||
int ASN1_parse(BIO *bp,const unsigned char *pp,long len,int indent);
|
||||
int ASN1_parse_dump(BIO *bp,const unsigned char *pp,long len,int indent,int dump);
|
||||
#endif
|
||||
const char *ASN1_tag2str(int tag);
|
||||
|
||||
/* Used to load and write netscape format cert/key */
|
||||
int i2d_ASN1_HEADER(ASN1_HEADER *a,unsigned char **pp);
|
||||
ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a,const unsigned char **pp, long length);
|
||||
ASN1_HEADER *ASN1_HEADER_new(void );
|
||||
void ASN1_HEADER_free(ASN1_HEADER *a);
|
||||
/* Used to load and write netscape format cert */
|
||||
|
||||
DECLARE_ASN1_FUNCTIONS(NETSCAPE_X509)
|
||||
|
||||
int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s);
|
||||
|
||||
/* Not used that much at this point, except for the first two */
|
||||
ASN1_METHOD *X509_asn1_meth(void);
|
||||
ASN1_METHOD *RSAPrivateKey_asn1_meth(void);
|
||||
ASN1_METHOD *ASN1_IA5STRING_asn1_meth(void);
|
||||
ASN1_METHOD *ASN1_BIT_STRING_asn1_meth(void);
|
||||
|
||||
int ASN1_TYPE_set_octetstring(ASN1_TYPE *a,
|
||||
unsigned char *data, int len);
|
||||
int ASN1_TYPE_get_octetstring(ASN1_TYPE *a,
|
||||
|
@ -1031,9 +1049,9 @@ int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num,
|
|||
int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a,long *num,
|
||||
unsigned char *data, int max_len);
|
||||
|
||||
STACK *ASN1_seq_unpack(const unsigned char *buf, int len,
|
||||
d2i_of_void *d2i, void (*free_func)(void *));
|
||||
unsigned char *ASN1_seq_pack(STACK *safes, i2d_of_void *i2d,
|
||||
STACK_OF(OPENSSL_BLOCK) *ASN1_seq_unpack(const unsigned char *buf, int len,
|
||||
d2i_of_void *d2i, void (*free_func)(OPENSSL_BLOCK));
|
||||
unsigned char *ASN1_seq_pack(STACK_OF(OPENSSL_BLOCK) *safes, i2d_of_void *i2d,
|
||||
unsigned char **buf, int *len );
|
||||
void *ASN1_unpack_string(ASN1_STRING *oct, d2i_of_void *d2i);
|
||||
void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it);
|
||||
|
@ -1048,7 +1066,7 @@ ASN1_STRING *ASN1_pack_string(void *obj, i2d_of_void *i2d,
|
|||
ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_OCTET_STRING **oct);
|
||||
|
||||
void ASN1_STRING_set_default_mask(unsigned long mask);
|
||||
int ASN1_STRING_set_default_mask_asc(char *p);
|
||||
int ASN1_STRING_set_default_mask_asc(const char *p);
|
||||
unsigned long ASN1_STRING_get_default_mask(void);
|
||||
int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len,
|
||||
int inform, unsigned long mask);
|
||||
|
@ -1076,15 +1094,58 @@ void ASN1_add_oid_module(void);
|
|||
ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf);
|
||||
ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf);
|
||||
|
||||
typedef int asn1_output_data_fn(BIO *out, BIO *data, ASN1_VALUE *val, int flags,
|
||||
const ASN1_ITEM *it);
|
||||
/* ASN1 Print flags */
|
||||
|
||||
int int_smime_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
|
||||
/* Indicate missing OPTIONAL fields */
|
||||
#define ASN1_PCTX_FLAGS_SHOW_ABSENT 0x001
|
||||
/* Mark start and end of SEQUENCE */
|
||||
#define ASN1_PCTX_FLAGS_SHOW_SEQUENCE 0x002
|
||||
/* Mark start and end of SEQUENCE/SET OF */
|
||||
#define ASN1_PCTX_FLAGS_SHOW_SSOF 0x004
|
||||
/* Show the ASN1 type of primitives */
|
||||
#define ASN1_PCTX_FLAGS_SHOW_TYPE 0x008
|
||||
/* Don't show ASN1 type of ANY */
|
||||
#define ASN1_PCTX_FLAGS_NO_ANY_TYPE 0x010
|
||||
/* Don't show ASN1 type of MSTRINGs */
|
||||
#define ASN1_PCTX_FLAGS_NO_MSTRING_TYPE 0x020
|
||||
/* Don't show field names in SEQUENCE */
|
||||
#define ASN1_PCTX_FLAGS_NO_FIELD_NAME 0x040
|
||||
/* Show structure names of each SEQUENCE field */
|
||||
#define ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME 0x080
|
||||
/* Don't show structure name even at top level */
|
||||
#define ASN1_PCTX_FLAGS_NO_STRUCT_NAME 0x100
|
||||
|
||||
int ASN1_item_print(BIO *out, ASN1_VALUE *ifld, int indent,
|
||||
const ASN1_ITEM *it, const ASN1_PCTX *pctx);
|
||||
ASN1_PCTX *ASN1_PCTX_new(void);
|
||||
void ASN1_PCTX_free(ASN1_PCTX *p);
|
||||
unsigned long ASN1_PCTX_get_flags(ASN1_PCTX *p);
|
||||
void ASN1_PCTX_set_flags(ASN1_PCTX *p, unsigned long flags);
|
||||
unsigned long ASN1_PCTX_get_nm_flags(ASN1_PCTX *p);
|
||||
void ASN1_PCTX_set_nm_flags(ASN1_PCTX *p, unsigned long flags);
|
||||
unsigned long ASN1_PCTX_get_cert_flags(ASN1_PCTX *p);
|
||||
void ASN1_PCTX_set_cert_flags(ASN1_PCTX *p, unsigned long flags);
|
||||
unsigned long ASN1_PCTX_get_oid_flags(ASN1_PCTX *p);
|
||||
void ASN1_PCTX_set_oid_flags(ASN1_PCTX *p, unsigned long flags);
|
||||
unsigned long ASN1_PCTX_get_str_flags(ASN1_PCTX *p);
|
||||
void ASN1_PCTX_set_str_flags(ASN1_PCTX *p, unsigned long flags);
|
||||
|
||||
BIO_METHOD *BIO_f_asn1(void);
|
||||
|
||||
BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it);
|
||||
|
||||
int i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
|
||||
const ASN1_ITEM *it);
|
||||
int PEM_write_bio_ASN1_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
|
||||
const char *hdr,
|
||||
const ASN1_ITEM *it);
|
||||
int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
|
||||
int ctype_nid, int econt_nid,
|
||||
STACK_OF(X509_ALGOR) *mdalgs,
|
||||
asn1_output_data_fn *data_fn,
|
||||
const ASN1_ITEM *it);
|
||||
ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it);
|
||||
int SMIME_crlf_copy(BIO *in, BIO *out, int flags);
|
||||
int SMIME_text(BIO *in, BIO *out);
|
||||
|
||||
/* BEGIN ERROR CODES */
|
||||
/* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||
|
@ -1115,6 +1176,7 @@ void ERR_load_ASN1_strings(void);
|
|||
#define ASN1_F_ASN1_ENUMERATED_TO_BN 113
|
||||
#define ASN1_F_ASN1_EX_C2I 204
|
||||
#define ASN1_F_ASN1_FIND_END 190
|
||||
#define ASN1_F_ASN1_GENERALIZEDTIME_ADJ 216
|
||||
#define ASN1_F_ASN1_GENERALIZEDTIME_SET 185
|
||||
#define ASN1_F_ASN1_GENERATE_V3 178
|
||||
#define ASN1_F_ASN1_GET_OBJECT 114
|
||||
|
@ -1131,11 +1193,12 @@ void ERR_load_ASN1_strings(void);
|
|||
#define ASN1_F_ASN1_ITEM_I2D_FP 193
|
||||
#define ASN1_F_ASN1_ITEM_PACK 198
|
||||
#define ASN1_F_ASN1_ITEM_SIGN 195
|
||||
#define ASN1_F_ASN1_ITEM_SIGN_CTX 220
|
||||
#define ASN1_F_ASN1_ITEM_UNPACK 199
|
||||
#define ASN1_F_ASN1_ITEM_VERIFY 197
|
||||
#define ASN1_F_ASN1_MBSTRING_NCOPY 122
|
||||
#define ASN1_F_ASN1_OBJECT_NEW 123
|
||||
#define ASN1_F_ASN1_OUTPUT_DATA 207
|
||||
#define ASN1_F_ASN1_OUTPUT_DATA 214
|
||||
#define ASN1_F_ASN1_PACK_STRING 124
|
||||
#define ASN1_F_ASN1_PCTX_NEW 205
|
||||
#define ASN1_F_ASN1_PKCS5_PBE_SET 125
|
||||
|
@ -1149,14 +1212,17 @@ void ERR_load_ASN1_strings(void);
|
|||
#define ASN1_F_ASN1_TEMPLATE_EX_D2I 132
|
||||
#define ASN1_F_ASN1_TEMPLATE_NEW 133
|
||||
#define ASN1_F_ASN1_TEMPLATE_NOEXP_D2I 131
|
||||
#define ASN1_F_ASN1_TIME_ADJ 217
|
||||
#define ASN1_F_ASN1_TIME_SET 175
|
||||
#define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 134
|
||||
#define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 135
|
||||
#define ASN1_F_ASN1_UNPACK_STRING 136
|
||||
#define ASN1_F_ASN1_UTCTIME_ADJ 218
|
||||
#define ASN1_F_ASN1_UTCTIME_SET 187
|
||||
#define ASN1_F_ASN1_VERIFY 137
|
||||
#define ASN1_F_B64_READ_ASN1 208
|
||||
#define ASN1_F_B64_WRITE_ASN1 209
|
||||
#define ASN1_F_B64_READ_ASN1 209
|
||||
#define ASN1_F_B64_WRITE_ASN1 210
|
||||
#define ASN1_F_BIO_NEW_NDEF 208
|
||||
#define ASN1_F_BITSTR_CB 180
|
||||
#define ASN1_F_BN_TO_ASN1_ENUMERATED 138
|
||||
#define ASN1_F_BN_TO_ASN1_INTEGER 139
|
||||
|
@ -1175,6 +1241,7 @@ void ERR_load_ASN1_strings(void);
|
|||
#define ASN1_F_D2I_ASN1_TYPE_BYTES 149
|
||||
#define ASN1_F_D2I_ASN1_UINTEGER 150
|
||||
#define ASN1_F_D2I_ASN1_UTCTIME 151
|
||||
#define ASN1_F_D2I_AUTOPRIVATEKEY 207
|
||||
#define ASN1_F_D2I_NETSCAPE_RSA 152
|
||||
#define ASN1_F_D2I_NETSCAPE_RSA_2 153
|
||||
#define ASN1_F_D2I_PRIVATEKEY 154
|
||||
|
@ -1184,6 +1251,7 @@ void ERR_load_ASN1_strings(void);
|
|||
#define ASN1_F_D2I_X509 156
|
||||
#define ASN1_F_D2I_X509_CINF 157
|
||||
#define ASN1_F_D2I_X509_PKEY 159
|
||||
#define ASN1_F_I2D_ASN1_BIO_STREAM 211
|
||||
#define ASN1_F_I2D_ASN1_SET 188
|
||||
#define ASN1_F_I2D_ASN1_TIME 160
|
||||
#define ASN1_F_I2D_DSA_PUBKEY 161
|
||||
|
@ -1195,10 +1263,12 @@ void ERR_load_ASN1_strings(void);
|
|||
#define ASN1_F_LONG_C2I 166
|
||||
#define ASN1_F_OID_MODULE_INIT 174
|
||||
#define ASN1_F_PARSE_TAGGING 182
|
||||
#define ASN1_F_PKCS5_PBE2_SET 167
|
||||
#define ASN1_F_PKCS5_PBE2_SET_IV 167
|
||||
#define ASN1_F_PKCS5_PBE_SET 202
|
||||
#define ASN1_F_SMIME_READ_ASN1 210
|
||||
#define ASN1_F_SMIME_TEXT 211
|
||||
#define ASN1_F_PKCS5_PBE_SET0_ALGOR 215
|
||||
#define ASN1_F_PKCS5_PBKDF2_SET 219
|
||||
#define ASN1_F_SMIME_READ_ASN1 212
|
||||
#define ASN1_F_SMIME_TEXT 213
|
||||
#define ASN1_F_X509_CINF_NEW 168
|
||||
#define ASN1_F_X509_CRL_ADD0_REVOKED 169
|
||||
#define ASN1_F_X509_INFO_NEW 170
|
||||
|
@ -1210,21 +1280,24 @@ void ERR_load_ASN1_strings(void);
|
|||
|
||||
/* Reason codes. */
|
||||
#define ASN1_R_ADDING_OBJECT 171
|
||||
#define ASN1_R_ASN1_PARSE_ERROR 198
|
||||
#define ASN1_R_ASN1_SIG_PARSE_ERROR 199
|
||||
#define ASN1_R_ASN1_PARSE_ERROR 203
|
||||
#define ASN1_R_ASN1_SIG_PARSE_ERROR 204
|
||||
#define ASN1_R_AUX_ERROR 100
|
||||
#define ASN1_R_BAD_CLASS 101
|
||||
#define ASN1_R_BAD_OBJECT_HEADER 102
|
||||
#define ASN1_R_BAD_PASSWORD_READ 103
|
||||
#define ASN1_R_BAD_TAG 104
|
||||
#define ASN1_R_BMPSTRING_IS_WRONG_LENGTH 214
|
||||
#define ASN1_R_BN_LIB 105
|
||||
#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 106
|
||||
#define ASN1_R_BUFFER_TOO_SMALL 107
|
||||
#define ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 108
|
||||
#define ASN1_R_CONTEXT_NOT_INITIALISED 217
|
||||
#define ASN1_R_DATA_IS_WRONG 109
|
||||
#define ASN1_R_DECODE_ERROR 110
|
||||
#define ASN1_R_DECODING_ERROR 111
|
||||
#define ASN1_R_DEPTH_EXCEEDED 174
|
||||
#define ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED 198
|
||||
#define ASN1_R_ENCODE_ERROR 112
|
||||
#define ASN1_R_ERROR_GETTING_TIME 173
|
||||
#define ASN1_R_ERROR_LOADING_SECTION 172
|
||||
|
@ -1258,9 +1331,10 @@ void ERR_load_ASN1_strings(void);
|
|||
#define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG 128
|
||||
#define ASN1_R_INVALID_BMPSTRING_LENGTH 129
|
||||
#define ASN1_R_INVALID_DIGIT 130
|
||||
#define ASN1_R_INVALID_MIME_TYPE 200
|
||||
#define ASN1_R_INVALID_MIME_TYPE 205
|
||||
#define ASN1_R_INVALID_MODIFIER 186
|
||||
#define ASN1_R_INVALID_NUMBER 187
|
||||
#define ASN1_R_INVALID_OBJECT_ENCODING 216
|
||||
#define ASN1_R_INVALID_SEPARATOR 131
|
||||
#define ASN1_R_INVALID_TIME_FORMAT 132
|
||||
#define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH 133
|
||||
|
@ -1268,9 +1342,9 @@ void ERR_load_ASN1_strings(void);
|
|||
#define ASN1_R_IV_TOO_LARGE 135
|
||||
#define ASN1_R_LENGTH_ERROR 136
|
||||
#define ASN1_R_LIST_ERROR 188
|
||||
#define ASN1_R_MIME_NO_CONTENT_TYPE 201
|
||||
#define ASN1_R_MIME_PARSE_ERROR 202
|
||||
#define ASN1_R_MIME_SIG_PARSE_ERROR 203
|
||||
#define ASN1_R_MIME_NO_CONTENT_TYPE 206
|
||||
#define ASN1_R_MIME_PARSE_ERROR 207
|
||||
#define ASN1_R_MIME_SIG_PARSE_ERROR 208
|
||||
#define ASN1_R_MISSING_EOC 137
|
||||
#define ASN1_R_MISSING_SECOND_NUMBER 138
|
||||
#define ASN1_R_MISSING_VALUE 189
|
||||
|
@ -1280,11 +1354,12 @@ void ERR_load_ASN1_strings(void);
|
|||
#define ASN1_R_NON_HEX_CHARACTERS 141
|
||||
#define ASN1_R_NOT_ASCII_FORMAT 190
|
||||
#define ASN1_R_NOT_ENOUGH_DATA 142
|
||||
#define ASN1_R_NO_CONTENT_TYPE 204
|
||||
#define ASN1_R_NO_CONTENT_TYPE 209
|
||||
#define ASN1_R_NO_DEFAULT_DIGEST 201
|
||||
#define ASN1_R_NO_MATCHING_CHOICE_TYPE 143
|
||||
#define ASN1_R_NO_MULTIPART_BODY_FAILURE 205
|
||||
#define ASN1_R_NO_MULTIPART_BOUNDARY 206
|
||||
#define ASN1_R_NO_SIG_CONTENT_TYPE 207
|
||||
#define ASN1_R_NO_MULTIPART_BODY_FAILURE 210
|
||||
#define ASN1_R_NO_MULTIPART_BOUNDARY 211
|
||||
#define ASN1_R_NO_SIG_CONTENT_TYPE 212
|
||||
#define ASN1_R_NULL_IS_WRONG_LENGTH 144
|
||||
#define ASN1_R_OBJECT_NOT_ASCII_FORMAT 191
|
||||
#define ASN1_R_ODD_NUMBER_OF_CHARS 145
|
||||
|
@ -1294,8 +1369,8 @@ void ERR_load_ASN1_strings(void);
|
|||
#define ASN1_R_SEQUENCE_NOT_CONSTRUCTED 149
|
||||
#define ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG 192
|
||||
#define ASN1_R_SHORT_LINE 150
|
||||
#define ASN1_R_SIG_INVALID_MIME_TYPE 208
|
||||
#define ASN1_R_STREAMING_NOT_SUPPORTED 209
|
||||
#define ASN1_R_SIG_INVALID_MIME_TYPE 213
|
||||
#define ASN1_R_STREAMING_NOT_SUPPORTED 202
|
||||
#define ASN1_R_STRING_TOO_LONG 151
|
||||
#define ASN1_R_STRING_TOO_SHORT 152
|
||||
#define ASN1_R_TAG_VALUE_TOO_HIGH 153
|
||||
|
@ -1306,10 +1381,12 @@ void ERR_load_ASN1_strings(void);
|
|||
#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 157
|
||||
#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 158
|
||||
#define ASN1_R_UNEXPECTED_EOC 159
|
||||
#define ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH 215
|
||||
#define ASN1_R_UNKNOWN_FORMAT 160
|
||||
#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 161
|
||||
#define ASN1_R_UNKNOWN_OBJECT_TYPE 162
|
||||
#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 163
|
||||
#define ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM 199
|
||||
#define ASN1_R_UNKNOWN_TAG 194
|
||||
#define ASN1_R_UNKOWN_FORMAT 195
|
||||
#define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE 164
|
||||
|
@ -1317,6 +1394,7 @@ void ERR_load_ASN1_strings(void);
|
|||
#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 166
|
||||
#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 167
|
||||
#define ASN1_R_UNSUPPORTED_TYPE 196
|
||||
#define ASN1_R_WRONG_PUBLIC_KEY_TYPE 200
|
||||
#define ASN1_R_WRONG_TAG 168
|
||||
#define ASN1_R_WRONG_TYPE 169
|
||||
|
||||
|
|
|
@ -153,6 +153,13 @@ err:\
|
|||
M_ASN1_D2I_get(b,func); \
|
||||
}
|
||||
|
||||
#define M_ASN1_D2I_get_int_opt(b,func,type) \
|
||||
if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) \
|
||||
== (V_ASN1_UNIVERSAL|(type)))) \
|
||||
{ \
|
||||
M_ASN1_D2I_get_int(b,func); \
|
||||
}
|
||||
|
||||
#define M_ASN1_D2I_get_imp(b,func, type) \
|
||||
M_ASN1_next=(_tmp& V_ASN1_CONSTRUCTED)|type; \
|
||||
c.q=c.p; \
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
/* asn1t.h */
|
||||
/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
|
||||
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
||||
* project 2000.
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
|
||||
* Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
|
@ -218,6 +218,18 @@ extern "C" {
|
|||
#stname \
|
||||
ASN1_ITEM_end(tname)
|
||||
|
||||
#define ASN1_NDEF_SEQUENCE_END_cb(stname, tname) \
|
||||
;\
|
||||
ASN1_ITEM_start(tname) \
|
||||
ASN1_ITYPE_NDEF_SEQUENCE,\
|
||||
V_ASN1_SEQUENCE,\
|
||||
tname##_seq_tt,\
|
||||
sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
|
||||
&tname##_aux,\
|
||||
sizeof(stname),\
|
||||
#stname \
|
||||
ASN1_ITEM_end(tname)
|
||||
|
||||
|
||||
/* This pair helps declare a CHOICE type. We can do:
|
||||
*
|
||||
|
@ -651,8 +663,13 @@ typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM
|
|||
typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
|
||||
typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
|
||||
|
||||
typedef int ASN1_ex_print_func(BIO *out, ASN1_VALUE **pval,
|
||||
int indent, const char *fname,
|
||||
const ASN1_PCTX *pctx);
|
||||
|
||||
typedef int ASN1_primitive_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it);
|
||||
typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
|
||||
typedef int ASN1_primitive_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it, int indent, const ASN1_PCTX *pctx);
|
||||
|
||||
typedef struct ASN1_COMPAT_FUNCS_st {
|
||||
ASN1_new_func *asn1_new;
|
||||
|
@ -668,6 +685,7 @@ typedef struct ASN1_EXTERN_FUNCS_st {
|
|||
ASN1_ex_free_func *asn1_ex_clear;
|
||||
ASN1_ex_d2i *asn1_ex_d2i;
|
||||
ASN1_ex_i2d *asn1_ex_i2d;
|
||||
ASN1_ex_print_func *asn1_ex_print;
|
||||
} ASN1_EXTERN_FUNCS;
|
||||
|
||||
typedef struct ASN1_PRIMITIVE_FUNCS_st {
|
||||
|
@ -678,6 +696,7 @@ typedef struct ASN1_PRIMITIVE_FUNCS_st {
|
|||
ASN1_ex_free_func *prim_clear;
|
||||
ASN1_primitive_c2i *prim_c2i;
|
||||
ASN1_primitive_i2c *prim_i2c;
|
||||
ASN1_primitive_print *prim_print;
|
||||
} ASN1_PRIMITIVE_FUNCS;
|
||||
|
||||
/* This is the ASN1_AUX structure: it handles various
|
||||
|
@ -697,7 +716,8 @@ typedef struct ASN1_PRIMITIVE_FUNCS_st {
|
|||
* then an external type is more appropriate.
|
||||
*/
|
||||
|
||||
typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it);
|
||||
typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it,
|
||||
void *exarg);
|
||||
|
||||
typedef struct ASN1_AUX_st {
|
||||
void *app_data;
|
||||
|
@ -708,6 +728,23 @@ typedef struct ASN1_AUX_st {
|
|||
int enc_offset; /* Offset of ASN1_ENCODING structure */
|
||||
} ASN1_AUX;
|
||||
|
||||
/* For print related callbacks exarg points to this structure */
|
||||
typedef struct ASN1_PRINT_ARG_st {
|
||||
BIO *out;
|
||||
int indent;
|
||||
const ASN1_PCTX *pctx;
|
||||
} ASN1_PRINT_ARG;
|
||||
|
||||
/* For streaming related callbacks exarg points to this structure */
|
||||
typedef struct ASN1_STREAM_ARG_st {
|
||||
/* BIO to stream through */
|
||||
BIO *out;
|
||||
/* BIO with filters appended */
|
||||
BIO *ndef_bio;
|
||||
/* Streaming I/O boundary */
|
||||
unsigned char **boundary;
|
||||
} ASN1_STREAM_ARG;
|
||||
|
||||
/* Flags in ASN1_AUX */
|
||||
|
||||
/* Use a reference count */
|
||||
|
@ -727,6 +764,12 @@ typedef struct ASN1_AUX_st {
|
|||
#define ASN1_OP_D2I_POST 5
|
||||
#define ASN1_OP_I2D_PRE 6
|
||||
#define ASN1_OP_I2D_POST 7
|
||||
#define ASN1_OP_PRINT_PRE 8
|
||||
#define ASN1_OP_PRINT_POST 9
|
||||
#define ASN1_OP_STREAM_PRE 10
|
||||
#define ASN1_OP_STREAM_POST 11
|
||||
#define ASN1_OP_DETACHED_PRE 12
|
||||
#define ASN1_OP_DETACHED_POST 13
|
||||
|
||||
/* Macro to implement a primitive type */
|
||||
#define IMPLEMENT_ASN1_TYPE(stname) IMPLEMENT_ASN1_TYPE_ex(stname, stname, 0)
|
||||
|
@ -782,9 +825,22 @@ typedef struct ASN1_AUX_st {
|
|||
#define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \
|
||||
IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname)
|
||||
|
||||
#define IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(stname) \
|
||||
IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(static, stname, stname, stname)
|
||||
|
||||
#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS(stname) \
|
||||
IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, stname, stname)
|
||||
|
||||
#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(pre, stname, itname, fname) \
|
||||
pre stname *fname##_new(void) \
|
||||
{ \
|
||||
return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
|
||||
} \
|
||||
pre void fname##_free(stname *a) \
|
||||
{ \
|
||||
ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
|
||||
}
|
||||
|
||||
#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \
|
||||
stname *fname##_new(void) \
|
||||
{ \
|
||||
|
@ -834,6 +890,17 @@ typedef struct ASN1_AUX_st {
|
|||
return ASN1_item_dup(ASN1_ITEM_rptr(stname), x); \
|
||||
}
|
||||
|
||||
#define IMPLEMENT_ASN1_PRINT_FUNCTION(stname) \
|
||||
IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, stname, stname)
|
||||
|
||||
#define IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, itname, fname) \
|
||||
int fname##_print_ctx(BIO *out, stname *x, int indent, \
|
||||
const ASN1_PCTX *pctx) \
|
||||
{ \
|
||||
return ASN1_item_print(out, (ASN1_VALUE *)x, indent, \
|
||||
ASN1_ITEM_rptr(itname), pctx); \
|
||||
}
|
||||
|
||||
#define IMPLEMENT_ASN1_FUNCTIONS_const(name) \
|
||||
IMPLEMENT_ASN1_FUNCTIONS_const_fname(name, name, name)
|
||||
|
||||
|
|
|
@ -68,6 +68,14 @@
|
|||
|
||||
#include <openssl/crypto.h>
|
||||
|
||||
#ifndef OPENSSL_NO_SCTP
|
||||
# ifndef OPENSSL_SYS_VMS
|
||||
# include <stdint.h>
|
||||
# else
|
||||
# include <inttypes.h>
|
||||
# endif
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
@ -95,6 +103,10 @@ extern "C" {
|
|||
#define BIO_TYPE_BIO (19|0x0400) /* (half a) BIO pair */
|
||||
#define BIO_TYPE_LINEBUFFER (20|0x0200) /* filter */
|
||||
#define BIO_TYPE_DGRAM (21|0x0400|0x0100)
|
||||
#ifndef OPENSSL_NO_SCTP
|
||||
#define BIO_TYPE_DGRAM_SCTP (24|0x0400|0x0100)
|
||||
#endif
|
||||
#define BIO_TYPE_ASN1 (22|0x0200) /* filter */
|
||||
#define BIO_TYPE_COMP (23|0x0200) /* filter */
|
||||
|
||||
#define BIO_TYPE_DESCRIPTOR 0x0100 /* socket, fd, connect or accept */
|
||||
|
@ -145,6 +157,7 @@ extern "C" {
|
|||
/* #endif */
|
||||
|
||||
#define BIO_CTRL_DGRAM_QUERY_MTU 40 /* as kernel for current MTU */
|
||||
#define BIO_CTRL_DGRAM_GET_FALLBACK_MTU 47
|
||||
#define BIO_CTRL_DGRAM_GET_MTU 41 /* get cached value for MTU */
|
||||
#define BIO_CTRL_DGRAM_SET_MTU 42 /* set cached value for
|
||||
* MTU. want to use this
|
||||
|
@ -156,8 +169,26 @@ extern "C" {
|
|||
* previous write
|
||||
* operation */
|
||||
|
||||
#define BIO_CTRL_DGRAM_GET_PEER 46
|
||||
#define BIO_CTRL_DGRAM_SET_PEER 44 /* Destination for the data */
|
||||
|
||||
#define BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT 45 /* Next DTLS handshake timeout to
|
||||
* adjust socket timeouts */
|
||||
|
||||
#ifndef OPENSSL_NO_SCTP
|
||||
/* SCTP stuff */
|
||||
#define BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE 50
|
||||
#define BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY 51
|
||||
#define BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY 52
|
||||
#define BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD 53
|
||||
#define BIO_CTRL_DGRAM_SCTP_GET_SNDINFO 60
|
||||
#define BIO_CTRL_DGRAM_SCTP_SET_SNDINFO 61
|
||||
#define BIO_CTRL_DGRAM_SCTP_GET_RCVINFO 62
|
||||
#define BIO_CTRL_DGRAM_SCTP_SET_RCVINFO 63
|
||||
#define BIO_CTRL_DGRAM_SCTP_GET_PRINFO 64
|
||||
#define BIO_CTRL_DGRAM_SCTP_SET_PRINFO 65
|
||||
#define BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN 70
|
||||
#endif
|
||||
|
||||
/* modifiers */
|
||||
#define BIO_FP_READ 0x02
|
||||
|
@ -262,7 +293,6 @@ int BIO_method_type(const BIO *b);
|
|||
|
||||
typedef void bio_info_cb(struct bio_st *, int, const char *, int, long, long);
|
||||
|
||||
#ifndef OPENSSL_SYS_WIN16
|
||||
typedef struct bio_method_st
|
||||
{
|
||||
int type;
|
||||
|
@ -276,21 +306,6 @@ typedef struct bio_method_st
|
|||
int (*destroy)(BIO *);
|
||||
long (*callback_ctrl)(BIO *, int, bio_info_cb *);
|
||||
} BIO_METHOD;
|
||||
#else
|
||||
typedef struct bio_method_st
|
||||
{
|
||||
int type;
|
||||
const char *name;
|
||||
int (_far *bwrite)();
|
||||
int (_far *bread)();
|
||||
int (_far *bputs)();
|
||||
int (_far *bgets)();
|
||||
long (_far *ctrl)();
|
||||
int (_far *create)();
|
||||
int (_far *destroy)();
|
||||
long (_far *callback_ctrl)();
|
||||
} BIO_METHOD;
|
||||
#endif
|
||||
|
||||
struct bio_st
|
||||
{
|
||||
|
@ -318,6 +333,15 @@ DECLARE_STACK_OF(BIO)
|
|||
|
||||
typedef struct bio_f_buffer_ctx_struct
|
||||
{
|
||||
/* Buffers are setup like this:
|
||||
*
|
||||
* <---------------------- size ----------------------->
|
||||
* +---------------------------------------------------+
|
||||
* | consumed | remaining | free space |
|
||||
* +---------------------------------------------------+
|
||||
* <-- off --><------- len ------->
|
||||
*/
|
||||
|
||||
/* BIO *bio; */ /* this is now in the BIO struct */
|
||||
int ibuf_size; /* how big is the input buffer */
|
||||
int obuf_size; /* how big is the output buffer */
|
||||
|
@ -331,6 +355,37 @@ typedef struct bio_f_buffer_ctx_struct
|
|||
int obuf_off; /* write/read offset */
|
||||
} BIO_F_BUFFER_CTX;
|
||||
|
||||
/* Prefix and suffix callback in ASN1 BIO */
|
||||
typedef int asn1_ps_func(BIO *b, unsigned char **pbuf, int *plen, void *parg);
|
||||
|
||||
#ifndef OPENSSL_NO_SCTP
|
||||
/* SCTP parameter structs */
|
||||
struct bio_dgram_sctp_sndinfo
|
||||
{
|
||||
uint16_t snd_sid;
|
||||
uint16_t snd_flags;
|
||||
uint32_t snd_ppid;
|
||||
uint32_t snd_context;
|
||||
};
|
||||
|
||||
struct bio_dgram_sctp_rcvinfo
|
||||
{
|
||||
uint16_t rcv_sid;
|
||||
uint16_t rcv_ssn;
|
||||
uint16_t rcv_flags;
|
||||
uint32_t rcv_ppid;
|
||||
uint32_t rcv_tsn;
|
||||
uint32_t rcv_cumtsn;
|
||||
uint32_t rcv_context;
|
||||
};
|
||||
|
||||
struct bio_dgram_sctp_prinfo
|
||||
{
|
||||
uint16_t pr_policy;
|
||||
uint32_t pr_value;
|
||||
};
|
||||
#endif
|
||||
|
||||
/* connect BIO stuff */
|
||||
#define BIO_CONN_S_BEFORE 1
|
||||
#define BIO_CONN_S_GET_IP 2
|
||||
|
@ -393,6 +448,13 @@ typedef struct bio_f_buffer_ctx_struct
|
|||
#define BIO_C_RESET_READ_REQUEST 147
|
||||
#define BIO_C_SET_MD_CTX 148
|
||||
|
||||
#define BIO_C_SET_PREFIX 149
|
||||
#define BIO_C_GET_PREFIX 150
|
||||
#define BIO_C_SET_SUFFIX 151
|
||||
#define BIO_C_GET_SUFFIX 152
|
||||
|
||||
#define BIO_C_SET_EX_ARG 153
|
||||
#define BIO_C_GET_EX_ARG 154
|
||||
|
||||
#define BIO_set_app_data(s,arg) BIO_set_ex_data(s,0,arg)
|
||||
#define BIO_get_app_data(s) BIO_get_ex_data(s,0)
|
||||
|
@ -405,7 +467,7 @@ typedef struct bio_f_buffer_ctx_struct
|
|||
#define BIO_get_conn_hostname(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0)
|
||||
#define BIO_get_conn_port(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1)
|
||||
#define BIO_get_conn_ip(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,2)
|
||||
#define BIO_get_conn_int_port(b) BIO_int_ctrl(b,BIO_C_GET_CONNECT,3)
|
||||
#define BIO_get_conn_int_port(b) BIO_int_ctrl(b,BIO_C_GET_CONNECT,3,0)
|
||||
|
||||
|
||||
#define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL)
|
||||
|
@ -414,7 +476,7 @@ typedef struct bio_f_buffer_ctx_struct
|
|||
#define BIO_set_accept_port(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0,(char *)name)
|
||||
#define BIO_get_accept_port(b) BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0)
|
||||
/* #define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) */
|
||||
#define BIO_set_nbio_accept(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,1,(n)?"a":NULL)
|
||||
#define BIO_set_nbio_accept(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,1,(n)?(void *)"a":NULL)
|
||||
#define BIO_set_accept_bios(b,bio) BIO_ctrl(b,BIO_C_SET_ACCEPT,2,(char *)bio)
|
||||
|
||||
#define BIO_BIND_NORMAL 0
|
||||
|
@ -541,6 +603,8 @@ int BIO_ctrl_reset_read_request(BIO *b);
|
|||
(int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP, 0, NULL)
|
||||
#define BIO_dgram_send_timedout(b) \
|
||||
(int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP, 0, NULL)
|
||||
#define BIO_dgram_get_peer(b,peer) \
|
||||
(int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_PEER, 0, (char *)peer)
|
||||
#define BIO_dgram_set_peer(b,peer) \
|
||||
(int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, (char *)peer)
|
||||
|
||||
|
@ -554,22 +618,21 @@ int BIO_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
|
|||
unsigned long BIO_number_read(BIO *bio);
|
||||
unsigned long BIO_number_written(BIO *bio);
|
||||
|
||||
/* For BIO_f_asn1() */
|
||||
int BIO_asn1_set_prefix(BIO *b, asn1_ps_func *prefix,
|
||||
asn1_ps_func *prefix_free);
|
||||
int BIO_asn1_get_prefix(BIO *b, asn1_ps_func **pprefix,
|
||||
asn1_ps_func **pprefix_free);
|
||||
int BIO_asn1_set_suffix(BIO *b, asn1_ps_func *suffix,
|
||||
asn1_ps_func *suffix_free);
|
||||
int BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix,
|
||||
asn1_ps_func **psuffix_free);
|
||||
|
||||
# ifndef OPENSSL_NO_FP_API
|
||||
# if defined(OPENSSL_SYS_WIN16) && defined(_WINDLL)
|
||||
BIO_METHOD *BIO_s_file_internal(void);
|
||||
BIO *BIO_new_file_internal(char *filename, char *mode);
|
||||
BIO *BIO_new_fp_internal(FILE *stream, int close_flag);
|
||||
# define BIO_s_file BIO_s_file_internal
|
||||
# define BIO_new_file BIO_new_file_internal
|
||||
# define BIO_new_fp BIO_new_fp_internal
|
||||
# else /* FP_API */
|
||||
BIO_METHOD *BIO_s_file(void );
|
||||
BIO *BIO_new_file(const char *filename, const char *mode);
|
||||
BIO *BIO_new_fp(FILE *stream, int close_flag);
|
||||
# define BIO_s_file_internal BIO_s_file
|
||||
# define BIO_new_file_internal BIO_new_file
|
||||
# define BIO_new_fp_internal BIO_s_file
|
||||
# endif /* FP_API */
|
||||
# define BIO_s_file_internal BIO_s_file
|
||||
# endif
|
||||
BIO * BIO_new(BIO_METHOD *type);
|
||||
int BIO_set(BIO *a,BIO_METHOD *type);
|
||||
|
@ -598,13 +661,8 @@ int BIO_nread(BIO *bio, char **buf, int num);
|
|||
int BIO_nwrite0(BIO *bio, char **buf);
|
||||
int BIO_nwrite(BIO *bio, char **buf, int num);
|
||||
|
||||
#ifndef OPENSSL_SYS_WIN16
|
||||
long BIO_debug_callback(BIO *bio,int cmd,const char *argp,int argi,
|
||||
long argl,long ret);
|
||||
#else
|
||||
long _far _loadds BIO_debug_callback(BIO *bio,int cmd,const char *argp,int argi,
|
||||
long argl,long ret);
|
||||
#endif
|
||||
|
||||
BIO_METHOD *BIO_s_mem(void);
|
||||
BIO *BIO_new_mem_buf(void *buf, int len);
|
||||
|
@ -625,6 +683,9 @@ BIO_METHOD *BIO_f_linebuffer(void);
|
|||
BIO_METHOD *BIO_f_nbio_test(void);
|
||||
#ifndef OPENSSL_NO_DGRAM
|
||||
BIO_METHOD *BIO_s_datagram(void);
|
||||
#ifndef OPENSSL_NO_SCTP
|
||||
BIO_METHOD *BIO_s_datagram_sctp(void);
|
||||
#endif
|
||||
#endif
|
||||
|
||||
/* BIO_METHOD *BIO_f_ber(void); */
|
||||
|
@ -667,6 +728,15 @@ int BIO_set_tcp_ndelay(int sock,int turn_on);
|
|||
|
||||
BIO *BIO_new_socket(int sock, int close_flag);
|
||||
BIO *BIO_new_dgram(int fd, int close_flag);
|
||||
#ifndef OPENSSL_NO_SCTP
|
||||
BIO *BIO_new_dgram_sctp(int fd, int close_flag);
|
||||
int BIO_dgram_is_sctp(BIO *bio);
|
||||
int BIO_dgram_sctp_notification_cb(BIO *b,
|
||||
void (*handle_notifications)(BIO *bio, void *context, void *buf),
|
||||
void *context);
|
||||
int BIO_dgram_sctp_wait_for_dry(BIO *b);
|
||||
int BIO_dgram_sctp_msg_waiting(BIO *b);
|
||||
#endif
|
||||
BIO *BIO_new_fd(int fd, int close_flag);
|
||||
BIO *BIO_new_connect(char *host_port);
|
||||
BIO *BIO_new_accept(char *host_port);
|
||||
|
@ -731,6 +801,7 @@ void ERR_load_BIO_strings(void);
|
|||
#define BIO_F_BUFFER_CTRL 114
|
||||
#define BIO_F_CONN_CTRL 127
|
||||
#define BIO_F_CONN_STATE 115
|
||||
#define BIO_F_DGRAM_SCTP_READ 132
|
||||
#define BIO_F_FILE_CTRL 116
|
||||
#define BIO_F_FILE_READ 130
|
||||
#define BIO_F_LINEBUFFER_CTRL 129
|
||||
|
|
|
@ -79,7 +79,7 @@ extern "C" {
|
|||
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
||||
*/
|
||||
|
||||
#if defined(OPENSSL_SYS_WIN16) || defined(__LP32__)
|
||||
#if defined(__LP32__)
|
||||
#define BF_LONG unsigned long
|
||||
#elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
|
||||
#define BF_LONG unsigned long
|
||||
|
@ -104,7 +104,9 @@ typedef struct bf_key_st
|
|||
BF_LONG S[4*256];
|
||||
} BF_KEY;
|
||||
|
||||
|
||||
#ifdef OPENSSL_FIPS
|
||||
void private_BF_set_key(BF_KEY *key, int len, const unsigned char *data);
|
||||
#endif
|
||||
void BF_set_key(BF_KEY *key, int len, const unsigned char *data);
|
||||
|
||||
void BF_encrypt(BF_LONG *data,const BF_KEY *key);
|
||||
|
|
|
@ -55,6 +55,59 @@
|
|||
* copied and put under another distribution licence
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* openssl-core@openssl.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*
|
||||
* This product includes cryptographic software written by Eric Young
|
||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||
* Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
|
||||
*
|
||||
|
@ -77,6 +130,7 @@
|
|||
#include <stdio.h> /* FILE */
|
||||
#endif
|
||||
#include <openssl/ossl_typ.h>
|
||||
#include <openssl/crypto.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
|
@ -94,9 +148,11 @@ extern "C" {
|
|||
/* #define BN_DEBUG */
|
||||
/* #define BN_DEBUG_RAND */
|
||||
|
||||
#ifndef OPENSSL_SMALL_FOOTPRINT
|
||||
#define BN_MUL_COMBA
|
||||
#define BN_SQR_COMBA
|
||||
#define BN_RECURSION
|
||||
#endif
|
||||
|
||||
/* This next option uses the C libraries (2 word)/(1 word) function.
|
||||
* If it is not defined, I use my C version (which is slower).
|
||||
|
@ -137,6 +193,8 @@ extern "C" {
|
|||
#define BN_DEC_FMT1 "%lu"
|
||||
#define BN_DEC_FMT2 "%019lu"
|
||||
#define BN_DEC_NUM 19
|
||||
#define BN_HEX_FMT1 "%lX"
|
||||
#define BN_HEX_FMT2 "%016lX"
|
||||
#endif
|
||||
|
||||
/* This is where the long long data type is 64 bits, but long is 32.
|
||||
|
@ -162,84 +220,56 @@ extern "C" {
|
|||
#define BN_DEC_FMT1 "%llu"
|
||||
#define BN_DEC_FMT2 "%019llu"
|
||||
#define BN_DEC_NUM 19
|
||||
#define BN_HEX_FMT1 "%llX"
|
||||
#define BN_HEX_FMT2 "%016llX"
|
||||
#endif
|
||||
|
||||
#ifdef THIRTY_TWO_BIT
|
||||
#ifdef BN_LLONG
|
||||
# if defined(OPENSSL_SYS_WIN32) && !defined(__GNUC__)
|
||||
# if defined(_WIN32) && !defined(__GNUC__)
|
||||
# define BN_ULLONG unsigned __int64
|
||||
# define BN_MASK (0xffffffffffffffffI64)
|
||||
# else
|
||||
# define BN_ULLONG unsigned long long
|
||||
# define BN_MASK (0xffffffffffffffffLL)
|
||||
# endif
|
||||
#endif
|
||||
#define BN_ULONG unsigned long
|
||||
#define BN_LONG long
|
||||
#define BN_ULONG unsigned int
|
||||
#define BN_LONG int
|
||||
#define BN_BITS 64
|
||||
#define BN_BYTES 4
|
||||
#define BN_BITS2 32
|
||||
#define BN_BITS4 16
|
||||
#ifdef OPENSSL_SYS_WIN32
|
||||
/* VC++ doesn't like the LL suffix */
|
||||
#define BN_MASK (0xffffffffffffffffL)
|
||||
#else
|
||||
#define BN_MASK (0xffffffffffffffffLL)
|
||||
#endif
|
||||
#define BN_MASK2 (0xffffffffL)
|
||||
#define BN_MASK2l (0xffff)
|
||||
#define BN_MASK2h1 (0xffff8000L)
|
||||
#define BN_MASK2h (0xffff0000L)
|
||||
#define BN_TBIT (0x80000000L)
|
||||
#define BN_DEC_CONV (1000000000L)
|
||||
#define BN_DEC_FMT1 "%lu"
|
||||
#define BN_DEC_FMT2 "%09lu"
|
||||
#define BN_DEC_FMT1 "%u"
|
||||
#define BN_DEC_FMT2 "%09u"
|
||||
#define BN_DEC_NUM 9
|
||||
#define BN_HEX_FMT1 "%X"
|
||||
#define BN_HEX_FMT2 "%08X"
|
||||
#endif
|
||||
|
||||
#ifdef SIXTEEN_BIT
|
||||
#ifndef BN_DIV2W
|
||||
#define BN_DIV2W
|
||||
#endif
|
||||
#define BN_ULLONG unsigned long
|
||||
#define BN_ULONG unsigned short
|
||||
#define BN_LONG short
|
||||
#define BN_BITS 32
|
||||
#define BN_BYTES 2
|
||||
#define BN_BITS2 16
|
||||
#define BN_BITS4 8
|
||||
#define BN_MASK (0xffffffff)
|
||||
#define BN_MASK2 (0xffff)
|
||||
#define BN_MASK2l (0xff)
|
||||
#define BN_MASK2h1 (0xff80)
|
||||
#define BN_MASK2h (0xff00)
|
||||
#define BN_TBIT (0x8000)
|
||||
#define BN_DEC_CONV (100000)
|
||||
#define BN_DEC_FMT1 "%u"
|
||||
#define BN_DEC_FMT2 "%05u"
|
||||
#define BN_DEC_NUM 5
|
||||
#endif
|
||||
|
||||
#ifdef EIGHT_BIT
|
||||
#ifndef BN_DIV2W
|
||||
#define BN_DIV2W
|
||||
#endif
|
||||
#define BN_ULLONG unsigned short
|
||||
#define BN_ULONG unsigned char
|
||||
#define BN_LONG char
|
||||
#define BN_BITS 16
|
||||
#define BN_BYTES 1
|
||||
#define BN_BITS2 8
|
||||
#define BN_BITS4 4
|
||||
#define BN_MASK (0xffff)
|
||||
#define BN_MASK2 (0xff)
|
||||
#define BN_MASK2l (0xf)
|
||||
#define BN_MASK2h1 (0xf8)
|
||||
#define BN_MASK2h (0xf0)
|
||||
#define BN_TBIT (0x80)
|
||||
#define BN_DEC_CONV (100)
|
||||
#define BN_DEC_FMT1 "%u"
|
||||
#define BN_DEC_FMT2 "%02u"
|
||||
#define BN_DEC_NUM 2
|
||||
#endif
|
||||
/* 2011-02-22 SMS.
|
||||
* In various places, a size_t variable or a type cast to size_t was
|
||||
* used to perform integer-only operations on pointers. This failed on
|
||||
* VMS with 64-bit pointers (CC /POINTER_SIZE = 64) because size_t is
|
||||
* still only 32 bits. What's needed in these cases is an integer type
|
||||
* with the same size as a pointer, which size_t is not certain to be.
|
||||
* The only fix here is VMS-specific.
|
||||
*/
|
||||
#if defined(OPENSSL_SYS_VMS)
|
||||
# if __INITIAL_POINTER_SIZE == 64
|
||||
# define PTR_SIZE_INT long long
|
||||
# else /* __INITIAL_POINTER_SIZE == 64 */
|
||||
# define PTR_SIZE_INT int
|
||||
# endif /* __INITIAL_POINTER_SIZE == 64 [else] */
|
||||
#else /* defined(OPENSSL_SYS_VMS) */
|
||||
# define PTR_SIZE_INT size_t
|
||||
#endif /* defined(OPENSSL_SYS_VMS) [else] */
|
||||
|
||||
#define BN_DEFAULT_BITS 1280
|
||||
|
||||
|
@ -303,12 +333,8 @@ struct bn_mont_ctx_st
|
|||
BIGNUM N; /* The modulus */
|
||||
BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1
|
||||
* (Ni is only stored for bignum algorithm) */
|
||||
#if 0
|
||||
/* OpenSSL 0.9.9 preview: */
|
||||
BN_ULONG n0[2];/* least significant word(s) of Ni */
|
||||
#else
|
||||
BN_ULONG n0; /* least significant word of Ni */
|
||||
#endif
|
||||
BN_ULONG n0[2];/* least significant word(s) of Ni;
|
||||
(type changed with 0.9.9, was "BN_ULONG n0;" before) */
|
||||
int flags;
|
||||
};
|
||||
|
||||
|
@ -408,8 +434,8 @@ BIGNUM *BN_CTX_get(BN_CTX *ctx);
|
|||
void BN_CTX_end(BN_CTX *ctx);
|
||||
int BN_rand(BIGNUM *rnd, int bits, int top,int bottom);
|
||||
int BN_pseudo_rand(BIGNUM *rnd, int bits, int top,int bottom);
|
||||
int BN_rand_range(BIGNUM *rnd, BIGNUM *range);
|
||||
int BN_pseudo_rand_range(BIGNUM *rnd, BIGNUM *range);
|
||||
int BN_rand_range(BIGNUM *rnd, const BIGNUM *range);
|
||||
int BN_pseudo_rand_range(BIGNUM *rnd, const BIGNUM *range);
|
||||
int BN_num_bits(const BIGNUM *a);
|
||||
int BN_num_bits_word(BN_ULONG);
|
||||
BIGNUM *BN_new(void);
|
||||
|
@ -504,6 +530,7 @@ char * BN_bn2hex(const BIGNUM *a);
|
|||
char * BN_bn2dec(const BIGNUM *a);
|
||||
int BN_hex2bn(BIGNUM **a, const char *str);
|
||||
int BN_dec2bn(BIGNUM **a, const char *str);
|
||||
int BN_asc2bn(BIGNUM **a, const char *str);
|
||||
int BN_gcd(BIGNUM *r,const BIGNUM *a,const BIGNUM *b,BN_CTX *ctx);
|
||||
int BN_kronecker(const BIGNUM *a,const BIGNUM *b,BN_CTX *ctx); /* returns -2 for error */
|
||||
BIGNUM *BN_mod_inverse(BIGNUM *ret,
|
||||
|
@ -531,6 +558,17 @@ int BN_is_prime_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx, BN_GENCB *cb);
|
|||
int BN_is_prime_fasttest_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx,
|
||||
int do_trial_division, BN_GENCB *cb);
|
||||
|
||||
int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx);
|
||||
|
||||
int BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
|
||||
const BIGNUM *Xp, const BIGNUM *Xp1, const BIGNUM *Xp2,
|
||||
const BIGNUM *e, BN_CTX *ctx, BN_GENCB *cb);
|
||||
int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
|
||||
BIGNUM *Xp1, BIGNUM *Xp2,
|
||||
const BIGNUM *Xp,
|
||||
const BIGNUM *e, BN_CTX *ctx,
|
||||
BN_GENCB *cb);
|
||||
|
||||
BN_MONT_CTX *BN_MONT_CTX_new(void );
|
||||
void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
|
||||
int BN_mod_mul_montgomery(BIGNUM *r,const BIGNUM *a,const BIGNUM *b,
|
||||
|
@ -549,19 +587,22 @@ BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock,
|
|||
#define BN_BLINDING_NO_UPDATE 0x00000001
|
||||
#define BN_BLINDING_NO_RECREATE 0x00000002
|
||||
|
||||
BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, /* const */ BIGNUM *mod);
|
||||
BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod);
|
||||
void BN_BLINDING_free(BN_BLINDING *b);
|
||||
int BN_BLINDING_update(BN_BLINDING *b,BN_CTX *ctx);
|
||||
int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
|
||||
int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
|
||||
int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *);
|
||||
int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *);
|
||||
#ifndef OPENSSL_NO_DEPRECATED
|
||||
unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *);
|
||||
void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long);
|
||||
#endif
|
||||
CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *);
|
||||
unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
|
||||
void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
|
||||
BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
|
||||
const BIGNUM *e, /* const */ BIGNUM *m, BN_CTX *ctx,
|
||||
const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
|
||||
int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
|
||||
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx),
|
||||
BN_MONT_CTX *m_ctx);
|
||||
|
@ -582,6 +623,8 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
|
|||
int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
|
||||
BN_RECP_CTX *recp, BN_CTX *ctx);
|
||||
|
||||
#ifndef OPENSSL_NO_EC2M
|
||||
|
||||
/* Functions for arithmetic over binary polynomials represented by BIGNUMs.
|
||||
*
|
||||
* The BIGNUM::neg property of BIGNUMs representing binary polynomials is
|
||||
|
@ -614,24 +657,26 @@ int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
|
|||
* t^p[0] + t^p[1] + ... + t^p[k]
|
||||
* where m = p[0] > p[1] > ... > p[k] = 0.
|
||||
*/
|
||||
int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[]);
|
||||
int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const int p[]);
|
||||
/* r = a mod p */
|
||||
int BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
||||
const unsigned int p[], BN_CTX *ctx); /* r = (a * b) mod p */
|
||||
int BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[],
|
||||
const int p[], BN_CTX *ctx); /* r = (a * b) mod p */
|
||||
int BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const int p[],
|
||||
BN_CTX *ctx); /* r = (a * a) mod p */
|
||||
int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *b, const unsigned int p[],
|
||||
int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *b, const int p[],
|
||||
BN_CTX *ctx); /* r = (1 / b) mod p */
|
||||
int BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
||||
const unsigned int p[], BN_CTX *ctx); /* r = (a / b) mod p */
|
||||
const int p[], BN_CTX *ctx); /* r = (a / b) mod p */
|
||||
int BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
||||
const unsigned int p[], BN_CTX *ctx); /* r = (a ^ b) mod p */
|
||||
const int p[], BN_CTX *ctx); /* r = (a ^ b) mod p */
|
||||
int BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a,
|
||||
const unsigned int p[], BN_CTX *ctx); /* r = sqrt(a) mod p */
|
||||
const int p[], BN_CTX *ctx); /* r = sqrt(a) mod p */
|
||||
int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a,
|
||||
const unsigned int p[], BN_CTX *ctx); /* r^2 + r = a mod p */
|
||||
int BN_GF2m_poly2arr(const BIGNUM *a, unsigned int p[], int max);
|
||||
int BN_GF2m_arr2poly(const unsigned int p[], BIGNUM *a);
|
||||
const int p[], BN_CTX *ctx); /* r^2 + r = a mod p */
|
||||
int BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max);
|
||||
int BN_GF2m_arr2poly(const int p[], BIGNUM *a);
|
||||
|
||||
#endif
|
||||
|
||||
/* faster mod functions for the 'NIST primes'
|
||||
* 0 <= a < p^2 */
|
||||
|
@ -740,10 +785,12 @@ int RAND_pseudo_bytes(unsigned char *buf,int num);
|
|||
#define bn_correct_top(a) \
|
||||
{ \
|
||||
BN_ULONG *ftl; \
|
||||
if ((a)->top > 0) \
|
||||
int tmp_top = (a)->top; \
|
||||
if (tmp_top > 0) \
|
||||
{ \
|
||||
for (ftl= &((a)->d[(a)->top-1]); (a)->top > 0; (a)->top--) \
|
||||
if (*(ftl--)) break; \
|
||||
for (ftl= &((a)->d[tmp_top-1]); tmp_top > 0; tmp_top--) \
|
||||
if (*(ftl--)) break; \
|
||||
(a)->top = tmp_top; \
|
||||
} \
|
||||
bn_pollute(a); \
|
||||
}
|
||||
|
|
|
@ -76,18 +76,19 @@ extern "C" {
|
|||
|
||||
struct buf_mem_st
|
||||
{
|
||||
int length; /* current number of bytes */
|
||||
size_t length; /* current number of bytes */
|
||||
char *data;
|
||||
int max; /* size of buffer */
|
||||
size_t max; /* size of buffer */
|
||||
};
|
||||
|
||||
BUF_MEM *BUF_MEM_new(void);
|
||||
void BUF_MEM_free(BUF_MEM *a);
|
||||
int BUF_MEM_grow(BUF_MEM *str, int len);
|
||||
int BUF_MEM_grow_clean(BUF_MEM *str, int len);
|
||||
int BUF_MEM_grow(BUF_MEM *str, size_t len);
|
||||
int BUF_MEM_grow_clean(BUF_MEM *str, size_t len);
|
||||
char * BUF_strdup(const char *str);
|
||||
char * BUF_strndup(const char *str, size_t siz);
|
||||
void * BUF_memdup(const void *data, size_t siz);
|
||||
void BUF_reverse(unsigned char *out, unsigned char *in, size_t siz);
|
||||
|
||||
/* safe string functions */
|
||||
size_t BUF_strlcpy(char *dst,const char *src,size_t siz);
|
||||
|
|
|
@ -0,0 +1,130 @@
|
|||
/* crypto/camellia/camellia.h -*- mode:C; c-file-style: "eay" -*- */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* openssl-core@openssl.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*
|
||||
*/
|
||||
|
||||
#ifndef HEADER_CAMELLIA_H
|
||||
#define HEADER_CAMELLIA_H
|
||||
|
||||
#include <openssl/opensslconf.h>
|
||||
|
||||
#ifdef OPENSSL_NO_CAMELLIA
|
||||
#error CAMELLIA is disabled.
|
||||
#endif
|
||||
|
||||
#include <stddef.h>
|
||||
|
||||
#define CAMELLIA_ENCRYPT 1
|
||||
#define CAMELLIA_DECRYPT 0
|
||||
|
||||
/* Because array size can't be a const in C, the following two are macros.
|
||||
Both sizes are in bytes. */
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/* This should be a hidden type, but EVP requires that the size be known */
|
||||
|
||||
#define CAMELLIA_BLOCK_SIZE 16
|
||||
#define CAMELLIA_TABLE_BYTE_LEN 272
|
||||
#define CAMELLIA_TABLE_WORD_LEN (CAMELLIA_TABLE_BYTE_LEN / 4)
|
||||
|
||||
typedef unsigned int KEY_TABLE_TYPE[CAMELLIA_TABLE_WORD_LEN]; /* to match with WORD */
|
||||
|
||||
struct camellia_key_st
|
||||
{
|
||||
union {
|
||||
double d; /* ensures 64-bit align */
|
||||
KEY_TABLE_TYPE rd_key;
|
||||
} u;
|
||||
int grand_rounds;
|
||||
};
|
||||
typedef struct camellia_key_st CAMELLIA_KEY;
|
||||
|
||||
#ifdef OPENSSL_FIPS
|
||||
int private_Camellia_set_key(const unsigned char *userKey, const int bits,
|
||||
CAMELLIA_KEY *key);
|
||||
#endif
|
||||
int Camellia_set_key(const unsigned char *userKey, const int bits,
|
||||
CAMELLIA_KEY *key);
|
||||
|
||||
void Camellia_encrypt(const unsigned char *in, unsigned char *out,
|
||||
const CAMELLIA_KEY *key);
|
||||
void Camellia_decrypt(const unsigned char *in, unsigned char *out,
|
||||
const CAMELLIA_KEY *key);
|
||||
|
||||
void Camellia_ecb_encrypt(const unsigned char *in, unsigned char *out,
|
||||
const CAMELLIA_KEY *key, const int enc);
|
||||
void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t length, const CAMELLIA_KEY *key,
|
||||
unsigned char *ivec, const int enc);
|
||||
void Camellia_cfb128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t length, const CAMELLIA_KEY *key,
|
||||
unsigned char *ivec, int *num, const int enc);
|
||||
void Camellia_cfb1_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t length, const CAMELLIA_KEY *key,
|
||||
unsigned char *ivec, int *num, const int enc);
|
||||
void Camellia_cfb8_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t length, const CAMELLIA_KEY *key,
|
||||
unsigned char *ivec, int *num, const int enc);
|
||||
void Camellia_ofb128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t length, const CAMELLIA_KEY *key,
|
||||
unsigned char *ivec, int *num);
|
||||
void Camellia_ctr128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t length, const CAMELLIA_KEY *key,
|
||||
unsigned char ivec[CAMELLIA_BLOCK_SIZE],
|
||||
unsigned char ecount_buf[CAMELLIA_BLOCK_SIZE],
|
||||
unsigned int *num);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* !HEADER_Camellia_H */
|
|
@ -0,0 +1,107 @@
|
|||
/* crypto/cast/cast.h */
|
||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||
* All rights reserved.
|
||||
*
|
||||
* This package is an SSL implementation written
|
||||
* by Eric Young (eay@cryptsoft.com).
|
||||
* The implementation was written so as to conform with Netscapes SSL.
|
||||
*
|
||||
* This library is free for commercial and non-commercial use as long as
|
||||
* the following conditions are aheared to. The following conditions
|
||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||
* included with this distribution is covered by the same copyright terms
|
||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||
* the code are not to be removed.
|
||||
* If this package is used in a product, Eric Young should be given attribution
|
||||
* as the author of the parts of the library used.
|
||||
* This can be in the form of a textual message at program startup or
|
||||
* in documentation (online or textual) provided with the package.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. All advertising materials mentioning features or use of this software
|
||||
* must display the following acknowledgement:
|
||||
* "This product includes cryptographic software written by
|
||||
* Eric Young (eay@cryptsoft.com)"
|
||||
* The word 'cryptographic' can be left out if the rouines from the library
|
||||
* being used are not cryptographic related :-).
|
||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||
* the apps directory (application code) you must include an acknowledgement:
|
||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* The licence and distribution terms for any publically available version or
|
||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||
* copied and put under another distribution licence
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
|
||||
#ifndef HEADER_CAST_H
|
||||
#define HEADER_CAST_H
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
#include <openssl/opensslconf.h>
|
||||
|
||||
#ifdef OPENSSL_NO_CAST
|
||||
#error CAST is disabled.
|
||||
#endif
|
||||
|
||||
#define CAST_ENCRYPT 1
|
||||
#define CAST_DECRYPT 0
|
||||
|
||||
#define CAST_LONG unsigned int
|
||||
|
||||
#define CAST_BLOCK 8
|
||||
#define CAST_KEY_LENGTH 16
|
||||
|
||||
typedef struct cast_key_st
|
||||
{
|
||||
CAST_LONG data[32];
|
||||
int short_key; /* Use reduced rounds for short key */
|
||||
} CAST_KEY;
|
||||
|
||||
#ifdef OPENSSL_FIPS
|
||||
void private_CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
|
||||
#endif
|
||||
void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
|
||||
void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out, const CAST_KEY *key,
|
||||
int enc);
|
||||
void CAST_encrypt(CAST_LONG *data, const CAST_KEY *key);
|
||||
void CAST_decrypt(CAST_LONG *data, const CAST_KEY *key);
|
||||
void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
|
||||
const CAST_KEY *ks, unsigned char *iv, int enc);
|
||||
void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out,
|
||||
long length, const CAST_KEY *schedule, unsigned char *ivec,
|
||||
int *num, int enc);
|
||||
void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out,
|
||||
long length, const CAST_KEY *schedule, unsigned char *ivec,
|
||||
int *num);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif
|
|
@ -0,0 +1,82 @@
|
|||
/* crypto/cmac/cmac.h */
|
||||
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
||||
* project.
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2010 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* licensing@OpenSSL.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*/
|
||||
|
||||
|
||||
#ifndef HEADER_CMAC_H
|
||||
#define HEADER_CMAC_H
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
#include <openssl/evp.h>
|
||||
|
||||
/* Opaque */
|
||||
typedef struct CMAC_CTX_st CMAC_CTX;
|
||||
|
||||
CMAC_CTX *CMAC_CTX_new(void);
|
||||
void CMAC_CTX_cleanup(CMAC_CTX *ctx);
|
||||
void CMAC_CTX_free(CMAC_CTX *ctx);
|
||||
EVP_CIPHER_CTX *CMAC_CTX_get0_cipher_ctx(CMAC_CTX *ctx);
|
||||
int CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in);
|
||||
|
||||
int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
|
||||
const EVP_CIPHER *cipher, ENGINE *impl);
|
||||
int CMAC_Update(CMAC_CTX *ctx, const void *data, size_t dlen);
|
||||
int CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen);
|
||||
int CMAC_resume(CMAC_CTX *ctx);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
#endif
|
|
@ -0,0 +1,501 @@
|
|||
/* crypto/cms/cms.h */
|
||||
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
||||
* project.
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2008 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* licensing@OpenSSL.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*/
|
||||
|
||||
|
||||
#ifndef HEADER_CMS_H
|
||||
#define HEADER_CMS_H
|
||||
|
||||
#include <openssl/x509.h>
|
||||
|
||||
#ifdef OPENSSL_NO_CMS
|
||||
#error CMS is disabled.
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
|
||||
typedef struct CMS_ContentInfo_st CMS_ContentInfo;
|
||||
typedef struct CMS_SignerInfo_st CMS_SignerInfo;
|
||||
typedef struct CMS_CertificateChoices CMS_CertificateChoices;
|
||||
typedef struct CMS_RevocationInfoChoice_st CMS_RevocationInfoChoice;
|
||||
typedef struct CMS_RecipientInfo_st CMS_RecipientInfo;
|
||||
typedef struct CMS_ReceiptRequest_st CMS_ReceiptRequest;
|
||||
typedef struct CMS_Receipt_st CMS_Receipt;
|
||||
|
||||
DECLARE_STACK_OF(CMS_SignerInfo)
|
||||
DECLARE_STACK_OF(GENERAL_NAMES)
|
||||
DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
|
||||
DECLARE_ASN1_FUNCTIONS(CMS_ReceiptRequest)
|
||||
DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
|
||||
|
||||
#define CMS_SIGNERINFO_ISSUER_SERIAL 0
|
||||
#define CMS_SIGNERINFO_KEYIDENTIFIER 1
|
||||
|
||||
#define CMS_RECIPINFO_TRANS 0
|
||||
#define CMS_RECIPINFO_AGREE 1
|
||||
#define CMS_RECIPINFO_KEK 2
|
||||
#define CMS_RECIPINFO_PASS 3
|
||||
#define CMS_RECIPINFO_OTHER 4
|
||||
|
||||
/* S/MIME related flags */
|
||||
|
||||
#define CMS_TEXT 0x1
|
||||
#define CMS_NOCERTS 0x2
|
||||
#define CMS_NO_CONTENT_VERIFY 0x4
|
||||
#define CMS_NO_ATTR_VERIFY 0x8
|
||||
#define CMS_NOSIGS \
|
||||
(CMS_NO_CONTENT_VERIFY|CMS_NO_ATTR_VERIFY)
|
||||
#define CMS_NOINTERN 0x10
|
||||
#define CMS_NO_SIGNER_CERT_VERIFY 0x20
|
||||
#define CMS_NOVERIFY 0x20
|
||||
#define CMS_DETACHED 0x40
|
||||
#define CMS_BINARY 0x80
|
||||
#define CMS_NOATTR 0x100
|
||||
#define CMS_NOSMIMECAP 0x200
|
||||
#define CMS_NOOLDMIMETYPE 0x400
|
||||
#define CMS_CRLFEOL 0x800
|
||||
#define CMS_STREAM 0x1000
|
||||
#define CMS_NOCRL 0x2000
|
||||
#define CMS_PARTIAL 0x4000
|
||||
#define CMS_REUSE_DIGEST 0x8000
|
||||
#define CMS_USE_KEYID 0x10000
|
||||
#define CMS_DEBUG_DECRYPT 0x20000
|
||||
|
||||
const ASN1_OBJECT *CMS_get0_type(CMS_ContentInfo *cms);
|
||||
|
||||
BIO *CMS_dataInit(CMS_ContentInfo *cms, BIO *icont);
|
||||
int CMS_dataFinal(CMS_ContentInfo *cms, BIO *bio);
|
||||
|
||||
ASN1_OCTET_STRING **CMS_get0_content(CMS_ContentInfo *cms);
|
||||
int CMS_is_detached(CMS_ContentInfo *cms);
|
||||
int CMS_set_detached(CMS_ContentInfo *cms, int detached);
|
||||
|
||||
#ifdef HEADER_PEM_H
|
||||
DECLARE_PEM_rw_const(CMS, CMS_ContentInfo)
|
||||
#endif
|
||||
|
||||
int CMS_stream(unsigned char ***boundary, CMS_ContentInfo *cms);
|
||||
CMS_ContentInfo *d2i_CMS_bio(BIO *bp, CMS_ContentInfo **cms);
|
||||
int i2d_CMS_bio(BIO *bp, CMS_ContentInfo *cms);
|
||||
|
||||
BIO *BIO_new_CMS(BIO *out, CMS_ContentInfo *cms);
|
||||
int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags);
|
||||
int PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags);
|
||||
CMS_ContentInfo *SMIME_read_CMS(BIO *bio, BIO **bcont);
|
||||
int SMIME_write_CMS(BIO *bio, CMS_ContentInfo *cms, BIO *data, int flags);
|
||||
|
||||
int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont, unsigned int flags);
|
||||
|
||||
CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
|
||||
BIO *data, unsigned int flags);
|
||||
|
||||
CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
|
||||
X509 *signcert, EVP_PKEY *pkey,
|
||||
STACK_OF(X509) *certs,
|
||||
unsigned int flags);
|
||||
|
||||
int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags);
|
||||
CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags);
|
||||
|
||||
int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
|
||||
unsigned int flags);
|
||||
CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md,
|
||||
unsigned int flags);
|
||||
|
||||
int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms,
|
||||
const unsigned char *key, size_t keylen,
|
||||
BIO *dcont, BIO *out, unsigned int flags);
|
||||
|
||||
CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
|
||||
const unsigned char *key, size_t keylen,
|
||||
unsigned int flags);
|
||||
|
||||
int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph,
|
||||
const unsigned char *key, size_t keylen);
|
||||
|
||||
int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
|
||||
X509_STORE *store, BIO *dcont, BIO *out, unsigned int flags);
|
||||
|
||||
int CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms,
|
||||
STACK_OF(X509) *certs,
|
||||
X509_STORE *store, unsigned int flags);
|
||||
|
||||
STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms);
|
||||
|
||||
CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in,
|
||||
const EVP_CIPHER *cipher, unsigned int flags);
|
||||
|
||||
int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pkey, X509 *cert,
|
||||
BIO *dcont, BIO *out,
|
||||
unsigned int flags);
|
||||
|
||||
int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert);
|
||||
int CMS_decrypt_set1_key(CMS_ContentInfo *cms,
|
||||
unsigned char *key, size_t keylen,
|
||||
unsigned char *id, size_t idlen);
|
||||
int CMS_decrypt_set1_password(CMS_ContentInfo *cms,
|
||||
unsigned char *pass, ossl_ssize_t passlen);
|
||||
|
||||
STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
|
||||
int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
|
||||
CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher);
|
||||
CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms,
|
||||
X509 *recip, unsigned int flags);
|
||||
int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey);
|
||||
int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert);
|
||||
int CMS_RecipientInfo_ktri_get0_algs(CMS_RecipientInfo *ri,
|
||||
EVP_PKEY **pk, X509 **recip,
|
||||
X509_ALGOR **palg);
|
||||
int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri,
|
||||
ASN1_OCTET_STRING **keyid,
|
||||
X509_NAME **issuer, ASN1_INTEGER **sno);
|
||||
|
||||
CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid,
|
||||
unsigned char *key, size_t keylen,
|
||||
unsigned char *id, size_t idlen,
|
||||
ASN1_GENERALIZEDTIME *date,
|
||||
ASN1_OBJECT *otherTypeId,
|
||||
ASN1_TYPE *otherType);
|
||||
|
||||
int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri,
|
||||
X509_ALGOR **palg,
|
||||
ASN1_OCTET_STRING **pid,
|
||||
ASN1_GENERALIZEDTIME **pdate,
|
||||
ASN1_OBJECT **potherid,
|
||||
ASN1_TYPE **pothertype);
|
||||
|
||||
int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri,
|
||||
unsigned char *key, size_t keylen);
|
||||
|
||||
int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri,
|
||||
const unsigned char *id, size_t idlen);
|
||||
|
||||
int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri,
|
||||
unsigned char *pass,
|
||||
ossl_ssize_t passlen);
|
||||
|
||||
CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
|
||||
int iter, int wrap_nid, int pbe_nid,
|
||||
unsigned char *pass,
|
||||
ossl_ssize_t passlen,
|
||||
const EVP_CIPHER *kekciph);
|
||||
|
||||
int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
|
||||
|
||||
int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
|
||||
unsigned int flags);
|
||||
CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags);
|
||||
|
||||
int CMS_set1_eContentType(CMS_ContentInfo *cms, const ASN1_OBJECT *oid);
|
||||
const ASN1_OBJECT *CMS_get0_eContentType(CMS_ContentInfo *cms);
|
||||
|
||||
CMS_CertificateChoices *CMS_add0_CertificateChoices(CMS_ContentInfo *cms);
|
||||
int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert);
|
||||
int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert);
|
||||
STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms);
|
||||
|
||||
CMS_RevocationInfoChoice *CMS_add0_RevocationInfoChoice(CMS_ContentInfo *cms);
|
||||
int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl);
|
||||
int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl);
|
||||
STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms);
|
||||
|
||||
int CMS_SignedData_init(CMS_ContentInfo *cms);
|
||||
CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
|
||||
X509 *signer, EVP_PKEY *pk, const EVP_MD *md,
|
||||
unsigned int flags);
|
||||
STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms);
|
||||
|
||||
void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer);
|
||||
int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si,
|
||||
ASN1_OCTET_STRING **keyid,
|
||||
X509_NAME **issuer, ASN1_INTEGER **sno);
|
||||
int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert);
|
||||
int CMS_set1_signers_certs(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
|
||||
unsigned int flags);
|
||||
void CMS_SignerInfo_get0_algs(CMS_SignerInfo *si, EVP_PKEY **pk, X509 **signer,
|
||||
X509_ALGOR **pdig, X509_ALGOR **psig);
|
||||
int CMS_SignerInfo_sign(CMS_SignerInfo *si);
|
||||
int CMS_SignerInfo_verify(CMS_SignerInfo *si);
|
||||
int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain);
|
||||
|
||||
int CMS_add_smimecap(CMS_SignerInfo *si, STACK_OF(X509_ALGOR) *algs);
|
||||
int CMS_add_simple_smimecap(STACK_OF(X509_ALGOR) **algs,
|
||||
int algnid, int keysize);
|
||||
int CMS_add_standard_smimecap(STACK_OF(X509_ALGOR) **smcap);
|
||||
|
||||
int CMS_signed_get_attr_count(const CMS_SignerInfo *si);
|
||||
int CMS_signed_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
|
||||
int lastpos);
|
||||
int CMS_signed_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
|
||||
int lastpos);
|
||||
X509_ATTRIBUTE *CMS_signed_get_attr(const CMS_SignerInfo *si, int loc);
|
||||
X509_ATTRIBUTE *CMS_signed_delete_attr(CMS_SignerInfo *si, int loc);
|
||||
int CMS_signed_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr);
|
||||
int CMS_signed_add1_attr_by_OBJ(CMS_SignerInfo *si,
|
||||
const ASN1_OBJECT *obj, int type,
|
||||
const void *bytes, int len);
|
||||
int CMS_signed_add1_attr_by_NID(CMS_SignerInfo *si,
|
||||
int nid, int type,
|
||||
const void *bytes, int len);
|
||||
int CMS_signed_add1_attr_by_txt(CMS_SignerInfo *si,
|
||||
const char *attrname, int type,
|
||||
const void *bytes, int len);
|
||||
void *CMS_signed_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
|
||||
int lastpos, int type);
|
||||
|
||||
int CMS_unsigned_get_attr_count(const CMS_SignerInfo *si);
|
||||
int CMS_unsigned_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
|
||||
int lastpos);
|
||||
int CMS_unsigned_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
|
||||
int lastpos);
|
||||
X509_ATTRIBUTE *CMS_unsigned_get_attr(const CMS_SignerInfo *si, int loc);
|
||||
X509_ATTRIBUTE *CMS_unsigned_delete_attr(CMS_SignerInfo *si, int loc);
|
||||
int CMS_unsigned_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr);
|
||||
int CMS_unsigned_add1_attr_by_OBJ(CMS_SignerInfo *si,
|
||||
const ASN1_OBJECT *obj, int type,
|
||||
const void *bytes, int len);
|
||||
int CMS_unsigned_add1_attr_by_NID(CMS_SignerInfo *si,
|
||||
int nid, int type,
|
||||
const void *bytes, int len);
|
||||
int CMS_unsigned_add1_attr_by_txt(CMS_SignerInfo *si,
|
||||
const char *attrname, int type,
|
||||
const void *bytes, int len);
|
||||
void *CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
|
||||
int lastpos, int type);
|
||||
|
||||
#ifdef HEADER_X509V3_H
|
||||
|
||||
int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr);
|
||||
CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
|
||||
int allorfirst,
|
||||
STACK_OF(GENERAL_NAMES) *receiptList,
|
||||
STACK_OF(GENERAL_NAMES) *receiptsTo);
|
||||
int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr);
|
||||
void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr,
|
||||
ASN1_STRING **pcid,
|
||||
int *pallorfirst,
|
||||
STACK_OF(GENERAL_NAMES) **plist,
|
||||
STACK_OF(GENERAL_NAMES) **prto);
|
||||
|
||||
#endif
|
||||
|
||||
/* BEGIN ERROR CODES */
|
||||
/* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||
* made after this point may be overwritten when the script is next run.
|
||||
*/
|
||||
void ERR_load_CMS_strings(void);
|
||||
|
||||
/* Error codes for the CMS functions. */
|
||||
|
||||
/* Function codes. */
|
||||
#define CMS_F_CHECK_CONTENT 99
|
||||
#define CMS_F_CMS_ADD0_CERT 164
|
||||
#define CMS_F_CMS_ADD0_RECIPIENT_KEY 100
|
||||
#define CMS_F_CMS_ADD0_RECIPIENT_PASSWORD 165
|
||||
#define CMS_F_CMS_ADD1_RECEIPTREQUEST 158
|
||||
#define CMS_F_CMS_ADD1_RECIPIENT_CERT 101
|
||||
#define CMS_F_CMS_ADD1_SIGNER 102
|
||||
#define CMS_F_CMS_ADD1_SIGNINGTIME 103
|
||||
#define CMS_F_CMS_COMPRESS 104
|
||||
#define CMS_F_CMS_COMPRESSEDDATA_CREATE 105
|
||||
#define CMS_F_CMS_COMPRESSEDDATA_INIT_BIO 106
|
||||
#define CMS_F_CMS_COPY_CONTENT 107
|
||||
#define CMS_F_CMS_COPY_MESSAGEDIGEST 108
|
||||
#define CMS_F_CMS_DATA 109
|
||||
#define CMS_F_CMS_DATAFINAL 110
|
||||
#define CMS_F_CMS_DATAINIT 111
|
||||
#define CMS_F_CMS_DECRYPT 112
|
||||
#define CMS_F_CMS_DECRYPT_SET1_KEY 113
|
||||
#define CMS_F_CMS_DECRYPT_SET1_PASSWORD 166
|
||||
#define CMS_F_CMS_DECRYPT_SET1_PKEY 114
|
||||
#define CMS_F_CMS_DIGESTALGORITHM_FIND_CTX 115
|
||||
#define CMS_F_CMS_DIGESTALGORITHM_INIT_BIO 116
|
||||
#define CMS_F_CMS_DIGESTEDDATA_DO_FINAL 117
|
||||
#define CMS_F_CMS_DIGEST_VERIFY 118
|
||||
#define CMS_F_CMS_ENCODE_RECEIPT 161
|
||||
#define CMS_F_CMS_ENCRYPT 119
|
||||
#define CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO 120
|
||||
#define CMS_F_CMS_ENCRYPTEDDATA_DECRYPT 121
|
||||
#define CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT 122
|
||||
#define CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY 123
|
||||
#define CMS_F_CMS_ENVELOPEDDATA_CREATE 124
|
||||
#define CMS_F_CMS_ENVELOPEDDATA_INIT_BIO 125
|
||||
#define CMS_F_CMS_ENVELOPED_DATA_INIT 126
|
||||
#define CMS_F_CMS_FINAL 127
|
||||
#define CMS_F_CMS_GET0_CERTIFICATE_CHOICES 128
|
||||
#define CMS_F_CMS_GET0_CONTENT 129
|
||||
#define CMS_F_CMS_GET0_ECONTENT_TYPE 130
|
||||
#define CMS_F_CMS_GET0_ENVELOPED 131
|
||||
#define CMS_F_CMS_GET0_REVOCATION_CHOICES 132
|
||||
#define CMS_F_CMS_GET0_SIGNED 133
|
||||
#define CMS_F_CMS_MSGSIGDIGEST_ADD1 162
|
||||
#define CMS_F_CMS_RECEIPTREQUEST_CREATE0 159
|
||||
#define CMS_F_CMS_RECEIPT_VERIFY 160
|
||||
#define CMS_F_CMS_RECIPIENTINFO_DECRYPT 134
|
||||
#define CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT 135
|
||||
#define CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT 136
|
||||
#define CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID 137
|
||||
#define CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP 138
|
||||
#define CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP 139
|
||||
#define CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT 140
|
||||
#define CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT 141
|
||||
#define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS 142
|
||||
#define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID 143
|
||||
#define CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT 167
|
||||
#define CMS_F_CMS_RECIPIENTINFO_SET0_KEY 144
|
||||
#define CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD 168
|
||||
#define CMS_F_CMS_RECIPIENTINFO_SET0_PKEY 145
|
||||
#define CMS_F_CMS_SET1_SIGNERIDENTIFIER 146
|
||||
#define CMS_F_CMS_SET_DETACHED 147
|
||||
#define CMS_F_CMS_SIGN 148
|
||||
#define CMS_F_CMS_SIGNED_DATA_INIT 149
|
||||
#define CMS_F_CMS_SIGNERINFO_CONTENT_SIGN 150
|
||||
#define CMS_F_CMS_SIGNERINFO_SIGN 151
|
||||
#define CMS_F_CMS_SIGNERINFO_VERIFY 152
|
||||
#define CMS_F_CMS_SIGNERINFO_VERIFY_CERT 153
|
||||
#define CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT 154
|
||||
#define CMS_F_CMS_SIGN_RECEIPT 163
|
||||
#define CMS_F_CMS_STREAM 155
|
||||
#define CMS_F_CMS_UNCOMPRESS 156
|
||||
#define CMS_F_CMS_VERIFY 157
|
||||
|
||||
/* Reason codes. */
|
||||
#define CMS_R_ADD_SIGNER_ERROR 99
|
||||
#define CMS_R_CERTIFICATE_ALREADY_PRESENT 175
|
||||
#define CMS_R_CERTIFICATE_HAS_NO_KEYID 160
|
||||
#define CMS_R_CERTIFICATE_VERIFY_ERROR 100
|
||||
#define CMS_R_CIPHER_INITIALISATION_ERROR 101
|
||||
#define CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR 102
|
||||
#define CMS_R_CMS_DATAFINAL_ERROR 103
|
||||
#define CMS_R_CMS_LIB 104
|
||||
#define CMS_R_CONTENTIDENTIFIER_MISMATCH 170
|
||||
#define CMS_R_CONTENT_NOT_FOUND 105
|
||||
#define CMS_R_CONTENT_TYPE_MISMATCH 171
|
||||
#define CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA 106
|
||||
#define CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA 107
|
||||
#define CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA 108
|
||||
#define CMS_R_CONTENT_VERIFY_ERROR 109
|
||||
#define CMS_R_CTRL_ERROR 110
|
||||
#define CMS_R_CTRL_FAILURE 111
|
||||
#define CMS_R_DECRYPT_ERROR 112
|
||||
#define CMS_R_DIGEST_ERROR 161
|
||||
#define CMS_R_ERROR_GETTING_PUBLIC_KEY 113
|
||||
#define CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE 114
|
||||
#define CMS_R_ERROR_SETTING_KEY 115
|
||||
#define CMS_R_ERROR_SETTING_RECIPIENTINFO 116
|
||||
#define CMS_R_INVALID_ENCRYPTED_KEY_LENGTH 117
|
||||
#define CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER 176
|
||||
#define CMS_R_INVALID_KEY_LENGTH 118
|
||||
#define CMS_R_MD_BIO_INIT_ERROR 119
|
||||
#define CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH 120
|
||||
#define CMS_R_MESSAGEDIGEST_WRONG_LENGTH 121
|
||||
#define CMS_R_MSGSIGDIGEST_ERROR 172
|
||||
#define CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE 162
|
||||
#define CMS_R_MSGSIGDIGEST_WRONG_LENGTH 163
|
||||
#define CMS_R_NEED_ONE_SIGNER 164
|
||||
#define CMS_R_NOT_A_SIGNED_RECEIPT 165
|
||||
#define CMS_R_NOT_ENCRYPTED_DATA 122
|
||||
#define CMS_R_NOT_KEK 123
|
||||
#define CMS_R_NOT_KEY_TRANSPORT 124
|
||||
#define CMS_R_NOT_PWRI 177
|
||||
#define CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 125
|
||||
#define CMS_R_NO_CIPHER 126
|
||||
#define CMS_R_NO_CONTENT 127
|
||||
#define CMS_R_NO_CONTENT_TYPE 173
|
||||
#define CMS_R_NO_DEFAULT_DIGEST 128
|
||||
#define CMS_R_NO_DIGEST_SET 129
|
||||
#define CMS_R_NO_KEY 130
|
||||
#define CMS_R_NO_KEY_OR_CERT 174
|
||||
#define CMS_R_NO_MATCHING_DIGEST 131
|
||||
#define CMS_R_NO_MATCHING_RECIPIENT 132
|
||||
#define CMS_R_NO_MATCHING_SIGNATURE 166
|
||||
#define CMS_R_NO_MSGSIGDIGEST 167
|
||||
#define CMS_R_NO_PASSWORD 178
|
||||
#define CMS_R_NO_PRIVATE_KEY 133
|
||||
#define CMS_R_NO_PUBLIC_KEY 134
|
||||
#define CMS_R_NO_RECEIPT_REQUEST 168
|
||||
#define CMS_R_NO_SIGNERS 135
|
||||
#define CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 136
|
||||
#define CMS_R_RECEIPT_DECODE_ERROR 169
|
||||
#define CMS_R_RECIPIENT_ERROR 137
|
||||
#define CMS_R_SIGNER_CERTIFICATE_NOT_FOUND 138
|
||||
#define CMS_R_SIGNFINAL_ERROR 139
|
||||
#define CMS_R_SMIME_TEXT_ERROR 140
|
||||
#define CMS_R_STORE_INIT_ERROR 141
|
||||
#define CMS_R_TYPE_NOT_COMPRESSED_DATA 142
|
||||
#define CMS_R_TYPE_NOT_DATA 143
|
||||
#define CMS_R_TYPE_NOT_DIGESTED_DATA 144
|
||||
#define CMS_R_TYPE_NOT_ENCRYPTED_DATA 145
|
||||
#define CMS_R_TYPE_NOT_ENVELOPED_DATA 146
|
||||
#define CMS_R_UNABLE_TO_FINALIZE_CONTEXT 147
|
||||
#define CMS_R_UNKNOWN_CIPHER 148
|
||||
#define CMS_R_UNKNOWN_DIGEST_ALGORIHM 149
|
||||
#define CMS_R_UNKNOWN_ID 150
|
||||
#define CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM 151
|
||||
#define CMS_R_UNSUPPORTED_CONTENT_TYPE 152
|
||||
#define CMS_R_UNSUPPORTED_KEK_ALGORITHM 153
|
||||
#define CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM 179
|
||||
#define CMS_R_UNSUPPORTED_RECIPIENT_TYPE 154
|
||||
#define CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE 155
|
||||
#define CMS_R_UNSUPPORTED_TYPE 156
|
||||
#define CMS_R_UNWRAP_ERROR 157
|
||||
#define CMS_R_UNWRAP_FAILURE 180
|
||||
#define CMS_R_VERIFICATION_FAILURE 158
|
||||
#define CMS_R_WRAP_ERROR 159
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
#endif
|
|
@ -79,8 +79,7 @@ typedef struct
|
|||
} CONF_VALUE;
|
||||
|
||||
DECLARE_STACK_OF(CONF_VALUE)
|
||||
DECLARE_STACK_OF(CONF_MODULE)
|
||||
DECLARE_STACK_OF(CONF_IMODULE)
|
||||
DECLARE_LHASH_OF(CONF_VALUE);
|
||||
|
||||
struct conf_st;
|
||||
struct conf_method_st;
|
||||
|
@ -105,6 +104,9 @@ struct conf_method_st
|
|||
typedef struct conf_imodule_st CONF_IMODULE;
|
||||
typedef struct conf_module_st CONF_MODULE;
|
||||
|
||||
DECLARE_STACK_OF(CONF_MODULE)
|
||||
DECLARE_STACK_OF(CONF_IMODULE)
|
||||
|
||||
/* DSO module function typedefs */
|
||||
typedef int conf_init_func(CONF_IMODULE *md, const CONF *cnf);
|
||||
typedef void conf_finish_func(CONF_IMODULE *md);
|
||||
|
@ -117,18 +119,23 @@ typedef void conf_finish_func(CONF_IMODULE *md);
|
|||
#define CONF_MFLAGS_DEFAULT_SECTION 0x20
|
||||
|
||||
int CONF_set_default_method(CONF_METHOD *meth);
|
||||
void CONF_set_nconf(CONF *conf,LHASH *hash);
|
||||
LHASH *CONF_load(LHASH *conf,const char *file,long *eline);
|
||||
void CONF_set_nconf(CONF *conf,LHASH_OF(CONF_VALUE) *hash);
|
||||
LHASH_OF(CONF_VALUE) *CONF_load(LHASH_OF(CONF_VALUE) *conf,const char *file,
|
||||
long *eline);
|
||||
#ifndef OPENSSL_NO_FP_API
|
||||
LHASH *CONF_load_fp(LHASH *conf, FILE *fp,long *eline);
|
||||
LHASH_OF(CONF_VALUE) *CONF_load_fp(LHASH_OF(CONF_VALUE) *conf, FILE *fp,
|
||||
long *eline);
|
||||
#endif
|
||||
LHASH *CONF_load_bio(LHASH *conf, BIO *bp,long *eline);
|
||||
STACK_OF(CONF_VALUE) *CONF_get_section(LHASH *conf,const char *section);
|
||||
char *CONF_get_string(LHASH *conf,const char *group,const char *name);
|
||||
long CONF_get_number(LHASH *conf,const char *group,const char *name);
|
||||
void CONF_free(LHASH *conf);
|
||||
int CONF_dump_fp(LHASH *conf, FILE *out);
|
||||
int CONF_dump_bio(LHASH *conf, BIO *out);
|
||||
LHASH_OF(CONF_VALUE) *CONF_load_bio(LHASH_OF(CONF_VALUE) *conf, BIO *bp,long *eline);
|
||||
STACK_OF(CONF_VALUE) *CONF_get_section(LHASH_OF(CONF_VALUE) *conf,
|
||||
const char *section);
|
||||
char *CONF_get_string(LHASH_OF(CONF_VALUE) *conf,const char *group,
|
||||
const char *name);
|
||||
long CONF_get_number(LHASH_OF(CONF_VALUE) *conf,const char *group,
|
||||
const char *name);
|
||||
void CONF_free(LHASH_OF(CONF_VALUE) *conf);
|
||||
int CONF_dump_fp(LHASH_OF(CONF_VALUE) *conf, FILE *out);
|
||||
int CONF_dump_bio(LHASH_OF(CONF_VALUE) *conf, BIO *out);
|
||||
|
||||
void OPENSSL_config(const char *config_name);
|
||||
void OPENSSL_no_config(void);
|
||||
|
@ -140,7 +147,7 @@ struct conf_st
|
|||
{
|
||||
CONF_METHOD *meth;
|
||||
void *meth_data;
|
||||
LHASH *data;
|
||||
LHASH_OF(CONF_VALUE) *data;
|
||||
};
|
||||
|
||||
CONF *NCONF_new(CONF_METHOD *meth);
|
||||
|
@ -214,6 +221,7 @@ void ERR_load_CONF_strings(void);
|
|||
#define CONF_F_CONF_LOAD_BIO 102
|
||||
#define CONF_F_CONF_LOAD_FP 103
|
||||
#define CONF_F_CONF_MODULES_LOAD 116
|
||||
#define CONF_F_CONF_PARSE_LIST 119
|
||||
#define CONF_F_DEF_LOAD 120
|
||||
#define CONF_F_DEF_LOAD_BIO 121
|
||||
#define CONF_F_MODULE_INIT 115
|
||||
|
@ -233,6 +241,7 @@ void ERR_load_CONF_strings(void);
|
|||
|
||||
/* Reason codes. */
|
||||
#define CONF_R_ERROR_LOADING_DSO 110
|
||||
#define CONF_R_LIST_CANNOT_BE_NULL 115
|
||||
#define CONF_R_MISSING_CLOSE_SQUARE_BRACKET 100
|
||||
#define CONF_R_MISSING_EQUAL_SIGN 101
|
||||
#define CONF_R_MISSING_FINISH_FUNCTION 111
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* crypto/crypto.h */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
|
||||
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
|
@ -219,7 +219,9 @@ typedef struct openssl_item_st
|
|||
#define CRYPTO_LOCK_EC_PRE_COMP 36
|
||||
#define CRYPTO_LOCK_STORE 37
|
||||
#define CRYPTO_LOCK_COMP 38
|
||||
#define CRYPTO_NUM_LOCKS 39
|
||||
#define CRYPTO_LOCK_FIPS 39
|
||||
#define CRYPTO_LOCK_FIPS2 40
|
||||
#define CRYPTO_NUM_LOCKS 41
|
||||
|
||||
#define CRYPTO_LOCK 1
|
||||
#define CRYPTO_UNLOCK 2
|
||||
|
@ -282,9 +284,10 @@ typedef struct bio_st BIO_dummy;
|
|||
|
||||
struct crypto_ex_data_st
|
||||
{
|
||||
STACK *sk;
|
||||
STACK_OF(void) *sk;
|
||||
int dummy; /* gcc is screwing up this data structure :-( */
|
||||
};
|
||||
DECLARE_STACK_OF(void)
|
||||
|
||||
/* This stuff is basically class callback functions
|
||||
* The current classes are SSL_CTX, SSL, SSL_SESSION, and a few more */
|
||||
|
@ -363,6 +366,7 @@ int CRYPTO_is_mem_check_on(void);
|
|||
#define is_MemCheck_on() CRYPTO_is_mem_check_on()
|
||||
|
||||
#define OPENSSL_malloc(num) CRYPTO_malloc((int)num,__FILE__,__LINE__)
|
||||
#define OPENSSL_strdup(str) CRYPTO_strdup((str),__FILE__,__LINE__)
|
||||
#define OPENSSL_realloc(addr,num) \
|
||||
CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__)
|
||||
#define OPENSSL_realloc_clean(addr,old_num,num) \
|
||||
|
@ -420,9 +424,28 @@ void CRYPTO_set_add_lock_callback(int (*func)(int *num,int mount,int type,
|
|||
const char *file, int line));
|
||||
int (*CRYPTO_get_add_lock_callback(void))(int *num,int mount,int type,
|
||||
const char *file,int line);
|
||||
|
||||
/* Don't use this structure directly. */
|
||||
typedef struct crypto_threadid_st
|
||||
{
|
||||
void *ptr;
|
||||
unsigned long val;
|
||||
} CRYPTO_THREADID;
|
||||
/* Only use CRYPTO_THREADID_set_[numeric|pointer]() within callbacks */
|
||||
void CRYPTO_THREADID_set_numeric(CRYPTO_THREADID *id, unsigned long val);
|
||||
void CRYPTO_THREADID_set_pointer(CRYPTO_THREADID *id, void *ptr);
|
||||
int CRYPTO_THREADID_set_callback(void (*threadid_func)(CRYPTO_THREADID *));
|
||||
void (*CRYPTO_THREADID_get_callback(void))(CRYPTO_THREADID *);
|
||||
void CRYPTO_THREADID_current(CRYPTO_THREADID *id);
|
||||
int CRYPTO_THREADID_cmp(const CRYPTO_THREADID *a, const CRYPTO_THREADID *b);
|
||||
void CRYPTO_THREADID_cpy(CRYPTO_THREADID *dest, const CRYPTO_THREADID *src);
|
||||
unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id);
|
||||
#ifndef OPENSSL_NO_DEPRECATED
|
||||
void CRYPTO_set_id_callback(unsigned long (*func)(void));
|
||||
unsigned long (*CRYPTO_get_id_callback(void))(void);
|
||||
unsigned long CRYPTO_thread_id(void);
|
||||
#endif
|
||||
|
||||
const char *CRYPTO_get_lock_name(int type);
|
||||
int CRYPTO_add_lock(int *pointer,int amount,int type, const char *file,
|
||||
int line);
|
||||
|
@ -465,9 +488,10 @@ void CRYPTO_get_mem_debug_functions(void (**m)(void *,int,const char *,int,int),
|
|||
long (**go)(void));
|
||||
|
||||
void *CRYPTO_malloc_locked(int num, const char *file, int line);
|
||||
void CRYPTO_free_locked(void *);
|
||||
void CRYPTO_free_locked(void *ptr);
|
||||
void *CRYPTO_malloc(int num, const char *file, int line);
|
||||
void CRYPTO_free(void *);
|
||||
char *CRYPTO_strdup(const char *str, const char *file, int line);
|
||||
void CRYPTO_free(void *ptr);
|
||||
void *CRYPTO_realloc(void *addr,int num, const char *file, int line);
|
||||
void *CRYPTO_realloc_clean(void *addr,int old_num,int num,const char *file,
|
||||
int line);
|
||||
|
@ -521,6 +545,41 @@ void OpenSSLDie(const char *file,int line,const char *assertion);
|
|||
|
||||
unsigned long *OPENSSL_ia32cap_loc(void);
|
||||
#define OPENSSL_ia32cap (*(OPENSSL_ia32cap_loc()))
|
||||
int OPENSSL_isservice(void);
|
||||
|
||||
int FIPS_mode(void);
|
||||
int FIPS_mode_set(int r);
|
||||
|
||||
void OPENSSL_init(void);
|
||||
|
||||
#define fips_md_init(alg) fips_md_init_ctx(alg, alg)
|
||||
|
||||
#ifdef OPENSSL_FIPS
|
||||
#define fips_md_init_ctx(alg, cx) \
|
||||
int alg##_Init(cx##_CTX *c) \
|
||||
{ \
|
||||
if (FIPS_mode()) OpenSSLDie(__FILE__, __LINE__, \
|
||||
"Low level API call to digest " #alg " forbidden in FIPS mode!"); \
|
||||
return private_##alg##_Init(c); \
|
||||
} \
|
||||
int private_##alg##_Init(cx##_CTX *c)
|
||||
|
||||
#define fips_cipher_abort(alg) \
|
||||
if (FIPS_mode()) OpenSSLDie(__FILE__, __LINE__, \
|
||||
"Low level API call to cipher " #alg " forbidden in FIPS mode!")
|
||||
|
||||
#else
|
||||
#define fips_md_init_ctx(alg, cx) \
|
||||
int alg##_Init(cx##_CTX *c)
|
||||
#define fips_cipher_abort(alg) while(0)
|
||||
#endif
|
||||
|
||||
/* CRYPTO_memcmp returns zero iff the |len| bytes at |a| and |b| are equal. It
|
||||
* takes an amount of time dependent on |len|, but independent of the contents
|
||||
* of |a| and |b|. Unlike memcmp, it cannot be used to put elements into a
|
||||
* defined order as the return value when a != b is undefined, other than to be
|
||||
* non-zero. */
|
||||
int CRYPTO_memcmp(const void *a, const void *b, size_t len);
|
||||
|
||||
/* BEGIN ERROR CODES */
|
||||
/* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||
|
@ -537,11 +596,13 @@ void ERR_load_CRYPTO_strings(void);
|
|||
#define CRYPTO_F_CRYPTO_SET_EX_DATA 102
|
||||
#define CRYPTO_F_DEF_ADD_INDEX 104
|
||||
#define CRYPTO_F_DEF_GET_CLASS 105
|
||||
#define CRYPTO_F_FIPS_MODE_SET 109
|
||||
#define CRYPTO_F_INT_DUP_EX_DATA 106
|
||||
#define CRYPTO_F_INT_FREE_EX_DATA 107
|
||||
#define CRYPTO_F_INT_NEW_EX_DATA 108
|
||||
|
||||
/* Reason codes. */
|
||||
#define CRYPTO_R_FIPS_MODE_NOT_SUPPORTED 101
|
||||
#define CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK 100
|
||||
|
||||
#ifdef __cplusplus
|
||||
|
|
|
@ -224,6 +224,9 @@ int DES_set_key(const_DES_cblock *key,DES_key_schedule *schedule);
|
|||
int DES_key_sched(const_DES_cblock *key,DES_key_schedule *schedule);
|
||||
int DES_set_key_checked(const_DES_cblock *key,DES_key_schedule *schedule);
|
||||
void DES_set_key_unchecked(const_DES_cblock *key,DES_key_schedule *schedule);
|
||||
#ifdef OPENSSL_FIPS
|
||||
void private_DES_set_key_unchecked(const_DES_cblock *key,DES_key_schedule *schedule);
|
||||
#endif
|
||||
void DES_string_to_key(const char *str,DES_cblock *key);
|
||||
void DES_string_to_2keys(const char *str,DES_cblock *key1,DES_cblock *key2);
|
||||
void DES_cfb64_encrypt(const unsigned char *in,unsigned char *out,long length,
|
||||
|
|
|
@ -86,6 +86,21 @@
|
|||
* be used for all exponents.
|
||||
*/
|
||||
|
||||
/* If this flag is set the DH method is FIPS compliant and can be used
|
||||
* in FIPS mode. This is set in the validated module method. If an
|
||||
* application sets this flag in its own methods it is its reposibility
|
||||
* to ensure the result is compliant.
|
||||
*/
|
||||
|
||||
#define DH_FLAG_FIPS_METHOD 0x0400
|
||||
|
||||
/* If this flag is set the operations normally disabled in FIPS mode are
|
||||
* permitted it is then the applications responsibility to ensure that the
|
||||
* usage is compliant.
|
||||
*/
|
||||
|
||||
#define DH_FLAG_NON_FIPS_ALLOW 0x0400
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
@ -157,7 +172,6 @@ struct dh_st
|
|||
this for backward compatibility: */
|
||||
#define DH_CHECK_P_NOT_STRONG_PRIME DH_CHECK_P_NOT_SAFE_PRIME
|
||||
|
||||
#define DHparams_dup(x) ASN1_dup_of_const(DH,i2d_DHparams,d2i_DHparams,x)
|
||||
#define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
|
||||
(char *(*)())d2i_DHparams,(fp),(unsigned char **)(x))
|
||||
#define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \
|
||||
|
@ -165,6 +179,8 @@ struct dh_st
|
|||
#define d2i_DHparams_bio(bp,x) ASN1_d2i_bio_of(DH,DH_new,d2i_DHparams,bp,x)
|
||||
#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio_of_const(DH,i2d_DHparams,bp,x)
|
||||
|
||||
DH *DHparams_dup(DH *);
|
||||
|
||||
const DH_METHOD *DH_OpenSSL(void);
|
||||
|
||||
void DH_set_default_method(const DH_METHOD *meth);
|
||||
|
@ -205,6 +221,18 @@ int DHparams_print(BIO *bp, const DH *x);
|
|||
int DHparams_print(char *bp, const DH *x);
|
||||
#endif
|
||||
|
||||
#define EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len) \
|
||||
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
|
||||
EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, len, NULL)
|
||||
|
||||
#define EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, gen) \
|
||||
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
|
||||
EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR, gen, NULL)
|
||||
|
||||
#define EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN (EVP_PKEY_ALG_CTRL + 1)
|
||||
#define EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR (EVP_PKEY_ALG_CTRL + 2)
|
||||
|
||||
|
||||
/* BEGIN ERROR CODES */
|
||||
/* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||
* made after this point may be overwritten when the script is next run.
|
||||
|
@ -215,18 +243,36 @@ void ERR_load_DH_strings(void);
|
|||
|
||||
/* Function codes. */
|
||||
#define DH_F_COMPUTE_KEY 102
|
||||
#define DH_F_DHPARAMS_PRINT 100
|
||||
#define DH_F_DHPARAMS_PRINT_FP 101
|
||||
#define DH_F_DH_BUILTIN_GENPARAMS 106
|
||||
#define DH_F_DH_COMPUTE_KEY 114
|
||||
#define DH_F_DH_GENERATE_KEY 115
|
||||
#define DH_F_DH_GENERATE_PARAMETERS_EX 116
|
||||
#define DH_F_DH_NEW_METHOD 105
|
||||
#define DH_F_DH_PARAM_DECODE 107
|
||||
#define DH_F_DH_PRIV_DECODE 110
|
||||
#define DH_F_DH_PRIV_ENCODE 111
|
||||
#define DH_F_DH_PUB_DECODE 108
|
||||
#define DH_F_DH_PUB_ENCODE 109
|
||||
#define DH_F_DO_DH_PRINT 100
|
||||
#define DH_F_GENERATE_KEY 103
|
||||
#define DH_F_GENERATE_PARAMETERS 104
|
||||
#define DH_F_PKEY_DH_DERIVE 112
|
||||
#define DH_F_PKEY_DH_KEYGEN 113
|
||||
|
||||
/* Reason codes. */
|
||||
#define DH_R_BAD_GENERATOR 101
|
||||
#define DH_R_BN_DECODE_ERROR 109
|
||||
#define DH_R_BN_ERROR 106
|
||||
#define DH_R_DECODE_ERROR 104
|
||||
#define DH_R_INVALID_PUBKEY 102
|
||||
#define DH_R_KEYS_NOT_SET 108
|
||||
#define DH_R_KEY_SIZE_TOO_SMALL 110
|
||||
#define DH_R_MODULUS_TOO_LARGE 103
|
||||
#define DH_R_NON_FIPS_METHOD 111
|
||||
#define DH_R_NO_PARAMETERS_SET 107
|
||||
#define DH_R_NO_PRIVATE_VALUE 100
|
||||
#define DH_R_PARAMETER_ENCODING_ERROR 105
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
|
|
|
@ -97,6 +97,21 @@
|
|||
* be used for all exponents.
|
||||
*/
|
||||
|
||||
/* If this flag is set the DSA method is FIPS compliant and can be used
|
||||
* in FIPS mode. This is set in the validated module method. If an
|
||||
* application sets this flag in its own methods it is its reposibility
|
||||
* to ensure the result is compliant.
|
||||
*/
|
||||
|
||||
#define DSA_FLAG_FIPS_METHOD 0x0400
|
||||
|
||||
/* If this flag is set the operations normally disabled in FIPS mode are
|
||||
* permitted it is then the applications responsibility to ensure that the
|
||||
* usage is compliant.
|
||||
*/
|
||||
|
||||
#define DSA_FLAG_NON_FIPS_ALLOW 0x0400
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
@ -118,7 +133,7 @@ struct dsa_method
|
|||
int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
|
||||
BIGNUM **rp);
|
||||
int (*dsa_do_verify)(const unsigned char *dgst, int dgst_len,
|
||||
DSA_SIG *sig, DSA *dsa);
|
||||
DSA_SIG *sig, DSA *dsa);
|
||||
int (*dsa_mod_exp)(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
|
||||
BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
|
||||
BN_MONT_CTX *in_mont);
|
||||
|
@ -131,7 +146,7 @@ struct dsa_method
|
|||
char *app_data;
|
||||
/* If this is non-NULL, it is used to generate DSA parameters */
|
||||
int (*dsa_paramgen)(DSA *dsa, int bits,
|
||||
unsigned char *seed, int seed_len,
|
||||
const unsigned char *seed, int seed_len,
|
||||
int *counter_ret, unsigned long *h_ret,
|
||||
BN_GENCB *cb);
|
||||
/* If this is non-NULL, it is used to generate DSA keys */
|
||||
|
@ -165,7 +180,6 @@ struct dsa_st
|
|||
ENGINE *engine;
|
||||
};
|
||||
|
||||
#define DSAparams_dup(x) ASN1_dup_of_const(DSA,i2d_DSAparams,d2i_DSAparams,x)
|
||||
#define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \
|
||||
(char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x))
|
||||
#define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \
|
||||
|
@ -174,6 +188,7 @@ struct dsa_st
|
|||
#define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio_of_const(DSA,i2d_DSAparams,bp,x)
|
||||
|
||||
|
||||
DSA *DSAparams_dup(DSA *x);
|
||||
DSA_SIG * DSA_SIG_new(void);
|
||||
void DSA_SIG_free(DSA_SIG *a);
|
||||
int i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp);
|
||||
|
@ -220,7 +235,7 @@ DSA * DSA_generate_parameters(int bits,
|
|||
|
||||
/* New version */
|
||||
int DSA_generate_parameters_ex(DSA *dsa, int bits,
|
||||
unsigned char *seed,int seed_len,
|
||||
const unsigned char *seed,int seed_len,
|
||||
int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
|
||||
|
||||
int DSA_generate_key(DSA *a);
|
||||
|
@ -249,6 +264,14 @@ int DSA_print_fp(FILE *bp, const DSA *x, int off);
|
|||
DH *DSA_dup_DH(const DSA *r);
|
||||
#endif
|
||||
|
||||
#define EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits) \
|
||||
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \
|
||||
EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, nbits, NULL)
|
||||
|
||||
#define EVP_PKEY_CTRL_DSA_PARAMGEN_BITS (EVP_PKEY_ALG_CTRL + 1)
|
||||
#define EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS (EVP_PKEY_ALG_CTRL + 2)
|
||||
#define EVP_PKEY_CTRL_DSA_PARAMGEN_MD (EVP_PKEY_ALG_CTRL + 3)
|
||||
|
||||
/* BEGIN ERROR CODES */
|
||||
/* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||
* made after this point may be overwritten when the script is next run.
|
||||
|
@ -259,25 +282,44 @@ void ERR_load_DSA_strings(void);
|
|||
|
||||
/* Function codes. */
|
||||
#define DSA_F_D2I_DSA_SIG 110
|
||||
#define DSA_F_DO_DSA_PRINT 104
|
||||
#define DSA_F_DSAPARAMS_PRINT 100
|
||||
#define DSA_F_DSAPARAMS_PRINT_FP 101
|
||||
#define DSA_F_DSA_DO_SIGN 112
|
||||
#define DSA_F_DSA_DO_VERIFY 113
|
||||
#define DSA_F_DSA_GENERATE_KEY 124
|
||||
#define DSA_F_DSA_GENERATE_PARAMETERS_EX 123
|
||||
#define DSA_F_DSA_NEW_METHOD 103
|
||||
#define DSA_F_DSA_PRINT 104
|
||||
#define DSA_F_DSA_PARAM_DECODE 119
|
||||
#define DSA_F_DSA_PRINT_FP 105
|
||||
#define DSA_F_DSA_PRIV_DECODE 115
|
||||
#define DSA_F_DSA_PRIV_ENCODE 116
|
||||
#define DSA_F_DSA_PUB_DECODE 117
|
||||
#define DSA_F_DSA_PUB_ENCODE 118
|
||||
#define DSA_F_DSA_SIGN 106
|
||||
#define DSA_F_DSA_SIGN_SETUP 107
|
||||
#define DSA_F_DSA_SIG_NEW 109
|
||||
#define DSA_F_DSA_SIG_PRINT 125
|
||||
#define DSA_F_DSA_VERIFY 108
|
||||
#define DSA_F_I2D_DSA_SIG 111
|
||||
#define DSA_F_OLD_DSA_PRIV_DECODE 122
|
||||
#define DSA_F_PKEY_DSA_CTRL 120
|
||||
#define DSA_F_PKEY_DSA_KEYGEN 121
|
||||
#define DSA_F_SIG_CB 114
|
||||
|
||||
/* Reason codes. */
|
||||
#define DSA_R_BAD_Q_VALUE 102
|
||||
#define DSA_R_BN_DECODE_ERROR 108
|
||||
#define DSA_R_BN_ERROR 109
|
||||
#define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100
|
||||
#define DSA_R_DECODE_ERROR 104
|
||||
#define DSA_R_INVALID_DIGEST_TYPE 106
|
||||
#define DSA_R_MISSING_PARAMETERS 101
|
||||
#define DSA_R_MODULUS_TOO_LARGE 103
|
||||
#define DSA_R_NEED_NEW_SETUP_VALUES 110
|
||||
#define DSA_R_NON_FIPS_DSA_METHOD 111
|
||||
#define DSA_R_NO_PARAMETERS_SET 107
|
||||
#define DSA_R_PARAMETER_ENCODING_ERROR 105
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
|
|
|
@ -170,6 +170,11 @@ typedef struct dso_meth_st
|
|||
/* [De]Initialisation handlers. */
|
||||
int (*init)(DSO *dso);
|
||||
int (*finish)(DSO *dso);
|
||||
|
||||
/* Return pathname of the module containing location */
|
||||
int (*pathbyaddr)(void *addr,char *path,int sz);
|
||||
/* Perform global symbol lookup, i.e. among *all* modules */
|
||||
void *(*globallookup)(const char *symname);
|
||||
} DSO_METHOD;
|
||||
|
||||
/**********************************************************************/
|
||||
|
@ -183,7 +188,7 @@ struct dso_st
|
|||
* for use in the dso_bind handler. All in all, let each
|
||||
* method control its own destiny. "Handles" and such go in
|
||||
* a STACK. */
|
||||
STACK *meth_data;
|
||||
STACK_OF(void) *meth_data;
|
||||
int references;
|
||||
int flags;
|
||||
/* For use by applications etc ... use this for your bits'n'pieces,
|
||||
|
@ -296,6 +301,30 @@ DSO_METHOD *DSO_METHOD_win32(void);
|
|||
/* If VMS is defined, use shared images. If not, return NULL. */
|
||||
DSO_METHOD *DSO_METHOD_vms(void);
|
||||
|
||||
/* This function writes null-terminated pathname of DSO module
|
||||
* containing 'addr' into 'sz' large caller-provided 'path' and
|
||||
* returns the number of characters [including trailing zero]
|
||||
* written to it. If 'sz' is 0 or negative, 'path' is ignored and
|
||||
* required amount of charachers [including trailing zero] to
|
||||
* accomodate pathname is returned. If 'addr' is NULL, then
|
||||
* pathname of cryptolib itself is returned. Negative or zero
|
||||
* return value denotes error.
|
||||
*/
|
||||
int DSO_pathbyaddr(void *addr,char *path,int sz);
|
||||
|
||||
/* This function should be used with caution! It looks up symbols in
|
||||
* *all* loaded modules and if module gets unloaded by somebody else
|
||||
* attempt to dereference the pointer is doomed to have fatal
|
||||
* consequences. Primary usage for this function is to probe *core*
|
||||
* system functionality, e.g. check if getnameinfo(3) is available
|
||||
* at run-time without bothering about OS-specific details such as
|
||||
* libc.so.versioning or where does it actually reside: in libc
|
||||
* itself or libsocket. */
|
||||
void *DSO_global_lookup(const char *name);
|
||||
|
||||
/* If BeOS is defined, use shared images. If not, return NULL. */
|
||||
DSO_METHOD *DSO_METHOD_beos(void);
|
||||
|
||||
/* BEGIN ERROR CODES */
|
||||
/* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||
* made after this point may be overwritten when the script is next run.
|
||||
|
@ -305,6 +334,11 @@ void ERR_load_DSO_strings(void);
|
|||
/* Error codes for the DSO functions. */
|
||||
|
||||
/* Function codes. */
|
||||
#define DSO_F_BEOS_BIND_FUNC 144
|
||||
#define DSO_F_BEOS_BIND_VAR 145
|
||||
#define DSO_F_BEOS_LOAD 146
|
||||
#define DSO_F_BEOS_NAME_CONVERTER 147
|
||||
#define DSO_F_BEOS_UNLOAD 148
|
||||
#define DSO_F_DLFCN_BIND_FUNC 100
|
||||
#define DSO_F_DLFCN_BIND_VAR 101
|
||||
#define DSO_F_DLFCN_LOAD 102
|
||||
|
@ -324,22 +358,29 @@ void ERR_load_DSO_strings(void);
|
|||
#define DSO_F_DSO_FREE 111
|
||||
#define DSO_F_DSO_GET_FILENAME 127
|
||||
#define DSO_F_DSO_GET_LOADED_FILENAME 128
|
||||
#define DSO_F_DSO_GLOBAL_LOOKUP 139
|
||||
#define DSO_F_DSO_LOAD 112
|
||||
#define DSO_F_DSO_MERGE 132
|
||||
#define DSO_F_DSO_NEW_METHOD 113
|
||||
#define DSO_F_DSO_PATHBYADDR 140
|
||||
#define DSO_F_DSO_SET_FILENAME 129
|
||||
#define DSO_F_DSO_SET_NAME_CONVERTER 122
|
||||
#define DSO_F_DSO_UP_REF 114
|
||||
#define DSO_F_GLOBAL_LOOKUP_FUNC 138
|
||||
#define DSO_F_PATHBYADDR 137
|
||||
#define DSO_F_VMS_BIND_SYM 115
|
||||
#define DSO_F_VMS_LOAD 116
|
||||
#define DSO_F_VMS_MERGER 133
|
||||
#define DSO_F_VMS_UNLOAD 117
|
||||
#define DSO_F_WIN32_BIND_FUNC 118
|
||||
#define DSO_F_WIN32_BIND_VAR 119
|
||||
#define DSO_F_WIN32_GLOBALLOOKUP 142
|
||||
#define DSO_F_WIN32_GLOBALLOOKUP_FUNC 143
|
||||
#define DSO_F_WIN32_JOINER 135
|
||||
#define DSO_F_WIN32_LOAD 120
|
||||
#define DSO_F_WIN32_MERGER 134
|
||||
#define DSO_F_WIN32_NAME_CONVERTER 125
|
||||
#define DSO_F_WIN32_PATHBYADDR 141
|
||||
#define DSO_F_WIN32_SPLITTER 136
|
||||
#define DSO_F_WIN32_UNLOAD 121
|
||||
|
||||
|
|
|
@ -57,11 +57,27 @@
|
|||
*
|
||||
*/
|
||||
|
||||
#ifndef HEADER_DTLS1_H
|
||||
#define HEADER_DTLS1_H
|
||||
#ifndef HEADER_DTLS1_H
|
||||
#define HEADER_DTLS1_H
|
||||
|
||||
#include <openssl/buffer.h>
|
||||
#include <openssl/pqueue.h>
|
||||
#ifdef OPENSSL_SYS_VMS
|
||||
#include <resource.h>
|
||||
#include <sys/timeb.h>
|
||||
#endif
|
||||
#ifdef OPENSSL_SYS_WIN32
|
||||
/* Needed for struct timeval */
|
||||
#include <winsock.h>
|
||||
#elif defined(OPENSSL_SYS_NETWARE) && !defined(_WINSOCK2API_)
|
||||
#include <sys/timeval.h>
|
||||
#else
|
||||
#if defined(OPENSSL_SYS_VXWORKS)
|
||||
#include <sys/times.h>
|
||||
#else
|
||||
#include <sys/time.h>
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
|
@ -70,10 +86,13 @@ extern "C" {
|
|||
#define DTLS1_VERSION 0xFEFF
|
||||
#define DTLS1_BAD_VER 0x0100
|
||||
|
||||
#if 0
|
||||
/* this alert description is not specified anywhere... */
|
||||
#define DTLS1_AD_MISSING_HANDSHAKE_MESSAGE 110
|
||||
#endif
|
||||
|
||||
/* lengths of messages */
|
||||
#define DTLS1_COOKIE_LENGTH 32
|
||||
#define DTLS1_COOKIE_LENGTH 256
|
||||
|
||||
#define DTLS1_RT_HEADER_LENGTH 13
|
||||
|
||||
|
@ -84,16 +103,40 @@ extern "C" {
|
|||
|
||||
#define DTLS1_CCS_HEADER_LENGTH 1
|
||||
|
||||
#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
|
||||
#define DTLS1_AL_HEADER_LENGTH 7
|
||||
#else
|
||||
#define DTLS1_AL_HEADER_LENGTH 2
|
||||
#endif
|
||||
|
||||
#ifndef OPENSSL_NO_SSL_INTERN
|
||||
|
||||
#ifndef OPENSSL_NO_SCTP
|
||||
#define DTLS1_SCTP_AUTH_LABEL "EXPORTER_DTLS_OVER_SCTP"
|
||||
#endif
|
||||
|
||||
typedef struct dtls1_bitmap_st
|
||||
{
|
||||
PQ_64BIT map;
|
||||
unsigned long length; /* sizeof the bitmap in bits */
|
||||
PQ_64BIT max_seq_num; /* max record number seen so far */
|
||||
unsigned long map; /* track 32 packets on 32-bit systems
|
||||
and 64 - on 64-bit systems */
|
||||
unsigned char max_seq_num[8]; /* max record number seen so far,
|
||||
64-bit value in big-endian
|
||||
encoding */
|
||||
} DTLS1_BITMAP;
|
||||
|
||||
struct dtls1_retransmit_state
|
||||
{
|
||||
EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */
|
||||
EVP_MD_CTX *write_hash; /* used for mac generation */
|
||||
#ifndef OPENSSL_NO_COMP
|
||||
COMP_CTX *compress; /* compression */
|
||||
#else
|
||||
char *compress;
|
||||
#endif
|
||||
SSL_SESSION *session;
|
||||
unsigned short epoch;
|
||||
};
|
||||
|
||||
struct hm_header_st
|
||||
{
|
||||
unsigned char type;
|
||||
|
@ -102,6 +145,7 @@ struct hm_header_st
|
|||
unsigned long frag_off;
|
||||
unsigned long frag_len;
|
||||
unsigned int is_ccs;
|
||||
struct dtls1_retransmit_state saved_retransmit_state;
|
||||
};
|
||||
|
||||
struct ccs_header_st
|
||||
|
@ -132,6 +176,7 @@ typedef struct hm_fragment_st
|
|||
{
|
||||
struct hm_header_st msg_header;
|
||||
unsigned char *fragment;
|
||||
unsigned char *reassembly;
|
||||
} hm_fragment;
|
||||
|
||||
typedef struct dtls1_state_st
|
||||
|
@ -161,6 +206,9 @@ typedef struct dtls1_state_st
|
|||
|
||||
unsigned short handshake_read_seq;
|
||||
|
||||
/* save last sequence number for retransmissions */
|
||||
unsigned char last_write_sequence[8];
|
||||
|
||||
/* Received handshake records (processed and unprocessed) */
|
||||
record_pqueue unprocessed_rcds;
|
||||
record_pqueue processed_rcds;
|
||||
|
@ -171,13 +219,29 @@ typedef struct dtls1_state_st
|
|||
/* Buffered (sent) handshake records */
|
||||
pqueue sent_messages;
|
||||
|
||||
unsigned int mtu; /* max wire packet size */
|
||||
/* Buffered application records.
|
||||
* Only for records between CCS and Finished
|
||||
* to prevent either protocol violation or
|
||||
* unnecessary message loss.
|
||||
*/
|
||||
record_pqueue buffered_app_data;
|
||||
|
||||
/* Is set when listening for new connections with dtls1_listen() */
|
||||
unsigned int listen;
|
||||
|
||||
unsigned int mtu; /* max DTLS packet size */
|
||||
|
||||
struct hm_header_st w_msg_hdr;
|
||||
struct hm_header_st r_msg_hdr;
|
||||
|
||||
struct dtls1_timeout_st timeout;
|
||||
|
||||
|
||||
/* Indicates when the last handshake msg or heartbeat sent will timeout */
|
||||
struct timeval next_timeout;
|
||||
|
||||
/* Timeout duration */
|
||||
unsigned short timeout_duration;
|
||||
|
||||
/* storage for Alert/Handshake protocol data received but not
|
||||
* yet processed by ssl3_read_bytes: */
|
||||
unsigned char alert_fragment[DTLS1_AL_HEADER_LENGTH];
|
||||
|
@ -186,6 +250,14 @@ typedef struct dtls1_state_st
|
|||
unsigned int handshake_fragment_len;
|
||||
|
||||
unsigned int retransmitting;
|
||||
unsigned int change_cipher_spec_ok;
|
||||
|
||||
#ifndef OPENSSL_NO_SCTP
|
||||
/* used when SSL_ST_XX_FLUSH is entered */
|
||||
int next_state;
|
||||
|
||||
int shutdown_received;
|
||||
#endif
|
||||
|
||||
} DTLS1_STATE;
|
||||
|
||||
|
@ -195,8 +267,12 @@ typedef struct dtls1_record_data_st
|
|||
unsigned int packet_length;
|
||||
SSL3_BUFFER rbuf;
|
||||
SSL3_RECORD rrec;
|
||||
#ifndef OPENSSL_NO_SCTP
|
||||
struct bio_dgram_sctp_rcvinfo recordinfo;
|
||||
#endif
|
||||
} DTLS1_RECORD_DATA;
|
||||
|
||||
#endif
|
||||
|
||||
/* Timeout multipliers (timeout slice is defined in apps/timeouts.h */
|
||||
#define DTLS1_TMO_READ_COUNT 2
|
||||
|
|
|
@ -193,8 +193,14 @@ extern "C" {
|
|||
#endif
|
||||
|
||||
/* --------------------------------- VOS ----------------------------------- */
|
||||
#ifdef OPENSSL_SYSNAME_VOS
|
||||
#if defined(__VOS__) || defined(OPENSSL_SYSNAME_VOS)
|
||||
# define OPENSSL_SYS_VOS
|
||||
#ifdef __HPPA__
|
||||
# define OPENSSL_SYS_VOS_HPPA
|
||||
#endif
|
||||
#ifdef __IA32__
|
||||
# define OPENSSL_SYS_VOS_IA32
|
||||
#endif
|
||||
#endif
|
||||
|
||||
/* ------------------------------- VxWorks --------------------------------- */
|
||||
|
@ -202,6 +208,17 @@ extern "C" {
|
|||
# define OPENSSL_SYS_VXWORKS
|
||||
#endif
|
||||
|
||||
/* --------------------------------- BeOS ---------------------------------- */
|
||||
#if defined(__BEOS__)
|
||||
# define OPENSSL_SYS_BEOS
|
||||
# include <sys/socket.h>
|
||||
# if defined(BONE_VERSION)
|
||||
# define OPENSSL_SYS_BEOS_BONE
|
||||
# else
|
||||
# define OPENSSL_SYS_BEOS_R5
|
||||
# endif
|
||||
#endif
|
||||
|
||||
/**
|
||||
* That's it for OS-specific stuff
|
||||
*****************************************************************************/
|
||||
|
@ -251,28 +268,47 @@ extern "C" {
|
|||
#define OPENSSL_EXTERN OPENSSL_IMPORT
|
||||
|
||||
/* Macros to allow global variables to be reached through function calls when
|
||||
required (if a shared library version requvres it, for example.
|
||||
required (if a shared library version requires it, for example.
|
||||
The way it's done allows definitions like this:
|
||||
|
||||
// in foobar.c
|
||||
OPENSSL_IMPLEMENT_GLOBAL(int,foobar) = 0;
|
||||
OPENSSL_IMPLEMENT_GLOBAL(int,foobar,0)
|
||||
// in foobar.h
|
||||
OPENSSL_DECLARE_GLOBAL(int,foobar);
|
||||
#define foobar OPENSSL_GLOBAL_REF(foobar)
|
||||
*/
|
||||
#ifdef OPENSSL_EXPORT_VAR_AS_FUNCTION
|
||||
# define OPENSSL_IMPLEMENT_GLOBAL(type,name) \
|
||||
extern type _hide_##name; \
|
||||
type *_shadow_##name(void) { return &_hide_##name; } \
|
||||
static type _hide_##name
|
||||
# define OPENSSL_IMPLEMENT_GLOBAL(type,name,value) \
|
||||
type *_shadow_##name(void) \
|
||||
{ static type _hide_##name=value; return &_hide_##name; }
|
||||
# define OPENSSL_DECLARE_GLOBAL(type,name) type *_shadow_##name(void)
|
||||
# define OPENSSL_GLOBAL_REF(name) (*(_shadow_##name()))
|
||||
#else
|
||||
# define OPENSSL_IMPLEMENT_GLOBAL(type,name) OPENSSL_GLOBAL type _shadow_##name
|
||||
# define OPENSSL_IMPLEMENT_GLOBAL(type,name,value) OPENSSL_GLOBAL type _shadow_##name=value;
|
||||
# define OPENSSL_DECLARE_GLOBAL(type,name) OPENSSL_EXPORT type _shadow_##name
|
||||
# define OPENSSL_GLOBAL_REF(name) _shadow_##name
|
||||
#endif
|
||||
|
||||
#if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) && macintosh==1 && !defined(MAC_OS_GUSI_SOURCE)
|
||||
# define ossl_ssize_t long
|
||||
#endif
|
||||
|
||||
#ifdef OPENSSL_SYS_MSDOS
|
||||
# define ossl_ssize_t long
|
||||
#endif
|
||||
|
||||
#if defined(NeXT) || defined(OPENSSL_SYS_NEWS4) || defined(OPENSSL_SYS_SUNOS)
|
||||
# define ssize_t int
|
||||
#endif
|
||||
|
||||
#if defined(__ultrix) && !defined(ssize_t)
|
||||
# define ossl_ssize_t int
|
||||
#endif
|
||||
|
||||
#ifndef ossl_ssize_t
|
||||
# define ossl_ssize_t ssize_t
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -109,11 +109,13 @@ void ERR_load_ECDH_strings(void);
|
|||
/* Error codes for the ECDH functions. */
|
||||
|
||||
/* Function codes. */
|
||||
#define ECDH_F_ECDH_CHECK 102
|
||||
#define ECDH_F_ECDH_COMPUTE_KEY 100
|
||||
#define ECDH_F_ECDH_DATA_NEW_METHOD 101
|
||||
|
||||
/* Reason codes. */
|
||||
#define ECDH_R_KDF_FAILED 102
|
||||
#define ECDH_R_NON_FIPS_METHOD 103
|
||||
#define ECDH_R_NO_PRIVATE_VALUE 100
|
||||
#define ECDH_R_POINT_ARITHMETIC_FAILURE 101
|
||||
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
* \author Written by Nils Larsch for the OpenSSL project
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2000-2003 The OpenSSL Project. All rights reserved.
|
||||
* Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
|
@ -81,156 +81,143 @@ typedef struct ECDSA_SIG_st
|
|||
BIGNUM *s;
|
||||
} ECDSA_SIG;
|
||||
|
||||
/** ECDSA_SIG *ECDSA_SIG_new(void)
|
||||
* allocates and initialize a ECDSA_SIG structure
|
||||
* \return pointer to a ECDSA_SIG structure or NULL if an error occurred
|
||||
/** Allocates and initialize a ECDSA_SIG structure
|
||||
* \return pointer to a ECDSA_SIG structure or NULL if an error occurred
|
||||
*/
|
||||
ECDSA_SIG *ECDSA_SIG_new(void);
|
||||
|
||||
/** ECDSA_SIG_free
|
||||
* frees a ECDSA_SIG structure
|
||||
* \param a pointer to the ECDSA_SIG structure
|
||||
/** frees a ECDSA_SIG structure
|
||||
* \param sig pointer to the ECDSA_SIG structure
|
||||
*/
|
||||
void ECDSA_SIG_free(ECDSA_SIG *a);
|
||||
void ECDSA_SIG_free(ECDSA_SIG *sig);
|
||||
|
||||
/** i2d_ECDSA_SIG
|
||||
* DER encode content of ECDSA_SIG object (note: this function modifies *pp
|
||||
* (*pp += length of the DER encoded signature)).
|
||||
* \param a pointer to the ECDSA_SIG object
|
||||
* \param pp pointer to a unsigned char pointer for the output or NULL
|
||||
* \return the length of the DER encoded ECDSA_SIG object or 0
|
||||
/** DER encode content of ECDSA_SIG object (note: this function modifies *pp
|
||||
* (*pp += length of the DER encoded signature)).
|
||||
* \param sig pointer to the ECDSA_SIG object
|
||||
* \param pp pointer to a unsigned char pointer for the output or NULL
|
||||
* \return the length of the DER encoded ECDSA_SIG object or 0
|
||||
*/
|
||||
int i2d_ECDSA_SIG(const ECDSA_SIG *a, unsigned char **pp);
|
||||
int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
|
||||
|
||||
/** d2i_ECDSA_SIG
|
||||
* decodes a DER encoded ECDSA signature (note: this function changes *pp
|
||||
* (*pp += len)).
|
||||
* \param v pointer to ECDSA_SIG pointer (may be NULL)
|
||||
* \param pp buffer with the DER encoded signature
|
||||
* \param len bufferlength
|
||||
* \return pointer to the decoded ECDSA_SIG structure (or NULL)
|
||||
/** Decodes a DER encoded ECDSA signature (note: this function changes *pp
|
||||
* (*pp += len)).
|
||||
* \param sig pointer to ECDSA_SIG pointer (may be NULL)
|
||||
* \param pp memory buffer with the DER encoded signature
|
||||
* \param len length of the buffer
|
||||
* \return pointer to the decoded ECDSA_SIG structure (or NULL)
|
||||
*/
|
||||
ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **v, const unsigned char **pp, long len);
|
||||
ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
|
||||
|
||||
/** ECDSA_do_sign
|
||||
* computes the ECDSA signature of the given hash value using
|
||||
* the supplied private key and returns the created signature.
|
||||
* \param dgst pointer to the hash value
|
||||
* \param dgst_len length of the hash value
|
||||
* \param eckey pointer to the EC_KEY object containing a private EC key
|
||||
* \return pointer to a ECDSA_SIG structure or NULL
|
||||
/** Computes the ECDSA signature of the given hash value using
|
||||
* the supplied private key and returns the created signature.
|
||||
* \param dgst pointer to the hash value
|
||||
* \param dgst_len length of the hash value
|
||||
* \param eckey EC_KEY object containing a private EC key
|
||||
* \return pointer to a ECDSA_SIG structure or NULL if an error occurred
|
||||
*/
|
||||
ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst,int dgst_len,EC_KEY *eckey);
|
||||
|
||||
/** ECDSA_do_sign_ex
|
||||
* computes ECDSA signature of a given hash value using the supplied
|
||||
* private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
|
||||
* \param dgst pointer to the hash value to sign
|
||||
* \param dgstlen length of the hash value
|
||||
* \param kinv optional pointer to a pre-computed inverse k
|
||||
* \param rp optional pointer to the pre-computed rp value (see
|
||||
* ECDSA_sign_setup
|
||||
* \param eckey pointer to the EC_KEY object containing a private EC key
|
||||
* \return pointer to a ECDSA_SIG structure or NULL
|
||||
/** Computes ECDSA signature of a given hash value using the supplied
|
||||
* private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
|
||||
* \param dgst pointer to the hash value to sign
|
||||
* \param dgstlen length of the hash value
|
||||
* \param kinv BIGNUM with a pre-computed inverse k (optional)
|
||||
* \param rp BIGNUM with a pre-computed rp value (optioanl),
|
||||
* see ECDSA_sign_setup
|
||||
* \param eckey EC_KEY object containing a private EC key
|
||||
* \return pointer to a ECDSA_SIG structure or NULL if an error occurred
|
||||
*/
|
||||
ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
|
||||
const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);
|
||||
|
||||
/** ECDSA_do_verify
|
||||
* verifies that the supplied signature is a valid ECDSA
|
||||
* signature of the supplied hash value using the supplied public key.
|
||||
* \param dgst pointer to the hash value
|
||||
* \param dgst_len length of the hash value
|
||||
* \param sig pointer to the ECDSA_SIG structure
|
||||
* \param eckey pointer to the EC_KEY object containing a public EC key
|
||||
* \return 1 if the signature is valid, 0 if the signature is invalid and -1 on error
|
||||
/** Verifies that the supplied signature is a valid ECDSA
|
||||
* signature of the supplied hash value using the supplied public key.
|
||||
* \param dgst pointer to the hash value
|
||||
* \param dgst_len length of the hash value
|
||||
* \param sig ECDSA_SIG structure
|
||||
* \param eckey EC_KEY object containing a public EC key
|
||||
* \return 1 if the signature is valid, 0 if the signature is invalid
|
||||
* and -1 on error
|
||||
*/
|
||||
int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
|
||||
const ECDSA_SIG *sig, EC_KEY* eckey);
|
||||
|
||||
const ECDSA_METHOD *ECDSA_OpenSSL(void);
|
||||
|
||||
/** ECDSA_set_default_method
|
||||
* sets the default ECDSA method
|
||||
* \param meth the new default ECDSA_METHOD
|
||||
/** Sets the default ECDSA method
|
||||
* \param meth new default ECDSA_METHOD
|
||||
*/
|
||||
void ECDSA_set_default_method(const ECDSA_METHOD *meth);
|
||||
|
||||
/** ECDSA_get_default_method
|
||||
* returns the default ECDSA method
|
||||
* \return pointer to ECDSA_METHOD structure containing the default method
|
||||
/** Returns the default ECDSA method
|
||||
* \return pointer to ECDSA_METHOD structure containing the default method
|
||||
*/
|
||||
const ECDSA_METHOD *ECDSA_get_default_method(void);
|
||||
|
||||
/** ECDSA_set_method
|
||||
* sets method to be used for the ECDSA operations
|
||||
* \param eckey pointer to the EC_KEY object
|
||||
* \param meth pointer to the new method
|
||||
* \return 1 on success and 0 otherwise
|
||||
/** Sets method to be used for the ECDSA operations
|
||||
* \param eckey EC_KEY object
|
||||
* \param meth new method
|
||||
* \return 1 on success and 0 otherwise
|
||||
*/
|
||||
int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth);
|
||||
|
||||
/** ECDSA_size
|
||||
* returns the maximum length of the DER encoded signature
|
||||
* \param eckey pointer to a EC_KEY object
|
||||
* \return numbers of bytes required for the DER encoded signature
|
||||
/** Returns the maximum length of the DER encoded signature
|
||||
* \param eckey EC_KEY object
|
||||
* \return numbers of bytes required for the DER encoded signature
|
||||
*/
|
||||
int ECDSA_size(const EC_KEY *eckey);
|
||||
|
||||
/** ECDSA_sign_setup
|
||||
* precompute parts of the signing operation.
|
||||
* \param eckey pointer to the EC_KEY object containing a private EC key
|
||||
* \param ctx pointer to a BN_CTX object (may be NULL)
|
||||
* \param kinv pointer to a BIGNUM pointer for the inverse of k
|
||||
* \param rp pointer to a BIGNUM pointer for x coordinate of k * generator
|
||||
* \return 1 on success and 0 otherwise
|
||||
/** Precompute parts of the signing operation
|
||||
* \param eckey EC_KEY object containing a private EC key
|
||||
* \param ctx BN_CTX object (optional)
|
||||
* \param kinv BIGNUM pointer for the inverse of k
|
||||
* \param rp BIGNUM pointer for x coordinate of k * generator
|
||||
* \return 1 on success and 0 otherwise
|
||||
*/
|
||||
int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv,
|
||||
BIGNUM **rp);
|
||||
|
||||
/** ECDSA_sign
|
||||
* computes ECDSA signature of a given hash value using the supplied
|
||||
* private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
|
||||
* \param type this parameter is ignored
|
||||
* \param dgst pointer to the hash value to sign
|
||||
* \param dgstlen length of the hash value
|
||||
* \param sig buffer to hold the DER encoded signature
|
||||
* \param siglen pointer to the length of the returned signature
|
||||
* \param eckey pointer to the EC_KEY object containing a private EC key
|
||||
* \return 1 on success and 0 otherwise
|
||||
/** Computes ECDSA signature of a given hash value using the supplied
|
||||
* private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
|
||||
* \param type this parameter is ignored
|
||||
* \param dgst pointer to the hash value to sign
|
||||
* \param dgstlen length of the hash value
|
||||
* \param sig memory for the DER encoded created signature
|
||||
* \param siglen pointer to the length of the returned signature
|
||||
* \param eckey EC_KEY object containing a private EC key
|
||||
* \return 1 on success and 0 otherwise
|
||||
*/
|
||||
int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
|
||||
unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
|
||||
|
||||
|
||||
/** ECDSA_sign_ex
|
||||
* computes ECDSA signature of a given hash value using the supplied
|
||||
* private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
|
||||
* \param type this parameter is ignored
|
||||
* \param dgst pointer to the hash value to sign
|
||||
* \param dgstlen length of the hash value
|
||||
* \param sig buffer to hold the DER encoded signature
|
||||
* \param siglen pointer to the length of the returned signature
|
||||
* \param kinv optional pointer to a pre-computed inverse k
|
||||
* \param rp optional pointer to the pre-computed rp value (see
|
||||
* ECDSA_sign_setup
|
||||
* \param eckey pointer to the EC_KEY object containing a private EC key
|
||||
* \return 1 on success and 0 otherwise
|
||||
/** Computes ECDSA signature of a given hash value using the supplied
|
||||
* private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
|
||||
* \param type this parameter is ignored
|
||||
* \param dgst pointer to the hash value to sign
|
||||
* \param dgstlen length of the hash value
|
||||
* \param sig buffer to hold the DER encoded signature
|
||||
* \param siglen pointer to the length of the returned signature
|
||||
* \param kinv BIGNUM with a pre-computed inverse k (optional)
|
||||
* \param rp BIGNUM with a pre-computed rp value (optioanl),
|
||||
* see ECDSA_sign_setup
|
||||
* \param eckey EC_KEY object containing a private EC key
|
||||
* \return 1 on success and 0 otherwise
|
||||
*/
|
||||
int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen,
|
||||
unsigned char *sig, unsigned int *siglen, const BIGNUM *kinv,
|
||||
const BIGNUM *rp, EC_KEY *eckey);
|
||||
|
||||
/** ECDSA_verify
|
||||
* verifies that the given signature is valid ECDSA signature
|
||||
* of the supplied hash value using the specified public key.
|
||||
* \param type this parameter is ignored
|
||||
* \param dgst pointer to the hash value
|
||||
* \param dgstlen length of the hash value
|
||||
* \param sig pointer to the DER encoded signature
|
||||
* \param siglen length of the DER encoded signature
|
||||
* \param eckey pointer to the EC_KEY object containing a public EC key
|
||||
* \return 1 if the signature is valid, 0 if the signature is invalid and -1 on error
|
||||
/** Verifies that the given signature is valid ECDSA signature
|
||||
* of the supplied hash value using the specified public key.
|
||||
* \param type this parameter is ignored
|
||||
* \param dgst pointer to the hash value
|
||||
* \param dgstlen length of the hash value
|
||||
* \param sig pointer to the DER encoded signature
|
||||
* \param siglen length of the DER encoded signature
|
||||
* \param eckey EC_KEY object containing a public EC key
|
||||
* \return 1 if the signature is valid, 0 if the signature is invalid
|
||||
* and -1 on error
|
||||
*/
|
||||
int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
|
||||
const unsigned char *sig, int siglen, EC_KEY *eckey);
|
||||
|
@ -251,6 +238,7 @@ void ERR_load_ECDSA_strings(void);
|
|||
/* Error codes for the ECDSA functions. */
|
||||
|
||||
/* Function codes. */
|
||||
#define ECDSA_F_ECDSA_CHECK 104
|
||||
#define ECDSA_F_ECDSA_DATA_NEW_METHOD 100
|
||||
#define ECDSA_F_ECDSA_DO_SIGN 101
|
||||
#define ECDSA_F_ECDSA_DO_VERIFY 102
|
||||
|
@ -262,6 +250,7 @@ void ERR_load_ECDSA_strings(void);
|
|||
#define ECDSA_R_ERR_EC_LIB 102
|
||||
#define ECDSA_R_MISSING_PARAMETERS 103
|
||||
#define ECDSA_R_NEED_NEW_SETUP_VALUES 106
|
||||
#define ECDSA_R_NON_FIPS_METHOD 107
|
||||
#define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED 104
|
||||
#define ECDSA_R_SIGNATURE_MALLOC_FAILED 105
|
||||
|
||||
|
|
|
@ -88,7 +88,6 @@
|
|||
#include <openssl/ecdsa.h>
|
||||
#endif
|
||||
#include <openssl/rand.h>
|
||||
#include <openssl/store.h>
|
||||
#include <openssl/ui.h>
|
||||
#include <openssl/err.h>
|
||||
#endif
|
||||
|
@ -96,6 +95,8 @@
|
|||
#include <openssl/ossl_typ.h>
|
||||
#include <openssl/symhacks.h>
|
||||
|
||||
#include <openssl/x509.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
@ -111,6 +112,8 @@ extern "C" {
|
|||
#define ENGINE_METHOD_CIPHERS (unsigned int)0x0040
|
||||
#define ENGINE_METHOD_DIGESTS (unsigned int)0x0080
|
||||
#define ENGINE_METHOD_STORE (unsigned int)0x0100
|
||||
#define ENGINE_METHOD_PKEY_METHS (unsigned int)0x0200
|
||||
#define ENGINE_METHOD_PKEY_ASN1_METHS (unsigned int)0x0400
|
||||
/* Obvious all-or-nothing cases. */
|
||||
#define ENGINE_METHOD_ALL (unsigned int)0xFFFF
|
||||
#define ENGINE_METHOD_NONE (unsigned int)0x0000
|
||||
|
@ -138,6 +141,13 @@ extern "C" {
|
|||
* the existing ENGINE's structural reference count. */
|
||||
#define ENGINE_FLAGS_BY_ID_COPY (int)0x0004
|
||||
|
||||
/* This flag if for an ENGINE that does not want its methods registered as
|
||||
* part of ENGINE_register_all_complete() for example if the methods are
|
||||
* not usable as default methods.
|
||||
*/
|
||||
|
||||
#define ENGINE_FLAGS_NO_REGISTER_ALL (int)0x0008
|
||||
|
||||
/* ENGINEs can support their own command types, and these flags are used in
|
||||
* ENGINE_CTRL_GET_CMD_FLAGS to indicate to the caller what kind of input each
|
||||
* command expects. Currently only numeric and string input is supported. If a
|
||||
|
@ -278,6 +288,9 @@ typedef int (*ENGINE_CTRL_FUNC_PTR)(ENGINE *, int, long, void *, void (*f)(void)
|
|||
/* Generic load_key function pointer */
|
||||
typedef EVP_PKEY * (*ENGINE_LOAD_KEY_PTR)(ENGINE *, const char *,
|
||||
UI_METHOD *ui_method, void *callback_data);
|
||||
typedef int (*ENGINE_SSL_CLIENT_CERT_PTR)(ENGINE *, SSL *ssl,
|
||||
STACK_OF(X509_NAME) *ca_dn, X509 **pcert, EVP_PKEY **pkey,
|
||||
STACK_OF(X509) **pother, UI_METHOD *ui_method, void *callback_data);
|
||||
/* These callback types are for an ENGINE's handler for cipher and digest logic.
|
||||
* These handlers have these prototypes;
|
||||
* int foo(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid);
|
||||
|
@ -292,7 +305,8 @@ typedef EVP_PKEY * (*ENGINE_LOAD_KEY_PTR)(ENGINE *, const char *,
|
|||
* parameter is non-NULL it is set to the size of the returned array. */
|
||||
typedef int (*ENGINE_CIPHERS_PTR)(ENGINE *, const EVP_CIPHER **, const int **, int);
|
||||
typedef int (*ENGINE_DIGESTS_PTR)(ENGINE *, const EVP_MD **, const int **, int);
|
||||
|
||||
typedef int (*ENGINE_PKEY_METHS_PTR)(ENGINE *, EVP_PKEY_METHOD **, const int **, int);
|
||||
typedef int (*ENGINE_PKEY_ASN1_METHS_PTR)(ENGINE *, EVP_PKEY_ASN1_METHOD **, const int **, int);
|
||||
/* STRUCTURE functions ... all of these functions deal with pointers to ENGINE
|
||||
* structures where the pointers have a "structural reference". This means that
|
||||
* their reference is to allowed access to the structure but it does not imply
|
||||
|
@ -324,15 +338,21 @@ void ENGINE_load_aep(void);
|
|||
void ENGINE_load_atalla(void);
|
||||
void ENGINE_load_chil(void);
|
||||
void ENGINE_load_cswift(void);
|
||||
#ifndef OPENSSL_NO_GMP
|
||||
void ENGINE_load_gmp(void);
|
||||
#endif
|
||||
void ENGINE_load_nuron(void);
|
||||
void ENGINE_load_sureware(void);
|
||||
void ENGINE_load_ubsec(void);
|
||||
void ENGINE_load_padlock(void);
|
||||
void ENGINE_load_capi(void);
|
||||
#ifndef OPENSSL_NO_GMP
|
||||
void ENGINE_load_gmp(void);
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_GOST
|
||||
void ENGINE_load_gost(void);
|
||||
#endif
|
||||
#endif
|
||||
void ENGINE_load_cryptodev(void);
|
||||
void ENGINE_load_padlock(void);
|
||||
void ENGINE_load_rsax(void);
|
||||
void ENGINE_load_rdrand(void);
|
||||
void ENGINE_load_builtin_engines(void);
|
||||
|
||||
/* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation
|
||||
|
@ -384,6 +404,14 @@ int ENGINE_register_digests(ENGINE *e);
|
|||
void ENGINE_unregister_digests(ENGINE *e);
|
||||
void ENGINE_register_all_digests(void);
|
||||
|
||||
int ENGINE_register_pkey_meths(ENGINE *e);
|
||||
void ENGINE_unregister_pkey_meths(ENGINE *e);
|
||||
void ENGINE_register_all_pkey_meths(void);
|
||||
|
||||
int ENGINE_register_pkey_asn1_meths(ENGINE *e);
|
||||
void ENGINE_unregister_pkey_asn1_meths(ENGINE *e);
|
||||
void ENGINE_register_all_pkey_asn1_meths(void);
|
||||
|
||||
/* These functions register all support from the above categories. Note, use of
|
||||
* these functions can result in static linkage of code your application may not
|
||||
* need. If you only need a subset of functionality, consider using more
|
||||
|
@ -459,8 +487,12 @@ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
|
|||
int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
|
||||
int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
|
||||
int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
|
||||
int ENGINE_set_load_ssl_client_cert_function(ENGINE *e,
|
||||
ENGINE_SSL_CLIENT_CERT_PTR loadssl_f);
|
||||
int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
|
||||
int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
|
||||
int ENGINE_set_pkey_meths(ENGINE *e, ENGINE_PKEY_METHS_PTR f);
|
||||
int ENGINE_set_pkey_asn1_meths(ENGINE *e, ENGINE_PKEY_ASN1_METHS_PTR f);
|
||||
int ENGINE_set_flags(ENGINE *e, int flags);
|
||||
int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
|
||||
/* These functions allow control over any per-structure ENGINE data. */
|
||||
|
@ -494,10 +526,19 @@ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
|
|||
ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
|
||||
ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
|
||||
ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
|
||||
ENGINE_SSL_CLIENT_CERT_PTR ENGINE_get_ssl_client_cert_function(const ENGINE *e);
|
||||
ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
|
||||
ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
|
||||
ENGINE_PKEY_METHS_PTR ENGINE_get_pkey_meths(const ENGINE *e);
|
||||
ENGINE_PKEY_ASN1_METHS_PTR ENGINE_get_pkey_asn1_meths(const ENGINE *e);
|
||||
const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
|
||||
const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
|
||||
const EVP_PKEY_METHOD *ENGINE_get_pkey_meth(ENGINE *e, int nid);
|
||||
const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth(ENGINE *e, int nid);
|
||||
const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth_str(ENGINE *e,
|
||||
const char *str, int len);
|
||||
const EVP_PKEY_ASN1_METHOD *ENGINE_pkey_asn1_find_str(ENGINE **pe,
|
||||
const char *str, int len);
|
||||
const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
|
||||
int ENGINE_get_flags(const ENGINE *e);
|
||||
|
||||
|
@ -529,6 +570,10 @@ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
|
|||
UI_METHOD *ui_method, void *callback_data);
|
||||
EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
|
||||
UI_METHOD *ui_method, void *callback_data);
|
||||
int ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s,
|
||||
STACK_OF(X509_NAME) *ca_dn, X509 **pcert, EVP_PKEY **ppkey,
|
||||
STACK_OF(X509) **pother,
|
||||
UI_METHOD *ui_method, void *callback_data);
|
||||
|
||||
/* This returns a pointer for the current ENGINE structure that
|
||||
* is (by default) performing any RSA operations. The value returned
|
||||
|
@ -545,6 +590,8 @@ ENGINE *ENGINE_get_default_RAND(void);
|
|||
* ciphering or digesting corresponding to "nid". */
|
||||
ENGINE *ENGINE_get_cipher_engine(int nid);
|
||||
ENGINE *ENGINE_get_digest_engine(int nid);
|
||||
ENGINE *ENGINE_get_pkey_meth_engine(int nid);
|
||||
ENGINE *ENGINE_get_pkey_asn1_meth_engine(int nid);
|
||||
|
||||
/* This sets a new default ENGINE structure for performing RSA
|
||||
* operations. If the result is non-zero (success) then the ENGINE
|
||||
|
@ -560,6 +607,8 @@ int ENGINE_set_default_DH(ENGINE *e);
|
|||
int ENGINE_set_default_RAND(ENGINE *e);
|
||||
int ENGINE_set_default_ciphers(ENGINE *e);
|
||||
int ENGINE_set_default_digests(ENGINE *e);
|
||||
int ENGINE_set_default_pkey_meths(ENGINE *e);
|
||||
int ENGINE_set_default_pkey_asn1_meths(ENGINE *e);
|
||||
|
||||
/* The combination "set" - the flags are bitwise "OR"d from the
|
||||
* ENGINE_METHOD_*** defines above. As with the "ENGINE_register_complete()"
|
||||
|
@ -637,6 +686,7 @@ typedef struct st_dynamic_fns {
|
|||
* can be fully instantiated with IMPLEMENT_DYNAMIC_CHECK_FN(). */
|
||||
typedef unsigned long (*dynamic_v_check_fn)(unsigned long ossl_version);
|
||||
#define IMPLEMENT_DYNAMIC_CHECK_FN() \
|
||||
OPENSSL_EXPORT unsigned long v_check(unsigned long v); \
|
||||
OPENSSL_EXPORT unsigned long v_check(unsigned long v) { \
|
||||
if(v >= OSSL_DYNAMIC_OLDEST) return OSSL_DYNAMIC_VERSION; \
|
||||
return 0; }
|
||||
|
@ -659,6 +709,8 @@ typedef unsigned long (*dynamic_v_check_fn)(unsigned long ossl_version);
|
|||
typedef int (*dynamic_bind_engine)(ENGINE *e, const char *id,
|
||||
const dynamic_fns *fns);
|
||||
#define IMPLEMENT_DYNAMIC_BIND_FN(fn) \
|
||||
OPENSSL_EXPORT \
|
||||
int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns); \
|
||||
OPENSSL_EXPORT \
|
||||
int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \
|
||||
if(ENGINE_get_static_state() == fns->static_state) goto skip_cbs; \
|
||||
|
@ -688,7 +740,7 @@ typedef int (*dynamic_bind_engine)(ENGINE *e, const char *id,
|
|||
* values. */
|
||||
void *ENGINE_get_static_state(void);
|
||||
|
||||
#if defined(__OpenBSD__) || defined(__FreeBSD__)
|
||||
#if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)
|
||||
void ENGINE_setup_bsd_cryptodev(void);
|
||||
#endif
|
||||
|
||||
|
@ -717,12 +769,15 @@ void ERR_load_ENGINE_strings(void);
|
|||
#define ENGINE_F_ENGINE_GET_DEFAULT_TYPE 177
|
||||
#define ENGINE_F_ENGINE_GET_DIGEST 186
|
||||
#define ENGINE_F_ENGINE_GET_NEXT 115
|
||||
#define ENGINE_F_ENGINE_GET_PKEY_ASN1_METH 193
|
||||
#define ENGINE_F_ENGINE_GET_PKEY_METH 192
|
||||
#define ENGINE_F_ENGINE_GET_PREV 116
|
||||
#define ENGINE_F_ENGINE_INIT 119
|
||||
#define ENGINE_F_ENGINE_LIST_ADD 120
|
||||
#define ENGINE_F_ENGINE_LIST_REMOVE 121
|
||||
#define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY 150
|
||||
#define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY 151
|
||||
#define ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT 194
|
||||
#define ENGINE_F_ENGINE_NEW 122
|
||||
#define ENGINE_F_ENGINE_REMOVE 123
|
||||
#define ENGINE_F_ENGINE_SET_DEFAULT_STRING 189
|
||||
|
@ -751,6 +806,7 @@ void ERR_load_ENGINE_strings(void);
|
|||
#define ENGINE_R_DSO_FAILURE 104
|
||||
#define ENGINE_R_DSO_NOT_FOUND 132
|
||||
#define ENGINE_R_ENGINES_SECTION_ERROR 148
|
||||
#define ENGINE_R_ENGINE_CONFIGURATION_ERROR 102
|
||||
#define ENGINE_R_ENGINE_IS_NOT_IN_LIST 105
|
||||
#define ENGINE_R_ENGINE_SECTION_ERROR 149
|
||||
#define ENGINE_R_FAILED_LOADING_PRIVATE_KEY 128
|
||||
|
@ -777,6 +833,7 @@ void ERR_load_ENGINE_strings(void);
|
|||
#define ENGINE_R_RSA_NOT_IMPLEMENTED 141
|
||||
#define ENGINE_R_UNIMPLEMENTED_CIPHER 146
|
||||
#define ENGINE_R_UNIMPLEMENTED_DIGEST 147
|
||||
#define ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD 101
|
||||
#define ENGINE_R_VERSION_INCOMPATIBILITY 145
|
||||
|
||||
#ifdef __cplusplus
|
||||
|
|
|
@ -55,6 +55,59 @@
|
|||
* copied and put under another distribution licence
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* openssl-core@openssl.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*
|
||||
* This product includes cryptographic software written by Eric Young
|
||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||
* Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
*/
|
||||
|
||||
#ifndef HEADER_ERR_H
|
||||
#define HEADER_ERR_H
|
||||
|
@ -94,7 +147,7 @@ extern "C" {
|
|||
#define ERR_NUM_ERRORS 16
|
||||
typedef struct err_state_st
|
||||
{
|
||||
unsigned long pid;
|
||||
CRYPTO_THREADID tid;
|
||||
int err_flags[ERR_NUM_ERRORS];
|
||||
unsigned long err_buffer[ERR_NUM_ERRORS];
|
||||
char *err_data[ERR_NUM_ERRORS];
|
||||
|
@ -140,7 +193,11 @@ typedef struct err_state_st
|
|||
#define ERR_LIB_ECDSA 42
|
||||
#define ERR_LIB_ECDH 43
|
||||
#define ERR_LIB_STORE 44
|
||||
#define ERR_LIB_CMS 45
|
||||
#define ERR_LIB_FIPS 45
|
||||
#define ERR_LIB_CMS 46
|
||||
#define ERR_LIB_TS 47
|
||||
#define ERR_LIB_HMAC 48
|
||||
#define ERR_LIB_JPAKE 49
|
||||
|
||||
#define ERR_LIB_USER 128
|
||||
|
||||
|
@ -172,7 +229,11 @@ typedef struct err_state_st
|
|||
#define ECDSAerr(f,r) ERR_PUT_error(ERR_LIB_ECDSA,(f),(r),__FILE__,__LINE__)
|
||||
#define ECDHerr(f,r) ERR_PUT_error(ERR_LIB_ECDH,(f),(r),__FILE__,__LINE__)
|
||||
#define STOREerr(f,r) ERR_PUT_error(ERR_LIB_STORE,(f),(r),__FILE__,__LINE__)
|
||||
#define FIPSerr(f,r) ERR_PUT_error(ERR_LIB_FIPS,(f),(r),__FILE__,__LINE__)
|
||||
#define CMSerr(f,r) ERR_PUT_error(ERR_LIB_CMS,(f),(r),__FILE__,__LINE__)
|
||||
#define TSerr(f,r) ERR_PUT_error(ERR_LIB_TS,(f),(r),__FILE__,__LINE__)
|
||||
#define HMACerr(f,r) ERR_PUT_error(ERR_LIB_HMAC,(f),(r),__FILE__,__LINE__)
|
||||
#define JPAKEerr(f,r) ERR_PUT_error(ERR_LIB_JPAKE,(f),(r),__FILE__,__LINE__)
|
||||
|
||||
/* Borland C seems too stupid to be able to shift and do longs in
|
||||
* the pre-processor :-( */
|
||||
|
@ -228,6 +289,7 @@ typedef struct err_state_st
|
|||
#define ERR_R_ECDSA_LIB ERR_LIB_ECDSA /* 42 */
|
||||
#define ERR_R_ECDH_LIB ERR_LIB_ECDH /* 43 */
|
||||
#define ERR_R_STORE_LIB ERR_LIB_STORE /* 44 */
|
||||
#define ERR_R_TS_LIB ERR_LIB_TS /* 45 */
|
||||
|
||||
#define ERR_R_NESTED_ASN1_ERROR 58
|
||||
#define ERR_R_BAD_ASN1_OBJECT_HEADER 59
|
||||
|
@ -282,21 +344,25 @@ void ERR_print_errors_fp(FILE *fp);
|
|||
#endif
|
||||
#ifndef OPENSSL_NO_BIO
|
||||
void ERR_print_errors(BIO *bp);
|
||||
void ERR_add_error_data(int num, ...);
|
||||
#endif
|
||||
void ERR_add_error_data(int num, ...);
|
||||
void ERR_add_error_vdata(int num, va_list args);
|
||||
void ERR_load_strings(int lib,ERR_STRING_DATA str[]);
|
||||
void ERR_unload_strings(int lib,ERR_STRING_DATA str[]);
|
||||
void ERR_load_ERR_strings(void);
|
||||
void ERR_load_crypto_strings(void);
|
||||
void ERR_free_strings(void);
|
||||
|
||||
void ERR_remove_thread_state(const CRYPTO_THREADID *tid);
|
||||
#ifndef OPENSSL_NO_DEPRECATED
|
||||
void ERR_remove_state(unsigned long pid); /* if zero we look it up */
|
||||
#endif
|
||||
ERR_STATE *ERR_get_state(void);
|
||||
|
||||
#ifndef OPENSSL_NO_LHASH
|
||||
LHASH *ERR_get_string_table(void);
|
||||
LHASH *ERR_get_err_state_table(void);
|
||||
void ERR_release_err_state_table(LHASH **hash);
|
||||
LHASH_OF(ERR_STRING_DATA) *ERR_get_string_table(void);
|
||||
LHASH_OF(ERR_STATE) *ERR_get_err_state_table(void);
|
||||
void ERR_release_err_state_table(LHASH_OF(ERR_STATE) **hash);
|
||||
#endif
|
||||
|
||||
int ERR_get_next_error_library(void);
|
||||
|
|
|
@ -83,7 +83,7 @@
|
|||
#define EVP_RC5_32_12_16_KEY_SIZE 16
|
||||
*/
|
||||
#define EVP_MAX_MD_SIZE 64 /* longest known is SHA512 */
|
||||
#define EVP_MAX_KEY_LENGTH 32
|
||||
#define EVP_MAX_KEY_LENGTH 64
|
||||
#define EVP_MAX_IV_LENGTH 16
|
||||
#define EVP_MAX_BLOCK_LENGTH 32
|
||||
|
||||
|
@ -115,6 +115,8 @@
|
|||
#define EVP_PKEY_DSA4 NID_dsaWithSHA1_2
|
||||
#define EVP_PKEY_DH NID_dhKeyAgreement
|
||||
#define EVP_PKEY_EC NID_X9_62_id_ecPublicKey
|
||||
#define EVP_PKEY_HMAC NID_hmac
|
||||
#define EVP_PKEY_CMAC NID_cmac
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
|
@ -128,6 +130,8 @@ struct evp_pkey_st
|
|||
int type;
|
||||
int save_type;
|
||||
int references;
|
||||
const EVP_PKEY_ASN1_METHOD *ameth;
|
||||
ENGINE *engine;
|
||||
union {
|
||||
char *ptr;
|
||||
#ifndef OPENSSL_NO_RSA
|
||||
|
@ -152,73 +156,6 @@ struct evp_pkey_st
|
|||
#define EVP_PKEY_MO_ENCRYPT 0x0004
|
||||
#define EVP_PKEY_MO_DECRYPT 0x0008
|
||||
|
||||
#if 0
|
||||
/* This structure is required to tie the message digest and signing together.
|
||||
* The lookup can be done by md/pkey_method, oid, oid/pkey_method, or
|
||||
* oid, md and pkey.
|
||||
* This is required because for various smart-card perform the digest and
|
||||
* signing/verification on-board. To handle this case, the specific
|
||||
* EVP_MD and EVP_PKEY_METHODs need to be closely associated.
|
||||
* When a PKEY is created, it will have a EVP_PKEY_METHOD associated with it.
|
||||
* This can either be software or a token to provide the required low level
|
||||
* routines.
|
||||
*/
|
||||
typedef struct evp_pkey_md_st
|
||||
{
|
||||
int oid;
|
||||
EVP_MD *md;
|
||||
EVP_PKEY_METHOD *pkey;
|
||||
} EVP_PKEY_MD;
|
||||
|
||||
#define EVP_rsa_md2() \
|
||||
EVP_PKEY_MD_add(NID_md2WithRSAEncryption,\
|
||||
EVP_rsa_pkcs1(),EVP_md2())
|
||||
#define EVP_rsa_md5() \
|
||||
EVP_PKEY_MD_add(NID_md5WithRSAEncryption,\
|
||||
EVP_rsa_pkcs1(),EVP_md5())
|
||||
#define EVP_rsa_sha0() \
|
||||
EVP_PKEY_MD_add(NID_shaWithRSAEncryption,\
|
||||
EVP_rsa_pkcs1(),EVP_sha())
|
||||
#define EVP_rsa_sha1() \
|
||||
EVP_PKEY_MD_add(NID_sha1WithRSAEncryption,\
|
||||
EVP_rsa_pkcs1(),EVP_sha1())
|
||||
#define EVP_rsa_ripemd160() \
|
||||
EVP_PKEY_MD_add(NID_ripemd160WithRSA,\
|
||||
EVP_rsa_pkcs1(),EVP_ripemd160())
|
||||
#define EVP_rsa_mdc2() \
|
||||
EVP_PKEY_MD_add(NID_mdc2WithRSA,\
|
||||
EVP_rsa_octet_string(),EVP_mdc2())
|
||||
#define EVP_dsa_sha() \
|
||||
EVP_PKEY_MD_add(NID_dsaWithSHA,\
|
||||
EVP_dsa(),EVP_sha())
|
||||
#define EVP_dsa_sha1() \
|
||||
EVP_PKEY_MD_add(NID_dsaWithSHA1,\
|
||||
EVP_dsa(),EVP_sha1())
|
||||
|
||||
typedef struct evp_pkey_method_st
|
||||
{
|
||||
char *name;
|
||||
int flags;
|
||||
int type; /* RSA, DSA, an SSLeay specific constant */
|
||||
int oid; /* For the pub-key type */
|
||||
int encrypt_oid; /* pub/priv key encryption */
|
||||
|
||||
int (*sign)();
|
||||
int (*verify)();
|
||||
struct {
|
||||
int (*set)(); /* get and/or set the underlying type */
|
||||
int (*get)();
|
||||
int (*encrypt)();
|
||||
int (*decrypt)();
|
||||
int (*i2d)();
|
||||
int (*d2i)();
|
||||
int (*dup)();
|
||||
} pub,priv;
|
||||
int (*set_asn1_parameters)();
|
||||
int (*get_asn1_parameters)();
|
||||
} EVP_PKEY_METHOD;
|
||||
#endif
|
||||
|
||||
#ifndef EVP_MD
|
||||
struct env_md_st
|
||||
{
|
||||
|
@ -241,6 +178,8 @@ struct env_md_st
|
|||
int required_pkey_type[5]; /*EVP_PKEY_xxx */
|
||||
int block_size;
|
||||
int ctx_size; /* how big does the ctx->md_data need to be */
|
||||
/* control function */
|
||||
int (*md_ctrl)(EVP_MD_CTX *ctx, int cmd, int p1, void *p2);
|
||||
} /* EVP_MD */;
|
||||
|
||||
typedef int evp_sign_method(int type,const unsigned char *m,
|
||||
|
@ -253,6 +192,42 @@ typedef int evp_verify_method(int type,const unsigned char *m,
|
|||
#define EVP_MD_FLAG_ONESHOT 0x0001 /* digest can only handle a single
|
||||
* block */
|
||||
|
||||
#define EVP_MD_FLAG_PKEY_DIGEST 0x0002 /* digest is a "clone" digest used
|
||||
* which is a copy of an existing
|
||||
* one for a specific public key type.
|
||||
* EVP_dss1() etc */
|
||||
|
||||
/* Digest uses EVP_PKEY_METHOD for signing instead of MD specific signing */
|
||||
|
||||
#define EVP_MD_FLAG_PKEY_METHOD_SIGNATURE 0x0004
|
||||
|
||||
/* DigestAlgorithmIdentifier flags... */
|
||||
|
||||
#define EVP_MD_FLAG_DIGALGID_MASK 0x0018
|
||||
|
||||
/* NULL or absent parameter accepted. Use NULL */
|
||||
|
||||
#define EVP_MD_FLAG_DIGALGID_NULL 0x0000
|
||||
|
||||
/* NULL or absent parameter accepted. Use NULL for PKCS#1 otherwise absent */
|
||||
|
||||
#define EVP_MD_FLAG_DIGALGID_ABSENT 0x0008
|
||||
|
||||
/* Custom handling via ctrl */
|
||||
|
||||
#define EVP_MD_FLAG_DIGALGID_CUSTOM 0x0018
|
||||
|
||||
#define EVP_MD_FLAG_FIPS 0x0400 /* Note if suitable for use in FIPS mode */
|
||||
|
||||
/* Digest ctrls */
|
||||
|
||||
#define EVP_MD_CTRL_DIGALGID 0x1
|
||||
#define EVP_MD_CTRL_MICALG 0x2
|
||||
|
||||
/* Minimum Algorithm specific ctrl value */
|
||||
|
||||
#define EVP_MD_CTRL_ALG_CTRL 0x1000
|
||||
|
||||
#define EVP_PKEY_NULL_method NULL,NULL,{0,0,0,0}
|
||||
|
||||
#ifndef OPENSSL_NO_DSA
|
||||
|
@ -293,6 +268,10 @@ struct env_md_ctx_st
|
|||
ENGINE *engine; /* functional reference if 'digest' is ENGINE-provided */
|
||||
unsigned long flags;
|
||||
void *md_data;
|
||||
/* Public key context for sign/verify */
|
||||
EVP_PKEY_CTX *pctx;
|
||||
/* Update function: usually copied from EVP_MD */
|
||||
int (*update)(EVP_MD_CTX *ctx,const void *data,size_t count);
|
||||
} /* EVP_MD_CTX */;
|
||||
|
||||
/* values for EVP_MD_CTX flags */
|
||||
|
@ -303,6 +282,23 @@ struct env_md_ctx_st
|
|||
* cleaned */
|
||||
#define EVP_MD_CTX_FLAG_REUSE 0x0004 /* Don't free up ctx->md_data
|
||||
* in EVP_MD_CTX_cleanup */
|
||||
/* FIPS and pad options are ignored in 1.0.0, definitions are here
|
||||
* so we don't accidentally reuse the values for other purposes.
|
||||
*/
|
||||
|
||||
#define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW 0x0008 /* Allow use of non FIPS digest
|
||||
* in FIPS mode */
|
||||
|
||||
/* The following PAD options are also currently ignored in 1.0.0, digest
|
||||
* parameters are handled through EVP_DigestSign*() and EVP_DigestVerify*()
|
||||
* instead.
|
||||
*/
|
||||
#define EVP_MD_CTX_FLAG_PAD_MASK 0xF0 /* RSA mode to use */
|
||||
#define EVP_MD_CTX_FLAG_PAD_PKCS1 0x00 /* PKCS#1 v1.5 mode */
|
||||
#define EVP_MD_CTX_FLAG_PAD_X931 0x10 /* X9.31 mode */
|
||||
#define EVP_MD_CTX_FLAG_PAD_PSS 0x20 /* PSS mode */
|
||||
|
||||
#define EVP_MD_CTX_FLAG_NO_INIT 0x0100 /* Don't initialize md_data */
|
||||
|
||||
struct evp_cipher_st
|
||||
{
|
||||
|
@ -314,7 +310,7 @@ struct evp_cipher_st
|
|||
int (*init)(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
||||
const unsigned char *iv, int enc); /* init key */
|
||||
int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
const unsigned char *in, unsigned int inl);/* encrypt/decrypt data */
|
||||
const unsigned char *in, size_t inl);/* encrypt/decrypt data */
|
||||
int (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */
|
||||
int ctx_size; /* how big ctx->cipher_data needs to be */
|
||||
int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Populate a ASN1_TYPE with parameters */
|
||||
|
@ -332,7 +328,11 @@ struct evp_cipher_st
|
|||
#define EVP_CIPH_CBC_MODE 0x2
|
||||
#define EVP_CIPH_CFB_MODE 0x3
|
||||
#define EVP_CIPH_OFB_MODE 0x4
|
||||
#define EVP_CIPH_MODE 0x7
|
||||
#define EVP_CIPH_CTR_MODE 0x5
|
||||
#define EVP_CIPH_GCM_MODE 0x6
|
||||
#define EVP_CIPH_CCM_MODE 0x7
|
||||
#define EVP_CIPH_XTS_MODE 0x10001
|
||||
#define EVP_CIPH_MODE 0xF0007
|
||||
/* Set if variable length cipher */
|
||||
#define EVP_CIPH_VARIABLE_LENGTH 0x8
|
||||
/* Set if the iv handling should be done by the cipher itself */
|
||||
|
@ -347,6 +347,21 @@ struct evp_cipher_st
|
|||
#define EVP_CIPH_NO_PADDING 0x100
|
||||
/* cipher handles random key generation */
|
||||
#define EVP_CIPH_RAND_KEY 0x200
|
||||
/* cipher has its own additional copying logic */
|
||||
#define EVP_CIPH_CUSTOM_COPY 0x400
|
||||
/* Allow use default ASN1 get/set iv */
|
||||
#define EVP_CIPH_FLAG_DEFAULT_ASN1 0x1000
|
||||
/* Buffer length in bits not bytes: CFB1 mode only */
|
||||
#define EVP_CIPH_FLAG_LENGTH_BITS 0x2000
|
||||
/* Note if suitable for use in FIPS mode */
|
||||
#define EVP_CIPH_FLAG_FIPS 0x4000
|
||||
/* Allow non FIPS cipher in FIPS mode */
|
||||
#define EVP_CIPH_FLAG_NON_FIPS_ALLOW 0x8000
|
||||
/* Cipher handles any and all padding logic as well
|
||||
* as finalisation.
|
||||
*/
|
||||
#define EVP_CIPH_FLAG_CUSTOM_CIPHER 0x100000
|
||||
#define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000
|
||||
|
||||
/* ctrl() values */
|
||||
|
||||
|
@ -357,6 +372,35 @@ struct evp_cipher_st
|
|||
#define EVP_CTRL_GET_RC5_ROUNDS 0x4
|
||||
#define EVP_CTRL_SET_RC5_ROUNDS 0x5
|
||||
#define EVP_CTRL_RAND_KEY 0x6
|
||||
#define EVP_CTRL_PBE_PRF_NID 0x7
|
||||
#define EVP_CTRL_COPY 0x8
|
||||
#define EVP_CTRL_GCM_SET_IVLEN 0x9
|
||||
#define EVP_CTRL_GCM_GET_TAG 0x10
|
||||
#define EVP_CTRL_GCM_SET_TAG 0x11
|
||||
#define EVP_CTRL_GCM_SET_IV_FIXED 0x12
|
||||
#define EVP_CTRL_GCM_IV_GEN 0x13
|
||||
#define EVP_CTRL_CCM_SET_IVLEN EVP_CTRL_GCM_SET_IVLEN
|
||||
#define EVP_CTRL_CCM_GET_TAG EVP_CTRL_GCM_GET_TAG
|
||||
#define EVP_CTRL_CCM_SET_TAG EVP_CTRL_GCM_SET_TAG
|
||||
#define EVP_CTRL_CCM_SET_L 0x14
|
||||
#define EVP_CTRL_CCM_SET_MSGLEN 0x15
|
||||
/* AEAD cipher deduces payload length and returns number of bytes
|
||||
* required to store MAC and eventual padding. Subsequent call to
|
||||
* EVP_Cipher even appends/verifies MAC.
|
||||
*/
|
||||
#define EVP_CTRL_AEAD_TLS1_AAD 0x16
|
||||
/* Used by composite AEAD ciphers, no-op in GCM, CCM... */
|
||||
#define EVP_CTRL_AEAD_SET_MAC_KEY 0x17
|
||||
/* Set the GCM invocation field, decrypt only */
|
||||
#define EVP_CTRL_GCM_SET_IV_INV 0x18
|
||||
|
||||
/* GCM TLS constants */
|
||||
/* Length of fixed part of IV derived from PRF */
|
||||
#define EVP_GCM_TLS_FIXED_IV_LEN 4
|
||||
/* Length of explicit part of IV part of TLS records */
|
||||
#define EVP_GCM_TLS_EXPLICIT_IV_LEN 8
|
||||
/* Length of tag for TLS */
|
||||
#define EVP_GCM_TLS_TAG_LEN 16
|
||||
|
||||
typedef struct evp_cipher_info_st
|
||||
{
|
||||
|
@ -374,7 +418,7 @@ struct evp_cipher_ctx_st
|
|||
unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */
|
||||
unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */
|
||||
unsigned char buf[EVP_MAX_BLOCK_LENGTH];/* saved partial block */
|
||||
int num; /* used by cfb/ofb mode */
|
||||
int num; /* used by cfb/ofb/ctr mode */
|
||||
|
||||
void *app_data; /* application stuff */
|
||||
int key_len; /* May change for variable length cipher */
|
||||
|
@ -435,8 +479,9 @@ int EVP_MD_type(const EVP_MD *md);
|
|||
int EVP_MD_pkey_type(const EVP_MD *md);
|
||||
int EVP_MD_size(const EVP_MD *md);
|
||||
int EVP_MD_block_size(const EVP_MD *md);
|
||||
unsigned long EVP_MD_flags(const EVP_MD *md);
|
||||
|
||||
const EVP_MD * EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
|
||||
const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
|
||||
#define EVP_MD_CTX_size(e) EVP_MD_size(EVP_MD_CTX_md(e))
|
||||
#define EVP_MD_CTX_block_size(e) EVP_MD_block_size(EVP_MD_CTX_md(e))
|
||||
#define EVP_MD_CTX_type(e) EVP_MD_type(EVP_MD_CTX_md(e))
|
||||
|
@ -454,6 +499,7 @@ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
|
|||
int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
|
||||
int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
|
||||
int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
|
||||
int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in);
|
||||
void * EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
|
||||
void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data);
|
||||
#define EVP_CIPHER_CTX_type(c) EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c))
|
||||
|
@ -471,6 +517,8 @@ unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx);
|
|||
#define EVP_VerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
|
||||
#define EVP_OpenUpdate(a,b,c,d,e) EVP_DecryptUpdate(a,b,c,d,e)
|
||||
#define EVP_SealUpdate(a,b,c,d,e) EVP_EncryptUpdate(a,b,c,d,e)
|
||||
#define EVP_DigestSignUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
|
||||
#define EVP_DigestVerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
|
||||
|
||||
#ifdef CONST_STRICT
|
||||
void BIO_set_md(BIO *,const EVP_MD *md);
|
||||
|
@ -517,6 +565,7 @@ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
|
|||
int EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s);
|
||||
|
||||
int EVP_read_pw_string(char *buf,int length,const char *prompt,int verify);
|
||||
int EVP_read_pw_string_min(char *buf,int minlen,int maxlen,const char *prompt,int verify);
|
||||
void EVP_set_pw_prompt(const char *prompt);
|
||||
char * EVP_get_pw_prompt(void);
|
||||
|
||||
|
@ -524,6 +573,10 @@ int EVP_BytesToKey(const EVP_CIPHER *type,const EVP_MD *md,
|
|||
const unsigned char *salt, const unsigned char *data,
|
||||
int datal, int count, unsigned char *key,unsigned char *iv);
|
||||
|
||||
void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags);
|
||||
void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags);
|
||||
int EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx,int flags);
|
||||
|
||||
int EVP_EncryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher,
|
||||
const unsigned char *key, const unsigned char *iv);
|
||||
int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
|
||||
|
@ -559,6 +612,16 @@ int EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s,
|
|||
int EVP_VerifyFinal(EVP_MD_CTX *ctx,const unsigned char *sigbuf,
|
||||
unsigned int siglen,EVP_PKEY *pkey);
|
||||
|
||||
int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
|
||||
const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
|
||||
int EVP_DigestSignFinal(EVP_MD_CTX *ctx,
|
||||
unsigned char *sigret, size_t *siglen);
|
||||
|
||||
int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
|
||||
const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
|
||||
int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx,
|
||||
unsigned char *sig, size_t siglen);
|
||||
|
||||
int EVP_OpenInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type,
|
||||
const unsigned char *ek, int ekl, const unsigned char *iv,
|
||||
EVP_PKEY *priv);
|
||||
|
@ -631,6 +694,9 @@ const EVP_MD *EVP_mdc2(void);
|
|||
#ifndef OPENSSL_NO_RIPEMD
|
||||
const EVP_MD *EVP_ripemd160(void);
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_WHIRLPOOL
|
||||
const EVP_MD *EVP_whirlpool(void);
|
||||
#endif
|
||||
const EVP_CIPHER *EVP_enc_null(void); /* does nothing :-) */
|
||||
#ifndef OPENSSL_NO_DES
|
||||
const EVP_CIPHER *EVP_des_ecb(void);
|
||||
|
@ -672,6 +738,9 @@ const EVP_MD *EVP_dev_crypto_md5(void);
|
|||
#ifndef OPENSSL_NO_RC4
|
||||
const EVP_CIPHER *EVP_rc4(void);
|
||||
const EVP_CIPHER *EVP_rc4_40(void);
|
||||
#ifndef OPENSSL_NO_MD5
|
||||
const EVP_CIPHER *EVP_rc4_hmac_md5(void);
|
||||
#endif
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_IDEA
|
||||
const EVP_CIPHER *EVP_idea_ecb(void);
|
||||
|
@ -718,9 +787,10 @@ const EVP_CIPHER *EVP_aes_128_cfb8(void);
|
|||
const EVP_CIPHER *EVP_aes_128_cfb128(void);
|
||||
# define EVP_aes_128_cfb EVP_aes_128_cfb128
|
||||
const EVP_CIPHER *EVP_aes_128_ofb(void);
|
||||
#if 0
|
||||
const EVP_CIPHER *EVP_aes_128_ctr(void);
|
||||
#endif
|
||||
const EVP_CIPHER *EVP_aes_128_ccm(void);
|
||||
const EVP_CIPHER *EVP_aes_128_gcm(void);
|
||||
const EVP_CIPHER *EVP_aes_128_xts(void);
|
||||
const EVP_CIPHER *EVP_aes_192_ecb(void);
|
||||
const EVP_CIPHER *EVP_aes_192_cbc(void);
|
||||
const EVP_CIPHER *EVP_aes_192_cfb1(void);
|
||||
|
@ -728,9 +798,9 @@ const EVP_CIPHER *EVP_aes_192_cfb8(void);
|
|||
const EVP_CIPHER *EVP_aes_192_cfb128(void);
|
||||
# define EVP_aes_192_cfb EVP_aes_192_cfb128
|
||||
const EVP_CIPHER *EVP_aes_192_ofb(void);
|
||||
#if 0
|
||||
const EVP_CIPHER *EVP_aes_192_ctr(void);
|
||||
#endif
|
||||
const EVP_CIPHER *EVP_aes_192_ccm(void);
|
||||
const EVP_CIPHER *EVP_aes_192_gcm(void);
|
||||
const EVP_CIPHER *EVP_aes_256_ecb(void);
|
||||
const EVP_CIPHER *EVP_aes_256_cbc(void);
|
||||
const EVP_CIPHER *EVP_aes_256_cfb1(void);
|
||||
|
@ -738,8 +808,13 @@ const EVP_CIPHER *EVP_aes_256_cfb8(void);
|
|||
const EVP_CIPHER *EVP_aes_256_cfb128(void);
|
||||
# define EVP_aes_256_cfb EVP_aes_256_cfb128
|
||||
const EVP_CIPHER *EVP_aes_256_ofb(void);
|
||||
#if 0
|
||||
const EVP_CIPHER *EVP_aes_256_ctr(void);
|
||||
const EVP_CIPHER *EVP_aes_256_ccm(void);
|
||||
const EVP_CIPHER *EVP_aes_256_gcm(void);
|
||||
const EVP_CIPHER *EVP_aes_256_xts(void);
|
||||
#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
|
||||
const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void);
|
||||
const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void);
|
||||
#endif
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_CAMELLIA
|
||||
|
@ -798,16 +873,31 @@ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
|
|||
const EVP_MD *EVP_get_digestbyname(const char *name);
|
||||
void EVP_cleanup(void);
|
||||
|
||||
int EVP_PKEY_decrypt(unsigned char *dec_key,
|
||||
void EVP_CIPHER_do_all(void (*fn)(const EVP_CIPHER *ciph,
|
||||
const char *from, const char *to, void *x), void *arg);
|
||||
void EVP_CIPHER_do_all_sorted(void (*fn)(const EVP_CIPHER *ciph,
|
||||
const char *from, const char *to, void *x), void *arg);
|
||||
|
||||
void EVP_MD_do_all(void (*fn)(const EVP_MD *ciph,
|
||||
const char *from, const char *to, void *x), void *arg);
|
||||
void EVP_MD_do_all_sorted(void (*fn)(const EVP_MD *ciph,
|
||||
const char *from, const char *to, void *x), void *arg);
|
||||
|
||||
int EVP_PKEY_decrypt_old(unsigned char *dec_key,
|
||||
const unsigned char *enc_key,int enc_key_len,
|
||||
EVP_PKEY *private_key);
|
||||
int EVP_PKEY_encrypt(unsigned char *enc_key,
|
||||
int EVP_PKEY_encrypt_old(unsigned char *enc_key,
|
||||
const unsigned char *key,int key_len,
|
||||
EVP_PKEY *pub_key);
|
||||
int EVP_PKEY_type(int type);
|
||||
int EVP_PKEY_id(const EVP_PKEY *pkey);
|
||||
int EVP_PKEY_base_id(const EVP_PKEY *pkey);
|
||||
int EVP_PKEY_bits(EVP_PKEY *pkey);
|
||||
int EVP_PKEY_size(EVP_PKEY *pkey);
|
||||
int EVP_PKEY_assign(EVP_PKEY *pkey,int type,char *key);
|
||||
int EVP_PKEY_set_type(EVP_PKEY *pkey,int type);
|
||||
int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len);
|
||||
int EVP_PKEY_assign(EVP_PKEY *pkey,int type,void *key);
|
||||
void * EVP_PKEY_get0(EVP_PKEY *pkey);
|
||||
|
||||
#ifndef OPENSSL_NO_RSA
|
||||
struct rsa_st;
|
||||
|
@ -850,6 +940,15 @@ int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b);
|
|||
|
||||
int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b);
|
||||
|
||||
int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey,
|
||||
int indent, ASN1_PCTX *pctx);
|
||||
int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
|
||||
int indent, ASN1_PCTX *pctx);
|
||||
int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
|
||||
int indent, ASN1_PCTX *pctx);
|
||||
|
||||
int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid);
|
||||
|
||||
int EVP_CIPHER_type(const EVP_CIPHER *ctx);
|
||||
|
||||
/* calls methods */
|
||||
|
@ -867,6 +966,10 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
|
|||
int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
|
||||
const unsigned char *salt, int saltlen, int iter,
|
||||
int keylen, unsigned char *out);
|
||||
int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
|
||||
const unsigned char *salt, int saltlen, int iter,
|
||||
const EVP_MD *digest,
|
||||
int keylen, unsigned char *out);
|
||||
int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
|
||||
ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md,
|
||||
int en_de);
|
||||
|
@ -875,10 +978,272 @@ void PKCS5_PBE_add(void);
|
|||
|
||||
int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
|
||||
ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de);
|
||||
|
||||
/* PBE type */
|
||||
|
||||
/* Can appear as the outermost AlgorithmIdentifier */
|
||||
#define EVP_PBE_TYPE_OUTER 0x0
|
||||
/* Is an PRF type OID */
|
||||
#define EVP_PBE_TYPE_PRF 0x1
|
||||
|
||||
int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid,
|
||||
EVP_PBE_KEYGEN *keygen);
|
||||
int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
|
||||
EVP_PBE_KEYGEN *keygen);
|
||||
int EVP_PBE_find(int type, int pbe_nid,
|
||||
int *pcnid, int *pmnid, EVP_PBE_KEYGEN **pkeygen);
|
||||
void EVP_PBE_cleanup(void);
|
||||
|
||||
#define ASN1_PKEY_ALIAS 0x1
|
||||
#define ASN1_PKEY_DYNAMIC 0x2
|
||||
#define ASN1_PKEY_SIGPARAM_NULL 0x4
|
||||
|
||||
#define ASN1_PKEY_CTRL_PKCS7_SIGN 0x1
|
||||
#define ASN1_PKEY_CTRL_PKCS7_ENCRYPT 0x2
|
||||
#define ASN1_PKEY_CTRL_DEFAULT_MD_NID 0x3
|
||||
#define ASN1_PKEY_CTRL_CMS_SIGN 0x5
|
||||
#define ASN1_PKEY_CTRL_CMS_ENVELOPE 0x7
|
||||
|
||||
int EVP_PKEY_asn1_get_count(void);
|
||||
const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx);
|
||||
const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type);
|
||||
const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe,
|
||||
const char *str, int len);
|
||||
int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
|
||||
int EVP_PKEY_asn1_add_alias(int to, int from);
|
||||
int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *pkey_base_id, int *ppkey_flags,
|
||||
const char **pinfo, const char **ppem_str,
|
||||
const EVP_PKEY_ASN1_METHOD *ameth);
|
||||
|
||||
const EVP_PKEY_ASN1_METHOD* EVP_PKEY_get0_asn1(EVP_PKEY *pkey);
|
||||
EVP_PKEY_ASN1_METHOD* EVP_PKEY_asn1_new(int id, int flags,
|
||||
const char *pem_str, const char *info);
|
||||
void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
|
||||
const EVP_PKEY_ASN1_METHOD *src);
|
||||
void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
|
||||
void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
|
||||
int (*pub_decode)(EVP_PKEY *pk, X509_PUBKEY *pub),
|
||||
int (*pub_encode)(X509_PUBKEY *pub, const EVP_PKEY *pk),
|
||||
int (*pub_cmp)(const EVP_PKEY *a, const EVP_PKEY *b),
|
||||
int (*pub_print)(BIO *out, const EVP_PKEY *pkey, int indent,
|
||||
ASN1_PCTX *pctx),
|
||||
int (*pkey_size)(const EVP_PKEY *pk),
|
||||
int (*pkey_bits)(const EVP_PKEY *pk));
|
||||
void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
|
||||
int (*priv_decode)(EVP_PKEY *pk, PKCS8_PRIV_KEY_INFO *p8inf),
|
||||
int (*priv_encode)(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk),
|
||||
int (*priv_print)(BIO *out, const EVP_PKEY *pkey, int indent,
|
||||
ASN1_PCTX *pctx));
|
||||
void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
|
||||
int (*param_decode)(EVP_PKEY *pkey,
|
||||
const unsigned char **pder, int derlen),
|
||||
int (*param_encode)(const EVP_PKEY *pkey, unsigned char **pder),
|
||||
int (*param_missing)(const EVP_PKEY *pk),
|
||||
int (*param_copy)(EVP_PKEY *to, const EVP_PKEY *from),
|
||||
int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b),
|
||||
int (*param_print)(BIO *out, const EVP_PKEY *pkey, int indent,
|
||||
ASN1_PCTX *pctx));
|
||||
|
||||
void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
|
||||
void (*pkey_free)(EVP_PKEY *pkey));
|
||||
void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
|
||||
int (*pkey_ctrl)(EVP_PKEY *pkey, int op,
|
||||
long arg1, void *arg2));
|
||||
|
||||
|
||||
#define EVP_PKEY_OP_UNDEFINED 0
|
||||
#define EVP_PKEY_OP_PARAMGEN (1<<1)
|
||||
#define EVP_PKEY_OP_KEYGEN (1<<2)
|
||||
#define EVP_PKEY_OP_SIGN (1<<3)
|
||||
#define EVP_PKEY_OP_VERIFY (1<<4)
|
||||
#define EVP_PKEY_OP_VERIFYRECOVER (1<<5)
|
||||
#define EVP_PKEY_OP_SIGNCTX (1<<6)
|
||||
#define EVP_PKEY_OP_VERIFYCTX (1<<7)
|
||||
#define EVP_PKEY_OP_ENCRYPT (1<<8)
|
||||
#define EVP_PKEY_OP_DECRYPT (1<<9)
|
||||
#define EVP_PKEY_OP_DERIVE (1<<10)
|
||||
|
||||
#define EVP_PKEY_OP_TYPE_SIG \
|
||||
(EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY | EVP_PKEY_OP_VERIFYRECOVER \
|
||||
| EVP_PKEY_OP_SIGNCTX | EVP_PKEY_OP_VERIFYCTX)
|
||||
|
||||
#define EVP_PKEY_OP_TYPE_CRYPT \
|
||||
(EVP_PKEY_OP_ENCRYPT | EVP_PKEY_OP_DECRYPT)
|
||||
|
||||
#define EVP_PKEY_OP_TYPE_NOGEN \
|
||||
(EVP_PKEY_OP_SIG | EVP_PKEY_OP_CRYPT | EVP_PKEY_OP_DERIVE)
|
||||
|
||||
#define EVP_PKEY_OP_TYPE_GEN \
|
||||
(EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN)
|
||||
|
||||
#define EVP_PKEY_CTX_set_signature_md(ctx, md) \
|
||||
EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG, \
|
||||
EVP_PKEY_CTRL_MD, 0, (void *)md)
|
||||
|
||||
#define EVP_PKEY_CTRL_MD 1
|
||||
#define EVP_PKEY_CTRL_PEER_KEY 2
|
||||
|
||||
#define EVP_PKEY_CTRL_PKCS7_ENCRYPT 3
|
||||
#define EVP_PKEY_CTRL_PKCS7_DECRYPT 4
|
||||
|
||||
#define EVP_PKEY_CTRL_PKCS7_SIGN 5
|
||||
|
||||
#define EVP_PKEY_CTRL_SET_MAC_KEY 6
|
||||
|
||||
#define EVP_PKEY_CTRL_DIGESTINIT 7
|
||||
|
||||
/* Used by GOST key encryption in TLS */
|
||||
#define EVP_PKEY_CTRL_SET_IV 8
|
||||
|
||||
#define EVP_PKEY_CTRL_CMS_ENCRYPT 9
|
||||
#define EVP_PKEY_CTRL_CMS_DECRYPT 10
|
||||
#define EVP_PKEY_CTRL_CMS_SIGN 11
|
||||
|
||||
#define EVP_PKEY_CTRL_CIPHER 12
|
||||
|
||||
#define EVP_PKEY_ALG_CTRL 0x1000
|
||||
|
||||
|
||||
#define EVP_PKEY_FLAG_AUTOARGLEN 2
|
||||
/* Method handles all operations: don't assume any digest related
|
||||
* defaults.
|
||||
*/
|
||||
#define EVP_PKEY_FLAG_SIGCTX_CUSTOM 4
|
||||
|
||||
const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
|
||||
EVP_PKEY_METHOD* EVP_PKEY_meth_new(int id, int flags);
|
||||
void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags,
|
||||
const EVP_PKEY_METHOD *meth);
|
||||
void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
|
||||
void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
|
||||
int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
|
||||
|
||||
EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
|
||||
EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
|
||||
EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *ctx);
|
||||
void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);
|
||||
|
||||
int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
|
||||
int cmd, int p1, void *p2);
|
||||
int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
|
||||
const char *value);
|
||||
|
||||
int EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx);
|
||||
void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen);
|
||||
|
||||
EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e,
|
||||
const unsigned char *key, int keylen);
|
||||
|
||||
void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data);
|
||||
void *EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx);
|
||||
EVP_PKEY *EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx);
|
||||
|
||||
EVP_PKEY *EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx);
|
||||
|
||||
void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data);
|
||||
void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx);
|
||||
|
||||
int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx);
|
||||
int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
|
||||
unsigned char *sig, size_t *siglen,
|
||||
const unsigned char *tbs, size_t tbslen);
|
||||
int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx);
|
||||
int EVP_PKEY_verify(EVP_PKEY_CTX *ctx,
|
||||
const unsigned char *sig, size_t siglen,
|
||||
const unsigned char *tbs, size_t tbslen);
|
||||
int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx);
|
||||
int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx,
|
||||
unsigned char *rout, size_t *routlen,
|
||||
const unsigned char *sig, size_t siglen);
|
||||
int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx);
|
||||
int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
|
||||
unsigned char *out, size_t *outlen,
|
||||
const unsigned char *in, size_t inlen);
|
||||
int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx);
|
||||
int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
|
||||
unsigned char *out, size_t *outlen,
|
||||
const unsigned char *in, size_t inlen);
|
||||
|
||||
int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx);
|
||||
int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer);
|
||||
int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
|
||||
|
||||
typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx);
|
||||
|
||||
int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx);
|
||||
int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
|
||||
int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx);
|
||||
int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
|
||||
|
||||
void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb);
|
||||
EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
|
||||
|
||||
int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx);
|
||||
|
||||
void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
|
||||
int (*init)(EVP_PKEY_CTX *ctx));
|
||||
|
||||
void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
|
||||
int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src));
|
||||
|
||||
void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
|
||||
void (*cleanup)(EVP_PKEY_CTX *ctx));
|
||||
|
||||
void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
|
||||
int (*paramgen_init)(EVP_PKEY_CTX *ctx),
|
||||
int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey));
|
||||
|
||||
void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
|
||||
int (*keygen_init)(EVP_PKEY_CTX *ctx),
|
||||
int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey));
|
||||
|
||||
void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
|
||||
int (*sign_init)(EVP_PKEY_CTX *ctx),
|
||||
int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
|
||||
const unsigned char *tbs, size_t tbslen));
|
||||
|
||||
void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
|
||||
int (*verify_init)(EVP_PKEY_CTX *ctx),
|
||||
int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
|
||||
const unsigned char *tbs, size_t tbslen));
|
||||
|
||||
void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
|
||||
int (*verify_recover_init)(EVP_PKEY_CTX *ctx),
|
||||
int (*verify_recover)(EVP_PKEY_CTX *ctx,
|
||||
unsigned char *sig, size_t *siglen,
|
||||
const unsigned char *tbs, size_t tbslen));
|
||||
|
||||
void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
|
||||
int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
|
||||
int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
|
||||
EVP_MD_CTX *mctx));
|
||||
|
||||
void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
|
||||
int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
|
||||
int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig,int siglen,
|
||||
EVP_MD_CTX *mctx));
|
||||
|
||||
void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
|
||||
int (*encrypt_init)(EVP_PKEY_CTX *ctx),
|
||||
int (*encryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
|
||||
const unsigned char *in, size_t inlen));
|
||||
|
||||
void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
|
||||
int (*decrypt_init)(EVP_PKEY_CTX *ctx),
|
||||
int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
|
||||
const unsigned char *in, size_t inlen));
|
||||
|
||||
void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
|
||||
int (*derive_init)(EVP_PKEY_CTX *ctx),
|
||||
int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen));
|
||||
|
||||
void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
|
||||
int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2),
|
||||
int (*ctrl_str)(EVP_PKEY_CTX *ctx,
|
||||
const char *type, const char *value));
|
||||
|
||||
void EVP_add_alg_module(void);
|
||||
|
||||
/* BEGIN ERROR CODES */
|
||||
/* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||
* made after this point may be overwritten when the script is next run.
|
||||
|
@ -888,44 +1253,86 @@ void ERR_load_EVP_strings(void);
|
|||
/* Error codes for the EVP functions. */
|
||||
|
||||
/* Function codes. */
|
||||
#define EVP_F_AESNI_INIT_KEY 165
|
||||
#define EVP_F_AESNI_XTS_CIPHER 176
|
||||
#define EVP_F_AES_INIT_KEY 133
|
||||
#define EVP_F_AES_XTS 172
|
||||
#define EVP_F_AES_XTS_CIPHER 175
|
||||
#define EVP_F_ALG_MODULE_INIT 177
|
||||
#define EVP_F_CAMELLIA_INIT_KEY 159
|
||||
#define EVP_F_CMAC_INIT 173
|
||||
#define EVP_F_D2I_PKEY 100
|
||||
#define EVP_F_DO_SIGVER_INIT 161
|
||||
#define EVP_F_DSAPKEY2PKCS8 134
|
||||
#define EVP_F_DSA_PKEY2PKCS8 135
|
||||
#define EVP_F_ECDSA_PKEY2PKCS8 129
|
||||
#define EVP_F_ECKEY_PKEY2PKCS8 132
|
||||
#define EVP_F_EVP_CIPHERINIT_EX 123
|
||||
#define EVP_F_EVP_CIPHER_CTX_COPY 163
|
||||
#define EVP_F_EVP_CIPHER_CTX_CTRL 124
|
||||
#define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122
|
||||
#define EVP_F_EVP_DECRYPTFINAL_EX 101
|
||||
#define EVP_F_EVP_DIGESTINIT_EX 128
|
||||
#define EVP_F_EVP_ENCRYPTFINAL_EX 127
|
||||
#define EVP_F_EVP_MD_CTX_COPY_EX 110
|
||||
#define EVP_F_EVP_MD_SIZE 162
|
||||
#define EVP_F_EVP_OPENINIT 102
|
||||
#define EVP_F_EVP_PBE_ALG_ADD 115
|
||||
#define EVP_F_EVP_PBE_ALG_ADD_TYPE 160
|
||||
#define EVP_F_EVP_PBE_CIPHERINIT 116
|
||||
#define EVP_F_EVP_PKCS82PKEY 111
|
||||
#define EVP_F_EVP_PKCS82PKEY_BROKEN 136
|
||||
#define EVP_F_EVP_PKEY2PKCS8_BROKEN 113
|
||||
#define EVP_F_EVP_PKEY_COPY_PARAMETERS 103
|
||||
#define EVP_F_EVP_PKEY_CTX_CTRL 137
|
||||
#define EVP_F_EVP_PKEY_CTX_CTRL_STR 150
|
||||
#define EVP_F_EVP_PKEY_CTX_DUP 156
|
||||
#define EVP_F_EVP_PKEY_DECRYPT 104
|
||||
#define EVP_F_EVP_PKEY_DECRYPT_INIT 138
|
||||
#define EVP_F_EVP_PKEY_DECRYPT_OLD 151
|
||||
#define EVP_F_EVP_PKEY_DERIVE 153
|
||||
#define EVP_F_EVP_PKEY_DERIVE_INIT 154
|
||||
#define EVP_F_EVP_PKEY_DERIVE_SET_PEER 155
|
||||
#define EVP_F_EVP_PKEY_ENCRYPT 105
|
||||
#define EVP_F_EVP_PKEY_ENCRYPT_INIT 139
|
||||
#define EVP_F_EVP_PKEY_ENCRYPT_OLD 152
|
||||
#define EVP_F_EVP_PKEY_GET1_DH 119
|
||||
#define EVP_F_EVP_PKEY_GET1_DSA 120
|
||||
#define EVP_F_EVP_PKEY_GET1_ECDSA 130
|
||||
#define EVP_F_EVP_PKEY_GET1_EC_KEY 131
|
||||
#define EVP_F_EVP_PKEY_GET1_RSA 121
|
||||
#define EVP_F_EVP_PKEY_KEYGEN 146
|
||||
#define EVP_F_EVP_PKEY_KEYGEN_INIT 147
|
||||
#define EVP_F_EVP_PKEY_NEW 106
|
||||
#define EVP_F_EVP_PKEY_PARAMGEN 148
|
||||
#define EVP_F_EVP_PKEY_PARAMGEN_INIT 149
|
||||
#define EVP_F_EVP_PKEY_SIGN 140
|
||||
#define EVP_F_EVP_PKEY_SIGN_INIT 141
|
||||
#define EVP_F_EVP_PKEY_VERIFY 142
|
||||
#define EVP_F_EVP_PKEY_VERIFY_INIT 143
|
||||
#define EVP_F_EVP_PKEY_VERIFY_RECOVER 144
|
||||
#define EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT 145
|
||||
#define EVP_F_EVP_RIJNDAEL 126
|
||||
#define EVP_F_EVP_SIGNFINAL 107
|
||||
#define EVP_F_EVP_VERIFYFINAL 108
|
||||
#define EVP_F_FIPS_CIPHERINIT 166
|
||||
#define EVP_F_FIPS_CIPHER_CTX_COPY 170
|
||||
#define EVP_F_FIPS_CIPHER_CTX_CTRL 167
|
||||
#define EVP_F_FIPS_CIPHER_CTX_SET_KEY_LENGTH 171
|
||||
#define EVP_F_FIPS_DIGESTINIT 168
|
||||
#define EVP_F_FIPS_MD_CTX_COPY 169
|
||||
#define EVP_F_HMAC_INIT_EX 174
|
||||
#define EVP_F_INT_CTX_NEW 157
|
||||
#define EVP_F_PKCS5_PBE_KEYIVGEN 117
|
||||
#define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118
|
||||
#define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN 164
|
||||
#define EVP_F_PKCS8_SET_BROKEN 112
|
||||
#define EVP_F_PKEY_SET_TYPE 158
|
||||
#define EVP_F_RC2_MAGIC_TO_METH 109
|
||||
#define EVP_F_RC5_CTRL 125
|
||||
|
||||
/* Reason codes. */
|
||||
#define EVP_R_AES_IV_SETUP_FAILED 162
|
||||
#define EVP_R_AES_KEY_SETUP_FAILED 143
|
||||
#define EVP_R_ASN1_LIB 140
|
||||
#define EVP_R_BAD_BLOCK_LENGTH 136
|
||||
|
@ -933,35 +1340,59 @@ void ERR_load_EVP_strings(void);
|
|||
#define EVP_R_BAD_KEY_LENGTH 137
|
||||
#define EVP_R_BN_DECODE_ERROR 112
|
||||
#define EVP_R_BN_PUBKEY_ERROR 113
|
||||
#define EVP_R_BUFFER_TOO_SMALL 155
|
||||
#define EVP_R_CAMELLIA_KEY_SETUP_FAILED 157
|
||||
#define EVP_R_CIPHER_PARAMETER_ERROR 122
|
||||
#define EVP_R_COMMAND_NOT_SUPPORTED 147
|
||||
#define EVP_R_CTRL_NOT_IMPLEMENTED 132
|
||||
#define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED 133
|
||||
#define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH 138
|
||||
#define EVP_R_DECODE_ERROR 114
|
||||
#define EVP_R_DIFFERENT_KEY_TYPES 101
|
||||
#define EVP_R_DIFFERENT_PARAMETERS 153
|
||||
#define EVP_R_DISABLED_FOR_FIPS 163
|
||||
#define EVP_R_ENCODE_ERROR 115
|
||||
#define EVP_R_ERROR_LOADING_SECTION 165
|
||||
#define EVP_R_ERROR_SETTING_FIPS_MODE 166
|
||||
#define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119
|
||||
#define EVP_R_EXPECTING_AN_RSA_KEY 127
|
||||
#define EVP_R_EXPECTING_A_DH_KEY 128
|
||||
#define EVP_R_EXPECTING_A_DSA_KEY 129
|
||||
#define EVP_R_EXPECTING_A_ECDSA_KEY 141
|
||||
#define EVP_R_EXPECTING_A_EC_KEY 142
|
||||
#define EVP_R_FIPS_MODE_NOT_SUPPORTED 167
|
||||
#define EVP_R_INITIALIZATION_ERROR 134
|
||||
#define EVP_R_INPUT_NOT_INITIALIZED 111
|
||||
#define EVP_R_INVALID_DIGEST 152
|
||||
#define EVP_R_INVALID_FIPS_MODE 168
|
||||
#define EVP_R_INVALID_KEY_LENGTH 130
|
||||
#define EVP_R_INVALID_OPERATION 148
|
||||
#define EVP_R_IV_TOO_LARGE 102
|
||||
#define EVP_R_KEYGEN_FAILURE 120
|
||||
#define EVP_R_MESSAGE_DIGEST_IS_NULL 159
|
||||
#define EVP_R_METHOD_NOT_SUPPORTED 144
|
||||
#define EVP_R_MISSING_PARAMETERS 103
|
||||
#define EVP_R_NO_CIPHER_SET 131
|
||||
#define EVP_R_NO_DEFAULT_DIGEST 158
|
||||
#define EVP_R_NO_DIGEST_SET 139
|
||||
#define EVP_R_NO_DSA_PARAMETERS 116
|
||||
#define EVP_R_NO_KEY_SET 154
|
||||
#define EVP_R_NO_OPERATION_SET 149
|
||||
#define EVP_R_NO_SIGN_FUNCTION_CONFIGURED 104
|
||||
#define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105
|
||||
#define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 150
|
||||
#define EVP_R_OPERATON_NOT_INITIALIZED 151
|
||||
#define EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE 117
|
||||
#define EVP_R_PRIVATE_KEY_DECODE_ERROR 145
|
||||
#define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146
|
||||
#define EVP_R_PUBLIC_KEY_NOT_RSA 106
|
||||
#define EVP_R_TOO_LARGE 164
|
||||
#define EVP_R_UNKNOWN_CIPHER 160
|
||||
#define EVP_R_UNKNOWN_DIGEST 161
|
||||
#define EVP_R_UNKNOWN_OPTION 169
|
||||
#define EVP_R_UNKNOWN_PBE_ALGORITHM 121
|
||||
#define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS 135
|
||||
#define EVP_R_UNSUPPORTED_ALGORITHM 156
|
||||
#define EVP_R_UNSUPPORTED_CIPHER 107
|
||||
#define EVP_R_UNSUPPORTED_KEYLENGTH 123
|
||||
#define EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION 124
|
||||
|
@ -971,7 +1402,6 @@ void ERR_load_EVP_strings(void);
|
|||
#define EVP_R_UNSUPPORTED_SALT_TYPE 126
|
||||
#define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109
|
||||
#define EVP_R_WRONG_PUBLIC_KEY_TYPE 110
|
||||
#define EVP_R_SEED_KEY_SETUP_FAILED 162
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
|
|
|
@ -90,16 +90,18 @@ void HMAC_CTX_cleanup(HMAC_CTX *ctx);
|
|||
|
||||
#define HMAC_cleanup(ctx) HMAC_CTX_cleanup(ctx) /* deprecated */
|
||||
|
||||
void HMAC_Init(HMAC_CTX *ctx, const void *key, int len,
|
||||
int HMAC_Init(HMAC_CTX *ctx, const void *key, int len,
|
||||
const EVP_MD *md); /* deprecated */
|
||||
void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
|
||||
int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
|
||||
const EVP_MD *md, ENGINE *impl);
|
||||
void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len);
|
||||
void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
|
||||
int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len);
|
||||
int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
|
||||
unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
|
||||
const unsigned char *d, size_t n, unsigned char *md,
|
||||
unsigned int *md_len);
|
||||
int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);
|
||||
|
||||
void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
|
|
|
@ -0,0 +1,103 @@
|
|||
/* crypto/idea/idea.h */
|
||||
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
|
||||
* All rights reserved.
|
||||
*
|
||||
* This package is an SSL implementation written
|
||||
* by Eric Young (eay@cryptsoft.com).
|
||||
* The implementation was written so as to conform with Netscapes SSL.
|
||||
*
|
||||
* This library is free for commercial and non-commercial use as long as
|
||||
* the following conditions are aheared to. The following conditions
|
||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||
* included with this distribution is covered by the same copyright terms
|
||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||
* the code are not to be removed.
|
||||
* If this package is used in a product, Eric Young should be given attribution
|
||||
* as the author of the parts of the library used.
|
||||
* This can be in the form of a textual message at program startup or
|
||||
* in documentation (online or textual) provided with the package.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. All advertising materials mentioning features or use of this software
|
||||
* must display the following acknowledgement:
|
||||
* "This product includes cryptographic software written by
|
||||
* Eric Young (eay@cryptsoft.com)"
|
||||
* The word 'cryptographic' can be left out if the rouines from the library
|
||||
* being used are not cryptographic related :-).
|
||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||
* the apps directory (application code) you must include an acknowledgement:
|
||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* The licence and distribution terms for any publically available version or
|
||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||
* copied and put under another distribution licence
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
|
||||
#ifndef HEADER_IDEA_H
|
||||
#define HEADER_IDEA_H
|
||||
|
||||
#include <openssl/opensslconf.h> /* IDEA_INT, OPENSSL_NO_IDEA */
|
||||
|
||||
#ifdef OPENSSL_NO_IDEA
|
||||
#error IDEA is disabled.
|
||||
#endif
|
||||
|
||||
#define IDEA_ENCRYPT 1
|
||||
#define IDEA_DECRYPT 0
|
||||
|
||||
#define IDEA_BLOCK 8
|
||||
#define IDEA_KEY_LENGTH 16
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
typedef struct idea_key_st
|
||||
{
|
||||
IDEA_INT data[9][6];
|
||||
} IDEA_KEY_SCHEDULE;
|
||||
|
||||
const char *idea_options(void);
|
||||
void idea_ecb_encrypt(const unsigned char *in, unsigned char *out,
|
||||
IDEA_KEY_SCHEDULE *ks);
|
||||
#ifdef OPENSSL_FIPS
|
||||
void private_idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks);
|
||||
#endif
|
||||
void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks);
|
||||
void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk);
|
||||
void idea_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
||||
long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,int enc);
|
||||
void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out,
|
||||
long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
|
||||
int *num,int enc);
|
||||
void idea_ofb64_encrypt(const unsigned char *in, unsigned char *out,
|
||||
long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv, int *num);
|
||||
void idea_encrypt(unsigned long *in, IDEA_KEY_SCHEDULE *ks);
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif
|
|
@ -172,6 +172,10 @@ krb5_error_code kssl_check_authent(KSSL_CTX *kssl_ctx, krb5_data *authentp,
|
|||
krb5_timestamp *atimep, KSSL_ERR *kssl_err);
|
||||
unsigned char *kssl_skip_confound(krb5_enctype enctype, unsigned char *authn);
|
||||
|
||||
void SSL_set0_kssl_ctx(SSL *s, KSSL_CTX *kctx);
|
||||
KSSL_CTX * SSL_get0_kssl_ctx(SSL *s);
|
||||
char *kssl_ctx_get0_client_princ(KSSL_CTX *kctx);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
|
|
@ -98,42 +98,42 @@ typedef void (*LHASH_DOALL_ARG_FN_TYPE)(void *, void *);
|
|||
* macros if the functions are strictly internal. */
|
||||
|
||||
/* First: "hash" functions */
|
||||
#define DECLARE_LHASH_HASH_FN(f_name,o_type) \
|
||||
unsigned long f_name##_LHASH_HASH(const void *);
|
||||
#define IMPLEMENT_LHASH_HASH_FN(f_name,o_type) \
|
||||
unsigned long f_name##_LHASH_HASH(const void *arg) { \
|
||||
o_type a = (o_type)arg; \
|
||||
return f_name(a); }
|
||||
#define LHASH_HASH_FN(f_name) f_name##_LHASH_HASH
|
||||
#define DECLARE_LHASH_HASH_FN(name, o_type) \
|
||||
unsigned long name##_LHASH_HASH(const void *);
|
||||
#define IMPLEMENT_LHASH_HASH_FN(name, o_type) \
|
||||
unsigned long name##_LHASH_HASH(const void *arg) { \
|
||||
const o_type *a = arg; \
|
||||
return name##_hash(a); }
|
||||
#define LHASH_HASH_FN(name) name##_LHASH_HASH
|
||||
|
||||
/* Second: "compare" functions */
|
||||
#define DECLARE_LHASH_COMP_FN(f_name,o_type) \
|
||||
int f_name##_LHASH_COMP(const void *, const void *);
|
||||
#define IMPLEMENT_LHASH_COMP_FN(f_name,o_type) \
|
||||
int f_name##_LHASH_COMP(const void *arg1, const void *arg2) { \
|
||||
o_type a = (o_type)arg1; \
|
||||
o_type b = (o_type)arg2; \
|
||||
return f_name(a,b); }
|
||||
#define LHASH_COMP_FN(f_name) f_name##_LHASH_COMP
|
||||
#define DECLARE_LHASH_COMP_FN(name, o_type) \
|
||||
int name##_LHASH_COMP(const void *, const void *);
|
||||
#define IMPLEMENT_LHASH_COMP_FN(name, o_type) \
|
||||
int name##_LHASH_COMP(const void *arg1, const void *arg2) { \
|
||||
const o_type *a = arg1; \
|
||||
const o_type *b = arg2; \
|
||||
return name##_cmp(a,b); }
|
||||
#define LHASH_COMP_FN(name) name##_LHASH_COMP
|
||||
|
||||
/* Third: "doall" functions */
|
||||
#define DECLARE_LHASH_DOALL_FN(f_name,o_type) \
|
||||
void f_name##_LHASH_DOALL(void *);
|
||||
#define IMPLEMENT_LHASH_DOALL_FN(f_name,o_type) \
|
||||
void f_name##_LHASH_DOALL(void *arg) { \
|
||||
o_type a = (o_type)arg; \
|
||||
f_name(a); }
|
||||
#define LHASH_DOALL_FN(f_name) f_name##_LHASH_DOALL
|
||||
#define DECLARE_LHASH_DOALL_FN(name, o_type) \
|
||||
void name##_LHASH_DOALL(void *);
|
||||
#define IMPLEMENT_LHASH_DOALL_FN(name, o_type) \
|
||||
void name##_LHASH_DOALL(void *arg) { \
|
||||
o_type *a = arg; \
|
||||
name##_doall(a); }
|
||||
#define LHASH_DOALL_FN(name) name##_LHASH_DOALL
|
||||
|
||||
/* Fourth: "doall_arg" functions */
|
||||
#define DECLARE_LHASH_DOALL_ARG_FN(f_name,o_type,a_type) \
|
||||
void f_name##_LHASH_DOALL_ARG(void *, void *);
|
||||
#define IMPLEMENT_LHASH_DOALL_ARG_FN(f_name,o_type,a_type) \
|
||||
void f_name##_LHASH_DOALL_ARG(void *arg1, void *arg2) { \
|
||||
o_type a = (o_type)arg1; \
|
||||
a_type b = (a_type)arg2; \
|
||||
f_name(a,b); }
|
||||
#define LHASH_DOALL_ARG_FN(f_name) f_name##_LHASH_DOALL_ARG
|
||||
#define DECLARE_LHASH_DOALL_ARG_FN(name, o_type, a_type) \
|
||||
void name##_LHASH_DOALL_ARG(void *, void *);
|
||||
#define IMPLEMENT_LHASH_DOALL_ARG_FN(name, o_type, a_type) \
|
||||
void name##_LHASH_DOALL_ARG(void *arg1, void *arg2) { \
|
||||
o_type *a = arg1; \
|
||||
a_type *b = arg2; \
|
||||
name##_doall_arg(a, b); }
|
||||
#define LHASH_DOALL_ARG_FN(name) name##_LHASH_DOALL_ARG
|
||||
|
||||
typedef struct lhash_st
|
||||
{
|
||||
|
@ -163,7 +163,8 @@ typedef struct lhash_st
|
|||
unsigned long num_hash_comps;
|
||||
|
||||
int error;
|
||||
} LHASH;
|
||||
} _LHASH; /* Do not use _LHASH directly, use LHASH_OF
|
||||
* and friends */
|
||||
|
||||
#define LH_LOAD_MULT 256
|
||||
|
||||
|
@ -171,27 +172,67 @@ typedef struct lhash_st
|
|||
* in lh_insert(). */
|
||||
#define lh_error(lh) ((lh)->error)
|
||||
|
||||
LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c);
|
||||
void lh_free(LHASH *lh);
|
||||
void *lh_insert(LHASH *lh, void *data);
|
||||
void *lh_delete(LHASH *lh, const void *data);
|
||||
void *lh_retrieve(LHASH *lh, const void *data);
|
||||
void lh_doall(LHASH *lh, LHASH_DOALL_FN_TYPE func);
|
||||
void lh_doall_arg(LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg);
|
||||
_LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c);
|
||||
void lh_free(_LHASH *lh);
|
||||
void *lh_insert(_LHASH *lh, void *data);
|
||||
void *lh_delete(_LHASH *lh, const void *data);
|
||||
void *lh_retrieve(_LHASH *lh, const void *data);
|
||||
void lh_doall(_LHASH *lh, LHASH_DOALL_FN_TYPE func);
|
||||
void lh_doall_arg(_LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg);
|
||||
unsigned long lh_strhash(const char *c);
|
||||
unsigned long lh_num_items(const LHASH *lh);
|
||||
unsigned long lh_num_items(const _LHASH *lh);
|
||||
|
||||
#ifndef OPENSSL_NO_FP_API
|
||||
void lh_stats(const LHASH *lh, FILE *out);
|
||||
void lh_node_stats(const LHASH *lh, FILE *out);
|
||||
void lh_node_usage_stats(const LHASH *lh, FILE *out);
|
||||
void lh_stats(const _LHASH *lh, FILE *out);
|
||||
void lh_node_stats(const _LHASH *lh, FILE *out);
|
||||
void lh_node_usage_stats(const _LHASH *lh, FILE *out);
|
||||
#endif
|
||||
|
||||
#ifndef OPENSSL_NO_BIO
|
||||
void lh_stats_bio(const LHASH *lh, BIO *out);
|
||||
void lh_node_stats_bio(const LHASH *lh, BIO *out);
|
||||
void lh_node_usage_stats_bio(const LHASH *lh, BIO *out);
|
||||
void lh_stats_bio(const _LHASH *lh, BIO *out);
|
||||
void lh_node_stats_bio(const _LHASH *lh, BIO *out);
|
||||
void lh_node_usage_stats_bio(const _LHASH *lh, BIO *out);
|
||||
#endif
|
||||
|
||||
/* Type checking... */
|
||||
|
||||
#define LHASH_OF(type) struct lhash_st_##type
|
||||
|
||||
#define DECLARE_LHASH_OF(type) LHASH_OF(type) { int dummy; }
|
||||
|
||||
#define CHECKED_LHASH_OF(type,lh) \
|
||||
((_LHASH *)CHECKED_PTR_OF(LHASH_OF(type),lh))
|
||||
|
||||
/* Define wrapper functions. */
|
||||
#define LHM_lh_new(type, name) \
|
||||
((LHASH_OF(type) *)lh_new(LHASH_HASH_FN(name), LHASH_COMP_FN(name)))
|
||||
#define LHM_lh_error(type, lh) \
|
||||
lh_error(CHECKED_LHASH_OF(type,lh))
|
||||
#define LHM_lh_insert(type, lh, inst) \
|
||||
((type *)lh_insert(CHECKED_LHASH_OF(type, lh), \
|
||||
CHECKED_PTR_OF(type, inst)))
|
||||
#define LHM_lh_retrieve(type, lh, inst) \
|
||||
((type *)lh_retrieve(CHECKED_LHASH_OF(type, lh), \
|
||||
CHECKED_PTR_OF(type, inst)))
|
||||
#define LHM_lh_delete(type, lh, inst) \
|
||||
((type *)lh_delete(CHECKED_LHASH_OF(type, lh), \
|
||||
CHECKED_PTR_OF(type, inst)))
|
||||
#define LHM_lh_doall(type, lh,fn) lh_doall(CHECKED_LHASH_OF(type, lh), fn)
|
||||
#define LHM_lh_doall_arg(type, lh, fn, arg_type, arg) \
|
||||
lh_doall_arg(CHECKED_LHASH_OF(type, lh), fn, CHECKED_PTR_OF(arg_type, arg))
|
||||
#define LHM_lh_num_items(type, lh) lh_num_items(CHECKED_LHASH_OF(type, lh))
|
||||
#define LHM_lh_down_load(type, lh) (CHECKED_LHASH_OF(type, lh)->down_load)
|
||||
#define LHM_lh_node_stats_bio(type, lh, out) \
|
||||
lh_node_stats_bio(CHECKED_LHASH_OF(type, lh), out)
|
||||
#define LHM_lh_node_usage_stats_bio(type, lh, out) \
|
||||
lh_node_usage_stats_bio(CHECKED_LHASH_OF(type, lh), out)
|
||||
#define LHM_lh_stats_bio(type, lh, out) \
|
||||
lh_stats_bio(CHECKED_LHASH_OF(type, lh), out)
|
||||
#define LHM_lh_free(type, lh) lh_free(CHECKED_LHASH_OF(type, lh))
|
||||
|
||||
DECLARE_LHASH_OF(OPENSSL_STRING);
|
||||
DECLARE_LHASH_OF(OPENSSL_CSTRING);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
|
|
@ -77,7 +77,7 @@ extern "C" {
|
|||
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
||||
*/
|
||||
|
||||
#if defined(OPENSSL_SYS_WIN16) || defined(__LP32__)
|
||||
#if defined(__LP32__)
|
||||
#define MD4_LONG unsigned long
|
||||
#elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
|
||||
#define MD4_LONG unsigned long
|
||||
|
@ -105,6 +105,9 @@ typedef struct MD4state_st
|
|||
unsigned int num;
|
||||
} MD4_CTX;
|
||||
|
||||
#ifdef OPENSSL_FIPS
|
||||
int private_MD4_Init(MD4_CTX *c);
|
||||
#endif
|
||||
int MD4_Init(MD4_CTX *c);
|
||||
int MD4_Update(MD4_CTX *c, const void *data, size_t len);
|
||||
int MD4_Final(unsigned char *md, MD4_CTX *c);
|
||||
|
|
|
@ -77,7 +77,7 @@ extern "C" {
|
|||
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
||||
*/
|
||||
|
||||
#if defined(OPENSSL_SYS_WIN16) || defined(__LP32__)
|
||||
#if defined(__LP32__)
|
||||
#define MD5_LONG unsigned long
|
||||
#elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
|
||||
#define MD5_LONG unsigned long
|
||||
|
@ -105,6 +105,9 @@ typedef struct MD5state_st
|
|||
unsigned int num;
|
||||
} MD5_CTX;
|
||||
|
||||
#ifdef OPENSSL_FIPS
|
||||
int private_MD5_Init(MD5_CTX *c);
|
||||
#endif
|
||||
int MD5_Init(MD5_CTX *c);
|
||||
int MD5_Update(MD5_CTX *c, const void *data, size_t len);
|
||||
int MD5_Final(unsigned char *md, MD5_CTX *c);
|
||||
|
|
|
@ -0,0 +1,98 @@
|
|||
/* crypto/mdc2/mdc2.h */
|
||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||
* All rights reserved.
|
||||
*
|
||||
* This package is an SSL implementation written
|
||||
* by Eric Young (eay@cryptsoft.com).
|
||||
* The implementation was written so as to conform with Netscapes SSL.
|
||||
*
|
||||
* This library is free for commercial and non-commercial use as long as
|
||||
* the following conditions are aheared to. The following conditions
|
||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||
* included with this distribution is covered by the same copyright terms
|
||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||
* the code are not to be removed.
|
||||
* If this package is used in a product, Eric Young should be given attribution
|
||||
* as the author of the parts of the library used.
|
||||
* This can be in the form of a textual message at program startup or
|
||||
* in documentation (online or textual) provided with the package.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. All advertising materials mentioning features or use of this software
|
||||
* must display the following acknowledgement:
|
||||
* "This product includes cryptographic software written by
|
||||
* Eric Young (eay@cryptsoft.com)"
|
||||
* The word 'cryptographic' can be left out if the rouines from the library
|
||||
* being used are not cryptographic related :-).
|
||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||
* the apps directory (application code) you must include an acknowledgement:
|
||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* The licence and distribution terms for any publically available version or
|
||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||
* copied and put under another distribution licence
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
|
||||
#ifndef HEADER_MDC2_H
|
||||
#define HEADER_MDC2_H
|
||||
|
||||
#include <openssl/des.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
#ifdef OPENSSL_NO_MDC2
|
||||
#error MDC2 is disabled.
|
||||
#endif
|
||||
|
||||
#define MDC2_BLOCK 8
|
||||
#define MDC2_DIGEST_LENGTH 16
|
||||
|
||||
typedef struct mdc2_ctx_st
|
||||
{
|
||||
unsigned int num;
|
||||
unsigned char data[MDC2_BLOCK];
|
||||
DES_cblock h,hh;
|
||||
int pad_type; /* either 1 or 2, default 1 */
|
||||
} MDC2_CTX;
|
||||
|
||||
|
||||
#ifdef OPENSSL_FIPS
|
||||
int private_MDC2_Init(MDC2_CTX *c);
|
||||
#endif
|
||||
int MDC2_Init(MDC2_CTX *c);
|
||||
int MDC2_Update(MDC2_CTX *c, const unsigned char *data, size_t len);
|
||||
int MDC2_Final(unsigned char *md, MDC2_CTX *c);
|
||||
unsigned char *MDC2(const unsigned char *d, size_t n,
|
||||
unsigned char *md);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif
|
||||
|
|
@ -0,0 +1,135 @@
|
|||
/* ====================================================================
|
||||
* Copyright (c) 2008 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Rights for redistribution and usage in source and binary
|
||||
* forms are granted according to the OpenSSL license.
|
||||
*/
|
||||
|
||||
#include <stddef.h>
|
||||
|
||||
typedef void (*block128_f)(const unsigned char in[16],
|
||||
unsigned char out[16],
|
||||
const void *key);
|
||||
|
||||
typedef void (*cbc128_f)(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const void *key,
|
||||
unsigned char ivec[16], int enc);
|
||||
|
||||
typedef void (*ctr128_f)(const unsigned char *in, unsigned char *out,
|
||||
size_t blocks, const void *key,
|
||||
const unsigned char ivec[16]);
|
||||
|
||||
typedef void (*ccm128_f)(const unsigned char *in, unsigned char *out,
|
||||
size_t blocks, const void *key,
|
||||
const unsigned char ivec[16],unsigned char cmac[16]);
|
||||
|
||||
void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const void *key,
|
||||
unsigned char ivec[16], block128_f block);
|
||||
void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const void *key,
|
||||
unsigned char ivec[16], block128_f block);
|
||||
|
||||
void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const void *key,
|
||||
unsigned char ivec[16], unsigned char ecount_buf[16],
|
||||
unsigned int *num, block128_f block);
|
||||
|
||||
void CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const void *key,
|
||||
unsigned char ivec[16], unsigned char ecount_buf[16],
|
||||
unsigned int *num, ctr128_f ctr);
|
||||
|
||||
void CRYPTO_ofb128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const void *key,
|
||||
unsigned char ivec[16], int *num,
|
||||
block128_f block);
|
||||
|
||||
void CRYPTO_cfb128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const void *key,
|
||||
unsigned char ivec[16], int *num,
|
||||
int enc, block128_f block);
|
||||
void CRYPTO_cfb128_8_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t length, const void *key,
|
||||
unsigned char ivec[16], int *num,
|
||||
int enc, block128_f block);
|
||||
void CRYPTO_cfb128_1_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t bits, const void *key,
|
||||
unsigned char ivec[16], int *num,
|
||||
int enc, block128_f block);
|
||||
|
||||
size_t CRYPTO_cts128_encrypt_block(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const void *key,
|
||||
unsigned char ivec[16], block128_f block);
|
||||
size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const void *key,
|
||||
unsigned char ivec[16], cbc128_f cbc);
|
||||
size_t CRYPTO_cts128_decrypt_block(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const void *key,
|
||||
unsigned char ivec[16], block128_f block);
|
||||
size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const void *key,
|
||||
unsigned char ivec[16], cbc128_f cbc);
|
||||
|
||||
size_t CRYPTO_nistcts128_encrypt_block(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const void *key,
|
||||
unsigned char ivec[16], block128_f block);
|
||||
size_t CRYPTO_nistcts128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const void *key,
|
||||
unsigned char ivec[16], cbc128_f cbc);
|
||||
size_t CRYPTO_nistcts128_decrypt_block(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const void *key,
|
||||
unsigned char ivec[16], block128_f block);
|
||||
size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const void *key,
|
||||
unsigned char ivec[16], cbc128_f cbc);
|
||||
|
||||
typedef struct gcm128_context GCM128_CONTEXT;
|
||||
|
||||
GCM128_CONTEXT *CRYPTO_gcm128_new(void *key, block128_f block);
|
||||
void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx,void *key,block128_f block);
|
||||
void CRYPTO_gcm128_setiv(GCM128_CONTEXT *ctx, const unsigned char *iv,
|
||||
size_t len);
|
||||
int CRYPTO_gcm128_aad(GCM128_CONTEXT *ctx, const unsigned char *aad,
|
||||
size_t len);
|
||||
int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx,
|
||||
const unsigned char *in, unsigned char *out,
|
||||
size_t len);
|
||||
int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx,
|
||||
const unsigned char *in, unsigned char *out,
|
||||
size_t len);
|
||||
int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx,
|
||||
const unsigned char *in, unsigned char *out,
|
||||
size_t len, ctr128_f stream);
|
||||
int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx,
|
||||
const unsigned char *in, unsigned char *out,
|
||||
size_t len, ctr128_f stream);
|
||||
int CRYPTO_gcm128_finish(GCM128_CONTEXT *ctx,const unsigned char *tag,
|
||||
size_t len);
|
||||
void CRYPTO_gcm128_tag(GCM128_CONTEXT *ctx, unsigned char *tag, size_t len);
|
||||
void CRYPTO_gcm128_release(GCM128_CONTEXT *ctx);
|
||||
|
||||
typedef struct ccm128_context CCM128_CONTEXT;
|
||||
|
||||
void CRYPTO_ccm128_init(CCM128_CONTEXT *ctx,
|
||||
unsigned int M, unsigned int L, void *key,block128_f block);
|
||||
int CRYPTO_ccm128_setiv(CCM128_CONTEXT *ctx,
|
||||
const unsigned char *nonce, size_t nlen, size_t mlen);
|
||||
void CRYPTO_ccm128_aad(CCM128_CONTEXT *ctx,
|
||||
const unsigned char *aad, size_t alen);
|
||||
int CRYPTO_ccm128_encrypt(CCM128_CONTEXT *ctx,
|
||||
const unsigned char *inp, unsigned char *out, size_t len);
|
||||
int CRYPTO_ccm128_decrypt(CCM128_CONTEXT *ctx,
|
||||
const unsigned char *inp, unsigned char *out, size_t len);
|
||||
int CRYPTO_ccm128_encrypt_ccm64(CCM128_CONTEXT *ctx,
|
||||
const unsigned char *inp, unsigned char *out, size_t len,
|
||||
ccm128_f stream);
|
||||
int CRYPTO_ccm128_decrypt_ccm64(CCM128_CONTEXT *ctx,
|
||||
const unsigned char *inp, unsigned char *out, size_t len,
|
||||
ccm128_f stream);
|
||||
size_t CRYPTO_ccm128_tag(CCM128_CONTEXT *ctx, unsigned char *tag, size_t len);
|
||||
|
||||
typedef struct xts128_context XTS128_CONTEXT;
|
||||
|
||||
int CRYPTO_xts128_encrypt(const XTS128_CONTEXT *ctx, const unsigned char iv[16],
|
||||
const unsigned char *inp, unsigned char *out, size_t len, int enc);
|
|
@ -122,7 +122,7 @@
|
|||
|
||||
#define SN_wap_wsg "wap-wsg"
|
||||
#define NID_wap_wsg 679
|
||||
#define OBJ_wap_wsg OBJ_wap,13L
|
||||
#define OBJ_wap_wsg OBJ_wap,1L
|
||||
|
||||
#define SN_selected_attribute_types "selected-attribute-types"
|
||||
#define LN_selected_attribute_types "Selected Attribute Types"
|
||||
|
@ -315,6 +315,30 @@
|
|||
#define NID_ecdsa_with_SHA1 416
|
||||
#define OBJ_ecdsa_with_SHA1 OBJ_X9_62_id_ecSigType,1L
|
||||
|
||||
#define SN_ecdsa_with_Recommended "ecdsa-with-Recommended"
|
||||
#define NID_ecdsa_with_Recommended 791
|
||||
#define OBJ_ecdsa_with_Recommended OBJ_X9_62_id_ecSigType,2L
|
||||
|
||||
#define SN_ecdsa_with_Specified "ecdsa-with-Specified"
|
||||
#define NID_ecdsa_with_Specified 792
|
||||
#define OBJ_ecdsa_with_Specified OBJ_X9_62_id_ecSigType,3L
|
||||
|
||||
#define SN_ecdsa_with_SHA224 "ecdsa-with-SHA224"
|
||||
#define NID_ecdsa_with_SHA224 793
|
||||
#define OBJ_ecdsa_with_SHA224 OBJ_ecdsa_with_Specified,1L
|
||||
|
||||
#define SN_ecdsa_with_SHA256 "ecdsa-with-SHA256"
|
||||
#define NID_ecdsa_with_SHA256 794
|
||||
#define OBJ_ecdsa_with_SHA256 OBJ_ecdsa_with_Specified,2L
|
||||
|
||||
#define SN_ecdsa_with_SHA384 "ecdsa-with-SHA384"
|
||||
#define NID_ecdsa_with_SHA384 795
|
||||
#define OBJ_ecdsa_with_SHA384 OBJ_ecdsa_with_Specified,3L
|
||||
|
||||
#define SN_ecdsa_with_SHA512 "ecdsa-with-SHA512"
|
||||
#define NID_ecdsa_with_SHA512 796
|
||||
#define OBJ_ecdsa_with_SHA512 OBJ_ecdsa_with_Specified,4L
|
||||
|
||||
#define OBJ_secg_ellipticCurve OBJ_certicom_arc,0L
|
||||
|
||||
#define SN_secp112r1 "secp112r1"
|
||||
|
@ -556,6 +580,21 @@
|
|||
#define NID_sha1WithRSAEncryption 65
|
||||
#define OBJ_sha1WithRSAEncryption OBJ_pkcs1,5L
|
||||
|
||||
#define SN_rsaesOaep "RSAES-OAEP"
|
||||
#define LN_rsaesOaep "rsaesOaep"
|
||||
#define NID_rsaesOaep 919
|
||||
#define OBJ_rsaesOaep OBJ_pkcs1,7L
|
||||
|
||||
#define SN_mgf1 "MGF1"
|
||||
#define LN_mgf1 "mgf1"
|
||||
#define NID_mgf1 911
|
||||
#define OBJ_mgf1 OBJ_pkcs1,8L
|
||||
|
||||
#define SN_rsassaPss "RSASSA-PSS"
|
||||
#define LN_rsassaPss "rsassaPss"
|
||||
#define NID_rsassaPss 912
|
||||
#define OBJ_rsassaPss OBJ_pkcs1,10L
|
||||
|
||||
#define SN_sha256WithRSAEncryption "RSA-SHA256"
|
||||
#define LN_sha256WithRSAEncryption "sha256WithRSAEncryption"
|
||||
#define NID_sha256WithRSAEncryption 668
|
||||
|
@ -957,6 +996,10 @@
|
|||
#define NID_id_smime_alg_CMSRC2wrap 247
|
||||
#define OBJ_id_smime_alg_CMSRC2wrap OBJ_id_smime_alg,7L
|
||||
|
||||
#define SN_id_alg_PWRI_KEK "id-alg-PWRI-KEK"
|
||||
#define NID_id_alg_PWRI_KEK 893
|
||||
#define OBJ_id_alg_PWRI_KEK OBJ_id_smime_alg,9L
|
||||
|
||||
#define SN_id_smime_cd_ldap "id-smime-cd-ldap"
|
||||
#define NID_id_smime_cd_ldap 248
|
||||
#define OBJ_id_smime_cd_ldap OBJ_id_smime_cd,1L
|
||||
|
@ -1006,6 +1049,11 @@
|
|||
#define NID_ms_csp_name 417
|
||||
#define OBJ_ms_csp_name 1L,3L,6L,1L,4L,1L,311L,17L,1L
|
||||
|
||||
#define SN_LocalKeySet "LocalKeySet"
|
||||
#define LN_LocalKeySet "Microsoft Local Key set"
|
||||
#define NID_LocalKeySet 856
|
||||
#define OBJ_LocalKeySet 1L,3L,6L,1L,4L,1L,311L,17L,2L
|
||||
|
||||
#define OBJ_certTypes OBJ_pkcs9,22L
|
||||
|
||||
#define LN_x509Certificate "x509Certificate"
|
||||
|
@ -1103,10 +1151,30 @@
|
|||
#define LN_md5_sha1 "md5-sha1"
|
||||
#define NID_md5_sha1 114
|
||||
|
||||
#define LN_hmacWithMD5 "hmacWithMD5"
|
||||
#define NID_hmacWithMD5 797
|
||||
#define OBJ_hmacWithMD5 OBJ_rsadsi,2L,6L
|
||||
|
||||
#define LN_hmacWithSHA1 "hmacWithSHA1"
|
||||
#define NID_hmacWithSHA1 163
|
||||
#define OBJ_hmacWithSHA1 OBJ_rsadsi,2L,7L
|
||||
|
||||
#define LN_hmacWithSHA224 "hmacWithSHA224"
|
||||
#define NID_hmacWithSHA224 798
|
||||
#define OBJ_hmacWithSHA224 OBJ_rsadsi,2L,8L
|
||||
|
||||
#define LN_hmacWithSHA256 "hmacWithSHA256"
|
||||
#define NID_hmacWithSHA256 799
|
||||
#define OBJ_hmacWithSHA256 OBJ_rsadsi,2L,9L
|
||||
|
||||
#define LN_hmacWithSHA384 "hmacWithSHA384"
|
||||
#define NID_hmacWithSHA384 800
|
||||
#define OBJ_hmacWithSHA384 OBJ_rsadsi,2L,10L
|
||||
|
||||
#define LN_hmacWithSHA512 "hmacWithSHA512"
|
||||
#define NID_hmacWithSHA512 801
|
||||
#define OBJ_hmacWithSHA512 OBJ_rsadsi,2L,11L
|
||||
|
||||
#define SN_rc2_cbc "RC2-CBC"
|
||||
#define LN_rc2_cbc "rc2-cbc"
|
||||
#define NID_rc2_cbc 37
|
||||
|
@ -1685,6 +1753,11 @@
|
|||
#define NID_id_on_personalData 347
|
||||
#define OBJ_id_on_personalData OBJ_id_on,1L
|
||||
|
||||
#define SN_id_on_permanentIdentifier "id-on-permanentIdentifier"
|
||||
#define LN_id_on_permanentIdentifier "Permanent Identifier"
|
||||
#define NID_id_on_permanentIdentifier 858
|
||||
#define OBJ_id_on_permanentIdentifier OBJ_id_on,3L
|
||||
|
||||
#define SN_id_pda_dateOfBirth "id-pda-dateOfBirth"
|
||||
#define NID_id_pda_dateOfBirth 348
|
||||
#define OBJ_id_pda_dateOfBirth OBJ_id_pda,1L
|
||||
|
@ -1995,6 +2068,7 @@
|
|||
#define NID_stateOrProvinceName 16
|
||||
#define OBJ_stateOrProvinceName OBJ_X509,8L
|
||||
|
||||
#define SN_streetAddress "street"
|
||||
#define LN_streetAddress "streetAddress"
|
||||
#define NID_streetAddress 660
|
||||
#define OBJ_streetAddress OBJ_X509,9L
|
||||
|
@ -2009,6 +2083,7 @@
|
|||
#define NID_organizationalUnitName 18
|
||||
#define OBJ_organizationalUnitName OBJ_X509,11L
|
||||
|
||||
#define SN_title "title"
|
||||
#define LN_title "title"
|
||||
#define NID_title 106
|
||||
#define OBJ_title OBJ_X509,12L
|
||||
|
@ -2017,10 +2092,114 @@
|
|||
#define NID_description 107
|
||||
#define OBJ_description OBJ_X509,13L
|
||||
|
||||
#define LN_searchGuide "searchGuide"
|
||||
#define NID_searchGuide 859
|
||||
#define OBJ_searchGuide OBJ_X509,14L
|
||||
|
||||
#define LN_businessCategory "businessCategory"
|
||||
#define NID_businessCategory 860
|
||||
#define OBJ_businessCategory OBJ_X509,15L
|
||||
|
||||
#define LN_postalAddress "postalAddress"
|
||||
#define NID_postalAddress 861
|
||||
#define OBJ_postalAddress OBJ_X509,16L
|
||||
|
||||
#define LN_postalCode "postalCode"
|
||||
#define NID_postalCode 661
|
||||
#define OBJ_postalCode OBJ_X509,17L
|
||||
|
||||
#define LN_postOfficeBox "postOfficeBox"
|
||||
#define NID_postOfficeBox 862
|
||||
#define OBJ_postOfficeBox OBJ_X509,18L
|
||||
|
||||
#define LN_physicalDeliveryOfficeName "physicalDeliveryOfficeName"
|
||||
#define NID_physicalDeliveryOfficeName 863
|
||||
#define OBJ_physicalDeliveryOfficeName OBJ_X509,19L
|
||||
|
||||
#define LN_telephoneNumber "telephoneNumber"
|
||||
#define NID_telephoneNumber 864
|
||||
#define OBJ_telephoneNumber OBJ_X509,20L
|
||||
|
||||
#define LN_telexNumber "telexNumber"
|
||||
#define NID_telexNumber 865
|
||||
#define OBJ_telexNumber OBJ_X509,21L
|
||||
|
||||
#define LN_teletexTerminalIdentifier "teletexTerminalIdentifier"
|
||||
#define NID_teletexTerminalIdentifier 866
|
||||
#define OBJ_teletexTerminalIdentifier OBJ_X509,22L
|
||||
|
||||
#define LN_facsimileTelephoneNumber "facsimileTelephoneNumber"
|
||||
#define NID_facsimileTelephoneNumber 867
|
||||
#define OBJ_facsimileTelephoneNumber OBJ_X509,23L
|
||||
|
||||
#define LN_x121Address "x121Address"
|
||||
#define NID_x121Address 868
|
||||
#define OBJ_x121Address OBJ_X509,24L
|
||||
|
||||
#define LN_internationaliSDNNumber "internationaliSDNNumber"
|
||||
#define NID_internationaliSDNNumber 869
|
||||
#define OBJ_internationaliSDNNumber OBJ_X509,25L
|
||||
|
||||
#define LN_registeredAddress "registeredAddress"
|
||||
#define NID_registeredAddress 870
|
||||
#define OBJ_registeredAddress OBJ_X509,26L
|
||||
|
||||
#define LN_destinationIndicator "destinationIndicator"
|
||||
#define NID_destinationIndicator 871
|
||||
#define OBJ_destinationIndicator OBJ_X509,27L
|
||||
|
||||
#define LN_preferredDeliveryMethod "preferredDeliveryMethod"
|
||||
#define NID_preferredDeliveryMethod 872
|
||||
#define OBJ_preferredDeliveryMethod OBJ_X509,28L
|
||||
|
||||
#define LN_presentationAddress "presentationAddress"
|
||||
#define NID_presentationAddress 873
|
||||
#define OBJ_presentationAddress OBJ_X509,29L
|
||||
|
||||
#define LN_supportedApplicationContext "supportedApplicationContext"
|
||||
#define NID_supportedApplicationContext 874
|
||||
#define OBJ_supportedApplicationContext OBJ_X509,30L
|
||||
|
||||
#define SN_member "member"
|
||||
#define NID_member 875
|
||||
#define OBJ_member OBJ_X509,31L
|
||||
|
||||
#define SN_owner "owner"
|
||||
#define NID_owner 876
|
||||
#define OBJ_owner OBJ_X509,32L
|
||||
|
||||
#define LN_roleOccupant "roleOccupant"
|
||||
#define NID_roleOccupant 877
|
||||
#define OBJ_roleOccupant OBJ_X509,33L
|
||||
|
||||
#define SN_seeAlso "seeAlso"
|
||||
#define NID_seeAlso 878
|
||||
#define OBJ_seeAlso OBJ_X509,34L
|
||||
|
||||
#define LN_userPassword "userPassword"
|
||||
#define NID_userPassword 879
|
||||
#define OBJ_userPassword OBJ_X509,35L
|
||||
|
||||
#define LN_userCertificate "userCertificate"
|
||||
#define NID_userCertificate 880
|
||||
#define OBJ_userCertificate OBJ_X509,36L
|
||||
|
||||
#define LN_cACertificate "cACertificate"
|
||||
#define NID_cACertificate 881
|
||||
#define OBJ_cACertificate OBJ_X509,37L
|
||||
|
||||
#define LN_authorityRevocationList "authorityRevocationList"
|
||||
#define NID_authorityRevocationList 882
|
||||
#define OBJ_authorityRevocationList OBJ_X509,38L
|
||||
|
||||
#define LN_certificateRevocationList "certificateRevocationList"
|
||||
#define NID_certificateRevocationList 883
|
||||
#define OBJ_certificateRevocationList OBJ_X509,39L
|
||||
|
||||
#define LN_crossCertificatePair "crossCertificatePair"
|
||||
#define NID_crossCertificatePair 884
|
||||
#define OBJ_crossCertificatePair OBJ_X509,40L
|
||||
|
||||
#define SN_name "name"
|
||||
#define LN_name "name"
|
||||
#define NID_name 173
|
||||
|
@ -2031,6 +2210,7 @@
|
|||
#define NID_givenName 99
|
||||
#define OBJ_givenName OBJ_X509,42L
|
||||
|
||||
#define SN_initials "initials"
|
||||
#define LN_initials "initials"
|
||||
#define NID_initials 101
|
||||
#define OBJ_initials OBJ_X509,43L
|
||||
|
@ -2048,6 +2228,38 @@
|
|||
#define NID_dnQualifier 174
|
||||
#define OBJ_dnQualifier OBJ_X509,46L
|
||||
|
||||
#define LN_enhancedSearchGuide "enhancedSearchGuide"
|
||||
#define NID_enhancedSearchGuide 885
|
||||
#define OBJ_enhancedSearchGuide OBJ_X509,47L
|
||||
|
||||
#define LN_protocolInformation "protocolInformation"
|
||||
#define NID_protocolInformation 886
|
||||
#define OBJ_protocolInformation OBJ_X509,48L
|
||||
|
||||
#define LN_distinguishedName "distinguishedName"
|
||||
#define NID_distinguishedName 887
|
||||
#define OBJ_distinguishedName OBJ_X509,49L
|
||||
|
||||
#define LN_uniqueMember "uniqueMember"
|
||||
#define NID_uniqueMember 888
|
||||
#define OBJ_uniqueMember OBJ_X509,50L
|
||||
|
||||
#define LN_houseIdentifier "houseIdentifier"
|
||||
#define NID_houseIdentifier 889
|
||||
#define OBJ_houseIdentifier OBJ_X509,51L
|
||||
|
||||
#define LN_supportedAlgorithms "supportedAlgorithms"
|
||||
#define NID_supportedAlgorithms 890
|
||||
#define OBJ_supportedAlgorithms OBJ_X509,52L
|
||||
|
||||
#define LN_deltaRevocationList "deltaRevocationList"
|
||||
#define NID_deltaRevocationList 891
|
||||
#define OBJ_deltaRevocationList OBJ_X509,53L
|
||||
|
||||
#define SN_dmdName "dmdName"
|
||||
#define NID_dmdName 892
|
||||
#define OBJ_dmdName OBJ_X509,54L
|
||||
|
||||
#define LN_pseudonym "pseudonym"
|
||||
#define NID_pseudonym 510
|
||||
#define OBJ_pseudonym OBJ_X509,65L
|
||||
|
@ -2186,6 +2398,11 @@
|
|||
#define NID_ext_key_usage 126
|
||||
#define OBJ_ext_key_usage OBJ_id_ce,37L
|
||||
|
||||
#define SN_freshest_crl "freshestCRL"
|
||||
#define LN_freshest_crl "X509v3 Freshest CRL"
|
||||
#define NID_freshest_crl 857
|
||||
#define OBJ_freshest_crl OBJ_id_ce,46L
|
||||
|
||||
#define SN_inhibit_any_policy "inhibitAnyPolicy"
|
||||
#define LN_inhibit_any_policy "X509v3 Inhibit Any Policy"
|
||||
#define NID_inhibit_any_policy 748
|
||||
|
@ -2201,6 +2418,11 @@
|
|||
#define NID_no_rev_avail 403
|
||||
#define OBJ_no_rev_avail OBJ_id_ce,56L
|
||||
|
||||
#define SN_anyExtendedKeyUsage "anyExtendedKeyUsage"
|
||||
#define LN_anyExtendedKeyUsage "Any Extended Key Usage"
|
||||
#define NID_anyExtendedKeyUsage 910
|
||||
#define OBJ_anyExtendedKeyUsage OBJ_ext_key_usage,0L
|
||||
|
||||
#define SN_netscape "Netscape"
|
||||
#define LN_netscape "Netscape Communications Corp."
|
||||
#define NID_netscape 57
|
||||
|
@ -2388,6 +2610,24 @@
|
|||
#define NID_aes_128_cfb128 421
|
||||
#define OBJ_aes_128_cfb128 OBJ_aes,4L
|
||||
|
||||
#define SN_id_aes128_wrap "id-aes128-wrap"
|
||||
#define NID_id_aes128_wrap 788
|
||||
#define OBJ_id_aes128_wrap OBJ_aes,5L
|
||||
|
||||
#define SN_aes_128_gcm "id-aes128-GCM"
|
||||
#define LN_aes_128_gcm "aes-128-gcm"
|
||||
#define NID_aes_128_gcm 895
|
||||
#define OBJ_aes_128_gcm OBJ_aes,6L
|
||||
|
||||
#define SN_aes_128_ccm "id-aes128-CCM"
|
||||
#define LN_aes_128_ccm "aes-128-ccm"
|
||||
#define NID_aes_128_ccm 896
|
||||
#define OBJ_aes_128_ccm OBJ_aes,7L
|
||||
|
||||
#define SN_id_aes128_wrap_pad "id-aes128-wrap-pad"
|
||||
#define NID_id_aes128_wrap_pad 897
|
||||
#define OBJ_id_aes128_wrap_pad OBJ_aes,8L
|
||||
|
||||
#define SN_aes_192_ecb "AES-192-ECB"
|
||||
#define LN_aes_192_ecb "aes-192-ecb"
|
||||
#define NID_aes_192_ecb 422
|
||||
|
@ -2408,6 +2648,24 @@
|
|||
#define NID_aes_192_cfb128 425
|
||||
#define OBJ_aes_192_cfb128 OBJ_aes,24L
|
||||
|
||||
#define SN_id_aes192_wrap "id-aes192-wrap"
|
||||
#define NID_id_aes192_wrap 789
|
||||
#define OBJ_id_aes192_wrap OBJ_aes,25L
|
||||
|
||||
#define SN_aes_192_gcm "id-aes192-GCM"
|
||||
#define LN_aes_192_gcm "aes-192-gcm"
|
||||
#define NID_aes_192_gcm 898
|
||||
#define OBJ_aes_192_gcm OBJ_aes,26L
|
||||
|
||||
#define SN_aes_192_ccm "id-aes192-CCM"
|
||||
#define LN_aes_192_ccm "aes-192-ccm"
|
||||
#define NID_aes_192_ccm 899
|
||||
#define OBJ_aes_192_ccm OBJ_aes,27L
|
||||
|
||||
#define SN_id_aes192_wrap_pad "id-aes192-wrap-pad"
|
||||
#define NID_id_aes192_wrap_pad 900
|
||||
#define OBJ_id_aes192_wrap_pad OBJ_aes,28L
|
||||
|
||||
#define SN_aes_256_ecb "AES-256-ECB"
|
||||
#define LN_aes_256_ecb "aes-256-ecb"
|
||||
#define NID_aes_256_ecb 426
|
||||
|
@ -2428,6 +2686,24 @@
|
|||
#define NID_aes_256_cfb128 429
|
||||
#define OBJ_aes_256_cfb128 OBJ_aes,44L
|
||||
|
||||
#define SN_id_aes256_wrap "id-aes256-wrap"
|
||||
#define NID_id_aes256_wrap 790
|
||||
#define OBJ_id_aes256_wrap OBJ_aes,45L
|
||||
|
||||
#define SN_aes_256_gcm "id-aes256-GCM"
|
||||
#define LN_aes_256_gcm "aes-256-gcm"
|
||||
#define NID_aes_256_gcm 901
|
||||
#define OBJ_aes_256_gcm OBJ_aes,46L
|
||||
|
||||
#define SN_aes_256_ccm "id-aes256-CCM"
|
||||
#define LN_aes_256_ccm "aes-256-ccm"
|
||||
#define NID_aes_256_ccm 902
|
||||
#define OBJ_aes_256_ccm OBJ_aes,47L
|
||||
|
||||
#define SN_id_aes256_wrap_pad "id-aes256-wrap-pad"
|
||||
#define NID_id_aes256_wrap_pad 903
|
||||
#define OBJ_id_aes256_wrap_pad OBJ_aes,48L
|
||||
|
||||
#define SN_aes_128_cfb1 "AES-128-CFB1"
|
||||
#define LN_aes_128_cfb1 "aes-128-cfb1"
|
||||
#define NID_aes_128_cfb1 650
|
||||
|
@ -2452,6 +2728,26 @@
|
|||
#define LN_aes_256_cfb8 "aes-256-cfb8"
|
||||
#define NID_aes_256_cfb8 655
|
||||
|
||||
#define SN_aes_128_ctr "AES-128-CTR"
|
||||
#define LN_aes_128_ctr "aes-128-ctr"
|
||||
#define NID_aes_128_ctr 904
|
||||
|
||||
#define SN_aes_192_ctr "AES-192-CTR"
|
||||
#define LN_aes_192_ctr "aes-192-ctr"
|
||||
#define NID_aes_192_ctr 905
|
||||
|
||||
#define SN_aes_256_ctr "AES-256-CTR"
|
||||
#define LN_aes_256_ctr "aes-256-ctr"
|
||||
#define NID_aes_256_ctr 906
|
||||
|
||||
#define SN_aes_128_xts "AES-128-XTS"
|
||||
#define LN_aes_128_xts "aes-128-xts"
|
||||
#define NID_aes_128_xts 913
|
||||
|
||||
#define SN_aes_256_xts "AES-256-XTS"
|
||||
#define LN_aes_256_xts "aes-256-xts"
|
||||
#define NID_aes_256_xts 914
|
||||
|
||||
#define SN_des_cfb1 "DES-CFB1"
|
||||
#define LN_des_cfb1 "des-cfb1"
|
||||
#define NID_des_cfb1 656
|
||||
|
@ -2468,18 +2764,6 @@
|
|||
#define LN_des_ede3_cfb8 "des-ede3-cfb8"
|
||||
#define NID_des_ede3_cfb8 659
|
||||
|
||||
#define SN_id_aes128_wrap "id-aes128-wrap"
|
||||
#define NID_id_aes128_wrap 788
|
||||
#define OBJ_id_aes128_wrap OBJ_aes,5L
|
||||
|
||||
#define SN_id_aes192_wrap "id-aes192-wrap"
|
||||
#define NID_id_aes192_wrap 789
|
||||
#define OBJ_id_aes192_wrap OBJ_aes,25L
|
||||
|
||||
#define SN_id_aes256_wrap "id-aes256-wrap"
|
||||
#define NID_id_aes256_wrap 790
|
||||
#define OBJ_id_aes256_wrap OBJ_aes,45L
|
||||
|
||||
#define OBJ_nist_hashalgs OBJ_nistAlgorithms,2L
|
||||
|
||||
#define SN_sha256 "SHA256"
|
||||
|
@ -2502,6 +2786,16 @@
|
|||
#define NID_sha224 675
|
||||
#define OBJ_sha224 OBJ_nist_hashalgs,4L
|
||||
|
||||
#define OBJ_dsa_with_sha2 OBJ_nistAlgorithms,3L
|
||||
|
||||
#define SN_dsa_with_SHA224 "dsa_with_SHA224"
|
||||
#define NID_dsa_with_SHA224 802
|
||||
#define OBJ_dsa_with_SHA224 OBJ_dsa_with_sha2,1L
|
||||
|
||||
#define SN_dsa_with_SHA256 "dsa_with_SHA256"
|
||||
#define NID_dsa_with_SHA256 803
|
||||
#define OBJ_dsa_with_SHA256 OBJ_dsa_with_sha2,2L
|
||||
|
||||
#define SN_hold_instruction_code "holdInstructionCode"
|
||||
#define LN_hold_instruction_code "Hold Instruction Code"
|
||||
#define NID_hold_instruction_code 430
|
||||
|
@ -3367,6 +3661,226 @@
|
|||
#define LN_ipsec4 "ipsec4"
|
||||
#define NID_ipsec4 750
|
||||
|
||||
#define SN_whirlpool "whirlpool"
|
||||
#define NID_whirlpool 804
|
||||
#define OBJ_whirlpool OBJ_iso,0L,10118L,3L,0L,55L
|
||||
|
||||
#define SN_cryptopro "cryptopro"
|
||||
#define NID_cryptopro 805
|
||||
#define OBJ_cryptopro OBJ_member_body,643L,2L,2L
|
||||
|
||||
#define SN_cryptocom "cryptocom"
|
||||
#define NID_cryptocom 806
|
||||
#define OBJ_cryptocom OBJ_member_body,643L,2L,9L
|
||||
|
||||
#define SN_id_GostR3411_94_with_GostR3410_2001 "id-GostR3411-94-with-GostR3410-2001"
|
||||
#define LN_id_GostR3411_94_with_GostR3410_2001 "GOST R 34.11-94 with GOST R 34.10-2001"
|
||||
#define NID_id_GostR3411_94_with_GostR3410_2001 807
|
||||
#define OBJ_id_GostR3411_94_with_GostR3410_2001 OBJ_cryptopro,3L
|
||||
|
||||
#define SN_id_GostR3411_94_with_GostR3410_94 "id-GostR3411-94-with-GostR3410-94"
|
||||
#define LN_id_GostR3411_94_with_GostR3410_94 "GOST R 34.11-94 with GOST R 34.10-94"
|
||||
#define NID_id_GostR3411_94_with_GostR3410_94 808
|
||||
#define OBJ_id_GostR3411_94_with_GostR3410_94 OBJ_cryptopro,4L
|
||||
|
||||
#define SN_id_GostR3411_94 "md_gost94"
|
||||
#define LN_id_GostR3411_94 "GOST R 34.11-94"
|
||||
#define NID_id_GostR3411_94 809
|
||||
#define OBJ_id_GostR3411_94 OBJ_cryptopro,9L
|
||||
|
||||
#define SN_id_HMACGostR3411_94 "id-HMACGostR3411-94"
|
||||
#define LN_id_HMACGostR3411_94 "HMAC GOST 34.11-94"
|
||||
#define NID_id_HMACGostR3411_94 810
|
||||
#define OBJ_id_HMACGostR3411_94 OBJ_cryptopro,10L
|
||||
|
||||
#define SN_id_GostR3410_2001 "gost2001"
|
||||
#define LN_id_GostR3410_2001 "GOST R 34.10-2001"
|
||||
#define NID_id_GostR3410_2001 811
|
||||
#define OBJ_id_GostR3410_2001 OBJ_cryptopro,19L
|
||||
|
||||
#define SN_id_GostR3410_94 "gost94"
|
||||
#define LN_id_GostR3410_94 "GOST R 34.10-94"
|
||||
#define NID_id_GostR3410_94 812
|
||||
#define OBJ_id_GostR3410_94 OBJ_cryptopro,20L
|
||||
|
||||
#define SN_id_Gost28147_89 "gost89"
|
||||
#define LN_id_Gost28147_89 "GOST 28147-89"
|
||||
#define NID_id_Gost28147_89 813
|
||||
#define OBJ_id_Gost28147_89 OBJ_cryptopro,21L
|
||||
|
||||
#define SN_gost89_cnt "gost89-cnt"
|
||||
#define NID_gost89_cnt 814
|
||||
|
||||
#define SN_id_Gost28147_89_MAC "gost-mac"
|
||||
#define LN_id_Gost28147_89_MAC "GOST 28147-89 MAC"
|
||||
#define NID_id_Gost28147_89_MAC 815
|
||||
#define OBJ_id_Gost28147_89_MAC OBJ_cryptopro,22L
|
||||
|
||||
#define SN_id_GostR3411_94_prf "prf-gostr3411-94"
|
||||
#define LN_id_GostR3411_94_prf "GOST R 34.11-94 PRF"
|
||||
#define NID_id_GostR3411_94_prf 816
|
||||
#define OBJ_id_GostR3411_94_prf OBJ_cryptopro,23L
|
||||
|
||||
#define SN_id_GostR3410_2001DH "id-GostR3410-2001DH"
|
||||
#define LN_id_GostR3410_2001DH "GOST R 34.10-2001 DH"
|
||||
#define NID_id_GostR3410_2001DH 817
|
||||
#define OBJ_id_GostR3410_2001DH OBJ_cryptopro,98L
|
||||
|
||||
#define SN_id_GostR3410_94DH "id-GostR3410-94DH"
|
||||
#define LN_id_GostR3410_94DH "GOST R 34.10-94 DH"
|
||||
#define NID_id_GostR3410_94DH 818
|
||||
#define OBJ_id_GostR3410_94DH OBJ_cryptopro,99L
|
||||
|
||||
#define SN_id_Gost28147_89_CryptoPro_KeyMeshing "id-Gost28147-89-CryptoPro-KeyMeshing"
|
||||
#define NID_id_Gost28147_89_CryptoPro_KeyMeshing 819
|
||||
#define OBJ_id_Gost28147_89_CryptoPro_KeyMeshing OBJ_cryptopro,14L,1L
|
||||
|
||||
#define SN_id_Gost28147_89_None_KeyMeshing "id-Gost28147-89-None-KeyMeshing"
|
||||
#define NID_id_Gost28147_89_None_KeyMeshing 820
|
||||
#define OBJ_id_Gost28147_89_None_KeyMeshing OBJ_cryptopro,14L,0L
|
||||
|
||||
#define SN_id_GostR3411_94_TestParamSet "id-GostR3411-94-TestParamSet"
|
||||
#define NID_id_GostR3411_94_TestParamSet 821
|
||||
#define OBJ_id_GostR3411_94_TestParamSet OBJ_cryptopro,30L,0L
|
||||
|
||||
#define SN_id_GostR3411_94_CryptoProParamSet "id-GostR3411-94-CryptoProParamSet"
|
||||
#define NID_id_GostR3411_94_CryptoProParamSet 822
|
||||
#define OBJ_id_GostR3411_94_CryptoProParamSet OBJ_cryptopro,30L,1L
|
||||
|
||||
#define SN_id_Gost28147_89_TestParamSet "id-Gost28147-89-TestParamSet"
|
||||
#define NID_id_Gost28147_89_TestParamSet 823
|
||||
#define OBJ_id_Gost28147_89_TestParamSet OBJ_cryptopro,31L,0L
|
||||
|
||||
#define SN_id_Gost28147_89_CryptoPro_A_ParamSet "id-Gost28147-89-CryptoPro-A-ParamSet"
|
||||
#define NID_id_Gost28147_89_CryptoPro_A_ParamSet 824
|
||||
#define OBJ_id_Gost28147_89_CryptoPro_A_ParamSet OBJ_cryptopro,31L,1L
|
||||
|
||||
#define SN_id_Gost28147_89_CryptoPro_B_ParamSet "id-Gost28147-89-CryptoPro-B-ParamSet"
|
||||
#define NID_id_Gost28147_89_CryptoPro_B_ParamSet 825
|
||||
#define OBJ_id_Gost28147_89_CryptoPro_B_ParamSet OBJ_cryptopro,31L,2L
|
||||
|
||||
#define SN_id_Gost28147_89_CryptoPro_C_ParamSet "id-Gost28147-89-CryptoPro-C-ParamSet"
|
||||
#define NID_id_Gost28147_89_CryptoPro_C_ParamSet 826
|
||||
#define OBJ_id_Gost28147_89_CryptoPro_C_ParamSet OBJ_cryptopro,31L,3L
|
||||
|
||||
#define SN_id_Gost28147_89_CryptoPro_D_ParamSet "id-Gost28147-89-CryptoPro-D-ParamSet"
|
||||
#define NID_id_Gost28147_89_CryptoPro_D_ParamSet 827
|
||||
#define OBJ_id_Gost28147_89_CryptoPro_D_ParamSet OBJ_cryptopro,31L,4L
|
||||
|
||||
#define SN_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet"
|
||||
#define NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet 828
|
||||
#define OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet OBJ_cryptopro,31L,5L
|
||||
|
||||
#define SN_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet"
|
||||
#define NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet 829
|
||||
#define OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet OBJ_cryptopro,31L,6L
|
||||
|
||||
#define SN_id_Gost28147_89_CryptoPro_RIC_1_ParamSet "id-Gost28147-89-CryptoPro-RIC-1-ParamSet"
|
||||
#define NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet 830
|
||||
#define OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet OBJ_cryptopro,31L,7L
|
||||
|
||||
#define SN_id_GostR3410_94_TestParamSet "id-GostR3410-94-TestParamSet"
|
||||
#define NID_id_GostR3410_94_TestParamSet 831
|
||||
#define OBJ_id_GostR3410_94_TestParamSet OBJ_cryptopro,32L,0L
|
||||
|
||||
#define SN_id_GostR3410_94_CryptoPro_A_ParamSet "id-GostR3410-94-CryptoPro-A-ParamSet"
|
||||
#define NID_id_GostR3410_94_CryptoPro_A_ParamSet 832
|
||||
#define OBJ_id_GostR3410_94_CryptoPro_A_ParamSet OBJ_cryptopro,32L,2L
|
||||
|
||||
#define SN_id_GostR3410_94_CryptoPro_B_ParamSet "id-GostR3410-94-CryptoPro-B-ParamSet"
|
||||
#define NID_id_GostR3410_94_CryptoPro_B_ParamSet 833
|
||||
#define OBJ_id_GostR3410_94_CryptoPro_B_ParamSet OBJ_cryptopro,32L,3L
|
||||
|
||||
#define SN_id_GostR3410_94_CryptoPro_C_ParamSet "id-GostR3410-94-CryptoPro-C-ParamSet"
|
||||
#define NID_id_GostR3410_94_CryptoPro_C_ParamSet 834
|
||||
#define OBJ_id_GostR3410_94_CryptoPro_C_ParamSet OBJ_cryptopro,32L,4L
|
||||
|
||||
#define SN_id_GostR3410_94_CryptoPro_D_ParamSet "id-GostR3410-94-CryptoPro-D-ParamSet"
|
||||
#define NID_id_GostR3410_94_CryptoPro_D_ParamSet 835
|
||||
#define OBJ_id_GostR3410_94_CryptoPro_D_ParamSet OBJ_cryptopro,32L,5L
|
||||
|
||||
#define SN_id_GostR3410_94_CryptoPro_XchA_ParamSet "id-GostR3410-94-CryptoPro-XchA-ParamSet"
|
||||
#define NID_id_GostR3410_94_CryptoPro_XchA_ParamSet 836
|
||||
#define OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet OBJ_cryptopro,33L,1L
|
||||
|
||||
#define SN_id_GostR3410_94_CryptoPro_XchB_ParamSet "id-GostR3410-94-CryptoPro-XchB-ParamSet"
|
||||
#define NID_id_GostR3410_94_CryptoPro_XchB_ParamSet 837
|
||||
#define OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet OBJ_cryptopro,33L,2L
|
||||
|
||||
#define SN_id_GostR3410_94_CryptoPro_XchC_ParamSet "id-GostR3410-94-CryptoPro-XchC-ParamSet"
|
||||
#define NID_id_GostR3410_94_CryptoPro_XchC_ParamSet 838
|
||||
#define OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet OBJ_cryptopro,33L,3L
|
||||
|
||||
#define SN_id_GostR3410_2001_TestParamSet "id-GostR3410-2001-TestParamSet"
|
||||
#define NID_id_GostR3410_2001_TestParamSet 839
|
||||
#define OBJ_id_GostR3410_2001_TestParamSet OBJ_cryptopro,35L,0L
|
||||
|
||||
#define SN_id_GostR3410_2001_CryptoPro_A_ParamSet "id-GostR3410-2001-CryptoPro-A-ParamSet"
|
||||
#define NID_id_GostR3410_2001_CryptoPro_A_ParamSet 840
|
||||
#define OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet OBJ_cryptopro,35L,1L
|
||||
|
||||
#define SN_id_GostR3410_2001_CryptoPro_B_ParamSet "id-GostR3410-2001-CryptoPro-B-ParamSet"
|
||||
#define NID_id_GostR3410_2001_CryptoPro_B_ParamSet 841
|
||||
#define OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet OBJ_cryptopro,35L,2L
|
||||
|
||||
#define SN_id_GostR3410_2001_CryptoPro_C_ParamSet "id-GostR3410-2001-CryptoPro-C-ParamSet"
|
||||
#define NID_id_GostR3410_2001_CryptoPro_C_ParamSet 842
|
||||
#define OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet OBJ_cryptopro,35L,3L
|
||||
|
||||
#define SN_id_GostR3410_2001_CryptoPro_XchA_ParamSet "id-GostR3410-2001-CryptoPro-XchA-ParamSet"
|
||||
#define NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet 843
|
||||
#define OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet OBJ_cryptopro,36L,0L
|
||||
|
||||
#define SN_id_GostR3410_2001_CryptoPro_XchB_ParamSet "id-GostR3410-2001-CryptoPro-XchB-ParamSet"
|
||||
#define NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet 844
|
||||
#define OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet OBJ_cryptopro,36L,1L
|
||||
|
||||
#define SN_id_GostR3410_94_a "id-GostR3410-94-a"
|
||||
#define NID_id_GostR3410_94_a 845
|
||||
#define OBJ_id_GostR3410_94_a OBJ_id_GostR3410_94,1L
|
||||
|
||||
#define SN_id_GostR3410_94_aBis "id-GostR3410-94-aBis"
|
||||
#define NID_id_GostR3410_94_aBis 846
|
||||
#define OBJ_id_GostR3410_94_aBis OBJ_id_GostR3410_94,2L
|
||||
|
||||
#define SN_id_GostR3410_94_b "id-GostR3410-94-b"
|
||||
#define NID_id_GostR3410_94_b 847
|
||||
#define OBJ_id_GostR3410_94_b OBJ_id_GostR3410_94,3L
|
||||
|
||||
#define SN_id_GostR3410_94_bBis "id-GostR3410-94-bBis"
|
||||
#define NID_id_GostR3410_94_bBis 848
|
||||
#define OBJ_id_GostR3410_94_bBis OBJ_id_GostR3410_94,4L
|
||||
|
||||
#define SN_id_Gost28147_89_cc "id-Gost28147-89-cc"
|
||||
#define LN_id_Gost28147_89_cc "GOST 28147-89 Cryptocom ParamSet"
|
||||
#define NID_id_Gost28147_89_cc 849
|
||||
#define OBJ_id_Gost28147_89_cc OBJ_cryptocom,1L,6L,1L
|
||||
|
||||
#define SN_id_GostR3410_94_cc "gost94cc"
|
||||
#define LN_id_GostR3410_94_cc "GOST 34.10-94 Cryptocom"
|
||||
#define NID_id_GostR3410_94_cc 850
|
||||
#define OBJ_id_GostR3410_94_cc OBJ_cryptocom,1L,5L,3L
|
||||
|
||||
#define SN_id_GostR3410_2001_cc "gost2001cc"
|
||||
#define LN_id_GostR3410_2001_cc "GOST 34.10-2001 Cryptocom"
|
||||
#define NID_id_GostR3410_2001_cc 851
|
||||
#define OBJ_id_GostR3410_2001_cc OBJ_cryptocom,1L,5L,4L
|
||||
|
||||
#define SN_id_GostR3411_94_with_GostR3410_94_cc "id-GostR3411-94-with-GostR3410-94-cc"
|
||||
#define LN_id_GostR3411_94_with_GostR3410_94_cc "GOST R 34.11-94 with GOST R 34.10-94 Cryptocom"
|
||||
#define NID_id_GostR3411_94_with_GostR3410_94_cc 852
|
||||
#define OBJ_id_GostR3411_94_with_GostR3410_94_cc OBJ_cryptocom,1L,3L,3L
|
||||
|
||||
#define SN_id_GostR3411_94_with_GostR3410_2001_cc "id-GostR3411-94-with-GostR3410-2001-cc"
|
||||
#define LN_id_GostR3411_94_with_GostR3410_2001_cc "GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom"
|
||||
#define NID_id_GostR3411_94_with_GostR3410_2001_cc 853
|
||||
#define OBJ_id_GostR3411_94_with_GostR3410_2001_cc OBJ_cryptocom,1L,3L,4L
|
||||
|
||||
#define SN_id_GostR3410_2001_ParamSet_cc "id-GostR3410-2001-ParamSet-cc"
|
||||
#define LN_id_GostR3410_2001_ParamSet_cc "GOST R 3410-2001 Parameter Set Cryptocom"
|
||||
#define NID_id_GostR3410_2001_ParamSet_cc 854
|
||||
#define OBJ_id_GostR3410_2001_ParamSet_cc OBJ_cryptocom,1L,8L,1L
|
||||
|
||||
#define SN_camellia_128_cbc "CAMELLIA-128-CBC"
|
||||
#define LN_camellia_128_cbc "camellia-128-cbc"
|
||||
#define NID_camellia_128_cbc 751
|
||||
|
@ -3382,6 +3896,18 @@
|
|||
#define NID_camellia_256_cbc 753
|
||||
#define OBJ_camellia_256_cbc 1L,2L,392L,200011L,61L,1L,1L,1L,4L
|
||||
|
||||
#define SN_id_camellia128_wrap "id-camellia128-wrap"
|
||||
#define NID_id_camellia128_wrap 907
|
||||
#define OBJ_id_camellia128_wrap 1L,2L,392L,200011L,61L,1L,1L,3L,2L
|
||||
|
||||
#define SN_id_camellia192_wrap "id-camellia192-wrap"
|
||||
#define NID_id_camellia192_wrap 908
|
||||
#define OBJ_id_camellia192_wrap 1L,2L,392L,200011L,61L,1L,1L,3L,3L
|
||||
|
||||
#define SN_id_camellia256_wrap "id-camellia256-wrap"
|
||||
#define NID_id_camellia256_wrap 909
|
||||
#define OBJ_id_camellia256_wrap 1L,2L,392L,200011L,61L,1L,1L,3L,4L
|
||||
|
||||
#define OBJ_ntt_ds 0L,3L,4401L,5L
|
||||
|
||||
#define OBJ_camellia OBJ_ntt_ds,3L,1L,9L
|
||||
|
@ -3480,3 +4006,27 @@
|
|||
#define NID_seed_ofb128 778
|
||||
#define OBJ_seed_ofb128 OBJ_kisa,1L,6L
|
||||
|
||||
#define SN_hmac "HMAC"
|
||||
#define LN_hmac "hmac"
|
||||
#define NID_hmac 855
|
||||
|
||||
#define SN_cmac "CMAC"
|
||||
#define LN_cmac "cmac"
|
||||
#define NID_cmac 894
|
||||
|
||||
#define SN_rc4_hmac_md5 "RC4-HMAC-MD5"
|
||||
#define LN_rc4_hmac_md5 "rc4-hmac-md5"
|
||||
#define NID_rc4_hmac_md5 915
|
||||
|
||||
#define SN_aes_128_cbc_hmac_sha1 "AES-128-CBC-HMAC-SHA1"
|
||||
#define LN_aes_128_cbc_hmac_sha1 "aes-128-cbc-hmac-sha1"
|
||||
#define NID_aes_128_cbc_hmac_sha1 916
|
||||
|
||||
#define SN_aes_192_cbc_hmac_sha1 "AES-192-CBC-HMAC-SHA1"
|
||||
#define LN_aes_192_cbc_hmac_sha1 "aes-192-cbc-hmac-sha1"
|
||||
#define NID_aes_192_cbc_hmac_sha1 917
|
||||
|
||||
#define SN_aes_256_cbc_hmac_sha1 "AES-256-CBC-HMAC-SHA1"
|
||||
#define LN_aes_256_cbc_hmac_sha1 "aes-256-cbc-hmac-sha1"
|
||||
#define NID_aes_256_cbc_hmac_sha1 918
|
||||
|
||||
|
|
|
@ -1011,10 +1011,91 @@ int OBJ_txt2nid(const char *s);
|
|||
int OBJ_ln2nid(const char *s);
|
||||
int OBJ_sn2nid(const char *s);
|
||||
int OBJ_cmp(const ASN1_OBJECT *a,const ASN1_OBJECT *b);
|
||||
const char * OBJ_bsearch(const char *key,const char *base,int num,int size,
|
||||
int (*cmp)(const void *, const void *));
|
||||
const char * OBJ_bsearch_ex(const char *key,const char *base,int num,
|
||||
int size, int (*cmp)(const void *, const void *), int flags);
|
||||
const void * OBJ_bsearch_(const void *key,const void *base,int num,int size,
|
||||
int (*cmp)(const void *, const void *));
|
||||
const void * OBJ_bsearch_ex_(const void *key,const void *base,int num,
|
||||
int size,
|
||||
int (*cmp)(const void *, const void *),
|
||||
int flags);
|
||||
|
||||
#define _DECLARE_OBJ_BSEARCH_CMP_FN(scope, type1, type2, nm) \
|
||||
static int nm##_cmp_BSEARCH_CMP_FN(const void *, const void *); \
|
||||
static int nm##_cmp(type1 const *, type2 const *); \
|
||||
scope type2 * OBJ_bsearch_##nm(type1 *key, type2 const *base, int num)
|
||||
|
||||
#define DECLARE_OBJ_BSEARCH_CMP_FN(type1, type2, cmp) \
|
||||
_DECLARE_OBJ_BSEARCH_CMP_FN(static, type1, type2, cmp)
|
||||
#define DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN(type1, type2, nm) \
|
||||
type2 * OBJ_bsearch_##nm(type1 *key, type2 const *base, int num)
|
||||
|
||||
/*
|
||||
* Unsolved problem: if a type is actually a pointer type, like
|
||||
* nid_triple is, then its impossible to get a const where you need
|
||||
* it. Consider:
|
||||
*
|
||||
* typedef int nid_triple[3];
|
||||
* const void *a_;
|
||||
* const nid_triple const *a = a_;
|
||||
*
|
||||
* The assignement discards a const because what you really want is:
|
||||
*
|
||||
* const int const * const *a = a_;
|
||||
*
|
||||
* But if you do that, you lose the fact that a is an array of 3 ints,
|
||||
* which breaks comparison functions.
|
||||
*
|
||||
* Thus we end up having to cast, sadly, or unpack the
|
||||
* declarations. Or, as I finally did in this case, delcare nid_triple
|
||||
* to be a struct, which it should have been in the first place.
|
||||
*
|
||||
* Ben, August 2008.
|
||||
*
|
||||
* Also, strictly speaking not all types need be const, but handling
|
||||
* the non-constness means a lot of complication, and in practice
|
||||
* comparison routines do always not touch their arguments.
|
||||
*/
|
||||
|
||||
#define IMPLEMENT_OBJ_BSEARCH_CMP_FN(type1, type2, nm) \
|
||||
static int nm##_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_) \
|
||||
{ \
|
||||
type1 const *a = a_; \
|
||||
type2 const *b = b_; \
|
||||
return nm##_cmp(a,b); \
|
||||
} \
|
||||
static type2 *OBJ_bsearch_##nm(type1 *key, type2 const *base, int num) \
|
||||
{ \
|
||||
return (type2 *)OBJ_bsearch_(key, base, num, sizeof(type2), \
|
||||
nm##_cmp_BSEARCH_CMP_FN); \
|
||||
} \
|
||||
extern void dummy_prototype(void)
|
||||
|
||||
#define IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(type1, type2, nm) \
|
||||
static int nm##_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_) \
|
||||
{ \
|
||||
type1 const *a = a_; \
|
||||
type2 const *b = b_; \
|
||||
return nm##_cmp(a,b); \
|
||||
} \
|
||||
type2 *OBJ_bsearch_##nm(type1 *key, type2 const *base, int num) \
|
||||
{ \
|
||||
return (type2 *)OBJ_bsearch_(key, base, num, sizeof(type2), \
|
||||
nm##_cmp_BSEARCH_CMP_FN); \
|
||||
} \
|
||||
extern void dummy_prototype(void)
|
||||
|
||||
#define OBJ_bsearch(type1,key,type2,base,num,cmp) \
|
||||
((type2 *)OBJ_bsearch_(CHECKED_PTR_OF(type1,key),CHECKED_PTR_OF(type2,base), \
|
||||
num,sizeof(type2), \
|
||||
((void)CHECKED_PTR_OF(type1,cmp##_type_1), \
|
||||
(void)CHECKED_PTR_OF(type2,cmp##_type_2), \
|
||||
cmp##_BSEARCH_CMP_FN)))
|
||||
|
||||
#define OBJ_bsearch_ex(type1,key,type2,base,num,cmp,flags) \
|
||||
((type2 *)OBJ_bsearch_ex_(CHECKED_PTR_OF(type1,key),CHECKED_PTR_OF(type2,base), \
|
||||
num,sizeof(type2), \
|
||||
((void)CHECKED_PTR_OF(type1,cmp##_type_1), \
|
||||
(void)type_2=CHECKED_PTR_OF(type2,cmp##_type_2), \
|
||||
cmp##_BSEARCH_CMP_FN)),flags)
|
||||
|
||||
int OBJ_new_nid(int num);
|
||||
int OBJ_add_object(const ASN1_OBJECT *obj);
|
||||
|
@ -1022,6 +1103,14 @@ int OBJ_create(const char *oid,const char *sn,const char *ln);
|
|||
void OBJ_cleanup(void );
|
||||
int OBJ_create_objects(BIO *in);
|
||||
|
||||
int OBJ_find_sigid_algs(int signid, int *pdig_nid, int *ppkey_nid);
|
||||
int OBJ_find_sigid_by_algs(int *psignid, int dig_nid, int pkey_nid);
|
||||
int OBJ_add_sigid(int signid, int dig_id, int pkey_id);
|
||||
void OBJ_sigid_free(void);
|
||||
|
||||
extern int obj_cleanup_defer;
|
||||
void check_defer(int nid);
|
||||
|
||||
/* BEGIN ERROR CODES */
|
||||
/* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||
* made after this point may be overwritten when the script is next run.
|
||||
|
|
|
@ -64,6 +64,7 @@
|
|||
#ifndef HEADER_OCSP_H
|
||||
#define HEADER_OCSP_H
|
||||
|
||||
#include <openssl/ossl_typ.h>
|
||||
#include <openssl/x509.h>
|
||||
#include <openssl/x509v3.h>
|
||||
#include <openssl/safestack.h>
|
||||
|
@ -394,17 +395,20 @@ typedef struct ocsp_service_locator_st
|
|||
#define ASN1_BIT_STRING_digest(data,type,md,len) \
|
||||
ASN1_item_digest(ASN1_ITEM_rptr(ASN1_BIT_STRING),type,data,md,len)
|
||||
|
||||
#define OCSP_CERTID_dup(cid) ASN1_dup_of(OCSP_CERTID,i2d_OCSP_CERTID,d2i_OCSP_CERTID,cid)
|
||||
|
||||
#define OCSP_CERTSTATUS_dup(cs)\
|
||||
(OCSP_CERTSTATUS*)ASN1_dup((int(*)())i2d_OCSP_CERTSTATUS,\
|
||||
(char *(*)())d2i_OCSP_CERTSTATUS,(char *)(cs))
|
||||
|
||||
OCSP_CERTID *OCSP_CERTID_dup(OCSP_CERTID *id);
|
||||
|
||||
OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, char *path, OCSP_REQUEST *req);
|
||||
OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, char *path, OCSP_REQUEST *req,
|
||||
int maxline);
|
||||
int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx);
|
||||
void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx);
|
||||
int OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, OCSP_REQUEST *req);
|
||||
int OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx,
|
||||
const char *name, const char *value);
|
||||
|
||||
OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, X509 *subject, X509 *issuer);
|
||||
|
||||
|
@ -474,11 +478,6 @@ int OCSP_basic_sign(OCSP_BASICRESP *brsp,
|
|||
X509 *signer, EVP_PKEY *key, const EVP_MD *dgst,
|
||||
STACK_OF(X509) *certs, unsigned long flags);
|
||||
|
||||
ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, i2d_of_void *i2d,
|
||||
void *data, STACK_OF(ASN1_OBJECT) *sk);
|
||||
#define ASN1_STRING_encode_of(type,s,i2d,data,sk) \
|
||||
ASN1_STRING_encode(s, CHECKED_I2D_OF(type, i2d), data, sk)
|
||||
|
||||
X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim);
|
||||
|
||||
X509_EXTENSION *OCSP_accept_responses_new(char **oids);
|
||||
|
@ -547,9 +546,9 @@ DECLARE_ASN1_FUNCTIONS(OCSP_REQINFO)
|
|||
DECLARE_ASN1_FUNCTIONS(OCSP_CRLID)
|
||||
DECLARE_ASN1_FUNCTIONS(OCSP_SERVICELOC)
|
||||
|
||||
char *OCSP_response_status_str(long s);
|
||||
char *OCSP_cert_status_str(long s);
|
||||
char *OCSP_crl_reason_str(long s);
|
||||
const char *OCSP_response_status_str(long s);
|
||||
const char *OCSP_cert_status_str(long s);
|
||||
const char *OCSP_crl_reason_str(long s);
|
||||
|
||||
int OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST* a, unsigned long flags);
|
||||
int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* o, unsigned long flags);
|
||||
|
@ -582,7 +581,8 @@ void ERR_load_OCSP_strings(void);
|
|||
#define OCSP_F_OCSP_REQUEST_VERIFY 116
|
||||
#define OCSP_F_OCSP_RESPONSE_GET1_BASIC 111
|
||||
#define OCSP_F_OCSP_SENDREQ_BIO 112
|
||||
#define OCSP_F_PARSE_HTTP_LINE1 117
|
||||
#define OCSP_F_OCSP_SENDREQ_NBIO 117
|
||||
#define OCSP_F_PARSE_HTTP_LINE1 118
|
||||
#define OCSP_F_REQUEST_VERIFY 113
|
||||
|
||||
/* Reason codes. */
|
||||
|
|
|
@ -4,26 +4,21 @@
|
|||
/* OpenSSL was configured with the following options: */
|
||||
#ifndef OPENSSL_DOING_MAKEDEPEND
|
||||
|
||||
#ifndef OPENSSL_NO_CAMELLIA
|
||||
# define OPENSSL_NO_CAMELLIA
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_CAST
|
||||
# define OPENSSL_NO_CAST
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_CMS
|
||||
# define OPENSSL_NO_CMS
|
||||
|
||||
#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
|
||||
# define OPENSSL_NO_EC_NISTP_64_GCC_128
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_GMP
|
||||
# define OPENSSL_NO_GMP
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_IDEA
|
||||
# define OPENSSL_NO_IDEA
|
||||
#ifndef OPENSSL_NO_JPAKE
|
||||
# define OPENSSL_NO_JPAKE
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_KRB5
|
||||
# define OPENSSL_NO_KRB5
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_MDC2
|
||||
# define OPENSSL_NO_MDC2
|
||||
#ifndef OPENSSL_NO_MD2
|
||||
# define OPENSSL_NO_MD2
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_RC5
|
||||
# define OPENSSL_NO_RC5
|
||||
|
@ -31,14 +26,15 @@
|
|||
#ifndef OPENSSL_NO_RFC3779
|
||||
# define OPENSSL_NO_RFC3779
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_SEED
|
||||
# define OPENSSL_NO_SEED
|
||||
#ifndef OPENSSL_NO_SCTP
|
||||
# define OPENSSL_NO_SCTP
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_TLSEXT
|
||||
# define OPENSSL_NO_TLSEXT
|
||||
#ifndef OPENSSL_NO_STORE
|
||||
# define OPENSSL_NO_STORE
|
||||
#endif
|
||||
|
||||
#endif /* OPENSSL_DOING_MAKEDEPEND */
|
||||
|
||||
#ifndef OPENSSL_THREADS
|
||||
# define OPENSSL_THREADS
|
||||
#endif
|
||||
|
@ -51,26 +47,20 @@
|
|||
who haven't had the time to do the appropriate changes in their
|
||||
applications. */
|
||||
#ifdef OPENSSL_ALGORITHM_DEFINES
|
||||
# if defined(OPENSSL_NO_CAMELLIA) && !defined(NO_CAMELLIA)
|
||||
# define NO_CAMELLIA
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_CAST) && !defined(NO_CAST)
|
||||
# define NO_CAST
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_CMS) && !defined(NO_CMS)
|
||||
# define NO_CMS
|
||||
# if defined(OPENSSL_NO_EC_NISTP_64_GCC_128) && !defined(NO_EC_NISTP_64_GCC_128)
|
||||
# define NO_EC_NISTP_64_GCC_128
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_GMP) && !defined(NO_GMP)
|
||||
# define NO_GMP
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_IDEA) && !defined(NO_IDEA)
|
||||
# define NO_IDEA
|
||||
# if defined(OPENSSL_NO_JPAKE) && !defined(NO_JPAKE)
|
||||
# define NO_JPAKE
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
|
||||
# define NO_KRB5
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_MDC2) && !defined(NO_MDC2)
|
||||
# define NO_MDC2
|
||||
# if defined(OPENSSL_NO_MD2) && !defined(NO_MD2)
|
||||
# define NO_MD2
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_RC5) && !defined(NO_RC5)
|
||||
# define NO_RC5
|
||||
|
@ -78,11 +68,11 @@
|
|||
# if defined(OPENSSL_NO_RFC3779) && !defined(NO_RFC3779)
|
||||
# define NO_RFC3779
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_SEED) && !defined(NO_SEED)
|
||||
# define NO_SEED
|
||||
# if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP)
|
||||
# define NO_SCTP
|
||||
# endif
|
||||
# if defined(OPENSSL_NO_TLSEXT) && !defined(NO_TLSEXT)
|
||||
# define NO_TLSEXT
|
||||
# if defined(OPENSSL_NO_STORE) && !defined(NO_STORE)
|
||||
# define NO_STORE
|
||||
# endif
|
||||
#endif
|
||||
|
||||
|
@ -93,8 +83,8 @@
|
|||
|
||||
#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
|
||||
#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
|
||||
#define ENGINESDIR "/usr/local/ssl/lib/engines"
|
||||
#define OPENSSLDIR "/usr/local/ssl"
|
||||
#define ENGINESDIR "/tmp/openssl-1.0.1e-armv7/lib/engines"
|
||||
#define OPENSSLDIR "/tmp/openssl-1.0.1e-armv7"
|
||||
#endif
|
||||
#endif
|
||||
|
||||
|
@ -125,14 +115,14 @@
|
|||
* - Intel P6 because partial register stalls are very expensive;
|
||||
* - elder Alpha because it lacks byte load/store instructions;
|
||||
*/
|
||||
#define RC4_INT unsigned char
|
||||
#define RC4_INT unsigned int
|
||||
#endif
|
||||
#if !defined(RC4_CHUNK)
|
||||
/*
|
||||
* This enables code handling data aligned at natural CPU word
|
||||
* boundary. See crypto/rc4/rc4_enc.c for further details.
|
||||
*/
|
||||
#define RC4_CHUNK unsigned long
|
||||
#undef RC4_CHUNK
|
||||
#endif
|
||||
#endif
|
||||
|
||||
|
@ -151,26 +141,21 @@
|
|||
/* Should we define BN_DIV2W here? */
|
||||
|
||||
/* Only one for the following should be defined */
|
||||
/* The prime number generation stuff may not work when
|
||||
* EIGHT_BIT but I don't care since I've only used this mode
|
||||
* for debuging the bignum libraries */
|
||||
#undef SIXTY_FOUR_BIT_LONG
|
||||
#undef SIXTY_FOUR_BIT
|
||||
#define THIRTY_TWO_BIT
|
||||
#undef SIXTEEN_BIT
|
||||
#undef EIGHT_BIT
|
||||
#endif
|
||||
|
||||
#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
|
||||
#define CONFIG_HEADER_RC4_LOCL_H
|
||||
/* if this is defined data[i] is used instead of *data, this is a %20
|
||||
* speedup on x86 */
|
||||
#undef RC4_INDEX
|
||||
#define RC4_INDEX
|
||||
#endif
|
||||
|
||||
#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
|
||||
#define CONFIG_HEADER_BF_LOCL_H
|
||||
#define BF_PTR
|
||||
#undef BF_PTR
|
||||
#endif /* HEADER_BF_LOCL_H */
|
||||
|
||||
#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
* 0.9.3-beta2 0x00903002 (same as ...beta2-dev)
|
||||
* 0.9.3 0x0090300f
|
||||
* 0.9.3a 0x0090301f
|
||||
* 0.9.4 0x0090400f
|
||||
* 0.9.4 0x0090400f
|
||||
* 1.2.3z 0x102031af
|
||||
*
|
||||
* For continuity reasons (because 0.9.5 is already out, and is coded
|
||||
|
@ -25,11 +25,11 @@
|
|||
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
|
||||
* major minor fix final patch/beta)
|
||||
*/
|
||||
#define OPENSSL_VERSION_NUMBER 0x0090808fL
|
||||
#define OPENSSL_VERSION_NUMBER 0x1000105fL
|
||||
#ifdef OPENSSL_FIPS
|
||||
#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8h-fips 28 May 2008"
|
||||
#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1e-fips 11 Feb 2013"
|
||||
#else
|
||||
#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8h 28 May 2008"
|
||||
#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1e 11 Feb 2013"
|
||||
#endif
|
||||
#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
|
||||
|
||||
|
@ -83,7 +83,7 @@
|
|||
* should only keep the versions that are binary compatible with the current.
|
||||
*/
|
||||
#define SHLIB_VERSION_HISTORY ""
|
||||
#define SHLIB_VERSION_NUMBER "0.9.8"
|
||||
#define SHLIB_VERSION_NUMBER "1.0.0"
|
||||
|
||||
|
||||
#endif /* HEADER_OPENSSLV_H */
|
||||
|
|
|
@ -91,15 +91,21 @@ typedef struct asn1_string_st ASN1_TIME;
|
|||
typedef struct asn1_string_st ASN1_GENERALIZEDTIME;
|
||||
typedef struct asn1_string_st ASN1_VISIBLESTRING;
|
||||
typedef struct asn1_string_st ASN1_UTF8STRING;
|
||||
typedef struct asn1_string_st ASN1_STRING;
|
||||
typedef int ASN1_BOOLEAN;
|
||||
typedef int ASN1_NULL;
|
||||
#endif
|
||||
|
||||
typedef struct ASN1_ITEM_st ASN1_ITEM;
|
||||
typedef struct asn1_pctx_st ASN1_PCTX;
|
||||
|
||||
#ifdef OPENSSL_SYS_WIN32
|
||||
#undef X509_NAME
|
||||
#undef X509_EXTENSIONS
|
||||
#undef X509_CERT_PAIR
|
||||
#undef PKCS7_ISSUER_AND_SERIAL
|
||||
#undef OCSP_REQUEST
|
||||
#undef OCSP_RESPONSE
|
||||
#endif
|
||||
|
||||
#ifdef BIGNUM
|
||||
|
@ -120,6 +126,11 @@ typedef struct env_md_st EVP_MD;
|
|||
typedef struct env_md_ctx_st EVP_MD_CTX;
|
||||
typedef struct evp_pkey_st EVP_PKEY;
|
||||
|
||||
typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
|
||||
|
||||
typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
|
||||
typedef struct evp_pkey_ctx_st EVP_PKEY_CTX;
|
||||
|
||||
typedef struct dh_st DH;
|
||||
typedef struct dh_method DH_METHOD;
|
||||
|
||||
|
@ -137,10 +148,15 @@ typedef struct ecdsa_method ECDSA_METHOD;
|
|||
typedef struct x509_st X509;
|
||||
typedef struct X509_algor_st X509_ALGOR;
|
||||
typedef struct X509_crl_st X509_CRL;
|
||||
typedef struct x509_crl_method_st X509_CRL_METHOD;
|
||||
typedef struct x509_revoked_st X509_REVOKED;
|
||||
typedef struct X509_name_st X509_NAME;
|
||||
typedef struct X509_pubkey_st X509_PUBKEY;
|
||||
typedef struct x509_store_st X509_STORE;
|
||||
typedef struct x509_store_ctx_st X509_STORE_CTX;
|
||||
|
||||
typedef struct pkcs8_priv_key_info_st PKCS8_PRIV_KEY_INFO;
|
||||
|
||||
typedef struct v3_ext_ctx X509V3_CTX;
|
||||
typedef struct conf_st CONF;
|
||||
|
||||
|
@ -153,12 +169,19 @@ typedef struct ui_method_st UI_METHOD;
|
|||
typedef struct st_ERR_FNS ERR_FNS;
|
||||
|
||||
typedef struct engine_st ENGINE;
|
||||
typedef struct ssl_st SSL;
|
||||
typedef struct ssl_ctx_st SSL_CTX;
|
||||
|
||||
typedef struct X509_POLICY_NODE_st X509_POLICY_NODE;
|
||||
typedef struct X509_POLICY_LEVEL_st X509_POLICY_LEVEL;
|
||||
typedef struct X509_POLICY_TREE_st X509_POLICY_TREE;
|
||||
typedef struct X509_POLICY_CACHE_st X509_POLICY_CACHE;
|
||||
|
||||
typedef struct AUTHORITY_KEYID_st AUTHORITY_KEYID;
|
||||
typedef struct DIST_POINT_st DIST_POINT;
|
||||
typedef struct ISSUING_DIST_POINT_st ISSUING_DIST_POINT;
|
||||
typedef struct NAME_CONSTRAINTS_st NAME_CONSTRAINTS;
|
||||
|
||||
/* If placed in pkcs12.h, we end up with a circular depency with pkcs7.h */
|
||||
#define DECLARE_PKCS12_STACK_OF(type) /* Nothing */
|
||||
#define IMPLEMENT_PKCS12_STACK_OF(type) /* Nothing */
|
||||
|
|
|
@ -125,6 +125,7 @@ extern "C" {
|
|||
#define PEM_STRING_DSA "DSA PRIVATE KEY"
|
||||
#define PEM_STRING_DSA_PUBLIC "DSA PUBLIC KEY"
|
||||
#define PEM_STRING_PKCS7 "PKCS7"
|
||||
#define PEM_STRING_PKCS7_SIGNED "PKCS #7 SIGNED DATA"
|
||||
#define PEM_STRING_PKCS8 "ENCRYPTED PRIVATE KEY"
|
||||
#define PEM_STRING_PKCS8INF "PRIVATE KEY"
|
||||
#define PEM_STRING_DHPARAMS "DH PARAMETERS"
|
||||
|
@ -133,6 +134,7 @@ extern "C" {
|
|||
#define PEM_STRING_ECDSA_PUBLIC "ECDSA PUBLIC KEY"
|
||||
#define PEM_STRING_ECPARAMETERS "EC PARAMETERS"
|
||||
#define PEM_STRING_ECPRIVATEKEY "EC PRIVATE KEY"
|
||||
#define PEM_STRING_PARAMETERS "PARAMETERS"
|
||||
#define PEM_STRING_CMS "CMS"
|
||||
|
||||
/* Note that this structure is initialised by PEM_SealInit and cleaned up
|
||||
|
@ -182,11 +184,8 @@ typedef struct pem_ctx_st
|
|||
int num_recipient;
|
||||
PEM_USER **recipient;
|
||||
|
||||
#ifndef OPENSSL_NO_STACK
|
||||
STACK *x509_chain; /* certificate chain */
|
||||
#else
|
||||
char *x509_chain; /* certificate chain */
|
||||
#endif
|
||||
/* XXX(ben): don#t think this is used!
|
||||
STACK *x509_chain; / * certificate chain */
|
||||
EVP_MD *md; /* signature type */
|
||||
|
||||
int md_enc; /* is the md encrypted or not? */
|
||||
|
@ -214,35 +213,28 @@ typedef struct pem_ctx_st
|
|||
|
||||
#define IMPLEMENT_PEM_read_fp(name, type, str, asn1) /**/
|
||||
#define IMPLEMENT_PEM_write_fp(name, type, str, asn1) /**/
|
||||
#define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) /**/
|
||||
#define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) /**/
|
||||
#define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) /**/
|
||||
|
||||
#else
|
||||
|
||||
#define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \
|
||||
type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u)\
|
||||
{ \
|
||||
return (type*)PEM_ASN1_read(CHECKED_D2I_OF(type, d2i_##asn1), \
|
||||
str, fp, \
|
||||
CHECKED_PPTR_OF(type, x), \
|
||||
cb, u); \
|
||||
return PEM_ASN1_read((d2i_of_void *)d2i_##asn1, str,fp,(void **)x,cb,u); \
|
||||
}
|
||||
|
||||
#define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \
|
||||
int PEM_write_##name(FILE *fp, type *x) \
|
||||
{ \
|
||||
return PEM_ASN1_write(CHECKED_I2D_OF(type, i2d_##asn1), \
|
||||
str, fp, \
|
||||
CHECKED_PTR_OF(type, x), \
|
||||
NULL, NULL, 0, NULL, NULL); \
|
||||
return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,NULL,NULL,0,NULL,NULL); \
|
||||
}
|
||||
|
||||
#define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) \
|
||||
int PEM_write_##name(FILE *fp, const type *x) \
|
||||
{ \
|
||||
return PEM_ASN1_write(CHECKED_I2D_OF(const type, i2d_##asn1), \
|
||||
str, fp, \
|
||||
CHECKED_PTR_OF(const type, x), \
|
||||
NULL, NULL, 0, NULL, NULL); \
|
||||
return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,(void *)x,NULL,NULL,0,NULL,NULL); \
|
||||
}
|
||||
|
||||
#define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \
|
||||
|
@ -250,10 +242,7 @@ int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
|
|||
unsigned char *kstr, int klen, pem_password_cb *cb, \
|
||||
void *u) \
|
||||
{ \
|
||||
return PEM_ASN1_write(CHECKED_I2D_OF(type, i2d_##asn1), \
|
||||
str, fp, \
|
||||
CHECKED_PTR_OF(type, x), \
|
||||
enc, kstr, klen, cb, u); \
|
||||
return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \
|
||||
}
|
||||
|
||||
#define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) \
|
||||
|
@ -261,10 +250,7 @@ int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
|
|||
unsigned char *kstr, int klen, pem_password_cb *cb, \
|
||||
void *u) \
|
||||
{ \
|
||||
return PEM_ASN1_write(CHECKED_I2D_OF(const type, i2d_##asn1), \
|
||||
str, fp, \
|
||||
CHECKED_PTR_OF(const type, x), \
|
||||
enc, kstr, klen, cb, u); \
|
||||
return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \
|
||||
}
|
||||
|
||||
#endif
|
||||
|
@ -272,48 +258,33 @@ int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
|
|||
#define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
|
||||
type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u)\
|
||||
{ \
|
||||
return (type*)PEM_ASN1_read_bio(CHECKED_D2I_OF(type, d2i_##asn1), \
|
||||
str, bp, \
|
||||
CHECKED_PPTR_OF(type, x), \
|
||||
cb, u); \
|
||||
return PEM_ASN1_read_bio((d2i_of_void *)d2i_##asn1, str,bp,(void **)x,cb,u); \
|
||||
}
|
||||
|
||||
#define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
|
||||
int PEM_write_bio_##name(BIO *bp, type *x) \
|
||||
{ \
|
||||
return PEM_ASN1_write_bio(CHECKED_I2D_OF(type, i2d_##asn1), \
|
||||
str, bp, \
|
||||
CHECKED_PTR_OF(type, x), \
|
||||
NULL, NULL, 0, NULL, NULL); \
|
||||
return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,NULL,NULL,0,NULL,NULL); \
|
||||
}
|
||||
|
||||
#define IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \
|
||||
int PEM_write_bio_##name(BIO *bp, const type *x) \
|
||||
{ \
|
||||
return PEM_ASN1_write_bio(CHECKED_I2D_OF(const type, i2d_##asn1), \
|
||||
str, bp, \
|
||||
CHECKED_PTR_OF(const type, x), \
|
||||
NULL, NULL, 0, NULL, NULL); \
|
||||
return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,NULL,NULL,0,NULL,NULL); \
|
||||
}
|
||||
|
||||
#define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
|
||||
int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
|
||||
unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
|
||||
{ \
|
||||
return PEM_ASN1_write_bio(CHECKED_I2D_OF(type, i2d_##asn1), \
|
||||
str, bp, \
|
||||
CHECKED_PTR_OF(type, x), \
|
||||
enc, kstr, klen, cb, u); \
|
||||
return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,enc,kstr,klen,cb,u); \
|
||||
}
|
||||
|
||||
#define IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \
|
||||
int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
|
||||
unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
|
||||
{ \
|
||||
return PEM_ASN1_write_bio(CHECKED_I2D_OF(const type, i2d_##asn1), \
|
||||
str, bp, \
|
||||
CHECKED_PTR_OF(const type, x), \
|
||||
enc, kstr, klen, cb, u); \
|
||||
return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,enc,kstr,klen,cb,u); \
|
||||
}
|
||||
|
||||
#define IMPLEMENT_PEM_write(name, type, str, asn1) \
|
||||
|
@ -350,7 +321,7 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
|
|||
|
||||
/* These are the same except they are for the declarations */
|
||||
|
||||
#if defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_NO_FP_API)
|
||||
#if defined(OPENSSL_NO_FP_API)
|
||||
|
||||
#define DECLARE_PEM_read_fp(name, type) /**/
|
||||
#define DECLARE_PEM_write_fp(name, type) /**/
|
||||
|
@ -391,6 +362,7 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
|
|||
|
||||
#define DECLARE_PEM_read_bio(name, type) /**/
|
||||
#define DECLARE_PEM_write_bio(name, type) /**/
|
||||
#define DECLARE_PEM_write_bio_const(name, type) /**/
|
||||
#define DECLARE_PEM_write_cb_bio(name, type) /**/
|
||||
|
||||
#endif
|
||||
|
@ -423,138 +395,6 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
|
|||
DECLARE_PEM_read(name, type) \
|
||||
DECLARE_PEM_write_cb(name, type)
|
||||
|
||||
#ifdef SSLEAY_MACROS
|
||||
|
||||
#define PEM_write_SSL_SESSION(fp,x) \
|
||||
PEM_ASN1_write((int (*)())i2d_SSL_SESSION, \
|
||||
PEM_STRING_SSL_SESSION,fp, (char *)x, NULL,NULL,0,NULL,NULL)
|
||||
#define PEM_write_X509(fp,x) \
|
||||
PEM_ASN1_write((int (*)())i2d_X509,PEM_STRING_X509,fp, \
|
||||
(char *)x, NULL,NULL,0,NULL,NULL)
|
||||
#define PEM_write_X509_REQ(fp,x) PEM_ASN1_write( \
|
||||
(int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,fp,(char *)x, \
|
||||
NULL,NULL,0,NULL,NULL)
|
||||
#define PEM_write_X509_CRL(fp,x) \
|
||||
PEM_ASN1_write((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL, \
|
||||
fp,(char *)x, NULL,NULL,0,NULL,NULL)
|
||||
#define PEM_write_RSAPrivateKey(fp,x,enc,kstr,klen,cb,u) \
|
||||
PEM_ASN1_write((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,fp,\
|
||||
(char *)x,enc,kstr,klen,cb,u)
|
||||
#define PEM_write_RSAPublicKey(fp,x) \
|
||||
PEM_ASN1_write((int (*)())i2d_RSAPublicKey,\
|
||||
PEM_STRING_RSA_PUBLIC,fp,(char *)x,NULL,NULL,0,NULL,NULL)
|
||||
#define PEM_write_DSAPrivateKey(fp,x,enc,kstr,klen,cb,u) \
|
||||
PEM_ASN1_write((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,fp,\
|
||||
(char *)x,enc,kstr,klen,cb,u)
|
||||
#define PEM_write_PrivateKey(bp,x,enc,kstr,klen,cb,u) \
|
||||
PEM_ASN1_write((int (*)())i2d_PrivateKey,\
|
||||
(((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),\
|
||||
bp,(char *)x,enc,kstr,klen,cb,u)
|
||||
#define PEM_write_PKCS7(fp,x) \
|
||||
PEM_ASN1_write((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,fp, \
|
||||
(char *)x, NULL,NULL,0,NULL,NULL)
|
||||
#define PEM_write_DHparams(fp,x) \
|
||||
PEM_ASN1_write((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,fp,\
|
||||
(char *)x,NULL,NULL,0,NULL,NULL)
|
||||
|
||||
#define PEM_write_NETSCAPE_CERT_SEQUENCE(fp,x) \
|
||||
PEM_ASN1_write((int (*)())i2d_NETSCAPE_CERT_SEQUENCE, \
|
||||
PEM_STRING_X509,fp, \
|
||||
(char *)x, NULL,NULL,0,NULL,NULL)
|
||||
|
||||
#define PEM_read_SSL_SESSION(fp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read( \
|
||||
(char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb,u)
|
||||
#define PEM_read_X509(fp,x,cb,u) (X509 *)PEM_ASN1_read( \
|
||||
(char *(*)())d2i_X509,PEM_STRING_X509,fp,(char **)x,cb,u)
|
||||
#define PEM_read_X509_REQ(fp,x,cb,u) (X509_REQ *)PEM_ASN1_read( \
|
||||
(char *(*)())d2i_X509_REQ,PEM_STRING_X509_REQ,fp,(char **)x,cb,u)
|
||||
#define PEM_read_X509_CRL(fp,x,cb,u) (X509_CRL *)PEM_ASN1_read( \
|
||||
(char *(*)())d2i_X509_CRL,PEM_STRING_X509_CRL,fp,(char **)x,cb,u)
|
||||
#define PEM_read_RSAPrivateKey(fp,x,cb,u) (RSA *)PEM_ASN1_read( \
|
||||
(char *(*)())d2i_RSAPrivateKey,PEM_STRING_RSA,fp,(char **)x,cb,u)
|
||||
#define PEM_read_RSAPublicKey(fp,x,cb,u) (RSA *)PEM_ASN1_read( \
|
||||
(char *(*)())d2i_RSAPublicKey,PEM_STRING_RSA_PUBLIC,fp,(char **)x,cb,u)
|
||||
#define PEM_read_DSAPrivateKey(fp,x,cb,u) (DSA *)PEM_ASN1_read( \
|
||||
(char *(*)())d2i_DSAPrivateKey,PEM_STRING_DSA,fp,(char **)x,cb,u)
|
||||
#define PEM_read_PrivateKey(fp,x,cb,u) (EVP_PKEY *)PEM_ASN1_read( \
|
||||
(char *(*)())d2i_PrivateKey,PEM_STRING_EVP_PKEY,fp,(char **)x,cb,u)
|
||||
#define PEM_read_PKCS7(fp,x,cb,u) (PKCS7 *)PEM_ASN1_read( \
|
||||
(char *(*)())d2i_PKCS7,PEM_STRING_PKCS7,fp,(char **)x,cb,u)
|
||||
#define PEM_read_DHparams(fp,x,cb,u) (DH *)PEM_ASN1_read( \
|
||||
(char *(*)())d2i_DHparams,PEM_STRING_DHPARAMS,fp,(char **)x,cb,u)
|
||||
|
||||
#define PEM_read_NETSCAPE_CERT_SEQUENCE(fp,x,cb,u) \
|
||||
(NETSCAPE_CERT_SEQUENCE *)PEM_ASN1_read( \
|
||||
(char *(*)())d2i_NETSCAPE_CERT_SEQUENCE,PEM_STRING_X509,fp,\
|
||||
(char **)x,cb,u)
|
||||
|
||||
#define PEM_write_bio_X509(bp,x) \
|
||||
PEM_ASN1_write_bio((int (*)())i2d_X509,PEM_STRING_X509,bp, \
|
||||
(char *)x, NULL,NULL,0,NULL,NULL)
|
||||
#define PEM_write_bio_X509_REQ(bp,x) PEM_ASN1_write_bio( \
|
||||
(int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,bp,(char *)x, \
|
||||
NULL,NULL,0,NULL,NULL)
|
||||
#define PEM_write_bio_X509_CRL(bp,x) \
|
||||
PEM_ASN1_write_bio((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL,\
|
||||
bp,(char *)x, NULL,NULL,0,NULL,NULL)
|
||||
#define PEM_write_bio_RSAPrivateKey(bp,x,enc,kstr,klen,cb,u) \
|
||||
PEM_ASN1_write_bio((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,\
|
||||
bp,(char *)x,enc,kstr,klen,cb,u)
|
||||
#define PEM_write_bio_RSAPublicKey(bp,x) \
|
||||
PEM_ASN1_write_bio((int (*)())i2d_RSAPublicKey, \
|
||||
PEM_STRING_RSA_PUBLIC,\
|
||||
bp,(char *)x,NULL,NULL,0,NULL,NULL)
|
||||
#define PEM_write_bio_DSAPrivateKey(bp,x,enc,kstr,klen,cb,u) \
|
||||
PEM_ASN1_write_bio((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,\
|
||||
bp,(char *)x,enc,kstr,klen,cb,u)
|
||||
#define PEM_write_bio_PrivateKey(bp,x,enc,kstr,klen,cb,u) \
|
||||
PEM_ASN1_write_bio((int (*)())i2d_PrivateKey,\
|
||||
(((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),\
|
||||
bp,(char *)x,enc,kstr,klen,cb,u)
|
||||
#define PEM_write_bio_PKCS7(bp,x) \
|
||||
PEM_ASN1_write_bio((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,bp, \
|
||||
(char *)x, NULL,NULL,0,NULL,NULL)
|
||||
#define PEM_write_bio_DHparams(bp,x) \
|
||||
PEM_ASN1_write_bio((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,\
|
||||
bp,(char *)x,NULL,NULL,0,NULL,NULL)
|
||||
#define PEM_write_bio_DSAparams(bp,x) \
|
||||
PEM_ASN1_write_bio((int (*)())i2d_DSAparams, \
|
||||
PEM_STRING_DSAPARAMS,bp,(char *)x,NULL,NULL,0,NULL,NULL)
|
||||
|
||||
#define PEM_write_bio_NETSCAPE_CERT_SEQUENCE(bp,x) \
|
||||
PEM_ASN1_write_bio((int (*)())i2d_NETSCAPE_CERT_SEQUENCE, \
|
||||
PEM_STRING_X509,bp, \
|
||||
(char *)x, NULL,NULL,0,NULL,NULL)
|
||||
|
||||
#define PEM_read_bio_X509(bp,x,cb,u) (X509 *)PEM_ASN1_read_bio( \
|
||||
(char *(*)())d2i_X509,PEM_STRING_X509,bp,(char **)x,cb,u)
|
||||
#define PEM_read_bio_X509_REQ(bp,x,cb,u) (X509_REQ *)PEM_ASN1_read_bio( \
|
||||
(char *(*)())d2i_X509_REQ,PEM_STRING_X509_REQ,bp,(char **)x,cb,u)
|
||||
#define PEM_read_bio_X509_CRL(bp,x,cb,u) (X509_CRL *)PEM_ASN1_read_bio( \
|
||||
(char *(*)())d2i_X509_CRL,PEM_STRING_X509_CRL,bp,(char **)x,cb,u)
|
||||
#define PEM_read_bio_RSAPrivateKey(bp,x,cb,u) (RSA *)PEM_ASN1_read_bio( \
|
||||
(char *(*)())d2i_RSAPrivateKey,PEM_STRING_RSA,bp,(char **)x,cb,u)
|
||||
#define PEM_read_bio_RSAPublicKey(bp,x,cb,u) (RSA *)PEM_ASN1_read_bio( \
|
||||
(char *(*)())d2i_RSAPublicKey,PEM_STRING_RSA_PUBLIC,bp,(char **)x,cb,u)
|
||||
#define PEM_read_bio_DSAPrivateKey(bp,x,cb,u) (DSA *)PEM_ASN1_read_bio( \
|
||||
(char *(*)())d2i_DSAPrivateKey,PEM_STRING_DSA,bp,(char **)x,cb,u)
|
||||
#define PEM_read_bio_PrivateKey(bp,x,cb,u) (EVP_PKEY *)PEM_ASN1_read_bio( \
|
||||
(char *(*)())d2i_PrivateKey,PEM_STRING_EVP_PKEY,bp,(char **)x,cb,u)
|
||||
|
||||
#define PEM_read_bio_PKCS7(bp,x,cb,u) (PKCS7 *)PEM_ASN1_read_bio( \
|
||||
(char *(*)())d2i_PKCS7,PEM_STRING_PKCS7,bp,(char **)x,cb,u)
|
||||
#define PEM_read_bio_DHparams(bp,x,cb,u) (DH *)PEM_ASN1_read_bio( \
|
||||
(char *(*)())d2i_DHparams,PEM_STRING_DHPARAMS,bp,(char **)x,cb,u)
|
||||
#define PEM_read_bio_DSAparams(bp,x,cb,u) (DSA *)PEM_ASN1_read_bio( \
|
||||
(char *(*)())d2i_DSAparams,PEM_STRING_DSAPARAMS,bp,(char **)x,cb,u)
|
||||
|
||||
#define PEM_read_bio_NETSCAPE_CERT_SEQUENCE(bp,x,cb,u) \
|
||||
(NETSCAPE_CERT_SEQUENCE *)PEM_ASN1_read_bio( \
|
||||
(char *(*)())d2i_NETSCAPE_CERT_SEQUENCE,PEM_STRING_X509,bp,\
|
||||
(char **)x,cb,u)
|
||||
|
||||
#endif
|
||||
|
||||
#if 1
|
||||
/* "userdata": new with OpenSSL 0.9.4 */
|
||||
typedef int pem_password_cb(char *buf, int size, int rwflag, void *userdata);
|
||||
|
@ -576,40 +416,25 @@ int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm, const char
|
|||
pem_password_cb *cb, void *u);
|
||||
void * PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp,
|
||||
void **x, pem_password_cb *cb, void *u);
|
||||
|
||||
#define PEM_ASN1_read_bio_of(type,d2i,name,bp,x,cb,u) \
|
||||
((type*)PEM_ASN1_read_bio(CHECKED_D2I_OF(type, d2i), \
|
||||
name, bp, \
|
||||
CHECKED_PPTR_OF(type, x), \
|
||||
cb, u))
|
||||
|
||||
int PEM_ASN1_write_bio(i2d_of_void *i2d,const char *name,BIO *bp,char *x,
|
||||
int PEM_ASN1_write_bio(i2d_of_void *i2d,const char *name,BIO *bp, void *x,
|
||||
const EVP_CIPHER *enc,unsigned char *kstr,int klen,
|
||||
pem_password_cb *cb, void *u);
|
||||
|
||||
#define PEM_ASN1_write_bio_of(type,i2d,name,bp,x,enc,kstr,klen,cb,u) \
|
||||
(PEM_ASN1_write_bio(CHECKED_I2D_OF(type, i2d), \
|
||||
name, bp, \
|
||||
CHECKED_PTR_OF(type, x), \
|
||||
enc, kstr, klen, cb, u))
|
||||
|
||||
STACK_OF(X509_INFO) * PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u);
|
||||
int PEM_X509_INFO_write_bio(BIO *bp,X509_INFO *xi, EVP_CIPHER *enc,
|
||||
unsigned char *kstr, int klen, pem_password_cb *cd, void *u);
|
||||
#endif
|
||||
|
||||
#ifndef OPENSSL_SYS_WIN16
|
||||
int PEM_read(FILE *fp, char **name, char **header,
|
||||
unsigned char **data,long *len);
|
||||
int PEM_write(FILE *fp,char *name,char *hdr,unsigned char *data,long len);
|
||||
void * PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x,
|
||||
pem_password_cb *cb, void *u);
|
||||
int PEM_ASN1_write(i2d_of_void *i2d,const char *name,FILE *fp,
|
||||
char *x,const EVP_CIPHER *enc,unsigned char *kstr,
|
||||
void *x,const EVP_CIPHER *enc,unsigned char *kstr,
|
||||
int klen,pem_password_cb *callback, void *u);
|
||||
STACK_OF(X509_INFO) * PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk,
|
||||
pem_password_cb *cb, void *u);
|
||||
#endif
|
||||
|
||||
int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type,
|
||||
EVP_MD *md_type, unsigned char **ek, int *ekl,
|
||||
|
@ -628,7 +453,6 @@ int PEM_def_callback(char *buf, int num, int w, void *key);
|
|||
void PEM_proc_type(char *buf, int type);
|
||||
void PEM_dek_info(char *buf, const char *type, int len, char *str);
|
||||
|
||||
#ifndef SSLEAY_MACROS
|
||||
|
||||
#include <openssl/symhacks.h>
|
||||
|
||||
|
@ -714,7 +538,21 @@ EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, vo
|
|||
int PEM_write_PKCS8PrivateKey(FILE *fp,EVP_PKEY *x,const EVP_CIPHER *enc,
|
||||
char *kstr,int klen, pem_password_cb *cd, void *u);
|
||||
|
||||
#endif /* SSLEAY_MACROS */
|
||||
EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x);
|
||||
int PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x);
|
||||
|
||||
|
||||
EVP_PKEY *b2i_PrivateKey(const unsigned char **in, long length);
|
||||
EVP_PKEY *b2i_PublicKey(const unsigned char **in, long length);
|
||||
EVP_PKEY *b2i_PrivateKey_bio(BIO *in);
|
||||
EVP_PKEY *b2i_PublicKey_bio(BIO *in);
|
||||
int i2b_PrivateKey_bio(BIO *out, EVP_PKEY *pk);
|
||||
int i2b_PublicKey_bio(BIO *out, EVP_PKEY *pk);
|
||||
#ifndef OPENSSL_NO_RC4
|
||||
EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u);
|
||||
int i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel,
|
||||
pem_password_cb *cb, void *u);
|
||||
#endif
|
||||
|
||||
|
||||
/* BEGIN ERROR CODES */
|
||||
|
@ -726,10 +564,22 @@ void ERR_load_PEM_strings(void);
|
|||
/* Error codes for the PEM functions. */
|
||||
|
||||
/* Function codes. */
|
||||
#define PEM_F_B2I_DSS 127
|
||||
#define PEM_F_B2I_PVK_BIO 128
|
||||
#define PEM_F_B2I_RSA 129
|
||||
#define PEM_F_CHECK_BITLEN_DSA 130
|
||||
#define PEM_F_CHECK_BITLEN_RSA 131
|
||||
#define PEM_F_D2I_PKCS8PRIVATEKEY_BIO 120
|
||||
#define PEM_F_D2I_PKCS8PRIVATEKEY_FP 121
|
||||
#define PEM_F_DO_B2I 132
|
||||
#define PEM_F_DO_B2I_BIO 133
|
||||
#define PEM_F_DO_BLOB_HEADER 134
|
||||
#define PEM_F_DO_PK8PKEY 126
|
||||
#define PEM_F_DO_PK8PKEY_FP 125
|
||||
#define PEM_F_DO_PVK_BODY 135
|
||||
#define PEM_F_DO_PVK_HEADER 136
|
||||
#define PEM_F_I2B_PVK 137
|
||||
#define PEM_F_I2B_PVK_BIO 138
|
||||
#define PEM_F_LOAD_IV 101
|
||||
#define PEM_F_PEM_ASN1_READ 102
|
||||
#define PEM_F_PEM_ASN1_READ_BIO 103
|
||||
|
@ -742,6 +592,7 @@ void ERR_load_PEM_strings(void);
|
|||
#define PEM_F_PEM_PK8PKEY 119
|
||||
#define PEM_F_PEM_READ 108
|
||||
#define PEM_F_PEM_READ_BIO 109
|
||||
#define PEM_F_PEM_READ_BIO_PARAMETERS 140
|
||||
#define PEM_F_PEM_READ_BIO_PRIVATEKEY 123
|
||||
#define PEM_F_PEM_READ_PRIVATEKEY 124
|
||||
#define PEM_F_PEM_SEALFINAL 110
|
||||
|
@ -749,6 +600,7 @@ void ERR_load_PEM_strings(void);
|
|||
#define PEM_F_PEM_SIGNFINAL 112
|
||||
#define PEM_F_PEM_WRITE 113
|
||||
#define PEM_F_PEM_WRITE_BIO 114
|
||||
#define PEM_F_PEM_WRITE_PRIVATEKEY 139
|
||||
#define PEM_F_PEM_X509_INFO_READ 115
|
||||
#define PEM_F_PEM_X509_INFO_READ_BIO 116
|
||||
#define PEM_F_PEM_X509_INFO_WRITE_BIO 117
|
||||
|
@ -758,18 +610,30 @@ void ERR_load_PEM_strings(void);
|
|||
#define PEM_R_BAD_DECRYPT 101
|
||||
#define PEM_R_BAD_END_LINE 102
|
||||
#define PEM_R_BAD_IV_CHARS 103
|
||||
#define PEM_R_BAD_MAGIC_NUMBER 116
|
||||
#define PEM_R_BAD_PASSWORD_READ 104
|
||||
#define PEM_R_BAD_VERSION_NUMBER 117
|
||||
#define PEM_R_BIO_WRITE_FAILURE 118
|
||||
#define PEM_R_CIPHER_IS_NULL 127
|
||||
#define PEM_R_ERROR_CONVERTING_PRIVATE_KEY 115
|
||||
#define PEM_R_EXPECTING_PRIVATE_KEY_BLOB 119
|
||||
#define PEM_R_EXPECTING_PUBLIC_KEY_BLOB 120
|
||||
#define PEM_R_INCONSISTENT_HEADER 121
|
||||
#define PEM_R_KEYBLOB_HEADER_PARSE_ERROR 122
|
||||
#define PEM_R_KEYBLOB_TOO_SHORT 123
|
||||
#define PEM_R_NOT_DEK_INFO 105
|
||||
#define PEM_R_NOT_ENCRYPTED 106
|
||||
#define PEM_R_NOT_PROC_TYPE 107
|
||||
#define PEM_R_NO_START_LINE 108
|
||||
#define PEM_R_PROBLEMS_GETTING_PASSWORD 109
|
||||
#define PEM_R_PUBLIC_KEY_NO_RSA 110
|
||||
#define PEM_R_PVK_DATA_TOO_SHORT 124
|
||||
#define PEM_R_PVK_TOO_SHORT 125
|
||||
#define PEM_R_READ_KEY 111
|
||||
#define PEM_R_SHORT_HEADER 112
|
||||
#define PEM_R_UNSUPPORTED_CIPHER 113
|
||||
#define PEM_R_UNSUPPORTED_ENCRYPTION 114
|
||||
#define PEM_R_UNSUPPORTED_KEY_COMPONENTS 126
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/* pkcs12.h */
|
||||
/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
|
||||
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
||||
* project 1999.
|
||||
*/
|
||||
/* ====================================================================
|
||||
|
@ -108,8 +108,6 @@ PKCS12_MAC_DATA *mac;
|
|||
PKCS7 *authsafes;
|
||||
} PKCS12;
|
||||
|
||||
PREDECLARE_STACK_OF(PKCS12_SAFEBAG)
|
||||
|
||||
typedef struct {
|
||||
ASN1_OBJECT *type;
|
||||
union {
|
||||
|
@ -232,8 +230,8 @@ int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen,
|
|||
const EVP_MD *md_type);
|
||||
int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt,
|
||||
int saltlen, const EVP_MD *md_type);
|
||||
unsigned char *asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen);
|
||||
char *uni2asc(unsigned char *uni, int unilen);
|
||||
unsigned char *OPENSSL_asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen);
|
||||
char *OPENSSL_uni2asc(unsigned char *uni, int unilen);
|
||||
|
||||
DECLARE_ASN1_FUNCTIONS(PKCS12)
|
||||
DECLARE_ASN1_FUNCTIONS(PKCS12_MAC_DATA)
|
||||
|
|
|
@ -232,6 +232,9 @@ DECLARE_PKCS12_STACK_OF(PKCS7)
|
|||
#define PKCS7_type_is_signedAndEnveloped(a) \
|
||||
(OBJ_obj2nid((a)->type) == NID_pkcs7_signedAndEnveloped)
|
||||
#define PKCS7_type_is_data(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_data)
|
||||
#define PKCS7_type_is_digest(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_digest)
|
||||
#define PKCS7_type_is_encrypted(a) \
|
||||
(OBJ_obj2nid((a)->type) == NID_pkcs7_encrypted)
|
||||
|
||||
#define PKCS7_type_is_digest(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_digest)
|
||||
|
||||
|
@ -242,14 +245,6 @@ DECLARE_PKCS12_STACK_OF(PKCS7)
|
|||
|
||||
#define PKCS7_is_detached(p7) (PKCS7_type_is_signed(p7) && PKCS7_get_detached(p7))
|
||||
|
||||
#ifdef SSLEAY_MACROS
|
||||
#ifndef PKCS7_ISSUER_AND_SERIAL_digest
|
||||
#define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \
|
||||
ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,\
|
||||
(char *)data,md,len)
|
||||
#endif
|
||||
#endif
|
||||
|
||||
/* S/MIME related flags */
|
||||
|
||||
#define PKCS7_TEXT 0x1
|
||||
|
@ -266,6 +261,8 @@ DECLARE_PKCS12_STACK_OF(PKCS7)
|
|||
#define PKCS7_CRLFEOL 0x800
|
||||
#define PKCS7_STREAM 0x1000
|
||||
#define PKCS7_NOCRL 0x2000
|
||||
#define PKCS7_PARTIAL 0x4000
|
||||
#define PKCS7_REUSE_DIGEST 0x8000
|
||||
|
||||
/* Flags: for compatibility with older code */
|
||||
|
||||
|
@ -281,7 +278,6 @@ DECLARE_PKCS12_STACK_OF(PKCS7)
|
|||
|
||||
DECLARE_ASN1_FUNCTIONS(PKCS7_ISSUER_AND_SERIAL)
|
||||
|
||||
#ifndef SSLEAY_MACROS
|
||||
int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,const EVP_MD *type,
|
||||
unsigned char *md,unsigned int *len);
|
||||
#ifndef OPENSSL_NO_FP_API
|
||||
|
@ -291,7 +287,8 @@ int i2d_PKCS7_fp(FILE *fp,PKCS7 *p7);
|
|||
PKCS7 *PKCS7_dup(PKCS7 *p7);
|
||||
PKCS7 *d2i_PKCS7_bio(BIO *bp,PKCS7 **p7);
|
||||
int i2d_PKCS7_bio(BIO *bp,PKCS7 *p7);
|
||||
#endif
|
||||
int i2d_PKCS7_bio_stream(BIO *out, PKCS7 *p7, BIO *in, int flags);
|
||||
int PEM_write_bio_PKCS7_stream(BIO *out, PKCS7 *p7, BIO *in, int flags);
|
||||
|
||||
DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNER_INFO)
|
||||
DECLARE_ASN1_FUNCTIONS(PKCS7_RECIP_INFO)
|
||||
|
@ -307,6 +304,7 @@ DECLARE_ASN1_ITEM(PKCS7_ATTR_SIGN)
|
|||
DECLARE_ASN1_ITEM(PKCS7_ATTR_VERIFY)
|
||||
|
||||
DECLARE_ASN1_NDEF_FUNCTION(PKCS7)
|
||||
DECLARE_ASN1_PRINT_FUNCTION(PKCS7)
|
||||
|
||||
long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg);
|
||||
|
||||
|
@ -315,6 +313,7 @@ int PKCS7_set0_type_other(PKCS7 *p7, int type, ASN1_TYPE *other);
|
|||
int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data);
|
||||
int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
|
||||
const EVP_MD *dgst);
|
||||
int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si);
|
||||
int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i);
|
||||
int PKCS7_add_certificate(PKCS7 *p7, X509 *x509);
|
||||
int PKCS7_add_crl(PKCS7 *p7, X509_CRL *x509);
|
||||
|
@ -336,9 +335,13 @@ int PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md);
|
|||
STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7);
|
||||
|
||||
PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509);
|
||||
void PKCS7_SIGNER_INFO_get0_algs(PKCS7_SIGNER_INFO *si, EVP_PKEY **pk,
|
||||
X509_ALGOR **pdig, X509_ALGOR **psig);
|
||||
void PKCS7_RECIP_INFO_get0_alg(PKCS7_RECIP_INFO *ri, X509_ALGOR **penc);
|
||||
int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri);
|
||||
int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509);
|
||||
int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher);
|
||||
int PKCS7_stream(unsigned char ***boundary, PKCS7 *p7);
|
||||
|
||||
PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx);
|
||||
ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk);
|
||||
|
@ -355,6 +358,12 @@ int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si,STACK_OF(X509_ATTRIBUTE) *sk);
|
|||
|
||||
PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
|
||||
BIO *data, int flags);
|
||||
|
||||
PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7,
|
||||
X509 *signcert, EVP_PKEY *pkey, const EVP_MD *md,
|
||||
int flags);
|
||||
|
||||
int PKCS7_final(PKCS7 *p7, BIO *data, int flags);
|
||||
int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
|
||||
BIO *indata, BIO *out, int flags);
|
||||
STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags);
|
||||
|
@ -367,10 +376,16 @@ int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si,
|
|||
STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si);
|
||||
int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg);
|
||||
|
||||
int PKCS7_add_attrib_content_type(PKCS7_SIGNER_INFO *si, ASN1_OBJECT *coid);
|
||||
int PKCS7_add0_attrib_signing_time(PKCS7_SIGNER_INFO *si, ASN1_TIME *t);
|
||||
int PKCS7_add1_attrib_digest(PKCS7_SIGNER_INFO *si,
|
||||
const unsigned char *md, int mdlen);
|
||||
|
||||
int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags);
|
||||
PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont);
|
||||
int SMIME_crlf_copy(BIO *in, BIO *out, int flags);
|
||||
int SMIME_text(BIO *in, BIO *out);
|
||||
|
||||
BIO *BIO_new_PKCS7(BIO *out, PKCS7 *p7);
|
||||
|
||||
|
||||
/* BEGIN ERROR CODES */
|
||||
/* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||
|
@ -383,12 +398,17 @@ void ERR_load_PKCS7_strings(void);
|
|||
/* Function codes. */
|
||||
#define PKCS7_F_B64_READ_PKCS7 120
|
||||
#define PKCS7_F_B64_WRITE_PKCS7 121
|
||||
#define PKCS7_F_DO_PKCS7_SIGNED_ATTRIB 136
|
||||
#define PKCS7_F_I2D_PKCS7_BIO_STREAM 140
|
||||
#define PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME 135
|
||||
#define PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP 118
|
||||
#define PKCS7_F_PKCS7_ADD_CERTIFICATE 100
|
||||
#define PKCS7_F_PKCS7_ADD_CRL 101
|
||||
#define PKCS7_F_PKCS7_ADD_RECIPIENT_INFO 102
|
||||
#define PKCS7_F_PKCS7_ADD_SIGNATURE 131
|
||||
#define PKCS7_F_PKCS7_ADD_SIGNER 103
|
||||
#define PKCS7_F_PKCS7_BIO_ADD_DIGEST 125
|
||||
#define PKCS7_F_PKCS7_COPY_EXISTING_DIGEST 138
|
||||
#define PKCS7_F_PKCS7_CTRL 104
|
||||
#define PKCS7_F_PKCS7_DATADECODE 112
|
||||
#define PKCS7_F_PKCS7_DATAFINAL 128
|
||||
|
@ -396,15 +416,22 @@ void ERR_load_PKCS7_strings(void);
|
|||
#define PKCS7_F_PKCS7_DATASIGN 106
|
||||
#define PKCS7_F_PKCS7_DATAVERIFY 107
|
||||
#define PKCS7_F_PKCS7_DECRYPT 114
|
||||
#define PKCS7_F_PKCS7_DECRYPT_RINFO 133
|
||||
#define PKCS7_F_PKCS7_ENCODE_RINFO 132
|
||||
#define PKCS7_F_PKCS7_ENCRYPT 115
|
||||
#define PKCS7_F_PKCS7_FINAL 134
|
||||
#define PKCS7_F_PKCS7_FIND_DIGEST 127
|
||||
#define PKCS7_F_PKCS7_GET0_SIGNERS 124
|
||||
#define PKCS7_F_PKCS7_RECIP_INFO_SET 130
|
||||
#define PKCS7_F_PKCS7_SET_CIPHER 108
|
||||
#define PKCS7_F_PKCS7_SET_CONTENT 109
|
||||
#define PKCS7_F_PKCS7_SET_DIGEST 126
|
||||
#define PKCS7_F_PKCS7_SET_TYPE 110
|
||||
#define PKCS7_F_PKCS7_SIGN 116
|
||||
#define PKCS7_F_PKCS7_SIGNATUREVERIFY 113
|
||||
#define PKCS7_F_PKCS7_SIGNER_INFO_SET 129
|
||||
#define PKCS7_F_PKCS7_SIGNER_INFO_SIGN 139
|
||||
#define PKCS7_F_PKCS7_SIGN_ADD_SIGNER 137
|
||||
#define PKCS7_F_PKCS7_SIMPLE_SMIMECAP 119
|
||||
#define PKCS7_F_PKCS7_VERIFY 117
|
||||
#define PKCS7_F_SMIME_READ_PKCS7 122
|
||||
|
@ -415,10 +442,13 @@ void ERR_load_PKCS7_strings(void);
|
|||
#define PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 144
|
||||
#define PKCS7_R_CIPHER_NOT_INITIALIZED 116
|
||||
#define PKCS7_R_CONTENT_AND_DATA_PRESENT 118
|
||||
#define PKCS7_R_CTRL_ERROR 152
|
||||
#define PKCS7_R_DECODE_ERROR 130
|
||||
#define PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH 100
|
||||
#define PKCS7_R_DECRYPT_ERROR 119
|
||||
#define PKCS7_R_DIGEST_FAILURE 101
|
||||
#define PKCS7_R_ENCRYPTION_CTRL_FAILURE 149
|
||||
#define PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 150
|
||||
#define PKCS7_R_ERROR_ADDING_RECIPIENT 120
|
||||
#define PKCS7_R_ERROR_SETTING_CIPHER 121
|
||||
#define PKCS7_R_INVALID_MIME_TYPE 131
|
||||
|
@ -429,6 +459,8 @@ void ERR_load_PKCS7_strings(void);
|
|||
#define PKCS7_R_MISSING_CERIPEND_INFO 103
|
||||
#define PKCS7_R_NO_CONTENT 122
|
||||
#define PKCS7_R_NO_CONTENT_TYPE 135
|
||||
#define PKCS7_R_NO_DEFAULT_DIGEST 151
|
||||
#define PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND 154
|
||||
#define PKCS7_R_NO_MULTIPART_BODY_FAILURE 136
|
||||
#define PKCS7_R_NO_MULTIPART_BOUNDARY 137
|
||||
#define PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE 115
|
||||
|
@ -438,6 +470,7 @@ void ERR_load_PKCS7_strings(void);
|
|||
#define PKCS7_R_NO_SIG_CONTENT_TYPE 138
|
||||
#define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE 104
|
||||
#define PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR 124
|
||||
#define PKCS7_R_PKCS7_ADD_SIGNER_ERROR 153
|
||||
#define PKCS7_R_PKCS7_DATAFINAL 126
|
||||
#define PKCS7_R_PKCS7_DATAFINAL_ERROR 125
|
||||
#define PKCS7_R_PKCS7_DATASIGN 145
|
||||
|
@ -446,6 +479,8 @@ void ERR_load_PKCS7_strings(void);
|
|||
#define PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 127
|
||||
#define PKCS7_R_SIGNATURE_FAILURE 105
|
||||
#define PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND 128
|
||||
#define PKCS7_R_SIGNING_CTRL_FAILURE 147
|
||||
#define PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 148
|
||||
#define PKCS7_R_SIG_INVALID_MIME_TYPE 141
|
||||
#define PKCS7_R_SMIME_TEXT_ERROR 129
|
||||
#define PKCS7_R_UNABLE_TO_FIND_CERTIFICATE 106
|
||||
|
|
|
@ -64,20 +64,18 @@
|
|||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
||||
#include <openssl/pq_compat.h>
|
||||
|
||||
typedef struct _pqueue *pqueue;
|
||||
|
||||
typedef struct _pitem
|
||||
{
|
||||
PQ_64BIT priority;
|
||||
unsigned char priority[8]; /* 64-bit value in big-endian encoding */
|
||||
void *data;
|
||||
struct _pitem *next;
|
||||
} pitem;
|
||||
|
||||
typedef struct _pitem *piterator;
|
||||
|
||||
pitem *pitem_new(PQ_64BIT priority, void *data);
|
||||
pitem *pitem_new(unsigned char *prio64be, void *data);
|
||||
void pitem_free(pitem *item);
|
||||
|
||||
pqueue pqueue_new(void);
|
||||
|
@ -86,10 +84,11 @@ void pqueue_free(pqueue pq);
|
|||
pitem *pqueue_insert(pqueue pq, pitem *item);
|
||||
pitem *pqueue_peek(pqueue pq);
|
||||
pitem *pqueue_pop(pqueue pq);
|
||||
pitem *pqueue_find(pqueue pq, PQ_64BIT priority);
|
||||
pitem *pqueue_find(pqueue pq, unsigned char *prio64be);
|
||||
pitem *pqueue_iterator(pqueue pq);
|
||||
pitem *pqueue_next(piterator *iter);
|
||||
|
||||
void pqueue_print(pqueue pq);
|
||||
int pqueue_size(pqueue pq);
|
||||
|
||||
#endif /* ! HEADER_PQUEUE_H */
|
||||
|
|
|
@ -119,6 +119,11 @@ int RAND_event(UINT, WPARAM, LPARAM);
|
|||
|
||||
#endif
|
||||
|
||||
#ifdef OPENSSL_FIPS
|
||||
void RAND_set_fips_drbg_type(int type, int flags);
|
||||
int RAND_init_fips(void);
|
||||
#endif
|
||||
|
||||
/* BEGIN ERROR CODES */
|
||||
/* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||
* made after this point may be overwritten when the script is next run.
|
||||
|
@ -129,9 +134,13 @@ void ERR_load_RAND_strings(void);
|
|||
|
||||
/* Function codes. */
|
||||
#define RAND_F_RAND_GET_RAND_METHOD 101
|
||||
#define RAND_F_RAND_INIT_FIPS 102
|
||||
#define RAND_F_SSLEAY_RAND_BYTES 100
|
||||
|
||||
/* Reason codes. */
|
||||
#define RAND_R_ERROR_INITIALISING_DRBG 102
|
||||
#define RAND_R_ERROR_INSTANTIATING_DRBG 103
|
||||
#define RAND_R_NO_FIPS_RANDOM_METHOD_SET 101
|
||||
#define RAND_R_PRNG_NOT_SEEDED 100
|
||||
|
||||
#ifdef __cplusplus
|
||||
|
|
|
@ -79,7 +79,9 @@ typedef struct rc2_key_st
|
|||
RC2_INT data[64];
|
||||
} RC2_KEY;
|
||||
|
||||
|
||||
#ifdef OPENSSL_FIPS
|
||||
void private_RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits);
|
||||
#endif
|
||||
void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits);
|
||||
void RC2_ecb_encrypt(const unsigned char *in,unsigned char *out,RC2_KEY *key,
|
||||
int enc);
|
||||
|
|
|
@ -64,6 +64,8 @@
|
|||
#error RC4 is disabled.
|
||||
#endif
|
||||
|
||||
#include <stddef.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
@ -77,7 +79,8 @@ typedef struct rc4_key_st
|
|||
|
||||
const char *RC4_options(void);
|
||||
void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
|
||||
void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata,
|
||||
void private_RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
|
||||
void RC4(RC4_KEY *key, size_t len, const unsigned char *indata,
|
||||
unsigned char *outdata);
|
||||
|
||||
#ifdef __cplusplus
|
||||
|
|
|
@ -70,7 +70,7 @@ extern "C" {
|
|||
#error RIPEMD is disabled.
|
||||
#endif
|
||||
|
||||
#if defined(OPENSSL_SYS_WIN16) || defined(__LP32__)
|
||||
#if defined(__LP32__)
|
||||
#define RIPEMD160_LONG unsigned long
|
||||
#elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
|
||||
#define RIPEMD160_LONG unsigned long
|
||||
|
@ -91,6 +91,9 @@ typedef struct RIPEMD160state_st
|
|||
unsigned int num;
|
||||
} RIPEMD160_CTX;
|
||||
|
||||
#ifdef OPENSSL_FIPS
|
||||
int private_RIPEMD160_Init(RIPEMD160_CTX *c);
|
||||
#endif
|
||||
int RIPEMD160_Init(RIPEMD160_CTX *c);
|
||||
int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, size_t len);
|
||||
int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c);
|
||||
|
|
|
@ -117,7 +117,8 @@ struct rsa_meth_st
|
|||
unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
|
||||
int (*rsa_verify)(int dtype,
|
||||
const unsigned char *m, unsigned int m_length,
|
||||
unsigned char *sigbuf, unsigned int siglen, const RSA *rsa);
|
||||
const unsigned char *sigbuf, unsigned int siglen,
|
||||
const RSA *rsa);
|
||||
/* If this callback is NULL, the builtin software RSA key-gen will be used. This
|
||||
* is for behavioural compatibility whilst the code gets rewired, but one day
|
||||
* it would be nice to assume there are no such things as "builtin software"
|
||||
|
@ -217,11 +218,60 @@ struct rsa_st
|
|||
#endif
|
||||
|
||||
|
||||
#define EVP_PKEY_CTX_set_rsa_padding(ctx, pad) \
|
||||
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, EVP_PKEY_CTRL_RSA_PADDING, \
|
||||
pad, NULL)
|
||||
|
||||
#define EVP_PKEY_CTX_get_rsa_padding(ctx, ppad) \
|
||||
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, \
|
||||
EVP_PKEY_CTRL_GET_RSA_PADDING, 0, ppad)
|
||||
|
||||
#define EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, len) \
|
||||
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
|
||||
(EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
|
||||
EVP_PKEY_CTRL_RSA_PSS_SALTLEN, \
|
||||
len, NULL)
|
||||
|
||||
#define EVP_PKEY_CTX_get_rsa_pss_saltlen(ctx, plen) \
|
||||
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
|
||||
(EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
|
||||
EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN, \
|
||||
0, plen)
|
||||
|
||||
#define EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits) \
|
||||
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \
|
||||
EVP_PKEY_CTRL_RSA_KEYGEN_BITS, bits, NULL)
|
||||
|
||||
#define EVP_PKEY_CTX_set_rsa_keygen_pubexp(ctx, pubexp) \
|
||||
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \
|
||||
EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, 0, pubexp)
|
||||
|
||||
#define EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, md) \
|
||||
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_SIG, \
|
||||
EVP_PKEY_CTRL_RSA_MGF1_MD, 0, (void *)md)
|
||||
|
||||
#define EVP_PKEY_CTX_get_rsa_mgf1_md(ctx, pmd) \
|
||||
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_SIG, \
|
||||
EVP_PKEY_CTRL_GET_RSA_MGF1_MD, 0, (void *)pmd)
|
||||
|
||||
#define EVP_PKEY_CTRL_RSA_PADDING (EVP_PKEY_ALG_CTRL + 1)
|
||||
#define EVP_PKEY_CTRL_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 2)
|
||||
|
||||
#define EVP_PKEY_CTRL_RSA_KEYGEN_BITS (EVP_PKEY_ALG_CTRL + 3)
|
||||
#define EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP (EVP_PKEY_ALG_CTRL + 4)
|
||||
#define EVP_PKEY_CTRL_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 5)
|
||||
|
||||
#define EVP_PKEY_CTRL_GET_RSA_PADDING (EVP_PKEY_ALG_CTRL + 6)
|
||||
#define EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 7)
|
||||
#define EVP_PKEY_CTRL_GET_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 8)
|
||||
|
||||
#define RSA_PKCS1_PADDING 1
|
||||
#define RSA_SSLV23_PADDING 2
|
||||
#define RSA_NO_PADDING 3
|
||||
#define RSA_PKCS1_OAEP_PADDING 4
|
||||
#define RSA_X931_PADDING 5
|
||||
/* EVP_PKEY_ only */
|
||||
#define RSA_PKCS1_PSS_PADDING 6
|
||||
|
||||
#define RSA_PKCS1_PADDING_SIZE 11
|
||||
|
||||
|
@ -230,7 +280,7 @@ struct rsa_st
|
|||
|
||||
RSA * RSA_new(void);
|
||||
RSA * RSA_new_method(ENGINE *engine);
|
||||
int RSA_size(const RSA *);
|
||||
int RSA_size(const RSA *rsa);
|
||||
|
||||
/* Deprecated version */
|
||||
#ifndef OPENSSL_NO_DEPRECATED
|
||||
|
@ -273,6 +323,16 @@ const RSA_METHOD *RSA_null_method(void);
|
|||
DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPublicKey)
|
||||
DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPrivateKey)
|
||||
|
||||
typedef struct rsa_pss_params_st
|
||||
{
|
||||
X509_ALGOR *hashAlgorithm;
|
||||
X509_ALGOR *maskGenAlgorithm;
|
||||
ASN1_INTEGER *saltLength;
|
||||
ASN1_INTEGER *trailerField;
|
||||
} RSA_PSS_PARAMS;
|
||||
|
||||
DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
|
||||
|
||||
#ifndef OPENSSL_NO_FP_API
|
||||
int RSA_print_fp(FILE *fp, const RSA *r,int offset);
|
||||
#endif
|
||||
|
@ -281,6 +341,7 @@ int RSA_print_fp(FILE *fp, const RSA *r,int offset);
|
|||
int RSA_print(BIO *bp, const RSA *r,int offset);
|
||||
#endif
|
||||
|
||||
#ifndef OPENSSL_NO_RC4
|
||||
int i2d_RSA_NET(const RSA *a, unsigned char **pp,
|
||||
int (*cb)(char *buf, int len, const char *prompt, int verify),
|
||||
int sgckey);
|
||||
|
@ -294,13 +355,14 @@ int i2d_Netscape_RSA(const RSA *a, unsigned char **pp,
|
|||
RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length,
|
||||
int (*cb)(char *buf, int len, const char *prompt,
|
||||
int verify));
|
||||
#endif
|
||||
|
||||
/* The following 2 functions sign and verify a X509_SIG ASN1 object
|
||||
* inside PKCS#1 padded RSA encryption */
|
||||
int RSA_sign(int type, const unsigned char *m, unsigned int m_length,
|
||||
unsigned char *sigret, unsigned int *siglen, RSA *rsa);
|
||||
int RSA_verify(int type, const unsigned char *m, unsigned int m_length,
|
||||
unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
|
||||
const unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
|
||||
|
||||
/* The following 2 function sign and verify a ASN1_OCTET_STRING
|
||||
* object inside PKCS#1 padded RSA encryption */
|
||||
|
@ -351,6 +413,14 @@ int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
|
|||
const unsigned char *mHash,
|
||||
const EVP_MD *Hash, int sLen);
|
||||
|
||||
int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
|
||||
const EVP_MD *Hash, const EVP_MD *mgf1Hash,
|
||||
const unsigned char *EM, int sLen);
|
||||
|
||||
int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
|
||||
const unsigned char *mHash,
|
||||
const EVP_MD *Hash, const EVP_MD *mgf1Hash, int sLen);
|
||||
|
||||
int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
|
||||
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
|
||||
int RSA_set_ex_data(RSA *r,int idx,void *arg);
|
||||
|
@ -359,6 +429,25 @@ void *RSA_get_ex_data(const RSA *r, int idx);
|
|||
RSA *RSAPublicKey_dup(RSA *rsa);
|
||||
RSA *RSAPrivateKey_dup(RSA *rsa);
|
||||
|
||||
/* If this flag is set the RSA method is FIPS compliant and can be used
|
||||
* in FIPS mode. This is set in the validated module method. If an
|
||||
* application sets this flag in its own methods it is its responsibility
|
||||
* to ensure the result is compliant.
|
||||
*/
|
||||
|
||||
#define RSA_FLAG_FIPS_METHOD 0x0400
|
||||
|
||||
/* If this flag is set the operations normally disabled in FIPS mode are
|
||||
* permitted it is then the applications responsibility to ensure that the
|
||||
* usage is compliant.
|
||||
*/
|
||||
|
||||
#define RSA_FLAG_NON_FIPS_ALLOW 0x0400
|
||||
/* Application has decided PRNG is good enough to generate a key: don't
|
||||
* check.
|
||||
*/
|
||||
#define RSA_FLAG_CHECKED 0x0800
|
||||
|
||||
/* BEGIN ERROR CODES */
|
||||
/* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||
* made after this point may be overwritten when the script is next run.
|
||||
|
@ -368,7 +457,16 @@ void ERR_load_RSA_strings(void);
|
|||
/* Error codes for the RSA functions. */
|
||||
|
||||
/* Function codes. */
|
||||
#define RSA_F_CHECK_PADDING_MD 140
|
||||
#define RSA_F_DO_RSA_PRINT 146
|
||||
#define RSA_F_INT_RSA_VERIFY 145
|
||||
#define RSA_F_MEMORY_LOCK 100
|
||||
#define RSA_F_OLD_RSA_PRIV_DECODE 147
|
||||
#define RSA_F_PKEY_RSA_CTRL 143
|
||||
#define RSA_F_PKEY_RSA_CTRL_STR 144
|
||||
#define RSA_F_PKEY_RSA_SIGN 142
|
||||
#define RSA_F_PKEY_RSA_VERIFY 154
|
||||
#define RSA_F_PKEY_RSA_VERIFYRECOVER 141
|
||||
#define RSA_F_RSA_BUILTIN_KEYGEN 129
|
||||
#define RSA_F_RSA_CHECK_KEY 123
|
||||
#define RSA_F_RSA_EAY_PRIVATE_DECRYPT 101
|
||||
|
@ -376,6 +474,8 @@ void ERR_load_RSA_strings(void);
|
|||
#define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103
|
||||
#define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104
|
||||
#define RSA_F_RSA_GENERATE_KEY 105
|
||||
#define RSA_F_RSA_GENERATE_KEY_EX 155
|
||||
#define RSA_F_RSA_ITEM_VERIFY 156
|
||||
#define RSA_F_RSA_MEMORY_LOCK 130
|
||||
#define RSA_F_RSA_NEW_METHOD 106
|
||||
#define RSA_F_RSA_NULL 124
|
||||
|
@ -387,6 +487,7 @@ void ERR_load_RSA_strings(void);
|
|||
#define RSA_F_RSA_PADDING_ADD_NONE 107
|
||||
#define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121
|
||||
#define RSA_F_RSA_PADDING_ADD_PKCS1_PSS 125
|
||||
#define RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1 148
|
||||
#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108
|
||||
#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 109
|
||||
#define RSA_F_RSA_PADDING_ADD_SSLV23 110
|
||||
|
@ -399,12 +500,20 @@ void ERR_load_RSA_strings(void);
|
|||
#define RSA_F_RSA_PADDING_CHECK_X931 128
|
||||
#define RSA_F_RSA_PRINT 115
|
||||
#define RSA_F_RSA_PRINT_FP 116
|
||||
#define RSA_F_RSA_PRIVATE_DECRYPT 150
|
||||
#define RSA_F_RSA_PRIVATE_ENCRYPT 151
|
||||
#define RSA_F_RSA_PRIV_DECODE 137
|
||||
#define RSA_F_RSA_PRIV_ENCODE 138
|
||||
#define RSA_F_RSA_PUBLIC_DECRYPT 152
|
||||
#define RSA_F_RSA_PUBLIC_ENCRYPT 153
|
||||
#define RSA_F_RSA_PUB_DECODE 139
|
||||
#define RSA_F_RSA_SETUP_BLINDING 136
|
||||
#define RSA_F_RSA_SIGN 117
|
||||
#define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118
|
||||
#define RSA_F_RSA_VERIFY 119
|
||||
#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 120
|
||||
#define RSA_F_RSA_VERIFY_PKCS1_PSS 126
|
||||
#define RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1 149
|
||||
|
||||
/* Reason codes. */
|
||||
#define RSA_R_ALGORITHM_MISMATCH 100
|
||||
|
@ -425,18 +534,30 @@ void ERR_load_RSA_strings(void);
|
|||
#define RSA_R_DMQ1_NOT_CONGRUENT_TO_D 125
|
||||
#define RSA_R_D_E_NOT_CONGRUENT_TO_1 123
|
||||
#define RSA_R_FIRST_OCTET_INVALID 133
|
||||
#define RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE 144
|
||||
#define RSA_R_INVALID_DIGEST_LENGTH 143
|
||||
#define RSA_R_INVALID_HEADER 137
|
||||
#define RSA_R_INVALID_KEYBITS 145
|
||||
#define RSA_R_INVALID_MESSAGE_LENGTH 131
|
||||
#define RSA_R_INVALID_MGF1_MD 156
|
||||
#define RSA_R_INVALID_PADDING 138
|
||||
#define RSA_R_INVALID_PADDING_MODE 141
|
||||
#define RSA_R_INVALID_PSS_PARAMETERS 149
|
||||
#define RSA_R_INVALID_PSS_SALTLEN 146
|
||||
#define RSA_R_INVALID_SALT_LENGTH 150
|
||||
#define RSA_R_INVALID_TRAILER 139
|
||||
#define RSA_R_INVALID_X931_DIGEST 142
|
||||
#define RSA_R_IQMP_NOT_INVERSE_OF_Q 126
|
||||
#define RSA_R_KEY_SIZE_TOO_SMALL 120
|
||||
#define RSA_R_LAST_OCTET_INVALID 134
|
||||
#define RSA_R_MODULUS_TOO_LARGE 105
|
||||
#define RSA_R_NON_FIPS_RSA_METHOD 157
|
||||
#define RSA_R_NO_PUBLIC_EXPONENT 140
|
||||
#define RSA_R_NULL_BEFORE_BLOCK_MISSING 113
|
||||
#define RSA_R_N_DOES_NOT_EQUAL_P_Q 127
|
||||
#define RSA_R_OAEP_DECODING_ERROR 121
|
||||
#define RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 158
|
||||
#define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 148
|
||||
#define RSA_R_PADDING_CHECK_FAILED 114
|
||||
#define RSA_R_P_NOT_PRIME 128
|
||||
#define RSA_R_Q_NOT_PRIME 129
|
||||
|
@ -446,7 +567,13 @@ void ERR_load_RSA_strings(void);
|
|||
#define RSA_R_SSLV3_ROLLBACK_ATTACK 115
|
||||
#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
|
||||
#define RSA_R_UNKNOWN_ALGORITHM_TYPE 117
|
||||
#define RSA_R_UNKNOWN_MASK_DIGEST 151
|
||||
#define RSA_R_UNKNOWN_PADDING_TYPE 118
|
||||
#define RSA_R_UNKNOWN_PSS_DIGEST 152
|
||||
#define RSA_R_UNSUPPORTED_MASK_ALGORITHM 153
|
||||
#define RSA_R_UNSUPPORTED_MASK_PARAMETER 154
|
||||
#define RSA_R_UNSUPPORTED_SIGNATURE_TYPE 155
|
||||
#define RSA_R_VALUE_MISSING 147
|
||||
#define RSA_R_WRONG_SIGNATURE_LENGTH 119
|
||||
|
||||
#ifdef __cplusplus
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,139 @@
|
|||
/*
|
||||
* Copyright (c) 2007 KISA(Korea Information Security Agency). All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Neither the name of author nor the names of its contributors may
|
||||
* be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* openssl-core@openssl.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*
|
||||
* This product includes cryptographic software written by Eric Young
|
||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||
* Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
#ifndef HEADER_SEED_H
|
||||
#define HEADER_SEED_H
|
||||
|
||||
#include <openssl/opensslconf.h>
|
||||
#include <openssl/e_os2.h>
|
||||
#include <openssl/crypto.h>
|
||||
|
||||
#ifdef OPENSSL_NO_SEED
|
||||
#error SEED is disabled.
|
||||
#endif
|
||||
|
||||
#ifdef AES_LONG /* look whether we need 'long' to get 32 bits */
|
||||
# ifndef SEED_LONG
|
||||
# define SEED_LONG 1
|
||||
# endif
|
||||
#endif
|
||||
|
||||
#if !defined(NO_SYS_TYPES_H)
|
||||
# include <sys/types.h>
|
||||
#endif
|
||||
|
||||
#define SEED_BLOCK_SIZE 16
|
||||
#define SEED_KEY_LENGTH 16
|
||||
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
|
||||
typedef struct seed_key_st {
|
||||
#ifdef SEED_LONG
|
||||
unsigned long data[32];
|
||||
#else
|
||||
unsigned int data[32];
|
||||
#endif
|
||||
} SEED_KEY_SCHEDULE;
|
||||
|
||||
#ifdef OPENSSL_FIPS
|
||||
void private_SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH], SEED_KEY_SCHEDULE *ks);
|
||||
#endif
|
||||
void SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH], SEED_KEY_SCHEDULE *ks);
|
||||
|
||||
void SEED_encrypt(const unsigned char s[SEED_BLOCK_SIZE], unsigned char d[SEED_BLOCK_SIZE], const SEED_KEY_SCHEDULE *ks);
|
||||
void SEED_decrypt(const unsigned char s[SEED_BLOCK_SIZE], unsigned char d[SEED_BLOCK_SIZE], const SEED_KEY_SCHEDULE *ks);
|
||||
|
||||
void SEED_ecb_encrypt(const unsigned char *in, unsigned char *out, const SEED_KEY_SCHEDULE *ks, int enc);
|
||||
void SEED_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const SEED_KEY_SCHEDULE *ks, unsigned char ivec[SEED_BLOCK_SIZE], int enc);
|
||||
void SEED_cfb128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const SEED_KEY_SCHEDULE *ks, unsigned char ivec[SEED_BLOCK_SIZE], int *num, int enc);
|
||||
void SEED_ofb128_encrypt(const unsigned char *in, unsigned char *out,
|
||||
size_t len, const SEED_KEY_SCHEDULE *ks, unsigned char ivec[SEED_BLOCK_SIZE], int *num);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* HEADER_SEED_H */
|
|
@ -81,7 +81,7 @@ extern "C" {
|
|||
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
||||
*/
|
||||
|
||||
#if defined(OPENSSL_SYS_WIN16) || defined(__LP32__)
|
||||
#if defined(__LP32__)
|
||||
#define SHA_LONG unsigned long
|
||||
#elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
|
||||
#define SHA_LONG unsigned long
|
||||
|
@ -106,6 +106,9 @@ typedef struct SHAstate_st
|
|||
} SHA_CTX;
|
||||
|
||||
#ifndef OPENSSL_NO_SHA0
|
||||
#ifdef OPENSSL_FIPS
|
||||
int private_SHA_Init(SHA_CTX *c);
|
||||
#endif
|
||||
int SHA_Init(SHA_CTX *c);
|
||||
int SHA_Update(SHA_CTX *c, const void *data, size_t len);
|
||||
int SHA_Final(unsigned char *md, SHA_CTX *c);
|
||||
|
@ -113,6 +116,9 @@ unsigned char *SHA(const unsigned char *d, size_t n, unsigned char *md);
|
|||
void SHA_Transform(SHA_CTX *c, const unsigned char *data);
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_SHA1
|
||||
#ifdef OPENSSL_FIPS
|
||||
int private_SHA1_Init(SHA_CTX *c);
|
||||
#endif
|
||||
int SHA1_Init(SHA_CTX *c);
|
||||
int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
|
||||
int SHA1_Final(unsigned char *md, SHA_CTX *c);
|
||||
|
@ -135,6 +141,10 @@ typedef struct SHA256state_st
|
|||
} SHA256_CTX;
|
||||
|
||||
#ifndef OPENSSL_NO_SHA256
|
||||
#ifdef OPENSSL_FIPS
|
||||
int private_SHA224_Init(SHA256_CTX *c);
|
||||
int private_SHA256_Init(SHA256_CTX *c);
|
||||
#endif
|
||||
int SHA224_Init(SHA256_CTX *c);
|
||||
int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
|
||||
int SHA224_Final(unsigned char *md, SHA256_CTX *c);
|
||||
|
@ -182,6 +192,10 @@ typedef struct SHA512state_st
|
|||
#endif
|
||||
|
||||
#ifndef OPENSSL_NO_SHA512
|
||||
#ifdef OPENSSL_FIPS
|
||||
int private_SHA384_Init(SHA512_CTX *c);
|
||||
int private_SHA512_Init(SHA512_CTX *c);
|
||||
#endif
|
||||
int SHA384_Init(SHA512_CTX *c);
|
||||
int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
|
||||
int SHA384_Final(unsigned char *md, SHA512_CTX *c);
|
||||
|
|
|
@ -0,0 +1,172 @@
|
|||
/* crypto/srp/srp.h */
|
||||
/* Written by Christophe Renou (christophe.renou@edelweb.fr) with
|
||||
* the precious help of Peter Sylvester (peter.sylvester@edelweb.fr)
|
||||
* for the EdelKey project and contributed to the OpenSSL project 2004.
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2004 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* licensing@OpenSSL.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*
|
||||
* This product includes cryptographic software written by Eric Young
|
||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||
* Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
*/
|
||||
#ifndef __SRP_H__
|
||||
#define __SRP_H__
|
||||
|
||||
#ifndef OPENSSL_NO_SRP
|
||||
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
#include <openssl/safestack.h>
|
||||
#include <openssl/bn.h>
|
||||
#include <openssl/crypto.h>
|
||||
|
||||
typedef struct SRP_gN_cache_st
|
||||
{
|
||||
char *b64_bn;
|
||||
BIGNUM *bn;
|
||||
} SRP_gN_cache;
|
||||
|
||||
|
||||
DECLARE_STACK_OF(SRP_gN_cache)
|
||||
|
||||
typedef struct SRP_user_pwd_st
|
||||
{
|
||||
char *id;
|
||||
BIGNUM *s;
|
||||
BIGNUM *v;
|
||||
const BIGNUM *g;
|
||||
const BIGNUM *N;
|
||||
char *info;
|
||||
} SRP_user_pwd;
|
||||
|
||||
DECLARE_STACK_OF(SRP_user_pwd)
|
||||
|
||||
typedef struct SRP_VBASE_st
|
||||
{
|
||||
STACK_OF(SRP_user_pwd) *users_pwd;
|
||||
STACK_OF(SRP_gN_cache) *gN_cache;
|
||||
/* to simulate a user */
|
||||
char *seed_key;
|
||||
BIGNUM *default_g;
|
||||
BIGNUM *default_N;
|
||||
} SRP_VBASE;
|
||||
|
||||
|
||||
/*Structure interne pour retenir les couples N et g*/
|
||||
typedef struct SRP_gN_st
|
||||
{
|
||||
char *id;
|
||||
BIGNUM *g;
|
||||
BIGNUM *N;
|
||||
} SRP_gN;
|
||||
|
||||
DECLARE_STACK_OF(SRP_gN)
|
||||
|
||||
SRP_VBASE *SRP_VBASE_new(char *seed_key);
|
||||
int SRP_VBASE_free(SRP_VBASE *vb);
|
||||
int SRP_VBASE_init(SRP_VBASE *vb, char * verifier_file);
|
||||
SRP_user_pwd *SRP_VBASE_get_by_user(SRP_VBASE *vb, char *username);
|
||||
char *SRP_create_verifier(const char *user, const char *pass, char **salt,
|
||||
char **verifier, const char *N, const char *g);
|
||||
int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt, BIGNUM **verifier, BIGNUM *N, BIGNUM *g);
|
||||
|
||||
|
||||
#define SRP_NO_ERROR 0
|
||||
#define SRP_ERR_VBASE_INCOMPLETE_FILE 1
|
||||
#define SRP_ERR_VBASE_BN_LIB 2
|
||||
#define SRP_ERR_OPEN_FILE 3
|
||||
#define SRP_ERR_MEMORY 4
|
||||
|
||||
#define DB_srptype 0
|
||||
#define DB_srpverifier 1
|
||||
#define DB_srpsalt 2
|
||||
#define DB_srpid 3
|
||||
#define DB_srpgN 4
|
||||
#define DB_srpinfo 5
|
||||
#undef DB_NUMBER
|
||||
#define DB_NUMBER 6
|
||||
|
||||
#define DB_SRP_INDEX 'I'
|
||||
#define DB_SRP_VALID 'V'
|
||||
#define DB_SRP_REVOKED 'R'
|
||||
#define DB_SRP_MODIF 'v'
|
||||
|
||||
|
||||
/* see srp.c */
|
||||
char * SRP_check_known_gN_param(BIGNUM* g, BIGNUM* N);
|
||||
SRP_gN *SRP_get_default_gN(const char * id) ;
|
||||
|
||||
/* server side .... */
|
||||
BIGNUM *SRP_Calc_server_key(BIGNUM *A, BIGNUM *v, BIGNUM *u, BIGNUM *b, BIGNUM *N);
|
||||
BIGNUM *SRP_Calc_B(BIGNUM *b, BIGNUM *N, BIGNUM *g, BIGNUM *v);
|
||||
int SRP_Verify_A_mod_N(BIGNUM *A, BIGNUM *N);
|
||||
BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N) ;
|
||||
|
||||
|
||||
|
||||
/* client side .... */
|
||||
BIGNUM *SRP_Calc_x(BIGNUM *s, const char *user, const char *pass);
|
||||
BIGNUM *SRP_Calc_A(BIGNUM *a, BIGNUM *N, BIGNUM *g);
|
||||
BIGNUM *SRP_Calc_client_key(BIGNUM *N, BIGNUM *B, BIGNUM *g, BIGNUM *x, BIGNUM *a, BIGNUM *u);
|
||||
int SRP_Verify_B_mod_N(BIGNUM *B, BIGNUM *N);
|
||||
|
||||
#define SRP_MINIMAL_N 1024
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif
|
||||
#endif
|
|
@ -0,0 +1,145 @@
|
|||
/* ssl/tls1.h */
|
||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||
* All rights reserved.
|
||||
*
|
||||
* This package is an SSL implementation written
|
||||
* by Eric Young (eay@cryptsoft.com).
|
||||
* The implementation was written so as to conform with Netscapes SSL.
|
||||
*
|
||||
* This library is free for commercial and non-commercial use as long as
|
||||
* the following conditions are aheared to. The following conditions
|
||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||
* included with this distribution is covered by the same copyright terms
|
||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||
* the code are not to be removed.
|
||||
* If this package is used in a product, Eric Young should be given attribution
|
||||
* as the author of the parts of the library used.
|
||||
* This can be in the form of a textual message at program startup or
|
||||
* in documentation (online or textual) provided with the package.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. All advertising materials mentioning features or use of this software
|
||||
* must display the following acknowledgement:
|
||||
* "This product includes cryptographic software written by
|
||||
* Eric Young (eay@cryptsoft.com)"
|
||||
* The word 'cryptographic' can be left out if the rouines from the library
|
||||
* being used are not cryptographic related :-).
|
||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||
* the apps directory (application code) you must include an acknowledgement:
|
||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* The licence and distribution terms for any publically available version or
|
||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||
* copied and put under another distribution licence
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* openssl-core@openssl.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*
|
||||
* This product includes cryptographic software written by Eric Young
|
||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||
* Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
*/
|
||||
/*
|
||||
DTLS code by Eric Rescorla <ekr@rtfm.com>
|
||||
|
||||
Copyright (C) 2006, Network Resonance, Inc.
|
||||
Copyright (C) 2011, RTFM, Inc.
|
||||
*/
|
||||
|
||||
#ifndef HEADER_D1_SRTP_H
|
||||
#define HEADER_D1_SRTP_H
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
|
||||
#define SRTP_AES128_CM_SHA1_80 0x0001
|
||||
#define SRTP_AES128_CM_SHA1_32 0x0002
|
||||
#define SRTP_AES128_F8_SHA1_80 0x0003
|
||||
#define SRTP_AES128_F8_SHA1_32 0x0004
|
||||
#define SRTP_NULL_SHA1_80 0x0005
|
||||
#define SRTP_NULL_SHA1_32 0x0006
|
||||
|
||||
int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles);
|
||||
int SSL_set_tlsext_use_srtp(SSL *ctx, const char *profiles);
|
||||
SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s);
|
||||
|
||||
STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *ssl);
|
||||
SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif
|
||||
|
File diff suppressed because it is too large
Load Diff
|
@ -155,6 +155,8 @@ extern "C" {
|
|||
#define CERT char
|
||||
#endif
|
||||
|
||||
#ifndef OPENSSL_NO_SSL_INTERN
|
||||
|
||||
typedef struct ssl2_state_st
|
||||
{
|
||||
int three_byte_header;
|
||||
|
@ -219,6 +221,8 @@ typedef struct ssl2_state_st
|
|||
} tmp;
|
||||
} SSL2_STATE;
|
||||
|
||||
#endif
|
||||
|
||||
/* SSLv2 */
|
||||
/* client */
|
||||
#define SSL2_ST_SEND_CLIENT_HELLO_A (0x10|SSL_ST_CONNECT)
|
||||
|
|
|
@ -123,12 +123,14 @@
|
|||
#include <openssl/buffer.h>
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/ssl.h>
|
||||
#include <openssl/pq_compat.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/* Signalling cipher suite value: from draft-ietf-tls-renegotiation-03.txt */
|
||||
#define SSL3_CK_SCSV 0x030000FF
|
||||
|
||||
#define SSL3_CK_RSA_NULL_MD5 0x03000001
|
||||
#define SSL3_CK_RSA_NULL_SHA 0x03000002
|
||||
#define SSL3_CK_RSA_RC4_40_MD5 0x03000003
|
||||
|
@ -160,12 +162,14 @@ extern "C" {
|
|||
#define SSL3_CK_ADH_DES_64_CBC_SHA 0x0300001A
|
||||
#define SSL3_CK_ADH_DES_192_CBC_SHA 0x0300001B
|
||||
|
||||
#define SSL3_CK_FZA_DMS_NULL_SHA 0x0300001C
|
||||
#define SSL3_CK_FZA_DMS_FZA_SHA 0x0300001D
|
||||
#if 0 /* Because it clashes with KRB5, is never used any more, and is safe
|
||||
to remove according to David Hopwood <david.hopwood@zetnet.co.uk>
|
||||
of the ietf-tls list */
|
||||
#define SSL3_CK_FZA_DMS_RC4_SHA 0x0300001E
|
||||
#if 0
|
||||
#define SSL3_CK_FZA_DMS_NULL_SHA 0x0300001C
|
||||
#define SSL3_CK_FZA_DMS_FZA_SHA 0x0300001D
|
||||
#if 0 /* Because it clashes with KRB5, is never used any more, and is safe
|
||||
to remove according to David Hopwood <david.hopwood@zetnet.co.uk>
|
||||
of the ietf-tls list */
|
||||
#define SSL3_CK_FZA_DMS_RC4_SHA 0x0300001E
|
||||
#endif
|
||||
#endif
|
||||
|
||||
/* VRS Additional Kerberos5 entries
|
||||
|
@ -217,9 +221,11 @@ extern "C" {
|
|||
#define SSL3_TXT_ADH_DES_64_CBC_SHA "ADH-DES-CBC-SHA"
|
||||
#define SSL3_TXT_ADH_DES_192_CBC_SHA "ADH-DES-CBC3-SHA"
|
||||
|
||||
#define SSL3_TXT_FZA_DMS_NULL_SHA "FZA-NULL-SHA"
|
||||
#define SSL3_TXT_FZA_DMS_FZA_SHA "FZA-FZA-CBC-SHA"
|
||||
#define SSL3_TXT_FZA_DMS_RC4_SHA "FZA-RC4-SHA"
|
||||
#if 0
|
||||
#define SSL3_TXT_FZA_DMS_NULL_SHA "FZA-NULL-SHA"
|
||||
#define SSL3_TXT_FZA_DMS_FZA_SHA "FZA-FZA-CBC-SHA"
|
||||
#define SSL3_TXT_FZA_DMS_RC4_SHA "FZA-RC4-SHA"
|
||||
#endif
|
||||
|
||||
#define SSL3_TXT_KRB5_DES_64_CBC_SHA "KRB5-DES-CBC-SHA"
|
||||
#define SSL3_TXT_KRB5_DES_192_CBC3_SHA "KRB5-DES-CBC3-SHA"
|
||||
|
@ -245,23 +251,65 @@ extern "C" {
|
|||
#define SSL3_SESSION_ID_SIZE 32
|
||||
#define SSL3_RT_HEADER_LENGTH 5
|
||||
|
||||
/* Due to MS stuffing up, this can change.... */
|
||||
#if defined(OPENSSL_SYS_WIN16) || \
|
||||
(defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32))
|
||||
#define SSL3_RT_MAX_EXTRA (14000)
|
||||
#ifndef SSL3_ALIGN_PAYLOAD
|
||||
/* Some will argue that this increases memory footprint, but it's
|
||||
* not actually true. Point is that malloc has to return at least
|
||||
* 64-bit aligned pointers, meaning that allocating 5 bytes wastes
|
||||
* 3 bytes in either case. Suggested pre-gaping simply moves these
|
||||
* wasted bytes from the end of allocated region to its front,
|
||||
* but makes data payload aligned, which improves performance:-) */
|
||||
# define SSL3_ALIGN_PAYLOAD 8
|
||||
#else
|
||||
#define SSL3_RT_MAX_EXTRA (16384)
|
||||
# if (SSL3_ALIGN_PAYLOAD&(SSL3_ALIGN_PAYLOAD-1))!=0
|
||||
# error "insane SSL3_ALIGN_PAYLOAD"
|
||||
# undef SSL3_ALIGN_PAYLOAD
|
||||
# endif
|
||||
#endif
|
||||
|
||||
/* This is the maximum MAC (digest) size used by the SSL library.
|
||||
* Currently maximum of 20 is used by SHA1, but we reserve for
|
||||
* future extension for 512-bit hashes.
|
||||
*/
|
||||
|
||||
#define SSL3_RT_MAX_MD_SIZE 64
|
||||
|
||||
/* Maximum block size used in all ciphersuites. Currently 16 for AES.
|
||||
*/
|
||||
|
||||
#define SSL_RT_MAX_CIPHER_BLOCK_SIZE 16
|
||||
|
||||
#define SSL3_RT_MAX_EXTRA (16384)
|
||||
|
||||
/* Maximum plaintext length: defined by SSL/TLS standards */
|
||||
#define SSL3_RT_MAX_PLAIN_LENGTH 16384
|
||||
/* Maximum compression overhead: defined by SSL/TLS standards */
|
||||
#define SSL3_RT_MAX_COMPRESSED_OVERHEAD 1024
|
||||
|
||||
/* The standards give a maximum encryption overhead of 1024 bytes.
|
||||
* In practice the value is lower than this. The overhead is the maximum
|
||||
* number of padding bytes (256) plus the mac size.
|
||||
*/
|
||||
#define SSL3_RT_MAX_ENCRYPTED_OVERHEAD (256 + SSL3_RT_MAX_MD_SIZE)
|
||||
|
||||
/* OpenSSL currently only uses a padding length of at most one block so
|
||||
* the send overhead is smaller.
|
||||
*/
|
||||
|
||||
#define SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD \
|
||||
(SSL_RT_MAX_CIPHER_BLOCK_SIZE + SSL3_RT_MAX_MD_SIZE)
|
||||
|
||||
/* If compression isn't used don't include the compression overhead */
|
||||
|
||||
#ifdef OPENSSL_NO_COMP
|
||||
#define SSL3_RT_MAX_COMPRESSED_LENGTH SSL3_RT_MAX_PLAIN_LENGTH
|
||||
#define SSL3_RT_MAX_COMPRESSED_LENGTH SSL3_RT_MAX_PLAIN_LENGTH
|
||||
#else
|
||||
#define SSL3_RT_MAX_COMPRESSED_LENGTH (1024+SSL3_RT_MAX_PLAIN_LENGTH)
|
||||
#define SSL3_RT_MAX_COMPRESSED_LENGTH \
|
||||
(SSL3_RT_MAX_PLAIN_LENGTH+SSL3_RT_MAX_COMPRESSED_OVERHEAD)
|
||||
#endif
|
||||
#define SSL3_RT_MAX_ENCRYPTED_LENGTH (1024+SSL3_RT_MAX_COMPRESSED_LENGTH)
|
||||
#define SSL3_RT_MAX_PACKET_SIZE (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH)
|
||||
#define SSL3_RT_MAX_DATA_SIZE (1024*1024)
|
||||
#define SSL3_RT_MAX_ENCRYPTED_LENGTH \
|
||||
(SSL3_RT_MAX_ENCRYPTED_OVERHEAD+SSL3_RT_MAX_COMPRESSED_LENGTH)
|
||||
#define SSL3_RT_MAX_PACKET_SIZE \
|
||||
(SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH)
|
||||
|
||||
#define SSL3_MD_CLIENT_FINISHED_CONST "\x43\x4C\x4E\x54"
|
||||
#define SSL3_MD_SERVER_FINISHED_CONST "\x53\x52\x56\x52"
|
||||
|
@ -274,6 +322,7 @@ extern "C" {
|
|||
#define SSL3_RT_ALERT 21
|
||||
#define SSL3_RT_HANDSHAKE 22
|
||||
#define SSL3_RT_APPLICATION_DATA 23
|
||||
#define TLS1_RT_HEARTBEAT 24
|
||||
|
||||
#define SSL3_AL_WARNING 1
|
||||
#define SSL3_AL_FATAL 2
|
||||
|
@ -291,6 +340,11 @@ extern "C" {
|
|||
#define SSL3_AD_CERTIFICATE_UNKNOWN 46
|
||||
#define SSL3_AD_ILLEGAL_PARAMETER 47 /* fatal */
|
||||
|
||||
#define TLS1_HB_REQUEST 1
|
||||
#define TLS1_HB_RESPONSE 2
|
||||
|
||||
#ifndef OPENSSL_NO_SSL_INTERN
|
||||
|
||||
typedef struct ssl3_record_st
|
||||
{
|
||||
/*r */ int type; /* type of record */
|
||||
|
@ -300,7 +354,7 @@ typedef struct ssl3_record_st
|
|||
/*rw*/ unsigned char *input; /* where the decode bytes are */
|
||||
/*r */ unsigned char *comp; /* only used with decompression - malloc()ed */
|
||||
/*r */ unsigned long epoch; /* epoch number, needed by DTLS1 */
|
||||
/*r */ PQ_64BIT seq_num; /* sequence number, needed by DTLS1 */
|
||||
/*r */ unsigned char seq_num[8]; /* sequence number, needed by DTLS1 */
|
||||
} SSL3_RECORD;
|
||||
|
||||
typedef struct ssl3_buffer_st
|
||||
|
@ -312,6 +366,8 @@ typedef struct ssl3_buffer_st
|
|||
int left; /* how many bytes left */
|
||||
} SSL3_BUFFER;
|
||||
|
||||
#endif
|
||||
|
||||
#define SSL3_CT_RSA_SIGN 1
|
||||
#define SSL3_CT_DSS_SIGN 2
|
||||
#define SSL3_CT_RSA_FIXED_DH 3
|
||||
|
@ -323,13 +379,28 @@ typedef struct ssl3_buffer_st
|
|||
* enough to contain all of the cert types defined either for
|
||||
* SSLv3 and TLSv1.
|
||||
*/
|
||||
#define SSL3_CT_NUMBER 7
|
||||
#define SSL3_CT_NUMBER 9
|
||||
|
||||
|
||||
#define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001
|
||||
#define SSL3_FLAGS_DELAY_CLIENT_FINISHED 0x0002
|
||||
#define SSL3_FLAGS_POP_BUFFER 0x0004
|
||||
#define TLS1_FLAGS_TLS_PADDING_BUG 0x0008
|
||||
#define TLS1_FLAGS_SKIP_CERT_VERIFY 0x0010
|
||||
#define TLS1_FLAGS_KEEP_HANDSHAKE 0x0020
|
||||
|
||||
/* SSL3_FLAGS_SGC_RESTART_DONE is set when we
|
||||
* restart a handshake because of MS SGC and so prevents us
|
||||
* from restarting the handshake in a loop. It's reset on a
|
||||
* renegotiation, so effectively limits the client to one restart
|
||||
* per negotiation. This limits the possibility of a DDoS
|
||||
* attack where the client handshakes in a loop using SGC to
|
||||
* restart. Servers which permit renegotiation can still be
|
||||
* effected, but we can't prevent that.
|
||||
*/
|
||||
#define SSL3_FLAGS_SGC_RESTART_DONE 0x0040
|
||||
|
||||
#ifndef OPENSSL_NO_SSL_INTERN
|
||||
|
||||
typedef struct ssl3_state_st
|
||||
{
|
||||
|
@ -337,8 +408,10 @@ typedef struct ssl3_state_st
|
|||
int delay_buf_pop_ret;
|
||||
|
||||
unsigned char read_sequence[8];
|
||||
int read_mac_secret_size;
|
||||
unsigned char read_mac_secret[EVP_MAX_MD_SIZE];
|
||||
unsigned char write_sequence[8];
|
||||
int write_mac_secret_size;
|
||||
unsigned char write_mac_secret[EVP_MAX_MD_SIZE];
|
||||
|
||||
unsigned char server_random[SSL3_RANDOM_SIZE];
|
||||
|
@ -348,6 +421,9 @@ typedef struct ssl3_state_st
|
|||
int need_empty_fragments;
|
||||
int empty_fragment_done;
|
||||
|
||||
/* The value of 'extra' when the buffers were initialized */
|
||||
int init_extra;
|
||||
|
||||
SSL3_BUFFER rbuf; /* read IO goes into here */
|
||||
SSL3_BUFFER wbuf; /* write IO goes into here */
|
||||
|
||||
|
@ -369,9 +445,11 @@ typedef struct ssl3_state_st
|
|||
const unsigned char *wpend_buf;
|
||||
|
||||
/* used during startup, digest all incoming/outgoing packets */
|
||||
EVP_MD_CTX finish_dgst1;
|
||||
EVP_MD_CTX finish_dgst2;
|
||||
|
||||
BIO *handshake_buffer;
|
||||
/* When set of handshake digests is determined, buffer is hashed
|
||||
* and freed and MD_CTX-es for all required digests are stored in
|
||||
* this array */
|
||||
EVP_MD_CTX **handshake_dgst;
|
||||
/* this is set whenerver we see a change_cipher_spec message
|
||||
* come in when we are not looking for one */
|
||||
int change_cipher_spec;
|
||||
|
@ -391,6 +469,14 @@ typedef struct ssl3_state_st
|
|||
|
||||
int in_read_app_data;
|
||||
|
||||
/* Opaque PRF input as used for the current handshake.
|
||||
* These fields are used only if TLSEXT_TYPE_opaque_prf_input is defined
|
||||
* (otherwise, they are merely present to improve binary compatibility) */
|
||||
void *client_opaque_prf_input;
|
||||
size_t client_opaque_prf_input_len;
|
||||
void *server_opaque_prf_input;
|
||||
size_t server_opaque_prf_input_len;
|
||||
|
||||
struct {
|
||||
/* actually only needs to be 16+20 */
|
||||
unsigned char cert_verify_md[EVP_MAX_MD_SIZE*2];
|
||||
|
@ -400,12 +486,12 @@ typedef struct ssl3_state_st
|
|||
int finish_md_len;
|
||||
unsigned char peer_finish_md[EVP_MAX_MD_SIZE*2];
|
||||
int peer_finish_md_len;
|
||||
|
||||
|
||||
unsigned long message_size;
|
||||
int message_type;
|
||||
|
||||
/* used to hold the new cipher we are going to use */
|
||||
SSL_CIPHER *new_cipher;
|
||||
const SSL_CIPHER *new_cipher;
|
||||
#ifndef OPENSSL_NO_DH
|
||||
DH *dh;
|
||||
#endif
|
||||
|
@ -432,6 +518,8 @@ typedef struct ssl3_state_st
|
|||
|
||||
const EVP_CIPHER *new_sym_enc;
|
||||
const EVP_MD *new_hash;
|
||||
int new_mac_pkey_type;
|
||||
int new_mac_secret_size;
|
||||
#ifndef OPENSSL_NO_COMP
|
||||
const SSL_COMP *new_compression;
|
||||
#else
|
||||
|
@ -440,13 +528,29 @@ typedef struct ssl3_state_st
|
|||
int cert_request;
|
||||
} tmp;
|
||||
|
||||
/* Connection binding to prevent renegotiation attacks */
|
||||
unsigned char previous_client_finished[EVP_MAX_MD_SIZE];
|
||||
unsigned char previous_client_finished_len;
|
||||
unsigned char previous_server_finished[EVP_MAX_MD_SIZE];
|
||||
unsigned char previous_server_finished_len;
|
||||
int send_connection_binding; /* TODOEKR */
|
||||
|
||||
#ifndef OPENSSL_NO_NEXTPROTONEG
|
||||
/* Set if we saw the Next Protocol Negotiation extension from our peer. */
|
||||
int next_proto_neg_seen;
|
||||
#endif
|
||||
} SSL3_STATE;
|
||||
|
||||
#endif
|
||||
|
||||
/* SSLv3 */
|
||||
/*client */
|
||||
/* extra state */
|
||||
#define SSL3_ST_CW_FLUSH (0x100|SSL_ST_CONNECT)
|
||||
#ifndef OPENSSL_NO_SCTP
|
||||
#define DTLS1_SCTP_ST_CW_WRITE_SOCK (0x310|SSL_ST_CONNECT)
|
||||
#define DTLS1_SCTP_ST_CR_READ_SOCK (0x320|SSL_ST_CONNECT)
|
||||
#endif
|
||||
/* write to server */
|
||||
#define SSL3_ST_CW_CLNT_HELLO_A (0x110|SSL_ST_CONNECT)
|
||||
#define SSL3_ST_CW_CLNT_HELLO_B (0x111|SSL_ST_CONNECT)
|
||||
|
@ -474,6 +578,10 @@ typedef struct ssl3_state_st
|
|||
#define SSL3_ST_CW_CERT_VRFY_B (0x191|SSL_ST_CONNECT)
|
||||
#define SSL3_ST_CW_CHANGE_A (0x1A0|SSL_ST_CONNECT)
|
||||
#define SSL3_ST_CW_CHANGE_B (0x1A1|SSL_ST_CONNECT)
|
||||
#ifndef OPENSSL_NO_NEXTPROTONEG
|
||||
#define SSL3_ST_CW_NEXT_PROTO_A (0x200|SSL_ST_CONNECT)
|
||||
#define SSL3_ST_CW_NEXT_PROTO_B (0x201|SSL_ST_CONNECT)
|
||||
#endif
|
||||
#define SSL3_ST_CW_FINISHED_A (0x1B0|SSL_ST_CONNECT)
|
||||
#define SSL3_ST_CW_FINISHED_B (0x1B1|SSL_ST_CONNECT)
|
||||
/* read from server */
|
||||
|
@ -489,6 +597,10 @@ typedef struct ssl3_state_st
|
|||
/* server */
|
||||
/* extra state */
|
||||
#define SSL3_ST_SW_FLUSH (0x100|SSL_ST_ACCEPT)
|
||||
#ifndef OPENSSL_NO_SCTP
|
||||
#define DTLS1_SCTP_ST_SW_WRITE_SOCK (0x310|SSL_ST_ACCEPT)
|
||||
#define DTLS1_SCTP_ST_SR_READ_SOCK (0x320|SSL_ST_ACCEPT)
|
||||
#endif
|
||||
/* read from client */
|
||||
/* Do not change the number values, they do matter */
|
||||
#define SSL3_ST_SR_CLNT_HELLO_A (0x110|SSL_ST_ACCEPT)
|
||||
|
@ -519,6 +631,10 @@ typedef struct ssl3_state_st
|
|||
#define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT)
|
||||
#define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT)
|
||||
#define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT)
|
||||
#ifndef OPENSSL_NO_NEXTPROTONEG
|
||||
#define SSL3_ST_SR_NEXT_PROTO_A (0x210|SSL_ST_ACCEPT)
|
||||
#define SSL3_ST_SR_NEXT_PROTO_B (0x211|SSL_ST_ACCEPT)
|
||||
#endif
|
||||
#define SSL3_ST_SR_FINISHED_A (0x1C0|SSL_ST_ACCEPT)
|
||||
#define SSL3_ST_SR_FINISHED_B (0x1C1|SSL_ST_ACCEPT)
|
||||
/* write to client */
|
||||
|
@ -543,6 +659,9 @@ typedef struct ssl3_state_st
|
|||
#define SSL3_MT_CLIENT_KEY_EXCHANGE 16
|
||||
#define SSL3_MT_FINISHED 20
|
||||
#define SSL3_MT_CERTIFICATE_STATUS 22
|
||||
#ifndef OPENSSL_NO_NEXTPROTONEG
|
||||
#define SSL3_MT_NEXT_PROTO 67
|
||||
#endif
|
||||
#define DTLS1_MT_HELLO_VERIFY_REQUEST 3
|
||||
|
||||
|
||||
|
|
|
@ -70,37 +70,36 @@ typedef struct stack_st
|
|||
int sorted;
|
||||
|
||||
int num_alloc;
|
||||
int (*comp)(const char * const *, const char * const *);
|
||||
} STACK;
|
||||
int (*comp)(const void *, const void *);
|
||||
} _STACK; /* Use STACK_OF(...) instead */
|
||||
|
||||
#define M_sk_num(sk) ((sk) ? (sk)->num:-1)
|
||||
#define M_sk_value(sk,n) ((sk) ? (sk)->data[n] : NULL)
|
||||
|
||||
int sk_num(const STACK *);
|
||||
char *sk_value(const STACK *, int);
|
||||
int sk_num(const _STACK *);
|
||||
void *sk_value(const _STACK *, int);
|
||||
|
||||
char *sk_set(STACK *, int, char *);
|
||||
void *sk_set(_STACK *, int, void *);
|
||||
|
||||
STACK *sk_new(int (*cmp)(const char * const *, const char * const *));
|
||||
STACK *sk_new_null(void);
|
||||
void sk_free(STACK *);
|
||||
void sk_pop_free(STACK *st, void (*func)(void *));
|
||||
int sk_insert(STACK *sk,char *data,int where);
|
||||
char *sk_delete(STACK *st,int loc);
|
||||
char *sk_delete_ptr(STACK *st, char *p);
|
||||
int sk_find(STACK *st,char *data);
|
||||
int sk_find_ex(STACK *st,char *data);
|
||||
int sk_push(STACK *st,char *data);
|
||||
int sk_unshift(STACK *st,char *data);
|
||||
char *sk_shift(STACK *st);
|
||||
char *sk_pop(STACK *st);
|
||||
void sk_zero(STACK *st);
|
||||
int (*sk_set_cmp_func(STACK *sk, int (*c)(const char * const *,
|
||||
const char * const *)))
|
||||
(const char * const *, const char * const *);
|
||||
STACK *sk_dup(STACK *st);
|
||||
void sk_sort(STACK *st);
|
||||
int sk_is_sorted(const STACK *st);
|
||||
_STACK *sk_new(int (*cmp)(const void *, const void *));
|
||||
_STACK *sk_new_null(void);
|
||||
void sk_free(_STACK *);
|
||||
void sk_pop_free(_STACK *st, void (*func)(void *));
|
||||
int sk_insert(_STACK *sk, void *data, int where);
|
||||
void *sk_delete(_STACK *st, int loc);
|
||||
void *sk_delete_ptr(_STACK *st, void *p);
|
||||
int sk_find(_STACK *st, void *data);
|
||||
int sk_find_ex(_STACK *st, void *data);
|
||||
int sk_push(_STACK *st, void *data);
|
||||
int sk_unshift(_STACK *st, void *data);
|
||||
void *sk_shift(_STACK *st);
|
||||
void *sk_pop(_STACK *st);
|
||||
void sk_zero(_STACK *st);
|
||||
int (*sk_set_cmp_func(_STACK *sk, int (*c)(const void *, const void *)))
|
||||
(const void *, const void *);
|
||||
_STACK *sk_dup(_STACK *st);
|
||||
void sk_sort(_STACK *st);
|
||||
int sk_is_sorted(const _STACK *st);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
|
|
|
@ -60,6 +60,11 @@
|
|||
/* Hacks to solve the problem with linkers incapable of handling very long
|
||||
symbol names. In the case of VMS, the limit is 31 characters on VMS for
|
||||
VAX. */
|
||||
/* Note that this affects util/libeay.num and util/ssleay.num... you may
|
||||
change those manually, but that's not recommended, as those files are
|
||||
controlled centrally and updated on Unix, and the central definition
|
||||
may disagree with yours, which in turn may come with shareable library
|
||||
incompatibilities. */
|
||||
#ifdef OPENSSL_SYS_VMS
|
||||
|
||||
/* Hack a long name in crypto/ex_data.c */
|
||||
|
@ -133,6 +138,8 @@
|
|||
#define X509_policy_node_get0_qualifiers X509_pcy_node_get0_qualifiers
|
||||
#undef X509_STORE_CTX_get_explicit_policy
|
||||
#define X509_STORE_CTX_get_explicit_policy X509_STORE_CTX_get_expl_policy
|
||||
#undef X509_STORE_CTX_get0_current_issuer
|
||||
#define X509_STORE_CTX_get0_current_issuer X509_STORE_CTX_get0_cur_issuer
|
||||
|
||||
/* Hack some long CRYPTO names */
|
||||
#undef CRYPTO_set_dynlock_destroy_callback
|
||||
|
@ -140,9 +147,9 @@
|
|||
#undef CRYPTO_set_dynlock_create_callback
|
||||
#define CRYPTO_set_dynlock_create_callback CRYPTO_set_dynlock_create_cb
|
||||
#undef CRYPTO_set_dynlock_lock_callback
|
||||
#define CRYPTO_set_dynlock_lock_callback CRYPTO_set_dynlock_lock_cb
|
||||
#define CRYPTO_set_dynlock_lock_callback CRYPTO_set_dynlock_lock_cb
|
||||
#undef CRYPTO_get_dynlock_lock_callback
|
||||
#define CRYPTO_get_dynlock_lock_callback CRYPTO_get_dynlock_lock_cb
|
||||
#define CRYPTO_get_dynlock_lock_callback CRYPTO_get_dynlock_lock_cb
|
||||
#undef CRYPTO_get_dynlock_destroy_callback
|
||||
#define CRYPTO_get_dynlock_destroy_callback CRYPTO_get_dynlock_destroy_cb
|
||||
#undef CRYPTO_get_dynlock_create_callback
|
||||
|
@ -154,7 +161,7 @@
|
|||
|
||||
/* Hack some long SSL names */
|
||||
#undef SSL_CTX_set_default_verify_paths
|
||||
#define SSL_CTX_set_default_verify_paths SSL_CTX_set_def_verify_paths
|
||||
#define SSL_CTX_set_default_verify_paths SSL_CTX_set_def_verify_paths
|
||||
#undef SSL_get_ex_data_X509_STORE_CTX_idx
|
||||
#define SSL_get_ex_data_X509_STORE_CTX_idx SSL_get_ex_d_X509_STORE_CTX_idx
|
||||
#undef SSL_add_file_cert_subjects_to_stack
|
||||
|
@ -164,11 +171,39 @@
|
|||
#undef SSL_CTX_use_certificate_chain_file
|
||||
#define SSL_CTX_use_certificate_chain_file SSL_CTX_use_cert_chain_file
|
||||
#undef SSL_CTX_set_cert_verify_callback
|
||||
#define SSL_CTX_set_cert_verify_callback SSL_CTX_set_cert_verify_cb
|
||||
#define SSL_CTX_set_cert_verify_callback SSL_CTX_set_cert_verify_cb
|
||||
#undef SSL_CTX_set_default_passwd_cb_userdata
|
||||
#define SSL_CTX_set_default_passwd_cb_userdata SSL_CTX_set_def_passwd_cb_ud
|
||||
#undef SSL_COMP_get_compression_methods
|
||||
#define SSL_COMP_get_compression_methods SSL_COMP_get_compress_methods
|
||||
#undef ssl_add_clienthello_renegotiate_ext
|
||||
#define ssl_add_clienthello_renegotiate_ext ssl_add_clienthello_reneg_ext
|
||||
#undef ssl_add_serverhello_renegotiate_ext
|
||||
#define ssl_add_serverhello_renegotiate_ext ssl_add_serverhello_reneg_ext
|
||||
#undef ssl_parse_clienthello_renegotiate_ext
|
||||
#define ssl_parse_clienthello_renegotiate_ext ssl_parse_clienthello_reneg_ext
|
||||
#undef ssl_parse_serverhello_renegotiate_ext
|
||||
#define ssl_parse_serverhello_renegotiate_ext ssl_parse_serverhello_reneg_ext
|
||||
#undef SSL_srp_server_param_with_username
|
||||
#define SSL_srp_server_param_with_username SSL_srp_server_param_with_un
|
||||
#undef SSL_CTX_set_srp_client_pwd_callback
|
||||
#define SSL_CTX_set_srp_client_pwd_callback SSL_CTX_set_srp_client_pwd_cb
|
||||
#undef SSL_CTX_set_srp_verify_param_callback
|
||||
#define SSL_CTX_set_srp_verify_param_callback SSL_CTX_set_srp_vfy_param_cb
|
||||
#undef SSL_CTX_set_srp_username_callback
|
||||
#define SSL_CTX_set_srp_username_callback SSL_CTX_set_srp_un_cb
|
||||
#undef ssl_add_clienthello_use_srtp_ext
|
||||
#define ssl_add_clienthello_use_srtp_ext ssl_add_clihello_use_srtp_ext
|
||||
#undef ssl_add_serverhello_use_srtp_ext
|
||||
#define ssl_add_serverhello_use_srtp_ext ssl_add_serhello_use_srtp_ext
|
||||
#undef ssl_parse_clienthello_use_srtp_ext
|
||||
#define ssl_parse_clienthello_use_srtp_ext ssl_parse_clihello_use_srtp_ext
|
||||
#undef ssl_parse_serverhello_use_srtp_ext
|
||||
#define ssl_parse_serverhello_use_srtp_ext ssl_parse_serhello_use_srtp_ext
|
||||
#undef SSL_CTX_set_next_protos_advertised_cb
|
||||
#define SSL_CTX_set_next_protos_advertised_cb SSL_CTX_set_next_protos_adv_cb
|
||||
#undef SSL_CTX_set_next_proto_select_cb
|
||||
#define SSL_CTX_set_next_proto_select_cb SSL_CTX_set_next_proto_sel_cb
|
||||
|
||||
/* Hack some long ENGINE names */
|
||||
#undef ENGINE_get_default_BN_mod_exp_crt
|
||||
|
@ -176,13 +211,26 @@
|
|||
#undef ENGINE_set_default_BN_mod_exp_crt
|
||||
#define ENGINE_set_default_BN_mod_exp_crt ENGINE_set_def_BN_mod_exp_crt
|
||||
#undef ENGINE_set_load_privkey_function
|
||||
#define ENGINE_set_load_privkey_function ENGINE_set_load_privkey_fn
|
||||
#define ENGINE_set_load_privkey_function ENGINE_set_load_privkey_fn
|
||||
#undef ENGINE_get_load_privkey_function
|
||||
#define ENGINE_get_load_privkey_function ENGINE_get_load_privkey_fn
|
||||
#define ENGINE_get_load_privkey_function ENGINE_get_load_privkey_fn
|
||||
#undef ENGINE_unregister_pkey_asn1_meths
|
||||
#define ENGINE_unregister_pkey_asn1_meths ENGINE_unreg_pkey_asn1_meths
|
||||
#undef ENGINE_register_all_pkey_asn1_meths
|
||||
#define ENGINE_register_all_pkey_asn1_meths ENGINE_reg_all_pkey_asn1_meths
|
||||
#undef ENGINE_set_default_pkey_asn1_meths
|
||||
#define ENGINE_set_default_pkey_asn1_meths ENGINE_set_def_pkey_asn1_meths
|
||||
#undef ENGINE_get_pkey_asn1_meth_engine
|
||||
#define ENGINE_get_pkey_asn1_meth_engine ENGINE_get_pkey_asn1_meth_eng
|
||||
#undef ENGINE_set_load_ssl_client_cert_function
|
||||
#define ENGINE_set_load_ssl_client_cert_function \
|
||||
ENGINE_set_ld_ssl_clnt_cert_fn
|
||||
#undef ENGINE_get_ssl_client_cert_function
|
||||
#define ENGINE_get_ssl_client_cert_function ENGINE_get_ssl_client_cert_fn
|
||||
|
||||
/* Hack some long OCSP names */
|
||||
#undef OCSP_REQUEST_get_ext_by_critical
|
||||
#define OCSP_REQUEST_get_ext_by_critical OCSP_REQUEST_get_ext_by_crit
|
||||
#define OCSP_REQUEST_get_ext_by_critical OCSP_REQUEST_get_ext_by_crit
|
||||
#undef OCSP_BASICRESP_get_ext_by_critical
|
||||
#define OCSP_BASICRESP_get_ext_by_critical OCSP_BASICRESP_get_ext_by_crit
|
||||
#undef OCSP_SINGLERESP_get_ext_by_critical
|
||||
|
@ -199,6 +247,8 @@
|
|||
#define OPENSSL_add_all_algorithms_noconf OPENSSL_add_all_algo_noconf
|
||||
#undef OPENSSL_add_all_algorithms_conf
|
||||
#define OPENSSL_add_all_algorithms_conf OPENSSL_add_all_algo_conf
|
||||
#undef EVP_PKEY_meth_set_verify_recover
|
||||
#define EVP_PKEY_meth_set_verify_recover EVP_PKEY_meth_set_vrfy_recover
|
||||
|
||||
/* Hack some long EC names */
|
||||
#undef EC_GROUP_set_point_conversion_form
|
||||
|
@ -207,6 +257,9 @@
|
|||
#define EC_GROUP_get_point_conversion_form EC_GROUP_get_point_conv_form
|
||||
#undef EC_GROUP_clear_free_all_extra_data
|
||||
#define EC_GROUP_clear_free_all_extra_data EC_GROUP_clr_free_all_xtra_data
|
||||
#undef EC_KEY_set_public_key_affine_coordinates
|
||||
#define EC_KEY_set_public_key_affine_coordinates \
|
||||
EC_KEY_set_pub_key_aff_coords
|
||||
#undef EC_POINT_set_Jprojective_coordinates_GFp
|
||||
#define EC_POINT_set_Jprojective_coordinates_GFp \
|
||||
EC_POINT_set_Jproj_coords_GFp
|
||||
|
@ -227,15 +280,15 @@
|
|||
#define EC_POINT_set_compressed_coordinates_GF2m \
|
||||
EC_POINT_set_compr_coords_GF2m
|
||||
#undef ec_GF2m_simple_group_clear_finish
|
||||
#define ec_GF2m_simple_group_clear_finish ec_GF2m_simple_grp_clr_finish
|
||||
#define ec_GF2m_simple_group_clear_finish ec_GF2m_simple_grp_clr_finish
|
||||
#undef ec_GF2m_simple_group_check_discriminant
|
||||
#define ec_GF2m_simple_group_check_discriminant ec_GF2m_simple_grp_chk_discrim
|
||||
#undef ec_GF2m_simple_point_clear_finish
|
||||
#define ec_GF2m_simple_point_clear_finish ec_GF2m_simple_pt_clr_finish
|
||||
#define ec_GF2m_simple_point_clear_finish ec_GF2m_simple_pt_clr_finish
|
||||
#undef ec_GF2m_simple_point_set_to_infinity
|
||||
#define ec_GF2m_simple_point_set_to_infinity ec_GF2m_simple_pt_set_to_inf
|
||||
#define ec_GF2m_simple_point_set_to_infinity ec_GF2m_simple_pt_set_to_inf
|
||||
#undef ec_GF2m_simple_points_make_affine
|
||||
#define ec_GF2m_simple_points_make_affine ec_GF2m_simple_pts_make_affine
|
||||
#define ec_GF2m_simple_points_make_affine ec_GF2m_simple_pts_make_affine
|
||||
#undef ec_GF2m_simple_point_set_affine_coordinates
|
||||
#define ec_GF2m_simple_point_set_affine_coordinates \
|
||||
ec_GF2m_smp_pt_set_af_coords
|
||||
|
@ -250,21 +303,19 @@
|
|||
#undef ec_GFp_simple_group_get_curve_GFp
|
||||
#define ec_GFp_simple_group_get_curve_GFp ec_GFp_simple_grp_get_curve_GFp
|
||||
#undef ec_GFp_simple_group_clear_finish
|
||||
#define ec_GFp_simple_group_clear_finish ec_GFp_simple_grp_clear_finish
|
||||
#define ec_GFp_simple_group_clear_finish ec_GFp_simple_grp_clear_finish
|
||||
#undef ec_GFp_simple_group_set_generator
|
||||
#define ec_GFp_simple_group_set_generator ec_GFp_simple_grp_set_generator
|
||||
#undef ec_GFp_simple_group_get0_generator
|
||||
#define ec_GFp_simple_group_get0_generator ec_GFp_simple_grp_gt0_generator
|
||||
#undef ec_GFp_simple_group_get_cofactor
|
||||
#define ec_GFp_simple_group_get_cofactor ec_GFp_simple_grp_get_cofactor
|
||||
#define ec_GFp_simple_group_get_cofactor ec_GFp_simple_grp_get_cofactor
|
||||
#undef ec_GFp_simple_point_clear_finish
|
||||
#define ec_GFp_simple_point_clear_finish ec_GFp_simple_pt_clear_finish
|
||||
#define ec_GFp_simple_point_clear_finish ec_GFp_simple_pt_clear_finish
|
||||
#undef ec_GFp_simple_point_set_to_infinity
|
||||
#define ec_GFp_simple_point_set_to_infinity ec_GFp_simple_pt_set_to_inf
|
||||
#undef ec_GFp_simple_points_make_affine
|
||||
#define ec_GFp_simple_points_make_affine ec_GFp_simple_pts_make_affine
|
||||
#undef ec_GFp_simple_group_get_curve_GFp
|
||||
#define ec_GFp_simple_group_get_curve_GFp ec_GFp_simple_grp_get_curve_GFp
|
||||
#define ec_GFp_simple_points_make_affine ec_GFp_simple_pts_make_affine
|
||||
#undef ec_GFp_simple_set_Jprojective_coordinates_GFp
|
||||
#define ec_GFp_simple_set_Jprojective_coordinates_GFp \
|
||||
ec_GFp_smp_set_Jproj_coords_GFp
|
||||
|
@ -342,6 +393,14 @@
|
|||
#undef STORE_method_get_unlock_store_function
|
||||
#define STORE_method_get_unlock_store_function STORE_meth_get_unlock_store_fn
|
||||
|
||||
/* Hack some long TS names */
|
||||
#undef TS_RESP_CTX_set_status_info_cond
|
||||
#define TS_RESP_CTX_set_status_info_cond TS_RESP_CTX_set_stat_info_cond
|
||||
#undef TS_RESP_CTX_set_clock_precision_digits
|
||||
#define TS_RESP_CTX_set_clock_precision_digits TS_RESP_CTX_set_clk_prec_digits
|
||||
#undef TS_CONF_set_clock_precision_digits
|
||||
#define TS_CONF_set_clock_precision_digits TS_CONF_set_clk_prec_digits
|
||||
|
||||
/* Hack some long CMS names */
|
||||
#undef CMS_RecipientInfo_ktri_get0_algs
|
||||
#define CMS_RecipientInfo_ktri_get0_algs CMS_RecipInfo_ktri_get0_algs
|
||||
|
@ -356,24 +415,40 @@
|
|||
#undef cms_SignerIdentifier_get0_signer_id
|
||||
#define cms_SignerIdentifier_get0_signer_id cms_SignerId_get0_signer_id
|
||||
|
||||
/* Hack some long DTLS1 names */
|
||||
#undef dtls1_retransmit_buffered_messages
|
||||
#define dtls1_retransmit_buffered_messages dtls1_retransmit_buffered_msgs
|
||||
|
||||
/* Hack some long SRP names */
|
||||
#undef SRP_generate_server_master_secret
|
||||
#define SRP_generate_server_master_secret SRP_gen_server_master_secret
|
||||
#undef SRP_generate_client_master_secret
|
||||
#define SRP_generate_client_master_secret SRP_gen_client_master_secret
|
||||
|
||||
/* Hack some long UI names */
|
||||
#undef UI_method_get_prompt_constructor
|
||||
#define UI_method_get_prompt_constructor UI_method_get_prompt_constructr
|
||||
#undef UI_method_set_prompt_constructor
|
||||
#define UI_method_set_prompt_constructor UI_method_set_prompt_constructr
|
||||
|
||||
#endif /* defined OPENSSL_SYS_VMS */
|
||||
|
||||
|
||||
/* Case insensiteve linking causes problems.... */
|
||||
#if defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2)
|
||||
/* Case insensitive linking causes problems.... */
|
||||
#if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2)
|
||||
#undef ERR_load_CRYPTO_strings
|
||||
#define ERR_load_CRYPTO_strings ERR_load_CRYPTOlib_strings
|
||||
#undef OCSP_crlID_new
|
||||
#define OCSP_crlID_new OCSP_crlID2_new
|
||||
#define OCSP_crlID_new OCSP_crlID2_new
|
||||
|
||||
#undef d2i_ECPARAMETERS
|
||||
#define d2i_ECPARAMETERS d2i_UC_ECPARAMETERS
|
||||
#define d2i_ECPARAMETERS d2i_UC_ECPARAMETERS
|
||||
#undef i2d_ECPARAMETERS
|
||||
#define i2d_ECPARAMETERS i2d_UC_ECPARAMETERS
|
||||
#define i2d_ECPARAMETERS i2d_UC_ECPARAMETERS
|
||||
#undef d2i_ECPKPARAMETERS
|
||||
#define d2i_ECPKPARAMETERS d2i_UC_ECPKPARAMETERS
|
||||
#define d2i_ECPKPARAMETERS d2i_UC_ECPKPARAMETERS
|
||||
#undef i2d_ECPKPARAMETERS
|
||||
#define i2d_ECPKPARAMETERS i2d_UC_ECPKPARAMETERS
|
||||
#define i2d_ECPKPARAMETERS i2d_UC_ECPKPARAMETERS
|
||||
|
||||
/* These functions do not seem to exist! However, I'm paranoid...
|
||||
Original command in x509v3.h:
|
||||
|
@ -382,19 +457,19 @@
|
|||
hide them a little, by giving them an extra 'o' at the
|
||||
beginning of the name... */
|
||||
#undef X509v3_cleanup_extensions
|
||||
#define X509v3_cleanup_extensions oX509v3_cleanup_extensions
|
||||
#define X509v3_cleanup_extensions oX509v3_cleanup_extensions
|
||||
#undef X509v3_add_extension
|
||||
#define X509v3_add_extension oX509v3_add_extension
|
||||
#define X509v3_add_extension oX509v3_add_extension
|
||||
#undef X509v3_add_netscape_extensions
|
||||
#define X509v3_add_netscape_extensions oX509v3_add_netscape_extensions
|
||||
#define X509v3_add_netscape_extensions oX509v3_add_netscape_extensions
|
||||
#undef X509v3_add_standard_extensions
|
||||
#define X509v3_add_standard_extensions oX509v3_add_standard_extensions
|
||||
#define X509v3_add_standard_extensions oX509v3_add_standard_extensions
|
||||
|
||||
/* This one clashes with CMS_data_create */
|
||||
#undef cms_Data_create
|
||||
#define cms_Data_create priv_cms_Data_create
|
||||
|
||||
#endif
|
||||
|
||||
|
||||
#endif /* ! defined HEADER_VMS_IDHACKS_H */
|
||||
/* This one clashes with CMS_data_create */
|
||||
#undef cms_Data_create
|
||||
#define cms_Data_create priv_cms_Data_create
|
||||
|
|
|
@ -55,6 +55,59 @@
|
|||
* copied and put under another distribution licence
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* openssl-core@openssl.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*
|
||||
* This product includes cryptographic software written by Eric Young
|
||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||
* Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
|
||||
*
|
||||
|
@ -68,6 +121,32 @@
|
|||
* Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
|
||||
*
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright 2005 Nokia. All rights reserved.
|
||||
*
|
||||
* The portions of the attached software ("Contribution") is developed by
|
||||
* Nokia Corporation and is licensed pursuant to the OpenSSL open source
|
||||
* license.
|
||||
*
|
||||
* The Contribution, originally written by Mika Kousa and Pasi Eronen of
|
||||
* Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
|
||||
* support (see RFC 4279) to OpenSSL.
|
||||
*
|
||||
* No patent licenses or other rights except those expressly stated in
|
||||
* the OpenSSL open source license shall be deemed granted or received
|
||||
* expressly, by implication, estoppel, or otherwise.
|
||||
*
|
||||
* No assurances are provided by Nokia that the Contribution does not
|
||||
* infringe the patent or other intellectual property rights of any third
|
||||
* party or that the license provides you with all the necessary rights
|
||||
* to make use of the Contribution.
|
||||
*
|
||||
* THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
|
||||
* ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
|
||||
* SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
|
||||
* OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
|
||||
* OTHERWISE.
|
||||
*/
|
||||
|
||||
#ifndef HEADER_TLS1_H
|
||||
#define HEADER_TLS1_H
|
||||
|
@ -80,10 +159,24 @@ extern "C" {
|
|||
|
||||
#define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 0
|
||||
|
||||
#define TLS1_2_VERSION 0x0303
|
||||
#define TLS1_2_VERSION_MAJOR 0x03
|
||||
#define TLS1_2_VERSION_MINOR 0x03
|
||||
|
||||
#define TLS1_1_VERSION 0x0302
|
||||
#define TLS1_1_VERSION_MAJOR 0x03
|
||||
#define TLS1_1_VERSION_MINOR 0x02
|
||||
|
||||
#define TLS1_VERSION 0x0301
|
||||
#define TLS1_VERSION_MAJOR 0x03
|
||||
#define TLS1_VERSION_MINOR 0x01
|
||||
|
||||
#define TLS1_get_version(s) \
|
||||
((s->version >> 8) == TLS1_VERSION_MAJOR ? s->version : 0)
|
||||
|
||||
#define TLS1_get_client_version(s) \
|
||||
((s->client_version >> 8) == TLS1_VERSION_MAJOR ? s->client_version : 0)
|
||||
|
||||
#define TLS1_AD_DECRYPTION_FAILED 21
|
||||
#define TLS1_AD_RECORD_OVERFLOW 22
|
||||
#define TLS1_AD_UNKNOWN_CA 48 /* fatal */
|
||||
|
@ -104,28 +197,100 @@ extern "C" {
|
|||
#define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE 114
|
||||
#define TLS1_AD_UNKNOWN_PSK_IDENTITY 115 /* fatal */
|
||||
|
||||
/* ExtensionType values from RFC 3546 */
|
||||
/* ExtensionType values from RFC3546 / RFC4366 / RFC6066 */
|
||||
#define TLSEXT_TYPE_server_name 0
|
||||
#define TLSEXT_TYPE_max_fragment_length 1
|
||||
#define TLSEXT_TYPE_client_certificate_url 2
|
||||
#define TLSEXT_TYPE_trusted_ca_keys 3
|
||||
#define TLSEXT_TYPE_truncated_hmac 4
|
||||
#define TLSEXT_TYPE_status_request 5
|
||||
/* ExtensionType values from RFC4681 */
|
||||
#define TLSEXT_TYPE_user_mapping 6
|
||||
|
||||
/* ExtensionType values from RFC5878 */
|
||||
#define TLSEXT_TYPE_client_authz 7
|
||||
#define TLSEXT_TYPE_server_authz 8
|
||||
|
||||
/* ExtensionType values from RFC6091 */
|
||||
#define TLSEXT_TYPE_cert_type 9
|
||||
|
||||
/* ExtensionType values from RFC4492 */
|
||||
#define TLSEXT_TYPE_elliptic_curves 10
|
||||
#define TLSEXT_TYPE_ec_point_formats 11
|
||||
|
||||
/* ExtensionType value from RFC5054 */
|
||||
#define TLSEXT_TYPE_srp 12
|
||||
|
||||
/* ExtensionType values from RFC5246 */
|
||||
#define TLSEXT_TYPE_signature_algorithms 13
|
||||
|
||||
/* ExtensionType value from RFC5764 */
|
||||
#define TLSEXT_TYPE_use_srtp 14
|
||||
|
||||
/* ExtensionType value from RFC5620 */
|
||||
#define TLSEXT_TYPE_heartbeat 15
|
||||
|
||||
/* ExtensionType value from RFC4507 */
|
||||
#define TLSEXT_TYPE_session_ticket 35
|
||||
|
||||
/* ExtensionType value from draft-rescorla-tls-opaque-prf-input-00.txt */
|
||||
#if 0 /* will have to be provided externally for now ,
|
||||
* i.e. build with -DTLSEXT_TYPE_opaque_prf_input=38183
|
||||
* using whatever extension number you'd like to try */
|
||||
# define TLSEXT_TYPE_opaque_prf_input ?? */
|
||||
#endif
|
||||
|
||||
/* Temporary extension type */
|
||||
#define TLSEXT_TYPE_renegotiate 0xff01
|
||||
|
||||
#ifndef OPENSSL_NO_NEXTPROTONEG
|
||||
/* This is not an IANA defined extension number */
|
||||
#define TLSEXT_TYPE_next_proto_neg 13172
|
||||
#endif
|
||||
|
||||
/* NameType value from RFC 3546 */
|
||||
#define TLSEXT_NAMETYPE_host_name 0
|
||||
/* status request value from RFC 3546 */
|
||||
#define TLSEXT_STATUSTYPE_ocsp 1
|
||||
|
||||
/* ECPointFormat values from draft-ietf-tls-ecc-12 */
|
||||
#define TLSEXT_ECPOINTFORMAT_first 0
|
||||
#define TLSEXT_ECPOINTFORMAT_uncompressed 0
|
||||
#define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime 1
|
||||
#define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2 2
|
||||
#define TLSEXT_ECPOINTFORMAT_last 2
|
||||
|
||||
/* Signature and hash algorithms from RFC 5246 */
|
||||
|
||||
#define TLSEXT_signature_anonymous 0
|
||||
#define TLSEXT_signature_rsa 1
|
||||
#define TLSEXT_signature_dsa 2
|
||||
#define TLSEXT_signature_ecdsa 3
|
||||
|
||||
#define TLSEXT_hash_none 0
|
||||
#define TLSEXT_hash_md5 1
|
||||
#define TLSEXT_hash_sha1 2
|
||||
#define TLSEXT_hash_sha224 3
|
||||
#define TLSEXT_hash_sha256 4
|
||||
#define TLSEXT_hash_sha384 5
|
||||
#define TLSEXT_hash_sha512 6
|
||||
|
||||
#ifndef OPENSSL_NO_TLSEXT
|
||||
|
||||
#define TLSEXT_MAXLEN_host_name 255
|
||||
|
||||
const char *SSL_get_servername(const SSL *s, const int type) ;
|
||||
int SSL_get_servername_type(const SSL *s) ;
|
||||
const char *SSL_get_servername(const SSL *s, const int type);
|
||||
int SSL_get_servername_type(const SSL *s);
|
||||
/* SSL_export_keying_material exports a value derived from the master secret,
|
||||
* as specified in RFC 5705. It writes |olen| bytes to |out| given a label and
|
||||
* optional context. (Since a zero length context is allowed, the |use_context|
|
||||
* flag controls whether a context is included.)
|
||||
*
|
||||
* It returns 1 on success and zero otherwise.
|
||||
*/
|
||||
int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
|
||||
const char *label, size_t llen, const unsigned char *p, size_t plen,
|
||||
int use_context);
|
||||
|
||||
#define SSL_set_tlsext_host_name(s,name) \
|
||||
SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name,(char *)name)
|
||||
|
@ -169,9 +334,9 @@ SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_CB,(void (*)(void))cb)
|
|||
SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG,0, (void *)arg)
|
||||
|
||||
#define SSL_CTX_get_tlsext_ticket_keys(ctx, keys, keylen) \
|
||||
SSL_CTX_ctrl((ctx),SSL_CTRL_GET_TLXEXT_TICKET_KEYS,(keylen),(keys))
|
||||
SSL_CTX_ctrl((ctx),SSL_CTRL_GET_TLSEXT_TICKET_KEYS,(keylen),(keys))
|
||||
#define SSL_CTX_set_tlsext_ticket_keys(ctx, keys, keylen) \
|
||||
SSL_CTX_ctrl((ctx),SSL_CTRL_SET_TLXEXT_TICKET_KEYS,(keylen),(keys))
|
||||
SSL_CTX_ctrl((ctx),SSL_CTRL_SET_TLSEXT_TICKET_KEYS,(keylen),(keys))
|
||||
|
||||
#define SSL_CTX_set_tlsext_status_cb(ssl, cb) \
|
||||
SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB,(void (*)(void))cb)
|
||||
|
@ -179,17 +344,41 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB,(void (*)(void))cb)
|
|||
#define SSL_CTX_set_tlsext_status_arg(ssl, arg) \
|
||||
SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG,0, (void *)arg)
|
||||
|
||||
#define SSL_set_tlsext_opaque_prf_input(s, src, len) \
|
||||
SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT, len, src)
|
||||
#define SSL_CTX_set_tlsext_opaque_prf_input_callback(ctx, cb) \
|
||||
SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB, (void (*)(void))cb)
|
||||
#define SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(ctx, arg) \
|
||||
SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG, 0, arg)
|
||||
|
||||
#define SSL_CTX_set_tlsext_ticket_key_cb(ssl, cb) \
|
||||
SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
|
||||
|
||||
#ifndef OPENSSL_NO_HEARTBEATS
|
||||
#define SSL_TLSEXT_HB_ENABLED 0x01
|
||||
#define SSL_TLSEXT_HB_DONT_SEND_REQUESTS 0x02
|
||||
#define SSL_TLSEXT_HB_DONT_RECV_REQUESTS 0x04
|
||||
|
||||
#define SSL_get_tlsext_heartbeat_pending(ssl) \
|
||||
SSL_ctrl((ssl),SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING,0,NULL)
|
||||
#define SSL_set_tlsext_heartbeat_no_requests(ssl, arg) \
|
||||
SSL_ctrl((ssl),SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS,arg,NULL)
|
||||
#endif
|
||||
#endif
|
||||
|
||||
/* Additional TLS ciphersuites from draft-ietf-tls-56-bit-ciphersuites-00.txt
|
||||
/* PSK ciphersuites from 4279 */
|
||||
#define TLS1_CK_PSK_WITH_RC4_128_SHA 0x0300008A
|
||||
#define TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA 0x0300008B
|
||||
#define TLS1_CK_PSK_WITH_AES_128_CBC_SHA 0x0300008C
|
||||
#define TLS1_CK_PSK_WITH_AES_256_CBC_SHA 0x0300008D
|
||||
|
||||
/* Additional TLS ciphersuites from expired Internet Draft
|
||||
* draft-ietf-tls-56-bit-ciphersuites-01.txt
|
||||
* (available if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES is defined, see
|
||||
* s3_lib.c). We actually treat them like SSL 3.0 ciphers, which we probably
|
||||
* shouldn't. */
|
||||
#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5 0x03000060
|
||||
#define TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 0x03000061
|
||||
* shouldn't. Note that the first two are actually not in the IDs. */
|
||||
#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5 0x03000060 /* not in ID */
|
||||
#define TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 0x03000061 /* not in ID */
|
||||
#define TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA 0x03000062
|
||||
#define TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA 0x03000063
|
||||
#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA 0x03000064
|
||||
|
@ -212,6 +401,14 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
|
|||
#define TLS1_CK_DHE_RSA_WITH_AES_256_SHA 0x03000039
|
||||
#define TLS1_CK_ADH_WITH_AES_256_SHA 0x0300003A
|
||||
|
||||
/* TLS v1.2 ciphersuites */
|
||||
#define TLS1_CK_RSA_WITH_NULL_SHA256 0x0300003B
|
||||
#define TLS1_CK_RSA_WITH_AES_128_SHA256 0x0300003C
|
||||
#define TLS1_CK_RSA_WITH_AES_256_SHA256 0x0300003D
|
||||
#define TLS1_CK_DH_DSS_WITH_AES_128_SHA256 0x0300003E
|
||||
#define TLS1_CK_DH_RSA_WITH_AES_128_SHA256 0x0300003F
|
||||
#define TLS1_CK_DHE_DSS_WITH_AES_128_SHA256 0x03000040
|
||||
|
||||
/* Camellia ciphersuites from RFC4132 */
|
||||
#define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000041
|
||||
#define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA 0x03000042
|
||||
|
@ -220,6 +417,16 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
|
|||
#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000045
|
||||
#define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA 0x03000046
|
||||
|
||||
/* TLS v1.2 ciphersuites */
|
||||
#define TLS1_CK_DHE_RSA_WITH_AES_128_SHA256 0x03000067
|
||||
#define TLS1_CK_DH_DSS_WITH_AES_256_SHA256 0x03000068
|
||||
#define TLS1_CK_DH_RSA_WITH_AES_256_SHA256 0x03000069
|
||||
#define TLS1_CK_DHE_DSS_WITH_AES_256_SHA256 0x0300006A
|
||||
#define TLS1_CK_DHE_RSA_WITH_AES_256_SHA256 0x0300006B
|
||||
#define TLS1_CK_ADH_WITH_AES_128_SHA256 0x0300006C
|
||||
#define TLS1_CK_ADH_WITH_AES_256_SHA256 0x0300006D
|
||||
|
||||
/* Camellia ciphersuites from RFC4132 */
|
||||
#define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000084
|
||||
#define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA 0x03000085
|
||||
#define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000086
|
||||
|
@ -235,6 +442,20 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
|
|||
#define TLS1_CK_DHE_RSA_WITH_SEED_SHA 0x0300009A
|
||||
#define TLS1_CK_ADH_WITH_SEED_SHA 0x0300009B
|
||||
|
||||
/* TLS v1.2 GCM ciphersuites from RFC5288 */
|
||||
#define TLS1_CK_RSA_WITH_AES_128_GCM_SHA256 0x0300009C
|
||||
#define TLS1_CK_RSA_WITH_AES_256_GCM_SHA384 0x0300009D
|
||||
#define TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256 0x0300009E
|
||||
#define TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384 0x0300009F
|
||||
#define TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256 0x030000A0
|
||||
#define TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384 0x030000A1
|
||||
#define TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256 0x030000A2
|
||||
#define TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384 0x030000A3
|
||||
#define TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256 0x030000A4
|
||||
#define TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384 0x030000A5
|
||||
#define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256 0x030000A6
|
||||
#define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384 0x030000A7
|
||||
|
||||
/* ECC ciphersuites from draft-ietf-tls-ecc-12.txt with changes soon to be in draft 13 */
|
||||
#define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA 0x0300C001
|
||||
#define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA 0x0300C002
|
||||
|
@ -266,6 +487,38 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
|
|||
#define TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA 0x0300C018
|
||||
#define TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA 0x0300C019
|
||||
|
||||
/* SRP ciphersuites from RFC 5054 */
|
||||
#define TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA 0x0300C01A
|
||||
#define TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA 0x0300C01B
|
||||
#define TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA 0x0300C01C
|
||||
#define TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA 0x0300C01D
|
||||
#define TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA 0x0300C01E
|
||||
#define TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA 0x0300C01F
|
||||
#define TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA 0x0300C020
|
||||
#define TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA 0x0300C021
|
||||
#define TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA 0x0300C022
|
||||
|
||||
/* ECDH HMAC based ciphersuites from RFC5289 */
|
||||
|
||||
#define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256 0x0300C023
|
||||
#define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384 0x0300C024
|
||||
#define TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256 0x0300C025
|
||||
#define TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384 0x0300C026
|
||||
#define TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256 0x0300C027
|
||||
#define TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384 0x0300C028
|
||||
#define TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256 0x0300C029
|
||||
#define TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384 0x0300C02A
|
||||
|
||||
/* ECDH GCM based ciphersuites from RFC5289 */
|
||||
#define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0x0300C02B
|
||||
#define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0x0300C02C
|
||||
#define TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0x0300C02D
|
||||
#define TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0x0300C02E
|
||||
#define TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0x0300C02F
|
||||
#define TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0x0300C030
|
||||
#define TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256 0x0300C031
|
||||
#define TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384 0x0300C032
|
||||
|
||||
/* XXX
|
||||
* Inconsistency alert:
|
||||
* The OpenSSL names of ciphers with ephemeral DH here include the string
|
||||
|
@ -327,6 +580,23 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
|
|||
#define TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA "AECDH-AES128-SHA"
|
||||
#define TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA "AECDH-AES256-SHA"
|
||||
|
||||
/* PSK ciphersuites from RFC 4279 */
|
||||
#define TLS1_TXT_PSK_WITH_RC4_128_SHA "PSK-RC4-SHA"
|
||||
#define TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA "PSK-3DES-EDE-CBC-SHA"
|
||||
#define TLS1_TXT_PSK_WITH_AES_128_CBC_SHA "PSK-AES128-CBC-SHA"
|
||||
#define TLS1_TXT_PSK_WITH_AES_256_CBC_SHA "PSK-AES256-CBC-SHA"
|
||||
|
||||
/* SRP ciphersuite from RFC 5054 */
|
||||
#define TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA "SRP-3DES-EDE-CBC-SHA"
|
||||
#define TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA "SRP-RSA-3DES-EDE-CBC-SHA"
|
||||
#define TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA "SRP-DSS-3DES-EDE-CBC-SHA"
|
||||
#define TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA "SRP-AES-128-CBC-SHA"
|
||||
#define TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA "SRP-RSA-AES-128-CBC-SHA"
|
||||
#define TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA "SRP-DSS-AES-128-CBC-SHA"
|
||||
#define TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA "SRP-AES-256-CBC-SHA"
|
||||
#define TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA "SRP-RSA-AES-256-CBC-SHA"
|
||||
#define TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA "SRP-DSS-AES-256-CBC-SHA"
|
||||
|
||||
/* Camellia ciphersuites from RFC4132 */
|
||||
#define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA "CAMELLIA128-SHA"
|
||||
#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA "DH-DSS-CAMELLIA128-SHA"
|
||||
|
@ -350,6 +620,56 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
|
|||
#define TLS1_TXT_DHE_RSA_WITH_SEED_SHA "DHE-RSA-SEED-SHA"
|
||||
#define TLS1_TXT_ADH_WITH_SEED_SHA "ADH-SEED-SHA"
|
||||
|
||||
/* TLS v1.2 ciphersuites */
|
||||
#define TLS1_TXT_RSA_WITH_NULL_SHA256 "NULL-SHA256"
|
||||
#define TLS1_TXT_RSA_WITH_AES_128_SHA256 "AES128-SHA256"
|
||||
#define TLS1_TXT_RSA_WITH_AES_256_SHA256 "AES256-SHA256"
|
||||
#define TLS1_TXT_DH_DSS_WITH_AES_128_SHA256 "DH-DSS-AES128-SHA256"
|
||||
#define TLS1_TXT_DH_RSA_WITH_AES_128_SHA256 "DH-RSA-AES128-SHA256"
|
||||
#define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256 "DHE-DSS-AES128-SHA256"
|
||||
#define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256 "DHE-RSA-AES128-SHA256"
|
||||
#define TLS1_TXT_DH_DSS_WITH_AES_256_SHA256 "DH-DSS-AES256-SHA256"
|
||||
#define TLS1_TXT_DH_RSA_WITH_AES_256_SHA256 "DH-RSA-AES256-SHA256"
|
||||
#define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256 "DHE-DSS-AES256-SHA256"
|
||||
#define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256 "DHE-RSA-AES256-SHA256"
|
||||
#define TLS1_TXT_ADH_WITH_AES_128_SHA256 "ADH-AES128-SHA256"
|
||||
#define TLS1_TXT_ADH_WITH_AES_256_SHA256 "ADH-AES256-SHA256"
|
||||
|
||||
/* TLS v1.2 GCM ciphersuites from RFC5288 */
|
||||
#define TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256 "AES128-GCM-SHA256"
|
||||
#define TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384 "AES256-GCM-SHA384"
|
||||
#define TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256 "DHE-RSA-AES128-GCM-SHA256"
|
||||
#define TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384 "DHE-RSA-AES256-GCM-SHA384"
|
||||
#define TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256 "DH-RSA-AES128-GCM-SHA256"
|
||||
#define TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384 "DH-RSA-AES256-GCM-SHA384"
|
||||
#define TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256 "DHE-DSS-AES128-GCM-SHA256"
|
||||
#define TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384 "DHE-DSS-AES256-GCM-SHA384"
|
||||
#define TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256 "DH-DSS-AES128-GCM-SHA256"
|
||||
#define TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384 "DH-DSS-AES256-GCM-SHA384"
|
||||
#define TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256 "ADH-AES128-GCM-SHA256"
|
||||
#define TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384 "ADH-AES256-GCM-SHA384"
|
||||
|
||||
/* ECDH HMAC based ciphersuites from RFC5289 */
|
||||
|
||||
#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256 "ECDHE-ECDSA-AES128-SHA256"
|
||||
#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384 "ECDHE-ECDSA-AES256-SHA384"
|
||||
#define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256 "ECDH-ECDSA-AES128-SHA256"
|
||||
#define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384 "ECDH-ECDSA-AES256-SHA384"
|
||||
#define TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256 "ECDHE-RSA-AES128-SHA256"
|
||||
#define TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384 "ECDHE-RSA-AES256-SHA384"
|
||||
#define TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256 "ECDH-RSA-AES128-SHA256"
|
||||
#define TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384 "ECDH-RSA-AES256-SHA384"
|
||||
|
||||
/* ECDH GCM based ciphersuites from RFC5289 */
|
||||
#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 "ECDHE-ECDSA-AES128-GCM-SHA256"
|
||||
#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 "ECDHE-ECDSA-AES256-GCM-SHA384"
|
||||
#define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 "ECDH-ECDSA-AES128-GCM-SHA256"
|
||||
#define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 "ECDH-ECDSA-AES256-GCM-SHA384"
|
||||
#define TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256 "ECDHE-RSA-AES128-GCM-SHA256"
|
||||
#define TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384 "ECDHE-RSA-AES256-GCM-SHA384"
|
||||
#define TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256 "ECDH-RSA-AES128-GCM-SHA256"
|
||||
#define TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384 "ECDH-RSA-AES256-GCM-SHA384"
|
||||
|
||||
#define TLS_CT_RSA_SIGN 1
|
||||
#define TLS_CT_DSS_SIGN 2
|
||||
#define TLS_CT_RSA_FIXED_DH 3
|
||||
|
@ -357,7 +677,11 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
|
|||
#define TLS_CT_ECDSA_SIGN 64
|
||||
#define TLS_CT_RSA_FIXED_ECDH 65
|
||||
#define TLS_CT_ECDSA_FIXED_ECDH 66
|
||||
#define TLS_CT_NUMBER 7
|
||||
#define TLS_CT_GOST94_SIGN 21
|
||||
#define TLS_CT_GOST01_SIGN 22
|
||||
/* when correcting this number, correct also SSL3_CT_NUMBER in ssl3.h (see
|
||||
* comment there) */
|
||||
#define TLS_CT_NUMBER 9
|
||||
|
||||
#define TLS1_FINISH_MAC_LENGTH 12
|
||||
|
||||
|
@ -398,10 +722,14 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
|
|||
#define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74" /*master secret*/
|
||||
#endif
|
||||
|
||||
/* TLS Session Ticket extension struct */
|
||||
struct tls_session_ticket_ext_st
|
||||
{
|
||||
unsigned short length;
|
||||
void *data;
|
||||
};
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
#endif
|
||||
|
||||
|
||||
|
||||
|
|
|
@ -0,0 +1,858 @@
|
|||
/* crypto/ts/ts.h */
|
||||
/* Written by Zoltan Glozik (zglozik@opentsa.org) for the OpenSSL
|
||||
* project 2002, 2003, 2004.
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* licensing@OpenSSL.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*
|
||||
* This product includes cryptographic software written by Eric Young
|
||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||
* Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
*/
|
||||
|
||||
#ifndef HEADER_TS_H
|
||||
#define HEADER_TS_H
|
||||
|
||||
#include <openssl/opensslconf.h>
|
||||
#include <openssl/symhacks.h>
|
||||
#ifndef OPENSSL_NO_BUFFER
|
||||
#include <openssl/buffer.h>
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_EVP
|
||||
#include <openssl/evp.h>
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_BIO
|
||||
#include <openssl/bio.h>
|
||||
#endif
|
||||
#include <openssl/stack.h>
|
||||
#include <openssl/asn1.h>
|
||||
#include <openssl/safestack.h>
|
||||
|
||||
#ifndef OPENSSL_NO_RSA
|
||||
#include <openssl/rsa.h>
|
||||
#endif
|
||||
|
||||
#ifndef OPENSSL_NO_DSA
|
||||
#include <openssl/dsa.h>
|
||||
#endif
|
||||
|
||||
#ifndef OPENSSL_NO_DH
|
||||
#include <openssl/dh.h>
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
#ifdef WIN32
|
||||
/* Under Win32 this is defined in wincrypt.h */
|
||||
#undef X509_NAME
|
||||
#endif
|
||||
|
||||
#include <openssl/x509.h>
|
||||
#include <openssl/x509v3.h>
|
||||
|
||||
/*
|
||||
MessageImprint ::= SEQUENCE {
|
||||
hashAlgorithm AlgorithmIdentifier,
|
||||
hashedMessage OCTET STRING }
|
||||
*/
|
||||
|
||||
typedef struct TS_msg_imprint_st
|
||||
{
|
||||
X509_ALGOR *hash_algo;
|
||||
ASN1_OCTET_STRING *hashed_msg;
|
||||
} TS_MSG_IMPRINT;
|
||||
|
||||
/*
|
||||
TimeStampReq ::= SEQUENCE {
|
||||
version INTEGER { v1(1) },
|
||||
messageImprint MessageImprint,
|
||||
--a hash algorithm OID and the hash value of the data to be
|
||||
--time-stamped
|
||||
reqPolicy TSAPolicyId OPTIONAL,
|
||||
nonce INTEGER OPTIONAL,
|
||||
certReq BOOLEAN DEFAULT FALSE,
|
||||
extensions [0] IMPLICIT Extensions OPTIONAL }
|
||||
*/
|
||||
|
||||
typedef struct TS_req_st
|
||||
{
|
||||
ASN1_INTEGER *version;
|
||||
TS_MSG_IMPRINT *msg_imprint;
|
||||
ASN1_OBJECT *policy_id; /* OPTIONAL */
|
||||
ASN1_INTEGER *nonce; /* OPTIONAL */
|
||||
ASN1_BOOLEAN cert_req; /* DEFAULT FALSE */
|
||||
STACK_OF(X509_EXTENSION) *extensions; /* [0] OPTIONAL */
|
||||
} TS_REQ;
|
||||
|
||||
/*
|
||||
Accuracy ::= SEQUENCE {
|
||||
seconds INTEGER OPTIONAL,
|
||||
millis [0] INTEGER (1..999) OPTIONAL,
|
||||
micros [1] INTEGER (1..999) OPTIONAL }
|
||||
*/
|
||||
|
||||
typedef struct TS_accuracy_st
|
||||
{
|
||||
ASN1_INTEGER *seconds;
|
||||
ASN1_INTEGER *millis;
|
||||
ASN1_INTEGER *micros;
|
||||
} TS_ACCURACY;
|
||||
|
||||
/*
|
||||
TSTInfo ::= SEQUENCE {
|
||||
version INTEGER { v1(1) },
|
||||
policy TSAPolicyId,
|
||||
messageImprint MessageImprint,
|
||||
-- MUST have the same value as the similar field in
|
||||
-- TimeStampReq
|
||||
serialNumber INTEGER,
|
||||
-- Time-Stamping users MUST be ready to accommodate integers
|
||||
-- up to 160 bits.
|
||||
genTime GeneralizedTime,
|
||||
accuracy Accuracy OPTIONAL,
|
||||
ordering BOOLEAN DEFAULT FALSE,
|
||||
nonce INTEGER OPTIONAL,
|
||||
-- MUST be present if the similar field was present
|
||||
-- in TimeStampReq. In that case it MUST have the same value.
|
||||
tsa [0] GeneralName OPTIONAL,
|
||||
extensions [1] IMPLICIT Extensions OPTIONAL }
|
||||
*/
|
||||
|
||||
typedef struct TS_tst_info_st
|
||||
{
|
||||
ASN1_INTEGER *version;
|
||||
ASN1_OBJECT *policy_id;
|
||||
TS_MSG_IMPRINT *msg_imprint;
|
||||
ASN1_INTEGER *serial;
|
||||
ASN1_GENERALIZEDTIME *time;
|
||||
TS_ACCURACY *accuracy;
|
||||
ASN1_BOOLEAN ordering;
|
||||
ASN1_INTEGER *nonce;
|
||||
GENERAL_NAME *tsa;
|
||||
STACK_OF(X509_EXTENSION) *extensions;
|
||||
} TS_TST_INFO;
|
||||
|
||||
/*
|
||||
PKIStatusInfo ::= SEQUENCE {
|
||||
status PKIStatus,
|
||||
statusString PKIFreeText OPTIONAL,
|
||||
failInfo PKIFailureInfo OPTIONAL }
|
||||
|
||||
From RFC 1510 - section 3.1.1:
|
||||
PKIFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String
|
||||
-- text encoded as UTF-8 String (note: each UTF8String SHOULD
|
||||
-- include an RFC 1766 language tag to indicate the language
|
||||
-- of the contained text)
|
||||
*/
|
||||
|
||||
/* Possible values for status. See ts_resp_print.c && ts_resp_verify.c. */
|
||||
|
||||
#define TS_STATUS_GRANTED 0
|
||||
#define TS_STATUS_GRANTED_WITH_MODS 1
|
||||
#define TS_STATUS_REJECTION 2
|
||||
#define TS_STATUS_WAITING 3
|
||||
#define TS_STATUS_REVOCATION_WARNING 4
|
||||
#define TS_STATUS_REVOCATION_NOTIFICATION 5
|
||||
|
||||
/* Possible values for failure_info. See ts_resp_print.c && ts_resp_verify.c */
|
||||
|
||||
#define TS_INFO_BAD_ALG 0
|
||||
#define TS_INFO_BAD_REQUEST 2
|
||||
#define TS_INFO_BAD_DATA_FORMAT 5
|
||||
#define TS_INFO_TIME_NOT_AVAILABLE 14
|
||||
#define TS_INFO_UNACCEPTED_POLICY 15
|
||||
#define TS_INFO_UNACCEPTED_EXTENSION 16
|
||||
#define TS_INFO_ADD_INFO_NOT_AVAILABLE 17
|
||||
#define TS_INFO_SYSTEM_FAILURE 25
|
||||
|
||||
typedef struct TS_status_info_st
|
||||
{
|
||||
ASN1_INTEGER *status;
|
||||
STACK_OF(ASN1_UTF8STRING) *text;
|
||||
ASN1_BIT_STRING *failure_info;
|
||||
} TS_STATUS_INFO;
|
||||
|
||||
DECLARE_STACK_OF(ASN1_UTF8STRING)
|
||||
DECLARE_ASN1_SET_OF(ASN1_UTF8STRING)
|
||||
|
||||
/*
|
||||
TimeStampResp ::= SEQUENCE {
|
||||
status PKIStatusInfo,
|
||||
timeStampToken TimeStampToken OPTIONAL }
|
||||
*/
|
||||
|
||||
typedef struct TS_resp_st
|
||||
{
|
||||
TS_STATUS_INFO *status_info;
|
||||
PKCS7 *token;
|
||||
TS_TST_INFO *tst_info;
|
||||
} TS_RESP;
|
||||
|
||||
/* The structure below would belong to the ESS component. */
|
||||
|
||||
/*
|
||||
IssuerSerial ::= SEQUENCE {
|
||||
issuer GeneralNames,
|
||||
serialNumber CertificateSerialNumber
|
||||
}
|
||||
*/
|
||||
|
||||
typedef struct ESS_issuer_serial
|
||||
{
|
||||
STACK_OF(GENERAL_NAME) *issuer;
|
||||
ASN1_INTEGER *serial;
|
||||
} ESS_ISSUER_SERIAL;
|
||||
|
||||
/*
|
||||
ESSCertID ::= SEQUENCE {
|
||||
certHash Hash,
|
||||
issuerSerial IssuerSerial OPTIONAL
|
||||
}
|
||||
*/
|
||||
|
||||
typedef struct ESS_cert_id
|
||||
{
|
||||
ASN1_OCTET_STRING *hash; /* Always SHA-1 digest. */
|
||||
ESS_ISSUER_SERIAL *issuer_serial;
|
||||
} ESS_CERT_ID;
|
||||
|
||||
DECLARE_STACK_OF(ESS_CERT_ID)
|
||||
DECLARE_ASN1_SET_OF(ESS_CERT_ID)
|
||||
|
||||
/*
|
||||
SigningCertificate ::= SEQUENCE {
|
||||
certs SEQUENCE OF ESSCertID,
|
||||
policies SEQUENCE OF PolicyInformation OPTIONAL
|
||||
}
|
||||
*/
|
||||
|
||||
typedef struct ESS_signing_cert
|
||||
{
|
||||
STACK_OF(ESS_CERT_ID) *cert_ids;
|
||||
STACK_OF(POLICYINFO) *policy_info;
|
||||
} ESS_SIGNING_CERT;
|
||||
|
||||
|
||||
TS_REQ *TS_REQ_new(void);
|
||||
void TS_REQ_free(TS_REQ *a);
|
||||
int i2d_TS_REQ(const TS_REQ *a, unsigned char **pp);
|
||||
TS_REQ *d2i_TS_REQ(TS_REQ **a, const unsigned char **pp, long length);
|
||||
|
||||
TS_REQ *TS_REQ_dup(TS_REQ *a);
|
||||
|
||||
TS_REQ *d2i_TS_REQ_fp(FILE *fp, TS_REQ **a);
|
||||
int i2d_TS_REQ_fp(FILE *fp, TS_REQ *a);
|
||||
TS_REQ *d2i_TS_REQ_bio(BIO *fp, TS_REQ **a);
|
||||
int i2d_TS_REQ_bio(BIO *fp, TS_REQ *a);
|
||||
|
||||
TS_MSG_IMPRINT *TS_MSG_IMPRINT_new(void);
|
||||
void TS_MSG_IMPRINT_free(TS_MSG_IMPRINT *a);
|
||||
int i2d_TS_MSG_IMPRINT(const TS_MSG_IMPRINT *a, unsigned char **pp);
|
||||
TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT(TS_MSG_IMPRINT **a,
|
||||
const unsigned char **pp, long length);
|
||||
|
||||
TS_MSG_IMPRINT *TS_MSG_IMPRINT_dup(TS_MSG_IMPRINT *a);
|
||||
|
||||
TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT **a);
|
||||
int i2d_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT *a);
|
||||
TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_bio(BIO *fp, TS_MSG_IMPRINT **a);
|
||||
int i2d_TS_MSG_IMPRINT_bio(BIO *fp, TS_MSG_IMPRINT *a);
|
||||
|
||||
TS_RESP *TS_RESP_new(void);
|
||||
void TS_RESP_free(TS_RESP *a);
|
||||
int i2d_TS_RESP(const TS_RESP *a, unsigned char **pp);
|
||||
TS_RESP *d2i_TS_RESP(TS_RESP **a, const unsigned char **pp, long length);
|
||||
TS_TST_INFO *PKCS7_to_TS_TST_INFO(PKCS7 *token);
|
||||
TS_RESP *TS_RESP_dup(TS_RESP *a);
|
||||
|
||||
TS_RESP *d2i_TS_RESP_fp(FILE *fp, TS_RESP **a);
|
||||
int i2d_TS_RESP_fp(FILE *fp, TS_RESP *a);
|
||||
TS_RESP *d2i_TS_RESP_bio(BIO *fp, TS_RESP **a);
|
||||
int i2d_TS_RESP_bio(BIO *fp, TS_RESP *a);
|
||||
|
||||
TS_STATUS_INFO *TS_STATUS_INFO_new(void);
|
||||
void TS_STATUS_INFO_free(TS_STATUS_INFO *a);
|
||||
int i2d_TS_STATUS_INFO(const TS_STATUS_INFO *a, unsigned char **pp);
|
||||
TS_STATUS_INFO *d2i_TS_STATUS_INFO(TS_STATUS_INFO **a,
|
||||
const unsigned char **pp, long length);
|
||||
TS_STATUS_INFO *TS_STATUS_INFO_dup(TS_STATUS_INFO *a);
|
||||
|
||||
TS_TST_INFO *TS_TST_INFO_new(void);
|
||||
void TS_TST_INFO_free(TS_TST_INFO *a);
|
||||
int i2d_TS_TST_INFO(const TS_TST_INFO *a, unsigned char **pp);
|
||||
TS_TST_INFO *d2i_TS_TST_INFO(TS_TST_INFO **a, const unsigned char **pp,
|
||||
long length);
|
||||
TS_TST_INFO *TS_TST_INFO_dup(TS_TST_INFO *a);
|
||||
|
||||
TS_TST_INFO *d2i_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO **a);
|
||||
int i2d_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO *a);
|
||||
TS_TST_INFO *d2i_TS_TST_INFO_bio(BIO *fp, TS_TST_INFO **a);
|
||||
int i2d_TS_TST_INFO_bio(BIO *fp, TS_TST_INFO *a);
|
||||
|
||||
TS_ACCURACY *TS_ACCURACY_new(void);
|
||||
void TS_ACCURACY_free(TS_ACCURACY *a);
|
||||
int i2d_TS_ACCURACY(const TS_ACCURACY *a, unsigned char **pp);
|
||||
TS_ACCURACY *d2i_TS_ACCURACY(TS_ACCURACY **a, const unsigned char **pp,
|
||||
long length);
|
||||
TS_ACCURACY *TS_ACCURACY_dup(TS_ACCURACY *a);
|
||||
|
||||
ESS_ISSUER_SERIAL *ESS_ISSUER_SERIAL_new(void);
|
||||
void ESS_ISSUER_SERIAL_free(ESS_ISSUER_SERIAL *a);
|
||||
int i2d_ESS_ISSUER_SERIAL(const ESS_ISSUER_SERIAL *a,
|
||||
unsigned char **pp);
|
||||
ESS_ISSUER_SERIAL *d2i_ESS_ISSUER_SERIAL(ESS_ISSUER_SERIAL **a,
|
||||
const unsigned char **pp, long length);
|
||||
ESS_ISSUER_SERIAL *ESS_ISSUER_SERIAL_dup(ESS_ISSUER_SERIAL *a);
|
||||
|
||||
ESS_CERT_ID *ESS_CERT_ID_new(void);
|
||||
void ESS_CERT_ID_free(ESS_CERT_ID *a);
|
||||
int i2d_ESS_CERT_ID(const ESS_CERT_ID *a, unsigned char **pp);
|
||||
ESS_CERT_ID *d2i_ESS_CERT_ID(ESS_CERT_ID **a, const unsigned char **pp,
|
||||
long length);
|
||||
ESS_CERT_ID *ESS_CERT_ID_dup(ESS_CERT_ID *a);
|
||||
|
||||
ESS_SIGNING_CERT *ESS_SIGNING_CERT_new(void);
|
||||
void ESS_SIGNING_CERT_free(ESS_SIGNING_CERT *a);
|
||||
int i2d_ESS_SIGNING_CERT(const ESS_SIGNING_CERT *a,
|
||||
unsigned char **pp);
|
||||
ESS_SIGNING_CERT *d2i_ESS_SIGNING_CERT(ESS_SIGNING_CERT **a,
|
||||
const unsigned char **pp, long length);
|
||||
ESS_SIGNING_CERT *ESS_SIGNING_CERT_dup(ESS_SIGNING_CERT *a);
|
||||
|
||||
void ERR_load_TS_strings(void);
|
||||
|
||||
int TS_REQ_set_version(TS_REQ *a, long version);
|
||||
long TS_REQ_get_version(const TS_REQ *a);
|
||||
|
||||
int TS_REQ_set_msg_imprint(TS_REQ *a, TS_MSG_IMPRINT *msg_imprint);
|
||||
TS_MSG_IMPRINT *TS_REQ_get_msg_imprint(TS_REQ *a);
|
||||
|
||||
int TS_MSG_IMPRINT_set_algo(TS_MSG_IMPRINT *a, X509_ALGOR *alg);
|
||||
X509_ALGOR *TS_MSG_IMPRINT_get_algo(TS_MSG_IMPRINT *a);
|
||||
|
||||
int TS_MSG_IMPRINT_set_msg(TS_MSG_IMPRINT *a, unsigned char *d, int len);
|
||||
ASN1_OCTET_STRING *TS_MSG_IMPRINT_get_msg(TS_MSG_IMPRINT *a);
|
||||
|
||||
int TS_REQ_set_policy_id(TS_REQ *a, ASN1_OBJECT *policy);
|
||||
ASN1_OBJECT *TS_REQ_get_policy_id(TS_REQ *a);
|
||||
|
||||
int TS_REQ_set_nonce(TS_REQ *a, const ASN1_INTEGER *nonce);
|
||||
const ASN1_INTEGER *TS_REQ_get_nonce(const TS_REQ *a);
|
||||
|
||||
int TS_REQ_set_cert_req(TS_REQ *a, int cert_req);
|
||||
int TS_REQ_get_cert_req(const TS_REQ *a);
|
||||
|
||||
STACK_OF(X509_EXTENSION) *TS_REQ_get_exts(TS_REQ *a);
|
||||
void TS_REQ_ext_free(TS_REQ *a);
|
||||
int TS_REQ_get_ext_count(TS_REQ *a);
|
||||
int TS_REQ_get_ext_by_NID(TS_REQ *a, int nid, int lastpos);
|
||||
int TS_REQ_get_ext_by_OBJ(TS_REQ *a, ASN1_OBJECT *obj, int lastpos);
|
||||
int TS_REQ_get_ext_by_critical(TS_REQ *a, int crit, int lastpos);
|
||||
X509_EXTENSION *TS_REQ_get_ext(TS_REQ *a, int loc);
|
||||
X509_EXTENSION *TS_REQ_delete_ext(TS_REQ *a, int loc);
|
||||
int TS_REQ_add_ext(TS_REQ *a, X509_EXTENSION *ex, int loc);
|
||||
void *TS_REQ_get_ext_d2i(TS_REQ *a, int nid, int *crit, int *idx);
|
||||
|
||||
/* Function declarations for TS_REQ defined in ts/ts_req_print.c */
|
||||
|
||||
int TS_REQ_print_bio(BIO *bio, TS_REQ *a);
|
||||
|
||||
/* Function declarations for TS_RESP defined in ts/ts_resp_utils.c */
|
||||
|
||||
int TS_RESP_set_status_info(TS_RESP *a, TS_STATUS_INFO *info);
|
||||
TS_STATUS_INFO *TS_RESP_get_status_info(TS_RESP *a);
|
||||
|
||||
/* Caller loses ownership of PKCS7 and TS_TST_INFO objects. */
|
||||
void TS_RESP_set_tst_info(TS_RESP *a, PKCS7 *p7, TS_TST_INFO *tst_info);
|
||||
PKCS7 *TS_RESP_get_token(TS_RESP *a);
|
||||
TS_TST_INFO *TS_RESP_get_tst_info(TS_RESP *a);
|
||||
|
||||
int TS_TST_INFO_set_version(TS_TST_INFO *a, long version);
|
||||
long TS_TST_INFO_get_version(const TS_TST_INFO *a);
|
||||
|
||||
int TS_TST_INFO_set_policy_id(TS_TST_INFO *a, ASN1_OBJECT *policy_id);
|
||||
ASN1_OBJECT *TS_TST_INFO_get_policy_id(TS_TST_INFO *a);
|
||||
|
||||
int TS_TST_INFO_set_msg_imprint(TS_TST_INFO *a, TS_MSG_IMPRINT *msg_imprint);
|
||||
TS_MSG_IMPRINT *TS_TST_INFO_get_msg_imprint(TS_TST_INFO *a);
|
||||
|
||||
int TS_TST_INFO_set_serial(TS_TST_INFO *a, const ASN1_INTEGER *serial);
|
||||
const ASN1_INTEGER *TS_TST_INFO_get_serial(const TS_TST_INFO *a);
|
||||
|
||||
int TS_TST_INFO_set_time(TS_TST_INFO *a, const ASN1_GENERALIZEDTIME *gtime);
|
||||
const ASN1_GENERALIZEDTIME *TS_TST_INFO_get_time(const TS_TST_INFO *a);
|
||||
|
||||
int TS_TST_INFO_set_accuracy(TS_TST_INFO *a, TS_ACCURACY *accuracy);
|
||||
TS_ACCURACY *TS_TST_INFO_get_accuracy(TS_TST_INFO *a);
|
||||
|
||||
int TS_ACCURACY_set_seconds(TS_ACCURACY *a, const ASN1_INTEGER *seconds);
|
||||
const ASN1_INTEGER *TS_ACCURACY_get_seconds(const TS_ACCURACY *a);
|
||||
|
||||
int TS_ACCURACY_set_millis(TS_ACCURACY *a, const ASN1_INTEGER *millis);
|
||||
const ASN1_INTEGER *TS_ACCURACY_get_millis(const TS_ACCURACY *a);
|
||||
|
||||
int TS_ACCURACY_set_micros(TS_ACCURACY *a, const ASN1_INTEGER *micros);
|
||||
const ASN1_INTEGER *TS_ACCURACY_get_micros(const TS_ACCURACY *a);
|
||||
|
||||
int TS_TST_INFO_set_ordering(TS_TST_INFO *a, int ordering);
|
||||
int TS_TST_INFO_get_ordering(const TS_TST_INFO *a);
|
||||
|
||||
int TS_TST_INFO_set_nonce(TS_TST_INFO *a, const ASN1_INTEGER *nonce);
|
||||
const ASN1_INTEGER *TS_TST_INFO_get_nonce(const TS_TST_INFO *a);
|
||||
|
||||
int TS_TST_INFO_set_tsa(TS_TST_INFO *a, GENERAL_NAME *tsa);
|
||||
GENERAL_NAME *TS_TST_INFO_get_tsa(TS_TST_INFO *a);
|
||||
|
||||
STACK_OF(X509_EXTENSION) *TS_TST_INFO_get_exts(TS_TST_INFO *a);
|
||||
void TS_TST_INFO_ext_free(TS_TST_INFO *a);
|
||||
int TS_TST_INFO_get_ext_count(TS_TST_INFO *a);
|
||||
int TS_TST_INFO_get_ext_by_NID(TS_TST_INFO *a, int nid, int lastpos);
|
||||
int TS_TST_INFO_get_ext_by_OBJ(TS_TST_INFO *a, ASN1_OBJECT *obj, int lastpos);
|
||||
int TS_TST_INFO_get_ext_by_critical(TS_TST_INFO *a, int crit, int lastpos);
|
||||
X509_EXTENSION *TS_TST_INFO_get_ext(TS_TST_INFO *a, int loc);
|
||||
X509_EXTENSION *TS_TST_INFO_delete_ext(TS_TST_INFO *a, int loc);
|
||||
int TS_TST_INFO_add_ext(TS_TST_INFO *a, X509_EXTENSION *ex, int loc);
|
||||
void *TS_TST_INFO_get_ext_d2i(TS_TST_INFO *a, int nid, int *crit, int *idx);
|
||||
|
||||
/* Declarations related to response generation, defined in ts/ts_resp_sign.c. */
|
||||
|
||||
/* Optional flags for response generation. */
|
||||
|
||||
/* Don't include the TSA name in response. */
|
||||
#define TS_TSA_NAME 0x01
|
||||
|
||||
/* Set ordering to true in response. */
|
||||
#define TS_ORDERING 0x02
|
||||
|
||||
/*
|
||||
* Include the signer certificate and the other specified certificates in
|
||||
* the ESS signing certificate attribute beside the PKCS7 signed data.
|
||||
* Only the signer certificates is included by default.
|
||||
*/
|
||||
#define TS_ESS_CERT_ID_CHAIN 0x04
|
||||
|
||||
/* Forward declaration. */
|
||||
struct TS_resp_ctx;
|
||||
|
||||
/* This must return a unique number less than 160 bits long. */
|
||||
typedef ASN1_INTEGER *(*TS_serial_cb)(struct TS_resp_ctx *, void *);
|
||||
|
||||
/* This must return the seconds and microseconds since Jan 1, 1970 in
|
||||
the sec and usec variables allocated by the caller.
|
||||
Return non-zero for success and zero for failure. */
|
||||
typedef int (*TS_time_cb)(struct TS_resp_ctx *, void *, long *sec, long *usec);
|
||||
|
||||
/* This must process the given extension.
|
||||
* It can modify the TS_TST_INFO object of the context.
|
||||
* Return values: !0 (processed), 0 (error, it must set the
|
||||
* status info/failure info of the response).
|
||||
*/
|
||||
typedef int (*TS_extension_cb)(struct TS_resp_ctx *, X509_EXTENSION *, void *);
|
||||
|
||||
typedef struct TS_resp_ctx
|
||||
{
|
||||
X509 *signer_cert;
|
||||
EVP_PKEY *signer_key;
|
||||
STACK_OF(X509) *certs; /* Certs to include in signed data. */
|
||||
STACK_OF(ASN1_OBJECT) *policies; /* Acceptable policies. */
|
||||
ASN1_OBJECT *default_policy; /* It may appear in policies, too. */
|
||||
STACK_OF(EVP_MD) *mds; /* Acceptable message digests. */
|
||||
ASN1_INTEGER *seconds; /* accuracy, 0 means not specified. */
|
||||
ASN1_INTEGER *millis; /* accuracy, 0 means not specified. */
|
||||
ASN1_INTEGER *micros; /* accuracy, 0 means not specified. */
|
||||
unsigned clock_precision_digits; /* fraction of seconds in
|
||||
time stamp token. */
|
||||
unsigned flags; /* Optional info, see values above. */
|
||||
|
||||
/* Callback functions. */
|
||||
TS_serial_cb serial_cb;
|
||||
void *serial_cb_data; /* User data for serial_cb. */
|
||||
|
||||
TS_time_cb time_cb;
|
||||
void *time_cb_data; /* User data for time_cb. */
|
||||
|
||||
TS_extension_cb extension_cb;
|
||||
void *extension_cb_data; /* User data for extension_cb. */
|
||||
|
||||
/* These members are used only while creating the response. */
|
||||
TS_REQ *request;
|
||||
TS_RESP *response;
|
||||
TS_TST_INFO *tst_info;
|
||||
} TS_RESP_CTX;
|
||||
|
||||
DECLARE_STACK_OF(EVP_MD)
|
||||
DECLARE_ASN1_SET_OF(EVP_MD)
|
||||
|
||||
/* Creates a response context that can be used for generating responses. */
|
||||
TS_RESP_CTX *TS_RESP_CTX_new(void);
|
||||
void TS_RESP_CTX_free(TS_RESP_CTX *ctx);
|
||||
|
||||
/* This parameter must be set. */
|
||||
int TS_RESP_CTX_set_signer_cert(TS_RESP_CTX *ctx, X509 *signer);
|
||||
|
||||
/* This parameter must be set. */
|
||||
int TS_RESP_CTX_set_signer_key(TS_RESP_CTX *ctx, EVP_PKEY *key);
|
||||
|
||||
/* This parameter must be set. */
|
||||
int TS_RESP_CTX_set_def_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *def_policy);
|
||||
|
||||
/* No additional certs are included in the response by default. */
|
||||
int TS_RESP_CTX_set_certs(TS_RESP_CTX *ctx, STACK_OF(X509) *certs);
|
||||
|
||||
/* Adds a new acceptable policy, only the default policy
|
||||
is accepted by default. */
|
||||
int TS_RESP_CTX_add_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *policy);
|
||||
|
||||
/* Adds a new acceptable message digest. Note that no message digests
|
||||
are accepted by default. The md argument is shared with the caller. */
|
||||
int TS_RESP_CTX_add_md(TS_RESP_CTX *ctx, const EVP_MD *md);
|
||||
|
||||
/* Accuracy is not included by default. */
|
||||
int TS_RESP_CTX_set_accuracy(TS_RESP_CTX *ctx,
|
||||
int secs, int millis, int micros);
|
||||
|
||||
/* Clock precision digits, i.e. the number of decimal digits:
|
||||
'0' means sec, '3' msec, '6' usec, and so on. Default is 0. */
|
||||
int TS_RESP_CTX_set_clock_precision_digits(TS_RESP_CTX *ctx,
|
||||
unsigned clock_precision_digits);
|
||||
/* At most we accept usec precision. */
|
||||
#define TS_MAX_CLOCK_PRECISION_DIGITS 6
|
||||
|
||||
/* No flags are set by default. */
|
||||
void TS_RESP_CTX_add_flags(TS_RESP_CTX *ctx, int flags);
|
||||
|
||||
/* Default callback always returns a constant. */
|
||||
void TS_RESP_CTX_set_serial_cb(TS_RESP_CTX *ctx, TS_serial_cb cb, void *data);
|
||||
|
||||
/* Default callback uses the gettimeofday() and gmtime() system calls. */
|
||||
void TS_RESP_CTX_set_time_cb(TS_RESP_CTX *ctx, TS_time_cb cb, void *data);
|
||||
|
||||
/* Default callback rejects all extensions. The extension callback is called
|
||||
* when the TS_TST_INFO object is already set up and not signed yet. */
|
||||
/* FIXME: extension handling is not tested yet. */
|
||||
void TS_RESP_CTX_set_extension_cb(TS_RESP_CTX *ctx,
|
||||
TS_extension_cb cb, void *data);
|
||||
|
||||
/* The following methods can be used in the callbacks. */
|
||||
int TS_RESP_CTX_set_status_info(TS_RESP_CTX *ctx,
|
||||
int status, const char *text);
|
||||
|
||||
/* Sets the status info only if it is still TS_STATUS_GRANTED. */
|
||||
int TS_RESP_CTX_set_status_info_cond(TS_RESP_CTX *ctx,
|
||||
int status, const char *text);
|
||||
|
||||
int TS_RESP_CTX_add_failure_info(TS_RESP_CTX *ctx, int failure);
|
||||
|
||||
/* The get methods below can be used in the extension callback. */
|
||||
TS_REQ *TS_RESP_CTX_get_request(TS_RESP_CTX *ctx);
|
||||
|
||||
TS_TST_INFO *TS_RESP_CTX_get_tst_info(TS_RESP_CTX *ctx);
|
||||
|
||||
/*
|
||||
* Creates the signed TS_TST_INFO and puts it in TS_RESP.
|
||||
* In case of errors it sets the status info properly.
|
||||
* Returns NULL only in case of memory allocation/fatal error.
|
||||
*/
|
||||
TS_RESP *TS_RESP_create_response(TS_RESP_CTX *ctx, BIO *req_bio);
|
||||
|
||||
/*
|
||||
* Declarations related to response verification,
|
||||
* they are defined in ts/ts_resp_verify.c.
|
||||
*/
|
||||
|
||||
int TS_RESP_verify_signature(PKCS7 *token, STACK_OF(X509) *certs,
|
||||
X509_STORE *store, X509 **signer_out);
|
||||
|
||||
/* Context structure for the generic verify method. */
|
||||
|
||||
/* Verify the signer's certificate and the signature of the response. */
|
||||
#define TS_VFY_SIGNATURE (1u << 0)
|
||||
/* Verify the version number of the response. */
|
||||
#define TS_VFY_VERSION (1u << 1)
|
||||
/* Verify if the policy supplied by the user matches the policy of the TSA. */
|
||||
#define TS_VFY_POLICY (1u << 2)
|
||||
/* Verify the message imprint provided by the user. This flag should not be
|
||||
specified with TS_VFY_DATA. */
|
||||
#define TS_VFY_IMPRINT (1u << 3)
|
||||
/* Verify the message imprint computed by the verify method from the user
|
||||
provided data and the MD algorithm of the response. This flag should not be
|
||||
specified with TS_VFY_IMPRINT. */
|
||||
#define TS_VFY_DATA (1u << 4)
|
||||
/* Verify the nonce value. */
|
||||
#define TS_VFY_NONCE (1u << 5)
|
||||
/* Verify if the TSA name field matches the signer certificate. */
|
||||
#define TS_VFY_SIGNER (1u << 6)
|
||||
/* Verify if the TSA name field equals to the user provided name. */
|
||||
#define TS_VFY_TSA_NAME (1u << 7)
|
||||
|
||||
/* You can use the following convenience constants. */
|
||||
#define TS_VFY_ALL_IMPRINT (TS_VFY_SIGNATURE \
|
||||
| TS_VFY_VERSION \
|
||||
| TS_VFY_POLICY \
|
||||
| TS_VFY_IMPRINT \
|
||||
| TS_VFY_NONCE \
|
||||
| TS_VFY_SIGNER \
|
||||
| TS_VFY_TSA_NAME)
|
||||
#define TS_VFY_ALL_DATA (TS_VFY_SIGNATURE \
|
||||
| TS_VFY_VERSION \
|
||||
| TS_VFY_POLICY \
|
||||
| TS_VFY_DATA \
|
||||
| TS_VFY_NONCE \
|
||||
| TS_VFY_SIGNER \
|
||||
| TS_VFY_TSA_NAME)
|
||||
|
||||
typedef struct TS_verify_ctx
|
||||
{
|
||||
/* Set this to the union of TS_VFY_... flags you want to carry out. */
|
||||
unsigned flags;
|
||||
|
||||
/* Must be set only with TS_VFY_SIGNATURE. certs is optional. */
|
||||
X509_STORE *store;
|
||||
STACK_OF(X509) *certs;
|
||||
|
||||
/* Must be set only with TS_VFY_POLICY. */
|
||||
ASN1_OBJECT *policy;
|
||||
|
||||
/* Must be set only with TS_VFY_IMPRINT. If md_alg is NULL,
|
||||
the algorithm from the response is used. */
|
||||
X509_ALGOR *md_alg;
|
||||
unsigned char *imprint;
|
||||
unsigned imprint_len;
|
||||
|
||||
/* Must be set only with TS_VFY_DATA. */
|
||||
BIO *data;
|
||||
|
||||
/* Must be set only with TS_VFY_TSA_NAME. */
|
||||
ASN1_INTEGER *nonce;
|
||||
|
||||
/* Must be set only with TS_VFY_TSA_NAME. */
|
||||
GENERAL_NAME *tsa_name;
|
||||
} TS_VERIFY_CTX;
|
||||
|
||||
int TS_RESP_verify_response(TS_VERIFY_CTX *ctx, TS_RESP *response);
|
||||
int TS_RESP_verify_token(TS_VERIFY_CTX *ctx, PKCS7 *token);
|
||||
|
||||
/*
|
||||
* Declarations related to response verification context,
|
||||
* they are defined in ts/ts_verify_ctx.c.
|
||||
*/
|
||||
|
||||
/* Set all fields to zero. */
|
||||
TS_VERIFY_CTX *TS_VERIFY_CTX_new(void);
|
||||
void TS_VERIFY_CTX_init(TS_VERIFY_CTX *ctx);
|
||||
void TS_VERIFY_CTX_free(TS_VERIFY_CTX *ctx);
|
||||
void TS_VERIFY_CTX_cleanup(TS_VERIFY_CTX *ctx);
|
||||
|
||||
/*
|
||||
* If ctx is NULL, it allocates and returns a new object, otherwise
|
||||
* it returns ctx. It initialises all the members as follows:
|
||||
* flags = TS_VFY_ALL_IMPRINT & ~(TS_VFY_TSA_NAME | TS_VFY_SIGNATURE)
|
||||
* certs = NULL
|
||||
* store = NULL
|
||||
* policy = policy from the request or NULL if absent (in this case
|
||||
* TS_VFY_POLICY is cleared from flags as well)
|
||||
* md_alg = MD algorithm from request
|
||||
* imprint, imprint_len = imprint from request
|
||||
* data = NULL
|
||||
* nonce, nonce_len = nonce from the request or NULL if absent (in this case
|
||||
* TS_VFY_NONCE is cleared from flags as well)
|
||||
* tsa_name = NULL
|
||||
* Important: after calling this method TS_VFY_SIGNATURE should be added!
|
||||
*/
|
||||
TS_VERIFY_CTX *TS_REQ_to_TS_VERIFY_CTX(TS_REQ *req, TS_VERIFY_CTX *ctx);
|
||||
|
||||
/* Function declarations for TS_RESP defined in ts/ts_resp_print.c */
|
||||
|
||||
int TS_RESP_print_bio(BIO *bio, TS_RESP *a);
|
||||
int TS_STATUS_INFO_print_bio(BIO *bio, TS_STATUS_INFO *a);
|
||||
int TS_TST_INFO_print_bio(BIO *bio, TS_TST_INFO *a);
|
||||
|
||||
/* Common utility functions defined in ts/ts_lib.c */
|
||||
|
||||
int TS_ASN1_INTEGER_print_bio(BIO *bio, const ASN1_INTEGER *num);
|
||||
int TS_OBJ_print_bio(BIO *bio, const ASN1_OBJECT *obj);
|
||||
int TS_ext_print_bio(BIO *bio, const STACK_OF(X509_EXTENSION) *extensions);
|
||||
int TS_X509_ALGOR_print_bio(BIO *bio, const X509_ALGOR *alg);
|
||||
int TS_MSG_IMPRINT_print_bio(BIO *bio, TS_MSG_IMPRINT *msg);
|
||||
|
||||
/* Function declarations for handling configuration options,
|
||||
defined in ts/ts_conf.c */
|
||||
|
||||
X509 *TS_CONF_load_cert(const char *file);
|
||||
STACK_OF(X509) *TS_CONF_load_certs(const char *file);
|
||||
EVP_PKEY *TS_CONF_load_key(const char *file, const char *pass);
|
||||
const char *TS_CONF_get_tsa_section(CONF *conf, const char *section);
|
||||
int TS_CONF_set_serial(CONF *conf, const char *section, TS_serial_cb cb,
|
||||
TS_RESP_CTX *ctx);
|
||||
int TS_CONF_set_crypto_device(CONF *conf, const char *section,
|
||||
const char *device);
|
||||
int TS_CONF_set_default_engine(const char *name);
|
||||
int TS_CONF_set_signer_cert(CONF *conf, const char *section,
|
||||
const char *cert, TS_RESP_CTX *ctx);
|
||||
int TS_CONF_set_certs(CONF *conf, const char *section, const char *certs,
|
||||
TS_RESP_CTX *ctx);
|
||||
int TS_CONF_set_signer_key(CONF *conf, const char *section,
|
||||
const char *key, const char *pass, TS_RESP_CTX *ctx);
|
||||
int TS_CONF_set_def_policy(CONF *conf, const char *section,
|
||||
const char *policy, TS_RESP_CTX *ctx);
|
||||
int TS_CONF_set_policies(CONF *conf, const char *section, TS_RESP_CTX *ctx);
|
||||
int TS_CONF_set_digests(CONF *conf, const char *section, TS_RESP_CTX *ctx);
|
||||
int TS_CONF_set_accuracy(CONF *conf, const char *section, TS_RESP_CTX *ctx);
|
||||
int TS_CONF_set_clock_precision_digits(CONF *conf, const char *section,
|
||||
TS_RESP_CTX *ctx);
|
||||
int TS_CONF_set_ordering(CONF *conf, const char *section, TS_RESP_CTX *ctx);
|
||||
int TS_CONF_set_tsa_name(CONF *conf, const char *section, TS_RESP_CTX *ctx);
|
||||
int TS_CONF_set_ess_cert_id_chain(CONF *conf, const char *section,
|
||||
TS_RESP_CTX *ctx);
|
||||
|
||||
/* -------------------------------------------------- */
|
||||
/* BEGIN ERROR CODES */
|
||||
/* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||
* made after this point may be overwritten when the script is next run.
|
||||
*/
|
||||
void ERR_load_TS_strings(void);
|
||||
|
||||
/* Error codes for the TS functions. */
|
||||
|
||||
/* Function codes. */
|
||||
#define TS_F_D2I_TS_RESP 147
|
||||
#define TS_F_DEF_SERIAL_CB 110
|
||||
#define TS_F_DEF_TIME_CB 111
|
||||
#define TS_F_ESS_ADD_SIGNING_CERT 112
|
||||
#define TS_F_ESS_CERT_ID_NEW_INIT 113
|
||||
#define TS_F_ESS_SIGNING_CERT_NEW_INIT 114
|
||||
#define TS_F_INT_TS_RESP_VERIFY_TOKEN 149
|
||||
#define TS_F_PKCS7_TO_TS_TST_INFO 148
|
||||
#define TS_F_TS_ACCURACY_SET_MICROS 115
|
||||
#define TS_F_TS_ACCURACY_SET_MILLIS 116
|
||||
#define TS_F_TS_ACCURACY_SET_SECONDS 117
|
||||
#define TS_F_TS_CHECK_IMPRINTS 100
|
||||
#define TS_F_TS_CHECK_NONCES 101
|
||||
#define TS_F_TS_CHECK_POLICY 102
|
||||
#define TS_F_TS_CHECK_SIGNING_CERTS 103
|
||||
#define TS_F_TS_CHECK_STATUS_INFO 104
|
||||
#define TS_F_TS_COMPUTE_IMPRINT 145
|
||||
#define TS_F_TS_CONF_SET_DEFAULT_ENGINE 146
|
||||
#define TS_F_TS_GET_STATUS_TEXT 105
|
||||
#define TS_F_TS_MSG_IMPRINT_SET_ALGO 118
|
||||
#define TS_F_TS_REQ_SET_MSG_IMPRINT 119
|
||||
#define TS_F_TS_REQ_SET_NONCE 120
|
||||
#define TS_F_TS_REQ_SET_POLICY_ID 121
|
||||
#define TS_F_TS_RESP_CREATE_RESPONSE 122
|
||||
#define TS_F_TS_RESP_CREATE_TST_INFO 123
|
||||
#define TS_F_TS_RESP_CTX_ADD_FAILURE_INFO 124
|
||||
#define TS_F_TS_RESP_CTX_ADD_MD 125
|
||||
#define TS_F_TS_RESP_CTX_ADD_POLICY 126
|
||||
#define TS_F_TS_RESP_CTX_NEW 127
|
||||
#define TS_F_TS_RESP_CTX_SET_ACCURACY 128
|
||||
#define TS_F_TS_RESP_CTX_SET_CERTS 129
|
||||
#define TS_F_TS_RESP_CTX_SET_DEF_POLICY 130
|
||||
#define TS_F_TS_RESP_CTX_SET_SIGNER_CERT 131
|
||||
#define TS_F_TS_RESP_CTX_SET_STATUS_INFO 132
|
||||
#define TS_F_TS_RESP_GET_POLICY 133
|
||||
#define TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION 134
|
||||
#define TS_F_TS_RESP_SET_STATUS_INFO 135
|
||||
#define TS_F_TS_RESP_SET_TST_INFO 150
|
||||
#define TS_F_TS_RESP_SIGN 136
|
||||
#define TS_F_TS_RESP_VERIFY_SIGNATURE 106
|
||||
#define TS_F_TS_RESP_VERIFY_TOKEN 107
|
||||
#define TS_F_TS_TST_INFO_SET_ACCURACY 137
|
||||
#define TS_F_TS_TST_INFO_SET_MSG_IMPRINT 138
|
||||
#define TS_F_TS_TST_INFO_SET_NONCE 139
|
||||
#define TS_F_TS_TST_INFO_SET_POLICY_ID 140
|
||||
#define TS_F_TS_TST_INFO_SET_SERIAL 141
|
||||
#define TS_F_TS_TST_INFO_SET_TIME 142
|
||||
#define TS_F_TS_TST_INFO_SET_TSA 143
|
||||
#define TS_F_TS_VERIFY 108
|
||||
#define TS_F_TS_VERIFY_CERT 109
|
||||
#define TS_F_TS_VERIFY_CTX_NEW 144
|
||||
|
||||
/* Reason codes. */
|
||||
#define TS_R_BAD_PKCS7_TYPE 132
|
||||
#define TS_R_BAD_TYPE 133
|
||||
#define TS_R_CERTIFICATE_VERIFY_ERROR 100
|
||||
#define TS_R_COULD_NOT_SET_ENGINE 127
|
||||
#define TS_R_COULD_NOT_SET_TIME 115
|
||||
#define TS_R_D2I_TS_RESP_INT_FAILED 128
|
||||
#define TS_R_DETACHED_CONTENT 134
|
||||
#define TS_R_ESS_ADD_SIGNING_CERT_ERROR 116
|
||||
#define TS_R_ESS_SIGNING_CERTIFICATE_ERROR 101
|
||||
#define TS_R_INVALID_NULL_POINTER 102
|
||||
#define TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE 117
|
||||
#define TS_R_MESSAGE_IMPRINT_MISMATCH 103
|
||||
#define TS_R_NONCE_MISMATCH 104
|
||||
#define TS_R_NONCE_NOT_RETURNED 105
|
||||
#define TS_R_NO_CONTENT 106
|
||||
#define TS_R_NO_TIME_STAMP_TOKEN 107
|
||||
#define TS_R_PKCS7_ADD_SIGNATURE_ERROR 118
|
||||
#define TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR 119
|
||||
#define TS_R_PKCS7_TO_TS_TST_INFO_FAILED 129
|
||||
#define TS_R_POLICY_MISMATCH 108
|
||||
#define TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 120
|
||||
#define TS_R_RESPONSE_SETUP_ERROR 121
|
||||
#define TS_R_SIGNATURE_FAILURE 109
|
||||
#define TS_R_THERE_MUST_BE_ONE_SIGNER 110
|
||||
#define TS_R_TIME_SYSCALL_ERROR 122
|
||||
#define TS_R_TOKEN_NOT_PRESENT 130
|
||||
#define TS_R_TOKEN_PRESENT 131
|
||||
#define TS_R_TSA_NAME_MISMATCH 111
|
||||
#define TS_R_TSA_UNTRUSTED 112
|
||||
#define TS_R_TST_INFO_SETUP_ERROR 123
|
||||
#define TS_R_TS_DATASIGN 124
|
||||
#define TS_R_UNACCEPTABLE_POLICY 125
|
||||
#define TS_R_UNSUPPORTED_MD_ALGORITHM 126
|
||||
#define TS_R_UNSUPPORTED_VERSION 113
|
||||
#define TS_R_WRONG_CONTENT_TYPE 114
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
#endif
|
|
@ -77,16 +77,19 @@
|
|||
extern "C" {
|
||||
#endif
|
||||
|
||||
typedef OPENSSL_STRING *OPENSSL_PSTRING;
|
||||
DECLARE_SPECIAL_STACK_OF(OPENSSL_PSTRING, OPENSSL_STRING)
|
||||
|
||||
typedef struct txt_db_st
|
||||
{
|
||||
int num_fields;
|
||||
STACK /* char ** */ *data;
|
||||
LHASH **index;
|
||||
int (**qual)(char **);
|
||||
STACK_OF(OPENSSL_PSTRING) *data;
|
||||
LHASH_OF(OPENSSL_STRING) **index;
|
||||
int (**qual)(OPENSSL_STRING *);
|
||||
long error;
|
||||
long arg1;
|
||||
long arg2;
|
||||
char **arg_row;
|
||||
OPENSSL_STRING *arg_row;
|
||||
} TXT_DB;
|
||||
|
||||
#ifndef OPENSSL_NO_BIO
|
||||
|
@ -96,11 +99,11 @@ long TXT_DB_write(BIO *out, TXT_DB *db);
|
|||
TXT_DB *TXT_DB_read(char *in, int num);
|
||||
long TXT_DB_write(char *out, TXT_DB *db);
|
||||
#endif
|
||||
int TXT_DB_create_index(TXT_DB *db,int field,int (*qual)(char **),
|
||||
LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp);
|
||||
int TXT_DB_create_index(TXT_DB *db,int field,int (*qual)(OPENSSL_STRING *),
|
||||
LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp);
|
||||
void TXT_DB_free(TXT_DB *db);
|
||||
char **TXT_DB_get_by_index(TXT_DB *db, int idx, char **value);
|
||||
int TXT_DB_insert(TXT_DB *db,char **value);
|
||||
OPENSSL_STRING *TXT_DB_get_by_index(TXT_DB *db, int idx, OPENSSL_STRING *value);
|
||||
int TXT_DB_insert(TXT_DB *db, OPENSSL_STRING *value);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
|
|
|
@ -287,8 +287,8 @@ UI_METHOD *UI_OpenSSL(void);
|
|||
/* The UI_STRING type is the data structure that contains all the needed info
|
||||
about a string or a prompt, including test data for a verification prompt.
|
||||
*/
|
||||
DECLARE_STACK_OF(UI_STRING)
|
||||
typedef struct ui_string_st UI_STRING;
|
||||
DECLARE_STACK_OF(UI_STRING)
|
||||
|
||||
/* The different types of strings that are currently supported.
|
||||
This is only needed by method authors. */
|
||||
|
@ -310,11 +310,13 @@ int UI_method_set_writer(UI_METHOD *method, int (*writer)(UI *ui, UI_STRING *uis
|
|||
int UI_method_set_flusher(UI_METHOD *method, int (*flusher)(UI *ui));
|
||||
int UI_method_set_reader(UI_METHOD *method, int (*reader)(UI *ui, UI_STRING *uis));
|
||||
int UI_method_set_closer(UI_METHOD *method, int (*closer)(UI *ui));
|
||||
int UI_method_set_prompt_constructor(UI_METHOD *method, char *(*prompt_constructor)(UI* ui, const char* object_desc, const char* object_name));
|
||||
int (*UI_method_get_opener(UI_METHOD *method))(UI*);
|
||||
int (*UI_method_get_writer(UI_METHOD *method))(UI*,UI_STRING*);
|
||||
int (*UI_method_get_flusher(UI_METHOD *method))(UI*);
|
||||
int (*UI_method_get_reader(UI_METHOD *method))(UI*,UI_STRING*);
|
||||
int (*UI_method_get_closer(UI_METHOD *method))(UI*);
|
||||
char * (*UI_method_get_prompt_constructor(UI_METHOD *method))(UI*, const char*, const char*);
|
||||
|
||||
/* The following functions are helpers for method writers to access relevant
|
||||
data from a UI_STRING. */
|
||||
|
|
|
@ -0,0 +1,41 @@
|
|||
#ifndef HEADER_WHRLPOOL_H
|
||||
#define HEADER_WHRLPOOL_H
|
||||
|
||||
#include <openssl/e_os2.h>
|
||||
#include <stddef.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
#define WHIRLPOOL_DIGEST_LENGTH (512/8)
|
||||
#define WHIRLPOOL_BBLOCK 512
|
||||
#define WHIRLPOOL_COUNTER (256/8)
|
||||
|
||||
typedef struct {
|
||||
union {
|
||||
unsigned char c[WHIRLPOOL_DIGEST_LENGTH];
|
||||
/* double q is here to ensure 64-bit alignment */
|
||||
double q[WHIRLPOOL_DIGEST_LENGTH/sizeof(double)];
|
||||
} H;
|
||||
unsigned char data[WHIRLPOOL_BBLOCK/8];
|
||||
unsigned int bitoff;
|
||||
size_t bitlen[WHIRLPOOL_COUNTER/sizeof(size_t)];
|
||||
} WHIRLPOOL_CTX;
|
||||
|
||||
#ifndef OPENSSL_NO_WHIRLPOOL
|
||||
#ifdef OPENSSL_FIPS
|
||||
int private_WHIRLPOOL_Init(WHIRLPOOL_CTX *c);
|
||||
#endif
|
||||
int WHIRLPOOL_Init (WHIRLPOOL_CTX *c);
|
||||
int WHIRLPOOL_Update (WHIRLPOOL_CTX *c,const void *inp,size_t bytes);
|
||||
void WHIRLPOOL_BitUpdate(WHIRLPOOL_CTX *c,const void *inp,size_t bits);
|
||||
int WHIRLPOOL_Final (unsigned char *md,WHIRLPOOL_CTX *c);
|
||||
unsigned char *WHIRLPOOL(const void *inp,size_t bytes,unsigned char *md);
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif
|
|
@ -116,6 +116,7 @@ extern "C" {
|
|||
/* Under Win32 these are defined in wincrypt.h */
|
||||
#undef X509_NAME
|
||||
#undef X509_CERT_PAIR
|
||||
#undef X509_EXTENSIONS
|
||||
#endif
|
||||
|
||||
#define X509_FILETYPE_PEM 1
|
||||
|
@ -156,12 +157,12 @@ typedef struct X509_val_st
|
|||
ASN1_TIME *notAfter;
|
||||
} X509_VAL;
|
||||
|
||||
typedef struct X509_pubkey_st
|
||||
struct X509_pubkey_st
|
||||
{
|
||||
X509_ALGOR *algor;
|
||||
ASN1_BIT_STRING *public_key;
|
||||
EVP_PKEY *pkey;
|
||||
} X509_PUBKEY;
|
||||
};
|
||||
|
||||
typedef struct X509_sig_st
|
||||
{
|
||||
|
@ -190,7 +191,9 @@ struct X509_name_st
|
|||
#else
|
||||
char *bytes;
|
||||
#endif
|
||||
unsigned long hash; /* Keep the hash around for lookups */
|
||||
/* unsigned long hash; Keep the hash around for lookups */
|
||||
unsigned char *canon_enc;
|
||||
int canon_enclen;
|
||||
} /* X509_NAME */;
|
||||
|
||||
DECLARE_STACK_OF(X509_NAME)
|
||||
|
@ -255,6 +258,7 @@ typedef struct x509_cinf_st
|
|||
ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */
|
||||
ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */
|
||||
STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */
|
||||
ASN1_ENCODING enc;
|
||||
} X509_CINF;
|
||||
|
||||
/* This stuff is certificate "auxiliary info"
|
||||
|
@ -289,8 +293,11 @@ struct x509_st
|
|||
unsigned long ex_xkusage;
|
||||
unsigned long ex_nscert;
|
||||
ASN1_OCTET_STRING *skid;
|
||||
struct AUTHORITY_KEYID_st *akid;
|
||||
AUTHORITY_KEYID *akid;
|
||||
X509_POLICY_CACHE *policy_cache;
|
||||
STACK_OF(DIST_POINT) *crldp;
|
||||
STACK_OF(GENERAL_NAME) *altname;
|
||||
NAME_CONSTRAINTS *nc;
|
||||
#ifndef OPENSSL_NO_RFC3779
|
||||
STACK_OF(IPAddressFamily) *rfc3779_addr;
|
||||
struct ASIdentifiers_st *rfc3779_asid;
|
||||
|
@ -333,10 +340,11 @@ typedef struct x509_cert_pair_st {
|
|||
#define X509_TRUST_OBJECT_SIGN 5
|
||||
#define X509_TRUST_OCSP_SIGN 6
|
||||
#define X509_TRUST_OCSP_REQUEST 7
|
||||
#define X509_TRUST_TSA 8
|
||||
|
||||
/* Keep these up to date! */
|
||||
#define X509_TRUST_MIN 1
|
||||
#define X509_TRUST_MAX 7
|
||||
#define X509_TRUST_MAX 8
|
||||
|
||||
|
||||
/* trust_flags values */
|
||||
|
@ -423,13 +431,17 @@ typedef struct x509_cert_pair_st {
|
|||
XN_FLAG_FN_LN | \
|
||||
XN_FLAG_FN_ALIGN)
|
||||
|
||||
typedef struct X509_revoked_st
|
||||
struct x509_revoked_st
|
||||
{
|
||||
ASN1_INTEGER *serialNumber;
|
||||
ASN1_TIME *revocationDate;
|
||||
STACK_OF(X509_EXTENSION) /* optional */ *extensions;
|
||||
/* Set up if indirect CRL */
|
||||
STACK_OF(GENERAL_NAME) *issuer;
|
||||
/* Revocation reason */
|
||||
int reason;
|
||||
int sequence; /* load sequence */
|
||||
} X509_REVOKED;
|
||||
};
|
||||
|
||||
DECLARE_STACK_OF(X509_REVOKED)
|
||||
DECLARE_ASN1_SET_OF(X509_REVOKED)
|
||||
|
@ -453,6 +465,22 @@ struct X509_crl_st
|
|||
X509_ALGOR *sig_alg;
|
||||
ASN1_BIT_STRING *signature;
|
||||
int references;
|
||||
int flags;
|
||||
/* Copies of various extensions */
|
||||
AUTHORITY_KEYID *akid;
|
||||
ISSUING_DIST_POINT *idp;
|
||||
/* Convenient breakdown of IDP */
|
||||
int idp_flags;
|
||||
int idp_reasons;
|
||||
/* CRL and base CRL numbers for delta processing */
|
||||
ASN1_INTEGER *crl_number;
|
||||
ASN1_INTEGER *base_crl_number;
|
||||
#ifndef OPENSSL_NO_SHA
|
||||
unsigned char sha1_hash[SHA_DIGEST_LENGTH];
|
||||
#endif
|
||||
STACK_OF(GENERAL_NAMES) *issuers;
|
||||
const X509_CRL_METHOD *meth;
|
||||
void *meth_data;
|
||||
} /* X509_CRL */;
|
||||
|
||||
DECLARE_STACK_OF(X509_CRL)
|
||||
|
@ -551,18 +579,19 @@ X509_ALGOR *prf;
|
|||
|
||||
/* PKCS#8 private key info structure */
|
||||
|
||||
typedef struct pkcs8_priv_key_info_st
|
||||
struct pkcs8_priv_key_info_st
|
||||
{
|
||||
int broken; /* Flag for various broken formats */
|
||||
#define PKCS8_OK 0
|
||||
#define PKCS8_NO_OCTET 1
|
||||
#define PKCS8_EMBEDDED_PARAM 2
|
||||
#define PKCS8_NS_DB 3
|
||||
#define PKCS8_NEG_PRIVKEY 4
|
||||
ASN1_INTEGER *version;
|
||||
X509_ALGOR *pkeyalg;
|
||||
ASN1_TYPE *pkey; /* Should be OCTET STRING but some are broken */
|
||||
STACK_OF(X509_ATTRIBUTE) *attributes;
|
||||
} PKCS8_PRIV_KEY_INFO;
|
||||
};
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
|
@ -575,151 +604,6 @@ typedef struct pkcs8_priv_key_info_st
|
|||
extern "C" {
|
||||
#endif
|
||||
|
||||
#ifdef SSLEAY_MACROS
|
||||
#define X509_verify(a,r) ASN1_verify((int (*)())i2d_X509_CINF,a->sig_alg,\
|
||||
a->signature,(char *)a->cert_info,r)
|
||||
#define X509_REQ_verify(a,r) ASN1_verify((int (*)())i2d_X509_REQ_INFO, \
|
||||
a->sig_alg,a->signature,(char *)a->req_info,r)
|
||||
#define X509_CRL_verify(a,r) ASN1_verify((int (*)())i2d_X509_CRL_INFO, \
|
||||
a->sig_alg, a->signature,(char *)a->crl,r)
|
||||
|
||||
#define X509_sign(x,pkey,md) \
|
||||
ASN1_sign((int (*)())i2d_X509_CINF, x->cert_info->signature, \
|
||||
x->sig_alg, x->signature, (char *)x->cert_info,pkey,md)
|
||||
#define X509_REQ_sign(x,pkey,md) \
|
||||
ASN1_sign((int (*)())i2d_X509_REQ_INFO,x->sig_alg, NULL, \
|
||||
x->signature, (char *)x->req_info,pkey,md)
|
||||
#define X509_CRL_sign(x,pkey,md) \
|
||||
ASN1_sign((int (*)())i2d_X509_CRL_INFO,x->crl->sig_alg,x->sig_alg, \
|
||||
x->signature, (char *)x->crl,pkey,md)
|
||||
#define NETSCAPE_SPKI_sign(x,pkey,md) \
|
||||
ASN1_sign((int (*)())i2d_NETSCAPE_SPKAC, x->sig_algor,NULL, \
|
||||
x->signature, (char *)x->spkac,pkey,md)
|
||||
|
||||
#define X509_dup(x509) (X509 *)ASN1_dup((int (*)())i2d_X509, \
|
||||
(char *(*)())d2i_X509,(char *)x509)
|
||||
#define X509_ATTRIBUTE_dup(xa) (X509_ATTRIBUTE *)ASN1_dup(\
|
||||
(int (*)())i2d_X509_ATTRIBUTE, \
|
||||
(char *(*)())d2i_X509_ATTRIBUTE,(char *)xa)
|
||||
#define X509_EXTENSION_dup(ex) (X509_EXTENSION *)ASN1_dup( \
|
||||
(int (*)())i2d_X509_EXTENSION, \
|
||||
(char *(*)())d2i_X509_EXTENSION,(char *)ex)
|
||||
#define d2i_X509_fp(fp,x509) (X509 *)ASN1_d2i_fp((char *(*)())X509_new, \
|
||||
(char *(*)())d2i_X509, (fp),(unsigned char **)(x509))
|
||||
#define i2d_X509_fp(fp,x509) ASN1_i2d_fp(i2d_X509,fp,(unsigned char *)x509)
|
||||
#define d2i_X509_bio(bp,x509) (X509 *)ASN1_d2i_bio((char *(*)())X509_new, \
|
||||
(char *(*)())d2i_X509, (bp),(unsigned char **)(x509))
|
||||
#define i2d_X509_bio(bp,x509) ASN1_i2d_bio(i2d_X509,bp,(unsigned char *)x509)
|
||||
|
||||
#define X509_CRL_dup(crl) (X509_CRL *)ASN1_dup((int (*)())i2d_X509_CRL, \
|
||||
(char *(*)())d2i_X509_CRL,(char *)crl)
|
||||
#define d2i_X509_CRL_fp(fp,crl) (X509_CRL *)ASN1_d2i_fp((char *(*)()) \
|
||||
X509_CRL_new,(char *(*)())d2i_X509_CRL, (fp),\
|
||||
(unsigned char **)(crl))
|
||||
#define i2d_X509_CRL_fp(fp,crl) ASN1_i2d_fp(i2d_X509_CRL,fp,\
|
||||
(unsigned char *)crl)
|
||||
#define d2i_X509_CRL_bio(bp,crl) (X509_CRL *)ASN1_d2i_bio((char *(*)()) \
|
||||
X509_CRL_new,(char *(*)())d2i_X509_CRL, (bp),\
|
||||
(unsigned char **)(crl))
|
||||
#define i2d_X509_CRL_bio(bp,crl) ASN1_i2d_bio(i2d_X509_CRL,bp,\
|
||||
(unsigned char *)crl)
|
||||
|
||||
#define PKCS7_dup(p7) (PKCS7 *)ASN1_dup((int (*)())i2d_PKCS7, \
|
||||
(char *(*)())d2i_PKCS7,(char *)p7)
|
||||
#define d2i_PKCS7_fp(fp,p7) (PKCS7 *)ASN1_d2i_fp((char *(*)()) \
|
||||
PKCS7_new,(char *(*)())d2i_PKCS7, (fp),\
|
||||
(unsigned char **)(p7))
|
||||
#define i2d_PKCS7_fp(fp,p7) ASN1_i2d_fp(i2d_PKCS7,fp,\
|
||||
(unsigned char *)p7)
|
||||
#define d2i_PKCS7_bio(bp,p7) (PKCS7 *)ASN1_d2i_bio((char *(*)()) \
|
||||
PKCS7_new,(char *(*)())d2i_PKCS7, (bp),\
|
||||
(unsigned char **)(p7))
|
||||
#define i2d_PKCS7_bio(bp,p7) ASN1_i2d_bio(i2d_PKCS7,bp,\
|
||||
(unsigned char *)p7)
|
||||
|
||||
#define X509_REQ_dup(req) (X509_REQ *)ASN1_dup((int (*)())i2d_X509_REQ, \
|
||||
(char *(*)())d2i_X509_REQ,(char *)req)
|
||||
#define d2i_X509_REQ_fp(fp,req) (X509_REQ *)ASN1_d2i_fp((char *(*)())\
|
||||
X509_REQ_new, (char *(*)())d2i_X509_REQ, (fp),\
|
||||
(unsigned char **)(req))
|
||||
#define i2d_X509_REQ_fp(fp,req) ASN1_i2d_fp(i2d_X509_REQ,fp,\
|
||||
(unsigned char *)req)
|
||||
#define d2i_X509_REQ_bio(bp,req) (X509_REQ *)ASN1_d2i_bio((char *(*)())\
|
||||
X509_REQ_new, (char *(*)())d2i_X509_REQ, (bp),\
|
||||
(unsigned char **)(req))
|
||||
#define i2d_X509_REQ_bio(bp,req) ASN1_i2d_bio(i2d_X509_REQ,bp,\
|
||||
(unsigned char *)req)
|
||||
|
||||
#define RSAPublicKey_dup(rsa) (RSA *)ASN1_dup((int (*)())i2d_RSAPublicKey, \
|
||||
(char *(*)())d2i_RSAPublicKey,(char *)rsa)
|
||||
#define RSAPrivateKey_dup(rsa) (RSA *)ASN1_dup((int (*)())i2d_RSAPrivateKey, \
|
||||
(char *(*)())d2i_RSAPrivateKey,(char *)rsa)
|
||||
|
||||
#define d2i_RSAPrivateKey_fp(fp,rsa) (RSA *)ASN1_d2i_fp((char *(*)())\
|
||||
RSA_new,(char *(*)())d2i_RSAPrivateKey, (fp), \
|
||||
(unsigned char **)(rsa))
|
||||
#define i2d_RSAPrivateKey_fp(fp,rsa) ASN1_i2d_fp(i2d_RSAPrivateKey,fp, \
|
||||
(unsigned char *)rsa)
|
||||
#define d2i_RSAPrivateKey_bio(bp,rsa) (RSA *)ASN1_d2i_bio((char *(*)())\
|
||||
RSA_new,(char *(*)())d2i_RSAPrivateKey, (bp), \
|
||||
(unsigned char **)(rsa))
|
||||
#define i2d_RSAPrivateKey_bio(bp,rsa) ASN1_i2d_bio(i2d_RSAPrivateKey,bp, \
|
||||
(unsigned char *)rsa)
|
||||
|
||||
#define d2i_RSAPublicKey_fp(fp,rsa) (RSA *)ASN1_d2i_fp((char *(*)())\
|
||||
RSA_new,(char *(*)())d2i_RSAPublicKey, (fp), \
|
||||
(unsigned char **)(rsa))
|
||||
#define i2d_RSAPublicKey_fp(fp,rsa) ASN1_i2d_fp(i2d_RSAPublicKey,fp, \
|
||||
(unsigned char *)rsa)
|
||||
#define d2i_RSAPublicKey_bio(bp,rsa) (RSA *)ASN1_d2i_bio((char *(*)())\
|
||||
RSA_new,(char *(*)())d2i_RSAPublicKey, (bp), \
|
||||
(unsigned char **)(rsa))
|
||||
#define i2d_RSAPublicKey_bio(bp,rsa) ASN1_i2d_bio(i2d_RSAPublicKey,bp, \
|
||||
(unsigned char *)rsa)
|
||||
|
||||
#define d2i_DSAPrivateKey_fp(fp,dsa) (DSA *)ASN1_d2i_fp((char *(*)())\
|
||||
DSA_new,(char *(*)())d2i_DSAPrivateKey, (fp), \
|
||||
(unsigned char **)(dsa))
|
||||
#define i2d_DSAPrivateKey_fp(fp,dsa) ASN1_i2d_fp(i2d_DSAPrivateKey,fp, \
|
||||
(unsigned char *)dsa)
|
||||
#define d2i_DSAPrivateKey_bio(bp,dsa) (DSA *)ASN1_d2i_bio((char *(*)())\
|
||||
DSA_new,(char *(*)())d2i_DSAPrivateKey, (bp), \
|
||||
(unsigned char **)(dsa))
|
||||
#define i2d_DSAPrivateKey_bio(bp,dsa) ASN1_i2d_bio(i2d_DSAPrivateKey,bp, \
|
||||
(unsigned char *)dsa)
|
||||
|
||||
#define d2i_ECPrivateKey_fp(fp,ecdsa) (EC_KEY *)ASN1_d2i_fp((char *(*)())\
|
||||
EC_KEY_new,(char *(*)())d2i_ECPrivateKey, (fp), \
|
||||
(unsigned char **)(ecdsa))
|
||||
#define i2d_ECPrivateKey_fp(fp,ecdsa) ASN1_i2d_fp(i2d_ECPrivateKey,fp, \
|
||||
(unsigned char *)ecdsa)
|
||||
#define d2i_ECPrivateKey_bio(bp,ecdsa) (EC_KEY *)ASN1_d2i_bio((char *(*)())\
|
||||
EC_KEY_new,(char *(*)())d2i_ECPrivateKey, (bp), \
|
||||
(unsigned char **)(ecdsa))
|
||||
#define i2d_ECPrivateKey_bio(bp,ecdsa) ASN1_i2d_bio(i2d_ECPrivateKey,bp, \
|
||||
(unsigned char *)ecdsa)
|
||||
|
||||
#define X509_ALGOR_dup(xn) (X509_ALGOR *)ASN1_dup((int (*)())i2d_X509_ALGOR,\
|
||||
(char *(*)())d2i_X509_ALGOR,(char *)xn)
|
||||
|
||||
#define X509_NAME_dup(xn) (X509_NAME *)ASN1_dup((int (*)())i2d_X509_NAME, \
|
||||
(char *(*)())d2i_X509_NAME,(char *)xn)
|
||||
#define X509_NAME_ENTRY_dup(ne) (X509_NAME_ENTRY *)ASN1_dup( \
|
||||
(int (*)())i2d_X509_NAME_ENTRY, \
|
||||
(char *(*)())d2i_X509_NAME_ENTRY,\
|
||||
(char *)ne)
|
||||
|
||||
#define X509_digest(data,type,md,len) \
|
||||
ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len)
|
||||
#define X509_NAME_digest(data,type,md,len) \
|
||||
ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len)
|
||||
#ifndef PKCS7_ISSUER_AND_SERIAL_digest
|
||||
#define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \
|
||||
ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,\
|
||||
(char *)data,md,len)
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#define X509_EXT_PACK_UNKNOWN 1
|
||||
#define X509_EXT_PACK_STRING 2
|
||||
|
||||
|
@ -740,6 +624,18 @@ extern "C" {
|
|||
#define X509_CRL_get_issuer(x) ((x)->crl->issuer)
|
||||
#define X509_CRL_get_REVOKED(x) ((x)->crl->revoked)
|
||||
|
||||
void X509_CRL_set_default_method(const X509_CRL_METHOD *meth);
|
||||
X509_CRL_METHOD *X509_CRL_METHOD_new(
|
||||
int (*crl_init)(X509_CRL *crl),
|
||||
int (*crl_free)(X509_CRL *crl),
|
||||
int (*crl_lookup)(X509_CRL *crl, X509_REVOKED **ret,
|
||||
ASN1_INTEGER *ser, X509_NAME *issuer),
|
||||
int (*crl_verify)(X509_CRL *crl, EVP_PKEY *pk));
|
||||
void X509_CRL_METHOD_free(X509_CRL_METHOD *m);
|
||||
|
||||
void X509_CRL_set_meth_data(X509_CRL *crl, void *dat);
|
||||
void *X509_CRL_get_meth_data(X509_CRL *crl);
|
||||
|
||||
/* This one is only used so that a binary form can output, as in
|
||||
* i2d_X509_NAME(X509_get_X509_PUBKEY(x),&buf) */
|
||||
#define X509_get_X509_PUBKEY(x) ((x)->cert_info->key)
|
||||
|
@ -747,7 +643,6 @@ extern "C" {
|
|||
|
||||
const char *X509_verify_cert_error_string(long n);
|
||||
|
||||
#ifndef SSLEAY_MACROS
|
||||
#ifndef OPENSSL_NO_EVP
|
||||
int X509_verify(X509 *a, EVP_PKEY *r);
|
||||
|
||||
|
@ -762,11 +657,15 @@ int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey);
|
|||
|
||||
int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki);
|
||||
|
||||
int X509_signature_dump(BIO *bp,const ASN1_STRING *sig, int indent);
|
||||
int X509_signature_print(BIO *bp,X509_ALGOR *alg, ASN1_STRING *sig);
|
||||
|
||||
int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
|
||||
int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx);
|
||||
int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md);
|
||||
int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx);
|
||||
int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md);
|
||||
int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx);
|
||||
int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md);
|
||||
|
||||
int X509_pubkey_digest(const X509 *data,const EVP_MD *type,
|
||||
|
@ -868,15 +767,16 @@ X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn);
|
|||
int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval);
|
||||
void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval,
|
||||
X509_ALGOR *algor);
|
||||
void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md);
|
||||
|
||||
X509_NAME *X509_NAME_dup(X509_NAME *xn);
|
||||
X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne);
|
||||
|
||||
#endif /* !SSLEAY_MACROS */
|
||||
|
||||
int X509_cmp_time(ASN1_TIME *s, time_t *t);
|
||||
int X509_cmp_current_time(ASN1_TIME *s);
|
||||
int X509_cmp_time(const ASN1_TIME *s, time_t *t);
|
||||
int X509_cmp_current_time(const ASN1_TIME *s);
|
||||
ASN1_TIME * X509_time_adj(ASN1_TIME *s, long adj, time_t *t);
|
||||
ASN1_TIME * X509_time_adj_ex(ASN1_TIME *s,
|
||||
int offset_day, long offset_sec, time_t *t);
|
||||
ASN1_TIME * X509_gmtime_adj(ASN1_TIME *s, long adj);
|
||||
|
||||
const char * X509_get_default_cert_area(void );
|
||||
|
@ -964,6 +864,9 @@ DECLARE_ASN1_FUNCTIONS(X509_CRL_INFO)
|
|||
DECLARE_ASN1_FUNCTIONS(X509_CRL)
|
||||
|
||||
int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
|
||||
int X509_CRL_get0_by_serial(X509_CRL *crl,
|
||||
X509_REVOKED **ret, ASN1_INTEGER *serial);
|
||||
int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x);
|
||||
|
||||
X509_PKEY * X509_PKEY_new(void );
|
||||
void X509_PKEY_free(X509_PKEY *a);
|
||||
|
@ -998,6 +901,9 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *algor1,
|
|||
int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
|
||||
ASN1_BIT_STRING *signature,
|
||||
void *data, EVP_PKEY *pkey, const EVP_MD *type);
|
||||
int ASN1_item_sign_ctx(const ASN1_ITEM *it,
|
||||
X509_ALGOR *algor1, X509_ALGOR *algor2,
|
||||
ASN1_BIT_STRING *signature, void *asn, EVP_MD_CTX *ctx);
|
||||
#endif
|
||||
|
||||
int X509_set_version(X509 *x,long version);
|
||||
|
@ -1007,8 +913,8 @@ int X509_set_issuer_name(X509 *x, X509_NAME *name);
|
|||
X509_NAME * X509_get_issuer_name(X509 *a);
|
||||
int X509_set_subject_name(X509 *x, X509_NAME *name);
|
||||
X509_NAME * X509_get_subject_name(X509 *a);
|
||||
int X509_set_notBefore(X509 *x, ASN1_TIME *tm);
|
||||
int X509_set_notAfter(X509 *x, ASN1_TIME *tm);
|
||||
int X509_set_notBefore(X509 *x, const ASN1_TIME *tm);
|
||||
int X509_set_notAfter(X509 *x, const ASN1_TIME *tm);
|
||||
int X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
|
||||
EVP_PKEY * X509_get_pubkey(X509 *x);
|
||||
ASN1_BIT_STRING * X509_get0_pubkey_bitstr(const X509 *x);
|
||||
|
@ -1045,8 +951,8 @@ int X509_REQ_add1_attr_by_txt(X509_REQ *req,
|
|||
|
||||
int X509_CRL_set_version(X509_CRL *x, long version);
|
||||
int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name);
|
||||
int X509_CRL_set_lastUpdate(X509_CRL *x, ASN1_TIME *tm);
|
||||
int X509_CRL_set_nextUpdate(X509_CRL *x, ASN1_TIME *tm);
|
||||
int X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm);
|
||||
int X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm);
|
||||
int X509_CRL_sort(X509_CRL *crl);
|
||||
|
||||
int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial);
|
||||
|
@ -1065,11 +971,18 @@ unsigned long X509_issuer_name_hash(X509 *a);
|
|||
int X509_subject_name_cmp(const X509 *a, const X509 *b);
|
||||
unsigned long X509_subject_name_hash(X509 *x);
|
||||
|
||||
#ifndef OPENSSL_NO_MD5
|
||||
unsigned long X509_issuer_name_hash_old(X509 *a);
|
||||
unsigned long X509_subject_name_hash_old(X509 *x);
|
||||
#endif
|
||||
|
||||
int X509_cmp(const X509 *a, const X509 *b);
|
||||
int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b);
|
||||
unsigned long X509_NAME_hash(X509_NAME *x);
|
||||
unsigned long X509_NAME_hash_old(X509_NAME *x);
|
||||
|
||||
int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b);
|
||||
int X509_CRL_match(const X509_CRL *a, const X509_CRL *b);
|
||||
#ifndef OPENSSL_NO_FP_API
|
||||
int X509_print_ex_fp(FILE *bp,X509 *x, unsigned long nmflag, unsigned long cflag);
|
||||
int X509_print_fp(FILE *bp,X509 *x);
|
||||
|
@ -1245,9 +1158,19 @@ DECLARE_ASN1_FUNCTIONS(PBEPARAM)
|
|||
DECLARE_ASN1_FUNCTIONS(PBE2PARAM)
|
||||
DECLARE_ASN1_FUNCTIONS(PBKDF2PARAM)
|
||||
|
||||
X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt, int saltlen);
|
||||
int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,
|
||||
const unsigned char *salt, int saltlen);
|
||||
|
||||
X509_ALGOR *PKCS5_pbe_set(int alg, int iter,
|
||||
const unsigned char *salt, int saltlen);
|
||||
X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
|
||||
unsigned char *salt, int saltlen);
|
||||
X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
|
||||
unsigned char *salt, int saltlen,
|
||||
unsigned char *aiv, int prf_nid);
|
||||
|
||||
X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
|
||||
int prf_nid, int keylen);
|
||||
|
||||
/* PKCS#8 utilities */
|
||||
|
||||
|
@ -1258,6 +1181,22 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey);
|
|||
PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken);
|
||||
PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken);
|
||||
|
||||
int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj,
|
||||
int version, int ptype, void *pval,
|
||||
unsigned char *penc, int penclen);
|
||||
int PKCS8_pkey_get0(ASN1_OBJECT **ppkalg,
|
||||
const unsigned char **pk, int *ppklen,
|
||||
X509_ALGOR **pa,
|
||||
PKCS8_PRIV_KEY_INFO *p8);
|
||||
|
||||
int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
|
||||
int ptype, void *pval,
|
||||
unsigned char *penc, int penclen);
|
||||
int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
|
||||
const unsigned char **pk, int *ppklen,
|
||||
X509_ALGOR **pa,
|
||||
X509_PUBKEY *pub);
|
||||
|
||||
int X509_check_trust(X509 *x, int id, int flags);
|
||||
int X509_TRUST_get_count(void);
|
||||
X509_TRUST * X509_TRUST_get0(int idx);
|
||||
|
@ -1337,7 +1276,10 @@ void ERR_load_X509_strings(void);
|
|||
#define X509_R_KEY_VALUES_MISMATCH 116
|
||||
#define X509_R_LOADING_CERT_DIR 103
|
||||
#define X509_R_LOADING_DEFAULTS 104
|
||||
#define X509_R_METHOD_NOT_SUPPORTED 124
|
||||
#define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105
|
||||
#define X509_R_PUBLIC_KEY_DECODE_ERROR 125
|
||||
#define X509_R_PUBLIC_KEY_ENCODE_ERROR 126
|
||||
#define X509_R_SHOULD_RETRY 106
|
||||
#define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN 107
|
||||
#define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY 108
|
||||
|
|
|
@ -77,6 +77,7 @@
|
|||
extern "C" {
|
||||
#endif
|
||||
|
||||
#if 0
|
||||
/* Outer object */
|
||||
typedef struct x509_hash_dir_st
|
||||
{
|
||||
|
@ -85,6 +86,7 @@ typedef struct x509_hash_dir_st
|
|||
int *dirs_type;
|
||||
int num_dirs_alloced;
|
||||
} X509_HASH_DIR_CTX;
|
||||
#endif
|
||||
|
||||
typedef struct x509_file_st
|
||||
{
|
||||
|
@ -198,6 +200,8 @@ struct x509_store_st
|
|||
int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x); /* retrieve CRL */
|
||||
int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */
|
||||
int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */
|
||||
STACK_OF(X509) * (*lookup_certs)(X509_STORE_CTX *ctx, X509_NAME *nm);
|
||||
STACK_OF(X509_CRL) * (*lookup_crls)(X509_STORE_CTX *ctx, X509_NAME *nm);
|
||||
int (*cleanup)(X509_STORE_CTX *ctx);
|
||||
|
||||
CRYPTO_EX_DATA ex_data;
|
||||
|
@ -246,6 +250,8 @@ struct x509_store_ctx_st /* X509_STORE_CTX */
|
|||
int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */
|
||||
int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */
|
||||
int (*check_policy)(X509_STORE_CTX *ctx);
|
||||
STACK_OF(X509) * (*lookup_certs)(X509_STORE_CTX *ctx, X509_NAME *nm);
|
||||
STACK_OF(X509_CRL) * (*lookup_crls)(X509_STORE_CTX *ctx, X509_NAME *nm);
|
||||
int (*cleanup)(X509_STORE_CTX *ctx);
|
||||
|
||||
/* The following is built up */
|
||||
|
@ -263,6 +269,11 @@ struct x509_store_ctx_st /* X509_STORE_CTX */
|
|||
X509 *current_issuer; /* cert currently being tested as valid issuer */
|
||||
X509_CRL *current_crl; /* current CRL */
|
||||
|
||||
int current_crl_score; /* score of current CRL */
|
||||
unsigned int current_reasons; /* Reason mask */
|
||||
|
||||
X509_STORE_CTX *parent; /* For CRL path validation: parent context */
|
||||
|
||||
CRYPTO_EX_DATA ex_data;
|
||||
} /* X509_STORE_CTX */;
|
||||
|
||||
|
@ -330,8 +341,18 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
|
|||
#define X509_V_ERR_INVALID_EXTENSION 41
|
||||
#define X509_V_ERR_INVALID_POLICY_EXTENSION 42
|
||||
#define X509_V_ERR_NO_EXPLICIT_POLICY 43
|
||||
#define X509_V_ERR_DIFFERENT_CRL_SCOPE 44
|
||||
#define X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE 45
|
||||
|
||||
#define X509_V_ERR_UNNESTED_RESOURCE 44
|
||||
#define X509_V_ERR_UNNESTED_RESOURCE 46
|
||||
|
||||
#define X509_V_ERR_PERMITTED_VIOLATION 47
|
||||
#define X509_V_ERR_EXCLUDED_VIOLATION 48
|
||||
#define X509_V_ERR_SUBTREE_MINMAX 49
|
||||
#define X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE 51
|
||||
#define X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX 52
|
||||
#define X509_V_ERR_UNSUPPORTED_NAME_SYNTAX 53
|
||||
#define X509_V_ERR_CRL_PATH_VALIDATION_ERROR 54
|
||||
|
||||
/* The application is not happy */
|
||||
#define X509_V_ERR_APPLICATION_VERIFICATION 50
|
||||
|
@ -362,6 +383,13 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
|
|||
#define X509_V_FLAG_INHIBIT_MAP 0x400
|
||||
/* Notify callback that policy is OK */
|
||||
#define X509_V_FLAG_NOTIFY_POLICY 0x800
|
||||
/* Extended CRL features such as indirect CRLs, alternate CRL signing keys */
|
||||
#define X509_V_FLAG_EXTENDED_CRL_SUPPORT 0x1000
|
||||
/* Delta CRL support */
|
||||
#define X509_V_FLAG_USE_DELTAS 0x2000
|
||||
/* Check selfsigned CA signature */
|
||||
#define X509_V_FLAG_CHECK_SS_SIGNATURE 0x4000
|
||||
|
||||
|
||||
#define X509_VP_FLAG_DEFAULT 0x1
|
||||
#define X509_VP_FLAG_OVERWRITE 0x2
|
||||
|
@ -384,11 +412,16 @@ void X509_OBJECT_free_contents(X509_OBJECT *a);
|
|||
X509_STORE *X509_STORE_new(void );
|
||||
void X509_STORE_free(X509_STORE *v);
|
||||
|
||||
STACK_OF(X509)* X509_STORE_get1_certs(X509_STORE_CTX *st, X509_NAME *nm);
|
||||
STACK_OF(X509_CRL)* X509_STORE_get1_crls(X509_STORE_CTX *st, X509_NAME *nm);
|
||||
int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags);
|
||||
int X509_STORE_set_purpose(X509_STORE *ctx, int purpose);
|
||||
int X509_STORE_set_trust(X509_STORE *ctx, int trust);
|
||||
int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *pm);
|
||||
|
||||
void X509_STORE_set_verify_cb(X509_STORE *ctx,
|
||||
int (*verify_cb)(int, X509_STORE_CTX *));
|
||||
|
||||
X509_STORE_CTX *X509_STORE_CTX_new(void);
|
||||
|
||||
int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
|
||||
|
@ -447,6 +480,9 @@ int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
|
|||
void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx,int s);
|
||||
int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
|
||||
X509 * X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
|
||||
X509 *X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx);
|
||||
X509_CRL *X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx);
|
||||
X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx);
|
||||
STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx);
|
||||
STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
|
||||
void X509_STORE_CTX_set_cert(X509_STORE_CTX *c,X509 *x);
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/* x509v3.h */
|
||||
/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
|
||||
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
|
||||
* project 1999.
|
||||
*/
|
||||
/* ====================================================================
|
||||
|
@ -76,12 +76,19 @@ typedef void * (*X509V3_EXT_NEW)(void);
|
|||
typedef void (*X509V3_EXT_FREE)(void *);
|
||||
typedef void * (*X509V3_EXT_D2I)(void *, const unsigned char ** , long);
|
||||
typedef int (*X509V3_EXT_I2D)(void *, unsigned char **);
|
||||
typedef STACK_OF(CONF_VALUE) * (*X509V3_EXT_I2V)(struct v3_ext_method *method, void *ext, STACK_OF(CONF_VALUE) *extlist);
|
||||
typedef void * (*X509V3_EXT_V2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, STACK_OF(CONF_VALUE) *values);
|
||||
typedef char * (*X509V3_EXT_I2S)(struct v3_ext_method *method, void *ext);
|
||||
typedef void * (*X509V3_EXT_S2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, const char *str);
|
||||
typedef int (*X509V3_EXT_I2R)(struct v3_ext_method *method, void *ext, BIO *out, int indent);
|
||||
typedef void * (*X509V3_EXT_R2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, const char *str);
|
||||
typedef STACK_OF(CONF_VALUE) *
|
||||
(*X509V3_EXT_I2V)(const struct v3_ext_method *method, void *ext,
|
||||
STACK_OF(CONF_VALUE) *extlist);
|
||||
typedef void * (*X509V3_EXT_V2I)(const struct v3_ext_method *method,
|
||||
struct v3_ext_ctx *ctx,
|
||||
STACK_OF(CONF_VALUE) *values);
|
||||
typedef char * (*X509V3_EXT_I2S)(const struct v3_ext_method *method, void *ext);
|
||||
typedef void * (*X509V3_EXT_S2I)(const struct v3_ext_method *method,
|
||||
struct v3_ext_ctx *ctx, const char *str);
|
||||
typedef int (*X509V3_EXT_I2R)(const struct v3_ext_method *method, void *ext,
|
||||
BIO *out, int indent);
|
||||
typedef void * (*X509V3_EXT_R2I)(const struct v3_ext_method *method,
|
||||
struct v3_ext_ctx *ctx, const char *str);
|
||||
|
||||
/* V3 extension structure */
|
||||
|
||||
|
@ -220,24 +227,41 @@ union {
|
|||
GENERAL_NAMES *fullname;
|
||||
STACK_OF(X509_NAME_ENTRY) *relativename;
|
||||
} name;
|
||||
/* If relativename then this contains the full distribution point name */
|
||||
X509_NAME *dpname;
|
||||
} DIST_POINT_NAME;
|
||||
/* All existing reasons */
|
||||
#define CRLDP_ALL_REASONS 0x807f
|
||||
|
||||
typedef struct DIST_POINT_st {
|
||||
#define CRL_REASON_NONE -1
|
||||
#define CRL_REASON_UNSPECIFIED 0
|
||||
#define CRL_REASON_KEY_COMPROMISE 1
|
||||
#define CRL_REASON_CA_COMPROMISE 2
|
||||
#define CRL_REASON_AFFILIATION_CHANGED 3
|
||||
#define CRL_REASON_SUPERSEDED 4
|
||||
#define CRL_REASON_CESSATION_OF_OPERATION 5
|
||||
#define CRL_REASON_CERTIFICATE_HOLD 6
|
||||
#define CRL_REASON_REMOVE_FROM_CRL 8
|
||||
#define CRL_REASON_PRIVILEGE_WITHDRAWN 9
|
||||
#define CRL_REASON_AA_COMPROMISE 10
|
||||
|
||||
struct DIST_POINT_st {
|
||||
DIST_POINT_NAME *distpoint;
|
||||
ASN1_BIT_STRING *reasons;
|
||||
GENERAL_NAMES *CRLissuer;
|
||||
} DIST_POINT;
|
||||
int dp_reasons;
|
||||
};
|
||||
|
||||
typedef STACK_OF(DIST_POINT) CRL_DIST_POINTS;
|
||||
|
||||
DECLARE_STACK_OF(DIST_POINT)
|
||||
DECLARE_ASN1_SET_OF(DIST_POINT)
|
||||
|
||||
typedef struct AUTHORITY_KEYID_st {
|
||||
struct AUTHORITY_KEYID_st {
|
||||
ASN1_OCTET_STRING *keyid;
|
||||
GENERAL_NAMES *issuer;
|
||||
ASN1_INTEGER *serial;
|
||||
} AUTHORITY_KEYID;
|
||||
};
|
||||
|
||||
/* Strong extranet structures */
|
||||
|
||||
|
@ -303,10 +327,10 @@ typedef struct GENERAL_SUBTREE_st {
|
|||
|
||||
DECLARE_STACK_OF(GENERAL_SUBTREE)
|
||||
|
||||
typedef struct NAME_CONSTRAINTS_st {
|
||||
struct NAME_CONSTRAINTS_st {
|
||||
STACK_OF(GENERAL_SUBTREE) *permittedSubtrees;
|
||||
STACK_OF(GENERAL_SUBTREE) *excludedSubtrees;
|
||||
} NAME_CONSTRAINTS;
|
||||
};
|
||||
|
||||
typedef struct POLICY_CONSTRAINTS_st {
|
||||
ASN1_INTEGER *requireExplicitPolicy;
|
||||
|
@ -329,6 +353,31 @@ typedef struct PROXY_CERT_INFO_EXTENSION_st
|
|||
DECLARE_ASN1_FUNCTIONS(PROXY_POLICY)
|
||||
DECLARE_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION)
|
||||
|
||||
struct ISSUING_DIST_POINT_st
|
||||
{
|
||||
DIST_POINT_NAME *distpoint;
|
||||
int onlyuser;
|
||||
int onlyCA;
|
||||
ASN1_BIT_STRING *onlysomereasons;
|
||||
int indirectCRL;
|
||||
int onlyattr;
|
||||
};
|
||||
|
||||
/* Values in idp_flags field */
|
||||
/* IDP present */
|
||||
#define IDP_PRESENT 0x1
|
||||
/* IDP values inconsistent */
|
||||
#define IDP_INVALID 0x2
|
||||
/* onlyuser true */
|
||||
#define IDP_ONLYUSER 0x4
|
||||
/* onlyCA true */
|
||||
#define IDP_ONLYCA 0x8
|
||||
/* onlyattr true */
|
||||
#define IDP_ONLYATTR 0x10
|
||||
/* indirectCRL true */
|
||||
#define IDP_INDIRECT 0x20
|
||||
/* onlysomereasons present */
|
||||
#define IDP_REASONS 0x40
|
||||
|
||||
#define X509V3_conf_err(val) ERR_add_error_data(6, "section:", val->section, \
|
||||
",name:", val->name, ",value:", val->value);
|
||||
|
@ -363,6 +412,8 @@ DECLARE_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION)
|
|||
#define EXFLAG_NSCERT 0x8
|
||||
|
||||
#define EXFLAG_CA 0x10
|
||||
/* Really self issued not necessarily self signed */
|
||||
#define EXFLAG_SI 0x20
|
||||
#define EXFLAG_SS 0x20
|
||||
#define EXFLAG_V1 0x40
|
||||
#define EXFLAG_INVALID 0x80
|
||||
|
@ -370,7 +421,8 @@ DECLARE_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION)
|
|||
#define EXFLAG_CRITICAL 0x200
|
||||
#define EXFLAG_PROXY 0x400
|
||||
|
||||
#define EXFLAG_INVALID_POLICY 0x400
|
||||
#define EXFLAG_INVALID_POLICY 0x800
|
||||
#define EXFLAG_FRESHEST 0x1000
|
||||
|
||||
#define KU_DIGITAL_SIGNATURE 0x0080
|
||||
#define KU_NON_REPUDIATION 0x0040
|
||||
|
@ -422,9 +474,10 @@ typedef struct x509_purpose_st {
|
|||
#define X509_PURPOSE_CRL_SIGN 6
|
||||
#define X509_PURPOSE_ANY 7
|
||||
#define X509_PURPOSE_OCSP_HELPER 8
|
||||
#define X509_PURPOSE_TIMESTAMP_SIGN 9
|
||||
|
||||
#define X509_PURPOSE_MIN 1
|
||||
#define X509_PURPOSE_MAX 8
|
||||
#define X509_PURPOSE_MAX 9
|
||||
|
||||
/* Flags for X509V3_EXT_print() */
|
||||
|
||||
|
@ -469,6 +522,9 @@ DECLARE_ASN1_FUNCTIONS(AUTHORITY_KEYID)
|
|||
DECLARE_ASN1_FUNCTIONS(PKEY_USAGE_PERIOD)
|
||||
|
||||
DECLARE_ASN1_FUNCTIONS(GENERAL_NAME)
|
||||
GENERAL_NAME *GENERAL_NAME_dup(GENERAL_NAME *a);
|
||||
int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b);
|
||||
|
||||
|
||||
|
||||
ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
|
||||
|
@ -484,11 +540,18 @@ DECLARE_ASN1_FUNCTIONS(GENERAL_NAMES)
|
|||
|
||||
STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
|
||||
GENERAL_NAMES *gen, STACK_OF(CONF_VALUE) *extlist);
|
||||
GENERAL_NAMES *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method,
|
||||
X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
|
||||
GENERAL_NAMES *v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method,
|
||||
X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
|
||||
|
||||
DECLARE_ASN1_FUNCTIONS(OTHERNAME)
|
||||
DECLARE_ASN1_FUNCTIONS(EDIPARTYNAME)
|
||||
int OTHERNAME_cmp(OTHERNAME *a, OTHERNAME *b);
|
||||
void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type, void *value);
|
||||
void *GENERAL_NAME_get0_value(GENERAL_NAME *a, int *ptype);
|
||||
int GENERAL_NAME_set0_othername(GENERAL_NAME *gen,
|
||||
ASN1_OBJECT *oid, ASN1_TYPE *value);
|
||||
int GENERAL_NAME_get0_otherName(GENERAL_NAME *gen,
|
||||
ASN1_OBJECT **poid, ASN1_TYPE **pvalue);
|
||||
|
||||
char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5);
|
||||
ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str);
|
||||
|
@ -505,6 +568,11 @@ DECLARE_ASN1_FUNCTIONS(NOTICEREF)
|
|||
DECLARE_ASN1_FUNCTIONS(CRL_DIST_POINTS)
|
||||
DECLARE_ASN1_FUNCTIONS(DIST_POINT)
|
||||
DECLARE_ASN1_FUNCTIONS(DIST_POINT_NAME)
|
||||
DECLARE_ASN1_FUNCTIONS(ISSUING_DIST_POINT)
|
||||
|
||||
int DIST_POINT_set_dpname(DIST_POINT_NAME *dpn, X509_NAME *iname);
|
||||
|
||||
int NAME_CONSTRAINTS_check(X509 *x, NAME_CONSTRAINTS *nc);
|
||||
|
||||
DECLARE_ASN1_FUNCTIONS(ACCESS_DESCRIPTION)
|
||||
DECLARE_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS)
|
||||
|
@ -522,11 +590,16 @@ DECLARE_ASN1_ALLOC_FUNCTIONS(NAME_CONSTRAINTS)
|
|||
DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_CONSTRAINTS)
|
||||
DECLARE_ASN1_ITEM(POLICY_CONSTRAINTS)
|
||||
|
||||
GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out,
|
||||
const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
|
||||
int gen_type, char *value, int is_nc);
|
||||
|
||||
#ifdef HEADER_CONF_H
|
||||
GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
|
||||
CONF_VALUE *cnf);
|
||||
GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out, X509V3_EXT_METHOD *method,
|
||||
X509V3_CTX *ctx, CONF_VALUE *cnf, int is_nc);
|
||||
GENERAL_NAME *v2i_GENERAL_NAME(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
|
||||
CONF_VALUE *cnf);
|
||||
GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
|
||||
const X509V3_EXT_METHOD *method,
|
||||
X509V3_CTX *ctx, CONF_VALUE *cnf, int is_nc);
|
||||
void X509V3_conf_free(CONF_VALUE *val);
|
||||
|
||||
X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid, char *value);
|
||||
|
@ -536,18 +609,23 @@ int X509V3_EXT_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, X509 *cert)
|
|||
int X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, X509_REQ *req);
|
||||
int X509V3_EXT_CRL_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, X509_CRL *crl);
|
||||
|
||||
X509_EXTENSION *X509V3_EXT_conf_nid(LHASH *conf, X509V3_CTX *ctx, int ext_nid, char *value);
|
||||
X509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name, char *value);
|
||||
int X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509 *cert);
|
||||
int X509V3_EXT_REQ_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509_REQ *req);
|
||||
int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509_CRL *crl);
|
||||
X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
|
||||
int ext_nid, char *value);
|
||||
X509_EXTENSION *X509V3_EXT_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
|
||||
char *name, char *value);
|
||||
int X509V3_EXT_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
|
||||
char *section, X509 *cert);
|
||||
int X509V3_EXT_REQ_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
|
||||
char *section, X509_REQ *req);
|
||||
int X509V3_EXT_CRL_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
|
||||
char *section, X509_CRL *crl);
|
||||
|
||||
int X509V3_add_value_bool_nf(char *name, int asn1_bool,
|
||||
STACK_OF(CONF_VALUE) **extlist);
|
||||
STACK_OF(CONF_VALUE) **extlist);
|
||||
int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool);
|
||||
int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint);
|
||||
void X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf);
|
||||
void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH *lhash);
|
||||
void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH_OF(CONF_VALUE) *lhash);
|
||||
#endif
|
||||
|
||||
char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section);
|
||||
|
@ -574,8 +652,8 @@ int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist);
|
|||
int X509V3_EXT_add_alias(int nid_to, int nid_from);
|
||||
void X509V3_EXT_cleanup(void);
|
||||
|
||||
X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext);
|
||||
X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid);
|
||||
const X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext);
|
||||
const X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid);
|
||||
int X509V3_add_standard_extensions(void);
|
||||
STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line);
|
||||
void *X509V3_EXT_d2i(X509_EXTENSION *ext);
|
||||
|
@ -585,8 +663,8 @@ void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx);
|
|||
X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc);
|
||||
int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value, int crit, unsigned long flags);
|
||||
|
||||
char *hex_to_string(unsigned char *buffer, long len);
|
||||
unsigned char *string_to_hex(char *str, long *len);
|
||||
char *hex_to_string(const unsigned char *buffer, long len);
|
||||
unsigned char *string_to_hex(const char *str, long *len);
|
||||
int name_cmp(const char *name, const char *cmp);
|
||||
|
||||
void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent,
|
||||
|
@ -601,6 +679,7 @@ int X509_check_purpose(X509 *x, int id, int ca);
|
|||
int X509_supported_extension(X509_EXTENSION *ex);
|
||||
int X509_PURPOSE_set(int *p, int purpose);
|
||||
int X509_check_issued(X509 *issuer, X509 *subject);
|
||||
int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid);
|
||||
int X509_PURPOSE_get_count(void);
|
||||
X509_PURPOSE * X509_PURPOSE_get0(int idx);
|
||||
int X509_PURPOSE_get_by_sname(char *sname);
|
||||
|
@ -614,10 +693,10 @@ int X509_PURPOSE_get_trust(X509_PURPOSE *xp);
|
|||
void X509_PURPOSE_cleanup(void);
|
||||
int X509_PURPOSE_get_id(X509_PURPOSE *);
|
||||
|
||||
STACK *X509_get1_email(X509 *x);
|
||||
STACK *X509_REQ_get1_email(X509_REQ *x);
|
||||
void X509_email_free(STACK *sk);
|
||||
STACK *X509_get1_ocsp(X509 *x);
|
||||
STACK_OF(OPENSSL_STRING) *X509_get1_email(X509 *x);
|
||||
STACK_OF(OPENSSL_STRING) *X509_REQ_get1_email(X509_REQ *x);
|
||||
void X509_email_free(STACK_OF(OPENSSL_STRING) *sk);
|
||||
STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(X509 *x);
|
||||
|
||||
ASN1_OCTET_STRING *a2i_IPADDRESS(const char *ipasc);
|
||||
ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc);
|
||||
|
@ -626,6 +705,7 @@ int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE)*dn_sk,
|
|||
unsigned long chtype);
|
||||
|
||||
void X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node, int indent);
|
||||
DECLARE_STACK_OF(X509_POLICY_NODE)
|
||||
|
||||
#ifndef OPENSSL_NO_RFC3779
|
||||
|
||||
|
@ -785,8 +865,9 @@ void ERR_load_X509V3_strings(void);
|
|||
/* Error codes for the X509V3 functions. */
|
||||
|
||||
/* Function codes. */
|
||||
#define X509V3_F_ASIDENTIFIERCHOICE_CANONIZE 156
|
||||
#define X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL 157
|
||||
#define X509V3_F_A2I_GENERAL_NAME 164
|
||||
#define X509V3_F_ASIDENTIFIERCHOICE_CANONIZE 161
|
||||
#define X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL 162
|
||||
#define X509V3_F_COPY_EMAIL 122
|
||||
#define X509V3_F_COPY_ISSUER 123
|
||||
#define X509V3_F_DO_DIRNAME 144
|
||||
|
@ -794,6 +875,7 @@ void ERR_load_X509V3_strings(void);
|
|||
#define X509V3_F_DO_EXT_I2D 135
|
||||
#define X509V3_F_DO_EXT_NCONF 151
|
||||
#define X509V3_F_DO_I2V_NAME_CONSTRAINTS 148
|
||||
#define X509V3_F_GNAMES_FROM_SECTNAME 156
|
||||
#define X509V3_F_HEX_TO_STRING 111
|
||||
#define X509V3_F_I2S_ASN1_ENUMERATED 121
|
||||
#define X509V3_F_I2S_ASN1_IA5STRING 149
|
||||
|
@ -810,13 +892,14 @@ void ERR_load_X509V3_strings(void);
|
|||
#define X509V3_F_S2I_ASN1_OCTET_STRING 112
|
||||
#define X509V3_F_S2I_ASN1_SKEY_ID 114
|
||||
#define X509V3_F_S2I_SKEY_ID 115
|
||||
#define X509V3_F_SET_DIST_POINT_NAME 158
|
||||
#define X509V3_F_STRING_TO_HEX 113
|
||||
#define X509V3_F_SXNET_ADD_ID_ASC 125
|
||||
#define X509V3_F_SXNET_ADD_ID_INTEGER 126
|
||||
#define X509V3_F_SXNET_ADD_ID_ULONG 127
|
||||
#define X509V3_F_SXNET_GET_ID_ASC 128
|
||||
#define X509V3_F_SXNET_GET_ID_ULONG 129
|
||||
#define X509V3_F_V2I_ASIDENTIFIERS 158
|
||||
#define X509V3_F_V2I_ASIDENTIFIERS 163
|
||||
#define X509V3_F_V2I_ASN1_BIT_STRING 101
|
||||
#define X509V3_F_V2I_AUTHORITY_INFO_ACCESS 139
|
||||
#define X509V3_F_V2I_AUTHORITY_KEYID 119
|
||||
|
@ -825,6 +908,7 @@ void ERR_load_X509V3_strings(void);
|
|||
#define X509V3_F_V2I_EXTENDED_KEY_USAGE 103
|
||||
#define X509V3_F_V2I_GENERAL_NAMES 118
|
||||
#define X509V3_F_V2I_GENERAL_NAME_EX 117
|
||||
#define X509V3_F_V2I_IDP 157
|
||||
#define X509V3_F_V2I_IPADDRBLOCKS 159
|
||||
#define X509V3_F_V2I_ISSUER_ALT 153
|
||||
#define X509V3_F_V2I_NAME_CONSTRAINTS 147
|
||||
|
@ -853,6 +937,7 @@ void ERR_load_X509V3_strings(void);
|
|||
#define X509V3_R_BN_DEC2BN_ERROR 100
|
||||
#define X509V3_R_BN_TO_ASN1_INTEGER_ERROR 101
|
||||
#define X509V3_R_DIRNAME_ERROR 149
|
||||
#define X509V3_R_DISTPOINT_ALREADY_SET 160
|
||||
#define X509V3_R_DUPLICATE_ZONE_ID 133
|
||||
#define X509V3_R_ERROR_CONVERTING_ZONE 131
|
||||
#define X509V3_R_ERROR_CREATING_EXTENSION 144
|
||||
|
@ -866,12 +951,13 @@ void ERR_load_X509V3_strings(void);
|
|||
#define X509V3_R_ILLEGAL_EMPTY_EXTENSION 151
|
||||
#define X509V3_R_ILLEGAL_HEX_DIGIT 113
|
||||
#define X509V3_R_INCORRECT_POLICY_SYNTAX_TAG 152
|
||||
#define X509V3_R_INVALID_ASNUMBER 160
|
||||
#define X509V3_R_INVALID_ASRANGE 161
|
||||
#define X509V3_R_INVALID_MULTIPLE_RDNS 161
|
||||
#define X509V3_R_INVALID_ASNUMBER 162
|
||||
#define X509V3_R_INVALID_ASRANGE 163
|
||||
#define X509V3_R_INVALID_BOOLEAN_STRING 104
|
||||
#define X509V3_R_INVALID_EXTENSION_STRING 105
|
||||
#define X509V3_R_INVALID_INHERITANCE 162
|
||||
#define X509V3_R_INVALID_IPADDRESS 163
|
||||
#define X509V3_R_INVALID_INHERITANCE 165
|
||||
#define X509V3_R_INVALID_IPADDRESS 166
|
||||
#define X509V3_R_INVALID_NAME 106
|
||||
#define X509V3_R_INVALID_NULL_ARGUMENT 107
|
||||
#define X509V3_R_INVALID_NULL_NAME 108
|
||||
|
@ -899,9 +985,9 @@ void ERR_load_X509V3_strings(void);
|
|||
#define X509V3_R_ODD_NUMBER_OF_DIGITS 112
|
||||
#define X509V3_R_OPERATION_NOT_DEFINED 148
|
||||
#define X509V3_R_OTHERNAME_ERROR 147
|
||||
#define X509V3_R_POLICY_LANGUAGE_ALREADTY_DEFINED 155
|
||||
#define X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED 155
|
||||
#define X509V3_R_POLICY_PATH_LENGTH 156
|
||||
#define X509V3_R_POLICY_PATH_LENGTH_ALREADTY_DEFINED 157
|
||||
#define X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED 157
|
||||
#define X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED 158
|
||||
#define X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY 159
|
||||
#define X509V3_R_SECTION_NOT_FOUND 150
|
||||
|
@ -912,6 +998,7 @@ void ERR_load_X509V3_strings(void);
|
|||
#define X509V3_R_UNKNOWN_EXTENSION_NAME 130
|
||||
#define X509V3_R_UNKNOWN_OPTION 120
|
||||
#define X509V3_R_UNSUPPORTED_OPTION 117
|
||||
#define X509V3_R_UNSUPPORTED_TYPE 167
|
||||
#define X509V3_R_USER_TOO_LONG 132
|
||||
|
||||
#ifdef __cplusplus
|
||||
|
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -74,7 +74,7 @@ static int _tdav_session_av_raise_error_async(struct tdav_session_av_s* self, ts
|
|||
static int _tdav_session_av_srtp_dtls_cb(const void* usrdata, enum trtp_srtp_dtls_event_type_e type, const char* reason);
|
||||
#endif /* HAVE_SRTP */
|
||||
static int _tdav_session_av_red_cb(const void* usrdata, const struct trtp_rtp_packet_s* packet);
|
||||
static int _tdav_session_av_dtls_set_remote_setup(struct tdav_session_av_s* self, tnet_dtls_setup_t setup, tsk_bool_t connection_new);
|
||||
static int _tdav_session_av_dtls_set_remote_setup(struct tdav_session_av_s* self, tnet_dtls_setup_t setup, tsk_bool_t connection_new, tsk_bool_t is_ro_null);
|
||||
|
||||
#define SDP_CAPS_COUNT_MAX 0x1F
|
||||
#define SDP_DECLARE_TAG int32_t tag // [1 - *]
|
||||
|
@ -833,7 +833,7 @@ const tsdp_header_M_t* tdav_session_av_get_lo(tdav_session_av_t* self, tsk_bool_
|
|||
//if(self->dtls.local.setup == tnet_dtls_setup_none || self->dtls.local.setup == tnet_dtls_setup_actpass){
|
||||
self->dtls.remote.setup = (!base->M.ro) ? tnet_dtls_setup_active : tnet_dtls_setup_passive;
|
||||
//}
|
||||
_tdav_session_av_dtls_set_remote_setup(self, self->dtls.remote.setup, self->dtls.remote.connection_new);
|
||||
_tdav_session_av_dtls_set_remote_setup(self, self->dtls.remote.setup, self->dtls.remote.connection_new, (!base->M.ro));
|
||||
if(self->rtp_manager){
|
||||
trtp_manager_set_dtls_local_setup(self->rtp_manager, self->dtls.local.setup, self->dtls.local.connection_new);
|
||||
}
|
||||
|
@ -1520,7 +1520,8 @@ int tdav_session_av_set_ro(tdav_session_av_t* self, const struct tsdp_header_M_s
|
|||
// update local setup according to remote setup
|
||||
ret = _tdav_session_av_dtls_set_remote_setup(self,
|
||||
tnet_dtls_get_setup_from_string(setup),
|
||||
!tsk_striequals(connection, "existing")
|
||||
!tsk_striequals(connection, "existing"),
|
||||
(!base->M.ro)
|
||||
);
|
||||
if(ret == 0){
|
||||
// pass new local values to the RTP manager
|
||||
|
@ -1688,7 +1689,7 @@ static int _tdav_session_av_red_cb(const void* usrdata, const struct trtp_rtp_pa
|
|||
return 0;
|
||||
}
|
||||
|
||||
int _tdav_session_av_dtls_set_remote_setup(struct tdav_session_av_s* self, tnet_dtls_setup_t setup, tsk_bool_t connection_new)
|
||||
int _tdav_session_av_dtls_set_remote_setup(struct tdav_session_av_s* self, tnet_dtls_setup_t setup, tsk_bool_t connection_new, tsk_bool_t is_ro_null)
|
||||
{
|
||||
if(self){
|
||||
TSK_DEBUG_INFO("dtls.remote.setup=%s", TNET_DTLS_SETUP_NAMES[(int)setup]);
|
||||
|
@ -1701,11 +1702,11 @@ int _tdav_session_av_dtls_set_remote_setup(struct tdav_session_av_s* self, tnet_
|
|||
self->dtls.local.connection_new = tsk_true; // RTP transport always unprepared for reINVITE/UPDATE -> new connection
|
||||
break;
|
||||
case tnet_dtls_setup_active:
|
||||
self->dtls.local.setup = tnet_dtls_setup_passive;
|
||||
self->dtls.local.setup = is_ro_null ? tnet_dtls_setup_actpass : tnet_dtls_setup_passive;
|
||||
self->dtls.local.connection_new = tsk_true;
|
||||
break;
|
||||
case tnet_dtls_setup_passive:
|
||||
self->dtls.local.setup = tnet_dtls_setup_active;
|
||||
self->dtls.local.setup = is_ro_null ? tnet_dtls_setup_actpass : tnet_dtls_setup_active;
|
||||
self->dtls.local.connection_new = tsk_true;
|
||||
break;
|
||||
case tnet_dtls_setup_actpass:
|
||||
|
|
|
@ -434,8 +434,6 @@ tsk_bool_t tnet_dtls_socket_is_remote_cert_fp_match(tnet_dtls_socket_handle_t* h
|
|||
#endif
|
||||
}
|
||||
|
||||
|
||||
|
||||
int tnet_dtls_socket_do_handshake(tnet_dtls_socket_handle_t* handle, const struct sockaddr_storage* remote_addr)
|
||||
{
|
||||
#if !HAVE_OPENSSL || !HAVE_OPENSSL_DTLS
|
||||
|
@ -475,6 +473,22 @@ int tnet_dtls_socket_do_handshake(tnet_dtls_socket_handle_t* handle, const struc
|
|||
}
|
||||
}
|
||||
|
||||
#if 0
|
||||
len = BIO_ctrl_pending(socket->wbio);
|
||||
if (len > 0) {
|
||||
tnet_port_t port;
|
||||
tnet_ip_t ip;
|
||||
out_data = malloc(len);
|
||||
len = BIO_read(socket->wbio, out_data, len);
|
||||
|
||||
tnet_get_sockip_n_port((const struct sockaddr *)&socket->remote.addr, &ip, &port);
|
||||
TSK_DEBUG_INFO("DTLS data handshake to send with len = %d, ip = %.*s and port = %d", len, sizeof(ip), ip, port);
|
||||
len = tnet_sockfd_sendto(socket->fd, (const struct sockaddr *)&socket->remote.addr, out_data, len);
|
||||
TSK_DEBUG_INFO("DTLS data handshake sent len = %d", len);
|
||||
free(out_data);
|
||||
}
|
||||
#else
|
||||
|
||||
if((len = BIO_get_mem_data(socket->wbio, &out_data)) && out_data){
|
||||
tnet_port_t port;
|
||||
tnet_ip_t ip;
|
||||
|
@ -482,7 +496,9 @@ int tnet_dtls_socket_do_handshake(tnet_dtls_socket_handle_t* handle, const struc
|
|||
TSK_DEBUG_INFO("DTLS data handshake to send with len = %d, ip = %.*s and port = %d", len, sizeof(ip), ip, port);
|
||||
len = tnet_sockfd_sendto(socket->fd, (const struct sockaddr *)&socket->remote.addr, out_data, len);
|
||||
TSK_DEBUG_INFO("DTLS data handshake sent len = %d", len);
|
||||
|
||||
}
|
||||
#endif
|
||||
|
||||
BIO_reset(socket->rbio);
|
||||
BIO_reset(socket->wbio);
|
||||
|
@ -562,6 +578,9 @@ int tnet_dtls_socket_handle_incoming_data(tnet_dtls_socket_handle_t* handle, con
|
|||
|
||||
TSK_DEBUG_INFO("Receive DTLS data: %u", size);
|
||||
|
||||
// BIO_reset(socket->rbio);
|
||||
// BIO_reset(socket->wbio);
|
||||
|
||||
ret = _tnet_dtls_socket_do_handshake(socket);
|
||||
|
||||
if((ret = BIO_write(socket->rbio, data, size)) != size){
|
||||
|
@ -569,7 +588,7 @@ int tnet_dtls_socket_handle_incoming_data(tnet_dtls_socket_handle_t* handle, con
|
|||
TSK_DEBUG_ERROR("BIO_write(rbio, %u) failed [%s]", size, ERR_error_string(ERR_get_error(), tsk_null));
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
||||
/*if((ret = SSL_read(socket->ssl, (void*)data, size)) <= 0){
|
||||
switch((ret = SSL_get_error(socket->ssl, ret))){
|
||||
case SSL_ERROR_WANT_READ:
|
||||
|
|
|
@ -44,7 +44,7 @@
|
|||
#include <string.h> /* memcpy, ...(<#void * #>, <#const void * #>, <#tsk_size_t #>) */
|
||||
|
||||
#ifndef TNET_CIPHER_LIST
|
||||
# define TNET_CIPHER_LIST "ALL"
|
||||
# define TNET_CIPHER_LIST "DEFAULT:!LOW:!EXP:!MD5"
|
||||
#endif
|
||||
|
||||
extern int tnet_transport_prepare(tnet_transport_t *transport);
|
||||
|
@ -99,6 +99,8 @@ static int _tnet_transport_ssl_init(tnet_transport_t* transport)
|
|||
TSK_OBJECT_SAFE_FREE(transport);
|
||||
return -5;
|
||||
}
|
||||
SSL_CTX_set_read_ahead(transport->dtls.ctx, 1);
|
||||
SSL_CTX_set_options(transport->dtls.ctx, SSL_OP_ALL);
|
||||
SSL_CTX_set_mode(transport->dtls.ctx, SSL_MODE_AUTO_RETRY);
|
||||
SSL_CTX_set_verify(transport->dtls.ctx, SSL_VERIFY_NONE, tsk_null); // to be updated by tnet_transport_tls_set_certs()
|
||||
if(SSL_CTX_set_cipher_list(transport->dtls.ctx, TNET_CIPHER_LIST) <= 0){
|
||||
|
|
|
@ -64,7 +64,7 @@
|
|||
# define TRTP_DTLS_HANDSHAKING_TIMEOUT 1000
|
||||
#endif
|
||||
#if !defined(TRTP_DTLS_HANDSHAKING_TIMEOUT_MAX)
|
||||
# define TRTP_DTLS_HANDSHAKING_TIMEOUT_MAX (TRTP_DTLS_HANDSHAKING_TIMEOUT << 4)
|
||||
# define TRTP_DTLS_HANDSHAKING_TIMEOUT_MAX (TRTP_DTLS_HANDSHAKING_TIMEOUT << 20)
|
||||
#endif
|
||||
|
||||
static const tmedia_srtp_type_t __srtp_types[] = { tmedia_srtp_type_sdes, tmedia_srtp_type_dtls };
|
||||
|
@ -258,7 +258,7 @@ static int _trtp_transport_dtls_handshaking_timer_cb(const void* arg, tsk_timer_
|
|||
TSK_DEBUG_INFO("_trtp_transport_dtls_handshaking_timer_cb(timeout=%llu)", manager->dtls.timer_hanshaking.timeout);
|
||||
tnet_transport_dtls_do_handshake(manager->transport, sockets, 2, remote_addrs, 2);
|
||||
// increase timeout
|
||||
manager->dtls.timer_hanshaking.timeout <<= 1;
|
||||
manager->dtls.timer_hanshaking.timeout += (TRTP_DTLS_HANDSHAKING_TIMEOUT >> 1);
|
||||
if(manager->dtls.timer_hanshaking.timeout < TRTP_DTLS_HANDSHAKING_TIMEOUT_MAX){
|
||||
manager->dtls.timer_hanshaking.id = tsk_timer_manager_schedule(manager->timer_mgr_global, manager->dtls.timer_hanshaking.timeout, _trtp_transport_dtls_handshaking_timer_cb, manager);
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue