passepartoutvpn
/
openssl-apple
mirror of https://github.com/passepartoutvpn/openssl-apple.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

OpenSSL 1.0.0a with iOS4 as base SDK

This commit is contained in:
Felix Schulze 2010-06-30 20:54:53 +02:00
parent fe3a22bb7f
commit 70300c7341
87 changed files with 6066 additions and 3407 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Classes/OpenSSL_1AppDelegate.h → Classes/OpenSSL_for_iPhoneAppDelegate.h
View File

@ -1,6 +1,6 @@
//
// OpenSSL_1AppDelegate.h
// OpenSSL-1
// OpenSSL_for_iPhoneAppDelegate.h
// OpenSSL-for-iPhone
//
// Created by Felix Schulze on 01.02.2010.
// Copyright Felix Schulze 2010. All rights reserved.
@ -8,7 +8,7 @@
#import <UIKit/UIKit.h>
@interface OpenSSL_1AppDelegate : NSObject <UIApplicationDelegate> {
@interface OpenSSL_for_iPhoneAppDelegate : NSObject <UIApplicationDelegate> {
UIWindow *window;
}

70
Classes/OpenSSL_1AppDelegate.m → Classes/OpenSSL_for_iPhoneAppDelegate.m
View File

@ -1,22 +1,25 @@
//
// OpenSSL_1AppDelegate.m
// OpenSSL-1
// OpenSSL_for_iPhoneAppDelegate.m
// OpenSSL-for-iPhone
//
// Created by Felix Schulze on 01.02.2010.
// Created by Felix Schulze on 30.06.2010.
// Copyright Felix Schulze 2010. All rights reserved.
//
#import "OpenSSL_1AppDelegate.h"
#import "OpenSSL_for_iPhoneAppDelegate.h"
#include <Openssl/md5.h>
@implementation OpenSSL_1AppDelegate
@implementation OpenSSL_for_iPhoneAppDelegate
@synthesize window;
UITextField *textView;
UILabel *label;
- (void)applicationDidFinishLaunching:(UIApplication *)application {
#pragma mark -
#pragma mark Application lifecycle
- (BOOL)application:(UIApplication *)application didFinishLaunchingWithOptions:(NSDictionary *)launchOptions {
UINavigationBar *navBar = [[UINavigationBar alloc] initWithFrame:
CGRectMake( 0.0f, 20.0f, window.frame.size.width, 48.0f)];
@ -59,6 +62,8 @@ UILabel *label;
[textView release];
[label release];
[button release];
return YES;
}
- (void)action:(id)sender
@ -79,17 +84,62 @@ UILabel *label;
[label setText:outStrg];
}
- (void) infoView
{
UIAlertView *alert = [[UIAlertView alloc] initWithTitle:@"OpenSSL-Test" message:@"Copyright 2010 by Felix Schulze\n http://www.x2on.de" delegate:nil cancelButtonTitle:@"Close" otherButtonTitles:nil];
[alert show];
[alert release];
}
- (void)applicationWillResignActive:(UIApplication *)application {
/*
Sent when the application is about to move from active to inactive state. This can occur for certain types of temporary interruptions (such as an incoming phone call or SMS message) or when the user quits the application and it begins the transition to the background state.
Use this method to pause ongoing tasks, disable timers, and throttle down OpenGL ES frame rates. Games should use this method to pause the game.
*/
}
- (void)applicationDidEnterBackground:(UIApplication *)application {
/*
Use this method to release shared resources, save user data, invalidate timers, and store enough application state information to restore your application to its current state in case it is terminated later.
If your application supports background execution, called instead of applicationWillTerminate: when the user quits.
*/
}
- (void)applicationWillEnterForeground:(UIApplication *)application {
/*
Called as part of transition from the background to the inactive state: here you can undo many of the changes made on entering the background.
*/
}
- (void)applicationDidBecomeActive:(UIApplication *)application {
/*
Restart any tasks that were paused (or not yet started) while the application was inactive. If the application was previously in the background, optionally refresh the user interface.
*/
}
- (void)applicationWillTerminate:(UIApplication *)application {
/*
Called when the application is about to terminate.
See also applicationDidEnterBackground:.
*/
}
#pragma mark -
#pragma mark Memory management
- (void)applicationDidReceiveMemoryWarning:(UIApplication *)application {
/*
Free up as much memory as possible by purging cached data objects that can be recreated (or reloaded from disk) later.
*/
}
- (void)dealloc {
[window release];

35
MainWindow.xib
View File

@ -1,14 +1,14 @@
<?xml version="1.0" encoding="UTF-8"?>
<archive type="com.apple.InterfaceBuilder3.CocoaTouch.XIB" version="7.10">
<data>
<int key="IBDocument.SystemTarget">784</int>
<string key="IBDocument.SystemVersion">10A394</string>
<string key="IBDocument.InterfaceBuilderVersion">732</string>
<string key="IBDocument.AppKitVersion">1027.1</string>
<string key="IBDocument.HIToolboxVersion">430.00</string>
<int key="IBDocument.SystemTarget">800</int>
<string key="IBDocument.SystemVersion">10D540</string>
<string key="IBDocument.InterfaceBuilderVersion">760</string>
<string key="IBDocument.AppKitVersion">1038.29</string>
<string key="IBDocument.HIToolboxVersion">460.00</string>
<object class="NSMutableDictionary" key="IBDocument.PluginVersions">
<string key="NS.key.0">com.apple.InterfaceBuilder.IBCocoaTouchPlugin</string>
<string key="NS.object.0">60</string>
<string key="NS.object.0">81</string>
</object>
<object class="NSMutableArray" key="IBDocument.EditedObjectIDs">
<bool key="EncodedWithXMLCoder">YES</bool>
@ -31,11 +31,15 @@
<bool key="EncodedWithXMLCoder">YES</bool>
<object class="IBProxyObject" id="841351856">
<string key="IBProxiedObjectIdentifier">IBFilesOwner</string>
<string key="targetRuntimeIdentifier">IBCocoaTouchFramework</string>
</object>
<object class="IBProxyObject" id="427554174">
<string key="IBProxiedObjectIdentifier">IBFirstResponder</string>
<string key="targetRuntimeIdentifier">IBCocoaTouchFramework</string>
</object>
<object class="IBUICustomObject" id="664661524">
<string key="targetRuntimeIdentifier">IBCocoaTouchFramework</string>
</object>
<object class="IBUICustomObject" id="664661524"/>
<object class="IBUIWindow" id="380026005">
<reference key="NSNextResponder"/>
<int key="NSvFlags">1316</int>
@ -49,6 +53,8 @@
<bool key="IBUIOpaque">NO</bool>
<bool key="IBUIClearsContextBeforeDrawing">NO</bool>
<object class="IBUISimulatedStatusBarMetrics" key="IBUISimulatedStatusBarMetrics"/>
<string key="targetRuntimeIdentifier">IBCocoaTouchFramework</string>
<bool key="IBUIResizesToFullScreen">YES</bool>
</object>
</object>
<object class="IBObjectContainer" key="IBDocument.Objects">
@ -129,9 +135,9 @@
<bool key="EncodedWithXMLCoder">YES</bool>
</object>
</object>
<string>{{438, 320}, {320, 480}}</string>
<string>{{198, 376}, {320, 480}}</string>
<string>com.apple.InterfaceBuilder.IBCocoaTouchPlugin</string>
<string>OpenSSL_1AppDelegate</string>
<string>OpenSSL_for_iPhoneAppDelegate</string>
<string>com.apple.InterfaceBuilder.IBCocoaTouchPlugin</string>
</object>
</object>
@ -157,7 +163,7 @@
<object class="NSMutableArray" key="referencedPartialClassDescriptions">
<bool key="EncodedWithXMLCoder">YES</bool>
<object class="IBPartialClassDescription">
<string key="className">OpenSSL_1AppDelegate</string>
<string key="className">OpenSSL_for_iPhoneAppDelegate</string>
<string key="superclassName">NSObject</string>
<object class="NSMutableDictionary" key="outlets">
<string key="NS.key.0">window</string>
@ -165,11 +171,11 @@
</object>
<object class="IBClassDescriptionSource" key="sourceIdentifier">
<string key="majorKey">IBProjectSource</string>
<string key="minorKey">Classes/OpenSSL_1AppDelegate.h</string>
<string key="minorKey">Classes/OpenSSL_for_iPhoneAppDelegate.h</string>
</object>
</object>
<object class="IBPartialClassDescription">
<string key="className">OpenSSL_1AppDelegate</string>
<string key="className">OpenSSL_for_iPhoneAppDelegate</string>
<string key="superclassName">NSObject</string>
<object class="IBClassDescriptionSource" key="sourceIdentifier">
<string key="majorKey">IBUserSource</string>
@ -179,13 +185,14 @@
</object>
</object>
<int key="IBDocument.localizationMode">0</int>
<string key="IBDocument.TargetRuntimeIdentifier">IBCocoaTouchFramework</string>
<object class="NSMutableDictionary" key="IBDocument.PluginDeclaredDevelopmentDependencies">
<string key="NS.key.0">com.apple.InterfaceBuilder.CocoaTouchPlugin.InterfaceBuilder3</string>
<integer value="3100" key="NS.object.0"/>
</object>
<bool key="IBDocument.PluginDeclaredDependenciesTrackSystemTargetVersion">YES</bool>
<string key="IBDocument.LastKnownRelativeProjectPath">OpenSSL-1.xcodeproj</string>
<string key="IBDocument.LastKnownRelativeProjectPath">OpenSSL-for-iPhone.xcodeproj</string>
<int key="IBDocument.defaultPropertyAccessControl">3</int>
<string key="IBCocoaTouchPluginVersion">3.1</string>
<string key="IBCocoaTouchPluginVersion">81</string>
</data>
</archive>

232
OpenSSL-1.xcodeproj/x2on.pbxuser
View File

@ -1,232 +0,0 @@
// !$*UTF8*$!
{
1D3623240D0F684500981E51 /* OpenSSL_1AppDelegate.h */ = {
uiCtxt = {
sepNavIntBoundsRect = "{{0, 0}, {1608, 860}}";
sepNavSelRange = "{145, 0}";
sepNavVisRange = "{0, 333}";
sepNavWindowFrame = "{{58, 368}, {988, 805}}";
};
};
1D3623250D0F684500981E51 /* OpenSSL_1AppDelegate.m */ = {
uiCtxt = {
sepNavIntBoundsRect = "{{0, 0}, {1433, 1313}}";
sepNavSelRange = "{208, 0}";
sepNavVisRange = "{1925, 931}";
};
};
1D6058900D05DD3D006BFB54 /* OpenSSL-1 */ = {
activeExec = 0;
executables = (
2A347539111721A9007C3F01 /* OpenSSL-1 */,
);
};
29B97313FDCFA39411CA2CEA /* Project object */ = {
activeBuildConfigurationName = Debug;
activeExecutable = 2A347539111721A9007C3F01 /* OpenSSL-1 */;
activeSDKPreference = iphonesimulator3.1.3;
activeTarget = 1D6058900D05DD3D006BFB54 /* OpenSSL-1 */;
addToTargets = (
1D6058900D05DD3D006BFB54 /* OpenSSL-1 */,
);
codeSenseManager = 2A347549111721AA007C3F01 /* Code sense */;
executables = (
2A347539111721A9007C3F01 /* OpenSSL-1 */,
);
perUserDictionary = {
PBXConfiguration.PBXFileTableDataSource3.PBXFileTableDataSource = {
PBXFileTableDataSourceColumnSortingDirectionKey = "-1";
PBXFileTableDataSourceColumnSortingKey = PBXFileDataSource_Filename_ColumnID;
PBXFileTableDataSourceColumnWidthsKey = (
20,
833,
20,
48,
43,
43,
20,
);
PBXFileTableDataSourceColumnsKey = (
PBXFileDataSource_FiletypeID,
PBXFileDataSource_Filename_ColumnID,
PBXFileDataSource_Built_ColumnID,
PBXFileDataSource_ObjectSize_ColumnID,
PBXFileDataSource_Errors_ColumnID,
PBXFileDataSource_Warnings_ColumnID,
PBXFileDataSource_Target_ColumnID,
);
};
PBXConfiguration.PBXTargetDataSource.PBXTargetDataSource = {
PBXFileTableDataSourceColumnSortingDirectionKey = "-1";
PBXFileTableDataSourceColumnSortingKey = PBXFileDataSource_Filename_ColumnID;
PBXFileTableDataSourceColumnWidthsKey = (
20,
1390,
60,
20,
48,
43,
43,
);
PBXFileTableDataSourceColumnsKey = (
PBXFileDataSource_FiletypeID,
PBXFileDataSource_Filename_ColumnID,
PBXTargetDataSource_PrimaryAttribute,
PBXFileDataSource_Built_ColumnID,
PBXFileDataSource_ObjectSize_ColumnID,
PBXFileDataSource_Errors_ColumnID,
PBXFileDataSource_Warnings_ColumnID,
);
};
PBXPerProjectTemplateStateSaveDate = 291641863;
PBXWorkspaceStateSaveDate = 291641863;
};
perUserProjectItems = {
2A0C1BCD11621A4600885C03 /* PBXTextBookmark */ = 2A0C1BCD11621A4600885C03 /* PBXTextBookmark */;
2A0C1BCE11621A4600885C03 /* PBXTextBookmark */ = 2A0C1BCE11621A4600885C03 /* PBXTextBookmark */;
2A0C1BCF11621A4600885C03 /* PBXTextBookmark */ = 2A0C1BCF11621A4600885C03 /* PBXTextBookmark */;
2A0C1BD111621A4600885C03 /* PlistBookmark */ = 2A0C1BD111621A4600885C03 /* PlistBookmark */;
2A191D4E111734250052E5A8 /* PBXTextBookmark */ = 2A191D4E111734250052E5A8 /* PBXTextBookmark */;
2A3475B0111725A3007C3F01 /* PBXTextBookmark */ = 2A3475B0111725A3007C3F01 /* PBXTextBookmark */;
2AD8794D113D9EB000EDB9AF /* PlistBookmark */ = 2AD8794D113D9EB000EDB9AF /* PlistBookmark */;
};
sourceControlManager = 2A347548111721AA007C3F01 /* Source Control */;
userBuildSettings = {
};
};
29B97316FDCFA39411CA2CEA /* main.m */ = {
uiCtxt = {
sepNavIntBoundsRect = "{{0, 0}, {1011, 598}}";
sepNavSelRange = "{158, 0}";
sepNavVisRange = "{0, 363}";
};
};
2A0C1BCD11621A4600885C03 /* PBXTextBookmark */ = {
isa = PBXTextBookmark;
fRef = 1D3623250D0F684500981E51 /* OpenSSL_1AppDelegate.m */;
name = "OpenSSL_1AppDelegate.m: 11";
rLen = 0;
rLoc = 208;
rType = 0;
vrLen = 931;
vrLoc = 1925;
};
2A0C1BCE11621A4600885C03 /* PBXTextBookmark */ = {
isa = PBXTextBookmark;
fRef = 32CA4F630368D1EE00C91783 /* OpenSSL_1_Prefix.pch */;
name = "OpenSSL_1_Prefix.pch: 1";
rLen = 0;
rLoc = 0;
rType = 0;
vrLen = 187;
vrLoc = 0;
};
2A0C1BCF11621A4600885C03 /* PBXTextBookmark */ = {
isa = PBXTextBookmark;
fRef = 29B97316FDCFA39411CA2CEA /* main.m */;
name = "main.m: 10";
rLen = 0;
rLoc = 158;
rType = 0;
vrLen = 363;
vrLoc = 0;
};
2A0C1BD111621A4600885C03 /* PlistBookmark */ = {
isa = PlistBookmark;
fRef = 8D1107310486CEB800E47090 /* OpenSSL_1-Info.plist */;
fallbackIsa = PBXBookmark;
isK = 0;
kPath = (
);
name = "/Users/x2on/Projects/iphone/OpenSSL-for-iPhone/OpenSSL_1-Info.plist";
rLen = 0;
rLoc = 9223372036854775807;
};
2A191D4E111734250052E5A8 /* PBXTextBookmark */ = {
isa = PBXTextBookmark;
fRef = 1D3623240D0F684500981E51 /* OpenSSL_1AppDelegate.h */;
name = "OpenSSL_1AppDelegate.h: 6";
rLen = 0;
rLoc = 145;
rType = 0;
vrLen = 333;
vrLoc = 0;
};
2A347539111721A9007C3F01 /* OpenSSL-1 */ = {
isa = PBXExecutable;
activeArgIndices = (
);
argumentStrings = (
);
autoAttachOnCrash = 1;
breakpointsEnabled = 0;
configStateDict = {
};
customDataFormattersEnabled = 1;
dataTipCustomDataFormattersEnabled = 1;
dataTipShowTypeColumn = 1;
dataTipSortType = 0;
debuggerPlugin = GDBDebugging;
disassemblyDisplayState = 0;
dylibVariantSuffix = "";
enableDebugStr = 1;
environmentEntries = (
);
executableSystemSymbolLevel = 0;
executableUserSymbolLevel = 0;
libgmallocEnabled = 0;
name = "OpenSSL-1";
showTypeColumn = 0;
sourceDirectories = (
);
};
2A347548111721AA007C3F01 /* Source Control */ = {
isa = PBXSourceControlManager;
fallbackIsa = XCSourceControlManager;
isSCMEnabled = 0;
scmConfiguration = {
repositoryNamesForRoots = {
"" = "";
};
};
};
2A347549111721AA007C3F01 /* Code sense */ = {
isa = PBXCodeSenseManager;
indexTemplatePath = "";
};
2A3475B0111725A3007C3F01 /* PBXTextBookmark */ = {
isa = PBXTextBookmark;
fRef = 2A3475B1111725A3007C3F01 /* CGGeometry.h */;
name = "CGGeometry.h: 270";
rLen = 64;
rLoc = 8510;
rType = 0;
vrLen = 950;
vrLoc = 7947;
};
2A3475B1111725A3007C3F01 /* CGGeometry.h */ = {
isa = PBXFileReference;
lastKnownFileType = sourcecode.c.h;
name = CGGeometry.h;
path = /Developer/Platforms/iPhoneSimulator.platform/Developer/SDKs/iPhoneSimulator3.1.2.sdk/System/Library/Frameworks/CoreGraphics.framework/Headers/CGGeometry.h;
sourceTree = "<absolute>";
};
2AD8794D113D9EB000EDB9AF /* PlistBookmark */ = {
isa = PlistBookmark;
fRef = 8D1107310486CEB800E47090 /* OpenSSL_1-Info.plist */;
fallbackIsa = PBXBookmark;
isK = 0;
kPath = (
);
name = "/Users/x2on/Projects/iphone/OpenSSL-for-iPhone/OpenSSL_1-Info.plist";
rLen = 0;
rLoc = 9223372036854775808;
};
32CA4F630368D1EE00C91783 /* OpenSSL_1_Prefix.pch */ = {
uiCtxt = {
sepNavIntBoundsRect = "{{0, 0}, {1011, 598}}";
sepNavSelRange = "{0, 0}";
sepNavVisRange = "{0, 187}";
};
};
}

88
OpenSSL-1.xcodeproj/project.pbxproj → OpenSSL-for-iPhone.xcodeproj/project.pbxproj
View File

@ -7,33 +7,29 @@
objects = {
/* Begin PBXBuildFile section */
1D3623260D0F684500981E51 /* OpenSSL_1AppDelegate.m in Sources */ = {isa = PBXBuildFile; fileRef = 1D3623250D0F684500981E51 /* OpenSSL_1AppDelegate.m */; };
1D3623260D0F684500981E51 /* OpenSSL_for_iPhoneAppDelegate.m in Sources */ = {isa = PBXBuildFile; fileRef = 1D3623250D0F684500981E51 /* OpenSSL_for_iPhoneAppDelegate.m */; };
1D60589B0D05DD56006BFB54 /* main.m in Sources */ = {isa = PBXBuildFile; fileRef = 29B97316FDCFA39411CA2CEA /* main.m */; };
1D60589F0D05DD5A006BFB54 /* Foundation.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 1D30AB110D05D00D00671497 /* Foundation.framework */; };
1DF5F4E00D08C38300B7A737 /* UIKit.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 1DF5F4DF0D08C38300B7A737 /* UIKit.framework */; };
288765FD0DF74451002DB57D /* CoreGraphics.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 288765FC0DF74451002DB57D /* CoreGraphics.framework */; };
28AD733F0D9D9553002E5188 /* MainWindow.xib in Resources */ = {isa = PBXBuildFile; fileRef = 28AD733E0D9D9553002E5188 /* MainWindow.xib */; };
2A347572111722A4007C3F01 /* libcrypto_arm.a in Frameworks */ = {isa = PBXBuildFile; fileRef = 2A34756E111722A4007C3F01 /* libcrypto_arm.a */; };
2A347573111722A4007C3F01 /* libcrypto_i386.a in Frameworks */ = {isa = PBXBuildFile; fileRef = 2A34756F111722A4007C3F01 /* libcrypto_i386.a */; };
2A347574111722A4007C3F01 /* libssl_arm.a in Frameworks */ = {isa = PBXBuildFile; fileRef = 2A347570111722A4007C3F01 /* libssl_arm.a */; };
2A347575111722A4007C3F01 /* libssl_i386.a in Frameworks */ = {isa = PBXBuildFile; fileRef = 2A347571111722A4007C3F01 /* libssl_i386.a */; };
2A38C53711DBC7E700738646 /* libcrypto.a in Frameworks */ = {isa = PBXBuildFile; fileRef = 2A38C53611DBC7E700738646 /* libcrypto.a */; };
2A38C53911DBC7EC00738646 /* libssl.a in Frameworks */ = {isa = PBXBuildFile; fileRef = 2A38C53811DBC7EC00738646 /* libssl.a */; };
/* End PBXBuildFile section */
/* Begin PBXFileReference section */
1D30AB110D05D00D00671497 /* Foundation.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = Foundation.framework; path = System/Library/Frameworks/Foundation.framework; sourceTree = SDKROOT; };
1D3623240D0F684500981E51 /* OpenSSL_1AppDelegate.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = OpenSSL_1AppDelegate.h; sourceTree = "<group>"; };
1D3623250D0F684500981E51 /* OpenSSL_1AppDelegate.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = OpenSSL_1AppDelegate.m; sourceTree = "<group>"; };
1D6058910D05DD3D006BFB54 /* OpenSSL-1.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = "OpenSSL-1.app"; sourceTree = BUILT_PRODUCTS_DIR; };
1D3623240D0F684500981E51 /* OpenSSL_for_iPhoneAppDelegate.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = OpenSSL_for_iPhoneAppDelegate.h; sourceTree = "<group>"; };
1D3623250D0F684500981E51 /* OpenSSL_for_iPhoneAppDelegate.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = OpenSSL_for_iPhoneAppDelegate.m; sourceTree = "<group>"; };
1D6058910D05DD3D006BFB54 /* OpenSSL-for-iPhone.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = "OpenSSL-for-iPhone.app"; sourceTree = BUILT_PRODUCTS_DIR; };
1DF5F4DF0D08C38300B7A737 /* UIKit.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = UIKit.framework; path = System/Library/Frameworks/UIKit.framework; sourceTree = SDKROOT; };
288765FC0DF74451002DB57D /* CoreGraphics.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = CoreGraphics.framework; path = System/Library/Frameworks/CoreGraphics.framework; sourceTree = SDKROOT; };
28AD733E0D9D9553002E5188 /* MainWindow.xib */ = {isa = PBXFileReference; lastKnownFileType = file.xib; path = MainWindow.xib; sourceTree = "<group>"; };
29B97316FDCFA39411CA2CEA /* main.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = main.m; sourceTree = "<group>"; };
2A34756E111722A4007C3F01 /* libcrypto_arm.a */ = {isa = PBXFileReference; lastKnownFileType = archive.ar; path = libcrypto_arm.a; sourceTree = "<group>"; };
2A34756F111722A4007C3F01 /* libcrypto_i386.a */ = {isa = PBXFileReference; lastKnownFileType = archive.ar; path = libcrypto_i386.a; sourceTree = "<group>"; };
2A347570111722A4007C3F01 /* libssl_arm.a */ = {isa = PBXFileReference; lastKnownFileType = archive.ar; path = libssl_arm.a; sourceTree = "<group>"; };
2A347571111722A4007C3F01 /* libssl_i386.a */ = {isa = PBXFileReference; lastKnownFileType = archive.ar; path = libssl_i386.a; sourceTree = "<group>"; };
32CA4F630368D1EE00C91783 /* OpenSSL_1_Prefix.pch */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = OpenSSL_1_Prefix.pch; sourceTree = "<group>"; };
8D1107310486CEB800E47090 /* OpenSSL_1-Info.plist */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist.xml; path = "OpenSSL_1-Info.plist"; plistStructureDefinitionIdentifier = "com.apple.xcode.plist.structure-definition.iphone.info-plist"; sourceTree = "<group>"; };
2A38C53611DBC7E700738646 /* libcrypto.a */ = {isa = PBXFileReference; lastKnownFileType = archive.ar; path = libcrypto.a; sourceTree = "<group>"; };
2A38C53811DBC7EC00738646 /* libssl.a */ = {isa = PBXFileReference; lastKnownFileType = archive.ar; path = libssl.a; sourceTree = "<group>"; };
32CA4F630368D1EE00C91783 /* OpenSSL_for_iPhone_Prefix.pch */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = OpenSSL_for_iPhone_Prefix.pch; sourceTree = "<group>"; };
8D1107310486CEB800E47090 /* OpenSSL_for_iPhone-Info.plist */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist.xml; path = "OpenSSL_for_iPhone-Info.plist"; plistStructureDefinitionIdentifier = "com.apple.xcode.plist.structure-definition.iphone.info-plist"; sourceTree = "<group>"; };
/* End PBXFileReference section */
/* Begin PBXFrameworksBuildPhase section */
@ -44,10 +40,8 @@
1D60589F0D05DD5A006BFB54 /* Foundation.framework in Frameworks */,
1DF5F4E00D08C38300B7A737 /* UIKit.framework in Frameworks */,
288765FD0DF74451002DB57D /* CoreGraphics.framework in Frameworks */,
2A347572111722A4007C3F01 /* libcrypto_arm.a in Frameworks */,
2A347573111722A4007C3F01 /* libcrypto_i386.a in Frameworks */,
2A347574111722A4007C3F01 /* libssl_arm.a in Frameworks */,
2A347575111722A4007C3F01 /* libssl_i386.a in Frameworks */,
2A38C53711DBC7E700738646 /* libcrypto.a in Frameworks */,
2A38C53911DBC7EC00738646 /* libssl.a in Frameworks */,
);
runOnlyForDeploymentPostprocessing = 0;
};
@ -57,8 +51,8 @@
080E96DDFE201D6D7F000001 /* Classes */ = {
isa = PBXGroup;
children = (
1D3623240D0F684500981E51 /* OpenSSL_1AppDelegate.h */,
1D3623250D0F684500981E51 /* OpenSSL_1AppDelegate.m */,
1D3623240D0F684500981E51 /* OpenSSL_for_iPhoneAppDelegate.h */,
1D3623250D0F684500981E51 /* OpenSSL_for_iPhoneAppDelegate.m */,
);
path = Classes;
sourceTree = "<group>";
@ -66,7 +60,7 @@
19C28FACFE9D520D11CA2CBB /* Products */ = {
isa = PBXGroup;
children = (
1D6058910D05DD3D006BFB54 /* OpenSSL-1.app */,
1D6058910D05DD3D006BFB54 /* OpenSSL-for-iPhone.app */,
);
name = Products;
sourceTree = "<group>";
@ -86,7 +80,7 @@
29B97315FDCFA39411CA2CEA /* Other Sources */ = {
isa = PBXGroup;
children = (
32CA4F630368D1EE00C91783 /* OpenSSL_1_Prefix.pch */,
32CA4F630368D1EE00C91783 /* OpenSSL_for_iPhone_Prefix.pch */,
29B97316FDCFA39411CA2CEA /* main.m */,
);
name = "Other Sources";
@ -96,7 +90,7 @@
isa = PBXGroup;
children = (
28AD733E0D9D9553002E5188 /* MainWindow.xib */,
8D1107310486CEB800E47090 /* OpenSSL_1-Info.plist */,
8D1107310486CEB800E47090 /* OpenSSL_for_iPhone-Info.plist */,
);
name = Resources;
sourceTree = "<group>";
@ -104,10 +98,8 @@
29B97323FDCFA39411CA2CEA /* Frameworks */ = {
isa = PBXGroup;
children = (
2A34756E111722A4007C3F01 /* libcrypto_arm.a */,
2A34756F111722A4007C3F01 /* libcrypto_i386.a */,
2A347570111722A4007C3F01 /* libssl_arm.a */,
2A347571111722A4007C3F01 /* libssl_i386.a */,
2A38C53811DBC7EC00738646 /* libssl.a */,
2A38C53611DBC7E700738646 /* libcrypto.a */,
1DF5F4DF0D08C38300B7A737 /* UIKit.framework */,
1D30AB110D05D00D00671497 /* Foundation.framework */,
288765FC0DF74451002DB57D /* CoreGraphics.framework */,
@ -118,9 +110,9 @@
/* End PBXGroup section */
/* Begin PBXNativeTarget section */
1D6058900D05DD3D006BFB54 /* OpenSSL-1 */ = {
1D6058900D05DD3D006BFB54 /* OpenSSL-for-iPhone */ = {
isa = PBXNativeTarget;
buildConfigurationList = 1D6058960D05DD3E006BFB54 /* Build configuration list for PBXNativeTarget "OpenSSL-1" */;
buildConfigurationList = 1D6058960D05DD3E006BFB54 /* Build configuration list for PBXNativeTarget "OpenSSL-for-iPhone" */;
buildPhases = (
1D60588D0D05DD3D006BFB54 /* Resources */,
1D60588E0D05DD3D006BFB54 /* Sources */,
@ -130,9 +122,9 @@
);
dependencies = (
);
name = "OpenSSL-1";
productName = "OpenSSL-1";
productReference = 1D6058910D05DD3D006BFB54 /* OpenSSL-1.app */;
name = "OpenSSL-for-iPhone";
productName = "OpenSSL-for-iPhone";
productReference = 1D6058910D05DD3D006BFB54 /* OpenSSL-for-iPhone.app */;
productType = "com.apple.product-type.application";
};
/* End PBXNativeTarget section */
@ -140,14 +132,14 @@
/* Begin PBXProject section */
29B97313FDCFA39411CA2CEA /* Project object */ = {
isa = PBXProject;
buildConfigurationList = C01FCF4E08A954540054247B /* Build configuration list for PBXProject "OpenSSL-1" */;
buildConfigurationList = C01FCF4E08A954540054247B /* Build configuration list for PBXProject "OpenSSL-for-iPhone" */;
compatibilityVersion = "Xcode 3.1";
hasScannedForEncodings = 1;
mainGroup = 29B97314FDCFA39411CA2CEA /* CustomTemplate */;
projectDirPath = "";
projectRoot = "";
targets = (
1D6058900D05DD3D006BFB54 /* OpenSSL-1 */,
1D6058900D05DD3D006BFB54 /* OpenSSL-for-iPhone */,
);
};
/* End PBXProject section */
@ -169,7 +161,7 @@
buildActionMask = 2147483647;
files = (
1D60589B0D05DD56006BFB54 /* main.m in Sources */,
1D3623260D0F684500981E51 /* OpenSSL_1AppDelegate.m in Sources */,
1D3623260D0F684500981E51 /* OpenSSL_for_iPhoneAppDelegate.m in Sources */,
);
runOnlyForDeploymentPostprocessing = 0;
};
@ -184,14 +176,15 @@
GCC_DYNAMIC_NO_PIC = NO;
GCC_OPTIMIZATION_LEVEL = 0;
GCC_PRECOMPILE_PREFIX_HEADER = YES;
GCC_PREFIX_HEADER = OpenSSL_1_Prefix.pch;
INFOPLIST_FILE = "OpenSSL_1-Info.plist";
GCC_PREFIX_HEADER = OpenSSL_for_iPhone_Prefix.pch;
INFOPLIST_FILE = "OpenSSL_for_iPhone-Info.plist";
LIBRARY_SEARCH_PATHS = (
"$(inherited)",
"\"$(SRCROOT)\"",
);
PRODUCT_NAME = "OpenSSL-1";
USER_HEADER_SEARCH_PATHS = include;
PRODUCT_NAME = "OpenSSL-for-iPhone";
SDKROOT = iphonesimulator4.0;
USER_HEADER_SEARCH_PATHS = "include/**";
};
name = Debug;
};
@ -201,13 +194,14 @@
ALWAYS_SEARCH_USER_PATHS = NO;
COPY_PHASE_STRIP = YES;
GCC_PRECOMPILE_PREFIX_HEADER = YES;
GCC_PREFIX_HEADER = OpenSSL_1_Prefix.pch;
INFOPLIST_FILE = "OpenSSL_1-Info.plist";
GCC_PREFIX_HEADER = OpenSSL_for_iPhone_Prefix.pch;
INFOPLIST_FILE = "OpenSSL_for_iPhone-Info.plist";
LIBRARY_SEARCH_PATHS = (
"$(inherited)",
"\"$(SRCROOT)\"",
);
PRODUCT_NAME = "OpenSSL-1";
PRODUCT_NAME = "OpenSSL-for-iPhone";
VALIDATE_PRODUCT = YES;
};
name = Release;
};
@ -220,7 +214,8 @@
GCC_WARN_ABOUT_RETURN_TYPE = YES;
GCC_WARN_UNUSED_VARIABLE = YES;
PREBINDING = NO;
SDKROOT = iphoneos3.1.2;
SDKROOT = iphoneos4.0;
USER_HEADER_SEARCH_PATHS = "include/**";
};
name = Debug;
};
@ -232,15 +227,16 @@
GCC_C_LANGUAGE_STANDARD = c99;
GCC_WARN_ABOUT_RETURN_TYPE = YES;
GCC_WARN_UNUSED_VARIABLE = YES;
OTHER_CFLAGS = "-DNS_BLOCK_ASSERTIONS=1";
PREBINDING = NO;
SDKROOT = iphoneos3.1.2;
SDKROOT = iphoneos4.0;
};
name = Release;
};
/* End XCBuildConfiguration section */
/* Begin XCConfigurationList section */
1D6058960D05DD3E006BFB54 /* Build configuration list for PBXNativeTarget "OpenSSL-1" */ = {
1D6058960D05DD3E006BFB54 /* Build configuration list for PBXNativeTarget "OpenSSL-for-iPhone" */ = {
isa = XCConfigurationList;
buildConfigurations = (
1D6058940D05DD3E006BFB54 /* Debug */,
@ -249,7 +245,7 @@
defaultConfigurationIsVisible = 0;
defaultConfigurationName = Release;
};
C01FCF4E08A954540054247B /* Build configuration list for PBXProject "OpenSSL-1" */ = {
C01FCF4E08A954540054247B /* Build configuration list for PBXProject "OpenSSL-for-iPhone" */ = {
isa = XCConfigurationList;
buildConfigurations = (
C01FCF4F08A954540054247B /* Debug */,

114
OpenSSL-1.xcodeproj/x2on.mode1v3 → OpenSSL-for-iPhone.xcodeproj/x2on.mode1v3
View File

@ -178,7 +178,7 @@
<key>FavBarConfig</key>
<dict>
<key>PBXProjectModuleGUID</key>
<string>2A347545111721AA007C3F01</string>
<string>2A38C50C11DBC48700738646</string>
<key>XCBarModuleItemNames</key>
<dict/>
<key>XCBarModuleItems</key>
@ -267,8 +267,6 @@
<array>
<string>29B97314FDCFA39411CA2CEA</string>
<string>080E96DDFE201D6D7F000001</string>
<string>29B97315FDCFA39411CA2CEA</string>
<string>29B97317FDCFA39411CA2CEA</string>
<string>29B97323FDCFA39411CA2CEA</string>
<string>1C37FBAC04509CD000000102</string>
<string>1C37FABC05509CD000000102</string>
@ -276,13 +274,12 @@
<key>PBXSmartGroupTreeModuleOutlineStateSelectionKey</key>
<array>
<array>
<integer>9</integer>
<integer>7</integer>
<integer>0</integer>
<integer>14</integer>
<integer>13</integer>
</array>
</array>
<key>PBXSmartGroupTreeModuleOutlineStateVisibleRectKey</key>
<string>{{0, 0}, {186, 727}}</string>
<string>{{0, 0}, {186, 749}}</string>
</dict>
<key>PBXTopSmartGroupGIDs</key>
<array/>
@ -294,14 +291,14 @@
<key>GeometryConfiguration</key>
<dict>
<key>Frame</key>
<string>{{0, 0}, {203, 745}}</string>
<string>{{0, 0}, {203, 767}}</string>
<key>GroupTreeTableConfiguration</key>
<array>
<string>MainColumn</string>
<real>186</real>
</array>
<key>RubberWindowFrame</key>
<string>344 195 1280 786 0 0 1920 1178 </string>
<string>699 165 1087 808 0 0 1920 1178 </string>
</dict>
<key>Module</key>
<string>PBXSmartGroupTreeModule</string>
@ -317,7 +314,7 @@
<key>PBXProjectModuleGUID</key>
<string>1CE0B20306471E060097A5F4</string>
<key>PBXProjectModuleLabel</key>
<string>OpenSSL_1-Info.plist</string>
<string>OpenSSL_for_iPhoneAppDelegate.m</string>
<key>PBXSplitModuleInNavigatorKey</key>
<dict>
<key>Split0</key>
@ -325,19 +322,18 @@
<key>PBXProjectModuleGUID</key>
<string>1CE0B20406471E060097A5F4</string>
<key>PBXProjectModuleLabel</key>
<string>OpenSSL_1-Info.plist</string>
<string>OpenSSL_for_iPhoneAppDelegate.m</string>
<key>_historyCapacity</key>
<integer>0</integer>
<key>bookmark</key>
<string>2A0C1BD111621A4600885C03</string>
<string>2A38C5D411DBC91A00738646</string>
<key>history</key>
<array>
<string>2A3475B0111725A3007C3F01</string>
<string>2A191D4E111734250052E5A8</string>
<string>2A0C1BCD11621A4600885C03</string>
<string>2A0C1BCE11621A4600885C03</string>
<string>2A0C1BCF11621A4600885C03</string>
<string>2AD8794D113D9EB000EDB9AF</string>
<string>2A38C54C11DBC83400738646</string>
<string>2A38C54D11DBC83400738646</string>
<string>2A38C54E11DBC83400738646</string>
<string>2A38C54F11DBC83400738646</string>
<string>2A38C5D211DBC90200738646</string>
</array>
</dict>
<key>SplitCount</key>
@ -349,14 +345,14 @@
<key>GeometryConfiguration</key>
<dict>
<key>Frame</key>
<string>{{0, 0}, {1072, 630}}</string>
<string>{{0, 0}, {879, 351}}</string>
<key>RubberWindowFrame</key>
<string>344 195 1280 786 0 0 1920 1178 </string>
<string>699 165 1087 808 0 0 1920 1178 </string>
</dict>
<key>Module</key>
<string>PBXNavigatorGroup</string>
<key>Proportion</key>
<string>630pt</string>
<string>351pt</string>
</dict>
<dict>
<key>ContentConfiguration</key>
@ -369,18 +365,18 @@
<key>GeometryConfiguration</key>
<dict>
<key>Frame</key>
<string>{{0, 635}, {1072, 110}}</string>
<string>{{0, 356}, {879, 411}}</string>
<key>RubberWindowFrame</key>
<string>344 195 1280 786 0 0 1920 1178 </string>
<string>699 165 1087 808 0 0 1920 1178 </string>
</dict>
<key>Module</key>
<string>XCDetailModule</string>
<key>Proportion</key>
<string>110pt</string>
<string>411pt</string>
</dict>
</array>
<key>Proportion</key>
<string>1072pt</string>
<string>879pt</string>
</dict>
</array>
<key>Name</key>
@ -395,9 +391,9 @@
</array>
<key>TableOfContents</key>
<array>
<string>2A0C1BB911621A1D00885C03</string>
<string>2A38C50A11DBC48700738646</string>
<string>1CE0B1FE06471DED0097A5F4</string>
<string>2A0C1BBA11621A1D00885C03</string>
<string>2A38C50B11DBC48700738646</string>
<string>1CE0B20306471E060097A5F4</string>
<string>1CE0B20506471E060097A5F4</string>
</array>
@ -537,11 +533,11 @@
<array>
<string>1C78EAAD065D492600B07095</string>
<string>1CD10A99069EF8BA00B06720</string>
<string>2A347546111721AA007C3F01</string>
<string>/Users/x2on/Projects/iphone/OpenSSL-for-iPhone/OpenSSL-1.xcodeproj</string>
<string>2A38C50D11DBC48700738646</string>
<string>/Users/x2on/Projects/iPhone/OpenSSL-for-iPhone/OpenSSL-for-iPhone.xcodeproj</string>
</array>
<key>WindowString</key>
<string>344 195 1280 786 0 0 1920 1178 </string>
<string>699 165 1087 808 0 0 1920 1178 </string>
<key>WindowToolsV3</key>
<array>
<dict>
@ -562,23 +558,25 @@
<key>PBXProjectModuleGUID</key>
<string>1CD0528F0623707200166675</string>
<key>PBXProjectModuleLabel</key>
<string></string>
<string>OpenSSL_for_iPhoneAppDelegate.m</string>
<key>StatusBarVisibility</key>
<true/>
</dict>
<key>GeometryConfiguration</key>
<dict>
<key>Frame</key>
<string>{{0, 0}, {500, 218}}</string>
<string>{{0, 0}, {1156, 463}}</string>
<key>RubberWindowFrame</key>
<string>608 500 500 500 0 0 1920 1178 </string>
<string>611 255 1156 745 0 0 1920 1178 </string>
</dict>
<key>Module</key>
<string>PBXNavigatorGroup</string>
<key>Proportion</key>
<string>218pt</string>
<string>463pt</string>
</dict>
<dict>
<key>BecomeActive</key>
<true/>
<key>ContentConfiguration</key>
<dict>
<key>PBXProjectModuleGUID</key>
@ -593,9 +591,9 @@
<key>GeometryConfiguration</key>
<dict>
<key>Frame</key>
<string>{{0, 223}, {500, 236}}</string>
<string>{{0, 468}, {1156, 236}}</string>
<key>RubberWindowFrame</key>
<string>608 500 500 500 0 0 1920 1178 </string>
<string>611 255 1156 745 0 0 1920 1178 </string>
</dict>
<key>Module</key>
<string>PBXBuildResultsModule</string>
@ -604,7 +602,7 @@
</dict>
</array>
<key>Proportion</key>
<string>459pt</string>
<string>704pt</string>
</dict>
</array>
<key>Name</key>
@ -617,8 +615,8 @@
<true/>
<key>TableOfContents</key>
<array>
<string>2A347546111721AA007C3F01</string>
<string>2A0C1BBB11621A1D00885C03</string>
<string>2A38C50D11DBC48700738646</string>
<string>2A38C50E11DBC48700738646</string>
<string>1CD0528F0623707200166675</string>
<string>XCMainBuildResultsModuleGUID</string>
</array>
@ -627,9 +625,9 @@
<key>WindowContentMinSize</key>
<string>486 300</string>
<key>WindowString</key>
<string>608 500 500 500 0 0 1920 1178 </string>
<string>611 255 1156 745 0 0 1920 1178 </string>
<key>WindowToolGUID</key>
<string>2A347546111721AA007C3F01</string>
<string>2A38C50D11DBC48700738646</string>
<key>WindowToolIsVisible</key>
<false/>
</dict>
@ -662,8 +660,8 @@
<string>yes</string>
<key>sizes</key>
<array>
<string>{{0, 0}, {316, 202}}</string>
<string>{{316, 0}, {378, 202}}</string>
<string>{{0, 0}, {316, 185}}</string>
<string>{{316, 0}, {378, 185}}</string>
</array>
</dict>
<key>VerticalSplitView</key>
@ -678,8 +676,8 @@
<string>yes</string>
<key>sizes</key>
<array>
<string>{{0, 0}, {694, 202}}</string>
<string>{{0, 202}, {694, 179}}</string>
<string>{{0, 0}, {694, 185}}</string>
<string>{{0, 185}, {694, 196}}</string>
</array>
</dict>
</dict>
@ -712,12 +710,12 @@
<real>148</real>
</array>
<key>Frame</key>
<string>{{316, 0}, {378, 202}}</string>
<string>{{316, 0}, {378, 185}}</string>
<key>RubberWindowFrame</key>
<string>111 617 694 422 0 0 1920 1178 </string>
<string>96 556 694 422 0 0 1920 1178 </string>
</dict>
<key>RubberWindowFrame</key>
<string>111 617 694 422 0 0 1920 1178 </string>
<string>96 556 694 422 0 0 1920 1178 </string>
</dict>
<key>Module</key>
<string>PBXDebugSessionModule</string>
@ -740,18 +738,18 @@
<key>TableOfContents</key>
<array>
<string>1CD10A99069EF8BA00B06720</string>
<string>2A0C1BBC11621A1D00885C03</string>
<string>2A38C51C11DBC52700738646</string>
<string>1C162984064C10D400B95A72</string>
<string>2A0C1BBD11621A1D00885C03</string>
<string>2A0C1BBE11621A1D00885C03</string>
<string>2A0C1BBF11621A1D00885C03</string>
<string>2A0C1BC011621A1D00885C03</string>
<string>2A0C1BC111621A1D00885C03</string>
<string>2A38C51D11DBC52700738646</string>
<string>2A38C51E11DBC52700738646</string>
<string>2A38C51F11DBC52700738646</string>
<string>2A38C52011DBC52700738646</string>
<string>2A38C52111DBC52700738646</string>
</array>
<key>ToolbarConfiguration</key>
<string>xcode.toolbar.config.debugV3</string>
<key>WindowString</key>
<string>111 617 694 422 0 0 1920 1178 </string>
<string>96 556 694 422 0 0 1920 1178 </string>
<key>WindowToolGUID</key>
<string>1CD10A99069EF8BA00B06720</string>
<key>WindowToolIsVisible</key>
@ -885,7 +883,7 @@
<key>Frame</key>
<string>{{0, 0}, {650, 209}}</string>
<key>RubberWindowFrame</key>
<string>1120 818 650 250 0 0 1920 1178 </string>
<string>96 728 650 250 0 0 1920 1178 </string>
</dict>
<key>Module</key>
<string>PBXDebugCLIModule</string>
@ -908,13 +906,13 @@
<key>TableOfContents</key>
<array>
<string>1C78EAAD065D492600B07095</string>
<string>2A0C1BC211621A1D00885C03</string>
<string>2A38C52211DBC52700738646</string>
<string>1C78EAAC065D492600B07095</string>
</array>
<key>ToolbarConfiguration</key>
<string>xcode.toolbar.config.consoleV3</string>
<key>WindowString</key>
<string>1120 818 650 250 0 0 1920 1178 </string>
<string>96 728 650 250 0 0 1920 1178 </string>
<key>WindowToolGUID</key>
<string>1C78EAAD065D492600B07095</string>
<key>WindowToolIsVisible</key>

211
OpenSSL-for-iPhone.xcodeproj/x2on.pbxuser Normal file
View File

@ -0,0 +1,211 @@
// !$*UTF8*$!
{
1D3623240D0F684500981E51 /* OpenSSL_for_iPhoneAppDelegate.h */ = {
uiCtxt = {
sepNavIntBoundsRect = "{{0, 0}, {818, 319}}";
sepNavSelRange = "{65, 98}";
sepNavVisRange = "{0, 360}";
};
};
1D3623250D0F684500981E51 /* OpenSSL_for_iPhoneAppDelegate.m */ = {
uiCtxt = {
sepNavIntBoundsRect = "{{0, 0}, {1965, 1976}}";
sepNavSelRange = "{210, 25}";
sepNavVisRange = "{0, 1111}";
};
};
1D6058900D05DD3D006BFB54 /* OpenSSL-for-iPhone */ = {
activeExec = 0;
executables = (
2A38C4FE11DBC47D00738646 /* OpenSSL-for-iPhone */,
);
};
29B97313FDCFA39411CA2CEA /* Project object */ = {
activeBuildConfigurationName = Debug;
activeExecutable = 2A38C4FE11DBC47D00738646 /* OpenSSL-for-iPhone */;
activeTarget = 1D6058900D05DD3D006BFB54 /* OpenSSL-for-iPhone */;
addToTargets = (
1D6058900D05DD3D006BFB54 /* OpenSSL-for-iPhone */,
);
codeSenseManager = 2A38C51011DBC48700738646 /* Code sense */;
executables = (
2A38C4FE11DBC47D00738646 /* OpenSSL-for-iPhone */,
);
perUserDictionary = {
PBXConfiguration.PBXFileTableDataSource3.PBXFileTableDataSource = {
PBXFileTableDataSourceColumnSortingDirectionKey = "-1";
PBXFileTableDataSourceColumnSortingKey = PBXFileDataSource_Filename_ColumnID;
PBXFileTableDataSourceColumnWidthsKey = (
20,
640,
20,
48,
43,
43,
20,
);
PBXFileTableDataSourceColumnsKey = (
PBXFileDataSource_FiletypeID,
PBXFileDataSource_Filename_ColumnID,
PBXFileDataSource_Built_ColumnID,
PBXFileDataSource_ObjectSize_ColumnID,
PBXFileDataSource_Errors_ColumnID,
PBXFileDataSource_Warnings_ColumnID,
PBXFileDataSource_Target_ColumnID,
);
};
PBXConfiguration.PBXTargetDataSource.PBXTargetDataSource = {
PBXFileTableDataSourceColumnSortingDirectionKey = "-1";
PBXFileTableDataSourceColumnSortingKey = PBXFileDataSource_Filename_ColumnID;
PBXFileTableDataSourceColumnWidthsKey = (
20,
600,
60,
20,
48,
43,
43,
);
PBXFileTableDataSourceColumnsKey = (
PBXFileDataSource_FiletypeID,
PBXFileDataSource_Filename_ColumnID,
PBXTargetDataSource_PrimaryAttribute,
PBXFileDataSource_Built_ColumnID,
PBXFileDataSource_ObjectSize_ColumnID,
PBXFileDataSource_Errors_ColumnID,
PBXFileDataSource_Warnings_ColumnID,
);
};
PBXPerProjectTemplateStateSaveDate = 299615357;
PBXWorkspaceStateSaveDate = 299615357;
};
perUserProjectItems = {
2A38C54C11DBC83400738646 /* PBXTextBookmark */ = 2A38C54C11DBC83400738646 /* PBXTextBookmark */;
2A38C54D11DBC83400738646 /* PBXTextBookmark */ = 2A38C54D11DBC83400738646 /* PBXTextBookmark */;
2A38C54E11DBC83400738646 /* PBXTextBookmark */ = 2A38C54E11DBC83400738646 /* PBXTextBookmark */;
2A38C54F11DBC83400738646 /* PlistBookmark */ = 2A38C54F11DBC83400738646 /* PlistBookmark */;
2A38C5D211DBC90200738646 /* PBXTextBookmark */ = 2A38C5D211DBC90200738646 /* PBXTextBookmark */;
2A38C5D411DBC91A00738646 /* PBXTextBookmark */ = 2A38C5D411DBC91A00738646 /* PBXTextBookmark */;
};
sourceControlManager = 2A38C50F11DBC48700738646 /* Source Control */;
userBuildSettings = {
};
};
29B97316FDCFA39411CA2CEA /* main.m */ = {
uiCtxt = {
sepNavIntBoundsRect = "{{0, 0}, {818, 319}}";
sepNavSelRange = "{138, 0}";
sepNavVisRange = "{0, 372}";
};
};
2A38C4FE11DBC47D00738646 /* OpenSSL-for-iPhone */ = {
isa = PBXExecutable;
activeArgIndices = (
);
argumentStrings = (
);
autoAttachOnCrash = 1;
breakpointsEnabled = 0;
configStateDict = {
};
customDataFormattersEnabled = 1;
dataTipCustomDataFormattersEnabled = 1;
dataTipShowTypeColumn = 1;
dataTipSortType = 0;
debuggerPlugin = GDBDebugging;
disassemblyDisplayState = 0;
dylibVariantSuffix = "";
enableDebugStr = 1;
environmentEntries = (
);
executableSystemSymbolLevel = 0;
executableUserSymbolLevel = 0;
libgmallocEnabled = 0;
name = "OpenSSL-for-iPhone";
showTypeColumn = 0;
sourceDirectories = (
);
};
2A38C50F11DBC48700738646 /* Source Control */ = {
isa = PBXSourceControlManager;
fallbackIsa = XCSourceControlManager;
isSCMEnabled = 0;
scmConfiguration = {
repositoryNamesForRoots = {
"" = "";
};
};
};
2A38C51011DBC48700738646 /* Code sense */ = {
isa = PBXCodeSenseManager;
indexTemplatePath = "";
};
2A38C54C11DBC83400738646 /* PBXTextBookmark */ = {
isa = PBXTextBookmark;
fRef = 1D3623240D0F684500981E51 /* OpenSSL_for_iPhoneAppDelegate.h */;
name = "OpenSSL_for_iPhoneAppDelegate.h: 5";
rLen = 98;
rLoc = 65;
rType = 0;
vrLen = 360;
vrLoc = 0;
};
2A38C54D11DBC83400738646 /* PBXTextBookmark */ = {
isa = PBXTextBookmark;
fRef = 32CA4F630368D1EE00C91783 /* OpenSSL_for_iPhone_Prefix.pch */;
name = "OpenSSL_for_iPhone_Prefix.pch: 1";
rLen = 0;
rLoc = 0;
rType = 0;
vrLen = 205;
vrLoc = 0;
};
2A38C54E11DBC83400738646 /* PBXTextBookmark */ = {
isa = PBXTextBookmark;
fRef = 29B97316FDCFA39411CA2CEA /* main.m */;
name = "main.m: 6";
rLen = 0;
rLoc = 138;
rType = 0;
vrLen = 372;
vrLoc = 0;
};
2A38C54F11DBC83400738646 /* PlistBookmark */ = {
isa = PlistBookmark;
fRef = 8D1107310486CEB800E47090 /* OpenSSL_for_iPhone-Info.plist */;
fallbackIsa = PBXBookmark;
isK = 0;
kPath = (
);
name = "/Users/x2on/Projects/iPhone/OpenSSL-for-iPhone/OpenSSL_for_iPhone-Info.plist";
rLen = 0;
rLoc = 9223372036854775807;
};
2A38C5D211DBC90200738646 /* PBXTextBookmark */ = {
isa = PBXTextBookmark;
fRef = 1D3623250D0F684500981E51 /* OpenSSL_for_iPhoneAppDelegate.m */;
name = "OpenSSL_for_iPhoneAppDelegate.m: 6";
rLen = 0;
rLoc = 163;
rType = 0;
vrLen = 675;
vrLoc = 0;
};
2A38C5D411DBC91A00738646 /* PBXTextBookmark */ = {
isa = PBXTextBookmark;
fRef = 1D3623250D0F684500981E51 /* OpenSSL_for_iPhoneAppDelegate.m */;
name = "OpenSSL_for_iPhoneAppDelegate.m: 6";
rLen = 0;
rLoc = 163;
rType = 0;
vrLen = 675;
vrLoc = 0;
};
32CA4F630368D1EE00C91783 /* OpenSSL_for_iPhone_Prefix.pch */ = {
uiCtxt = {
sepNavIntBoundsRect = "{{0, 0}, {818, 319}}";
sepNavSelRange = "{0, 0}";
sepNavVisRange = "{0, 205}";
};
};
}

8
OpenSSL_1_Prefix.pch
View File

@ -1,8 +0,0 @@
//
// Prefix header for all source files of the 'OpenSSL-1' target in the 'OpenSSL-1' project
//
#ifdef __OBJC__
#import <Foundation/Foundation.h>
#import <UIKit/UIKit.h>
#endif

0
OpenSSL_1-Info.plist → OpenSSL_for_iPhone-Info.plist
View File

8
OpenSSL_for_iPhone_Prefix.pch Normal file
View File

@ -0,0 +1,8 @@
//
// Prefix header for all source files of the 'OpenSSL-for-iPhone' target in the 'OpenSSL-for-iPhone' project
//
#ifdef __OBJC__
#import <Foundation/Foundation.h>
#import <UIKit/UIKit.h>
#endif

80
README
View File

@ -1,86 +1,14 @@
From: http://www.x2on.de/2010/02/01/tutorial-iphone-app-with-compiled-openssl-library/
UPDATE 2010-06-30: I have updated OpenSSL to 1.0.0a with iOS 4.0 as base SDK
UPDATE 2010-06-10: I have updated OpenSSL to 0.9.8o + iPad Version
UPDATE 2010-03-31: I have updated OpenSSL to 0.9.8n
UPDATE 2010-02-26: I have updated OpenSSL to 0.9.8m
This is a tutorial for using self-compiled builds of the OpenSSL-library on the iPhone. You can build apps with XCode and the official SDK from Apple with this. I also made a small example-app for using the libraries with XCode and the iPhone/iPhone-Simulator. You can also download the precompiled OpenSSL-library (0.9.8n).
This is a tutorial for using self-compiled builds of the OpenSSL-library on the iPhone. You can build apps with XCode and the official SDK from Apple with this. I also made a small example-app for using the libraries with XCode and the iPhone/iPhone-Simulator. You can also download the precompiled OpenSSL-library (1.0.0a).
Create OpenSSL Libary:
* Download OpenSSL Sourcecode
* Build OpenSSL for i368 iPhoneSimulator:
o cd openssl-0.9.8o
mkdir openssl_arm
mkdir openssl_i386
./config --openssldir=/PathtoOpenSSL/openssl_i386
o Edit Makefile:
+ Change CC = cc to:
CC= /Developer/Platforms/iPhoneSimulator.platform/Developer/usr/bin/gcc-4.0
+ Add as first item to CFLAG:
-isysroot /Developer/Platforms/iPhoneSimulator.platform/Developer/SDKs/iPhoneSimulator3.1.3.sdk
o Change in crypto/ui/ui_openssl.c
static volatile sig_atomic_t intr_signal;
to
static volatile int intr_signal;
for preventing building error
o Build it:
make
make install
o Your libcrypto.a and libssl.a are in the folder openssl_i368/lib
o Rename the two files to libcrypto_i386.a and libssl_i386.a
* Build OpenSSL for arm iPhoneOS:
o Edit Makefile:
+ Search and replace openssl_i386 with openssl_arm
+ Change -arch i386 in CFLAG to:
-arch armv6
+ Change
CC= /Developer/Platforms/iPhoneSimulator.platform/Developer/usr/bin/gcc-4.0
to
CC= /Developer/Platforms/iPhoneOS.platform/Developer/usr/bin/gcc-4.0
+ Change
-isysroot /Developer/Platforms/iPhoneSimulator.platform/Developer/SDKs/iPhoneSimulator3.1.3.sdk
to
-isysroot /Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS3.1.3.sdk
o Build it:
make
make install
o Your libcrypto.a and libssl.a are in the folder openssl_arm/lib
o Rename the two files to libcrypto_arm.a and libssl_arm.a
Edit your iPhone-XCode project:
* Copy the “include” folder from OpenSSL into your project-folder
* Copy the libcrypto_*.a and libss_*.a files into your project-folder
* Drag the libcrypto_*.a and libss_*.a files into your XCode Framework Folder-Tree
* Open the Build-Info from your “Target” (Righclick on Target Get Info)
* Change Library Search Paths to
$(inherited) "$(SRCROOT)"
* Change User Header Search Paths to include
* Activate Always Search User Paths
An updated version for OpenSSL 1.0 and Xcode 3.2.3 with iOS 4 is coming soon.
Enjoy OpenSSL on the iPhone!
I have made an iPhone OS 3.1.3 XCode Project with OpenSSL 0.9.8o Libaries. The examples uses the MD5-algorithm to calculate an md5 hash from an UITextfield.
I have made an iOS 4.0 XCode Project with OpenSSL 1.0.0a Libaries. The examples uses the MD5-algorithm to calculate an md5 hash from an UITextfield.

28
include/openssl/aes.h
View File

@ -58,6 +58,8 @@
#error AES is disabled.
#endif
#include <stddef.h>
#define AES_ENCRYPT 1
#define AES_DECRYPT 0
@ -66,10 +68,6 @@
#define AES_MAXNR 14
#define AES_BLOCK_SIZE 16
#ifdef OPENSSL_FIPS
#define FIPS_AES_SIZE_T int
#endif
#ifdef __cplusplus
extern "C" {
#endif
@ -100,37 +98,32 @@ void AES_decrypt(const unsigned char *in, unsigned char *out,
void AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
const AES_KEY *key, const int enc);
void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
const unsigned long length, const AES_KEY *key,
size_t length, const AES_KEY *key,
unsigned char *ivec, const int enc);
void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
const unsigned long length, const AES_KEY *key,
size_t length, const AES_KEY *key,
unsigned char *ivec, int *num, const int enc);
void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
const unsigned long length, const AES_KEY *key,
size_t length, const AES_KEY *key,
unsigned char *ivec, int *num, const int enc);
void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
const unsigned long length, const AES_KEY *key,
size_t length, const AES_KEY *key,
unsigned char *ivec, int *num, const int enc);
void AES_cfbr_encrypt_block(const unsigned char *in,unsigned char *out,
const int nbits,const AES_KEY *key,
unsigned char *ivec,const int enc);
void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
const unsigned long length, const AES_KEY *key,
size_t length, const AES_KEY *key,
unsigned char *ivec, int *num);
void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
const unsigned long length, const AES_KEY *key,
size_t length, const AES_KEY *key,
unsigned char ivec[AES_BLOCK_SIZE],
unsigned char ecount_buf[AES_BLOCK_SIZE],
unsigned int *num);
/* For IGE, see also http://www.links.org/files/openssl-ige.pdf */
/* NB: the IV is _two_ blocks long */
void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
const unsigned long length, const AES_KEY *key,
size_t length, const AES_KEY *key,
unsigned char *ivec, const int enc);
/* NB: the IV is _four_ blocks long */
void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
const unsigned long length, const AES_KEY *key,
size_t length, const AES_KEY *key,
const AES_KEY *key2, const unsigned char *ivec,
const int enc);
@ -141,6 +134,7 @@ int AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
unsigned char *out,
const unsigned char *in, unsigned int inlen);
#ifdef __cplusplus
}
#endif

250
include/openssl/asn1.h
View File

@ -213,7 +213,7 @@ typedef struct asn1_object_st
const char *sn,*ln;
int nid;
int length;
unsigned char *data;
const unsigned char *data; /* data remains const after init */
int flags; /* Should we free this one */
} ASN1_OBJECT;
@ -228,8 +228,12 @@ typedef struct asn1_object_st
* complete and is a place holder for content when it had all been
* accessed. The flag will be reset when content has been written to it.
*/
#define ASN1_STRING_FLAG_CONT 0x020
#define ASN1_STRING_FLAG_CONT 0x020
/* This flag is used by ASN1 code to indicate an ASN1_STRING is an MSTRING
* type.
*/
#define ASN1_STRING_FLAG_MSTRING 0x040
/* This is the base type that holds just about everything :-) */
typedef struct asn1_string_st
{
@ -330,6 +334,13 @@ typedef struct ASN1_VALUE_st ASN1_VALUE;
type *name##_new(void); \
void name##_free(type *a);
#define DECLARE_ASN1_PRINT_FUNCTION(stname) \
DECLARE_ASN1_PRINT_FUNCTION_fname(stname, stname)
#define DECLARE_ASN1_PRINT_FUNCTION_fname(stname, fname) \
int fname##_print_ctx(BIO *out, stname *x, int indent, \
const ASN1_PCTX *pctx);
#define D2I_OF(type) type *(*)(type **,const unsigned char **,long)
#define I2D_OF(type) int (*)(type *,unsigned char **)
#define I2D_OF_const(type) int (*)(const type *,unsigned char **)
@ -344,8 +355,6 @@ typedef struct ASN1_VALUE_st ASN1_VALUE;
((void*) (1 ? p : (type*)0))
#define CHECKED_PPTR_OF(type, p) \
((void**) (1 ? p : (type**)0))
#define CHECKED_PTR_OF_TO_CHAR(type, p) \
((char*) (1 ? p : (type*)0))
#define TYPEDEF_D2I_OF(type) typedef type *d2i_of_##type(type **,const unsigned char **,long)
#define TYPEDEF_I2D_OF(type) typedef int i2d_of_##type(type *,unsigned char **)
@ -536,28 +545,23 @@ typedef struct asn1_type_st
* contain the set or sequence bytes */
ASN1_STRING * set;
ASN1_STRING * sequence;
ASN1_VALUE * asn1_value;
ASN1_VALUE * asn1_value;
} value;
} ASN1_TYPE;
DECLARE_STACK_OF(ASN1_TYPE)
DECLARE_ASN1_SET_OF(ASN1_TYPE)
typedef struct asn1_method_st
{
i2d_of_void *i2d;
d2i_of_void *d2i;
void *(*create)(void);
void (*destroy)(void *);
} ASN1_METHOD;
typedef STACK_OF(ASN1_TYPE) ASN1_SEQUENCE_ANY;
/* This is used when parsing some Netscape objects */
typedef struct asn1_header_st
DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY)
DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SET_ANY)
typedef struct NETSCAPE_X509_st
{
ASN1_OCTET_STRING *header;
void *data;
ASN1_METHOD *meth;
} ASN1_HEADER;
X509 *cert;
} NETSCAPE_X509;
/* This is used to contain a list of bit names */
typedef struct BIT_STRING_BITNAME_st {
@ -577,32 +581,34 @@ typedef struct BIT_STRING_BITNAME_st {
ASN1_STRING_type_new(V_ASN1_BIT_STRING)
#define M_ASN1_BIT_STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
#define M_ASN1_BIT_STRING_dup(a) (ASN1_BIT_STRING *)\
ASN1_STRING_dup((ASN1_STRING *)a)
ASN1_STRING_dup((const ASN1_STRING *)a)
#define M_ASN1_BIT_STRING_cmp(a,b) ASN1_STRING_cmp(\
(ASN1_STRING *)a,(ASN1_STRING *)b)
(const ASN1_STRING *)a,(const ASN1_STRING *)b)
#define M_ASN1_BIT_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c)
#define M_ASN1_INTEGER_new() (ASN1_INTEGER *)\
ASN1_STRING_type_new(V_ASN1_INTEGER)
#define M_ASN1_INTEGER_free(a) ASN1_STRING_free((ASN1_STRING *)a)
#define M_ASN1_INTEGER_dup(a) (ASN1_INTEGER *)ASN1_STRING_dup((ASN1_STRING *)a)
#define M_ASN1_INTEGER_dup(a) (ASN1_INTEGER *)\
ASN1_STRING_dup((const ASN1_STRING *)a)
#define M_ASN1_INTEGER_cmp(a,b) ASN1_STRING_cmp(\
(ASN1_STRING *)a,(ASN1_STRING *)b)
(const ASN1_STRING *)a,(const ASN1_STRING *)b)
#define M_ASN1_ENUMERATED_new() (ASN1_ENUMERATED *)\
ASN1_STRING_type_new(V_ASN1_ENUMERATED)
#define M_ASN1_ENUMERATED_free(a) ASN1_STRING_free((ASN1_STRING *)a)
#define M_ASN1_ENUMERATED_dup(a) (ASN1_ENUMERATED *)ASN1_STRING_dup((ASN1_STRING *)a)
#define M_ASN1_ENUMERATED_dup(a) (ASN1_ENUMERATED *)\
ASN1_STRING_dup((const ASN1_STRING *)a)
#define M_ASN1_ENUMERATED_cmp(a,b) ASN1_STRING_cmp(\
(ASN1_STRING *)a,(ASN1_STRING *)b)
(const ASN1_STRING *)a,(const ASN1_STRING *)b)
#define M_ASN1_OCTET_STRING_new() (ASN1_OCTET_STRING *)\
ASN1_STRING_type_new(V_ASN1_OCTET_STRING)
#define M_ASN1_OCTET_STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
#define M_ASN1_OCTET_STRING_dup(a) (ASN1_OCTET_STRING *)\
ASN1_STRING_dup((ASN1_STRING *)a)
ASN1_STRING_dup((const ASN1_STRING *)a)
#define M_ASN1_OCTET_STRING_cmp(a,b) ASN1_STRING_cmp(\
(ASN1_STRING *)a,(ASN1_STRING *)b)
(const ASN1_STRING *)a,(const ASN1_STRING *)b)
#define M_ASN1_OCTET_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c)
#define M_ASN1_OCTET_STRING_print(a,b) ASN1_STRING_print(a,(ASN1_STRING *)b)
#define M_i2d_ASN1_OCTET_STRING(a,pp) \
@ -686,7 +692,7 @@ typedef struct BIT_STRING_BITNAME_st {
ASN1_STRING_type_new(V_ASN1_IA5STRING)
#define M_ASN1_IA5STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
#define M_ASN1_IA5STRING_dup(a) \
(ASN1_IA5STRING *)ASN1_STRING_dup((ASN1_STRING *)a)
(ASN1_IA5STRING *)ASN1_STRING_dup((const ASN1_STRING *)a)
#define M_i2d_ASN1_IA5STRING(a,pp) \
i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_IA5STRING,\
V_ASN1_UNIVERSAL)
@ -697,18 +703,20 @@ typedef struct BIT_STRING_BITNAME_st {
#define M_ASN1_UTCTIME_new() (ASN1_UTCTIME *)\
ASN1_STRING_type_new(V_ASN1_UTCTIME)
#define M_ASN1_UTCTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a)
#define M_ASN1_UTCTIME_dup(a) (ASN1_UTCTIME *)ASN1_STRING_dup((ASN1_STRING *)a)
#define M_ASN1_UTCTIME_dup(a) (ASN1_UTCTIME *)\
ASN1_STRING_dup((const ASN1_STRING *)a)
#define M_ASN1_GENERALIZEDTIME_new() (ASN1_GENERALIZEDTIME *)\
ASN1_STRING_type_new(V_ASN1_GENERALIZEDTIME)
#define M_ASN1_GENERALIZEDTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a)
#define M_ASN1_GENERALIZEDTIME_dup(a) (ASN1_GENERALIZEDTIME *)ASN1_STRING_dup(\
(ASN1_STRING *)a)
(const ASN1_STRING *)a)
#define M_ASN1_TIME_new() (ASN1_TIME *)\
ASN1_STRING_type_new(V_ASN1_UTCTIME)
#define M_ASN1_TIME_free(a) ASN1_STRING_free((ASN1_STRING *)a)
#define M_ASN1_TIME_dup(a) (ASN1_TIME *)ASN1_STRING_dup((ASN1_STRING *)a)
#define M_ASN1_TIME_dup(a) (ASN1_TIME *)\
ASN1_STRING_dup((const ASN1_STRING *)a)
#define M_ASN1_GENERALSTRING_new() (ASN1_GENERALSTRING *)\
ASN1_STRING_type_new(V_ASN1_GENERALSTRING)
@ -769,6 +777,7 @@ DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE)
int ASN1_TYPE_get(ASN1_TYPE *a);
void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value);
int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value);
int ASN1_TYPE_cmp(ASN1_TYPE *a, ASN1_TYPE *b);
ASN1_OBJECT * ASN1_OBJECT_new(void );
void ASN1_OBJECT_free(ASN1_OBJECT *a);
@ -785,14 +794,15 @@ DECLARE_ASN1_SET_OF(ASN1_OBJECT)
ASN1_STRING * ASN1_STRING_new(void);
void ASN1_STRING_free(ASN1_STRING *a);
ASN1_STRING * ASN1_STRING_dup(ASN1_STRING *a);
int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str);
ASN1_STRING * ASN1_STRING_dup(const ASN1_STRING *a);
ASN1_STRING * ASN1_STRING_type_new(int type );
int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b);
int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b);
/* Since this is used to store all sorts of things, via macros, for now, make
its data void * */
int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);
void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len);
int ASN1_STRING_length(ASN1_STRING *x);
int ASN1_STRING_length(const ASN1_STRING *x);
void ASN1_STRING_length_set(ASN1_STRING *x, int n);
int ASN1_STRING_type(ASN1_STRING *x);
unsigned char * ASN1_STRING_data(ASN1_STRING *x);
@ -805,6 +815,8 @@ int ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d,
int length );
int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value);
int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n);
int ASN1_BIT_STRING_check(ASN1_BIT_STRING *a,
unsigned char *flags, int flags_len);
#ifndef OPENSSL_NO_BIO
int ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs,
@ -823,13 +835,15 @@ ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a,const unsigned char **pp,
long length);
ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a,const unsigned char **pp,
long length);
ASN1_INTEGER * ASN1_INTEGER_dup(ASN1_INTEGER *x);
int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y);
ASN1_INTEGER * ASN1_INTEGER_dup(const ASN1_INTEGER *x);
int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y);
DECLARE_ASN1_FUNCTIONS(ASN1_ENUMERATED)
int ASN1_UTCTIME_check(ASN1_UTCTIME *a);
ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s,time_t t);
ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
int offset_day, long offset_sec);
int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
#if 0
@ -838,11 +852,13 @@ time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s);
int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *a);
ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,time_t t);
ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
time_t t, int offset_day, long offset_sec);
int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str);
DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING)
ASN1_OCTET_STRING * ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *a);
int ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b);
ASN1_OCTET_STRING * ASN1_OCTET_STRING_dup(const ASN1_OCTET_STRING *a);
int ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a, const ASN1_OCTET_STRING *b);
int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, const unsigned char *data, int len);
DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING)
@ -869,14 +885,20 @@ DECLARE_ASN1_FUNCTIONS(ASN1_TIME)
DECLARE_ASN1_ITEM(ASN1_OCTET_STRING_NDEF)
ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s,time_t t);
ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s,time_t t,
int offset_day, long offset_sec);
int ASN1_TIME_check(ASN1_TIME *t);
ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME **out);
int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
int i2d_ASN1_SET(STACK *a, unsigned char **pp,
i2d_of_void *i2d, int ex_tag, int ex_class, int is_set);
STACK * d2i_ASN1_SET(STACK **a, const unsigned char **pp, long length,
d2i_of_void *d2i, void (*free_func)(void *),
int ex_tag, int ex_class);
int i2d_ASN1_SET(STACK_OF(OPENSSL_BLOCK) *a, unsigned char **pp,
i2d_of_void *i2d, int ex_tag, int ex_class,
int is_set);
STACK_OF(OPENSSL_BLOCK) *d2i_ASN1_SET(STACK_OF(OPENSSL_BLOCK) **a,
const unsigned char **pp,
long length, d2i_of_void *d2i,
void (*free_func)(OPENSSL_BLOCK), int ex_tag,
int ex_class);
#ifndef OPENSSL_NO_BIO
int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a);
@ -894,9 +916,9 @@ ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data,int len,
const char *sn, const char *ln);
int ASN1_INTEGER_set(ASN1_INTEGER *a, long v);
long ASN1_INTEGER_get(ASN1_INTEGER *a);
ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai);
BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai,BIGNUM *bn);
long ASN1_INTEGER_get(const ASN1_INTEGER *a);
ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai);
BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai,BIGNUM *bn);
int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a);
@ -930,17 +952,17 @@ int ASN1_put_eoc(unsigned char **pp);
int ASN1_object_size(int constructed, int length, int tag);
/* Used to implement other functions */
void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, char *x);
void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x);
#define ASN1_dup_of(type,i2d,d2i,x) \
((type*)ASN1_dup(CHECKED_I2D_OF(type, i2d), \
CHECKED_D2I_OF(type, d2i), \
CHECKED_PTR_OF_TO_CHAR(type, x)))
CHECKED_PTR_OF(type, x)))
#define ASN1_dup_of_const(type,i2d,d2i,x) \
((type*)ASN1_dup(CHECKED_I2D_OF(const type, i2d), \
CHECKED_D2I_OF(type, d2i), \
CHECKED_PTR_OF_TO_CHAR(const type, x)))
CHECKED_PTR_OF(const type, x)))
void *ASN1_item_dup(const ASN1_ITEM *it, void *x);
@ -1001,30 +1023,24 @@ int ASN1_i2d_bio(i2d_of_void *i2d,BIO *out, unsigned char *x);
CHECKED_PTR_OF(const type, x)))
int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x);
int ASN1_UTCTIME_print(BIO *fp,ASN1_UTCTIME *a);
int ASN1_GENERALIZEDTIME_print(BIO *fp,ASN1_GENERALIZEDTIME *a);
int ASN1_TIME_print(BIO *fp,ASN1_TIME *a);
int ASN1_STRING_print(BIO *bp,ASN1_STRING *v);
int ASN1_UTCTIME_print(BIO *fp, const ASN1_UTCTIME *a);
int ASN1_GENERALIZEDTIME_print(BIO *fp, const ASN1_GENERALIZEDTIME *a);
int ASN1_TIME_print(BIO *fp, const ASN1_TIME *a);
int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v);
int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags);
int ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num,
unsigned char *buf, int off);
int ASN1_parse(BIO *bp,const unsigned char *pp,long len,int indent);
int ASN1_parse_dump(BIO *bp,const unsigned char *pp,long len,int indent,int dump);
#endif
const char *ASN1_tag2str(int tag);
/* Used to load and write netscape format cert/key */
int i2d_ASN1_HEADER(ASN1_HEADER *a,unsigned char **pp);
ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a,const unsigned char **pp, long length);
ASN1_HEADER *ASN1_HEADER_new(void );
void ASN1_HEADER_free(ASN1_HEADER *a);
/* Used to load and write netscape format cert */
DECLARE_ASN1_FUNCTIONS(NETSCAPE_X509)
int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s);
/* Not used that much at this point, except for the first two */
ASN1_METHOD *X509_asn1_meth(void);
ASN1_METHOD *RSAPrivateKey_asn1_meth(void);
ASN1_METHOD *ASN1_IA5STRING_asn1_meth(void);
ASN1_METHOD *ASN1_BIT_STRING_asn1_meth(void);
int ASN1_TYPE_set_octetstring(ASN1_TYPE *a,
unsigned char *data, int len);
int ASN1_TYPE_get_octetstring(ASN1_TYPE *a,
@ -1034,9 +1050,9 @@ int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num,
int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a,long *num,
unsigned char *data, int max_len);
STACK *ASN1_seq_unpack(const unsigned char *buf, int len,
d2i_of_void *d2i, void (*free_func)(void *));
unsigned char *ASN1_seq_pack(STACK *safes, i2d_of_void *i2d,
STACK_OF(OPENSSL_BLOCK) *ASN1_seq_unpack(const unsigned char *buf, int len,
d2i_of_void *d2i, void (*free_func)(OPENSSL_BLOCK));
unsigned char *ASN1_seq_pack(STACK_OF(OPENSSL_BLOCK) *safes, i2d_of_void *i2d,
unsigned char **buf, int *len );
void *ASN1_unpack_string(ASN1_STRING *oct, d2i_of_void *d2i);
void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it);
@ -1079,15 +1095,58 @@ void ASN1_add_oid_module(void);
ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf);
ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf);
typedef int asn1_output_data_fn(BIO *out, BIO *data, ASN1_VALUE *val, int flags,
const ASN1_ITEM *it);
/* ASN1 Print flags */
int int_smime_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
/* Indicate missing OPTIONAL fields */
#define ASN1_PCTX_FLAGS_SHOW_ABSENT 0x001
/* Mark start and end of SEQUENCE */
#define ASN1_PCTX_FLAGS_SHOW_SEQUENCE 0x002
/* Mark start and end of SEQUENCE/SET OF */
#define ASN1_PCTX_FLAGS_SHOW_SSOF 0x004
/* Show the ASN1 type of primitives */
#define ASN1_PCTX_FLAGS_SHOW_TYPE 0x008
/* Don't show ASN1 type of ANY */
#define ASN1_PCTX_FLAGS_NO_ANY_TYPE 0x010
/* Don't show ASN1 type of MSTRINGs */
#define ASN1_PCTX_FLAGS_NO_MSTRING_TYPE 0x020
/* Don't show field names in SEQUENCE */
#define ASN1_PCTX_FLAGS_NO_FIELD_NAME 0x040
/* Show structure names of each SEQUENCE field */
#define ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME 0x080
/* Don't show structure name even at top level */
#define ASN1_PCTX_FLAGS_NO_STRUCT_NAME 0x100
int ASN1_item_print(BIO *out, ASN1_VALUE *ifld, int indent,
const ASN1_ITEM *it, const ASN1_PCTX *pctx);
ASN1_PCTX *ASN1_PCTX_new(void);
void ASN1_PCTX_free(ASN1_PCTX *p);
unsigned long ASN1_PCTX_get_flags(ASN1_PCTX *p);
void ASN1_PCTX_set_flags(ASN1_PCTX *p, unsigned long flags);
unsigned long ASN1_PCTX_get_nm_flags(ASN1_PCTX *p);
void ASN1_PCTX_set_nm_flags(ASN1_PCTX *p, unsigned long flags);
unsigned long ASN1_PCTX_get_cert_flags(ASN1_PCTX *p);
void ASN1_PCTX_set_cert_flags(ASN1_PCTX *p, unsigned long flags);
unsigned long ASN1_PCTX_get_oid_flags(ASN1_PCTX *p);
void ASN1_PCTX_set_oid_flags(ASN1_PCTX *p, unsigned long flags);
unsigned long ASN1_PCTX_get_str_flags(ASN1_PCTX *p);
void ASN1_PCTX_set_str_flags(ASN1_PCTX *p, unsigned long flags);
BIO_METHOD *BIO_f_asn1(void);
BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it);
int i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
const ASN1_ITEM *it);
int PEM_write_bio_ASN1_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
const char *hdr,
const ASN1_ITEM *it);
int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
int ctype_nid, int econt_nid,
STACK_OF(X509_ALGOR) *mdalgs,
asn1_output_data_fn *data_fn,
const ASN1_ITEM *it);
ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it);
int SMIME_crlf_copy(BIO *in, BIO *out, int flags);
int SMIME_text(BIO *in, BIO *out);
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
@ -1118,6 +1177,7 @@ void ERR_load_ASN1_strings(void);
#define ASN1_F_ASN1_ENUMERATED_TO_BN 113
#define ASN1_F_ASN1_EX_C2I 204
#define ASN1_F_ASN1_FIND_END 190
#define ASN1_F_ASN1_GENERALIZEDTIME_ADJ 216
#define ASN1_F_ASN1_GENERALIZEDTIME_SET 185
#define ASN1_F_ASN1_GENERATE_V3 178
#define ASN1_F_ASN1_GET_OBJECT 114
@ -1138,7 +1198,7 @@ void ERR_load_ASN1_strings(void);
#define ASN1_F_ASN1_ITEM_VERIFY 197
#define ASN1_F_ASN1_MBSTRING_NCOPY 122
#define ASN1_F_ASN1_OBJECT_NEW 123
#define ASN1_F_ASN1_OUTPUT_DATA 207
#define ASN1_F_ASN1_OUTPUT_DATA 214
#define ASN1_F_ASN1_PACK_STRING 124
#define ASN1_F_ASN1_PCTX_NEW 205
#define ASN1_F_ASN1_PKCS5_PBE_SET 125
@ -1152,14 +1212,17 @@ void ERR_load_ASN1_strings(void);
#define ASN1_F_ASN1_TEMPLATE_EX_D2I 132
#define ASN1_F_ASN1_TEMPLATE_NEW 133
#define ASN1_F_ASN1_TEMPLATE_NOEXP_D2I 131
#define ASN1_F_ASN1_TIME_ADJ 217
#define ASN1_F_ASN1_TIME_SET 175
#define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 134
#define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 135
#define ASN1_F_ASN1_UNPACK_STRING 136
#define ASN1_F_ASN1_UTCTIME_ADJ 218
#define ASN1_F_ASN1_UTCTIME_SET 187
#define ASN1_F_ASN1_VERIFY 137
#define ASN1_F_B64_READ_ASN1 208
#define ASN1_F_B64_WRITE_ASN1 209
#define ASN1_F_B64_READ_ASN1 209
#define ASN1_F_B64_WRITE_ASN1 210
#define ASN1_F_BIO_NEW_NDEF 208
#define ASN1_F_BITSTR_CB 180
#define ASN1_F_BN_TO_ASN1_ENUMERATED 138
#define ASN1_F_BN_TO_ASN1_INTEGER 139
@ -1178,6 +1241,7 @@ void ERR_load_ASN1_strings(void);
#define ASN1_F_D2I_ASN1_TYPE_BYTES 149
#define ASN1_F_D2I_ASN1_UINTEGER 150
#define ASN1_F_D2I_ASN1_UTCTIME 151
#define ASN1_F_D2I_AUTOPRIVATEKEY 207
#define ASN1_F_D2I_NETSCAPE_RSA 152
#define ASN1_F_D2I_NETSCAPE_RSA_2 153
#define ASN1_F_D2I_PRIVATEKEY 154
@ -1187,6 +1251,7 @@ void ERR_load_ASN1_strings(void);
#define ASN1_F_D2I_X509 156
#define ASN1_F_D2I_X509_CINF 157
#define ASN1_F_D2I_X509_PKEY 159
#define ASN1_F_I2D_ASN1_BIO_STREAM 211
#define ASN1_F_I2D_ASN1_SET 188
#define ASN1_F_I2D_ASN1_TIME 160
#define ASN1_F_I2D_DSA_PUBKEY 161
@ -1198,10 +1263,11 @@ void ERR_load_ASN1_strings(void);
#define ASN1_F_LONG_C2I 166
#define ASN1_F_OID_MODULE_INIT 174
#define ASN1_F_PARSE_TAGGING 182
#define ASN1_F_PKCS5_PBE2_SET 167
#define ASN1_F_PKCS5_PBE2_SET_IV 167
#define ASN1_F_PKCS5_PBE_SET 202
#define ASN1_F_SMIME_READ_ASN1 210
#define ASN1_F_SMIME_TEXT 211
#define ASN1_F_PKCS5_PBE_SET0_ALGOR 215
#define ASN1_F_SMIME_READ_ASN1 212
#define ASN1_F_SMIME_TEXT 213
#define ASN1_F_X509_CINF_NEW 168
#define ASN1_F_X509_CRL_ADD0_REVOKED 169
#define ASN1_F_X509_INFO_NEW 170
@ -1213,14 +1279,14 @@ void ERR_load_ASN1_strings(void);
/* Reason codes. */
#define ASN1_R_ADDING_OBJECT 171
#define ASN1_R_ASN1_PARSE_ERROR 198
#define ASN1_R_ASN1_SIG_PARSE_ERROR 199
#define ASN1_R_ASN1_PARSE_ERROR 203
#define ASN1_R_ASN1_SIG_PARSE_ERROR 204
#define ASN1_R_AUX_ERROR 100
#define ASN1_R_BAD_CLASS 101
#define ASN1_R_BAD_OBJECT_HEADER 102
#define ASN1_R_BAD_PASSWORD_READ 103
#define ASN1_R_BAD_TAG 104
#define ASN1_R_BMPSTRING_IS_WRONG_LENGTH 210
#define ASN1_R_BMPSTRING_IS_WRONG_LENGTH 214
#define ASN1_R_BN_LIB 105
#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 106
#define ASN1_R_BUFFER_TOO_SMALL 107
@ -1229,6 +1295,7 @@ void ERR_load_ASN1_strings(void);
#define ASN1_R_DECODE_ERROR 110
#define ASN1_R_DECODING_ERROR 111
#define ASN1_R_DEPTH_EXCEEDED 174
#define ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED 198
#define ASN1_R_ENCODE_ERROR 112
#define ASN1_R_ERROR_GETTING_TIME 173
#define ASN1_R_ERROR_LOADING_SECTION 172
@ -1262,10 +1329,10 @@ void ERR_load_ASN1_strings(void);
#define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG 128
#define ASN1_R_INVALID_BMPSTRING_LENGTH 129
#define ASN1_R_INVALID_DIGIT 130
#define ASN1_R_INVALID_MIME_TYPE 200
#define ASN1_R_INVALID_MIME_TYPE 205
#define ASN1_R_INVALID_MODIFIER 186
#define ASN1_R_INVALID_NUMBER 187
#define ASN1_R_INVALID_OBJECT_ENCODING 212
#define ASN1_R_INVALID_OBJECT_ENCODING 216
#define ASN1_R_INVALID_SEPARATOR 131
#define ASN1_R_INVALID_TIME_FORMAT 132
#define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH 133
@ -1273,9 +1340,9 @@ void ERR_load_ASN1_strings(void);
#define ASN1_R_IV_TOO_LARGE 135
#define ASN1_R_LENGTH_ERROR 136
#define ASN1_R_LIST_ERROR 188
#define ASN1_R_MIME_NO_CONTENT_TYPE 201
#define ASN1_R_MIME_PARSE_ERROR 202
#define ASN1_R_MIME_SIG_PARSE_ERROR 203
#define ASN1_R_MIME_NO_CONTENT_TYPE 206
#define ASN1_R_MIME_PARSE_ERROR 207
#define ASN1_R_MIME_SIG_PARSE_ERROR 208
#define ASN1_R_MISSING_EOC 137
#define ASN1_R_MISSING_SECOND_NUMBER 138
#define ASN1_R_MISSING_VALUE 189
@ -1285,11 +1352,12 @@ void ERR_load_ASN1_strings(void);
#define ASN1_R_NON_HEX_CHARACTERS 141
#define ASN1_R_NOT_ASCII_FORMAT 190
#define ASN1_R_NOT_ENOUGH_DATA 142
#define ASN1_R_NO_CONTENT_TYPE 204
#define ASN1_R_NO_CONTENT_TYPE 209
#define ASN1_R_NO_DEFAULT_DIGEST 201
#define ASN1_R_NO_MATCHING_CHOICE_TYPE 143
#define ASN1_R_NO_MULTIPART_BODY_FAILURE 205
#define ASN1_R_NO_MULTIPART_BOUNDARY 206
#define ASN1_R_NO_SIG_CONTENT_TYPE 207
#define ASN1_R_NO_MULTIPART_BODY_FAILURE 210
#define ASN1_R_NO_MULTIPART_BOUNDARY 211
#define ASN1_R_NO_SIG_CONTENT_TYPE 212
#define ASN1_R_NULL_IS_WRONG_LENGTH 144
#define ASN1_R_OBJECT_NOT_ASCII_FORMAT 191
#define ASN1_R_ODD_NUMBER_OF_CHARS 145
@ -1299,8 +1367,8 @@ void ERR_load_ASN1_strings(void);
#define ASN1_R_SEQUENCE_NOT_CONSTRUCTED 149
#define ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG 192
#define ASN1_R_SHORT_LINE 150
#define ASN1_R_SIG_INVALID_MIME_TYPE 208
#define ASN1_R_STREAMING_NOT_SUPPORTED 209
#define ASN1_R_SIG_INVALID_MIME_TYPE 213
#define ASN1_R_STREAMING_NOT_SUPPORTED 202
#define ASN1_R_STRING_TOO_LONG 151
#define ASN1_R_STRING_TOO_SHORT 152
#define ASN1_R_TAG_VALUE_TOO_HIGH 153
@ -1311,11 +1379,12 @@ void ERR_load_ASN1_strings(void);
#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 157
#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 158
#define ASN1_R_UNEXPECTED_EOC 159
#define ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH 211
#define ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH 215
#define ASN1_R_UNKNOWN_FORMAT 160
#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 161
#define ASN1_R_UNKNOWN_OBJECT_TYPE 162
#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 163
#define ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM 199
#define ASN1_R_UNKNOWN_TAG 194
#define ASN1_R_UNKOWN_FORMAT 195
#define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE 164
@ -1323,6 +1392,7 @@ void ERR_load_ASN1_strings(void);
#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 166
#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 167
#define ASN1_R_UNSUPPORTED_TYPE 196
#define ASN1_R_WRONG_PUBLIC_KEY_TYPE 200
#define ASN1_R_WRONG_TAG 168
#define ASN1_R_WRONG_TYPE 169

7
include/openssl/asn1_mac.h
View File

@ -153,6 +153,13 @@ err:\
M_ASN1_D2I_get(b,func); \
}
#define M_ASN1_D2I_get_int_opt(b,func,type) \
if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) \
== (V_ASN1_UNIVERSAL|(type)))) \
{ \
M_ASN1_D2I_get_int(b,func); \
}
#define M_ASN1_D2I_get_imp(b,func, type) \
M_ASN1_next=(_tmp& V_ASN1_CONSTRUCTED)|type; \
c.q=c.p; \

71
include/openssl/asn1t.h
View File

@ -3,7 +3,7 @@
* project 2000.
*/
/* ====================================================================
* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
* Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@ -218,6 +218,18 @@ extern "C" {
#stname \
ASN1_ITEM_end(tname)
#define ASN1_NDEF_SEQUENCE_END_cb(stname, tname) \
;\
ASN1_ITEM_start(tname) \
ASN1_ITYPE_NDEF_SEQUENCE,\
V_ASN1_SEQUENCE,\
tname##_seq_tt,\
sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
&tname##_aux,\
sizeof(stname),\
#stname \
ASN1_ITEM_end(tname)
/* This pair helps declare a CHOICE type. We can do:
*
@ -651,8 +663,13 @@ typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM
typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
typedef int ASN1_ex_print_func(BIO *out, ASN1_VALUE **pval,
int indent, const char *fname,
const ASN1_PCTX *pctx);
typedef int ASN1_primitive_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it);
typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
typedef int ASN1_primitive_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it, int indent, const ASN1_PCTX *pctx);
typedef struct ASN1_COMPAT_FUNCS_st {
ASN1_new_func *asn1_new;
@ -668,6 +685,7 @@ typedef struct ASN1_EXTERN_FUNCS_st {
ASN1_ex_free_func *asn1_ex_clear;
ASN1_ex_d2i *asn1_ex_d2i;
ASN1_ex_i2d *asn1_ex_i2d;
ASN1_ex_print_func *asn1_ex_print;
} ASN1_EXTERN_FUNCS;
typedef struct ASN1_PRIMITIVE_FUNCS_st {
@ -678,6 +696,7 @@ typedef struct ASN1_PRIMITIVE_FUNCS_st {
ASN1_ex_free_func *prim_clear;
ASN1_primitive_c2i *prim_c2i;
ASN1_primitive_i2c *prim_i2c;
ASN1_primitive_print *prim_print;
} ASN1_PRIMITIVE_FUNCS;
/* This is the ASN1_AUX structure: it handles various
@ -697,7 +716,8 @@ typedef struct ASN1_PRIMITIVE_FUNCS_st {
* then an external type is more appropriate.
*/
typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it);
typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it,
void *exarg);
typedef struct ASN1_AUX_st {
void *app_data;
@ -708,6 +728,23 @@ typedef struct ASN1_AUX_st {
int enc_offset; /* Offset of ASN1_ENCODING structure */
} ASN1_AUX;
/* For print related callbacks exarg points to this structure */
typedef struct ASN1_PRINT_ARG_st {
BIO *out;
int indent;
const ASN1_PCTX *pctx;
} ASN1_PRINT_ARG;
/* For streaming related callbacks exarg points to this structure */
typedef struct ASN1_STREAM_ARG_st {
/* BIO to stream through */
BIO *out;
/* BIO with filters appended */
BIO *ndef_bio;
/* Streaming I/O boundary */
unsigned char **boundary;
} ASN1_STREAM_ARG;
/* Flags in ASN1_AUX */
/* Use a reference count */
@ -727,6 +764,12 @@ typedef struct ASN1_AUX_st {
#define ASN1_OP_D2I_POST 5
#define ASN1_OP_I2D_PRE 6
#define ASN1_OP_I2D_POST 7
#define ASN1_OP_PRINT_PRE 8
#define ASN1_OP_PRINT_POST 9
#define ASN1_OP_STREAM_PRE 10
#define ASN1_OP_STREAM_POST 11
#define ASN1_OP_DETACHED_PRE 12
#define ASN1_OP_DETACHED_POST 13
/* Macro to implement a primitive type */
#define IMPLEMENT_ASN1_TYPE(stname) IMPLEMENT_ASN1_TYPE_ex(stname, stname, 0)
@ -782,9 +825,22 @@ typedef struct ASN1_AUX_st {
#define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \
IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname)
#define IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(stname) \
IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(static, stname, stname, stname)
#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS(stname) \
IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, stname, stname)
#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(pre, stname, itname, fname) \
pre stname *fname##_new(void) \
{ \
return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
} \
pre void fname##_free(stname *a) \
{ \
ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
}
#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \
stname *fname##_new(void) \
{ \
@ -834,6 +890,17 @@ typedef struct ASN1_AUX_st {
return ASN1_item_dup(ASN1_ITEM_rptr(stname), x); \
}
#define IMPLEMENT_ASN1_PRINT_FUNCTION(stname) \
IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, stname, stname)
#define IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, itname, fname) \
int fname##_print_ctx(BIO *out, stname *x, int indent, \
const ASN1_PCTX *pctx) \
{ \
return ASN1_item_print(out, (ASN1_VALUE *)x, indent, \
ASN1_ITEM_rptr(itname), pctx); \
}
#define IMPLEMENT_ASN1_FUNCTIONS_const(name) \
IMPLEMENT_ASN1_FUNCTIONS_const_fname(name, name, name)

55
include/openssl/bio.h
View File

@ -95,6 +95,7 @@ extern "C" {
#define BIO_TYPE_BIO (19|0x0400) /* (half a) BIO pair */
#define BIO_TYPE_LINEBUFFER (20|0x0200) /* filter */
#define BIO_TYPE_DGRAM (21|0x0400|0x0100)
#define BIO_TYPE_ASN1 (22|0x0200) /* filter */
#define BIO_TYPE_COMP (23|0x0200) /* filter */
#define BIO_TYPE_DESCRIPTOR 0x0100 /* socket, fd, connect or accept */
@ -265,7 +266,6 @@ int BIO_method_type(const BIO *b);
typedef void bio_info_cb(struct bio_st *, int, const char *, int, long, long);
#ifndef OPENSSL_SYS_WIN16
typedef struct bio_method_st
{
int type;
@ -279,21 +279,6 @@ typedef struct bio_method_st
int (*destroy)(BIO *);
long (*callback_ctrl)(BIO *, int, bio_info_cb *);
} BIO_METHOD;
#else
typedef struct bio_method_st
{
int type;
const char *name;
int (_far *bwrite)();
int (_far *bread)();
int (_far *bputs)();
int (_far *bgets)();
long (_far *ctrl)();
int (_far *create)();
int (_far *destroy)();
long (_far *callback_ctrl)();
} BIO_METHOD;
#endif
struct bio_st
{
@ -334,6 +319,9 @@ typedef struct bio_f_buffer_ctx_struct
int obuf_off; /* write/read offset */
} BIO_F_BUFFER_CTX;
/* Prefix and suffix callback in ASN1 BIO */
typedef int asn1_ps_func(BIO *b, unsigned char **pbuf, int *plen, void *parg);
/* connect BIO stuff */
#define BIO_CONN_S_BEFORE 1
#define BIO_CONN_S_GET_IP 2
@ -396,6 +384,13 @@ typedef struct bio_f_buffer_ctx_struct
#define BIO_C_RESET_READ_REQUEST 147
#define BIO_C_SET_MD_CTX 148
#define BIO_C_SET_PREFIX 149
#define BIO_C_GET_PREFIX 150
#define BIO_C_SET_SUFFIX 151
#define BIO_C_GET_SUFFIX 152
#define BIO_C_SET_EX_ARG 153
#define BIO_C_GET_EX_ARG 154
#define BIO_set_app_data(s,arg) BIO_set_ex_data(s,0,arg)
#define BIO_get_app_data(s) BIO_get_ex_data(s,0)
@ -559,22 +554,21 @@ int BIO_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
unsigned long BIO_number_read(BIO *bio);
unsigned long BIO_number_written(BIO *bio);
/* For BIO_f_asn1() */
int BIO_asn1_set_prefix(BIO *b, asn1_ps_func *prefix,
asn1_ps_func *prefix_free);
int BIO_asn1_get_prefix(BIO *b, asn1_ps_func **pprefix,
asn1_ps_func **pprefix_free);
int BIO_asn1_set_suffix(BIO *b, asn1_ps_func *suffix,
asn1_ps_func *suffix_free);
int BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix,
asn1_ps_func **psuffix_free);
# ifndef OPENSSL_NO_FP_API
# if defined(OPENSSL_SYS_WIN16) && defined(_WINDLL)
BIO_METHOD *BIO_s_file_internal(void);
BIO *BIO_new_file_internal(char *filename, char *mode);
BIO *BIO_new_fp_internal(FILE *stream, int close_flag);
# define BIO_s_file BIO_s_file_internal
# define BIO_new_file BIO_new_file_internal
# define BIO_new_fp BIO_new_fp_internal
# else /* FP_API */
BIO_METHOD *BIO_s_file(void );
BIO *BIO_new_file(const char *filename, const char *mode);
BIO *BIO_new_fp(FILE *stream, int close_flag);
# define BIO_s_file_internal BIO_s_file
# define BIO_new_file_internal BIO_new_file
# define BIO_new_fp_internal BIO_s_file
# endif /* FP_API */
# define BIO_s_file_internal BIO_s_file
# endif
BIO * BIO_new(BIO_METHOD *type);
int BIO_set(BIO *a,BIO_METHOD *type);
@ -603,13 +597,8 @@ int BIO_nread(BIO *bio, char **buf, int num);
int BIO_nwrite0(BIO *bio, char **buf);
int BIO_nwrite(BIO *bio, char **buf, int num);
#ifndef OPENSSL_SYS_WIN16
long BIO_debug_callback(BIO *bio,int cmd,const char *argp,int argi,
long argl,long ret);
#else
long _far _loadds BIO_debug_callback(BIO *bio,int cmd,const char *argp,int argi,
long argl,long ret);
#endif
BIO_METHOD *BIO_s_mem(void);
BIO *BIO_new_mem_buf(void *buf, int len);

6
include/openssl/blowfish.h
View File

@ -79,7 +79,7 @@ extern "C" {
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
*/
#if defined(OPENSSL_SYS_WIN16) || defined(__LP32__)
#if defined(__LP32__)
#define BF_LONG unsigned long
#elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
#define BF_LONG unsigned long
@ -104,9 +104,7 @@ typedef struct bf_key_st
BF_LONG S[4*256];
} BF_KEY;
#ifdef OPENSSL_FIPS
void private_BF_set_key(BF_KEY *key, int len, const unsigned char *data);
#endif
void BF_set_key(BF_KEY *key, int len, const unsigned char *data);
void BF_encrypt(BF_LONG *data,const BF_KEY *key);

181
include/openssl/bn.h
View File

@ -55,6 +55,59 @@
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
/* ====================================================================
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
/* ====================================================================
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
*
@ -77,6 +130,7 @@
#include <stdio.h> /* FILE */
#endif
#include <openssl/ossl_typ.h>
#include <openssl/crypto.h>
#ifdef __cplusplus
extern "C" {
@ -94,9 +148,11 @@ extern "C" {
/* #define BN_DEBUG */
/* #define BN_DEBUG_RAND */
#ifndef OPENSSL_SMALL_FOOTPRINT
#define BN_MUL_COMBA
#define BN_SQR_COMBA
#define BN_RECURSION
#endif
/* This next option uses the C libraries (2 word)/(1 word) function.
* If it is not defined, I use my C version (which is slower).
@ -137,6 +193,8 @@ extern "C" {
#define BN_DEC_FMT1 "%lu"
#define BN_DEC_FMT2 "%019lu"
#define BN_DEC_NUM 19
#define BN_HEX_FMT1 "%lX"
#define BN_HEX_FMT2 "%016lX"
#endif
/* This is where the long long data type is 64 bits, but long is 32.
@ -162,83 +220,37 @@ extern "C" {
#define BN_DEC_FMT1 "%llu"
#define BN_DEC_FMT2 "%019llu"
#define BN_DEC_NUM 19
#define BN_HEX_FMT1 "%llX"
#define BN_HEX_FMT2 "%016llX"
#endif
#ifdef THIRTY_TWO_BIT
#ifdef BN_LLONG
# if defined(OPENSSL_SYS_WIN32) && !defined(__GNUC__)
# if defined(_WIN32) && !defined(__GNUC__)
# define BN_ULLONG unsigned __int64
# define BN_MASK (0xffffffffffffffffI64)
# else
# define BN_ULLONG unsigned long long
# define BN_MASK (0xffffffffffffffffLL)
# endif
#endif
#define BN_ULONG unsigned long
#define BN_LONG long
#define BN_ULONG unsigned int
#define BN_LONG int
#define BN_BITS 64
#define BN_BYTES 4
#define BN_BITS2 32
#define BN_BITS4 16
#ifdef OPENSSL_SYS_WIN32
/* VC++ doesn't like the LL suffix */
#define BN_MASK (0xffffffffffffffffL)
#else
#define BN_MASK (0xffffffffffffffffLL)
#endif
#define BN_MASK2 (0xffffffffL)
#define BN_MASK2l (0xffff)
#define BN_MASK2h1 (0xffff8000L)
#define BN_MASK2h (0xffff0000L)
#define BN_TBIT (0x80000000L)
#define BN_DEC_CONV (1000000000L)
#define BN_DEC_FMT1 "%lu"
#define BN_DEC_FMT2 "%09lu"
#define BN_DEC_FMT1 "%u"
#define BN_DEC_FMT2 "%09u"
#define BN_DEC_NUM 9
#endif
#ifdef SIXTEEN_BIT
#ifndef BN_DIV2W
#define BN_DIV2W
#endif
#define BN_ULLONG unsigned long
#define BN_ULONG unsigned short
#define BN_LONG short
#define BN_BITS 32
#define BN_BYTES 2
#define BN_BITS2 16
#define BN_BITS4 8
#define BN_MASK (0xffffffff)
#define BN_MASK2 (0xffff)
#define BN_MASK2l (0xff)
#define BN_MASK2h1 (0xff80)
#define BN_MASK2h (0xff00)
#define BN_TBIT (0x8000)
#define BN_DEC_CONV (100000)
#define BN_DEC_FMT1 "%u"
#define BN_DEC_FMT2 "%05u"
#define BN_DEC_NUM 5
#endif
#ifdef EIGHT_BIT
#ifndef BN_DIV2W
#define BN_DIV2W
#endif
#define BN_ULLONG unsigned short
#define BN_ULONG unsigned char
#define BN_LONG char
#define BN_BITS 16
#define BN_BYTES 1
#define BN_BITS2 8
#define BN_BITS4 4
#define BN_MASK (0xffff)
#define BN_MASK2 (0xff)
#define BN_MASK2l (0xf)
#define BN_MASK2h1 (0xf8)
#define BN_MASK2h (0xf0)
#define BN_TBIT (0x80)
#define BN_DEC_CONV (100)
#define BN_DEC_FMT1 "%u"
#define BN_DEC_FMT2 "%02u"
#define BN_DEC_NUM 2
#define BN_HEX_FMT1 "%X"
#define BN_HEX_FMT2 "%08X"
#endif
#define BN_DEFAULT_BITS 1280
@ -303,12 +315,8 @@ struct bn_mont_ctx_st
BIGNUM N; /* The modulus */
BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1
* (Ni is only stored for bignum algorithm) */
#if 0
/* OpenSSL 0.9.9 preview: */
BN_ULONG n0[2];/* least significant word(s) of Ni */
#else
BN_ULONG n0; /* least significant word of Ni */
#endif
BN_ULONG n0[2];/* least significant word(s) of Ni;
(type changed with 0.9.9, was "BN_ULONG n0;" before) */
int flags;
};
@ -504,6 +512,7 @@ char * BN_bn2hex(const BIGNUM *a);
char * BN_bn2dec(const BIGNUM *a);
int BN_hex2bn(BIGNUM **a, const char *str);
int BN_dec2bn(BIGNUM **a, const char *str);
int BN_asc2bn(BIGNUM **a, const char *str);
int BN_gcd(BIGNUM *r,const BIGNUM *a,const BIGNUM *b,BN_CTX *ctx);
int BN_kronecker(const BIGNUM *a,const BIGNUM *b,BN_CTX *ctx); /* returns -2 for error */
BIGNUM *BN_mod_inverse(BIGNUM *ret,
@ -531,17 +540,6 @@ int BN_is_prime_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx, BN_GENCB *cb);
int BN_is_prime_fasttest_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx,
int do_trial_division, BN_GENCB *cb);
int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx);
int BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
const BIGNUM *Xp, const BIGNUM *Xp1, const BIGNUM *Xp2,
const BIGNUM *e, BN_CTX *ctx, BN_GENCB *cb);
int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
BIGNUM *Xp1, BIGNUM *Xp2,
const BIGNUM *Xp,
const BIGNUM *e, BN_CTX *ctx,
BN_GENCB *cb);
BN_MONT_CTX *BN_MONT_CTX_new(void );
void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
int BN_mod_mul_montgomery(BIGNUM *r,const BIGNUM *a,const BIGNUM *b,
@ -560,19 +558,22 @@ BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock,
#define BN_BLINDING_NO_UPDATE 0x00000001
#define BN_BLINDING_NO_RECREATE 0x00000002
BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, /* const */ BIGNUM *mod);
BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod);
void BN_BLINDING_free(BN_BLINDING *b);
int BN_BLINDING_update(BN_BLINDING *b,BN_CTX *ctx);
int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *);
int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *);
#ifndef OPENSSL_NO_DEPRECATED
unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *);
void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long);
#endif
CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *);
unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
const BIGNUM *e, /* const */ BIGNUM *m, BN_CTX *ctx,
const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx),
BN_MONT_CTX *m_ctx);
@ -625,24 +626,24 @@ int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
* t^p[0] + t^p[1] + ... + t^p[k]
* where m = p[0] > p[1] > ... > p[k] = 0.
*/
int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[]);
int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const int p[]);
/* r = a mod p */
int BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
const unsigned int p[], BN_CTX *ctx); /* r = (a * b) mod p */
int BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[],
const int p[], BN_CTX *ctx); /* r = (a * b) mod p */
int BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const int p[],
BN_CTX *ctx); /* r = (a * a) mod p */
int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *b, const unsigned int p[],
int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *b, const int p[],
BN_CTX *ctx); /* r = (1 / b) mod p */
int BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
const unsigned int p[], BN_CTX *ctx); /* r = (a / b) mod p */
const int p[], BN_CTX *ctx); /* r = (a / b) mod p */
int BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
const unsigned int p[], BN_CTX *ctx); /* r = (a ^ b) mod p */
const int p[], BN_CTX *ctx); /* r = (a ^ b) mod p */
int BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a,
const unsigned int p[], BN_CTX *ctx); /* r = sqrt(a) mod p */
const int p[], BN_CTX *ctx); /* r = sqrt(a) mod p */
int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a,
const unsigned int p[], BN_CTX *ctx); /* r^2 + r = a mod p */
int BN_GF2m_poly2arr(const BIGNUM *a, unsigned int p[], int max);
int BN_GF2m_arr2poly(const unsigned int p[], BIGNUM *a);
const int p[], BN_CTX *ctx); /* r^2 + r = a mod p */
int BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max);
int BN_GF2m_arr2poly(const int p[], BIGNUM *a);
/* faster mod functions for the 'NIST primes'
* 0 <= a < p^2 */
@ -751,10 +752,12 @@ int RAND_pseudo_bytes(unsigned char *buf,int num);
#define bn_correct_top(a) \
{ \
BN_ULONG *ftl; \
if ((a)->top > 0) \
int tmp_top = (a)->top; \
if (tmp_top > 0) \
{ \
for (ftl= &((a)->d[(a)->top-1]); (a)->top > 0; (a)->top--) \
if (*(ftl--)) break; \
for (ftl= &((a)->d[tmp_top-1]); tmp_top > 0; tmp_top--) \
if (*(ftl--)) break; \
(a)->top = tmp_top; \
} \
bn_pollute(a); \
}

9
include/openssl/buffer.h
View File

@ -76,18 +76,19 @@ extern "C" {
struct buf_mem_st
{
int length; /* current number of bytes */
size_t length; /* current number of bytes */
char *data;
int max; /* size of buffer */
size_t max; /* size of buffer */
};
BUF_MEM *BUF_MEM_new(void);
void BUF_MEM_free(BUF_MEM *a);
int BUF_MEM_grow(BUF_MEM *str, int len);
int BUF_MEM_grow_clean(BUF_MEM *str, int len);
int BUF_MEM_grow(BUF_MEM *str, size_t len);
int BUF_MEM_grow_clean(BUF_MEM *str, size_t len);
char * BUF_strdup(const char *str);
char * BUF_strndup(const char *str, size_t siz);
void * BUF_memdup(const void *data, size_t siz);
void BUF_reverse(unsigned char *out, unsigned char *in, size_t siz);
/* safe string functions */
size_t BUF_strlcpy(char *dst,const char *src,size_t siz);

126
include/openssl/camellia.h Normal file
View File

@ -0,0 +1,126 @@
/* crypto/camellia/camellia.h -*- mode:C; c-file-style: "eay" -*- */
/* ====================================================================
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
*/
#ifndef HEADER_CAMELLIA_H
#define HEADER_CAMELLIA_H
#include <openssl/opensslconf.h>
#ifdef OPENSSL_NO_CAMELLIA
#error CAMELLIA is disabled.
#endif
#include <stddef.h>
#define CAMELLIA_ENCRYPT 1
#define CAMELLIA_DECRYPT 0
/* Because array size can't be a const in C, the following two are macros.
Both sizes are in bytes. */
#ifdef __cplusplus
extern "C" {
#endif
/* This should be a hidden type, but EVP requires that the size be known */
#define CAMELLIA_BLOCK_SIZE 16
#define CAMELLIA_TABLE_BYTE_LEN 272
#define CAMELLIA_TABLE_WORD_LEN (CAMELLIA_TABLE_BYTE_LEN / 4)
typedef unsigned int KEY_TABLE_TYPE[CAMELLIA_TABLE_WORD_LEN]; /* to match with WORD */
struct camellia_key_st
{
union {
double d; /* ensures 64-bit align */
KEY_TABLE_TYPE rd_key;
} u;
int grand_rounds;
};
typedef struct camellia_key_st CAMELLIA_KEY;
int Camellia_set_key(const unsigned char *userKey, const int bits,
CAMELLIA_KEY *key);
void Camellia_encrypt(const unsigned char *in, unsigned char *out,
const CAMELLIA_KEY *key);
void Camellia_decrypt(const unsigned char *in, unsigned char *out,
const CAMELLIA_KEY *key);
void Camellia_ecb_encrypt(const unsigned char *in, unsigned char *out,
const CAMELLIA_KEY *key, const int enc);
void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
size_t length, const CAMELLIA_KEY *key,
unsigned char *ivec, const int enc);
void Camellia_cfb128_encrypt(const unsigned char *in, unsigned char *out,
size_t length, const CAMELLIA_KEY *key,
unsigned char *ivec, int *num, const int enc);
void Camellia_cfb1_encrypt(const unsigned char *in, unsigned char *out,
size_t length, const CAMELLIA_KEY *key,
unsigned char *ivec, int *num, const int enc);
void Camellia_cfb8_encrypt(const unsigned char *in, unsigned char *out,
size_t length, const CAMELLIA_KEY *key,
unsigned char *ivec, int *num, const int enc);
void Camellia_ofb128_encrypt(const unsigned char *in, unsigned char *out,
size_t length, const CAMELLIA_KEY *key,
unsigned char *ivec, int *num);
void Camellia_ctr128_encrypt(const unsigned char *in, unsigned char *out,
size_t length, const CAMELLIA_KEY *key,
unsigned char ivec[CAMELLIA_BLOCK_SIZE],
unsigned char ecount_buf[CAMELLIA_BLOCK_SIZE],
unsigned int *num);
#ifdef __cplusplus
}
#endif
#endif /* !HEADER_Camellia_H */

6
include/openssl/cast.h
View File

@ -72,7 +72,7 @@ extern "C" {
#define CAST_ENCRYPT 1
#define CAST_DECRYPT 0
#define CAST_LONG unsigned long
#define CAST_LONG unsigned int
#define CAST_BLOCK 8
#define CAST_KEY_LENGTH 16
@ -83,9 +83,7 @@ typedef struct cast_key_st
int short_key; /* Use reduced rounds for short key */
} CAST_KEY;
#ifdef OPENSSL_FIPS
void private_CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
#endif
void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out, const CAST_KEY *key,
int enc);

479
include/openssl/cms.h Normal file
View File

@ -0,0 +1,479 @@
/* crypto/cms/cms.h */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
*/
/* ====================================================================
* Copyright (c) 2008 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#ifndef HEADER_CMS_H
#define HEADER_CMS_H
#include <openssl/x509.h>
#ifdef OPENSSL_NO_CMS
#error CMS is disabled.
#endif
#ifdef __cplusplus
extern "C" {
#endif
typedef struct CMS_ContentInfo_st CMS_ContentInfo;
typedef struct CMS_SignerInfo_st CMS_SignerInfo;
typedef struct CMS_CertificateChoices CMS_CertificateChoices;
typedef struct CMS_RevocationInfoChoice_st CMS_RevocationInfoChoice;
typedef struct CMS_RecipientInfo_st CMS_RecipientInfo;
typedef struct CMS_ReceiptRequest_st CMS_ReceiptRequest;
typedef struct CMS_Receipt_st CMS_Receipt;
DECLARE_STACK_OF(CMS_SignerInfo)
DECLARE_STACK_OF(GENERAL_NAMES)
DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
DECLARE_ASN1_FUNCTIONS(CMS_ReceiptRequest)
DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
#define CMS_SIGNERINFO_ISSUER_SERIAL 0
#define CMS_SIGNERINFO_KEYIDENTIFIER 1
#define CMS_RECIPINFO_TRANS 0
#define CMS_RECIPINFO_AGREE 1
#define CMS_RECIPINFO_KEK 2
#define CMS_RECIPINFO_PASS 3
#define CMS_RECIPINFO_OTHER 4
/* S/MIME related flags */
#define CMS_TEXT 0x1
#define CMS_NOCERTS 0x2
#define CMS_NO_CONTENT_VERIFY 0x4
#define CMS_NO_ATTR_VERIFY 0x8
#define CMS_NOSIGS \
(CMS_NO_CONTENT_VERIFY|CMS_NO_ATTR_VERIFY)
#define CMS_NOINTERN 0x10
#define CMS_NO_SIGNER_CERT_VERIFY 0x20
#define CMS_NOVERIFY 0x20
#define CMS_DETACHED 0x40
#define CMS_BINARY 0x80
#define CMS_NOATTR 0x100
#define CMS_NOSMIMECAP 0x200
#define CMS_NOOLDMIMETYPE 0x400
#define CMS_CRLFEOL 0x800
#define CMS_STREAM 0x1000
#define CMS_NOCRL 0x2000
#define CMS_PARTIAL 0x4000
#define CMS_REUSE_DIGEST 0x8000
#define CMS_USE_KEYID 0x10000
const ASN1_OBJECT *CMS_get0_type(CMS_ContentInfo *cms);
BIO *CMS_dataInit(CMS_ContentInfo *cms, BIO *icont);
int CMS_dataFinal(CMS_ContentInfo *cms, BIO *bio);
ASN1_OCTET_STRING **CMS_get0_content(CMS_ContentInfo *cms);
int CMS_is_detached(CMS_ContentInfo *cms);
int CMS_set_detached(CMS_ContentInfo *cms, int detached);
#ifdef HEADER_PEM_H
DECLARE_PEM_rw_const(CMS, CMS_ContentInfo)
#endif
int CMS_stream(unsigned char ***boundary, CMS_ContentInfo *cms);
CMS_ContentInfo *d2i_CMS_bio(BIO *bp, CMS_ContentInfo **cms);
int i2d_CMS_bio(BIO *bp, CMS_ContentInfo *cms);
BIO *BIO_new_CMS(BIO *out, CMS_ContentInfo *cms);
int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags);
int PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags);
CMS_ContentInfo *SMIME_read_CMS(BIO *bio, BIO **bcont);
int SMIME_write_CMS(BIO *bio, CMS_ContentInfo *cms, BIO *data, int flags);
int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont, unsigned int flags);
CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
BIO *data, unsigned int flags);
CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
X509 *signcert, EVP_PKEY *pkey,
STACK_OF(X509) *certs,
unsigned int flags);
int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags);
CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags);
int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
unsigned int flags);
CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md,
unsigned int flags);
int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms,
const unsigned char *key, size_t keylen,
BIO *dcont, BIO *out, unsigned int flags);
CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
const unsigned char *key, size_t keylen,
unsigned int flags);
int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph,
const unsigned char *key, size_t keylen);
int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
X509_STORE *store, BIO *dcont, BIO *out, unsigned int flags);
int CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms,
STACK_OF(X509) *certs,
X509_STORE *store, unsigned int flags);
STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms);
CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in,
const EVP_CIPHER *cipher, unsigned int flags);
int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pkey, X509 *cert,
BIO *dcont, BIO *out,
unsigned int flags);
int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert);
int CMS_decrypt_set1_key(CMS_ContentInfo *cms,
unsigned char *key, size_t keylen,
unsigned char *id, size_t idlen);
STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher);
CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms,
X509 *recip, unsigned int flags);
int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey);
int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert);
int CMS_RecipientInfo_ktri_get0_algs(CMS_RecipientInfo *ri,
EVP_PKEY **pk, X509 **recip,
X509_ALGOR **palg);
int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri,
ASN1_OCTET_STRING **keyid,
X509_NAME **issuer, ASN1_INTEGER **sno);
CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid,
unsigned char *key, size_t keylen,
unsigned char *id, size_t idlen,
ASN1_GENERALIZEDTIME *date,
ASN1_OBJECT *otherTypeId,
ASN1_TYPE *otherType);
int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri,
X509_ALGOR **palg,
ASN1_OCTET_STRING **pid,
ASN1_GENERALIZEDTIME **pdate,
ASN1_OBJECT **potherid,
ASN1_TYPE **pothertype);
int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri,
unsigned char *key, size_t keylen);
int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri,
const unsigned char *id, size_t idlen);
int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
unsigned int flags);
CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags);
int CMS_set1_eContentType(CMS_ContentInfo *cms, const ASN1_OBJECT *oid);
const ASN1_OBJECT *CMS_get0_eContentType(CMS_ContentInfo *cms);
CMS_CertificateChoices *CMS_add0_CertificateChoices(CMS_ContentInfo *cms);
int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert);
int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert);
STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms);
CMS_RevocationInfoChoice *CMS_add0_RevocationInfoChoice(CMS_ContentInfo *cms);
int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl);
int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl);
STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms);
int CMS_SignedData_init(CMS_ContentInfo *cms);
CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
X509 *signer, EVP_PKEY *pk, const EVP_MD *md,
unsigned int flags);
STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms);
void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer);
int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si,
ASN1_OCTET_STRING **keyid,
X509_NAME **issuer, ASN1_INTEGER **sno);
int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert);
int CMS_set1_signers_certs(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
unsigned int flags);
void CMS_SignerInfo_get0_algs(CMS_SignerInfo *si, EVP_PKEY **pk, X509 **signer,
X509_ALGOR **pdig, X509_ALGOR **psig);
int CMS_SignerInfo_sign(CMS_SignerInfo *si);
int CMS_SignerInfo_verify(CMS_SignerInfo *si);
int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain);
int CMS_add_smimecap(CMS_SignerInfo *si, STACK_OF(X509_ALGOR) *algs);
int CMS_add_simple_smimecap(STACK_OF(X509_ALGOR) **algs,
int algnid, int keysize);
int CMS_add_standard_smimecap(STACK_OF(X509_ALGOR) **smcap);
int CMS_signed_get_attr_count(const CMS_SignerInfo *si);
int CMS_signed_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
int lastpos);
int CMS_signed_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
int lastpos);
X509_ATTRIBUTE *CMS_signed_get_attr(const CMS_SignerInfo *si, int loc);
X509_ATTRIBUTE *CMS_signed_delete_attr(CMS_SignerInfo *si, int loc);
int CMS_signed_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr);
int CMS_signed_add1_attr_by_OBJ(CMS_SignerInfo *si,
const ASN1_OBJECT *obj, int type,
const void *bytes, int len);
int CMS_signed_add1_attr_by_NID(CMS_SignerInfo *si,
int nid, int type,
const void *bytes, int len);
int CMS_signed_add1_attr_by_txt(CMS_SignerInfo *si,
const char *attrname, int type,
const void *bytes, int len);
void *CMS_signed_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
int lastpos, int type);
int CMS_unsigned_get_attr_count(const CMS_SignerInfo *si);
int CMS_unsigned_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
int lastpos);
int CMS_unsigned_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
int lastpos);
X509_ATTRIBUTE *CMS_unsigned_get_attr(const CMS_SignerInfo *si, int loc);
X509_ATTRIBUTE *CMS_unsigned_delete_attr(CMS_SignerInfo *si, int loc);
int CMS_unsigned_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr);
int CMS_unsigned_add1_attr_by_OBJ(CMS_SignerInfo *si,
const ASN1_OBJECT *obj, int type,
const void *bytes, int len);
int CMS_unsigned_add1_attr_by_NID(CMS_SignerInfo *si,
int nid, int type,
const void *bytes, int len);
int CMS_unsigned_add1_attr_by_txt(CMS_SignerInfo *si,
const char *attrname, int type,
const void *bytes, int len);
void *CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
int lastpos, int type);
#ifdef HEADER_X509V3_H
int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr);
CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
int allorfirst,
STACK_OF(GENERAL_NAMES) *receiptList,
STACK_OF(GENERAL_NAMES) *receiptsTo);
int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr);
void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr,
ASN1_STRING **pcid,
int *pallorfirst,
STACK_OF(GENERAL_NAMES) **plist,
STACK_OF(GENERAL_NAMES) **prto);
#endif
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_CMS_strings(void);
/* Error codes for the CMS functions. */
/* Function codes. */
#define CMS_F_CHECK_CONTENT 99
#define CMS_F_CMS_ADD0_CERT 164
#define CMS_F_CMS_ADD0_RECIPIENT_KEY 100
#define CMS_F_CMS_ADD1_RECEIPTREQUEST 158
#define CMS_F_CMS_ADD1_RECIPIENT_CERT 101
#define CMS_F_CMS_ADD1_SIGNER 102
#define CMS_F_CMS_ADD1_SIGNINGTIME 103
#define CMS_F_CMS_COMPRESS 104
#define CMS_F_CMS_COMPRESSEDDATA_CREATE 105
#define CMS_F_CMS_COMPRESSEDDATA_INIT_BIO 106
#define CMS_F_CMS_COPY_CONTENT 107
#define CMS_F_CMS_COPY_MESSAGEDIGEST 108
#define CMS_F_CMS_DATA 109
#define CMS_F_CMS_DATAFINAL 110
#define CMS_F_CMS_DATAINIT 111
#define CMS_F_CMS_DECRYPT 112
#define CMS_F_CMS_DECRYPT_SET1_KEY 113
#define CMS_F_CMS_DECRYPT_SET1_PKEY 114
#define CMS_F_CMS_DIGESTALGORITHM_FIND_CTX 115
#define CMS_F_CMS_DIGESTALGORITHM_INIT_BIO 116
#define CMS_F_CMS_DIGESTEDDATA_DO_FINAL 117
#define CMS_F_CMS_DIGEST_VERIFY 118
#define CMS_F_CMS_ENCODE_RECEIPT 161
#define CMS_F_CMS_ENCRYPT 119
#define CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO 120
#define CMS_F_CMS_ENCRYPTEDDATA_DECRYPT 121
#define CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT 122
#define CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY 123
#define CMS_F_CMS_ENVELOPEDDATA_CREATE 124
#define CMS_F_CMS_ENVELOPEDDATA_INIT_BIO 125
#define CMS_F_CMS_ENVELOPED_DATA_INIT 126
#define CMS_F_CMS_FINAL 127
#define CMS_F_CMS_GET0_CERTIFICATE_CHOICES 128
#define CMS_F_CMS_GET0_CONTENT 129
#define CMS_F_CMS_GET0_ECONTENT_TYPE 130
#define CMS_F_CMS_GET0_ENVELOPED 131
#define CMS_F_CMS_GET0_REVOCATION_CHOICES 132
#define CMS_F_CMS_GET0_SIGNED 133
#define CMS_F_CMS_MSGSIGDIGEST_ADD1 162
#define CMS_F_CMS_RECEIPTREQUEST_CREATE0 159
#define CMS_F_CMS_RECEIPT_VERIFY 160
#define CMS_F_CMS_RECIPIENTINFO_DECRYPT 134
#define CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT 135
#define CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT 136
#define CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID 137
#define CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP 138
#define CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP 139
#define CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT 140
#define CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT 141
#define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS 142
#define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID 143
#define CMS_F_CMS_RECIPIENTINFO_SET0_KEY 144
#define CMS_F_CMS_RECIPIENTINFO_SET0_PKEY 145
#define CMS_F_CMS_SET1_SIGNERIDENTIFIER 146
#define CMS_F_CMS_SET_DETACHED 147
#define CMS_F_CMS_SIGN 148
#define CMS_F_CMS_SIGNED_DATA_INIT 149
#define CMS_F_CMS_SIGNERINFO_CONTENT_SIGN 150
#define CMS_F_CMS_SIGNERINFO_SIGN 151
#define CMS_F_CMS_SIGNERINFO_VERIFY 152
#define CMS_F_CMS_SIGNERINFO_VERIFY_CERT 153
#define CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT 154
#define CMS_F_CMS_SIGN_RECEIPT 163
#define CMS_F_CMS_STREAM 155
#define CMS_F_CMS_UNCOMPRESS 156
#define CMS_F_CMS_VERIFY 157
/* Reason codes. */
#define CMS_R_ADD_SIGNER_ERROR 99
#define CMS_R_CERTIFICATE_ALREADY_PRESENT 175
#define CMS_R_CERTIFICATE_HAS_NO_KEYID 160
#define CMS_R_CERTIFICATE_VERIFY_ERROR 100
#define CMS_R_CIPHER_INITIALISATION_ERROR 101
#define CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR 102
#define CMS_R_CMS_DATAFINAL_ERROR 103
#define CMS_R_CMS_LIB 104
#define CMS_R_CONTENTIDENTIFIER_MISMATCH 170
#define CMS_R_CONTENT_NOT_FOUND 105
#define CMS_R_CONTENT_TYPE_MISMATCH 171
#define CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA 106
#define CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA 107
#define CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA 108
#define CMS_R_CONTENT_VERIFY_ERROR 109
#define CMS_R_CTRL_ERROR 110
#define CMS_R_CTRL_FAILURE 111
#define CMS_R_DECRYPT_ERROR 112
#define CMS_R_DIGEST_ERROR 161
#define CMS_R_ERROR_GETTING_PUBLIC_KEY 113
#define CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE 114
#define CMS_R_ERROR_SETTING_KEY 115
#define CMS_R_ERROR_SETTING_RECIPIENTINFO 116
#define CMS_R_INVALID_ENCRYPTED_KEY_LENGTH 117
#define CMS_R_INVALID_KEY_LENGTH 118
#define CMS_R_MD_BIO_INIT_ERROR 119
#define CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH 120
#define CMS_R_MESSAGEDIGEST_WRONG_LENGTH 121
#define CMS_R_MSGSIGDIGEST_ERROR 172
#define CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE 162
#define CMS_R_MSGSIGDIGEST_WRONG_LENGTH 163
#define CMS_R_NEED_ONE_SIGNER 164
#define CMS_R_NOT_A_SIGNED_RECEIPT 165
#define CMS_R_NOT_ENCRYPTED_DATA 122
#define CMS_R_NOT_KEK 123
#define CMS_R_NOT_KEY_TRANSPORT 124
#define CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 125
#define CMS_R_NO_CIPHER 126
#define CMS_R_NO_CONTENT 127
#define CMS_R_NO_CONTENT_TYPE 173
#define CMS_R_NO_DEFAULT_DIGEST 128
#define CMS_R_NO_DIGEST_SET 129
#define CMS_R_NO_KEY 130
#define CMS_R_NO_KEY_OR_CERT 174
#define CMS_R_NO_MATCHING_DIGEST 131
#define CMS_R_NO_MATCHING_RECIPIENT 132
#define CMS_R_NO_MATCHING_SIGNATURE 166
#define CMS_R_NO_MSGSIGDIGEST 167
#define CMS_R_NO_PRIVATE_KEY 133
#define CMS_R_NO_PUBLIC_KEY 134
#define CMS_R_NO_RECEIPT_REQUEST 168
#define CMS_R_NO_SIGNERS 135
#define CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 136
#define CMS_R_RECEIPT_DECODE_ERROR 169
#define CMS_R_RECIPIENT_ERROR 137
#define CMS_R_SIGNER_CERTIFICATE_NOT_FOUND 138
#define CMS_R_SIGNFINAL_ERROR 139
#define CMS_R_SMIME_TEXT_ERROR 140
#define CMS_R_STORE_INIT_ERROR 141
#define CMS_R_TYPE_NOT_COMPRESSED_DATA 142
#define CMS_R_TYPE_NOT_DATA 143
#define CMS_R_TYPE_NOT_DIGESTED_DATA 144
#define CMS_R_TYPE_NOT_ENCRYPTED_DATA 145
#define CMS_R_TYPE_NOT_ENVELOPED_DATA 146
#define CMS_R_UNABLE_TO_FINALIZE_CONTEXT 147
#define CMS_R_UNKNOWN_CIPHER 148
#define CMS_R_UNKNOWN_DIGEST_ALGORIHM 149
#define CMS_R_UNKNOWN_ID 150
#define CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM 151
#define CMS_R_UNSUPPORTED_CONTENT_TYPE 152
#define CMS_R_UNSUPPORTED_KEK_ALGORITHM 153
#define CMS_R_UNSUPPORTED_RECIPIENT_TYPE 154
#define CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE 155
#define CMS_R_UNSUPPORTED_TYPE 156
#define CMS_R_UNWRAP_ERROR 157
#define CMS_R_VERIFICATION_FAILURE 158
#define CMS_R_WRAP_ERROR 159
#ifdef __cplusplus
}
#endif
#endif

35
include/openssl/conf.h
View File

@ -79,8 +79,7 @@ typedef struct
} CONF_VALUE;
DECLARE_STACK_OF(CONF_VALUE)
DECLARE_STACK_OF(CONF_MODULE)
DECLARE_STACK_OF(CONF_IMODULE)
DECLARE_LHASH_OF(CONF_VALUE);
struct conf_st;
struct conf_method_st;
@ -105,6 +104,9 @@ struct conf_method_st
typedef struct conf_imodule_st CONF_IMODULE;
typedef struct conf_module_st CONF_MODULE;
DECLARE_STACK_OF(CONF_MODULE)
DECLARE_STACK_OF(CONF_IMODULE)
/* DSO module function typedefs */
typedef int conf_init_func(CONF_IMODULE *md, const CONF *cnf);
typedef void conf_finish_func(CONF_IMODULE *md);
@ -117,18 +119,23 @@ typedef void conf_finish_func(CONF_IMODULE *md);
#define CONF_MFLAGS_DEFAULT_SECTION 0x20
int CONF_set_default_method(CONF_METHOD *meth);
void CONF_set_nconf(CONF *conf,LHASH *hash);
LHASH *CONF_load(LHASH *conf,const char *file,long *eline);
void CONF_set_nconf(CONF *conf,LHASH_OF(CONF_VALUE) *hash);
LHASH_OF(CONF_VALUE) *CONF_load(LHASH_OF(CONF_VALUE) *conf,const char *file,
long *eline);
#ifndef OPENSSL_NO_FP_API
LHASH *CONF_load_fp(LHASH *conf, FILE *fp,long *eline);
LHASH_OF(CONF_VALUE) *CONF_load_fp(LHASH_OF(CONF_VALUE) *conf, FILE *fp,
long *eline);
#endif
LHASH *CONF_load_bio(LHASH *conf, BIO *bp,long *eline);
STACK_OF(CONF_VALUE) *CONF_get_section(LHASH *conf,const char *section);
char *CONF_get_string(LHASH *conf,const char *group,const char *name);
long CONF_get_number(LHASH *conf,const char *group,const char *name);
void CONF_free(LHASH *conf);
int CONF_dump_fp(LHASH *conf, FILE *out);
int CONF_dump_bio(LHASH *conf, BIO *out);
LHASH_OF(CONF_VALUE) *CONF_load_bio(LHASH_OF(CONF_VALUE) *conf, BIO *bp,long *eline);
STACK_OF(CONF_VALUE) *CONF_get_section(LHASH_OF(CONF_VALUE) *conf,
const char *section);
char *CONF_get_string(LHASH_OF(CONF_VALUE) *conf,const char *group,
const char *name);
long CONF_get_number(LHASH_OF(CONF_VALUE) *conf,const char *group,
const char *name);
void CONF_free(LHASH_OF(CONF_VALUE) *conf);
int CONF_dump_fp(LHASH_OF(CONF_VALUE) *conf, FILE *out);
int CONF_dump_bio(LHASH_OF(CONF_VALUE) *conf, BIO *out);
void OPENSSL_config(const char *config_name);
void OPENSSL_no_config(void);
@ -140,7 +147,7 @@ struct conf_st
{
CONF_METHOD *meth;
void *meth_data;
LHASH *data;
LHASH_OF(CONF_VALUE) *data;
};
CONF *NCONF_new(CONF_METHOD *meth);
@ -214,6 +221,7 @@ void ERR_load_CONF_strings(void);
#define CONF_F_CONF_LOAD_BIO 102
#define CONF_F_CONF_LOAD_FP 103
#define CONF_F_CONF_MODULES_LOAD 116
#define CONF_F_CONF_PARSE_LIST 119
#define CONF_F_DEF_LOAD 120
#define CONF_F_DEF_LOAD_BIO 121
#define CONF_F_MODULE_INIT 115
@ -233,6 +241,7 @@ void ERR_load_CONF_strings(void);
/* Reason codes. */
#define CONF_R_ERROR_LOADING_DSO 110
#define CONF_R_LIST_CANNOT_BE_NULL 115
#define CONF_R_MISSING_CLOSE_SQUARE_BRACKET 100
#define CONF_R_MISSING_EQUAL_SIGN 101
#define CONF_R_MISSING_FINISH_FUNCTION 111

104
include/openssl/crypto.h
View File

@ -1,6 +1,6 @@
/* crypto/crypto.h */
/* ====================================================================
* Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@ -219,13 +219,9 @@ typedef struct openssl_item_st
#define CRYPTO_LOCK_EC_PRE_COMP 36
#define CRYPTO_LOCK_STORE 37
#define CRYPTO_LOCK_COMP 38
#ifndef OPENSSL_FIPS
#define CRYPTO_NUM_LOCKS 39
#else
#define CRYPTO_LOCK_FIPS 39
#define CRYPTO_LOCK_FIPS2 40
#define CRYPTO_NUM_LOCKS 41
#endif
#define CRYPTO_LOCK 1
#define CRYPTO_UNLOCK 2
@ -288,9 +284,10 @@ typedef struct bio_st BIO_dummy;
struct crypto_ex_data_st
{
STACK *sk;
STACK_OF(void) *sk;
int dummy; /* gcc is screwing up this data structure :-( */
};
DECLARE_STACK_OF(void)
/* This stuff is basically class callback functions
* The current classes are SSL_CTX, SSL, SSL_SESSION, and a few more */
@ -347,7 +344,14 @@ DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS)
/* Set standard debugging functions (not done by default
* unless CRYPTO_MDEBUG is defined) */
void CRYPTO_malloc_debug_init(void);
#define CRYPTO_malloc_debug_init() do {\
CRYPTO_set_mem_debug_functions(\
CRYPTO_dbg_malloc,\
CRYPTO_dbg_realloc,\
CRYPTO_dbg_free,\
CRYPTO_dbg_set_options,\
CRYPTO_dbg_get_options);\
} while(0)
int CRYPTO_mem_ctrl(int mode);
int CRYPTO_is_mem_check_on(void);
@ -420,16 +424,32 @@ void CRYPTO_set_add_lock_callback(int (*func)(int *num,int mount,int type,
const char *file, int line));
int (*CRYPTO_get_add_lock_callback(void))(int *num,int mount,int type,
const char *file,int line);
/* Don't use this structure directly. */
typedef struct crypto_threadid_st
{
void *ptr;
unsigned long val;
} CRYPTO_THREADID;
/* Only use CRYPTO_THREADID_set_[numeric|pointer]() within callbacks */
void CRYPTO_THREADID_set_numeric(CRYPTO_THREADID *id, unsigned long val);
void CRYPTO_THREADID_set_pointer(CRYPTO_THREADID *id, void *ptr);
int CRYPTO_THREADID_set_callback(void (*threadid_func)(CRYPTO_THREADID *));
void (*CRYPTO_THREADID_get_callback(void))(CRYPTO_THREADID *);
void CRYPTO_THREADID_current(CRYPTO_THREADID *id);
int CRYPTO_THREADID_cmp(const CRYPTO_THREADID *a, const CRYPTO_THREADID *b);
void CRYPTO_THREADID_cpy(CRYPTO_THREADID *dest, const CRYPTO_THREADID *src);
unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id);
#ifndef OPENSSL_NO_DEPRECATED
void CRYPTO_set_id_callback(unsigned long (*func)(void));
unsigned long (*CRYPTO_get_id_callback(void))(void);
unsigned long CRYPTO_thread_id(void);
#endif
const char *CRYPTO_get_lock_name(int type);
int CRYPTO_add_lock(int *pointer,int amount,int type, const char *file,
int line);
void int_CRYPTO_set_do_dynlock_callback(
void (*do_dynlock_cb)(int mode, int type, const char *file, int line));
int CRYPTO_get_new_dynlockid(void);
void CRYPTO_destroy_dynlockid(int i);
struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i);
@ -454,10 +474,6 @@ int CRYPTO_set_mem_debug_functions(void (*m)(void *,int,const char *,int,int),
void (*f)(void *,int),
void (*so)(long),
long (*go)(void));
void CRYPTO_set_mem_info_functions(
int (*push_info_fn)(const char *info, const char *file, int line),
int (*pop_info_fn)(void),
int (*remove_all_info_fn)(void));
void CRYPTO_get_mem_functions(void *(**m)(size_t),void *(**r)(void *, size_t), void (**f)(void *));
void CRYPTO_get_locked_mem_functions(void *(**m)(size_t), void (**f)(void *));
void CRYPTO_get_mem_ex_functions(void *(**m)(size_t,const char *,int),
@ -514,9 +530,6 @@ void CRYPTO_dbg_free(void *addr,int before_p);
void CRYPTO_dbg_set_options(long bits);
long CRYPTO_dbg_get_options(void);
int CRYPTO_dbg_push_info(const char *info, const char *file, int line);
int CRYPTO_dbg_pop_info(void);
int CRYPTO_dbg_remove_all_info(void);
#ifndef OPENSSL_NO_FP_API
void CRYPTO_mem_leaks_fp(FILE *);
@ -534,69 +547,12 @@ unsigned long *OPENSSL_ia32cap_loc(void);
#define OPENSSL_ia32cap (*(OPENSSL_ia32cap_loc()))
int OPENSSL_isservice(void);
#ifdef OPENSSL_FIPS
#define FIPS_ERROR_IGNORED(alg) OpenSSLDie(__FILE__, __LINE__, \
alg " previous FIPS forbidden algorithm error ignored");
#define FIPS_BAD_ABORT(alg) OpenSSLDie(__FILE__, __LINE__, \
#alg " Algorithm forbidden in FIPS mode");
#ifdef OPENSSL_FIPS_STRICT
#define FIPS_BAD_ALGORITHM(alg) FIPS_BAD_ABORT(alg)
#else
#define FIPS_BAD_ALGORITHM(alg) \
{ \
FIPSerr(FIPS_F_HASH_FINAL,FIPS_R_NON_FIPS_METHOD); \
ERR_add_error_data(2, "Algorithm=", #alg); \
return 0; \
}
#endif
/* Low level digest API blocking macro */
#define FIPS_NON_FIPS_MD_Init(alg) \
int alg##_Init(alg##_CTX *c) \
{ \
if (FIPS_mode()) \
FIPS_BAD_ALGORITHM(alg) \
return private_##alg##_Init(c); \
} \
int private_##alg##_Init(alg##_CTX *c)
/* For ciphers the API often varies from cipher to cipher and each needs to
* be treated as a special case. Variable key length ciphers (Blowfish, RC4,
* CAST) however are very similar and can use a blocking macro.
*/
#define FIPS_NON_FIPS_VCIPHER_Init(alg) \
void alg##_set_key(alg##_KEY *key, int len, const unsigned char *data) \
{ \
if (FIPS_mode()) \
FIPS_BAD_ABORT(alg) \
private_##alg##_set_key(key, len, data); \
} \
void private_##alg##_set_key(alg##_KEY *key, int len, \
const unsigned char *data)
#else
#define FIPS_NON_FIPS_VCIPHER_Init(alg) \
void alg##_set_key(alg##_KEY *key, int len, const unsigned char *data)
#define FIPS_NON_FIPS_MD_Init(alg) \
int alg##_Init(alg##_CTX *c)
#endif /* def OPENSSL_FIPS */
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_CRYPTO_strings(void);
#define OPENSSL_HAVE_INIT 1
void OPENSSL_init(void);
/* Error codes for the CRYPTO functions. */
/* Function codes. */

41
include/openssl/dh.h
View File

@ -77,8 +77,6 @@
# define OPENSSL_DH_MAX_MODULUS_BITS 10000
#endif
#define OPENSSL_DH_FIPS_MIN_MODULUS_BITS 1024
#define DH_FLAG_CACHE_MONT_P 0x01
#define DH_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DH
* implementation now uses constant time
@ -159,7 +157,6 @@ struct dh_st
this for backward compatibility: */
#define DH_CHECK_P_NOT_STRONG_PRIME DH_CHECK_P_NOT_SAFE_PRIME
#define DHparams_dup(x) ASN1_dup_of_const(DH,i2d_DHparams,d2i_DHparams,x)
#define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
(char *(*)())d2i_DHparams,(fp),(unsigned char **)(x))
#define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \
@ -167,12 +164,9 @@ struct dh_st
#define d2i_DHparams_bio(bp,x) ASN1_d2i_bio_of(DH,DH_new,d2i_DHparams,bp,x)
#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio_of_const(DH,i2d_DHparams,bp,x)
const DH_METHOD *DH_OpenSSL(void);
DH *DHparams_dup(DH *);
#ifdef OPENSSL_FIPS
DH * FIPS_dh_new(void);
void FIPS_dh_free(DH *dh);
#endif
const DH_METHOD *DH_OpenSSL(void);
void DH_set_default_method(const DH_METHOD *meth);
const DH_METHOD *DH_get_default_method(void);
@ -212,6 +206,18 @@ int DHparams_print(BIO *bp, const DH *x);
int DHparams_print(char *bp, const DH *x);
#endif
#define EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, len, NULL)
#define EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, gen) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR, gen, NULL)
#define EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN (EVP_PKEY_ALG_CTRL + 1)
#define EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR (EVP_PKEY_ALG_CTRL + 2)
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
@ -222,22 +228,31 @@ void ERR_load_DH_strings(void);
/* Function codes. */
#define DH_F_COMPUTE_KEY 102
#define DH_F_DHPARAMS_PRINT 100
#define DH_F_DHPARAMS_PRINT_FP 101
#define DH_F_DH_BUILTIN_GENPARAMS 106
#define DH_F_DH_COMPUTE_KEY 107
#define DH_F_DH_GENERATE_KEY 108
#define DH_F_DH_GENERATE_PARAMETERS 109
#define DH_F_DH_NEW_METHOD 105
#define DH_F_DH_PARAM_DECODE 107
#define DH_F_DH_PRIV_DECODE 110
#define DH_F_DH_PRIV_ENCODE 111
#define DH_F_DH_PUB_DECODE 108
#define DH_F_DH_PUB_ENCODE 109
#define DH_F_DO_DH_PRINT 100
#define DH_F_GENERATE_KEY 103
#define DH_F_GENERATE_PARAMETERS 104
#define DH_F_PKEY_DH_DERIVE 112
#define DH_F_PKEY_DH_KEYGEN 113
/* Reason codes. */
#define DH_R_BAD_GENERATOR 101
#define DH_R_BN_DECODE_ERROR 109
#define DH_R_BN_ERROR 106
#define DH_R_DECODE_ERROR 104
#define DH_R_INVALID_PUBKEY 102
#define DH_R_KEY_SIZE_TOO_SMALL 104
#define DH_R_KEYS_NOT_SET 108
#define DH_R_MODULUS_TOO_LARGE 103
#define DH_R_NO_PARAMETERS_SET 107
#define DH_R_NO_PRIVATE_VALUE 100
#define DH_R_PARAMETER_ENCODING_ERROR 105
#ifdef __cplusplus
}

69
include/openssl/dsa.h
View File

@ -88,8 +88,6 @@
# define OPENSSL_DSA_MAX_MODULUS_BITS 10000
#endif
#define OPENSSL_DSA_FIPS_MIN_MODULUS_BITS 1024
#define DSA_FLAG_CACHE_MONT_P 0x01
#define DSA_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DSA
* implementation now uses constant time
@ -99,25 +97,6 @@
* be used for all exponents.
*/
/* If this flag is set the DSA method is FIPS compliant and can be used
* in FIPS mode. This is set in the validated module method. If an
* application sets this flag in its own methods it is its reposibility
* to ensure the result is compliant.
*/
#define DSA_FLAG_FIPS_METHOD 0x0400
/* If this flag is set the operations normally disabled in FIPS mode are
* permitted it is then the applications responsibility to ensure that the
* usage is compliant.
*/
#define DSA_FLAG_NON_FIPS_ALLOW 0x0400
#ifdef OPENSSL_FIPS
#define FIPS_DSA_SIZE_T int
#endif
#ifdef __cplusplus
extern "C" {
#endif
@ -139,7 +118,7 @@ struct dsa_method
int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
BIGNUM **rp);
int (*dsa_do_verify)(const unsigned char *dgst, int dgst_len,
DSA_SIG *sig, DSA *dsa);
DSA_SIG *sig, DSA *dsa);
int (*dsa_mod_exp)(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
BN_MONT_CTX *in_mont);
@ -152,7 +131,7 @@ struct dsa_method
char *app_data;
/* If this is non-NULL, it is used to generate DSA parameters */
int (*dsa_paramgen)(DSA *dsa, int bits,
unsigned char *seed, int seed_len,
const unsigned char *seed, int seed_len,
int *counter_ret, unsigned long *h_ret,
BN_GENCB *cb);
/* If this is non-NULL, it is used to generate DSA keys */
@ -186,7 +165,6 @@ struct dsa_st
ENGINE *engine;
};
#define DSAparams_dup(x) ASN1_dup_of_const(DSA,i2d_DSAparams,d2i_DSAparams,x)
#define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \
(char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x))
#define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \
@ -195,6 +173,7 @@ struct dsa_st
#define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio_of_const(DSA,i2d_DSAparams,bp,x)
DSA *DSAparams_dup(DSA *x);
DSA_SIG * DSA_SIG_new(void);
void DSA_SIG_free(DSA_SIG *a);
int i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp);
@ -210,11 +189,6 @@ void DSA_set_default_method(const DSA_METHOD *);
const DSA_METHOD *DSA_get_default_method(void);
int DSA_set_method(DSA *dsa, const DSA_METHOD *);
#ifdef OPENSSL_FIPS
DSA * FIPS_dsa_new(void);
void FIPS_dsa_free (DSA *r);
#endif
DSA * DSA_new(void);
DSA * DSA_new_method(ENGINE *engine);
void DSA_free (DSA *r);
@ -246,7 +220,7 @@ DSA * DSA_generate_parameters(int bits,
/* New version */
int DSA_generate_parameters_ex(DSA *dsa, int bits,
unsigned char *seed,int seed_len,
const unsigned char *seed,int seed_len,
int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
int DSA_generate_key(DSA *a);
@ -275,10 +249,13 @@ int DSA_print_fp(FILE *bp, const DSA *x, int off);
DH *DSA_dup_DH(const DSA *r);
#endif
#ifdef OPENSSL_FIPS
int FIPS_dsa_sig_encode(unsigned char *out, DSA_SIG *sig);
int FIPS_dsa_sig_decode(DSA_SIG *sig, const unsigned char *in, int inlen);
#endif
#define EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \
EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, nbits, NULL)
#define EVP_PKEY_CTRL_DSA_PARAMGEN_BITS (EVP_PKEY_ALG_CTRL + 1)
#define EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS (EVP_PKEY_ALG_CTRL + 2)
#define EVP_PKEY_CTRL_DSA_PARAMGEN_MD (EVP_PKEY_ALG_CTRL + 3)
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
@ -290,33 +267,39 @@ void ERR_load_DSA_strings(void);
/* Function codes. */
#define DSA_F_D2I_DSA_SIG 110
#define DSA_F_DO_DSA_PRINT 104
#define DSA_F_DSAPARAMS_PRINT 100
#define DSA_F_DSAPARAMS_PRINT_FP 101
#define DSA_F_DSA_BUILTIN_KEYGEN 119
#define DSA_F_DSA_BUILTIN_PARAMGEN 118
#define DSA_F_DSA_DO_SIGN 112
#define DSA_F_DSA_DO_VERIFY 113
#define DSA_F_DSA_GENERATE_PARAMETERS 117
#define DSA_F_DSA_NEW_METHOD 103
#define DSA_F_DSA_PRINT 104
#define DSA_F_DSA_PARAM_DECODE 119
#define DSA_F_DSA_PRINT_FP 105
#define DSA_F_DSA_SET_DEFAULT_METHOD 115
#define DSA_F_DSA_SET_METHOD 116
#define DSA_F_DSA_PRIV_DECODE 115
#define DSA_F_DSA_PRIV_ENCODE 116
#define DSA_F_DSA_PUB_DECODE 117
#define DSA_F_DSA_PUB_ENCODE 118
#define DSA_F_DSA_SIGN 106
#define DSA_F_DSA_SIGN_SETUP 107
#define DSA_F_DSA_SIG_NEW 109
#define DSA_F_DSA_VERIFY 108
#define DSA_F_I2D_DSA_SIG 111
#define DSA_F_OLD_DSA_PRIV_DECODE 122
#define DSA_F_PKEY_DSA_CTRL 120
#define DSA_F_PKEY_DSA_KEYGEN 121
#define DSA_F_SIG_CB 114
/* Reason codes. */
#define DSA_R_BAD_Q_VALUE 102
#define DSA_R_BN_DECODE_ERROR 108
#define DSA_R_BN_ERROR 109
#define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100
#define DSA_R_KEY_SIZE_TOO_SMALL 106
#define DSA_R_DECODE_ERROR 104
#define DSA_R_INVALID_DIGEST_TYPE 106
#define DSA_R_MISSING_PARAMETERS 101
#define DSA_R_MODULUS_TOO_LARGE 103
#define DSA_R_NON_FIPS_METHOD 104
#define DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 105
#define DSA_R_NO_PARAMETERS_SET 107
#define DSA_R_PARAMETER_ENCODING_ERROR 105
#ifdef __cplusplus
}

43
include/openssl/dso.h
View File

@ -170,6 +170,11 @@ typedef struct dso_meth_st
/* [De]Initialisation handlers. */
int (*init)(DSO *dso);
int (*finish)(DSO *dso);
/* Return pathname of the module containing location */
int (*pathbyaddr)(void *addr,char *path,int sz);
/* Perform global symbol lookup, i.e. among *all* modules */
void *(*globallookup)(const char *symname);
} DSO_METHOD;
/**********************************************************************/
@ -183,7 +188,7 @@ struct dso_st
* for use in the dso_bind handler. All in all, let each
* method control its own destiny. "Handles" and such go in
* a STACK. */
STACK *meth_data;
STACK_OF(void) *meth_data;
int references;
int flags;
/* For use by applications etc ... use this for your bits'n'pieces,
@ -296,6 +301,30 @@ DSO_METHOD *DSO_METHOD_win32(void);
/* If VMS is defined, use shared images. If not, return NULL. */
DSO_METHOD *DSO_METHOD_vms(void);
/* This function writes null-terminated pathname of DSO module
* containing 'addr' into 'sz' large caller-provided 'path' and
* returns the number of characters [including trailing zero]
* written to it. If 'sz' is 0 or negative, 'path' is ignored and
* required amount of charachers [including trailing zero] to
* accomodate pathname is returned. If 'addr' is NULL, then
* pathname of cryptolib itself is returned. Negative or zero
* return value denotes error.
*/
int DSO_pathbyaddr(void *addr,char *path,int sz);
/* This function should be used with caution! It looks up symbols in
* *all* loaded modules and if module gets unloaded by somebody else
* attempt to dereference the pointer is doomed to have fatal
* consequences. Primary usage for this function is to probe *core*
* system functionality, e.g. check if getnameinfo(3) is available
* at run-time without bothering about OS-specific details such as
* libc.so.versioning or where does it actually reside: in libc
* itself or libsocket. */
void *DSO_global_lookup(const char *name);
/* If BeOS is defined, use shared images. If not, return NULL. */
DSO_METHOD *DSO_METHOD_beos(void);
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
@ -305,6 +334,11 @@ void ERR_load_DSO_strings(void);
/* Error codes for the DSO functions. */
/* Function codes. */
#define DSO_F_BEOS_BIND_FUNC 144
#define DSO_F_BEOS_BIND_VAR 145
#define DSO_F_BEOS_LOAD 146
#define DSO_F_BEOS_NAME_CONVERTER 147
#define DSO_F_BEOS_UNLOAD 148
#define DSO_F_DLFCN_BIND_FUNC 100
#define DSO_F_DLFCN_BIND_VAR 101
#define DSO_F_DLFCN_LOAD 102
@ -324,22 +358,29 @@ void ERR_load_DSO_strings(void);
#define DSO_F_DSO_FREE 111
#define DSO_F_DSO_GET_FILENAME 127
#define DSO_F_DSO_GET_LOADED_FILENAME 128
#define DSO_F_DSO_GLOBAL_LOOKUP 139
#define DSO_F_DSO_LOAD 112
#define DSO_F_DSO_MERGE 132
#define DSO_F_DSO_NEW_METHOD 113
#define DSO_F_DSO_PATHBYADDR 140
#define DSO_F_DSO_SET_FILENAME 129
#define DSO_F_DSO_SET_NAME_CONVERTER 122
#define DSO_F_DSO_UP_REF 114
#define DSO_F_GLOBAL_LOOKUP_FUNC 138
#define DSO_F_PATHBYADDR 137
#define DSO_F_VMS_BIND_SYM 115
#define DSO_F_VMS_LOAD 116
#define DSO_F_VMS_MERGER 133
#define DSO_F_VMS_UNLOAD 117
#define DSO_F_WIN32_BIND_FUNC 118
#define DSO_F_WIN32_BIND_VAR 119
#define DSO_F_WIN32_GLOBALLOOKUP 142
#define DSO_F_WIN32_GLOBALLOOKUP_FUNC 143
#define DSO_F_WIN32_JOINER 135
#define DSO_F_WIN32_LOAD 120
#define DSO_F_WIN32_MERGER 134
#define DSO_F_WIN32_NAME_CONVERTER 125
#define DSO_F_WIN32_PATHBYADDR 141
#define DSO_F_WIN32_SPLITTER 136
#define DSO_F_WIN32_UNLOAD 121

11
include/openssl/dtls1.h
View File

@ -108,15 +108,17 @@ extern "C" {
typedef struct dtls1_bitmap_st
{
PQ_64BIT map;
unsigned long length; /* sizeof the bitmap in bits */
PQ_64BIT max_seq_num; /* max record number seen so far */
unsigned long map; /* track 32 packets on 32-bit systems
and 64 - on 64-bit systems */
unsigned char max_seq_num[8]; /* max record number seen so far,
64-bit value in big-endian
encoding */
} DTLS1_BITMAP;
struct dtls1_retransmit_state
{
EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */
const EVP_MD *write_hash; /* used for mac generation */
EVP_MD_CTX *write_hash; /* used for mac generation */
#ifndef OPENSSL_NO_COMP
COMP_CTX *compress; /* compression */
#else
@ -165,6 +167,7 @@ typedef struct hm_fragment_st
{
struct hm_header_st msg_header;
unsigned char *fragment;
unsigned char *reassembly;
} hm_fragment;
typedef struct dtls1_state_st

24
include/openssl/e_os2.h
View File

@ -202,6 +202,17 @@ extern "C" {
# define OPENSSL_SYS_VXWORKS
#endif
/* --------------------------------- BeOS ---------------------------------- */
#if defined(__BEOS__)
# define OPENSSL_SYS_BEOS
# include <sys/socket.h>
# if defined(BONE_VERSION)
# define OPENSSL_SYS_BEOS_BONE
# else
# define OPENSSL_SYS_BEOS_R5
# endif
#endif
/**
* That's it for OS-specific stuff
*****************************************************************************/
@ -251,24 +262,23 @@ extern "C" {
#define OPENSSL_EXTERN OPENSSL_IMPORT
/* Macros to allow global variables to be reached through function calls when
required (if a shared library version requvres it, for example.
required (if a shared library version requires it, for example.
The way it's done allows definitions like this:
// in foobar.c
OPENSSL_IMPLEMENT_GLOBAL(int,foobar) = 0;
OPENSSL_IMPLEMENT_GLOBAL(int,foobar,0)
// in foobar.h
OPENSSL_DECLARE_GLOBAL(int,foobar);
#define foobar OPENSSL_GLOBAL_REF(foobar)
*/
#ifdef OPENSSL_EXPORT_VAR_AS_FUNCTION
# define OPENSSL_IMPLEMENT_GLOBAL(type,name) \
extern type _hide_##name; \
type *_shadow_##name(void) { return &_hide_##name; } \
static type _hide_##name
# define OPENSSL_IMPLEMENT_GLOBAL(type,name,value) \
type *_shadow_##name(void) \
{ static type _hide_##name=value; return &_hide_##name; }
# define OPENSSL_DECLARE_GLOBAL(type,name) type *_shadow_##name(void)
# define OPENSSL_GLOBAL_REF(name) (*(_shadow_##name()))
#else
# define OPENSSL_IMPLEMENT_GLOBAL(type,name) OPENSSL_GLOBAL type _shadow_##name
# define OPENSSL_IMPLEMENT_GLOBAL(type,name,value) OPENSSL_GLOBAL type _shadow_##name=value;
# define OPENSSL_DECLARE_GLOBAL(type,name) OPENSSL_EXPORT type _shadow_##name
# define OPENSSL_GLOBAL_REF(name) _shadow_##name
#endif

800
include/openssl/ec.h
View File

@ -2,8 +2,12 @@
/*
* Originally written by Bodo Moeller for the OpenSSL project.
*/
/**
* \file crypto/ec/ec.h Include file for the OpenSSL EC functions
* \author Originally written by Bodo Moeller for the OpenSSL project
*/
/* ====================================================================
* Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@ -92,15 +96,21 @@ extern "C" {
# endif
#endif
#ifndef OPENSSL_ECC_MAX_FIELD_BITS
# define OPENSSL_ECC_MAX_FIELD_BITS 661
#endif
/** Enum for the point conversion form as defined in X9.62 (ECDSA)
* for the encoding of a elliptic curve point (x,y) */
typedef enum {
/* values as defined in X9.62 (ECDSA) and elsewhere */
/** the point is encoded as z||x, where the octet z specifies
* which solution of the quadratic equation y is */
POINT_CONVERSION_COMPRESSED = 2,
/** the point is encoded as z||x||y, where z is the octet 0x02 */
POINT_CONVERSION_UNCOMPRESSED = 4,
/** the point is encoded as z||x||y, where the octet z specifies
* which solution of the quadratic equation y is */
POINT_CONVERSION_HYBRID = 6
} point_conversion_form_t;
@ -121,37 +131,129 @@ typedef struct ec_group_st
typedef struct ec_point_st EC_POINT;
/* EC_METHODs for curves over GF(p).
* EC_GFp_simple_method provides the basis for the optimized methods.
/********************************************************************/
/* EC_METHODs for curves over GF(p) */
/********************************************************************/
/** Returns the basic GFp ec methods which provides the basis for the
* optimized methods.
* \return EC_METHOD object
*/
const EC_METHOD *EC_GFp_simple_method(void);
/** Returns GFp methods using montgomery multiplication.
* \return EC_METHOD object
*/
const EC_METHOD *EC_GFp_mont_method(void);
/** Returns GFp methods using optimized methods for NIST recommended curves
* \return EC_METHOD object
*/
const EC_METHOD *EC_GFp_nist_method(void);
/* EC_METHOD for curves over GF(2^m).
/********************************************************************/
/* EC_METHOD for curves over GF(2^m) */
/********************************************************************/
/** Returns the basic GF2m ec method
* \return EC_METHOD object
*/
const EC_METHOD *EC_GF2m_simple_method(void);
EC_GROUP *EC_GROUP_new(const EC_METHOD *);
void EC_GROUP_free(EC_GROUP *);
void EC_GROUP_clear_free(EC_GROUP *);
int EC_GROUP_copy(EC_GROUP *, const EC_GROUP *);
EC_GROUP *EC_GROUP_dup(const EC_GROUP *);
/********************************************************************/
/* EC_GROUP functions */
/********************************************************************/
const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *);
int EC_METHOD_get_field_type(const EC_METHOD *);
/** Creates a new EC_GROUP object
* \param meth EC_METHOD to use
* \return newly created EC_GROUP object or NULL in case of an error.
*/
EC_GROUP *EC_GROUP_new(const EC_METHOD *meth);
int EC_GROUP_set_generator(EC_GROUP *, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor);
const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *);
int EC_GROUP_get_order(const EC_GROUP *, BIGNUM *order, BN_CTX *);
int EC_GROUP_get_cofactor(const EC_GROUP *, BIGNUM *cofactor, BN_CTX *);
/** Frees a EC_GROUP object
* \param group EC_GROUP object to be freed.
*/
void EC_GROUP_free(EC_GROUP *group);
void EC_GROUP_set_curve_name(EC_GROUP *, int nid);
int EC_GROUP_get_curve_name(const EC_GROUP *);
/** Clears and frees a EC_GROUP object
* \param group EC_GROUP object to be cleared and freed.
*/
void EC_GROUP_clear_free(EC_GROUP *group);
void EC_GROUP_set_asn1_flag(EC_GROUP *, int flag);
int EC_GROUP_get_asn1_flag(const EC_GROUP *);
/** Copies EC_GROUP objects. Note: both EC_GROUPs must use the same EC_METHOD.
* \param dst destination EC_GROUP object
* \param src source EC_GROUP object
* \return 1 on success and 0 if an error occurred.
*/
int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
/** Creates a new EC_GROUP object and copies the copies the content
* form src to the newly created EC_KEY object
* \param src source EC_GROUP object
* \return newly created EC_GROUP object or NULL in case of an error.
*/
EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
/** Returns the EC_METHOD of the EC_GROUP object.
* \param group EC_GROUP object
* \return EC_METHOD used in this EC_GROUP object.
*/
const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
/** Returns the field type of the EC_METHOD.
* \param meth EC_METHOD object
* \return NID of the underlying field type OID.
*/
int EC_METHOD_get_field_type(const EC_METHOD *meth);
/** Sets the generator and it's order/cofactor of a EC_GROUP object.
* \param group EC_GROUP object
* \param generator EC_POINT object with the generator.
* \param order the order of the group generated by the generator.
* \param cofactor the index of the sub-group generated by the generator
* in the group of all points on the elliptic curve.
* \return 1 on success and 0 if an error occured
*/
int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor);
/** Returns the generator of a EC_GROUP object.
* \param group EC_GROUP object
* \return the currently used generator (possibly NULL).
*/
const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
/** Gets the order of a EC_GROUP
* \param group EC_GROUP object
* \param order BIGNUM to which the order is copied
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
*/
int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
/** Gets the cofactor of a EC_GROUP
* \param group EC_GROUP object
* \param cofactor BIGNUM to which the cofactor is copied
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
*/
int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
/** Sets the name of a EC_GROUP object
* \param group EC_GROUP object
* \param nid NID of the curve name OID
*/
void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
/** Returns the curve name of a EC_GROUP object
* \param group EC_GROUP object
* \return NID of the curve name OID or 0 if not set.
*/
int EC_GROUP_get_curve_name(const EC_GROUP *group);
void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
void EC_GROUP_set_point_conversion_form(EC_GROUP *, point_conversion_form_t);
point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
@ -160,36 +262,114 @@ unsigned char *EC_GROUP_get0_seed(const EC_GROUP *);
size_t EC_GROUP_get_seed_len(const EC_GROUP *);
size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
int EC_GROUP_set_curve_GFp(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
int EC_GROUP_get_curve_GFp(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *);
int EC_GROUP_set_curve_GF2m(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
int EC_GROUP_get_curve_GF2m(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *);
/** Sets the parameter of a ec over GFp defined by y^2 = x^3 + a*x + b
* \param group EC_GROUP object
* \param p BIGNUM with the prime number
* \param a BIGNUM with parameter a of the equation
* \param b BIGNUM with parameter b of the equation
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
*/
int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
/* returns the number of bits needed to represent a field element */
int EC_GROUP_get_degree(const EC_GROUP *);
/** Gets the parameter of the ec over GFp defined by y^2 = x^3 + a*x + b
* \param group EC_GROUP object
* \param p BIGNUM for the prime number
* \param a BIGNUM for parameter a of the equation
* \param b BIGNUM for parameter b of the equation
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
*/
int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
/* EC_GROUP_check() returns 1 if 'group' defines a valid group, 0 otherwise */
/** Sets the parameter of a ec over GF2m defined by y^2 + x*y = x^3 + a*x^2 + b
* \param group EC_GROUP object
* \param p BIGNUM with the polynomial defining the underlying field
* \param a BIGNUM with parameter a of the equation
* \param b BIGNUM with parameter b of the equation
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
*/
int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
/** Gets the parameter of the ec over GF2m defined by y^2 + x*y = x^3 + a*x^2 + b
* \param group EC_GROUP object
* \param p BIGNUM for the polynomial defining the underlying field
* \param a BIGNUM for parameter a of the equation
* \param b BIGNUM for parameter b of the equation
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
*/
int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
/** Returns the number of bits needed to represent a field element
* \param group EC_GROUP object
* \return number of bits needed to represent a field element
*/
int EC_GROUP_get_degree(const EC_GROUP *group);
/** Checks whether the parameter in the EC_GROUP define a valid ec group
* \param group EC_GROUP object
* \param ctx BN_CTX object (optional)
* \return 1 if group is a valid ec group and 0 otherwise
*/
int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
/* EC_GROUP_check_discriminant() returns 1 if the discriminant of the
* elliptic curve is not zero, 0 otherwise */
int EC_GROUP_check_discriminant(const EC_GROUP *, BN_CTX *);
/* EC_GROUP_cmp() returns 0 if both groups are equal and 1 otherwise */
int EC_GROUP_cmp(const EC_GROUP *, const EC_GROUP *, BN_CTX *);
/** Checks whether the discriminant of the elliptic curve is zero or not
* \param group EC_GROUP object
* \param ctx BN_CTX object (optional)
* \return 1 if the discriminant is not zero and 0 otherwise
*/
int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
/** Compares two EC_GROUP objects
* \param a first EC_GROUP object
* \param b second EC_GROUP object
* \param ctx BN_CTX object (optional)
* \return 0 if both groups are equal and 1 otherwise
*/
int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
/* EC_GROUP_new_GF*() calls EC_GROUP_new() and EC_GROUP_set_GF*()
* after choosing an appropriate EC_METHOD */
EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
/* EC_GROUP_new_by_curve_name() creates a EC_GROUP structure
* specified by a curve name (in form of a NID) */
/** Creates a new EC_GROUP object with the specified parameters defined
* over GFp (defined by the equation y^2 = x^3 + a*x + b)
* \param p BIGNUM with the prime number
* \param a BIGNUM with the parameter a of the equation
* \param b BIGNUM with the parameter b of the equation
* \param ctx BN_CTX object (optional)
* \return newly created EC_GROUP object with the specified parameters
*/
EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
/** Creates a new EC_GROUP object with the specified parameters defined
* over GF2m (defined by the equation y^2 + x*y = x^3 + a*x^2 + b)
* \param p BIGNUM with the polynomial defining the underlying field
* \param a BIGNUM with the parameter a of the equation
* \param b BIGNUM with the parameter b of the equation
* \param ctx BN_CTX object (optional)
* \return newly created EC_GROUP object with the specified parameters
*/
EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
/** Creates a EC_GROUP object with a curve specified by a NID
* \param nid NID of the OID of the curve name
* \return newly created EC_GROUP object with specified curve or NULL
* if an error occurred
*/
EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
/* handling of internal curves */
/********************************************************************/
/* handling of internal curves */
/********************************************************************/
typedef struct {
int nid;
const char *comment;
} EC_builtin_curve;
/* EC_builtin_curves(EC_builtin_curve *r, size_t size) returns number
* of all available curves or zero if a error occurred.
* In case r ist not zero nitems EC_builtin_curve structures
@ -197,39 +377,168 @@ typedef struct {
size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems);
/* EC_POINT functions */
/********************************************************************/
/* EC_POINT functions */
/********************************************************************/
EC_POINT *EC_POINT_new(const EC_GROUP *);
void EC_POINT_free(EC_POINT *);
void EC_POINT_clear_free(EC_POINT *);
int EC_POINT_copy(EC_POINT *, const EC_POINT *);
EC_POINT *EC_POINT_dup(const EC_POINT *, const EC_GROUP *);
/** Creates a new EC_POINT object for the specified EC_GROUP
* \param group EC_GROUP the underlying EC_GROUP object
* \return newly created EC_POINT object or NULL if an error occurred
*/
EC_POINT *EC_POINT_new(const EC_GROUP *group);
/** Frees a EC_POINT object
* \param point EC_POINT object to be freed
*/
void EC_POINT_free(EC_POINT *point);
/** Clears and frees a EC_POINT object
* \param point EC_POINT object to be cleared and freed
*/
void EC_POINT_clear_free(EC_POINT *point);
/** Copies EC_POINT object
* \param dst destination EC_POINT object
* \param src source EC_POINT object
* \return 1 on success and 0 if an error occured
*/
int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
/** Creates a new EC_POINT object and copies the content of the supplied
* EC_POINT
* \param src source EC_POINT object
* \param group underlying the EC_GROUP object
* \return newly created EC_POINT object or NULL if an error occurred
*/
EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
const EC_METHOD *EC_POINT_method_of(const EC_POINT *);
/** Returns the EC_METHOD used in EC_POINT object
* \param point EC_POINT object
* \return the EC_METHOD used
*/
const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
int EC_POINT_set_to_infinity(const EC_GROUP *, EC_POINT *);
int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *, EC_POINT *,
const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *);
int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *, const EC_POINT *,
BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *);
int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *, EC_POINT *,
const BIGNUM *x, const BIGNUM *y, BN_CTX *);
int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *, const EC_POINT *,
BIGNUM *x, BIGNUM *y, BN_CTX *);
int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *, EC_POINT *,
const BIGNUM *x, int y_bit, BN_CTX *);
/** Sets a point to infinity (neutral element)
* \param group underlying EC_GROUP object
* \param point EC_POINT to set to infinity
* \return 1 on success and 0 if an error occured
*/
int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *, EC_POINT *,
const BIGNUM *x, const BIGNUM *y, BN_CTX *);
int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *, const EC_POINT *,
BIGNUM *x, BIGNUM *y, BN_CTX *);
int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *, EC_POINT *,
const BIGNUM *x, int y_bit, BN_CTX *);
/** Sets the jacobian projective coordinates of a EC_POINT over GFp
* \param group underlying EC_GROUP object
* \param p EC_POINT object
* \param x BIGNUM with the x-coordinate
* \param y BIGNUM with the y-coordinate
* \param z BIGNUM with the z-coordinate
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
*/
int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *ctx);
size_t EC_POINT_point2oct(const EC_GROUP *, const EC_POINT *, point_conversion_form_t form,
unsigned char *buf, size_t len, BN_CTX *);
int EC_POINT_oct2point(const EC_GROUP *, EC_POINT *,
const unsigned char *buf, size_t len, BN_CTX *);
/** Gets the jacobian projective coordinates of a EC_POINT over GFp
* \param group underlying EC_GROUP object
* \param p EC_POINT object
* \param x BIGNUM for the x-coordinate
* \param y BIGNUM for the y-coordinate
* \param z BIGNUM for the z-coordinate
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
*/
int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
const EC_POINT *p, BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *ctx);
/** Sets the affine coordinates of a EC_POINT over GFp
* \param group underlying EC_GROUP object
* \param p EC_POINT object
* \param x BIGNUM with the x-coordinate
* \param y BIGNUM with the y-coordinate
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
*/
int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx);
/** Gets the affine coordinates of a EC_POINT over GFp
* \param group underlying EC_GROUP object
* \param p EC_POINT object
* \param x BIGNUM for the x-coordinate
* \param y BIGNUM for the y-coordinate
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
*/
int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
/** Sets the x9.62 compressed coordinates of a EC_POINT over GFp
* \param group underlying EC_GROUP object
* \param p EC_POINT object
* \param x BIGNUM with x-coordinate
* \param y_bit integer with the y-Bit (either 0 or 1)
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
*/
int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
const BIGNUM *x, int y_bit, BN_CTX *ctx);
/** Sets the affine coordinates of a EC_POINT over GF2m
* \param group underlying EC_GROUP object
* \param p EC_POINT object
* \param x BIGNUM with the x-coordinate
* \param y BIGNUM with the y-coordinate
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
*/
int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx);
/** Gets the affine coordinates of a EC_POINT over GF2m
* \param group underlying EC_GROUP object
* \param p EC_POINT object
* \param x BIGNUM for the x-coordinate
* \param y BIGNUM for the y-coordinate
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
*/
int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
/** Sets the x9.62 compressed coordinates of a EC_POINT over GF2m
* \param group underlying EC_GROUP object
* \param p EC_POINT object
* \param x BIGNUM with x-coordinate
* \param y_bit integer with the y-Bit (either 0 or 1)
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
*/
int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
const BIGNUM *x, int y_bit, BN_CTX *ctx);
/** Encodes a EC_POINT object to a octet string
* \param group underlying EC_GROUP object
* \param p EC_POINT object
* \param form point conversion form
* \param buf memory buffer for the result. If NULL the function returns
* required buffer size.
* \param len length of the memory buffer
* \param ctx BN_CTX object (optional)
* \return the length of the encoded octet string or 0 if an error occurred
*/
size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
point_conversion_form_t form,
unsigned char *buf, size_t len, BN_CTX *ctx);
/** Decodes a EC_POINT from a octet string
* \param group underlying EC_GROUP object
* \param p EC_POINT object
* \param buf memory buffer with the encoded ec point
* \param len length of the encoded ec point
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
*/
int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
const unsigned char *buf, size_t len, BN_CTX *ctx);
/* other interfaces to point2oct/oct2point: */
BIGNUM *EC_POINT_point2bn(const EC_GROUP *, const EC_POINT *,
@ -241,29 +550,105 @@ char *EC_POINT_point2hex(const EC_GROUP *, const EC_POINT *,
EC_POINT *EC_POINT_hex2point(const EC_GROUP *, const char *,
EC_POINT *, BN_CTX *);
int EC_POINT_add(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *);
int EC_POINT_dbl(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, BN_CTX *);
int EC_POINT_invert(const EC_GROUP *, EC_POINT *, BN_CTX *);
int EC_POINT_is_at_infinity(const EC_GROUP *, const EC_POINT *);
int EC_POINT_is_on_curve(const EC_GROUP *, const EC_POINT *, BN_CTX *);
int EC_POINT_cmp(const EC_GROUP *, const EC_POINT *a, const EC_POINT *b, BN_CTX *);
/********************************************************************/
/* functions for doing EC_POINT arithmetic */
/********************************************************************/
/** Computes the sum of two EC_POINT
* \param group underlying EC_GROUP object
* \param r EC_POINT object for the result (r = a + b)
* \param a EC_POINT object with the first summand
* \param b EC_POINT object with the second summand
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
*/
int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx);
/** Computes the double of a EC_POINT
* \param group underlying EC_GROUP object
* \param r EC_POINT object for the result (r = 2 * a)
* \param a EC_POINT object
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
*/
int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx);
/** Computes the inverse of a EC_POINT
* \param group underlying EC_GROUP object
* \param a EC_POINT object to be inverted (it's used for the result as well)
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
*/
int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx);
/** Checks whether the point is the neutral element of the group
* \param group the underlying EC_GROUP object
* \param p EC_POINT object
* \return 1 if the point is the neutral element and 0 otherwise
*/
int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *p);
/** Checks whether the point is on the curve
* \param group underlying EC_GROUP object
* \param point EC_POINT object to check
* \param ctx BN_CTX object (optional)
* \return 1 if point if on the curve and 0 otherwise
*/
int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *ctx);
/** Compares two EC_POINTs
* \param group underlying EC_GROUP object
* \param a first EC_POINT object
* \param b second EC_POINT object
* \param ctx BN_CTX object (optional)
* \return 0 if both points are equal and a value != 0 otherwise
*/
int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx);
int EC_POINT_make_affine(const EC_GROUP *, EC_POINT *, BN_CTX *);
int EC_POINTs_make_affine(const EC_GROUP *, size_t num, EC_POINT *[], BN_CTX *);
/** Computes r = generator * n sum_{i=0}^num p[i] * m[i]
* \param group underlying EC_GROUP object
* \param r EC_POINT object for the result
* \param n BIGNUM with the multiplier for the group generator (optional)
* \param num number futher summands
* \param p array of size num of EC_POINT objects
* \param m array of size num of BIGNUM objects
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
*/
int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, size_t num, const EC_POINT *p[], const BIGNUM *m[], BN_CTX *ctx);
int EC_POINTs_mul(const EC_GROUP *, EC_POINT *r, const BIGNUM *, size_t num, const EC_POINT *[], const BIGNUM *[], BN_CTX *);
int EC_POINT_mul(const EC_GROUP *, EC_POINT *r, const BIGNUM *, const EC_POINT *, const BIGNUM *, BN_CTX *);
/** Computes r = generator * n + q * m
* \param group underlying EC_GROUP object
* \param r EC_POINT object for the result
* \param n BIGNUM with the multiplier for the group generator (optional)
* \param q EC_POINT object with the first factor of the second summand
* \param m BIGNUM with the second factor of the second summand
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
*/
int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx);
/* EC_GROUP_precompute_mult() stores multiples of generator for faster point multiplication */
int EC_GROUP_precompute_mult(EC_GROUP *, BN_CTX *);
/* EC_GROUP_have_precompute_mult() reports whether such precomputation has been done */
int EC_GROUP_have_precompute_mult(const EC_GROUP *);
/** Stores multiples of generator for faster point multiplication
* \param group EC_GROUP object
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occured
*/
int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
/** Reports whether a precomputation has been done
* \param group EC_GROUP object
* \return 1 if a pre-computation has been done and 0 otherwise
*/
int EC_GROUP_have_precompute_mult(const EC_GROUP *group);
/* ASN1 stuff */
/********************************************************************/
/* ASN1 stuff */
/********************************************************************/
/* EC_GROUP_get_basis_type() returns the NID of the basis type
* used to represent the field elements */
@ -293,28 +678,96 @@ int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off);
int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off);
#endif
/* the EC_KEY stuff */
/********************************************************************/
/* EC_KEY functions */
/********************************************************************/
typedef struct ec_key_st EC_KEY;
/* some values for the encoding_flag */
#define EC_PKEY_NO_PARAMETERS 0x001
#define EC_PKEY_NO_PUBKEY 0x002
/** Creates a new EC_KEY object.
* \return EC_KEY object or NULL if an error occurred.
*/
EC_KEY *EC_KEY_new(void);
/** Creates a new EC_KEY object using a named curve as underlying
* EC_GROUP object.
* \param nid NID of the named curve.
* \return EC_KEY object or NULL if an error occurred.
*/
EC_KEY *EC_KEY_new_by_curve_name(int nid);
void EC_KEY_free(EC_KEY *);
EC_KEY *EC_KEY_copy(EC_KEY *, const EC_KEY *);
EC_KEY *EC_KEY_dup(const EC_KEY *);
int EC_KEY_up_ref(EC_KEY *);
/** Frees a EC_KEY object.
* \param key EC_KEY object to be freed.
*/
void EC_KEY_free(EC_KEY *key);
const EC_GROUP *EC_KEY_get0_group(const EC_KEY *);
int EC_KEY_set_group(EC_KEY *, const EC_GROUP *);
const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *);
int EC_KEY_set_private_key(EC_KEY *, const BIGNUM *);
const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *);
int EC_KEY_set_public_key(EC_KEY *, const EC_POINT *);
unsigned EC_KEY_get_enc_flags(const EC_KEY *);
/** Copies a EC_KEY object.
* \param dst destination EC_KEY object
* \param src src EC_KEY object
* \return dst or NULL if an error occurred.
*/
EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
/** Creates a new EC_KEY object and copies the content from src to it.
* \param src the source EC_KEY object
* \return newly created EC_KEY object or NULL if an error occurred.
*/
EC_KEY *EC_KEY_dup(const EC_KEY *src);
/** Increases the internal reference count of a EC_KEY object.
* \param key EC_KEY object
* \return 1 on success and 0 if an error occurred.
*/
int EC_KEY_up_ref(EC_KEY *key);
/** Returns the EC_GROUP object of a EC_KEY object
* \param key EC_KEY object
* \return the EC_GROUP object (possibly NULL).
*/
const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
/** Sets the EC_GROUP of a EC_KEY object.
* \param key EC_KEY object
* \param group EC_GROUP to use in the EC_KEY object (note: the EC_KEY
* object will use an own copy of the EC_GROUP).
* \return 1 on success and 0 if an error occurred.
*/
int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
/** Returns the private key of a EC_KEY object.
* \param key EC_KEY object
* \return a BIGNUM with the private key (possibly NULL).
*/
const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
/** Sets the private key of a EC_KEY object.
* \param key EC_KEY object
* \param prv BIGNUM with the private key (note: the EC_KEY object
* will use an own copy of the BIGNUM).
* \return 1 on success and 0 if an error occurred.
*/
int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
/** Returns the public key of a EC_KEY object.
* \param key the EC_KEY object
* \return a EC_POINT object with the public key (possibly NULL)
*/
const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
/** Sets the public key of a EC_KEY object.
* \param key EC_KEY object
* \param pub EC_POINT object with the public key (note: the EC_KEY object
* will use an own copy of the EC_POINT object).
* \return 1 on success and 0 if an error occurred.
*/
int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
unsigned EC_KEY_get_enc_flags(const EC_KEY *key);
void EC_KEY_set_enc_flags(EC_KEY *, unsigned int);
point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *);
void EC_KEY_set_conv_form(EC_KEY *, point_conversion_form_t);
@ -325,31 +778,126 @@ void EC_KEY_insert_key_method_data(EC_KEY *, void *data,
void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
/* wrapper functions for the underlying EC_GROUP object */
void EC_KEY_set_asn1_flag(EC_KEY *, int);
int EC_KEY_precompute_mult(EC_KEY *, BN_CTX *ctx);
/* EC_KEY_generate_key() creates a ec private (public) key */
int EC_KEY_generate_key(EC_KEY *);
/* EC_KEY_check_key() */
int EC_KEY_check_key(const EC_KEY *);
/** Creates a table of pre-computed multiples of the generator to
* accelerate further EC_KEY operations.
* \param key EC_KEY object
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occurred.
*/
int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
/* de- and encoding functions for SEC1 ECPrivateKey */
EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len);
int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out);
/* de- and encoding functions for EC parameters */
EC_KEY *d2i_ECParameters(EC_KEY **a, const unsigned char **in, long len);
int i2d_ECParameters(EC_KEY *a, unsigned char **out);
/* de- and encoding functions for EC public key
* (octet string, not DER -- hence 'o2i' and 'i2o') */
EC_KEY *o2i_ECPublicKey(EC_KEY **a, const unsigned char **in, long len);
int i2o_ECPublicKey(EC_KEY *a, unsigned char **out);
/** Creates a new ec private (and optional a new public) key.
* \param key EC_KEY object
* \return 1 on success and 0 if an error occurred.
*/
int EC_KEY_generate_key(EC_KEY *key);
/** Verifies that a private and/or public key is valid.
* \param key the EC_KEY object
* \return 1 on success and 0 otherwise.
*/
int EC_KEY_check_key(const EC_KEY *key);
/********************************************************************/
/* de- and encoding functions for SEC1 ECPrivateKey */
/********************************************************************/
/** Decodes a private key from a memory buffer.
* \param key a pointer to a EC_KEY object which should be used (or NULL)
* \param in pointer to memory with the DER encoded private key
* \param len length of the DER encoded private key
* \return the decoded private key or NULL if an error occurred.
*/
EC_KEY *d2i_ECPrivateKey(EC_KEY **key, const unsigned char **in, long len);
/** Encodes a private key object and stores the result in a buffer.
* \param key the EC_KEY object to encode
* \param out the buffer for the result (if NULL the function returns number
* of bytes needed).
* \return 1 on success and 0 if an error occurred.
*/
int i2d_ECPrivateKey(EC_KEY *key, unsigned char **out);
/********************************************************************/
/* de- and encoding functions for EC parameters */
/********************************************************************/
/** Decodes ec parameter from a memory buffer.
* \param key a pointer to a EC_KEY object which should be used (or NULL)
* \param in pointer to memory with the DER encoded ec parameters
* \param len length of the DER encoded ec parameters
* \return a EC_KEY object with the decoded parameters or NULL if an error
* occurred.
*/
EC_KEY *d2i_ECParameters(EC_KEY **key, const unsigned char **in, long len);
/** Encodes ec parameter and stores the result in a buffer.
* \param key the EC_KEY object with ec paramters to encode
* \param out the buffer for the result (if NULL the function returns number
* of bytes needed).
* \return 1 on success and 0 if an error occurred.
*/
int i2d_ECParameters(EC_KEY *key, unsigned char **out);
/********************************************************************/
/* de- and encoding functions for EC public key */
/* (octet string, not DER -- hence 'o2i' and 'i2o') */
/********************************************************************/
/** Decodes a ec public key from a octet string.
* \param key a pointer to a EC_KEY object which should be used
* \param in memory buffer with the encoded public key
* \param len length of the encoded public key
* \return EC_KEY object with decoded public key or NULL if an error
* occurred.
*/
EC_KEY *o2i_ECPublicKey(EC_KEY **key, const unsigned char **in, long len);
/** Encodes a ec public key in an octet string.
* \param key the EC_KEY object with the public key
* \param out the buffer for the result (if NULL the function returns number
* of bytes needed).
* \return 1 on success and 0 if an error occurred
*/
int i2o_ECPublicKey(EC_KEY *key, unsigned char **out);
#ifndef OPENSSL_NO_BIO
int ECParameters_print(BIO *bp, const EC_KEY *x);
int EC_KEY_print(BIO *bp, const EC_KEY *x, int off);
/** Prints out the ec parameters on human readable form.
* \param bp BIO object to which the information is printed
* \param key EC_KEY object
* \return 1 on success and 0 if an error occurred
*/
int ECParameters_print(BIO *bp, const EC_KEY *key);
/** Prints out the contents of a EC_KEY object
* \param bp BIO object to which the information is printed
* \param key EC_KEY object
* \param off line offset
* \return 1 on success and 0 if an error occurred
*/
int EC_KEY_print(BIO *bp, const EC_KEY *key, int off);
#endif
#ifndef OPENSSL_NO_FP_API
int ECParameters_print_fp(FILE *fp, const EC_KEY *x);
int EC_KEY_print_fp(FILE *fp, const EC_KEY *x, int off);
/** Prints out the ec parameters on human readable form.
* \param fp file descriptor to which the information is printed
* \param key EC_KEY object
* \return 1 on success and 0 if an error occurred
*/
int ECParameters_print_fp(FILE *fp, const EC_KEY *key);
/** Prints out the contents of a EC_KEY object
* \param fp file descriptor to which the information is printed
* \param key EC_KEY object
* \param off line offset
* \return 1 on success and 0 if an error occurred
*/
int EC_KEY_print_fp(FILE *fp, const EC_KEY *key, int off);
#endif
#define ECParameters_dup(x) ASN1_dup_of(EC_KEY,i2d_ECParameters,d2i_ECParameters,x)
@ -362,6 +910,13 @@ int EC_KEY_print_fp(FILE *fp, const EC_KEY *x, int off);
# endif
#endif
#define EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, nid) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, EVP_PKEY_OP_PARAMGEN, \
EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID, nid, NULL)
#define EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID (EVP_PKEY_ALG_CTRL + 1)
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
@ -375,6 +930,14 @@ void ERR_load_EC_strings(void);
#define EC_F_D2I_ECPARAMETERS 144
#define EC_F_D2I_ECPKPARAMETERS 145
#define EC_F_D2I_ECPRIVATEKEY 146
#define EC_F_DO_EC_KEY_PRINT 221
#define EC_F_ECKEY_PARAM2TYPE 223
#define EC_F_ECKEY_PARAM_DECODE 212
#define EC_F_ECKEY_PRIV_DECODE 213
#define EC_F_ECKEY_PRIV_ENCODE 214
#define EC_F_ECKEY_PUB_DECODE 215
#define EC_F_ECKEY_PUB_ENCODE 216
#define EC_F_ECKEY_TYPE2PARAM 220
#define EC_F_ECPARAMETERS_PRINT 147
#define EC_F_ECPARAMETERS_PRINT_FP 148
#define EC_F_ECPKPARAMETERS_PRINT 149
@ -448,7 +1011,6 @@ void ERR_load_EC_strings(void);
#define EC_F_EC_KEY_PRINT 180
#define EC_F_EC_KEY_PRINT_FP 181
#define EC_F_EC_POINTS_MAKE_AFFINE 136
#define EC_F_EC_POINTS_MUL 138
#define EC_F_EC_POINT_ADD 112
#define EC_F_EC_POINT_CMP 113
#define EC_F_EC_POINT_COPY 114
@ -479,21 +1041,31 @@ void ERR_load_EC_strings(void);
#define EC_F_I2D_ECPRIVATEKEY 192
#define EC_F_I2O_ECPUBLICKEY 151
#define EC_F_O2I_ECPUBLICKEY 152
#define EC_F_OLD_EC_PRIV_DECODE 222
#define EC_F_PKEY_EC_CTRL 197
#define EC_F_PKEY_EC_CTRL_STR 198
#define EC_F_PKEY_EC_DERIVE 217
#define EC_F_PKEY_EC_KEYGEN 199
#define EC_F_PKEY_EC_PARAMGEN 219
#define EC_F_PKEY_EC_SIGN 218
/* Reason codes. */
#define EC_R_ASN1_ERROR 115
#define EC_R_ASN1_UNKNOWN_FIELD 116
#define EC_R_BUFFER_TOO_SMALL 100
#define EC_R_D2I_ECPKPARAMETERS_FAILURE 117
#define EC_R_DECODE_ERROR 142
#define EC_R_DISCRIMINANT_IS_ZERO 118
#define EC_R_EC_GROUP_NEW_BY_NAME_FAILURE 119
#define EC_R_FIELD_TOO_LARGE 138
#define EC_R_FIELD_TOO_LARGE 143
#define EC_R_GROUP2PKPARAMETERS_FAILURE 120
#define EC_R_I2D_ECPKPARAMETERS_FAILURE 121
#define EC_R_INCOMPATIBLE_OBJECTS 101
#define EC_R_INVALID_ARGUMENT 112
#define EC_R_INVALID_COMPRESSED_POINT 110
#define EC_R_INVALID_COMPRESSION_BIT 109
#define EC_R_INVALID_CURVE 141
#define EC_R_INVALID_DIGEST_TYPE 138
#define EC_R_INVALID_ENCODING 102
#define EC_R_INVALID_FIELD 103
#define EC_R_INVALID_FORM 104
@ -501,6 +1073,7 @@ void ERR_load_EC_strings(void);
#define EC_R_INVALID_PENTANOMIAL_BASIS 132
#define EC_R_INVALID_PRIVATE_KEY 123
#define EC_R_INVALID_TRINOMIAL_BASIS 137
#define EC_R_KEYS_NOT_SET 140
#define EC_R_MISSING_PARAMETERS 124
#define EC_R_MISSING_PRIVATE_KEY 125
#define EC_R_NOT_A_NIST_PRIME 135
@ -508,6 +1081,7 @@ void ERR_load_EC_strings(void);
#define EC_R_NOT_IMPLEMENTED 126
#define EC_R_NOT_INITIALIZED 111
#define EC_R_NO_FIELD_MOD 133
#define EC_R_NO_PARAMETERS_SET 139
#define EC_R_PASSED_NULL_PARAMETER 134
#define EC_R_PKPARAMETERS2GROUP_FAILURE 127
#define EC_R_POINT_AT_INFINITY 106

193
include/openssl/ecdsa.h
View File

@ -4,7 +4,7 @@
* \author Written by Nils Larsch for the OpenSSL project
*/
/* ====================================================================
* Copyright (c) 2000-2003 The OpenSSL Project. All rights reserved.
* Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@ -81,156 +81,143 @@ typedef struct ECDSA_SIG_st
BIGNUM *s;
} ECDSA_SIG;
/** ECDSA_SIG *ECDSA_SIG_new(void)
* allocates and initialize a ECDSA_SIG structure
* \return pointer to a ECDSA_SIG structure or NULL if an error occurred
/** Allocates and initialize a ECDSA_SIG structure
* \return pointer to a ECDSA_SIG structure or NULL if an error occurred
*/
ECDSA_SIG *ECDSA_SIG_new(void);
/** ECDSA_SIG_free
* frees a ECDSA_SIG structure
* \param a pointer to the ECDSA_SIG structure
/** frees a ECDSA_SIG structure
* \param sig pointer to the ECDSA_SIG structure
*/
void ECDSA_SIG_free(ECDSA_SIG *a);
void ECDSA_SIG_free(ECDSA_SIG *sig);
/** i2d_ECDSA_SIG
* DER encode content of ECDSA_SIG object (note: this function modifies *pp
* (*pp += length of the DER encoded signature)).
* \param a pointer to the ECDSA_SIG object
* \param pp pointer to a unsigned char pointer for the output or NULL
* \return the length of the DER encoded ECDSA_SIG object or 0
/** DER encode content of ECDSA_SIG object (note: this function modifies *pp
* (*pp += length of the DER encoded signature)).
* \param sig pointer to the ECDSA_SIG object
* \param pp pointer to a unsigned char pointer for the output or NULL
* \return the length of the DER encoded ECDSA_SIG object or 0
*/
int i2d_ECDSA_SIG(const ECDSA_SIG *a, unsigned char **pp);
int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
/** d2i_ECDSA_SIG
* decodes a DER encoded ECDSA signature (note: this function changes *pp
* (*pp += len)).
* \param v pointer to ECDSA_SIG pointer (may be NULL)
* \param pp buffer with the DER encoded signature
* \param len bufferlength
* \return pointer to the decoded ECDSA_SIG structure (or NULL)
/** Decodes a DER encoded ECDSA signature (note: this function changes *pp
* (*pp += len)).
* \param sig pointer to ECDSA_SIG pointer (may be NULL)
* \param pp memory buffer with the DER encoded signature
* \param len length of the buffer
* \return pointer to the decoded ECDSA_SIG structure (or NULL)
*/
ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **v, const unsigned char **pp, long len);
ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
/** ECDSA_do_sign
* computes the ECDSA signature of the given hash value using
* the supplied private key and returns the created signature.
* \param dgst pointer to the hash value
* \param dgst_len length of the hash value
* \param eckey pointer to the EC_KEY object containing a private EC key
* \return pointer to a ECDSA_SIG structure or NULL
/** Computes the ECDSA signature of the given hash value using
* the supplied private key and returns the created signature.
* \param dgst pointer to the hash value
* \param dgst_len length of the hash value
* \param eckey EC_KEY object containing a private EC key
* \return pointer to a ECDSA_SIG structure or NULL if an error occurred
*/
ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst,int dgst_len,EC_KEY *eckey);
/** ECDSA_do_sign_ex
* computes ECDSA signature of a given hash value using the supplied
* private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
* \param dgst pointer to the hash value to sign
* \param dgstlen length of the hash value
* \param kinv optional pointer to a pre-computed inverse k
* \param rp optional pointer to the pre-computed rp value (see
* ECDSA_sign_setup
* \param eckey pointer to the EC_KEY object containing a private EC key
* \return pointer to a ECDSA_SIG structure or NULL
/** Computes ECDSA signature of a given hash value using the supplied
* private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
* \param dgst pointer to the hash value to sign
* \param dgstlen length of the hash value
* \param kinv BIGNUM with a pre-computed inverse k (optional)
* \param rp BIGNUM with a pre-computed rp value (optioanl),
* see ECDSA_sign_setup
* \param eckey EC_KEY object containing a private EC key
* \return pointer to a ECDSA_SIG structure or NULL if an error occurred
*/
ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);
/** ECDSA_do_verify
* verifies that the supplied signature is a valid ECDSA
* signature of the supplied hash value using the supplied public key.
* \param dgst pointer to the hash value
* \param dgst_len length of the hash value
* \param sig pointer to the ECDSA_SIG structure
* \param eckey pointer to the EC_KEY object containing a public EC key
* \return 1 if the signature is valid, 0 if the signature is invalid and -1 on error
/** Verifies that the supplied signature is a valid ECDSA
* signature of the supplied hash value using the supplied public key.
* \param dgst pointer to the hash value
* \param dgst_len length of the hash value
* \param sig ECDSA_SIG structure
* \param eckey EC_KEY object containing a public EC key
* \return 1 if the signature is valid, 0 if the signature is invalid
* and -1 on error
*/
int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
const ECDSA_SIG *sig, EC_KEY* eckey);
const ECDSA_METHOD *ECDSA_OpenSSL(void);
/** ECDSA_set_default_method
* sets the default ECDSA method
* \param meth the new default ECDSA_METHOD
/** Sets the default ECDSA method
* \param meth new default ECDSA_METHOD
*/
void ECDSA_set_default_method(const ECDSA_METHOD *meth);
/** ECDSA_get_default_method
* returns the default ECDSA method
* \return pointer to ECDSA_METHOD structure containing the default method
/** Returns the default ECDSA method
* \return pointer to ECDSA_METHOD structure containing the default method
*/
const ECDSA_METHOD *ECDSA_get_default_method(void);
/** ECDSA_set_method
* sets method to be used for the ECDSA operations
* \param eckey pointer to the EC_KEY object
* \param meth pointer to the new method
* \return 1 on success and 0 otherwise
/** Sets method to be used for the ECDSA operations
* \param eckey EC_KEY object
* \param meth new method
* \return 1 on success and 0 otherwise
*/
int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth);
/** ECDSA_size
* returns the maximum length of the DER encoded signature
* \param eckey pointer to a EC_KEY object
* \return numbers of bytes required for the DER encoded signature
/** Returns the maximum length of the DER encoded signature
* \param eckey EC_KEY object
* \return numbers of bytes required for the DER encoded signature
*/
int ECDSA_size(const EC_KEY *eckey);
/** ECDSA_sign_setup
* precompute parts of the signing operation.
* \param eckey pointer to the EC_KEY object containing a private EC key
* \param ctx pointer to a BN_CTX object (may be NULL)
* \param kinv pointer to a BIGNUM pointer for the inverse of k
* \param rp pointer to a BIGNUM pointer for x coordinate of k * generator
* \return 1 on success and 0 otherwise
/** Precompute parts of the signing operation
* \param eckey EC_KEY object containing a private EC key
* \param ctx BN_CTX object (optional)
* \param kinv BIGNUM pointer for the inverse of k
* \param rp BIGNUM pointer for x coordinate of k * generator
* \return 1 on success and 0 otherwise
*/
int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv,
BIGNUM **rp);
/** ECDSA_sign
* computes ECDSA signature of a given hash value using the supplied
* private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
* \param type this parameter is ignored
* \param dgst pointer to the hash value to sign
* \param dgstlen length of the hash value
* \param sig buffer to hold the DER encoded signature
* \param siglen pointer to the length of the returned signature
* \param eckey pointer to the EC_KEY object containing a private EC key
* \return 1 on success and 0 otherwise
/** Computes ECDSA signature of a given hash value using the supplied
* private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
* \param type this parameter is ignored
* \param dgst pointer to the hash value to sign
* \param dgstlen length of the hash value
* \param sig memory for the DER encoded created signature
* \param siglen pointer to the length of the returned signature
* \param eckey EC_KEY object containing a private EC key
* \return 1 on success and 0 otherwise
*/
int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
/** ECDSA_sign_ex
* computes ECDSA signature of a given hash value using the supplied
* private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
* \param type this parameter is ignored
* \param dgst pointer to the hash value to sign
* \param dgstlen length of the hash value
* \param sig buffer to hold the DER encoded signature
* \param siglen pointer to the length of the returned signature
* \param kinv optional pointer to a pre-computed inverse k
* \param rp optional pointer to the pre-computed rp value (see
* ECDSA_sign_setup
* \param eckey pointer to the EC_KEY object containing a private EC key
* \return 1 on success and 0 otherwise
/** Computes ECDSA signature of a given hash value using the supplied
* private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
* \param type this parameter is ignored
* \param dgst pointer to the hash value to sign
* \param dgstlen length of the hash value
* \param sig buffer to hold the DER encoded signature
* \param siglen pointer to the length of the returned signature
* \param kinv BIGNUM with a pre-computed inverse k (optional)
* \param rp BIGNUM with a pre-computed rp value (optioanl),
* see ECDSA_sign_setup
* \param eckey EC_KEY object containing a private EC key
* \return 1 on success and 0 otherwise
*/
int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen,
unsigned char *sig, unsigned int *siglen, const BIGNUM *kinv,
const BIGNUM *rp, EC_KEY *eckey);
/** ECDSA_verify
* verifies that the given signature is valid ECDSA signature
* of the supplied hash value using the specified public key.
* \param type this parameter is ignored
* \param dgst pointer to the hash value
* \param dgstlen length of the hash value
* \param sig pointer to the DER encoded signature
* \param siglen length of the DER encoded signature
* \param eckey pointer to the EC_KEY object containing a public EC key
* \return 1 if the signature is valid, 0 if the signature is invalid and -1 on error
/** Verifies that the given signature is valid ECDSA signature
* of the supplied hash value using the specified public key.
* \param type this parameter is ignored
* \param dgst pointer to the hash value
* \param dgstlen length of the hash value
* \param sig pointer to the DER encoded signature
* \param siglen length of the DER encoded signature
* \param eckey EC_KEY object containing a public EC key
* \return 1 if the signature is valid, 0 if the signature is invalid
* and -1 on error
*/
int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
const unsigned char *sig, int siglen, EC_KEY *eckey);

57
include/openssl/engine.h
View File

@ -88,16 +88,15 @@
#include <openssl/ecdsa.h>
#endif
#include <openssl/rand.h>
#include <openssl/store.h>
#include <openssl/ui.h>
#include <openssl/err.h>
#endif
#include <openssl/x509.h>
#include <openssl/ossl_typ.h>
#include <openssl/symhacks.h>
#include <openssl/x509.h>
#ifdef __cplusplus
extern "C" {
#endif
@ -113,6 +112,8 @@ extern "C" {
#define ENGINE_METHOD_CIPHERS (unsigned int)0x0040
#define ENGINE_METHOD_DIGESTS (unsigned int)0x0080
#define ENGINE_METHOD_STORE (unsigned int)0x0100
#define ENGINE_METHOD_PKEY_METHS (unsigned int)0x0200
#define ENGINE_METHOD_PKEY_ASN1_METHS (unsigned int)0x0400
/* Obvious all-or-nothing cases. */
#define ENGINE_METHOD_ALL (unsigned int)0xFFFF
#define ENGINE_METHOD_NONE (unsigned int)0x0000
@ -297,7 +298,8 @@ typedef int (*ENGINE_SSL_CLIENT_CERT_PTR)(ENGINE *, SSL *ssl,
* parameter is non-NULL it is set to the size of the returned array. */
typedef int (*ENGINE_CIPHERS_PTR)(ENGINE *, const EVP_CIPHER **, const int **, int);
typedef int (*ENGINE_DIGESTS_PTR)(ENGINE *, const EVP_MD **, const int **, int);
typedef int (*ENGINE_PKEY_METHS_PTR)(ENGINE *, EVP_PKEY_METHOD **, const int **, int);
typedef int (*ENGINE_PKEY_ASN1_METHS_PTR)(ENGINE *, EVP_PKEY_ASN1_METHOD **, const int **, int);
/* STRUCTURE functions ... all of these functions deal with pointers to ENGINE
* structures where the pointers have a "structural reference". This means that
* their reference is to allowed access to the structure but it does not imply
@ -329,21 +331,20 @@ void ENGINE_load_aep(void);
void ENGINE_load_atalla(void);
void ENGINE_load_chil(void);
void ENGINE_load_cswift(void);
#ifndef OPENSSL_NO_GMP
void ENGINE_load_gmp(void);
#endif
void ENGINE_load_nuron(void);
void ENGINE_load_sureware(void);
void ENGINE_load_ubsec(void);
void ENGINE_load_padlock(void);
void ENGINE_load_capi(void);
#ifndef OPENSSL_NO_GMP
void ENGINE_load_gmp(void);
#endif
#ifndef OPENSSL_NO_GOST
void ENGINE_load_gost(void);
#endif
#endif
void ENGINE_load_cryptodev(void);
void ENGINE_load_padlock(void);
void ENGINE_load_builtin_engines(void);
#ifdef OPENSSL_SYS_WIN32
#ifndef OPENSSL_NO_CAPIENG
void ENGINE_load_capi(void);
#endif
#endif
/* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation
* "registry" handling. */
@ -394,6 +395,14 @@ int ENGINE_register_digests(ENGINE *e);
void ENGINE_unregister_digests(ENGINE *e);
void ENGINE_register_all_digests(void);
int ENGINE_register_pkey_meths(ENGINE *e);
void ENGINE_unregister_pkey_meths(ENGINE *e);
void ENGINE_register_all_pkey_meths(void);
int ENGINE_register_pkey_asn1_meths(ENGINE *e);
void ENGINE_unregister_pkey_asn1_meths(ENGINE *e);
void ENGINE_register_all_pkey_asn1_meths(void);
/* These functions register all support from the above categories. Note, use of
* these functions can result in static linkage of code your application may not
* need. If you only need a subset of functionality, consider using more
@ -473,6 +482,8 @@ int ENGINE_set_load_ssl_client_cert_function(ENGINE *e,
ENGINE_SSL_CLIENT_CERT_PTR loadssl_f);
int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
int ENGINE_set_pkey_meths(ENGINE *e, ENGINE_PKEY_METHS_PTR f);
int ENGINE_set_pkey_asn1_meths(ENGINE *e, ENGINE_PKEY_ASN1_METHS_PTR f);
int ENGINE_set_flags(ENGINE *e, int flags);
int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
/* These functions allow control over any per-structure ENGINE data. */
@ -509,8 +520,16 @@ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
ENGINE_SSL_CLIENT_CERT_PTR ENGINE_get_ssl_client_cert_function(const ENGINE *e);
ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
ENGINE_PKEY_METHS_PTR ENGINE_get_pkey_meths(const ENGINE *e);
ENGINE_PKEY_ASN1_METHS_PTR ENGINE_get_pkey_asn1_meths(const ENGINE *e);
const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
const EVP_PKEY_METHOD *ENGINE_get_pkey_meth(ENGINE *e, int nid);
const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth(ENGINE *e, int nid);
const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth_str(ENGINE *e,
const char *str, int len);
const EVP_PKEY_ASN1_METHOD *ENGINE_pkey_asn1_find_str(ENGINE **pe,
const char *str, int len);
const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
int ENGINE_get_flags(const ENGINE *e);
@ -562,6 +581,8 @@ ENGINE *ENGINE_get_default_RAND(void);
* ciphering or digesting corresponding to "nid". */
ENGINE *ENGINE_get_cipher_engine(int nid);
ENGINE *ENGINE_get_digest_engine(int nid);
ENGINE *ENGINE_get_pkey_meth_engine(int nid);
ENGINE *ENGINE_get_pkey_asn1_meth_engine(int nid);
/* This sets a new default ENGINE structure for performing RSA
* operations. If the result is non-zero (success) then the ENGINE
@ -577,6 +598,8 @@ int ENGINE_set_default_DH(ENGINE *e);
int ENGINE_set_default_RAND(ENGINE *e);
int ENGINE_set_default_ciphers(ENGINE *e);
int ENGINE_set_default_digests(ENGINE *e);
int ENGINE_set_default_pkey_meths(ENGINE *e);
int ENGINE_set_default_pkey_asn1_meths(ENGINE *e);
/* The combination "set" - the flags are bitwise "OR"d from the
* ENGINE_METHOD_*** defines above. As with the "ENGINE_register_complete()"
@ -705,7 +728,7 @@ typedef int (*dynamic_bind_engine)(ENGINE *e, const char *id,
* values. */
void *ENGINE_get_static_state(void);
#if defined(__OpenBSD__) || defined(__FreeBSD__)
#if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)
void ENGINE_setup_bsd_cryptodev(void);
#endif
@ -734,13 +757,15 @@ void ERR_load_ENGINE_strings(void);
#define ENGINE_F_ENGINE_GET_DEFAULT_TYPE 177
#define ENGINE_F_ENGINE_GET_DIGEST 186
#define ENGINE_F_ENGINE_GET_NEXT 115
#define ENGINE_F_ENGINE_GET_PKEY_ASN1_METH 193
#define ENGINE_F_ENGINE_GET_PKEY_METH 192
#define ENGINE_F_ENGINE_GET_PREV 116
#define ENGINE_F_ENGINE_INIT 119
#define ENGINE_F_ENGINE_LIST_ADD 120
#define ENGINE_F_ENGINE_LIST_REMOVE 121
#define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY 150
#define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY 151
#define ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT 192
#define ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT 194
#define ENGINE_F_ENGINE_NEW 122
#define ENGINE_F_ENGINE_REMOVE 123
#define ENGINE_F_ENGINE_SET_DEFAULT_STRING 189
@ -769,6 +794,7 @@ void ERR_load_ENGINE_strings(void);
#define ENGINE_R_DSO_FAILURE 104
#define ENGINE_R_DSO_NOT_FOUND 132
#define ENGINE_R_ENGINES_SECTION_ERROR 148
#define ENGINE_R_ENGINE_CONFIGURATION_ERROR 102
#define ENGINE_R_ENGINE_IS_NOT_IN_LIST 105
#define ENGINE_R_ENGINE_SECTION_ERROR 149
#define ENGINE_R_FAILED_LOADING_PRIVATE_KEY 128
@ -795,6 +821,7 @@ void ERR_load_ENGINE_strings(void);
#define ENGINE_R_RSA_NOT_IMPLEMENTED 141
#define ENGINE_R_UNIMPLEMENTED_CIPHER 146
#define ENGINE_R_UNIMPLEMENTED_DIGEST 147
#define ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD 101
#define ENGINE_R_VERSION_INCOMPATIBILITY 145
#ifdef __cplusplus

77
include/openssl/err.h
View File

@ -55,6 +55,59 @@
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
/* ====================================================================
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#ifndef HEADER_ERR_H
#define HEADER_ERR_H
@ -94,7 +147,7 @@ extern "C" {
#define ERR_NUM_ERRORS 16
typedef struct err_state_st
{
unsigned long pid;
CRYPTO_THREADID tid;
int err_flags[ERR_NUM_ERRORS];
unsigned long err_buffer[ERR_NUM_ERRORS];
char *err_data[ERR_NUM_ERRORS];
@ -142,7 +195,9 @@ typedef struct err_state_st
#define ERR_LIB_STORE 44
#define ERR_LIB_FIPS 45
#define ERR_LIB_CMS 46
#define ERR_LIB_JPAKE 47
#define ERR_LIB_TS 47
#define ERR_LIB_HMAC 48
#define ERR_LIB_JPAKE 49
#define ERR_LIB_USER 128
@ -176,6 +231,8 @@ typedef struct err_state_st
#define STOREerr(f,r) ERR_PUT_error(ERR_LIB_STORE,(f),(r),__FILE__,__LINE__)
#define FIPSerr(f,r) ERR_PUT_error(ERR_LIB_FIPS,(f),(r),__FILE__,__LINE__)
#define CMSerr(f,r) ERR_PUT_error(ERR_LIB_CMS,(f),(r),__FILE__,__LINE__)
#define TSerr(f,r) ERR_PUT_error(ERR_LIB_TS,(f),(r),__FILE__,__LINE__)
#define HMACerr(f,r) ERR_PUT_error(ERR_LIB_HMAC,(f),(r),__FILE__,__LINE__)
#define JPAKEerr(f,r) ERR_PUT_error(ERR_LIB_JPAKE,(f),(r),__FILE__,__LINE__)
/* Borland C seems too stupid to be able to shift and do longs in
@ -232,6 +289,7 @@ typedef struct err_state_st
#define ERR_R_ECDSA_LIB ERR_LIB_ECDSA /* 42 */
#define ERR_R_ECDH_LIB ERR_LIB_ECDH /* 43 */
#define ERR_R_STORE_LIB ERR_LIB_STORE /* 44 */
#define ERR_R_TS_LIB ERR_LIB_TS /* 45 */
#define ERR_R_NESTED_ASN1_ERROR 58
#define ERR_R_BAD_ASN1_OBJECT_HEADER 59
@ -294,13 +352,16 @@ void ERR_load_ERR_strings(void);
void ERR_load_crypto_strings(void);
void ERR_free_strings(void);
void ERR_remove_thread_state(const CRYPTO_THREADID *tid);
#ifndef OPENSSL_NO_DEPRECATED
void ERR_remove_state(unsigned long pid); /* if zero we look it up */
#endif
ERR_STATE *ERR_get_state(void);
#ifndef OPENSSL_NO_LHASH
LHASH *ERR_get_string_table(void);
LHASH *ERR_get_err_state_table(void);
void ERR_release_err_state_table(LHASH **hash);
LHASH_OF(ERR_STRING_DATA) *ERR_get_string_table(void);
LHASH_OF(ERR_STATE) *ERR_get_err_state_table(void);
void ERR_release_err_state_table(LHASH_OF(ERR_STATE) **hash);
#endif
int ERR_get_next_error_library(void);
@ -308,12 +369,6 @@ int ERR_get_next_error_library(void);
int ERR_set_mark(void);
int ERR_pop_to_mark(void);
#ifdef OPENSSL_FIPS
void int_ERR_set_state_func(ERR_STATE *(*get_func)(void),
void (*remove_func)(unsigned long pid));
void int_ERR_lib_init(void);
#endif
/* Already defined in ossl_typ.h */
/* typedef struct st_ERR_FNS ERR_FNS; */
/* An application can use this function and provide the return value to loaded

535
include/openssl/evp.h
View File

@ -75,10 +75,6 @@
#include <openssl/bio.h>
#endif
#ifdef OPENSSL_FIPS
#include <openssl/fips.h>
#endif
/*
#define EVP_RC2_KEY_SIZE 16
#define EVP_RC4_KEY_SIZE 16
@ -119,6 +115,7 @@
#define EVP_PKEY_DSA4 NID_dsaWithSHA1_2
#define EVP_PKEY_DH NID_dhKeyAgreement
#define EVP_PKEY_EC NID_X9_62_id_ecPublicKey
#define EVP_PKEY_HMAC NID_hmac
#ifdef __cplusplus
extern "C" {
@ -132,6 +129,8 @@ struct evp_pkey_st
int type;
int save_type;
int references;
const EVP_PKEY_ASN1_METHOD *ameth;
ENGINE *engine;
union {
char *ptr;
#ifndef OPENSSL_NO_RSA
@ -156,73 +155,6 @@ struct evp_pkey_st
#define EVP_PKEY_MO_ENCRYPT 0x0004
#define EVP_PKEY_MO_DECRYPT 0x0008
#if 0
/* This structure is required to tie the message digest and signing together.
* The lookup can be done by md/pkey_method, oid, oid/pkey_method, or
* oid, md and pkey.
* This is required because for various smart-card perform the digest and
* signing/verification on-board. To handle this case, the specific
* EVP_MD and EVP_PKEY_METHODs need to be closely associated.
* When a PKEY is created, it will have a EVP_PKEY_METHOD associated with it.
* This can either be software or a token to provide the required low level
* routines.
*/
typedef struct evp_pkey_md_st
{
int oid;
EVP_MD *md;
EVP_PKEY_METHOD *pkey;
} EVP_PKEY_MD;
#define EVP_rsa_md2() \
EVP_PKEY_MD_add(NID_md2WithRSAEncryption,\
EVP_rsa_pkcs1(),EVP_md2())
#define EVP_rsa_md5() \
EVP_PKEY_MD_add(NID_md5WithRSAEncryption,\
EVP_rsa_pkcs1(),EVP_md5())
#define EVP_rsa_sha0() \
EVP_PKEY_MD_add(NID_shaWithRSAEncryption,\
EVP_rsa_pkcs1(),EVP_sha())
#define EVP_rsa_sha1() \
EVP_PKEY_MD_add(NID_sha1WithRSAEncryption,\
EVP_rsa_pkcs1(),EVP_sha1())
#define EVP_rsa_ripemd160() \
EVP_PKEY_MD_add(NID_ripemd160WithRSA,\
EVP_rsa_pkcs1(),EVP_ripemd160())
#define EVP_rsa_mdc2() \
EVP_PKEY_MD_add(NID_mdc2WithRSA,\
EVP_rsa_octet_string(),EVP_mdc2())
#define EVP_dsa_sha() \
EVP_PKEY_MD_add(NID_dsaWithSHA,\
EVP_dsa(),EVP_sha())
#define EVP_dsa_sha1() \
EVP_PKEY_MD_add(NID_dsaWithSHA1,\
EVP_dsa(),EVP_sha1())
typedef struct evp_pkey_method_st
{
char *name;
int flags;
int type; /* RSA, DSA, an SSLeay specific constant */
int oid; /* For the pub-key type */
int encrypt_oid; /* pub/priv key encryption */
int (*sign)();
int (*verify)();
struct {
int (*set)(); /* get and/or set the underlying type */
int (*get)();
int (*encrypt)();
int (*decrypt)();
int (*i2d)();
int (*d2i)();
int (*dup)();
} pub,priv;
int (*set_asn1_parameters)();
int (*get_asn1_parameters)();
} EVP_PKEY_METHOD;
#endif
#ifndef EVP_MD
struct env_md_st
{
@ -245,6 +177,8 @@ struct env_md_st
int required_pkey_type[5]; /*EVP_PKEY_xxx */
int block_size;
int ctx_size; /* how big does the ctx->md_data need to be */
/* control function */
int (*md_ctrl)(EVP_MD_CTX *ctx, int cmd, int p1, void *p2);
} /* EVP_MD */;
typedef int evp_sign_method(int type,const unsigned char *m,
@ -254,18 +188,42 @@ typedef int evp_verify_method(int type,const unsigned char *m,
unsigned int m_length,const unsigned char *sigbuf,
unsigned int siglen, void *key);
typedef struct
{
EVP_MD_CTX *mctx;
void *key;
} EVP_MD_SVCTX;
#define EVP_MD_FLAG_ONESHOT 0x0001 /* digest can only handle a single
* block */
#define EVP_MD_FLAG_FIPS 0x0400 /* Note if suitable for use in FIPS mode */
#define EVP_MD_FLAG_PKEY_DIGEST 0x0002 /* digest is a "clone" digest used
* which is a copy of an existing
* one for a specific public key type.
* EVP_dss1() etc */
#define EVP_MD_FLAG_SVCTX 0x0800 /* pass EVP_MD_SVCTX to sign/verify */
/* Digest uses EVP_PKEY_METHOD for signing instead of MD specific signing */
#define EVP_MD_FLAG_PKEY_METHOD_SIGNATURE 0x0004
/* DigestAlgorithmIdentifier flags... */
#define EVP_MD_FLAG_DIGALGID_MASK 0x0018
/* NULL or absent parameter accepted. Use NULL */
#define EVP_MD_FLAG_DIGALGID_NULL 0x0000
/* NULL or absent parameter accepted. Use NULL for PKCS#1 otherwise absent */
#define EVP_MD_FLAG_DIGALGID_ABSENT 0x0008
/* Custom handling via ctrl */
#define EVP_MD_FLAG_DIGALGID_CUSTOM 0x0018
/* Digest ctrls */
#define EVP_MD_CTRL_DIGALGID 0x1
#define EVP_MD_CTRL_MICALG 0x2
/* Minimum Algorithm specific ctrl value */
#define EVP_MD_CTRL_ALG_CTRL 0x1000
#define EVP_PKEY_NULL_method NULL,NULL,{0,0,0,0}
@ -307,6 +265,10 @@ struct env_md_ctx_st
ENGINE *engine; /* functional reference if 'digest' is ENGINE-provided */
unsigned long flags;
void *md_data;
/* Public key context for sign/verify */
EVP_PKEY_CTX *pctx;
/* Update function: usually copied from EVP_MD */
int (*update)(EVP_MD_CTX *ctx,const void *data,size_t count);
} /* EVP_MD_CTX */;
/* values for EVP_MD_CTX flags */
@ -317,17 +279,23 @@ struct env_md_ctx_st
* cleaned */
#define EVP_MD_CTX_FLAG_REUSE 0x0004 /* Don't free up ctx->md_data
* in EVP_MD_CTX_cleanup */
/* FIPS and pad options are ignored in 1.0.0, definitions are here
* so we don't accidentally reuse the values for other purposes.
*/
#define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW 0x0008 /* Allow use of non FIPS digest
* in FIPS mode */
/* The following PAD options are also currently ignored in 1.0.0, digest
* parameters are handled through EVP_DigestSign*() and EVP_DigestVerify*()
* instead.
*/
#define EVP_MD_CTX_FLAG_PAD_MASK 0xF0 /* RSA mode to use */
#define EVP_MD_CTX_FLAG_PAD_PKCS1 0x00 /* PKCS#1 v1.5 mode */
#define EVP_MD_CTX_FLAG_PAD_X931 0x10 /* X9.31 mode */
#define EVP_MD_CTX_FLAG_PAD_PSS 0x20 /* PSS mode */
#define M_EVP_MD_CTX_FLAG_PSS_SALT(ctx) \
((ctx->flags>>16) &0xFFFF) /* seed length */
#define EVP_MD_CTX_FLAG_PSS_MDLEN 0xFFFF /* salt len same as digest */
#define EVP_MD_CTX_FLAG_PSS_MREC 0xFFFE /* salt max or auto recovered */
#define EVP_MD_CTX_FLAG_NO_INIT 0x0100 /* Don't initialize md_data */
struct evp_cipher_st
{
@ -339,7 +307,7 @@ struct evp_cipher_st
int (*init)(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc); /* init key */
int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, unsigned int inl);/* encrypt/decrypt data */
const unsigned char *in, size_t inl);/* encrypt/decrypt data */
int (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */
int ctx_size; /* how big ctx->cipher_data needs to be */
int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Populate a ASN1_TYPE with parameters */
@ -357,7 +325,7 @@ struct evp_cipher_st
#define EVP_CIPH_CBC_MODE 0x2
#define EVP_CIPH_CFB_MODE 0x3
#define EVP_CIPH_OFB_MODE 0x4
#define EVP_CIPH_MODE 0x7
#define EVP_CIPH_MODE 0xF0007
/* Set if variable length cipher */
#define EVP_CIPH_VARIABLE_LENGTH 0x8
/* Set if the iv handling should be done by the cipher itself */
@ -372,10 +340,8 @@ struct evp_cipher_st
#define EVP_CIPH_NO_PADDING 0x100
/* cipher handles random key generation */
#define EVP_CIPH_RAND_KEY 0x200
/* Note if suitable for use in FIPS mode */
#define EVP_CIPH_FLAG_FIPS 0x400
/* Allow non FIPS cipher in FIPS mode */
#define EVP_CIPH_FLAG_NON_FIPS_ALLOW 0x800
/* cipher has its own additional copying logic */
#define EVP_CIPH_CUSTOM_COPY 0x400
/* Allow use default ASN1 get/set iv */
#define EVP_CIPH_FLAG_DEFAULT_ASN1 0x1000
/* Buffer length in bits not bytes: CFB1 mode only */
@ -390,6 +356,8 @@ struct evp_cipher_st
#define EVP_CTRL_GET_RC5_ROUNDS 0x4
#define EVP_CTRL_SET_RC5_ROUNDS 0x5
#define EVP_CTRL_RAND_KEY 0x6
#define EVP_CTRL_PBE_PRF_NID 0x7
#define EVP_CTRL_COPY 0x8
typedef struct evp_cipher_info_st
{
@ -462,26 +430,15 @@ typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
#define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a))
#define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a))
/* Macros to reduce FIPS dependencies: do NOT use in applications */
#define M_EVP_MD_size(e) ((e)->md_size)
#define M_EVP_MD_block_size(e) ((e)->block_size)
#define M_EVP_MD_CTX_set_flags(ctx,flgs) ((ctx)->flags|=(flgs))
#define M_EVP_MD_CTX_clear_flags(ctx,flgs) ((ctx)->flags&=~(flgs))
#define M_EVP_MD_CTX_test_flags(ctx,flgs) ((ctx)->flags&(flgs))
#define M_EVP_MD_type(e) ((e)->type)
#define M_EVP_MD_CTX_type(e) M_EVP_MD_type(M_EVP_MD_CTX_md(e))
#define M_EVP_MD_CTX_md(e) ((e)->digest)
#define M_EVP_CIPHER_CTX_set_flags(ctx,flgs) ((ctx)->flags|=(flgs))
int EVP_MD_type(const EVP_MD *md);
#define EVP_MD_nid(e) EVP_MD_type(e)
#define EVP_MD_name(e) OBJ_nid2sn(EVP_MD_nid(e))
int EVP_MD_pkey_type(const EVP_MD *md);
int EVP_MD_size(const EVP_MD *md);
int EVP_MD_block_size(const EVP_MD *md);
unsigned long EVP_MD_flags(const EVP_MD *md);
const EVP_MD * EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
#define EVP_MD_CTX_size(e) EVP_MD_size(EVP_MD_CTX_md(e))
#define EVP_MD_CTX_block_size(e) EVP_MD_block_size(EVP_MD_CTX_md(e))
#define EVP_MD_CTX_type(e) EVP_MD_type(EVP_MD_CTX_md(e))
@ -499,6 +456,7 @@ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in);
void * EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data);
#define EVP_CIPHER_CTX_type(c) EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c))
@ -516,6 +474,8 @@ unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx);
#define EVP_VerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
#define EVP_OpenUpdate(a,b,c,d,e) EVP_DecryptUpdate(a,b,c,d,e)
#define EVP_SealUpdate(a,b,c,d,e) EVP_EncryptUpdate(a,b,c,d,e)
#define EVP_DigestSignUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
#define EVP_DigestVerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
#ifdef CONST_STRICT
void BIO_set_md(BIO *,const EVP_MD *md);
@ -562,6 +522,7 @@ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
int EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s);
int EVP_read_pw_string(char *buf,int length,const char *prompt,int verify);
int EVP_read_pw_string_min(char *buf,int minlen,int maxlen,const char *prompt,int verify);
void EVP_set_pw_prompt(const char *prompt);
char * EVP_get_pw_prompt(void);
@ -608,6 +569,16 @@ int EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s,
int EVP_VerifyFinal(EVP_MD_CTX *ctx,const unsigned char *sigbuf,
unsigned int siglen,EVP_PKEY *pkey);
int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
int EVP_DigestSignFinal(EVP_MD_CTX *ctx,
unsigned char *sigret, size_t *siglen);
int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx,
unsigned char *sig, size_t siglen);
int EVP_OpenInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type,
const unsigned char *ek, int ekl, const unsigned char *iv,
EVP_PKEY *priv);
@ -680,6 +651,9 @@ const EVP_MD *EVP_mdc2(void);
#ifndef OPENSSL_NO_RIPEMD
const EVP_MD *EVP_ripemd160(void);
#endif
#ifndef OPENSSL_NO_WHIRLPOOL
const EVP_MD *EVP_whirlpool(void);
#endif
const EVP_CIPHER *EVP_enc_null(void); /* does nothing :-) */
#ifndef OPENSSL_NO_DES
const EVP_CIPHER *EVP_des_ecb(void);
@ -847,16 +821,31 @@ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
const EVP_MD *EVP_get_digestbyname(const char *name);
void EVP_cleanup(void);
int EVP_PKEY_decrypt(unsigned char *dec_key,
void EVP_CIPHER_do_all(void (*fn)(const EVP_CIPHER *ciph,
const char *from, const char *to, void *x), void *arg);
void EVP_CIPHER_do_all_sorted(void (*fn)(const EVP_CIPHER *ciph,
const char *from, const char *to, void *x), void *arg);
void EVP_MD_do_all(void (*fn)(const EVP_MD *ciph,
const char *from, const char *to, void *x), void *arg);
void EVP_MD_do_all_sorted(void (*fn)(const EVP_MD *ciph,
const char *from, const char *to, void *x), void *arg);
int EVP_PKEY_decrypt_old(unsigned char *dec_key,
const unsigned char *enc_key,int enc_key_len,
EVP_PKEY *private_key);
int EVP_PKEY_encrypt(unsigned char *enc_key,
int EVP_PKEY_encrypt_old(unsigned char *enc_key,
const unsigned char *key,int key_len,
EVP_PKEY *pub_key);
int EVP_PKEY_type(int type);
int EVP_PKEY_id(const EVP_PKEY *pkey);
int EVP_PKEY_base_id(const EVP_PKEY *pkey);
int EVP_PKEY_bits(EVP_PKEY *pkey);
int EVP_PKEY_size(EVP_PKEY *pkey);
int EVP_PKEY_assign(EVP_PKEY *pkey,int type,char *key);
int EVP_PKEY_set_type(EVP_PKEY *pkey,int type);
int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len);
int EVP_PKEY_assign(EVP_PKEY *pkey,int type,void *key);
void * EVP_PKEY_get0(EVP_PKEY *pkey);
#ifndef OPENSSL_NO_RSA
struct rsa_st;
@ -899,6 +888,15 @@ int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b);
int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b);
int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey,
int indent, ASN1_PCTX *pctx);
int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
int indent, ASN1_PCTX *pctx);
int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
int indent, ASN1_PCTX *pctx);
int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid);
int EVP_CIPHER_type(const EVP_CIPHER *ctx);
/* calls methods */
@ -916,6 +914,10 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
const unsigned char *salt, int saltlen, int iter,
int keylen, unsigned char *out);
int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
const unsigned char *salt, int saltlen, int iter,
const EVP_MD *digest,
int keylen, unsigned char *out);
int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md,
int en_de);
@ -924,27 +926,260 @@ void PKCS5_PBE_add(void);
int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de);
/* PBE type */
/* Can appear as the outermost AlgorithmIdentifier */
#define EVP_PBE_TYPE_OUTER 0x0
/* Is an PRF type OID */
#define EVP_PBE_TYPE_PRF 0x1
int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid,
EVP_PBE_KEYGEN *keygen);
int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
EVP_PBE_KEYGEN *keygen);
int EVP_PBE_find(int type, int pbe_nid,
int *pcnid, int *pmnid, EVP_PBE_KEYGEN **pkeygen);
void EVP_PBE_cleanup(void);
#ifdef OPENSSL_FIPS
#ifndef OPENSSL_NO_ENGINE
void int_EVP_MD_set_engine_callbacks(
int (*eng_md_init)(ENGINE *impl),
int (*eng_md_fin)(ENGINE *impl),
int (*eng_md_evp)
(EVP_MD_CTX *ctx, const EVP_MD **ptype, ENGINE *impl));
void int_EVP_MD_init_engine_callbacks(void);
void int_EVP_CIPHER_set_engine_callbacks(
int (*eng_ciph_fin)(ENGINE *impl),
int (*eng_ciph_evp)
(EVP_CIPHER_CTX *ctx, const EVP_CIPHER **pciph, ENGINE *impl));
void int_EVP_CIPHER_init_engine_callbacks(void);
#endif
#endif
#define ASN1_PKEY_ALIAS 0x1
#define ASN1_PKEY_DYNAMIC 0x2
#define ASN1_PKEY_SIGPARAM_NULL 0x4
void EVP_add_alg_module(void);
#define ASN1_PKEY_CTRL_PKCS7_SIGN 0x1
#define ASN1_PKEY_CTRL_PKCS7_ENCRYPT 0x2
#define ASN1_PKEY_CTRL_DEFAULT_MD_NID 0x3
#define ASN1_PKEY_CTRL_CMS_SIGN 0x5
#define ASN1_PKEY_CTRL_CMS_ENVELOPE 0x7
int EVP_PKEY_asn1_get_count(void);
const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx);
const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type);
const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe,
const char *str, int len);
int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
int EVP_PKEY_asn1_add_alias(int to, int from);
int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *pkey_base_id, int *ppkey_flags,
const char **pinfo, const char **ppem_str,
const EVP_PKEY_ASN1_METHOD *ameth);
const EVP_PKEY_ASN1_METHOD* EVP_PKEY_get0_asn1(EVP_PKEY *pkey);
EVP_PKEY_ASN1_METHOD* EVP_PKEY_asn1_new(int id, int flags,
const char *pem_str, const char *info);
void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
const EVP_PKEY_ASN1_METHOD *src);
void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
int (*pub_decode)(EVP_PKEY *pk, X509_PUBKEY *pub),
int (*pub_encode)(X509_PUBKEY *pub, const EVP_PKEY *pk),
int (*pub_cmp)(const EVP_PKEY *a, const EVP_PKEY *b),
int (*pub_print)(BIO *out, const EVP_PKEY *pkey, int indent,
ASN1_PCTX *pctx),
int (*pkey_size)(const EVP_PKEY *pk),
int (*pkey_bits)(const EVP_PKEY *pk));
void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
int (*priv_decode)(EVP_PKEY *pk, PKCS8_PRIV_KEY_INFO *p8inf),
int (*priv_encode)(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk),
int (*priv_print)(BIO *out, const EVP_PKEY *pkey, int indent,
ASN1_PCTX *pctx));
void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
int (*param_decode)(EVP_PKEY *pkey,
const unsigned char **pder, int derlen),
int (*param_encode)(const EVP_PKEY *pkey, unsigned char **pder),
int (*param_missing)(const EVP_PKEY *pk),
int (*param_copy)(EVP_PKEY *to, const EVP_PKEY *from),
int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b),
int (*param_print)(BIO *out, const EVP_PKEY *pkey, int indent,
ASN1_PCTX *pctx));
void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
void (*pkey_free)(EVP_PKEY *pkey));
void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
int (*pkey_ctrl)(EVP_PKEY *pkey, int op,
long arg1, void *arg2));
#define EVP_PKEY_OP_UNDEFINED 0
#define EVP_PKEY_OP_PARAMGEN (1<<1)
#define EVP_PKEY_OP_KEYGEN (1<<2)
#define EVP_PKEY_OP_SIGN (1<<3)
#define EVP_PKEY_OP_VERIFY (1<<4)
#define EVP_PKEY_OP_VERIFYRECOVER (1<<5)
#define EVP_PKEY_OP_SIGNCTX (1<<6)
#define EVP_PKEY_OP_VERIFYCTX (1<<7)
#define EVP_PKEY_OP_ENCRYPT (1<<8)
#define EVP_PKEY_OP_DECRYPT (1<<9)
#define EVP_PKEY_OP_DERIVE (1<<10)
#define EVP_PKEY_OP_TYPE_SIG \
(EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY | EVP_PKEY_OP_VERIFYRECOVER \
| EVP_PKEY_OP_SIGNCTX | EVP_PKEY_OP_VERIFYCTX)
#define EVP_PKEY_OP_TYPE_CRYPT \
(EVP_PKEY_OP_ENCRYPT | EVP_PKEY_OP_DECRYPT)
#define EVP_PKEY_OP_TYPE_NOGEN \
(EVP_PKEY_OP_SIG | EVP_PKEY_OP_CRYPT | EVP_PKEY_OP_DERIVE)
#define EVP_PKEY_OP_TYPE_GEN \
(EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN)
#define EVP_PKEY_CTX_set_signature_md(ctx, md) \
EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG, \
EVP_PKEY_CTRL_MD, 0, (void *)md)
#define EVP_PKEY_CTRL_MD 1
#define EVP_PKEY_CTRL_PEER_KEY 2
#define EVP_PKEY_CTRL_PKCS7_ENCRYPT 3
#define EVP_PKEY_CTRL_PKCS7_DECRYPT 4
#define EVP_PKEY_CTRL_PKCS7_SIGN 5
#define EVP_PKEY_CTRL_SET_MAC_KEY 6
#define EVP_PKEY_CTRL_DIGESTINIT 7
/* Used by GOST key encryption in TLS */
#define EVP_PKEY_CTRL_SET_IV 8
#define EVP_PKEY_CTRL_CMS_ENCRYPT 9
#define EVP_PKEY_CTRL_CMS_DECRYPT 10
#define EVP_PKEY_CTRL_CMS_SIGN 11
#define EVP_PKEY_ALG_CTRL 0x1000
#define EVP_PKEY_FLAG_AUTOARGLEN 2
const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
EVP_PKEY_METHOD* EVP_PKEY_meth_new(int id, int flags);
void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *ctx);
void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);
int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
int cmd, int p1, void *p2);
int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
const char *value);
int EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx);
void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen);
EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e,
unsigned char *key, int keylen);
void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data);
void *EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx);
EVP_PKEY *EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx);
EVP_PKEY *EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx);
void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data);
void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx);
int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx);
int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
unsigned char *sig, size_t *siglen,
const unsigned char *tbs, size_t tbslen);
int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx);
int EVP_PKEY_verify(EVP_PKEY_CTX *ctx,
const unsigned char *sig, size_t siglen,
const unsigned char *tbs, size_t tbslen);
int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx);
int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx,
unsigned char *rout, size_t *routlen,
const unsigned char *sig, size_t siglen);
int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx);
int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen);
int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx);
int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen);
int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx);
int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer);
int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx);
int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx);
int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx);
int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb);
EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx);
void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
int (*init)(EVP_PKEY_CTX *ctx));
void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src));
void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
void (*cleanup)(EVP_PKEY_CTX *ctx));
void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
int (*paramgen_init)(EVP_PKEY_CTX *ctx),
int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey));
void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
int (*keygen_init)(EVP_PKEY_CTX *ctx),
int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey));
void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
int (*sign_init)(EVP_PKEY_CTX *ctx),
int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
const unsigned char *tbs, size_t tbslen));
void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
int (*verify_init)(EVP_PKEY_CTX *ctx),
int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
const unsigned char *tbs, size_t tbslen));
void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
int (*verify_recover_init)(EVP_PKEY_CTX *ctx),
int (*verify_recover)(EVP_PKEY_CTX *ctx,
unsigned char *sig, size_t *siglen,
const unsigned char *tbs, size_t tbslen));
void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
EVP_MD_CTX *mctx));
void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig,int siglen,
EVP_MD_CTX *mctx));
void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
int (*encrypt_init)(EVP_PKEY_CTX *ctx),
int (*encryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen));
void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
int (*decrypt_init)(EVP_PKEY_CTX *ctx),
int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen));
void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
int (*derive_init)(EVP_PKEY_CTX *ctx),
int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen));
void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2),
int (*ctrl_str)(EVP_PKEY_CTX *ctx,
const char *type, const char *value));
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
@ -956,46 +1191,66 @@ void ERR_load_EVP_strings(void);
/* Function codes. */
#define EVP_F_AES_INIT_KEY 133
#define EVP_F_ALG_MODULE_INIT 138
#define EVP_F_CAMELLIA_INIT_KEY 159
#define EVP_F_D2I_PKEY 100
#define EVP_F_DO_EVP_ENC_ENGINE 140
#define EVP_F_DO_EVP_ENC_ENGINE_FULL 141
#define EVP_F_DO_EVP_MD_ENGINE 139
#define EVP_F_DO_EVP_MD_ENGINE_FULL 142
#define EVP_F_DO_SIGVER_INIT 161
#define EVP_F_DSAPKEY2PKCS8 134
#define EVP_F_DSA_PKEY2PKCS8 135
#define EVP_F_ECDSA_PKEY2PKCS8 129
#define EVP_F_ECKEY_PKEY2PKCS8 132
#define EVP_F_EVP_CIPHERINIT 137
#define EVP_F_EVP_CIPHERINIT_EX 123
#define EVP_F_EVP_CIPHER_CTX_COPY 163
#define EVP_F_EVP_CIPHER_CTX_CTRL 124
#define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122
#define EVP_F_EVP_DECRYPTFINAL_EX 101
#define EVP_F_EVP_DIGESTINIT 136
#define EVP_F_EVP_DIGESTINIT_EX 128
#define EVP_F_EVP_ENCRYPTFINAL_EX 127
#define EVP_F_EVP_MD_CTX_COPY_EX 110
#define EVP_F_EVP_MD_SIZE 162
#define EVP_F_EVP_OPENINIT 102
#define EVP_F_EVP_PBE_ALG_ADD 115
#define EVP_F_EVP_PBE_ALG_ADD_TYPE 160
#define EVP_F_EVP_PBE_CIPHERINIT 116
#define EVP_F_EVP_PKCS82PKEY 111
#define EVP_F_EVP_PKCS82PKEY_BROKEN 136
#define EVP_F_EVP_PKEY2PKCS8_BROKEN 113
#define EVP_F_EVP_PKEY_COPY_PARAMETERS 103
#define EVP_F_EVP_PKEY_CTX_CTRL 137
#define EVP_F_EVP_PKEY_CTX_CTRL_STR 150
#define EVP_F_EVP_PKEY_CTX_DUP 156
#define EVP_F_EVP_PKEY_DECRYPT 104
#define EVP_F_EVP_PKEY_DECRYPT_INIT 138
#define EVP_F_EVP_PKEY_DECRYPT_OLD 151
#define EVP_F_EVP_PKEY_DERIVE 153
#define EVP_F_EVP_PKEY_DERIVE_INIT 154
#define EVP_F_EVP_PKEY_DERIVE_SET_PEER 155
#define EVP_F_EVP_PKEY_ENCRYPT 105
#define EVP_F_EVP_PKEY_ENCRYPT_INIT 139
#define EVP_F_EVP_PKEY_ENCRYPT_OLD 152
#define EVP_F_EVP_PKEY_GET1_DH 119
#define EVP_F_EVP_PKEY_GET1_DSA 120
#define EVP_F_EVP_PKEY_GET1_ECDSA 130
#define EVP_F_EVP_PKEY_GET1_EC_KEY 131
#define EVP_F_EVP_PKEY_GET1_RSA 121
#define EVP_F_EVP_PKEY_KEYGEN 146
#define EVP_F_EVP_PKEY_KEYGEN_INIT 147
#define EVP_F_EVP_PKEY_NEW 106
#define EVP_F_EVP_PKEY_PARAMGEN 148
#define EVP_F_EVP_PKEY_PARAMGEN_INIT 149
#define EVP_F_EVP_PKEY_SIGN 140
#define EVP_F_EVP_PKEY_SIGN_INIT 141
#define EVP_F_EVP_PKEY_VERIFY 142
#define EVP_F_EVP_PKEY_VERIFY_INIT 143
#define EVP_F_EVP_PKEY_VERIFY_RECOVER 144
#define EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT 145
#define EVP_F_EVP_RIJNDAEL 126
#define EVP_F_EVP_SIGNFINAL 107
#define EVP_F_EVP_VERIFYFINAL 108
#define EVP_F_INT_CTX_NEW 157
#define EVP_F_PKCS5_PBE_KEYIVGEN 117
#define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118
#define EVP_F_PKCS8_SET_BROKEN 112
#define EVP_F_PKEY_SET_TYPE 158
#define EVP_F_RC2_MAGIC_TO_METH 109
#define EVP_F_RC5_CTRL 125
@ -1007,41 +1262,52 @@ void ERR_load_EVP_strings(void);
#define EVP_R_BAD_KEY_LENGTH 137
#define EVP_R_BN_DECODE_ERROR 112
#define EVP_R_BN_PUBKEY_ERROR 113
#define EVP_R_BUFFER_TOO_SMALL 155
#define EVP_R_CAMELLIA_KEY_SETUP_FAILED 157
#define EVP_R_CIPHER_PARAMETER_ERROR 122
#define EVP_R_COMMAND_NOT_SUPPORTED 147
#define EVP_R_CTRL_NOT_IMPLEMENTED 132
#define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED 133
#define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH 138
#define EVP_R_DECODE_ERROR 114
#define EVP_R_DIFFERENT_KEY_TYPES 101
#define EVP_R_DISABLED_FOR_FIPS 144
#define EVP_R_DIFFERENT_PARAMETERS 153
#define EVP_R_ENCODE_ERROR 115
#define EVP_R_ERROR_LOADING_SECTION 145
#define EVP_R_ERROR_SETTING_FIPS_MODE 146
#define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119
#define EVP_R_EXPECTING_AN_RSA_KEY 127
#define EVP_R_EXPECTING_A_DH_KEY 128
#define EVP_R_EXPECTING_A_DSA_KEY 129
#define EVP_R_EXPECTING_A_ECDSA_KEY 141
#define EVP_R_EXPECTING_A_EC_KEY 142
#define EVP_R_FIPS_MODE_NOT_SUPPORTED 147
#define EVP_R_INITIALIZATION_ERROR 134
#define EVP_R_INPUT_NOT_INITIALIZED 111
#define EVP_R_INVALID_FIPS_MODE 148
#define EVP_R_INVALID_DIGEST 152
#define EVP_R_INVALID_KEY_LENGTH 130
#define EVP_R_INVALID_OPERATION 148
#define EVP_R_IV_TOO_LARGE 102
#define EVP_R_KEYGEN_FAILURE 120
#define EVP_R_MESSAGE_DIGEST_IS_NULL 159
#define EVP_R_METHOD_NOT_SUPPORTED 144
#define EVP_R_MISSING_PARAMETERS 103
#define EVP_R_NO_CIPHER_SET 131
#define EVP_R_NO_DEFAULT_DIGEST 158
#define EVP_R_NO_DIGEST_SET 139
#define EVP_R_NO_DSA_PARAMETERS 116
#define EVP_R_NO_KEY_SET 154
#define EVP_R_NO_OPERATION_SET 149
#define EVP_R_NO_SIGN_FUNCTION_CONFIGURED 104
#define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105
#define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 150
#define EVP_R_OPERATON_NOT_INITIALIZED 151
#define EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE 117
#define EVP_R_PRIVATE_KEY_DECODE_ERROR 145
#define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146
#define EVP_R_PUBLIC_KEY_NOT_RSA 106
#define EVP_R_UNKNOWN_OPTION 149
#define EVP_R_UNKNOWN_CIPHER 160
#define EVP_R_UNKNOWN_DIGEST 161
#define EVP_R_UNKNOWN_PBE_ALGORITHM 121
#define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS 135
#define EVP_R_UNSUPPORTED_ALGORITHM 156
#define EVP_R_UNSUPPORTED_CIPHER 107
#define EVP_R_UNSUPPORTED_KEYLENGTH 123
#define EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION 124
@ -1051,7 +1317,6 @@ void ERR_load_EVP_strings(void);
#define EVP_R_UNSUPPORTED_SALT_TYPE 126
#define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109
#define EVP_R_WRONG_PUBLIC_KEY_TYPE 110
#define EVP_R_SEED_KEY_SETUP_FAILED 162
#ifdef __cplusplus
}

163
include/openssl/fips.h
View File

@ -1,163 +0,0 @@
/* ====================================================================
* Copyright (c) 2003 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#include <openssl/opensslconf.h>
#ifndef OPENSSL_FIPS
#error FIPS is disabled.
#endif
#ifdef OPENSSL_FIPS
#ifdef __cplusplus
extern "C" {
#endif
struct dsa_st;
struct evp_pkey_st;
struct env_md_st;
struct evp_cipher_st;
struct evp_cipher_ctx_st;
int FIPS_mode_set(int onoff);
int FIPS_mode(void);
const void *FIPS_rand_check(void);
int FIPS_selftest_failed(void);
void FIPS_selftest_check(void);
void FIPS_corrupt_sha1(void);
int FIPS_selftest_sha1(void);
void FIPS_corrupt_aes(void);
int FIPS_selftest_aes(void);
void FIPS_corrupt_des(void);
int FIPS_selftest_des(void);
void FIPS_corrupt_rsa(void);
void FIPS_corrupt_rsa_keygen(void);
int FIPS_selftest_rsa(void);
void FIPS_corrupt_dsa(void);
void FIPS_corrupt_dsa_keygen(void);
int FIPS_selftest_dsa(void);
void FIPS_corrupt_rng(void);
void FIPS_rng_stick(void);
int FIPS_selftest_rng(void);
int FIPS_selftest_hmac(void);
int fips_pkey_signature_test(struct evp_pkey_st *pkey,
const unsigned char *tbs, int tbslen,
const unsigned char *kat, unsigned int katlen,
const struct env_md_st *digest, unsigned int md_flags,
const char *fail_str);
int fips_cipher_test(struct evp_cipher_ctx_st *ctx,
const struct evp_cipher_st *cipher,
const unsigned char *key,
const unsigned char *iv,
const unsigned char *plaintext,
const unsigned char *ciphertext,
int len);
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_FIPS_strings(void);
/* Error codes for the FIPS functions. */
/* Function codes. */
#define FIPS_F_DH_BUILTIN_GENPARAMS 100
#define FIPS_F_DSA_BUILTIN_PARAMGEN 101
#define FIPS_F_DSA_DO_SIGN 102
#define FIPS_F_DSA_DO_VERIFY 103
#define FIPS_F_EVP_CIPHERINIT_EX 124
#define FIPS_F_EVP_DIGESTINIT_EX 125
#define FIPS_F_FIPS_CHECK_DSA 104
#define FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT 105
#define FIPS_F_FIPS_CHECK_RSA 106
#define FIPS_F_FIPS_DSA_CHECK 107
#define FIPS_F_FIPS_MODE_SET 108
#define FIPS_F_FIPS_PKEY_SIGNATURE_TEST 109
#define FIPS_F_FIPS_SELFTEST_AES 110
#define FIPS_F_FIPS_SELFTEST_DES 111
#define FIPS_F_FIPS_SELFTEST_DSA 112
#define FIPS_F_FIPS_SELFTEST_HMAC 113
#define FIPS_F_FIPS_SELFTEST_RNG 114
#define FIPS_F_FIPS_SELFTEST_SHA1 115
#define FIPS_F_HASH_FINAL 123
#define FIPS_F_RSA_BUILTIN_KEYGEN 116
#define FIPS_F_RSA_EAY_PRIVATE_DECRYPT 117
#define FIPS_F_RSA_EAY_PRIVATE_ENCRYPT 118
#define FIPS_F_RSA_EAY_PUBLIC_DECRYPT 119
#define FIPS_F_RSA_EAY_PUBLIC_ENCRYPT 120
#define FIPS_F_RSA_X931_GENERATE_KEY_EX 121
#define FIPS_F_SSLEAY_RAND_BYTES 122
/* Reason codes. */
#define FIPS_R_CANNOT_READ_EXE 103
#define FIPS_R_CANNOT_READ_EXE_DIGEST 104
#define FIPS_R_CONTRADICTING_EVIDENCE 114
#define FIPS_R_EXE_DIGEST_DOES_NOT_MATCH 105
#define FIPS_R_FINGERPRINT_DOES_NOT_MATCH 110
#define FIPS_R_FINGERPRINT_DOES_NOT_MATCH_NONPIC_RELOCATED 111
#define FIPS_R_FINGERPRINT_DOES_NOT_MATCH_SEGMENT_ALIASING 112
#define FIPS_R_FIPS_MODE_ALREADY_SET 102
#define FIPS_R_FIPS_SELFTEST_FAILED 106
#define FIPS_R_INVALID_KEY_LENGTH 109
#define FIPS_R_KEY_TOO_SHORT 108
#define FIPS_R_NON_FIPS_METHOD 100
#define FIPS_R_PAIRWISE_TEST_FAILED 107
#define FIPS_R_RSA_DECRYPT_ERROR 115
#define FIPS_R_RSA_ENCRYPT_ERROR 116
#define FIPS_R_SELFTEST_FAILED 101
#define FIPS_R_TEST_FAILURE 117
#define FIPS_R_UNSUPPORTED_PLATFORM 113
#ifdef __cplusplus
}
#endif
#endif

77
include/openssl/fips_rand.h
View File

@ -1,77 +0,0 @@
/* ====================================================================
* Copyright (c) 2003 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef HEADER_FIPS_RAND_H
#define HEADER_FIPS_RAND_H
#include "des.h"
#ifdef OPENSSL_FIPS
#ifdef __cplusplus
extern "C" {
#endif
int FIPS_rand_set_key(const unsigned char *key, FIPS_RAND_SIZE_T keylen);
int FIPS_rand_seed(const void *buf, FIPS_RAND_SIZE_T num);
int FIPS_rand_bytes(unsigned char *out, FIPS_RAND_SIZE_T outlen);
int FIPS_rand_test_mode(void);
void FIPS_rand_reset(void);
int FIPS_rand_set_dt(unsigned char *dt);
int FIPS_rand_status(void);
const RAND_METHOD *FIPS_rand_method(void);
#ifdef __cplusplus
}
#endif
#endif
#endif

9
include/openssl/hmac.h
View File

@ -90,15 +90,16 @@ void HMAC_CTX_cleanup(HMAC_CTX *ctx);
#define HMAC_cleanup(ctx) HMAC_CTX_cleanup(ctx) /* deprecated */
void HMAC_Init(HMAC_CTX *ctx, const void *key, int len,
int HMAC_Init(HMAC_CTX *ctx, const void *key, int len,
const EVP_MD *md); /* deprecated */
void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
const EVP_MD *md, ENGINE *impl);
void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len);
void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len);
int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
const unsigned char *d, size_t n, unsigned char *md,
unsigned int *md_len);
int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);
void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags);

5
include/openssl/idea.h
View File

@ -83,11 +83,8 @@ typedef struct idea_key_st
const char *idea_options(void);
void idea_ecb_encrypt(const unsigned char *in, unsigned char *out,
IDEA_KEY_SCHEDULE *ks);
#ifdef OPENSSL_FIPS
void private_idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks);
#endif
void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks);
void idea_set_decrypt_key(const IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk);
void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk);
void idea_cbc_encrypt(const unsigned char *in, unsigned char *out,
long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,int enc);
void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out,

131
include/openssl/lhash.h
View File

@ -98,42 +98,42 @@ typedef void (*LHASH_DOALL_ARG_FN_TYPE)(void *, void *);
* macros if the functions are strictly internal. */
/* First: "hash" functions */
#define DECLARE_LHASH_HASH_FN(f_name,o_type) \
unsigned long f_name##_LHASH_HASH(const void *);
#define IMPLEMENT_LHASH_HASH_FN(f_name,o_type) \
unsigned long f_name##_LHASH_HASH(const void *arg) { \
o_type a = (o_type)arg; \
return f_name(a); }
#define LHASH_HASH_FN(f_name) f_name##_LHASH_HASH
#define DECLARE_LHASH_HASH_FN(name, o_type) \
unsigned long name##_LHASH_HASH(const void *);
#define IMPLEMENT_LHASH_HASH_FN(name, o_type) \
unsigned long name##_LHASH_HASH(const void *arg) { \
const o_type *a = arg; \
return name##_hash(a); }
#define LHASH_HASH_FN(name) name##_LHASH_HASH
/* Second: "compare" functions */
#define DECLARE_LHASH_COMP_FN(f_name,o_type) \
int f_name##_LHASH_COMP(const void *, const void *);
#define IMPLEMENT_LHASH_COMP_FN(f_name,o_type) \
int f_name##_LHASH_COMP(const void *arg1, const void *arg2) { \
o_type a = (o_type)arg1; \
o_type b = (o_type)arg2; \
return f_name(a,b); }
#define LHASH_COMP_FN(f_name) f_name##_LHASH_COMP
#define DECLARE_LHASH_COMP_FN(name, o_type) \
int name##_LHASH_COMP(const void *, const void *);
#define IMPLEMENT_LHASH_COMP_FN(name, o_type) \
int name##_LHASH_COMP(const void *arg1, const void *arg2) { \
const o_type *a = arg1; \
const o_type *b = arg2; \
return name##_cmp(a,b); }
#define LHASH_COMP_FN(name) name##_LHASH_COMP
/* Third: "doall" functions */
#define DECLARE_LHASH_DOALL_FN(f_name,o_type) \
void f_name##_LHASH_DOALL(void *);
#define IMPLEMENT_LHASH_DOALL_FN(f_name,o_type) \
void f_name##_LHASH_DOALL(void *arg) { \
o_type a = (o_type)arg; \
f_name(a); }
#define LHASH_DOALL_FN(f_name) f_name##_LHASH_DOALL
#define DECLARE_LHASH_DOALL_FN(name, o_type) \
void name##_LHASH_DOALL(void *);
#define IMPLEMENT_LHASH_DOALL_FN(name, o_type) \
void name##_LHASH_DOALL(void *arg) { \
o_type *a = arg; \
name##_doall(a); }
#define LHASH_DOALL_FN(name) name##_LHASH_DOALL
/* Fourth: "doall_arg" functions */
#define DECLARE_LHASH_DOALL_ARG_FN(f_name,o_type,a_type) \
void f_name##_LHASH_DOALL_ARG(void *, void *);
#define IMPLEMENT_LHASH_DOALL_ARG_FN(f_name,o_type,a_type) \
void f_name##_LHASH_DOALL_ARG(void *arg1, void *arg2) { \
o_type a = (o_type)arg1; \
a_type b = (a_type)arg2; \
f_name(a,b); }
#define LHASH_DOALL_ARG_FN(f_name) f_name##_LHASH_DOALL_ARG
#define DECLARE_LHASH_DOALL_ARG_FN(name, o_type, a_type) \
void name##_LHASH_DOALL_ARG(void *, void *);
#define IMPLEMENT_LHASH_DOALL_ARG_FN(name, o_type, a_type) \
void name##_LHASH_DOALL_ARG(void *arg1, void *arg2) { \
o_type *a = arg1; \
a_type *b = arg2; \
name##_doall_arg(a, b); }
#define LHASH_DOALL_ARG_FN(name) name##_LHASH_DOALL_ARG
typedef struct lhash_st
{
@ -163,7 +163,8 @@ typedef struct lhash_st
unsigned long num_hash_comps;
int error;
} LHASH;
} _LHASH; /* Do not use _LHASH directly, use LHASH_OF
* and friends */
#define LH_LOAD_MULT 256
@ -171,27 +172,67 @@ typedef struct lhash_st
* in lh_insert(). */
#define lh_error(lh) ((lh)->error)
LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c);
void lh_free(LHASH *lh);
void *lh_insert(LHASH *lh, void *data);
void *lh_delete(LHASH *lh, const void *data);
void *lh_retrieve(LHASH *lh, const void *data);
void lh_doall(LHASH *lh, LHASH_DOALL_FN_TYPE func);
void lh_doall_arg(LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg);
_LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c);
void lh_free(_LHASH *lh);
void *lh_insert(_LHASH *lh, void *data);
void *lh_delete(_LHASH *lh, const void *data);
void *lh_retrieve(_LHASH *lh, const void *data);
void lh_doall(_LHASH *lh, LHASH_DOALL_FN_TYPE func);
void lh_doall_arg(_LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg);
unsigned long lh_strhash(const char *c);
unsigned long lh_num_items(const LHASH *lh);
unsigned long lh_num_items(const _LHASH *lh);
#ifndef OPENSSL_NO_FP_API
void lh_stats(const LHASH *lh, FILE *out);
void lh_node_stats(const LHASH *lh, FILE *out);
void lh_node_usage_stats(const LHASH *lh, FILE *out);
void lh_stats(const _LHASH *lh, FILE *out);
void lh_node_stats(const _LHASH *lh, FILE *out);
void lh_node_usage_stats(const _LHASH *lh, FILE *out);
#endif
#ifndef OPENSSL_NO_BIO
void lh_stats_bio(const LHASH *lh, BIO *out);
void lh_node_stats_bio(const LHASH *lh, BIO *out);
void lh_node_usage_stats_bio(const LHASH *lh, BIO *out);
void lh_stats_bio(const _LHASH *lh, BIO *out);
void lh_node_stats_bio(const _LHASH *lh, BIO *out);
void lh_node_usage_stats_bio(const _LHASH *lh, BIO *out);
#endif
/* Type checking... */
#define LHASH_OF(type) struct lhash_st_##type
#define DECLARE_LHASH_OF(type) LHASH_OF(type) { int dummy; }
#define CHECKED_LHASH_OF(type,lh) \
((_LHASH *)CHECKED_PTR_OF(LHASH_OF(type),lh))
/* Define wrapper functions. */
#define LHM_lh_new(type, name) \
((LHASH_OF(type) *)lh_new(LHASH_HASH_FN(name), LHASH_COMP_FN(name)))
#define LHM_lh_error(type, lh) \
lh_error(CHECKED_LHASH_OF(type,lh))
#define LHM_lh_insert(type, lh, inst) \
((type *)lh_insert(CHECKED_LHASH_OF(type, lh), \
CHECKED_PTR_OF(type, inst)))
#define LHM_lh_retrieve(type, lh, inst) \
((type *)lh_retrieve(CHECKED_LHASH_OF(type, lh), \
CHECKED_PTR_OF(type, inst)))
#define LHM_lh_delete(type, lh, inst) \
((type *)lh_delete(CHECKED_LHASH_OF(type, lh), \
CHECKED_PTR_OF(type, inst)))
#define LHM_lh_doall(type, lh,fn) lh_doall(CHECKED_LHASH_OF(type, lh), fn)
#define LHM_lh_doall_arg(type, lh, fn, arg_type, arg) \
lh_doall_arg(CHECKED_LHASH_OF(type, lh), fn, CHECKED_PTR_OF(arg_type, arg))
#define LHM_lh_num_items(type, lh) lh_num_items(CHECKED_LHASH_OF(type, lh))
#define LHM_lh_down_load(type, lh) (CHECKED_LHASH_OF(type, lh)->down_load)
#define LHM_lh_node_stats_bio(type, lh, out) \
lh_node_stats_bio(CHECKED_LHASH_OF(type, lh), out)
#define LHM_lh_node_usage_stats_bio(type, lh, out) \
lh_node_usage_stats_bio(CHECKED_LHASH_OF(type, lh), out)
#define LHM_lh_stats_bio(type, lh, out) \
lh_stats_bio(CHECKED_LHASH_OF(type, lh), out)
#define LHM_lh_free(type, lh) lh_free(CHECKED_LHASH_OF(type, lh))
DECLARE_LHASH_OF(OPENSSL_STRING);
DECLARE_LHASH_OF(OPENSSL_CSTRING);
#ifdef __cplusplus
}
#endif

5
include/openssl/md4.h
View File

@ -77,7 +77,7 @@ extern "C" {
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
*/
#if defined(OPENSSL_SYS_WIN16) || defined(__LP32__)
#if defined(__LP32__)
#define MD4_LONG unsigned long
#elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
#define MD4_LONG unsigned long
@ -105,9 +105,6 @@ typedef struct MD4state_st
unsigned int num;
} MD4_CTX;
#ifdef OPENSSL_FIPS
int private_MD4_Init(MD4_CTX *c);
#endif
int MD4_Init(MD4_CTX *c);
int MD4_Update(MD4_CTX *c, const void *data, size_t len);
int MD4_Final(unsigned char *md, MD4_CTX *c);

5
include/openssl/md5.h
View File

@ -77,7 +77,7 @@ extern "C" {
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
*/
#if defined(OPENSSL_SYS_WIN16) || defined(__LP32__)
#if defined(__LP32__)
#define MD5_LONG unsigned long
#elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
#define MD5_LONG unsigned long
@ -105,9 +105,6 @@ typedef struct MD5state_st
unsigned int num;
} MD5_CTX;
#ifdef OPENSSL_FIPS
int private_MD5_Init(MD5_CTX *c);
#endif
int MD5_Init(MD5_CTX *c);
int MD5_Update(MD5_CTX *c, const void *data, size_t len);
int MD5_Final(unsigned char *md, MD5_CTX *c);

50
include/openssl/md2.h → include/openssl/mdc2.h
View File

@ -1,5 +1,5 @@
/* crypto/md/md2.h */
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
/* crypto/mdc2/mdc2.h */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
@ -56,40 +56,40 @@
* [including the GNU Public Licence.]
*/
#ifndef HEADER_MD2_H
#define HEADER_MD2_H
#ifndef HEADER_MDC2_H
#define HEADER_MDC2_H
#include <openssl/opensslconf.h> /* OPENSSL_NO_MD2, MD2_INT */
#ifdef OPENSSL_NO_MD2
#error MD2 is disabled.
#endif
#include <stddef.h>
#define MD2_DIGEST_LENGTH 16
#define MD2_BLOCK 16
#include <openssl/des.h>
#ifdef __cplusplus
extern "C" {
#endif
typedef struct MD2state_st
#ifdef OPENSSL_NO_MDC2
#error MDC2 is disabled.
#endif
#define MDC2_BLOCK 8
#define MDC2_DIGEST_LENGTH 16
typedef struct mdc2_ctx_st
{
unsigned int num;
unsigned char data[MD2_BLOCK];
MD2_INT cksm[MD2_BLOCK];
MD2_INT state[MD2_BLOCK];
} MD2_CTX;
unsigned char data[MDC2_BLOCK];
DES_cblock h,hh;
int pad_type; /* either 1 or 2, default 1 */
} MDC2_CTX;
int MDC2_Init(MDC2_CTX *c);
int MDC2_Update(MDC2_CTX *c, const unsigned char *data, size_t len);
int MDC2_Final(unsigned char *md, MDC2_CTX *c);
unsigned char *MDC2(const unsigned char *d, size_t n,
unsigned char *md);
const char *MD2_options(void);
#ifdef OPENSSL_FIPS
int private_MD2_Init(MD2_CTX *c);
#endif
int MD2_Init(MD2_CTX *c);
int MD2_Update(MD2_CTX *c, const unsigned char *data, size_t len);
int MD2_Final(unsigned char *md, MD2_CTX *c);
unsigned char *MD2(const unsigned char *d, size_t n,unsigned char *md);
#ifdef __cplusplus
}
#endif
#endif

59
include/openssl/modes.h Normal file
View File

@ -0,0 +1,59 @@
/* ====================================================================
* Copyright (c) 2008 The OpenSSL Project. All rights reserved.
*
* Rights for redistribution and usage in source and binary
* forms are granted according to the OpenSSL license.
*/
#include <stddef.h>
typedef void (*block128_f)(const unsigned char in[16],
unsigned char out[16],
const void *key);
typedef void (*cbc128_f)(const unsigned char *in, unsigned char *out,
size_t len, const void *key,
unsigned char ivec[16], int enc);
void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const void *key,
unsigned char ivec[16], block128_f block);
void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
size_t len, const void *key,
unsigned char ivec[16], block128_f block);
void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const void *key,
unsigned char ivec[16], unsigned char ecount_buf[16],
unsigned int *num, block128_f block);
void CRYPTO_ofb128_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const void *key,
unsigned char ivec[16], int *num,
block128_f block);
void CRYPTO_cfb128_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const void *key,
unsigned char ivec[16], int *num,
int enc, block128_f block);
void CRYPTO_cfb128_8_encrypt(const unsigned char *in, unsigned char *out,
size_t length, const void *key,
unsigned char ivec[16], int *num,
int enc, block128_f block);
void CRYPTO_cfb128_1_encrypt(const unsigned char *in, unsigned char *out,
size_t bits, const void *key,
unsigned char ivec[16], int *num,
int enc, block128_f block);
size_t CRYPTO_cts128_encrypt_block(const unsigned char *in, unsigned char *out,
size_t len, const void *key,
unsigned char ivec[16], block128_f block);
size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const void *key,
unsigned char ivec[16], cbc128_f cbc);
size_t CRYPTO_cts128_decrypt_block(const unsigned char *in, unsigned char *out,
size_t len, const void *key,
unsigned char ivec[16], block128_f block);
size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
size_t len, const void *key,
unsigned char ivec[16], cbc128_f cbc);

2
include/openssl/obj_mac.h
View File

@ -122,7 +122,7 @@
#define SN_wap_wsg "wap-wsg"
#define NID_wap_wsg 679
#define OBJ_wap_wsg OBJ_wap,13L
#define OBJ_wap_wsg OBJ_wap,1L
#define SN_selected_attribute_types "selected-attribute-types"
#define LN_selected_attribute_types "Selected Attribute Types"

97
include/openssl/objects.h
View File

@ -1011,10 +1011,91 @@ int OBJ_txt2nid(const char *s);
int OBJ_ln2nid(const char *s);
int OBJ_sn2nid(const char *s);
int OBJ_cmp(const ASN1_OBJECT *a,const ASN1_OBJECT *b);
const char * OBJ_bsearch(const char *key,const char *base,int num,int size,
int (*cmp)(const void *, const void *));
const char * OBJ_bsearch_ex(const char *key,const char *base,int num,
int size, int (*cmp)(const void *, const void *), int flags);
const void * OBJ_bsearch_(const void *key,const void *base,int num,int size,
int (*cmp)(const void *, const void *));
const void * OBJ_bsearch_ex_(const void *key,const void *base,int num,
int size,
int (*cmp)(const void *, const void *),
int flags);
#define _DECLARE_OBJ_BSEARCH_CMP_FN(scope, type1, type2, nm) \
static int nm##_cmp_BSEARCH_CMP_FN(const void *, const void *); \
static int nm##_cmp(type1 const *, type2 const *); \
scope type2 * OBJ_bsearch_##nm(type1 *key, type2 const *base, int num)
#define DECLARE_OBJ_BSEARCH_CMP_FN(type1, type2, cmp) \
_DECLARE_OBJ_BSEARCH_CMP_FN(static, type1, type2, cmp)
#define DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN(type1, type2, nm) \
type2 * OBJ_bsearch_##nm(type1 *key, type2 const *base, int num)
/*
* Unsolved problem: if a type is actually a pointer type, like
* nid_triple is, then its impossible to get a const where you need
* it. Consider:
*
* typedef int nid_triple[3];
* const void *a_;
* const nid_triple const *a = a_;
*
* The assignement discards a const because what you really want is:
*
* const int const * const *a = a_;
*
* But if you do that, you lose the fact that a is an array of 3 ints,
* which breaks comparison functions.
*
* Thus we end up having to cast, sadly, or unpack the
* declarations. Or, as I finally did in this case, delcare nid_triple
* to be a struct, which it should have been in the first place.
*
* Ben, August 2008.
*
* Also, strictly speaking not all types need be const, but handling
* the non-constness means a lot of complication, and in practice
* comparison routines do always not touch their arguments.
*/
#define IMPLEMENT_OBJ_BSEARCH_CMP_FN(type1, type2, nm) \
static int nm##_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_) \
{ \
type1 const *a = a_; \
type2 const *b = b_; \
return nm##_cmp(a,b); \
} \
static type2 *OBJ_bsearch_##nm(type1 *key, type2 const *base, int num) \
{ \
return (type2 *)OBJ_bsearch_(key, base, num, sizeof(type2), \
nm##_cmp_BSEARCH_CMP_FN); \
} \
extern void dummy_prototype(void)
#define IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(type1, type2, nm) \
static int nm##_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_) \
{ \
type1 const *a = a_; \
type2 const *b = b_; \
return nm##_cmp(a,b); \
} \
type2 *OBJ_bsearch_##nm(type1 *key, type2 const *base, int num) \
{ \
return (type2 *)OBJ_bsearch_(key, base, num, sizeof(type2), \
nm##_cmp_BSEARCH_CMP_FN); \
} \
extern void dummy_prototype(void)
#define OBJ_bsearch(type1,key,type2,base,num,cmp) \
((type2 *)OBJ_bsearch_(CHECKED_PTR_OF(type1,key),CHECKED_PTR_OF(type2,base), \
num,sizeof(type2), \
((void)CHECKED_PTR_OF(type1,cmp##_type_1), \
(void)CHECKED_PTR_OF(type2,cmp##_type_2), \
cmp##_BSEARCH_CMP_FN)))
#define OBJ_bsearch_ex(type1,key,type2,base,num,cmp,flags) \
((type2 *)OBJ_bsearch_ex_(CHECKED_PTR_OF(type1,key),CHECKED_PTR_OF(type2,base), \
num,sizeof(type2), \
((void)CHECKED_PTR_OF(type1,cmp##_type_1), \
(void)type_2=CHECKED_PTR_OF(type2,cmp##_type_2), \
cmp##_BSEARCH_CMP_FN)),flags)
int OBJ_new_nid(int num);
int OBJ_add_object(const ASN1_OBJECT *obj);
@ -1022,6 +1103,14 @@ int OBJ_create(const char *oid,const char *sn,const char *ln);
void OBJ_cleanup(void );
int OBJ_create_objects(BIO *in);
int OBJ_find_sigid_algs(int signid, int *pdig_nid, int *ppkey_nid);
int OBJ_find_sigid_by_algs(int *psignid, int dig_nid, int pkey_nid);
int OBJ_add_sigid(int signid, int dig_id, int pkey_id);
void OBJ_sigid_free(void);
extern int obj_cleanup_defer;
void check_defer(int nid);
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.

22
include/openssl/ocsp.h
View File

@ -64,6 +64,7 @@
#ifndef HEADER_OCSP_H
#define HEADER_OCSP_H
#include <openssl/ossl_typ.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
#include <openssl/safestack.h>
@ -394,17 +395,20 @@ typedef struct ocsp_service_locator_st
#define ASN1_BIT_STRING_digest(data,type,md,len) \
ASN1_item_digest(ASN1_ITEM_rptr(ASN1_BIT_STRING),type,data,md,len)
#define OCSP_CERTID_dup(cid) ASN1_dup_of(OCSP_CERTID,i2d_OCSP_CERTID,d2i_OCSP_CERTID,cid)
#define OCSP_CERTSTATUS_dup(cs)\
(OCSP_CERTSTATUS*)ASN1_dup((int(*)())i2d_OCSP_CERTSTATUS,\
(char *(*)())d2i_OCSP_CERTSTATUS,(char *)(cs))
OCSP_CERTID *OCSP_CERTID_dup(OCSP_CERTID *id);
OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, char *path, OCSP_REQUEST *req);
OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, char *path, OCSP_REQUEST *req,
int maxline);
int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx);
void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx);
int OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, OCSP_REQUEST *req);
int OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx,
const char *name, const char *value);
OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, X509 *subject, X509 *issuer);
@ -474,11 +478,6 @@ int OCSP_basic_sign(OCSP_BASICRESP *brsp,
X509 *signer, EVP_PKEY *key, const EVP_MD *dgst,
STACK_OF(X509) *certs, unsigned long flags);
ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, i2d_of_void *i2d,
void *data, STACK_OF(ASN1_OBJECT) *sk);
#define ASN1_STRING_encode_of(type,s,i2d,data,sk) \
ASN1_STRING_encode(s, CHECKED_I2D_OF(type, i2d), data, sk)
X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim);
X509_EXTENSION *OCSP_accept_responses_new(char **oids);
@ -547,9 +546,9 @@ DECLARE_ASN1_FUNCTIONS(OCSP_REQINFO)
DECLARE_ASN1_FUNCTIONS(OCSP_CRLID)
DECLARE_ASN1_FUNCTIONS(OCSP_SERVICELOC)
char *OCSP_response_status_str(long s);
char *OCSP_cert_status_str(long s);
char *OCSP_crl_reason_str(long s);
const char *OCSP_response_status_str(long s);
const char *OCSP_cert_status_str(long s);
const char *OCSP_crl_reason_str(long s);
int OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST* a, unsigned long flags);
int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* o, unsigned long flags);
@ -582,7 +581,8 @@ void ERR_load_OCSP_strings(void);
#define OCSP_F_OCSP_REQUEST_VERIFY 116
#define OCSP_F_OCSP_RESPONSE_GET1_BASIC 111
#define OCSP_F_OCSP_SENDREQ_BIO 112
#define OCSP_F_PARSE_HTTP_LINE1 117
#define OCSP_F_OCSP_SENDREQ_NBIO 117
#define OCSP_F_PARSE_HTTP_LINE1 118
#define OCSP_F_REQUEST_VERIFY 113
/* Reason codes. */

73
include/openssl/opensslconf.h
View File

@ -2,21 +2,9 @@
/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
/* OpenSSL was configured with the following options: */
#ifndef OPENSSL_SYSNAME_MACOSX
# define OPENSSL_SYSNAME_MACOSX
#endif
#ifndef OPENSSL_DOING_MAKEDEPEND
#ifndef OPENSSL_NO_CAMELLIA
# define OPENSSL_NO_CAMELLIA
#endif
#ifndef OPENSSL_NO_CAPIENG
# define OPENSSL_NO_CAPIENG
#endif
#ifndef OPENSSL_NO_CMS
# define OPENSSL_NO_CMS
#endif
#ifndef OPENSSL_NO_GMP
# define OPENSSL_NO_GMP
#endif
@ -26,8 +14,8 @@
#ifndef OPENSSL_NO_KRB5
# define OPENSSL_NO_KRB5
#endif
#ifndef OPENSSL_NO_MDC2
# define OPENSSL_NO_MDC2
#ifndef OPENSSL_NO_MD2
# define OPENSSL_NO_MD2
#endif
#ifndef OPENSSL_NO_RC5
# define OPENSSL_NO_RC5
@ -35,8 +23,8 @@
#ifndef OPENSSL_NO_RFC3779
# define OPENSSL_NO_RFC3779
#endif
#ifndef OPENSSL_NO_SEED
# define OPENSSL_NO_SEED
#ifndef OPENSSL_NO_STORE
# define OPENSSL_NO_STORE
#endif
#endif /* OPENSSL_DOING_MAKEDEPEND */
@ -53,15 +41,6 @@
who haven't had the time to do the appropriate changes in their
applications. */
#ifdef OPENSSL_ALGORITHM_DEFINES
# if defined(OPENSSL_NO_CAMELLIA) && !defined(NO_CAMELLIA)
# define NO_CAMELLIA
# endif
# if defined(OPENSSL_NO_CAPIENG) && !defined(NO_CAPIENG)
# define NO_CAPIENG
# endif
# if defined(OPENSSL_NO_CMS) && !defined(NO_CMS)
# define NO_CMS
# endif
# if defined(OPENSSL_NO_GMP) && !defined(NO_GMP)
# define NO_GMP
# endif
@ -71,8 +50,8 @@
# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
# define NO_KRB5
# endif
# if defined(OPENSSL_NO_MDC2) && !defined(NO_MDC2)
# define NO_MDC2
# if defined(OPENSSL_NO_MD2) && !defined(NO_MD2)
# define NO_MD2
# endif
# if defined(OPENSSL_NO_RC5) && !defined(NO_RC5)
# define NO_RC5
@ -80,35 +59,20 @@
# if defined(OPENSSL_NO_RFC3779) && !defined(NO_RFC3779)
# define NO_RFC3779
# endif
# if defined(OPENSSL_NO_SEED) && !defined(NO_SEED)
# define NO_SEED
# if defined(OPENSSL_NO_STORE) && !defined(NO_STORE)
# define NO_STORE
# endif
#endif
/* crypto/opensslconf.h.in */
#ifdef OPENSSL_DOING_MAKEDEPEND
/* Include any symbols here that have to be explicitly set to enable a feature
* that should be visible to makedepend.
*
* [Our "make depend" doesn't actually look at this, we use actual build settings
* instead; we want to make it easy to remove subdirectories with disabled algorithms.]
*/
#ifndef OPENSSL_FIPS
#define OPENSSL_FIPS
#endif
#endif
/* Generate 80386 code? */
#define I386_ONLY
#undef I386_ONLY
#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
#define ENGINESDIR "/Users/x2on/Projects/iphone/openssl-0.9.8m-beta1/openssl_arm/lib/engines"
#define OPENSSLDIR "/Users/x2on/Projects/iphone/openssl-0.9.8m-beta1/openssl_arm"
#define ENGINESDIR "/Users/x2on/Projects/iPhone/libs/openssl-1.0.0a/iPhoneOS-armv7/lib/engines"
#define OPENSSLDIR "/Users/x2on/Projects/iPhone/libs/openssl-1.0.0a/iPhoneOS-armv7"
#endif
#endif
@ -139,14 +103,14 @@
* - Intel P6 because partial register stalls are very expensive;
* - elder Alpha because it lacks byte load/store instructions;
*/
#define RC4_INT unsigned char
#define RC4_INT unsigned int
#endif
#if !defined(RC4_CHUNK)
/*
* This enables code handling data aligned at natural CPU word
* boundary. See crypto/rc4/rc4_enc.c for further details.
*/
#define RC4_CHUNK unsigned long
#undef RC4_CHUNK
#endif
#endif
@ -154,7 +118,7 @@
/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
* %20 speed up (longs are 8 bytes, int's are 4). */
#ifndef DES_LONG
#define DES_LONG unsigned long
#define DES_LONG unsigned int
#endif
#endif
@ -165,26 +129,21 @@
/* Should we define BN_DIV2W here? */
/* Only one for the following should be defined */
/* The prime number generation stuff may not work when
* EIGHT_BIT but I don't care since I've only used this mode
* for debuging the bignum libraries */
#undef SIXTY_FOUR_BIT_LONG
#undef SIXTY_FOUR_BIT
#define THIRTY_TWO_BIT
#undef SIXTEEN_BIT
#undef EIGHT_BIT
#endif
#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
#define CONFIG_HEADER_RC4_LOCL_H
/* if this is defined data[i] is used instead of *data, this is a %20
* speedup on x86 */
#undef RC4_INDEX
#define RC4_INDEX
#endif
#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
#define CONFIG_HEADER_BF_LOCL_H
#define BF_PTR
#undef BF_PTR
#endif /* HEADER_BF_LOCL_H */
#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)

10
include/openssl/opensslv.h
View File

@ -12,7 +12,7 @@
* 0.9.3-beta2 0x00903002 (same as ...beta2-dev)
* 0.9.3 0x0090300f
* 0.9.3a 0x0090301f
* 0.9.4 0x0090400f
* 0.9.4 0x0090400f
* 1.2.3z 0x102031af
*
* For continuity reasons (because 0.9.5 is already out, and is coded
@ -25,11 +25,11 @@
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta)
*/
#define OPENSSL_VERSION_NUMBER 0x009080d1L
#define OPENSSL_VERSION_NUMBER 0x1000001fL
#ifdef OPENSSL_FIPS
#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8m-fips-beta1 20 Jan 2010"
#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0a-fips 1 Jun 2010"
#else
#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8m-beta1 20 Jan 2010"
#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.0a 1 Jun 2010"
#endif
#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
@ -83,7 +83,7 @@
* should only keep the versions that are binary compatible with the current.
*/
#define SHLIB_VERSION_HISTORY ""
#define SHLIB_VERSION_NUMBER "0.9.8"
#define SHLIB_VERSION_NUMBER "1.0.0"
#endif /* HEADER_OPENSSLV_H */

21
include/openssl/ossl_typ.h
View File

@ -95,6 +95,8 @@ typedef int ASN1_BOOLEAN;
typedef int ASN1_NULL;
#endif
typedef struct asn1_pctx_st ASN1_PCTX;
#ifdef OPENSSL_SYS_WIN32
#undef X509_NAME
#undef X509_EXTENSIONS
@ -122,6 +124,11 @@ typedef struct env_md_st EVP_MD;
typedef struct env_md_ctx_st EVP_MD_CTX;
typedef struct evp_pkey_st EVP_PKEY;
typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
typedef struct evp_pkey_ctx_st EVP_PKEY_CTX;
typedef struct dh_st DH;
typedef struct dh_method DH_METHOD;
@ -139,11 +146,14 @@ typedef struct ecdsa_method ECDSA_METHOD;
typedef struct x509_st X509;
typedef struct X509_algor_st X509_ALGOR;
typedef struct X509_crl_st X509_CRL;
typedef struct x509_crl_method_st X509_CRL_METHOD;
typedef struct x509_revoked_st X509_REVOKED;
typedef struct X509_name_st X509_NAME;
typedef struct X509_pubkey_st X509_PUBKEY;
typedef struct x509_store_st X509_STORE;
typedef struct x509_store_ctx_st X509_STORE_CTX;
typedef struct ssl_st SSL;
typedef struct ssl_ctx_st SSL_CTX;
typedef struct pkcs8_priv_key_info_st PKCS8_PRIV_KEY_INFO;
typedef struct v3_ext_ctx X509V3_CTX;
typedef struct conf_st CONF;
@ -157,12 +167,19 @@ typedef struct ui_method_st UI_METHOD;
typedef struct st_ERR_FNS ERR_FNS;
typedef struct engine_st ENGINE;
typedef struct ssl_st SSL;
typedef struct ssl_ctx_st SSL_CTX;
typedef struct X509_POLICY_NODE_st X509_POLICY_NODE;
typedef struct X509_POLICY_LEVEL_st X509_POLICY_LEVEL;
typedef struct X509_POLICY_TREE_st X509_POLICY_TREE;
typedef struct X509_POLICY_CACHE_st X509_POLICY_CACHE;
typedef struct AUTHORITY_KEYID_st AUTHORITY_KEYID;
typedef struct DIST_POINT_st DIST_POINT;
typedef struct ISSUING_DIST_POINT_st ISSUING_DIST_POINT;
typedef struct NAME_CONSTRAINTS_st NAME_CONSTRAINTS;
/* If placed in pkcs12.h, we end up with a circular depency with pkcs7.h */
#define DECLARE_PKCS12_STACK_OF(type) /* Nothing */
#define IMPLEMENT_PKCS12_STACK_OF(type) /* Nothing */

255
include/openssl/pem.h
View File

@ -134,6 +134,7 @@ extern "C" {
#define PEM_STRING_ECDSA_PUBLIC "ECDSA PUBLIC KEY"
#define PEM_STRING_ECPARAMETERS "EC PARAMETERS"
#define PEM_STRING_ECPRIVATEKEY "EC PRIVATE KEY"
#define PEM_STRING_PARAMETERS "PARAMETERS"
#define PEM_STRING_CMS "CMS"
/* Note that this structure is initialised by PEM_SealInit and cleaned up
@ -183,11 +184,8 @@ typedef struct pem_ctx_st
int num_recipient;
PEM_USER **recipient;
#ifndef OPENSSL_NO_STACK
STACK *x509_chain; /* certificate chain */
#else
char *x509_chain; /* certificate chain */
#endif
/* XXX(ben): don#t think this is used!
STACK *x509_chain; / * certificate chain */
EVP_MD *md; /* signature type */
int md_enc; /* is the md encrypted or not? */
@ -224,28 +222,19 @@ typedef struct pem_ctx_st
#define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \
type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u)\
{ \
return (type*)PEM_ASN1_read(CHECKED_D2I_OF(type, d2i_##asn1), \
str, fp, \
CHECKED_PPTR_OF(type, x), \
cb, u); \
return PEM_ASN1_read((d2i_of_void *)d2i_##asn1, str,fp,(void **)x,cb,u); \
}
#define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \
int PEM_write_##name(FILE *fp, type *x) \
{ \
return PEM_ASN1_write(CHECKED_I2D_OF(type, i2d_##asn1), \
str, fp, \
CHECKED_PTR_OF(type, x), \
NULL, NULL, 0, NULL, NULL); \
return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,NULL,NULL,0,NULL,NULL); \
}
#define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) \
int PEM_write_##name(FILE *fp, const type *x) \
{ \
return PEM_ASN1_write(CHECKED_I2D_OF(const type, i2d_##asn1), \
str, fp, \
CHECKED_PTR_OF(const type, x), \
NULL, NULL, 0, NULL, NULL); \
return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,(void *)x,NULL,NULL,0,NULL,NULL); \
}
#define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \
@ -253,10 +242,7 @@ int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
unsigned char *kstr, int klen, pem_password_cb *cb, \
void *u) \
{ \
return PEM_ASN1_write(CHECKED_I2D_OF(type, i2d_##asn1), \
str, fp, \
CHECKED_PTR_OF(type, x), \
enc, kstr, klen, cb, u); \
return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \
}
#define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) \
@ -264,10 +250,7 @@ int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
unsigned char *kstr, int klen, pem_password_cb *cb, \
void *u) \
{ \
return PEM_ASN1_write(CHECKED_I2D_OF(const type, i2d_##asn1), \
str, fp, \
CHECKED_PTR_OF(const type, x), \
enc, kstr, klen, cb, u); \
return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \
}
#endif
@ -275,48 +258,33 @@ int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
#define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u)\
{ \
return (type*)PEM_ASN1_read_bio(CHECKED_D2I_OF(type, d2i_##asn1), \
str, bp, \
CHECKED_PPTR_OF(type, x), \
cb, u); \
return PEM_ASN1_read_bio((d2i_of_void *)d2i_##asn1, str,bp,(void **)x,cb,u); \
}
#define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
int PEM_write_bio_##name(BIO *bp, type *x) \
{ \
return PEM_ASN1_write_bio(CHECKED_I2D_OF(type, i2d_##asn1), \
str, bp, \
CHECKED_PTR_OF(type, x), \
NULL, NULL, 0, NULL, NULL); \
return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,NULL,NULL,0,NULL,NULL); \
}
#define IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \
int PEM_write_bio_##name(BIO *bp, const type *x) \
{ \
return PEM_ASN1_write_bio(CHECKED_I2D_OF(const type, i2d_##asn1), \
str, bp, \
CHECKED_PTR_OF(const type, x), \
NULL, NULL, 0, NULL, NULL); \
return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,NULL,NULL,0,NULL,NULL); \
}
#define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
{ \
return PEM_ASN1_write_bio(CHECKED_I2D_OF(type, i2d_##asn1), \
str, bp, \
CHECKED_PTR_OF(type, x), \
enc, kstr, klen, cb, u); \
return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,enc,kstr,klen,cb,u); \
}
#define IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \
int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
{ \
return PEM_ASN1_write_bio(CHECKED_I2D_OF(const type, i2d_##asn1), \
str, bp, \
CHECKED_PTR_OF(const type, x), \
enc, kstr, klen, cb, u); \
return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,enc,kstr,klen,cb,u); \
}
#define IMPLEMENT_PEM_write(name, type, str, asn1) \
@ -353,11 +321,10 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
/* These are the same except they are for the declarations */
#if defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_NO_FP_API)
#if defined(OPENSSL_NO_FP_API)
#define DECLARE_PEM_read_fp(name, type) /**/
#define DECLARE_PEM_write_fp(name, type) /**/
#define DECLARE_PEM_write_fp_const(name, type) /**/
#define DECLARE_PEM_write_cb_fp(name, type) /**/
#else
@ -428,138 +395,6 @@ int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
DECLARE_PEM_read(name, type) \
DECLARE_PEM_write_cb(name, type)
#ifdef SSLEAY_MACROS
#define PEM_write_SSL_SESSION(fp,x) \
PEM_ASN1_write((int (*)())i2d_SSL_SESSION, \
PEM_STRING_SSL_SESSION,fp, (char *)x, NULL,NULL,0,NULL,NULL)
#define PEM_write_X509(fp,x) \
PEM_ASN1_write((int (*)())i2d_X509,PEM_STRING_X509,fp, \
(char *)x, NULL,NULL,0,NULL,NULL)
#define PEM_write_X509_REQ(fp,x) PEM_ASN1_write( \
(int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,fp,(char *)x, \
NULL,NULL,0,NULL,NULL)
#define PEM_write_X509_CRL(fp,x) \
PEM_ASN1_write((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL, \
fp,(char *)x, NULL,NULL,0,NULL,NULL)
#define PEM_write_RSAPrivateKey(fp,x,enc,kstr,klen,cb,u) \
PEM_ASN1_write((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,fp,\
(char *)x,enc,kstr,klen,cb,u)
#define PEM_write_RSAPublicKey(fp,x) \
PEM_ASN1_write((int (*)())i2d_RSAPublicKey,\
PEM_STRING_RSA_PUBLIC,fp,(char *)x,NULL,NULL,0,NULL,NULL)
#define PEM_write_DSAPrivateKey(fp,x,enc,kstr,klen,cb,u) \
PEM_ASN1_write((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,fp,\
(char *)x,enc,kstr,klen,cb,u)
#define PEM_write_PrivateKey(bp,x,enc,kstr,klen,cb,u) \
PEM_ASN1_write((int (*)())i2d_PrivateKey,\
(((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),\
bp,(char *)x,enc,kstr,klen,cb,u)
#define PEM_write_PKCS7(fp,x) \
PEM_ASN1_write((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,fp, \
(char *)x, NULL,NULL,0,NULL,NULL)
#define PEM_write_DHparams(fp,x) \
PEM_ASN1_write((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,fp,\
(char *)x,NULL,NULL,0,NULL,NULL)
#define PEM_write_NETSCAPE_CERT_SEQUENCE(fp,x) \
PEM_ASN1_write((int (*)())i2d_NETSCAPE_CERT_SEQUENCE, \
PEM_STRING_X509,fp, \
(char *)x, NULL,NULL,0,NULL,NULL)
#define PEM_read_SSL_SESSION(fp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read( \
(char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb,u)
#define PEM_read_X509(fp,x,cb,u) (X509 *)PEM_ASN1_read( \
(char *(*)())d2i_X509,PEM_STRING_X509,fp,(char **)x,cb,u)
#define PEM_read_X509_REQ(fp,x,cb,u) (X509_REQ *)PEM_ASN1_read( \
(char *(*)())d2i_X509_REQ,PEM_STRING_X509_REQ,fp,(char **)x,cb,u)
#define PEM_read_X509_CRL(fp,x,cb,u) (X509_CRL *)PEM_ASN1_read( \
(char *(*)())d2i_X509_CRL,PEM_STRING_X509_CRL,fp,(char **)x,cb,u)
#define PEM_read_RSAPrivateKey(fp,x,cb,u) (RSA *)PEM_ASN1_read( \
(char *(*)())d2i_RSAPrivateKey,PEM_STRING_RSA,fp,(char **)x,cb,u)
#define PEM_read_RSAPublicKey(fp,x,cb,u) (RSA *)PEM_ASN1_read( \
(char *(*)())d2i_RSAPublicKey,PEM_STRING_RSA_PUBLIC,fp,(char **)x,cb,u)
#define PEM_read_DSAPrivateKey(fp,x,cb,u) (DSA *)PEM_ASN1_read( \
(char *(*)())d2i_DSAPrivateKey,PEM_STRING_DSA,fp,(char **)x,cb,u)
#define PEM_read_PrivateKey(fp,x,cb,u) (EVP_PKEY *)PEM_ASN1_read( \
(char *(*)())d2i_PrivateKey,PEM_STRING_EVP_PKEY,fp,(char **)x,cb,u)
#define PEM_read_PKCS7(fp,x,cb,u) (PKCS7 *)PEM_ASN1_read( \
(char *(*)())d2i_PKCS7,PEM_STRING_PKCS7,fp,(char **)x,cb,u)
#define PEM_read_DHparams(fp,x,cb,u) (DH *)PEM_ASN1_read( \
(char *(*)())d2i_DHparams,PEM_STRING_DHPARAMS,fp,(char **)x,cb,u)
#define PEM_read_NETSCAPE_CERT_SEQUENCE(fp,x,cb,u) \
(NETSCAPE_CERT_SEQUENCE *)PEM_ASN1_read( \
(char *(*)())d2i_NETSCAPE_CERT_SEQUENCE,PEM_STRING_X509,fp,\
(char **)x,cb,u)
#define PEM_write_bio_X509(bp,x) \
PEM_ASN1_write_bio((int (*)())i2d_X509,PEM_STRING_X509,bp, \
(char *)x, NULL,NULL,0,NULL,NULL)
#define PEM_write_bio_X509_REQ(bp,x) PEM_ASN1_write_bio( \
(int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,bp,(char *)x, \
NULL,NULL,0,NULL,NULL)
#define PEM_write_bio_X509_CRL(bp,x) \
PEM_ASN1_write_bio((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL,\
bp,(char *)x, NULL,NULL,0,NULL,NULL)
#define PEM_write_bio_RSAPrivateKey(bp,x,enc,kstr,klen,cb,u) \
PEM_ASN1_write_bio((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,\
bp,(char *)x,enc,kstr,klen,cb,u)
#define PEM_write_bio_RSAPublicKey(bp,x) \
PEM_ASN1_write_bio((int (*)())i2d_RSAPublicKey, \
PEM_STRING_RSA_PUBLIC,\
bp,(char *)x,NULL,NULL,0,NULL,NULL)
#define PEM_write_bio_DSAPrivateKey(bp,x,enc,kstr,klen,cb,u) \
PEM_ASN1_write_bio((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,\
bp,(char *)x,enc,kstr,klen,cb,u)
#define PEM_write_bio_PrivateKey(bp,x,enc,kstr,klen,cb,u) \
PEM_ASN1_write_bio((int (*)())i2d_PrivateKey,\
(((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),\
bp,(char *)x,enc,kstr,klen,cb,u)
#define PEM_write_bio_PKCS7(bp,x) \
PEM_ASN1_write_bio((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,bp, \
(char *)x, NULL,NULL,0,NULL,NULL)
#define PEM_write_bio_DHparams(bp,x) \
PEM_ASN1_write_bio((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,\
bp,(char *)x,NULL,NULL,0,NULL,NULL)
#define PEM_write_bio_DSAparams(bp,x) \
PEM_ASN1_write_bio((int (*)())i2d_DSAparams, \
PEM_STRING_DSAPARAMS,bp,(char *)x,NULL,NULL,0,NULL,NULL)
#define PEM_write_bio_NETSCAPE_CERT_SEQUENCE(bp,x) \
PEM_ASN1_write_bio((int (*)())i2d_NETSCAPE_CERT_SEQUENCE, \
PEM_STRING_X509,bp, \
(char *)x, NULL,NULL,0,NULL,NULL)
#define PEM_read_bio_X509(bp,x,cb,u) (X509 *)PEM_ASN1_read_bio( \
(char *(*)())d2i_X509,PEM_STRING_X509,bp,(char **)x,cb,u)
#define PEM_read_bio_X509_REQ(bp,x,cb,u) (X509_REQ *)PEM_ASN1_read_bio( \
(char *(*)())d2i_X509_REQ,PEM_STRING_X509_REQ,bp,(char **)x,cb,u)
#define PEM_read_bio_X509_CRL(bp,x,cb,u) (X509_CRL *)PEM_ASN1_read_bio( \
(char *(*)())d2i_X509_CRL,PEM_STRING_X509_CRL,bp,(char **)x,cb,u)
#define PEM_read_bio_RSAPrivateKey(bp,x,cb,u) (RSA *)PEM_ASN1_read_bio( \
(char *(*)())d2i_RSAPrivateKey,PEM_STRING_RSA,bp,(char **)x,cb,u)
#define PEM_read_bio_RSAPublicKey(bp,x,cb,u) (RSA *)PEM_ASN1_read_bio( \
(char *(*)())d2i_RSAPublicKey,PEM_STRING_RSA_PUBLIC,bp,(char **)x,cb,u)
#define PEM_read_bio_DSAPrivateKey(bp,x,cb,u) (DSA *)PEM_ASN1_read_bio( \
(char *(*)())d2i_DSAPrivateKey,PEM_STRING_DSA,bp,(char **)x,cb,u)
#define PEM_read_bio_PrivateKey(bp,x,cb,u) (EVP_PKEY *)PEM_ASN1_read_bio( \
(char *(*)())d2i_PrivateKey,PEM_STRING_EVP_PKEY,bp,(char **)x,cb,u)
#define PEM_read_bio_PKCS7(bp,x,cb,u) (PKCS7 *)PEM_ASN1_read_bio( \
(char *(*)())d2i_PKCS7,PEM_STRING_PKCS7,bp,(char **)x,cb,u)
#define PEM_read_bio_DHparams(bp,x,cb,u) (DH *)PEM_ASN1_read_bio( \
(char *(*)())d2i_DHparams,PEM_STRING_DHPARAMS,bp,(char **)x,cb,u)
#define PEM_read_bio_DSAparams(bp,x,cb,u) (DSA *)PEM_ASN1_read_bio( \
(char *(*)())d2i_DSAparams,PEM_STRING_DSAPARAMS,bp,(char **)x,cb,u)
#define PEM_read_bio_NETSCAPE_CERT_SEQUENCE(bp,x,cb,u) \
(NETSCAPE_CERT_SEQUENCE *)PEM_ASN1_read_bio( \
(char *(*)())d2i_NETSCAPE_CERT_SEQUENCE,PEM_STRING_X509,bp,\
(char **)x,cb,u)
#endif
#if 1
/* "userdata": new with OpenSSL 0.9.4 */
typedef int pem_password_cb(char *buf, int size, int rwflag, void *userdata);
@ -581,40 +416,25 @@ int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm, const char
pem_password_cb *cb, void *u);
void * PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp,
void **x, pem_password_cb *cb, void *u);
#define PEM_ASN1_read_bio_of(type,d2i,name,bp,x,cb,u) \
((type*)PEM_ASN1_read_bio(CHECKED_D2I_OF(type, d2i), \
name, bp, \
CHECKED_PPTR_OF(type, x), \
cb, u))
int PEM_ASN1_write_bio(i2d_of_void *i2d,const char *name,BIO *bp,char *x,
int PEM_ASN1_write_bio(i2d_of_void *i2d,const char *name,BIO *bp, void *x,
const EVP_CIPHER *enc,unsigned char *kstr,int klen,
pem_password_cb *cb, void *u);
#define PEM_ASN1_write_bio_of(type,i2d,name,bp,x,enc,kstr,klen,cb,u) \
(PEM_ASN1_write_bio(CHECKED_I2D_OF(type, i2d), \
name, bp, \
CHECKED_PTR_OF(type, x), \
enc, kstr, klen, cb, u))
STACK_OF(X509_INFO) * PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u);
int PEM_X509_INFO_write_bio(BIO *bp,X509_INFO *xi, EVP_CIPHER *enc,
unsigned char *kstr, int klen, pem_password_cb *cd, void *u);
#endif
#ifndef OPENSSL_SYS_WIN16
int PEM_read(FILE *fp, char **name, char **header,
unsigned char **data,long *len);
int PEM_write(FILE *fp,char *name,char *hdr,unsigned char *data,long len);
void * PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x,
pem_password_cb *cb, void *u);
int PEM_ASN1_write(i2d_of_void *i2d,const char *name,FILE *fp,
char *x,const EVP_CIPHER *enc,unsigned char *kstr,
void *x,const EVP_CIPHER *enc,unsigned char *kstr,
int klen,pem_password_cb *callback, void *u);
STACK_OF(X509_INFO) * PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk,
pem_password_cb *cb, void *u);
#endif
int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type,
EVP_MD *md_type, unsigned char **ek, int *ekl,
@ -633,7 +453,6 @@ int PEM_def_callback(char *buf, int num, int w, void *key);
void PEM_proc_type(char *buf, int type);
void PEM_dek_info(char *buf, const char *type, int len, char *str);
#ifndef SSLEAY_MACROS
#include <openssl/symhacks.h>
@ -719,7 +538,21 @@ EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, vo
int PEM_write_PKCS8PrivateKey(FILE *fp,EVP_PKEY *x,const EVP_CIPHER *enc,
char *kstr,int klen, pem_password_cb *cd, void *u);
#endif /* SSLEAY_MACROS */
EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x);
int PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x);
EVP_PKEY *b2i_PrivateKey(const unsigned char **in, long length);
EVP_PKEY *b2i_PublicKey(const unsigned char **in, long length);
EVP_PKEY *b2i_PrivateKey_bio(BIO *in);
EVP_PKEY *b2i_PublicKey_bio(BIO *in);
int i2b_PrivateKey_bio(BIO *out, EVP_PKEY *pk);
int i2b_PublicKey_bio(BIO *out, EVP_PKEY *pk);
#ifndef OPENSSL_NO_RC4
EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u);
int i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel,
pem_password_cb *cb, void *u);
#endif
/* BEGIN ERROR CODES */
@ -731,10 +564,22 @@ void ERR_load_PEM_strings(void);
/* Error codes for the PEM functions. */
/* Function codes. */
#define PEM_F_B2I_DSS 127
#define PEM_F_B2I_PVK_BIO 128
#define PEM_F_B2I_RSA 129
#define PEM_F_CHECK_BITLEN_DSA 130
#define PEM_F_CHECK_BITLEN_RSA 131
#define PEM_F_D2I_PKCS8PRIVATEKEY_BIO 120
#define PEM_F_D2I_PKCS8PRIVATEKEY_FP 121
#define PEM_F_DO_B2I 132
#define PEM_F_DO_B2I_BIO 133
#define PEM_F_DO_BLOB_HEADER 134
#define PEM_F_DO_PK8PKEY 126
#define PEM_F_DO_PK8PKEY_FP 125
#define PEM_F_DO_PVK_BODY 135
#define PEM_F_DO_PVK_HEADER 136
#define PEM_F_I2B_PVK 137
#define PEM_F_I2B_PVK_BIO 138
#define PEM_F_LOAD_IV 101
#define PEM_F_PEM_ASN1_READ 102
#define PEM_F_PEM_ASN1_READ_BIO 103
@ -747,6 +592,7 @@ void ERR_load_PEM_strings(void);
#define PEM_F_PEM_PK8PKEY 119
#define PEM_F_PEM_READ 108
#define PEM_F_PEM_READ_BIO 109
#define PEM_F_PEM_READ_BIO_PARAMETERS 140
#define PEM_F_PEM_READ_BIO_PRIVATEKEY 123
#define PEM_F_PEM_READ_PRIVATEKEY 124
#define PEM_F_PEM_SEALFINAL 110
@ -754,6 +600,7 @@ void ERR_load_PEM_strings(void);
#define PEM_F_PEM_SIGNFINAL 112
#define PEM_F_PEM_WRITE 113
#define PEM_F_PEM_WRITE_BIO 114
#define PEM_F_PEM_WRITE_PRIVATEKEY 139
#define PEM_F_PEM_X509_INFO_READ 115
#define PEM_F_PEM_X509_INFO_READ_BIO 116
#define PEM_F_PEM_X509_INFO_WRITE_BIO 117
@ -763,18 +610,30 @@ void ERR_load_PEM_strings(void);
#define PEM_R_BAD_DECRYPT 101
#define PEM_R_BAD_END_LINE 102
#define PEM_R_BAD_IV_CHARS 103
#define PEM_R_BAD_MAGIC_NUMBER 116
#define PEM_R_BAD_PASSWORD_READ 104
#define PEM_R_BAD_VERSION_NUMBER 117
#define PEM_R_BIO_WRITE_FAILURE 118
#define PEM_R_CIPHER_IS_NULL 127
#define PEM_R_ERROR_CONVERTING_PRIVATE_KEY 115
#define PEM_R_EXPECTING_PRIVATE_KEY_BLOB 119
#define PEM_R_EXPECTING_PUBLIC_KEY_BLOB 120
#define PEM_R_INCONSISTENT_HEADER 121
#define PEM_R_KEYBLOB_HEADER_PARSE_ERROR 122
#define PEM_R_KEYBLOB_TOO_SHORT 123
#define PEM_R_NOT_DEK_INFO 105
#define PEM_R_NOT_ENCRYPTED 106
#define PEM_R_NOT_PROC_TYPE 107
#define PEM_R_NO_START_LINE 108
#define PEM_R_PROBLEMS_GETTING_PASSWORD 109
#define PEM_R_PUBLIC_KEY_NO_RSA 110
#define PEM_R_PVK_DATA_TOO_SHORT 124
#define PEM_R_PVK_TOO_SHORT 125
#define PEM_R_READ_KEY 111
#define PEM_R_SHORT_HEADER 112
#define PEM_R_UNSUPPORTED_CIPHER 113
#define PEM_R_UNSUPPORTED_ENCRYPTION 114
#define PEM_R_UNSUPPORTED_KEY_COMPONENTS 126
#ifdef __cplusplus
}

9
include/openssl/pkcs12.h
View File

@ -108,8 +108,6 @@ PKCS12_MAC_DATA *mac;
PKCS7 *authsafes;
} PKCS12;
PREDECLARE_STACK_OF(PKCS12_SAFEBAG)
typedef struct {
ASN1_OBJECT *type;
union {
@ -232,14 +230,9 @@ int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen,
const EVP_MD *md_type);
int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt,
int saltlen, const EVP_MD *md_type);
#if defined(NETWARE) || defined(OPENSSL_SYS_NETWARE)
/* Rename these functions to avoid name clashes on NetWare OS */
unsigned char *OPENSSL_asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen);
char *OPENSSL_uni2asc(unsigned char *uni, int unilen);
#else
unsigned char *asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen);
char *uni2asc(unsigned char *uni, int unilen);
#endif
DECLARE_ASN1_FUNCTIONS(PKCS12)
DECLARE_ASN1_FUNCTIONS(PKCS12_MAC_DATA)
DECLARE_ASN1_FUNCTIONS(PKCS12_SAFEBAG)

59
include/openssl/pkcs7.h
View File

@ -232,6 +232,9 @@ DECLARE_PKCS12_STACK_OF(PKCS7)
#define PKCS7_type_is_signedAndEnveloped(a) \
(OBJ_obj2nid((a)->type) == NID_pkcs7_signedAndEnveloped)
#define PKCS7_type_is_data(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_data)
#define PKCS7_type_is_digest(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_digest)
#define PKCS7_type_is_encrypted(a) \
(OBJ_obj2nid((a)->type) == NID_pkcs7_encrypted)
#define PKCS7_type_is_digest(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_digest)
@ -242,14 +245,6 @@ DECLARE_PKCS12_STACK_OF(PKCS7)
#define PKCS7_is_detached(p7) (PKCS7_type_is_signed(p7) && PKCS7_get_detached(p7))
#ifdef SSLEAY_MACROS
#ifndef PKCS7_ISSUER_AND_SERIAL_digest
#define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \
ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,\
(char *)data,md,len)
#endif
#endif
/* S/MIME related flags */
#define PKCS7_TEXT 0x1
@ -266,6 +261,8 @@ DECLARE_PKCS12_STACK_OF(PKCS7)
#define PKCS7_CRLFEOL 0x800
#define PKCS7_STREAM 0x1000
#define PKCS7_NOCRL 0x2000
#define PKCS7_PARTIAL 0x4000
#define PKCS7_REUSE_DIGEST 0x8000
/* Flags: for compatibility with older code */
@ -281,7 +278,6 @@ DECLARE_PKCS12_STACK_OF(PKCS7)
DECLARE_ASN1_FUNCTIONS(PKCS7_ISSUER_AND_SERIAL)
#ifndef SSLEAY_MACROS
int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,const EVP_MD *type,
unsigned char *md,unsigned int *len);
#ifndef OPENSSL_NO_FP_API
@ -291,7 +287,8 @@ int i2d_PKCS7_fp(FILE *fp,PKCS7 *p7);
PKCS7 *PKCS7_dup(PKCS7 *p7);
PKCS7 *d2i_PKCS7_bio(BIO *bp,PKCS7 **p7);
int i2d_PKCS7_bio(BIO *bp,PKCS7 *p7);
#endif
int i2d_PKCS7_bio_stream(BIO *out, PKCS7 *p7, BIO *in, int flags);
int PEM_write_bio_PKCS7_stream(BIO *out, PKCS7 *p7, BIO *in, int flags);
DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNER_INFO)
DECLARE_ASN1_FUNCTIONS(PKCS7_RECIP_INFO)
@ -307,6 +304,7 @@ DECLARE_ASN1_ITEM(PKCS7_ATTR_SIGN)
DECLARE_ASN1_ITEM(PKCS7_ATTR_VERIFY)
DECLARE_ASN1_NDEF_FUNCTION(PKCS7)
DECLARE_ASN1_PRINT_FUNCTION(PKCS7)
long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg);
@ -315,6 +313,7 @@ int PKCS7_set0_type_other(PKCS7 *p7, int type, ASN1_TYPE *other);
int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data);
int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
const EVP_MD *dgst);
int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si);
int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i);
int PKCS7_add_certificate(PKCS7 *p7, X509 *x509);
int PKCS7_add_crl(PKCS7 *p7, X509_CRL *x509);
@ -336,9 +335,13 @@ int PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md);
STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7);
PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509);
void PKCS7_SIGNER_INFO_get0_algs(PKCS7_SIGNER_INFO *si, EVP_PKEY **pk,
X509_ALGOR **pdig, X509_ALGOR **psig);
void PKCS7_RECIP_INFO_get0_alg(PKCS7_RECIP_INFO *ri, X509_ALGOR **penc);
int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri);
int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509);
int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher);
int PKCS7_stream(unsigned char ***boundary, PKCS7 *p7);
PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx);
ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk);
@ -355,6 +358,12 @@ int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si,STACK_OF(X509_ATTRIBUTE) *sk);
PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
BIO *data, int flags);
PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7,
X509 *signcert, EVP_PKEY *pkey, const EVP_MD *md,
int flags);
int PKCS7_final(PKCS7 *p7, BIO *data, int flags);
int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
BIO *indata, BIO *out, int flags);
STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags);
@ -367,10 +376,16 @@ int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si,
STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si);
int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg);
int PKCS7_add_attrib_content_type(PKCS7_SIGNER_INFO *si, ASN1_OBJECT *coid);
int PKCS7_add0_attrib_signing_time(PKCS7_SIGNER_INFO *si, ASN1_TIME *t);
int PKCS7_add1_attrib_digest(PKCS7_SIGNER_INFO *si,
const unsigned char *md, int mdlen);
int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags);
PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont);
int SMIME_crlf_copy(BIO *in, BIO *out, int flags);
int SMIME_text(BIO *in, BIO *out);
BIO *BIO_new_PKCS7(BIO *out, PKCS7 *p7);
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
@ -383,12 +398,17 @@ void ERR_load_PKCS7_strings(void);
/* Function codes. */
#define PKCS7_F_B64_READ_PKCS7 120
#define PKCS7_F_B64_WRITE_PKCS7 121
#define PKCS7_F_DO_PKCS7_SIGNED_ATTRIB 136
#define PKCS7_F_I2D_PKCS7_BIO_STREAM 140
#define PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME 135
#define PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP 118
#define PKCS7_F_PKCS7_ADD_CERTIFICATE 100
#define PKCS7_F_PKCS7_ADD_CRL 101
#define PKCS7_F_PKCS7_ADD_RECIPIENT_INFO 102
#define PKCS7_F_PKCS7_ADD_SIGNATURE 131
#define PKCS7_F_PKCS7_ADD_SIGNER 103
#define PKCS7_F_PKCS7_BIO_ADD_DIGEST 125
#define PKCS7_F_PKCS7_COPY_EXISTING_DIGEST 138
#define PKCS7_F_PKCS7_CTRL 104
#define PKCS7_F_PKCS7_DATADECODE 112
#define PKCS7_F_PKCS7_DATAFINAL 128
@ -396,15 +416,22 @@ void ERR_load_PKCS7_strings(void);
#define PKCS7_F_PKCS7_DATASIGN 106
#define PKCS7_F_PKCS7_DATAVERIFY 107
#define PKCS7_F_PKCS7_DECRYPT 114
#define PKCS7_F_PKCS7_DECRYPT_RINFO 133
#define PKCS7_F_PKCS7_ENCODE_RINFO 132
#define PKCS7_F_PKCS7_ENCRYPT 115
#define PKCS7_F_PKCS7_FINAL 134
#define PKCS7_F_PKCS7_FIND_DIGEST 127
#define PKCS7_F_PKCS7_GET0_SIGNERS 124
#define PKCS7_F_PKCS7_RECIP_INFO_SET 130
#define PKCS7_F_PKCS7_SET_CIPHER 108
#define PKCS7_F_PKCS7_SET_CONTENT 109
#define PKCS7_F_PKCS7_SET_DIGEST 126
#define PKCS7_F_PKCS7_SET_TYPE 110
#define PKCS7_F_PKCS7_SIGN 116
#define PKCS7_F_PKCS7_SIGNATUREVERIFY 113
#define PKCS7_F_PKCS7_SIGNER_INFO_SET 129
#define PKCS7_F_PKCS7_SIGNER_INFO_SIGN 139
#define PKCS7_F_PKCS7_SIGN_ADD_SIGNER 137
#define PKCS7_F_PKCS7_SIMPLE_SMIMECAP 119
#define PKCS7_F_PKCS7_VERIFY 117
#define PKCS7_F_SMIME_READ_PKCS7 122
@ -415,10 +442,13 @@ void ERR_load_PKCS7_strings(void);
#define PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 144
#define PKCS7_R_CIPHER_NOT_INITIALIZED 116
#define PKCS7_R_CONTENT_AND_DATA_PRESENT 118
#define PKCS7_R_CTRL_ERROR 152
#define PKCS7_R_DECODE_ERROR 130
#define PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH 100
#define PKCS7_R_DECRYPT_ERROR 119
#define PKCS7_R_DIGEST_FAILURE 101
#define PKCS7_R_ENCRYPTION_CTRL_FAILURE 149
#define PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 150
#define PKCS7_R_ERROR_ADDING_RECIPIENT 120
#define PKCS7_R_ERROR_SETTING_CIPHER 121
#define PKCS7_R_INVALID_MIME_TYPE 131
@ -429,6 +459,8 @@ void ERR_load_PKCS7_strings(void);
#define PKCS7_R_MISSING_CERIPEND_INFO 103
#define PKCS7_R_NO_CONTENT 122
#define PKCS7_R_NO_CONTENT_TYPE 135
#define PKCS7_R_NO_DEFAULT_DIGEST 151
#define PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND 154
#define PKCS7_R_NO_MULTIPART_BODY_FAILURE 136
#define PKCS7_R_NO_MULTIPART_BOUNDARY 137
#define PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE 115
@ -438,6 +470,7 @@ void ERR_load_PKCS7_strings(void);
#define PKCS7_R_NO_SIG_CONTENT_TYPE 138
#define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE 104
#define PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR 124
#define PKCS7_R_PKCS7_ADD_SIGNER_ERROR 153
#define PKCS7_R_PKCS7_DATAFINAL 126
#define PKCS7_R_PKCS7_DATAFINAL_ERROR 125
#define PKCS7_R_PKCS7_DATASIGN 145
@ -446,6 +479,8 @@ void ERR_load_PKCS7_strings(void);
#define PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 127
#define PKCS7_R_SIGNATURE_FAILURE 105
#define PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND 128
#define PKCS7_R_SIGNING_CTRL_FAILURE 147
#define PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 148
#define PKCS7_R_SIG_INVALID_MIME_TYPE 141
#define PKCS7_R_SMIME_TEXT_ERROR 129
#define PKCS7_R_UNABLE_TO_FIND_CERTIFICATE 106

152
include/openssl/pq_compat.h
View File

@ -1,152 +0,0 @@
/* crypto/pqueue/pqueue_compat.h */
/*
* DTLS implementation written by Nagendra Modadugu
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
*/
/* ====================================================================
* Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#ifndef HEADER_PQ_COMPAT_H
#define HEADER_PQ_COMPAT_H
#include <openssl/opensslconf.h>
#include <openssl/bn.h>
/*
* The purpose of this header file is for supporting 64-bit integer
* manipulation on 32-bit (and lower) machines. Currently the only
* such environment is VMS, Utrix and those with smaller default integer
* sizes than 32 bits. For all such environment, we fall back to using
* BIGNUM. We may need to fine tune the conditions for systems that
* are incorrectly configured.
*
* The only clients of this code are (1) pqueue for priority, and
* (2) DTLS, for sequence number manipulation.
*/
#if (defined(THIRTY_TWO_BIT) && !defined(BN_LLONG)) || defined(SIXTEEN_BIT) || defined(EIGHT_BIT)
#define PQ_64BIT_IS_INTEGER 0
#define PQ_64BIT_IS_BIGNUM 1
#define PQ_64BIT BIGNUM
#define PQ_64BIT_CTX BN_CTX
#define pq_64bit_init(x) BN_init(x)
#define pq_64bit_free(x) BN_free(x)
#define pq_64bit_ctx_new(ctx) BN_CTX_new()
#define pq_64bit_ctx_free(x) BN_CTX_free(x)
#define pq_64bit_assign(x, y) BN_copy(x, y)
#define pq_64bit_assign_word(x, y) BN_set_word(x, y)
#define pq_64bit_gt(x, y) BN_ucmp(x, y) >= 1 ? 1 : 0
#define pq_64bit_eq(x, y) BN_ucmp(x, y) == 0 ? 1 : 0
#define pq_64bit_add_word(x, w) BN_add_word(x, w)
#define pq_64bit_sub(r, x, y) BN_sub(r, x, y)
#define pq_64bit_sub_word(x, w) BN_sub_word(x, w)
#define pq_64bit_mod(r, x, n, ctx) BN_mod(r, x, n, ctx)
#define pq_64bit_bin2num(bn, bytes, len) BN_bin2bn(bytes, len, bn)
#define pq_64bit_num2bin(bn, bytes) BN_bn2bin(bn, bytes)
#define pq_64bit_get_word(x) BN_get_word(x)
#define pq_64bit_is_bit_set(x, offset) BN_is_bit_set(x, offset)
#define pq_64bit_lshift(r, x, shift) BN_lshift(r, x, shift)
#define pq_64bit_set_bit(x, num) BN_set_bit(x, num)
#define pq_64bit_get_length(x) BN_num_bits((x))
#else
#define PQ_64BIT_IS_INTEGER 1
#define PQ_64BIT_IS_BIGNUM 0
#if defined(SIXTY_FOUR_BIT)
#define PQ_64BIT BN_ULONG
#define PQ_64BIT_PRINT "%lld"
#elif defined(SIXTY_FOUR_BIT_LONG)
#define PQ_64BIT BN_ULONG
#define PQ_64BIT_PRINT "%ld"
#elif defined(THIRTY_TWO_BIT)
#define PQ_64BIT BN_ULLONG
#define PQ_64BIT_PRINT "%lld"
#endif
#define PQ_64BIT_CTX void
#define pq_64bit_init(x)
#define pq_64bit_free(x)
#define pq_64bit_ctx_new(ctx) (ctx)
#define pq_64bit_ctx_free(x)
#define pq_64bit_assign(x, y) (*(x) = *(y))
#define pq_64bit_assign_word(x, y) (*(x) = y)
#define pq_64bit_gt(x, y) (*(x) > *(y))
#define pq_64bit_eq(x, y) (*(x) == *(y))
#define pq_64bit_add_word(x, w) (*(x) = (*(x) + (w)))
#define pq_64bit_sub(r, x, y) (*(r) = (*(x) - *(y)))
#define pq_64bit_sub_word(x, w) (*(x) = (*(x) - (w)))
#define pq_64bit_mod(r, x, n, ctx)
#define pq_64bit_bin2num(num, bytes, len) bytes_to_long_long(bytes, num)
#define pq_64bit_num2bin(num, bytes) long_long_to_bytes(num, bytes)
#define pq_64bit_get_word(x) *(x)
#define pq_64bit_lshift(r, x, shift) (*(r) = (*(x) << (shift)))
#define pq_64bit_set_bit(x, num) do { \
PQ_64BIT mask = 1; \
mask = mask << (num); \
*(x) |= mask; \
} while(0)
#endif /* OPENSSL_SYS_VMS */
#endif

8
include/openssl/pqueue.h
View File

@ -64,20 +64,18 @@
#include <stdlib.h>
#include <string.h>
#include <openssl/pq_compat.h>
typedef struct _pqueue *pqueue;
typedef struct _pitem
{
PQ_64BIT priority;
unsigned char priority[8]; /* 64-bit value in big-endian encoding */
void *data;
struct _pitem *next;
} pitem;
typedef struct _pitem *piterator;
pitem *pitem_new(PQ_64BIT priority, void *data);
pitem *pitem_new(unsigned char *prio64be, void *data);
void pitem_free(pitem *item);
pqueue pqueue_new(void);
@ -86,7 +84,7 @@ void pqueue_free(pqueue pq);
pitem *pqueue_insert(pqueue pq, pitem *item);
pitem *pqueue_peek(pqueue pq);
pitem *pqueue_pop(pqueue pq);
pitem *pqueue_find(pqueue pq, PQ_64BIT priority);
pitem *pqueue_find(pqueue pq, unsigned char *prio64be);
pitem *pqueue_iterator(pqueue pq);
pitem *pqueue_next(piterator *iter);

29
include/openssl/rand.h
View File

@ -72,7 +72,7 @@ extern "C" {
#endif
#if defined(OPENSSL_FIPS)
#define FIPS_RAND_SIZE_T int
#define FIPS_RAND_SIZE_T size_t
#endif
/* Already defined in ossl_typ.h */
@ -111,15 +111,6 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes);
int RAND_egd(const char *path);
int RAND_egd_bytes(const char *path,int bytes);
int RAND_poll(void);
#ifndef OPENSSL_NO_ENGINE
#ifdef OPENSSL_FIPS
void int_RAND_init_engine_callbacks(void);
void int_RAND_set_callbacks(
int (*set_rand_func)(const RAND_METHOD *meth,
const RAND_METHOD **pmeth),
const RAND_METHOD *(*get_rand_func)(const RAND_METHOD **pmeth));
#endif
#endif
#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
@ -137,29 +128,11 @@ void ERR_load_RAND_strings(void);
/* Error codes for the RAND functions. */
/* Function codes. */
#define RAND_F_ENG_RAND_GET_RAND_METHOD 108
#define RAND_F_FIPS_RAND 103
#define RAND_F_FIPS_RAND_BYTES 102
#define RAND_F_FIPS_RAND_GET_RAND_METHOD 109
#define RAND_F_FIPS_RAND_SET_DT 106
#define RAND_F_FIPS_SET_DT 104
#define RAND_F_FIPS_SET_PRNG_SEED 107
#define RAND_F_FIPS_SET_TEST_MODE 105
#define RAND_F_RAND_GET_RAND_METHOD 101
#define RAND_F_SSLEAY_RAND_BYTES 100
/* Reason codes. */
#define RAND_R_NON_FIPS_METHOD 105
#define RAND_R_NOT_IN_TEST_MODE 106
#define RAND_R_NO_KEY_SET 107
#define RAND_R_PRNG_ASKING_FOR_TOO_MUCH 101
#define RAND_R_PRNG_ERROR 108
#define RAND_R_PRNG_KEYED 109
#define RAND_R_PRNG_NOT_REKEYED 102
#define RAND_R_PRNG_NOT_RESEEDED 103
#define RAND_R_PRNG_NOT_SEEDED 100
#define RAND_R_PRNG_SEED_MUST_NOT_MATCH_KEY 110
#define RAND_R_PRNG_STUCK 104
#ifdef __cplusplus
}

4
include/openssl/rc2.h
View File

@ -79,9 +79,7 @@ typedef struct rc2_key_st
RC2_INT data[64];
} RC2_KEY;
#ifdef OPENSSL_FIPS
void private_RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits);
#endif
void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits);
void RC2_ecb_encrypt(const unsigned char *in,unsigned char *out,RC2_KEY *key,
int enc);

7
include/openssl/rc4.h
View File

@ -64,6 +64,8 @@
#error RC4 is disabled.
#endif
#include <stddef.h>
#ifdef __cplusplus
extern "C" {
#endif
@ -76,11 +78,8 @@ typedef struct rc4_key_st
const char *RC4_options(void);
#ifdef OPENSSL_FIPS
void private_RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
#endif
void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata,
void RC4(RC4_KEY *key, size_t len, const unsigned char *indata,
unsigned char *outdata);
#ifdef __cplusplus

6
include/openssl/ripemd.h
View File

@ -70,7 +70,7 @@ extern "C" {
#error RIPEMD is disabled.
#endif
#if defined(OPENSSL_SYS_WIN16) || defined(__LP32__)
#if defined(__LP32__)
#define RIPEMD160_LONG unsigned long
#elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
#define RIPEMD160_LONG unsigned long
@ -90,9 +90,7 @@ typedef struct RIPEMD160state_st
RIPEMD160_LONG data[RIPEMD160_LBLOCK];
unsigned int num;
} RIPEMD160_CTX;
#ifdef OPENSSL_FIPS
int private_RIPEMD160_Init(RIPEMD160_CTX *c);
#endif
int RIPEMD160_Init(RIPEMD160_CTX *c);
int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, size_t len);
int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c);

89
include/openssl/rsa.h
View File

@ -74,25 +74,6 @@
#error RSA is disabled.
#endif
/* If this flag is set the RSA method is FIPS compliant and can be used
* in FIPS mode. This is set in the validated module method. If an
* application sets this flag in its own methods it is its reposibility
* to ensure the result is compliant.
*/
#define RSA_FLAG_FIPS_METHOD 0x0400
/* If this flag is set the operations normally disabled in FIPS mode are
* permitted it is then the applications responsibility to ensure that the
* usage is compliant.
*/
#define RSA_FLAG_NON_FIPS_ALLOW 0x0400
#ifdef OPENSSL_FIPS
#define FIPS_RSA_SIZE_T int
#endif
#ifdef __cplusplus
extern "C" {
#endif
@ -136,7 +117,8 @@ struct rsa_meth_st
unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
int (*rsa_verify)(int dtype,
const unsigned char *m, unsigned int m_length,
unsigned char *sigbuf, unsigned int siglen, const RSA *rsa);
const unsigned char *sigbuf, unsigned int siglen,
const RSA *rsa);
/* If this callback is NULL, the builtin software RSA key-gen will be used. This
* is for behavioural compatibility whilst the code gets rewired, but one day
* it would be nice to assume there are no such things as "builtin software"
@ -182,8 +164,6 @@ struct rsa_st
# define OPENSSL_RSA_MAX_MODULUS_BITS 16384
#endif
#define OPENSSL_RSA_FIPS_MIN_MODULUS_BITS 1024
#ifndef OPENSSL_RSA_SMALL_MODULUS_BITS
# define OPENSSL_RSA_SMALL_MODULUS_BITS 3072
#endif
@ -238,11 +218,37 @@ struct rsa_st
#endif
#define EVP_PKEY_CTX_set_rsa_padding(ctx, pad) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, EVP_PKEY_CTRL_RSA_PADDING, \
pad, NULL)
#define EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, len) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
(EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
EVP_PKEY_CTRL_RSA_PSS_SALTLEN, \
len, NULL)
#define EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \
EVP_PKEY_CTRL_RSA_KEYGEN_BITS, bits, NULL)
#define EVP_PKEY_CTX_set_rsa_keygen_pubexp(ctx, pubexp) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \
EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, 0, pubexp)
#define EVP_PKEY_CTRL_RSA_PADDING (EVP_PKEY_ALG_CTRL + 1)
#define EVP_PKEY_CTRL_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 2)
#define EVP_PKEY_CTRL_RSA_KEYGEN_BITS (EVP_PKEY_ALG_CTRL + 3)
#define EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP (EVP_PKEY_ALG_CTRL + 4)
#define RSA_PKCS1_PADDING 1
#define RSA_SSLV23_PADDING 2
#define RSA_NO_PADDING 3
#define RSA_PKCS1_OAEP_PADDING 4
#define RSA_X931_PADDING 5
/* EVP_PKEY_ only */
#define RSA_PKCS1_PSS_PADDING 6
#define RSA_PKCS1_PADDING_SIZE 11
@ -261,11 +267,6 @@ RSA * RSA_generate_key(int bits, unsigned long e,void
/* New version */
int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
int RSA_X931_derive_ex(RSA *rsa, BIGNUM *p1, BIGNUM *p2, BIGNUM *q1, BIGNUM *q2,
const BIGNUM *Xp1, const BIGNUM *Xp2, const BIGNUM *Xp,
const BIGNUM *Xq1, const BIGNUM *Xq2, const BIGNUM *Xq,
const BIGNUM *e, BN_GENCB *cb);
int RSA_X931_generate_key_ex(RSA *rsa, int bits, const BIGNUM *e, BN_GENCB *cb);
int RSA_check_key(const RSA *);
/* next 4 return -1 on error */
@ -283,11 +284,6 @@ int RSA_up_ref(RSA *r);
int RSA_flags(const RSA *r);
#ifdef OPENSSL_FIPS
RSA *FIPS_rsa_new(void);
void FIPS_rsa_free(RSA *r);
#endif
void RSA_set_default_method(const RSA_METHOD *meth);
const RSA_METHOD *RSA_get_default_method(void);
const RSA_METHOD *RSA_get_method(const RSA *rsa);
@ -333,7 +329,7 @@ RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length,
int RSA_sign(int type, const unsigned char *m, unsigned int m_length,
unsigned char *sigret, unsigned int *siglen, RSA *rsa);
int RSA_verify(int type, const unsigned char *m, unsigned int m_length,
unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
const unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
/* The following 2 function sign and verify a ASN1_OCTET_STRING
* object inside PKCS#1 padded RSA encryption */
@ -401,9 +397,15 @@ void ERR_load_RSA_strings(void);
/* Error codes for the RSA functions. */
/* Function codes. */
#define RSA_F_FIPS_RSA_SIGN 140
#define RSA_F_FIPS_RSA_VERIFY 141
#define RSA_F_CHECK_PADDING_MD 140
#define RSA_F_DO_RSA_PRINT 146
#define RSA_F_INT_RSA_VERIFY 145
#define RSA_F_MEMORY_LOCK 100
#define RSA_F_OLD_RSA_PRIV_DECODE 147
#define RSA_F_PKEY_RSA_CTRL 143
#define RSA_F_PKEY_RSA_CTRL_STR 144
#define RSA_F_PKEY_RSA_SIGN 142
#define RSA_F_PKEY_RSA_VERIFYRECOVER 141
#define RSA_F_RSA_BUILTIN_KEYGEN 129
#define RSA_F_RSA_CHECK_KEY 123
#define RSA_F_RSA_EAY_PRIVATE_DECRYPT 101
@ -434,11 +436,10 @@ void ERR_load_RSA_strings(void);
#define RSA_F_RSA_PADDING_CHECK_X931 128
#define RSA_F_RSA_PRINT 115
#define RSA_F_RSA_PRINT_FP 116
#define RSA_F_RSA_PRIVATE_ENCRYPT 137
#define RSA_F_RSA_PUBLIC_DECRYPT 138
#define RSA_F_RSA_PRIV_DECODE 137
#define RSA_F_RSA_PRIV_ENCODE 138
#define RSA_F_RSA_PUB_DECODE 139
#define RSA_F_RSA_SETUP_BLINDING 136
#define RSA_F_RSA_SET_DEFAULT_METHOD 139
#define RSA_F_RSA_SET_METHOD 142
#define RSA_F_RSA_SIGN 117
#define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118
#define RSA_F_RSA_VERIFY 119
@ -464,20 +465,25 @@ void ERR_load_RSA_strings(void);
#define RSA_R_DMQ1_NOT_CONGRUENT_TO_D 125
#define RSA_R_D_E_NOT_CONGRUENT_TO_1 123
#define RSA_R_FIRST_OCTET_INVALID 133
#define RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE 144
#define RSA_R_INVALID_DIGEST_LENGTH 143
#define RSA_R_INVALID_HEADER 137
#define RSA_R_INVALID_KEYBITS 145
#define RSA_R_INVALID_MESSAGE_LENGTH 131
#define RSA_R_INVALID_PADDING 138
#define RSA_R_INVALID_PADDING_MODE 141
#define RSA_R_INVALID_PSS_SALTLEN 146
#define RSA_R_INVALID_TRAILER 139
#define RSA_R_INVALID_X931_DIGEST 142
#define RSA_R_IQMP_NOT_INVERSE_OF_Q 126
#define RSA_R_KEY_SIZE_TOO_SMALL 120
#define RSA_R_LAST_OCTET_INVALID 134
#define RSA_R_MODULUS_TOO_LARGE 105
#define RSA_R_NON_FIPS_METHOD 141
#define RSA_R_NO_PUBLIC_EXPONENT 140
#define RSA_R_NULL_BEFORE_BLOCK_MISSING 113
#define RSA_R_N_DOES_NOT_EQUAL_P_Q 127
#define RSA_R_OAEP_DECODING_ERROR 121
#define RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 142
#define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 148
#define RSA_R_PADDING_CHECK_FAILED 114
#define RSA_R_P_NOT_PRIME 128
#define RSA_R_Q_NOT_PRIME 129
@ -488,6 +494,7 @@ void ERR_load_RSA_strings(void);
#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
#define RSA_R_UNKNOWN_ALGORITHM_TYPE 117
#define RSA_R_UNKNOWN_PADDING_TYPE 118
#define RSA_R_VALUE_MISSING 147
#define RSA_R_WRONG_SIGNATURE_LENGTH 119
#ifdef __cplusplus

964
include/openssl/safestack.h
View File

File diff suppressed because it is too large Load Diff

137
include/openssl/seed.h Normal file
View File

@ -0,0 +1,137 @@
/*
* Copyright (c) 2007 KISA(Korea Information Security Agency). All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Neither the name of author nor the names of its contributors may
* be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
*/
/* ====================================================================
* Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#ifndef HEADER_SEED_H
#define HEADER_SEED_H
#include <openssl/opensslconf.h>
#include <openssl/e_os2.h>
#include <openssl/crypto.h>
#ifdef OPENSSL_NO_SEED
#error SEED is disabled.
#endif
#ifdef AES_LONG /* look whether we need 'long' to get 32 bits */
# ifndef SEED_LONG
# define SEED_LONG 1
# endif
#endif
#if !defined(NO_SYS_TYPES_H)
# include <sys/types.h>
#endif
#define SEED_BLOCK_SIZE 16
#define SEED_KEY_LENGTH 16
#ifdef __cplusplus
extern "C" {
#endif
typedef struct seed_key_st {
#ifdef SEED_LONG
unsigned long data[32];
#else
unsigned int data[32];
#endif
} SEED_KEY_SCHEDULE;
void SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH], SEED_KEY_SCHEDULE *ks);
void SEED_encrypt(const unsigned char s[SEED_BLOCK_SIZE], unsigned char d[SEED_BLOCK_SIZE], const SEED_KEY_SCHEDULE *ks);
void SEED_decrypt(const unsigned char s[SEED_BLOCK_SIZE], unsigned char d[SEED_BLOCK_SIZE], const SEED_KEY_SCHEDULE *ks);
void SEED_ecb_encrypt(const unsigned char *in, unsigned char *out, const SEED_KEY_SCHEDULE *ks, int enc);
void SEED_cbc_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const SEED_KEY_SCHEDULE *ks, unsigned char ivec[SEED_BLOCK_SIZE], int enc);
void SEED_cfb128_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const SEED_KEY_SCHEDULE *ks, unsigned char ivec[SEED_BLOCK_SIZE], int *num, int enc);
void SEED_ofb128_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const SEED_KEY_SCHEDULE *ks, unsigned char ivec[SEED_BLOCK_SIZE], int *num);
#ifdef __cplusplus
}
#endif
#endif /* HEADER_SEED_H */

5
include/openssl/sha.h
View File

@ -81,7 +81,7 @@ extern "C" {
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
*/
#if defined(OPENSSL_SYS_WIN16) || defined(__LP32__)
#if defined(__LP32__)
#define SHA_LONG unsigned long
#elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
#define SHA_LONG unsigned long
@ -106,9 +106,6 @@ typedef struct SHAstate_st
} SHA_CTX;
#ifndef OPENSSL_NO_SHA0
#ifdef OPENSSL_FIPS
int private_SHA_Init(SHA_CTX *c);
#endif
int SHA_Init(SHA_CTX *c);
int SHA_Update(SHA_CTX *c, const void *data, size_t len);
int SHA_Final(unsigned char *md, SHA_CTX *c);

526
include/openssl/ssl.h
View File

File diff suppressed because it is too large Load Diff

115
include/openssl/ssl3.h
View File

@ -123,7 +123,6 @@
#include <openssl/buffer.h>
#include <openssl/evp.h>
#include <openssl/ssl.h>
#include <openssl/pq_compat.h>
#ifdef __cplusplus
extern "C" {
@ -163,12 +162,14 @@ extern "C" {
#define SSL3_CK_ADH_DES_64_CBC_SHA 0x0300001A
#define SSL3_CK_ADH_DES_192_CBC_SHA 0x0300001B
#define SSL3_CK_FZA_DMS_NULL_SHA 0x0300001C
#define SSL3_CK_FZA_DMS_FZA_SHA 0x0300001D
#if 0 /* Because it clashes with KRB5, is never used any more, and is safe
to remove according to David Hopwood <david.hopwood@zetnet.co.uk>
of the ietf-tls list */
#define SSL3_CK_FZA_DMS_RC4_SHA 0x0300001E
#if 0
#define SSL3_CK_FZA_DMS_NULL_SHA 0x0300001C
#define SSL3_CK_FZA_DMS_FZA_SHA 0x0300001D
#if 0 /* Because it clashes with KRB5, is never used any more, and is safe
to remove according to David Hopwood <david.hopwood@zetnet.co.uk>
of the ietf-tls list */
#define SSL3_CK_FZA_DMS_RC4_SHA 0x0300001E
#endif
#endif
/* VRS Additional Kerberos5 entries
@ -220,9 +221,11 @@ extern "C" {
#define SSL3_TXT_ADH_DES_64_CBC_SHA "ADH-DES-CBC-SHA"
#define SSL3_TXT_ADH_DES_192_CBC_SHA "ADH-DES-CBC3-SHA"
#define SSL3_TXT_FZA_DMS_NULL_SHA "FZA-NULL-SHA"
#define SSL3_TXT_FZA_DMS_FZA_SHA "FZA-FZA-CBC-SHA"
#define SSL3_TXT_FZA_DMS_RC4_SHA "FZA-RC4-SHA"
#if 0
#define SSL3_TXT_FZA_DMS_NULL_SHA "FZA-NULL-SHA"
#define SSL3_TXT_FZA_DMS_FZA_SHA "FZA-FZA-CBC-SHA"
#define SSL3_TXT_FZA_DMS_RC4_SHA "FZA-RC4-SHA"
#endif
#define SSL3_TXT_KRB5_DES_64_CBC_SHA "KRB5-DES-CBC-SHA"
#define SSL3_TXT_KRB5_DES_192_CBC3_SHA "KRB5-DES-CBC3-SHA"
@ -248,23 +251,65 @@ extern "C" {
#define SSL3_SESSION_ID_SIZE 32
#define SSL3_RT_HEADER_LENGTH 5
/* Due to MS stuffing up, this can change.... */
#if defined(OPENSSL_SYS_WIN16) || \
(defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32))
#define SSL3_RT_MAX_EXTRA (14000)
#ifndef SSL3_ALIGN_PAYLOAD
/* Some will argue that this increases memory footprint, but it's
* not actually true. Point is that malloc has to return at least
* 64-bit aligned pointers, meaning that allocating 5 bytes wastes
* 3 bytes in either case. Suggested pre-gaping simply moves these
* wasted bytes from the end of allocated region to its front,
* but makes data payload aligned, which improves performance:-) */
# define SSL3_ALIGN_PAYLOAD 8
#else
#define SSL3_RT_MAX_EXTRA (16384)
# if (SSL3_ALIGN_PAYLOAD&(SSL3_ALIGN_PAYLOAD-1))!=0
# error "insane SSL3_ALIGN_PAYLOAD"
# undef SSL3_ALIGN_PAYLOAD
# endif
#endif
/* This is the maximum MAC (digest) size used by the SSL library.
* Currently maximum of 20 is used by SHA1, but we reserve for
* future extension for 512-bit hashes.
*/
#define SSL3_RT_MAX_MD_SIZE 64
/* Maximum block size used in all ciphersuites. Currently 16 for AES.
*/
#define SSL_RT_MAX_CIPHER_BLOCK_SIZE 16
#define SSL3_RT_MAX_EXTRA (16384)
/* Maximum plaintext length: defined by SSL/TLS standards */
#define SSL3_RT_MAX_PLAIN_LENGTH 16384
/* Maximum compression overhead: defined by SSL/TLS standards */
#define SSL3_RT_MAX_COMPRESSED_OVERHEAD 1024
/* The standards give a maximum encryption overhead of 1024 bytes.
* In practice the value is lower than this. The overhead is the maximum
* number of padding bytes (256) plus the mac size.
*/
#define SSL3_RT_MAX_ENCRYPTED_OVERHEAD (256 + SSL3_RT_MAX_MD_SIZE)
/* OpenSSL currently only uses a padding length of at most one block so
* the send overhead is smaller.
*/
#define SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD \
(SSL_RT_MAX_CIPHER_BLOCK_SIZE + SSL3_RT_MAX_MD_SIZE)
/* If compression isn't used don't include the compression overhead */
#ifdef OPENSSL_NO_COMP
#define SSL3_RT_MAX_COMPRESSED_LENGTH SSL3_RT_MAX_PLAIN_LENGTH
#define SSL3_RT_MAX_COMPRESSED_LENGTH SSL3_RT_MAX_PLAIN_LENGTH
#else
#define SSL3_RT_MAX_COMPRESSED_LENGTH (1024+SSL3_RT_MAX_PLAIN_LENGTH)
#define SSL3_RT_MAX_COMPRESSED_LENGTH \
(SSL3_RT_MAX_PLAIN_LENGTH+SSL3_RT_MAX_COMPRESSED_OVERHEAD)
#endif
#define SSL3_RT_MAX_ENCRYPTED_LENGTH (1024+SSL3_RT_MAX_COMPRESSED_LENGTH)
#define SSL3_RT_MAX_PACKET_SIZE (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH)
#define SSL3_RT_MAX_DATA_SIZE (1024*1024)
#define SSL3_RT_MAX_ENCRYPTED_LENGTH \
(SSL3_RT_MAX_ENCRYPTED_OVERHEAD+SSL3_RT_MAX_COMPRESSED_LENGTH)
#define SSL3_RT_MAX_PACKET_SIZE \
(SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH)
#define SSL3_MD_CLIENT_FINISHED_CONST "\x43\x4C\x4E\x54"
#define SSL3_MD_SERVER_FINISHED_CONST "\x53\x52\x56\x52"
@ -303,7 +348,7 @@ typedef struct ssl3_record_st
/*rw*/ unsigned char *input; /* where the decode bytes are */
/*r */ unsigned char *comp; /* only used with decompression - malloc()ed */
/*r */ unsigned long epoch; /* epoch number, needed by DTLS1 */
/*r */ PQ_64BIT seq_num; /* sequence number, needed by DTLS1 */
/*r */ unsigned char seq_num[8]; /* sequence number, needed by DTLS1 */
} SSL3_RECORD;
typedef struct ssl3_buffer_st
@ -326,13 +371,14 @@ typedef struct ssl3_buffer_st
* enough to contain all of the cert types defined either for
* SSLv3 and TLSv1.
*/
#define SSL3_CT_NUMBER 7
#define SSL3_CT_NUMBER 9
#define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001
#define SSL3_FLAGS_DELAY_CLIENT_FINISHED 0x0002
#define SSL3_FLAGS_POP_BUFFER 0x0004
#define TLS1_FLAGS_TLS_PADDING_BUG 0x0008
#define TLS1_FLAGS_SKIP_CERT_VERIFY 0x0010
typedef struct ssl3_state_st
{
@ -340,8 +386,10 @@ typedef struct ssl3_state_st
int delay_buf_pop_ret;
unsigned char read_sequence[8];
int read_mac_secret_size;
unsigned char read_mac_secret[EVP_MAX_MD_SIZE];
unsigned char write_sequence[8];
int write_mac_secret_size;
unsigned char write_mac_secret[EVP_MAX_MD_SIZE];
unsigned char server_random[SSL3_RANDOM_SIZE];
@ -351,6 +399,9 @@ typedef struct ssl3_state_st
int need_empty_fragments;
int empty_fragment_done;
/* The value of 'extra' when the buffers were initialized */
int init_extra;
SSL3_BUFFER rbuf; /* read IO goes into here */
SSL3_BUFFER wbuf; /* write IO goes into here */
@ -372,9 +423,11 @@ typedef struct ssl3_state_st
const unsigned char *wpend_buf;
/* used during startup, digest all incoming/outgoing packets */
EVP_MD_CTX finish_dgst1;
EVP_MD_CTX finish_dgst2;
BIO *handshake_buffer;
/* When set of handshake digests is determined, buffer is hashed
* and freed and MD_CTX-es for all required digests are stored in
* this array */
EVP_MD_CTX **handshake_dgst;
/* this is set whenerver we see a change_cipher_spec message
* come in when we are not looking for one */
int change_cipher_spec;
@ -394,6 +447,14 @@ typedef struct ssl3_state_st
int in_read_app_data;
/* Opaque PRF input as used for the current handshake.
* These fields are used only if TLSEXT_TYPE_opaque_prf_input is defined
* (otherwise, they are merely present to improve binary compatibility) */
void *client_opaque_prf_input;
size_t client_opaque_prf_input_len;
void *server_opaque_prf_input;
size_t server_opaque_prf_input_len;
struct {
/* actually only needs to be 16+20 */
unsigned char cert_verify_md[EVP_MAX_MD_SIZE*2];
@ -408,7 +469,7 @@ typedef struct ssl3_state_st
int message_type;
/* used to hold the new cipher we are going to use */
SSL_CIPHER *new_cipher;
const SSL_CIPHER *new_cipher;
#ifndef OPENSSL_NO_DH
DH *dh;
#endif
@ -435,6 +496,8 @@ typedef struct ssl3_state_st
const EVP_CIPHER *new_sym_enc;
const EVP_MD *new_hash;
int new_mac_pkey_type;
int new_mac_secret_size;
#ifndef OPENSSL_NO_COMP
const SSL_COMP *new_compression;
#else

49
include/openssl/stack.h
View File

@ -70,37 +70,36 @@ typedef struct stack_st
int sorted;
int num_alloc;
int (*comp)(const char * const *, const char * const *);
} STACK;
int (*comp)(const void *, const void *);
} _STACK; /* Use STACK_OF(...) instead */
#define M_sk_num(sk) ((sk) ? (sk)->num:-1)
#define M_sk_value(sk,n) ((sk) ? (sk)->data[n] : NULL)
int sk_num(const STACK *);
char *sk_value(const STACK *, int);
int sk_num(const _STACK *);
void *sk_value(const _STACK *, int);
char *sk_set(STACK *, int, char *);
void *sk_set(_STACK *, int, void *);
STACK *sk_new(int (*cmp)(const char * const *, const char * const *));
STACK *sk_new_null(void);
void sk_free(STACK *);
void sk_pop_free(STACK *st, void (*func)(void *));
int sk_insert(STACK *sk,char *data,int where);
char *sk_delete(STACK *st,int loc);
char *sk_delete_ptr(STACK *st, char *p);
int sk_find(STACK *st,char *data);
int sk_find_ex(STACK *st,char *data);
int sk_push(STACK *st,char *data);
int sk_unshift(STACK *st,char *data);
char *sk_shift(STACK *st);
char *sk_pop(STACK *st);
void sk_zero(STACK *st);
int (*sk_set_cmp_func(STACK *sk, int (*c)(const char * const *,
const char * const *)))
(const char * const *, const char * const *);
STACK *sk_dup(STACK *st);
void sk_sort(STACK *st);
int sk_is_sorted(const STACK *st);
_STACK *sk_new(int (*cmp)(const void *, const void *));
_STACK *sk_new_null(void);
void sk_free(_STACK *);
void sk_pop_free(_STACK *st, void (*func)(void *));
int sk_insert(_STACK *sk, void *data, int where);
void *sk_delete(_STACK *st, int loc);
void *sk_delete_ptr(_STACK *st, void *p);
int sk_find(_STACK *st, void *data);
int sk_find_ex(_STACK *st, void *data);
int sk_push(_STACK *st, void *data);
int sk_unshift(_STACK *st, void *data);
void *sk_shift(_STACK *st);
void *sk_pop(_STACK *st);
void sk_zero(_STACK *st);
int (*sk_set_cmp_func(_STACK *sk, int (*c)(const void *, const void *)))
(const void *, const void *);
_STACK *sk_dup(_STACK *st);
void sk_sort(_STACK *st);
int sk_is_sorted(const _STACK *st);
#ifdef __cplusplus
}

554
include/openssl/store.h
View File

@ -1,554 +0,0 @@
/* crypto/store/store.h -*- mode:C; c-file-style: "eay" -*- */
/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
* project 2003.
*/
/* ====================================================================
* Copyright (c) 2003 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#ifndef HEADER_STORE_H
#define HEADER_STORE_H
#include <openssl/ossl_typ.h>
#ifndef OPENSSL_NO_DEPRECATED
#include <openssl/evp.h>
#include <openssl/bn.h>
#include <openssl/x509.h>
#endif
#ifdef __cplusplus
extern "C" {
#endif
/* Already defined in ossl_typ.h */
/* typedef struct store_st STORE; */
/* typedef struct store_method_st STORE_METHOD; */
/* All the following functions return 0, a negative number or NULL on error.
When everything is fine, they return a positive value or a non-NULL
pointer, all depending on their purpose. */
/* Creators and destructor. */
STORE *STORE_new_method(const STORE_METHOD *method);
STORE *STORE_new_engine(ENGINE *engine);
void STORE_free(STORE *ui);
/* Give a user interface parametrised control commands. This can be used to
send down an integer, a data pointer or a function pointer, as well as
be used to get information from a STORE. */
int STORE_ctrl(STORE *store, int cmd, long i, void *p, void (*f)(void));
/* A control to set the directory with keys and certificates. Used by the
built-in directory level method. */
#define STORE_CTRL_SET_DIRECTORY 0x0001
/* A control to set a file to load. Used by the built-in file level method. */
#define STORE_CTRL_SET_FILE 0x0002
/* A control to set a configuration file to load. Can be used by any method
that wishes to load a configuration file. */
#define STORE_CTRL_SET_CONF_FILE 0x0003
/* A control to set a the section of the loaded configuration file. Can be
used by any method that wishes to load a configuration file. */
#define STORE_CTRL_SET_CONF_SECTION 0x0004
/* Some methods may use extra data */
#define STORE_set_app_data(s,arg) STORE_set_ex_data(s,0,arg)
#define STORE_get_app_data(s) STORE_get_ex_data(s,0)
int STORE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
int STORE_set_ex_data(STORE *r,int idx,void *arg);
void *STORE_get_ex_data(STORE *r, int idx);
/* Use specific methods instead of the built-in one */
const STORE_METHOD *STORE_get_method(STORE *store);
const STORE_METHOD *STORE_set_method(STORE *store, const STORE_METHOD *meth);
/* The standard OpenSSL methods. */
/* This is the in-memory method. It does everything except revoking and updating,
and is of course volatile. It's used by other methods that have an in-memory
cache. */
const STORE_METHOD *STORE_Memory(void);
#if 0 /* Not yet implemented */
/* This is the directory store. It does everything except revoking and updating,
and uses STORE_Memory() to cache things in memory. */
const STORE_METHOD *STORE_Directory(void);
/* This is the file store. It does everything except revoking and updating,
and uses STORE_Memory() to cache things in memory. Certificates are added
to it with the store operation, and it will only get cached certificates. */
const STORE_METHOD *STORE_File(void);
#endif
/* Store functions take a type code for the type of data they should store
or fetch */
typedef enum STORE_object_types
{
STORE_OBJECT_TYPE_X509_CERTIFICATE= 0x01, /* X509 * */
STORE_OBJECT_TYPE_X509_CRL= 0x02, /* X509_CRL * */
STORE_OBJECT_TYPE_PRIVATE_KEY= 0x03, /* EVP_PKEY * */
STORE_OBJECT_TYPE_PUBLIC_KEY= 0x04, /* EVP_PKEY * */
STORE_OBJECT_TYPE_NUMBER= 0x05, /* BIGNUM * */
STORE_OBJECT_TYPE_ARBITRARY= 0x06, /* BUF_MEM * */
STORE_OBJECT_TYPE_NUM= 0x06 /* The amount of known
object types */
} STORE_OBJECT_TYPES;
/* List of text strings corresponding to the object types. */
extern const char * const STORE_object_type_string[STORE_OBJECT_TYPE_NUM+1];
/* Some store functions take a parameter list. Those parameters come with
one of the following codes. The comments following the codes below indicate
what type the value should be a pointer to. */
typedef enum STORE_params
{
STORE_PARAM_EVP_TYPE= 0x01, /* int */
STORE_PARAM_BITS= 0x02, /* size_t */
STORE_PARAM_KEY_PARAMETERS= 0x03, /* ??? */
STORE_PARAM_KEY_NO_PARAMETERS= 0x04, /* N/A */
STORE_PARAM_AUTH_PASSPHRASE= 0x05, /* char * */
STORE_PARAM_AUTH_KRB5_TICKET= 0x06, /* void * */
STORE_PARAM_TYPE_NUM= 0x06 /* The amount of known
parameter types */
} STORE_PARAM_TYPES;
/* Parameter value sizes. -1 means unknown, anything else is the required size. */
extern const int STORE_param_sizes[STORE_PARAM_TYPE_NUM+1];
/* Store functions take attribute lists. Those attributes come with codes.
The comments following the codes below indicate what type the value should
be a pointer to. */
typedef enum STORE_attribs
{
STORE_ATTR_END= 0x00,
STORE_ATTR_FRIENDLYNAME= 0x01, /* C string */
STORE_ATTR_KEYID= 0x02, /* 160 bit string (SHA1) */
STORE_ATTR_ISSUERKEYID= 0x03, /* 160 bit string (SHA1) */
STORE_ATTR_SUBJECTKEYID= 0x04, /* 160 bit string (SHA1) */
STORE_ATTR_ISSUERSERIALHASH= 0x05, /* 160 bit string (SHA1) */
STORE_ATTR_ISSUER= 0x06, /* X509_NAME * */
STORE_ATTR_SERIAL= 0x07, /* BIGNUM * */
STORE_ATTR_SUBJECT= 0x08, /* X509_NAME * */
STORE_ATTR_CERTHASH= 0x09, /* 160 bit string (SHA1) */
STORE_ATTR_EMAIL= 0x0a, /* C string */
STORE_ATTR_FILENAME= 0x0b, /* C string */
STORE_ATTR_TYPE_NUM= 0x0b, /* The amount of known
attribute types */
STORE_ATTR_OR= 0xff /* This is a special
separator, which
expresses the OR
operation. */
} STORE_ATTR_TYPES;
/* Attribute value sizes. -1 means unknown, anything else is the required size. */
extern const int STORE_attr_sizes[STORE_ATTR_TYPE_NUM+1];
typedef enum STORE_certificate_status
{
STORE_X509_VALID= 0x00,
STORE_X509_EXPIRED= 0x01,
STORE_X509_SUSPENDED= 0x02,
STORE_X509_REVOKED= 0x03
} STORE_CERTIFICATE_STATUS;
/* Engine store functions will return a structure that contains all the necessary
* information, including revokation status for certificates. This is really not
* needed for application authors, as the ENGINE framework functions will extract
* the OpenSSL-specific information when at all possible. However, for engine
* authors, it's crucial to know this structure. */
typedef struct STORE_OBJECT_st
{
STORE_OBJECT_TYPES type;
union
{
struct
{
STORE_CERTIFICATE_STATUS status;
X509 *certificate;
} x509;
X509_CRL *crl;
EVP_PKEY *key;
BIGNUM *number;
BUF_MEM *arbitrary;
} data;
} STORE_OBJECT;
DECLARE_STACK_OF(STORE_OBJECT)
STORE_OBJECT *STORE_OBJECT_new(void);
void STORE_OBJECT_free(STORE_OBJECT *data);
/* The following functions handle the storage. They return 0, a negative number
or NULL on error, anything else on success. */
X509 *STORE_get_certificate(STORE *e, OPENSSL_ITEM attributes[],
OPENSSL_ITEM parameters[]);
int STORE_store_certificate(STORE *e, X509 *data, OPENSSL_ITEM attributes[],
OPENSSL_ITEM parameters[]);
int STORE_modify_certificate(STORE *e, OPENSSL_ITEM search_attributes[],
OPENSSL_ITEM add_attributes[], OPENSSL_ITEM modify_attributes[],
OPENSSL_ITEM delete_attributes[], OPENSSL_ITEM parameters[]);
int STORE_revoke_certificate(STORE *e, OPENSSL_ITEM attributes[],
OPENSSL_ITEM parameters[]);
int STORE_delete_certificate(STORE *e, OPENSSL_ITEM attributes[],
OPENSSL_ITEM parameters[]);
void *STORE_list_certificate_start(STORE *e, OPENSSL_ITEM attributes[],
OPENSSL_ITEM parameters[]);
X509 *STORE_list_certificate_next(STORE *e, void *handle);
int STORE_list_certificate_end(STORE *e, void *handle);
int STORE_list_certificate_endp(STORE *e, void *handle);
EVP_PKEY *STORE_generate_key(STORE *e, OPENSSL_ITEM attributes[],
OPENSSL_ITEM parameters[]);
EVP_PKEY *STORE_get_private_key(STORE *e, OPENSSL_ITEM attributes[],
OPENSSL_ITEM parameters[]);
int STORE_store_private_key(STORE *e, EVP_PKEY *data,
OPENSSL_ITEM attributes[], OPENSSL_ITEM parameters[]);
int STORE_modify_private_key(STORE *e, OPENSSL_ITEM search_attributes[],
OPENSSL_ITEM add_sttributes[], OPENSSL_ITEM modify_attributes[],
OPENSSL_ITEM delete_attributes[], OPENSSL_ITEM parameters[]);
int STORE_revoke_private_key(STORE *e, OPENSSL_ITEM attributes[],
OPENSSL_ITEM parameters[]);
int STORE_delete_private_key(STORE *e, OPENSSL_ITEM attributes[],
OPENSSL_ITEM parameters[]);
void *STORE_list_private_key_start(STORE *e, OPENSSL_ITEM attributes[],
OPENSSL_ITEM parameters[]);
EVP_PKEY *STORE_list_private_key_next(STORE *e, void *handle);
int STORE_list_private_key_end(STORE *e, void *handle);
int STORE_list_private_key_endp(STORE *e, void *handle);
EVP_PKEY *STORE_get_public_key(STORE *e, OPENSSL_ITEM attributes[],
OPENSSL_ITEM parameters[]);
int STORE_store_public_key(STORE *e, EVP_PKEY *data, OPENSSL_ITEM attributes[],
OPENSSL_ITEM parameters[]);
int STORE_modify_public_key(STORE *e, OPENSSL_ITEM search_attributes[],
OPENSSL_ITEM add_sttributes[], OPENSSL_ITEM modify_attributes[],
OPENSSL_ITEM delete_attributes[], OPENSSL_ITEM parameters[]);
int STORE_revoke_public_key(STORE *e, OPENSSL_ITEM attributes[],
OPENSSL_ITEM parameters[]);
int STORE_delete_public_key(STORE *e, OPENSSL_ITEM attributes[],
OPENSSL_ITEM parameters[]);
void *STORE_list_public_key_start(STORE *e, OPENSSL_ITEM attributes[],
OPENSSL_ITEM parameters[]);
EVP_PKEY *STORE_list_public_key_next(STORE *e, void *handle);
int STORE_list_public_key_end(STORE *e, void *handle);
int STORE_list_public_key_endp(STORE *e, void *handle);
X509_CRL *STORE_generate_crl(STORE *e, OPENSSL_ITEM attributes[],
OPENSSL_ITEM parameters[]);
X509_CRL *STORE_get_crl(STORE *e, OPENSSL_ITEM attributes[],
OPENSSL_ITEM parameters[]);
int STORE_store_crl(STORE *e, X509_CRL *data, OPENSSL_ITEM attributes[],
OPENSSL_ITEM parameters[]);
int STORE_modify_crl(STORE *e, OPENSSL_ITEM search_attributes[],
OPENSSL_ITEM add_sttributes[], OPENSSL_ITEM modify_attributes[],
OPENSSL_ITEM delete_attributes[], OPENSSL_ITEM parameters[]);
int STORE_delete_crl(STORE *e, OPENSSL_ITEM attributes[],
OPENSSL_ITEM parameters[]);
void *STORE_list_crl_start(STORE *e, OPENSSL_ITEM attributes[],
OPENSSL_ITEM parameters[]);
X509_CRL *STORE_list_crl_next(STORE *e, void *handle);
int STORE_list_crl_end(STORE *e, void *handle);
int STORE_list_crl_endp(STORE *e, void *handle);
int STORE_store_number(STORE *e, BIGNUM *data, OPENSSL_ITEM attributes[],
OPENSSL_ITEM parameters[]);
int STORE_modify_number(STORE *e, OPENSSL_ITEM search_attributes[],
OPENSSL_ITEM add_sttributes[], OPENSSL_ITEM modify_attributes[],
OPENSSL_ITEM delete_attributes[], OPENSSL_ITEM parameters[]);
BIGNUM *STORE_get_number(STORE *e, OPENSSL_ITEM attributes[],
OPENSSL_ITEM parameters[]);
int STORE_delete_number(STORE *e, OPENSSL_ITEM attributes[],
OPENSSL_ITEM parameters[]);
int STORE_store_arbitrary(STORE *e, BUF_MEM *data, OPENSSL_ITEM attributes[],
OPENSSL_ITEM parameters[]);
int STORE_modify_arbitrary(STORE *e, OPENSSL_ITEM search_attributes[],
OPENSSL_ITEM add_sttributes[], OPENSSL_ITEM modify_attributes[],
OPENSSL_ITEM delete_attributes[], OPENSSL_ITEM parameters[]);
BUF_MEM *STORE_get_arbitrary(STORE *e, OPENSSL_ITEM attributes[],
OPENSSL_ITEM parameters[]);
int STORE_delete_arbitrary(STORE *e, OPENSSL_ITEM attributes[],
OPENSSL_ITEM parameters[]);
/* Create and manipulate methods */
STORE_METHOD *STORE_create_method(char *name);
void STORE_destroy_method(STORE_METHOD *store_method);
/* These callback types are use for store handlers */
typedef int (*STORE_INITIALISE_FUNC_PTR)(STORE *);
typedef void (*STORE_CLEANUP_FUNC_PTR)(STORE *);
typedef STORE_OBJECT *(*STORE_GENERATE_OBJECT_FUNC_PTR)(STORE *, STORE_OBJECT_TYPES type, OPENSSL_ITEM attributes[], OPENSSL_ITEM parameters[]);
typedef STORE_OBJECT *(*STORE_GET_OBJECT_FUNC_PTR)(STORE *, STORE_OBJECT_TYPES type, OPENSSL_ITEM attributes[], OPENSSL_ITEM parameters[]);
typedef void *(*STORE_START_OBJECT_FUNC_PTR)(STORE *, STORE_OBJECT_TYPES type, OPENSSL_ITEM attributes[], OPENSSL_ITEM parameters[]);
typedef STORE_OBJECT *(*STORE_NEXT_OBJECT_FUNC_PTR)(STORE *, void *handle);
typedef int (*STORE_END_OBJECT_FUNC_PTR)(STORE *, void *handle);
typedef int (*STORE_HANDLE_OBJECT_FUNC_PTR)(STORE *, STORE_OBJECT_TYPES type, OPENSSL_ITEM attributes[], OPENSSL_ITEM parameters[]);
typedef int (*STORE_STORE_OBJECT_FUNC_PTR)(STORE *, STORE_OBJECT_TYPES type, STORE_OBJECT *data, OPENSSL_ITEM attributes[], OPENSSL_ITEM parameters[]);
typedef int (*STORE_MODIFY_OBJECT_FUNC_PTR)(STORE *, STORE_OBJECT_TYPES type, OPENSSL_ITEM search_attributes[], OPENSSL_ITEM add_attributes[], OPENSSL_ITEM modify_attributes[], OPENSSL_ITEM delete_attributes[], OPENSSL_ITEM parameters[]);
typedef int (*STORE_GENERIC_FUNC_PTR)(STORE *, OPENSSL_ITEM attributes[], OPENSSL_ITEM parameters[]);
typedef int (*STORE_CTRL_FUNC_PTR)(STORE *, int cmd, long l, void *p, void (*f)(void));
int STORE_method_set_initialise_function(STORE_METHOD *sm, STORE_INITIALISE_FUNC_PTR init_f);
int STORE_method_set_cleanup_function(STORE_METHOD *sm, STORE_CLEANUP_FUNC_PTR clean_f);
int STORE_method_set_generate_function(STORE_METHOD *sm, STORE_GENERATE_OBJECT_FUNC_PTR generate_f);
int STORE_method_set_get_function(STORE_METHOD *sm, STORE_GET_OBJECT_FUNC_PTR get_f);
int STORE_method_set_store_function(STORE_METHOD *sm, STORE_STORE_OBJECT_FUNC_PTR store_f);
int STORE_method_set_modify_function(STORE_METHOD *sm, STORE_MODIFY_OBJECT_FUNC_PTR store_f);
int STORE_method_set_revoke_function(STORE_METHOD *sm, STORE_HANDLE_OBJECT_FUNC_PTR revoke_f);
int STORE_method_set_delete_function(STORE_METHOD *sm, STORE_HANDLE_OBJECT_FUNC_PTR delete_f);
int STORE_method_set_list_start_function(STORE_METHOD *sm, STORE_START_OBJECT_FUNC_PTR list_start_f);
int STORE_method_set_list_next_function(STORE_METHOD *sm, STORE_NEXT_OBJECT_FUNC_PTR list_next_f);
int STORE_method_set_list_end_function(STORE_METHOD *sm, STORE_END_OBJECT_FUNC_PTR list_end_f);
int STORE_method_set_update_store_function(STORE_METHOD *sm, STORE_GENERIC_FUNC_PTR);
int STORE_method_set_lock_store_function(STORE_METHOD *sm, STORE_GENERIC_FUNC_PTR);
int STORE_method_set_unlock_store_function(STORE_METHOD *sm, STORE_GENERIC_FUNC_PTR);
int STORE_method_set_ctrl_function(STORE_METHOD *sm, STORE_CTRL_FUNC_PTR ctrl_f);
STORE_INITIALISE_FUNC_PTR STORE_method_get_initialise_function(STORE_METHOD *sm);
STORE_CLEANUP_FUNC_PTR STORE_method_get_cleanup_function(STORE_METHOD *sm);
STORE_GENERATE_OBJECT_FUNC_PTR STORE_method_get_generate_function(STORE_METHOD *sm);
STORE_GET_OBJECT_FUNC_PTR STORE_method_get_get_function(STORE_METHOD *sm);
STORE_STORE_OBJECT_FUNC_PTR STORE_method_get_store_function(STORE_METHOD *sm);
STORE_MODIFY_OBJECT_FUNC_PTR STORE_method_get_modify_function(STORE_METHOD *sm);
STORE_HANDLE_OBJECT_FUNC_PTR STORE_method_get_revoke_function(STORE_METHOD *sm);
STORE_HANDLE_OBJECT_FUNC_PTR STORE_method_get_delete_function(STORE_METHOD *sm);
STORE_START_OBJECT_FUNC_PTR STORE_method_get_list_start_function(STORE_METHOD *sm);
STORE_NEXT_OBJECT_FUNC_PTR STORE_method_get_list_next_function(STORE_METHOD *sm);
STORE_END_OBJECT_FUNC_PTR STORE_method_get_list_end_function(STORE_METHOD *sm);
STORE_GENERIC_FUNC_PTR STORE_method_get_update_store_function(STORE_METHOD *sm);
STORE_GENERIC_FUNC_PTR STORE_method_get_lock_store_function(STORE_METHOD *sm);
STORE_GENERIC_FUNC_PTR STORE_method_get_unlock_store_function(STORE_METHOD *sm);
STORE_CTRL_FUNC_PTR STORE_method_get_ctrl_function(STORE_METHOD *sm);
/* Method helper structures and functions. */
/* This structure is the result of parsing through the information in a list
of OPENSSL_ITEMs. It stores all the necessary information in a structured
way.*/
typedef struct STORE_attr_info_st STORE_ATTR_INFO;
/* Parse a list of OPENSSL_ITEMs and return a pointer to a STORE_ATTR_INFO.
Note that we do this in the list form, since the list of OPENSSL_ITEMs can
come in blocks separated with STORE_ATTR_OR. Note that the value returned
by STORE_parse_attrs_next() must be freed with STORE_ATTR_INFO_free(). */
void *STORE_parse_attrs_start(OPENSSL_ITEM *attributes);
STORE_ATTR_INFO *STORE_parse_attrs_next(void *handle);
int STORE_parse_attrs_end(void *handle);
int STORE_parse_attrs_endp(void *handle);
/* Creator and destructor */
STORE_ATTR_INFO *STORE_ATTR_INFO_new(void);
int STORE_ATTR_INFO_free(STORE_ATTR_INFO *attrs);
/* Manipulators */
char *STORE_ATTR_INFO_get0_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code);
unsigned char *STORE_ATTR_INFO_get0_sha1str(STORE_ATTR_INFO *attrs,
STORE_ATTR_TYPES code);
X509_NAME *STORE_ATTR_INFO_get0_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code);
BIGNUM *STORE_ATTR_INFO_get0_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code);
int STORE_ATTR_INFO_set_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
char *cstr, size_t cstr_size);
int STORE_ATTR_INFO_set_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
unsigned char *sha1str, size_t sha1str_size);
int STORE_ATTR_INFO_set_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
X509_NAME *dn);
int STORE_ATTR_INFO_set_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
BIGNUM *number);
int STORE_ATTR_INFO_modify_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
char *cstr, size_t cstr_size);
int STORE_ATTR_INFO_modify_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
unsigned char *sha1str, size_t sha1str_size);
int STORE_ATTR_INFO_modify_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
X509_NAME *dn);
int STORE_ATTR_INFO_modify_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
BIGNUM *number);
/* Compare on basis of a bit pattern formed by the STORE_ATTR_TYPES values
in each contained attribute. */
int STORE_ATTR_INFO_compare(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b);
/* Check if the set of attributes in a is within the range of attributes
set in b. */
int STORE_ATTR_INFO_in_range(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b);
/* Check if the set of attributes in a are also set in b. */
int STORE_ATTR_INFO_in(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b);
/* Same as STORE_ATTR_INFO_in(), but also checks the attribute values. */
int STORE_ATTR_INFO_in_ex(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b);
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_STORE_strings(void);
/* Error codes for the STORE functions. */
/* Function codes. */
#define STORE_F_MEM_DELETE 134
#define STORE_F_MEM_GENERATE 135
#define STORE_F_MEM_LIST_END 168
#define STORE_F_MEM_LIST_NEXT 136
#define STORE_F_MEM_LIST_START 137
#define STORE_F_MEM_MODIFY 169
#define STORE_F_MEM_STORE 138
#define STORE_F_STORE_ATTR_INFO_GET0_CSTR 139
#define STORE_F_STORE_ATTR_INFO_GET0_DN 140
#define STORE_F_STORE_ATTR_INFO_GET0_NUMBER 141
#define STORE_F_STORE_ATTR_INFO_GET0_SHA1STR 142
#define STORE_F_STORE_ATTR_INFO_MODIFY_CSTR 143
#define STORE_F_STORE_ATTR_INFO_MODIFY_DN 144
#define STORE_F_STORE_ATTR_INFO_MODIFY_NUMBER 145
#define STORE_F_STORE_ATTR_INFO_MODIFY_SHA1STR 146
#define STORE_F_STORE_ATTR_INFO_SET_CSTR 147
#define STORE_F_STORE_ATTR_INFO_SET_DN 148
#define STORE_F_STORE_ATTR_INFO_SET_NUMBER 149
#define STORE_F_STORE_ATTR_INFO_SET_SHA1STR 150
#define STORE_F_STORE_CERTIFICATE 170
#define STORE_F_STORE_CTRL 161
#define STORE_F_STORE_DELETE_ARBITRARY 158
#define STORE_F_STORE_DELETE_CERTIFICATE 102
#define STORE_F_STORE_DELETE_CRL 103
#define STORE_F_STORE_DELETE_NUMBER 104
#define STORE_F_STORE_DELETE_PRIVATE_KEY 105
#define STORE_F_STORE_DELETE_PUBLIC_KEY 106
#define STORE_F_STORE_GENERATE_CRL 107
#define STORE_F_STORE_GENERATE_KEY 108
#define STORE_F_STORE_GET_ARBITRARY 159
#define STORE_F_STORE_GET_CERTIFICATE 109
#define STORE_F_STORE_GET_CRL 110
#define STORE_F_STORE_GET_NUMBER 111
#define STORE_F_STORE_GET_PRIVATE_KEY 112
#define STORE_F_STORE_GET_PUBLIC_KEY 113
#define STORE_F_STORE_LIST_CERTIFICATE_END 114
#define STORE_F_STORE_LIST_CERTIFICATE_ENDP 153
#define STORE_F_STORE_LIST_CERTIFICATE_NEXT 115
#define STORE_F_STORE_LIST_CERTIFICATE_START 116
#define STORE_F_STORE_LIST_CRL_END 117
#define STORE_F_STORE_LIST_CRL_ENDP 154
#define STORE_F_STORE_LIST_CRL_NEXT 118
#define STORE_F_STORE_LIST_CRL_START 119
#define STORE_F_STORE_LIST_PRIVATE_KEY_END 120
#define STORE_F_STORE_LIST_PRIVATE_KEY_ENDP 155
#define STORE_F_STORE_LIST_PRIVATE_KEY_NEXT 121
#define STORE_F_STORE_LIST_PRIVATE_KEY_START 122
#define STORE_F_STORE_LIST_PUBLIC_KEY_END 123
#define STORE_F_STORE_LIST_PUBLIC_KEY_ENDP 156
#define STORE_F_STORE_LIST_PUBLIC_KEY_NEXT 124
#define STORE_F_STORE_LIST_PUBLIC_KEY_START 125
#define STORE_F_STORE_MODIFY_ARBITRARY 162
#define STORE_F_STORE_MODIFY_CERTIFICATE 163
#define STORE_F_STORE_MODIFY_CRL 164
#define STORE_F_STORE_MODIFY_NUMBER 165
#define STORE_F_STORE_MODIFY_PRIVATE_KEY 166
#define STORE_F_STORE_MODIFY_PUBLIC_KEY 167
#define STORE_F_STORE_NEW_ENGINE 133
#define STORE_F_STORE_NEW_METHOD 132
#define STORE_F_STORE_PARSE_ATTRS_END 151
#define STORE_F_STORE_PARSE_ATTRS_ENDP 172
#define STORE_F_STORE_PARSE_ATTRS_NEXT 152
#define STORE_F_STORE_PARSE_ATTRS_START 171
#define STORE_F_STORE_REVOKE_CERTIFICATE 129
#define STORE_F_STORE_REVOKE_PRIVATE_KEY 130
#define STORE_F_STORE_REVOKE_PUBLIC_KEY 131
#define STORE_F_STORE_STORE_ARBITRARY 157
#define STORE_F_STORE_STORE_CERTIFICATE 100
#define STORE_F_STORE_STORE_CRL 101
#define STORE_F_STORE_STORE_NUMBER 126
#define STORE_F_STORE_STORE_PRIVATE_KEY 127
#define STORE_F_STORE_STORE_PUBLIC_KEY 128
/* Reason codes. */
#define STORE_R_ALREADY_HAS_A_VALUE 127
#define STORE_R_FAILED_DELETING_ARBITRARY 132
#define STORE_R_FAILED_DELETING_CERTIFICATE 100
#define STORE_R_FAILED_DELETING_KEY 101
#define STORE_R_FAILED_DELETING_NUMBER 102
#define STORE_R_FAILED_GENERATING_CRL 103
#define STORE_R_FAILED_GENERATING_KEY 104
#define STORE_R_FAILED_GETTING_ARBITRARY 133
#define STORE_R_FAILED_GETTING_CERTIFICATE 105
#define STORE_R_FAILED_GETTING_KEY 106
#define STORE_R_FAILED_GETTING_NUMBER 107
#define STORE_R_FAILED_LISTING_CERTIFICATES 108
#define STORE_R_FAILED_LISTING_KEYS 109
#define STORE_R_FAILED_MODIFYING_ARBITRARY 138
#define STORE_R_FAILED_MODIFYING_CERTIFICATE 139
#define STORE_R_FAILED_MODIFYING_CRL 140
#define STORE_R_FAILED_MODIFYING_NUMBER 141
#define STORE_R_FAILED_MODIFYING_PRIVATE_KEY 142
#define STORE_R_FAILED_MODIFYING_PUBLIC_KEY 143
#define STORE_R_FAILED_REVOKING_CERTIFICATE 110
#define STORE_R_FAILED_REVOKING_KEY 111
#define STORE_R_FAILED_STORING_ARBITRARY 134
#define STORE_R_FAILED_STORING_CERTIFICATE 112
#define STORE_R_FAILED_STORING_KEY 113
#define STORE_R_FAILED_STORING_NUMBER 114
#define STORE_R_NOT_IMPLEMENTED 128
#define STORE_R_NO_CONTROL_FUNCTION 144
#define STORE_R_NO_DELETE_ARBITRARY_FUNCTION 135
#define STORE_R_NO_DELETE_NUMBER_FUNCTION 115
#define STORE_R_NO_DELETE_OBJECT_FUNCTION 116
#define STORE_R_NO_GENERATE_CRL_FUNCTION 117
#define STORE_R_NO_GENERATE_OBJECT_FUNCTION 118
#define STORE_R_NO_GET_OBJECT_ARBITRARY_FUNCTION 136
#define STORE_R_NO_GET_OBJECT_FUNCTION 119
#define STORE_R_NO_GET_OBJECT_NUMBER_FUNCTION 120
#define STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION 131
#define STORE_R_NO_LIST_OBJECT_END_FUNCTION 121
#define STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION 122
#define STORE_R_NO_LIST_OBJECT_START_FUNCTION 123
#define STORE_R_NO_MODIFY_OBJECT_FUNCTION 145
#define STORE_R_NO_REVOKE_OBJECT_FUNCTION 124
#define STORE_R_NO_STORE 129
#define STORE_R_NO_STORE_OBJECT_ARBITRARY_FUNCTION 137
#define STORE_R_NO_STORE_OBJECT_FUNCTION 125
#define STORE_R_NO_STORE_OBJECT_NUMBER_FUNCTION 126
#define STORE_R_NO_VALUE 130
#ifdef __cplusplus
}
#endif
#endif

95
include/openssl/symhacks.h
View File

@ -67,10 +67,6 @@
incompatibilities. */
#ifdef OPENSSL_SYS_VMS
/* Hack a long name in crypto/cryptlib.c */
#undef int_CRYPTO_set_do_dynlock_callback
#define int_CRYPTO_set_do_dynlock_callback int_CRYPTO_set_do_dynlock_cb
/* Hack a long name in crypto/ex_data.c */
#undef CRYPTO_get_ex_data_implementation
#define CRYPTO_get_ex_data_implementation CRYPTO_get_ex_data_impl
@ -151,9 +147,9 @@
#undef CRYPTO_set_dynlock_create_callback
#define CRYPTO_set_dynlock_create_callback CRYPTO_set_dynlock_create_cb
#undef CRYPTO_set_dynlock_lock_callback
#define CRYPTO_set_dynlock_lock_callback CRYPTO_set_dynlock_lock_cb
#define CRYPTO_set_dynlock_lock_callback CRYPTO_set_dynlock_lock_cb
#undef CRYPTO_get_dynlock_lock_callback
#define CRYPTO_get_dynlock_lock_callback CRYPTO_get_dynlock_lock_cb
#define CRYPTO_get_dynlock_lock_callback CRYPTO_get_dynlock_lock_cb
#undef CRYPTO_get_dynlock_destroy_callback
#define CRYPTO_get_dynlock_destroy_callback CRYPTO_get_dynlock_destroy_cb
#undef CRYPTO_get_dynlock_create_callback
@ -165,7 +161,7 @@
/* Hack some long SSL names */
#undef SSL_CTX_set_default_verify_paths
#define SSL_CTX_set_default_verify_paths SSL_CTX_set_def_verify_paths
#define SSL_CTX_set_default_verify_paths SSL_CTX_set_def_verify_paths
#undef SSL_get_ex_data_X509_STORE_CTX_idx
#define SSL_get_ex_data_X509_STORE_CTX_idx SSL_get_ex_d_X509_STORE_CTX_idx
#undef SSL_add_file_cert_subjects_to_stack
@ -175,21 +171,38 @@
#undef SSL_CTX_use_certificate_chain_file
#define SSL_CTX_use_certificate_chain_file SSL_CTX_use_cert_chain_file
#undef SSL_CTX_set_cert_verify_callback
#define SSL_CTX_set_cert_verify_callback SSL_CTX_set_cert_verify_cb
#define SSL_CTX_set_cert_verify_callback SSL_CTX_set_cert_verify_cb
#undef SSL_CTX_set_default_passwd_cb_userdata
#define SSL_CTX_set_default_passwd_cb_userdata SSL_CTX_set_def_passwd_cb_ud
#undef SSL_COMP_get_compression_methods
#define SSL_COMP_get_compression_methods SSL_COMP_get_compress_methods
#undef ssl_add_clienthello_renegotiate_ext
#define ssl_add_clienthello_renegotiate_ext ssl_add_clienthello_reneg_ext
#undef ssl_add_serverhello_renegotiate_ext
#define ssl_add_serverhello_renegotiate_ext ssl_add_serverhello_reneg_ext
#undef ssl_parse_clienthello_renegotiate_ext
#define ssl_parse_clienthello_renegotiate_ext ssl_parse_clienthello_reneg_ext
#undef ssl_parse_serverhello_renegotiate_ext
#define ssl_parse_serverhello_renegotiate_ext ssl_parse_serverhello_reneg_ext
/* Hack some long ENGINE names */
#undef ENGINE_get_default_BN_mod_exp_crt
#define ENGINE_get_default_BN_mod_exp_crt ENGINE_get_def_BN_mod_exp_crt
#undef ENGINE_set_default_BN_mod_exp_crt
#define ENGINE_set_default_BN_mod_exp_crt ENGINE_set_def_BN_mod_exp_crt
#undef ENGINE_set_load_privkey_function
#define ENGINE_set_load_privkey_function ENGINE_set_load_privkey_fn
#define ENGINE_set_load_privkey_function ENGINE_set_load_privkey_fn
#undef ENGINE_get_load_privkey_function
#define ENGINE_get_load_privkey_function ENGINE_get_load_privkey_fn
#define ENGINE_get_load_privkey_function ENGINE_get_load_privkey_fn
#undef ENGINE_unregister_pkey_asn1_meths
#define ENGINE_unregister_pkey_asn1_meths ENGINE_unreg_pkey_asn1_meths
#undef ENGINE_register_all_pkey_asn1_meths
#define ENGINE_register_all_pkey_asn1_meths ENGINE_reg_all_pkey_asn1_meths
#undef ENGINE_set_default_pkey_asn1_meths
#define ENGINE_set_default_pkey_asn1_meths ENGINE_set_def_pkey_asn1_meths
#undef ENGINE_get_pkey_asn1_meth_engine
#define ENGINE_get_pkey_asn1_meth_engine ENGINE_get_pkey_asn1_meth_eng
#undef ENGINE_set_load_ssl_client_cert_function
#define ENGINE_set_load_ssl_client_cert_function \
ENGINE_set_ld_ssl_clnt_cert_fn
@ -198,7 +211,7 @@
/* Hack some long OCSP names */
#undef OCSP_REQUEST_get_ext_by_critical
#define OCSP_REQUEST_get_ext_by_critical OCSP_REQUEST_get_ext_by_crit
#define OCSP_REQUEST_get_ext_by_critical OCSP_REQUEST_get_ext_by_crit
#undef OCSP_BASICRESP_get_ext_by_critical
#define OCSP_BASICRESP_get_ext_by_critical OCSP_BASICRESP_get_ext_by_crit
#undef OCSP_SINGLERESP_get_ext_by_critical
@ -215,6 +228,8 @@
#define OPENSSL_add_all_algorithms_noconf OPENSSL_add_all_algo_noconf
#undef OPENSSL_add_all_algorithms_conf
#define OPENSSL_add_all_algorithms_conf OPENSSL_add_all_algo_conf
#undef EVP_PKEY_meth_set_verify_recover
#define EVP_PKEY_meth_set_verify_recover EVP_PKEY_meth_set_vrfy_recover
/* Hack some long EC names */
#undef EC_GROUP_set_point_conversion_form
@ -243,15 +258,15 @@
#define EC_POINT_set_compressed_coordinates_GF2m \
EC_POINT_set_compr_coords_GF2m
#undef ec_GF2m_simple_group_clear_finish
#define ec_GF2m_simple_group_clear_finish ec_GF2m_simple_grp_clr_finish
#define ec_GF2m_simple_group_clear_finish ec_GF2m_simple_grp_clr_finish
#undef ec_GF2m_simple_group_check_discriminant
#define ec_GF2m_simple_group_check_discriminant ec_GF2m_simple_grp_chk_discrim
#undef ec_GF2m_simple_point_clear_finish
#define ec_GF2m_simple_point_clear_finish ec_GF2m_simple_pt_clr_finish
#define ec_GF2m_simple_point_clear_finish ec_GF2m_simple_pt_clr_finish
#undef ec_GF2m_simple_point_set_to_infinity
#define ec_GF2m_simple_point_set_to_infinity ec_GF2m_simple_pt_set_to_inf
#define ec_GF2m_simple_point_set_to_infinity ec_GF2m_simple_pt_set_to_inf
#undef ec_GF2m_simple_points_make_affine
#define ec_GF2m_simple_points_make_affine ec_GF2m_simple_pts_make_affine
#define ec_GF2m_simple_points_make_affine ec_GF2m_simple_pts_make_affine
#undef ec_GF2m_simple_point_set_affine_coordinates
#define ec_GF2m_simple_point_set_affine_coordinates \
ec_GF2m_smp_pt_set_af_coords
@ -266,19 +281,19 @@
#undef ec_GFp_simple_group_get_curve_GFp
#define ec_GFp_simple_group_get_curve_GFp ec_GFp_simple_grp_get_curve_GFp
#undef ec_GFp_simple_group_clear_finish
#define ec_GFp_simple_group_clear_finish ec_GFp_simple_grp_clear_finish
#define ec_GFp_simple_group_clear_finish ec_GFp_simple_grp_clear_finish
#undef ec_GFp_simple_group_set_generator
#define ec_GFp_simple_group_set_generator ec_GFp_simple_grp_set_generator
#undef ec_GFp_simple_group_get0_generator
#define ec_GFp_simple_group_get0_generator ec_GFp_simple_grp_gt0_generator
#undef ec_GFp_simple_group_get_cofactor
#define ec_GFp_simple_group_get_cofactor ec_GFp_simple_grp_get_cofactor
#define ec_GFp_simple_group_get_cofactor ec_GFp_simple_grp_get_cofactor
#undef ec_GFp_simple_point_clear_finish
#define ec_GFp_simple_point_clear_finish ec_GFp_simple_pt_clear_finish
#define ec_GFp_simple_point_clear_finish ec_GFp_simple_pt_clear_finish
#undef ec_GFp_simple_point_set_to_infinity
#define ec_GFp_simple_point_set_to_infinity ec_GFp_simple_pt_set_to_inf
#undef ec_GFp_simple_points_make_affine
#define ec_GFp_simple_points_make_affine ec_GFp_simple_pts_make_affine
#define ec_GFp_simple_points_make_affine ec_GFp_simple_pts_make_affine
#undef ec_GFp_simple_group_get_curve_GFp
#define ec_GFp_simple_group_get_curve_GFp ec_GFp_simple_grp_get_curve_GFp
#undef ec_GFp_simple_set_Jprojective_coordinates_GFp
@ -358,6 +373,14 @@
#undef STORE_method_get_unlock_store_function
#define STORE_method_get_unlock_store_function STORE_meth_get_unlock_store_fn
/* Hack some long TS names */
#undef TS_RESP_CTX_set_status_info_cond
#define TS_RESP_CTX_set_status_info_cond TS_RESP_CTX_set_stat_info_cond
#undef TS_RESP_CTX_set_clock_precision_digits
#define TS_RESP_CTX_set_clock_precision_digits TS_RESP_CTX_set_clk_prec_digits
#undef TS_CONF_set_clock_precision_digits
#define TS_CONF_set_clock_precision_digits TS_CONF_set_clk_prec_digits
/* Hack some long CMS names */
#undef CMS_RecipientInfo_ktri_get0_algs
#define CMS_RecipientInfo_ktri_get0_algs CMS_RecipInfo_ktri_get0_algs
@ -376,24 +399,30 @@
#undef dtls1_retransmit_buffered_messages
#define dtls1_retransmit_buffered_messages dtls1_retransmit_buffered_msgs
/* Hack some long UI names */
#undef UI_method_get_prompt_constructor
#define UI_method_get_prompt_constructor UI_method_get_prompt_constructr
#undef UI_method_set_prompt_constructor
#define UI_method_set_prompt_constructor UI_method_set_prompt_constructr
#endif /* defined OPENSSL_SYS_VMS */
/* Case insensiteve linking causes problems.... */
#if defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2)
/* Case insensitive linking causes problems.... */
#if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2)
#undef ERR_load_CRYPTO_strings
#define ERR_load_CRYPTO_strings ERR_load_CRYPTOlib_strings
#undef OCSP_crlID_new
#define OCSP_crlID_new OCSP_crlID2_new
#define OCSP_crlID_new OCSP_crlID2_new
#undef d2i_ECPARAMETERS
#define d2i_ECPARAMETERS d2i_UC_ECPARAMETERS
#define d2i_ECPARAMETERS d2i_UC_ECPARAMETERS
#undef i2d_ECPARAMETERS
#define i2d_ECPARAMETERS i2d_UC_ECPARAMETERS
#define i2d_ECPARAMETERS i2d_UC_ECPARAMETERS
#undef d2i_ECPKPARAMETERS
#define d2i_ECPKPARAMETERS d2i_UC_ECPKPARAMETERS
#define d2i_ECPKPARAMETERS d2i_UC_ECPKPARAMETERS
#undef i2d_ECPKPARAMETERS
#define i2d_ECPKPARAMETERS i2d_UC_ECPKPARAMETERS
#define i2d_ECPKPARAMETERS i2d_UC_ECPKPARAMETERS
/* These functions do not seem to exist! However, I'm paranoid...
Original command in x509v3.h:
@ -402,19 +431,19 @@
hide them a little, by giving them an extra 'o' at the
beginning of the name... */
#undef X509v3_cleanup_extensions
#define X509v3_cleanup_extensions oX509v3_cleanup_extensions
#define X509v3_cleanup_extensions oX509v3_cleanup_extensions
#undef X509v3_add_extension
#define X509v3_add_extension oX509v3_add_extension
#define X509v3_add_extension oX509v3_add_extension
#undef X509v3_add_netscape_extensions
#define X509v3_add_netscape_extensions oX509v3_add_netscape_extensions
#define X509v3_add_netscape_extensions oX509v3_add_netscape_extensions
#undef X509v3_add_standard_extensions
#define X509v3_add_standard_extensions oX509v3_add_standard_extensions
#define X509v3_add_standard_extensions oX509v3_add_standard_extensions
/* This one clashes with CMS_data_create */
#undef cms_Data_create
#define cms_Data_create priv_cms_Data_create
#endif
#endif /* ! defined HEADER_VMS_IDHACKS_H */
/* This one clashes with CMS_data_create */
#undef cms_Data_create
#define cms_Data_create priv_cms_Data_create

140
include/openssl/tls1.h
View File

@ -55,6 +55,59 @@
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
/* ====================================================================
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
/* ====================================================================
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
*
@ -68,6 +121,32 @@
* Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
*
*/
/* ====================================================================
* Copyright 2005 Nokia. All rights reserved.
*
* The portions of the attached software ("Contribution") is developed by
* Nokia Corporation and is licensed pursuant to the OpenSSL open source
* license.
*
* The Contribution, originally written by Mika Kousa and Pasi Eronen of
* Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
* support (see RFC 4279) to OpenSSL.
*
* No patent licenses or other rights except those expressly stated in
* the OpenSSL open source license shall be deemed granted or received
* expressly, by implication, estoppel, or otherwise.
*
* No assurances are provided by Nokia that the Contribution does not
* infringe the patent or other intellectual property rights of any third
* party or that the license provides you with all the necessary rights
* to make use of the Contribution.
*
* THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
* ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
* SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
* OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
* OTHERWISE.
*/
#ifndef HEADER_TLS1_H
#define HEADER_TLS1_H
@ -104,16 +183,23 @@ extern "C" {
#define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE 114
#define TLS1_AD_UNKNOWN_PSK_IDENTITY 115 /* fatal */
/* ExtensionType values from RFC 3546 */
/* ExtensionType values from RFC3546 / RFC4366 */
#define TLSEXT_TYPE_server_name 0
#define TLSEXT_TYPE_max_fragment_length 1
#define TLSEXT_TYPE_client_certificate_url 2
#define TLSEXT_TYPE_trusted_ca_keys 3
#define TLSEXT_TYPE_truncated_hmac 4
#define TLSEXT_TYPE_status_request 5
/* ExtensionType values from RFC4492 */
#define TLSEXT_TYPE_elliptic_curves 10
#define TLSEXT_TYPE_ec_point_formats 11
#define TLSEXT_TYPE_session_ticket 35
/* ExtensionType value from draft-rescorla-tls-opaque-prf-input-00.txt */
#if 0 /* will have to be provided externally for now ,
* i.e. build with -DTLSEXT_TYPE_opaque_prf_input=38183
* using whatever extension number you'd like to try */
# define TLSEXT_TYPE_opaque_prf_input ?? */
#endif
/* Temporary extension type */
#define TLSEXT_TYPE_renegotiate 0xff01
@ -123,6 +209,13 @@ extern "C" {
/* status request value from RFC 3546 */
#define TLSEXT_STATUSTYPE_ocsp 1
/* ECPointFormat values from draft-ietf-tls-ecc-12 */
#define TLSEXT_ECPOINTFORMAT_first 0
#define TLSEXT_ECPOINTFORMAT_uncompressed 0
#define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime 1
#define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2 2
#define TLSEXT_ECPOINTFORMAT_last 2
#ifndef OPENSSL_NO_TLSEXT
#define TLSEXT_MAXLEN_host_name 255
@ -182,17 +275,31 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB,(void (*)(void))cb)
#define SSL_CTX_set_tlsext_status_arg(ssl, arg) \
SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG,0, (void *)arg)
#define SSL_set_tlsext_opaque_prf_input(s, src, len) \
SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT, len, src)
#define SSL_CTX_set_tlsext_opaque_prf_input_callback(ctx, cb) \
SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB, (void (*)(void))cb)
#define SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(ctx, arg) \
SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG, 0, arg)
#define SSL_CTX_set_tlsext_ticket_key_cb(ssl, cb) \
SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
#endif
/* Additional TLS ciphersuites from draft-ietf-tls-56-bit-ciphersuites-00.txt
/* PSK ciphersuites from 4279 */
#define TLS1_CK_PSK_WITH_RC4_128_SHA 0x0300008A
#define TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA 0x0300008B
#define TLS1_CK_PSK_WITH_AES_128_CBC_SHA 0x0300008C
#define TLS1_CK_PSK_WITH_AES_256_CBC_SHA 0x0300008D
/* Additional TLS ciphersuites from expired Internet Draft
* draft-ietf-tls-56-bit-ciphersuites-01.txt
* (available if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES is defined, see
* s3_lib.c). We actually treat them like SSL 3.0 ciphers, which we probably
* shouldn't. */
#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5 0x03000060
#define TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 0x03000061
* shouldn't. Note that the first two are actually not in the IDs. */
#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5 0x03000060 /* not in ID */
#define TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 0x03000061 /* not in ID */
#define TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA 0x03000062
#define TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA 0x03000063
#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA 0x03000064
@ -330,6 +437,12 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
#define TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA "AECDH-AES128-SHA"
#define TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA "AECDH-AES256-SHA"
/* PSK ciphersuites from RFC 4279 */
#define TLS1_TXT_PSK_WITH_RC4_128_SHA "PSK-RC4-SHA"
#define TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA "PSK-3DES-EDE-CBC-SHA"
#define TLS1_TXT_PSK_WITH_AES_128_CBC_SHA "PSK-AES128-CBC-SHA"
#define TLS1_TXT_PSK_WITH_AES_256_CBC_SHA "PSK-AES256-CBC-SHA"
/* Camellia ciphersuites from RFC4132 */
#define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA "CAMELLIA128-SHA"
#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA "DH-DSS-CAMELLIA128-SHA"
@ -353,6 +466,7 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
#define TLS1_TXT_DHE_RSA_WITH_SEED_SHA "DHE-RSA-SEED-SHA"
#define TLS1_TXT_ADH_WITH_SEED_SHA "ADH-SEED-SHA"
#define TLS_CT_RSA_SIGN 1
#define TLS_CT_DSS_SIGN 2
#define TLS_CT_RSA_FIXED_DH 3
@ -360,7 +474,11 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
#define TLS_CT_ECDSA_SIGN 64
#define TLS_CT_RSA_FIXED_ECDH 65
#define TLS_CT_ECDSA_FIXED_ECDH 66
#define TLS_CT_NUMBER 7
#define TLS_CT_GOST94_SIGN 21
#define TLS_CT_GOST01_SIGN 22
/* when correcting this number, correct also SSL3_CT_NUMBER in ssl3.h (see
* comment there) */
#define TLS_CT_NUMBER 9
#define TLS1_FINISH_MAC_LENGTH 12
@ -401,10 +519,14 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
#define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74" /*master secret*/
#endif
/* TLS Session Ticket extension struct */
struct tls_session_ticket_ext_st
{
unsigned short length;
void *data;
};
#ifdef __cplusplus
}
#endif
#endif

93
include/openssl/tmdiff.h
View File

@ -1,93 +0,0 @@
/* crypto/tmdiff.h */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
/* Header for dynamic hash table routines
* Author - Eric Young
*/
/* ... erm yeah, "dynamic hash tables" you say?
*
* And what would dynamic hash tables have to do with any of this code *now*?
* AFAICS, this code is only referenced by crypto/bn/exp.c which is an unused
* file that I doubt compiles any more. speed.c is the only thing that could
* use this (and it has nothing to do with hash tables), yet it instead has its
* own duplication of all this stuff and looks, if anything, more complete. See
* the corresponding note in apps/speed.c.
* The Bemused - Geoff
*/
#ifndef HEADER_TMDIFF_H
#define HEADER_TMDIFF_H
#ifdef __cplusplus
extern "C" {
#endif
typedef struct ms_tm MS_TM;
MS_TM *ms_time_new(void );
void ms_time_free(MS_TM *a);
void ms_time_get(MS_TM *a);
double ms_time_diff(MS_TM *start, MS_TM *end);
int ms_time_cmp(const MS_TM *ap, const MS_TM *bp);
#ifdef __cplusplus
}
#endif
#endif

861
include/openssl/ts.h Normal file
View File

@ -0,0 +1,861 @@
/* crypto/ts/ts.h */
/* Written by Zoltan Glozik (zglozik@opentsa.org) for the OpenSSL
* project 2002, 2003, 2004.
*/
/* ====================================================================
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#ifndef HEADER_TS_H
#define HEADER_TS_H
#include <openssl/opensslconf.h>
#include <openssl/symhacks.h>
#ifndef OPENSSL_NO_BUFFER
#include <openssl/buffer.h>
#endif
#ifndef OPENSSL_NO_EVP
#include <openssl/evp.h>
#endif
#ifndef OPENSSL_NO_BIO
#include <openssl/bio.h>
#endif
#include <openssl/stack.h>
#include <openssl/asn1.h>
#include <openssl/safestack.h>
#ifndef OPENSSL_NO_RSA
#include <openssl/rsa.h>
#endif
#ifndef OPENSSL_NO_DSA
#include <openssl/dsa.h>
#endif
#ifndef OPENSSL_NO_DH
#include <openssl/dh.h>
#endif
#include <openssl/evp.h>
#ifdef __cplusplus
extern "C" {
#endif
#ifdef WIN32
/* Under Win32 this is defined in wincrypt.h */
#undef X509_NAME
#endif
#include <openssl/x509.h>
#include <openssl/x509v3.h>
/*
MessageImprint ::= SEQUENCE {
hashAlgorithm AlgorithmIdentifier,
hashedMessage OCTET STRING }
*/
typedef struct TS_msg_imprint_st
{
X509_ALGOR *hash_algo;
ASN1_OCTET_STRING *hashed_msg;
} TS_MSG_IMPRINT;
/*
TimeStampReq ::= SEQUENCE {
version INTEGER { v1(1) },
messageImprint MessageImprint,
--a hash algorithm OID and the hash value of the data to be
--time-stamped
reqPolicy TSAPolicyId OPTIONAL,
nonce INTEGER OPTIONAL,
certReq BOOLEAN DEFAULT FALSE,
extensions [0] IMPLICIT Extensions OPTIONAL }
*/
typedef struct TS_req_st
{
ASN1_INTEGER *version;
TS_MSG_IMPRINT *msg_imprint;
ASN1_OBJECT *policy_id; /* OPTIONAL */
ASN1_INTEGER *nonce; /* OPTIONAL */
ASN1_BOOLEAN cert_req; /* DEFAULT FALSE */
STACK_OF(X509_EXTENSION) *extensions; /* [0] OPTIONAL */
} TS_REQ;
/*
Accuracy ::= SEQUENCE {
seconds INTEGER OPTIONAL,
millis [0] INTEGER (1..999) OPTIONAL,
micros [1] INTEGER (1..999) OPTIONAL }
*/
typedef struct TS_accuracy_st
{
ASN1_INTEGER *seconds;
ASN1_INTEGER *millis;
ASN1_INTEGER *micros;
} TS_ACCURACY;
/*
TSTInfo ::= SEQUENCE {
version INTEGER { v1(1) },
policy TSAPolicyId,
messageImprint MessageImprint,
-- MUST have the same value as the similar field in
-- TimeStampReq
serialNumber INTEGER,
-- Time-Stamping users MUST be ready to accommodate integers
-- up to 160 bits.
genTime GeneralizedTime,
accuracy Accuracy OPTIONAL,
ordering BOOLEAN DEFAULT FALSE,
nonce INTEGER OPTIONAL,
-- MUST be present if the similar field was present
-- in TimeStampReq. In that case it MUST have the same value.
tsa [0] GeneralName OPTIONAL,
extensions [1] IMPLICIT Extensions OPTIONAL }
*/
typedef struct TS_tst_info_st
{
ASN1_INTEGER *version;
ASN1_OBJECT *policy_id;
TS_MSG_IMPRINT *msg_imprint;
ASN1_INTEGER *serial;
ASN1_GENERALIZEDTIME *time;
TS_ACCURACY *accuracy;
ASN1_BOOLEAN ordering;
ASN1_INTEGER *nonce;
GENERAL_NAME *tsa;
STACK_OF(X509_EXTENSION) *extensions;
} TS_TST_INFO;
/*
PKIStatusInfo ::= SEQUENCE {
status PKIStatus,
statusString PKIFreeText OPTIONAL,
failInfo PKIFailureInfo OPTIONAL }
From RFC 1510 - section 3.1.1:
PKIFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String
-- text encoded as UTF-8 String (note: each UTF8String SHOULD
-- include an RFC 1766 language tag to indicate the language
-- of the contained text)
*/
/* Possible values for status. See ts_resp_print.c && ts_resp_verify.c. */
#define TS_STATUS_GRANTED 0
#define TS_STATUS_GRANTED_WITH_MODS 1
#define TS_STATUS_REJECTION 2
#define TS_STATUS_WAITING 3
#define TS_STATUS_REVOCATION_WARNING 4
#define TS_STATUS_REVOCATION_NOTIFICATION 5
/* Possible values for failure_info. See ts_resp_print.c && ts_resp_verify.c */
#define TS_INFO_BAD_ALG 0
#define TS_INFO_BAD_REQUEST 2
#define TS_INFO_BAD_DATA_FORMAT 5
#define TS_INFO_TIME_NOT_AVAILABLE 14
#define TS_INFO_UNACCEPTED_POLICY 15
#define TS_INFO_UNACCEPTED_EXTENSION 16
#define TS_INFO_ADD_INFO_NOT_AVAILABLE 17
#define TS_INFO_SYSTEM_FAILURE 25
typedef struct TS_status_info_st
{
ASN1_INTEGER *status;
STACK_OF(ASN1_UTF8STRING) *text;
ASN1_BIT_STRING *failure_info;
} TS_STATUS_INFO;
DECLARE_STACK_OF(ASN1_UTF8STRING)
DECLARE_ASN1_SET_OF(ASN1_UTF8STRING)
/*
TimeStampResp ::= SEQUENCE {
status PKIStatusInfo,
timeStampToken TimeStampToken OPTIONAL }
*/
typedef struct TS_resp_st
{
TS_STATUS_INFO *status_info;
PKCS7 *token;
TS_TST_INFO *tst_info;
} TS_RESP;
/* The structure below would belong to the ESS component. */
/*
IssuerSerial ::= SEQUENCE {
issuer GeneralNames,
serialNumber CertificateSerialNumber
}
*/
typedef struct ESS_issuer_serial
{
STACK_OF(GENERAL_NAME) *issuer;
ASN1_INTEGER *serial;
} ESS_ISSUER_SERIAL;
/*
ESSCertID ::= SEQUENCE {
certHash Hash,
issuerSerial IssuerSerial OPTIONAL
}
*/
typedef struct ESS_cert_id
{
ASN1_OCTET_STRING *hash; /* Always SHA-1 digest. */
ESS_ISSUER_SERIAL *issuer_serial;
} ESS_CERT_ID;
DECLARE_STACK_OF(ESS_CERT_ID)
DECLARE_ASN1_SET_OF(ESS_CERT_ID)
/*
SigningCertificate ::= SEQUENCE {
certs SEQUENCE OF ESSCertID,
policies SEQUENCE OF PolicyInformation OPTIONAL
}
*/
typedef struct ESS_signing_cert
{
STACK_OF(ESS_CERT_ID) *cert_ids;
STACK_OF(POLICYINFO) *policy_info;
} ESS_SIGNING_CERT;
TS_REQ *TS_REQ_new(void);
void TS_REQ_free(TS_REQ *a);
int i2d_TS_REQ(const TS_REQ *a, unsigned char **pp);
TS_REQ *d2i_TS_REQ(TS_REQ **a, const unsigned char **pp, long length);
TS_REQ *TS_REQ_dup(TS_REQ *a);
TS_REQ *d2i_TS_REQ_fp(FILE *fp, TS_REQ **a);
int i2d_TS_REQ_fp(FILE *fp, TS_REQ *a);
TS_REQ *d2i_TS_REQ_bio(BIO *fp, TS_REQ **a);
int i2d_TS_REQ_bio(BIO *fp, TS_REQ *a);
TS_MSG_IMPRINT *TS_MSG_IMPRINT_new(void);
void TS_MSG_IMPRINT_free(TS_MSG_IMPRINT *a);
int i2d_TS_MSG_IMPRINT(const TS_MSG_IMPRINT *a, unsigned char **pp);
TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT(TS_MSG_IMPRINT **a,
const unsigned char **pp, long length);
TS_MSG_IMPRINT *TS_MSG_IMPRINT_dup(TS_MSG_IMPRINT *a);
TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT **a);
int i2d_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT *a);
TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_bio(BIO *fp, TS_MSG_IMPRINT **a);
int i2d_TS_MSG_IMPRINT_bio(BIO *fp, TS_MSG_IMPRINT *a);
TS_RESP *TS_RESP_new(void);
void TS_RESP_free(TS_RESP *a);
int i2d_TS_RESP(const TS_RESP *a, unsigned char **pp);
TS_RESP *d2i_TS_RESP(TS_RESP **a, const unsigned char **pp, long length);
TS_TST_INFO *PKCS7_to_TS_TST_INFO(PKCS7 *token);
TS_RESP *TS_RESP_dup(TS_RESP *a);
TS_RESP *d2i_TS_RESP_fp(FILE *fp, TS_RESP **a);
int i2d_TS_RESP_fp(FILE *fp, TS_RESP *a);
TS_RESP *d2i_TS_RESP_bio(BIO *fp, TS_RESP **a);
int i2d_TS_RESP_bio(BIO *fp, TS_RESP *a);
TS_STATUS_INFO *TS_STATUS_INFO_new(void);
void TS_STATUS_INFO_free(TS_STATUS_INFO *a);
int i2d_TS_STATUS_INFO(const TS_STATUS_INFO *a, unsigned char **pp);
TS_STATUS_INFO *d2i_TS_STATUS_INFO(TS_STATUS_INFO **a,
const unsigned char **pp, long length);
TS_STATUS_INFO *TS_STATUS_INFO_dup(TS_STATUS_INFO *a);
TS_TST_INFO *TS_TST_INFO_new(void);
void TS_TST_INFO_free(TS_TST_INFO *a);
int i2d_TS_TST_INFO(const TS_TST_INFO *a, unsigned char **pp);
TS_TST_INFO *d2i_TS_TST_INFO(TS_TST_INFO **a, const unsigned char **pp,
long length);
TS_TST_INFO *TS_TST_INFO_dup(TS_TST_INFO *a);
TS_TST_INFO *d2i_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO **a);
int i2d_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO *a);
TS_TST_INFO *d2i_TS_TST_INFO_bio(BIO *fp, TS_TST_INFO **a);
int i2d_TS_TST_INFO_bio(BIO *fp, TS_TST_INFO *a);
TS_ACCURACY *TS_ACCURACY_new(void);
void TS_ACCURACY_free(TS_ACCURACY *a);
int i2d_TS_ACCURACY(const TS_ACCURACY *a, unsigned char **pp);
TS_ACCURACY *d2i_TS_ACCURACY(TS_ACCURACY **a, const unsigned char **pp,
long length);
TS_ACCURACY *TS_ACCURACY_dup(TS_ACCURACY *a);
ESS_ISSUER_SERIAL *ESS_ISSUER_SERIAL_new(void);
void ESS_ISSUER_SERIAL_free(ESS_ISSUER_SERIAL *a);
int i2d_ESS_ISSUER_SERIAL(const ESS_ISSUER_SERIAL *a,
unsigned char **pp);
ESS_ISSUER_SERIAL *d2i_ESS_ISSUER_SERIAL(ESS_ISSUER_SERIAL **a,
const unsigned char **pp, long length);
ESS_ISSUER_SERIAL *ESS_ISSUER_SERIAL_dup(ESS_ISSUER_SERIAL *a);
ESS_CERT_ID *ESS_CERT_ID_new(void);
void ESS_CERT_ID_free(ESS_CERT_ID *a);
int i2d_ESS_CERT_ID(const ESS_CERT_ID *a, unsigned char **pp);
ESS_CERT_ID *d2i_ESS_CERT_ID(ESS_CERT_ID **a, const unsigned char **pp,
long length);
ESS_CERT_ID *ESS_CERT_ID_dup(ESS_CERT_ID *a);
ESS_SIGNING_CERT *ESS_SIGNING_CERT_new(void);
void ESS_SIGNING_CERT_free(ESS_SIGNING_CERT *a);
int i2d_ESS_SIGNING_CERT(const ESS_SIGNING_CERT *a,
unsigned char **pp);
ESS_SIGNING_CERT *d2i_ESS_SIGNING_CERT(ESS_SIGNING_CERT **a,
const unsigned char **pp, long length);
ESS_SIGNING_CERT *ESS_SIGNING_CERT_dup(ESS_SIGNING_CERT *a);
void ERR_load_TS_strings(void);
int TS_REQ_set_version(TS_REQ *a, long version);
long TS_REQ_get_version(const TS_REQ *a);
int TS_REQ_set_msg_imprint(TS_REQ *a, TS_MSG_IMPRINT *msg_imprint);
TS_MSG_IMPRINT *TS_REQ_get_msg_imprint(TS_REQ *a);
int TS_MSG_IMPRINT_set_algo(TS_MSG_IMPRINT *a, X509_ALGOR *alg);
X509_ALGOR *TS_MSG_IMPRINT_get_algo(TS_MSG_IMPRINT *a);
int TS_MSG_IMPRINT_set_msg(TS_MSG_IMPRINT *a, unsigned char *d, int len);
ASN1_OCTET_STRING *TS_MSG_IMPRINT_get_msg(TS_MSG_IMPRINT *a);
int TS_REQ_set_policy_id(TS_REQ *a, ASN1_OBJECT *policy);
ASN1_OBJECT *TS_REQ_get_policy_id(TS_REQ *a);
int TS_REQ_set_nonce(TS_REQ *a, const ASN1_INTEGER *nonce);
const ASN1_INTEGER *TS_REQ_get_nonce(const TS_REQ *a);
int TS_REQ_set_cert_req(TS_REQ *a, int cert_req);
int TS_REQ_get_cert_req(const TS_REQ *a);
STACK_OF(X509_EXTENSION) *TS_REQ_get_exts(TS_REQ *a);
void TS_REQ_ext_free(TS_REQ *a);
int TS_REQ_get_ext_count(TS_REQ *a);
int TS_REQ_get_ext_by_NID(TS_REQ *a, int nid, int lastpos);
int TS_REQ_get_ext_by_OBJ(TS_REQ *a, ASN1_OBJECT *obj, int lastpos);
int TS_REQ_get_ext_by_critical(TS_REQ *a, int crit, int lastpos);
X509_EXTENSION *TS_REQ_get_ext(TS_REQ *a, int loc);
X509_EXTENSION *TS_REQ_delete_ext(TS_REQ *a, int loc);
int TS_REQ_add_ext(TS_REQ *a, X509_EXTENSION *ex, int loc);
void *TS_REQ_get_ext_d2i(TS_REQ *a, int nid, int *crit, int *idx);
/* Function declarations for TS_REQ defined in ts/ts_req_print.c */
int TS_REQ_print_bio(BIO *bio, TS_REQ *a);
/* Function declarations for TS_RESP defined in ts/ts_resp_utils.c */
int TS_RESP_set_status_info(TS_RESP *a, TS_STATUS_INFO *info);
TS_STATUS_INFO *TS_RESP_get_status_info(TS_RESP *a);
/* Caller loses ownership of PKCS7 and TS_TST_INFO objects. */
void TS_RESP_set_tst_info(TS_RESP *a, PKCS7 *p7, TS_TST_INFO *tst_info);
PKCS7 *TS_RESP_get_token(TS_RESP *a);
TS_TST_INFO *TS_RESP_get_tst_info(TS_RESP *a);
int TS_TST_INFO_set_version(TS_TST_INFO *a, long version);
long TS_TST_INFO_get_version(const TS_TST_INFO *a);
int TS_TST_INFO_set_policy_id(TS_TST_INFO *a, ASN1_OBJECT *policy_id);
ASN1_OBJECT *TS_TST_INFO_get_policy_id(TS_TST_INFO *a);
int TS_TST_INFO_set_msg_imprint(TS_TST_INFO *a, TS_MSG_IMPRINT *msg_imprint);
TS_MSG_IMPRINT *TS_TST_INFO_get_msg_imprint(TS_TST_INFO *a);
int TS_TST_INFO_set_serial(TS_TST_INFO *a, const ASN1_INTEGER *serial);
const ASN1_INTEGER *TS_TST_INFO_get_serial(const TS_TST_INFO *a);
int TS_TST_INFO_set_time(TS_TST_INFO *a, const ASN1_GENERALIZEDTIME *gtime);
const ASN1_GENERALIZEDTIME *TS_TST_INFO_get_time(const TS_TST_INFO *a);
int TS_TST_INFO_set_accuracy(TS_TST_INFO *a, TS_ACCURACY *accuracy);
TS_ACCURACY *TS_TST_INFO_get_accuracy(TS_TST_INFO *a);
int TS_ACCURACY_set_seconds(TS_ACCURACY *a, const ASN1_INTEGER *seconds);
const ASN1_INTEGER *TS_ACCURACY_get_seconds(const TS_ACCURACY *a);
int TS_ACCURACY_set_millis(TS_ACCURACY *a, const ASN1_INTEGER *millis);
const ASN1_INTEGER *TS_ACCURACY_get_millis(const TS_ACCURACY *a);
int TS_ACCURACY_set_micros(TS_ACCURACY *a, const ASN1_INTEGER *micros);
const ASN1_INTEGER *TS_ACCURACY_get_micros(const TS_ACCURACY *a);
int TS_TST_INFO_set_ordering(TS_TST_INFO *a, int ordering);
int TS_TST_INFO_get_ordering(const TS_TST_INFO *a);
int TS_TST_INFO_set_nonce(TS_TST_INFO *a, const ASN1_INTEGER *nonce);
const ASN1_INTEGER *TS_TST_INFO_get_nonce(const TS_TST_INFO *a);
int TS_TST_INFO_set_tsa(TS_TST_INFO *a, GENERAL_NAME *tsa);
GENERAL_NAME *TS_TST_INFO_get_tsa(TS_TST_INFO *a);
STACK_OF(X509_EXTENSION) *TS_TST_INFO_get_exts(TS_TST_INFO *a);
void TS_TST_INFO_ext_free(TS_TST_INFO *a);
int TS_TST_INFO_get_ext_count(TS_TST_INFO *a);
int TS_TST_INFO_get_ext_by_NID(TS_TST_INFO *a, int nid, int lastpos);
int TS_TST_INFO_get_ext_by_OBJ(TS_TST_INFO *a, ASN1_OBJECT *obj, int lastpos);
int TS_TST_INFO_get_ext_by_critical(TS_TST_INFO *a, int crit, int lastpos);
X509_EXTENSION *TS_TST_INFO_get_ext(TS_TST_INFO *a, int loc);
X509_EXTENSION *TS_TST_INFO_delete_ext(TS_TST_INFO *a, int loc);
int TS_TST_INFO_add_ext(TS_TST_INFO *a, X509_EXTENSION *ex, int loc);
void *TS_TST_INFO_get_ext_d2i(TS_TST_INFO *a, int nid, int *crit, int *idx);
/* Declarations related to response generation, defined in ts/ts_resp_sign.c. */
/* Optional flags for response generation. */
/* Don't include the TSA name in response. */
#define TS_TSA_NAME 0x01
/* Set ordering to true in response. */
#define TS_ORDERING 0x02
/*
* Include the signer certificate and the other specified certificates in
* the ESS signing certificate attribute beside the PKCS7 signed data.
* Only the signer certificates is included by default.
*/
#define TS_ESS_CERT_ID_CHAIN 0x04
/* Forward declaration. */
struct TS_resp_ctx;
/* This must return a unique number less than 160 bits long. */
typedef ASN1_INTEGER *(*TS_serial_cb)(struct TS_resp_ctx *, void *);
/* This must return the seconds and microseconds since Jan 1, 1970 in
the sec and usec variables allocated by the caller.
Return non-zero for success and zero for failure. */
typedef int (*TS_time_cb)(struct TS_resp_ctx *, void *, long *sec, long *usec);
/* This must process the given extension.
* It can modify the TS_TST_INFO object of the context.
* Return values: !0 (processed), 0 (error, it must set the
* status info/failure info of the response).
*/
typedef int (*TS_extension_cb)(struct TS_resp_ctx *, X509_EXTENSION *, void *);
typedef struct TS_resp_ctx
{
X509 *signer_cert;
EVP_PKEY *signer_key;
STACK_OF(X509) *certs; /* Certs to include in signed data. */
STACK_OF(ASN1_OBJECT) *policies; /* Acceptable policies. */
ASN1_OBJECT *default_policy; /* It may appear in policies, too. */
STACK_OF(EVP_MD) *mds; /* Acceptable message digests. */
ASN1_INTEGER *seconds; /* accuracy, 0 means not specified. */
ASN1_INTEGER *millis; /* accuracy, 0 means not specified. */
ASN1_INTEGER *micros; /* accuracy, 0 means not specified. */
unsigned clock_precision_digits; /* fraction of seconds in
time stamp token. */
unsigned flags; /* Optional info, see values above. */
/* Callback functions. */
TS_serial_cb serial_cb;
void *serial_cb_data; /* User data for serial_cb. */
TS_time_cb time_cb;
void *time_cb_data; /* User data for time_cb. */
TS_extension_cb extension_cb;
void *extension_cb_data; /* User data for extension_cb. */
/* These members are used only while creating the response. */
TS_REQ *request;
TS_RESP *response;
TS_TST_INFO *tst_info;
} TS_RESP_CTX;
DECLARE_STACK_OF(EVP_MD)
DECLARE_ASN1_SET_OF(EVP_MD)
/* Creates a response context that can be used for generating responses. */
TS_RESP_CTX *TS_RESP_CTX_new(void);
void TS_RESP_CTX_free(TS_RESP_CTX *ctx);
/* This parameter must be set. */
int TS_RESP_CTX_set_signer_cert(TS_RESP_CTX *ctx, X509 *signer);
/* This parameter must be set. */
int TS_RESP_CTX_set_signer_key(TS_RESP_CTX *ctx, EVP_PKEY *key);
/* This parameter must be set. */
int TS_RESP_CTX_set_def_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *def_policy);
/* No additional certs are included in the response by default. */
int TS_RESP_CTX_set_certs(TS_RESP_CTX *ctx, STACK_OF(X509) *certs);
/* Adds a new acceptable policy, only the default policy
is accepted by default. */
int TS_RESP_CTX_add_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *policy);
/* Adds a new acceptable message digest. Note that no message digests
are accepted by default. The md argument is shared with the caller. */
int TS_RESP_CTX_add_md(TS_RESP_CTX *ctx, const EVP_MD *md);
/* Accuracy is not included by default. */
int TS_RESP_CTX_set_accuracy(TS_RESP_CTX *ctx,
int secs, int millis, int micros);
/* Clock precision digits, i.e. the number of decimal digits:
'0' means sec, '3' msec, '6' usec, and so on. Default is 0. */
int TS_RESP_CTX_set_clock_precision_digits(TS_RESP_CTX *ctx,
unsigned clock_precision_digits);
/* At most we accept usec precision. */
#define TS_MAX_CLOCK_PRECISION_DIGITS 6
/* No flags are set by default. */
void TS_RESP_CTX_add_flags(TS_RESP_CTX *ctx, int flags);
/* Default callback always returns a constant. */
void TS_RESP_CTX_set_serial_cb(TS_RESP_CTX *ctx, TS_serial_cb cb, void *data);
/* Default callback uses the gettimeofday() and gmtime() system calls. */
void TS_RESP_CTX_set_time_cb(TS_RESP_CTX *ctx, TS_time_cb cb, void *data);
/* Default callback rejects all extensions. The extension callback is called
* when the TS_TST_INFO object is already set up and not signed yet. */
/* FIXME: extension handling is not tested yet. */
void TS_RESP_CTX_set_extension_cb(TS_RESP_CTX *ctx,
TS_extension_cb cb, void *data);
/* The following methods can be used in the callbacks. */
int TS_RESP_CTX_set_status_info(TS_RESP_CTX *ctx,
int status, const char *text);
/* Sets the status info only if it is still TS_STATUS_GRANTED. */
int TS_RESP_CTX_set_status_info_cond(TS_RESP_CTX *ctx,
int status, const char *text);
int TS_RESP_CTX_add_failure_info(TS_RESP_CTX *ctx, int failure);
/* The get methods below can be used in the extension callback. */
TS_REQ *TS_RESP_CTX_get_request(TS_RESP_CTX *ctx);
TS_TST_INFO *TS_RESP_CTX_get_tst_info(TS_RESP_CTX *ctx);
/*
* Creates the signed TS_TST_INFO and puts it in TS_RESP.
* In case of errors it sets the status info properly.
* Returns NULL only in case of memory allocation/fatal error.
*/
TS_RESP *TS_RESP_create_response(TS_RESP_CTX *ctx, BIO *req_bio);
/*
* Declarations related to response verification,
* they are defined in ts/ts_resp_verify.c.
*/
int TS_RESP_verify_signature(PKCS7 *token, STACK_OF(X509) *certs,
X509_STORE *store, X509 **signer_out);
/* Context structure for the generic verify method. */
/* Verify the signer's certificate and the signature of the response. */
#define TS_VFY_SIGNATURE (1u << 0)
/* Verify the version number of the response. */
#define TS_VFY_VERSION (1u << 1)
/* Verify if the policy supplied by the user matches the policy of the TSA. */
#define TS_VFY_POLICY (1u << 2)
/* Verify the message imprint provided by the user. This flag should not be
specified with TS_VFY_DATA. */
#define TS_VFY_IMPRINT (1u << 3)
/* Verify the message imprint computed by the verify method from the user
provided data and the MD algorithm of the response. This flag should not be
specified with TS_VFY_IMPRINT. */
#define TS_VFY_DATA (1u << 4)
/* Verify the nonce value. */
#define TS_VFY_NONCE (1u << 5)
/* Verify if the TSA name field matches the signer certificate. */
#define TS_VFY_SIGNER (1u << 6)
/* Verify if the TSA name field equals to the user provided name. */
#define TS_VFY_TSA_NAME (1u << 7)
/* You can use the following convenience constants. */
#define TS_VFY_ALL_IMPRINT (TS_VFY_SIGNATURE \
| TS_VFY_VERSION \
| TS_VFY_POLICY \
| TS_VFY_IMPRINT \
| TS_VFY_NONCE \
| TS_VFY_SIGNER \
| TS_VFY_TSA_NAME)
#define TS_VFY_ALL_DATA (TS_VFY_SIGNATURE \
| TS_VFY_VERSION \
| TS_VFY_POLICY \
| TS_VFY_DATA \
| TS_VFY_NONCE \
| TS_VFY_SIGNER \
| TS_VFY_TSA_NAME)
typedef struct TS_verify_ctx
{
/* Set this to the union of TS_VFY_... flags you want to carry out. */
unsigned flags;
/* Must be set only with TS_VFY_SIGNATURE. certs is optional. */
X509_STORE *store;
STACK_OF(X509) *certs;
/* Must be set only with TS_VFY_POLICY. */
ASN1_OBJECT *policy;
/* Must be set only with TS_VFY_IMPRINT. If md_alg is NULL,
the algorithm from the response is used. */
X509_ALGOR *md_alg;
unsigned char *imprint;
unsigned imprint_len;
/* Must be set only with TS_VFY_DATA. */
BIO *data;
/* Must be set only with TS_VFY_TSA_NAME. */
ASN1_INTEGER *nonce;
/* Must be set only with TS_VFY_TSA_NAME. */
GENERAL_NAME *tsa_name;
} TS_VERIFY_CTX;
int TS_RESP_verify_response(TS_VERIFY_CTX *ctx, TS_RESP *response);
int TS_RESP_verify_token(TS_VERIFY_CTX *ctx, PKCS7 *token);
/*
* Declarations related to response verification context,
* they are defined in ts/ts_verify_ctx.c.
*/
/* Set all fields to zero. */
TS_VERIFY_CTX *TS_VERIFY_CTX_new(void);
void TS_VERIFY_CTX_init(TS_VERIFY_CTX *ctx);
void TS_VERIFY_CTX_free(TS_VERIFY_CTX *ctx);
void TS_VERIFY_CTX_cleanup(TS_VERIFY_CTX *ctx);
/*
* If ctx is NULL, it allocates and returns a new object, otherwise
* it returns ctx. It initialises all the members as follows:
* flags = TS_VFY_ALL_IMPRINT & ~(TS_VFY_TSA_NAME | TS_VFY_SIGNATURE)
* certs = NULL
* store = NULL
* policy = policy from the request or NULL if absent (in this case
* TS_VFY_POLICY is cleared from flags as well)
* md_alg = MD algorithm from request
* imprint, imprint_len = imprint from request
* data = NULL
* nonce, nonce_len = nonce from the request or NULL if absent (in this case
* TS_VFY_NONCE is cleared from flags as well)
* tsa_name = NULL
* Important: after calling this method TS_VFY_SIGNATURE should be added!
*/
TS_VERIFY_CTX *TS_REQ_to_TS_VERIFY_CTX(TS_REQ *req, TS_VERIFY_CTX *ctx);
/* Function declarations for TS_RESP defined in ts/ts_resp_print.c */
int TS_RESP_print_bio(BIO *bio, TS_RESP *a);
int TS_STATUS_INFO_print_bio(BIO *bio, TS_STATUS_INFO *a);
int TS_TST_INFO_print_bio(BIO *bio, TS_TST_INFO *a);
/* Common utility functions defined in ts/ts_lib.c */
int TS_ASN1_INTEGER_print_bio(BIO *bio, const ASN1_INTEGER *num);
int TS_OBJ_print_bio(BIO *bio, const ASN1_OBJECT *obj);
int TS_ext_print_bio(BIO *bio, const STACK_OF(X509_EXTENSION) *extensions);
int TS_X509_ALGOR_print_bio(BIO *bio, const X509_ALGOR *alg);
int TS_MSG_IMPRINT_print_bio(BIO *bio, TS_MSG_IMPRINT *msg);
/* Function declarations for handling configuration options,
defined in ts/ts_conf.c */
X509 *TS_CONF_load_cert(const char *file);
STACK_OF(X509) *TS_CONF_load_certs(const char *file);
EVP_PKEY *TS_CONF_load_key(const char *file, const char *pass);
const char *TS_CONF_get_tsa_section(CONF *conf, const char *section);
int TS_CONF_set_serial(CONF *conf, const char *section, TS_serial_cb cb,
TS_RESP_CTX *ctx);
int TS_CONF_set_crypto_device(CONF *conf, const char *section,
const char *device);
int TS_CONF_set_default_engine(const char *name);
int TS_CONF_set_signer_cert(CONF *conf, const char *section,
const char *cert, TS_RESP_CTX *ctx);
int TS_CONF_set_certs(CONF *conf, const char *section, const char *certs,
TS_RESP_CTX *ctx);
int TS_CONF_set_signer_key(CONF *conf, const char *section,
const char *key, const char *pass, TS_RESP_CTX *ctx);
int TS_CONF_set_def_policy(CONF *conf, const char *section,
const char *policy, TS_RESP_CTX *ctx);
int TS_CONF_set_policies(CONF *conf, const char *section, TS_RESP_CTX *ctx);
int TS_CONF_set_digests(CONF *conf, const char *section, TS_RESP_CTX *ctx);
int TS_CONF_set_accuracy(CONF *conf, const char *section, TS_RESP_CTX *ctx);
int TS_CONF_set_clock_precision_digits(CONF *conf, const char *section,
TS_RESP_CTX *ctx);
int TS_CONF_set_ordering(CONF *conf, const char *section, TS_RESP_CTX *ctx);
int TS_CONF_set_tsa_name(CONF *conf, const char *section, TS_RESP_CTX *ctx);
int TS_CONF_set_ess_cert_id_chain(CONF *conf, const char *section,
TS_RESP_CTX *ctx);
/* -------------------------------------------------- */
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_TS_strings(void);
/* Error codes for the TS functions. */
/* Function codes. */
#define TS_F_D2I_TS_RESP 147
#define TS_F_DEF_SERIAL_CB 110
#define TS_F_DEF_TIME_CB 111
#define TS_F_ESS_ADD_SIGNING_CERT 112
#define TS_F_ESS_CERT_ID_NEW_INIT 113
#define TS_F_ESS_SIGNING_CERT_NEW_INIT 114
#define TS_F_INT_TS_RESP_VERIFY_TOKEN 149
#define TS_F_PKCS7_TO_TS_TST_INFO 148
#define TS_F_TS_ACCURACY_SET_MICROS 115
#define TS_F_TS_ACCURACY_SET_MILLIS 116
#define TS_F_TS_ACCURACY_SET_SECONDS 117
#define TS_F_TS_CHECK_IMPRINTS 100
#define TS_F_TS_CHECK_NONCES 101
#define TS_F_TS_CHECK_POLICY 102
#define TS_F_TS_CHECK_SIGNING_CERTS 103
#define TS_F_TS_CHECK_STATUS_INFO 104
#define TS_F_TS_COMPUTE_IMPRINT 145
#define TS_F_TS_CONF_SET_DEFAULT_ENGINE 146
#define TS_F_TS_GET_STATUS_TEXT 105
#define TS_F_TS_MSG_IMPRINT_SET_ALGO 118
#define TS_F_TS_REQ_SET_MSG_IMPRINT 119
#define TS_F_TS_REQ_SET_NONCE 120
#define TS_F_TS_REQ_SET_POLICY_ID 121
#define TS_F_TS_RESP_CREATE_RESPONSE 122
#define TS_F_TS_RESP_CREATE_TST_INFO 123
#define TS_F_TS_RESP_CTX_ADD_FAILURE_INFO 124
#define TS_F_TS_RESP_CTX_ADD_MD 125
#define TS_F_TS_RESP_CTX_ADD_POLICY 126
#define TS_F_TS_RESP_CTX_NEW 127
#define TS_F_TS_RESP_CTX_SET_ACCURACY 128
#define TS_F_TS_RESP_CTX_SET_CERTS 129
#define TS_F_TS_RESP_CTX_SET_DEF_POLICY 130
#define TS_F_TS_RESP_CTX_SET_SIGNER_CERT 131
#define TS_F_TS_RESP_CTX_SET_STATUS_INFO 132
#define TS_F_TS_RESP_GET_POLICY 133
#define TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION 134
#define TS_F_TS_RESP_SET_STATUS_INFO 135
#define TS_F_TS_RESP_SET_TST_INFO 150
#define TS_F_TS_RESP_SIGN 136
#define TS_F_TS_RESP_VERIFY_SIGNATURE 106
#define TS_F_TS_RESP_VERIFY_TOKEN 107
#define TS_F_TS_TST_INFO_SET_ACCURACY 137
#define TS_F_TS_TST_INFO_SET_MSG_IMPRINT 138
#define TS_F_TS_TST_INFO_SET_NONCE 139
#define TS_F_TS_TST_INFO_SET_POLICY_ID 140
#define TS_F_TS_TST_INFO_SET_SERIAL 141
#define TS_F_TS_TST_INFO_SET_TIME 142
#define TS_F_TS_TST_INFO_SET_TSA 143
#define TS_F_TS_VERIFY 108
#define TS_F_TS_VERIFY_CERT 109
#define TS_F_TS_VERIFY_CTX_NEW 144
/* Reason codes. */
#define TS_R_BAD_PKCS7_TYPE 132
#define TS_R_BAD_TYPE 133
#define TS_R_CERTIFICATE_VERIFY_ERROR 100
#define TS_R_COULD_NOT_SET_ENGINE 127
#define TS_R_COULD_NOT_SET_TIME 115
#define TS_R_D2I_TS_RESP_INT_FAILED 128
#define TS_R_DETACHED_CONTENT 134
#define TS_R_ESS_ADD_SIGNING_CERT_ERROR 116
#define TS_R_ESS_SIGNING_CERTIFICATE_ERROR 101
#define TS_R_INVALID_NULL_POINTER 102
#define TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE 117
#define TS_R_MESSAGE_IMPRINT_MISMATCH 103
#define TS_R_NONCE_MISMATCH 104
#define TS_R_NONCE_NOT_RETURNED 105
#define TS_R_NO_CONTENT 106
#define TS_R_NO_TIME_STAMP_TOKEN 107
#define TS_R_PKCS7_ADD_SIGNATURE_ERROR 118
#define TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR 119
#define TS_R_PKCS7_TO_TS_TST_INFO_FAILED 129
#define TS_R_POLICY_MISMATCH 108
#define TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 120
#define TS_R_RESPONSE_SETUP_ERROR 121
#define TS_R_SIGNATURE_FAILURE 109
#define TS_R_THERE_MUST_BE_ONE_SIGNER 110
#define TS_R_TIME_SYSCALL_ERROR 122
#define TS_R_TOKEN_NOT_PRESENT 130
#define TS_R_TOKEN_PRESENT 131
#define TS_R_TSA_NAME_MISMATCH 111
#define TS_R_TSA_UNTRUSTED 112
#define TS_R_TST_INFO_SETUP_ERROR 123
#define TS_R_TS_DATASIGN 124
#define TS_R_UNACCEPTABLE_POLICY 125
#define TS_R_UNSUPPORTED_MD_ALGORITHM 126
#define TS_R_UNSUPPORTED_VERSION 113
#define TS_R_WRONG_CONTENT_TYPE 114
#ifdef __cplusplus
}
#endif
#endif

19
include/openssl/txt_db.h
View File

@ -77,16 +77,19 @@
extern "C" {
#endif
typedef OPENSSL_STRING *OPENSSL_PSTRING;
DECLARE_SPECIAL_STACK_OF(OPENSSL_PSTRING, OPENSSL_STRING)
typedef struct txt_db_st
{
int num_fields;
STACK /* char ** */ *data;
LHASH **index;
int (**qual)(char **);
STACK_OF(OPENSSL_PSTRING) *data;
LHASH_OF(OPENSSL_STRING) **index;
int (**qual)(OPENSSL_STRING *);
long error;
long arg1;
long arg2;
char **arg_row;
OPENSSL_STRING *arg_row;
} TXT_DB;
#ifndef OPENSSL_NO_BIO
@ -96,11 +99,11 @@ long TXT_DB_write(BIO *out, TXT_DB *db);
TXT_DB *TXT_DB_read(char *in, int num);
long TXT_DB_write(char *out, TXT_DB *db);
#endif
int TXT_DB_create_index(TXT_DB *db,int field,int (*qual)(char **),
LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp);
int TXT_DB_create_index(TXT_DB *db,int field,int (*qual)(OPENSSL_STRING *),
LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp);
void TXT_DB_free(TXT_DB *db);
char **TXT_DB_get_by_index(TXT_DB *db, int idx, char **value);
int TXT_DB_insert(TXT_DB *db,char **value);
OPENSSL_STRING *TXT_DB_get_by_index(TXT_DB *db, int idx, OPENSSL_STRING *value);
int TXT_DB_insert(TXT_DB *db, OPENSSL_STRING *value);
#ifdef __cplusplus
}

4
include/openssl/ui.h
View File

@ -287,8 +287,8 @@ UI_METHOD *UI_OpenSSL(void);
/* The UI_STRING type is the data structure that contains all the needed info
about a string or a prompt, including test data for a verification prompt.
*/
DECLARE_STACK_OF(UI_STRING)
typedef struct ui_string_st UI_STRING;
DECLARE_STACK_OF(UI_STRING)
/* The different types of strings that are currently supported.
This is only needed by method authors. */
@ -310,11 +310,13 @@ int UI_method_set_writer(UI_METHOD *method, int (*writer)(UI *ui, UI_STRING *uis
int UI_method_set_flusher(UI_METHOD *method, int (*flusher)(UI *ui));
int UI_method_set_reader(UI_METHOD *method, int (*reader)(UI *ui, UI_STRING *uis));
int UI_method_set_closer(UI_METHOD *method, int (*closer)(UI *ui));
int UI_method_set_prompt_constructor(UI_METHOD *method, char *(*prompt_constructor)(UI* ui, const char* object_desc, const char* object_name));
int (*UI_method_get_opener(UI_METHOD *method))(UI*);
int (*UI_method_get_writer(UI_METHOD *method))(UI*,UI_STRING*);
int (*UI_method_get_flusher(UI_METHOD *method))(UI*);
int (*UI_method_get_reader(UI_METHOD *method))(UI*,UI_STRING*);
int (*UI_method_get_closer(UI_METHOD *method))(UI*);
char* (*UI_method_get_prompt_constructor(UI_METHOD *method))(UI*, const char*, const char*);
/* The following functions are helpers for method writers to access relevant
data from a UI_STRING. */

38
include/openssl/whrlpool.h Normal file
View File

@ -0,0 +1,38 @@
#ifndef HEADER_WHRLPOOL_H
#define HEADER_WHRLPOOL_H
#include <openssl/e_os2.h>
#include <stddef.h>
#ifdef __cplusplus
extern "C" {
#endif
#define WHIRLPOOL_DIGEST_LENGTH (512/8)
#define WHIRLPOOL_BBLOCK 512
#define WHIRLPOOL_COUNTER (256/8)
typedef struct {
union {
unsigned char c[WHIRLPOOL_DIGEST_LENGTH];
/* double q is here to ensure 64-bit alignment */
double q[WHIRLPOOL_DIGEST_LENGTH/sizeof(double)];
} H;
unsigned char data[WHIRLPOOL_BBLOCK/8];
unsigned int bitoff;
size_t bitlen[WHIRLPOOL_COUNTER/sizeof(size_t)];
} WHIRLPOOL_CTX;
#ifndef OPENSSL_NO_WHIRLPOOL
int WHIRLPOOL_Init (WHIRLPOOL_CTX *c);
int WHIRLPOOL_Update (WHIRLPOOL_CTX *c,const void *inp,size_t bytes);
void WHIRLPOOL_BitUpdate(WHIRLPOOL_CTX *c,const void *inp,size_t bits);
int WHIRLPOOL_Final (unsigned char *md,WHIRLPOOL_CTX *c);
unsigned char *WHIRLPOOL(const void *inp,size_t bytes,unsigned char *md);
#endif
#ifdef __cplusplus
}
#endif
#endif

257
include/openssl/x509.h
View File

@ -157,12 +157,12 @@ typedef struct X509_val_st
ASN1_TIME *notAfter;
} X509_VAL;
typedef struct X509_pubkey_st
struct X509_pubkey_st
{
X509_ALGOR *algor;
ASN1_BIT_STRING *public_key;
EVP_PKEY *pkey;
} X509_PUBKEY;
};
typedef struct X509_sig_st
{
@ -191,7 +191,9 @@ struct X509_name_st
#else
char *bytes;
#endif
unsigned long hash; /* Keep the hash around for lookups */
/* unsigned long hash; Keep the hash around for lookups */
unsigned char *canon_enc;
int canon_enclen;
} /* X509_NAME */;
DECLARE_STACK_OF(X509_NAME)
@ -290,8 +292,11 @@ struct x509_st
unsigned long ex_xkusage;
unsigned long ex_nscert;
ASN1_OCTET_STRING *skid;
struct AUTHORITY_KEYID_st *akid;
AUTHORITY_KEYID *akid;
X509_POLICY_CACHE *policy_cache;
STACK_OF(DIST_POINT) *crldp;
STACK_OF(GENERAL_NAME) *altname;
NAME_CONSTRAINTS *nc;
#ifndef OPENSSL_NO_RFC3779
STACK_OF(IPAddressFamily) *rfc3779_addr;
struct ASIdentifiers_st *rfc3779_asid;
@ -334,10 +339,11 @@ typedef struct x509_cert_pair_st {
#define X509_TRUST_OBJECT_SIGN 5
#define X509_TRUST_OCSP_SIGN 6
#define X509_TRUST_OCSP_REQUEST 7
#define X509_TRUST_TSA 8
/* Keep these up to date! */
#define X509_TRUST_MIN 1
#define X509_TRUST_MAX 7
#define X509_TRUST_MAX 8
/* trust_flags values */
@ -424,13 +430,17 @@ typedef struct x509_cert_pair_st {
XN_FLAG_FN_LN | \
XN_FLAG_FN_ALIGN)
typedef struct X509_revoked_st
struct x509_revoked_st
{
ASN1_INTEGER *serialNumber;
ASN1_TIME *revocationDate;
STACK_OF(X509_EXTENSION) /* optional */ *extensions;
/* Set up if indirect CRL */
STACK_OF(GENERAL_NAME) *issuer;
/* Revocation reason */
int reason;
int sequence; /* load sequence */
} X509_REVOKED;
};
DECLARE_STACK_OF(X509_REVOKED)
DECLARE_ASN1_SET_OF(X509_REVOKED)
@ -454,6 +464,22 @@ struct X509_crl_st
X509_ALGOR *sig_alg;
ASN1_BIT_STRING *signature;
int references;
int flags;
/* Copies of various extensions */
AUTHORITY_KEYID *akid;
ISSUING_DIST_POINT *idp;
/* Convenient breakdown of IDP */
int idp_flags;
int idp_reasons;
/* CRL and base CRL numbers for delta processing */
ASN1_INTEGER *crl_number;
ASN1_INTEGER *base_crl_number;
#ifndef OPENSSL_NO_SHA
unsigned char sha1_hash[SHA_DIGEST_LENGTH];
#endif
STACK_OF(GENERAL_NAMES) *issuers;
const X509_CRL_METHOD *meth;
void *meth_data;
} /* X509_CRL */;
DECLARE_STACK_OF(X509_CRL)
@ -552,18 +578,19 @@ X509_ALGOR *prf;
/* PKCS#8 private key info structure */
typedef struct pkcs8_priv_key_info_st
struct pkcs8_priv_key_info_st
{
int broken; /* Flag for various broken formats */
#define PKCS8_OK 0
#define PKCS8_NO_OCTET 1
#define PKCS8_EMBEDDED_PARAM 2
#define PKCS8_NS_DB 3
#define PKCS8_NEG_PRIVKEY 4
ASN1_INTEGER *version;
X509_ALGOR *pkeyalg;
ASN1_TYPE *pkey; /* Should be OCTET STRING but some are broken */
STACK_OF(X509_ATTRIBUTE) *attributes;
} PKCS8_PRIV_KEY_INFO;
};
#ifdef __cplusplus
}
@ -576,151 +603,6 @@ typedef struct pkcs8_priv_key_info_st
extern "C" {
#endif
#ifdef SSLEAY_MACROS
#define X509_verify(a,r) ASN1_verify((int (*)())i2d_X509_CINF,a->sig_alg,\
a->signature,(char *)a->cert_info,r)
#define X509_REQ_verify(a,r) ASN1_verify((int (*)())i2d_X509_REQ_INFO, \
a->sig_alg,a->signature,(char *)a->req_info,r)
#define X509_CRL_verify(a,r) ASN1_verify((int (*)())i2d_X509_CRL_INFO, \
a->sig_alg, a->signature,(char *)a->crl,r)
#define X509_sign(x,pkey,md) \
ASN1_sign((int (*)())i2d_X509_CINF, x->cert_info->signature, \
x->sig_alg, x->signature, (char *)x->cert_info,pkey,md)
#define X509_REQ_sign(x,pkey,md) \
ASN1_sign((int (*)())i2d_X509_REQ_INFO,x->sig_alg, NULL, \
x->signature, (char *)x->req_info,pkey,md)
#define X509_CRL_sign(x,pkey,md) \
ASN1_sign((int (*)())i2d_X509_CRL_INFO,x->crl->sig_alg,x->sig_alg, \
x->signature, (char *)x->crl,pkey,md)
#define NETSCAPE_SPKI_sign(x,pkey,md) \
ASN1_sign((int (*)())i2d_NETSCAPE_SPKAC, x->sig_algor,NULL, \
x->signature, (char *)x->spkac,pkey,md)
#define X509_dup(x509) (X509 *)ASN1_dup((int (*)())i2d_X509, \
(char *(*)())d2i_X509,(char *)x509)
#define X509_ATTRIBUTE_dup(xa) (X509_ATTRIBUTE *)ASN1_dup(\
(int (*)())i2d_X509_ATTRIBUTE, \
(char *(*)())d2i_X509_ATTRIBUTE,(char *)xa)
#define X509_EXTENSION_dup(ex) (X509_EXTENSION *)ASN1_dup( \
(int (*)())i2d_X509_EXTENSION, \
(char *(*)())d2i_X509_EXTENSION,(char *)ex)
#define d2i_X509_fp(fp,x509) (X509 *)ASN1_d2i_fp((char *(*)())X509_new, \
(char *(*)())d2i_X509, (fp),(unsigned char **)(x509))
#define i2d_X509_fp(fp,x509) ASN1_i2d_fp(i2d_X509,fp,(unsigned char *)x509)
#define d2i_X509_bio(bp,x509) (X509 *)ASN1_d2i_bio((char *(*)())X509_new, \
(char *(*)())d2i_X509, (bp),(unsigned char **)(x509))
#define i2d_X509_bio(bp,x509) ASN1_i2d_bio(i2d_X509,bp,(unsigned char *)x509)
#define X509_CRL_dup(crl) (X509_CRL *)ASN1_dup((int (*)())i2d_X509_CRL, \
(char *(*)())d2i_X509_CRL,(char *)crl)
#define d2i_X509_CRL_fp(fp,crl) (X509_CRL *)ASN1_d2i_fp((char *(*)()) \
X509_CRL_new,(char *(*)())d2i_X509_CRL, (fp),\
(unsigned char **)(crl))
#define i2d_X509_CRL_fp(fp,crl) ASN1_i2d_fp(i2d_X509_CRL,fp,\
(unsigned char *)crl)
#define d2i_X509_CRL_bio(bp,crl) (X509_CRL *)ASN1_d2i_bio((char *(*)()) \
X509_CRL_new,(char *(*)())d2i_X509_CRL, (bp),\
(unsigned char **)(crl))
#define i2d_X509_CRL_bio(bp,crl) ASN1_i2d_bio(i2d_X509_CRL,bp,\
(unsigned char *)crl)
#define PKCS7_dup(p7) (PKCS7 *)ASN1_dup((int (*)())i2d_PKCS7, \
(char *(*)())d2i_PKCS7,(char *)p7)
#define d2i_PKCS7_fp(fp,p7) (PKCS7 *)ASN1_d2i_fp((char *(*)()) \
PKCS7_new,(char *(*)())d2i_PKCS7, (fp),\
(unsigned char **)(p7))
#define i2d_PKCS7_fp(fp,p7) ASN1_i2d_fp(i2d_PKCS7,fp,\
(unsigned char *)p7)
#define d2i_PKCS7_bio(bp,p7) (PKCS7 *)ASN1_d2i_bio((char *(*)()) \
PKCS7_new,(char *(*)())d2i_PKCS7, (bp),\
(unsigned char **)(p7))
#define i2d_PKCS7_bio(bp,p7) ASN1_i2d_bio(i2d_PKCS7,bp,\
(unsigned char *)p7)
#define X509_REQ_dup(req) (X509_REQ *)ASN1_dup((int (*)())i2d_X509_REQ, \
(char *(*)())d2i_X509_REQ,(char *)req)
#define d2i_X509_REQ_fp(fp,req) (X509_REQ *)ASN1_d2i_fp((char *(*)())\
X509_REQ_new, (char *(*)())d2i_X509_REQ, (fp),\
(unsigned char **)(req))
#define i2d_X509_REQ_fp(fp,req) ASN1_i2d_fp(i2d_X509_REQ,fp,\
(unsigned char *)req)
#define d2i_X509_REQ_bio(bp,req) (X509_REQ *)ASN1_d2i_bio((char *(*)())\
X509_REQ_new, (char *(*)())d2i_X509_REQ, (bp),\
(unsigned char **)(req))
#define i2d_X509_REQ_bio(bp,req) ASN1_i2d_bio(i2d_X509_REQ,bp,\
(unsigned char *)req)
#define RSAPublicKey_dup(rsa) (RSA *)ASN1_dup((int (*)())i2d_RSAPublicKey, \
(char *(*)())d2i_RSAPublicKey,(char *)rsa)
#define RSAPrivateKey_dup(rsa) (RSA *)ASN1_dup((int (*)())i2d_RSAPrivateKey, \
(char *(*)())d2i_RSAPrivateKey,(char *)rsa)
#define d2i_RSAPrivateKey_fp(fp,rsa) (RSA *)ASN1_d2i_fp((char *(*)())\
RSA_new,(char *(*)())d2i_RSAPrivateKey, (fp), \
(unsigned char **)(rsa))
#define i2d_RSAPrivateKey_fp(fp,rsa) ASN1_i2d_fp(i2d_RSAPrivateKey,fp, \
(unsigned char *)rsa)
#define d2i_RSAPrivateKey_bio(bp,rsa) (RSA *)ASN1_d2i_bio((char *(*)())\
RSA_new,(char *(*)())d2i_RSAPrivateKey, (bp), \
(unsigned char **)(rsa))
#define i2d_RSAPrivateKey_bio(bp,rsa) ASN1_i2d_bio(i2d_RSAPrivateKey,bp, \
(unsigned char *)rsa)
#define d2i_RSAPublicKey_fp(fp,rsa) (RSA *)ASN1_d2i_fp((char *(*)())\
RSA_new,(char *(*)())d2i_RSAPublicKey, (fp), \
(unsigned char **)(rsa))
#define i2d_RSAPublicKey_fp(fp,rsa) ASN1_i2d_fp(i2d_RSAPublicKey,fp, \
(unsigned char *)rsa)
#define d2i_RSAPublicKey_bio(bp,rsa) (RSA *)ASN1_d2i_bio((char *(*)())\
RSA_new,(char *(*)())d2i_RSAPublicKey, (bp), \
(unsigned char **)(rsa))
#define i2d_RSAPublicKey_bio(bp,rsa) ASN1_i2d_bio(i2d_RSAPublicKey,bp, \
(unsigned char *)rsa)
#define d2i_DSAPrivateKey_fp(fp,dsa) (DSA *)ASN1_d2i_fp((char *(*)())\
DSA_new,(char *(*)())d2i_DSAPrivateKey, (fp), \
(unsigned char **)(dsa))
#define i2d_DSAPrivateKey_fp(fp,dsa) ASN1_i2d_fp(i2d_DSAPrivateKey,fp, \
(unsigned char *)dsa)
#define d2i_DSAPrivateKey_bio(bp,dsa) (DSA *)ASN1_d2i_bio((char *(*)())\
DSA_new,(char *(*)())d2i_DSAPrivateKey, (bp), \
(unsigned char **)(dsa))
#define i2d_DSAPrivateKey_bio(bp,dsa) ASN1_i2d_bio(i2d_DSAPrivateKey,bp, \
(unsigned char *)dsa)
#define d2i_ECPrivateKey_fp(fp,ecdsa) (EC_KEY *)ASN1_d2i_fp((char *(*)())\
EC_KEY_new,(char *(*)())d2i_ECPrivateKey, (fp), \
(unsigned char **)(ecdsa))
#define i2d_ECPrivateKey_fp(fp,ecdsa) ASN1_i2d_fp(i2d_ECPrivateKey,fp, \
(unsigned char *)ecdsa)
#define d2i_ECPrivateKey_bio(bp,ecdsa) (EC_KEY *)ASN1_d2i_bio((char *(*)())\
EC_KEY_new,(char *(*)())d2i_ECPrivateKey, (bp), \
(unsigned char **)(ecdsa))
#define i2d_ECPrivateKey_bio(bp,ecdsa) ASN1_i2d_bio(i2d_ECPrivateKey,bp, \
(unsigned char *)ecdsa)
#define X509_ALGOR_dup(xn) (X509_ALGOR *)ASN1_dup((int (*)())i2d_X509_ALGOR,\
(char *(*)())d2i_X509_ALGOR,(char *)xn)
#define X509_NAME_dup(xn) (X509_NAME *)ASN1_dup((int (*)())i2d_X509_NAME, \
(char *(*)())d2i_X509_NAME,(char *)xn)
#define X509_NAME_ENTRY_dup(ne) (X509_NAME_ENTRY *)ASN1_dup( \
(int (*)())i2d_X509_NAME_ENTRY, \
(char *(*)())d2i_X509_NAME_ENTRY,\
(char *)ne)
#define X509_digest(data,type,md,len) \
ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len)
#define X509_NAME_digest(data,type,md,len) \
ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len)
#ifndef PKCS7_ISSUER_AND_SERIAL_digest
#define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \
ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,\
(char *)data,md,len)
#endif
#endif
#define X509_EXT_PACK_UNKNOWN 1
#define X509_EXT_PACK_STRING 2
@ -741,6 +623,18 @@ extern "C" {
#define X509_CRL_get_issuer(x) ((x)->crl->issuer)
#define X509_CRL_get_REVOKED(x) ((x)->crl->revoked)
void X509_CRL_set_default_method(const X509_CRL_METHOD *meth);
X509_CRL_METHOD *X509_CRL_METHOD_new(
int (*crl_init)(X509_CRL *crl),
int (*crl_free)(X509_CRL *crl),
int (*crl_lookup)(X509_CRL *crl, X509_REVOKED **ret,
ASN1_INTEGER *ser, X509_NAME *issuer),
int (*crl_verify)(X509_CRL *crl, EVP_PKEY *pk));
void X509_CRL_METHOD_free(X509_CRL_METHOD *m);
void X509_CRL_set_meth_data(X509_CRL *crl, void *dat);
void *X509_CRL_get_meth_data(X509_CRL *crl);
/* This one is only used so that a binary form can output, as in
* i2d_X509_NAME(X509_get_X509_PUBKEY(x),&buf) */
#define X509_get_X509_PUBKEY(x) ((x)->cert_info->key)
@ -748,7 +642,6 @@ extern "C" {
const char *X509_verify_cert_error_string(long n);
#ifndef SSLEAY_MACROS
#ifndef OPENSSL_NO_EVP
int X509_verify(X509 *a, EVP_PKEY *r);
@ -873,11 +766,11 @@ void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval,
X509_NAME *X509_NAME_dup(X509_NAME *xn);
X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne);
#endif /* !SSLEAY_MACROS */
int X509_cmp_time(ASN1_TIME *s, time_t *t);
int X509_cmp_current_time(ASN1_TIME *s);
int X509_cmp_time(const ASN1_TIME *s, time_t *t);
int X509_cmp_current_time(const ASN1_TIME *s);
ASN1_TIME * X509_time_adj(ASN1_TIME *s, long adj, time_t *t);
ASN1_TIME * X509_time_adj_ex(ASN1_TIME *s,
int offset_day, long offset_sec, time_t *t);
ASN1_TIME * X509_gmtime_adj(ASN1_TIME *s, long adj);
const char * X509_get_default_cert_area(void );
@ -965,6 +858,9 @@ DECLARE_ASN1_FUNCTIONS(X509_CRL_INFO)
DECLARE_ASN1_FUNCTIONS(X509_CRL)
int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
int X509_CRL_get0_by_serial(X509_CRL *crl,
X509_REVOKED **ret, ASN1_INTEGER *serial);
int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x);
X509_PKEY * X509_PKEY_new(void );
void X509_PKEY_free(X509_PKEY *a);
@ -1008,8 +904,8 @@ int X509_set_issuer_name(X509 *x, X509_NAME *name);
X509_NAME * X509_get_issuer_name(X509 *a);
int X509_set_subject_name(X509 *x, X509_NAME *name);
X509_NAME * X509_get_subject_name(X509 *a);
int X509_set_notBefore(X509 *x, ASN1_TIME *tm);
int X509_set_notAfter(X509 *x, ASN1_TIME *tm);
int X509_set_notBefore(X509 *x, const ASN1_TIME *tm);
int X509_set_notAfter(X509 *x, const ASN1_TIME *tm);
int X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
EVP_PKEY * X509_get_pubkey(X509 *x);
ASN1_BIT_STRING * X509_get0_pubkey_bitstr(const X509 *x);
@ -1046,8 +942,8 @@ int X509_REQ_add1_attr_by_txt(X509_REQ *req,
int X509_CRL_set_version(X509_CRL *x, long version);
int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name);
int X509_CRL_set_lastUpdate(X509_CRL *x, ASN1_TIME *tm);
int X509_CRL_set_nextUpdate(X509_CRL *x, ASN1_TIME *tm);
int X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm);
int X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm);
int X509_CRL_sort(X509_CRL *crl);
int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial);
@ -1066,11 +962,18 @@ unsigned long X509_issuer_name_hash(X509 *a);
int X509_subject_name_cmp(const X509 *a, const X509 *b);
unsigned long X509_subject_name_hash(X509 *x);
#ifndef OPENSSL_NO_MD5
unsigned long X509_issuer_name_hash_old(X509 *a);
unsigned long X509_subject_name_hash_old(X509 *x);
#endif
int X509_cmp(const X509 *a, const X509 *b);
int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b);
unsigned long X509_NAME_hash(X509_NAME *x);
unsigned long X509_NAME_hash_old(X509_NAME *x);
int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b);
int X509_CRL_match(const X509_CRL *a, const X509_CRL *b);
#ifndef OPENSSL_NO_FP_API
int X509_print_ex_fp(FILE *bp,X509 *x, unsigned long nmflag, unsigned long cflag);
int X509_print_fp(FILE *bp,X509 *x);
@ -1246,9 +1149,16 @@ DECLARE_ASN1_FUNCTIONS(PBEPARAM)
DECLARE_ASN1_FUNCTIONS(PBE2PARAM)
DECLARE_ASN1_FUNCTIONS(PBKDF2PARAM)
X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt, int saltlen);
int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,
const unsigned char *salt, int saltlen);
X509_ALGOR *PKCS5_pbe_set(int alg, int iter,
const unsigned char *salt, int saltlen);
X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
unsigned char *salt, int saltlen);
X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
unsigned char *salt, int saltlen,
unsigned char *aiv, int prf_nid);
/* PKCS#8 utilities */
@ -1259,6 +1169,22 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey);
PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken);
PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken);
int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj,
int version, int ptype, void *pval,
unsigned char *penc, int penclen);
int PKCS8_pkey_get0(ASN1_OBJECT **ppkalg,
const unsigned char **pk, int *ppklen,
X509_ALGOR **pa,
PKCS8_PRIV_KEY_INFO *p8);
int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
int ptype, void *pval,
unsigned char *penc, int penclen);
int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
const unsigned char **pk, int *ppklen,
X509_ALGOR **pa,
X509_PUBKEY *pub);
int X509_check_trust(X509 *x, int id, int flags);
int X509_TRUST_get_count(void);
X509_TRUST * X509_TRUST_get0(int idx);
@ -1338,7 +1264,10 @@ void ERR_load_X509_strings(void);
#define X509_R_KEY_VALUES_MISMATCH 116
#define X509_R_LOADING_CERT_DIR 103
#define X509_R_LOADING_DEFAULTS 104
#define X509_R_METHOD_NOT_SUPPORTED 124
#define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105
#define X509_R_PUBLIC_KEY_DECODE_ERROR 125
#define X509_R_PUBLIC_KEY_ENCODE_ERROR 126
#define X509_R_SHOULD_RETRY 106
#define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN 107
#define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY 108

37
include/openssl/x509_vfy.h
View File

@ -77,6 +77,7 @@
extern "C" {
#endif
#if 0
/* Outer object */
typedef struct x509_hash_dir_st
{
@ -85,6 +86,7 @@ typedef struct x509_hash_dir_st
int *dirs_type;
int num_dirs_alloced;
} X509_HASH_DIR_CTX;
#endif
typedef struct x509_file_st
{
@ -198,6 +200,8 @@ struct x509_store_st
int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x); /* retrieve CRL */
int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */
int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */
STACK_OF(X509) * (*lookup_certs)(X509_STORE_CTX *ctx, X509_NAME *nm);
STACK_OF(X509_CRL) * (*lookup_crls)(X509_STORE_CTX *ctx, X509_NAME *nm);
int (*cleanup)(X509_STORE_CTX *ctx);
CRYPTO_EX_DATA ex_data;
@ -246,6 +250,8 @@ struct x509_store_ctx_st /* X509_STORE_CTX */
int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */
int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */
int (*check_policy)(X509_STORE_CTX *ctx);
STACK_OF(X509) * (*lookup_certs)(X509_STORE_CTX *ctx, X509_NAME *nm);
STACK_OF(X509_CRL) * (*lookup_crls)(X509_STORE_CTX *ctx, X509_NAME *nm);
int (*cleanup)(X509_STORE_CTX *ctx);
/* The following is built up */
@ -263,6 +269,11 @@ struct x509_store_ctx_st /* X509_STORE_CTX */
X509 *current_issuer; /* cert currently being tested as valid issuer */
X509_CRL *current_crl; /* current CRL */
int current_crl_score; /* score of current CRL */
unsigned int current_reasons; /* Reason mask */
X509_STORE_CTX *parent; /* For CRL path validation: parent context */
CRYPTO_EX_DATA ex_data;
} /* X509_STORE_CTX */;
@ -330,8 +341,18 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
#define X509_V_ERR_INVALID_EXTENSION 41
#define X509_V_ERR_INVALID_POLICY_EXTENSION 42
#define X509_V_ERR_NO_EXPLICIT_POLICY 43
#define X509_V_ERR_DIFFERENT_CRL_SCOPE 44
#define X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE 45
#define X509_V_ERR_UNNESTED_RESOURCE 44
#define X509_V_ERR_UNNESTED_RESOURCE 46
#define X509_V_ERR_PERMITTED_VIOLATION 47
#define X509_V_ERR_EXCLUDED_VIOLATION 48
#define X509_V_ERR_SUBTREE_MINMAX 49
#define X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE 51
#define X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX 52
#define X509_V_ERR_UNSUPPORTED_NAME_SYNTAX 53
#define X509_V_ERR_CRL_PATH_VALIDATION_ERROR 54
/* The application is not happy */
#define X509_V_ERR_APPLICATION_VERIFICATION 50
@ -362,10 +383,14 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
#define X509_V_FLAG_INHIBIT_MAP 0x400
/* Notify callback that policy is OK */
#define X509_V_FLAG_NOTIFY_POLICY 0x800
/* Extended CRL features such as indirect CRLs, alternate CRL signing keys */
#define X509_V_FLAG_EXTENDED_CRL_SUPPORT 0x1000
/* Delta CRL support */
#define X509_V_FLAG_USE_DELTAS 0x2000
/* Check selfsigned CA signature */
#define X509_V_FLAG_CHECK_SS_SIGNATURE 0x4000
#define X509_VP_FLAG_DEFAULT 0x1
#define X509_VP_FLAG_OVERWRITE 0x2
#define X509_VP_FLAG_RESET_FLAGS 0x4
@ -387,11 +412,16 @@ void X509_OBJECT_free_contents(X509_OBJECT *a);
X509_STORE *X509_STORE_new(void );
void X509_STORE_free(X509_STORE *v);
STACK_OF(X509)* X509_STORE_get1_certs(X509_STORE_CTX *st, X509_NAME *nm);
STACK_OF(X509_CRL)* X509_STORE_get1_crls(X509_STORE_CTX *st, X509_NAME *nm);
int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags);
int X509_STORE_set_purpose(X509_STORE *ctx, int purpose);
int X509_STORE_set_trust(X509_STORE *ctx, int trust);
int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *pm);
void X509_STORE_set_verify_cb(X509_STORE *ctx,
int (*verify_cb)(int, X509_STORE_CTX *));
X509_STORE_CTX *X509_STORE_CTX_new(void);
int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
@ -450,6 +480,9 @@ int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx,int s);
int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
X509 * X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
X509 *X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx);
X509_CRL *X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx);
X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx);
STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx);
STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
void X509_STORE_CTX_set_cert(X509_STORE_CTX *c,X509 *x);

171
include/openssl/x509v3.h
View File

@ -76,12 +76,19 @@ typedef void * (*X509V3_EXT_NEW)(void);
typedef void (*X509V3_EXT_FREE)(void *);
typedef void * (*X509V3_EXT_D2I)(void *, const unsigned char ** , long);
typedef int (*X509V3_EXT_I2D)(void *, unsigned char **);
typedef STACK_OF(CONF_VALUE) * (*X509V3_EXT_I2V)(struct v3_ext_method *method, void *ext, STACK_OF(CONF_VALUE) *extlist);
typedef void * (*X509V3_EXT_V2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, STACK_OF(CONF_VALUE) *values);
typedef char * (*X509V3_EXT_I2S)(struct v3_ext_method *method, void *ext);
typedef void * (*X509V3_EXT_S2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, const char *str);
typedef int (*X509V3_EXT_I2R)(struct v3_ext_method *method, void *ext, BIO *out, int indent);
typedef void * (*X509V3_EXT_R2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, const char *str);
typedef STACK_OF(CONF_VALUE) *
(*X509V3_EXT_I2V)(const struct v3_ext_method *method, void *ext,
STACK_OF(CONF_VALUE) *extlist);
typedef void * (*X509V3_EXT_V2I)(const struct v3_ext_method *method,
struct v3_ext_ctx *ctx,
STACK_OF(CONF_VALUE) *values);
typedef char * (*X509V3_EXT_I2S)(const struct v3_ext_method *method, void *ext);
typedef void * (*X509V3_EXT_S2I)(const struct v3_ext_method *method,
struct v3_ext_ctx *ctx, const char *str);
typedef int (*X509V3_EXT_I2R)(const struct v3_ext_method *method, void *ext,
BIO *out, int indent);
typedef void * (*X509V3_EXT_R2I)(const struct v3_ext_method *method,
struct v3_ext_ctx *ctx, const char *str);
/* V3 extension structure */
@ -220,24 +227,41 @@ union {
GENERAL_NAMES *fullname;
STACK_OF(X509_NAME_ENTRY) *relativename;
} name;
/* If relativename then this contains the full distribution point name */
X509_NAME *dpname;
} DIST_POINT_NAME;
/* All existing reasons */
#define CRLDP_ALL_REASONS 0x807f
typedef struct DIST_POINT_st {
#define CRL_REASON_NONE -1
#define CRL_REASON_UNSPECIFIED 0
#define CRL_REASON_KEY_COMPROMISE 1
#define CRL_REASON_CA_COMPROMISE 2
#define CRL_REASON_AFFILIATION_CHANGED 3
#define CRL_REASON_SUPERSEDED 4
#define CRL_REASON_CESSATION_OF_OPERATION 5
#define CRL_REASON_CERTIFICATE_HOLD 6
#define CRL_REASON_REMOVE_FROM_CRL 8
#define CRL_REASON_PRIVILEGE_WITHDRAWN 9
#define CRL_REASON_AA_COMPROMISE 10
struct DIST_POINT_st {
DIST_POINT_NAME *distpoint;
ASN1_BIT_STRING *reasons;
GENERAL_NAMES *CRLissuer;
} DIST_POINT;
int dp_reasons;
};
typedef STACK_OF(DIST_POINT) CRL_DIST_POINTS;
DECLARE_STACK_OF(DIST_POINT)
DECLARE_ASN1_SET_OF(DIST_POINT)
typedef struct AUTHORITY_KEYID_st {
struct AUTHORITY_KEYID_st {
ASN1_OCTET_STRING *keyid;
GENERAL_NAMES *issuer;
ASN1_INTEGER *serial;
} AUTHORITY_KEYID;
};
/* Strong extranet structures */
@ -303,10 +327,10 @@ typedef struct GENERAL_SUBTREE_st {
DECLARE_STACK_OF(GENERAL_SUBTREE)
typedef struct NAME_CONSTRAINTS_st {
struct NAME_CONSTRAINTS_st {
STACK_OF(GENERAL_SUBTREE) *permittedSubtrees;
STACK_OF(GENERAL_SUBTREE) *excludedSubtrees;
} NAME_CONSTRAINTS;
};
typedef struct POLICY_CONSTRAINTS_st {
ASN1_INTEGER *requireExplicitPolicy;
@ -329,6 +353,31 @@ typedef struct PROXY_CERT_INFO_EXTENSION_st
DECLARE_ASN1_FUNCTIONS(PROXY_POLICY)
DECLARE_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION)
struct ISSUING_DIST_POINT_st
{
DIST_POINT_NAME *distpoint;
int onlyuser;
int onlyCA;
ASN1_BIT_STRING *onlysomereasons;
int indirectCRL;
int onlyattr;
};
/* Values in idp_flags field */
/* IDP present */
#define IDP_PRESENT 0x1
/* IDP values inconsistent */
#define IDP_INVALID 0x2
/* onlyuser true */
#define IDP_ONLYUSER 0x4
/* onlyCA true */
#define IDP_ONLYCA 0x8
/* onlyattr true */
#define IDP_ONLYATTR 0x10
/* indirectCRL true */
#define IDP_INDIRECT 0x20
/* onlysomereasons present */
#define IDP_REASONS 0x40
#define X509V3_conf_err(val) ERR_add_error_data(6, "section:", val->section, \
",name:", val->name, ",value:", val->value);
@ -373,6 +422,7 @@ DECLARE_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION)
#define EXFLAG_PROXY 0x400
#define EXFLAG_INVALID_POLICY 0x800
#define EXFLAG_FRESHEST 0x1000
#define KU_DIGITAL_SIGNATURE 0x0080
#define KU_NON_REPUDIATION 0x0040
@ -424,9 +474,10 @@ typedef struct x509_purpose_st {
#define X509_PURPOSE_CRL_SIGN 6
#define X509_PURPOSE_ANY 7
#define X509_PURPOSE_OCSP_HELPER 8
#define X509_PURPOSE_TIMESTAMP_SIGN 9
#define X509_PURPOSE_MIN 1
#define X509_PURPOSE_MAX 8
#define X509_PURPOSE_MAX 9
/* Flags for X509V3_EXT_print() */
@ -471,6 +522,9 @@ DECLARE_ASN1_FUNCTIONS(AUTHORITY_KEYID)
DECLARE_ASN1_FUNCTIONS(PKEY_USAGE_PERIOD)
DECLARE_ASN1_FUNCTIONS(GENERAL_NAME)
GENERAL_NAME *GENERAL_NAME_dup(GENERAL_NAME *a);
int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b);
ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
@ -486,11 +540,18 @@ DECLARE_ASN1_FUNCTIONS(GENERAL_NAMES)
STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
GENERAL_NAMES *gen, STACK_OF(CONF_VALUE) *extlist);
GENERAL_NAMES *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method,
X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
GENERAL_NAMES *v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method,
X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
DECLARE_ASN1_FUNCTIONS(OTHERNAME)
DECLARE_ASN1_FUNCTIONS(EDIPARTYNAME)
int OTHERNAME_cmp(OTHERNAME *a, OTHERNAME *b);
void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type, void *value);
void *GENERAL_NAME_get0_value(GENERAL_NAME *a, int *ptype);
int GENERAL_NAME_set0_othername(GENERAL_NAME *gen,
ASN1_OBJECT *oid, ASN1_TYPE *value);
int GENERAL_NAME_get0_otherName(GENERAL_NAME *gen,
ASN1_OBJECT **poid, ASN1_TYPE **pvalue);
char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5);
ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str);
@ -507,6 +568,11 @@ DECLARE_ASN1_FUNCTIONS(NOTICEREF)
DECLARE_ASN1_FUNCTIONS(CRL_DIST_POINTS)
DECLARE_ASN1_FUNCTIONS(DIST_POINT)
DECLARE_ASN1_FUNCTIONS(DIST_POINT_NAME)
DECLARE_ASN1_FUNCTIONS(ISSUING_DIST_POINT)
int DIST_POINT_set_dpname(DIST_POINT_NAME *dpn, X509_NAME *iname);
int NAME_CONSTRAINTS_check(X509 *x, NAME_CONSTRAINTS *nc);
DECLARE_ASN1_FUNCTIONS(ACCESS_DESCRIPTION)
DECLARE_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS)
@ -524,11 +590,16 @@ DECLARE_ASN1_ALLOC_FUNCTIONS(NAME_CONSTRAINTS)
DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_CONSTRAINTS)
DECLARE_ASN1_ITEM(POLICY_CONSTRAINTS)
GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out,
const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
int gen_type, char *value, int is_nc);
#ifdef HEADER_CONF_H
GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
CONF_VALUE *cnf);
GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out, X509V3_EXT_METHOD *method,
X509V3_CTX *ctx, CONF_VALUE *cnf, int is_nc);
GENERAL_NAME *v2i_GENERAL_NAME(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
CONF_VALUE *cnf);
GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
const X509V3_EXT_METHOD *method,
X509V3_CTX *ctx, CONF_VALUE *cnf, int is_nc);
void X509V3_conf_free(CONF_VALUE *val);
X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid, char *value);
@ -538,18 +609,23 @@ int X509V3_EXT_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, X509 *cert)
int X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, X509_REQ *req);
int X509V3_EXT_CRL_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, X509_CRL *crl);
X509_EXTENSION *X509V3_EXT_conf_nid(LHASH *conf, X509V3_CTX *ctx, int ext_nid, char *value);
X509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name, char *value);
int X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509 *cert);
int X509V3_EXT_REQ_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509_REQ *req);
int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509_CRL *crl);
X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
int ext_nid, char *value);
X509_EXTENSION *X509V3_EXT_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
char *name, char *value);
int X509V3_EXT_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
char *section, X509 *cert);
int X509V3_EXT_REQ_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
char *section, X509_REQ *req);
int X509V3_EXT_CRL_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
char *section, X509_CRL *crl);
int X509V3_add_value_bool_nf(char *name, int asn1_bool,
STACK_OF(CONF_VALUE) **extlist);
STACK_OF(CONF_VALUE) **extlist);
int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool);
int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint);
void X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf);
void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH *lhash);
void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH_OF(CONF_VALUE) *lhash);
#endif
char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section);
@ -576,8 +652,8 @@ int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist);
int X509V3_EXT_add_alias(int nid_to, int nid_from);
void X509V3_EXT_cleanup(void);
X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext);
X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid);
const X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext);
const X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid);
int X509V3_add_standard_extensions(void);
STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line);
void *X509V3_EXT_d2i(X509_EXTENSION *ext);
@ -587,8 +663,8 @@ void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx);
X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc);
int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value, int crit, unsigned long flags);
char *hex_to_string(unsigned char *buffer, long len);
unsigned char *string_to_hex(char *str, long *len);
char *hex_to_string(const unsigned char *buffer, long len);
unsigned char *string_to_hex(const char *str, long *len);
int name_cmp(const char *name, const char *cmp);
void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent,
@ -603,6 +679,7 @@ int X509_check_purpose(X509 *x, int id, int ca);
int X509_supported_extension(X509_EXTENSION *ex);
int X509_PURPOSE_set(int *p, int purpose);
int X509_check_issued(X509 *issuer, X509 *subject);
int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid);
int X509_PURPOSE_get_count(void);
X509_PURPOSE * X509_PURPOSE_get0(int idx);
int X509_PURPOSE_get_by_sname(char *sname);
@ -616,10 +693,10 @@ int X509_PURPOSE_get_trust(X509_PURPOSE *xp);
void X509_PURPOSE_cleanup(void);
int X509_PURPOSE_get_id(X509_PURPOSE *);
STACK *X509_get1_email(X509 *x);
STACK *X509_REQ_get1_email(X509_REQ *x);
void X509_email_free(STACK *sk);
STACK *X509_get1_ocsp(X509 *x);
STACK_OF(OPENSSL_STRING) *X509_get1_email(X509 *x);
STACK_OF(OPENSSL_STRING) *X509_REQ_get1_email(X509_REQ *x);
void X509_email_free(STACK_OF(OPENSSL_STRING) *sk);
STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(X509 *x);
ASN1_OCTET_STRING *a2i_IPADDRESS(const char *ipasc);
ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc);
@ -628,6 +705,7 @@ int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE)*dn_sk,
unsigned long chtype);
void X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node, int indent);
DECLARE_STACK_OF(X509_POLICY_NODE)
#ifndef OPENSSL_NO_RFC3779
@ -787,8 +865,9 @@ void ERR_load_X509V3_strings(void);
/* Error codes for the X509V3 functions. */
/* Function codes. */
#define X509V3_F_ASIDENTIFIERCHOICE_CANONIZE 156
#define X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL 157
#define X509V3_F_A2I_GENERAL_NAME 164
#define X509V3_F_ASIDENTIFIERCHOICE_CANONIZE 161
#define X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL 162
#define X509V3_F_COPY_EMAIL 122
#define X509V3_F_COPY_ISSUER 123
#define X509V3_F_DO_DIRNAME 144
@ -796,6 +875,7 @@ void ERR_load_X509V3_strings(void);
#define X509V3_F_DO_EXT_I2D 135
#define X509V3_F_DO_EXT_NCONF 151
#define X509V3_F_DO_I2V_NAME_CONSTRAINTS 148
#define X509V3_F_GNAMES_FROM_SECTNAME 156
#define X509V3_F_HEX_TO_STRING 111
#define X509V3_F_I2S_ASN1_ENUMERATED 121
#define X509V3_F_I2S_ASN1_IA5STRING 149
@ -812,13 +892,14 @@ void ERR_load_X509V3_strings(void);
#define X509V3_F_S2I_ASN1_OCTET_STRING 112
#define X509V3_F_S2I_ASN1_SKEY_ID 114
#define X509V3_F_S2I_SKEY_ID 115
#define X509V3_F_SET_DIST_POINT_NAME 158
#define X509V3_F_STRING_TO_HEX 113
#define X509V3_F_SXNET_ADD_ID_ASC 125
#define X509V3_F_SXNET_ADD_ID_INTEGER 126
#define X509V3_F_SXNET_ADD_ID_ULONG 127
#define X509V3_F_SXNET_GET_ID_ASC 128
#define X509V3_F_SXNET_GET_ID_ULONG 129
#define X509V3_F_V2I_ASIDENTIFIERS 158
#define X509V3_F_V2I_ASIDENTIFIERS 163
#define X509V3_F_V2I_ASN1_BIT_STRING 101
#define X509V3_F_V2I_AUTHORITY_INFO_ACCESS 139
#define X509V3_F_V2I_AUTHORITY_KEYID 119
@ -827,6 +908,7 @@ void ERR_load_X509V3_strings(void);
#define X509V3_F_V2I_EXTENDED_KEY_USAGE 103
#define X509V3_F_V2I_GENERAL_NAMES 118
#define X509V3_F_V2I_GENERAL_NAME_EX 117
#define X509V3_F_V2I_IDP 157
#define X509V3_F_V2I_IPADDRBLOCKS 159
#define X509V3_F_V2I_ISSUER_ALT 153
#define X509V3_F_V2I_NAME_CONSTRAINTS 147
@ -855,6 +937,7 @@ void ERR_load_X509V3_strings(void);
#define X509V3_R_BN_DEC2BN_ERROR 100
#define X509V3_R_BN_TO_ASN1_INTEGER_ERROR 101
#define X509V3_R_DIRNAME_ERROR 149
#define X509V3_R_DISTPOINT_ALREADY_SET 160
#define X509V3_R_DUPLICATE_ZONE_ID 133
#define X509V3_R_ERROR_CONVERTING_ZONE 131
#define X509V3_R_ERROR_CREATING_EXTENSION 144
@ -868,12 +951,13 @@ void ERR_load_X509V3_strings(void);
#define X509V3_R_ILLEGAL_EMPTY_EXTENSION 151
#define X509V3_R_ILLEGAL_HEX_DIGIT 113
#define X509V3_R_INCORRECT_POLICY_SYNTAX_TAG 152
#define X509V3_R_INVALID_ASNUMBER 160
#define X509V3_R_INVALID_ASRANGE 161
#define X509V3_R_INVALID_MULTIPLE_RDNS 161
#define X509V3_R_INVALID_ASNUMBER 162
#define X509V3_R_INVALID_ASRANGE 163
#define X509V3_R_INVALID_BOOLEAN_STRING 104
#define X509V3_R_INVALID_EXTENSION_STRING 105
#define X509V3_R_INVALID_INHERITANCE 162
#define X509V3_R_INVALID_IPADDRESS 163
#define X509V3_R_INVALID_INHERITANCE 165
#define X509V3_R_INVALID_IPADDRESS 166
#define X509V3_R_INVALID_NAME 106
#define X509V3_R_INVALID_NULL_ARGUMENT 107
#define X509V3_R_INVALID_NULL_NAME 108
@ -901,9 +985,9 @@ void ERR_load_X509V3_strings(void);
#define X509V3_R_ODD_NUMBER_OF_DIGITS 112
#define X509V3_R_OPERATION_NOT_DEFINED 148
#define X509V3_R_OTHERNAME_ERROR 147
#define X509V3_R_POLICY_LANGUAGE_ALREADTY_DEFINED 155
#define X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED 155
#define X509V3_R_POLICY_PATH_LENGTH 156
#define X509V3_R_POLICY_PATH_LENGTH_ALREADTY_DEFINED 157
#define X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED 157
#define X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED 158
#define X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY 159
#define X509V3_R_SECTION_NOT_FOUND 150
@ -914,6 +998,7 @@ void ERR_load_X509V3_strings(void);
#define X509V3_R_UNKNOWN_EXTENSION_NAME 130
#define X509V3_R_UNKNOWN_OPTION 120
#define X509V3_R_UNSUPPORTED_OPTION 117
#define X509V3_R_UNSUPPORTED_TYPE 167
#define X509V3_R_USER_TOO_LONG 132
#ifdef __cplusplus

BIN
libcrypto.a Normal file
View File

Binary file not shown.

BIN
libcrypto_arm.a
View File

Binary file not shown.

BIN
libcrypto_arm_sdk3.2.a
View File

Binary file not shown.

BIN
libcrypto_i386.a
View File

Binary file not shown.

BIN
libcrypto_i386_sdk3.2.a
View File

Binary file not shown.

BIN
libssl.a Normal file
View File

Binary file not shown.

BIN
libssl_arm.a
View File

Binary file not shown.

BIN
libssl_arm_sdk3.2.a
View File

Binary file not shown.

BIN
libssl_i386.a
View File

Binary file not shown.

BIN
libssl_i386_sdk3.2.a
View File

Binary file not shown.

2
main.m
View File

@ -1,6 +1,6 @@
//
// main.m
// OpenSSL-1
// OpenSSL-for-iPhone
//
// Created by Felix Schulze on 01.02.2010.
// Copyright Felix Schulze 2010. All rights reserved.