mirror of
https://git.FreeBSD.org/src.git
synced 2024-12-11 09:50:12 +00:00
OpenSSL: Remove obsolete include directory
This directory was deprecated since OpenSSL 1.1.1e. https://github.com/openssl/openssl/pull/9681
This commit is contained in:
parent
294e62bebf
commit
b840816061
@ -1,16 +0,0 @@
|
||||
/*
|
||||
* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
/*
|
||||
* This file is only used by HP C on VMS, and is included automatically
|
||||
* after each header file from this directory
|
||||
*/
|
||||
|
||||
/* restore state. Must correspond to the save in __decc_include_prologue.h */
|
||||
#pragma names restore
|
@ -1,20 +0,0 @@
|
||||
/*
|
||||
* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
/*
|
||||
* This file is only used by HP C on VMS, and is included automatically
|
||||
* after each header file from this directory
|
||||
*/
|
||||
|
||||
/* save state */
|
||||
#pragma names save
|
||||
/* have the compiler shorten symbols larger than 31 chars to 23 chars
|
||||
* followed by a 8 hex char CRC
|
||||
*/
|
||||
#pragma names as_is,shortened
|
@ -1,50 +0,0 @@
|
||||
/*
|
||||
* Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
/* Copyright (c) 2017 National Security Research Institute. All rights reserved. */
|
||||
|
||||
#ifndef HEADER_ARIA_H
|
||||
# define HEADER_ARIA_H
|
||||
|
||||
# include <openssl/opensslconf.h>
|
||||
|
||||
# ifdef OPENSSL_NO_ARIA
|
||||
# error ARIA is disabled.
|
||||
# endif
|
||||
|
||||
# define ARIA_ENCRYPT 1
|
||||
# define ARIA_DECRYPT 0
|
||||
|
||||
# define ARIA_BLOCK_SIZE 16 /* Size of each encryption/decryption block */
|
||||
# define ARIA_MAX_KEYS 17 /* Number of keys needed in the worst case */
|
||||
|
||||
typedef union {
|
||||
unsigned char c[ARIA_BLOCK_SIZE];
|
||||
unsigned int u[ARIA_BLOCK_SIZE / sizeof(unsigned int)];
|
||||
} ARIA_u128;
|
||||
|
||||
typedef unsigned char ARIA_c128[ARIA_BLOCK_SIZE];
|
||||
|
||||
struct aria_key_st {
|
||||
ARIA_u128 rd_key[ARIA_MAX_KEYS];
|
||||
unsigned int rounds;
|
||||
};
|
||||
typedef struct aria_key_st ARIA_KEY;
|
||||
|
||||
|
||||
int aria_set_encrypt_key(const unsigned char *userKey, const int bits,
|
||||
ARIA_KEY *key);
|
||||
int aria_set_decrypt_key(const unsigned char *userKey, const int bits,
|
||||
ARIA_KEY *key);
|
||||
|
||||
void aria_encrypt(const unsigned char *in, unsigned char *out,
|
||||
const ARIA_KEY *key);
|
||||
|
||||
#endif
|
@ -1,113 +0,0 @@
|
||||
/*
|
||||
* Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
/* Internal ASN1 structures and functions: not for application use */
|
||||
|
||||
/* ASN1 public key method structure */
|
||||
|
||||
struct evp_pkey_asn1_method_st {
|
||||
int pkey_id;
|
||||
int pkey_base_id;
|
||||
unsigned long pkey_flags;
|
||||
char *pem_str;
|
||||
char *info;
|
||||
int (*pub_decode) (EVP_PKEY *pk, X509_PUBKEY *pub);
|
||||
int (*pub_encode) (X509_PUBKEY *pub, const EVP_PKEY *pk);
|
||||
int (*pub_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
|
||||
int (*pub_print) (BIO *out, const EVP_PKEY *pkey, int indent,
|
||||
ASN1_PCTX *pctx);
|
||||
int (*priv_decode) (EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf);
|
||||
int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk);
|
||||
int (*priv_print) (BIO *out, const EVP_PKEY *pkey, int indent,
|
||||
ASN1_PCTX *pctx);
|
||||
int (*pkey_size) (const EVP_PKEY *pk);
|
||||
int (*pkey_bits) (const EVP_PKEY *pk);
|
||||
int (*pkey_security_bits) (const EVP_PKEY *pk);
|
||||
int (*param_decode) (EVP_PKEY *pkey,
|
||||
const unsigned char **pder, int derlen);
|
||||
int (*param_encode) (const EVP_PKEY *pkey, unsigned char **pder);
|
||||
int (*param_missing) (const EVP_PKEY *pk);
|
||||
int (*param_copy) (EVP_PKEY *to, const EVP_PKEY *from);
|
||||
int (*param_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
|
||||
int (*param_print) (BIO *out, const EVP_PKEY *pkey, int indent,
|
||||
ASN1_PCTX *pctx);
|
||||
int (*sig_print) (BIO *out,
|
||||
const X509_ALGOR *sigalg, const ASN1_STRING *sig,
|
||||
int indent, ASN1_PCTX *pctx);
|
||||
void (*pkey_free) (EVP_PKEY *pkey);
|
||||
int (*pkey_ctrl) (EVP_PKEY *pkey, int op, long arg1, void *arg2);
|
||||
/* Legacy functions for old PEM */
|
||||
int (*old_priv_decode) (EVP_PKEY *pkey,
|
||||
const unsigned char **pder, int derlen);
|
||||
int (*old_priv_encode) (const EVP_PKEY *pkey, unsigned char **pder);
|
||||
/* Custom ASN1 signature verification */
|
||||
int (*item_verify) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
|
||||
X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey);
|
||||
int (*item_sign) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
|
||||
X509_ALGOR *alg1, X509_ALGOR *alg2,
|
||||
ASN1_BIT_STRING *sig);
|
||||
int (*siginf_set) (X509_SIG_INFO *siginf, const X509_ALGOR *alg,
|
||||
const ASN1_STRING *sig);
|
||||
/* Check */
|
||||
int (*pkey_check) (const EVP_PKEY *pk);
|
||||
int (*pkey_public_check) (const EVP_PKEY *pk);
|
||||
int (*pkey_param_check) (const EVP_PKEY *pk);
|
||||
/* Get/set raw private/public key data */
|
||||
int (*set_priv_key) (EVP_PKEY *pk, const unsigned char *priv, size_t len);
|
||||
int (*set_pub_key) (EVP_PKEY *pk, const unsigned char *pub, size_t len);
|
||||
int (*get_priv_key) (const EVP_PKEY *pk, unsigned char *priv, size_t *len);
|
||||
int (*get_pub_key) (const EVP_PKEY *pk, unsigned char *pub, size_t *len);
|
||||
} /* EVP_PKEY_ASN1_METHOD */ ;
|
||||
|
||||
DEFINE_STACK_OF_CONST(EVP_PKEY_ASN1_METHOD)
|
||||
|
||||
extern const EVP_PKEY_ASN1_METHOD cmac_asn1_meth;
|
||||
extern const EVP_PKEY_ASN1_METHOD dh_asn1_meth;
|
||||
extern const EVP_PKEY_ASN1_METHOD dhx_asn1_meth;
|
||||
extern const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[5];
|
||||
extern const EVP_PKEY_ASN1_METHOD eckey_asn1_meth;
|
||||
extern const EVP_PKEY_ASN1_METHOD ecx25519_asn1_meth;
|
||||
extern const EVP_PKEY_ASN1_METHOD ecx448_asn1_meth;
|
||||
extern const EVP_PKEY_ASN1_METHOD ed25519_asn1_meth;
|
||||
extern const EVP_PKEY_ASN1_METHOD ed448_asn1_meth;
|
||||
extern const EVP_PKEY_ASN1_METHOD sm2_asn1_meth;
|
||||
extern const EVP_PKEY_ASN1_METHOD poly1305_asn1_meth;
|
||||
|
||||
extern const EVP_PKEY_ASN1_METHOD hmac_asn1_meth;
|
||||
extern const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[2];
|
||||
extern const EVP_PKEY_ASN1_METHOD rsa_pss_asn1_meth;
|
||||
extern const EVP_PKEY_ASN1_METHOD siphash_asn1_meth;
|
||||
|
||||
/*
|
||||
* These are used internally in the ASN1_OBJECT to keep track of whether the
|
||||
* names and data need to be free()ed
|
||||
*/
|
||||
# define ASN1_OBJECT_FLAG_DYNAMIC 0x01/* internal use */
|
||||
# define ASN1_OBJECT_FLAG_CRITICAL 0x02/* critical x509v3 object id */
|
||||
# define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04/* internal use */
|
||||
# define ASN1_OBJECT_FLAG_DYNAMIC_DATA 0x08/* internal use */
|
||||
struct asn1_object_st {
|
||||
const char *sn, *ln;
|
||||
int nid;
|
||||
int length;
|
||||
const unsigned char *data; /* data remains const after init */
|
||||
int flags; /* Should we free this one */
|
||||
};
|
||||
|
||||
/* ASN1 print context structure */
|
||||
|
||||
struct asn1_pctx_st {
|
||||
unsigned long flags;
|
||||
unsigned long nm_flags;
|
||||
unsigned long cert_flags;
|
||||
unsigned long oid_flags;
|
||||
unsigned long str_flags;
|
||||
} /* ASN1_PCTX */ ;
|
||||
|
||||
int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb);
|
@ -1,15 +0,0 @@
|
||||
/*
|
||||
* Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#include <openssl/async.h>
|
||||
|
||||
int async_init(void);
|
||||
void async_deinit(void);
|
||||
void async_delete_thread_state(void);
|
||||
|
@ -1,27 +0,0 @@
|
||||
{- join("\n",map { "/* $_ */" } @autowarntext) -}
|
||||
/*
|
||||
* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#ifndef HEADER_BN_CONF_H
|
||||
# define HEADER_BN_CONF_H
|
||||
|
||||
/*
|
||||
* The contents of this file are not used in the UEFI build, as
|
||||
* both 32-bit and 64-bit builds are supported from a single run
|
||||
* of the Configure script.
|
||||
*/
|
||||
|
||||
/* Should we define BN_DIV2W here? */
|
||||
|
||||
/* Only one for the following should be defined */
|
||||
{- $config{b64l} ? "#define" : "#undef" -} SIXTY_FOUR_BIT_LONG
|
||||
{- $config{b64} ? "#define" : "#undef" -} SIXTY_FOUR_BIT
|
||||
{- $config{b32} ? "#define" : "#undef" -} THIRTY_TWO_BIT
|
||||
|
||||
#endif
|
@ -1,24 +0,0 @@
|
||||
/*
|
||||
* Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#define declare_dh_bn(x) \
|
||||
extern const BIGNUM _bignum_dh##x##_p; \
|
||||
extern const BIGNUM _bignum_dh##x##_g; \
|
||||
extern const BIGNUM _bignum_dh##x##_q;
|
||||
|
||||
declare_dh_bn(1024_160)
|
||||
declare_dh_bn(2048_224)
|
||||
declare_dh_bn(2048_256)
|
||||
|
||||
extern const BIGNUM _bignum_ffdhe2048_p;
|
||||
extern const BIGNUM _bignum_ffdhe3072_p;
|
||||
extern const BIGNUM _bignum_ffdhe4096_p;
|
||||
extern const BIGNUM _bignum_ffdhe6144_p;
|
||||
extern const BIGNUM _bignum_ffdhe8192_p;
|
||||
extern const BIGNUM _bignum_const_2;
|
@ -1,90 +0,0 @@
|
||||
/*
|
||||
* Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#ifndef HEADER_BN_INT_H
|
||||
# define HEADER_BN_INT_H
|
||||
|
||||
# include <openssl/bn.h>
|
||||
# include <limits.h>
|
||||
|
||||
BIGNUM *bn_wexpand(BIGNUM *a, int words);
|
||||
BIGNUM *bn_expand2(BIGNUM *a, int words);
|
||||
|
||||
void bn_correct_top(BIGNUM *a);
|
||||
|
||||
/*
|
||||
* Determine the modified width-(w+1) Non-Adjacent Form (wNAF) of 'scalar'.
|
||||
* This is an array r[] of values that are either zero or odd with an
|
||||
* absolute value less than 2^w satisfying scalar = \sum_j r[j]*2^j where at
|
||||
* most one of any w+1 consecutive digits is non-zero with the exception that
|
||||
* the most significant digit may be only w-1 zeros away from that next
|
||||
* non-zero digit.
|
||||
*/
|
||||
signed char *bn_compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len);
|
||||
|
||||
int bn_get_top(const BIGNUM *a);
|
||||
|
||||
int bn_get_dmax(const BIGNUM *a);
|
||||
|
||||
/* Set all words to zero */
|
||||
void bn_set_all_zero(BIGNUM *a);
|
||||
|
||||
/*
|
||||
* Copy the internal BIGNUM words into out which holds size elements (and size
|
||||
* must be bigger than top)
|
||||
*/
|
||||
int bn_copy_words(BN_ULONG *out, const BIGNUM *in, int size);
|
||||
|
||||
BN_ULONG *bn_get_words(const BIGNUM *a);
|
||||
|
||||
/*
|
||||
* Set the internal data words in a to point to words which contains size
|
||||
* elements. The BN_FLG_STATIC_DATA flag is set
|
||||
*/
|
||||
void bn_set_static_words(BIGNUM *a, const BN_ULONG *words, int size);
|
||||
|
||||
/*
|
||||
* Copy words into the BIGNUM |a|, reallocating space as necessary.
|
||||
* The negative flag of |a| is not modified.
|
||||
* Returns 1 on success and 0 on failure.
|
||||
*/
|
||||
/*
|
||||
* |num_words| is int because bn_expand2 takes an int. This is an internal
|
||||
* function so we simply trust callers not to pass negative values.
|
||||
*/
|
||||
int bn_set_words(BIGNUM *a, const BN_ULONG *words, int num_words);
|
||||
|
||||
/*
|
||||
* Some BIGNUM functions assume most significant limb to be non-zero, which
|
||||
* is customarily arranged by bn_correct_top. Output from below functions
|
||||
* is not processed with bn_correct_top, and for this reason it may not be
|
||||
* returned out of public API. It may only be passed internally into other
|
||||
* functions known to support non-minimal or zero-padded BIGNUMs. Even
|
||||
* though the goal is to facilitate constant-time-ness, not each subroutine
|
||||
* is constant-time by itself. They all have pre-conditions, consult source
|
||||
* code...
|
||||
*/
|
||||
int bn_mul_mont_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
||||
BN_MONT_CTX *mont, BN_CTX *ctx);
|
||||
int bn_to_mont_fixed_top(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mont,
|
||||
BN_CTX *ctx);
|
||||
int bn_from_mont_fixed_top(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mont,
|
||||
BN_CTX *ctx);
|
||||
int bn_mod_add_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
||||
const BIGNUM *m);
|
||||
int bn_mod_sub_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
||||
const BIGNUM *m);
|
||||
int bn_mul_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
|
||||
int bn_sqr_fixed_top(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx);
|
||||
int bn_lshift_fixed_top(BIGNUM *r, const BIGNUM *a, int n);
|
||||
int bn_rshift_fixed_top(BIGNUM *r, const BIGNUM *a, int n);
|
||||
int bn_div_fixed_top(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
|
||||
const BIGNUM *d, BN_CTX *ctx);
|
||||
|
||||
#endif
|
@ -1,32 +0,0 @@
|
||||
/*
|
||||
* Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#ifndef OPENSSL_NO_SRP
|
||||
|
||||
extern const BIGNUM bn_group_1024;
|
||||
|
||||
extern const BIGNUM bn_group_1536;
|
||||
|
||||
extern const BIGNUM bn_group_2048;
|
||||
|
||||
extern const BIGNUM bn_group_3072;
|
||||
|
||||
extern const BIGNUM bn_group_4096;
|
||||
|
||||
extern const BIGNUM bn_group_6144;
|
||||
|
||||
extern const BIGNUM bn_group_8192;
|
||||
|
||||
extern const BIGNUM bn_generator_19;
|
||||
|
||||
extern const BIGNUM bn_generator_5;
|
||||
|
||||
extern const BIGNUM bn_generator_2;
|
||||
|
||||
#endif
|
@ -1,42 +0,0 @@
|
||||
/*
|
||||
* Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#ifndef HEADER_CHACHA_H
|
||||
#define HEADER_CHACHA_H
|
||||
|
||||
#include <stddef.h>
|
||||
|
||||
/*
|
||||
* ChaCha20_ctr32 encrypts |len| bytes from |inp| with the given key and
|
||||
* nonce and writes the result to |out|, which may be equal to |inp|.
|
||||
* The |key| is not 32 bytes of verbatim key material though, but the
|
||||
* said material collected into 8 32-bit elements array in host byte
|
||||
* order. Same approach applies to nonce: the |counter| argument is
|
||||
* pointer to concatenated nonce and counter values collected into 4
|
||||
* 32-bit elements. This, passing crypto material collected into 32-bit
|
||||
* elements as opposite to passing verbatim byte vectors, is chosen for
|
||||
* efficiency in multi-call scenarios.
|
||||
*/
|
||||
void ChaCha20_ctr32(unsigned char *out, const unsigned char *inp,
|
||||
size_t len, const unsigned int key[8],
|
||||
const unsigned int counter[4]);
|
||||
/*
|
||||
* You can notice that there is no key setup procedure. Because it's
|
||||
* as trivial as collecting bytes into 32-bit elements, it's reckoned
|
||||
* that below macro is sufficient.
|
||||
*/
|
||||
#define CHACHA_U8TOU32(p) ( \
|
||||
((unsigned int)(p)[0]) | ((unsigned int)(p)[1]<<8) | \
|
||||
((unsigned int)(p)[2]<<16) | ((unsigned int)(p)[3]<<24) )
|
||||
|
||||
#define CHACHA_KEY_SIZE 32
|
||||
#define CHACHA_CTR_SIZE 16
|
||||
#define CHACHA_BLK_SIZE 64
|
||||
|
||||
#endif
|
@ -1,35 +0,0 @@
|
||||
/*
|
||||
* Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#include "internal/cryptlib.h"
|
||||
|
||||
/* This file is not scanned by mkdef.pl, whereas cryptlib.h is */
|
||||
|
||||
struct thread_local_inits_st {
|
||||
int async;
|
||||
int err_state;
|
||||
int rand;
|
||||
};
|
||||
|
||||
int ossl_init_thread_start(uint64_t opts);
|
||||
|
||||
/*
|
||||
* OPENSSL_INIT flags. The primary list of these is in crypto.h. Flags below
|
||||
* are those omitted from crypto.h because they are "reserved for internal
|
||||
* use".
|
||||
*/
|
||||
# define OPENSSL_INIT_ZLIB 0x00010000L
|
||||
# define OPENSSL_INIT_BASE_ONLY 0x00040000L
|
||||
|
||||
/* OPENSSL_INIT_THREAD flags */
|
||||
# define OPENSSL_INIT_THREAD_ASYNC 0x01
|
||||
# define OPENSSL_INIT_THREAD_ERR_STATE 0x02
|
||||
# define OPENSSL_INIT_THREAD_RAND 0x04
|
||||
|
||||
void ossl_malloc_setup_failures(void);
|
@ -1,82 +0,0 @@
|
||||
/*
|
||||
* Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
/*
|
||||
* This version of ctype.h provides a standardised and platform
|
||||
* independent implementation that supports seven bit ASCII characters.
|
||||
* The specific intent is to not pass extended ASCII characters (> 127)
|
||||
* even if the host operating system would.
|
||||
*
|
||||
* There is EBCDIC support included for machines which use this. However,
|
||||
* there are a number of concerns about how well EBCDIC is supported
|
||||
* throughout the rest of the source code. Refer to issue #4154 for
|
||||
* details.
|
||||
*/
|
||||
#ifndef INTERNAL_CTYPE_H
|
||||
# define INTERNAL_CTYPE_H
|
||||
|
||||
# define CTYPE_MASK_lower 0x1
|
||||
# define CTYPE_MASK_upper 0x2
|
||||
# define CTYPE_MASK_digit 0x4
|
||||
# define CTYPE_MASK_space 0x8
|
||||
# define CTYPE_MASK_xdigit 0x10
|
||||
# define CTYPE_MASK_blank 0x20
|
||||
# define CTYPE_MASK_cntrl 0x40
|
||||
# define CTYPE_MASK_graph 0x80
|
||||
# define CTYPE_MASK_print 0x100
|
||||
# define CTYPE_MASK_punct 0x200
|
||||
# define CTYPE_MASK_base64 0x400
|
||||
# define CTYPE_MASK_asn1print 0x800
|
||||
|
||||
# define CTYPE_MASK_alpha (CTYPE_MASK_lower | CTYPE_MASK_upper)
|
||||
# define CTYPE_MASK_alnum (CTYPE_MASK_alpha | CTYPE_MASK_digit)
|
||||
|
||||
/*
|
||||
* The ascii mask assumes that any other classification implies that
|
||||
* the character is ASCII and that there are no ASCII characters
|
||||
* that aren't in any of the classifications.
|
||||
*
|
||||
* This assumption holds at the moment, but it might not in the future.
|
||||
*/
|
||||
# define CTYPE_MASK_ascii (~0)
|
||||
|
||||
# ifdef CHARSET_EBCDIC
|
||||
int ossl_toascii(int c);
|
||||
int ossl_fromascii(int c);
|
||||
# else
|
||||
# define ossl_toascii(c) (c)
|
||||
# define ossl_fromascii(c) (c)
|
||||
# endif
|
||||
int ossl_ctype_check(int c, unsigned int mask);
|
||||
int ossl_tolower(int c);
|
||||
int ossl_toupper(int c);
|
||||
|
||||
int ascii_isdigit(const char inchar);
|
||||
|
||||
# define ossl_isalnum(c) (ossl_ctype_check((c), CTYPE_MASK_alnum))
|
||||
# define ossl_isalpha(c) (ossl_ctype_check((c), CTYPE_MASK_alpha))
|
||||
# ifdef CHARSET_EBCDIC
|
||||
# define ossl_isascii(c) (ossl_ctype_check((c), CTYPE_MASK_ascii))
|
||||
# else
|
||||
# define ossl_isascii(c) (((c) & ~127) == 0)
|
||||
# endif
|
||||
# define ossl_isblank(c) (ossl_ctype_check((c), CTYPE_MASK_blank))
|
||||
# define ossl_iscntrl(c) (ossl_ctype_check((c), CTYPE_MASK_cntrl))
|
||||
# define ossl_isdigit(c) (ossl_ctype_check((c), CTYPE_MASK_digit))
|
||||
# define ossl_isgraph(c) (ossl_ctype_check((c), CTYPE_MASK_graph))
|
||||
# define ossl_islower(c) (ossl_ctype_check((c), CTYPE_MASK_lower))
|
||||
# define ossl_isprint(c) (ossl_ctype_check((c), CTYPE_MASK_print))
|
||||
# define ossl_ispunct(c) (ossl_ctype_check((c), CTYPE_MASK_punct))
|
||||
# define ossl_isspace(c) (ossl_ctype_check((c), CTYPE_MASK_space))
|
||||
# define ossl_isupper(c) (ossl_ctype_check((c), CTYPE_MASK_upper))
|
||||
# define ossl_isxdigit(c) (ossl_ctype_check((c), CTYPE_MASK_xdigit))
|
||||
# define ossl_isbase64(c) (ossl_ctype_check((c), CTYPE_MASK_base64))
|
||||
# define ossl_isasn1print(c) (ossl_ctype_check((c), CTYPE_MASK_asn1print))
|
||||
|
||||
#endif
|
@ -1,31 +0,0 @@
|
||||
{- join("\n",map { "/* $_ */" } @autowarntext) -}
|
||||
/*
|
||||
* Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#ifndef HEADER_DSO_CONF_H
|
||||
# define HEADER_DSO_CONF_H
|
||||
{- # The DSO code currently always implements all functions so that no
|
||||
# applications will have to worry about that from a compilation point
|
||||
# of view. However, the "method"s may return zero unless that platform
|
||||
# has support compiled in for them. Currently each method is enabled
|
||||
# by a define "DSO_<name>" ... we translate the "dso_scheme" config
|
||||
# string entry into using the following logic;
|
||||
my $scheme = uc $target{dso_scheme};
|
||||
if (!$scheme) {
|
||||
$scheme = "NONE";
|
||||
}
|
||||
my @macros = ( "DSO_$scheme" );
|
||||
if ($scheme eq 'DLFCN') {
|
||||
@macros = ( "DSO_DLFCN", "HAVE_DLFCN_H" );
|
||||
} elsif ($scheme eq "DLFCN_NO_H") {
|
||||
@macros = ( "DSO_DLFCN" );
|
||||
}
|
||||
join("\n", map { "# define $_" } @macros); -}
|
||||
# define DSO_EXTENSION "{- $target{dso_extension} -}"
|
||||
#endif
|
@ -1,53 +0,0 @@
|
||||
/*
|
||||
* Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
/* Internal EC functions for other submodules: not for application use */
|
||||
|
||||
#ifndef HEADER_OSSL_EC_INTERNAL_H
|
||||
# define HEADER_OSSL_EC_INTERNAL_H
|
||||
# include <openssl/opensslconf.h>
|
||||
|
||||
# ifndef OPENSSL_NO_EC
|
||||
|
||||
# include <openssl/ec.h>
|
||||
|
||||
/*-
|
||||
* Computes the multiplicative inverse of x in the range
|
||||
* [1,EC_GROUP::order), where EC_GROUP::order is the cardinality of the
|
||||
* subgroup generated by the generator G:
|
||||
*
|
||||
* res := x^(-1) (mod EC_GROUP::order).
|
||||
*
|
||||
* This function expects the following two conditions to hold:
|
||||
* - the EC_GROUP order is prime, and
|
||||
* - x is included in the range [1, EC_GROUP::order).
|
||||
*
|
||||
* This function returns 1 on success, 0 on error.
|
||||
*
|
||||
* If the EC_GROUP order is even, this function explicitly returns 0 as
|
||||
* an error.
|
||||
* In case any of the two conditions stated above is not satisfied,
|
||||
* the correctness of its output is not guaranteed, even if the return
|
||||
* value could still be 1 (as primality testing and a conditional modular
|
||||
* reduction round on the input can be omitted by the underlying
|
||||
* implementations for better SCA properties on regular input values).
|
||||
*/
|
||||
__owur int ec_group_do_inverse_ord(const EC_GROUP *group, BIGNUM *res,
|
||||
const BIGNUM *x, BN_CTX *ctx);
|
||||
|
||||
/*-
|
||||
* ECDH Key Derivation Function as defined in ANSI X9.63
|
||||
*/
|
||||
int ecdh_KDF_X9_63(unsigned char *out, size_t outlen,
|
||||
const unsigned char *Z, size_t Zlen,
|
||||
const unsigned char *sinfo, size_t sinfolen,
|
||||
const EVP_MD *md);
|
||||
|
||||
# endif /* OPENSSL_NO_EC */
|
||||
#endif
|
@ -1,20 +0,0 @@
|
||||
/*
|
||||
* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#include <openssl/engine.h>
|
||||
|
||||
void engine_load_openssl_int(void);
|
||||
void engine_load_devcrypto_int(void);
|
||||
void engine_load_rdrand_int(void);
|
||||
void engine_load_dynamic_int(void);
|
||||
void engine_load_padlock_int(void);
|
||||
void engine_load_capi_int(void);
|
||||
void engine_load_dasync_int(void);
|
||||
void engine_load_afalg_int(void);
|
||||
void engine_cleanup_int(void);
|
@ -1,19 +0,0 @@
|
||||
/*
|
||||
* Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#ifndef INTERNAL_ERR_INT_H
|
||||
# define INTERNAL_ERR_INT_H
|
||||
|
||||
int err_load_crypto_strings_int(void);
|
||||
void err_cleanup(void);
|
||||
void err_delete_thread_state(void);
|
||||
int err_shelve_state(void **);
|
||||
void err_unshelve_state(void *);
|
||||
|
||||
#endif
|
@ -1,442 +0,0 @@
|
||||
/*
|
||||
* Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#include <openssl/evp.h>
|
||||
#include "internal/refcount.h"
|
||||
|
||||
/*
|
||||
* Don't free up md_ctx->pctx in EVP_MD_CTX_reset, use the reserved flag
|
||||
* values in evp.h
|
||||
*/
|
||||
#define EVP_MD_CTX_FLAG_KEEP_PKEY_CTX 0x0400
|
||||
|
||||
struct evp_pkey_ctx_st {
|
||||
/* Method associated with this operation */
|
||||
const EVP_PKEY_METHOD *pmeth;
|
||||
/* Engine that implements this method or NULL if builtin */
|
||||
ENGINE *engine;
|
||||
/* Key: may be NULL */
|
||||
EVP_PKEY *pkey;
|
||||
/* Peer key for key agreement, may be NULL */
|
||||
EVP_PKEY *peerkey;
|
||||
/* Actual operation */
|
||||
int operation;
|
||||
/* Algorithm specific data */
|
||||
void *data;
|
||||
/* Application specific data */
|
||||
void *app_data;
|
||||
/* Keygen callback */
|
||||
EVP_PKEY_gen_cb *pkey_gencb;
|
||||
/* implementation specific keygen data */
|
||||
int *keygen_info;
|
||||
int keygen_info_count;
|
||||
} /* EVP_PKEY_CTX */ ;
|
||||
|
||||
#define EVP_PKEY_FLAG_DYNAMIC 1
|
||||
|
||||
struct evp_pkey_method_st {
|
||||
int pkey_id;
|
||||
int flags;
|
||||
int (*init) (EVP_PKEY_CTX *ctx);
|
||||
int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
|
||||
void (*cleanup) (EVP_PKEY_CTX *ctx);
|
||||
int (*paramgen_init) (EVP_PKEY_CTX *ctx);
|
||||
int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
|
||||
int (*keygen_init) (EVP_PKEY_CTX *ctx);
|
||||
int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
|
||||
int (*sign_init) (EVP_PKEY_CTX *ctx);
|
||||
int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
|
||||
const unsigned char *tbs, size_t tbslen);
|
||||
int (*verify_init) (EVP_PKEY_CTX *ctx);
|
||||
int (*verify) (EVP_PKEY_CTX *ctx,
|
||||
const unsigned char *sig, size_t siglen,
|
||||
const unsigned char *tbs, size_t tbslen);
|
||||
int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
|
||||
int (*verify_recover) (EVP_PKEY_CTX *ctx,
|
||||
unsigned char *rout, size_t *routlen,
|
||||
const unsigned char *sig, size_t siglen);
|
||||
int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
|
||||
int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
|
||||
EVP_MD_CTX *mctx);
|
||||
int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
|
||||
int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
|
||||
EVP_MD_CTX *mctx);
|
||||
int (*encrypt_init) (EVP_PKEY_CTX *ctx);
|
||||
int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
|
||||
const unsigned char *in, size_t inlen);
|
||||
int (*decrypt_init) (EVP_PKEY_CTX *ctx);
|
||||
int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
|
||||
const unsigned char *in, size_t inlen);
|
||||
int (*derive_init) (EVP_PKEY_CTX *ctx);
|
||||
int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
|
||||
int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
|
||||
int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);
|
||||
int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
|
||||
const unsigned char *tbs, size_t tbslen);
|
||||
int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
|
||||
size_t siglen, const unsigned char *tbs,
|
||||
size_t tbslen);
|
||||
int (*check) (EVP_PKEY *pkey);
|
||||
int (*public_check) (EVP_PKEY *pkey);
|
||||
int (*param_check) (EVP_PKEY *pkey);
|
||||
|
||||
int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
|
||||
} /* EVP_PKEY_METHOD */ ;
|
||||
|
||||
DEFINE_STACK_OF_CONST(EVP_PKEY_METHOD)
|
||||
|
||||
void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx);
|
||||
|
||||
extern const EVP_PKEY_METHOD cmac_pkey_meth;
|
||||
extern const EVP_PKEY_METHOD dh_pkey_meth;
|
||||
extern const EVP_PKEY_METHOD dhx_pkey_meth;
|
||||
extern const EVP_PKEY_METHOD dsa_pkey_meth;
|
||||
extern const EVP_PKEY_METHOD ec_pkey_meth;
|
||||
extern const EVP_PKEY_METHOD sm2_pkey_meth;
|
||||
extern const EVP_PKEY_METHOD ecx25519_pkey_meth;
|
||||
extern const EVP_PKEY_METHOD ecx448_pkey_meth;
|
||||
extern const EVP_PKEY_METHOD ed25519_pkey_meth;
|
||||
extern const EVP_PKEY_METHOD ed448_pkey_meth;
|
||||
extern const EVP_PKEY_METHOD hmac_pkey_meth;
|
||||
extern const EVP_PKEY_METHOD rsa_pkey_meth;
|
||||
extern const EVP_PKEY_METHOD rsa_pss_pkey_meth;
|
||||
extern const EVP_PKEY_METHOD scrypt_pkey_meth;
|
||||
extern const EVP_PKEY_METHOD tls1_prf_pkey_meth;
|
||||
extern const EVP_PKEY_METHOD hkdf_pkey_meth;
|
||||
extern const EVP_PKEY_METHOD poly1305_pkey_meth;
|
||||
extern const EVP_PKEY_METHOD siphash_pkey_meth;
|
||||
|
||||
struct evp_md_st {
|
||||
int type;
|
||||
int pkey_type;
|
||||
int md_size;
|
||||
unsigned long flags;
|
||||
int (*init) (EVP_MD_CTX *ctx);
|
||||
int (*update) (EVP_MD_CTX *ctx, const void *data, size_t count);
|
||||
int (*final) (EVP_MD_CTX *ctx, unsigned char *md);
|
||||
int (*copy) (EVP_MD_CTX *to, const EVP_MD_CTX *from);
|
||||
int (*cleanup) (EVP_MD_CTX *ctx);
|
||||
int block_size;
|
||||
int ctx_size; /* how big does the ctx->md_data need to be */
|
||||
/* control function */
|
||||
int (*md_ctrl) (EVP_MD_CTX *ctx, int cmd, int p1, void *p2);
|
||||
} /* EVP_MD */ ;
|
||||
|
||||
struct evp_cipher_st {
|
||||
int nid;
|
||||
int block_size;
|
||||
/* Default value for variable length ciphers */
|
||||
int key_len;
|
||||
int iv_len;
|
||||
/* Various flags */
|
||||
unsigned long flags;
|
||||
/* init key */
|
||||
int (*init) (EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
||||
const unsigned char *iv, int enc);
|
||||
/* encrypt/decrypt data */
|
||||
int (*do_cipher) (EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
const unsigned char *in, size_t inl);
|
||||
/* cleanup ctx */
|
||||
int (*cleanup) (EVP_CIPHER_CTX *);
|
||||
/* how big ctx->cipher_data needs to be */
|
||||
int ctx_size;
|
||||
/* Populate a ASN1_TYPE with parameters */
|
||||
int (*set_asn1_parameters) (EVP_CIPHER_CTX *, ASN1_TYPE *);
|
||||
/* Get parameters from a ASN1_TYPE */
|
||||
int (*get_asn1_parameters) (EVP_CIPHER_CTX *, ASN1_TYPE *);
|
||||
/* Miscellaneous operations */
|
||||
int (*ctrl) (EVP_CIPHER_CTX *, int type, int arg, void *ptr);
|
||||
/* Application data */
|
||||
void *app_data;
|
||||
} /* EVP_CIPHER */ ;
|
||||
|
||||
/* Macros to code block cipher wrappers */
|
||||
|
||||
/* Wrapper functions for each cipher mode */
|
||||
|
||||
#define EVP_C_DATA(kstruct, ctx) \
|
||||
((kstruct *)EVP_CIPHER_CTX_get_cipher_data(ctx))
|
||||
|
||||
#define BLOCK_CIPHER_ecb_loop() \
|
||||
size_t i, bl; \
|
||||
bl = EVP_CIPHER_CTX_cipher(ctx)->block_size; \
|
||||
if (inl < bl) return 1;\
|
||||
inl -= bl; \
|
||||
for (i=0; i <= inl; i+=bl)
|
||||
|
||||
#define BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
|
||||
static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
|
||||
{\
|
||||
BLOCK_CIPHER_ecb_loop() \
|
||||
cprefix##_ecb_encrypt(in + i, out + i, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_encrypting(ctx)); \
|
||||
return 1;\
|
||||
}
|
||||
|
||||
#define EVP_MAXCHUNK ((size_t)1<<(sizeof(long)*8-2))
|
||||
|
||||
#define BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) \
|
||||
static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
|
||||
{\
|
||||
while(inl>=EVP_MAXCHUNK) {\
|
||||
int num = EVP_CIPHER_CTX_num(ctx);\
|
||||
cprefix##_ofb##cbits##_encrypt(in, out, (long)EVP_MAXCHUNK, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), &num); \
|
||||
EVP_CIPHER_CTX_set_num(ctx, num);\
|
||||
inl-=EVP_MAXCHUNK;\
|
||||
in +=EVP_MAXCHUNK;\
|
||||
out+=EVP_MAXCHUNK;\
|
||||
}\
|
||||
if (inl) {\
|
||||
int num = EVP_CIPHER_CTX_num(ctx);\
|
||||
cprefix##_ofb##cbits##_encrypt(in, out, (long)inl, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), &num); \
|
||||
EVP_CIPHER_CTX_set_num(ctx, num);\
|
||||
}\
|
||||
return 1;\
|
||||
}
|
||||
|
||||
#define BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
|
||||
static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
|
||||
{\
|
||||
while(inl>=EVP_MAXCHUNK) \
|
||||
{\
|
||||
cprefix##_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), EVP_CIPHER_CTX_encrypting(ctx));\
|
||||
inl-=EVP_MAXCHUNK;\
|
||||
in +=EVP_MAXCHUNK;\
|
||||
out+=EVP_MAXCHUNK;\
|
||||
}\
|
||||
if (inl)\
|
||||
cprefix##_cbc_encrypt(in, out, (long)inl, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), EVP_CIPHER_CTX_encrypting(ctx));\
|
||||
return 1;\
|
||||
}
|
||||
|
||||
#define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
|
||||
static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
|
||||
{\
|
||||
size_t chunk = EVP_MAXCHUNK;\
|
||||
if (cbits == 1) chunk >>= 3;\
|
||||
if (inl < chunk) chunk = inl;\
|
||||
while (inl && inl >= chunk)\
|
||||
{\
|
||||
int num = EVP_CIPHER_CTX_num(ctx);\
|
||||
cprefix##_cfb##cbits##_encrypt(in, out, (long) \
|
||||
((cbits == 1) \
|
||||
&& !EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS) \
|
||||
? chunk*8 : chunk), \
|
||||
&EVP_C_DATA(kstruct, ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx),\
|
||||
&num, EVP_CIPHER_CTX_encrypting(ctx));\
|
||||
EVP_CIPHER_CTX_set_num(ctx, num);\
|
||||
inl -= chunk;\
|
||||
in += chunk;\
|
||||
out += chunk;\
|
||||
if (inl < chunk) chunk = inl;\
|
||||
}\
|
||||
return 1;\
|
||||
}
|
||||
|
||||
#define BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
|
||||
BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
|
||||
BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
|
||||
BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
|
||||
BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched)
|
||||
|
||||
#define BLOCK_CIPHER_def1(cname, nmode, mode, MODE, kstruct, nid, block_size, \
|
||||
key_len, iv_len, flags, init_key, cleanup, \
|
||||
set_asn1, get_asn1, ctrl) \
|
||||
static const EVP_CIPHER cname##_##mode = { \
|
||||
nid##_##nmode, block_size, key_len, iv_len, \
|
||||
flags | EVP_CIPH_##MODE##_MODE, \
|
||||
init_key, \
|
||||
cname##_##mode##_cipher, \
|
||||
cleanup, \
|
||||
sizeof(kstruct), \
|
||||
set_asn1, get_asn1,\
|
||||
ctrl, \
|
||||
NULL \
|
||||
}; \
|
||||
const EVP_CIPHER *EVP_##cname##_##mode(void) { return &cname##_##mode; }
|
||||
|
||||
#define BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, \
|
||||
iv_len, flags, init_key, cleanup, set_asn1, \
|
||||
get_asn1, ctrl) \
|
||||
BLOCK_CIPHER_def1(cname, cbc, cbc, CBC, kstruct, nid, block_size, key_len, \
|
||||
iv_len, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
|
||||
|
||||
#define BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, \
|
||||
iv_len, cbits, flags, init_key, cleanup, \
|
||||
set_asn1, get_asn1, ctrl) \
|
||||
BLOCK_CIPHER_def1(cname, cfb##cbits, cfb##cbits, CFB, kstruct, nid, 1, \
|
||||
key_len, iv_len, flags, init_key, cleanup, set_asn1, \
|
||||
get_asn1, ctrl)
|
||||
|
||||
#define BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, \
|
||||
iv_len, cbits, flags, init_key, cleanup, \
|
||||
set_asn1, get_asn1, ctrl) \
|
||||
BLOCK_CIPHER_def1(cname, ofb##cbits, ofb, OFB, kstruct, nid, 1, \
|
||||
key_len, iv_len, flags, init_key, cleanup, set_asn1, \
|
||||
get_asn1, ctrl)
|
||||
|
||||
#define BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, \
|
||||
flags, init_key, cleanup, set_asn1, \
|
||||
get_asn1, ctrl) \
|
||||
BLOCK_CIPHER_def1(cname, ecb, ecb, ECB, kstruct, nid, block_size, key_len, \
|
||||
0, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
|
||||
|
||||
#define BLOCK_CIPHER_defs(cname, kstruct, \
|
||||
nid, block_size, key_len, iv_len, cbits, flags, \
|
||||
init_key, cleanup, set_asn1, get_asn1, ctrl) \
|
||||
BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, iv_len, flags, \
|
||||
init_key, cleanup, set_asn1, get_asn1, ctrl) \
|
||||
BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, iv_len, cbits, \
|
||||
flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
|
||||
BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, iv_len, cbits, \
|
||||
flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
|
||||
BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, flags, \
|
||||
init_key, cleanup, set_asn1, get_asn1, ctrl)
|
||||
|
||||
/*-
|
||||
#define BLOCK_CIPHER_defs(cname, kstruct, \
|
||||
nid, block_size, key_len, iv_len, flags,\
|
||||
init_key, cleanup, set_asn1, get_asn1, ctrl)\
|
||||
static const EVP_CIPHER cname##_cbc = {\
|
||||
nid##_cbc, block_size, key_len, iv_len, \
|
||||
flags | EVP_CIPH_CBC_MODE,\
|
||||
init_key,\
|
||||
cname##_cbc_cipher,\
|
||||
cleanup,\
|
||||
sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
|
||||
sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
|
||||
set_asn1, get_asn1,\
|
||||
ctrl, \
|
||||
NULL \
|
||||
};\
|
||||
const EVP_CIPHER *EVP_##cname##_cbc(void) { return &cname##_cbc; }\
|
||||
static const EVP_CIPHER cname##_cfb = {\
|
||||
nid##_cfb64, 1, key_len, iv_len, \
|
||||
flags | EVP_CIPH_CFB_MODE,\
|
||||
init_key,\
|
||||
cname##_cfb_cipher,\
|
||||
cleanup,\
|
||||
sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
|
||||
sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
|
||||
set_asn1, get_asn1,\
|
||||
ctrl,\
|
||||
NULL \
|
||||
};\
|
||||
const EVP_CIPHER *EVP_##cname##_cfb(void) { return &cname##_cfb; }\
|
||||
static const EVP_CIPHER cname##_ofb = {\
|
||||
nid##_ofb64, 1, key_len, iv_len, \
|
||||
flags | EVP_CIPH_OFB_MODE,\
|
||||
init_key,\
|
||||
cname##_ofb_cipher,\
|
||||
cleanup,\
|
||||
sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
|
||||
sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
|
||||
set_asn1, get_asn1,\
|
||||
ctrl,\
|
||||
NULL \
|
||||
};\
|
||||
const EVP_CIPHER *EVP_##cname##_ofb(void) { return &cname##_ofb; }\
|
||||
static const EVP_CIPHER cname##_ecb = {\
|
||||
nid##_ecb, block_size, key_len, iv_len, \
|
||||
flags | EVP_CIPH_ECB_MODE,\
|
||||
init_key,\
|
||||
cname##_ecb_cipher,\
|
||||
cleanup,\
|
||||
sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
|
||||
sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
|
||||
set_asn1, get_asn1,\
|
||||
ctrl,\
|
||||
NULL \
|
||||
};\
|
||||
const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; }
|
||||
*/
|
||||
|
||||
#define IMPLEMENT_BLOCK_CIPHER(cname, ksched, cprefix, kstruct, nid, \
|
||||
block_size, key_len, iv_len, cbits, \
|
||||
flags, init_key, \
|
||||
cleanup, set_asn1, get_asn1, ctrl) \
|
||||
BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
|
||||
BLOCK_CIPHER_defs(cname, kstruct, nid, block_size, key_len, iv_len, \
|
||||
cbits, flags, init_key, cleanup, set_asn1, \
|
||||
get_asn1, ctrl)
|
||||
|
||||
#define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len,fl) \
|
||||
BLOCK_CIPHER_func_cfb(cipher##_##keysize,cprefix,cbits,kstruct,ksched) \
|
||||
BLOCK_CIPHER_def_cfb(cipher##_##keysize,kstruct, \
|
||||
NID_##cipher##_##keysize, keysize/8, iv_len, cbits, \
|
||||
(fl)|EVP_CIPH_FLAG_DEFAULT_ASN1, \
|
||||
cipher##_init_key, NULL, NULL, NULL, NULL)
|
||||
|
||||
|
||||
# ifndef OPENSSL_NO_EC
|
||||
|
||||
#define X25519_KEYLEN 32
|
||||
#define X448_KEYLEN 56
|
||||
#define ED448_KEYLEN 57
|
||||
|
||||
#define MAX_KEYLEN ED448_KEYLEN
|
||||
|
||||
typedef struct {
|
||||
unsigned char pubkey[MAX_KEYLEN];
|
||||
unsigned char *privkey;
|
||||
} ECX_KEY;
|
||||
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Type needs to be a bit field Sub-type needs to be for variations on the
|
||||
* method, as in, can it do arbitrary encryption....
|
||||
*/
|
||||
struct evp_pkey_st {
|
||||
int type;
|
||||
int save_type;
|
||||
CRYPTO_REF_COUNT references;
|
||||
const EVP_PKEY_ASN1_METHOD *ameth;
|
||||
ENGINE *engine;
|
||||
ENGINE *pmeth_engine; /* If not NULL public key ENGINE to use */
|
||||
union {
|
||||
void *ptr;
|
||||
# ifndef OPENSSL_NO_RSA
|
||||
struct rsa_st *rsa; /* RSA */
|
||||
# endif
|
||||
# ifndef OPENSSL_NO_DSA
|
||||
struct dsa_st *dsa; /* DSA */
|
||||
# endif
|
||||
# ifndef OPENSSL_NO_DH
|
||||
struct dh_st *dh; /* DH */
|
||||
# endif
|
||||
# ifndef OPENSSL_NO_EC
|
||||
struct ec_key_st *ec; /* ECC */
|
||||
ECX_KEY *ecx; /* X25519, X448, Ed25519, Ed448 */
|
||||
# endif
|
||||
} pkey;
|
||||
int save_parameters;
|
||||
STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
|
||||
CRYPTO_RWLOCK *lock;
|
||||
} /* EVP_PKEY */ ;
|
||||
|
||||
|
||||
void openssl_add_all_ciphers_int(void);
|
||||
void openssl_add_all_digests_int(void);
|
||||
void evp_cleanup_int(void);
|
||||
void evp_app_cleanup_int(void);
|
||||
|
||||
/* Pulling defines out of C source files */
|
||||
|
||||
#define EVP_RC4_KEY_SIZE 16
|
||||
#ifndef TLS1_1_VERSION
|
||||
# define TLS1_1_VERSION 0x0302
|
||||
#endif
|
||||
|
||||
void evp_encode_ctx_set_flags(EVP_ENCODE_CTX *ctx, unsigned int flags);
|
||||
|
||||
/* EVP_ENCODE_CTX flags */
|
||||
/* Don't generate new lines when encoding */
|
||||
#define EVP_ENCODE_CTX_NO_NEWLINES 1
|
||||
/* Use the SRP base64 alphabet instead of the standard one */
|
||||
#define EVP_ENCODE_CTX_USE_SRP_ALPHABET 2
|
@ -1,15 +0,0 @@
|
||||
/*
|
||||
* Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#ifndef INTERNAL_LHASH_H
|
||||
# define INTERNAL_LHASH_H
|
||||
|
||||
unsigned long openssl_lh_strcasehash(const char *);
|
||||
|
||||
#endif
|
@ -1,256 +0,0 @@
|
||||
/*
|
||||
* Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
/*-
|
||||
* This is a generic 32 bit "collector" for message digest algorithms.
|
||||
* Whenever needed it collects input character stream into chunks of
|
||||
* 32 bit values and invokes a block function that performs actual hash
|
||||
* calculations.
|
||||
*
|
||||
* Porting guide.
|
||||
*
|
||||
* Obligatory macros:
|
||||
*
|
||||
* DATA_ORDER_IS_BIG_ENDIAN or DATA_ORDER_IS_LITTLE_ENDIAN
|
||||
* this macro defines byte order of input stream.
|
||||
* HASH_CBLOCK
|
||||
* size of a unit chunk HASH_BLOCK operates on.
|
||||
* HASH_LONG
|
||||
* has to be at least 32 bit wide.
|
||||
* HASH_CTX
|
||||
* context structure that at least contains following
|
||||
* members:
|
||||
* typedef struct {
|
||||
* ...
|
||||
* HASH_LONG Nl,Nh;
|
||||
* either {
|
||||
* HASH_LONG data[HASH_LBLOCK];
|
||||
* unsigned char data[HASH_CBLOCK];
|
||||
* };
|
||||
* unsigned int num;
|
||||
* ...
|
||||
* } HASH_CTX;
|
||||
* data[] vector is expected to be zeroed upon first call to
|
||||
* HASH_UPDATE.
|
||||
* HASH_UPDATE
|
||||
* name of "Update" function, implemented here.
|
||||
* HASH_TRANSFORM
|
||||
* name of "Transform" function, implemented here.
|
||||
* HASH_FINAL
|
||||
* name of "Final" function, implemented here.
|
||||
* HASH_BLOCK_DATA_ORDER
|
||||
* name of "block" function capable of treating *unaligned* input
|
||||
* message in original (data) byte order, implemented externally.
|
||||
* HASH_MAKE_STRING
|
||||
* macro converting context variables to an ASCII hash string.
|
||||
*
|
||||
* MD5 example:
|
||||
*
|
||||
* #define DATA_ORDER_IS_LITTLE_ENDIAN
|
||||
*
|
||||
* #define HASH_LONG MD5_LONG
|
||||
* #define HASH_CTX MD5_CTX
|
||||
* #define HASH_CBLOCK MD5_CBLOCK
|
||||
* #define HASH_UPDATE MD5_Update
|
||||
* #define HASH_TRANSFORM MD5_Transform
|
||||
* #define HASH_FINAL MD5_Final
|
||||
* #define HASH_BLOCK_DATA_ORDER md5_block_data_order
|
||||
*/
|
||||
|
||||
#include <openssl/crypto.h>
|
||||
|
||||
#if !defined(DATA_ORDER_IS_BIG_ENDIAN) && !defined(DATA_ORDER_IS_LITTLE_ENDIAN)
|
||||
# error "DATA_ORDER must be defined!"
|
||||
#endif
|
||||
|
||||
#ifndef HASH_CBLOCK
|
||||
# error "HASH_CBLOCK must be defined!"
|
||||
#endif
|
||||
#ifndef HASH_LONG
|
||||
# error "HASH_LONG must be defined!"
|
||||
#endif
|
||||
#ifndef HASH_CTX
|
||||
# error "HASH_CTX must be defined!"
|
||||
#endif
|
||||
|
||||
#ifndef HASH_UPDATE
|
||||
# error "HASH_UPDATE must be defined!"
|
||||
#endif
|
||||
#ifndef HASH_TRANSFORM
|
||||
# error "HASH_TRANSFORM must be defined!"
|
||||
#endif
|
||||
#ifndef HASH_FINAL
|
||||
# error "HASH_FINAL must be defined!"
|
||||
#endif
|
||||
|
||||
#ifndef HASH_BLOCK_DATA_ORDER
|
||||
# error "HASH_BLOCK_DATA_ORDER must be defined!"
|
||||
#endif
|
||||
|
||||
#define ROTATE(a,n) (((a)<<(n))|(((a)&0xffffffff)>>(32-(n))))
|
||||
|
||||
#if defined(DATA_ORDER_IS_BIG_ENDIAN)
|
||||
|
||||
# define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++)))<<24), \
|
||||
l|=(((unsigned long)(*((c)++)))<<16), \
|
||||
l|=(((unsigned long)(*((c)++)))<< 8), \
|
||||
l|=(((unsigned long)(*((c)++))) ) )
|
||||
# define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \
|
||||
*((c)++)=(unsigned char)(((l)>>16)&0xff), \
|
||||
*((c)++)=(unsigned char)(((l)>> 8)&0xff), \
|
||||
*((c)++)=(unsigned char)(((l) )&0xff), \
|
||||
l)
|
||||
|
||||
#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
|
||||
|
||||
# define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++))) ), \
|
||||
l|=(((unsigned long)(*((c)++)))<< 8), \
|
||||
l|=(((unsigned long)(*((c)++)))<<16), \
|
||||
l|=(((unsigned long)(*((c)++)))<<24) )
|
||||
# define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
|
||||
*((c)++)=(unsigned char)(((l)>> 8)&0xff), \
|
||||
*((c)++)=(unsigned char)(((l)>>16)&0xff), \
|
||||
*((c)++)=(unsigned char)(((l)>>24)&0xff), \
|
||||
l)
|
||||
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Time for some action :-)
|
||||
*/
|
||||
|
||||
int HASH_UPDATE(HASH_CTX *c, const void *data_, size_t len)
|
||||
{
|
||||
const unsigned char *data = data_;
|
||||
unsigned char *p;
|
||||
HASH_LONG l;
|
||||
size_t n;
|
||||
|
||||
if (len == 0)
|
||||
return 1;
|
||||
|
||||
l = (c->Nl + (((HASH_LONG) len) << 3)) & 0xffffffffUL;
|
||||
if (l < c->Nl) /* overflow */
|
||||
c->Nh++;
|
||||
c->Nh += (HASH_LONG) (len >> 29); /* might cause compiler warning on
|
||||
* 16-bit */
|
||||
c->Nl = l;
|
||||
|
||||
n = c->num;
|
||||
if (n != 0) {
|
||||
p = (unsigned char *)c->data;
|
||||
|
||||
if (len >= HASH_CBLOCK || len + n >= HASH_CBLOCK) {
|
||||
memcpy(p + n, data, HASH_CBLOCK - n);
|
||||
HASH_BLOCK_DATA_ORDER(c, p, 1);
|
||||
n = HASH_CBLOCK - n;
|
||||
data += n;
|
||||
len -= n;
|
||||
c->num = 0;
|
||||
/*
|
||||
* We use memset rather than OPENSSL_cleanse() here deliberately.
|
||||
* Using OPENSSL_cleanse() here could be a performance issue. It
|
||||
* will get properly cleansed on finalisation so this isn't a
|
||||
* security problem.
|
||||
*/
|
||||
memset(p, 0, HASH_CBLOCK); /* keep it zeroed */
|
||||
} else {
|
||||
memcpy(p + n, data, len);
|
||||
c->num += (unsigned int)len;
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
|
||||
n = len / HASH_CBLOCK;
|
||||
if (n > 0) {
|
||||
HASH_BLOCK_DATA_ORDER(c, data, n);
|
||||
n *= HASH_CBLOCK;
|
||||
data += n;
|
||||
len -= n;
|
||||
}
|
||||
|
||||
if (len != 0) {
|
||||
p = (unsigned char *)c->data;
|
||||
c->num = (unsigned int)len;
|
||||
memcpy(p, data, len);
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
void HASH_TRANSFORM(HASH_CTX *c, const unsigned char *data)
|
||||
{
|
||||
HASH_BLOCK_DATA_ORDER(c, data, 1);
|
||||
}
|
||||
|
||||
int HASH_FINAL(unsigned char *md, HASH_CTX *c)
|
||||
{
|
||||
unsigned char *p = (unsigned char *)c->data;
|
||||
size_t n = c->num;
|
||||
|
||||
p[n] = 0x80; /* there is always room for one */
|
||||
n++;
|
||||
|
||||
if (n > (HASH_CBLOCK - 8)) {
|
||||
memset(p + n, 0, HASH_CBLOCK - n);
|
||||
n = 0;
|
||||
HASH_BLOCK_DATA_ORDER(c, p, 1);
|
||||
}
|
||||
memset(p + n, 0, HASH_CBLOCK - 8 - n);
|
||||
|
||||
p += HASH_CBLOCK - 8;
|
||||
#if defined(DATA_ORDER_IS_BIG_ENDIAN)
|
||||
(void)HOST_l2c(c->Nh, p);
|
||||
(void)HOST_l2c(c->Nl, p);
|
||||
#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
|
||||
(void)HOST_l2c(c->Nl, p);
|
||||
(void)HOST_l2c(c->Nh, p);
|
||||
#endif
|
||||
p -= HASH_CBLOCK;
|
||||
HASH_BLOCK_DATA_ORDER(c, p, 1);
|
||||
c->num = 0;
|
||||
OPENSSL_cleanse(p, HASH_CBLOCK);
|
||||
|
||||
#ifndef HASH_MAKE_STRING
|
||||
# error "HASH_MAKE_STRING must be defined!"
|
||||
#else
|
||||
HASH_MAKE_STRING(c, md);
|
||||
#endif
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
#ifndef MD32_REG_T
|
||||
# if defined(__alpha) || defined(__sparcv9) || defined(__mips)
|
||||
# define MD32_REG_T long
|
||||
/*
|
||||
* This comment was originally written for MD5, which is why it
|
||||
* discusses A-D. But it basically applies to all 32-bit digests,
|
||||
* which is why it was moved to common header file.
|
||||
*
|
||||
* In case you wonder why A-D are declared as long and not
|
||||
* as MD5_LONG. Doing so results in slight performance
|
||||
* boost on LP64 architectures. The catch is we don't
|
||||
* really care if 32 MSBs of a 64-bit register get polluted
|
||||
* with eventual overflows as we *save* only 32 LSBs in
|
||||
* *either* case. Now declaring 'em long excuses the compiler
|
||||
* from keeping 32 MSBs zeroed resulting in 13% performance
|
||||
* improvement under SPARC Solaris7/64 and 5% under AlphaLinux.
|
||||
* Well, to be honest it should say that this *prevents*
|
||||
* performance degradation.
|
||||
*/
|
||||
# else
|
||||
/*
|
||||
* Above is not absolute and there are LP64 compilers that
|
||||
* generate better code if MD32_REG_T is defined int. The above
|
||||
* pre-processor condition reflects the circumstances under which
|
||||
* the conclusion was made and is subject to further extension.
|
||||
*/
|
||||
# define MD32_REG_T int
|
||||
# endif
|
||||
#endif
|
@ -1,12 +0,0 @@
|
||||
/*
|
||||
* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#include <openssl/objects.h>
|
||||
|
||||
void obj_cleanup_int(void);
|
@ -1,21 +0,0 @@
|
||||
/*
|
||||
* Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#include <stddef.h>
|
||||
|
||||
#define POLY1305_BLOCK_SIZE 16
|
||||
#define POLY1305_DIGEST_SIZE 16
|
||||
#define POLY1305_KEY_SIZE 32
|
||||
|
||||
typedef struct poly1305_context POLY1305;
|
||||
|
||||
size_t Poly1305_ctx_size(void);
|
||||
void Poly1305_Init(POLY1305 *ctx, const unsigned char key[32]);
|
||||
void Poly1305_Update(POLY1305 *ctx, const unsigned char *inp, size_t len);
|
||||
void Poly1305_Final(POLY1305 *ctx, unsigned char mac[16]);
|
@ -1,134 +0,0 @@
|
||||
/*
|
||||
* Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
/*
|
||||
* Licensed under the OpenSSL licenses, (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
* https://www.openssl.org/source/license.html
|
||||
* or in the file LICENSE in the source distribution.
|
||||
*/
|
||||
|
||||
#ifndef HEADER_RAND_INT_H
|
||||
# define HEADER_RAND_INT_H
|
||||
|
||||
# include <openssl/rand.h>
|
||||
|
||||
/* forward declaration */
|
||||
typedef struct rand_pool_st RAND_POOL;
|
||||
|
||||
void rand_cleanup_int(void);
|
||||
void rand_drbg_cleanup_int(void);
|
||||
void drbg_delete_thread_state(void);
|
||||
|
||||
/* Hardware-based seeding functions. */
|
||||
size_t rand_acquire_entropy_from_tsc(RAND_POOL *pool);
|
||||
size_t rand_acquire_entropy_from_cpu(RAND_POOL *pool);
|
||||
|
||||
/* DRBG entropy callbacks. */
|
||||
size_t rand_drbg_get_entropy(RAND_DRBG *drbg,
|
||||
unsigned char **pout,
|
||||
int entropy, size_t min_len, size_t max_len,
|
||||
int prediction_resistance);
|
||||
void rand_drbg_cleanup_entropy(RAND_DRBG *drbg,
|
||||
unsigned char *out, size_t outlen);
|
||||
size_t rand_drbg_get_nonce(RAND_DRBG *drbg,
|
||||
unsigned char **pout,
|
||||
int entropy, size_t min_len, size_t max_len);
|
||||
void rand_drbg_cleanup_nonce(RAND_DRBG *drbg,
|
||||
unsigned char *out, size_t outlen);
|
||||
|
||||
size_t rand_drbg_get_additional_data(RAND_POOL *pool, unsigned char **pout);
|
||||
|
||||
void rand_drbg_cleanup_additional_data(RAND_POOL *pool, unsigned char *out);
|
||||
|
||||
/*
|
||||
* RAND_POOL functions
|
||||
*/
|
||||
RAND_POOL *rand_pool_new(int entropy_requested, int secure,
|
||||
size_t min_len, size_t max_len);
|
||||
RAND_POOL *rand_pool_attach(const unsigned char *buffer, size_t len,
|
||||
size_t entropy);
|
||||
void rand_pool_free(RAND_POOL *pool);
|
||||
|
||||
const unsigned char *rand_pool_buffer(RAND_POOL *pool);
|
||||
unsigned char *rand_pool_detach(RAND_POOL *pool);
|
||||
void rand_pool_reattach(RAND_POOL *pool, unsigned char *buffer);
|
||||
|
||||
size_t rand_pool_entropy(RAND_POOL *pool);
|
||||
size_t rand_pool_length(RAND_POOL *pool);
|
||||
|
||||
size_t rand_pool_entropy_available(RAND_POOL *pool);
|
||||
size_t rand_pool_entropy_needed(RAND_POOL *pool);
|
||||
/* |entropy_factor| expresses how many bits of data contain 1 bit of entropy */
|
||||
size_t rand_pool_bytes_needed(RAND_POOL *pool, unsigned int entropy_factor);
|
||||
size_t rand_pool_bytes_remaining(RAND_POOL *pool);
|
||||
|
||||
int rand_pool_add(RAND_POOL *pool,
|
||||
const unsigned char *buffer, size_t len, size_t entropy);
|
||||
unsigned char *rand_pool_add_begin(RAND_POOL *pool, size_t len);
|
||||
int rand_pool_add_end(RAND_POOL *pool, size_t len, size_t entropy);
|
||||
|
||||
|
||||
/*
|
||||
* Add random bytes to the pool to acquire requested amount of entropy
|
||||
*
|
||||
* This function is platform specific and tries to acquire the requested
|
||||
* amount of entropy by polling platform specific entropy sources.
|
||||
*
|
||||
* If the function succeeds in acquiring at least |entropy_requested| bits
|
||||
* of entropy, the total entropy count is returned. If it fails, it returns
|
||||
* an entropy count of 0.
|
||||
*/
|
||||
size_t rand_pool_acquire_entropy(RAND_POOL *pool);
|
||||
|
||||
/*
|
||||
* Add some application specific nonce data
|
||||
*
|
||||
* This function is platform specific and adds some application specific
|
||||
* data to the nonce used for instantiating the drbg.
|
||||
*
|
||||
* This data currently consists of the process and thread id, and a high
|
||||
* resolution timestamp. The data does not include an atomic counter,
|
||||
* because that is added by the calling function rand_drbg_get_nonce().
|
||||
*
|
||||
* Returns 1 on success and 0 on failure.
|
||||
*/
|
||||
int rand_pool_add_nonce_data(RAND_POOL *pool);
|
||||
|
||||
|
||||
/*
|
||||
* Add some platform specific additional data
|
||||
*
|
||||
* This function is platform specific and adds some random noise to the
|
||||
* additional data used for generating random bytes and for reseeding
|
||||
* the drbg.
|
||||
*
|
||||
* Returns 1 on success and 0 on failure.
|
||||
*/
|
||||
int rand_pool_add_additional_data(RAND_POOL *pool);
|
||||
|
||||
/*
|
||||
* Initialise the random pool reseeding sources.
|
||||
*
|
||||
* Returns 1 on success and 0 on failure.
|
||||
*/
|
||||
int rand_pool_init(void);
|
||||
|
||||
/*
|
||||
* Finalise the random pool reseeding sources.
|
||||
*/
|
||||
void rand_pool_cleanup(void);
|
||||
|
||||
/*
|
||||
* Control the random pool use of open file descriptors.
|
||||
*/
|
||||
void rand_pool_keep_random_devices_open(int keep);
|
||||
|
||||
#endif
|
@ -1,19 +0,0 @@
|
||||
/*
|
||||
* Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#ifndef HEADER_INTERNAL_SHA_H
|
||||
# define HEADER_INTERNAL_SHA_H
|
||||
|
||||
# include <openssl/opensslconf.h>
|
||||
|
||||
int sha512_224_init(SHA512_CTX *);
|
||||
int sha512_256_init(SHA512_CTX *);
|
||||
|
||||
#endif
|
@ -1,25 +0,0 @@
|
||||
/*
|
||||
* Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#include <stddef.h>
|
||||
|
||||
#define SIPHASH_BLOCK_SIZE 8
|
||||
#define SIPHASH_KEY_SIZE 16
|
||||
#define SIPHASH_MIN_DIGEST_SIZE 8
|
||||
#define SIPHASH_MAX_DIGEST_SIZE 16
|
||||
|
||||
typedef struct siphash_st SIPHASH;
|
||||
|
||||
size_t SipHash_ctx_size(void);
|
||||
size_t SipHash_hash_size(SIPHASH *ctx);
|
||||
int SipHash_set_hash_size(SIPHASH *ctx, size_t hash_size);
|
||||
int SipHash_Init(SIPHASH *ctx, const unsigned char *k,
|
||||
int crounds, int drounds);
|
||||
void SipHash_Update(SIPHASH *ctx, const unsigned char *in, size_t inlen);
|
||||
int SipHash_Final(SIPHASH *ctx, unsigned char *out, size_t outlen);
|
@ -1,78 +0,0 @@
|
||||
/*
|
||||
* Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2017 Ribose Inc. All Rights Reserved.
|
||||
* Ported from Ribose contributions from Botan.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#ifndef HEADER_SM2_H
|
||||
# define HEADER_SM2_H
|
||||
# include <openssl/opensslconf.h>
|
||||
|
||||
# ifndef OPENSSL_NO_SM2
|
||||
|
||||
# include <openssl/ec.h>
|
||||
|
||||
/* The default user id as specified in GM/T 0009-2012 */
|
||||
# define SM2_DEFAULT_USERID "1234567812345678"
|
||||
|
||||
int sm2_compute_z_digest(uint8_t *out,
|
||||
const EVP_MD *digest,
|
||||
const uint8_t *id,
|
||||
const size_t id_len,
|
||||
const EC_KEY *key);
|
||||
|
||||
/*
|
||||
* SM2 signature operation. Computes Z and then signs H(Z || msg) using SM2
|
||||
*/
|
||||
ECDSA_SIG *sm2_do_sign(const EC_KEY *key,
|
||||
const EVP_MD *digest,
|
||||
const uint8_t *id,
|
||||
const size_t id_len,
|
||||
const uint8_t *msg, size_t msg_len);
|
||||
|
||||
int sm2_do_verify(const EC_KEY *key,
|
||||
const EVP_MD *digest,
|
||||
const ECDSA_SIG *signature,
|
||||
const uint8_t *id,
|
||||
const size_t id_len,
|
||||
const uint8_t *msg, size_t msg_len);
|
||||
|
||||
/*
|
||||
* SM2 signature generation.
|
||||
*/
|
||||
int sm2_sign(const unsigned char *dgst, int dgstlen,
|
||||
unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
|
||||
|
||||
/*
|
||||
* SM2 signature verification.
|
||||
*/
|
||||
int sm2_verify(const unsigned char *dgst, int dgstlen,
|
||||
const unsigned char *sig, int siglen, EC_KEY *eckey);
|
||||
|
||||
/*
|
||||
* SM2 encryption
|
||||
*/
|
||||
int sm2_ciphertext_size(const EC_KEY *key, const EVP_MD *digest, size_t msg_len,
|
||||
size_t *ct_size);
|
||||
|
||||
int sm2_plaintext_size(const EC_KEY *key, const EVP_MD *digest, size_t msg_len,
|
||||
size_t *pt_size);
|
||||
|
||||
int sm2_encrypt(const EC_KEY *key,
|
||||
const EVP_MD *digest,
|
||||
const uint8_t *msg,
|
||||
size_t msg_len,
|
||||
uint8_t *ciphertext_buf, size_t *ciphertext_len);
|
||||
|
||||
int sm2_decrypt(const EC_KEY *key,
|
||||
const EVP_MD *digest,
|
||||
const uint8_t *ciphertext,
|
||||
size_t ciphertext_len, uint8_t *ptext_buf, size_t *ptext_len);
|
||||
|
||||
# endif /* OPENSSL_NO_SM2 */
|
||||
#endif
|
@ -1,65 +0,0 @@
|
||||
/*
|
||||
* Generated by util/mkerr.pl DO NOT EDIT
|
||||
* Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#ifndef HEADER_SM2ERR_H
|
||||
# define HEADER_SM2ERR_H
|
||||
|
||||
# ifndef HEADER_SYMHACKS_H
|
||||
# include <openssl/symhacks.h>
|
||||
# endif
|
||||
|
||||
# include <openssl/opensslconf.h>
|
||||
|
||||
# ifndef OPENSSL_NO_SM2
|
||||
|
||||
# ifdef __cplusplus
|
||||
extern "C"
|
||||
# endif
|
||||
int ERR_load_SM2_strings(void);
|
||||
|
||||
/*
|
||||
* SM2 function codes.
|
||||
*/
|
||||
# define SM2_F_PKEY_SM2_COPY 115
|
||||
# define SM2_F_PKEY_SM2_CTRL 109
|
||||
# define SM2_F_PKEY_SM2_CTRL_STR 110
|
||||
# define SM2_F_PKEY_SM2_DIGEST_CUSTOM 114
|
||||
# define SM2_F_PKEY_SM2_INIT 111
|
||||
# define SM2_F_PKEY_SM2_SIGN 112
|
||||
# define SM2_F_SM2_COMPUTE_MSG_HASH 100
|
||||
# define SM2_F_SM2_COMPUTE_USERID_DIGEST 101
|
||||
# define SM2_F_SM2_COMPUTE_Z_DIGEST 113
|
||||
# define SM2_F_SM2_DECRYPT 102
|
||||
# define SM2_F_SM2_ENCRYPT 103
|
||||
# define SM2_F_SM2_PLAINTEXT_SIZE 104
|
||||
# define SM2_F_SM2_SIGN 105
|
||||
# define SM2_F_SM2_SIG_GEN 106
|
||||
# define SM2_F_SM2_SIG_VERIFY 107
|
||||
# define SM2_F_SM2_VERIFY 108
|
||||
|
||||
/*
|
||||
* SM2 reason codes.
|
||||
*/
|
||||
# define SM2_R_ASN1_ERROR 100
|
||||
# define SM2_R_BAD_SIGNATURE 101
|
||||
# define SM2_R_BUFFER_TOO_SMALL 107
|
||||
# define SM2_R_DIST_ID_TOO_LARGE 110
|
||||
# define SM2_R_ID_NOT_SET 112
|
||||
# define SM2_R_ID_TOO_LARGE 111
|
||||
# define SM2_R_INVALID_CURVE 108
|
||||
# define SM2_R_INVALID_DIGEST 102
|
||||
# define SM2_R_INVALID_DIGEST_TYPE 103
|
||||
# define SM2_R_INVALID_ENCODING 104
|
||||
# define SM2_R_INVALID_FIELD 105
|
||||
# define SM2_R_NO_PARAMETERS_SET 109
|
||||
# define SM2_R_USER_ID_TOO_LARGE 106
|
||||
|
||||
# endif
|
||||
#endif
|
@ -1,39 +0,0 @@
|
||||
/*
|
||||
* Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2017 Ribose Inc. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#ifndef HEADER_SM3_H
|
||||
# define HEADER_SM3_H
|
||||
|
||||
# include <openssl/opensslconf.h>
|
||||
|
||||
# ifdef OPENSSL_NO_SM3
|
||||
# error SM3 is disabled.
|
||||
# endif
|
||||
|
||||
# define SM3_DIGEST_LENGTH 32
|
||||
# define SM3_WORD unsigned int
|
||||
|
||||
# define SM3_CBLOCK 64
|
||||
# define SM3_LBLOCK (SM3_CBLOCK/4)
|
||||
|
||||
typedef struct SM3state_st {
|
||||
SM3_WORD A, B, C, D, E, F, G, H;
|
||||
SM3_WORD Nl, Nh;
|
||||
SM3_WORD data[SM3_LBLOCK];
|
||||
unsigned int num;
|
||||
} SM3_CTX;
|
||||
|
||||
int sm3_init(SM3_CTX *c);
|
||||
int sm3_update(SM3_CTX *c, const void *data, size_t len);
|
||||
int sm3_final(unsigned char *md, SM3_CTX *c);
|
||||
|
||||
void sm3_block_data_order(SM3_CTX *c, const void *p, size_t num);
|
||||
|
||||
#endif
|
@ -1,37 +0,0 @@
|
||||
/*
|
||||
* Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
|
||||
* Copyright 2017 Ribose Inc. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#ifndef HEADER_SM4_H
|
||||
# define HEADER_SM4_H
|
||||
|
||||
# include <openssl/opensslconf.h>
|
||||
# include <openssl/e_os2.h>
|
||||
|
||||
# ifdef OPENSSL_NO_SM4
|
||||
# error SM4 is disabled.
|
||||
# endif
|
||||
|
||||
# define SM4_ENCRYPT 1
|
||||
# define SM4_DECRYPT 0
|
||||
|
||||
# define SM4_BLOCK_SIZE 16
|
||||
# define SM4_KEY_SCHEDULE 32
|
||||
|
||||
typedef struct SM4_KEY_st {
|
||||
uint32_t rk[SM4_KEY_SCHEDULE];
|
||||
} SM4_KEY;
|
||||
|
||||
int SM4_set_key(const uint8_t *key, SM4_KEY *ks);
|
||||
|
||||
void SM4_encrypt(const uint8_t *in, uint8_t *out, const SM4_KEY *ks);
|
||||
|
||||
void SM4_decrypt(const uint8_t *in, uint8_t *out, const SM4_KEY *ks);
|
||||
|
||||
#endif
|
@ -1,10 +0,0 @@
|
||||
/*
|
||||
* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
void ossl_store_cleanup_int(void);
|
@ -1,26 +0,0 @@
|
||||
/*
|
||||
* Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#ifndef HEADER_STORE_INT_H
|
||||
# define HEADER_STORE_INT_H
|
||||
|
||||
# include <openssl/bio.h>
|
||||
# include <openssl/store.h>
|
||||
# include <openssl/ui.h>
|
||||
|
||||
/*
|
||||
* Two functions to read PEM data off an already opened BIO. To be used
|
||||
* instead of OSSLSTORE_open() and OSSLSTORE_close(). Everything is done
|
||||
* as usual with OSSLSTORE_load() and OSSLSTORE_eof().
|
||||
*/
|
||||
OSSL_STORE_CTX *ossl_store_attach_pem_bio(BIO *bp, const UI_METHOD *ui_method,
|
||||
void *ui_data);
|
||||
int ossl_store_detach_pem_bio(OSSL_STORE_CTX *ctx);
|
||||
|
||||
#endif
|
@ -1,286 +0,0 @@
|
||||
/*
|
||||
* Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the OpenSSL license (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#include "internal/refcount.h"
|
||||
|
||||
/* Internal X509 structures and functions: not for application use */
|
||||
|
||||
/* Note: unless otherwise stated a field pointer is mandatory and should
|
||||
* never be set to NULL: the ASN.1 code and accessors rely on mandatory
|
||||
* fields never being NULL.
|
||||
*/
|
||||
|
||||
/*
|
||||
* name entry structure, equivalent to AttributeTypeAndValue defined
|
||||
* in RFC5280 et al.
|
||||
*/
|
||||
struct X509_name_entry_st {
|
||||
ASN1_OBJECT *object; /* AttributeType */
|
||||
ASN1_STRING *value; /* AttributeValue */
|
||||
int set; /* index of RDNSequence for this entry */
|
||||
int size; /* temp variable */
|
||||
};
|
||||
|
||||
/* Name from RFC 5280. */
|
||||
struct X509_name_st {
|
||||
STACK_OF(X509_NAME_ENTRY) *entries; /* DN components */
|
||||
int modified; /* true if 'bytes' needs to be built */
|
||||
BUF_MEM *bytes; /* cached encoding: cannot be NULL */
|
||||
/* canonical encoding used for rapid Name comparison */
|
||||
unsigned char *canon_enc;
|
||||
int canon_enclen;
|
||||
} /* X509_NAME */ ;
|
||||
|
||||
/* Signature info structure */
|
||||
|
||||
struct x509_sig_info_st {
|
||||
/* NID of message digest */
|
||||
int mdnid;
|
||||
/* NID of public key algorithm */
|
||||
int pknid;
|
||||
/* Security bits */
|
||||
int secbits;
|
||||
/* Various flags */
|
||||
uint32_t flags;
|
||||
};
|
||||
|
||||
/* PKCS#10 certificate request */
|
||||
|
||||
struct X509_req_info_st {
|
||||
ASN1_ENCODING enc; /* cached encoding of signed part */
|
||||
ASN1_INTEGER *version; /* version, defaults to v1(0) so can be NULL */
|
||||
X509_NAME *subject; /* certificate request DN */
|
||||
X509_PUBKEY *pubkey; /* public key of request */
|
||||
/*
|
||||
* Zero or more attributes.
|
||||
* NB: although attributes is a mandatory field some broken
|
||||
* encodings omit it so this may be NULL in that case.
|
||||
*/
|
||||
STACK_OF(X509_ATTRIBUTE) *attributes;
|
||||
};
|
||||
|
||||
struct X509_req_st {
|
||||
X509_REQ_INFO req_info; /* signed certificate request data */
|
||||
X509_ALGOR sig_alg; /* signature algorithm */
|
||||
ASN1_BIT_STRING *signature; /* signature */
|
||||
CRYPTO_REF_COUNT references;
|
||||
CRYPTO_RWLOCK *lock;
|
||||
};
|
||||
|
||||
struct X509_crl_info_st {
|
||||
ASN1_INTEGER *version; /* version: defaults to v1(0) so may be NULL */
|
||||
X509_ALGOR sig_alg; /* signature algorithm */
|
||||
X509_NAME *issuer; /* CRL issuer name */
|
||||
ASN1_TIME *lastUpdate; /* lastUpdate field */
|
||||
ASN1_TIME *nextUpdate; /* nextUpdate field: optional */
|
||||
STACK_OF(X509_REVOKED) *revoked; /* revoked entries: optional */
|
||||
STACK_OF(X509_EXTENSION) *extensions; /* extensions: optional */
|
||||
ASN1_ENCODING enc; /* encoding of signed portion of CRL */
|
||||
};
|
||||
|
||||
struct X509_crl_st {
|
||||
X509_CRL_INFO crl; /* signed CRL data */
|
||||
X509_ALGOR sig_alg; /* CRL signature algorithm */
|
||||
ASN1_BIT_STRING signature; /* CRL signature */
|
||||
CRYPTO_REF_COUNT references;
|
||||
int flags;
|
||||
/*
|
||||
* Cached copies of decoded extension values, since extensions
|
||||
* are optional any of these can be NULL.
|
||||
*/
|
||||
AUTHORITY_KEYID *akid;
|
||||
ISSUING_DIST_POINT *idp;
|
||||
/* Convenient breakdown of IDP */
|
||||
int idp_flags;
|
||||
int idp_reasons;
|
||||
/* CRL and base CRL numbers for delta processing */
|
||||
ASN1_INTEGER *crl_number;
|
||||
ASN1_INTEGER *base_crl_number;
|
||||
STACK_OF(GENERAL_NAMES) *issuers;
|
||||
/* hash of CRL */
|
||||
unsigned char sha1_hash[SHA_DIGEST_LENGTH];
|
||||
/* alternative method to handle this CRL */
|
||||
const X509_CRL_METHOD *meth;
|
||||
void *meth_data;
|
||||
CRYPTO_RWLOCK *lock;
|
||||
};
|
||||
|
||||
struct x509_revoked_st {
|
||||
ASN1_INTEGER serialNumber; /* revoked entry serial number */
|
||||
ASN1_TIME *revocationDate; /* revocation date */
|
||||
STACK_OF(X509_EXTENSION) *extensions; /* CRL entry extensions: optional */
|
||||
/* decoded value of CRLissuer extension: set if indirect CRL */
|
||||
STACK_OF(GENERAL_NAME) *issuer;
|
||||
/* revocation reason: set to CRL_REASON_NONE if reason extension absent */
|
||||
int reason;
|
||||
/*
|
||||
* CRL entries are reordered for faster lookup of serial numbers. This
|
||||
* field contains the original load sequence for this entry.
|
||||
*/
|
||||
int sequence;
|
||||
};
|
||||
|
||||
/*
|
||||
* This stuff is certificate "auxiliary info": it contains details which are
|
||||
* useful in certificate stores and databases. When used this is tagged onto
|
||||
* the end of the certificate itself. OpenSSL specific structure not defined
|
||||
* in any RFC.
|
||||
*/
|
||||
|
||||
struct x509_cert_aux_st {
|
||||
STACK_OF(ASN1_OBJECT) *trust; /* trusted uses */
|
||||
STACK_OF(ASN1_OBJECT) *reject; /* rejected uses */
|
||||
ASN1_UTF8STRING *alias; /* "friendly name" */
|
||||
ASN1_OCTET_STRING *keyid; /* key id of private key */
|
||||
STACK_OF(X509_ALGOR) *other; /* other unspecified info */
|
||||
};
|
||||
|
||||
struct x509_cinf_st {
|
||||
ASN1_INTEGER *version; /* [ 0 ] default of v1 */
|
||||
ASN1_INTEGER serialNumber;
|
||||
X509_ALGOR signature;
|
||||
X509_NAME *issuer;
|
||||
X509_VAL validity;
|
||||
X509_NAME *subject;
|
||||
X509_PUBKEY *key;
|
||||
ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */
|
||||
ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */
|
||||
STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */
|
||||
ASN1_ENCODING enc;
|
||||
};
|
||||
|
||||
struct x509_st {
|
||||
X509_CINF cert_info;
|
||||
X509_ALGOR sig_alg;
|
||||
ASN1_BIT_STRING signature;
|
||||
X509_SIG_INFO siginf;
|
||||
CRYPTO_REF_COUNT references;
|
||||
CRYPTO_EX_DATA ex_data;
|
||||
/* These contain copies of various extension values */
|
||||
long ex_pathlen;
|
||||
long ex_pcpathlen;
|
||||
uint32_t ex_flags;
|
||||
uint32_t ex_kusage;
|
||||
uint32_t ex_xkusage;
|
||||
uint32_t ex_nscert;
|
||||
ASN1_OCTET_STRING *skid;
|
||||
AUTHORITY_KEYID *akid;
|
||||
X509_POLICY_CACHE *policy_cache;
|
||||
STACK_OF(DIST_POINT) *crldp;
|
||||
STACK_OF(GENERAL_NAME) *altname;
|
||||
NAME_CONSTRAINTS *nc;
|
||||
#ifndef OPENSSL_NO_RFC3779
|
||||
STACK_OF(IPAddressFamily) *rfc3779_addr;
|
||||
struct ASIdentifiers_st *rfc3779_asid;
|
||||
# endif
|
||||
unsigned char sha1_hash[SHA_DIGEST_LENGTH];
|
||||
X509_CERT_AUX *aux;
|
||||
CRYPTO_RWLOCK *lock;
|
||||
volatile int ex_cached;
|
||||
} /* X509 */ ;
|
||||
|
||||
/*
|
||||
* This is a used when verifying cert chains. Since the gathering of the
|
||||
* cert chain can take some time (and have to be 'retried', this needs to be
|
||||
* kept and passed around.
|
||||
*/
|
||||
struct x509_store_ctx_st { /* X509_STORE_CTX */
|
||||
X509_STORE *ctx;
|
||||
/* The following are set by the caller */
|
||||
/* The cert to check */
|
||||
X509 *cert;
|
||||
/* chain of X509s - untrusted - passed in */
|
||||
STACK_OF(X509) *untrusted;
|
||||
/* set of CRLs passed in */
|
||||
STACK_OF(X509_CRL) *crls;
|
||||
X509_VERIFY_PARAM *param;
|
||||
/* Other info for use with get_issuer() */
|
||||
void *other_ctx;
|
||||
/* Callbacks for various operations */
|
||||
/* called to verify a certificate */
|
||||
int (*verify) (X509_STORE_CTX *ctx);
|
||||
/* error callback */
|
||||
int (*verify_cb) (int ok, X509_STORE_CTX *ctx);
|
||||
/* get issuers cert from ctx */
|
||||
int (*get_issuer) (X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
|
||||
/* check issued */
|
||||
int (*check_issued) (X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
|
||||
/* Check revocation status of chain */
|
||||
int (*check_revocation) (X509_STORE_CTX *ctx);
|
||||
/* retrieve CRL */
|
||||
int (*get_crl) (X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x);
|
||||
/* Check CRL validity */
|
||||
int (*check_crl) (X509_STORE_CTX *ctx, X509_CRL *crl);
|
||||
/* Check certificate against CRL */
|
||||
int (*cert_crl) (X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x);
|
||||
/* Check policy status of the chain */
|
||||
int (*check_policy) (X509_STORE_CTX *ctx);
|
||||
STACK_OF(X509) *(*lookup_certs) (X509_STORE_CTX *ctx, X509_NAME *nm);
|
||||
STACK_OF(X509_CRL) *(*lookup_crls) (X509_STORE_CTX *ctx, X509_NAME *nm);
|
||||
int (*cleanup) (X509_STORE_CTX *ctx);
|
||||
/* The following is built up */
|
||||
/* if 0, rebuild chain */
|
||||
int valid;
|
||||
/* number of untrusted certs */
|
||||
int num_untrusted;
|
||||
/* chain of X509s - built up and trusted */
|
||||
STACK_OF(X509) *chain;
|
||||
/* Valid policy tree */
|
||||
X509_POLICY_TREE *tree;
|
||||
/* Require explicit policy value */
|
||||
int explicit_policy;
|
||||
/* When something goes wrong, this is why */
|
||||
int error_depth;
|
||||
int error;
|
||||
X509 *current_cert;
|
||||
/* cert currently being tested as valid issuer */
|
||||
X509 *current_issuer;
|
||||
/* current CRL */
|
||||
X509_CRL *current_crl;
|
||||
/* score of current CRL */
|
||||
int current_crl_score;
|
||||
/* Reason mask */
|
||||
unsigned int current_reasons;
|
||||
/* For CRL path validation: parent context */
|
||||
X509_STORE_CTX *parent;
|
||||
CRYPTO_EX_DATA ex_data;
|
||||
SSL_DANE *dane;
|
||||
/* signed via bare TA public key, rather than CA certificate */
|
||||
int bare_ta_signed;
|
||||
};
|
||||
|
||||
/* PKCS#8 private key info structure */
|
||||
|
||||
struct pkcs8_priv_key_info_st {
|
||||
ASN1_INTEGER *version;
|
||||
X509_ALGOR *pkeyalg;
|
||||
ASN1_OCTET_STRING *pkey;
|
||||
STACK_OF(X509_ATTRIBUTE) *attributes;
|
||||
};
|
||||
|
||||
struct X509_sig_st {
|
||||
X509_ALGOR *algor;
|
||||
ASN1_OCTET_STRING *digest;
|
||||
};
|
||||
|
||||
struct x509_object_st {
|
||||
/* one of the above types */
|
||||
X509_LOOKUP_TYPE type;
|
||||
union {
|
||||
char *ptr;
|
||||
X509 *x509;
|
||||
X509_CRL *crl;
|
||||
EVP_PKEY *pkey;
|
||||
} data;
|
||||
};
|
||||
|
||||
int a2i_ipadd(unsigned char *ipout, const char *ipasc);
|
||||
int x509_set1_time(ASN1_TIME **ptm, const ASN1_TIME *tm);
|
||||
|
||||
void x509_init_sig_info(X509 *x);
|
@ -10,7 +10,6 @@ LCRYPTO_SRC= ${SRCTOP}/crypto/openssl
|
||||
LCRYPTO_DOC= ${LCRYPTO_SRC}/doc
|
||||
|
||||
CFLAGS+= -I${LCRYPTO_SRC}
|
||||
CFLAGS+= -I${LCRYPTO_SRC}/crypto/include
|
||||
CFLAGS+= -I${LCRYPTO_SRC}/include
|
||||
|
||||
.include <bsd.endian.mk>
|
||||
|
Loading…
Reference in New Issue
Block a user