diff options
| author | Eduardo Chappa <chappa@washington.edu> | 2020-06-30 21:37:14 -0600 |
|---|---|---|
| committer | Eduardo Chappa <chappa@washington.edu> | 2020-06-30 21:37:14 -0600 |
| commit | fd6fa417350dff2ae92fdf95d34896240913f2e0 (patch) | |
| tree | 4470b74ee0e4ee2671b73f25e06017da92fa32b1 | |
| parent | 0f82bbd666184a005a35341db8c51575e7212850 (diff) | |
| download | alpine-fd6fa417350dff2ae92fdf95d34896240913f2e0.tar.xz | |
* Attempt to move the compilation of PC-Alpine to using openssl.
Currently only the WNT port works. The WXP port will stay in
LibreSSL, and I still need to test if the W32 port will stay with
OpenSSL or LibreSSL.
295 files changed, 37799 insertions, 33663 deletions
diff --git a/alpine/DLL/README b/alpine/DLL/README index 2bde1fab..96395d05 100644 --- a/alpine/DLL/README +++ b/alpine/DLL/README @@ -1,6 +1,5 @@ This directory is populated by the build.bat script. * wxp comes from libressl, and can run 32 bits version in Alpine. -* w32 is equal to wxp, but it is intended to be different from it, - and useful for other 32 bits operating systems -* wnt was compiled with cygwin 64 bits. +* openssl was compiled using "perl Configure VC-WIN32", and it is + useful for w32 and wnt. diff --git a/alpine/DLL/openssl/libcrypto-3.dll b/alpine/DLL/openssl/libcrypto-3.dll Binary files differnew file mode 100644 index 00000000..55224032 --- /dev/null +++ b/alpine/DLL/openssl/libcrypto-3.dll diff --git a/alpine/DLL/openssl/libssl-3.dll b/alpine/DLL/openssl/libssl-3.dll Binary files differnew file mode 100644 index 00000000..582b8fad --- /dev/null +++ b/alpine/DLL/openssl/libssl-3.dll diff --git a/alpine/DLL/w32/libcrypto-41.dll b/alpine/DLL/w32/libcrypto-41.dll Binary files differdeleted file mode 100644 index 7c7f328f..00000000 --- a/alpine/DLL/w32/libcrypto-41.dll +++ /dev/null diff --git a/alpine/DLL/w32/libssl-43.dll b/alpine/DLL/w32/libssl-43.dll Binary files differdeleted file mode 100644 index 369fe403..00000000 --- a/alpine/DLL/w32/libssl-43.dll +++ /dev/null diff --git a/alpine/DLL/w32/libtls-15.dll b/alpine/DLL/w32/libtls-15.dll Binary files differdeleted file mode 100644 index 3dd9450c..00000000 --- a/alpine/DLL/w32/libtls-15.dll +++ /dev/null diff --git a/alpine/DLL/wnt/libcrypto-45.dll b/alpine/DLL/wnt/libcrypto-45.dll Binary files differdeleted file mode 100644 index b644579b..00000000 --- a/alpine/DLL/wnt/libcrypto-45.dll +++ /dev/null diff --git a/alpine/DLL/wnt/libssl-47.dll b/alpine/DLL/wnt/libssl-47.dll Binary files differdeleted file mode 100644 index 6aad166c..00000000 --- a/alpine/DLL/wnt/libssl-47.dll +++ /dev/null diff --git a/alpine/DLL/wnt/libtls-19.dll b/alpine/DLL/wnt/libtls-19.dll Binary files differdeleted file mode 100644 index bbbb6c34..00000000 --- a/alpine/DLL/wnt/libtls-19.dll +++ /dev/null @@ -13,9 +13,12 @@ rem ======================================================================== rem These are the default values, which we might override below rem by setting them to older versions -set CRYPTO_VERSION=45 -set SSL_VERSION=47 -set TLS_VERSION=19 + +rem Default flags. These are in effect when openssl and libressl are disabled. +set MESSAGE=Not including OPENSSL or LIBRESSL support +set sslflags= +set ssllibes= +set sslextralibes="crypt32.lib" if "%1"=="" goto blank if "%1"=="wnt" goto wnt @@ -38,38 +41,44 @@ echo clean -- to remove obj, lib, and exe files from source goto fini :wxp +if not defined ALPINE_LIBRESSL set ALPINE_LIBRESSL=%cd%\libressl +if NOT exist "%ALPINE_LIBRESSL%" goto wntbuild +set MESSAGE=including LIBRESSL support set CRYPTO_VERSION=41 set SSL_VERSION=43 set TLS_VERSION=15 -set BIT=32 set windows32build=-DWXPBUILD -D__MINGW_USE_VC2005_COMPAT +set sslflags=-I\"%ALPINE_LIBRESSL%\"\include -I\"%ALPINE_LIBRESSL%\"\include\openssl -DENABLE_WINDOWS_UNIXSSL +set ssllibes=\"%ALPINE_LIBRESSL%\"\x86\libcrypto-%CRYPTO_VERSION%.lib \"%ALPINE_LIBRESSL%\"\x86\libssl-%SSL_VERSION%.lib \"%ALPINE_LIBRESSL%\"\x86\libtls-%TLS_VERSION%.lib +set sslextralibes= goto wntbuild :w32 -rem this port uses the default values for libcrypto and friends. -set BIT=32 +if not defined ALPINE_OPENSSL set ALPINE_OPENSSL=%cd%\openssl +if NOT exist "%ALPINE_OPENSSL%" goto wntbuild +set MESSAGE=including OPENSSL support set windows32build=-DW32BITSBUILD -D__MINGW_USE_VC2005_COMPAT +set sslflags=-I\"%ALPINE_OPENSSL%\"\include\ -I\"%ALPINE_OPENSSL%\"\include\openssl -DENABLE_WINDOWS_UNIXSSL -DOPENSSL_1_1_0 +set ssllibes=\"%ALPINE_OPENSSL%\"\lib\libcrypto.lib \"%ALPINE_OPENSSL%\"\lib\libssl.lib +set sslextralibes= goto wntbuild + :wnt -rem this port uses the default values for libcrypto and friends. -set BIT=64 +if not defined ALPINE_OPENSSL set ALPINE_OPENSSL=%cd%\openssl +if NOT exist "%ALPINE_OPENSSL%" goto wntbuild +set MESSAGE=including OPENSSL support set windows32build= +set sslflags=-I\"%ALPINE_OPENSSL%\"\include\ -I\"%ALPINE_OPENSSL%\"\include\openssl -DENABLE_WINDOWS_UNIXSSL -DOPENSSL_1_1_0 +set ssllibes=\"%ALPINE_OPENSSL%\"\lib\libcrypto.lib \"%ALPINE_OPENSSL%\"\lib\libssl.lib +set sslextralibes= +goto wntbuild + :wntbuild echo PC-Alpine for Windows/Winsock (Win32) build sequence set cclntmake=makefile.nt set alpinemake=makefile.wnt -if not defined ALPINE_LIBRESSL set ALPINE_LIBRESSL=%cd%\libressl -if exist "%ALPINE_LIBRESSL%" goto yeslibresslwnt -echo NOT including LIBRESSL functionality -set libresslflags= -set libressllibes= -set libresslextralibes="crypt32.lib" +echo %MESSAGE% goto ldapincludewnt -:yeslibresslwnt -echo including LIBRESSL functionality -set libresslflags=-I\"%ALPINE_LIBRESSL%\"\include\"%BIT%\" -I\"%ALPINE_LIBRESSL%\"\include\"%BIT%\"\openssl -DENABLE_WINDOWS_LIBRESSL -set libressllibes=\"%ALPINE_LIBRESSL%\"\x86\libcrypto-%CRYPTO_VERSION%.lib \"%ALPINE_LIBRESSL%\"\x86\libssl-%SSL_VERSION%.lib \"%ALPINE_LIBRESSL%\"\x86\libtls-%TLS_VERSION%.lib -set libresslextralibes= :ldapincludewnt if not defined ALPINE_LDAP set ALPINE_LDAP=%cd%\ldap if exist "%ALPINE_LDAP%" goto yesldapwnt @@ -82,9 +91,9 @@ echo including LDAP functionality set ldapflags=-I\"%ALPINE_LDAP%\"\inckit -DENABLE_LDAP set ldaplibes=\"%ALPINE_LDAP%\"\binaries\release\ldap32.lib :noldapwnt -set extracflagsnq=/DWINVER=0x0501 /Zi -Od %ldapflags% %libresslflags% %windows32build% -D_USE_32BIT_TIME_T -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE -DSPCL_REMARKS=\"\\\"\\\"\" -set extralibes="%libresslextralibes%" -set extralibesalpine="%ldaplibes% %libressllibes%" +set extracflagsnq=/DWINVER=0x0501 /Zi -Od %ldapflags% %sslflags% %windows32build% -D_USE_32BIT_TIME_T -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE -DSPCL_REMARKS=\"\\\"\\\"\" +set extralibes="%sslextralibes%" +set extralibesalpine="%ldaplibes% %ssllibes%" set extrarcflags="/D_PCP_WNT" set extramakecommand= goto buildsetup @@ -93,18 +102,10 @@ goto buildsetup echo Krb5ized PC-Alpine for Windows/Winsock (Win32) build sequence set cclntmake=makefile.w2k set alpinemake=makefile.wnt -if not defined ALPINE_LIBRESSL set ALPINE_LIBRESSL=%cd%\libressl -if exist "%ALPINE_LIBRESSL%" goto yeslibresslw2k -echo NOT including LIBRESSL functionality -set libresslflags= -set libressllibes= -set libresslextralibes="crypt32.lib" +set sslflags= +set ssllibes= +set sslextralibes="crypt32.lib" goto ldapincludew2k -:yeslibresslw2k -echo including LIBRESSL functionality -set libresslflags=-I\"%ALPINE_LIBRESSL%\"\include -I\"%ALPINE_LIBRESSL%\"\include\openssl -DENABLE_WINDOWS_LIBRESSL -set libressllibes=\"%ALPINE_LIBRESSL%\"\x86\libcrypto-45.lib \"%ALPINE_LIBRESSL%\"\x86\libssl-47.lib \"%ALPINE_LIBRESSL%\"\x86\libtls-19.lib -set libresslextralibes= :ldapincludew2k if not defined ALPINE_LDAP set ALPINE_LDAP=%cd%\ldap if exist "%ALPINE_LDAP%" goto yesldapw2k @@ -117,9 +118,9 @@ echo including LDAP functionality set ldapflags=-I\"%ALPINE_LDAP%\"\inckit -DENABLE_LDAP set ldaplibes=\"%ALPINE_LDAP%\"\binaries\release\ldap32.lib :noldapw2k -set extracflagsnq=/DWINVER=0x0501 /Zi -Od %ldapflags% %libresslflags% -D_USE_32BIT_TIME_T -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE -DSPCFC_WINVER=\"\\\" 2000\\\"\" -DSPCL_REMARKS=\"\\\" with krb5\\\"\" -set extralibes="secur32.lib %libresslextralibes%" -set extralibesalpine="secur32.lib crypt32.lib %ldaplibes% %libressllibes%" +set extracflagsnq=/DWINVER=0x0501 /Zi -Od %ldapflags% %sslflags% -D_USE_32BIT_TIME_T -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE -DSPCFC_WINVER=\"\\\" 2000\\\"\" -DSPCL_REMARKS=\"\\\" with krb5\\\"\" +set extralibes="secur32.lib %sslextralibes%" +set extralibesalpine="secur32.lib crypt32.lib %ldaplibes% %ssllibes%" set extrarcflags="/D_PCP_W2K" set extramakecommand= goto buildsetup @@ -175,12 +176,12 @@ rem copy /Y "%ALPINE_IMAP%"\src\osdep\nt\* c-client-dll\ > garbageout.txt rem del garbageout.txt if not exist mailutil mkdir mailutil copy /Y "%ALPINE_IMAP%"\src\mailutil\* mailutil\ > garbageout.txt -del garbageout.txt if defined ALPINE_LIBRESSL del /Q libressl\x86\lib*.lib if defined ALPINE_LIBRESSL del /Q alpine\lib*.dll if defined ALPINE_LIBRESSL copy /Y libressl\x86\"%1%"\* libressl\x86\ > garbageout.txt -if defined ALPINE_LIBRESSL copy /Y alpine\DLL\"%1%"\* alpine\ > garbageout.txt -if defined ALPINE_LIBRESSL del garbageout.txt +if defined ALPINE_LIBRESSL copy /Y alpine\DLL\"%1%\"\* alpine\ > garbageout.txt +if defined ALPINE_OPENSSL copy /Y alpine\DLL\openssl\* alpine\ > garbageout.txt +del garbageout.txt goto build :build @@ -203,7 +204,7 @@ goto nobuildmailutil :yesbuildmailutil echo Building mailutil cd mailutil -nmake -nologo -f %cclntmake% EXTRACFLAGS=%extracflags% LIBRESSLLIBS="%libressllibes%" %extramakecommand% +nmake -nologo -f %cclntmake% EXTRACFLAGS=%extracflags% LIBRESSLLIBS="%ssllibes%" %extramakecommand% if errorlevel 1 goto bogus cd .. :nobuildmailutil @@ -268,7 +269,7 @@ goto buildalpine :buildalpine echo Building alpine... cd alpine -nmake -nologo -f %alpinemake% wnt=1 EXTRACFLAGS=%extracflags% LIBRESSLLIBS="%libressllibes%" EXTRALIBES=%extralibesalpine% LDAPLIBS=%ldaplibes% EXTRALDFLAGS=%extraldflags% EXTRARCFLAGS=%extrarcflags% %extramakecommand% +nmake -nologo -f %alpinemake% wnt=1 EXTRACFLAGS=%extracflags% EXTRALIBES=%extralibesalpine% LDAPLIBS=%ldaplibes% EXTRALDFLAGS=%extraldflags% EXTRARCFLAGS=%extrarcflags% %extramakecommand% if errorlevel 1 goto bogus cd .. goto nobuildmapi diff --git a/libressl/include32/openssl/aes.h b/libressl/include/openssl/aes.h index c904485d..c904485d 100644 --- a/libressl/include32/openssl/aes.h +++ b/libressl/include/openssl/aes.h diff --git a/libressl/include32/openssl/asn1.h b/libressl/include/openssl/asn1.h index e35c865e..e35c865e 100644 --- a/libressl/include32/openssl/asn1.h +++ b/libressl/include/openssl/asn1.h diff --git a/libressl/include32/openssl/asn1_mac.h b/libressl/include/openssl/asn1_mac.h index fd524dc2..fd524dc2 100644 --- a/libressl/include32/openssl/asn1_mac.h +++ b/libressl/include/openssl/asn1_mac.h diff --git a/libressl/include32/openssl/asn1t.h b/libressl/include/openssl/asn1t.h index ba380bdf..ba380bdf 100644 --- a/libressl/include32/openssl/asn1t.h +++ b/libressl/include/openssl/asn1t.h diff --git a/libressl/include32/openssl/bio.h b/libressl/include/openssl/bio.h index 9a9472c7..9a9472c7 100644 --- a/libressl/include32/openssl/bio.h +++ b/libressl/include/openssl/bio.h diff --git a/libressl/include32/openssl/blowfish.h b/libressl/include/openssl/blowfish.h index 4d2db805..4d2db805 100644 --- a/libressl/include32/openssl/blowfish.h +++ b/libressl/include/openssl/blowfish.h diff --git a/libressl/include32/openssl/bn.h b/libressl/include/openssl/bn.h index 0dde08a3..0dde08a3 100644 --- a/libressl/include32/openssl/bn.h +++ b/libressl/include/openssl/bn.h diff --git a/libressl/include32/openssl/buffer.h b/libressl/include/openssl/buffer.h index ed6dac0e..ed6dac0e 100644 --- a/libressl/include32/openssl/buffer.h +++ b/libressl/include/openssl/buffer.h diff --git a/libressl/include32/openssl/camellia.h b/libressl/include/openssl/camellia.h index b9b5f792..b9b5f792 100644 --- a/libressl/include32/openssl/camellia.h +++ b/libressl/include/openssl/camellia.h diff --git a/libressl/include32/openssl/cast.h b/libressl/include/openssl/cast.h index 1043c7f2..1043c7f2 100644 --- a/libressl/include32/openssl/cast.h +++ b/libressl/include/openssl/cast.h diff --git a/libressl/include32/openssl/chacha.h b/libressl/include/openssl/chacha.h index 8d94e626..8d94e626 100644 --- a/libressl/include32/openssl/chacha.h +++ b/libressl/include/openssl/chacha.h diff --git a/libressl/include32/openssl/cmac.h b/libressl/include/openssl/cmac.h index cb6d64b0..cb6d64b0 100644 --- a/libressl/include32/openssl/cmac.h +++ b/libressl/include/openssl/cmac.h diff --git a/libressl/include32/openssl/comp.h b/libressl/include/openssl/comp.h index fe7397f8..fe7397f8 100644 --- a/libressl/include32/openssl/comp.h +++ b/libressl/include/openssl/comp.h diff --git a/libressl/include32/openssl/conf.h b/libressl/include/openssl/conf.h index 095066d3..095066d3 100644 --- a/libressl/include32/openssl/conf.h +++ b/libressl/include/openssl/conf.h diff --git a/libressl/include32/openssl/conf_api.h b/libressl/include/openssl/conf_api.h index 95f93862..95f93862 100644 --- a/libressl/include32/openssl/conf_api.h +++ b/libressl/include/openssl/conf_api.h diff --git a/libressl/include32/openssl/crypto.h b/libressl/include/openssl/crypto.h index c1ee78fb..c1ee78fb 100644 --- a/libressl/include32/openssl/crypto.h +++ b/libressl/include/openssl/crypto.h diff --git a/libressl/include32/openssl/curve25519.h b/libressl/include/openssl/curve25519.h index 5aaa8c08..5aaa8c08 100644 --- a/libressl/include32/openssl/curve25519.h +++ b/libressl/include/openssl/curve25519.h diff --git a/libressl/include32/openssl/des.h b/libressl/include/openssl/des.h index e1331d3f..e1331d3f 100644 --- a/libressl/include32/openssl/des.h +++ b/libressl/include/openssl/des.h diff --git a/libressl/include32/openssl/dh.h b/libressl/include/openssl/dh.h index 920af3b9..920af3b9 100644 --- a/libressl/include32/openssl/dh.h +++ b/libressl/include/openssl/dh.h diff --git a/libressl/include32/openssl/dsa.h b/libressl/include/openssl/dsa.h index 6ddd4c35..6ddd4c35 100644 --- a/libressl/include32/openssl/dsa.h +++ b/libressl/include/openssl/dsa.h diff --git a/libressl/include32/openssl/dso.h b/libressl/include/openssl/dso.h index 6c982c9f..6c982c9f 100644 --- a/libressl/include32/openssl/dso.h +++ b/libressl/include/openssl/dso.h diff --git a/libressl/include32/openssl/dtls1.h b/libressl/include/openssl/dtls1.h index 31ba0653..31ba0653 100644 --- a/libressl/include32/openssl/dtls1.h +++ b/libressl/include/openssl/dtls1.h diff --git a/libressl/include32/openssl/ec.h b/libressl/include/openssl/ec.h index dc70cfa6..dc70cfa6 100644 --- a/libressl/include32/openssl/ec.h +++ b/libressl/include/openssl/ec.h diff --git a/libressl/include32/openssl/ecdh.h b/libressl/include/openssl/ecdh.h index ccc1312f..ccc1312f 100644 --- a/libressl/include32/openssl/ecdh.h +++ b/libressl/include/openssl/ecdh.h diff --git a/libressl/include32/openssl/ecdsa.h b/libressl/include/openssl/ecdsa.h index 530ab265..530ab265 100644 --- a/libressl/include32/openssl/ecdsa.h +++ b/libressl/include/openssl/ecdsa.h diff --git a/libressl/include32/openssl/engine.h b/libressl/include/openssl/engine.h index 30d1bde4..30d1bde4 100644 --- a/libressl/include32/openssl/engine.h +++ b/libressl/include/openssl/engine.h diff --git a/libressl/include32/openssl/err.h b/libressl/include/openssl/err.h index 22cdb298..22cdb298 100644 --- a/libressl/include32/openssl/err.h +++ b/libressl/include/openssl/err.h diff --git a/libressl/include32/openssl/evp.h b/libressl/include/openssl/evp.h index 68e10495..68e10495 100644 --- a/libressl/include32/openssl/evp.h +++ b/libressl/include/openssl/evp.h diff --git a/libressl/include32/openssl/gost.h b/libressl/include/openssl/gost.h index 092f96fb..092f96fb 100644 --- a/libressl/include32/openssl/gost.h +++ b/libressl/include/openssl/gost.h diff --git a/libressl/include32/openssl/hmac.h b/libressl/include/openssl/hmac.h index f3418b3c..f3418b3c 100644 --- a/libressl/include32/openssl/hmac.h +++ b/libressl/include/openssl/hmac.h diff --git a/libressl/include32/openssl/idea.h b/libressl/include/openssl/idea.h index f76bcaeb..f76bcaeb 100644 --- a/libressl/include32/openssl/idea.h +++ b/libressl/include/openssl/idea.h diff --git a/libressl/include32/openssl/lhash.h b/libressl/include/openssl/lhash.h index 9c636573..9c636573 100644 --- a/libressl/include32/openssl/lhash.h +++ b/libressl/include/openssl/lhash.h diff --git a/libressl/include32/openssl/md4.h b/libressl/include/openssl/md4.h index 04aacc98..04aacc98 100644 --- a/libressl/include32/openssl/md4.h +++ b/libressl/include/openssl/md4.h diff --git a/libressl/include32/openssl/md5.h b/libressl/include/openssl/md5.h index e2c511c7..e2c511c7 100644 --- a/libressl/include32/openssl/md5.h +++ b/libressl/include/openssl/md5.h diff --git a/libressl/include32/openssl/modes.h b/libressl/include/openssl/modes.h index a532cb3f..a532cb3f 100644 --- a/libressl/include32/openssl/modes.h +++ b/libressl/include/openssl/modes.h diff --git a/libressl/include32/openssl/obj_mac.h b/libressl/include/openssl/obj_mac.h index e11e2832..e11e2832 100644 --- a/libressl/include32/openssl/obj_mac.h +++ b/libressl/include/openssl/obj_mac.h diff --git a/libressl/include32/openssl/objects.h b/libressl/include/openssl/objects.h index c40991b5..c40991b5 100644 --- a/libressl/include32/openssl/objects.h +++ b/libressl/include/openssl/objects.h diff --git a/libressl/include32/openssl/ocsp.h b/libressl/include/openssl/ocsp.h index e3fa6f5a..e3fa6f5a 100644 --- a/libressl/include32/openssl/ocsp.h +++ b/libressl/include/openssl/ocsp.h diff --git a/libressl/include32/openssl/opensslconf.h b/libressl/include/openssl/opensslconf.h index bb717689..bb717689 100644 --- a/libressl/include32/openssl/opensslconf.h +++ b/libressl/include/openssl/opensslconf.h diff --git a/libressl/include32/openssl/opensslfeatures.h b/libressl/include/openssl/opensslfeatures.h index ba4dbba9..ba4dbba9 100644 --- a/libressl/include32/openssl/opensslfeatures.h +++ b/libressl/include/openssl/opensslfeatures.h diff --git a/libressl/include32/openssl/opensslv.h b/libressl/include/openssl/opensslv.h index d77f57f7..d77f57f7 100644 --- a/libressl/include32/openssl/opensslv.h +++ b/libressl/include/openssl/opensslv.h diff --git a/libressl/include32/openssl/ossl_typ.h b/libressl/include/openssl/ossl_typ.h index b1a9e0e3..b1a9e0e3 100644 --- a/libressl/include32/openssl/ossl_typ.h +++ b/libressl/include/openssl/ossl_typ.h diff --git a/libressl/include32/openssl/pem.h b/libressl/include/openssl/pem.h index d1916a18..d1916a18 100644 --- a/libressl/include32/openssl/pem.h +++ b/libressl/include/openssl/pem.h diff --git a/libressl/include32/openssl/pem2.h b/libressl/include/openssl/pem2.h index 19525b4a..19525b4a 100644 --- a/libressl/include32/openssl/pem2.h +++ b/libressl/include/openssl/pem2.h diff --git a/libressl/include32/openssl/pkcs12.h b/libressl/include/openssl/pkcs12.h index e30f9ac7..e30f9ac7 100644 --- a/libressl/include32/openssl/pkcs12.h +++ b/libressl/include/openssl/pkcs12.h diff --git a/libressl/include32/openssl/pkcs7.h b/libressl/include/openssl/pkcs7.h index cff7c966..cff7c966 100644 --- a/libressl/include32/openssl/pkcs7.h +++ b/libressl/include/openssl/pkcs7.h diff --git a/libressl/include32/openssl/poly1305.h b/libressl/include/openssl/poly1305.h index 00ab0bfd..00ab0bfd 100644 --- a/libressl/include32/openssl/poly1305.h +++ b/libressl/include/openssl/poly1305.h diff --git a/libressl/include32/openssl/rand.h b/libressl/include/openssl/rand.h index fcb2e921..fcb2e921 100644 --- a/libressl/include32/openssl/rand.h +++ b/libressl/include/openssl/rand.h diff --git a/libressl/include32/openssl/rc2.h b/libressl/include/openssl/rc2.h index 21511ff3..21511ff3 100644 --- a/libressl/include32/openssl/rc2.h +++ b/libressl/include/openssl/rc2.h diff --git a/libressl/include32/openssl/rc4.h b/libressl/include/openssl/rc4.h index f59185ed..f59185ed 100644 --- a/libressl/include32/openssl/rc4.h +++ b/libressl/include/openssl/rc4.h diff --git a/libressl/include32/openssl/ripemd.h b/libressl/include/openssl/ripemd.h index a5f3a129..a5f3a129 100644 --- a/libressl/include32/openssl/ripemd.h +++ b/libressl/include/openssl/ripemd.h diff --git a/libressl/include32/openssl/rsa.h b/libressl/include/openssl/rsa.h index febeb297..febeb297 100644 --- a/libressl/include32/openssl/rsa.h +++ b/libressl/include/openssl/rsa.h diff --git a/libressl/include32/openssl/safestack.h b/libressl/include/openssl/safestack.h index 6540174d..6540174d 100644 --- a/libressl/include32/openssl/safestack.h +++ b/libressl/include/openssl/safestack.h diff --git a/libressl/include32/openssl/sha.h b/libressl/include/openssl/sha.h index 87fdf8d1..87fdf8d1 100644 --- a/libressl/include32/openssl/sha.h +++ b/libressl/include/openssl/sha.h diff --git a/libressl/include32/openssl/srtp.h b/libressl/include/openssl/srtp.h index 6daa02a7..6daa02a7 100644 --- a/libressl/include32/openssl/srtp.h +++ b/libressl/include/openssl/srtp.h diff --git a/libressl/include32/openssl/ssl.h b/libressl/include/openssl/ssl.h index 0789b914..0789b914 100644 --- a/libressl/include32/openssl/ssl.h +++ b/libressl/include/openssl/ssl.h diff --git a/libressl/include32/openssl/ssl2.h b/libressl/include/openssl/ssl2.h index 3a8d3007..3a8d3007 100644 --- a/libressl/include32/openssl/ssl2.h +++ b/libressl/include/openssl/ssl2.h diff --git a/libressl/include32/openssl/ssl23.h b/libressl/include/openssl/ssl23.h index 570e4b01..570e4b01 100644 --- a/libressl/include32/openssl/ssl23.h +++ b/libressl/include/openssl/ssl23.h diff --git a/libressl/include32/openssl/ssl3.h b/libressl/include/openssl/ssl3.h index 91cbaf29..91cbaf29 100644 --- a/libressl/include32/openssl/ssl3.h +++ b/libressl/include/openssl/ssl3.h diff --git a/libressl/include32/openssl/stack.h b/libressl/include/openssl/stack.h index 6bea6348..6bea6348 100644 --- a/libressl/include32/openssl/stack.h +++ b/libressl/include/openssl/stack.h diff --git a/libressl/include32/openssl/tls1.h b/libressl/include/openssl/tls1.h index d06a1969..d06a1969 100644 --- a/libressl/include32/openssl/tls1.h +++ b/libressl/include/openssl/tls1.h diff --git a/libressl/include32/openssl/ts.h b/libressl/include/openssl/ts.h index a8d2281b..a8d2281b 100644 --- a/libressl/include32/openssl/ts.h +++ b/libressl/include/openssl/ts.h diff --git a/libressl/include32/openssl/txt_db.h b/libressl/include/openssl/txt_db.h index 56b6b424..56b6b424 100644 --- a/libressl/include32/openssl/txt_db.h +++ b/libressl/include/openssl/txt_db.h diff --git a/libressl/include32/openssl/ui.h b/libressl/include/openssl/ui.h index b6b0075e..b6b0075e 100644 --- a/libressl/include32/openssl/ui.h +++ b/libressl/include/openssl/ui.h diff --git a/libressl/include32/openssl/ui_compat.h b/libressl/include/openssl/ui_compat.h index 860e80c8..860e80c8 100644 --- a/libressl/include32/openssl/ui_compat.h +++ b/libressl/include/openssl/ui_compat.h diff --git a/libressl/include32/openssl/whrlpool.h b/libressl/include/openssl/whrlpool.h index 875d34f7..875d34f7 100644 --- a/libressl/include32/openssl/whrlpool.h +++ b/libressl/include/openssl/whrlpool.h diff --git a/libressl/include32/openssl/x509.h b/libressl/include/openssl/x509.h index 29493258..29493258 100644 --- a/libressl/include32/openssl/x509.h +++ b/libressl/include/openssl/x509.h diff --git a/libressl/include32/openssl/x509_vfy.h b/libressl/include/openssl/x509_vfy.h index b58d49d2..b58d49d2 100644 --- a/libressl/include32/openssl/x509_vfy.h +++ b/libressl/include/openssl/x509_vfy.h diff --git a/libressl/include32/openssl/x509v3.h b/libressl/include/openssl/x509v3.h index f0544be6..f0544be6 100644 --- a/libressl/include32/openssl/x509v3.h +++ b/libressl/include/openssl/x509v3.h diff --git a/libressl/include32/tls.h b/libressl/include/tls.h index 1292cb6e..1292cb6e 100644 --- a/libressl/include32/tls.h +++ b/libressl/include/tls.h diff --git a/libressl/include64/openssl/aes.h b/libressl/include64/openssl/aes.h deleted file mode 100644 index c904485d..00000000 --- a/libressl/include64/openssl/aes.h +++ /dev/null @@ -1,126 +0,0 @@ -/* $OpenBSD: aes.h,v 1.14 2014/07/09 09:10:07 miod Exp $ */ -/* ==================================================================== - * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - */ - -#ifndef HEADER_AES_H -#define HEADER_AES_H - -#include <openssl/opensslconf.h> - -#ifdef OPENSSL_NO_AES -#error AES is disabled. -#endif - -#include <stddef.h> - -#define AES_ENCRYPT 1 -#define AES_DECRYPT 0 - -/* Because array size can't be a const in C, the following two are macros. - Both sizes are in bytes. */ -#define AES_MAXNR 14 -#define AES_BLOCK_SIZE 16 - -#ifdef __cplusplus -extern "C" { -#endif - -/* This should be a hidden type, but EVP requires that the size be known */ -struct aes_key_st { - unsigned int rd_key[4 *(AES_MAXNR + 1)]; - int rounds; -}; -typedef struct aes_key_st AES_KEY; - -const char *AES_options(void); - -int AES_set_encrypt_key(const unsigned char *userKey, const int bits, - AES_KEY *key); -int AES_set_decrypt_key(const unsigned char *userKey, const int bits, - AES_KEY *key); - -void AES_encrypt(const unsigned char *in, unsigned char *out, - const AES_KEY *key); -void AES_decrypt(const unsigned char *in, unsigned char *out, - const AES_KEY *key); - -void AES_ecb_encrypt(const unsigned char *in, unsigned char *out, - const AES_KEY *key, const int enc); -void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const AES_KEY *key, unsigned char *ivec, const int enc); -void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const AES_KEY *key, unsigned char *ivec, int *num, - const int enc); -void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const AES_KEY *key, unsigned char *ivec, int *num, - const int enc); -void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const AES_KEY *key, unsigned char *ivec, int *num, - const int enc); -void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const AES_KEY *key, unsigned char *ivec, int *num); -void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const AES_KEY *key, unsigned char ivec[AES_BLOCK_SIZE], - unsigned char ecount_buf[AES_BLOCK_SIZE], unsigned int *num); -/* NB: the IV is _two_ blocks long */ -void AES_ige_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const AES_KEY *key, unsigned char *ivec, const int enc); - -int AES_wrap_key(AES_KEY *key, const unsigned char *iv, unsigned char *out, - const unsigned char *in, unsigned int inlen); -int AES_unwrap_key(AES_KEY *key, const unsigned char *iv, unsigned char *out, - const unsigned char *in, unsigned int inlen); - - -#ifdef __cplusplus -} -#endif - -#endif /* !HEADER_AES_H */ diff --git a/libressl/include64/openssl/asn1.h b/libressl/include64/openssl/asn1.h deleted file mode 100644 index 0a8da415..00000000 --- a/libressl/include64/openssl/asn1.h +++ /dev/null @@ -1,1259 +0,0 @@ -/* $OpenBSD: asn1.h,v 1.53 2018/11/30 04:51:19 jeremy Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_ASN1_H -#define HEADER_ASN1_H - -#include <time.h> - -#include <openssl/opensslconf.h> - -#ifndef OPENSSL_NO_BIO -#include <openssl/bio.h> -#endif -#include <openssl/stack.h> -#include <openssl/safestack.h> - -#include <openssl/ossl_typ.h> -#ifndef OPENSSL_NO_DEPRECATED -#include <openssl/bn.h> -#endif - -#ifdef __cplusplus -extern "C" { -#endif - -#define V_ASN1_UNIVERSAL 0x00 -#define V_ASN1_APPLICATION 0x40 -#define V_ASN1_CONTEXT_SPECIFIC 0x80 -#define V_ASN1_PRIVATE 0xc0 - -#define V_ASN1_CONSTRUCTED 0x20 -#define V_ASN1_PRIMITIVE_TAG 0x1f -#define V_ASN1_PRIMATIVE_TAG 0x1f - -#define V_ASN1_APP_CHOOSE -2 /* let the recipient choose */ -#define V_ASN1_OTHER -3 /* used in ASN1_TYPE */ -#define V_ASN1_ANY -4 /* used in ASN1 template code */ - -#define V_ASN1_NEG 0x100 /* negative flag */ - -#define V_ASN1_UNDEF -1 -#define V_ASN1_EOC 0 -#define V_ASN1_BOOLEAN 1 /**/ -#define V_ASN1_INTEGER 2 -#define V_ASN1_NEG_INTEGER (2 | V_ASN1_NEG) -#define V_ASN1_BIT_STRING 3 -#define V_ASN1_OCTET_STRING 4 -#define V_ASN1_NULL 5 -#define V_ASN1_OBJECT 6 -#define V_ASN1_OBJECT_DESCRIPTOR 7 -#define V_ASN1_EXTERNAL 8 -#define V_ASN1_REAL 9 -#define V_ASN1_ENUMERATED 10 -#define V_ASN1_NEG_ENUMERATED (10 | V_ASN1_NEG) -#define V_ASN1_UTF8STRING 12 -#define V_ASN1_SEQUENCE 16 -#define V_ASN1_SET 17 -#define V_ASN1_NUMERICSTRING 18 /**/ -#define V_ASN1_PRINTABLESTRING 19 -#define V_ASN1_T61STRING 20 -#define V_ASN1_TELETEXSTRING 20 /* alias */ -#define V_ASN1_VIDEOTEXSTRING 21 /**/ -#define V_ASN1_IA5STRING 22 -#define V_ASN1_UTCTIME 23 -#define V_ASN1_GENERALIZEDTIME 24 /**/ -#define V_ASN1_GRAPHICSTRING 25 /**/ -#define V_ASN1_ISO64STRING 26 /**/ -#define V_ASN1_VISIBLESTRING 26 /* alias */ -#define V_ASN1_GENERALSTRING 27 /**/ -#define V_ASN1_UNIVERSALSTRING 28 /**/ -#define V_ASN1_BMPSTRING 30 - -#define B_ASN1_NUMERICSTRING 0x0001 -#define B_ASN1_PRINTABLESTRING 0x0002 -#define B_ASN1_T61STRING 0x0004 -#define B_ASN1_TELETEXSTRING 0x0004 -#define B_ASN1_VIDEOTEXSTRING 0x0008 -#define B_ASN1_IA5STRING 0x0010 -#define B_ASN1_GRAPHICSTRING 0x0020 -#define B_ASN1_ISO64STRING 0x0040 -#define B_ASN1_VISIBLESTRING 0x0040 -#define B_ASN1_GENERALSTRING 0x0080 -#define B_ASN1_UNIVERSALSTRING 0x0100 -#define B_ASN1_OCTET_STRING 0x0200 -#define B_ASN1_BIT_STRING 0x0400 -#define B_ASN1_BMPSTRING 0x0800 -#define B_ASN1_UNKNOWN 0x1000 -#define B_ASN1_UTF8STRING 0x2000 -#define B_ASN1_UTCTIME 0x4000 -#define B_ASN1_GENERALIZEDTIME 0x8000 -#define B_ASN1_SEQUENCE 0x10000 - -/* For use with ASN1_mbstring_copy() */ -#define MBSTRING_FLAG 0x1000 -#define MBSTRING_UTF8 (MBSTRING_FLAG) -#define MBSTRING_ASC (MBSTRING_FLAG|1) -#define MBSTRING_BMP (MBSTRING_FLAG|2) -#define MBSTRING_UNIV (MBSTRING_FLAG|4) - -#define SMIME_OLDMIME 0x400 -#define SMIME_CRLFEOL 0x800 -#define SMIME_STREAM 0x1000 - -struct X509_algor_st; -DECLARE_STACK_OF(X509_ALGOR) - -#define DECLARE_ASN1_SET_OF(type) /* filled in by mkstack.pl */ -#define IMPLEMENT_ASN1_SET_OF(type) /* nothing, no longer needed */ - -/* We MUST make sure that, except for constness, asn1_ctx_st and - asn1_const_ctx are exactly the same. Fortunately, as soon as - the old ASN1 parsing macros are gone, we can throw this away - as well... */ -typedef struct asn1_ctx_st { - unsigned char *p;/* work char pointer */ - int eos; /* end of sequence read for indefinite encoding */ - int error; /* error code to use when returning an error */ - int inf; /* constructed if 0x20, indefinite is 0x21 */ - int tag; /* tag from last 'get object' */ - int xclass; /* class from last 'get object' */ - long slen; /* length of last 'get object' */ - unsigned char *max; /* largest value of p allowed */ - unsigned char *q;/* temporary variable */ - unsigned char **pp;/* variable */ - int line; /* used in error processing */ -} ASN1_CTX; - -typedef struct asn1_const_ctx_st { - const unsigned char *p;/* work char pointer */ - int eos; /* end of sequence read for indefinite encoding */ - int error; /* error code to use when returning an error */ - int inf; /* constructed if 0x20, indefinite is 0x21 */ - int tag; /* tag from last 'get object' */ - int xclass; /* class from last 'get object' */ - long slen; /* length of last 'get object' */ - const unsigned char *max; /* largest value of p allowed */ - const unsigned char *q;/* temporary variable */ - const unsigned char **pp;/* variable */ - int line; /* used in error processing */ -} ASN1_const_CTX; - -/* These are used internally in the ASN1_OBJECT to keep track of - * whether the names and data need to be free()ed */ -#define ASN1_OBJECT_FLAG_DYNAMIC 0x01 /* internal use */ -#define ASN1_OBJECT_FLAG_CRITICAL 0x02 /* critical x509v3 object id */ -#define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04 /* internal use */ -#define ASN1_OBJECT_FLAG_DYNAMIC_DATA 0x08 /* internal use */ -typedef struct asn1_object_st { - const char *sn, *ln; - int nid; - int length; - const unsigned char *data; /* data remains const after init */ - int flags; /* Should we free this one */ -} ASN1_OBJECT; - -#define ASN1_STRING_FLAG_BITS_LEFT 0x08 /* Set if 0x07 has bits left value */ -/* This indicates that the ASN1_STRING is not a real value but just a place - * holder for the location where indefinite length constructed data should - * be inserted in the memory buffer - */ -#define ASN1_STRING_FLAG_NDEF 0x010 - -/* This flag is used by the CMS code to indicate that a string is not - * complete and is a place holder for content when it had all been - * accessed. The flag will be reset when content has been written to it. - */ - -#define ASN1_STRING_FLAG_CONT 0x020 -/* This flag is used by ASN1 code to indicate an ASN1_STRING is an MSTRING - * type. - */ -#define ASN1_STRING_FLAG_MSTRING 0x040 -/* This is the base type that holds just about everything :-) */ -struct asn1_string_st { - int length; - int type; - unsigned char *data; - /* The value of the following field depends on the type being - * held. It is mostly being used for BIT_STRING so if the - * input data has a non-zero 'unused bits' value, it will be - * handled correctly */ - long flags; -}; - -/* ASN1_ENCODING structure: this is used to save the received - * encoding of an ASN1 type. This is useful to get round - * problems with invalid encodings which can break signatures. - */ - -typedef struct ASN1_ENCODING_st { - unsigned char *enc; /* DER encoding */ - long len; /* Length of encoding */ - int modified; /* set to 1 if 'enc' is invalid */ -} ASN1_ENCODING; - -/* Used with ASN1 LONG type: if a long is set to this it is omitted */ -#define ASN1_LONG_UNDEF 0x7fffffffL - -#define STABLE_FLAGS_MALLOC 0x01 -#define STABLE_NO_MASK 0x02 -#define DIRSTRING_TYPE \ - (B_ASN1_PRINTABLESTRING|B_ASN1_T61STRING|B_ASN1_BMPSTRING|B_ASN1_UTF8STRING) -#define PKCS9STRING_TYPE (DIRSTRING_TYPE|B_ASN1_IA5STRING) - -typedef struct asn1_string_table_st { - int nid; - long minsize; - long maxsize; - unsigned long mask; - unsigned long flags; -} ASN1_STRING_TABLE; - -DECLARE_STACK_OF(ASN1_STRING_TABLE) - -/* size limits: this stuff is taken straight from RFC2459 */ - -#define ub_name 32768 -#define ub_common_name 64 -#define ub_locality_name 128 -#define ub_state_name 128 -#define ub_organization_name 64 -#define ub_organization_unit_name 64 -#define ub_title 64 -#define ub_email_address 128 - -/* Declarations for template structures: for full definitions - * see asn1t.h - */ -typedef struct ASN1_TEMPLATE_st ASN1_TEMPLATE; -typedef struct ASN1_TLC_st ASN1_TLC; -/* This is just an opaque pointer */ -typedef struct ASN1_VALUE_st ASN1_VALUE; - -#ifndef LIBRESSL_INTERNAL - -/* Declare ASN1 functions: the implement macro in in asn1t.h */ - -#define DECLARE_ASN1_FUNCTIONS(type) DECLARE_ASN1_FUNCTIONS_name(type, type) - -#define DECLARE_ASN1_ALLOC_FUNCTIONS(type) \ - DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, type) - -#define DECLARE_ASN1_FUNCTIONS_name(type, name) \ - DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \ - DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) - -#define DECLARE_ASN1_FUNCTIONS_fname(type, itname, name) \ - DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \ - DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) - -#define DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) \ - type *d2i_##name(type **a, const unsigned char **in, long len); \ - int i2d_##name(type *a, unsigned char **out); \ - DECLARE_ASN1_ITEM(itname) - -#define DECLARE_ASN1_ENCODE_FUNCTIONS_const(type, name) \ - type *d2i_##name(type **a, const unsigned char **in, long len); \ - int i2d_##name(const type *a, unsigned char **out); \ - DECLARE_ASN1_ITEM(name) - -#define DECLARE_ASN1_NDEF_FUNCTION(name) \ - int i2d_##name##_NDEF(name *a, unsigned char **out); - -#define DECLARE_ASN1_FUNCTIONS_const(name) \ - DECLARE_ASN1_ALLOC_FUNCTIONS(name) \ - DECLARE_ASN1_ENCODE_FUNCTIONS_const(name, name) - -#define DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \ - type *name##_new(void); \ - void name##_free(type *a); - -#define DECLARE_ASN1_PRINT_FUNCTION(stname) \ - DECLARE_ASN1_PRINT_FUNCTION_fname(stname, stname) - -#define DECLARE_ASN1_PRINT_FUNCTION_fname(stname, fname) \ - int fname##_print_ctx(BIO *out, stname *x, int indent, \ - const ASN1_PCTX *pctx); - -#endif /* !LIBRESSL_INTERNAL */ - -#define D2I_OF(type) type *(*)(type **,const unsigned char **,long) -#define I2D_OF(type) int (*)(type *,unsigned char **) -#define I2D_OF_const(type) int (*)(const type *,unsigned char **) - -#define CHECKED_D2I_OF(type, d2i) \ - ((d2i_of_void*) (1 ? d2i : ((D2I_OF(type))0))) -#define CHECKED_I2D_OF(type, i2d) \ - ((i2d_of_void*) (1 ? i2d : ((I2D_OF(type))0))) -#define CHECKED_NEW_OF(type, xnew) \ - ((void *(*)(void)) (1 ? xnew : ((type *(*)(void))0))) -#define CHECKED_PTR_OF(type, p) \ - ((void*) (1 ? p : (type*)0)) -#define CHECKED_PPTR_OF(type, p) \ - ((void**) (1 ? p : (type**)0)) - -#define TYPEDEF_D2I_OF(type) typedef type *d2i_of_##type(type **,const unsigned char **,long) -#define TYPEDEF_I2D_OF(type) typedef int i2d_of_##type(type *,unsigned char **) -#define TYPEDEF_D2I2D_OF(type) TYPEDEF_D2I_OF(type); TYPEDEF_I2D_OF(type) - -TYPEDEF_D2I2D_OF(void); - -/* The following macros and typedefs allow an ASN1_ITEM - * to be embedded in a structure and referenced. Since - * the ASN1_ITEM pointers need to be globally accessible - * (possibly from shared libraries) they may exist in - * different forms. On platforms that support it the - * ASN1_ITEM structure itself will be globally exported. - * Other platforms will export a function that returns - * an ASN1_ITEM pointer. - * - * To handle both cases transparently the macros below - * should be used instead of hard coding an ASN1_ITEM - * pointer in a structure. - * - * The structure will look like this: - * - * typedef struct SOMETHING_st { - * ... - * ASN1_ITEM_EXP *iptr; - * ... - * } SOMETHING; - * - * It would be initialised as e.g.: - * - * SOMETHING somevar = {...,ASN1_ITEM_ref(X509),...}; - * - * and the actual pointer extracted with: - * - * const ASN1_ITEM *it = ASN1_ITEM_ptr(somevar.iptr); - * - * Finally an ASN1_ITEM pointer can be extracted from an - * appropriate reference with: ASN1_ITEM_rptr(X509). This - * would be used when a function takes an ASN1_ITEM * argument. - * - */ - -/* ASN1_ITEM pointer exported type */ -typedef const ASN1_ITEM ASN1_ITEM_EXP; - -#ifndef LIBRESSL_INTERNAL - -/* Macro to obtain ASN1_ITEM pointer from exported type */ -#define ASN1_ITEM_ptr(iptr) (iptr) - -/* Macro to include ASN1_ITEM pointer from base type */ -#define ASN1_ITEM_ref(iptr) (&(iptr##_it)) - -#define ASN1_ITEM_rptr(ref) (&(ref##_it)) - -#define DECLARE_ASN1_ITEM(name) \ - extern const ASN1_ITEM name##_it; - -#endif /* !LIBRESSL_INTERNAL */ - -/* Parameters used by ASN1_STRING_print_ex() */ - -/* These determine which characters to escape: - * RFC2253 special characters, control characters and - * MSB set characters - */ - -#define ASN1_STRFLGS_ESC_2253 1 -#define ASN1_STRFLGS_ESC_CTRL 2 -#define ASN1_STRFLGS_ESC_MSB 4 - - -/* This flag determines how we do escaping: normally - * RC2253 backslash only, set this to use backslash and - * quote. - */ - -#define ASN1_STRFLGS_ESC_QUOTE 8 - - -/* These three flags are internal use only. */ - -/* Character is a valid PrintableString character */ -#define CHARTYPE_PRINTABLESTRING 0x10 -/* Character needs escaping if it is the first character */ -#define CHARTYPE_FIRST_ESC_2253 0x20 -/* Character needs escaping if it is the last character */ -#define CHARTYPE_LAST_ESC_2253 0x40 - -/* NB the internal flags are safely reused below by flags - * handled at the top level. - */ - -/* If this is set we convert all character strings - * to UTF8 first - */ - -#define ASN1_STRFLGS_UTF8_CONVERT 0x10 - -/* If this is set we don't attempt to interpret content: - * just assume all strings are 1 byte per character. This - * will produce some pretty odd looking output! - */ - -#define ASN1_STRFLGS_IGNORE_TYPE 0x20 - -/* If this is set we include the string type in the output */ -#define ASN1_STRFLGS_SHOW_TYPE 0x40 - -/* This determines which strings to display and which to - * 'dump' (hex dump of content octets or DER encoding). We can - * only dump non character strings or everything. If we - * don't dump 'unknown' they are interpreted as character - * strings with 1 octet per character and are subject to - * the usual escaping options. - */ - -#define ASN1_STRFLGS_DUMP_ALL 0x80 -#define ASN1_STRFLGS_DUMP_UNKNOWN 0x100 - -/* These determine what 'dumping' does, we can dump the - * content octets or the DER encoding: both use the - * RFC2253 #NNNNN notation. - */ - -#define ASN1_STRFLGS_DUMP_DER 0x200 - -/* All the string flags consistent with RFC2253, - * escaping control characters isn't essential in - * RFC2253 but it is advisable anyway. - */ - -#define ASN1_STRFLGS_RFC2253 (ASN1_STRFLGS_ESC_2253 | \ - ASN1_STRFLGS_ESC_CTRL | \ - ASN1_STRFLGS_ESC_MSB | \ - ASN1_STRFLGS_UTF8_CONVERT | \ - ASN1_STRFLGS_DUMP_UNKNOWN | \ - ASN1_STRFLGS_DUMP_DER) - -DECLARE_STACK_OF(ASN1_INTEGER) - -DECLARE_STACK_OF(ASN1_GENERALSTRING) - -typedef struct asn1_type_st { - int type; - union { - char *ptr; - ASN1_BOOLEAN boolean; - ASN1_STRING * asn1_string; - ASN1_OBJECT * object; - ASN1_INTEGER * integer; - ASN1_ENUMERATED * enumerated; - ASN1_BIT_STRING * bit_string; - ASN1_OCTET_STRING * octet_string; - ASN1_PRINTABLESTRING * printablestring; - ASN1_T61STRING * t61string; - ASN1_IA5STRING * ia5string; - ASN1_GENERALSTRING * generalstring; - ASN1_BMPSTRING * bmpstring; - ASN1_UNIVERSALSTRING * universalstring; - ASN1_UTCTIME * utctime; - ASN1_GENERALIZEDTIME * generalizedtime; - ASN1_VISIBLESTRING * visiblestring; - ASN1_UTF8STRING * utf8string; - /* set and sequence are left complete and still - * contain the set or sequence bytes */ - ASN1_STRING * set; - ASN1_STRING * sequence; - ASN1_VALUE * asn1_value; - } value; -} ASN1_TYPE; - -DECLARE_STACK_OF(ASN1_TYPE) - -typedef STACK_OF(ASN1_TYPE) ASN1_SEQUENCE_ANY; - -ASN1_SEQUENCE_ANY *d2i_ASN1_SEQUENCE_ANY(ASN1_SEQUENCE_ANY **a, const unsigned char **in, long len); -int i2d_ASN1_SEQUENCE_ANY(const ASN1_SEQUENCE_ANY *a, unsigned char **out); -extern const ASN1_ITEM ASN1_SEQUENCE_ANY_it; -ASN1_SEQUENCE_ANY *d2i_ASN1_SET_ANY(ASN1_SEQUENCE_ANY **a, const unsigned char **in, long len); -int i2d_ASN1_SET_ANY(const ASN1_SEQUENCE_ANY *a, unsigned char **out); -extern const ASN1_ITEM ASN1_SET_ANY_it; - -typedef struct NETSCAPE_X509_st { - ASN1_OCTET_STRING *header; - X509 *cert; -} NETSCAPE_X509; - -/* This is used to contain a list of bit names */ -typedef struct BIT_STRING_BITNAME_st { - int bitnum; - const char *lname; - const char *sname; -} BIT_STRING_BITNAME; - -#define B_ASN1_TIME \ - B_ASN1_UTCTIME | \ - B_ASN1_GENERALIZEDTIME - -#define B_ASN1_PRINTABLE \ - B_ASN1_NUMERICSTRING| \ - B_ASN1_PRINTABLESTRING| \ - B_ASN1_T61STRING| \ - B_ASN1_IA5STRING| \ - B_ASN1_BIT_STRING| \ - B_ASN1_UNIVERSALSTRING|\ - B_ASN1_BMPSTRING|\ - B_ASN1_UTF8STRING|\ - B_ASN1_SEQUENCE|\ - B_ASN1_UNKNOWN - -#define B_ASN1_DIRECTORYSTRING \ - B_ASN1_PRINTABLESTRING| \ - B_ASN1_TELETEXSTRING|\ - B_ASN1_BMPSTRING|\ - B_ASN1_UNIVERSALSTRING|\ - B_ASN1_UTF8STRING - -#define B_ASN1_DISPLAYTEXT \ - B_ASN1_IA5STRING| \ - B_ASN1_VISIBLESTRING| \ - B_ASN1_BMPSTRING|\ - B_ASN1_UTF8STRING - -#ifndef LIBRESSL_INTERNAL -#define M_ASN1_IA5STRING_new ASN1_IA5STRING_new - -#define M_ASN1_INTEGER_free ASN1_INTEGER_free -#define M_ASN1_ENUMERATED_free ASN1_ENUMERATED_free -#define M_ASN1_OCTET_STRING_free ASN1_OCTET_STRING_free - -#define M_ASN1_OCTET_STRING_print ASN1_STRING_print - -#define M_ASN1_STRING_data ASN1_STRING_data -#define M_ASN1_STRING_length ASN1_STRING_length -#endif - -ASN1_TYPE *ASN1_TYPE_new(void); -void ASN1_TYPE_free(ASN1_TYPE *a); -ASN1_TYPE *d2i_ASN1_TYPE(ASN1_TYPE **a, const unsigned char **in, long len); -int i2d_ASN1_TYPE(ASN1_TYPE *a, unsigned char **out); -extern const ASN1_ITEM ASN1_ANY_it; - -int ASN1_TYPE_get(const ASN1_TYPE *a); -void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value); -int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value); -int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b); - -ASN1_OBJECT *ASN1_OBJECT_new(void); -void ASN1_OBJECT_free(ASN1_OBJECT *a); -int i2d_ASN1_OBJECT(const ASN1_OBJECT *a, unsigned char **pp); -ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, - long length); -ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, - long length); - -extern const ASN1_ITEM ASN1_OBJECT_it; - -DECLARE_STACK_OF(ASN1_OBJECT) - -ASN1_STRING *ASN1_STRING_new(void); -void ASN1_STRING_free(ASN1_STRING *a); -int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str); -ASN1_STRING *ASN1_STRING_dup(const ASN1_STRING *a); -ASN1_STRING *ASN1_STRING_type_new(int type); -int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b); - /* Since this is used to store all sorts of things, via macros, for now, make - its data void * */ -int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len); -void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len); -int ASN1_STRING_length(const ASN1_STRING *x); -void ASN1_STRING_length_set(ASN1_STRING *x, int n); -int ASN1_STRING_type(const ASN1_STRING *x); -unsigned char *ASN1_STRING_data(ASN1_STRING *x); -const unsigned char *ASN1_STRING_get0_data(const ASN1_STRING *x); - -ASN1_BIT_STRING *ASN1_BIT_STRING_new(void); -void ASN1_BIT_STRING_free(ASN1_BIT_STRING *a); -ASN1_BIT_STRING *d2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, const unsigned char **in, long len); -int i2d_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **out); -extern const ASN1_ITEM ASN1_BIT_STRING_it; -int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp); -ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, - const unsigned char **pp, long length); -int ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d, int length); -int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value); -int ASN1_BIT_STRING_get_bit(const ASN1_BIT_STRING *a, int n); -int ASN1_BIT_STRING_check(const ASN1_BIT_STRING *a, - const unsigned char *flags, int flags_len); - -#ifndef OPENSSL_NO_BIO -int ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs, - BIT_STRING_BITNAME *tbl, int indent); -#endif -int ASN1_BIT_STRING_num_asc(const char *name, BIT_STRING_BITNAME *tbl); -int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, const char *name, int value, - BIT_STRING_BITNAME *tbl); - -int i2d_ASN1_BOOLEAN(int a, unsigned char **pp); -int d2i_ASN1_BOOLEAN(int *a, const unsigned char **pp, long length); - -ASN1_INTEGER *ASN1_INTEGER_new(void); -void ASN1_INTEGER_free(ASN1_INTEGER *a); -ASN1_INTEGER *d2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **in, long len); -int i2d_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **out); -extern const ASN1_ITEM ASN1_INTEGER_it; -int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp); -ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp, - long length); -ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp, - long length); -ASN1_INTEGER * ASN1_INTEGER_dup(const ASN1_INTEGER *x); -int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y); - -ASN1_ENUMERATED *ASN1_ENUMERATED_new(void); -void ASN1_ENUMERATED_free(ASN1_ENUMERATED *a); -ASN1_ENUMERATED *d2i_ASN1_ENUMERATED(ASN1_ENUMERATED **a, const unsigned char **in, long len); -int i2d_ASN1_ENUMERATED(ASN1_ENUMERATED *a, unsigned char **out); -extern const ASN1_ITEM ASN1_ENUMERATED_it; - -int ASN1_UTCTIME_check(const ASN1_UTCTIME *a); -ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t); -ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t, - int offset_day, long offset_sec); -int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str); - -#ifndef LIBRESSL_INTERNAL -int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t); -#endif /* !LIBRESSL_INTERNAL */ - -int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *a); -ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s, - time_t t); -ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s, - time_t t, int offset_day, long offset_sec); -int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str); - -ASN1_OCTET_STRING *ASN1_OCTET_STRING_new(void); -void ASN1_OCTET_STRING_free(ASN1_OCTET_STRING *a); -ASN1_OCTET_STRING *d2i_ASN1_OCTET_STRING(ASN1_OCTET_STRING **a, const unsigned char **in, long len); -int i2d_ASN1_OCTET_STRING(ASN1_OCTET_STRING *a, unsigned char **out); -extern const ASN1_ITEM ASN1_OCTET_STRING_it; -ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(const ASN1_OCTET_STRING *a); -int ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a, - const ASN1_OCTET_STRING *b); -int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, const unsigned char *data, - int len); - -ASN1_VISIBLESTRING *ASN1_VISIBLESTRING_new(void); -void ASN1_VISIBLESTRING_free(ASN1_VISIBLESTRING *a); -ASN1_VISIBLESTRING *d2i_ASN1_VISIBLESTRING(ASN1_VISIBLESTRING **a, const unsigned char **in, long len); -int i2d_ASN1_VISIBLESTRING(ASN1_VISIBLESTRING *a, unsigned char **out); -extern const ASN1_ITEM ASN1_VISIBLESTRING_it; -ASN1_UNIVERSALSTRING *ASN1_UNIVERSALSTRING_new(void); -void ASN1_UNIVERSALSTRING_free(ASN1_UNIVERSALSTRING *a); -ASN1_UNIVERSALSTRING *d2i_ASN1_UNIVERSALSTRING(ASN1_UNIVERSALSTRING **a, const unsigned char **in, long len); -int i2d_ASN1_UNIVERSALSTRING(ASN1_UNIVERSALSTRING *a, unsigned char **out); -extern const ASN1_ITEM ASN1_UNIVERSALSTRING_it; -ASN1_UTF8STRING *ASN1_UTF8STRING_new(void); -void ASN1_UTF8STRING_free(ASN1_UTF8STRING *a); -ASN1_UTF8STRING *d2i_ASN1_UTF8STRING(ASN1_UTF8STRING **a, const unsigned char **in, long len); -int i2d_ASN1_UTF8STRING(ASN1_UTF8STRING *a, unsigned char **out); -extern const ASN1_ITEM ASN1_UTF8STRING_it; -ASN1_NULL *ASN1_NULL_new(void); -void ASN1_NULL_free(ASN1_NULL *a); -ASN1_NULL *d2i_ASN1_NULL(ASN1_NULL **a, const unsigned char **in, long len); -int i2d_ASN1_NULL(ASN1_NULL *a, unsigned char **out); -extern const ASN1_ITEM ASN1_NULL_it; -ASN1_BMPSTRING *ASN1_BMPSTRING_new(void); -void ASN1_BMPSTRING_free(ASN1_BMPSTRING *a); -ASN1_BMPSTRING *d2i_ASN1_BMPSTRING(ASN1_BMPSTRING **a, const unsigned char **in, long len); -int i2d_ASN1_BMPSTRING(ASN1_BMPSTRING *a, unsigned char **out); -extern const ASN1_ITEM ASN1_BMPSTRING_it; - -ASN1_STRING *ASN1_PRINTABLE_new(void); -void ASN1_PRINTABLE_free(ASN1_STRING *a); -ASN1_STRING *d2i_ASN1_PRINTABLE(ASN1_STRING **a, const unsigned char **in, long len); -int i2d_ASN1_PRINTABLE(ASN1_STRING *a, unsigned char **out); -extern const ASN1_ITEM ASN1_PRINTABLE_it; - -ASN1_STRING *DIRECTORYSTRING_new(void); -void DIRECTORYSTRING_free(ASN1_STRING *a); -ASN1_STRING *d2i_DIRECTORYSTRING(ASN1_STRING **a, const unsigned char **in, long len); -int i2d_DIRECTORYSTRING(ASN1_STRING *a, unsigned char **out); -extern const ASN1_ITEM DIRECTORYSTRING_it; -ASN1_STRING *DISPLAYTEXT_new(void); -void DISPLAYTEXT_free(ASN1_STRING *a); -ASN1_STRING *d2i_DISPLAYTEXT(ASN1_STRING **a, const unsigned char **in, long len); -int i2d_DISPLAYTEXT(ASN1_STRING *a, unsigned char **out); -extern const ASN1_ITEM DISPLAYTEXT_it; -ASN1_PRINTABLESTRING *ASN1_PRINTABLESTRING_new(void); -void ASN1_PRINTABLESTRING_free(ASN1_PRINTABLESTRING *a); -ASN1_PRINTABLESTRING *d2i_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING **a, const unsigned char **in, long len); -int i2d_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING *a, unsigned char **out); -extern const ASN1_ITEM ASN1_PRINTABLESTRING_it; -ASN1_T61STRING *ASN1_T61STRING_new(void); -void ASN1_T61STRING_free(ASN1_T61STRING *a); -ASN1_T61STRING *d2i_ASN1_T61STRING(ASN1_T61STRING **a, const unsigned char **in, long len); -int i2d_ASN1_T61STRING(ASN1_T61STRING *a, unsigned char **out); -extern const ASN1_ITEM ASN1_T61STRING_it; -ASN1_IA5STRING *ASN1_IA5STRING_new(void); -void ASN1_IA5STRING_free(ASN1_IA5STRING *a); -ASN1_IA5STRING *d2i_ASN1_IA5STRING(ASN1_IA5STRING **a, const unsigned char **in, long len); -int i2d_ASN1_IA5STRING(ASN1_IA5STRING *a, unsigned char **out); -extern const ASN1_ITEM ASN1_IA5STRING_it; -ASN1_GENERALSTRING *ASN1_GENERALSTRING_new(void); -void ASN1_GENERALSTRING_free(ASN1_GENERALSTRING *a); -ASN1_GENERALSTRING *d2i_ASN1_GENERALSTRING(ASN1_GENERALSTRING **a, const unsigned char **in, long len); -int i2d_ASN1_GENERALSTRING(ASN1_GENERALSTRING *a, unsigned char **out); -extern const ASN1_ITEM ASN1_GENERALSTRING_it; -ASN1_UTCTIME *ASN1_UTCTIME_new(void); -void ASN1_UTCTIME_free(ASN1_UTCTIME *a); -ASN1_UTCTIME *d2i_ASN1_UTCTIME(ASN1_UTCTIME **a, const unsigned char **in, long len); -int i2d_ASN1_UTCTIME(ASN1_UTCTIME *a, unsigned char **out); -extern const ASN1_ITEM ASN1_UTCTIME_it; -ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_new(void); -void ASN1_GENERALIZEDTIME_free(ASN1_GENERALIZEDTIME *a); -ASN1_GENERALIZEDTIME *d2i_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME **a, const unsigned char **in, long len); -int i2d_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME *a, unsigned char **out); -extern const ASN1_ITEM ASN1_GENERALIZEDTIME_it; -ASN1_TIME *ASN1_TIME_new(void); -void ASN1_TIME_free(ASN1_TIME *a); -ASN1_TIME *d2i_ASN1_TIME(ASN1_TIME **a, const unsigned char **in, long len); -int i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **out); -extern const ASN1_ITEM ASN1_TIME_it; - -extern const ASN1_ITEM ASN1_OCTET_STRING_NDEF_it; - -ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t); -ASN1_TIME *ASN1_TIME_set_tm(ASN1_TIME *s, struct tm *tm); -ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day, - long offset_sec); -int ASN1_TIME_check(const ASN1_TIME *t); -ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(const ASN1_TIME *t, - ASN1_GENERALIZEDTIME **out); -int ASN1_TIME_set_string(ASN1_TIME *s, const char *str); - -#ifndef OPENSSL_NO_BIO -int i2a_ASN1_INTEGER(BIO *bp, const ASN1_INTEGER *a); -int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size); -int i2a_ASN1_ENUMERATED(BIO *bp, const ASN1_ENUMERATED *a); -int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size); -int i2a_ASN1_OBJECT(BIO *bp, const ASN1_OBJECT *a); -int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size); -int i2a_ASN1_STRING(BIO *bp, const ASN1_STRING *a, int type); -#endif -int i2t_ASN1_OBJECT(char *buf, int buf_len, const ASN1_OBJECT *a); - -int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num); -ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len, - const char *sn, const char *ln); - -int ASN1_INTEGER_set(ASN1_INTEGER *a, long v); -long ASN1_INTEGER_get(const ASN1_INTEGER *a); -ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai); -BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn); - -int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v); -long ASN1_ENUMERATED_get(const ASN1_ENUMERATED *a); -ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(const BIGNUM *bn, ASN1_ENUMERATED *ai); -BIGNUM *ASN1_ENUMERATED_to_BN(const ASN1_ENUMERATED *ai, BIGNUM *bn); - -/* General */ -/* given a string, return the correct type, max is the maximum length */ -int ASN1_PRINTABLE_type(const unsigned char *s, int max); - -/* SPECIALS */ -int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag, - int *pclass, long omax); -int ASN1_check_infinite_end(unsigned char **p, long len); -int ASN1_const_check_infinite_end(const unsigned char **p, long len); -void ASN1_put_object(unsigned char **pp, int constructed, int length, int tag, - int xclass); -int ASN1_put_eoc(unsigned char **pp); -int ASN1_object_size(int constructed, int length, int tag); - -void *ASN1_item_dup(const ASN1_ITEM *it, void *x); - -#ifndef LIBRESSL_INTERNAL - -void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x); - -#endif /* !LIBRESSL_INTERNAL */ - -void *ASN1_d2i_fp(void *(*xnew)(void), d2i_of_void *d2i, FILE *in, void **x); - -#define ASN1_d2i_fp_of(type,xnew,d2i,in,x) \ - ((type*)ASN1_d2i_fp(CHECKED_NEW_OF(type, xnew), \ - CHECKED_D2I_OF(type, d2i), \ - in, \ - CHECKED_PPTR_OF(type, x))) - -void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x); -int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x); - -#define ASN1_i2d_fp_of(type,i2d,out,x) \ - (ASN1_i2d_fp(CHECKED_I2D_OF(type, i2d), \ - out, \ - CHECKED_PTR_OF(type, x))) - -#define ASN1_i2d_fp_of_const(type,i2d,out,x) \ - (ASN1_i2d_fp(CHECKED_I2D_OF(const type, i2d), \ - out, \ - CHECKED_PTR_OF(const type, x))) - -int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x); -int ASN1_STRING_print_ex_fp(FILE *fp, const ASN1_STRING *str, - unsigned long flags); - -int ASN1_STRING_to_UTF8(unsigned char **out, const ASN1_STRING *in); - -#ifndef OPENSSL_NO_BIO -void *ASN1_d2i_bio(void *(*xnew)(void), d2i_of_void *d2i, BIO *in, void **x); - -#define ASN1_d2i_bio_of(type,xnew,d2i,in,x) \ - ((type*)ASN1_d2i_bio( CHECKED_NEW_OF(type, xnew), \ - CHECKED_D2I_OF(type, d2i), \ - in, \ - CHECKED_PPTR_OF(type, x))) - -void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x); -int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x); - -#define ASN1_i2d_bio_of(type,i2d,out,x) \ - (ASN1_i2d_bio(CHECKED_I2D_OF(type, i2d), \ - out, \ - CHECKED_PTR_OF(type, x))) - -#define ASN1_i2d_bio_of_const(type,i2d,out,x) \ - (ASN1_i2d_bio(CHECKED_I2D_OF(const type, i2d), \ - out, \ - CHECKED_PTR_OF(const type, x))) - -int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x); -int ASN1_UTCTIME_print(BIO *fp, const ASN1_UTCTIME *a); -int ASN1_GENERALIZEDTIME_print(BIO *fp, const ASN1_GENERALIZEDTIME *a); -int ASN1_TIME_print(BIO *fp, const ASN1_TIME *a); -int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v); -int ASN1_STRING_print_ex(BIO *out, const ASN1_STRING *str, unsigned long flags); -int ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num, - unsigned char *buf, int off); -int ASN1_parse(BIO *bp, const unsigned char *pp, long len, int indent); -int ASN1_parse_dump(BIO *bp, const unsigned char *pp, long len, int indent, int dump); -#endif - -unsigned long ASN1_tag2bit(int tag); -const char *ASN1_tag2str(int tag); - -/* Used to load and write netscape format cert */ - -NETSCAPE_X509 *NETSCAPE_X509_new(void); -void NETSCAPE_X509_free(NETSCAPE_X509 *a); -NETSCAPE_X509 *d2i_NETSCAPE_X509(NETSCAPE_X509 **a, const unsigned char **in, long len); -int i2d_NETSCAPE_X509(NETSCAPE_X509 *a, unsigned char **out); -extern const ASN1_ITEM NETSCAPE_X509_it; - -int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s); - -int ASN1_TYPE_set_octetstring(ASN1_TYPE *a, const unsigned char *data, int len); -int ASN1_TYPE_get_octetstring(const ASN1_TYPE *a, unsigned char *data, - int max_len); -int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num, const unsigned char *data, - int len); -int ASN1_TYPE_get_int_octetstring(const ASN1_TYPE *a, long *num, - unsigned char *data, int max_len); - -ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, - ASN1_OCTET_STRING **oct); -void *ASN1_item_unpack(const ASN1_STRING *oct, const ASN1_ITEM *it); - -void ASN1_STRING_set_default_mask(unsigned long mask); -int ASN1_STRING_set_default_mask_asc(const char *p); -unsigned long ASN1_STRING_get_default_mask(void); -int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len, - int inform, unsigned long mask); -int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, - int inform, unsigned long mask, long minsize, long maxsize); - -ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out, - const unsigned char *in, int inlen, int inform, int nid); -ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid); -int ASN1_STRING_TABLE_add(int, long, long, unsigned long, unsigned long); -void ASN1_STRING_TABLE_cleanup(void); - -/* ASN1 template functions */ - -/* Old API compatible functions */ -ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it); -void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it); -ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **val, const unsigned char **in, - long len, const ASN1_ITEM *it); -int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it); -int ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it); - -void ASN1_add_oid_module(void); - -ASN1_TYPE *ASN1_generate_nconf(const char *str, CONF *nconf); -ASN1_TYPE *ASN1_generate_v3(const char *str, X509V3_CTX *cnf); - -/* ASN1 Print flags */ - -/* Indicate missing OPTIONAL fields */ -#define ASN1_PCTX_FLAGS_SHOW_ABSENT 0x001 -/* Mark start and end of SEQUENCE */ -#define ASN1_PCTX_FLAGS_SHOW_SEQUENCE 0x002 -/* Mark start and end of SEQUENCE/SET OF */ -#define ASN1_PCTX_FLAGS_SHOW_SSOF 0x004 -/* Show the ASN1 type of primitives */ -#define ASN1_PCTX_FLAGS_SHOW_TYPE 0x008 -/* Don't show ASN1 type of ANY */ -#define ASN1_PCTX_FLAGS_NO_ANY_TYPE 0x010 -/* Don't show ASN1 type of MSTRINGs */ -#define ASN1_PCTX_FLAGS_NO_MSTRING_TYPE 0x020 -/* Don't show field names in SEQUENCE */ -#define ASN1_PCTX_FLAGS_NO_FIELD_NAME 0x040 -/* Show structure names of each SEQUENCE field */ -#define ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME 0x080 -/* Don't show structure name even at top level */ -#define ASN1_PCTX_FLAGS_NO_STRUCT_NAME 0x100 - -int ASN1_item_print(BIO *out, ASN1_VALUE *ifld, int indent, - const ASN1_ITEM *it, const ASN1_PCTX *pctx); -ASN1_PCTX *ASN1_PCTX_new(void); -void ASN1_PCTX_free(ASN1_PCTX *p); -unsigned long ASN1_PCTX_get_flags(const ASN1_PCTX *p); -void ASN1_PCTX_set_flags(ASN1_PCTX *p, unsigned long flags); -unsigned long ASN1_PCTX_get_nm_flags(const ASN1_PCTX *p); -void ASN1_PCTX_set_nm_flags(ASN1_PCTX *p, unsigned long flags); -unsigned long ASN1_PCTX_get_cert_flags(const ASN1_PCTX *p); -void ASN1_PCTX_set_cert_flags(ASN1_PCTX *p, unsigned long flags); -unsigned long ASN1_PCTX_get_oid_flags(const ASN1_PCTX *p); -void ASN1_PCTX_set_oid_flags(ASN1_PCTX *p, unsigned long flags); -unsigned long ASN1_PCTX_get_str_flags(const ASN1_PCTX *p); -void ASN1_PCTX_set_str_flags(ASN1_PCTX *p, unsigned long flags); - -const BIO_METHOD *BIO_f_asn1(void); - -BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it); - -int i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags, - const ASN1_ITEM *it); -int PEM_write_bio_ASN1_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags, - const char *hdr, const ASN1_ITEM *it); -int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags, - int ctype_nid, int econt_nid, STACK_OF(X509_ALGOR) *mdalgs, - const ASN1_ITEM *it); -ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it); -int SMIME_crlf_copy(BIO *in, BIO *out, int flags); -int SMIME_text(BIO *in, BIO *out); - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_ASN1_strings(void); - -/* Error codes for the ASN1 functions. */ - -/* Function codes. */ -#define ASN1_F_A2D_ASN1_OBJECT 100 -#define ASN1_F_A2I_ASN1_ENUMERATED 101 -#define ASN1_F_A2I_ASN1_INTEGER 102 -#define ASN1_F_A2I_ASN1_STRING 103 -#define ASN1_F_APPEND_EXP 176 -#define ASN1_F_ASN1_BIT_STRING_SET_BIT 183 -#define ASN1_F_ASN1_CB 177 -#define ASN1_F_ASN1_CHECK_TLEN 104 -#define ASN1_F_ASN1_COLLATE_PRIMITIVE 105 -#define ASN1_F_ASN1_COLLECT 106 -#define ASN1_F_ASN1_D2I_EX_PRIMITIVE 108 -#define ASN1_F_ASN1_D2I_FP 109 -#define ASN1_F_ASN1_D2I_READ_BIO 107 -#define ASN1_F_ASN1_DIGEST 184 -#define ASN1_F_ASN1_DO_ADB 110 -#define ASN1_F_ASN1_DUP 111 -#define ASN1_F_ASN1_ENUMERATED_SET 112 -#define ASN1_F_ASN1_ENUMERATED_TO_BN 113 -#define ASN1_F_ASN1_EX_C2I 204 -#define ASN1_F_ASN1_FIND_END 190 -#define ASN1_F_ASN1_GENERALIZEDTIME_ADJ 216 -#define ASN1_F_ASN1_GENERALIZEDTIME_SET 185 -#define ASN1_F_ASN1_GENERATE_V3 178 -#define ASN1_F_ASN1_GET_OBJECT 114 -#define ASN1_F_ASN1_HEADER_NEW 115 -#define ASN1_F_ASN1_I2D_BIO 116 -#define ASN1_F_ASN1_I2D_FP 117 -#define ASN1_F_ASN1_INTEGER_SET 118 -#define ASN1_F_ASN1_INTEGER_TO_BN 119 -#define ASN1_F_ASN1_ITEM_D2I_FP 206 -#define ASN1_F_ASN1_ITEM_DUP 191 -#define ASN1_F_ASN1_ITEM_EX_COMBINE_NEW 121 -#define ASN1_F_ASN1_ITEM_EX_D2I 120 -#define ASN1_F_ASN1_ITEM_I2D_BIO 192 -#define ASN1_F_ASN1_ITEM_I2D_FP 193 -#define ASN1_F_ASN1_ITEM_PACK 198 -#define ASN1_F_ASN1_ITEM_SIGN 195 -#define ASN1_F_ASN1_ITEM_SIGN_CTX 220 -#define ASN1_F_ASN1_ITEM_UNPACK 199 -#define ASN1_F_ASN1_ITEM_VERIFY 197 -#define ASN1_F_ASN1_MBSTRING_NCOPY 122 -#define ASN1_F_ASN1_OBJECT_NEW 123 -#define ASN1_F_ASN1_OUTPUT_DATA 214 -#define ASN1_F_ASN1_PACK_STRING 124 -#define ASN1_F_ASN1_PCTX_NEW 205 -#define ASN1_F_ASN1_PKCS5_PBE_SET 125 -#define ASN1_F_ASN1_SEQ_PACK 126 -#define ASN1_F_ASN1_SEQ_UNPACK 127 -#define ASN1_F_ASN1_SIGN 128 -#define ASN1_F_ASN1_STR2TYPE 179 -#define ASN1_F_ASN1_STRING_SET 186 -#define ASN1_F_ASN1_STRING_TABLE_ADD 129 -#define ASN1_F_ASN1_STRING_TYPE_NEW 130 -#define ASN1_F_ASN1_TEMPLATE_EX_D2I 132 -#define ASN1_F_ASN1_TEMPLATE_NEW 133 -#define ASN1_F_ASN1_TEMPLATE_NOEXP_D2I 131 -#define ASN1_F_ASN1_TIME_ADJ 217 -#define ASN1_F_ASN1_TIME_SET 175 -#define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 134 -#define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 135 -#define ASN1_F_ASN1_UNPACK_STRING 136 -#define ASN1_F_ASN1_UTCTIME_ADJ 218 -#define ASN1_F_ASN1_UTCTIME_SET 187 -#define ASN1_F_ASN1_VERIFY 137 -#define ASN1_F_B64_READ_ASN1 209 -#define ASN1_F_B64_WRITE_ASN1 210 -#define ASN1_F_BIO_NEW_NDEF 208 -#define ASN1_F_BITSTR_CB 180 -#define ASN1_F_BN_TO_ASN1_ENUMERATED 138 -#define ASN1_F_BN_TO_ASN1_INTEGER 139 -#define ASN1_F_C2I_ASN1_BIT_STRING 189 -#define ASN1_F_C2I_ASN1_INTEGER 194 -#define ASN1_F_C2I_ASN1_OBJECT 196 -#define ASN1_F_COLLECT_DATA 140 -#define ASN1_F_D2I_ASN1_BIT_STRING 141 -#define ASN1_F_D2I_ASN1_BOOLEAN 142 -#define ASN1_F_D2I_ASN1_BYTES 143 -#define ASN1_F_D2I_ASN1_GENERALIZEDTIME 144 -#define ASN1_F_D2I_ASN1_HEADER 145 -#define ASN1_F_D2I_ASN1_INTEGER 146 -#define ASN1_F_D2I_ASN1_OBJECT 147 -#define ASN1_F_D2I_ASN1_SET 148 -#define ASN1_F_D2I_ASN1_TYPE_BYTES 149 -#define ASN1_F_D2I_ASN1_UINTEGER 150 -#define ASN1_F_D2I_ASN1_UTCTIME 151 -#define ASN1_F_D2I_AUTOPRIVATEKEY 207 -#define ASN1_F_D2I_NETSCAPE_RSA 152 -#define ASN1_F_D2I_NETSCAPE_RSA_2 153 -#define ASN1_F_D2I_PRIVATEKEY 154 -#define ASN1_F_D2I_PUBLICKEY 155 -#define ASN1_F_D2I_RSA_NET 200 -#define ASN1_F_D2I_RSA_NET_2 201 -#define ASN1_F_D2I_X509 156 -#define ASN1_F_D2I_X509_CINF 157 -#define ASN1_F_D2I_X509_PKEY 159 -#define ASN1_F_I2D_ASN1_BIO_STREAM 211 -#define ASN1_F_I2D_ASN1_SET 188 -#define ASN1_F_I2D_ASN1_TIME 160 -#define ASN1_F_I2D_DSA_PUBKEY 161 -#define ASN1_F_I2D_EC_PUBKEY 181 -#define ASN1_F_I2D_PRIVATEKEY 163 -#define ASN1_F_I2D_PUBLICKEY 164 -#define ASN1_F_I2D_RSA_NET 162 -#define ASN1_F_I2D_RSA_PUBKEY 165 -#define ASN1_F_LONG_C2I 166 -#define ASN1_F_OID_MODULE_INIT 174 -#define ASN1_F_PARSE_TAGGING 182 -#define ASN1_F_PKCS5_PBE2_SET_IV 167 -#define ASN1_F_PKCS5_PBE_SET 202 -#define ASN1_F_PKCS5_PBE_SET0_ALGOR 215 -#define ASN1_F_PKCS5_PBKDF2_SET 219 -#define ASN1_F_SMIME_READ_ASN1 212 -#define ASN1_F_SMIME_TEXT 213 -#define ASN1_F_X509_CINF_NEW 168 -#define ASN1_F_X509_CRL_ADD0_REVOKED 169 -#define ASN1_F_X509_INFO_NEW 170 -#define ASN1_F_X509_NAME_ENCODE 203 -#define ASN1_F_X509_NAME_EX_D2I 158 -#define ASN1_F_X509_NAME_EX_NEW 171 -#define ASN1_F_X509_NEW 172 -#define ASN1_F_X509_PKEY_NEW 173 - -/* Reason codes. */ -#define ASN1_R_ADDING_OBJECT 171 -#define ASN1_R_ASN1_PARSE_ERROR 203 -#define ASN1_R_ASN1_SIG_PARSE_ERROR 204 -#define ASN1_R_AUX_ERROR 100 -#define ASN1_R_BAD_CLASS 101 -#define ASN1_R_BAD_OBJECT_HEADER 102 -#define ASN1_R_BAD_PASSWORD_READ 103 -#define ASN1_R_BAD_TAG 104 -#define ASN1_R_BMPSTRING_IS_WRONG_LENGTH 214 -#define ASN1_R_BN_LIB 105 -#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 106 -#define ASN1_R_BUFFER_TOO_SMALL 107 -#define ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 108 -#define ASN1_R_CONTEXT_NOT_INITIALISED 217 -#define ASN1_R_DATA_IS_WRONG 109 -#define ASN1_R_DECODE_ERROR 110 -#define ASN1_R_DECODING_ERROR 111 -#define ASN1_R_DEPTH_EXCEEDED 174 -#define ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED 198 -#define ASN1_R_ENCODE_ERROR 112 -#define ASN1_R_ERROR_GETTING_TIME 173 -#define ASN1_R_ERROR_LOADING_SECTION 172 -#define ASN1_R_ERROR_PARSING_SET_ELEMENT 113 -#define ASN1_R_ERROR_SETTING_CIPHER_PARAMS 114 -#define ASN1_R_EXPECTING_AN_INTEGER 115 -#define ASN1_R_EXPECTING_AN_OBJECT 116 -#define ASN1_R_EXPECTING_A_BOOLEAN 117 -#define ASN1_R_EXPECTING_A_TIME 118 -#define ASN1_R_EXPLICIT_LENGTH_MISMATCH 119 -#define ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED 120 -#define ASN1_R_FIELD_MISSING 121 -#define ASN1_R_FIRST_NUM_TOO_LARGE 122 -#define ASN1_R_HEADER_TOO_LONG 123 -#define ASN1_R_ILLEGAL_BITSTRING_FORMAT 175 -#define ASN1_R_ILLEGAL_BOOLEAN 176 -#define ASN1_R_ILLEGAL_CHARACTERS 124 -#define ASN1_R_ILLEGAL_FORMAT 177 -#define ASN1_R_ILLEGAL_HEX 178 -#define ASN1_R_ILLEGAL_IMPLICIT_TAG 179 -#define ASN1_R_ILLEGAL_INTEGER 180 -#define ASN1_R_ILLEGAL_NESTED_TAGGING 181 -#define ASN1_R_ILLEGAL_NULL 125 -#define ASN1_R_ILLEGAL_NULL_VALUE 182 -#define ASN1_R_ILLEGAL_OBJECT 183 -#define ASN1_R_ILLEGAL_OPTIONAL_ANY 126 -#define ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE 170 -#define ASN1_R_ILLEGAL_TAGGED_ANY 127 -#define ASN1_R_ILLEGAL_TIME_VALUE 184 -#define ASN1_R_INTEGER_NOT_ASCII_FORMAT 185 -#define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG 128 -#define ASN1_R_INVALID_BIT_STRING_BITS_LEFT 220 -#define ASN1_R_INVALID_BMPSTRING_LENGTH 129 -#define ASN1_R_INVALID_DIGIT 130 -#define ASN1_R_INVALID_MIME_TYPE 205 -#define ASN1_R_INVALID_MODIFIER 186 -#define ASN1_R_INVALID_NUMBER 187 -#define ASN1_R_INVALID_OBJECT_ENCODING 216 -#define ASN1_R_INVALID_SEPARATOR 131 -#define ASN1_R_INVALID_TIME_FORMAT 132 -#define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH 133 -#define ASN1_R_INVALID_UTF8STRING 134 -#define ASN1_R_IV_TOO_LARGE 135 -#define ASN1_R_LENGTH_ERROR 136 -#define ASN1_R_LIST_ERROR 188 -#define ASN1_R_MIME_NO_CONTENT_TYPE 206 -#define ASN1_R_MIME_PARSE_ERROR 207 -#define ASN1_R_MIME_SIG_PARSE_ERROR 208 -#define ASN1_R_MISSING_EOC 137 -#define ASN1_R_MISSING_SECOND_NUMBER 138 -#define ASN1_R_MISSING_VALUE 189 -#define ASN1_R_MSTRING_NOT_UNIVERSAL 139 -#define ASN1_R_MSTRING_WRONG_TAG 140 -#define ASN1_R_NESTED_ASN1_STRING 197 -#define ASN1_R_NESTED_TOO_DEEP 219 -#define ASN1_R_NON_HEX_CHARACTERS 141 -#define ASN1_R_NOT_ASCII_FORMAT 190 -#define ASN1_R_NOT_ENOUGH_DATA 142 -#define ASN1_R_NO_CONTENT_TYPE 209 -#define ASN1_R_NO_DEFAULT_DIGEST 201 -#define ASN1_R_NO_MATCHING_CHOICE_TYPE 143 -#define ASN1_R_NO_MULTIPART_BODY_FAILURE 210 -#define ASN1_R_NO_MULTIPART_BOUNDARY 211 -#define ASN1_R_NO_SIG_CONTENT_TYPE 212 -#define ASN1_R_NULL_IS_WRONG_LENGTH 144 -#define ASN1_R_OBJECT_NOT_ASCII_FORMAT 191 -#define ASN1_R_ODD_NUMBER_OF_CHARS 145 -#define ASN1_R_PRIVATE_KEY_HEADER_MISSING 146 -#define ASN1_R_SECOND_NUMBER_TOO_LARGE 147 -#define ASN1_R_SEQUENCE_LENGTH_MISMATCH 148 -#define ASN1_R_SEQUENCE_NOT_CONSTRUCTED 149 -#define ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG 192 -#define ASN1_R_SHORT_LINE 150 -#define ASN1_R_SIG_INVALID_MIME_TYPE 213 -#define ASN1_R_STREAMING_NOT_SUPPORTED 202 -#define ASN1_R_STRING_TOO_LONG 151 -#define ASN1_R_STRING_TOO_SHORT 152 -#define ASN1_R_TAG_VALUE_TOO_HIGH 153 -#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 154 -#define ASN1_R_TIME_NOT_ASCII_FORMAT 193 -#define ASN1_R_TOO_LONG 155 -#define ASN1_R_TYPE_NOT_CONSTRUCTED 156 -#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 157 -#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 158 -#define ASN1_R_UNEXPECTED_EOC 159 -#define ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH 215 -#define ASN1_R_UNKNOWN_FORMAT 160 -#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 161 -#define ASN1_R_UNKNOWN_OBJECT_TYPE 162 -#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 163 -#define ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM 199 -#define ASN1_R_UNKNOWN_TAG 194 -#define ASN1_R_UNKOWN_FORMAT 195 -#define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE 164 -#define ASN1_R_UNSUPPORTED_CIPHER 165 -#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 166 -#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 167 -#define ASN1_R_UNSUPPORTED_TYPE 196 -#define ASN1_R_WRONG_PUBLIC_KEY_TYPE 200 -#define ASN1_R_WRONG_TAG 168 -#define ASN1_R_WRONG_TYPE 169 - - -int ASN1_time_parse(const char *_bytes, size_t _len, struct tm *_tm, int _mode); -int ASN1_time_tm_cmp(struct tm *_tm1, struct tm *_tm2); -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/openssl/asn1t.h b/libressl/include64/openssl/asn1t.h deleted file mode 100644 index d6168b65..00000000 --- a/libressl/include64/openssl/asn1t.h +++ /dev/null @@ -1,951 +0,0 @@ -/* $OpenBSD: asn1t.h,v 1.15 2019/08/20 13:10:09 inoguchi Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -#ifndef HEADER_ASN1T_H -#define HEADER_ASN1T_H - -#include <stddef.h> - -#include <openssl/opensslconf.h> - -#include <openssl/asn1.h> - -/* ASN1 template defines, structures and functions */ - -#ifdef __cplusplus -extern "C" { -#endif - -#ifndef LIBRESSL_INTERNAL - -/* Macro to obtain ASN1_ADB pointer from a type (only used internally) */ -#define ASN1_ADB_ptr(iptr) ((const ASN1_ADB *)(iptr)) - - -/* Macros for start and end of ASN1_ITEM definition */ - -#define ASN1_ITEM_start(itname) \ - const ASN1_ITEM itname##_it = { - -#define static_ASN1_ITEM_start(itname) \ - static const ASN1_ITEM itname##_it = { - -#define ASN1_ITEM_end(itname) \ - }; - - - -/* Macros to aid ASN1 template writing */ - -#define ASN1_ITEM_TEMPLATE(tname) \ - static const ASN1_TEMPLATE tname##_item_tt - -#define ASN1_ITEM_TEMPLATE_END(tname) \ - ;\ - ASN1_ITEM_start(tname) \ - ASN1_ITYPE_PRIMITIVE,\ - -1,\ - &tname##_item_tt,\ - 0,\ - NULL,\ - 0,\ - #tname \ - ASN1_ITEM_end(tname) - -#define static_ASN1_ITEM_TEMPLATE_END(tname) \ - ;\ - static_ASN1_ITEM_start(tname) \ - ASN1_ITYPE_PRIMITIVE,\ - -1,\ - &tname##_item_tt,\ - 0,\ - NULL,\ - 0,\ - #tname \ - ASN1_ITEM_end(tname) - - -/* This is a ASN1 type which just embeds a template */ - -/* This pair helps declare a SEQUENCE. We can do: - * - * ASN1_SEQUENCE(stname) = { - * ... SEQUENCE components ... - * } ASN1_SEQUENCE_END(stname) - * - * This will produce an ASN1_ITEM called stname_it - * for a structure called stname. - * - * If you want the same structure but a different - * name then use: - * - * ASN1_SEQUENCE(itname) = { - * ... SEQUENCE components ... - * } ASN1_SEQUENCE_END_name(stname, itname) - * - * This will create an item called itname_it using - * a structure called stname. - */ - -#define ASN1_SEQUENCE(tname) \ - static const ASN1_TEMPLATE tname##_seq_tt[] - -#define ASN1_SEQUENCE_END(stname) ASN1_SEQUENCE_END_name(stname, stname) - -#define static_ASN1_SEQUENCE_END(stname) static_ASN1_SEQUENCE_END_name(stname, stname) - -#define ASN1_SEQUENCE_END_name(stname, tname) \ - ;\ - ASN1_ITEM_start(tname) \ - ASN1_ITYPE_SEQUENCE,\ - V_ASN1_SEQUENCE,\ - tname##_seq_tt,\ - sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\ - NULL,\ - sizeof(stname),\ - #stname \ - ASN1_ITEM_end(tname) - -#define static_ASN1_SEQUENCE_END_name(stname, tname) \ - ;\ - static_ASN1_ITEM_start(tname) \ - ASN1_ITYPE_SEQUENCE,\ - V_ASN1_SEQUENCE,\ - tname##_seq_tt,\ - sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\ - NULL,\ - sizeof(stname),\ - #stname \ - ASN1_ITEM_end(tname) - -#define ASN1_NDEF_SEQUENCE(tname) \ - ASN1_SEQUENCE(tname) - -#define ASN1_NDEF_SEQUENCE_cb(tname, cb) \ - ASN1_SEQUENCE_cb(tname, cb) - -#define ASN1_SEQUENCE_cb(tname, cb) \ - static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \ - ASN1_SEQUENCE(tname) - -#define ASN1_BROKEN_SEQUENCE(tname) \ - static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_BROKEN, 0, 0, 0, 0}; \ - ASN1_SEQUENCE(tname) - -#define ASN1_SEQUENCE_ref(tname, cb, lck) \ - static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), lck, cb, 0}; \ - ASN1_SEQUENCE(tname) - -#define ASN1_SEQUENCE_enc(tname, enc, cb) \ - static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_ENCODING, 0, 0, cb, offsetof(tname, enc)}; \ - ASN1_SEQUENCE(tname) - -#define ASN1_NDEF_SEQUENCE_END(tname) \ - ;\ - ASN1_ITEM_start(tname) \ - ASN1_ITYPE_NDEF_SEQUENCE,\ - V_ASN1_SEQUENCE,\ - tname##_seq_tt,\ - sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\ - NULL,\ - sizeof(tname),\ - #tname \ - ASN1_ITEM_end(tname) - -#define static_ASN1_NDEF_SEQUENCE_END(tname) \ - ;\ - static_ASN1_ITEM_start(tname) \ - ASN1_ITYPE_NDEF_SEQUENCE,\ - V_ASN1_SEQUENCE,\ - tname##_seq_tt,\ - sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\ - NULL,\ - sizeof(tname),\ - #tname \ - ASN1_ITEM_end(tname) - -#define ASN1_BROKEN_SEQUENCE_END(stname) ASN1_SEQUENCE_END_ref(stname, stname) - -#define ASN1_SEQUENCE_END_enc(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname) - -#define ASN1_SEQUENCE_END_cb(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname) - -#define static_ASN1_SEQUENCE_END_cb(stname, tname) static_ASN1_SEQUENCE_END_ref(stname, tname) - -#define ASN1_SEQUENCE_END_ref(stname, tname) \ - ;\ - ASN1_ITEM_start(tname) \ - ASN1_ITYPE_SEQUENCE,\ - V_ASN1_SEQUENCE,\ - tname##_seq_tt,\ - sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\ - &tname##_aux,\ - sizeof(stname),\ - #stname \ - ASN1_ITEM_end(tname) - -#define static_ASN1_SEQUENCE_END_ref(stname, tname) \ - ;\ - static_ASN1_ITEM_start(tname) \ - ASN1_ITYPE_SEQUENCE,\ - V_ASN1_SEQUENCE,\ - tname##_seq_tt,\ - sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\ - &tname##_aux,\ - sizeof(stname),\ - #stname \ - ASN1_ITEM_end(tname) - -#define ASN1_NDEF_SEQUENCE_END_cb(stname, tname) \ - ;\ - ASN1_ITEM_start(tname) \ - ASN1_ITYPE_NDEF_SEQUENCE,\ - V_ASN1_SEQUENCE,\ - tname##_seq_tt,\ - sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\ - &tname##_aux,\ - sizeof(stname),\ - #stname \ - ASN1_ITEM_end(tname) - - -/* This pair helps declare a CHOICE type. We can do: - * - * ASN1_CHOICE(chname) = { - * ... CHOICE options ... - * ASN1_CHOICE_END(chname) - * - * This will produce an ASN1_ITEM called chname_it - * for a structure called chname. The structure - * definition must look like this: - * typedef struct { - * int type; - * union { - * ASN1_SOMETHING *opt1; - * ASN1_SOMEOTHER *opt2; - * } value; - * } chname; - * - * the name of the selector must be 'type'. - * to use an alternative selector name use the - * ASN1_CHOICE_END_selector() version. - */ - -#define ASN1_CHOICE(tname) \ - static const ASN1_TEMPLATE tname##_ch_tt[] - -#define ASN1_CHOICE_cb(tname, cb) \ - static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \ - ASN1_CHOICE(tname) - -#define ASN1_CHOICE_END(stname) ASN1_CHOICE_END_name(stname, stname) - -#define static_ASN1_CHOICE_END(stname) static_ASN1_CHOICE_END_name(stname, stname) - -#define ASN1_CHOICE_END_name(stname, tname) ASN1_CHOICE_END_selector(stname, tname, type) - -#define static_ASN1_CHOICE_END_name(stname, tname) static_ASN1_CHOICE_END_selector(stname, tname, type) - -#define ASN1_CHOICE_END_selector(stname, tname, selname) \ - ;\ - ASN1_ITEM_start(tname) \ - ASN1_ITYPE_CHOICE,\ - offsetof(stname,selname) ,\ - tname##_ch_tt,\ - sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\ - NULL,\ - sizeof(stname),\ - #stname \ - ASN1_ITEM_end(tname) - -#define static_ASN1_CHOICE_END_selector(stname, tname, selname) \ - ;\ - static_ASN1_ITEM_start(tname) \ - ASN1_ITYPE_CHOICE,\ - offsetof(stname,selname) ,\ - tname##_ch_tt,\ - sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\ - NULL,\ - sizeof(stname),\ - #stname \ - ASN1_ITEM_end(tname) - -#define ASN1_CHOICE_END_cb(stname, tname, selname) \ - ;\ - ASN1_ITEM_start(tname) \ - ASN1_ITYPE_CHOICE,\ - offsetof(stname,selname) ,\ - tname##_ch_tt,\ - sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\ - &tname##_aux,\ - sizeof(stname),\ - #stname \ - ASN1_ITEM_end(tname) - -/* This helps with the template wrapper form of ASN1_ITEM */ - -#define ASN1_EX_TEMPLATE_TYPE(flags, tag, name, type) { \ - (flags), (tag), 0,\ - #name, ASN1_ITEM_ref(type) } - -/* These help with SEQUENCE or CHOICE components */ - -/* used to declare other types */ - -#define ASN1_EX_TYPE(flags, tag, stname, field, type) { \ - (flags), (tag), offsetof(stname, field),\ - #field, ASN1_ITEM_ref(type) } - -/* used when the structure is combined with the parent */ - -#define ASN1_EX_COMBINE(flags, tag, type) { \ - (flags)|ASN1_TFLG_COMBINE, (tag), 0, NULL, ASN1_ITEM_ref(type) } - -/* implicit and explicit helper macros */ - -#define ASN1_IMP_EX(stname, field, type, tag, ex) \ - ASN1_EX_TYPE(ASN1_TFLG_IMPLICIT | ex, tag, stname, field, type) - -#define ASN1_EXP_EX(stname, field, type, tag, ex) \ - ASN1_EX_TYPE(ASN1_TFLG_EXPLICIT | ex, tag, stname, field, type) - -/* Any defined by macros: the field used is in the table itself */ - -#define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, (const ASN1_ITEM *)&(tblname##_adb) } -#define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, (const ASN1_ITEM *)&(tblname##_adb) } -/* Plain simple type */ -#define ASN1_SIMPLE(stname, field, type) ASN1_EX_TYPE(0,0, stname, field, type) - -/* OPTIONAL simple type */ -#define ASN1_OPT(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_OPTIONAL, 0, stname, field, type) - -/* IMPLICIT tagged simple type */ -#define ASN1_IMP(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, 0) - -/* IMPLICIT tagged OPTIONAL simple type */ -#define ASN1_IMP_OPT(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL) - -/* Same as above but EXPLICIT */ - -#define ASN1_EXP(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, 0) -#define ASN1_EXP_OPT(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL) - -/* SEQUENCE OF type */ -#define ASN1_SEQUENCE_OF(stname, field, type) \ - ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, stname, field, type) - -/* OPTIONAL SEQUENCE OF */ -#define ASN1_SEQUENCE_OF_OPT(stname, field, type) \ - ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type) - -/* Same as above but for SET OF */ - -#define ASN1_SET_OF(stname, field, type) \ - ASN1_EX_TYPE(ASN1_TFLG_SET_OF, 0, stname, field, type) - -#define ASN1_SET_OF_OPT(stname, field, type) \ - ASN1_EX_TYPE(ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type) - -/* Finally compound types of SEQUENCE, SET, IMPLICIT, EXPLICIT and OPTIONAL */ - -#define ASN1_IMP_SET_OF(stname, field, type, tag) \ - ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF) - -#define ASN1_EXP_SET_OF(stname, field, type, tag) \ - ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF) - -#define ASN1_IMP_SET_OF_OPT(stname, field, type, tag) \ - ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL) - -#define ASN1_EXP_SET_OF_OPT(stname, field, type, tag) \ - ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL) - -#define ASN1_IMP_SEQUENCE_OF(stname, field, type, tag) \ - ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF) - -#define ASN1_IMP_SEQUENCE_OF_OPT(stname, field, type, tag) \ - ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL) - -#define ASN1_EXP_SEQUENCE_OF(stname, field, type, tag) \ - ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF) - -#define ASN1_EXP_SEQUENCE_OF_OPT(stname, field, type, tag) \ - ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL) - -/* EXPLICIT using indefinite length constructed form */ -#define ASN1_NDEF_EXP(stname, field, type, tag) \ - ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_NDEF) - -/* EXPLICIT OPTIONAL using indefinite length constructed form */ -#define ASN1_NDEF_EXP_OPT(stname, field, type, tag) \ - ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_NDEF) - -/* Macros for the ASN1_ADB structure */ - -#define ASN1_ADB(name) \ - static const ASN1_ADB_TABLE name##_adbtbl[] - - -#define ASN1_ADB_END(name, flags, field, app_table, def, none) \ - ;\ - static const ASN1_ADB name##_adb = {\ - flags,\ - offsetof(name, field),\ - app_table,\ - name##_adbtbl,\ - sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\ - def,\ - none\ - } - - -#define ADB_ENTRY(val, template) {val, template} - -#define ASN1_ADB_TEMPLATE(name) \ - static const ASN1_TEMPLATE name##_tt - -#endif /* !LIBRESSL_INTERNAL */ - -/* This is the ASN1 template structure that defines - * a wrapper round the actual type. It determines the - * actual position of the field in the value structure, - * various flags such as OPTIONAL and the field name. - */ - -struct ASN1_TEMPLATE_st { -unsigned long flags; /* Various flags */ -long tag; /* tag, not used if no tagging */ -unsigned long offset; /* Offset of this field in structure */ -#ifndef NO_ASN1_FIELD_NAMES -const char *field_name; /* Field name */ -#endif -ASN1_ITEM_EXP *item; /* Relevant ASN1_ITEM or ASN1_ADB */ -}; - -/* Macro to extract ASN1_ITEM and ASN1_ADB pointer from ASN1_TEMPLATE */ - -#define ASN1_TEMPLATE_item(t) (t->item_ptr) -#define ASN1_TEMPLATE_adb(t) (t->item_ptr) - -typedef struct ASN1_ADB_TABLE_st ASN1_ADB_TABLE; -typedef struct ASN1_ADB_st ASN1_ADB; - -struct ASN1_ADB_st { - unsigned long flags; /* Various flags */ - unsigned long offset; /* Offset of selector field */ - STACK_OF(ASN1_ADB_TABLE) **app_items; /* Application defined items */ - const ASN1_ADB_TABLE *tbl; /* Table of possible types */ - long tblcount; /* Number of entries in tbl */ - const ASN1_TEMPLATE *default_tt; /* Type to use if no match */ - const ASN1_TEMPLATE *null_tt; /* Type to use if selector is NULL */ -}; - -struct ASN1_ADB_TABLE_st { - long value; /* NID for an object or value for an int */ - const ASN1_TEMPLATE tt; /* item for this value */ -}; - -/* template flags */ - -/* Field is optional */ -#define ASN1_TFLG_OPTIONAL (0x1) - -/* Field is a SET OF */ -#define ASN1_TFLG_SET_OF (0x1 << 1) - -/* Field is a SEQUENCE OF */ -#define ASN1_TFLG_SEQUENCE_OF (0x2 << 1) - -/* Special case: this refers to a SET OF that - * will be sorted into DER order when encoded *and* - * the corresponding STACK will be modified to match - * the new order. - */ -#define ASN1_TFLG_SET_ORDER (0x3 << 1) - -/* Mask for SET OF or SEQUENCE OF */ -#define ASN1_TFLG_SK_MASK (0x3 << 1) - -/* These flags mean the tag should be taken from the - * tag field. If EXPLICIT then the underlying type - * is used for the inner tag. - */ - -/* IMPLICIT tagging */ -#define ASN1_TFLG_IMPTAG (0x1 << 3) - - -/* EXPLICIT tagging, inner tag from underlying type */ -#define ASN1_TFLG_EXPTAG (0x2 << 3) - -#define ASN1_TFLG_TAG_MASK (0x3 << 3) - -/* context specific IMPLICIT */ -#define ASN1_TFLG_IMPLICIT ASN1_TFLG_IMPTAG|ASN1_TFLG_CONTEXT - -/* context specific EXPLICIT */ -#define ASN1_TFLG_EXPLICIT ASN1_TFLG_EXPTAG|ASN1_TFLG_CONTEXT - -/* If tagging is in force these determine the - * type of tag to use. Otherwise the tag is - * determined by the underlying type. These - * values reflect the actual octet format. - */ - -/* Universal tag */ -#define ASN1_TFLG_UNIVERSAL (0x0<<6) -/* Application tag */ -#define ASN1_TFLG_APPLICATION (0x1<<6) -/* Context specific tag */ -#define ASN1_TFLG_CONTEXT (0x2<<6) -/* Private tag */ -#define ASN1_TFLG_PRIVATE (0x3<<6) - -#define ASN1_TFLG_TAG_CLASS (0x3<<6) - -/* These are for ANY DEFINED BY type. In this case - * the 'item' field points to an ASN1_ADB structure - * which contains a table of values to decode the - * relevant type - */ - -#define ASN1_TFLG_ADB_MASK (0x3<<8) - -#define ASN1_TFLG_ADB_OID (0x1<<8) - -#define ASN1_TFLG_ADB_INT (0x1<<9) - -/* This flag means a parent structure is passed - * instead of the field: this is useful is a - * SEQUENCE is being combined with a CHOICE for - * example. Since this means the structure and - * item name will differ we need to use the - * ASN1_CHOICE_END_name() macro for example. - */ - -#define ASN1_TFLG_COMBINE (0x1<<10) - -/* This flag when present in a SEQUENCE OF, SET OF - * or EXPLICIT causes indefinite length constructed - * encoding to be used if required. - */ - -#define ASN1_TFLG_NDEF (0x1<<11) - -/* This is the actual ASN1 item itself */ - -struct ASN1_ITEM_st { -char itype; /* The item type, primitive, SEQUENCE, CHOICE or extern */ -long utype; /* underlying type */ -const ASN1_TEMPLATE *templates; /* If SEQUENCE or CHOICE this contains the contents */ -long tcount; /* Number of templates if SEQUENCE or CHOICE */ -const void *funcs; /* functions that handle this type */ -long size; /* Structure size (usually)*/ -#ifndef NO_ASN1_FIELD_NAMES -const char *sname; /* Structure name */ -#endif -}; - -/* These are values for the itype field and - * determine how the type is interpreted. - * - * For PRIMITIVE types the underlying type - * determines the behaviour if items is NULL. - * - * Otherwise templates must contain a single - * template and the type is treated in the - * same way as the type specified in the template. - * - * For SEQUENCE types the templates field points - * to the members, the size field is the - * structure size. - * - * For CHOICE types the templates field points - * to each possible member (typically a union) - * and the 'size' field is the offset of the - * selector. - * - * The 'funcs' field is used for application - * specific functions. - * - * The EXTERN type uses a new style d2i/i2d. - * The new style should be used where possible - * because it avoids things like the d2i IMPLICIT - * hack. - * - * MSTRING is a multiple string type, it is used - * for a CHOICE of character strings where the - * actual strings all occupy an ASN1_STRING - * structure. In this case the 'utype' field - * has a special meaning, it is used as a mask - * of acceptable types using the B_ASN1 constants. - * - * NDEF_SEQUENCE is the same as SEQUENCE except - * that it will use indefinite length constructed - * encoding if requested. - * - */ - -#define ASN1_ITYPE_PRIMITIVE 0x0 - -#define ASN1_ITYPE_SEQUENCE 0x1 - -#define ASN1_ITYPE_CHOICE 0x2 - -#define ASN1_ITYPE_EXTERN 0x4 - -#define ASN1_ITYPE_MSTRING 0x5 - -#define ASN1_ITYPE_NDEF_SEQUENCE 0x6 - -/* Cache for ASN1 tag and length, so we - * don't keep re-reading it for things - * like CHOICE - */ - -struct ASN1_TLC_st{ - char valid; /* Values below are valid */ - int ret; /* return value */ - long plen; /* length */ - int ptag; /* class value */ - int pclass; /* class value */ - int hdrlen; /* header length */ -}; - -/* Typedefs for ASN1 function pointers */ - -typedef ASN1_VALUE * ASN1_new_func(void); -typedef void ASN1_free_func(ASN1_VALUE *a); -typedef ASN1_VALUE * ASN1_d2i_func(ASN1_VALUE **a, const unsigned char ** in, long length); -typedef int ASN1_i2d_func(ASN1_VALUE * a, unsigned char **in); - -typedef int ASN1_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it, - int tag, int aclass, char opt, ASN1_TLC *ctx); - -typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass); -typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it); -typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it); - -typedef int ASN1_ex_print_func(BIO *out, ASN1_VALUE **pval, - int indent, const char *fname, - const ASN1_PCTX *pctx); - -typedef int ASN1_primitive_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it); -typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); -typedef int ASN1_primitive_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it, int indent, const ASN1_PCTX *pctx); - -typedef struct ASN1_EXTERN_FUNCS_st { - void *app_data; - ASN1_ex_new_func *asn1_ex_new; - ASN1_ex_free_func *asn1_ex_free; - ASN1_ex_free_func *asn1_ex_clear; - ASN1_ex_d2i *asn1_ex_d2i; - ASN1_ex_i2d *asn1_ex_i2d; - ASN1_ex_print_func *asn1_ex_print; -} ASN1_EXTERN_FUNCS; - -typedef struct ASN1_PRIMITIVE_FUNCS_st { - void *app_data; - unsigned long flags; - ASN1_ex_new_func *prim_new; - ASN1_ex_free_func *prim_free; - ASN1_ex_free_func *prim_clear; - ASN1_primitive_c2i *prim_c2i; - ASN1_primitive_i2c *prim_i2c; - ASN1_primitive_print *prim_print; -} ASN1_PRIMITIVE_FUNCS; - -/* This is the ASN1_AUX structure: it handles various - * miscellaneous requirements. For example the use of - * reference counts and an informational callback. - * - * The "informational callback" is called at various - * points during the ASN1 encoding and decoding. It can - * be used to provide minor customisation of the structures - * used. This is most useful where the supplied routines - * *almost* do the right thing but need some extra help - * at a few points. If the callback returns zero then - * it is assumed a fatal error has occurred and the - * main operation should be abandoned. - * - * If major changes in the default behaviour are required - * then an external type is more appropriate. - */ - -typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it, - void *exarg); - -typedef struct ASN1_AUX_st { - void *app_data; - int flags; - int ref_offset; /* Offset of reference value */ - int ref_lock; /* Lock type to use */ - ASN1_aux_cb *asn1_cb; - int enc_offset; /* Offset of ASN1_ENCODING structure */ -} ASN1_AUX; - -/* For print related callbacks exarg points to this structure */ -typedef struct ASN1_PRINT_ARG_st { - BIO *out; - int indent; - const ASN1_PCTX *pctx; -} ASN1_PRINT_ARG; - -/* For streaming related callbacks exarg points to this structure */ -typedef struct ASN1_STREAM_ARG_st { - /* BIO to stream through */ - BIO *out; - /* BIO with filters appended */ - BIO *ndef_bio; - /* Streaming I/O boundary */ - unsigned char **boundary; -} ASN1_STREAM_ARG; - -/* Flags in ASN1_AUX */ - -/* Use a reference count */ -#define ASN1_AFLG_REFCOUNT 1 -/* Save the encoding of structure (useful for signatures) */ -#define ASN1_AFLG_ENCODING 2 -/* The Sequence length is invalid */ -#define ASN1_AFLG_BROKEN 4 - -/* operation values for asn1_cb */ - -#define ASN1_OP_NEW_PRE 0 -#define ASN1_OP_NEW_POST 1 -#define ASN1_OP_FREE_PRE 2 -#define ASN1_OP_FREE_POST 3 -#define ASN1_OP_D2I_PRE 4 -#define ASN1_OP_D2I_POST 5 -#define ASN1_OP_I2D_PRE 6 -#define ASN1_OP_I2D_POST 7 -#define ASN1_OP_PRINT_PRE 8 -#define ASN1_OP_PRINT_POST 9 -#define ASN1_OP_STREAM_PRE 10 -#define ASN1_OP_STREAM_POST 11 -#define ASN1_OP_DETACHED_PRE 12 -#define ASN1_OP_DETACHED_POST 13 - -#ifndef LIBRESSL_INTERNAL - -/* Macro to implement a primitive type */ -#define IMPLEMENT_ASN1_TYPE(stname) IMPLEMENT_ASN1_TYPE_ex(stname, stname, 0) -#define IMPLEMENT_ASN1_TYPE_ex(itname, vname, ex) \ - ASN1_ITEM_start(itname) \ - ASN1_ITYPE_PRIMITIVE, V_##vname, NULL, 0, NULL, ex, #itname \ - ASN1_ITEM_end(itname) - -/* Macro to implement a multi string type */ -#define IMPLEMENT_ASN1_MSTRING(itname, mask) \ - ASN1_ITEM_start(itname) \ - ASN1_ITYPE_MSTRING, mask, NULL, 0, NULL, sizeof(ASN1_STRING), #itname \ - ASN1_ITEM_end(itname) -#define IMPLEMENT_EXTERN_ASN1(sname, tag, fptrs) \ - ASN1_ITEM_start(sname) \ - ASN1_ITYPE_EXTERN, \ - tag, \ - NULL, \ - 0, \ - &fptrs, \ - 0, \ - #sname \ - ASN1_ITEM_end(sname) - -/* Macro to implement standard functions in terms of ASN1_ITEM structures */ - -#define IMPLEMENT_ASN1_FUNCTIONS(stname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, stname, stname) - -#define IMPLEMENT_ASN1_FUNCTIONS_name(stname, itname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, itname) - -#define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \ - IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname) - -#define IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(stname) \ - IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(static, stname, stname, stname) - -#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS(stname) \ - IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, stname, stname) - -#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(pre, stname, itname, fname) \ - pre stname *fname##_new(void) \ - { \ - return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \ - } \ - pre void fname##_free(stname *a) \ - { \ - ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \ - } - -#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \ - stname *fname##_new(void) \ - { \ - return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \ - } \ - void fname##_free(stname *a) \ - { \ - ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \ - } - -#define IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, fname) \ - IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \ - IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) - -#define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \ - stname *d2i_##fname(stname **a, const unsigned char **in, long len) \ - { \ - return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\ - } \ - int i2d_##fname(stname *a, unsigned char **out) \ - { \ - return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\ - } - -#define IMPLEMENT_ASN1_NDEF_FUNCTION(stname) \ - int i2d_##stname##_NDEF(stname *a, unsigned char **out) \ - { \ - return ASN1_item_ndef_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(stname));\ - } - -/* This includes evil casts to remove const: they will go away when full - * ASN1 constification is done. - */ -#define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \ - stname *d2i_##fname(stname **a, const unsigned char **in, long len) \ - { \ - return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\ - } \ - int i2d_##fname(const stname *a, unsigned char **out) \ - { \ - return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\ - } - -#define IMPLEMENT_ASN1_DUP_FUNCTION(stname) \ - stname * stname##_dup(stname *x) \ - { \ - return ASN1_item_dup(ASN1_ITEM_rptr(stname), x); \ - } - -#define IMPLEMENT_ASN1_PRINT_FUNCTION(stname) \ - IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, stname, stname) - -#define IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, itname, fname) \ - int fname##_print_ctx(BIO *out, stname *x, int indent, \ - const ASN1_PCTX *pctx) \ - { \ - return ASN1_item_print(out, (ASN1_VALUE *)x, indent, \ - ASN1_ITEM_rptr(itname), pctx); \ - } - -#define IMPLEMENT_ASN1_FUNCTIONS_const(name) \ - IMPLEMENT_ASN1_FUNCTIONS_const_fname(name, name, name) - -#define IMPLEMENT_ASN1_FUNCTIONS_const_fname(stname, itname, fname) \ - IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \ - IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) - -#endif /* !LIBRESSL_INTERNAL */ - -/* external definitions for primitive types */ - -extern const ASN1_ITEM ASN1_BOOLEAN_it; -extern const ASN1_ITEM ASN1_TBOOLEAN_it; -extern const ASN1_ITEM ASN1_FBOOLEAN_it; -extern const ASN1_ITEM ASN1_SEQUENCE_it; -extern const ASN1_ITEM CBIGNUM_it; -extern const ASN1_ITEM BIGNUM_it; -extern const ASN1_ITEM LONG_it; -extern const ASN1_ITEM ZLONG_it; - -DECLARE_STACK_OF(ASN1_VALUE) - -/* Functions used internally by the ASN1 code */ - -int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it); -void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it); -int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); -int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it); - -void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); -int ASN1_template_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_TEMPLATE *tt); -int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it, - int tag, int aclass, char opt, ASN1_TLC *ctx); - -int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass); -int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_TEMPLATE *tt); -void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it); - -int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); - -int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it); -int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it); - -ASN1_VALUE ** asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); - -const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, int nullerr); - -int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it); - -void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it); -void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it); -int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, const ASN1_ITEM *it); -int asn1_enc_save(ASN1_VALUE **pval, const unsigned char *in, int inlen, const ASN1_ITEM *it); - -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/openssl/bio.h b/libressl/include64/openssl/bio.h deleted file mode 100644 index 9fbf3bce..00000000 --- a/libressl/include64/openssl/bio.h +++ /dev/null @@ -1,827 +0,0 @@ -/* $OpenBSD: bio.h,v 1.45 2018/06/02 04:41:12 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_BIO_H -#define HEADER_BIO_H -#if !defined(HAVE_ATTRIBUTE__BOUNDED__) && !defined(__OpenBSD__) -#define __bounded__(x, y, z) -#endif -#include <openssl/opensslconf.h> - -# include <stdio.h> -#include <stdarg.h> - -#include <openssl/crypto.h> - - -#ifdef __cplusplus -extern "C" { -#endif - -/* These are the 'types' of BIOs */ -#define BIO_TYPE_NONE 0 -#define BIO_TYPE_MEM (1|0x0400) -#define BIO_TYPE_FILE (2|0x0400) - -#define BIO_TYPE_FD (4|0x0400|0x0100) -#define BIO_TYPE_SOCKET (5|0x0400|0x0100) -#define BIO_TYPE_NULL (6|0x0400) -#define BIO_TYPE_SSL (7|0x0200) -#define BIO_TYPE_MD (8|0x0200) /* passive filter */ -#define BIO_TYPE_BUFFER (9|0x0200) /* filter */ -#define BIO_TYPE_CIPHER (10|0x0200) /* filter */ -#define BIO_TYPE_BASE64 (11|0x0200) /* filter */ -#define BIO_TYPE_CONNECT (12|0x0400|0x0100) /* socket - connect */ -#define BIO_TYPE_ACCEPT (13|0x0400|0x0100) /* socket for accept */ -#define BIO_TYPE_PROXY_CLIENT (14|0x0200) /* client proxy BIO */ -#define BIO_TYPE_PROXY_SERVER (15|0x0200) /* server proxy BIO */ -#define BIO_TYPE_NBIO_TEST (16|0x0200) /* server proxy BIO */ -#define BIO_TYPE_NULL_FILTER (17|0x0200) -#define BIO_TYPE_BER (18|0x0200) /* BER -> bin filter */ -#define BIO_TYPE_BIO (19|0x0400) /* (half a) BIO pair */ -#define BIO_TYPE_LINEBUFFER (20|0x0200) /* filter */ -#define BIO_TYPE_DGRAM (21|0x0400|0x0100) -#define BIO_TYPE_ASN1 (22|0x0200) /* filter */ -#define BIO_TYPE_COMP (23|0x0200) /* filter */ - -#define BIO_TYPE_DESCRIPTOR 0x0100 /* socket, fd, connect or accept */ -#define BIO_TYPE_FILTER 0x0200 -#define BIO_TYPE_SOURCE_SINK 0x0400 - -/* - * BIO_TYPE_START is the first user-allocated BIO type. No pre-defined type, - * flag bits aside, may exceed this value. - */ -#define BIO_TYPE_START 128 - -/* BIO_FILENAME_READ|BIO_CLOSE to open or close on free. - * BIO_set_fp(in,stdin,BIO_NOCLOSE); */ -#define BIO_NOCLOSE 0x00 -#define BIO_CLOSE 0x01 - -/* These are used in the following macros and are passed to - * BIO_ctrl() */ -#define BIO_CTRL_RESET 1 /* opt - rewind/zero etc */ -#define BIO_CTRL_EOF 2 /* opt - are we at the eof */ -#define BIO_CTRL_INFO 3 /* opt - extra tit-bits */ -#define BIO_CTRL_SET 4 /* man - set the 'IO' type */ -#define BIO_CTRL_GET 5 /* man - get the 'IO' type */ -#define BIO_CTRL_PUSH 6 /* opt - internal, used to signify change */ -#define BIO_CTRL_POP 7 /* opt - internal, used to signify change */ -#define BIO_CTRL_GET_CLOSE 8 /* man - set the 'close' on free */ -#define BIO_CTRL_SET_CLOSE 9 /* man - set the 'close' on free */ -#define BIO_CTRL_PENDING 10 /* opt - is their more data buffered */ -#define BIO_CTRL_FLUSH 11 /* opt - 'flush' buffered output */ -#define BIO_CTRL_DUP 12 /* man - extra stuff for 'duped' BIO */ -#define BIO_CTRL_WPENDING 13 /* opt - number of bytes still to write */ -/* callback is int cb(BIO *bio,state,ret); */ -#define BIO_CTRL_SET_CALLBACK 14 /* opt - set callback function */ -#define BIO_CTRL_GET_CALLBACK 15 /* opt - set callback function */ - -#define BIO_CTRL_SET_FILENAME 30 /* BIO_s_file special */ - -/* dgram BIO stuff */ -#define BIO_CTRL_DGRAM_CONNECT 31 /* BIO dgram special */ -#define BIO_CTRL_DGRAM_SET_CONNECTED 32 /* allow for an externally - * connected socket to be - * passed in */ -#define BIO_CTRL_DGRAM_SET_RECV_TIMEOUT 33 /* setsockopt, essentially */ -#define BIO_CTRL_DGRAM_GET_RECV_TIMEOUT 34 /* getsockopt, essentially */ -#define BIO_CTRL_DGRAM_SET_SEND_TIMEOUT 35 /* setsockopt, essentially */ -#define BIO_CTRL_DGRAM_GET_SEND_TIMEOUT 36 /* getsockopt, essentially */ - -#define BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP 37 /* flag whether the last */ -#define BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP 38 /* I/O operation tiemd out */ - -/* #ifdef IP_MTU_DISCOVER */ -#define BIO_CTRL_DGRAM_MTU_DISCOVER 39 /* set DF bit on egress packets */ -/* #endif */ - -#define BIO_CTRL_DGRAM_QUERY_MTU 40 /* as kernel for current MTU */ -#define BIO_CTRL_DGRAM_GET_FALLBACK_MTU 47 -#define BIO_CTRL_DGRAM_GET_MTU 41 /* get cached value for MTU */ -#define BIO_CTRL_DGRAM_SET_MTU 42 /* set cached value for - * MTU. want to use this - * if asking the kernel - * fails */ - -#define BIO_CTRL_DGRAM_MTU_EXCEEDED 43 /* check whether the MTU - * was exceed in the - * previous write - * operation */ - -#define BIO_CTRL_DGRAM_GET_PEER 46 -#define BIO_CTRL_DGRAM_SET_PEER 44 /* Destination for the data */ - -#define BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT 45 /* Next DTLS handshake timeout to - * adjust socket timeouts */ - - -/* modifiers */ -#define BIO_FP_READ 0x02 -#define BIO_FP_WRITE 0x04 -#define BIO_FP_APPEND 0x08 -#define BIO_FP_TEXT 0x10 - -#define BIO_FLAGS_READ 0x01 -#define BIO_FLAGS_WRITE 0x02 -#define BIO_FLAGS_IO_SPECIAL 0x04 -#define BIO_FLAGS_RWS (BIO_FLAGS_READ|BIO_FLAGS_WRITE|BIO_FLAGS_IO_SPECIAL) -#define BIO_FLAGS_SHOULD_RETRY 0x08 - -/* Used in BIO_gethostbyname() */ -#define BIO_GHBN_CTRL_HITS 1 -#define BIO_GHBN_CTRL_MISSES 2 -#define BIO_GHBN_CTRL_CACHE_SIZE 3 -#define BIO_GHBN_CTRL_GET_ENTRY 4 -#define BIO_GHBN_CTRL_FLUSH 5 - -/* Mostly used in the SSL BIO */ -/* Not used anymore - * #define BIO_FLAGS_PROTOCOL_DELAYED_READ 0x10 - * #define BIO_FLAGS_PROTOCOL_DELAYED_WRITE 0x20 - * #define BIO_FLAGS_PROTOCOL_STARTUP 0x40 - */ - -#define BIO_FLAGS_BASE64_NO_NL 0x100 - -/* This is used with memory BIOs: it means we shouldn't free up or change the - * data in any way. - */ -#define BIO_FLAGS_MEM_RDONLY 0x200 - -typedef struct bio_st BIO; - -void BIO_set_flags(BIO *b, int flags); -int BIO_test_flags(const BIO *b, int flags); -void BIO_clear_flags(BIO *b, int flags); - -#define BIO_get_flags(b) BIO_test_flags(b, ~(0x0)) -#define BIO_set_retry_special(b) \ - BIO_set_flags(b, (BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY)) -#define BIO_set_retry_read(b) \ - BIO_set_flags(b, (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY)) -#define BIO_set_retry_write(b) \ - BIO_set_flags(b, (BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY)) - -/* These are normally used internally in BIOs */ -#define BIO_clear_retry_flags(b) \ - BIO_clear_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY)) -#define BIO_get_retry_flags(b) \ - BIO_test_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY)) - -/* These should be used by the application to tell why we should retry */ -#define BIO_should_read(a) BIO_test_flags(a, BIO_FLAGS_READ) -#define BIO_should_write(a) BIO_test_flags(a, BIO_FLAGS_WRITE) -#define BIO_should_io_special(a) BIO_test_flags(a, BIO_FLAGS_IO_SPECIAL) -#define BIO_retry_type(a) BIO_test_flags(a, BIO_FLAGS_RWS) -#define BIO_should_retry(a) BIO_test_flags(a, BIO_FLAGS_SHOULD_RETRY) - -/* The next three are used in conjunction with the - * BIO_should_io_special() condition. After this returns true, - * BIO *BIO_get_retry_BIO(BIO *bio, int *reason); will walk the BIO - * stack and return the 'reason' for the special and the offending BIO. - * Given a BIO, BIO_get_retry_reason(bio) will return the code. */ -/* Returned from the SSL bio when the certificate retrieval code had an error */ -#define BIO_RR_SSL_X509_LOOKUP 0x01 -/* Returned from the connect BIO when a connect would have blocked */ -#define BIO_RR_CONNECT 0x02 -/* Returned from the accept BIO when an accept would have blocked */ -#define BIO_RR_ACCEPT 0x03 - -/* These are passed by the BIO callback */ -#define BIO_CB_FREE 0x01 -#define BIO_CB_READ 0x02 -#define BIO_CB_WRITE 0x03 -#define BIO_CB_PUTS 0x04 -#define BIO_CB_GETS 0x05 -#define BIO_CB_CTRL 0x06 - -/* The callback is called before and after the underling operation, - * The BIO_CB_RETURN flag indicates if it is after the call */ -#define BIO_CB_RETURN 0x80 -#define BIO_CB_return(a) ((a)|BIO_CB_RETURN)) -#define BIO_cb_pre(a) (!((a)&BIO_CB_RETURN)) -#define BIO_cb_post(a) ((a)&BIO_CB_RETURN) - -long (*BIO_get_callback(const BIO *b))(struct bio_st *, int, const char *, - int, long, long); -void BIO_set_callback(BIO *b, - long (*callback)(struct bio_st *, int, const char *, int, long, long)); -char *BIO_get_callback_arg(const BIO *b); -void BIO_set_callback_arg(BIO *b, char *arg); - -const char * BIO_method_name(const BIO *b); -int BIO_method_type(const BIO *b); - -typedef void bio_info_cb(struct bio_st *, int, const char *, int, long, long); -typedef int BIO_info_cb(BIO *, int, int); - -typedef struct bio_method_st { - int type; - const char *name; - int (*bwrite)(BIO *, const char *, int); - int (*bread)(BIO *, char *, int); - int (*bputs)(BIO *, const char *); - int (*bgets)(BIO *, char *, int); - long (*ctrl)(BIO *, int, long, void *); - int (*create)(BIO *); - int (*destroy)(BIO *); - long (*callback_ctrl)(BIO *, int, bio_info_cb *); -} BIO_METHOD; - -struct bio_st { - const BIO_METHOD *method; - /* bio, mode, argp, argi, argl, ret */ - long (*callback)(struct bio_st *, int, const char *, int, long, long); - char *cb_arg; /* first argument for the callback */ - - int init; - int shutdown; - int flags; /* extra storage */ - int retry_reason; - int num; - void *ptr; - struct bio_st *next_bio; /* used by filter BIOs */ - struct bio_st *prev_bio; /* used by filter BIOs */ - int references; - unsigned long num_read; - unsigned long num_write; - - CRYPTO_EX_DATA ex_data; -}; - -DECLARE_STACK_OF(BIO) - -typedef struct bio_f_buffer_ctx_struct { - /* Buffers are setup like this: - * - * <---------------------- size -----------------------> - * +---------------------------------------------------+ - * | consumed | remaining | free space | - * +---------------------------------------------------+ - * <-- off --><------- len -------> - */ - - /* BIO *bio; */ /* this is now in the BIO struct */ - int ibuf_size; /* how big is the input buffer */ - int obuf_size; /* how big is the output buffer */ - - char *ibuf; /* the char array */ - int ibuf_len; /* how many bytes are in it */ - int ibuf_off; /* write/read offset */ - - char *obuf; /* the char array */ - int obuf_len; /* how many bytes are in it */ - int obuf_off; /* write/read offset */ -} BIO_F_BUFFER_CTX; - -/* Prefix and suffix callback in ASN1 BIO */ -typedef int asn1_ps_func(BIO *b, unsigned char **pbuf, int *plen, void *parg); - -/* BIO_METHOD accessors */ -BIO_METHOD *BIO_meth_new(int type, const char *name); -void BIO_meth_free(BIO_METHOD *biom); -int (*BIO_meth_get_write(const BIO_METHOD *biom))(BIO *, const char *, int); -int BIO_meth_set_write(BIO_METHOD *biom, - int (*write)(BIO *, const char *, int)); -int (*BIO_meth_get_read(const BIO_METHOD *biom))(BIO *, char *, int); -int BIO_meth_set_read(BIO_METHOD *biom, int (*read)(BIO *, char *, int)); -int (*BIO_meth_get_puts(const BIO_METHOD *biom))(BIO *, const char *); -int BIO_meth_set_puts(BIO_METHOD *biom, int (*puts)(BIO *, const char *)); -int (*BIO_meth_get_gets(const BIO_METHOD *biom))(BIO *, char *, int); -int BIO_meth_set_gets(BIO_METHOD *biom, int (*gets)(BIO *, char *, int)); -long (*BIO_meth_get_ctrl(const BIO_METHOD *biom))(BIO *, int, long, void *); -int BIO_meth_set_ctrl(BIO_METHOD *biom, long (*ctrl)(BIO *, int, long, void *)); -int (*BIO_meth_get_create(const BIO_METHOD *biom))(BIO *); -int BIO_meth_set_create(BIO_METHOD *biom, int (*create)(BIO *)); -int (*BIO_meth_get_destroy(const BIO_METHOD *biom))(BIO *); -int BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy)(BIO *)); -long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom))(BIO *, int, BIO_info_cb *); -int BIO_meth_set_callback_ctrl(BIO_METHOD *biom, - long (*callback_ctrl)(BIO *, int, BIO_info_cb *)); - -/* connect BIO stuff */ -#define BIO_CONN_S_BEFORE 1 -#define BIO_CONN_S_GET_IP 2 -#define BIO_CONN_S_GET_PORT 3 -#define BIO_CONN_S_CREATE_SOCKET 4 -#define BIO_CONN_S_CONNECT 5 -#define BIO_CONN_S_OK 6 -#define BIO_CONN_S_BLOCKED_CONNECT 7 -#define BIO_CONN_S_NBIO 8 -/*#define BIO_CONN_get_param_hostname BIO_ctrl */ - -#define BIO_C_SET_CONNECT 100 -#define BIO_C_DO_STATE_MACHINE 101 -#define BIO_C_SET_NBIO 102 -#define BIO_C_SET_PROXY_PARAM 103 -#define BIO_C_SET_FD 104 -#define BIO_C_GET_FD 105 -#define BIO_C_SET_FILE_PTR 106 -#define BIO_C_GET_FILE_PTR 107 -#define BIO_C_SET_FILENAME 108 -#define BIO_C_SET_SSL 109 -#define BIO_C_GET_SSL 110 -#define BIO_C_SET_MD 111 -#define BIO_C_GET_MD 112 -#define BIO_C_GET_CIPHER_STATUS 113 -#define BIO_C_SET_BUF_MEM 114 -#define BIO_C_GET_BUF_MEM_PTR 115 -#define BIO_C_GET_BUFF_NUM_LINES 116 -#define BIO_C_SET_BUFF_SIZE 117 -#define BIO_C_SET_ACCEPT 118 -#define BIO_C_SSL_MODE 119 -#define BIO_C_GET_MD_CTX 120 -#define BIO_C_GET_PROXY_PARAM 121 -#define BIO_C_SET_BUFF_READ_DATA 122 /* data to read first */ -#define BIO_C_GET_CONNECT 123 -#define BIO_C_GET_ACCEPT 124 -#define BIO_C_SET_SSL_RENEGOTIATE_BYTES 125 -#define BIO_C_GET_SSL_NUM_RENEGOTIATES 126 -#define BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT 127 -#define BIO_C_FILE_SEEK 128 -#define BIO_C_GET_CIPHER_CTX 129 -#define BIO_C_SET_BUF_MEM_EOF_RETURN 130/*return end of input value*/ -#define BIO_C_SET_BIND_MODE 131 -#define BIO_C_GET_BIND_MODE 132 -#define BIO_C_FILE_TELL 133 -#define BIO_C_GET_SOCKS 134 -#define BIO_C_SET_SOCKS 135 - -#define BIO_C_SET_WRITE_BUF_SIZE 136/* for BIO_s_bio */ -#define BIO_C_GET_WRITE_BUF_SIZE 137 -#define BIO_C_MAKE_BIO_PAIR 138 -#define BIO_C_DESTROY_BIO_PAIR 139 -#define BIO_C_GET_WRITE_GUARANTEE 140 -#define BIO_C_GET_READ_REQUEST 141 -#define BIO_C_SHUTDOWN_WR 142 -#define BIO_C_NREAD0 143 -#define BIO_C_NREAD 144 -#define BIO_C_NWRITE0 145 -#define BIO_C_NWRITE 146 -#define BIO_C_RESET_READ_REQUEST 147 -#define BIO_C_SET_MD_CTX 148 - -#define BIO_C_SET_PREFIX 149 -#define BIO_C_GET_PREFIX 150 -#define BIO_C_SET_SUFFIX 151 -#define BIO_C_GET_SUFFIX 152 - -#define BIO_C_SET_EX_ARG 153 -#define BIO_C_GET_EX_ARG 154 - -#define BIO_set_app_data(s,arg) BIO_set_ex_data(s,0,arg) -#define BIO_get_app_data(s) BIO_get_ex_data(s,0) - -/* BIO_s_connect() and BIO_s_socks4a_connect() */ -#define BIO_set_conn_hostname(b,name) BIO_ctrl(b,BIO_C_SET_CONNECT,0,(char *)name) -#define BIO_set_conn_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,1,(char *)port) -#define BIO_set_conn_ip(b,ip) BIO_ctrl(b,BIO_C_SET_CONNECT,2,(char *)ip) -#define BIO_set_conn_int_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,3,(char *)port) -#define BIO_get_conn_hostname(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0) -#define BIO_get_conn_port(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1) -#define BIO_get_conn_ip(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,2) -#define BIO_get_conn_int_port(b) BIO_int_ctrl(b,BIO_C_GET_CONNECT,3,0) - - -#define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) - -/* BIO_s_accept_socket() */ -#define BIO_set_accept_port(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0,(char *)name) -#define BIO_get_accept_port(b) BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0) -/* #define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) */ -#define BIO_set_nbio_accept(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,1,(n)?(void *)"a":NULL) -#define BIO_set_accept_bios(b,bio) BIO_ctrl(b,BIO_C_SET_ACCEPT,2,(char *)bio) - -#define BIO_BIND_NORMAL 0 -#define BIO_BIND_REUSEADDR_IF_UNUSED 1 -#define BIO_BIND_REUSEADDR 2 -#define BIO_set_bind_mode(b,mode) BIO_ctrl(b,BIO_C_SET_BIND_MODE,mode,NULL) -#define BIO_get_bind_mode(b,mode) BIO_ctrl(b,BIO_C_GET_BIND_MODE,0,NULL) - -#define BIO_do_connect(b) BIO_do_handshake(b) -#define BIO_do_accept(b) BIO_do_handshake(b) -#define BIO_do_handshake(b) BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL) - -/* BIO_s_proxy_client() */ -#define BIO_set_url(b,url) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,0,(char *)(url)) -#define BIO_set_proxies(b,p) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,1,(char *)(p)) -/* BIO_set_nbio(b,n) */ -#define BIO_set_filter_bio(b,s) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,2,(char *)(s)) -/* BIO *BIO_get_filter_bio(BIO *bio); */ -#define BIO_set_proxy_cb(b,cb) BIO_callback_ctrl(b,BIO_C_SET_PROXY_PARAM,3,(void *(*cb)())) -#define BIO_set_proxy_header(b,sk) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,4,(char *)sk) -#define BIO_set_no_connect_return(b,bool) BIO_int_ctrl(b,BIO_C_SET_PROXY_PARAM,5,bool) - -#define BIO_get_proxy_header(b,skp) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,0,(char *)skp) -#define BIO_get_proxies(b,pxy_p) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,1,(char *)(pxy_p)) -#define BIO_get_url(b,url) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,2,(char *)(url)) -#define BIO_get_no_connect_return(b) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,5,NULL) - -#define BIO_set_fd(b,fd,c) BIO_int_ctrl(b,BIO_C_SET_FD,c,fd) -#define BIO_get_fd(b,c) BIO_ctrl(b,BIO_C_GET_FD,0,(char *)c) - -#define BIO_set_fp(b,fp,c) BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,(char *)fp) -#define BIO_get_fp(b,fpp) BIO_ctrl(b,BIO_C_GET_FILE_PTR,0,(char *)fpp) - -#define BIO_seek(b,ofs) (int)BIO_ctrl(b,BIO_C_FILE_SEEK,ofs,NULL) -#define BIO_tell(b) (int)BIO_ctrl(b,BIO_C_FILE_TELL,0,NULL) - -/* name is cast to lose const, but might be better to route through a function - so we can do it safely */ -#define BIO_read_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \ - BIO_CLOSE|BIO_FP_READ,(char *)name) -#define BIO_write_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \ - BIO_CLOSE|BIO_FP_WRITE,name) -#define BIO_append_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \ - BIO_CLOSE|BIO_FP_APPEND,name) -#define BIO_rw_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \ - BIO_CLOSE|BIO_FP_READ|BIO_FP_WRITE,name) - -/* WARNING WARNING, this ups the reference count on the read bio of the - * SSL structure. This is because the ssl read BIO is now pointed to by - * the next_bio field in the bio. So when you free the BIO, make sure - * you are doing a BIO_free_all() to catch the underlying BIO. */ -#define BIO_set_ssl(b,ssl,c) BIO_ctrl(b,BIO_C_SET_SSL,c,(char *)ssl) -#define BIO_get_ssl(b,sslp) BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)sslp) -#define BIO_set_ssl_mode(b,client) BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL) -#define BIO_set_ssl_renegotiate_bytes(b,num) \ - BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL) -#define BIO_get_num_renegotiates(b) \ - BIO_ctrl(b,BIO_C_GET_SSL_NUM_RENEGOTIATES,0,NULL) -#define BIO_set_ssl_renegotiate_timeout(b,seconds) \ - BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL) - -/* defined in evp.h */ -/* #define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,1,(char *)md) */ - -#define BIO_get_mem_data(b,pp) BIO_ctrl(b,BIO_CTRL_INFO,0,(char *)pp) -#define BIO_set_mem_buf(b,bm,c) BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,(char *)bm) -#define BIO_get_mem_ptr(b,pp) BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0,(char *)pp) -#define BIO_set_mem_eof_return(b,v) \ - BIO_ctrl(b,BIO_C_SET_BUF_MEM_EOF_RETURN,v,NULL) - -/* For the BIO_f_buffer() type */ -#define BIO_get_buffer_num_lines(b) BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL) -#define BIO_set_buffer_size(b,size) BIO_ctrl(b,BIO_C_SET_BUFF_SIZE,size,NULL) -#define BIO_set_read_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,0) -#define BIO_set_write_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,1) -#define BIO_set_buffer_read_data(b,buf,num) BIO_ctrl(b,BIO_C_SET_BUFF_READ_DATA,num,buf) - -/* Don't use the next one unless you know what you are doing :-) */ -#define BIO_dup_state(b,ret) BIO_ctrl(b,BIO_CTRL_DUP,0,(char *)(ret)) - -#define BIO_reset(b) (int)BIO_ctrl(b,BIO_CTRL_RESET,0,NULL) -#define BIO_eof(b) (int)BIO_ctrl(b,BIO_CTRL_EOF,0,NULL) -#define BIO_set_close(b,c) (int)BIO_ctrl(b,BIO_CTRL_SET_CLOSE,(c),NULL) -#define BIO_get_close(b) (int)BIO_ctrl(b,BIO_CTRL_GET_CLOSE,0,NULL) -#define BIO_pending(b) (int)BIO_ctrl(b,BIO_CTRL_PENDING,0,NULL) -#define BIO_wpending(b) (int)BIO_ctrl(b,BIO_CTRL_WPENDING,0,NULL) -/* ...pending macros have inappropriate return type */ -size_t BIO_ctrl_pending(BIO *b); -size_t BIO_ctrl_wpending(BIO *b); -#define BIO_flush(b) (int)BIO_ctrl(b,BIO_CTRL_FLUSH,0,NULL) -#define BIO_get_info_callback(b,cbp) (int)BIO_ctrl(b,BIO_CTRL_GET_CALLBACK,0, \ - cbp) -#define BIO_set_info_callback(b,cb) (int)BIO_callback_ctrl(b,BIO_CTRL_SET_CALLBACK,cb) - -/* For the BIO_f_buffer() type */ -#define BIO_buffer_get_num_lines(b) BIO_ctrl(b,BIO_CTRL_GET,0,NULL) - -/* For BIO_s_bio() */ -#define BIO_set_write_buf_size(b,size) (int)BIO_ctrl(b,BIO_C_SET_WRITE_BUF_SIZE,size,NULL) -#define BIO_get_write_buf_size(b,size) (size_t)BIO_ctrl(b,BIO_C_GET_WRITE_BUF_SIZE,size,NULL) -#define BIO_make_bio_pair(b1,b2) (int)BIO_ctrl(b1,BIO_C_MAKE_BIO_PAIR,0,b2) -#define BIO_destroy_bio_pair(b) (int)BIO_ctrl(b,BIO_C_DESTROY_BIO_PAIR,0,NULL) -#define BIO_shutdown_wr(b) (int)BIO_ctrl(b, BIO_C_SHUTDOWN_WR, 0, NULL) -/* macros with inappropriate type -- but ...pending macros use int too: */ -#define BIO_get_write_guarantee(b) (int)BIO_ctrl(b,BIO_C_GET_WRITE_GUARANTEE,0,NULL) -#define BIO_get_read_request(b) (int)BIO_ctrl(b,BIO_C_GET_READ_REQUEST,0,NULL) -size_t BIO_ctrl_get_write_guarantee(BIO *b); -size_t BIO_ctrl_get_read_request(BIO *b); -int BIO_ctrl_reset_read_request(BIO *b); - -/* ctrl macros for dgram */ -#define BIO_ctrl_dgram_connect(b,peer) \ - (int)BIO_ctrl(b,BIO_CTRL_DGRAM_CONNECT,0, (char *)peer) -#define BIO_ctrl_set_connected(b, state, peer) \ - (int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_CONNECTED, state, (char *)peer) -#define BIO_dgram_recv_timedout(b) \ - (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP, 0, NULL) -#define BIO_dgram_send_timedout(b) \ - (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP, 0, NULL) -#define BIO_dgram_get_peer(b,peer) \ - (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_PEER, 0, (char *)peer) -#define BIO_dgram_set_peer(b,peer) \ - (int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, (char *)peer) - -/* These two aren't currently implemented */ -/* int BIO_get_ex_num(BIO *bio); */ -/* void BIO_set_ex_free_func(BIO *bio,int idx,void (*cb)()); */ -int BIO_set_ex_data(BIO *bio, int idx, void *data); -void *BIO_get_ex_data(BIO *bio, int idx); -int -BIO_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, -CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -unsigned long BIO_number_read(BIO *bio); -unsigned long BIO_number_written(BIO *bio); - -/* For BIO_f_asn1() */ -int -BIO_asn1_set_prefix(BIO *b, asn1_ps_func *prefix, -asn1_ps_func *prefix_free); -int -BIO_asn1_get_prefix(BIO *b, asn1_ps_func **pprefix, -asn1_ps_func **pprefix_free); -int -BIO_asn1_set_suffix(BIO *b, asn1_ps_func *suffix, -asn1_ps_func *suffix_free); -int -BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix, -asn1_ps_func **psuffix_free); - -int BIO_get_new_index(void); -const BIO_METHOD *BIO_s_file(void); -BIO *BIO_new_file(const char *filename, const char *mode); -BIO *BIO_new_fp(FILE *stream, int close_flag); -# define BIO_s_file_internal BIO_s_file -BIO *BIO_new(const BIO_METHOD *type); -int BIO_set(BIO *a, const BIO_METHOD *type); -int BIO_free(BIO *a); -int BIO_up_ref(BIO *bio); -void *BIO_get_data(BIO *a); -void BIO_set_data(BIO *a, void *ptr); -void BIO_set_init(BIO *a, int init); -int BIO_get_shutdown(BIO *a); -void BIO_set_shutdown(BIO *a, int shut); -void BIO_vfree(BIO *a); -int BIO_read(BIO *b, void *data, int len) - __attribute__((__bounded__(__buffer__,2,3))); -int BIO_gets(BIO *bp, char *buf, int size) - __attribute__((__bounded__ (__string__,2,3))); -int BIO_write(BIO *b, const void *data, int len) - __attribute__((__bounded__(__buffer__,2,3))); -int BIO_puts(BIO *bp, const char *buf); -int BIO_indent(BIO *b, int indent, int max); -long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg); -long BIO_callback_ctrl(BIO *b, int cmd, - void (*fp)(struct bio_st *, int, const char *, int, long, long)); -char * BIO_ptr_ctrl(BIO *bp, int cmd, long larg); -long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg); -BIO * BIO_push(BIO *b, BIO *append); -BIO * BIO_pop(BIO *b); -void BIO_free_all(BIO *a); -BIO * BIO_find_type(BIO *b, int bio_type); -BIO * BIO_next(BIO *b); -BIO * BIO_get_retry_BIO(BIO *bio, int *reason); -int BIO_get_retry_reason(BIO *bio); -BIO * BIO_dup_chain(BIO *in); - -int BIO_nread0(BIO *bio, char **buf); -int BIO_nread(BIO *bio, char **buf, int num); -int BIO_nwrite0(BIO *bio, char **buf); -int BIO_nwrite(BIO *bio, char **buf, int num); - -long BIO_debug_callback(BIO *bio, int cmd, const char *argp, int argi, - long argl, long ret); - -const BIO_METHOD *BIO_s_mem(void); -BIO *BIO_new_mem_buf(const void *buf, int len); -const BIO_METHOD *BIO_s_socket(void); -const BIO_METHOD *BIO_s_connect(void); -const BIO_METHOD *BIO_s_accept(void); -const BIO_METHOD *BIO_s_fd(void); -const BIO_METHOD *BIO_s_log(void); -const BIO_METHOD *BIO_s_bio(void); -const BIO_METHOD *BIO_s_null(void); -const BIO_METHOD *BIO_f_null(void); -const BIO_METHOD *BIO_f_buffer(void); -const BIO_METHOD *BIO_f_nbio_test(void); -#ifndef OPENSSL_NO_DGRAM -const BIO_METHOD *BIO_s_datagram(void); -#endif - -/* BIO_METHOD *BIO_f_ber(void); */ - -int BIO_sock_should_retry(int i); -int BIO_sock_non_fatal_error(int _error); -int BIO_dgram_non_fatal_error(int _error); - -int BIO_fd_should_retry(int i); -int BIO_fd_non_fatal_error(int _error); -int -BIO_dump_cb(int (*cb)(const void *data, size_t len, void *u), -void *u, const char *s, int len); -int -BIO_dump_indent_cb(int (*cb)(const void *data, size_t len, void *u), -void *u, const char *s, int len, int indent); -int BIO_dump(BIO *b, const char *bytes, int len); -int BIO_dump_indent(BIO *b, const char *bytes, int len, int indent); -int BIO_dump_fp(FILE *fp, const char *s, int len); -int BIO_dump_indent_fp(FILE *fp, const char *s, int len, int indent); -struct hostent *BIO_gethostbyname(const char *name); -/* We might want a thread-safe interface too: - * struct hostent *BIO_gethostbyname_r(const char *name, - * struct hostent *result, void *buffer, size_t buflen); - * or something similar (caller allocates a struct hostent, - * pointed to by "result", and additional buffer space for the various - * substructures; if the buffer does not suffice, NULL is returned - * and an appropriate error code is set). - */ -int BIO_sock_error(int sock); -int BIO_socket_ioctl(int fd, long type, void *arg); -int BIO_socket_nbio(int fd, int mode); -int BIO_get_port(const char *str, unsigned short *port_ptr); -int BIO_get_host_ip(const char *str, unsigned char *ip); -int BIO_get_accept_socket(char *host_port, int mode); -int BIO_accept(int sock, char **ip_port); -int BIO_sock_init(void ); -void BIO_sock_cleanup(void); -int BIO_set_tcp_ndelay(int sock, int turn_on); - -BIO *BIO_new_socket(int sock, int close_flag); -BIO *BIO_new_dgram(int fd, int close_flag); -BIO *BIO_new_fd(int fd, int close_flag); -BIO *BIO_new_connect(const char *host_port); -BIO *BIO_new_accept(const char *host_port); - -int -BIO_new_bio_pair(BIO **bio1, size_t writebuf1, -BIO **bio2, size_t writebuf2); -/* If successful, returns 1 and in *bio1, *bio2 two BIO pair endpoints. - * Otherwise returns 0 and sets *bio1 and *bio2 to NULL. - * Size 0 uses default value. - */ - -void BIO_copy_next_retry(BIO *b); - -/*long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);*/ - -#ifdef __MINGW_PRINTF_FORMAT -int -BIO_printf(BIO *bio, const char *format, ...) - __attribute__((__format__(__MINGW_PRINTF_FORMAT, 2, 3), __nonnull__(2))); -int -BIO_vprintf(BIO *bio, const char *format, va_list args) - __attribute__((__format__(__MINGW_PRINTF_FORMAT, 2, 0), __nonnull__(2))); -int -BIO_snprintf(char *buf, size_t n, const char *format, ...) - __attribute__((__deprecated__, __format__(__MINGW_PRINTF_FORMAT, 3, 4), - __nonnull__(3))); -int -BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args) - __attribute__((__deprecated__, __format__(__MINGW_PRINTF_FORMAT, 3, 0), - __nonnull__(3))); -#else -int -BIO_printf(BIO *bio, const char *format, ...) - __attribute__((__format__(__printf__, 2, 3), __nonnull__(2))); -int -BIO_vprintf(BIO *bio, const char *format, va_list args) - __attribute__((__format__(__printf__, 2, 0), __nonnull__(2))); -int -BIO_snprintf(char *buf, size_t n, const char *format, ...) - __attribute__((__deprecated__, __format__(__printf__, 3, 4), - __nonnull__(3))); -int -BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args) - __attribute__((__deprecated__, __format__(__printf__, 3, 0), - __nonnull__(3))); -#endif - - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_BIO_strings(void); - -/* Error codes for the BIO functions. */ - -/* Function codes. */ -#define BIO_F_ACPT_STATE 100 -#define BIO_F_BIO_ACCEPT 101 -#define BIO_F_BIO_BER_GET_HEADER 102 -#define BIO_F_BIO_CALLBACK_CTRL 131 -#define BIO_F_BIO_CTRL 103 -#define BIO_F_BIO_GETHOSTBYNAME 120 -#define BIO_F_BIO_GETS 104 -#define BIO_F_BIO_GET_ACCEPT_SOCKET 105 -#define BIO_F_BIO_GET_HOST_IP 106 -#define BIO_F_BIO_GET_PORT 107 -#define BIO_F_BIO_MAKE_PAIR 121 -#define BIO_F_BIO_NEW 108 -#define BIO_F_BIO_NEW_FILE 109 -#define BIO_F_BIO_NEW_MEM_BUF 126 -#define BIO_F_BIO_NREAD 123 -#define BIO_F_BIO_NREAD0 124 -#define BIO_F_BIO_NWRITE 125 -#define BIO_F_BIO_NWRITE0 122 -#define BIO_F_BIO_PUTS 110 -#define BIO_F_BIO_READ 111 -#define BIO_F_BIO_SOCK_INIT 112 -#define BIO_F_BIO_WRITE 113 -#define BIO_F_BUFFER_CTRL 114 -#define BIO_F_CONN_CTRL 127 -#define BIO_F_CONN_STATE 115 -#define BIO_F_DGRAM_SCTP_READ 132 -#define BIO_F_FILE_CTRL 116 -#define BIO_F_FILE_READ 130 -#define BIO_F_LINEBUFFER_CTRL 129 -#define BIO_F_MEM_READ 128 -#define BIO_F_MEM_WRITE 117 -#define BIO_F_SSL_NEW 118 -#define BIO_F_WSASTARTUP 119 - -/* Reason codes. */ -#define BIO_R_ACCEPT_ERROR 100 -#define BIO_R_BAD_FOPEN_MODE 101 -#define BIO_R_BAD_HOSTNAME_LOOKUP 102 -#define BIO_R_BROKEN_PIPE 124 -#define BIO_R_CONNECT_ERROR 103 -#define BIO_R_EOF_ON_MEMORY_BIO 127 -#define BIO_R_ERROR_SETTING_NBIO 104 -#define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET 105 -#define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET 106 -#define BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET 107 -#define BIO_R_INVALID_ARGUMENT 125 -#define BIO_R_INVALID_IP_ADDRESS 108 -#define BIO_R_INVALID_PORT_NUMBER 129 -#define BIO_R_IN_USE 123 -#define BIO_R_KEEPALIVE 109 -#define BIO_R_NBIO_CONNECT_ERROR 110 -#define BIO_R_NO_ACCEPT_PORT_SPECIFIED 111 -#define BIO_R_NO_HOSTNAME_SPECIFIED 112 -#define BIO_R_NO_PORT_DEFINED 113 -#define BIO_R_NO_PORT_SPECIFIED 114 -#define BIO_R_NO_SUCH_FILE 128 -#define BIO_R_NULL_PARAMETER 115 -#define BIO_R_TAG_MISMATCH 116 -#define BIO_R_UNABLE_TO_BIND_SOCKET 117 -#define BIO_R_UNABLE_TO_CREATE_SOCKET 118 -#define BIO_R_UNABLE_TO_LISTEN_SOCKET 119 -#define BIO_R_UNINITIALIZED 120 -#define BIO_R_UNSUPPORTED_METHOD 121 -#define BIO_R_WRITE_TO_READ_ONLY_BIO 126 -#define BIO_R_WSASTARTUP 122 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/openssl/blowfish.h b/libressl/include64/openssl/blowfish.h deleted file mode 100644 index 4d2db805..00000000 --- a/libressl/include64/openssl/blowfish.h +++ /dev/null @@ -1,112 +0,0 @@ -/* $OpenBSD: blowfish.h,v 1.14 2014/07/10 09:01:04 miod Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_BLOWFISH_H -#define HEADER_BLOWFISH_H - -#include <openssl/opensslconf.h> - -#ifdef __cplusplus -extern "C" { -#endif - -#ifdef OPENSSL_NO_BF -#error BF is disabled. -#endif - -#define BF_ENCRYPT 1 -#define BF_DECRYPT 0 - -/* - * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - * ! BF_LONG has to be at least 32 bits wide. If it's wider, then ! - * ! BF_LONG_LOG2 has to be defined along. ! - * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - */ - -#define BF_LONG unsigned int - -#define BF_ROUNDS 16 -#define BF_BLOCK 8 - -typedef struct bf_key_st - { - BF_LONG P[BF_ROUNDS+2]; - BF_LONG S[4*256]; - } BF_KEY; - -void BF_set_key(BF_KEY *key, int len, const unsigned char *data); - -void BF_encrypt(BF_LONG *data,const BF_KEY *key); -void BF_decrypt(BF_LONG *data,const BF_KEY *key); - -void BF_ecb_encrypt(const unsigned char *in, unsigned char *out, - const BF_KEY *key, int enc); -void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, - const BF_KEY *schedule, unsigned char *ivec, int enc); -void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length, - const BF_KEY *schedule, unsigned char *ivec, int *num, int enc); -void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out, long length, - const BF_KEY *schedule, unsigned char *ivec, int *num); -const char *BF_options(void); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/libressl/include64/openssl/bn.h b/libressl/include64/openssl/bn.h deleted file mode 100644 index cc1f4675..00000000 --- a/libressl/include64/openssl/bn.h +++ /dev/null @@ -1,782 +0,0 @@ -/* $OpenBSD: bn.h,v 1.39 2019/08/25 19:23:59 schwarze Exp $ */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * - * Portions of the attached software ("Contribution") are developed by - * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. - * - * The Contribution is licensed pursuant to the Eric Young open source - * license provided above. - * - * The binary polynomial arithmetic software is originally written by - * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. - * - */ - -#ifndef HEADER_BN_H -#define HEADER_BN_H - -#include <stdio.h> -#include <stdlib.h> - -#include <openssl/opensslconf.h> - -#include <openssl/ossl_typ.h> -#include <openssl/crypto.h> -#include <openssl/bio.h> - -#ifdef __cplusplus -extern "C" { -#endif - -/* These preprocessor symbols control various aspects of the bignum headers and - * library code. They're not defined by any "normal" configuration, as they are - * intended for development and testing purposes. NB: defining all three can be - * useful for debugging application code as well as openssl itself. - * - * BN_DEBUG - turn on various debugging alterations to the bignum code - * BN_DEBUG_RAND - uses random poisoning of unused words to trip up - * mismanagement of bignum internals. You must also define BN_DEBUG. - */ -/* #define BN_DEBUG */ -/* #define BN_DEBUG_RAND */ - -#ifndef OPENSSL_SMALL_FOOTPRINT -#define BN_MUL_COMBA -#define BN_SQR_COMBA -#define BN_RECURSION -#endif - -/* This next option uses the C libraries (2 word)/(1 word) function. - * If it is not defined, I use my C version (which is slower). - * The reason for this flag is that when the particular C compiler - * library routine is used, and the library is linked with a different - * compiler, the library is missing. This mostly happens when the - * library is built with gcc and then linked using normal cc. This would - * be a common occurrence because gcc normally produces code that is - * 2 times faster than system compilers for the big number stuff. - * For machines with only one compiler (or shared libraries), this should - * be on. Again this in only really a problem on machines - * using "long long's", are 32bit, and are not using my assembler code. */ -/* #define BN_DIV2W */ - -#ifdef _LP64 -#undef BN_LLONG -#define BN_ULONG unsigned long -#define BN_LONG long -#define BN_BITS 128 -#define BN_BYTES 8 -#define BN_BITS2 64 -#define BN_BITS4 32 -#define BN_MASK2 (0xffffffffffffffffL) -#define BN_MASK2l (0xffffffffL) -#define BN_MASK2h (0xffffffff00000000L) -#define BN_MASK2h1 (0xffffffff80000000L) -#define BN_TBIT (0x8000000000000000L) -#define BN_DEC_CONV (10000000000000000000UL) -#define BN_DEC_FMT1 "%lu" -#define BN_DEC_FMT2 "%019lu" -#define BN_DEC_NUM 19 -#define BN_HEX_FMT1 "%lX" -#define BN_HEX_FMT2 "%016lX" -#else -#define BN_ULLONG unsigned long long -#define BN_LLONG -#define BN_ULONG unsigned int -#define BN_LONG int -#define BN_BITS 64 -#define BN_BYTES 4 -#define BN_BITS2 32 -#define BN_BITS4 16 -#define BN_MASK (0xffffffffffffffffLL) -#define BN_MASK2 (0xffffffffL) -#define BN_MASK2l (0xffff) -#define BN_MASK2h1 (0xffff8000L) -#define BN_MASK2h (0xffff0000L) -#define BN_TBIT (0x80000000L) -#define BN_DEC_CONV (1000000000L) -#define BN_DEC_FMT1 "%u" -#define BN_DEC_FMT2 "%09u" -#define BN_DEC_NUM 9 -#define BN_HEX_FMT1 "%X" -#define BN_HEX_FMT2 "%08X" -#endif - -#define BN_FLG_MALLOCED 0x01 -#define BN_FLG_STATIC_DATA 0x02 -#define BN_FLG_CONSTTIME 0x04 /* avoid leaking exponent information through timing, - * BN_mod_exp_mont() will call BN_mod_exp_mont_consttime, - * BN_div() will call BN_div_no_branch, - * BN_mod_inverse() will call BN_mod_inverse_no_branch. - */ - -#ifndef OPENSSL_NO_DEPRECATED -#define BN_FLG_EXP_CONSTTIME BN_FLG_CONSTTIME /* deprecated name for the flag */ - /* avoid leaking exponent information through timings - * (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime) */ -#endif - -#ifndef OPENSSL_NO_DEPRECATED -#define BN_FLG_FREE 0x8000 /* used for debuging */ -#endif -#define BN_set_flags(b,n) ((b)->flags|=(n)) -#define BN_get_flags(b,n) ((b)->flags&(n)) - -/* get a clone of a BIGNUM with changed flags, for *temporary* use only - * (the two BIGNUMs cannot not be used in parallel!) */ -#define BN_with_flags(dest,b,n) ((dest)->d=(b)->d, \ - (dest)->top=(b)->top, \ - (dest)->dmax=(b)->dmax, \ - (dest)->neg=(b)->neg, \ - (dest)->flags=(((dest)->flags & BN_FLG_MALLOCED) \ - | ((b)->flags & ~BN_FLG_MALLOCED) \ - | BN_FLG_STATIC_DATA \ - | (n))) - -struct bignum_st { - BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit chunks. */ - int top; /* Index of last used d +1. */ - /* The next are internal book keeping for bn_expand. */ - int dmax; /* Size of the d array. */ - int neg; /* one if the number is negative */ - int flags; -}; - -/* Used for montgomery multiplication */ -struct bn_mont_ctx_st { - int ri; /* number of bits in R */ - BIGNUM RR; /* used to convert to montgomery form */ - BIGNUM N; /* The modulus */ - BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1 - * (Ni is only stored for bignum algorithm) */ - BN_ULONG n0[2];/* least significant word(s) of Ni; - (type changed with 0.9.9, was "BN_ULONG n0;" before) */ - int flags; -}; - -/* Used for reciprocal division/mod functions - * It cannot be shared between threads - */ -struct bn_recp_ctx_st { - BIGNUM N; /* the divisor */ - BIGNUM Nr; /* the reciprocal */ - int num_bits; - int shift; - int flags; -}; - -/* Used for slow "generation" functions. */ -struct bn_gencb_st { - unsigned int ver; /* To handle binary (in)compatibility */ - void *arg; /* callback-specific data */ - union { - /* if(ver==1) - handles old style callbacks */ - void (*cb_1)(int, int, void *); - /* if(ver==2) - new callback style */ - int (*cb_2)(int, int, BN_GENCB *); - } cb; -}; - -BN_GENCB *BN_GENCB_new(void); -void BN_GENCB_free(BN_GENCB *cb); -void *BN_GENCB_get_arg(BN_GENCB *cb); - -/* Wrapper function to make using BN_GENCB easier, */ -int BN_GENCB_call(BN_GENCB *cb, int a, int b); -/* Macro to populate a BN_GENCB structure with an "old"-style callback */ -#define BN_GENCB_set_old(gencb, callback, cb_arg) { \ - BN_GENCB *tmp_gencb = (gencb); \ - tmp_gencb->ver = 1; \ - tmp_gencb->arg = (cb_arg); \ - tmp_gencb->cb.cb_1 = (callback); } -/* Macro to populate a BN_GENCB structure with a "new"-style callback */ -#define BN_GENCB_set(gencb, callback, cb_arg) { \ - BN_GENCB *tmp_gencb = (gencb); \ - tmp_gencb->ver = 2; \ - tmp_gencb->arg = (cb_arg); \ - tmp_gencb->cb.cb_2 = (callback); } - -#define BN_prime_checks 0 /* default: select number of iterations - based on the size of the number */ - -/* - * BN_prime_checks_for_size() returns the number of Miller-Rabin - * iterations that will be done for checking that a random number - * is probably prime. The error rate for accepting a composite - * number as prime depends on the size of the prime |b|. The error - * rates used are for calculating an RSA key with 2 primes, and so - * the level is what you would expect for a key of double the size - * of the prime. - * - * This table is generated using the algorithm of FIPS PUB 186-4 - * Digital Signature Standard (DSS), section F.1, page 117. - * (https://dx.doi.org/10.6028/NIST.FIPS.186-4) - * - * The following magma script was used to generate the output: - * securitybits:=125; - * k:=1024; - * for t:=1 to 65 do - * for M:=3 to Floor(2*Sqrt(k-1)-1) do - * S:=0; - * // Sum over m - * for m:=3 to M do - * s:=0; - * // Sum over j - * for j:=2 to m do - * s+:=(RealField(32)!2)^-(j+(k-1)/j); - * end for; - * S+:=2^(m-(m-1)*t)*s; - * end for; - * A:=2^(k-2-M*t); - * B:=8*(Pi(RealField(32))^2-6)/3*2^(k-2)*S; - * pkt:=2.00743*Log(2)*k*2^-k*(A+B); - * seclevel:=Floor(-Log(2,pkt)); - * if seclevel ge securitybits then - * printf "k: %5o, security: %o bits (t: %o, M: %o)\n",k,seclevel,t,M; - * break; - * end if; - * end for; - * if seclevel ge securitybits then break; end if; - * end for; - * - * It can be run online at: - * http://magma.maths.usyd.edu.au/calc - * - * And will output: - * k: 1024, security: 129 bits (t: 6, M: 23) - * - * k is the number of bits of the prime, securitybits is the level - * we want to reach. - * - * prime length | RSA key size | # MR tests | security level - * -------------+--------------|------------+--------------- - * (b) >= 6394 | >= 12788 | 3 | 256 bit - * (b) >= 3747 | >= 7494 | 3 | 192 bit - * (b) >= 1345 | >= 2690 | 4 | 128 bit - * (b) >= 1080 | >= 2160 | 5 | 128 bit - * (b) >= 852 | >= 1704 | 5 | 112 bit - * (b) >= 476 | >= 952 | 5 | 80 bit - * (b) >= 400 | >= 800 | 6 | 80 bit - * (b) >= 347 | >= 694 | 7 | 80 bit - * (b) >= 308 | >= 616 | 8 | 80 bit - * (b) >= 55 | >= 110 | 27 | 64 bit - * (b) >= 6 | >= 12 | 34 | 64 bit - */ - -#define BN_prime_checks_for_size(b) ((b) >= 3747 ? 3 : \ - (b) >= 1345 ? 4 : \ - (b) >= 476 ? 5 : \ - (b) >= 400 ? 6 : \ - (b) >= 347 ? 7 : \ - (b) >= 308 ? 8 : \ - (b) >= 55 ? 27 : \ - /* b >= 6 */ 34) - -#define BN_num_bytes(a) ((BN_num_bits(a)+7)/8) - -/* Note that BN_abs_is_word didn't work reliably for w == 0 until 0.9.8 */ -#define BN_abs_is_word(a,w) ((((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w))) || \ - (((w) == 0) && ((a)->top == 0))) -#define BN_is_zero(a) ((a)->top == 0) -#define BN_is_one(a) (BN_abs_is_word((a),1) && !(a)->neg) -#define BN_is_word(a,w) (BN_abs_is_word((a),(w)) && (!(w) || !(a)->neg)) -#define BN_is_odd(a) (((a)->top > 0) && ((a)->d[0] & 1)) - -#define BN_one(a) (BN_set_word((a),1)) -#define BN_zero_ex(a) \ - do { \ - BIGNUM *_tmp_bn = (a); \ - _tmp_bn->top = 0; \ - _tmp_bn->neg = 0; \ - } while(0) - -#ifdef OPENSSL_NO_DEPRECATED -#define BN_zero(a) BN_zero_ex(a) -#else -#define BN_zero(a) (BN_set_word((a),0)) -#endif - -const BIGNUM *BN_value_one(void); -char * BN_options(void); -BN_CTX *BN_CTX_new(void); -#ifndef OPENSSL_NO_DEPRECATED -void BN_CTX_init(BN_CTX *c); -#endif -void BN_CTX_free(BN_CTX *c); -void BN_CTX_start(BN_CTX *ctx); -BIGNUM *BN_CTX_get(BN_CTX *ctx); -void BN_CTX_end(BN_CTX *ctx); -int BN_rand(BIGNUM *rnd, int bits, int top, int bottom); -int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom); -int BN_rand_range(BIGNUM *rnd, const BIGNUM *range); -int BN_pseudo_rand_range(BIGNUM *rnd, const BIGNUM *range); -int BN_num_bits(const BIGNUM *a); -int BN_num_bits_word(BN_ULONG); -BIGNUM *BN_new(void); -void BN_init(BIGNUM *); -void BN_clear_free(BIGNUM *a); -BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b); -void BN_swap(BIGNUM *a, BIGNUM *b); -BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret); -int BN_bn2bin(const BIGNUM *a, unsigned char *to); -BIGNUM *BN_mpi2bn(const unsigned char *s, int len, BIGNUM *ret); -int BN_bn2mpi(const BIGNUM *a, unsigned char *to); -int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); -int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); -int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); -int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); -int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); -int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx); -/** BN_set_negative sets sign of a BIGNUM - * \param b pointer to the BIGNUM object - * \param n 0 if the BIGNUM b should be positive and a value != 0 otherwise - */ -void BN_set_negative(BIGNUM *b, int n); -/** BN_is_negative returns 1 if the BIGNUM is negative - * \param a pointer to the BIGNUM object - * \return 1 if a < 0 and 0 otherwise - */ -#define BN_is_negative(a) ((a)->neg != 0) - -#ifndef LIBRESSL_INTERNAL -int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, - BN_CTX *ctx); -#define BN_mod(rem,m,d,ctx) BN_div(NULL,(rem),(m),(d),(ctx)) -#endif -int BN_nnmod(BIGNUM *r, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx); -int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx); -int BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m); -int BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx); -int BN_mod_sub_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m); -int BN_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, - const BIGNUM *m, BN_CTX *ctx); -int BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); -int BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); -int BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *m); -int BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m, BN_CTX *ctx); -int BN_mod_lshift_quick(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m); - -BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w); -BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w); -int BN_mul_word(BIGNUM *a, BN_ULONG w); -int BN_add_word(BIGNUM *a, BN_ULONG w); -int BN_sub_word(BIGNUM *a, BN_ULONG w); -int BN_set_word(BIGNUM *a, BN_ULONG w); -BN_ULONG BN_get_word(const BIGNUM *a); - -int BN_cmp(const BIGNUM *a, const BIGNUM *b); -void BN_free(BIGNUM *a); -int BN_is_bit_set(const BIGNUM *a, int n); -int BN_lshift(BIGNUM *r, const BIGNUM *a, int n); -int BN_lshift1(BIGNUM *r, const BIGNUM *a); -int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx); - -#ifndef LIBRESSL_INTERNAL -int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx); -int BN_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); -#endif -int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont); -int BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); -int BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1, const BIGNUM *p1, - const BIGNUM *a2, const BIGNUM *p2, const BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *m_ctx); -int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx); - -int BN_mask_bits(BIGNUM *a, int n); -int BN_print_fp(FILE *fp, const BIGNUM *a); -int BN_print(BIO *fp, const BIGNUM *a); -int BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx); -int BN_rshift(BIGNUM *r, const BIGNUM *a, int n); -int BN_rshift1(BIGNUM *r, const BIGNUM *a); -void BN_clear(BIGNUM *a); -BIGNUM *BN_dup(const BIGNUM *a); -int BN_ucmp(const BIGNUM *a, const BIGNUM *b); -int BN_set_bit(BIGNUM *a, int n); -int BN_clear_bit(BIGNUM *a, int n); -char * BN_bn2hex(const BIGNUM *a); -char * BN_bn2dec(const BIGNUM *a); -int BN_hex2bn(BIGNUM **a, const char *str); -int BN_dec2bn(BIGNUM **a, const char *str); -int BN_asc2bn(BIGNUM **a, const char *str); -#ifndef LIBRESSL_INTERNAL -int BN_gcd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); -#endif -int BN_kronecker(const BIGNUM *a,const BIGNUM *b,BN_CTX *ctx); /* returns -2 for error */ -#ifndef LIBRESSL_INTERNAL -BIGNUM *BN_mod_inverse(BIGNUM *ret, - const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx); -#endif -BIGNUM *BN_mod_sqrt(BIGNUM *ret, - const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx); - -void BN_consttime_swap(BN_ULONG swap, BIGNUM *a, BIGNUM *b, int nwords); - -/* Deprecated versions */ -#ifndef OPENSSL_NO_DEPRECATED -BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe, - const BIGNUM *add, const BIGNUM *rem, - void (*callback)(int, int, void *), void *cb_arg); -int BN_is_prime(const BIGNUM *p, int nchecks, - void (*callback)(int, int, void *), - BN_CTX *ctx, void *cb_arg); -int BN_is_prime_fasttest(const BIGNUM *p, int nchecks, - void (*callback)(int, int, void *), BN_CTX *ctx, void *cb_arg, - int do_trial_division); -#endif /* !defined(OPENSSL_NO_DEPRECATED) */ - -/* Newer versions */ -int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add, - const BIGNUM *rem, BN_GENCB *cb); -int BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, BN_GENCB *cb); -int BN_is_prime_fasttest_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, - int do_trial_division, BN_GENCB *cb); - -int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx); - -int BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, - const BIGNUM *Xp, const BIGNUM *Xp1, const BIGNUM *Xp2, - const BIGNUM *e, BN_CTX *ctx, BN_GENCB *cb); -int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, - BIGNUM *Xp1, BIGNUM *Xp2, - const BIGNUM *Xp, - const BIGNUM *e, BN_CTX *ctx, - BN_GENCB *cb); - -BN_MONT_CTX *BN_MONT_CTX_new(void ); -void BN_MONT_CTX_init(BN_MONT_CTX *ctx); -int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, - BN_MONT_CTX *mont, BN_CTX *ctx); -#define BN_to_montgomery(r,a,mont,ctx) BN_mod_mul_montgomery(\ - (r),(a),&((mont)->RR),(mont),(ctx)) -int BN_from_montgomery(BIGNUM *r, const BIGNUM *a, - BN_MONT_CTX *mont, BN_CTX *ctx); -void BN_MONT_CTX_free(BN_MONT_CTX *mont); -int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx); -BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from); -BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock, - const BIGNUM *mod, BN_CTX *ctx); - -/* BN_BLINDING flags */ -#define BN_BLINDING_NO_UPDATE 0x00000001 -#define BN_BLINDING_NO_RECREATE 0x00000002 - -BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod); -void BN_BLINDING_free(BN_BLINDING *b); -int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx); -int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx); -int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx); -int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *); -int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *); -#ifndef OPENSSL_NO_DEPRECATED -unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *); -void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long); -#endif -CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *); -unsigned long BN_BLINDING_get_flags(const BN_BLINDING *); -void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long); -BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b, - const BIGNUM *e, BIGNUM *m, BN_CTX *ctx, - int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx), - BN_MONT_CTX *m_ctx); - -#ifndef OPENSSL_NO_DEPRECATED -void BN_set_params(int mul, int high, int low, int mont); -int BN_get_params(int which); /* 0, mul, 1 high, 2 low, 3 mont */ -#endif - -void BN_RECP_CTX_init(BN_RECP_CTX *recp); -BN_RECP_CTX *BN_RECP_CTX_new(void); -void BN_RECP_CTX_free(BN_RECP_CTX *recp); -int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *rdiv, BN_CTX *ctx); -int BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y, - BN_RECP_CTX *recp, BN_CTX *ctx); -int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx); -int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, - BN_RECP_CTX *recp, BN_CTX *ctx); - -#ifndef OPENSSL_NO_EC2M - -/* Functions for arithmetic over binary polynomials represented by BIGNUMs. - * - * The BIGNUM::neg property of BIGNUMs representing binary polynomials is - * ignored. - * - * Note that input arguments are not const so that their bit arrays can - * be expanded to the appropriate size if needed. - */ - -int BN_GF2m_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); /*r = a + b*/ -#define BN_GF2m_sub(r, a, b) BN_GF2m_add(r, a, b) -int BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p); /*r=a mod p*/ -int -BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, - const BIGNUM *p, BN_CTX *ctx); /* r = (a * b) mod p */ -int -BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - BN_CTX *ctx); /* r = (a * a) mod p */ -int -BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *b, const BIGNUM *p, - BN_CTX *ctx); /* r = (1 / b) mod p */ -int -BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, - const BIGNUM *p, BN_CTX *ctx); /* r = (a / b) mod p */ -int -BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, - const BIGNUM *p, BN_CTX *ctx); /* r = (a ^ b) mod p */ -int -BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - BN_CTX *ctx); /* r = sqrt(a) mod p */ -int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - BN_CTX *ctx); /* r^2 + r = a mod p */ -#define BN_GF2m_cmp(a, b) BN_ucmp((a), (b)) -/* Some functions allow for representation of the irreducible polynomials - * as an unsigned int[], say p. The irreducible f(t) is then of the form: - * t^p[0] + t^p[1] + ... + t^p[k] - * where m = p[0] > p[1] > ... > p[k] = 0. - */ -int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const int p[]); -/* r = a mod p */ -int BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, - const int p[], BN_CTX *ctx); /* r = (a * b) mod p */ -int BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const int p[], - BN_CTX *ctx); /* r = (a * a) mod p */ -int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *b, const int p[], - BN_CTX *ctx); /* r = (1 / b) mod p */ -int BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, - const int p[], BN_CTX *ctx); /* r = (a / b) mod p */ -int BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, - const int p[], BN_CTX *ctx); /* r = (a ^ b) mod p */ -int BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a, - const int p[], BN_CTX *ctx); /* r = sqrt(a) mod p */ -int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a, - const int p[], BN_CTX *ctx); /* r^2 + r = a mod p */ -int BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max); -int BN_GF2m_arr2poly(const int p[], BIGNUM *a); - -#endif - -/* faster mod functions for the 'NIST primes' - * 0 <= a < p^2 */ -int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx); -int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx); -int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx); -int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx); -int BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx); - -const BIGNUM *BN_get0_nist_prime_192(void); -const BIGNUM *BN_get0_nist_prime_224(void); -const BIGNUM *BN_get0_nist_prime_256(void); -const BIGNUM *BN_get0_nist_prime_384(void); -const BIGNUM *BN_get0_nist_prime_521(void); - -/* Primes from RFC 2409 */ -BIGNUM *get_rfc2409_prime_768(BIGNUM *bn); -BIGNUM *get_rfc2409_prime_1024(BIGNUM *bn); -BIGNUM *BN_get_rfc2409_prime_768(BIGNUM *bn); -BIGNUM *BN_get_rfc2409_prime_1024(BIGNUM *bn); - -/* Primes from RFC 3526 */ -BIGNUM *get_rfc3526_prime_1536(BIGNUM *bn); -BIGNUM *get_rfc3526_prime_2048(BIGNUM *bn); -BIGNUM *get_rfc3526_prime_3072(BIGNUM *bn); -BIGNUM *get_rfc3526_prime_4096(BIGNUM *bn); -BIGNUM *get_rfc3526_prime_6144(BIGNUM *bn); -BIGNUM *get_rfc3526_prime_8192(BIGNUM *bn); -BIGNUM *BN_get_rfc3526_prime_1536(BIGNUM *bn); -BIGNUM *BN_get_rfc3526_prime_2048(BIGNUM *bn); -BIGNUM *BN_get_rfc3526_prime_3072(BIGNUM *bn); -BIGNUM *BN_get_rfc3526_prime_4096(BIGNUM *bn); -BIGNUM *BN_get_rfc3526_prime_6144(BIGNUM *bn); -BIGNUM *BN_get_rfc3526_prime_8192(BIGNUM *bn); - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_BN_strings(void); - -/* Error codes for the BN functions. */ - -/* Function codes. */ -#define BN_F_BNRAND 127 -#define BN_F_BN_BLINDING_CONVERT_EX 100 -#define BN_F_BN_BLINDING_CREATE_PARAM 128 -#define BN_F_BN_BLINDING_INVERT_EX 101 -#define BN_F_BN_BLINDING_NEW 102 -#define BN_F_BN_BLINDING_UPDATE 103 -#define BN_F_BN_BN2DEC 104 -#define BN_F_BN_BN2HEX 105 -#define BN_F_BN_CTX_GET 116 -#define BN_F_BN_CTX_NEW 106 -#define BN_F_BN_CTX_START 129 -#define BN_F_BN_DIV 107 -#define BN_F_BN_DIV_NO_BRANCH 138 -#define BN_F_BN_DIV_RECP 130 -#define BN_F_BN_EXP 123 -#define BN_F_BN_EXPAND2 108 -#define BN_F_BN_GENERATE_PRIME_EX 140 -#define BN_F_BN_EXPAND_INTERNAL 120 -#define BN_F_BN_GF2M_MOD 131 -#define BN_F_BN_GF2M_MOD_EXP 132 -#define BN_F_BN_GF2M_MOD_MUL 133 -#define BN_F_BN_GF2M_MOD_SOLVE_QUAD 134 -#define BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR 135 -#define BN_F_BN_GF2M_MOD_SQR 136 -#define BN_F_BN_GF2M_MOD_SQRT 137 -#define BN_F_BN_MOD_EXP2_MONT 118 -#define BN_F_BN_MOD_EXP_MONT 109 -#define BN_F_BN_MOD_EXP_MONT_CONSTTIME 124 -#define BN_F_BN_MOD_EXP_MONT_WORD 117 -#define BN_F_BN_MOD_EXP_RECP 125 -#define BN_F_BN_MOD_EXP_SIMPLE 126 -#define BN_F_BN_MOD_INVERSE 110 -#define BN_F_BN_MOD_INVERSE_NO_BRANCH 139 -#define BN_F_BN_MOD_LSHIFT_QUICK 119 -#define BN_F_BN_MOD_MUL_RECIPROCAL 111 -#define BN_F_BN_MOD_SQRT 121 -#define BN_F_BN_MPI2BN 112 -#define BN_F_BN_NEW 113 -#define BN_F_BN_RAND 114 -#define BN_F_BN_RAND_RANGE 122 -#define BN_F_BN_USUB 115 - -/* Reason codes. */ -#define BN_R_ARG2_LT_ARG3 100 -#define BN_R_BAD_RECIPROCAL 101 -#define BN_R_BIGNUM_TOO_LONG 114 -#define BN_R_BITS_TOO_SMALL 117 -#define BN_R_CALLED_WITH_EVEN_MODULUS 102 -#define BN_R_DIV_BY_ZERO 103 -#define BN_R_ENCODING_ERROR 104 -#define BN_R_EXPAND_ON_STATIC_BIGNUM_DATA 105 -#define BN_R_INPUT_NOT_REDUCED 110 -#define BN_R_INVALID_LENGTH 106 -#define BN_R_INVALID_RANGE 115 -#define BN_R_NOT_A_SQUARE 111 -#define BN_R_NOT_INITIALIZED 107 -#define BN_R_NO_INVERSE 108 -#define BN_R_NO_SOLUTION 116 -#define BN_R_P_IS_NOT_PRIME 112 -#define BN_R_TOO_MANY_ITERATIONS 113 -#define BN_R_TOO_MANY_TEMPORARY_VARIABLES 109 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/openssl/buffer.h b/libressl/include64/openssl/buffer.h deleted file mode 100644 index ed6dac0e..00000000 --- a/libressl/include64/openssl/buffer.h +++ /dev/null @@ -1,122 +0,0 @@ -/* $OpenBSD: buffer.h,v 1.15 2015/06/24 10:05:14 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_BUFFER_H -#define HEADER_BUFFER_H -#if !defined(HAVE_ATTRIBUTE__BOUNDED__) && !defined(__OpenBSD__) -#define __bounded__(x, y, z) -#endif - -#include <openssl/ossl_typ.h> - -#ifdef __cplusplus -extern "C" { -#endif - -#include <stddef.h> -#include <sys/types.h> - -/* Already declared in ossl_typ.h */ -/* typedef struct buf_mem_st BUF_MEM; */ - -struct buf_mem_st { - size_t length; /* current number of bytes */ - char *data; - size_t max; /* size of buffer */ -}; - -BUF_MEM *BUF_MEM_new(void); -void BUF_MEM_free(BUF_MEM *a); -int BUF_MEM_grow(BUF_MEM *str, size_t len); -int BUF_MEM_grow_clean(BUF_MEM *str, size_t len); - -#ifndef LIBRESSL_INTERNAL -char * BUF_strdup(const char *str); -char * BUF_strndup(const char *str, size_t siz); -void * BUF_memdup(const void *data, size_t siz); -void BUF_reverse(unsigned char *out, const unsigned char *in, size_t siz); - -/* safe string functions */ -size_t BUF_strlcpy(char *dst, const char *src, size_t siz) - __attribute__ ((__bounded__(__string__,1,3))); -size_t BUF_strlcat(char *dst, const char *src, size_t siz) - __attribute__ ((__bounded__(__string__,1,3))); -#endif - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_BUF_strings(void); - -/* Error codes for the BUF functions. */ - -/* Function codes. */ -#define BUF_F_BUF_MEMDUP 103 -#define BUF_F_BUF_MEM_GROW 100 -#define BUF_F_BUF_MEM_GROW_CLEAN 105 -#define BUF_F_BUF_MEM_NEW 101 -#define BUF_F_BUF_STRDUP 102 -#define BUF_F_BUF_STRNDUP 104 - -/* Reason codes. */ - -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/openssl/camellia.h b/libressl/include64/openssl/camellia.h deleted file mode 100644 index b9b5f792..00000000 --- a/libressl/include64/openssl/camellia.h +++ /dev/null @@ -1,125 +0,0 @@ -/* $OpenBSD: camellia.h,v 1.5 2014/11/13 20:01:58 miod Exp $ */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - */ - -#ifndef HEADER_CAMELLIA_H -#define HEADER_CAMELLIA_H - -#include <openssl/opensslconf.h> - -#ifdef OPENSSL_NO_CAMELLIA -#error CAMELLIA is disabled. -#endif - -#include <stddef.h> - -#define CAMELLIA_ENCRYPT 1 -#define CAMELLIA_DECRYPT 0 - -/* Because array size can't be a const in C, the following two are macros. - Both sizes are in bytes. */ - -#ifdef __cplusplus -extern "C" { -#endif - -/* This should be a hidden type, but EVP requires that the size be known */ - -#define CAMELLIA_BLOCK_SIZE 16 -#define CAMELLIA_TABLE_BYTE_LEN 272 -#define CAMELLIA_TABLE_WORD_LEN (CAMELLIA_TABLE_BYTE_LEN / 4) - -typedef unsigned int KEY_TABLE_TYPE[CAMELLIA_TABLE_WORD_LEN]; /* to match with WORD */ - -struct camellia_key_st { - union { - double d; /* ensures 64-bit align */ - KEY_TABLE_TYPE rd_key; - } u; - int grand_rounds; -}; -typedef struct camellia_key_st CAMELLIA_KEY; - -int Camellia_set_key(const unsigned char *userKey, const int bits, - CAMELLIA_KEY *key); - -void Camellia_encrypt(const unsigned char *in, unsigned char *out, - const CAMELLIA_KEY *key); -void Camellia_decrypt(const unsigned char *in, unsigned char *out, - const CAMELLIA_KEY *key); - -void Camellia_ecb_encrypt(const unsigned char *in, unsigned char *out, - const CAMELLIA_KEY *key, const int enc); -void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const CAMELLIA_KEY *key, - unsigned char *ivec, const int enc); -void Camellia_cfb128_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const CAMELLIA_KEY *key, - unsigned char *ivec, int *num, const int enc); -void Camellia_cfb1_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const CAMELLIA_KEY *key, - unsigned char *ivec, int *num, const int enc); -void Camellia_cfb8_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const CAMELLIA_KEY *key, - unsigned char *ivec, int *num, const int enc); -void Camellia_ofb128_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const CAMELLIA_KEY *key, - unsigned char *ivec, int *num); -void Camellia_ctr128_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const CAMELLIA_KEY *key, - unsigned char ivec[CAMELLIA_BLOCK_SIZE], - unsigned char ecount_buf[CAMELLIA_BLOCK_SIZE], - unsigned int *num); - -#ifdef __cplusplus -} -#endif - -#endif /* !HEADER_Camellia_H */ diff --git a/libressl/include64/openssl/cast.h b/libressl/include64/openssl/cast.h deleted file mode 100644 index 1043c7f2..00000000 --- a/libressl/include64/openssl/cast.h +++ /dev/null @@ -1,104 +0,0 @@ -/* $OpenBSD: cast.h,v 1.12 2014/07/10 22:45:56 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_CAST_H -#define HEADER_CAST_H - -#include <openssl/opensslconf.h> - -#ifdef __cplusplus -extern "C" { -#endif - -#ifdef OPENSSL_NO_CAST -#error CAST is disabled. -#endif - -#define CAST_ENCRYPT 1 -#define CAST_DECRYPT 0 - -#define CAST_LONG unsigned int - -#define CAST_BLOCK 8 -#define CAST_KEY_LENGTH 16 - -typedef struct cast_key_st - { - CAST_LONG data[32]; - int short_key; /* Use reduced rounds for short key */ - } CAST_KEY; - -void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data); -void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out, const CAST_KEY *key, - int enc); -void CAST_encrypt(CAST_LONG *data, const CAST_KEY *key); -void CAST_decrypt(CAST_LONG *data, const CAST_KEY *key); -void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, - const CAST_KEY *ks, unsigned char *iv, int enc); -void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out, - long length, const CAST_KEY *schedule, unsigned char *ivec, - int *num, int enc); -void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out, - long length, const CAST_KEY *schedule, unsigned char *ivec, - int *num); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/libressl/include64/openssl/chacha.h b/libressl/include64/openssl/chacha.h deleted file mode 100644 index e2345b21..00000000 --- a/libressl/include64/openssl/chacha.h +++ /dev/null @@ -1,58 +0,0 @@ -/* $OpenBSD: chacha.h,v 1.8 2019/01/22 00:59:21 dlg Exp $ */ -/* - * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef HEADER_CHACHA_H -#define HEADER_CHACHA_H - -#include <openssl/opensslconf.h> - -#if defined(OPENSSL_NO_CHACHA) -#error ChaCha is disabled. -#endif - -#include <stddef.h> -#include <stdint.h> - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct { - unsigned int input[16]; - unsigned char ks[64]; - unsigned char unused; -} ChaCha_ctx; - -void ChaCha_set_key(ChaCha_ctx *ctx, const unsigned char *key, - unsigned int keybits); -void ChaCha_set_iv(ChaCha_ctx *ctx, const unsigned char *iv, - const unsigned char *counter); -void ChaCha(ChaCha_ctx *ctx, unsigned char *out, const unsigned char *in, - size_t len); - -void CRYPTO_chacha_20(unsigned char *out, const unsigned char *in, size_t len, - const unsigned char key[32], const unsigned char iv[8], uint64_t counter); -void CRYPTO_xchacha_20(unsigned char *out, const unsigned char *in, size_t len, - const unsigned char key[32], const unsigned char iv[24]); -void CRYPTO_hchacha_20(unsigned char out[32], - const unsigned char key[32], const unsigned char iv[16]); - -#ifdef __cplusplus -} -#endif - -#endif /* HEADER_CHACHA_H */ diff --git a/libressl/include64/openssl/cmac.h b/libressl/include64/openssl/cmac.h deleted file mode 100644 index cb6d64b0..00000000 --- a/libressl/include64/openssl/cmac.h +++ /dev/null @@ -1,82 +0,0 @@ -/* $OpenBSD: cmac.h,v 1.3 2014/06/21 13:42:14 jsing Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 2010 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - - -#ifndef HEADER_CMAC_H -#define HEADER_CMAC_H - -#ifdef __cplusplus -extern "C" { -#endif - -#include <openssl/evp.h> - -/* Opaque */ -typedef struct CMAC_CTX_st CMAC_CTX; - -CMAC_CTX *CMAC_CTX_new(void); -void CMAC_CTX_cleanup(CMAC_CTX *ctx); -void CMAC_CTX_free(CMAC_CTX *ctx); -EVP_CIPHER_CTX *CMAC_CTX_get0_cipher_ctx(CMAC_CTX *ctx); -int CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in); - -int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen, - const EVP_CIPHER *cipher, ENGINE *impl); -int CMAC_Update(CMAC_CTX *ctx, const void *data, size_t dlen); -int CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen); -int CMAC_resume(CMAC_CTX *ctx); - -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/openssl/cms.h b/libressl/include64/openssl/cms.h deleted file mode 100644 index 3c92be34..00000000 --- a/libressl/include64/openssl/cms.h +++ /dev/null @@ -1,532 +0,0 @@ -/* $OpenBSD: cms.h,v 1.15 2019/08/11 10:15:30 jsing Exp $ */ -/* - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 2008 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#ifndef HEADER_CMS_H -#define HEADER_CMS_H - -#include <openssl/opensslconf.h> - -#ifndef OPENSSL_NO_CMS -#include <openssl/x509.h> -#include <openssl/x509v3.h> -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct CMS_ContentInfo_st CMS_ContentInfo; -typedef struct CMS_SignerInfo_st CMS_SignerInfo; -typedef struct CMS_CertificateChoices CMS_CertificateChoices; -typedef struct CMS_RevocationInfoChoice_st CMS_RevocationInfoChoice; -typedef struct CMS_RecipientInfo_st CMS_RecipientInfo; -typedef struct CMS_ReceiptRequest_st CMS_ReceiptRequest; -typedef struct CMS_Receipt_st CMS_Receipt; -typedef struct CMS_RecipientEncryptedKey_st CMS_RecipientEncryptedKey; -typedef struct CMS_OtherKeyAttribute_st CMS_OtherKeyAttribute; - -DECLARE_STACK_OF(CMS_SignerInfo) -DECLARE_STACK_OF(CMS_RecipientEncryptedKey) -DECLARE_STACK_OF(CMS_RecipientInfo) -DECLARE_STACK_OF(CMS_RevocationInfoChoice) -CMS_ContentInfo *CMS_ContentInfo_new(void); -void CMS_ContentInfo_free(CMS_ContentInfo *a); -CMS_ContentInfo *d2i_CMS_ContentInfo(CMS_ContentInfo **a, const unsigned char **in, long len); -int i2d_CMS_ContentInfo(CMS_ContentInfo *a, unsigned char **out); -extern const ASN1_ITEM CMS_ContentInfo_it; -CMS_ReceiptRequest *CMS_ReceiptRequest_new(void); -void CMS_ReceiptRequest_free(CMS_ReceiptRequest *a); -CMS_ReceiptRequest *d2i_CMS_ReceiptRequest(CMS_ReceiptRequest **a, const unsigned char **in, long len); -int i2d_CMS_ReceiptRequest(CMS_ReceiptRequest *a, unsigned char **out); -extern const ASN1_ITEM CMS_ReceiptRequest_it; -int CMS_ContentInfo_print_ctx(BIO *out, CMS_ContentInfo *x, int indent, const ASN1_PCTX *pctx); - -#define CMS_SIGNERINFO_ISSUER_SERIAL 0 -#define CMS_SIGNERINFO_KEYIDENTIFIER 1 - -#define CMS_RECIPINFO_NONE -1 -#define CMS_RECIPINFO_TRANS 0 -#define CMS_RECIPINFO_AGREE 1 -#define CMS_RECIPINFO_KEK 2 -#define CMS_RECIPINFO_PASS 3 -#define CMS_RECIPINFO_OTHER 4 - -/* S/MIME related flags */ - -#define CMS_TEXT 0x1 -#define CMS_NOCERTS 0x2 -#define CMS_NO_CONTENT_VERIFY 0x4 -#define CMS_NO_ATTR_VERIFY 0x8 -#define CMS_NOSIGS \ - (CMS_NO_CONTENT_VERIFY|CMS_NO_ATTR_VERIFY) -#define CMS_NOINTERN 0x10 -#define CMS_NO_SIGNER_CERT_VERIFY 0x20 -#define CMS_NOVERIFY 0x20 -#define CMS_DETACHED 0x40 -#define CMS_BINARY 0x80 -#define CMS_NOATTR 0x100 -#define CMS_NOSMIMECAP 0x200 -#define CMS_NOOLDMIMETYPE 0x400 -#define CMS_CRLFEOL 0x800 -#define CMS_STREAM 0x1000 -#define CMS_NOCRL 0x2000 -#define CMS_PARTIAL 0x4000 -#define CMS_REUSE_DIGEST 0x8000 -#define CMS_USE_KEYID 0x10000 -#define CMS_DEBUG_DECRYPT 0x20000 -#define CMS_KEY_PARAM 0x40000 -#define CMS_ASCIICRLF 0x80000 - -const ASN1_OBJECT *CMS_get0_type(const CMS_ContentInfo *cms); - -BIO *CMS_dataInit(CMS_ContentInfo *cms, BIO *icont); -int CMS_dataFinal(CMS_ContentInfo *cms, BIO *bio); - -ASN1_OCTET_STRING **CMS_get0_content(CMS_ContentInfo *cms); -int CMS_is_detached(CMS_ContentInfo *cms); -int CMS_set_detached(CMS_ContentInfo *cms, int detached); - -#ifdef HEADER_PEM_H -CMS_ContentInfo *PEM_read_bio_CMS(BIO *bp, CMS_ContentInfo **x, - pem_password_cb *cb, void *u); -CMS_ContentInfo *PEM_read_CMS(FILE *fp, CMS_ContentInfo **x, - pem_password_cb *cb, void *u); -int PEM_write_bio_CMS(BIO *bp, const CMS_ContentInfo *x); -int PEM_write_CMS(FILE *fp, const CMS_ContentInfo *x); -#endif -int CMS_stream(unsigned char ***boundary, CMS_ContentInfo *cms); -CMS_ContentInfo *d2i_CMS_bio(BIO *bp, CMS_ContentInfo **cms); -int i2d_CMS_bio(BIO *bp, CMS_ContentInfo *cms); - -BIO *BIO_new_CMS(BIO *out, CMS_ContentInfo *cms); -int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags); -int PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, - int flags); -CMS_ContentInfo *SMIME_read_CMS(BIO *bio, BIO **bcont); -int SMIME_write_CMS(BIO *bio, CMS_ContentInfo *cms, BIO *data, int flags); - -int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont, unsigned int flags); - -CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, - BIO *data, unsigned int flags); - -CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si, X509 *signcert, - EVP_PKEY *pkey, STACK_OF(X509) *certs, unsigned int flags); - -int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags); -CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags); - -int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out, - unsigned int flags); -CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md, - unsigned int flags); - -int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms, const unsigned char *key, - size_t keylen, BIO *dcont, BIO *out, unsigned int flags); - -CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher, - const unsigned char *key, size_t keylen, unsigned int flags); - -int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph, - const unsigned char *key, size_t keylen); - -int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs, - X509_STORE *store, BIO *dcont, BIO *out, unsigned int flags); - -int CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms, - STACK_OF(X509) *certs, X509_STORE *store, unsigned int flags); - -STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms); - -CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in, - const EVP_CIPHER *cipher, unsigned int flags); - -int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pkey, X509 *cert, - BIO *dcont, BIO *out, unsigned int flags); - -int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert); -int CMS_decrypt_set1_key(CMS_ContentInfo *cms, unsigned char *key, - size_t keylen, const unsigned char *id, size_t idlen); -int CMS_decrypt_set1_password(CMS_ContentInfo *cms, unsigned char *pass, - ssize_t passlen); - -STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms); -int CMS_RecipientInfo_type(CMS_RecipientInfo *ri); -EVP_PKEY_CTX *CMS_RecipientInfo_get0_pkey_ctx(CMS_RecipientInfo *ri); -CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher); -CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms, X509 *recip, - unsigned int flags); -int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey); -int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert); -int CMS_RecipientInfo_ktri_get0_algs(CMS_RecipientInfo *ri, EVP_PKEY **pk, - X509 **recip, X509_ALGOR **palg); -int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri, - ASN1_OCTET_STRING **keyid, X509_NAME **issuer, ASN1_INTEGER **sno); - -CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid, - unsigned char *key, size_t keylen, unsigned char *id, size_t idlen, - ASN1_GENERALIZEDTIME *date, ASN1_OBJECT *otherTypeId, ASN1_TYPE *otherType); - -int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri, X509_ALGOR **palg, - ASN1_OCTET_STRING **pid, ASN1_GENERALIZEDTIME **pdate, - ASN1_OBJECT **potherid, ASN1_TYPE **pothertype); - -int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri, unsigned char *key, - size_t keylen); - -int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri, - const unsigned char *id, size_t idlen); - -int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri, unsigned char *pass, - ssize_t passlen); - -CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms, int iter, - int wrap_nid, int pbe_nid, unsigned char *pass, ssize_t passlen, - const EVP_CIPHER *kekciph); - -int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri); -int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri); - -int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out, - unsigned int flags); -CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags); - -int CMS_set1_eContentType(CMS_ContentInfo *cms, const ASN1_OBJECT *oid); -const ASN1_OBJECT *CMS_get0_eContentType(CMS_ContentInfo *cms); - -CMS_CertificateChoices *CMS_add0_CertificateChoices(CMS_ContentInfo *cms); -int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert); -int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert); -STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms); - -CMS_RevocationInfoChoice *CMS_add0_RevocationInfoChoice(CMS_ContentInfo *cms); -int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl); -int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl); -STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms); - -int CMS_SignedData_init(CMS_ContentInfo *cms); -CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms, X509 *signer, - EVP_PKEY *pk, const EVP_MD *md, unsigned int flags); -EVP_PKEY_CTX *CMS_SignerInfo_get0_pkey_ctx(CMS_SignerInfo *si); -EVP_MD_CTX *CMS_SignerInfo_get0_md_ctx(CMS_SignerInfo *si); -STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms); - -void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer); -int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si, ASN1_OCTET_STRING **keyid, - X509_NAME **issuer, ASN1_INTEGER **sno); -int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert); -int CMS_set1_signers_certs(CMS_ContentInfo *cms, STACK_OF(X509) *certs, - unsigned int flags); -void CMS_SignerInfo_get0_algs(CMS_SignerInfo *si, EVP_PKEY **pk, X509 **signer, - X509_ALGOR **pdig, X509_ALGOR **psig); -ASN1_OCTET_STRING *CMS_SignerInfo_get0_signature(CMS_SignerInfo *si); -int CMS_SignerInfo_sign(CMS_SignerInfo *si); -int CMS_SignerInfo_verify(CMS_SignerInfo *si); -int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain); - -int CMS_add_smimecap(CMS_SignerInfo *si, STACK_OF(X509_ALGOR) *algs); -int CMS_add_simple_smimecap(STACK_OF(X509_ALGOR) **algs, int algnid, - int keysize); -int CMS_add_standard_smimecap(STACK_OF(X509_ALGOR) **smcap); - -int CMS_signed_get_attr_count(const CMS_SignerInfo *si); -int CMS_signed_get_attr_by_NID(const CMS_SignerInfo *si, int nid, int lastpos); -int CMS_signed_get_attr_by_OBJ(const CMS_SignerInfo *si, const ASN1_OBJECT *obj, - int lastpos); -X509_ATTRIBUTE *CMS_signed_get_attr(const CMS_SignerInfo *si, int loc); -X509_ATTRIBUTE *CMS_signed_delete_attr(CMS_SignerInfo *si, int loc); -int CMS_signed_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr); -int CMS_signed_add1_attr_by_OBJ(CMS_SignerInfo *si, const ASN1_OBJECT *obj, - int type, const void *bytes, int len); -int CMS_signed_add1_attr_by_NID(CMS_SignerInfo *si, int nid, int type, - const void *bytes, int len); -int CMS_signed_add1_attr_by_txt(CMS_SignerInfo *si, - const char *attrname, int type, const void *bytes, int len); -void *CMS_signed_get0_data_by_OBJ(CMS_SignerInfo *si, const ASN1_OBJECT *oid, - int lastpos, int type); - -int CMS_unsigned_get_attr_count(const CMS_SignerInfo *si); -int CMS_unsigned_get_attr_by_NID(const CMS_SignerInfo *si, int nid, - int lastpos); -int CMS_unsigned_get_attr_by_OBJ(const CMS_SignerInfo *si, - const ASN1_OBJECT *obj, int lastpos); -X509_ATTRIBUTE *CMS_unsigned_get_attr(const CMS_SignerInfo *si, int loc); -X509_ATTRIBUTE *CMS_unsigned_delete_attr(CMS_SignerInfo *si, int loc); -int CMS_unsigned_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr); -int CMS_unsigned_add1_attr_by_OBJ(CMS_SignerInfo *si, - const ASN1_OBJECT *obj, int type, const void *bytes, int len); -int CMS_unsigned_add1_attr_by_NID(CMS_SignerInfo *si, int nid, int type, - const void *bytes, int len); -int CMS_unsigned_add1_attr_by_txt(CMS_SignerInfo *si, const char *attrname, - int type, const void *bytes, int len); -void *CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid, - int lastpos, int type); - -#ifdef HEADER_X509V3_H - -int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr); -CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen, - int allorfirst, STACK_OF(GENERAL_NAMES) *receiptList, - STACK_OF(GENERAL_NAMES) *receiptsTo); -int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr); -void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr, ASN1_STRING **pcid, - int *pallorfirst, STACK_OF(GENERAL_NAMES) **plist, - STACK_OF(GENERAL_NAMES) **prto); -#endif -int CMS_RecipientInfo_kari_get0_alg(CMS_RecipientInfo *ri, X509_ALGOR **palg, - ASN1_OCTET_STRING **pukm); -STACK_OF(CMS_RecipientEncryptedKey) * - CMS_RecipientInfo_kari_get0_reks(CMS_RecipientInfo *ri); - -int CMS_RecipientInfo_kari_get0_orig_id(CMS_RecipientInfo *ri, - X509_ALGOR **pubalg, ASN1_BIT_STRING **pubkey, ASN1_OCTET_STRING **keyid, - X509_NAME **issuer, ASN1_INTEGER **sno); - -int CMS_RecipientInfo_kari_orig_id_cmp(CMS_RecipientInfo *ri, X509 *cert); - -int CMS_RecipientEncryptedKey_get0_id(CMS_RecipientEncryptedKey *rek, - ASN1_OCTET_STRING **keyid, ASN1_GENERALIZEDTIME **tm, - CMS_OtherKeyAttribute **other, X509_NAME **issuer, ASN1_INTEGER **sno); -int CMS_RecipientEncryptedKey_cert_cmp(CMS_RecipientEncryptedKey *rek, - X509 *cert); -int CMS_RecipientInfo_kari_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pk); -EVP_CIPHER_CTX *CMS_RecipientInfo_kari_get0_ctx(CMS_RecipientInfo *ri); -int CMS_RecipientInfo_kari_decrypt(CMS_ContentInfo *cms, - CMS_RecipientInfo *ri, CMS_RecipientEncryptedKey *rek); - -int CMS_SharedInfo_encode(unsigned char **pder, X509_ALGOR *kekalg, - ASN1_OCTET_STRING *ukm, int keylen); - -/* Backward compatibility for spelling errors. */ -#define CMS_R_UNKNOWN_DIGEST_ALGORITM CMS_R_UNKNOWN_DIGEST_ALGORITHM -#define CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE \ - CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE - -int ERR_load_CMS_strings(void); - -/* - * CMS function codes. - */ -#define CMS_F_CHECK_CONTENT 99 -#define CMS_F_CMS_ADD0_CERT 164 -#define CMS_F_CMS_ADD0_RECIPIENT_KEY 100 -#define CMS_F_CMS_ADD0_RECIPIENT_PASSWORD 165 -#define CMS_F_CMS_ADD1_RECEIPTREQUEST 158 -#define CMS_F_CMS_ADD1_RECIPIENT_CERT 101 -#define CMS_F_CMS_ADD1_SIGNER 102 -#define CMS_F_CMS_ADD1_SIGNINGTIME 103 -#define CMS_F_CMS_COMPRESS 104 -#define CMS_F_CMS_COMPRESSEDDATA_CREATE 105 -#define CMS_F_CMS_COMPRESSEDDATA_INIT_BIO 106 -#define CMS_F_CMS_COPY_CONTENT 107 -#define CMS_F_CMS_COPY_MESSAGEDIGEST 108 -#define CMS_F_CMS_DATA 109 -#define CMS_F_CMS_DATAFINAL 110 -#define CMS_F_CMS_DATAINIT 111 -#define CMS_F_CMS_DECRYPT 112 -#define CMS_F_CMS_DECRYPT_SET1_KEY 113 -#define CMS_F_CMS_DECRYPT_SET1_PASSWORD 166 -#define CMS_F_CMS_DECRYPT_SET1_PKEY 114 -#define CMS_F_CMS_DIGESTALGORITHM_FIND_CTX 115 -#define CMS_F_CMS_DIGESTALGORITHM_INIT_BIO 116 -#define CMS_F_CMS_DIGESTEDDATA_DO_FINAL 117 -#define CMS_F_CMS_DIGEST_VERIFY 118 -#define CMS_F_CMS_ENCODE_RECEIPT 161 -#define CMS_F_CMS_ENCRYPT 119 -#define CMS_F_CMS_ENCRYPTEDCONTENT_INIT 179 -#define CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO 120 -#define CMS_F_CMS_ENCRYPTEDDATA_DECRYPT 121 -#define CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT 122 -#define CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY 123 -#define CMS_F_CMS_ENVELOPEDDATA_CREATE 124 -#define CMS_F_CMS_ENVELOPEDDATA_INIT_BIO 125 -#define CMS_F_CMS_ENVELOPED_DATA_INIT 126 -#define CMS_F_CMS_ENV_ASN1_CTRL 171 -#define CMS_F_CMS_FINAL 127 -#define CMS_F_CMS_GET0_CERTIFICATE_CHOICES 128 -#define CMS_F_CMS_GET0_CONTENT 129 -#define CMS_F_CMS_GET0_ECONTENT_TYPE 130 -#define CMS_F_CMS_GET0_ENVELOPED 131 -#define CMS_F_CMS_GET0_REVOCATION_CHOICES 132 -#define CMS_F_CMS_GET0_SIGNED 133 -#define CMS_F_CMS_MSGSIGDIGEST_ADD1 162 -#define CMS_F_CMS_RECEIPTREQUEST_CREATE0 159 -#define CMS_F_CMS_RECEIPT_VERIFY 160 -#define CMS_F_CMS_RECIPIENTINFO_DECRYPT 134 -#define CMS_F_CMS_RECIPIENTINFO_ENCRYPT 169 -#define CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT 178 -#define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG 175 -#define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID 173 -#define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_REKS 172 -#define CMS_F_CMS_RECIPIENTINFO_KARI_ORIG_ID_CMP 174 -#define CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT 135 -#define CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT 136 -#define CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID 137 -#define CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP 138 -#define CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP 139 -#define CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT 140 -#define CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT 141 -#define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS 142 -#define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID 143 -#define CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT 167 -#define CMS_F_CMS_RECIPIENTINFO_SET0_KEY 144 -#define CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD 168 -#define CMS_F_CMS_RECIPIENTINFO_SET0_PKEY 145 -#define CMS_F_CMS_SD_ASN1_CTRL 170 -#define CMS_F_CMS_SET1_IAS 176 -#define CMS_F_CMS_SET1_KEYID 177 -#define CMS_F_CMS_SET1_SIGNERIDENTIFIER 146 -#define CMS_F_CMS_SET_DETACHED 147 -#define CMS_F_CMS_SIGN 148 -#define CMS_F_CMS_SIGNED_DATA_INIT 149 -#define CMS_F_CMS_SIGNERINFO_CONTENT_SIGN 150 -#define CMS_F_CMS_SIGNERINFO_SIGN 151 -#define CMS_F_CMS_SIGNERINFO_VERIFY 152 -#define CMS_F_CMS_SIGNERINFO_VERIFY_CERT 153 -#define CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT 154 -#define CMS_F_CMS_SIGN_RECEIPT 163 -#define CMS_F_CMS_STREAM 155 -#define CMS_F_CMS_UNCOMPRESS 156 -#define CMS_F_CMS_VERIFY 157 -#define CMS_F_KEK_UNWRAP_KEY 180 - -/* - * CMS reason codes. - */ -#define CMS_R_ADD_SIGNER_ERROR 99 -#define CMS_R_CERTIFICATE_ALREADY_PRESENT 175 -#define CMS_R_CERTIFICATE_HAS_NO_KEYID 160 -#define CMS_R_CERTIFICATE_VERIFY_ERROR 100 -#define CMS_R_CIPHER_INITIALISATION_ERROR 101 -#define CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR 102 -#define CMS_R_CMS_DATAFINAL_ERROR 103 -#define CMS_R_CMS_LIB 104 -#define CMS_R_CONTENTIDENTIFIER_MISMATCH 170 -#define CMS_R_CONTENT_NOT_FOUND 105 -#define CMS_R_CONTENT_TYPE_MISMATCH 171 -#define CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA 106 -#define CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA 107 -#define CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA 108 -#define CMS_R_CONTENT_VERIFY_ERROR 109 -#define CMS_R_CTRL_ERROR 110 -#define CMS_R_CTRL_FAILURE 111 -#define CMS_R_DECRYPT_ERROR 112 -#define CMS_R_ERROR_GETTING_PUBLIC_KEY 113 -#define CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE 114 -#define CMS_R_ERROR_SETTING_KEY 115 -#define CMS_R_ERROR_SETTING_RECIPIENTINFO 116 -#define CMS_R_INVALID_ENCRYPTED_KEY_LENGTH 117 -#define CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER 176 -#define CMS_R_INVALID_KEY_LENGTH 118 -#define CMS_R_MD_BIO_INIT_ERROR 119 -#define CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH 120 -#define CMS_R_MESSAGEDIGEST_WRONG_LENGTH 121 -#define CMS_R_MSGSIGDIGEST_ERROR 172 -#define CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE 162 -#define CMS_R_MSGSIGDIGEST_WRONG_LENGTH 163 -#define CMS_R_NEED_ONE_SIGNER 164 -#define CMS_R_NOT_A_SIGNED_RECEIPT 165 -#define CMS_R_NOT_ENCRYPTED_DATA 122 -#define CMS_R_NOT_KEK 123 -#define CMS_R_NOT_KEY_AGREEMENT 181 -#define CMS_R_NOT_KEY_TRANSPORT 124 -#define CMS_R_NOT_PWRI 177 -#define CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 125 -#define CMS_R_NO_CIPHER 126 -#define CMS_R_NO_CONTENT 127 -#define CMS_R_NO_CONTENT_TYPE 173 -#define CMS_R_NO_DEFAULT_DIGEST 128 -#define CMS_R_NO_DIGEST_SET 129 -#define CMS_R_NO_KEY 130 -#define CMS_R_NO_KEY_OR_CERT 174 -#define CMS_R_NO_MATCHING_DIGEST 131 -#define CMS_R_NO_MATCHING_RECIPIENT 132 -#define CMS_R_NO_MATCHING_SIGNATURE 166 -#define CMS_R_NO_MSGSIGDIGEST 167 -#define CMS_R_NO_PASSWORD 178 -#define CMS_R_NO_PRIVATE_KEY 133 -#define CMS_R_NO_PUBLIC_KEY 134 -#define CMS_R_NO_RECEIPT_REQUEST 168 -#define CMS_R_NO_SIGNERS 135 -#define CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 136 -#define CMS_R_RECEIPT_DECODE_ERROR 169 -#define CMS_R_RECIPIENT_ERROR 137 -#define CMS_R_SIGNER_CERTIFICATE_NOT_FOUND 138 -#define CMS_R_SIGNFINAL_ERROR 139 -#define CMS_R_SMIME_TEXT_ERROR 140 -#define CMS_R_STORE_INIT_ERROR 141 -#define CMS_R_TYPE_NOT_COMPRESSED_DATA 142 -#define CMS_R_TYPE_NOT_DATA 143 -#define CMS_R_TYPE_NOT_DIGESTED_DATA 144 -#define CMS_R_TYPE_NOT_ENCRYPTED_DATA 145 -#define CMS_R_TYPE_NOT_ENVELOPED_DATA 146 -#define CMS_R_UNABLE_TO_FINALIZE_CONTEXT 147 -#define CMS_R_UNKNOWN_CIPHER 148 -#define CMS_R_UNKNOWN_DIGEST_ALGORITHM 149 -#define CMS_R_UNKNOWN_ID 150 -#define CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM 151 -#define CMS_R_UNSUPPORTED_CONTENT_TYPE 152 -#define CMS_R_UNSUPPORTED_KEK_ALGORITHM 153 -#define CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM 179 -#define CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE 155 -#define CMS_R_UNSUPPORTED_RECIPIENT_TYPE 154 -#define CMS_R_UNSUPPORTED_TYPE 156 -#define CMS_R_UNWRAP_ERROR 157 -#define CMS_R_UNWRAP_FAILURE 180 -#define CMS_R_VERIFICATION_FAILURE 158 -#define CMS_R_WRAP_ERROR 159 - -#ifdef __cplusplus -} -#endif -#endif -#endif diff --git a/libressl/include64/openssl/comp.h b/libressl/include64/openssl/comp.h deleted file mode 100644 index fe7397f8..00000000 --- a/libressl/include64/openssl/comp.h +++ /dev/null @@ -1,73 +0,0 @@ -/* $OpenBSD: comp.h,v 1.8 2014/11/03 16:58:28 tedu Exp $ */ - -#ifndef HEADER_COMP_H -#define HEADER_COMP_H - -#include <openssl/crypto.h> - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct comp_ctx_st COMP_CTX; - -typedef struct comp_method_st { - int type; /* NID for compression library */ - const char *name; /* A text string to identify the library */ - int (*init)(COMP_CTX *ctx); - void (*finish)(COMP_CTX *ctx); - int (*compress)(COMP_CTX *ctx, unsigned char *out, unsigned int olen, - unsigned char *in, unsigned int ilen); - int (*expand)(COMP_CTX *ctx, unsigned char *out, unsigned int olen, - unsigned char *in, unsigned int ilen); - /* The following two do NOTHING, but are kept for backward compatibility */ - long (*ctrl)(void); - long (*callback_ctrl)(void); -} COMP_METHOD; - -struct comp_ctx_st { - COMP_METHOD *meth; - unsigned long compress_in; - unsigned long compress_out; - unsigned long expand_in; - unsigned long expand_out; - - CRYPTO_EX_DATA ex_data; -}; - - -COMP_CTX *COMP_CTX_new(COMP_METHOD *meth); -void COMP_CTX_free(COMP_CTX *ctx); -int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen, - unsigned char *in, int ilen); -int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen, - unsigned char *in, int ilen); -COMP_METHOD *COMP_rle(void ); -COMP_METHOD *COMP_zlib(void ); -void COMP_zlib_cleanup(void); - -#ifdef HEADER_BIO_H -#ifdef ZLIB -BIO_METHOD *BIO_f_zlib(void); -#endif -#endif - -void ERR_load_COMP_strings(void); - -/* Error codes for the COMP functions. */ - -/* Function codes. */ -#define COMP_F_BIO_ZLIB_FLUSH 99 -#define COMP_F_BIO_ZLIB_NEW 100 -#define COMP_F_BIO_ZLIB_READ 101 -#define COMP_F_BIO_ZLIB_WRITE 102 - -/* Reason codes. */ -#define COMP_R_ZLIB_DEFLATE_ERROR 99 -#define COMP_R_ZLIB_INFLATE_ERROR 100 -#define COMP_R_ZLIB_NOT_SUPPORTED 101 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/openssl/conf.h b/libressl/include64/openssl/conf.h deleted file mode 100644 index 095066d3..00000000 --- a/libressl/include64/openssl/conf.h +++ /dev/null @@ -1,249 +0,0 @@ -/* $OpenBSD: conf.h,v 1.14 2015/02/07 13:19:15 doug Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_CONF_H -#define HEADER_CONF_H - -#include <openssl/opensslconf.h> - -#include <openssl/bio.h> -#include <openssl/lhash.h> -#include <openssl/stack.h> -#include <openssl/safestack.h> - -#include <openssl/ossl_typ.h> - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct { - char *section; - char *name; - char *value; -} CONF_VALUE; - -DECLARE_STACK_OF(CONF_VALUE) -DECLARE_LHASH_OF(CONF_VALUE); - -struct conf_st; -struct conf_method_st; -typedef struct conf_method_st CONF_METHOD; - -struct conf_method_st { - const char *name; - CONF *(*create)(CONF_METHOD *meth); - int (*init)(CONF *conf); - int (*destroy)(CONF *conf); - int (*destroy_data)(CONF *conf); - int (*load_bio)(CONF *conf, BIO *bp, long *eline); - int (*dump)(const CONF *conf, BIO *bp); - int (*is_number)(const CONF *conf, char c); - int (*to_int)(const CONF *conf, char c); - int (*load)(CONF *conf, const char *name, long *eline); -}; - -/* Module definitions */ - -typedef struct conf_imodule_st CONF_IMODULE; -typedef struct conf_module_st CONF_MODULE; - -DECLARE_STACK_OF(CONF_MODULE) -DECLARE_STACK_OF(CONF_IMODULE) - -/* DSO module function typedefs */ -typedef int conf_init_func(CONF_IMODULE *md, const CONF *cnf); -typedef void conf_finish_func(CONF_IMODULE *md); - -#define CONF_MFLAGS_IGNORE_ERRORS 0x1 -#define CONF_MFLAGS_IGNORE_RETURN_CODES 0x2 -#define CONF_MFLAGS_SILENT 0x4 -#define CONF_MFLAGS_NO_DSO 0x8 -#define CONF_MFLAGS_IGNORE_MISSING_FILE 0x10 -#define CONF_MFLAGS_DEFAULT_SECTION 0x20 - -int CONF_set_default_method(CONF_METHOD *meth); -void CONF_set_nconf(CONF *conf, LHASH_OF(CONF_VALUE) *hash); -LHASH_OF(CONF_VALUE) *CONF_load(LHASH_OF(CONF_VALUE) *conf, const char *file, - long *eline); -LHASH_OF(CONF_VALUE) *CONF_load_fp(LHASH_OF(CONF_VALUE) *conf, FILE *fp, - long *eline); -LHASH_OF(CONF_VALUE) *CONF_load_bio(LHASH_OF(CONF_VALUE) *conf, BIO *bp, long *eline); -STACK_OF(CONF_VALUE) *CONF_get_section(LHASH_OF(CONF_VALUE) *conf, - const char *section); -char *CONF_get_string(LHASH_OF(CONF_VALUE) *conf, const char *group, - const char *name); -long CONF_get_number(LHASH_OF(CONF_VALUE) *conf, const char *group, - const char *name); -void CONF_free(LHASH_OF(CONF_VALUE) *conf); -int CONF_dump_fp(LHASH_OF(CONF_VALUE) *conf, FILE *out); -int CONF_dump_bio(LHASH_OF(CONF_VALUE) *conf, BIO *out); - -void OPENSSL_config(const char *config_name); -void OPENSSL_no_config(void); - -/* New conf code. The semantics are different from the functions above. - If that wasn't the case, the above functions would have been replaced */ - -struct conf_st { - CONF_METHOD *meth; - void *meth_data; - LHASH_OF(CONF_VALUE) *data; -}; - -CONF *NCONF_new(CONF_METHOD *meth); -CONF_METHOD *NCONF_default(void); -CONF_METHOD *NCONF_WIN32(void); -void NCONF_free(CONF *conf); -void NCONF_free_data(CONF *conf); - -int NCONF_load(CONF *conf, const char *file, long *eline); -int NCONF_load_fp(CONF *conf, FILE *fp, long *eline); -int NCONF_load_bio(CONF *conf, BIO *bp, long *eline); -STACK_OF(CONF_VALUE) *NCONF_get_section(const CONF *conf, const char *section); -char *NCONF_get_string(const CONF *conf, const char *group, const char *name); -int NCONF_get_number_e(const CONF *conf, const char *group, const char *name, - long *result); -int NCONF_dump_fp(const CONF *conf, FILE *out); -int NCONF_dump_bio(const CONF *conf, BIO *out); - -#define NCONF_get_number(c,g,n,r) NCONF_get_number_e(c,g,n,r) - -/* Module functions */ - -int CONF_modules_load(const CONF *cnf, const char *appname, - unsigned long flags); -int CONF_modules_load_file(const char *filename, const char *appname, - unsigned long flags); -void CONF_modules_unload(int all); -void CONF_modules_finish(void); -void CONF_modules_free(void); -int CONF_module_add(const char *name, conf_init_func *ifunc, - conf_finish_func *ffunc); - -const char *CONF_imodule_get_name(const CONF_IMODULE *md); -const char *CONF_imodule_get_value(const CONF_IMODULE *md); -void *CONF_imodule_get_usr_data(const CONF_IMODULE *md); -void CONF_imodule_set_usr_data(CONF_IMODULE *md, void *usr_data); -CONF_MODULE *CONF_imodule_get_module(const CONF_IMODULE *md); -unsigned long CONF_imodule_get_flags(const CONF_IMODULE *md); -void CONF_imodule_set_flags(CONF_IMODULE *md, unsigned long flags); -void *CONF_module_get_usr_data(CONF_MODULE *pmod); -void CONF_module_set_usr_data(CONF_MODULE *pmod, void *usr_data); - -char *CONF_get1_default_config_file(void); - -int CONF_parse_list(const char *list, int sep, int nospc, - int (*list_cb)(const char *elem, int len, void *usr), void *arg); - -void OPENSSL_load_builtin_modules(void); - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_CONF_strings(void); - -/* Error codes for the CONF functions. */ - -/* Function codes. */ -#define CONF_F_CONF_DUMP_FP 104 -#define CONF_F_CONF_LOAD 100 -#define CONF_F_CONF_LOAD_BIO 102 -#define CONF_F_CONF_LOAD_FP 103 -#define CONF_F_CONF_MODULES_LOAD 116 -#define CONF_F_CONF_PARSE_LIST 119 -#define CONF_F_DEF_LOAD 120 -#define CONF_F_DEF_LOAD_BIO 121 -#define CONF_F_MODULE_INIT 115 -#define CONF_F_MODULE_LOAD_DSO 117 -#define CONF_F_MODULE_RUN 118 -#define CONF_F_NCONF_DUMP_BIO 105 -#define CONF_F_NCONF_DUMP_FP 106 -#define CONF_F_NCONF_GET_NUMBER 107 -#define CONF_F_NCONF_GET_NUMBER_E 112 -#define CONF_F_NCONF_GET_SECTION 108 -#define CONF_F_NCONF_GET_STRING 109 -#define CONF_F_NCONF_LOAD 113 -#define CONF_F_NCONF_LOAD_BIO 110 -#define CONF_F_NCONF_LOAD_FP 114 -#define CONF_F_NCONF_NEW 111 -#define CONF_F_STR_COPY 101 - -/* Reason codes. */ -#define CONF_R_ERROR_LOADING_DSO 110 -#define CONF_R_LIST_CANNOT_BE_NULL 115 -#define CONF_R_MISSING_CLOSE_SQUARE_BRACKET 100 -#define CONF_R_MISSING_EQUAL_SIGN 101 -#define CONF_R_MISSING_FINISH_FUNCTION 111 -#define CONF_R_MISSING_INIT_FUNCTION 112 -#define CONF_R_MODULE_INITIALIZATION_ERROR 109 -#define CONF_R_NO_CLOSE_BRACE 102 -#define CONF_R_NO_CONF 105 -#define CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE 106 -#define CONF_R_NO_SECTION 107 -#define CONF_R_NO_SUCH_FILE 114 -#define CONF_R_NO_VALUE 108 -#define CONF_R_UNABLE_TO_CREATE_NEW_SECTION 103 -#define CONF_R_UNKNOWN_MODULE_NAME 113 -#define CONF_R_VARIABLE_HAS_NO_VALUE 104 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/openssl/conf_api.h b/libressl/include64/openssl/conf_api.h deleted file mode 100644 index 95f93862..00000000 --- a/libressl/include64/openssl/conf_api.h +++ /dev/null @@ -1,88 +0,0 @@ -/* $OpenBSD: conf_api.h,v 1.4 2014/06/12 15:49:28 deraadt Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_CONF_API_H -#define HEADER_CONF_API_H - -#include <openssl/lhash.h> -#include <openssl/conf.h> - -#ifdef __cplusplus -extern "C" { -#endif - -/* Up until OpenSSL 0.9.5a, this was new_section */ -CONF_VALUE *_CONF_new_section(CONF *conf, const char *section); -/* Up until OpenSSL 0.9.5a, this was get_section */ -CONF_VALUE *_CONF_get_section(const CONF *conf, const char *section); -/* Up until OpenSSL 0.9.5a, this was CONF_get_section */ -STACK_OF(CONF_VALUE) *_CONF_get_section_values(const CONF *conf, - const char *section); - -int _CONF_add_string(CONF *conf, CONF_VALUE *section, CONF_VALUE *value); -char *_CONF_get_string(const CONF *conf, const char *section, - const char *name); -long _CONF_get_number(const CONF *conf, const char *section, const char *name); - -int _CONF_new_data(CONF *conf); -void _CONF_free_data(CONF *conf); - -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/openssl/crypto.h b/libressl/include64/openssl/crypto.h deleted file mode 100644 index 7de8abb4..00000000 --- a/libressl/include64/openssl/crypto.h +++ /dev/null @@ -1,579 +0,0 @@ -/* $OpenBSD: crypto.h,v 1.50 2019/01/19 01:07:00 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * ECDH support in OpenSSL originally developed by - * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. - */ - -#include <stdint.h> -#include <stdio.h> -#include <stdlib.h> - -#ifndef HEADER_CRYPTO_H -#define HEADER_CRYPTO_H - -#include <openssl/opensslconf.h> - -#include <openssl/stack.h> -#include <openssl/safestack.h> -#include <openssl/opensslv.h> -#include <openssl/ossl_typ.h> - -#ifdef __cplusplus -extern "C" { -#endif - -/* Backward compatibility to SSLeay */ -/* This is more to be used to check the correct DLL is being used - * in the MS world. */ -#define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER -#define SSLEAY_VERSION 0 -/* #define SSLEAY_OPTIONS 1 no longer supported */ -#define SSLEAY_CFLAGS 2 -#define SSLEAY_BUILT_ON 3 -#define SSLEAY_PLATFORM 4 -#define SSLEAY_DIR 5 - -/* A generic structure to pass assorted data in a expandable way */ -typedef struct openssl_item_st { - int code; - void *value; /* Not used for flag attributes */ - size_t value_size; /* Max size of value for output, length for input */ - size_t *value_length; /* Returned length of value for output */ -} OPENSSL_ITEM; - - -/* When changing the CRYPTO_LOCK_* list, be sure to maintain the text lock - * names in cryptlib.c - */ - -#define CRYPTO_LOCK_ERR 1 -#define CRYPTO_LOCK_EX_DATA 2 -#define CRYPTO_LOCK_X509 3 -#define CRYPTO_LOCK_X509_INFO 4 -#define CRYPTO_LOCK_X509_PKEY 5 -#define CRYPTO_LOCK_X509_CRL 6 -#define CRYPTO_LOCK_X509_REQ 7 -#define CRYPTO_LOCK_DSA 8 -#define CRYPTO_LOCK_RSA 9 -#define CRYPTO_LOCK_EVP_PKEY 10 -#define CRYPTO_LOCK_X509_STORE 11 -#define CRYPTO_LOCK_SSL_CTX 12 -#define CRYPTO_LOCK_SSL_CERT 13 -#define CRYPTO_LOCK_SSL_SESSION 14 -#define CRYPTO_LOCK_SSL_SESS_CERT 15 -#define CRYPTO_LOCK_SSL 16 -#define CRYPTO_LOCK_SSL_METHOD 17 -#define CRYPTO_LOCK_RAND 18 -#define CRYPTO_LOCK_RAND2 19 -#define CRYPTO_LOCK_MALLOC 20 -#define CRYPTO_LOCK_BIO 21 -#define CRYPTO_LOCK_GETHOSTBYNAME 22 -#define CRYPTO_LOCK_GETSERVBYNAME 23 -#define CRYPTO_LOCK_READDIR 24 -#define CRYPTO_LOCK_RSA_BLINDING 25 -#define CRYPTO_LOCK_DH 26 -#define CRYPTO_LOCK_MALLOC2 27 -#define CRYPTO_LOCK_DSO 28 -#define CRYPTO_LOCK_DYNLOCK 29 -#define CRYPTO_LOCK_ENGINE 30 -#define CRYPTO_LOCK_UI 31 -#define CRYPTO_LOCK_ECDSA 32 -#define CRYPTO_LOCK_EC 33 -#define CRYPTO_LOCK_ECDH 34 -#define CRYPTO_LOCK_BN 35 -#define CRYPTO_LOCK_EC_PRE_COMP 36 -#define CRYPTO_LOCK_STORE 37 -#define CRYPTO_LOCK_COMP 38 -#define CRYPTO_LOCK_FIPS 39 -#define CRYPTO_LOCK_FIPS2 40 -#define CRYPTO_NUM_LOCKS 41 - -#define CRYPTO_LOCK 1 -#define CRYPTO_UNLOCK 2 -#define CRYPTO_READ 4 -#define CRYPTO_WRITE 8 - -#ifndef CRYPTO_w_lock -#define CRYPTO_w_lock(type) \ - CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__) -#define CRYPTO_w_unlock(type) \ - CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__) -#define CRYPTO_r_lock(type) \ - CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__) -#define CRYPTO_r_unlock(type) \ - CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__) -#define CRYPTO_add(addr,amount,type) \ - CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__) -#endif - -/* Some applications as well as some parts of OpenSSL need to allocate - and deallocate locks in a dynamic fashion. The following typedef - makes this possible in a type-safe manner. */ -/* struct CRYPTO_dynlock_value has to be defined by the application. */ -typedef struct { - int references; - struct CRYPTO_dynlock_value *data; -} CRYPTO_dynlock; - - -/* The following can be used to detect memory leaks in the SSLeay library. - * It used, it turns on malloc checking */ - -#define CRYPTO_MEM_CHECK_OFF 0x0 /* an enume */ -#define CRYPTO_MEM_CHECK_ON 0x1 /* a bit */ -#define CRYPTO_MEM_CHECK_ENABLE 0x2 /* a bit */ -#define CRYPTO_MEM_CHECK_DISABLE 0x3 /* an enume */ - -/* The following are bit values to turn on or off options connected to the - * malloc checking functionality */ - -/* Adds time to the memory checking information */ -#define V_CRYPTO_MDEBUG_TIME 0x1 /* a bit */ -/* Adds thread number to the memory checking information */ -#define V_CRYPTO_MDEBUG_THREAD 0x2 /* a bit */ - -#define V_CRYPTO_MDEBUG_ALL (V_CRYPTO_MDEBUG_TIME | V_CRYPTO_MDEBUG_THREAD) - - -/* predec of the BIO type */ -typedef struct bio_st BIO_dummy; - -struct crypto_ex_data_st { - STACK_OF(void) *sk; -}; -DECLARE_STACK_OF(void) - -/* This stuff is basically class callback functions - * The current classes are SSL_CTX, SSL, SSL_SESSION, and a few more */ - -typedef struct crypto_ex_data_func_st { - long argl; /* Arbitary long */ - void *argp; /* Arbitary void * */ - CRYPTO_EX_new *new_func; - CRYPTO_EX_free *free_func; - CRYPTO_EX_dup *dup_func; -} CRYPTO_EX_DATA_FUNCS; - -DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS) - -/* Per class, we have a STACK of CRYPTO_EX_DATA_FUNCS for each CRYPTO_EX_DATA - * entry. - */ - -#define CRYPTO_EX_INDEX_BIO 0 -#define CRYPTO_EX_INDEX_SSL 1 -#define CRYPTO_EX_INDEX_SSL_CTX 2 -#define CRYPTO_EX_INDEX_SSL_SESSION 3 -#define CRYPTO_EX_INDEX_X509_STORE 4 -#define CRYPTO_EX_INDEX_X509_STORE_CTX 5 -#define CRYPTO_EX_INDEX_RSA 6 -#define CRYPTO_EX_INDEX_DSA 7 -#define CRYPTO_EX_INDEX_DH 8 -#define CRYPTO_EX_INDEX_ENGINE 9 -#define CRYPTO_EX_INDEX_X509 10 -#define CRYPTO_EX_INDEX_UI 11 -#define CRYPTO_EX_INDEX_ECDSA 12 -#define CRYPTO_EX_INDEX_ECDH 13 -#define CRYPTO_EX_INDEX_COMP 14 -#define CRYPTO_EX_INDEX_STORE 15 -#define CRYPTO_EX_INDEX_EC_KEY 16 - -/* Dynamically assigned indexes start from this value (don't use directly, use - * via CRYPTO_ex_data_new_class). */ -#define CRYPTO_EX_INDEX_USER 100 - -#ifndef LIBRESSL_INTERNAL -#define CRYPTO_malloc_init() (0) -#define CRYPTO_malloc_debug_init() (0) - -#if defined CRYPTO_MDEBUG_ALL || defined CRYPTO_MDEBUG_TIME || defined CRYPTO_MDEBUG_THREAD -# ifndef CRYPTO_MDEBUG /* avoid duplicate #define */ -# define CRYPTO_MDEBUG -# endif -#endif - -int CRYPTO_mem_ctrl(int mode); -int CRYPTO_is_mem_check_on(void); - -/* for applications */ -#define MemCheck_start() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON) -#define MemCheck_stop() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_OFF) - -#define OPENSSL_malloc(num) CRYPTO_malloc((int)num,__FILE__,__LINE__) -#define OPENSSL_strdup(str) CRYPTO_strdup((str),__FILE__,__LINE__) -#define OPENSSL_realloc(addr,num) \ - CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__) -#define OPENSSL_realloc_clean(addr,old_num,num) \ - CRYPTO_realloc_clean(addr,old_num,num,__FILE__,__LINE__) -#define OPENSSL_remalloc(addr,num) \ - CRYPTO_remalloc((char **)addr,(int)num,__FILE__,__LINE__) -#define OPENSSL_freeFunc CRYPTO_free -#define OPENSSL_free(addr) CRYPTO_free(addr) - -#define OPENSSL_malloc_locked(num) \ - CRYPTO_malloc_locked((int)num,__FILE__,__LINE__) -#define OPENSSL_free_locked(addr) CRYPTO_free_locked(addr) -#endif - -const char *OpenSSL_version(int type); -#define OPENSSL_VERSION 0 -#define OPENSSL_CFLAGS 1 -#define OPENSSL_BUILT_ON 2 -#define OPENSSL_PLATFORM 3 -#define OPENSSL_DIR 4 -#define OPENSSL_ENGINES_DIR 5 -unsigned long OpenSSL_version_num(void); - -const char *SSLeay_version(int type); -unsigned long SSLeay(void); - -/* An opaque type representing an implementation of "ex_data" support */ -typedef struct st_CRYPTO_EX_DATA_IMPL CRYPTO_EX_DATA_IMPL; -/* Return an opaque pointer to the current "ex_data" implementation */ -const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); -/* Sets the "ex_data" implementation to be used (if it's not too late) */ -int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); -/* Get a new "ex_data" class, and return the corresponding "class_index" */ -int CRYPTO_ex_data_new_class(void); -/* Within a given class, get/register a new index */ -int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp, - CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, - CRYPTO_EX_free *free_func); -/* Initialise/duplicate/free CRYPTO_EX_DATA variables corresponding to a given - * class (invokes whatever per-class callbacks are applicable) */ -int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad); -int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to, - CRYPTO_EX_DATA *from); -void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad); -/* Get/set data in a CRYPTO_EX_DATA variable corresponding to a particular index - * (relative to the class type involved) */ -int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val); -void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad, int idx); -/* This function cleans up all "ex_data" state. It mustn't be called under - * potential race-conditions. */ -void CRYPTO_cleanup_all_ex_data(void); - -void CRYPTO_lock(int mode, int type, const char *file, int line); -int CRYPTO_add_lock(int *pointer, int amount, int type, const char *file, - int line); - -/* Don't use this structure directly. */ -typedef struct crypto_threadid_st { - void *ptr; - unsigned long val; -} CRYPTO_THREADID; -void CRYPTO_THREADID_current(CRYPTO_THREADID *id); -int CRYPTO_THREADID_cmp(const CRYPTO_THREADID *a, const CRYPTO_THREADID *b); -void CRYPTO_THREADID_cpy(CRYPTO_THREADID *dest, const CRYPTO_THREADID *src); -unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id); - -#ifndef LIBRESSL_INTERNAL -/* These functions are deprecated no-op stubs */ -void CRYPTO_set_id_callback(unsigned long (*func)(void)); -unsigned long (*CRYPTO_get_id_callback(void))(void); -unsigned long CRYPTO_thread_id(void); - -int CRYPTO_get_new_lockid(char *name); -const char *CRYPTO_get_lock_name(int type); - -int CRYPTO_num_locks(void); -void CRYPTO_set_locking_callback(void (*func)(int mode, int type, - const char *file, int line)); -void (*CRYPTO_get_locking_callback(void))(int mode, int type, - const char *file, int line); -void CRYPTO_set_add_lock_callback(int (*func)(int *num, int mount, int type, - const char *file, int line)); -int (*CRYPTO_get_add_lock_callback(void))(int *num, int mount, int type, - const char *file, int line); - -void CRYPTO_THREADID_set_numeric(CRYPTO_THREADID *id, unsigned long val); -void CRYPTO_THREADID_set_pointer(CRYPTO_THREADID *id, void *ptr); -int CRYPTO_THREADID_set_callback(void (*threadid_func)(CRYPTO_THREADID *)); -void (*CRYPTO_THREADID_get_callback(void))(CRYPTO_THREADID *); - -int CRYPTO_get_new_dynlockid(void); -void CRYPTO_destroy_dynlockid(int i); -struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i); -void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *(*dyn_create_function)(const char *file, int line)); -void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function)(int mode, struct CRYPTO_dynlock_value *l, const char *file, int line)); -void CRYPTO_set_dynlock_destroy_callback(void (*dyn_destroy_function)(struct CRYPTO_dynlock_value *l, const char *file, int line)); -struct CRYPTO_dynlock_value *(*CRYPTO_get_dynlock_create_callback(void))(const char *file, int line); -void (*CRYPTO_get_dynlock_lock_callback(void))(int mode, struct CRYPTO_dynlock_value *l, const char *file, int line); -void (*CRYPTO_get_dynlock_destroy_callback(void))(struct CRYPTO_dynlock_value *l, const char *file, int line); -#endif - -/* CRYPTO_set_mem_functions includes CRYPTO_set_locked_mem_functions -- - * call the latter last if you need different functions */ -int CRYPTO_set_mem_functions(void *(*m)(size_t), void *(*r)(void *, size_t), void (*f)(void *)); -int CRYPTO_set_locked_mem_functions(void *(*m)(size_t), void (*free_func)(void *)); -int CRYPTO_set_mem_ex_functions(void *(*m)(size_t, const char *, int), - void *(*r)(void *, size_t, const char *, int), void (*f)(void *)); -int CRYPTO_set_locked_mem_ex_functions(void *(*m)(size_t, const char *, int), - void (*free_func)(void *)); -int CRYPTO_set_mem_debug_functions( - void (*m)(void *, int, const char *, int, int), - void (*r)(void *, void *, int, const char *, int, int), - void (*f)(void *, int), void (*so)(long), long (*go)(void)); -void CRYPTO_get_mem_functions(void *(**m)(size_t), void *(**r)(void *, size_t), - void (**f)(void *)); -void CRYPTO_get_locked_mem_functions(void *(**m)(size_t), void (**f)(void *)); -void CRYPTO_get_mem_ex_functions(void *(**m)(size_t, const char *, int), - void *(**r)(void *, size_t, const char *, int), void (**f)(void *)); -void CRYPTO_get_locked_mem_ex_functions(void *(**m)(size_t, const char *, int), - void (**f)(void *)); -void CRYPTO_get_mem_debug_functions( - void (**m)(void *, int, const char *, int, int), - void (**r)(void *, void *, int, const char *, int, int), - void (**f)(void *, int), void (**so)(long), long (**go)(void)); - -#ifndef LIBRESSL_INTERNAL -void *CRYPTO_malloc_locked(int num, const char *file, int line); -void CRYPTO_free_locked(void *ptr); -void *CRYPTO_malloc(int num, const char *file, int line); -char *CRYPTO_strdup(const char *str, const char *file, int line); -void CRYPTO_free(void *ptr); -void *CRYPTO_realloc(void *addr, int num, const char *file, int line); -#endif - -void *CRYPTO_realloc_clean(void *addr, int old_num, int num, - const char *file, int line); -void *CRYPTO_remalloc(void *addr, int num, const char *file, int line); - -#ifndef LIBRESSL_INTERNAL -void OPENSSL_cleanse(void *ptr, size_t len); -#endif - -void CRYPTO_set_mem_debug_options(long bits); -long CRYPTO_get_mem_debug_options(void); - -#define CRYPTO_push_info(info) \ - CRYPTO_push_info_(info, __FILE__, __LINE__); -int CRYPTO_push_info_(const char *info, const char *file, int line); -int CRYPTO_pop_info(void); -int CRYPTO_remove_all_info(void); - - -/* Default debugging functions (enabled by CRYPTO_malloc_debug_init() macro; - * used as default in CRYPTO_MDEBUG compilations): */ -/* The last argument has the following significance: - * - * 0: called before the actual memory allocation has taken place - * 1: called after the actual memory allocation has taken place - */ -void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line, int before_p) - __attribute__ ((deprecated)); -void CRYPTO_dbg_realloc(void *addr1, void *addr2, int num, const char *file, int line, int before_p) - __attribute__ ((deprecated)); -void CRYPTO_dbg_free(void *addr, int before_p) - __attribute__ ((deprecated)); -/* Tell the debugging code about options. By default, the following values - * apply: - * - * 0: Clear all options. - * V_CRYPTO_MDEBUG_TIME (1): Set the "Show Time" option. - * V_CRYPTO_MDEBUG_THREAD (2): Set the "Show Thread Number" option. - * V_CRYPTO_MDEBUG_ALL (3): 1 + 2 - */ -void CRYPTO_dbg_set_options(long bits) - __attribute__ ((deprecated)); -long CRYPTO_dbg_get_options(void) - __attribute__ ((deprecated)); - - -int CRYPTO_mem_leaks_fp(FILE *); -int CRYPTO_mem_leaks(struct bio_st *bio); -/* unsigned long order, char *file, int line, int num_bytes, char *addr */ -typedef int *CRYPTO_MEM_LEAK_CB(unsigned long, const char *, int, int, void *); -int CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb); - -/* die if we have to */ -void OpenSSLDie(const char *file, int line, const char *assertion); -#define OPENSSL_assert(e) (void)((e) ? 0 : (OpenSSLDie(__FILE__, __LINE__, #e),1)) - -uint64_t OPENSSL_cpu_caps(void); - -int OPENSSL_isservice(void); - -#ifndef LIBRESSL_INTERNAL -void OPENSSL_init(void); - -/* CRYPTO_memcmp returns zero iff the |len| bytes at |a| and |b| are equal. It - * takes an amount of time dependent on |len|, but independent of the contents - * of |a| and |b|. Unlike memcmp, it cannot be used to put elements into a - * defined order as the return value when a != b is undefined, other than to be - * non-zero. */ -int CRYPTO_memcmp(const void *a, const void *b, size_t len); -#endif - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_CRYPTO_strings(void); - -/* Error codes for the CRYPTO functions. */ - -/* Function codes. */ -#define CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX 100 -#define CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID 103 -#define CRYPTO_F_CRYPTO_GET_NEW_LOCKID 101 -#define CRYPTO_F_CRYPTO_SET_EX_DATA 102 -#define CRYPTO_F_DEF_ADD_INDEX 104 -#define CRYPTO_F_DEF_GET_CLASS 105 -#define CRYPTO_F_FIPS_MODE_SET 109 -#define CRYPTO_F_INT_DUP_EX_DATA 106 -#define CRYPTO_F_INT_FREE_EX_DATA 107 -#define CRYPTO_F_INT_NEW_EX_DATA 108 - -/* Reason codes. */ -#define CRYPTO_R_FIPS_MODE_NOT_SUPPORTED 101 -#define CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK 100 - -/* - * OpenSSL compatible OPENSSL_INIT options. - */ - -#define OPENSSL_INIT_NO_LOAD_CONFIG 0x00000001L -#define OPENSSL_INIT_LOAD_CONFIG 0x00000002L - -/* LibreSSL specific */ -#define _OPENSSL_INIT_FLAG_NOOP 0x80000000L - -/* - * These are provided for compatibiliy, but have no effect - * on how LibreSSL is initialized. - */ -#define OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS _OPENSSL_INIT_FLAG_NOOP -#define OPENSSL_INIT_LOAD_CRYPTO_STRINGS _OPENSSL_INIT_FLAG_NOOP -#define OPENSSL_INIT_ADD_ALL_CIPHERS _OPENSSL_INIT_FLAG_NOOP -#define OPENSSL_INIT_ADD_ALL_DIGESTS _OPENSSL_INIT_FLAG_NOOP -#define OPENSSL_INIT_NO_ADD_ALL_CIPHERS _OPENSSL_INIT_FLAG_NOOP -#define OPENSSL_INIT_NO_ADD_ALL_DIGESTS _OPENSSL_INIT_FLAG_NOOP -#define OPENSSL_INIT_ASYNC _OPENSSL_INIT_FLAG_NOOP -#define OPENSSL_INIT_ENGINE_RDRAND _OPENSSL_INIT_FLAG_NOOP -#define OPENSSL_INIT_ENGINE_DYNAMIC _OPENSSL_INIT_FLAG_NOOP -#define OPENSSL_INIT_ENGINE_OPENSSL _OPENSSL_INIT_FLAG_NOOP -#define OPENSSL_INIT_ENGINE_CRYPTODEV _OPENSSL_INIT_FLAG_NOOP -#define OPENSSL_INIT_ENGINE_CAPI _OPENSSL_INIT_FLAG_NOOP -#define OPENSSL_INIT_ENGINE_PADLOCK _OPENSSL_INIT_FLAG_NOOP -#define OPENSSL_INIT_ENGINE_AFALG _OPENSSL_INIT_FLAG_NOOP -#define OPENSSL_INIT_reserved_internal _OPENSSL_INIT_FLAG_NOOP -#define OPENSSL_INIT_ATFORK _OPENSSL_INIT_FLAG_NOOP -#define OPENSSL_INIT_ENGINE_ALL_BUILTIN _OPENSSL_INIT_FLAG_NOOP - -int OPENSSL_init_crypto(uint64_t opts, const void *settings); - -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/openssl/curve25519.h b/libressl/include64/openssl/curve25519.h deleted file mode 100644 index c16a4e26..00000000 --- a/libressl/include64/openssl/curve25519.h +++ /dev/null @@ -1,68 +0,0 @@ -/* $OpenBSD: curve25519.h,v 1.3 2019/05/11 15:55:52 tb Exp $ */ -/* - * Copyright (c) 2015, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef HEADER_CURVE25519_H -#define HEADER_CURVE25519_H - -#include <stdint.h> - -#include <openssl/opensslconf.h> - -#if defined(__cplusplus) -extern "C" { -#endif - -/* - * Curve25519. - * - * Curve25519 is an elliptic curve. See https://tools.ietf.org/html/rfc7748. - */ - -/* - * X25519. - * - * X25519 is the Diffie-Hellman primitive built from curve25519. It is - * sometimes referred to as curve25519, but X25519 is a more precise name. - * See http://cr.yp.to/ecdh.html and https://tools.ietf.org/html/rfc7748. - */ - -#define X25519_KEY_LENGTH 32 - -/* - * X25519_keypair sets |out_public_value| and |out_private_key| to a freshly - * generated, public/private key pair. - */ -void X25519_keypair(uint8_t out_public_value[X25519_KEY_LENGTH], - uint8_t out_private_key[X25519_KEY_LENGTH]); - -/* - * X25519 writes a shared key to |out_shared_key| that is calculated from the - * given private key and the peer's public value. It returns one on success and - * zero on error. - * - * Don't use the shared key directly, rather use a KDF and also include the two - * public values as inputs. - */ -int X25519(uint8_t out_shared_key[X25519_KEY_LENGTH], - const uint8_t private_key[X25519_KEY_LENGTH], - const uint8_t peers_public_value[X25519_KEY_LENGTH]); - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#endif /* HEADER_CURVE25519_H */ diff --git a/libressl/include64/openssl/des.h b/libressl/include64/openssl/des.h deleted file mode 100644 index e1331d3f..00000000 --- a/libressl/include64/openssl/des.h +++ /dev/null @@ -1,219 +0,0 @@ -/* $OpenBSD: des.h,v 1.19 2015/02/07 13:19:15 doug Exp $ */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_NEW_DES_H -#define HEADER_NEW_DES_H - -#include <openssl/opensslconf.h> - -#ifdef OPENSSL_NO_DES -#error DES is disabled. -#endif - - -#ifdef __cplusplus -extern "C" { -#endif - -typedef unsigned char DES_cblock[8]; -typedef /* const */ unsigned char const_DES_cblock[8]; -/* With "const", gcc 2.8.1 on Solaris thinks that DES_cblock * - * and const_DES_cblock * are incompatible pointer types. */ - -typedef struct DES_ks - { - union - { - DES_cblock cblock; - /* make sure things are correct size on machines with - * 8 byte longs */ - DES_LONG deslong[2]; - } ks[16]; - } DES_key_schedule; - -#define DES_KEY_SZ (sizeof(DES_cblock)) -#define DES_SCHEDULE_SZ (sizeof(DES_key_schedule)) - -#define DES_ENCRYPT 1 -#define DES_DECRYPT 0 - -#define DES_CBC_MODE 0 -#define DES_PCBC_MODE 1 - -#define DES_ecb2_encrypt(i,o,k1,k2,e) \ - DES_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e)) - -#define DES_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \ - DES_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e)) - -#define DES_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \ - DES_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e)) - -#define DES_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \ - DES_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n)) - -extern int DES_check_key; /* defaults to false */ -extern int DES_rw_mode; /* defaults to DES_PCBC_MODE */ - -const char *DES_options(void); -void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output, - DES_key_schedule *ks1,DES_key_schedule *ks2, - DES_key_schedule *ks3, int enc); -DES_LONG DES_cbc_cksum(const unsigned char *input,DES_cblock *output, - long length,DES_key_schedule *schedule, - const_DES_cblock *ivec); -/* DES_cbc_encrypt does not update the IV! Use DES_ncbc_encrypt instead. */ -void DES_cbc_encrypt(const unsigned char *input,unsigned char *output, - long length,DES_key_schedule *schedule,DES_cblock *ivec, - int enc); -void DES_ncbc_encrypt(const unsigned char *input,unsigned char *output, - long length,DES_key_schedule *schedule,DES_cblock *ivec, - int enc); -void DES_xcbc_encrypt(const unsigned char *input,unsigned char *output, - long length,DES_key_schedule *schedule,DES_cblock *ivec, - const_DES_cblock *inw,const_DES_cblock *outw,int enc); -void DES_cfb_encrypt(const unsigned char *in,unsigned char *out,int numbits, - long length,DES_key_schedule *schedule,DES_cblock *ivec, - int enc); -void DES_ecb_encrypt(const_DES_cblock *input,DES_cblock *output, - DES_key_schedule *ks,int enc); - -/* This is the DES encryption function that gets called by just about - every other DES routine in the library. You should not use this - function except to implement 'modes' of DES. I say this because the - functions that call this routine do the conversion from 'char *' to - long, and this needs to be done to make sure 'non-aligned' memory - access do not occur. The characters are loaded 'little endian'. - Data is a pointer to 2 unsigned long's and ks is the - DES_key_schedule to use. enc, is non zero specifies encryption, - zero if decryption. */ -void DES_encrypt1(DES_LONG *data,DES_key_schedule *ks, int enc); - -/* This functions is the same as DES_encrypt1() except that the DES - initial permutation (IP) and final permutation (FP) have been left - out. As for DES_encrypt1(), you should not use this function. - It is used by the routines in the library that implement triple DES. - IP() DES_encrypt2() DES_encrypt2() DES_encrypt2() FP() is the same - as DES_encrypt1() DES_encrypt1() DES_encrypt1() except faster :-). */ -void DES_encrypt2(DES_LONG *data,DES_key_schedule *ks, int enc); - -void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1, - DES_key_schedule *ks2, DES_key_schedule *ks3); -void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1, - DES_key_schedule *ks2, DES_key_schedule *ks3); -void DES_ede3_cbc_encrypt(const unsigned char *input,unsigned char *output, - long length, - DES_key_schedule *ks1,DES_key_schedule *ks2, - DES_key_schedule *ks3,DES_cblock *ivec,int enc); -void DES_ede3_cbcm_encrypt(const unsigned char *in,unsigned char *out, - long length, - DES_key_schedule *ks1,DES_key_schedule *ks2, - DES_key_schedule *ks3, - DES_cblock *ivec1,DES_cblock *ivec2, - int enc); -void DES_ede3_cfb64_encrypt(const unsigned char *in,unsigned char *out, - long length,DES_key_schedule *ks1, - DES_key_schedule *ks2,DES_key_schedule *ks3, - DES_cblock *ivec,int *num,int enc); -void DES_ede3_cfb_encrypt(const unsigned char *in,unsigned char *out, - int numbits,long length,DES_key_schedule *ks1, - DES_key_schedule *ks2,DES_key_schedule *ks3, - DES_cblock *ivec,int enc); -void DES_ede3_ofb64_encrypt(const unsigned char *in,unsigned char *out, - long length,DES_key_schedule *ks1, - DES_key_schedule *ks2,DES_key_schedule *ks3, - DES_cblock *ivec,int *num); -int DES_enc_read(int fd,void *buf,int len,DES_key_schedule *sched, - DES_cblock *iv); -int DES_enc_write(int fd,const void *buf,int len,DES_key_schedule *sched, - DES_cblock *iv); -char *DES_fcrypt(const char *buf,const char *salt, char *ret); -char *DES_crypt(const char *buf,const char *salt); -void DES_ofb_encrypt(const unsigned char *in,unsigned char *out,int numbits, - long length,DES_key_schedule *schedule,DES_cblock *ivec); -void DES_pcbc_encrypt(const unsigned char *input,unsigned char *output, - long length,DES_key_schedule *schedule,DES_cblock *ivec, - int enc); -DES_LONG DES_quad_cksum(const unsigned char *input,DES_cblock output[], - long length,int out_count,DES_cblock *seed); -int DES_random_key(DES_cblock *ret); -void DES_set_odd_parity(DES_cblock *key); -int DES_check_key_parity(const_DES_cblock *key); -int DES_is_weak_key(const_DES_cblock *key); -/* DES_set_key (= set_key = DES_key_sched = key_sched) calls - * DES_set_key_checked if global variable DES_check_key is set, - * DES_set_key_unchecked otherwise. */ -int DES_set_key(const_DES_cblock *key,DES_key_schedule *schedule); -int DES_key_sched(const_DES_cblock *key,DES_key_schedule *schedule); -int DES_set_key_checked(const_DES_cblock *key,DES_key_schedule *schedule); -void DES_set_key_unchecked(const_DES_cblock *key,DES_key_schedule *schedule); -void DES_string_to_key(const char *str,DES_cblock *key); -void DES_string_to_2keys(const char *str,DES_cblock *key1,DES_cblock *key2); -void DES_cfb64_encrypt(const unsigned char *in,unsigned char *out,long length, - DES_key_schedule *schedule,DES_cblock *ivec,int *num, - int enc); -void DES_ofb64_encrypt(const unsigned char *in,unsigned char *out,long length, - DES_key_schedule *schedule,DES_cblock *ivec,int *num); - -#define DES_fixup_key_parity DES_set_odd_parity - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/libressl/include64/openssl/dh.h b/libressl/include64/openssl/dh.h deleted file mode 100644 index 082b5025..00000000 --- a/libressl/include64/openssl/dh.h +++ /dev/null @@ -1,281 +0,0 @@ -/* $OpenBSD: dh.h,v 1.25 2018/02/22 16:41:04 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_DH_H -#define HEADER_DH_H - -#include <openssl/opensslconf.h> - -#ifdef OPENSSL_NO_DH -#error DH is disabled. -#endif - -#ifndef OPENSSL_NO_BIO -#include <openssl/bio.h> -#endif -#include <openssl/ossl_typ.h> -#ifndef OPENSSL_NO_DEPRECATED -#include <openssl/bn.h> -#endif - -#ifndef OPENSSL_DH_MAX_MODULUS_BITS -# define OPENSSL_DH_MAX_MODULUS_BITS 10000 -#endif - -#define DH_FLAG_CACHE_MONT_P 0x01 - -/* If this flag is set the DH method is FIPS compliant and can be used - * in FIPS mode. This is set in the validated module method. If an - * application sets this flag in its own methods it is its reposibility - * to ensure the result is compliant. - */ - -#define DH_FLAG_FIPS_METHOD 0x0400 - -/* If this flag is set the operations normally disabled in FIPS mode are - * permitted it is then the applications responsibility to ensure that the - * usage is compliant. - */ - -#define DH_FLAG_NON_FIPS_ALLOW 0x0400 - -#ifdef __cplusplus -extern "C" { -#endif - -/* Already defined in ossl_typ.h */ -/* typedef struct dh_st DH; */ -/* typedef struct dh_method DH_METHOD; */ - -struct dh_method - { - const char *name; - /* Methods here */ - int (*generate_key)(DH *dh); - int (*compute_key)(unsigned char *key,const BIGNUM *pub_key,DH *dh); - int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a, - const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); /* Can be null */ - - int (*init)(DH *dh); - int (*finish)(DH *dh); - int flags; - char *app_data; - /* If this is non-NULL, it will be used to generate parameters */ - int (*generate_params)(DH *dh, int prime_len, int generator, BN_GENCB *cb); - }; - -struct dh_st - { - /* This first argument is used to pick up errors when - * a DH is passed instead of a EVP_PKEY */ - int pad; - int version; - BIGNUM *p; - BIGNUM *g; - long length; /* optional */ - BIGNUM *pub_key; /* g^x */ - BIGNUM *priv_key; /* x */ - - int flags; - BN_MONT_CTX *method_mont_p; - /* Place holders if we want to do X9.42 DH */ - BIGNUM *q; - BIGNUM *j; - unsigned char *seed; - int seedlen; - BIGNUM *counter; - - int references; - CRYPTO_EX_DATA ex_data; - const DH_METHOD *meth; - ENGINE *engine; - }; - -#define DH_GENERATOR_2 2 -/* #define DH_GENERATOR_3 3 */ -#define DH_GENERATOR_5 5 - -/* DH_check error codes */ -#define DH_CHECK_P_NOT_PRIME 0x01 -#define DH_CHECK_P_NOT_SAFE_PRIME 0x02 -#define DH_UNABLE_TO_CHECK_GENERATOR 0x04 -#define DH_NOT_SUITABLE_GENERATOR 0x08 - -/* DH_check_pub_key error codes */ -#define DH_CHECK_PUBKEY_TOO_SMALL 0x01 -#define DH_CHECK_PUBKEY_TOO_LARGE 0x02 - -/* primes p where (p-1)/2 is prime too are called "safe"; we define - this for backward compatibility: */ -#define DH_CHECK_P_NOT_STRONG_PRIME DH_CHECK_P_NOT_SAFE_PRIME - -DH *d2i_DHparams_bio(BIO *bp, DH **a); -int i2d_DHparams_bio(BIO *bp, DH *a); -DH *d2i_DHparams_fp(FILE *fp, DH **a); -int i2d_DHparams_fp(FILE *fp, DH *a); - -DH *DHparams_dup(DH *); - -const DH_METHOD *DH_OpenSSL(void); - -void DH_set_default_method(const DH_METHOD *meth); -const DH_METHOD *DH_get_default_method(void); -int DH_set_method(DH *dh, const DH_METHOD *meth); -DH *DH_new_method(ENGINE *engine); - -DH * DH_new(void); -void DH_free(DH *dh); -int DH_up_ref(DH *dh); -int DH_size(const DH *dh); -int DH_bits(const DH *dh); -int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -int DH_set_ex_data(DH *d, int idx, void *arg); -void *DH_get_ex_data(DH *d, int idx); - -ENGINE *DH_get0_engine(DH *d); -void DH_get0_pqg(const DH *dh, const BIGNUM **p, const BIGNUM **q, - const BIGNUM **g); -int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g); -void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key); -int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key); -void DH_clear_flags(DH *dh, int flags); -int DH_test_flags(const DH *dh, int flags); -void DH_set_flags(DH *dh, int flags); -int DH_set_length(DH *dh, long length); - -/* Deprecated version */ -#ifndef OPENSSL_NO_DEPRECATED -DH * DH_generate_parameters(int prime_len,int generator, - void (*callback)(int,int,void *),void *cb_arg); -#endif /* !defined(OPENSSL_NO_DEPRECATED) */ - -/* New version */ -int DH_generate_parameters_ex(DH *dh, int prime_len,int generator, BN_GENCB *cb); - -int DH_check(const DH *dh,int *codes); -int DH_check_pub_key(const DH *dh,const BIGNUM *pub_key, int *codes); -int DH_generate_key(DH *dh); -int DH_compute_key(unsigned char *key,const BIGNUM *pub_key,DH *dh); -DH * d2i_DHparams(DH **a,const unsigned char **pp, long length); -int i2d_DHparams(const DH *a,unsigned char **pp); -int DHparams_print_fp(FILE *fp, const DH *x); -#ifndef OPENSSL_NO_BIO -int DHparams_print(BIO *bp, const DH *x); -#else -int DHparams_print(char *bp, const DH *x); -#endif - -#define EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \ - EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, len, NULL) - -#define EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, gen) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \ - EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR, gen, NULL) - -#define EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN (EVP_PKEY_ALG_CTRL + 1) -#define EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR (EVP_PKEY_ALG_CTRL + 2) - - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_DH_strings(void); - -/* Error codes for the DH functions. */ - -/* Function codes. */ -#define DH_F_COMPUTE_KEY 102 -#define DH_F_DHPARAMS_PRINT_FP 101 -#define DH_F_DH_BUILTIN_GENPARAMS 106 -#define DH_F_DH_COMPUTE_KEY 114 -#define DH_F_DH_GENERATE_KEY 115 -#define DH_F_DH_GENERATE_PARAMETERS_EX 116 -#define DH_F_DH_NEW_METHOD 105 -#define DH_F_DH_PARAM_DECODE 107 -#define DH_F_DH_PRIV_DECODE 110 -#define DH_F_DH_PRIV_ENCODE 111 -#define DH_F_DH_PUB_DECODE 108 -#define DH_F_DH_PUB_ENCODE 109 -#define DH_F_DO_DH_PRINT 100 -#define DH_F_GENERATE_KEY 103 -#define DH_F_GENERATE_PARAMETERS 104 -#define DH_F_PKEY_DH_DERIVE 112 -#define DH_F_PKEY_DH_KEYGEN 113 - -/* Reason codes. */ -#define DH_R_BAD_GENERATOR 101 -#define DH_R_BN_DECODE_ERROR 109 -#define DH_R_BN_ERROR 106 -#define DH_R_DECODE_ERROR 104 -#define DH_R_INVALID_PUBKEY 102 -#define DH_R_KEYS_NOT_SET 108 -#define DH_R_KEY_SIZE_TOO_SMALL 110 -#define DH_R_MODULUS_TOO_LARGE 103 -#define DH_R_NON_FIPS_METHOD 111 -#define DH_R_NO_PARAMETERS_SET 107 -#define DH_R_NO_PRIVATE_VALUE 100 -#define DH_R_PARAMETER_ENCODING_ERROR 105 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/openssl/dsa.h b/libressl/include64/openssl/dsa.h deleted file mode 100644 index 61bfc2b4..00000000 --- a/libressl/include64/openssl/dsa.h +++ /dev/null @@ -1,339 +0,0 @@ -/* $OpenBSD: dsa.h,v 1.30 2018/03/17 15:19:12 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* - * The DSS routines are based on patches supplied by - * Steven Schoch <schoch@sheba.arc.nasa.gov>. He basically did the - * work and I have just tweaked them a little to fit into my - * stylistic vision for SSLeay :-) */ - -#ifndef HEADER_DSA_H -#define HEADER_DSA_H - -#include <openssl/opensslconf.h> - -#ifdef OPENSSL_NO_DSA -#error DSA is disabled. -#endif - -#ifndef OPENSSL_NO_BIO -#include <openssl/bio.h> -#endif -#include <openssl/crypto.h> -#include <openssl/ossl_typ.h> - -#ifndef OPENSSL_NO_DEPRECATED -#include <openssl/bn.h> -#ifndef OPENSSL_NO_DH -# include <openssl/dh.h> -#endif -#endif - -#ifndef OPENSSL_DSA_MAX_MODULUS_BITS -# define OPENSSL_DSA_MAX_MODULUS_BITS 10000 -#endif - -#define DSA_FLAG_CACHE_MONT_P 0x01 - -/* If this flag is set the DSA method is FIPS compliant and can be used - * in FIPS mode. This is set in the validated module method. If an - * application sets this flag in its own methods it is its reposibility - * to ensure the result is compliant. - */ - -#define DSA_FLAG_FIPS_METHOD 0x0400 - -/* If this flag is set the operations normally disabled in FIPS mode are - * permitted it is then the applications responsibility to ensure that the - * usage is compliant. - */ - -#define DSA_FLAG_NON_FIPS_ALLOW 0x0400 - -#ifdef __cplusplus -extern "C" { -#endif - -/* Already defined in ossl_typ.h */ -/* typedef struct dsa_st DSA; */ -/* typedef struct dsa_method DSA_METHOD; */ - -typedef struct DSA_SIG_st - { - BIGNUM *r; - BIGNUM *s; - } DSA_SIG; - -struct dsa_method - { - const char *name; - DSA_SIG * (*dsa_do_sign)(const unsigned char *dgst, int dlen, DSA *dsa); - int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, - BIGNUM **rp); - int (*dsa_do_verify)(const unsigned char *dgst, int dgst_len, - DSA_SIG *sig, DSA *dsa); - int (*dsa_mod_exp)(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, - BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *in_mont); - int (*bn_mod_exp)(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); /* Can be null */ - int (*init)(DSA *dsa); - int (*finish)(DSA *dsa); - int flags; - char *app_data; - /* If this is non-NULL, it is used to generate DSA parameters */ - int (*dsa_paramgen)(DSA *dsa, int bits, - const unsigned char *seed, int seed_len, - int *counter_ret, unsigned long *h_ret, - BN_GENCB *cb); - /* If this is non-NULL, it is used to generate DSA keys */ - int (*dsa_keygen)(DSA *dsa); - }; - -struct dsa_st - { - /* This first variable is used to pick up errors where - * a DSA is passed instead of of a EVP_PKEY */ - int pad; - long version; - int write_params; - BIGNUM *p; - BIGNUM *q; /* == 20 */ - BIGNUM *g; - - BIGNUM *pub_key; /* y public key */ - BIGNUM *priv_key; /* x private key */ - - BIGNUM *kinv; /* Signing pre-calc */ - BIGNUM *r; /* Signing pre-calc */ - - int flags; - /* Normally used to cache montgomery values */ - BN_MONT_CTX *method_mont_p; - int references; - CRYPTO_EX_DATA ex_data; - const DSA_METHOD *meth; - /* functional reference if 'meth' is ENGINE-provided */ - ENGINE *engine; - }; - -DSA *d2i_DSAparams_bio(BIO *bp, DSA **a); -int i2d_DSAparams_bio(BIO *bp, DSA *a); -DSA *d2i_DSAparams_fp(FILE *fp, DSA **a); -int i2d_DSAparams_fp(FILE *fp, DSA *a); - -DSA *DSAparams_dup(DSA *x); -DSA_SIG * DSA_SIG_new(void); -void DSA_SIG_free(DSA_SIG *a); -int i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp); -DSA_SIG * d2i_DSA_SIG(DSA_SIG **v, const unsigned char **pp, long length); -void DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps); -int DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s); - -DSA_SIG * DSA_do_sign(const unsigned char *dgst,int dlen,DSA *dsa); -int DSA_do_verify(const unsigned char *dgst,int dgst_len, - DSA_SIG *sig,DSA *dsa); - -const DSA_METHOD *DSA_OpenSSL(void); - -void DSA_set_default_method(const DSA_METHOD *); -const DSA_METHOD *DSA_get_default_method(void); -int DSA_set_method(DSA *dsa, const DSA_METHOD *); - -DSA * DSA_new(void); -DSA * DSA_new_method(ENGINE *engine); -void DSA_free(DSA *r); -/* "up" the DSA object's reference count */ -int DSA_up_ref(DSA *r); -int DSA_size(const DSA *); - /* next 4 return -1 on error */ -int DSA_sign_setup( DSA *dsa,BN_CTX *ctx_in,BIGNUM **kinvp,BIGNUM **rp); -int DSA_sign(int type,const unsigned char *dgst,int dlen, - unsigned char *sig, unsigned int *siglen, DSA *dsa); -int DSA_verify(int type,const unsigned char *dgst,int dgst_len, - const unsigned char *sigbuf, int siglen, DSA *dsa); -int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -int DSA_set_ex_data(DSA *d, int idx, void *arg); -void *DSA_get_ex_data(DSA *d, int idx); - -DSA *d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length); -int i2d_DSAPublicKey(const DSA *a, unsigned char **pp); -extern const ASN1_ITEM DSAPublicKey_it; - -DSA *d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length); -int i2d_DSAPrivateKey(const DSA *a, unsigned char **pp); -extern const ASN1_ITEM DSAPrivateKey_it; - -DSA *d2i_DSAparams(DSA **a, const unsigned char **pp, long length); -int i2d_DSAparams(const DSA *a,unsigned char **pp); -extern const ASN1_ITEM DSAparams_it; - -/* Deprecated version */ -#ifndef OPENSSL_NO_DEPRECATED -DSA * DSA_generate_parameters(int bits, - unsigned char *seed,int seed_len, - int *counter_ret, unsigned long *h_ret,void - (*callback)(int, int, void *),void *cb_arg); -#endif /* !defined(OPENSSL_NO_DEPRECATED) */ - -/* New version */ -int DSA_generate_parameters_ex(DSA *dsa, int bits, - const unsigned char *seed,int seed_len, - int *counter_ret, unsigned long *h_ret, BN_GENCB *cb); - -int DSA_generate_key(DSA *a); - -#ifndef OPENSSL_NO_BIO -int DSAparams_print(BIO *bp, const DSA *x); -int DSA_print(BIO *bp, const DSA *x, int off); -#endif -int DSAparams_print_fp(FILE *fp, const DSA *x); -int DSA_print_fp(FILE *bp, const DSA *x, int off); - -#define DSS_prime_checks 50 -/* Primality test according to FIPS PUB 186[-1], Appendix 2.1: - * 50 rounds of Rabin-Miller */ -#define DSA_is_prime(n, callback, cb_arg) \ - BN_is_prime(n, DSS_prime_checks, callback, NULL, cb_arg) - -#ifndef OPENSSL_NO_DH -/* Convert DSA structure (key or just parameters) into DH structure - * (be careful to avoid small subgroup attacks when using this!) */ -DH *DSA_dup_DH(const DSA *r); -#endif - -void DSA_get0_pqg(const DSA *d, const BIGNUM **p, const BIGNUM **q, - const BIGNUM **g); -int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g); -void DSA_get0_key(const DSA *d, const BIGNUM **pub_key, const BIGNUM **priv_key); -int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key); -void DSA_clear_flags(DSA *d, int flags); -int DSA_test_flags(const DSA *d, int flags); -void DSA_set_flags(DSA *d, int flags); -ENGINE *DSA_get0_engine(DSA *d); - -DSA_METHOD *DSA_meth_new(const char *name, int flags); -void DSA_meth_free(DSA_METHOD *meth); -DSA_METHOD *DSA_meth_dup(const DSA_METHOD *meth); -int DSA_meth_set_sign(DSA_METHOD *meth, - DSA_SIG *(*sign)(const unsigned char *, int, DSA *)); -int DSA_meth_set_finish(DSA_METHOD *meth, int (*finish)(DSA *)); - -#define EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \ - EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, nbits, NULL) - -#define EVP_PKEY_CTRL_DSA_PARAMGEN_BITS (EVP_PKEY_ALG_CTRL + 1) -#define EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS (EVP_PKEY_ALG_CTRL + 2) -#define EVP_PKEY_CTRL_DSA_PARAMGEN_MD (EVP_PKEY_ALG_CTRL + 3) - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_DSA_strings(void); - -/* Error codes for the DSA functions. */ - -/* Function codes. */ -#define DSA_F_D2I_DSA_SIG 110 -#define DSA_F_DO_DSA_PRINT 104 -#define DSA_F_DSAPARAMS_PRINT 100 -#define DSA_F_DSAPARAMS_PRINT_FP 101 -#define DSA_F_DSA_DO_SIGN 112 -#define DSA_F_DSA_DO_VERIFY 113 -#define DSA_F_DSA_GENERATE_KEY 124 -#define DSA_F_DSA_GENERATE_PARAMETERS_EX 123 -#define DSA_F_DSA_NEW_METHOD 103 -#define DSA_F_DSA_PARAM_DECODE 119 -#define DSA_F_DSA_PRINT_FP 105 -#define DSA_F_DSA_PRIV_DECODE 115 -#define DSA_F_DSA_PRIV_ENCODE 116 -#define DSA_F_DSA_PUB_DECODE 117 -#define DSA_F_DSA_PUB_ENCODE 118 -#define DSA_F_DSA_SIGN 106 -#define DSA_F_DSA_SIGN_SETUP 107 -#define DSA_F_DSA_SIG_NEW 109 -#define DSA_F_DSA_SIG_PRINT 125 -#define DSA_F_DSA_VERIFY 108 -#define DSA_F_I2D_DSA_SIG 111 -#define DSA_F_OLD_DSA_PRIV_DECODE 122 -#define DSA_F_PKEY_DSA_CTRL 120 -#define DSA_F_PKEY_DSA_KEYGEN 121 -#define DSA_F_SIG_CB 114 - -/* Reason codes. */ -#define DSA_R_BAD_Q_VALUE 102 -#define DSA_R_BN_DECODE_ERROR 108 -#define DSA_R_BN_ERROR 109 -#define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100 -#define DSA_R_DECODE_ERROR 104 -#define DSA_R_INVALID_DIGEST_TYPE 106 -#define DSA_R_MISSING_PARAMETERS 101 -#define DSA_R_MODULUS_TOO_LARGE 103 -#define DSA_R_NEED_NEW_SETUP_VALUES 110 -#define DSA_R_NON_FIPS_DSA_METHOD 111 -#define DSA_R_NO_PARAMETERS_SET 107 -#define DSA_R_PARAMETER_ENCODING_ERROR 105 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/openssl/dso.h b/libressl/include64/openssl/dso.h deleted file mode 100644 index 6c982c9f..00000000 --- a/libressl/include64/openssl/dso.h +++ /dev/null @@ -1,386 +0,0 @@ -/* $OpenBSD: dso.h,v 1.12 2016/03/15 20:50:22 krw Exp $ */ -/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_DSO_H -#define HEADER_DSO_H - -#include <openssl/crypto.h> - -#ifdef __cplusplus -extern "C" { -#endif - -/* These values are used as commands to DSO_ctrl() */ -#define DSO_CTRL_GET_FLAGS 1 -#define DSO_CTRL_SET_FLAGS 2 -#define DSO_CTRL_OR_FLAGS 3 - -/* By default, DSO_load() will translate the provided filename into a form - * typical for the platform (more specifically the DSO_METHOD) using the - * dso_name_converter function of the method. Eg. win32 will transform "blah" - * into "blah.dll", and dlfcn will transform it into "libblah.so". The - * behaviour can be overridden by setting the name_converter callback in the DSO - * object (using DSO_set_name_converter()). This callback could even utilise - * the DSO_METHOD's converter too if it only wants to override behaviour for - * one or two possible DSO methods. However, the following flag can be set in a - * DSO to prevent *any* native name-translation at all - eg. if the caller has - * prompted the user for a path to a driver library so the filename should be - * interpreted as-is. */ -#define DSO_FLAG_NO_NAME_TRANSLATION 0x01 -/* An extra flag to give if only the extension should be added as - * translation. This is obviously only of importance on Unix and - * other operating systems where the translation also may prefix - * the name with something, like 'lib', and ignored everywhere else. - * This flag is also ignored if DSO_FLAG_NO_NAME_TRANSLATION is used - * at the same time. */ -#define DSO_FLAG_NAME_TRANSLATION_EXT_ONLY 0x02 - -/* The following flag controls the translation of symbol names to upper - * case. This is currently only being implemented for OpenVMS. - */ -#define DSO_FLAG_UPCASE_SYMBOL 0x10 - -/* This flag loads the library with public symbols. - * Meaning: The exported symbols of this library are public - * to all libraries loaded after this library. - * At the moment only implemented in unix. - */ -#define DSO_FLAG_GLOBAL_SYMBOLS 0x20 - - -typedef void (*DSO_FUNC_TYPE)(void); - -typedef struct dso_st DSO; - -/* The function prototype used for method functions (or caller-provided - * callbacks) that transform filenames. They are passed a DSO structure pointer - * (or NULL if they are to be used independantly of a DSO object) and a - * filename to transform. They should either return NULL (if there is an error - * condition) or a newly allocated string containing the transformed form that - * the caller will need to free with free() when done. */ -typedef char* (*DSO_NAME_CONVERTER_FUNC)(DSO *, const char *); -/* The function prototype used for method functions (or caller-provided - * callbacks) that merge two file specifications. They are passed a - * DSO structure pointer (or NULL if they are to be used independantly of - * a DSO object) and two file specifications to merge. They should - * either return NULL (if there is an error condition) or a newly allocated - * string containing the result of merging that the caller will need - * to free with free() when done. - * Here, merging means that bits and pieces are taken from each of the - * file specifications and added together in whatever fashion that is - * sensible for the DSO method in question. The only rule that really - * applies is that if the two specification contain pieces of the same - * type, the copy from the first string takes priority. One could see - * it as the first specification is the one given by the user and the - * second being a bunch of defaults to add on if they're missing in the - * first. */ -typedef char* (*DSO_MERGER_FUNC)(DSO *, const char *, const char *); - -typedef struct dso_meth_st { - const char *name; - /* Loads a shared library, NB: new DSO_METHODs must ensure that a - * successful load populates the loaded_filename field, and likewise a - * successful unload frees and NULLs it out. */ - int (*dso_load)(DSO *dso); - /* Unloads a shared library */ - int (*dso_unload)(DSO *dso); - /* Binds a variable */ - void *(*dso_bind_var)(DSO *dso, const char *symname); - /* Binds a function - assumes a return type of DSO_FUNC_TYPE. - * This should be cast to the real function prototype by the - * caller. Platforms that don't have compatible representations - * for different prototypes (this is possible within ANSI C) - * are highly unlikely to have shared libraries at all, let - * alone a DSO_METHOD implemented for them. */ - DSO_FUNC_TYPE (*dso_bind_func)(DSO *dso, const char *symname); - - /* The generic (yuck) "ctrl()" function. NB: Negative return - * values (rather than zero) indicate errors. */ - long (*dso_ctrl)(DSO *dso, int cmd, long larg, void *parg); - /* The default DSO_METHOD-specific function for converting filenames to - * a canonical native form. */ - DSO_NAME_CONVERTER_FUNC dso_name_converter; - /* The default DSO_METHOD-specific function for converting filenames to - * a canonical native form. */ - DSO_MERGER_FUNC dso_merger; - - /* [De]Initialisation handlers. */ - int (*init)(DSO *dso); - int (*finish)(DSO *dso); - - /* Return pathname of the module containing location */ - int (*pathbyaddr)(void *addr, char *path, int sz); - /* Perform global symbol lookup, i.e. among *all* modules */ - void *(*globallookup)(const char *symname); -} DSO_METHOD; - -/**********************************************************************/ -/* The low-level handle type used to refer to a loaded shared library */ - -struct dso_st { - DSO_METHOD *meth; - /* Standard dlopen uses a (void *). Win32 uses a HANDLE. VMS - * doesn't use anything but will need to cache the filename - * for use in the dso_bind handler. All in all, let each - * method control its own destiny. "Handles" and such go in - * a STACK. */ - STACK_OF(void) *meth_data; - int references; - int flags; - /* For use by applications etc ... use this for your bits'n'pieces, - * don't touch meth_data! */ - CRYPTO_EX_DATA ex_data; - /* If this callback function pointer is set to non-NULL, then it will - * be used in DSO_load() in place of meth->dso_name_converter. NB: This - * should normally set using DSO_set_name_converter(). */ - DSO_NAME_CONVERTER_FUNC name_converter; - /* If this callback function pointer is set to non-NULL, then it will - * be used in DSO_load() in place of meth->dso_merger. NB: This - * should normally set using DSO_set_merger(). */ - DSO_MERGER_FUNC merger; - /* This is populated with (a copy of) the platform-independant - * filename used for this DSO. */ - char *filename; - /* This is populated with (a copy of) the translated filename by which - * the DSO was actually loaded. It is NULL iff the DSO is not currently - * loaded. NB: This is here because the filename translation process - * may involve a callback being invoked more than once not only to - * convert to a platform-specific form, but also to try different - * filenames in the process of trying to perform a load. As such, this - * variable can be used to indicate (a) whether this DSO structure - * corresponds to a loaded library or not, and (b) the filename with - * which it was actually loaded. */ - char *loaded_filename; -}; - - -DSO * DSO_new(void); -DSO * DSO_new_method(DSO_METHOD *method); -int DSO_free(DSO *dso); -int DSO_flags(DSO *dso); -int DSO_up_ref(DSO *dso); -long DSO_ctrl(DSO *dso, int cmd, long larg, void *parg); - -/* This function sets the DSO's name_converter callback. If it is non-NULL, - * then it will be used instead of the associated DSO_METHOD's function. If - * oldcb is non-NULL then it is set to the function pointer value being - * replaced. Return value is non-zero for success. */ -int DSO_set_name_converter(DSO *dso, DSO_NAME_CONVERTER_FUNC cb, - DSO_NAME_CONVERTER_FUNC *oldcb); -/* These functions can be used to get/set the platform-independant filename - * used for a DSO. NB: set will fail if the DSO is already loaded. */ -const char *DSO_get_filename(DSO *dso); -int DSO_set_filename(DSO *dso, const char *filename); -/* This function will invoke the DSO's name_converter callback to translate a - * filename, or if the callback isn't set it will instead use the DSO_METHOD's - * converter. If "filename" is NULL, the "filename" in the DSO itself will be - * used. If the DSO_FLAG_NO_NAME_TRANSLATION flag is set, then the filename is - * simply duplicated. NB: This function is usually called from within a - * DSO_METHOD during the processing of a DSO_load() call, and is exposed so that - * caller-created DSO_METHODs can do the same thing. A non-NULL return value - * will need to be free()'d. */ -char *DSO_convert_filename(DSO *dso, const char *filename); -/* This function will invoke the DSO's merger callback to merge two file - * specifications, or if the callback isn't set it will instead use the - * DSO_METHOD's merger. A non-NULL return value will need to be - * free()'d. */ -char *DSO_merge(DSO *dso, const char *filespec1, const char *filespec2); -/* If the DSO is currently loaded, this returns the filename that it was loaded - * under, otherwise it returns NULL. So it is also useful as a test as to - * whether the DSO is currently loaded. NB: This will not necessarily return - * the same value as DSO_convert_filename(dso, dso->filename), because the - * DSO_METHOD's load function may have tried a variety of filenames (with - * and/or without the aid of the converters) before settling on the one it - * actually loaded. */ -const char *DSO_get_loaded_filename(DSO *dso); - -void DSO_set_default_method(DSO_METHOD *meth); -DSO_METHOD *DSO_get_default_method(void); -DSO_METHOD *DSO_get_method(DSO *dso); -DSO_METHOD *DSO_set_method(DSO *dso, DSO_METHOD *meth); - -/* The all-singing all-dancing load function, you normally pass NULL - * for the first and third parameters. Use DSO_up and DSO_free for - * subsequent reference count handling. Any flags passed in will be set - * in the constructed DSO after its init() function but before the - * load operation. If 'dso' is non-NULL, 'flags' is ignored. */ -DSO *DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags); - -/* This function binds to a variable inside a shared library. */ -void *DSO_bind_var(DSO *dso, const char *symname); - -/* This function binds to a function inside a shared library. */ -DSO_FUNC_TYPE DSO_bind_func(DSO *dso, const char *symname); - -/* This method is the default, but will beg, borrow, or steal whatever - * method should be the default on any particular platform (including - * DSO_METH_null() if necessary). */ -DSO_METHOD *DSO_METHOD_openssl(void); - -/* This method is defined for all platforms - if a platform has no - * DSO support then this will be the only method! */ -DSO_METHOD *DSO_METHOD_null(void); - -/* If DSO_DLFCN is defined, the standard dlfcn.h-style functions - * (dlopen, dlclose, dlsym, etc) will be used and incorporated into - * this method. If not, this method will return NULL. */ -DSO_METHOD *DSO_METHOD_dlfcn(void); - -/* This function writes null-terminated pathname of DSO module - * containing 'addr' into 'sz' large caller-provided 'path' and - * returns the number of characters [including trailing zero] - * written to it. If 'sz' is 0 or negative, 'path' is ignored and - * required amount of charachers [including trailing zero] to - * accommodate pathname is returned. If 'addr' is NULL, then - * pathname of cryptolib itself is returned. Negative or zero - * return value denotes error. - */ -int DSO_pathbyaddr(void *addr, char *path, int sz); - -/* This function should be used with caution! It looks up symbols in - * *all* loaded modules and if module gets unloaded by somebody else - * attempt to dereference the pointer is doomed to have fatal - * consequences. Primary usage for this function is to probe *core* - * system functionality, e.g. check if getnameinfo(3) is available - * at run-time without bothering about OS-specific details such as - * libc.so.versioning or where does it actually reside: in libc - * itself or libsocket. */ -void *DSO_global_lookup(const char *name); - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_DSO_strings(void); - -/* Error codes for the DSO functions. */ - -/* Function codes. */ -#define DSO_F_BEOS_BIND_FUNC 144 -#define DSO_F_BEOS_BIND_VAR 145 -#define DSO_F_BEOS_LOAD 146 -#define DSO_F_BEOS_NAME_CONVERTER 147 -#define DSO_F_BEOS_UNLOAD 148 -#define DSO_F_DLFCN_BIND_FUNC 100 -#define DSO_F_DLFCN_BIND_VAR 101 -#define DSO_F_DLFCN_LOAD 102 -#define DSO_F_DLFCN_MERGER 130 -#define DSO_F_DLFCN_NAME_CONVERTER 123 -#define DSO_F_DLFCN_UNLOAD 103 -#define DSO_F_DL_BIND_FUNC 104 -#define DSO_F_DL_BIND_VAR 105 -#define DSO_F_DL_LOAD 106 -#define DSO_F_DL_MERGER 131 -#define DSO_F_DL_NAME_CONVERTER 124 -#define DSO_F_DL_UNLOAD 107 -#define DSO_F_DSO_BIND_FUNC 108 -#define DSO_F_DSO_BIND_VAR 109 -#define DSO_F_DSO_CONVERT_FILENAME 126 -#define DSO_F_DSO_CTRL 110 -#define DSO_F_DSO_FREE 111 -#define DSO_F_DSO_GET_FILENAME 127 -#define DSO_F_DSO_GET_LOADED_FILENAME 128 -#define DSO_F_DSO_GLOBAL_LOOKUP 139 -#define DSO_F_DSO_LOAD 112 -#define DSO_F_DSO_MERGE 132 -#define DSO_F_DSO_NEW_METHOD 113 -#define DSO_F_DSO_PATHBYADDR 140 -#define DSO_F_DSO_SET_FILENAME 129 -#define DSO_F_DSO_SET_NAME_CONVERTER 122 -#define DSO_F_DSO_UP_REF 114 -#define DSO_F_GLOBAL_LOOKUP_FUNC 138 -#define DSO_F_PATHBYADDR 137 -#define DSO_F_VMS_BIND_SYM 115 -#define DSO_F_VMS_LOAD 116 -#define DSO_F_VMS_MERGER 133 -#define DSO_F_VMS_UNLOAD 117 -#define DSO_F_WIN32_BIND_FUNC 118 -#define DSO_F_WIN32_BIND_VAR 119 -#define DSO_F_WIN32_GLOBALLOOKUP 142 -#define DSO_F_WIN32_GLOBALLOOKUP_FUNC 143 -#define DSO_F_WIN32_JOINER 135 -#define DSO_F_WIN32_LOAD 120 -#define DSO_F_WIN32_MERGER 134 -#define DSO_F_WIN32_NAME_CONVERTER 125 -#define DSO_F_WIN32_PATHBYADDR 141 -#define DSO_F_WIN32_SPLITTER 136 -#define DSO_F_WIN32_UNLOAD 121 - -/* Reason codes. */ -#define DSO_R_CTRL_FAILED 100 -#define DSO_R_DSO_ALREADY_LOADED 110 -#define DSO_R_EMPTY_FILE_STRUCTURE 113 -#define DSO_R_FAILURE 114 -#define DSO_R_FILENAME_TOO_BIG 101 -#define DSO_R_FINISH_FAILED 102 -#define DSO_R_INCORRECT_FILE_SYNTAX 115 -#define DSO_R_LOAD_FAILED 103 -#define DSO_R_NAME_TRANSLATION_FAILED 109 -#define DSO_R_NO_FILENAME 111 -#define DSO_R_NO_FILE_SPECIFICATION 116 -#define DSO_R_NULL_HANDLE 104 -#define DSO_R_SET_FILENAME_FAILED 112 -#define DSO_R_STACK_ERROR 105 -#define DSO_R_SYM_FAILURE 106 -#define DSO_R_UNLOAD_FAILED 107 -#define DSO_R_UNSUPPORTED 108 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/openssl/dtls1.h b/libressl/include64/openssl/dtls1.h deleted file mode 100644 index a0018f2a..00000000 --- a/libressl/include64/openssl/dtls1.h +++ /dev/null @@ -1,186 +0,0 @@ -/* $OpenBSD: dtls1.h,v 1.22 2018/08/24 19:35:05 jsing Exp $ */ -/* - * DTLS implementation written by Nagendra Modadugu - * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. - */ -/* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_DTLS1_H -#define HEADER_DTLS1_H - -#if defined(_WIN32) -#include <winsock2.h> -#else -#include <sys/time.h> -#endif - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> - -#include <openssl/opensslconf.h> -#include <openssl/buffer.h> - -#ifdef __cplusplus -extern "C" { -#endif - -#define DTLS1_VERSION 0xFEFF - -/* lengths of messages */ -#define DTLS1_COOKIE_LENGTH 256 - -#define DTLS1_RT_HEADER_LENGTH 13 - -#define DTLS1_HM_HEADER_LENGTH 12 - -#define DTLS1_HM_BAD_FRAGMENT -2 -#define DTLS1_HM_FRAGMENT_RETRY -3 - -#define DTLS1_CCS_HEADER_LENGTH 1 - -#define DTLS1_AL_HEADER_LENGTH 2 - -#ifndef OPENSSL_NO_SSL_INTERN - - -typedef struct dtls1_bitmap_st { - unsigned long map; /* track 32 packets on 32-bit systems - and 64 - on 64-bit systems */ - unsigned char max_seq_num[8]; /* max record number seen so far, - 64-bit value in big-endian - encoding */ -} DTLS1_BITMAP; - -struct dtls1_retransmit_state { - EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */ - EVP_MD_CTX *write_hash; /* used for mac generation */ - SSL_SESSION *session; - unsigned short epoch; -}; - -struct hm_header_st { - unsigned char type; - unsigned long msg_len; - unsigned short seq; - unsigned long frag_off; - unsigned long frag_len; - unsigned int is_ccs; - struct dtls1_retransmit_state saved_retransmit_state; -}; - -struct ccs_header_st { - unsigned char type; - unsigned short seq; -}; - -struct dtls1_timeout_st { - /* Number of read timeouts so far */ - unsigned int read_timeouts; - - /* Number of write timeouts so far */ - unsigned int write_timeouts; - - /* Number of alerts received so far */ - unsigned int num_alerts; -}; - -struct _pqueue; - -typedef struct record_pqueue_st { - unsigned short epoch; - struct _pqueue *q; -} record_pqueue; - -typedef struct hm_fragment_st { - struct hm_header_st msg_header; - unsigned char *fragment; - unsigned char *reassembly; -} hm_fragment; - -struct dtls1_state_internal_st; - -typedef struct dtls1_state_st { - /* Buffered (sent) handshake records */ - struct _pqueue *sent_messages; - - /* Indicates when the last handshake msg or heartbeat sent will timeout */ - struct timeval next_timeout; - - /* Timeout duration */ - unsigned short timeout_duration; - - struct dtls1_state_internal_st *internal; -} DTLS1_STATE; - -typedef struct dtls1_record_data_st { - unsigned char *packet; - unsigned int packet_length; - SSL3_BUFFER rbuf; - SSL3_RECORD rrec; -} DTLS1_RECORD_DATA; - -#endif - -/* Timeout multipliers (timeout slice is defined in apps/timeouts.h */ -#define DTLS1_TMO_READ_COUNT 2 -#define DTLS1_TMO_WRITE_COUNT 2 - -#define DTLS1_TMO_ALERT_COUNT 12 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/openssl/ec.h b/libressl/include64/openssl/ec.h deleted file mode 100644 index a95d99f6..00000000 --- a/libressl/include64/openssl/ec.h +++ /dev/null @@ -1,1299 +0,0 @@ -/* $OpenBSD: ec.h,v 1.18 2019/09/29 10:09:09 tb Exp $ */ -/* - * Originally written by Bodo Moeller for the OpenSSL project. - */ -/** - * \file crypto/ec/ec.h Include file for the OpenSSL EC functions - * \author Originally written by Bodo Moeller for the OpenSSL project - */ -/* ==================================================================== - * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * - * Portions of the attached software ("Contribution") are developed by - * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. - * - * The Contribution is licensed pursuant to the OpenSSL open source - * license provided above. - * - * The elliptic curve binary polynomial software is originally written by - * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. - * - */ - -#ifndef HEADER_EC_H -#define HEADER_EC_H - -#include <openssl/opensslconf.h> - -#ifdef OPENSSL_NO_EC -#error EC is disabled. -#endif - -#include <openssl/asn1.h> -#ifndef OPENSSL_NO_DEPRECATED -#include <openssl/bn.h> -#endif - -#ifdef __cplusplus -extern "C" { -#elif defined(__SUNPRO_C) -# if __SUNPRO_C >= 0x520 -# pragma error_messages (off,E_ARRAY_OF_INCOMPLETE_NONAME,E_ARRAY_OF_INCOMPLETE) -# endif -#endif - - -#ifndef OPENSSL_ECC_MAX_FIELD_BITS -#define OPENSSL_ECC_MAX_FIELD_BITS 661 -#endif - -/** Enum for the point conversion form as defined in X9.62 (ECDSA) - * for the encoding of a elliptic curve point (x,y) */ -typedef enum { - /** the point is encoded as z||x, where the octet z specifies - * which solution of the quadratic equation y is */ - POINT_CONVERSION_COMPRESSED = 2, - /** the point is encoded as z||x||y, where z is the octet 0x02 */ - POINT_CONVERSION_UNCOMPRESSED = 4, - /** the point is encoded as z||x||y, where the octet z specifies - * which solution of the quadratic equation y is */ - POINT_CONVERSION_HYBRID = 6 -} point_conversion_form_t; - - -typedef struct ec_method_st EC_METHOD; - -typedef struct ec_group_st - /* - EC_METHOD *meth; - -- field definition - -- curve coefficients - -- optional generator with associated information (order, cofactor) - -- optional extra data (precomputed table for fast computation of multiples of generator) - -- ASN1 stuff - */ - EC_GROUP; - -typedef struct ec_point_st EC_POINT; - - -/********************************************************************/ -/* EC_METHODs for curves over GF(p) */ -/********************************************************************/ - -/** Returns the basic GFp ec methods which provides the basis for the - * optimized methods. - * \return EC_METHOD object - */ -const EC_METHOD *EC_GFp_simple_method(void); - -/** Returns GFp methods using montgomery multiplication. - * \return EC_METHOD object - */ -const EC_METHOD *EC_GFp_mont_method(void); - -/** Returns GFp methods using optimized methods for NIST recommended curves - * \return EC_METHOD object - */ -const EC_METHOD *EC_GFp_nist_method(void); - -#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 -/** Returns 64-bit optimized methods for nistp224 - * \return EC_METHOD object - */ -const EC_METHOD *EC_GFp_nistp224_method(void); - -/** Returns 64-bit optimized methods for nistp256 - * \return EC_METHOD object - */ -const EC_METHOD *EC_GFp_nistp256_method(void); - -/** Returns 64-bit optimized methods for nistp521 - * \return EC_METHOD object - */ -const EC_METHOD *EC_GFp_nistp521_method(void); -#endif - -#ifndef OPENSSL_NO_EC2M -/********************************************************************/ -/* EC_METHOD for curves over GF(2^m) */ -/********************************************************************/ - -/** Returns the basic GF2m ec method - * \return EC_METHOD object - */ -const EC_METHOD *EC_GF2m_simple_method(void); - -#endif - - -/********************************************************************/ -/* EC_GROUP functions */ -/********************************************************************/ - -/** Creates a new EC_GROUP object - * \param meth EC_METHOD to use - * \return newly created EC_GROUP object or NULL in case of an error. - */ -EC_GROUP *EC_GROUP_new(const EC_METHOD *meth); - -/** Frees a EC_GROUP object - * \param group EC_GROUP object to be freed. - */ -void EC_GROUP_free(EC_GROUP *group); - -/** Clears and frees a EC_GROUP object - * \param group EC_GROUP object to be cleared and freed. - */ -void EC_GROUP_clear_free(EC_GROUP *group); - -/** Copies EC_GROUP objects. Note: both EC_GROUPs must use the same EC_METHOD. - * \param dst destination EC_GROUP object - * \param src source EC_GROUP object - * \return 1 on success and 0 if an error occurred. - */ -int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src); - -/** Creates a new EC_GROUP object and copies the copies the content - * form src to the newly created EC_KEY object - * \param src source EC_GROUP object - * \return newly created EC_GROUP object or NULL in case of an error. - */ -EC_GROUP *EC_GROUP_dup(const EC_GROUP *src); - -/** Returns the EC_METHOD of the EC_GROUP object. - * \param group EC_GROUP object - * \return EC_METHOD used in this EC_GROUP object. - */ -const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group); - -/** Returns the field type of the EC_METHOD. - * \param meth EC_METHOD object - * \return NID of the underlying field type OID. - */ -int EC_METHOD_get_field_type(const EC_METHOD *meth); - -/** Sets the generator and it's order/cofactor of a EC_GROUP object. - * \param group EC_GROUP object - * \param generator EC_POINT object with the generator. - * \param order the order of the group generated by the generator. - * \param cofactor the index of the sub-group generated by the generator - * in the group of all points on the elliptic curve. - * \return 1 on success and 0 if an error occured - */ -int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor); - -/** Returns the generator of a EC_GROUP object. - * \param group EC_GROUP object - * \return the currently used generator (possibly NULL). - */ -const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group); - -/** Gets the order of a EC_GROUP - * \param group EC_GROUP object - * \param order BIGNUM to which the order is copied - * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured - */ -int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx); - -/** Gets the cofactor of a EC_GROUP - * \param group EC_GROUP object - * \param cofactor BIGNUM to which the cofactor is copied - * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured - */ -int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx); - -/** Sets the name of a EC_GROUP object - * \param group EC_GROUP object - * \param nid NID of the curve name OID - */ -void EC_GROUP_set_curve_name(EC_GROUP *group, int nid); - -/** Returns the curve name of a EC_GROUP object - * \param group EC_GROUP object - * \return NID of the curve name OID or 0 if not set. - */ -int EC_GROUP_get_curve_name(const EC_GROUP *group); - -void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag); -int EC_GROUP_get_asn1_flag(const EC_GROUP *group); - -void EC_GROUP_set_point_conversion_form(EC_GROUP *group, point_conversion_form_t form); -point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *); - -unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x); -size_t EC_GROUP_get_seed_len(const EC_GROUP *); -size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len); - -/** Sets the parameter of a ec over GFp defined by y^2 = x^3 + a*x + b - * \param group EC_GROUP object - * \param p BIGNUM with the prime number - * \param a BIGNUM with parameter a of the equation - * \param b BIGNUM with parameter b of the equation - * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured - */ -int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); - -/** Gets the parameter of the ec over GFp defined by y^2 = x^3 + a*x + b - * \param group EC_GROUP object - * \param p BIGNUM for the prime number - * \param a BIGNUM for parameter a of the equation - * \param b BIGNUM for parameter b of the equation - * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured - */ -int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx); - -#ifndef OPENSSL_NO_EC2M -/** Sets the parameter of a ec over GF2m defined by y^2 + x*y = x^3 + a*x^2 + b - * \param group EC_GROUP object - * \param p BIGNUM with the polynomial defining the underlying field - * \param a BIGNUM with parameter a of the equation - * \param b BIGNUM with parameter b of the equation - * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured - */ -int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); - -/** Gets the parameter of the ec over GF2m defined by y^2 + x*y = x^3 + a*x^2 + b - * \param group EC_GROUP object - * \param p BIGNUM for the polynomial defining the underlying field - * \param a BIGNUM for parameter a of the equation - * \param b BIGNUM for parameter b of the equation - * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured - */ -int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx); -#endif -/** Returns the number of bits needed to represent a field element - * \param group EC_GROUP object - * \return number of bits needed to represent a field element - */ -int EC_GROUP_get_degree(const EC_GROUP *group); - -/** Checks whether the parameter in the EC_GROUP define a valid ec group - * \param group EC_GROUP object - * \param ctx BN_CTX object (optional) - * \return 1 if group is a valid ec group and 0 otherwise - */ -int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx); - -/** Checks whether the discriminant of the elliptic curve is zero or not - * \param group EC_GROUP object - * \param ctx BN_CTX object (optional) - * \return 1 if the discriminant is not zero and 0 otherwise - */ -int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx); - -/** Compares two EC_GROUP objects - * \param a first EC_GROUP object - * \param b second EC_GROUP object - * \param ctx BN_CTX object (optional) - * \return 0 if both groups are equal and 1 otherwise - */ -int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx); - -/* EC_GROUP_new_GF*() calls EC_GROUP_new() and EC_GROUP_set_GF*() - * after choosing an appropriate EC_METHOD */ - -/** Creates a new EC_GROUP object with the specified parameters defined - * over GFp (defined by the equation y^2 = x^3 + a*x + b) - * \param p BIGNUM with the prime number - * \param a BIGNUM with the parameter a of the equation - * \param b BIGNUM with the parameter b of the equation - * \param ctx BN_CTX object (optional) - * \return newly created EC_GROUP object with the specified parameters - */ -EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); -#ifndef OPENSSL_NO_EC2M -/** Creates a new EC_GROUP object with the specified parameters defined - * over GF2m (defined by the equation y^2 + x*y = x^3 + a*x^2 + b) - * \param p BIGNUM with the polynomial defining the underlying field - * \param a BIGNUM with the parameter a of the equation - * \param b BIGNUM with the parameter b of the equation - * \param ctx BN_CTX object (optional) - * \return newly created EC_GROUP object with the specified parameters - */ -EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); -#endif -/** Creates a EC_GROUP object with a curve specified by a NID - * \param nid NID of the OID of the curve name - * \return newly created EC_GROUP object with specified curve or NULL - * if an error occurred - */ -EC_GROUP *EC_GROUP_new_by_curve_name(int nid); - - -/********************************************************************/ -/* handling of internal curves */ -/********************************************************************/ - -typedef struct { - int nid; - const char *comment; - } EC_builtin_curve; - -/* EC_builtin_curves(EC_builtin_curve *r, size_t size) returns number - * of all available curves or zero if a error occurred. - * In case r ist not zero nitems EC_builtin_curve structures - * are filled with the data of the first nitems internal groups */ -size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems); - -const char *EC_curve_nid2nist(int nid); -int EC_curve_nist2nid(const char *name); - -/********************************************************************/ -/* EC_POINT functions */ -/********************************************************************/ - -/** Creates a new EC_POINT object for the specified EC_GROUP - * \param group EC_GROUP the underlying EC_GROUP object - * \return newly created EC_POINT object or NULL if an error occurred - */ -EC_POINT *EC_POINT_new(const EC_GROUP *group); - -/** Frees a EC_POINT object - * \param point EC_POINT object to be freed - */ -void EC_POINT_free(EC_POINT *point); - -/** Clears and frees a EC_POINT object - * \param point EC_POINT object to be cleared and freed - */ -void EC_POINT_clear_free(EC_POINT *point); - -/** Copies EC_POINT object - * \param dst destination EC_POINT object - * \param src source EC_POINT object - * \return 1 on success and 0 if an error occured - */ -int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src); - -/** Creates a new EC_POINT object and copies the content of the supplied - * EC_POINT - * \param src source EC_POINT object - * \param group underlying the EC_GROUP object - * \return newly created EC_POINT object or NULL if an error occurred - */ -EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group); - -/** Returns the EC_METHOD used in EC_POINT object - * \param point EC_POINT object - * \return the EC_METHOD used - */ -const EC_METHOD *EC_POINT_method_of(const EC_POINT *point); - -/** Sets a point to infinity (neutral element) - * \param group underlying EC_GROUP object - * \param point EC_POINT to set to infinity - * \return 1 on success and 0 if an error occured - */ -int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point); - -/** Sets the jacobian projective coordinates of a EC_POINT over GFp - * \param group underlying EC_GROUP object - * \param p EC_POINT object - * \param x BIGNUM with the x-coordinate - * \param y BIGNUM with the y-coordinate - * \param z BIGNUM with the z-coordinate - * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured - */ -int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group, EC_POINT *p, - const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *ctx); - -/** Gets the jacobian projective coordinates of a EC_POINT over GFp - * \param group underlying EC_GROUP object - * \param p EC_POINT object - * \param x BIGNUM for the x-coordinate - * \param y BIGNUM for the y-coordinate - * \param z BIGNUM for the z-coordinate - * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured - */ -int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group, - const EC_POINT *p, BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *ctx); - -/** Sets the affine coordinates of a EC_POINT over GFp - * \param group underlying EC_GROUP object - * \param p EC_POINT object - * \param x BIGNUM with the x-coordinate - * \param y BIGNUM with the y-coordinate - * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured - */ -int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p, - const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx); - -/** Gets the affine coordinates of a EC_POINT over GFp - * \param group underlying EC_GROUP object - * \param p EC_POINT object - * \param x BIGNUM for the x-coordinate - * \param y BIGNUM for the y-coordinate - * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured - */ -int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group, - const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx); - -/** Sets the x9.62 compressed coordinates of a EC_POINT over GFp - * \param group underlying EC_GROUP object - * \param p EC_POINT object - * \param x BIGNUM with x-coordinate - * \param y_bit integer with the y-Bit (either 0 or 1) - * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured - */ -int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *p, - const BIGNUM *x, int y_bit, BN_CTX *ctx); -#ifndef OPENSSL_NO_EC2M -/** Sets the affine coordinates of a EC_POINT over GF2m - * \param group underlying EC_GROUP object - * \param p EC_POINT object - * \param x BIGNUM with the x-coordinate - * \param y BIGNUM with the y-coordinate - * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured - */ -int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p, - const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx); - -/** Gets the affine coordinates of a EC_POINT over GF2m - * \param group underlying EC_GROUP object - * \param p EC_POINT object - * \param x BIGNUM for the x-coordinate - * \param y BIGNUM for the y-coordinate - * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured - */ -int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group, - const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx); - -/** Sets the x9.62 compressed coordinates of a EC_POINT over GF2m - * \param group underlying EC_GROUP object - * \param p EC_POINT object - * \param x BIGNUM with x-coordinate - * \param y_bit integer with the y-Bit (either 0 or 1) - * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured - */ -int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p, - const BIGNUM *x, int y_bit, BN_CTX *ctx); -#endif -/** Encodes a EC_POINT object to a octet string - * \param group underlying EC_GROUP object - * \param p EC_POINT object - * \param form point conversion form - * \param buf memory buffer for the result. If NULL the function returns - * required buffer size. - * \param len length of the memory buffer - * \param ctx BN_CTX object (optional) - * \return the length of the encoded octet string or 0 if an error occurred - */ -size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p, - point_conversion_form_t form, - unsigned char *buf, size_t len, BN_CTX *ctx); - -/** Decodes a EC_POINT from a octet string - * \param group underlying EC_GROUP object - * \param p EC_POINT object - * \param buf memory buffer with the encoded ec point - * \param len length of the encoded ec point - * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured - */ -int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p, - const unsigned char *buf, size_t len, BN_CTX *ctx); - -/* other interfaces to point2oct/oct2point: */ -BIGNUM *EC_POINT_point2bn(const EC_GROUP *, const EC_POINT *, - point_conversion_form_t form, BIGNUM *, BN_CTX *); -EC_POINT *EC_POINT_bn2point(const EC_GROUP *, const BIGNUM *, - EC_POINT *, BN_CTX *); -char *EC_POINT_point2hex(const EC_GROUP *, const EC_POINT *, - point_conversion_form_t form, BN_CTX *); -EC_POINT *EC_POINT_hex2point(const EC_GROUP *, const char *, - EC_POINT *, BN_CTX *); - - -/********************************************************************/ -/* functions for doing EC_POINT arithmetic */ -/********************************************************************/ - -/** Computes the sum of two EC_POINT - * \param group underlying EC_GROUP object - * \param r EC_POINT object for the result (r = a + b) - * \param a EC_POINT object with the first summand - * \param b EC_POINT object with the second summand - * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured - */ -int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx); - -/** Computes the double of a EC_POINT - * \param group underlying EC_GROUP object - * \param r EC_POINT object for the result (r = 2 * a) - * \param a EC_POINT object - * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured - */ -int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx); - -/** Computes the inverse of a EC_POINT - * \param group underlying EC_GROUP object - * \param a EC_POINT object to be inverted (it's used for the result as well) - * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured - */ -int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx); - -/** Checks whether the point is the neutral element of the group - * \param group the underlying EC_GROUP object - * \param p EC_POINT object - * \return 1 if the point is the neutral element and 0 otherwise - */ -int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *p); - -/** Checks whether the point is on the curve - * \param group underlying EC_GROUP object - * \param point EC_POINT object to check - * \param ctx BN_CTX object (optional) - * \return 1 if point if on the curve and 0 otherwise - */ -int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *ctx); - -/** Compares two EC_POINTs - * \param group underlying EC_GROUP object - * \param a first EC_POINT object - * \param b second EC_POINT object - * \param ctx BN_CTX object (optional) - * \return 0 if both points are equal and a value != 0 otherwise - */ -int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx); - -int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx); -int EC_POINTs_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[], BN_CTX *ctx); - -/** Computes r = generator * n sum_{i=0}^num p[i] * m[i] - * \param group underlying EC_GROUP object - * \param r EC_POINT object for the result - * \param n BIGNUM with the multiplier for the group generator (optional) - * \param num number futher summands - * \param p array of size num of EC_POINT objects - * \param m array of size num of BIGNUM objects - * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured - */ -int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, size_t num, const EC_POINT *p[], const BIGNUM *m[], BN_CTX *ctx); - -/** Computes r = generator * n + q * m - * \param group underlying EC_GROUP object - * \param r EC_POINT object for the result - * \param n BIGNUM with the multiplier for the group generator (optional) - * \param q EC_POINT object with the first factor of the second summand - * \param m BIGNUM with the second factor of the second summand - * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured - */ -int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx); - -/** Stores multiples of generator for faster point multiplication - * \param group EC_GROUP object - * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occured - */ -int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx); - -/** Reports whether a precomputation has been done - * \param group EC_GROUP object - * \return 1 if a pre-computation has been done and 0 otherwise - */ -int EC_GROUP_have_precompute_mult(const EC_GROUP *group); - - -/********************************************************************/ -/* ASN1 stuff */ -/********************************************************************/ - -/* EC_GROUP_get_basis_type() returns the NID of the basis type - * used to represent the field elements */ -int EC_GROUP_get_basis_type(const EC_GROUP *); -#ifndef OPENSSL_NO_EC2M -int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k); -int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1, - unsigned int *k2, unsigned int *k3); -#endif - -#define OPENSSL_EC_NAMED_CURVE 0x001 - -typedef struct ecpk_parameters_st ECPKPARAMETERS; - -EC_GROUP *d2i_ECPKParameters(EC_GROUP **, const unsigned char **in, long len); -int i2d_ECPKParameters(const EC_GROUP *, unsigned char **out); - -#define d2i_ECPKParameters_bio(bp,x) ASN1_d2i_bio_of(EC_GROUP,NULL,d2i_ECPKParameters,bp,x) -#define i2d_ECPKParameters_bio(bp,x) ASN1_i2d_bio_of_const(EC_GROUP,i2d_ECPKParameters,bp,x) -#define d2i_ECPKParameters_fp(fp,x) (EC_GROUP *)ASN1_d2i_fp(NULL, \ - (char *(*)())d2i_ECPKParameters,(fp),(unsigned char **)(x)) -#define i2d_ECPKParameters_fp(fp,x) ASN1_i2d_fp(i2d_ECPKParameters,(fp), \ - (unsigned char *)(x)) - -#ifndef OPENSSL_NO_BIO -int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off); -#endif -int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off); - - -/********************************************************************/ -/* EC_KEY functions */ -/********************************************************************/ - -typedef struct ec_key_st EC_KEY; -typedef struct ec_key_method_st EC_KEY_METHOD; - -/* some values for the encoding_flag */ -#define EC_PKEY_NO_PARAMETERS 0x001 -#define EC_PKEY_NO_PUBKEY 0x002 - -/* some values for the flags field */ -#define EC_FLAG_NON_FIPS_ALLOW 0x1 -#define EC_FLAG_FIPS_CHECKED 0x2 -#define EC_FLAG_COFACTOR_ECDH 0x1000 - -/** Creates a new EC_KEY object. - * \return EC_KEY object or NULL if an error occurred. - */ -EC_KEY *EC_KEY_new(void); - -int EC_KEY_get_flags(const EC_KEY *key); - -void EC_KEY_set_flags(EC_KEY *key, int flags); - -void EC_KEY_clear_flags(EC_KEY *key, int flags); - -/** Creates a new EC_KEY object using a named curve as underlying - * EC_GROUP object. - * \param nid NID of the named curve. - * \return EC_KEY object or NULL if an error occurred. - */ -EC_KEY *EC_KEY_new_by_curve_name(int nid); - -/** Frees a EC_KEY object. - * \param key EC_KEY object to be freed. - */ -void EC_KEY_free(EC_KEY *key); - -/** Copies a EC_KEY object. - * \param dst destination EC_KEY object - * \param src src EC_KEY object - * \return dst or NULL if an error occurred. - */ -EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src); - -/** Creates a new EC_KEY object and copies the content from src to it. - * \param src the source EC_KEY object - * \return newly created EC_KEY object or NULL if an error occurred. - */ -EC_KEY *EC_KEY_dup(const EC_KEY *src); - -/** Increases the internal reference count of a EC_KEY object. - * \param key EC_KEY object - * \return 1 on success and 0 if an error occurred. - */ -int EC_KEY_up_ref(EC_KEY *key); - -/** Returns the EC_GROUP object of a EC_KEY object - * \param key EC_KEY object - * \return the EC_GROUP object (possibly NULL). - */ -const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key); - -/** Sets the EC_GROUP of a EC_KEY object. - * \param key EC_KEY object - * \param group EC_GROUP to use in the EC_KEY object (note: the EC_KEY - * object will use an own copy of the EC_GROUP). - * \return 1 on success and 0 if an error occurred. - */ -int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group); - -/** Returns the private key of a EC_KEY object. - * \param key EC_KEY object - * \return a BIGNUM with the private key (possibly NULL). - */ -const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key); - -/** Sets the private key of a EC_KEY object. - * \param key EC_KEY object - * \param prv BIGNUM with the private key (note: the EC_KEY object - * will use an own copy of the BIGNUM). - * \return 1 on success and 0 if an error occurred. - */ -int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv); - -/** Returns the public key of a EC_KEY object. - * \param key the EC_KEY object - * \return a EC_POINT object with the public key (possibly NULL) - */ -const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key); - -/** Sets the public key of a EC_KEY object. - * \param key EC_KEY object - * \param pub EC_POINT object with the public key (note: the EC_KEY object - * will use an own copy of the EC_POINT object). - * \return 1 on success and 0 if an error occurred. - */ -int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub); - -unsigned EC_KEY_get_enc_flags(const EC_KEY *key); -void EC_KEY_set_enc_flags(EC_KEY *eckey, unsigned int flags); -point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key); -void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform); -/* functions to set/get method specific data */ -void *EC_KEY_get_key_method_data(EC_KEY *key, - void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)); -/** Sets the key method data of an EC_KEY object, if none has yet been set. - * \param key EC_KEY object - * \param data opaque data to install. - * \param dup_func a function that duplicates |data|. - * \param free_func a function that frees |data|. - * \param clear_free_func a function that wipes and frees |data|. - * \return the previously set data pointer, or NULL if |data| was inserted. - */ -void *EC_KEY_insert_key_method_data(EC_KEY *key, void *data, - void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)); -/* wrapper functions for the underlying EC_GROUP object */ -void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag); - -/** Creates a table of pre-computed multiples of the generator to - * accelerate further EC_KEY operations. - * \param key EC_KEY object - * \param ctx BN_CTX object (optional) - * \return 1 on success and 0 if an error occurred. - */ -int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx); - -/** Creates a new ec private (and optional a new public) key. - * \param key EC_KEY object - * \return 1 on success and 0 if an error occurred. - */ -int EC_KEY_generate_key(EC_KEY *key); - -/** Verifies that a private and/or public key is valid. - * \param key the EC_KEY object - * \return 1 on success and 0 otherwise. - */ -int EC_KEY_check_key(const EC_KEY *key); - -/** Sets a public key from affine coordindates performing - * neccessary NIST PKV tests. - * \param key the EC_KEY object - * \param x public key x coordinate - * \param y public key y coordinate - * \return 1 on success and 0 otherwise. - */ -int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y); - - -/********************************************************************/ -/* de- and encoding functions for SEC1 ECPrivateKey */ -/********************************************************************/ - -/** Decodes a private key from a memory buffer. - * \param key a pointer to a EC_KEY object which should be used (or NULL) - * \param in pointer to memory with the DER encoded private key - * \param len length of the DER encoded private key - * \return the decoded private key or NULL if an error occurred. - */ -EC_KEY *d2i_ECPrivateKey(EC_KEY **key, const unsigned char **in, long len); - -/** Encodes a private key object and stores the result in a buffer. - * \param key the EC_KEY object to encode - * \param out the buffer for the result (if NULL the function returns number - * of bytes needed). - * \return 1 on success and 0 if an error occurred. - */ -int i2d_ECPrivateKey(EC_KEY *key, unsigned char **out); - - -/********************************************************************/ -/* de- and encoding functions for EC parameters */ -/********************************************************************/ - -/** Decodes ec parameter from a memory buffer. - * \param key a pointer to a EC_KEY object which should be used (or NULL) - * \param in pointer to memory with the DER encoded ec parameters - * \param len length of the DER encoded ec parameters - * \return a EC_KEY object with the decoded parameters or NULL if an error - * occurred. - */ -EC_KEY *d2i_ECParameters(EC_KEY **key, const unsigned char **in, long len); - -/** Encodes ec parameter and stores the result in a buffer. - * \param key the EC_KEY object with ec paramters to encode - * \param out the buffer for the result (if NULL the function returns number - * of bytes needed). - * \return 1 on success and 0 if an error occurred. - */ -int i2d_ECParameters(EC_KEY *key, unsigned char **out); - - -/********************************************************************/ -/* de- and encoding functions for EC public key */ -/* (octet string, not DER -- hence 'o2i' and 'i2o') */ -/********************************************************************/ - -/** Decodes a ec public key from a octet string. - * \param key a pointer to a EC_KEY object which should be used - * \param in memory buffer with the encoded public key - * \param len length of the encoded public key - * \return EC_KEY object with decoded public key or NULL if an error - * occurred. - */ -EC_KEY *o2i_ECPublicKey(EC_KEY **key, const unsigned char **in, long len); - -/** Encodes a ec public key in an octet string. - * \param key the EC_KEY object with the public key - * \param out the buffer for the result (if NULL the function returns number - * of bytes needed). - * \return 1 on success and 0 if an error occurred - */ -int i2o_ECPublicKey(const EC_KEY *key, unsigned char **out); - -#ifndef OPENSSL_NO_BIO -/** Prints out the ec parameters on human readable form. - * \param bp BIO object to which the information is printed - * \param key EC_KEY object - * \return 1 on success and 0 if an error occurred - */ -int ECParameters_print(BIO *bp, const EC_KEY *key); - -/** Prints out the contents of a EC_KEY object - * \param bp BIO object to which the information is printed - * \param key EC_KEY object - * \param off line offset - * \return 1 on success and 0 if an error occurred - */ -int EC_KEY_print(BIO *bp, const EC_KEY *key, int off); - -#endif -/** Prints out the ec parameters on human readable form. - * \param fp file descriptor to which the information is printed - * \param key EC_KEY object - * \return 1 on success and 0 if an error occurred - */ -int ECParameters_print_fp(FILE *fp, const EC_KEY *key); - -/** Prints out the contents of a EC_KEY object - * \param fp file descriptor to which the information is printed - * \param key EC_KEY object - * \param off line offset - * \return 1 on success and 0 if an error occurred - */ -int EC_KEY_print_fp(FILE *fp, const EC_KEY *key, int off); - -#define EC_KEY_get_ex_new_index(l, p, newf, dupf, freef) \ - CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_EC_KEY, l, p, newf, dupf, freef) -int EC_KEY_set_ex_data(EC_KEY *key, int idx, void *arg); -void *EC_KEY_get_ex_data(const EC_KEY *key, int idx); - -const EC_KEY_METHOD *EC_KEY_OpenSSL(void); -const EC_KEY_METHOD *EC_KEY_get_default_method(void); -void EC_KEY_set_default_method(const EC_KEY_METHOD *meth); -const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key); -int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth); -EC_KEY *EC_KEY_new_method(ENGINE *engine); -EC_KEY_METHOD *EC_KEY_METHOD_new(const EC_KEY_METHOD *meth); -void EC_KEY_METHOD_free(EC_KEY_METHOD *meth); -void EC_KEY_METHOD_set_init(EC_KEY_METHOD *meth, - int (*init)(EC_KEY *key), - void (*finish)(EC_KEY *key), - int (*copy)(EC_KEY *dest, const EC_KEY *src), - int (*set_group)(EC_KEY *key, const EC_GROUP *grp), - int (*set_private)(EC_KEY *key, const BIGNUM *priv_key), - int (*set_public)(EC_KEY *key, const EC_POINT *pub_key)); -void EC_KEY_METHOD_set_keygen(EC_KEY_METHOD *meth, - int (*keygen)(EC_KEY *key)); -void EC_KEY_METHOD_set_compute_key(EC_KEY_METHOD *meth, - int (*ckey)(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, - void *(*KDF) (const void *in, size_t inlen, void *out, size_t *outlen))); -void EC_KEY_METHOD_get_init(const EC_KEY_METHOD *meth, - int (**pinit)(EC_KEY *key), - void (**pfinish)(EC_KEY *key), - int (**pcopy)(EC_KEY *dest, const EC_KEY *src), - int (**pset_group)(EC_KEY *key, const EC_GROUP *grp), - int (**pset_private)(EC_KEY *key, const BIGNUM *priv_key), - int (**pset_public)(EC_KEY *key, const EC_POINT *pub_key)); -void EC_KEY_METHOD_get_keygen(const EC_KEY_METHOD *meth, - int (**pkeygen)(EC_KEY *key)); -void EC_KEY_METHOD_get_compute_key(const EC_KEY_METHOD *meth, - int (**pck)(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, - void *(*KDF) (const void *in, size_t inlen, void *out, size_t *outlen))); - -EC_KEY *ECParameters_dup(EC_KEY *key); - -#ifndef __cplusplus -#if defined(__SUNPRO_C) -# if __SUNPRO_C >= 0x520 -# pragma error_messages (default,E_ARRAY_OF_INCOMPLETE_NONAME,E_ARRAY_OF_INCOMPLETE) -# endif -# endif -#endif - -#define EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, nid) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ - EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN, \ - EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID, nid, NULL) - -#define EVP_PKEY_CTX_set_ec_param_enc(ctx, flag) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ - EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN, \ - EVP_PKEY_CTRL_EC_PARAM_ENC, flag, NULL) - -#define EVP_PKEY_CTX_set_ecdh_cofactor_mode(ctx, flag) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ - EVP_PKEY_OP_DERIVE, \ - EVP_PKEY_CTRL_EC_ECDH_COFACTOR, flag, NULL) - -#define EVP_PKEY_CTX_get_ecdh_cofactor_mode(ctx) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ - EVP_PKEY_OP_DERIVE, \ - EVP_PKEY_CTRL_EC_ECDH_COFACTOR, -2, NULL) - -#define EVP_PKEY_CTX_set_ecdh_kdf_type(ctx, kdf) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ - EVP_PKEY_OP_DERIVE, \ - EVP_PKEY_CTRL_EC_KDF_TYPE, kdf, NULL) - -#define EVP_PKEY_CTX_get_ecdh_kdf_type(ctx) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ - EVP_PKEY_OP_DERIVE, \ - EVP_PKEY_CTRL_EC_KDF_TYPE, -2, NULL) - -#define EVP_PKEY_CTX_set_ecdh_kdf_md(ctx, md) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ - EVP_PKEY_OP_DERIVE, \ - EVP_PKEY_CTRL_EC_KDF_MD, 0, (void *)(md)) - -#define EVP_PKEY_CTX_get_ecdh_kdf_md(ctx, pmd) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ - EVP_PKEY_OP_DERIVE, \ - EVP_PKEY_CTRL_GET_EC_KDF_MD, 0, (void *)(pmd)) - -#define EVP_PKEY_CTX_set_ecdh_kdf_outlen(ctx, len) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ - EVP_PKEY_OP_DERIVE, \ - EVP_PKEY_CTRL_EC_KDF_OUTLEN, len, NULL) - -#define EVP_PKEY_CTX_get_ecdh_kdf_outlen(ctx, plen) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ - EVP_PKEY_OP_DERIVE, \ - EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN, 0, \ - (void *)(plen)) - -#define EVP_PKEY_CTX_set0_ecdh_kdf_ukm(ctx, p, plen) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ - EVP_PKEY_OP_DERIVE, \ - EVP_PKEY_CTRL_EC_KDF_UKM, plen, (void *)(p)) - -#define EVP_PKEY_CTX_get0_ecdh_kdf_ukm(ctx, p) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ - EVP_PKEY_OP_DERIVE, \ - EVP_PKEY_CTRL_GET_EC_KDF_UKM, 0, (void *)(p)) - -/* SM2 will skip the operation check so no need to pass operation here */ -#define EVP_PKEY_CTX_set1_id(ctx, id, id_len) \ - EVP_PKEY_CTX_ctrl(ctx, -1, -1, \ - EVP_PKEY_CTRL_SET1_ID, (int)id_len, (void*)(id)) - -#define EVP_PKEY_CTX_get1_id(ctx, id) \ - EVP_PKEY_CTX_ctrl(ctx, -1, -1, \ - EVP_PKEY_CTRL_GET1_ID, 0, (void*)(id)) - -#define EVP_PKEY_CTX_get1_id_len(ctx, id_len) \ - EVP_PKEY_CTX_ctrl(ctx, -1, -1, \ - EVP_PKEY_CTRL_GET1_ID_LEN, 0, (void*)(id_len)) - -#define EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID (EVP_PKEY_ALG_CTRL + 1) -#define EVP_PKEY_CTRL_EC_PARAM_ENC (EVP_PKEY_ALG_CTRL + 2) -#define EVP_PKEY_CTRL_EC_ECDH_COFACTOR (EVP_PKEY_ALG_CTRL + 3) -#define EVP_PKEY_CTRL_EC_KDF_TYPE (EVP_PKEY_ALG_CTRL + 4) -#define EVP_PKEY_CTRL_EC_KDF_MD (EVP_PKEY_ALG_CTRL + 5) -#define EVP_PKEY_CTRL_GET_EC_KDF_MD (EVP_PKEY_ALG_CTRL + 6) -#define EVP_PKEY_CTRL_EC_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 7) -#define EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 8) -#define EVP_PKEY_CTRL_EC_KDF_UKM (EVP_PKEY_ALG_CTRL + 9) -#define EVP_PKEY_CTRL_GET_EC_KDF_UKM (EVP_PKEY_ALG_CTRL + 10) -#define EVP_PKEY_CTRL_SET1_ID (EVP_PKEY_ALG_CTRL + 11) -#define EVP_PKEY_CTRL_GET1_ID (EVP_PKEY_ALG_CTRL + 12) -#define EVP_PKEY_CTRL_GET1_ID_LEN (EVP_PKEY_ALG_CTRL + 13) - -/* KDF types */ -#define EVP_PKEY_ECDH_KDF_NONE 1 -#define EVP_PKEY_ECDH_KDF_X9_63 2 - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_EC_strings(void); - -/* Error codes for the EC functions. */ - -/* Function codes. */ -#define EC_F_BN_TO_FELEM 224 -#define EC_F_COMPUTE_WNAF 143 -#define EC_F_D2I_ECPARAMETERS 144 -#define EC_F_D2I_ECPKPARAMETERS 145 -#define EC_F_D2I_ECPRIVATEKEY 146 -#define EC_F_DO_EC_KEY_PRINT 221 -#define EC_F_ECKEY_PARAM2TYPE 223 -#define EC_F_ECKEY_PARAM_DECODE 212 -#define EC_F_ECKEY_PRIV_DECODE 213 -#define EC_F_ECKEY_PRIV_ENCODE 214 -#define EC_F_ECKEY_PUB_DECODE 215 -#define EC_F_ECKEY_PUB_ENCODE 216 -#define EC_F_ECKEY_TYPE2PARAM 220 -#define EC_F_ECPARAMETERS_PRINT 147 -#define EC_F_ECPARAMETERS_PRINT_FP 148 -#define EC_F_ECPKPARAMETERS_PRINT 149 -#define EC_F_ECPKPARAMETERS_PRINT_FP 150 -#define EC_F_ECP_NIST_MOD_192 203 -#define EC_F_ECP_NIST_MOD_224 204 -#define EC_F_ECP_NIST_MOD_256 205 -#define EC_F_ECP_NIST_MOD_521 206 -#define EC_F_ECP_NISTZ256_GET_AFFINE 240 -#define EC_F_ECP_NISTZ256_MULT_PRECOMPUTE 243 -#define EC_F_ECP_NISTZ256_POINTS_MUL 241 -#define EC_F_ECP_NISTZ256_PRE_COMP_NEW 244 -#define EC_F_ECP_NISTZ256_SET_WORDS 245 -#define EC_F_ECP_NISTZ256_WINDOWED_MUL 242 -#define EC_F_EC_ASN1_GROUP2CURVE 153 -#define EC_F_EC_ASN1_GROUP2FIELDID 154 -#define EC_F_EC_ASN1_GROUP2PARAMETERS 155 -#define EC_F_EC_ASN1_GROUP2PKPARAMETERS 156 -#define EC_F_EC_ASN1_PARAMETERS2GROUP 157 -#define EC_F_EC_ASN1_PKPARAMETERS2GROUP 158 -#define EC_F_EC_EX_DATA_SET_DATA 211 -#define EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY 208 -#define EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT 159 -#define EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE 195 -#define EC_F_EC_GF2M_SIMPLE_OCT2POINT 160 -#define EC_F_EC_GF2M_SIMPLE_POINT2OCT 161 -#define EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES 162 -#define EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES 163 -#define EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES 164 -#define EC_F_EC_GFP_MONT_FIELD_DECODE 133 -#define EC_F_EC_GFP_MONT_FIELD_ENCODE 134 -#define EC_F_EC_GFP_MONT_FIELD_MUL 131 -#define EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE 209 -#define EC_F_EC_GFP_MONT_FIELD_SQR 132 -#define EC_F_EC_GFP_MONT_GROUP_SET_CURVE 189 -#define EC_F_EC_GFP_MONT_GROUP_SET_CURVE_GFP 135 -#define EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE 225 -#define EC_F_EC_GFP_NISTP224_POINTS_MUL 228 -#define EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES 226 -#define EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE 230 -#define EC_F_EC_GFP_NISTP256_POINTS_MUL 231 -#define EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES 232 -#define EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE 233 -#define EC_F_EC_GFP_NISTP521_POINTS_MUL 234 -#define EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES 235 -#define EC_F_EC_GFP_NIST_FIELD_MUL 200 -#define EC_F_EC_GFP_NIST_FIELD_SQR 201 -#define EC_F_EC_GFP_NIST_GROUP_SET_CURVE 202 -#define EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT 165 -#define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE 166 -#define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP 100 -#define EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR 101 -#define EC_F_EC_GFP_SIMPLE_MAKE_AFFINE 102 -#define EC_F_EC_GFP_SIMPLE_OCT2POINT 103 -#define EC_F_EC_GFP_SIMPLE_POINT2OCT 104 -#define EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE 137 -#define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES 167 -#define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP 105 -#define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES 168 -#define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP 128 -#define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES 169 -#define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP 129 -#define EC_F_EC_GROUP_CHECK 170 -#define EC_F_EC_GROUP_CHECK_DISCRIMINANT 171 -#define EC_F_EC_GROUP_COPY 106 -#define EC_F_EC_GROUP_GET0_GENERATOR 139 -#define EC_F_EC_GROUP_GET_COFACTOR 140 -#define EC_F_EC_GROUP_GET_CURVE_GF2M 172 -#define EC_F_EC_GROUP_GET_CURVE_GFP 130 -#define EC_F_EC_GROUP_GET_DEGREE 173 -#define EC_F_EC_GROUP_GET_ORDER 141 -#define EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS 193 -#define EC_F_EC_GROUP_GET_TRINOMIAL_BASIS 194 -#define EC_F_EC_GROUP_NEW 108 -#define EC_F_EC_GROUP_NEW_BY_CURVE_NAME 174 -#define EC_F_EC_GROUP_NEW_FROM_DATA 175 -#define EC_F_EC_GROUP_PRECOMPUTE_MULT 142 -#define EC_F_EC_GROUP_SET_CURVE_GF2M 176 -#define EC_F_EC_GROUP_SET_CURVE_GFP 109 -#define EC_F_EC_GROUP_SET_EXTRA_DATA 110 -#define EC_F_EC_GROUP_SET_GENERATOR 111 -#define EC_F_EC_KEY_CHECK_KEY 177 -#define EC_F_EC_KEY_COPY 178 -#define EC_F_EC_KEY_GENERATE_KEY 179 -#define EC_F_EC_KEY_NEW 182 -#define EC_F_EC_KEY_PRINT 180 -#define EC_F_EC_KEY_PRINT_FP 181 -#define EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES 229 -#define EC_F_EC_POINTS_MAKE_AFFINE 136 -#define EC_F_EC_POINT_ADD 112 -#define EC_F_EC_POINT_CMP 113 -#define EC_F_EC_POINT_COPY 114 -#define EC_F_EC_POINT_DBL 115 -#define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M 183 -#define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP 116 -#define EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP 117 -#define EC_F_EC_POINT_INVERT 210 -#define EC_F_EC_POINT_IS_AT_INFINITY 118 -#define EC_F_EC_POINT_IS_ON_CURVE 119 -#define EC_F_EC_POINT_MAKE_AFFINE 120 -#define EC_F_EC_POINT_MUL 184 -#define EC_F_EC_POINT_NEW 121 -#define EC_F_EC_POINT_OCT2POINT 122 -#define EC_F_EC_POINT_POINT2OCT 123 -#define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M 185 -#define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP 124 -#define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M 186 -#define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP 125 -#define EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP 126 -#define EC_F_EC_POINT_SET_TO_INFINITY 127 -#define EC_F_EC_PRE_COMP_DUP 207 -#define EC_F_EC_PRE_COMP_NEW 196 -#define EC_F_EC_WNAF_MUL 187 -#define EC_F_EC_WNAF_PRECOMPUTE_MULT 188 -#define EC_F_I2D_ECPARAMETERS 190 -#define EC_F_I2D_ECPKPARAMETERS 191 -#define EC_F_I2D_ECPRIVATEKEY 192 -#define EC_F_I2O_ECPUBLICKEY 151 -#define EC_F_NISTP224_PRE_COMP_NEW 227 -#define EC_F_NISTP256_PRE_COMP_NEW 236 -#define EC_F_NISTP521_PRE_COMP_NEW 237 -#define EC_F_O2I_ECPUBLICKEY 152 -#define EC_F_OLD_EC_PRIV_DECODE 222 -#define EC_F_PKEY_EC_CTRL 197 -#define EC_F_PKEY_EC_CTRL_STR 198 -#define EC_F_PKEY_EC_DERIVE 217 -#define EC_F_PKEY_EC_KEYGEN 199 -#define EC_F_PKEY_EC_PARAMGEN 219 -#define EC_F_PKEY_EC_SIGN 218 - -/* Reason codes. */ -#define EC_R_ASN1_ERROR 115 -#define EC_R_ASN1_UNKNOWN_FIELD 116 -#define EC_R_BIGNUM_OUT_OF_RANGE 144 -#define EC_R_BUFFER_TOO_SMALL 100 -#define EC_R_COORDINATES_OUT_OF_RANGE 146 -#define EC_R_D2I_ECPKPARAMETERS_FAILURE 117 -#define EC_R_DECODE_ERROR 142 -#define EC_R_DISCRIMINANT_IS_ZERO 118 -#define EC_R_EC_GROUP_NEW_BY_NAME_FAILURE 119 -#define EC_R_FIELD_TOO_LARGE 143 -#define EC_R_GF2M_NOT_SUPPORTED 147 -#define EC_R_GROUP2PKPARAMETERS_FAILURE 120 -#define EC_R_I2D_ECPKPARAMETERS_FAILURE 121 -#define EC_R_INCOMPATIBLE_OBJECTS 101 -#define EC_R_INVALID_ARGUMENT 112 -#define EC_R_INVALID_COMPRESSED_POINT 110 -#define EC_R_INVALID_COMPRESSION_BIT 109 -#define EC_R_INVALID_CURVE 141 -#define EC_R_INVALID_DIGEST 151 -#define EC_R_INVALID_DIGEST_TYPE 138 -#define EC_R_INVALID_ENCODING 102 -#define EC_R_INVALID_FIELD 103 -#define EC_R_INVALID_FORM 104 -#define EC_R_INVALID_GROUP_ORDER 122 -#define EC_R_INVALID_PENTANOMIAL_BASIS 132 -#define EC_R_INVALID_PRIVATE_KEY 123 -#define EC_R_INVALID_TRINOMIAL_BASIS 137 -#define EC_R_KDF_PARAMETER_ERROR 148 -#define EC_R_KEYS_NOT_SET 140 -#define EC_R_MISSING_PARAMETERS 124 -#define EC_R_MISSING_PRIVATE_KEY 125 -#define EC_R_NOT_A_NIST_PRIME 135 -#define EC_R_NOT_A_SUPPORTED_NIST_PRIME 136 -#define EC_R_NOT_IMPLEMENTED 126 -#define EC_R_NOT_INITIALIZED 111 -#define EC_R_NO_FIELD_MOD 133 -#define EC_R_NO_PARAMETERS_SET 139 -#define EC_R_PASSED_NULL_PARAMETER 134 -#define EC_R_PEER_KEY_ERROR 149 -#define EC_R_PKPARAMETERS2GROUP_FAILURE 127 -#define EC_R_POINT_AT_INFINITY 106 -#define EC_R_POINT_IS_NOT_ON_CURVE 107 -#define EC_R_SHARED_INFO_ERROR 150 -#define EC_R_SLOT_FULL 108 -#define EC_R_UNDEFINED_GENERATOR 113 -#define EC_R_UNDEFINED_ORDER 128 -#define EC_R_UNKNOWN_COFACTOR 164 -#define EC_R_UNKNOWN_GROUP 129 -#define EC_R_UNKNOWN_ORDER 114 -#define EC_R_UNSUPPORTED_FIELD 131 -#define EC_R_WRONG_CURVE_PARAMETERS 145 -#define EC_R_WRONG_ORDER 130 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/openssl/ecdh.h b/libressl/include64/openssl/ecdh.h deleted file mode 100644 index ccc1312f..00000000 --- a/libressl/include64/openssl/ecdh.h +++ /dev/null @@ -1,128 +0,0 @@ -/* $OpenBSD: ecdh.h,v 1.5 2015/09/13 12:03:07 jsing Exp $ */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * - * The Elliptic Curve Public-Key Crypto Library (ECC Code) included - * herein is developed by SUN MICROSYSTEMS, INC., and is contributed - * to the OpenSSL project. - * - * The ECC Code is licensed pursuant to the OpenSSL open source - * license provided below. - * - * The ECDH software is originally written by Douglas Stebila of - * Sun Microsystems Laboratories. - * - */ -/* ==================================================================== - * Copyright (c) 2000-2002 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -#ifndef HEADER_ECDH_H -#define HEADER_ECDH_H - -#include <openssl/opensslconf.h> - -#ifdef OPENSSL_NO_ECDH -#error ECDH is disabled. -#endif - -#include <openssl/ec.h> -#include <openssl/ossl_typ.h> -#ifndef OPENSSL_NO_DEPRECATED -#include <openssl/bn.h> -#endif - -#ifdef __cplusplus -extern "C" { -#endif - -const ECDH_METHOD *ECDH_OpenSSL(void); - -void ECDH_set_default_method(const ECDH_METHOD *); -const ECDH_METHOD *ECDH_get_default_method(void); -int ECDH_set_method(EC_KEY *, const ECDH_METHOD *); - -int ECDH_size(const EC_KEY *ecdh); -int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, - EC_KEY *ecdh, - void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)); - -int ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new -*new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -int ECDH_set_ex_data(EC_KEY *d, int idx, void *arg); -void *ECDH_get_ex_data(EC_KEY *d, int idx); - - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_ECDH_strings(void); - -/* Error codes for the ECDH functions. */ - -/* Function codes. */ -#define ECDH_F_ECDH_CHECK 102 -#define ECDH_F_ECDH_COMPUTE_KEY 100 -#define ECDH_F_ECDH_DATA_NEW_METHOD 101 - -/* Reason codes. */ -#define ECDH_R_KDF_FAILED 102 -#define ECDH_R_KEY_TRUNCATION 104 -#define ECDH_R_NON_FIPS_METHOD 103 -#define ECDH_R_NO_PRIVATE_VALUE 100 -#define ECDH_R_POINT_ARITHMETIC_FAILURE 101 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/openssl/ecdsa.h b/libressl/include64/openssl/ecdsa.h deleted file mode 100644 index c4e107ee..00000000 --- a/libressl/include64/openssl/ecdsa.h +++ /dev/null @@ -1,331 +0,0 @@ -/* $OpenBSD: ecdsa.h,v 1.8 2019/01/19 01:17:41 tb Exp $ */ -/** - * \file crypto/ecdsa/ecdsa.h Include file for the OpenSSL ECDSA functions - * \author Written by Nils Larsch for the OpenSSL project - */ -/* ==================================================================== - * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -#ifndef HEADER_ECDSA_H -#define HEADER_ECDSA_H - -#include <openssl/opensslconf.h> - -#ifdef OPENSSL_NO_ECDSA -#error ECDSA is disabled. -#endif - -#include <openssl/ec.h> -#include <openssl/ossl_typ.h> -#ifndef OPENSSL_NO_DEPRECATED -#include <openssl/bn.h> -#endif - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct ECDSA_SIG_st ECDSA_SIG; - -struct ecdsa_method { - const char *name; - ECDSA_SIG *(*ecdsa_do_sign)(const unsigned char *dgst, int dgst_len, - const BIGNUM *inv, const BIGNUM *rp, EC_KEY *eckey); - int (*ecdsa_sign_setup)(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, - BIGNUM **r); - int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len, - const ECDSA_SIG *sig, EC_KEY *eckey); -#if 0 - int (*init)(EC_KEY *eckey); - int (*finish)(EC_KEY *eckey); -#endif - int flags; - char *app_data; -}; - -/* If this flag is set the ECDSA method is FIPS compliant and can be used - * in FIPS mode. This is set in the validated module method. If an - * application sets this flag in its own methods it is its responsibility - * to ensure the result is compliant. - */ - -#define ECDSA_FLAG_FIPS_METHOD 0x1 - -struct ECDSA_SIG_st { - BIGNUM *r; - BIGNUM *s; -}; - -/** Allocates and initialize a ECDSA_SIG structure - * \return pointer to a ECDSA_SIG structure or NULL if an error occurred - */ -ECDSA_SIG *ECDSA_SIG_new(void); - -/** frees a ECDSA_SIG structure - * \param sig pointer to the ECDSA_SIG structure - */ -void ECDSA_SIG_free(ECDSA_SIG *sig); - -/** DER encode content of ECDSA_SIG object (note: this function modifies *pp - * (*pp += length of the DER encoded signature)). - * \param sig pointer to the ECDSA_SIG object - * \param pp pointer to a unsigned char pointer for the output or NULL - * \return the length of the DER encoded ECDSA_SIG object or 0 - */ -int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp); - -/** Decodes a DER encoded ECDSA signature (note: this function changes *pp - * (*pp += len)). - * \param sig pointer to ECDSA_SIG pointer (may be NULL) - * \param pp memory buffer with the DER encoded signature - * \param len length of the buffer - * \return pointer to the decoded ECDSA_SIG structure (or NULL) - */ -ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len); - -/** Accessor for r and s fields of ECDSA_SIG - * \param sig pointer to ECDSA_SIG pointer - * \param pr pointer to BIGNUM pointer for r (may be NULL) - * \param ps pointer to BIGNUM pointer for s (may be NULL) - */ -void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps); - -/** Setter for r and s fields of ECDSA_SIG - * \param sig pointer to ECDSA_SIG pointer - * \param r pointer to BIGNUM for r (may be NULL) - * \param s pointer to BIGNUM for s (may be NULL) - */ -int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s); - -/** Computes the ECDSA signature of the given hash value using - * the supplied private key and returns the created signature. - * \param dgst pointer to the hash value - * \param dgst_len length of the hash value - * \param eckey EC_KEY object containing a private EC key - * \return pointer to a ECDSA_SIG structure or NULL if an error occurred - */ -ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len, - EC_KEY *eckey); - -/** Computes ECDSA signature of a given hash value using the supplied - * private key (note: sig must point to ECDSA_size(eckey) bytes of memory). - * \param dgst pointer to the hash value to sign - * \param dgstlen length of the hash value - * \param kinv BIGNUM with a pre-computed inverse k (optional) - * \param rp BIGNUM with a pre-computed rp value (optioanl), - * see ECDSA_sign_setup - * \param eckey EC_KEY object containing a private EC key - * \return pointer to a ECDSA_SIG structure or NULL if an error occurred - */ -ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen, - const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey); - -/** Verifies that the supplied signature is a valid ECDSA - * signature of the supplied hash value using the supplied public key. - * \param dgst pointer to the hash value - * \param dgst_len length of the hash value - * \param sig ECDSA_SIG structure - * \param eckey EC_KEY object containing a public EC key - * \return 1 if the signature is valid, 0 if the signature is invalid - * and -1 on error - */ -int ECDSA_do_verify(const unsigned char *dgst, int dgst_len, - const ECDSA_SIG *sig, EC_KEY* eckey); - -const ECDSA_METHOD *ECDSA_OpenSSL(void); - -/** Sets the default ECDSA method - * \param meth new default ECDSA_METHOD - */ -void ECDSA_set_default_method(const ECDSA_METHOD *meth); - -/** Returns the default ECDSA method - * \return pointer to ECDSA_METHOD structure containing the default method - */ -const ECDSA_METHOD *ECDSA_get_default_method(void); - -/** Sets method to be used for the ECDSA operations - * \param eckey EC_KEY object - * \param meth new method - * \return 1 on success and 0 otherwise - */ -int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth); - -/** Returns the maximum length of the DER encoded signature - * \param eckey EC_KEY object - * \return numbers of bytes required for the DER encoded signature - */ -int ECDSA_size(const EC_KEY *eckey); - -/** Precompute parts of the signing operation - * \param eckey EC_KEY object containing a private EC key - * \param ctx BN_CTX object (optional) - * \param kinv BIGNUM pointer for the inverse of k - * \param rp BIGNUM pointer for x coordinate of k * generator - * \return 1 on success and 0 otherwise - */ -int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, - BIGNUM **rp); - -/** Computes ECDSA signature of a given hash value using the supplied - * private key (note: sig must point to ECDSA_size(eckey) bytes of memory). - * \param type this parameter is ignored - * \param dgst pointer to the hash value to sign - * \param dgstlen length of the hash value - * \param sig memory for the DER encoded created signature - * \param siglen pointer to the length of the returned signature - * \param eckey EC_KEY object containing a private EC key - * \return 1 on success and 0 otherwise - */ -int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen, - unsigned char *sig, unsigned int *siglen, EC_KEY *eckey); - - -/** Computes ECDSA signature of a given hash value using the supplied - * private key (note: sig must point to ECDSA_size(eckey) bytes of memory). - * \param type this parameter is ignored - * \param dgst pointer to the hash value to sign - * \param dgstlen length of the hash value - * \param sig buffer to hold the DER encoded signature - * \param siglen pointer to the length of the returned signature - * \param kinv BIGNUM with a pre-computed inverse k (optional) - * \param rp BIGNUM with a pre-computed rp value (optioanl), - * see ECDSA_sign_setup - * \param eckey EC_KEY object containing a private EC key - * \return 1 on success and 0 otherwise - */ -int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen, - unsigned char *sig, unsigned int *siglen, const BIGNUM *kinv, - const BIGNUM *rp, EC_KEY *eckey); - -/** Verifies that the given signature is valid ECDSA signature - * of the supplied hash value using the specified public key. - * \param type this parameter is ignored - * \param dgst pointer to the hash value - * \param dgstlen length of the hash value - * \param sig pointer to the DER encoded signature - * \param siglen length of the DER encoded signature - * \param eckey EC_KEY object containing a public EC key - * \return 1 if the signature is valid, 0 if the signature is invalid - * and -1 on error - */ -int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen, - const unsigned char *sig, int siglen, EC_KEY *eckey); - -/* the standard ex_data functions */ -int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -int ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg); -void *ECDSA_get_ex_data(EC_KEY *d, int idx); - - -/* XXX should be in ec.h, but needs ECDSA_SIG */ -void EC_KEY_METHOD_set_sign(EC_KEY_METHOD *meth, - int (*sign)(int type, const unsigned char *dgst, - int dlen, unsigned char *sig, unsigned int *siglen, - const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey), - int (*sign_setup)(EC_KEY *eckey, BN_CTX *ctx_in, - BIGNUM **kinvp, BIGNUM **rp), - ECDSA_SIG *(*sign_sig)(const unsigned char *dgst, - int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, - EC_KEY *eckey)); -void EC_KEY_METHOD_set_verify(EC_KEY_METHOD *meth, - int (*verify)(int type, const unsigned char *dgst, int dgst_len, - const unsigned char *sigbuf, int sig_len, EC_KEY *eckey), - int (*verify_sig)(const unsigned char *dgst, int dgst_len, - const ECDSA_SIG *sig, EC_KEY *eckey)); -void EC_KEY_METHOD_get_sign(const EC_KEY_METHOD *meth, - int (**psign)(int type, const unsigned char *dgst, - int dlen, unsigned char *sig, unsigned int *siglen, - const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey), - int (**psign_setup)(EC_KEY *eckey, BN_CTX *ctx_in, - BIGNUM **kinvp, BIGNUM **rp), - ECDSA_SIG *(**psign_sig)(const unsigned char *dgst, - int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, - EC_KEY *eckey)); -void EC_KEY_METHOD_get_verify(const EC_KEY_METHOD *meth, - int (**pverify)(int type, const unsigned char *dgst, int dgst_len, - const unsigned char *sigbuf, int sig_len, EC_KEY *eckey), - int (**pverify_sig)(const unsigned char *dgst, int dgst_len, - const ECDSA_SIG *sig, EC_KEY *eckey)); - - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_ECDSA_strings(void); - -/* Error codes for the ECDSA functions. */ - -/* Function codes. */ -#define ECDSA_F_ECDSA_CHECK 104 -#define ECDSA_F_ECDSA_DATA_NEW_METHOD 100 -#define ECDSA_F_ECDSA_DO_SIGN 101 -#define ECDSA_F_ECDSA_DO_VERIFY 102 -#define ECDSA_F_ECDSA_SIGN_SETUP 103 - -/* Reason codes. */ -#define ECDSA_R_BAD_SIGNATURE 100 -#define ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 101 -#define ECDSA_R_ERR_EC_LIB 102 -#define ECDSA_R_MISSING_PARAMETERS 103 -#define ECDSA_R_NEED_NEW_SETUP_VALUES 106 -#define ECDSA_R_NON_FIPS_METHOD 107 -#define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED 104 -#define ECDSA_R_SIGNATURE_MALLOC_FAILED 105 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/openssl/engine.h b/libressl/include64/openssl/engine.h deleted file mode 100644 index dc14be8e..00000000 --- a/libressl/include64/openssl/engine.h +++ /dev/null @@ -1,814 +0,0 @@ -/* $OpenBSD: engine.h,v 1.33 2019/01/19 01:07:00 tb Exp $ */ -/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * ECDH support in OpenSSL originally developed by - * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. - */ - -#ifndef HEADER_ENGINE_H -#define HEADER_ENGINE_H - -#include <openssl/opensslconf.h> - -#ifdef OPENSSL_NO_ENGINE -#error ENGINE is disabled. -#endif - -#ifndef OPENSSL_NO_DEPRECATED -#include <openssl/bn.h> -#ifndef OPENSSL_NO_RSA -#include <openssl/rsa.h> -#endif -#ifndef OPENSSL_NO_DSA -#include <openssl/dsa.h> -#endif -#ifndef OPENSSL_NO_DH -#include <openssl/dh.h> -#endif -#ifndef OPENSSL_NO_ECDH -#include <openssl/ecdh.h> -#endif -#ifndef OPENSSL_NO_ECDSA -#include <openssl/ecdsa.h> -#endif -#ifndef OPENSSL_NO_EC -#include <openssl/ec.h> -#endif -#include <openssl/ui.h> -#include <openssl/err.h> -#endif - -#include <openssl/ossl_typ.h> - -#include <openssl/x509.h> - -#ifdef __cplusplus -extern "C" { -#endif - -/* These flags are used to control combinations of algorithm (methods) - * by bitwise "OR"ing. */ -#define ENGINE_METHOD_RSA (unsigned int)0x0001 -#define ENGINE_METHOD_DSA (unsigned int)0x0002 -#define ENGINE_METHOD_DH (unsigned int)0x0004 -#define ENGINE_METHOD_RAND (unsigned int)0x0008 -#define ENGINE_METHOD_ECDH (unsigned int)0x0010 -#define ENGINE_METHOD_ECDSA (unsigned int)0x0020 -#define ENGINE_METHOD_CIPHERS (unsigned int)0x0040 -#define ENGINE_METHOD_DIGESTS (unsigned int)0x0080 -#define ENGINE_METHOD_STORE (unsigned int)0x0100 -#define ENGINE_METHOD_PKEY_METHS (unsigned int)0x0200 -#define ENGINE_METHOD_PKEY_ASN1_METHS (unsigned int)0x0400 -#define ENGINE_METHOD_EC (unsigned int)0x0800 -/* Obvious all-or-nothing cases. */ -#define ENGINE_METHOD_ALL (unsigned int)0xFFFF -#define ENGINE_METHOD_NONE (unsigned int)0x0000 - -/* This(ese) flag(s) controls behaviour of the ENGINE_TABLE mechanism used - * internally to control registration of ENGINE implementations, and can be set - * by ENGINE_set_table_flags(). The "NOINIT" flag prevents attempts to - * initialise registered ENGINEs if they are not already initialised. */ -#define ENGINE_TABLE_FLAG_NOINIT (unsigned int)0x0001 - -/* ENGINE flags that can be set by ENGINE_set_flags(). */ -/* #define ENGINE_FLAGS_MALLOCED 0x0001 */ /* Not used */ - -/* This flag is for ENGINEs that wish to handle the various 'CMD'-related - * control commands on their own. Without this flag, ENGINE_ctrl() handles these - * control commands on behalf of the ENGINE using their "cmd_defns" data. */ -#define ENGINE_FLAGS_MANUAL_CMD_CTRL (int)0x0002 - -/* This flag is for ENGINEs who return new duplicate structures when found via - * "ENGINE_by_id()". When an ENGINE must store state (eg. if ENGINE_ctrl() - * commands are called in sequence as part of some stateful process like - * key-generation setup and execution), it can set this flag - then each attempt - * to obtain the ENGINE will result in it being copied into a new structure. - * Normally, ENGINEs don't declare this flag so ENGINE_by_id() just increments - * the existing ENGINE's structural reference count. */ -#define ENGINE_FLAGS_BY_ID_COPY (int)0x0004 - -/* This flag if for an ENGINE that does not want its methods registered as - * part of ENGINE_register_all_complete() for example if the methods are - * not usable as default methods. - */ - -#define ENGINE_FLAGS_NO_REGISTER_ALL (int)0x0008 - -/* ENGINEs can support their own command types, and these flags are used in - * ENGINE_CTRL_GET_CMD_FLAGS to indicate to the caller what kind of input each - * command expects. Currently only numeric and string input is supported. If a - * control command supports none of the _NUMERIC, _STRING, or _NO_INPUT options, - * then it is regarded as an "internal" control command - and not for use in - * config setting situations. As such, they're not available to the - * ENGINE_ctrl_cmd_string() function, only raw ENGINE_ctrl() access. Changes to - * this list of 'command types' should be reflected carefully in - * ENGINE_cmd_is_executable() and ENGINE_ctrl_cmd_string(). */ - -/* accepts a 'long' input value (3rd parameter to ENGINE_ctrl) */ -#define ENGINE_CMD_FLAG_NUMERIC (unsigned int)0x0001 -/* accepts string input (cast from 'void*' to 'const char *', 4th parameter to - * ENGINE_ctrl) */ -#define ENGINE_CMD_FLAG_STRING (unsigned int)0x0002 -/* Indicates that the control command takes *no* input. Ie. the control command - * is unparameterised. */ -#define ENGINE_CMD_FLAG_NO_INPUT (unsigned int)0x0004 -/* Indicates that the control command is internal. This control command won't - * be shown in any output, and is only usable through the ENGINE_ctrl_cmd() - * function. */ -#define ENGINE_CMD_FLAG_INTERNAL (unsigned int)0x0008 - -/* NB: These 3 control commands are deprecated and should not be used. ENGINEs - * relying on these commands should compile conditional support for - * compatibility (eg. if these symbols are defined) but should also migrate the - * same functionality to their own ENGINE-specific control functions that can be - * "discovered" by calling applications. The fact these control commands - * wouldn't be "executable" (ie. usable by text-based config) doesn't change the - * fact that application code can find and use them without requiring per-ENGINE - * hacking. */ - -/* These flags are used to tell the ctrl function what should be done. - * All command numbers are shared between all engines, even if some don't - * make sense to some engines. In such a case, they do nothing but return - * the error ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED. */ -#define ENGINE_CTRL_SET_LOGSTREAM 1 -#define ENGINE_CTRL_SET_PASSWORD_CALLBACK 2 -#define ENGINE_CTRL_HUP 3 /* Close and reinitialise any - handles/connections etc. */ -#define ENGINE_CTRL_SET_USER_INTERFACE 4 /* Alternative to callback */ -#define ENGINE_CTRL_SET_CALLBACK_DATA 5 /* User-specific data, used - when calling the password - callback and the user - interface */ -#define ENGINE_CTRL_LOAD_CONFIGURATION 6 /* Load a configuration, given - a string that represents a - file name or so */ -#define ENGINE_CTRL_LOAD_SECTION 7 /* Load data from a given - section in the already loaded - configuration */ - -/* These control commands allow an application to deal with an arbitrary engine - * in a dynamic way. Warn: Negative return values indicate errors FOR THESE - * COMMANDS because zero is used to indicate 'end-of-list'. Other commands, - * including ENGINE-specific command types, return zero for an error. - * - * An ENGINE can choose to implement these ctrl functions, and can internally - * manage things however it chooses - it does so by setting the - * ENGINE_FLAGS_MANUAL_CMD_CTRL flag (using ENGINE_set_flags()). Otherwise the - * ENGINE_ctrl() code handles this on the ENGINE's behalf using the cmd_defns - * data (set using ENGINE_set_cmd_defns()). This means an ENGINE's ctrl() - * handler need only implement its own commands - the above "meta" commands will - * be taken care of. */ - -/* Returns non-zero if the supplied ENGINE has a ctrl() handler. If "not", then - * all the remaining control commands will return failure, so it is worth - * checking this first if the caller is trying to "discover" the engine's - * capabilities and doesn't want errors generated unnecessarily. */ -#define ENGINE_CTRL_HAS_CTRL_FUNCTION 10 -/* Returns a positive command number for the first command supported by the - * engine. Returns zero if no ctrl commands are supported. */ -#define ENGINE_CTRL_GET_FIRST_CMD_TYPE 11 -/* The 'long' argument specifies a command implemented by the engine, and the - * return value is the next command supported, or zero if there are no more. */ -#define ENGINE_CTRL_GET_NEXT_CMD_TYPE 12 -/* The 'void*' argument is a command name (cast from 'const char *'), and the - * return value is the command that corresponds to it. */ -#define ENGINE_CTRL_GET_CMD_FROM_NAME 13 -/* The next two allow a command to be converted into its corresponding string - * form. In each case, the 'long' argument supplies the command. In the NAME_LEN - * case, the return value is the length of the command name (not counting a - * trailing EOL). In the NAME case, the 'void*' argument must be a string buffer - * large enough, and it will be populated with the name of the command (WITH a - * trailing EOL). */ -#define ENGINE_CTRL_GET_NAME_LEN_FROM_CMD 14 -#define ENGINE_CTRL_GET_NAME_FROM_CMD 15 -/* The next two are similar but give a "short description" of a command. */ -#define ENGINE_CTRL_GET_DESC_LEN_FROM_CMD 16 -#define ENGINE_CTRL_GET_DESC_FROM_CMD 17 -/* With this command, the return value is the OR'd combination of - * ENGINE_CMD_FLAG_*** values that indicate what kind of input a given - * engine-specific ctrl command expects. */ -#define ENGINE_CTRL_GET_CMD_FLAGS 18 - -/* ENGINE implementations should start the numbering of their own control - * commands from this value. (ie. ENGINE_CMD_BASE, ENGINE_CMD_BASE + 1, etc). */ -#define ENGINE_CMD_BASE 200 - -/* If an ENGINE supports its own specific control commands and wishes the - * framework to handle the above 'ENGINE_CMD_***'-manipulation commands on its - * behalf, it should supply a null-terminated array of ENGINE_CMD_DEFN entries - * to ENGINE_set_cmd_defns(). It should also implement a ctrl() handler that - * supports the stated commands (ie. the "cmd_num" entries as described by the - * array). NB: The array must be ordered in increasing order of cmd_num. - * "null-terminated" means that the last ENGINE_CMD_DEFN element has cmd_num set - * to zero and/or cmd_name set to NULL. */ -typedef struct ENGINE_CMD_DEFN_st { - unsigned int cmd_num; /* The command number */ - const char *cmd_name; /* The command name itself */ - const char *cmd_desc; /* A short description of the command */ - unsigned int cmd_flags; /* The input the command expects */ -} ENGINE_CMD_DEFN; - -/* Generic function pointer */ -typedef int (*ENGINE_GEN_FUNC_PTR)(void); -/* Generic function pointer taking no arguments */ -typedef int (*ENGINE_GEN_INT_FUNC_PTR)(ENGINE *); -/* Specific control function pointer */ -typedef int (*ENGINE_CTRL_FUNC_PTR)(ENGINE *, int, long, void *, - void (*f)(void)); -/* Generic load_key function pointer */ -typedef EVP_PKEY * (*ENGINE_LOAD_KEY_PTR)(ENGINE *, const char *, - UI_METHOD *ui_method, void *callback_data); -typedef int (*ENGINE_SSL_CLIENT_CERT_PTR)(ENGINE *, SSL *ssl, - STACK_OF(X509_NAME) *ca_dn, X509 **pcert, EVP_PKEY **pkey, - STACK_OF(X509) **pother, UI_METHOD *ui_method, void *callback_data); - -/* These callback types are for an ENGINE's handler for cipher and digest logic. - * These handlers have these prototypes; - * int foo(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid); - * int foo(ENGINE *e, const EVP_MD **digest, const int **nids, int nid); - * Looking at how to implement these handlers in the case of cipher support, if - * the framework wants the EVP_CIPHER for 'nid', it will call; - * foo(e, &p_evp_cipher, NULL, nid); (return zero for failure) - * If the framework wants a list of supported 'nid's, it will call; - * foo(e, NULL, &p_nids, 0); (returns number of 'nids' or -1 for error) - */ -/* Returns to a pointer to the array of supported cipher 'nid's. If the second - * parameter is non-NULL it is set to the size of the returned array. */ -typedef int (*ENGINE_CIPHERS_PTR)(ENGINE *, const EVP_CIPHER **, - const int **, int); -typedef int (*ENGINE_DIGESTS_PTR)(ENGINE *, const EVP_MD **, const int **, int); -typedef int (*ENGINE_PKEY_METHS_PTR)(ENGINE *, EVP_PKEY_METHOD **, - const int **, int); -typedef int (*ENGINE_PKEY_ASN1_METHS_PTR)(ENGINE *, EVP_PKEY_ASN1_METHOD **, - const int **, int); - -/* STRUCTURE functions ... all of these functions deal with pointers to ENGINE - * structures where the pointers have a "structural reference". This means that - * their reference is to allowed access to the structure but it does not imply - * that the structure is functional. To simply increment or decrement the - * structural reference count, use ENGINE_by_id and ENGINE_free. NB: This is not - * required when iterating using ENGINE_get_next as it will automatically - * decrement the structural reference count of the "current" ENGINE and - * increment the structural reference count of the ENGINE it returns (unless it - * is NULL). */ - -/* Get the first/last "ENGINE" type available. */ -ENGINE *ENGINE_get_first(void); -ENGINE *ENGINE_get_last(void); -/* Iterate to the next/previous "ENGINE" type (NULL = end of the list). */ -ENGINE *ENGINE_get_next(ENGINE *e); -ENGINE *ENGINE_get_prev(ENGINE *e); -/* Add another "ENGINE" type into the array. */ -int ENGINE_add(ENGINE *e); -/* Remove an existing "ENGINE" type from the array. */ -int ENGINE_remove(ENGINE *e); -/* Retrieve an engine from the list by its unique "id" value. */ -ENGINE *ENGINE_by_id(const char *id); -/* Add all the built-in engines. */ -void ENGINE_load_openssl(void); -void ENGINE_load_dynamic(void); -#ifndef OPENSSL_NO_STATIC_ENGINE -void ENGINE_load_padlock(void); -#endif -void ENGINE_load_builtin_engines(void); - -/* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation - * "registry" handling. */ -unsigned int ENGINE_get_table_flags(void); -void ENGINE_set_table_flags(unsigned int flags); - -/* Manage registration of ENGINEs per "table". For each type, there are 3 - * functions; - * ENGINE_register_***(e) - registers the implementation from 'e' (if it has one) - * ENGINE_unregister_***(e) - unregister the implementation from 'e' - * ENGINE_register_all_***() - call ENGINE_register_***() for each 'e' in the list - * Cleanup is automatically registered from each table when required, so - * ENGINE_cleanup() will reverse any "register" operations. */ - -int ENGINE_register_RSA(ENGINE *e); -void ENGINE_unregister_RSA(ENGINE *e); -void ENGINE_register_all_RSA(void); - -int ENGINE_register_DSA(ENGINE *e); -void ENGINE_unregister_DSA(ENGINE *e); -void ENGINE_register_all_DSA(void); - -int ENGINE_register_ECDH(ENGINE *e); -void ENGINE_unregister_ECDH(ENGINE *e); -void ENGINE_register_all_ECDH(void); - -int ENGINE_register_ECDSA(ENGINE *e); -void ENGINE_unregister_ECDSA(ENGINE *e); -void ENGINE_register_all_ECDSA(void); - -int ENGINE_register_EC(ENGINE *e); -void ENGINE_unregister_EC(ENGINE *e); -void ENGINE_register_all_EC(void); - -int ENGINE_register_DH(ENGINE *e); -void ENGINE_unregister_DH(ENGINE *e); -void ENGINE_register_all_DH(void); - -int ENGINE_register_RAND(ENGINE *e); -void ENGINE_unregister_RAND(ENGINE *e); -void ENGINE_register_all_RAND(void); - -int ENGINE_register_STORE(ENGINE *e); -void ENGINE_unregister_STORE(ENGINE *e); -void ENGINE_register_all_STORE(void); - -int ENGINE_register_ciphers(ENGINE *e); -void ENGINE_unregister_ciphers(ENGINE *e); -void ENGINE_register_all_ciphers(void); - -int ENGINE_register_digests(ENGINE *e); -void ENGINE_unregister_digests(ENGINE *e); -void ENGINE_register_all_digests(void); - -int ENGINE_register_pkey_meths(ENGINE *e); -void ENGINE_unregister_pkey_meths(ENGINE *e); -void ENGINE_register_all_pkey_meths(void); - -int ENGINE_register_pkey_asn1_meths(ENGINE *e); -void ENGINE_unregister_pkey_asn1_meths(ENGINE *e); -void ENGINE_register_all_pkey_asn1_meths(void); - -/* These functions register all support from the above categories. Note, use of - * these functions can result in static linkage of code your application may not - * need. If you only need a subset of functionality, consider using more - * selective initialisation. */ -int ENGINE_register_complete(ENGINE *e); -int ENGINE_register_all_complete(void); - -/* Send parametrised control commands to the engine. The possibilities to send - * down an integer, a pointer to data or a function pointer are provided. Any of - * the parameters may or may not be NULL, depending on the command number. In - * actuality, this function only requires a structural (rather than functional) - * reference to an engine, but many control commands may require the engine be - * functional. The caller should be aware of trying commands that require an - * operational ENGINE, and only use functional references in such situations. */ -int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)); - -/* This function tests if an ENGINE-specific command is usable as a "setting". - * Eg. in an application's config file that gets processed through - * ENGINE_ctrl_cmd_string(). If this returns zero, it is not available to - * ENGINE_ctrl_cmd_string(), only ENGINE_ctrl(). */ -int ENGINE_cmd_is_executable(ENGINE *e, int cmd); - -/* This function works like ENGINE_ctrl() with the exception of taking a - * command name instead of a command number, and can handle optional commands. - * See the comment on ENGINE_ctrl_cmd_string() for an explanation on how to - * use the cmd_name and cmd_optional. */ -int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name, - long i, void *p, void (*f)(void), int cmd_optional); - -/* This function passes a command-name and argument to an ENGINE. The cmd_name - * is converted to a command number and the control command is called using - * 'arg' as an argument (unless the ENGINE doesn't support such a command, in - * which case no control command is called). The command is checked for input - * flags, and if necessary the argument will be converted to a numeric value. If - * cmd_optional is non-zero, then if the ENGINE doesn't support the given - * cmd_name the return value will be success anyway. This function is intended - * for applications to use so that users (or config files) can supply - * engine-specific config data to the ENGINE at run-time to control behaviour of - * specific engines. As such, it shouldn't be used for calling ENGINE_ctrl() - * functions that return data, deal with binary data, or that are otherwise - * supposed to be used directly through ENGINE_ctrl() in application code. Any - * "return" data from an ENGINE_ctrl() operation in this function will be lost - - * the return value is interpreted as failure if the return value is zero, - * success otherwise, and this function returns a boolean value as a result. In - * other words, vendors of 'ENGINE'-enabled devices should write ENGINE - * implementations with parameterisations that work in this scheme, so that - * compliant ENGINE-based applications can work consistently with the same - * configuration for the same ENGINE-enabled devices, across applications. */ -int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg, - int cmd_optional); - -/* These functions are useful for manufacturing new ENGINE structures. They - * don't address reference counting at all - one uses them to populate an ENGINE - * structure with personalised implementations of things prior to using it - * directly or adding it to the builtin ENGINE list in OpenSSL. These are also - * here so that the ENGINE structure doesn't have to be exposed and break binary - * compatibility! */ -ENGINE *ENGINE_new(void); -int ENGINE_free(ENGINE *e); -int ENGINE_up_ref(ENGINE *e); -int ENGINE_set_id(ENGINE *e, const char *id); -int ENGINE_set_name(ENGINE *e, const char *name); -int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth); -int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth); -int ENGINE_set_ECDH(ENGINE *e, const ECDH_METHOD *ecdh_meth); -int ENGINE_set_ECDSA(ENGINE *e, const ECDSA_METHOD *ecdsa_meth); -int ENGINE_set_EC(ENGINE *e, const EC_KEY_METHOD *ec_meth); -int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth); -int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth); -int ENGINE_set_STORE(ENGINE *e, const STORE_METHOD *store_meth); -int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f); -int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f); -int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f); -int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f); -int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f); -int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f); -int ENGINE_set_load_ssl_client_cert_function(ENGINE *e, - ENGINE_SSL_CLIENT_CERT_PTR loadssl_f); -int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f); -int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f); -int ENGINE_set_pkey_meths(ENGINE *e, ENGINE_PKEY_METHS_PTR f); -int ENGINE_set_pkey_asn1_meths(ENGINE *e, ENGINE_PKEY_ASN1_METHS_PTR f); -int ENGINE_set_flags(ENGINE *e, int flags); -int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns); -/* These functions allow control over any per-structure ENGINE data. */ -int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg); -void *ENGINE_get_ex_data(const ENGINE *e, int idx); - -/* This function cleans up anything that needs it. Eg. the ENGINE_add() function - * automatically ensures the list cleanup function is registered to be called - * from ENGINE_cleanup(). Similarly, all ENGINE_register_*** functions ensure - * ENGINE_cleanup() will clean up after them. */ -void ENGINE_cleanup(void); - -/* These return values from within the ENGINE structure. These can be useful - * with functional references as well as structural references - it depends - * which you obtained. Using the result for functional purposes if you only - * obtained a structural reference may be problematic! */ -const char *ENGINE_get_id(const ENGINE *e); -const char *ENGINE_get_name(const ENGINE *e); -const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e); -const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e); -const ECDH_METHOD *ENGINE_get_ECDH(const ENGINE *e); -const ECDSA_METHOD *ENGINE_get_ECDSA(const ENGINE *e); -const EC_KEY_METHOD *ENGINE_get_EC(const ENGINE *e); -const DH_METHOD *ENGINE_get_DH(const ENGINE *e); -const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e); -const STORE_METHOD *ENGINE_get_STORE(const ENGINE *e); -ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e); -ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e); -ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e); -ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e); -ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e); -ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e); -ENGINE_SSL_CLIENT_CERT_PTR ENGINE_get_ssl_client_cert_function(const ENGINE *e); -ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e); -ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e); -ENGINE_PKEY_METHS_PTR ENGINE_get_pkey_meths(const ENGINE *e); -ENGINE_PKEY_ASN1_METHS_PTR ENGINE_get_pkey_asn1_meths(const ENGINE *e); -const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid); -const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid); -const EVP_PKEY_METHOD *ENGINE_get_pkey_meth(ENGINE *e, int nid); -const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth(ENGINE *e, int nid); -const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth_str(ENGINE *e, - const char *str, int len); -const EVP_PKEY_ASN1_METHOD *ENGINE_pkey_asn1_find_str(ENGINE **pe, - const char *str, int len); -const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e); -int ENGINE_get_flags(const ENGINE *e); - -/* FUNCTIONAL functions. These functions deal with ENGINE structures - * that have (or will) be initialised for use. Broadly speaking, the - * structural functions are useful for iterating the list of available - * engine types, creating new engine types, and other "list" operations. - * These functions actually deal with ENGINEs that are to be used. As - * such these functions can fail (if applicable) when particular - * engines are unavailable - eg. if a hardware accelerator is not - * attached or not functioning correctly. Each ENGINE has 2 reference - * counts; structural and functional. Every time a functional reference - * is obtained or released, a corresponding structural reference is - * automatically obtained or released too. */ - -/* Initialise a engine type for use (or up its reference count if it's - * already in use). This will fail if the engine is not currently - * operational and cannot initialise. */ -int ENGINE_init(ENGINE *e); -/* Free a functional reference to a engine type. This does not require - * a corresponding call to ENGINE_free as it also releases a structural - * reference. */ -int ENGINE_finish(ENGINE *e); - -/* The following functions handle keys that are stored in some secondary - * location, handled by the engine. The storage may be on a card or - * whatever. */ -EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id, - UI_METHOD *ui_method, void *callback_data); -EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id, - UI_METHOD *ui_method, void *callback_data); -int ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s, - STACK_OF(X509_NAME) *ca_dn, X509 **pcert, EVP_PKEY **ppkey, - STACK_OF(X509) **pother, - UI_METHOD *ui_method, void *callback_data); - -/* This returns a pointer for the current ENGINE structure that - * is (by default) performing any RSA operations. The value returned - * is an incremented reference, so it should be free'd (ENGINE_finish) - * before it is discarded. */ -ENGINE *ENGINE_get_default_RSA(void); -/* Same for the other "methods" */ -ENGINE *ENGINE_get_default_DSA(void); -ENGINE *ENGINE_get_default_ECDH(void); -ENGINE *ENGINE_get_default_ECDSA(void); -ENGINE *ENGINE_get_default_EC(void); -ENGINE *ENGINE_get_default_DH(void); -ENGINE *ENGINE_get_default_RAND(void); -/* These functions can be used to get a functional reference to perform - * ciphering or digesting corresponding to "nid". */ -ENGINE *ENGINE_get_cipher_engine(int nid); -ENGINE *ENGINE_get_digest_engine(int nid); -ENGINE *ENGINE_get_pkey_meth_engine(int nid); -ENGINE *ENGINE_get_pkey_asn1_meth_engine(int nid); - -/* This sets a new default ENGINE structure for performing RSA - * operations. If the result is non-zero (success) then the ENGINE - * structure will have had its reference count up'd so the caller - * should still free their own reference 'e'. */ -int ENGINE_set_default_RSA(ENGINE *e); -int ENGINE_set_default_string(ENGINE *e, const char *def_list); -/* Same for the other "methods" */ -int ENGINE_set_default_DSA(ENGINE *e); -int ENGINE_set_default_ECDH(ENGINE *e); -int ENGINE_set_default_ECDSA(ENGINE *e); -int ENGINE_set_default_EC(ENGINE *e); -int ENGINE_set_default_DH(ENGINE *e); -int ENGINE_set_default_RAND(ENGINE *e); -int ENGINE_set_default_ciphers(ENGINE *e); -int ENGINE_set_default_digests(ENGINE *e); -int ENGINE_set_default_pkey_meths(ENGINE *e); -int ENGINE_set_default_pkey_asn1_meths(ENGINE *e); - -/* The combination "set" - the flags are bitwise "OR"d from the - * ENGINE_METHOD_*** defines above. As with the "ENGINE_register_complete()" - * function, this function can result in unnecessary static linkage. If your - * application requires only specific functionality, consider using more - * selective functions. */ -int ENGINE_set_default(ENGINE *e, unsigned int flags); - -void ENGINE_add_conf_module(void); - -/* Deprecated functions ... */ -/* int ENGINE_clear_defaults(void); */ - -/**************************/ -/* DYNAMIC ENGINE SUPPORT */ -/**************************/ - -/* Binary/behaviour compatibility levels */ -#define OSSL_DYNAMIC_VERSION (unsigned long)0x00020000 -/* Binary versions older than this are too old for us (whether we're a loader or - * a loadee) */ -#define OSSL_DYNAMIC_OLDEST (unsigned long)0x00020000 - -/* When compiling an ENGINE entirely as an external shared library, loadable by - * the "dynamic" ENGINE, these types are needed. The 'dynamic_fns' structure - * type provides the calling application's (or library's) error functionality - * and memory management function pointers to the loaded library. These should - * be used/set in the loaded library code so that the loading application's - * 'state' will be used/changed in all operations. The 'static_state' pointer - * allows the loaded library to know if it shares the same static data as the - * calling application (or library), and thus whether these callbacks need to be - * set or not. */ -typedef void *(*dyn_MEM_malloc_cb)(size_t); -typedef void *(*dyn_MEM_realloc_cb)(void *, size_t); -typedef void (*dyn_MEM_free_cb)(void *); -typedef struct st_dynamic_MEM_fns { - dyn_MEM_malloc_cb malloc_cb; - dyn_MEM_realloc_cb realloc_cb; - dyn_MEM_free_cb free_cb; -} dynamic_MEM_fns; -/* FIXME: Perhaps the memory and locking code (crypto.h) should declare and use - * these types so we (and any other dependant code) can simplify a bit?? */ -typedef void (*dyn_lock_locking_cb)(int, int, const char *, int); -typedef int (*dyn_lock_add_lock_cb)(int*, int, int, const char *, int); -typedef struct CRYPTO_dynlock_value *(*dyn_dynlock_create_cb)( - const char *, int); -typedef void (*dyn_dynlock_lock_cb)(int, struct CRYPTO_dynlock_value *, - const char *, int); -typedef void (*dyn_dynlock_destroy_cb)(struct CRYPTO_dynlock_value *, - const char *, int); -typedef struct st_dynamic_LOCK_fns { - dyn_lock_locking_cb lock_locking_cb; - dyn_lock_add_lock_cb lock_add_lock_cb; - dyn_dynlock_create_cb dynlock_create_cb; - dyn_dynlock_lock_cb dynlock_lock_cb; - dyn_dynlock_destroy_cb dynlock_destroy_cb; -} dynamic_LOCK_fns; -/* The top-level structure */ -typedef struct st_dynamic_fns { - void *static_state; - const ERR_FNS *err_fns; - const CRYPTO_EX_DATA_IMPL *ex_data_fns; - dynamic_MEM_fns mem_fns; - dynamic_LOCK_fns lock_fns; -} dynamic_fns; - -/* The version checking function should be of this prototype. NB: The - * ossl_version value passed in is the OSSL_DYNAMIC_VERSION of the loading code. - * If this function returns zero, it indicates a (potential) version - * incompatibility and the loaded library doesn't believe it can proceed. - * Otherwise, the returned value is the (latest) version supported by the - * loading library. The loader may still decide that the loaded code's version - * is unsatisfactory and could veto the load. The function is expected to - * be implemented with the symbol name "v_check", and a default implementation - * can be fully instantiated with IMPLEMENT_DYNAMIC_CHECK_FN(). */ -typedef unsigned long (*dynamic_v_check_fn)(unsigned long ossl_version); -#define IMPLEMENT_DYNAMIC_CHECK_FN() \ - extern unsigned long v_check(unsigned long v); \ - extern unsigned long v_check(unsigned long v) { \ - if(v >= OSSL_DYNAMIC_OLDEST) return OSSL_DYNAMIC_VERSION; \ - return 0; } - -/* This function is passed the ENGINE structure to initialise with its own - * function and command settings. It should not adjust the structural or - * functional reference counts. If this function returns zero, (a) the load will - * be aborted, (b) the previous ENGINE state will be memcpy'd back onto the - * structure, and (c) the shared library will be unloaded. So implementations - * should do their own internal cleanup in failure circumstances otherwise they - * could leak. The 'id' parameter, if non-NULL, represents the ENGINE id that - * the loader is looking for. If this is NULL, the shared library can choose to - * return failure or to initialise a 'default' ENGINE. If non-NULL, the shared - * library must initialise only an ENGINE matching the passed 'id'. The function - * is expected to be implemented with the symbol name "bind_engine". A standard - * implementation can be instantiated with IMPLEMENT_DYNAMIC_BIND_FN(fn) where - * the parameter 'fn' is a callback function that populates the ENGINE structure - * and returns an int value (zero for failure). 'fn' should have prototype; - * [static] int fn(ENGINE *e, const char *id); */ -typedef int (*dynamic_bind_engine)(ENGINE *e, const char *id, - const dynamic_fns *fns); -#define IMPLEMENT_DYNAMIC_BIND_FN(fn) \ - extern \ - int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns); \ - extern \ - int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \ - if(ENGINE_get_static_state() == fns->static_state) goto skip_cbs; \ - if(!CRYPTO_set_mem_functions(fns->mem_fns.malloc_cb, \ - fns->mem_fns.realloc_cb, fns->mem_fns.free_cb)) \ - return 0; \ - if(!CRYPTO_set_ex_data_implementation(fns->ex_data_fns)) \ - return 0; \ - if(!ERR_set_implementation(fns->err_fns)) return 0; \ - skip_cbs: \ - if(!fn(e,id)) return 0; \ - return 1; } - -/* If the loading application (or library) and the loaded ENGINE library share - * the same static data (eg. they're both dynamically linked to the same - * libcrypto.so) we need a way to avoid trying to set system callbacks - this - * would fail, and for the same reason that it's unnecessary to try. If the - * loaded ENGINE has (or gets from through the loader) its own copy of the - * libcrypto static data, we will need to set the callbacks. The easiest way to - * detect this is to have a function that returns a pointer to some static data - * and let the loading application and loaded ENGINE compare their respective - * values. */ - void *ENGINE_get_static_state(void); - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_ENGINE_strings(void); - -/* Error codes for the ENGINE functions. */ - -/* Function codes. */ -#define ENGINE_F_DYNAMIC_CTRL 180 -#define ENGINE_F_DYNAMIC_GET_DATA_CTX 181 -#define ENGINE_F_DYNAMIC_LOAD 182 -#define ENGINE_F_DYNAMIC_SET_DATA_CTX 183 -#define ENGINE_F_ENGINE_ADD 105 -#define ENGINE_F_ENGINE_BY_ID 106 -#define ENGINE_F_ENGINE_CMD_IS_EXECUTABLE 170 -#define ENGINE_F_ENGINE_CTRL 142 -#define ENGINE_F_ENGINE_CTRL_CMD 178 -#define ENGINE_F_ENGINE_CTRL_CMD_STRING 171 -#define ENGINE_F_ENGINE_FINISH 107 -#define ENGINE_F_ENGINE_FREE_UTIL 108 -#define ENGINE_F_ENGINE_GET_CIPHER 185 -#define ENGINE_F_ENGINE_GET_DEFAULT_TYPE 177 -#define ENGINE_F_ENGINE_GET_DIGEST 186 -#define ENGINE_F_ENGINE_GET_NEXT 115 -#define ENGINE_F_ENGINE_GET_PKEY_ASN1_METH 193 -#define ENGINE_F_ENGINE_GET_PKEY_METH 192 -#define ENGINE_F_ENGINE_GET_PREV 116 -#define ENGINE_F_ENGINE_INIT 119 -#define ENGINE_F_ENGINE_LIST_ADD 120 -#define ENGINE_F_ENGINE_LIST_REMOVE 121 -#define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY 150 -#define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY 151 -#define ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT 194 -#define ENGINE_F_ENGINE_NEW 122 -#define ENGINE_F_ENGINE_REMOVE 123 -#define ENGINE_F_ENGINE_SET_DEFAULT_STRING 189 -#define ENGINE_F_ENGINE_SET_DEFAULT_TYPE 126 -#define ENGINE_F_ENGINE_SET_ID 129 -#define ENGINE_F_ENGINE_SET_NAME 130 -#define ENGINE_F_ENGINE_TABLE_REGISTER 184 -#define ENGINE_F_ENGINE_UNLOAD_KEY 152 -#define ENGINE_F_ENGINE_UNLOCKED_FINISH 191 -#define ENGINE_F_ENGINE_UP_REF 190 -#define ENGINE_F_INT_CTRL_HELPER 172 -#define ENGINE_F_INT_ENGINE_CONFIGURE 188 -#define ENGINE_F_INT_ENGINE_MODULE_INIT 187 -#define ENGINE_F_LOG_MESSAGE 141 - -/* Reason codes. */ -#define ENGINE_R_ALREADY_LOADED 100 -#define ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER 133 -#define ENGINE_R_CMD_NOT_EXECUTABLE 134 -#define ENGINE_R_COMMAND_TAKES_INPUT 135 -#define ENGINE_R_COMMAND_TAKES_NO_INPUT 136 -#define ENGINE_R_CONFLICTING_ENGINE_ID 103 -#define ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED 119 -#define ENGINE_R_DH_NOT_IMPLEMENTED 139 -#define ENGINE_R_DSA_NOT_IMPLEMENTED 140 -#define ENGINE_R_DSO_FAILURE 104 -#define ENGINE_R_DSO_NOT_FOUND 132 -#define ENGINE_R_ENGINES_SECTION_ERROR 148 -#define ENGINE_R_ENGINE_CONFIGURATION_ERROR 102 -#define ENGINE_R_ENGINE_IS_NOT_IN_LIST 105 -#define ENGINE_R_ENGINE_SECTION_ERROR 149 -#define ENGINE_R_FAILED_LOADING_PRIVATE_KEY 128 -#define ENGINE_R_FAILED_LOADING_PUBLIC_KEY 129 -#define ENGINE_R_FINISH_FAILED 106 -#define ENGINE_R_GET_HANDLE_FAILED 107 -#define ENGINE_R_ID_OR_NAME_MISSING 108 -#define ENGINE_R_INIT_FAILED 109 -#define ENGINE_R_INTERNAL_LIST_ERROR 110 -#define ENGINE_R_INVALID_ARGUMENT 143 -#define ENGINE_R_INVALID_CMD_NAME 137 -#define ENGINE_R_INVALID_CMD_NUMBER 138 -#define ENGINE_R_INVALID_INIT_VALUE 151 -#define ENGINE_R_INVALID_STRING 150 -#define ENGINE_R_NOT_INITIALISED 117 -#define ENGINE_R_NOT_LOADED 112 -#define ENGINE_R_NO_CONTROL_FUNCTION 120 -#define ENGINE_R_NO_INDEX 144 -#define ENGINE_R_NO_LOAD_FUNCTION 125 -#define ENGINE_R_NO_REFERENCE 130 -#define ENGINE_R_NO_SUCH_ENGINE 116 -#define ENGINE_R_NO_UNLOAD_FUNCTION 126 -#define ENGINE_R_PROVIDE_PARAMETERS 113 -#define ENGINE_R_RSA_NOT_IMPLEMENTED 141 -#define ENGINE_R_UNIMPLEMENTED_CIPHER 146 -#define ENGINE_R_UNIMPLEMENTED_DIGEST 147 -#define ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD 101 -#define ENGINE_R_VERSION_INCOMPATIBILITY 145 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/openssl/err.h b/libressl/include64/openssl/err.h deleted file mode 100644 index 22cdb298..00000000 --- a/libressl/include64/openssl/err.h +++ /dev/null @@ -1,421 +0,0 @@ -/* $OpenBSD: err.h,v 1.25 2017/02/20 23:21:19 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_ERR_H -#define HEADER_ERR_H - -#include <openssl/opensslconf.h> - -#include <stdio.h> -#include <stdlib.h> - -#include <openssl/ossl_typ.h> -#ifndef OPENSSL_NO_BIO -#include <openssl/bio.h> -#endif -#ifndef OPENSSL_NO_LHASH -#include <openssl/lhash.h> -#endif - -#ifdef __cplusplus -extern "C" { -#endif - -#ifndef OPENSSL_NO_ERR -#define ERR_PUT_error(a,b,c,d,e) ERR_put_error(a,b,c,d,e) -#else -#define ERR_PUT_error(a,b,c,d,e) ERR_put_error(a,b,c,NULL,0) -#endif - -#include <errno.h> - -#define ERR_TXT_MALLOCED 0x01 -#define ERR_TXT_STRING 0x02 - -#define ERR_FLAG_MARK 0x01 - -#define ERR_NUM_ERRORS 16 -typedef struct err_state_st { - CRYPTO_THREADID tid; - int err_flags[ERR_NUM_ERRORS]; - unsigned long err_buffer[ERR_NUM_ERRORS]; - char *err_data[ERR_NUM_ERRORS]; - int err_data_flags[ERR_NUM_ERRORS]; - const char *err_file[ERR_NUM_ERRORS]; - int err_line[ERR_NUM_ERRORS]; - int top, bottom; -} ERR_STATE; - -/* library */ -#define ERR_LIB_NONE 1 -#define ERR_LIB_SYS 2 -#define ERR_LIB_BN 3 -#define ERR_LIB_RSA 4 -#define ERR_LIB_DH 5 -#define ERR_LIB_EVP 6 -#define ERR_LIB_BUF 7 -#define ERR_LIB_OBJ 8 -#define ERR_LIB_PEM 9 -#define ERR_LIB_DSA 10 -#define ERR_LIB_X509 11 -/* #define ERR_LIB_METH 12 */ -#define ERR_LIB_ASN1 13 -#define ERR_LIB_CONF 14 -#define ERR_LIB_CRYPTO 15 -#define ERR_LIB_EC 16 -#define ERR_LIB_SSL 20 -/* #define ERR_LIB_SSL23 21 */ -/* #define ERR_LIB_SSL2 22 */ -/* #define ERR_LIB_SSL3 23 */ -/* #define ERR_LIB_RSAREF 30 */ -/* #define ERR_LIB_PROXY 31 */ -#define ERR_LIB_BIO 32 -#define ERR_LIB_PKCS7 33 -#define ERR_LIB_X509V3 34 -#define ERR_LIB_PKCS12 35 -#define ERR_LIB_RAND 36 -#define ERR_LIB_DSO 37 -#define ERR_LIB_ENGINE 38 -#define ERR_LIB_OCSP 39 -#define ERR_LIB_UI 40 -#define ERR_LIB_COMP 41 -#define ERR_LIB_ECDSA 42 -#define ERR_LIB_ECDH 43 -#define ERR_LIB_STORE 44 -#define ERR_LIB_FIPS 45 -#define ERR_LIB_CMS 46 -#define ERR_LIB_TS 47 -#define ERR_LIB_HMAC 48 -#define ERR_LIB_JPAKE 49 -#define ERR_LIB_GOST 50 - -#define ERR_LIB_USER 128 - -#ifndef LIBRESSL_INTERNAL -#define SYSerr(f,r) ERR_PUT_error(ERR_LIB_SYS,(f),(r),__FILE__,__LINE__) -#define BNerr(f,r) ERR_PUT_error(ERR_LIB_BN,(f),(r),__FILE__,__LINE__) -#define RSAerr(f,r) ERR_PUT_error(ERR_LIB_RSA,(f),(r),__FILE__,__LINE__) -#define DHerr(f,r) ERR_PUT_error(ERR_LIB_DH,(f),(r),__FILE__,__LINE__) -#define EVPerr(f,r) ERR_PUT_error(ERR_LIB_EVP,(f),(r),__FILE__,__LINE__) -#define BUFerr(f,r) ERR_PUT_error(ERR_LIB_BUF,(f),(r),__FILE__,__LINE__) -#define OBJerr(f,r) ERR_PUT_error(ERR_LIB_OBJ,(f),(r),__FILE__,__LINE__) -#define PEMerr(f,r) ERR_PUT_error(ERR_LIB_PEM,(f),(r),__FILE__,__LINE__) -#define DSAerr(f,r) ERR_PUT_error(ERR_LIB_DSA,(f),(r),__FILE__,__LINE__) -#define X509err(f,r) ERR_PUT_error(ERR_LIB_X509,(f),(r),__FILE__,__LINE__) -#define ASN1err(f,r) ERR_PUT_error(ERR_LIB_ASN1,(f),(r),__FILE__,__LINE__) -#define CONFerr(f,r) ERR_PUT_error(ERR_LIB_CONF,(f),(r),__FILE__,__LINE__) -#define CRYPTOerr(f,r) ERR_PUT_error(ERR_LIB_CRYPTO,(f),(r),__FILE__,__LINE__) -#define ECerr(f,r) ERR_PUT_error(ERR_LIB_EC,(f),(r),__FILE__,__LINE__) -#define BIOerr(f,r) ERR_PUT_error(ERR_LIB_BIO,(f),(r),__FILE__,__LINE__) -#define PKCS7err(f,r) ERR_PUT_error(ERR_LIB_PKCS7,(f),(r),__FILE__,__LINE__) -#define X509V3err(f,r) ERR_PUT_error(ERR_LIB_X509V3,(f),(r),__FILE__,__LINE__) -#define PKCS12err(f,r) ERR_PUT_error(ERR_LIB_PKCS12,(f),(r),__FILE__,__LINE__) -#define RANDerr(f,r) ERR_PUT_error(ERR_LIB_RAND,(f),(r),__FILE__,__LINE__) -#define DSOerr(f,r) ERR_PUT_error(ERR_LIB_DSO,(f),(r),__FILE__,__LINE__) -#define ENGINEerr(f,r) ERR_PUT_error(ERR_LIB_ENGINE,(f),(r),__FILE__,__LINE__) -#define OCSPerr(f,r) ERR_PUT_error(ERR_LIB_OCSP,(f),(r),__FILE__,__LINE__) -#define UIerr(f,r) ERR_PUT_error(ERR_LIB_UI,(f),(r),__FILE__,__LINE__) -#define COMPerr(f,r) ERR_PUT_error(ERR_LIB_COMP,(f),(r),__FILE__,__LINE__) -#define ECDSAerr(f,r) ERR_PUT_error(ERR_LIB_ECDSA,(f),(r),__FILE__,__LINE__) -#define ECDHerr(f,r) ERR_PUT_error(ERR_LIB_ECDH,(f),(r),__FILE__,__LINE__) -#define STOREerr(f,r) ERR_PUT_error(ERR_LIB_STORE,(f),(r),__FILE__,__LINE__) -#define FIPSerr(f,r) ERR_PUT_error(ERR_LIB_FIPS,(f),(r),__FILE__,__LINE__) -#define CMSerr(f,r) ERR_PUT_error(ERR_LIB_CMS,(f),(r),__FILE__,__LINE__) -#define TSerr(f,r) ERR_PUT_error(ERR_LIB_TS,(f),(r),__FILE__,__LINE__) -#define HMACerr(f,r) ERR_PUT_error(ERR_LIB_HMAC,(f),(r),__FILE__,__LINE__) -#define JPAKEerr(f,r) ERR_PUT_error(ERR_LIB_JPAKE,(f),(r),__FILE__,__LINE__) -#define GOSTerr(f,r) ERR_PUT_error(ERR_LIB_GOST,(f),(r),__FILE__,__LINE__) -#define SSLerr(f,r) ERR_PUT_error(ERR_LIB_SSL,(f),(r),__FILE__,__LINE__) -#endif - -#ifdef LIBRESSL_INTERNAL -#define SYSerror(r) ERR_PUT_error(ERR_LIB_SYS,(0xfff),(r),__FILE__,__LINE__) -#define BNerror(r) ERR_PUT_error(ERR_LIB_BN,(0xfff),(r),__FILE__,__LINE__) -#define RSAerror(r) ERR_PUT_error(ERR_LIB_RSA,(0xfff),(r),__FILE__,__LINE__) -#define DHerror(r) ERR_PUT_error(ERR_LIB_DH,(0xfff),(r),__FILE__,__LINE__) -#define EVPerror(r) ERR_PUT_error(ERR_LIB_EVP,(0xfff),(r),__FILE__,__LINE__) -#define BUFerror(r) ERR_PUT_error(ERR_LIB_BUF,(0xfff),(r),__FILE__,__LINE__) -#define OBJerror(r) ERR_PUT_error(ERR_LIB_OBJ,(0xfff),(r),__FILE__,__LINE__) -#define PEMerror(r) ERR_PUT_error(ERR_LIB_PEM,(0xfff),(r),__FILE__,__LINE__) -#define DSAerror(r) ERR_PUT_error(ERR_LIB_DSA,(0xfff),(r),__FILE__,__LINE__) -#define X509error(r) ERR_PUT_error(ERR_LIB_X509,(0xfff),(r),__FILE__,__LINE__) -#define ASN1error(r) ERR_PUT_error(ERR_LIB_ASN1,(0xfff),(r),__FILE__,__LINE__) -#define CONFerror(r) ERR_PUT_error(ERR_LIB_CONF,(0xfff),(r),__FILE__,__LINE__) -#define CRYPTOerror(r) ERR_PUT_error(ERR_LIB_CRYPTO,(0xfff),(r),__FILE__,__LINE__) -#define ECerror(r) ERR_PUT_error(ERR_LIB_EC,(0xfff),(r),__FILE__,__LINE__) -#define BIOerror(r) ERR_PUT_error(ERR_LIB_BIO,(0xfff),(r),__FILE__,__LINE__) -#define PKCS7error(r) ERR_PUT_error(ERR_LIB_PKCS7,(0xfff),(r),__FILE__,__LINE__) -#define X509V3error(r) ERR_PUT_error(ERR_LIB_X509V3,(0xfff),(r),__FILE__,__LINE__) -#define PKCS12error(r) ERR_PUT_error(ERR_LIB_PKCS12,(0xfff),(r),__FILE__,__LINE__) -#define RANDerror(r) ERR_PUT_error(ERR_LIB_RAND,(0xfff),(r),__FILE__,__LINE__) -#define DSOerror(r) ERR_PUT_error(ERR_LIB_DSO,(0xfff),(r),__FILE__,__LINE__) -#define ENGINEerror(r) ERR_PUT_error(ERR_LIB_ENGINE,(0xfff),(r),__FILE__,__LINE__) -#define OCSPerror(r) ERR_PUT_error(ERR_LIB_OCSP,(0xfff),(r),__FILE__,__LINE__) -#define UIerror(r) ERR_PUT_error(ERR_LIB_UI,(0xfff),(r),__FILE__,__LINE__) -#define COMPerror(r) ERR_PUT_error(ERR_LIB_COMP,(0xfff),(r),__FILE__,__LINE__) -#define ECDSAerror(r) ERR_PUT_error(ERR_LIB_ECDSA,(0xfff),(r),__FILE__,__LINE__) -#define ECDHerror(r) ERR_PUT_error(ERR_LIB_ECDH,(0xfff),(r),__FILE__,__LINE__) -#define STOREerror(r) ERR_PUT_error(ERR_LIB_STORE,(0xfff),(r),__FILE__,__LINE__) -#define FIPSerror(r) ERR_PUT_error(ERR_LIB_FIPS,(0xfff),(r),__FILE__,__LINE__) -#define CMSerror(r) ERR_PUT_error(ERR_LIB_CMS,(0xfff),(r),__FILE__,__LINE__) -#define TSerror(r) ERR_PUT_error(ERR_LIB_TS,(0xfff),(r),__FILE__,__LINE__) -#define HMACerror(r) ERR_PUT_error(ERR_LIB_HMAC,(0xfff),(r),__FILE__,__LINE__) -#define JPAKEerror(r) ERR_PUT_error(ERR_LIB_JPAKE,(0xfff),(r),__FILE__,__LINE__) -#define GOSTerror(r) ERR_PUT_error(ERR_LIB_GOST,(0xfff),(r),__FILE__,__LINE__) -#endif - -#define ERR_PACK(l,f,r) (((((unsigned long)l)&0xffL)<<24L)| \ - ((((unsigned long)f)&0xfffL)<<12L)| \ - ((((unsigned long)r)&0xfffL))) -#define ERR_GET_LIB(l) (int)((((unsigned long)l)>>24L)&0xffL) -#define ERR_GET_FUNC(l) (int)((((unsigned long)l)>>12L)&0xfffL) -#define ERR_GET_REASON(l) (int)((l)&0xfffL) -#define ERR_FATAL_ERROR(l) (int)((l)&ERR_R_FATAL) - - -/* OS functions */ -#define SYS_F_FOPEN 1 -#define SYS_F_CONNECT 2 -#define SYS_F_GETSERVBYNAME 3 -#define SYS_F_SOCKET 4 -#define SYS_F_IOCTLSOCKET 5 -#define SYS_F_BIND 6 -#define SYS_F_LISTEN 7 -#define SYS_F_ACCEPT 8 -#define SYS_F_WSASTARTUP 9 /* Winsock stuff */ -#define SYS_F_OPENDIR 10 -#define SYS_F_FREAD 11 - - -/* reasons */ -#define ERR_R_SYS_LIB ERR_LIB_SYS /* 2 */ -#define ERR_R_BN_LIB ERR_LIB_BN /* 3 */ -#define ERR_R_RSA_LIB ERR_LIB_RSA /* 4 */ -#define ERR_R_DH_LIB ERR_LIB_DH /* 5 */ -#define ERR_R_EVP_LIB ERR_LIB_EVP /* 6 */ -#define ERR_R_BUF_LIB ERR_LIB_BUF /* 7 */ -#define ERR_R_OBJ_LIB ERR_LIB_OBJ /* 8 */ -#define ERR_R_PEM_LIB ERR_LIB_PEM /* 9 */ -#define ERR_R_DSA_LIB ERR_LIB_DSA /* 10 */ -#define ERR_R_X509_LIB ERR_LIB_X509 /* 11 */ -#define ERR_R_ASN1_LIB ERR_LIB_ASN1 /* 13 */ -#define ERR_R_CONF_LIB ERR_LIB_CONF /* 14 */ -#define ERR_R_CRYPTO_LIB ERR_LIB_CRYPTO /* 15 */ -#define ERR_R_EC_LIB ERR_LIB_EC /* 16 */ -#define ERR_R_SSL_LIB ERR_LIB_SSL /* 20 */ -#define ERR_R_BIO_LIB ERR_LIB_BIO /* 32 */ -#define ERR_R_PKCS7_LIB ERR_LIB_PKCS7 /* 33 */ -#define ERR_R_X509V3_LIB ERR_LIB_X509V3 /* 34 */ -#define ERR_R_PKCS12_LIB ERR_LIB_PKCS12 /* 35 */ -#define ERR_R_RAND_LIB ERR_LIB_RAND /* 36 */ -#define ERR_R_DSO_LIB ERR_LIB_DSO /* 37 */ -#define ERR_R_ENGINE_LIB ERR_LIB_ENGINE /* 38 */ -#define ERR_R_OCSP_LIB ERR_LIB_OCSP /* 39 */ -#define ERR_R_UI_LIB ERR_LIB_UI /* 40 */ -#define ERR_R_COMP_LIB ERR_LIB_COMP /* 41 */ -#define ERR_R_ECDSA_LIB ERR_LIB_ECDSA /* 42 */ -#define ERR_R_ECDH_LIB ERR_LIB_ECDH /* 43 */ -#define ERR_R_STORE_LIB ERR_LIB_STORE /* 44 */ -#define ERR_R_TS_LIB ERR_LIB_TS /* 45 */ - -#define ERR_R_NESTED_ASN1_ERROR 58 -#define ERR_R_BAD_ASN1_OBJECT_HEADER 59 -#define ERR_R_BAD_GET_ASN1_OBJECT_CALL 60 -#define ERR_R_EXPECTING_AN_ASN1_SEQUENCE 61 -#define ERR_R_ASN1_LENGTH_MISMATCH 62 -#define ERR_R_MISSING_ASN1_EOS 63 - -/* fatal error */ -#define ERR_R_FATAL 64 -#define ERR_R_MALLOC_FAILURE (1|ERR_R_FATAL) -#define ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED (2|ERR_R_FATAL) -#define ERR_R_PASSED_NULL_PARAMETER (3|ERR_R_FATAL) -#define ERR_R_INTERNAL_ERROR (4|ERR_R_FATAL) -#define ERR_R_DISABLED (5|ERR_R_FATAL) - -/* 99 is the maximum possible ERR_R_... code, higher values - * are reserved for the individual libraries */ - - -typedef struct ERR_string_data_st { - unsigned long error; - const char *string; -} ERR_STRING_DATA; - -void ERR_put_error(int lib, int func, int reason, const char *file, int line); -void ERR_set_error_data(char *data, int flags); - -unsigned long ERR_get_error(void); -unsigned long ERR_get_error_line(const char **file, int *line); -unsigned long ERR_get_error_line_data(const char **file, int *line, - const char **data, int *flags); -unsigned long ERR_peek_error(void); -unsigned long ERR_peek_error_line(const char **file, int *line); -unsigned long ERR_peek_error_line_data(const char **file, int *line, - const char **data, int *flags); -unsigned long ERR_peek_last_error(void); -unsigned long ERR_peek_last_error_line(const char **file, int *line); -unsigned long ERR_peek_last_error_line_data(const char **file, int *line, - const char **data, int *flags); -void ERR_clear_error(void ); -char *ERR_error_string(unsigned long e, char *buf); -void ERR_error_string_n(unsigned long e, char *buf, size_t len); -const char *ERR_lib_error_string(unsigned long e); -const char *ERR_func_error_string(unsigned long e); -const char *ERR_reason_error_string(unsigned long e); -void ERR_print_errors_cb(int (*cb)(const char *str, size_t len, void *u), - void *u); -void ERR_print_errors_fp(FILE *fp); -#ifndef OPENSSL_NO_BIO -void ERR_print_errors(BIO *bp); -#endif -void ERR_asprintf_error_data(char * format, ...); -#ifndef LIBRESSL_INTERNAL -void ERR_add_error_data(int num, ...); -void ERR_add_error_vdata(int num, va_list args); -#endif -void ERR_load_strings(int lib, ERR_STRING_DATA str[]); -void ERR_unload_strings(int lib, ERR_STRING_DATA str[]); -void ERR_load_ERR_strings(void); -void ERR_load_crypto_strings(void); -void ERR_free_strings(void); - -void ERR_remove_thread_state(const CRYPTO_THREADID *tid); -#ifndef OPENSSL_NO_DEPRECATED -void ERR_remove_state(unsigned long pid); /* if zero we look it up */ -#endif -ERR_STATE *ERR_get_state(void); - -#ifndef OPENSSL_NO_LHASH -LHASH_OF(ERR_STRING_DATA) *ERR_get_string_table(void); -LHASH_OF(ERR_STATE) *ERR_get_err_state_table(void); -void ERR_release_err_state_table(LHASH_OF(ERR_STATE) **hash); -#endif - -int ERR_get_next_error_library(void); - -int ERR_set_mark(void); -int ERR_pop_to_mark(void); - -/* Already defined in ossl_typ.h */ -/* typedef struct st_ERR_FNS ERR_FNS; */ -/* An application can use this function and provide the return value to loaded - * modules that should use the application's ERR state/functionality */ -const ERR_FNS *ERR_get_implementation(void); -/* A loaded module should call this function prior to any ERR operations using - * the application's "ERR_FNS". */ -int ERR_set_implementation(const ERR_FNS *fns); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/libressl/include64/openssl/evp.h b/libressl/include64/openssl/evp.h deleted file mode 100644 index b49fc613..00000000 --- a/libressl/include64/openssl/evp.h +++ /dev/null @@ -1,1553 +0,0 @@ -/* $OpenBSD: evp.h,v 1.77 2019/09/09 18:06:25 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_ENVELOPE_H -#define HEADER_ENVELOPE_H - -#include <openssl/opensslconf.h> - -#include <openssl/ossl_typ.h> - -#ifndef OPENSSL_NO_BIO -#include <openssl/bio.h> -#endif - -/* -#define EVP_RC2_KEY_SIZE 16 -#define EVP_RC4_KEY_SIZE 16 -#define EVP_BLOWFISH_KEY_SIZE 16 -#define EVP_CAST5_KEY_SIZE 16 -#define EVP_RC5_32_12_16_KEY_SIZE 16 -*/ -#define EVP_MAX_MD_SIZE 64 /* longest known is SHA512 */ -#define EVP_MAX_KEY_LENGTH 64 -#define EVP_MAX_IV_LENGTH 16 -#define EVP_MAX_BLOCK_LENGTH 32 - -#define PKCS5_SALT_LEN 8 -/* Default PKCS#5 iteration count */ -#define PKCS5_DEFAULT_ITER 2048 - -#include <openssl/objects.h> - -#define EVP_PK_RSA 0x0001 -#define EVP_PK_DSA 0x0002 -#define EVP_PK_DH 0x0004 -#define EVP_PK_EC 0x0008 -#define EVP_PKT_SIGN 0x0010 -#define EVP_PKT_ENC 0x0020 -#define EVP_PKT_EXCH 0x0040 -#define EVP_PKS_RSA 0x0100 -#define EVP_PKS_DSA 0x0200 -#define EVP_PKS_EC 0x0400 -#define EVP_PKT_EXP 0x1000 /* <= 512 bit key */ - -#define EVP_PKEY_NONE NID_undef -#define EVP_PKEY_RSA NID_rsaEncryption -#define EVP_PKEY_RSA2 NID_rsa -#define EVP_PKEY_DSA NID_dsa -#define EVP_PKEY_DSA1 NID_dsa_2 -#define EVP_PKEY_DSA2 NID_dsaWithSHA -#define EVP_PKEY_DSA3 NID_dsaWithSHA1 -#define EVP_PKEY_DSA4 NID_dsaWithSHA1_2 -#define EVP_PKEY_DH NID_dhKeyAgreement -#define EVP_PKEY_EC NID_X9_62_id_ecPublicKey -#define EVP_PKEY_GOSTR01 NID_id_GostR3410_2001 -#define EVP_PKEY_GOSTIMIT NID_id_Gost28147_89_MAC -#define EVP_PKEY_HMAC NID_hmac -#define EVP_PKEY_CMAC NID_cmac -#define EVP_PKEY_GOSTR12_256 NID_id_tc26_gost3410_2012_256 -#define EVP_PKEY_GOSTR12_512 NID_id_tc26_gost3410_2012_512 - -#ifdef __cplusplus -extern "C" { -#endif - -/* Type needs to be a bit field - * Sub-type needs to be for variations on the method, as in, can it do - * arbitrary encryption.... */ -struct evp_pkey_st { - int type; - int save_type; - int references; - const EVP_PKEY_ASN1_METHOD *ameth; - ENGINE *engine; - union { - char *ptr; -#ifndef OPENSSL_NO_RSA - struct rsa_st *rsa; /* RSA */ -#endif -#ifndef OPENSSL_NO_DSA - struct dsa_st *dsa; /* DSA */ -#endif -#ifndef OPENSSL_NO_DH - struct dh_st *dh; /* DH */ -#endif -#ifndef OPENSSL_NO_EC - struct ec_key_st *ec; /* ECC */ -#endif -#ifndef OPENSSL_NO_GOST - struct gost_key_st *gost; /* GOST */ -#endif - } pkey; - int save_parameters; - STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */ -} /* EVP_PKEY */; - -#define EVP_PKEY_MO_SIGN 0x0001 -#define EVP_PKEY_MO_VERIFY 0x0002 -#define EVP_PKEY_MO_ENCRYPT 0x0004 -#define EVP_PKEY_MO_DECRYPT 0x0008 - -typedef int evp_sign_method(int type, const unsigned char *m, - unsigned int m_length, unsigned char *sigret, unsigned int *siglen, - void *key); -typedef int evp_verify_method(int type, const unsigned char *m, - unsigned int m_length, const unsigned char *sigbuf, unsigned int siglen, - void *key); - -#ifndef EVP_MD -struct env_md_st { - int type; - int pkey_type; - int md_size; - unsigned long flags; - int (*init)(EVP_MD_CTX *ctx); - int (*update)(EVP_MD_CTX *ctx, const void *data, size_t count); - int (*final)(EVP_MD_CTX *ctx, unsigned char *md); - int (*copy)(EVP_MD_CTX *to, const EVP_MD_CTX *from); - int (*cleanup)(EVP_MD_CTX *ctx); - - evp_sign_method *sign; - evp_verify_method *verify; - int required_pkey_type[5]; /*EVP_PKEY_xxx */ - int block_size; - int ctx_size; /* how big does the ctx->md_data need to be */ - /* control function */ - int (*md_ctrl)(EVP_MD_CTX *ctx, int cmd, int p1, void *p2); -} /* EVP_MD */; - -#define EVP_MD_FLAG_ONESHOT 0x0001 /* digest can only handle a single - * block */ - -#define EVP_MD_FLAG_PKEY_DIGEST 0x0002 /* digest is a "clone" digest used - * which is a copy of an existing - * one for a specific public key type. - * EVP_dss1() etc */ - -/* Digest uses EVP_PKEY_METHOD for signing instead of MD specific signing */ - -#define EVP_MD_FLAG_PKEY_METHOD_SIGNATURE 0x0004 - -/* DigestAlgorithmIdentifier flags... */ - -#define EVP_MD_FLAG_DIGALGID_MASK 0x0018 - -/* NULL or absent parameter accepted. Use NULL */ - -#define EVP_MD_FLAG_DIGALGID_NULL 0x0000 - -/* NULL or absent parameter accepted. Use NULL for PKCS#1 otherwise absent */ - -#define EVP_MD_FLAG_DIGALGID_ABSENT 0x0008 - -/* Custom handling via ctrl */ - -#define EVP_MD_FLAG_DIGALGID_CUSTOM 0x0018 - -#define EVP_MD_FLAG_FIPS 0x0400 /* Note if suitable for use in FIPS mode */ - -/* Digest ctrls */ - -#define EVP_MD_CTRL_DIGALGID 0x1 -#define EVP_MD_CTRL_MICALG 0x2 -#define EVP_MD_CTRL_SET_KEY 0x3 -#define EVP_MD_CTRL_GOST_SET_SBOX 0x4 - -/* Minimum Algorithm specific ctrl value */ - -#define EVP_MD_CTRL_ALG_CTRL 0x1000 - -#define EVP_PKEY_NULL_method NULL,NULL,{0,0,0,0} - -#ifndef OPENSSL_NO_DSA -#define EVP_PKEY_DSA_method (evp_sign_method *)DSA_sign, \ - (evp_verify_method *)DSA_verify, \ - {EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3, \ - EVP_PKEY_DSA4,0} -#else -#define EVP_PKEY_DSA_method EVP_PKEY_NULL_method -#endif - -#ifndef OPENSSL_NO_ECDSA -#define EVP_PKEY_ECDSA_method (evp_sign_method *)ECDSA_sign, \ - (evp_verify_method *)ECDSA_verify, \ - {EVP_PKEY_EC,0,0,0} -#else -#define EVP_PKEY_ECDSA_method EVP_PKEY_NULL_method -#endif - -#ifndef OPENSSL_NO_RSA -#define EVP_PKEY_RSA_method (evp_sign_method *)RSA_sign, \ - (evp_verify_method *)RSA_verify, \ - {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0} -#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method \ - (evp_sign_method *)RSA_sign_ASN1_OCTET_STRING, \ - (evp_verify_method *)RSA_verify_ASN1_OCTET_STRING, \ - {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0} -#else -#define EVP_PKEY_RSA_method EVP_PKEY_NULL_method -#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method EVP_PKEY_NULL_method -#endif - -#endif /* !EVP_MD */ - -struct env_md_ctx_st { - const EVP_MD *digest; - ENGINE *engine; /* functional reference if 'digest' is ENGINE-provided */ - unsigned long flags; - void *md_data; - /* Public key context for sign/verify */ - EVP_PKEY_CTX *pctx; - /* Update function: usually copied from EVP_MD */ - int (*update)(EVP_MD_CTX *ctx, const void *data, size_t count); -} /* EVP_MD_CTX */; - -/* values for EVP_MD_CTX flags */ - -#define EVP_MD_CTX_FLAG_ONESHOT 0x0001 /* digest update will be called - * once only */ -#define EVP_MD_CTX_FLAG_CLEANED 0x0002 /* context has already been - * cleaned */ -#define EVP_MD_CTX_FLAG_REUSE 0x0004 /* Don't free up ctx->md_data - * in EVP_MD_CTX_cleanup */ -/* FIPS and pad options are ignored in 1.0.0, definitions are here - * so we don't accidentally reuse the values for other purposes. - */ - -#define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW 0x0008 /* Allow use of non FIPS digest - * in FIPS mode */ - -/* The following PAD options are also currently ignored in 1.0.0, digest - * parameters are handled through EVP_DigestSign*() and EVP_DigestVerify*() - * instead. - */ -#define EVP_MD_CTX_FLAG_PAD_MASK 0xF0 /* RSA mode to use */ -#define EVP_MD_CTX_FLAG_PAD_PKCS1 0x00 /* PKCS#1 v1.5 mode */ -#define EVP_MD_CTX_FLAG_PAD_X931 0x10 /* X9.31 mode */ -#define EVP_MD_CTX_FLAG_PAD_PSS 0x20 /* PSS mode */ - -#define EVP_MD_CTX_FLAG_NO_INIT 0x0100 /* Don't initialize md_data */ - -struct evp_cipher_st { - int nid; - int block_size; - int key_len; /* Default value for variable length ciphers */ - int iv_len; - unsigned long flags; /* Various flags */ - int (*init)(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc); /* init key */ - int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl);/* encrypt/decrypt data */ - int (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */ - int ctx_size; /* how big ctx->cipher_data needs to be */ - int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Populate a ASN1_TYPE with parameters */ - int (*get_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Get parameters from a ASN1_TYPE */ - int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr); /* Miscellaneous operations */ - void *app_data; /* Application data */ -} /* EVP_CIPHER */; - -/* Values for cipher flags */ - -/* Modes for ciphers */ - -#define EVP_CIPH_STREAM_CIPHER 0x0 -#define EVP_CIPH_ECB_MODE 0x1 -#define EVP_CIPH_CBC_MODE 0x2 -#define EVP_CIPH_CFB_MODE 0x3 -#define EVP_CIPH_OFB_MODE 0x4 -#define EVP_CIPH_CTR_MODE 0x5 -#define EVP_CIPH_GCM_MODE 0x6 -#define EVP_CIPH_CCM_MODE 0x7 -#define EVP_CIPH_XTS_MODE 0x10001 -#define EVP_CIPH_WRAP_MODE 0x10002 -#define EVP_CIPH_MODE 0xF0007 -/* Set if variable length cipher */ -#define EVP_CIPH_VARIABLE_LENGTH 0x8 -/* Set if the iv handling should be done by the cipher itself */ -#define EVP_CIPH_CUSTOM_IV 0x10 -/* Set if the cipher's init() function should be called if key is NULL */ -#define EVP_CIPH_ALWAYS_CALL_INIT 0x20 -/* Call ctrl() to init cipher parameters */ -#define EVP_CIPH_CTRL_INIT 0x40 -/* Don't use standard key length function */ -#define EVP_CIPH_CUSTOM_KEY_LENGTH 0x80 -/* Don't use standard block padding */ -#define EVP_CIPH_NO_PADDING 0x100 -/* cipher handles random key generation */ -#define EVP_CIPH_RAND_KEY 0x200 -/* cipher has its own additional copying logic */ -#define EVP_CIPH_CUSTOM_COPY 0x400 -/* Allow use default ASN1 get/set iv */ -#define EVP_CIPH_FLAG_DEFAULT_ASN1 0x1000 -/* Buffer length in bits not bytes: CFB1 mode only */ -#define EVP_CIPH_FLAG_LENGTH_BITS 0x2000 -/* Note if suitable for use in FIPS mode */ -#define EVP_CIPH_FLAG_FIPS 0x4000 -/* Allow non FIPS cipher in FIPS mode */ -#define EVP_CIPH_FLAG_NON_FIPS_ALLOW 0x8000 -/* Cipher handles any and all padding logic as well - * as finalisation. - */ -#define EVP_CIPH_FLAG_CUSTOM_CIPHER 0x100000 -#define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000 - -/* - * Cipher context flag to indicate that we can handle wrap mode: if allowed in - * older applications, it could overflow buffers. - */ -#define EVP_CIPHER_CTX_FLAG_WRAP_ALLOW 0x1 - -/* ctrl() values */ - -#define EVP_CTRL_INIT 0x0 -#define EVP_CTRL_SET_KEY_LENGTH 0x1 -#define EVP_CTRL_GET_RC2_KEY_BITS 0x2 -#define EVP_CTRL_SET_RC2_KEY_BITS 0x3 -#define EVP_CTRL_GET_RC5_ROUNDS 0x4 -#define EVP_CTRL_SET_RC5_ROUNDS 0x5 -#define EVP_CTRL_RAND_KEY 0x6 -#define EVP_CTRL_PBE_PRF_NID 0x7 -#define EVP_CTRL_COPY 0x8 -#define EVP_CTRL_GCM_SET_IVLEN 0x9 -#define EVP_CTRL_GCM_GET_TAG 0x10 -#define EVP_CTRL_GCM_SET_TAG 0x11 -#define EVP_CTRL_GCM_SET_IV_FIXED 0x12 -#define EVP_CTRL_GCM_IV_GEN 0x13 -#define EVP_CTRL_CCM_SET_IVLEN EVP_CTRL_GCM_SET_IVLEN -#define EVP_CTRL_CCM_GET_TAG EVP_CTRL_GCM_GET_TAG -#define EVP_CTRL_CCM_SET_TAG EVP_CTRL_GCM_SET_TAG -#define EVP_CTRL_CCM_SET_L 0x14 -#define EVP_CTRL_CCM_SET_MSGLEN 0x15 -/* AEAD cipher deduces payload length and returns number of bytes - * required to store MAC and eventual padding. Subsequent call to - * EVP_Cipher even appends/verifies MAC. - */ -#define EVP_CTRL_AEAD_TLS1_AAD 0x16 -/* Used by composite AEAD ciphers, no-op in GCM, CCM... */ -#define EVP_CTRL_AEAD_SET_MAC_KEY 0x17 -/* Set the GCM invocation field, decrypt only */ -#define EVP_CTRL_GCM_SET_IV_INV 0x18 -/* Set the S-BOX NID for GOST ciphers */ -#define EVP_CTRL_GOST_SET_SBOX 0x19 - -/* GCM TLS constants */ -/* Length of fixed part of IV derived from PRF */ -#define EVP_GCM_TLS_FIXED_IV_LEN 4 -/* Length of explicit part of IV part of TLS records */ -#define EVP_GCM_TLS_EXPLICIT_IV_LEN 8 -/* Length of tag for TLS */ -#define EVP_GCM_TLS_TAG_LEN 16 - -typedef struct evp_cipher_info_st { - const EVP_CIPHER *cipher; - unsigned char iv[EVP_MAX_IV_LENGTH]; -} EVP_CIPHER_INFO; - -struct evp_cipher_ctx_st { - const EVP_CIPHER *cipher; - ENGINE *engine; /* functional reference if 'cipher' is ENGINE-provided */ - int encrypt; /* encrypt or decrypt */ - int buf_len; /* number we have left */ - - unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */ - unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */ - unsigned char buf[EVP_MAX_BLOCK_LENGTH];/* saved partial block */ - int num; /* used by cfb/ofb/ctr mode */ - - void *app_data; /* application stuff */ - int key_len; /* May change for variable length cipher */ - unsigned long flags; /* Various flags */ - void *cipher_data; /* per EVP data */ - int final_used; - int block_mask; - unsigned char final[EVP_MAX_BLOCK_LENGTH];/* possible final block */ -} /* EVP_CIPHER_CTX */; - -typedef struct evp_Encode_Ctx_st { - int num; /* number saved in a partial encode/decode */ - int length; /* The length is either the output line length - * (in input bytes) or the shortest input line - * length that is ok. Once decoding begins, - * the length is adjusted up each time a longer - * line is decoded */ - unsigned char enc_data[80]; /* data to encode */ - int line_num; /* number read on current line */ - int expect_nl; -} EVP_ENCODE_CTX; - -/* Password based encryption function */ -typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, - ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de); - -#ifndef OPENSSL_NO_RSA -#define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\ - (char *)(rsa)) -#endif - -#ifndef OPENSSL_NO_DSA -#define EVP_PKEY_assign_DSA(pkey,dsa) EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\ - (char *)(dsa)) -#endif - -#ifndef OPENSSL_NO_DH -#define EVP_PKEY_assign_DH(pkey,dh) EVP_PKEY_assign((pkey),EVP_PKEY_DH,\ - (char *)(dh)) -#endif - -#ifndef OPENSSL_NO_EC -#define EVP_PKEY_assign_EC_KEY(pkey,eckey) EVP_PKEY_assign((pkey),EVP_PKEY_EC,\ - (char *)(eckey)) -#endif - -#ifndef OPENSSL_NO_GOST -#define EVP_PKEY_assign_GOST(pkey,gostkey) EVP_PKEY_assign((pkey),EVP_PKEY_GOSTR01,\ - (char *)(gostkey)) -#endif - -/* Add some extra combinations */ -#define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a)) -#define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a)) -#define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a)) -#define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a)) - -int EVP_MD_type(const EVP_MD *md); -#define EVP_MD_nid(e) EVP_MD_type(e) -#define EVP_MD_name(e) OBJ_nid2sn(EVP_MD_nid(e)) -int EVP_MD_pkey_type(const EVP_MD *md); -int EVP_MD_size(const EVP_MD *md); -int EVP_MD_block_size(const EVP_MD *md); -unsigned long EVP_MD_flags(const EVP_MD *md); - -const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx); -#define EVP_MD_CTX_size(e) EVP_MD_size(EVP_MD_CTX_md(e)) -#define EVP_MD_CTX_block_size(e) EVP_MD_block_size(EVP_MD_CTX_md(e)) -#define EVP_MD_CTX_type(e) EVP_MD_type(EVP_MD_CTX_md(e)) - -int EVP_CIPHER_nid(const EVP_CIPHER *cipher); -#define EVP_CIPHER_name(e) OBJ_nid2sn(EVP_CIPHER_nid(e)) -int EVP_CIPHER_block_size(const EVP_CIPHER *cipher); -int EVP_CIPHER_key_length(const EVP_CIPHER *cipher); -int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher); -unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher); -#define EVP_CIPHER_mode(e) (EVP_CIPHER_flags(e) & EVP_CIPH_MODE) - -const EVP_CIPHER * EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx); -int EVP_CIPHER_CTX_encrypting(const EVP_CIPHER_CTX *ctx); -int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx); -int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx); -int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx); -int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx); -int EVP_CIPHER_CTX_get_iv(const EVP_CIPHER_CTX *ctx, - unsigned char *iv, size_t len); -int EVP_CIPHER_CTX_set_iv(EVP_CIPHER_CTX *ctx, - const unsigned char *iv, size_t len); -int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in); -void * EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx); -void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data); -#define EVP_CIPHER_CTX_type(c) EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c)) -unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx); -#define EVP_CIPHER_CTX_mode(e) (EVP_CIPHER_CTX_flags(e) & EVP_CIPH_MODE) - -#define EVP_ENCODE_LENGTH(l) (((l+2)/3*4)+(l/48+1)*2+80) -#define EVP_DECODE_LENGTH(l) ((l+3)/4*3+80) - -#define EVP_SignInit_ex(a,b,c) EVP_DigestInit_ex(a,b,c) -#define EVP_SignInit(a,b) EVP_DigestInit(a,b) -#define EVP_SignUpdate(a,b,c) EVP_DigestUpdate(a,b,c) -#define EVP_VerifyInit_ex(a,b,c) EVP_DigestInit_ex(a,b,c) -#define EVP_VerifyInit(a,b) EVP_DigestInit(a,b) -#define EVP_VerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c) -#define EVP_OpenUpdate(a,b,c,d,e) EVP_DecryptUpdate(a,b,c,d,e) -#define EVP_SealUpdate(a,b,c,d,e) EVP_EncryptUpdate(a,b,c,d,e) -#define EVP_DigestSignUpdate(a,b,c) EVP_DigestUpdate(a,b,c) -#define EVP_DigestVerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c) - -#define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,0,(char *)md) -#define BIO_get_md(b,mdp) BIO_ctrl(b,BIO_C_GET_MD,0,(char *)mdp) -#define BIO_get_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_GET_MD_CTX,0,(char *)mdcp) -#define BIO_set_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_SET_MD_CTX,0,(char *)mdcp) -#define BIO_get_cipher_status(b) BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL) -#define BIO_get_cipher_ctx(b,c_pp) BIO_ctrl(b,BIO_C_GET_CIPHER_CTX,0,(char *)c_pp) - -int EVP_Cipher(EVP_CIPHER_CTX *c, unsigned char *out, const unsigned char *in, - unsigned int inl); - -#define EVP_add_cipher_alias(n,alias) \ - OBJ_NAME_add((alias),OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS,(n)) -#define EVP_add_digest_alias(n,alias) \ - OBJ_NAME_add((alias),OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,(n)) -#define EVP_delete_cipher_alias(alias) \ - OBJ_NAME_remove(alias,OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS); -#define EVP_delete_digest_alias(alias) \ - OBJ_NAME_remove(alias,OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS); - -EVP_MD_CTX *EVP_MD_CTX_new(void); -void EVP_MD_CTX_free(EVP_MD_CTX *ctx); -void EVP_MD_CTX_init(EVP_MD_CTX *ctx); -int EVP_MD_CTX_reset(EVP_MD_CTX *ctx); -EVP_MD_CTX *EVP_MD_CTX_create(void); -void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx); -int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx); -int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in); -void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags); -void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags); -int EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int type, int arg, void *ptr); -int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags); - -int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl); -int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt); -int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s); -int EVP_Digest(const void *data, size_t count, unsigned char *md, - unsigned int *size, const EVP_MD *type, ENGINE *impl); - -int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in); -int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type); -int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s); - -int EVP_read_pw_string(char *buf, int length, const char *prompt, int verify); -int EVP_read_pw_string_min(char *buf, int minlen, int maxlen, - const char *prompt, int verify); -void EVP_set_pw_prompt(const char *prompt); -char *EVP_get_pw_prompt(void); - -int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md, - const unsigned char *salt, const unsigned char *data, int datal, int count, - unsigned char *key, unsigned char *iv); - -void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags); -void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags); -int EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags); - -int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, - const unsigned char *key, const unsigned char *iv); -int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, - ENGINE *impl, const unsigned char *key, const unsigned char *iv); -int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, - const unsigned char *in, int inl); -int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); -#ifndef LIBRESSL_INTERNAL -int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); -#endif - -int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, - const unsigned char *key, const unsigned char *iv); -int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, - ENGINE *impl, const unsigned char *key, const unsigned char *iv); -int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, - const unsigned char *in, int inl); -int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); -#ifndef LIBRESSL_INTERNAL -int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); -#endif - -int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, - const unsigned char *key, const unsigned char *iv, int enc); -int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, - ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc); -int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, - const unsigned char *in, int inl); -int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); -#ifndef LIBRESSL_INTERNAL -int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); -#endif - -int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s, - EVP_PKEY *pkey); - -int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, - unsigned int siglen, EVP_PKEY *pkey); - -int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, - const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey); -int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen); - -int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, - const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey); -int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig, - size_t siglen); - -int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, - const unsigned char *ek, int ekl, const unsigned char *iv, EVP_PKEY *priv); -int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); - -int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, - unsigned char **ek, int *ekl, unsigned char *iv, EVP_PKEY **pubk, - int npubk); -int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); - -EVP_ENCODE_CTX *EVP_ENCODE_CTX_new(void); -void EVP_ENCODE_CTX_free(EVP_ENCODE_CTX *ctx); -void EVP_EncodeInit(EVP_ENCODE_CTX *ctx); -int EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, - const unsigned char *in, int inl); -void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl); -int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n); - -void EVP_DecodeInit(EVP_ENCODE_CTX *ctx); -int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, - const unsigned char *in, int inl); -int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl); -int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n); - -void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a); -int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a); -EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void); -void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *a); -int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *a); -int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen); -int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *c, int pad); -int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr); -int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key); - -#ifndef OPENSSL_NO_BIO -const BIO_METHOD *BIO_f_md(void); -const BIO_METHOD *BIO_f_base64(void); -const BIO_METHOD *BIO_f_cipher(void); -int BIO_set_cipher(BIO *b, const EVP_CIPHER *c, const unsigned char *k, - const unsigned char *i, int enc); -#endif - -const EVP_MD *EVP_md_null(void); -#ifndef OPENSSL_NO_MD4 -const EVP_MD *EVP_md4(void); -#endif -#ifndef OPENSSL_NO_MD5 -const EVP_MD *EVP_md5(void); -const EVP_MD *EVP_md5_sha1(void); -#endif -#ifndef OPENSSL_NO_SHA -const EVP_MD *EVP_sha1(void); -const EVP_MD *EVP_dss(void); -const EVP_MD *EVP_dss1(void); -const EVP_MD *EVP_ecdsa(void); -#endif -#ifndef OPENSSL_NO_SHA256 -const EVP_MD *EVP_sha224(void); -const EVP_MD *EVP_sha256(void); -#endif -#ifndef OPENSSL_NO_SHA512 -const EVP_MD *EVP_sha384(void); -const EVP_MD *EVP_sha512(void); -#endif -#ifndef OPENSSL_NO_SM3 -const EVP_MD *EVP_sm3(void); -#endif -#ifndef OPENSSL_NO_RIPEMD -const EVP_MD *EVP_ripemd160(void); -#endif -#ifndef OPENSSL_NO_WHIRLPOOL -const EVP_MD *EVP_whirlpool(void); -#endif -#ifndef OPENSSL_NO_GOST -const EVP_MD *EVP_gostr341194(void); -const EVP_MD *EVP_gost2814789imit(void); -const EVP_MD *EVP_streebog256(void); -const EVP_MD *EVP_streebog512(void); -#endif -const EVP_CIPHER *EVP_enc_null(void); /* does nothing :-) */ -#ifndef OPENSSL_NO_DES -const EVP_CIPHER *EVP_des_ecb(void); -const EVP_CIPHER *EVP_des_ede(void); -const EVP_CIPHER *EVP_des_ede3(void); -const EVP_CIPHER *EVP_des_ede_ecb(void); -const EVP_CIPHER *EVP_des_ede3_ecb(void); -const EVP_CIPHER *EVP_des_cfb64(void); -# define EVP_des_cfb EVP_des_cfb64 -const EVP_CIPHER *EVP_des_cfb1(void); -const EVP_CIPHER *EVP_des_cfb8(void); -const EVP_CIPHER *EVP_des_ede_cfb64(void); -# define EVP_des_ede_cfb EVP_des_ede_cfb64 -const EVP_CIPHER *EVP_des_ede3_cfb64(void); -# define EVP_des_ede3_cfb EVP_des_ede3_cfb64 -const EVP_CIPHER *EVP_des_ede3_cfb1(void); -const EVP_CIPHER *EVP_des_ede3_cfb8(void); -const EVP_CIPHER *EVP_des_ofb(void); -const EVP_CIPHER *EVP_des_ede_ofb(void); -const EVP_CIPHER *EVP_des_ede3_ofb(void); -const EVP_CIPHER *EVP_des_cbc(void); -const EVP_CIPHER *EVP_des_ede_cbc(void); -const EVP_CIPHER *EVP_des_ede3_cbc(void); -const EVP_CIPHER *EVP_desx_cbc(void); -#endif -#ifndef OPENSSL_NO_RC4 -const EVP_CIPHER *EVP_rc4(void); -const EVP_CIPHER *EVP_rc4_40(void); -#ifndef OPENSSL_NO_MD5 -const EVP_CIPHER *EVP_rc4_hmac_md5(void); -#endif -#endif -#ifndef OPENSSL_NO_IDEA -const EVP_CIPHER *EVP_idea_ecb(void); -const EVP_CIPHER *EVP_idea_cfb64(void); -# define EVP_idea_cfb EVP_idea_cfb64 -const EVP_CIPHER *EVP_idea_ofb(void); -const EVP_CIPHER *EVP_idea_cbc(void); -#endif -#ifndef OPENSSL_NO_RC2 -const EVP_CIPHER *EVP_rc2_ecb(void); -const EVP_CIPHER *EVP_rc2_cbc(void); -const EVP_CIPHER *EVP_rc2_40_cbc(void); -const EVP_CIPHER *EVP_rc2_64_cbc(void); -const EVP_CIPHER *EVP_rc2_cfb64(void); -# define EVP_rc2_cfb EVP_rc2_cfb64 -const EVP_CIPHER *EVP_rc2_ofb(void); -#endif -#ifndef OPENSSL_NO_BF -const EVP_CIPHER *EVP_bf_ecb(void); -const EVP_CIPHER *EVP_bf_cbc(void); -const EVP_CIPHER *EVP_bf_cfb64(void); -# define EVP_bf_cfb EVP_bf_cfb64 -const EVP_CIPHER *EVP_bf_ofb(void); -#endif -#ifndef OPENSSL_NO_CAST -const EVP_CIPHER *EVP_cast5_ecb(void); -const EVP_CIPHER *EVP_cast5_cbc(void); -const EVP_CIPHER *EVP_cast5_cfb64(void); -# define EVP_cast5_cfb EVP_cast5_cfb64 -const EVP_CIPHER *EVP_cast5_ofb(void); -#endif -#ifndef OPENSSL_NO_AES -const EVP_CIPHER *EVP_aes_128_ecb(void); -const EVP_CIPHER *EVP_aes_128_cbc(void); -const EVP_CIPHER *EVP_aes_128_cfb1(void); -const EVP_CIPHER *EVP_aes_128_cfb8(void); -const EVP_CIPHER *EVP_aes_128_cfb128(void); -# define EVP_aes_128_cfb EVP_aes_128_cfb128 -const EVP_CIPHER *EVP_aes_128_ofb(void); -const EVP_CIPHER *EVP_aes_128_ctr(void); -const EVP_CIPHER *EVP_aes_128_ccm(void); -const EVP_CIPHER *EVP_aes_128_gcm(void); -const EVP_CIPHER *EVP_aes_128_wrap(void); -const EVP_CIPHER *EVP_aes_128_xts(void); -const EVP_CIPHER *EVP_aes_192_ecb(void); -const EVP_CIPHER *EVP_aes_192_cbc(void); -const EVP_CIPHER *EVP_aes_192_cfb1(void); -const EVP_CIPHER *EVP_aes_192_cfb8(void); -const EVP_CIPHER *EVP_aes_192_cfb128(void); -# define EVP_aes_192_cfb EVP_aes_192_cfb128 -const EVP_CIPHER *EVP_aes_192_ofb(void); -const EVP_CIPHER *EVP_aes_192_ctr(void); -const EVP_CIPHER *EVP_aes_192_ccm(void); -const EVP_CIPHER *EVP_aes_192_gcm(void); -const EVP_CIPHER *EVP_aes_192_wrap(void); -const EVP_CIPHER *EVP_aes_256_ecb(void); -const EVP_CIPHER *EVP_aes_256_cbc(void); -const EVP_CIPHER *EVP_aes_256_cfb1(void); -const EVP_CIPHER *EVP_aes_256_cfb8(void); -const EVP_CIPHER *EVP_aes_256_cfb128(void); -# define EVP_aes_256_cfb EVP_aes_256_cfb128 -const EVP_CIPHER *EVP_aes_256_ofb(void); -const EVP_CIPHER *EVP_aes_256_ctr(void); -const EVP_CIPHER *EVP_aes_256_ccm(void); -const EVP_CIPHER *EVP_aes_256_gcm(void); -const EVP_CIPHER *EVP_aes_256_wrap(void); -const EVP_CIPHER *EVP_aes_256_xts(void); -#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1) -const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void); -const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void); -#endif -#endif -#ifndef OPENSSL_NO_CAMELLIA -const EVP_CIPHER *EVP_camellia_128_ecb(void); -const EVP_CIPHER *EVP_camellia_128_cbc(void); -const EVP_CIPHER *EVP_camellia_128_cfb1(void); -const EVP_CIPHER *EVP_camellia_128_cfb8(void); -const EVP_CIPHER *EVP_camellia_128_cfb128(void); -# define EVP_camellia_128_cfb EVP_camellia_128_cfb128 -const EVP_CIPHER *EVP_camellia_128_ofb(void); -const EVP_CIPHER *EVP_camellia_192_ecb(void); -const EVP_CIPHER *EVP_camellia_192_cbc(void); -const EVP_CIPHER *EVP_camellia_192_cfb1(void); -const EVP_CIPHER *EVP_camellia_192_cfb8(void); -const EVP_CIPHER *EVP_camellia_192_cfb128(void); -# define EVP_camellia_192_cfb EVP_camellia_192_cfb128 -const EVP_CIPHER *EVP_camellia_192_ofb(void); -const EVP_CIPHER *EVP_camellia_256_ecb(void); -const EVP_CIPHER *EVP_camellia_256_cbc(void); -const EVP_CIPHER *EVP_camellia_256_cfb1(void); -const EVP_CIPHER *EVP_camellia_256_cfb8(void); -const EVP_CIPHER *EVP_camellia_256_cfb128(void); -# define EVP_camellia_256_cfb EVP_camellia_256_cfb128 -const EVP_CIPHER *EVP_camellia_256_ofb(void); -#endif - -#ifndef OPENSSL_NO_CHACHA -const EVP_CIPHER *EVP_chacha20(void); -#endif - -#ifndef OPENSSL_NO_GOST -const EVP_CIPHER *EVP_gost2814789_ecb(void); -const EVP_CIPHER *EVP_gost2814789_cfb64(void); -const EVP_CIPHER *EVP_gost2814789_cnt(void); -#endif - -#ifndef OPENSSL_NO_SM4 -const EVP_CIPHER *EVP_sm4_ecb(void); -const EVP_CIPHER *EVP_sm4_cbc(void); -const EVP_CIPHER *EVP_sm4_cfb128(void); -#define EVP_sm4_cfb EVP_sm4_cfb128 -const EVP_CIPHER *EVP_sm4_ofb(void); -const EVP_CIPHER *EVP_sm4_ctr(void); -#endif - -void OPENSSL_add_all_algorithms_noconf(void); -void OPENSSL_add_all_algorithms_conf(void); - -#ifdef OPENSSL_LOAD_CONF -#define OpenSSL_add_all_algorithms() OPENSSL_add_all_algorithms_conf() -#else -#define OpenSSL_add_all_algorithms() OPENSSL_add_all_algorithms_noconf() -#endif - -void OpenSSL_add_all_ciphers(void); -void OpenSSL_add_all_digests(void); - -#define SSLeay_add_all_algorithms() OpenSSL_add_all_algorithms() -#define SSLeay_add_all_ciphers() OpenSSL_add_all_ciphers() -#define SSLeay_add_all_digests() OpenSSL_add_all_digests() - -int EVP_add_cipher(const EVP_CIPHER *cipher); -int EVP_add_digest(const EVP_MD *digest); - -const EVP_CIPHER *EVP_get_cipherbyname(const char *name); -const EVP_MD *EVP_get_digestbyname(const char *name); -void EVP_cleanup(void); - -void EVP_CIPHER_do_all(void (*fn)(const EVP_CIPHER *ciph, const char *from, - const char *to, void *x), void *arg); -void EVP_CIPHER_do_all_sorted(void (*fn)(const EVP_CIPHER *ciph, - const char *from, const char *to, void *x), void *arg); - -void EVP_MD_do_all(void (*fn)(const EVP_MD *ciph, const char *from, - const char *to, void *x), void *arg); -void EVP_MD_do_all_sorted(void (*fn)(const EVP_MD *ciph, const char *from, - const char *to, void *x), void *arg); - -int EVP_PKEY_decrypt_old(unsigned char *dec_key, const unsigned char *enc_key, - int enc_key_len, EVP_PKEY *private_key); -int EVP_PKEY_encrypt_old(unsigned char *enc_key, const unsigned char *key, - int key_len, EVP_PKEY *pub_key); -int EVP_PKEY_type(int type); -int EVP_PKEY_id(const EVP_PKEY *pkey); -int EVP_PKEY_base_id(const EVP_PKEY *pkey); -int EVP_PKEY_bits(const EVP_PKEY *pkey); -int EVP_PKEY_size(const EVP_PKEY *pkey); -int EVP_PKEY_set_type(EVP_PKEY *pkey, int type); -int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len); -int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key); -void *EVP_PKEY_get0(const EVP_PKEY *pkey); -const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len); - -#ifndef OPENSSL_NO_RSA -struct rsa_st; -struct rsa_st *EVP_PKEY_get0_RSA(EVP_PKEY *pkey); -struct rsa_st *EVP_PKEY_get1_RSA(EVP_PKEY *pkey); -int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, struct rsa_st *key); -#endif -#ifndef OPENSSL_NO_DSA -struct dsa_st; -struct dsa_st *EVP_PKEY_get0_DSA(EVP_PKEY *pkey); -struct dsa_st *EVP_PKEY_get1_DSA(EVP_PKEY *pkey); -int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, struct dsa_st *key); -#endif -#ifndef OPENSSL_NO_DH -struct dh_st; -struct dh_st *EVP_PKEY_get0_DH(EVP_PKEY *pkey); -struct dh_st *EVP_PKEY_get1_DH(EVP_PKEY *pkey); -int EVP_PKEY_set1_DH(EVP_PKEY *pkey, struct dh_st *key); -#endif -#ifndef OPENSSL_NO_EC -struct ec_key_st; -struct ec_key_st *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey); -struct ec_key_st *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey); -int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, struct ec_key_st *key); -#endif -#ifndef OPENSSL_NO_GOST -struct gost_key_st; -#endif - -EVP_PKEY *EVP_PKEY_new(void); -void EVP_PKEY_free(EVP_PKEY *pkey); -int EVP_PKEY_up_ref(EVP_PKEY *pkey); - -EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp, - long length); -int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp); - -EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp, - long length); -EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp, - long length); -int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp); - -int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from); -int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey); -int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode); -int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b); - -int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b); - -int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx); -int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx); -int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx); - -int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid); - -int EVP_CIPHER_type(const EVP_CIPHER *ctx); - -/* calls methods */ -int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type); -int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type); - -/* These are used by EVP_CIPHER methods */ -int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type); -int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type); - -/* PKCS5 password based encryption */ -int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, - ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de); -int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, - const unsigned char *salt, int saltlen, int iter, int keylen, - unsigned char *out); -int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, const unsigned char *salt, - int saltlen, int iter, const EVP_MD *digest, int keylen, - unsigned char *out); -int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, - ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, - int en_de); - -void PKCS5_PBE_add(void); - -int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen, - ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de); - -/* PBE type */ - -/* Can appear as the outermost AlgorithmIdentifier */ -#define EVP_PBE_TYPE_OUTER 0x0 -/* Is an PRF type OID */ -#define EVP_PBE_TYPE_PRF 0x1 - -int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid, - EVP_PBE_KEYGEN *keygen); -int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md, - EVP_PBE_KEYGEN *keygen); -int EVP_PBE_find(int type, int pbe_nid, int *pcnid, int *pmnid, - EVP_PBE_KEYGEN **pkeygen); -void EVP_PBE_cleanup(void); - -#define ASN1_PKEY_ALIAS 0x1 -#define ASN1_PKEY_DYNAMIC 0x2 -#define ASN1_PKEY_SIGPARAM_NULL 0x4 - -#define ASN1_PKEY_CTRL_PKCS7_SIGN 0x1 -#define ASN1_PKEY_CTRL_PKCS7_ENCRYPT 0x2 -#define ASN1_PKEY_CTRL_DEFAULT_MD_NID 0x3 -#define ASN1_PKEY_CTRL_CMS_SIGN 0x5 -#define ASN1_PKEY_CTRL_CMS_ENVELOPE 0x7 -#define ASN1_PKEY_CTRL_CMS_RI_TYPE 0x8 - -int EVP_PKEY_asn1_get_count(void); -const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx); -const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type); -const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe, - const char *str, int len); -int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth); -int EVP_PKEY_asn1_add_alias(int to, int from); -int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *pkey_base_id, int *ppkey_flags, - const char **pinfo, const char **ppem_str, - const EVP_PKEY_ASN1_METHOD *ameth); - -const EVP_PKEY_ASN1_METHOD* EVP_PKEY_get0_asn1(const EVP_PKEY *pkey); -EVP_PKEY_ASN1_METHOD* EVP_PKEY_asn1_new(int id, int flags, const char *pem_str, - const char *info); -void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst, - const EVP_PKEY_ASN1_METHOD *src); -void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth); -void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth, - int (*pub_decode)(EVP_PKEY *pk, X509_PUBKEY *pub), - int (*pub_encode)(X509_PUBKEY *pub, const EVP_PKEY *pk), - int (*pub_cmp)(const EVP_PKEY *a, const EVP_PKEY *b), - int (*pub_print)(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx), - int (*pkey_size)(const EVP_PKEY *pk), - int (*pkey_bits)(const EVP_PKEY *pk)); -void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth, - int (*priv_decode)(EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf), - int (*priv_encode)(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk), - int (*priv_print)(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx)); -void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth, - int (*param_decode)(EVP_PKEY *pkey, const unsigned char **pder, int derlen), - int (*param_encode)(const EVP_PKEY *pkey, unsigned char **pder), - int (*param_missing)(const EVP_PKEY *pk), - int (*param_copy)(EVP_PKEY *to, const EVP_PKEY *from), - int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b), - int (*param_print)(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx)); - -void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth, - void (*pkey_free)(EVP_PKEY *pkey)); -void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth, - int (*pkey_ctrl)(EVP_PKEY *pkey, int op, long arg1, void *arg2)); - -#define EVP_PKEY_OP_UNDEFINED 0 -#define EVP_PKEY_OP_PARAMGEN (1<<1) -#define EVP_PKEY_OP_KEYGEN (1<<2) -#define EVP_PKEY_OP_SIGN (1<<3) -#define EVP_PKEY_OP_VERIFY (1<<4) -#define EVP_PKEY_OP_VERIFYRECOVER (1<<5) -#define EVP_PKEY_OP_SIGNCTX (1<<6) -#define EVP_PKEY_OP_VERIFYCTX (1<<7) -#define EVP_PKEY_OP_ENCRYPT (1<<8) -#define EVP_PKEY_OP_DECRYPT (1<<9) -#define EVP_PKEY_OP_DERIVE (1<<10) - -#define EVP_PKEY_OP_TYPE_SIG \ - (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY | EVP_PKEY_OP_VERIFYRECOVER \ - | EVP_PKEY_OP_SIGNCTX | EVP_PKEY_OP_VERIFYCTX) - -#define EVP_PKEY_OP_TYPE_CRYPT \ - (EVP_PKEY_OP_ENCRYPT | EVP_PKEY_OP_DECRYPT) - -#define EVP_PKEY_OP_TYPE_NOGEN \ - (EVP_PKEY_OP_SIG | EVP_PKEY_OP_CRYPT | EVP_PKEY_OP_DERIVE) - -#define EVP_PKEY_OP_TYPE_GEN \ - (EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN) - -#define EVP_PKEY_CTX_set_signature_md(ctx, md) \ - EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG, \ - EVP_PKEY_CTRL_MD, 0, (void *)md) - -#define EVP_PKEY_CTX_get_signature_md(ctx, pmd) \ - EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG, \ - EVP_PKEY_CTRL_GET_MD, 0, (void *)(pmd)) - -#define EVP_PKEY_CTRL_MD 1 -#define EVP_PKEY_CTRL_PEER_KEY 2 - -#define EVP_PKEY_CTRL_PKCS7_ENCRYPT 3 -#define EVP_PKEY_CTRL_PKCS7_DECRYPT 4 - -#define EVP_PKEY_CTRL_PKCS7_SIGN 5 - -#define EVP_PKEY_CTRL_SET_MAC_KEY 6 - -#define EVP_PKEY_CTRL_DIGESTINIT 7 - -/* Used by GOST key encryption in TLS */ -#define EVP_PKEY_CTRL_SET_IV 8 - -#define EVP_PKEY_CTRL_CMS_ENCRYPT 9 -#define EVP_PKEY_CTRL_CMS_DECRYPT 10 -#define EVP_PKEY_CTRL_CMS_SIGN 11 - -#define EVP_PKEY_CTRL_CIPHER 12 - -#define EVP_PKEY_CTRL_GET_MD 13 - -#define EVP_PKEY_ALG_CTRL 0x1000 - - -#define EVP_PKEY_FLAG_AUTOARGLEN 2 -/* Method handles all operations: don't assume any digest related - * defaults. - */ -#define EVP_PKEY_FLAG_SIGCTX_CUSTOM 4 - -const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type); -EVP_PKEY_METHOD* EVP_PKEY_meth_new(int id, int flags); -void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags, - const EVP_PKEY_METHOD *meth); -void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src); -void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth); -int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth); - -EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e); -EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e); -EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *ctx); -void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx); - -int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, int cmd, - int p1, void *p2); -int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, - const char *value); - -int EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx); -void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen); - -EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, const unsigned char *key, - int keylen); - -void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data); -void *EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx); -EVP_PKEY *EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx); - -EVP_PKEY *EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx); - -void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data); -void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx); - -int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx); -int EVP_PKEY_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, - const unsigned char *tbs, size_t tbslen); -int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx); -int EVP_PKEY_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, - const unsigned char *tbs, size_t tbslen); -int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx); -int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx, unsigned char *rout, - size_t *routlen, const unsigned char *sig, size_t siglen); -int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx); -int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, - const unsigned char *in, size_t inlen); -int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx); -int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, - const unsigned char *in, size_t inlen); - -int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx); -int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer); -int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen); - -typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx); - -int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx); -int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey); -int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx); -int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey); - -void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb); -EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx); - -int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx); - -void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth, - int (*init)(EVP_PKEY_CTX *ctx)); - -void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth, - int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)); - -void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth, - void (*cleanup)(EVP_PKEY_CTX *ctx)); - -void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth, - int (*paramgen_init)(EVP_PKEY_CTX *ctx), - int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)); - -void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth, - int (*keygen_init)(EVP_PKEY_CTX *ctx), - int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)); - -void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth, - int (*sign_init)(EVP_PKEY_CTX *ctx), - int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, - const unsigned char *tbs, size_t tbslen)); - -void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth, - int (*verify_init)(EVP_PKEY_CTX *ctx), - int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, - const unsigned char *tbs, size_t tbslen)); - -void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth, - int (*verify_recover_init)(EVP_PKEY_CTX *ctx), - int (*verify_recover)(EVP_PKEY_CTX *ctx, unsigned char *sig, - size_t *siglen, const unsigned char *tbs, size_t tbslen)); - -void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth, - int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx), - int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, - EVP_MD_CTX *mctx)); - -void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth, - int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx), - int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen, - EVP_MD_CTX *mctx)); - -void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth, - int (*encrypt_init)(EVP_PKEY_CTX *ctx), - int (*encryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, - const unsigned char *in, size_t inlen)); - -void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth, - int (*decrypt_init)(EVP_PKEY_CTX *ctx), - int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, - const unsigned char *in, size_t inlen)); - -void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth, - int (*derive_init)(EVP_PKEY_CTX *ctx), - int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)); - -void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth, - int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2), - int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value)); - -/* Authenticated Encryption with Additional Data. - * - * AEAD couples confidentiality and integrity in a single primtive. AEAD - * algorithms take a key and then can seal and open individual messages. Each - * message has a unique, per-message nonce and, optionally, additional data - * which is authenticated but not included in the output. */ - -struct evp_aead_st; -typedef struct evp_aead_st EVP_AEAD; - -#ifndef OPENSSL_NO_AES -/* EVP_aes_128_gcm is AES-128 in Galois Counter Mode. */ -const EVP_AEAD *EVP_aead_aes_128_gcm(void); -/* EVP_aes_256_gcm is AES-256 in Galois Counter Mode. */ -const EVP_AEAD *EVP_aead_aes_256_gcm(void); -#endif - -#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) -/* EVP_aead_chacha20_poly1305 is ChaCha20 with a Poly1305 authenticator. */ -const EVP_AEAD *EVP_aead_chacha20_poly1305(void); -/* EVP_aead_xchacha20_poly1305 is XChaCha20 with a Poly1305 authenticator. */ -const EVP_AEAD *EVP_aead_xchacha20_poly1305(void); -#endif - -/* EVP_AEAD_key_length returns the length of the keys used. */ -size_t EVP_AEAD_key_length(const EVP_AEAD *aead); - -/* EVP_AEAD_nonce_length returns the length of the per-message nonce. */ -size_t EVP_AEAD_nonce_length(const EVP_AEAD *aead); - -/* EVP_AEAD_max_overhead returns the maximum number of additional bytes added - * by the act of sealing data with the AEAD. */ -size_t EVP_AEAD_max_overhead(const EVP_AEAD *aead); - -/* EVP_AEAD_max_tag_len returns the maximum tag length when using this AEAD. - * This * is the largest value that can be passed as a tag length to - * EVP_AEAD_CTX_init. */ -size_t EVP_AEAD_max_tag_len(const EVP_AEAD *aead); - -/* An EVP_AEAD_CTX represents an AEAD algorithm configured with a specific key - * and message-independent IV. */ -typedef struct evp_aead_ctx_st { - const EVP_AEAD *aead; - /* aead_state is an opaque pointer to the AEAD specific state. */ - void *aead_state; -} EVP_AEAD_CTX; - -/* EVP_AEAD_MAX_TAG_LENGTH is the maximum tag length used by any AEAD - * defined in this header. */ -#define EVP_AEAD_MAX_TAG_LENGTH 16 - -/* EVP_AEAD_DEFAULT_TAG_LENGTH is a magic value that can be passed to - * EVP_AEAD_CTX_init to indicate that the default tag length for an AEAD - * should be used. */ -#define EVP_AEAD_DEFAULT_TAG_LENGTH 0 - -/* EVP_AEAD_init initializes the context for the given AEAD algorithm. - * The implementation argument may be NULL to choose the default implementation. - * Authentication tags may be truncated by passing a tag length. A tag length - * of zero indicates the default tag length should be used. */ -int EVP_AEAD_CTX_init(EVP_AEAD_CTX *ctx, const EVP_AEAD *aead, - const unsigned char *key, size_t key_len, size_t tag_len, ENGINE *impl); - -/* EVP_AEAD_CTX_cleanup frees any data allocated for this context. */ -void EVP_AEAD_CTX_cleanup(EVP_AEAD_CTX *ctx); - -/* EVP_AEAD_CTX_seal encrypts and authenticates the input and authenticates - * any additional data (AD), the result being written as output. One is - * returned on success, otherwise zero. - * - * This function may be called (with the same EVP_AEAD_CTX) concurrently with - * itself or EVP_AEAD_CTX_open. - * - * At most max_out_len bytes are written as output and, in order to ensure - * success, this value should be the length of the input plus the result of - * EVP_AEAD_overhead. On successful return, out_len is set to the actual - * number of bytes written. - * - * The length of the nonce is must be equal to the result of - * EVP_AEAD_nonce_length for this AEAD. - * - * EVP_AEAD_CTX_seal never results in a partial output. If max_out_len is - * insufficient, zero will be returned and out_len will be set to zero. - * - * If the input and output are aliased then out must be <= in. */ -int EVP_AEAD_CTX_seal(const EVP_AEAD_CTX *ctx, unsigned char *out, - size_t *out_len, size_t max_out_len, const unsigned char *nonce, - size_t nonce_len, const unsigned char *in, size_t in_len, - const unsigned char *ad, size_t ad_len); - -/* EVP_AEAD_CTX_open authenticates the input and additional data, decrypting - * the input and writing it as output. One is returned on success, otherwise - * zero. - * - * This function may be called (with the same EVP_AEAD_CTX) concurrently with - * itself or EVP_AEAD_CTX_seal. - * - * At most the number of input bytes are written as output. In order to ensure - * success, max_out_len should be at least the same as the input length. On - * successful return out_len is set to the actual number of bytes written. - * - * The length of nonce must be equal to the result of EVP_AEAD_nonce_length - * for this AEAD. - * - * EVP_AEAD_CTX_open never results in a partial output. If max_out_len is - * insufficient, zero will be returned and out_len will be set to zero. - * - * If the input and output are aliased then out must be <= in. */ -int EVP_AEAD_CTX_open(const EVP_AEAD_CTX *ctx, unsigned char *out, - size_t *out_len, size_t max_out_len, const unsigned char *nonce, - size_t nonce_len, const unsigned char *in, size_t in_len, - const unsigned char *ad, size_t ad_len); - -void EVP_add_alg_module(void); - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_EVP_strings(void); - -/* Error codes for the EVP functions. */ - -/* Function codes. */ -#define EVP_F_AEAD_AES_GCM_INIT 187 -#define EVP_F_AEAD_AES_GCM_OPEN 188 -#define EVP_F_AEAD_AES_GCM_SEAL 189 -#define EVP_F_AEAD_CHACHA20_POLY1305_INIT 192 -#define EVP_F_AEAD_CHACHA20_POLY1305_OPEN 193 -#define EVP_F_AEAD_CHACHA20_POLY1305_SEAL 194 -#define EVP_F_AEAD_CTX_OPEN 185 -#define EVP_F_AEAD_CTX_SEAL 186 -#define EVP_F_AESNI_INIT_KEY 165 -#define EVP_F_AESNI_XTS_CIPHER 176 -#define EVP_F_AES_INIT_KEY 133 -#define EVP_F_AES_XTS 172 -#define EVP_F_AES_XTS_CIPHER 175 -#define EVP_F_ALG_MODULE_INIT 177 -#define EVP_F_CAMELLIA_INIT_KEY 159 -#define EVP_F_CMAC_INIT 173 -#define EVP_F_D2I_PKEY 100 -#define EVP_F_DO_SIGVER_INIT 161 -#define EVP_F_DSAPKEY2PKCS8 134 -#define EVP_F_DSA_PKEY2PKCS8 135 -#define EVP_F_ECDSA_PKEY2PKCS8 129 -#define EVP_F_ECKEY_PKEY2PKCS8 132 -#define EVP_F_EVP_AEAD_CTX_INIT 180 -#define EVP_F_EVP_AEAD_CTX_OPEN 190 -#define EVP_F_EVP_AEAD_CTX_SEAL 191 -#define EVP_F_EVP_BYTESTOKEY 200 -#define EVP_F_EVP_CIPHERINIT_EX 123 -#define EVP_F_EVP_CIPHER_CTX_COPY 163 -#define EVP_F_EVP_CIPHER_CTX_CTRL 124 -#define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122 -#define EVP_F_EVP_CIPHER_GET_ASN1_IV 201 -#define EVP_F_EVP_CIPHER_SET_ASN1_IV 202 -#define EVP_F_EVP_DECRYPTFINAL_EX 101 -#define EVP_F_EVP_DECRYPTUPDATE 199 -#define EVP_F_EVP_DIGESTFINAL_EX 196 -#define EVP_F_EVP_DIGESTINIT_EX 128 -#define EVP_F_EVP_ENCRYPTFINAL_EX 127 -#define EVP_F_EVP_ENCRYPTUPDATE 198 -#define EVP_F_EVP_MD_CTX_COPY_EX 110 -#define EVP_F_EVP_MD_CTX_CTRL 195 -#define EVP_F_EVP_MD_SIZE 162 -#define EVP_F_EVP_OPENINIT 102 -#define EVP_F_EVP_PBE_ALG_ADD 115 -#define EVP_F_EVP_PBE_ALG_ADD_TYPE 160 -#define EVP_F_EVP_PBE_CIPHERINIT 116 -#define EVP_F_EVP_PKCS82PKEY 111 -#define EVP_F_EVP_PKCS82PKEY_BROKEN 136 -#define EVP_F_EVP_PKEY2PKCS8_BROKEN 113 -#define EVP_F_EVP_PKEY_COPY_PARAMETERS 103 -#define EVP_F_EVP_PKEY_CTX_CTRL 137 -#define EVP_F_EVP_PKEY_CTX_CTRL_STR 150 -#define EVP_F_EVP_PKEY_CTX_DUP 156 -#define EVP_F_EVP_PKEY_DECRYPT 104 -#define EVP_F_EVP_PKEY_DECRYPT_INIT 138 -#define EVP_F_EVP_PKEY_DECRYPT_OLD 151 -#define EVP_F_EVP_PKEY_DERIVE 153 -#define EVP_F_EVP_PKEY_DERIVE_INIT 154 -#define EVP_F_EVP_PKEY_DERIVE_SET_PEER 155 -#define EVP_F_EVP_PKEY_ENCRYPT 105 -#define EVP_F_EVP_PKEY_ENCRYPT_INIT 139 -#define EVP_F_EVP_PKEY_ENCRYPT_OLD 152 -#define EVP_F_EVP_PKEY_GET1_DH 119 -#define EVP_F_EVP_PKEY_GET1_DSA 120 -#define EVP_F_EVP_PKEY_GET1_ECDSA 130 -#define EVP_F_EVP_PKEY_GET1_EC_KEY 131 -#define EVP_F_EVP_PKEY_GET1_RSA 121 -#define EVP_F_EVP_PKEY_KEYGEN 146 -#define EVP_F_EVP_PKEY_KEYGEN_INIT 147 -#define EVP_F_EVP_PKEY_NEW 106 -#define EVP_F_EVP_PKEY_PARAMGEN 148 -#define EVP_F_EVP_PKEY_PARAMGEN_INIT 149 -#define EVP_F_EVP_PKEY_SIGN 140 -#define EVP_F_EVP_PKEY_SIGN_INIT 141 -#define EVP_F_EVP_PKEY_VERIFY 142 -#define EVP_F_EVP_PKEY_VERIFY_INIT 143 -#define EVP_F_EVP_PKEY_VERIFY_RECOVER 144 -#define EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT 145 -#define EVP_F_EVP_RIJNDAEL 126 -#define EVP_F_EVP_SIGNFINAL 107 -#define EVP_F_EVP_VERIFYFINAL 108 -#define EVP_F_FIPS_CIPHERINIT 166 -#define EVP_F_FIPS_CIPHER_CTX_COPY 170 -#define EVP_F_FIPS_CIPHER_CTX_CTRL 167 -#define EVP_F_FIPS_CIPHER_CTX_SET_KEY_LENGTH 171 -#define EVP_F_FIPS_DIGESTINIT 168 -#define EVP_F_FIPS_MD_CTX_COPY 169 -#define EVP_F_HMAC_INIT_EX 174 -#define EVP_F_INT_CTX_NEW 157 -#define EVP_F_PKCS5_PBE_KEYIVGEN 117 -#define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118 -#define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN 164 -#define EVP_F_PKCS8_SET_BROKEN 112 -#define EVP_F_PKEY_SET_TYPE 158 -#define EVP_F_RC2_GET_ASN1_TYPE_AND_IV 197 -#define EVP_F_RC2_MAGIC_TO_METH 109 -#define EVP_F_RC5_CTRL 125 - -/* Reason codes. */ -#define EVP_R_AES_IV_SETUP_FAILED 162 -#define EVP_R_AES_KEY_SETUP_FAILED 143 -#define EVP_R_ASN1_LIB 140 -#define EVP_R_BAD_BLOCK_LENGTH 136 -#define EVP_R_BAD_DECRYPT 100 -#define EVP_R_BAD_KEY_LENGTH 137 -#define EVP_R_BN_DECODE_ERROR 112 -#define EVP_R_BN_PUBKEY_ERROR 113 -#define EVP_R_BUFFER_TOO_SMALL 155 -#define EVP_R_CAMELLIA_KEY_SETUP_FAILED 157 -#define EVP_R_CIPHER_PARAMETER_ERROR 122 -#define EVP_R_COMMAND_NOT_SUPPORTED 147 -#define EVP_R_CTRL_NOT_IMPLEMENTED 132 -#define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED 133 -#define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH 138 -#define EVP_R_DECODE_ERROR 114 -#define EVP_R_DIFFERENT_KEY_TYPES 101 -#define EVP_R_DIFFERENT_PARAMETERS 153 -#define EVP_R_DISABLED_FOR_FIPS 163 -#define EVP_R_ENCODE_ERROR 115 -#define EVP_R_ERROR_LOADING_SECTION 165 -#define EVP_R_ERROR_SETTING_FIPS_MODE 166 -#define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119 -#define EVP_R_EXPECTING_AN_HMAC_KEY 174 -#define EVP_R_EXPECTING_AN_RSA_KEY 127 -#define EVP_R_EXPECTING_A_DH_KEY 128 -#define EVP_R_EXPECTING_A_DSA_KEY 129 -#define EVP_R_EXPECTING_A_ECDSA_KEY 141 -#define EVP_R_EXPECTING_A_EC_KEY 142 -#define EVP_R_FIPS_MODE_NOT_SUPPORTED 167 -#define EVP_R_INITIALIZATION_ERROR 134 -#define EVP_R_INPUT_NOT_INITIALIZED 111 -#define EVP_R_INVALID_DIGEST 152 -#define EVP_R_INVALID_FIPS_MODE 168 -#define EVP_R_INVALID_KEY_LENGTH 130 -#define EVP_R_INVALID_OPERATION 148 -#define EVP_R_IV_TOO_LARGE 102 -#define EVP_R_KEYGEN_FAILURE 120 -#define EVP_R_MESSAGE_DIGEST_IS_NULL 159 -#define EVP_R_METHOD_NOT_SUPPORTED 144 -#define EVP_R_MISSING_PARAMETERS 103 -#define EVP_R_NO_CIPHER_SET 131 -#define EVP_R_NO_DEFAULT_DIGEST 158 -#define EVP_R_NO_DIGEST_SET 139 -#define EVP_R_NO_DSA_PARAMETERS 116 -#define EVP_R_NO_KEY_SET 154 -#define EVP_R_NO_OPERATION_SET 149 -#define EVP_R_NO_SIGN_FUNCTION_CONFIGURED 104 -#define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105 -#define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 150 -#define EVP_R_OPERATON_NOT_INITIALIZED 151 -#define EVP_R_OUTPUT_ALIASES_INPUT 172 -#define EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE 117 -#define EVP_R_PRIVATE_KEY_DECODE_ERROR 145 -#define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146 -#define EVP_R_PUBLIC_KEY_NOT_RSA 106 -#define EVP_R_TAG_TOO_LARGE 171 -#define EVP_R_TOO_LARGE 164 -#define EVP_R_UNKNOWN_CIPHER 160 -#define EVP_R_UNKNOWN_DIGEST 161 -#define EVP_R_UNKNOWN_OPTION 169 -#define EVP_R_UNKNOWN_PBE_ALGORITHM 121 -#define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS 135 -#define EVP_R_UNSUPPORTED_ALGORITHM 156 -#define EVP_R_UNSUPPORTED_CIPHER 107 -#define EVP_R_UNSUPPORTED_KEYLENGTH 123 -#define EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION 124 -#define EVP_R_UNSUPPORTED_KEY_SIZE 108 -#define EVP_R_UNSUPPORTED_PRF 125 -#define EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM 118 -#define EVP_R_WRAP_MODE_NOT_ALLOWED 170 -#define EVP_R_UNSUPPORTED_SALT_TYPE 126 -#define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109 -#define EVP_R_WRONG_PUBLIC_KEY_TYPE 110 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/openssl/gost.h b/libressl/include64/openssl/gost.h deleted file mode 100644 index 092f96fb..00000000 --- a/libressl/include64/openssl/gost.h +++ /dev/null @@ -1,266 +0,0 @@ -/* $OpenBSD: gost.h,v 1.3 2016/09/04 17:02:31 jsing Exp $ */ -/* - * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> - * Copyright (c) 2005-2006 Cryptocom LTD - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#ifndef HEADER_GOST_H -#define HEADER_GOST_H - -#include <openssl/opensslconf.h> - -#ifdef OPENSSL_NO_GOST -#error GOST is disabled. -#endif - -#include <openssl/asn1t.h> -#include <openssl/ec.h> - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct gost2814789_key_st { - unsigned int key[8]; - unsigned int k87[256],k65[256],k43[256],k21[256]; - unsigned int count; - unsigned key_meshing : 1; -} GOST2814789_KEY; - -int Gost2814789_set_sbox(GOST2814789_KEY *key, int nid); -int Gost2814789_set_key(GOST2814789_KEY *key, - const unsigned char *userKey, const int bits); -void Gost2814789_ecb_encrypt(const unsigned char *in, unsigned char *out, - GOST2814789_KEY *key, const int enc); -void Gost2814789_cfb64_encrypt(const unsigned char *in, unsigned char *out, - size_t length, GOST2814789_KEY *key, - unsigned char *ivec, int *num, const int enc); -void Gost2814789_cnt_encrypt(const unsigned char *in, unsigned char *out, - size_t length, GOST2814789_KEY *key, - unsigned char *ivec, unsigned char *cnt_buf, int *num); - -typedef struct { - ASN1_OCTET_STRING *iv; - ASN1_OBJECT *enc_param_set; -} GOST_CIPHER_PARAMS; - -GOST_CIPHER_PARAMS *GOST_CIPHER_PARAMS_new(void); -void GOST_CIPHER_PARAMS_free(GOST_CIPHER_PARAMS *a); -GOST_CIPHER_PARAMS *d2i_GOST_CIPHER_PARAMS(GOST_CIPHER_PARAMS **a, const unsigned char **in, long len); -int i2d_GOST_CIPHER_PARAMS(GOST_CIPHER_PARAMS *a, unsigned char **out); -extern const ASN1_ITEM GOST_CIPHER_PARAMS_it; - -#define GOST2814789IMIT_LENGTH 4 -#define GOST2814789IMIT_CBLOCK 8 -#define GOST2814789IMIT_LONG unsigned int - -typedef struct GOST2814789IMITstate_st { - GOST2814789IMIT_LONG Nl, Nh; - unsigned char data[GOST2814789IMIT_CBLOCK]; - unsigned int num; - - GOST2814789_KEY cipher; - unsigned char mac[GOST2814789IMIT_CBLOCK]; -} GOST2814789IMIT_CTX; - -/* Note, also removed second parameter and removed dctx->cipher setting */ -int GOST2814789IMIT_Init(GOST2814789IMIT_CTX *c, int nid); -int GOST2814789IMIT_Update(GOST2814789IMIT_CTX *c, const void *data, size_t len); -int GOST2814789IMIT_Final(unsigned char *md, GOST2814789IMIT_CTX *c); -void GOST2814789IMIT_Transform(GOST2814789IMIT_CTX *c, const unsigned char *data); -unsigned char *GOST2814789IMIT(const unsigned char *d, size_t n, - unsigned char *md, int nid, - const unsigned char *key, const unsigned char *iv); - -#define GOSTR341194_LONG unsigned int - -#define GOSTR341194_LENGTH 32 -#define GOSTR341194_CBLOCK 32 -#define GOSTR341194_LBLOCK (GOSTR341194_CBLOCK/4) - -typedef struct GOSTR341194state_st { - GOSTR341194_LONG Nl, Nh; - GOSTR341194_LONG data[GOSTR341194_LBLOCK]; - unsigned int num; - - GOST2814789_KEY cipher; - unsigned char H[GOSTR341194_CBLOCK]; - unsigned char S[GOSTR341194_CBLOCK]; -} GOSTR341194_CTX; - -/* Note, also removed second parameter and removed dctx->cipher setting */ -int GOSTR341194_Init(GOSTR341194_CTX *c, int nid); -int GOSTR341194_Update(GOSTR341194_CTX *c, const void *data, size_t len); -int GOSTR341194_Final(unsigned char *md, GOSTR341194_CTX *c); -void GOSTR341194_Transform(GOSTR341194_CTX *c, const unsigned char *data); -unsigned char *GOSTR341194(const unsigned char *d, size_t n,unsigned char *md, int nid); - -#if defined(_LP64) -#define STREEBOG_LONG64 unsigned long -#define U64(C) C##UL -#else -#define STREEBOG_LONG64 unsigned long long -#define U64(C) C##ULL -#endif - -#define STREEBOG_LBLOCK 8 -#define STREEBOG_CBLOCK 64 -#define STREEBOG256_LENGTH 32 -#define STREEBOG512_LENGTH 64 - -typedef struct STREEBOGstate_st { - STREEBOG_LONG64 data[STREEBOG_LBLOCK]; - unsigned int num; - unsigned int md_len; - STREEBOG_LONG64 h[STREEBOG_LBLOCK]; - STREEBOG_LONG64 N[STREEBOG_LBLOCK]; - STREEBOG_LONG64 Sigma[STREEBOG_LBLOCK]; -} STREEBOG_CTX; - -int STREEBOG256_Init(STREEBOG_CTX *c); -int STREEBOG256_Update(STREEBOG_CTX *c, const void *data, size_t len); -int STREEBOG256_Final(unsigned char *md, STREEBOG_CTX *c); -void STREEBOG256_Transform(STREEBOG_CTX *c, const unsigned char *data); -unsigned char *STREEBOG256(const unsigned char *d, size_t n,unsigned char *md); - -int STREEBOG512_Init(STREEBOG_CTX *c); -int STREEBOG512_Update(STREEBOG_CTX *c, const void *data, size_t len); -int STREEBOG512_Final(unsigned char *md, STREEBOG_CTX *c); -void STREEBOG512_Transform(STREEBOG_CTX *c, const unsigned char *data); -unsigned char *STREEBOG512(const unsigned char *d, size_t n,unsigned char *md); - -typedef struct gost_key_st GOST_KEY; -GOST_KEY *GOST_KEY_new(void); -void GOST_KEY_free(GOST_KEY * r); -int GOST_KEY_check_key(const GOST_KEY * eckey); -int GOST_KEY_set_public_key_affine_coordinates(GOST_KEY * key, BIGNUM * x, BIGNUM * y); -const EC_GROUP * GOST_KEY_get0_group(const GOST_KEY * key); -int GOST_KEY_set_group(GOST_KEY * key, const EC_GROUP * group); -int GOST_KEY_get_digest(const GOST_KEY * key); -int GOST_KEY_set_digest(GOST_KEY * key, int digest_nid); -const BIGNUM * GOST_KEY_get0_private_key(const GOST_KEY * key); -int GOST_KEY_set_private_key(GOST_KEY * key, const BIGNUM * priv_key); -const EC_POINT * GOST_KEY_get0_public_key(const GOST_KEY * key); -int GOST_KEY_set_public_key(GOST_KEY * key, const EC_POINT * pub_key); -size_t GOST_KEY_get_size(const GOST_KEY * r); - -/* Gost-specific pmeth control-function parameters */ -/* For GOST R34.10 parameters */ -#define EVP_PKEY_CTRL_GOST_PARAMSET (EVP_PKEY_ALG_CTRL+1) -#define EVP_PKEY_CTRL_GOST_SIG_FORMAT (EVP_PKEY_ALG_CTRL+2) -#define EVP_PKEY_CTRL_GOST_SET_DIGEST (EVP_PKEY_ALG_CTRL+3) -#define EVP_PKEY_CTRL_GOST_GET_DIGEST (EVP_PKEY_ALG_CTRL+4) - -#define GOST_SIG_FORMAT_SR_BE 0 -#define GOST_SIG_FORMAT_RS_LE 1 - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_GOST_strings(void); - -/* Error codes for the GOST functions. */ - -/* Function codes. */ -#define GOST_F_DECODE_GOST01_ALGOR_PARAMS 104 -#define GOST_F_ENCODE_GOST01_ALGOR_PARAMS 105 -#define GOST_F_GOST2001_COMPUTE_PUBLIC 106 -#define GOST_F_GOST2001_DO_SIGN 107 -#define GOST_F_GOST2001_DO_VERIFY 108 -#define GOST_F_GOST2001_KEYGEN 109 -#define GOST_F_GOST89_GET_ASN1_PARAMETERS 102 -#define GOST_F_GOST89_SET_ASN1_PARAMETERS 103 -#define GOST_F_GOST_KEY_CHECK_KEY 124 -#define GOST_F_GOST_KEY_NEW 125 -#define GOST_F_GOST_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES 126 -#define GOST_F_PARAM_COPY_GOST01 110 -#define GOST_F_PARAM_DECODE_GOST01 111 -#define GOST_F_PKEY_GOST01_CTRL 116 -#define GOST_F_PKEY_GOST01_DECRYPT 112 -#define GOST_F_PKEY_GOST01_DERIVE 113 -#define GOST_F_PKEY_GOST01_ENCRYPT 114 -#define GOST_F_PKEY_GOST01_PARAMGEN 115 -#define GOST_F_PKEY_GOST01_SIGN 123 -#define GOST_F_PKEY_GOST_MAC_CTRL 100 -#define GOST_F_PKEY_GOST_MAC_KEYGEN 101 -#define GOST_F_PRIV_DECODE_GOST01 117 -#define GOST_F_PUB_DECODE_GOST01 118 -#define GOST_F_PUB_ENCODE_GOST01 119 -#define GOST_F_PUB_PRINT_GOST01 120 -#define GOST_F_UNPACK_SIGNATURE_CP 121 -#define GOST_F_UNPACK_SIGNATURE_LE 122 - -/* Reason codes. */ -#define GOST_R_BAD_KEY_PARAMETERS_FORMAT 104 -#define GOST_R_BAD_PKEY_PARAMETERS_FORMAT 105 -#define GOST_R_CANNOT_PACK_EPHEMERAL_KEY 106 -#define GOST_R_CTRL_CALL_FAILED 107 -#define GOST_R_ERROR_COMPUTING_SHARED_KEY 108 -#define GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO 109 -#define GOST_R_INCOMPATIBLE_ALGORITHMS 110 -#define GOST_R_INCOMPATIBLE_PEER_KEY 111 -#define GOST_R_INVALID_DIGEST_TYPE 100 -#define GOST_R_INVALID_IV_LENGTH 103 -#define GOST_R_INVALID_MAC_KEY_LENGTH 101 -#define GOST_R_KEY_IS_NOT_INITIALIZED 112 -#define GOST_R_KEY_PARAMETERS_MISSING 113 -#define GOST_R_MAC_KEY_NOT_SET 102 -#define GOST_R_NO_PARAMETERS_SET 115 -#define GOST_R_NO_PEER_KEY 116 -#define GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR 117 -#define GOST_R_PUBLIC_KEY_UNDEFINED 118 -#define GOST_R_RANDOM_NUMBER_GENERATOR_FAILED 120 -#define GOST_R_SIGNATURE_MISMATCH 121 -#define GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q 122 -#define GOST_R_UKM_NOT_SET 123 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/openssl/hkdf.h b/libressl/include64/openssl/hkdf.h deleted file mode 100644 index 34450f9d..00000000 --- a/libressl/include64/openssl/hkdf.h +++ /dev/null @@ -1,65 +0,0 @@ -/* $OpenBSD: hkdf.h,v 1.2 2018/04/03 13:33:53 tb Exp $ */ -/* Copyright (c) 2014, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - -#ifndef OPENSSL_HEADER_HKDF_H -#define OPENSSL_HEADER_HKDF_H - -#include <openssl/evp.h> - -#if defined(__cplusplus) -extern "C" { -#endif - -/* - * HKDF computes HKDF (as specified by RFC 5869) of initial keying - * material |secret| with |salt| and |info| using |digest|, and - * outputs |out_len| bytes to |out_key|. It returns one on success and - * zero on error. - * - * HKDF is an Extract-and-Expand algorithm. It does not do any key - * stretching, and as such, is not suited to be used alone to generate - * a key from a password. - */ - -int HKDF(uint8_t *out_key, size_t out_len, const struct env_md_st *digest, - const uint8_t *secret, size_t secret_len, const uint8_t *salt, - size_t salt_len, const uint8_t *info, size_t info_len); - -/* - * HKDF_extract computes a HKDF PRK (as specified by RFC 5869) from - * initial keying material |secret| and salt |salt| using |digest|, - * and outputs |out_len| bytes to |out_key|. The maximum output size - * is |EVP_MAX_MD_SIZE|. It returns one on success and zero on error. - */ -int HKDF_extract(uint8_t *out_key, size_t *out_len, - const struct env_md_st *digest, const uint8_t *secret, - size_t secret_len, const uint8_t *salt, size_t salt_len); - -/* - * HKDF_expand computes a HKDF OKM (as specified by RFC 5869) of - * length |out_len| from the PRK |prk| and info |info| using |digest|, - * and outputs the result to |out_key|. It returns one on success and - * zero on error. - */ -int HKDF_expand(uint8_t *out_key, size_t out_len, - const EVP_MD *digest, const uint8_t *prk, size_t prk_len, - const uint8_t *info, size_t info_len); - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#endif /* OPENSSL_HEADER_HKDF_H */ diff --git a/libressl/include64/openssl/hmac.h b/libressl/include64/openssl/hmac.h deleted file mode 100644 index e787c62a..00000000 --- a/libressl/include64/openssl/hmac.h +++ /dev/null @@ -1,111 +0,0 @@ -/* $OpenBSD: hmac.h,v 1.13 2018/02/17 14:53:59 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -#ifndef HEADER_HMAC_H -#define HEADER_HMAC_H - -#include <openssl/opensslconf.h> - -#ifdef OPENSSL_NO_HMAC -#error HMAC is disabled. -#endif - -#include <openssl/evp.h> - -#define HMAC_MAX_MD_CBLOCK 128 /* largest known is SHA512 */ - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct hmac_ctx_st { - const EVP_MD *md; - EVP_MD_CTX md_ctx; - EVP_MD_CTX i_ctx; - EVP_MD_CTX o_ctx; - unsigned int key_length; - unsigned char key[HMAC_MAX_MD_CBLOCK]; -} HMAC_CTX; - -#define HMAC_size(e) (EVP_MD_size((e)->md)) - -HMAC_CTX *HMAC_CTX_new(void); -void HMAC_CTX_free(HMAC_CTX *ctx); -void HMAC_CTX_init(HMAC_CTX *ctx); -int HMAC_CTX_reset(HMAC_CTX *ctx); -void HMAC_CTX_cleanup(HMAC_CTX *ctx); - -#define HMAC_cleanup(ctx) HMAC_CTX_cleanup(ctx) /* deprecated */ - -int HMAC_Init(HMAC_CTX *ctx, const void *key, int len, - const EVP_MD *md); /* deprecated */ -int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md, - ENGINE *impl); -int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len); -int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len); -unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len, - const unsigned char *d, size_t n, unsigned char *md, unsigned int *md_len); -int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx); - -void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags); -const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/libressl/include64/openssl/idea.h b/libressl/include64/openssl/idea.h deleted file mode 100644 index f76bcaeb..00000000 --- a/libressl/include64/openssl/idea.h +++ /dev/null @@ -1,100 +0,0 @@ -/* $OpenBSD: idea.h,v 1.10 2014/06/12 15:49:29 deraadt Exp $ */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_IDEA_H -#define HEADER_IDEA_H - -#include <openssl/opensslconf.h> /* IDEA_INT, OPENSSL_NO_IDEA */ - -#ifdef OPENSSL_NO_IDEA -#error IDEA is disabled. -#endif - -#define IDEA_ENCRYPT 1 -#define IDEA_DECRYPT 0 - -#define IDEA_BLOCK 8 -#define IDEA_KEY_LENGTH 16 - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct idea_key_st - { - IDEA_INT data[9][6]; - } IDEA_KEY_SCHEDULE; - -const char *idea_options(void); -void idea_ecb_encrypt(const unsigned char *in, unsigned char *out, - IDEA_KEY_SCHEDULE *ks); -void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks); -void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk); -void idea_cbc_encrypt(const unsigned char *in, unsigned char *out, - long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,int enc); -void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out, - long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv, - int *num,int enc); -void idea_ofb64_encrypt(const unsigned char *in, unsigned char *out, - long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv, int *num); -void idea_encrypt(unsigned long *in, IDEA_KEY_SCHEDULE *ks); -#ifdef __cplusplus -} -#endif - -#endif diff --git a/libressl/include64/openssl/lhash.h b/libressl/include64/openssl/lhash.h deleted file mode 100644 index 9c636573..00000000 --- a/libressl/include64/openssl/lhash.h +++ /dev/null @@ -1,235 +0,0 @@ -/* $OpenBSD: lhash.h,v 1.12 2014/06/12 15:49:29 deraadt Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* Header for dynamic hash table routines - * Author - Eric Young - */ - -#ifndef HEADER_LHASH_H -#define HEADER_LHASH_H - -#include <openssl/opensslconf.h> - -#include <stdio.h> - -#ifndef OPENSSL_NO_BIO -#include <openssl/bio.h> -#endif - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct lhash_node_st { - void *data; - struct lhash_node_st *next; -#ifndef OPENSSL_NO_HASH_COMP - unsigned long hash; -#endif -} LHASH_NODE; - -typedef int (*LHASH_COMP_FN_TYPE)(const void *, const void *); -typedef unsigned long (*LHASH_HASH_FN_TYPE)(const void *); -typedef void (*LHASH_DOALL_FN_TYPE)(void *); -typedef void (*LHASH_DOALL_ARG_FN_TYPE)(void *, void *); - -/* Macros for declaring and implementing type-safe wrappers for LHASH callbacks. - * This way, callbacks can be provided to LHASH structures without function - * pointer casting and the macro-defined callbacks provide per-variable casting - * before deferring to the underlying type-specific callbacks. NB: It is - * possible to place a "static" in front of both the DECLARE and IMPLEMENT - * macros if the functions are strictly internal. */ - -/* First: "hash" functions */ -#define DECLARE_LHASH_HASH_FN(name, o_type) \ - unsigned long name##_LHASH_HASH(const void *); -#define IMPLEMENT_LHASH_HASH_FN(name, o_type) \ - unsigned long name##_LHASH_HASH(const void *arg) { \ - const o_type *a = arg; \ - return name##_hash(a); } -#define LHASH_HASH_FN(name) name##_LHASH_HASH - -/* Second: "compare" functions */ -#define DECLARE_LHASH_COMP_FN(name, o_type) \ - int name##_LHASH_COMP(const void *, const void *); -#define IMPLEMENT_LHASH_COMP_FN(name, o_type) \ - int name##_LHASH_COMP(const void *arg1, const void *arg2) { \ - const o_type *a = arg1; \ - const o_type *b = arg2; \ - return name##_cmp(a,b); } -#define LHASH_COMP_FN(name) name##_LHASH_COMP - -/* Third: "doall" functions */ -#define DECLARE_LHASH_DOALL_FN(name, o_type) \ - void name##_LHASH_DOALL(void *); -#define IMPLEMENT_LHASH_DOALL_FN(name, o_type) \ - void name##_LHASH_DOALL(void *arg) { \ - o_type *a = arg; \ - name##_doall(a); } -#define LHASH_DOALL_FN(name) name##_LHASH_DOALL - -/* Fourth: "doall_arg" functions */ -#define DECLARE_LHASH_DOALL_ARG_FN(name, o_type, a_type) \ - void name##_LHASH_DOALL_ARG(void *, void *); -#define IMPLEMENT_LHASH_DOALL_ARG_FN(name, o_type, a_type) \ - void name##_LHASH_DOALL_ARG(void *arg1, void *arg2) { \ - o_type *a = arg1; \ - a_type *b = arg2; \ - name##_doall_arg(a, b); } -#define LHASH_DOALL_ARG_FN(name) name##_LHASH_DOALL_ARG - -typedef struct lhash_st { - LHASH_NODE **b; - LHASH_COMP_FN_TYPE comp; - LHASH_HASH_FN_TYPE hash; - unsigned int num_nodes; - unsigned int num_alloc_nodes; - unsigned int p; - unsigned int pmax; - unsigned long up_load; /* load times 256 */ - unsigned long down_load; /* load times 256 */ - unsigned long num_items; - - unsigned long num_expands; - unsigned long num_expand_reallocs; - unsigned long num_contracts; - unsigned long num_contract_reallocs; - unsigned long num_hash_calls; - unsigned long num_comp_calls; - unsigned long num_insert; - unsigned long num_replace; - unsigned long num_delete; - unsigned long num_no_delete; - unsigned long num_retrieve; - unsigned long num_retrieve_miss; - unsigned long num_hash_comps; - - int error; -} _LHASH; /* Do not use _LHASH directly, use LHASH_OF - * and friends */ - -#define LH_LOAD_MULT 256 - -/* Indicates a malloc() error in the last call, this is only bad - * in lh_insert(). */ -#define lh_error(lh) ((lh)->error) - -_LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c); -void lh_free(_LHASH *lh); -void *lh_insert(_LHASH *lh, void *data); -void *lh_delete(_LHASH *lh, const void *data); -void *lh_retrieve(_LHASH *lh, const void *data); -void lh_doall(_LHASH *lh, LHASH_DOALL_FN_TYPE func); -void lh_doall_arg(_LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg); -unsigned long lh_strhash(const char *c); -unsigned long lh_num_items(const _LHASH *lh); - -void lh_stats(const _LHASH *lh, FILE *out); -void lh_node_stats(const _LHASH *lh, FILE *out); -void lh_node_usage_stats(const _LHASH *lh, FILE *out); - -#ifndef OPENSSL_NO_BIO -void lh_stats_bio(const _LHASH *lh, BIO *out); -void lh_node_stats_bio(const _LHASH *lh, BIO *out); -void lh_node_usage_stats_bio(const _LHASH *lh, BIO *out); -#endif - -/* Type checking... */ - -#define LHASH_OF(type) struct lhash_st_##type - -#define DECLARE_LHASH_OF(type) LHASH_OF(type) { int dummy; } - -#define CHECKED_LHASH_OF(type,lh) \ - ((_LHASH *)CHECKED_PTR_OF(LHASH_OF(type),lh)) - -/* Define wrapper functions. */ -#define LHM_lh_new(type, name) \ - ((LHASH_OF(type) *)lh_new(LHASH_HASH_FN(name), LHASH_COMP_FN(name))) -#define LHM_lh_error(type, lh) \ - lh_error(CHECKED_LHASH_OF(type,lh)) -#define LHM_lh_insert(type, lh, inst) \ - ((type *)lh_insert(CHECKED_LHASH_OF(type, lh), \ - CHECKED_PTR_OF(type, inst))) -#define LHM_lh_retrieve(type, lh, inst) \ - ((type *)lh_retrieve(CHECKED_LHASH_OF(type, lh), \ - CHECKED_PTR_OF(type, inst))) -#define LHM_lh_delete(type, lh, inst) \ - ((type *)lh_delete(CHECKED_LHASH_OF(type, lh), \ - CHECKED_PTR_OF(type, inst))) -#define LHM_lh_doall(type, lh,fn) lh_doall(CHECKED_LHASH_OF(type, lh), fn) -#define LHM_lh_doall_arg(type, lh, fn, arg_type, arg) \ - lh_doall_arg(CHECKED_LHASH_OF(type, lh), fn, CHECKED_PTR_OF(arg_type, arg)) -#define LHM_lh_num_items(type, lh) lh_num_items(CHECKED_LHASH_OF(type, lh)) -#define LHM_lh_down_load(type, lh) (CHECKED_LHASH_OF(type, lh)->down_load) -#define LHM_lh_node_stats_bio(type, lh, out) \ - lh_node_stats_bio(CHECKED_LHASH_OF(type, lh), out) -#define LHM_lh_node_usage_stats_bio(type, lh, out) \ - lh_node_usage_stats_bio(CHECKED_LHASH_OF(type, lh), out) -#define LHM_lh_stats_bio(type, lh, out) \ - lh_stats_bio(CHECKED_LHASH_OF(type, lh), out) -#define LHM_lh_free(type, lh) lh_free(CHECKED_LHASH_OF(type, lh)) - -DECLARE_LHASH_OF(OPENSSL_STRING); -DECLARE_LHASH_OF(OPENSSL_CSTRING); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/libressl/include64/openssl/md4.h b/libressl/include64/openssl/md4.h deleted file mode 100644 index 04aacc98..00000000 --- a/libressl/include64/openssl/md4.h +++ /dev/null @@ -1,103 +0,0 @@ -/* $OpenBSD: md4.h,v 1.16 2015/09/14 01:45:03 doug Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stddef.h> - -#ifndef HEADER_MD4_H -#define HEADER_MD4_H - -#include <openssl/opensslconf.h> - -#ifdef __cplusplus -extern "C" { -#endif - -#ifdef OPENSSL_NO_MD4 -#error MD4 is disabled. -#endif - -/* - * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - * ! MD4_LONG has to be at least 32 bits wide. ! - * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - */ - -#define MD4_LONG unsigned int - -#define MD4_CBLOCK 64 -#define MD4_LBLOCK (MD4_CBLOCK/4) -#define MD4_DIGEST_LENGTH 16 - -typedef struct MD4state_st - { - MD4_LONG A,B,C,D; - MD4_LONG Nl,Nh; - MD4_LONG data[MD4_LBLOCK]; - unsigned int num; - } MD4_CTX; - -int MD4_Init(MD4_CTX *c); -int MD4_Update(MD4_CTX *c, const void *data, size_t len); -int MD4_Final(unsigned char *md, MD4_CTX *c); -unsigned char *MD4(const unsigned char *d, size_t n, unsigned char *md); -void MD4_Transform(MD4_CTX *c, const unsigned char *b); -#ifdef __cplusplus -} -#endif - -#endif diff --git a/libressl/include64/openssl/md5.h b/libressl/include64/openssl/md5.h deleted file mode 100644 index e2c511c7..00000000 --- a/libressl/include64/openssl/md5.h +++ /dev/null @@ -1,108 +0,0 @@ -/* $OpenBSD: md5.h,v 1.20 2014/10/20 13:06:54 bcook Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stddef.h> - -#ifndef HEADER_MD5_H -#define HEADER_MD5_H -#if !defined(HAVE_ATTRIBUTE__BOUNDED__) && !defined(__OpenBSD__) -#define __bounded__(x, y, z) -#endif - -#include <openssl/opensslconf.h> - -#ifdef __cplusplus -extern "C" { -#endif - -#ifdef OPENSSL_NO_MD5 -#error MD5 is disabled. -#endif - -/* - * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - * ! MD5_LONG has to be at least 32 bits wide. ! - * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - */ - -#define MD5_LONG unsigned int - -#define MD5_CBLOCK 64 -#define MD5_LBLOCK (MD5_CBLOCK/4) -#define MD5_DIGEST_LENGTH 16 - -typedef struct MD5state_st - { - MD5_LONG A,B,C,D; - MD5_LONG Nl,Nh; - MD5_LONG data[MD5_LBLOCK]; - unsigned int num; - } MD5_CTX; - -int MD5_Init(MD5_CTX *c); -int MD5_Update(MD5_CTX *c, const void *data, size_t len) - __attribute__ ((__bounded__(__buffer__,2,3))); -int MD5_Final(unsigned char *md, MD5_CTX *c); -unsigned char *MD5(const unsigned char *d, size_t n, unsigned char *md) - __attribute__ ((__bounded__(__buffer__,1,2))); -void MD5_Transform(MD5_CTX *c, const unsigned char *b); -#ifdef __cplusplus -} -#endif - -#endif diff --git a/libressl/include64/openssl/modes.h b/libressl/include64/openssl/modes.h deleted file mode 100644 index 67ec7518..00000000 --- a/libressl/include64/openssl/modes.h +++ /dev/null @@ -1,144 +0,0 @@ -/* $OpenBSD: modes.h,v 1.3 2018/07/24 10:47:19 bcook Exp $ */ -/* ==================================================================== - * Copyright (c) 2008 The OpenSSL Project. All rights reserved. - * - * Rights for redistribution and usage in source and binary - * forms are granted according to the OpenSSL license. - */ - -#include <stddef.h> - -#ifdef __cplusplus -extern "C" { -#endif - -typedef void (*block128_f)(const unsigned char in[16], - unsigned char out[16], - const void *key); - -typedef void (*cbc128_f)(const unsigned char *in, unsigned char *out, - size_t len, const void *key, - unsigned char ivec[16], int enc); - -typedef void (*ctr128_f)(const unsigned char *in, unsigned char *out, - size_t blocks, const void *key, - const unsigned char ivec[16]); - -typedef void (*ccm128_f)(const unsigned char *in, unsigned char *out, - size_t blocks, const void *key, - const unsigned char ivec[16],unsigned char cmac[16]); - -void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out, - size_t len, const void *key, - unsigned char ivec[16], block128_f block); -void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out, - size_t len, const void *key, - unsigned char ivec[16], block128_f block); - -void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out, - size_t len, const void *key, - unsigned char ivec[16], unsigned char ecount_buf[16], - unsigned int *num, block128_f block); - -void CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out, - size_t len, const void *key, - unsigned char ivec[16], unsigned char ecount_buf[16], - unsigned int *num, ctr128_f ctr); - -void CRYPTO_ofb128_encrypt(const unsigned char *in, unsigned char *out, - size_t len, const void *key, - unsigned char ivec[16], int *num, - block128_f block); - -void CRYPTO_cfb128_encrypt(const unsigned char *in, unsigned char *out, - size_t len, const void *key, - unsigned char ivec[16], int *num, - int enc, block128_f block); -void CRYPTO_cfb128_8_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const void *key, - unsigned char ivec[16], int *num, - int enc, block128_f block); -void CRYPTO_cfb128_1_encrypt(const unsigned char *in, unsigned char *out, - size_t bits, const void *key, - unsigned char ivec[16], int *num, - int enc, block128_f block); - -size_t CRYPTO_cts128_encrypt_block(const unsigned char *in, unsigned char *out, - size_t len, const void *key, - unsigned char ivec[16], block128_f block); -size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out, - size_t len, const void *key, - unsigned char ivec[16], cbc128_f cbc); -size_t CRYPTO_cts128_decrypt_block(const unsigned char *in, unsigned char *out, - size_t len, const void *key, - unsigned char ivec[16], block128_f block); -size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out, - size_t len, const void *key, - unsigned char ivec[16], cbc128_f cbc); - -size_t CRYPTO_nistcts128_encrypt_block(const unsigned char *in, unsigned char *out, - size_t len, const void *key, - unsigned char ivec[16], block128_f block); -size_t CRYPTO_nistcts128_encrypt(const unsigned char *in, unsigned char *out, - size_t len, const void *key, - unsigned char ivec[16], cbc128_f cbc); -size_t CRYPTO_nistcts128_decrypt_block(const unsigned char *in, unsigned char *out, - size_t len, const void *key, - unsigned char ivec[16], block128_f block); -size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out, - size_t len, const void *key, - unsigned char ivec[16], cbc128_f cbc); - -typedef struct gcm128_context GCM128_CONTEXT; - -GCM128_CONTEXT *CRYPTO_gcm128_new(void *key, block128_f block); -void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx,void *key,block128_f block); -void CRYPTO_gcm128_setiv(GCM128_CONTEXT *ctx, const unsigned char *iv, - size_t len); -int CRYPTO_gcm128_aad(GCM128_CONTEXT *ctx, const unsigned char *aad, - size_t len); -int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx, - const unsigned char *in, unsigned char *out, - size_t len); -int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx, - const unsigned char *in, unsigned char *out, - size_t len); -int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx, - const unsigned char *in, unsigned char *out, - size_t len, ctr128_f stream); -int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx, - const unsigned char *in, unsigned char *out, - size_t len, ctr128_f stream); -int CRYPTO_gcm128_finish(GCM128_CONTEXT *ctx,const unsigned char *tag, - size_t len); -void CRYPTO_gcm128_tag(GCM128_CONTEXT *ctx, unsigned char *tag, size_t len); -void CRYPTO_gcm128_release(GCM128_CONTEXT *ctx); - -typedef struct ccm128_context CCM128_CONTEXT; - -void CRYPTO_ccm128_init(CCM128_CONTEXT *ctx, - unsigned int M, unsigned int L, void *key,block128_f block); -int CRYPTO_ccm128_setiv(CCM128_CONTEXT *ctx, - const unsigned char *nonce, size_t nlen, size_t mlen); -void CRYPTO_ccm128_aad(CCM128_CONTEXT *ctx, - const unsigned char *aad, size_t alen); -int CRYPTO_ccm128_encrypt(CCM128_CONTEXT *ctx, - const unsigned char *inp, unsigned char *out, size_t len); -int CRYPTO_ccm128_decrypt(CCM128_CONTEXT *ctx, - const unsigned char *inp, unsigned char *out, size_t len); -int CRYPTO_ccm128_encrypt_ccm64(CCM128_CONTEXT *ctx, - const unsigned char *inp, unsigned char *out, size_t len, - ccm128_f stream); -int CRYPTO_ccm128_decrypt_ccm64(CCM128_CONTEXT *ctx, - const unsigned char *inp, unsigned char *out, size_t len, - ccm128_f stream); -size_t CRYPTO_ccm128_tag(CCM128_CONTEXT *ctx, unsigned char *tag, size_t len); - -typedef struct xts128_context XTS128_CONTEXT; - -int CRYPTO_xts128_encrypt(const XTS128_CONTEXT *ctx, const unsigned char iv[16], - const unsigned char *inp, unsigned char *out, size_t len, int enc); - -#ifdef __cplusplus -} -#endif diff --git a/libressl/include64/openssl/obj_mac.h b/libressl/include64/openssl/obj_mac.h deleted file mode 100644 index 2699111e..00000000 --- a/libressl/include64/openssl/obj_mac.h +++ /dev/null @@ -1,4338 +0,0 @@ -/* crypto/objects/obj_mac.h */ - -/* THIS FILE IS GENERATED FROM objects.txt by objects.pl via the - * following command: - * perl objects.pl objects.txt obj_mac.num obj_mac.h - */ - -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#define SN_undef "UNDEF" -#define LN_undef "undefined" -#define NID_undef 0 -#define OBJ_undef 0L - -#define SN_itu_t "ITU-T" -#define LN_itu_t "itu-t" -#define NID_itu_t 645 -#define OBJ_itu_t 0L - -#define NID_ccitt 404 -#define OBJ_ccitt OBJ_itu_t - -#define SN_iso "ISO" -#define LN_iso "iso" -#define NID_iso 181 -#define OBJ_iso 1L - -#define SN_joint_iso_itu_t "JOINT-ISO-ITU-T" -#define LN_joint_iso_itu_t "joint-iso-itu-t" -#define NID_joint_iso_itu_t 646 -#define OBJ_joint_iso_itu_t 2L - -#define NID_joint_iso_ccitt 393 -#define OBJ_joint_iso_ccitt OBJ_joint_iso_itu_t - -#define SN_member_body "member-body" -#define LN_member_body "ISO Member Body" -#define NID_member_body 182 -#define OBJ_member_body OBJ_iso,2L - -#define SN_identified_organization "identified-organization" -#define NID_identified_organization 676 -#define OBJ_identified_organization OBJ_iso,3L - -#define SN_hmac_md5 "HMAC-MD5" -#define LN_hmac_md5 "hmac-md5" -#define NID_hmac_md5 780 -#define OBJ_hmac_md5 OBJ_identified_organization,6L,1L,5L,5L,8L,1L,1L - -#define SN_hmac_sha1 "HMAC-SHA1" -#define LN_hmac_sha1 "hmac-sha1" -#define NID_hmac_sha1 781 -#define OBJ_hmac_sha1 OBJ_identified_organization,6L,1L,5L,5L,8L,1L,2L - -#define SN_certicom_arc "certicom-arc" -#define NID_certicom_arc 677 -#define OBJ_certicom_arc OBJ_identified_organization,132L - -#define SN_international_organizations "international-organizations" -#define LN_international_organizations "International Organizations" -#define NID_international_organizations 647 -#define OBJ_international_organizations OBJ_joint_iso_itu_t,23L - -#define SN_wap "wap" -#define NID_wap 678 -#define OBJ_wap OBJ_international_organizations,43L - -#define SN_wap_wsg "wap-wsg" -#define NID_wap_wsg 679 -#define OBJ_wap_wsg OBJ_wap,1L - -#define SN_selected_attribute_types "selected-attribute-types" -#define LN_selected_attribute_types "Selected Attribute Types" -#define NID_selected_attribute_types 394 -#define OBJ_selected_attribute_types OBJ_joint_iso_itu_t,5L,1L,5L - -#define SN_clearance "clearance" -#define NID_clearance 395 -#define OBJ_clearance OBJ_selected_attribute_types,55L - -#define SN_ISO_US "ISO-US" -#define LN_ISO_US "ISO US Member Body" -#define NID_ISO_US 183 -#define OBJ_ISO_US OBJ_member_body,840L - -#define SN_X9_57 "X9-57" -#define LN_X9_57 "X9.57" -#define NID_X9_57 184 -#define OBJ_X9_57 OBJ_ISO_US,10040L - -#define SN_X9cm "X9cm" -#define LN_X9cm "X9.57 CM ?" -#define NID_X9cm 185 -#define OBJ_X9cm OBJ_X9_57,4L - -#define SN_dsa "DSA" -#define LN_dsa "dsaEncryption" -#define NID_dsa 116 -#define OBJ_dsa OBJ_X9cm,1L - -#define SN_dsaWithSHA1 "DSA-SHA1" -#define LN_dsaWithSHA1 "dsaWithSHA1" -#define NID_dsaWithSHA1 113 -#define OBJ_dsaWithSHA1 OBJ_X9cm,3L - -#define SN_ansi_X9_62 "ansi-X9-62" -#define LN_ansi_X9_62 "ANSI X9.62" -#define NID_ansi_X9_62 405 -#define OBJ_ansi_X9_62 OBJ_ISO_US,10045L - -#define OBJ_X9_62_id_fieldType OBJ_ansi_X9_62,1L - -#define SN_X9_62_prime_field "prime-field" -#define NID_X9_62_prime_field 406 -#define OBJ_X9_62_prime_field OBJ_X9_62_id_fieldType,1L - -#define SN_X9_62_characteristic_two_field "characteristic-two-field" -#define NID_X9_62_characteristic_two_field 407 -#define OBJ_X9_62_characteristic_two_field OBJ_X9_62_id_fieldType,2L - -#define SN_X9_62_id_characteristic_two_basis "id-characteristic-two-basis" -#define NID_X9_62_id_characteristic_two_basis 680 -#define OBJ_X9_62_id_characteristic_two_basis OBJ_X9_62_characteristic_two_field,3L - -#define SN_X9_62_onBasis "onBasis" -#define NID_X9_62_onBasis 681 -#define OBJ_X9_62_onBasis OBJ_X9_62_id_characteristic_two_basis,1L - -#define SN_X9_62_tpBasis "tpBasis" -#define NID_X9_62_tpBasis 682 -#define OBJ_X9_62_tpBasis OBJ_X9_62_id_characteristic_two_basis,2L - -#define SN_X9_62_ppBasis "ppBasis" -#define NID_X9_62_ppBasis 683 -#define OBJ_X9_62_ppBasis OBJ_X9_62_id_characteristic_two_basis,3L - -#define OBJ_X9_62_id_publicKeyType OBJ_ansi_X9_62,2L - -#define SN_X9_62_id_ecPublicKey "id-ecPublicKey" -#define NID_X9_62_id_ecPublicKey 408 -#define OBJ_X9_62_id_ecPublicKey OBJ_X9_62_id_publicKeyType,1L - -#define OBJ_X9_62_ellipticCurve OBJ_ansi_X9_62,3L - -#define OBJ_X9_62_c_TwoCurve OBJ_X9_62_ellipticCurve,0L - -#define SN_X9_62_c2pnb163v1 "c2pnb163v1" -#define NID_X9_62_c2pnb163v1 684 -#define OBJ_X9_62_c2pnb163v1 OBJ_X9_62_c_TwoCurve,1L - -#define SN_X9_62_c2pnb163v2 "c2pnb163v2" -#define NID_X9_62_c2pnb163v2 685 -#define OBJ_X9_62_c2pnb163v2 OBJ_X9_62_c_TwoCurve,2L - -#define SN_X9_62_c2pnb163v3 "c2pnb163v3" -#define NID_X9_62_c2pnb163v3 686 -#define OBJ_X9_62_c2pnb163v3 OBJ_X9_62_c_TwoCurve,3L - -#define SN_X9_62_c2pnb176v1 "c2pnb176v1" -#define NID_X9_62_c2pnb176v1 687 -#define OBJ_X9_62_c2pnb176v1 OBJ_X9_62_c_TwoCurve,4L - -#define SN_X9_62_c2tnb191v1 "c2tnb191v1" -#define NID_X9_62_c2tnb191v1 688 -#define OBJ_X9_62_c2tnb191v1 OBJ_X9_62_c_TwoCurve,5L - -#define SN_X9_62_c2tnb191v2 "c2tnb191v2" -#define NID_X9_62_c2tnb191v2 689 -#define OBJ_X9_62_c2tnb191v2 OBJ_X9_62_c_TwoCurve,6L - -#define SN_X9_62_c2tnb191v3 "c2tnb191v3" -#define NID_X9_62_c2tnb191v3 690 -#define OBJ_X9_62_c2tnb191v3 OBJ_X9_62_c_TwoCurve,7L - -#define SN_X9_62_c2onb191v4 "c2onb191v4" -#define NID_X9_62_c2onb191v4 691 -#define OBJ_X9_62_c2onb191v4 OBJ_X9_62_c_TwoCurve,8L - -#define SN_X9_62_c2onb191v5 "c2onb191v5" -#define NID_X9_62_c2onb191v5 692 -#define OBJ_X9_62_c2onb191v5 OBJ_X9_62_c_TwoCurve,9L - -#define SN_X9_62_c2pnb208w1 "c2pnb208w1" -#define NID_X9_62_c2pnb208w1 693 -#define OBJ_X9_62_c2pnb208w1 OBJ_X9_62_c_TwoCurve,10L - -#define SN_X9_62_c2tnb239v1 "c2tnb239v1" -#define NID_X9_62_c2tnb239v1 694 -#define OBJ_X9_62_c2tnb239v1 OBJ_X9_62_c_TwoCurve,11L - -#define SN_X9_62_c2tnb239v2 "c2tnb239v2" -#define NID_X9_62_c2tnb239v2 695 -#define OBJ_X9_62_c2tnb239v2 OBJ_X9_62_c_TwoCurve,12L - -#define SN_X9_62_c2tnb239v3 "c2tnb239v3" -#define NID_X9_62_c2tnb239v3 696 -#define OBJ_X9_62_c2tnb239v3 OBJ_X9_62_c_TwoCurve,13L - -#define SN_X9_62_c2onb239v4 "c2onb239v4" -#define NID_X9_62_c2onb239v4 697 -#define OBJ_X9_62_c2onb239v4 OBJ_X9_62_c_TwoCurve,14L - -#define SN_X9_62_c2onb239v5 "c2onb239v5" -#define NID_X9_62_c2onb239v5 698 -#define OBJ_X9_62_c2onb239v5 OBJ_X9_62_c_TwoCurve,15L - -#define SN_X9_62_c2pnb272w1 "c2pnb272w1" -#define NID_X9_62_c2pnb272w1 699 -#define OBJ_X9_62_c2pnb272w1 OBJ_X9_62_c_TwoCurve,16L - -#define SN_X9_62_c2pnb304w1 "c2pnb304w1" -#define NID_X9_62_c2pnb304w1 700 -#define OBJ_X9_62_c2pnb304w1 OBJ_X9_62_c_TwoCurve,17L - -#define SN_X9_62_c2tnb359v1 "c2tnb359v1" -#define NID_X9_62_c2tnb359v1 701 -#define OBJ_X9_62_c2tnb359v1 OBJ_X9_62_c_TwoCurve,18L - -#define SN_X9_62_c2pnb368w1 "c2pnb368w1" -#define NID_X9_62_c2pnb368w1 702 -#define OBJ_X9_62_c2pnb368w1 OBJ_X9_62_c_TwoCurve,19L - -#define SN_X9_62_c2tnb431r1 "c2tnb431r1" -#define NID_X9_62_c2tnb431r1 703 -#define OBJ_X9_62_c2tnb431r1 OBJ_X9_62_c_TwoCurve,20L - -#define OBJ_X9_62_primeCurve OBJ_X9_62_ellipticCurve,1L - -#define SN_X9_62_prime192v1 "prime192v1" -#define NID_X9_62_prime192v1 409 -#define OBJ_X9_62_prime192v1 OBJ_X9_62_primeCurve,1L - -#define SN_X9_62_prime192v2 "prime192v2" -#define NID_X9_62_prime192v2 410 -#define OBJ_X9_62_prime192v2 OBJ_X9_62_primeCurve,2L - -#define SN_X9_62_prime192v3 "prime192v3" -#define NID_X9_62_prime192v3 411 -#define OBJ_X9_62_prime192v3 OBJ_X9_62_primeCurve,3L - -#define SN_X9_62_prime239v1 "prime239v1" -#define NID_X9_62_prime239v1 412 -#define OBJ_X9_62_prime239v1 OBJ_X9_62_primeCurve,4L - -#define SN_X9_62_prime239v2 "prime239v2" -#define NID_X9_62_prime239v2 413 -#define OBJ_X9_62_prime239v2 OBJ_X9_62_primeCurve,5L - -#define SN_X9_62_prime239v3 "prime239v3" -#define NID_X9_62_prime239v3 414 -#define OBJ_X9_62_prime239v3 OBJ_X9_62_primeCurve,6L - -#define SN_X9_62_prime256v1 "prime256v1" -#define NID_X9_62_prime256v1 415 -#define OBJ_X9_62_prime256v1 OBJ_X9_62_primeCurve,7L - -#define OBJ_X9_62_id_ecSigType OBJ_ansi_X9_62,4L - -#define SN_ecdsa_with_SHA1 "ecdsa-with-SHA1" -#define NID_ecdsa_with_SHA1 416 -#define OBJ_ecdsa_with_SHA1 OBJ_X9_62_id_ecSigType,1L - -#define SN_ecdsa_with_Recommended "ecdsa-with-Recommended" -#define NID_ecdsa_with_Recommended 791 -#define OBJ_ecdsa_with_Recommended OBJ_X9_62_id_ecSigType,2L - -#define SN_ecdsa_with_Specified "ecdsa-with-Specified" -#define NID_ecdsa_with_Specified 792 -#define OBJ_ecdsa_with_Specified OBJ_X9_62_id_ecSigType,3L - -#define SN_ecdsa_with_SHA224 "ecdsa-with-SHA224" -#define NID_ecdsa_with_SHA224 793 -#define OBJ_ecdsa_with_SHA224 OBJ_ecdsa_with_Specified,1L - -#define SN_ecdsa_with_SHA256 "ecdsa-with-SHA256" -#define NID_ecdsa_with_SHA256 794 -#define OBJ_ecdsa_with_SHA256 OBJ_ecdsa_with_Specified,2L - -#define SN_ecdsa_with_SHA384 "ecdsa-with-SHA384" -#define NID_ecdsa_with_SHA384 795 -#define OBJ_ecdsa_with_SHA384 OBJ_ecdsa_with_Specified,3L - -#define SN_ecdsa_with_SHA512 "ecdsa-with-SHA512" -#define NID_ecdsa_with_SHA512 796 -#define OBJ_ecdsa_with_SHA512 OBJ_ecdsa_with_Specified,4L - -#define OBJ_secg_ellipticCurve OBJ_certicom_arc,0L - -#define SN_secp112r1 "secp112r1" -#define NID_secp112r1 704 -#define OBJ_secp112r1 OBJ_secg_ellipticCurve,6L - -#define SN_secp112r2 "secp112r2" -#define NID_secp112r2 705 -#define OBJ_secp112r2 OBJ_secg_ellipticCurve,7L - -#define SN_secp128r1 "secp128r1" -#define NID_secp128r1 706 -#define OBJ_secp128r1 OBJ_secg_ellipticCurve,28L - -#define SN_secp128r2 "secp128r2" -#define NID_secp128r2 707 -#define OBJ_secp128r2 OBJ_secg_ellipticCurve,29L - -#define SN_secp160k1 "secp160k1" -#define NID_secp160k1 708 -#define OBJ_secp160k1 OBJ_secg_ellipticCurve,9L - -#define SN_secp160r1 "secp160r1" -#define NID_secp160r1 709 -#define OBJ_secp160r1 OBJ_secg_ellipticCurve,8L - -#define SN_secp160r2 "secp160r2" -#define NID_secp160r2 710 -#define OBJ_secp160r2 OBJ_secg_ellipticCurve,30L - -#define SN_secp192k1 "secp192k1" -#define NID_secp192k1 711 -#define OBJ_secp192k1 OBJ_secg_ellipticCurve,31L - -#define SN_secp224k1 "secp224k1" -#define NID_secp224k1 712 -#define OBJ_secp224k1 OBJ_secg_ellipticCurve,32L - -#define SN_secp224r1 "secp224r1" -#define NID_secp224r1 713 -#define OBJ_secp224r1 OBJ_secg_ellipticCurve,33L - -#define SN_secp256k1 "secp256k1" -#define NID_secp256k1 714 -#define OBJ_secp256k1 OBJ_secg_ellipticCurve,10L - -#define SN_secp384r1 "secp384r1" -#define NID_secp384r1 715 -#define OBJ_secp384r1 OBJ_secg_ellipticCurve,34L - -#define SN_secp521r1 "secp521r1" -#define NID_secp521r1 716 -#define OBJ_secp521r1 OBJ_secg_ellipticCurve,35L - -#define SN_sect113r1 "sect113r1" -#define NID_sect113r1 717 -#define OBJ_sect113r1 OBJ_secg_ellipticCurve,4L - -#define SN_sect113r2 "sect113r2" -#define NID_sect113r2 718 -#define OBJ_sect113r2 OBJ_secg_ellipticCurve,5L - -#define SN_sect131r1 "sect131r1" -#define NID_sect131r1 719 -#define OBJ_sect131r1 OBJ_secg_ellipticCurve,22L - -#define SN_sect131r2 "sect131r2" -#define NID_sect131r2 720 -#define OBJ_sect131r2 OBJ_secg_ellipticCurve,23L - -#define SN_sect163k1 "sect163k1" -#define NID_sect163k1 721 -#define OBJ_sect163k1 OBJ_secg_ellipticCurve,1L - -#define SN_sect163r1 "sect163r1" -#define NID_sect163r1 722 -#define OBJ_sect163r1 OBJ_secg_ellipticCurve,2L - -#define SN_sect163r2 "sect163r2" -#define NID_sect163r2 723 -#define OBJ_sect163r2 OBJ_secg_ellipticCurve,15L - -#define SN_sect193r1 "sect193r1" -#define NID_sect193r1 724 -#define OBJ_sect193r1 OBJ_secg_ellipticCurve,24L - -#define SN_sect193r2 "sect193r2" -#define NID_sect193r2 725 -#define OBJ_sect193r2 OBJ_secg_ellipticCurve,25L - -#define SN_sect233k1 "sect233k1" -#define NID_sect233k1 726 -#define OBJ_sect233k1 OBJ_secg_ellipticCurve,26L - -#define SN_sect233r1 "sect233r1" -#define NID_sect233r1 727 -#define OBJ_sect233r1 OBJ_secg_ellipticCurve,27L - -#define SN_sect239k1 "sect239k1" -#define NID_sect239k1 728 -#define OBJ_sect239k1 OBJ_secg_ellipticCurve,3L - -#define SN_sect283k1 "sect283k1" -#define NID_sect283k1 729 -#define OBJ_sect283k1 OBJ_secg_ellipticCurve,16L - -#define SN_sect283r1 "sect283r1" -#define NID_sect283r1 730 -#define OBJ_sect283r1 OBJ_secg_ellipticCurve,17L - -#define SN_sect409k1 "sect409k1" -#define NID_sect409k1 731 -#define OBJ_sect409k1 OBJ_secg_ellipticCurve,36L - -#define SN_sect409r1 "sect409r1" -#define NID_sect409r1 732 -#define OBJ_sect409r1 OBJ_secg_ellipticCurve,37L - -#define SN_sect571k1 "sect571k1" -#define NID_sect571k1 733 -#define OBJ_sect571k1 OBJ_secg_ellipticCurve,38L - -#define SN_sect571r1 "sect571r1" -#define NID_sect571r1 734 -#define OBJ_sect571r1 OBJ_secg_ellipticCurve,39L - -#define OBJ_wap_wsg_idm_ecid OBJ_wap_wsg,4L - -#define SN_wap_wsg_idm_ecid_wtls1 "wap-wsg-idm-ecid-wtls1" -#define NID_wap_wsg_idm_ecid_wtls1 735 -#define OBJ_wap_wsg_idm_ecid_wtls1 OBJ_wap_wsg_idm_ecid,1L - -#define SN_wap_wsg_idm_ecid_wtls3 "wap-wsg-idm-ecid-wtls3" -#define NID_wap_wsg_idm_ecid_wtls3 736 -#define OBJ_wap_wsg_idm_ecid_wtls3 OBJ_wap_wsg_idm_ecid,3L - -#define SN_wap_wsg_idm_ecid_wtls4 "wap-wsg-idm-ecid-wtls4" -#define NID_wap_wsg_idm_ecid_wtls4 737 -#define OBJ_wap_wsg_idm_ecid_wtls4 OBJ_wap_wsg_idm_ecid,4L - -#define SN_wap_wsg_idm_ecid_wtls5 "wap-wsg-idm-ecid-wtls5" -#define NID_wap_wsg_idm_ecid_wtls5 738 -#define OBJ_wap_wsg_idm_ecid_wtls5 OBJ_wap_wsg_idm_ecid,5L - -#define SN_wap_wsg_idm_ecid_wtls6 "wap-wsg-idm-ecid-wtls6" -#define NID_wap_wsg_idm_ecid_wtls6 739 -#define OBJ_wap_wsg_idm_ecid_wtls6 OBJ_wap_wsg_idm_ecid,6L - -#define SN_wap_wsg_idm_ecid_wtls7 "wap-wsg-idm-ecid-wtls7" -#define NID_wap_wsg_idm_ecid_wtls7 740 -#define OBJ_wap_wsg_idm_ecid_wtls7 OBJ_wap_wsg_idm_ecid,7L - -#define SN_wap_wsg_idm_ecid_wtls8 "wap-wsg-idm-ecid-wtls8" -#define NID_wap_wsg_idm_ecid_wtls8 741 -#define OBJ_wap_wsg_idm_ecid_wtls8 OBJ_wap_wsg_idm_ecid,8L - -#define SN_wap_wsg_idm_ecid_wtls9 "wap-wsg-idm-ecid-wtls9" -#define NID_wap_wsg_idm_ecid_wtls9 742 -#define OBJ_wap_wsg_idm_ecid_wtls9 OBJ_wap_wsg_idm_ecid,9L - -#define SN_wap_wsg_idm_ecid_wtls10 "wap-wsg-idm-ecid-wtls10" -#define NID_wap_wsg_idm_ecid_wtls10 743 -#define OBJ_wap_wsg_idm_ecid_wtls10 OBJ_wap_wsg_idm_ecid,10L - -#define SN_wap_wsg_idm_ecid_wtls11 "wap-wsg-idm-ecid-wtls11" -#define NID_wap_wsg_idm_ecid_wtls11 744 -#define OBJ_wap_wsg_idm_ecid_wtls11 OBJ_wap_wsg_idm_ecid,11L - -#define SN_wap_wsg_idm_ecid_wtls12 "wap-wsg-idm-ecid-wtls12" -#define NID_wap_wsg_idm_ecid_wtls12 745 -#define OBJ_wap_wsg_idm_ecid_wtls12 OBJ_wap_wsg_idm_ecid,12L - -#define SN_cast5_cbc "CAST5-CBC" -#define LN_cast5_cbc "cast5-cbc" -#define NID_cast5_cbc 108 -#define OBJ_cast5_cbc OBJ_ISO_US,113533L,7L,66L,10L - -#define SN_cast5_ecb "CAST5-ECB" -#define LN_cast5_ecb "cast5-ecb" -#define NID_cast5_ecb 109 - -#define SN_cast5_cfb64 "CAST5-CFB" -#define LN_cast5_cfb64 "cast5-cfb" -#define NID_cast5_cfb64 110 - -#define SN_cast5_ofb64 "CAST5-OFB" -#define LN_cast5_ofb64 "cast5-ofb" -#define NID_cast5_ofb64 111 - -#define LN_pbeWithMD5AndCast5_CBC "pbeWithMD5AndCast5CBC" -#define NID_pbeWithMD5AndCast5_CBC 112 -#define OBJ_pbeWithMD5AndCast5_CBC OBJ_ISO_US,113533L,7L,66L,12L - -#define SN_id_PasswordBasedMAC "id-PasswordBasedMAC" -#define LN_id_PasswordBasedMAC "password based MAC" -#define NID_id_PasswordBasedMAC 782 -#define OBJ_id_PasswordBasedMAC OBJ_ISO_US,113533L,7L,66L,13L - -#define SN_id_DHBasedMac "id-DHBasedMac" -#define LN_id_DHBasedMac "Diffie-Hellman based MAC" -#define NID_id_DHBasedMac 783 -#define OBJ_id_DHBasedMac OBJ_ISO_US,113533L,7L,66L,30L - -#define SN_rsadsi "rsadsi" -#define LN_rsadsi "RSA Data Security, Inc." -#define NID_rsadsi 1 -#define OBJ_rsadsi OBJ_ISO_US,113549L - -#define SN_pkcs "pkcs" -#define LN_pkcs "RSA Data Security, Inc. PKCS" -#define NID_pkcs 2 -#define OBJ_pkcs OBJ_rsadsi,1L - -#define SN_pkcs1 "pkcs1" -#define NID_pkcs1 186 -#define OBJ_pkcs1 OBJ_pkcs,1L - -#define LN_rsaEncryption "rsaEncryption" -#define NID_rsaEncryption 6 -#define OBJ_rsaEncryption OBJ_pkcs1,1L - -#define SN_md2WithRSAEncryption "RSA-MD2" -#define LN_md2WithRSAEncryption "md2WithRSAEncryption" -#define NID_md2WithRSAEncryption 7 -#define OBJ_md2WithRSAEncryption OBJ_pkcs1,2L - -#define SN_md4WithRSAEncryption "RSA-MD4" -#define LN_md4WithRSAEncryption "md4WithRSAEncryption" -#define NID_md4WithRSAEncryption 396 -#define OBJ_md4WithRSAEncryption OBJ_pkcs1,3L - -#define SN_md5WithRSAEncryption "RSA-MD5" -#define LN_md5WithRSAEncryption "md5WithRSAEncryption" -#define NID_md5WithRSAEncryption 8 -#define OBJ_md5WithRSAEncryption OBJ_pkcs1,4L - -#define SN_sha1WithRSAEncryption "RSA-SHA1" -#define LN_sha1WithRSAEncryption "sha1WithRSAEncryption" -#define NID_sha1WithRSAEncryption 65 -#define OBJ_sha1WithRSAEncryption OBJ_pkcs1,5L - -#define SN_rsaesOaep "RSAES-OAEP" -#define LN_rsaesOaep "rsaesOaep" -#define NID_rsaesOaep 919 -#define OBJ_rsaesOaep OBJ_pkcs1,7L - -#define SN_mgf1 "MGF1" -#define LN_mgf1 "mgf1" -#define NID_mgf1 911 -#define OBJ_mgf1 OBJ_pkcs1,8L - -#define SN_rsassaPss "RSASSA-PSS" -#define LN_rsassaPss "rsassaPss" -#define NID_rsassaPss 912 -#define OBJ_rsassaPss OBJ_pkcs1,10L - -#define SN_sha256WithRSAEncryption "RSA-SHA256" -#define LN_sha256WithRSAEncryption "sha256WithRSAEncryption" -#define NID_sha256WithRSAEncryption 668 -#define OBJ_sha256WithRSAEncryption OBJ_pkcs1,11L - -#define SN_sha384WithRSAEncryption "RSA-SHA384" -#define LN_sha384WithRSAEncryption "sha384WithRSAEncryption" -#define NID_sha384WithRSAEncryption 669 -#define OBJ_sha384WithRSAEncryption OBJ_pkcs1,12L - -#define SN_sha512WithRSAEncryption "RSA-SHA512" -#define LN_sha512WithRSAEncryption "sha512WithRSAEncryption" -#define NID_sha512WithRSAEncryption 670 -#define OBJ_sha512WithRSAEncryption OBJ_pkcs1,13L - -#define SN_sha224WithRSAEncryption "RSA-SHA224" -#define LN_sha224WithRSAEncryption "sha224WithRSAEncryption" -#define NID_sha224WithRSAEncryption 671 -#define OBJ_sha224WithRSAEncryption OBJ_pkcs1,14L - -#define SN_pkcs3 "pkcs3" -#define NID_pkcs3 27 -#define OBJ_pkcs3 OBJ_pkcs,3L - -#define LN_dhKeyAgreement "dhKeyAgreement" -#define NID_dhKeyAgreement 28 -#define OBJ_dhKeyAgreement OBJ_pkcs3,1L - -#define SN_pkcs5 "pkcs5" -#define NID_pkcs5 187 -#define OBJ_pkcs5 OBJ_pkcs,5L - -#define SN_pbeWithMD2AndDES_CBC "PBE-MD2-DES" -#define LN_pbeWithMD2AndDES_CBC "pbeWithMD2AndDES-CBC" -#define NID_pbeWithMD2AndDES_CBC 9 -#define OBJ_pbeWithMD2AndDES_CBC OBJ_pkcs5,1L - -#define SN_pbeWithMD5AndDES_CBC "PBE-MD5-DES" -#define LN_pbeWithMD5AndDES_CBC "pbeWithMD5AndDES-CBC" -#define NID_pbeWithMD5AndDES_CBC 10 -#define OBJ_pbeWithMD5AndDES_CBC OBJ_pkcs5,3L - -#define SN_pbeWithMD2AndRC2_CBC "PBE-MD2-RC2-64" -#define LN_pbeWithMD2AndRC2_CBC "pbeWithMD2AndRC2-CBC" -#define NID_pbeWithMD2AndRC2_CBC 168 -#define OBJ_pbeWithMD2AndRC2_CBC OBJ_pkcs5,4L - -#define SN_pbeWithMD5AndRC2_CBC "PBE-MD5-RC2-64" -#define LN_pbeWithMD5AndRC2_CBC "pbeWithMD5AndRC2-CBC" -#define NID_pbeWithMD5AndRC2_CBC 169 -#define OBJ_pbeWithMD5AndRC2_CBC OBJ_pkcs5,6L - -#define SN_pbeWithSHA1AndDES_CBC "PBE-SHA1-DES" -#define LN_pbeWithSHA1AndDES_CBC "pbeWithSHA1AndDES-CBC" -#define NID_pbeWithSHA1AndDES_CBC 170 -#define OBJ_pbeWithSHA1AndDES_CBC OBJ_pkcs5,10L - -#define SN_pbeWithSHA1AndRC2_CBC "PBE-SHA1-RC2-64" -#define LN_pbeWithSHA1AndRC2_CBC "pbeWithSHA1AndRC2-CBC" -#define NID_pbeWithSHA1AndRC2_CBC 68 -#define OBJ_pbeWithSHA1AndRC2_CBC OBJ_pkcs5,11L - -#define LN_id_pbkdf2 "PBKDF2" -#define NID_id_pbkdf2 69 -#define OBJ_id_pbkdf2 OBJ_pkcs5,12L - -#define LN_pbes2 "PBES2" -#define NID_pbes2 161 -#define OBJ_pbes2 OBJ_pkcs5,13L - -#define LN_pbmac1 "PBMAC1" -#define NID_pbmac1 162 -#define OBJ_pbmac1 OBJ_pkcs5,14L - -#define SN_pkcs7 "pkcs7" -#define NID_pkcs7 20 -#define OBJ_pkcs7 OBJ_pkcs,7L - -#define LN_pkcs7_data "pkcs7-data" -#define NID_pkcs7_data 21 -#define OBJ_pkcs7_data OBJ_pkcs7,1L - -#define LN_pkcs7_signed "pkcs7-signedData" -#define NID_pkcs7_signed 22 -#define OBJ_pkcs7_signed OBJ_pkcs7,2L - -#define LN_pkcs7_enveloped "pkcs7-envelopedData" -#define NID_pkcs7_enveloped 23 -#define OBJ_pkcs7_enveloped OBJ_pkcs7,3L - -#define LN_pkcs7_signedAndEnveloped "pkcs7-signedAndEnvelopedData" -#define NID_pkcs7_signedAndEnveloped 24 -#define OBJ_pkcs7_signedAndEnveloped OBJ_pkcs7,4L - -#define LN_pkcs7_digest "pkcs7-digestData" -#define NID_pkcs7_digest 25 -#define OBJ_pkcs7_digest OBJ_pkcs7,5L - -#define LN_pkcs7_encrypted "pkcs7-encryptedData" -#define NID_pkcs7_encrypted 26 -#define OBJ_pkcs7_encrypted OBJ_pkcs7,6L - -#define SN_pkcs9 "pkcs9" -#define NID_pkcs9 47 -#define OBJ_pkcs9 OBJ_pkcs,9L - -#define LN_pkcs9_emailAddress "emailAddress" -#define NID_pkcs9_emailAddress 48 -#define OBJ_pkcs9_emailAddress OBJ_pkcs9,1L - -#define LN_pkcs9_unstructuredName "unstructuredName" -#define NID_pkcs9_unstructuredName 49 -#define OBJ_pkcs9_unstructuredName OBJ_pkcs9,2L - -#define LN_pkcs9_contentType "contentType" -#define NID_pkcs9_contentType 50 -#define OBJ_pkcs9_contentType OBJ_pkcs9,3L - -#define LN_pkcs9_messageDigest "messageDigest" -#define NID_pkcs9_messageDigest 51 -#define OBJ_pkcs9_messageDigest OBJ_pkcs9,4L - -#define LN_pkcs9_signingTime "signingTime" -#define NID_pkcs9_signingTime 52 -#define OBJ_pkcs9_signingTime OBJ_pkcs9,5L - -#define LN_pkcs9_countersignature "countersignature" -#define NID_pkcs9_countersignature 53 -#define OBJ_pkcs9_countersignature OBJ_pkcs9,6L - -#define LN_pkcs9_challengePassword "challengePassword" -#define NID_pkcs9_challengePassword 54 -#define OBJ_pkcs9_challengePassword OBJ_pkcs9,7L - -#define LN_pkcs9_unstructuredAddress "unstructuredAddress" -#define NID_pkcs9_unstructuredAddress 55 -#define OBJ_pkcs9_unstructuredAddress OBJ_pkcs9,8L - -#define LN_pkcs9_extCertAttributes "extendedCertificateAttributes" -#define NID_pkcs9_extCertAttributes 56 -#define OBJ_pkcs9_extCertAttributes OBJ_pkcs9,9L - -#define SN_ext_req "extReq" -#define LN_ext_req "Extension Request" -#define NID_ext_req 172 -#define OBJ_ext_req OBJ_pkcs9,14L - -#define SN_SMIMECapabilities "SMIME-CAPS" -#define LN_SMIMECapabilities "S/MIME Capabilities" -#define NID_SMIMECapabilities 167 -#define OBJ_SMIMECapabilities OBJ_pkcs9,15L - -#define SN_SMIME "SMIME" -#define LN_SMIME "S/MIME" -#define NID_SMIME 188 -#define OBJ_SMIME OBJ_pkcs9,16L - -#define SN_id_smime_mod "id-smime-mod" -#define NID_id_smime_mod 189 -#define OBJ_id_smime_mod OBJ_SMIME,0L - -#define SN_id_smime_ct "id-smime-ct" -#define NID_id_smime_ct 190 -#define OBJ_id_smime_ct OBJ_SMIME,1L - -#define SN_id_smime_aa "id-smime-aa" -#define NID_id_smime_aa 191 -#define OBJ_id_smime_aa OBJ_SMIME,2L - -#define SN_id_smime_alg "id-smime-alg" -#define NID_id_smime_alg 192 -#define OBJ_id_smime_alg OBJ_SMIME,3L - -#define SN_id_smime_cd "id-smime-cd" -#define NID_id_smime_cd 193 -#define OBJ_id_smime_cd OBJ_SMIME,4L - -#define SN_id_smime_spq "id-smime-spq" -#define NID_id_smime_spq 194 -#define OBJ_id_smime_spq OBJ_SMIME,5L - -#define SN_id_smime_cti "id-smime-cti" -#define NID_id_smime_cti 195 -#define OBJ_id_smime_cti OBJ_SMIME,6L - -#define SN_id_smime_mod_cms "id-smime-mod-cms" -#define NID_id_smime_mod_cms 196 -#define OBJ_id_smime_mod_cms OBJ_id_smime_mod,1L - -#define SN_id_smime_mod_ess "id-smime-mod-ess" -#define NID_id_smime_mod_ess 197 -#define OBJ_id_smime_mod_ess OBJ_id_smime_mod,2L - -#define SN_id_smime_mod_oid "id-smime-mod-oid" -#define NID_id_smime_mod_oid 198 -#define OBJ_id_smime_mod_oid OBJ_id_smime_mod,3L - -#define SN_id_smime_mod_msg_v3 "id-smime-mod-msg-v3" -#define NID_id_smime_mod_msg_v3 199 -#define OBJ_id_smime_mod_msg_v3 OBJ_id_smime_mod,4L - -#define SN_id_smime_mod_ets_eSignature_88 "id-smime-mod-ets-eSignature-88" -#define NID_id_smime_mod_ets_eSignature_88 200 -#define OBJ_id_smime_mod_ets_eSignature_88 OBJ_id_smime_mod,5L - -#define SN_id_smime_mod_ets_eSignature_97 "id-smime-mod-ets-eSignature-97" -#define NID_id_smime_mod_ets_eSignature_97 201 -#define OBJ_id_smime_mod_ets_eSignature_97 OBJ_id_smime_mod,6L - -#define SN_id_smime_mod_ets_eSigPolicy_88 "id-smime-mod-ets-eSigPolicy-88" -#define NID_id_smime_mod_ets_eSigPolicy_88 202 -#define OBJ_id_smime_mod_ets_eSigPolicy_88 OBJ_id_smime_mod,7L - -#define SN_id_smime_mod_ets_eSigPolicy_97 "id-smime-mod-ets-eSigPolicy-97" -#define NID_id_smime_mod_ets_eSigPolicy_97 203 -#define OBJ_id_smime_mod_ets_eSigPolicy_97 OBJ_id_smime_mod,8L - -#define SN_id_smime_ct_receipt "id-smime-ct-receipt" -#define NID_id_smime_ct_receipt 204 -#define OBJ_id_smime_ct_receipt OBJ_id_smime_ct,1L - -#define SN_id_smime_ct_authData "id-smime-ct-authData" -#define NID_id_smime_ct_authData 205 -#define OBJ_id_smime_ct_authData OBJ_id_smime_ct,2L - -#define SN_id_smime_ct_publishCert "id-smime-ct-publishCert" -#define NID_id_smime_ct_publishCert 206 -#define OBJ_id_smime_ct_publishCert OBJ_id_smime_ct,3L - -#define SN_id_smime_ct_TSTInfo "id-smime-ct-TSTInfo" -#define NID_id_smime_ct_TSTInfo 207 -#define OBJ_id_smime_ct_TSTInfo OBJ_id_smime_ct,4L - -#define SN_id_smime_ct_TDTInfo "id-smime-ct-TDTInfo" -#define NID_id_smime_ct_TDTInfo 208 -#define OBJ_id_smime_ct_TDTInfo OBJ_id_smime_ct,5L - -#define SN_id_smime_ct_contentInfo "id-smime-ct-contentInfo" -#define NID_id_smime_ct_contentInfo 209 -#define OBJ_id_smime_ct_contentInfo OBJ_id_smime_ct,6L - -#define SN_id_smime_ct_DVCSRequestData "id-smime-ct-DVCSRequestData" -#define NID_id_smime_ct_DVCSRequestData 210 -#define OBJ_id_smime_ct_DVCSRequestData OBJ_id_smime_ct,7L - -#define SN_id_smime_ct_DVCSResponseData "id-smime-ct-DVCSResponseData" -#define NID_id_smime_ct_DVCSResponseData 211 -#define OBJ_id_smime_ct_DVCSResponseData OBJ_id_smime_ct,8L - -#define SN_id_smime_ct_compressedData "id-smime-ct-compressedData" -#define NID_id_smime_ct_compressedData 786 -#define OBJ_id_smime_ct_compressedData OBJ_id_smime_ct,9L - -#define SN_id_ct_asciiTextWithCRLF "id-ct-asciiTextWithCRLF" -#define NID_id_ct_asciiTextWithCRLF 787 -#define OBJ_id_ct_asciiTextWithCRLF OBJ_id_smime_ct,27L - -#define SN_id_smime_aa_receiptRequest "id-smime-aa-receiptRequest" -#define NID_id_smime_aa_receiptRequest 212 -#define OBJ_id_smime_aa_receiptRequest OBJ_id_smime_aa,1L - -#define SN_id_smime_aa_securityLabel "id-smime-aa-securityLabel" -#define NID_id_smime_aa_securityLabel 213 -#define OBJ_id_smime_aa_securityLabel OBJ_id_smime_aa,2L - -#define SN_id_smime_aa_mlExpandHistory "id-smime-aa-mlExpandHistory" -#define NID_id_smime_aa_mlExpandHistory 214 -#define OBJ_id_smime_aa_mlExpandHistory OBJ_id_smime_aa,3L - -#define SN_id_smime_aa_contentHint "id-smime-aa-contentHint" -#define NID_id_smime_aa_contentHint 215 -#define OBJ_id_smime_aa_contentHint OBJ_id_smime_aa,4L - -#define SN_id_smime_aa_msgSigDigest "id-smime-aa-msgSigDigest" -#define NID_id_smime_aa_msgSigDigest 216 -#define OBJ_id_smime_aa_msgSigDigest OBJ_id_smime_aa,5L - -#define SN_id_smime_aa_encapContentType "id-smime-aa-encapContentType" -#define NID_id_smime_aa_encapContentType 217 -#define OBJ_id_smime_aa_encapContentType OBJ_id_smime_aa,6L - -#define SN_id_smime_aa_contentIdentifier "id-smime-aa-contentIdentifier" -#define NID_id_smime_aa_contentIdentifier 218 -#define OBJ_id_smime_aa_contentIdentifier OBJ_id_smime_aa,7L - -#define SN_id_smime_aa_macValue "id-smime-aa-macValue" -#define NID_id_smime_aa_macValue 219 -#define OBJ_id_smime_aa_macValue OBJ_id_smime_aa,8L - -#define SN_id_smime_aa_equivalentLabels "id-smime-aa-equivalentLabels" -#define NID_id_smime_aa_equivalentLabels 220 -#define OBJ_id_smime_aa_equivalentLabels OBJ_id_smime_aa,9L - -#define SN_id_smime_aa_contentReference "id-smime-aa-contentReference" -#define NID_id_smime_aa_contentReference 221 -#define OBJ_id_smime_aa_contentReference OBJ_id_smime_aa,10L - -#define SN_id_smime_aa_encrypKeyPref "id-smime-aa-encrypKeyPref" -#define NID_id_smime_aa_encrypKeyPref 222 -#define OBJ_id_smime_aa_encrypKeyPref OBJ_id_smime_aa,11L - -#define SN_id_smime_aa_signingCertificate "id-smime-aa-signingCertificate" -#define NID_id_smime_aa_signingCertificate 223 -#define OBJ_id_smime_aa_signingCertificate OBJ_id_smime_aa,12L - -#define SN_id_smime_aa_smimeEncryptCerts "id-smime-aa-smimeEncryptCerts" -#define NID_id_smime_aa_smimeEncryptCerts 224 -#define OBJ_id_smime_aa_smimeEncryptCerts OBJ_id_smime_aa,13L - -#define SN_id_smime_aa_timeStampToken "id-smime-aa-timeStampToken" -#define NID_id_smime_aa_timeStampToken 225 -#define OBJ_id_smime_aa_timeStampToken OBJ_id_smime_aa,14L - -#define SN_id_smime_aa_ets_sigPolicyId "id-smime-aa-ets-sigPolicyId" -#define NID_id_smime_aa_ets_sigPolicyId 226 -#define OBJ_id_smime_aa_ets_sigPolicyId OBJ_id_smime_aa,15L - -#define SN_id_smime_aa_ets_commitmentType "id-smime-aa-ets-commitmentType" -#define NID_id_smime_aa_ets_commitmentType 227 -#define OBJ_id_smime_aa_ets_commitmentType OBJ_id_smime_aa,16L - -#define SN_id_smime_aa_ets_signerLocation "id-smime-aa-ets-signerLocation" -#define NID_id_smime_aa_ets_signerLocation 228 -#define OBJ_id_smime_aa_ets_signerLocation OBJ_id_smime_aa,17L - -#define SN_id_smime_aa_ets_signerAttr "id-smime-aa-ets-signerAttr" -#define NID_id_smime_aa_ets_signerAttr 229 -#define OBJ_id_smime_aa_ets_signerAttr OBJ_id_smime_aa,18L - -#define SN_id_smime_aa_ets_otherSigCert "id-smime-aa-ets-otherSigCert" -#define NID_id_smime_aa_ets_otherSigCert 230 -#define OBJ_id_smime_aa_ets_otherSigCert OBJ_id_smime_aa,19L - -#define SN_id_smime_aa_ets_contentTimestamp "id-smime-aa-ets-contentTimestamp" -#define NID_id_smime_aa_ets_contentTimestamp 231 -#define OBJ_id_smime_aa_ets_contentTimestamp OBJ_id_smime_aa,20L - -#define SN_id_smime_aa_ets_CertificateRefs "id-smime-aa-ets-CertificateRefs" -#define NID_id_smime_aa_ets_CertificateRefs 232 -#define OBJ_id_smime_aa_ets_CertificateRefs OBJ_id_smime_aa,21L - -#define SN_id_smime_aa_ets_RevocationRefs "id-smime-aa-ets-RevocationRefs" -#define NID_id_smime_aa_ets_RevocationRefs 233 -#define OBJ_id_smime_aa_ets_RevocationRefs OBJ_id_smime_aa,22L - -#define SN_id_smime_aa_ets_certValues "id-smime-aa-ets-certValues" -#define NID_id_smime_aa_ets_certValues 234 -#define OBJ_id_smime_aa_ets_certValues OBJ_id_smime_aa,23L - -#define SN_id_smime_aa_ets_revocationValues "id-smime-aa-ets-revocationValues" -#define NID_id_smime_aa_ets_revocationValues 235 -#define OBJ_id_smime_aa_ets_revocationValues OBJ_id_smime_aa,24L - -#define SN_id_smime_aa_ets_escTimeStamp "id-smime-aa-ets-escTimeStamp" -#define NID_id_smime_aa_ets_escTimeStamp 236 -#define OBJ_id_smime_aa_ets_escTimeStamp OBJ_id_smime_aa,25L - -#define SN_id_smime_aa_ets_certCRLTimestamp "id-smime-aa-ets-certCRLTimestamp" -#define NID_id_smime_aa_ets_certCRLTimestamp 237 -#define OBJ_id_smime_aa_ets_certCRLTimestamp OBJ_id_smime_aa,26L - -#define SN_id_smime_aa_ets_archiveTimeStamp "id-smime-aa-ets-archiveTimeStamp" -#define NID_id_smime_aa_ets_archiveTimeStamp 238 -#define OBJ_id_smime_aa_ets_archiveTimeStamp OBJ_id_smime_aa,27L - -#define SN_id_smime_aa_signatureType "id-smime-aa-signatureType" -#define NID_id_smime_aa_signatureType 239 -#define OBJ_id_smime_aa_signatureType OBJ_id_smime_aa,28L - -#define SN_id_smime_aa_dvcs_dvc "id-smime-aa-dvcs-dvc" -#define NID_id_smime_aa_dvcs_dvc 240 -#define OBJ_id_smime_aa_dvcs_dvc OBJ_id_smime_aa,29L - -#define SN_id_smime_alg_ESDHwith3DES "id-smime-alg-ESDHwith3DES" -#define NID_id_smime_alg_ESDHwith3DES 241 -#define OBJ_id_smime_alg_ESDHwith3DES OBJ_id_smime_alg,1L - -#define SN_id_smime_alg_ESDHwithRC2 "id-smime-alg-ESDHwithRC2" -#define NID_id_smime_alg_ESDHwithRC2 242 -#define OBJ_id_smime_alg_ESDHwithRC2 OBJ_id_smime_alg,2L - -#define SN_id_smime_alg_3DESwrap "id-smime-alg-3DESwrap" -#define NID_id_smime_alg_3DESwrap 243 -#define OBJ_id_smime_alg_3DESwrap OBJ_id_smime_alg,3L - -#define SN_id_smime_alg_RC2wrap "id-smime-alg-RC2wrap" -#define NID_id_smime_alg_RC2wrap 244 -#define OBJ_id_smime_alg_RC2wrap OBJ_id_smime_alg,4L - -#define SN_id_smime_alg_ESDH "id-smime-alg-ESDH" -#define NID_id_smime_alg_ESDH 245 -#define OBJ_id_smime_alg_ESDH OBJ_id_smime_alg,5L - -#define SN_id_smime_alg_CMS3DESwrap "id-smime-alg-CMS3DESwrap" -#define NID_id_smime_alg_CMS3DESwrap 246 -#define OBJ_id_smime_alg_CMS3DESwrap OBJ_id_smime_alg,6L - -#define SN_id_smime_alg_CMSRC2wrap "id-smime-alg-CMSRC2wrap" -#define NID_id_smime_alg_CMSRC2wrap 247 -#define OBJ_id_smime_alg_CMSRC2wrap OBJ_id_smime_alg,7L - -#define SN_id_alg_PWRI_KEK "id-alg-PWRI-KEK" -#define NID_id_alg_PWRI_KEK 893 -#define OBJ_id_alg_PWRI_KEK OBJ_id_smime_alg,9L - -#define SN_id_smime_cd_ldap "id-smime-cd-ldap" -#define NID_id_smime_cd_ldap 248 -#define OBJ_id_smime_cd_ldap OBJ_id_smime_cd,1L - -#define SN_id_smime_spq_ets_sqt_uri "id-smime-spq-ets-sqt-uri" -#define NID_id_smime_spq_ets_sqt_uri 249 -#define OBJ_id_smime_spq_ets_sqt_uri OBJ_id_smime_spq,1L - -#define SN_id_smime_spq_ets_sqt_unotice "id-smime-spq-ets-sqt-unotice" -#define NID_id_smime_spq_ets_sqt_unotice 250 -#define OBJ_id_smime_spq_ets_sqt_unotice OBJ_id_smime_spq,2L - -#define SN_id_smime_cti_ets_proofOfOrigin "id-smime-cti-ets-proofOfOrigin" -#define NID_id_smime_cti_ets_proofOfOrigin 251 -#define OBJ_id_smime_cti_ets_proofOfOrigin OBJ_id_smime_cti,1L - -#define SN_id_smime_cti_ets_proofOfReceipt "id-smime-cti-ets-proofOfReceipt" -#define NID_id_smime_cti_ets_proofOfReceipt 252 -#define OBJ_id_smime_cti_ets_proofOfReceipt OBJ_id_smime_cti,2L - -#define SN_id_smime_cti_ets_proofOfDelivery "id-smime-cti-ets-proofOfDelivery" -#define NID_id_smime_cti_ets_proofOfDelivery 253 -#define OBJ_id_smime_cti_ets_proofOfDelivery OBJ_id_smime_cti,3L - -#define SN_id_smime_cti_ets_proofOfSender "id-smime-cti-ets-proofOfSender" -#define NID_id_smime_cti_ets_proofOfSender 254 -#define OBJ_id_smime_cti_ets_proofOfSender OBJ_id_smime_cti,4L - -#define SN_id_smime_cti_ets_proofOfApproval "id-smime-cti-ets-proofOfApproval" -#define NID_id_smime_cti_ets_proofOfApproval 255 -#define OBJ_id_smime_cti_ets_proofOfApproval OBJ_id_smime_cti,5L - -#define SN_id_smime_cti_ets_proofOfCreation "id-smime-cti-ets-proofOfCreation" -#define NID_id_smime_cti_ets_proofOfCreation 256 -#define OBJ_id_smime_cti_ets_proofOfCreation OBJ_id_smime_cti,6L - -#define LN_friendlyName "friendlyName" -#define NID_friendlyName 156 -#define OBJ_friendlyName OBJ_pkcs9,20L - -#define LN_localKeyID "localKeyID" -#define NID_localKeyID 157 -#define OBJ_localKeyID OBJ_pkcs9,21L - -#define SN_ms_csp_name "CSPName" -#define LN_ms_csp_name "Microsoft CSP Name" -#define NID_ms_csp_name 417 -#define OBJ_ms_csp_name 1L,3L,6L,1L,4L,1L,311L,17L,1L - -#define SN_LocalKeySet "LocalKeySet" -#define LN_LocalKeySet "Microsoft Local Key set" -#define NID_LocalKeySet 856 -#define OBJ_LocalKeySet 1L,3L,6L,1L,4L,1L,311L,17L,2L - -#define OBJ_certTypes OBJ_pkcs9,22L - -#define LN_x509Certificate "x509Certificate" -#define NID_x509Certificate 158 -#define OBJ_x509Certificate OBJ_certTypes,1L - -#define LN_sdsiCertificate "sdsiCertificate" -#define NID_sdsiCertificate 159 -#define OBJ_sdsiCertificate OBJ_certTypes,2L - -#define OBJ_crlTypes OBJ_pkcs9,23L - -#define LN_x509Crl "x509Crl" -#define NID_x509Crl 160 -#define OBJ_x509Crl OBJ_crlTypes,1L - -#define OBJ_pkcs12 OBJ_pkcs,12L - -#define OBJ_pkcs12_pbeids OBJ_pkcs12,1L - -#define SN_pbe_WithSHA1And128BitRC4 "PBE-SHA1-RC4-128" -#define LN_pbe_WithSHA1And128BitRC4 "pbeWithSHA1And128BitRC4" -#define NID_pbe_WithSHA1And128BitRC4 144 -#define OBJ_pbe_WithSHA1And128BitRC4 OBJ_pkcs12_pbeids,1L - -#define SN_pbe_WithSHA1And40BitRC4 "PBE-SHA1-RC4-40" -#define LN_pbe_WithSHA1And40BitRC4 "pbeWithSHA1And40BitRC4" -#define NID_pbe_WithSHA1And40BitRC4 145 -#define OBJ_pbe_WithSHA1And40BitRC4 OBJ_pkcs12_pbeids,2L - -#define SN_pbe_WithSHA1And3_Key_TripleDES_CBC "PBE-SHA1-3DES" -#define LN_pbe_WithSHA1And3_Key_TripleDES_CBC "pbeWithSHA1And3-KeyTripleDES-CBC" -#define NID_pbe_WithSHA1And3_Key_TripleDES_CBC 146 -#define OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC OBJ_pkcs12_pbeids,3L - -#define SN_pbe_WithSHA1And2_Key_TripleDES_CBC "PBE-SHA1-2DES" -#define LN_pbe_WithSHA1And2_Key_TripleDES_CBC "pbeWithSHA1And2-KeyTripleDES-CBC" -#define NID_pbe_WithSHA1And2_Key_TripleDES_CBC 147 -#define OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC OBJ_pkcs12_pbeids,4L - -#define SN_pbe_WithSHA1And128BitRC2_CBC "PBE-SHA1-RC2-128" -#define LN_pbe_WithSHA1And128BitRC2_CBC "pbeWithSHA1And128BitRC2-CBC" -#define NID_pbe_WithSHA1And128BitRC2_CBC 148 -#define OBJ_pbe_WithSHA1And128BitRC2_CBC OBJ_pkcs12_pbeids,5L - -#define SN_pbe_WithSHA1And40BitRC2_CBC "PBE-SHA1-RC2-40" -#define LN_pbe_WithSHA1And40BitRC2_CBC "pbeWithSHA1And40BitRC2-CBC" -#define NID_pbe_WithSHA1And40BitRC2_CBC 149 -#define OBJ_pbe_WithSHA1And40BitRC2_CBC OBJ_pkcs12_pbeids,6L - -#define OBJ_pkcs12_Version1 OBJ_pkcs12,10L - -#define OBJ_pkcs12_BagIds OBJ_pkcs12_Version1,1L - -#define LN_keyBag "keyBag" -#define NID_keyBag 150 -#define OBJ_keyBag OBJ_pkcs12_BagIds,1L - -#define LN_pkcs8ShroudedKeyBag "pkcs8ShroudedKeyBag" -#define NID_pkcs8ShroudedKeyBag 151 -#define OBJ_pkcs8ShroudedKeyBag OBJ_pkcs12_BagIds,2L - -#define LN_certBag "certBag" -#define NID_certBag 152 -#define OBJ_certBag OBJ_pkcs12_BagIds,3L - -#define LN_crlBag "crlBag" -#define NID_crlBag 153 -#define OBJ_crlBag OBJ_pkcs12_BagIds,4L - -#define LN_secretBag "secretBag" -#define NID_secretBag 154 -#define OBJ_secretBag OBJ_pkcs12_BagIds,5L - -#define LN_safeContentsBag "safeContentsBag" -#define NID_safeContentsBag 155 -#define OBJ_safeContentsBag OBJ_pkcs12_BagIds,6L - -#define SN_md2 "MD2" -#define LN_md2 "md2" -#define NID_md2 3 -#define OBJ_md2 OBJ_rsadsi,2L,2L - -#define SN_md4 "MD4" -#define LN_md4 "md4" -#define NID_md4 257 -#define OBJ_md4 OBJ_rsadsi,2L,4L - -#define SN_md5 "MD5" -#define LN_md5 "md5" -#define NID_md5 4 -#define OBJ_md5 OBJ_rsadsi,2L,5L - -#define SN_md5_sha1 "MD5-SHA1" -#define LN_md5_sha1 "md5-sha1" -#define NID_md5_sha1 114 - -#define LN_hmacWithMD5 "hmacWithMD5" -#define NID_hmacWithMD5 797 -#define OBJ_hmacWithMD5 OBJ_rsadsi,2L,6L - -#define LN_hmacWithSHA1 "hmacWithSHA1" -#define NID_hmacWithSHA1 163 -#define OBJ_hmacWithSHA1 OBJ_rsadsi,2L,7L - -#define LN_hmacWithSHA224 "hmacWithSHA224" -#define NID_hmacWithSHA224 798 -#define OBJ_hmacWithSHA224 OBJ_rsadsi,2L,8L - -#define LN_hmacWithSHA256 "hmacWithSHA256" -#define NID_hmacWithSHA256 799 -#define OBJ_hmacWithSHA256 OBJ_rsadsi,2L,9L - -#define LN_hmacWithSHA384 "hmacWithSHA384" -#define NID_hmacWithSHA384 800 -#define OBJ_hmacWithSHA384 OBJ_rsadsi,2L,10L - -#define LN_hmacWithSHA512 "hmacWithSHA512" -#define NID_hmacWithSHA512 801 -#define OBJ_hmacWithSHA512 OBJ_rsadsi,2L,11L - -#define SN_rc2_cbc "RC2-CBC" -#define LN_rc2_cbc "rc2-cbc" -#define NID_rc2_cbc 37 -#define OBJ_rc2_cbc OBJ_rsadsi,3L,2L - -#define SN_rc2_ecb "RC2-ECB" -#define LN_rc2_ecb "rc2-ecb" -#define NID_rc2_ecb 38 - -#define SN_rc2_cfb64 "RC2-CFB" -#define LN_rc2_cfb64 "rc2-cfb" -#define NID_rc2_cfb64 39 - -#define SN_rc2_ofb64 "RC2-OFB" -#define LN_rc2_ofb64 "rc2-ofb" -#define NID_rc2_ofb64 40 - -#define SN_rc2_40_cbc "RC2-40-CBC" -#define LN_rc2_40_cbc "rc2-40-cbc" -#define NID_rc2_40_cbc 98 - -#define SN_rc2_64_cbc "RC2-64-CBC" -#define LN_rc2_64_cbc "rc2-64-cbc" -#define NID_rc2_64_cbc 166 - -#define SN_rc4 "RC4" -#define LN_rc4 "rc4" -#define NID_rc4 5 -#define OBJ_rc4 OBJ_rsadsi,3L,4L - -#define SN_rc4_40 "RC4-40" -#define LN_rc4_40 "rc4-40" -#define NID_rc4_40 97 - -#define SN_des_ede3_cbc "DES-EDE3-CBC" -#define LN_des_ede3_cbc "des-ede3-cbc" -#define NID_des_ede3_cbc 44 -#define OBJ_des_ede3_cbc OBJ_rsadsi,3L,7L - -#define SN_rc5_cbc "RC5-CBC" -#define LN_rc5_cbc "rc5-cbc" -#define NID_rc5_cbc 120 -#define OBJ_rc5_cbc OBJ_rsadsi,3L,8L - -#define SN_rc5_ecb "RC5-ECB" -#define LN_rc5_ecb "rc5-ecb" -#define NID_rc5_ecb 121 - -#define SN_rc5_cfb64 "RC5-CFB" -#define LN_rc5_cfb64 "rc5-cfb" -#define NID_rc5_cfb64 122 - -#define SN_rc5_ofb64 "RC5-OFB" -#define LN_rc5_ofb64 "rc5-ofb" -#define NID_rc5_ofb64 123 - -#define SN_ms_ext_req "msExtReq" -#define LN_ms_ext_req "Microsoft Extension Request" -#define NID_ms_ext_req 171 -#define OBJ_ms_ext_req 1L,3L,6L,1L,4L,1L,311L,2L,1L,14L - -#define SN_ms_code_ind "msCodeInd" -#define LN_ms_code_ind "Microsoft Individual Code Signing" -#define NID_ms_code_ind 134 -#define OBJ_ms_code_ind 1L,3L,6L,1L,4L,1L,311L,2L,1L,21L - -#define SN_ms_code_com "msCodeCom" -#define LN_ms_code_com "Microsoft Commercial Code Signing" -#define NID_ms_code_com 135 -#define OBJ_ms_code_com 1L,3L,6L,1L,4L,1L,311L,2L,1L,22L - -#define SN_ms_ctl_sign "msCTLSign" -#define LN_ms_ctl_sign "Microsoft Trust List Signing" -#define NID_ms_ctl_sign 136 -#define OBJ_ms_ctl_sign 1L,3L,6L,1L,4L,1L,311L,10L,3L,1L - -#define SN_ms_sgc "msSGC" -#define LN_ms_sgc "Microsoft Server Gated Crypto" -#define NID_ms_sgc 137 -#define OBJ_ms_sgc 1L,3L,6L,1L,4L,1L,311L,10L,3L,3L - -#define SN_ms_efs "msEFS" -#define LN_ms_efs "Microsoft Encrypted File System" -#define NID_ms_efs 138 -#define OBJ_ms_efs 1L,3L,6L,1L,4L,1L,311L,10L,3L,4L - -#define SN_ms_smartcard_login "msSmartcardLogin" -#define LN_ms_smartcard_login "Microsoft Smartcardlogin" -#define NID_ms_smartcard_login 648 -#define OBJ_ms_smartcard_login 1L,3L,6L,1L,4L,1L,311L,20L,2L,2L - -#define SN_ms_upn "msUPN" -#define LN_ms_upn "Microsoft Universal Principal Name" -#define NID_ms_upn 649 -#define OBJ_ms_upn 1L,3L,6L,1L,4L,1L,311L,20L,2L,3L - -#define SN_idea_cbc "IDEA-CBC" -#define LN_idea_cbc "idea-cbc" -#define NID_idea_cbc 34 -#define OBJ_idea_cbc 1L,3L,6L,1L,4L,1L,188L,7L,1L,1L,2L - -#define SN_idea_ecb "IDEA-ECB" -#define LN_idea_ecb "idea-ecb" -#define NID_idea_ecb 36 - -#define SN_idea_cfb64 "IDEA-CFB" -#define LN_idea_cfb64 "idea-cfb" -#define NID_idea_cfb64 35 - -#define SN_idea_ofb64 "IDEA-OFB" -#define LN_idea_ofb64 "idea-ofb" -#define NID_idea_ofb64 46 - -#define SN_bf_cbc "BF-CBC" -#define LN_bf_cbc "bf-cbc" -#define NID_bf_cbc 91 -#define OBJ_bf_cbc 1L,3L,6L,1L,4L,1L,3029L,1L,2L - -#define SN_bf_ecb "BF-ECB" -#define LN_bf_ecb "bf-ecb" -#define NID_bf_ecb 92 - -#define SN_bf_cfb64 "BF-CFB" -#define LN_bf_cfb64 "bf-cfb" -#define NID_bf_cfb64 93 - -#define SN_bf_ofb64 "BF-OFB" -#define LN_bf_ofb64 "bf-ofb" -#define NID_bf_ofb64 94 - -#define SN_id_pkix "PKIX" -#define NID_id_pkix 127 -#define OBJ_id_pkix 1L,3L,6L,1L,5L,5L,7L - -#define SN_id_pkix_mod "id-pkix-mod" -#define NID_id_pkix_mod 258 -#define OBJ_id_pkix_mod OBJ_id_pkix,0L - -#define SN_id_pe "id-pe" -#define NID_id_pe 175 -#define OBJ_id_pe OBJ_id_pkix,1L - -#define SN_id_qt "id-qt" -#define NID_id_qt 259 -#define OBJ_id_qt OBJ_id_pkix,2L - -#define SN_id_kp "id-kp" -#define NID_id_kp 128 -#define OBJ_id_kp OBJ_id_pkix,3L - -#define SN_id_it "id-it" -#define NID_id_it 260 -#define OBJ_id_it OBJ_id_pkix,4L - -#define SN_id_pkip "id-pkip" -#define NID_id_pkip 261 -#define OBJ_id_pkip OBJ_id_pkix,5L - -#define SN_id_alg "id-alg" -#define NID_id_alg 262 -#define OBJ_id_alg OBJ_id_pkix,6L - -#define SN_id_cmc "id-cmc" -#define NID_id_cmc 263 -#define OBJ_id_cmc OBJ_id_pkix,7L - -#define SN_id_on "id-on" -#define NID_id_on 264 -#define OBJ_id_on OBJ_id_pkix,8L - -#define SN_id_pda "id-pda" -#define NID_id_pda 265 -#define OBJ_id_pda OBJ_id_pkix,9L - -#define SN_id_aca "id-aca" -#define NID_id_aca 266 -#define OBJ_id_aca OBJ_id_pkix,10L - -#define SN_id_qcs "id-qcs" -#define NID_id_qcs 267 -#define OBJ_id_qcs OBJ_id_pkix,11L - -#define SN_id_cct "id-cct" -#define NID_id_cct 268 -#define OBJ_id_cct OBJ_id_pkix,12L - -#define SN_id_ppl "id-ppl" -#define NID_id_ppl 662 -#define OBJ_id_ppl OBJ_id_pkix,21L - -#define SN_id_ad "id-ad" -#define NID_id_ad 176 -#define OBJ_id_ad OBJ_id_pkix,48L - -#define SN_id_pkix1_explicit_88 "id-pkix1-explicit-88" -#define NID_id_pkix1_explicit_88 269 -#define OBJ_id_pkix1_explicit_88 OBJ_id_pkix_mod,1L - -#define SN_id_pkix1_implicit_88 "id-pkix1-implicit-88" -#define NID_id_pkix1_implicit_88 270 -#define OBJ_id_pkix1_implicit_88 OBJ_id_pkix_mod,2L - -#define SN_id_pkix1_explicit_93 "id-pkix1-explicit-93" -#define NID_id_pkix1_explicit_93 271 -#define OBJ_id_pkix1_explicit_93 OBJ_id_pkix_mod,3L - -#define SN_id_pkix1_implicit_93 "id-pkix1-implicit-93" -#define NID_id_pkix1_implicit_93 272 -#define OBJ_id_pkix1_implicit_93 OBJ_id_pkix_mod,4L - -#define SN_id_mod_crmf "id-mod-crmf" -#define NID_id_mod_crmf 273 -#define OBJ_id_mod_crmf OBJ_id_pkix_mod,5L - -#define SN_id_mod_cmc "id-mod-cmc" -#define NID_id_mod_cmc 274 -#define OBJ_id_mod_cmc OBJ_id_pkix_mod,6L - -#define SN_id_mod_kea_profile_88 "id-mod-kea-profile-88" -#define NID_id_mod_kea_profile_88 275 -#define OBJ_id_mod_kea_profile_88 OBJ_id_pkix_mod,7L - -#define SN_id_mod_kea_profile_93 "id-mod-kea-profile-93" -#define NID_id_mod_kea_profile_93 276 -#define OBJ_id_mod_kea_profile_93 OBJ_id_pkix_mod,8L - -#define SN_id_mod_cmp "id-mod-cmp" -#define NID_id_mod_cmp 277 -#define OBJ_id_mod_cmp OBJ_id_pkix_mod,9L - -#define SN_id_mod_qualified_cert_88 "id-mod-qualified-cert-88" -#define NID_id_mod_qualified_cert_88 278 -#define OBJ_id_mod_qualified_cert_88 OBJ_id_pkix_mod,10L - -#define SN_id_mod_qualified_cert_93 "id-mod-qualified-cert-93" -#define NID_id_mod_qualified_cert_93 279 -#define OBJ_id_mod_qualified_cert_93 OBJ_id_pkix_mod,11L - -#define SN_id_mod_attribute_cert "id-mod-attribute-cert" -#define NID_id_mod_attribute_cert 280 -#define OBJ_id_mod_attribute_cert OBJ_id_pkix_mod,12L - -#define SN_id_mod_timestamp_protocol "id-mod-timestamp-protocol" -#define NID_id_mod_timestamp_protocol 281 -#define OBJ_id_mod_timestamp_protocol OBJ_id_pkix_mod,13L - -#define SN_id_mod_ocsp "id-mod-ocsp" -#define NID_id_mod_ocsp 282 -#define OBJ_id_mod_ocsp OBJ_id_pkix_mod,14L - -#define SN_id_mod_dvcs "id-mod-dvcs" -#define NID_id_mod_dvcs 283 -#define OBJ_id_mod_dvcs OBJ_id_pkix_mod,15L - -#define SN_id_mod_cmp2000 "id-mod-cmp2000" -#define NID_id_mod_cmp2000 284 -#define OBJ_id_mod_cmp2000 OBJ_id_pkix_mod,16L - -#define SN_info_access "authorityInfoAccess" -#define LN_info_access "Authority Information Access" -#define NID_info_access 177 -#define OBJ_info_access OBJ_id_pe,1L - -#define SN_biometricInfo "biometricInfo" -#define LN_biometricInfo "Biometric Info" -#define NID_biometricInfo 285 -#define OBJ_biometricInfo OBJ_id_pe,2L - -#define SN_qcStatements "qcStatements" -#define NID_qcStatements 286 -#define OBJ_qcStatements OBJ_id_pe,3L - -#define SN_ac_auditEntity "ac-auditEntity" -#define NID_ac_auditEntity 287 -#define OBJ_ac_auditEntity OBJ_id_pe,4L - -#define SN_ac_targeting "ac-targeting" -#define NID_ac_targeting 288 -#define OBJ_ac_targeting OBJ_id_pe,5L - -#define SN_aaControls "aaControls" -#define NID_aaControls 289 -#define OBJ_aaControls OBJ_id_pe,6L - -#define SN_sbgp_ipAddrBlock "sbgp-ipAddrBlock" -#define NID_sbgp_ipAddrBlock 290 -#define OBJ_sbgp_ipAddrBlock OBJ_id_pe,7L - -#define SN_sbgp_autonomousSysNum "sbgp-autonomousSysNum" -#define NID_sbgp_autonomousSysNum 291 -#define OBJ_sbgp_autonomousSysNum OBJ_id_pe,8L - -#define SN_sbgp_routerIdentifier "sbgp-routerIdentifier" -#define NID_sbgp_routerIdentifier 292 -#define OBJ_sbgp_routerIdentifier OBJ_id_pe,9L - -#define SN_ac_proxying "ac-proxying" -#define NID_ac_proxying 397 -#define OBJ_ac_proxying OBJ_id_pe,10L - -#define SN_sinfo_access "subjectInfoAccess" -#define LN_sinfo_access "Subject Information Access" -#define NID_sinfo_access 398 -#define OBJ_sinfo_access OBJ_id_pe,11L - -#define SN_proxyCertInfo "proxyCertInfo" -#define LN_proxyCertInfo "Proxy Certificate Information" -#define NID_proxyCertInfo 663 -#define OBJ_proxyCertInfo OBJ_id_pe,14L - -#define SN_id_qt_cps "id-qt-cps" -#define LN_id_qt_cps "Policy Qualifier CPS" -#define NID_id_qt_cps 164 -#define OBJ_id_qt_cps OBJ_id_qt,1L - -#define SN_id_qt_unotice "id-qt-unotice" -#define LN_id_qt_unotice "Policy Qualifier User Notice" -#define NID_id_qt_unotice 165 -#define OBJ_id_qt_unotice OBJ_id_qt,2L - -#define SN_textNotice "textNotice" -#define NID_textNotice 293 -#define OBJ_textNotice OBJ_id_qt,3L - -#define SN_server_auth "serverAuth" -#define LN_server_auth "TLS Web Server Authentication" -#define NID_server_auth 129 -#define OBJ_server_auth OBJ_id_kp,1L - -#define SN_client_auth "clientAuth" -#define LN_client_auth "TLS Web Client Authentication" -#define NID_client_auth 130 -#define OBJ_client_auth OBJ_id_kp,2L - -#define SN_code_sign "codeSigning" -#define LN_code_sign "Code Signing" -#define NID_code_sign 131 -#define OBJ_code_sign OBJ_id_kp,3L - -#define SN_email_protect "emailProtection" -#define LN_email_protect "E-mail Protection" -#define NID_email_protect 132 -#define OBJ_email_protect OBJ_id_kp,4L - -#define SN_ipsecEndSystem "ipsecEndSystem" -#define LN_ipsecEndSystem "IPSec End System" -#define NID_ipsecEndSystem 294 -#define OBJ_ipsecEndSystem OBJ_id_kp,5L - -#define SN_ipsecTunnel "ipsecTunnel" -#define LN_ipsecTunnel "IPSec Tunnel" -#define NID_ipsecTunnel 295 -#define OBJ_ipsecTunnel OBJ_id_kp,6L - -#define SN_ipsecUser "ipsecUser" -#define LN_ipsecUser "IPSec User" -#define NID_ipsecUser 296 -#define OBJ_ipsecUser OBJ_id_kp,7L - -#define SN_time_stamp "timeStamping" -#define LN_time_stamp "Time Stamping" -#define NID_time_stamp 133 -#define OBJ_time_stamp OBJ_id_kp,8L - -#define SN_OCSP_sign "OCSPSigning" -#define LN_OCSP_sign "OCSP Signing" -#define NID_OCSP_sign 180 -#define OBJ_OCSP_sign OBJ_id_kp,9L - -#define SN_dvcs "DVCS" -#define LN_dvcs "dvcs" -#define NID_dvcs 297 -#define OBJ_dvcs OBJ_id_kp,10L - -#define SN_id_it_caProtEncCert "id-it-caProtEncCert" -#define NID_id_it_caProtEncCert 298 -#define OBJ_id_it_caProtEncCert OBJ_id_it,1L - -#define SN_id_it_signKeyPairTypes "id-it-signKeyPairTypes" -#define NID_id_it_signKeyPairTypes 299 -#define OBJ_id_it_signKeyPairTypes OBJ_id_it,2L - -#define SN_id_it_encKeyPairTypes "id-it-encKeyPairTypes" -#define NID_id_it_encKeyPairTypes 300 -#define OBJ_id_it_encKeyPairTypes OBJ_id_it,3L - -#define SN_id_it_preferredSymmAlg "id-it-preferredSymmAlg" -#define NID_id_it_preferredSymmAlg 301 -#define OBJ_id_it_preferredSymmAlg OBJ_id_it,4L - -#define SN_id_it_caKeyUpdateInfo "id-it-caKeyUpdateInfo" -#define NID_id_it_caKeyUpdateInfo 302 -#define OBJ_id_it_caKeyUpdateInfo OBJ_id_it,5L - -#define SN_id_it_currentCRL "id-it-currentCRL" -#define NID_id_it_currentCRL 303 -#define OBJ_id_it_currentCRL OBJ_id_it,6L - -#define SN_id_it_unsupportedOIDs "id-it-unsupportedOIDs" -#define NID_id_it_unsupportedOIDs 304 -#define OBJ_id_it_unsupportedOIDs OBJ_id_it,7L - -#define SN_id_it_subscriptionRequest "id-it-subscriptionRequest" -#define NID_id_it_subscriptionRequest 305 -#define OBJ_id_it_subscriptionRequest OBJ_id_it,8L - -#define SN_id_it_subscriptionResponse "id-it-subscriptionResponse" -#define NID_id_it_subscriptionResponse 306 -#define OBJ_id_it_subscriptionResponse OBJ_id_it,9L - -#define SN_id_it_keyPairParamReq "id-it-keyPairParamReq" -#define NID_id_it_keyPairParamReq 307 -#define OBJ_id_it_keyPairParamReq OBJ_id_it,10L - -#define SN_id_it_keyPairParamRep "id-it-keyPairParamRep" -#define NID_id_it_keyPairParamRep 308 -#define OBJ_id_it_keyPairParamRep OBJ_id_it,11L - -#define SN_id_it_revPassphrase "id-it-revPassphrase" -#define NID_id_it_revPassphrase 309 -#define OBJ_id_it_revPassphrase OBJ_id_it,12L - -#define SN_id_it_implicitConfirm "id-it-implicitConfirm" -#define NID_id_it_implicitConfirm 310 -#define OBJ_id_it_implicitConfirm OBJ_id_it,13L - -#define SN_id_it_confirmWaitTime "id-it-confirmWaitTime" -#define NID_id_it_confirmWaitTime 311 -#define OBJ_id_it_confirmWaitTime OBJ_id_it,14L - -#define SN_id_it_origPKIMessage "id-it-origPKIMessage" -#define NID_id_it_origPKIMessage 312 -#define OBJ_id_it_origPKIMessage OBJ_id_it,15L - -#define SN_id_it_suppLangTags "id-it-suppLangTags" -#define NID_id_it_suppLangTags 784 -#define OBJ_id_it_suppLangTags OBJ_id_it,16L - -#define SN_id_regCtrl "id-regCtrl" -#define NID_id_regCtrl 313 -#define OBJ_id_regCtrl OBJ_id_pkip,1L - -#define SN_id_regInfo "id-regInfo" -#define NID_id_regInfo 314 -#define OBJ_id_regInfo OBJ_id_pkip,2L - -#define SN_id_regCtrl_regToken "id-regCtrl-regToken" -#define NID_id_regCtrl_regToken 315 -#define OBJ_id_regCtrl_regToken OBJ_id_regCtrl,1L - -#define SN_id_regCtrl_authenticator "id-regCtrl-authenticator" -#define NID_id_regCtrl_authenticator 316 -#define OBJ_id_regCtrl_authenticator OBJ_id_regCtrl,2L - -#define SN_id_regCtrl_pkiPublicationInfo "id-regCtrl-pkiPublicationInfo" -#define NID_id_regCtrl_pkiPublicationInfo 317 -#define OBJ_id_regCtrl_pkiPublicationInfo OBJ_id_regCtrl,3L - -#define SN_id_regCtrl_pkiArchiveOptions "id-regCtrl-pkiArchiveOptions" -#define NID_id_regCtrl_pkiArchiveOptions 318 -#define OBJ_id_regCtrl_pkiArchiveOptions OBJ_id_regCtrl,4L - -#define SN_id_regCtrl_oldCertID "id-regCtrl-oldCertID" -#define NID_id_regCtrl_oldCertID 319 -#define OBJ_id_regCtrl_oldCertID OBJ_id_regCtrl,5L - -#define SN_id_regCtrl_protocolEncrKey "id-regCtrl-protocolEncrKey" -#define NID_id_regCtrl_protocolEncrKey 320 -#define OBJ_id_regCtrl_protocolEncrKey OBJ_id_regCtrl,6L - -#define SN_id_regInfo_utf8Pairs "id-regInfo-utf8Pairs" -#define NID_id_regInfo_utf8Pairs 321 -#define OBJ_id_regInfo_utf8Pairs OBJ_id_regInfo,1L - -#define SN_id_regInfo_certReq "id-regInfo-certReq" -#define NID_id_regInfo_certReq 322 -#define OBJ_id_regInfo_certReq OBJ_id_regInfo,2L - -#define SN_id_alg_des40 "id-alg-des40" -#define NID_id_alg_des40 323 -#define OBJ_id_alg_des40 OBJ_id_alg,1L - -#define SN_id_alg_noSignature "id-alg-noSignature" -#define NID_id_alg_noSignature 324 -#define OBJ_id_alg_noSignature OBJ_id_alg,2L - -#define SN_id_alg_dh_sig_hmac_sha1 "id-alg-dh-sig-hmac-sha1" -#define NID_id_alg_dh_sig_hmac_sha1 325 -#define OBJ_id_alg_dh_sig_hmac_sha1 OBJ_id_alg,3L - -#define SN_id_alg_dh_pop "id-alg-dh-pop" -#define NID_id_alg_dh_pop 326 -#define OBJ_id_alg_dh_pop OBJ_id_alg,4L - -#define SN_id_cmc_statusInfo "id-cmc-statusInfo" -#define NID_id_cmc_statusInfo 327 -#define OBJ_id_cmc_statusInfo OBJ_id_cmc,1L - -#define SN_id_cmc_identification "id-cmc-identification" -#define NID_id_cmc_identification 328 -#define OBJ_id_cmc_identification OBJ_id_cmc,2L - -#define SN_id_cmc_identityProof "id-cmc-identityProof" -#define NID_id_cmc_identityProof 329 -#define OBJ_id_cmc_identityProof OBJ_id_cmc,3L - -#define SN_id_cmc_dataReturn "id-cmc-dataReturn" -#define NID_id_cmc_dataReturn 330 -#define OBJ_id_cmc_dataReturn OBJ_id_cmc,4L - -#define SN_id_cmc_transactionId "id-cmc-transactionId" -#define NID_id_cmc_transactionId 331 -#define OBJ_id_cmc_transactionId OBJ_id_cmc,5L - -#define SN_id_cmc_senderNonce "id-cmc-senderNonce" -#define NID_id_cmc_senderNonce 332 -#define OBJ_id_cmc_senderNonce OBJ_id_cmc,6L - -#define SN_id_cmc_recipientNonce "id-cmc-recipientNonce" -#define NID_id_cmc_recipientNonce 333 -#define OBJ_id_cmc_recipientNonce OBJ_id_cmc,7L - -#define SN_id_cmc_addExtensions "id-cmc-addExtensions" -#define NID_id_cmc_addExtensions 334 -#define OBJ_id_cmc_addExtensions OBJ_id_cmc,8L - -#define SN_id_cmc_encryptedPOP "id-cmc-encryptedPOP" -#define NID_id_cmc_encryptedPOP 335 -#define OBJ_id_cmc_encryptedPOP OBJ_id_cmc,9L - -#define SN_id_cmc_decryptedPOP "id-cmc-decryptedPOP" -#define NID_id_cmc_decryptedPOP 336 -#define OBJ_id_cmc_decryptedPOP OBJ_id_cmc,10L - -#define SN_id_cmc_lraPOPWitness "id-cmc-lraPOPWitness" -#define NID_id_cmc_lraPOPWitness 337 -#define OBJ_id_cmc_lraPOPWitness OBJ_id_cmc,11L - -#define SN_id_cmc_getCert "id-cmc-getCert" -#define NID_id_cmc_getCert 338 -#define OBJ_id_cmc_getCert OBJ_id_cmc,15L - -#define SN_id_cmc_getCRL "id-cmc-getCRL" -#define NID_id_cmc_getCRL 339 -#define OBJ_id_cmc_getCRL OBJ_id_cmc,16L - -#define SN_id_cmc_revokeRequest "id-cmc-revokeRequest" -#define NID_id_cmc_revokeRequest 340 -#define OBJ_id_cmc_revokeRequest OBJ_id_cmc,17L - -#define SN_id_cmc_regInfo "id-cmc-regInfo" -#define NID_id_cmc_regInfo 341 -#define OBJ_id_cmc_regInfo OBJ_id_cmc,18L - -#define SN_id_cmc_responseInfo "id-cmc-responseInfo" -#define NID_id_cmc_responseInfo 342 -#define OBJ_id_cmc_responseInfo OBJ_id_cmc,19L - -#define SN_id_cmc_queryPending "id-cmc-queryPending" -#define NID_id_cmc_queryPending 343 -#define OBJ_id_cmc_queryPending OBJ_id_cmc,21L - -#define SN_id_cmc_popLinkRandom "id-cmc-popLinkRandom" -#define NID_id_cmc_popLinkRandom 344 -#define OBJ_id_cmc_popLinkRandom OBJ_id_cmc,22L - -#define SN_id_cmc_popLinkWitness "id-cmc-popLinkWitness" -#define NID_id_cmc_popLinkWitness 345 -#define OBJ_id_cmc_popLinkWitness OBJ_id_cmc,23L - -#define SN_id_cmc_confirmCertAcceptance "id-cmc-confirmCertAcceptance" -#define NID_id_cmc_confirmCertAcceptance 346 -#define OBJ_id_cmc_confirmCertAcceptance OBJ_id_cmc,24L - -#define SN_id_on_personalData "id-on-personalData" -#define NID_id_on_personalData 347 -#define OBJ_id_on_personalData OBJ_id_on,1L - -#define SN_id_on_permanentIdentifier "id-on-permanentIdentifier" -#define LN_id_on_permanentIdentifier "Permanent Identifier" -#define NID_id_on_permanentIdentifier 858 -#define OBJ_id_on_permanentIdentifier OBJ_id_on,3L - -#define SN_id_pda_dateOfBirth "id-pda-dateOfBirth" -#define NID_id_pda_dateOfBirth 348 -#define OBJ_id_pda_dateOfBirth OBJ_id_pda,1L - -#define SN_id_pda_placeOfBirth "id-pda-placeOfBirth" -#define NID_id_pda_placeOfBirth 349 -#define OBJ_id_pda_placeOfBirth OBJ_id_pda,2L - -#define SN_id_pda_gender "id-pda-gender" -#define NID_id_pda_gender 351 -#define OBJ_id_pda_gender OBJ_id_pda,3L - -#define SN_id_pda_countryOfCitizenship "id-pda-countryOfCitizenship" -#define NID_id_pda_countryOfCitizenship 352 -#define OBJ_id_pda_countryOfCitizenship OBJ_id_pda,4L - -#define SN_id_pda_countryOfResidence "id-pda-countryOfResidence" -#define NID_id_pda_countryOfResidence 353 -#define OBJ_id_pda_countryOfResidence OBJ_id_pda,5L - -#define SN_id_aca_authenticationInfo "id-aca-authenticationInfo" -#define NID_id_aca_authenticationInfo 354 -#define OBJ_id_aca_authenticationInfo OBJ_id_aca,1L - -#define SN_id_aca_accessIdentity "id-aca-accessIdentity" -#define NID_id_aca_accessIdentity 355 -#define OBJ_id_aca_accessIdentity OBJ_id_aca,2L - -#define SN_id_aca_chargingIdentity "id-aca-chargingIdentity" -#define NID_id_aca_chargingIdentity 356 -#define OBJ_id_aca_chargingIdentity OBJ_id_aca,3L - -#define SN_id_aca_group "id-aca-group" -#define NID_id_aca_group 357 -#define OBJ_id_aca_group OBJ_id_aca,4L - -#define SN_id_aca_role "id-aca-role" -#define NID_id_aca_role 358 -#define OBJ_id_aca_role OBJ_id_aca,5L - -#define SN_id_aca_encAttrs "id-aca-encAttrs" -#define NID_id_aca_encAttrs 399 -#define OBJ_id_aca_encAttrs OBJ_id_aca,6L - -#define SN_id_qcs_pkixQCSyntax_v1 "id-qcs-pkixQCSyntax-v1" -#define NID_id_qcs_pkixQCSyntax_v1 359 -#define OBJ_id_qcs_pkixQCSyntax_v1 OBJ_id_qcs,1L - -#define SN_id_cct_crs "id-cct-crs" -#define NID_id_cct_crs 360 -#define OBJ_id_cct_crs OBJ_id_cct,1L - -#define SN_id_cct_PKIData "id-cct-PKIData" -#define NID_id_cct_PKIData 361 -#define OBJ_id_cct_PKIData OBJ_id_cct,2L - -#define SN_id_cct_PKIResponse "id-cct-PKIResponse" -#define NID_id_cct_PKIResponse 362 -#define OBJ_id_cct_PKIResponse OBJ_id_cct,3L - -#define SN_id_ppl_anyLanguage "id-ppl-anyLanguage" -#define LN_id_ppl_anyLanguage "Any language" -#define NID_id_ppl_anyLanguage 664 -#define OBJ_id_ppl_anyLanguage OBJ_id_ppl,0L - -#define SN_id_ppl_inheritAll "id-ppl-inheritAll" -#define LN_id_ppl_inheritAll "Inherit all" -#define NID_id_ppl_inheritAll 665 -#define OBJ_id_ppl_inheritAll OBJ_id_ppl,1L - -#define SN_Independent "id-ppl-independent" -#define LN_Independent "Independent" -#define NID_Independent 667 -#define OBJ_Independent OBJ_id_ppl,2L - -#define SN_ad_OCSP "OCSP" -#define LN_ad_OCSP "OCSP" -#define NID_ad_OCSP 178 -#define OBJ_ad_OCSP OBJ_id_ad,1L - -#define SN_ad_ca_issuers "caIssuers" -#define LN_ad_ca_issuers "CA Issuers" -#define NID_ad_ca_issuers 179 -#define OBJ_ad_ca_issuers OBJ_id_ad,2L - -#define SN_ad_timeStamping "ad_timestamping" -#define LN_ad_timeStamping "AD Time Stamping" -#define NID_ad_timeStamping 363 -#define OBJ_ad_timeStamping OBJ_id_ad,3L - -#define SN_ad_dvcs "AD_DVCS" -#define LN_ad_dvcs "ad dvcs" -#define NID_ad_dvcs 364 -#define OBJ_ad_dvcs OBJ_id_ad,4L - -#define SN_caRepository "caRepository" -#define LN_caRepository "CA Repository" -#define NID_caRepository 785 -#define OBJ_caRepository OBJ_id_ad,5L - -#define OBJ_id_pkix_OCSP OBJ_ad_OCSP - -#define SN_id_pkix_OCSP_basic "basicOCSPResponse" -#define LN_id_pkix_OCSP_basic "Basic OCSP Response" -#define NID_id_pkix_OCSP_basic 365 -#define OBJ_id_pkix_OCSP_basic OBJ_id_pkix_OCSP,1L - -#define SN_id_pkix_OCSP_Nonce "Nonce" -#define LN_id_pkix_OCSP_Nonce "OCSP Nonce" -#define NID_id_pkix_OCSP_Nonce 366 -#define OBJ_id_pkix_OCSP_Nonce OBJ_id_pkix_OCSP,2L - -#define SN_id_pkix_OCSP_CrlID "CrlID" -#define LN_id_pkix_OCSP_CrlID "OCSP CRL ID" -#define NID_id_pkix_OCSP_CrlID 367 -#define OBJ_id_pkix_OCSP_CrlID OBJ_id_pkix_OCSP,3L - -#define SN_id_pkix_OCSP_acceptableResponses "acceptableResponses" -#define LN_id_pkix_OCSP_acceptableResponses "Acceptable OCSP Responses" -#define NID_id_pkix_OCSP_acceptableResponses 368 -#define OBJ_id_pkix_OCSP_acceptableResponses OBJ_id_pkix_OCSP,4L - -#define SN_id_pkix_OCSP_noCheck "noCheck" -#define LN_id_pkix_OCSP_noCheck "OCSP No Check" -#define NID_id_pkix_OCSP_noCheck 369 -#define OBJ_id_pkix_OCSP_noCheck OBJ_id_pkix_OCSP,5L - -#define SN_id_pkix_OCSP_archiveCutoff "archiveCutoff" -#define LN_id_pkix_OCSP_archiveCutoff "OCSP Archive Cutoff" -#define NID_id_pkix_OCSP_archiveCutoff 370 -#define OBJ_id_pkix_OCSP_archiveCutoff OBJ_id_pkix_OCSP,6L - -#define SN_id_pkix_OCSP_serviceLocator "serviceLocator" -#define LN_id_pkix_OCSP_serviceLocator "OCSP Service Locator" -#define NID_id_pkix_OCSP_serviceLocator 371 -#define OBJ_id_pkix_OCSP_serviceLocator OBJ_id_pkix_OCSP,7L - -#define SN_id_pkix_OCSP_extendedStatus "extendedStatus" -#define LN_id_pkix_OCSP_extendedStatus "Extended OCSP Status" -#define NID_id_pkix_OCSP_extendedStatus 372 -#define OBJ_id_pkix_OCSP_extendedStatus OBJ_id_pkix_OCSP,8L - -#define SN_id_pkix_OCSP_valid "valid" -#define NID_id_pkix_OCSP_valid 373 -#define OBJ_id_pkix_OCSP_valid OBJ_id_pkix_OCSP,9L - -#define SN_id_pkix_OCSP_path "path" -#define NID_id_pkix_OCSP_path 374 -#define OBJ_id_pkix_OCSP_path OBJ_id_pkix_OCSP,10L - -#define SN_id_pkix_OCSP_trustRoot "trustRoot" -#define LN_id_pkix_OCSP_trustRoot "Trust Root" -#define NID_id_pkix_OCSP_trustRoot 375 -#define OBJ_id_pkix_OCSP_trustRoot OBJ_id_pkix_OCSP,11L - -#define SN_algorithm "algorithm" -#define LN_algorithm "algorithm" -#define NID_algorithm 376 -#define OBJ_algorithm 1L,3L,14L,3L,2L - -#define SN_md5WithRSA "RSA-NP-MD5" -#define LN_md5WithRSA "md5WithRSA" -#define NID_md5WithRSA 104 -#define OBJ_md5WithRSA OBJ_algorithm,3L - -#define SN_des_ecb "DES-ECB" -#define LN_des_ecb "des-ecb" -#define NID_des_ecb 29 -#define OBJ_des_ecb OBJ_algorithm,6L - -#define SN_des_cbc "DES-CBC" -#define LN_des_cbc "des-cbc" -#define NID_des_cbc 31 -#define OBJ_des_cbc OBJ_algorithm,7L - -#define SN_des_ofb64 "DES-OFB" -#define LN_des_ofb64 "des-ofb" -#define NID_des_ofb64 45 -#define OBJ_des_ofb64 OBJ_algorithm,8L - -#define SN_des_cfb64 "DES-CFB" -#define LN_des_cfb64 "des-cfb" -#define NID_des_cfb64 30 -#define OBJ_des_cfb64 OBJ_algorithm,9L - -#define SN_rsaSignature "rsaSignature" -#define NID_rsaSignature 377 -#define OBJ_rsaSignature OBJ_algorithm,11L - -#define SN_dsa_2 "DSA-old" -#define LN_dsa_2 "dsaEncryption-old" -#define NID_dsa_2 67 -#define OBJ_dsa_2 OBJ_algorithm,12L - -#define SN_dsaWithSHA "DSA-SHA" -#define LN_dsaWithSHA "dsaWithSHA" -#define NID_dsaWithSHA 66 -#define OBJ_dsaWithSHA OBJ_algorithm,13L - -#define SN_shaWithRSAEncryption "RSA-SHA" -#define LN_shaWithRSAEncryption "shaWithRSAEncryption" -#define NID_shaWithRSAEncryption 42 -#define OBJ_shaWithRSAEncryption OBJ_algorithm,15L - -#define SN_des_ede_ecb "DES-EDE" -#define LN_des_ede_ecb "des-ede" -#define NID_des_ede_ecb 32 -#define OBJ_des_ede_ecb OBJ_algorithm,17L - -#define SN_des_ede3_ecb "DES-EDE3" -#define LN_des_ede3_ecb "des-ede3" -#define NID_des_ede3_ecb 33 - -#define SN_des_ede_cbc "DES-EDE-CBC" -#define LN_des_ede_cbc "des-ede-cbc" -#define NID_des_ede_cbc 43 - -#define SN_des_ede_cfb64 "DES-EDE-CFB" -#define LN_des_ede_cfb64 "des-ede-cfb" -#define NID_des_ede_cfb64 60 - -#define SN_des_ede3_cfb64 "DES-EDE3-CFB" -#define LN_des_ede3_cfb64 "des-ede3-cfb" -#define NID_des_ede3_cfb64 61 - -#define SN_des_ede_ofb64 "DES-EDE-OFB" -#define LN_des_ede_ofb64 "des-ede-ofb" -#define NID_des_ede_ofb64 62 - -#define SN_des_ede3_ofb64 "DES-EDE3-OFB" -#define LN_des_ede3_ofb64 "des-ede3-ofb" -#define NID_des_ede3_ofb64 63 - -#define SN_desx_cbc "DESX-CBC" -#define LN_desx_cbc "desx-cbc" -#define NID_desx_cbc 80 - -#define SN_sha "SHA" -#define LN_sha "sha" -#define NID_sha 41 -#define OBJ_sha OBJ_algorithm,18L - -#define SN_sha1 "SHA1" -#define LN_sha1 "sha1" -#define NID_sha1 64 -#define OBJ_sha1 OBJ_algorithm,26L - -#define SN_dsaWithSHA1_2 "DSA-SHA1-old" -#define LN_dsaWithSHA1_2 "dsaWithSHA1-old" -#define NID_dsaWithSHA1_2 70 -#define OBJ_dsaWithSHA1_2 OBJ_algorithm,27L - -#define SN_sha1WithRSA "RSA-SHA1-2" -#define LN_sha1WithRSA "sha1WithRSA" -#define NID_sha1WithRSA 115 -#define OBJ_sha1WithRSA OBJ_algorithm,29L - -#define SN_ripemd160 "RIPEMD160" -#define LN_ripemd160 "ripemd160" -#define NID_ripemd160 117 -#define OBJ_ripemd160 1L,3L,36L,3L,2L,1L - -#define SN_ripemd160WithRSA "RSA-RIPEMD160" -#define LN_ripemd160WithRSA "ripemd160WithRSA" -#define NID_ripemd160WithRSA 119 -#define OBJ_ripemd160WithRSA 1L,3L,36L,3L,3L,1L,2L - -#define SN_sxnet "SXNetID" -#define LN_sxnet "Strong Extranet ID" -#define NID_sxnet 143 -#define OBJ_sxnet 1L,3L,101L,1L,4L,1L - -#define SN_X500 "X500" -#define LN_X500 "directory services (X.500)" -#define NID_X500 11 -#define OBJ_X500 2L,5L - -#define SN_X509 "X509" -#define NID_X509 12 -#define OBJ_X509 OBJ_X500,4L - -#define SN_commonName "CN" -#define LN_commonName "commonName" -#define NID_commonName 13 -#define OBJ_commonName OBJ_X509,3L - -#define SN_surname "SN" -#define LN_surname "surname" -#define NID_surname 100 -#define OBJ_surname OBJ_X509,4L - -#define LN_serialNumber "serialNumber" -#define NID_serialNumber 105 -#define OBJ_serialNumber OBJ_X509,5L - -#define SN_countryName "C" -#define LN_countryName "countryName" -#define NID_countryName 14 -#define OBJ_countryName OBJ_X509,6L - -#define SN_localityName "L" -#define LN_localityName "localityName" -#define NID_localityName 15 -#define OBJ_localityName OBJ_X509,7L - -#define SN_stateOrProvinceName "ST" -#define LN_stateOrProvinceName "stateOrProvinceName" -#define NID_stateOrProvinceName 16 -#define OBJ_stateOrProvinceName OBJ_X509,8L - -#define SN_streetAddress "street" -#define LN_streetAddress "streetAddress" -#define NID_streetAddress 660 -#define OBJ_streetAddress OBJ_X509,9L - -#define SN_organizationName "O" -#define LN_organizationName "organizationName" -#define NID_organizationName 17 -#define OBJ_organizationName OBJ_X509,10L - -#define SN_organizationalUnitName "OU" -#define LN_organizationalUnitName "organizationalUnitName" -#define NID_organizationalUnitName 18 -#define OBJ_organizationalUnitName OBJ_X509,11L - -#define SN_title "title" -#define LN_title "title" -#define NID_title 106 -#define OBJ_title OBJ_X509,12L - -#define LN_description "description" -#define NID_description 107 -#define OBJ_description OBJ_X509,13L - -#define LN_searchGuide "searchGuide" -#define NID_searchGuide 859 -#define OBJ_searchGuide OBJ_X509,14L - -#define LN_businessCategory "businessCategory" -#define NID_businessCategory 860 -#define OBJ_businessCategory OBJ_X509,15L - -#define LN_postalAddress "postalAddress" -#define NID_postalAddress 861 -#define OBJ_postalAddress OBJ_X509,16L - -#define LN_postalCode "postalCode" -#define NID_postalCode 661 -#define OBJ_postalCode OBJ_X509,17L - -#define LN_postOfficeBox "postOfficeBox" -#define NID_postOfficeBox 862 -#define OBJ_postOfficeBox OBJ_X509,18L - -#define LN_physicalDeliveryOfficeName "physicalDeliveryOfficeName" -#define NID_physicalDeliveryOfficeName 863 -#define OBJ_physicalDeliveryOfficeName OBJ_X509,19L - -#define LN_telephoneNumber "telephoneNumber" -#define NID_telephoneNumber 864 -#define OBJ_telephoneNumber OBJ_X509,20L - -#define LN_telexNumber "telexNumber" -#define NID_telexNumber 865 -#define OBJ_telexNumber OBJ_X509,21L - -#define LN_teletexTerminalIdentifier "teletexTerminalIdentifier" -#define NID_teletexTerminalIdentifier 866 -#define OBJ_teletexTerminalIdentifier OBJ_X509,22L - -#define LN_facsimileTelephoneNumber "facsimileTelephoneNumber" -#define NID_facsimileTelephoneNumber 867 -#define OBJ_facsimileTelephoneNumber OBJ_X509,23L - -#define LN_x121Address "x121Address" -#define NID_x121Address 868 -#define OBJ_x121Address OBJ_X509,24L - -#define LN_internationaliSDNNumber "internationaliSDNNumber" -#define NID_internationaliSDNNumber 869 -#define OBJ_internationaliSDNNumber OBJ_X509,25L - -#define LN_registeredAddress "registeredAddress" -#define NID_registeredAddress 870 -#define OBJ_registeredAddress OBJ_X509,26L - -#define LN_destinationIndicator "destinationIndicator" -#define NID_destinationIndicator 871 -#define OBJ_destinationIndicator OBJ_X509,27L - -#define LN_preferredDeliveryMethod "preferredDeliveryMethod" -#define NID_preferredDeliveryMethod 872 -#define OBJ_preferredDeliveryMethod OBJ_X509,28L - -#define LN_presentationAddress "presentationAddress" -#define NID_presentationAddress 873 -#define OBJ_presentationAddress OBJ_X509,29L - -#define LN_supportedApplicationContext "supportedApplicationContext" -#define NID_supportedApplicationContext 874 -#define OBJ_supportedApplicationContext OBJ_X509,30L - -#define SN_member "member" -#define NID_member 875 -#define OBJ_member OBJ_X509,31L - -#define SN_owner "owner" -#define NID_owner 876 -#define OBJ_owner OBJ_X509,32L - -#define LN_roleOccupant "roleOccupant" -#define NID_roleOccupant 877 -#define OBJ_roleOccupant OBJ_X509,33L - -#define SN_seeAlso "seeAlso" -#define NID_seeAlso 878 -#define OBJ_seeAlso OBJ_X509,34L - -#define LN_userPassword "userPassword" -#define NID_userPassword 879 -#define OBJ_userPassword OBJ_X509,35L - -#define LN_userCertificate "userCertificate" -#define NID_userCertificate 880 -#define OBJ_userCertificate OBJ_X509,36L - -#define LN_cACertificate "cACertificate" -#define NID_cACertificate 881 -#define OBJ_cACertificate OBJ_X509,37L - -#define LN_authorityRevocationList "authorityRevocationList" -#define NID_authorityRevocationList 882 -#define OBJ_authorityRevocationList OBJ_X509,38L - -#define LN_certificateRevocationList "certificateRevocationList" -#define NID_certificateRevocationList 883 -#define OBJ_certificateRevocationList OBJ_X509,39L - -#define LN_crossCertificatePair "crossCertificatePair" -#define NID_crossCertificatePair 884 -#define OBJ_crossCertificatePair OBJ_X509,40L - -#define SN_name "name" -#define LN_name "name" -#define NID_name 173 -#define OBJ_name OBJ_X509,41L - -#define SN_givenName "GN" -#define LN_givenName "givenName" -#define NID_givenName 99 -#define OBJ_givenName OBJ_X509,42L - -#define SN_initials "initials" -#define LN_initials "initials" -#define NID_initials 101 -#define OBJ_initials OBJ_X509,43L - -#define LN_generationQualifier "generationQualifier" -#define NID_generationQualifier 509 -#define OBJ_generationQualifier OBJ_X509,44L - -#define LN_x500UniqueIdentifier "x500UniqueIdentifier" -#define NID_x500UniqueIdentifier 503 -#define OBJ_x500UniqueIdentifier OBJ_X509,45L - -#define SN_dnQualifier "dnQualifier" -#define LN_dnQualifier "dnQualifier" -#define NID_dnQualifier 174 -#define OBJ_dnQualifier OBJ_X509,46L - -#define LN_enhancedSearchGuide "enhancedSearchGuide" -#define NID_enhancedSearchGuide 885 -#define OBJ_enhancedSearchGuide OBJ_X509,47L - -#define LN_protocolInformation "protocolInformation" -#define NID_protocolInformation 886 -#define OBJ_protocolInformation OBJ_X509,48L - -#define LN_distinguishedName "distinguishedName" -#define NID_distinguishedName 887 -#define OBJ_distinguishedName OBJ_X509,49L - -#define LN_uniqueMember "uniqueMember" -#define NID_uniqueMember 888 -#define OBJ_uniqueMember OBJ_X509,50L - -#define LN_houseIdentifier "houseIdentifier" -#define NID_houseIdentifier 889 -#define OBJ_houseIdentifier OBJ_X509,51L - -#define LN_supportedAlgorithms "supportedAlgorithms" -#define NID_supportedAlgorithms 890 -#define OBJ_supportedAlgorithms OBJ_X509,52L - -#define LN_deltaRevocationList "deltaRevocationList" -#define NID_deltaRevocationList 891 -#define OBJ_deltaRevocationList OBJ_X509,53L - -#define SN_dmdName "dmdName" -#define NID_dmdName 892 -#define OBJ_dmdName OBJ_X509,54L - -#define LN_pseudonym "pseudonym" -#define NID_pseudonym 510 -#define OBJ_pseudonym OBJ_X509,65L - -#define SN_role "role" -#define LN_role "role" -#define NID_role 400 -#define OBJ_role OBJ_X509,72L - -#define SN_X500algorithms "X500algorithms" -#define LN_X500algorithms "directory services - algorithms" -#define NID_X500algorithms 378 -#define OBJ_X500algorithms OBJ_X500,8L - -#define SN_rsa "RSA" -#define LN_rsa "rsa" -#define NID_rsa 19 -#define OBJ_rsa OBJ_X500algorithms,1L,1L - -#define SN_mdc2WithRSA "RSA-MDC2" -#define LN_mdc2WithRSA "mdc2WithRSA" -#define NID_mdc2WithRSA 96 -#define OBJ_mdc2WithRSA OBJ_X500algorithms,3L,100L - -#define SN_mdc2 "MDC2" -#define LN_mdc2 "mdc2" -#define NID_mdc2 95 -#define OBJ_mdc2 OBJ_X500algorithms,3L,101L - -#define SN_id_ce "id-ce" -#define NID_id_ce 81 -#define OBJ_id_ce OBJ_X500,29L - -#define SN_subject_directory_attributes "subjectDirectoryAttributes" -#define LN_subject_directory_attributes "X509v3 Subject Directory Attributes" -#define NID_subject_directory_attributes 769 -#define OBJ_subject_directory_attributes OBJ_id_ce,9L - -#define SN_subject_key_identifier "subjectKeyIdentifier" -#define LN_subject_key_identifier "X509v3 Subject Key Identifier" -#define NID_subject_key_identifier 82 -#define OBJ_subject_key_identifier OBJ_id_ce,14L - -#define SN_key_usage "keyUsage" -#define LN_key_usage "X509v3 Key Usage" -#define NID_key_usage 83 -#define OBJ_key_usage OBJ_id_ce,15L - -#define SN_private_key_usage_period "privateKeyUsagePeriod" -#define LN_private_key_usage_period "X509v3 Private Key Usage Period" -#define NID_private_key_usage_period 84 -#define OBJ_private_key_usage_period OBJ_id_ce,16L - -#define SN_subject_alt_name "subjectAltName" -#define LN_subject_alt_name "X509v3 Subject Alternative Name" -#define NID_subject_alt_name 85 -#define OBJ_subject_alt_name OBJ_id_ce,17L - -#define SN_issuer_alt_name "issuerAltName" -#define LN_issuer_alt_name "X509v3 Issuer Alternative Name" -#define NID_issuer_alt_name 86 -#define OBJ_issuer_alt_name OBJ_id_ce,18L - -#define SN_basic_constraints "basicConstraints" -#define LN_basic_constraints "X509v3 Basic Constraints" -#define NID_basic_constraints 87 -#define OBJ_basic_constraints OBJ_id_ce,19L - -#define SN_crl_number "crlNumber" -#define LN_crl_number "X509v3 CRL Number" -#define NID_crl_number 88 -#define OBJ_crl_number OBJ_id_ce,20L - -#define SN_crl_reason "CRLReason" -#define LN_crl_reason "X509v3 CRL Reason Code" -#define NID_crl_reason 141 -#define OBJ_crl_reason OBJ_id_ce,21L - -#define SN_invalidity_date "invalidityDate" -#define LN_invalidity_date "Invalidity Date" -#define NID_invalidity_date 142 -#define OBJ_invalidity_date OBJ_id_ce,24L - -#define SN_delta_crl "deltaCRL" -#define LN_delta_crl "X509v3 Delta CRL Indicator" -#define NID_delta_crl 140 -#define OBJ_delta_crl OBJ_id_ce,27L - -#define SN_issuing_distribution_point "issuingDistributionPoint" -#define LN_issuing_distribution_point "X509v3 Issuing Distribution Point" -#define NID_issuing_distribution_point 770 -#define OBJ_issuing_distribution_point OBJ_id_ce,28L - -#define SN_certificate_issuer "certificateIssuer" -#define LN_certificate_issuer "X509v3 Certificate Issuer" -#define NID_certificate_issuer 771 -#define OBJ_certificate_issuer OBJ_id_ce,29L - -#define SN_name_constraints "nameConstraints" -#define LN_name_constraints "X509v3 Name Constraints" -#define NID_name_constraints 666 -#define OBJ_name_constraints OBJ_id_ce,30L - -#define SN_crl_distribution_points "crlDistributionPoints" -#define LN_crl_distribution_points "X509v3 CRL Distribution Points" -#define NID_crl_distribution_points 103 -#define OBJ_crl_distribution_points OBJ_id_ce,31L - -#define SN_certificate_policies "certificatePolicies" -#define LN_certificate_policies "X509v3 Certificate Policies" -#define NID_certificate_policies 89 -#define OBJ_certificate_policies OBJ_id_ce,32L - -#define SN_any_policy "anyPolicy" -#define LN_any_policy "X509v3 Any Policy" -#define NID_any_policy 746 -#define OBJ_any_policy OBJ_certificate_policies,0L - -#define SN_policy_mappings "policyMappings" -#define LN_policy_mappings "X509v3 Policy Mappings" -#define NID_policy_mappings 747 -#define OBJ_policy_mappings OBJ_id_ce,33L - -#define SN_authority_key_identifier "authorityKeyIdentifier" -#define LN_authority_key_identifier "X509v3 Authority Key Identifier" -#define NID_authority_key_identifier 90 -#define OBJ_authority_key_identifier OBJ_id_ce,35L - -#define SN_policy_constraints "policyConstraints" -#define LN_policy_constraints "X509v3 Policy Constraints" -#define NID_policy_constraints 401 -#define OBJ_policy_constraints OBJ_id_ce,36L - -#define SN_ext_key_usage "extendedKeyUsage" -#define LN_ext_key_usage "X509v3 Extended Key Usage" -#define NID_ext_key_usage 126 -#define OBJ_ext_key_usage OBJ_id_ce,37L - -#define SN_freshest_crl "freshestCRL" -#define LN_freshest_crl "X509v3 Freshest CRL" -#define NID_freshest_crl 857 -#define OBJ_freshest_crl OBJ_id_ce,46L - -#define SN_inhibit_any_policy "inhibitAnyPolicy" -#define LN_inhibit_any_policy "X509v3 Inhibit Any Policy" -#define NID_inhibit_any_policy 748 -#define OBJ_inhibit_any_policy OBJ_id_ce,54L - -#define SN_target_information "targetInformation" -#define LN_target_information "X509v3 AC Targeting" -#define NID_target_information 402 -#define OBJ_target_information OBJ_id_ce,55L - -#define SN_no_rev_avail "noRevAvail" -#define LN_no_rev_avail "X509v3 No Revocation Available" -#define NID_no_rev_avail 403 -#define OBJ_no_rev_avail OBJ_id_ce,56L - -#define SN_anyExtendedKeyUsage "anyExtendedKeyUsage" -#define LN_anyExtendedKeyUsage "Any Extended Key Usage" -#define NID_anyExtendedKeyUsage 910 -#define OBJ_anyExtendedKeyUsage OBJ_ext_key_usage,0L - -#define SN_netscape "Netscape" -#define LN_netscape "Netscape Communications Corp." -#define NID_netscape 57 -#define OBJ_netscape 2L,16L,840L,1L,113730L - -#define SN_netscape_cert_extension "nsCertExt" -#define LN_netscape_cert_extension "Netscape Certificate Extension" -#define NID_netscape_cert_extension 58 -#define OBJ_netscape_cert_extension OBJ_netscape,1L - -#define SN_netscape_data_type "nsDataType" -#define LN_netscape_data_type "Netscape Data Type" -#define NID_netscape_data_type 59 -#define OBJ_netscape_data_type OBJ_netscape,2L - -#define SN_netscape_cert_type "nsCertType" -#define LN_netscape_cert_type "Netscape Cert Type" -#define NID_netscape_cert_type 71 -#define OBJ_netscape_cert_type OBJ_netscape_cert_extension,1L - -#define SN_netscape_base_url "nsBaseUrl" -#define LN_netscape_base_url "Netscape Base Url" -#define NID_netscape_base_url 72 -#define OBJ_netscape_base_url OBJ_netscape_cert_extension,2L - -#define SN_netscape_revocation_url "nsRevocationUrl" -#define LN_netscape_revocation_url "Netscape Revocation Url" -#define NID_netscape_revocation_url 73 -#define OBJ_netscape_revocation_url OBJ_netscape_cert_extension,3L - -#define SN_netscape_ca_revocation_url "nsCaRevocationUrl" -#define LN_netscape_ca_revocation_url "Netscape CA Revocation Url" -#define NID_netscape_ca_revocation_url 74 -#define OBJ_netscape_ca_revocation_url OBJ_netscape_cert_extension,4L - -#define SN_netscape_renewal_url "nsRenewalUrl" -#define LN_netscape_renewal_url "Netscape Renewal Url" -#define NID_netscape_renewal_url 75 -#define OBJ_netscape_renewal_url OBJ_netscape_cert_extension,7L - -#define SN_netscape_ca_policy_url "nsCaPolicyUrl" -#define LN_netscape_ca_policy_url "Netscape CA Policy Url" -#define NID_netscape_ca_policy_url 76 -#define OBJ_netscape_ca_policy_url OBJ_netscape_cert_extension,8L - -#define SN_netscape_ssl_server_name "nsSslServerName" -#define LN_netscape_ssl_server_name "Netscape SSL Server Name" -#define NID_netscape_ssl_server_name 77 -#define OBJ_netscape_ssl_server_name OBJ_netscape_cert_extension,12L - -#define SN_netscape_comment "nsComment" -#define LN_netscape_comment "Netscape Comment" -#define NID_netscape_comment 78 -#define OBJ_netscape_comment OBJ_netscape_cert_extension,13L - -#define SN_netscape_cert_sequence "nsCertSequence" -#define LN_netscape_cert_sequence "Netscape Certificate Sequence" -#define NID_netscape_cert_sequence 79 -#define OBJ_netscape_cert_sequence OBJ_netscape_data_type,5L - -#define SN_ns_sgc "nsSGC" -#define LN_ns_sgc "Netscape Server Gated Crypto" -#define NID_ns_sgc 139 -#define OBJ_ns_sgc OBJ_netscape,4L,1L - -#define SN_org "ORG" -#define LN_org "org" -#define NID_org 379 -#define OBJ_org OBJ_iso,3L - -#define SN_dod "DOD" -#define LN_dod "dod" -#define NID_dod 380 -#define OBJ_dod OBJ_org,6L - -#define SN_iana "IANA" -#define LN_iana "iana" -#define NID_iana 381 -#define OBJ_iana OBJ_dod,1L - -#define OBJ_internet OBJ_iana - -#define SN_Directory "directory" -#define LN_Directory "Directory" -#define NID_Directory 382 -#define OBJ_Directory OBJ_internet,1L - -#define SN_Management "mgmt" -#define LN_Management "Management" -#define NID_Management 383 -#define OBJ_Management OBJ_internet,2L - -#define SN_Experimental "experimental" -#define LN_Experimental "Experimental" -#define NID_Experimental 384 -#define OBJ_Experimental OBJ_internet,3L - -#define SN_Private "private" -#define LN_Private "Private" -#define NID_Private 385 -#define OBJ_Private OBJ_internet,4L - -#define SN_Security "security" -#define LN_Security "Security" -#define NID_Security 386 -#define OBJ_Security OBJ_internet,5L - -#define SN_SNMPv2 "snmpv2" -#define LN_SNMPv2 "SNMPv2" -#define NID_SNMPv2 387 -#define OBJ_SNMPv2 OBJ_internet,6L - -#define LN_Mail "Mail" -#define NID_Mail 388 -#define OBJ_Mail OBJ_internet,7L - -#define SN_Enterprises "enterprises" -#define LN_Enterprises "Enterprises" -#define NID_Enterprises 389 -#define OBJ_Enterprises OBJ_Private,1L - -#define SN_dcObject "dcobject" -#define LN_dcObject "dcObject" -#define NID_dcObject 390 -#define OBJ_dcObject OBJ_Enterprises,1466L,344L - -#define OBJ_extendedValidation OBJ_Enterprises,311L,60L - -#define LN_jurisdictionLocalityName "jurisdictionLocalityName" -#define NID_jurisdictionLocalityName 956 -#define OBJ_jurisdictionLocalityName OBJ_extendedValidation,2L,1L,1L - -#define LN_jurisdictionStateOrProvinceName "jurisdictionStateOrProvinceName" -#define NID_jurisdictionStateOrProvinceName 957 -#define OBJ_jurisdictionStateOrProvinceName OBJ_extendedValidation,2L,1L,2L - -#define LN_jurisdictionCountryName "jurisdictionCountryName" -#define NID_jurisdictionCountryName 958 -#define OBJ_jurisdictionCountryName OBJ_extendedValidation,2L,1L,3L - -#define SN_mime_mhs "mime-mhs" -#define LN_mime_mhs "MIME MHS" -#define NID_mime_mhs 504 -#define OBJ_mime_mhs OBJ_Mail,1L - -#define SN_mime_mhs_headings "mime-mhs-headings" -#define LN_mime_mhs_headings "mime-mhs-headings" -#define NID_mime_mhs_headings 505 -#define OBJ_mime_mhs_headings OBJ_mime_mhs,1L - -#define SN_mime_mhs_bodies "mime-mhs-bodies" -#define LN_mime_mhs_bodies "mime-mhs-bodies" -#define NID_mime_mhs_bodies 506 -#define OBJ_mime_mhs_bodies OBJ_mime_mhs,2L - -#define SN_id_hex_partial_message "id-hex-partial-message" -#define LN_id_hex_partial_message "id-hex-partial-message" -#define NID_id_hex_partial_message 507 -#define OBJ_id_hex_partial_message OBJ_mime_mhs_headings,1L - -#define SN_id_hex_multipart_message "id-hex-multipart-message" -#define LN_id_hex_multipart_message "id-hex-multipart-message" -#define NID_id_hex_multipart_message 508 -#define OBJ_id_hex_multipart_message OBJ_mime_mhs_headings,2L - -#define SN_rle_compression "RLE" -#define LN_rle_compression "run length compression" -#define NID_rle_compression 124 -#define OBJ_rle_compression 1L,1L,1L,1L,666L,1L - -#define SN_zlib_compression "ZLIB" -#define LN_zlib_compression "zlib compression" -#define NID_zlib_compression 125 -#define OBJ_zlib_compression OBJ_id_smime_alg,8L - -#define OBJ_csor 2L,16L,840L,1L,101L,3L - -#define OBJ_nistAlgorithms OBJ_csor,4L - -#define OBJ_aes OBJ_nistAlgorithms,1L - -#define SN_aes_128_ecb "AES-128-ECB" -#define LN_aes_128_ecb "aes-128-ecb" -#define NID_aes_128_ecb 418 -#define OBJ_aes_128_ecb OBJ_aes,1L - -#define SN_aes_128_cbc "AES-128-CBC" -#define LN_aes_128_cbc "aes-128-cbc" -#define NID_aes_128_cbc 419 -#define OBJ_aes_128_cbc OBJ_aes,2L - -#define SN_aes_128_ofb128 "AES-128-OFB" -#define LN_aes_128_ofb128 "aes-128-ofb" -#define NID_aes_128_ofb128 420 -#define OBJ_aes_128_ofb128 OBJ_aes,3L - -#define SN_aes_128_cfb128 "AES-128-CFB" -#define LN_aes_128_cfb128 "aes-128-cfb" -#define NID_aes_128_cfb128 421 -#define OBJ_aes_128_cfb128 OBJ_aes,4L - -#define SN_id_aes128_wrap "id-aes128-wrap" -#define NID_id_aes128_wrap 788 -#define OBJ_id_aes128_wrap OBJ_aes,5L - -#define SN_aes_128_gcm "id-aes128-GCM" -#define LN_aes_128_gcm "aes-128-gcm" -#define NID_aes_128_gcm 895 -#define OBJ_aes_128_gcm OBJ_aes,6L - -#define SN_aes_128_ccm "id-aes128-CCM" -#define LN_aes_128_ccm "aes-128-ccm" -#define NID_aes_128_ccm 896 -#define OBJ_aes_128_ccm OBJ_aes,7L - -#define SN_id_aes128_wrap_pad "id-aes128-wrap-pad" -#define NID_id_aes128_wrap_pad 897 -#define OBJ_id_aes128_wrap_pad OBJ_aes,8L - -#define SN_aes_192_ecb "AES-192-ECB" -#define LN_aes_192_ecb "aes-192-ecb" -#define NID_aes_192_ecb 422 -#define OBJ_aes_192_ecb OBJ_aes,21L - -#define SN_aes_192_cbc "AES-192-CBC" -#define LN_aes_192_cbc "aes-192-cbc" -#define NID_aes_192_cbc 423 -#define OBJ_aes_192_cbc OBJ_aes,22L - -#define SN_aes_192_ofb128 "AES-192-OFB" -#define LN_aes_192_ofb128 "aes-192-ofb" -#define NID_aes_192_ofb128 424 -#define OBJ_aes_192_ofb128 OBJ_aes,23L - -#define SN_aes_192_cfb128 "AES-192-CFB" -#define LN_aes_192_cfb128 "aes-192-cfb" -#define NID_aes_192_cfb128 425 -#define OBJ_aes_192_cfb128 OBJ_aes,24L - -#define SN_id_aes192_wrap "id-aes192-wrap" -#define NID_id_aes192_wrap 789 -#define OBJ_id_aes192_wrap OBJ_aes,25L - -#define SN_aes_192_gcm "id-aes192-GCM" -#define LN_aes_192_gcm "aes-192-gcm" -#define NID_aes_192_gcm 898 -#define OBJ_aes_192_gcm OBJ_aes,26L - -#define SN_aes_192_ccm "id-aes192-CCM" -#define LN_aes_192_ccm "aes-192-ccm" -#define NID_aes_192_ccm 899 -#define OBJ_aes_192_ccm OBJ_aes,27L - -#define SN_id_aes192_wrap_pad "id-aes192-wrap-pad" -#define NID_id_aes192_wrap_pad 900 -#define OBJ_id_aes192_wrap_pad OBJ_aes,28L - -#define SN_aes_256_ecb "AES-256-ECB" -#define LN_aes_256_ecb "aes-256-ecb" -#define NID_aes_256_ecb 426 -#define OBJ_aes_256_ecb OBJ_aes,41L - -#define SN_aes_256_cbc "AES-256-CBC" -#define LN_aes_256_cbc "aes-256-cbc" -#define NID_aes_256_cbc 427 -#define OBJ_aes_256_cbc OBJ_aes,42L - -#define SN_aes_256_ofb128 "AES-256-OFB" -#define LN_aes_256_ofb128 "aes-256-ofb" -#define NID_aes_256_ofb128 428 -#define OBJ_aes_256_ofb128 OBJ_aes,43L - -#define SN_aes_256_cfb128 "AES-256-CFB" -#define LN_aes_256_cfb128 "aes-256-cfb" -#define NID_aes_256_cfb128 429 -#define OBJ_aes_256_cfb128 OBJ_aes,44L - -#define SN_id_aes256_wrap "id-aes256-wrap" -#define NID_id_aes256_wrap 790 -#define OBJ_id_aes256_wrap OBJ_aes,45L - -#define SN_aes_256_gcm "id-aes256-GCM" -#define LN_aes_256_gcm "aes-256-gcm" -#define NID_aes_256_gcm 901 -#define OBJ_aes_256_gcm OBJ_aes,46L - -#define SN_aes_256_ccm "id-aes256-CCM" -#define LN_aes_256_ccm "aes-256-ccm" -#define NID_aes_256_ccm 902 -#define OBJ_aes_256_ccm OBJ_aes,47L - -#define SN_id_aes256_wrap_pad "id-aes256-wrap-pad" -#define NID_id_aes256_wrap_pad 903 -#define OBJ_id_aes256_wrap_pad OBJ_aes,48L - -#define SN_aes_128_cfb1 "AES-128-CFB1" -#define LN_aes_128_cfb1 "aes-128-cfb1" -#define NID_aes_128_cfb1 650 - -#define SN_aes_192_cfb1 "AES-192-CFB1" -#define LN_aes_192_cfb1 "aes-192-cfb1" -#define NID_aes_192_cfb1 651 - -#define SN_aes_256_cfb1 "AES-256-CFB1" -#define LN_aes_256_cfb1 "aes-256-cfb1" -#define NID_aes_256_cfb1 652 - -#define SN_aes_128_cfb8 "AES-128-CFB8" -#define LN_aes_128_cfb8 "aes-128-cfb8" -#define NID_aes_128_cfb8 653 - -#define SN_aes_192_cfb8 "AES-192-CFB8" -#define LN_aes_192_cfb8 "aes-192-cfb8" -#define NID_aes_192_cfb8 654 - -#define SN_aes_256_cfb8 "AES-256-CFB8" -#define LN_aes_256_cfb8 "aes-256-cfb8" -#define NID_aes_256_cfb8 655 - -#define SN_aes_128_ctr "AES-128-CTR" -#define LN_aes_128_ctr "aes-128-ctr" -#define NID_aes_128_ctr 904 - -#define SN_aes_192_ctr "AES-192-CTR" -#define LN_aes_192_ctr "aes-192-ctr" -#define NID_aes_192_ctr 905 - -#define SN_aes_256_ctr "AES-256-CTR" -#define LN_aes_256_ctr "aes-256-ctr" -#define NID_aes_256_ctr 906 - -#define SN_aes_128_xts "AES-128-XTS" -#define LN_aes_128_xts "aes-128-xts" -#define NID_aes_128_xts 913 - -#define SN_aes_256_xts "AES-256-XTS" -#define LN_aes_256_xts "aes-256-xts" -#define NID_aes_256_xts 914 - -#define SN_des_cfb1 "DES-CFB1" -#define LN_des_cfb1 "des-cfb1" -#define NID_des_cfb1 656 - -#define SN_des_cfb8 "DES-CFB8" -#define LN_des_cfb8 "des-cfb8" -#define NID_des_cfb8 657 - -#define SN_des_ede3_cfb1 "DES-EDE3-CFB1" -#define LN_des_ede3_cfb1 "des-ede3-cfb1" -#define NID_des_ede3_cfb1 658 - -#define SN_des_ede3_cfb8 "DES-EDE3-CFB8" -#define LN_des_ede3_cfb8 "des-ede3-cfb8" -#define NID_des_ede3_cfb8 659 - -#define OBJ_nist_hashalgs OBJ_nistAlgorithms,2L - -#define SN_sha256 "SHA256" -#define LN_sha256 "sha256" -#define NID_sha256 672 -#define OBJ_sha256 OBJ_nist_hashalgs,1L - -#define SN_sha384 "SHA384" -#define LN_sha384 "sha384" -#define NID_sha384 673 -#define OBJ_sha384 OBJ_nist_hashalgs,2L - -#define SN_sha512 "SHA512" -#define LN_sha512 "sha512" -#define NID_sha512 674 -#define OBJ_sha512 OBJ_nist_hashalgs,3L - -#define SN_sha224 "SHA224" -#define LN_sha224 "sha224" -#define NID_sha224 675 -#define OBJ_sha224 OBJ_nist_hashalgs,4L - -#define OBJ_dsa_with_sha2 OBJ_nistAlgorithms,3L - -#define SN_dsa_with_SHA224 "dsa_with_SHA224" -#define NID_dsa_with_SHA224 802 -#define OBJ_dsa_with_SHA224 OBJ_dsa_with_sha2,1L - -#define SN_dsa_with_SHA256 "dsa_with_SHA256" -#define NID_dsa_with_SHA256 803 -#define OBJ_dsa_with_SHA256 OBJ_dsa_with_sha2,2L - -#define SN_hold_instruction_code "holdInstructionCode" -#define LN_hold_instruction_code "Hold Instruction Code" -#define NID_hold_instruction_code 430 -#define OBJ_hold_instruction_code OBJ_id_ce,23L - -#define OBJ_holdInstruction OBJ_X9_57,2L - -#define SN_hold_instruction_none "holdInstructionNone" -#define LN_hold_instruction_none "Hold Instruction None" -#define NID_hold_instruction_none 431 -#define OBJ_hold_instruction_none OBJ_holdInstruction,1L - -#define SN_hold_instruction_call_issuer "holdInstructionCallIssuer" -#define LN_hold_instruction_call_issuer "Hold Instruction Call Issuer" -#define NID_hold_instruction_call_issuer 432 -#define OBJ_hold_instruction_call_issuer OBJ_holdInstruction,2L - -#define SN_hold_instruction_reject "holdInstructionReject" -#define LN_hold_instruction_reject "Hold Instruction Reject" -#define NID_hold_instruction_reject 433 -#define OBJ_hold_instruction_reject OBJ_holdInstruction,3L - -#define SN_data "data" -#define NID_data 434 -#define OBJ_data OBJ_itu_t,9L - -#define SN_pss "pss" -#define NID_pss 435 -#define OBJ_pss OBJ_data,2342L - -#define SN_ucl "ucl" -#define NID_ucl 436 -#define OBJ_ucl OBJ_pss,19200300L - -#define SN_pilot "pilot" -#define NID_pilot 437 -#define OBJ_pilot OBJ_ucl,100L - -#define LN_pilotAttributeType "pilotAttributeType" -#define NID_pilotAttributeType 438 -#define OBJ_pilotAttributeType OBJ_pilot,1L - -#define LN_pilotAttributeSyntax "pilotAttributeSyntax" -#define NID_pilotAttributeSyntax 439 -#define OBJ_pilotAttributeSyntax OBJ_pilot,3L - -#define LN_pilotObjectClass "pilotObjectClass" -#define NID_pilotObjectClass 440 -#define OBJ_pilotObjectClass OBJ_pilot,4L - -#define LN_pilotGroups "pilotGroups" -#define NID_pilotGroups 441 -#define OBJ_pilotGroups OBJ_pilot,10L - -#define LN_iA5StringSyntax "iA5StringSyntax" -#define NID_iA5StringSyntax 442 -#define OBJ_iA5StringSyntax OBJ_pilotAttributeSyntax,4L - -#define LN_caseIgnoreIA5StringSyntax "caseIgnoreIA5StringSyntax" -#define NID_caseIgnoreIA5StringSyntax 443 -#define OBJ_caseIgnoreIA5StringSyntax OBJ_pilotAttributeSyntax,5L - -#define LN_pilotObject "pilotObject" -#define NID_pilotObject 444 -#define OBJ_pilotObject OBJ_pilotObjectClass,3L - -#define LN_pilotPerson "pilotPerson" -#define NID_pilotPerson 445 -#define OBJ_pilotPerson OBJ_pilotObjectClass,4L - -#define SN_account "account" -#define NID_account 446 -#define OBJ_account OBJ_pilotObjectClass,5L - -#define SN_document "document" -#define NID_document 447 -#define OBJ_document OBJ_pilotObjectClass,6L - -#define SN_room "room" -#define NID_room 448 -#define OBJ_room OBJ_pilotObjectClass,7L - -#define LN_documentSeries "documentSeries" -#define NID_documentSeries 449 -#define OBJ_documentSeries OBJ_pilotObjectClass,9L - -#define SN_Domain "domain" -#define LN_Domain "Domain" -#define NID_Domain 392 -#define OBJ_Domain OBJ_pilotObjectClass,13L - -#define LN_rFC822localPart "rFC822localPart" -#define NID_rFC822localPart 450 -#define OBJ_rFC822localPart OBJ_pilotObjectClass,14L - -#define LN_dNSDomain "dNSDomain" -#define NID_dNSDomain 451 -#define OBJ_dNSDomain OBJ_pilotObjectClass,15L - -#define LN_domainRelatedObject "domainRelatedObject" -#define NID_domainRelatedObject 452 -#define OBJ_domainRelatedObject OBJ_pilotObjectClass,17L - -#define LN_friendlyCountry "friendlyCountry" -#define NID_friendlyCountry 453 -#define OBJ_friendlyCountry OBJ_pilotObjectClass,18L - -#define LN_simpleSecurityObject "simpleSecurityObject" -#define NID_simpleSecurityObject 454 -#define OBJ_simpleSecurityObject OBJ_pilotObjectClass,19L - -#define LN_pilotOrganization "pilotOrganization" -#define NID_pilotOrganization 455 -#define OBJ_pilotOrganization OBJ_pilotObjectClass,20L - -#define LN_pilotDSA "pilotDSA" -#define NID_pilotDSA 456 -#define OBJ_pilotDSA OBJ_pilotObjectClass,21L - -#define LN_qualityLabelledData "qualityLabelledData" -#define NID_qualityLabelledData 457 -#define OBJ_qualityLabelledData OBJ_pilotObjectClass,22L - -#define SN_userId "UID" -#define LN_userId "userId" -#define NID_userId 458 -#define OBJ_userId OBJ_pilotAttributeType,1L - -#define LN_textEncodedORAddress "textEncodedORAddress" -#define NID_textEncodedORAddress 459 -#define OBJ_textEncodedORAddress OBJ_pilotAttributeType,2L - -#define SN_rfc822Mailbox "mail" -#define LN_rfc822Mailbox "rfc822Mailbox" -#define NID_rfc822Mailbox 460 -#define OBJ_rfc822Mailbox OBJ_pilotAttributeType,3L - -#define SN_info "info" -#define NID_info 461 -#define OBJ_info OBJ_pilotAttributeType,4L - -#define LN_favouriteDrink "favouriteDrink" -#define NID_favouriteDrink 462 -#define OBJ_favouriteDrink OBJ_pilotAttributeType,5L - -#define LN_roomNumber "roomNumber" -#define NID_roomNumber 463 -#define OBJ_roomNumber OBJ_pilotAttributeType,6L - -#define SN_photo "photo" -#define NID_photo 464 -#define OBJ_photo OBJ_pilotAttributeType,7L - -#define LN_userClass "userClass" -#define NID_userClass 465 -#define OBJ_userClass OBJ_pilotAttributeType,8L - -#define SN_host "host" -#define NID_host 466 -#define OBJ_host OBJ_pilotAttributeType,9L - -#define SN_manager "manager" -#define NID_manager 467 -#define OBJ_manager OBJ_pilotAttributeType,10L - -#define LN_documentIdentifier "documentIdentifier" -#define NID_documentIdentifier 468 -#define OBJ_documentIdentifier OBJ_pilotAttributeType,11L - -#define LN_documentTitle "documentTitle" -#define NID_documentTitle 469 -#define OBJ_documentTitle OBJ_pilotAttributeType,12L - -#define LN_documentVersion "documentVersion" -#define NID_documentVersion 470 -#define OBJ_documentVersion OBJ_pilotAttributeType,13L - -#define LN_documentAuthor "documentAuthor" -#define NID_documentAuthor 471 -#define OBJ_documentAuthor OBJ_pilotAttributeType,14L - -#define LN_documentLocation "documentLocation" -#define NID_documentLocation 472 -#define OBJ_documentLocation OBJ_pilotAttributeType,15L - -#define LN_homeTelephoneNumber "homeTelephoneNumber" -#define NID_homeTelephoneNumber 473 -#define OBJ_homeTelephoneNumber OBJ_pilotAttributeType,20L - -#define SN_secretary "secretary" -#define NID_secretary 474 -#define OBJ_secretary OBJ_pilotAttributeType,21L - -#define LN_otherMailbox "otherMailbox" -#define NID_otherMailbox 475 -#define OBJ_otherMailbox OBJ_pilotAttributeType,22L - -#define LN_lastModifiedTime "lastModifiedTime" -#define NID_lastModifiedTime 476 -#define OBJ_lastModifiedTime OBJ_pilotAttributeType,23L - -#define LN_lastModifiedBy "lastModifiedBy" -#define NID_lastModifiedBy 477 -#define OBJ_lastModifiedBy OBJ_pilotAttributeType,24L - -#define SN_domainComponent "DC" -#define LN_domainComponent "domainComponent" -#define NID_domainComponent 391 -#define OBJ_domainComponent OBJ_pilotAttributeType,25L - -#define LN_aRecord "aRecord" -#define NID_aRecord 478 -#define OBJ_aRecord OBJ_pilotAttributeType,26L - -#define LN_pilotAttributeType27 "pilotAttributeType27" -#define NID_pilotAttributeType27 479 -#define OBJ_pilotAttributeType27 OBJ_pilotAttributeType,27L - -#define LN_mXRecord "mXRecord" -#define NID_mXRecord 480 -#define OBJ_mXRecord OBJ_pilotAttributeType,28L - -#define LN_nSRecord "nSRecord" -#define NID_nSRecord 481 -#define OBJ_nSRecord OBJ_pilotAttributeType,29L - -#define LN_sOARecord "sOARecord" -#define NID_sOARecord 482 -#define OBJ_sOARecord OBJ_pilotAttributeType,30L - -#define LN_cNAMERecord "cNAMERecord" -#define NID_cNAMERecord 483 -#define OBJ_cNAMERecord OBJ_pilotAttributeType,31L - -#define LN_associatedDomain "associatedDomain" -#define NID_associatedDomain 484 -#define OBJ_associatedDomain OBJ_pilotAttributeType,37L - -#define LN_associatedName "associatedName" -#define NID_associatedName 485 -#define OBJ_associatedName OBJ_pilotAttributeType,38L - -#define LN_homePostalAddress "homePostalAddress" -#define NID_homePostalAddress 486 -#define OBJ_homePostalAddress OBJ_pilotAttributeType,39L - -#define LN_personalTitle "personalTitle" -#define NID_personalTitle 487 -#define OBJ_personalTitle OBJ_pilotAttributeType,40L - -#define LN_mobileTelephoneNumber "mobileTelephoneNumber" -#define NID_mobileTelephoneNumber 488 -#define OBJ_mobileTelephoneNumber OBJ_pilotAttributeType,41L - -#define LN_pagerTelephoneNumber "pagerTelephoneNumber" -#define NID_pagerTelephoneNumber 489 -#define OBJ_pagerTelephoneNumber OBJ_pilotAttributeType,42L - -#define LN_friendlyCountryName "friendlyCountryName" -#define NID_friendlyCountryName 490 -#define OBJ_friendlyCountryName OBJ_pilotAttributeType,43L - -#define LN_organizationalStatus "organizationalStatus" -#define NID_organizationalStatus 491 -#define OBJ_organizationalStatus OBJ_pilotAttributeType,45L - -#define LN_janetMailbox "janetMailbox" -#define NID_janetMailbox 492 -#define OBJ_janetMailbox OBJ_pilotAttributeType,46L - -#define LN_mailPreferenceOption "mailPreferenceOption" -#define NID_mailPreferenceOption 493 -#define OBJ_mailPreferenceOption OBJ_pilotAttributeType,47L - -#define LN_buildingName "buildingName" -#define NID_buildingName 494 -#define OBJ_buildingName OBJ_pilotAttributeType,48L - -#define LN_dSAQuality "dSAQuality" -#define NID_dSAQuality 495 -#define OBJ_dSAQuality OBJ_pilotAttributeType,49L - -#define LN_singleLevelQuality "singleLevelQuality" -#define NID_singleLevelQuality 496 -#define OBJ_singleLevelQuality OBJ_pilotAttributeType,50L - -#define LN_subtreeMinimumQuality "subtreeMinimumQuality" -#define NID_subtreeMinimumQuality 497 -#define OBJ_subtreeMinimumQuality OBJ_pilotAttributeType,51L - -#define LN_subtreeMaximumQuality "subtreeMaximumQuality" -#define NID_subtreeMaximumQuality 498 -#define OBJ_subtreeMaximumQuality OBJ_pilotAttributeType,52L - -#define LN_personalSignature "personalSignature" -#define NID_personalSignature 499 -#define OBJ_personalSignature OBJ_pilotAttributeType,53L - -#define LN_dITRedirect "dITRedirect" -#define NID_dITRedirect 500 -#define OBJ_dITRedirect OBJ_pilotAttributeType,54L - -#define SN_audio "audio" -#define NID_audio 501 -#define OBJ_audio OBJ_pilotAttributeType,55L - -#define LN_documentPublisher "documentPublisher" -#define NID_documentPublisher 502 -#define OBJ_documentPublisher OBJ_pilotAttributeType,56L - -#define SN_id_set "id-set" -#define LN_id_set "Secure Electronic Transactions" -#define NID_id_set 512 -#define OBJ_id_set OBJ_international_organizations,42L - -#define SN_set_ctype "set-ctype" -#define LN_set_ctype "content types" -#define NID_set_ctype 513 -#define OBJ_set_ctype OBJ_id_set,0L - -#define SN_set_msgExt "set-msgExt" -#define LN_set_msgExt "message extensions" -#define NID_set_msgExt 514 -#define OBJ_set_msgExt OBJ_id_set,1L - -#define SN_set_attr "set-attr" -#define NID_set_attr 515 -#define OBJ_set_attr OBJ_id_set,3L - -#define SN_set_policy "set-policy" -#define NID_set_policy 516 -#define OBJ_set_policy OBJ_id_set,5L - -#define SN_set_certExt "set-certExt" -#define LN_set_certExt "certificate extensions" -#define NID_set_certExt 517 -#define OBJ_set_certExt OBJ_id_set,7L - -#define SN_set_brand "set-brand" -#define NID_set_brand 518 -#define OBJ_set_brand OBJ_id_set,8L - -#define SN_setct_PANData "setct-PANData" -#define NID_setct_PANData 519 -#define OBJ_setct_PANData OBJ_set_ctype,0L - -#define SN_setct_PANToken "setct-PANToken" -#define NID_setct_PANToken 520 -#define OBJ_setct_PANToken OBJ_set_ctype,1L - -#define SN_setct_PANOnly "setct-PANOnly" -#define NID_setct_PANOnly 521 -#define OBJ_setct_PANOnly OBJ_set_ctype,2L - -#define SN_setct_OIData "setct-OIData" -#define NID_setct_OIData 522 -#define OBJ_setct_OIData OBJ_set_ctype,3L - -#define SN_setct_PI "setct-PI" -#define NID_setct_PI 523 -#define OBJ_setct_PI OBJ_set_ctype,4L - -#define SN_setct_PIData "setct-PIData" -#define NID_setct_PIData 524 -#define OBJ_setct_PIData OBJ_set_ctype,5L - -#define SN_setct_PIDataUnsigned "setct-PIDataUnsigned" -#define NID_setct_PIDataUnsigned 525 -#define OBJ_setct_PIDataUnsigned OBJ_set_ctype,6L - -#define SN_setct_HODInput "setct-HODInput" -#define NID_setct_HODInput 526 -#define OBJ_setct_HODInput OBJ_set_ctype,7L - -#define SN_setct_AuthResBaggage "setct-AuthResBaggage" -#define NID_setct_AuthResBaggage 527 -#define OBJ_setct_AuthResBaggage OBJ_set_ctype,8L - -#define SN_setct_AuthRevReqBaggage "setct-AuthRevReqBaggage" -#define NID_setct_AuthRevReqBaggage 528 -#define OBJ_setct_AuthRevReqBaggage OBJ_set_ctype,9L - -#define SN_setct_AuthRevResBaggage "setct-AuthRevResBaggage" -#define NID_setct_AuthRevResBaggage 529 -#define OBJ_setct_AuthRevResBaggage OBJ_set_ctype,10L - -#define SN_setct_CapTokenSeq "setct-CapTokenSeq" -#define NID_setct_CapTokenSeq 530 -#define OBJ_setct_CapTokenSeq OBJ_set_ctype,11L - -#define SN_setct_PInitResData "setct-PInitResData" -#define NID_setct_PInitResData 531 -#define OBJ_setct_PInitResData OBJ_set_ctype,12L - -#define SN_setct_PI_TBS "setct-PI-TBS" -#define NID_setct_PI_TBS 532 -#define OBJ_setct_PI_TBS OBJ_set_ctype,13L - -#define SN_setct_PResData "setct-PResData" -#define NID_setct_PResData 533 -#define OBJ_setct_PResData OBJ_set_ctype,14L - -#define SN_setct_AuthReqTBS "setct-AuthReqTBS" -#define NID_setct_AuthReqTBS 534 -#define OBJ_setct_AuthReqTBS OBJ_set_ctype,16L - -#define SN_setct_AuthResTBS "setct-AuthResTBS" -#define NID_setct_AuthResTBS 535 -#define OBJ_setct_AuthResTBS OBJ_set_ctype,17L - -#define SN_setct_AuthResTBSX "setct-AuthResTBSX" -#define NID_setct_AuthResTBSX 536 -#define OBJ_setct_AuthResTBSX OBJ_set_ctype,18L - -#define SN_setct_AuthTokenTBS "setct-AuthTokenTBS" -#define NID_setct_AuthTokenTBS 537 -#define OBJ_setct_AuthTokenTBS OBJ_set_ctype,19L - -#define SN_setct_CapTokenData "setct-CapTokenData" -#define NID_setct_CapTokenData 538 -#define OBJ_setct_CapTokenData OBJ_set_ctype,20L - -#define SN_setct_CapTokenTBS "setct-CapTokenTBS" -#define NID_setct_CapTokenTBS 539 -#define OBJ_setct_CapTokenTBS OBJ_set_ctype,21L - -#define SN_setct_AcqCardCodeMsg "setct-AcqCardCodeMsg" -#define NID_setct_AcqCardCodeMsg 540 -#define OBJ_setct_AcqCardCodeMsg OBJ_set_ctype,22L - -#define SN_setct_AuthRevReqTBS "setct-AuthRevReqTBS" -#define NID_setct_AuthRevReqTBS 541 -#define OBJ_setct_AuthRevReqTBS OBJ_set_ctype,23L - -#define SN_setct_AuthRevResData "setct-AuthRevResData" -#define NID_setct_AuthRevResData 542 -#define OBJ_setct_AuthRevResData OBJ_set_ctype,24L - -#define SN_setct_AuthRevResTBS "setct-AuthRevResTBS" -#define NID_setct_AuthRevResTBS 543 -#define OBJ_setct_AuthRevResTBS OBJ_set_ctype,25L - -#define SN_setct_CapReqTBS "setct-CapReqTBS" -#define NID_setct_CapReqTBS 544 -#define OBJ_setct_CapReqTBS OBJ_set_ctype,26L - -#define SN_setct_CapReqTBSX "setct-CapReqTBSX" -#define NID_setct_CapReqTBSX 545 -#define OBJ_setct_CapReqTBSX OBJ_set_ctype,27L - -#define SN_setct_CapResData "setct-CapResData" -#define NID_setct_CapResData 546 -#define OBJ_setct_CapResData OBJ_set_ctype,28L - -#define SN_setct_CapRevReqTBS "setct-CapRevReqTBS" -#define NID_setct_CapRevReqTBS 547 -#define OBJ_setct_CapRevReqTBS OBJ_set_ctype,29L - -#define SN_setct_CapRevReqTBSX "setct-CapRevReqTBSX" -#define NID_setct_CapRevReqTBSX 548 -#define OBJ_setct_CapRevReqTBSX OBJ_set_ctype,30L - -#define SN_setct_CapRevResData "setct-CapRevResData" -#define NID_setct_CapRevResData 549 -#define OBJ_setct_CapRevResData OBJ_set_ctype,31L - -#define SN_setct_CredReqTBS "setct-CredReqTBS" -#define NID_setct_CredReqTBS 550 -#define OBJ_setct_CredReqTBS OBJ_set_ctype,32L - -#define SN_setct_CredReqTBSX "setct-CredReqTBSX" -#define NID_setct_CredReqTBSX 551 -#define OBJ_setct_CredReqTBSX OBJ_set_ctype,33L - -#define SN_setct_CredResData "setct-CredResData" -#define NID_setct_CredResData 552 -#define OBJ_setct_CredResData OBJ_set_ctype,34L - -#define SN_setct_CredRevReqTBS "setct-CredRevReqTBS" -#define NID_setct_CredRevReqTBS 553 -#define OBJ_setct_CredRevReqTBS OBJ_set_ctype,35L - -#define SN_setct_CredRevReqTBSX "setct-CredRevReqTBSX" -#define NID_setct_CredRevReqTBSX 554 -#define OBJ_setct_CredRevReqTBSX OBJ_set_ctype,36L - -#define SN_setct_CredRevResData "setct-CredRevResData" -#define NID_setct_CredRevResData 555 -#define OBJ_setct_CredRevResData OBJ_set_ctype,37L - -#define SN_setct_PCertReqData "setct-PCertReqData" -#define NID_setct_PCertReqData 556 -#define OBJ_setct_PCertReqData OBJ_set_ctype,38L - -#define SN_setct_PCertResTBS "setct-PCertResTBS" -#define NID_setct_PCertResTBS 557 -#define OBJ_setct_PCertResTBS OBJ_set_ctype,39L - -#define SN_setct_BatchAdminReqData "setct-BatchAdminReqData" -#define NID_setct_BatchAdminReqData 558 -#define OBJ_setct_BatchAdminReqData OBJ_set_ctype,40L - -#define SN_setct_BatchAdminResData "setct-BatchAdminResData" -#define NID_setct_BatchAdminResData 559 -#define OBJ_setct_BatchAdminResData OBJ_set_ctype,41L - -#define SN_setct_CardCInitResTBS "setct-CardCInitResTBS" -#define NID_setct_CardCInitResTBS 560 -#define OBJ_setct_CardCInitResTBS OBJ_set_ctype,42L - -#define SN_setct_MeAqCInitResTBS "setct-MeAqCInitResTBS" -#define NID_setct_MeAqCInitResTBS 561 -#define OBJ_setct_MeAqCInitResTBS OBJ_set_ctype,43L - -#define SN_setct_RegFormResTBS "setct-RegFormResTBS" -#define NID_setct_RegFormResTBS 562 -#define OBJ_setct_RegFormResTBS OBJ_set_ctype,44L - -#define SN_setct_CertReqData "setct-CertReqData" -#define NID_setct_CertReqData 563 -#define OBJ_setct_CertReqData OBJ_set_ctype,45L - -#define SN_setct_CertReqTBS "setct-CertReqTBS" -#define NID_setct_CertReqTBS 564 -#define OBJ_setct_CertReqTBS OBJ_set_ctype,46L - -#define SN_setct_CertResData "setct-CertResData" -#define NID_setct_CertResData 565 -#define OBJ_setct_CertResData OBJ_set_ctype,47L - -#define SN_setct_CertInqReqTBS "setct-CertInqReqTBS" -#define NID_setct_CertInqReqTBS 566 -#define OBJ_setct_CertInqReqTBS OBJ_set_ctype,48L - -#define SN_setct_ErrorTBS "setct-ErrorTBS" -#define NID_setct_ErrorTBS 567 -#define OBJ_setct_ErrorTBS OBJ_set_ctype,49L - -#define SN_setct_PIDualSignedTBE "setct-PIDualSignedTBE" -#define NID_setct_PIDualSignedTBE 568 -#define OBJ_setct_PIDualSignedTBE OBJ_set_ctype,50L - -#define SN_setct_PIUnsignedTBE "setct-PIUnsignedTBE" -#define NID_setct_PIUnsignedTBE 569 -#define OBJ_setct_PIUnsignedTBE OBJ_set_ctype,51L - -#define SN_setct_AuthReqTBE "setct-AuthReqTBE" -#define NID_setct_AuthReqTBE 570 -#define OBJ_setct_AuthReqTBE OBJ_set_ctype,52L - -#define SN_setct_AuthResTBE "setct-AuthResTBE" -#define NID_setct_AuthResTBE 571 -#define OBJ_setct_AuthResTBE OBJ_set_ctype,53L - -#define SN_setct_AuthResTBEX "setct-AuthResTBEX" -#define NID_setct_AuthResTBEX 572 -#define OBJ_setct_AuthResTBEX OBJ_set_ctype,54L - -#define SN_setct_AuthTokenTBE "setct-AuthTokenTBE" -#define NID_setct_AuthTokenTBE 573 -#define OBJ_setct_AuthTokenTBE OBJ_set_ctype,55L - -#define SN_setct_CapTokenTBE "setct-CapTokenTBE" -#define NID_setct_CapTokenTBE 574 -#define OBJ_setct_CapTokenTBE OBJ_set_ctype,56L - -#define SN_setct_CapTokenTBEX "setct-CapTokenTBEX" -#define NID_setct_CapTokenTBEX 575 -#define OBJ_setct_CapTokenTBEX OBJ_set_ctype,57L - -#define SN_setct_AcqCardCodeMsgTBE "setct-AcqCardCodeMsgTBE" -#define NID_setct_AcqCardCodeMsgTBE 576 -#define OBJ_setct_AcqCardCodeMsgTBE OBJ_set_ctype,58L - -#define SN_setct_AuthRevReqTBE "setct-AuthRevReqTBE" -#define NID_setct_AuthRevReqTBE 577 -#define OBJ_setct_AuthRevReqTBE OBJ_set_ctype,59L - -#define SN_setct_AuthRevResTBE "setct-AuthRevResTBE" -#define NID_setct_AuthRevResTBE 578 -#define OBJ_setct_AuthRevResTBE OBJ_set_ctype,60L - -#define SN_setct_AuthRevResTBEB "setct-AuthRevResTBEB" -#define NID_setct_AuthRevResTBEB 579 -#define OBJ_setct_AuthRevResTBEB OBJ_set_ctype,61L - -#define SN_setct_CapReqTBE "setct-CapReqTBE" -#define NID_setct_CapReqTBE 580 -#define OBJ_setct_CapReqTBE OBJ_set_ctype,62L - -#define SN_setct_CapReqTBEX "setct-CapReqTBEX" -#define NID_setct_CapReqTBEX 581 -#define OBJ_setct_CapReqTBEX OBJ_set_ctype,63L - -#define SN_setct_CapResTBE "setct-CapResTBE" -#define NID_setct_CapResTBE 582 -#define OBJ_setct_CapResTBE OBJ_set_ctype,64L - -#define SN_setct_CapRevReqTBE "setct-CapRevReqTBE" -#define NID_setct_CapRevReqTBE 583 -#define OBJ_setct_CapRevReqTBE OBJ_set_ctype,65L - -#define SN_setct_CapRevReqTBEX "setct-CapRevReqTBEX" -#define NID_setct_CapRevReqTBEX 584 -#define OBJ_setct_CapRevReqTBEX OBJ_set_ctype,66L - -#define SN_setct_CapRevResTBE "setct-CapRevResTBE" -#define NID_setct_CapRevResTBE 585 -#define OBJ_setct_CapRevResTBE OBJ_set_ctype,67L - -#define SN_setct_CredReqTBE "setct-CredReqTBE" -#define NID_setct_CredReqTBE 586 -#define OBJ_setct_CredReqTBE OBJ_set_ctype,68L - -#define SN_setct_CredReqTBEX "setct-CredReqTBEX" -#define NID_setct_CredReqTBEX 587 -#define OBJ_setct_CredReqTBEX OBJ_set_ctype,69L - -#define SN_setct_CredResTBE "setct-CredResTBE" -#define NID_setct_CredResTBE 588 -#define OBJ_setct_CredResTBE OBJ_set_ctype,70L - -#define SN_setct_CredRevReqTBE "setct-CredRevReqTBE" -#define NID_setct_CredRevReqTBE 589 -#define OBJ_setct_CredRevReqTBE OBJ_set_ctype,71L - -#define SN_setct_CredRevReqTBEX "setct-CredRevReqTBEX" -#define NID_setct_CredRevReqTBEX 590 -#define OBJ_setct_CredRevReqTBEX OBJ_set_ctype,72L - -#define SN_setct_CredRevResTBE "setct-CredRevResTBE" -#define NID_setct_CredRevResTBE 591 -#define OBJ_setct_CredRevResTBE OBJ_set_ctype,73L - -#define SN_setct_BatchAdminReqTBE "setct-BatchAdminReqTBE" -#define NID_setct_BatchAdminReqTBE 592 -#define OBJ_setct_BatchAdminReqTBE OBJ_set_ctype,74L - -#define SN_setct_BatchAdminResTBE "setct-BatchAdminResTBE" -#define NID_setct_BatchAdminResTBE 593 -#define OBJ_setct_BatchAdminResTBE OBJ_set_ctype,75L - -#define SN_setct_RegFormReqTBE "setct-RegFormReqTBE" -#define NID_setct_RegFormReqTBE 594 -#define OBJ_setct_RegFormReqTBE OBJ_set_ctype,76L - -#define SN_setct_CertReqTBE "setct-CertReqTBE" -#define NID_setct_CertReqTBE 595 -#define OBJ_setct_CertReqTBE OBJ_set_ctype,77L - -#define SN_setct_CertReqTBEX "setct-CertReqTBEX" -#define NID_setct_CertReqTBEX 596 -#define OBJ_setct_CertReqTBEX OBJ_set_ctype,78L - -#define SN_setct_CertResTBE "setct-CertResTBE" -#define NID_setct_CertResTBE 597 -#define OBJ_setct_CertResTBE OBJ_set_ctype,79L - -#define SN_setct_CRLNotificationTBS "setct-CRLNotificationTBS" -#define NID_setct_CRLNotificationTBS 598 -#define OBJ_setct_CRLNotificationTBS OBJ_set_ctype,80L - -#define SN_setct_CRLNotificationResTBS "setct-CRLNotificationResTBS" -#define NID_setct_CRLNotificationResTBS 599 -#define OBJ_setct_CRLNotificationResTBS OBJ_set_ctype,81L - -#define SN_setct_BCIDistributionTBS "setct-BCIDistributionTBS" -#define NID_setct_BCIDistributionTBS 600 -#define OBJ_setct_BCIDistributionTBS OBJ_set_ctype,82L - -#define SN_setext_genCrypt "setext-genCrypt" -#define LN_setext_genCrypt "generic cryptogram" -#define NID_setext_genCrypt 601 -#define OBJ_setext_genCrypt OBJ_set_msgExt,1L - -#define SN_setext_miAuth "setext-miAuth" -#define LN_setext_miAuth "merchant initiated auth" -#define NID_setext_miAuth 602 -#define OBJ_setext_miAuth OBJ_set_msgExt,3L - -#define SN_setext_pinSecure "setext-pinSecure" -#define NID_setext_pinSecure 603 -#define OBJ_setext_pinSecure OBJ_set_msgExt,4L - -#define SN_setext_pinAny "setext-pinAny" -#define NID_setext_pinAny 604 -#define OBJ_setext_pinAny OBJ_set_msgExt,5L - -#define SN_setext_track2 "setext-track2" -#define NID_setext_track2 605 -#define OBJ_setext_track2 OBJ_set_msgExt,7L - -#define SN_setext_cv "setext-cv" -#define LN_setext_cv "additional verification" -#define NID_setext_cv 606 -#define OBJ_setext_cv OBJ_set_msgExt,8L - -#define SN_set_policy_root "set-policy-root" -#define NID_set_policy_root 607 -#define OBJ_set_policy_root OBJ_set_policy,0L - -#define SN_setCext_hashedRoot "setCext-hashedRoot" -#define NID_setCext_hashedRoot 608 -#define OBJ_setCext_hashedRoot OBJ_set_certExt,0L - -#define SN_setCext_certType "setCext-certType" -#define NID_setCext_certType 609 -#define OBJ_setCext_certType OBJ_set_certExt,1L - -#define SN_setCext_merchData "setCext-merchData" -#define NID_setCext_merchData 610 -#define OBJ_setCext_merchData OBJ_set_certExt,2L - -#define SN_setCext_cCertRequired "setCext-cCertRequired" -#define NID_setCext_cCertRequired 611 -#define OBJ_setCext_cCertRequired OBJ_set_certExt,3L - -#define SN_setCext_tunneling "setCext-tunneling" -#define NID_setCext_tunneling 612 -#define OBJ_setCext_tunneling OBJ_set_certExt,4L - -#define SN_setCext_setExt "setCext-setExt" -#define NID_setCext_setExt 613 -#define OBJ_setCext_setExt OBJ_set_certExt,5L - -#define SN_setCext_setQualf "setCext-setQualf" -#define NID_setCext_setQualf 614 -#define OBJ_setCext_setQualf OBJ_set_certExt,6L - -#define SN_setCext_PGWYcapabilities "setCext-PGWYcapabilities" -#define NID_setCext_PGWYcapabilities 615 -#define OBJ_setCext_PGWYcapabilities OBJ_set_certExt,7L - -#define SN_setCext_TokenIdentifier "setCext-TokenIdentifier" -#define NID_setCext_TokenIdentifier 616 -#define OBJ_setCext_TokenIdentifier OBJ_set_certExt,8L - -#define SN_setCext_Track2Data "setCext-Track2Data" -#define NID_setCext_Track2Data 617 -#define OBJ_setCext_Track2Data OBJ_set_certExt,9L - -#define SN_setCext_TokenType "setCext-TokenType" -#define NID_setCext_TokenType 618 -#define OBJ_setCext_TokenType OBJ_set_certExt,10L - -#define SN_setCext_IssuerCapabilities "setCext-IssuerCapabilities" -#define NID_setCext_IssuerCapabilities 619 -#define OBJ_setCext_IssuerCapabilities OBJ_set_certExt,11L - -#define SN_setAttr_Cert "setAttr-Cert" -#define NID_setAttr_Cert 620 -#define OBJ_setAttr_Cert OBJ_set_attr,0L - -#define SN_setAttr_PGWYcap "setAttr-PGWYcap" -#define LN_setAttr_PGWYcap "payment gateway capabilities" -#define NID_setAttr_PGWYcap 621 -#define OBJ_setAttr_PGWYcap OBJ_set_attr,1L - -#define SN_setAttr_TokenType "setAttr-TokenType" -#define NID_setAttr_TokenType 622 -#define OBJ_setAttr_TokenType OBJ_set_attr,2L - -#define SN_setAttr_IssCap "setAttr-IssCap" -#define LN_setAttr_IssCap "issuer capabilities" -#define NID_setAttr_IssCap 623 -#define OBJ_setAttr_IssCap OBJ_set_attr,3L - -#define SN_set_rootKeyThumb "set-rootKeyThumb" -#define NID_set_rootKeyThumb 624 -#define OBJ_set_rootKeyThumb OBJ_setAttr_Cert,0L - -#define SN_set_addPolicy "set-addPolicy" -#define NID_set_addPolicy 625 -#define OBJ_set_addPolicy OBJ_setAttr_Cert,1L - -#define SN_setAttr_Token_EMV "setAttr-Token-EMV" -#define NID_setAttr_Token_EMV 626 -#define OBJ_setAttr_Token_EMV OBJ_setAttr_TokenType,1L - -#define SN_setAttr_Token_B0Prime "setAttr-Token-B0Prime" -#define NID_setAttr_Token_B0Prime 627 -#define OBJ_setAttr_Token_B0Prime OBJ_setAttr_TokenType,2L - -#define SN_setAttr_IssCap_CVM "setAttr-IssCap-CVM" -#define NID_setAttr_IssCap_CVM 628 -#define OBJ_setAttr_IssCap_CVM OBJ_setAttr_IssCap,3L - -#define SN_setAttr_IssCap_T2 "setAttr-IssCap-T2" -#define NID_setAttr_IssCap_T2 629 -#define OBJ_setAttr_IssCap_T2 OBJ_setAttr_IssCap,4L - -#define SN_setAttr_IssCap_Sig "setAttr-IssCap-Sig" -#define NID_setAttr_IssCap_Sig 630 -#define OBJ_setAttr_IssCap_Sig OBJ_setAttr_IssCap,5L - -#define SN_setAttr_GenCryptgrm "setAttr-GenCryptgrm" -#define LN_setAttr_GenCryptgrm "generate cryptogram" -#define NID_setAttr_GenCryptgrm 631 -#define OBJ_setAttr_GenCryptgrm OBJ_setAttr_IssCap_CVM,1L - -#define SN_setAttr_T2Enc "setAttr-T2Enc" -#define LN_setAttr_T2Enc "encrypted track 2" -#define NID_setAttr_T2Enc 632 -#define OBJ_setAttr_T2Enc OBJ_setAttr_IssCap_T2,1L - -#define SN_setAttr_T2cleartxt "setAttr-T2cleartxt" -#define LN_setAttr_T2cleartxt "cleartext track 2" -#define NID_setAttr_T2cleartxt 633 -#define OBJ_setAttr_T2cleartxt OBJ_setAttr_IssCap_T2,2L - -#define SN_setAttr_TokICCsig "setAttr-TokICCsig" -#define LN_setAttr_TokICCsig "ICC or token signature" -#define NID_setAttr_TokICCsig 634 -#define OBJ_setAttr_TokICCsig OBJ_setAttr_IssCap_Sig,1L - -#define SN_setAttr_SecDevSig "setAttr-SecDevSig" -#define LN_setAttr_SecDevSig "secure device signature" -#define NID_setAttr_SecDevSig 635 -#define OBJ_setAttr_SecDevSig OBJ_setAttr_IssCap_Sig,2L - -#define SN_set_brand_IATA_ATA "set-brand-IATA-ATA" -#define NID_set_brand_IATA_ATA 636 -#define OBJ_set_brand_IATA_ATA OBJ_set_brand,1L - -#define SN_set_brand_Diners "set-brand-Diners" -#define NID_set_brand_Diners 637 -#define OBJ_set_brand_Diners OBJ_set_brand,30L - -#define SN_set_brand_AmericanExpress "set-brand-AmericanExpress" -#define NID_set_brand_AmericanExpress 638 -#define OBJ_set_brand_AmericanExpress OBJ_set_brand,34L - -#define SN_set_brand_JCB "set-brand-JCB" -#define NID_set_brand_JCB 639 -#define OBJ_set_brand_JCB OBJ_set_brand,35L - -#define SN_set_brand_Visa "set-brand-Visa" -#define NID_set_brand_Visa 640 -#define OBJ_set_brand_Visa OBJ_set_brand,4L - -#define SN_set_brand_MasterCard "set-brand-MasterCard" -#define NID_set_brand_MasterCard 641 -#define OBJ_set_brand_MasterCard OBJ_set_brand,5L - -#define SN_set_brand_Novus "set-brand-Novus" -#define NID_set_brand_Novus 642 -#define OBJ_set_brand_Novus OBJ_set_brand,6011L - -#define SN_des_cdmf "DES-CDMF" -#define LN_des_cdmf "des-cdmf" -#define NID_des_cdmf 643 -#define OBJ_des_cdmf OBJ_rsadsi,3L,10L - -#define SN_rsaOAEPEncryptionSET "rsaOAEPEncryptionSET" -#define NID_rsaOAEPEncryptionSET 644 -#define OBJ_rsaOAEPEncryptionSET OBJ_rsadsi,1L,1L,6L - -#define SN_ipsec3 "Oakley-EC2N-3" -#define LN_ipsec3 "ipsec3" -#define NID_ipsec3 749 - -#define SN_ipsec4 "Oakley-EC2N-4" -#define LN_ipsec4 "ipsec4" -#define NID_ipsec4 750 - -#define SN_whirlpool "whirlpool" -#define NID_whirlpool 804 -#define OBJ_whirlpool OBJ_iso,0L,10118L,3L,0L,55L - -#define SN_cryptopro "cryptopro" -#define NID_cryptopro 805 -#define OBJ_cryptopro OBJ_member_body,643L,2L,2L - -#define SN_cryptocom "cryptocom" -#define NID_cryptocom 806 -#define OBJ_cryptocom OBJ_member_body,643L,2L,9L - -#define SN_id_GostR3411_94_with_GostR3410_2001 "id-GostR3411-94-with-GostR3410-2001" -#define LN_id_GostR3411_94_with_GostR3410_2001 "GOST R 34.11-94 with GOST R 34.10-2001" -#define NID_id_GostR3411_94_with_GostR3410_2001 807 -#define OBJ_id_GostR3411_94_with_GostR3410_2001 OBJ_cryptopro,3L - -#define SN_id_GostR3411_94_with_GostR3410_94 "id-GostR3411-94-with-GostR3410-94" -#define LN_id_GostR3411_94_with_GostR3410_94 "GOST R 34.11-94 with GOST R 34.10-94" -#define NID_id_GostR3411_94_with_GostR3410_94 808 -#define OBJ_id_GostR3411_94_with_GostR3410_94 OBJ_cryptopro,4L - -#define SN_id_GostR3411_94 "md_gost94" -#define LN_id_GostR3411_94 "GOST R 34.11-94" -#define NID_id_GostR3411_94 809 -#define OBJ_id_GostR3411_94 OBJ_cryptopro,9L - -#define SN_id_HMACGostR3411_94 "id-HMACGostR3411-94" -#define LN_id_HMACGostR3411_94 "HMAC GOST 34.11-94" -#define NID_id_HMACGostR3411_94 810 -#define OBJ_id_HMACGostR3411_94 OBJ_cryptopro,10L - -#define SN_id_GostR3410_2001 "gost2001" -#define LN_id_GostR3410_2001 "GOST R 34.10-2001" -#define NID_id_GostR3410_2001 811 -#define OBJ_id_GostR3410_2001 OBJ_cryptopro,19L - -#define SN_id_GostR3410_94 "gost94" -#define LN_id_GostR3410_94 "GOST R 34.10-94" -#define NID_id_GostR3410_94 812 -#define OBJ_id_GostR3410_94 OBJ_cryptopro,20L - -#define SN_id_Gost28147_89 "gost89" -#define LN_id_Gost28147_89 "GOST 28147-89" -#define NID_id_Gost28147_89 813 -#define OBJ_id_Gost28147_89 OBJ_cryptopro,21L - -#define SN_gost89_cnt "gost89-cnt" -#define NID_gost89_cnt 814 - -#define SN_id_Gost28147_89_MAC "gost-mac" -#define LN_id_Gost28147_89_MAC "GOST 28147-89 MAC" -#define NID_id_Gost28147_89_MAC 815 -#define OBJ_id_Gost28147_89_MAC OBJ_cryptopro,22L - -#define SN_id_GostR3411_94_prf "prf-gostr3411-94" -#define LN_id_GostR3411_94_prf "GOST R 34.11-94 PRF" -#define NID_id_GostR3411_94_prf 816 -#define OBJ_id_GostR3411_94_prf OBJ_cryptopro,23L - -#define SN_id_GostR3410_2001DH "id-GostR3410-2001DH" -#define LN_id_GostR3410_2001DH "GOST R 34.10-2001 DH" -#define NID_id_GostR3410_2001DH 817 -#define OBJ_id_GostR3410_2001DH OBJ_cryptopro,98L - -#define SN_id_GostR3410_94DH "id-GostR3410-94DH" -#define LN_id_GostR3410_94DH "GOST R 34.10-94 DH" -#define NID_id_GostR3410_94DH 818 -#define OBJ_id_GostR3410_94DH OBJ_cryptopro,99L - -#define SN_id_Gost28147_89_CryptoPro_KeyMeshing "id-Gost28147-89-CryptoPro-KeyMeshing" -#define NID_id_Gost28147_89_CryptoPro_KeyMeshing 819 -#define OBJ_id_Gost28147_89_CryptoPro_KeyMeshing OBJ_cryptopro,14L,1L - -#define SN_id_Gost28147_89_None_KeyMeshing "id-Gost28147-89-None-KeyMeshing" -#define NID_id_Gost28147_89_None_KeyMeshing 820 -#define OBJ_id_Gost28147_89_None_KeyMeshing OBJ_cryptopro,14L,0L - -#define SN_id_GostR3411_94_TestParamSet "id-GostR3411-94-TestParamSet" -#define NID_id_GostR3411_94_TestParamSet 821 -#define OBJ_id_GostR3411_94_TestParamSet OBJ_cryptopro,30L,0L - -#define SN_id_GostR3411_94_CryptoProParamSet "id-GostR3411-94-CryptoProParamSet" -#define NID_id_GostR3411_94_CryptoProParamSet 822 -#define OBJ_id_GostR3411_94_CryptoProParamSet OBJ_cryptopro,30L,1L - -#define SN_id_Gost28147_89_TestParamSet "id-Gost28147-89-TestParamSet" -#define NID_id_Gost28147_89_TestParamSet 823 -#define OBJ_id_Gost28147_89_TestParamSet OBJ_cryptopro,31L,0L - -#define SN_id_Gost28147_89_CryptoPro_A_ParamSet "id-Gost28147-89-CryptoPro-A-ParamSet" -#define NID_id_Gost28147_89_CryptoPro_A_ParamSet 824 -#define OBJ_id_Gost28147_89_CryptoPro_A_ParamSet OBJ_cryptopro,31L,1L - -#define SN_id_Gost28147_89_CryptoPro_B_ParamSet "id-Gost28147-89-CryptoPro-B-ParamSet" -#define NID_id_Gost28147_89_CryptoPro_B_ParamSet 825 -#define OBJ_id_Gost28147_89_CryptoPro_B_ParamSet OBJ_cryptopro,31L,2L - -#define SN_id_Gost28147_89_CryptoPro_C_ParamSet "id-Gost28147-89-CryptoPro-C-ParamSet" -#define NID_id_Gost28147_89_CryptoPro_C_ParamSet 826 -#define OBJ_id_Gost28147_89_CryptoPro_C_ParamSet OBJ_cryptopro,31L,3L - -#define SN_id_Gost28147_89_CryptoPro_D_ParamSet "id-Gost28147-89-CryptoPro-D-ParamSet" -#define NID_id_Gost28147_89_CryptoPro_D_ParamSet 827 -#define OBJ_id_Gost28147_89_CryptoPro_D_ParamSet OBJ_cryptopro,31L,4L - -#define SN_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet" -#define NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet 828 -#define OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet OBJ_cryptopro,31L,5L - -#define SN_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet" -#define NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet 829 -#define OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet OBJ_cryptopro,31L,6L - -#define SN_id_Gost28147_89_CryptoPro_RIC_1_ParamSet "id-Gost28147-89-CryptoPro-RIC-1-ParamSet" -#define NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet 830 -#define OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet OBJ_cryptopro,31L,7L - -#define SN_id_GostR3410_94_TestParamSet "id-GostR3410-94-TestParamSet" -#define NID_id_GostR3410_94_TestParamSet 831 -#define OBJ_id_GostR3410_94_TestParamSet OBJ_cryptopro,32L,0L - -#define SN_id_GostR3410_94_CryptoPro_A_ParamSet "id-GostR3410-94-CryptoPro-A-ParamSet" -#define NID_id_GostR3410_94_CryptoPro_A_ParamSet 832 -#define OBJ_id_GostR3410_94_CryptoPro_A_ParamSet OBJ_cryptopro,32L,2L - -#define SN_id_GostR3410_94_CryptoPro_B_ParamSet "id-GostR3410-94-CryptoPro-B-ParamSet" -#define NID_id_GostR3410_94_CryptoPro_B_ParamSet 833 -#define OBJ_id_GostR3410_94_CryptoPro_B_ParamSet OBJ_cryptopro,32L,3L - -#define SN_id_GostR3410_94_CryptoPro_C_ParamSet "id-GostR3410-94-CryptoPro-C-ParamSet" -#define NID_id_GostR3410_94_CryptoPro_C_ParamSet 834 -#define OBJ_id_GostR3410_94_CryptoPro_C_ParamSet OBJ_cryptopro,32L,4L - -#define SN_id_GostR3410_94_CryptoPro_D_ParamSet "id-GostR3410-94-CryptoPro-D-ParamSet" -#define NID_id_GostR3410_94_CryptoPro_D_ParamSet 835 -#define OBJ_id_GostR3410_94_CryptoPro_D_ParamSet OBJ_cryptopro,32L,5L - -#define SN_id_GostR3410_94_CryptoPro_XchA_ParamSet "id-GostR3410-94-CryptoPro-XchA-ParamSet" -#define NID_id_GostR3410_94_CryptoPro_XchA_ParamSet 836 -#define OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet OBJ_cryptopro,33L,1L - -#define SN_id_GostR3410_94_CryptoPro_XchB_ParamSet "id-GostR3410-94-CryptoPro-XchB-ParamSet" -#define NID_id_GostR3410_94_CryptoPro_XchB_ParamSet 837 -#define OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet OBJ_cryptopro,33L,2L - -#define SN_id_GostR3410_94_CryptoPro_XchC_ParamSet "id-GostR3410-94-CryptoPro-XchC-ParamSet" -#define NID_id_GostR3410_94_CryptoPro_XchC_ParamSet 838 -#define OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet OBJ_cryptopro,33L,3L - -#define SN_id_GostR3410_2001_TestParamSet "id-GostR3410-2001-TestParamSet" -#define NID_id_GostR3410_2001_TestParamSet 839 -#define OBJ_id_GostR3410_2001_TestParamSet OBJ_cryptopro,35L,0L - -#define SN_id_GostR3410_2001_CryptoPro_A_ParamSet "id-GostR3410-2001-CryptoPro-A-ParamSet" -#define NID_id_GostR3410_2001_CryptoPro_A_ParamSet 840 -#define OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet OBJ_cryptopro,35L,1L - -#define SN_id_GostR3410_2001_CryptoPro_B_ParamSet "id-GostR3410-2001-CryptoPro-B-ParamSet" -#define NID_id_GostR3410_2001_CryptoPro_B_ParamSet 841 -#define OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet OBJ_cryptopro,35L,2L - -#define SN_id_GostR3410_2001_CryptoPro_C_ParamSet "id-GostR3410-2001-CryptoPro-C-ParamSet" -#define NID_id_GostR3410_2001_CryptoPro_C_ParamSet 842 -#define OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet OBJ_cryptopro,35L,3L - -#define SN_id_GostR3410_2001_CryptoPro_XchA_ParamSet "id-GostR3410-2001-CryptoPro-XchA-ParamSet" -#define NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet 843 -#define OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet OBJ_cryptopro,36L,0L - -#define SN_id_GostR3410_2001_CryptoPro_XchB_ParamSet "id-GostR3410-2001-CryptoPro-XchB-ParamSet" -#define NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet 844 -#define OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet OBJ_cryptopro,36L,1L - -#define SN_id_GostR3410_94_a "id-GostR3410-94-a" -#define NID_id_GostR3410_94_a 845 -#define OBJ_id_GostR3410_94_a OBJ_id_GostR3410_94,1L - -#define SN_id_GostR3410_94_aBis "id-GostR3410-94-aBis" -#define NID_id_GostR3410_94_aBis 846 -#define OBJ_id_GostR3410_94_aBis OBJ_id_GostR3410_94,2L - -#define SN_id_GostR3410_94_b "id-GostR3410-94-b" -#define NID_id_GostR3410_94_b 847 -#define OBJ_id_GostR3410_94_b OBJ_id_GostR3410_94,3L - -#define SN_id_GostR3410_94_bBis "id-GostR3410-94-bBis" -#define NID_id_GostR3410_94_bBis 848 -#define OBJ_id_GostR3410_94_bBis OBJ_id_GostR3410_94,4L - -#define SN_id_Gost28147_89_cc "id-Gost28147-89-cc" -#define LN_id_Gost28147_89_cc "GOST 28147-89 Cryptocom ParamSet" -#define NID_id_Gost28147_89_cc 849 -#define OBJ_id_Gost28147_89_cc OBJ_cryptocom,1L,6L,1L - -#define SN_id_GostR3410_94_cc "gost94cc" -#define LN_id_GostR3410_94_cc "GOST 34.10-94 Cryptocom" -#define NID_id_GostR3410_94_cc 850 -#define OBJ_id_GostR3410_94_cc OBJ_cryptocom,1L,5L,3L - -#define SN_id_GostR3410_2001_cc "gost2001cc" -#define LN_id_GostR3410_2001_cc "GOST 34.10-2001 Cryptocom" -#define NID_id_GostR3410_2001_cc 851 -#define OBJ_id_GostR3410_2001_cc OBJ_cryptocom,1L,5L,4L - -#define SN_id_GostR3411_94_with_GostR3410_94_cc "id-GostR3411-94-with-GostR3410-94-cc" -#define LN_id_GostR3411_94_with_GostR3410_94_cc "GOST R 34.11-94 with GOST R 34.10-94 Cryptocom" -#define NID_id_GostR3411_94_with_GostR3410_94_cc 852 -#define OBJ_id_GostR3411_94_with_GostR3410_94_cc OBJ_cryptocom,1L,3L,3L - -#define SN_id_GostR3411_94_with_GostR3410_2001_cc "id-GostR3411-94-with-GostR3410-2001-cc" -#define LN_id_GostR3411_94_with_GostR3410_2001_cc "GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom" -#define NID_id_GostR3411_94_with_GostR3410_2001_cc 853 -#define OBJ_id_GostR3411_94_with_GostR3410_2001_cc OBJ_cryptocom,1L,3L,4L - -#define SN_id_GostR3410_2001_ParamSet_cc "id-GostR3410-2001-ParamSet-cc" -#define LN_id_GostR3410_2001_ParamSet_cc "GOST R 3410-2001 Parameter Set Cryptocom" -#define NID_id_GostR3410_2001_ParamSet_cc 854 -#define OBJ_id_GostR3410_2001_ParamSet_cc OBJ_cryptocom,1L,8L,1L - -#define SN_sm3 "SM3" -#define LN_sm3 "sm3" -#define NID_sm3 968 -#define OBJ_sm3 1L,2L,156L,10197L,1L,401L - -#define SN_sm3WithRSAEncryption "RSA-SM3" -#define LN_sm3WithRSAEncryption "sm3WithRSAEncryption" -#define NID_sm3WithRSAEncryption 969 -#define OBJ_sm3WithRSAEncryption 1L,2L,156L,10197L,1L,504L - -#define SN_camellia_128_cbc "CAMELLIA-128-CBC" -#define LN_camellia_128_cbc "camellia-128-cbc" -#define NID_camellia_128_cbc 751 -#define OBJ_camellia_128_cbc 1L,2L,392L,200011L,61L,1L,1L,1L,2L - -#define SN_camellia_192_cbc "CAMELLIA-192-CBC" -#define LN_camellia_192_cbc "camellia-192-cbc" -#define NID_camellia_192_cbc 752 -#define OBJ_camellia_192_cbc 1L,2L,392L,200011L,61L,1L,1L,1L,3L - -#define SN_camellia_256_cbc "CAMELLIA-256-CBC" -#define LN_camellia_256_cbc "camellia-256-cbc" -#define NID_camellia_256_cbc 753 -#define OBJ_camellia_256_cbc 1L,2L,392L,200011L,61L,1L,1L,1L,4L - -#define SN_id_camellia128_wrap "id-camellia128-wrap" -#define NID_id_camellia128_wrap 907 -#define OBJ_id_camellia128_wrap 1L,2L,392L,200011L,61L,1L,1L,3L,2L - -#define SN_id_camellia192_wrap "id-camellia192-wrap" -#define NID_id_camellia192_wrap 908 -#define OBJ_id_camellia192_wrap 1L,2L,392L,200011L,61L,1L,1L,3L,3L - -#define SN_id_camellia256_wrap "id-camellia256-wrap" -#define NID_id_camellia256_wrap 909 -#define OBJ_id_camellia256_wrap 1L,2L,392L,200011L,61L,1L,1L,3L,4L - -#define OBJ_ntt_ds 0L,3L,4401L,5L - -#define OBJ_camellia OBJ_ntt_ds,3L,1L,9L - -#define SN_camellia_128_ecb "CAMELLIA-128-ECB" -#define LN_camellia_128_ecb "camellia-128-ecb" -#define NID_camellia_128_ecb 754 -#define OBJ_camellia_128_ecb OBJ_camellia,1L - -#define SN_camellia_128_ofb128 "CAMELLIA-128-OFB" -#define LN_camellia_128_ofb128 "camellia-128-ofb" -#define NID_camellia_128_ofb128 766 -#define OBJ_camellia_128_ofb128 OBJ_camellia,3L - -#define SN_camellia_128_cfb128 "CAMELLIA-128-CFB" -#define LN_camellia_128_cfb128 "camellia-128-cfb" -#define NID_camellia_128_cfb128 757 -#define OBJ_camellia_128_cfb128 OBJ_camellia,4L - -#define SN_camellia_192_ecb "CAMELLIA-192-ECB" -#define LN_camellia_192_ecb "camellia-192-ecb" -#define NID_camellia_192_ecb 755 -#define OBJ_camellia_192_ecb OBJ_camellia,21L - -#define SN_camellia_192_ofb128 "CAMELLIA-192-OFB" -#define LN_camellia_192_ofb128 "camellia-192-ofb" -#define NID_camellia_192_ofb128 767 -#define OBJ_camellia_192_ofb128 OBJ_camellia,23L - -#define SN_camellia_192_cfb128 "CAMELLIA-192-CFB" -#define LN_camellia_192_cfb128 "camellia-192-cfb" -#define NID_camellia_192_cfb128 758 -#define OBJ_camellia_192_cfb128 OBJ_camellia,24L - -#define SN_camellia_256_ecb "CAMELLIA-256-ECB" -#define LN_camellia_256_ecb "camellia-256-ecb" -#define NID_camellia_256_ecb 756 -#define OBJ_camellia_256_ecb OBJ_camellia,41L - -#define SN_camellia_256_ofb128 "CAMELLIA-256-OFB" -#define LN_camellia_256_ofb128 "camellia-256-ofb" -#define NID_camellia_256_ofb128 768 -#define OBJ_camellia_256_ofb128 OBJ_camellia,43L - -#define SN_camellia_256_cfb128 "CAMELLIA-256-CFB" -#define LN_camellia_256_cfb128 "camellia-256-cfb" -#define NID_camellia_256_cfb128 759 -#define OBJ_camellia_256_cfb128 OBJ_camellia,44L - -#define SN_camellia_128_cfb1 "CAMELLIA-128-CFB1" -#define LN_camellia_128_cfb1 "camellia-128-cfb1" -#define NID_camellia_128_cfb1 760 - -#define SN_camellia_192_cfb1 "CAMELLIA-192-CFB1" -#define LN_camellia_192_cfb1 "camellia-192-cfb1" -#define NID_camellia_192_cfb1 761 - -#define SN_camellia_256_cfb1 "CAMELLIA-256-CFB1" -#define LN_camellia_256_cfb1 "camellia-256-cfb1" -#define NID_camellia_256_cfb1 762 - -#define SN_camellia_128_cfb8 "CAMELLIA-128-CFB8" -#define LN_camellia_128_cfb8 "camellia-128-cfb8" -#define NID_camellia_128_cfb8 763 - -#define SN_camellia_192_cfb8 "CAMELLIA-192-CFB8" -#define LN_camellia_192_cfb8 "camellia-192-cfb8" -#define NID_camellia_192_cfb8 764 - -#define SN_camellia_256_cfb8 "CAMELLIA-256-CFB8" -#define LN_camellia_256_cfb8 "camellia-256-cfb8" -#define NID_camellia_256_cfb8 765 - -#define SN_kisa "KISA" -#define LN_kisa "kisa" -#define NID_kisa 773 -#define OBJ_kisa OBJ_member_body,410L,200004L - -#define SN_seed_ecb "SEED-ECB" -#define LN_seed_ecb "seed-ecb" -#define NID_seed_ecb 776 -#define OBJ_seed_ecb OBJ_kisa,1L,3L - -#define SN_seed_cbc "SEED-CBC" -#define LN_seed_cbc "seed-cbc" -#define NID_seed_cbc 777 -#define OBJ_seed_cbc OBJ_kisa,1L,4L - -#define SN_seed_cfb128 "SEED-CFB" -#define LN_seed_cfb128 "seed-cfb" -#define NID_seed_cfb128 779 -#define OBJ_seed_cfb128 OBJ_kisa,1L,5L - -#define SN_seed_ofb128 "SEED-OFB" -#define LN_seed_ofb128 "seed-ofb" -#define NID_seed_ofb128 778 -#define OBJ_seed_ofb128 OBJ_kisa,1L,6L - -#define SN_ISO_CN "ISO-CN" -#define LN_ISO_CN "ISO CN Member Body" -#define NID_ISO_CN 970 -#define OBJ_ISO_CN OBJ_member_body,156L - -#define SN_oscca "oscca" -#define NID_oscca 971 -#define OBJ_oscca OBJ_ISO_CN,10197L - -#define SN_sm_scheme "sm-scheme" -#define NID_sm_scheme 972 -#define OBJ_sm_scheme OBJ_oscca,1L - -#define SN_sm4_ecb "SM4-ECB" -#define LN_sm4_ecb "sm4-ecb" -#define NID_sm4_ecb 973 -#define OBJ_sm4_ecb OBJ_sm_scheme,104L,1L - -#define SN_sm4_cbc "SM4-CBC" -#define LN_sm4_cbc "sm4-cbc" -#define NID_sm4_cbc 974 -#define OBJ_sm4_cbc OBJ_sm_scheme,104L,2L - -#define SN_sm4_ofb128 "SM4-OFB" -#define LN_sm4_ofb128 "sm4-ofb" -#define NID_sm4_ofb128 975 -#define OBJ_sm4_ofb128 OBJ_sm_scheme,104L,3L - -#define SN_sm4_cfb128 "SM4-CFB" -#define LN_sm4_cfb128 "sm4-cfb" -#define NID_sm4_cfb128 976 -#define OBJ_sm4_cfb128 OBJ_sm_scheme,104L,4L - -#define SN_sm4_cfb1 "SM4-CFB1" -#define LN_sm4_cfb1 "sm4-cfb1" -#define NID_sm4_cfb1 977 -#define OBJ_sm4_cfb1 OBJ_sm_scheme,104L,5L - -#define SN_sm4_cfb8 "SM4-CFB8" -#define LN_sm4_cfb8 "sm4-cfb8" -#define NID_sm4_cfb8 978 -#define OBJ_sm4_cfb8 OBJ_sm_scheme,104L,6L - -#define SN_sm4_ctr "SM4-CTR" -#define LN_sm4_ctr "sm4-ctr" -#define NID_sm4_ctr 979 -#define OBJ_sm4_ctr OBJ_sm_scheme,104L,7L - -#define SN_hmac "HMAC" -#define LN_hmac "hmac" -#define NID_hmac 855 - -#define SN_cmac "CMAC" -#define LN_cmac "cmac" -#define NID_cmac 894 - -#define SN_rc4_hmac_md5 "RC4-HMAC-MD5" -#define LN_rc4_hmac_md5 "rc4-hmac-md5" -#define NID_rc4_hmac_md5 915 - -#define SN_aes_128_cbc_hmac_sha1 "AES-128-CBC-HMAC-SHA1" -#define LN_aes_128_cbc_hmac_sha1 "aes-128-cbc-hmac-sha1" -#define NID_aes_128_cbc_hmac_sha1 916 - -#define SN_aes_192_cbc_hmac_sha1 "AES-192-CBC-HMAC-SHA1" -#define LN_aes_192_cbc_hmac_sha1 "aes-192-cbc-hmac-sha1" -#define NID_aes_192_cbc_hmac_sha1 917 - -#define SN_aes_256_cbc_hmac_sha1 "AES-256-CBC-HMAC-SHA1" -#define LN_aes_256_cbc_hmac_sha1 "aes-256-cbc-hmac-sha1" -#define NID_aes_256_cbc_hmac_sha1 918 - -#define OBJ_x9_63_scheme 1L,3L,133L,16L,840L,63L,0L - -#define OBJ_secg_scheme OBJ_certicom_arc,1L - -#define SN_dhSinglePass_stdDH_sha1kdf_scheme "dhSinglePass-stdDH-sha1kdf-scheme" -#define NID_dhSinglePass_stdDH_sha1kdf_scheme 980 -#define OBJ_dhSinglePass_stdDH_sha1kdf_scheme OBJ_x9_63_scheme,2L - -#define SN_dhSinglePass_stdDH_sha224kdf_scheme "dhSinglePass-stdDH-sha224kdf-scheme" -#define NID_dhSinglePass_stdDH_sha224kdf_scheme 981 -#define OBJ_dhSinglePass_stdDH_sha224kdf_scheme OBJ_secg_scheme,11L,0L - -#define SN_dhSinglePass_stdDH_sha256kdf_scheme "dhSinglePass-stdDH-sha256kdf-scheme" -#define NID_dhSinglePass_stdDH_sha256kdf_scheme 982 -#define OBJ_dhSinglePass_stdDH_sha256kdf_scheme OBJ_secg_scheme,11L,1L - -#define SN_dhSinglePass_stdDH_sha384kdf_scheme "dhSinglePass-stdDH-sha384kdf-scheme" -#define NID_dhSinglePass_stdDH_sha384kdf_scheme 983 -#define OBJ_dhSinglePass_stdDH_sha384kdf_scheme OBJ_secg_scheme,11L,2L - -#define SN_dhSinglePass_stdDH_sha512kdf_scheme "dhSinglePass-stdDH-sha512kdf-scheme" -#define NID_dhSinglePass_stdDH_sha512kdf_scheme 984 -#define OBJ_dhSinglePass_stdDH_sha512kdf_scheme OBJ_secg_scheme,11L,3L - -#define SN_dhSinglePass_cofactorDH_sha1kdf_scheme "dhSinglePass-cofactorDH-sha1kdf-scheme" -#define NID_dhSinglePass_cofactorDH_sha1kdf_scheme 985 -#define OBJ_dhSinglePass_cofactorDH_sha1kdf_scheme OBJ_x9_63_scheme,3L - -#define SN_dhSinglePass_cofactorDH_sha224kdf_scheme "dhSinglePass-cofactorDH-sha224kdf-scheme" -#define NID_dhSinglePass_cofactorDH_sha224kdf_scheme 986 -#define OBJ_dhSinglePass_cofactorDH_sha224kdf_scheme OBJ_secg_scheme,14L,0L - -#define SN_dhSinglePass_cofactorDH_sha256kdf_scheme "dhSinglePass-cofactorDH-sha256kdf-scheme" -#define NID_dhSinglePass_cofactorDH_sha256kdf_scheme 987 -#define OBJ_dhSinglePass_cofactorDH_sha256kdf_scheme OBJ_secg_scheme,14L,1L - -#define SN_dhSinglePass_cofactorDH_sha384kdf_scheme "dhSinglePass-cofactorDH-sha384kdf-scheme" -#define NID_dhSinglePass_cofactorDH_sha384kdf_scheme 988 -#define OBJ_dhSinglePass_cofactorDH_sha384kdf_scheme OBJ_secg_scheme,14L,2L - -#define SN_dhSinglePass_cofactorDH_sha512kdf_scheme "dhSinglePass-cofactorDH-sha512kdf-scheme" -#define NID_dhSinglePass_cofactorDH_sha512kdf_scheme 989 -#define OBJ_dhSinglePass_cofactorDH_sha512kdf_scheme OBJ_secg_scheme,14L,3L - -#define SN_dh_std_kdf "dh-std-kdf" -#define NID_dh_std_kdf 990 - -#define SN_dh_cofactor_kdf "dh-cofactor-kdf" -#define NID_dh_cofactor_kdf 991 - -#define SN_teletrust "teletrust" -#define NID_teletrust 920 -#define OBJ_teletrust OBJ_identified_organization,36L - -#define SN_brainpool "brainpool" -#define NID_brainpool 921 -#define OBJ_brainpool OBJ_teletrust,3L,3L,2L,8L,1L - -#define SN_brainpoolP160r1 "brainpoolP160r1" -#define NID_brainpoolP160r1 922 -#define OBJ_brainpoolP160r1 OBJ_brainpool,1L,1L - -#define SN_brainpoolP160t1 "brainpoolP160t1" -#define NID_brainpoolP160t1 923 -#define OBJ_brainpoolP160t1 OBJ_brainpool,1L,2L - -#define SN_brainpoolP192r1 "brainpoolP192r1" -#define NID_brainpoolP192r1 924 -#define OBJ_brainpoolP192r1 OBJ_brainpool,1L,3L - -#define SN_brainpoolP192t1 "brainpoolP192t1" -#define NID_brainpoolP192t1 925 -#define OBJ_brainpoolP192t1 OBJ_brainpool,1L,4L - -#define SN_brainpoolP224r1 "brainpoolP224r1" -#define NID_brainpoolP224r1 926 -#define OBJ_brainpoolP224r1 OBJ_brainpool,1L,5L - -#define SN_brainpoolP224t1 "brainpoolP224t1" -#define NID_brainpoolP224t1 927 -#define OBJ_brainpoolP224t1 OBJ_brainpool,1L,6L - -#define SN_brainpoolP256r1 "brainpoolP256r1" -#define NID_brainpoolP256r1 928 -#define OBJ_brainpoolP256r1 OBJ_brainpool,1L,7L - -#define SN_brainpoolP256t1 "brainpoolP256t1" -#define NID_brainpoolP256t1 929 -#define OBJ_brainpoolP256t1 OBJ_brainpool,1L,8L - -#define SN_brainpoolP320r1 "brainpoolP320r1" -#define NID_brainpoolP320r1 930 -#define OBJ_brainpoolP320r1 OBJ_brainpool,1L,9L - -#define SN_brainpoolP320t1 "brainpoolP320t1" -#define NID_brainpoolP320t1 931 -#define OBJ_brainpoolP320t1 OBJ_brainpool,1L,10L - -#define SN_brainpoolP384r1 "brainpoolP384r1" -#define NID_brainpoolP384r1 932 -#define OBJ_brainpoolP384r1 OBJ_brainpool,1L,11L - -#define SN_brainpoolP384t1 "brainpoolP384t1" -#define NID_brainpoolP384t1 933 -#define OBJ_brainpoolP384t1 OBJ_brainpool,1L,12L - -#define SN_brainpoolP512r1 "brainpoolP512r1" -#define NID_brainpoolP512r1 934 -#define OBJ_brainpoolP512r1 OBJ_brainpool,1L,13L - -#define SN_brainpoolP512t1 "brainpoolP512t1" -#define NID_brainpoolP512t1 935 -#define OBJ_brainpoolP512t1 OBJ_brainpool,1L,14L - -#define SN_FRP256v1 "FRP256v1" -#define NID_FRP256v1 936 -#define OBJ_FRP256v1 1L,2L,250L,1L,223L,101L,256L,1L - -#define SN_chacha20 "ChaCha" -#define LN_chacha20 "chacha" -#define NID_chacha20 937 - -#define SN_chacha20_poly1305 "ChaCha20-Poly1305" -#define LN_chacha20_poly1305 "chacha20-poly1305" -#define NID_chacha20_poly1305 967 - -#define SN_gost89_ecb "gost89-ecb" -#define NID_gost89_ecb 938 - -#define SN_gost89_cbc "gost89-cbc" -#define NID_gost89_cbc 939 - -#define SN_tc26 "tc26" -#define NID_tc26 940 -#define OBJ_tc26 OBJ_member_body,643L,7L,1L - -#define SN_id_tc26_gost3411_2012_256 "streebog256" -#define LN_id_tc26_gost3411_2012_256 "GOST R 34.11-2012 (256 bit)" -#define NID_id_tc26_gost3411_2012_256 941 -#define OBJ_id_tc26_gost3411_2012_256 OBJ_tc26,1L,2L,2L - -#define SN_id_tc26_gost3411_2012_512 "streebog512" -#define LN_id_tc26_gost3411_2012_512 "GOST R 34-11-2012 (512 bit)" -#define NID_id_tc26_gost3411_2012_512 942 -#define OBJ_id_tc26_gost3411_2012_512 OBJ_tc26,1L,2L,3L - -#define SN_id_tc26_gost_3410_2012_512_paramSetA "id-tc26-gost-3410-2012-512-paramSetA" -#define NID_id_tc26_gost_3410_2012_512_paramSetA 943 -#define OBJ_id_tc26_gost_3410_2012_512_paramSetA OBJ_tc26,2L,1L,2L,1L - -#define SN_id_tc26_gost_3410_2012_512_paramSetB "id-tc26-gost-3410-2012-512-paramSetB" -#define NID_id_tc26_gost_3410_2012_512_paramSetB 944 -#define OBJ_id_tc26_gost_3410_2012_512_paramSetB OBJ_tc26,2L,1L,2L,2L - -#define SN_id_tc26_gost_28147_param_Z "id-tc26-gost-28147-param-Z" -#define NID_id_tc26_gost_28147_param_Z 945 -#define OBJ_id_tc26_gost_28147_param_Z OBJ_tc26,2L,5L,1L,1L - -#define SN_id_tc26_gost3410_2012_256 "id-tc26-gost3410-2012-256" -#define LN_id_tc26_gost3410_2012_256 "GOST R 34.10-2012 (256 bit)" -#define NID_id_tc26_gost3410_2012_256 946 -#define OBJ_id_tc26_gost3410_2012_256 OBJ_tc26,1L,1L,1L - -#define SN_id_tc26_gost3410_2012_512 "id-tc26-gost3410-2012-512" -#define LN_id_tc26_gost3410_2012_512 "GOST R 34.10-2012 (512 bit)" -#define NID_id_tc26_gost3410_2012_512 947 -#define OBJ_id_tc26_gost3410_2012_512 OBJ_tc26,1L,1L,2L - -#define SN_id_tc26_signwithdigest_gost3410_2012_256 "id-tc26-signwithdigest-gost3410-2012-256" -#define LN_id_tc26_signwithdigest_gost3410_2012_256 "GOST R 34.11-2012 with GOST R 34.10-2012 (256 bit)" -#define NID_id_tc26_signwithdigest_gost3410_2012_256 948 -#define OBJ_id_tc26_signwithdigest_gost3410_2012_256 OBJ_tc26,1L,3L,2L - -#define SN_id_tc26_signwithdigest_gost3410_2012_512 "id-tc26-signwithdigest-gost3410-2012-512" -#define LN_id_tc26_signwithdigest_gost3410_2012_512 "GOST R 34.11-2012 with GOST R 34.10-2012 (512 bit)" -#define NID_id_tc26_signwithdigest_gost3410_2012_512 949 -#define OBJ_id_tc26_signwithdigest_gost3410_2012_512 OBJ_tc26,1L,3L,3L - -#define SN_X25519 "X25519" -#define NID_X25519 950 -#define OBJ_X25519 1L,3L,101L,110L - -#define SN_X448 "X448" -#define NID_X448 951 -#define OBJ_X448 1L,3L,101L,111L - -#define SN_Ed25519 "Ed25519" -#define NID_Ed25519 952 -#define OBJ_Ed25519 1L,3L,101L,112L - -#define SN_Ed448 "Ed448" -#define NID_Ed448 953 -#define OBJ_Ed448 1L,3L,101L,113L - -#define SN_Ed25519ph "Ed25519ph" -#define NID_Ed25519ph 954 -#define OBJ_Ed25519ph 1L,3L,101L,114L - -#define SN_Ed448ph "Ed448ph" -#define NID_Ed448ph 955 -#define OBJ_Ed448ph 1L,3L,101L,115L - -#define SN_kx_rsa "KxRSA" -#define LN_kx_rsa "kx-rsa" -#define NID_kx_rsa 959 - -#define SN_kx_ecdhe "KxECDHE" -#define LN_kx_ecdhe "kx-ecdhe" -#define NID_kx_ecdhe 960 - -#define SN_kx_dhe "KxDHE" -#define LN_kx_dhe "kx-dhe" -#define NID_kx_dhe 961 - -#define SN_kx_gost "KxGOST" -#define LN_kx_gost "kx-gost" -#define NID_kx_gost 962 - -#define SN_auth_rsa "AuthRSA" -#define LN_auth_rsa "auth-rsa" -#define NID_auth_rsa 963 - -#define SN_auth_ecdsa "AuthECDSA" -#define LN_auth_ecdsa "auth-ecdsa" -#define NID_auth_ecdsa 964 - -#define SN_auth_gost01 "AuthGOST01" -#define LN_auth_gost01 "auth-gost01" -#define NID_auth_gost01 965 - -#define SN_auth_null "AuthNULL" -#define LN_auth_null "auth-null" -#define NID_auth_null 966 - diff --git a/libressl/include64/openssl/objects.h b/libressl/include64/openssl/objects.h deleted file mode 100644 index c40991b5..00000000 --- a/libressl/include64/openssl/objects.h +++ /dev/null @@ -1,1140 +0,0 @@ -/* $OpenBSD: objects.h,v 1.12 2017/01/21 04:53:22 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_OBJECTS_H -#define HEADER_OBJECTS_H - -#define USE_OBJ_MAC - -#ifdef USE_OBJ_MAC -#include <openssl/obj_mac.h> -#else -#define SN_undef "UNDEF" -#define LN_undef "undefined" -#define NID_undef 0 -#define OBJ_undef 0L - -#define SN_Algorithm "Algorithm" -#define LN_algorithm "algorithm" -#define NID_algorithm 38 -#define OBJ_algorithm 1L,3L,14L,3L,2L - -#define LN_rsadsi "rsadsi" -#define NID_rsadsi 1 -#define OBJ_rsadsi 1L,2L,840L,113549L - -#define LN_pkcs "pkcs" -#define NID_pkcs 2 -#define OBJ_pkcs OBJ_rsadsi,1L - -#define SN_md2 "MD2" -#define LN_md2 "md2" -#define NID_md2 3 -#define OBJ_md2 OBJ_rsadsi,2L,2L - -#define SN_md5 "MD5" -#define LN_md5 "md5" -#define NID_md5 4 -#define OBJ_md5 OBJ_rsadsi,2L,5L - -#define SN_rc4 "RC4" -#define LN_rc4 "rc4" -#define NID_rc4 5 -#define OBJ_rc4 OBJ_rsadsi,3L,4L - -#define LN_rsaEncryption "rsaEncryption" -#define NID_rsaEncryption 6 -#define OBJ_rsaEncryption OBJ_pkcs,1L,1L - -#define SN_md2WithRSAEncryption "RSA-MD2" -#define LN_md2WithRSAEncryption "md2WithRSAEncryption" -#define NID_md2WithRSAEncryption 7 -#define OBJ_md2WithRSAEncryption OBJ_pkcs,1L,2L - -#define SN_md5WithRSAEncryption "RSA-MD5" -#define LN_md5WithRSAEncryption "md5WithRSAEncryption" -#define NID_md5WithRSAEncryption 8 -#define OBJ_md5WithRSAEncryption OBJ_pkcs,1L,4L - -#define SN_pbeWithMD2AndDES_CBC "PBE-MD2-DES" -#define LN_pbeWithMD2AndDES_CBC "pbeWithMD2AndDES-CBC" -#define NID_pbeWithMD2AndDES_CBC 9 -#define OBJ_pbeWithMD2AndDES_CBC OBJ_pkcs,5L,1L - -#define SN_pbeWithMD5AndDES_CBC "PBE-MD5-DES" -#define LN_pbeWithMD5AndDES_CBC "pbeWithMD5AndDES-CBC" -#define NID_pbeWithMD5AndDES_CBC 10 -#define OBJ_pbeWithMD5AndDES_CBC OBJ_pkcs,5L,3L - -#define LN_X500 "X500" -#define NID_X500 11 -#define OBJ_X500 2L,5L - -#define LN_X509 "X509" -#define NID_X509 12 -#define OBJ_X509 OBJ_X500,4L - -#define SN_commonName "CN" -#define LN_commonName "commonName" -#define NID_commonName 13 -#define OBJ_commonName OBJ_X509,3L - -#define SN_countryName "C" -#define LN_countryName "countryName" -#define NID_countryName 14 -#define OBJ_countryName OBJ_X509,6L - -#define SN_localityName "L" -#define LN_localityName "localityName" -#define NID_localityName 15 -#define OBJ_localityName OBJ_X509,7L - -/* Postal Address? PA */ - -/* should be "ST" (rfc1327) but MS uses 'S' */ -#define SN_stateOrProvinceName "ST" -#define LN_stateOrProvinceName "stateOrProvinceName" -#define NID_stateOrProvinceName 16 -#define OBJ_stateOrProvinceName OBJ_X509,8L - -#define SN_organizationName "O" -#define LN_organizationName "organizationName" -#define NID_organizationName 17 -#define OBJ_organizationName OBJ_X509,10L - -#define SN_organizationalUnitName "OU" -#define LN_organizationalUnitName "organizationalUnitName" -#define NID_organizationalUnitName 18 -#define OBJ_organizationalUnitName OBJ_X509,11L - -#define SN_rsa "RSA" -#define LN_rsa "rsa" -#define NID_rsa 19 -#define OBJ_rsa OBJ_X500,8L,1L,1L - -#define LN_pkcs7 "pkcs7" -#define NID_pkcs7 20 -#define OBJ_pkcs7 OBJ_pkcs,7L - -#define LN_pkcs7_data "pkcs7-data" -#define NID_pkcs7_data 21 -#define OBJ_pkcs7_data OBJ_pkcs7,1L - -#define LN_pkcs7_signed "pkcs7-signedData" -#define NID_pkcs7_signed 22 -#define OBJ_pkcs7_signed OBJ_pkcs7,2L - -#define LN_pkcs7_enveloped "pkcs7-envelopedData" -#define NID_pkcs7_enveloped 23 -#define OBJ_pkcs7_enveloped OBJ_pkcs7,3L - -#define LN_pkcs7_signedAndEnveloped "pkcs7-signedAndEnvelopedData" -#define NID_pkcs7_signedAndEnveloped 24 -#define OBJ_pkcs7_signedAndEnveloped OBJ_pkcs7,4L - -#define LN_pkcs7_digest "pkcs7-digestData" -#define NID_pkcs7_digest 25 -#define OBJ_pkcs7_digest OBJ_pkcs7,5L - -#define LN_pkcs7_encrypted "pkcs7-encryptedData" -#define NID_pkcs7_encrypted 26 -#define OBJ_pkcs7_encrypted OBJ_pkcs7,6L - -#define LN_pkcs3 "pkcs3" -#define NID_pkcs3 27 -#define OBJ_pkcs3 OBJ_pkcs,3L - -#define LN_dhKeyAgreement "dhKeyAgreement" -#define NID_dhKeyAgreement 28 -#define OBJ_dhKeyAgreement OBJ_pkcs3,1L - -#define SN_des_ecb "DES-ECB" -#define LN_des_ecb "des-ecb" -#define NID_des_ecb 29 -#define OBJ_des_ecb OBJ_algorithm,6L - -#define SN_des_cfb64 "DES-CFB" -#define LN_des_cfb64 "des-cfb" -#define NID_des_cfb64 30 -/* IV + num */ -#define OBJ_des_cfb64 OBJ_algorithm,9L - -#define SN_des_cbc "DES-CBC" -#define LN_des_cbc "des-cbc" -#define NID_des_cbc 31 -/* IV */ -#define OBJ_des_cbc OBJ_algorithm,7L - -#define SN_des_ede "DES-EDE" -#define LN_des_ede "des-ede" -#define NID_des_ede 32 -/* ?? */ -#define OBJ_des_ede OBJ_algorithm,17L - -#define SN_des_ede3 "DES-EDE3" -#define LN_des_ede3 "des-ede3" -#define NID_des_ede3 33 - -#define SN_idea_cbc "IDEA-CBC" -#define LN_idea_cbc "idea-cbc" -#define NID_idea_cbc 34 -#define OBJ_idea_cbc 1L,3L,6L,1L,4L,1L,188L,7L,1L,1L,2L - -#define SN_idea_cfb64 "IDEA-CFB" -#define LN_idea_cfb64 "idea-cfb" -#define NID_idea_cfb64 35 - -#define SN_idea_ecb "IDEA-ECB" -#define LN_idea_ecb "idea-ecb" -#define NID_idea_ecb 36 - -#define SN_rc2_cbc "RC2-CBC" -#define LN_rc2_cbc "rc2-cbc" -#define NID_rc2_cbc 37 -#define OBJ_rc2_cbc OBJ_rsadsi,3L,2L - -#define SN_rc2_ecb "RC2-ECB" -#define LN_rc2_ecb "rc2-ecb" -#define NID_rc2_ecb 38 - -#define SN_rc2_cfb64 "RC2-CFB" -#define LN_rc2_cfb64 "rc2-cfb" -#define NID_rc2_cfb64 39 - -#define SN_rc2_ofb64 "RC2-OFB" -#define LN_rc2_ofb64 "rc2-ofb" -#define NID_rc2_ofb64 40 - -#define SN_sha "SHA" -#define LN_sha "sha" -#define NID_sha 41 -#define OBJ_sha OBJ_algorithm,18L - -#define SN_shaWithRSAEncryption "RSA-SHA" -#define LN_shaWithRSAEncryption "shaWithRSAEncryption" -#define NID_shaWithRSAEncryption 42 -#define OBJ_shaWithRSAEncryption OBJ_algorithm,15L - -#define SN_des_ede_cbc "DES-EDE-CBC" -#define LN_des_ede_cbc "des-ede-cbc" -#define NID_des_ede_cbc 43 - -#define SN_des_ede3_cbc "DES-EDE3-CBC" -#define LN_des_ede3_cbc "des-ede3-cbc" -#define NID_des_ede3_cbc 44 -#define OBJ_des_ede3_cbc OBJ_rsadsi,3L,7L - -#define SN_des_ofb64 "DES-OFB" -#define LN_des_ofb64 "des-ofb" -#define NID_des_ofb64 45 -#define OBJ_des_ofb64 OBJ_algorithm,8L - -#define SN_idea_ofb64 "IDEA-OFB" -#define LN_idea_ofb64 "idea-ofb" -#define NID_idea_ofb64 46 - -#define LN_pkcs9 "pkcs9" -#define NID_pkcs9 47 -#define OBJ_pkcs9 OBJ_pkcs,9L - -#define SN_pkcs9_emailAddress "Email" -#define LN_pkcs9_emailAddress "emailAddress" -#define NID_pkcs9_emailAddress 48 -#define OBJ_pkcs9_emailAddress OBJ_pkcs9,1L - -#define LN_pkcs9_unstructuredName "unstructuredName" -#define NID_pkcs9_unstructuredName 49 -#define OBJ_pkcs9_unstructuredName OBJ_pkcs9,2L - -#define LN_pkcs9_contentType "contentType" -#define NID_pkcs9_contentType 50 -#define OBJ_pkcs9_contentType OBJ_pkcs9,3L - -#define LN_pkcs9_messageDigest "messageDigest" -#define NID_pkcs9_messageDigest 51 -#define OBJ_pkcs9_messageDigest OBJ_pkcs9,4L - -#define LN_pkcs9_signingTime "signingTime" -#define NID_pkcs9_signingTime 52 -#define OBJ_pkcs9_signingTime OBJ_pkcs9,5L - -#define LN_pkcs9_countersignature "countersignature" -#define NID_pkcs9_countersignature 53 -#define OBJ_pkcs9_countersignature OBJ_pkcs9,6L - -#define LN_pkcs9_challengePassword "challengePassword" -#define NID_pkcs9_challengePassword 54 -#define OBJ_pkcs9_challengePassword OBJ_pkcs9,7L - -#define LN_pkcs9_unstructuredAddress "unstructuredAddress" -#define NID_pkcs9_unstructuredAddress 55 -#define OBJ_pkcs9_unstructuredAddress OBJ_pkcs9,8L - -#define LN_pkcs9_extCertAttributes "extendedCertificateAttributes" -#define NID_pkcs9_extCertAttributes 56 -#define OBJ_pkcs9_extCertAttributes OBJ_pkcs9,9L - -#define SN_netscape "Netscape" -#define LN_netscape "Netscape Communications Corp." -#define NID_netscape 57 -#define OBJ_netscape 2L,16L,840L,1L,113730L - -#define SN_netscape_cert_extension "nsCertExt" -#define LN_netscape_cert_extension "Netscape Certificate Extension" -#define NID_netscape_cert_extension 58 -#define OBJ_netscape_cert_extension OBJ_netscape,1L - -#define SN_netscape_data_type "nsDataType" -#define LN_netscape_data_type "Netscape Data Type" -#define NID_netscape_data_type 59 -#define OBJ_netscape_data_type OBJ_netscape,2L - -#define SN_des_ede_cfb64 "DES-EDE-CFB" -#define LN_des_ede_cfb64 "des-ede-cfb" -#define NID_des_ede_cfb64 60 - -#define SN_des_ede3_cfb64 "DES-EDE3-CFB" -#define LN_des_ede3_cfb64 "des-ede3-cfb" -#define NID_des_ede3_cfb64 61 - -#define SN_des_ede_ofb64 "DES-EDE-OFB" -#define LN_des_ede_ofb64 "des-ede-ofb" -#define NID_des_ede_ofb64 62 - -#define SN_des_ede3_ofb64 "DES-EDE3-OFB" -#define LN_des_ede3_ofb64 "des-ede3-ofb" -#define NID_des_ede3_ofb64 63 - -/* I'm not sure about the object ID */ -#define SN_sha1 "SHA1" -#define LN_sha1 "sha1" -#define NID_sha1 64 -#define OBJ_sha1 OBJ_algorithm,26L -/* 28 Jun 1996 - eay */ -/* #define OBJ_sha1 1L,3L,14L,2L,26L,05L <- wrong */ - -#define SN_sha1WithRSAEncryption "RSA-SHA1" -#define LN_sha1WithRSAEncryption "sha1WithRSAEncryption" -#define NID_sha1WithRSAEncryption 65 -#define OBJ_sha1WithRSAEncryption OBJ_pkcs,1L,5L - -#define SN_dsaWithSHA "DSA-SHA" -#define LN_dsaWithSHA "dsaWithSHA" -#define NID_dsaWithSHA 66 -#define OBJ_dsaWithSHA OBJ_algorithm,13L - -#define SN_dsa_2 "DSA-old" -#define LN_dsa_2 "dsaEncryption-old" -#define NID_dsa_2 67 -#define OBJ_dsa_2 OBJ_algorithm,12L - -/* proposed by microsoft to RSA */ -#define SN_pbeWithSHA1AndRC2_CBC "PBE-SHA1-RC2-64" -#define LN_pbeWithSHA1AndRC2_CBC "pbeWithSHA1AndRC2-CBC" -#define NID_pbeWithSHA1AndRC2_CBC 68 -#define OBJ_pbeWithSHA1AndRC2_CBC OBJ_pkcs,5L,11L - -/* proposed by microsoft to RSA as pbeWithSHA1AndRC4: it is now - * defined explicitly in PKCS#5 v2.0 as id-PBKDF2 which is something - * completely different. - */ -#define LN_id_pbkdf2 "PBKDF2" -#define NID_id_pbkdf2 69 -#define OBJ_id_pbkdf2 OBJ_pkcs,5L,12L - -#define SN_dsaWithSHA1_2 "DSA-SHA1-old" -#define LN_dsaWithSHA1_2 "dsaWithSHA1-old" -#define NID_dsaWithSHA1_2 70 -/* Got this one from 'sdn706r20.pdf' which is actually an NSA document :-) */ -#define OBJ_dsaWithSHA1_2 OBJ_algorithm,27L - -#define SN_netscape_cert_type "nsCertType" -#define LN_netscape_cert_type "Netscape Cert Type" -#define NID_netscape_cert_type 71 -#define OBJ_netscape_cert_type OBJ_netscape_cert_extension,1L - -#define SN_netscape_base_url "nsBaseUrl" -#define LN_netscape_base_url "Netscape Base Url" -#define NID_netscape_base_url 72 -#define OBJ_netscape_base_url OBJ_netscape_cert_extension,2L - -#define SN_netscape_revocation_url "nsRevocationUrl" -#define LN_netscape_revocation_url "Netscape Revocation Url" -#define NID_netscape_revocation_url 73 -#define OBJ_netscape_revocation_url OBJ_netscape_cert_extension,3L - -#define SN_netscape_ca_revocation_url "nsCaRevocationUrl" -#define LN_netscape_ca_revocation_url "Netscape CA Revocation Url" -#define NID_netscape_ca_revocation_url 74 -#define OBJ_netscape_ca_revocation_url OBJ_netscape_cert_extension,4L - -#define SN_netscape_renewal_url "nsRenewalUrl" -#define LN_netscape_renewal_url "Netscape Renewal Url" -#define NID_netscape_renewal_url 75 -#define OBJ_netscape_renewal_url OBJ_netscape_cert_extension,7L - -#define SN_netscape_ca_policy_url "nsCaPolicyUrl" -#define LN_netscape_ca_policy_url "Netscape CA Policy Url" -#define NID_netscape_ca_policy_url 76 -#define OBJ_netscape_ca_policy_url OBJ_netscape_cert_extension,8L - -#define SN_netscape_ssl_server_name "nsSslServerName" -#define LN_netscape_ssl_server_name "Netscape SSL Server Name" -#define NID_netscape_ssl_server_name 77 -#define OBJ_netscape_ssl_server_name OBJ_netscape_cert_extension,12L - -#define SN_netscape_comment "nsComment" -#define LN_netscape_comment "Netscape Comment" -#define NID_netscape_comment 78 -#define OBJ_netscape_comment OBJ_netscape_cert_extension,13L - -#define SN_netscape_cert_sequence "nsCertSequence" -#define LN_netscape_cert_sequence "Netscape Certificate Sequence" -#define NID_netscape_cert_sequence 79 -#define OBJ_netscape_cert_sequence OBJ_netscape_data_type,5L - -#define SN_desx_cbc "DESX-CBC" -#define LN_desx_cbc "desx-cbc" -#define NID_desx_cbc 80 - -#define SN_id_ce "id-ce" -#define NID_id_ce 81 -#define OBJ_id_ce 2L,5L,29L - -#define SN_subject_key_identifier "subjectKeyIdentifier" -#define LN_subject_key_identifier "X509v3 Subject Key Identifier" -#define NID_subject_key_identifier 82 -#define OBJ_subject_key_identifier OBJ_id_ce,14L - -#define SN_key_usage "keyUsage" -#define LN_key_usage "X509v3 Key Usage" -#define NID_key_usage 83 -#define OBJ_key_usage OBJ_id_ce,15L - -#define SN_private_key_usage_period "privateKeyUsagePeriod" -#define LN_private_key_usage_period "X509v3 Private Key Usage Period" -#define NID_private_key_usage_period 84 -#define OBJ_private_key_usage_period OBJ_id_ce,16L - -#define SN_subject_alt_name "subjectAltName" -#define LN_subject_alt_name "X509v3 Subject Alternative Name" -#define NID_subject_alt_name 85 -#define OBJ_subject_alt_name OBJ_id_ce,17L - -#define SN_issuer_alt_name "issuerAltName" -#define LN_issuer_alt_name "X509v3 Issuer Alternative Name" -#define NID_issuer_alt_name 86 -#define OBJ_issuer_alt_name OBJ_id_ce,18L - -#define SN_basic_constraints "basicConstraints" -#define LN_basic_constraints "X509v3 Basic Constraints" -#define NID_basic_constraints 87 -#define OBJ_basic_constraints OBJ_id_ce,19L - -#define SN_crl_number "crlNumber" -#define LN_crl_number "X509v3 CRL Number" -#define NID_crl_number 88 -#define OBJ_crl_number OBJ_id_ce,20L - -#define SN_certificate_policies "certificatePolicies" -#define LN_certificate_policies "X509v3 Certificate Policies" -#define NID_certificate_policies 89 -#define OBJ_certificate_policies OBJ_id_ce,32L - -#define SN_authority_key_identifier "authorityKeyIdentifier" -#define LN_authority_key_identifier "X509v3 Authority Key Identifier" -#define NID_authority_key_identifier 90 -#define OBJ_authority_key_identifier OBJ_id_ce,35L - -#define SN_bf_cbc "BF-CBC" -#define LN_bf_cbc "bf-cbc" -#define NID_bf_cbc 91 -#define OBJ_bf_cbc 1L,3L,6L,1L,4L,1L,3029L,1L,2L - -#define SN_bf_ecb "BF-ECB" -#define LN_bf_ecb "bf-ecb" -#define NID_bf_ecb 92 - -#define SN_bf_cfb64 "BF-CFB" -#define LN_bf_cfb64 "bf-cfb" -#define NID_bf_cfb64 93 - -#define SN_bf_ofb64 "BF-OFB" -#define LN_bf_ofb64 "bf-ofb" -#define NID_bf_ofb64 94 - -#define SN_mdc2 "MDC2" -#define LN_mdc2 "mdc2" -#define NID_mdc2 95 -#define OBJ_mdc2 2L,5L,8L,3L,101L -/* An alternative? 1L,3L,14L,3L,2L,19L */ - -#define SN_mdc2WithRSA "RSA-MDC2" -#define LN_mdc2WithRSA "mdc2withRSA" -#define NID_mdc2WithRSA 96 -#define OBJ_mdc2WithRSA 2L,5L,8L,3L,100L - -#define SN_rc4_40 "RC4-40" -#define LN_rc4_40 "rc4-40" -#define NID_rc4_40 97 - -#define SN_rc2_40_cbc "RC2-40-CBC" -#define LN_rc2_40_cbc "rc2-40-cbc" -#define NID_rc2_40_cbc 98 - -#define SN_givenName "G" -#define LN_givenName "givenName" -#define NID_givenName 99 -#define OBJ_givenName OBJ_X509,42L - -#define SN_surname "S" -#define LN_surname "surname" -#define NID_surname 100 -#define OBJ_surname OBJ_X509,4L - -#define SN_initials "I" -#define LN_initials "initials" -#define NID_initials 101 -#define OBJ_initials OBJ_X509,43L - -#define SN_uniqueIdentifier "UID" -#define LN_uniqueIdentifier "uniqueIdentifier" -#define NID_uniqueIdentifier 102 -#define OBJ_uniqueIdentifier OBJ_X509,45L - -#define SN_crl_distribution_points "crlDistributionPoints" -#define LN_crl_distribution_points "X509v3 CRL Distribution Points" -#define NID_crl_distribution_points 103 -#define OBJ_crl_distribution_points OBJ_id_ce,31L - -#define SN_md5WithRSA "RSA-NP-MD5" -#define LN_md5WithRSA "md5WithRSA" -#define NID_md5WithRSA 104 -#define OBJ_md5WithRSA OBJ_algorithm,3L - -#define SN_serialNumber "SN" -#define LN_serialNumber "serialNumber" -#define NID_serialNumber 105 -#define OBJ_serialNumber OBJ_X509,5L - -#define SN_title "T" -#define LN_title "title" -#define NID_title 106 -#define OBJ_title OBJ_X509,12L - -#define SN_description "D" -#define LN_description "description" -#define NID_description 107 -#define OBJ_description OBJ_X509,13L - -/* CAST5 is CAST-128, I'm just sticking with the documentation */ -#define SN_cast5_cbc "CAST5-CBC" -#define LN_cast5_cbc "cast5-cbc" -#define NID_cast5_cbc 108 -#define OBJ_cast5_cbc 1L,2L,840L,113533L,7L,66L,10L - -#define SN_cast5_ecb "CAST5-ECB" -#define LN_cast5_ecb "cast5-ecb" -#define NID_cast5_ecb 109 - -#define SN_cast5_cfb64 "CAST5-CFB" -#define LN_cast5_cfb64 "cast5-cfb" -#define NID_cast5_cfb64 110 - -#define SN_cast5_ofb64 "CAST5-OFB" -#define LN_cast5_ofb64 "cast5-ofb" -#define NID_cast5_ofb64 111 - -#define LN_pbeWithMD5AndCast5_CBC "pbeWithMD5AndCast5CBC" -#define NID_pbeWithMD5AndCast5_CBC 112 -#define OBJ_pbeWithMD5AndCast5_CBC 1L,2L,840L,113533L,7L,66L,12L - -/* This is one sun will soon be using :-( - * id-dsa-with-sha1 ID ::= { - * iso(1) member-body(2) us(840) x9-57 (10040) x9cm(4) 3 } - */ -#define SN_dsaWithSHA1 "DSA-SHA1" -#define LN_dsaWithSHA1 "dsaWithSHA1" -#define NID_dsaWithSHA1 113 -#define OBJ_dsaWithSHA1 1L,2L,840L,10040L,4L,3L - -#define NID_md5_sha1 114 -#define SN_md5_sha1 "MD5-SHA1" -#define LN_md5_sha1 "md5-sha1" - -#define SN_sha1WithRSA "RSA-SHA1-2" -#define LN_sha1WithRSA "sha1WithRSA" -#define NID_sha1WithRSA 115 -#define OBJ_sha1WithRSA OBJ_algorithm,29L - -#define SN_dsa "DSA" -#define LN_dsa "dsaEncryption" -#define NID_dsa 116 -#define OBJ_dsa 1L,2L,840L,10040L,4L,1L - -#define SN_ripemd160 "RIPEMD160" -#define LN_ripemd160 "ripemd160" -#define NID_ripemd160 117 -#define OBJ_ripemd160 1L,3L,36L,3L,2L,1L - -/* The name should actually be rsaSignatureWithripemd160, but I'm going - * to continue using the convention I'm using with the other ciphers */ -#define SN_ripemd160WithRSA "RSA-RIPEMD160" -#define LN_ripemd160WithRSA "ripemd160WithRSA" -#define NID_ripemd160WithRSA 119 -#define OBJ_ripemd160WithRSA 1L,3L,36L,3L,3L,1L,2L - -/* Taken from rfc2040 - * RC5_CBC_Parameters ::= SEQUENCE { - * version INTEGER (v1_0(16)), - * rounds INTEGER (8..127), - * blockSizeInBits INTEGER (64, 128), - * iv OCTET STRING OPTIONAL - * } - */ -#define SN_rc5_cbc "RC5-CBC" -#define LN_rc5_cbc "rc5-cbc" -#define NID_rc5_cbc 120 -#define OBJ_rc5_cbc OBJ_rsadsi,3L,8L - -#define SN_rc5_ecb "RC5-ECB" -#define LN_rc5_ecb "rc5-ecb" -#define NID_rc5_ecb 121 - -#define SN_rc5_cfb64 "RC5-CFB" -#define LN_rc5_cfb64 "rc5-cfb" -#define NID_rc5_cfb64 122 - -#define SN_rc5_ofb64 "RC5-OFB" -#define LN_rc5_ofb64 "rc5-ofb" -#define NID_rc5_ofb64 123 - -#define SN_rle_compression "RLE" -#define LN_rle_compression "run length compression" -#define NID_rle_compression 124 -#define OBJ_rle_compression 1L,1L,1L,1L,666L,1L - -#define SN_zlib_compression "ZLIB" -#define LN_zlib_compression "zlib compression" -#define NID_zlib_compression 125 -#define OBJ_zlib_compression 1L,1L,1L,1L,666L,2L - -#define SN_ext_key_usage "extendedKeyUsage" -#define LN_ext_key_usage "X509v3 Extended Key Usage" -#define NID_ext_key_usage 126 -#define OBJ_ext_key_usage OBJ_id_ce,37 - -#define SN_id_pkix "PKIX" -#define NID_id_pkix 127 -#define OBJ_id_pkix 1L,3L,6L,1L,5L,5L,7L - -#define SN_id_kp "id-kp" -#define NID_id_kp 128 -#define OBJ_id_kp OBJ_id_pkix,3L - -/* PKIX extended key usage OIDs */ - -#define SN_server_auth "serverAuth" -#define LN_server_auth "TLS Web Server Authentication" -#define NID_server_auth 129 -#define OBJ_server_auth OBJ_id_kp,1L - -#define SN_client_auth "clientAuth" -#define LN_client_auth "TLS Web Client Authentication" -#define NID_client_auth 130 -#define OBJ_client_auth OBJ_id_kp,2L - -#define SN_code_sign "codeSigning" -#define LN_code_sign "Code Signing" -#define NID_code_sign 131 -#define OBJ_code_sign OBJ_id_kp,3L - -#define SN_email_protect "emailProtection" -#define LN_email_protect "E-mail Protection" -#define NID_email_protect 132 -#define OBJ_email_protect OBJ_id_kp,4L - -#define SN_time_stamp "timeStamping" -#define LN_time_stamp "Time Stamping" -#define NID_time_stamp 133 -#define OBJ_time_stamp OBJ_id_kp,8L - -/* Additional extended key usage OIDs: Microsoft */ - -#define SN_ms_code_ind "msCodeInd" -#define LN_ms_code_ind "Microsoft Individual Code Signing" -#define NID_ms_code_ind 134 -#define OBJ_ms_code_ind 1L,3L,6L,1L,4L,1L,311L,2L,1L,21L - -#define SN_ms_code_com "msCodeCom" -#define LN_ms_code_com "Microsoft Commercial Code Signing" -#define NID_ms_code_com 135 -#define OBJ_ms_code_com 1L,3L,6L,1L,4L,1L,311L,2L,1L,22L - -#define SN_ms_ctl_sign "msCTLSign" -#define LN_ms_ctl_sign "Microsoft Trust List Signing" -#define NID_ms_ctl_sign 136 -#define OBJ_ms_ctl_sign 1L,3L,6L,1L,4L,1L,311L,10L,3L,1L - -#define SN_ms_sgc "msSGC" -#define LN_ms_sgc "Microsoft Server Gated Crypto" -#define NID_ms_sgc 137 -#define OBJ_ms_sgc 1L,3L,6L,1L,4L,1L,311L,10L,3L,3L - -#define SN_ms_efs "msEFS" -#define LN_ms_efs "Microsoft Encrypted File System" -#define NID_ms_efs 138 -#define OBJ_ms_efs 1L,3L,6L,1L,4L,1L,311L,10L,3L,4L - -/* Additional usage: Netscape */ - -#define SN_ns_sgc "nsSGC" -#define LN_ns_sgc "Netscape Server Gated Crypto" -#define NID_ns_sgc 139 -#define OBJ_ns_sgc OBJ_netscape,4L,1L - -#define SN_delta_crl "deltaCRL" -#define LN_delta_crl "X509v3 Delta CRL Indicator" -#define NID_delta_crl 140 -#define OBJ_delta_crl OBJ_id_ce,27L - -#define SN_crl_reason "CRLReason" -#define LN_crl_reason "CRL Reason Code" -#define NID_crl_reason 141 -#define OBJ_crl_reason OBJ_id_ce,21L - -#define SN_invalidity_date "invalidityDate" -#define LN_invalidity_date "Invalidity Date" -#define NID_invalidity_date 142 -#define OBJ_invalidity_date OBJ_id_ce,24L - -#define SN_sxnet "SXNetID" -#define LN_sxnet "Strong Extranet ID" -#define NID_sxnet 143 -#define OBJ_sxnet 1L,3L,101L,1L,4L,1L - -/* PKCS12 and related OBJECT IDENTIFIERS */ - -#define OBJ_pkcs12 OBJ_pkcs,12L -#define OBJ_pkcs12_pbeids OBJ_pkcs12, 1 - -#define SN_pbe_WithSHA1And128BitRC4 "PBE-SHA1-RC4-128" -#define LN_pbe_WithSHA1And128BitRC4 "pbeWithSHA1And128BitRC4" -#define NID_pbe_WithSHA1And128BitRC4 144 -#define OBJ_pbe_WithSHA1And128BitRC4 OBJ_pkcs12_pbeids, 1L - -#define SN_pbe_WithSHA1And40BitRC4 "PBE-SHA1-RC4-40" -#define LN_pbe_WithSHA1And40BitRC4 "pbeWithSHA1And40BitRC4" -#define NID_pbe_WithSHA1And40BitRC4 145 -#define OBJ_pbe_WithSHA1And40BitRC4 OBJ_pkcs12_pbeids, 2L - -#define SN_pbe_WithSHA1And3_Key_TripleDES_CBC "PBE-SHA1-3DES" -#define LN_pbe_WithSHA1And3_Key_TripleDES_CBC "pbeWithSHA1And3-KeyTripleDES-CBC" -#define NID_pbe_WithSHA1And3_Key_TripleDES_CBC 146 -#define OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC OBJ_pkcs12_pbeids, 3L - -#define SN_pbe_WithSHA1And2_Key_TripleDES_CBC "PBE-SHA1-2DES" -#define LN_pbe_WithSHA1And2_Key_TripleDES_CBC "pbeWithSHA1And2-KeyTripleDES-CBC" -#define NID_pbe_WithSHA1And2_Key_TripleDES_CBC 147 -#define OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC OBJ_pkcs12_pbeids, 4L - -#define SN_pbe_WithSHA1And128BitRC2_CBC "PBE-SHA1-RC2-128" -#define LN_pbe_WithSHA1And128BitRC2_CBC "pbeWithSHA1And128BitRC2-CBC" -#define NID_pbe_WithSHA1And128BitRC2_CBC 148 -#define OBJ_pbe_WithSHA1And128BitRC2_CBC OBJ_pkcs12_pbeids, 5L - -#define SN_pbe_WithSHA1And40BitRC2_CBC "PBE-SHA1-RC2-40" -#define LN_pbe_WithSHA1And40BitRC2_CBC "pbeWithSHA1And40BitRC2-CBC" -#define NID_pbe_WithSHA1And40BitRC2_CBC 149 -#define OBJ_pbe_WithSHA1And40BitRC2_CBC OBJ_pkcs12_pbeids, 6L - -#define OBJ_pkcs12_Version1 OBJ_pkcs12, 10L - -#define OBJ_pkcs12_BagIds OBJ_pkcs12_Version1, 1L - -#define LN_keyBag "keyBag" -#define NID_keyBag 150 -#define OBJ_keyBag OBJ_pkcs12_BagIds, 1L - -#define LN_pkcs8ShroudedKeyBag "pkcs8ShroudedKeyBag" -#define NID_pkcs8ShroudedKeyBag 151 -#define OBJ_pkcs8ShroudedKeyBag OBJ_pkcs12_BagIds, 2L - -#define LN_certBag "certBag" -#define NID_certBag 152 -#define OBJ_certBag OBJ_pkcs12_BagIds, 3L - -#define LN_crlBag "crlBag" -#define NID_crlBag 153 -#define OBJ_crlBag OBJ_pkcs12_BagIds, 4L - -#define LN_secretBag "secretBag" -#define NID_secretBag 154 -#define OBJ_secretBag OBJ_pkcs12_BagIds, 5L - -#define LN_safeContentsBag "safeContentsBag" -#define NID_safeContentsBag 155 -#define OBJ_safeContentsBag OBJ_pkcs12_BagIds, 6L - -#define LN_friendlyName "friendlyName" -#define NID_friendlyName 156 -#define OBJ_friendlyName OBJ_pkcs9, 20L - -#define LN_localKeyID "localKeyID" -#define NID_localKeyID 157 -#define OBJ_localKeyID OBJ_pkcs9, 21L - -#define OBJ_certTypes OBJ_pkcs9, 22L - -#define LN_x509Certificate "x509Certificate" -#define NID_x509Certificate 158 -#define OBJ_x509Certificate OBJ_certTypes, 1L - -#define LN_sdsiCertificate "sdsiCertificate" -#define NID_sdsiCertificate 159 -#define OBJ_sdsiCertificate OBJ_certTypes, 2L - -#define OBJ_crlTypes OBJ_pkcs9, 23L - -#define LN_x509Crl "x509Crl" -#define NID_x509Crl 160 -#define OBJ_x509Crl OBJ_crlTypes, 1L - -/* PKCS#5 v2 OIDs */ - -#define LN_pbes2 "PBES2" -#define NID_pbes2 161 -#define OBJ_pbes2 OBJ_pkcs,5L,13L - -#define LN_pbmac1 "PBMAC1" -#define NID_pbmac1 162 -#define OBJ_pbmac1 OBJ_pkcs,5L,14L - -#define LN_hmacWithSHA1 "hmacWithSHA1" -#define NID_hmacWithSHA1 163 -#define OBJ_hmacWithSHA1 OBJ_rsadsi,2L,7L - -/* Policy Qualifier Ids */ - -#define LN_id_qt_cps "Policy Qualifier CPS" -#define SN_id_qt_cps "id-qt-cps" -#define NID_id_qt_cps 164 -#define OBJ_id_qt_cps OBJ_id_pkix,2L,1L - -#define LN_id_qt_unotice "Policy Qualifier User Notice" -#define SN_id_qt_unotice "id-qt-unotice" -#define NID_id_qt_unotice 165 -#define OBJ_id_qt_unotice OBJ_id_pkix,2L,2L - -#define SN_rc2_64_cbc "RC2-64-CBC" -#define LN_rc2_64_cbc "rc2-64-cbc" -#define NID_rc2_64_cbc 166 - -#define SN_SMIMECapabilities "SMIME-CAPS" -#define LN_SMIMECapabilities "S/MIME Capabilities" -#define NID_SMIMECapabilities 167 -#define OBJ_SMIMECapabilities OBJ_pkcs9,15L - -#define SN_pbeWithMD2AndRC2_CBC "PBE-MD2-RC2-64" -#define LN_pbeWithMD2AndRC2_CBC "pbeWithMD2AndRC2-CBC" -#define NID_pbeWithMD2AndRC2_CBC 168 -#define OBJ_pbeWithMD2AndRC2_CBC OBJ_pkcs,5L,4L - -#define SN_pbeWithMD5AndRC2_CBC "PBE-MD5-RC2-64" -#define LN_pbeWithMD5AndRC2_CBC "pbeWithMD5AndRC2-CBC" -#define NID_pbeWithMD5AndRC2_CBC 169 -#define OBJ_pbeWithMD5AndRC2_CBC OBJ_pkcs,5L,6L - -#define SN_pbeWithSHA1AndDES_CBC "PBE-SHA1-DES" -#define LN_pbeWithSHA1AndDES_CBC "pbeWithSHA1AndDES-CBC" -#define NID_pbeWithSHA1AndDES_CBC 170 -#define OBJ_pbeWithSHA1AndDES_CBC OBJ_pkcs,5L,10L - -/* Extension request OIDs */ - -#define LN_ms_ext_req "Microsoft Extension Request" -#define SN_ms_ext_req "msExtReq" -#define NID_ms_ext_req 171 -#define OBJ_ms_ext_req 1L,3L,6L,1L,4L,1L,311L,2L,1L,14L - -#define LN_ext_req "Extension Request" -#define SN_ext_req "extReq" -#define NID_ext_req 172 -#define OBJ_ext_req OBJ_pkcs9,14L - -#define SN_name "name" -#define LN_name "name" -#define NID_name 173 -#define OBJ_name OBJ_X509,41L - -#define SN_dnQualifier "dnQualifier" -#define LN_dnQualifier "dnQualifier" -#define NID_dnQualifier 174 -#define OBJ_dnQualifier OBJ_X509,46L - -#define SN_id_pe "id-pe" -#define NID_id_pe 175 -#define OBJ_id_pe OBJ_id_pkix,1L - -#define SN_id_ad "id-ad" -#define NID_id_ad 176 -#define OBJ_id_ad OBJ_id_pkix,48L - -#define SN_info_access "authorityInfoAccess" -#define LN_info_access "Authority Information Access" -#define NID_info_access 177 -#define OBJ_info_access OBJ_id_pe,1L - -#define SN_ad_OCSP "OCSP" -#define LN_ad_OCSP "OCSP" -#define NID_ad_OCSP 178 -#define OBJ_ad_OCSP OBJ_id_ad,1L - -#define SN_ad_ca_issuers "caIssuers" -#define LN_ad_ca_issuers "CA Issuers" -#define NID_ad_ca_issuers 179 -#define OBJ_ad_ca_issuers OBJ_id_ad,2L - -#define SN_OCSP_sign "OCSPSigning" -#define LN_OCSP_sign "OCSP Signing" -#define NID_OCSP_sign 180 -#define OBJ_OCSP_sign OBJ_id_kp,9L -#endif /* USE_OBJ_MAC */ - -#include <openssl/bio.h> -#include <openssl/asn1.h> - -#define OBJ_NAME_TYPE_UNDEF 0x00 -#define OBJ_NAME_TYPE_MD_METH 0x01 -#define OBJ_NAME_TYPE_CIPHER_METH 0x02 -#define OBJ_NAME_TYPE_PKEY_METH 0x03 -#define OBJ_NAME_TYPE_COMP_METH 0x04 -#define OBJ_NAME_TYPE_NUM 0x05 - -#define OBJ_NAME_ALIAS 0x8000 - -#define OBJ_BSEARCH_VALUE_ON_NOMATCH 0x01 -#define OBJ_BSEARCH_FIRST_VALUE_ON_MATCH 0x02 - - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct obj_name_st { - int type; - int alias; - const char *name; - const char *data; -} OBJ_NAME; - -#define OBJ_create_and_add_object(a,b,c) OBJ_create(a,b,c) - - -int OBJ_NAME_init(void); -int OBJ_NAME_new_index(unsigned long (*hash_func)(const char *), - int (*cmp_func)(const char *, const char *), - void (*free_func)(const char *, int, const char *)); -const char *OBJ_NAME_get(const char *name, int type); -int OBJ_NAME_add(const char *name, int type, const char *data); -int OBJ_NAME_remove(const char *name, int type); -void OBJ_NAME_cleanup(int type); /* -1 for everything */ -void OBJ_NAME_do_all(int type, void (*fn)(const OBJ_NAME *, void *arg), - void *arg); -void OBJ_NAME_do_all_sorted(int type, void (*fn)(const OBJ_NAME *, void *arg), - void *arg); - -ASN1_OBJECT * OBJ_dup(const ASN1_OBJECT *o); -ASN1_OBJECT * OBJ_nid2obj(int n); -const char * OBJ_nid2ln(int n); -const char * OBJ_nid2sn(int n); -int OBJ_obj2nid(const ASN1_OBJECT *o); -ASN1_OBJECT * OBJ_txt2obj(const char *s, int no_name); -int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name); -int OBJ_txt2nid(const char *s); -int OBJ_ln2nid(const char *s); -int OBJ_sn2nid(const char *s); -int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b); -const void * OBJ_bsearch_(const void *key, const void *base, int num, - int size, int (*cmp)(const void *, const void *)); -const void * OBJ_bsearch_ex_(const void *key, const void *base, int num, - int size, int (*cmp)(const void *, const void *), - int flags); - -#ifndef LIBRESSL_INTERNAL - -#define _DECLARE_OBJ_BSEARCH_CMP_FN(scope, type1, type2, nm) \ - static int nm##_cmp_BSEARCH_CMP_FN(const void *, const void *); \ - static int nm##_cmp(type1 const *, type2 const *); \ - scope type2 * OBJ_bsearch_##nm(type1 *key, type2 const *base, int num) - -#define DECLARE_OBJ_BSEARCH_CMP_FN(type1, type2, cmp) \ - _DECLARE_OBJ_BSEARCH_CMP_FN(static, type1, type2, cmp) -#define DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN(type1, type2, nm) \ - type2 * OBJ_bsearch_##nm(type1 *key, type2 const *base, int num) - -/* - * Unsolved problem: if a type is actually a pointer type, like - * nid_triple is, then its impossible to get a const where you need - * it. Consider: - * - * typedef int nid_triple[3]; - * const void *a_; - * const nid_triple const *a = a_; - * - * The assignement discards a const because what you really want is: - * - * const int const * const *a = a_; - * - * But if you do that, you lose the fact that a is an array of 3 ints, - * which breaks comparison functions. - * - * Thus we end up having to cast, sadly, or unpack the - * declarations. Or, as I finally did in this case, delcare nid_triple - * to be a struct, which it should have been in the first place. - * - * Ben, August 2008. - * - * Also, strictly speaking not all types need be const, but handling - * the non-constness means a lot of complication, and in practice - * comparison routines do always not touch their arguments. - */ - -#define IMPLEMENT_OBJ_BSEARCH_CMP_FN(type1, type2, nm) \ - static int nm##_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_) \ - { \ - type1 const *a = a_; \ - type2 const *b = b_; \ - return nm##_cmp(a,b); \ - } \ - static type2 *OBJ_bsearch_##nm(type1 *key, type2 const *base, int num) \ - { \ - return (type2 *)OBJ_bsearch_(key, base, num, sizeof(type2), \ - nm##_cmp_BSEARCH_CMP_FN); \ - } \ - extern void dummy_prototype(void) - -#define IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(type1, type2, nm) \ - static int nm##_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_) \ - { \ - type1 const *a = a_; \ - type2 const *b = b_; \ - return nm##_cmp(a,b); \ - } \ - type2 *OBJ_bsearch_##nm(type1 *key, type2 const *base, int num) \ - { \ - return (type2 *)OBJ_bsearch_(key, base, num, sizeof(type2), \ - nm##_cmp_BSEARCH_CMP_FN); \ - } \ - extern void dummy_prototype(void) - -#define OBJ_bsearch(type1,key,type2,base,num,cmp) \ - ((type2 *)OBJ_bsearch_(CHECKED_PTR_OF(type1,key),CHECKED_PTR_OF(type2,base), \ - num,sizeof(type2), \ - ((void)CHECKED_PTR_OF(type1,cmp##_type_1), \ - (void)CHECKED_PTR_OF(type2,cmp##_type_2), \ - cmp##_BSEARCH_CMP_FN))) - -#define OBJ_bsearch_ex(type1,key,type2,base,num,cmp,flags) \ - ((type2 *)OBJ_bsearch_ex_(CHECKED_PTR_OF(type1,key),CHECKED_PTR_OF(type2,base), \ - num,sizeof(type2), \ - ((void)CHECKED_PTR_OF(type1,cmp##_type_1), \ - (void)type_2=CHECKED_PTR_OF(type2,cmp##_type_2), \ - cmp##_BSEARCH_CMP_FN)),flags) - -#endif /* !LIBRESSL_INTERNAL */ - -int OBJ_new_nid(int num); -int OBJ_add_object(const ASN1_OBJECT *obj); -int OBJ_create(const char *oid, const char *sn, const char *ln); -void OBJ_cleanup(void ); -int OBJ_create_objects(BIO *in); - -int OBJ_find_sigid_algs(int signid, int *pdig_nid, int *ppkey_nid); -int OBJ_find_sigid_by_algs(int *psignid, int dig_nid, int pkey_nid); -int OBJ_add_sigid(int signid, int dig_id, int pkey_id); -void OBJ_sigid_free(void); - -extern int obj_cleanup_defer; -void check_defer(int nid); - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_OBJ_strings(void); - -/* Error codes for the OBJ functions. */ - -/* Function codes. */ -#define OBJ_F_OBJ_ADD_OBJECT 105 -#define OBJ_F_OBJ_CREATE 100 -#define OBJ_F_OBJ_DUP 101 -#define OBJ_F_OBJ_NAME_NEW_INDEX 106 -#define OBJ_F_OBJ_NID2LN 102 -#define OBJ_F_OBJ_NID2OBJ 103 -#define OBJ_F_OBJ_NID2SN 104 - -/* Reason codes. */ -#define OBJ_R_MALLOC_FAILURE 100 -#define OBJ_R_UNKNOWN_NID 101 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/openssl/ocsp.h b/libressl/include64/openssl/ocsp.h deleted file mode 100644 index 316fb8ed..00000000 --- a/libressl/include64/openssl/ocsp.h +++ /dev/null @@ -1,671 +0,0 @@ -/* $OpenBSD: ocsp.h,v 1.16 2018/08/24 20:03:21 tb Exp $ */ -/* Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL - * project. */ - -/* History: - This file was transfered to Richard Levitte from CertCo by Kathy - Weinhold in mid-spring 2000 to be included in OpenSSL or released - as a patch kit. */ - -/* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_OCSP_H -#define HEADER_OCSP_H - -#include <openssl/ossl_typ.h> -#include <openssl/x509.h> -#include <openssl/x509v3.h> -#include <openssl/safestack.h> - -#ifdef __cplusplus -extern "C" { -#endif - -/* Various flags and values */ - -#define OCSP_DEFAULT_NONCE_LENGTH 16 - -#define OCSP_NOCERTS 0x1 -#define OCSP_NOINTERN 0x2 -#define OCSP_NOSIGS 0x4 -#define OCSP_NOCHAIN 0x8 -#define OCSP_NOVERIFY 0x10 -#define OCSP_NOEXPLICIT 0x20 -#define OCSP_NOCASIGN 0x40 -#define OCSP_NODELEGATED 0x80 -#define OCSP_NOCHECKS 0x100 -#define OCSP_TRUSTOTHER 0x200 -#define OCSP_RESPID_KEY 0x400 -#define OCSP_NOTIME 0x800 - -/* CertID ::= SEQUENCE { - * hashAlgorithm AlgorithmIdentifier, - * issuerNameHash OCTET STRING, -- Hash of Issuer's DN - * issuerKeyHash OCTET STRING, -- Hash of Issuers public key (excluding the tag & length fields) - * serialNumber CertificateSerialNumber } - */ -typedef struct ocsp_cert_id_st { - X509_ALGOR *hashAlgorithm; - ASN1_OCTET_STRING *issuerNameHash; - ASN1_OCTET_STRING *issuerKeyHash; - ASN1_INTEGER *serialNumber; -} OCSP_CERTID; - -DECLARE_STACK_OF(OCSP_CERTID) - -/* Request ::= SEQUENCE { - * reqCert CertID, - * singleRequestExtensions [0] EXPLICIT Extensions OPTIONAL } - */ -typedef struct ocsp_one_request_st { - OCSP_CERTID *reqCert; - STACK_OF(X509_EXTENSION) *singleRequestExtensions; -} OCSP_ONEREQ; - -DECLARE_STACK_OF(OCSP_ONEREQ) - - -/* TBSRequest ::= SEQUENCE { - * version [0] EXPLICIT Version DEFAULT v1, - * requestorName [1] EXPLICIT GeneralName OPTIONAL, - * requestList SEQUENCE OF Request, - * requestExtensions [2] EXPLICIT Extensions OPTIONAL } - */ -typedef struct ocsp_req_info_st { - ASN1_INTEGER *version; - GENERAL_NAME *requestorName; - STACK_OF(OCSP_ONEREQ) *requestList; - STACK_OF(X509_EXTENSION) *requestExtensions; -} OCSP_REQINFO; - -/* Signature ::= SEQUENCE { - * signatureAlgorithm AlgorithmIdentifier, - * signature BIT STRING, - * certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL } - */ -typedef struct ocsp_signature_st { - X509_ALGOR *signatureAlgorithm; - ASN1_BIT_STRING *signature; - STACK_OF(X509) *certs; -} OCSP_SIGNATURE; - -/* OCSPRequest ::= SEQUENCE { - * tbsRequest TBSRequest, - * optionalSignature [0] EXPLICIT Signature OPTIONAL } - */ -typedef struct ocsp_request_st { - OCSP_REQINFO *tbsRequest; - OCSP_SIGNATURE *optionalSignature; /* OPTIONAL */ -} OCSP_REQUEST; - -/* OCSPResponseStatus ::= ENUMERATED { - * successful (0), --Response has valid confirmations - * malformedRequest (1), --Illegal confirmation request - * internalError (2), --Internal error in issuer - * tryLater (3), --Try again later - * --(4) is not used - * sigRequired (5), --Must sign the request - * unauthorized (6) --Request unauthorized - * } - */ -#define OCSP_RESPONSE_STATUS_SUCCESSFUL 0 -#define OCSP_RESPONSE_STATUS_MALFORMEDREQUEST 1 -#define OCSP_RESPONSE_STATUS_INTERNALERROR 2 -#define OCSP_RESPONSE_STATUS_TRYLATER 3 -#define OCSP_RESPONSE_STATUS_SIGREQUIRED 5 -#define OCSP_RESPONSE_STATUS_UNAUTHORIZED 6 - -/* ResponseBytes ::= SEQUENCE { - * responseType OBJECT IDENTIFIER, - * response OCTET STRING } - */ -typedef struct ocsp_resp_bytes_st { - ASN1_OBJECT *responseType; - ASN1_OCTET_STRING *response; -} OCSP_RESPBYTES; - -/* OCSPResponse ::= SEQUENCE { - * responseStatus OCSPResponseStatus, - * responseBytes [0] EXPLICIT ResponseBytes OPTIONAL } - */ -struct ocsp_response_st { - ASN1_ENUMERATED *responseStatus; - OCSP_RESPBYTES *responseBytes; -}; - -/* ResponderID ::= CHOICE { - * byName [1] Name, - * byKey [2] KeyHash } - */ -#define V_OCSP_RESPID_NAME 0 -#define V_OCSP_RESPID_KEY 1 -struct ocsp_responder_id_st { - int type; - union { - X509_NAME* byName; - ASN1_OCTET_STRING *byKey; - } value; -}; - -DECLARE_STACK_OF(OCSP_RESPID) -OCSP_RESPID *OCSP_RESPID_new(void); -void OCSP_RESPID_free(OCSP_RESPID *a); -OCSP_RESPID *d2i_OCSP_RESPID(OCSP_RESPID **a, const unsigned char **in, long len); -int i2d_OCSP_RESPID(OCSP_RESPID *a, unsigned char **out); -extern const ASN1_ITEM OCSP_RESPID_it; - -/* KeyHash ::= OCTET STRING --SHA-1 hash of responder's public key - * --(excluding the tag and length fields) - */ - -/* RevokedInfo ::= SEQUENCE { - * revocationTime GeneralizedTime, - * revocationReason [0] EXPLICIT CRLReason OPTIONAL } - */ -typedef struct ocsp_revoked_info_st { - ASN1_GENERALIZEDTIME *revocationTime; - ASN1_ENUMERATED *revocationReason; -} OCSP_REVOKEDINFO; - -/* CertStatus ::= CHOICE { - * good [0] IMPLICIT NULL, - * revoked [1] IMPLICIT RevokedInfo, - * unknown [2] IMPLICIT UnknownInfo } - */ -#define V_OCSP_CERTSTATUS_GOOD 0 -#define V_OCSP_CERTSTATUS_REVOKED 1 -#define V_OCSP_CERTSTATUS_UNKNOWN 2 -typedef struct ocsp_cert_status_st { - int type; - union { - ASN1_NULL *good; - OCSP_REVOKEDINFO *revoked; - ASN1_NULL *unknown; - } value; -} OCSP_CERTSTATUS; - -/* SingleResponse ::= SEQUENCE { - * certID CertID, - * certStatus CertStatus, - * thisUpdate GeneralizedTime, - * nextUpdate [0] EXPLICIT GeneralizedTime OPTIONAL, - * singleExtensions [1] EXPLICIT Extensions OPTIONAL } - */ -typedef struct ocsp_single_response_st { - OCSP_CERTID *certId; - OCSP_CERTSTATUS *certStatus; - ASN1_GENERALIZEDTIME *thisUpdate; - ASN1_GENERALIZEDTIME *nextUpdate; - STACK_OF(X509_EXTENSION) *singleExtensions; -} OCSP_SINGLERESP; - -DECLARE_STACK_OF(OCSP_SINGLERESP) - -/* ResponseData ::= SEQUENCE { - * version [0] EXPLICIT Version DEFAULT v1, - * responderID ResponderID, - * producedAt GeneralizedTime, - * responses SEQUENCE OF SingleResponse, - * responseExtensions [1] EXPLICIT Extensions OPTIONAL } - */ -typedef struct ocsp_response_data_st { - ASN1_INTEGER *version; - OCSP_RESPID *responderId; - ASN1_GENERALIZEDTIME *producedAt; - STACK_OF(OCSP_SINGLERESP) *responses; - STACK_OF(X509_EXTENSION) *responseExtensions; -} OCSP_RESPDATA; - -/* BasicOCSPResponse ::= SEQUENCE { - * tbsResponseData ResponseData, - * signatureAlgorithm AlgorithmIdentifier, - * signature BIT STRING, - * certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL } - */ - /* Note 1: - The value for "signature" is specified in the OCSP rfc2560 as follows: - "The value for the signature SHALL be computed on the hash of the DER - encoding ResponseData." This means that you must hash the DER-encoded - tbsResponseData, and then run it through a crypto-signing function, which - will (at least w/RSA) do a hash-'n'-private-encrypt operation. This seems - a bit odd, but that's the spec. Also note that the data structures do not - leave anywhere to independently specify the algorithm used for the initial - hash. So, we look at the signature-specification algorithm, and try to do - something intelligent. -- Kathy Weinhold, CertCo */ - /* Note 2: - It seems that the mentioned passage from RFC 2560 (section 4.2.1) is open - for interpretation. I've done tests against another responder, and found - that it doesn't do the double hashing that the RFC seems to say one - should. Therefore, all relevant functions take a flag saying which - variant should be used. -- Richard Levitte, OpenSSL team and CeloCom */ -typedef struct ocsp_basic_response_st { - OCSP_RESPDATA *tbsResponseData; - X509_ALGOR *signatureAlgorithm; - ASN1_BIT_STRING *signature; - STACK_OF(X509) *certs; -} OCSP_BASICRESP; - -/* - * CRLReason ::= ENUMERATED { - * unspecified (0), - * keyCompromise (1), - * cACompromise (2), - * affiliationChanged (3), - * superseded (4), - * cessationOfOperation (5), - * certificateHold (6), - * removeFromCRL (8) } - */ -#define OCSP_REVOKED_STATUS_NOSTATUS -1 -#define OCSP_REVOKED_STATUS_UNSPECIFIED 0 -#define OCSP_REVOKED_STATUS_KEYCOMPROMISE 1 -#define OCSP_REVOKED_STATUS_CACOMPROMISE 2 -#define OCSP_REVOKED_STATUS_AFFILIATIONCHANGED 3 -#define OCSP_REVOKED_STATUS_SUPERSEDED 4 -#define OCSP_REVOKED_STATUS_CESSATIONOFOPERATION 5 -#define OCSP_REVOKED_STATUS_CERTIFICATEHOLD 6 -#define OCSP_REVOKED_STATUS_REMOVEFROMCRL 8 - -/* CrlID ::= SEQUENCE { - * crlUrl [0] EXPLICIT IA5String OPTIONAL, - * crlNum [1] EXPLICIT INTEGER OPTIONAL, - * crlTime [2] EXPLICIT GeneralizedTime OPTIONAL } - */ -typedef struct ocsp_crl_id_st { - ASN1_IA5STRING *crlUrl; - ASN1_INTEGER *crlNum; - ASN1_GENERALIZEDTIME *crlTime; -} OCSP_CRLID; - -/* ServiceLocator ::= SEQUENCE { - * issuer Name, - * locator AuthorityInfoAccessSyntax OPTIONAL } - */ -typedef struct ocsp_service_locator_st { - X509_NAME* issuer; - STACK_OF(ACCESS_DESCRIPTION) *locator; -} OCSP_SERVICELOC; - -#define PEM_STRING_OCSP_REQUEST "OCSP REQUEST" -#define PEM_STRING_OCSP_RESPONSE "OCSP RESPONSE" - -#define PEM_read_bio_OCSP_REQUEST(bp,x,cb) \ - (OCSP_REQUEST *)PEM_ASN1_read_bio((char *(*)())d2i_OCSP_REQUEST, \ - PEM_STRING_OCSP_REQUEST,bp,(char **)x,cb,NULL) - -#define PEM_read_bio_OCSP_RESPONSE(bp,x,cb) \ - (OCSP_RESPONSE *)PEM_ASN1_read_bio((char *(*)())d2i_OCSP_RESPONSE, \ - PEM_STRING_OCSP_RESPONSE,bp,(char **)x,cb,NULL) - -#define PEM_write_bio_OCSP_REQUEST(bp,o) \ - PEM_ASN1_write_bio((int (*)())i2d_OCSP_REQUEST,PEM_STRING_OCSP_REQUEST,\ - bp,(char *)o, NULL,NULL,0,NULL,NULL) - -#define PEM_write_bio_OCSP_RESPONSE(bp,o) \ - PEM_ASN1_write_bio((int (*)())i2d_OCSP_RESPONSE,PEM_STRING_OCSP_RESPONSE,\ - bp,(char *)o, NULL,NULL,0,NULL,NULL) - -#define OCSP_REQUEST_sign(o,pkey,md) \ - ASN1_item_sign(&OCSP_REQINFO_it, \ - o->optionalSignature->signatureAlgorithm,NULL, \ - o->optionalSignature->signature,o->tbsRequest,pkey,md) - -#define OCSP_BASICRESP_sign(o,pkey,md,d) \ - ASN1_item_sign(&OCSP_RESPDATA_it,o->signatureAlgorithm,NULL, \ - o->signature,o->tbsResponseData,pkey,md) - -#define OCSP_REQUEST_verify(a,r) \ - ASN1_item_verify(&OCSP_REQINFO_it, \ - a->optionalSignature->signatureAlgorithm, \ - a->optionalSignature->signature,a->tbsRequest,r) - -#define OCSP_BASICRESP_verify(a,r,d) \ - ASN1_item_verify(&OCSP_RESPDATA_it, \ - a->signatureAlgorithm,a->signature,a->tbsResponseData,r) - -#define ASN1_BIT_STRING_digest(data,type,md,len) \ - ASN1_item_digest(&ASN1_BIT_STRING_it,type,data,md,len) - -#define OCSP_CERTSTATUS_dup(cs) \ - ASN1_item_dup(&OCSP_CERTSTATUS_it, cs) - -OCSP_CERTID *OCSP_CERTID_dup(OCSP_CERTID *id); - -OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, const char *path, OCSP_REQUEST *req); -OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, const char *path, OCSP_REQUEST *req, - int maxline); -int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx); -void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx); -int OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, OCSP_REQUEST *req); -int OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx, const char *name, - const char *value); - -OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, const X509 *subject, - const X509 *issuer); - -OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst, const X509_NAME *issuerName, - const ASN1_BIT_STRING *issuerKey, const ASN1_INTEGER *serialNumber); - -OCSP_ONEREQ *OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid); - -int OCSP_request_add1_nonce(OCSP_REQUEST *req, unsigned char *val, int len); -int OCSP_basic_add1_nonce(OCSP_BASICRESP *resp, unsigned char *val, int len); -int OCSP_check_nonce(OCSP_REQUEST *req, OCSP_BASICRESP *bs); -int OCSP_copy_nonce(OCSP_BASICRESP *resp, OCSP_REQUEST *req); - -int OCSP_request_set1_name(OCSP_REQUEST *req, X509_NAME *nm); -int OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert); - -int OCSP_request_sign(OCSP_REQUEST *req, X509 *signer, EVP_PKEY *key, - const EVP_MD *dgst, STACK_OF(X509) *certs, unsigned long flags); - -int OCSP_response_status(OCSP_RESPONSE *resp); -OCSP_BASICRESP *OCSP_response_get1_basic(OCSP_RESPONSE *resp); - -int OCSP_resp_count(OCSP_BASICRESP *bs); -OCSP_SINGLERESP *OCSP_resp_get0(OCSP_BASICRESP *bs, int idx); -int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last); -int OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason, - ASN1_GENERALIZEDTIME **revtime, ASN1_GENERALIZEDTIME **thisupd, - ASN1_GENERALIZEDTIME **nextupd); -int OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status, - int *reason, ASN1_GENERALIZEDTIME **revtime, - ASN1_GENERALIZEDTIME **thisupd, ASN1_GENERALIZEDTIME **nextupd); -int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd, - ASN1_GENERALIZEDTIME *nextupd, long sec, long maxsec); - -int OCSP_request_verify(OCSP_REQUEST *req, STACK_OF(X509) *certs, - X509_STORE *store, unsigned long flags); - -int OCSP_parse_url(const char *url, char **phost, char **pport, - char **ppath, int *pssl); - -int OCSP_id_issuer_cmp(OCSP_CERTID *a, OCSP_CERTID *b); -int OCSP_id_cmp(OCSP_CERTID *a, OCSP_CERTID *b); - -int OCSP_request_onereq_count(OCSP_REQUEST *req); -OCSP_ONEREQ *OCSP_request_onereq_get0(OCSP_REQUEST *req, int i); -OCSP_CERTID *OCSP_onereq_get0_id(OCSP_ONEREQ *one); -int OCSP_id_get0_info(ASN1_OCTET_STRING **piNameHash, ASN1_OBJECT **pmd, - ASN1_OCTET_STRING **pikeyHash, ASN1_INTEGER **pserial, - OCSP_CERTID *cid); -int OCSP_request_is_signed(OCSP_REQUEST *req); -OCSP_RESPONSE *OCSP_response_create(int status, OCSP_BASICRESP *bs); -OCSP_SINGLERESP *OCSP_basic_add1_status(OCSP_BASICRESP *rsp, OCSP_CERTID *cid, - int status, int reason, ASN1_TIME *revtime, ASN1_TIME *thisupd, - ASN1_TIME *nextupd); -int OCSP_basic_add1_cert(OCSP_BASICRESP *resp, X509 *cert); -int OCSP_basic_sign(OCSP_BASICRESP *brsp, X509 *signer, EVP_PKEY *key, - const EVP_MD *dgst, STACK_OF(X509) *certs, unsigned long flags); - -X509_EXTENSION *OCSP_crlID_new(const char *url, long *n, char *tim); - -X509_EXTENSION *OCSP_accept_responses_new(char **oids); - -X509_EXTENSION *OCSP_archive_cutoff_new(char* tim); - -X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME* issuer, const char **urls); - -int OCSP_REQUEST_get_ext_count(OCSP_REQUEST *x); -int OCSP_REQUEST_get_ext_by_NID(OCSP_REQUEST *x, int nid, int lastpos); -int OCSP_REQUEST_get_ext_by_OBJ(OCSP_REQUEST *x, const ASN1_OBJECT *obj, - int lastpos); -int OCSP_REQUEST_get_ext_by_critical(OCSP_REQUEST *x, int crit, - int lastpos); -X509_EXTENSION *OCSP_REQUEST_get_ext(OCSP_REQUEST *x, int loc); -X509_EXTENSION *OCSP_REQUEST_delete_ext(OCSP_REQUEST *x, int loc); -void *OCSP_REQUEST_get1_ext_d2i(OCSP_REQUEST *x, int nid, int *crit, int *idx); -int OCSP_REQUEST_add1_ext_i2d(OCSP_REQUEST *x, int nid, void *value, - int crit, unsigned long flags); -int OCSP_REQUEST_add_ext(OCSP_REQUEST *x, X509_EXTENSION *ex, int loc); - -int OCSP_ONEREQ_get_ext_count(OCSP_ONEREQ *x); -int OCSP_ONEREQ_get_ext_by_NID(OCSP_ONEREQ *x, int nid, int lastpos); -int OCSP_ONEREQ_get_ext_by_OBJ(OCSP_ONEREQ *x, const ASN1_OBJECT *obj, - int lastpos); -int OCSP_ONEREQ_get_ext_by_critical(OCSP_ONEREQ *x, int crit, int lastpos); -X509_EXTENSION *OCSP_ONEREQ_get_ext(OCSP_ONEREQ *x, int loc); -X509_EXTENSION *OCSP_ONEREQ_delete_ext(OCSP_ONEREQ *x, int loc); -void *OCSP_ONEREQ_get1_ext_d2i(OCSP_ONEREQ *x, int nid, int *crit, int *idx); -int OCSP_ONEREQ_add1_ext_i2d(OCSP_ONEREQ *x, int nid, void *value, int crit, - unsigned long flags); -int OCSP_ONEREQ_add_ext(OCSP_ONEREQ *x, X509_EXTENSION *ex, int loc); - -int OCSP_BASICRESP_get_ext_count(OCSP_BASICRESP *x); -int OCSP_BASICRESP_get_ext_by_NID(OCSP_BASICRESP *x, int nid, int lastpos); -int OCSP_BASICRESP_get_ext_by_OBJ(OCSP_BASICRESP *x, const ASN1_OBJECT *obj, - int lastpos); -int OCSP_BASICRESP_get_ext_by_critical(OCSP_BASICRESP *x, int crit, - int lastpos); -X509_EXTENSION *OCSP_BASICRESP_get_ext(OCSP_BASICRESP *x, int loc); -X509_EXTENSION *OCSP_BASICRESP_delete_ext(OCSP_BASICRESP *x, int loc); -void *OCSP_BASICRESP_get1_ext_d2i(OCSP_BASICRESP *x, int nid, int *crit, - int *idx); -int OCSP_BASICRESP_add1_ext_i2d(OCSP_BASICRESP *x, int nid, void *value, - int crit, unsigned long flags); -int OCSP_BASICRESP_add_ext(OCSP_BASICRESP *x, X509_EXTENSION *ex, int loc); - -int OCSP_SINGLERESP_get_ext_count(OCSP_SINGLERESP *x); -int OCSP_SINGLERESP_get_ext_by_NID(OCSP_SINGLERESP *x, int nid, - int lastpos); -int OCSP_SINGLERESP_get_ext_by_OBJ(OCSP_SINGLERESP *x, - const ASN1_OBJECT *obj, int lastpos); -int OCSP_SINGLERESP_get_ext_by_critical(OCSP_SINGLERESP *x, int crit, - int lastpos); -X509_EXTENSION *OCSP_SINGLERESP_get_ext(OCSP_SINGLERESP *x, int loc); -X509_EXTENSION *OCSP_SINGLERESP_delete_ext(OCSP_SINGLERESP *x, int loc); -void *OCSP_SINGLERESP_get1_ext_d2i(OCSP_SINGLERESP *x, int nid, int *crit, - int *idx); -int OCSP_SINGLERESP_add1_ext_i2d(OCSP_SINGLERESP *x, int nid, void *value, - int crit, unsigned long flags); -int OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, - int loc); -const OCSP_CERTID *OCSP_SINGLERESP_get0_id(const OCSP_SINGLERESP *x); - -OCSP_SINGLERESP *OCSP_SINGLERESP_new(void); -void OCSP_SINGLERESP_free(OCSP_SINGLERESP *a); -OCSP_SINGLERESP *d2i_OCSP_SINGLERESP(OCSP_SINGLERESP **a, const unsigned char **in, long len); -int i2d_OCSP_SINGLERESP(OCSP_SINGLERESP *a, unsigned char **out); -extern const ASN1_ITEM OCSP_SINGLERESP_it; -OCSP_CERTSTATUS *OCSP_CERTSTATUS_new(void); -void OCSP_CERTSTATUS_free(OCSP_CERTSTATUS *a); -OCSP_CERTSTATUS *d2i_OCSP_CERTSTATUS(OCSP_CERTSTATUS **a, const unsigned char **in, long len); -int i2d_OCSP_CERTSTATUS(OCSP_CERTSTATUS *a, unsigned char **out); -extern const ASN1_ITEM OCSP_CERTSTATUS_it; -OCSP_REVOKEDINFO *OCSP_REVOKEDINFO_new(void); -void OCSP_REVOKEDINFO_free(OCSP_REVOKEDINFO *a); -OCSP_REVOKEDINFO *d2i_OCSP_REVOKEDINFO(OCSP_REVOKEDINFO **a, const unsigned char **in, long len); -int i2d_OCSP_REVOKEDINFO(OCSP_REVOKEDINFO *a, unsigned char **out); -extern const ASN1_ITEM OCSP_REVOKEDINFO_it; -OCSP_BASICRESP *OCSP_BASICRESP_new(void); -void OCSP_BASICRESP_free(OCSP_BASICRESP *a); -OCSP_BASICRESP *d2i_OCSP_BASICRESP(OCSP_BASICRESP **a, const unsigned char **in, long len); -int i2d_OCSP_BASICRESP(OCSP_BASICRESP *a, unsigned char **out); -extern const ASN1_ITEM OCSP_BASICRESP_it; -OCSP_RESPDATA *OCSP_RESPDATA_new(void); -void OCSP_RESPDATA_free(OCSP_RESPDATA *a); -OCSP_RESPDATA *d2i_OCSP_RESPDATA(OCSP_RESPDATA **a, const unsigned char **in, long len); -int i2d_OCSP_RESPDATA(OCSP_RESPDATA *a, unsigned char **out); -extern const ASN1_ITEM OCSP_RESPDATA_it; -OCSP_RESPID *OCSP_RESPID_new(void); -void OCSP_RESPID_free(OCSP_RESPID *a); -OCSP_RESPID *d2i_OCSP_RESPID(OCSP_RESPID **a, const unsigned char **in, long len); -int i2d_OCSP_RESPID(OCSP_RESPID *a, unsigned char **out); -extern const ASN1_ITEM OCSP_RESPID_it; -OCSP_RESPONSE *OCSP_RESPONSE_new(void); -void OCSP_RESPONSE_free(OCSP_RESPONSE *a); -OCSP_RESPONSE *d2i_OCSP_RESPONSE(OCSP_RESPONSE **a, const unsigned char **in, long len); -int i2d_OCSP_RESPONSE(OCSP_RESPONSE *a, unsigned char **out); -OCSP_RESPONSE *d2i_OCSP_RESPONSE_bio(BIO *bp, OCSP_RESPONSE **a); -int i2d_OCSP_RESPONSE_bio(BIO *bp, OCSP_RESPONSE *a); -extern const ASN1_ITEM OCSP_RESPONSE_it; -OCSP_RESPBYTES *OCSP_RESPBYTES_new(void); -void OCSP_RESPBYTES_free(OCSP_RESPBYTES *a); -OCSP_RESPBYTES *d2i_OCSP_RESPBYTES(OCSP_RESPBYTES **a, const unsigned char **in, long len); -int i2d_OCSP_RESPBYTES(OCSP_RESPBYTES *a, unsigned char **out); -extern const ASN1_ITEM OCSP_RESPBYTES_it; -OCSP_ONEREQ *OCSP_ONEREQ_new(void); -void OCSP_ONEREQ_free(OCSP_ONEREQ *a); -OCSP_ONEREQ *d2i_OCSP_ONEREQ(OCSP_ONEREQ **a, const unsigned char **in, long len); -int i2d_OCSP_ONEREQ(OCSP_ONEREQ *a, unsigned char **out); -extern const ASN1_ITEM OCSP_ONEREQ_it; -OCSP_CERTID *OCSP_CERTID_new(void); -void OCSP_CERTID_free(OCSP_CERTID *a); -OCSP_CERTID *d2i_OCSP_CERTID(OCSP_CERTID **a, const unsigned char **in, long len); -int i2d_OCSP_CERTID(OCSP_CERTID *a, unsigned char **out); -extern const ASN1_ITEM OCSP_CERTID_it; -OCSP_REQUEST *OCSP_REQUEST_new(void); -void OCSP_REQUEST_free(OCSP_REQUEST *a); -OCSP_REQUEST *d2i_OCSP_REQUEST(OCSP_REQUEST **a, const unsigned char **in, long len); -int i2d_OCSP_REQUEST(OCSP_REQUEST *a, unsigned char **out); -OCSP_REQUEST *d2i_OCSP_REQUEST_bio(BIO *bp, OCSP_REQUEST **a); -int i2d_OCSP_REQUEST_bio(BIO *bp, OCSP_REQUEST *a); -extern const ASN1_ITEM OCSP_REQUEST_it; -OCSP_SIGNATURE *OCSP_SIGNATURE_new(void); -void OCSP_SIGNATURE_free(OCSP_SIGNATURE *a); -OCSP_SIGNATURE *d2i_OCSP_SIGNATURE(OCSP_SIGNATURE **a, const unsigned char **in, long len); -int i2d_OCSP_SIGNATURE(OCSP_SIGNATURE *a, unsigned char **out); -extern const ASN1_ITEM OCSP_SIGNATURE_it; -OCSP_REQINFO *OCSP_REQINFO_new(void); -void OCSP_REQINFO_free(OCSP_REQINFO *a); -OCSP_REQINFO *d2i_OCSP_REQINFO(OCSP_REQINFO **a, const unsigned char **in, long len); -int i2d_OCSP_REQINFO(OCSP_REQINFO *a, unsigned char **out); -extern const ASN1_ITEM OCSP_REQINFO_it; -OCSP_CRLID *OCSP_CRLID_new(void); -void OCSP_CRLID_free(OCSP_CRLID *a); -OCSP_CRLID *d2i_OCSP_CRLID(OCSP_CRLID **a, const unsigned char **in, long len); -int i2d_OCSP_CRLID(OCSP_CRLID *a, unsigned char **out); -extern const ASN1_ITEM OCSP_CRLID_it; -OCSP_SERVICELOC *OCSP_SERVICELOC_new(void); -void OCSP_SERVICELOC_free(OCSP_SERVICELOC *a); -OCSP_SERVICELOC *d2i_OCSP_SERVICELOC(OCSP_SERVICELOC **a, const unsigned char **in, long len); -int i2d_OCSP_SERVICELOC(OCSP_SERVICELOC *a, unsigned char **out); -extern const ASN1_ITEM OCSP_SERVICELOC_it; - -const char *OCSP_response_status_str(long s); -const char *OCSP_cert_status_str(long s); -const char *OCSP_crl_reason_str(long s); - -int OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST* a, unsigned long flags); -int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* o, unsigned long flags); - -int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs, - X509_STORE *st, unsigned long flags); - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_OCSP_strings(void); - -/* Error codes for the OCSP functions. */ - -/* Function codes. */ -#define OCSP_F_ASN1_STRING_ENCODE 100 -#define OCSP_F_D2I_OCSP_NONCE 102 -#define OCSP_F_OCSP_BASIC_ADD1_STATUS 103 -#define OCSP_F_OCSP_BASIC_SIGN 104 -#define OCSP_F_OCSP_BASIC_VERIFY 105 -#define OCSP_F_OCSP_CERT_ID_NEW 101 -#define OCSP_F_OCSP_CHECK_DELEGATED 106 -#define OCSP_F_OCSP_CHECK_IDS 107 -#define OCSP_F_OCSP_CHECK_ISSUER 108 -#define OCSP_F_OCSP_CHECK_VALIDITY 115 -#define OCSP_F_OCSP_MATCH_ISSUERID 109 -#define OCSP_F_OCSP_PARSE_URL 114 -#define OCSP_F_OCSP_REQUEST_SIGN 110 -#define OCSP_F_OCSP_REQUEST_VERIFY 116 -#define OCSP_F_OCSP_RESPONSE_GET1_BASIC 111 -#define OCSP_F_OCSP_SENDREQ_BIO 112 -#define OCSP_F_OCSP_SENDREQ_NBIO 117 -#define OCSP_F_PARSE_HTTP_LINE1 118 -#define OCSP_F_REQUEST_VERIFY 113 - -/* Reason codes. */ -#define OCSP_R_BAD_DATA 100 -#define OCSP_R_CERTIFICATE_VERIFY_ERROR 101 -#define OCSP_R_DIGEST_ERR 102 -#define OCSP_R_ERROR_IN_NEXTUPDATE_FIELD 122 -#define OCSP_R_ERROR_IN_THISUPDATE_FIELD 123 -#define OCSP_R_ERROR_PARSING_URL 121 -#define OCSP_R_MISSING_OCSPSIGNING_USAGE 103 -#define OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE 124 -#define OCSP_R_NOT_BASIC_RESPONSE 104 -#define OCSP_R_NO_CERTIFICATES_IN_CHAIN 105 -#define OCSP_R_NO_CONTENT 106 -#define OCSP_R_NO_PUBLIC_KEY 107 -#define OCSP_R_NO_RESPONSE_DATA 108 -#define OCSP_R_NO_REVOKED_TIME 109 -#define OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 110 -#define OCSP_R_REQUEST_NOT_SIGNED 128 -#define OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA 111 -#define OCSP_R_ROOT_CA_NOT_TRUSTED 112 -#define OCSP_R_SERVER_READ_ERROR 113 -#define OCSP_R_SERVER_RESPONSE_ERROR 114 -#define OCSP_R_SERVER_RESPONSE_PARSE_ERROR 115 -#define OCSP_R_SERVER_WRITE_ERROR 116 -#define OCSP_R_SIGNATURE_FAILURE 117 -#define OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND 118 -#define OCSP_R_STATUS_EXPIRED 125 -#define OCSP_R_STATUS_NOT_YET_VALID 126 -#define OCSP_R_STATUS_TOO_OLD 127 -#define OCSP_R_UNKNOWN_MESSAGE_DIGEST 119 -#define OCSP_R_UNKNOWN_NID 120 -#define OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE 129 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/openssl/opensslconf.h b/libressl/include64/openssl/opensslconf.h deleted file mode 100644 index bb717689..00000000 --- a/libressl/include64/openssl/opensslconf.h +++ /dev/null @@ -1,153 +0,0 @@ -#include <openssl/opensslfeatures.h> -/* crypto/opensslconf.h.in */ - -#if defined(_MSC_VER) && !defined(__attribute__) -#define __attribute__(a) -#endif - -#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR) -#define OPENSSLDIR "/etc/ssl" -#endif - -#undef OPENSSL_UNISTD -#define OPENSSL_UNISTD <unistd.h> - -#undef OPENSSL_EXPORT_VAR_AS_FUNCTION - -#if defined(HEADER_IDEA_H) && !defined(IDEA_INT) -#define IDEA_INT unsigned int -#endif - -#if defined(HEADER_MD2_H) && !defined(MD2_INT) -#define MD2_INT unsigned int -#endif - -#if defined(HEADER_RC2_H) && !defined(RC2_INT) -/* I need to put in a mod for the alpha - eay */ -#define RC2_INT unsigned int -#endif - -#if defined(HEADER_RC4_H) -#if !defined(RC4_INT) -/* using int types make the structure larger but make the code faster - * on most boxes I have tested - up to %20 faster. */ -/* - * I don't know what does "most" mean, but declaring "int" is a must on: - * - Intel P6 because partial register stalls are very expensive; - * - elder Alpha because it lacks byte load/store instructions; - */ -#define RC4_INT unsigned int -#endif -#if !defined(RC4_CHUNK) -/* - * This enables code handling data aligned at natural CPU word - * boundary. See crypto/rc4/rc4_enc.c for further details. - */ -#define RC4_CHUNK unsigned long -#endif -#endif - -#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG) -/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a - * %20 speed up (longs are 8 bytes, int's are 4). */ -#ifndef DES_LONG -#define DES_LONG unsigned int -#endif -#endif - -#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) -#define CONFIG_HEADER_BN_H -#undef BN_LLONG - -/* Should we define BN_DIV2W here? */ - -/* Only one for the following should be defined */ -#define SIXTY_FOUR_BIT_LONG -#undef SIXTY_FOUR_BIT -#undef THIRTY_TWO_BIT -#endif - -#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H) -#define CONFIG_HEADER_RC4_LOCL_H -/* if this is defined data[i] is used instead of *data, this is a %20 - * speedup on x86 */ -#undef RC4_INDEX -#endif - -#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H) -#define CONFIG_HEADER_BF_LOCL_H -#undef BF_PTR -#endif /* HEADER_BF_LOCL_H */ - -#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H) -#define CONFIG_HEADER_DES_LOCL_H -#ifndef DES_DEFAULT_OPTIONS -/* the following is tweaked from a config script, that is why it is a - * protected undef/define */ -#ifndef DES_PTR -#undef DES_PTR -#endif - -/* This helps C compiler generate the correct code for multiple functional - * units. It reduces register dependancies at the expense of 2 more - * registers */ -#ifndef DES_RISC1 -#undef DES_RISC1 -#endif - -#ifndef DES_RISC2 -#undef DES_RISC2 -#endif - -#if defined(DES_RISC1) && defined(DES_RISC2) -YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! -#endif - -/* Unroll the inner loop, this sometimes helps, sometimes hinders. - * Very mucy CPU dependant */ -#ifndef DES_UNROLL -#define DES_UNROLL -#endif - -/* These default values were supplied by - * Peter Gutman <pgut001@cs.auckland.ac.nz> - * They are only used if nothing else has been defined */ -#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL) -/* Special defines which change the way the code is built depending on the - CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find - even newer MIPS CPU's, but at the moment one size fits all for - optimization options. Older Sparc's work better with only UNROLL, but - there's no way to tell at compile time what it is you're running on */ - -#if defined( sun ) /* Newer Sparc's */ -# define DES_PTR -# define DES_RISC1 -# define DES_UNROLL -#elif defined( __ultrix ) /* Older MIPS */ -# define DES_PTR -# define DES_RISC2 -# define DES_UNROLL -#elif defined( __osf1__ ) /* Alpha */ -# define DES_PTR -# define DES_RISC2 -#elif defined ( _AIX ) /* RS6000 */ - /* Unknown */ -#elif defined( __hpux ) /* HP-PA */ - /* Unknown */ -#elif defined( __aux ) /* 68K */ - /* Unknown */ -#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */ -# define DES_UNROLL -#elif defined( __sgi ) /* Newer MIPS */ -# define DES_PTR -# define DES_RISC2 -# define DES_UNROLL -#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */ -# define DES_PTR -# define DES_RISC1 -# define DES_UNROLL -#endif /* Systems-specific speed defines */ -#endif - -#endif /* DES_DEFAULT_OPTIONS */ -#endif /* HEADER_DES_LOCL_H */ diff --git a/libressl/include64/openssl/opensslfeatures.h b/libressl/include64/openssl/opensslfeatures.h deleted file mode 100644 index 688d478d..00000000 --- a/libressl/include64/openssl/opensslfeatures.h +++ /dev/null @@ -1,111 +0,0 @@ -/* - * Feature flags for LibreSSL... so you can actually tell when things - * are enabled, rather than not being able to tell when things are - * enabled (or possibly not yet not implemented, or removed!). - */ -/* #define LIBRESSL_HAS_TLS1_3 */ - -#define OPENSSL_THREADS - -#define OPENSSL_NO_BUF_FREELISTS -#define OPENSSL_NO_GMP -#define OPENSSL_NO_JPAKE -#define OPENSSL_NO_KRB5 -#define OPENSSL_NO_RSAX -#define OPENSSL_NO_SHA0 -#define OPENSSL_NO_SSL2 -#define OPENSSL_NO_STORE - -/* - * OPENSSL_NO_* flags that currently appear in OpenSSL. - */ - -/* #define OPENSSL_NO_AFALGENG */ -/* #define OPENSSL_NO_ALGORITHMS */ -/* #define OPENSSL_NO_ARIA */ -/* #define OPENSSL_NO_ASM */ -#define OPENSSL_NO_ASYNC -/* #define OPENSSL_NO_AUTOALGINIT */ -/* #define OPENSSL_NO_AUTOERRINIT */ -/* #define OPENSSL_NO_AUTOLOAD_CONFIG */ -/* #define OPENSSL_NO_BF */ -/* #define OPENSSL_NO_BLAKE2 */ -/* #define OPENSSL_NO_CAMELLIA */ -/* #define OPENSSL_NO_CAST */ -/* #define OPENSSL_NO_CHACHA */ -/* #define OPENSSL_NO_CMAC */ -#define OPENSSL_NO_CMS -#define OPENSSL_NO_COMP /* XXX */ -/* #define OPENSSL_NO_CRYPTO_MDEBUG */ -/* #define OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE */ -/* #define OPENSSL_NO_CT */ -/* #define OPENSSL_NO_DECC_INIT */ -/* #define OPENSSL_NO_DES */ -/* #define OPENSSL_NO_DGRAM */ -/* #define OPENSSL_NO_DH */ -/* #define OPENSSL_NO_DSA */ -/* #define OPENSSL_NO_DSO */ -/* #define OPENSSL_NO_DTLS */ -/* #define OPENSSL_NO_DTLS1 */ -/* #define OPENSSL_NO_DTLS1_2 */ -/* #define OPENSSL_NO_DTLS1_2_METHOD */ -/* #define OPENSSL_NO_DTLS1_METHOD */ -#define OPENSSL_NO_DYNAMIC_ENGINE -/* #define OPENSSL_NO_EC */ -/* #define OPENSSL_NO_EC2M */ -#define OPENSSL_NO_EC_NISTP_64_GCC_128 -#define OPENSSL_NO_EGD -/* #define OPENSSL_NO_ENGINE */ -/* #define OPENSSL_NO_ERR */ -/* #define OPENSSL_NO_FUZZ_LIBFUZZER */ -/* #define OPENSSL_NO_GOST */ -#define OPENSSL_NO_HEARTBEATS -/* #define OPENSSL_NO_HW */ -/* #define OPENSSL_NO_HW_PADLOCK */ -/* #define OPENSSL_NO_IDEA */ -#define OPENSSL_NO_MD2 -/* #define OPENSSL_NO_MD4 */ -/* #define OPENSSL_NO_MD5 */ -#define OPENSSL_NO_MDC2 -/* #define OPENSSL_NO_MULTIBLOCK */ -/* #define OPENSSL_NO_NEXTPROTONEG */ -/* #define OPENSSL_NO_OCB */ -/* #define OPENSSL_NO_OCSP */ -/* #define OPENSSL_NO_POLY1305 */ -/* #define OPENSSL_NO_POSIX_IO */ -#define OPENSSL_NO_PSK -/* #define OPENSSL_NO_RC2 */ -/* #define OPENSSL_NO_RC4 */ -#define OPENSSL_NO_RC5 -#define OPENSSL_NO_RFC3779 -/* #define OPENSSL_NO_RMD160 */ -/* #define OPENSSL_NO_RSA */ -/* #define OPENSSL_NO_SCRYPT */ -#define OPENSSL_NO_SCTP -#define OPENSSL_NO_SEED -/* #define OPENSSL_NO_SIPHASH */ -/* #define OPENSSL_NO_SM2 */ -/* #define OPENSSL_NO_SM3 */ -/* #define OPENSSL_NO_SM4 */ -/* #define OPENSSL_NO_SOCK */ -#define OPENSSL_NO_SRP -/* #define OPENSSL_NO_SRTP */ -#define OPENSSL_NO_SSL3 -#define OPENSSL_NO_SSL3_METHOD -/* #define OPENSSL_NO_SSL_TRACE */ -/* #define OPENSSL_NO_STDIO */ -/* #define OPENSSL_NO_TLS */ -/* #define OPENSSL_NO_TLS1 */ -/* #define OPENSSL_NO_TLS1_1 */ -/* #define OPENSSL_NO_TLS1_1_METHOD */ -/* #define OPENSSL_NO_TLS1_2 */ -/* #define OPENSSL_NO_TLS1_2_METHOD */ -#ifndef LIBRESSL_HAS_TLS1_3 -#define OPENSSL_NO_TLS1_3 -#endif -/* #define OPENSSL_NO_TLS1_METHOD */ -/* #define OPENSSL_NO_TS */ -/* #define OPENSSL_NO_UI_CONSOLE */ -/* #define OPENSSL_NO_UNIT_TEST */ -/* #define OPENSSL_NO_WEAK_SSL_CIPHERS */ -/* #define OPENSSL_NO_WHIRLPOOL */ diff --git a/libressl/include64/openssl/opensslv.h b/libressl/include64/openssl/opensslv.h deleted file mode 100644 index a32b0b25..00000000 --- a/libressl/include64/openssl/opensslv.h +++ /dev/null @@ -1,18 +0,0 @@ -/* $OpenBSD: opensslv.h,v 1.55 2019/10/10 14:29:20 bcook Exp $ */ -#ifndef HEADER_OPENSSLV_H -#define HEADER_OPENSSLV_H - -/* These will change with each release of LibreSSL-portable */ -#define LIBRESSL_VERSION_NUMBER 0x3000200fL -/* ^ Patch starts here */ -#define LIBRESSL_VERSION_TEXT "LibreSSL 3.0.2" - -/* These will never change */ -#define OPENSSL_VERSION_NUMBER 0x20000000L -#define OPENSSL_VERSION_TEXT LIBRESSL_VERSION_TEXT -#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT - -#define SHLIB_VERSION_HISTORY "" -#define SHLIB_VERSION_NUMBER "1.0.0" - -#endif /* HEADER_OPENSSLV_H */ diff --git a/libressl/include64/openssl/ossl_typ.h b/libressl/include64/openssl/ossl_typ.h deleted file mode 100644 index b1a9e0e3..00000000 --- a/libressl/include64/openssl/ossl_typ.h +++ /dev/null @@ -1,190 +0,0 @@ -/* $OpenBSD: ossl_typ.h,v 1.13 2015/09/30 04:10:07 doug Exp $ */ -/* ==================================================================== - * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_OPENSSL_TYPES_H -#define HEADER_OPENSSL_TYPES_H - -#include <openssl/opensslconf.h> - -typedef struct asn1_string_st ASN1_INTEGER; -typedef struct asn1_string_st ASN1_ENUMERATED; -typedef struct asn1_string_st ASN1_BIT_STRING; -typedef struct asn1_string_st ASN1_OCTET_STRING; -typedef struct asn1_string_st ASN1_PRINTABLESTRING; -typedef struct asn1_string_st ASN1_T61STRING; -typedef struct asn1_string_st ASN1_IA5STRING; -typedef struct asn1_string_st ASN1_GENERALSTRING; -typedef struct asn1_string_st ASN1_UNIVERSALSTRING; -typedef struct asn1_string_st ASN1_BMPSTRING; -typedef struct asn1_string_st ASN1_UTCTIME; -typedef struct asn1_string_st ASN1_TIME; -typedef struct asn1_string_st ASN1_GENERALIZEDTIME; -typedef struct asn1_string_st ASN1_VISIBLESTRING; -typedef struct asn1_string_st ASN1_UTF8STRING; -typedef struct asn1_string_st ASN1_STRING; -typedef int ASN1_BOOLEAN; -typedef int ASN1_NULL; - -typedef struct ASN1_ITEM_st ASN1_ITEM; -typedef struct asn1_pctx_st ASN1_PCTX; - -#if defined(_WIN32) && defined(__WINCRYPT_H__) -#ifndef LIBRESSL_INTERNAL -#ifdef _MSC_VER -#pragma message("Warning, overriding WinCrypt defines") -#else -#warning overriding WinCrypt defines -#endif -#endif -#undef X509_NAME -#undef X509_CERT_PAIR -#undef X509_EXTENSIONS -#undef OCSP_REQUEST -#undef OCSP_RESPONSE -#undef PKCS7_ISSUER_AND_SERIAL -#endif - -#ifdef BIGNUM -#undef BIGNUM -#endif -typedef struct bignum_st BIGNUM; -typedef struct bignum_ctx BN_CTX; -typedef struct bn_blinding_st BN_BLINDING; -typedef struct bn_mont_ctx_st BN_MONT_CTX; -typedef struct bn_recp_ctx_st BN_RECP_CTX; -typedef struct bn_gencb_st BN_GENCB; - -typedef struct buf_mem_st BUF_MEM; - -typedef struct evp_cipher_st EVP_CIPHER; -typedef struct evp_cipher_ctx_st EVP_CIPHER_CTX; -typedef struct env_md_st EVP_MD; -typedef struct env_md_ctx_st EVP_MD_CTX; -typedef struct evp_pkey_st EVP_PKEY; - -typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD; - -typedef struct evp_pkey_method_st EVP_PKEY_METHOD; -typedef struct evp_pkey_ctx_st EVP_PKEY_CTX; - -typedef struct dh_st DH; -typedef struct dh_method DH_METHOD; - -typedef struct dsa_st DSA; -typedef struct dsa_method DSA_METHOD; - -typedef struct rsa_st RSA; -typedef struct rsa_meth_st RSA_METHOD; - -typedef struct rand_meth_st RAND_METHOD; - -typedef struct ecdh_method ECDH_METHOD; -typedef struct ecdsa_method ECDSA_METHOD; - -typedef struct x509_st X509; -typedef struct X509_algor_st X509_ALGOR; -typedef struct X509_crl_st X509_CRL; -typedef struct x509_crl_method_st X509_CRL_METHOD; -typedef struct x509_revoked_st X509_REVOKED; -typedef struct X509_name_st X509_NAME; -typedef struct X509_pubkey_st X509_PUBKEY; -typedef struct x509_store_st X509_STORE; -typedef struct x509_store_ctx_st X509_STORE_CTX; - -typedef struct pkcs8_priv_key_info_st PKCS8_PRIV_KEY_INFO; - -typedef struct v3_ext_ctx X509V3_CTX; -typedef struct conf_st CONF; - -typedef struct store_st STORE; -typedef struct store_method_st STORE_METHOD; - -typedef struct ui_st UI; -typedef struct ui_method_st UI_METHOD; - -typedef struct st_ERR_FNS ERR_FNS; - -typedef struct engine_st ENGINE; -typedef struct ssl_st SSL; -typedef struct ssl_ctx_st SSL_CTX; - -typedef struct X509_POLICY_NODE_st X509_POLICY_NODE; -typedef struct X509_POLICY_LEVEL_st X509_POLICY_LEVEL; -typedef struct X509_POLICY_TREE_st X509_POLICY_TREE; -typedef struct X509_POLICY_CACHE_st X509_POLICY_CACHE; - -typedef struct AUTHORITY_KEYID_st AUTHORITY_KEYID; -typedef struct DIST_POINT_st DIST_POINT; -typedef struct ISSUING_DIST_POINT_st ISSUING_DIST_POINT; -typedef struct NAME_CONSTRAINTS_st NAME_CONSTRAINTS; - -/* If placed in pkcs12.h, we end up with a circular depency with pkcs7.h */ -#define DECLARE_PKCS12_STACK_OF(type) /* Nothing */ -#define IMPLEMENT_PKCS12_STACK_OF(type) /* Nothing */ - -typedef struct crypto_ex_data_st CRYPTO_EX_DATA; -/* Callback types for crypto.h */ -typedef int CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad, - int idx, long argl, void *argp); -typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad, - int idx, long argl, void *argp); -typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, - void *from_d, int idx, long argl, void *argp); - -typedef struct ocsp_req_ctx_st OCSP_REQ_CTX; -typedef struct ocsp_response_st OCSP_RESPONSE; -typedef struct ocsp_responder_id_st OCSP_RESPID; - -#endif /* def HEADER_OPENSSL_TYPES_H */ diff --git a/libressl/include64/openssl/pem.h b/libressl/include64/openssl/pem.h deleted file mode 100644 index adc85226..00000000 --- a/libressl/include64/openssl/pem.h +++ /dev/null @@ -1,618 +0,0 @@ -/* $OpenBSD: pem.h,v 1.19 2018/08/24 19:51:31 tb Exp $ */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_PEM_H -#define HEADER_PEM_H - -#include <openssl/opensslconf.h> - -#ifndef OPENSSL_NO_BIO -#include <openssl/bio.h> -#endif -#ifndef OPENSSL_NO_STACK -#include <openssl/stack.h> -#endif -#include <openssl/evp.h> -#include <openssl/x509.h> -#include <openssl/pem2.h> - -#ifdef __cplusplus -extern "C" { -#endif - -#define PEM_BUFSIZE 1024 - -#define PEM_OBJ_UNDEF 0 -#define PEM_OBJ_X509 1 -#define PEM_OBJ_X509_REQ 2 -#define PEM_OBJ_CRL 3 -#define PEM_OBJ_SSL_SESSION 4 -#define PEM_OBJ_PRIV_KEY 10 -#define PEM_OBJ_PRIV_RSA 11 -#define PEM_OBJ_PRIV_DSA 12 -#define PEM_OBJ_PRIV_DH 13 -#define PEM_OBJ_PUB_RSA 14 -#define PEM_OBJ_PUB_DSA 15 -#define PEM_OBJ_PUB_DH 16 -#define PEM_OBJ_DHPARAMS 17 -#define PEM_OBJ_DSAPARAMS 18 -#define PEM_OBJ_PRIV_RSA_PUBLIC 19 -#define PEM_OBJ_PRIV_ECDSA 20 -#define PEM_OBJ_PUB_ECDSA 21 -#define PEM_OBJ_ECPARAMETERS 22 - -#define PEM_ERROR 30 -#define PEM_DEK_DES_CBC 40 -#define PEM_DEK_IDEA_CBC 45 -#define PEM_DEK_DES_EDE 50 -#define PEM_DEK_DES_ECB 60 -#define PEM_DEK_RSA 70 -#define PEM_DEK_RSA_MD2 80 -#define PEM_DEK_RSA_MD5 90 - -#define PEM_MD_MD2 NID_md2 -#define PEM_MD_MD5 NID_md5 -#define PEM_MD_SHA NID_sha -#define PEM_MD_MD2_RSA NID_md2WithRSAEncryption -#define PEM_MD_MD5_RSA NID_md5WithRSAEncryption -#define PEM_MD_SHA_RSA NID_sha1WithRSAEncryption - -#define PEM_STRING_X509_OLD "X509 CERTIFICATE" -#define PEM_STRING_X509 "CERTIFICATE" -#define PEM_STRING_X509_PAIR "CERTIFICATE PAIR" -#define PEM_STRING_X509_TRUSTED "TRUSTED CERTIFICATE" -#define PEM_STRING_X509_REQ_OLD "NEW CERTIFICATE REQUEST" -#define PEM_STRING_X509_REQ "CERTIFICATE REQUEST" -#define PEM_STRING_X509_CRL "X509 CRL" -#define PEM_STRING_EVP_PKEY "ANY PRIVATE KEY" -#define PEM_STRING_PUBLIC "PUBLIC KEY" -#define PEM_STRING_RSA "RSA PRIVATE KEY" -#define PEM_STRING_RSA_PUBLIC "RSA PUBLIC KEY" -#define PEM_STRING_DSA "DSA PRIVATE KEY" -#define PEM_STRING_DSA_PUBLIC "DSA PUBLIC KEY" -#define PEM_STRING_PKCS7 "PKCS7" -#define PEM_STRING_PKCS7_SIGNED "PKCS #7 SIGNED DATA" -#define PEM_STRING_PKCS8 "ENCRYPTED PRIVATE KEY" -#define PEM_STRING_PKCS8INF "PRIVATE KEY" -#define PEM_STRING_DHPARAMS "DH PARAMETERS" -#define PEM_STRING_SSL_SESSION "SSL SESSION PARAMETERS" -#define PEM_STRING_DSAPARAMS "DSA PARAMETERS" -#define PEM_STRING_ECDSA_PUBLIC "ECDSA PUBLIC KEY" -#define PEM_STRING_ECPARAMETERS "EC PARAMETERS" -#define PEM_STRING_ECPRIVATEKEY "EC PRIVATE KEY" -#define PEM_STRING_PARAMETERS "PARAMETERS" -#define PEM_STRING_CMS "CMS" - - /* Note that this structure is initialised by PEM_SealInit and cleaned up - by PEM_SealFinal (at least for now) */ -typedef struct PEM_Encode_Seal_st { - EVP_ENCODE_CTX encode; - EVP_MD_CTX md; - EVP_CIPHER_CTX cipher; -} PEM_ENCODE_SEAL_CTX; - -/* enc_type is one off */ -#define PEM_TYPE_ENCRYPTED 10 -#define PEM_TYPE_MIC_ONLY 20 -#define PEM_TYPE_MIC_CLEAR 30 -#define PEM_TYPE_CLEAR 40 - -typedef struct pem_recip_st { - char *name; - X509_NAME *dn; - - int cipher; - int key_enc; - /* char iv[8]; unused and wrong size */ -} PEM_USER; - -typedef struct pem_ctx_st { - int type; /* what type of object */ - - struct { - int version; - int mode; - } proc_type; - - char *domain; - - struct { - int cipher; - /* unused, and wrong size - unsigned char iv[8]; */ - } DEK_info; - - PEM_USER *originator; - - int num_recipient; - PEM_USER **recipient; - - /* XXX(ben): don#t think this is used! - STACK *x509_chain; / * certificate chain */ - EVP_MD *md; /* signature type */ - - int md_enc; /* is the md encrypted or not? */ - int md_len; /* length of md_data */ - char *md_data; /* message digest, could be pkey encrypted */ - - EVP_CIPHER *dec; /* date encryption cipher */ - int key_len; /* key length */ - unsigned char *key; /* key */ - /* unused, and wrong size - unsigned char iv[8]; */ - - int data_enc; /* is the data encrypted */ - int data_len; - unsigned char *data; -} PEM_CTX; - -#ifndef LIBRESSL_INTERNAL -/* These macros make the PEM_read/PEM_write functions easier to maintain and - * write. Now they are all implemented with either: - * IMPLEMENT_PEM_rw(...) or IMPLEMENT_PEM_rw_cb(...) - */ - -#define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \ -type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u)\ -{ \ -return PEM_ASN1_read((d2i_of_void *)d2i_##asn1, str,fp,(void **)x,cb,u); \ -} - -#define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \ -int PEM_write_##name(FILE *fp, type *x) \ -{ \ -return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,NULL,NULL,0,NULL,NULL); \ -} - -#define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) \ -int PEM_write_##name(FILE *fp, const type *x) \ -{ \ -return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,(void *)x,NULL,NULL,0,NULL,NULL); \ -} - -#define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \ -int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \ - unsigned char *kstr, int klen, pem_password_cb *cb, \ - void *u) \ - { \ - return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \ - } - -#define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) \ -int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \ - unsigned char *kstr, int klen, pem_password_cb *cb, \ - void *u) \ - { \ - return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \ - } - - -#define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \ -type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u)\ -{ \ -return PEM_ASN1_read_bio((d2i_of_void *)d2i_##asn1, str,bp,(void **)x,cb,u); \ -} - -#define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \ -int PEM_write_bio_##name(BIO *bp, type *x) \ -{ \ -return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,NULL,NULL,0,NULL,NULL); \ -} - -#define IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \ -int PEM_write_bio_##name(BIO *bp, const type *x) \ -{ \ -return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,NULL,NULL,0,NULL,NULL); \ -} - -#define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \ -int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ - unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \ - { \ - return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,enc,kstr,klen,cb,u); \ - } - -#define IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \ -int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ - unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \ - { \ - return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,enc,kstr,klen,cb,u); \ - } - -#define IMPLEMENT_PEM_write(name, type, str, asn1) \ - IMPLEMENT_PEM_write_bio(name, type, str, asn1) \ - IMPLEMENT_PEM_write_fp(name, type, str, asn1) - -#define IMPLEMENT_PEM_write_const(name, type, str, asn1) \ - IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \ - IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) - -#define IMPLEMENT_PEM_write_cb(name, type, str, asn1) \ - IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \ - IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) - -#define IMPLEMENT_PEM_write_cb_const(name, type, str, asn1) \ - IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \ - IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) - -#define IMPLEMENT_PEM_read(name, type, str, asn1) \ - IMPLEMENT_PEM_read_bio(name, type, str, asn1) \ - IMPLEMENT_PEM_read_fp(name, type, str, asn1) - -#define IMPLEMENT_PEM_rw(name, type, str, asn1) \ - IMPLEMENT_PEM_read(name, type, str, asn1) \ - IMPLEMENT_PEM_write(name, type, str, asn1) - -#define IMPLEMENT_PEM_rw_const(name, type, str, asn1) \ - IMPLEMENT_PEM_read(name, type, str, asn1) \ - IMPLEMENT_PEM_write_const(name, type, str, asn1) - -#define IMPLEMENT_PEM_rw_cb(name, type, str, asn1) \ - IMPLEMENT_PEM_read(name, type, str, asn1) \ - IMPLEMENT_PEM_write_cb(name, type, str, asn1) - -#endif - -/* These are the same except they are for the declarations */ - - -#define DECLARE_PEM_read_fp(name, type) \ - type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u); - -#define DECLARE_PEM_write_fp(name, type) \ - int PEM_write_##name(FILE *fp, type *x); - -#define DECLARE_PEM_write_fp_const(name, type) \ - int PEM_write_##name(FILE *fp, const type *x); - -#define DECLARE_PEM_write_cb_fp(name, type) \ - int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \ - unsigned char *kstr, int klen, pem_password_cb *cb, void *u); - - -#ifndef OPENSSL_NO_BIO -#define DECLARE_PEM_read_bio(name, type) \ - type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u); - -#define DECLARE_PEM_write_bio(name, type) \ - int PEM_write_bio_##name(BIO *bp, type *x); - -#define DECLARE_PEM_write_bio_const(name, type) \ - int PEM_write_bio_##name(BIO *bp, const type *x); - -#define DECLARE_PEM_write_cb_bio(name, type) \ - int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ - unsigned char *kstr, int klen, pem_password_cb *cb, void *u); - -#else - -#define DECLARE_PEM_read_bio(name, type) /**/ -#define DECLARE_PEM_write_bio(name, type) /**/ -#define DECLARE_PEM_write_bio_const(name, type) /**/ -#define DECLARE_PEM_write_cb_bio(name, type) /**/ - -#endif - -#define DECLARE_PEM_write(name, type) \ - DECLARE_PEM_write_bio(name, type) \ - DECLARE_PEM_write_fp(name, type) - -#define DECLARE_PEM_write_const(name, type) \ - DECLARE_PEM_write_bio_const(name, type) \ - DECLARE_PEM_write_fp_const(name, type) - -#define DECLARE_PEM_write_cb(name, type) \ - DECLARE_PEM_write_cb_bio(name, type) \ - DECLARE_PEM_write_cb_fp(name, type) - -#define DECLARE_PEM_read(name, type) \ - DECLARE_PEM_read_bio(name, type) \ - DECLARE_PEM_read_fp(name, type) - -#define DECLARE_PEM_rw(name, type) \ - DECLARE_PEM_read(name, type) \ - DECLARE_PEM_write(name, type) - -#define DECLARE_PEM_rw_const(name, type) \ - DECLARE_PEM_read(name, type) \ - DECLARE_PEM_write_const(name, type) - -#define DECLARE_PEM_rw_cb(name, type) \ - DECLARE_PEM_read(name, type) \ - DECLARE_PEM_write_cb(name, type) - -typedef int pem_password_cb(char *buf, int size, int rwflag, void *userdata); - -int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher); -int PEM_do_header (EVP_CIPHER_INFO *cipher, unsigned char *data, long *len, - pem_password_cb *callback, void *u); - -#ifndef OPENSSL_NO_BIO -int PEM_read_bio(BIO *bp, char **name, char **header, - unsigned char **data, long *len); -int PEM_write_bio(BIO *bp, const char *name, const char *hdr, - const unsigned char *data, long len); -int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm, - const char *name, BIO *bp, pem_password_cb *cb, void *u); -void * PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp, - void **x, pem_password_cb *cb, void *u); -int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x, - const EVP_CIPHER *enc, unsigned char *kstr, int klen, - pem_password_cb *cb, void *u); - -STACK_OF(X509_INFO) * PEM_X509_INFO_read_bio(BIO *bp, - STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u); -int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc, - unsigned char *kstr, int klen, pem_password_cb *cd, void *u); -#endif - -int PEM_read(FILE *fp, char **name, char **header, - unsigned char **data, long *len); -int PEM_write(FILE *fp, const char *name, const char *hdr, - const unsigned char *data, long len); -void * PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x, - pem_password_cb *cb, void *u); -int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp, - void *x, const EVP_CIPHER *enc, unsigned char *kstr, - int klen, pem_password_cb *callback, void *u); -STACK_OF(X509_INFO) * PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, - pem_password_cb *cb, void *u); - -int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, - EVP_MD *md_type, unsigned char **ek, int *ekl, - unsigned char *iv, EVP_PKEY **pubk, int npubk); -void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl, - unsigned char *in, int inl); -int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl, - unsigned char *out, int *outl, EVP_PKEY *priv); - -int PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type); -int PEM_SignUpdate(EVP_MD_CTX *ctx, unsigned char *d, unsigned int cnt); -int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, - unsigned int *siglen, EVP_PKEY *pkey); - -int PEM_def_callback(char *buf, int num, int w, void *key); -void PEM_proc_type(char *buf, int type); -void PEM_dek_info(char *buf, const char *type, int len, char *str); - - -DECLARE_PEM_rw(X509, X509) - -DECLARE_PEM_rw(X509_AUX, X509) - -DECLARE_PEM_rw(X509_CERT_PAIR, X509_CERT_PAIR) - -DECLARE_PEM_rw(X509_REQ, X509_REQ) -DECLARE_PEM_write(X509_REQ_NEW, X509_REQ) - -DECLARE_PEM_rw(X509_CRL, X509_CRL) - -DECLARE_PEM_rw(PKCS7, PKCS7) - -DECLARE_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE) - -DECLARE_PEM_rw(PKCS8, X509_SIG) - -DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO) - -#ifndef OPENSSL_NO_RSA - -DECLARE_PEM_rw_cb(RSAPrivateKey, RSA) - -DECLARE_PEM_rw_const(RSAPublicKey, RSA) -DECLARE_PEM_rw(RSA_PUBKEY, RSA) - -#endif - -#ifndef OPENSSL_NO_DSA - -DECLARE_PEM_rw_cb(DSAPrivateKey, DSA) - -DECLARE_PEM_rw(DSA_PUBKEY, DSA) - -DECLARE_PEM_rw_const(DSAparams, DSA) - -#endif - -#ifndef OPENSSL_NO_EC -DECLARE_PEM_rw_const(ECPKParameters, EC_GROUP) -DECLARE_PEM_rw_cb(ECPrivateKey, EC_KEY) -DECLARE_PEM_rw(EC_PUBKEY, EC_KEY) -#endif - -#ifndef OPENSSL_NO_DH - -DECLARE_PEM_rw_const(DHparams, DH) - -#endif - -DECLARE_PEM_rw_cb(PrivateKey, EVP_PKEY) - -DECLARE_PEM_rw(PUBKEY, EVP_PKEY) - -int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid, - char *kstr, int klen, - pem_password_cb *cb, void *u); -int PEM_write_bio_PKCS8PrivateKey(BIO *, EVP_PKEY *, const EVP_CIPHER *, - char *, int, pem_password_cb *, void *); -int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc, - char *kstr, int klen, - pem_password_cb *cb, void *u); -int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid, - char *kstr, int klen, - pem_password_cb *cb, void *u); -EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, - void *u); - -int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc, - char *kstr, int klen, - pem_password_cb *cb, void *u); -int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid, - char *kstr, int klen, - pem_password_cb *cb, void *u); -int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid, - char *kstr, int klen, - pem_password_cb *cb, void *u); - -EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, - void *u); - -int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc, - char *kstr, int klen, pem_password_cb *cd, void *u); - -EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x); -int PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x); - - -EVP_PKEY *b2i_PrivateKey(const unsigned char **in, long length); -EVP_PKEY *b2i_PublicKey(const unsigned char **in, long length); -EVP_PKEY *b2i_PrivateKey_bio(BIO *in); -EVP_PKEY *b2i_PublicKey_bio(BIO *in); -int i2b_PrivateKey_bio(BIO *out, EVP_PKEY *pk); -int i2b_PublicKey_bio(BIO *out, EVP_PKEY *pk); -#ifndef OPENSSL_NO_RC4 -EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u); -int i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel, pem_password_cb *cb, - void *u); -#endif - - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_PEM_strings(void); - -/* Error codes for the PEM functions. */ - -/* Function codes. */ -#define PEM_F_B2I_DSS 127 -#define PEM_F_B2I_PVK_BIO 128 -#define PEM_F_B2I_RSA 129 -#define PEM_F_CHECK_BITLEN_DSA 130 -#define PEM_F_CHECK_BITLEN_RSA 131 -#define PEM_F_D2I_PKCS8PRIVATEKEY_BIO 120 -#define PEM_F_D2I_PKCS8PRIVATEKEY_FP 121 -#define PEM_F_DO_B2I 132 -#define PEM_F_DO_B2I_BIO 133 -#define PEM_F_DO_BLOB_HEADER 134 -#define PEM_F_DO_PK8PKEY 126 -#define PEM_F_DO_PK8PKEY_FP 125 -#define PEM_F_DO_PVK_BODY 135 -#define PEM_F_DO_PVK_HEADER 136 -#define PEM_F_I2B_PVK 137 -#define PEM_F_I2B_PVK_BIO 138 -#define PEM_F_LOAD_IV 101 -#define PEM_F_PEM_ASN1_READ 102 -#define PEM_F_PEM_ASN1_READ_BIO 103 -#define PEM_F_PEM_ASN1_WRITE 104 -#define PEM_F_PEM_ASN1_WRITE_BIO 105 -#define PEM_F_PEM_DEF_CALLBACK 100 -#define PEM_F_PEM_DO_HEADER 106 -#define PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY 118 -#define PEM_F_PEM_GET_EVP_CIPHER_INFO 107 -#define PEM_F_PEM_PK8PKEY 119 -#define PEM_F_PEM_READ 108 -#define PEM_F_PEM_READ_BIO 109 -#define PEM_F_PEM_READ_BIO_PARAMETERS 140 -#define PEM_F_PEM_READ_BIO_PRIVATEKEY 123 -#define PEM_F_PEM_READ_PRIVATEKEY 124 -#define PEM_F_PEM_SEALFINAL 110 -#define PEM_F_PEM_SEALINIT 111 -#define PEM_F_PEM_SIGNFINAL 112 -#define PEM_F_PEM_WRITE 113 -#define PEM_F_PEM_WRITE_BIO 114 -#define PEM_F_PEM_WRITE_PRIVATEKEY 139 -#define PEM_F_PEM_X509_INFO_READ 115 -#define PEM_F_PEM_X509_INFO_READ_BIO 116 -#define PEM_F_PEM_X509_INFO_WRITE_BIO 117 - -/* Reason codes. */ -#define PEM_R_BAD_BASE64_DECODE 100 -#define PEM_R_BAD_DECRYPT 101 -#define PEM_R_BAD_END_LINE 102 -#define PEM_R_BAD_IV_CHARS 103 -#define PEM_R_BAD_MAGIC_NUMBER 116 -#define PEM_R_BAD_PASSWORD_READ 104 -#define PEM_R_BAD_VERSION_NUMBER 117 -#define PEM_R_BIO_WRITE_FAILURE 118 -#define PEM_R_CIPHER_IS_NULL 127 -#define PEM_R_ERROR_CONVERTING_PRIVATE_KEY 115 -#define PEM_R_EXPECTING_PRIVATE_KEY_BLOB 119 -#define PEM_R_EXPECTING_PUBLIC_KEY_BLOB 120 -#define PEM_R_INCONSISTENT_HEADER 121 -#define PEM_R_KEYBLOB_HEADER_PARSE_ERROR 122 -#define PEM_R_KEYBLOB_TOO_SHORT 123 -#define PEM_R_NOT_DEK_INFO 105 -#define PEM_R_NOT_ENCRYPTED 106 -#define PEM_R_NOT_PROC_TYPE 107 -#define PEM_R_NO_START_LINE 108 -#define PEM_R_PROBLEMS_GETTING_PASSWORD 109 -#define PEM_R_PUBLIC_KEY_NO_RSA 110 -#define PEM_R_PVK_DATA_TOO_SHORT 124 -#define PEM_R_PVK_TOO_SHORT 125 -#define PEM_R_READ_KEY 111 -#define PEM_R_SHORT_HEADER 112 -#define PEM_R_UNSUPPORTED_CIPHER 113 -#define PEM_R_UNSUPPORTED_ENCRYPTION 114 -#define PEM_R_UNSUPPORTED_KEY_COMPONENTS 126 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/openssl/pem2.h b/libressl/include64/openssl/pem2.h deleted file mode 100644 index 19525b4a..00000000 --- a/libressl/include64/openssl/pem2.h +++ /dev/null @@ -1,71 +0,0 @@ -/* $OpenBSD: pem2.h,v 1.5 2014/06/12 15:49:30 deraadt Exp $ */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* - * This header only exists to break a circular dependency between pem and err - * Ben 30 Jan 1999. - */ - -#ifdef __cplusplus -extern "C" { -#endif - -#ifndef HEADER_PEM_H -void ERR_load_PEM_strings(void); -#endif - -#ifdef __cplusplus -} -#endif diff --git a/libressl/include64/openssl/pkcs12.h b/libressl/include64/openssl/pkcs12.h deleted file mode 100644 index 56635f9d..00000000 --- a/libressl/include64/openssl/pkcs12.h +++ /dev/null @@ -1,352 +0,0 @@ -/* $OpenBSD: pkcs12.h,v 1.24 2018/05/30 15:32:11 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_PKCS12_H -#define HEADER_PKCS12_H - -#include <openssl/bio.h> -#include <openssl/x509.h> - -#ifdef __cplusplus -extern "C" { -#endif - -#define PKCS12_KEY_ID 1 -#define PKCS12_IV_ID 2 -#define PKCS12_MAC_ID 3 - -/* Default iteration count */ -#ifndef PKCS12_DEFAULT_ITER -#define PKCS12_DEFAULT_ITER PKCS5_DEFAULT_ITER -#endif - -#define PKCS12_MAC_KEY_LENGTH 20 - -#define PKCS12_SALT_LEN 8 - -/* Uncomment out next line for unicode password and names, otherwise ASCII */ - -/*#define PBE_UNICODE*/ - -#ifdef PBE_UNICODE -#define PKCS12_key_gen PKCS12_key_gen_uni -#define PKCS12_add_friendlyname PKCS12_add_friendlyname_uni -#else -#define PKCS12_key_gen PKCS12_key_gen_asc -#define PKCS12_add_friendlyname PKCS12_add_friendlyname_asc -#endif - -/* MS key usage constants */ - -#define KEY_EX 0x10 -#define KEY_SIG 0x80 - -typedef struct { - X509_SIG *dinfo; - ASN1_OCTET_STRING *salt; - ASN1_INTEGER *iter; /* defaults to 1 */ -} PKCS12_MAC_DATA; - -typedef struct { - ASN1_INTEGER *version; - PKCS12_MAC_DATA *mac; - PKCS7 *authsafes; -} PKCS12; - -typedef struct { - ASN1_OBJECT *type; - union { - struct pkcs12_bag_st *bag; /* secret, crl and certbag */ - struct pkcs8_priv_key_info_st *keybag; /* keybag */ - X509_SIG *shkeybag; /* shrouded key bag */ - STACK_OF(PKCS12_SAFEBAG) *safes; - ASN1_TYPE *other; - } value; - STACK_OF(X509_ATTRIBUTE) *attrib; -} PKCS12_SAFEBAG; - -DECLARE_STACK_OF(PKCS12_SAFEBAG) -DECLARE_PKCS12_STACK_OF(PKCS12_SAFEBAG) - -typedef struct pkcs12_bag_st { - ASN1_OBJECT *type; - union { - ASN1_OCTET_STRING *x509cert; - ASN1_OCTET_STRING *x509crl; - ASN1_OCTET_STRING *octet; - ASN1_IA5STRING *sdsicert; - ASN1_TYPE *other; /* Secret or other bag */ - } value; -} PKCS12_BAGS; - -#define PKCS12_ERROR 0 -#define PKCS12_OK 1 - -#ifndef LIBRESSL_INTERNAL - -/* Compatibility macros */ - -#define M_PKCS12_x5092certbag PKCS12_x5092certbag -#define M_PKCS12_x509crl2certbag PKCS12_x509crl2certbag - -#define M_PKCS12_certbag2x509 PKCS12_certbag2x509 -#define M_PKCS12_certbag2x509crl PKCS12_certbag2x509crl - -#define M_PKCS12_unpack_p7data PKCS12_unpack_p7data -#define M_PKCS12_pack_authsafes PKCS12_pack_authsafes -#define M_PKCS12_unpack_authsafes PKCS12_unpack_authsafes -#define M_PKCS12_unpack_p7encdata PKCS12_unpack_p7encdata - -#define M_PKCS12_decrypt_skey PKCS12_decrypt_skey -#define M_PKCS8_decrypt PKCS8_decrypt - -#define M_PKCS12_bag_type(bg) OBJ_obj2nid((bg)->type) -#define M_PKCS12_cert_bag_type(bg) OBJ_obj2nid((bg)->value.bag->type) -#define M_PKCS12_crl_bag_type M_PKCS12_cert_bag_type - -#endif /* !LIBRESSL_INTERNAL */ - -#define PKCS12_get_attr(bag, attr_nid) \ - PKCS12_get_attr_gen(bag->attrib, attr_nid) - -#define PKCS8_get_attr(p8, attr_nid) \ - PKCS12_get_attr_gen(p8->attributes, attr_nid) - -#define PKCS12_mac_present(p12) ((p12)->mac ? 1 : 0) - - -PKCS12_SAFEBAG *PKCS12_x5092certbag(X509 *x509); -PKCS12_SAFEBAG *PKCS12_x509crl2certbag(X509_CRL *crl); -X509 *PKCS12_certbag2x509(PKCS12_SAFEBAG *bag); -X509_CRL *PKCS12_certbag2x509crl(PKCS12_SAFEBAG *bag); - -PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it, - int nid1, int nid2); -PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8); -PKCS8_PRIV_KEY_INFO *PKCS8_decrypt(const X509_SIG *p8, const char *pass, - int passlen); -PKCS8_PRIV_KEY_INFO *PKCS12_decrypt_skey(const PKCS12_SAFEBAG *bag, - const char *pass, int passlen); -X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher, - const char *pass, int passlen, unsigned char *salt, int saltlen, int iter, - PKCS8_PRIV_KEY_INFO *p8); -PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char *pass, - int passlen, unsigned char *salt, int saltlen, int iter, - PKCS8_PRIV_KEY_INFO *p8); -PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk); -STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7); -PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen, - unsigned char *salt, int saltlen, int iter, STACK_OF(PKCS12_SAFEBAG) *bags); -STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7encdata(PKCS7 *p7, const char *pass, - int passlen); - -int PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes); -STACK_OF(PKCS7) *PKCS12_unpack_authsafes(const PKCS12 *p12); - -int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name, - int namelen); -int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name, - int namelen); -int PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name, - int namelen); -int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag, const unsigned char *name, - int namelen); -int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage); -ASN1_TYPE *PKCS12_get_attr_gen(const STACK_OF(X509_ATTRIBUTE) *attrs, - int attr_nid); -char *PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag); -unsigned char *PKCS12_pbe_crypt(const X509_ALGOR *algor, const char *pass, - int passlen, const unsigned char *in, int inlen, unsigned char **data, - int *datalen, int en_de); -void *PKCS12_item_decrypt_d2i(const X509_ALGOR *algor, const ASN1_ITEM *it, - const char *pass, int passlen, const ASN1_OCTET_STRING *oct, int zbuf); -ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor, - const ASN1_ITEM *it, const char *pass, int passlen, void *obj, int zbuf); -PKCS12 *PKCS12_init(int mode); -int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt, - int saltlen, int id, int iter, int n, unsigned char *out, - const EVP_MD *md_type); -int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, - int saltlen, int id, int iter, int n, unsigned char *out, - const EVP_MD *md_type); -int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, - ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md_type, - int en_de); -int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen, - unsigned char *mac, unsigned int *maclen); -int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen); -int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen, - unsigned char *salt, int saltlen, int iter, - const EVP_MD *md_type); -int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, - int saltlen, const EVP_MD *md_type); -unsigned char *OPENSSL_asc2uni(const char *asc, int asclen, - unsigned char **uni, int *unilen); -char *OPENSSL_uni2asc(const unsigned char *uni, int unilen); - -PKCS12 *PKCS12_new(void); -void PKCS12_free(PKCS12 *a); -PKCS12 *d2i_PKCS12(PKCS12 **a, const unsigned char **in, long len); -int i2d_PKCS12(PKCS12 *a, unsigned char **out); -extern const ASN1_ITEM PKCS12_it; -PKCS12_MAC_DATA *PKCS12_MAC_DATA_new(void); -void PKCS12_MAC_DATA_free(PKCS12_MAC_DATA *a); -PKCS12_MAC_DATA *d2i_PKCS12_MAC_DATA(PKCS12_MAC_DATA **a, const unsigned char **in, long len); -int i2d_PKCS12_MAC_DATA(PKCS12_MAC_DATA *a, unsigned char **out); -extern const ASN1_ITEM PKCS12_MAC_DATA_it; -PKCS12_SAFEBAG *PKCS12_SAFEBAG_new(void); -void PKCS12_SAFEBAG_free(PKCS12_SAFEBAG *a); -PKCS12_SAFEBAG *d2i_PKCS12_SAFEBAG(PKCS12_SAFEBAG **a, const unsigned char **in, long len); -int i2d_PKCS12_SAFEBAG(PKCS12_SAFEBAG *a, unsigned char **out); -extern const ASN1_ITEM PKCS12_SAFEBAG_it; -PKCS12_BAGS *PKCS12_BAGS_new(void); -void PKCS12_BAGS_free(PKCS12_BAGS *a); -PKCS12_BAGS *d2i_PKCS12_BAGS(PKCS12_BAGS **a, const unsigned char **in, long len); -int i2d_PKCS12_BAGS(PKCS12_BAGS *a, unsigned char **out); -extern const ASN1_ITEM PKCS12_BAGS_it; - -extern const ASN1_ITEM PKCS12_SAFEBAGS_it; -extern const ASN1_ITEM PKCS12_AUTHSAFES_it; - -void PKCS12_PBE_add(void); -int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, - STACK_OF(X509) **ca); -PKCS12 *PKCS12_create(const char *pass, const char *name, EVP_PKEY *pkey, - X509 *cert, STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter, - int mac_iter, int keytype); - -PKCS12_SAFEBAG *PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert); -PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags, EVP_PKEY *key, - int key_usage, int iter, int key_nid, const char *pass); -int PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags, - int safe_nid, int iter, const char *pass); -PKCS12 *PKCS12_add_safes(STACK_OF(PKCS7) *safes, int p7_nid); - -int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12); -int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12); -PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12); -PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12); -int PKCS12_newpass(PKCS12 *p12, const char *oldpass, const char *newpass); - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_PKCS12_strings(void); - -/* Error codes for the PKCS12 functions. */ - -/* Function codes. */ -#define PKCS12_F_PARSE_BAG 129 -#define PKCS12_F_PARSE_BAGS 103 -#define PKCS12_F_PKCS12_ADD_FRIENDLYNAME 100 -#define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC 127 -#define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI 102 -#define PKCS12_F_PKCS12_ADD_LOCALKEYID 104 -#define PKCS12_F_PKCS12_CREATE 105 -#define PKCS12_F_PKCS12_GEN_MAC 107 -#define PKCS12_F_PKCS12_INIT 109 -#define PKCS12_F_PKCS12_ITEM_DECRYPT_D2I 106 -#define PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT 108 -#define PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG 117 -#define PKCS12_F_PKCS12_KEY_GEN_ASC 110 -#define PKCS12_F_PKCS12_KEY_GEN_UNI 111 -#define PKCS12_F_PKCS12_MAKE_KEYBAG 112 -#define PKCS12_F_PKCS12_MAKE_SHKEYBAG 113 -#define PKCS12_F_PKCS12_NEWPASS 128 -#define PKCS12_F_PKCS12_PACK_P7DATA 114 -#define PKCS12_F_PKCS12_PACK_P7ENCDATA 115 -#define PKCS12_F_PKCS12_PARSE 118 -#define PKCS12_F_PKCS12_PBE_CRYPT 119 -#define PKCS12_F_PKCS12_PBE_KEYIVGEN 120 -#define PKCS12_F_PKCS12_SETUP_MAC 122 -#define PKCS12_F_PKCS12_SET_MAC 123 -#define PKCS12_F_PKCS12_UNPACK_AUTHSAFES 130 -#define PKCS12_F_PKCS12_UNPACK_P7DATA 131 -#define PKCS12_F_PKCS12_VERIFY_MAC 126 -#define PKCS12_F_PKCS8_ADD_KEYUSAGE 124 -#define PKCS12_F_PKCS8_ENCRYPT 125 - -/* Reason codes. */ -#define PKCS12_R_CANT_PACK_STRUCTURE 100 -#define PKCS12_R_CONTENT_TYPE_NOT_DATA 121 -#define PKCS12_R_DECODE_ERROR 101 -#define PKCS12_R_ENCODE_ERROR 102 -#define PKCS12_R_ENCRYPT_ERROR 103 -#define PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE 120 -#define PKCS12_R_INVALID_NULL_ARGUMENT 104 -#define PKCS12_R_INVALID_NULL_PKCS12_POINTER 105 -#define PKCS12_R_IV_GEN_ERROR 106 -#define PKCS12_R_KEY_GEN_ERROR 107 -#define PKCS12_R_MAC_ABSENT 108 -#define PKCS12_R_MAC_GENERATION_ERROR 109 -#define PKCS12_R_MAC_SETUP_ERROR 110 -#define PKCS12_R_MAC_STRING_SET_ERROR 111 -#define PKCS12_R_MAC_VERIFY_ERROR 112 -#define PKCS12_R_MAC_VERIFY_FAILURE 113 -#define PKCS12_R_PARSE_ERROR 114 -#define PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR 115 -#define PKCS12_R_PKCS12_CIPHERFINAL_ERROR 116 -#define PKCS12_R_PKCS12_PBE_CRYPT_ERROR 117 -#define PKCS12_R_UNKNOWN_DIGEST_ALGORITHM 118 -#define PKCS12_R_UNSUPPORTED_PKCS12_MODE 119 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/openssl/pkcs7.h b/libressl/include64/openssl/pkcs7.h deleted file mode 100644 index cff7c966..00000000 --- a/libressl/include64/openssl/pkcs7.h +++ /dev/null @@ -1,529 +0,0 @@ -/* $OpenBSD: pkcs7.h,v 1.18 2016/12/27 16:12:47 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_PKCS7_H -#define HEADER_PKCS7_H - -#include <openssl/opensslconf.h> - -#include <openssl/asn1.h> -#include <openssl/bio.h> -#include <openssl/ossl_typ.h> - -#ifdef __cplusplus -extern "C" { -#endif - -#if defined(_WIN32) && defined(__WINCRYPT_H__) -#ifndef LIBRESSL_INTERNAL -#ifdef _MSC_VER -#pragma message("Warning, overriding WinCrypt defines") -#else -#warning overriding WinCrypt defines -#endif -#endif -#undef PKCS7_ISSUER_AND_SERIAL -#undef PKCS7_SIGNER_INFO -#endif - -/* -Encryption_ID DES-CBC -Digest_ID MD5 -Digest_Encryption_ID rsaEncryption -Key_Encryption_ID rsaEncryption -*/ - -typedef struct pkcs7_issuer_and_serial_st { - X509_NAME *issuer; - ASN1_INTEGER *serial; -} PKCS7_ISSUER_AND_SERIAL; - -typedef struct pkcs7_signer_info_st { - ASN1_INTEGER *version; /* version 1 */ - PKCS7_ISSUER_AND_SERIAL *issuer_and_serial; - X509_ALGOR *digest_alg; - STACK_OF(X509_ATTRIBUTE) *auth_attr; /* [ 0 ] */ - X509_ALGOR *digest_enc_alg; - ASN1_OCTET_STRING *enc_digest; - STACK_OF(X509_ATTRIBUTE) *unauth_attr; /* [ 1 ] */ - - /* The private key to sign with */ - EVP_PKEY *pkey; -} PKCS7_SIGNER_INFO; - -DECLARE_STACK_OF(PKCS7_SIGNER_INFO) - -typedef struct pkcs7_recip_info_st { - ASN1_INTEGER *version; /* version 0 */ - PKCS7_ISSUER_AND_SERIAL *issuer_and_serial; - X509_ALGOR *key_enc_algor; - ASN1_OCTET_STRING *enc_key; - X509 *cert; /* get the pub-key from this */ -} PKCS7_RECIP_INFO; - -DECLARE_STACK_OF(PKCS7_RECIP_INFO) - -typedef struct pkcs7_signed_st { - ASN1_INTEGER *version; /* version 1 */ - STACK_OF(X509_ALGOR) *md_algs; /* md used */ - STACK_OF(X509) *cert; /* [ 0 ] */ - STACK_OF(X509_CRL) *crl; /* [ 1 ] */ - STACK_OF(PKCS7_SIGNER_INFO) *signer_info; - - struct pkcs7_st *contents; -} PKCS7_SIGNED; -/* The above structure is very very similar to PKCS7_SIGN_ENVELOPE. - * How about merging the two */ - -typedef struct pkcs7_enc_content_st { - ASN1_OBJECT *content_type; - X509_ALGOR *algorithm; - ASN1_OCTET_STRING *enc_data; /* [ 0 ] */ - const EVP_CIPHER *cipher; -} PKCS7_ENC_CONTENT; - -typedef struct pkcs7_enveloped_st { - ASN1_INTEGER *version; /* version 0 */ - STACK_OF(PKCS7_RECIP_INFO) *recipientinfo; - PKCS7_ENC_CONTENT *enc_data; -} PKCS7_ENVELOPE; - -typedef struct pkcs7_signedandenveloped_st { - ASN1_INTEGER *version; /* version 1 */ - STACK_OF(X509_ALGOR) *md_algs; /* md used */ - STACK_OF(X509) *cert; /* [ 0 ] */ - STACK_OF(X509_CRL) *crl; /* [ 1 ] */ - STACK_OF(PKCS7_SIGNER_INFO) *signer_info; - - PKCS7_ENC_CONTENT *enc_data; - STACK_OF(PKCS7_RECIP_INFO) *recipientinfo; -} PKCS7_SIGN_ENVELOPE; - -typedef struct pkcs7_digest_st { - ASN1_INTEGER *version; /* version 0 */ - X509_ALGOR *md; /* md used */ - struct pkcs7_st *contents; - ASN1_OCTET_STRING *digest; -} PKCS7_DIGEST; - -typedef struct pkcs7_encrypted_st { - ASN1_INTEGER *version; /* version 0 */ - PKCS7_ENC_CONTENT *enc_data; -} PKCS7_ENCRYPT; - -typedef struct pkcs7_st { - /* The following is non NULL if it contains ASN1 encoding of - * this structure */ - unsigned char *asn1; - long length; - -#define PKCS7_S_HEADER 0 -#define PKCS7_S_BODY 1 -#define PKCS7_S_TAIL 2 - int state; /* used during processing */ - - int detached; - - ASN1_OBJECT *type; - /* content as defined by the type */ - /* all encryption/message digests are applied to the 'contents', - * leaving out the 'type' field. */ - union { - char *ptr; - - /* NID_pkcs7_data */ - ASN1_OCTET_STRING *data; - - /* NID_pkcs7_signed */ - PKCS7_SIGNED *sign; - - /* NID_pkcs7_enveloped */ - PKCS7_ENVELOPE *enveloped; - - /* NID_pkcs7_signedAndEnveloped */ - PKCS7_SIGN_ENVELOPE *signed_and_enveloped; - - /* NID_pkcs7_digest */ - PKCS7_DIGEST *digest; - - /* NID_pkcs7_encrypted */ - PKCS7_ENCRYPT *encrypted; - - /* Anything else */ - ASN1_TYPE *other; - } d; -} PKCS7; - -DECLARE_STACK_OF(PKCS7) -DECLARE_PKCS12_STACK_OF(PKCS7) - -#define PKCS7_OP_SET_DETACHED_SIGNATURE 1 -#define PKCS7_OP_GET_DETACHED_SIGNATURE 2 - -#define PKCS7_get_signed_attributes(si) ((si)->auth_attr) -#define PKCS7_get_attributes(si) ((si)->unauth_attr) - -#define PKCS7_type_is_signed(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_signed) -#define PKCS7_type_is_encrypted(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_encrypted) -#define PKCS7_type_is_enveloped(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_enveloped) -#define PKCS7_type_is_signedAndEnveloped(a) \ - (OBJ_obj2nid((a)->type) == NID_pkcs7_signedAndEnveloped) -#define PKCS7_type_is_data(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_data) -#define PKCS7_type_is_digest(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_digest) -#define PKCS7_type_is_encrypted(a) \ - (OBJ_obj2nid((a)->type) == NID_pkcs7_encrypted) - -#define PKCS7_type_is_digest(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_digest) - -#define PKCS7_set_detached(p,v) \ - PKCS7_ctrl(p,PKCS7_OP_SET_DETACHED_SIGNATURE,v,NULL) -#define PKCS7_get_detached(p) \ - PKCS7_ctrl(p,PKCS7_OP_GET_DETACHED_SIGNATURE,0,NULL) - -#define PKCS7_is_detached(p7) (PKCS7_type_is_signed(p7) && PKCS7_get_detached(p7)) - -/* S/MIME related flags */ - -#define PKCS7_TEXT 0x1 -#define PKCS7_NOCERTS 0x2 -#define PKCS7_NOSIGS 0x4 -#define PKCS7_NOCHAIN 0x8 -#define PKCS7_NOINTERN 0x10 -#define PKCS7_NOVERIFY 0x20 -#define PKCS7_DETACHED 0x40 -#define PKCS7_BINARY 0x80 -#define PKCS7_NOATTR 0x100 -#define PKCS7_NOSMIMECAP 0x200 -#define PKCS7_NOOLDMIMETYPE 0x400 -#define PKCS7_CRLFEOL 0x800 -#define PKCS7_STREAM 0x1000 -#define PKCS7_NOCRL 0x2000 -#define PKCS7_PARTIAL 0x4000 -#define PKCS7_REUSE_DIGEST 0x8000 - -/* Flags: for compatibility with older code */ - -#define SMIME_TEXT PKCS7_TEXT -#define SMIME_NOCERTS PKCS7_NOCERTS -#define SMIME_NOSIGS PKCS7_NOSIGS -#define SMIME_NOCHAIN PKCS7_NOCHAIN -#define SMIME_NOINTERN PKCS7_NOINTERN -#define SMIME_NOVERIFY PKCS7_NOVERIFY -#define SMIME_DETACHED PKCS7_DETACHED -#define SMIME_BINARY PKCS7_BINARY -#define SMIME_NOATTR PKCS7_NOATTR - -PKCS7_ISSUER_AND_SERIAL *PKCS7_ISSUER_AND_SERIAL_new(void); -void PKCS7_ISSUER_AND_SERIAL_free(PKCS7_ISSUER_AND_SERIAL *a); -PKCS7_ISSUER_AND_SERIAL *d2i_PKCS7_ISSUER_AND_SERIAL(PKCS7_ISSUER_AND_SERIAL **a, const unsigned char **in, long len); -int i2d_PKCS7_ISSUER_AND_SERIAL(PKCS7_ISSUER_AND_SERIAL *a, unsigned char **out); -extern const ASN1_ITEM PKCS7_ISSUER_AND_SERIAL_it; - -int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data, - const EVP_MD *type, unsigned char *md, unsigned int *len); -PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7); -int i2d_PKCS7_fp(FILE *fp, PKCS7 *p7); -PKCS7 *PKCS7_dup(PKCS7 *p7); -PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7); -int i2d_PKCS7_bio(BIO *bp, PKCS7 *p7); -int i2d_PKCS7_bio_stream(BIO *out, PKCS7 *p7, BIO *in, int flags); -int PEM_write_bio_PKCS7_stream(BIO *out, PKCS7 *p7, BIO *in, int flags); - -PKCS7_SIGNER_INFO *PKCS7_SIGNER_INFO_new(void); -void PKCS7_SIGNER_INFO_free(PKCS7_SIGNER_INFO *a); -PKCS7_SIGNER_INFO *d2i_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO **a, const unsigned char **in, long len); -int i2d_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO *a, unsigned char **out); -extern const ASN1_ITEM PKCS7_SIGNER_INFO_it; -PKCS7_RECIP_INFO *PKCS7_RECIP_INFO_new(void); -void PKCS7_RECIP_INFO_free(PKCS7_RECIP_INFO *a); -PKCS7_RECIP_INFO *d2i_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO **a, const unsigned char **in, long len); -int i2d_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO *a, unsigned char **out); -extern const ASN1_ITEM PKCS7_RECIP_INFO_it; -PKCS7_SIGNED *PKCS7_SIGNED_new(void); -void PKCS7_SIGNED_free(PKCS7_SIGNED *a); -PKCS7_SIGNED *d2i_PKCS7_SIGNED(PKCS7_SIGNED **a, const unsigned char **in, long len); -int i2d_PKCS7_SIGNED(PKCS7_SIGNED *a, unsigned char **out); -extern const ASN1_ITEM PKCS7_SIGNED_it; -PKCS7_ENC_CONTENT *PKCS7_ENC_CONTENT_new(void); -void PKCS7_ENC_CONTENT_free(PKCS7_ENC_CONTENT *a); -PKCS7_ENC_CONTENT *d2i_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT **a, const unsigned char **in, long len); -int i2d_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT *a, unsigned char **out); -extern const ASN1_ITEM PKCS7_ENC_CONTENT_it; -PKCS7_ENVELOPE *PKCS7_ENVELOPE_new(void); -void PKCS7_ENVELOPE_free(PKCS7_ENVELOPE *a); -PKCS7_ENVELOPE *d2i_PKCS7_ENVELOPE(PKCS7_ENVELOPE **a, const unsigned char **in, long len); -int i2d_PKCS7_ENVELOPE(PKCS7_ENVELOPE *a, unsigned char **out); -extern const ASN1_ITEM PKCS7_ENVELOPE_it; -PKCS7_SIGN_ENVELOPE *PKCS7_SIGN_ENVELOPE_new(void); -void PKCS7_SIGN_ENVELOPE_free(PKCS7_SIGN_ENVELOPE *a); -PKCS7_SIGN_ENVELOPE *d2i_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE **a, const unsigned char **in, long len); -int i2d_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE *a, unsigned char **out); -extern const ASN1_ITEM PKCS7_SIGN_ENVELOPE_it; -PKCS7_DIGEST *PKCS7_DIGEST_new(void); -void PKCS7_DIGEST_free(PKCS7_DIGEST *a); -PKCS7_DIGEST *d2i_PKCS7_DIGEST(PKCS7_DIGEST **a, const unsigned char **in, long len); -int i2d_PKCS7_DIGEST(PKCS7_DIGEST *a, unsigned char **out); -extern const ASN1_ITEM PKCS7_DIGEST_it; -PKCS7_ENCRYPT *PKCS7_ENCRYPT_new(void); -void PKCS7_ENCRYPT_free(PKCS7_ENCRYPT *a); -PKCS7_ENCRYPT *d2i_PKCS7_ENCRYPT(PKCS7_ENCRYPT **a, const unsigned char **in, long len); -int i2d_PKCS7_ENCRYPT(PKCS7_ENCRYPT *a, unsigned char **out); -extern const ASN1_ITEM PKCS7_ENCRYPT_it; -PKCS7 *PKCS7_new(void); -void PKCS7_free(PKCS7 *a); -PKCS7 *d2i_PKCS7(PKCS7 **a, const unsigned char **in, long len); -int i2d_PKCS7(PKCS7 *a, unsigned char **out); -extern const ASN1_ITEM PKCS7_it; - -extern const ASN1_ITEM PKCS7_ATTR_SIGN_it; -extern const ASN1_ITEM PKCS7_ATTR_VERIFY_it; - -int i2d_PKCS7_NDEF(PKCS7 *a, unsigned char **out); -int PKCS7_print_ctx(BIO *out, PKCS7 *x, int indent, const ASN1_PCTX *pctx); - -long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg); - -int PKCS7_set_type(PKCS7 *p7, int type); -int PKCS7_set0_type_other(PKCS7 *p7, int type, ASN1_TYPE *other); -int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data); -int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey, - const EVP_MD *dgst); -int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si); -int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i); -int PKCS7_add_certificate(PKCS7 *p7, X509 *x509); -int PKCS7_add_crl(PKCS7 *p7, X509_CRL *x509); -int PKCS7_content_new(PKCS7 *p7, int nid); -int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx, - BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si); -int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si, - X509 *x509); - -BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio); -int PKCS7_dataFinal(PKCS7 *p7, BIO *bio); -BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert); - - -PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509, - EVP_PKEY *pkey, const EVP_MD *dgst); -X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si); -int PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md); -STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7); - -PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509); -void PKCS7_SIGNER_INFO_get0_algs(PKCS7_SIGNER_INFO *si, EVP_PKEY **pk, - X509_ALGOR **pdig, X509_ALGOR **psig); -void PKCS7_RECIP_INFO_get0_alg(PKCS7_RECIP_INFO *ri, X509_ALGOR **penc); -int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri); -int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509); -int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher); -int PKCS7_stream(unsigned char ***boundary, PKCS7 *p7); - -PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx); -ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk); -int PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int type, - void *data); -int PKCS7_add_attribute (PKCS7_SIGNER_INFO *p7si, int nid, int atrtype, - void *value); -ASN1_TYPE *PKCS7_get_attribute(PKCS7_SIGNER_INFO *si, int nid); -ASN1_TYPE *PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO *si, int nid); -int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si, - STACK_OF(X509_ATTRIBUTE) *sk); -int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si, STACK_OF(X509_ATTRIBUTE) *sk); - - -PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, - BIO *data, int flags); - -PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7, - X509 *signcert, EVP_PKEY *pkey, const EVP_MD *md, - int flags); - -int PKCS7_final(PKCS7 *p7, BIO *data, int flags); -int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, - BIO *indata, BIO *out, int flags); -STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags); -PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, - int flags); -int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags); - -int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si, - STACK_OF(X509_ALGOR) *cap); -STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si); -int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg); - -int PKCS7_add_attrib_content_type(PKCS7_SIGNER_INFO *si, ASN1_OBJECT *coid); -int PKCS7_add0_attrib_signing_time(PKCS7_SIGNER_INFO *si, ASN1_TIME *t); -int PKCS7_add1_attrib_digest(PKCS7_SIGNER_INFO *si, - const unsigned char *md, int mdlen); - -int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags); -PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont); - -BIO *BIO_new_PKCS7(BIO *out, PKCS7 *p7); - - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_PKCS7_strings(void); - -/* Error codes for the PKCS7 functions. */ - -/* Function codes. */ -#define PKCS7_F_B64_READ_PKCS7 120 -#define PKCS7_F_B64_WRITE_PKCS7 121 -#define PKCS7_F_DO_PKCS7_SIGNED_ATTRIB 136 -#define PKCS7_F_I2D_PKCS7_BIO_STREAM 140 -#define PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME 135 -#define PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP 118 -#define PKCS7_F_PKCS7_ADD_CERTIFICATE 100 -#define PKCS7_F_PKCS7_ADD_CRL 101 -#define PKCS7_F_PKCS7_ADD_RECIPIENT_INFO 102 -#define PKCS7_F_PKCS7_ADD_SIGNATURE 131 -#define PKCS7_F_PKCS7_ADD_SIGNER 103 -#define PKCS7_F_PKCS7_BIO_ADD_DIGEST 125 -#define PKCS7_F_PKCS7_COPY_EXISTING_DIGEST 138 -#define PKCS7_F_PKCS7_CTRL 104 -#define PKCS7_F_PKCS7_DATADECODE 112 -#define PKCS7_F_PKCS7_DATAFINAL 128 -#define PKCS7_F_PKCS7_DATAINIT 105 -#define PKCS7_F_PKCS7_DATASIGN 106 -#define PKCS7_F_PKCS7_DATAVERIFY 107 -#define PKCS7_F_PKCS7_DECRYPT 114 -#define PKCS7_F_PKCS7_DECRYPT_RINFO 133 -#define PKCS7_F_PKCS7_ENCODE_RINFO 132 -#define PKCS7_F_PKCS7_ENCRYPT 115 -#define PKCS7_F_PKCS7_FINAL 134 -#define PKCS7_F_PKCS7_FIND_DIGEST 127 -#define PKCS7_F_PKCS7_GET0_SIGNERS 124 -#define PKCS7_F_PKCS7_RECIP_INFO_SET 130 -#define PKCS7_F_PKCS7_SET_CIPHER 108 -#define PKCS7_F_PKCS7_SET_CONTENT 109 -#define PKCS7_F_PKCS7_SET_DIGEST 126 -#define PKCS7_F_PKCS7_SET_TYPE 110 -#define PKCS7_F_PKCS7_SIGN 116 -#define PKCS7_F_PKCS7_SIGNATUREVERIFY 113 -#define PKCS7_F_PKCS7_SIGNER_INFO_SET 129 -#define PKCS7_F_PKCS7_SIGNER_INFO_SIGN 139 -#define PKCS7_F_PKCS7_SIGN_ADD_SIGNER 137 -#define PKCS7_F_PKCS7_SIMPLE_SMIMECAP 119 -#define PKCS7_F_PKCS7_VERIFY 117 -#define PKCS7_F_SMIME_READ_PKCS7 122 -#define PKCS7_F_SMIME_TEXT 123 - -/* Reason codes. */ -#define PKCS7_R_CERTIFICATE_VERIFY_ERROR 117 -#define PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 144 -#define PKCS7_R_CIPHER_NOT_INITIALIZED 116 -#define PKCS7_R_CONTENT_AND_DATA_PRESENT 118 -#define PKCS7_R_CTRL_ERROR 152 -#define PKCS7_R_DECODE_ERROR 130 -#define PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH 100 -#define PKCS7_R_DECRYPT_ERROR 119 -#define PKCS7_R_DIGEST_FAILURE 101 -#define PKCS7_R_ENCRYPTION_CTRL_FAILURE 149 -#define PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 150 -#define PKCS7_R_ERROR_ADDING_RECIPIENT 120 -#define PKCS7_R_ERROR_SETTING_CIPHER 121 -#define PKCS7_R_INVALID_MIME_TYPE 131 -#define PKCS7_R_INVALID_NULL_POINTER 143 -#define PKCS7_R_MIME_NO_CONTENT_TYPE 132 -#define PKCS7_R_MIME_PARSE_ERROR 133 -#define PKCS7_R_MIME_SIG_PARSE_ERROR 134 -#define PKCS7_R_MISSING_CERIPEND_INFO 103 -#define PKCS7_R_NO_CONTENT 122 -#define PKCS7_R_NO_CONTENT_TYPE 135 -#define PKCS7_R_NO_DEFAULT_DIGEST 151 -#define PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND 154 -#define PKCS7_R_NO_MULTIPART_BODY_FAILURE 136 -#define PKCS7_R_NO_MULTIPART_BOUNDARY 137 -#define PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE 115 -#define PKCS7_R_NO_RECIPIENT_MATCHES_KEY 146 -#define PKCS7_R_NO_SIGNATURES_ON_DATA 123 -#define PKCS7_R_NO_SIGNERS 142 -#define PKCS7_R_NO_SIG_CONTENT_TYPE 138 -#define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE 104 -#define PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR 124 -#define PKCS7_R_PKCS7_ADD_SIGNER_ERROR 153 -#define PKCS7_R_PKCS7_DATAFINAL 126 -#define PKCS7_R_PKCS7_DATAFINAL_ERROR 125 -#define PKCS7_R_PKCS7_DATASIGN 145 -#define PKCS7_R_PKCS7_PARSE_ERROR 139 -#define PKCS7_R_PKCS7_SIG_PARSE_ERROR 140 -#define PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 127 -#define PKCS7_R_SIGNATURE_FAILURE 105 -#define PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND 128 -#define PKCS7_R_SIGNING_CTRL_FAILURE 147 -#define PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 148 -#define PKCS7_R_SIG_INVALID_MIME_TYPE 141 -#define PKCS7_R_SMIME_TEXT_ERROR 129 -#define PKCS7_R_UNABLE_TO_FIND_CERTIFICATE 106 -#define PKCS7_R_UNABLE_TO_FIND_MEM_BIO 107 -#define PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST 108 -#define PKCS7_R_UNKNOWN_DIGEST_TYPE 109 -#define PKCS7_R_UNKNOWN_OPERATION 110 -#define PKCS7_R_UNSUPPORTED_CIPHER_TYPE 111 -#define PKCS7_R_UNSUPPORTED_CONTENT_TYPE 112 -#define PKCS7_R_WRONG_CONTENT_TYPE 113 -#define PKCS7_R_WRONG_PKCS7_TYPE 114 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/openssl/poly1305.h b/libressl/include64/openssl/poly1305.h deleted file mode 100644 index 00ab0bfd..00000000 --- a/libressl/include64/openssl/poly1305.h +++ /dev/null @@ -1,49 +0,0 @@ -/* $OpenBSD: poly1305.h,v 1.3 2014/07/25 14:04:51 jsing Exp $ */ -/* - * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef HEADER_POLY1305_H -#define HEADER_POLY1305_H - -#include <openssl/opensslconf.h> - -#if defined(OPENSSL_NO_POLY1305) -#error Poly1305 is disabled. -#endif - -#include <stddef.h> - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct poly1305_context { - size_t aligner; - unsigned char opaque[136]; -} poly1305_context; - -typedef struct poly1305_context poly1305_state; - -void CRYPTO_poly1305_init(poly1305_context *ctx, const unsigned char key[32]); -void CRYPTO_poly1305_update(poly1305_context *ctx, const unsigned char *in, - size_t len); -void CRYPTO_poly1305_finish(poly1305_context *ctx, unsigned char mac[16]); - -#ifdef __cplusplus -} -#endif - -#endif /* HEADER_POLY1305_H */ diff --git a/libressl/include64/openssl/rand.h b/libressl/include64/openssl/rand.h deleted file mode 100644 index fcb2e921..00000000 --- a/libressl/include64/openssl/rand.h +++ /dev/null @@ -1,127 +0,0 @@ -/* $OpenBSD: rand.h,v 1.22 2014/10/22 14:02:52 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdlib.h> - -#ifndef HEADER_RAND_H -#define HEADER_RAND_H - -#include <openssl/opensslconf.h> - -#include <openssl/ossl_typ.h> - -#ifdef __cplusplus -extern "C" { -#endif - -/* Already defined in ossl_typ.h */ -/* typedef struct rand_meth_st RAND_METHOD; */ - -struct rand_meth_st { - void (*seed)(const void *buf, int num); - int (*bytes)(unsigned char *buf, int num); - void (*cleanup)(void); - void (*add)(const void *buf, int num, double entropy); - int (*pseudorand)(unsigned char *buf, int num); - int (*status)(void); -}; - -int RAND_set_rand_method(const RAND_METHOD *meth); -const RAND_METHOD *RAND_get_rand_method(void); -#ifndef OPENSSL_NO_ENGINE -int RAND_set_rand_engine(ENGINE *engine); -#endif -RAND_METHOD *RAND_SSLeay(void); - -#ifndef LIBRESSL_INTERNAL -void RAND_cleanup(void ); -int RAND_bytes(unsigned char *buf, int num); -int RAND_pseudo_bytes(unsigned char *buf, int num); -void RAND_seed(const void *buf, int num); -void RAND_add(const void *buf, int num, double entropy); -int RAND_load_file(const char *file, long max_bytes); -int RAND_write_file(const char *file); -const char *RAND_file_name(char *file, size_t num); -int RAND_status(void); -int RAND_poll(void); -#endif - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_RAND_strings(void); - -/* Error codes for the RAND functions. (no longer used) */ - -/* Function codes. */ -#define RAND_F_RAND_GET_RAND_METHOD 101 -#define RAND_F_RAND_INIT_FIPS 102 -#define RAND_F_SSLEAY_RAND_BYTES 100 - -/* Reason codes. */ -#define RAND_R_DUAL_EC_DRBG_DISABLED 104 -#define RAND_R_ERROR_INITIALISING_DRBG 102 -#define RAND_R_ERROR_INSTANTIATING_DRBG 103 -#define RAND_R_NO_FIPS_RANDOM_METHOD_SET 101 -#define RAND_R_PRNG_NOT_SEEDED 100 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/openssl/rc2.h b/libressl/include64/openssl/rc2.h deleted file mode 100644 index 21511ff3..00000000 --- a/libressl/include64/openssl/rc2.h +++ /dev/null @@ -1,101 +0,0 @@ -/* $OpenBSD: rc2.h,v 1.11 2014/07/10 22:45:57 jsing Exp $ */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_RC2_H -#define HEADER_RC2_H - -#include <openssl/opensslconf.h> /* OPENSSL_NO_RC2, RC2_INT */ - -#ifdef OPENSSL_NO_RC2 -#error RC2 is disabled. -#endif - -#define RC2_ENCRYPT 1 -#define RC2_DECRYPT 0 - -#define RC2_BLOCK 8 -#define RC2_KEY_LENGTH 16 - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct rc2_key_st - { - RC2_INT data[64]; - } RC2_KEY; - -void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits); -void RC2_ecb_encrypt(const unsigned char *in,unsigned char *out,RC2_KEY *key, - int enc); -void RC2_encrypt(unsigned long *data,RC2_KEY *key); -void RC2_decrypt(unsigned long *data,RC2_KEY *key); -void RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, - RC2_KEY *ks, unsigned char *iv, int enc); -void RC2_cfb64_encrypt(const unsigned char *in, unsigned char *out, - long length, RC2_KEY *schedule, unsigned char *ivec, - int *num, int enc); -void RC2_ofb64_encrypt(const unsigned char *in, unsigned char *out, - long length, RC2_KEY *schedule, unsigned char *ivec, - int *num); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/libressl/include64/openssl/rc4.h b/libressl/include64/openssl/rc4.h deleted file mode 100644 index f59185ed..00000000 --- a/libressl/include64/openssl/rc4.h +++ /dev/null @@ -1,89 +0,0 @@ -/* $OpenBSD: rc4.h,v 1.13 2015/10/20 15:50:13 jsing Exp $ */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_RC4_H -#define HEADER_RC4_H - -#include <openssl/opensslconf.h> /* OPENSSL_NO_RC4, RC4_INT */ - -#ifdef OPENSSL_NO_RC4 -#error RC4 is disabled. -#endif - -#include <stddef.h> - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct rc4_key_st { - RC4_INT x, y; - RC4_INT data[256]; -} RC4_KEY; - -const char *RC4_options(void); -void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data); -void private_RC4_set_key(RC4_KEY *key, int len, const unsigned char *data); -void RC4(RC4_KEY *key, size_t len, const unsigned char *indata, - unsigned char *outdata); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/libressl/include64/openssl/ripemd.h b/libressl/include64/openssl/ripemd.h deleted file mode 100644 index a5f3a129..00000000 --- a/libressl/include64/openssl/ripemd.h +++ /dev/null @@ -1,105 +0,0 @@ -/* $OpenBSD: ripemd.h,v 1.14 2014/07/10 22:45:57 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stddef.h> - -#ifndef HEADER_RIPEMD_H -#define HEADER_RIPEMD_H - -#include <openssl/opensslconf.h> - -#ifdef __cplusplus -extern "C" { -#endif - -#ifdef OPENSSL_NO_RIPEMD -#error RIPEMD is disabled. -#endif - -#if defined(__LP32__) -#define RIPEMD160_LONG unsigned long -#elif defined(__ILP64__) -#define RIPEMD160_LONG unsigned long -#define RIPEMD160_LONG_LOG2 3 -#else -#define RIPEMD160_LONG unsigned int -#endif - -#define RIPEMD160_CBLOCK 64 -#define RIPEMD160_LBLOCK (RIPEMD160_CBLOCK/4) -#define RIPEMD160_DIGEST_LENGTH 20 - -typedef struct RIPEMD160state_st - { - RIPEMD160_LONG A,B,C,D,E; - RIPEMD160_LONG Nl,Nh; - RIPEMD160_LONG data[RIPEMD160_LBLOCK]; - unsigned int num; - } RIPEMD160_CTX; - -int RIPEMD160_Init(RIPEMD160_CTX *c); -int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, size_t len); -int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c); -unsigned char *RIPEMD160(const unsigned char *d, size_t n, - unsigned char *md); -void RIPEMD160_Transform(RIPEMD160_CTX *c, const unsigned char *b); -#ifdef __cplusplus -} -#endif - -#endif diff --git a/libressl/include64/openssl/rsa.h b/libressl/include64/openssl/rsa.h deleted file mode 100644 index 2aa472f5..00000000 --- a/libressl/include64/openssl/rsa.h +++ /dev/null @@ -1,621 +0,0 @@ -/* $OpenBSD: rsa.h,v 1.40 2019/06/05 15:41:33 gilles Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_RSA_H -#define HEADER_RSA_H - -#include <openssl/opensslconf.h> - -#include <openssl/asn1.h> - -#ifndef OPENSSL_NO_BIO -#include <openssl/bio.h> -#endif -#include <openssl/crypto.h> -#include <openssl/ossl_typ.h> -#ifndef OPENSSL_NO_DEPRECATED -#include <openssl/bn.h> -#endif - -#ifdef OPENSSL_NO_RSA -#error RSA is disabled. -#endif - -#ifdef __cplusplus -extern "C" { -#endif - -/* Declared already in ossl_typ.h */ -/* typedef struct rsa_st RSA; */ -/* typedef struct rsa_meth_st RSA_METHOD; */ - -struct rsa_meth_st { - const char *name; - int (*rsa_pub_enc)(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding); - int (*rsa_pub_dec)(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding); - int (*rsa_priv_enc)(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding); - int (*rsa_priv_dec)(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding); - int (*rsa_mod_exp)(BIGNUM *r0, const BIGNUM *I, RSA *rsa, - BN_CTX *ctx); /* Can be null */ - int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); /* Can be null */ - int (*init)(RSA *rsa); /* called at new */ - int (*finish)(RSA *rsa); /* called at free */ - int flags; /* RSA_METHOD_FLAG_* things */ - char *app_data; /* may be needed! */ -/* New sign and verify functions: some libraries don't allow arbitrary data - * to be signed/verified: this allows them to be used. Note: for this to work - * the RSA_public_decrypt() and RSA_private_encrypt() should *NOT* be used - * RSA_sign(), RSA_verify() should be used instead. Note: for backwards - * compatibility this functionality is only enabled if the RSA_FLAG_SIGN_VER - * option is set in 'flags'. - */ - int (*rsa_sign)(int type, const unsigned char *m, unsigned int m_length, - unsigned char *sigret, unsigned int *siglen, const RSA *rsa); - int (*rsa_verify)(int dtype, const unsigned char *m, - unsigned int m_length, const unsigned char *sigbuf, - unsigned int siglen, const RSA *rsa); -/* If this callback is NULL, the builtin software RSA key-gen will be used. This - * is for behavioural compatibility whilst the code gets rewired, but one day - * it would be nice to assume there are no such things as "builtin software" - * implementations. */ - int (*rsa_keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb); -}; - -struct rsa_st { - /* The first parameter is used to pickup errors where - * this is passed instead of aEVP_PKEY, it is set to 0 */ - int pad; - long version; - const RSA_METHOD *meth; - /* functional reference if 'meth' is ENGINE-provided */ - ENGINE *engine; - BIGNUM *n; - BIGNUM *e; - BIGNUM *d; - BIGNUM *p; - BIGNUM *q; - BIGNUM *dmp1; - BIGNUM *dmq1; - BIGNUM *iqmp; - /* be careful using this if the RSA structure is shared */ - CRYPTO_EX_DATA ex_data; - int references; - int flags; - - /* Used to cache montgomery values */ - BN_MONT_CTX *_method_mod_n; - BN_MONT_CTX *_method_mod_p; - BN_MONT_CTX *_method_mod_q; - - /* all BIGNUM values are actually in the following data, if it is not - * NULL */ - BN_BLINDING *blinding; - BN_BLINDING *mt_blinding; -}; - -#ifndef OPENSSL_RSA_MAX_MODULUS_BITS -# define OPENSSL_RSA_MAX_MODULUS_BITS 16384 -#endif - -#ifndef OPENSSL_RSA_SMALL_MODULUS_BITS -# define OPENSSL_RSA_SMALL_MODULUS_BITS 3072 -#endif -#ifndef OPENSSL_RSA_MAX_PUBEXP_BITS -# define OPENSSL_RSA_MAX_PUBEXP_BITS 64 /* exponent limit enforced for "large" modulus only */ -#endif - -#define RSA_3 0x3L -#define RSA_F4 0x10001L - -/* Don't check pub/private match. */ -#define RSA_METHOD_FLAG_NO_CHECK 0x0001 - -#define RSA_FLAG_CACHE_PUBLIC 0x0002 -#define RSA_FLAG_CACHE_PRIVATE 0x0004 -#define RSA_FLAG_BLINDING 0x0008 -#define RSA_FLAG_THREAD_SAFE 0x0010 - -/* - * This flag means the private key operations will be handled by rsa_mod_exp - * and that they do not depend on the private key components being present: - * for example a key stored in external hardware. Without this flag bn_mod_exp - * gets called when private key components are absent. - */ -#define RSA_FLAG_EXT_PKEY 0x0020 - -/* - * This flag in the RSA_METHOD enables the new rsa_sign, rsa_verify functions. - */ -#define RSA_FLAG_SIGN_VER 0x0040 - -/* - * The built-in RSA implementation uses blinding by default, but other engines - * might not need it. - */ -#define RSA_FLAG_NO_BLINDING 0x0080 - -#define EVP_PKEY_CTX_set_rsa_padding(ctx, pad) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, EVP_PKEY_CTRL_RSA_PADDING, \ - pad, NULL) - -#define EVP_PKEY_CTX_get_rsa_padding(ctx, ppad) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, \ - EVP_PKEY_CTRL_GET_RSA_PADDING, 0, ppad) - -#define EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, len) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \ - (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \ - EVP_PKEY_CTRL_RSA_PSS_SALTLEN, \ - len, NULL) - -#define EVP_PKEY_CTX_get_rsa_pss_saltlen(ctx, plen) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \ - (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \ - EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN, \ - 0, plen) - -#define EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \ - EVP_PKEY_CTRL_RSA_KEYGEN_BITS, bits, NULL) - -#define EVP_PKEY_CTX_set_rsa_keygen_pubexp(ctx, pubexp) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \ - EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, 0, pubexp) - -#define EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, md) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_SIG, \ - EVP_PKEY_CTRL_RSA_MGF1_MD, 0, (void *)md) - -#define EVP_PKEY_CTX_get_rsa_mgf1_md(ctx, pmd) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_SIG, \ - EVP_PKEY_CTRL_GET_RSA_MGF1_MD, 0, (void *)pmd) - -#define EVP_PKEY_CTRL_RSA_PADDING (EVP_PKEY_ALG_CTRL + 1) -#define EVP_PKEY_CTRL_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 2) - -#define EVP_PKEY_CTRL_RSA_KEYGEN_BITS (EVP_PKEY_ALG_CTRL + 3) -#define EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP (EVP_PKEY_ALG_CTRL + 4) -#define EVP_PKEY_CTRL_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 5) - -#define EVP_PKEY_CTRL_GET_RSA_PADDING (EVP_PKEY_ALG_CTRL + 6) -#define EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 7) -#define EVP_PKEY_CTRL_GET_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 8) - -#define RSA_PKCS1_PADDING 1 -#define RSA_SSLV23_PADDING 2 -#define RSA_NO_PADDING 3 -#define RSA_PKCS1_OAEP_PADDING 4 -#define RSA_X931_PADDING 5 -/* EVP_PKEY_ only */ -#define RSA_PKCS1_PSS_PADDING 6 - -#define RSA_PKCS1_PADDING_SIZE 11 - -#define RSA_set_app_data(s,arg) RSA_set_ex_data(s,0,arg) -#define RSA_get_app_data(s) RSA_get_ex_data(s,0) - -RSA *RSA_new(void); -RSA *RSA_new_method(ENGINE *engine); -int RSA_bits(const RSA *rsa); -int RSA_size(const RSA *rsa); - -/* Deprecated version */ -#ifndef OPENSSL_NO_DEPRECATED -RSA *RSA_generate_key(int bits, unsigned long e, - void (*callback)(int, int, void *), void *cb_arg); -#endif /* !defined(OPENSSL_NO_DEPRECATED) */ - -/* New version */ -int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb); - -int RSA_check_key(const RSA *); -/* next 4 return -1 on error */ -int RSA_public_encrypt(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding); -int RSA_private_encrypt(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding); -int RSA_public_decrypt(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding); -int RSA_private_decrypt(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding); -void RSA_free(RSA *r); -/* "up" the RSA object's reference count */ -int RSA_up_ref(RSA *r); - -int RSA_flags(const RSA *r); - -void RSA_set_default_method(const RSA_METHOD *meth); -const RSA_METHOD *RSA_get_default_method(void); -const RSA_METHOD *RSA_get_method(const RSA *rsa); -int RSA_set_method(RSA *rsa, const RSA_METHOD *meth); - -/* these are the actual SSLeay RSA functions */ -const RSA_METHOD *RSA_PKCS1_SSLeay(void); - -const RSA_METHOD *RSA_null_method(void); - -RSA *d2i_RSAPublicKey(RSA **a, const unsigned char **in, long len); -int i2d_RSAPublicKey(const RSA *a, unsigned char **out); -extern const ASN1_ITEM RSAPublicKey_it; -RSA *d2i_RSAPrivateKey(RSA **a, const unsigned char **in, long len); -int i2d_RSAPrivateKey(const RSA *a, unsigned char **out); -extern const ASN1_ITEM RSAPrivateKey_it; - -typedef struct rsa_pss_params_st { - X509_ALGOR *hashAlgorithm; - X509_ALGOR *maskGenAlgorithm; - ASN1_INTEGER *saltLength; - ASN1_INTEGER *trailerField; -} RSA_PSS_PARAMS; - -RSA_PSS_PARAMS *RSA_PSS_PARAMS_new(void); -void RSA_PSS_PARAMS_free(RSA_PSS_PARAMS *a); -RSA_PSS_PARAMS *d2i_RSA_PSS_PARAMS(RSA_PSS_PARAMS **a, const unsigned char **in, long len); -int i2d_RSA_PSS_PARAMS(RSA_PSS_PARAMS *a, unsigned char **out); -extern const ASN1_ITEM RSA_PSS_PARAMS_it; - -int RSA_print_fp(FILE *fp, const RSA *r, int offset); - -#ifndef OPENSSL_NO_BIO -int RSA_print(BIO *bp, const RSA *r, int offset); -#endif - -#ifndef OPENSSL_NO_RC4 -int i2d_RSA_NET(const RSA *a, unsigned char **pp, - int (*cb)(char *buf, int len, const char *prompt, int verify), int sgckey); -RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, - int (*cb)(char *buf, int len, const char *prompt, int verify), int sgckey); - -int i2d_Netscape_RSA(const RSA *a, unsigned char **pp, - int (*cb)(char *buf, int len, const char *prompt, int verify)); -RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, - int (*cb)(char *buf, int len, const char *prompt, int verify)); -#endif - -/* The following 2 functions sign and verify a X509_SIG ASN1 object - * inside PKCS#1 padded RSA encryption */ -int RSA_sign(int type, const unsigned char *m, unsigned int m_length, - unsigned char *sigret, unsigned int *siglen, RSA *rsa); -int RSA_verify(int type, const unsigned char *m, unsigned int m_length, - const unsigned char *sigbuf, unsigned int siglen, RSA *rsa); - -/* The following 2 function sign and verify a ASN1_OCTET_STRING - * object inside PKCS#1 padded RSA encryption */ -int RSA_sign_ASN1_OCTET_STRING(int type, const unsigned char *m, - unsigned int m_length, unsigned char *sigret, unsigned int *siglen, - RSA *rsa); -int RSA_verify_ASN1_OCTET_STRING(int type, const unsigned char *m, - unsigned int m_length, unsigned char *sigbuf, unsigned int siglen, - RSA *rsa); - -int RSA_blinding_on(RSA *rsa, BN_CTX *ctx); -void RSA_blinding_off(RSA *rsa); -BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *ctx); - -int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen, - const unsigned char *f, int fl); -int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen, - const unsigned char *f, int fl, int rsa_len); -int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen, - const unsigned char *f, int fl); -int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen, - const unsigned char *f, int fl, int rsa_len); -int PKCS1_MGF1(unsigned char *mask, long len, - const unsigned char *seed, long seedlen, const EVP_MD *dgst); -int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, - const unsigned char *f, int fl, - const unsigned char *p, int pl); -int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, - const unsigned char *f, int fl, int rsa_len, - const unsigned char *p, int pl); -int RSA_padding_add_none(unsigned char *to, int tlen, - const unsigned char *f, int fl); -int RSA_padding_check_none(unsigned char *to, int tlen, - const unsigned char *f, int fl, int rsa_len); -int RSA_padding_add_X931(unsigned char *to, int tlen, - const unsigned char *f, int fl); -int RSA_padding_check_X931(unsigned char *to, int tlen, - const unsigned char *f, int fl, int rsa_len); -int RSA_X931_hash_id(int nid); - -int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash, - const EVP_MD *Hash, const unsigned char *EM, int sLen); -int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM, - const unsigned char *mHash, const EVP_MD *Hash, int sLen); - -int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash, - const EVP_MD *Hash, const EVP_MD *mgf1Hash, const unsigned char *EM, - int sLen); - -int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, - const unsigned char *mHash, const EVP_MD *Hash, const EVP_MD *mgf1Hash, - int sLen); - -int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -int RSA_set_ex_data(RSA *r, int idx, void *arg); -void *RSA_get_ex_data(const RSA *r, int idx); - -void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, - const BIGNUM **d); -int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d); -void RSA_get0_crt_params(const RSA *r, const BIGNUM **dmp1, const BIGNUM **dmq1, - const BIGNUM **iqmp); -int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp); -void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q); -int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q); -void RSA_clear_flags(RSA *r, int flags); -int RSA_test_flags(const RSA *r, int flags); -void RSA_set_flags(RSA *r, int flags); - -RSA *RSAPublicKey_dup(RSA *rsa); -RSA *RSAPrivateKey_dup(RSA *rsa); - -/* If this flag is set the RSA method is FIPS compliant and can be used - * in FIPS mode. This is set in the validated module method. If an - * application sets this flag in its own methods it is its responsibility - * to ensure the result is compliant. - */ - -#define RSA_FLAG_FIPS_METHOD 0x0400 - -/* If this flag is set the operations normally disabled in FIPS mode are - * permitted it is then the applications responsibility to ensure that the - * usage is compliant. - */ - -#define RSA_FLAG_NON_FIPS_ALLOW 0x0400 -/* Application has decided PRNG is good enough to generate a key: don't - * check. - */ -#define RSA_FLAG_CHECKED 0x0800 - -RSA_METHOD *RSA_meth_new(const char *name, int flags); -void RSA_meth_free(RSA_METHOD *meth); -RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth); -int RSA_meth_set1_name(RSA_METHOD *meth, const char *name); -int RSA_meth_set_priv_enc(RSA_METHOD *meth, int (*priv_enc)(int flen, - const unsigned char *from, unsigned char *to, RSA *rsa, int padding)); -int RSA_meth_set_priv_dec(RSA_METHOD *meth, int (*priv_dec)(int flen, - const unsigned char *from, unsigned char *to, RSA *rsa, int padding)); -int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa); -int RSA_meth_set_finish(RSA_METHOD *meth, int (*finish)(RSA *rsa)); -int RSA_meth_set_pub_enc(RSA_METHOD *meth, int (*pub_enc)(int flen, - const unsigned char *from, unsigned char *to, RSA *rsa, int padding)); -int RSA_meth_set_pub_dec(RSA_METHOD *meth, int (*pub_dec)(int flen, - const unsigned char *from, unsigned char *to, RSA *rsa, int padding)); -int RSA_meth_set_mod_exp(RSA_METHOD *meth, int (*mod_exp)(BIGNUM *r0, - const BIGNUM *i, RSA *rsa, BN_CTX *ctx)); -int RSA_meth_set_bn_mod_exp(RSA_METHOD *meth, int (*bn_mod_exp)(BIGNUM *r, - const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx)); -int RSA_meth_set_init(RSA_METHOD *meth, int (*init)(RSA *rsa)); -int RSA_meth_set_keygen(RSA_METHOD *meth, int (*keygen)(RSA *rsa, int bits, - BIGNUM *e, BN_GENCB *cb)); -int RSA_meth_set_flags(RSA_METHOD *meth, int flags); -int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data); -const char *RSA_meth_get0_name(const RSA_METHOD *); -int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, - const unsigned char *from, unsigned char *to, RSA *rsa, int padding); -int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))(int flen, - const unsigned char *from, unsigned char *to, RSA *rsa, int padding); -int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, - const unsigned char *from, unsigned char *to, RSA *rsa, int padding); -int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, - const unsigned char *from, unsigned char *to, RSA *rsa, int padding); -int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *i, - RSA *rsa, BN_CTX *ctx); -int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, - const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); -int (*RSA_meth_get_init(const RSA_METHOD *meth))(RSA *rsa); -int (*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e, - BN_GENCB *cb); -int RSA_meth_get_flags(const RSA_METHOD *meth); -void *RSA_meth_get0_app_data(const RSA_METHOD *meth); -int (*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, - const unsigned char *m, unsigned int m_length, - unsigned char *sigret, unsigned int *siglen, - const RSA *rsa); -int RSA_meth_set_sign(RSA_METHOD *rsa, int (*sign)(int type, - const unsigned char *m, unsigned int m_length, unsigned char *sigret, - unsigned int *siglen, const RSA *rsa)); -int (*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, - const unsigned char *m, unsigned int m_length, const unsigned char *sigbuf, - unsigned int siglen, const RSA *rsa); -int RSA_meth_set_verify(RSA_METHOD *rsa, int (*verify)(int dtype, - const unsigned char *m, unsigned int m_length, const unsigned char *sigbuf, - unsigned int siglen, const RSA *rsa)); - - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_RSA_strings(void); - -/* Error codes for the RSA functions. */ - -/* Function codes. */ -#define RSA_F_CHECK_PADDING_MD 140 -#define RSA_F_DO_RSA_PRINT 146 -#define RSA_F_INT_RSA_VERIFY 145 -#define RSA_F_MEMORY_LOCK 100 -#define RSA_F_OLD_RSA_PRIV_DECODE 147 -#define RSA_F_PKEY_RSA_CTRL 143 -#define RSA_F_PKEY_RSA_CTRL_STR 144 -#define RSA_F_PKEY_RSA_SIGN 142 -#define RSA_F_PKEY_RSA_VERIFY 154 -#define RSA_F_PKEY_RSA_VERIFYRECOVER 141 -#define RSA_F_RSA_BUILTIN_KEYGEN 129 -#define RSA_F_RSA_CHECK_KEY 123 -#define RSA_F_RSA_EAY_MOD_EXP 157 -#define RSA_F_RSA_EAY_PRIVATE_DECRYPT 101 -#define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 102 -#define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103 -#define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104 -#define RSA_F_RSA_GENERATE_KEY 105 -#define RSA_F_RSA_GENERATE_KEY_EX 155 -#define RSA_F_RSA_ITEM_VERIFY 156 -#define RSA_F_RSA_MEMORY_LOCK 130 -#define RSA_F_RSA_NEW_METHOD 106 -#define RSA_F_RSA_NULL 124 -#define RSA_F_RSA_NULL_MOD_EXP 131 -#define RSA_F_RSA_NULL_PRIVATE_DECRYPT 132 -#define RSA_F_RSA_NULL_PRIVATE_ENCRYPT 133 -#define RSA_F_RSA_NULL_PUBLIC_DECRYPT 134 -#define RSA_F_RSA_NULL_PUBLIC_ENCRYPT 135 -#define RSA_F_RSA_PADDING_ADD_NONE 107 -#define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121 -#define RSA_F_RSA_PADDING_ADD_PKCS1_PSS 125 -#define RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1 148 -#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108 -#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 109 -#define RSA_F_RSA_PADDING_ADD_X931 127 -#define RSA_F_RSA_PADDING_CHECK_NONE 111 -#define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP 122 -#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 112 -#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 113 -#define RSA_F_RSA_PADDING_CHECK_X931 128 -#define RSA_F_RSA_PRINT 115 -#define RSA_F_RSA_PRINT_FP 116 -#define RSA_F_RSA_PRIVATE_DECRYPT 150 -#define RSA_F_RSA_PRIVATE_ENCRYPT 151 -#define RSA_F_RSA_PRIV_DECODE 137 -#define RSA_F_RSA_PRIV_ENCODE 138 -#define RSA_F_RSA_PUBLIC_DECRYPT 152 -#define RSA_F_RSA_PUBLIC_ENCRYPT 153 -#define RSA_F_RSA_PUB_DECODE 139 -#define RSA_F_RSA_SETUP_BLINDING 136 -#define RSA_F_RSA_SIGN 117 -#define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118 -#define RSA_F_RSA_VERIFY 119 -#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 120 -#define RSA_F_RSA_VERIFY_PKCS1_PSS 126 -#define RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1 149 - -/* Reason codes. */ -#define RSA_R_ALGORITHM_MISMATCH 100 -#define RSA_R_BAD_E_VALUE 101 -#define RSA_R_BAD_FIXED_HEADER_DECRYPT 102 -#define RSA_R_BAD_PAD_BYTE_COUNT 103 -#define RSA_R_BAD_SIGNATURE 104 -#define RSA_R_BLOCK_TYPE_IS_NOT_01 106 -#define RSA_R_BLOCK_TYPE_IS_NOT_02 107 -#define RSA_R_DATA_GREATER_THAN_MOD_LEN 108 -#define RSA_R_DATA_TOO_LARGE 109 -#define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 110 -#define RSA_R_DATA_TOO_LARGE_FOR_MODULUS 132 -#define RSA_R_DATA_TOO_SMALL 111 -#define RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE 122 -#define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY 112 -#define RSA_R_DMP1_NOT_CONGRUENT_TO_D 124 -#define RSA_R_DMQ1_NOT_CONGRUENT_TO_D 125 -#define RSA_R_D_E_NOT_CONGRUENT_TO_1 123 -#define RSA_R_FIRST_OCTET_INVALID 133 -#define RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE 144 -#define RSA_R_INVALID_DIGEST_LENGTH 143 -#define RSA_R_INVALID_HEADER 137 -#define RSA_R_INVALID_KEYBITS 145 -#define RSA_R_INVALID_MESSAGE_LENGTH 131 -#define RSA_R_INVALID_MGF1_MD 156 -#define RSA_R_INVALID_PADDING 138 -#define RSA_R_INVALID_PADDING_MODE 141 -#define RSA_R_INVALID_PSS_PARAMETERS 149 -#define RSA_R_INVALID_PSS_SALTLEN 146 -#define RSA_R_INVALID_SALT_LENGTH 150 -#define RSA_R_INVALID_TRAILER 139 -#define RSA_R_INVALID_X931_DIGEST 142 -#define RSA_R_IQMP_NOT_INVERSE_OF_Q 126 -#define RSA_R_KEY_SIZE_TOO_SMALL 120 -#define RSA_R_LAST_OCTET_INVALID 134 -#define RSA_R_MODULUS_TOO_LARGE 105 -#define RSA_R_NON_FIPS_RSA_METHOD 157 -#define RSA_R_NO_PUBLIC_EXPONENT 140 -#define RSA_R_NULL_BEFORE_BLOCK_MISSING 113 -#define RSA_R_N_DOES_NOT_EQUAL_P_Q 127 -#define RSA_R_OAEP_DECODING_ERROR 121 -#define RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 158 -#define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 148 -#define RSA_R_PADDING_CHECK_FAILED 114 -#define RSA_R_P_NOT_PRIME 128 -#define RSA_R_Q_NOT_PRIME 129 -#define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED 130 -#define RSA_R_SLEN_CHECK_FAILED 136 -#define RSA_R_SLEN_RECOVERY_FAILED 135 -#define RSA_R_SSLV3_ROLLBACK_ATTACK 115 -#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116 -#define RSA_R_UNKNOWN_ALGORITHM_TYPE 117 -#define RSA_R_UNKNOWN_MASK_DIGEST 151 -#define RSA_R_UNKNOWN_PADDING_TYPE 118 -#define RSA_R_UNKNOWN_PSS_DIGEST 152 -#define RSA_R_UNSUPPORTED_MASK_ALGORITHM 153 -#define RSA_R_UNSUPPORTED_MASK_PARAMETER 154 -#define RSA_R_UNSUPPORTED_SIGNATURE_TYPE 155 -#define RSA_R_VALUE_MISSING 147 -#define RSA_R_WRONG_SIGNATURE_LENGTH 119 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/openssl/safestack.h b/libressl/include64/openssl/safestack.h deleted file mode 100644 index 690912b3..00000000 --- a/libressl/include64/openssl/safestack.h +++ /dev/null @@ -1,2182 +0,0 @@ -/* $OpenBSD: safestack.h,v 1.18 2019/08/11 14:14:14 jsing Exp $ */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_SAFESTACK_H -#define HEADER_SAFESTACK_H - -#include <openssl/stack.h> - -#ifndef CHECKED_PTR_OF -#define CHECKED_PTR_OF(type, p) \ - ((void*) (1 ? p : (type*)0)) -#endif - -/* In C++ we get problems because an explicit cast is needed from (void *) - * we use CHECKED_STACK_OF to ensure the correct type is passed in the macros - * below. - */ - -#define CHECKED_STACK_OF(type, p) \ - ((_STACK*) (1 ? p : (STACK_OF(type)*)0)) - -#define CHECKED_SK_FREE_FUNC(type, p) \ - ((void (*)(void *)) ((1 ? p : (void (*)(type *))0))) - -#define CHECKED_SK_FREE_FUNC2(type, p) \ - ((void (*)(void *)) ((1 ? p : (void (*)(type))0))) - -#define CHECKED_SK_CMP_FUNC(type, p) \ - ((int (*)(const void *, const void *)) \ - ((1 ? p : (int (*)(const type * const *, const type * const *))0))) - -#define STACK_OF(type) struct stack_st_##type -#define PREDECLARE_STACK_OF(type) STACK_OF(type); - -#define DECLARE_STACK_OF(type) \ -STACK_OF(type) \ - { \ - _STACK stack; \ - }; -#define DECLARE_SPECIAL_STACK_OF(type, type2) \ -STACK_OF(type) \ - { \ - _STACK stack; \ - }; - -#define IMPLEMENT_STACK_OF(type) /* nada (obsolete in new safestack approach)*/ - - -/* Strings are special: normally an lhash entry will point to a single - * (somewhat) mutable object. In the case of strings: - * - * a) Instead of a single char, there is an array of chars, NUL-terminated. - * b) The string may have be immutable. - * - * So, they need their own declarations. Especially important for - * type-checking tools, such as Deputy. - * -o * In practice, however, it appears to be hard to have a const - * string. For now, I'm settling for dealing with the fact it is a - * string at all. - */ -typedef char *OPENSSL_STRING; - -typedef const char *OPENSSL_CSTRING; - -/* Confusingly, LHASH_OF(STRING) deals with char ** throughout, but - * STACK_OF(STRING) is really more like STACK_OF(char), only, as - * mentioned above, instead of a single char each entry is a - * NUL-terminated array of chars. So, we have to implement STRING - * specially for STACK_OF. This is dealt with in the autogenerated - * macros below. - */ - -DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) - -/* Similarly, we sometimes use a block of characters, NOT - * nul-terminated. These should also be distinguished from "normal" - * stacks. */ - -typedef void *OPENSSL_BLOCK; -DECLARE_SPECIAL_STACK_OF(OPENSSL_BLOCK, void) - -/* SKM_sk_... stack macros are internal to safestack.h: - * never use them directly, use sk_<type>_... instead */ -#define SKM_sk_new(type, cmp) \ - ((STACK_OF(type) *)sk_new(CHECKED_SK_CMP_FUNC(type, cmp))) -#define SKM_sk_new_null(type) \ - ((STACK_OF(type) *)sk_new_null()) -#define SKM_sk_free(type, st) \ - sk_free(CHECKED_STACK_OF(type, st)) -#define SKM_sk_num(type, st) \ - sk_num(CHECKED_STACK_OF(type, st)) -#define SKM_sk_value(type, st,i) \ - ((type *)sk_value(CHECKED_STACK_OF(type, st), i)) -#define SKM_sk_set(type, st,i,val) \ - sk_set(CHECKED_STACK_OF(type, st), i, CHECKED_PTR_OF(type, val)) -#define SKM_sk_zero(type, st) \ - sk_zero(CHECKED_STACK_OF(type, st)) -#define SKM_sk_push(type, st, val) \ - sk_push(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val)) -#define SKM_sk_unshift(type, st, val) \ - sk_unshift(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val)) -#define SKM_sk_find(type, st, val) \ - sk_find(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val)) -#define SKM_sk_find_ex(type, st, val) \ - sk_find_ex(CHECKED_STACK_OF(type, st), \ - CHECKED_PTR_OF(type, val)) -#define SKM_sk_delete(type, st, i) \ - (type *)sk_delete(CHECKED_STACK_OF(type, st), i) -#define SKM_sk_delete_ptr(type, st, ptr) \ - (type *)sk_delete_ptr(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, ptr)) -#define SKM_sk_insert(type, st,val, i) \ - sk_insert(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val), i) -#define SKM_sk_set_cmp_func(type, st, cmp) \ - ((int (*)(const type * const *,const type * const *)) \ - sk_set_cmp_func(CHECKED_STACK_OF(type, st), CHECKED_SK_CMP_FUNC(type, cmp))) -#define SKM_sk_dup(type, st) \ - (STACK_OF(type) *)sk_dup(CHECKED_STACK_OF(type, st)) -#define SKM_sk_pop_free(type, st, free_func) \ - sk_pop_free(CHECKED_STACK_OF(type, st), CHECKED_SK_FREE_FUNC(type, free_func)) -#define SKM_sk_shift(type, st) \ - (type *)sk_shift(CHECKED_STACK_OF(type, st)) -#define SKM_sk_pop(type, st) \ - (type *)sk_pop(CHECKED_STACK_OF(type, st)) -#define SKM_sk_sort(type, st) \ - sk_sort(CHECKED_STACK_OF(type, st)) -#define SKM_sk_is_sorted(type, st) \ - sk_is_sorted(CHECKED_STACK_OF(type, st)) - -#define sk_ACCESS_DESCRIPTION_new(cmp) SKM_sk_new(ACCESS_DESCRIPTION, (cmp)) -#define sk_ACCESS_DESCRIPTION_new_null() SKM_sk_new_null(ACCESS_DESCRIPTION) -#define sk_ACCESS_DESCRIPTION_free(st) SKM_sk_free(ACCESS_DESCRIPTION, (st)) -#define sk_ACCESS_DESCRIPTION_num(st) SKM_sk_num(ACCESS_DESCRIPTION, (st)) -#define sk_ACCESS_DESCRIPTION_value(st, i) SKM_sk_value(ACCESS_DESCRIPTION, (st), (i)) -#define sk_ACCESS_DESCRIPTION_set(st, i, val) SKM_sk_set(ACCESS_DESCRIPTION, (st), (i), (val)) -#define sk_ACCESS_DESCRIPTION_zero(st) SKM_sk_zero(ACCESS_DESCRIPTION, (st)) -#define sk_ACCESS_DESCRIPTION_push(st, val) SKM_sk_push(ACCESS_DESCRIPTION, (st), (val)) -#define sk_ACCESS_DESCRIPTION_unshift(st, val) SKM_sk_unshift(ACCESS_DESCRIPTION, (st), (val)) -#define sk_ACCESS_DESCRIPTION_find(st, val) SKM_sk_find(ACCESS_DESCRIPTION, (st), (val)) -#define sk_ACCESS_DESCRIPTION_find_ex(st, val) SKM_sk_find_ex(ACCESS_DESCRIPTION, (st), (val)) -#define sk_ACCESS_DESCRIPTION_delete(st, i) SKM_sk_delete(ACCESS_DESCRIPTION, (st), (i)) -#define sk_ACCESS_DESCRIPTION_delete_ptr(st, ptr) SKM_sk_delete_ptr(ACCESS_DESCRIPTION, (st), (ptr)) -#define sk_ACCESS_DESCRIPTION_insert(st, val, i) SKM_sk_insert(ACCESS_DESCRIPTION, (st), (val), (i)) -#define sk_ACCESS_DESCRIPTION_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ACCESS_DESCRIPTION, (st), (cmp)) -#define sk_ACCESS_DESCRIPTION_dup(st) SKM_sk_dup(ACCESS_DESCRIPTION, st) -#define sk_ACCESS_DESCRIPTION_pop_free(st, free_func) SKM_sk_pop_free(ACCESS_DESCRIPTION, (st), (free_func)) -#define sk_ACCESS_DESCRIPTION_shift(st) SKM_sk_shift(ACCESS_DESCRIPTION, (st)) -#define sk_ACCESS_DESCRIPTION_pop(st) SKM_sk_pop(ACCESS_DESCRIPTION, (st)) -#define sk_ACCESS_DESCRIPTION_sort(st) SKM_sk_sort(ACCESS_DESCRIPTION, (st)) -#define sk_ACCESS_DESCRIPTION_is_sorted(st) SKM_sk_is_sorted(ACCESS_DESCRIPTION, (st)) - -#define sk_ASIdOrRange_new(cmp) SKM_sk_new(ASIdOrRange, (cmp)) -#define sk_ASIdOrRange_new_null() SKM_sk_new_null(ASIdOrRange) -#define sk_ASIdOrRange_free(st) SKM_sk_free(ASIdOrRange, (st)) -#define sk_ASIdOrRange_num(st) SKM_sk_num(ASIdOrRange, (st)) -#define sk_ASIdOrRange_value(st, i) SKM_sk_value(ASIdOrRange, (st), (i)) -#define sk_ASIdOrRange_set(st, i, val) SKM_sk_set(ASIdOrRange, (st), (i), (val)) -#define sk_ASIdOrRange_zero(st) SKM_sk_zero(ASIdOrRange, (st)) -#define sk_ASIdOrRange_push(st, val) SKM_sk_push(ASIdOrRange, (st), (val)) -#define sk_ASIdOrRange_unshift(st, val) SKM_sk_unshift(ASIdOrRange, (st), (val)) -#define sk_ASIdOrRange_find(st, val) SKM_sk_find(ASIdOrRange, (st), (val)) -#define sk_ASIdOrRange_find_ex(st, val) SKM_sk_find_ex(ASIdOrRange, (st), (val)) -#define sk_ASIdOrRange_delete(st, i) SKM_sk_delete(ASIdOrRange, (st), (i)) -#define sk_ASIdOrRange_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASIdOrRange, (st), (ptr)) -#define sk_ASIdOrRange_insert(st, val, i) SKM_sk_insert(ASIdOrRange, (st), (val), (i)) -#define sk_ASIdOrRange_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASIdOrRange, (st), (cmp)) -#define sk_ASIdOrRange_dup(st) SKM_sk_dup(ASIdOrRange, st) -#define sk_ASIdOrRange_pop_free(st, free_func) SKM_sk_pop_free(ASIdOrRange, (st), (free_func)) -#define sk_ASIdOrRange_shift(st) SKM_sk_shift(ASIdOrRange, (st)) -#define sk_ASIdOrRange_pop(st) SKM_sk_pop(ASIdOrRange, (st)) -#define sk_ASIdOrRange_sort(st) SKM_sk_sort(ASIdOrRange, (st)) -#define sk_ASIdOrRange_is_sorted(st) SKM_sk_is_sorted(ASIdOrRange, (st)) - -#define sk_ASN1_GENERALSTRING_new(cmp) SKM_sk_new(ASN1_GENERALSTRING, (cmp)) -#define sk_ASN1_GENERALSTRING_new_null() SKM_sk_new_null(ASN1_GENERALSTRING) -#define sk_ASN1_GENERALSTRING_free(st) SKM_sk_free(ASN1_GENERALSTRING, (st)) -#define sk_ASN1_GENERALSTRING_num(st) SKM_sk_num(ASN1_GENERALSTRING, (st)) -#define sk_ASN1_GENERALSTRING_value(st, i) SKM_sk_value(ASN1_GENERALSTRING, (st), (i)) -#define sk_ASN1_GENERALSTRING_set(st, i, val) SKM_sk_set(ASN1_GENERALSTRING, (st), (i), (val)) -#define sk_ASN1_GENERALSTRING_zero(st) SKM_sk_zero(ASN1_GENERALSTRING, (st)) -#define sk_ASN1_GENERALSTRING_push(st, val) SKM_sk_push(ASN1_GENERALSTRING, (st), (val)) -#define sk_ASN1_GENERALSTRING_unshift(st, val) SKM_sk_unshift(ASN1_GENERALSTRING, (st), (val)) -#define sk_ASN1_GENERALSTRING_find(st, val) SKM_sk_find(ASN1_GENERALSTRING, (st), (val)) -#define sk_ASN1_GENERALSTRING_find_ex(st, val) SKM_sk_find_ex(ASN1_GENERALSTRING, (st), (val)) -#define sk_ASN1_GENERALSTRING_delete(st, i) SKM_sk_delete(ASN1_GENERALSTRING, (st), (i)) -#define sk_ASN1_GENERALSTRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_GENERALSTRING, (st), (ptr)) -#define sk_ASN1_GENERALSTRING_insert(st, val, i) SKM_sk_insert(ASN1_GENERALSTRING, (st), (val), (i)) -#define sk_ASN1_GENERALSTRING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_GENERALSTRING, (st), (cmp)) -#define sk_ASN1_GENERALSTRING_dup(st) SKM_sk_dup(ASN1_GENERALSTRING, st) -#define sk_ASN1_GENERALSTRING_pop_free(st, free_func) SKM_sk_pop_free(ASN1_GENERALSTRING, (st), (free_func)) -#define sk_ASN1_GENERALSTRING_shift(st) SKM_sk_shift(ASN1_GENERALSTRING, (st)) -#define sk_ASN1_GENERALSTRING_pop(st) SKM_sk_pop(ASN1_GENERALSTRING, (st)) -#define sk_ASN1_GENERALSTRING_sort(st) SKM_sk_sort(ASN1_GENERALSTRING, (st)) -#define sk_ASN1_GENERALSTRING_is_sorted(st) SKM_sk_is_sorted(ASN1_GENERALSTRING, (st)) - -#define sk_ASN1_INTEGER_new(cmp) SKM_sk_new(ASN1_INTEGER, (cmp)) -#define sk_ASN1_INTEGER_new_null() SKM_sk_new_null(ASN1_INTEGER) -#define sk_ASN1_INTEGER_free(st) SKM_sk_free(ASN1_INTEGER, (st)) -#define sk_ASN1_INTEGER_num(st) SKM_sk_num(ASN1_INTEGER, (st)) -#define sk_ASN1_INTEGER_value(st, i) SKM_sk_value(ASN1_INTEGER, (st), (i)) -#define sk_ASN1_INTEGER_set(st, i, val) SKM_sk_set(ASN1_INTEGER, (st), (i), (val)) -#define sk_ASN1_INTEGER_zero(st) SKM_sk_zero(ASN1_INTEGER, (st)) -#define sk_ASN1_INTEGER_push(st, val) SKM_sk_push(ASN1_INTEGER, (st), (val)) -#define sk_ASN1_INTEGER_unshift(st, val) SKM_sk_unshift(ASN1_INTEGER, (st), (val)) -#define sk_ASN1_INTEGER_find(st, val) SKM_sk_find(ASN1_INTEGER, (st), (val)) -#define sk_ASN1_INTEGER_find_ex(st, val) SKM_sk_find_ex(ASN1_INTEGER, (st), (val)) -#define sk_ASN1_INTEGER_delete(st, i) SKM_sk_delete(ASN1_INTEGER, (st), (i)) -#define sk_ASN1_INTEGER_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_INTEGER, (st), (ptr)) -#define sk_ASN1_INTEGER_insert(st, val, i) SKM_sk_insert(ASN1_INTEGER, (st), (val), (i)) -#define sk_ASN1_INTEGER_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_INTEGER, (st), (cmp)) -#define sk_ASN1_INTEGER_dup(st) SKM_sk_dup(ASN1_INTEGER, st) -#define sk_ASN1_INTEGER_pop_free(st, free_func) SKM_sk_pop_free(ASN1_INTEGER, (st), (free_func)) -#define sk_ASN1_INTEGER_shift(st) SKM_sk_shift(ASN1_INTEGER, (st)) -#define sk_ASN1_INTEGER_pop(st) SKM_sk_pop(ASN1_INTEGER, (st)) -#define sk_ASN1_INTEGER_sort(st) SKM_sk_sort(ASN1_INTEGER, (st)) -#define sk_ASN1_INTEGER_is_sorted(st) SKM_sk_is_sorted(ASN1_INTEGER, (st)) - -#define sk_ASN1_OBJECT_new(cmp) SKM_sk_new(ASN1_OBJECT, (cmp)) -#define sk_ASN1_OBJECT_new_null() SKM_sk_new_null(ASN1_OBJECT) -#define sk_ASN1_OBJECT_free(st) SKM_sk_free(ASN1_OBJECT, (st)) -#define sk_ASN1_OBJECT_num(st) SKM_sk_num(ASN1_OBJECT, (st)) -#define sk_ASN1_OBJECT_value(st, i) SKM_sk_value(ASN1_OBJECT, (st), (i)) -#define sk_ASN1_OBJECT_set(st, i, val) SKM_sk_set(ASN1_OBJECT, (st), (i), (val)) -#define sk_ASN1_OBJECT_zero(st) SKM_sk_zero(ASN1_OBJECT, (st)) -#define sk_ASN1_OBJECT_push(st, val) SKM_sk_push(ASN1_OBJECT, (st), (val)) -#define sk_ASN1_OBJECT_unshift(st, val) SKM_sk_unshift(ASN1_OBJECT, (st), (val)) -#define sk_ASN1_OBJECT_find(st, val) SKM_sk_find(ASN1_OBJECT, (st), (val)) -#define sk_ASN1_OBJECT_find_ex(st, val) SKM_sk_find_ex(ASN1_OBJECT, (st), (val)) -#define sk_ASN1_OBJECT_delete(st, i) SKM_sk_delete(ASN1_OBJECT, (st), (i)) -#define sk_ASN1_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_OBJECT, (st), (ptr)) -#define sk_ASN1_OBJECT_insert(st, val, i) SKM_sk_insert(ASN1_OBJECT, (st), (val), (i)) -#define sk_ASN1_OBJECT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_OBJECT, (st), (cmp)) -#define sk_ASN1_OBJECT_dup(st) SKM_sk_dup(ASN1_OBJECT, st) -#define sk_ASN1_OBJECT_pop_free(st, free_func) SKM_sk_pop_free(ASN1_OBJECT, (st), (free_func)) -#define sk_ASN1_OBJECT_shift(st) SKM_sk_shift(ASN1_OBJECT, (st)) -#define sk_ASN1_OBJECT_pop(st) SKM_sk_pop(ASN1_OBJECT, (st)) -#define sk_ASN1_OBJECT_sort(st) SKM_sk_sort(ASN1_OBJECT, (st)) -#define sk_ASN1_OBJECT_is_sorted(st) SKM_sk_is_sorted(ASN1_OBJECT, (st)) - -#define sk_ASN1_STRING_TABLE_new(cmp) SKM_sk_new(ASN1_STRING_TABLE, (cmp)) -#define sk_ASN1_STRING_TABLE_new_null() SKM_sk_new_null(ASN1_STRING_TABLE) -#define sk_ASN1_STRING_TABLE_free(st) SKM_sk_free(ASN1_STRING_TABLE, (st)) -#define sk_ASN1_STRING_TABLE_num(st) SKM_sk_num(ASN1_STRING_TABLE, (st)) -#define sk_ASN1_STRING_TABLE_value(st, i) SKM_sk_value(ASN1_STRING_TABLE, (st), (i)) -#define sk_ASN1_STRING_TABLE_set(st, i, val) SKM_sk_set(ASN1_STRING_TABLE, (st), (i), (val)) -#define sk_ASN1_STRING_TABLE_zero(st) SKM_sk_zero(ASN1_STRING_TABLE, (st)) -#define sk_ASN1_STRING_TABLE_push(st, val) SKM_sk_push(ASN1_STRING_TABLE, (st), (val)) -#define sk_ASN1_STRING_TABLE_unshift(st, val) SKM_sk_unshift(ASN1_STRING_TABLE, (st), (val)) -#define sk_ASN1_STRING_TABLE_find(st, val) SKM_sk_find(ASN1_STRING_TABLE, (st), (val)) -#define sk_ASN1_STRING_TABLE_find_ex(st, val) SKM_sk_find_ex(ASN1_STRING_TABLE, (st), (val)) -#define sk_ASN1_STRING_TABLE_delete(st, i) SKM_sk_delete(ASN1_STRING_TABLE, (st), (i)) -#define sk_ASN1_STRING_TABLE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_STRING_TABLE, (st), (ptr)) -#define sk_ASN1_STRING_TABLE_insert(st, val, i) SKM_sk_insert(ASN1_STRING_TABLE, (st), (val), (i)) -#define sk_ASN1_STRING_TABLE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_STRING_TABLE, (st), (cmp)) -#define sk_ASN1_STRING_TABLE_dup(st) SKM_sk_dup(ASN1_STRING_TABLE, st) -#define sk_ASN1_STRING_TABLE_pop_free(st, free_func) SKM_sk_pop_free(ASN1_STRING_TABLE, (st), (free_func)) -#define sk_ASN1_STRING_TABLE_shift(st) SKM_sk_shift(ASN1_STRING_TABLE, (st)) -#define sk_ASN1_STRING_TABLE_pop(st) SKM_sk_pop(ASN1_STRING_TABLE, (st)) -#define sk_ASN1_STRING_TABLE_sort(st) SKM_sk_sort(ASN1_STRING_TABLE, (st)) -#define sk_ASN1_STRING_TABLE_is_sorted(st) SKM_sk_is_sorted(ASN1_STRING_TABLE, (st)) - -#define sk_ASN1_TYPE_new(cmp) SKM_sk_new(ASN1_TYPE, (cmp)) -#define sk_ASN1_TYPE_new_null() SKM_sk_new_null(ASN1_TYPE) -#define sk_ASN1_TYPE_free(st) SKM_sk_free(ASN1_TYPE, (st)) -#define sk_ASN1_TYPE_num(st) SKM_sk_num(ASN1_TYPE, (st)) -#define sk_ASN1_TYPE_value(st, i) SKM_sk_value(ASN1_TYPE, (st), (i)) -#define sk_ASN1_TYPE_set(st, i, val) SKM_sk_set(ASN1_TYPE, (st), (i), (val)) -#define sk_ASN1_TYPE_zero(st) SKM_sk_zero(ASN1_TYPE, (st)) -#define sk_ASN1_TYPE_push(st, val) SKM_sk_push(ASN1_TYPE, (st), (val)) -#define sk_ASN1_TYPE_unshift(st, val) SKM_sk_unshift(ASN1_TYPE, (st), (val)) -#define sk_ASN1_TYPE_find(st, val) SKM_sk_find(ASN1_TYPE, (st), (val)) -#define sk_ASN1_TYPE_find_ex(st, val) SKM_sk_find_ex(ASN1_TYPE, (st), (val)) -#define sk_ASN1_TYPE_delete(st, i) SKM_sk_delete(ASN1_TYPE, (st), (i)) -#define sk_ASN1_TYPE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_TYPE, (st), (ptr)) -#define sk_ASN1_TYPE_insert(st, val, i) SKM_sk_insert(ASN1_TYPE, (st), (val), (i)) -#define sk_ASN1_TYPE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_TYPE, (st), (cmp)) -#define sk_ASN1_TYPE_dup(st) SKM_sk_dup(ASN1_TYPE, st) -#define sk_ASN1_TYPE_pop_free(st, free_func) SKM_sk_pop_free(ASN1_TYPE, (st), (free_func)) -#define sk_ASN1_TYPE_shift(st) SKM_sk_shift(ASN1_TYPE, (st)) -#define sk_ASN1_TYPE_pop(st) SKM_sk_pop(ASN1_TYPE, (st)) -#define sk_ASN1_TYPE_sort(st) SKM_sk_sort(ASN1_TYPE, (st)) -#define sk_ASN1_TYPE_is_sorted(st) SKM_sk_is_sorted(ASN1_TYPE, (st)) - -#define sk_ASN1_UTF8STRING_new(cmp) SKM_sk_new(ASN1_UTF8STRING, (cmp)) -#define sk_ASN1_UTF8STRING_new_null() SKM_sk_new_null(ASN1_UTF8STRING) -#define sk_ASN1_UTF8STRING_free(st) SKM_sk_free(ASN1_UTF8STRING, (st)) -#define sk_ASN1_UTF8STRING_num(st) SKM_sk_num(ASN1_UTF8STRING, (st)) -#define sk_ASN1_UTF8STRING_value(st, i) SKM_sk_value(ASN1_UTF8STRING, (st), (i)) -#define sk_ASN1_UTF8STRING_set(st, i, val) SKM_sk_set(ASN1_UTF8STRING, (st), (i), (val)) -#define sk_ASN1_UTF8STRING_zero(st) SKM_sk_zero(ASN1_UTF8STRING, (st)) -#define sk_ASN1_UTF8STRING_push(st, val) SKM_sk_push(ASN1_UTF8STRING, (st), (val)) -#define sk_ASN1_UTF8STRING_unshift(st, val) SKM_sk_unshift(ASN1_UTF8STRING, (st), (val)) -#define sk_ASN1_UTF8STRING_find(st, val) SKM_sk_find(ASN1_UTF8STRING, (st), (val)) -#define sk_ASN1_UTF8STRING_find_ex(st, val) SKM_sk_find_ex(ASN1_UTF8STRING, (st), (val)) -#define sk_ASN1_UTF8STRING_delete(st, i) SKM_sk_delete(ASN1_UTF8STRING, (st), (i)) -#define sk_ASN1_UTF8STRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_UTF8STRING, (st), (ptr)) -#define sk_ASN1_UTF8STRING_insert(st, val, i) SKM_sk_insert(ASN1_UTF8STRING, (st), (val), (i)) -#define sk_ASN1_UTF8STRING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_UTF8STRING, (st), (cmp)) -#define sk_ASN1_UTF8STRING_dup(st) SKM_sk_dup(ASN1_UTF8STRING, st) -#define sk_ASN1_UTF8STRING_pop_free(st, free_func) SKM_sk_pop_free(ASN1_UTF8STRING, (st), (free_func)) -#define sk_ASN1_UTF8STRING_shift(st) SKM_sk_shift(ASN1_UTF8STRING, (st)) -#define sk_ASN1_UTF8STRING_pop(st) SKM_sk_pop(ASN1_UTF8STRING, (st)) -#define sk_ASN1_UTF8STRING_sort(st) SKM_sk_sort(ASN1_UTF8STRING, (st)) -#define sk_ASN1_UTF8STRING_is_sorted(st) SKM_sk_is_sorted(ASN1_UTF8STRING, (st)) - -#define sk_ASN1_VALUE_new(cmp) SKM_sk_new(ASN1_VALUE, (cmp)) -#define sk_ASN1_VALUE_new_null() SKM_sk_new_null(ASN1_VALUE) -#define sk_ASN1_VALUE_free(st) SKM_sk_free(ASN1_VALUE, (st)) -#define sk_ASN1_VALUE_num(st) SKM_sk_num(ASN1_VALUE, (st)) -#define sk_ASN1_VALUE_value(st, i) SKM_sk_value(ASN1_VALUE, (st), (i)) -#define sk_ASN1_VALUE_set(st, i, val) SKM_sk_set(ASN1_VALUE, (st), (i), (val)) -#define sk_ASN1_VALUE_zero(st) SKM_sk_zero(ASN1_VALUE, (st)) -#define sk_ASN1_VALUE_push(st, val) SKM_sk_push(ASN1_VALUE, (st), (val)) -#define sk_ASN1_VALUE_unshift(st, val) SKM_sk_unshift(ASN1_VALUE, (st), (val)) -#define sk_ASN1_VALUE_find(st, val) SKM_sk_find(ASN1_VALUE, (st), (val)) -#define sk_ASN1_VALUE_find_ex(st, val) SKM_sk_find_ex(ASN1_VALUE, (st), (val)) -#define sk_ASN1_VALUE_delete(st, i) SKM_sk_delete(ASN1_VALUE, (st), (i)) -#define sk_ASN1_VALUE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_VALUE, (st), (ptr)) -#define sk_ASN1_VALUE_insert(st, val, i) SKM_sk_insert(ASN1_VALUE, (st), (val), (i)) -#define sk_ASN1_VALUE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_VALUE, (st), (cmp)) -#define sk_ASN1_VALUE_dup(st) SKM_sk_dup(ASN1_VALUE, st) -#define sk_ASN1_VALUE_pop_free(st, free_func) SKM_sk_pop_free(ASN1_VALUE, (st), (free_func)) -#define sk_ASN1_VALUE_shift(st) SKM_sk_shift(ASN1_VALUE, (st)) -#define sk_ASN1_VALUE_pop(st) SKM_sk_pop(ASN1_VALUE, (st)) -#define sk_ASN1_VALUE_sort(st) SKM_sk_sort(ASN1_VALUE, (st)) -#define sk_ASN1_VALUE_is_sorted(st) SKM_sk_is_sorted(ASN1_VALUE, (st)) - -#define sk_BIO_new(cmp) SKM_sk_new(BIO, (cmp)) -#define sk_BIO_new_null() SKM_sk_new_null(BIO) -#define sk_BIO_free(st) SKM_sk_free(BIO, (st)) -#define sk_BIO_num(st) SKM_sk_num(BIO, (st)) -#define sk_BIO_value(st, i) SKM_sk_value(BIO, (st), (i)) -#define sk_BIO_set(st, i, val) SKM_sk_set(BIO, (st), (i), (val)) -#define sk_BIO_zero(st) SKM_sk_zero(BIO, (st)) -#define sk_BIO_push(st, val) SKM_sk_push(BIO, (st), (val)) -#define sk_BIO_unshift(st, val) SKM_sk_unshift(BIO, (st), (val)) -#define sk_BIO_find(st, val) SKM_sk_find(BIO, (st), (val)) -#define sk_BIO_find_ex(st, val) SKM_sk_find_ex(BIO, (st), (val)) -#define sk_BIO_delete(st, i) SKM_sk_delete(BIO, (st), (i)) -#define sk_BIO_delete_ptr(st, ptr) SKM_sk_delete_ptr(BIO, (st), (ptr)) -#define sk_BIO_insert(st, val, i) SKM_sk_insert(BIO, (st), (val), (i)) -#define sk_BIO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(BIO, (st), (cmp)) -#define sk_BIO_dup(st) SKM_sk_dup(BIO, st) -#define sk_BIO_pop_free(st, free_func) SKM_sk_pop_free(BIO, (st), (free_func)) -#define sk_BIO_shift(st) SKM_sk_shift(BIO, (st)) -#define sk_BIO_pop(st) SKM_sk_pop(BIO, (st)) -#define sk_BIO_sort(st) SKM_sk_sort(BIO, (st)) -#define sk_BIO_is_sorted(st) SKM_sk_is_sorted(BIO, (st)) - -#define sk_BY_DIR_ENTRY_new(cmp) SKM_sk_new(BY_DIR_ENTRY, (cmp)) -#define sk_BY_DIR_ENTRY_new_null() SKM_sk_new_null(BY_DIR_ENTRY) -#define sk_BY_DIR_ENTRY_free(st) SKM_sk_free(BY_DIR_ENTRY, (st)) -#define sk_BY_DIR_ENTRY_num(st) SKM_sk_num(BY_DIR_ENTRY, (st)) -#define sk_BY_DIR_ENTRY_value(st, i) SKM_sk_value(BY_DIR_ENTRY, (st), (i)) -#define sk_BY_DIR_ENTRY_set(st, i, val) SKM_sk_set(BY_DIR_ENTRY, (st), (i), (val)) -#define sk_BY_DIR_ENTRY_zero(st) SKM_sk_zero(BY_DIR_ENTRY, (st)) -#define sk_BY_DIR_ENTRY_push(st, val) SKM_sk_push(BY_DIR_ENTRY, (st), (val)) -#define sk_BY_DIR_ENTRY_unshift(st, val) SKM_sk_unshift(BY_DIR_ENTRY, (st), (val)) -#define sk_BY_DIR_ENTRY_find(st, val) SKM_sk_find(BY_DIR_ENTRY, (st), (val)) -#define sk_BY_DIR_ENTRY_find_ex(st, val) SKM_sk_find_ex(BY_DIR_ENTRY, (st), (val)) -#define sk_BY_DIR_ENTRY_delete(st, i) SKM_sk_delete(BY_DIR_ENTRY, (st), (i)) -#define sk_BY_DIR_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(BY_DIR_ENTRY, (st), (ptr)) -#define sk_BY_DIR_ENTRY_insert(st, val, i) SKM_sk_insert(BY_DIR_ENTRY, (st), (val), (i)) -#define sk_BY_DIR_ENTRY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(BY_DIR_ENTRY, (st), (cmp)) -#define sk_BY_DIR_ENTRY_dup(st) SKM_sk_dup(BY_DIR_ENTRY, st) -#define sk_BY_DIR_ENTRY_pop_free(st, free_func) SKM_sk_pop_free(BY_DIR_ENTRY, (st), (free_func)) -#define sk_BY_DIR_ENTRY_shift(st) SKM_sk_shift(BY_DIR_ENTRY, (st)) -#define sk_BY_DIR_ENTRY_pop(st) SKM_sk_pop(BY_DIR_ENTRY, (st)) -#define sk_BY_DIR_ENTRY_sort(st) SKM_sk_sort(BY_DIR_ENTRY, (st)) -#define sk_BY_DIR_ENTRY_is_sorted(st) SKM_sk_is_sorted(BY_DIR_ENTRY, (st)) - -#define sk_BY_DIR_HASH_new(cmp) SKM_sk_new(BY_DIR_HASH, (cmp)) -#define sk_BY_DIR_HASH_new_null() SKM_sk_new_null(BY_DIR_HASH) -#define sk_BY_DIR_HASH_free(st) SKM_sk_free(BY_DIR_HASH, (st)) -#define sk_BY_DIR_HASH_num(st) SKM_sk_num(BY_DIR_HASH, (st)) -#define sk_BY_DIR_HASH_value(st, i) SKM_sk_value(BY_DIR_HASH, (st), (i)) -#define sk_BY_DIR_HASH_set(st, i, val) SKM_sk_set(BY_DIR_HASH, (st), (i), (val)) -#define sk_BY_DIR_HASH_zero(st) SKM_sk_zero(BY_DIR_HASH, (st)) -#define sk_BY_DIR_HASH_push(st, val) SKM_sk_push(BY_DIR_HASH, (st), (val)) -#define sk_BY_DIR_HASH_unshift(st, val) SKM_sk_unshift(BY_DIR_HASH, (st), (val)) -#define sk_BY_DIR_HASH_find(st, val) SKM_sk_find(BY_DIR_HASH, (st), (val)) -#define sk_BY_DIR_HASH_find_ex(st, val) SKM_sk_find_ex(BY_DIR_HASH, (st), (val)) -#define sk_BY_DIR_HASH_delete(st, i) SKM_sk_delete(BY_DIR_HASH, (st), (i)) -#define sk_BY_DIR_HASH_delete_ptr(st, ptr) SKM_sk_delete_ptr(BY_DIR_HASH, (st), (ptr)) -#define sk_BY_DIR_HASH_insert(st, val, i) SKM_sk_insert(BY_DIR_HASH, (st), (val), (i)) -#define sk_BY_DIR_HASH_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(BY_DIR_HASH, (st), (cmp)) -#define sk_BY_DIR_HASH_dup(st) SKM_sk_dup(BY_DIR_HASH, st) -#define sk_BY_DIR_HASH_pop_free(st, free_func) SKM_sk_pop_free(BY_DIR_HASH, (st), (free_func)) -#define sk_BY_DIR_HASH_shift(st) SKM_sk_shift(BY_DIR_HASH, (st)) -#define sk_BY_DIR_HASH_pop(st) SKM_sk_pop(BY_DIR_HASH, (st)) -#define sk_BY_DIR_HASH_sort(st) SKM_sk_sort(BY_DIR_HASH, (st)) -#define sk_BY_DIR_HASH_is_sorted(st) SKM_sk_is_sorted(BY_DIR_HASH, (st)) - -#define sk_CMS_CertificateChoices_new(cmp) SKM_sk_new(CMS_CertificateChoices, (cmp)) -#define sk_CMS_CertificateChoices_new_null() SKM_sk_new_null(CMS_CertificateChoices) -#define sk_CMS_CertificateChoices_free(st) SKM_sk_free(CMS_CertificateChoices, (st)) -#define sk_CMS_CertificateChoices_num(st) SKM_sk_num(CMS_CertificateChoices, (st)) -#define sk_CMS_CertificateChoices_value(st, i) SKM_sk_value(CMS_CertificateChoices, (st), (i)) -#define sk_CMS_CertificateChoices_set(st, i, val) SKM_sk_set(CMS_CertificateChoices, (st), (i), (val)) -#define sk_CMS_CertificateChoices_zero(st) SKM_sk_zero(CMS_CertificateChoices, (st)) -#define sk_CMS_CertificateChoices_push(st, val) SKM_sk_push(CMS_CertificateChoices, (st), (val)) -#define sk_CMS_CertificateChoices_unshift(st, val) SKM_sk_unshift(CMS_CertificateChoices, (st), (val)) -#define sk_CMS_CertificateChoices_find(st, val) SKM_sk_find(CMS_CertificateChoices, (st), (val)) -#define sk_CMS_CertificateChoices_find_ex(st, val) SKM_sk_find_ex(CMS_CertificateChoices, (st), (val)) -#define sk_CMS_CertificateChoices_delete(st, i) SKM_sk_delete(CMS_CertificateChoices, (st), (i)) -#define sk_CMS_CertificateChoices_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_CertificateChoices, (st), (ptr)) -#define sk_CMS_CertificateChoices_insert(st, val, i) SKM_sk_insert(CMS_CertificateChoices, (st), (val), (i)) -#define sk_CMS_CertificateChoices_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_CertificateChoices, (st), (cmp)) -#define sk_CMS_CertificateChoices_dup(st) SKM_sk_dup(CMS_CertificateChoices, st) -#define sk_CMS_CertificateChoices_pop_free(st, free_func) SKM_sk_pop_free(CMS_CertificateChoices, (st), (free_func)) -#define sk_CMS_CertificateChoices_shift(st) SKM_sk_shift(CMS_CertificateChoices, (st)) -#define sk_CMS_CertificateChoices_pop(st) SKM_sk_pop(CMS_CertificateChoices, (st)) -#define sk_CMS_CertificateChoices_sort(st) SKM_sk_sort(CMS_CertificateChoices, (st)) -#define sk_CMS_CertificateChoices_is_sorted(st) SKM_sk_is_sorted(CMS_CertificateChoices, (st)) - -#define sk_CMS_RecipientEncryptedKey_new(cmp) SKM_sk_new(CMS_RecipientEncryptedKey, (cmp)) -#define sk_CMS_RecipientEncryptedKey_new_null() SKM_sk_new_null(CMS_RecipientEncryptedKey) -#define sk_CMS_RecipientEncryptedKey_free(st) SKM_sk_free(CMS_RecipientEncryptedKey, (st)) -#define sk_CMS_RecipientEncryptedKey_num(st) SKM_sk_num(CMS_RecipientEncryptedKey, (st)) -#define sk_CMS_RecipientEncryptedKey_value(st, i) SKM_sk_value(CMS_RecipientEncryptedKey, (st), (i)) -#define sk_CMS_RecipientEncryptedKey_set(st, i, val) SKM_sk_set(CMS_RecipientEncryptedKey, (st), (i), (val)) -#define sk_CMS_RecipientEncryptedKey_zero(st) SKM_sk_zero(CMS_RecipientEncryptedKey, (st)) -#define sk_CMS_RecipientEncryptedKey_push(st, val) SKM_sk_push(CMS_RecipientEncryptedKey, (st), (val)) -#define sk_CMS_RecipientEncryptedKey_unshift(st, val) SKM_sk_unshift(CMS_RecipientEncryptedKey, (st), (val)) -#define sk_CMS_RecipientEncryptedKey_find(st, val) SKM_sk_find(CMS_RecipientEncryptedKey, (st), (val)) -#define sk_CMS_RecipientEncryptedKey_find_ex(st, val) SKM_sk_find_ex(CMS_RecipientEncryptedKey, (st), (val)) -#define sk_CMS_RecipientEncryptedKey_delete(st, i) SKM_sk_delete(CMS_RecipientEncryptedKey, (st), (i)) -#define sk_CMS_RecipientEncryptedKey_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_RecipientEncryptedKey, (st), (ptr)) -#define sk_CMS_RecipientEncryptedKey_insert(st, val, i) SKM_sk_insert(CMS_RecipientEncryptedKey, (st), (val), (i)) -#define sk_CMS_RecipientEncryptedKey_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_RecipientEncryptedKey, (st), (cmp)) -#define sk_CMS_RecipientEncryptedKey_dup(st) SKM_sk_dup(CMS_RecipientEncryptedKey, st) -#define sk_CMS_RecipientEncryptedKey_pop_free(st, free_func) SKM_sk_pop_free(CMS_RecipientEncryptedKey, (st), (free_func)) -#define sk_CMS_RecipientEncryptedKey_shift(st) SKM_sk_shift(CMS_RecipientEncryptedKey, (st)) -#define sk_CMS_RecipientEncryptedKey_pop(st) SKM_sk_pop(CMS_RecipientEncryptedKey, (st)) -#define sk_CMS_RecipientEncryptedKey_sort(st) SKM_sk_sort(CMS_RecipientEncryptedKey, (st)) -#define sk_CMS_RecipientEncryptedKey_is_sorted(st) SKM_sk_is_sorted(CMS_RecipientEncryptedKey, (st)) - -#define sk_CMS_RecipientInfo_new(cmp) SKM_sk_new(CMS_RecipientInfo, (cmp)) -#define sk_CMS_RecipientInfo_new_null() SKM_sk_new_null(CMS_RecipientInfo) -#define sk_CMS_RecipientInfo_free(st) SKM_sk_free(CMS_RecipientInfo, (st)) -#define sk_CMS_RecipientInfo_num(st) SKM_sk_num(CMS_RecipientInfo, (st)) -#define sk_CMS_RecipientInfo_value(st, i) SKM_sk_value(CMS_RecipientInfo, (st), (i)) -#define sk_CMS_RecipientInfo_set(st, i, val) SKM_sk_set(CMS_RecipientInfo, (st), (i), (val)) -#define sk_CMS_RecipientInfo_zero(st) SKM_sk_zero(CMS_RecipientInfo, (st)) -#define sk_CMS_RecipientInfo_push(st, val) SKM_sk_push(CMS_RecipientInfo, (st), (val)) -#define sk_CMS_RecipientInfo_unshift(st, val) SKM_sk_unshift(CMS_RecipientInfo, (st), (val)) -#define sk_CMS_RecipientInfo_find(st, val) SKM_sk_find(CMS_RecipientInfo, (st), (val)) -#define sk_CMS_RecipientInfo_find_ex(st, val) SKM_sk_find_ex(CMS_RecipientInfo, (st), (val)) -#define sk_CMS_RecipientInfo_delete(st, i) SKM_sk_delete(CMS_RecipientInfo, (st), (i)) -#define sk_CMS_RecipientInfo_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_RecipientInfo, (st), (ptr)) -#define sk_CMS_RecipientInfo_insert(st, val, i) SKM_sk_insert(CMS_RecipientInfo, (st), (val), (i)) -#define sk_CMS_RecipientInfo_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_RecipientInfo, (st), (cmp)) -#define sk_CMS_RecipientInfo_dup(st) SKM_sk_dup(CMS_RecipientInfo, st) -#define sk_CMS_RecipientInfo_pop_free(st, free_func) SKM_sk_pop_free(CMS_RecipientInfo, (st), (free_func)) -#define sk_CMS_RecipientInfo_shift(st) SKM_sk_shift(CMS_RecipientInfo, (st)) -#define sk_CMS_RecipientInfo_pop(st) SKM_sk_pop(CMS_RecipientInfo, (st)) -#define sk_CMS_RecipientInfo_sort(st) SKM_sk_sort(CMS_RecipientInfo, (st)) -#define sk_CMS_RecipientInfo_is_sorted(st) SKM_sk_is_sorted(CMS_RecipientInfo, (st)) - -#define sk_CMS_RevocationInfoChoice_new(cmp) SKM_sk_new(CMS_RevocationInfoChoice, (cmp)) -#define sk_CMS_RevocationInfoChoice_new_null() SKM_sk_new_null(CMS_RevocationInfoChoice) -#define sk_CMS_RevocationInfoChoice_free(st) SKM_sk_free(CMS_RevocationInfoChoice, (st)) -#define sk_CMS_RevocationInfoChoice_num(st) SKM_sk_num(CMS_RevocationInfoChoice, (st)) -#define sk_CMS_RevocationInfoChoice_value(st, i) SKM_sk_value(CMS_RevocationInfoChoice, (st), (i)) -#define sk_CMS_RevocationInfoChoice_set(st, i, val) SKM_sk_set(CMS_RevocationInfoChoice, (st), (i), (val)) -#define sk_CMS_RevocationInfoChoice_zero(st) SKM_sk_zero(CMS_RevocationInfoChoice, (st)) -#define sk_CMS_RevocationInfoChoice_push(st, val) SKM_sk_push(CMS_RevocationInfoChoice, (st), (val)) -#define sk_CMS_RevocationInfoChoice_unshift(st, val) SKM_sk_unshift(CMS_RevocationInfoChoice, (st), (val)) -#define sk_CMS_RevocationInfoChoice_find(st, val) SKM_sk_find(CMS_RevocationInfoChoice, (st), (val)) -#define sk_CMS_RevocationInfoChoice_find_ex(st, val) SKM_sk_find_ex(CMS_RevocationInfoChoice, (st), (val)) -#define sk_CMS_RevocationInfoChoice_delete(st, i) SKM_sk_delete(CMS_RevocationInfoChoice, (st), (i)) -#define sk_CMS_RevocationInfoChoice_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_RevocationInfoChoice, (st), (ptr)) -#define sk_CMS_RevocationInfoChoice_insert(st, val, i) SKM_sk_insert(CMS_RevocationInfoChoice, (st), (val), (i)) -#define sk_CMS_RevocationInfoChoice_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_RevocationInfoChoice, (st), (cmp)) -#define sk_CMS_RevocationInfoChoice_dup(st) SKM_sk_dup(CMS_RevocationInfoChoice, st) -#define sk_CMS_RevocationInfoChoice_pop_free(st, free_func) SKM_sk_pop_free(CMS_RevocationInfoChoice, (st), (free_func)) -#define sk_CMS_RevocationInfoChoice_shift(st) SKM_sk_shift(CMS_RevocationInfoChoice, (st)) -#define sk_CMS_RevocationInfoChoice_pop(st) SKM_sk_pop(CMS_RevocationInfoChoice, (st)) -#define sk_CMS_RevocationInfoChoice_sort(st) SKM_sk_sort(CMS_RevocationInfoChoice, (st)) -#define sk_CMS_RevocationInfoChoice_is_sorted(st) SKM_sk_is_sorted(CMS_RevocationInfoChoice, (st)) - -#define sk_CMS_SignerInfo_new(cmp) SKM_sk_new(CMS_SignerInfo, (cmp)) -#define sk_CMS_SignerInfo_new_null() SKM_sk_new_null(CMS_SignerInfo) -#define sk_CMS_SignerInfo_free(st) SKM_sk_free(CMS_SignerInfo, (st)) -#define sk_CMS_SignerInfo_num(st) SKM_sk_num(CMS_SignerInfo, (st)) -#define sk_CMS_SignerInfo_value(st, i) SKM_sk_value(CMS_SignerInfo, (st), (i)) -#define sk_CMS_SignerInfo_set(st, i, val) SKM_sk_set(CMS_SignerInfo, (st), (i), (val)) -#define sk_CMS_SignerInfo_zero(st) SKM_sk_zero(CMS_SignerInfo, (st)) -#define sk_CMS_SignerInfo_push(st, val) SKM_sk_push(CMS_SignerInfo, (st), (val)) -#define sk_CMS_SignerInfo_unshift(st, val) SKM_sk_unshift(CMS_SignerInfo, (st), (val)) -#define sk_CMS_SignerInfo_find(st, val) SKM_sk_find(CMS_SignerInfo, (st), (val)) -#define sk_CMS_SignerInfo_find_ex(st, val) SKM_sk_find_ex(CMS_SignerInfo, (st), (val)) -#define sk_CMS_SignerInfo_delete(st, i) SKM_sk_delete(CMS_SignerInfo, (st), (i)) -#define sk_CMS_SignerInfo_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_SignerInfo, (st), (ptr)) -#define sk_CMS_SignerInfo_insert(st, val, i) SKM_sk_insert(CMS_SignerInfo, (st), (val), (i)) -#define sk_CMS_SignerInfo_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_SignerInfo, (st), (cmp)) -#define sk_CMS_SignerInfo_dup(st) SKM_sk_dup(CMS_SignerInfo, st) -#define sk_CMS_SignerInfo_pop_free(st, free_func) SKM_sk_pop_free(CMS_SignerInfo, (st), (free_func)) -#define sk_CMS_SignerInfo_shift(st) SKM_sk_shift(CMS_SignerInfo, (st)) -#define sk_CMS_SignerInfo_pop(st) SKM_sk_pop(CMS_SignerInfo, (st)) -#define sk_CMS_SignerInfo_sort(st) SKM_sk_sort(CMS_SignerInfo, (st)) -#define sk_CMS_SignerInfo_is_sorted(st) SKM_sk_is_sorted(CMS_SignerInfo, (st)) - -#define sk_CONF_IMODULE_new(cmp) SKM_sk_new(CONF_IMODULE, (cmp)) -#define sk_CONF_IMODULE_new_null() SKM_sk_new_null(CONF_IMODULE) -#define sk_CONF_IMODULE_free(st) SKM_sk_free(CONF_IMODULE, (st)) -#define sk_CONF_IMODULE_num(st) SKM_sk_num(CONF_IMODULE, (st)) -#define sk_CONF_IMODULE_value(st, i) SKM_sk_value(CONF_IMODULE, (st), (i)) -#define sk_CONF_IMODULE_set(st, i, val) SKM_sk_set(CONF_IMODULE, (st), (i), (val)) -#define sk_CONF_IMODULE_zero(st) SKM_sk_zero(CONF_IMODULE, (st)) -#define sk_CONF_IMODULE_push(st, val) SKM_sk_push(CONF_IMODULE, (st), (val)) -#define sk_CONF_IMODULE_unshift(st, val) SKM_sk_unshift(CONF_IMODULE, (st), (val)) -#define sk_CONF_IMODULE_find(st, val) SKM_sk_find(CONF_IMODULE, (st), (val)) -#define sk_CONF_IMODULE_find_ex(st, val) SKM_sk_find_ex(CONF_IMODULE, (st), (val)) -#define sk_CONF_IMODULE_delete(st, i) SKM_sk_delete(CONF_IMODULE, (st), (i)) -#define sk_CONF_IMODULE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_IMODULE, (st), (ptr)) -#define sk_CONF_IMODULE_insert(st, val, i) SKM_sk_insert(CONF_IMODULE, (st), (val), (i)) -#define sk_CONF_IMODULE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CONF_IMODULE, (st), (cmp)) -#define sk_CONF_IMODULE_dup(st) SKM_sk_dup(CONF_IMODULE, st) -#define sk_CONF_IMODULE_pop_free(st, free_func) SKM_sk_pop_free(CONF_IMODULE, (st), (free_func)) -#define sk_CONF_IMODULE_shift(st) SKM_sk_shift(CONF_IMODULE, (st)) -#define sk_CONF_IMODULE_pop(st) SKM_sk_pop(CONF_IMODULE, (st)) -#define sk_CONF_IMODULE_sort(st) SKM_sk_sort(CONF_IMODULE, (st)) -#define sk_CONF_IMODULE_is_sorted(st) SKM_sk_is_sorted(CONF_IMODULE, (st)) - -#define sk_CONF_MODULE_new(cmp) SKM_sk_new(CONF_MODULE, (cmp)) -#define sk_CONF_MODULE_new_null() SKM_sk_new_null(CONF_MODULE) -#define sk_CONF_MODULE_free(st) SKM_sk_free(CONF_MODULE, (st)) -#define sk_CONF_MODULE_num(st) SKM_sk_num(CONF_MODULE, (st)) -#define sk_CONF_MODULE_value(st, i) SKM_sk_value(CONF_MODULE, (st), (i)) -#define sk_CONF_MODULE_set(st, i, val) SKM_sk_set(CONF_MODULE, (st), (i), (val)) -#define sk_CONF_MODULE_zero(st) SKM_sk_zero(CONF_MODULE, (st)) -#define sk_CONF_MODULE_push(st, val) SKM_sk_push(CONF_MODULE, (st), (val)) -#define sk_CONF_MODULE_unshift(st, val) SKM_sk_unshift(CONF_MODULE, (st), (val)) -#define sk_CONF_MODULE_find(st, val) SKM_sk_find(CONF_MODULE, (st), (val)) -#define sk_CONF_MODULE_find_ex(st, val) SKM_sk_find_ex(CONF_MODULE, (st), (val)) -#define sk_CONF_MODULE_delete(st, i) SKM_sk_delete(CONF_MODULE, (st), (i)) -#define sk_CONF_MODULE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_MODULE, (st), (ptr)) -#define sk_CONF_MODULE_insert(st, val, i) SKM_sk_insert(CONF_MODULE, (st), (val), (i)) -#define sk_CONF_MODULE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CONF_MODULE, (st), (cmp)) -#define sk_CONF_MODULE_dup(st) SKM_sk_dup(CONF_MODULE, st) -#define sk_CONF_MODULE_pop_free(st, free_func) SKM_sk_pop_free(CONF_MODULE, (st), (free_func)) -#define sk_CONF_MODULE_shift(st) SKM_sk_shift(CONF_MODULE, (st)) -#define sk_CONF_MODULE_pop(st) SKM_sk_pop(CONF_MODULE, (st)) -#define sk_CONF_MODULE_sort(st) SKM_sk_sort(CONF_MODULE, (st)) -#define sk_CONF_MODULE_is_sorted(st) SKM_sk_is_sorted(CONF_MODULE, (st)) - -#define sk_CONF_VALUE_new(cmp) SKM_sk_new(CONF_VALUE, (cmp)) -#define sk_CONF_VALUE_new_null() SKM_sk_new_null(CONF_VALUE) -#define sk_CONF_VALUE_free(st) SKM_sk_free(CONF_VALUE, (st)) -#define sk_CONF_VALUE_num(st) SKM_sk_num(CONF_VALUE, (st)) -#define sk_CONF_VALUE_value(st, i) SKM_sk_value(CONF_VALUE, (st), (i)) -#define sk_CONF_VALUE_set(st, i, val) SKM_sk_set(CONF_VALUE, (st), (i), (val)) -#define sk_CONF_VALUE_zero(st) SKM_sk_zero(CONF_VALUE, (st)) -#define sk_CONF_VALUE_push(st, val) SKM_sk_push(CONF_VALUE, (st), (val)) -#define sk_CONF_VALUE_unshift(st, val) SKM_sk_unshift(CONF_VALUE, (st), (val)) -#define sk_CONF_VALUE_find(st, val) SKM_sk_find(CONF_VALUE, (st), (val)) -#define sk_CONF_VALUE_find_ex(st, val) SKM_sk_find_ex(CONF_VALUE, (st), (val)) -#define sk_CONF_VALUE_delete(st, i) SKM_sk_delete(CONF_VALUE, (st), (i)) -#define sk_CONF_VALUE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_VALUE, (st), (ptr)) -#define sk_CONF_VALUE_insert(st, val, i) SKM_sk_insert(CONF_VALUE, (st), (val), (i)) -#define sk_CONF_VALUE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CONF_VALUE, (st), (cmp)) -#define sk_CONF_VALUE_dup(st) SKM_sk_dup(CONF_VALUE, st) -#define sk_CONF_VALUE_pop_free(st, free_func) SKM_sk_pop_free(CONF_VALUE, (st), (free_func)) -#define sk_CONF_VALUE_shift(st) SKM_sk_shift(CONF_VALUE, (st)) -#define sk_CONF_VALUE_pop(st) SKM_sk_pop(CONF_VALUE, (st)) -#define sk_CONF_VALUE_sort(st) SKM_sk_sort(CONF_VALUE, (st)) -#define sk_CONF_VALUE_is_sorted(st) SKM_sk_is_sorted(CONF_VALUE, (st)) - -#define sk_CRYPTO_EX_DATA_FUNCS_new(cmp) SKM_sk_new(CRYPTO_EX_DATA_FUNCS, (cmp)) -#define sk_CRYPTO_EX_DATA_FUNCS_new_null() SKM_sk_new_null(CRYPTO_EX_DATA_FUNCS) -#define sk_CRYPTO_EX_DATA_FUNCS_free(st) SKM_sk_free(CRYPTO_EX_DATA_FUNCS, (st)) -#define sk_CRYPTO_EX_DATA_FUNCS_num(st) SKM_sk_num(CRYPTO_EX_DATA_FUNCS, (st)) -#define sk_CRYPTO_EX_DATA_FUNCS_value(st, i) SKM_sk_value(CRYPTO_EX_DATA_FUNCS, (st), (i)) -#define sk_CRYPTO_EX_DATA_FUNCS_set(st, i, val) SKM_sk_set(CRYPTO_EX_DATA_FUNCS, (st), (i), (val)) -#define sk_CRYPTO_EX_DATA_FUNCS_zero(st) SKM_sk_zero(CRYPTO_EX_DATA_FUNCS, (st)) -#define sk_CRYPTO_EX_DATA_FUNCS_push(st, val) SKM_sk_push(CRYPTO_EX_DATA_FUNCS, (st), (val)) -#define sk_CRYPTO_EX_DATA_FUNCS_unshift(st, val) SKM_sk_unshift(CRYPTO_EX_DATA_FUNCS, (st), (val)) -#define sk_CRYPTO_EX_DATA_FUNCS_find(st, val) SKM_sk_find(CRYPTO_EX_DATA_FUNCS, (st), (val)) -#define sk_CRYPTO_EX_DATA_FUNCS_find_ex(st, val) SKM_sk_find_ex(CRYPTO_EX_DATA_FUNCS, (st), (val)) -#define sk_CRYPTO_EX_DATA_FUNCS_delete(st, i) SKM_sk_delete(CRYPTO_EX_DATA_FUNCS, (st), (i)) -#define sk_CRYPTO_EX_DATA_FUNCS_delete_ptr(st, ptr) SKM_sk_delete_ptr(CRYPTO_EX_DATA_FUNCS, (st), (ptr)) -#define sk_CRYPTO_EX_DATA_FUNCS_insert(st, val, i) SKM_sk_insert(CRYPTO_EX_DATA_FUNCS, (st), (val), (i)) -#define sk_CRYPTO_EX_DATA_FUNCS_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CRYPTO_EX_DATA_FUNCS, (st), (cmp)) -#define sk_CRYPTO_EX_DATA_FUNCS_dup(st) SKM_sk_dup(CRYPTO_EX_DATA_FUNCS, st) -#define sk_CRYPTO_EX_DATA_FUNCS_pop_free(st, free_func) SKM_sk_pop_free(CRYPTO_EX_DATA_FUNCS, (st), (free_func)) -#define sk_CRYPTO_EX_DATA_FUNCS_shift(st) SKM_sk_shift(CRYPTO_EX_DATA_FUNCS, (st)) -#define sk_CRYPTO_EX_DATA_FUNCS_pop(st) SKM_sk_pop(CRYPTO_EX_DATA_FUNCS, (st)) -#define sk_CRYPTO_EX_DATA_FUNCS_sort(st) SKM_sk_sort(CRYPTO_EX_DATA_FUNCS, (st)) -#define sk_CRYPTO_EX_DATA_FUNCS_is_sorted(st) SKM_sk_is_sorted(CRYPTO_EX_DATA_FUNCS, (st)) - -#define sk_CRYPTO_dynlock_new(cmp) SKM_sk_new(CRYPTO_dynlock, (cmp)) -#define sk_CRYPTO_dynlock_new_null() SKM_sk_new_null(CRYPTO_dynlock) -#define sk_CRYPTO_dynlock_free(st) SKM_sk_free(CRYPTO_dynlock, (st)) -#define sk_CRYPTO_dynlock_num(st) SKM_sk_num(CRYPTO_dynlock, (st)) -#define sk_CRYPTO_dynlock_value(st, i) SKM_sk_value(CRYPTO_dynlock, (st), (i)) -#define sk_CRYPTO_dynlock_set(st, i, val) SKM_sk_set(CRYPTO_dynlock, (st), (i), (val)) -#define sk_CRYPTO_dynlock_zero(st) SKM_sk_zero(CRYPTO_dynlock, (st)) -#define sk_CRYPTO_dynlock_push(st, val) SKM_sk_push(CRYPTO_dynlock, (st), (val)) -#define sk_CRYPTO_dynlock_unshift(st, val) SKM_sk_unshift(CRYPTO_dynlock, (st), (val)) -#define sk_CRYPTO_dynlock_find(st, val) SKM_sk_find(CRYPTO_dynlock, (st), (val)) -#define sk_CRYPTO_dynlock_find_ex(st, val) SKM_sk_find_ex(CRYPTO_dynlock, (st), (val)) -#define sk_CRYPTO_dynlock_delete(st, i) SKM_sk_delete(CRYPTO_dynlock, (st), (i)) -#define sk_CRYPTO_dynlock_delete_ptr(st, ptr) SKM_sk_delete_ptr(CRYPTO_dynlock, (st), (ptr)) -#define sk_CRYPTO_dynlock_insert(st, val, i) SKM_sk_insert(CRYPTO_dynlock, (st), (val), (i)) -#define sk_CRYPTO_dynlock_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CRYPTO_dynlock, (st), (cmp)) -#define sk_CRYPTO_dynlock_dup(st) SKM_sk_dup(CRYPTO_dynlock, st) -#define sk_CRYPTO_dynlock_pop_free(st, free_func) SKM_sk_pop_free(CRYPTO_dynlock, (st), (free_func)) -#define sk_CRYPTO_dynlock_shift(st) SKM_sk_shift(CRYPTO_dynlock, (st)) -#define sk_CRYPTO_dynlock_pop(st) SKM_sk_pop(CRYPTO_dynlock, (st)) -#define sk_CRYPTO_dynlock_sort(st) SKM_sk_sort(CRYPTO_dynlock, (st)) -#define sk_CRYPTO_dynlock_is_sorted(st) SKM_sk_is_sorted(CRYPTO_dynlock, (st)) - -#define sk_DIST_POINT_new(cmp) SKM_sk_new(DIST_POINT, (cmp)) -#define sk_DIST_POINT_new_null() SKM_sk_new_null(DIST_POINT) -#define sk_DIST_POINT_free(st) SKM_sk_free(DIST_POINT, (st)) -#define sk_DIST_POINT_num(st) SKM_sk_num(DIST_POINT, (st)) -#define sk_DIST_POINT_value(st, i) SKM_sk_value(DIST_POINT, (st), (i)) -#define sk_DIST_POINT_set(st, i, val) SKM_sk_set(DIST_POINT, (st), (i), (val)) -#define sk_DIST_POINT_zero(st) SKM_sk_zero(DIST_POINT, (st)) -#define sk_DIST_POINT_push(st, val) SKM_sk_push(DIST_POINT, (st), (val)) -#define sk_DIST_POINT_unshift(st, val) SKM_sk_unshift(DIST_POINT, (st), (val)) -#define sk_DIST_POINT_find(st, val) SKM_sk_find(DIST_POINT, (st), (val)) -#define sk_DIST_POINT_find_ex(st, val) SKM_sk_find_ex(DIST_POINT, (st), (val)) -#define sk_DIST_POINT_delete(st, i) SKM_sk_delete(DIST_POINT, (st), (i)) -#define sk_DIST_POINT_delete_ptr(st, ptr) SKM_sk_delete_ptr(DIST_POINT, (st), (ptr)) -#define sk_DIST_POINT_insert(st, val, i) SKM_sk_insert(DIST_POINT, (st), (val), (i)) -#define sk_DIST_POINT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(DIST_POINT, (st), (cmp)) -#define sk_DIST_POINT_dup(st) SKM_sk_dup(DIST_POINT, st) -#define sk_DIST_POINT_pop_free(st, free_func) SKM_sk_pop_free(DIST_POINT, (st), (free_func)) -#define sk_DIST_POINT_shift(st) SKM_sk_shift(DIST_POINT, (st)) -#define sk_DIST_POINT_pop(st) SKM_sk_pop(DIST_POINT, (st)) -#define sk_DIST_POINT_sort(st) SKM_sk_sort(DIST_POINT, (st)) -#define sk_DIST_POINT_is_sorted(st) SKM_sk_is_sorted(DIST_POINT, (st)) - -#define sk_ENGINE_new(cmp) SKM_sk_new(ENGINE, (cmp)) -#define sk_ENGINE_new_null() SKM_sk_new_null(ENGINE) -#define sk_ENGINE_free(st) SKM_sk_free(ENGINE, (st)) -#define sk_ENGINE_num(st) SKM_sk_num(ENGINE, (st)) -#define sk_ENGINE_value(st, i) SKM_sk_value(ENGINE, (st), (i)) -#define sk_ENGINE_set(st, i, val) SKM_sk_set(ENGINE, (st), (i), (val)) -#define sk_ENGINE_zero(st) SKM_sk_zero(ENGINE, (st)) -#define sk_ENGINE_push(st, val) SKM_sk_push(ENGINE, (st), (val)) -#define sk_ENGINE_unshift(st, val) SKM_sk_unshift(ENGINE, (st), (val)) -#define sk_ENGINE_find(st, val) SKM_sk_find(ENGINE, (st), (val)) -#define sk_ENGINE_find_ex(st, val) SKM_sk_find_ex(ENGINE, (st), (val)) -#define sk_ENGINE_delete(st, i) SKM_sk_delete(ENGINE, (st), (i)) -#define sk_ENGINE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ENGINE, (st), (ptr)) -#define sk_ENGINE_insert(st, val, i) SKM_sk_insert(ENGINE, (st), (val), (i)) -#define sk_ENGINE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ENGINE, (st), (cmp)) -#define sk_ENGINE_dup(st) SKM_sk_dup(ENGINE, st) -#define sk_ENGINE_pop_free(st, free_func) SKM_sk_pop_free(ENGINE, (st), (free_func)) -#define sk_ENGINE_shift(st) SKM_sk_shift(ENGINE, (st)) -#define sk_ENGINE_pop(st) SKM_sk_pop(ENGINE, (st)) -#define sk_ENGINE_sort(st) SKM_sk_sort(ENGINE, (st)) -#define sk_ENGINE_is_sorted(st) SKM_sk_is_sorted(ENGINE, (st)) - -#define sk_ENGINE_CLEANUP_ITEM_new(cmp) SKM_sk_new(ENGINE_CLEANUP_ITEM, (cmp)) -#define sk_ENGINE_CLEANUP_ITEM_new_null() SKM_sk_new_null(ENGINE_CLEANUP_ITEM) -#define sk_ENGINE_CLEANUP_ITEM_free(st) SKM_sk_free(ENGINE_CLEANUP_ITEM, (st)) -#define sk_ENGINE_CLEANUP_ITEM_num(st) SKM_sk_num(ENGINE_CLEANUP_ITEM, (st)) -#define sk_ENGINE_CLEANUP_ITEM_value(st, i) SKM_sk_value(ENGINE_CLEANUP_ITEM, (st), (i)) -#define sk_ENGINE_CLEANUP_ITEM_set(st, i, val) SKM_sk_set(ENGINE_CLEANUP_ITEM, (st), (i), (val)) -#define sk_ENGINE_CLEANUP_ITEM_zero(st) SKM_sk_zero(ENGINE_CLEANUP_ITEM, (st)) -#define sk_ENGINE_CLEANUP_ITEM_push(st, val) SKM_sk_push(ENGINE_CLEANUP_ITEM, (st), (val)) -#define sk_ENGINE_CLEANUP_ITEM_unshift(st, val) SKM_sk_unshift(ENGINE_CLEANUP_ITEM, (st), (val)) -#define sk_ENGINE_CLEANUP_ITEM_find(st, val) SKM_sk_find(ENGINE_CLEANUP_ITEM, (st), (val)) -#define sk_ENGINE_CLEANUP_ITEM_find_ex(st, val) SKM_sk_find_ex(ENGINE_CLEANUP_ITEM, (st), (val)) -#define sk_ENGINE_CLEANUP_ITEM_delete(st, i) SKM_sk_delete(ENGINE_CLEANUP_ITEM, (st), (i)) -#define sk_ENGINE_CLEANUP_ITEM_delete_ptr(st, ptr) SKM_sk_delete_ptr(ENGINE_CLEANUP_ITEM, (st), (ptr)) -#define sk_ENGINE_CLEANUP_ITEM_insert(st, val, i) SKM_sk_insert(ENGINE_CLEANUP_ITEM, (st), (val), (i)) -#define sk_ENGINE_CLEANUP_ITEM_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ENGINE_CLEANUP_ITEM, (st), (cmp)) -#define sk_ENGINE_CLEANUP_ITEM_dup(st) SKM_sk_dup(ENGINE_CLEANUP_ITEM, st) -#define sk_ENGINE_CLEANUP_ITEM_pop_free(st, free_func) SKM_sk_pop_free(ENGINE_CLEANUP_ITEM, (st), (free_func)) -#define sk_ENGINE_CLEANUP_ITEM_shift(st) SKM_sk_shift(ENGINE_CLEANUP_ITEM, (st)) -#define sk_ENGINE_CLEANUP_ITEM_pop(st) SKM_sk_pop(ENGINE_CLEANUP_ITEM, (st)) -#define sk_ENGINE_CLEANUP_ITEM_sort(st) SKM_sk_sort(ENGINE_CLEANUP_ITEM, (st)) -#define sk_ENGINE_CLEANUP_ITEM_is_sorted(st) SKM_sk_is_sorted(ENGINE_CLEANUP_ITEM, (st)) - -#define sk_ESS_CERT_ID_new(cmp) SKM_sk_new(ESS_CERT_ID, (cmp)) -#define sk_ESS_CERT_ID_new_null() SKM_sk_new_null(ESS_CERT_ID) -#define sk_ESS_CERT_ID_free(st) SKM_sk_free(ESS_CERT_ID, (st)) -#define sk_ESS_CERT_ID_num(st) SKM_sk_num(ESS_CERT_ID, (st)) -#define sk_ESS_CERT_ID_value(st, i) SKM_sk_value(ESS_CERT_ID, (st), (i)) -#define sk_ESS_CERT_ID_set(st, i, val) SKM_sk_set(ESS_CERT_ID, (st), (i), (val)) -#define sk_ESS_CERT_ID_zero(st) SKM_sk_zero(ESS_CERT_ID, (st)) -#define sk_ESS_CERT_ID_push(st, val) SKM_sk_push(ESS_CERT_ID, (st), (val)) -#define sk_ESS_CERT_ID_unshift(st, val) SKM_sk_unshift(ESS_CERT_ID, (st), (val)) -#define sk_ESS_CERT_ID_find(st, val) SKM_sk_find(ESS_CERT_ID, (st), (val)) -#define sk_ESS_CERT_ID_find_ex(st, val) SKM_sk_find_ex(ESS_CERT_ID, (st), (val)) -#define sk_ESS_CERT_ID_delete(st, i) SKM_sk_delete(ESS_CERT_ID, (st), (i)) -#define sk_ESS_CERT_ID_delete_ptr(st, ptr) SKM_sk_delete_ptr(ESS_CERT_ID, (st), (ptr)) -#define sk_ESS_CERT_ID_insert(st, val, i) SKM_sk_insert(ESS_CERT_ID, (st), (val), (i)) -#define sk_ESS_CERT_ID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ESS_CERT_ID, (st), (cmp)) -#define sk_ESS_CERT_ID_dup(st) SKM_sk_dup(ESS_CERT_ID, st) -#define sk_ESS_CERT_ID_pop_free(st, free_func) SKM_sk_pop_free(ESS_CERT_ID, (st), (free_func)) -#define sk_ESS_CERT_ID_shift(st) SKM_sk_shift(ESS_CERT_ID, (st)) -#define sk_ESS_CERT_ID_pop(st) SKM_sk_pop(ESS_CERT_ID, (st)) -#define sk_ESS_CERT_ID_sort(st) SKM_sk_sort(ESS_CERT_ID, (st)) -#define sk_ESS_CERT_ID_is_sorted(st) SKM_sk_is_sorted(ESS_CERT_ID, (st)) - -#define sk_EVP_MD_new(cmp) SKM_sk_new(EVP_MD, (cmp)) -#define sk_EVP_MD_new_null() SKM_sk_new_null(EVP_MD) -#define sk_EVP_MD_free(st) SKM_sk_free(EVP_MD, (st)) -#define sk_EVP_MD_num(st) SKM_sk_num(EVP_MD, (st)) -#define sk_EVP_MD_value(st, i) SKM_sk_value(EVP_MD, (st), (i)) -#define sk_EVP_MD_set(st, i, val) SKM_sk_set(EVP_MD, (st), (i), (val)) -#define sk_EVP_MD_zero(st) SKM_sk_zero(EVP_MD, (st)) -#define sk_EVP_MD_push(st, val) SKM_sk_push(EVP_MD, (st), (val)) -#define sk_EVP_MD_unshift(st, val) SKM_sk_unshift(EVP_MD, (st), (val)) -#define sk_EVP_MD_find(st, val) SKM_sk_find(EVP_MD, (st), (val)) -#define sk_EVP_MD_find_ex(st, val) SKM_sk_find_ex(EVP_MD, (st), (val)) -#define sk_EVP_MD_delete(st, i) SKM_sk_delete(EVP_MD, (st), (i)) -#define sk_EVP_MD_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_MD, (st), (ptr)) -#define sk_EVP_MD_insert(st, val, i) SKM_sk_insert(EVP_MD, (st), (val), (i)) -#define sk_EVP_MD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_MD, (st), (cmp)) -#define sk_EVP_MD_dup(st) SKM_sk_dup(EVP_MD, st) -#define sk_EVP_MD_pop_free(st, free_func) SKM_sk_pop_free(EVP_MD, (st), (free_func)) -#define sk_EVP_MD_shift(st) SKM_sk_shift(EVP_MD, (st)) -#define sk_EVP_MD_pop(st) SKM_sk_pop(EVP_MD, (st)) -#define sk_EVP_MD_sort(st) SKM_sk_sort(EVP_MD, (st)) -#define sk_EVP_MD_is_sorted(st) SKM_sk_is_sorted(EVP_MD, (st)) - -#define sk_EVP_PBE_CTL_new(cmp) SKM_sk_new(EVP_PBE_CTL, (cmp)) -#define sk_EVP_PBE_CTL_new_null() SKM_sk_new_null(EVP_PBE_CTL) -#define sk_EVP_PBE_CTL_free(st) SKM_sk_free(EVP_PBE_CTL, (st)) -#define sk_EVP_PBE_CTL_num(st) SKM_sk_num(EVP_PBE_CTL, (st)) -#define sk_EVP_PBE_CTL_value(st, i) SKM_sk_value(EVP_PBE_CTL, (st), (i)) -#define sk_EVP_PBE_CTL_set(st, i, val) SKM_sk_set(EVP_PBE_CTL, (st), (i), (val)) -#define sk_EVP_PBE_CTL_zero(st) SKM_sk_zero(EVP_PBE_CTL, (st)) -#define sk_EVP_PBE_CTL_push(st, val) SKM_sk_push(EVP_PBE_CTL, (st), (val)) -#define sk_EVP_PBE_CTL_unshift(st, val) SKM_sk_unshift(EVP_PBE_CTL, (st), (val)) -#define sk_EVP_PBE_CTL_find(st, val) SKM_sk_find(EVP_PBE_CTL, (st), (val)) -#define sk_EVP_PBE_CTL_find_ex(st, val) SKM_sk_find_ex(EVP_PBE_CTL, (st), (val)) -#define sk_EVP_PBE_CTL_delete(st, i) SKM_sk_delete(EVP_PBE_CTL, (st), (i)) -#define sk_EVP_PBE_CTL_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_PBE_CTL, (st), (ptr)) -#define sk_EVP_PBE_CTL_insert(st, val, i) SKM_sk_insert(EVP_PBE_CTL, (st), (val), (i)) -#define sk_EVP_PBE_CTL_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_PBE_CTL, (st), (cmp)) -#define sk_EVP_PBE_CTL_dup(st) SKM_sk_dup(EVP_PBE_CTL, st) -#define sk_EVP_PBE_CTL_pop_free(st, free_func) SKM_sk_pop_free(EVP_PBE_CTL, (st), (free_func)) -#define sk_EVP_PBE_CTL_shift(st) SKM_sk_shift(EVP_PBE_CTL, (st)) -#define sk_EVP_PBE_CTL_pop(st) SKM_sk_pop(EVP_PBE_CTL, (st)) -#define sk_EVP_PBE_CTL_sort(st) SKM_sk_sort(EVP_PBE_CTL, (st)) -#define sk_EVP_PBE_CTL_is_sorted(st) SKM_sk_is_sorted(EVP_PBE_CTL, (st)) - -#define sk_EVP_PKEY_ASN1_METHOD_new(cmp) SKM_sk_new(EVP_PKEY_ASN1_METHOD, (cmp)) -#define sk_EVP_PKEY_ASN1_METHOD_new_null() SKM_sk_new_null(EVP_PKEY_ASN1_METHOD) -#define sk_EVP_PKEY_ASN1_METHOD_free(st) SKM_sk_free(EVP_PKEY_ASN1_METHOD, (st)) -#define sk_EVP_PKEY_ASN1_METHOD_num(st) SKM_sk_num(EVP_PKEY_ASN1_METHOD, (st)) -#define sk_EVP_PKEY_ASN1_METHOD_value(st, i) SKM_sk_value(EVP_PKEY_ASN1_METHOD, (st), (i)) -#define sk_EVP_PKEY_ASN1_METHOD_set(st, i, val) SKM_sk_set(EVP_PKEY_ASN1_METHOD, (st), (i), (val)) -#define sk_EVP_PKEY_ASN1_METHOD_zero(st) SKM_sk_zero(EVP_PKEY_ASN1_METHOD, (st)) -#define sk_EVP_PKEY_ASN1_METHOD_push(st, val) SKM_sk_push(EVP_PKEY_ASN1_METHOD, (st), (val)) -#define sk_EVP_PKEY_ASN1_METHOD_unshift(st, val) SKM_sk_unshift(EVP_PKEY_ASN1_METHOD, (st), (val)) -#define sk_EVP_PKEY_ASN1_METHOD_find(st, val) SKM_sk_find(EVP_PKEY_ASN1_METHOD, (st), (val)) -#define sk_EVP_PKEY_ASN1_METHOD_find_ex(st, val) SKM_sk_find_ex(EVP_PKEY_ASN1_METHOD, (st), (val)) -#define sk_EVP_PKEY_ASN1_METHOD_delete(st, i) SKM_sk_delete(EVP_PKEY_ASN1_METHOD, (st), (i)) -#define sk_EVP_PKEY_ASN1_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_PKEY_ASN1_METHOD, (st), (ptr)) -#define sk_EVP_PKEY_ASN1_METHOD_insert(st, val, i) SKM_sk_insert(EVP_PKEY_ASN1_METHOD, (st), (val), (i)) -#define sk_EVP_PKEY_ASN1_METHOD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_PKEY_ASN1_METHOD, (st), (cmp)) -#define sk_EVP_PKEY_ASN1_METHOD_dup(st) SKM_sk_dup(EVP_PKEY_ASN1_METHOD, st) -#define sk_EVP_PKEY_ASN1_METHOD_pop_free(st, free_func) SKM_sk_pop_free(EVP_PKEY_ASN1_METHOD, (st), (free_func)) -#define sk_EVP_PKEY_ASN1_METHOD_shift(st) SKM_sk_shift(EVP_PKEY_ASN1_METHOD, (st)) -#define sk_EVP_PKEY_ASN1_METHOD_pop(st) SKM_sk_pop(EVP_PKEY_ASN1_METHOD, (st)) -#define sk_EVP_PKEY_ASN1_METHOD_sort(st) SKM_sk_sort(EVP_PKEY_ASN1_METHOD, (st)) -#define sk_EVP_PKEY_ASN1_METHOD_is_sorted(st) SKM_sk_is_sorted(EVP_PKEY_ASN1_METHOD, (st)) - -#define sk_EVP_PKEY_METHOD_new(cmp) SKM_sk_new(EVP_PKEY_METHOD, (cmp)) -#define sk_EVP_PKEY_METHOD_new_null() SKM_sk_new_null(EVP_PKEY_METHOD) -#define sk_EVP_PKEY_METHOD_free(st) SKM_sk_free(EVP_PKEY_METHOD, (st)) -#define sk_EVP_PKEY_METHOD_num(st) SKM_sk_num(EVP_PKEY_METHOD, (st)) -#define sk_EVP_PKEY_METHOD_value(st, i) SKM_sk_value(EVP_PKEY_METHOD, (st), (i)) -#define sk_EVP_PKEY_METHOD_set(st, i, val) SKM_sk_set(EVP_PKEY_METHOD, (st), (i), (val)) -#define sk_EVP_PKEY_METHOD_zero(st) SKM_sk_zero(EVP_PKEY_METHOD, (st)) -#define sk_EVP_PKEY_METHOD_push(st, val) SKM_sk_push(EVP_PKEY_METHOD, (st), (val)) -#define sk_EVP_PKEY_METHOD_unshift(st, val) SKM_sk_unshift(EVP_PKEY_METHOD, (st), (val)) -#define sk_EVP_PKEY_METHOD_find(st, val) SKM_sk_find(EVP_PKEY_METHOD, (st), (val)) -#define sk_EVP_PKEY_METHOD_find_ex(st, val) SKM_sk_find_ex(EVP_PKEY_METHOD, (st), (val)) -#define sk_EVP_PKEY_METHOD_delete(st, i) SKM_sk_delete(EVP_PKEY_METHOD, (st), (i)) -#define sk_EVP_PKEY_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_PKEY_METHOD, (st), (ptr)) -#define sk_EVP_PKEY_METHOD_insert(st, val, i) SKM_sk_insert(EVP_PKEY_METHOD, (st), (val), (i)) -#define sk_EVP_PKEY_METHOD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_PKEY_METHOD, (st), (cmp)) -#define sk_EVP_PKEY_METHOD_dup(st) SKM_sk_dup(EVP_PKEY_METHOD, st) -#define sk_EVP_PKEY_METHOD_pop_free(st, free_func) SKM_sk_pop_free(EVP_PKEY_METHOD, (st), (free_func)) -#define sk_EVP_PKEY_METHOD_shift(st) SKM_sk_shift(EVP_PKEY_METHOD, (st)) -#define sk_EVP_PKEY_METHOD_pop(st) SKM_sk_pop(EVP_PKEY_METHOD, (st)) -#define sk_EVP_PKEY_METHOD_sort(st) SKM_sk_sort(EVP_PKEY_METHOD, (st)) -#define sk_EVP_PKEY_METHOD_is_sorted(st) SKM_sk_is_sorted(EVP_PKEY_METHOD, (st)) - -#define sk_GENERAL_NAME_new(cmp) SKM_sk_new(GENERAL_NAME, (cmp)) -#define sk_GENERAL_NAME_new_null() SKM_sk_new_null(GENERAL_NAME) -#define sk_GENERAL_NAME_free(st) SKM_sk_free(GENERAL_NAME, (st)) -#define sk_GENERAL_NAME_num(st) SKM_sk_num(GENERAL_NAME, (st)) -#define sk_GENERAL_NAME_value(st, i) SKM_sk_value(GENERAL_NAME, (st), (i)) -#define sk_GENERAL_NAME_set(st, i, val) SKM_sk_set(GENERAL_NAME, (st), (i), (val)) -#define sk_GENERAL_NAME_zero(st) SKM_sk_zero(GENERAL_NAME, (st)) -#define sk_GENERAL_NAME_push(st, val) SKM_sk_push(GENERAL_NAME, (st), (val)) -#define sk_GENERAL_NAME_unshift(st, val) SKM_sk_unshift(GENERAL_NAME, (st), (val)) -#define sk_GENERAL_NAME_find(st, val) SKM_sk_find(GENERAL_NAME, (st), (val)) -#define sk_GENERAL_NAME_find_ex(st, val) SKM_sk_find_ex(GENERAL_NAME, (st), (val)) -#define sk_GENERAL_NAME_delete(st, i) SKM_sk_delete(GENERAL_NAME, (st), (i)) -#define sk_GENERAL_NAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(GENERAL_NAME, (st), (ptr)) -#define sk_GENERAL_NAME_insert(st, val, i) SKM_sk_insert(GENERAL_NAME, (st), (val), (i)) -#define sk_GENERAL_NAME_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(GENERAL_NAME, (st), (cmp)) -#define sk_GENERAL_NAME_dup(st) SKM_sk_dup(GENERAL_NAME, st) -#define sk_GENERAL_NAME_pop_free(st, free_func) SKM_sk_pop_free(GENERAL_NAME, (st), (free_func)) -#define sk_GENERAL_NAME_shift(st) SKM_sk_shift(GENERAL_NAME, (st)) -#define sk_GENERAL_NAME_pop(st) SKM_sk_pop(GENERAL_NAME, (st)) -#define sk_GENERAL_NAME_sort(st) SKM_sk_sort(GENERAL_NAME, (st)) -#define sk_GENERAL_NAME_is_sorted(st) SKM_sk_is_sorted(GENERAL_NAME, (st)) - -#define sk_GENERAL_NAMES_new(cmp) SKM_sk_new(GENERAL_NAMES, (cmp)) -#define sk_GENERAL_NAMES_new_null() SKM_sk_new_null(GENERAL_NAMES) -#define sk_GENERAL_NAMES_free(st) SKM_sk_free(GENERAL_NAMES, (st)) -#define sk_GENERAL_NAMES_num(st) SKM_sk_num(GENERAL_NAMES, (st)) -#define sk_GENERAL_NAMES_value(st, i) SKM_sk_value(GENERAL_NAMES, (st), (i)) -#define sk_GENERAL_NAMES_set(st, i, val) SKM_sk_set(GENERAL_NAMES, (st), (i), (val)) -#define sk_GENERAL_NAMES_zero(st) SKM_sk_zero(GENERAL_NAMES, (st)) -#define sk_GENERAL_NAMES_push(st, val) SKM_sk_push(GENERAL_NAMES, (st), (val)) -#define sk_GENERAL_NAMES_unshift(st, val) SKM_sk_unshift(GENERAL_NAMES, (st), (val)) -#define sk_GENERAL_NAMES_find(st, val) SKM_sk_find(GENERAL_NAMES, (st), (val)) -#define sk_GENERAL_NAMES_find_ex(st, val) SKM_sk_find_ex(GENERAL_NAMES, (st), (val)) -#define sk_GENERAL_NAMES_delete(st, i) SKM_sk_delete(GENERAL_NAMES, (st), (i)) -#define sk_GENERAL_NAMES_delete_ptr(st, ptr) SKM_sk_delete_ptr(GENERAL_NAMES, (st), (ptr)) -#define sk_GENERAL_NAMES_insert(st, val, i) SKM_sk_insert(GENERAL_NAMES, (st), (val), (i)) -#define sk_GENERAL_NAMES_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(GENERAL_NAMES, (st), (cmp)) -#define sk_GENERAL_NAMES_dup(st) SKM_sk_dup(GENERAL_NAMES, st) -#define sk_GENERAL_NAMES_pop_free(st, free_func) SKM_sk_pop_free(GENERAL_NAMES, (st), (free_func)) -#define sk_GENERAL_NAMES_shift(st) SKM_sk_shift(GENERAL_NAMES, (st)) -#define sk_GENERAL_NAMES_pop(st) SKM_sk_pop(GENERAL_NAMES, (st)) -#define sk_GENERAL_NAMES_sort(st) SKM_sk_sort(GENERAL_NAMES, (st)) -#define sk_GENERAL_NAMES_is_sorted(st) SKM_sk_is_sorted(GENERAL_NAMES, (st)) - -#define sk_GENERAL_SUBTREE_new(cmp) SKM_sk_new(GENERAL_SUBTREE, (cmp)) -#define sk_GENERAL_SUBTREE_new_null() SKM_sk_new_null(GENERAL_SUBTREE) -#define sk_GENERAL_SUBTREE_free(st) SKM_sk_free(GENERAL_SUBTREE, (st)) -#define sk_GENERAL_SUBTREE_num(st) SKM_sk_num(GENERAL_SUBTREE, (st)) -#define sk_GENERAL_SUBTREE_value(st, i) SKM_sk_value(GENERAL_SUBTREE, (st), (i)) -#define sk_GENERAL_SUBTREE_set(st, i, val) SKM_sk_set(GENERAL_SUBTREE, (st), (i), (val)) -#define sk_GENERAL_SUBTREE_zero(st) SKM_sk_zero(GENERAL_SUBTREE, (st)) -#define sk_GENERAL_SUBTREE_push(st, val) SKM_sk_push(GENERAL_SUBTREE, (st), (val)) -#define sk_GENERAL_SUBTREE_unshift(st, val) SKM_sk_unshift(GENERAL_SUBTREE, (st), (val)) -#define sk_GENERAL_SUBTREE_find(st, val) SKM_sk_find(GENERAL_SUBTREE, (st), (val)) -#define sk_GENERAL_SUBTREE_find_ex(st, val) SKM_sk_find_ex(GENERAL_SUBTREE, (st), (val)) -#define sk_GENERAL_SUBTREE_delete(st, i) SKM_sk_delete(GENERAL_SUBTREE, (st), (i)) -#define sk_GENERAL_SUBTREE_delete_ptr(st, ptr) SKM_sk_delete_ptr(GENERAL_SUBTREE, (st), (ptr)) -#define sk_GENERAL_SUBTREE_insert(st, val, i) SKM_sk_insert(GENERAL_SUBTREE, (st), (val), (i)) -#define sk_GENERAL_SUBTREE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(GENERAL_SUBTREE, (st), (cmp)) -#define sk_GENERAL_SUBTREE_dup(st) SKM_sk_dup(GENERAL_SUBTREE, st) -#define sk_GENERAL_SUBTREE_pop_free(st, free_func) SKM_sk_pop_free(GENERAL_SUBTREE, (st), (free_func)) -#define sk_GENERAL_SUBTREE_shift(st) SKM_sk_shift(GENERAL_SUBTREE, (st)) -#define sk_GENERAL_SUBTREE_pop(st) SKM_sk_pop(GENERAL_SUBTREE, (st)) -#define sk_GENERAL_SUBTREE_sort(st) SKM_sk_sort(GENERAL_SUBTREE, (st)) -#define sk_GENERAL_SUBTREE_is_sorted(st) SKM_sk_is_sorted(GENERAL_SUBTREE, (st)) - -#define sk_IPAddressFamily_new(cmp) SKM_sk_new(IPAddressFamily, (cmp)) -#define sk_IPAddressFamily_new_null() SKM_sk_new_null(IPAddressFamily) -#define sk_IPAddressFamily_free(st) SKM_sk_free(IPAddressFamily, (st)) -#define sk_IPAddressFamily_num(st) SKM_sk_num(IPAddressFamily, (st)) -#define sk_IPAddressFamily_value(st, i) SKM_sk_value(IPAddressFamily, (st), (i)) -#define sk_IPAddressFamily_set(st, i, val) SKM_sk_set(IPAddressFamily, (st), (i), (val)) -#define sk_IPAddressFamily_zero(st) SKM_sk_zero(IPAddressFamily, (st)) -#define sk_IPAddressFamily_push(st, val) SKM_sk_push(IPAddressFamily, (st), (val)) -#define sk_IPAddressFamily_unshift(st, val) SKM_sk_unshift(IPAddressFamily, (st), (val)) -#define sk_IPAddressFamily_find(st, val) SKM_sk_find(IPAddressFamily, (st), (val)) -#define sk_IPAddressFamily_find_ex(st, val) SKM_sk_find_ex(IPAddressFamily, (st), (val)) -#define sk_IPAddressFamily_delete(st, i) SKM_sk_delete(IPAddressFamily, (st), (i)) -#define sk_IPAddressFamily_delete_ptr(st, ptr) SKM_sk_delete_ptr(IPAddressFamily, (st), (ptr)) -#define sk_IPAddressFamily_insert(st, val, i) SKM_sk_insert(IPAddressFamily, (st), (val), (i)) -#define sk_IPAddressFamily_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(IPAddressFamily, (st), (cmp)) -#define sk_IPAddressFamily_dup(st) SKM_sk_dup(IPAddressFamily, st) -#define sk_IPAddressFamily_pop_free(st, free_func) SKM_sk_pop_free(IPAddressFamily, (st), (free_func)) -#define sk_IPAddressFamily_shift(st) SKM_sk_shift(IPAddressFamily, (st)) -#define sk_IPAddressFamily_pop(st) SKM_sk_pop(IPAddressFamily, (st)) -#define sk_IPAddressFamily_sort(st) SKM_sk_sort(IPAddressFamily, (st)) -#define sk_IPAddressFamily_is_sorted(st) SKM_sk_is_sorted(IPAddressFamily, (st)) - -#define sk_IPAddressOrRange_new(cmp) SKM_sk_new(IPAddressOrRange, (cmp)) -#define sk_IPAddressOrRange_new_null() SKM_sk_new_null(IPAddressOrRange) -#define sk_IPAddressOrRange_free(st) SKM_sk_free(IPAddressOrRange, (st)) -#define sk_IPAddressOrRange_num(st) SKM_sk_num(IPAddressOrRange, (st)) -#define sk_IPAddressOrRange_value(st, i) SKM_sk_value(IPAddressOrRange, (st), (i)) -#define sk_IPAddressOrRange_set(st, i, val) SKM_sk_set(IPAddressOrRange, (st), (i), (val)) -#define sk_IPAddressOrRange_zero(st) SKM_sk_zero(IPAddressOrRange, (st)) -#define sk_IPAddressOrRange_push(st, val) SKM_sk_push(IPAddressOrRange, (st), (val)) -#define sk_IPAddressOrRange_unshift(st, val) SKM_sk_unshift(IPAddressOrRange, (st), (val)) -#define sk_IPAddressOrRange_find(st, val) SKM_sk_find(IPAddressOrRange, (st), (val)) -#define sk_IPAddressOrRange_find_ex(st, val) SKM_sk_find_ex(IPAddressOrRange, (st), (val)) -#define sk_IPAddressOrRange_delete(st, i) SKM_sk_delete(IPAddressOrRange, (st), (i)) -#define sk_IPAddressOrRange_delete_ptr(st, ptr) SKM_sk_delete_ptr(IPAddressOrRange, (st), (ptr)) -#define sk_IPAddressOrRange_insert(st, val, i) SKM_sk_insert(IPAddressOrRange, (st), (val), (i)) -#define sk_IPAddressOrRange_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(IPAddressOrRange, (st), (cmp)) -#define sk_IPAddressOrRange_dup(st) SKM_sk_dup(IPAddressOrRange, st) -#define sk_IPAddressOrRange_pop_free(st, free_func) SKM_sk_pop_free(IPAddressOrRange, (st), (free_func)) -#define sk_IPAddressOrRange_shift(st) SKM_sk_shift(IPAddressOrRange, (st)) -#define sk_IPAddressOrRange_pop(st) SKM_sk_pop(IPAddressOrRange, (st)) -#define sk_IPAddressOrRange_sort(st) SKM_sk_sort(IPAddressOrRange, (st)) -#define sk_IPAddressOrRange_is_sorted(st) SKM_sk_is_sorted(IPAddressOrRange, (st)) - -#define sk_MEM_OBJECT_DATA_new(cmp) SKM_sk_new(MEM_OBJECT_DATA, (cmp)) -#define sk_MEM_OBJECT_DATA_new_null() SKM_sk_new_null(MEM_OBJECT_DATA) -#define sk_MEM_OBJECT_DATA_free(st) SKM_sk_free(MEM_OBJECT_DATA, (st)) -#define sk_MEM_OBJECT_DATA_num(st) SKM_sk_num(MEM_OBJECT_DATA, (st)) -#define sk_MEM_OBJECT_DATA_value(st, i) SKM_sk_value(MEM_OBJECT_DATA, (st), (i)) -#define sk_MEM_OBJECT_DATA_set(st, i, val) SKM_sk_set(MEM_OBJECT_DATA, (st), (i), (val)) -#define sk_MEM_OBJECT_DATA_zero(st) SKM_sk_zero(MEM_OBJECT_DATA, (st)) -#define sk_MEM_OBJECT_DATA_push(st, val) SKM_sk_push(MEM_OBJECT_DATA, (st), (val)) -#define sk_MEM_OBJECT_DATA_unshift(st, val) SKM_sk_unshift(MEM_OBJECT_DATA, (st), (val)) -#define sk_MEM_OBJECT_DATA_find(st, val) SKM_sk_find(MEM_OBJECT_DATA, (st), (val)) -#define sk_MEM_OBJECT_DATA_find_ex(st, val) SKM_sk_find_ex(MEM_OBJECT_DATA, (st), (val)) -#define sk_MEM_OBJECT_DATA_delete(st, i) SKM_sk_delete(MEM_OBJECT_DATA, (st), (i)) -#define sk_MEM_OBJECT_DATA_delete_ptr(st, ptr) SKM_sk_delete_ptr(MEM_OBJECT_DATA, (st), (ptr)) -#define sk_MEM_OBJECT_DATA_insert(st, val, i) SKM_sk_insert(MEM_OBJECT_DATA, (st), (val), (i)) -#define sk_MEM_OBJECT_DATA_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(MEM_OBJECT_DATA, (st), (cmp)) -#define sk_MEM_OBJECT_DATA_dup(st) SKM_sk_dup(MEM_OBJECT_DATA, st) -#define sk_MEM_OBJECT_DATA_pop_free(st, free_func) SKM_sk_pop_free(MEM_OBJECT_DATA, (st), (free_func)) -#define sk_MEM_OBJECT_DATA_shift(st) SKM_sk_shift(MEM_OBJECT_DATA, (st)) -#define sk_MEM_OBJECT_DATA_pop(st) SKM_sk_pop(MEM_OBJECT_DATA, (st)) -#define sk_MEM_OBJECT_DATA_sort(st) SKM_sk_sort(MEM_OBJECT_DATA, (st)) -#define sk_MEM_OBJECT_DATA_is_sorted(st) SKM_sk_is_sorted(MEM_OBJECT_DATA, (st)) - -#define sk_MIME_HEADER_new(cmp) SKM_sk_new(MIME_HEADER, (cmp)) -#define sk_MIME_HEADER_new_null() SKM_sk_new_null(MIME_HEADER) -#define sk_MIME_HEADER_free(st) SKM_sk_free(MIME_HEADER, (st)) -#define sk_MIME_HEADER_num(st) SKM_sk_num(MIME_HEADER, (st)) -#define sk_MIME_HEADER_value(st, i) SKM_sk_value(MIME_HEADER, (st), (i)) -#define sk_MIME_HEADER_set(st, i, val) SKM_sk_set(MIME_HEADER, (st), (i), (val)) -#define sk_MIME_HEADER_zero(st) SKM_sk_zero(MIME_HEADER, (st)) -#define sk_MIME_HEADER_push(st, val) SKM_sk_push(MIME_HEADER, (st), (val)) -#define sk_MIME_HEADER_unshift(st, val) SKM_sk_unshift(MIME_HEADER, (st), (val)) -#define sk_MIME_HEADER_find(st, val) SKM_sk_find(MIME_HEADER, (st), (val)) -#define sk_MIME_HEADER_find_ex(st, val) SKM_sk_find_ex(MIME_HEADER, (st), (val)) -#define sk_MIME_HEADER_delete(st, i) SKM_sk_delete(MIME_HEADER, (st), (i)) -#define sk_MIME_HEADER_delete_ptr(st, ptr) SKM_sk_delete_ptr(MIME_HEADER, (st), (ptr)) -#define sk_MIME_HEADER_insert(st, val, i) SKM_sk_insert(MIME_HEADER, (st), (val), (i)) -#define sk_MIME_HEADER_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(MIME_HEADER, (st), (cmp)) -#define sk_MIME_HEADER_dup(st) SKM_sk_dup(MIME_HEADER, st) -#define sk_MIME_HEADER_pop_free(st, free_func) SKM_sk_pop_free(MIME_HEADER, (st), (free_func)) -#define sk_MIME_HEADER_shift(st) SKM_sk_shift(MIME_HEADER, (st)) -#define sk_MIME_HEADER_pop(st) SKM_sk_pop(MIME_HEADER, (st)) -#define sk_MIME_HEADER_sort(st) SKM_sk_sort(MIME_HEADER, (st)) -#define sk_MIME_HEADER_is_sorted(st) SKM_sk_is_sorted(MIME_HEADER, (st)) - -#define sk_MIME_PARAM_new(cmp) SKM_sk_new(MIME_PARAM, (cmp)) -#define sk_MIME_PARAM_new_null() SKM_sk_new_null(MIME_PARAM) -#define sk_MIME_PARAM_free(st) SKM_sk_free(MIME_PARAM, (st)) -#define sk_MIME_PARAM_num(st) SKM_sk_num(MIME_PARAM, (st)) -#define sk_MIME_PARAM_value(st, i) SKM_sk_value(MIME_PARAM, (st), (i)) -#define sk_MIME_PARAM_set(st, i, val) SKM_sk_set(MIME_PARAM, (st), (i), (val)) -#define sk_MIME_PARAM_zero(st) SKM_sk_zero(MIME_PARAM, (st)) -#define sk_MIME_PARAM_push(st, val) SKM_sk_push(MIME_PARAM, (st), (val)) -#define sk_MIME_PARAM_unshift(st, val) SKM_sk_unshift(MIME_PARAM, (st), (val)) -#define sk_MIME_PARAM_find(st, val) SKM_sk_find(MIME_PARAM, (st), (val)) -#define sk_MIME_PARAM_find_ex(st, val) SKM_sk_find_ex(MIME_PARAM, (st), (val)) -#define sk_MIME_PARAM_delete(st, i) SKM_sk_delete(MIME_PARAM, (st), (i)) -#define sk_MIME_PARAM_delete_ptr(st, ptr) SKM_sk_delete_ptr(MIME_PARAM, (st), (ptr)) -#define sk_MIME_PARAM_insert(st, val, i) SKM_sk_insert(MIME_PARAM, (st), (val), (i)) -#define sk_MIME_PARAM_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(MIME_PARAM, (st), (cmp)) -#define sk_MIME_PARAM_dup(st) SKM_sk_dup(MIME_PARAM, st) -#define sk_MIME_PARAM_pop_free(st, free_func) SKM_sk_pop_free(MIME_PARAM, (st), (free_func)) -#define sk_MIME_PARAM_shift(st) SKM_sk_shift(MIME_PARAM, (st)) -#define sk_MIME_PARAM_pop(st) SKM_sk_pop(MIME_PARAM, (st)) -#define sk_MIME_PARAM_sort(st) SKM_sk_sort(MIME_PARAM, (st)) -#define sk_MIME_PARAM_is_sorted(st) SKM_sk_is_sorted(MIME_PARAM, (st)) - -#define sk_NAME_FUNCS_new(cmp) SKM_sk_new(NAME_FUNCS, (cmp)) -#define sk_NAME_FUNCS_new_null() SKM_sk_new_null(NAME_FUNCS) -#define sk_NAME_FUNCS_free(st) SKM_sk_free(NAME_FUNCS, (st)) -#define sk_NAME_FUNCS_num(st) SKM_sk_num(NAME_FUNCS, (st)) -#define sk_NAME_FUNCS_value(st, i) SKM_sk_value(NAME_FUNCS, (st), (i)) -#define sk_NAME_FUNCS_set(st, i, val) SKM_sk_set(NAME_FUNCS, (st), (i), (val)) -#define sk_NAME_FUNCS_zero(st) SKM_sk_zero(NAME_FUNCS, (st)) -#define sk_NAME_FUNCS_push(st, val) SKM_sk_push(NAME_FUNCS, (st), (val)) -#define sk_NAME_FUNCS_unshift(st, val) SKM_sk_unshift(NAME_FUNCS, (st), (val)) -#define sk_NAME_FUNCS_find(st, val) SKM_sk_find(NAME_FUNCS, (st), (val)) -#define sk_NAME_FUNCS_find_ex(st, val) SKM_sk_find_ex(NAME_FUNCS, (st), (val)) -#define sk_NAME_FUNCS_delete(st, i) SKM_sk_delete(NAME_FUNCS, (st), (i)) -#define sk_NAME_FUNCS_delete_ptr(st, ptr) SKM_sk_delete_ptr(NAME_FUNCS, (st), (ptr)) -#define sk_NAME_FUNCS_insert(st, val, i) SKM_sk_insert(NAME_FUNCS, (st), (val), (i)) -#define sk_NAME_FUNCS_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(NAME_FUNCS, (st), (cmp)) -#define sk_NAME_FUNCS_dup(st) SKM_sk_dup(NAME_FUNCS, st) -#define sk_NAME_FUNCS_pop_free(st, free_func) SKM_sk_pop_free(NAME_FUNCS, (st), (free_func)) -#define sk_NAME_FUNCS_shift(st) SKM_sk_shift(NAME_FUNCS, (st)) -#define sk_NAME_FUNCS_pop(st) SKM_sk_pop(NAME_FUNCS, (st)) -#define sk_NAME_FUNCS_sort(st) SKM_sk_sort(NAME_FUNCS, (st)) -#define sk_NAME_FUNCS_is_sorted(st) SKM_sk_is_sorted(NAME_FUNCS, (st)) - -#define sk_OCSP_CERTID_new(cmp) SKM_sk_new(OCSP_CERTID, (cmp)) -#define sk_OCSP_CERTID_new_null() SKM_sk_new_null(OCSP_CERTID) -#define sk_OCSP_CERTID_free(st) SKM_sk_free(OCSP_CERTID, (st)) -#define sk_OCSP_CERTID_num(st) SKM_sk_num(OCSP_CERTID, (st)) -#define sk_OCSP_CERTID_value(st, i) SKM_sk_value(OCSP_CERTID, (st), (i)) -#define sk_OCSP_CERTID_set(st, i, val) SKM_sk_set(OCSP_CERTID, (st), (i), (val)) -#define sk_OCSP_CERTID_zero(st) SKM_sk_zero(OCSP_CERTID, (st)) -#define sk_OCSP_CERTID_push(st, val) SKM_sk_push(OCSP_CERTID, (st), (val)) -#define sk_OCSP_CERTID_unshift(st, val) SKM_sk_unshift(OCSP_CERTID, (st), (val)) -#define sk_OCSP_CERTID_find(st, val) SKM_sk_find(OCSP_CERTID, (st), (val)) -#define sk_OCSP_CERTID_find_ex(st, val) SKM_sk_find_ex(OCSP_CERTID, (st), (val)) -#define sk_OCSP_CERTID_delete(st, i) SKM_sk_delete(OCSP_CERTID, (st), (i)) -#define sk_OCSP_CERTID_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_CERTID, (st), (ptr)) -#define sk_OCSP_CERTID_insert(st, val, i) SKM_sk_insert(OCSP_CERTID, (st), (val), (i)) -#define sk_OCSP_CERTID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_CERTID, (st), (cmp)) -#define sk_OCSP_CERTID_dup(st) SKM_sk_dup(OCSP_CERTID, st) -#define sk_OCSP_CERTID_pop_free(st, free_func) SKM_sk_pop_free(OCSP_CERTID, (st), (free_func)) -#define sk_OCSP_CERTID_shift(st) SKM_sk_shift(OCSP_CERTID, (st)) -#define sk_OCSP_CERTID_pop(st) SKM_sk_pop(OCSP_CERTID, (st)) -#define sk_OCSP_CERTID_sort(st) SKM_sk_sort(OCSP_CERTID, (st)) -#define sk_OCSP_CERTID_is_sorted(st) SKM_sk_is_sorted(OCSP_CERTID, (st)) - -#define sk_OCSP_ONEREQ_new(cmp) SKM_sk_new(OCSP_ONEREQ, (cmp)) -#define sk_OCSP_ONEREQ_new_null() SKM_sk_new_null(OCSP_ONEREQ) -#define sk_OCSP_ONEREQ_free(st) SKM_sk_free(OCSP_ONEREQ, (st)) -#define sk_OCSP_ONEREQ_num(st) SKM_sk_num(OCSP_ONEREQ, (st)) -#define sk_OCSP_ONEREQ_value(st, i) SKM_sk_value(OCSP_ONEREQ, (st), (i)) -#define sk_OCSP_ONEREQ_set(st, i, val) SKM_sk_set(OCSP_ONEREQ, (st), (i), (val)) -#define sk_OCSP_ONEREQ_zero(st) SKM_sk_zero(OCSP_ONEREQ, (st)) -#define sk_OCSP_ONEREQ_push(st, val) SKM_sk_push(OCSP_ONEREQ, (st), (val)) -#define sk_OCSP_ONEREQ_unshift(st, val) SKM_sk_unshift(OCSP_ONEREQ, (st), (val)) -#define sk_OCSP_ONEREQ_find(st, val) SKM_sk_find(OCSP_ONEREQ, (st), (val)) -#define sk_OCSP_ONEREQ_find_ex(st, val) SKM_sk_find_ex(OCSP_ONEREQ, (st), (val)) -#define sk_OCSP_ONEREQ_delete(st, i) SKM_sk_delete(OCSP_ONEREQ, (st), (i)) -#define sk_OCSP_ONEREQ_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_ONEREQ, (st), (ptr)) -#define sk_OCSP_ONEREQ_insert(st, val, i) SKM_sk_insert(OCSP_ONEREQ, (st), (val), (i)) -#define sk_OCSP_ONEREQ_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_ONEREQ, (st), (cmp)) -#define sk_OCSP_ONEREQ_dup(st) SKM_sk_dup(OCSP_ONEREQ, st) -#define sk_OCSP_ONEREQ_pop_free(st, free_func) SKM_sk_pop_free(OCSP_ONEREQ, (st), (free_func)) -#define sk_OCSP_ONEREQ_shift(st) SKM_sk_shift(OCSP_ONEREQ, (st)) -#define sk_OCSP_ONEREQ_pop(st) SKM_sk_pop(OCSP_ONEREQ, (st)) -#define sk_OCSP_ONEREQ_sort(st) SKM_sk_sort(OCSP_ONEREQ, (st)) -#define sk_OCSP_ONEREQ_is_sorted(st) SKM_sk_is_sorted(OCSP_ONEREQ, (st)) - -#define sk_OCSP_RESPID_new(cmp) SKM_sk_new(OCSP_RESPID, (cmp)) -#define sk_OCSP_RESPID_new_null() SKM_sk_new_null(OCSP_RESPID) -#define sk_OCSP_RESPID_free(st) SKM_sk_free(OCSP_RESPID, (st)) -#define sk_OCSP_RESPID_num(st) SKM_sk_num(OCSP_RESPID, (st)) -#define sk_OCSP_RESPID_value(st, i) SKM_sk_value(OCSP_RESPID, (st), (i)) -#define sk_OCSP_RESPID_set(st, i, val) SKM_sk_set(OCSP_RESPID, (st), (i), (val)) -#define sk_OCSP_RESPID_zero(st) SKM_sk_zero(OCSP_RESPID, (st)) -#define sk_OCSP_RESPID_push(st, val) SKM_sk_push(OCSP_RESPID, (st), (val)) -#define sk_OCSP_RESPID_unshift(st, val) SKM_sk_unshift(OCSP_RESPID, (st), (val)) -#define sk_OCSP_RESPID_find(st, val) SKM_sk_find(OCSP_RESPID, (st), (val)) -#define sk_OCSP_RESPID_find_ex(st, val) SKM_sk_find_ex(OCSP_RESPID, (st), (val)) -#define sk_OCSP_RESPID_delete(st, i) SKM_sk_delete(OCSP_RESPID, (st), (i)) -#define sk_OCSP_RESPID_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_RESPID, (st), (ptr)) -#define sk_OCSP_RESPID_insert(st, val, i) SKM_sk_insert(OCSP_RESPID, (st), (val), (i)) -#define sk_OCSP_RESPID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_RESPID, (st), (cmp)) -#define sk_OCSP_RESPID_dup(st) SKM_sk_dup(OCSP_RESPID, st) -#define sk_OCSP_RESPID_pop_free(st, free_func) SKM_sk_pop_free(OCSP_RESPID, (st), (free_func)) -#define sk_OCSP_RESPID_shift(st) SKM_sk_shift(OCSP_RESPID, (st)) -#define sk_OCSP_RESPID_pop(st) SKM_sk_pop(OCSP_RESPID, (st)) -#define sk_OCSP_RESPID_sort(st) SKM_sk_sort(OCSP_RESPID, (st)) -#define sk_OCSP_RESPID_is_sorted(st) SKM_sk_is_sorted(OCSP_RESPID, (st)) - -#define sk_OCSP_SINGLERESP_new(cmp) SKM_sk_new(OCSP_SINGLERESP, (cmp)) -#define sk_OCSP_SINGLERESP_new_null() SKM_sk_new_null(OCSP_SINGLERESP) -#define sk_OCSP_SINGLERESP_free(st) SKM_sk_free(OCSP_SINGLERESP, (st)) -#define sk_OCSP_SINGLERESP_num(st) SKM_sk_num(OCSP_SINGLERESP, (st)) -#define sk_OCSP_SINGLERESP_value(st, i) SKM_sk_value(OCSP_SINGLERESP, (st), (i)) -#define sk_OCSP_SINGLERESP_set(st, i, val) SKM_sk_set(OCSP_SINGLERESP, (st), (i), (val)) -#define sk_OCSP_SINGLERESP_zero(st) SKM_sk_zero(OCSP_SINGLERESP, (st)) -#define sk_OCSP_SINGLERESP_push(st, val) SKM_sk_push(OCSP_SINGLERESP, (st), (val)) -#define sk_OCSP_SINGLERESP_unshift(st, val) SKM_sk_unshift(OCSP_SINGLERESP, (st), (val)) -#define sk_OCSP_SINGLERESP_find(st, val) SKM_sk_find(OCSP_SINGLERESP, (st), (val)) -#define sk_OCSP_SINGLERESP_find_ex(st, val) SKM_sk_find_ex(OCSP_SINGLERESP, (st), (val)) -#define sk_OCSP_SINGLERESP_delete(st, i) SKM_sk_delete(OCSP_SINGLERESP, (st), (i)) -#define sk_OCSP_SINGLERESP_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_SINGLERESP, (st), (ptr)) -#define sk_OCSP_SINGLERESP_insert(st, val, i) SKM_sk_insert(OCSP_SINGLERESP, (st), (val), (i)) -#define sk_OCSP_SINGLERESP_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_SINGLERESP, (st), (cmp)) -#define sk_OCSP_SINGLERESP_dup(st) SKM_sk_dup(OCSP_SINGLERESP, st) -#define sk_OCSP_SINGLERESP_pop_free(st, free_func) SKM_sk_pop_free(OCSP_SINGLERESP, (st), (free_func)) -#define sk_OCSP_SINGLERESP_shift(st) SKM_sk_shift(OCSP_SINGLERESP, (st)) -#define sk_OCSP_SINGLERESP_pop(st) SKM_sk_pop(OCSP_SINGLERESP, (st)) -#define sk_OCSP_SINGLERESP_sort(st) SKM_sk_sort(OCSP_SINGLERESP, (st)) -#define sk_OCSP_SINGLERESP_is_sorted(st) SKM_sk_is_sorted(OCSP_SINGLERESP, (st)) - -#define sk_PKCS12_SAFEBAG_new(cmp) SKM_sk_new(PKCS12_SAFEBAG, (cmp)) -#define sk_PKCS12_SAFEBAG_new_null() SKM_sk_new_null(PKCS12_SAFEBAG) -#define sk_PKCS12_SAFEBAG_free(st) SKM_sk_free(PKCS12_SAFEBAG, (st)) -#define sk_PKCS12_SAFEBAG_num(st) SKM_sk_num(PKCS12_SAFEBAG, (st)) -#define sk_PKCS12_SAFEBAG_value(st, i) SKM_sk_value(PKCS12_SAFEBAG, (st), (i)) -#define sk_PKCS12_SAFEBAG_set(st, i, val) SKM_sk_set(PKCS12_SAFEBAG, (st), (i), (val)) -#define sk_PKCS12_SAFEBAG_zero(st) SKM_sk_zero(PKCS12_SAFEBAG, (st)) -#define sk_PKCS12_SAFEBAG_push(st, val) SKM_sk_push(PKCS12_SAFEBAG, (st), (val)) -#define sk_PKCS12_SAFEBAG_unshift(st, val) SKM_sk_unshift(PKCS12_SAFEBAG, (st), (val)) -#define sk_PKCS12_SAFEBAG_find(st, val) SKM_sk_find(PKCS12_SAFEBAG, (st), (val)) -#define sk_PKCS12_SAFEBAG_find_ex(st, val) SKM_sk_find_ex(PKCS12_SAFEBAG, (st), (val)) -#define sk_PKCS12_SAFEBAG_delete(st, i) SKM_sk_delete(PKCS12_SAFEBAG, (st), (i)) -#define sk_PKCS12_SAFEBAG_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS12_SAFEBAG, (st), (ptr)) -#define sk_PKCS12_SAFEBAG_insert(st, val, i) SKM_sk_insert(PKCS12_SAFEBAG, (st), (val), (i)) -#define sk_PKCS12_SAFEBAG_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS12_SAFEBAG, (st), (cmp)) -#define sk_PKCS12_SAFEBAG_dup(st) SKM_sk_dup(PKCS12_SAFEBAG, st) -#define sk_PKCS12_SAFEBAG_pop_free(st, free_func) SKM_sk_pop_free(PKCS12_SAFEBAG, (st), (free_func)) -#define sk_PKCS12_SAFEBAG_shift(st) SKM_sk_shift(PKCS12_SAFEBAG, (st)) -#define sk_PKCS12_SAFEBAG_pop(st) SKM_sk_pop(PKCS12_SAFEBAG, (st)) -#define sk_PKCS12_SAFEBAG_sort(st) SKM_sk_sort(PKCS12_SAFEBAG, (st)) -#define sk_PKCS12_SAFEBAG_is_sorted(st) SKM_sk_is_sorted(PKCS12_SAFEBAG, (st)) - -#define sk_PKCS7_new(cmp) SKM_sk_new(PKCS7, (cmp)) -#define sk_PKCS7_new_null() SKM_sk_new_null(PKCS7) -#define sk_PKCS7_free(st) SKM_sk_free(PKCS7, (st)) -#define sk_PKCS7_num(st) SKM_sk_num(PKCS7, (st)) -#define sk_PKCS7_value(st, i) SKM_sk_value(PKCS7, (st), (i)) -#define sk_PKCS7_set(st, i, val) SKM_sk_set(PKCS7, (st), (i), (val)) -#define sk_PKCS7_zero(st) SKM_sk_zero(PKCS7, (st)) -#define sk_PKCS7_push(st, val) SKM_sk_push(PKCS7, (st), (val)) -#define sk_PKCS7_unshift(st, val) SKM_sk_unshift(PKCS7, (st), (val)) -#define sk_PKCS7_find(st, val) SKM_sk_find(PKCS7, (st), (val)) -#define sk_PKCS7_find_ex(st, val) SKM_sk_find_ex(PKCS7, (st), (val)) -#define sk_PKCS7_delete(st, i) SKM_sk_delete(PKCS7, (st), (i)) -#define sk_PKCS7_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7, (st), (ptr)) -#define sk_PKCS7_insert(st, val, i) SKM_sk_insert(PKCS7, (st), (val), (i)) -#define sk_PKCS7_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS7, (st), (cmp)) -#define sk_PKCS7_dup(st) SKM_sk_dup(PKCS7, st) -#define sk_PKCS7_pop_free(st, free_func) SKM_sk_pop_free(PKCS7, (st), (free_func)) -#define sk_PKCS7_shift(st) SKM_sk_shift(PKCS7, (st)) -#define sk_PKCS7_pop(st) SKM_sk_pop(PKCS7, (st)) -#define sk_PKCS7_sort(st) SKM_sk_sort(PKCS7, (st)) -#define sk_PKCS7_is_sorted(st) SKM_sk_is_sorted(PKCS7, (st)) - -#define sk_PKCS7_RECIP_INFO_new(cmp) SKM_sk_new(PKCS7_RECIP_INFO, (cmp)) -#define sk_PKCS7_RECIP_INFO_new_null() SKM_sk_new_null(PKCS7_RECIP_INFO) -#define sk_PKCS7_RECIP_INFO_free(st) SKM_sk_free(PKCS7_RECIP_INFO, (st)) -#define sk_PKCS7_RECIP_INFO_num(st) SKM_sk_num(PKCS7_RECIP_INFO, (st)) -#define sk_PKCS7_RECIP_INFO_value(st, i) SKM_sk_value(PKCS7_RECIP_INFO, (st), (i)) -#define sk_PKCS7_RECIP_INFO_set(st, i, val) SKM_sk_set(PKCS7_RECIP_INFO, (st), (i), (val)) -#define sk_PKCS7_RECIP_INFO_zero(st) SKM_sk_zero(PKCS7_RECIP_INFO, (st)) -#define sk_PKCS7_RECIP_INFO_push(st, val) SKM_sk_push(PKCS7_RECIP_INFO, (st), (val)) -#define sk_PKCS7_RECIP_INFO_unshift(st, val) SKM_sk_unshift(PKCS7_RECIP_INFO, (st), (val)) -#define sk_PKCS7_RECIP_INFO_find(st, val) SKM_sk_find(PKCS7_RECIP_INFO, (st), (val)) -#define sk_PKCS7_RECIP_INFO_find_ex(st, val) SKM_sk_find_ex(PKCS7_RECIP_INFO, (st), (val)) -#define sk_PKCS7_RECIP_INFO_delete(st, i) SKM_sk_delete(PKCS7_RECIP_INFO, (st), (i)) -#define sk_PKCS7_RECIP_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7_RECIP_INFO, (st), (ptr)) -#define sk_PKCS7_RECIP_INFO_insert(st, val, i) SKM_sk_insert(PKCS7_RECIP_INFO, (st), (val), (i)) -#define sk_PKCS7_RECIP_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS7_RECIP_INFO, (st), (cmp)) -#define sk_PKCS7_RECIP_INFO_dup(st) SKM_sk_dup(PKCS7_RECIP_INFO, st) -#define sk_PKCS7_RECIP_INFO_pop_free(st, free_func) SKM_sk_pop_free(PKCS7_RECIP_INFO, (st), (free_func)) -#define sk_PKCS7_RECIP_INFO_shift(st) SKM_sk_shift(PKCS7_RECIP_INFO, (st)) -#define sk_PKCS7_RECIP_INFO_pop(st) SKM_sk_pop(PKCS7_RECIP_INFO, (st)) -#define sk_PKCS7_RECIP_INFO_sort(st) SKM_sk_sort(PKCS7_RECIP_INFO, (st)) -#define sk_PKCS7_RECIP_INFO_is_sorted(st) SKM_sk_is_sorted(PKCS7_RECIP_INFO, (st)) - -#define sk_PKCS7_SIGNER_INFO_new(cmp) SKM_sk_new(PKCS7_SIGNER_INFO, (cmp)) -#define sk_PKCS7_SIGNER_INFO_new_null() SKM_sk_new_null(PKCS7_SIGNER_INFO) -#define sk_PKCS7_SIGNER_INFO_free(st) SKM_sk_free(PKCS7_SIGNER_INFO, (st)) -#define sk_PKCS7_SIGNER_INFO_num(st) SKM_sk_num(PKCS7_SIGNER_INFO, (st)) -#define sk_PKCS7_SIGNER_INFO_value(st, i) SKM_sk_value(PKCS7_SIGNER_INFO, (st), (i)) -#define sk_PKCS7_SIGNER_INFO_set(st, i, val) SKM_sk_set(PKCS7_SIGNER_INFO, (st), (i), (val)) -#define sk_PKCS7_SIGNER_INFO_zero(st) SKM_sk_zero(PKCS7_SIGNER_INFO, (st)) -#define sk_PKCS7_SIGNER_INFO_push(st, val) SKM_sk_push(PKCS7_SIGNER_INFO, (st), (val)) -#define sk_PKCS7_SIGNER_INFO_unshift(st, val) SKM_sk_unshift(PKCS7_SIGNER_INFO, (st), (val)) -#define sk_PKCS7_SIGNER_INFO_find(st, val) SKM_sk_find(PKCS7_SIGNER_INFO, (st), (val)) -#define sk_PKCS7_SIGNER_INFO_find_ex(st, val) SKM_sk_find_ex(PKCS7_SIGNER_INFO, (st), (val)) -#define sk_PKCS7_SIGNER_INFO_delete(st, i) SKM_sk_delete(PKCS7_SIGNER_INFO, (st), (i)) -#define sk_PKCS7_SIGNER_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7_SIGNER_INFO, (st), (ptr)) -#define sk_PKCS7_SIGNER_INFO_insert(st, val, i) SKM_sk_insert(PKCS7_SIGNER_INFO, (st), (val), (i)) -#define sk_PKCS7_SIGNER_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS7_SIGNER_INFO, (st), (cmp)) -#define sk_PKCS7_SIGNER_INFO_dup(st) SKM_sk_dup(PKCS7_SIGNER_INFO, st) -#define sk_PKCS7_SIGNER_INFO_pop_free(st, free_func) SKM_sk_pop_free(PKCS7_SIGNER_INFO, (st), (free_func)) -#define sk_PKCS7_SIGNER_INFO_shift(st) SKM_sk_shift(PKCS7_SIGNER_INFO, (st)) -#define sk_PKCS7_SIGNER_INFO_pop(st) SKM_sk_pop(PKCS7_SIGNER_INFO, (st)) -#define sk_PKCS7_SIGNER_INFO_sort(st) SKM_sk_sort(PKCS7_SIGNER_INFO, (st)) -#define sk_PKCS7_SIGNER_INFO_is_sorted(st) SKM_sk_is_sorted(PKCS7_SIGNER_INFO, (st)) - -#define sk_POLICYINFO_new(cmp) SKM_sk_new(POLICYINFO, (cmp)) -#define sk_POLICYINFO_new_null() SKM_sk_new_null(POLICYINFO) -#define sk_POLICYINFO_free(st) SKM_sk_free(POLICYINFO, (st)) -#define sk_POLICYINFO_num(st) SKM_sk_num(POLICYINFO, (st)) -#define sk_POLICYINFO_value(st, i) SKM_sk_value(POLICYINFO, (st), (i)) -#define sk_POLICYINFO_set(st, i, val) SKM_sk_set(POLICYINFO, (st), (i), (val)) -#define sk_POLICYINFO_zero(st) SKM_sk_zero(POLICYINFO, (st)) -#define sk_POLICYINFO_push(st, val) SKM_sk_push(POLICYINFO, (st), (val)) -#define sk_POLICYINFO_unshift(st, val) SKM_sk_unshift(POLICYINFO, (st), (val)) -#define sk_POLICYINFO_find(st, val) SKM_sk_find(POLICYINFO, (st), (val)) -#define sk_POLICYINFO_find_ex(st, val) SKM_sk_find_ex(POLICYINFO, (st), (val)) -#define sk_POLICYINFO_delete(st, i) SKM_sk_delete(POLICYINFO, (st), (i)) -#define sk_POLICYINFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICYINFO, (st), (ptr)) -#define sk_POLICYINFO_insert(st, val, i) SKM_sk_insert(POLICYINFO, (st), (val), (i)) -#define sk_POLICYINFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(POLICYINFO, (st), (cmp)) -#define sk_POLICYINFO_dup(st) SKM_sk_dup(POLICYINFO, st) -#define sk_POLICYINFO_pop_free(st, free_func) SKM_sk_pop_free(POLICYINFO, (st), (free_func)) -#define sk_POLICYINFO_shift(st) SKM_sk_shift(POLICYINFO, (st)) -#define sk_POLICYINFO_pop(st) SKM_sk_pop(POLICYINFO, (st)) -#define sk_POLICYINFO_sort(st) SKM_sk_sort(POLICYINFO, (st)) -#define sk_POLICYINFO_is_sorted(st) SKM_sk_is_sorted(POLICYINFO, (st)) - -#define sk_POLICYQUALINFO_new(cmp) SKM_sk_new(POLICYQUALINFO, (cmp)) -#define sk_POLICYQUALINFO_new_null() SKM_sk_new_null(POLICYQUALINFO) -#define sk_POLICYQUALINFO_free(st) SKM_sk_free(POLICYQUALINFO, (st)) -#define sk_POLICYQUALINFO_num(st) SKM_sk_num(POLICYQUALINFO, (st)) -#define sk_POLICYQUALINFO_value(st, i) SKM_sk_value(POLICYQUALINFO, (st), (i)) -#define sk_POLICYQUALINFO_set(st, i, val) SKM_sk_set(POLICYQUALINFO, (st), (i), (val)) -#define sk_POLICYQUALINFO_zero(st) SKM_sk_zero(POLICYQUALINFO, (st)) -#define sk_POLICYQUALINFO_push(st, val) SKM_sk_push(POLICYQUALINFO, (st), (val)) -#define sk_POLICYQUALINFO_unshift(st, val) SKM_sk_unshift(POLICYQUALINFO, (st), (val)) -#define sk_POLICYQUALINFO_find(st, val) SKM_sk_find(POLICYQUALINFO, (st), (val)) -#define sk_POLICYQUALINFO_find_ex(st, val) SKM_sk_find_ex(POLICYQUALINFO, (st), (val)) -#define sk_POLICYQUALINFO_delete(st, i) SKM_sk_delete(POLICYQUALINFO, (st), (i)) -#define sk_POLICYQUALINFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICYQUALINFO, (st), (ptr)) -#define sk_POLICYQUALINFO_insert(st, val, i) SKM_sk_insert(POLICYQUALINFO, (st), (val), (i)) -#define sk_POLICYQUALINFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(POLICYQUALINFO, (st), (cmp)) -#define sk_POLICYQUALINFO_dup(st) SKM_sk_dup(POLICYQUALINFO, st) -#define sk_POLICYQUALINFO_pop_free(st, free_func) SKM_sk_pop_free(POLICYQUALINFO, (st), (free_func)) -#define sk_POLICYQUALINFO_shift(st) SKM_sk_shift(POLICYQUALINFO, (st)) -#define sk_POLICYQUALINFO_pop(st) SKM_sk_pop(POLICYQUALINFO, (st)) -#define sk_POLICYQUALINFO_sort(st) SKM_sk_sort(POLICYQUALINFO, (st)) -#define sk_POLICYQUALINFO_is_sorted(st) SKM_sk_is_sorted(POLICYQUALINFO, (st)) - -#define sk_POLICY_MAPPING_new(cmp) SKM_sk_new(POLICY_MAPPING, (cmp)) -#define sk_POLICY_MAPPING_new_null() SKM_sk_new_null(POLICY_MAPPING) -#define sk_POLICY_MAPPING_free(st) SKM_sk_free(POLICY_MAPPING, (st)) -#define sk_POLICY_MAPPING_num(st) SKM_sk_num(POLICY_MAPPING, (st)) -#define sk_POLICY_MAPPING_value(st, i) SKM_sk_value(POLICY_MAPPING, (st), (i)) -#define sk_POLICY_MAPPING_set(st, i, val) SKM_sk_set(POLICY_MAPPING, (st), (i), (val)) -#define sk_POLICY_MAPPING_zero(st) SKM_sk_zero(POLICY_MAPPING, (st)) -#define sk_POLICY_MAPPING_push(st, val) SKM_sk_push(POLICY_MAPPING, (st), (val)) -#define sk_POLICY_MAPPING_unshift(st, val) SKM_sk_unshift(POLICY_MAPPING, (st), (val)) -#define sk_POLICY_MAPPING_find(st, val) SKM_sk_find(POLICY_MAPPING, (st), (val)) -#define sk_POLICY_MAPPING_find_ex(st, val) SKM_sk_find_ex(POLICY_MAPPING, (st), (val)) -#define sk_POLICY_MAPPING_delete(st, i) SKM_sk_delete(POLICY_MAPPING, (st), (i)) -#define sk_POLICY_MAPPING_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICY_MAPPING, (st), (ptr)) -#define sk_POLICY_MAPPING_insert(st, val, i) SKM_sk_insert(POLICY_MAPPING, (st), (val), (i)) -#define sk_POLICY_MAPPING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(POLICY_MAPPING, (st), (cmp)) -#define sk_POLICY_MAPPING_dup(st) SKM_sk_dup(POLICY_MAPPING, st) -#define sk_POLICY_MAPPING_pop_free(st, free_func) SKM_sk_pop_free(POLICY_MAPPING, (st), (free_func)) -#define sk_POLICY_MAPPING_shift(st) SKM_sk_shift(POLICY_MAPPING, (st)) -#define sk_POLICY_MAPPING_pop(st) SKM_sk_pop(POLICY_MAPPING, (st)) -#define sk_POLICY_MAPPING_sort(st) SKM_sk_sort(POLICY_MAPPING, (st)) -#define sk_POLICY_MAPPING_is_sorted(st) SKM_sk_is_sorted(POLICY_MAPPING, (st)) - -#define sk_SRTP_PROTECTION_PROFILE_new(cmp) SKM_sk_new(SRTP_PROTECTION_PROFILE, (cmp)) -#define sk_SRTP_PROTECTION_PROFILE_new_null() SKM_sk_new_null(SRTP_PROTECTION_PROFILE) -#define sk_SRTP_PROTECTION_PROFILE_free(st) SKM_sk_free(SRTP_PROTECTION_PROFILE, (st)) -#define sk_SRTP_PROTECTION_PROFILE_num(st) SKM_sk_num(SRTP_PROTECTION_PROFILE, (st)) -#define sk_SRTP_PROTECTION_PROFILE_value(st, i) SKM_sk_value(SRTP_PROTECTION_PROFILE, (st), (i)) -#define sk_SRTP_PROTECTION_PROFILE_set(st, i, val) SKM_sk_set(SRTP_PROTECTION_PROFILE, (st), (i), (val)) -#define sk_SRTP_PROTECTION_PROFILE_zero(st) SKM_sk_zero(SRTP_PROTECTION_PROFILE, (st)) -#define sk_SRTP_PROTECTION_PROFILE_push(st, val) SKM_sk_push(SRTP_PROTECTION_PROFILE, (st), (val)) -#define sk_SRTP_PROTECTION_PROFILE_unshift(st, val) SKM_sk_unshift(SRTP_PROTECTION_PROFILE, (st), (val)) -#define sk_SRTP_PROTECTION_PROFILE_find(st, val) SKM_sk_find(SRTP_PROTECTION_PROFILE, (st), (val)) -#define sk_SRTP_PROTECTION_PROFILE_find_ex(st, val) SKM_sk_find_ex(SRTP_PROTECTION_PROFILE, (st), (val)) -#define sk_SRTP_PROTECTION_PROFILE_delete(st, i) SKM_sk_delete(SRTP_PROTECTION_PROFILE, (st), (i)) -#define sk_SRTP_PROTECTION_PROFILE_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRTP_PROTECTION_PROFILE, (st), (ptr)) -#define sk_SRTP_PROTECTION_PROFILE_insert(st, val, i) SKM_sk_insert(SRTP_PROTECTION_PROFILE, (st), (val), (i)) -#define sk_SRTP_PROTECTION_PROFILE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRTP_PROTECTION_PROFILE, (st), (cmp)) -#define sk_SRTP_PROTECTION_PROFILE_dup(st) SKM_sk_dup(SRTP_PROTECTION_PROFILE, st) -#define sk_SRTP_PROTECTION_PROFILE_pop_free(st, free_func) SKM_sk_pop_free(SRTP_PROTECTION_PROFILE, (st), (free_func)) -#define sk_SRTP_PROTECTION_PROFILE_shift(st) SKM_sk_shift(SRTP_PROTECTION_PROFILE, (st)) -#define sk_SRTP_PROTECTION_PROFILE_pop(st) SKM_sk_pop(SRTP_PROTECTION_PROFILE, (st)) -#define sk_SRTP_PROTECTION_PROFILE_sort(st) SKM_sk_sort(SRTP_PROTECTION_PROFILE, (st)) -#define sk_SRTP_PROTECTION_PROFILE_is_sorted(st) SKM_sk_is_sorted(SRTP_PROTECTION_PROFILE, (st)) - -#define sk_SSL_CIPHER_new(cmp) SKM_sk_new(SSL_CIPHER, (cmp)) -#define sk_SSL_CIPHER_new_null() SKM_sk_new_null(SSL_CIPHER) -#define sk_SSL_CIPHER_free(st) SKM_sk_free(SSL_CIPHER, (st)) -#define sk_SSL_CIPHER_num(st) SKM_sk_num(SSL_CIPHER, (st)) -#define sk_SSL_CIPHER_value(st, i) SKM_sk_value(SSL_CIPHER, (st), (i)) -#define sk_SSL_CIPHER_set(st, i, val) SKM_sk_set(SSL_CIPHER, (st), (i), (val)) -#define sk_SSL_CIPHER_zero(st) SKM_sk_zero(SSL_CIPHER, (st)) -#define sk_SSL_CIPHER_push(st, val) SKM_sk_push(SSL_CIPHER, (st), (val)) -#define sk_SSL_CIPHER_unshift(st, val) SKM_sk_unshift(SSL_CIPHER, (st), (val)) -#define sk_SSL_CIPHER_find(st, val) SKM_sk_find(SSL_CIPHER, (st), (val)) -#define sk_SSL_CIPHER_find_ex(st, val) SKM_sk_find_ex(SSL_CIPHER, (st), (val)) -#define sk_SSL_CIPHER_delete(st, i) SKM_sk_delete(SSL_CIPHER, (st), (i)) -#define sk_SSL_CIPHER_delete_ptr(st, ptr) SKM_sk_delete_ptr(SSL_CIPHER, (st), (ptr)) -#define sk_SSL_CIPHER_insert(st, val, i) SKM_sk_insert(SSL_CIPHER, (st), (val), (i)) -#define sk_SSL_CIPHER_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SSL_CIPHER, (st), (cmp)) -#define sk_SSL_CIPHER_dup(st) SKM_sk_dup(SSL_CIPHER, st) -#define sk_SSL_CIPHER_pop_free(st, free_func) SKM_sk_pop_free(SSL_CIPHER, (st), (free_func)) -#define sk_SSL_CIPHER_shift(st) SKM_sk_shift(SSL_CIPHER, (st)) -#define sk_SSL_CIPHER_pop(st) SKM_sk_pop(SSL_CIPHER, (st)) -#define sk_SSL_CIPHER_sort(st) SKM_sk_sort(SSL_CIPHER, (st)) -#define sk_SSL_CIPHER_is_sorted(st) SKM_sk_is_sorted(SSL_CIPHER, (st)) - -#define sk_SSL_COMP_new(cmp) SKM_sk_new(SSL_COMP, (cmp)) -#define sk_SSL_COMP_new_null() SKM_sk_new_null(SSL_COMP) -#define sk_SSL_COMP_free(st) SKM_sk_free(SSL_COMP, (st)) -#define sk_SSL_COMP_num(st) SKM_sk_num(SSL_COMP, (st)) -#define sk_SSL_COMP_value(st, i) SKM_sk_value(SSL_COMP, (st), (i)) -#define sk_SSL_COMP_set(st, i, val) SKM_sk_set(SSL_COMP, (st), (i), (val)) -#define sk_SSL_COMP_zero(st) SKM_sk_zero(SSL_COMP, (st)) -#define sk_SSL_COMP_push(st, val) SKM_sk_push(SSL_COMP, (st), (val)) -#define sk_SSL_COMP_unshift(st, val) SKM_sk_unshift(SSL_COMP, (st), (val)) -#define sk_SSL_COMP_find(st, val) SKM_sk_find(SSL_COMP, (st), (val)) -#define sk_SSL_COMP_find_ex(st, val) SKM_sk_find_ex(SSL_COMP, (st), (val)) -#define sk_SSL_COMP_delete(st, i) SKM_sk_delete(SSL_COMP, (st), (i)) -#define sk_SSL_COMP_delete_ptr(st, ptr) SKM_sk_delete_ptr(SSL_COMP, (st), (ptr)) -#define sk_SSL_COMP_insert(st, val, i) SKM_sk_insert(SSL_COMP, (st), (val), (i)) -#define sk_SSL_COMP_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SSL_COMP, (st), (cmp)) -#define sk_SSL_COMP_dup(st) SKM_sk_dup(SSL_COMP, st) -#define sk_SSL_COMP_pop_free(st, free_func) SKM_sk_pop_free(SSL_COMP, (st), (free_func)) -#define sk_SSL_COMP_shift(st) SKM_sk_shift(SSL_COMP, (st)) -#define sk_SSL_COMP_pop(st) SKM_sk_pop(SSL_COMP, (st)) -#define sk_SSL_COMP_sort(st) SKM_sk_sort(SSL_COMP, (st)) -#define sk_SSL_COMP_is_sorted(st) SKM_sk_is_sorted(SSL_COMP, (st)) - -#define sk_STACK_OF_X509_NAME_ENTRY_new(cmp) SKM_sk_new(STACK_OF_X509_NAME_ENTRY, (cmp)) -#define sk_STACK_OF_X509_NAME_ENTRY_new_null() SKM_sk_new_null(STACK_OF_X509_NAME_ENTRY) -#define sk_STACK_OF_X509_NAME_ENTRY_free(st) SKM_sk_free(STACK_OF_X509_NAME_ENTRY, (st)) -#define sk_STACK_OF_X509_NAME_ENTRY_num(st) SKM_sk_num(STACK_OF_X509_NAME_ENTRY, (st)) -#define sk_STACK_OF_X509_NAME_ENTRY_value(st, i) SKM_sk_value(STACK_OF_X509_NAME_ENTRY, (st), (i)) -#define sk_STACK_OF_X509_NAME_ENTRY_set(st, i, val) SKM_sk_set(STACK_OF_X509_NAME_ENTRY, (st), (i), (val)) -#define sk_STACK_OF_X509_NAME_ENTRY_zero(st) SKM_sk_zero(STACK_OF_X509_NAME_ENTRY, (st)) -#define sk_STACK_OF_X509_NAME_ENTRY_push(st, val) SKM_sk_push(STACK_OF_X509_NAME_ENTRY, (st), (val)) -#define sk_STACK_OF_X509_NAME_ENTRY_unshift(st, val) SKM_sk_unshift(STACK_OF_X509_NAME_ENTRY, (st), (val)) -#define sk_STACK_OF_X509_NAME_ENTRY_find(st, val) SKM_sk_find(STACK_OF_X509_NAME_ENTRY, (st), (val)) -#define sk_STACK_OF_X509_NAME_ENTRY_find_ex(st, val) SKM_sk_find_ex(STACK_OF_X509_NAME_ENTRY, (st), (val)) -#define sk_STACK_OF_X509_NAME_ENTRY_delete(st, i) SKM_sk_delete(STACK_OF_X509_NAME_ENTRY, (st), (i)) -#define sk_STACK_OF_X509_NAME_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(STACK_OF_X509_NAME_ENTRY, (st), (ptr)) -#define sk_STACK_OF_X509_NAME_ENTRY_insert(st, val, i) SKM_sk_insert(STACK_OF_X509_NAME_ENTRY, (st), (val), (i)) -#define sk_STACK_OF_X509_NAME_ENTRY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(STACK_OF_X509_NAME_ENTRY, (st), (cmp)) -#define sk_STACK_OF_X509_NAME_ENTRY_dup(st) SKM_sk_dup(STACK_OF_X509_NAME_ENTRY, st) -#define sk_STACK_OF_X509_NAME_ENTRY_pop_free(st, free_func) SKM_sk_pop_free(STACK_OF_X509_NAME_ENTRY, (st), (free_func)) -#define sk_STACK_OF_X509_NAME_ENTRY_shift(st) SKM_sk_shift(STACK_OF_X509_NAME_ENTRY, (st)) -#define sk_STACK_OF_X509_NAME_ENTRY_pop(st) SKM_sk_pop(STACK_OF_X509_NAME_ENTRY, (st)) -#define sk_STACK_OF_X509_NAME_ENTRY_sort(st) SKM_sk_sort(STACK_OF_X509_NAME_ENTRY, (st)) -#define sk_STACK_OF_X509_NAME_ENTRY_is_sorted(st) SKM_sk_is_sorted(STACK_OF_X509_NAME_ENTRY, (st)) - -#define sk_STORE_ATTR_INFO_new(cmp) SKM_sk_new(STORE_ATTR_INFO, (cmp)) -#define sk_STORE_ATTR_INFO_new_null() SKM_sk_new_null(STORE_ATTR_INFO) -#define sk_STORE_ATTR_INFO_free(st) SKM_sk_free(STORE_ATTR_INFO, (st)) -#define sk_STORE_ATTR_INFO_num(st) SKM_sk_num(STORE_ATTR_INFO, (st)) -#define sk_STORE_ATTR_INFO_value(st, i) SKM_sk_value(STORE_ATTR_INFO, (st), (i)) -#define sk_STORE_ATTR_INFO_set(st, i, val) SKM_sk_set(STORE_ATTR_INFO, (st), (i), (val)) -#define sk_STORE_ATTR_INFO_zero(st) SKM_sk_zero(STORE_ATTR_INFO, (st)) -#define sk_STORE_ATTR_INFO_push(st, val) SKM_sk_push(STORE_ATTR_INFO, (st), (val)) -#define sk_STORE_ATTR_INFO_unshift(st, val) SKM_sk_unshift(STORE_ATTR_INFO, (st), (val)) -#define sk_STORE_ATTR_INFO_find(st, val) SKM_sk_find(STORE_ATTR_INFO, (st), (val)) -#define sk_STORE_ATTR_INFO_find_ex(st, val) SKM_sk_find_ex(STORE_ATTR_INFO, (st), (val)) -#define sk_STORE_ATTR_INFO_delete(st, i) SKM_sk_delete(STORE_ATTR_INFO, (st), (i)) -#define sk_STORE_ATTR_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(STORE_ATTR_INFO, (st), (ptr)) -#define sk_STORE_ATTR_INFO_insert(st, val, i) SKM_sk_insert(STORE_ATTR_INFO, (st), (val), (i)) -#define sk_STORE_ATTR_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(STORE_ATTR_INFO, (st), (cmp)) -#define sk_STORE_ATTR_INFO_dup(st) SKM_sk_dup(STORE_ATTR_INFO, st) -#define sk_STORE_ATTR_INFO_pop_free(st, free_func) SKM_sk_pop_free(STORE_ATTR_INFO, (st), (free_func)) -#define sk_STORE_ATTR_INFO_shift(st) SKM_sk_shift(STORE_ATTR_INFO, (st)) -#define sk_STORE_ATTR_INFO_pop(st) SKM_sk_pop(STORE_ATTR_INFO, (st)) -#define sk_STORE_ATTR_INFO_sort(st) SKM_sk_sort(STORE_ATTR_INFO, (st)) -#define sk_STORE_ATTR_INFO_is_sorted(st) SKM_sk_is_sorted(STORE_ATTR_INFO, (st)) - -#define sk_STORE_OBJECT_new(cmp) SKM_sk_new(STORE_OBJECT, (cmp)) -#define sk_STORE_OBJECT_new_null() SKM_sk_new_null(STORE_OBJECT) -#define sk_STORE_OBJECT_free(st) SKM_sk_free(STORE_OBJECT, (st)) -#define sk_STORE_OBJECT_num(st) SKM_sk_num(STORE_OBJECT, (st)) -#define sk_STORE_OBJECT_value(st, i) SKM_sk_value(STORE_OBJECT, (st), (i)) -#define sk_STORE_OBJECT_set(st, i, val) SKM_sk_set(STORE_OBJECT, (st), (i), (val)) -#define sk_STORE_OBJECT_zero(st) SKM_sk_zero(STORE_OBJECT, (st)) -#define sk_STORE_OBJECT_push(st, val) SKM_sk_push(STORE_OBJECT, (st), (val)) -#define sk_STORE_OBJECT_unshift(st, val) SKM_sk_unshift(STORE_OBJECT, (st), (val)) -#define sk_STORE_OBJECT_find(st, val) SKM_sk_find(STORE_OBJECT, (st), (val)) -#define sk_STORE_OBJECT_find_ex(st, val) SKM_sk_find_ex(STORE_OBJECT, (st), (val)) -#define sk_STORE_OBJECT_delete(st, i) SKM_sk_delete(STORE_OBJECT, (st), (i)) -#define sk_STORE_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(STORE_OBJECT, (st), (ptr)) -#define sk_STORE_OBJECT_insert(st, val, i) SKM_sk_insert(STORE_OBJECT, (st), (val), (i)) -#define sk_STORE_OBJECT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(STORE_OBJECT, (st), (cmp)) -#define sk_STORE_OBJECT_dup(st) SKM_sk_dup(STORE_OBJECT, st) -#define sk_STORE_OBJECT_pop_free(st, free_func) SKM_sk_pop_free(STORE_OBJECT, (st), (free_func)) -#define sk_STORE_OBJECT_shift(st) SKM_sk_shift(STORE_OBJECT, (st)) -#define sk_STORE_OBJECT_pop(st) SKM_sk_pop(STORE_OBJECT, (st)) -#define sk_STORE_OBJECT_sort(st) SKM_sk_sort(STORE_OBJECT, (st)) -#define sk_STORE_OBJECT_is_sorted(st) SKM_sk_is_sorted(STORE_OBJECT, (st)) - -#define sk_SXNETID_new(cmp) SKM_sk_new(SXNETID, (cmp)) -#define sk_SXNETID_new_null() SKM_sk_new_null(SXNETID) -#define sk_SXNETID_free(st) SKM_sk_free(SXNETID, (st)) -#define sk_SXNETID_num(st) SKM_sk_num(SXNETID, (st)) -#define sk_SXNETID_value(st, i) SKM_sk_value(SXNETID, (st), (i)) -#define sk_SXNETID_set(st, i, val) SKM_sk_set(SXNETID, (st), (i), (val)) -#define sk_SXNETID_zero(st) SKM_sk_zero(SXNETID, (st)) -#define sk_SXNETID_push(st, val) SKM_sk_push(SXNETID, (st), (val)) -#define sk_SXNETID_unshift(st, val) SKM_sk_unshift(SXNETID, (st), (val)) -#define sk_SXNETID_find(st, val) SKM_sk_find(SXNETID, (st), (val)) -#define sk_SXNETID_find_ex(st, val) SKM_sk_find_ex(SXNETID, (st), (val)) -#define sk_SXNETID_delete(st, i) SKM_sk_delete(SXNETID, (st), (i)) -#define sk_SXNETID_delete_ptr(st, ptr) SKM_sk_delete_ptr(SXNETID, (st), (ptr)) -#define sk_SXNETID_insert(st, val, i) SKM_sk_insert(SXNETID, (st), (val), (i)) -#define sk_SXNETID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SXNETID, (st), (cmp)) -#define sk_SXNETID_dup(st) SKM_sk_dup(SXNETID, st) -#define sk_SXNETID_pop_free(st, free_func) SKM_sk_pop_free(SXNETID, (st), (free_func)) -#define sk_SXNETID_shift(st) SKM_sk_shift(SXNETID, (st)) -#define sk_SXNETID_pop(st) SKM_sk_pop(SXNETID, (st)) -#define sk_SXNETID_sort(st) SKM_sk_sort(SXNETID, (st)) -#define sk_SXNETID_is_sorted(st) SKM_sk_is_sorted(SXNETID, (st)) - -#define sk_UI_STRING_new(cmp) SKM_sk_new(UI_STRING, (cmp)) -#define sk_UI_STRING_new_null() SKM_sk_new_null(UI_STRING) -#define sk_UI_STRING_free(st) SKM_sk_free(UI_STRING, (st)) -#define sk_UI_STRING_num(st) SKM_sk_num(UI_STRING, (st)) -#define sk_UI_STRING_value(st, i) SKM_sk_value(UI_STRING, (st), (i)) -#define sk_UI_STRING_set(st, i, val) SKM_sk_set(UI_STRING, (st), (i), (val)) -#define sk_UI_STRING_zero(st) SKM_sk_zero(UI_STRING, (st)) -#define sk_UI_STRING_push(st, val) SKM_sk_push(UI_STRING, (st), (val)) -#define sk_UI_STRING_unshift(st, val) SKM_sk_unshift(UI_STRING, (st), (val)) -#define sk_UI_STRING_find(st, val) SKM_sk_find(UI_STRING, (st), (val)) -#define sk_UI_STRING_find_ex(st, val) SKM_sk_find_ex(UI_STRING, (st), (val)) -#define sk_UI_STRING_delete(st, i) SKM_sk_delete(UI_STRING, (st), (i)) -#define sk_UI_STRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(UI_STRING, (st), (ptr)) -#define sk_UI_STRING_insert(st, val, i) SKM_sk_insert(UI_STRING, (st), (val), (i)) -#define sk_UI_STRING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(UI_STRING, (st), (cmp)) -#define sk_UI_STRING_dup(st) SKM_sk_dup(UI_STRING, st) -#define sk_UI_STRING_pop_free(st, free_func) SKM_sk_pop_free(UI_STRING, (st), (free_func)) -#define sk_UI_STRING_shift(st) SKM_sk_shift(UI_STRING, (st)) -#define sk_UI_STRING_pop(st) SKM_sk_pop(UI_STRING, (st)) -#define sk_UI_STRING_sort(st) SKM_sk_sort(UI_STRING, (st)) -#define sk_UI_STRING_is_sorted(st) SKM_sk_is_sorted(UI_STRING, (st)) - -#define sk_X509_new(cmp) SKM_sk_new(X509, (cmp)) -#define sk_X509_new_null() SKM_sk_new_null(X509) -#define sk_X509_free(st) SKM_sk_free(X509, (st)) -#define sk_X509_num(st) SKM_sk_num(X509, (st)) -#define sk_X509_value(st, i) SKM_sk_value(X509, (st), (i)) -#define sk_X509_set(st, i, val) SKM_sk_set(X509, (st), (i), (val)) -#define sk_X509_zero(st) SKM_sk_zero(X509, (st)) -#define sk_X509_push(st, val) SKM_sk_push(X509, (st), (val)) -#define sk_X509_unshift(st, val) SKM_sk_unshift(X509, (st), (val)) -#define sk_X509_find(st, val) SKM_sk_find(X509, (st), (val)) -#define sk_X509_find_ex(st, val) SKM_sk_find_ex(X509, (st), (val)) -#define sk_X509_delete(st, i) SKM_sk_delete(X509, (st), (i)) -#define sk_X509_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509, (st), (ptr)) -#define sk_X509_insert(st, val, i) SKM_sk_insert(X509, (st), (val), (i)) -#define sk_X509_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509, (st), (cmp)) -#define sk_X509_dup(st) SKM_sk_dup(X509, st) -#define sk_X509_pop_free(st, free_func) SKM_sk_pop_free(X509, (st), (free_func)) -#define sk_X509_shift(st) SKM_sk_shift(X509, (st)) -#define sk_X509_pop(st) SKM_sk_pop(X509, (st)) -#define sk_X509_sort(st) SKM_sk_sort(X509, (st)) -#define sk_X509_is_sorted(st) SKM_sk_is_sorted(X509, (st)) - -#define sk_X509V3_EXT_METHOD_new(cmp) SKM_sk_new(X509V3_EXT_METHOD, (cmp)) -#define sk_X509V3_EXT_METHOD_new_null() SKM_sk_new_null(X509V3_EXT_METHOD) -#define sk_X509V3_EXT_METHOD_free(st) SKM_sk_free(X509V3_EXT_METHOD, (st)) -#define sk_X509V3_EXT_METHOD_num(st) SKM_sk_num(X509V3_EXT_METHOD, (st)) -#define sk_X509V3_EXT_METHOD_value(st, i) SKM_sk_value(X509V3_EXT_METHOD, (st), (i)) -#define sk_X509V3_EXT_METHOD_set(st, i, val) SKM_sk_set(X509V3_EXT_METHOD, (st), (i), (val)) -#define sk_X509V3_EXT_METHOD_zero(st) SKM_sk_zero(X509V3_EXT_METHOD, (st)) -#define sk_X509V3_EXT_METHOD_push(st, val) SKM_sk_push(X509V3_EXT_METHOD, (st), (val)) -#define sk_X509V3_EXT_METHOD_unshift(st, val) SKM_sk_unshift(X509V3_EXT_METHOD, (st), (val)) -#define sk_X509V3_EXT_METHOD_find(st, val) SKM_sk_find(X509V3_EXT_METHOD, (st), (val)) -#define sk_X509V3_EXT_METHOD_find_ex(st, val) SKM_sk_find_ex(X509V3_EXT_METHOD, (st), (val)) -#define sk_X509V3_EXT_METHOD_delete(st, i) SKM_sk_delete(X509V3_EXT_METHOD, (st), (i)) -#define sk_X509V3_EXT_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509V3_EXT_METHOD, (st), (ptr)) -#define sk_X509V3_EXT_METHOD_insert(st, val, i) SKM_sk_insert(X509V3_EXT_METHOD, (st), (val), (i)) -#define sk_X509V3_EXT_METHOD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509V3_EXT_METHOD, (st), (cmp)) -#define sk_X509V3_EXT_METHOD_dup(st) SKM_sk_dup(X509V3_EXT_METHOD, st) -#define sk_X509V3_EXT_METHOD_pop_free(st, free_func) SKM_sk_pop_free(X509V3_EXT_METHOD, (st), (free_func)) -#define sk_X509V3_EXT_METHOD_shift(st) SKM_sk_shift(X509V3_EXT_METHOD, (st)) -#define sk_X509V3_EXT_METHOD_pop(st) SKM_sk_pop(X509V3_EXT_METHOD, (st)) -#define sk_X509V3_EXT_METHOD_sort(st) SKM_sk_sort(X509V3_EXT_METHOD, (st)) -#define sk_X509V3_EXT_METHOD_is_sorted(st) SKM_sk_is_sorted(X509V3_EXT_METHOD, (st)) - -#define sk_X509_ALGOR_new(cmp) SKM_sk_new(X509_ALGOR, (cmp)) -#define sk_X509_ALGOR_new_null() SKM_sk_new_null(X509_ALGOR) -#define sk_X509_ALGOR_free(st) SKM_sk_free(X509_ALGOR, (st)) -#define sk_X509_ALGOR_num(st) SKM_sk_num(X509_ALGOR, (st)) -#define sk_X509_ALGOR_value(st, i) SKM_sk_value(X509_ALGOR, (st), (i)) -#define sk_X509_ALGOR_set(st, i, val) SKM_sk_set(X509_ALGOR, (st), (i), (val)) -#define sk_X509_ALGOR_zero(st) SKM_sk_zero(X509_ALGOR, (st)) -#define sk_X509_ALGOR_push(st, val) SKM_sk_push(X509_ALGOR, (st), (val)) -#define sk_X509_ALGOR_unshift(st, val) SKM_sk_unshift(X509_ALGOR, (st), (val)) -#define sk_X509_ALGOR_find(st, val) SKM_sk_find(X509_ALGOR, (st), (val)) -#define sk_X509_ALGOR_find_ex(st, val) SKM_sk_find_ex(X509_ALGOR, (st), (val)) -#define sk_X509_ALGOR_delete(st, i) SKM_sk_delete(X509_ALGOR, (st), (i)) -#define sk_X509_ALGOR_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_ALGOR, (st), (ptr)) -#define sk_X509_ALGOR_insert(st, val, i) SKM_sk_insert(X509_ALGOR, (st), (val), (i)) -#define sk_X509_ALGOR_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_ALGOR, (st), (cmp)) -#define sk_X509_ALGOR_dup(st) SKM_sk_dup(X509_ALGOR, st) -#define sk_X509_ALGOR_pop_free(st, free_func) SKM_sk_pop_free(X509_ALGOR, (st), (free_func)) -#define sk_X509_ALGOR_shift(st) SKM_sk_shift(X509_ALGOR, (st)) -#define sk_X509_ALGOR_pop(st) SKM_sk_pop(X509_ALGOR, (st)) -#define sk_X509_ALGOR_sort(st) SKM_sk_sort(X509_ALGOR, (st)) -#define sk_X509_ALGOR_is_sorted(st) SKM_sk_is_sorted(X509_ALGOR, (st)) - -#define sk_X509_ATTRIBUTE_new(cmp) SKM_sk_new(X509_ATTRIBUTE, (cmp)) -#define sk_X509_ATTRIBUTE_new_null() SKM_sk_new_null(X509_ATTRIBUTE) -#define sk_X509_ATTRIBUTE_free(st) SKM_sk_free(X509_ATTRIBUTE, (st)) -#define sk_X509_ATTRIBUTE_num(st) SKM_sk_num(X509_ATTRIBUTE, (st)) -#define sk_X509_ATTRIBUTE_value(st, i) SKM_sk_value(X509_ATTRIBUTE, (st), (i)) -#define sk_X509_ATTRIBUTE_set(st, i, val) SKM_sk_set(X509_ATTRIBUTE, (st), (i), (val)) -#define sk_X509_ATTRIBUTE_zero(st) SKM_sk_zero(X509_ATTRIBUTE, (st)) -#define sk_X509_ATTRIBUTE_push(st, val) SKM_sk_push(X509_ATTRIBUTE, (st), (val)) -#define sk_X509_ATTRIBUTE_unshift(st, val) SKM_sk_unshift(X509_ATTRIBUTE, (st), (val)) -#define sk_X509_ATTRIBUTE_find(st, val) SKM_sk_find(X509_ATTRIBUTE, (st), (val)) -#define sk_X509_ATTRIBUTE_find_ex(st, val) SKM_sk_find_ex(X509_ATTRIBUTE, (st), (val)) -#define sk_X509_ATTRIBUTE_delete(st, i) SKM_sk_delete(X509_ATTRIBUTE, (st), (i)) -#define sk_X509_ATTRIBUTE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_ATTRIBUTE, (st), (ptr)) -#define sk_X509_ATTRIBUTE_insert(st, val, i) SKM_sk_insert(X509_ATTRIBUTE, (st), (val), (i)) -#define sk_X509_ATTRIBUTE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_ATTRIBUTE, (st), (cmp)) -#define sk_X509_ATTRIBUTE_dup(st) SKM_sk_dup(X509_ATTRIBUTE, st) -#define sk_X509_ATTRIBUTE_pop_free(st, free_func) SKM_sk_pop_free(X509_ATTRIBUTE, (st), (free_func)) -#define sk_X509_ATTRIBUTE_shift(st) SKM_sk_shift(X509_ATTRIBUTE, (st)) -#define sk_X509_ATTRIBUTE_pop(st) SKM_sk_pop(X509_ATTRIBUTE, (st)) -#define sk_X509_ATTRIBUTE_sort(st) SKM_sk_sort(X509_ATTRIBUTE, (st)) -#define sk_X509_ATTRIBUTE_is_sorted(st) SKM_sk_is_sorted(X509_ATTRIBUTE, (st)) - -#define sk_X509_CRL_new(cmp) SKM_sk_new(X509_CRL, (cmp)) -#define sk_X509_CRL_new_null() SKM_sk_new_null(X509_CRL) -#define sk_X509_CRL_free(st) SKM_sk_free(X509_CRL, (st)) -#define sk_X509_CRL_num(st) SKM_sk_num(X509_CRL, (st)) -#define sk_X509_CRL_value(st, i) SKM_sk_value(X509_CRL, (st), (i)) -#define sk_X509_CRL_set(st, i, val) SKM_sk_set(X509_CRL, (st), (i), (val)) -#define sk_X509_CRL_zero(st) SKM_sk_zero(X509_CRL, (st)) -#define sk_X509_CRL_push(st, val) SKM_sk_push(X509_CRL, (st), (val)) -#define sk_X509_CRL_unshift(st, val) SKM_sk_unshift(X509_CRL, (st), (val)) -#define sk_X509_CRL_find(st, val) SKM_sk_find(X509_CRL, (st), (val)) -#define sk_X509_CRL_find_ex(st, val) SKM_sk_find_ex(X509_CRL, (st), (val)) -#define sk_X509_CRL_delete(st, i) SKM_sk_delete(X509_CRL, (st), (i)) -#define sk_X509_CRL_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_CRL, (st), (ptr)) -#define sk_X509_CRL_insert(st, val, i) SKM_sk_insert(X509_CRL, (st), (val), (i)) -#define sk_X509_CRL_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_CRL, (st), (cmp)) -#define sk_X509_CRL_dup(st) SKM_sk_dup(X509_CRL, st) -#define sk_X509_CRL_pop_free(st, free_func) SKM_sk_pop_free(X509_CRL, (st), (free_func)) -#define sk_X509_CRL_shift(st) SKM_sk_shift(X509_CRL, (st)) -#define sk_X509_CRL_pop(st) SKM_sk_pop(X509_CRL, (st)) -#define sk_X509_CRL_sort(st) SKM_sk_sort(X509_CRL, (st)) -#define sk_X509_CRL_is_sorted(st) SKM_sk_is_sorted(X509_CRL, (st)) - -#define sk_X509_EXTENSION_new(cmp) SKM_sk_new(X509_EXTENSION, (cmp)) -#define sk_X509_EXTENSION_new_null() SKM_sk_new_null(X509_EXTENSION) -#define sk_X509_EXTENSION_free(st) SKM_sk_free(X509_EXTENSION, (st)) -#define sk_X509_EXTENSION_num(st) SKM_sk_num(X509_EXTENSION, (st)) -#define sk_X509_EXTENSION_value(st, i) SKM_sk_value(X509_EXTENSION, (st), (i)) -#define sk_X509_EXTENSION_set(st, i, val) SKM_sk_set(X509_EXTENSION, (st), (i), (val)) -#define sk_X509_EXTENSION_zero(st) SKM_sk_zero(X509_EXTENSION, (st)) -#define sk_X509_EXTENSION_push(st, val) SKM_sk_push(X509_EXTENSION, (st), (val)) -#define sk_X509_EXTENSION_unshift(st, val) SKM_sk_unshift(X509_EXTENSION, (st), (val)) -#define sk_X509_EXTENSION_find(st, val) SKM_sk_find(X509_EXTENSION, (st), (val)) -#define sk_X509_EXTENSION_find_ex(st, val) SKM_sk_find_ex(X509_EXTENSION, (st), (val)) -#define sk_X509_EXTENSION_delete(st, i) SKM_sk_delete(X509_EXTENSION, (st), (i)) -#define sk_X509_EXTENSION_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_EXTENSION, (st), (ptr)) -#define sk_X509_EXTENSION_insert(st, val, i) SKM_sk_insert(X509_EXTENSION, (st), (val), (i)) -#define sk_X509_EXTENSION_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_EXTENSION, (st), (cmp)) -#define sk_X509_EXTENSION_dup(st) SKM_sk_dup(X509_EXTENSION, st) -#define sk_X509_EXTENSION_pop_free(st, free_func) SKM_sk_pop_free(X509_EXTENSION, (st), (free_func)) -#define sk_X509_EXTENSION_shift(st) SKM_sk_shift(X509_EXTENSION, (st)) -#define sk_X509_EXTENSION_pop(st) SKM_sk_pop(X509_EXTENSION, (st)) -#define sk_X509_EXTENSION_sort(st) SKM_sk_sort(X509_EXTENSION, (st)) -#define sk_X509_EXTENSION_is_sorted(st) SKM_sk_is_sorted(X509_EXTENSION, (st)) - -#define sk_X509_INFO_new(cmp) SKM_sk_new(X509_INFO, (cmp)) -#define sk_X509_INFO_new_null() SKM_sk_new_null(X509_INFO) -#define sk_X509_INFO_free(st) SKM_sk_free(X509_INFO, (st)) -#define sk_X509_INFO_num(st) SKM_sk_num(X509_INFO, (st)) -#define sk_X509_INFO_value(st, i) SKM_sk_value(X509_INFO, (st), (i)) -#define sk_X509_INFO_set(st, i, val) SKM_sk_set(X509_INFO, (st), (i), (val)) -#define sk_X509_INFO_zero(st) SKM_sk_zero(X509_INFO, (st)) -#define sk_X509_INFO_push(st, val) SKM_sk_push(X509_INFO, (st), (val)) -#define sk_X509_INFO_unshift(st, val) SKM_sk_unshift(X509_INFO, (st), (val)) -#define sk_X509_INFO_find(st, val) SKM_sk_find(X509_INFO, (st), (val)) -#define sk_X509_INFO_find_ex(st, val) SKM_sk_find_ex(X509_INFO, (st), (val)) -#define sk_X509_INFO_delete(st, i) SKM_sk_delete(X509_INFO, (st), (i)) -#define sk_X509_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_INFO, (st), (ptr)) -#define sk_X509_INFO_insert(st, val, i) SKM_sk_insert(X509_INFO, (st), (val), (i)) -#define sk_X509_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_INFO, (st), (cmp)) -#define sk_X509_INFO_dup(st) SKM_sk_dup(X509_INFO, st) -#define sk_X509_INFO_pop_free(st, free_func) SKM_sk_pop_free(X509_INFO, (st), (free_func)) -#define sk_X509_INFO_shift(st) SKM_sk_shift(X509_INFO, (st)) -#define sk_X509_INFO_pop(st) SKM_sk_pop(X509_INFO, (st)) -#define sk_X509_INFO_sort(st) SKM_sk_sort(X509_INFO, (st)) -#define sk_X509_INFO_is_sorted(st) SKM_sk_is_sorted(X509_INFO, (st)) - -#define sk_X509_LOOKUP_new(cmp) SKM_sk_new(X509_LOOKUP, (cmp)) -#define sk_X509_LOOKUP_new_null() SKM_sk_new_null(X509_LOOKUP) -#define sk_X509_LOOKUP_free(st) SKM_sk_free(X509_LOOKUP, (st)) -#define sk_X509_LOOKUP_num(st) SKM_sk_num(X509_LOOKUP, (st)) -#define sk_X509_LOOKUP_value(st, i) SKM_sk_value(X509_LOOKUP, (st), (i)) -#define sk_X509_LOOKUP_set(st, i, val) SKM_sk_set(X509_LOOKUP, (st), (i), (val)) -#define sk_X509_LOOKUP_zero(st) SKM_sk_zero(X509_LOOKUP, (st)) -#define sk_X509_LOOKUP_push(st, val) SKM_sk_push(X509_LOOKUP, (st), (val)) -#define sk_X509_LOOKUP_unshift(st, val) SKM_sk_unshift(X509_LOOKUP, (st), (val)) -#define sk_X509_LOOKUP_find(st, val) SKM_sk_find(X509_LOOKUP, (st), (val)) -#define sk_X509_LOOKUP_find_ex(st, val) SKM_sk_find_ex(X509_LOOKUP, (st), (val)) -#define sk_X509_LOOKUP_delete(st, i) SKM_sk_delete(X509_LOOKUP, (st), (i)) -#define sk_X509_LOOKUP_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_LOOKUP, (st), (ptr)) -#define sk_X509_LOOKUP_insert(st, val, i) SKM_sk_insert(X509_LOOKUP, (st), (val), (i)) -#define sk_X509_LOOKUP_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_LOOKUP, (st), (cmp)) -#define sk_X509_LOOKUP_dup(st) SKM_sk_dup(X509_LOOKUP, st) -#define sk_X509_LOOKUP_pop_free(st, free_func) SKM_sk_pop_free(X509_LOOKUP, (st), (free_func)) -#define sk_X509_LOOKUP_shift(st) SKM_sk_shift(X509_LOOKUP, (st)) -#define sk_X509_LOOKUP_pop(st) SKM_sk_pop(X509_LOOKUP, (st)) -#define sk_X509_LOOKUP_sort(st) SKM_sk_sort(X509_LOOKUP, (st)) -#define sk_X509_LOOKUP_is_sorted(st) SKM_sk_is_sorted(X509_LOOKUP, (st)) - -#define sk_X509_NAME_new(cmp) SKM_sk_new(X509_NAME, (cmp)) -#define sk_X509_NAME_new_null() SKM_sk_new_null(X509_NAME) -#define sk_X509_NAME_free(st) SKM_sk_free(X509_NAME, (st)) -#define sk_X509_NAME_num(st) SKM_sk_num(X509_NAME, (st)) -#define sk_X509_NAME_value(st, i) SKM_sk_value(X509_NAME, (st), (i)) -#define sk_X509_NAME_set(st, i, val) SKM_sk_set(X509_NAME, (st), (i), (val)) -#define sk_X509_NAME_zero(st) SKM_sk_zero(X509_NAME, (st)) -#define sk_X509_NAME_push(st, val) SKM_sk_push(X509_NAME, (st), (val)) -#define sk_X509_NAME_unshift(st, val) SKM_sk_unshift(X509_NAME, (st), (val)) -#define sk_X509_NAME_find(st, val) SKM_sk_find(X509_NAME, (st), (val)) -#define sk_X509_NAME_find_ex(st, val) SKM_sk_find_ex(X509_NAME, (st), (val)) -#define sk_X509_NAME_delete(st, i) SKM_sk_delete(X509_NAME, (st), (i)) -#define sk_X509_NAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_NAME, (st), (ptr)) -#define sk_X509_NAME_insert(st, val, i) SKM_sk_insert(X509_NAME, (st), (val), (i)) -#define sk_X509_NAME_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_NAME, (st), (cmp)) -#define sk_X509_NAME_dup(st) SKM_sk_dup(X509_NAME, st) -#define sk_X509_NAME_pop_free(st, free_func) SKM_sk_pop_free(X509_NAME, (st), (free_func)) -#define sk_X509_NAME_shift(st) SKM_sk_shift(X509_NAME, (st)) -#define sk_X509_NAME_pop(st) SKM_sk_pop(X509_NAME, (st)) -#define sk_X509_NAME_sort(st) SKM_sk_sort(X509_NAME, (st)) -#define sk_X509_NAME_is_sorted(st) SKM_sk_is_sorted(X509_NAME, (st)) - -#define sk_X509_NAME_ENTRY_new(cmp) SKM_sk_new(X509_NAME_ENTRY, (cmp)) -#define sk_X509_NAME_ENTRY_new_null() SKM_sk_new_null(X509_NAME_ENTRY) -#define sk_X509_NAME_ENTRY_free(st) SKM_sk_free(X509_NAME_ENTRY, (st)) -#define sk_X509_NAME_ENTRY_num(st) SKM_sk_num(X509_NAME_ENTRY, (st)) -#define sk_X509_NAME_ENTRY_value(st, i) SKM_sk_value(X509_NAME_ENTRY, (st), (i)) -#define sk_X509_NAME_ENTRY_set(st, i, val) SKM_sk_set(X509_NAME_ENTRY, (st), (i), (val)) -#define sk_X509_NAME_ENTRY_zero(st) SKM_sk_zero(X509_NAME_ENTRY, (st)) -#define sk_X509_NAME_ENTRY_push(st, val) SKM_sk_push(X509_NAME_ENTRY, (st), (val)) -#define sk_X509_NAME_ENTRY_unshift(st, val) SKM_sk_unshift(X509_NAME_ENTRY, (st), (val)) -#define sk_X509_NAME_ENTRY_find(st, val) SKM_sk_find(X509_NAME_ENTRY, (st), (val)) -#define sk_X509_NAME_ENTRY_find_ex(st, val) SKM_sk_find_ex(X509_NAME_ENTRY, (st), (val)) -#define sk_X509_NAME_ENTRY_delete(st, i) SKM_sk_delete(X509_NAME_ENTRY, (st), (i)) -#define sk_X509_NAME_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_NAME_ENTRY, (st), (ptr)) -#define sk_X509_NAME_ENTRY_insert(st, val, i) SKM_sk_insert(X509_NAME_ENTRY, (st), (val), (i)) -#define sk_X509_NAME_ENTRY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_NAME_ENTRY, (st), (cmp)) -#define sk_X509_NAME_ENTRY_dup(st) SKM_sk_dup(X509_NAME_ENTRY, st) -#define sk_X509_NAME_ENTRY_pop_free(st, free_func) SKM_sk_pop_free(X509_NAME_ENTRY, (st), (free_func)) -#define sk_X509_NAME_ENTRY_shift(st) SKM_sk_shift(X509_NAME_ENTRY, (st)) -#define sk_X509_NAME_ENTRY_pop(st) SKM_sk_pop(X509_NAME_ENTRY, (st)) -#define sk_X509_NAME_ENTRY_sort(st) SKM_sk_sort(X509_NAME_ENTRY, (st)) -#define sk_X509_NAME_ENTRY_is_sorted(st) SKM_sk_is_sorted(X509_NAME_ENTRY, (st)) - -#define sk_X509_OBJECT_new(cmp) SKM_sk_new(X509_OBJECT, (cmp)) -#define sk_X509_OBJECT_new_null() SKM_sk_new_null(X509_OBJECT) -#define sk_X509_OBJECT_free(st) SKM_sk_free(X509_OBJECT, (st)) -#define sk_X509_OBJECT_num(st) SKM_sk_num(X509_OBJECT, (st)) -#define sk_X509_OBJECT_value(st, i) SKM_sk_value(X509_OBJECT, (st), (i)) -#define sk_X509_OBJECT_set(st, i, val) SKM_sk_set(X509_OBJECT, (st), (i), (val)) -#define sk_X509_OBJECT_zero(st) SKM_sk_zero(X509_OBJECT, (st)) -#define sk_X509_OBJECT_push(st, val) SKM_sk_push(X509_OBJECT, (st), (val)) -#define sk_X509_OBJECT_unshift(st, val) SKM_sk_unshift(X509_OBJECT, (st), (val)) -#define sk_X509_OBJECT_find(st, val) SKM_sk_find(X509_OBJECT, (st), (val)) -#define sk_X509_OBJECT_find_ex(st, val) SKM_sk_find_ex(X509_OBJECT, (st), (val)) -#define sk_X509_OBJECT_delete(st, i) SKM_sk_delete(X509_OBJECT, (st), (i)) -#define sk_X509_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_OBJECT, (st), (ptr)) -#define sk_X509_OBJECT_insert(st, val, i) SKM_sk_insert(X509_OBJECT, (st), (val), (i)) -#define sk_X509_OBJECT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_OBJECT, (st), (cmp)) -#define sk_X509_OBJECT_dup(st) SKM_sk_dup(X509_OBJECT, st) -#define sk_X509_OBJECT_pop_free(st, free_func) SKM_sk_pop_free(X509_OBJECT, (st), (free_func)) -#define sk_X509_OBJECT_shift(st) SKM_sk_shift(X509_OBJECT, (st)) -#define sk_X509_OBJECT_pop(st) SKM_sk_pop(X509_OBJECT, (st)) -#define sk_X509_OBJECT_sort(st) SKM_sk_sort(X509_OBJECT, (st)) -#define sk_X509_OBJECT_is_sorted(st) SKM_sk_is_sorted(X509_OBJECT, (st)) - -#define sk_X509_POLICY_DATA_new(cmp) SKM_sk_new(X509_POLICY_DATA, (cmp)) -#define sk_X509_POLICY_DATA_new_null() SKM_sk_new_null(X509_POLICY_DATA) -#define sk_X509_POLICY_DATA_free(st) SKM_sk_free(X509_POLICY_DATA, (st)) -#define sk_X509_POLICY_DATA_num(st) SKM_sk_num(X509_POLICY_DATA, (st)) -#define sk_X509_POLICY_DATA_value(st, i) SKM_sk_value(X509_POLICY_DATA, (st), (i)) -#define sk_X509_POLICY_DATA_set(st, i, val) SKM_sk_set(X509_POLICY_DATA, (st), (i), (val)) -#define sk_X509_POLICY_DATA_zero(st) SKM_sk_zero(X509_POLICY_DATA, (st)) -#define sk_X509_POLICY_DATA_push(st, val) SKM_sk_push(X509_POLICY_DATA, (st), (val)) -#define sk_X509_POLICY_DATA_unshift(st, val) SKM_sk_unshift(X509_POLICY_DATA, (st), (val)) -#define sk_X509_POLICY_DATA_find(st, val) SKM_sk_find(X509_POLICY_DATA, (st), (val)) -#define sk_X509_POLICY_DATA_find_ex(st, val) SKM_sk_find_ex(X509_POLICY_DATA, (st), (val)) -#define sk_X509_POLICY_DATA_delete(st, i) SKM_sk_delete(X509_POLICY_DATA, (st), (i)) -#define sk_X509_POLICY_DATA_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_POLICY_DATA, (st), (ptr)) -#define sk_X509_POLICY_DATA_insert(st, val, i) SKM_sk_insert(X509_POLICY_DATA, (st), (val), (i)) -#define sk_X509_POLICY_DATA_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_POLICY_DATA, (st), (cmp)) -#define sk_X509_POLICY_DATA_dup(st) SKM_sk_dup(X509_POLICY_DATA, st) -#define sk_X509_POLICY_DATA_pop_free(st, free_func) SKM_sk_pop_free(X509_POLICY_DATA, (st), (free_func)) -#define sk_X509_POLICY_DATA_shift(st) SKM_sk_shift(X509_POLICY_DATA, (st)) -#define sk_X509_POLICY_DATA_pop(st) SKM_sk_pop(X509_POLICY_DATA, (st)) -#define sk_X509_POLICY_DATA_sort(st) SKM_sk_sort(X509_POLICY_DATA, (st)) -#define sk_X509_POLICY_DATA_is_sorted(st) SKM_sk_is_sorted(X509_POLICY_DATA, (st)) - -#define sk_X509_POLICY_NODE_new(cmp) SKM_sk_new(X509_POLICY_NODE, (cmp)) -#define sk_X509_POLICY_NODE_new_null() SKM_sk_new_null(X509_POLICY_NODE) -#define sk_X509_POLICY_NODE_free(st) SKM_sk_free(X509_POLICY_NODE, (st)) -#define sk_X509_POLICY_NODE_num(st) SKM_sk_num(X509_POLICY_NODE, (st)) -#define sk_X509_POLICY_NODE_value(st, i) SKM_sk_value(X509_POLICY_NODE, (st), (i)) -#define sk_X509_POLICY_NODE_set(st, i, val) SKM_sk_set(X509_POLICY_NODE, (st), (i), (val)) -#define sk_X509_POLICY_NODE_zero(st) SKM_sk_zero(X509_POLICY_NODE, (st)) -#define sk_X509_POLICY_NODE_push(st, val) SKM_sk_push(X509_POLICY_NODE, (st), (val)) -#define sk_X509_POLICY_NODE_unshift(st, val) SKM_sk_unshift(X509_POLICY_NODE, (st), (val)) -#define sk_X509_POLICY_NODE_find(st, val) SKM_sk_find(X509_POLICY_NODE, (st), (val)) -#define sk_X509_POLICY_NODE_find_ex(st, val) SKM_sk_find_ex(X509_POLICY_NODE, (st), (val)) -#define sk_X509_POLICY_NODE_delete(st, i) SKM_sk_delete(X509_POLICY_NODE, (st), (i)) -#define sk_X509_POLICY_NODE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_POLICY_NODE, (st), (ptr)) -#define sk_X509_POLICY_NODE_insert(st, val, i) SKM_sk_insert(X509_POLICY_NODE, (st), (val), (i)) -#define sk_X509_POLICY_NODE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_POLICY_NODE, (st), (cmp)) -#define sk_X509_POLICY_NODE_dup(st) SKM_sk_dup(X509_POLICY_NODE, st) -#define sk_X509_POLICY_NODE_pop_free(st, free_func) SKM_sk_pop_free(X509_POLICY_NODE, (st), (free_func)) -#define sk_X509_POLICY_NODE_shift(st) SKM_sk_shift(X509_POLICY_NODE, (st)) -#define sk_X509_POLICY_NODE_pop(st) SKM_sk_pop(X509_POLICY_NODE, (st)) -#define sk_X509_POLICY_NODE_sort(st) SKM_sk_sort(X509_POLICY_NODE, (st)) -#define sk_X509_POLICY_NODE_is_sorted(st) SKM_sk_is_sorted(X509_POLICY_NODE, (st)) - -#define sk_X509_PURPOSE_new(cmp) SKM_sk_new(X509_PURPOSE, (cmp)) -#define sk_X509_PURPOSE_new_null() SKM_sk_new_null(X509_PURPOSE) -#define sk_X509_PURPOSE_free(st) SKM_sk_free(X509_PURPOSE, (st)) -#define sk_X509_PURPOSE_num(st) SKM_sk_num(X509_PURPOSE, (st)) -#define sk_X509_PURPOSE_value(st, i) SKM_sk_value(X509_PURPOSE, (st), (i)) -#define sk_X509_PURPOSE_set(st, i, val) SKM_sk_set(X509_PURPOSE, (st), (i), (val)) -#define sk_X509_PURPOSE_zero(st) SKM_sk_zero(X509_PURPOSE, (st)) -#define sk_X509_PURPOSE_push(st, val) SKM_sk_push(X509_PURPOSE, (st), (val)) -#define sk_X509_PURPOSE_unshift(st, val) SKM_sk_unshift(X509_PURPOSE, (st), (val)) -#define sk_X509_PURPOSE_find(st, val) SKM_sk_find(X509_PURPOSE, (st), (val)) -#define sk_X509_PURPOSE_find_ex(st, val) SKM_sk_find_ex(X509_PURPOSE, (st), (val)) -#define sk_X509_PURPOSE_delete(st, i) SKM_sk_delete(X509_PURPOSE, (st), (i)) -#define sk_X509_PURPOSE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_PURPOSE, (st), (ptr)) -#define sk_X509_PURPOSE_insert(st, val, i) SKM_sk_insert(X509_PURPOSE, (st), (val), (i)) -#define sk_X509_PURPOSE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_PURPOSE, (st), (cmp)) -#define sk_X509_PURPOSE_dup(st) SKM_sk_dup(X509_PURPOSE, st) -#define sk_X509_PURPOSE_pop_free(st, free_func) SKM_sk_pop_free(X509_PURPOSE, (st), (free_func)) -#define sk_X509_PURPOSE_shift(st) SKM_sk_shift(X509_PURPOSE, (st)) -#define sk_X509_PURPOSE_pop(st) SKM_sk_pop(X509_PURPOSE, (st)) -#define sk_X509_PURPOSE_sort(st) SKM_sk_sort(X509_PURPOSE, (st)) -#define sk_X509_PURPOSE_is_sorted(st) SKM_sk_is_sorted(X509_PURPOSE, (st)) - -#define sk_X509_REVOKED_new(cmp) SKM_sk_new(X509_REVOKED, (cmp)) -#define sk_X509_REVOKED_new_null() SKM_sk_new_null(X509_REVOKED) -#define sk_X509_REVOKED_free(st) SKM_sk_free(X509_REVOKED, (st)) -#define sk_X509_REVOKED_num(st) SKM_sk_num(X509_REVOKED, (st)) -#define sk_X509_REVOKED_value(st, i) SKM_sk_value(X509_REVOKED, (st), (i)) -#define sk_X509_REVOKED_set(st, i, val) SKM_sk_set(X509_REVOKED, (st), (i), (val)) -#define sk_X509_REVOKED_zero(st) SKM_sk_zero(X509_REVOKED, (st)) -#define sk_X509_REVOKED_push(st, val) SKM_sk_push(X509_REVOKED, (st), (val)) -#define sk_X509_REVOKED_unshift(st, val) SKM_sk_unshift(X509_REVOKED, (st), (val)) -#define sk_X509_REVOKED_find(st, val) SKM_sk_find(X509_REVOKED, (st), (val)) -#define sk_X509_REVOKED_find_ex(st, val) SKM_sk_find_ex(X509_REVOKED, (st), (val)) -#define sk_X509_REVOKED_delete(st, i) SKM_sk_delete(X509_REVOKED, (st), (i)) -#define sk_X509_REVOKED_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_REVOKED, (st), (ptr)) -#define sk_X509_REVOKED_insert(st, val, i) SKM_sk_insert(X509_REVOKED, (st), (val), (i)) -#define sk_X509_REVOKED_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_REVOKED, (st), (cmp)) -#define sk_X509_REVOKED_dup(st) SKM_sk_dup(X509_REVOKED, st) -#define sk_X509_REVOKED_pop_free(st, free_func) SKM_sk_pop_free(X509_REVOKED, (st), (free_func)) -#define sk_X509_REVOKED_shift(st) SKM_sk_shift(X509_REVOKED, (st)) -#define sk_X509_REVOKED_pop(st) SKM_sk_pop(X509_REVOKED, (st)) -#define sk_X509_REVOKED_sort(st) SKM_sk_sort(X509_REVOKED, (st)) -#define sk_X509_REVOKED_is_sorted(st) SKM_sk_is_sorted(X509_REVOKED, (st)) - -#define sk_X509_TRUST_new(cmp) SKM_sk_new(X509_TRUST, (cmp)) -#define sk_X509_TRUST_new_null() SKM_sk_new_null(X509_TRUST) -#define sk_X509_TRUST_free(st) SKM_sk_free(X509_TRUST, (st)) -#define sk_X509_TRUST_num(st) SKM_sk_num(X509_TRUST, (st)) -#define sk_X509_TRUST_value(st, i) SKM_sk_value(X509_TRUST, (st), (i)) -#define sk_X509_TRUST_set(st, i, val) SKM_sk_set(X509_TRUST, (st), (i), (val)) -#define sk_X509_TRUST_zero(st) SKM_sk_zero(X509_TRUST, (st)) -#define sk_X509_TRUST_push(st, val) SKM_sk_push(X509_TRUST, (st), (val)) -#define sk_X509_TRUST_unshift(st, val) SKM_sk_unshift(X509_TRUST, (st), (val)) -#define sk_X509_TRUST_find(st, val) SKM_sk_find(X509_TRUST, (st), (val)) -#define sk_X509_TRUST_find_ex(st, val) SKM_sk_find_ex(X509_TRUST, (st), (val)) -#define sk_X509_TRUST_delete(st, i) SKM_sk_delete(X509_TRUST, (st), (i)) -#define sk_X509_TRUST_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_TRUST, (st), (ptr)) -#define sk_X509_TRUST_insert(st, val, i) SKM_sk_insert(X509_TRUST, (st), (val), (i)) -#define sk_X509_TRUST_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_TRUST, (st), (cmp)) -#define sk_X509_TRUST_dup(st) SKM_sk_dup(X509_TRUST, st) -#define sk_X509_TRUST_pop_free(st, free_func) SKM_sk_pop_free(X509_TRUST, (st), (free_func)) -#define sk_X509_TRUST_shift(st) SKM_sk_shift(X509_TRUST, (st)) -#define sk_X509_TRUST_pop(st) SKM_sk_pop(X509_TRUST, (st)) -#define sk_X509_TRUST_sort(st) SKM_sk_sort(X509_TRUST, (st)) -#define sk_X509_TRUST_is_sorted(st) SKM_sk_is_sorted(X509_TRUST, (st)) - -#define sk_X509_VERIFY_PARAM_new(cmp) SKM_sk_new(X509_VERIFY_PARAM, (cmp)) -#define sk_X509_VERIFY_PARAM_new_null() SKM_sk_new_null(X509_VERIFY_PARAM) -#define sk_X509_VERIFY_PARAM_free(st) SKM_sk_free(X509_VERIFY_PARAM, (st)) -#define sk_X509_VERIFY_PARAM_num(st) SKM_sk_num(X509_VERIFY_PARAM, (st)) -#define sk_X509_VERIFY_PARAM_value(st, i) SKM_sk_value(X509_VERIFY_PARAM, (st), (i)) -#define sk_X509_VERIFY_PARAM_set(st, i, val) SKM_sk_set(X509_VERIFY_PARAM, (st), (i), (val)) -#define sk_X509_VERIFY_PARAM_zero(st) SKM_sk_zero(X509_VERIFY_PARAM, (st)) -#define sk_X509_VERIFY_PARAM_push(st, val) SKM_sk_push(X509_VERIFY_PARAM, (st), (val)) -#define sk_X509_VERIFY_PARAM_unshift(st, val) SKM_sk_unshift(X509_VERIFY_PARAM, (st), (val)) -#define sk_X509_VERIFY_PARAM_find(st, val) SKM_sk_find(X509_VERIFY_PARAM, (st), (val)) -#define sk_X509_VERIFY_PARAM_find_ex(st, val) SKM_sk_find_ex(X509_VERIFY_PARAM, (st), (val)) -#define sk_X509_VERIFY_PARAM_delete(st, i) SKM_sk_delete(X509_VERIFY_PARAM, (st), (i)) -#define sk_X509_VERIFY_PARAM_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_VERIFY_PARAM, (st), (ptr)) -#define sk_X509_VERIFY_PARAM_insert(st, val, i) SKM_sk_insert(X509_VERIFY_PARAM, (st), (val), (i)) -#define sk_X509_VERIFY_PARAM_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_VERIFY_PARAM, (st), (cmp)) -#define sk_X509_VERIFY_PARAM_dup(st) SKM_sk_dup(X509_VERIFY_PARAM, st) -#define sk_X509_VERIFY_PARAM_pop_free(st, free_func) SKM_sk_pop_free(X509_VERIFY_PARAM, (st), (free_func)) -#define sk_X509_VERIFY_PARAM_shift(st) SKM_sk_shift(X509_VERIFY_PARAM, (st)) -#define sk_X509_VERIFY_PARAM_pop(st) SKM_sk_pop(X509_VERIFY_PARAM, (st)) -#define sk_X509_VERIFY_PARAM_sort(st) SKM_sk_sort(X509_VERIFY_PARAM, (st)) -#define sk_X509_VERIFY_PARAM_is_sorted(st) SKM_sk_is_sorted(X509_VERIFY_PARAM, (st)) - -#define sk_nid_triple_new(cmp) SKM_sk_new(nid_triple, (cmp)) -#define sk_nid_triple_new_null() SKM_sk_new_null(nid_triple) -#define sk_nid_triple_free(st) SKM_sk_free(nid_triple, (st)) -#define sk_nid_triple_num(st) SKM_sk_num(nid_triple, (st)) -#define sk_nid_triple_value(st, i) SKM_sk_value(nid_triple, (st), (i)) -#define sk_nid_triple_set(st, i, val) SKM_sk_set(nid_triple, (st), (i), (val)) -#define sk_nid_triple_zero(st) SKM_sk_zero(nid_triple, (st)) -#define sk_nid_triple_push(st, val) SKM_sk_push(nid_triple, (st), (val)) -#define sk_nid_triple_unshift(st, val) SKM_sk_unshift(nid_triple, (st), (val)) -#define sk_nid_triple_find(st, val) SKM_sk_find(nid_triple, (st), (val)) -#define sk_nid_triple_find_ex(st, val) SKM_sk_find_ex(nid_triple, (st), (val)) -#define sk_nid_triple_delete(st, i) SKM_sk_delete(nid_triple, (st), (i)) -#define sk_nid_triple_delete_ptr(st, ptr) SKM_sk_delete_ptr(nid_triple, (st), (ptr)) -#define sk_nid_triple_insert(st, val, i) SKM_sk_insert(nid_triple, (st), (val), (i)) -#define sk_nid_triple_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(nid_triple, (st), (cmp)) -#define sk_nid_triple_dup(st) SKM_sk_dup(nid_triple, st) -#define sk_nid_triple_pop_free(st, free_func) SKM_sk_pop_free(nid_triple, (st), (free_func)) -#define sk_nid_triple_shift(st) SKM_sk_shift(nid_triple, (st)) -#define sk_nid_triple_pop(st) SKM_sk_pop(nid_triple, (st)) -#define sk_nid_triple_sort(st) SKM_sk_sort(nid_triple, (st)) -#define sk_nid_triple_is_sorted(st) SKM_sk_is_sorted(nid_triple, (st)) - -#define sk_void_new(cmp) SKM_sk_new(void, (cmp)) -#define sk_void_new_null() SKM_sk_new_null(void) -#define sk_void_free(st) SKM_sk_free(void, (st)) -#define sk_void_num(st) SKM_sk_num(void, (st)) -#define sk_void_value(st, i) SKM_sk_value(void, (st), (i)) -#define sk_void_set(st, i, val) SKM_sk_set(void, (st), (i), (val)) -#define sk_void_zero(st) SKM_sk_zero(void, (st)) -#define sk_void_push(st, val) SKM_sk_push(void, (st), (val)) -#define sk_void_unshift(st, val) SKM_sk_unshift(void, (st), (val)) -#define sk_void_find(st, val) SKM_sk_find(void, (st), (val)) -#define sk_void_find_ex(st, val) SKM_sk_find_ex(void, (st), (val)) -#define sk_void_delete(st, i) SKM_sk_delete(void, (st), (i)) -#define sk_void_delete_ptr(st, ptr) SKM_sk_delete_ptr(void, (st), (ptr)) -#define sk_void_insert(st, val, i) SKM_sk_insert(void, (st), (val), (i)) -#define sk_void_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(void, (st), (cmp)) -#define sk_void_dup(st) SKM_sk_dup(void, st) -#define sk_void_pop_free(st, free_func) SKM_sk_pop_free(void, (st), (free_func)) -#define sk_void_shift(st) SKM_sk_shift(void, (st)) -#define sk_void_pop(st) SKM_sk_pop(void, (st)) -#define sk_void_sort(st) SKM_sk_sort(void, (st)) -#define sk_void_is_sorted(st) SKM_sk_is_sorted(void, (st)) - -#define sk_OPENSSL_STRING_new(cmp) ((STACK_OF(OPENSSL_STRING) *)sk_new(CHECKED_SK_CMP_FUNC(char, cmp))) -#define sk_OPENSSL_STRING_new_null() ((STACK_OF(OPENSSL_STRING) *)sk_new_null()) -#define sk_OPENSSL_STRING_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val)) -#define sk_OPENSSL_STRING_find(st, val) sk_find(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val)) -#define sk_OPENSSL_STRING_value(st, i) ((OPENSSL_STRING)sk_value(CHECKED_STACK_OF(OPENSSL_STRING, st), i)) -#define sk_OPENSSL_STRING_num(st) SKM_sk_num(OPENSSL_STRING, st) -#define sk_OPENSSL_STRING_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_SK_FREE_FUNC2(OPENSSL_STRING, free_func)) -#define sk_OPENSSL_STRING_insert(st, val, i) sk_insert(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val), i) -#define sk_OPENSSL_STRING_free(st) SKM_sk_free(OPENSSL_STRING, st) -#define sk_OPENSSL_STRING_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_STRING, st), i, CHECKED_PTR_OF(char, val)) -#define sk_OPENSSL_STRING_zero(st) SKM_sk_zero(OPENSSL_STRING, (st)) -#define sk_OPENSSL_STRING_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val)) -#define sk_OPENSSL_STRING_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_CONST_PTR_OF(char, val)) -#define sk_OPENSSL_STRING_delete(st, i) SKM_sk_delete(OPENSSL_STRING, (st), (i)) -#define sk_OPENSSL_STRING_delete_ptr(st, ptr) (OPENSSL_STRING *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, ptr)) -#define sk_OPENSSL_STRING_set_cmp_func(st, cmp) \ - ((int (*)(const char * const *,const char * const *)) \ - sk_set_cmp_func(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_SK_CMP_FUNC(char, cmp))) -#define sk_OPENSSL_STRING_dup(st) SKM_sk_dup(OPENSSL_STRING, st) -#define sk_OPENSSL_STRING_shift(st) SKM_sk_shift(OPENSSL_STRING, (st)) -#define sk_OPENSSL_STRING_pop(st) (char *)sk_pop(CHECKED_STACK_OF(OPENSSL_STRING, st)) -#define sk_OPENSSL_STRING_sort(st) SKM_sk_sort(OPENSSL_STRING, (st)) -#define sk_OPENSSL_STRING_is_sorted(st) SKM_sk_is_sorted(OPENSSL_STRING, (st)) - -#define sk_OPENSSL_BLOCK_new(cmp) ((STACK_OF(OPENSSL_BLOCK) *)sk_new(CHECKED_SK_CMP_FUNC(void, cmp))) -#define sk_OPENSSL_BLOCK_new_null() ((STACK_OF(OPENSSL_BLOCK) *)sk_new_null()) -#define sk_OPENSSL_BLOCK_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val)) -#define sk_OPENSSL_BLOCK_find(st, val) sk_find(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val)) -#define sk_OPENSSL_BLOCK_value(st, i) ((OPENSSL_BLOCK)sk_value(CHECKED_STACK_OF(OPENSSL_BLOCK, st), i)) -#define sk_OPENSSL_BLOCK_num(st) SKM_sk_num(OPENSSL_BLOCK, st) -#define sk_OPENSSL_BLOCK_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_SK_FREE_FUNC2(OPENSSL_BLOCK, free_func)) -#define sk_OPENSSL_BLOCK_insert(st, val, i) sk_insert(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val), i) -#define sk_OPENSSL_BLOCK_free(st) SKM_sk_free(OPENSSL_BLOCK, st) -#define sk_OPENSSL_BLOCK_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_BLOCK, st), i, CHECKED_PTR_OF(void, val)) -#define sk_OPENSSL_BLOCK_zero(st) SKM_sk_zero(OPENSSL_BLOCK, (st)) -#define sk_OPENSSL_BLOCK_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val)) -#define sk_OPENSSL_BLOCK_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_CONST_PTR_OF(void, val)) -#define sk_OPENSSL_BLOCK_delete(st, i) SKM_sk_delete(OPENSSL_BLOCK, (st), (i)) -#define sk_OPENSSL_BLOCK_delete_ptr(st, ptr) (OPENSSL_BLOCK *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, ptr)) -#define sk_OPENSSL_BLOCK_set_cmp_func(st, cmp) \ - ((int (*)(const void * const *,const void * const *)) \ - sk_set_cmp_func(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_SK_CMP_FUNC(void, cmp))) -#define sk_OPENSSL_BLOCK_dup(st) SKM_sk_dup(OPENSSL_BLOCK, st) -#define sk_OPENSSL_BLOCK_shift(st) SKM_sk_shift(OPENSSL_BLOCK, (st)) -#define sk_OPENSSL_BLOCK_pop(st) (void *)sk_pop(CHECKED_STACK_OF(OPENSSL_BLOCK, st)) -#define sk_OPENSSL_BLOCK_sort(st) SKM_sk_sort(OPENSSL_BLOCK, (st)) -#define sk_OPENSSL_BLOCK_is_sorted(st) SKM_sk_is_sorted(OPENSSL_BLOCK, (st)) - -#define sk_OPENSSL_PSTRING_new(cmp) ((STACK_OF(OPENSSL_PSTRING) *)sk_new(CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp))) -#define sk_OPENSSL_PSTRING_new_null() ((STACK_OF(OPENSSL_PSTRING) *)sk_new_null()) -#define sk_OPENSSL_PSTRING_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val)) -#define sk_OPENSSL_PSTRING_find(st, val) sk_find(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val)) -#define sk_OPENSSL_PSTRING_value(st, i) ((OPENSSL_PSTRING)sk_value(CHECKED_STACK_OF(OPENSSL_PSTRING, st), i)) -#define sk_OPENSSL_PSTRING_num(st) SKM_sk_num(OPENSSL_PSTRING, st) -#define sk_OPENSSL_PSTRING_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_FREE_FUNC2(OPENSSL_PSTRING, free_func)) -#define sk_OPENSSL_PSTRING_insert(st, val, i) sk_insert(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val), i) -#define sk_OPENSSL_PSTRING_free(st) SKM_sk_free(OPENSSL_PSTRING, st) -#define sk_OPENSSL_PSTRING_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_PSTRING, st), i, CHECKED_PTR_OF(OPENSSL_STRING, val)) -#define sk_OPENSSL_PSTRING_zero(st) SKM_sk_zero(OPENSSL_PSTRING, (st)) -#define sk_OPENSSL_PSTRING_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val)) -#define sk_OPENSSL_PSTRING_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_CONST_PTR_OF(OPENSSL_STRING, val)) -#define sk_OPENSSL_PSTRING_delete(st, i) SKM_sk_delete(OPENSSL_PSTRING, (st), (i)) -#define sk_OPENSSL_PSTRING_delete_ptr(st, ptr) (OPENSSL_PSTRING *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, ptr)) -#define sk_OPENSSL_PSTRING_set_cmp_func(st, cmp) \ - ((int (*)(const OPENSSL_STRING * const *,const OPENSSL_STRING * const *)) \ - sk_set_cmp_func(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp))) -#define sk_OPENSSL_PSTRING_dup(st) SKM_sk_dup(OPENSSL_PSTRING, st) -#define sk_OPENSSL_PSTRING_shift(st) SKM_sk_shift(OPENSSL_PSTRING, (st)) -#define sk_OPENSSL_PSTRING_pop(st) (OPENSSL_STRING *)sk_pop(CHECKED_STACK_OF(OPENSSL_PSTRING, st)) -#define sk_OPENSSL_PSTRING_sort(st) SKM_sk_sort(OPENSSL_PSTRING, (st)) -#define sk_OPENSSL_PSTRING_is_sorted(st) SKM_sk_is_sorted(OPENSSL_PSTRING, (st)) - -#define lh_ADDED_OBJ_new() LHM_lh_new(ADDED_OBJ,added_obj) -#define lh_ADDED_OBJ_insert(lh,inst) LHM_lh_insert(ADDED_OBJ,lh,inst) -#define lh_ADDED_OBJ_retrieve(lh,inst) LHM_lh_retrieve(ADDED_OBJ,lh,inst) -#define lh_ADDED_OBJ_delete(lh,inst) LHM_lh_delete(ADDED_OBJ,lh,inst) -#define lh_ADDED_OBJ_doall(lh,fn) LHM_lh_doall(ADDED_OBJ,lh,fn) -#define lh_ADDED_OBJ_doall_arg(lh,fn,arg_type,arg) \ - LHM_lh_doall_arg(ADDED_OBJ,lh,fn,arg_type,arg) -#define lh_ADDED_OBJ_error(lh) LHM_lh_error(ADDED_OBJ,lh) -#define lh_ADDED_OBJ_num_items(lh) LHM_lh_num_items(ADDED_OBJ,lh) -#define lh_ADDED_OBJ_down_load(lh) LHM_lh_down_load(ADDED_OBJ,lh) -#define lh_ADDED_OBJ_node_stats_bio(lh,out) \ - LHM_lh_node_stats_bio(ADDED_OBJ,lh,out) -#define lh_ADDED_OBJ_node_usage_stats_bio(lh,out) \ - LHM_lh_node_usage_stats_bio(ADDED_OBJ,lh,out) -#define lh_ADDED_OBJ_stats_bio(lh,out) \ - LHM_lh_stats_bio(ADDED_OBJ,lh,out) -#define lh_ADDED_OBJ_free(lh) LHM_lh_free(ADDED_OBJ,lh) - -#define lh_APP_INFO_new() LHM_lh_new(APP_INFO,app_info) -#define lh_APP_INFO_insert(lh,inst) LHM_lh_insert(APP_INFO,lh,inst) -#define lh_APP_INFO_retrieve(lh,inst) LHM_lh_retrieve(APP_INFO,lh,inst) -#define lh_APP_INFO_delete(lh,inst) LHM_lh_delete(APP_INFO,lh,inst) -#define lh_APP_INFO_doall(lh,fn) LHM_lh_doall(APP_INFO,lh,fn) -#define lh_APP_INFO_doall_arg(lh,fn,arg_type,arg) \ - LHM_lh_doall_arg(APP_INFO,lh,fn,arg_type,arg) -#define lh_APP_INFO_error(lh) LHM_lh_error(APP_INFO,lh) -#define lh_APP_INFO_num_items(lh) LHM_lh_num_items(APP_INFO,lh) -#define lh_APP_INFO_down_load(lh) LHM_lh_down_load(APP_INFO,lh) -#define lh_APP_INFO_node_stats_bio(lh,out) \ - LHM_lh_node_stats_bio(APP_INFO,lh,out) -#define lh_APP_INFO_node_usage_stats_bio(lh,out) \ - LHM_lh_node_usage_stats_bio(APP_INFO,lh,out) -#define lh_APP_INFO_stats_bio(lh,out) \ - LHM_lh_stats_bio(APP_INFO,lh,out) -#define lh_APP_INFO_free(lh) LHM_lh_free(APP_INFO,lh) - -#define lh_CONF_VALUE_new() LHM_lh_new(CONF_VALUE,conf_value) -#define lh_CONF_VALUE_insert(lh,inst) LHM_lh_insert(CONF_VALUE,lh,inst) -#define lh_CONF_VALUE_retrieve(lh,inst) LHM_lh_retrieve(CONF_VALUE,lh,inst) -#define lh_CONF_VALUE_delete(lh,inst) LHM_lh_delete(CONF_VALUE,lh,inst) -#define lh_CONF_VALUE_doall(lh,fn) LHM_lh_doall(CONF_VALUE,lh,fn) -#define lh_CONF_VALUE_doall_arg(lh,fn,arg_type,arg) \ - LHM_lh_doall_arg(CONF_VALUE,lh,fn,arg_type,arg) -#define lh_CONF_VALUE_error(lh) LHM_lh_error(CONF_VALUE,lh) -#define lh_CONF_VALUE_num_items(lh) LHM_lh_num_items(CONF_VALUE,lh) -#define lh_CONF_VALUE_down_load(lh) LHM_lh_down_load(CONF_VALUE,lh) -#define lh_CONF_VALUE_node_stats_bio(lh,out) \ - LHM_lh_node_stats_bio(CONF_VALUE,lh,out) -#define lh_CONF_VALUE_node_usage_stats_bio(lh,out) \ - LHM_lh_node_usage_stats_bio(CONF_VALUE,lh,out) -#define lh_CONF_VALUE_stats_bio(lh,out) \ - LHM_lh_stats_bio(CONF_VALUE,lh,out) -#define lh_CONF_VALUE_free(lh) LHM_lh_free(CONF_VALUE,lh) - -#define lh_ENGINE_PILE_new() LHM_lh_new(ENGINE_PILE,engine_pile) -#define lh_ENGINE_PILE_insert(lh,inst) LHM_lh_insert(ENGINE_PILE,lh,inst) -#define lh_ENGINE_PILE_retrieve(lh,inst) LHM_lh_retrieve(ENGINE_PILE,lh,inst) -#define lh_ENGINE_PILE_delete(lh,inst) LHM_lh_delete(ENGINE_PILE,lh,inst) -#define lh_ENGINE_PILE_doall(lh,fn) LHM_lh_doall(ENGINE_PILE,lh,fn) -#define lh_ENGINE_PILE_doall_arg(lh,fn,arg_type,arg) \ - LHM_lh_doall_arg(ENGINE_PILE,lh,fn,arg_type,arg) -#define lh_ENGINE_PILE_error(lh) LHM_lh_error(ENGINE_PILE,lh) -#define lh_ENGINE_PILE_num_items(lh) LHM_lh_num_items(ENGINE_PILE,lh) -#define lh_ENGINE_PILE_down_load(lh) LHM_lh_down_load(ENGINE_PILE,lh) -#define lh_ENGINE_PILE_node_stats_bio(lh,out) \ - LHM_lh_node_stats_bio(ENGINE_PILE,lh,out) -#define lh_ENGINE_PILE_node_usage_stats_bio(lh,out) \ - LHM_lh_node_usage_stats_bio(ENGINE_PILE,lh,out) -#define lh_ENGINE_PILE_stats_bio(lh,out) \ - LHM_lh_stats_bio(ENGINE_PILE,lh,out) -#define lh_ENGINE_PILE_free(lh) LHM_lh_free(ENGINE_PILE,lh) - -#define lh_ERR_STATE_new() LHM_lh_new(ERR_STATE,err_state) -#define lh_ERR_STATE_insert(lh,inst) LHM_lh_insert(ERR_STATE,lh,inst) -#define lh_ERR_STATE_retrieve(lh,inst) LHM_lh_retrieve(ERR_STATE,lh,inst) -#define lh_ERR_STATE_delete(lh,inst) LHM_lh_delete(ERR_STATE,lh,inst) -#define lh_ERR_STATE_doall(lh,fn) LHM_lh_doall(ERR_STATE,lh,fn) -#define lh_ERR_STATE_doall_arg(lh,fn,arg_type,arg) \ - LHM_lh_doall_arg(ERR_STATE,lh,fn,arg_type,arg) -#define lh_ERR_STATE_error(lh) LHM_lh_error(ERR_STATE,lh) -#define lh_ERR_STATE_num_items(lh) LHM_lh_num_items(ERR_STATE,lh) -#define lh_ERR_STATE_down_load(lh) LHM_lh_down_load(ERR_STATE,lh) -#define lh_ERR_STATE_node_stats_bio(lh,out) \ - LHM_lh_node_stats_bio(ERR_STATE,lh,out) -#define lh_ERR_STATE_node_usage_stats_bio(lh,out) \ - LHM_lh_node_usage_stats_bio(ERR_STATE,lh,out) -#define lh_ERR_STATE_stats_bio(lh,out) \ - LHM_lh_stats_bio(ERR_STATE,lh,out) -#define lh_ERR_STATE_free(lh) LHM_lh_free(ERR_STATE,lh) - -#define lh_ERR_STRING_DATA_new() LHM_lh_new(ERR_STRING_DATA,err_string_data) -#define lh_ERR_STRING_DATA_insert(lh,inst) LHM_lh_insert(ERR_STRING_DATA,lh,inst) -#define lh_ERR_STRING_DATA_retrieve(lh,inst) LHM_lh_retrieve(ERR_STRING_DATA,lh,inst) -#define lh_ERR_STRING_DATA_delete(lh,inst) LHM_lh_delete(ERR_STRING_DATA,lh,inst) -#define lh_ERR_STRING_DATA_doall(lh,fn) LHM_lh_doall(ERR_STRING_DATA,lh,fn) -#define lh_ERR_STRING_DATA_doall_arg(lh,fn,arg_type,arg) \ - LHM_lh_doall_arg(ERR_STRING_DATA,lh,fn,arg_type,arg) -#define lh_ERR_STRING_DATA_error(lh) LHM_lh_error(ERR_STRING_DATA,lh) -#define lh_ERR_STRING_DATA_num_items(lh) LHM_lh_num_items(ERR_STRING_DATA,lh) -#define lh_ERR_STRING_DATA_down_load(lh) LHM_lh_down_load(ERR_STRING_DATA,lh) -#define lh_ERR_STRING_DATA_node_stats_bio(lh,out) \ - LHM_lh_node_stats_bio(ERR_STRING_DATA,lh,out) -#define lh_ERR_STRING_DATA_node_usage_stats_bio(lh,out) \ - LHM_lh_node_usage_stats_bio(ERR_STRING_DATA,lh,out) -#define lh_ERR_STRING_DATA_stats_bio(lh,out) \ - LHM_lh_stats_bio(ERR_STRING_DATA,lh,out) -#define lh_ERR_STRING_DATA_free(lh) LHM_lh_free(ERR_STRING_DATA,lh) - -#define lh_EX_CLASS_ITEM_new() LHM_lh_new(EX_CLASS_ITEM,ex_class_item) -#define lh_EX_CLASS_ITEM_insert(lh,inst) LHM_lh_insert(EX_CLASS_ITEM,lh,inst) -#define lh_EX_CLASS_ITEM_retrieve(lh,inst) LHM_lh_retrieve(EX_CLASS_ITEM,lh,inst) -#define lh_EX_CLASS_ITEM_delete(lh,inst) LHM_lh_delete(EX_CLASS_ITEM,lh,inst) -#define lh_EX_CLASS_ITEM_doall(lh,fn) LHM_lh_doall(EX_CLASS_ITEM,lh,fn) -#define lh_EX_CLASS_ITEM_doall_arg(lh,fn,arg_type,arg) \ - LHM_lh_doall_arg(EX_CLASS_ITEM,lh,fn,arg_type,arg) -#define lh_EX_CLASS_ITEM_error(lh) LHM_lh_error(EX_CLASS_ITEM,lh) -#define lh_EX_CLASS_ITEM_num_items(lh) LHM_lh_num_items(EX_CLASS_ITEM,lh) -#define lh_EX_CLASS_ITEM_down_load(lh) LHM_lh_down_load(EX_CLASS_ITEM,lh) -#define lh_EX_CLASS_ITEM_node_stats_bio(lh,out) \ - LHM_lh_node_stats_bio(EX_CLASS_ITEM,lh,out) -#define lh_EX_CLASS_ITEM_node_usage_stats_bio(lh,out) \ - LHM_lh_node_usage_stats_bio(EX_CLASS_ITEM,lh,out) -#define lh_EX_CLASS_ITEM_stats_bio(lh,out) \ - LHM_lh_stats_bio(EX_CLASS_ITEM,lh,out) -#define lh_EX_CLASS_ITEM_free(lh) LHM_lh_free(EX_CLASS_ITEM,lh) - -#define lh_FUNCTION_new() LHM_lh_new(FUNCTION,function) -#define lh_FUNCTION_insert(lh,inst) LHM_lh_insert(FUNCTION,lh,inst) -#define lh_FUNCTION_retrieve(lh,inst) LHM_lh_retrieve(FUNCTION,lh,inst) -#define lh_FUNCTION_delete(lh,inst) LHM_lh_delete(FUNCTION,lh,inst) -#define lh_FUNCTION_doall(lh,fn) LHM_lh_doall(FUNCTION,lh,fn) -#define lh_FUNCTION_doall_arg(lh,fn,arg_type,arg) \ - LHM_lh_doall_arg(FUNCTION,lh,fn,arg_type,arg) -#define lh_FUNCTION_error(lh) LHM_lh_error(FUNCTION,lh) -#define lh_FUNCTION_num_items(lh) LHM_lh_num_items(FUNCTION,lh) -#define lh_FUNCTION_down_load(lh) LHM_lh_down_load(FUNCTION,lh) -#define lh_FUNCTION_node_stats_bio(lh,out) \ - LHM_lh_node_stats_bio(FUNCTION,lh,out) -#define lh_FUNCTION_node_usage_stats_bio(lh,out) \ - LHM_lh_node_usage_stats_bio(FUNCTION,lh,out) -#define lh_FUNCTION_stats_bio(lh,out) \ - LHM_lh_stats_bio(FUNCTION,lh,out) -#define lh_FUNCTION_free(lh) LHM_lh_free(FUNCTION,lh) - -#define lh_MEM_new() LHM_lh_new(MEM,mem) -#define lh_MEM_insert(lh,inst) LHM_lh_insert(MEM,lh,inst) -#define lh_MEM_retrieve(lh,inst) LHM_lh_retrieve(MEM,lh,inst) -#define lh_MEM_delete(lh,inst) LHM_lh_delete(MEM,lh,inst) -#define lh_MEM_doall(lh,fn) LHM_lh_doall(MEM,lh,fn) -#define lh_MEM_doall_arg(lh,fn,arg_type,arg) \ - LHM_lh_doall_arg(MEM,lh,fn,arg_type,arg) -#define lh_MEM_error(lh) LHM_lh_error(MEM,lh) -#define lh_MEM_num_items(lh) LHM_lh_num_items(MEM,lh) -#define lh_MEM_down_load(lh) LHM_lh_down_load(MEM,lh) -#define lh_MEM_node_stats_bio(lh,out) \ - LHM_lh_node_stats_bio(MEM,lh,out) -#define lh_MEM_node_usage_stats_bio(lh,out) \ - LHM_lh_node_usage_stats_bio(MEM,lh,out) -#define lh_MEM_stats_bio(lh,out) \ - LHM_lh_stats_bio(MEM,lh,out) -#define lh_MEM_free(lh) LHM_lh_free(MEM,lh) - -#define lh_OBJ_NAME_new() LHM_lh_new(OBJ_NAME,obj_name) -#define lh_OBJ_NAME_insert(lh,inst) LHM_lh_insert(OBJ_NAME,lh,inst) -#define lh_OBJ_NAME_retrieve(lh,inst) LHM_lh_retrieve(OBJ_NAME,lh,inst) -#define lh_OBJ_NAME_delete(lh,inst) LHM_lh_delete(OBJ_NAME,lh,inst) -#define lh_OBJ_NAME_doall(lh,fn) LHM_lh_doall(OBJ_NAME,lh,fn) -#define lh_OBJ_NAME_doall_arg(lh,fn,arg_type,arg) \ - LHM_lh_doall_arg(OBJ_NAME,lh,fn,arg_type,arg) -#define lh_OBJ_NAME_error(lh) LHM_lh_error(OBJ_NAME,lh) -#define lh_OBJ_NAME_num_items(lh) LHM_lh_num_items(OBJ_NAME,lh) -#define lh_OBJ_NAME_down_load(lh) LHM_lh_down_load(OBJ_NAME,lh) -#define lh_OBJ_NAME_node_stats_bio(lh,out) \ - LHM_lh_node_stats_bio(OBJ_NAME,lh,out) -#define lh_OBJ_NAME_node_usage_stats_bio(lh,out) \ - LHM_lh_node_usage_stats_bio(OBJ_NAME,lh,out) -#define lh_OBJ_NAME_stats_bio(lh,out) \ - LHM_lh_stats_bio(OBJ_NAME,lh,out) -#define lh_OBJ_NAME_free(lh) LHM_lh_free(OBJ_NAME,lh) - -#define lh_OPENSSL_CSTRING_new() LHM_lh_new(OPENSSL_CSTRING,openssl_cstring) -#define lh_OPENSSL_CSTRING_insert(lh,inst) LHM_lh_insert(OPENSSL_CSTRING,lh,inst) -#define lh_OPENSSL_CSTRING_retrieve(lh,inst) LHM_lh_retrieve(OPENSSL_CSTRING,lh,inst) -#define lh_OPENSSL_CSTRING_delete(lh,inst) LHM_lh_delete(OPENSSL_CSTRING,lh,inst) -#define lh_OPENSSL_CSTRING_doall(lh,fn) LHM_lh_doall(OPENSSL_CSTRING,lh,fn) -#define lh_OPENSSL_CSTRING_doall_arg(lh,fn,arg_type,arg) \ - LHM_lh_doall_arg(OPENSSL_CSTRING,lh,fn,arg_type,arg) -#define lh_OPENSSL_CSTRING_error(lh) LHM_lh_error(OPENSSL_CSTRING,lh) -#define lh_OPENSSL_CSTRING_num_items(lh) LHM_lh_num_items(OPENSSL_CSTRING,lh) -#define lh_OPENSSL_CSTRING_down_load(lh) LHM_lh_down_load(OPENSSL_CSTRING,lh) -#define lh_OPENSSL_CSTRING_node_stats_bio(lh,out) \ - LHM_lh_node_stats_bio(OPENSSL_CSTRING,lh,out) -#define lh_OPENSSL_CSTRING_node_usage_stats_bio(lh,out) \ - LHM_lh_node_usage_stats_bio(OPENSSL_CSTRING,lh,out) -#define lh_OPENSSL_CSTRING_stats_bio(lh,out) \ - LHM_lh_stats_bio(OPENSSL_CSTRING,lh,out) -#define lh_OPENSSL_CSTRING_free(lh) LHM_lh_free(OPENSSL_CSTRING,lh) - -#define lh_OPENSSL_STRING_new() LHM_lh_new(OPENSSL_STRING,openssl_string) -#define lh_OPENSSL_STRING_insert(lh,inst) LHM_lh_insert(OPENSSL_STRING,lh,inst) -#define lh_OPENSSL_STRING_retrieve(lh,inst) LHM_lh_retrieve(OPENSSL_STRING,lh,inst) -#define lh_OPENSSL_STRING_delete(lh,inst) LHM_lh_delete(OPENSSL_STRING,lh,inst) -#define lh_OPENSSL_STRING_doall(lh,fn) LHM_lh_doall(OPENSSL_STRING,lh,fn) -#define lh_OPENSSL_STRING_doall_arg(lh,fn,arg_type,arg) \ - LHM_lh_doall_arg(OPENSSL_STRING,lh,fn,arg_type,arg) -#define lh_OPENSSL_STRING_error(lh) LHM_lh_error(OPENSSL_STRING,lh) -#define lh_OPENSSL_STRING_num_items(lh) LHM_lh_num_items(OPENSSL_STRING,lh) -#define lh_OPENSSL_STRING_down_load(lh) LHM_lh_down_load(OPENSSL_STRING,lh) -#define lh_OPENSSL_STRING_node_stats_bio(lh,out) \ - LHM_lh_node_stats_bio(OPENSSL_STRING,lh,out) -#define lh_OPENSSL_STRING_node_usage_stats_bio(lh,out) \ - LHM_lh_node_usage_stats_bio(OPENSSL_STRING,lh,out) -#define lh_OPENSSL_STRING_stats_bio(lh,out) \ - LHM_lh_stats_bio(OPENSSL_STRING,lh,out) -#define lh_OPENSSL_STRING_free(lh) LHM_lh_free(OPENSSL_STRING,lh) - -#define lh_SSL_SESSION_new() LHM_lh_new(SSL_SESSION,ssl_session) -#define lh_SSL_SESSION_insert(lh,inst) LHM_lh_insert(SSL_SESSION,lh,inst) -#define lh_SSL_SESSION_retrieve(lh,inst) LHM_lh_retrieve(SSL_SESSION,lh,inst) -#define lh_SSL_SESSION_delete(lh,inst) LHM_lh_delete(SSL_SESSION,lh,inst) -#define lh_SSL_SESSION_doall(lh,fn) LHM_lh_doall(SSL_SESSION,lh,fn) -#define lh_SSL_SESSION_doall_arg(lh,fn,arg_type,arg) \ - LHM_lh_doall_arg(SSL_SESSION,lh,fn,arg_type,arg) -#define lh_SSL_SESSION_error(lh) LHM_lh_error(SSL_SESSION,lh) -#define lh_SSL_SESSION_num_items(lh) LHM_lh_num_items(SSL_SESSION,lh) -#define lh_SSL_SESSION_down_load(lh) LHM_lh_down_load(SSL_SESSION,lh) -#define lh_SSL_SESSION_node_stats_bio(lh,out) \ - LHM_lh_node_stats_bio(SSL_SESSION,lh,out) -#define lh_SSL_SESSION_node_usage_stats_bio(lh,out) \ - LHM_lh_node_usage_stats_bio(SSL_SESSION,lh,out) -#define lh_SSL_SESSION_stats_bio(lh,out) \ - LHM_lh_stats_bio(SSL_SESSION,lh,out) -#define lh_SSL_SESSION_free(lh) LHM_lh_free(SSL_SESSION,lh) - -#endif /* !defined HEADER_SAFESTACK_H */ diff --git a/libressl/include64/openssl/sha.h b/libressl/include64/openssl/sha.h deleted file mode 100644 index 87fdf8d1..00000000 --- a/libressl/include64/openssl/sha.h +++ /dev/null @@ -1,192 +0,0 @@ -/* $OpenBSD: sha.h,v 1.21 2015/09/13 21:09:56 doug Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stddef.h> - -#ifndef HEADER_SHA_H -#define HEADER_SHA_H -#if !defined(HAVE_ATTRIBUTE__BOUNDED__) && !defined(__OpenBSD__) -#define __bounded__(x, y, z) -#endif - -#include <openssl/opensslconf.h> - -#ifdef __cplusplus -extern "C" { -#endif - -#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA1) -#error SHA is disabled. -#endif - -/* - * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - * ! SHA_LONG has to be at least 32 bits wide. ! - * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - */ - -#define SHA_LONG unsigned int - -#define SHA_LBLOCK 16 -#define SHA_CBLOCK (SHA_LBLOCK*4) /* SHA treats input data as a - * contiguous array of 32 bit - * wide big-endian values. */ -#define SHA_LAST_BLOCK (SHA_CBLOCK-8) -#define SHA_DIGEST_LENGTH 20 - -typedef struct SHAstate_st - { - SHA_LONG h0,h1,h2,h3,h4; - SHA_LONG Nl,Nh; - SHA_LONG data[SHA_LBLOCK]; - unsigned int num; - } SHA_CTX; - -#ifndef OPENSSL_NO_SHA1 -int SHA1_Init(SHA_CTX *c); -int SHA1_Update(SHA_CTX *c, const void *data, size_t len) - __attribute__ ((__bounded__(__buffer__,2,3))); -int SHA1_Final(unsigned char *md, SHA_CTX *c); -unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md) - __attribute__ ((__bounded__(__buffer__,1,2))); -void SHA1_Transform(SHA_CTX *c, const unsigned char *data); -#endif - -#define SHA256_CBLOCK (SHA_LBLOCK*4) /* SHA-256 treats input data as a - * contiguous array of 32 bit - * wide big-endian values. */ -#define SHA224_DIGEST_LENGTH 28 -#define SHA256_DIGEST_LENGTH 32 - -typedef struct SHA256state_st - { - SHA_LONG h[8]; - SHA_LONG Nl,Nh; - SHA_LONG data[SHA_LBLOCK]; - unsigned int num,md_len; - } SHA256_CTX; - -#ifndef OPENSSL_NO_SHA256 -int SHA224_Init(SHA256_CTX *c); -int SHA224_Update(SHA256_CTX *c, const void *data, size_t len) - __attribute__ ((__bounded__(__buffer__,2,3))); -int SHA224_Final(unsigned char *md, SHA256_CTX *c); -unsigned char *SHA224(const unsigned char *d, size_t n,unsigned char *md) - __attribute__ ((__bounded__(__buffer__,1,2))); -int SHA256_Init(SHA256_CTX *c); -int SHA256_Update(SHA256_CTX *c, const void *data, size_t len) - __attribute__ ((__bounded__(__buffer__,2,3))); -int SHA256_Final(unsigned char *md, SHA256_CTX *c); -unsigned char *SHA256(const unsigned char *d, size_t n,unsigned char *md) - __attribute__ ((__bounded__(__buffer__,1,2))); -void SHA256_Transform(SHA256_CTX *c, const unsigned char *data); -#endif - -#define SHA384_DIGEST_LENGTH 48 -#define SHA512_DIGEST_LENGTH 64 - -#ifndef OPENSSL_NO_SHA512 -/* - * Unlike 32-bit digest algorithms, SHA-512 *relies* on SHA_LONG64 - * being exactly 64-bit wide. See Implementation Notes in sha512.c - * for further details. - */ -#define SHA512_CBLOCK (SHA_LBLOCK*8) /* SHA-512 treats input data as a - * contiguous array of 64 bit - * wide big-endian values. */ -#if defined(_LP64) -#define SHA_LONG64 unsigned long -#define U64(C) C##UL -#else -#define SHA_LONG64 unsigned long long -#define U64(C) C##ULL -#endif - -typedef struct SHA512state_st - { - SHA_LONG64 h[8]; - SHA_LONG64 Nl,Nh; - union { - SHA_LONG64 d[SHA_LBLOCK]; - unsigned char p[SHA512_CBLOCK]; - } u; - unsigned int num,md_len; - } SHA512_CTX; -#endif - -#ifndef OPENSSL_NO_SHA512 -int SHA384_Init(SHA512_CTX *c); -int SHA384_Update(SHA512_CTX *c, const void *data, size_t len) - __attribute__ ((__bounded__(__buffer__,2,3))); -int SHA384_Final(unsigned char *md, SHA512_CTX *c); -unsigned char *SHA384(const unsigned char *d, size_t n,unsigned char *md) - __attribute__ ((__bounded__(__buffer__,1,2))); -int SHA512_Init(SHA512_CTX *c); -int SHA512_Update(SHA512_CTX *c, const void *data, size_t len) - __attribute__ ((__bounded__(__buffer__,2,3))); -int SHA512_Final(unsigned char *md, SHA512_CTX *c); -unsigned char *SHA512(const unsigned char *d, size_t n,unsigned char *md) - __attribute__ ((__bounded__(__buffer__,1,2))); -void SHA512_Transform(SHA512_CTX *c, const unsigned char *data); -#endif - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/libressl/include64/openssl/sm3.h b/libressl/include64/openssl/sm3.h deleted file mode 100644 index 553c64dc..00000000 --- a/libressl/include64/openssl/sm3.h +++ /dev/null @@ -1,53 +0,0 @@ -/* $OpenBSD: sm3.h,v 1.1 2018/11/11 06:53:31 tb Exp $ */ -/* - * Copyright (c) 2018, Ribose Inc - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef HEADER_SM3_H -#define HEADER_SM3_H - -#include <stddef.h> -#include <openssl/opensslconf.h> - -#ifdef __cplusplus -extern "C" { -#endif - -#ifdef OPENSSL_NO_SM3 -#error SM3 is disabled. -#endif - -#define SM3_DIGEST_LENGTH 32 -#define SM3_WORD unsigned int - -#define SM3_CBLOCK 64 -#define SM3_LBLOCK (SM3_CBLOCK / 4) - -typedef struct SM3state_st { - SM3_WORD A, B, C, D, E, F, G, H; - SM3_WORD Nl, Nh; - SM3_WORD data[SM3_LBLOCK]; - unsigned int num; -} SM3_CTX; - -int SM3_Init(SM3_CTX *c); -int SM3_Update(SM3_CTX *c, const void *data, size_t len); -int SM3_Final(unsigned char *md, SM3_CTX *c); - -#ifdef __cplusplus -} -#endif - -#endif /* HEADER_SM3_H */ diff --git a/libressl/include64/openssl/sm4.h b/libressl/include64/openssl/sm4.h deleted file mode 100644 index 5931ac71..00000000 --- a/libressl/include64/openssl/sm4.h +++ /dev/null @@ -1,51 +0,0 @@ -/* $OpenBSD: sm4.h,v 1.1 2019/03/17 17:42:37 tb Exp $ */ -/* - * Copyright (c) 2017, 2019 Ribose Inc - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef HEADER_SM4_H -#define HEADER_SM4_H - -#include <stdint.h> - -#include <openssl/opensslconf.h> - -#ifdef __cplusplus -extern "C" { -#endif - -#ifdef OPENSSL_NO_SM4 -#error SM4 is disabled. -#endif - -#define SM4_DECRYPT 0 -#define SM4_ENCRYPT 1 - -#define SM4_BLOCK_SIZE 16 -#define SM4_KEY_SCHEDULE 32 - -typedef struct sm4_key_st { - unsigned char opaque[128]; -} SM4_KEY; - -int SM4_set_key(const uint8_t *key, SM4_KEY *ks); -void SM4_decrypt(const uint8_t *in, uint8_t *out, const SM4_KEY *ks); -void SM4_encrypt(const uint8_t *in, uint8_t *out, const SM4_KEY *ks); - -#ifdef __cplusplus -} -#endif - -#endif /* HEADER_SM4_H */ diff --git a/libressl/include64/openssl/srtp.h b/libressl/include64/openssl/srtp.h deleted file mode 100644 index 6daa02a7..00000000 --- a/libressl/include64/openssl/srtp.h +++ /dev/null @@ -1,142 +0,0 @@ -/* $OpenBSD: srtp.h,v 1.6 2015/09/01 15:18:23 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* - * DTLS code by Eric Rescorla <ekr@rtfm.com> - * - * Copyright (C) 2006, Network Resonance, Inc. - * Copyright (C) 2011, RTFM, Inc. - */ - -#ifndef HEADER_D1_SRTP_H -#define HEADER_D1_SRTP_H - -#ifdef __cplusplus -extern "C" { -#endif - -#define SRTP_AES128_CM_SHA1_80 0x0001 -#define SRTP_AES128_CM_SHA1_32 0x0002 -#define SRTP_AES128_F8_SHA1_80 0x0003 -#define SRTP_AES128_F8_SHA1_32 0x0004 -#define SRTP_NULL_SHA1_80 0x0005 -#define SRTP_NULL_SHA1_32 0x0006 - -int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles); -int SSL_set_tlsext_use_srtp(SSL *ctx, const char *profiles); - -STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *ssl); -SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/libressl/include64/openssl/ssl.h b/libressl/include64/openssl/ssl.h deleted file mode 100644 index fc89b0ef..00000000 --- a/libressl/include64/openssl/ssl.h +++ /dev/null @@ -1,2180 +0,0 @@ -/* $OpenBSD: ssl.h,v 1.166 2019/04/04 15:03:21 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * ECC cipher suite support in OpenSSL originally developed by - * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. - */ -/* ==================================================================== - * Copyright 2005 Nokia. All rights reserved. - * - * The portions of the attached software ("Contribution") is developed by - * Nokia Corporation and is licensed pursuant to the OpenSSL open source - * license. - * - * The Contribution, originally written by Mika Kousa and Pasi Eronen of - * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites - * support (see RFC 4279) to OpenSSL. - * - * No patent licenses or other rights except those expressly stated in - * the OpenSSL open source license shall be deemed granted or received - * expressly, by implication, estoppel, or otherwise. - * - * No assurances are provided by Nokia that the Contribution does not - * infringe the patent or other intellectual property rights of any third - * party or that the license provides you with all the necessary rights - * to make use of the Contribution. - * - * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN - * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA - * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY - * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR - * OTHERWISE. - */ - -#ifndef HEADER_SSL_H -#define HEADER_SSL_H - -#include <stdint.h> - -#include <openssl/opensslconf.h> - -#include <openssl/hmac.h> -#include <openssl/pem.h> -#include <openssl/safestack.h> - -#include <openssl/bio.h> - -#ifndef OPENSSL_NO_DEPRECATED -#include <openssl/buffer.h> -#include <openssl/crypto.h> -#include <openssl/lhash.h> - -#ifndef OPENSSL_NO_X509 -#include <openssl/x509.h> -#endif -#endif - -#ifdef __cplusplus -extern "C" { -#endif - -/* SSLeay version number for ASN.1 encoding of the session information */ -/* Version 0 - initial version - * Version 1 - added the optional peer certificate - */ -#define SSL_SESSION_ASN1_VERSION 0x0001 - -/* text strings for the ciphers */ -#define SSL_TXT_NULL_WITH_MD5 SSL2_TXT_NULL_WITH_MD5 -#define SSL_TXT_RC4_128_WITH_MD5 SSL2_TXT_RC4_128_WITH_MD5 -#define SSL_TXT_RC4_128_EXPORT40_WITH_MD5 SSL2_TXT_RC4_128_EXPORT40_WITH_MD5 -#define SSL_TXT_RC2_128_CBC_WITH_MD5 SSL2_TXT_RC2_128_CBC_WITH_MD5 -#define SSL_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 -#define SSL_TXT_IDEA_128_CBC_WITH_MD5 SSL2_TXT_IDEA_128_CBC_WITH_MD5 -#define SSL_TXT_DES_64_CBC_WITH_MD5 SSL2_TXT_DES_64_CBC_WITH_MD5 -#define SSL_TXT_DES_64_CBC_WITH_SHA SSL2_TXT_DES_64_CBC_WITH_SHA -#define SSL_TXT_DES_192_EDE3_CBC_WITH_MD5 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5 -#define SSL_TXT_DES_192_EDE3_CBC_WITH_SHA SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA - -/* VRS Additional Kerberos5 entries - */ -#define SSL_TXT_KRB5_DES_64_CBC_SHA SSL3_TXT_KRB5_DES_64_CBC_SHA -#define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA -#define SSL_TXT_KRB5_RC4_128_SHA SSL3_TXT_KRB5_RC4_128_SHA -#define SSL_TXT_KRB5_IDEA_128_CBC_SHA SSL3_TXT_KRB5_IDEA_128_CBC_SHA -#define SSL_TXT_KRB5_DES_64_CBC_MD5 SSL3_TXT_KRB5_DES_64_CBC_MD5 -#define SSL_TXT_KRB5_DES_192_CBC3_MD5 SSL3_TXT_KRB5_DES_192_CBC3_MD5 -#define SSL_TXT_KRB5_RC4_128_MD5 SSL3_TXT_KRB5_RC4_128_MD5 -#define SSL_TXT_KRB5_IDEA_128_CBC_MD5 SSL3_TXT_KRB5_IDEA_128_CBC_MD5 - -#define SSL_TXT_KRB5_DES_40_CBC_SHA SSL3_TXT_KRB5_DES_40_CBC_SHA -#define SSL_TXT_KRB5_RC2_40_CBC_SHA SSL3_TXT_KRB5_RC2_40_CBC_SHA -#define SSL_TXT_KRB5_RC4_40_SHA SSL3_TXT_KRB5_RC4_40_SHA -#define SSL_TXT_KRB5_DES_40_CBC_MD5 SSL3_TXT_KRB5_DES_40_CBC_MD5 -#define SSL_TXT_KRB5_RC2_40_CBC_MD5 SSL3_TXT_KRB5_RC2_40_CBC_MD5 -#define SSL_TXT_KRB5_RC4_40_MD5 SSL3_TXT_KRB5_RC4_40_MD5 - -#define SSL_TXT_KRB5_DES_40_CBC_SHA SSL3_TXT_KRB5_DES_40_CBC_SHA -#define SSL_TXT_KRB5_DES_40_CBC_MD5 SSL3_TXT_KRB5_DES_40_CBC_MD5 -#define SSL_TXT_KRB5_DES_64_CBC_SHA SSL3_TXT_KRB5_DES_64_CBC_SHA -#define SSL_TXT_KRB5_DES_64_CBC_MD5 SSL3_TXT_KRB5_DES_64_CBC_MD5 -#define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA -#define SSL_TXT_KRB5_DES_192_CBC3_MD5 SSL3_TXT_KRB5_DES_192_CBC3_MD5 -#define SSL_MAX_KRB5_PRINCIPAL_LENGTH 256 - -#define SSL_MAX_SSL_SESSION_ID_LENGTH 32 -#define SSL_MAX_SID_CTX_LENGTH 32 - -#define SSL_MIN_RSA_MODULUS_LENGTH_IN_BYTES (512/8) -#define SSL_MAX_KEY_ARG_LENGTH 8 -#define SSL_MAX_MASTER_KEY_LENGTH 48 - - -/* These are used to specify which ciphers to use and not to use */ - -#define SSL_TXT_LOW "LOW" -#define SSL_TXT_MEDIUM "MEDIUM" -#define SSL_TXT_HIGH "HIGH" - -#define SSL_TXT_kFZA "kFZA" /* unused! */ -#define SSL_TXT_aFZA "aFZA" /* unused! */ -#define SSL_TXT_eFZA "eFZA" /* unused! */ -#define SSL_TXT_FZA "FZA" /* unused! */ - -#define SSL_TXT_aNULL "aNULL" -#define SSL_TXT_eNULL "eNULL" -#define SSL_TXT_NULL "NULL" - -#define SSL_TXT_kRSA "kRSA" -#define SSL_TXT_kDHr "kDHr" /* no such ciphersuites supported! */ -#define SSL_TXT_kDHd "kDHd" /* no such ciphersuites supported! */ -#define SSL_TXT_kDH "kDH" /* no such ciphersuites supported! */ -#define SSL_TXT_kEDH "kEDH" -#define SSL_TXT_kKRB5 "kKRB5" -#define SSL_TXT_kECDHr "kECDHr" -#define SSL_TXT_kECDHe "kECDHe" -#define SSL_TXT_kECDH "kECDH" -#define SSL_TXT_kEECDH "kEECDH" -#define SSL_TXT_kPSK "kPSK" -#define SSL_TXT_kGOST "kGOST" -#define SSL_TXT_kSRP "kSRP" - -#define SSL_TXT_aRSA "aRSA" -#define SSL_TXT_aDSS "aDSS" -#define SSL_TXT_aDH "aDH" /* no such ciphersuites supported! */ -#define SSL_TXT_aECDH "aECDH" -#define SSL_TXT_aKRB5 "aKRB5" -#define SSL_TXT_aECDSA "aECDSA" -#define SSL_TXT_aPSK "aPSK" -#define SSL_TXT_aGOST94 "aGOST94" -#define SSL_TXT_aGOST01 "aGOST01" -#define SSL_TXT_aGOST "aGOST" - -#define SSL_TXT_DSS "DSS" -#define SSL_TXT_DH "DH" -#define SSL_TXT_DHE "DHE" /* same as "kDHE:-ADH" */ -#define SSL_TXT_EDH "EDH" /* previous name for DHE */ -#define SSL_TXT_ADH "ADH" -#define SSL_TXT_RSA "RSA" -#define SSL_TXT_ECDH "ECDH" -#define SSL_TXT_ECDHE "ECDHE" /* same as "kECDHE:-AECDH" */ -#define SSL_TXT_EECDH "EECDH" /* previous name for ECDHE */ -#define SSL_TXT_AECDH "AECDH" -#define SSL_TXT_ECDSA "ECDSA" -#define SSL_TXT_KRB5 "KRB5" -#define SSL_TXT_PSK "PSK" -#define SSL_TXT_SRP "SRP" - -#define SSL_TXT_DES "DES" -#define SSL_TXT_3DES "3DES" -#define SSL_TXT_RC4 "RC4" -#define SSL_TXT_RC2 "RC2" -#define SSL_TXT_IDEA "IDEA" -#define SSL_TXT_SEED "SEED" -#define SSL_TXT_AES128 "AES128" -#define SSL_TXT_AES256 "AES256" -#define SSL_TXT_AES "AES" -#define SSL_TXT_AES_GCM "AESGCM" -#define SSL_TXT_CAMELLIA128 "CAMELLIA128" -#define SSL_TXT_CAMELLIA256 "CAMELLIA256" -#define SSL_TXT_CAMELLIA "CAMELLIA" -#define SSL_TXT_CHACHA20 "CHACHA20" - -#define SSL_TXT_AEAD "AEAD" -#define SSL_TXT_MD5 "MD5" -#define SSL_TXT_SHA1 "SHA1" -#define SSL_TXT_SHA "SHA" /* same as "SHA1" */ -#define SSL_TXT_GOST94 "GOST94" -#define SSL_TXT_GOST89MAC "GOST89MAC" -#define SSL_TXT_SHA256 "SHA256" -#define SSL_TXT_SHA384 "SHA384" -#define SSL_TXT_STREEBOG256 "STREEBOG256" -#define SSL_TXT_STREEBOG512 "STREEBOG512" - -#define SSL_TXT_DTLS1 "DTLSv1" -#define SSL_TXT_SSLV2 "SSLv2" -#define SSL_TXT_SSLV3 "SSLv3" -#define SSL_TXT_TLSV1 "TLSv1" -#define SSL_TXT_TLSV1_1 "TLSv1.1" -#define SSL_TXT_TLSV1_2 "TLSv1.2" -#if defined(LIBRESSL_HAS_TLS1_3) || defined(LIBRESSL_INTERNAL) -#define SSL_TXT_TLSV1_3 "TLSv1.3" -#endif - -#define SSL_TXT_EXP "EXP" -#define SSL_TXT_EXPORT "EXPORT" - -#define SSL_TXT_ALL "ALL" - -/* - * COMPLEMENTOF* definitions. These identifiers are used to (de-select) - * ciphers normally not being used. - * Example: "RC4" will activate all ciphers using RC4 including ciphers - * without authentication, which would normally disabled by DEFAULT (due - * the "!ADH" being part of default). Therefore "RC4:!COMPLEMENTOFDEFAULT" - * will make sure that it is also disabled in the specific selection. - * COMPLEMENTOF* identifiers are portable between version, as adjustments - * to the default cipher setup will also be included here. - * - * COMPLEMENTOFDEFAULT does not experience the same special treatment that - * DEFAULT gets, as only selection is being done and no sorting as needed - * for DEFAULT. - */ -#define SSL_TXT_CMPALL "COMPLEMENTOFALL" -#define SSL_TXT_CMPDEF "COMPLEMENTOFDEFAULT" - -/* The following cipher list is used by default. - * It also is substituted when an application-defined cipher list string - * starts with 'DEFAULT'. */ -#define SSL_DEFAULT_CIPHER_LIST "ALL:!aNULL:!eNULL:!SSLv2" -/* As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always - * starts with a reasonable order, and all we have to do for DEFAULT is - * throwing out anonymous and unencrypted ciphersuites! - * (The latter are not actually enabled by ALL, but "ALL:RSA" would enable - * some of them.) - */ - -/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */ -#define SSL_SENT_SHUTDOWN 1 -#define SSL_RECEIVED_SHUTDOWN 2 - - -#define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1 -#define SSL_FILETYPE_PEM X509_FILETYPE_PEM - -/* This is needed to stop compilers complaining about the - * 'struct ssl_st *' function parameters used to prototype callbacks - * in SSL_CTX. */ -typedef struct ssl_st *ssl_crock_st; - -typedef struct tls_session_ticket_ext_st TLS_SESSION_TICKET_EXT; -typedef struct ssl_method_st SSL_METHOD; -typedef struct ssl_cipher_st SSL_CIPHER; -typedef struct ssl_session_st SSL_SESSION; - -DECLARE_STACK_OF(SSL_CIPHER) - -/* SRTP protection profiles for use with the use_srtp extension (RFC 5764)*/ -typedef struct srtp_protection_profile_st { - const char *name; - unsigned long id; -} SRTP_PROTECTION_PROFILE; - -DECLARE_STACK_OF(SRTP_PROTECTION_PROFILE) - -typedef int (*tls_session_ticket_ext_cb_fn)(SSL *s, const unsigned char *data, - int len, void *arg); -typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len, - STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg); - -#ifndef OPENSSL_NO_SSL_INTERN - -/* used to hold info on the particular ciphers used */ -struct ssl_cipher_st { - int valid; - const char *name; /* text name */ - unsigned long id; /* id, 4 bytes, first is version */ - - unsigned long algorithm_mkey; /* key exchange algorithm */ - unsigned long algorithm_auth; /* server authentication */ - unsigned long algorithm_enc; /* symmetric encryption */ - unsigned long algorithm_mac; /* symmetric authentication */ - unsigned long algorithm_ssl; /* (major) protocol version */ - - unsigned long algo_strength; /* strength and export flags */ - unsigned long algorithm2; /* Extra flags */ - int strength_bits; /* Number of bits really used */ - int alg_bits; /* Number of bits for algorithm */ -}; - - -/* Used to hold functions for SSLv3/TLSv1 functions */ -struct ssl_method_internal_st; - -struct ssl_method_st { - int (*ssl_dispatch_alert)(SSL *s); - int (*num_ciphers)(void); - const SSL_CIPHER *(*get_cipher)(unsigned ncipher); - const SSL_CIPHER *(*get_cipher_by_char)(const unsigned char *ptr); - int (*put_cipher_by_char)(const SSL_CIPHER *cipher, unsigned char *ptr); - - const struct ssl_method_internal_st *internal; -}; - -/* Lets make this into an ASN.1 type structure as follows - * SSL_SESSION_ID ::= SEQUENCE { - * version INTEGER, -- structure version number - * SSLversion INTEGER, -- SSL version number - * Cipher OCTET STRING, -- the 3 byte cipher ID - * Session_ID OCTET STRING, -- the Session ID - * Master_key OCTET STRING, -- the master key - * KRB5_principal OCTET STRING -- optional Kerberos principal - * Time [ 1 ] EXPLICIT INTEGER, -- optional Start Time - * Timeout [ 2 ] EXPLICIT INTEGER, -- optional Timeout ins seconds - * Peer [ 3 ] EXPLICIT X509, -- optional Peer Certificate - * Session_ID_context [ 4 ] EXPLICIT OCTET STRING, -- the Session ID context - * Verify_result [ 5 ] EXPLICIT INTEGER, -- X509_V_... code for `Peer' - * HostName [ 6 ] EXPLICIT OCTET STRING, -- optional HostName from servername TLS extension - * PSK_identity_hint [ 7 ] EXPLICIT OCTET STRING, -- optional PSK identity hint - * PSK_identity [ 8 ] EXPLICIT OCTET STRING, -- optional PSK identity - * Ticket_lifetime_hint [9] EXPLICIT INTEGER, -- server's lifetime hint for session ticket - * Ticket [10] EXPLICIT OCTET STRING, -- session ticket (clients only) - * Compression_meth [11] EXPLICIT OCTET STRING, -- optional compression method - * SRP_username [ 12 ] EXPLICIT OCTET STRING -- optional SRP username - * } - * Look in ssl/ssl_asn1.c for more details - * I'm using EXPLICIT tags so I can read the damn things using asn1parse :-). - */ -struct ssl_session_internal_st; - -struct ssl_session_st { - int ssl_version; /* what ssl version session info is - * being kept in here? */ - - int master_key_length; - unsigned char master_key[SSL_MAX_MASTER_KEY_LENGTH]; - - /* session_id - valid? */ - unsigned int session_id_length; - unsigned char session_id[SSL_MAX_SSL_SESSION_ID_LENGTH]; - - /* this is used to determine whether the session is being reused in - * the appropriate context. It is up to the application to set this, - * via SSL_new */ - unsigned int sid_ctx_length; - unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH]; - - /* This is the cert for the other end. */ - X509 *peer; - - /* when app_verify_callback accepts a session where the peer's certificate - * is not ok, we must remember the error for session reuse: */ - long verify_result; /* only for servers */ - - long timeout; - time_t time; - int references; - - const SSL_CIPHER *cipher; - unsigned long cipher_id; /* when ASN.1 loaded, this - * needs to be used to load - * the 'cipher' structure */ - - STACK_OF(SSL_CIPHER) *ciphers; /* shared ciphers? */ - - char *tlsext_hostname; - - /* RFC4507 info */ - unsigned char *tlsext_tick; /* Session ticket */ - size_t tlsext_ticklen; /* Session ticket length */ - long tlsext_tick_lifetime_hint; /* Session lifetime hint in seconds */ - - struct ssl_session_internal_st *internal; -}; - -#endif - -/* Allow initial connection to servers that don't support RI */ -#define SSL_OP_LEGACY_SERVER_CONNECT 0x00000004L - -/* Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added - * in OpenSSL 0.9.6d. Usually (depending on the application protocol) - * the workaround is not needed. - * Unfortunately some broken SSL/TLS implementations cannot handle it - * at all, which is why it was previously included in SSL_OP_ALL. - * Now it's not. - */ -#define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS 0x00000800L - -/* DTLS options */ -#define SSL_OP_NO_QUERY_MTU 0x00001000L -/* Turn on Cookie Exchange (on relevant for servers) */ -#define SSL_OP_COOKIE_EXCHANGE 0x00002000L -/* Don't use RFC4507 ticket extension */ -#define SSL_OP_NO_TICKET 0x00004000L - -/* As server, disallow session resumption on renegotiation */ -#define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000L -/* Disallow client initiated renegotiation. */ -#define SSL_OP_NO_CLIENT_RENEGOTIATION 0x00020000L -/* If set, always create a new key when using tmp_dh parameters */ -#define SSL_OP_SINGLE_DH_USE 0x00100000L -/* Set on servers to choose the cipher according to the server's - * preferences */ -#define SSL_OP_CIPHER_SERVER_PREFERENCE 0x00400000L - -#define SSL_OP_NO_TLSv1 0x04000000L -#define SSL_OP_NO_TLSv1_2 0x08000000L -#define SSL_OP_NO_TLSv1_1 0x10000000L - -#if defined(LIBRESSL_HAS_TLS1_3) || defined(LIBRESSL_INTERNAL) -#define SSL_OP_NO_TLSv1_3 0x20000000L -#endif - -/* SSL_OP_ALL: various bug workarounds that should be rather harmless. */ -#define SSL_OP_ALL \ - (SSL_OP_LEGACY_SERVER_CONNECT) - -/* Obsolete flags kept for compatibility. No sane code should use them. */ -#define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x0 -#define SSL_OP_CISCO_ANYCONNECT 0x0 -#define SSL_OP_CRYPTOPRO_TLSEXT_BUG 0x0 -#define SSL_OP_EPHEMERAL_RSA 0x0 -#define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x0 -#define SSL_OP_MICROSOFT_SESS_ID_BUG 0x0 -#define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x0 -#define SSL_OP_NETSCAPE_CA_DN_BUG 0x0 -#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x0 -#define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x0 -#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x0 -#define SSL_OP_NO_COMPRESSION 0x0 -#define SSL_OP_NO_SSLv2 0x0 -#define SSL_OP_NO_SSLv3 0x0 -#define SSL_OP_PKCS1_CHECK_1 0x0 -#define SSL_OP_PKCS1_CHECK_2 0x0 -#define SSL_OP_SAFARI_ECDHE_ECDSA_BUG 0x0 -#define SSL_OP_SINGLE_ECDH_USE 0x0 -#define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x0 -#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x0 -#define SSL_OP_TLSEXT_PADDING 0x0 -#define SSL_OP_TLS_BLOCK_PADDING_BUG 0x0 -#define SSL_OP_TLS_D5_BUG 0x0 -#define SSL_OP_TLS_ROLLBACK_BUG 0x0 - -/* Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success - * when just a single record has been written): */ -#define SSL_MODE_ENABLE_PARTIAL_WRITE 0x00000001L -/* Make it possible to retry SSL_write() with changed buffer location - * (buffer contents must stay the same!); this is not the default to avoid - * the misconception that non-blocking SSL_write() behaves like - * non-blocking write(): */ -#define SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 0x00000002L -/* Never bother the application with retries if the transport - * is blocking: */ -#define SSL_MODE_AUTO_RETRY 0x00000004L -/* Don't attempt to automatically build certificate chain */ -#define SSL_MODE_NO_AUTO_CHAIN 0x00000008L -/* Save RAM by releasing read and write buffers when they're empty. (SSL3 and - * TLS only.) "Released" buffers are put onto a free-list in the context - * or just freed (depending on the context's setting for freelist_max_len). */ -#define SSL_MODE_RELEASE_BUFFERS 0x00000010L - -/* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value, - * they cannot be used to clear bits. */ - -#define SSL_CTX_set_options(ctx,op) \ - SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL) -#define SSL_CTX_clear_options(ctx,op) \ - SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_OPTIONS,(op),NULL) -#define SSL_CTX_get_options(ctx) \ - SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,0,NULL) -#define SSL_set_options(ssl,op) \ - SSL_ctrl((ssl),SSL_CTRL_OPTIONS,(op),NULL) -#define SSL_clear_options(ssl,op) \ - SSL_ctrl((ssl),SSL_CTRL_CLEAR_OPTIONS,(op),NULL) -#define SSL_get_options(ssl) \ - SSL_ctrl((ssl),SSL_CTRL_OPTIONS,0,NULL) - -#define SSL_CTX_set_mode(ctx,op) \ - SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL) -#define SSL_CTX_clear_mode(ctx,op) \ - SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_MODE,(op),NULL) -#define SSL_CTX_get_mode(ctx) \ - SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,0,NULL) -#define SSL_clear_mode(ssl,op) \ - SSL_ctrl((ssl),SSL_CTRL_CLEAR_MODE,(op),NULL) -#define SSL_set_mode(ssl,op) \ - SSL_ctrl((ssl),SSL_CTRL_MODE,(op),NULL) -#define SSL_get_mode(ssl) \ - SSL_ctrl((ssl),SSL_CTRL_MODE,0,NULL) -#define SSL_set_mtu(ssl, mtu) \ - SSL_ctrl((ssl),SSL_CTRL_SET_MTU,(mtu),NULL) - -#define SSL_get_secure_renegotiation_support(ssl) \ - SSL_ctrl((ssl), SSL_CTRL_GET_RI_SUPPORT, 0, NULL) - -void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, - int version, int content_type, const void *buf, size_t len, SSL *ssl, - void *arg)); -void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, - int content_type, const void *buf, size_t len, SSL *ssl, void *arg)); -#define SSL_CTX_set_msg_callback_arg(ctx, arg) SSL_CTX_ctrl((ctx), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg)) -#define SSL_set_msg_callback_arg(ssl, arg) SSL_ctrl((ssl), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg)) - -struct ssl_aead_ctx_st; -typedef struct ssl_aead_ctx_st SSL_AEAD_CTX; - -#define SSL_MAX_CERT_LIST_DEFAULT 1024*100 /* 100k max cert list :-) */ - -#define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT (1024*20) - -/* This callback type is used inside SSL_CTX, SSL, and in the functions that set - * them. It is used to override the generation of SSL/TLS session IDs in a - * server. Return value should be zero on an error, non-zero to proceed. Also, - * callbacks should themselves check if the id they generate is unique otherwise - * the SSL handshake will fail with an error - callbacks can do this using the - * 'ssl' value they're passed by; - * SSL_has_matching_session_id(ssl, id, *id_len) - * The length value passed in is set at the maximum size the session ID can be. - * In SSLv2 this is 16 bytes, whereas SSLv3/TLSv1 it is 32 bytes. The callback - * can alter this length to be less if desired, but under SSLv2 session IDs are - * supposed to be fixed at 16 bytes so the id will be padded after the callback - * returns in this case. It is also an error for the callback to set the size to - * zero. */ -typedef int (*GEN_SESSION_CB)(const SSL *ssl, unsigned char *id, - unsigned int *id_len); - -typedef struct ssl_comp_st SSL_COMP; - -#ifndef OPENSSL_NO_SSL_INTERN - -struct ssl_comp_st { - int id; - const char *name; -}; - -DECLARE_STACK_OF(SSL_COMP) -struct lhash_st_SSL_SESSION { - int dummy; -}; - -struct ssl_ctx_internal_st; - -struct ssl_ctx_st { - const SSL_METHOD *method; - - STACK_OF(SSL_CIPHER) *cipher_list; - - struct x509_store_st /* X509_STORE */ *cert_store; - - /* If timeout is not 0, it is the default timeout value set - * when SSL_new() is called. This has been put in to make - * life easier to set things up */ - long session_timeout; - - int references; - - /* Default values to use in SSL structures follow (these are copied by SSL_new) */ - - STACK_OF(X509) *extra_certs; - - int verify_mode; - unsigned int sid_ctx_length; - unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH]; - - X509_VERIFY_PARAM *param; - - /* - * XXX - * default_passwd_cb used by python and openvpn, need to keep it until we - * add an accessor - */ - /* Default password callback. */ - pem_password_cb *default_passwd_callback; - - /* Default password callback user data. */ - void *default_passwd_callback_userdata; - - struct ssl_ctx_internal_st *internal; -}; - -#endif - -#define SSL_SESS_CACHE_OFF 0x0000 -#define SSL_SESS_CACHE_CLIENT 0x0001 -#define SSL_SESS_CACHE_SERVER 0x0002 -#define SSL_SESS_CACHE_BOTH (SSL_SESS_CACHE_CLIENT|SSL_SESS_CACHE_SERVER) -#define SSL_SESS_CACHE_NO_AUTO_CLEAR 0x0080 -/* enough comments already ... see SSL_CTX_set_session_cache_mode(3) */ -#define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP 0x0100 -#define SSL_SESS_CACHE_NO_INTERNAL_STORE 0x0200 -#define SSL_SESS_CACHE_NO_INTERNAL \ - (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP|SSL_SESS_CACHE_NO_INTERNAL_STORE) - -struct lhash_st_SSL_SESSION *SSL_CTX_sessions(SSL_CTX *ctx); -#define SSL_CTX_sess_number(ctx) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_NUMBER,0,NULL) -#define SSL_CTX_sess_connect(ctx) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT,0,NULL) -#define SSL_CTX_sess_connect_good(ctx) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_GOOD,0,NULL) -#define SSL_CTX_sess_connect_renegotiate(ctx) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_RENEGOTIATE,0,NULL) -#define SSL_CTX_sess_accept(ctx) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT,0,NULL) -#define SSL_CTX_sess_accept_renegotiate(ctx) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_RENEGOTIATE,0,NULL) -#define SSL_CTX_sess_accept_good(ctx) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_GOOD,0,NULL) -#define SSL_CTX_sess_hits(ctx) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_HIT,0,NULL) -#define SSL_CTX_sess_cb_hits(ctx) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CB_HIT,0,NULL) -#define SSL_CTX_sess_misses(ctx) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_MISSES,0,NULL) -#define SSL_CTX_sess_timeouts(ctx) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_TIMEOUTS,0,NULL) -#define SSL_CTX_sess_cache_full(ctx) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CACHE_FULL,0,NULL) - -void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx, - int (*new_session_cb)(struct ssl_st *ssl, SSL_SESSION *sess)); -int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx))(struct ssl_st *ssl, - SSL_SESSION *sess); -void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx, - void (*remove_session_cb)(struct ssl_ctx_st *ctx, SSL_SESSION *sess)); -void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx))(struct ssl_ctx_st *ctx, - SSL_SESSION *sess); -void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx, - SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl, - const unsigned char *data, int len, int *copy)); -SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(struct ssl_st *ssl, - const unsigned char *data, int len, int *copy); -void SSL_CTX_set_info_callback(SSL_CTX *ctx, void (*cb)(const SSL *ssl, - int type, int val)); -void (*SSL_CTX_get_info_callback(SSL_CTX *ctx))(const SSL *ssl, int type, - int val); -void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx, - int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey)); -int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL *ssl, X509 **x509, - EVP_PKEY **pkey); -#ifndef OPENSSL_NO_ENGINE -int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e); -#endif -void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx, - int (*app_gen_cookie_cb)(SSL *ssl, unsigned char *cookie, - unsigned int *cookie_len)); -void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx, - int (*app_verify_cookie_cb)(SSL *ssl, const unsigned char *cookie, - unsigned int cookie_len)); -void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *s, int (*cb)(SSL *ssl, - const unsigned char **out, unsigned int *outlen, void *arg), void *arg); -void SSL_CTX_set_next_proto_select_cb(SSL_CTX *s, int (*cb)(SSL *ssl, - unsigned char **out, unsigned char *outlen, const unsigned char *in, - unsigned int inlen, void *arg), void *arg); - -int SSL_select_next_proto(unsigned char **out, unsigned char *outlen, - const unsigned char *in, unsigned int inlen, const unsigned char *client, - unsigned int client_len); -void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data, - unsigned *len); - -#define OPENSSL_NPN_UNSUPPORTED 0 -#define OPENSSL_NPN_NEGOTIATED 1 -#define OPENSSL_NPN_NO_OVERLAP 2 - -int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos, - unsigned int protos_len); -int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos, - unsigned int protos_len); -void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx, - int (*cb)(SSL *ssl, const unsigned char **out, unsigned char *outlen, - const unsigned char *in, unsigned int inlen, void *arg), void *arg); -void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data, - unsigned int *len); - -#define SSL_NOTHING 1 -#define SSL_WRITING 2 -#define SSL_READING 3 -#define SSL_X509_LOOKUP 4 - -/* These will only be used when doing non-blocking IO */ -#define SSL_want_nothing(s) (SSL_want(s) == SSL_NOTHING) -#define SSL_want_read(s) (SSL_want(s) == SSL_READING) -#define SSL_want_write(s) (SSL_want(s) == SSL_WRITING) -#define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP) - -#define SSL_MAC_FLAG_READ_MAC_STREAM 1 -#define SSL_MAC_FLAG_WRITE_MAC_STREAM 2 - -#ifndef OPENSSL_NO_SSL_INTERN -struct ssl_internal_st; - -struct ssl_st { - /* protocol version - * (one of SSL2_VERSION, SSL3_VERSION, TLS1_VERSION, DTLS1_VERSION) - */ - int version; - - const SSL_METHOD *method; /* SSLv3 */ - - /* There are 2 BIO's even though they are normally both the - * same. This is so data can be read and written to different - * handlers */ - - BIO *rbio; /* used by SSL_read */ - BIO *wbio; /* used by SSL_write */ - BIO *bbio; /* used during session-id reuse to concatenate - * messages */ - int server; /* are we the server side? - mostly used by SSL_clear*/ - - struct ssl3_state_st *s3; /* SSLv3 variables */ - struct dtls1_state_st *d1; /* DTLSv1 variables */ - - X509_VERIFY_PARAM *param; - - /* crypto */ - STACK_OF(SSL_CIPHER) *cipher_list; - - /* This is used to hold the server certificate used */ - struct cert_st /* CERT */ *cert; - - /* the session_id_context is used to ensure sessions are only reused - * in the appropriate context */ - unsigned int sid_ctx_length; - unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH]; - - /* This can also be in the session once a session is established */ - SSL_SESSION *session; - - /* Used in SSL2 and SSL3 */ - int verify_mode; /* 0 don't care about verify failure. - * 1 fail if verify fails */ - int error; /* error bytes to be written */ - int error_code; /* actual code */ - - SSL_CTX *ctx; - - long verify_result; - - int references; - - int client_version; /* what was passed, used for - * SSLv3/TLS rollback check */ - - unsigned int max_send_fragment; - - char *tlsext_hostname; - - /* certificate status request info */ - /* Status type or -1 if no status type */ - int tlsext_status_type; - - SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */ -#define session_ctx initial_ctx - - /* - * XXX really should be internal, but is - * touched unnaturally by wpa-supplicant - * and freeradius and other perversions - */ - EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */ - EVP_MD_CTX *read_hash; /* used for mac generation */ - - struct ssl_internal_st *internal; -}; - -#endif - -#ifdef __cplusplus -} -#endif - -#include <openssl/ssl2.h> -#include <openssl/ssl3.h> -#include <openssl/tls1.h> /* This is mostly sslv3 with a few tweaks */ -#include <openssl/dtls1.h> /* Datagram TLS */ -#include <openssl/ssl23.h> -#include <openssl/srtp.h> /* Support for the use_srtp extension */ - -#ifdef __cplusplus -extern "C" { -#endif - -/* compatibility */ -#define SSL_set_app_data(s,arg) (SSL_set_ex_data(s,0,(char *)arg)) -#define SSL_get_app_data(s) (SSL_get_ex_data(s,0)) -#define SSL_SESSION_set_app_data(s,a) (SSL_SESSION_set_ex_data(s,0,(char *)a)) -#define SSL_SESSION_get_app_data(s) (SSL_SESSION_get_ex_data(s,0)) -#define SSL_CTX_get_app_data(ctx) (SSL_CTX_get_ex_data(ctx,0)) -#define SSL_CTX_set_app_data(ctx,arg) (SSL_CTX_set_ex_data(ctx,0,(char *)arg)) - -/* The following are the possible values for ssl->state are are - * used to indicate where we are up to in the SSL connection establishment. - * The macros that follow are about the only things you should need to use - * and even then, only when using non-blocking IO. - * It can also be useful to work out where you were when the connection - * failed */ - -#define SSL_ST_CONNECT 0x1000 -#define SSL_ST_ACCEPT 0x2000 -#define SSL_ST_MASK 0x0FFF -#define SSL_ST_INIT (SSL_ST_CONNECT|SSL_ST_ACCEPT) -#define SSL_ST_BEFORE 0x4000 -#define SSL_ST_OK 0x03 -#define SSL_ST_RENEGOTIATE (0x04|SSL_ST_INIT) - -#define SSL_CB_LOOP 0x01 -#define SSL_CB_EXIT 0x02 -#define SSL_CB_READ 0x04 -#define SSL_CB_WRITE 0x08 -#define SSL_CB_ALERT 0x4000 /* used in callback */ -#define SSL_CB_READ_ALERT (SSL_CB_ALERT|SSL_CB_READ) -#define SSL_CB_WRITE_ALERT (SSL_CB_ALERT|SSL_CB_WRITE) -#define SSL_CB_ACCEPT_LOOP (SSL_ST_ACCEPT|SSL_CB_LOOP) -#define SSL_CB_ACCEPT_EXIT (SSL_ST_ACCEPT|SSL_CB_EXIT) -#define SSL_CB_CONNECT_LOOP (SSL_ST_CONNECT|SSL_CB_LOOP) -#define SSL_CB_CONNECT_EXIT (SSL_ST_CONNECT|SSL_CB_EXIT) -#define SSL_CB_HANDSHAKE_START 0x10 -#define SSL_CB_HANDSHAKE_DONE 0x20 - -/* Is the SSL_connection established? */ -#define SSL_get_state(a) (SSL_state((a))) -#define SSL_is_init_finished(a) (SSL_state((a)) == SSL_ST_OK) -#define SSL_in_init(a) (SSL_state((a))&SSL_ST_INIT) -#define SSL_in_before(a) (SSL_state((a))&SSL_ST_BEFORE) -#define SSL_in_connect_init(a) (SSL_state((a))&SSL_ST_CONNECT) -#define SSL_in_accept_init(a) (SSL_state((a))&SSL_ST_ACCEPT) - -/* The following 2 states are kept in ssl->rstate when reads fail, - * you should not need these */ -#define SSL_ST_READ_HEADER 0xF0 -#define SSL_ST_READ_BODY 0xF1 -#define SSL_ST_READ_DONE 0xF2 - -/* Obtain latest Finished message - * -- that we sent (SSL_get_finished) - * -- that we expected from peer (SSL_get_peer_finished). - * Returns length (0 == no Finished so far), copies up to 'count' bytes. */ -size_t SSL_get_finished(const SSL *s, void *buf, size_t count); -size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count); - -/* use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 2 options - * are 'ored' with SSL_VERIFY_PEER if they are desired */ -#define SSL_VERIFY_NONE 0x00 -#define SSL_VERIFY_PEER 0x01 -#define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02 -#define SSL_VERIFY_CLIENT_ONCE 0x04 - -#define OpenSSL_add_ssl_algorithms() SSL_library_init() -#define SSLeay_add_ssl_algorithms() SSL_library_init() - -/* More backward compatibility */ -#define SSL_get_cipher(s) \ - SSL_CIPHER_get_name(SSL_get_current_cipher(s)) -#define SSL_get_cipher_bits(s,np) \ - SSL_CIPHER_get_bits(SSL_get_current_cipher(s),np) -#define SSL_get_cipher_version(s) \ - SSL_CIPHER_get_version(SSL_get_current_cipher(s)) -#define SSL_get_cipher_name(s) \ - SSL_CIPHER_get_name(SSL_get_current_cipher(s)) -#define SSL_get_time(a) SSL_SESSION_get_time(a) -#define SSL_set_time(a,b) SSL_SESSION_set_time((a),(b)) -#define SSL_get_timeout(a) SSL_SESSION_get_timeout(a) -#define SSL_set_timeout(a,b) SSL_SESSION_set_timeout((a),(b)) - -#define d2i_SSL_SESSION_bio(bp,s_id) ASN1_d2i_bio_of(SSL_SESSION,SSL_SESSION_new,d2i_SSL_SESSION,bp,s_id) -#define i2d_SSL_SESSION_bio(bp,s_id) ASN1_i2d_bio_of(SSL_SESSION,i2d_SSL_SESSION,bp,s_id) - -SSL_SESSION *PEM_read_bio_SSL_SESSION(BIO *bp, SSL_SESSION **x, - pem_password_cb *cb, void *u); -SSL_SESSION *PEM_read_SSL_SESSION(FILE *fp, SSL_SESSION **x, - pem_password_cb *cb, void *u); -int PEM_write_bio_SSL_SESSION(BIO *bp, SSL_SESSION *x); -int PEM_write_SSL_SESSION(FILE *fp, SSL_SESSION *x); - -#define SSL_AD_REASON_OFFSET 1000 /* offset to get SSL_R_... value from SSL_AD_... */ - -/* These alert types are for SSLv3 and TLSv1 */ -#define SSL_AD_CLOSE_NOTIFY SSL3_AD_CLOSE_NOTIFY -#define SSL_AD_UNEXPECTED_MESSAGE SSL3_AD_UNEXPECTED_MESSAGE /* fatal */ -#define SSL_AD_BAD_RECORD_MAC SSL3_AD_BAD_RECORD_MAC /* fatal */ -#define SSL_AD_DECRYPTION_FAILED TLS1_AD_DECRYPTION_FAILED -#define SSL_AD_RECORD_OVERFLOW TLS1_AD_RECORD_OVERFLOW -#define SSL_AD_DECOMPRESSION_FAILURE SSL3_AD_DECOMPRESSION_FAILURE/* fatal */ -#define SSL_AD_HANDSHAKE_FAILURE SSL3_AD_HANDSHAKE_FAILURE/* fatal */ -#define SSL_AD_NO_CERTIFICATE SSL3_AD_NO_CERTIFICATE /* Not for TLS */ -#define SSL_AD_BAD_CERTIFICATE SSL3_AD_BAD_CERTIFICATE -#define SSL_AD_UNSUPPORTED_CERTIFICATE SSL3_AD_UNSUPPORTED_CERTIFICATE -#define SSL_AD_CERTIFICATE_REVOKED SSL3_AD_CERTIFICATE_REVOKED -#define SSL_AD_CERTIFICATE_EXPIRED SSL3_AD_CERTIFICATE_EXPIRED -#define SSL_AD_CERTIFICATE_UNKNOWN SSL3_AD_CERTIFICATE_UNKNOWN -#define SSL_AD_ILLEGAL_PARAMETER SSL3_AD_ILLEGAL_PARAMETER /* fatal */ -#define SSL_AD_UNKNOWN_CA TLS1_AD_UNKNOWN_CA /* fatal */ -#define SSL_AD_ACCESS_DENIED TLS1_AD_ACCESS_DENIED /* fatal */ -#define SSL_AD_DECODE_ERROR TLS1_AD_DECODE_ERROR /* fatal */ -#define SSL_AD_DECRYPT_ERROR TLS1_AD_DECRYPT_ERROR -#define SSL_AD_EXPORT_RESTRICTION TLS1_AD_EXPORT_RESTRICTION/* fatal */ -#define SSL_AD_PROTOCOL_VERSION TLS1_AD_PROTOCOL_VERSION /* fatal */ -#define SSL_AD_INSUFFICIENT_SECURITY TLS1_AD_INSUFFICIENT_SECURITY/* fatal */ -#define SSL_AD_INTERNAL_ERROR TLS1_AD_INTERNAL_ERROR /* fatal */ -#define SSL_AD_INAPPROPRIATE_FALLBACK TLS1_AD_INAPPROPRIATE_FALLBACK /* fatal */ -#define SSL_AD_USER_CANCELLED TLS1_AD_USER_CANCELLED -#define SSL_AD_NO_RENEGOTIATION TLS1_AD_NO_RENEGOTIATION -#define SSL_AD_UNSUPPORTED_EXTENSION TLS1_AD_UNSUPPORTED_EXTENSION -#define SSL_AD_CERTIFICATE_UNOBTAINABLE TLS1_AD_CERTIFICATE_UNOBTAINABLE -#define SSL_AD_UNRECOGNIZED_NAME TLS1_AD_UNRECOGNIZED_NAME -#define SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE -#define SSL_AD_BAD_CERTIFICATE_HASH_VALUE TLS1_AD_BAD_CERTIFICATE_HASH_VALUE -#define SSL_AD_UNKNOWN_PSK_IDENTITY TLS1_AD_UNKNOWN_PSK_IDENTITY /* fatal */ - -#define SSL_ERROR_NONE 0 -#define SSL_ERROR_SSL 1 -#define SSL_ERROR_WANT_READ 2 -#define SSL_ERROR_WANT_WRITE 3 -#define SSL_ERROR_WANT_X509_LOOKUP 4 -#define SSL_ERROR_SYSCALL 5 /* look at error stack/return value/errno */ -#define SSL_ERROR_ZERO_RETURN 6 -#define SSL_ERROR_WANT_CONNECT 7 -#define SSL_ERROR_WANT_ACCEPT 8 - -#define SSL_CTRL_NEED_TMP_RSA 1 -#define SSL_CTRL_SET_TMP_RSA 2 -#define SSL_CTRL_SET_TMP_DH 3 -#define SSL_CTRL_SET_TMP_ECDH 4 -#define SSL_CTRL_SET_TMP_RSA_CB 5 -#define SSL_CTRL_SET_TMP_DH_CB 6 -#define SSL_CTRL_SET_TMP_ECDH_CB 7 - -#define SSL_CTRL_GET_SESSION_REUSED 8 -#define SSL_CTRL_GET_CLIENT_CERT_REQUEST 9 -#define SSL_CTRL_GET_NUM_RENEGOTIATIONS 10 -#define SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS 11 -#define SSL_CTRL_GET_TOTAL_RENEGOTIATIONS 12 -#define SSL_CTRL_GET_FLAGS 13 -#define SSL_CTRL_EXTRA_CHAIN_CERT 14 - -#define SSL_CTRL_SET_MSG_CALLBACK 15 -#define SSL_CTRL_SET_MSG_CALLBACK_ARG 16 - -/* only applies to datagram connections */ -#define SSL_CTRL_SET_MTU 17 -/* Stats */ -#define SSL_CTRL_SESS_NUMBER 20 -#define SSL_CTRL_SESS_CONNECT 21 -#define SSL_CTRL_SESS_CONNECT_GOOD 22 -#define SSL_CTRL_SESS_CONNECT_RENEGOTIATE 23 -#define SSL_CTRL_SESS_ACCEPT 24 -#define SSL_CTRL_SESS_ACCEPT_GOOD 25 -#define SSL_CTRL_SESS_ACCEPT_RENEGOTIATE 26 -#define SSL_CTRL_SESS_HIT 27 -#define SSL_CTRL_SESS_CB_HIT 28 -#define SSL_CTRL_SESS_MISSES 29 -#define SSL_CTRL_SESS_TIMEOUTS 30 -#define SSL_CTRL_SESS_CACHE_FULL 31 -#define SSL_CTRL_OPTIONS 32 -#define SSL_CTRL_MODE 33 - -#define SSL_CTRL_GET_READ_AHEAD 40 -#define SSL_CTRL_SET_READ_AHEAD 41 -#define SSL_CTRL_SET_SESS_CACHE_SIZE 42 -#define SSL_CTRL_GET_SESS_CACHE_SIZE 43 -#define SSL_CTRL_SET_SESS_CACHE_MODE 44 -#define SSL_CTRL_GET_SESS_CACHE_MODE 45 - -#define SSL_CTRL_GET_MAX_CERT_LIST 50 -#define SSL_CTRL_SET_MAX_CERT_LIST 51 - -#define SSL_CTRL_SET_MAX_SEND_FRAGMENT 52 - -/* see tls1.h for macros based on these */ -#define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB 53 -#define SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG 54 -#define SSL_CTRL_SET_TLSEXT_HOSTNAME 55 -#define SSL_CTRL_SET_TLSEXT_DEBUG_CB 56 -#define SSL_CTRL_SET_TLSEXT_DEBUG_ARG 57 -#define SSL_CTRL_GET_TLSEXT_TICKET_KEYS 58 -#define SSL_CTRL_SET_TLSEXT_TICKET_KEYS 59 -#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB 128 -#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB 63 -#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG 129 -#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG 64 -#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE 65 -#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS 66 -#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS 67 -#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS 68 -#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS 69 -#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP 70 -#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP 71 - -#define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB 72 - -#define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB 75 -#define SSL_CTRL_SET_SRP_VERIFY_PARAM_CB 76 -#define SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB 77 - -#define SSL_CTRL_SET_SRP_ARG 78 -#define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME 79 -#define SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH 80 -#define SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD 81 - -#define DTLS_CTRL_GET_TIMEOUT 73 -#define DTLS_CTRL_HANDLE_TIMEOUT 74 -#define DTLS_CTRL_LISTEN 75 - -#define SSL_CTRL_GET_RI_SUPPORT 76 -#define SSL_CTRL_CLEAR_OPTIONS 77 -#define SSL_CTRL_CLEAR_MODE 78 - -#define SSL_CTRL_GET_EXTRA_CHAIN_CERTS 82 -#define SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS 83 - -#define SSL_CTRL_CHAIN 88 -#define SSL_CTRL_CHAIN_CERT 89 - -#define SSL_CTRL_SET_GROUPS 91 -#define SSL_CTRL_SET_GROUPS_LIST 92 - -#define SSL_CTRL_SET_ECDH_AUTO 94 - -#define SSL_CTRL_GET_SERVER_TMP_KEY 109 - -#define SSL_CTRL_GET_CHAIN_CERTS 115 - -#define SSL_CTRL_SET_DH_AUTO 118 - -#define SSL_CTRL_SET_MIN_PROTO_VERSION 123 -#define SSL_CTRL_SET_MAX_PROTO_VERSION 124 -#define SSL_CTRL_GET_MIN_PROTO_VERSION 130 -#define SSL_CTRL_GET_MAX_PROTO_VERSION 131 - -#define DTLSv1_get_timeout(ssl, arg) \ - SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg) -#define DTLSv1_handle_timeout(ssl) \ - SSL_ctrl(ssl,DTLS_CTRL_HANDLE_TIMEOUT,0, NULL) -#define DTLSv1_listen(ssl, peer) \ - SSL_ctrl(ssl,DTLS_CTRL_LISTEN,0, (void *)peer) - -#define SSL_session_reused(ssl) \ - SSL_ctrl((ssl),SSL_CTRL_GET_SESSION_REUSED,0,NULL) -#define SSL_num_renegotiations(ssl) \ - SSL_ctrl((ssl),SSL_CTRL_GET_NUM_RENEGOTIATIONS,0,NULL) -#define SSL_clear_num_renegotiations(ssl) \ - SSL_ctrl((ssl),SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS,0,NULL) -#define SSL_total_renegotiations(ssl) \ - SSL_ctrl((ssl),SSL_CTRL_GET_TOTAL_RENEGOTIATIONS,0,NULL) - -#define SSL_CTX_need_tmp_RSA(ctx) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_NEED_TMP_RSA,0,NULL) -#define SSL_CTX_set_tmp_rsa(ctx,rsa) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa) -#define SSL_CTX_set_tmp_dh(ctx,dh) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)dh) -#define SSL_CTX_set_tmp_ecdh(ctx,ecdh) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh) -#define SSL_CTX_set_dh_auto(ctx, onoff) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SET_DH_AUTO,onoff,NULL) -#define SSL_CTX_set_ecdh_auto(ctx, onoff) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SET_ECDH_AUTO,onoff,NULL) - -#define SSL_need_tmp_RSA(ssl) \ - SSL_ctrl(ssl,SSL_CTRL_NEED_TMP_RSA,0,NULL) -#define SSL_set_tmp_rsa(ssl,rsa) \ - SSL_ctrl(ssl,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa) -#define SSL_set_tmp_dh(ssl,dh) \ - SSL_ctrl(ssl,SSL_CTRL_SET_TMP_DH,0,(char *)dh) -#define SSL_set_tmp_ecdh(ssl,ecdh) \ - SSL_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh) -#define SSL_set_dh_auto(s, onoff) \ - SSL_ctrl(s,SSL_CTRL_SET_DH_AUTO,onoff,NULL) -#define SSL_set_ecdh_auto(s, onoff) \ - SSL_ctrl(s,SSL_CTRL_SET_ECDH_AUTO,onoff,NULL) - -int SSL_CTX_set0_chain(SSL_CTX *ctx, STACK_OF(X509) *chain); -int SSL_CTX_set1_chain(SSL_CTX *ctx, STACK_OF(X509) *chain); -int SSL_CTX_add0_chain_cert(SSL_CTX *ctx, X509 *x509); -int SSL_CTX_add1_chain_cert(SSL_CTX *ctx, X509 *x509); -int SSL_CTX_get0_chain_certs(const SSL_CTX *ctx, STACK_OF(X509) **out_chain); -int SSL_CTX_clear_chain_certs(SSL_CTX *ctx); - -int SSL_set0_chain(SSL *ssl, STACK_OF(X509) *chain); -int SSL_set1_chain(SSL *ssl, STACK_OF(X509) *chain); -int SSL_add0_chain_cert(SSL *ssl, X509 *x509); -int SSL_add1_chain_cert(SSL *ssl, X509 *x509); -int SSL_get0_chain_certs(const SSL *ssl, STACK_OF(X509) **out_chain); -int SSL_clear_chain_certs(SSL *ssl); - -int SSL_CTX_set1_groups(SSL_CTX *ctx, const int *groups, size_t groups_len); -int SSL_CTX_set1_groups_list(SSL_CTX *ctx, const char *groups); - -int SSL_set1_groups(SSL *ssl, const int *groups, size_t groups_len); -int SSL_set1_groups_list(SSL *ssl, const char *groups); - -int SSL_CTX_get_min_proto_version(SSL_CTX *ctx); -int SSL_CTX_get_max_proto_version(SSL_CTX *ctx); -int SSL_CTX_set_min_proto_version(SSL_CTX *ctx, uint16_t version); -int SSL_CTX_set_max_proto_version(SSL_CTX *ctx, uint16_t version); - -int SSL_get_min_proto_version(SSL *ssl); -int SSL_get_max_proto_version(SSL *ssl); -int SSL_set_min_proto_version(SSL *ssl, uint16_t version); -int SSL_set_max_proto_version(SSL *ssl, uint16_t version); - -#ifndef LIBRESSL_INTERNAL -#define SSL_CTRL_SET_CURVES SSL_CTRL_SET_GROUPS -#define SSL_CTRL_SET_CURVES_LIST SSL_CTRL_SET_GROUPS_LIST - -#define SSL_CTX_set1_curves SSL_CTX_set1_groups -#define SSL_CTX_set1_curves_list SSL_CTX_set1_groups_list -#define SSL_set1_curves SSL_set1_groups -#define SSL_set1_curves_list SSL_set1_groups_list -#endif - -#define SSL_CTX_add_extra_chain_cert(ctx,x509) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509) -#define SSL_CTX_get_extra_chain_certs(ctx,px509) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_GET_EXTRA_CHAIN_CERTS,0,px509) -#define SSL_CTX_clear_extra_chain_certs(ctx) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS,0,NULL) - -#define SSL_get_server_tmp_key(s, pk) \ - SSL_ctrl(s,SSL_CTRL_GET_SERVER_TMP_KEY,0,pk) - -#ifndef LIBRESSL_INTERNAL -/* - * Also provide those functions as macros for compatibility with - * existing users. - */ -#define SSL_CTX_set0_chain SSL_CTX_set0_chain -#define SSL_CTX_set1_chain SSL_CTX_set1_chain -#define SSL_CTX_add0_chain_cert SSL_CTX_add0_chain_cert -#define SSL_CTX_add1_chain_cert SSL_CTX_add1_chain_cert -#define SSL_CTX_get0_chain_certs SSL_CTX_get0_chain_certs -#define SSL_CTX_clear_chain_certs SSL_CTX_clear_chain_certs - -#define SSL_add0_chain_cert SSL_add0_chain_cert -#define SSL_add1_chain_cert SSL_add1_chain_cert -#define SSL_set0_chain SSL_set0_chain -#define SSL_set1_chain SSL_set1_chain -#define SSL_get0_chain_certs SSL_get0_chain_certs -#define SSL_clear_chain_certs SSL_clear_chain_certs - -#define SSL_CTX_set1_groups SSL_CTX_set1_groups -#define SSL_CTX_set1_groups_list SSL_CTX_set1_groups_list -#define SSL_set1_groups SSL_set1_groups -#define SSL_set1_groups_list SSL_set1_groups_list - -#define SSL_CTX_get_min_proto_version SSL_CTX_get_min_proto_version -#define SSL_CTX_get_max_proto_version SSL_CTX_get_max_proto_version -#define SSL_CTX_set_min_proto_version SSL_CTX_set_min_proto_version -#define SSL_CTX_set_max_proto_version SSL_CTX_set_max_proto_version - -#define SSL_get_min_proto_version SSL_get_min_proto_version -#define SSL_get_max_proto_version SSL_get_max_proto_version -#define SSL_set_min_proto_version SSL_set_min_proto_version -#define SSL_set_max_proto_version SSL_set_max_proto_version -#endif - -const BIO_METHOD *BIO_f_ssl(void); -BIO *BIO_new_ssl(SSL_CTX *ctx, int client); -BIO *BIO_new_ssl_connect(SSL_CTX *ctx); -BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx); -int BIO_ssl_copy_session_id(BIO *to, BIO *from); -void BIO_ssl_shutdown(BIO *ssl_bio); - -STACK_OF(SSL_CIPHER) *SSL_CTX_get_ciphers(const SSL_CTX *ctx); -int SSL_CTX_set_cipher_list(SSL_CTX *, const char *str); -SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth); -void SSL_CTX_free(SSL_CTX *); -int SSL_CTX_up_ref(SSL_CTX *ctx); -long SSL_CTX_set_timeout(SSL_CTX *ctx, long t); -long SSL_CTX_get_timeout(const SSL_CTX *ctx); -X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *); -void SSL_CTX_set_cert_store(SSL_CTX *, X509_STORE *); -X509 *SSL_CTX_get0_certificate(const SSL_CTX *ctx); -int SSL_want(const SSL *s); -int SSL_clear(SSL *s); - -void SSL_CTX_flush_sessions(SSL_CTX *ctx, long tm); - -const SSL_CIPHER *SSL_get_current_cipher(const SSL *s); -const SSL_CIPHER *SSL_CIPHER_get_by_id(unsigned int id); -const SSL_CIPHER *SSL_CIPHER_get_by_value(uint16_t value); -int SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits); -const char * SSL_CIPHER_get_version(const SSL_CIPHER *c); -const char * SSL_CIPHER_get_name(const SSL_CIPHER *c); -unsigned long SSL_CIPHER_get_id(const SSL_CIPHER *c); -uint16_t SSL_CIPHER_get_value(const SSL_CIPHER *c); -int SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c); -int SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c); -int SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c); -int SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c); -int SSL_CIPHER_is_aead(const SSL_CIPHER *c); - -int SSL_get_fd(const SSL *s); -int SSL_get_rfd(const SSL *s); -int SSL_get_wfd(const SSL *s); -const char * SSL_get_cipher_list(const SSL *s, int n); -char * SSL_get_shared_ciphers(const SSL *s, char *buf, int len); -int SSL_get_read_ahead(const SSL * s); -int SSL_pending(const SSL *s); -int SSL_set_fd(SSL *s, int fd); -int SSL_set_rfd(SSL *s, int fd); -int SSL_set_wfd(SSL *s, int fd); -void SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio); -BIO * SSL_get_rbio(const SSL *s); -BIO * SSL_get_wbio(const SSL *s); -int SSL_set_cipher_list(SSL *s, const char *str); -void SSL_set_read_ahead(SSL *s, int yes); -int SSL_get_verify_mode(const SSL *s); -int SSL_get_verify_depth(const SSL *s); -int (*SSL_get_verify_callback(const SSL *s))(int, X509_STORE_CTX *); -void SSL_set_verify(SSL *s, int mode, - int (*callback)(int ok, X509_STORE_CTX *ctx)); -void SSL_set_verify_depth(SSL *s, int depth); -int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa); -int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, const unsigned char *d, long len); -int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey); -int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, const unsigned char *d, long len); -int SSL_use_certificate(SSL *ssl, X509 *x); -int SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len); - -int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type); -int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type); -int SSL_use_certificate_file(SSL *ssl, const char *file, int type); -int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type); -int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type); -int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type); -int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file); /* PEM type */ -int SSL_CTX_use_certificate_chain_mem(SSL_CTX *ctx, void *buf, int len); -STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file); -int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs, - const char *file); -int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs, - const char *dir); - -void SSL_load_error_strings(void ); -const char *SSL_state_string(const SSL *s); -const char *SSL_rstate_string(const SSL *s); -const char *SSL_state_string_long(const SSL *s); -const char *SSL_rstate_string_long(const SSL *s); -size_t SSL_SESSION_get_master_key(const SSL_SESSION *ss, - unsigned char *out, size_t max_out); -int SSL_SESSION_get_protocol_version(const SSL_SESSION *s); -long SSL_SESSION_get_time(const SSL_SESSION *s); -long SSL_SESSION_set_time(SSL_SESSION *s, long t); -long SSL_SESSION_get_timeout(const SSL_SESSION *s); -long SSL_SESSION_set_timeout(SSL_SESSION *s, long t); -int SSL_copy_session_id(SSL *to, const SSL *from); -X509 *SSL_SESSION_get0_peer(SSL_SESSION *s); -int SSL_SESSION_set1_id(SSL_SESSION *s, const unsigned char *sid, - unsigned int sid_len); -int SSL_SESSION_set1_id_context(SSL_SESSION *s, - const unsigned char *sid_ctx, unsigned int sid_ctx_len); - -SSL_SESSION *SSL_SESSION_new(void); -void SSL_SESSION_free(SSL_SESSION *ses); -int SSL_SESSION_up_ref(SSL_SESSION *ss); -const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *ss, - unsigned int *len); -const unsigned char *SSL_SESSION_get0_id_context(const SSL_SESSION *ss, - unsigned int *len); -unsigned long SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s); -int SSL_SESSION_has_ticket(const SSL_SESSION *s); -unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *ss); -int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *ses); -int SSL_SESSION_print(BIO *fp, const SSL_SESSION *ses); -int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp); -int SSL_set_session(SSL *to, SSL_SESSION *session); -int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c); -int SSL_CTX_remove_session(SSL_CTX *, SSL_SESSION *c); -int SSL_CTX_set_generate_session_id(SSL_CTX *, GEN_SESSION_CB); -int SSL_set_generate_session_id(SSL *, GEN_SESSION_CB); -int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id, - unsigned int id_len); -SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, - long length); - -#ifdef HEADER_X509_H -X509 * SSL_get_peer_certificate(const SSL *s); -#endif - -STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s); - -int SSL_CTX_get_verify_mode(const SSL_CTX *ctx); -int SSL_CTX_get_verify_depth(const SSL_CTX *ctx); -int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int, X509_STORE_CTX *); -void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, - int (*callback)(int, X509_STORE_CTX *)); -void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth); -void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(X509_STORE_CTX *, void *), void *arg); -int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa); -int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d, long len); -int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey); -int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, const unsigned char *d, long len); -int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x); -int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, const unsigned char *d); - -pem_password_cb *SSL_CTX_get_default_passwd_cb(SSL_CTX *ctx); -void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb); -void *SSL_CTX_get_default_passwd_cb_userdata(SSL_CTX *ctx); -void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u); - -int SSL_CTX_check_private_key(const SSL_CTX *ctx); -int SSL_check_private_key(const SSL *ctx); - -int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx, unsigned int sid_ctx_len); - -int SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx, unsigned int sid_ctx_len); - -int SSL_CTX_set_purpose(SSL_CTX *s, int purpose); -int SSL_set_purpose(SSL *s, int purpose); -int SSL_CTX_set_trust(SSL_CTX *s, int trust); -int SSL_set_trust(SSL *s, int trust); -int SSL_set1_host(SSL *s, const char *hostname); - -X509_VERIFY_PARAM *SSL_CTX_get0_param(SSL_CTX *ctx); -int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm); -X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl); -int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm); - -SSL *SSL_new(SSL_CTX *ctx); -void SSL_free(SSL *ssl); -int SSL_up_ref(SSL *ssl); -int SSL_accept(SSL *ssl); -int SSL_connect(SSL *ssl); -int SSL_is_server(const SSL *s); -int SSL_read(SSL *ssl, void *buf, int num); -int SSL_peek(SSL *ssl, void *buf, int num); -int SSL_write(SSL *ssl, const void *buf, int num); -long SSL_ctrl(SSL *ssl, int cmd, long larg, void *parg); -long SSL_callback_ctrl(SSL *, int, void (*)(void)); -long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg); -long SSL_CTX_callback_ctrl(SSL_CTX *, int, void (*)(void)); - -int SSL_get_error(const SSL *s, int ret_code); -const char *SSL_get_version(const SSL *s); - -/* This sets the 'default' SSL version that SSL_new() will create */ -int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth); - -const SSL_METHOD *SSLv23_method(void); /* SSLv3 or TLSv1.* */ -const SSL_METHOD *SSLv23_server_method(void); /* SSLv3 or TLSv1.* */ -const SSL_METHOD *SSLv23_client_method(void); /* SSLv3 or TLSv1.* */ - -const SSL_METHOD *TLSv1_method(void); /* TLSv1.0 */ -const SSL_METHOD *TLSv1_server_method(void); /* TLSv1.0 */ -const SSL_METHOD *TLSv1_client_method(void); /* TLSv1.0 */ - -const SSL_METHOD *TLSv1_1_method(void); /* TLSv1.1 */ -const SSL_METHOD *TLSv1_1_server_method(void); /* TLSv1.1 */ -const SSL_METHOD *TLSv1_1_client_method(void); /* TLSv1.1 */ - -const SSL_METHOD *TLSv1_2_method(void); /* TLSv1.2 */ -const SSL_METHOD *TLSv1_2_server_method(void); /* TLSv1.2 */ -const SSL_METHOD *TLSv1_2_client_method(void); /* TLSv1.2 */ - -const SSL_METHOD *TLS_method(void); /* TLS v1.0 or later */ -const SSL_METHOD *TLS_server_method(void); /* TLS v1.0 or later */ -const SSL_METHOD *TLS_client_method(void); /* TLS v1.0 or later */ - -const SSL_METHOD *DTLSv1_method(void); /* DTLSv1.0 */ -const SSL_METHOD *DTLSv1_server_method(void); /* DTLSv1.0 */ -const SSL_METHOD *DTLSv1_client_method(void); /* DTLSv1.0 */ - -const SSL_METHOD *DTLS_method(void); /* DTLS v1.0 or later */ -const SSL_METHOD *DTLS_server_method(void); /* DTLS v1.0 or later */ -const SSL_METHOD *DTLS_client_method(void); /* DTLS v1.0 or later */ - -STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s); -STACK_OF(SSL_CIPHER) *SSL_get_client_ciphers(const SSL *s); -STACK_OF(SSL_CIPHER) *SSL_get1_supported_ciphers(SSL *s); - -int SSL_do_handshake(SSL *s); -int SSL_renegotiate(SSL *s); -int SSL_renegotiate_abbreviated(SSL *s); -int SSL_renegotiate_pending(SSL *s); -int SSL_shutdown(SSL *s); - -const SSL_METHOD *SSL_get_ssl_method(SSL *s); -int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method); -const char *SSL_alert_type_string_long(int value); -const char *SSL_alert_type_string(int value); -const char *SSL_alert_desc_string_long(int value); -const char *SSL_alert_desc_string(int value); - -void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list); -void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list); -STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s); -STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *s); -int SSL_add_client_CA(SSL *ssl, X509 *x); -int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x); - -void SSL_set_connect_state(SSL *s); -void SSL_set_accept_state(SSL *s); - -long SSL_get_default_timeout(const SSL *s); - -int SSL_library_init(void ); - -char *SSL_CIPHER_description(const SSL_CIPHER *, char *buf, int size); -STACK_OF(X509_NAME) *SSL_dup_CA_list(const STACK_OF(X509_NAME) *sk); - -SSL *SSL_dup(SSL *ssl); - -X509 *SSL_get_certificate(const SSL *ssl); -/* EVP_PKEY */ struct evp_pkey_st *SSL_get_privatekey(const SSL *ssl); - -void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx,int mode); -int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx); -void SSL_set_quiet_shutdown(SSL *ssl,int mode); -int SSL_get_quiet_shutdown(const SSL *ssl); -void SSL_set_shutdown(SSL *ssl,int mode); -int SSL_get_shutdown(const SSL *ssl); -int SSL_version(const SSL *ssl); -int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx); -int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile, - const char *CApath); -int SSL_CTX_load_verify_mem(SSL_CTX *ctx, void *buf, int len); -#define SSL_get0_session SSL_get_session /* just peek at pointer */ -SSL_SESSION *SSL_get_session(const SSL *ssl); -SSL_SESSION *SSL_get1_session(SSL *ssl); /* obtain a reference count */ -SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl); -SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX* ctx); -void SSL_set_info_callback(SSL *ssl, - void (*cb)(const SSL *ssl, int type, int val)); -void (*SSL_get_info_callback(const SSL *ssl))(const SSL *ssl, int type, int val); -int SSL_state(const SSL *ssl); -void SSL_set_state(SSL *ssl, int state); - -void SSL_set_verify_result(SSL *ssl, long v); -long SSL_get_verify_result(const SSL *ssl); - -int SSL_set_ex_data(SSL *ssl, int idx, void *data); -void *SSL_get_ex_data(const SSL *ssl, int idx); -int SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); - -int SSL_SESSION_set_ex_data(SSL_SESSION *ss, int idx, void *data); -void *SSL_SESSION_get_ex_data(const SSL_SESSION *ss, int idx); -int SSL_SESSION_get_ex_new_index(long argl, void *argp, - CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, - CRYPTO_EX_free *free_func); - -int SSL_CTX_set_ex_data(SSL_CTX *ssl, int idx, void *data); -void *SSL_CTX_get_ex_data(const SSL_CTX *ssl, int idx); -int SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); - -int SSL_get_ex_data_X509_STORE_CTX_idx(void ); - -#define SSL_CTX_sess_set_cache_size(ctx,t) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_SIZE,t,NULL) -#define SSL_CTX_sess_get_cache_size(ctx) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_SIZE,0,NULL) -#define SSL_CTX_set_session_cache_mode(ctx,m) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_MODE,m,NULL) -#define SSL_CTX_get_session_cache_mode(ctx) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_MODE,0,NULL) - -#define SSL_CTX_get_default_read_ahead(ctx) SSL_CTX_get_read_ahead(ctx) -#define SSL_CTX_set_default_read_ahead(ctx,m) SSL_CTX_set_read_ahead(ctx,m) -#define SSL_CTX_get_read_ahead(ctx) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_GET_READ_AHEAD,0,NULL) -#define SSL_CTX_set_read_ahead(ctx,m) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SET_READ_AHEAD,m,NULL) -#define SSL_CTX_get_max_cert_list(ctx) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL) -#define SSL_CTX_set_max_cert_list(ctx,m) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL) -#define SSL_get_max_cert_list(ssl) \ - SSL_ctrl(ssl,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL) -#define SSL_set_max_cert_list(ssl,m) \ - SSL_ctrl(ssl,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL) - -#define SSL_CTX_set_max_send_fragment(ctx,m) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL) -#define SSL_set_max_send_fragment(ssl,m) \ - SSL_ctrl(ssl,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL) - -/* NB: the keylength is only applicable when is_export is true */ -void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx, - RSA *(*cb)(SSL *ssl, int is_export, int keylength)); - -void SSL_set_tmp_rsa_callback(SSL *ssl, - RSA *(*cb)(SSL *ssl, int is_export, int keylength)); -void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx, - DH *(*dh)(SSL *ssl, int is_export, int keylength)); -void SSL_set_tmp_dh_callback(SSL *ssl, - DH *(*dh)(SSL *ssl, int is_export, int keylength)); -void SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx, - EC_KEY *(*ecdh)(SSL *ssl, int is_export, int keylength)); -void SSL_set_tmp_ecdh_callback(SSL *ssl, - EC_KEY *(*ecdh)(SSL *ssl, int is_export, int keylength)); - -size_t SSL_get_client_random(const SSL *s, unsigned char *out, size_t max_out); -size_t SSL_get_server_random(const SSL *s, unsigned char *out, size_t max_out); - -const void *SSL_get_current_compression(SSL *s); -const void *SSL_get_current_expansion(SSL *s); - -const char *SSL_COMP_get_name(const void *comp); -void *SSL_COMP_get_compression_methods(void); -int SSL_COMP_add_compression_method(int id, void *cm); - -/* TLS extensions functions */ -int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len); - -int SSL_set_session_ticket_ext_cb(SSL *s, - tls_session_ticket_ext_cb_fn cb, void *arg); - -/* Pre-shared secret session resumption functions */ -int SSL_set_session_secret_cb(SSL *s, - tls_session_secret_cb_fn tls_session_secret_cb, void *arg); - -void SSL_set_debug(SSL *s, int debug); -int SSL_cache_hit(SSL *s); - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_SSL_strings(void); - -/* Error codes for the SSL functions. */ - -/* Function codes. */ -#define SSL_F_CLIENT_CERTIFICATE 100 -#define SSL_F_CLIENT_FINISHED 167 -#define SSL_F_CLIENT_HELLO 101 -#define SSL_F_CLIENT_MASTER_KEY 102 -#define SSL_F_D2I_SSL_SESSION 103 -#define SSL_F_DO_DTLS1_WRITE 245 -#define SSL_F_DO_SSL3_WRITE 104 -#define SSL_F_DTLS1_ACCEPT 246 -#define SSL_F_DTLS1_ADD_CERT_TO_BUF 295 -#define SSL_F_DTLS1_BUFFER_RECORD 247 -#define SSL_F_DTLS1_CHECK_TIMEOUT_NUM 316 -#define SSL_F_DTLS1_CLIENT_HELLO 248 -#define SSL_F_DTLS1_CONNECT 249 -#define SSL_F_DTLS1_ENC 250 -#define SSL_F_DTLS1_GET_HELLO_VERIFY 251 -#define SSL_F_DTLS1_GET_MESSAGE 252 -#define SSL_F_DTLS1_GET_MESSAGE_FRAGMENT 253 -#define SSL_F_DTLS1_GET_RECORD 254 -#define SSL_F_DTLS1_HANDLE_TIMEOUT 297 -#define SSL_F_DTLS1_HEARTBEAT 305 -#define SSL_F_DTLS1_OUTPUT_CERT_CHAIN 255 -#define SSL_F_DTLS1_PREPROCESS_FRAGMENT 288 -#define SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE 256 -#define SSL_F_DTLS1_PROCESS_RECORD 257 -#define SSL_F_DTLS1_READ_BYTES 258 -#define SSL_F_DTLS1_READ_FAILED 259 -#define SSL_F_DTLS1_SEND_CERTIFICATE_REQUEST 260 -#define SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE 261 -#define SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE 262 -#define SSL_F_DTLS1_SEND_CLIENT_VERIFY 263 -#define SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST 264 -#define SSL_F_DTLS1_SEND_SERVER_CERTIFICATE 265 -#define SSL_F_DTLS1_SEND_SERVER_HELLO 266 -#define SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE 267 -#define SSL_F_DTLS1_WRITE_APP_DATA_BYTES 268 -#define SSL_F_GET_CLIENT_FINISHED 105 -#define SSL_F_GET_CLIENT_HELLO 106 -#define SSL_F_GET_CLIENT_MASTER_KEY 107 -#define SSL_F_GET_SERVER_FINISHED 108 -#define SSL_F_GET_SERVER_HELLO 109 -#define SSL_F_GET_SERVER_VERIFY 110 -#define SSL_F_I2D_SSL_SESSION 111 -#define SSL_F_READ_N 112 -#define SSL_F_REQUEST_CERTIFICATE 113 -#define SSL_F_SERVER_FINISH 239 -#define SSL_F_SERVER_HELLO 114 -#define SSL_F_SERVER_VERIFY 240 -#define SSL_F_SSL23_ACCEPT 115 -#define SSL_F_SSL23_CLIENT_HELLO 116 -#define SSL_F_SSL23_CONNECT 117 -#define SSL_F_SSL23_GET_CLIENT_HELLO 118 -#define SSL_F_SSL23_GET_SERVER_HELLO 119 -#define SSL_F_SSL23_PEEK 237 -#define SSL_F_SSL23_READ 120 -#define SSL_F_SSL23_WRITE 121 -#define SSL_F_SSL2_ACCEPT 122 -#define SSL_F_SSL2_CONNECT 123 -#define SSL_F_SSL2_ENC_INIT 124 -#define SSL_F_SSL2_GENERATE_KEY_MATERIAL 241 -#define SSL_F_SSL2_PEEK 234 -#define SSL_F_SSL2_READ 125 -#define SSL_F_SSL2_READ_INTERNAL 236 -#define SSL_F_SSL2_SET_CERTIFICATE 126 -#define SSL_F_SSL2_WRITE 127 -#define SSL_F_SSL3_ACCEPT 128 -#define SSL_F_SSL3_ADD_CERT_TO_BUF 296 -#define SSL_F_SSL3_CALLBACK_CTRL 233 -#define SSL_F_SSL3_CHANGE_CIPHER_STATE 129 -#define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130 -#define SSL_F_SSL3_CHECK_CLIENT_HELLO 304 -#define SSL_F_SSL3_CLIENT_HELLO 131 -#define SSL_F_SSL3_CONNECT 132 -#define SSL_F_SSL3_CTRL 213 -#define SSL_F_SSL3_CTX_CTRL 133 -#define SSL_F_SSL3_DIGEST_CACHED_RECORDS 293 -#define SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC 292 -#define SSL_F_SSL3_ENC 134 -#define SSL_F_SSL3_GENERATE_KEY_BLOCK 238 -#define SSL_F_SSL3_GET_CERTIFICATE_REQUEST 135 -#define SSL_F_SSL3_GET_CERT_STATUS 289 -#define SSL_F_SSL3_GET_CERT_VERIFY 136 -#define SSL_F_SSL3_GET_CLIENT_CERTIFICATE 137 -#define SSL_F_SSL3_GET_CLIENT_HELLO 138 -#define SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE 139 -#define SSL_F_SSL3_GET_FINISHED 140 -#define SSL_F_SSL3_GET_KEY_EXCHANGE 141 -#define SSL_F_SSL3_GET_MESSAGE 142 -#define SSL_F_SSL3_GET_NEW_SESSION_TICKET 283 -#define SSL_F_SSL3_GET_NEXT_PROTO 306 -#define SSL_F_SSL3_GET_RECORD 143 -#define SSL_F_SSL3_GET_SERVER_CERTIFICATE 144 -#define SSL_F_SSL3_GET_SERVER_DONE 145 -#define SSL_F_SSL3_GET_SERVER_HELLO 146 -#define SSL_F_SSL3_HANDSHAKE_MAC 285 -#define SSL_F_SSL3_NEW_SESSION_TICKET 287 -#define SSL_F_SSL3_OUTPUT_CERT_CHAIN 147 -#define SSL_F_SSL3_PEEK 235 -#define SSL_F_SSL3_READ_BYTES 148 -#define SSL_F_SSL3_READ_N 149 -#define SSL_F_SSL3_SEND_CERTIFICATE_REQUEST 150 -#define SSL_F_SSL3_SEND_CLIENT_CERTIFICATE 151 -#define SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE 152 -#define SSL_F_SSL3_SEND_CLIENT_VERIFY 153 -#define SSL_F_SSL3_SEND_SERVER_CERTIFICATE 154 -#define SSL_F_SSL3_SEND_SERVER_HELLO 242 -#define SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE 155 -#define SSL_F_SSL3_SETUP_KEY_BLOCK 157 -#define SSL_F_SSL3_SETUP_READ_BUFFER 156 -#define SSL_F_SSL3_SETUP_WRITE_BUFFER 291 -#define SSL_F_SSL3_WRITE_BYTES 158 -#define SSL_F_SSL3_WRITE_PENDING 159 -#define SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT 298 -#define SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT 277 -#define SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT 307 -#define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK 215 -#define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK 216 -#define SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT 299 -#define SSL_F_SSL_ADD_SERVERHELLO_TLSEXT 278 -#define SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT 308 -#define SSL_F_SSL_BAD_METHOD 160 -#define SSL_F_SSL_BYTES_TO_CIPHER_LIST 161 -#define SSL_F_SSL_CERT_DUP 221 -#define SSL_F_SSL_CERT_INST 222 -#define SSL_F_SSL_CERT_INSTANTIATE 214 -#define SSL_F_SSL_CERT_NEW 162 -#define SSL_F_SSL_CHECK_PRIVATE_KEY 163 -#define SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT 280 -#define SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG 279 -#define SSL_F_SSL_CIPHER_PROCESS_RULESTR 230 -#define SSL_F_SSL_CIPHER_STRENGTH_SORT 231 -#define SSL_F_SSL_CLEAR 164 -#define SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD 165 -#define SSL_F_SSL_CREATE_CIPHER_LIST 166 -#define SSL_F_SSL_CTRL 232 -#define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168 -#define SSL_F_SSL_CTX_MAKE_PROFILES 309 -#define SSL_F_SSL_CTX_NEW 169 -#define SSL_F_SSL_CTX_SET_CIPHER_LIST 269 -#define SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE 290 -#define SSL_F_SSL_CTX_SET_PURPOSE 226 -#define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT 219 -#define SSL_F_SSL_CTX_SET_SSL_VERSION 170 -#define SSL_F_SSL_CTX_SET_TRUST 229 -#define SSL_F_SSL_CTX_USE_CERTIFICATE 171 -#define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1 172 -#define SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE 220 -#define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE 173 -#define SSL_F_SSL_CTX_USE_PRIVATEKEY 174 -#define SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1 175 -#define SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE 176 -#define SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT 272 -#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY 177 -#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1 178 -#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE 179 -#define SSL_F_SSL_DO_HANDSHAKE 180 -#define SSL_F_SSL_GET_NEW_SESSION 181 -#define SSL_F_SSL_GET_PREV_SESSION 217 -#define SSL_F_SSL_GET_SERVER_SEND_CERT 182 -#define SSL_F_SSL_GET_SERVER_SEND_PKEY 317 -#define SSL_F_SSL_GET_SIGN_PKEY 183 -#define SSL_F_SSL_INIT_WBIO_BUFFER 184 -#define SSL_F_SSL_LOAD_CLIENT_CA_FILE 185 -#define SSL_F_SSL_NEW 186 -#define SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT 300 -#define SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT 302 -#define SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT 310 -#define SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT 301 -#define SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT 303 -#define SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT 311 -#define SSL_F_SSL_PEEK 270 -#define SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT 281 -#define SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT 282 -#define SSL_F_SSL_READ 223 -#define SSL_F_SSL_RSA_PRIVATE_DECRYPT 187 -#define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 188 -#define SSL_F_SSL_SESSION_NEW 189 -#define SSL_F_SSL_SESSION_PRINT_FP 190 -#define SSL_F_SSL_SESSION_SET1_ID_CONTEXT 312 -#define SSL_F_SSL_SESS_CERT_NEW 225 -#define SSL_F_SSL_SET_CERT 191 -#define SSL_F_SSL_SET_CIPHER_LIST 271 -#define SSL_F_SSL_SET_FD 192 -#define SSL_F_SSL_SET_PKEY 193 -#define SSL_F_SSL_SET_PURPOSE 227 -#define SSL_F_SSL_SET_RFD 194 -#define SSL_F_SSL_SET_SESSION 195 -#define SSL_F_SSL_SET_SESSION_ID_CONTEXT 218 -#define SSL_F_SSL_SET_SESSION_TICKET_EXT 294 -#define SSL_F_SSL_SET_TRUST 228 -#define SSL_F_SSL_SET_WFD 196 -#define SSL_F_SSL_SHUTDOWN 224 -#define SSL_F_SSL_SRP_CTX_INIT 313 -#define SSL_F_SSL_UNDEFINED_CONST_FUNCTION 243 -#define SSL_F_SSL_UNDEFINED_FUNCTION 197 -#define SSL_F_SSL_UNDEFINED_VOID_FUNCTION 244 -#define SSL_F_SSL_USE_CERTIFICATE 198 -#define SSL_F_SSL_USE_CERTIFICATE_ASN1 199 -#define SSL_F_SSL_USE_CERTIFICATE_FILE 200 -#define SSL_F_SSL_USE_PRIVATEKEY 201 -#define SSL_F_SSL_USE_PRIVATEKEY_ASN1 202 -#define SSL_F_SSL_USE_PRIVATEKEY_FILE 203 -#define SSL_F_SSL_USE_PSK_IDENTITY_HINT 273 -#define SSL_F_SSL_USE_RSAPRIVATEKEY 204 -#define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 205 -#define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE 206 -#define SSL_F_SSL_VERIFY_CERT_CHAIN 207 -#define SSL_F_SSL_WRITE 208 -#define SSL_F_TLS1_AEAD_CTX_INIT 339 -#define SSL_F_TLS1_CERT_VERIFY_MAC 286 -#define SSL_F_TLS1_CHANGE_CIPHER_STATE 209 -#define SSL_F_TLS1_CHANGE_CIPHER_STATE_AEAD 340 -#define SSL_F_TLS1_CHANGE_CIPHER_STATE_CIPHER 338 -#define SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT 274 -#define SSL_F_TLS1_ENC 210 -#define SSL_F_TLS1_EXPORT_KEYING_MATERIAL 314 -#define SSL_F_TLS1_HEARTBEAT 315 -#define SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT 275 -#define SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT 276 -#define SSL_F_TLS1_PRF 284 -#define SSL_F_TLS1_SETUP_KEY_BLOCK 211 -#define SSL_F_WRITE_PENDING 212 - -/* Reason codes. */ -#define SSL_R_APP_DATA_IN_HANDSHAKE 100 -#define SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT 272 -#define SSL_R_BAD_ALERT_RECORD 101 -#define SSL_R_BAD_AUTHENTICATION_TYPE 102 -#define SSL_R_BAD_CHANGE_CIPHER_SPEC 103 -#define SSL_R_BAD_CHECKSUM 104 -#define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 106 -#define SSL_R_BAD_DECOMPRESSION 107 -#define SSL_R_BAD_DH_G_LENGTH 108 -#define SSL_R_BAD_DH_PUB_KEY_LENGTH 109 -#define SSL_R_BAD_DH_P_LENGTH 110 -#define SSL_R_BAD_DIGEST_LENGTH 111 -#define SSL_R_BAD_DSA_SIGNATURE 112 -#define SSL_R_BAD_ECC_CERT 304 -#define SSL_R_BAD_ECDSA_SIGNATURE 305 -#define SSL_R_BAD_ECPOINT 306 -#define SSL_R_BAD_HANDSHAKE_LENGTH 332 -#define SSL_R_BAD_HELLO_REQUEST 105 -#define SSL_R_BAD_LENGTH 271 -#define SSL_R_BAD_MAC_DECODE 113 -#define SSL_R_BAD_MAC_LENGTH 333 -#define SSL_R_BAD_MESSAGE_TYPE 114 -#define SSL_R_BAD_PACKET_LENGTH 115 -#define SSL_R_BAD_PROTOCOL_VERSION_NUMBER 116 -#define SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH 316 -#define SSL_R_BAD_RESPONSE_ARGUMENT 117 -#define SSL_R_BAD_RSA_DECRYPT 118 -#define SSL_R_BAD_RSA_ENCRYPT 119 -#define SSL_R_BAD_RSA_E_LENGTH 120 -#define SSL_R_BAD_RSA_MODULUS_LENGTH 121 -#define SSL_R_BAD_RSA_SIGNATURE 122 -#define SSL_R_BAD_SIGNATURE 123 -#define SSL_R_BAD_SRP_A_LENGTH 347 -#define SSL_R_BAD_SRP_B_LENGTH 348 -#define SSL_R_BAD_SRP_G_LENGTH 349 -#define SSL_R_BAD_SRP_N_LENGTH 350 -#define SSL_R_BAD_SRP_S_LENGTH 351 -#define SSL_R_BAD_SRTP_MKI_VALUE 352 -#define SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST 353 -#define SSL_R_BAD_SSL_FILETYPE 124 -#define SSL_R_BAD_SSL_SESSION_ID_LENGTH 125 -#define SSL_R_BAD_STATE 126 -#define SSL_R_BAD_WRITE_RETRY 127 -#define SSL_R_BIO_NOT_SET 128 -#define SSL_R_BLOCK_CIPHER_PAD_IS_WRONG 129 -#define SSL_R_BN_LIB 130 -#define SSL_R_CA_DN_LENGTH_MISMATCH 131 -#define SSL_R_CA_DN_TOO_LONG 132 -#define SSL_R_CCS_RECEIVED_EARLY 133 -#define SSL_R_CERTIFICATE_VERIFY_FAILED 134 -#define SSL_R_CERT_LENGTH_MISMATCH 135 -#define SSL_R_CHALLENGE_IS_DIFFERENT 136 -#define SSL_R_CIPHER_CODE_WRONG_LENGTH 137 -#define SSL_R_CIPHER_COMPRESSION_UNAVAILABLE 371 -#define SSL_R_CIPHER_OR_HASH_UNAVAILABLE 138 -#define SSL_R_CIPHER_TABLE_SRC_ERROR 139 -#define SSL_R_CLIENTHELLO_TLSEXT 226 -#define SSL_R_COMPRESSED_LENGTH_TOO_LONG 140 -#define SSL_R_COMPRESSION_DISABLED 343 -#define SSL_R_COMPRESSION_FAILURE 141 -#define SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE 307 -#define SSL_R_COMPRESSION_LIBRARY_ERROR 142 -#define SSL_R_CONNECTION_ID_IS_DIFFERENT 143 -#define SSL_R_CONNECTION_TYPE_NOT_SET 144 -#define SSL_R_COOKIE_MISMATCH 308 -#define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED 145 -#define SSL_R_DATA_LENGTH_TOO_LONG 146 -#define SSL_R_DECRYPTION_FAILED 147 -#define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC 281 -#define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148 -#define SSL_R_DIGEST_CHECK_FAILED 149 -#define SSL_R_DTLS_MESSAGE_TOO_BIG 334 -#define SSL_R_DUPLICATE_COMPRESSION_ID 309 -#define SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT 317 -#define SSL_R_ECC_CERT_NOT_FOR_SIGNING 318 -#define SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE 322 -#define SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE 323 -#define SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER 310 -#define SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST 354 -#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150 -#define SSL_R_ERROR_GENERATING_TMP_RSA_KEY 282 -#define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151 -#define SSL_R_EXCESSIVE_MESSAGE_SIZE 152 -#define SSL_R_EXTRA_DATA_IN_MESSAGE 153 -#define SSL_R_GOT_A_FIN_BEFORE_A_CCS 154 -#define SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS 355 -#define SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION 356 -#define SSL_R_HTTPS_PROXY_REQUEST 155 -#define SSL_R_HTTP_REQUEST 156 -#define SSL_R_ILLEGAL_PADDING 283 -#define SSL_R_INAPPROPRIATE_FALLBACK 373 -#define SSL_R_INCONSISTENT_COMPRESSION 340 -#define SSL_R_INVALID_CHALLENGE_LENGTH 158 -#define SSL_R_INVALID_COMMAND 280 -#define SSL_R_INVALID_COMPRESSION_ALGORITHM 341 -#define SSL_R_INVALID_PURPOSE 278 -#define SSL_R_INVALID_SRP_USERNAME 357 -#define SSL_R_INVALID_STATUS_RESPONSE 328 -#define SSL_R_INVALID_TICKET_KEYS_LENGTH 325 -#define SSL_R_INVALID_TRUST 279 -#define SSL_R_KEY_ARG_TOO_LONG 284 -#define SSL_R_KRB5 285 -#define SSL_R_KRB5_C_CC_PRINC 286 -#define SSL_R_KRB5_C_GET_CRED 287 -#define SSL_R_KRB5_C_INIT 288 -#define SSL_R_KRB5_C_MK_REQ 289 -#define SSL_R_KRB5_S_BAD_TICKET 290 -#define SSL_R_KRB5_S_INIT 291 -#define SSL_R_KRB5_S_RD_REQ 292 -#define SSL_R_KRB5_S_TKT_EXPIRED 293 -#define SSL_R_KRB5_S_TKT_NYV 294 -#define SSL_R_KRB5_S_TKT_SKEW 295 -#define SSL_R_LENGTH_MISMATCH 159 -#define SSL_R_LENGTH_TOO_SHORT 160 -#define SSL_R_LIBRARY_BUG 274 -#define SSL_R_LIBRARY_HAS_NO_CIPHERS 161 -#define SSL_R_MESSAGE_TOO_LONG 296 -#define SSL_R_MISSING_DH_DSA_CERT 162 -#define SSL_R_MISSING_DH_KEY 163 -#define SSL_R_MISSING_DH_RSA_CERT 164 -#define SSL_R_MISSING_DSA_SIGNING_CERT 165 -#define SSL_R_MISSING_EXPORT_TMP_DH_KEY 166 -#define SSL_R_MISSING_EXPORT_TMP_RSA_KEY 167 -#define SSL_R_MISSING_RSA_CERTIFICATE 168 -#define SSL_R_MISSING_RSA_ENCRYPTING_CERT 169 -#define SSL_R_MISSING_RSA_SIGNING_CERT 170 -#define SSL_R_MISSING_SRP_PARAM 358 -#define SSL_R_MISSING_TMP_DH_KEY 171 -#define SSL_R_MISSING_TMP_ECDH_KEY 311 -#define SSL_R_MISSING_TMP_RSA_KEY 172 -#define SSL_R_MISSING_TMP_RSA_PKEY 173 -#define SSL_R_MISSING_VERIFY_MESSAGE 174 -#define SSL_R_MULTIPLE_SGC_RESTARTS 346 -#define SSL_R_NON_SSLV2_INITIAL_PACKET 175 -#define SSL_R_NO_CERTIFICATES_RETURNED 176 -#define SSL_R_NO_CERTIFICATE_ASSIGNED 177 -#define SSL_R_NO_CERTIFICATE_RETURNED 178 -#define SSL_R_NO_CERTIFICATE_SET 179 -#define SSL_R_NO_CERTIFICATE_SPECIFIED 180 -#define SSL_R_NO_CIPHERS_AVAILABLE 181 -#define SSL_R_NO_CIPHERS_PASSED 182 -#define SSL_R_NO_CIPHERS_SPECIFIED 183 -#define SSL_R_NO_CIPHER_LIST 184 -#define SSL_R_NO_CIPHER_MATCH 185 -#define SSL_R_NO_CLIENT_CERT_METHOD 331 -#define SSL_R_NO_CLIENT_CERT_RECEIVED 186 -#define SSL_R_NO_COMPRESSION_SPECIFIED 187 -#define SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER 330 -#define SSL_R_NO_METHOD_SPECIFIED 188 -#define SSL_R_NO_PRIVATEKEY 189 -#define SSL_R_NO_PRIVATE_KEY_ASSIGNED 190 -#define SSL_R_NO_PROTOCOLS_AVAILABLE 191 -#define SSL_R_NO_PUBLICKEY 192 -#define SSL_R_NO_RENEGOTIATION 339 -#define SSL_R_NO_REQUIRED_DIGEST 324 -#define SSL_R_NO_SHARED_CIPHER 193 -#define SSL_R_NO_SRTP_PROFILES 359 -#define SSL_R_NO_VERIFY_CALLBACK 194 -#define SSL_R_NULL_SSL_CTX 195 -#define SSL_R_NULL_SSL_METHOD_PASSED 196 -#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 197 -#define SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED 344 -#define SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE 297 -#define SSL_R_PACKET_LENGTH_TOO_LONG 198 -#define SSL_R_PARSE_TLSEXT 227 -#define SSL_R_PATH_TOO_LONG 270 -#define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 199 -#define SSL_R_PEER_ERROR 200 -#define SSL_R_PEER_ERROR_CERTIFICATE 201 -#define SSL_R_PEER_ERROR_NO_CERTIFICATE 202 -#define SSL_R_PEER_ERROR_NO_CIPHER 203 -#define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 204 -#define SSL_R_PRE_MAC_LENGTH_TOO_LONG 205 -#define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS 206 -#define SSL_R_PROTOCOL_IS_SHUTDOWN 207 -#define SSL_R_PSK_IDENTITY_NOT_FOUND 223 -#define SSL_R_PSK_NO_CLIENT_CB 224 -#define SSL_R_PSK_NO_SERVER_CB 225 -#define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR 208 -#define SSL_R_PUBLIC_KEY_IS_NOT_RSA 209 -#define SSL_R_PUBLIC_KEY_NOT_RSA 210 -#define SSL_R_READ_BIO_NOT_SET 211 -#define SSL_R_READ_TIMEOUT_EXPIRED 312 -#define SSL_R_READ_WRONG_PACKET_TYPE 212 -#define SSL_R_RECORD_LENGTH_MISMATCH 213 -#define SSL_R_RECORD_TOO_LARGE 214 -#define SSL_R_RECORD_TOO_SMALL 298 -#define SSL_R_RENEGOTIATE_EXT_TOO_LONG 335 -#define SSL_R_RENEGOTIATION_ENCODING_ERR 336 -#define SSL_R_RENEGOTIATION_MISMATCH 337 -#define SSL_R_REQUIRED_CIPHER_MISSING 215 -#define SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING 342 -#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 216 -#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 217 -#define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 218 -#define SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING 345 -#define SSL_R_SERVERHELLO_TLSEXT 275 -#define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277 -#define SSL_R_SHORT_READ 219 -#define SSL_R_SIGNATURE_ALGORITHMS_ERROR 360 -#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220 -#define SSL_R_SRP_A_CALC 361 -#define SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES 362 -#define SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG 363 -#define SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE 364 -#define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221 -#define SSL_R_SSL2_CONNECTION_ID_TOO_LONG 299 -#define SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT 321 -#define SSL_R_SSL3_EXT_INVALID_SERVERNAME 319 -#define SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE 320 -#define SSL_R_SSL3_SESSION_ID_TOO_LONG 300 -#define SSL_R_SSL3_SESSION_ID_TOO_SHORT 222 -#define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042 -#define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020 -#define SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED 1045 -#define SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED 1044 -#define SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN 1046 -#define SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE 1030 -#define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE 1040 -#define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER 1047 -#define SSL_R_SSLV3_ALERT_NO_CERTIFICATE 1041 -#define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010 -#define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE 1043 -#define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION 228 -#define SSL_R_SSL_HANDSHAKE_FAILURE 229 -#define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS 230 -#define SSL_R_SSL_SESSION_ID_CALLBACK_FAILED 301 -#define SSL_R_SSL_SESSION_ID_CONFLICT 302 -#define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG 273 -#define SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH 303 -#define SSL_R_SSL_SESSION_ID_IS_DIFFERENT 231 -#define SSL_R_SSL_SESSION_ID_TOO_LONG 408 -#define SSL_R_TLSV1_ALERT_ACCESS_DENIED 1049 -#define SSL_R_TLSV1_ALERT_DECODE_ERROR 1050 -#define SSL_R_TLSV1_ALERT_DECRYPTION_FAILED 1021 -#define SSL_R_TLSV1_ALERT_DECRYPT_ERROR 1051 -#define SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION 1060 -#define SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK 1086 -#define SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071 -#define SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080 -#define SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100 -#define SSL_R_TLSV1_ALERT_PROTOCOL_VERSION 1070 -#define SSL_R_TLSV1_ALERT_RECORD_OVERFLOW 1022 -#define SSL_R_TLSV1_ALERT_UNKNOWN_CA 1048 -#define SSL_R_TLSV1_ALERT_USER_CANCELLED 1090 -#define SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE 1114 -#define SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE 1113 -#define SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE 1111 -#define SSL_R_TLSV1_UNRECOGNIZED_NAME 1112 -#define SSL_R_TLSV1_UNSUPPORTED_EXTENSION 1110 -#define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER 232 -#define SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT 365 -#define SSL_R_TLS_HEARTBEAT_PENDING 366 -#define SSL_R_TLS_ILLEGAL_EXPORTER_LABEL 367 -#define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 157 -#define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233 -#define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 234 -#define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 235 -#define SSL_R_UNABLE_TO_DECODE_DH_CERTS 236 -#define SSL_R_UNABLE_TO_DECODE_ECDH_CERTS 313 -#define SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY 237 -#define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS 238 -#define SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS 314 -#define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 239 -#define SSL_R_UNABLE_TO_FIND_SSL_METHOD 240 -#define SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES 241 -#define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES 242 -#define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES 243 -#define SSL_R_UNEXPECTED_MESSAGE 244 -#define SSL_R_UNEXPECTED_RECORD 245 -#define SSL_R_UNINITIALIZED 276 -#define SSL_R_UNKNOWN_ALERT_TYPE 246 -#define SSL_R_UNKNOWN_CERTIFICATE_TYPE 247 -#define SSL_R_UNKNOWN_CIPHER_RETURNED 248 -#define SSL_R_UNKNOWN_CIPHER_TYPE 249 -#define SSL_R_UNKNOWN_DIGEST 368 -#define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE 250 -#define SSL_R_UNKNOWN_PKEY_TYPE 251 -#define SSL_R_UNKNOWN_PROTOCOL 252 -#define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE 253 -#define SSL_R_UNKNOWN_SSL_VERSION 254 -#define SSL_R_UNKNOWN_STATE 255 -#define SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED 338 -#define SSL_R_UNSUPPORTED_CIPHER 256 -#define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 257 -#define SSL_R_UNSUPPORTED_DIGEST_TYPE 326 -#define SSL_R_UNSUPPORTED_ELLIPTIC_CURVE 315 -#define SSL_R_UNSUPPORTED_PROTOCOL 258 -#define SSL_R_UNSUPPORTED_SSL_VERSION 259 -#define SSL_R_UNSUPPORTED_STATUS_TYPE 329 -#define SSL_R_USE_SRTP_NOT_NEGOTIATED 369 -#define SSL_R_WRITE_BIO_NOT_SET 260 -#define SSL_R_WRONG_CIPHER_RETURNED 261 -#define SSL_R_WRONG_CURVE 378 -#define SSL_R_WRONG_MESSAGE_TYPE 262 -#define SSL_R_WRONG_NUMBER_OF_KEY_BITS 263 -#define SSL_R_WRONG_SIGNATURE_LENGTH 264 -#define SSL_R_WRONG_SIGNATURE_SIZE 265 -#define SSL_R_WRONG_SIGNATURE_TYPE 370 -#define SSL_R_WRONG_SSL_VERSION 266 -#define SSL_R_WRONG_VERSION_NUMBER 267 -#define SSL_R_X509_LIB 268 -#define SSL_R_X509_VERIFICATION_SETUP_PROBLEMS 269 -#define SSL_R_PEER_BEHAVING_BADLY 666 - -/* - * OpenSSL compatible OPENSSL_INIT options - */ - -/* - * These are provided for compatibiliy, but have no effect - * on how LibreSSL is initialized. - */ -#define OPENSSL_INIT_LOAD_SSL_STRINGS _OPENSSL_INIT_FLAG_NOOP -#define OPENSSL_INIT_SSL_DEFAULT _OPENSSL_INIT_FLAG_NOOP - -int OPENSSL_init_ssl(uint64_t opts, const void *settings); - -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/openssl/ssl2.h b/libressl/include64/openssl/ssl2.h deleted file mode 100644 index 3a8d3007..00000000 --- a/libressl/include64/openssl/ssl2.h +++ /dev/null @@ -1,153 +0,0 @@ -/* $OpenBSD: ssl2.h,v 1.12 2014/12/14 15:30:50 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_SSL2_H -#define HEADER_SSL2_H - -#ifdef __cplusplus -extern "C" { -#endif - -/* Protocol Version Codes */ -#define SSL2_VERSION 0x0002 -#define SSL2_VERSION_MAJOR 0x00 -#define SSL2_VERSION_MINOR 0x02 -/* #define SSL2_CLIENT_VERSION 0x0002 */ -/* #define SSL2_SERVER_VERSION 0x0002 */ - -/* Protocol Message Codes */ -#define SSL2_MT_ERROR 0 -#define SSL2_MT_CLIENT_HELLO 1 -#define SSL2_MT_CLIENT_MASTER_KEY 2 -#define SSL2_MT_CLIENT_FINISHED 3 -#define SSL2_MT_SERVER_HELLO 4 -#define SSL2_MT_SERVER_VERIFY 5 -#define SSL2_MT_SERVER_FINISHED 6 -#define SSL2_MT_REQUEST_CERTIFICATE 7 -#define SSL2_MT_CLIENT_CERTIFICATE 8 - -/* Error Message Codes */ -#define SSL2_PE_UNDEFINED_ERROR 0x0000 -#define SSL2_PE_NO_CIPHER 0x0001 -#define SSL2_PE_NO_CERTIFICATE 0x0002 -#define SSL2_PE_BAD_CERTIFICATE 0x0004 -#define SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE 0x0006 - -/* Cipher Kind Values */ -#define SSL2_CK_NULL_WITH_MD5 0x02000000 /* v3 */ -#define SSL2_CK_RC4_128_WITH_MD5 0x02010080 -#define SSL2_CK_RC4_128_EXPORT40_WITH_MD5 0x02020080 -#define SSL2_CK_RC2_128_CBC_WITH_MD5 0x02030080 -#define SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5 0x02040080 -#define SSL2_CK_IDEA_128_CBC_WITH_MD5 0x02050080 -#define SSL2_CK_DES_64_CBC_WITH_MD5 0x02060040 -#define SSL2_CK_DES_64_CBC_WITH_SHA 0x02060140 /* v3 */ -#define SSL2_CK_DES_192_EDE3_CBC_WITH_MD5 0x020700c0 -#define SSL2_CK_DES_192_EDE3_CBC_WITH_SHA 0x020701c0 /* v3 */ -#define SSL2_CK_RC4_64_WITH_MD5 0x02080080 /* MS hack */ - -#define SSL2_CK_DES_64_CFB64_WITH_MD5_1 0x02ff0800 /* SSLeay */ -#define SSL2_CK_NULL 0x02ff0810 /* SSLeay */ - -#define SSL2_TXT_DES_64_CFB64_WITH_MD5_1 "DES-CFB-M1" -#define SSL2_TXT_NULL_WITH_MD5 "NULL-MD5" -#define SSL2_TXT_RC4_128_WITH_MD5 "RC4-MD5" -#define SSL2_TXT_RC4_128_EXPORT40_WITH_MD5 "EXP-RC4-MD5" -#define SSL2_TXT_RC2_128_CBC_WITH_MD5 "RC2-CBC-MD5" -#define SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 "EXP-RC2-CBC-MD5" -#define SSL2_TXT_IDEA_128_CBC_WITH_MD5 "IDEA-CBC-MD5" -#define SSL2_TXT_DES_64_CBC_WITH_MD5 "DES-CBC-MD5" -#define SSL2_TXT_DES_64_CBC_WITH_SHA "DES-CBC-SHA" -#define SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5 "DES-CBC3-MD5" -#define SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA "DES-CBC3-SHA" -#define SSL2_TXT_RC4_64_WITH_MD5 "RC4-64-MD5" - -#define SSL2_TXT_NULL "NULL" - -/* Flags for the SSL_CIPHER.algorithm2 field */ -#define SSL2_CF_5_BYTE_ENC 0x01 -#define SSL2_CF_8_BYTE_ENC 0x02 - -/* Certificate Type Codes */ -#define SSL2_CT_X509_CERTIFICATE 0x01 - -/* Authentication Type Code */ -#define SSL2_AT_MD5_WITH_RSA_ENCRYPTION 0x01 - -#define SSL2_MAX_SSL_SESSION_ID_LENGTH 32 - -/* Upper/Lower Bounds */ -#define SSL2_MAX_MASTER_KEY_LENGTH_IN_BITS 256 -#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER 32767u /* 2^15-1 */ -#define SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER 16383 /* 2^14-1 */ - -#define SSL2_CHALLENGE_LENGTH 16 -/*#define SSL2_CHALLENGE_LENGTH 32 */ -#define SSL2_MIN_CHALLENGE_LENGTH 16 -#define SSL2_MAX_CHALLENGE_LENGTH 32 -#define SSL2_CONNECTION_ID_LENGTH 16 -#define SSL2_MAX_CONNECTION_ID_LENGTH 16 -#define SSL2_SSL_SESSION_ID_LENGTH 16 -#define SSL2_MAX_CERT_CHALLENGE_LENGTH 32 -#define SSL2_MIN_CERT_CHALLENGE_LENGTH 16 -#define SSL2_MAX_KEY_MATERIAL_LENGTH 24 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/openssl/ssl23.h b/libressl/include64/openssl/ssl23.h deleted file mode 100644 index 570e4b01..00000000 --- a/libressl/include64/openssl/ssl23.h +++ /dev/null @@ -1,82 +0,0 @@ -/* $OpenBSD: ssl23.h,v 1.4 2014/12/14 15:30:50 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_SSL23_H -#define HEADER_SSL23_H - -#ifdef __cplusplus -extern "C" { -#endif - -/*client */ -/* write to server */ -#define SSL23_ST_CW_CLNT_HELLO_A (0x210|SSL_ST_CONNECT) -#define SSL23_ST_CW_CLNT_HELLO_B (0x211|SSL_ST_CONNECT) -/* read from server */ -#define SSL23_ST_CR_SRVR_HELLO_A (0x220|SSL_ST_CONNECT) -#define SSL23_ST_CR_SRVR_HELLO_B (0x221|SSL_ST_CONNECT) - -/* server */ -/* read from client */ -#define SSL23_ST_SR_CLNT_HELLO_A (0x210|SSL_ST_ACCEPT) -#define SSL23_ST_SR_CLNT_HELLO_B (0x211|SSL_ST_ACCEPT) - -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/openssl/ssl3.h b/libressl/include64/openssl/ssl3.h deleted file mode 100644 index cadf7fd3..00000000 --- a/libressl/include64/openssl/ssl3.h +++ /dev/null @@ -1,489 +0,0 @@ -/* $OpenBSD: ssl3.h,v 1.49 2018/11/08 22:28:52 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * ECC cipher suite support in OpenSSL originally developed by - * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. - */ - -#ifndef HEADER_SSL3_H -#define HEADER_SSL3_H - -#include <openssl/opensslconf.h> -#include <openssl/buffer.h> -#include <openssl/evp.h> -#include <openssl/ssl.h> - -#ifdef __cplusplus -extern "C" { -#endif - -/* TLS_EMPTY_RENEGOTIATION_INFO_SCSV from RFC 5746. */ -#define SSL3_CK_SCSV 0x030000FF - -/* TLS_FALLBACK_SCSV from draft-ietf-tls-downgrade-scsv-03. */ -#define SSL3_CK_FALLBACK_SCSV 0x03005600 - -#define SSL3_CK_RSA_NULL_MD5 0x03000001 -#define SSL3_CK_RSA_NULL_SHA 0x03000002 -#define SSL3_CK_RSA_RC4_40_MD5 0x03000003 -#define SSL3_CK_RSA_RC4_128_MD5 0x03000004 -#define SSL3_CK_RSA_RC4_128_SHA 0x03000005 -#define SSL3_CK_RSA_RC2_40_MD5 0x03000006 -#define SSL3_CK_RSA_IDEA_128_SHA 0x03000007 -#define SSL3_CK_RSA_DES_40_CBC_SHA 0x03000008 -#define SSL3_CK_RSA_DES_64_CBC_SHA 0x03000009 -#define SSL3_CK_RSA_DES_192_CBC3_SHA 0x0300000A - -#define SSL3_CK_DH_DSS_DES_40_CBC_SHA 0x0300000B -#define SSL3_CK_DH_DSS_DES_64_CBC_SHA 0x0300000C -#define SSL3_CK_DH_DSS_DES_192_CBC3_SHA 0x0300000D -#define SSL3_CK_DH_RSA_DES_40_CBC_SHA 0x0300000E -#define SSL3_CK_DH_RSA_DES_64_CBC_SHA 0x0300000F -#define SSL3_CK_DH_RSA_DES_192_CBC3_SHA 0x03000010 - -#define SSL3_CK_EDH_DSS_DES_40_CBC_SHA 0x03000011 -#define SSL3_CK_EDH_DSS_DES_64_CBC_SHA 0x03000012 -#define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA 0x03000013 -#define SSL3_CK_EDH_RSA_DES_40_CBC_SHA 0x03000014 -#define SSL3_CK_EDH_RSA_DES_64_CBC_SHA 0x03000015 -#define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA 0x03000016 - -#define SSL3_CK_ADH_RC4_40_MD5 0x03000017 -#define SSL3_CK_ADH_RC4_128_MD5 0x03000018 -#define SSL3_CK_ADH_DES_40_CBC_SHA 0x03000019 -#define SSL3_CK_ADH_DES_64_CBC_SHA 0x0300001A -#define SSL3_CK_ADH_DES_192_CBC_SHA 0x0300001B - -/* VRS Additional Kerberos5 entries - */ -#define SSL3_CK_KRB5_DES_64_CBC_SHA 0x0300001E -#define SSL3_CK_KRB5_DES_192_CBC3_SHA 0x0300001F -#define SSL3_CK_KRB5_RC4_128_SHA 0x03000020 -#define SSL3_CK_KRB5_IDEA_128_CBC_SHA 0x03000021 -#define SSL3_CK_KRB5_DES_64_CBC_MD5 0x03000022 -#define SSL3_CK_KRB5_DES_192_CBC3_MD5 0x03000023 -#define SSL3_CK_KRB5_RC4_128_MD5 0x03000024 -#define SSL3_CK_KRB5_IDEA_128_CBC_MD5 0x03000025 - -#define SSL3_CK_KRB5_DES_40_CBC_SHA 0x03000026 -#define SSL3_CK_KRB5_RC2_40_CBC_SHA 0x03000027 -#define SSL3_CK_KRB5_RC4_40_SHA 0x03000028 -#define SSL3_CK_KRB5_DES_40_CBC_MD5 0x03000029 -#define SSL3_CK_KRB5_RC2_40_CBC_MD5 0x0300002A -#define SSL3_CK_KRB5_RC4_40_MD5 0x0300002B - -#define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5" -#define SSL3_TXT_RSA_NULL_SHA "NULL-SHA" -#define SSL3_TXT_RSA_RC4_40_MD5 "EXP-RC4-MD5" -#define SSL3_TXT_RSA_RC4_128_MD5 "RC4-MD5" -#define SSL3_TXT_RSA_RC4_128_SHA "RC4-SHA" -#define SSL3_TXT_RSA_RC2_40_MD5 "EXP-RC2-CBC-MD5" -#define SSL3_TXT_RSA_IDEA_128_SHA "IDEA-CBC-SHA" -#define SSL3_TXT_RSA_DES_40_CBC_SHA "EXP-DES-CBC-SHA" -#define SSL3_TXT_RSA_DES_64_CBC_SHA "DES-CBC-SHA" -#define SSL3_TXT_RSA_DES_192_CBC3_SHA "DES-CBC3-SHA" - -#define SSL3_TXT_DH_DSS_DES_40_CBC_SHA "EXP-DH-DSS-DES-CBC-SHA" -#define SSL3_TXT_DH_DSS_DES_64_CBC_SHA "DH-DSS-DES-CBC-SHA" -#define SSL3_TXT_DH_DSS_DES_192_CBC3_SHA "DH-DSS-DES-CBC3-SHA" -#define SSL3_TXT_DH_RSA_DES_40_CBC_SHA "EXP-DH-RSA-DES-CBC-SHA" -#define SSL3_TXT_DH_RSA_DES_64_CBC_SHA "DH-RSA-DES-CBC-SHA" -#define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA "DH-RSA-DES-CBC3-SHA" - -#define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA "EXP-EDH-DSS-DES-CBC-SHA" -#define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA "EDH-DSS-DES-CBC-SHA" -#define SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA "EDH-DSS-DES-CBC3-SHA" -#define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA "EXP-EDH-RSA-DES-CBC-SHA" -#define SSL3_TXT_EDH_RSA_DES_64_CBC_SHA "EDH-RSA-DES-CBC-SHA" -#define SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA "EDH-RSA-DES-CBC3-SHA" - -#define SSL3_TXT_ADH_RC4_40_MD5 "EXP-ADH-RC4-MD5" -#define SSL3_TXT_ADH_RC4_128_MD5 "ADH-RC4-MD5" -#define SSL3_TXT_ADH_DES_40_CBC_SHA "EXP-ADH-DES-CBC-SHA" -#define SSL3_TXT_ADH_DES_64_CBC_SHA "ADH-DES-CBC-SHA" -#define SSL3_TXT_ADH_DES_192_CBC_SHA "ADH-DES-CBC3-SHA" - -#define SSL3_TXT_KRB5_DES_64_CBC_SHA "KRB5-DES-CBC-SHA" -#define SSL3_TXT_KRB5_DES_192_CBC3_SHA "KRB5-DES-CBC3-SHA" -#define SSL3_TXT_KRB5_RC4_128_SHA "KRB5-RC4-SHA" -#define SSL3_TXT_KRB5_IDEA_128_CBC_SHA "KRB5-IDEA-CBC-SHA" -#define SSL3_TXT_KRB5_DES_64_CBC_MD5 "KRB5-DES-CBC-MD5" -#define SSL3_TXT_KRB5_DES_192_CBC3_MD5 "KRB5-DES-CBC3-MD5" -#define SSL3_TXT_KRB5_RC4_128_MD5 "KRB5-RC4-MD5" -#define SSL3_TXT_KRB5_IDEA_128_CBC_MD5 "KRB5-IDEA-CBC-MD5" - -#define SSL3_TXT_KRB5_DES_40_CBC_SHA "EXP-KRB5-DES-CBC-SHA" -#define SSL3_TXT_KRB5_RC2_40_CBC_SHA "EXP-KRB5-RC2-CBC-SHA" -#define SSL3_TXT_KRB5_RC4_40_SHA "EXP-KRB5-RC4-SHA" -#define SSL3_TXT_KRB5_DES_40_CBC_MD5 "EXP-KRB5-DES-CBC-MD5" -#define SSL3_TXT_KRB5_RC2_40_CBC_MD5 "EXP-KRB5-RC2-CBC-MD5" -#define SSL3_TXT_KRB5_RC4_40_MD5 "EXP-KRB5-RC4-MD5" - -#define SSL3_SSL_SESSION_ID_LENGTH 32 -#define SSL3_MAX_SSL_SESSION_ID_LENGTH 32 - -#define SSL3_MASTER_SECRET_SIZE 48 -#define SSL3_RANDOM_SIZE 32 -#define SSL3_SEQUENCE_SIZE 8 -#define SSL3_SESSION_ID_SIZE 32 -#define SSL3_CIPHER_VALUE_SIZE 2 - -#define SSL3_RT_HEADER_LENGTH 5 -#define SSL3_HM_HEADER_LENGTH 4 - -#define SSL3_ALIGN_PAYLOAD 8 - -/* This is the maximum MAC (digest) size used by the SSL library. - * Currently maximum of 20 is used by SHA1, but we reserve for - * future extension for 512-bit hashes. - */ - -#define SSL3_RT_MAX_MD_SIZE 64 - -/* Maximum block size used in all ciphersuites. Currently 16 for AES. - */ - -#define SSL_RT_MAX_CIPHER_BLOCK_SIZE 16 - -#define SSL3_RT_MAX_EXTRA (16384) - -/* Maximum plaintext length: defined by SSL/TLS standards */ -#define SSL3_RT_MAX_PLAIN_LENGTH 16384 -/* Maximum compression overhead: defined by SSL/TLS standards */ -#define SSL3_RT_MAX_COMPRESSED_OVERHEAD 1024 - -/* The standards give a maximum encryption overhead of 1024 bytes. - * In practice the value is lower than this. The overhead is the maximum - * number of padding bytes (256) plus the mac size. - */ -#define SSL3_RT_MAX_ENCRYPTED_OVERHEAD (256 + SSL3_RT_MAX_MD_SIZE) - -/* OpenSSL currently only uses a padding length of at most one block so - * the send overhead is smaller. - */ - -#define SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD \ - (SSL_RT_MAX_CIPHER_BLOCK_SIZE + SSL3_RT_MAX_MD_SIZE) - -/* If compression isn't used don't include the compression overhead */ -#define SSL3_RT_MAX_COMPRESSED_LENGTH SSL3_RT_MAX_PLAIN_LENGTH -#define SSL3_RT_MAX_ENCRYPTED_LENGTH \ - (SSL3_RT_MAX_ENCRYPTED_OVERHEAD+SSL3_RT_MAX_COMPRESSED_LENGTH) -#define SSL3_RT_MAX_PACKET_SIZE \ - (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH) - -#define SSL3_MD_CLIENT_FINISHED_CONST "\x43\x4C\x4E\x54" -#define SSL3_MD_SERVER_FINISHED_CONST "\x53\x52\x56\x52" - -#define SSL3_VERSION 0x0300 -#define SSL3_VERSION_MAJOR 0x03 -#define SSL3_VERSION_MINOR 0x00 - -#define SSL3_RT_CHANGE_CIPHER_SPEC 20 -#define SSL3_RT_ALERT 21 -#define SSL3_RT_HANDSHAKE 22 -#define SSL3_RT_APPLICATION_DATA 23 -#define TLS1_RT_HEARTBEAT 24 - -#define SSL3_AL_WARNING 1 -#define SSL3_AL_FATAL 2 - -#define SSL3_AD_CLOSE_NOTIFY 0 -#define SSL3_AD_UNEXPECTED_MESSAGE 10 /* fatal */ -#define SSL3_AD_BAD_RECORD_MAC 20 /* fatal */ -#define SSL3_AD_DECOMPRESSION_FAILURE 30 /* fatal */ -#define SSL3_AD_HANDSHAKE_FAILURE 40 /* fatal */ -#define SSL3_AD_NO_CERTIFICATE 41 -#define SSL3_AD_BAD_CERTIFICATE 42 -#define SSL3_AD_UNSUPPORTED_CERTIFICATE 43 -#define SSL3_AD_CERTIFICATE_REVOKED 44 -#define SSL3_AD_CERTIFICATE_EXPIRED 45 -#define SSL3_AD_CERTIFICATE_UNKNOWN 46 -#define SSL3_AD_ILLEGAL_PARAMETER 47 /* fatal */ - -#define TLS1_HB_REQUEST 1 -#define TLS1_HB_RESPONSE 2 - -#ifndef OPENSSL_NO_SSL_INTERN - -typedef struct ssl3_record_st { -/*r */ int type; /* type of record */ -/*rw*/ unsigned int length; /* How many bytes available */ -/*r */ unsigned int off; /* read/write offset into 'buf' */ -/*rw*/ unsigned char *data; /* pointer to the record data */ -/*rw*/ unsigned char *input; /* where the decode bytes are */ -/*r */ unsigned long epoch; /* epoch number, needed by DTLS1 */ -/*r */ unsigned char seq_num[8]; /* sequence number, needed by DTLS1 */ -} SSL3_RECORD; - -typedef struct ssl3_buffer_st { - unsigned char *buf; /* at least SSL3_RT_MAX_PACKET_SIZE bytes, - * see ssl3_setup_buffers() */ - size_t len; /* buffer size */ - int offset; /* where to 'copy from' */ - int left; /* how many bytes left */ -} SSL3_BUFFER; - -#endif - -#define SSL3_CT_RSA_SIGN 1 -#define SSL3_CT_DSS_SIGN 2 -#define SSL3_CT_RSA_FIXED_DH 3 -#define SSL3_CT_DSS_FIXED_DH 4 -#define SSL3_CT_RSA_EPHEMERAL_DH 5 -#define SSL3_CT_DSS_EPHEMERAL_DH 6 -#define SSL3_CT_FORTEZZA_DMS 20 -/* SSL3_CT_NUMBER is used to size arrays and it must be large - * enough to contain all of the cert types defined either for - * SSLv3 and TLSv1. - */ -#define SSL3_CT_NUMBER 11 - -#define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001 -#define TLS1_FLAGS_SKIP_CERT_VERIFY 0x0010 -#define TLS1_FLAGS_FREEZE_TRANSCRIPT 0x0020 -#define SSL3_FLAGS_CCS_OK 0x0080 - -#ifndef OPENSSL_NO_SSL_INTERN - -struct ssl3_state_internal_st; - -typedef struct ssl3_state_st { - long flags; - - unsigned char server_random[SSL3_RANDOM_SIZE]; - unsigned char client_random[SSL3_RANDOM_SIZE]; - - struct ssl3_state_internal_st *internal; -} SSL3_STATE; - -#endif - -/* SSLv3 */ -/*client */ -/* extra state */ -#define SSL3_ST_CW_FLUSH (0x100|SSL_ST_CONNECT) -/* write to server */ -#define SSL3_ST_CW_CLNT_HELLO_A (0x110|SSL_ST_CONNECT) -#define SSL3_ST_CW_CLNT_HELLO_B (0x111|SSL_ST_CONNECT) -/* read from server */ -#define SSL3_ST_CR_SRVR_HELLO_A (0x120|SSL_ST_CONNECT) -#define SSL3_ST_CR_SRVR_HELLO_B (0x121|SSL_ST_CONNECT) -#define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A (0x126|SSL_ST_CONNECT) -#define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B (0x127|SSL_ST_CONNECT) -#define SSL3_ST_CR_CERT_A (0x130|SSL_ST_CONNECT) -#define SSL3_ST_CR_CERT_B (0x131|SSL_ST_CONNECT) -#define SSL3_ST_CR_KEY_EXCH_A (0x140|SSL_ST_CONNECT) -#define SSL3_ST_CR_KEY_EXCH_B (0x141|SSL_ST_CONNECT) -#define SSL3_ST_CR_CERT_REQ_A (0x150|SSL_ST_CONNECT) -#define SSL3_ST_CR_CERT_REQ_B (0x151|SSL_ST_CONNECT) -#define SSL3_ST_CR_SRVR_DONE_A (0x160|SSL_ST_CONNECT) -#define SSL3_ST_CR_SRVR_DONE_B (0x161|SSL_ST_CONNECT) -/* write to server */ -#define SSL3_ST_CW_CERT_A (0x170|SSL_ST_CONNECT) -#define SSL3_ST_CW_CERT_B (0x171|SSL_ST_CONNECT) -#define SSL3_ST_CW_CERT_C (0x172|SSL_ST_CONNECT) -#define SSL3_ST_CW_CERT_D (0x173|SSL_ST_CONNECT) -#define SSL3_ST_CW_KEY_EXCH_A (0x180|SSL_ST_CONNECT) -#define SSL3_ST_CW_KEY_EXCH_B (0x181|SSL_ST_CONNECT) -#define SSL3_ST_CW_CERT_VRFY_A (0x190|SSL_ST_CONNECT) -#define SSL3_ST_CW_CERT_VRFY_B (0x191|SSL_ST_CONNECT) -#define SSL3_ST_CW_CHANGE_A (0x1A0|SSL_ST_CONNECT) -#define SSL3_ST_CW_CHANGE_B (0x1A1|SSL_ST_CONNECT) -#define SSL3_ST_CW_FINISHED_A (0x1B0|SSL_ST_CONNECT) -#define SSL3_ST_CW_FINISHED_B (0x1B1|SSL_ST_CONNECT) -/* read from server */ -#define SSL3_ST_CR_CHANGE_A (0x1C0|SSL_ST_CONNECT) -#define SSL3_ST_CR_CHANGE_B (0x1C1|SSL_ST_CONNECT) -#define SSL3_ST_CR_FINISHED_A (0x1D0|SSL_ST_CONNECT) -#define SSL3_ST_CR_FINISHED_B (0x1D1|SSL_ST_CONNECT) -#define SSL3_ST_CR_SESSION_TICKET_A (0x1E0|SSL_ST_CONNECT) -#define SSL3_ST_CR_SESSION_TICKET_B (0x1E1|SSL_ST_CONNECT) -#define SSL3_ST_CR_CERT_STATUS_A (0x1F0|SSL_ST_CONNECT) -#define SSL3_ST_CR_CERT_STATUS_B (0x1F1|SSL_ST_CONNECT) - -/* server */ -/* extra state */ -#define SSL3_ST_SW_FLUSH (0x100|SSL_ST_ACCEPT) -/* read from client */ -/* Do not change the number values, they do matter */ -#define SSL3_ST_SR_CLNT_HELLO_A (0x110|SSL_ST_ACCEPT) -#define SSL3_ST_SR_CLNT_HELLO_B (0x111|SSL_ST_ACCEPT) -#define SSL3_ST_SR_CLNT_HELLO_C (0x112|SSL_ST_ACCEPT) -/* write to client */ -#define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A (0x113|SSL_ST_ACCEPT) -#define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B (0x114|SSL_ST_ACCEPT) -#define SSL3_ST_SW_HELLO_REQ_A (0x120|SSL_ST_ACCEPT) -#define SSL3_ST_SW_HELLO_REQ_B (0x121|SSL_ST_ACCEPT) -#define SSL3_ST_SW_HELLO_REQ_C (0x122|SSL_ST_ACCEPT) -#define SSL3_ST_SW_SRVR_HELLO_A (0x130|SSL_ST_ACCEPT) -#define SSL3_ST_SW_SRVR_HELLO_B (0x131|SSL_ST_ACCEPT) -#define SSL3_ST_SW_CERT_A (0x140|SSL_ST_ACCEPT) -#define SSL3_ST_SW_CERT_B (0x141|SSL_ST_ACCEPT) -#define SSL3_ST_SW_KEY_EXCH_A (0x150|SSL_ST_ACCEPT) -#define SSL3_ST_SW_KEY_EXCH_B (0x151|SSL_ST_ACCEPT) -#define SSL3_ST_SW_CERT_REQ_A (0x160|SSL_ST_ACCEPT) -#define SSL3_ST_SW_CERT_REQ_B (0x161|SSL_ST_ACCEPT) -#define SSL3_ST_SW_SRVR_DONE_A (0x170|SSL_ST_ACCEPT) -#define SSL3_ST_SW_SRVR_DONE_B (0x171|SSL_ST_ACCEPT) -/* read from client */ -#define SSL3_ST_SR_CERT_A (0x180|SSL_ST_ACCEPT) -#define SSL3_ST_SR_CERT_B (0x181|SSL_ST_ACCEPT) -#define SSL3_ST_SR_KEY_EXCH_A (0x190|SSL_ST_ACCEPT) -#define SSL3_ST_SR_KEY_EXCH_B (0x191|SSL_ST_ACCEPT) -#define SSL3_ST_SR_CERT_VRFY_A (0x1A0|SSL_ST_ACCEPT) -#define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT) -#define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT) -#define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT) -#define SSL3_ST_SR_FINISHED_A (0x1C0|SSL_ST_ACCEPT) -#define SSL3_ST_SR_FINISHED_B (0x1C1|SSL_ST_ACCEPT) -/* write to client */ -#define SSL3_ST_SW_CHANGE_A (0x1D0|SSL_ST_ACCEPT) -#define SSL3_ST_SW_CHANGE_B (0x1D1|SSL_ST_ACCEPT) -#define SSL3_ST_SW_FINISHED_A (0x1E0|SSL_ST_ACCEPT) -#define SSL3_ST_SW_FINISHED_B (0x1E1|SSL_ST_ACCEPT) -#define SSL3_ST_SW_SESSION_TICKET_A (0x1F0|SSL_ST_ACCEPT) -#define SSL3_ST_SW_SESSION_TICKET_B (0x1F1|SSL_ST_ACCEPT) -#define SSL3_ST_SW_CERT_STATUS_A (0x200|SSL_ST_ACCEPT) -#define SSL3_ST_SW_CERT_STATUS_B (0x201|SSL_ST_ACCEPT) - -#define SSL3_MT_HELLO_REQUEST 0 -#define SSL3_MT_CLIENT_HELLO 1 -#define SSL3_MT_SERVER_HELLO 2 -#define SSL3_MT_NEWSESSION_TICKET 4 -#define SSL3_MT_CERTIFICATE 11 -#define SSL3_MT_SERVER_KEY_EXCHANGE 12 -#define SSL3_MT_CERTIFICATE_REQUEST 13 -#define SSL3_MT_SERVER_DONE 14 -#define SSL3_MT_CERTIFICATE_VERIFY 15 -#define SSL3_MT_CLIENT_KEY_EXCHANGE 16 -#define SSL3_MT_FINISHED 20 -#define SSL3_MT_CERTIFICATE_STATUS 22 - -#define DTLS1_MT_HELLO_VERIFY_REQUEST 3 - -#define SSL3_MT_CCS 1 - -/* These are used when changing over to a new cipher */ -#define SSL3_CC_READ 0x01 -#define SSL3_CC_WRITE 0x02 -#define SSL3_CC_CLIENT 0x10 -#define SSL3_CC_SERVER 0x20 -#define SSL3_CHANGE_CIPHER_CLIENT_WRITE (SSL3_CC_CLIENT|SSL3_CC_WRITE) -#define SSL3_CHANGE_CIPHER_SERVER_READ (SSL3_CC_SERVER|SSL3_CC_READ) -#define SSL3_CHANGE_CIPHER_CLIENT_READ (SSL3_CC_CLIENT|SSL3_CC_READ) -#define SSL3_CHANGE_CIPHER_SERVER_WRITE (SSL3_CC_SERVER|SSL3_CC_WRITE) - -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/openssl/stack.h b/libressl/include64/openssl/stack.h deleted file mode 100644 index 6bea6348..00000000 --- a/libressl/include64/openssl/stack.h +++ /dev/null @@ -1,107 +0,0 @@ -/* $OpenBSD: stack.h,v 1.9 2014/06/12 15:49:30 deraadt Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_STACK_H -#define HEADER_STACK_H - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct stack_st { - int num; - char **data; - int sorted; - - int num_alloc; - int (*comp)(const void *, const void *); -} _STACK; /* Use STACK_OF(...) instead */ - -#define M_sk_num(sk) ((sk) ? (sk)->num:-1) -#define M_sk_value(sk,n) ((sk) ? (sk)->data[n] : NULL) - -int sk_num(const _STACK *); -void *sk_value(const _STACK *, int); - -void *sk_set(_STACK *, int, void *); - -_STACK *sk_new(int (*cmp)(const void *, const void *)); -_STACK *sk_new_null(void); -void sk_free(_STACK *); -void sk_pop_free(_STACK *st, void (*func)(void *)); -int sk_insert(_STACK *sk, void *data, int where); -void *sk_delete(_STACK *st, int loc); -void *sk_delete_ptr(_STACK *st, void *p); -int sk_find(_STACK *st, void *data); -int sk_find_ex(_STACK *st, void *data); -int sk_push(_STACK *st, void *data); -int sk_unshift(_STACK *st, void *data); -void *sk_shift(_STACK *st); -void *sk_pop(_STACK *st); -void sk_zero(_STACK *st); -int (*sk_set_cmp_func(_STACK *sk, int (*c)(const void *, const void *)))( - const void *, const void *); -_STACK *sk_dup(_STACK *st); -void sk_sort(_STACK *st); -int sk_is_sorted(const _STACK *st); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/libressl/include64/openssl/tls1.h b/libressl/include64/openssl/tls1.h deleted file mode 100644 index cb68bbb5..00000000 --- a/libressl/include64/openssl/tls1.h +++ /dev/null @@ -1,769 +0,0 @@ -/* $OpenBSD: tls1.h,v 1.39 2019/03/19 16:53:03 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * - * Portions of the attached software ("Contribution") are developed by - * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. - * - * The Contribution is licensed pursuant to the OpenSSL open source - * license provided above. - * - * ECC cipher suite support in OpenSSL originally written by - * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories. - * - */ -/* ==================================================================== - * Copyright 2005 Nokia. All rights reserved. - * - * The portions of the attached software ("Contribution") is developed by - * Nokia Corporation and is licensed pursuant to the OpenSSL open source - * license. - * - * The Contribution, originally written by Mika Kousa and Pasi Eronen of - * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites - * support (see RFC 4279) to OpenSSL. - * - * No patent licenses or other rights except those expressly stated in - * the OpenSSL open source license shall be deemed granted or received - * expressly, by implication, estoppel, or otherwise. - * - * No assurances are provided by Nokia that the Contribution does not - * infringe the patent or other intellectual property rights of any third - * party or that the license provides you with all the necessary rights - * to make use of the Contribution. - * - * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN - * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA - * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY - * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR - * OTHERWISE. - */ - -#ifndef HEADER_TLS1_H -#define HEADER_TLS1_H - -#include <openssl/opensslconf.h> - -#include <openssl/buffer.h> - -#ifdef __cplusplus -extern "C" { -#endif - -#define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 0 - -#if defined(LIBRESSL_HAS_TLS1_3) || defined(LIBRESSL_INTERNAL) -#define TLS1_3_VERSION 0x0304 -#endif - -#define TLS1_2_VERSION 0x0303 -#define TLS1_2_VERSION_MAJOR 0x03 -#define TLS1_2_VERSION_MINOR 0x03 - -#define TLS1_1_VERSION 0x0302 -#define TLS1_1_VERSION_MAJOR 0x03 -#define TLS1_1_VERSION_MINOR 0x02 - -#define TLS1_VERSION 0x0301 -#define TLS1_VERSION_MAJOR 0x03 -#define TLS1_VERSION_MINOR 0x01 - -#define TLS1_get_version(s) \ - ((s->version >> 8) == TLS1_VERSION_MAJOR ? s->version : 0) - -#define TLS1_get_client_version(s) \ - ((s->client_version >> 8) == TLS1_VERSION_MAJOR ? s->client_version : 0) - -/* - * TLS Alert codes. - * - * https://www.iana.org/assignments/tls-parameters/#tls-parameters-6 - */ - -#define TLS1_AD_DECRYPTION_FAILED 21 -#define TLS1_AD_RECORD_OVERFLOW 22 -#define TLS1_AD_UNKNOWN_CA 48 /* fatal */ -#define TLS1_AD_ACCESS_DENIED 49 /* fatal */ -#define TLS1_AD_DECODE_ERROR 50 /* fatal */ -#define TLS1_AD_DECRYPT_ERROR 51 -#define TLS1_AD_EXPORT_RESTRICTION 60 /* fatal */ -#define TLS1_AD_PROTOCOL_VERSION 70 /* fatal */ -#define TLS1_AD_INSUFFICIENT_SECURITY 71 /* fatal */ -#define TLS1_AD_INTERNAL_ERROR 80 /* fatal */ -/* Code 86 from RFC 7507. */ -#define TLS1_AD_INAPPROPRIATE_FALLBACK 86 /* fatal */ -#define TLS1_AD_USER_CANCELLED 90 -#define TLS1_AD_NO_RENEGOTIATION 100 -/* Codes 110-114 from RFC 3546. */ -#define TLS1_AD_UNSUPPORTED_EXTENSION 110 -#define TLS1_AD_CERTIFICATE_UNOBTAINABLE 111 -#define TLS1_AD_UNRECOGNIZED_NAME 112 -#define TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE 113 -#define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE 114 -/* Code 115 from RFC 4279. */ -#define TLS1_AD_UNKNOWN_PSK_IDENTITY 115 /* fatal */ - -/* - * TLS ExtensionType values. - * - * https://www.iana.org/assignments/tls-extensiontype-values/ - */ - -/* ExtensionType values from RFC 3546, RFC 4366 and RFC 6066. */ -#define TLSEXT_TYPE_server_name 0 -#define TLSEXT_TYPE_max_fragment_length 1 -#define TLSEXT_TYPE_client_certificate_url 2 -#define TLSEXT_TYPE_trusted_ca_keys 3 -#define TLSEXT_TYPE_truncated_hmac 4 -#define TLSEXT_TYPE_status_request 5 - -/* ExtensionType values from RFC 4681. */ -#define TLSEXT_TYPE_user_mapping 6 - -/* ExtensionType values from RFC 5878. */ -#define TLSEXT_TYPE_client_authz 7 -#define TLSEXT_TYPE_server_authz 8 - -/* ExtensionType values from RFC 6091. */ -#define TLSEXT_TYPE_cert_type 9 - -/* ExtensionType values from RFC 7919. */ -#define TLSEXT_TYPE_supported_groups 10 - -/* ExtensionType values from RFC 4492. */ -#ifndef LIBRESSL_INTERNAL -#define TLSEXT_TYPE_elliptic_curves TLSEXT_TYPE_supported_groups -#endif -#define TLSEXT_TYPE_ec_point_formats 11 - -/* ExtensionType value from RFC 5054. */ -#define TLSEXT_TYPE_srp 12 - -/* ExtensionType value from RFC 5246/RFC 8446. */ -#define TLSEXT_TYPE_signature_algorithms 13 - -/* ExtensionType value from RFC 5764. */ -#define TLSEXT_TYPE_use_srtp 14 - -/* ExtensionType value from RFC 5620. */ -#define TLSEXT_TYPE_heartbeat 15 - -/* ExtensionType value from RFC 7301. */ -#define TLSEXT_TYPE_application_layer_protocol_negotiation 16 - -/* ExtensionType value from RFC 7685. */ -#define TLSEXT_TYPE_padding 21 - -/* ExtensionType value from RFC 4507. */ -#define TLSEXT_TYPE_session_ticket 35 - -/* ExtensionType values from RFC 8446 section 4.2 */ -#if defined(LIBRESSL_HAS_TLS1_3) || defined(LIBRESSL_INTERNAL) -#define TLSEXT_TYPE_pre_shared_key 41 -#define TLSEXT_TYPE_early_data 42 -#define TLSEXT_TYPE_supported_versions 43 -#define TLSEXT_TYPE_cookie 44 -#define TLSEXT_TYPE_psk_key_exchange_modes 45 -#define TLSEXT_TYPE_certificate_authorities 47 -#define TLSEXT_TYPE_oid_filters 48 -#define TLSEXT_TYPE_post_handshake_auth 49 -#define TLSEXT_TYPE_signature_algorithms_cert 50 -#define TLSEXT_TYPE_key_share 51 -#endif - -/* Temporary extension type */ -#define TLSEXT_TYPE_renegotiate 0xff01 - -/* NameType value from RFC 3546. */ -#define TLSEXT_NAMETYPE_host_name 0 -/* status request value from RFC 3546 */ -#define TLSEXT_STATUSTYPE_ocsp 1 - -/* ECPointFormat values from RFC 4492. */ -#define TLSEXT_ECPOINTFORMAT_first 0 -#define TLSEXT_ECPOINTFORMAT_uncompressed 0 -#define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime 1 -#define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2 2 -#define TLSEXT_ECPOINTFORMAT_last 2 - -#define TLSEXT_MAXLEN_host_name 255 - -const char *SSL_get_servername(const SSL *s, const int type); -int SSL_get_servername_type(const SSL *s); -/* SSL_export_keying_material exports a value derived from the master secret, - * as specified in RFC 5705. It writes |olen| bytes to |out| given a label and - * optional context. (Since a zero length context is allowed, the |use_context| - * flag controls whether a context is included.) - * - * It returns 1 on success and zero otherwise. - */ -int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen, - const char *label, size_t llen, const unsigned char *p, size_t plen, - int use_context); - -#define SSL_set_tlsext_host_name(s,name) \ -SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name,(char *)name) - -#define SSL_set_tlsext_debug_callback(ssl, cb) \ -SSL_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_CB,(void (*)(void))cb) - -#define SSL_set_tlsext_debug_arg(ssl, arg) \ -SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_ARG,0, (void *)arg) - -#define SSL_set_tlsext_status_type(ssl, type) \ -SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE,type, NULL) - -#define SSL_get_tlsext_status_exts(ssl, arg) \ -SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS,0, (void *)arg) - -#define SSL_set_tlsext_status_exts(ssl, arg) \ -SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS,0, (void *)arg) - -#define SSL_get_tlsext_status_ids(ssl, arg) \ -SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS,0, (void *)arg) - -#define SSL_set_tlsext_status_ids(ssl, arg) \ -SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS,0, (void *)arg) - -#define SSL_get_tlsext_status_ocsp_resp(ssl, arg) \ -SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP,0, (void *)arg) - -#define SSL_set_tlsext_status_ocsp_resp(ssl, arg, arglen) \ -SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP,arglen, (void *)arg) - -#define SSL_CTX_set_tlsext_servername_callback(ctx, cb) \ -SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_CB,(void (*)(void))cb) - -#define SSL_TLSEXT_ERR_OK 0 -#define SSL_TLSEXT_ERR_ALERT_WARNING 1 -#define SSL_TLSEXT_ERR_ALERT_FATAL 2 -#define SSL_TLSEXT_ERR_NOACK 3 - -#define SSL_CTX_set_tlsext_servername_arg(ctx, arg) \ -SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG,0, (void *)arg) - -#define SSL_CTX_get_tlsext_ticket_keys(ctx, keys, keylen) \ - SSL_CTX_ctrl((ctx),SSL_CTRL_GET_TLSEXT_TICKET_KEYS,(keylen),(keys)) -#define SSL_CTX_set_tlsext_ticket_keys(ctx, keys, keylen) \ - SSL_CTX_ctrl((ctx),SSL_CTRL_SET_TLSEXT_TICKET_KEYS,(keylen),(keys)) - -#define SSL_CTX_get_tlsext_status_cb(ssl, cb) \ -SSL_CTX_callback_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB,(void (*)(void))cb) -#define SSL_CTX_set_tlsext_status_cb(ssl, cb) \ -SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB,(void (*)(void))cb) - -#define SSL_CTX_get_tlsext_status_arg(ssl, arg) \ -SSL_CTX_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG,0,(void *)arg) -#define SSL_CTX_set_tlsext_status_arg(ssl, arg) \ -SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG,0,(void *)arg) - -#define SSL_CTX_set_tlsext_ticket_key_cb(ssl, cb) \ -SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb) - -/* PSK ciphersuites from RFC 4279. */ -#define TLS1_CK_PSK_WITH_RC4_128_SHA 0x0300008A -#define TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA 0x0300008B -#define TLS1_CK_PSK_WITH_AES_128_CBC_SHA 0x0300008C -#define TLS1_CK_PSK_WITH_AES_256_CBC_SHA 0x0300008D - -/* Additional TLS ciphersuites from expired Internet Draft - * draft-ietf-tls-56-bit-ciphersuites-01.txt - * (available if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES is defined, see - * s3_lib.c). We actually treat them like SSL 3.0 ciphers, which we probably - * shouldn't. Note that the first two are actually not in the IDs. */ -#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5 0x03000060 /* not in ID */ -#define TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 0x03000061 /* not in ID */ -#define TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA 0x03000062 -#define TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA 0x03000063 -#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA 0x03000064 -#define TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA 0x03000065 -#define TLS1_CK_DHE_DSS_WITH_RC4_128_SHA 0x03000066 - -/* AES ciphersuites from RFC 3268. */ - -#define TLS1_CK_RSA_WITH_AES_128_SHA 0x0300002F -#define TLS1_CK_DH_DSS_WITH_AES_128_SHA 0x03000030 -#define TLS1_CK_DH_RSA_WITH_AES_128_SHA 0x03000031 -#define TLS1_CK_DHE_DSS_WITH_AES_128_SHA 0x03000032 -#define TLS1_CK_DHE_RSA_WITH_AES_128_SHA 0x03000033 -#define TLS1_CK_ADH_WITH_AES_128_SHA 0x03000034 - -#define TLS1_CK_RSA_WITH_AES_256_SHA 0x03000035 -#define TLS1_CK_DH_DSS_WITH_AES_256_SHA 0x03000036 -#define TLS1_CK_DH_RSA_WITH_AES_256_SHA 0x03000037 -#define TLS1_CK_DHE_DSS_WITH_AES_256_SHA 0x03000038 -#define TLS1_CK_DHE_RSA_WITH_AES_256_SHA 0x03000039 -#define TLS1_CK_ADH_WITH_AES_256_SHA 0x0300003A - -/* TLS v1.2 ciphersuites */ -#define TLS1_CK_RSA_WITH_NULL_SHA256 0x0300003B -#define TLS1_CK_RSA_WITH_AES_128_SHA256 0x0300003C -#define TLS1_CK_RSA_WITH_AES_256_SHA256 0x0300003D -#define TLS1_CK_DH_DSS_WITH_AES_128_SHA256 0x0300003E -#define TLS1_CK_DH_RSA_WITH_AES_128_SHA256 0x0300003F -#define TLS1_CK_DHE_DSS_WITH_AES_128_SHA256 0x03000040 - -/* Camellia ciphersuites from RFC 4132. */ -#define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000041 -#define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA 0x03000042 -#define TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000043 -#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA 0x03000044 -#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000045 -#define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA 0x03000046 - -/* TLS v1.2 ciphersuites */ -#define TLS1_CK_DHE_RSA_WITH_AES_128_SHA256 0x03000067 -#define TLS1_CK_DH_DSS_WITH_AES_256_SHA256 0x03000068 -#define TLS1_CK_DH_RSA_WITH_AES_256_SHA256 0x03000069 -#define TLS1_CK_DHE_DSS_WITH_AES_256_SHA256 0x0300006A -#define TLS1_CK_DHE_RSA_WITH_AES_256_SHA256 0x0300006B -#define TLS1_CK_ADH_WITH_AES_128_SHA256 0x0300006C -#define TLS1_CK_ADH_WITH_AES_256_SHA256 0x0300006D - -/* Camellia ciphersuites from RFC 4132. */ -#define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000084 -#define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA 0x03000085 -#define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000086 -#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA 0x03000087 -#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000088 -#define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA 0x03000089 - -/* SEED ciphersuites from RFC 4162. */ -#define TLS1_CK_RSA_WITH_SEED_SHA 0x03000096 -#define TLS1_CK_DH_DSS_WITH_SEED_SHA 0x03000097 -#define TLS1_CK_DH_RSA_WITH_SEED_SHA 0x03000098 -#define TLS1_CK_DHE_DSS_WITH_SEED_SHA 0x03000099 -#define TLS1_CK_DHE_RSA_WITH_SEED_SHA 0x0300009A -#define TLS1_CK_ADH_WITH_SEED_SHA 0x0300009B - -/* TLS v1.2 GCM ciphersuites from RFC 5288. */ -#define TLS1_CK_RSA_WITH_AES_128_GCM_SHA256 0x0300009C -#define TLS1_CK_RSA_WITH_AES_256_GCM_SHA384 0x0300009D -#define TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256 0x0300009E -#define TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384 0x0300009F -#define TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256 0x030000A0 -#define TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384 0x030000A1 -#define TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256 0x030000A2 -#define TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384 0x030000A3 -#define TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256 0x030000A4 -#define TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384 0x030000A5 -#define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256 0x030000A6 -#define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384 0x030000A7 - -/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */ -#define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BA -#define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 0x030000BB -#define TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BC -#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 0x030000BD -#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BE -#define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256 0x030000BF - -#define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C0 -#define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 0x030000C1 -#define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C2 -#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 0x030000C3 -#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C4 -#define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256 0x030000C5 - -/* TLS 1.3 cipher suites from RFC 8446 appendix B.4. */ -#if defined(LIBRESSL_HAS_TLS1_3) || defined(LIBRESSL_INTERNAL) -#define TLS1_3_CK_AES_128_GCM_SHA256 0x03001301 -#define TLS1_3_CK_AES_256_GCM_SHA384 0x03001302 -#define TLS1_3_CK_CHACHA20_POLY1305_SHA256 0x03001303 -#define TLS1_3_CK_AES_128_CCM_SHA256 0x03001304 -#define TLS1_3_CK_AES_128_CCM_8_SHA256 0x03001305 -#endif - -/* ECC ciphersuites from RFC 4492. */ -#define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA 0x0300C001 -#define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA 0x0300C002 -#define TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA 0x0300C003 -#define TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0x0300C004 -#define TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0x0300C005 - -#define TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA 0x0300C006 -#define TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA 0x0300C007 -#define TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA 0x0300C008 -#define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0x0300C009 -#define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0x0300C00A - -#define TLS1_CK_ECDH_RSA_WITH_NULL_SHA 0x0300C00B -#define TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA 0x0300C00C -#define TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA 0x0300C00D -#define TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA 0x0300C00E -#define TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA 0x0300C00F - -#define TLS1_CK_ECDHE_RSA_WITH_NULL_SHA 0x0300C010 -#define TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA 0x0300C011 -#define TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA 0x0300C012 -#define TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA 0x0300C013 -#define TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA 0x0300C014 - -#define TLS1_CK_ECDH_anon_WITH_NULL_SHA 0x0300C015 -#define TLS1_CK_ECDH_anon_WITH_RC4_128_SHA 0x0300C016 -#define TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA 0x0300C017 -#define TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA 0x0300C018 -#define TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA 0x0300C019 - -/* SRP ciphersuites from RFC 5054. */ -#define TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA 0x0300C01A -#define TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA 0x0300C01B -#define TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA 0x0300C01C -#define TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA 0x0300C01D -#define TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA 0x0300C01E -#define TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA 0x0300C01F -#define TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA 0x0300C020 -#define TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA 0x0300C021 -#define TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA 0x0300C022 - -/* ECDH HMAC based ciphersuites from RFC 5289. */ -#define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256 0x0300C023 -#define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384 0x0300C024 -#define TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256 0x0300C025 -#define TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384 0x0300C026 -#define TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256 0x0300C027 -#define TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384 0x0300C028 -#define TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256 0x0300C029 -#define TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384 0x0300C02A - -/* ECDH GCM based ciphersuites from RFC 5289. */ -#define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0x0300C02B -#define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0x0300C02C -#define TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0x0300C02D -#define TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0x0300C02E -#define TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0x0300C02F -#define TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0x0300C030 -#define TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256 0x0300C031 -#define TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384 0x0300C032 - -/* ChaCha20-Poly1305 based ciphersuites. */ -#define TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305 0x0300CCA8 -#define TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305 0x0300CCA9 -#define TLS1_CK_DHE_RSA_CHACHA20_POLY1305 0x0300CCAA - -#define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5 "EXP1024-RC4-MD5" -#define TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 "EXP1024-RC2-CBC-MD5" -#define TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA "EXP1024-DES-CBC-SHA" -#define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA "EXP1024-DHE-DSS-DES-CBC-SHA" -#define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA "EXP1024-RC4-SHA" -#define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA "EXP1024-DHE-DSS-RC4-SHA" -#define TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA "DHE-DSS-RC4-SHA" - -/* AES ciphersuites from RFC 3268. */ -#define TLS1_TXT_RSA_WITH_AES_128_SHA "AES128-SHA" -#define TLS1_TXT_DH_DSS_WITH_AES_128_SHA "DH-DSS-AES128-SHA" -#define TLS1_TXT_DH_RSA_WITH_AES_128_SHA "DH-RSA-AES128-SHA" -#define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA "DHE-DSS-AES128-SHA" -#define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA "DHE-RSA-AES128-SHA" -#define TLS1_TXT_ADH_WITH_AES_128_SHA "ADH-AES128-SHA" - -#define TLS1_TXT_RSA_WITH_AES_256_SHA "AES256-SHA" -#define TLS1_TXT_DH_DSS_WITH_AES_256_SHA "DH-DSS-AES256-SHA" -#define TLS1_TXT_DH_RSA_WITH_AES_256_SHA "DH-RSA-AES256-SHA" -#define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA "DHE-DSS-AES256-SHA" -#define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA "DHE-RSA-AES256-SHA" -#define TLS1_TXT_ADH_WITH_AES_256_SHA "ADH-AES256-SHA" - -/* ECC ciphersuites from draft-ietf-tls-ecc-01.txt (Mar 15, 2001) */ -#define TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA "ECDH-ECDSA-NULL-SHA" -#define TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA "ECDH-ECDSA-RC4-SHA" -#define TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA "ECDH-ECDSA-DES-CBC3-SHA" -#define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA "ECDH-ECDSA-AES128-SHA" -#define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA "ECDH-ECDSA-AES256-SHA" - -#define TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA "ECDHE-ECDSA-NULL-SHA" -#define TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA "ECDHE-ECDSA-RC4-SHA" -#define TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA "ECDHE-ECDSA-DES-CBC3-SHA" -#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA "ECDHE-ECDSA-AES128-SHA" -#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA "ECDHE-ECDSA-AES256-SHA" - -#define TLS1_TXT_ECDH_RSA_WITH_NULL_SHA "ECDH-RSA-NULL-SHA" -#define TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA "ECDH-RSA-RC4-SHA" -#define TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA "ECDH-RSA-DES-CBC3-SHA" -#define TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA "ECDH-RSA-AES128-SHA" -#define TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA "ECDH-RSA-AES256-SHA" - -#define TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA "ECDHE-RSA-NULL-SHA" -#define TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA "ECDHE-RSA-RC4-SHA" -#define TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA "ECDHE-RSA-DES-CBC3-SHA" -#define TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA "ECDHE-RSA-AES128-SHA" -#define TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA "ECDHE-RSA-AES256-SHA" - -#define TLS1_TXT_ECDH_anon_WITH_NULL_SHA "AECDH-NULL-SHA" -#define TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA "AECDH-RC4-SHA" -#define TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA "AECDH-DES-CBC3-SHA" -#define TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA "AECDH-AES128-SHA" -#define TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA "AECDH-AES256-SHA" - -/* PSK ciphersuites from RFC 4279. */ -#define TLS1_TXT_PSK_WITH_RC4_128_SHA "PSK-RC4-SHA" -#define TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA "PSK-3DES-EDE-CBC-SHA" -#define TLS1_TXT_PSK_WITH_AES_128_CBC_SHA "PSK-AES128-CBC-SHA" -#define TLS1_TXT_PSK_WITH_AES_256_CBC_SHA "PSK-AES256-CBC-SHA" - -/* SRP ciphersuite from RFC 5054. */ -#define TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA "SRP-3DES-EDE-CBC-SHA" -#define TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA "SRP-RSA-3DES-EDE-CBC-SHA" -#define TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA "SRP-DSS-3DES-EDE-CBC-SHA" -#define TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA "SRP-AES-128-CBC-SHA" -#define TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA "SRP-RSA-AES-128-CBC-SHA" -#define TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA "SRP-DSS-AES-128-CBC-SHA" -#define TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA "SRP-AES-256-CBC-SHA" -#define TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA "SRP-RSA-AES-256-CBC-SHA" -#define TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA "SRP-DSS-AES-256-CBC-SHA" - -/* Camellia ciphersuites from RFC 4132. */ -#define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA "CAMELLIA128-SHA" -#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA "DH-DSS-CAMELLIA128-SHA" -#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA "DH-RSA-CAMELLIA128-SHA" -#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA "DHE-DSS-CAMELLIA128-SHA" -#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA "DHE-RSA-CAMELLIA128-SHA" -#define TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA "ADH-CAMELLIA128-SHA" - -#define TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA "CAMELLIA256-SHA" -#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA "DH-DSS-CAMELLIA256-SHA" -#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA "DH-RSA-CAMELLIA256-SHA" -#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA "DHE-DSS-CAMELLIA256-SHA" -#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA "DHE-RSA-CAMELLIA256-SHA" -#define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA "ADH-CAMELLIA256-SHA" - -/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */ -#define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256 "CAMELLIA128-SHA256" -#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 "DH-DSS-CAMELLIA128-SHA256" -#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 "DH-RSA-CAMELLIA128-SHA256" -#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 "DHE-DSS-CAMELLIA128-SHA256" -#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 "DHE-RSA-CAMELLIA128-SHA256" -#define TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256 "ADH-CAMELLIA128-SHA256" - -#define TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256 "CAMELLIA256-SHA256" -#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 "DH-DSS-CAMELLIA256-SHA256" -#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 "DH-RSA-CAMELLIA256-SHA256" -#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 "DHE-DSS-CAMELLIA256-SHA256" -#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 "DHE-RSA-CAMELLIA256-SHA256" -#define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256 "ADH-CAMELLIA256-SHA256" - -/* SEED ciphersuites from RFC 4162. */ -#define TLS1_TXT_RSA_WITH_SEED_SHA "SEED-SHA" -#define TLS1_TXT_DH_DSS_WITH_SEED_SHA "DH-DSS-SEED-SHA" -#define TLS1_TXT_DH_RSA_WITH_SEED_SHA "DH-RSA-SEED-SHA" -#define TLS1_TXT_DHE_DSS_WITH_SEED_SHA "DHE-DSS-SEED-SHA" -#define TLS1_TXT_DHE_RSA_WITH_SEED_SHA "DHE-RSA-SEED-SHA" -#define TLS1_TXT_ADH_WITH_SEED_SHA "ADH-SEED-SHA" - -/* TLS v1.2 ciphersuites. */ -#define TLS1_TXT_RSA_WITH_NULL_SHA256 "NULL-SHA256" -#define TLS1_TXT_RSA_WITH_AES_128_SHA256 "AES128-SHA256" -#define TLS1_TXT_RSA_WITH_AES_256_SHA256 "AES256-SHA256" -#define TLS1_TXT_DH_DSS_WITH_AES_128_SHA256 "DH-DSS-AES128-SHA256" -#define TLS1_TXT_DH_RSA_WITH_AES_128_SHA256 "DH-RSA-AES128-SHA256" -#define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256 "DHE-DSS-AES128-SHA256" -#define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256 "DHE-RSA-AES128-SHA256" -#define TLS1_TXT_DH_DSS_WITH_AES_256_SHA256 "DH-DSS-AES256-SHA256" -#define TLS1_TXT_DH_RSA_WITH_AES_256_SHA256 "DH-RSA-AES256-SHA256" -#define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256 "DHE-DSS-AES256-SHA256" -#define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256 "DHE-RSA-AES256-SHA256" -#define TLS1_TXT_ADH_WITH_AES_128_SHA256 "ADH-AES128-SHA256" -#define TLS1_TXT_ADH_WITH_AES_256_SHA256 "ADH-AES256-SHA256" - -/* TLS v1.2 GCM ciphersuites from RFC 5288. */ -#define TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256 "AES128-GCM-SHA256" -#define TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384 "AES256-GCM-SHA384" -#define TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256 "DHE-RSA-AES128-GCM-SHA256" -#define TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384 "DHE-RSA-AES256-GCM-SHA384" -#define TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256 "DH-RSA-AES128-GCM-SHA256" -#define TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384 "DH-RSA-AES256-GCM-SHA384" -#define TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256 "DHE-DSS-AES128-GCM-SHA256" -#define TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384 "DHE-DSS-AES256-GCM-SHA384" -#define TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256 "DH-DSS-AES128-GCM-SHA256" -#define TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384 "DH-DSS-AES256-GCM-SHA384" -#define TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256 "ADH-AES128-GCM-SHA256" -#define TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384 "ADH-AES256-GCM-SHA384" - -/* ECDH HMAC based ciphersuites from RFC 5289. */ -#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256 "ECDHE-ECDSA-AES128-SHA256" -#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384 "ECDHE-ECDSA-AES256-SHA384" -#define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256 "ECDH-ECDSA-AES128-SHA256" -#define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384 "ECDH-ECDSA-AES256-SHA384" -#define TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256 "ECDHE-RSA-AES128-SHA256" -#define TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384 "ECDHE-RSA-AES256-SHA384" -#define TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256 "ECDH-RSA-AES128-SHA256" -#define TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384 "ECDH-RSA-AES256-SHA384" - -/* ECDH GCM based ciphersuites from RFC 5289. */ -#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 "ECDHE-ECDSA-AES128-GCM-SHA256" -#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 "ECDHE-ECDSA-AES256-GCM-SHA384" -#define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 "ECDH-ECDSA-AES128-GCM-SHA256" -#define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 "ECDH-ECDSA-AES256-GCM-SHA384" -#define TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256 "ECDHE-RSA-AES128-GCM-SHA256" -#define TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384 "ECDHE-RSA-AES256-GCM-SHA384" -#define TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256 "ECDH-RSA-AES128-GCM-SHA256" -#define TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384 "ECDH-RSA-AES256-GCM-SHA384" - -/* ChaCha20-Poly1305 based ciphersuites. */ -#define TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305 "ECDHE-RSA-CHACHA20-POLY1305" -#define TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 "ECDHE-ECDSA-CHACHA20-POLY1305" -#define TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305 "DHE-RSA-CHACHA20-POLY1305" - -/* TLS 1.3 cipher suites from RFC 8446 appendix B.4. */ -#if defined(LIBRESSL_HAS_TLS1_3) || defined(LIBRESSL_INTERNAL) -#define TLS1_3_TXT_AES_128_GCM_SHA256 "AEAD-AES128-GCM-SHA256" -#define TLS1_3_TXT_AES_256_GCM_SHA384 "AEAD-AES256-GCM-SHA384" -#define TLS1_3_TXT_CHACHA20_POLY1305_SHA256 "AEAD-CHACHA20-POLY1305-SHA256" -#define TLS1_3_TXT_AES_128_CCM_SHA256 "AEAD-AES128-CCM-SHA256" -#define TLS1_3_TXT_AES_128_CCM_8_SHA256 "AEAD-AES128-CCM-8-SHA256" -#endif - -#define TLS_CT_RSA_SIGN 1 -#define TLS_CT_DSS_SIGN 2 -#define TLS_CT_RSA_FIXED_DH 3 -#define TLS_CT_DSS_FIXED_DH 4 -#define TLS_CT_ECDSA_SIGN 64 -#define TLS_CT_RSA_FIXED_ECDH 65 -#define TLS_CT_ECDSA_FIXED_ECDH 66 -#define TLS_CT_GOST94_SIGN 21 -#define TLS_CT_GOST01_SIGN 22 -#define TLS_CT_GOST12_256_SIGN 238 /* FIXME: IANA */ -#define TLS_CT_GOST12_512_SIGN 239 /* FIXME: IANA */ -/* when correcting this number, correct also SSL3_CT_NUMBER in ssl3.h (see - * comment there) */ -#define TLS_CT_NUMBER 11 - -#define TLS1_FINISH_MAC_LENGTH 12 - -#define TLS_MD_MAX_CONST_SIZE 20 -#define TLS_MD_CLIENT_FINISH_CONST "client finished" -#define TLS_MD_CLIENT_FINISH_CONST_SIZE 15 -#define TLS_MD_SERVER_FINISH_CONST "server finished" -#define TLS_MD_SERVER_FINISH_CONST_SIZE 15 -#define TLS_MD_SERVER_WRITE_KEY_CONST "server write key" -#define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE 16 -#define TLS_MD_KEY_EXPANSION_CONST "key expansion" -#define TLS_MD_KEY_EXPANSION_CONST_SIZE 13 -#define TLS_MD_CLIENT_WRITE_KEY_CONST "client write key" -#define TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE 16 -#define TLS_MD_SERVER_WRITE_KEY_CONST "server write key" -#define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE 16 -#define TLS_MD_IV_BLOCK_CONST "IV block" -#define TLS_MD_IV_BLOCK_CONST_SIZE 8 -#define TLS_MD_MASTER_SECRET_CONST "master secret" -#define TLS_MD_MASTER_SECRET_CONST_SIZE 13 - -/* TLS Session Ticket extension struct. */ -struct tls_session_ticket_ext_st { - unsigned short length; - void *data; -}; - -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/openssl/ts.h b/libressl/include64/openssl/ts.h deleted file mode 100644 index fa8eb949..00000000 --- a/libressl/include64/openssl/ts.h +++ /dev/null @@ -1,837 +0,0 @@ -/* $OpenBSD: ts.h,v 1.10 2018/05/13 15:35:46 tb Exp $ */ -/* Written by Zoltan Glozik (zglozik@opentsa.org) for the OpenSSL - * project 2002, 2003, 2004. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_TS_H -#define HEADER_TS_H - -#include <openssl/opensslconf.h> - -#ifndef OPENSSL_NO_BUFFER -#include <openssl/buffer.h> -#endif -#ifndef OPENSSL_NO_EVP -#include <openssl/evp.h> -#endif -#ifndef OPENSSL_NO_BIO -#include <openssl/bio.h> -#endif -#include <openssl/stack.h> -#include <openssl/asn1.h> -#include <openssl/safestack.h> - -#ifndef OPENSSL_NO_RSA -#include <openssl/rsa.h> -#endif - -#ifndef OPENSSL_NO_DSA -#include <openssl/dsa.h> -#endif - -#ifndef OPENSSL_NO_DH -#include <openssl/dh.h> -#endif - -#ifdef __cplusplus -extern "C" { -#endif - -#include <openssl/x509.h> -#include <openssl/x509v3.h> - -/* -MessageImprint ::= SEQUENCE { - hashAlgorithm AlgorithmIdentifier, - hashedMessage OCTET STRING } -*/ - -typedef struct TS_msg_imprint_st { - X509_ALGOR *hash_algo; - ASN1_OCTET_STRING *hashed_msg; -} TS_MSG_IMPRINT; - -/* -TimeStampReq ::= SEQUENCE { - version INTEGER { v1(1) }, - messageImprint MessageImprint, - --a hash algorithm OID and the hash value of the data to be - --time-stamped - reqPolicy TSAPolicyId OPTIONAL, - nonce INTEGER OPTIONAL, - certReq BOOLEAN DEFAULT FALSE, - extensions [0] IMPLICIT Extensions OPTIONAL } -*/ - -typedef struct TS_req_st { - ASN1_INTEGER *version; - TS_MSG_IMPRINT *msg_imprint; - ASN1_OBJECT *policy_id; /* OPTIONAL */ - ASN1_INTEGER *nonce; /* OPTIONAL */ - ASN1_BOOLEAN cert_req; /* DEFAULT FALSE */ - STACK_OF(X509_EXTENSION) *extensions; /* [0] OPTIONAL */ -} TS_REQ; - -/* -Accuracy ::= SEQUENCE { - seconds INTEGER OPTIONAL, - millis [0] INTEGER (1..999) OPTIONAL, - micros [1] INTEGER (1..999) OPTIONAL } -*/ - -typedef struct TS_accuracy_st { - ASN1_INTEGER *seconds; - ASN1_INTEGER *millis; - ASN1_INTEGER *micros; -} TS_ACCURACY; - -/* -TSTInfo ::= SEQUENCE { - version INTEGER { v1(1) }, - policy TSAPolicyId, - messageImprint MessageImprint, - -- MUST have the same value as the similar field in - -- TimeStampReq - serialNumber INTEGER, - -- Time-Stamping users MUST be ready to accommodate integers - -- up to 160 bits. - genTime GeneralizedTime, - accuracy Accuracy OPTIONAL, - ordering BOOLEAN DEFAULT FALSE, - nonce INTEGER OPTIONAL, - -- MUST be present if the similar field was present - -- in TimeStampReq. In that case it MUST have the same value. - tsa [0] GeneralName OPTIONAL, - extensions [1] IMPLICIT Extensions OPTIONAL } -*/ - -typedef struct TS_tst_info_st { - ASN1_INTEGER *version; - ASN1_OBJECT *policy_id; - TS_MSG_IMPRINT *msg_imprint; - ASN1_INTEGER *serial; - ASN1_GENERALIZEDTIME *time; - TS_ACCURACY *accuracy; - ASN1_BOOLEAN ordering; - ASN1_INTEGER *nonce; - GENERAL_NAME *tsa; - STACK_OF(X509_EXTENSION) *extensions; -} TS_TST_INFO; - -/* -PKIStatusInfo ::= SEQUENCE { - status PKIStatus, - statusString PKIFreeText OPTIONAL, - failInfo PKIFailureInfo OPTIONAL } - -From RFC 1510 - section 3.1.1: -PKIFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String - -- text encoded as UTF-8 String (note: each UTF8String SHOULD - -- include an RFC 1766 language tag to indicate the language - -- of the contained text) -*/ - -/* Possible values for status. See ts_resp_print.c && ts_resp_verify.c. */ - -#define TS_STATUS_GRANTED 0 -#define TS_STATUS_GRANTED_WITH_MODS 1 -#define TS_STATUS_REJECTION 2 -#define TS_STATUS_WAITING 3 -#define TS_STATUS_REVOCATION_WARNING 4 -#define TS_STATUS_REVOCATION_NOTIFICATION 5 - -/* Possible values for failure_info. See ts_resp_print.c && ts_resp_verify.c */ - -#define TS_INFO_BAD_ALG 0 -#define TS_INFO_BAD_REQUEST 2 -#define TS_INFO_BAD_DATA_FORMAT 5 -#define TS_INFO_TIME_NOT_AVAILABLE 14 -#define TS_INFO_UNACCEPTED_POLICY 15 -#define TS_INFO_UNACCEPTED_EXTENSION 16 -#define TS_INFO_ADD_INFO_NOT_AVAILABLE 17 -#define TS_INFO_SYSTEM_FAILURE 25 - -typedef struct TS_status_info_st { - ASN1_INTEGER *status; - STACK_OF(ASN1_UTF8STRING) *text; - ASN1_BIT_STRING *failure_info; -} TS_STATUS_INFO; - -DECLARE_STACK_OF(ASN1_UTF8STRING) - -/* -TimeStampResp ::= SEQUENCE { - status PKIStatusInfo, - timeStampToken TimeStampToken OPTIONAL } -*/ - -typedef struct TS_resp_st { - TS_STATUS_INFO *status_info; - PKCS7 *token; - TS_TST_INFO *tst_info; -} TS_RESP; - -/* The structure below would belong to the ESS component. */ - -/* -IssuerSerial ::= SEQUENCE { - issuer GeneralNames, - serialNumber CertificateSerialNumber - } -*/ - -typedef struct ESS_issuer_serial { - STACK_OF(GENERAL_NAME) *issuer; - ASN1_INTEGER *serial; -} ESS_ISSUER_SERIAL; - -/* -ESSCertID ::= SEQUENCE { - certHash Hash, - issuerSerial IssuerSerial OPTIONAL -} -*/ - -typedef struct ESS_cert_id { - ASN1_OCTET_STRING *hash; /* Always SHA-1 digest. */ - ESS_ISSUER_SERIAL *issuer_serial; -} ESS_CERT_ID; - -DECLARE_STACK_OF(ESS_CERT_ID) - -/* -SigningCertificate ::= SEQUENCE { - certs SEQUENCE OF ESSCertID, - policies SEQUENCE OF PolicyInformation OPTIONAL -} -*/ - -typedef struct ESS_signing_cert { - STACK_OF(ESS_CERT_ID) *cert_ids; - STACK_OF(POLICYINFO) *policy_info; -} ESS_SIGNING_CERT; - - -TS_REQ *TS_REQ_new(void); -void TS_REQ_free(TS_REQ *a); -int i2d_TS_REQ(const TS_REQ *a, unsigned char **pp); -TS_REQ *d2i_TS_REQ(TS_REQ **a, const unsigned char **pp, long length); - -TS_REQ *TS_REQ_dup(TS_REQ *a); - -TS_REQ *d2i_TS_REQ_fp(FILE *fp, TS_REQ **a); -int i2d_TS_REQ_fp(FILE *fp, TS_REQ *a); -TS_REQ *d2i_TS_REQ_bio(BIO *fp, TS_REQ **a); -int i2d_TS_REQ_bio(BIO *fp, TS_REQ *a); - -TS_MSG_IMPRINT *TS_MSG_IMPRINT_new(void); -void TS_MSG_IMPRINT_free(TS_MSG_IMPRINT *a); -int i2d_TS_MSG_IMPRINT(const TS_MSG_IMPRINT *a, unsigned char **pp); -TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT(TS_MSG_IMPRINT **a, - const unsigned char **pp, long length); - -TS_MSG_IMPRINT *TS_MSG_IMPRINT_dup(TS_MSG_IMPRINT *a); - -TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT **a); -int i2d_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT *a); -TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_bio(BIO *fp, TS_MSG_IMPRINT **a); -int i2d_TS_MSG_IMPRINT_bio(BIO *fp, TS_MSG_IMPRINT *a); - -TS_RESP *TS_RESP_new(void); -void TS_RESP_free(TS_RESP *a); -int i2d_TS_RESP(const TS_RESP *a, unsigned char **pp); -TS_RESP *d2i_TS_RESP(TS_RESP **a, const unsigned char **pp, long length); -TS_TST_INFO *PKCS7_to_TS_TST_INFO(PKCS7 *token); -TS_RESP *TS_RESP_dup(TS_RESP *a); - -TS_RESP *d2i_TS_RESP_fp(FILE *fp, TS_RESP **a); -int i2d_TS_RESP_fp(FILE *fp, TS_RESP *a); -TS_RESP *d2i_TS_RESP_bio(BIO *fp, TS_RESP **a); -int i2d_TS_RESP_bio(BIO *fp, TS_RESP *a); - -TS_STATUS_INFO *TS_STATUS_INFO_new(void); -void TS_STATUS_INFO_free(TS_STATUS_INFO *a); -int i2d_TS_STATUS_INFO(const TS_STATUS_INFO *a, unsigned char **pp); -TS_STATUS_INFO *d2i_TS_STATUS_INFO(TS_STATUS_INFO **a, - const unsigned char **pp, long length); -TS_STATUS_INFO *TS_STATUS_INFO_dup(TS_STATUS_INFO *a); - -TS_TST_INFO *TS_TST_INFO_new(void); -void TS_TST_INFO_free(TS_TST_INFO *a); -int i2d_TS_TST_INFO(const TS_TST_INFO *a, unsigned char **pp); -TS_TST_INFO *d2i_TS_TST_INFO(TS_TST_INFO **a, const unsigned char **pp, - long length); -TS_TST_INFO *TS_TST_INFO_dup(TS_TST_INFO *a); - -TS_TST_INFO *d2i_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO **a); -int i2d_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO *a); -TS_TST_INFO *d2i_TS_TST_INFO_bio(BIO *fp, TS_TST_INFO **a); -int i2d_TS_TST_INFO_bio(BIO *fp, TS_TST_INFO *a); - -TS_ACCURACY *TS_ACCURACY_new(void); -void TS_ACCURACY_free(TS_ACCURACY *a); -int i2d_TS_ACCURACY(const TS_ACCURACY *a, unsigned char **pp); -TS_ACCURACY *d2i_TS_ACCURACY(TS_ACCURACY **a, const unsigned char **pp, - long length); -TS_ACCURACY *TS_ACCURACY_dup(TS_ACCURACY *a); - -ESS_ISSUER_SERIAL *ESS_ISSUER_SERIAL_new(void); -void ESS_ISSUER_SERIAL_free(ESS_ISSUER_SERIAL *a); -int i2d_ESS_ISSUER_SERIAL(const ESS_ISSUER_SERIAL *a, - unsigned char **pp); -ESS_ISSUER_SERIAL *d2i_ESS_ISSUER_SERIAL(ESS_ISSUER_SERIAL **a, - const unsigned char **pp, long length); -ESS_ISSUER_SERIAL *ESS_ISSUER_SERIAL_dup(ESS_ISSUER_SERIAL *a); - -ESS_CERT_ID *ESS_CERT_ID_new(void); -void ESS_CERT_ID_free(ESS_CERT_ID *a); -int i2d_ESS_CERT_ID(const ESS_CERT_ID *a, unsigned char **pp); -ESS_CERT_ID *d2i_ESS_CERT_ID(ESS_CERT_ID **a, const unsigned char **pp, - long length); -ESS_CERT_ID *ESS_CERT_ID_dup(ESS_CERT_ID *a); - -ESS_SIGNING_CERT *ESS_SIGNING_CERT_new(void); -void ESS_SIGNING_CERT_free(ESS_SIGNING_CERT *a); -int i2d_ESS_SIGNING_CERT(const ESS_SIGNING_CERT *a, - unsigned char **pp); -ESS_SIGNING_CERT *d2i_ESS_SIGNING_CERT(ESS_SIGNING_CERT **a, - const unsigned char **pp, long length); -ESS_SIGNING_CERT *ESS_SIGNING_CERT_dup(ESS_SIGNING_CERT *a); - -void ERR_load_TS_strings(void); - -int TS_REQ_set_version(TS_REQ *a, long version); -long TS_REQ_get_version(const TS_REQ *a); - -int TS_REQ_set_msg_imprint(TS_REQ *a, TS_MSG_IMPRINT *msg_imprint); -TS_MSG_IMPRINT *TS_REQ_get_msg_imprint(TS_REQ *a); - -int TS_MSG_IMPRINT_set_algo(TS_MSG_IMPRINT *a, X509_ALGOR *alg); -X509_ALGOR *TS_MSG_IMPRINT_get_algo(TS_MSG_IMPRINT *a); - -int TS_MSG_IMPRINT_set_msg(TS_MSG_IMPRINT *a, unsigned char *d, int len); -ASN1_OCTET_STRING *TS_MSG_IMPRINT_get_msg(TS_MSG_IMPRINT *a); - -int TS_REQ_set_policy_id(TS_REQ *a, const ASN1_OBJECT *policy); -ASN1_OBJECT *TS_REQ_get_policy_id(TS_REQ *a); - -int TS_REQ_set_nonce(TS_REQ *a, const ASN1_INTEGER *nonce); -const ASN1_INTEGER *TS_REQ_get_nonce(const TS_REQ *a); - -int TS_REQ_set_cert_req(TS_REQ *a, int cert_req); -int TS_REQ_get_cert_req(const TS_REQ *a); - -STACK_OF(X509_EXTENSION) *TS_REQ_get_exts(TS_REQ *a); -void TS_REQ_ext_free(TS_REQ *a); -int TS_REQ_get_ext_count(TS_REQ *a); -int TS_REQ_get_ext_by_NID(TS_REQ *a, int nid, int lastpos); -int TS_REQ_get_ext_by_OBJ(TS_REQ *a, const ASN1_OBJECT *obj, int lastpos); -int TS_REQ_get_ext_by_critical(TS_REQ *a, int crit, int lastpos); -X509_EXTENSION *TS_REQ_get_ext(TS_REQ *a, int loc); -X509_EXTENSION *TS_REQ_delete_ext(TS_REQ *a, int loc); -int TS_REQ_add_ext(TS_REQ *a, X509_EXTENSION *ex, int loc); -void *TS_REQ_get_ext_d2i(TS_REQ *a, int nid, int *crit, int *idx); - -/* Function declarations for TS_REQ defined in ts/ts_req_print.c */ - -int TS_REQ_print_bio(BIO *bio, TS_REQ *a); - -/* Function declarations for TS_RESP defined in ts/ts_resp_utils.c */ - -int TS_RESP_set_status_info(TS_RESP *a, TS_STATUS_INFO *info); -TS_STATUS_INFO *TS_RESP_get_status_info(TS_RESP *a); - -/* Caller loses ownership of PKCS7 and TS_TST_INFO objects. */ -void TS_RESP_set_tst_info(TS_RESP *a, PKCS7 *p7, TS_TST_INFO *tst_info); -PKCS7 *TS_RESP_get_token(TS_RESP *a); -TS_TST_INFO *TS_RESP_get_tst_info(TS_RESP *a); - -int TS_TST_INFO_set_version(TS_TST_INFO *a, long version); -long TS_TST_INFO_get_version(const TS_TST_INFO *a); - -int TS_TST_INFO_set_policy_id(TS_TST_INFO *a, ASN1_OBJECT *policy_id); -ASN1_OBJECT *TS_TST_INFO_get_policy_id(TS_TST_INFO *a); - -int TS_TST_INFO_set_msg_imprint(TS_TST_INFO *a, TS_MSG_IMPRINT *msg_imprint); -TS_MSG_IMPRINT *TS_TST_INFO_get_msg_imprint(TS_TST_INFO *a); - -int TS_TST_INFO_set_serial(TS_TST_INFO *a, const ASN1_INTEGER *serial); -const ASN1_INTEGER *TS_TST_INFO_get_serial(const TS_TST_INFO *a); - -int TS_TST_INFO_set_time(TS_TST_INFO *a, const ASN1_GENERALIZEDTIME *gtime); -const ASN1_GENERALIZEDTIME *TS_TST_INFO_get_time(const TS_TST_INFO *a); - -int TS_TST_INFO_set_accuracy(TS_TST_INFO *a, TS_ACCURACY *accuracy); -TS_ACCURACY *TS_TST_INFO_get_accuracy(TS_TST_INFO *a); - -int TS_ACCURACY_set_seconds(TS_ACCURACY *a, const ASN1_INTEGER *seconds); -const ASN1_INTEGER *TS_ACCURACY_get_seconds(const TS_ACCURACY *a); - -int TS_ACCURACY_set_millis(TS_ACCURACY *a, const ASN1_INTEGER *millis); -const ASN1_INTEGER *TS_ACCURACY_get_millis(const TS_ACCURACY *a); - -int TS_ACCURACY_set_micros(TS_ACCURACY *a, const ASN1_INTEGER *micros); -const ASN1_INTEGER *TS_ACCURACY_get_micros(const TS_ACCURACY *a); - -int TS_TST_INFO_set_ordering(TS_TST_INFO *a, int ordering); -int TS_TST_INFO_get_ordering(const TS_TST_INFO *a); - -int TS_TST_INFO_set_nonce(TS_TST_INFO *a, const ASN1_INTEGER *nonce); -const ASN1_INTEGER *TS_TST_INFO_get_nonce(const TS_TST_INFO *a); - -int TS_TST_INFO_set_tsa(TS_TST_INFO *a, GENERAL_NAME *tsa); -GENERAL_NAME *TS_TST_INFO_get_tsa(TS_TST_INFO *a); - -STACK_OF(X509_EXTENSION) *TS_TST_INFO_get_exts(TS_TST_INFO *a); -void TS_TST_INFO_ext_free(TS_TST_INFO *a); -int TS_TST_INFO_get_ext_count(TS_TST_INFO *a); -int TS_TST_INFO_get_ext_by_NID(TS_TST_INFO *a, int nid, int lastpos); -int TS_TST_INFO_get_ext_by_OBJ(TS_TST_INFO *a, const ASN1_OBJECT *obj, - int lastpos); -int TS_TST_INFO_get_ext_by_critical(TS_TST_INFO *a, int crit, int lastpos); -X509_EXTENSION *TS_TST_INFO_get_ext(TS_TST_INFO *a, int loc); -X509_EXTENSION *TS_TST_INFO_delete_ext(TS_TST_INFO *a, int loc); -int TS_TST_INFO_add_ext(TS_TST_INFO *a, X509_EXTENSION *ex, int loc); -void *TS_TST_INFO_get_ext_d2i(TS_TST_INFO *a, int nid, int *crit, int *idx); - -/* Declarations related to response generation, defined in ts/ts_resp_sign.c. */ - -/* Optional flags for response generation. */ - -/* Don't include the TSA name in response. */ -#define TS_TSA_NAME 0x01 - -/* Set ordering to true in response. */ -#define TS_ORDERING 0x02 - -/* - * Include the signer certificate and the other specified certificates in - * the ESS signing certificate attribute beside the PKCS7 signed data. - * Only the signer certificates is included by default. - */ -#define TS_ESS_CERT_ID_CHAIN 0x04 - -/* Forward declaration. */ -struct TS_resp_ctx; - -/* This must return a unique number less than 160 bits long. */ -typedef ASN1_INTEGER *(*TS_serial_cb)(struct TS_resp_ctx *, void *); - -/* This must return the seconds and microseconds since Jan 1, 1970 in - the sec and usec variables allocated by the caller. - Return non-zero for success and zero for failure. */ -typedef int (*TS_time_cb)(struct TS_resp_ctx *, void *, time_t *sec, long *usec); - -/* This must process the given extension. - * It can modify the TS_TST_INFO object of the context. - * Return values: !0 (processed), 0 (error, it must set the - * status info/failure info of the response). - */ -typedef int (*TS_extension_cb)(struct TS_resp_ctx *, X509_EXTENSION *, void *); - -typedef struct TS_resp_ctx { - X509 *signer_cert; - EVP_PKEY *signer_key; - STACK_OF(X509) *certs; /* Certs to include in signed data. */ - STACK_OF(ASN1_OBJECT) *policies; /* Acceptable policies. */ - ASN1_OBJECT *default_policy; /* It may appear in policies, too. */ - STACK_OF(EVP_MD) *mds; /* Acceptable message digests. */ - ASN1_INTEGER *seconds; /* accuracy, 0 means not specified. */ - ASN1_INTEGER *millis; /* accuracy, 0 means not specified. */ - ASN1_INTEGER *micros; /* accuracy, 0 means not specified. */ - unsigned clock_precision_digits; /* fraction of seconds in - time stamp token. */ - unsigned flags; /* Optional info, see values above. */ - - /* Callback functions. */ - TS_serial_cb serial_cb; - void *serial_cb_data; /* User data for serial_cb. */ - - TS_time_cb time_cb; - void *time_cb_data; /* User data for time_cb. */ - - TS_extension_cb extension_cb; - void *extension_cb_data; /* User data for extension_cb. */ - - /* These members are used only while creating the response. */ - TS_REQ *request; - TS_RESP *response; - TS_TST_INFO *tst_info; -} TS_RESP_CTX; - -DECLARE_STACK_OF(EVP_MD) - -/* Creates a response context that can be used for generating responses. */ -TS_RESP_CTX *TS_RESP_CTX_new(void); -void TS_RESP_CTX_free(TS_RESP_CTX *ctx); - -/* This parameter must be set. */ -int TS_RESP_CTX_set_signer_cert(TS_RESP_CTX *ctx, X509 *signer); - -/* This parameter must be set. */ -int TS_RESP_CTX_set_signer_key(TS_RESP_CTX *ctx, EVP_PKEY *key); - -/* This parameter must be set. */ -int TS_RESP_CTX_set_def_policy(TS_RESP_CTX *ctx, const ASN1_OBJECT *def_policy); - -/* No additional certs are included in the response by default. */ -int TS_RESP_CTX_set_certs(TS_RESP_CTX *ctx, STACK_OF(X509) *certs); - -/* Adds a new acceptable policy, only the default policy - is accepted by default. */ -int TS_RESP_CTX_add_policy(TS_RESP_CTX *ctx, const ASN1_OBJECT *policy); - -/* Adds a new acceptable message digest. Note that no message digests - are accepted by default. The md argument is shared with the caller. */ -int TS_RESP_CTX_add_md(TS_RESP_CTX *ctx, const EVP_MD *md); - -/* Accuracy is not included by default. */ -int TS_RESP_CTX_set_accuracy(TS_RESP_CTX *ctx, - int secs, int millis, int micros); - -/* Clock precision digits, i.e. the number of decimal digits: - '0' means sec, '3' msec, '6' usec, and so on. Default is 0. */ -int TS_RESP_CTX_set_clock_precision_digits(TS_RESP_CTX *ctx, - unsigned clock_precision_digits); -/* At most we accept usec precision. */ -#define TS_MAX_CLOCK_PRECISION_DIGITS 6 - -/* No flags are set by default. */ -void TS_RESP_CTX_add_flags(TS_RESP_CTX *ctx, int flags); - -/* Default callback always returns a constant. */ -void TS_RESP_CTX_set_serial_cb(TS_RESP_CTX *ctx, TS_serial_cb cb, void *data); - -/* Default callback rejects all extensions. The extension callback is called - * when the TS_TST_INFO object is already set up and not signed yet. */ -/* FIXME: extension handling is not tested yet. */ -void TS_RESP_CTX_set_extension_cb(TS_RESP_CTX *ctx, - TS_extension_cb cb, void *data); - -/* The following methods can be used in the callbacks. */ -int TS_RESP_CTX_set_status_info(TS_RESP_CTX *ctx, - int status, const char *text); - -/* Sets the status info only if it is still TS_STATUS_GRANTED. */ -int TS_RESP_CTX_set_status_info_cond(TS_RESP_CTX *ctx, - int status, const char *text); - -int TS_RESP_CTX_add_failure_info(TS_RESP_CTX *ctx, int failure); - -/* The get methods below can be used in the extension callback. */ -TS_REQ *TS_RESP_CTX_get_request(TS_RESP_CTX *ctx); - -TS_TST_INFO *TS_RESP_CTX_get_tst_info(TS_RESP_CTX *ctx); - -/* - * Creates the signed TS_TST_INFO and puts it in TS_RESP. - * In case of errors it sets the status info properly. - * Returns NULL only in case of memory allocation/fatal error. - */ -TS_RESP *TS_RESP_create_response(TS_RESP_CTX *ctx, BIO *req_bio); - -/* - * Declarations related to response verification, - * they are defined in ts/ts_resp_verify.c. - */ - -int TS_RESP_verify_signature(PKCS7 *token, STACK_OF(X509) *certs, - X509_STORE *store, X509 **signer_out); - -/* Context structure for the generic verify method. */ - -/* Verify the signer's certificate and the signature of the response. */ -#define TS_VFY_SIGNATURE (1u << 0) -/* Verify the version number of the response. */ -#define TS_VFY_VERSION (1u << 1) -/* Verify if the policy supplied by the user matches the policy of the TSA. */ -#define TS_VFY_POLICY (1u << 2) -/* Verify the message imprint provided by the user. This flag should not be - specified with TS_VFY_DATA. */ -#define TS_VFY_IMPRINT (1u << 3) -/* Verify the message imprint computed by the verify method from the user - provided data and the MD algorithm of the response. This flag should not be - specified with TS_VFY_IMPRINT. */ -#define TS_VFY_DATA (1u << 4) -/* Verify the nonce value. */ -#define TS_VFY_NONCE (1u << 5) -/* Verify if the TSA name field matches the signer certificate. */ -#define TS_VFY_SIGNER (1u << 6) -/* Verify if the TSA name field equals to the user provided name. */ -#define TS_VFY_TSA_NAME (1u << 7) - -/* You can use the following convenience constants. */ -#define TS_VFY_ALL_IMPRINT (TS_VFY_SIGNATURE \ - | TS_VFY_VERSION \ - | TS_VFY_POLICY \ - | TS_VFY_IMPRINT \ - | TS_VFY_NONCE \ - | TS_VFY_SIGNER \ - | TS_VFY_TSA_NAME) -#define TS_VFY_ALL_DATA (TS_VFY_SIGNATURE \ - | TS_VFY_VERSION \ - | TS_VFY_POLICY \ - | TS_VFY_DATA \ - | TS_VFY_NONCE \ - | TS_VFY_SIGNER \ - | TS_VFY_TSA_NAME) - -typedef struct TS_verify_ctx { - /* Set this to the union of TS_VFY_... flags you want to carry out. */ - unsigned flags; - - /* Must be set only with TS_VFY_SIGNATURE. certs is optional. */ - X509_STORE *store; - STACK_OF(X509) *certs; - - /* Must be set only with TS_VFY_POLICY. */ - ASN1_OBJECT *policy; - - /* Must be set only with TS_VFY_IMPRINT. If md_alg is NULL, - the algorithm from the response is used. */ - X509_ALGOR *md_alg; - unsigned char *imprint; - unsigned imprint_len; - - /* Must be set only with TS_VFY_DATA. */ - BIO *data; - - /* Must be set only with TS_VFY_TSA_NAME. */ - ASN1_INTEGER *nonce; - - /* Must be set only with TS_VFY_TSA_NAME. */ - GENERAL_NAME *tsa_name; -} TS_VERIFY_CTX; - -int TS_RESP_verify_response(TS_VERIFY_CTX *ctx, TS_RESP *response); -int TS_RESP_verify_token(TS_VERIFY_CTX *ctx, PKCS7 *token); - -/* - * Declarations related to response verification context, - * they are defined in ts/ts_verify_ctx.c. - */ - -/* Set all fields to zero. */ -TS_VERIFY_CTX *TS_VERIFY_CTX_new(void); -void TS_VERIFY_CTX_init(TS_VERIFY_CTX *ctx); -void TS_VERIFY_CTX_free(TS_VERIFY_CTX *ctx); -void TS_VERIFY_CTX_cleanup(TS_VERIFY_CTX *ctx); - -/* - * If ctx is NULL, it allocates and returns a new object, otherwise - * it returns ctx. It initialises all the members as follows: - * flags = TS_VFY_ALL_IMPRINT & ~(TS_VFY_TSA_NAME | TS_VFY_SIGNATURE) - * certs = NULL - * store = NULL - * policy = policy from the request or NULL if absent (in this case - * TS_VFY_POLICY is cleared from flags as well) - * md_alg = MD algorithm from request - * imprint, imprint_len = imprint from request - * data = NULL - * nonce, nonce_len = nonce from the request or NULL if absent (in this case - * TS_VFY_NONCE is cleared from flags as well) - * tsa_name = NULL - * Important: after calling this method TS_VFY_SIGNATURE should be added! - */ -TS_VERIFY_CTX *TS_REQ_to_TS_VERIFY_CTX(TS_REQ *req, TS_VERIFY_CTX *ctx); - -/* Function declarations for TS_RESP defined in ts/ts_resp_print.c */ - -int TS_RESP_print_bio(BIO *bio, TS_RESP *a); -int TS_STATUS_INFO_print_bio(BIO *bio, TS_STATUS_INFO *a); -int TS_TST_INFO_print_bio(BIO *bio, TS_TST_INFO *a); - -/* Common utility functions defined in ts/ts_lib.c */ - -int TS_ASN1_INTEGER_print_bio(BIO *bio, const ASN1_INTEGER *num); -int TS_OBJ_print_bio(BIO *bio, const ASN1_OBJECT *obj); -int TS_ext_print_bio(BIO *bio, const STACK_OF(X509_EXTENSION) *extensions); -int TS_X509_ALGOR_print_bio(BIO *bio, const X509_ALGOR *alg); -int TS_MSG_IMPRINT_print_bio(BIO *bio, TS_MSG_IMPRINT *msg); - -/* Function declarations for handling configuration options, - defined in ts/ts_conf.c */ - -X509 *TS_CONF_load_cert(const char *file); -STACK_OF(X509) *TS_CONF_load_certs(const char *file); -EVP_PKEY *TS_CONF_load_key(const char *file, const char *pass); -const char *TS_CONF_get_tsa_section(CONF *conf, const char *section); -int TS_CONF_set_serial(CONF *conf, const char *section, TS_serial_cb cb, - TS_RESP_CTX *ctx); -int TS_CONF_set_crypto_device(CONF *conf, const char *section, - const char *device); -int TS_CONF_set_default_engine(const char *name); -int TS_CONF_set_signer_cert(CONF *conf, const char *section, - const char *cert, TS_RESP_CTX *ctx); -int TS_CONF_set_certs(CONF *conf, const char *section, const char *certs, - TS_RESP_CTX *ctx); -int TS_CONF_set_signer_key(CONF *conf, const char *section, - const char *key, const char *pass, TS_RESP_CTX *ctx); -int TS_CONF_set_def_policy(CONF *conf, const char *section, - const char *policy, TS_RESP_CTX *ctx); -int TS_CONF_set_policies(CONF *conf, const char *section, TS_RESP_CTX *ctx); -int TS_CONF_set_digests(CONF *conf, const char *section, TS_RESP_CTX *ctx); -int TS_CONF_set_accuracy(CONF *conf, const char *section, TS_RESP_CTX *ctx); -int TS_CONF_set_clock_precision_digits(CONF *conf, const char *section, - TS_RESP_CTX *ctx); -int TS_CONF_set_ordering(CONF *conf, const char *section, TS_RESP_CTX *ctx); -int TS_CONF_set_tsa_name(CONF *conf, const char *section, TS_RESP_CTX *ctx); -int TS_CONF_set_ess_cert_id_chain(CONF *conf, const char *section, - TS_RESP_CTX *ctx); - -/* -------------------------------------------------- */ -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_TS_strings(void); - -/* Error codes for the TS functions. */ - -/* Function codes. */ -#define TS_F_D2I_TS_RESP 147 -#define TS_F_DEF_SERIAL_CB 110 -#define TS_F_DEF_TIME_CB 111 -#define TS_F_ESS_ADD_SIGNING_CERT 112 -#define TS_F_ESS_CERT_ID_NEW_INIT 113 -#define TS_F_ESS_SIGNING_CERT_NEW_INIT 114 -#define TS_F_INT_TS_RESP_VERIFY_TOKEN 149 -#define TS_F_PKCS7_TO_TS_TST_INFO 148 -#define TS_F_TS_ACCURACY_SET_MICROS 115 -#define TS_F_TS_ACCURACY_SET_MILLIS 116 -#define TS_F_TS_ACCURACY_SET_SECONDS 117 -#define TS_F_TS_CHECK_IMPRINTS 100 -#define TS_F_TS_CHECK_NONCES 101 -#define TS_F_TS_CHECK_POLICY 102 -#define TS_F_TS_CHECK_SIGNING_CERTS 103 -#define TS_F_TS_CHECK_STATUS_INFO 104 -#define TS_F_TS_COMPUTE_IMPRINT 145 -#define TS_F_TS_CONF_SET_DEFAULT_ENGINE 146 -#define TS_F_TS_GET_STATUS_TEXT 105 -#define TS_F_TS_MSG_IMPRINT_SET_ALGO 118 -#define TS_F_TS_REQ_SET_MSG_IMPRINT 119 -#define TS_F_TS_REQ_SET_NONCE 120 -#define TS_F_TS_REQ_SET_POLICY_ID 121 -#define TS_F_TS_RESP_CREATE_RESPONSE 122 -#define TS_F_TS_RESP_CREATE_TST_INFO 123 -#define TS_F_TS_RESP_CTX_ADD_FAILURE_INFO 124 -#define TS_F_TS_RESP_CTX_ADD_MD 125 -#define TS_F_TS_RESP_CTX_ADD_POLICY 126 -#define TS_F_TS_RESP_CTX_NEW 127 -#define TS_F_TS_RESP_CTX_SET_ACCURACY 128 -#define TS_F_TS_RESP_CTX_SET_CERTS 129 -#define TS_F_TS_RESP_CTX_SET_DEF_POLICY 130 -#define TS_F_TS_RESP_CTX_SET_SIGNER_CERT 131 -#define TS_F_TS_RESP_CTX_SET_STATUS_INFO 132 -#define TS_F_TS_RESP_GET_POLICY 133 -#define TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION 134 -#define TS_F_TS_RESP_SET_STATUS_INFO 135 -#define TS_F_TS_RESP_SET_TST_INFO 150 -#define TS_F_TS_RESP_SIGN 136 -#define TS_F_TS_RESP_VERIFY_SIGNATURE 106 -#define TS_F_TS_RESP_VERIFY_TOKEN 107 -#define TS_F_TS_TST_INFO_SET_ACCURACY 137 -#define TS_F_TS_TST_INFO_SET_MSG_IMPRINT 138 -#define TS_F_TS_TST_INFO_SET_NONCE 139 -#define TS_F_TS_TST_INFO_SET_POLICY_ID 140 -#define TS_F_TS_TST_INFO_SET_SERIAL 141 -#define TS_F_TS_TST_INFO_SET_TIME 142 -#define TS_F_TS_TST_INFO_SET_TSA 143 -#define TS_F_TS_VERIFY 108 -#define TS_F_TS_VERIFY_CERT 109 -#define TS_F_TS_VERIFY_CTX_NEW 144 - -/* Reason codes. */ -#define TS_R_BAD_PKCS7_TYPE 132 -#define TS_R_BAD_TYPE 133 -#define TS_R_CERTIFICATE_VERIFY_ERROR 100 -#define TS_R_COULD_NOT_SET_ENGINE 127 -#define TS_R_COULD_NOT_SET_TIME 115 -#define TS_R_D2I_TS_RESP_INT_FAILED 128 -#define TS_R_DETACHED_CONTENT 134 -#define TS_R_ESS_ADD_SIGNING_CERT_ERROR 116 -#define TS_R_ESS_SIGNING_CERTIFICATE_ERROR 101 -#define TS_R_INVALID_NULL_POINTER 102 -#define TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE 117 -#define TS_R_MESSAGE_IMPRINT_MISMATCH 103 -#define TS_R_NONCE_MISMATCH 104 -#define TS_R_NONCE_NOT_RETURNED 105 -#define TS_R_NO_CONTENT 106 -#define TS_R_NO_TIME_STAMP_TOKEN 107 -#define TS_R_PKCS7_ADD_SIGNATURE_ERROR 118 -#define TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR 119 -#define TS_R_PKCS7_TO_TS_TST_INFO_FAILED 129 -#define TS_R_POLICY_MISMATCH 108 -#define TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 120 -#define TS_R_RESPONSE_SETUP_ERROR 121 -#define TS_R_SIGNATURE_FAILURE 109 -#define TS_R_THERE_MUST_BE_ONE_SIGNER 110 -#define TS_R_TIME_SYSCALL_ERROR 122 -#define TS_R_TOKEN_NOT_PRESENT 130 -#define TS_R_TOKEN_PRESENT 131 -#define TS_R_TSA_NAME_MISMATCH 111 -#define TS_R_TSA_UNTRUSTED 112 -#define TS_R_TST_INFO_SETUP_ERROR 123 -#define TS_R_TS_DATASIGN 124 -#define TS_R_UNACCEPTABLE_POLICY 125 -#define TS_R_UNSUPPORTED_MD_ALGORITHM 126 -#define TS_R_UNSUPPORTED_VERSION 113 -#define TS_R_WRONG_CONTENT_TYPE 114 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/openssl/txt_db.h b/libressl/include64/openssl/txt_db.h deleted file mode 100644 index 56b6b424..00000000 --- a/libressl/include64/openssl/txt_db.h +++ /dev/null @@ -1,112 +0,0 @@ -/* $OpenBSD: txt_db.h,v 1.9 2014/07/10 22:45:58 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_TXT_DB_H -#define HEADER_TXT_DB_H - -#include <openssl/opensslconf.h> - -#ifndef OPENSSL_NO_BIO -#include <openssl/bio.h> -#endif -#include <openssl/stack.h> -#include <openssl/lhash.h> - -#define DB_ERROR_OK 0 -#define DB_ERROR_MALLOC 1 -#define DB_ERROR_INDEX_CLASH 2 -#define DB_ERROR_INDEX_OUT_OF_RANGE 3 -#define DB_ERROR_NO_INDEX 4 -#define DB_ERROR_INSERT_INDEX_CLASH 5 - -#ifdef __cplusplus -extern "C" { -#endif - -typedef OPENSSL_STRING *OPENSSL_PSTRING; -DECLARE_SPECIAL_STACK_OF(OPENSSL_PSTRING, OPENSSL_STRING) - -typedef struct txt_db_st { - int num_fields; - STACK_OF(OPENSSL_PSTRING) *data; - LHASH_OF(OPENSSL_STRING) **index; - int (**qual)(OPENSSL_STRING *); - long error; - long arg1; - long arg2; - OPENSSL_STRING *arg_row; -} TXT_DB; - -#ifndef OPENSSL_NO_BIO -TXT_DB *TXT_DB_read(BIO *in, int num); -long TXT_DB_write(BIO *out, TXT_DB *db); -#else -TXT_DB *TXT_DB_read(char *in, int num); -long TXT_DB_write(char *out, TXT_DB *db); -#endif -int TXT_DB_create_index(TXT_DB *db, int field, int (*qual)(OPENSSL_STRING *), - LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp); -void TXT_DB_free(TXT_DB *db); -OPENSSL_STRING *TXT_DB_get_by_index(TXT_DB *db, int idx, OPENSSL_STRING *value); -int TXT_DB_insert(TXT_DB *db, OPENSSL_STRING *value); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/libressl/include64/openssl/ui.h b/libressl/include64/openssl/ui.h deleted file mode 100644 index 8035fc2b..00000000 --- a/libressl/include64/openssl/ui.h +++ /dev/null @@ -1,384 +0,0 @@ -/* $OpenBSD: ui.h,v 1.11 2018/06/02 04:45:21 tb Exp $ */ -/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL - * project 2001. - */ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_UI_H -#define HEADER_UI_H - -#include <openssl/opensslconf.h> - -#ifndef OPENSSL_NO_DEPRECATED -#include <openssl/crypto.h> -#endif -#include <openssl/safestack.h> -#include <openssl/ossl_typ.h> - -#ifdef __cplusplus -extern "C" { -#endif - -/* Declared already in ossl_typ.h */ -/* typedef struct ui_st UI; */ -/* typedef struct ui_method_st UI_METHOD; */ - - -/* All the following functions return -1 or NULL on error and in some cases - (UI_process()) -2 if interrupted or in some other way cancelled. - When everything is fine, they return 0, a positive value or a non-NULL - pointer, all depending on their purpose. */ - -/* Creators and destructor. */ -UI *UI_new(void); -UI *UI_new_method(const UI_METHOD *method); -void UI_free(UI *ui); - -/* The following functions are used to add strings to be printed and prompt - strings to prompt for data. The names are UI_{add,dup}_<function>_string - and UI_{add,dup}_input_boolean. - - UI_{add,dup}_<function>_string have the following meanings: - add add a text or prompt string. The pointers given to these - functions are used verbatim, no copying is done. - dup make a copy of the text or prompt string, then add the copy - to the collection of strings in the user interface. - <function> - The function is a name for the functionality that the given - string shall be used for. It can be one of: - input use the string as data prompt. - verify use the string as verification prompt. This - is used to verify a previous input. - info use the string for informational output. - error use the string for error output. - Honestly, there's currently no difference between info and error for the - moment. - - UI_{add,dup}_input_boolean have the same semantics for "add" and "dup", - and are typically used when one wants to prompt for a yes/no response. - - - All of the functions in this group take a UI and a prompt string. - The string input and verify addition functions also take a flag argument, - a buffer for the result to end up with, a minimum input size and a maximum - input size (the result buffer MUST be large enough to be able to contain - the maximum number of characters). Additionally, the verify addition - functions takes another buffer to compare the result against. - The boolean input functions take an action description string (which should - be safe to ignore if the expected user action is obvious, for example with - a dialog box with an OK button and a Cancel button), a string of acceptable - characters to mean OK and to mean Cancel. The two last strings are checked - to make sure they don't have common characters. Additionally, the same - flag argument as for the string input is taken, as well as a result buffer. - The result buffer is required to be at least one byte long. Depending on - the answer, the first character from the OK or the Cancel character strings - will be stored in the first byte of the result buffer. No NUL will be - added, so the result is *not* a string. - - On success, the all return an index of the added information. That index - is usefull when retrieving results with UI_get0_result(). */ -int UI_add_input_string(UI *ui, const char *prompt, int flags, - char *result_buf, int minsize, int maxsize); -int UI_dup_input_string(UI *ui, const char *prompt, int flags, - char *result_buf, int minsize, int maxsize); -int UI_add_verify_string(UI *ui, const char *prompt, int flags, - char *result_buf, int minsize, int maxsize, const char *test_buf); -int UI_dup_verify_string(UI *ui, const char *prompt, int flags, - char *result_buf, int minsize, int maxsize, const char *test_buf); -int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc, - const char *ok_chars, const char *cancel_chars, - int flags, char *result_buf); -int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc, - const char *ok_chars, const char *cancel_chars, - int flags, char *result_buf); -int UI_add_info_string(UI *ui, const char *text); -int UI_dup_info_string(UI *ui, const char *text); -int UI_add_error_string(UI *ui, const char *text); -int UI_dup_error_string(UI *ui, const char *text); - -/* These are the possible flags. They can be or'ed together. */ -/* Use to have echoing of input */ -#define UI_INPUT_FLAG_ECHO 0x01 -/* Use a default password. Where that password is found is completely - up to the application, it might for example be in the user data set - with UI_add_user_data(). It is not recommended to have more than - one input in each UI being marked with this flag, or the application - might get confused. */ -#define UI_INPUT_FLAG_DEFAULT_PWD 0x02 - -/* The user of these routines may want to define flags of their own. The core - UI won't look at those, but will pass them on to the method routines. They - must use higher bits so they don't get confused with the UI bits above. - UI_INPUT_FLAG_USER_BASE tells which is the lowest bit to use. A good - example of use is this: - - #define MY_UI_FLAG1 (0x01 << UI_INPUT_FLAG_USER_BASE) - -*/ -#define UI_INPUT_FLAG_USER_BASE 16 - - -/* The following function helps construct a prompt. object_desc is a - textual short description of the object, for example "pass phrase", - and object_name is the name of the object (might be a card name or - a file name. - The returned string shall always be allocated on the heap with - malloc(), and need to be free'd with free(). - - If the ui_method doesn't contain a pointer to a user-defined prompt - constructor, a default string is built, looking like this: - - "Enter {object_desc} for {object_name}:" - - So, if object_desc has the value "pass phrase" and object_name has - the value "foo.key", the resulting string is: - - "Enter pass phrase for foo.key:" -*/ -char *UI_construct_prompt(UI *ui_method, const char *object_desc, - const char *object_name); - - -/* The following function is used to store a pointer to user-specific data. - Any previous such pointer will be returned and replaced. - - For callback purposes, this function makes a lot more sense than using - ex_data, since the latter requires that different parts of OpenSSL or - applications share the same ex_data index. - - Note that the UI_OpenSSL() method completely ignores the user data. - Other methods may not, however. */ -void *UI_add_user_data(UI *ui, void *user_data); -/* We need a user data retrieving function as well. */ -void *UI_get0_user_data(UI *ui); - -/* Return the result associated with a prompt given with the index i. */ -const char *UI_get0_result(UI *ui, int i); - -/* When all strings have been added, process the whole thing. */ -int UI_process(UI *ui); - -/* Give a user interface parametrised control commands. This can be used to - send down an integer, a data pointer or a function pointer, as well as - be used to get information from a UI. */ -int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)(void)); - -/* The commands */ -/* Use UI_CONTROL_PRINT_ERRORS with the value 1 to have UI_process print the - OpenSSL error stack before printing any info or added error messages and - before any prompting. */ -#define UI_CTRL_PRINT_ERRORS 1 -/* Check if a UI_process() is possible to do again with the same instance of - a user interface. This makes UI_ctrl() return 1 if it is redoable, and 0 - if not. */ -#define UI_CTRL_IS_REDOABLE 2 - - -/* Some methods may use extra data */ -#define UI_set_app_data(s,arg) UI_set_ex_data(s,0,arg) -#define UI_get_app_data(s) UI_get_ex_data(s,0) -int UI_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -int UI_set_ex_data(UI *r, int idx, void *arg); -void *UI_get_ex_data(UI *r, int idx); - -/* Use specific methods instead of the built-in one */ -void UI_set_default_method(const UI_METHOD *meth); -const UI_METHOD *UI_get_default_method(void); -const UI_METHOD *UI_get_method(UI *ui); -const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth); - -/* The method with all the built-in thingies */ -UI_METHOD *UI_OpenSSL(void); - - -/* ---------- For method writers ---------- */ -/* A method contains a number of functions that implement the low level - of the User Interface. The functions are: - - an opener This function starts a session, maybe by opening - a channel to a tty, or by opening a window. - a writer This function is called to write a given string, - maybe to the tty, maybe as a field label in a - window. - a flusher This function is called to flush everything that - has been output so far. It can be used to actually - display a dialog box after it has been built. - a reader This function is called to read a given prompt, - maybe from the tty, maybe from a field in a - window. Note that it's called wth all string - structures, not only the prompt ones, so it must - check such things itself. - a closer This function closes the session, maybe by closing - the channel to the tty, or closing the window. - - All these functions are expected to return: - - 0 on error. - 1 on success. - -1 on out-of-band events, for example if some prompting has - been canceled (by pressing Ctrl-C, for example). This is - only checked when returned by the flusher or the reader. - - The way this is used, the opener is first called, then the writer for all - strings, then the flusher, then the reader for all strings and finally the - closer. Note that if you want to prompt from a terminal or other command - line interface, the best is to have the reader also write the prompts - instead of having the writer do it. If you want to prompt from a dialog - box, the writer can be used to build up the contents of the box, and the - flusher to actually display the box and run the event loop until all data - has been given, after which the reader only grabs the given data and puts - them back into the UI strings. - - All method functions take a UI as argument. Additionally, the writer and - the reader take a UI_STRING. -*/ - -/* The UI_STRING type is the data structure that contains all the needed info - about a string or a prompt, including test data for a verification prompt. -*/ -typedef struct ui_string_st UI_STRING; -DECLARE_STACK_OF(UI_STRING) - -/* The different types of strings that are currently supported. - This is only needed by method authors. */ -enum UI_string_types { - UIT_NONE = 0, - UIT_PROMPT, /* Prompt for a string */ - UIT_VERIFY, /* Prompt for a string and verify */ - UIT_BOOLEAN, /* Prompt for a yes/no response */ - UIT_INFO, /* Send info to the user */ - UIT_ERROR /* Send an error message to the user */ -}; - -/* Create and manipulate methods */ -UI_METHOD *UI_create_method(const char *name); -void UI_destroy_method(UI_METHOD *ui_method); -int UI_method_set_opener(UI_METHOD *method, int (*opener)(UI *ui)); -int UI_method_set_writer(UI_METHOD *method, int (*writer)(UI *ui, UI_STRING *uis)); -int UI_method_set_flusher(UI_METHOD *method, int (*flusher)(UI *ui)); -int UI_method_set_reader(UI_METHOD *method, int (*reader)(UI *ui, UI_STRING *uis)); -int UI_method_set_closer(UI_METHOD *method, int (*closer)(UI *ui)); -int UI_method_set_prompt_constructor(UI_METHOD *method, char *(*prompt_constructor)(UI* ui, const char* object_desc, const char* object_name)); -int (*UI_method_get_opener(const UI_METHOD *method))(UI*); -int (*UI_method_get_writer(const UI_METHOD *method))(UI*, UI_STRING*); -int (*UI_method_get_flusher(const UI_METHOD *method))(UI*); -int (*UI_method_get_reader(const UI_METHOD *method))(UI*, UI_STRING*); -int (*UI_method_get_closer(const UI_METHOD *method))(UI*); -char * (*UI_method_get_prompt_constructor(const UI_METHOD *method))(UI*, const char*, const char*); - -/* The following functions are helpers for method writers to access relevant - data from a UI_STRING. */ - -/* Return type of the UI_STRING */ -enum UI_string_types UI_get_string_type(UI_STRING *uis); -/* Return input flags of the UI_STRING */ -int UI_get_input_flags(UI_STRING *uis); -/* Return the actual string to output (the prompt, info or error) */ -const char *UI_get0_output_string(UI_STRING *uis); -/* Return the optional action string to output (the boolean promtp instruction) */ -const char *UI_get0_action_string(UI_STRING *uis); -/* Return the result of a prompt */ -const char *UI_get0_result_string(UI_STRING *uis); -/* Return the string to test the result against. Only useful with verifies. */ -const char *UI_get0_test_string(UI_STRING *uis); -/* Return the required minimum size of the result */ -int UI_get_result_minsize(UI_STRING *uis); -/* Return the required maximum size of the result */ -int UI_get_result_maxsize(UI_STRING *uis); -/* Set the result of a UI_STRING. */ -int UI_set_result(UI *ui, UI_STRING *uis, const char *result); - - -/* A couple of popular utility functions */ -int UI_UTIL_read_pw_string(char *buf, int length, const char *prompt, int verify); -int UI_UTIL_read_pw(char *buf, char *buff, int size, const char *prompt, int verify); - - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_UI_strings(void); - -/* Error codes for the UI functions. */ - -/* Function codes. */ -#define UI_F_GENERAL_ALLOCATE_BOOLEAN 108 -#define UI_F_GENERAL_ALLOCATE_PROMPT 109 -#define UI_F_GENERAL_ALLOCATE_STRING 100 -#define UI_F_UI_CTRL 111 -#define UI_F_UI_DUP_ERROR_STRING 101 -#define UI_F_UI_DUP_INFO_STRING 102 -#define UI_F_UI_DUP_INPUT_BOOLEAN 110 -#define UI_F_UI_DUP_INPUT_STRING 103 -#define UI_F_UI_DUP_VERIFY_STRING 106 -#define UI_F_UI_GET0_RESULT 107 -#define UI_F_UI_NEW_METHOD 104 -#define UI_F_UI_SET_RESULT 105 - -/* Reason codes. */ -#define UI_R_COMMON_OK_AND_CANCEL_CHARACTERS 104 -#define UI_R_INDEX_TOO_LARGE 102 -#define UI_R_INDEX_TOO_SMALL 103 -#define UI_R_NO_RESULT_BUFFER 105 -#define UI_R_RESULT_TOO_LARGE 100 -#define UI_R_RESULT_TOO_SMALL 101 -#define UI_R_UNKNOWN_CONTROL_COMMAND 106 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/openssl/ui_compat.h b/libressl/include64/openssl/ui_compat.h deleted file mode 100644 index 860e80c8..00000000 --- a/libressl/include64/openssl/ui_compat.h +++ /dev/null @@ -1,83 +0,0 @@ -/* $OpenBSD: ui_compat.h,v 1.4 2014/06/12 15:49:31 deraadt Exp $ */ -/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL - * project 2001. - */ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_UI_COMPAT_H -#define HEADER_UI_COMPAT_H - -#include <openssl/opensslconf.h> -#include <openssl/ui.h> - -#ifdef __cplusplus -extern "C" { -#endif - -/* The following functions were previously part of the DES section, - and are provided here for backward compatibility reasons. */ - -#define des_read_pw_string(b,l,p,v) \ - _ossl_old_des_read_pw_string((b),(l),(p),(v)) -#define des_read_pw(b,bf,s,p,v) \ - _ossl_old_des_read_pw((b),(bf),(s),(p),(v)) - -int _ossl_old_des_read_pw_string(char *buf, int length, const char *prompt, int verify); -int _ossl_old_des_read_pw(char *buf, char *buff, int size, const char *prompt, int verify); - -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/openssl/whrlpool.h b/libressl/include64/openssl/whrlpool.h deleted file mode 100644 index 875d34f7..00000000 --- a/libressl/include64/openssl/whrlpool.h +++ /dev/null @@ -1,41 +0,0 @@ -/* $OpenBSD: whrlpool.h,v 1.5 2014/07/10 22:45:58 jsing Exp $ */ - -#include <stddef.h> - -#ifndef HEADER_WHRLPOOL_H -#define HEADER_WHRLPOOL_H - -#include <openssl/opensslconf.h> - -#ifdef __cplusplus -extern "C" { -#endif - -#define WHIRLPOOL_DIGEST_LENGTH (512/8) -#define WHIRLPOOL_BBLOCK 512 -#define WHIRLPOOL_COUNTER (256/8) - -typedef struct { - union { - unsigned char c[WHIRLPOOL_DIGEST_LENGTH]; - /* double q is here to ensure 64-bit alignment */ - double q[WHIRLPOOL_DIGEST_LENGTH/sizeof(double)]; - } H; - unsigned char data[WHIRLPOOL_BBLOCK/8]; - unsigned int bitoff; - size_t bitlen[WHIRLPOOL_COUNTER/sizeof(size_t)]; - } WHIRLPOOL_CTX; - -#ifndef OPENSSL_NO_WHIRLPOOL -int WHIRLPOOL_Init (WHIRLPOOL_CTX *c); -int WHIRLPOOL_Update (WHIRLPOOL_CTX *c,const void *inp,size_t bytes); -void WHIRLPOOL_BitUpdate(WHIRLPOOL_CTX *c,const void *inp,size_t bits); -int WHIRLPOOL_Final (unsigned char *md,WHIRLPOOL_CTX *c); -unsigned char *WHIRLPOOL(const void *inp,size_t bytes,unsigned char *md); -#endif - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/libressl/include64/openssl/x509.h b/libressl/include64/openssl/x509.h deleted file mode 100644 index e30cbc0f..00000000 --- a/libressl/include64/openssl/x509.h +++ /dev/null @@ -1,1423 +0,0 @@ -/* $OpenBSD: x509.h,v 1.74 2018/08/24 20:26:03 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * ECDH support in OpenSSL originally developed by - * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. - */ - -#ifndef HEADER_X509_H -#define HEADER_X509_H - -#include <openssl/opensslconf.h> - -#ifndef OPENSSL_NO_BUFFER -#include <openssl/buffer.h> -#endif -#ifndef OPENSSL_NO_EVP -#include <openssl/evp.h> -#endif -#ifndef OPENSSL_NO_BIO -#include <openssl/bio.h> -#endif -#include <openssl/stack.h> -#include <openssl/asn1.h> -#include <openssl/safestack.h> - -#ifndef OPENSSL_NO_EC -#include <openssl/ec.h> -#endif - -#ifndef OPENSSL_NO_ECDSA -#include <openssl/ecdsa.h> -#endif - -#ifndef OPENSSL_NO_ECDH -#include <openssl/ecdh.h> -#endif - -#ifndef OPENSSL_NO_DEPRECATED -#ifndef OPENSSL_NO_RSA -#include <openssl/rsa.h> -#endif -#ifndef OPENSSL_NO_DSA -#include <openssl/dsa.h> -#endif -#ifndef OPENSSL_NO_DH -#include <openssl/dh.h> -#endif -#endif - -#ifndef OPENSSL_NO_SHA -#include <openssl/sha.h> -#endif -#include <openssl/ossl_typ.h> - -#ifdef __cplusplus -extern "C" { -#endif - -#if defined(_WIN32) && defined(__WINCRYPT_H__) -#ifndef LIBRESSL_INTERNAL -#ifdef _MSC_VER -#pragma message("Warning, overriding WinCrypt defines") -#else -#warning overriding WinCrypt defines -#endif -#endif -#undef X509_NAME -#undef X509_CERT_PAIR -#undef X509_EXTENSIONS -#endif - -#define X509_FILETYPE_PEM 1 -#define X509_FILETYPE_ASN1 2 -#define X509_FILETYPE_DEFAULT 3 - -#define X509v3_KU_DIGITAL_SIGNATURE 0x0080 -#define X509v3_KU_NON_REPUDIATION 0x0040 -#define X509v3_KU_KEY_ENCIPHERMENT 0x0020 -#define X509v3_KU_DATA_ENCIPHERMENT 0x0010 -#define X509v3_KU_KEY_AGREEMENT 0x0008 -#define X509v3_KU_KEY_CERT_SIGN 0x0004 -#define X509v3_KU_CRL_SIGN 0x0002 -#define X509v3_KU_ENCIPHER_ONLY 0x0001 -#define X509v3_KU_DECIPHER_ONLY 0x8000 -#define X509v3_KU_UNDEF 0xffff - -typedef struct X509_objects_st - { - int nid; - int (*a2i)(void); - int (*i2a)(void); - } X509_OBJECTS; - -struct X509_algor_st - { - ASN1_OBJECT *algorithm; - ASN1_TYPE *parameter; - } /* X509_ALGOR */; - - -typedef STACK_OF(X509_ALGOR) X509_ALGORS; - -typedef struct X509_val_st - { - ASN1_TIME *notBefore; - ASN1_TIME *notAfter; - } X509_VAL; - -struct X509_pubkey_st - { - X509_ALGOR *algor; - ASN1_BIT_STRING *public_key; - EVP_PKEY *pkey; - }; - -typedef struct X509_sig_st - { - X509_ALGOR *algor; - ASN1_OCTET_STRING *digest; - } X509_SIG; - -typedef struct X509_name_entry_st - { - ASN1_OBJECT *object; - ASN1_STRING *value; - int set; - int size; /* temp variable */ - } X509_NAME_ENTRY; - -DECLARE_STACK_OF(X509_NAME_ENTRY) - -/* we always keep X509_NAMEs in 2 forms. */ -struct X509_name_st - { - STACK_OF(X509_NAME_ENTRY) *entries; - int modified; /* true if 'bytes' needs to be built */ -#ifndef OPENSSL_NO_BUFFER - BUF_MEM *bytes; -#else - char *bytes; -#endif -/* unsigned long hash; Keep the hash around for lookups */ - unsigned char *canon_enc; - int canon_enclen; - } /* X509_NAME */; - -DECLARE_STACK_OF(X509_NAME) - -#define X509_EX_V_NETSCAPE_HACK 0x8000 -#define X509_EX_V_INIT 0x0001 -typedef struct X509_extension_st - { - ASN1_OBJECT *object; - ASN1_BOOLEAN critical; - ASN1_OCTET_STRING *value; - } X509_EXTENSION; - -typedef STACK_OF(X509_EXTENSION) X509_EXTENSIONS; - -DECLARE_STACK_OF(X509_EXTENSION) - -/* a sequence of these are used */ -typedef struct x509_attributes_st - { - ASN1_OBJECT *object; - int single; /* 0 for a set, 1 for a single item (which is wrong) */ - union { - char *ptr; -/* 0 */ STACK_OF(ASN1_TYPE) *set; -/* 1 */ ASN1_TYPE *single; - } value; - } X509_ATTRIBUTE; - -DECLARE_STACK_OF(X509_ATTRIBUTE) - - -typedef struct X509_req_info_st - { - ASN1_ENCODING enc; - ASN1_INTEGER *version; - X509_NAME *subject; - X509_PUBKEY *pubkey; - /* d=2 hl=2 l= 0 cons: cont: 00 */ - STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */ - } X509_REQ_INFO; - -typedef struct X509_req_st - { - X509_REQ_INFO *req_info; - X509_ALGOR *sig_alg; - ASN1_BIT_STRING *signature; - int references; - } X509_REQ; - -typedef struct x509_cinf_st - { - ASN1_INTEGER *version; /* [ 0 ] default of v1 */ - ASN1_INTEGER *serialNumber; - X509_ALGOR *signature; - X509_NAME *issuer; - X509_VAL *validity; - X509_NAME *subject; - X509_PUBKEY *key; - ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */ - ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */ - STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */ - ASN1_ENCODING enc; - } X509_CINF; - -/* This stuff is certificate "auxiliary info" - * it contains details which are useful in certificate - * stores and databases. When used this is tagged onto - * the end of the certificate itself - */ - -typedef struct x509_cert_aux_st - { - STACK_OF(ASN1_OBJECT) *trust; /* trusted uses */ - STACK_OF(ASN1_OBJECT) *reject; /* rejected uses */ - ASN1_UTF8STRING *alias; /* "friendly name" */ - ASN1_OCTET_STRING *keyid; /* key id of private key */ - STACK_OF(X509_ALGOR) *other; /* other unspecified info */ - } X509_CERT_AUX; - -struct x509_st - { - X509_CINF *cert_info; - X509_ALGOR *sig_alg; - ASN1_BIT_STRING *signature; - int valid; - int references; - char *name; - CRYPTO_EX_DATA ex_data; - /* These contain copies of various extension values */ - long ex_pathlen; - long ex_pcpathlen; - unsigned long ex_flags; - unsigned long ex_kusage; - unsigned long ex_xkusage; - unsigned long ex_nscert; - ASN1_OCTET_STRING *skid; - AUTHORITY_KEYID *akid; - X509_POLICY_CACHE *policy_cache; - STACK_OF(DIST_POINT) *crldp; - STACK_OF(GENERAL_NAME) *altname; - NAME_CONSTRAINTS *nc; -#ifndef OPENSSL_NO_SHA - unsigned char sha1_hash[SHA_DIGEST_LENGTH]; -#endif - X509_CERT_AUX *aux; - } /* X509 */; - -DECLARE_STACK_OF(X509) - -/* This is used for a table of trust checking functions */ - -typedef struct x509_trust_st { - int trust; - int flags; - int (*check_trust)(struct x509_trust_st *, X509 *, int); - char *name; - int arg1; - void *arg2; -} X509_TRUST; - -DECLARE_STACK_OF(X509_TRUST) - -typedef struct x509_cert_pair_st { - X509 *forward; - X509 *reverse; -} X509_CERT_PAIR; - -/* standard trust ids */ - -#define X509_TRUST_DEFAULT -1 /* Only valid in purpose settings */ - -#define X509_TRUST_COMPAT 1 -#define X509_TRUST_SSL_CLIENT 2 -#define X509_TRUST_SSL_SERVER 3 -#define X509_TRUST_EMAIL 4 -#define X509_TRUST_OBJECT_SIGN 5 -#define X509_TRUST_OCSP_SIGN 6 -#define X509_TRUST_OCSP_REQUEST 7 -#define X509_TRUST_TSA 8 - -/* Keep these up to date! */ -#define X509_TRUST_MIN 1 -#define X509_TRUST_MAX 8 - - -/* trust_flags values */ -#define X509_TRUST_DYNAMIC 1 -#define X509_TRUST_DYNAMIC_NAME 2 - -/* check_trust return codes */ - -#define X509_TRUST_TRUSTED 1 -#define X509_TRUST_REJECTED 2 -#define X509_TRUST_UNTRUSTED 3 - -/* Flags for X509_print_ex() */ - -#define X509_FLAG_COMPAT 0 -#define X509_FLAG_NO_HEADER 1L -#define X509_FLAG_NO_VERSION (1L << 1) -#define X509_FLAG_NO_SERIAL (1L << 2) -#define X509_FLAG_NO_SIGNAME (1L << 3) -#define X509_FLAG_NO_ISSUER (1L << 4) -#define X509_FLAG_NO_VALIDITY (1L << 5) -#define X509_FLAG_NO_SUBJECT (1L << 6) -#define X509_FLAG_NO_PUBKEY (1L << 7) -#define X509_FLAG_NO_EXTENSIONS (1L << 8) -#define X509_FLAG_NO_SIGDUMP (1L << 9) -#define X509_FLAG_NO_AUX (1L << 10) -#define X509_FLAG_NO_ATTRIBUTES (1L << 11) - -/* Flags specific to X509_NAME_print_ex() */ - -/* The field separator information */ - -#define XN_FLAG_SEP_MASK (0xf << 16) - -#define XN_FLAG_COMPAT 0 /* Traditional SSLeay: use old X509_NAME_print */ -#define XN_FLAG_SEP_COMMA_PLUS (1 << 16) /* RFC2253 ,+ */ -#define XN_FLAG_SEP_CPLUS_SPC (2 << 16) /* ,+ spaced: more readable */ -#define XN_FLAG_SEP_SPLUS_SPC (3 << 16) /* ;+ spaced */ -#define XN_FLAG_SEP_MULTILINE (4 << 16) /* One line per field */ - -#define XN_FLAG_DN_REV (1 << 20) /* Reverse DN order */ - -/* How the field name is shown */ - -#define XN_FLAG_FN_MASK (0x3 << 21) - -#define XN_FLAG_FN_SN 0 /* Object short name */ -#define XN_FLAG_FN_LN (1 << 21) /* Object long name */ -#define XN_FLAG_FN_OID (2 << 21) /* Always use OIDs */ -#define XN_FLAG_FN_NONE (3 << 21) /* No field names */ - -#define XN_FLAG_SPC_EQ (1 << 23) /* Put spaces round '=' */ - -/* This determines if we dump fields we don't recognise: - * RFC2253 requires this. - */ - -#define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24) - -#define XN_FLAG_FN_ALIGN (1 << 25) /* Align field names to 20 characters */ - -/* Complete set of RFC2253 flags */ - -#define XN_FLAG_RFC2253 (ASN1_STRFLGS_RFC2253 | \ - XN_FLAG_SEP_COMMA_PLUS | \ - XN_FLAG_DN_REV | \ - XN_FLAG_FN_SN | \ - XN_FLAG_DUMP_UNKNOWN_FIELDS) - -/* readable oneline form */ - -#define XN_FLAG_ONELINE (ASN1_STRFLGS_RFC2253 | \ - ASN1_STRFLGS_ESC_QUOTE | \ - XN_FLAG_SEP_CPLUS_SPC | \ - XN_FLAG_SPC_EQ | \ - XN_FLAG_FN_SN) - -/* readable multiline form */ - -#define XN_FLAG_MULTILINE (ASN1_STRFLGS_ESC_CTRL | \ - ASN1_STRFLGS_ESC_MSB | \ - XN_FLAG_SEP_MULTILINE | \ - XN_FLAG_SPC_EQ | \ - XN_FLAG_FN_LN | \ - XN_FLAG_FN_ALIGN) - -struct x509_revoked_st - { - ASN1_INTEGER *serialNumber; - ASN1_TIME *revocationDate; - STACK_OF(X509_EXTENSION) /* optional */ *extensions; - /* Set up if indirect CRL */ - STACK_OF(GENERAL_NAME) *issuer; - /* Revocation reason */ - int reason; - int sequence; /* load sequence */ - }; - -DECLARE_STACK_OF(X509_REVOKED) - -typedef struct X509_crl_info_st - { - ASN1_INTEGER *version; - X509_ALGOR *sig_alg; - X509_NAME *issuer; - ASN1_TIME *lastUpdate; - ASN1_TIME *nextUpdate; - STACK_OF(X509_REVOKED) *revoked; - STACK_OF(X509_EXTENSION) /* [0] */ *extensions; - ASN1_ENCODING enc; - } X509_CRL_INFO; - -struct X509_crl_st - { - /* actual signature */ - X509_CRL_INFO *crl; - X509_ALGOR *sig_alg; - ASN1_BIT_STRING *signature; - int references; - int flags; - /* Copies of various extensions */ - AUTHORITY_KEYID *akid; - ISSUING_DIST_POINT *idp; - /* Convenient breakdown of IDP */ - int idp_flags; - int idp_reasons; - /* CRL and base CRL numbers for delta processing */ - ASN1_INTEGER *crl_number; - ASN1_INTEGER *base_crl_number; -#ifndef OPENSSL_NO_SHA - unsigned char sha1_hash[SHA_DIGEST_LENGTH]; -#endif - STACK_OF(GENERAL_NAMES) *issuers; - const X509_CRL_METHOD *meth; - void *meth_data; - } /* X509_CRL */; - -DECLARE_STACK_OF(X509_CRL) - -typedef struct private_key_st - { - int version; - /* The PKCS#8 data types */ - X509_ALGOR *enc_algor; - ASN1_OCTET_STRING *enc_pkey; /* encrypted pub key */ - - /* When decrypted, the following will not be NULL */ - EVP_PKEY *dec_pkey; - - /* used to encrypt and decrypt */ - int key_length; - char *key_data; - int key_free; /* true if we should auto free key_data */ - - /* expanded version of 'enc_algor' */ - EVP_CIPHER_INFO cipher; - - int references; - } X509_PKEY; - -#ifndef OPENSSL_NO_EVP -typedef struct X509_info_st - { - X509 *x509; - X509_CRL *crl; - X509_PKEY *x_pkey; - - EVP_CIPHER_INFO enc_cipher; - int enc_len; - char *enc_data; - - int references; - } X509_INFO; - -DECLARE_STACK_OF(X509_INFO) -#endif - -/* The next 2 structures and their 8 routines were sent to me by - * Pat Richard <patr@x509.com> and are used to manipulate - * Netscapes spki structures - useful if you are writing a CA web page - */ -typedef struct Netscape_spkac_st - { - X509_PUBKEY *pubkey; - ASN1_IA5STRING *challenge; /* challenge sent in atlas >= PR2 */ - } NETSCAPE_SPKAC; - -typedef struct Netscape_spki_st - { - NETSCAPE_SPKAC *spkac; /* signed public key and challenge */ - X509_ALGOR *sig_algor; - ASN1_BIT_STRING *signature; - } NETSCAPE_SPKI; - -/* Netscape certificate sequence structure */ -typedef struct Netscape_certificate_sequence - { - ASN1_OBJECT *type; - STACK_OF(X509) *certs; - } NETSCAPE_CERT_SEQUENCE; - -/* Unused (and iv length is wrong) -typedef struct CBCParameter_st - { - unsigned char iv[8]; - } CBC_PARAM; -*/ - -/* Password based encryption structure */ - -typedef struct PBEPARAM_st { -ASN1_OCTET_STRING *salt; -ASN1_INTEGER *iter; -} PBEPARAM; - -/* Password based encryption V2 structures */ - -typedef struct PBE2PARAM_st { -X509_ALGOR *keyfunc; -X509_ALGOR *encryption; -} PBE2PARAM; - -typedef struct PBKDF2PARAM_st { -ASN1_TYPE *salt; /* Usually OCTET STRING but could be anything */ -ASN1_INTEGER *iter; -ASN1_INTEGER *keylength; -X509_ALGOR *prf; -} PBKDF2PARAM; - - -/* PKCS#8 private key info structure */ - -struct pkcs8_priv_key_info_st { - ASN1_INTEGER *version; - X509_ALGOR *pkeyalg; - ASN1_OCTET_STRING *pkey; - STACK_OF(X509_ATTRIBUTE) *attributes; -}; - -#ifdef __cplusplus -} -#endif - -#include <openssl/x509_vfy.h> -#include <openssl/pkcs7.h> - -#ifdef __cplusplus -extern "C" { -#endif - -#define X509_EXT_PACK_UNKNOWN 1 -#define X509_EXT_PACK_STRING 2 - -#define X509_extract_key(x) X509_get_pubkey(x) /*****/ -#define X509_REQ_extract_key(a) X509_REQ_get_pubkey(a) -#define X509_name_cmp(a,b) X509_NAME_cmp((a),(b)) - -int X509_CRL_up_ref(X509_CRL *x); -int X509_CRL_get_signature_nid(const X509_CRL *crl); - -const STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(const X509_CRL *crl); -long X509_CRL_get_version(const X509_CRL *crl); -const ASN1_TIME *X509_CRL_get0_lastUpdate(const X509_CRL *crl); -const ASN1_TIME *X509_CRL_get0_nextUpdate(const X509_CRL *crl); -ASN1_TIME *X509_CRL_get_lastUpdate(X509_CRL *crl); -ASN1_TIME *X509_CRL_get_nextUpdate(X509_CRL *crl); -X509_NAME *X509_CRL_get_issuer(const X509_CRL *crl); -STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl); -void X509_CRL_get0_signature(const X509_CRL *crl, const ASN1_BIT_STRING **psig, - const X509_ALGOR **palg); - -int X509_REQ_get_signature_nid(const X509_REQ *req); - -void X509_REQ_get0_signature(const X509_REQ *req, const ASN1_BIT_STRING **psig, - const X509_ALGOR **palg); - -void X509_CRL_set_default_method(const X509_CRL_METHOD *meth); -X509_CRL_METHOD *X509_CRL_METHOD_new( - int (*crl_init)(X509_CRL *crl), - int (*crl_free)(X509_CRL *crl), - int (*crl_lookup)(X509_CRL *crl, X509_REVOKED **ret, - ASN1_INTEGER *ser, X509_NAME *issuer), - int (*crl_verify)(X509_CRL *crl, EVP_PKEY *pk)); -void X509_CRL_METHOD_free(X509_CRL_METHOD *m); - -void X509_CRL_set_meth_data(X509_CRL *crl, void *dat); -void *X509_CRL_get_meth_data(X509_CRL *crl); - -/* This one is only used so that a binary form can output, as in - * i2d_X509_NAME(X509_get_X509_PUBKEY(x),&buf) */ -#define X509_get_X509_PUBKEY(x) ((x)->cert_info->key) - - -const char *X509_verify_cert_error_string(long n); - -#ifndef OPENSSL_NO_EVP -int X509_verify(X509 *a, EVP_PKEY *r); - -int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r); -int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r); -int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r); - -NETSCAPE_SPKI * NETSCAPE_SPKI_b64_decode(const char *str, int len); -char * NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *x); -EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *x); -int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey); - -int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki); - -int X509_signature_dump(BIO *bp, const ASN1_STRING *sig, int indent); -int X509_signature_print(BIO *bp, const X509_ALGOR *alg, - const ASN1_STRING *sig); - -int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md); -int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx); -int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md); -int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx); -int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md); -int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx); -int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md); - -int X509_pubkey_digest(const X509 *data,const EVP_MD *type, - unsigned char *md, unsigned int *len); -int X509_digest(const X509 *data,const EVP_MD *type, - unsigned char *md, unsigned int *len); -int X509_CRL_digest(const X509_CRL *data,const EVP_MD *type, - unsigned char *md, unsigned int *len); -int X509_REQ_digest(const X509_REQ *data,const EVP_MD *type, - unsigned char *md, unsigned int *len); -int X509_NAME_digest(const X509_NAME *data,const EVP_MD *type, - unsigned char *md, unsigned int *len); -#endif - -X509 *d2i_X509_fp(FILE *fp, X509 **x509); -int i2d_X509_fp(FILE *fp,X509 *x509); -X509_CRL *d2i_X509_CRL_fp(FILE *fp,X509_CRL **crl); -int i2d_X509_CRL_fp(FILE *fp,X509_CRL *crl); -X509_REQ *d2i_X509_REQ_fp(FILE *fp,X509_REQ **req); -int i2d_X509_REQ_fp(FILE *fp,X509_REQ *req); -#ifndef OPENSSL_NO_RSA -RSA *d2i_RSAPrivateKey_fp(FILE *fp,RSA **rsa); -int i2d_RSAPrivateKey_fp(FILE *fp,RSA *rsa); -RSA *d2i_RSAPublicKey_fp(FILE *fp,RSA **rsa); -int i2d_RSAPublicKey_fp(FILE *fp,RSA *rsa); -RSA *d2i_RSA_PUBKEY_fp(FILE *fp,RSA **rsa); -int i2d_RSA_PUBKEY_fp(FILE *fp,RSA *rsa); -#endif -#ifndef OPENSSL_NO_DSA -DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa); -int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa); -int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa); -#endif -#ifndef OPENSSL_NO_EC -EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey); -int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey); -EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey); -int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey); -#endif -X509_SIG *d2i_PKCS8_fp(FILE *fp,X509_SIG **p8); -int i2d_PKCS8_fp(FILE *fp,X509_SIG *p8); -PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, - PKCS8_PRIV_KEY_INFO **p8inf); -int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,PKCS8_PRIV_KEY_INFO *p8inf); -int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key); -int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey); -EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a); -int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey); -EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a); - -#ifndef OPENSSL_NO_BIO -X509 *d2i_X509_bio(BIO *bp,X509 **x509); -int i2d_X509_bio(BIO *bp,X509 *x509); -X509_CRL *d2i_X509_CRL_bio(BIO *bp,X509_CRL **crl); -int i2d_X509_CRL_bio(BIO *bp,X509_CRL *crl); -X509_REQ *d2i_X509_REQ_bio(BIO *bp,X509_REQ **req); -int i2d_X509_REQ_bio(BIO *bp,X509_REQ *req); -#ifndef OPENSSL_NO_RSA -RSA *d2i_RSAPrivateKey_bio(BIO *bp,RSA **rsa); -int i2d_RSAPrivateKey_bio(BIO *bp,RSA *rsa); -RSA *d2i_RSAPublicKey_bio(BIO *bp,RSA **rsa); -int i2d_RSAPublicKey_bio(BIO *bp,RSA *rsa); -RSA *d2i_RSA_PUBKEY_bio(BIO *bp,RSA **rsa); -int i2d_RSA_PUBKEY_bio(BIO *bp,RSA *rsa); -#endif -#ifndef OPENSSL_NO_DSA -DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa); -int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa); -DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa); -int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa); -#endif -#ifndef OPENSSL_NO_EC -EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey); -int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *eckey); -EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey); -int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey); -#endif -X509_SIG *d2i_PKCS8_bio(BIO *bp,X509_SIG **p8); -int i2d_PKCS8_bio(BIO *bp,X509_SIG *p8); -PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, - PKCS8_PRIV_KEY_INFO **p8inf); -int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,PKCS8_PRIV_KEY_INFO *p8inf); -int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key); -int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey); -EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a); -int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey); -EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a); -#endif - -X509 *X509_dup(X509 *x509); -X509_ATTRIBUTE *X509_ATTRIBUTE_dup(X509_ATTRIBUTE *xa); -X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex); -X509_CRL *X509_CRL_dup(X509_CRL *crl); -X509_REQ *X509_REQ_dup(X509_REQ *req); -X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn); -int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval); -void X509_ALGOR_get0(const ASN1_OBJECT **paobj, int *pptype, const void **ppval, - const X509_ALGOR *algor); -void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md); -int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b); - -X509_NAME *X509_NAME_dup(X509_NAME *xn); -int X509_NAME_get0_der(X509_NAME *nm, const unsigned char **pder, size_t *pderlen); -X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne); - -int X509_cmp_time(const ASN1_TIME *s, time_t *t); -int X509_cmp_current_time(const ASN1_TIME *s); -ASN1_TIME * X509_time_adj(ASN1_TIME *s, long adj, time_t *t); -ASN1_TIME * X509_time_adj_ex(ASN1_TIME *s, - int offset_day, long offset_sec, time_t *t); -ASN1_TIME * X509_gmtime_adj(ASN1_TIME *s, long adj); - -const char * X509_get_default_cert_area(void ); -const char * X509_get_default_cert_dir(void ); -const char * X509_get_default_cert_file(void ); -const char * X509_get_default_cert_dir_env(void ); -const char * X509_get_default_cert_file_env(void ); -const char * X509_get_default_private_dir(void ); - -X509_REQ * X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md); -X509 * X509_REQ_to_X509(X509_REQ *r, int days,EVP_PKEY *pkey); - -X509_ALGOR *X509_ALGOR_new(void); -void X509_ALGOR_free(X509_ALGOR *a); -X509_ALGOR *d2i_X509_ALGOR(X509_ALGOR **a, const unsigned char **in, long len); -int i2d_X509_ALGOR(X509_ALGOR *a, unsigned char **out); -extern const ASN1_ITEM X509_ALGOR_it; -X509_ALGORS *d2i_X509_ALGORS(X509_ALGORS **a, const unsigned char **in, long len); -int i2d_X509_ALGORS(X509_ALGORS *a, unsigned char **out); -extern const ASN1_ITEM X509_ALGORS_it; -X509_VAL *X509_VAL_new(void); -void X509_VAL_free(X509_VAL *a); -X509_VAL *d2i_X509_VAL(X509_VAL **a, const unsigned char **in, long len); -int i2d_X509_VAL(X509_VAL *a, unsigned char **out); -extern const ASN1_ITEM X509_VAL_it; - -X509_PUBKEY *X509_PUBKEY_new(void); -void X509_PUBKEY_free(X509_PUBKEY *a); -X509_PUBKEY *d2i_X509_PUBKEY(X509_PUBKEY **a, const unsigned char **in, long len); -int i2d_X509_PUBKEY(X509_PUBKEY *a, unsigned char **out); -extern const ASN1_ITEM X509_PUBKEY_it; - -int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey); -EVP_PKEY * X509_PUBKEY_get(X509_PUBKEY *key); -EVP_PKEY * X509_PUBKEY_get0(X509_PUBKEY *key); -int X509_get_pubkey_parameters(EVP_PKEY *pkey, - STACK_OF(X509) *chain); -int i2d_PUBKEY(EVP_PKEY *a,unsigned char **pp); -EVP_PKEY * d2i_PUBKEY(EVP_PKEY **a,const unsigned char **pp, - long length); -#ifndef OPENSSL_NO_RSA -int i2d_RSA_PUBKEY(RSA *a,unsigned char **pp); -RSA * d2i_RSA_PUBKEY(RSA **a,const unsigned char **pp, - long length); -#endif -#ifndef OPENSSL_NO_DSA -int i2d_DSA_PUBKEY(DSA *a,unsigned char **pp); -DSA * d2i_DSA_PUBKEY(DSA **a,const unsigned char **pp, - long length); -#endif -#ifndef OPENSSL_NO_EC -int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp); -EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, - long length); -#endif - -X509_SIG *X509_SIG_new(void); -void X509_SIG_free(X509_SIG *a); -X509_SIG *d2i_X509_SIG(X509_SIG **a, const unsigned char **in, long len); -int i2d_X509_SIG(X509_SIG *a, unsigned char **out); -extern const ASN1_ITEM X509_SIG_it; -X509_REQ_INFO *X509_REQ_INFO_new(void); -void X509_REQ_INFO_free(X509_REQ_INFO *a); -X509_REQ_INFO *d2i_X509_REQ_INFO(X509_REQ_INFO **a, const unsigned char **in, long len); -int i2d_X509_REQ_INFO(X509_REQ_INFO *a, unsigned char **out); -extern const ASN1_ITEM X509_REQ_INFO_it; -X509_REQ *X509_REQ_new(void); -void X509_REQ_free(X509_REQ *a); -X509_REQ *d2i_X509_REQ(X509_REQ **a, const unsigned char **in, long len); -int i2d_X509_REQ(X509_REQ *a, unsigned char **out); -extern const ASN1_ITEM X509_REQ_it; - -X509_ATTRIBUTE *X509_ATTRIBUTE_new(void); -void X509_ATTRIBUTE_free(X509_ATTRIBUTE *a); -X509_ATTRIBUTE *d2i_X509_ATTRIBUTE(X509_ATTRIBUTE **a, const unsigned char **in, long len); -int i2d_X509_ATTRIBUTE(X509_ATTRIBUTE *a, unsigned char **out); -extern const ASN1_ITEM X509_ATTRIBUTE_it; -X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value); - -X509_EXTENSION *X509_EXTENSION_new(void); -void X509_EXTENSION_free(X509_EXTENSION *a); -X509_EXTENSION *d2i_X509_EXTENSION(X509_EXTENSION **a, const unsigned char **in, long len); -int i2d_X509_EXTENSION(X509_EXTENSION *a, unsigned char **out); -extern const ASN1_ITEM X509_EXTENSION_it; -X509_EXTENSIONS *d2i_X509_EXTENSIONS(X509_EXTENSIONS **a, const unsigned char **in, long len); -int i2d_X509_EXTENSIONS(X509_EXTENSIONS *a, unsigned char **out); -extern const ASN1_ITEM X509_EXTENSIONS_it; - -X509_NAME_ENTRY *X509_NAME_ENTRY_new(void); -void X509_NAME_ENTRY_free(X509_NAME_ENTRY *a); -X509_NAME_ENTRY *d2i_X509_NAME_ENTRY(X509_NAME_ENTRY **a, const unsigned char **in, long len); -int i2d_X509_NAME_ENTRY(X509_NAME_ENTRY *a, unsigned char **out); -extern const ASN1_ITEM X509_NAME_ENTRY_it; - -X509_NAME *X509_NAME_new(void); -void X509_NAME_free(X509_NAME *a); -X509_NAME *d2i_X509_NAME(X509_NAME **a, const unsigned char **in, long len); -int i2d_X509_NAME(X509_NAME *a, unsigned char **out); -extern const ASN1_ITEM X509_NAME_it; - -int X509_NAME_set(X509_NAME **xn, X509_NAME *name); - -X509_CINF *X509_CINF_new(void); -void X509_CINF_free(X509_CINF *a); -X509_CINF *d2i_X509_CINF(X509_CINF **a, const unsigned char **in, long len); -int i2d_X509_CINF(X509_CINF *a, unsigned char **out); -extern const ASN1_ITEM X509_CINF_it; - -X509 *X509_new(void); -void X509_free(X509 *a); -X509 *d2i_X509(X509 **a, const unsigned char **in, long len); -int i2d_X509(X509 *a, unsigned char **out); -extern const ASN1_ITEM X509_it; -X509_CERT_AUX *X509_CERT_AUX_new(void); -void X509_CERT_AUX_free(X509_CERT_AUX *a); -X509_CERT_AUX *d2i_X509_CERT_AUX(X509_CERT_AUX **a, const unsigned char **in, long len); -int i2d_X509_CERT_AUX(X509_CERT_AUX *a, unsigned char **out); -extern const ASN1_ITEM X509_CERT_AUX_it; - -X509_CERT_PAIR *X509_CERT_PAIR_new(void); -void X509_CERT_PAIR_free(X509_CERT_PAIR *a); -X509_CERT_PAIR *d2i_X509_CERT_PAIR(X509_CERT_PAIR **a, const unsigned char **in, long len); -int i2d_X509_CERT_PAIR(X509_CERT_PAIR *a, unsigned char **out); -extern const ASN1_ITEM X509_CERT_PAIR_it; - -int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -int X509_set_ex_data(X509 *r, int idx, void *arg); -void *X509_get_ex_data(X509 *r, int idx); -int i2d_X509_AUX(X509 *a,unsigned char **pp); -X509 * d2i_X509_AUX(X509 **a,const unsigned char **pp,long length); -void X509_get0_signature(const ASN1_BIT_STRING **psig, - const X509_ALGOR **palg, const X509 *x); -int X509_get_signature_nid(const X509 *x); - -int X509_alias_set1(X509 *x, const unsigned char *name, int len); -int X509_keyid_set1(X509 *x, const unsigned char *id, int len); -unsigned char *X509_alias_get0(X509 *x, int *len); -unsigned char *X509_keyid_get0(X509 *x, int *len); -int (*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int); -int X509_TRUST_set(int *t, int trust); -int X509_add1_trust_object(X509 *x, const ASN1_OBJECT *obj); -int X509_add1_reject_object(X509 *x, const ASN1_OBJECT *obj); -void X509_trust_clear(X509 *x); -void X509_reject_clear(X509 *x); - -X509_REVOKED *X509_REVOKED_new(void); -void X509_REVOKED_free(X509_REVOKED *a); -X509_REVOKED *X509_REVOKED_dup(X509_REVOKED *a); -X509_REVOKED *d2i_X509_REVOKED(X509_REVOKED **a, const unsigned char **in, long len); -int i2d_X509_REVOKED(X509_REVOKED *a, unsigned char **out); -extern const ASN1_ITEM X509_REVOKED_it; - -X509_CRL_INFO *X509_CRL_INFO_new(void); -void X509_CRL_INFO_free(X509_CRL_INFO *a); -X509_CRL_INFO *d2i_X509_CRL_INFO(X509_CRL_INFO **a, const unsigned char **in, long len); -int i2d_X509_CRL_INFO(X509_CRL_INFO *a, unsigned char **out); -extern const ASN1_ITEM X509_CRL_INFO_it; - -X509_CRL *X509_CRL_new(void); -void X509_CRL_free(X509_CRL *a); -X509_CRL *d2i_X509_CRL(X509_CRL **a, const unsigned char **in, long len); -int i2d_X509_CRL(X509_CRL *a, unsigned char **out); -extern const ASN1_ITEM X509_CRL_it; - -int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev); -int X509_CRL_get0_by_serial(X509_CRL *crl, - X509_REVOKED **ret, ASN1_INTEGER *serial); -int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x); - -X509_PKEY * X509_PKEY_new(void ); -void X509_PKEY_free(X509_PKEY *a); - -NETSCAPE_SPKI *NETSCAPE_SPKI_new(void); -void NETSCAPE_SPKI_free(NETSCAPE_SPKI *a); -NETSCAPE_SPKI *d2i_NETSCAPE_SPKI(NETSCAPE_SPKI **a, const unsigned char **in, long len); -int i2d_NETSCAPE_SPKI(NETSCAPE_SPKI *a, unsigned char **out); -extern const ASN1_ITEM NETSCAPE_SPKI_it; -NETSCAPE_SPKAC *NETSCAPE_SPKAC_new(void); -void NETSCAPE_SPKAC_free(NETSCAPE_SPKAC *a); -NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(NETSCAPE_SPKAC **a, const unsigned char **in, long len); -int i2d_NETSCAPE_SPKAC(NETSCAPE_SPKAC *a, unsigned char **out); -extern const ASN1_ITEM NETSCAPE_SPKAC_it; -NETSCAPE_CERT_SEQUENCE *NETSCAPE_CERT_SEQUENCE_new(void); -void NETSCAPE_CERT_SEQUENCE_free(NETSCAPE_CERT_SEQUENCE *a); -NETSCAPE_CERT_SEQUENCE *d2i_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE **a, const unsigned char **in, long len); -int i2d_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE *a, unsigned char **out); -extern const ASN1_ITEM NETSCAPE_CERT_SEQUENCE_it; - -#ifndef OPENSSL_NO_EVP -X509_INFO * X509_INFO_new(void); -void X509_INFO_free(X509_INFO *a); -char * X509_NAME_oneline(const X509_NAME *a, char *buf, int size); - -int ASN1_item_digest(const ASN1_ITEM *it,const EVP_MD *type,void *data, - unsigned char *md,unsigned int *len); - -int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *algor1, - ASN1_BIT_STRING *signature,void *data,EVP_PKEY *pkey); - -int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, - ASN1_BIT_STRING *signature, - void *data, EVP_PKEY *pkey, const EVP_MD *type); -int ASN1_item_sign_ctx(const ASN1_ITEM *it, - X509_ALGOR *algor1, X509_ALGOR *algor2, - ASN1_BIT_STRING *signature, void *asn, EVP_MD_CTX *ctx); -#endif - -const STACK_OF(X509_EXTENSION) *X509_get0_extensions(const X509 *x); -const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x); -int X509_set_version(X509 *x, long version); -long X509_get_version(const X509 *x); -int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial); -ASN1_INTEGER * X509_get_serialNumber(X509 *x); -const ASN1_INTEGER *X509_get0_serialNumber(const X509 *x); -int X509_set_issuer_name(X509 *x, X509_NAME *name); -X509_NAME * X509_get_issuer_name(const X509 *a); -int X509_set_subject_name(X509 *x, X509_NAME *name); -X509_NAME * X509_get_subject_name(const X509 *a); -int X509_set_notBefore(X509 *x, const ASN1_TIME *tm); -int X509_set1_notBefore(X509 *x, const ASN1_TIME *tm); -int X509_set_notAfter(X509 *x, const ASN1_TIME *tm); -int X509_set1_notAfter(X509 *x, const ASN1_TIME *tm); -const ASN1_TIME *X509_get0_notBefore(const X509 *x); -ASN1_TIME *X509_getm_notBefore(const X509 *x); -const ASN1_TIME *X509_get0_notAfter(const X509 *x); -ASN1_TIME *X509_getm_notAfter(const X509 *x); -int X509_set_pubkey(X509 *x, EVP_PKEY *pkey); -EVP_PKEY * X509_get_pubkey(X509 *x); -EVP_PKEY * X509_get0_pubkey(const X509 *x); -ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x); -int X509_certificate_type(const X509 *x, const EVP_PKEY *pubkey); -int X509_get_signature_type(const X509 *x); - -#define X509_get_notBefore X509_getm_notBefore -#define X509_get_notAfter X509_getm_notAfter - -int X509_REQ_set_version(X509_REQ *x,long version); -long X509_REQ_get_version(const X509_REQ *x); -int X509_REQ_set_subject_name(X509_REQ *req, X509_NAME *name); -X509_NAME *X509_REQ_get_subject_name(const X509_REQ *x); -int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey); -EVP_PKEY * X509_REQ_get_pubkey(X509_REQ *req); -int X509_REQ_extension_nid(int nid); -int * X509_REQ_get_extension_nids(void); -void X509_REQ_set_extension_nids(int *nids); -STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req); -int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts, - int nid); -int X509_REQ_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts); -int X509_REQ_get_attr_count(const X509_REQ *req); -int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid, - int lastpos); -int X509_REQ_get_attr_by_OBJ(const X509_REQ *req, const ASN1_OBJECT *obj, - int lastpos); -X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc); -X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc); -int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr); -int X509_REQ_add1_attr_by_OBJ(X509_REQ *req, - const ASN1_OBJECT *obj, int type, - const unsigned char *bytes, int len); -int X509_REQ_add1_attr_by_NID(X509_REQ *req, - int nid, int type, - const unsigned char *bytes, int len); -int X509_REQ_add1_attr_by_txt(X509_REQ *req, - const char *attrname, int type, - const unsigned char *bytes, int len); - -int X509_CRL_set_version(X509_CRL *x, long version); -int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name); -int X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm); -int X509_CRL_set1_lastUpdate(X509_CRL *x, const ASN1_TIME *tm); -int X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm); -int X509_CRL_set1_nextUpdate(X509_CRL *x, const ASN1_TIME *tm); -int X509_CRL_sort(X509_CRL *crl); - -const STACK_OF(X509_EXTENSION) *X509_REVOKED_get0_extensions(const X509_REVOKED *x); -const ASN1_TIME *X509_REVOKED_get0_revocationDate(const X509_REVOKED *x); -const ASN1_INTEGER *X509_REVOKED_get0_serialNumber(const X509_REVOKED *x); -int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm); -int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial); - -int X509_REQ_check_private_key(X509_REQ *x509,EVP_PKEY *pkey); - -int X509_check_private_key(const X509 *x509, const EVP_PKEY *pkey); - -int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b); -unsigned long X509_issuer_and_serial_hash(X509 *a); - -int X509_issuer_name_cmp(const X509 *a, const X509 *b); -unsigned long X509_issuer_name_hash(X509 *a); - -int X509_subject_name_cmp(const X509 *a, const X509 *b); -unsigned long X509_subject_name_hash(X509 *x); - -#ifndef OPENSSL_NO_MD5 -unsigned long X509_issuer_name_hash_old(X509 *a); -unsigned long X509_subject_name_hash_old(X509 *x); -#endif - -int X509_cmp(const X509 *a, const X509 *b); -int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b); -unsigned long X509_NAME_hash(X509_NAME *x); -unsigned long X509_NAME_hash_old(X509_NAME *x); - -int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b); -int X509_CRL_match(const X509_CRL *a, const X509_CRL *b); -int X509_print_ex_fp(FILE *bp,X509 *x, unsigned long nmflag, unsigned long cflag); -int X509_print_fp(FILE *bp,X509 *x); -int X509_CRL_print_fp(FILE *bp,X509_CRL *x); -int X509_REQ_print_fp(FILE *bp,X509_REQ *req); -int X509_NAME_print_ex_fp(FILE *fp, const X509_NAME *nm, int indent, - unsigned long flags); - -#ifndef OPENSSL_NO_BIO -int X509_NAME_print(BIO *bp, const X509_NAME *name, int obase); -int X509_NAME_print_ex(BIO *out, const X509_NAME *nm, int indent, - unsigned long flags); -int X509_print_ex(BIO *bp,X509 *x, unsigned long nmflag, unsigned long cflag); -int X509_print(BIO *bp,X509 *x); -int X509_ocspid_print(BIO *bp,X509 *x); -int X509_CERT_AUX_print(BIO *bp,X509_CERT_AUX *x, int indent); -int X509_CRL_print(BIO *bp,X509_CRL *x); -int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflag, unsigned long cflag); -int X509_REQ_print(BIO *bp,X509_REQ *req); -#endif - -int X509_NAME_entry_count(const X509_NAME *name); -int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, - char *buf,int len); -int X509_NAME_get_text_by_OBJ(X509_NAME *name, - const ASN1_OBJECT *obj, char *buf,int len); - -/* NOTE: you should be passsing -1, not 0 as lastpos. The functions that use - * lastpos, search after that position on. */ -int X509_NAME_get_index_by_NID(const X509_NAME *name, int nid, - int lastpos); -int X509_NAME_get_index_by_OBJ(const X509_NAME *name, - const ASN1_OBJECT *obj, int lastpos); -X509_NAME_ENTRY *X509_NAME_get_entry(const X509_NAME *name, int loc); -X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc); -int X509_NAME_add_entry(X509_NAME *name, const X509_NAME_ENTRY *ne, - int loc, int set); -int X509_NAME_add_entry_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, - int type, const unsigned char *bytes, int len, int loc, int set); -int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type, - const unsigned char *bytes, int len, int loc, int set); -X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, - const char *field, int type, const unsigned char *bytes, int len); -X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, - int type, const unsigned char *bytes, int len); -int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type, - const unsigned char *bytes, int len, int loc, int set); -X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne, - const ASN1_OBJECT *obj, int type, - const unsigned char *bytes, int len); -int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, - const ASN1_OBJECT *obj); -int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, - const unsigned char *bytes, int len); -ASN1_OBJECT * X509_NAME_ENTRY_get_object(const X509_NAME_ENTRY *ne); -ASN1_STRING * X509_NAME_ENTRY_get_data(const X509_NAME_ENTRY *ne); -int X509_NAME_ENTRY_set(const X509_NAME_ENTRY *ne); - -int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x); -int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x, - int nid, int lastpos); -int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x, - const ASN1_OBJECT *obj, int lastpos); -int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x, - int crit, int lastpos); -X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc); -X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc); -STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, - X509_EXTENSION *ex, int loc); - -int X509_get_ext_count(const X509 *x); -int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos); -int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, - int lastpos); -int X509_get_ext_by_critical(const X509 *x, int crit, int lastpos); -X509_EXTENSION *X509_get_ext(const X509 *x, int loc); -X509_EXTENSION *X509_delete_ext(X509 *x, int loc); -int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc); -void * X509_get_ext_d2i(const X509 *x, int nid, int *crit, int *idx); -int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit, - unsigned long flags); - -int X509_CRL_get_ext_count(const X509_CRL *x); -int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, - int lastpos); -int X509_CRL_get_ext_by_OBJ(const X509_CRL *x, - const ASN1_OBJECT *obj, int lastpos); -int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, - int lastpos); -X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc); -X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc); -int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc); -void * X509_CRL_get_ext_d2i(const X509_CRL *x, int nid, int *crit, - int *idx); -int X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value, - int crit, unsigned long flags); - -int X509_REVOKED_get_ext_count(const X509_REVOKED *x); -int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, - int lastpos); -int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, - const ASN1_OBJECT *obj, int lastpos); -int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, - int crit, int lastpos); -X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, int loc); -X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc); -int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, - int loc); -void * X509_REVOKED_get_ext_d2i(const X509_REVOKED *x, int nid, - int *crit, int *idx); -int X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid, void *value, - int crit, unsigned long flags); - -X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, - int nid, int crit, ASN1_OCTET_STRING *data); -X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex, - const ASN1_OBJECT *obj, int crit, ASN1_OCTET_STRING *data); -int X509_EXTENSION_set_object(X509_EXTENSION *ex, - const ASN1_OBJECT *obj); -int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit); -int X509_EXTENSION_set_data(X509_EXTENSION *ex, - ASN1_OCTET_STRING *data); -ASN1_OBJECT * X509_EXTENSION_get_object(X509_EXTENSION *ex); -ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne); -int X509_EXTENSION_get_critical(const X509_EXTENSION *ex); - -int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x); -int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid, - int lastpos); -int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, - const ASN1_OBJECT *obj, int lastpos); -X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc); -X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc); -STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x, - X509_ATTRIBUTE *attr); -STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x, - const ASN1_OBJECT *obj, int type, - const unsigned char *bytes, int len); -STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x, - int nid, int type, - const unsigned char *bytes, int len); -STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x, - const char *attrname, int type, - const unsigned char *bytes, int len); -void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x, - const ASN1_OBJECT *obj, int lastpos, int type); -X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, - int atrtype, const void *data, int len); -X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr, - const ASN1_OBJECT *obj, int atrtype, const void *data, int len); -X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr, - const char *atrname, int type, const unsigned char *bytes, int len); -int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj); -int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *data, int len); -void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx, - int atrtype, void *data); -int X509_ATTRIBUTE_count(const X509_ATTRIBUTE *attr); -ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr); -ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx); - -int EVP_PKEY_get_attr_count(const EVP_PKEY *key); -int EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid, - int lastpos); -int EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, const ASN1_OBJECT *obj, - int lastpos); -X509_ATTRIBUTE *EVP_PKEY_get_attr(const EVP_PKEY *key, int loc); -X509_ATTRIBUTE *EVP_PKEY_delete_attr(EVP_PKEY *key, int loc); -int EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr); -int EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key, - const ASN1_OBJECT *obj, int type, - const unsigned char *bytes, int len); -int EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key, - int nid, int type, - const unsigned char *bytes, int len); -int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key, - const char *attrname, int type, - const unsigned char *bytes, int len); - -int X509_verify_cert(X509_STORE_CTX *ctx); - -/* lookup a cert from a X509 STACK */ -X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk,X509_NAME *name, - ASN1_INTEGER *serial); -X509 *X509_find_by_subject(STACK_OF(X509) *sk,X509_NAME *name); - -PBEPARAM *PBEPARAM_new(void); -void PBEPARAM_free(PBEPARAM *a); -PBEPARAM *d2i_PBEPARAM(PBEPARAM **a, const unsigned char **in, long len); -int i2d_PBEPARAM(PBEPARAM *a, unsigned char **out); -extern const ASN1_ITEM PBEPARAM_it; -PBE2PARAM *PBE2PARAM_new(void); -void PBE2PARAM_free(PBE2PARAM *a); -PBE2PARAM *d2i_PBE2PARAM(PBE2PARAM **a, const unsigned char **in, long len); -int i2d_PBE2PARAM(PBE2PARAM *a, unsigned char **out); -extern const ASN1_ITEM PBE2PARAM_it; -PBKDF2PARAM *PBKDF2PARAM_new(void); -void PBKDF2PARAM_free(PBKDF2PARAM *a); -PBKDF2PARAM *d2i_PBKDF2PARAM(PBKDF2PARAM **a, const unsigned char **in, long len); -int i2d_PBKDF2PARAM(PBKDF2PARAM *a, unsigned char **out); -extern const ASN1_ITEM PBKDF2PARAM_it; - -int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter, - const unsigned char *salt, int saltlen); - -X509_ALGOR *PKCS5_pbe_set(int alg, int iter, - const unsigned char *salt, int saltlen); -X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, - unsigned char *salt, int saltlen); -X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, - unsigned char *salt, int saltlen, - unsigned char *aiv, int prf_nid); - -X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, - int prf_nid, int keylen); - -/* PKCS#8 utilities */ - -PKCS8_PRIV_KEY_INFO *PKCS8_PRIV_KEY_INFO_new(void); -void PKCS8_PRIV_KEY_INFO_free(PKCS8_PRIV_KEY_INFO *a); -PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO **a, const unsigned char **in, long len); -int i2d_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO *a, unsigned char **out); -extern const ASN1_ITEM PKCS8_PRIV_KEY_INFO_it; - -EVP_PKEY *EVP_PKCS82PKEY(const PKCS8_PRIV_KEY_INFO *p8); -PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey); - -int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj, int version, - int ptype, void *pval, unsigned char *penc, int penclen); -int PKCS8_pkey_get0(const ASN1_OBJECT **ppkalg, const unsigned char **pk, - int *ppklen, const X509_ALGOR **pa, const PKCS8_PRIV_KEY_INFO *p8); - -const STACK_OF(X509_ATTRIBUTE) *PKCS8_pkey_get0_attrs(const PKCS8_PRIV_KEY_INFO *p8); -int PKCS8_pkey_add1_attr_by_NID(PKCS8_PRIV_KEY_INFO *p8, int nid, int type, - const unsigned char *bytes, int len); - -int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj, - int ptype, void *pval, - unsigned char *penc, int penclen); -int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg, - const unsigned char **pk, int *ppklen, - X509_ALGOR **pa, - X509_PUBKEY *pub); - -int X509_check_trust(X509 *x, int id, int flags); -int X509_TRUST_get_count(void); -X509_TRUST * X509_TRUST_get0(int idx); -int X509_TRUST_get_by_id(int id); -int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int), - const char *name, int arg1, void *arg2); -void X509_TRUST_cleanup(void); -int X509_TRUST_get_flags(const X509_TRUST *xp); -char *X509_TRUST_get0_name(const X509_TRUST *xp); -int X509_TRUST_get_trust(const X509_TRUST *xp); - -int X509_up_ref(X509 *x); -STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain); - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_X509_strings(void); - -/* Error codes for the X509 functions. */ - -/* Function codes. */ -#define X509_F_ADD_CERT_DIR 100 -#define X509_F_BY_FILE_CTRL 101 -#define X509_F_CHECK_POLICY 145 -#define X509_F_DIR_CTRL 102 -#define X509_F_GET_CERT_BY_SUBJECT 103 -#define X509_F_NETSCAPE_SPKI_B64_DECODE 129 -#define X509_F_NETSCAPE_SPKI_B64_ENCODE 130 -#define X509_F_X509AT_ADD1_ATTR 135 -#define X509_F_X509V3_ADD_EXT 104 -#define X509_F_X509_ATTRIBUTE_CREATE_BY_NID 136 -#define X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ 137 -#define X509_F_X509_ATTRIBUTE_CREATE_BY_TXT 140 -#define X509_F_X509_ATTRIBUTE_GET0_DATA 139 -#define X509_F_X509_ATTRIBUTE_SET1_DATA 138 -#define X509_F_X509_CHECK_PRIVATE_KEY 128 -#define X509_F_X509_CRL_PRINT_FP 147 -#define X509_F_X509_EXTENSION_CREATE_BY_NID 108 -#define X509_F_X509_EXTENSION_CREATE_BY_OBJ 109 -#define X509_F_X509_GET_PUBKEY_PARAMETERS 110 -#define X509_F_X509_LOAD_CERT_CRL_FILE 132 -#define X509_F_X509_LOAD_CERT_FILE 111 -#define X509_F_X509_LOAD_CRL_FILE 112 -#define X509_F_X509_NAME_ADD_ENTRY 113 -#define X509_F_X509_NAME_ENTRY_CREATE_BY_NID 114 -#define X509_F_X509_NAME_ENTRY_CREATE_BY_TXT 131 -#define X509_F_X509_NAME_ENTRY_SET_OBJECT 115 -#define X509_F_X509_NAME_ONELINE 116 -#define X509_F_X509_NAME_PRINT 117 -#define X509_F_X509_PRINT_EX_FP 118 -#define X509_F_X509_PUBKEY_GET 119 -#define X509_F_X509_PUBKEY_SET 120 -#define X509_F_X509_REQ_CHECK_PRIVATE_KEY 144 -#define X509_F_X509_REQ_PRINT_EX 121 -#define X509_F_X509_REQ_PRINT_FP 122 -#define X509_F_X509_REQ_TO_X509 123 -#define X509_F_X509_STORE_ADD_CERT 124 -#define X509_F_X509_STORE_ADD_CRL 125 -#define X509_F_X509_STORE_CTX_GET1_ISSUER 146 -#define X509_F_X509_STORE_CTX_INIT 143 -#define X509_F_X509_STORE_CTX_NEW 142 -#define X509_F_X509_STORE_CTX_PURPOSE_INHERIT 134 -#define X509_F_X509_TO_X509_REQ 126 -#define X509_F_X509_TRUST_ADD 133 -#define X509_F_X509_TRUST_SET 141 -#define X509_F_X509_VERIFY_CERT 127 - -/* Reason codes. */ -#define X509_R_BAD_X509_FILETYPE 100 -#define X509_R_BASE64_DECODE_ERROR 118 -#define X509_R_CANT_CHECK_DH_KEY 114 -#define X509_R_CERT_ALREADY_IN_HASH_TABLE 101 -#define X509_R_ERR_ASN1_LIB 102 -#define X509_R_INVALID_DIRECTORY 113 -#define X509_R_INVALID_FIELD_NAME 119 -#define X509_R_INVALID_TRUST 123 -#define X509_R_KEY_TYPE_MISMATCH 115 -#define X509_R_KEY_VALUES_MISMATCH 116 -#define X509_R_LOADING_CERT_DIR 103 -#define X509_R_LOADING_DEFAULTS 104 -#define X509_R_METHOD_NOT_SUPPORTED 124 -#define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105 -#define X509_R_PUBLIC_KEY_DECODE_ERROR 125 -#define X509_R_PUBLIC_KEY_ENCODE_ERROR 126 -#define X509_R_SHOULD_RETRY 106 -#define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN 107 -#define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY 108 -#define X509_R_UNKNOWN_KEY_TYPE 117 -#define X509_R_UNKNOWN_NID 109 -#define X509_R_UNKNOWN_PURPOSE_ID 121 -#define X509_R_UNKNOWN_TRUST_ID 120 -#define X509_R_UNSUPPORTED_ALGORITHM 111 -#define X509_R_WRONG_LOOKUP_TYPE 112 -#define X509_R_WRONG_TYPE 122 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/openssl/x509_vfy.h b/libressl/include64/openssl/x509_vfy.h deleted file mode 100644 index c5eae9d3..00000000 --- a/libressl/include64/openssl/x509_vfy.h +++ /dev/null @@ -1,615 +0,0 @@ -/* $OpenBSD: x509_vfy.h,v 1.30 2018/08/24 19:21:09 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_X509_H -#include <openssl/x509.h> -/* openssl/x509.h ends up #include-ing this file at about the only - * appropriate moment. */ -#endif - -#ifndef HEADER_X509_VFY_H -#define HEADER_X509_VFY_H - -#include <openssl/opensslconf.h> - -#ifndef OPENSSL_NO_LHASH -#include <openssl/lhash.h> -#endif -#include <openssl/bio.h> -#include <openssl/crypto.h> - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct x509_file_st - { - int num_paths; /* number of paths to files or directories */ - int num_alloced; - char **paths; /* the list of paths or directories */ - int *path_type; - } X509_CERT_FILE_CTX; - -/*******************************/ -/* -SSL_CTX -> X509_STORE - -> X509_LOOKUP - ->X509_LOOKUP_METHOD - -> X509_LOOKUP - ->X509_LOOKUP_METHOD - -SSL -> X509_STORE_CTX - ->X509_STORE - -The X509_STORE holds the tables etc for verification stuff. -A X509_STORE_CTX is used while validating a single certificate. -The X509_STORE has X509_LOOKUPs for looking up certs. -The X509_STORE then calls a function to actually verify the -certificate chain. -*/ - -#define X509_LU_RETRY -1 -#define X509_LU_FAIL 0 -#define X509_LU_X509 1 -#define X509_LU_CRL 2 -#define X509_LU_PKEY 3 - -typedef struct x509_object_st - { - /* one of the above types */ - int type; - union { - char *ptr; - X509 *x509; - X509_CRL *crl; - EVP_PKEY *pkey; - } data; - } X509_OBJECT; - -typedef struct x509_lookup_st X509_LOOKUP; - -DECLARE_STACK_OF(X509_LOOKUP) -DECLARE_STACK_OF(X509_OBJECT) - -/* This is a static that defines the function interface */ -typedef struct x509_lookup_method_st - { - const char *name; - int (*new_item)(X509_LOOKUP *ctx); - void (*free)(X509_LOOKUP *ctx); - int (*init)(X509_LOOKUP *ctx); - int (*shutdown)(X509_LOOKUP *ctx); - int (*ctrl)(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, - char **ret); - int (*get_by_subject)(X509_LOOKUP *ctx, int type, X509_NAME *name, - X509_OBJECT *ret); - int (*get_by_issuer_serial)(X509_LOOKUP *ctx, int type, X509_NAME *name, - ASN1_INTEGER *serial,X509_OBJECT *ret); - int (*get_by_fingerprint)(X509_LOOKUP *ctx, int type, - const unsigned char *bytes, int len, X509_OBJECT *ret); - int (*get_by_alias)(X509_LOOKUP *ctx, int type, const char *str, - int len, X509_OBJECT *ret); - } X509_LOOKUP_METHOD; - -typedef struct X509_VERIFY_PARAM_ID_st X509_VERIFY_PARAM_ID; - -/* This structure hold all parameters associated with a verify operation - * by including an X509_VERIFY_PARAM structure in related structures the - * parameters used can be customized - */ - -typedef struct X509_VERIFY_PARAM_st - { - char *name; - time_t check_time; /* Time to use */ - unsigned long inh_flags; /* Inheritance flags */ - unsigned long flags; /* Various verify flags */ - int purpose; /* purpose to check untrusted certificates */ - int trust; /* trust setting to check */ - int depth; /* Verify depth */ - STACK_OF(ASN1_OBJECT) *policies; /* Permissible policies */ - X509_VERIFY_PARAM_ID *id; /* opaque ID data */ -} X509_VERIFY_PARAM; - -DECLARE_STACK_OF(X509_VERIFY_PARAM) - -/* This is used to hold everything. It is used for all certificate - * validation. Once we have a certificate chain, the 'verify' - * function is then called to actually check the cert chain. */ -struct x509_store_st - { - /* The following is a cache of trusted certs */ - int cache; /* if true, stash any hits */ - STACK_OF(X509_OBJECT) *objs; /* Cache of all objects */ - - /* These are external lookup methods */ - STACK_OF(X509_LOOKUP) *get_cert_methods; - - X509_VERIFY_PARAM *param; - - /* Callbacks for various operations */ - int (*verify)(X509_STORE_CTX *ctx); /* called to verify a certificate */ - int (*verify_cb)(int ok,X509_STORE_CTX *ctx); /* error callback */ - int (*get_issuer)(X509 **issuer, X509_STORE_CTX *ctx, X509 *x); /* get issuers cert from ctx */ - int (*check_issued)(X509_STORE_CTX *ctx, X509 *x, X509 *issuer); /* check issued */ - int (*check_revocation)(X509_STORE_CTX *ctx); /* Check revocation status of chain */ - int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x); /* retrieve CRL */ - int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */ - int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */ - STACK_OF(X509) * (*lookup_certs)(X509_STORE_CTX *ctx, X509_NAME *nm); - STACK_OF(X509_CRL) * (*lookup_crls)(X509_STORE_CTX *ctx, X509_NAME *nm); - int (*cleanup)(X509_STORE_CTX *ctx); - - CRYPTO_EX_DATA ex_data; - int references; - } /* X509_STORE */; - -int X509_STORE_set_depth(X509_STORE *store, int depth); - -#define X509_STORE_set_verify_cb_func(ctx,func) ((ctx)->verify_cb=(func)) -#define X509_STORE_set_verify_func(ctx,func) ((ctx)->verify=(func)) - -/* This is the functions plus an instance of the local variables. */ -struct x509_lookup_st - { - int init; /* have we been started */ - int skip; /* don't use us. */ - X509_LOOKUP_METHOD *method; /* the functions */ - char *method_data; /* method data */ - - X509_STORE *store_ctx; /* who owns us */ - } /* X509_LOOKUP */; - -/* This is a used when verifying cert chains. Since the - * gathering of the cert chain can take some time (and have to be - * 'retried', this needs to be kept and passed around. */ -struct x509_store_ctx_st /* X509_STORE_CTX */ - { - X509_STORE *ctx; - int current_method; /* used when looking up certs */ - - /* The following are set by the caller */ - X509 *cert; /* The cert to check */ - STACK_OF(X509) *untrusted; /* chain of X509s - untrusted - passed in */ - STACK_OF(X509_CRL) *crls; /* set of CRLs passed in */ - - X509_VERIFY_PARAM *param; - void *other_ctx; /* Other info for use with get_issuer() */ - - /* Callbacks for various operations */ - int (*verify)(X509_STORE_CTX *ctx); /* called to verify a certificate */ - int (*verify_cb)(int ok,X509_STORE_CTX *ctx); /* error callback */ - int (*get_issuer)(X509 **issuer, X509_STORE_CTX *ctx, X509 *x); /* get issuers cert from ctx */ - int (*check_issued)(X509_STORE_CTX *ctx, X509 *x, X509 *issuer); /* check issued */ - int (*check_revocation)(X509_STORE_CTX *ctx); /* Check revocation status of chain */ - int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x); /* retrieve CRL */ - int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */ - int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */ - int (*check_policy)(X509_STORE_CTX *ctx); - STACK_OF(X509) * (*lookup_certs)(X509_STORE_CTX *ctx, X509_NAME *nm); - STACK_OF(X509_CRL) * (*lookup_crls)(X509_STORE_CTX *ctx, X509_NAME *nm); - int (*cleanup)(X509_STORE_CTX *ctx); - - /* The following is built up */ - int valid; /* if 0, rebuild chain */ - int last_untrusted; /* index of last untrusted cert */ - STACK_OF(X509) *chain; /* chain of X509s - built up and trusted */ - X509_POLICY_TREE *tree; /* Valid policy tree */ - - int explicit_policy; /* Require explicit policy value */ - - /* When something goes wrong, this is why */ - int error_depth; - int error; - X509 *current_cert; - X509 *current_issuer; /* cert currently being tested as valid issuer */ - X509_CRL *current_crl; /* current CRL */ - - int current_crl_score; /* score of current CRL */ - unsigned int current_reasons; /* Reason mask */ - - X509_STORE_CTX *parent; /* For CRL path validation: parent context */ - - CRYPTO_EX_DATA ex_data; - } /* X509_STORE_CTX */; - -void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth); - -#define X509_STORE_CTX_set_app_data(ctx,data) \ - X509_STORE_CTX_set_ex_data(ctx,0,data) -#define X509_STORE_CTX_get_app_data(ctx) \ - X509_STORE_CTX_get_ex_data(ctx,0) - -#define X509_L_FILE_LOAD 1 -#define X509_L_ADD_DIR 2 -#define X509_L_MEM 3 - -#define X509_LOOKUP_load_file(x,name,type) \ - X509_LOOKUP_ctrl((x),X509_L_FILE_LOAD,(name),(long)(type),NULL) - -#define X509_LOOKUP_add_dir(x,name,type) \ - X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(long)(type),NULL) - -#define X509_LOOKUP_add_mem(x,iov,type) \ - X509_LOOKUP_ctrl((x),X509_L_MEM,(const char *)(iov),\ - (long)(type),NULL) - -#define X509_V_OK 0 -#define X509_V_ERR_UNSPECIFIED 1 -#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT 2 -#define X509_V_ERR_UNABLE_TO_GET_CRL 3 -#define X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE 4 -#define X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE 5 -#define X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY 6 -#define X509_V_ERR_CERT_SIGNATURE_FAILURE 7 -#define X509_V_ERR_CRL_SIGNATURE_FAILURE 8 -#define X509_V_ERR_CERT_NOT_YET_VALID 9 -#define X509_V_ERR_CERT_HAS_EXPIRED 10 -#define X509_V_ERR_CRL_NOT_YET_VALID 11 -#define X509_V_ERR_CRL_HAS_EXPIRED 12 -#define X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD 13 -#define X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD 14 -#define X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD 15 -#define X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD 16 -#define X509_V_ERR_OUT_OF_MEM 17 -#define X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT 18 -#define X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN 19 -#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY 20 -#define X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE 21 -#define X509_V_ERR_CERT_CHAIN_TOO_LONG 22 -#define X509_V_ERR_CERT_REVOKED 23 -#define X509_V_ERR_INVALID_CA 24 -#define X509_V_ERR_PATH_LENGTH_EXCEEDED 25 -#define X509_V_ERR_INVALID_PURPOSE 26 -#define X509_V_ERR_CERT_UNTRUSTED 27 -#define X509_V_ERR_CERT_REJECTED 28 -/* These are 'informational' when looking for issuer cert */ -#define X509_V_ERR_SUBJECT_ISSUER_MISMATCH 29 -#define X509_V_ERR_AKID_SKID_MISMATCH 30 -#define X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH 31 -#define X509_V_ERR_KEYUSAGE_NO_CERTSIGN 32 - -#define X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER 33 -#define X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION 34 -#define X509_V_ERR_KEYUSAGE_NO_CRL_SIGN 35 -#define X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION 36 -#define X509_V_ERR_INVALID_NON_CA 37 -#define X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED 38 -#define X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE 39 -#define X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED 40 - -#define X509_V_ERR_INVALID_EXTENSION 41 -#define X509_V_ERR_INVALID_POLICY_EXTENSION 42 -#define X509_V_ERR_NO_EXPLICIT_POLICY 43 -#define X509_V_ERR_DIFFERENT_CRL_SCOPE 44 -#define X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE 45 - -#define X509_V_ERR_UNNESTED_RESOURCE 46 - -#define X509_V_ERR_PERMITTED_VIOLATION 47 -#define X509_V_ERR_EXCLUDED_VIOLATION 48 -#define X509_V_ERR_SUBTREE_MINMAX 49 -#define X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE 51 -#define X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX 52 -#define X509_V_ERR_UNSUPPORTED_NAME_SYNTAX 53 -#define X509_V_ERR_CRL_PATH_VALIDATION_ERROR 54 - -/* The application is not happy */ -#define X509_V_ERR_APPLICATION_VERIFICATION 50 - -/* Host, email and IP check errors */ -#define X509_V_ERR_HOSTNAME_MISMATCH 62 -#define X509_V_ERR_EMAIL_MISMATCH 63 -#define X509_V_ERR_IP_ADDRESS_MISMATCH 64 - -/* Caller error */ -#define X509_V_ERR_INVALID_CALL 65 -/* Issuer lookup error */ -#define X509_V_ERR_STORE_LOOKUP 66 - -/* Certificate verify flags */ - -/* Send issuer+subject checks to verify_cb */ -#define X509_V_FLAG_CB_ISSUER_CHECK 0x1 -/* Use check time instead of current time */ -#define X509_V_FLAG_USE_CHECK_TIME 0x2 -/* Lookup CRLs */ -#define X509_V_FLAG_CRL_CHECK 0x4 -/* Lookup CRLs for whole chain */ -#define X509_V_FLAG_CRL_CHECK_ALL 0x8 -/* Ignore unhandled critical extensions */ -#define X509_V_FLAG_IGNORE_CRITICAL 0x10 -/* Disable workarounds for broken certificates */ -#define X509_V_FLAG_X509_STRICT 0x20 -/* Enable proxy certificate validation */ -#define X509_V_FLAG_ALLOW_PROXY_CERTS 0x40 -/* Enable policy checking */ -#define X509_V_FLAG_POLICY_CHECK 0x80 -/* Policy variable require-explicit-policy */ -#define X509_V_FLAG_EXPLICIT_POLICY 0x100 -/* Policy variable inhibit-any-policy */ -#define X509_V_FLAG_INHIBIT_ANY 0x200 -/* Policy variable inhibit-policy-mapping */ -#define X509_V_FLAG_INHIBIT_MAP 0x400 -/* Notify callback that policy is OK */ -#define X509_V_FLAG_NOTIFY_POLICY 0x800 -/* Extended CRL features such as indirect CRLs, alternate CRL signing keys */ -#define X509_V_FLAG_EXTENDED_CRL_SUPPORT 0x1000 -/* Delta CRL support */ -#define X509_V_FLAG_USE_DELTAS 0x2000 -/* Check selfsigned CA signature */ -#define X509_V_FLAG_CHECK_SS_SIGNATURE 0x4000 -/* Use trusted store first */ -#define X509_V_FLAG_TRUSTED_FIRST 0x8000 -/* Allow partial chains if at least one certificate is in trusted store */ -#define X509_V_FLAG_PARTIAL_CHAIN 0x80000 - -/* If the initial chain is not trusted, do not attempt to build an alternative - * chain. Alternate chain checking was introduced in 1.0.2b. Setting this flag - * will force the behaviour to match that of previous versions. */ -#define X509_V_FLAG_NO_ALT_CHAINS 0x100000 - -/* Do not check certificate or CRL validity against current time. */ -#define X509_V_FLAG_NO_CHECK_TIME 0x200000 - -#define X509_VP_FLAG_DEFAULT 0x1 -#define X509_VP_FLAG_OVERWRITE 0x2 -#define X509_VP_FLAG_RESET_FLAGS 0x4 -#define X509_VP_FLAG_LOCKED 0x8 -#define X509_VP_FLAG_ONCE 0x10 - -/* Internal use: mask of policy related options */ -#define X509_V_FLAG_POLICY_MASK (X509_V_FLAG_POLICY_CHECK \ - | X509_V_FLAG_EXPLICIT_POLICY \ - | X509_V_FLAG_INHIBIT_ANY \ - | X509_V_FLAG_INHIBIT_MAP) - -int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type, - X509_NAME *name); -X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h,int type,X509_NAME *name); -X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h, X509_OBJECT *x); -int X509_OBJECT_up_ref_count(X509_OBJECT *a); -int X509_OBJECT_get_type(const X509_OBJECT *a); -void X509_OBJECT_free_contents(X509_OBJECT *a); -X509 *X509_OBJECT_get0_X509(const X509_OBJECT *xo); -X509_CRL *X509_OBJECT_get0_X509_CRL(X509_OBJECT *xo); - -X509_STORE *X509_STORE_new(void); -void X509_STORE_free(X509_STORE *v); -int X509_STORE_up_ref(X509_STORE *x); -STACK_OF(X509)* X509_STORE_get1_certs(X509_STORE_CTX *st, X509_NAME *nm); -STACK_OF(X509_CRL)* X509_STORE_get1_crls(X509_STORE_CTX *st, X509_NAME *nm); -STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *xs); -void *X509_STORE_get_ex_data(X509_STORE *xs, int idx); -int X509_STORE_set_ex_data(X509_STORE *xs, int idx, void *data); - -#define X509_STORE_get_ex_new_index(l, p, newf, dupf, freef) \ - CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE, (l), (p), \ - (newf), (dupf), (freef)) - -int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags); -int X509_STORE_set_purpose(X509_STORE *ctx, int purpose); -int X509_STORE_set_trust(X509_STORE *ctx, int trust); -int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *pm); -X509_VERIFY_PARAM *X509_STORE_get0_param(X509_STORE *ctx); - -void X509_STORE_set_verify_cb(X509_STORE *ctx, - int (*verify_cb)(int, X509_STORE_CTX *)); - -X509_STORE_CTX *X509_STORE_CTX_new(void); - -int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x); - -void X509_STORE_CTX_free(X509_STORE_CTX *ctx); -int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, - X509 *x509, STACK_OF(X509) *chain); -X509 *X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx); -STACK_OF(X509) *X509_STORE_CTX_get0_chain(X509_STORE_CTX *xs); -X509_STORE *X509_STORE_CTX_get0_store(X509_STORE_CTX *xs); -STACK_OF(X509) *X509_STORE_CTX_get0_untrusted(X509_STORE_CTX *ctx); -void X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *ctx, STACK_OF(X509) *sk); -void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk); -void X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk); -void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx); - -X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m); - -X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void); -X509_LOOKUP_METHOD *X509_LOOKUP_file(void); -X509_LOOKUP_METHOD *X509_LOOKUP_mem(void); - -int X509_STORE_add_cert(X509_STORE *ctx, X509 *x); -int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x); - -int X509_STORE_get_by_subject(X509_STORE_CTX *vs,int type,X509_NAME *name, - X509_OBJECT *ret); - -int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, - long argl, char **ret); - -int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type); -int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type); -int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type); - - -X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method); -void X509_LOOKUP_free(X509_LOOKUP *ctx); -int X509_LOOKUP_init(X509_LOOKUP *ctx); -int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name, - X509_OBJECT *ret); -int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name, - ASN1_INTEGER *serial, X509_OBJECT *ret); -int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type, - const unsigned char *bytes, int len, X509_OBJECT *ret); -int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, const char *str, - int len, X509_OBJECT *ret); -int X509_LOOKUP_shutdown(X509_LOOKUP *ctx); - -int X509_STORE_load_locations (X509_STORE *ctx, - const char *file, const char *dir); -int X509_STORE_load_mem(X509_STORE *ctx, void *buf, int len); -int X509_STORE_set_default_paths(X509_STORE *ctx); - -int X509_STORE_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx,int idx,void *data); -void * X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx,int idx); -int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx); -void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx,int s); -int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx); -X509 * X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx); -X509 *X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx); -X509_CRL *X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx); -X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx); -STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx); -STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx); -void X509_STORE_CTX_set_cert(X509_STORE_CTX *c,X509 *x); -void X509_STORE_CTX_set_chain(X509_STORE_CTX *c,STACK_OF(X509) *sk); -void X509_STORE_CTX_set0_crls(X509_STORE_CTX *c,STACK_OF(X509_CRL) *sk); -int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose); -int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust); -int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, - int purpose, int trust); -void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags); -void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags, - time_t t); -void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx, - int (*verify_cb)(int, X509_STORE_CTX *)); - -X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx); -int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx); - -X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx); -void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param); -int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name); - -/* X509_VERIFY_PARAM functions */ - -X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void); -void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param); -int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *to, - const X509_VERIFY_PARAM *from); -int X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to, - const X509_VERIFY_PARAM *from); -int X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM *param, const char *name); -int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param, unsigned long flags); -int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param, - unsigned long flags); -unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param); -int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose); -int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust); -void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth); -void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t); -int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param, - ASN1_OBJECT *policy); -int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param, - STACK_OF(ASN1_OBJECT) *policies); -int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param); -int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param, const char *name, - size_t namelen); -int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param, const char *name, - size_t namelen); -void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param, - unsigned int flags); -char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param); -int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param, const char *email, - size_t emaillen); -int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param, const unsigned char *ip, - size_t iplen); -int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc); -const char *X509_VERIFY_PARAM_get0_name(const X509_VERIFY_PARAM *param); -const X509_VERIFY_PARAM *X509_VERIFY_PARAM_get0(int id); -int X509_VERIFY_PARAM_get_count(void); - -int X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM *param); -const X509_VERIFY_PARAM *X509_VERIFY_PARAM_lookup(const char *name); -void X509_VERIFY_PARAM_table_cleanup(void); - -int X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy, - STACK_OF(X509) *certs, - STACK_OF(ASN1_OBJECT) *policy_oids, - unsigned int flags); - -void X509_policy_tree_free(X509_POLICY_TREE *tree); - -int X509_policy_tree_level_count(const X509_POLICY_TREE *tree); -X509_POLICY_LEVEL * - X509_policy_tree_get0_level(const X509_POLICY_TREE *tree, int i); - -STACK_OF(X509_POLICY_NODE) * - X509_policy_tree_get0_policies(const X509_POLICY_TREE *tree); - -STACK_OF(X509_POLICY_NODE) * - X509_policy_tree_get0_user_policies(const X509_POLICY_TREE *tree); - -int X509_policy_level_node_count(X509_POLICY_LEVEL *level); - -X509_POLICY_NODE *X509_policy_level_get0_node(X509_POLICY_LEVEL *level, int i); - -const ASN1_OBJECT *X509_policy_node_get0_policy(const X509_POLICY_NODE *node); - -STACK_OF(POLICYQUALINFO) * - X509_policy_node_get0_qualifiers(const X509_POLICY_NODE *node); -const X509_POLICY_NODE * - X509_policy_node_get0_parent(const X509_POLICY_NODE *node); - -#ifdef __cplusplus -} -#endif -#endif - diff --git a/libressl/include64/openssl/x509v3.h b/libressl/include64/openssl/x509v3.h deleted file mode 100644 index 5d6c5887..00000000 --- a/libressl/include64/openssl/x509v3.h +++ /dev/null @@ -1,992 +0,0 @@ -/* $OpenBSD: x509v3.h,v 1.30 2018/05/19 10:50:08 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -#ifndef HEADER_X509V3_H -#define HEADER_X509V3_H - -#include <openssl/opensslconf.h> - -#include <openssl/bio.h> -#include <openssl/x509.h> -#include <openssl/conf.h> - -#ifdef __cplusplus -extern "C" { -#endif - -/* Forward reference */ -struct v3_ext_method; -struct v3_ext_ctx; - -/* Useful typedefs */ - -typedef void * (*X509V3_EXT_NEW)(void); -typedef void (*X509V3_EXT_FREE)(void *); -typedef void * (*X509V3_EXT_D2I)(void *, const unsigned char ** , long); -typedef int (*X509V3_EXT_I2D)(void *, unsigned char **); -typedef STACK_OF(CONF_VALUE) * - (*X509V3_EXT_I2V)(const struct v3_ext_method *method, void *ext, - STACK_OF(CONF_VALUE) *extlist); -typedef void * (*X509V3_EXT_V2I)(const struct v3_ext_method *method, - struct v3_ext_ctx *ctx, - STACK_OF(CONF_VALUE) *values); -typedef char * (*X509V3_EXT_I2S)(const struct v3_ext_method *method, void *ext); -typedef void * (*X509V3_EXT_S2I)(const struct v3_ext_method *method, - struct v3_ext_ctx *ctx, const char *str); -typedef int (*X509V3_EXT_I2R)(const struct v3_ext_method *method, void *ext, - BIO *out, int indent); -typedef void * (*X509V3_EXT_R2I)(const struct v3_ext_method *method, - struct v3_ext_ctx *ctx, const char *str); - -/* V3 extension structure */ - -struct v3_ext_method { -int ext_nid; -int ext_flags; -/* If this is set the following four fields are ignored */ -ASN1_ITEM_EXP *it; -/* Old style ASN1 calls */ -X509V3_EXT_NEW ext_new; -X509V3_EXT_FREE ext_free; -X509V3_EXT_D2I d2i; -X509V3_EXT_I2D i2d; - -/* The following pair is used for string extensions */ -X509V3_EXT_I2S i2s; -X509V3_EXT_S2I s2i; - -/* The following pair is used for multi-valued extensions */ -X509V3_EXT_I2V i2v; -X509V3_EXT_V2I v2i; - -/* The following are used for raw extensions */ -X509V3_EXT_I2R i2r; -X509V3_EXT_R2I r2i; - -void *usr_data; /* Any extension specific data */ -}; - -typedef struct X509V3_CONF_METHOD_st { -char *(*get_string)(void *db, const char *section, const char *value); -STACK_OF(CONF_VALUE) *(*get_section)(void *db, const char *section); -void (*free_string)(void *db, char *string); -void (*free_section)(void *db, STACK_OF(CONF_VALUE) *section); -} X509V3_CONF_METHOD; - -/* Context specific info */ -struct v3_ext_ctx { -#define CTX_TEST 0x1 -int flags; -X509 *issuer_cert; -X509 *subject_cert; -X509_REQ *subject_req; -X509_CRL *crl; -X509V3_CONF_METHOD *db_meth; -void *db; -/* Maybe more here */ -}; - -typedef struct v3_ext_method X509V3_EXT_METHOD; - -DECLARE_STACK_OF(X509V3_EXT_METHOD) - -/* ext_flags values */ -#define X509V3_EXT_DYNAMIC 0x1 -#define X509V3_EXT_CTX_DEP 0x2 -#define X509V3_EXT_MULTILINE 0x4 - -typedef BIT_STRING_BITNAME ENUMERATED_NAMES; - -typedef struct BASIC_CONSTRAINTS_st { -int ca; -ASN1_INTEGER *pathlen; -} BASIC_CONSTRAINTS; - - -typedef struct PKEY_USAGE_PERIOD_st { -ASN1_GENERALIZEDTIME *notBefore; -ASN1_GENERALIZEDTIME *notAfter; -} PKEY_USAGE_PERIOD; - -typedef struct otherName_st { -ASN1_OBJECT *type_id; -ASN1_TYPE *value; -} OTHERNAME; - -typedef struct EDIPartyName_st { - ASN1_STRING *nameAssigner; - ASN1_STRING *partyName; -} EDIPARTYNAME; - -typedef struct GENERAL_NAME_st { - -#define GEN_OTHERNAME 0 -#define GEN_EMAIL 1 -#define GEN_DNS 2 -#define GEN_X400 3 -#define GEN_DIRNAME 4 -#define GEN_EDIPARTY 5 -#define GEN_URI 6 -#define GEN_IPADD 7 -#define GEN_RID 8 - -int type; -union { - char *ptr; - OTHERNAME *otherName; /* otherName */ - ASN1_IA5STRING *rfc822Name; - ASN1_IA5STRING *dNSName; - ASN1_TYPE *x400Address; - X509_NAME *directoryName; - EDIPARTYNAME *ediPartyName; - ASN1_IA5STRING *uniformResourceIdentifier; - ASN1_OCTET_STRING *iPAddress; - ASN1_OBJECT *registeredID; - - /* Old names */ - ASN1_OCTET_STRING *ip; /* iPAddress */ - X509_NAME *dirn; /* dirn */ - ASN1_IA5STRING *ia5;/* rfc822Name, dNSName, uniformResourceIdentifier */ - ASN1_OBJECT *rid; /* registeredID */ - ASN1_TYPE *other; /* x400Address */ -} d; -} GENERAL_NAME; - -typedef STACK_OF(GENERAL_NAME) GENERAL_NAMES; - -typedef struct ACCESS_DESCRIPTION_st { - ASN1_OBJECT *method; - GENERAL_NAME *location; -} ACCESS_DESCRIPTION; - -typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; - -typedef STACK_OF(ASN1_OBJECT) EXTENDED_KEY_USAGE; - -DECLARE_STACK_OF(GENERAL_NAME) - -DECLARE_STACK_OF(ACCESS_DESCRIPTION) - -typedef struct DIST_POINT_NAME_st { -int type; -union { - GENERAL_NAMES *fullname; - STACK_OF(X509_NAME_ENTRY) *relativename; -} name; -/* If relativename then this contains the full distribution point name */ -X509_NAME *dpname; -} DIST_POINT_NAME; -/* All existing reasons */ -#define CRLDP_ALL_REASONS 0x807f - -#define CRL_REASON_NONE -1 -#define CRL_REASON_UNSPECIFIED 0 -#define CRL_REASON_KEY_COMPROMISE 1 -#define CRL_REASON_CA_COMPROMISE 2 -#define CRL_REASON_AFFILIATION_CHANGED 3 -#define CRL_REASON_SUPERSEDED 4 -#define CRL_REASON_CESSATION_OF_OPERATION 5 -#define CRL_REASON_CERTIFICATE_HOLD 6 -#define CRL_REASON_REMOVE_FROM_CRL 8 -#define CRL_REASON_PRIVILEGE_WITHDRAWN 9 -#define CRL_REASON_AA_COMPROMISE 10 - -struct DIST_POINT_st { -DIST_POINT_NAME *distpoint; -ASN1_BIT_STRING *reasons; -GENERAL_NAMES *CRLissuer; -int dp_reasons; -}; - -typedef STACK_OF(DIST_POINT) CRL_DIST_POINTS; - -DECLARE_STACK_OF(DIST_POINT) - -struct AUTHORITY_KEYID_st { -ASN1_OCTET_STRING *keyid; -GENERAL_NAMES *issuer; -ASN1_INTEGER *serial; -}; - -/* Strong extranet structures */ - -typedef struct SXNET_ID_st { - ASN1_INTEGER *zone; - ASN1_OCTET_STRING *user; -} SXNETID; - -DECLARE_STACK_OF(SXNETID) - -typedef struct SXNET_st { - ASN1_INTEGER *version; - STACK_OF(SXNETID) *ids; -} SXNET; - -typedef struct NOTICEREF_st { - ASN1_STRING *organization; - STACK_OF(ASN1_INTEGER) *noticenos; -} NOTICEREF; - -typedef struct USERNOTICE_st { - NOTICEREF *noticeref; - ASN1_STRING *exptext; -} USERNOTICE; - -typedef struct POLICYQUALINFO_st { - ASN1_OBJECT *pqualid; - union { - ASN1_IA5STRING *cpsuri; - USERNOTICE *usernotice; - ASN1_TYPE *other; - } d; -} POLICYQUALINFO; - -DECLARE_STACK_OF(POLICYQUALINFO) - -typedef struct POLICYINFO_st { - ASN1_OBJECT *policyid; - STACK_OF(POLICYQUALINFO) *qualifiers; -} POLICYINFO; - -typedef STACK_OF(POLICYINFO) CERTIFICATEPOLICIES; - -DECLARE_STACK_OF(POLICYINFO) - -typedef struct POLICY_MAPPING_st { - ASN1_OBJECT *issuerDomainPolicy; - ASN1_OBJECT *subjectDomainPolicy; -} POLICY_MAPPING; - -DECLARE_STACK_OF(POLICY_MAPPING) - -typedef STACK_OF(POLICY_MAPPING) POLICY_MAPPINGS; - -typedef struct GENERAL_SUBTREE_st { - GENERAL_NAME *base; - ASN1_INTEGER *minimum; - ASN1_INTEGER *maximum; -} GENERAL_SUBTREE; - -DECLARE_STACK_OF(GENERAL_SUBTREE) - -struct NAME_CONSTRAINTS_st { - STACK_OF(GENERAL_SUBTREE) *permittedSubtrees; - STACK_OF(GENERAL_SUBTREE) *excludedSubtrees; -}; - -typedef struct POLICY_CONSTRAINTS_st { - ASN1_INTEGER *requireExplicitPolicy; - ASN1_INTEGER *inhibitPolicyMapping; -} POLICY_CONSTRAINTS; - -/* Proxy certificate structures, see RFC 3820 */ -typedef struct PROXY_POLICY_st - { - ASN1_OBJECT *policyLanguage; - ASN1_OCTET_STRING *policy; - } PROXY_POLICY; - -typedef struct PROXY_CERT_INFO_EXTENSION_st - { - ASN1_INTEGER *pcPathLengthConstraint; - PROXY_POLICY *proxyPolicy; - } PROXY_CERT_INFO_EXTENSION; - -PROXY_POLICY *PROXY_POLICY_new(void); -void PROXY_POLICY_free(PROXY_POLICY *a); -PROXY_POLICY *d2i_PROXY_POLICY(PROXY_POLICY **a, const unsigned char **in, long len); -int i2d_PROXY_POLICY(PROXY_POLICY *a, unsigned char **out); -extern const ASN1_ITEM PROXY_POLICY_it; -PROXY_CERT_INFO_EXTENSION *PROXY_CERT_INFO_EXTENSION_new(void); -void PROXY_CERT_INFO_EXTENSION_free(PROXY_CERT_INFO_EXTENSION *a); -PROXY_CERT_INFO_EXTENSION *d2i_PROXY_CERT_INFO_EXTENSION(PROXY_CERT_INFO_EXTENSION **a, const unsigned char **in, long len); -int i2d_PROXY_CERT_INFO_EXTENSION(PROXY_CERT_INFO_EXTENSION *a, unsigned char **out); -extern const ASN1_ITEM PROXY_CERT_INFO_EXTENSION_it; - -struct ISSUING_DIST_POINT_st - { - DIST_POINT_NAME *distpoint; - int onlyuser; - int onlyCA; - ASN1_BIT_STRING *onlysomereasons; - int indirectCRL; - int onlyattr; - }; - -/* Values in idp_flags field */ -/* IDP present */ -#define IDP_PRESENT 0x1 -/* IDP values inconsistent */ -#define IDP_INVALID 0x2 -/* onlyuser true */ -#define IDP_ONLYUSER 0x4 -/* onlyCA true */ -#define IDP_ONLYCA 0x8 -/* onlyattr true */ -#define IDP_ONLYATTR 0x10 -/* indirectCRL true */ -#define IDP_INDIRECT 0x20 -/* onlysomereasons present */ -#define IDP_REASONS 0x40 - -#define X509V3_conf_err(val) ERR_asprintf_error_data( \ - "section:%s,name:%s,value:%s", val->section, \ - val->name, val->value); - -#define X509V3_set_ctx_test(ctx) \ - X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST) -#define X509V3_set_ctx_nodb(ctx) (ctx)->db = NULL; - -#define EXT_BITSTRING(nid, table) { nid, 0, &ASN1_BIT_STRING_it, \ - 0,0,0,0, \ - 0,0, \ - (X509V3_EXT_I2V)i2v_ASN1_BIT_STRING, \ - (X509V3_EXT_V2I)v2i_ASN1_BIT_STRING, \ - NULL, NULL, \ - table} - -#define EXT_IA5STRING(nid) { nid, 0, &ASN1_IA5STRING_it, \ - 0,0,0,0, \ - (X509V3_EXT_I2S)i2s_ASN1_IA5STRING, \ - (X509V3_EXT_S2I)s2i_ASN1_IA5STRING, \ - 0,0,0,0, \ - NULL} - -#define EXT_END { -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} - - -/* X509_PURPOSE stuff */ - -#define EXFLAG_BCONS 0x0001 -#define EXFLAG_KUSAGE 0x0002 -#define EXFLAG_XKUSAGE 0x0004 -#define EXFLAG_NSCERT 0x0008 - -#define EXFLAG_CA 0x0010 -#define EXFLAG_SI 0x0020 /* Self issued. */ -#define EXFLAG_V1 0x0040 -#define EXFLAG_INVALID 0x0080 -#define EXFLAG_SET 0x0100 -#define EXFLAG_CRITICAL 0x0200 -#define EXFLAG_PROXY 0x0400 -#define EXFLAG_INVALID_POLICY 0x0800 -#define EXFLAG_FRESHEST 0x1000 -#define EXFLAG_SS 0x2000 /* Self signed. */ - -#define KU_DIGITAL_SIGNATURE 0x0080 -#define KU_NON_REPUDIATION 0x0040 -#define KU_KEY_ENCIPHERMENT 0x0020 -#define KU_DATA_ENCIPHERMENT 0x0010 -#define KU_KEY_AGREEMENT 0x0008 -#define KU_KEY_CERT_SIGN 0x0004 -#define KU_CRL_SIGN 0x0002 -#define KU_ENCIPHER_ONLY 0x0001 -#define KU_DECIPHER_ONLY 0x8000 - -#define NS_SSL_CLIENT 0x80 -#define NS_SSL_SERVER 0x40 -#define NS_SMIME 0x20 -#define NS_OBJSIGN 0x10 -#define NS_SSL_CA 0x04 -#define NS_SMIME_CA 0x02 -#define NS_OBJSIGN_CA 0x01 -#define NS_ANY_CA (NS_SSL_CA|NS_SMIME_CA|NS_OBJSIGN_CA) - -#define XKU_SSL_SERVER 0x1 -#define XKU_SSL_CLIENT 0x2 -#define XKU_SMIME 0x4 -#define XKU_CODE_SIGN 0x8 -#define XKU_SGC 0x10 -#define XKU_OCSP_SIGN 0x20 -#define XKU_TIMESTAMP 0x40 -#define XKU_DVCS 0x80 - -#define X509_PURPOSE_DYNAMIC 0x1 -#define X509_PURPOSE_DYNAMIC_NAME 0x2 - -typedef struct x509_purpose_st { - int purpose; - int trust; /* Default trust ID */ - int flags; - int (*check_purpose)(const struct x509_purpose_st *, - const X509 *, int); - char *name; - char *sname; - void *usr_data; -} X509_PURPOSE; - -#define X509_PURPOSE_SSL_CLIENT 1 -#define X509_PURPOSE_SSL_SERVER 2 -#define X509_PURPOSE_NS_SSL_SERVER 3 -#define X509_PURPOSE_SMIME_SIGN 4 -#define X509_PURPOSE_SMIME_ENCRYPT 5 -#define X509_PURPOSE_CRL_SIGN 6 -#define X509_PURPOSE_ANY 7 -#define X509_PURPOSE_OCSP_HELPER 8 -#define X509_PURPOSE_TIMESTAMP_SIGN 9 - -#define X509_PURPOSE_MIN 1 -#define X509_PURPOSE_MAX 9 - -/* Flags for X509V3_EXT_print() */ - -#define X509V3_EXT_UNKNOWN_MASK (0xfL << 16) -/* Return error for unknown extensions */ -#define X509V3_EXT_DEFAULT 0 -/* Print error for unknown extensions */ -#define X509V3_EXT_ERROR_UNKNOWN (1L << 16) -/* ASN1 parse unknown extensions */ -#define X509V3_EXT_PARSE_UNKNOWN (2L << 16) -/* BIO_dump unknown extensions */ -#define X509V3_EXT_DUMP_UNKNOWN (3L << 16) - -/* Flags for X509V3_add1_i2d */ - -#define X509V3_ADD_OP_MASK 0xfL -#define X509V3_ADD_DEFAULT 0L -#define X509V3_ADD_APPEND 1L -#define X509V3_ADD_REPLACE 2L -#define X509V3_ADD_REPLACE_EXISTING 3L -#define X509V3_ADD_KEEP_EXISTING 4L -#define X509V3_ADD_DELETE 5L -#define X509V3_ADD_SILENT 0x10 - -DECLARE_STACK_OF(X509_PURPOSE) - -BASIC_CONSTRAINTS *BASIC_CONSTRAINTS_new(void); -void BASIC_CONSTRAINTS_free(BASIC_CONSTRAINTS *a); -BASIC_CONSTRAINTS *d2i_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS **a, const unsigned char **in, long len); -int i2d_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS *a, unsigned char **out); -extern const ASN1_ITEM BASIC_CONSTRAINTS_it; - -SXNET *SXNET_new(void); -void SXNET_free(SXNET *a); -SXNET *d2i_SXNET(SXNET **a, const unsigned char **in, long len); -int i2d_SXNET(SXNET *a, unsigned char **out); -extern const ASN1_ITEM SXNET_it; -SXNETID *SXNETID_new(void); -void SXNETID_free(SXNETID *a); -SXNETID *d2i_SXNETID(SXNETID **a, const unsigned char **in, long len); -int i2d_SXNETID(SXNETID *a, unsigned char **out); -extern const ASN1_ITEM SXNETID_it; - -int SXNET_add_id_asc(SXNET **psx, const char *zone, const char *user, - int userlen); -int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, const char *user, - int userlen); -int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *izone, const char *user, - int userlen); - -ASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, const char *zone); -ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone); -ASN1_OCTET_STRING *SXNET_get_id_INTEGER(SXNET *sx, ASN1_INTEGER *zone); - -AUTHORITY_KEYID *AUTHORITY_KEYID_new(void); -void AUTHORITY_KEYID_free(AUTHORITY_KEYID *a); -AUTHORITY_KEYID *d2i_AUTHORITY_KEYID(AUTHORITY_KEYID **a, const unsigned char **in, long len); -int i2d_AUTHORITY_KEYID(AUTHORITY_KEYID *a, unsigned char **out); -extern const ASN1_ITEM AUTHORITY_KEYID_it; - -PKEY_USAGE_PERIOD *PKEY_USAGE_PERIOD_new(void); -void PKEY_USAGE_PERIOD_free(PKEY_USAGE_PERIOD *a); -PKEY_USAGE_PERIOD *d2i_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD **a, const unsigned char **in, long len); -int i2d_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD *a, unsigned char **out); -extern const ASN1_ITEM PKEY_USAGE_PERIOD_it; - -GENERAL_NAME *GENERAL_NAME_new(void); -void GENERAL_NAME_free(GENERAL_NAME *a); -GENERAL_NAME *d2i_GENERAL_NAME(GENERAL_NAME **a, const unsigned char **in, long len); -int i2d_GENERAL_NAME(GENERAL_NAME *a, unsigned char **out); -extern const ASN1_ITEM GENERAL_NAME_it; -GENERAL_NAME *GENERAL_NAME_dup(GENERAL_NAME *a); -int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b); - - - -ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); -STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, - ASN1_BIT_STRING *bits, - STACK_OF(CONF_VALUE) *extlist); - -STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret); -int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen); - -GENERAL_NAMES *GENERAL_NAMES_new(void); -void GENERAL_NAMES_free(GENERAL_NAMES *a); -GENERAL_NAMES *d2i_GENERAL_NAMES(GENERAL_NAMES **a, const unsigned char **in, long len); -int i2d_GENERAL_NAMES(GENERAL_NAMES *a, unsigned char **out); -extern const ASN1_ITEM GENERAL_NAMES_it; - -STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method, - GENERAL_NAMES *gen, STACK_OF(CONF_VALUE) *extlist); -GENERAL_NAMES *v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); - -OTHERNAME *OTHERNAME_new(void); -void OTHERNAME_free(OTHERNAME *a); -OTHERNAME *d2i_OTHERNAME(OTHERNAME **a, const unsigned char **in, long len); -int i2d_OTHERNAME(OTHERNAME *a, unsigned char **out); -extern const ASN1_ITEM OTHERNAME_it; -EDIPARTYNAME *EDIPARTYNAME_new(void); -void EDIPARTYNAME_free(EDIPARTYNAME *a); -EDIPARTYNAME *d2i_EDIPARTYNAME(EDIPARTYNAME **a, const unsigned char **in, long len); -int i2d_EDIPARTYNAME(EDIPARTYNAME *a, unsigned char **out); -extern const ASN1_ITEM EDIPARTYNAME_it; -int OTHERNAME_cmp(OTHERNAME *a, OTHERNAME *b); -void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type, void *value); -void *GENERAL_NAME_get0_value(GENERAL_NAME *a, int *ptype); -int GENERAL_NAME_set0_othername(GENERAL_NAME *gen, - ASN1_OBJECT *oid, ASN1_TYPE *value); -int GENERAL_NAME_get0_otherName(GENERAL_NAME *gen, - ASN1_OBJECT **poid, ASN1_TYPE **pvalue); - -char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, - const ASN1_OCTET_STRING *ia5); -ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, const char *str); - -EXTENDED_KEY_USAGE *EXTENDED_KEY_USAGE_new(void); -void EXTENDED_KEY_USAGE_free(EXTENDED_KEY_USAGE *a); -EXTENDED_KEY_USAGE *d2i_EXTENDED_KEY_USAGE(EXTENDED_KEY_USAGE **a, const unsigned char **in, long len); -int i2d_EXTENDED_KEY_USAGE(EXTENDED_KEY_USAGE *a, unsigned char **out); -extern const ASN1_ITEM EXTENDED_KEY_USAGE_it; -int i2a_ACCESS_DESCRIPTION(BIO *bp, const ACCESS_DESCRIPTION* a); - -CERTIFICATEPOLICIES *CERTIFICATEPOLICIES_new(void); -void CERTIFICATEPOLICIES_free(CERTIFICATEPOLICIES *a); -CERTIFICATEPOLICIES *d2i_CERTIFICATEPOLICIES(CERTIFICATEPOLICIES **a, const unsigned char **in, long len); -int i2d_CERTIFICATEPOLICIES(CERTIFICATEPOLICIES *a, unsigned char **out); -extern const ASN1_ITEM CERTIFICATEPOLICIES_it; -POLICYINFO *POLICYINFO_new(void); -void POLICYINFO_free(POLICYINFO *a); -POLICYINFO *d2i_POLICYINFO(POLICYINFO **a, const unsigned char **in, long len); -int i2d_POLICYINFO(POLICYINFO *a, unsigned char **out); -extern const ASN1_ITEM POLICYINFO_it; -POLICYQUALINFO *POLICYQUALINFO_new(void); -void POLICYQUALINFO_free(POLICYQUALINFO *a); -POLICYQUALINFO *d2i_POLICYQUALINFO(POLICYQUALINFO **a, const unsigned char **in, long len); -int i2d_POLICYQUALINFO(POLICYQUALINFO *a, unsigned char **out); -extern const ASN1_ITEM POLICYQUALINFO_it; -USERNOTICE *USERNOTICE_new(void); -void USERNOTICE_free(USERNOTICE *a); -USERNOTICE *d2i_USERNOTICE(USERNOTICE **a, const unsigned char **in, long len); -int i2d_USERNOTICE(USERNOTICE *a, unsigned char **out); -extern const ASN1_ITEM USERNOTICE_it; -NOTICEREF *NOTICEREF_new(void); -void NOTICEREF_free(NOTICEREF *a); -NOTICEREF *d2i_NOTICEREF(NOTICEREF **a, const unsigned char **in, long len); -int i2d_NOTICEREF(NOTICEREF *a, unsigned char **out); -extern const ASN1_ITEM NOTICEREF_it; - -CRL_DIST_POINTS *CRL_DIST_POINTS_new(void); -void CRL_DIST_POINTS_free(CRL_DIST_POINTS *a); -CRL_DIST_POINTS *d2i_CRL_DIST_POINTS(CRL_DIST_POINTS **a, const unsigned char **in, long len); -int i2d_CRL_DIST_POINTS(CRL_DIST_POINTS *a, unsigned char **out); -extern const ASN1_ITEM CRL_DIST_POINTS_it; -DIST_POINT *DIST_POINT_new(void); -void DIST_POINT_free(DIST_POINT *a); -DIST_POINT *d2i_DIST_POINT(DIST_POINT **a, const unsigned char **in, long len); -int i2d_DIST_POINT(DIST_POINT *a, unsigned char **out); -extern const ASN1_ITEM DIST_POINT_it; -DIST_POINT_NAME *DIST_POINT_NAME_new(void); -void DIST_POINT_NAME_free(DIST_POINT_NAME *a); -DIST_POINT_NAME *d2i_DIST_POINT_NAME(DIST_POINT_NAME **a, const unsigned char **in, long len); -int i2d_DIST_POINT_NAME(DIST_POINT_NAME *a, unsigned char **out); -extern const ASN1_ITEM DIST_POINT_NAME_it; -ISSUING_DIST_POINT *ISSUING_DIST_POINT_new(void); -void ISSUING_DIST_POINT_free(ISSUING_DIST_POINT *a); -ISSUING_DIST_POINT *d2i_ISSUING_DIST_POINT(ISSUING_DIST_POINT **a, const unsigned char **in, long len); -int i2d_ISSUING_DIST_POINT(ISSUING_DIST_POINT *a, unsigned char **out); -extern const ASN1_ITEM ISSUING_DIST_POINT_it; - -int DIST_POINT_set_dpname(DIST_POINT_NAME *dpn, X509_NAME *iname); - -int NAME_CONSTRAINTS_check(X509 *x, NAME_CONSTRAINTS *nc); - -ACCESS_DESCRIPTION *ACCESS_DESCRIPTION_new(void); -void ACCESS_DESCRIPTION_free(ACCESS_DESCRIPTION *a); -ACCESS_DESCRIPTION *d2i_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION **a, const unsigned char **in, long len); -int i2d_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION *a, unsigned char **out); -extern const ASN1_ITEM ACCESS_DESCRIPTION_it; -AUTHORITY_INFO_ACCESS *AUTHORITY_INFO_ACCESS_new(void); -void AUTHORITY_INFO_ACCESS_free(AUTHORITY_INFO_ACCESS *a); -AUTHORITY_INFO_ACCESS *d2i_AUTHORITY_INFO_ACCESS(AUTHORITY_INFO_ACCESS **a, const unsigned char **in, long len); -int i2d_AUTHORITY_INFO_ACCESS(AUTHORITY_INFO_ACCESS *a, unsigned char **out); -extern const ASN1_ITEM AUTHORITY_INFO_ACCESS_it; - -extern const ASN1_ITEM POLICY_MAPPING_it; -POLICY_MAPPING *POLICY_MAPPING_new(void); -void POLICY_MAPPING_free(POLICY_MAPPING *a); -extern const ASN1_ITEM POLICY_MAPPINGS_it; - -extern const ASN1_ITEM GENERAL_SUBTREE_it; -GENERAL_SUBTREE *GENERAL_SUBTREE_new(void); -void GENERAL_SUBTREE_free(GENERAL_SUBTREE *a); - -extern const ASN1_ITEM NAME_CONSTRAINTS_it; -NAME_CONSTRAINTS *NAME_CONSTRAINTS_new(void); -void NAME_CONSTRAINTS_free(NAME_CONSTRAINTS *a); - -POLICY_CONSTRAINTS *POLICY_CONSTRAINTS_new(void); -void POLICY_CONSTRAINTS_free(POLICY_CONSTRAINTS *a); -extern const ASN1_ITEM POLICY_CONSTRAINTS_it; - -GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out, - const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, - int gen_type, const char *value, int is_nc); - -#ifdef HEADER_CONF_H -GENERAL_NAME *v2i_GENERAL_NAME(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, - CONF_VALUE *cnf); -GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out, - const X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, CONF_VALUE *cnf, int is_nc); -void X509V3_conf_free(CONF_VALUE *val); - -X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid, - const char *value); -X509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, const char *name, - const char *value); -int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, const char *section, - STACK_OF(X509_EXTENSION) **sk); -int X509V3_EXT_add_nconf(CONF *conf, X509V3_CTX *ctx, const char *section, - X509 *cert); -int X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx, const char *section, - X509_REQ *req); -int X509V3_EXT_CRL_add_nconf(CONF *conf, X509V3_CTX *ctx, const char *section, - X509_CRL *crl); - -X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, - int ext_nid, const char *value); -X509_EXTENSION *X509V3_EXT_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, - const char *name, const char *value); -int X509V3_EXT_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, - const char *section, X509 *cert); -int X509V3_EXT_REQ_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, - const char *section, X509_REQ *req); -int X509V3_EXT_CRL_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, - const char *section, X509_CRL *crl); - -int X509V3_add_value_bool_nf(const char *name, int asn1_bool, - STACK_OF(CONF_VALUE) **extlist); -int X509V3_get_value_bool(const CONF_VALUE *value, int *asn1_bool); -int X509V3_get_value_int(const CONF_VALUE *value, ASN1_INTEGER **aint); -void X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf); -void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH_OF(CONF_VALUE) *lhash); -#endif - -char *X509V3_get_string(X509V3_CTX *ctx, const char *name, - const char *section); -STACK_OF(CONF_VALUE) *X509V3_get_section(X509V3_CTX *ctx, const char *section); -void X509V3_string_free(X509V3_CTX *ctx, char *str); -void X509V3_section_free( X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section); -void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject, - X509_REQ *req, X509_CRL *crl, int flags); - -int X509V3_add_value(const char *name, const char *value, - STACK_OF(CONF_VALUE) **extlist); -int X509V3_add_value_uchar(const char *name, const unsigned char *value, - STACK_OF(CONF_VALUE) **extlist); -int X509V3_add_value_bool(const char *name, int asn1_bool, - STACK_OF(CONF_VALUE) **extlist); -int X509V3_add_value_int(const char *name, const ASN1_INTEGER *aint, - STACK_OF(CONF_VALUE) **extlist); -char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, const ASN1_INTEGER *aint); -ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *meth, const char *value); -char *i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *meth, const ASN1_ENUMERATED *aint); -char *i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *meth, - const ASN1_ENUMERATED *aint); -int X509V3_EXT_add(X509V3_EXT_METHOD *ext); -int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist); -int X509V3_EXT_add_alias(int nid_to, int nid_from); -void X509V3_EXT_cleanup(void); - -const X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext); -const X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid); -int X509V3_add_standard_extensions(void); -STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line); -void *X509V3_EXT_d2i(X509_EXTENSION *ext); -void *X509V3_get_d2i(const STACK_OF(X509_EXTENSION) *x, int nid, int *crit, - int *idx); - - -X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc); -int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value, int crit, unsigned long flags); - -char *hex_to_string(const unsigned char *buffer, long len); -unsigned char *string_to_hex(const char *str, long *len); -int name_cmp(const char *name, const char *cmp); - -void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent, - int ml); -int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int indent); -int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent); - -int X509V3_extensions_print(BIO *out, const char *title, - const STACK_OF(X509_EXTENSION) *exts, unsigned long flag, int indent); - -int X509_check_ca(X509 *x); -int X509_check_purpose(X509 *x, int id, int ca); -int X509_supported_extension(X509_EXTENSION *ex); -int X509_PURPOSE_set(int *p, int purpose); -int X509_check_issued(X509 *issuer, X509 *subject); -int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid); -int X509_PURPOSE_get_count(void); -X509_PURPOSE * X509_PURPOSE_get0(int idx); -int X509_PURPOSE_get_by_sname(const char *sname); -int X509_PURPOSE_get_by_id(int id); -int X509_PURPOSE_add(int id, int trust, int flags, - int (*ck)(const X509_PURPOSE *, const X509 *, int), - const char *name, const char *sname, void *arg); -char *X509_PURPOSE_get0_name(const X509_PURPOSE *xp); -char *X509_PURPOSE_get0_sname(const X509_PURPOSE *xp); -int X509_PURPOSE_get_trust(const X509_PURPOSE *xp); -void X509_PURPOSE_cleanup(void); -int X509_PURPOSE_get_id(const X509_PURPOSE *); - -STACK_OF(OPENSSL_STRING) *X509_get1_email(X509 *x); -STACK_OF(OPENSSL_STRING) *X509_REQ_get1_email(X509_REQ *x); -void X509_email_free(STACK_OF(OPENSSL_STRING) *sk); -STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(X509 *x); - -/* Flags for X509_check_* functions */ -/* Always check subject name for host match even if subject alt names present */ -#define X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT 0x1 -/* Disable wildcard matching for dnsName fields and common name. */ -#define X509_CHECK_FLAG_NO_WILDCARDS 0x2 -/* Wildcards must not match a partial label. */ -#define X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS 0x4 -/* Allow (non-partial) wildcards to match multiple labels. */ -#define X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS 0x8 -/* Constraint verifier subdomain patterns to match a single labels. */ -#define X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS 0x10 - -/* - * Match reference identifiers starting with "." to any sub-domain. - * This is a non-public flag, turned on implicitly when the subject - * reference identity is a DNS name. - */ -#define _X509_CHECK_FLAG_DOT_SUBDOMAINS 0x8000 - -int X509_check_host(X509 *x, const char *chk, size_t chklen, - unsigned int flags, char **peername); -int X509_check_email(X509 *x, const char *chk, size_t chklen, - unsigned int flags); -int X509_check_ip(X509 *x, const unsigned char *chk, size_t chklen, - unsigned int flags); -int X509_check_ip_asc(X509 *x, const char *ipasc, unsigned int flags); - -ASN1_OCTET_STRING *a2i_IPADDRESS(const char *ipasc); -ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc); -int a2i_ipadd(unsigned char *ipout, const char *ipasc); -int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE)*dn_sk, - unsigned long chtype); - -void X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node, int indent); -DECLARE_STACK_OF(X509_POLICY_NODE) - - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_X509V3_strings(void); - -/* Error codes for the X509V3 functions. */ - -/* Function codes. */ -#define X509V3_F_A2I_GENERAL_NAME 164 -#define X509V3_F_ASIDENTIFIERCHOICE_CANONIZE 161 -#define X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL 162 -#define X509V3_F_COPY_EMAIL 122 -#define X509V3_F_COPY_ISSUER 123 -#define X509V3_F_DO_DIRNAME 144 -#define X509V3_F_DO_EXT_CONF 124 -#define X509V3_F_DO_EXT_I2D 135 -#define X509V3_F_DO_EXT_NCONF 151 -#define X509V3_F_DO_I2V_NAME_CONSTRAINTS 148 -#define X509V3_F_GNAMES_FROM_SECTNAME 156 -#define X509V3_F_HEX_TO_STRING 111 -#define X509V3_F_I2S_ASN1_ENUMERATED 121 -#define X509V3_F_I2S_ASN1_IA5STRING 149 -#define X509V3_F_I2S_ASN1_INTEGER 120 -#define X509V3_F_I2V_AUTHORITY_INFO_ACCESS 138 -#define X509V3_F_NOTICE_SECTION 132 -#define X509V3_F_NREF_NOS 133 -#define X509V3_F_POLICY_SECTION 131 -#define X509V3_F_PROCESS_PCI_VALUE 150 -#define X509V3_F_R2I_CERTPOL 130 -#define X509V3_F_R2I_PCI 155 -#define X509V3_F_S2I_ASN1_IA5STRING 100 -#define X509V3_F_S2I_ASN1_INTEGER 108 -#define X509V3_F_S2I_ASN1_OCTET_STRING 112 -#define X509V3_F_S2I_ASN1_SKEY_ID 114 -#define X509V3_F_S2I_SKEY_ID 115 -#define X509V3_F_SET_DIST_POINT_NAME 158 -#define X509V3_F_STRING_TO_HEX 113 -#define X509V3_F_SXNET_ADD_ID_ASC 125 -#define X509V3_F_SXNET_ADD_ID_INTEGER 126 -#define X509V3_F_SXNET_ADD_ID_ULONG 127 -#define X509V3_F_SXNET_GET_ID_ASC 128 -#define X509V3_F_SXNET_GET_ID_ULONG 129 -#define X509V3_F_V2I_ASIDENTIFIERS 163 -#define X509V3_F_V2I_ASN1_BIT_STRING 101 -#define X509V3_F_V2I_AUTHORITY_INFO_ACCESS 139 -#define X509V3_F_V2I_AUTHORITY_KEYID 119 -#define X509V3_F_V2I_BASIC_CONSTRAINTS 102 -#define X509V3_F_V2I_CRLD 134 -#define X509V3_F_V2I_EXTENDED_KEY_USAGE 103 -#define X509V3_F_V2I_GENERAL_NAMES 118 -#define X509V3_F_V2I_GENERAL_NAME_EX 117 -#define X509V3_F_V2I_IDP 157 -#define X509V3_F_V2I_IPADDRBLOCKS 159 -#define X509V3_F_V2I_ISSUER_ALT 153 -#define X509V3_F_V2I_NAME_CONSTRAINTS 147 -#define X509V3_F_V2I_POLICY_CONSTRAINTS 146 -#define X509V3_F_V2I_POLICY_MAPPINGS 145 -#define X509V3_F_V2I_SUBJECT_ALT 154 -#define X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL 160 -#define X509V3_F_V3_GENERIC_EXTENSION 116 -#define X509V3_F_X509V3_ADD1_I2D 140 -#define X509V3_F_X509V3_ADD_VALUE 105 -#define X509V3_F_X509V3_EXT_ADD 104 -#define X509V3_F_X509V3_EXT_ADD_ALIAS 106 -#define X509V3_F_X509V3_EXT_CONF 107 -#define X509V3_F_X509V3_EXT_I2D 136 -#define X509V3_F_X509V3_EXT_NCONF 152 -#define X509V3_F_X509V3_GET_SECTION 142 -#define X509V3_F_X509V3_GET_STRING 143 -#define X509V3_F_X509V3_GET_VALUE_BOOL 110 -#define X509V3_F_X509V3_PARSE_LIST 109 -#define X509V3_F_X509_PURPOSE_ADD 137 -#define X509V3_F_X509_PURPOSE_SET 141 - -/* Reason codes. */ -#define X509V3_R_BAD_IP_ADDRESS 118 -#define X509V3_R_BAD_OBJECT 119 -#define X509V3_R_BN_DEC2BN_ERROR 100 -#define X509V3_R_BN_TO_ASN1_INTEGER_ERROR 101 -#define X509V3_R_DIRNAME_ERROR 149 -#define X509V3_R_DISTPOINT_ALREADY_SET 160 -#define X509V3_R_DUPLICATE_ZONE_ID 133 -#define X509V3_R_ERROR_CONVERTING_ZONE 131 -#define X509V3_R_ERROR_CREATING_EXTENSION 144 -#define X509V3_R_ERROR_IN_EXTENSION 128 -#define X509V3_R_EXPECTED_A_SECTION_NAME 137 -#define X509V3_R_EXTENSION_EXISTS 145 -#define X509V3_R_EXTENSION_NAME_ERROR 115 -#define X509V3_R_EXTENSION_NOT_FOUND 102 -#define X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED 103 -#define X509V3_R_EXTENSION_VALUE_ERROR 116 -#define X509V3_R_ILLEGAL_EMPTY_EXTENSION 151 -#define X509V3_R_ILLEGAL_HEX_DIGIT 113 -#define X509V3_R_INCORRECT_POLICY_SYNTAX_TAG 152 -#define X509V3_R_INVALID_MULTIPLE_RDNS 161 -#define X509V3_R_INVALID_ASNUMBER 162 -#define X509V3_R_INVALID_ASRANGE 163 -#define X509V3_R_INVALID_BOOLEAN_STRING 104 -#define X509V3_R_INVALID_EXTENSION_STRING 105 -#define X509V3_R_INVALID_INHERITANCE 165 -#define X509V3_R_INVALID_IPADDRESS 166 -#define X509V3_R_INVALID_NAME 106 -#define X509V3_R_INVALID_NULL_ARGUMENT 107 -#define X509V3_R_INVALID_NULL_NAME 108 -#define X509V3_R_INVALID_NULL_VALUE 109 -#define X509V3_R_INVALID_NUMBER 140 -#define X509V3_R_INVALID_NUMBERS 141 -#define X509V3_R_INVALID_OBJECT_IDENTIFIER 110 -#define X509V3_R_INVALID_OPTION 138 -#define X509V3_R_INVALID_POLICY_IDENTIFIER 134 -#define X509V3_R_INVALID_PROXY_POLICY_SETTING 153 -#define X509V3_R_INVALID_PURPOSE 146 -#define X509V3_R_INVALID_SAFI 164 -#define X509V3_R_INVALID_SECTION 135 -#define X509V3_R_INVALID_SYNTAX 143 -#define X509V3_R_ISSUER_DECODE_ERROR 126 -#define X509V3_R_MISSING_VALUE 124 -#define X509V3_R_NEED_ORGANIZATION_AND_NUMBERS 142 -#define X509V3_R_NO_CONFIG_DATABASE 136 -#define X509V3_R_NO_ISSUER_CERTIFICATE 121 -#define X509V3_R_NO_ISSUER_DETAILS 127 -#define X509V3_R_NO_POLICY_IDENTIFIER 139 -#define X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED 154 -#define X509V3_R_NO_PUBLIC_KEY 114 -#define X509V3_R_NO_SUBJECT_DETAILS 125 -#define X509V3_R_ODD_NUMBER_OF_DIGITS 112 -#define X509V3_R_OPERATION_NOT_DEFINED 148 -#define X509V3_R_OTHERNAME_ERROR 147 -#define X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED 155 -#define X509V3_R_POLICY_PATH_LENGTH 156 -#define X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED 157 -#define X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED 158 -#define X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY 159 -#define X509V3_R_SECTION_NOT_FOUND 150 -#define X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS 122 -#define X509V3_R_UNABLE_TO_GET_ISSUER_KEYID 123 -#define X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT 111 -#define X509V3_R_UNKNOWN_EXTENSION 129 -#define X509V3_R_UNKNOWN_EXTENSION_NAME 130 -#define X509V3_R_UNKNOWN_OPTION 120 -#define X509V3_R_UNSUPPORTED_OPTION 117 -#define X509V3_R_UNSUPPORTED_TYPE 167 -#define X509V3_R_USER_TOO_LONG 132 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/libressl/include64/tls.h b/libressl/include64/tls.h deleted file mode 100644 index e4829699..00000000 --- a/libressl/include64/tls.h +++ /dev/null @@ -1,222 +0,0 @@ -/* $OpenBSD: tls.h,v 1.55 2018/11/29 14:24:23 tedu Exp $ */ -/* - * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef HEADER_TLS_H -#define HEADER_TLS_H - -#ifdef __cplusplus -extern "C" { -#endif - -#ifdef _MSC_VER -#ifndef LIBRESSL_INTERNAL -#include <basetsd.h> -typedef SSIZE_T ssize_t; -#endif -#endif - -#include <sys/types.h> - -#include <stddef.h> -#include <stdint.h> - -#define TLS_API 20180210 - -#define TLS_PROTOCOL_TLSv1_0 (1 << 1) -#define TLS_PROTOCOL_TLSv1_1 (1 << 2) -#define TLS_PROTOCOL_TLSv1_2 (1 << 3) -#define TLS_PROTOCOL_TLSv1 \ - (TLS_PROTOCOL_TLSv1_0|TLS_PROTOCOL_TLSv1_1|TLS_PROTOCOL_TLSv1_2) - -#define TLS_PROTOCOLS_ALL TLS_PROTOCOL_TLSv1 -#define TLS_PROTOCOLS_DEFAULT TLS_PROTOCOL_TLSv1_2 - -#define TLS_WANT_POLLIN -2 -#define TLS_WANT_POLLOUT -3 - -/* RFC 6960 Section 2.3 */ -#define TLS_OCSP_RESPONSE_SUCCESSFUL 0 -#define TLS_OCSP_RESPONSE_MALFORMED 1 -#define TLS_OCSP_RESPONSE_INTERNALERROR 2 -#define TLS_OCSP_RESPONSE_TRYLATER 3 -#define TLS_OCSP_RESPONSE_SIGREQUIRED 4 -#define TLS_OCSP_RESPONSE_UNAUTHORIZED 5 - -/* RFC 6960 Section 2.2 */ -#define TLS_OCSP_CERT_GOOD 0 -#define TLS_OCSP_CERT_REVOKED 1 -#define TLS_OCSP_CERT_UNKNOWN 2 - -/* RFC 5280 Section 5.3.1 */ -#define TLS_CRL_REASON_UNSPECIFIED 0 -#define TLS_CRL_REASON_KEY_COMPROMISE 1 -#define TLS_CRL_REASON_CA_COMPROMISE 2 -#define TLS_CRL_REASON_AFFILIATION_CHANGED 3 -#define TLS_CRL_REASON_SUPERSEDED 4 -#define TLS_CRL_REASON_CESSATION_OF_OPERATION 5 -#define TLS_CRL_REASON_CERTIFICATE_HOLD 6 -#define TLS_CRL_REASON_REMOVE_FROM_CRL 8 -#define TLS_CRL_REASON_PRIVILEGE_WITHDRAWN 9 -#define TLS_CRL_REASON_AA_COMPROMISE 10 - -#define TLS_MAX_SESSION_ID_LENGTH 32 -#define TLS_TICKET_KEY_SIZE 48 - -struct tls; -struct tls_config; - -typedef ssize_t (*tls_read_cb)(struct tls *_ctx, void *_buf, size_t _buflen, - void *_cb_arg); -typedef ssize_t (*tls_write_cb)(struct tls *_ctx, const void *_buf, - size_t _buflen, void *_cb_arg); - -int tls_init(void); - -const char *tls_config_error(struct tls_config *_config); -const char *tls_error(struct tls *_ctx); - -struct tls_config *tls_config_new(void); -void tls_config_free(struct tls_config *_config); - -const char *tls_default_ca_cert_file(void); - -int tls_config_add_keypair_file(struct tls_config *_config, - const char *_cert_file, const char *_key_file); -int tls_config_add_keypair_mem(struct tls_config *_config, const uint8_t *_cert, - size_t _cert_len, const uint8_t *_key, size_t _key_len); -int tls_config_add_keypair_ocsp_file(struct tls_config *_config, - const char *_cert_file, const char *_key_file, - const char *_ocsp_staple_file); -int tls_config_add_keypair_ocsp_mem(struct tls_config *_config, const uint8_t *_cert, - size_t _cert_len, const uint8_t *_key, size_t _key_len, - const uint8_t *_staple, size_t _staple_len); -int tls_config_set_alpn(struct tls_config *_config, const char *_alpn); -int tls_config_set_ca_file(struct tls_config *_config, const char *_ca_file); -int tls_config_set_ca_path(struct tls_config *_config, const char *_ca_path); -int tls_config_set_ca_mem(struct tls_config *_config, const uint8_t *_ca, - size_t _len); -int tls_config_set_cert_file(struct tls_config *_config, - const char *_cert_file); -int tls_config_set_cert_mem(struct tls_config *_config, const uint8_t *_cert, - size_t _len); -int tls_config_set_ciphers(struct tls_config *_config, const char *_ciphers); -int tls_config_set_crl_file(struct tls_config *_config, const char *_crl_file); -int tls_config_set_crl_mem(struct tls_config *_config, const uint8_t *_crl, - size_t _len); -int tls_config_set_dheparams(struct tls_config *_config, const char *_params); -int tls_config_set_ecdhecurve(struct tls_config *_config, const char *_curve); -int tls_config_set_ecdhecurves(struct tls_config *_config, const char *_curves); -int tls_config_set_key_file(struct tls_config *_config, const char *_key_file); -int tls_config_set_key_mem(struct tls_config *_config, const uint8_t *_key, - size_t _len); -int tls_config_set_keypair_file(struct tls_config *_config, - const char *_cert_file, const char *_key_file); -int tls_config_set_keypair_mem(struct tls_config *_config, const uint8_t *_cert, - size_t _cert_len, const uint8_t *_key, size_t _key_len); -int tls_config_set_keypair_ocsp_file(struct tls_config *_config, - const char *_cert_file, const char *_key_file, const char *_staple_file); -int tls_config_set_keypair_ocsp_mem(struct tls_config *_config, const uint8_t *_cert, - size_t _cert_len, const uint8_t *_key, size_t _key_len, - const uint8_t *_staple, size_t staple_len); -int tls_config_set_ocsp_staple_mem(struct tls_config *_config, - const uint8_t *_staple, size_t _len); -int tls_config_set_ocsp_staple_file(struct tls_config *_config, - const char *_staple_file); -int tls_config_set_protocols(struct tls_config *_config, uint32_t _protocols); -int tls_config_set_session_fd(struct tls_config *_config, int _session_fd); -int tls_config_set_verify_depth(struct tls_config *_config, int _verify_depth); - -void tls_config_prefer_ciphers_client(struct tls_config *_config); -void tls_config_prefer_ciphers_server(struct tls_config *_config); - -void tls_config_insecure_noverifycert(struct tls_config *_config); -void tls_config_insecure_noverifyname(struct tls_config *_config); -void tls_config_insecure_noverifytime(struct tls_config *_config); -void tls_config_verify(struct tls_config *_config); - -void tls_config_ocsp_require_stapling(struct tls_config *_config); -void tls_config_verify_client(struct tls_config *_config); -void tls_config_verify_client_optional(struct tls_config *_config); - -void tls_config_clear_keys(struct tls_config *_config); -int tls_config_parse_protocols(uint32_t *_protocols, const char *_protostr); - -int tls_config_set_session_id(struct tls_config *_config, - const unsigned char *_session_id, size_t _len); -int tls_config_set_session_lifetime(struct tls_config *_config, int _lifetime); -int tls_config_add_ticket_key(struct tls_config *_config, uint32_t _keyrev, - unsigned char *_key, size_t _keylen); - -struct tls *tls_client(void); -struct tls *tls_server(void); -int tls_configure(struct tls *_ctx, struct tls_config *_config); -void tls_reset(struct tls *_ctx); -void tls_free(struct tls *_ctx); - -int tls_accept_fds(struct tls *_ctx, struct tls **_cctx, int _fd_read, - int _fd_write); -int tls_accept_socket(struct tls *_ctx, struct tls **_cctx, int _socket); -int tls_accept_cbs(struct tls *_ctx, struct tls **_cctx, - tls_read_cb _read_cb, tls_write_cb _write_cb, void *_cb_arg); -int tls_connect(struct tls *_ctx, const char *_host, const char *_port); -int tls_connect_fds(struct tls *_ctx, int _fd_read, int _fd_write, - const char *_servername); -int tls_connect_servername(struct tls *_ctx, const char *_host, - const char *_port, const char *_servername); -int tls_connect_socket(struct tls *_ctx, int _s, const char *_servername); -int tls_connect_cbs(struct tls *_ctx, tls_read_cb _read_cb, - tls_write_cb _write_cb, void *_cb_arg, const char *_servername); -int tls_handshake(struct tls *_ctx); -ssize_t tls_read(struct tls *_ctx, void *_buf, size_t _buflen); -ssize_t tls_write(struct tls *_ctx, const void *_buf, size_t _buflen); -int tls_close(struct tls *_ctx); - -int tls_peer_cert_provided(struct tls *_ctx); -int tls_peer_cert_contains_name(struct tls *_ctx, const char *_name); - -const char *tls_peer_cert_hash(struct tls *_ctx); -const char *tls_peer_cert_issuer(struct tls *_ctx); -const char *tls_peer_cert_subject(struct tls *_ctx); -time_t tls_peer_cert_notbefore(struct tls *_ctx); -time_t tls_peer_cert_notafter(struct tls *_ctx); -const uint8_t *tls_peer_cert_chain_pem(struct tls *_ctx, size_t *_len); - -const char *tls_conn_alpn_selected(struct tls *_ctx); -const char *tls_conn_cipher(struct tls *_ctx); -const char *tls_conn_servername(struct tls *_ctx); -int tls_conn_session_resumed(struct tls *_ctx); -const char *tls_conn_version(struct tls *_ctx); - -uint8_t *tls_load_file(const char *_file, size_t *_len, char *_password); -void tls_unload_file(uint8_t *_buf, size_t len); - -int tls_ocsp_process_response(struct tls *_ctx, const unsigned char *_response, - size_t _size); -int tls_peer_ocsp_cert_status(struct tls *_ctx); -int tls_peer_ocsp_crl_reason(struct tls *_ctx); -time_t tls_peer_ocsp_next_update(struct tls *_ctx); -int tls_peer_ocsp_response_status(struct tls *_ctx); -const char *tls_peer_ocsp_result(struct tls *_ctx); -time_t tls_peer_ocsp_revocation_time(struct tls *_ctx); -time_t tls_peer_ocsp_this_update(struct tls *_ctx); -const char *tls_peer_ocsp_url(struct tls *_ctx); - -#ifdef __cplusplus -} -#endif - -#endif /* HEADER_TLS_H */ diff --git a/libressl/x86/w32/libcrypto-41.lib b/libressl/x86/w32/libcrypto-41.lib Binary files differdeleted file mode 100644 index b85bfdfa..00000000 --- a/libressl/x86/w32/libcrypto-41.lib +++ /dev/null diff --git a/libressl/x86/w32/libssl-43.lib b/libressl/x86/w32/libssl-43.lib Binary files differdeleted file mode 100644 index e1c673bc..00000000 --- a/libressl/x86/w32/libssl-43.lib +++ /dev/null diff --git a/libressl/x86/w32/libtls-15.lib b/libressl/x86/w32/libtls-15.lib Binary files differdeleted file mode 100644 index 216745dd..00000000 --- a/libressl/x86/w32/libtls-15.lib +++ /dev/null diff --git a/libressl/x86/wnt/libcrypto-45.lib b/libressl/x86/wnt/libcrypto-45.lib Binary files differdeleted file mode 100644 index 2dce3dee..00000000 --- a/libressl/x86/wnt/libcrypto-45.lib +++ /dev/null diff --git a/libressl/x86/wnt/libssl-47.lib b/libressl/x86/wnt/libssl-47.lib Binary files differdeleted file mode 100644 index 495816bf..00000000 --- a/libressl/x86/wnt/libssl-47.lib +++ /dev/null diff --git a/libressl/x86/wnt/libtls-19.lib b/libressl/x86/wnt/libtls-19.lib Binary files differdeleted file mode 100644 index 074b947b..00000000 --- a/libressl/x86/wnt/libtls-19.lib +++ /dev/null diff --git a/openssl/CONTRIBUTING b/openssl/CONTRIBUTING new file mode 100644 index 00000000..250bbdbf --- /dev/null +++ b/openssl/CONTRIBUTING @@ -0,0 +1,72 @@ +HOW TO CONTRIBUTE TO OpenSSL +---------------------------- + +(Please visit https://www.openssl.org/community/getting-started.html for +other ideas about how to contribute.) + +Development is done on GitHub, https://github.com/openssl/openssl. + +To request new features or report bugs, please open an issue on GitHub + +To submit a patch, please open a pull request on GitHub. If you are thinking +of making a large contribution, open an issue for it before starting work, +to get comments from the community. Someone may be already working on +the same thing or there may be reasons why that feature isn't implemented. + +To make it easier to review and accept your pull request, please follow these +guidelines: + + 1. Anything other than a trivial contribution requires a Contributor + License Agreement (CLA), giving us permission to use your code. See + https://www.openssl.org/policies/cla.html for details. If your + contribution is too small to require a CLA, put "CLA: trivial" on a + line by itself in your commit message body. + + 2. All source files should start with the following text (with + appropriate comment characters at the start of each line and the + year(s) updated): + + Copyright 20xx-20yy The OpenSSL Project Authors. All Rights Reserved. + + Licensed under the Apache License 2.0 (the "License"). You may not use + this file except in compliance with the License. You can obtain a copy + in the file LICENSE in the source distribution or at + https://www.openssl.org/source/license.html + + 3. Patches should be as current as possible; expect to have to rebase + often. We do not accept merge commits, you will have to remove them + (usually by rebasing) before it will be acceptable. + + 4. Patches should follow our coding style (see + https://www.openssl.org/policies/codingstyle.html) and compile + without warnings. Where gcc or clang is available you should use the + --strict-warnings Configure option. OpenSSL compiles on many varied + platforms: try to ensure you only use portable features. Clean builds + via Travis and AppVeyor are required, and they are started automatically + whenever a PR is created or updated. + + 5. When at all possible, patches should include tests. These can + either be added to an existing test, or completely new. Please see + test/README for information on the test framework. + + 6. New features or changed functionality must include + documentation. Please look at the "pod" files in doc/man[1357] for + examples of our style. Run "make doc-nits" to make sure that your + documentation changes are clean. + + 7. For user visible changes (API changes, behaviour changes, ...), + consider adding a note in CHANGES. This could be a summarising + description of the change, and could explain the grander details. + Have a look through existing entries for inspiration. + Please note that this is NOT simply a copy of git-log oneliners. + Also note that security fixes get an entry in CHANGES. + This file helps users get more in depth information of what comes + with a specific release without having to sift through the higher + noise ratio in git-log. + + 8. For larger or more important user visible changes, as well as + security fixes, please add a line in NEWS. On exception, it might be + worth adding a multi-line entry (such as the entry that announces all + the types that became opaque with OpenSSL 1.1.0). + This file helps users get a very quick summary of what comes with a + specific release, to see if an upgrade is worth the effort. diff --git a/openssl/LICENSE b/openssl/LICENSE new file mode 100644 index 00000000..49cc83d2 --- /dev/null +++ b/openssl/LICENSE @@ -0,0 +1,177 @@ + + Apache License + Version 2.0, January 2004 + https://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS diff --git a/openssl/README b/openssl/README new file mode 100644 index 00000000..35595664 --- /dev/null +++ b/openssl/README @@ -0,0 +1,94 @@ + + OpenSSL 3.0.0-dev + + Copyright (c) 1998-2018 The OpenSSL Project + Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson + All rights reserved. + + DESCRIPTION + ----------- + + The OpenSSL Project is a collaborative effort to develop a robust, + commercial-grade, fully featured, and Open Source toolkit implementing the + Transport Layer Security (TLS) protocols (including SSLv3) as well as a + full-strength general purpose cryptographic library. + + OpenSSL is descended from the SSLeay library developed by Eric A. Young + and Tim J. Hudson. + + The OpenSSL toolkit is licensed under the Apache License 2.0, which means + that you are free to get and use it for commercial and non-commercial + purposes as long as you fulfill its conditions. + + OVERVIEW + -------- + + The OpenSSL toolkit includes: + + libssl (with platform specific naming): + Provides the client and server-side implementations for SSLv3 and TLS. + + libcrypto (with platform specific naming): + Provides general cryptographic and X.509 support needed by SSL/TLS but + not logically part of it. + + openssl: + A command line tool that can be used for: + Creation of key parameters + Creation of X.509 certificates, CSRs and CRLs + Calculation of message digests + Encryption and decryption + SSL/TLS client and server tests + Handling of S/MIME signed or encrypted mail + And more... + + INSTALLATION + ------------ + + See the appropriate file: + INSTALL Linux, Unix, Windows, OpenVMS, ... + NOTES.* INSTALL addendums for different platforms + + SUPPORT + ------- + + See the OpenSSL website www.openssl.org for details on how to obtain + commercial technical support. Free community support is available through the + openssl-users email list (see + https://www.openssl.org/community/mailinglists.html for further details). + + If you have any problems with OpenSSL then please take the following steps + first: + + - Download the latest version from the repository + to see if the problem has already been addressed + - Configure with no-asm + - Remove compiler optimization flags + + If you wish to report a bug then please include the following information + and create an issue on GitHub: + + - OpenSSL version: output of 'openssl version -a' + - Configuration data: output of 'perl configdata.pm --dump' + - OS Name, Version, Hardware platform + - Compiler Details (name, version) + - Application Details (name, version) + - Problem Description (steps that will reproduce the problem, if known) + - Stack Traceback (if the application dumps core) + + Just because something doesn't work the way you expect does not mean it + is necessarily a bug in OpenSSL. Use the openssl-users email list for this type + of query. + + HOW TO CONTRIBUTE TO OpenSSL + ---------------------------- + + See CONTRIBUTING + + LEGALITIES + ---------- + + A number of nations restrict the use or export of cryptography. If you + are potentially subject to such restrictions you should seek competent + professional legal advice before attempting to develop or distribute + cryptographic code. diff --git a/openssl/include/__DECC_INCLUDE_EPILOGUE.H b/openssl/include/__DECC_INCLUDE_EPILOGUE.H new file mode 100644 index 00000000..ea75c13c --- /dev/null +++ b/openssl/include/__DECC_INCLUDE_EPILOGUE.H @@ -0,0 +1,22 @@ +/*
+ * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/*
+ * This file is only used by HP C/C++ on VMS, and is included automatically
+ * after each header file from this directory
+ */
+
+/*
+ * The C++ compiler doesn't understand these pragmas, even though it
+ * understands the corresponding command line qualifier.
+ */
+#ifndef __cplusplus
+/* restore state. Must correspond to the save in __decc_include_prologue.h */
+# pragma names restore
+#endif
diff --git a/openssl/include/__DECC_INCLUDE_PROLOGUE.H b/openssl/include/__DECC_INCLUDE_PROLOGUE.H new file mode 100644 index 00000000..493596e3 --- /dev/null +++ b/openssl/include/__DECC_INCLUDE_PROLOGUE.H @@ -0,0 +1,26 @@ +/*
+ * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/*
+ * This file is only used by HP C/C++ on VMS, and is included automatically
+ * after each header file from this directory
+ */
+
+/*
+ * The C++ compiler doesn't understand these pragmas, even though it
+ * understands the corresponding command line qualifier.
+ */
+#ifndef __cplusplus
+/* save state */
+# pragma names save
+/* have the compiler shorten symbols larger than 31 chars to 23 chars
+ * followed by a 8 hex char CRC
+ */
+# pragma names as_is,shortened
+#endif
diff --git a/openssl/include/openssl/aes.h b/openssl/include/openssl/aes.h new file mode 100644 index 00000000..74958ac5 --- /dev/null +++ b/openssl/include/openssl/aes.h @@ -0,0 +1,116 @@ +/*
+ * Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_AES_H
+# define OPENSSL_AES_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_AES_H
+# endif
+
+# include <openssl/opensslconf.h>
+
+# include <stddef.h>
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+# define AES_BLOCK_SIZE 16
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+
+# define AES_ENCRYPT 1
+# define AES_DECRYPT 0
+
+# define AES_MAXNR 14
+
+
+/* This should be a hidden type, but EVP requires that the size be known */
+struct aes_key_st {
+# ifdef AES_LONG
+ unsigned long rd_key[4 * (AES_MAXNR + 1)];
+# else
+ unsigned int rd_key[4 * (AES_MAXNR + 1)];
+# endif
+ int rounds;
+};
+typedef struct aes_key_st AES_KEY;
+
+# endif
+
+DEPRECATEDIN_3_0(const char *AES_options(void))
+
+DEPRECATEDIN_3_0(int
+ AES_set_encrypt_key(const unsigned char *userKey,
+ const int bits, AES_KEY *key))
+DEPRECATEDIN_3_0(int
+ AES_set_decrypt_key(const unsigned char *userKey,
+ const int bits, AES_KEY *key))
+
+DEPRECATEDIN_3_0(void
+ AES_encrypt(const unsigned char *in, unsigned char *out,
+ const AES_KEY *key))
+DEPRECATEDIN_3_0(void
+ AES_decrypt(const unsigned char *in, unsigned char *out,
+ const AES_KEY *key))
+
+DEPRECATEDIN_3_0(void
+ AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
+ const AES_KEY *key, const int enc))
+DEPRECATEDIN_3_0(void
+ AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ unsigned char *ivec, const int enc))
+DEPRECATEDIN_3_0(void
+ AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ unsigned char *ivec, int *num,
+ const int enc))
+DEPRECATEDIN_3_0(void
+ AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ unsigned char *ivec, int *num, const int enc))
+DEPRECATEDIN_3_0(void
+ AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ unsigned char *ivec, int *num, const int enc))
+DEPRECATEDIN_3_0(void
+ AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ unsigned char *ivec, int *num))
+
+/* NB: the IV is _two_ blocks long */
+DEPRECATEDIN_3_0(void
+ AES_ige_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ unsigned char *ivec, const int enc))
+/* NB: the IV is _four_ blocks long */
+DEPRECATEDIN_3_0(void
+ AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ const AES_KEY *key2,
+ const unsigned char *ivec, const int enc))
+
+DEPRECATEDIN_3_0(int
+ AES_wrap_key(AES_KEY *key, const unsigned char *iv,
+ unsigned char *out, const unsigned char *in,
+ unsigned int inlen))
+DEPRECATEDIN_3_0(int
+ AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
+ unsigned char *out, const unsigned char *in,
+ unsigned int inlen))
+
+
+# ifdef __cplusplus
+}
+# endif
+
+#endif
diff --git a/openssl/include/openssl/asn1.h b/openssl/include/openssl/asn1.h new file mode 100644 index 00000000..a4452542 --- /dev/null +++ b/openssl/include/openssl/asn1.h @@ -0,0 +1,870 @@ +/*
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_ASN1_H
+# define OPENSSL_ASN1_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_ASN1_H
+# endif
+
+# include <time.h>
+# include <openssl/e_os2.h>
+# include <openssl/opensslconf.h>
+# include <openssl/bio.h>
+# include <openssl/safestack.h>
+# include <openssl/asn1err.h>
+# include <openssl/symhacks.h>
+
+# include <openssl/types.h>
+# include <openssl/bn.h>
+
+# ifdef OPENSSL_BUILD_SHLIBCRYPTO
+# undef OPENSSL_EXTERN
+# define OPENSSL_EXTERN OPENSSL_EXPORT
+# endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# define V_ASN1_UNIVERSAL 0x00
+# define V_ASN1_APPLICATION 0x40
+# define V_ASN1_CONTEXT_SPECIFIC 0x80
+# define V_ASN1_PRIVATE 0xc0
+
+# define V_ASN1_CONSTRUCTED 0x20
+# define V_ASN1_PRIMITIVE_TAG 0x1f
+# define V_ASN1_PRIMATIVE_TAG /*compat*/ V_ASN1_PRIMITIVE_TAG
+
+# define V_ASN1_APP_CHOOSE -2/* let the recipient choose */
+# define V_ASN1_OTHER -3/* used in ASN1_TYPE */
+# define V_ASN1_ANY -4/* used in ASN1 template code */
+
+# define V_ASN1_UNDEF -1
+/* ASN.1 tag values */
+# define V_ASN1_EOC 0
+# define V_ASN1_BOOLEAN 1 /**/
+# define V_ASN1_INTEGER 2
+# define V_ASN1_BIT_STRING 3
+# define V_ASN1_OCTET_STRING 4
+# define V_ASN1_NULL 5
+# define V_ASN1_OBJECT 6
+# define V_ASN1_OBJECT_DESCRIPTOR 7
+# define V_ASN1_EXTERNAL 8
+# define V_ASN1_REAL 9
+# define V_ASN1_ENUMERATED 10
+# define V_ASN1_UTF8STRING 12
+# define V_ASN1_SEQUENCE 16
+# define V_ASN1_SET 17
+# define V_ASN1_NUMERICSTRING 18 /**/
+# define V_ASN1_PRINTABLESTRING 19
+# define V_ASN1_T61STRING 20
+# define V_ASN1_TELETEXSTRING 20/* alias */
+# define V_ASN1_VIDEOTEXSTRING 21 /**/
+# define V_ASN1_IA5STRING 22
+# define V_ASN1_UTCTIME 23
+# define V_ASN1_GENERALIZEDTIME 24 /**/
+# define V_ASN1_GRAPHICSTRING 25 /**/
+# define V_ASN1_ISO64STRING 26 /**/
+# define V_ASN1_VISIBLESTRING 26/* alias */
+# define V_ASN1_GENERALSTRING 27 /**/
+# define V_ASN1_UNIVERSALSTRING 28 /**/
+# define V_ASN1_BMPSTRING 30
+
+/*
+ * NB the constants below are used internally by ASN1_INTEGER
+ * and ASN1_ENUMERATED to indicate the sign. They are *not* on
+ * the wire tag values.
+ */
+
+# define V_ASN1_NEG 0x100
+# define V_ASN1_NEG_INTEGER (2 | V_ASN1_NEG)
+# define V_ASN1_NEG_ENUMERATED (10 | V_ASN1_NEG)
+
+/* For use with d2i_ASN1_type_bytes() */
+# define B_ASN1_NUMERICSTRING 0x0001
+# define B_ASN1_PRINTABLESTRING 0x0002
+# define B_ASN1_T61STRING 0x0004
+# define B_ASN1_TELETEXSTRING 0x0004
+# define B_ASN1_VIDEOTEXSTRING 0x0008
+# define B_ASN1_IA5STRING 0x0010
+# define B_ASN1_GRAPHICSTRING 0x0020
+# define B_ASN1_ISO64STRING 0x0040
+# define B_ASN1_VISIBLESTRING 0x0040
+# define B_ASN1_GENERALSTRING 0x0080
+# define B_ASN1_UNIVERSALSTRING 0x0100
+# define B_ASN1_OCTET_STRING 0x0200
+# define B_ASN1_BIT_STRING 0x0400
+# define B_ASN1_BMPSTRING 0x0800
+# define B_ASN1_UNKNOWN 0x1000
+# define B_ASN1_UTF8STRING 0x2000
+# define B_ASN1_UTCTIME 0x4000
+# define B_ASN1_GENERALIZEDTIME 0x8000
+# define B_ASN1_SEQUENCE 0x10000
+/* For use with ASN1_mbstring_copy() */
+# define MBSTRING_FLAG 0x1000
+# define MBSTRING_UTF8 (MBSTRING_FLAG)
+# define MBSTRING_ASC (MBSTRING_FLAG|1)
+# define MBSTRING_BMP (MBSTRING_FLAG|2)
+# define MBSTRING_UNIV (MBSTRING_FLAG|4)
+# define SMIME_OLDMIME 0x400
+# define SMIME_CRLFEOL 0x800
+# define SMIME_STREAM 0x1000
+
+/* Stacks for types not otherwise defined in this header */
+DEFINE_OR_DECLARE_STACK_OF(X509_ALGOR)
+
+# define ASN1_STRING_FLAG_BITS_LEFT 0x08/* Set if 0x07 has bits left value */
+/*
+ * This indicates that the ASN1_STRING is not a real value but just a place
+ * holder for the location where indefinite length constructed data should be
+ * inserted in the memory buffer
+ */
+# define ASN1_STRING_FLAG_NDEF 0x010
+
+/*
+ * This flag is used by the CMS code to indicate that a string is not
+ * complete and is a place holder for content when it had all been accessed.
+ * The flag will be reset when content has been written to it.
+ */
+
+# define ASN1_STRING_FLAG_CONT 0x020
+/*
+ * This flag is used by ASN1 code to indicate an ASN1_STRING is an MSTRING
+ * type.
+ */
+# define ASN1_STRING_FLAG_MSTRING 0x040
+/* String is embedded and only content should be freed */
+# define ASN1_STRING_FLAG_EMBED 0x080
+/* String should be parsed in RFC 5280's time format */
+# define ASN1_STRING_FLAG_X509_TIME 0x100
+/* This is the base type that holds just about everything :-) */
+struct asn1_string_st {
+ int length;
+ int type;
+ unsigned char *data;
+ /*
+ * The value of the following field depends on the type being held. It
+ * is mostly being used for BIT_STRING so if the input data has a
+ * non-zero 'unused bits' value, it will be handled correctly
+ */
+ long flags;
+};
+
+/*
+ * ASN1_ENCODING structure: this is used to save the received encoding of an
+ * ASN1 type. This is useful to get round problems with invalid encodings
+ * which can break signatures.
+ */
+
+typedef struct ASN1_ENCODING_st {
+ unsigned char *enc; /* DER encoding */
+ long len; /* Length of encoding */
+ int modified; /* set to 1 if 'enc' is invalid */
+} ASN1_ENCODING;
+
+/* Used with ASN1 LONG type: if a long is set to this it is omitted */
+# define ASN1_LONG_UNDEF 0x7fffffffL
+
+# define STABLE_FLAGS_MALLOC 0x01
+/*
+ * A zero passed to ASN1_STRING_TABLE_new_add for the flags is interpreted
+ * as "don't change" and STABLE_FLAGS_MALLOC is always set. By setting
+ * STABLE_FLAGS_MALLOC only we can clear the existing value. Use the alias
+ * STABLE_FLAGS_CLEAR to reflect this.
+ */
+# define STABLE_FLAGS_CLEAR STABLE_FLAGS_MALLOC
+# define STABLE_NO_MASK 0x02
+# define DIRSTRING_TYPE \
+ (B_ASN1_PRINTABLESTRING|B_ASN1_T61STRING|B_ASN1_BMPSTRING|B_ASN1_UTF8STRING)
+# define PKCS9STRING_TYPE (DIRSTRING_TYPE|B_ASN1_IA5STRING)
+
+struct asn1_string_table_st {
+ int nid;
+ long minsize;
+ long maxsize;
+ unsigned long mask;
+ unsigned long flags;
+};
+
+DEFINE_OR_DECLARE_STACK_OF(ASN1_STRING_TABLE)
+
+/* size limits: this stuff is taken straight from RFC2459 */
+
+# define ub_name 32768
+# define ub_common_name 64
+# define ub_locality_name 128
+# define ub_state_name 128
+# define ub_organization_name 64
+# define ub_organization_unit_name 64
+# define ub_title 64
+# define ub_email_address 128
+
+/*
+ * Declarations for template structures: for full definitions see asn1t.h
+ */
+typedef struct ASN1_TEMPLATE_st ASN1_TEMPLATE;
+typedef struct ASN1_TLC_st ASN1_TLC;
+/* This is just an opaque pointer */
+typedef struct ASN1_VALUE_st ASN1_VALUE;
+
+/* Declare ASN1 functions: the implement macro in in asn1t.h */
+
+# define DECLARE_ASN1_FUNCTIONS(type) DECLARE_ASN1_FUNCTIONS_name(type, type)
+
+# define DECLARE_ASN1_ALLOC_FUNCTIONS(type) \
+ DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, type)
+
+# define DECLARE_ASN1_FUNCTIONS_name(type, name) \
+ DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
+ DECLARE_ASN1_ENCODE_FUNCTIONS_name(type, name)
+
+# define DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) \
+ DECLARE_ASN1_ENCODE_FUNCTIONS_only(type, name) \
+ DECLARE_ASN1_ITEM(itname)
+
+# define DECLARE_ASN1_ENCODE_FUNCTIONS_name(type, name) \
+ DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name)
+
+# define DECLARE_ASN1_ENCODE_FUNCTIONS_only(type, name) \
+ type *d2i_##name(type **a, const unsigned char **in, long len); \
+ int i2d_##name(const type *a, unsigned char **out);
+
+# define DECLARE_ASN1_NDEF_FUNCTION(name) \
+ int i2d_##name##_NDEF(const name *a, unsigned char **out);
+
+# define DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
+ type *name##_new(void); \
+ void name##_free(type *a);
+
+# define DECLARE_ASN1_DUP_FUNCTION(type) \
+ DECLARE_ASN1_DUP_FUNCTION_name(type, type)
+
+# define DECLARE_ASN1_DUP_FUNCTION_name(type, name) \
+ type *name##_dup(const type *a);
+
+# define DECLARE_ASN1_PRINT_FUNCTION(stname) \
+ DECLARE_ASN1_PRINT_FUNCTION_fname(stname, stname)
+
+# define DECLARE_ASN1_PRINT_FUNCTION_fname(stname, fname) \
+ int fname##_print_ctx(BIO *out, const stname *x, int indent, \
+ const ASN1_PCTX *pctx);
+
+# define D2I_OF(type) type *(*)(type **,const unsigned char **,long)
+# define I2D_OF(type) int (*)(const type *,unsigned char **)
+
+# define CHECKED_D2I_OF(type, d2i) \
+ ((d2i_of_void*) (1 ? d2i : ((D2I_OF(type))0)))
+# define CHECKED_I2D_OF(type, i2d) \
+ ((i2d_of_void*) (1 ? i2d : ((I2D_OF(type))0)))
+# define CHECKED_NEW_OF(type, xnew) \
+ ((void *(*)(void)) (1 ? xnew : ((type *(*)(void))0)))
+# define CHECKED_PTR_OF(type, p) \
+ ((void*) (1 ? p : (type*)0))
+# define CHECKED_PPTR_OF(type, p) \
+ ((void**) (1 ? p : (type**)0))
+
+# define TYPEDEF_D2I_OF(type) typedef type *d2i_of_##type(type **,const unsigned char **,long)
+# define TYPEDEF_I2D_OF(type) typedef int i2d_of_##type(const type *,unsigned char **)
+# define TYPEDEF_D2I2D_OF(type) TYPEDEF_D2I_OF(type); TYPEDEF_I2D_OF(type)
+
+typedef void *d2i_of_void(void **, const unsigned char **, long);
+typedef int i2d_of_void(const void *, unsigned char **);
+
+/*-
+ * The following macros and typedefs allow an ASN1_ITEM
+ * to be embedded in a structure and referenced. Since
+ * the ASN1_ITEM pointers need to be globally accessible
+ * (possibly from shared libraries) they may exist in
+ * different forms. On platforms that support it the
+ * ASN1_ITEM structure itself will be globally exported.
+ * Other platforms will export a function that returns
+ * an ASN1_ITEM pointer.
+ *
+ * To handle both cases transparently the macros below
+ * should be used instead of hard coding an ASN1_ITEM
+ * pointer in a structure.
+ *
+ * The structure will look like this:
+ *
+ * typedef struct SOMETHING_st {
+ * ...
+ * ASN1_ITEM_EXP *iptr;
+ * ...
+ * } SOMETHING;
+ *
+ * It would be initialised as e.g.:
+ *
+ * SOMETHING somevar = {...,ASN1_ITEM_ref(X509),...};
+ *
+ * and the actual pointer extracted with:
+ *
+ * const ASN1_ITEM *it = ASN1_ITEM_ptr(somevar.iptr);
+ *
+ * Finally an ASN1_ITEM pointer can be extracted from an
+ * appropriate reference with: ASN1_ITEM_rptr(X509). This
+ * would be used when a function takes an ASN1_ITEM * argument.
+ *
+ */
+
+
+/*
+ * Platforms that can't easily handle shared global variables are declared as
+ * functions returning ASN1_ITEM pointers.
+ */
+
+/* ASN1_ITEM pointer exported type */
+typedef const ASN1_ITEM *ASN1_ITEM_EXP (void);
+
+/* Macro to obtain ASN1_ITEM pointer from exported type */
+# define ASN1_ITEM_ptr(iptr) (iptr())
+
+/* Macro to include ASN1_ITEM pointer from base type */
+# define ASN1_ITEM_ref(iptr) (iptr##_it)
+
+# define ASN1_ITEM_rptr(ref) (ref##_it())
+
+# define DECLARE_ASN1_ITEM(name) \
+ const ASN1_ITEM * name##_it(void);
+
+/* Parameters used by ASN1_STRING_print_ex() */
+
+/*
+ * These determine which characters to escape: RFC2253 special characters,
+ * control characters and MSB set characters
+ */
+
+# define ASN1_STRFLGS_ESC_2253 1
+# define ASN1_STRFLGS_ESC_CTRL 2
+# define ASN1_STRFLGS_ESC_MSB 4
+
+/*
+ * This flag determines how we do escaping: normally RC2253 backslash only,
+ * set this to use backslash and quote.
+ */
+
+# define ASN1_STRFLGS_ESC_QUOTE 8
+
+/* These three flags are internal use only. */
+
+/* Character is a valid PrintableString character */
+# define CHARTYPE_PRINTABLESTRING 0x10
+/* Character needs escaping if it is the first character */
+# define CHARTYPE_FIRST_ESC_2253 0x20
+/* Character needs escaping if it is the last character */
+# define CHARTYPE_LAST_ESC_2253 0x40
+
+/*
+ * NB the internal flags are safely reused below by flags handled at the top
+ * level.
+ */
+
+/*
+ * If this is set we convert all character strings to UTF8 first
+ */
+
+# define ASN1_STRFLGS_UTF8_CONVERT 0x10
+
+/*
+ * If this is set we don't attempt to interpret content: just assume all
+ * strings are 1 byte per character. This will produce some pretty odd
+ * looking output!
+ */
+
+# define ASN1_STRFLGS_IGNORE_TYPE 0x20
+
+/* If this is set we include the string type in the output */
+# define ASN1_STRFLGS_SHOW_TYPE 0x40
+
+/*
+ * This determines which strings to display and which to 'dump' (hex dump of
+ * content octets or DER encoding). We can only dump non character strings or
+ * everything. If we don't dump 'unknown' they are interpreted as character
+ * strings with 1 octet per character and are subject to the usual escaping
+ * options.
+ */
+
+# define ASN1_STRFLGS_DUMP_ALL 0x80
+# define ASN1_STRFLGS_DUMP_UNKNOWN 0x100
+
+/*
+ * These determine what 'dumping' does, we can dump the content octets or the
+ * DER encoding: both use the RFC2253 #XXXXX notation.
+ */
+
+# define ASN1_STRFLGS_DUMP_DER 0x200
+
+/*
+ * This flag specifies that RC2254 escaping shall be performed.
+ */
+#define ASN1_STRFLGS_ESC_2254 0x400
+
+/*
+ * All the string flags consistent with RFC2253, escaping control characters
+ * isn't essential in RFC2253 but it is advisable anyway.
+ */
+
+# define ASN1_STRFLGS_RFC2253 (ASN1_STRFLGS_ESC_2253 | \
+ ASN1_STRFLGS_ESC_CTRL | \
+ ASN1_STRFLGS_ESC_MSB | \
+ ASN1_STRFLGS_UTF8_CONVERT | \
+ ASN1_STRFLGS_DUMP_UNKNOWN | \
+ ASN1_STRFLGS_DUMP_DER)
+
+
+struct asn1_type_st {
+ int type;
+ union {
+ char *ptr;
+ ASN1_BOOLEAN boolean;
+ ASN1_STRING *asn1_string;
+ ASN1_OBJECT *object;
+ ASN1_INTEGER *integer;
+ ASN1_ENUMERATED *enumerated;
+ ASN1_BIT_STRING *bit_string;
+ ASN1_OCTET_STRING *octet_string;
+ ASN1_PRINTABLESTRING *printablestring;
+ ASN1_T61STRING *t61string;
+ ASN1_IA5STRING *ia5string;
+ ASN1_GENERALSTRING *generalstring;
+ ASN1_BMPSTRING *bmpstring;
+ ASN1_UNIVERSALSTRING *universalstring;
+ ASN1_UTCTIME *utctime;
+ ASN1_GENERALIZEDTIME *generalizedtime;
+ ASN1_VISIBLESTRING *visiblestring;
+ ASN1_UTF8STRING *utf8string;
+ /*
+ * set and sequence are left complete and still contain the set or
+ * sequence bytes
+ */
+ ASN1_STRING *set;
+ ASN1_STRING *sequence;
+ ASN1_VALUE *asn1_value;
+ } value;
+};
+
+DEFINE_OR_DECLARE_STACK_OF(ASN1_TYPE)
+
+typedef STACK_OF(ASN1_TYPE) ASN1_SEQUENCE_ANY;
+
+DECLARE_ASN1_ENCODE_FUNCTIONS_name(ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY)
+DECLARE_ASN1_ENCODE_FUNCTIONS_name(ASN1_SEQUENCE_ANY, ASN1_SET_ANY)
+
+/* This is used to contain a list of bit names */
+typedef struct BIT_STRING_BITNAME_st {
+ int bitnum;
+ const char *lname;
+ const char *sname;
+} BIT_STRING_BITNAME;
+
+# define B_ASN1_TIME \
+ B_ASN1_UTCTIME | \
+ B_ASN1_GENERALIZEDTIME
+
+# define B_ASN1_PRINTABLE \
+ B_ASN1_NUMERICSTRING| \
+ B_ASN1_PRINTABLESTRING| \
+ B_ASN1_T61STRING| \
+ B_ASN1_IA5STRING| \
+ B_ASN1_BIT_STRING| \
+ B_ASN1_UNIVERSALSTRING|\
+ B_ASN1_BMPSTRING|\
+ B_ASN1_UTF8STRING|\
+ B_ASN1_SEQUENCE|\
+ B_ASN1_UNKNOWN
+
+# define B_ASN1_DIRECTORYSTRING \
+ B_ASN1_PRINTABLESTRING| \
+ B_ASN1_TELETEXSTRING|\
+ B_ASN1_BMPSTRING|\
+ B_ASN1_UNIVERSALSTRING|\
+ B_ASN1_UTF8STRING
+
+# define B_ASN1_DISPLAYTEXT \
+ B_ASN1_IA5STRING| \
+ B_ASN1_VISIBLESTRING| \
+ B_ASN1_BMPSTRING|\
+ B_ASN1_UTF8STRING
+
+DECLARE_ASN1_ALLOC_FUNCTIONS_name(ASN1_TYPE, ASN1_TYPE)
+DECLARE_ASN1_ENCODE_FUNCTIONS(ASN1_TYPE, ASN1_ANY, ASN1_TYPE)
+
+int ASN1_TYPE_get(const ASN1_TYPE *a);
+void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value);
+int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value);
+int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b);
+
+ASN1_TYPE *ASN1_TYPE_pack_sequence(const ASN1_ITEM *it, void *s, ASN1_TYPE **t);
+void *ASN1_TYPE_unpack_sequence(const ASN1_ITEM *it, const ASN1_TYPE *t);
+
+DEFINE_OR_DECLARE_STACK_OF(ASN1_OBJECT)
+
+DECLARE_ASN1_FUNCTIONS(ASN1_OBJECT)
+
+ASN1_STRING *ASN1_STRING_new(void);
+void ASN1_STRING_free(ASN1_STRING *a);
+void ASN1_STRING_clear_free(ASN1_STRING *a);
+int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str);
+DECLARE_ASN1_DUP_FUNCTION(ASN1_STRING)
+ASN1_STRING *ASN1_STRING_type_new(int type);
+int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b);
+ /*
+ * Since this is used to store all sorts of things, via macros, for now,
+ * make its data void *
+ */
+int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);
+void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len);
+int ASN1_STRING_length(const ASN1_STRING *x);
+void ASN1_STRING_length_set(ASN1_STRING *x, int n);
+int ASN1_STRING_type(const ASN1_STRING *x);
+DEPRECATEDIN_1_1_0(unsigned char *ASN1_STRING_data(ASN1_STRING *x))
+const unsigned char *ASN1_STRING_get0_data(const ASN1_STRING *x);
+
+DECLARE_ASN1_FUNCTIONS(ASN1_BIT_STRING)
+int ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d, int length);
+int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value);
+int ASN1_BIT_STRING_get_bit(const ASN1_BIT_STRING *a, int n);
+int ASN1_BIT_STRING_check(const ASN1_BIT_STRING *a,
+ const unsigned char *flags, int flags_len);
+
+int ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs,
+ BIT_STRING_BITNAME *tbl, int indent);
+int ASN1_BIT_STRING_num_asc(const char *name, BIT_STRING_BITNAME *tbl);
+int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, const char *name, int value,
+ BIT_STRING_BITNAME *tbl);
+
+DEFINE_OR_DECLARE_STACK_OF(ASN1_INTEGER)
+
+DECLARE_ASN1_FUNCTIONS(ASN1_INTEGER)
+ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,
+ long length);
+DECLARE_ASN1_DUP_FUNCTION(ASN1_INTEGER)
+int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y);
+
+DECLARE_ASN1_FUNCTIONS(ASN1_ENUMERATED)
+
+int ASN1_UTCTIME_check(const ASN1_UTCTIME *a);
+ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
+ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
+ int offset_day, long offset_sec);
+int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
+int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
+
+int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *a);
+ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
+ time_t t);
+ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
+ time_t t, int offset_day,
+ long offset_sec);
+int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str);
+
+int ASN1_TIME_diff(int *pday, int *psec,
+ const ASN1_TIME *from, const ASN1_TIME *to);
+
+DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING)
+DECLARE_ASN1_DUP_FUNCTION(ASN1_OCTET_STRING)
+int ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a,
+ const ASN1_OCTET_STRING *b);
+int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, const unsigned char *data,
+ int len);
+
+DEFINE_OR_DECLARE_STACK_OF(ASN1_UTF8STRING)
+
+DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING)
+DECLARE_ASN1_FUNCTIONS(ASN1_UNIVERSALSTRING)
+DECLARE_ASN1_FUNCTIONS(ASN1_UTF8STRING)
+DECLARE_ASN1_FUNCTIONS(ASN1_NULL)
+DECLARE_ASN1_FUNCTIONS(ASN1_BMPSTRING)
+
+int UTF8_getc(const unsigned char *str, int len, unsigned long *val);
+int UTF8_putc(unsigned char *str, int len, unsigned long value);
+
+DEFINE_OR_DECLARE_STACK_OF(ASN1_GENERALSTRING)
+
+DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, ASN1_PRINTABLE)
+
+DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, DIRECTORYSTRING)
+DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, DISPLAYTEXT)
+DECLARE_ASN1_FUNCTIONS(ASN1_PRINTABLESTRING)
+DECLARE_ASN1_FUNCTIONS(ASN1_T61STRING)
+DECLARE_ASN1_FUNCTIONS(ASN1_IA5STRING)
+DECLARE_ASN1_FUNCTIONS(ASN1_GENERALSTRING)
+DECLARE_ASN1_FUNCTIONS(ASN1_UTCTIME)
+DECLARE_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME)
+DECLARE_ASN1_FUNCTIONS(ASN1_TIME)
+
+DECLARE_ASN1_DUP_FUNCTION(ASN1_TIME)
+DECLARE_ASN1_DUP_FUNCTION(ASN1_UTCTIME)
+DECLARE_ASN1_DUP_FUNCTION(ASN1_GENERALIZEDTIME)
+
+DECLARE_ASN1_ITEM(ASN1_OCTET_STRING_NDEF)
+
+ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
+ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t,
+ int offset_day, long offset_sec);
+int ASN1_TIME_check(const ASN1_TIME *t);
+ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(const ASN1_TIME *t,
+ ASN1_GENERALIZEDTIME **out);
+int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
+int ASN1_TIME_set_string_X509(ASN1_TIME *s, const char *str);
+int ASN1_TIME_to_tm(const ASN1_TIME *s, struct tm *tm);
+int ASN1_TIME_normalize(ASN1_TIME *s);
+int ASN1_TIME_cmp_time_t(const ASN1_TIME *s, time_t t);
+int ASN1_TIME_compare(const ASN1_TIME *a, const ASN1_TIME *b);
+
+int i2a_ASN1_INTEGER(BIO *bp, const ASN1_INTEGER *a);
+int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size);
+int i2a_ASN1_ENUMERATED(BIO *bp, const ASN1_ENUMERATED *a);
+int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size);
+int i2a_ASN1_OBJECT(BIO *bp, const ASN1_OBJECT *a);
+int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size);
+int i2a_ASN1_STRING(BIO *bp, const ASN1_STRING *a, int type);
+int i2t_ASN1_OBJECT(char *buf, int buf_len, const ASN1_OBJECT *a);
+
+int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num);
+ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len,
+ const char *sn, const char *ln);
+
+int ASN1_INTEGER_get_int64(int64_t *pr, const ASN1_INTEGER *a);
+int ASN1_INTEGER_set_int64(ASN1_INTEGER *a, int64_t r);
+int ASN1_INTEGER_get_uint64(uint64_t *pr, const ASN1_INTEGER *a);
+int ASN1_INTEGER_set_uint64(ASN1_INTEGER *a, uint64_t r);
+
+int ASN1_INTEGER_set(ASN1_INTEGER *a, long v);
+long ASN1_INTEGER_get(const ASN1_INTEGER *a);
+ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai);
+BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn);
+
+int ASN1_ENUMERATED_get_int64(int64_t *pr, const ASN1_ENUMERATED *a);
+int ASN1_ENUMERATED_set_int64(ASN1_ENUMERATED *a, int64_t r);
+
+
+int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
+long ASN1_ENUMERATED_get(const ASN1_ENUMERATED *a);
+ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(const BIGNUM *bn, ASN1_ENUMERATED *ai);
+BIGNUM *ASN1_ENUMERATED_to_BN(const ASN1_ENUMERATED *ai, BIGNUM *bn);
+
+/* General */
+/* given a string, return the correct type, max is the maximum length */
+int ASN1_PRINTABLE_type(const unsigned char *s, int max);
+
+unsigned long ASN1_tag2bit(int tag);
+
+/* SPECIALS */
+int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag,
+ int *pclass, long omax);
+int ASN1_check_infinite_end(unsigned char **p, long len);
+int ASN1_const_check_infinite_end(const unsigned char **p, long len);
+void ASN1_put_object(unsigned char **pp, int constructed, int length,
+ int tag, int xclass);
+int ASN1_put_eoc(unsigned char **pp);
+int ASN1_object_size(int constructed, int length, int tag);
+
+/* Used to implement other functions */
+void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, const void *x);
+
+# define ASN1_dup_of(type,i2d,d2i,x) \
+ ((type*)ASN1_dup(CHECKED_I2D_OF(type, i2d), \
+ CHECKED_D2I_OF(type, d2i), \
+ CHECKED_PTR_OF(const type, x)))
+
+void *ASN1_item_dup(const ASN1_ITEM *it, const void *x);
+
+/* ASN1 alloc/free macros for when a type is only used internally */
+
+# define M_ASN1_new_of(type) (type *)ASN1_item_new(ASN1_ITEM_rptr(type))
+# define M_ASN1_free_of(x, type) \
+ ASN1_item_free(CHECKED_PTR_OF(type, x), ASN1_ITEM_rptr(type))
+
+# ifndef OPENSSL_NO_STDIO
+void *ASN1_d2i_fp(void *(*xnew) (void), d2i_of_void *d2i, FILE *in, void **x);
+
+# define ASN1_d2i_fp_of(type,xnew,d2i,in,x) \
+ ((type*)ASN1_d2i_fp(CHECKED_NEW_OF(type, xnew), \
+ CHECKED_D2I_OF(type, d2i), \
+ in, \
+ CHECKED_PPTR_OF(type, x)))
+
+void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x);
+int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, const void *x);
+
+# define ASN1_i2d_fp_of(type,i2d,out,x) \
+ (ASN1_i2d_fp(CHECKED_I2D_OF(type, i2d), \
+ out, \
+ CHECKED_PTR_OF(const type, x)))
+
+int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, const void *x);
+int ASN1_STRING_print_ex_fp(FILE *fp, const ASN1_STRING *str, unsigned long flags);
+# endif
+
+int ASN1_STRING_to_UTF8(unsigned char **out, const ASN1_STRING *in);
+
+void *ASN1_d2i_bio(void *(*xnew) (void), d2i_of_void *d2i, BIO *in, void **x);
+
+# define ASN1_d2i_bio_of(type,xnew,d2i,in,x) \
+ ((type*)ASN1_d2i_bio( CHECKED_NEW_OF(type, xnew), \
+ CHECKED_D2I_OF(type, d2i), \
+ in, \
+ CHECKED_PPTR_OF(type, x)))
+
+void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x);
+int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, const void *x);
+
+# define ASN1_i2d_bio_of(type,i2d,out,x) \
+ (ASN1_i2d_bio(CHECKED_I2D_OF(type, i2d), \
+ out, \
+ CHECKED_PTR_OF(const type, x)))
+
+int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, const void *x);
+int ASN1_UTCTIME_print(BIO *fp, const ASN1_UTCTIME *a);
+int ASN1_GENERALIZEDTIME_print(BIO *fp, const ASN1_GENERALIZEDTIME *a);
+int ASN1_TIME_print(BIO *fp, const ASN1_TIME *a);
+int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v);
+int ASN1_STRING_print_ex(BIO *out, const ASN1_STRING *str, unsigned long flags);
+int ASN1_buf_print(BIO *bp, const unsigned char *buf, size_t buflen, int off);
+int ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num,
+ unsigned char *buf, int off);
+int ASN1_parse(BIO *bp, const unsigned char *pp, long len, int indent);
+int ASN1_parse_dump(BIO *bp, const unsigned char *pp, long len, int indent,
+ int dump);
+const char *ASN1_tag2str(int tag);
+
+/* Used to load and write Netscape format cert */
+
+int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s);
+
+int ASN1_TYPE_set_octetstring(ASN1_TYPE *a, unsigned char *data, int len);
+int ASN1_TYPE_get_octetstring(const ASN1_TYPE *a, unsigned char *data, int max_len);
+int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num,
+ unsigned char *data, int len);
+int ASN1_TYPE_get_int_octetstring(const ASN1_TYPE *a, long *num,
+ unsigned char *data, int max_len);
+
+void *ASN1_item_unpack(const ASN1_STRING *oct, const ASN1_ITEM *it);
+
+ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it,
+ ASN1_OCTET_STRING **oct);
+
+void ASN1_STRING_set_default_mask(unsigned long mask);
+int ASN1_STRING_set_default_mask_asc(const char *p);
+unsigned long ASN1_STRING_get_default_mask(void);
+int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len,
+ int inform, unsigned long mask);
+int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
+ int inform, unsigned long mask,
+ long minsize, long maxsize);
+
+ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out,
+ const unsigned char *in, int inlen,
+ int inform, int nid);
+ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid);
+int ASN1_STRING_TABLE_add(int, long, long, unsigned long, unsigned long);
+void ASN1_STRING_TABLE_cleanup(void);
+
+/* ASN1 template functions */
+
+/* Old API compatible functions */
+ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it);
+void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it);
+ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **val, const unsigned char **in,
+ long len, const ASN1_ITEM *it);
+int ASN1_item_i2d(const ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it);
+int ASN1_item_ndef_i2d(const ASN1_VALUE *val, unsigned char **out,
+ const ASN1_ITEM *it);
+
+void ASN1_add_oid_module(void);
+void ASN1_add_stable_module(void);
+
+ASN1_TYPE *ASN1_generate_nconf(const char *str, CONF *nconf);
+ASN1_TYPE *ASN1_generate_v3(const char *str, X509V3_CTX *cnf);
+int ASN1_str2mask(const char *str, unsigned long *pmask);
+
+/* ASN1 Print flags */
+
+/* Indicate missing OPTIONAL fields */
+# define ASN1_PCTX_FLAGS_SHOW_ABSENT 0x001
+/* Mark start and end of SEQUENCE */
+# define ASN1_PCTX_FLAGS_SHOW_SEQUENCE 0x002
+/* Mark start and end of SEQUENCE/SET OF */
+# define ASN1_PCTX_FLAGS_SHOW_SSOF 0x004
+/* Show the ASN1 type of primitives */
+# define ASN1_PCTX_FLAGS_SHOW_TYPE 0x008
+/* Don't show ASN1 type of ANY */
+# define ASN1_PCTX_FLAGS_NO_ANY_TYPE 0x010
+/* Don't show ASN1 type of MSTRINGs */
+# define ASN1_PCTX_FLAGS_NO_MSTRING_TYPE 0x020
+/* Don't show field names in SEQUENCE */
+# define ASN1_PCTX_FLAGS_NO_FIELD_NAME 0x040
+/* Show structure names of each SEQUENCE field */
+# define ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME 0x080
+/* Don't show structure name even at top level */
+# define ASN1_PCTX_FLAGS_NO_STRUCT_NAME 0x100
+
+int ASN1_item_print(BIO *out, const ASN1_VALUE *ifld, int indent,
+ const ASN1_ITEM *it, const ASN1_PCTX *pctx);
+ASN1_PCTX *ASN1_PCTX_new(void);
+void ASN1_PCTX_free(ASN1_PCTX *p);
+unsigned long ASN1_PCTX_get_flags(const ASN1_PCTX *p);
+void ASN1_PCTX_set_flags(ASN1_PCTX *p, unsigned long flags);
+unsigned long ASN1_PCTX_get_nm_flags(const ASN1_PCTX *p);
+void ASN1_PCTX_set_nm_flags(ASN1_PCTX *p, unsigned long flags);
+unsigned long ASN1_PCTX_get_cert_flags(const ASN1_PCTX *p);
+void ASN1_PCTX_set_cert_flags(ASN1_PCTX *p, unsigned long flags);
+unsigned long ASN1_PCTX_get_oid_flags(const ASN1_PCTX *p);
+void ASN1_PCTX_set_oid_flags(ASN1_PCTX *p, unsigned long flags);
+unsigned long ASN1_PCTX_get_str_flags(const ASN1_PCTX *p);
+void ASN1_PCTX_set_str_flags(ASN1_PCTX *p, unsigned long flags);
+
+ASN1_SCTX *ASN1_SCTX_new(int (*scan_cb) (ASN1_SCTX *ctx));
+void ASN1_SCTX_free(ASN1_SCTX *p);
+const ASN1_ITEM *ASN1_SCTX_get_item(ASN1_SCTX *p);
+const ASN1_TEMPLATE *ASN1_SCTX_get_template(ASN1_SCTX *p);
+unsigned long ASN1_SCTX_get_flags(ASN1_SCTX *p);
+void ASN1_SCTX_set_app_data(ASN1_SCTX *p, void *data);
+void *ASN1_SCTX_get_app_data(ASN1_SCTX *p);
+
+const BIO_METHOD *BIO_f_asn1(void);
+
+/* cannot constify val because of CMS_stream() */
+BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it);
+
+int i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
+ const ASN1_ITEM *it);
+int PEM_write_bio_ASN1_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
+ const char *hdr, const ASN1_ITEM *it);
+/* cannot constify val because of CMS_dataFinal() */
+int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
+ int ctype_nid, int econt_nid,
+ STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it);
+ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it);
+int SMIME_crlf_copy(BIO *in, BIO *out, int flags);
+int SMIME_text(BIO *in, BIO *out);
+
+const ASN1_ITEM *ASN1_ITEM_lookup(const char *name);
+const ASN1_ITEM *ASN1_ITEM_get(size_t i);
+
+/* Legacy compatibility */
+# define DECLARE_ASN1_FUNCTIONS_fname(type, itname, name) \
+ DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
+ DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name)
+# define DECLARE_ASN1_FUNCTIONS_const(type) DECLARE_ASN1_FUNCTIONS(type)
+# define DECLARE_ASN1_ENCODE_FUNCTIONS_const(type, name) \
+ DECLARE_ASN1_ENCODE_FUNCTIONS(type, name)
+# define I2D_OF_const(type) I2D_OF(type)
+# define ASN1_dup_of_const(type,i2d,d2i,x) ASN1_dup_of(type,i2d,d2i,x)
+# define ASN1_i2d_fp_of_const(type,i2d,out,x) ASN1_i2d_fp_of(type,i2d,out,x)
+# define ASN1_i2d_bio_of_const(type,i2d,out,x) ASN1_i2d_bio_of(type,i2d,out,x)
+
+# ifdef __cplusplus
+}
+# endif
+#endif
diff --git a/openssl/include/openssl/asn1_mac.h b/openssl/include/openssl/asn1_mac.h new file mode 100644 index 00000000..50aa9e0f --- /dev/null +++ b/openssl/include/openssl/asn1_mac.h @@ -0,0 +1,10 @@ +/*
+ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#error "This file is obsolete; please update your software."
diff --git a/openssl/include/openssl/asn1err.h b/openssl/include/openssl/asn1err.h new file mode 100644 index 00000000..ab8c90fc --- /dev/null +++ b/openssl/include/openssl/asn1err.h @@ -0,0 +1,261 @@ +/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_ASN1ERR_H
+# define OPENSSL_ASN1ERR_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+
+
+# ifdef __cplusplus
+extern "C"
+# endif
+int ERR_load_ASN1_strings(void);
+
+/*
+ * ASN1 function codes.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define ASN1_F_A2D_ASN1_OBJECT 0
+# define ASN1_F_A2I_ASN1_INTEGER 0
+# define ASN1_F_A2I_ASN1_STRING 0
+# define ASN1_F_APPEND_EXP 0
+# define ASN1_F_ASN1_BIO_INIT 0
+# define ASN1_F_ASN1_BIT_STRING_SET_BIT 0
+# define ASN1_F_ASN1_CB 0
+# define ASN1_F_ASN1_CHECK_TLEN 0
+# define ASN1_F_ASN1_COLLECT 0
+# define ASN1_F_ASN1_D2I_EX_PRIMITIVE 0
+# define ASN1_F_ASN1_D2I_FP 0
+# define ASN1_F_ASN1_D2I_READ_BIO 0
+# define ASN1_F_ASN1_DIGEST 0
+# define ASN1_F_ASN1_DO_ADB 0
+# define ASN1_F_ASN1_DO_LOCK 0
+# define ASN1_F_ASN1_DUP 0
+# define ASN1_F_ASN1_ENC_SAVE 0
+# define ASN1_F_ASN1_EX_C2I 0
+# define ASN1_F_ASN1_FIND_END 0
+# define ASN1_F_ASN1_GENERALIZEDTIME_ADJ 0
+# define ASN1_F_ASN1_GENERATE_V3 0
+# define ASN1_F_ASN1_GET_INT64 0
+# define ASN1_F_ASN1_GET_OBJECT 0
+# define ASN1_F_ASN1_GET_UINT64 0
+# define ASN1_F_ASN1_I2D_BIO 0
+# define ASN1_F_ASN1_I2D_FP 0
+# define ASN1_F_ASN1_ITEM_D2I_FP 0
+# define ASN1_F_ASN1_ITEM_DUP 0
+# define ASN1_F_ASN1_ITEM_EMBED_D2I 0
+# define ASN1_F_ASN1_ITEM_EMBED_NEW 0
+# define ASN1_F_ASN1_ITEM_FLAGS_I2D 0
+# define ASN1_F_ASN1_ITEM_I2D_BIO 0
+# define ASN1_F_ASN1_ITEM_I2D_FP 0
+# define ASN1_F_ASN1_ITEM_PACK 0
+# define ASN1_F_ASN1_ITEM_SIGN 0
+# define ASN1_F_ASN1_ITEM_SIGN_CTX 0
+# define ASN1_F_ASN1_ITEM_UNPACK 0
+# define ASN1_F_ASN1_ITEM_VERIFY 0
+# define ASN1_F_ASN1_MBSTRING_NCOPY 0
+# define ASN1_F_ASN1_OBJECT_NEW 0
+# define ASN1_F_ASN1_OUTPUT_DATA 0
+# define ASN1_F_ASN1_PCTX_NEW 0
+# define ASN1_F_ASN1_PRIMITIVE_NEW 0
+# define ASN1_F_ASN1_SCTX_NEW 0
+# define ASN1_F_ASN1_SIGN 0
+# define ASN1_F_ASN1_STR2TYPE 0
+# define ASN1_F_ASN1_STRING_GET_INT64 0
+# define ASN1_F_ASN1_STRING_GET_UINT64 0
+# define ASN1_F_ASN1_STRING_SET 0
+# define ASN1_F_ASN1_STRING_TABLE_ADD 0
+# define ASN1_F_ASN1_STRING_TO_BN 0
+# define ASN1_F_ASN1_STRING_TYPE_NEW 0
+# define ASN1_F_ASN1_TEMPLATE_EX_D2I 0
+# define ASN1_F_ASN1_TEMPLATE_NEW 0
+# define ASN1_F_ASN1_TEMPLATE_NOEXP_D2I 0
+# define ASN1_F_ASN1_TIME_ADJ 0
+# define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 0
+# define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 0
+# define ASN1_F_ASN1_UTCTIME_ADJ 0
+# define ASN1_F_ASN1_VERIFY 0
+# define ASN1_F_B64_READ_ASN1 0
+# define ASN1_F_B64_WRITE_ASN1 0
+# define ASN1_F_BIO_NEW_NDEF 0
+# define ASN1_F_BITSTR_CB 0
+# define ASN1_F_BN_TO_ASN1_STRING 0
+# define ASN1_F_C2I_ASN1_BIT_STRING 0
+# define ASN1_F_C2I_ASN1_INTEGER 0
+# define ASN1_F_C2I_ASN1_OBJECT 0
+# define ASN1_F_C2I_IBUF 0
+# define ASN1_F_C2I_UINT64_INT 0
+# define ASN1_F_COLLECT_DATA 0
+# define ASN1_F_D2I_ASN1_OBJECT 0
+# define ASN1_F_D2I_ASN1_UINTEGER 0
+# define ASN1_F_D2I_AUTOPRIVATEKEY 0
+# define ASN1_F_D2I_KEYPARAMS 0
+# define ASN1_F_D2I_PRIVATEKEY 0
+# define ASN1_F_D2I_PUBLICKEY 0
+# define ASN1_F_DO_BUF 0
+# define ASN1_F_DO_CREATE 0
+# define ASN1_F_DO_DUMP 0
+# define ASN1_F_DO_TCREATE 0
+# define ASN1_F_I2A_ASN1_OBJECT 0
+# define ASN1_F_I2D_ASN1_BIO_STREAM 0
+# define ASN1_F_I2D_ASN1_OBJECT 0
+# define ASN1_F_I2D_DSA_PUBKEY 0
+# define ASN1_F_I2D_EC_PUBKEY 0
+# define ASN1_F_I2D_KEYPARAMS 0
+# define ASN1_F_I2D_PRIVATEKEY 0
+# define ASN1_F_I2D_PUBLICKEY 0
+# define ASN1_F_I2D_RSA_PUBKEY 0
+# define ASN1_F_LONG_C2I 0
+# define ASN1_F_NDEF_PREFIX 0
+# define ASN1_F_NDEF_SUFFIX 0
+# define ASN1_F_OID_MODULE_INIT 0
+# define ASN1_F_PARSE_TAGGING 0
+# define ASN1_F_PKCS5_PBE2_SET_IV 0
+# define ASN1_F_PKCS5_PBE2_SET_SCRYPT 0
+# define ASN1_F_PKCS5_PBE_SET 0
+# define ASN1_F_PKCS5_PBE_SET0_ALGOR 0
+# define ASN1_F_PKCS5_PBKDF2_SET 0
+# define ASN1_F_PKCS5_SCRYPT_SET 0
+# define ASN1_F_SMIME_READ_ASN1 0
+# define ASN1_F_SMIME_TEXT 0
+# define ASN1_F_STABLE_GET 0
+# define ASN1_F_STBL_MODULE_INIT 0
+# define ASN1_F_UINT32_C2I 0
+# define ASN1_F_UINT32_NEW 0
+# define ASN1_F_UINT64_C2I 0
+# define ASN1_F_UINT64_NEW 0
+# define ASN1_F_X509_CRL_ADD0_REVOKED 0
+# define ASN1_F_X509_INFO_NEW 0
+# define ASN1_F_X509_NAME_ENCODE 0
+# define ASN1_F_X509_NAME_EX_D2I 0
+# define ASN1_F_X509_NAME_EX_NEW 0
+# define ASN1_F_X509_PKEY_NEW 0
+# endif
+
+/*
+ * ASN1 reason codes.
+ */
+# define ASN1_R_ADDING_OBJECT 171
+# define ASN1_R_ASN1_PARSE_ERROR 203
+# define ASN1_R_ASN1_SIG_PARSE_ERROR 204
+# define ASN1_R_AUX_ERROR 100
+# define ASN1_R_BAD_OBJECT_HEADER 102
+# define ASN1_R_BMPSTRING_IS_WRONG_LENGTH 214
+# define ASN1_R_BN_LIB 105
+# define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 106
+# define ASN1_R_BUFFER_TOO_SMALL 107
+# define ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 108
+# define ASN1_R_CONTEXT_NOT_INITIALISED 217
+# define ASN1_R_DATA_IS_WRONG 109
+# define ASN1_R_DECODE_ERROR 110
+# define ASN1_R_DEPTH_EXCEEDED 174
+# define ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED 198
+# define ASN1_R_ENCODE_ERROR 112
+# define ASN1_R_ERROR_GETTING_TIME 173
+# define ASN1_R_ERROR_LOADING_SECTION 172
+# define ASN1_R_ERROR_SETTING_CIPHER_PARAMS 114
+# define ASN1_R_EXPECTING_AN_INTEGER 115
+# define ASN1_R_EXPECTING_AN_OBJECT 116
+# define ASN1_R_EXPLICIT_LENGTH_MISMATCH 119
+# define ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED 120
+# define ASN1_R_FIELD_MISSING 121
+# define ASN1_R_FIRST_NUM_TOO_LARGE 122
+# define ASN1_R_HEADER_TOO_LONG 123
+# define ASN1_R_ILLEGAL_BITSTRING_FORMAT 175
+# define ASN1_R_ILLEGAL_BOOLEAN 176
+# define ASN1_R_ILLEGAL_CHARACTERS 124
+# define ASN1_R_ILLEGAL_FORMAT 177
+# define ASN1_R_ILLEGAL_HEX 178
+# define ASN1_R_ILLEGAL_IMPLICIT_TAG 179
+# define ASN1_R_ILLEGAL_INTEGER 180
+# define ASN1_R_ILLEGAL_NEGATIVE_VALUE 226
+# define ASN1_R_ILLEGAL_NESTED_TAGGING 181
+# define ASN1_R_ILLEGAL_NULL 125
+# define ASN1_R_ILLEGAL_NULL_VALUE 182
+# define ASN1_R_ILLEGAL_OBJECT 183
+# define ASN1_R_ILLEGAL_OPTIONAL_ANY 126
+# define ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE 170
+# define ASN1_R_ILLEGAL_PADDING 221
+# define ASN1_R_ILLEGAL_TAGGED_ANY 127
+# define ASN1_R_ILLEGAL_TIME_VALUE 184
+# define ASN1_R_ILLEGAL_ZERO_CONTENT 222
+# define ASN1_R_INTEGER_NOT_ASCII_FORMAT 185
+# define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG 128
+# define ASN1_R_INVALID_BIT_STRING_BITS_LEFT 220
+# define ASN1_R_INVALID_BMPSTRING_LENGTH 129
+# define ASN1_R_INVALID_DIGIT 130
+# define ASN1_R_INVALID_MIME_TYPE 205
+# define ASN1_R_INVALID_MODIFIER 186
+# define ASN1_R_INVALID_NUMBER 187
+# define ASN1_R_INVALID_OBJECT_ENCODING 216
+# define ASN1_R_INVALID_SCRYPT_PARAMETERS 227
+# define ASN1_R_INVALID_SEPARATOR 131
+# define ASN1_R_INVALID_STRING_TABLE_VALUE 218
+# define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH 133
+# define ASN1_R_INVALID_UTF8STRING 134
+# define ASN1_R_INVALID_VALUE 219
+# define ASN1_R_LIST_ERROR 188
+# define ASN1_R_MIME_NO_CONTENT_TYPE 206
+# define ASN1_R_MIME_PARSE_ERROR 207
+# define ASN1_R_MIME_SIG_PARSE_ERROR 208
+# define ASN1_R_MISSING_EOC 137
+# define ASN1_R_MISSING_SECOND_NUMBER 138
+# define ASN1_R_MISSING_VALUE 189
+# define ASN1_R_MSTRING_NOT_UNIVERSAL 139
+# define ASN1_R_MSTRING_WRONG_TAG 140
+# define ASN1_R_NESTED_ASN1_STRING 197
+# define ASN1_R_NESTED_TOO_DEEP 201
+# define ASN1_R_NON_HEX_CHARACTERS 141
+# define ASN1_R_NOT_ASCII_FORMAT 190
+# define ASN1_R_NOT_ENOUGH_DATA 142
+# define ASN1_R_NO_CONTENT_TYPE 209
+# define ASN1_R_NO_MATCHING_CHOICE_TYPE 143
+# define ASN1_R_NO_MULTIPART_BODY_FAILURE 210
+# define ASN1_R_NO_MULTIPART_BOUNDARY 211
+# define ASN1_R_NO_SIG_CONTENT_TYPE 212
+# define ASN1_R_NULL_IS_WRONG_LENGTH 144
+# define ASN1_R_OBJECT_NOT_ASCII_FORMAT 191
+# define ASN1_R_ODD_NUMBER_OF_CHARS 145
+# define ASN1_R_SECOND_NUMBER_TOO_LARGE 147
+# define ASN1_R_SEQUENCE_LENGTH_MISMATCH 148
+# define ASN1_R_SEQUENCE_NOT_CONSTRUCTED 149
+# define ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG 192
+# define ASN1_R_SHORT_LINE 150
+# define ASN1_R_SIG_INVALID_MIME_TYPE 213
+# define ASN1_R_STREAMING_NOT_SUPPORTED 202
+# define ASN1_R_STRING_TOO_LONG 151
+# define ASN1_R_STRING_TOO_SHORT 152
+# define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 154
+# define ASN1_R_TIME_NOT_ASCII_FORMAT 193
+# define ASN1_R_TOO_LARGE 223
+# define ASN1_R_TOO_LONG 155
+# define ASN1_R_TOO_SMALL 224
+# define ASN1_R_TYPE_NOT_CONSTRUCTED 156
+# define ASN1_R_TYPE_NOT_PRIMITIVE 195
+# define ASN1_R_UNEXPECTED_EOC 159
+# define ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH 215
+# define ASN1_R_UNKNOWN_FORMAT 160
+# define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 161
+# define ASN1_R_UNKNOWN_OBJECT_TYPE 162
+# define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 163
+# define ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM 199
+# define ASN1_R_UNKNOWN_TAG 194
+# define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE 164
+# define ASN1_R_UNSUPPORTED_CIPHER 228
+# define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 167
+# define ASN1_R_UNSUPPORTED_TYPE 196
+# define ASN1_R_WRONG_INTEGER_TYPE 225
+# define ASN1_R_WRONG_PUBLIC_KEY_TYPE 200
+# define ASN1_R_WRONG_TAG 168
+
+#endif
diff --git a/openssl/include/openssl/asn1t.h b/openssl/include/openssl/asn1t.h new file mode 100644 index 00000000..75feb33a --- /dev/null +++ b/openssl/include/openssl/asn1t.h @@ -0,0 +1,905 @@ +/*
+ * Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_ASN1T_H
+# define OPENSSL_ASN1T_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_ASN1T_H
+# endif
+
+# include <stddef.h>
+# include <openssl/e_os2.h>
+# include <openssl/asn1.h>
+
+# ifdef OPENSSL_BUILD_SHLIBCRYPTO
+# undef OPENSSL_EXTERN
+# define OPENSSL_EXTERN OPENSSL_EXPORT
+# endif
+
+/* ASN1 template defines, structures and functions */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Macro to obtain ASN1_ADB pointer from a type (only used internally) */
+# define ASN1_ADB_ptr(iptr) ((const ASN1_ADB *)((iptr)()))
+
+/* Macros for start and end of ASN1_ITEM definition */
+
+# define ASN1_ITEM_start(itname) \
+ const ASN1_ITEM * itname##_it(void) \
+ { \
+ static const ASN1_ITEM local_it = {
+
+# define static_ASN1_ITEM_start(itname) \
+ static ASN1_ITEM_start(itname)
+
+# define ASN1_ITEM_end(itname) \
+ }; \
+ return &local_it; \
+ }
+
+/* Macros to aid ASN1 template writing */
+
+# define ASN1_ITEM_TEMPLATE(tname) \
+ static const ASN1_TEMPLATE tname##_item_tt
+
+# define ASN1_ITEM_TEMPLATE_END(tname) \
+ ;\
+ ASN1_ITEM_start(tname) \
+ ASN1_ITYPE_PRIMITIVE,\
+ -1,\
+ &tname##_item_tt,\
+ 0,\
+ NULL,\
+ 0,\
+ #tname \
+ ASN1_ITEM_end(tname)
+# define static_ASN1_ITEM_TEMPLATE_END(tname) \
+ ;\
+ static_ASN1_ITEM_start(tname) \
+ ASN1_ITYPE_PRIMITIVE,\
+ -1,\
+ &tname##_item_tt,\
+ 0,\
+ NULL,\
+ 0,\
+ #tname \
+ ASN1_ITEM_end(tname)
+
+/* This is a ASN1 type which just embeds a template */
+
+/*-
+ * This pair helps declare a SEQUENCE. We can do:
+ *
+ * ASN1_SEQUENCE(stname) = {
+ * ... SEQUENCE components ...
+ * } ASN1_SEQUENCE_END(stname)
+ *
+ * This will produce an ASN1_ITEM called stname_it
+ * for a structure called stname.
+ *
+ * If you want the same structure but a different
+ * name then use:
+ *
+ * ASN1_SEQUENCE(itname) = {
+ * ... SEQUENCE components ...
+ * } ASN1_SEQUENCE_END_name(stname, itname)
+ *
+ * This will create an item called itname_it using
+ * a structure called stname.
+ */
+
+# define ASN1_SEQUENCE(tname) \
+ static const ASN1_TEMPLATE tname##_seq_tt[]
+
+# define ASN1_SEQUENCE_END(stname) ASN1_SEQUENCE_END_name(stname, stname)
+
+# define static_ASN1_SEQUENCE_END(stname) static_ASN1_SEQUENCE_END_name(stname, stname)
+
+# define ASN1_SEQUENCE_END_name(stname, tname) \
+ ;\
+ ASN1_ITEM_start(tname) \
+ ASN1_ITYPE_SEQUENCE,\
+ V_ASN1_SEQUENCE,\
+ tname##_seq_tt,\
+ sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
+ NULL,\
+ sizeof(stname),\
+ #tname \
+ ASN1_ITEM_end(tname)
+
+# define static_ASN1_SEQUENCE_END_name(stname, tname) \
+ ;\
+ static_ASN1_ITEM_start(tname) \
+ ASN1_ITYPE_SEQUENCE,\
+ V_ASN1_SEQUENCE,\
+ tname##_seq_tt,\
+ sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
+ NULL,\
+ sizeof(stname),\
+ #stname \
+ ASN1_ITEM_end(tname)
+
+# define ASN1_NDEF_SEQUENCE(tname) \
+ ASN1_SEQUENCE(tname)
+
+# define ASN1_NDEF_SEQUENCE_cb(tname, cb) \
+ ASN1_SEQUENCE_cb(tname, cb)
+
+# define ASN1_SEQUENCE_cb(tname, cb) \
+ static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0, NULL}; \
+ ASN1_SEQUENCE(tname)
+
+# define ASN1_SEQUENCE_const_cb(tname, const_cb) \
+ static const ASN1_AUX tname##_aux = \
+ {NULL, ASN1_AFLG_CONST_CB, 0, 0, NULL, 0, const_cb}; \
+ ASN1_SEQUENCE(tname)
+
+# define ASN1_SEQUENCE_cb_const_cb(tname, cb, const_cb) \
+ static const ASN1_AUX tname##_aux = \
+ {NULL, ASN1_AFLG_CONST_CB, 0, 0, cb, 0, const_cb}; \
+ ASN1_SEQUENCE(tname)
+
+# define ASN1_SEQUENCE_ref(tname, cb) \
+ static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), offsetof(tname, lock), cb, 0, NULL}; \
+ ASN1_SEQUENCE(tname)
+
+# define ASN1_SEQUENCE_enc(tname, enc, cb) \
+ static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_ENCODING, 0, 0, cb, offsetof(tname, enc), NULL}; \
+ ASN1_SEQUENCE(tname)
+
+# define ASN1_NDEF_SEQUENCE_END(tname) \
+ ;\
+ ASN1_ITEM_start(tname) \
+ ASN1_ITYPE_NDEF_SEQUENCE,\
+ V_ASN1_SEQUENCE,\
+ tname##_seq_tt,\
+ sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
+ NULL,\
+ sizeof(tname),\
+ #tname \
+ ASN1_ITEM_end(tname)
+# define static_ASN1_NDEF_SEQUENCE_END(tname) \
+ ;\
+ static_ASN1_ITEM_start(tname) \
+ ASN1_ITYPE_NDEF_SEQUENCE,\
+ V_ASN1_SEQUENCE,\
+ tname##_seq_tt,\
+ sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
+ NULL,\
+ sizeof(tname),\
+ #tname \
+ ASN1_ITEM_end(tname)
+
+
+# define ASN1_SEQUENCE_END_enc(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
+
+# define ASN1_SEQUENCE_END_cb(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
+# define static_ASN1_SEQUENCE_END_cb(stname, tname) static_ASN1_SEQUENCE_END_ref(stname, tname)
+
+# define ASN1_SEQUENCE_END_ref(stname, tname) \
+ ;\
+ ASN1_ITEM_start(tname) \
+ ASN1_ITYPE_SEQUENCE,\
+ V_ASN1_SEQUENCE,\
+ tname##_seq_tt,\
+ sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
+ &tname##_aux,\
+ sizeof(stname),\
+ #tname \
+ ASN1_ITEM_end(tname)
+# define static_ASN1_SEQUENCE_END_ref(stname, tname) \
+ ;\
+ static_ASN1_ITEM_start(tname) \
+ ASN1_ITYPE_SEQUENCE,\
+ V_ASN1_SEQUENCE,\
+ tname##_seq_tt,\
+ sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
+ &tname##_aux,\
+ sizeof(stname),\
+ #stname \
+ ASN1_ITEM_end(tname)
+
+# define ASN1_NDEF_SEQUENCE_END_cb(stname, tname) \
+ ;\
+ ASN1_ITEM_start(tname) \
+ ASN1_ITYPE_NDEF_SEQUENCE,\
+ V_ASN1_SEQUENCE,\
+ tname##_seq_tt,\
+ sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
+ &tname##_aux,\
+ sizeof(stname),\
+ #stname \
+ ASN1_ITEM_end(tname)
+
+/*-
+ * This pair helps declare a CHOICE type. We can do:
+ *
+ * ASN1_CHOICE(chname) = {
+ * ... CHOICE options ...
+ * ASN1_CHOICE_END(chname)
+ *
+ * This will produce an ASN1_ITEM called chname_it
+ * for a structure called chname. The structure
+ * definition must look like this:
+ * typedef struct {
+ * int type;
+ * union {
+ * ASN1_SOMETHING *opt1;
+ * ASN1_SOMEOTHER *opt2;
+ * } value;
+ * } chname;
+ *
+ * the name of the selector must be 'type'.
+ * to use an alternative selector name use the
+ * ASN1_CHOICE_END_selector() version.
+ */
+
+# define ASN1_CHOICE(tname) \
+ static const ASN1_TEMPLATE tname##_ch_tt[]
+
+# define ASN1_CHOICE_cb(tname, cb) \
+ static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0, NULL}; \
+ ASN1_CHOICE(tname)
+
+# define ASN1_CHOICE_END(stname) ASN1_CHOICE_END_name(stname, stname)
+
+# define static_ASN1_CHOICE_END(stname) static_ASN1_CHOICE_END_name(stname, stname)
+
+# define ASN1_CHOICE_END_name(stname, tname) ASN1_CHOICE_END_selector(stname, tname, type)
+
+# define static_ASN1_CHOICE_END_name(stname, tname) static_ASN1_CHOICE_END_selector(stname, tname, type)
+
+# define ASN1_CHOICE_END_selector(stname, tname, selname) \
+ ;\
+ ASN1_ITEM_start(tname) \
+ ASN1_ITYPE_CHOICE,\
+ offsetof(stname,selname) ,\
+ tname##_ch_tt,\
+ sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\
+ NULL,\
+ sizeof(stname),\
+ #stname \
+ ASN1_ITEM_end(tname)
+
+# define static_ASN1_CHOICE_END_selector(stname, tname, selname) \
+ ;\
+ static_ASN1_ITEM_start(tname) \
+ ASN1_ITYPE_CHOICE,\
+ offsetof(stname,selname) ,\
+ tname##_ch_tt,\
+ sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\
+ NULL,\
+ sizeof(stname),\
+ #stname \
+ ASN1_ITEM_end(tname)
+
+# define ASN1_CHOICE_END_cb(stname, tname, selname) \
+ ;\
+ ASN1_ITEM_start(tname) \
+ ASN1_ITYPE_CHOICE,\
+ offsetof(stname,selname) ,\
+ tname##_ch_tt,\
+ sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\
+ &tname##_aux,\
+ sizeof(stname),\
+ #stname \
+ ASN1_ITEM_end(tname)
+
+/* This helps with the template wrapper form of ASN1_ITEM */
+
+# define ASN1_EX_TEMPLATE_TYPE(flags, tag, name, type) { \
+ (flags), (tag), 0,\
+ #name, ASN1_ITEM_ref(type) }
+
+/* These help with SEQUENCE or CHOICE components */
+
+/* used to declare other types */
+
+# define ASN1_EX_TYPE(flags, tag, stname, field, type) { \
+ (flags), (tag), offsetof(stname, field),\
+ #field, ASN1_ITEM_ref(type) }
+
+/* implicit and explicit helper macros */
+
+# define ASN1_IMP_EX(stname, field, type, tag, ex) \
+ ASN1_EX_TYPE(ASN1_TFLG_IMPLICIT | (ex), tag, stname, field, type)
+
+# define ASN1_EXP_EX(stname, field, type, tag, ex) \
+ ASN1_EX_TYPE(ASN1_TFLG_EXPLICIT | (ex), tag, stname, field, type)
+
+/* Any defined by macros: the field used is in the table itself */
+
+# define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, tblname##_adb }
+# define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, tblname##_adb }
+
+/* Plain simple type */
+# define ASN1_SIMPLE(stname, field, type) ASN1_EX_TYPE(0,0, stname, field, type)
+/* Embedded simple type */
+# define ASN1_EMBED(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_EMBED,0, stname, field, type)
+
+/* OPTIONAL simple type */
+# define ASN1_OPT(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_OPTIONAL, 0, stname, field, type)
+# define ASN1_OPT_EMBED(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_OPTIONAL|ASN1_TFLG_EMBED, 0, stname, field, type)
+
+/* IMPLICIT tagged simple type */
+# define ASN1_IMP(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, 0)
+# define ASN1_IMP_EMBED(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_EMBED)
+
+/* IMPLICIT tagged OPTIONAL simple type */
+# define ASN1_IMP_OPT(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
+# define ASN1_IMP_OPT_EMBED(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_EMBED)
+
+/* Same as above but EXPLICIT */
+
+# define ASN1_EXP(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, 0)
+# define ASN1_EXP_EMBED(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_EMBED)
+# define ASN1_EXP_OPT(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
+# define ASN1_EXP_OPT_EMBED(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_EMBED)
+
+/* SEQUENCE OF type */
+# define ASN1_SEQUENCE_OF(stname, field, type) \
+ ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, stname, field, type)
+
+/* OPTIONAL SEQUENCE OF */
+# define ASN1_SEQUENCE_OF_OPT(stname, field, type) \
+ ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
+
+/* Same as above but for SET OF */
+
+# define ASN1_SET_OF(stname, field, type) \
+ ASN1_EX_TYPE(ASN1_TFLG_SET_OF, 0, stname, field, type)
+
+# define ASN1_SET_OF_OPT(stname, field, type) \
+ ASN1_EX_TYPE(ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
+
+/* Finally compound types of SEQUENCE, SET, IMPLICIT, EXPLICIT and OPTIONAL */
+
+# define ASN1_IMP_SET_OF(stname, field, type, tag) \
+ ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
+
+# define ASN1_EXP_SET_OF(stname, field, type, tag) \
+ ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
+
+# define ASN1_IMP_SET_OF_OPT(stname, field, type, tag) \
+ ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
+
+# define ASN1_EXP_SET_OF_OPT(stname, field, type, tag) \
+ ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
+
+# define ASN1_IMP_SEQUENCE_OF(stname, field, type, tag) \
+ ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
+
+# define ASN1_IMP_SEQUENCE_OF_OPT(stname, field, type, tag) \
+ ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
+
+# define ASN1_EXP_SEQUENCE_OF(stname, field, type, tag) \
+ ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
+
+# define ASN1_EXP_SEQUENCE_OF_OPT(stname, field, type, tag) \
+ ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
+
+/* EXPLICIT using indefinite length constructed form */
+# define ASN1_NDEF_EXP(stname, field, type, tag) \
+ ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_NDEF)
+
+/* EXPLICIT OPTIONAL using indefinite length constructed form */
+# define ASN1_NDEF_EXP_OPT(stname, field, type, tag) \
+ ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_NDEF)
+
+/* Macros for the ASN1_ADB structure */
+
+# define ASN1_ADB(name) \
+ static const ASN1_ADB_TABLE name##_adbtbl[]
+
+# define ASN1_ADB_END(name, flags, field, adb_cb, def, none) \
+ ;\
+ static const ASN1_ITEM *name##_adb(void) \
+ { \
+ static const ASN1_ADB internal_adb = \
+ {\
+ flags,\
+ offsetof(name, field),\
+ adb_cb,\
+ name##_adbtbl,\
+ sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\
+ def,\
+ none\
+ }; \
+ return (const ASN1_ITEM *) &internal_adb; \
+ } \
+ void dummy_function(void)
+
+# define ADB_ENTRY(val, template) {val, template}
+
+# define ASN1_ADB_TEMPLATE(name) \
+ static const ASN1_TEMPLATE name##_tt
+
+/*
+ * This is the ASN1 template structure that defines a wrapper round the
+ * actual type. It determines the actual position of the field in the value
+ * structure, various flags such as OPTIONAL and the field name.
+ */
+
+struct ASN1_TEMPLATE_st {
+ unsigned long flags; /* Various flags */
+ long tag; /* tag, not used if no tagging */
+ unsigned long offset; /* Offset of this field in structure */
+ const char *field_name; /* Field name */
+ ASN1_ITEM_EXP *item; /* Relevant ASN1_ITEM or ASN1_ADB */
+};
+
+/* Macro to extract ASN1_ITEM and ASN1_ADB pointer from ASN1_TEMPLATE */
+
+# define ASN1_TEMPLATE_item(t) (t->item_ptr)
+# define ASN1_TEMPLATE_adb(t) (t->item_ptr)
+
+typedef struct ASN1_ADB_TABLE_st ASN1_ADB_TABLE;
+typedef struct ASN1_ADB_st ASN1_ADB;
+
+struct ASN1_ADB_st {
+ unsigned long flags; /* Various flags */
+ unsigned long offset; /* Offset of selector field */
+ int (*adb_cb)(long *psel); /* Application callback */
+ const ASN1_ADB_TABLE *tbl; /* Table of possible types */
+ long tblcount; /* Number of entries in tbl */
+ const ASN1_TEMPLATE *default_tt; /* Type to use if no match */
+ const ASN1_TEMPLATE *null_tt; /* Type to use if selector is NULL */
+};
+
+struct ASN1_ADB_TABLE_st {
+ long value; /* NID for an object or value for an int */
+ const ASN1_TEMPLATE tt; /* item for this value */
+};
+
+/* template flags */
+
+/* Field is optional */
+# define ASN1_TFLG_OPTIONAL (0x1)
+
+/* Field is a SET OF */
+# define ASN1_TFLG_SET_OF (0x1 << 1)
+
+/* Field is a SEQUENCE OF */
+# define ASN1_TFLG_SEQUENCE_OF (0x2 << 1)
+
+/*
+ * Special case: this refers to a SET OF that will be sorted into DER order
+ * when encoded *and* the corresponding STACK will be modified to match the
+ * new order.
+ */
+# define ASN1_TFLG_SET_ORDER (0x3 << 1)
+
+/* Mask for SET OF or SEQUENCE OF */
+# define ASN1_TFLG_SK_MASK (0x3 << 1)
+
+/*
+ * These flags mean the tag should be taken from the tag field. If EXPLICIT
+ * then the underlying type is used for the inner tag.
+ */
+
+/* IMPLICIT tagging */
+# define ASN1_TFLG_IMPTAG (0x1 << 3)
+
+/* EXPLICIT tagging, inner tag from underlying type */
+# define ASN1_TFLG_EXPTAG (0x2 << 3)
+
+# define ASN1_TFLG_TAG_MASK (0x3 << 3)
+
+/* context specific IMPLICIT */
+# define ASN1_TFLG_IMPLICIT (ASN1_TFLG_IMPTAG|ASN1_TFLG_CONTEXT)
+
+/* context specific EXPLICIT */
+# define ASN1_TFLG_EXPLICIT (ASN1_TFLG_EXPTAG|ASN1_TFLG_CONTEXT)
+
+/*
+ * If tagging is in force these determine the type of tag to use. Otherwise
+ * the tag is determined by the underlying type. These values reflect the
+ * actual octet format.
+ */
+
+/* Universal tag */
+# define ASN1_TFLG_UNIVERSAL (0x0<<6)
+/* Application tag */
+# define ASN1_TFLG_APPLICATION (0x1<<6)
+/* Context specific tag */
+# define ASN1_TFLG_CONTEXT (0x2<<6)
+/* Private tag */
+# define ASN1_TFLG_PRIVATE (0x3<<6)
+
+# define ASN1_TFLG_TAG_CLASS (0x3<<6)
+
+/*
+ * These are for ANY DEFINED BY type. In this case the 'item' field points to
+ * an ASN1_ADB structure which contains a table of values to decode the
+ * relevant type
+ */
+
+# define ASN1_TFLG_ADB_MASK (0x3<<8)
+
+# define ASN1_TFLG_ADB_OID (0x1<<8)
+
+# define ASN1_TFLG_ADB_INT (0x1<<9)
+
+/*
+ * This flag when present in a SEQUENCE OF, SET OF or EXPLICIT causes
+ * indefinite length constructed encoding to be used if required.
+ */
+
+# define ASN1_TFLG_NDEF (0x1<<11)
+
+/* Field is embedded and not a pointer */
+# define ASN1_TFLG_EMBED (0x1 << 12)
+
+/* This is the actual ASN1 item itself */
+
+struct ASN1_ITEM_st {
+ char itype; /* The item type, primitive, SEQUENCE, CHOICE
+ * or extern */
+ long utype; /* underlying type */
+ const ASN1_TEMPLATE *templates; /* If SEQUENCE or CHOICE this contains
+ * the contents */
+ long tcount; /* Number of templates if SEQUENCE or CHOICE */
+ const void *funcs; /* functions that handle this type */
+ long size; /* Structure size (usually) */
+ const char *sname; /* Structure name */
+};
+
+/*-
+ * These are values for the itype field and
+ * determine how the type is interpreted.
+ *
+ * For PRIMITIVE types the underlying type
+ * determines the behaviour if items is NULL.
+ *
+ * Otherwise templates must contain a single
+ * template and the type is treated in the
+ * same way as the type specified in the template.
+ *
+ * For SEQUENCE types the templates field points
+ * to the members, the size field is the
+ * structure size.
+ *
+ * For CHOICE types the templates field points
+ * to each possible member (typically a union)
+ * and the 'size' field is the offset of the
+ * selector.
+ *
+ * The 'funcs' field is used for application
+ * specific functions.
+ *
+ * The EXTERN type uses a new style d2i/i2d.
+ * The new style should be used where possible
+ * because it avoids things like the d2i IMPLICIT
+ * hack.
+ *
+ * MSTRING is a multiple string type, it is used
+ * for a CHOICE of character strings where the
+ * actual strings all occupy an ASN1_STRING
+ * structure. In this case the 'utype' field
+ * has a special meaning, it is used as a mask
+ * of acceptable types using the B_ASN1 constants.
+ *
+ * NDEF_SEQUENCE is the same as SEQUENCE except
+ * that it will use indefinite length constructed
+ * encoding if requested.
+ *
+ */
+
+# define ASN1_ITYPE_PRIMITIVE 0x0
+
+# define ASN1_ITYPE_SEQUENCE 0x1
+
+# define ASN1_ITYPE_CHOICE 0x2
+
+# define ASN1_ITYPE_EXTERN 0x4
+
+# define ASN1_ITYPE_MSTRING 0x5
+
+# define ASN1_ITYPE_NDEF_SEQUENCE 0x6
+
+/*
+ * Cache for ASN1 tag and length, so we don't keep re-reading it for things
+ * like CHOICE
+ */
+
+struct ASN1_TLC_st {
+ char valid; /* Values below are valid */
+ int ret; /* return value */
+ long plen; /* length */
+ int ptag; /* class value */
+ int pclass; /* class value */
+ int hdrlen; /* header length */
+};
+
+/* Typedefs for ASN1 function pointers */
+typedef int ASN1_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
+ const ASN1_ITEM *it, int tag, int aclass, char opt,
+ ASN1_TLC *ctx);
+
+typedef int ASN1_ex_i2d(const ASN1_VALUE **pval, unsigned char **out,
+ const ASN1_ITEM *it, int tag, int aclass);
+typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
+typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
+
+typedef int ASN1_ex_print_func(BIO *out, const ASN1_VALUE **pval,
+ int indent, const char *fname,
+ const ASN1_PCTX *pctx);
+
+typedef int ASN1_primitive_i2c(const ASN1_VALUE **pval, unsigned char *cont,
+ int *putype, const ASN1_ITEM *it);
+typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, const unsigned char *cont,
+ int len, int utype, char *free_cont,
+ const ASN1_ITEM *it);
+typedef int ASN1_primitive_print(BIO *out, const ASN1_VALUE **pval,
+ const ASN1_ITEM *it, int indent,
+ const ASN1_PCTX *pctx);
+
+typedef struct ASN1_EXTERN_FUNCS_st {
+ void *app_data;
+ ASN1_ex_new_func *asn1_ex_new;
+ ASN1_ex_free_func *asn1_ex_free;
+ ASN1_ex_free_func *asn1_ex_clear;
+ ASN1_ex_d2i *asn1_ex_d2i;
+ ASN1_ex_i2d *asn1_ex_i2d;
+ ASN1_ex_print_func *asn1_ex_print;
+} ASN1_EXTERN_FUNCS;
+
+typedef struct ASN1_PRIMITIVE_FUNCS_st {
+ void *app_data;
+ unsigned long flags;
+ ASN1_ex_new_func *prim_new;
+ ASN1_ex_free_func *prim_free;
+ ASN1_ex_free_func *prim_clear;
+ ASN1_primitive_c2i *prim_c2i;
+ ASN1_primitive_i2c *prim_i2c;
+ ASN1_primitive_print *prim_print;
+} ASN1_PRIMITIVE_FUNCS;
+
+/*
+ * This is the ASN1_AUX structure: it handles various miscellaneous
+ * requirements. For example the use of reference counts and an informational
+ * callback. The "informational callback" is called at various points during
+ * the ASN1 encoding and decoding. It can be used to provide minor
+ * customisation of the structures used. This is most useful where the
+ * supplied routines *almost* do the right thing but need some extra help at
+ * a few points. If the callback returns zero then it is assumed a fatal
+ * error has occurred and the main operation should be abandoned. If major
+ * changes in the default behaviour are required then an external type is
+ * more appropriate.
+ * For the operations ASN1_OP_I2D_PRE, ASN1_OP_I2D_POST, ASN1_OP_PRINT_PRE, and
+ * ASN1_OP_PRINT_POST, meanwhile a variant of the callback with const parameter
+ * 'in' is provided to make clear statically that its input is not modified. If
+ * and only if this variant is in use the flag ASN1_AFLG_CONST_CB must be set.
+ */
+
+typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it,
+ void *exarg);
+typedef int ASN1_aux_const_cb(int operation, const ASN1_VALUE **in,
+ const ASN1_ITEM *it, void *exarg);
+
+typedef struct ASN1_AUX_st {
+ void *app_data;
+ int flags;
+ int ref_offset; /* Offset of reference value */
+ int ref_lock; /* Lock type to use */
+ ASN1_aux_cb *asn1_cb;
+ int enc_offset; /* Offset of ASN1_ENCODING structure */
+ ASN1_aux_const_cb *asn1_const_cb; /* for ASN1_OP_I2D_ and ASN1_OP_PRINT_ */
+} ASN1_AUX;
+
+/* For print related callbacks exarg points to this structure */
+typedef struct ASN1_PRINT_ARG_st {
+ BIO *out;
+ int indent;
+ const ASN1_PCTX *pctx;
+} ASN1_PRINT_ARG;
+
+/* For streaming related callbacks exarg points to this structure */
+typedef struct ASN1_STREAM_ARG_st {
+ /* BIO to stream through */
+ BIO *out;
+ /* BIO with filters appended */
+ BIO *ndef_bio;
+ /* Streaming I/O boundary */
+ unsigned char **boundary;
+} ASN1_STREAM_ARG;
+
+/* Flags in ASN1_AUX */
+
+/* Use a reference count */
+# define ASN1_AFLG_REFCOUNT 1
+/* Save the encoding of structure (useful for signatures) */
+# define ASN1_AFLG_ENCODING 2
+/* The Sequence length is invalid */
+# define ASN1_AFLG_BROKEN 4
+/* Use the new asn1_const_cb */
+# define ASN1_AFLG_CONST_CB 8
+
+/* operation values for asn1_cb */
+
+# define ASN1_OP_NEW_PRE 0
+# define ASN1_OP_NEW_POST 1
+# define ASN1_OP_FREE_PRE 2
+# define ASN1_OP_FREE_POST 3
+# define ASN1_OP_D2I_PRE 4
+# define ASN1_OP_D2I_POST 5
+# define ASN1_OP_I2D_PRE 6
+# define ASN1_OP_I2D_POST 7
+# define ASN1_OP_PRINT_PRE 8
+# define ASN1_OP_PRINT_POST 9
+# define ASN1_OP_STREAM_PRE 10
+# define ASN1_OP_STREAM_POST 11
+# define ASN1_OP_DETACHED_PRE 12
+# define ASN1_OP_DETACHED_POST 13
+
+/* Macro to implement a primitive type */
+# define IMPLEMENT_ASN1_TYPE(stname) IMPLEMENT_ASN1_TYPE_ex(stname, stname, 0)
+# define IMPLEMENT_ASN1_TYPE_ex(itname, vname, ex) \
+ ASN1_ITEM_start(itname) \
+ ASN1_ITYPE_PRIMITIVE, V_##vname, NULL, 0, NULL, ex, #itname \
+ ASN1_ITEM_end(itname)
+
+/* Macro to implement a multi string type */
+# define IMPLEMENT_ASN1_MSTRING(itname, mask) \
+ ASN1_ITEM_start(itname) \
+ ASN1_ITYPE_MSTRING, mask, NULL, 0, NULL, sizeof(ASN1_STRING), #itname \
+ ASN1_ITEM_end(itname)
+
+# define IMPLEMENT_EXTERN_ASN1(sname, tag, fptrs) \
+ ASN1_ITEM_start(sname) \
+ ASN1_ITYPE_EXTERN, \
+ tag, \
+ NULL, \
+ 0, \
+ &fptrs, \
+ 0, \
+ #sname \
+ ASN1_ITEM_end(sname)
+
+/* Macro to implement standard functions in terms of ASN1_ITEM structures */
+
+# define IMPLEMENT_ASN1_FUNCTIONS(stname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, stname, stname)
+
+# define IMPLEMENT_ASN1_FUNCTIONS_name(stname, itname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, itname)
+
+# define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \
+ IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname)
+
+# define IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(stname) \
+ IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(static, stname, stname, stname)
+
+# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS(stname) \
+ IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, stname, stname)
+
+# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(pre, stname, itname, fname) \
+ pre stname *fname##_new(void) \
+ { \
+ return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
+ } \
+ pre void fname##_free(stname *a) \
+ { \
+ ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
+ }
+
+# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \
+ stname *fname##_new(void) \
+ { \
+ return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
+ } \
+ void fname##_free(stname *a) \
+ { \
+ ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
+ }
+
+# define IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, fname) \
+ IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
+ IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
+
+# define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
+ stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
+ { \
+ return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\
+ } \
+ int i2d_##fname(const stname *a, unsigned char **out) \
+ { \
+ return ASN1_item_i2d((const ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
+ }
+
+# define IMPLEMENT_ASN1_NDEF_FUNCTION(stname) \
+ int i2d_##stname##_NDEF(const stname *a, unsigned char **out) \
+ { \
+ return ASN1_item_ndef_i2d((const ASN1_VALUE *)a, out, ASN1_ITEM_rptr(stname));\
+ }
+
+# define IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(stname) \
+ static stname *d2i_##stname(stname **a, \
+ const unsigned char **in, long len) \
+ { \
+ return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, \
+ ASN1_ITEM_rptr(stname)); \
+ } \
+ static int i2d_##stname(const stname *a, unsigned char **out) \
+ { \
+ return ASN1_item_i2d((const ASN1_VALUE *)a, out, \
+ ASN1_ITEM_rptr(stname)); \
+ }
+
+# define IMPLEMENT_ASN1_DUP_FUNCTION(stname) \
+ stname * stname##_dup(const stname *x) \
+ { \
+ return ASN1_item_dup(ASN1_ITEM_rptr(stname), x); \
+ }
+
+# define IMPLEMENT_ASN1_PRINT_FUNCTION(stname) \
+ IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, stname, stname)
+
+# define IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, itname, fname) \
+ int fname##_print_ctx(BIO *out, const stname *x, int indent, \
+ const ASN1_PCTX *pctx) \
+ { \
+ return ASN1_item_print(out, (const ASN1_VALUE *)x, indent, \
+ ASN1_ITEM_rptr(itname), pctx); \
+ }
+
+/* external definitions for primitive types */
+
+DECLARE_ASN1_ITEM(ASN1_BOOLEAN)
+DECLARE_ASN1_ITEM(ASN1_TBOOLEAN)
+DECLARE_ASN1_ITEM(ASN1_FBOOLEAN)
+DECLARE_ASN1_ITEM(ASN1_SEQUENCE)
+DECLARE_ASN1_ITEM(CBIGNUM)
+DECLARE_ASN1_ITEM(BIGNUM)
+DECLARE_ASN1_ITEM(INT32)
+DECLARE_ASN1_ITEM(ZINT32)
+DECLARE_ASN1_ITEM(UINT32)
+DECLARE_ASN1_ITEM(ZUINT32)
+DECLARE_ASN1_ITEM(INT64)
+DECLARE_ASN1_ITEM(ZINT64)
+DECLARE_ASN1_ITEM(UINT64)
+DECLARE_ASN1_ITEM(ZUINT64)
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+/*
+ * LONG and ZLONG are strongly discouraged for use as stored data, as the
+ * underlying C type (long) differs in size depending on the architecture.
+ * They are designed with 32-bit longs in mind.
+ */
+DECLARE_ASN1_ITEM(LONG)
+DECLARE_ASN1_ITEM(ZLONG)
+# endif
+
+DEFINE_OR_DECLARE_STACK_OF(ASN1_VALUE)
+
+/* Functions used internally by the ASN1 code */
+
+int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
+void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
+
+int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
+ const ASN1_ITEM *it, int tag, int aclass, char opt,
+ ASN1_TLC *ctx);
+
+int ASN1_item_ex_i2d(const ASN1_VALUE **pval, unsigned char **out,
+ const ASN1_ITEM *it, int tag, int aclass);
+
+/* Legacy compatibility */
+# define IMPLEMENT_ASN1_FUNCTIONS_const(name) IMPLEMENT_ASN1_FUNCTIONS(name)
+# define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
+ IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname)
+
+#ifdef __cplusplus
+}
+#endif
+#endif
diff --git a/openssl/include/openssl/async.h b/openssl/include/openssl/async.h new file mode 100644 index 00000000..2e2751f9 --- /dev/null +++ b/openssl/include/openssl/async.h @@ -0,0 +1,96 @@ +/*
+ * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <stdlib.h>
+
+#ifndef OPENSSL_ASYNC_H
+# define OPENSSL_ASYNC_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_ASYNC_H
+# endif
+
+#if defined(_WIN32)
+# if defined(BASETYPES) || defined(_WINDEF_H)
+/* application has to include <windows.h> to use this */
+#define OSSL_ASYNC_FD HANDLE
+#define OSSL_BAD_ASYNC_FD INVALID_HANDLE_VALUE
+# endif
+#else
+#define OSSL_ASYNC_FD int
+#define OSSL_BAD_ASYNC_FD -1
+#endif
+# include <openssl/asyncerr.h>
+
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+typedef struct async_job_st ASYNC_JOB;
+typedef struct async_wait_ctx_st ASYNC_WAIT_CTX;
+typedef int (*ASYNC_callback_fn)(void *arg);
+
+#define ASYNC_ERR 0
+#define ASYNC_NO_JOBS 1
+#define ASYNC_PAUSE 2
+#define ASYNC_FINISH 3
+
+#define ASYNC_STATUS_UNSUPPORTED 0
+#define ASYNC_STATUS_ERR 1
+#define ASYNC_STATUS_OK 2
+#define ASYNC_STATUS_EAGAIN 3
+
+int ASYNC_init_thread(size_t max_size, size_t init_size);
+void ASYNC_cleanup_thread(void);
+
+#ifdef OSSL_ASYNC_FD
+ASYNC_WAIT_CTX *ASYNC_WAIT_CTX_new(void);
+void ASYNC_WAIT_CTX_free(ASYNC_WAIT_CTX *ctx);
+int ASYNC_WAIT_CTX_set_wait_fd(ASYNC_WAIT_CTX *ctx, const void *key,
+ OSSL_ASYNC_FD fd,
+ void *custom_data,
+ void (*cleanup)(ASYNC_WAIT_CTX *, const void *,
+ OSSL_ASYNC_FD, void *));
+int ASYNC_WAIT_CTX_get_fd(ASYNC_WAIT_CTX *ctx, const void *key,
+ OSSL_ASYNC_FD *fd, void **custom_data);
+int ASYNC_WAIT_CTX_get_all_fds(ASYNC_WAIT_CTX *ctx, OSSL_ASYNC_FD *fd,
+ size_t *numfds);
+int ASYNC_WAIT_CTX_get_callback(ASYNC_WAIT_CTX *ctx,
+ ASYNC_callback_fn *callback,
+ void **callback_arg);
+int ASYNC_WAIT_CTX_set_callback(ASYNC_WAIT_CTX *ctx,
+ ASYNC_callback_fn callback,
+ void *callback_arg);
+int ASYNC_WAIT_CTX_set_status(ASYNC_WAIT_CTX *ctx, int status);
+int ASYNC_WAIT_CTX_get_status(ASYNC_WAIT_CTX *ctx);
+int ASYNC_WAIT_CTX_get_changed_fds(ASYNC_WAIT_CTX *ctx, OSSL_ASYNC_FD *addfd,
+ size_t *numaddfds, OSSL_ASYNC_FD *delfd,
+ size_t *numdelfds);
+int ASYNC_WAIT_CTX_clear_fd(ASYNC_WAIT_CTX *ctx, const void *key);
+#endif
+
+int ASYNC_is_capable(void);
+
+int ASYNC_start_job(ASYNC_JOB **job, ASYNC_WAIT_CTX *ctx, int *ret,
+ int (*func)(void *), void *args, size_t size);
+int ASYNC_pause_job(void);
+
+ASYNC_JOB *ASYNC_get_current_job(void);
+ASYNC_WAIT_CTX *ASYNC_get_wait_ctx(ASYNC_JOB *job);
+void ASYNC_block_pause(void);
+void ASYNC_unblock_pause(void);
+
+
+# ifdef __cplusplus
+}
+# endif
+#endif
diff --git a/openssl/include/openssl/asyncerr.h b/openssl/include/openssl/asyncerr.h new file mode 100644 index 00000000..647ce5b2 --- /dev/null +++ b/openssl/include/openssl/asyncerr.h @@ -0,0 +1,45 @@ +/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_ASYNCERR_H
+# define OPENSSL_ASYNCERR_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+
+
+# ifdef __cplusplus
+extern "C"
+# endif
+int ERR_load_ASYNC_strings(void);
+
+/*
+ * ASYNC function codes.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define ASYNC_F_ASYNC_CTX_NEW 0
+# define ASYNC_F_ASYNC_INIT_THREAD 0
+# define ASYNC_F_ASYNC_JOB_NEW 0
+# define ASYNC_F_ASYNC_PAUSE_JOB 0
+# define ASYNC_F_ASYNC_START_FUNC 0
+# define ASYNC_F_ASYNC_START_JOB 0
+# define ASYNC_F_ASYNC_WAIT_CTX_SET_WAIT_FD 0
+# endif
+
+/*
+ * ASYNC reason codes.
+ */
+# define ASYNC_R_FAILED_TO_SET_POOL 101
+# define ASYNC_R_FAILED_TO_SWAP_CONTEXT 102
+# define ASYNC_R_INIT_FAILED 105
+# define ASYNC_R_INVALID_POOL_SIZE 103
+
+#endif
diff --git a/openssl/include/openssl/bio.h b/openssl/include/openssl/bio.h new file mode 100644 index 00000000..e268dc63 --- /dev/null +++ b/openssl/include/openssl/bio.h @@ -0,0 +1,843 @@ +/*
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_BIO_H
+# define OPENSSL_BIO_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_BIO_H
+# endif
+
+# include <openssl/e_os2.h>
+
+# ifndef OPENSSL_NO_STDIO
+# include <stdio.h>
+# endif
+# include <stdarg.h>
+
+# include <openssl/crypto.h>
+# include <openssl/bioerr.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* There are the classes of BIOs */
+# define BIO_TYPE_DESCRIPTOR 0x0100 /* socket, fd, connect or accept */
+# define BIO_TYPE_FILTER 0x0200
+# define BIO_TYPE_SOURCE_SINK 0x0400
+
+/* These are the 'types' of BIOs */
+# define BIO_TYPE_NONE 0
+# define BIO_TYPE_MEM ( 1|BIO_TYPE_SOURCE_SINK)
+# define BIO_TYPE_FILE ( 2|BIO_TYPE_SOURCE_SINK)
+
+# define BIO_TYPE_FD ( 4|BIO_TYPE_SOURCE_SINK|BIO_TYPE_DESCRIPTOR)
+# define BIO_TYPE_SOCKET ( 5|BIO_TYPE_SOURCE_SINK|BIO_TYPE_DESCRIPTOR)
+# define BIO_TYPE_NULL ( 6|BIO_TYPE_SOURCE_SINK)
+# define BIO_TYPE_SSL ( 7|BIO_TYPE_FILTER)
+# define BIO_TYPE_MD ( 8|BIO_TYPE_FILTER)
+# define BIO_TYPE_BUFFER ( 9|BIO_TYPE_FILTER)
+# define BIO_TYPE_CIPHER (10|BIO_TYPE_FILTER)
+# define BIO_TYPE_BASE64 (11|BIO_TYPE_FILTER)
+# define BIO_TYPE_CONNECT (12|BIO_TYPE_SOURCE_SINK|BIO_TYPE_DESCRIPTOR)
+# define BIO_TYPE_ACCEPT (13|BIO_TYPE_SOURCE_SINK|BIO_TYPE_DESCRIPTOR)
+
+# define BIO_TYPE_NBIO_TEST (16|BIO_TYPE_FILTER)/* server proxy BIO */
+# define BIO_TYPE_NULL_FILTER (17|BIO_TYPE_FILTER)
+# define BIO_TYPE_BIO (19|BIO_TYPE_SOURCE_SINK)/* half a BIO pair */
+# define BIO_TYPE_LINEBUFFER (20|BIO_TYPE_FILTER)
+# define BIO_TYPE_DGRAM (21|BIO_TYPE_SOURCE_SINK|BIO_TYPE_DESCRIPTOR)
+# define BIO_TYPE_ASN1 (22|BIO_TYPE_FILTER)
+# define BIO_TYPE_COMP (23|BIO_TYPE_FILTER)
+# ifndef OPENSSL_NO_SCTP
+# define BIO_TYPE_DGRAM_SCTP (24|BIO_TYPE_SOURCE_SINK|BIO_TYPE_DESCRIPTOR)
+# endif
+# define BIO_TYPE_CORE_TO_PROV (25|BIO_TYPE_FILTER)
+
+#define BIO_TYPE_START 128
+
+/*
+ * BIO_FILENAME_READ|BIO_CLOSE to open or close on free.
+ * BIO_set_fp(in,stdin,BIO_NOCLOSE);
+ */
+# define BIO_NOCLOSE 0x00
+# define BIO_CLOSE 0x01
+
+/*
+ * These are used in the following macros and are passed to BIO_ctrl()
+ */
+# define BIO_CTRL_RESET 1/* opt - rewind/zero etc */
+# define BIO_CTRL_EOF 2/* opt - are we at the eof */
+# define BIO_CTRL_INFO 3/* opt - extra tit-bits */
+# define BIO_CTRL_SET 4/* man - set the 'IO' type */
+# define BIO_CTRL_GET 5/* man - get the 'IO' type */
+# define BIO_CTRL_PUSH 6/* opt - internal, used to signify change */
+# define BIO_CTRL_POP 7/* opt - internal, used to signify change */
+# define BIO_CTRL_GET_CLOSE 8/* man - set the 'close' on free */
+# define BIO_CTRL_SET_CLOSE 9/* man - set the 'close' on free */
+# define BIO_CTRL_PENDING 10/* opt - is their more data buffered */
+# define BIO_CTRL_FLUSH 11/* opt - 'flush' buffered output */
+# define BIO_CTRL_DUP 12/* man - extra stuff for 'duped' BIO */
+# define BIO_CTRL_WPENDING 13/* opt - number of bytes still to write */
+# define BIO_CTRL_SET_CALLBACK 14/* opt - set callback function */
+# define BIO_CTRL_GET_CALLBACK 15/* opt - set callback function */
+
+# define BIO_CTRL_PEEK 29/* BIO_f_buffer special */
+# define BIO_CTRL_SET_FILENAME 30/* BIO_s_file special */
+
+/* dgram BIO stuff */
+# define BIO_CTRL_DGRAM_CONNECT 31/* BIO dgram special */
+# define BIO_CTRL_DGRAM_SET_CONNECTED 32/* allow for an externally connected
+ * socket to be passed in */
+# define BIO_CTRL_DGRAM_SET_RECV_TIMEOUT 33/* setsockopt, essentially */
+# define BIO_CTRL_DGRAM_GET_RECV_TIMEOUT 34/* getsockopt, essentially */
+# define BIO_CTRL_DGRAM_SET_SEND_TIMEOUT 35/* setsockopt, essentially */
+# define BIO_CTRL_DGRAM_GET_SEND_TIMEOUT 36/* getsockopt, essentially */
+
+# define BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP 37/* flag whether the last */
+# define BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP 38/* I/O operation tiemd out */
+
+/* #ifdef IP_MTU_DISCOVER */
+# define BIO_CTRL_DGRAM_MTU_DISCOVER 39/* set DF bit on egress packets */
+/* #endif */
+
+# define BIO_CTRL_DGRAM_QUERY_MTU 40/* as kernel for current MTU */
+# define BIO_CTRL_DGRAM_GET_FALLBACK_MTU 47
+# define BIO_CTRL_DGRAM_GET_MTU 41/* get cached value for MTU */
+# define BIO_CTRL_DGRAM_SET_MTU 42/* set cached value for MTU.
+ * want to use this if asking
+ * the kernel fails */
+
+# define BIO_CTRL_DGRAM_MTU_EXCEEDED 43/* check whether the MTU was
+ * exceed in the previous write
+ * operation */
+
+# define BIO_CTRL_DGRAM_GET_PEER 46
+# define BIO_CTRL_DGRAM_SET_PEER 44/* Destination for the data */
+
+# define BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT 45/* Next DTLS handshake timeout
+ * to adjust socket timeouts */
+# define BIO_CTRL_DGRAM_SET_DONT_FRAG 48
+
+# define BIO_CTRL_DGRAM_GET_MTU_OVERHEAD 49
+
+/* Deliberately outside of OPENSSL_NO_SCTP - used in bss_dgram.c */
+# define BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE 50
+# ifndef OPENSSL_NO_SCTP
+/* SCTP stuff */
+# define BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY 51
+# define BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY 52
+# define BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD 53
+# define BIO_CTRL_DGRAM_SCTP_GET_SNDINFO 60
+# define BIO_CTRL_DGRAM_SCTP_SET_SNDINFO 61
+# define BIO_CTRL_DGRAM_SCTP_GET_RCVINFO 62
+# define BIO_CTRL_DGRAM_SCTP_SET_RCVINFO 63
+# define BIO_CTRL_DGRAM_SCTP_GET_PRINFO 64
+# define BIO_CTRL_DGRAM_SCTP_SET_PRINFO 65
+# define BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN 70
+# endif
+
+# define BIO_CTRL_DGRAM_SET_PEEK_MODE 71
+
+/*
+ * internal BIO:
+ * # define BIO_CTRL_SET_KTLS_SEND 72
+ * # define BIO_CTRL_SET_KTLS_SEND_CTRL_MSG 74
+ * # define BIO_CTRL_CLEAR_KTLS_CTRL_MSG 75
+ */
+
+# define BIO_CTRL_GET_KTLS_SEND 73
+# define BIO_CTRL_GET_KTLS_RECV 76
+
+# define BIO_CTRL_DGRAM_SCTP_WAIT_FOR_DRY 77
+# define BIO_CTRL_DGRAM_SCTP_MSG_WAITING 78
+
+/* BIO_f_prefix controls */
+# define BIO_CTRL_SET_PREFIX 79
+# define BIO_CTRL_SET_INDENT 80
+# define BIO_CTRL_GET_INDENT 81
+
+# ifndef OPENSSL_NO_KTLS
+# define BIO_get_ktls_send(b) \
+ BIO_ctrl(b, BIO_CTRL_GET_KTLS_SEND, 0, NULL)
+# define BIO_get_ktls_recv(b) \
+ BIO_ctrl(b, BIO_CTRL_GET_KTLS_RECV, 0, NULL)
+# else
+# define BIO_get_ktls_send(b) (0)
+# define BIO_get_ktls_recv(b) (0)
+# endif
+
+/* modifiers */
+# define BIO_FP_READ 0x02
+# define BIO_FP_WRITE 0x04
+# define BIO_FP_APPEND 0x08
+# define BIO_FP_TEXT 0x10
+
+# define BIO_FLAGS_READ 0x01
+# define BIO_FLAGS_WRITE 0x02
+# define BIO_FLAGS_IO_SPECIAL 0x04
+# define BIO_FLAGS_RWS (BIO_FLAGS_READ|BIO_FLAGS_WRITE|BIO_FLAGS_IO_SPECIAL)
+# define BIO_FLAGS_SHOULD_RETRY 0x08
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+/* This #define was replaced by an internal constant and should not be used. */
+# define BIO_FLAGS_UPLINK 0
+# endif
+
+# define BIO_FLAGS_BASE64_NO_NL 0x100
+
+/*
+ * This is used with memory BIOs:
+ * BIO_FLAGS_MEM_RDONLY means we shouldn't free up or change the data in any way;
+ * BIO_FLAGS_NONCLEAR_RST means we shouldn't clear data on reset.
+ */
+# define BIO_FLAGS_MEM_RDONLY 0x200
+# define BIO_FLAGS_NONCLEAR_RST 0x400
+# define BIO_FLAGS_IN_EOF 0x800
+
+typedef union bio_addr_st BIO_ADDR;
+typedef struct bio_addrinfo_st BIO_ADDRINFO;
+
+int BIO_get_new_index(void);
+void BIO_set_flags(BIO *b, int flags);
+int BIO_test_flags(const BIO *b, int flags);
+void BIO_clear_flags(BIO *b, int flags);
+
+# define BIO_get_flags(b) BIO_test_flags(b, ~(0x0))
+# define BIO_set_retry_special(b) \
+ BIO_set_flags(b, (BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY))
+# define BIO_set_retry_read(b) \
+ BIO_set_flags(b, (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY))
+# define BIO_set_retry_write(b) \
+ BIO_set_flags(b, (BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY))
+
+/* These are normally used internally in BIOs */
+# define BIO_clear_retry_flags(b) \
+ BIO_clear_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
+# define BIO_get_retry_flags(b) \
+ BIO_test_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
+
+/* These should be used by the application to tell why we should retry */
+# define BIO_should_read(a) BIO_test_flags(a, BIO_FLAGS_READ)
+# define BIO_should_write(a) BIO_test_flags(a, BIO_FLAGS_WRITE)
+# define BIO_should_io_special(a) BIO_test_flags(a, BIO_FLAGS_IO_SPECIAL)
+# define BIO_retry_type(a) BIO_test_flags(a, BIO_FLAGS_RWS)
+# define BIO_should_retry(a) BIO_test_flags(a, BIO_FLAGS_SHOULD_RETRY)
+
+/*
+ * The next three are used in conjunction with the BIO_should_io_special()
+ * condition. After this returns true, BIO *BIO_get_retry_BIO(BIO *bio, int
+ * *reason); will walk the BIO stack and return the 'reason' for the special
+ * and the offending BIO. Given a BIO, BIO_get_retry_reason(bio) will return
+ * the code.
+ */
+/*
+ * Returned from the SSL bio when the certificate retrieval code had an error
+ */
+# define BIO_RR_SSL_X509_LOOKUP 0x01
+/* Returned from the connect BIO when a connect would have blocked */
+# define BIO_RR_CONNECT 0x02
+/* Returned from the accept BIO when an accept would have blocked */
+# define BIO_RR_ACCEPT 0x03
+
+/* These are passed by the BIO callback */
+# define BIO_CB_FREE 0x01
+# define BIO_CB_READ 0x02
+# define BIO_CB_WRITE 0x03
+# define BIO_CB_PUTS 0x04
+# define BIO_CB_GETS 0x05
+# define BIO_CB_CTRL 0x06
+
+/*
+ * The callback is called before and after the underling operation, The
+ * BIO_CB_RETURN flag indicates if it is after the call
+ */
+# define BIO_CB_RETURN 0x80
+# define BIO_CB_return(a) ((a)|BIO_CB_RETURN)
+# define BIO_cb_pre(a) (!((a)&BIO_CB_RETURN))
+# define BIO_cb_post(a) ((a)&BIO_CB_RETURN)
+
+typedef long (*BIO_callback_fn)(BIO *b, int oper, const char *argp, int argi,
+ long argl, long ret);
+typedef long (*BIO_callback_fn_ex)(BIO *b, int oper, const char *argp,
+ size_t len, int argi,
+ long argl, int ret, size_t *processed);
+BIO_callback_fn BIO_get_callback(const BIO *b);
+void BIO_set_callback(BIO *b, BIO_callback_fn callback);
+
+BIO_callback_fn_ex BIO_get_callback_ex(const BIO *b);
+void BIO_set_callback_ex(BIO *b, BIO_callback_fn_ex callback);
+
+char *BIO_get_callback_arg(const BIO *b);
+void BIO_set_callback_arg(BIO *b, char *arg);
+
+typedef struct bio_method_st BIO_METHOD;
+
+const char *BIO_method_name(const BIO *b);
+int BIO_method_type(const BIO *b);
+
+typedef int BIO_info_cb(BIO *, int, int);
+typedef BIO_info_cb bio_info_cb; /* backward compatibility */
+
+DEFINE_OR_DECLARE_STACK_OF(BIO)
+
+/* Prefix and suffix callback in ASN1 BIO */
+typedef int asn1_ps_func (BIO *b, unsigned char **pbuf, int *plen,
+ void *parg);
+
+typedef void (*BIO_dgram_sctp_notification_handler_fn) (BIO *b,
+ void *context,
+ void *buf);
+# ifndef OPENSSL_NO_SCTP
+/* SCTP parameter structs */
+struct bio_dgram_sctp_sndinfo {
+ uint16_t snd_sid;
+ uint16_t snd_flags;
+ uint32_t snd_ppid;
+ uint32_t snd_context;
+};
+
+struct bio_dgram_sctp_rcvinfo {
+ uint16_t rcv_sid;
+ uint16_t rcv_ssn;
+ uint16_t rcv_flags;
+ uint32_t rcv_ppid;
+ uint32_t rcv_tsn;
+ uint32_t rcv_cumtsn;
+ uint32_t rcv_context;
+};
+
+struct bio_dgram_sctp_prinfo {
+ uint16_t pr_policy;
+ uint32_t pr_value;
+};
+# endif
+
+/*
+ * #define BIO_CONN_get_param_hostname BIO_ctrl
+ */
+
+# define BIO_C_SET_CONNECT 100
+# define BIO_C_DO_STATE_MACHINE 101
+# define BIO_C_SET_NBIO 102
+/* # define BIO_C_SET_PROXY_PARAM 103 */
+# define BIO_C_SET_FD 104
+# define BIO_C_GET_FD 105
+# define BIO_C_SET_FILE_PTR 106
+# define BIO_C_GET_FILE_PTR 107
+# define BIO_C_SET_FILENAME 108
+# define BIO_C_SET_SSL 109
+# define BIO_C_GET_SSL 110
+# define BIO_C_SET_MD 111
+# define BIO_C_GET_MD 112
+# define BIO_C_GET_CIPHER_STATUS 113
+# define BIO_C_SET_BUF_MEM 114
+# define BIO_C_GET_BUF_MEM_PTR 115
+# define BIO_C_GET_BUFF_NUM_LINES 116
+# define BIO_C_SET_BUFF_SIZE 117
+# define BIO_C_SET_ACCEPT 118
+# define BIO_C_SSL_MODE 119
+# define BIO_C_GET_MD_CTX 120
+/* # define BIO_C_GET_PROXY_PARAM 121 */
+# define BIO_C_SET_BUFF_READ_DATA 122/* data to read first */
+# define BIO_C_GET_CONNECT 123
+# define BIO_C_GET_ACCEPT 124
+# define BIO_C_SET_SSL_RENEGOTIATE_BYTES 125
+# define BIO_C_GET_SSL_NUM_RENEGOTIATES 126
+# define BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT 127
+# define BIO_C_FILE_SEEK 128
+# define BIO_C_GET_CIPHER_CTX 129
+# define BIO_C_SET_BUF_MEM_EOF_RETURN 130/* return end of input
+ * value */
+# define BIO_C_SET_BIND_MODE 131
+# define BIO_C_GET_BIND_MODE 132
+# define BIO_C_FILE_TELL 133
+# define BIO_C_GET_SOCKS 134
+# define BIO_C_SET_SOCKS 135
+
+# define BIO_C_SET_WRITE_BUF_SIZE 136/* for BIO_s_bio */
+# define BIO_C_GET_WRITE_BUF_SIZE 137
+# define BIO_C_MAKE_BIO_PAIR 138
+# define BIO_C_DESTROY_BIO_PAIR 139
+# define BIO_C_GET_WRITE_GUARANTEE 140
+# define BIO_C_GET_READ_REQUEST 141
+# define BIO_C_SHUTDOWN_WR 142
+# define BIO_C_NREAD0 143
+# define BIO_C_NREAD 144
+# define BIO_C_NWRITE0 145
+# define BIO_C_NWRITE 146
+# define BIO_C_RESET_READ_REQUEST 147
+# define BIO_C_SET_MD_CTX 148
+
+# define BIO_C_SET_PREFIX 149
+# define BIO_C_GET_PREFIX 150
+# define BIO_C_SET_SUFFIX 151
+# define BIO_C_GET_SUFFIX 152
+
+# define BIO_C_SET_EX_ARG 153
+# define BIO_C_GET_EX_ARG 154
+
+# define BIO_C_SET_CONNECT_MODE 155
+
+# define BIO_set_app_data(s,arg) BIO_set_ex_data(s,0,arg)
+# define BIO_get_app_data(s) BIO_get_ex_data(s,0)
+
+# define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL)
+
+# ifndef OPENSSL_NO_SOCK
+/* IP families we support, for BIO_s_connect() and BIO_s_accept() */
+/* Note: the underlying operating system may not support some of them */
+# define BIO_FAMILY_IPV4 4
+# define BIO_FAMILY_IPV6 6
+# define BIO_FAMILY_IPANY 256
+
+/* BIO_s_connect() */
+# define BIO_set_conn_hostname(b,name) BIO_ctrl(b,BIO_C_SET_CONNECT,0, \
+ (char *)(name))
+# define BIO_set_conn_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,1, \
+ (char *)(port))
+# define BIO_set_conn_address(b,addr) BIO_ctrl(b,BIO_C_SET_CONNECT,2, \
+ (char *)(addr))
+# define BIO_set_conn_ip_family(b,f) BIO_int_ctrl(b,BIO_C_SET_CONNECT,3,f)
+# define BIO_get_conn_hostname(b) ((const char *)BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0))
+# define BIO_get_conn_port(b) ((const char *)BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1))
+# define BIO_get_conn_address(b) ((const BIO_ADDR *)BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,2))
+# define BIO_get_conn_ip_family(b) BIO_ctrl(b,BIO_C_GET_CONNECT,3,NULL)
+# define BIO_set_conn_mode(b,n) BIO_ctrl(b,BIO_C_SET_CONNECT_MODE,(n),NULL)
+
+/* BIO_s_accept() */
+# define BIO_set_accept_name(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0, \
+ (char *)(name))
+# define BIO_set_accept_port(b,port) BIO_ctrl(b,BIO_C_SET_ACCEPT,1, \
+ (char *)(port))
+# define BIO_get_accept_name(b) ((const char *)BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0))
+# define BIO_get_accept_port(b) ((const char *)BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,1))
+# define BIO_get_peer_name(b) ((const char *)BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,2))
+# define BIO_get_peer_port(b) ((const char *)BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,3))
+/* #define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) */
+# define BIO_set_nbio_accept(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,2,(n)?(void *)"a":NULL)
+# define BIO_set_accept_bios(b,bio) BIO_ctrl(b,BIO_C_SET_ACCEPT,3, \
+ (char *)(bio))
+# define BIO_set_accept_ip_family(b,f) BIO_int_ctrl(b,BIO_C_SET_ACCEPT,4,f)
+# define BIO_get_accept_ip_family(b) BIO_ctrl(b,BIO_C_GET_ACCEPT,4,NULL)
+
+/* Aliases kept for backward compatibility */
+# define BIO_BIND_NORMAL 0
+# define BIO_BIND_REUSEADDR BIO_SOCK_REUSEADDR
+# define BIO_BIND_REUSEADDR_IF_UNUSED BIO_SOCK_REUSEADDR
+# define BIO_set_bind_mode(b,mode) BIO_ctrl(b,BIO_C_SET_BIND_MODE,mode,NULL)
+# define BIO_get_bind_mode(b) BIO_ctrl(b,BIO_C_GET_BIND_MODE,0,NULL)
+
+/* BIO_s_accept() and BIO_s_connect() */
+# define BIO_do_connect(b) BIO_do_handshake(b)
+# define BIO_do_accept(b) BIO_do_handshake(b)
+# endif /* OPENSSL_NO_SOCK */
+
+# define BIO_do_handshake(b) BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)
+
+/* BIO_s_datagram(), BIO_s_fd(), BIO_s_socket(), BIO_s_accept() and BIO_s_connect() */
+# define BIO_set_fd(b,fd,c) BIO_int_ctrl(b,BIO_C_SET_FD,c,fd)
+# define BIO_get_fd(b,c) BIO_ctrl(b,BIO_C_GET_FD,0,(char *)(c))
+
+/* BIO_s_file() */
+# define BIO_set_fp(b,fp,c) BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,(char *)(fp))
+# define BIO_get_fp(b,fpp) BIO_ctrl(b,BIO_C_GET_FILE_PTR,0,(char *)(fpp))
+
+/* BIO_s_fd() and BIO_s_file() */
+# define BIO_seek(b,ofs) (int)BIO_ctrl(b,BIO_C_FILE_SEEK,ofs,NULL)
+# define BIO_tell(b) (int)BIO_ctrl(b,BIO_C_FILE_TELL,0,NULL)
+
+/*
+ * name is cast to lose const, but might be better to route through a
+ * function so we can do it safely
+ */
+# ifdef CONST_STRICT
+/*
+ * If you are wondering why this isn't defined, its because CONST_STRICT is
+ * purely a compile-time kludge to allow const to be checked.
+ */
+int BIO_read_filename(BIO *b, const char *name);
+# else
+# define BIO_read_filename(b,name) (int)BIO_ctrl(b,BIO_C_SET_FILENAME, \
+ BIO_CLOSE|BIO_FP_READ,(char *)(name))
+# endif
+# define BIO_write_filename(b,name) (int)BIO_ctrl(b,BIO_C_SET_FILENAME, \
+ BIO_CLOSE|BIO_FP_WRITE,name)
+# define BIO_append_filename(b,name) (int)BIO_ctrl(b,BIO_C_SET_FILENAME, \
+ BIO_CLOSE|BIO_FP_APPEND,name)
+# define BIO_rw_filename(b,name) (int)BIO_ctrl(b,BIO_C_SET_FILENAME, \
+ BIO_CLOSE|BIO_FP_READ|BIO_FP_WRITE,name)
+
+/*
+ * WARNING WARNING, this ups the reference count on the read bio of the SSL
+ * structure. This is because the ssl read BIO is now pointed to by the
+ * next_bio field in the bio. So when you free the BIO, make sure you are
+ * doing a BIO_free_all() to catch the underlying BIO.
+ */
+# define BIO_set_ssl(b,ssl,c) BIO_ctrl(b,BIO_C_SET_SSL,c,(char *)(ssl))
+# define BIO_get_ssl(b,sslp) BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)(sslp))
+# define BIO_set_ssl_mode(b,client) BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL)
+# define BIO_set_ssl_renegotiate_bytes(b,num) \
+ BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL)
+# define BIO_get_num_renegotiates(b) \
+ BIO_ctrl(b,BIO_C_GET_SSL_NUM_RENEGOTIATES,0,NULL)
+# define BIO_set_ssl_renegotiate_timeout(b,seconds) \
+ BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL)
+
+/* defined in evp.h */
+/* #define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,1,(char *)(md)) */
+
+# define BIO_get_mem_data(b,pp) BIO_ctrl(b,BIO_CTRL_INFO,0,(char *)(pp))
+# define BIO_set_mem_buf(b,bm,c) BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,(char *)(bm))
+# define BIO_get_mem_ptr(b,pp) BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0, \
+ (char *)(pp))
+# define BIO_set_mem_eof_return(b,v) \
+ BIO_ctrl(b,BIO_C_SET_BUF_MEM_EOF_RETURN,v,NULL)
+
+/* For the BIO_f_buffer() type */
+# define BIO_get_buffer_num_lines(b) BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL)
+# define BIO_set_buffer_size(b,size) BIO_ctrl(b,BIO_C_SET_BUFF_SIZE,size,NULL)
+# define BIO_set_read_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,0)
+# define BIO_set_write_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,1)
+# define BIO_set_buffer_read_data(b,buf,num) BIO_ctrl(b,BIO_C_SET_BUFF_READ_DATA,num,buf)
+
+/* Don't use the next one unless you know what you are doing :-) */
+# define BIO_dup_state(b,ret) BIO_ctrl(b,BIO_CTRL_DUP,0,(char *)(ret))
+
+# define BIO_reset(b) (int)BIO_ctrl(b,BIO_CTRL_RESET,0,NULL)
+# define BIO_eof(b) (int)BIO_ctrl(b,BIO_CTRL_EOF,0,NULL)
+# define BIO_set_close(b,c) (int)BIO_ctrl(b,BIO_CTRL_SET_CLOSE,(c),NULL)
+# define BIO_get_close(b) (int)BIO_ctrl(b,BIO_CTRL_GET_CLOSE,0,NULL)
+# define BIO_pending(b) (int)BIO_ctrl(b,BIO_CTRL_PENDING,0,NULL)
+# define BIO_wpending(b) (int)BIO_ctrl(b,BIO_CTRL_WPENDING,0,NULL)
+/* ...pending macros have inappropriate return type */
+size_t BIO_ctrl_pending(BIO *b);
+size_t BIO_ctrl_wpending(BIO *b);
+# define BIO_flush(b) (int)BIO_ctrl(b,BIO_CTRL_FLUSH,0,NULL)
+# define BIO_get_info_callback(b,cbp) (int)BIO_ctrl(b,BIO_CTRL_GET_CALLBACK,0, \
+ cbp)
+# define BIO_set_info_callback(b,cb) (int)BIO_callback_ctrl(b,BIO_CTRL_SET_CALLBACK,cb)
+
+/* For the BIO_f_buffer() type */
+# define BIO_buffer_get_num_lines(b) BIO_ctrl(b,BIO_CTRL_GET,0,NULL)
+# define BIO_buffer_peek(b,s,l) BIO_ctrl(b,BIO_CTRL_PEEK,(l),(s))
+
+/* For BIO_s_bio() */
+# define BIO_set_write_buf_size(b,size) (int)BIO_ctrl(b,BIO_C_SET_WRITE_BUF_SIZE,size,NULL)
+# define BIO_get_write_buf_size(b,size) (size_t)BIO_ctrl(b,BIO_C_GET_WRITE_BUF_SIZE,size,NULL)
+# define BIO_make_bio_pair(b1,b2) (int)BIO_ctrl(b1,BIO_C_MAKE_BIO_PAIR,0,b2)
+# define BIO_destroy_bio_pair(b) (int)BIO_ctrl(b,BIO_C_DESTROY_BIO_PAIR,0,NULL)
+# define BIO_shutdown_wr(b) (int)BIO_ctrl(b, BIO_C_SHUTDOWN_WR, 0, NULL)
+/* macros with inappropriate type -- but ...pending macros use int too: */
+# define BIO_get_write_guarantee(b) (int)BIO_ctrl(b,BIO_C_GET_WRITE_GUARANTEE,0,NULL)
+# define BIO_get_read_request(b) (int)BIO_ctrl(b,BIO_C_GET_READ_REQUEST,0,NULL)
+size_t BIO_ctrl_get_write_guarantee(BIO *b);
+size_t BIO_ctrl_get_read_request(BIO *b);
+int BIO_ctrl_reset_read_request(BIO *b);
+
+/* ctrl macros for dgram */
+# define BIO_ctrl_dgram_connect(b,peer) \
+ (int)BIO_ctrl(b,BIO_CTRL_DGRAM_CONNECT,0, (char *)(peer))
+# define BIO_ctrl_set_connected(b,peer) \
+ (int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_CONNECTED, 0, (char *)(peer))
+# define BIO_dgram_recv_timedout(b) \
+ (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP, 0, NULL)
+# define BIO_dgram_send_timedout(b) \
+ (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP, 0, NULL)
+# define BIO_dgram_get_peer(b,peer) \
+ (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_PEER, 0, (char *)(peer))
+# define BIO_dgram_set_peer(b,peer) \
+ (int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, (char *)(peer))
+# define BIO_dgram_get_mtu_overhead(b) \
+ (unsigned int)BIO_ctrl((b), BIO_CTRL_DGRAM_GET_MTU_OVERHEAD, 0, NULL)
+
+/* ctrl macros for BIO_f_prefix */
+# define BIO_set_prefix(b,p) BIO_ctrl((b), BIO_CTRL_SET_PREFIX, 0, (void *)(p))
+# define BIO_set_indent(b,i) BIO_ctrl((b), BIO_CTRL_SET_INDENT, (i), NULL)
+# define BIO_get_indent(b) BIO_ctrl((b), BIO_CTRL_GET_INDENT, 0, NULL)
+
+#define BIO_get_ex_new_index(l, p, newf, dupf, freef) \
+ CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_BIO, l, p, newf, dupf, freef)
+int BIO_set_ex_data(BIO *bio, int idx, void *data);
+void *BIO_get_ex_data(const BIO *bio, int idx);
+uint64_t BIO_number_read(BIO *bio);
+uint64_t BIO_number_written(BIO *bio);
+
+/* For BIO_f_asn1() */
+int BIO_asn1_set_prefix(BIO *b, asn1_ps_func *prefix,
+ asn1_ps_func *prefix_free);
+int BIO_asn1_get_prefix(BIO *b, asn1_ps_func **pprefix,
+ asn1_ps_func **pprefix_free);
+int BIO_asn1_set_suffix(BIO *b, asn1_ps_func *suffix,
+ asn1_ps_func *suffix_free);
+int BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix,
+ asn1_ps_func **psuffix_free);
+
+const BIO_METHOD *BIO_s_file(void);
+BIO *BIO_new_file(const char *filename, const char *mode);
+# ifndef OPENSSL_NO_STDIO
+BIO *BIO_new_fp(FILE *stream, int close_flag);
+# endif
+BIO *BIO_new(const BIO_METHOD *type);
+int BIO_free(BIO *a);
+void BIO_set_data(BIO *a, void *ptr);
+void *BIO_get_data(BIO *a);
+void BIO_set_init(BIO *a, int init);
+int BIO_get_init(BIO *a);
+void BIO_set_shutdown(BIO *a, int shut);
+int BIO_get_shutdown(BIO *a);
+void BIO_vfree(BIO *a);
+int BIO_up_ref(BIO *a);
+int BIO_read(BIO *b, void *data, int dlen);
+int BIO_read_ex(BIO *b, void *data, size_t dlen, size_t *readbytes);
+int BIO_gets(BIO *bp, char *buf, int size);
+int BIO_write(BIO *b, const void *data, int dlen);
+int BIO_write_ex(BIO *b, const void *data, size_t dlen, size_t *written);
+int BIO_puts(BIO *bp, const char *buf);
+int BIO_indent(BIO *b, int indent, int max);
+long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
+long BIO_callback_ctrl(BIO *b, int cmd, BIO_info_cb *fp);
+void *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
+long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
+BIO *BIO_push(BIO *b, BIO *append);
+BIO *BIO_pop(BIO *b);
+void BIO_free_all(BIO *a);
+BIO *BIO_find_type(BIO *b, int bio_type);
+BIO *BIO_next(BIO *b);
+void BIO_set_next(BIO *b, BIO *next);
+BIO *BIO_get_retry_BIO(BIO *bio, int *reason);
+int BIO_get_retry_reason(BIO *bio);
+void BIO_set_retry_reason(BIO *bio, int reason);
+BIO *BIO_dup_chain(BIO *in);
+
+int BIO_nread0(BIO *bio, char **buf);
+int BIO_nread(BIO *bio, char **buf, int num);
+int BIO_nwrite0(BIO *bio, char **buf);
+int BIO_nwrite(BIO *bio, char **buf, int num);
+
+long BIO_debug_callback(BIO *bio, int cmd, const char *argp, int argi,
+ long argl, long ret);
+
+const BIO_METHOD *BIO_s_mem(void);
+const BIO_METHOD *BIO_s_secmem(void);
+BIO *BIO_new_mem_buf(const void *buf, int len);
+# ifndef OPENSSL_NO_SOCK
+const BIO_METHOD *BIO_s_socket(void);
+const BIO_METHOD *BIO_s_connect(void);
+const BIO_METHOD *BIO_s_accept(void);
+# endif
+const BIO_METHOD *BIO_s_fd(void);
+const BIO_METHOD *BIO_s_log(void);
+const BIO_METHOD *BIO_s_bio(void);
+const BIO_METHOD *BIO_s_null(void);
+const BIO_METHOD *BIO_f_null(void);
+const BIO_METHOD *BIO_f_buffer(void);
+const BIO_METHOD *BIO_f_linebuffer(void);
+const BIO_METHOD *BIO_f_nbio_test(void);
+const BIO_METHOD *BIO_f_prefix(void);
+# ifndef OPENSSL_NO_DGRAM
+const BIO_METHOD *BIO_s_datagram(void);
+int BIO_dgram_non_fatal_error(int error);
+BIO *BIO_new_dgram(int fd, int close_flag);
+# ifndef OPENSSL_NO_SCTP
+const BIO_METHOD *BIO_s_datagram_sctp(void);
+BIO *BIO_new_dgram_sctp(int fd, int close_flag);
+int BIO_dgram_is_sctp(BIO *bio);
+int BIO_dgram_sctp_notification_cb(BIO *b,
+ BIO_dgram_sctp_notification_handler_fn handle_notifications,
+ void *context);
+int BIO_dgram_sctp_wait_for_dry(BIO *b);
+int BIO_dgram_sctp_msg_waiting(BIO *b);
+# endif
+# endif
+
+# ifndef OPENSSL_NO_SOCK
+int BIO_sock_should_retry(int i);
+int BIO_sock_non_fatal_error(int error);
+int BIO_socket_wait(int fd, int for_read, time_t max_time);
+# endif
+int BIO_wait(BIO *bio, time_t max_time, unsigned int nap_milliseconds);
+int BIO_do_connect_retry(BIO *bio, int timeout, int nap_milliseconds);
+
+int BIO_fd_should_retry(int i);
+int BIO_fd_non_fatal_error(int error);
+int BIO_dump_cb(int (*cb) (const void *data, size_t len, void *u),
+ void *u, const void *s, int len);
+int BIO_dump_indent_cb(int (*cb) (const void *data, size_t len, void *u),
+ void *u, const void *s, int len, int indent);
+int BIO_dump(BIO *b, const void *bytes, int len);
+int BIO_dump_indent(BIO *b, const void *bytes, int len, int indent);
+# ifndef OPENSSL_NO_STDIO
+int BIO_dump_fp(FILE *fp, const void *s, int len);
+int BIO_dump_indent_fp(FILE *fp, const void *s, int len, int indent);
+# endif
+int BIO_hex_string(BIO *out, int indent, int width, const void *data,
+ int datalen);
+
+# ifndef OPENSSL_NO_SOCK
+BIO_ADDR *BIO_ADDR_new(void);
+int BIO_ADDR_rawmake(BIO_ADDR *ap, int family,
+ const void *where, size_t wherelen, unsigned short port);
+void BIO_ADDR_free(BIO_ADDR *);
+void BIO_ADDR_clear(BIO_ADDR *ap);
+int BIO_ADDR_family(const BIO_ADDR *ap);
+int BIO_ADDR_rawaddress(const BIO_ADDR *ap, void *p, size_t *l);
+unsigned short BIO_ADDR_rawport(const BIO_ADDR *ap);
+char *BIO_ADDR_hostname_string(const BIO_ADDR *ap, int numeric);
+char *BIO_ADDR_service_string(const BIO_ADDR *ap, int numeric);
+char *BIO_ADDR_path_string(const BIO_ADDR *ap);
+
+const BIO_ADDRINFO *BIO_ADDRINFO_next(const BIO_ADDRINFO *bai);
+int BIO_ADDRINFO_family(const BIO_ADDRINFO *bai);
+int BIO_ADDRINFO_socktype(const BIO_ADDRINFO *bai);
+int BIO_ADDRINFO_protocol(const BIO_ADDRINFO *bai);
+const BIO_ADDR *BIO_ADDRINFO_address(const BIO_ADDRINFO *bai);
+void BIO_ADDRINFO_free(BIO_ADDRINFO *bai);
+
+enum BIO_hostserv_priorities {
+ BIO_PARSE_PRIO_HOST, BIO_PARSE_PRIO_SERV
+};
+int BIO_parse_hostserv(const char *hostserv, char **host, char **service,
+ enum BIO_hostserv_priorities hostserv_prio);
+enum BIO_lookup_type {
+ BIO_LOOKUP_CLIENT, BIO_LOOKUP_SERVER
+};
+int BIO_lookup(const char *host, const char *service,
+ enum BIO_lookup_type lookup_type,
+ int family, int socktype, BIO_ADDRINFO **res);
+int BIO_lookup_ex(const char *host, const char *service,
+ int lookup_type, int family, int socktype, int protocol,
+ BIO_ADDRINFO **res);
+int BIO_sock_error(int sock);
+int BIO_socket_ioctl(int fd, long type, void *arg);
+int BIO_socket_nbio(int fd, int mode);
+int BIO_sock_init(void);
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# define BIO_sock_cleanup() while(0) continue
+# endif
+int BIO_set_tcp_ndelay(int sock, int turn_on);
+
+DEPRECATEDIN_1_1_0(struct hostent *BIO_gethostbyname(const char *name))
+DEPRECATEDIN_1_1_0(int BIO_get_port(const char *str, unsigned short *port_ptr))
+DEPRECATEDIN_1_1_0(int BIO_get_host_ip(const char *str, unsigned char *ip))
+DEPRECATEDIN_1_1_0(int BIO_get_accept_socket(char *host_port, int mode))
+DEPRECATEDIN_1_1_0(int BIO_accept(int sock, char **ip_port))
+
+union BIO_sock_info_u {
+ BIO_ADDR *addr;
+};
+enum BIO_sock_info_type {
+ BIO_SOCK_INFO_ADDRESS
+};
+int BIO_sock_info(int sock,
+ enum BIO_sock_info_type type, union BIO_sock_info_u *info);
+
+# define BIO_SOCK_REUSEADDR 0x01
+# define BIO_SOCK_V6_ONLY 0x02
+# define BIO_SOCK_KEEPALIVE 0x04
+# define BIO_SOCK_NONBLOCK 0x08
+# define BIO_SOCK_NODELAY 0x10
+
+int BIO_socket(int domain, int socktype, int protocol, int options);
+int BIO_connect(int sock, const BIO_ADDR *addr, int options);
+int BIO_bind(int sock, const BIO_ADDR *addr, int options);
+int BIO_listen(int sock, const BIO_ADDR *addr, int options);
+int BIO_accept_ex(int accept_sock, BIO_ADDR *addr, int options);
+int BIO_closesocket(int sock);
+
+BIO *BIO_new_socket(int sock, int close_flag);
+BIO *BIO_new_connect(const char *host_port);
+BIO *BIO_new_accept(const char *host_port);
+# endif /* OPENSSL_NO_SOCK*/
+
+BIO *BIO_new_fd(int fd, int close_flag);
+
+int BIO_new_bio_pair(BIO **bio1, size_t writebuf1,
+ BIO **bio2, size_t writebuf2);
+/*
+ * If successful, returns 1 and in *bio1, *bio2 two BIO pair endpoints.
+ * Otherwise returns 0 and sets *bio1 and *bio2 to NULL. Size 0 uses default
+ * value.
+ */
+
+void BIO_copy_next_retry(BIO *b);
+
+/*
+ * long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);
+ */
+
+# define ossl_bio__attr__(x)
+# if defined(__GNUC__) && defined(__STDC_VERSION__) \
+ && !defined(__APPLE__)
+ /*
+ * Because we support the 'z' modifier, which made its appearance in C99,
+ * we can't use __attribute__ with pre C99 dialects.
+ */
+# if __STDC_VERSION__ >= 199901L
+# undef ossl_bio__attr__
+# define ossl_bio__attr__ __attribute__
+# if __GNUC__*10 + __GNUC_MINOR__ >= 44
+# define ossl_bio__printf__ __gnu_printf__
+# else
+# define ossl_bio__printf__ __printf__
+# endif
+# endif
+# endif
+int BIO_printf(BIO *bio, const char *format, ...)
+ossl_bio__attr__((__format__(ossl_bio__printf__, 2, 3)));
+int BIO_vprintf(BIO *bio, const char *format, va_list args)
+ossl_bio__attr__((__format__(ossl_bio__printf__, 2, 0)));
+int BIO_snprintf(char *buf, size_t n, const char *format, ...)
+ossl_bio__attr__((__format__(ossl_bio__printf__, 3, 4)));
+int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)
+ossl_bio__attr__((__format__(ossl_bio__printf__, 3, 0)));
+# undef ossl_bio__attr__
+# undef ossl_bio__printf__
+
+
+BIO_METHOD *BIO_meth_new(int type, const char *name);
+void BIO_meth_free(BIO_METHOD *biom);
+int (*BIO_meth_get_write(const BIO_METHOD *biom)) (BIO *, const char *, int);
+int (*BIO_meth_get_write_ex(const BIO_METHOD *biom)) (BIO *, const char *, size_t,
+ size_t *);
+int BIO_meth_set_write(BIO_METHOD *biom,
+ int (*write) (BIO *, const char *, int));
+int BIO_meth_set_write_ex(BIO_METHOD *biom,
+ int (*bwrite) (BIO *, const char *, size_t, size_t *));
+int (*BIO_meth_get_read(const BIO_METHOD *biom)) (BIO *, char *, int);
+int (*BIO_meth_get_read_ex(const BIO_METHOD *biom)) (BIO *, char *, size_t, size_t *);
+int BIO_meth_set_read(BIO_METHOD *biom,
+ int (*read) (BIO *, char *, int));
+int BIO_meth_set_read_ex(BIO_METHOD *biom,
+ int (*bread) (BIO *, char *, size_t, size_t *));
+int (*BIO_meth_get_puts(const BIO_METHOD *biom)) (BIO *, const char *);
+int BIO_meth_set_puts(BIO_METHOD *biom,
+ int (*puts) (BIO *, const char *));
+int (*BIO_meth_get_gets(const BIO_METHOD *biom)) (BIO *, char *, int);
+int BIO_meth_set_gets(BIO_METHOD *biom,
+ int (*gets) (BIO *, char *, int));
+long (*BIO_meth_get_ctrl(const BIO_METHOD *biom)) (BIO *, int, long, void *);
+int BIO_meth_set_ctrl(BIO_METHOD *biom,
+ long (*ctrl) (BIO *, int, long, void *));
+int (*BIO_meth_get_create(const BIO_METHOD *bion)) (BIO *);
+int BIO_meth_set_create(BIO_METHOD *biom, int (*create) (BIO *));
+int (*BIO_meth_get_destroy(const BIO_METHOD *biom)) (BIO *);
+int BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy) (BIO *));
+long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom))
+ (BIO *, int, BIO_info_cb *);
+int BIO_meth_set_callback_ctrl(BIO_METHOD *biom,
+ long (*callback_ctrl) (BIO *, int,
+ BIO_info_cb *));
+
+# ifdef __cplusplus
+}
+# endif
+#endif
diff --git a/openssl/include/openssl/bioerr.h b/openssl/include/openssl/bioerr.h new file mode 100644 index 00000000..98b02005 --- /dev/null +++ b/openssl/include/openssl/bioerr.h @@ -0,0 +1,130 @@ +/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_BIOERR_H
+# define OPENSSL_BIOERR_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+
+
+# ifdef __cplusplus
+extern "C"
+# endif
+int ERR_load_BIO_strings(void);
+
+/*
+ * BIO function codes.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define BIO_F_ACPT_STATE 0
+# define BIO_F_ADDRINFO_WRAP 0
+# define BIO_F_ADDR_STRINGS 0
+# define BIO_F_BIO_ACCEPT 0
+# define BIO_F_BIO_ACCEPT_EX 0
+# define BIO_F_BIO_ACCEPT_NEW 0
+# define BIO_F_BIO_ADDR_NEW 0
+# define BIO_F_BIO_BIND 0
+# define BIO_F_BIO_CALLBACK_CTRL 0
+# define BIO_F_BIO_CONNECT 0
+# define BIO_F_BIO_CONNECT_NEW 0
+# define BIO_F_BIO_CTRL 0
+# define BIO_F_BIO_GETS 0
+# define BIO_F_BIO_GET_HOST_IP 0
+# define BIO_F_BIO_GET_NEW_INDEX 0
+# define BIO_F_BIO_GET_PORT 0
+# define BIO_F_BIO_LISTEN 0
+# define BIO_F_BIO_LOOKUP 0
+# define BIO_F_BIO_LOOKUP_EX 0
+# define BIO_F_BIO_MAKE_PAIR 0
+# define BIO_F_BIO_METH_NEW 0
+# define BIO_F_BIO_NEW 0
+# define BIO_F_BIO_NEW_DGRAM_SCTP 0
+# define BIO_F_BIO_NEW_FILE 0
+# define BIO_F_BIO_NEW_MEM_BUF 0
+# define BIO_F_BIO_NREAD 0
+# define BIO_F_BIO_NREAD0 0
+# define BIO_F_BIO_NWRITE 0
+# define BIO_F_BIO_NWRITE0 0
+# define BIO_F_BIO_PARSE_HOSTSERV 0
+# define BIO_F_BIO_PUTS 0
+# define BIO_F_BIO_READ 0
+# define BIO_F_BIO_READ_EX 0
+# define BIO_F_BIO_READ_INTERN 0
+# define BIO_F_BIO_SOCKET 0
+# define BIO_F_BIO_SOCKET_NBIO 0
+# define BIO_F_BIO_SOCK_INFO 0
+# define BIO_F_BIO_SOCK_INIT 0
+# define BIO_F_BIO_WRITE 0
+# define BIO_F_BIO_WRITE_EX 0
+# define BIO_F_BIO_WRITE_INTERN 0
+# define BIO_F_BUFFER_CTRL 0
+# define BIO_F_CONN_CTRL 0
+# define BIO_F_CONN_STATE 0
+# define BIO_F_DGRAM_SCTP_NEW 0
+# define BIO_F_DGRAM_SCTP_READ 0
+# define BIO_F_DGRAM_SCTP_WRITE 0
+# define BIO_F_DOAPR_OUTCH 0
+# define BIO_F_FILE_CTRL 0
+# define BIO_F_FILE_READ 0
+# define BIO_F_LINEBUFFER_CTRL 0
+# define BIO_F_LINEBUFFER_NEW 0
+# define BIO_F_MEM_WRITE 0
+# define BIO_F_NBIOF_NEW 0
+# define BIO_F_SLG_WRITE 0
+# define BIO_F_SSL_NEW 0
+# endif
+
+/*
+ * BIO reason codes.
+ */
+# define BIO_R_ACCEPT_ERROR 100
+# define BIO_R_ADDRINFO_ADDR_IS_NOT_AF_INET 141
+# define BIO_R_AMBIGUOUS_HOST_OR_SERVICE 129
+# define BIO_R_BAD_FOPEN_MODE 101
+# define BIO_R_BROKEN_PIPE 124
+# define BIO_R_CONNECT_ERROR 103
+# define BIO_R_CONNECT_TIMEOUT 147
+# define BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET 107
+# define BIO_R_GETSOCKNAME_ERROR 132
+# define BIO_R_GETSOCKNAME_TRUNCATED_ADDRESS 133
+# define BIO_R_GETTING_SOCKTYPE 134
+# define BIO_R_INVALID_ARGUMENT 125
+# define BIO_R_INVALID_SOCKET 135
+# define BIO_R_IN_USE 123
+# define BIO_R_LENGTH_TOO_LONG 102
+# define BIO_R_LISTEN_V6_ONLY 136
+# define BIO_R_LOOKUP_RETURNED_NOTHING 142
+# define BIO_R_MALFORMED_HOST_OR_SERVICE 130
+# define BIO_R_NBIO_CONNECT_ERROR 110
+# define BIO_R_NO_ACCEPT_ADDR_OR_SERVICE_SPECIFIED 143
+# define BIO_R_NO_HOSTNAME_OR_SERVICE_SPECIFIED 144
+# define BIO_R_NO_PORT_DEFINED 113
+# define BIO_R_NO_SUCH_FILE 128
+# define BIO_R_NULL_PARAMETER 115
+# define BIO_R_TRANSFER_ERROR 104
+# define BIO_R_TRANSFER_TIMEOUT 105
+# define BIO_R_UNABLE_TO_BIND_SOCKET 117
+# define BIO_R_UNABLE_TO_CREATE_SOCKET 118
+# define BIO_R_UNABLE_TO_KEEPALIVE 137
+# define BIO_R_UNABLE_TO_LISTEN_SOCKET 119
+# define BIO_R_UNABLE_TO_NODELAY 138
+# define BIO_R_UNABLE_TO_REUSEADDR 139
+# define BIO_R_UNAVAILABLE_IP_FAMILY 145
+# define BIO_R_UNINITIALIZED 120
+# define BIO_R_UNKNOWN_INFO_TYPE 140
+# define BIO_R_UNSUPPORTED_IP_FAMILY 146
+# define BIO_R_UNSUPPORTED_METHOD 121
+# define BIO_R_UNSUPPORTED_PROTOCOL_FAMILY 131
+# define BIO_R_WRITE_TO_READ_ONLY_BIO 126
+# define BIO_R_WSASTARTUP 122
+
+#endif
diff --git a/openssl/include/openssl/blowfish.h b/openssl/include/openssl/blowfish.h new file mode 100644 index 00000000..0ce70e66 --- /dev/null +++ b/openssl/include/openssl/blowfish.h @@ -0,0 +1,78 @@ +/*
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_BLOWFISH_H
+# define OPENSSL_BLOWFISH_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_BLOWFISH_H
+# endif
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_BF
+# include <openssl/e_os2.h>
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+# define BF_BLOCK 8
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+
+# define BF_ENCRYPT 1
+# define BF_DECRYPT 0
+
+/*-
+ * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+ * ! BF_LONG has to be at least 32 bits wide. !
+ * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+ */
+# define BF_LONG unsigned int
+
+# define BF_ROUNDS 16
+
+typedef struct bf_key_st {
+ BF_LONG P[BF_ROUNDS + 2];
+ BF_LONG S[4 * 256];
+} BF_KEY;
+
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
+
+DEPRECATEDIN_3_0(void BF_set_key(BF_KEY *key, int len,
+ const unsigned char *data))
+
+DEPRECATEDIN_3_0(void BF_encrypt(BF_LONG *data, const BF_KEY *key))
+DEPRECATEDIN_3_0(void BF_decrypt(BF_LONG *data, const BF_KEY *key))
+
+DEPRECATEDIN_3_0(void BF_ecb_encrypt(const unsigned char *in,
+ unsigned char *out, const BF_KEY *key,
+ int enc))
+DEPRECATEDIN_3_0(void BF_cbc_encrypt(const unsigned char *in,
+ unsigned char *out, long length,
+ const BF_KEY *schedule,
+ unsigned char *ivec, int enc))
+DEPRECATEDIN_3_0(void BF_cfb64_encrypt(const unsigned char *in,
+ unsigned char *out,
+ long length, const BF_KEY *schedule,
+ unsigned char *ivec, int *num, int enc))
+DEPRECATEDIN_3_0(void BF_ofb64_encrypt(const unsigned char *in,
+ unsigned char *out,
+ long length, const BF_KEY *schedule,
+ unsigned char *ivec, int *num))
+DEPRECATEDIN_3_0(const char *BF_options(void))
+
+# ifdef __cplusplus
+}
+# endif
+# endif
+
+#endif
diff --git a/openssl/include/openssl/bn.h b/openssl/include/openssl/bn.h new file mode 100644 index 00000000..7180a253 --- /dev/null +++ b/openssl/include/openssl/bn.h @@ -0,0 +1,561 @@ +/*
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_BN_H
+# define OPENSSL_BN_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_BN_H
+# endif
+
+# include <openssl/e_os2.h>
+# ifndef OPENSSL_NO_STDIO
+# include <stdio.h>
+# endif
+# include <openssl/opensslconf.h>
+# include <openssl/types.h>
+# include <openssl/crypto.h>
+# include <openssl/bnerr.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * 64-bit processor with LP64 ABI
+ */
+# ifdef SIXTY_FOUR_BIT_LONG
+# define BN_ULONG unsigned long
+# define BN_BYTES 8
+# endif
+
+/*
+ * 64-bit processor other than LP64 ABI
+ */
+# ifdef SIXTY_FOUR_BIT
+# define BN_ULONG unsigned long long
+# define BN_BYTES 8
+# endif
+
+# ifdef THIRTY_TWO_BIT
+# define BN_ULONG unsigned int
+# define BN_BYTES 4
+# endif
+
+# define BN_BITS2 (BN_BYTES * 8)
+# define BN_BITS (BN_BITS2 * 2)
+# define BN_TBIT ((BN_ULONG)1 << (BN_BITS2 - 1))
+
+# define BN_FLG_MALLOCED 0x01
+# define BN_FLG_STATIC_DATA 0x02
+
+/*
+ * avoid leaking exponent information through timing,
+ * BN_mod_exp_mont() will call BN_mod_exp_mont_consttime,
+ * BN_div() will call BN_div_no_branch,
+ * BN_mod_inverse() will call bn_mod_inverse_no_branch.
+ */
+# define BN_FLG_CONSTTIME 0x04
+# define BN_FLG_SECURE 0x08
+
+# ifndef OPENSSL_NO_DEPRECATED_0_9_8
+/* deprecated name for the flag */
+# define BN_FLG_EXP_CONSTTIME BN_FLG_CONSTTIME
+# define BN_FLG_FREE 0x8000 /* used for debugging */
+# endif
+
+void BN_set_flags(BIGNUM *b, int n);
+int BN_get_flags(const BIGNUM *b, int n);
+
+/* Values for |top| in BN_rand() */
+#define BN_RAND_TOP_ANY -1
+#define BN_RAND_TOP_ONE 0
+#define BN_RAND_TOP_TWO 1
+
+/* Values for |bottom| in BN_rand() */
+#define BN_RAND_BOTTOM_ANY 0
+#define BN_RAND_BOTTOM_ODD 1
+
+/*
+ * get a clone of a BIGNUM with changed flags, for *temporary* use only (the
+ * two BIGNUMs cannot be used in parallel!). Also only for *read only* use. The
+ * value |dest| should be a newly allocated BIGNUM obtained via BN_new() that
+ * has not been otherwise initialised or used.
+ */
+void BN_with_flags(BIGNUM *dest, const BIGNUM *b, int flags);
+
+/* Wrapper function to make using BN_GENCB easier */
+int BN_GENCB_call(BN_GENCB *cb, int a, int b);
+
+BN_GENCB *BN_GENCB_new(void);
+void BN_GENCB_free(BN_GENCB *cb);
+
+/* Populate a BN_GENCB structure with an "old"-style callback */
+void BN_GENCB_set_old(BN_GENCB *gencb, void (*callback) (int, int, void *),
+ void *cb_arg);
+
+/* Populate a BN_GENCB structure with a "new"-style callback */
+void BN_GENCB_set(BN_GENCB *gencb, int (*callback) (int, int, BN_GENCB *),
+ void *cb_arg);
+
+void *BN_GENCB_get_arg(BN_GENCB *cb);
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define BN_prime_checks 0 /* default: select number of iterations based
+ * on the size of the number */
+
+/*
+ * BN_prime_checks_for_size() returns the number of Miller-Rabin iterations
+ * that will be done for checking that a random number is probably prime. The
+ * error rate for accepting a composite number as prime depends on the size of
+ * the prime |b|. The error rates used are for calculating an RSA key with 2 primes,
+ * and so the level is what you would expect for a key of double the size of the
+ * prime.
+ *
+ * This table is generated using the algorithm of FIPS PUB 186-4
+ * Digital Signature Standard (DSS), section F.1, page 117.
+ * (https://dx.doi.org/10.6028/NIST.FIPS.186-4)
+ *
+ * The following magma script was used to generate the output:
+ * securitybits:=125;
+ * k:=1024;
+ * for t:=1 to 65 do
+ * for M:=3 to Floor(2*Sqrt(k-1)-1) do
+ * S:=0;
+ * // Sum over m
+ * for m:=3 to M do
+ * s:=0;
+ * // Sum over j
+ * for j:=2 to m do
+ * s+:=(RealField(32)!2)^-(j+(k-1)/j);
+ * end for;
+ * S+:=2^(m-(m-1)*t)*s;
+ * end for;
+ * A:=2^(k-2-M*t);
+ * B:=8*(Pi(RealField(32))^2-6)/3*2^(k-2)*S;
+ * pkt:=2.00743*Log(2)*k*2^-k*(A+B);
+ * seclevel:=Floor(-Log(2,pkt));
+ * if seclevel ge securitybits then
+ * printf "k: %5o, security: %o bits (t: %o, M: %o)\n",k,seclevel,t,M;
+ * break;
+ * end if;
+ * end for;
+ * if seclevel ge securitybits then break; end if;
+ * end for;
+ *
+ * It can be run online at:
+ * http://magma.maths.usyd.edu.au/calc
+ *
+ * And will output:
+ * k: 1024, security: 129 bits (t: 6, M: 23)
+ *
+ * k is the number of bits of the prime, securitybits is the level we want to
+ * reach.
+ *
+ * prime length | RSA key size | # MR tests | security level
+ * -------------+--------------|------------+---------------
+ * (b) >= 6394 | >= 12788 | 3 | 256 bit
+ * (b) >= 3747 | >= 7494 | 3 | 192 bit
+ * (b) >= 1345 | >= 2690 | 4 | 128 bit
+ * (b) >= 1080 | >= 2160 | 5 | 128 bit
+ * (b) >= 852 | >= 1704 | 5 | 112 bit
+ * (b) >= 476 | >= 952 | 5 | 80 bit
+ * (b) >= 400 | >= 800 | 6 | 80 bit
+ * (b) >= 347 | >= 694 | 7 | 80 bit
+ * (b) >= 308 | >= 616 | 8 | 80 bit
+ * (b) >= 55 | >= 110 | 27 | 64 bit
+ * (b) >= 6 | >= 12 | 34 | 64 bit
+ */
+
+# define BN_prime_checks_for_size(b) ((b) >= 3747 ? 3 : \
+ (b) >= 1345 ? 4 : \
+ (b) >= 476 ? 5 : \
+ (b) >= 400 ? 6 : \
+ (b) >= 347 ? 7 : \
+ (b) >= 308 ? 8 : \
+ (b) >= 55 ? 27 : \
+ /* b >= 6 */ 34)
+# endif
+
+# define BN_num_bytes(a) ((BN_num_bits(a)+7)/8)
+
+int BN_abs_is_word(const BIGNUM *a, const BN_ULONG w);
+int BN_is_zero(const BIGNUM *a);
+int BN_is_one(const BIGNUM *a);
+int BN_is_word(const BIGNUM *a, const BN_ULONG w);
+int BN_is_odd(const BIGNUM *a);
+
+# define BN_one(a) (BN_set_word((a),1))
+
+void BN_zero_ex(BIGNUM *a);
+
+# if OPENSSL_API_LEVEL > 908
+# define BN_zero(a) BN_zero_ex(a)
+# else
+# define BN_zero(a) (BN_set_word((a),0))
+# endif
+
+const BIGNUM *BN_value_one(void);
+char *BN_options(void);
+BN_CTX *BN_CTX_new_ex(OPENSSL_CTX *ctx);
+BN_CTX *BN_CTX_new(void);
+BN_CTX *BN_CTX_secure_new_ex(OPENSSL_CTX *ctx);
+BN_CTX *BN_CTX_secure_new(void);
+void BN_CTX_free(BN_CTX *c);
+void BN_CTX_start(BN_CTX *ctx);
+BIGNUM *BN_CTX_get(BN_CTX *ctx);
+void BN_CTX_end(BN_CTX *ctx);
+int BN_rand_ex(BIGNUM *rnd, int bits, int top, int bottom, BN_CTX *ctx);
+int BN_rand(BIGNUM *rnd, int bits, int top, int bottom);
+int BN_priv_rand_ex(BIGNUM *rnd, int bits, int top, int bottom, BN_CTX *ctx);
+int BN_priv_rand(BIGNUM *rnd, int bits, int top, int bottom);
+int BN_rand_range_ex(BIGNUM *r, const BIGNUM *range, BN_CTX *ctx);
+int BN_rand_range(BIGNUM *rnd, const BIGNUM *range);
+int BN_priv_rand_range_ex(BIGNUM *r, const BIGNUM *range, BN_CTX *ctx);
+int BN_priv_rand_range(BIGNUM *rnd, const BIGNUM *range);
+int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom);
+int BN_pseudo_rand_range(BIGNUM *rnd, const BIGNUM *range);
+int BN_num_bits(const BIGNUM *a);
+int BN_num_bits_word(BN_ULONG l);
+int BN_security_bits(int L, int N);
+BIGNUM *BN_new(void);
+BIGNUM *BN_secure_new(void);
+void BN_clear_free(BIGNUM *a);
+BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b);
+void BN_swap(BIGNUM *a, BIGNUM *b);
+BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
+int BN_bn2bin(const BIGNUM *a, unsigned char *to);
+int BN_bn2binpad(const BIGNUM *a, unsigned char *to, int tolen);
+BIGNUM *BN_lebin2bn(const unsigned char *s, int len, BIGNUM *ret);
+int BN_bn2lebinpad(const BIGNUM *a, unsigned char *to, int tolen);
+BIGNUM *BN_native2bn(const unsigned char *s, int len, BIGNUM *ret);
+int BN_bn2nativepad(const BIGNUM *a, unsigned char *to, int tolen);
+BIGNUM *BN_mpi2bn(const unsigned char *s, int len, BIGNUM *ret);
+int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
+int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx);
+/** BN_set_negative sets sign of a BIGNUM
+ * \param b pointer to the BIGNUM object
+ * \param n 0 if the BIGNUM b should be positive and a value != 0 otherwise
+ */
+void BN_set_negative(BIGNUM *b, int n);
+/** BN_is_negative returns 1 if the BIGNUM is negative
+ * \param b pointer to the BIGNUM object
+ * \return 1 if a < 0 and 0 otherwise
+ */
+int BN_is_negative(const BIGNUM *b);
+
+int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
+ BN_CTX *ctx);
+# define BN_mod(rem,m,d,ctx) BN_div(NULL,(rem),(m),(d),(ctx))
+int BN_nnmod(BIGNUM *r, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx);
+int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
+ BN_CTX *ctx);
+int BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ const BIGNUM *m);
+int BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
+ BN_CTX *ctx);
+int BN_mod_sub_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ const BIGNUM *m);
+int BN_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
+ BN_CTX *ctx);
+int BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+int BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+int BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *m);
+int BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m,
+ BN_CTX *ctx);
+int BN_mod_lshift_quick(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m);
+
+BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w);
+BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w);
+int BN_mul_word(BIGNUM *a, BN_ULONG w);
+int BN_add_word(BIGNUM *a, BN_ULONG w);
+int BN_sub_word(BIGNUM *a, BN_ULONG w);
+int BN_set_word(BIGNUM *a, BN_ULONG w);
+BN_ULONG BN_get_word(const BIGNUM *a);
+
+int BN_cmp(const BIGNUM *a, const BIGNUM *b);
+void BN_free(BIGNUM *a);
+int BN_is_bit_set(const BIGNUM *a, int n);
+int BN_lshift(BIGNUM *r, const BIGNUM *a, int n);
+int BN_lshift1(BIGNUM *r, const BIGNUM *a);
+int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
+
+int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx);
+int BN_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx,
+ BN_MONT_CTX *in_mont);
+int BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+int BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1, const BIGNUM *p1,
+ const BIGNUM *a2, const BIGNUM *p2, const BIGNUM *m,
+ BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx);
+
+int BN_mask_bits(BIGNUM *a, int n);
+# ifndef OPENSSL_NO_STDIO
+int BN_print_fp(FILE *fp, const BIGNUM *a);
+# endif
+int BN_print(BIO *bio, const BIGNUM *a);
+int BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx);
+int BN_rshift(BIGNUM *r, const BIGNUM *a, int n);
+int BN_rshift1(BIGNUM *r, const BIGNUM *a);
+void BN_clear(BIGNUM *a);
+BIGNUM *BN_dup(const BIGNUM *a);
+int BN_ucmp(const BIGNUM *a, const BIGNUM *b);
+int BN_set_bit(BIGNUM *a, int n);
+int BN_clear_bit(BIGNUM *a, int n);
+char *BN_bn2hex(const BIGNUM *a);
+char *BN_bn2dec(const BIGNUM *a);
+int BN_hex2bn(BIGNUM **a, const char *str);
+int BN_dec2bn(BIGNUM **a, const char *str);
+int BN_asc2bn(BIGNUM **a, const char *str);
+int BN_gcd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); /* returns
+ * -2 for
+ * error */
+BIGNUM *BN_mod_inverse(BIGNUM *ret,
+ const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx);
+BIGNUM *BN_mod_sqrt(BIGNUM *ret,
+ const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx);
+
+void BN_consttime_swap(BN_ULONG swap, BIGNUM *a, BIGNUM *b, int nwords);
+
+/* Deprecated versions */
+DEPRECATEDIN_0_9_8(BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe,
+ const BIGNUM *add,
+ const BIGNUM *rem,
+ void (*callback) (int, int,
+ void *),
+ void *cb_arg))
+DEPRECATEDIN_0_9_8(int
+ BN_is_prime(const BIGNUM *p, int nchecks,
+ void (*callback) (int, int, void *),
+ BN_CTX *ctx, void *cb_arg))
+DEPRECATEDIN_0_9_8(int
+ BN_is_prime_fasttest(const BIGNUM *p, int nchecks,
+ void (*callback) (int, int, void *),
+ BN_CTX *ctx, void *cb_arg,
+ int do_trial_division))
+
+DEPRECATEDIN_3_0(int BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, BN_GENCB *cb))
+DEPRECATEDIN_3_0(int BN_is_prime_fasttest_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx,
+ int do_trial_division, BN_GENCB *cb))
+/* Newer versions */
+int BN_generate_prime_ex2(BIGNUM *ret, int bits, int safe,
+ const BIGNUM *add, const BIGNUM *rem, BN_GENCB *cb,
+ BN_CTX *ctx);
+int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
+ const BIGNUM *rem, BN_GENCB *cb);
+int BN_check_prime(const BIGNUM *p, BN_CTX *ctx, BN_GENCB *cb);
+
+int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx);
+
+int BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
+ const BIGNUM *Xp, const BIGNUM *Xp1,
+ const BIGNUM *Xp2, const BIGNUM *e, BN_CTX *ctx,
+ BN_GENCB *cb);
+int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, BIGNUM *Xp1,
+ BIGNUM *Xp2, const BIGNUM *Xp, const BIGNUM *e,
+ BN_CTX *ctx, BN_GENCB *cb);
+
+BN_MONT_CTX *BN_MONT_CTX_new(void);
+int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ BN_MONT_CTX *mont, BN_CTX *ctx);
+int BN_to_montgomery(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mont,
+ BN_CTX *ctx);
+int BN_from_montgomery(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mont,
+ BN_CTX *ctx);
+void BN_MONT_CTX_free(BN_MONT_CTX *mont);
+int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx);
+BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from);
+BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, CRYPTO_RWLOCK *lock,
+ const BIGNUM *mod, BN_CTX *ctx);
+
+/* BN_BLINDING flags */
+# define BN_BLINDING_NO_UPDATE 0x00000001
+# define BN_BLINDING_NO_RECREATE 0x00000002
+
+BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod);
+void BN_BLINDING_free(BN_BLINDING *b);
+int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx);
+int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *);
+int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
+ BN_CTX *);
+
+int BN_BLINDING_is_current_thread(BN_BLINDING *b);
+void BN_BLINDING_set_current_thread(BN_BLINDING *b);
+int BN_BLINDING_lock(BN_BLINDING *b);
+int BN_BLINDING_unlock(BN_BLINDING *b);
+
+unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
+void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
+BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
+ const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
+ int (*bn_mod_exp) (BIGNUM *r,
+ const BIGNUM *a,
+ const BIGNUM *p,
+ const BIGNUM *m,
+ BN_CTX *ctx,
+ BN_MONT_CTX *m_ctx),
+ BN_MONT_CTX *m_ctx);
+
+DEPRECATEDIN_0_9_8(void BN_set_params(int mul, int high, int low, int mont))
+DEPRECATEDIN_0_9_8(int BN_get_params(int which)) /* 0, mul, 1 high, 2 low, 3
+ * mont */
+
+BN_RECP_CTX *BN_RECP_CTX_new(void);
+void BN_RECP_CTX_free(BN_RECP_CTX *recp);
+int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *rdiv, BN_CTX *ctx);
+int BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y,
+ BN_RECP_CTX *recp, BN_CTX *ctx);
+int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx);
+int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
+ BN_RECP_CTX *recp, BN_CTX *ctx);
+
+# ifndef OPENSSL_NO_EC2M
+
+/*
+ * Functions for arithmetic over binary polynomials represented by BIGNUMs.
+ * The BIGNUM::neg property of BIGNUMs representing binary polynomials is
+ * ignored. Note that input arguments are not const so that their bit arrays
+ * can be expanded to the appropriate size if needed.
+ */
+
+/*
+ * r = a + b
+ */
+int BN_GF2m_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+# define BN_GF2m_sub(r, a, b) BN_GF2m_add(r, a, b)
+/*
+ * r=a mod p
+ */
+int BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p);
+/* r = (a * b) mod p */
+int BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ const BIGNUM *p, BN_CTX *ctx);
+/* r = (a * a) mod p */
+int BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
+/* r = (1 / b) mod p */
+int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *b, const BIGNUM *p, BN_CTX *ctx);
+/* r = (a / b) mod p */
+int BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ const BIGNUM *p, BN_CTX *ctx);
+/* r = (a ^ b) mod p */
+int BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ const BIGNUM *p, BN_CTX *ctx);
+/* r = sqrt(a) mod p */
+int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ BN_CTX *ctx);
+/* r^2 + r = a mod p */
+int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ BN_CTX *ctx);
+# define BN_GF2m_cmp(a, b) BN_ucmp((a), (b))
+/*-
+ * Some functions allow for representation of the irreducible polynomials
+ * as an unsigned int[], say p. The irreducible f(t) is then of the form:
+ * t^p[0] + t^p[1] + ... + t^p[k]
+ * where m = p[0] > p[1] > ... > p[k] = 0.
+ */
+/* r = a mod p */
+int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const int p[]);
+/* r = (a * b) mod p */
+int BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ const int p[], BN_CTX *ctx);
+/* r = (a * a) mod p */
+int BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const int p[],
+ BN_CTX *ctx);
+/* r = (1 / b) mod p */
+int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *b, const int p[],
+ BN_CTX *ctx);
+/* r = (a / b) mod p */
+int BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ const int p[], BN_CTX *ctx);
+/* r = (a ^ b) mod p */
+int BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ const int p[], BN_CTX *ctx);
+/* r = sqrt(a) mod p */
+int BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a,
+ const int p[], BN_CTX *ctx);
+/* r^2 + r = a mod p */
+int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a,
+ const int p[], BN_CTX *ctx);
+int BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max);
+int BN_GF2m_arr2poly(const int p[], BIGNUM *a);
+
+# endif
+
+/*
+ * faster mod functions for the 'NIST primes' 0 <= a < p^2
+ */
+int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
+int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
+int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
+int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
+int BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
+
+const BIGNUM *BN_get0_nist_prime_192(void);
+const BIGNUM *BN_get0_nist_prime_224(void);
+const BIGNUM *BN_get0_nist_prime_256(void);
+const BIGNUM *BN_get0_nist_prime_384(void);
+const BIGNUM *BN_get0_nist_prime_521(void);
+
+int (*BN_nist_mod_func(const BIGNUM *p)) (BIGNUM *r, const BIGNUM *a,
+ const BIGNUM *field, BN_CTX *ctx);
+
+int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range,
+ const BIGNUM *priv, const unsigned char *message,
+ size_t message_len, BN_CTX *ctx);
+
+# ifndef OPENSSL_NO_DH
+/* Primes from RFC 2409 */
+BIGNUM *BN_get_rfc2409_prime_768(BIGNUM *bn);
+BIGNUM *BN_get_rfc2409_prime_1024(BIGNUM *bn);
+
+/* Primes from RFC 3526 */
+BIGNUM *BN_get_rfc3526_prime_1536(BIGNUM *bn);
+BIGNUM *BN_get_rfc3526_prime_2048(BIGNUM *bn);
+BIGNUM *BN_get_rfc3526_prime_3072(BIGNUM *bn);
+BIGNUM *BN_get_rfc3526_prime_4096(BIGNUM *bn);
+BIGNUM *BN_get_rfc3526_prime_6144(BIGNUM *bn);
+BIGNUM *BN_get_rfc3526_prime_8192(BIGNUM *bn);
+
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# define get_rfc2409_prime_768 BN_get_rfc2409_prime_768
+# define get_rfc2409_prime_1024 BN_get_rfc2409_prime_1024
+# define get_rfc3526_prime_1536 BN_get_rfc3526_prime_1536
+# define get_rfc3526_prime_2048 BN_get_rfc3526_prime_2048
+# define get_rfc3526_prime_3072 BN_get_rfc3526_prime_3072
+# define get_rfc3526_prime_4096 BN_get_rfc3526_prime_4096
+# define get_rfc3526_prime_6144 BN_get_rfc3526_prime_6144
+# define get_rfc3526_prime_8192 BN_get_rfc3526_prime_8192
+# endif
+# endif
+
+int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom);
+
+
+# ifdef __cplusplus
+}
+# endif
+#endif
diff --git a/openssl/include/openssl/bnerr.h b/openssl/include/openssl/bnerr.h new file mode 100644 index 00000000..0400304f --- /dev/null +++ b/openssl/include/openssl/bnerr.h @@ -0,0 +1,104 @@ +/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_BNERR_H
+# define OPENSSL_BNERR_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+
+
+# ifdef __cplusplus
+extern "C"
+# endif
+int ERR_load_BN_strings(void);
+
+/*
+ * BN function codes.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define BN_F_BNRAND 0
+# define BN_F_BNRAND_RANGE 0
+# define BN_F_BN_BLINDING_CONVERT_EX 0
+# define BN_F_BN_BLINDING_CREATE_PARAM 0
+# define BN_F_BN_BLINDING_INVERT_EX 0
+# define BN_F_BN_BLINDING_NEW 0
+# define BN_F_BN_BLINDING_UPDATE 0
+# define BN_F_BN_BN2DEC 0
+# define BN_F_BN_BN2HEX 0
+# define BN_F_BN_COMPUTE_WNAF 0
+# define BN_F_BN_CTX_GET 0
+# define BN_F_BN_CTX_NEW 0
+# define BN_F_BN_CTX_NEW_EX 0
+# define BN_F_BN_CTX_START 0
+# define BN_F_BN_DIV 0
+# define BN_F_BN_DIV_RECP 0
+# define BN_F_BN_EXP 0
+# define BN_F_BN_EXPAND_INTERNAL 0
+# define BN_F_BN_GENCB_NEW 0
+# define BN_F_BN_GENERATE_DSA_NONCE 0
+# define BN_F_BN_GENERATE_PRIME_EX 0
+# define BN_F_BN_GF2M_MOD 0
+# define BN_F_BN_GF2M_MOD_EXP 0
+# define BN_F_BN_GF2M_MOD_MUL 0
+# define BN_F_BN_GF2M_MOD_SOLVE_QUAD 0
+# define BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR 0
+# define BN_F_BN_GF2M_MOD_SQR 0
+# define BN_F_BN_GF2M_MOD_SQRT 0
+# define BN_F_BN_LSHIFT 0
+# define BN_F_BN_MOD_EXP2_MONT 0
+# define BN_F_BN_MOD_EXP_MONT 0
+# define BN_F_BN_MOD_EXP_MONT_CONSTTIME 0
+# define BN_F_BN_MOD_EXP_MONT_WORD 0
+# define BN_F_BN_MOD_EXP_RECP 0
+# define BN_F_BN_MOD_EXP_SIMPLE 0
+# define BN_F_BN_MOD_INVERSE 0
+# define BN_F_BN_MOD_LSHIFT_QUICK 0
+# define BN_F_BN_MOD_SQRT 0
+# define BN_F_BN_MONT_CTX_NEW 0
+# define BN_F_BN_MPI2BN 0
+# define BN_F_BN_NEW 0
+# define BN_F_BN_POOL_GET 0
+# define BN_F_BN_RAND 0
+# define BN_F_BN_RAND_RANGE 0
+# define BN_F_BN_RECP_CTX_NEW 0
+# define BN_F_BN_RSHIFT 0
+# define BN_F_BN_SET_WORDS 0
+# define BN_F_BN_STACK_PUSH 0
+# define BN_F_BN_USUB 0
+# endif
+
+/*
+ * BN reason codes.
+ */
+# define BN_R_ARG2_LT_ARG3 100
+# define BN_R_BAD_RECIPROCAL 101
+# define BN_R_BIGNUM_TOO_LONG 114
+# define BN_R_BITS_TOO_SMALL 118
+# define BN_R_CALLED_WITH_EVEN_MODULUS 102
+# define BN_R_DIV_BY_ZERO 103
+# define BN_R_ENCODING_ERROR 104
+# define BN_R_EXPAND_ON_STATIC_BIGNUM_DATA 105
+# define BN_R_INPUT_NOT_REDUCED 110
+# define BN_R_INVALID_LENGTH 106
+# define BN_R_INVALID_RANGE 115
+# define BN_R_INVALID_SHIFT 119
+# define BN_R_NOT_A_SQUARE 111
+# define BN_R_NOT_INITIALIZED 107
+# define BN_R_NO_INVERSE 108
+# define BN_R_NO_SOLUTION 116
+# define BN_R_NO_SUITABLE_DIGEST 120
+# define BN_R_PRIVATE_KEY_TOO_LARGE 117
+# define BN_R_P_IS_NOT_PRIME 112
+# define BN_R_TOO_MANY_ITERATIONS 113
+# define BN_R_TOO_MANY_TEMPORARY_VARIABLES 109
+
+#endif
diff --git a/openssl/include/openssl/buffer.h b/openssl/include/openssl/buffer.h new file mode 100644 index 00000000..2bad93c6 --- /dev/null +++ b/openssl/include/openssl/buffer.h @@ -0,0 +1,62 @@ +/*
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_BUFFER_H
+# define OPENSSL_BUFFER_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_BUFFER_H
+# endif
+
+# include <openssl/types.h>
+# ifndef OPENSSL_CRYPTO_H
+# include <openssl/crypto.h>
+# endif
+# include <openssl/buffererr.h>
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# include <stddef.h>
+# include <sys/types.h>
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define BUF_strdup(s) OPENSSL_strdup(s)
+# define BUF_strndup(s, size) OPENSSL_strndup(s, size)
+# define BUF_memdup(data, size) OPENSSL_memdup(data, size)
+# define BUF_strlcpy(dst, src, size) OPENSSL_strlcpy(dst, src, size)
+# define BUF_strlcat(dst, src, size) OPENSSL_strlcat(dst, src, size)
+# define BUF_strnlen(str, maxlen) OPENSSL_strnlen(str, maxlen)
+# endif
+
+struct buf_mem_st {
+ size_t length; /* current number of bytes */
+ char *data;
+ size_t max; /* size of buffer */
+ unsigned long flags;
+};
+
+# define BUF_MEM_FLAG_SECURE 0x01
+
+BUF_MEM *BUF_MEM_new(void);
+BUF_MEM *BUF_MEM_new_ex(unsigned long flags);
+void BUF_MEM_free(BUF_MEM *a);
+size_t BUF_MEM_grow(BUF_MEM *str, size_t len);
+size_t BUF_MEM_grow_clean(BUF_MEM *str, size_t len);
+void BUF_reverse(unsigned char *out, const unsigned char *in, size_t siz);
+
+
+# ifdef __cplusplus
+}
+# endif
+#endif
diff --git a/openssl/include/openssl/buffererr.h b/openssl/include/openssl/buffererr.h new file mode 100644 index 00000000..fec58acd --- /dev/null +++ b/openssl/include/openssl/buffererr.h @@ -0,0 +1,37 @@ +/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_BUFFERERR_H
+# define OPENSSL_BUFFERERR_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+
+
+# ifdef __cplusplus
+extern "C"
+# endif
+int ERR_load_BUF_strings(void);
+
+/*
+ * BUF function codes.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define BUF_F_BUF_MEM_GROW 0
+# define BUF_F_BUF_MEM_GROW_CLEAN 0
+# define BUF_F_BUF_MEM_NEW 0
+# endif
+
+/*
+ * BUF reason codes.
+ */
+
+#endif
diff --git a/openssl/include/openssl/camellia.h b/openssl/include/openssl/camellia.h new file mode 100644 index 00000000..3129d198 --- /dev/null +++ b/openssl/include/openssl/camellia.h @@ -0,0 +1,118 @@ +/*
+ * Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_CAMELLIA_H
+# define OPENSSL_CAMELLIA_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_CAMELLIA_H
+# endif
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_CAMELLIA
+# include <stddef.h>
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# define CAMELLIA_BLOCK_SIZE 16
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+
+# define CAMELLIA_ENCRYPT 1
+# define CAMELLIA_DECRYPT 0
+
+/*
+ * Because array size can't be a const in C, the following two are macros.
+ * Both sizes are in bytes.
+ */
+
+/* This should be a hidden type, but EVP requires that the size be known */
+
+# define CAMELLIA_TABLE_BYTE_LEN 272
+# define CAMELLIA_TABLE_WORD_LEN (CAMELLIA_TABLE_BYTE_LEN / 4)
+
+typedef unsigned int KEY_TABLE_TYPE[CAMELLIA_TABLE_WORD_LEN]; /* to match
+ * with WORD */
+
+struct camellia_key_st {
+ union {
+ double d; /* ensures 64-bit align */
+ KEY_TABLE_TYPE rd_key;
+ } u;
+ int grand_rounds;
+};
+typedef struct camellia_key_st CAMELLIA_KEY;
+
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
+
+DEPRECATEDIN_3_0(int Camellia_set_key(const unsigned char *userKey,
+ const int bits,
+ CAMELLIA_KEY *key))
+
+DEPRECATEDIN_3_0(void Camellia_encrypt(const unsigned char *in,
+ unsigned char *out,
+ const CAMELLIA_KEY *key))
+DEPRECATEDIN_3_0(void Camellia_decrypt(const unsigned char *in,
+ unsigned char *out,
+ const CAMELLIA_KEY *key))
+
+DEPRECATEDIN_3_0(void Camellia_ecb_encrypt(const unsigned char *in,
+ unsigned char *out,
+ const CAMELLIA_KEY *key,
+ const int enc))
+DEPRECATEDIN_3_0(void Camellia_cbc_encrypt(const unsigned char *in,
+ unsigned char *out,
+ size_t length, const
+ CAMELLIA_KEY *key,
+ unsigned char *ivec, const int enc))
+DEPRECATEDIN_3_0(void Camellia_cfb128_encrypt(const unsigned char *in,
+ unsigned char *out,
+ size_t length,
+ const CAMELLIA_KEY *key,
+ unsigned char *ivec,
+ int *num,
+ const int enc))
+DEPRECATEDIN_3_0(void Camellia_cfb1_encrypt(const unsigned char *in,
+ unsigned char *out,
+ size_t length,
+ const CAMELLIA_KEY *key,
+ unsigned char *ivec,
+ int *num,
+ const int enc))
+DEPRECATEDIN_3_0(void Camellia_cfb8_encrypt(const unsigned char *in,
+ unsigned char *out,
+ size_t length,
+ const CAMELLIA_KEY *key,
+ unsigned char *ivec,
+ int *num,
+ const int enc))
+DEPRECATEDIN_3_0(void Camellia_ofb128_encrypt(const unsigned char *in,
+ unsigned char *out,
+ size_t length,
+ const CAMELLIA_KEY *key,
+ unsigned char *ivec,
+ int *num))
+DEPRECATEDIN_3_0(void Camellia_ctr128_encrypt(const unsigned char *in,
+ unsigned char *out,
+ size_t length,
+ const CAMELLIA_KEY *key,
+ unsigned char ivec[CAMELLIA_BLOCK_SIZE],
+ unsigned char ecount_buf[CAMELLIA_BLOCK_SIZE],
+ unsigned int *num))
+
+# ifdef __cplusplus
+}
+# endif
+# endif
+
+#endif
diff --git a/openssl/include/openssl/cast.h b/openssl/include/openssl/cast.h new file mode 100644 index 00000000..6e0eca36 --- /dev/null +++ b/openssl/include/openssl/cast.h @@ -0,0 +1,78 @@ +/*
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_CAST_H
+# define OPENSSL_CAST_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_CAST_H
+# endif
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_CAST
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+# define CAST_BLOCK 8
+# define CAST_KEY_LENGTH 16
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+
+# define CAST_ENCRYPT 1
+# define CAST_DECRYPT 0
+
+# define CAST_LONG unsigned int
+
+typedef struct cast_key_st {
+ CAST_LONG data[32];
+ int short_key; /* Use reduced rounds for short key */
+} CAST_KEY;
+
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
+
+DEPRECATEDIN_3_0(void CAST_set_key(CAST_KEY *key, int len,
+ const unsigned char *data))
+DEPRECATEDIN_3_0(void CAST_ecb_encrypt(const unsigned char *in,
+ unsigned char *out,
+ const CAST_KEY *key,
+ int enc))
+DEPRECATEDIN_3_0(void CAST_encrypt(CAST_LONG *data,
+ const CAST_KEY *key))
+DEPRECATEDIN_3_0(void CAST_decrypt(CAST_LONG *data,
+ const CAST_KEY *key))
+DEPRECATEDIN_3_0(void CAST_cbc_encrypt(const unsigned char *in,
+ unsigned char *out,
+ long length,
+ const CAST_KEY *ks,
+ unsigned char *iv,
+ int enc))
+DEPRECATEDIN_3_0(void CAST_cfb64_encrypt(const unsigned char *in,
+ unsigned char *out,
+ long length,
+ const CAST_KEY *schedule,
+ unsigned char *ivec,
+ int *num,
+ int enc))
+DEPRECATEDIN_3_0(void CAST_ofb64_encrypt(const unsigned char *in,
+ unsigned char *out,
+ long length,
+ const CAST_KEY *schedule,
+ unsigned char *ivec,
+ int *num))
+
+# ifdef __cplusplus
+}
+# endif
+# endif
+
+#endif
diff --git a/openssl/include/openssl/cmac.h b/openssl/include/openssl/cmac.h new file mode 100644 index 00000000..28959f17 --- /dev/null +++ b/openssl/include/openssl/cmac.h @@ -0,0 +1,50 @@ +/*
+ * Copyright 2010-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_CMAC_H
+# define OPENSSL_CMAC_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_CMAC_H
+# endif
+
+# ifndef OPENSSL_NO_CMAC
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+# include <openssl/evp.h>
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+/* Opaque */
+typedef struct CMAC_CTX_st CMAC_CTX;
+# endif
+
+DEPRECATEDIN_3_0(CMAC_CTX *CMAC_CTX_new(void))
+DEPRECATEDIN_3_0(void CMAC_CTX_cleanup(CMAC_CTX *ctx))
+DEPRECATEDIN_3_0(void CMAC_CTX_free(CMAC_CTX *ctx))
+DEPRECATEDIN_3_0(EVP_CIPHER_CTX *CMAC_CTX_get0_cipher_ctx(CMAC_CTX *ctx))
+DEPRECATEDIN_3_0(int CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in))
+
+DEPRECATEDIN_3_0(int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
+ const EVP_CIPHER *cipher, ENGINE *impl))
+DEPRECATEDIN_3_0(int CMAC_Update(CMAC_CTX *ctx, const void *data, size_t dlen))
+DEPRECATEDIN_3_0(int CMAC_Final(CMAC_CTX *ctx, unsigned char *out,
+ size_t *poutlen))
+DEPRECATEDIN_3_0(int CMAC_resume(CMAC_CTX *ctx))
+
+# ifdef __cplusplus
+}
+# endif
+
+# endif
+#endif
diff --git a/openssl/include/openssl/cmp.h b/openssl/include/openssl/cmp.h new file mode 100644 index 00000000..e315f462 --- /dev/null +++ b/openssl/include/openssl/cmp.h @@ -0,0 +1,438 @@ +/*
+ * Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright Nokia 2007-2019
+ * Copyright Siemens AG 2015-2019
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_CMP_H
+# define OPENSSL_CMP_H
+
+# include <openssl/opensslconf.h>
+# ifndef OPENSSL_NO_CMP
+
+# include <openssl/crmf.h>
+# include <openssl/cmperr.h>
+# include <openssl/cmp_util.h>
+# include <openssl/http.h>
+
+/* explicit #includes not strictly needed since implied by the above: */
+# include <openssl/types.h>
+# include <openssl/safestack.h>
+# include <openssl/x509.h>
+# include <openssl/x509v3.h>
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+# define OSSL_CMP_PVNO 2
+
+/*-
+ * PKIFailureInfo ::= BIT STRING {
+ * -- since we can fail in more than one way!
+ * -- More codes may be added in the future if/when required.
+ * badAlg (0),
+ * -- unrecognized or unsupported Algorithm Identifier
+ * badMessageCheck (1),
+ * -- integrity check failed (e.g., signature did not verify)
+ * badRequest (2),
+ * -- transaction not permitted or supported
+ * badTime (3),
+ * -- messageTime was not sufficiently close to the system time,
+ * -- as defined by local policy
+ * badCertId (4),
+ * -- no certificate could be found matching the provided criteria
+ * badDataFormat (5),
+ * -- the data submitted has the wrong format
+ * wrongAuthority (6),
+ * -- the authority indicated in the request is different from the
+ * -- one creating the response token
+ * incorrectData (7),
+ * -- the requester's data is incorrect (for notary services)
+ * missingTimeStamp (8),
+ * -- when the timestamp is missing but should be there
+ * -- (by policy)
+ * badPOP (9),
+ * -- the proof-of-possession failed
+ * certRevoked (10),
+ * -- the certificate has already been revoked
+ * certConfirmed (11),
+ * -- the certificate has already been confirmed
+ * wrongIntegrity (12),
+ * -- invalid integrity, password based instead of signature or
+ * -- vice versa
+ * badRecipientNonce (13),
+ * -- invalid recipient nonce, either missing or wrong value
+ * timeNotAvailable (14),
+ * -- the TSA's time source is not available
+ * unacceptedPolicy (15),
+ * -- the requested TSA policy is not supported by the TSA.
+ * unacceptedExtension (16),
+ * -- the requested extension is not supported by the TSA.
+ * addInfoNotAvailable (17),
+ * -- the additional information requested could not be
+ * -- understood or is not available
+ * badSenderNonce (18),
+ * -- invalid sender nonce, either missing or wrong size
+ * badCertTemplate (19),
+ * -- invalid cert. template or missing mandatory information
+ * signerNotTrusted (20),
+ * -- signer of the message unknown or not trusted
+ * transactionIdInUse (21),
+ * -- the transaction identifier is already in use
+ * unsupportedVersion (22),
+ * -- the version of the message is not supported
+ * notAuthorized (23),
+ * -- the sender was not authorized to make the preceding
+ * -- request or perform the preceding action
+ * systemUnavail (24),
+ * -- the request cannot be handled due to system unavailability
+ * systemFailure (25),
+ * -- the request cannot be handled due to system failure
+ * duplicateCertReq (26)
+ * -- certificate cannot be issued because a duplicate
+ * -- certificate already exists
+ * }
+ */
+# define OSSL_CMP_PKIFAILUREINFO_badAlg 0
+# define OSSL_CMP_PKIFAILUREINFO_badMessageCheck 1
+# define OSSL_CMP_PKIFAILUREINFO_badRequest 2
+# define OSSL_CMP_PKIFAILUREINFO_badTime 3
+# define OSSL_CMP_PKIFAILUREINFO_badCertId 4
+# define OSSL_CMP_PKIFAILUREINFO_badDataFormat 5
+# define OSSL_CMP_PKIFAILUREINFO_wrongAuthority 6
+# define OSSL_CMP_PKIFAILUREINFO_incorrectData 7
+# define OSSL_CMP_PKIFAILUREINFO_missingTimeStamp 8
+# define OSSL_CMP_PKIFAILUREINFO_badPOP 9
+# define OSSL_CMP_PKIFAILUREINFO_certRevoked 10
+# define OSSL_CMP_PKIFAILUREINFO_certConfirmed 11
+# define OSSL_CMP_PKIFAILUREINFO_wrongIntegrity 12
+# define OSSL_CMP_PKIFAILUREINFO_badRecipientNonce 13
+# define OSSL_CMP_PKIFAILUREINFO_timeNotAvailable 14
+# define OSSL_CMP_PKIFAILUREINFO_unacceptedPolicy 15
+# define OSSL_CMP_PKIFAILUREINFO_unacceptedExtension 16
+# define OSSL_CMP_PKIFAILUREINFO_addInfoNotAvailable 17
+# define OSSL_CMP_PKIFAILUREINFO_badSenderNonce 18
+# define OSSL_CMP_PKIFAILUREINFO_badCertTemplate 19
+# define OSSL_CMP_PKIFAILUREINFO_signerNotTrusted 20
+# define OSSL_CMP_PKIFAILUREINFO_transactionIdInUse 21
+# define OSSL_CMP_PKIFAILUREINFO_unsupportedVersion 22
+# define OSSL_CMP_PKIFAILUREINFO_notAuthorized 23
+# define OSSL_CMP_PKIFAILUREINFO_systemUnavail 24
+# define OSSL_CMP_PKIFAILUREINFO_systemFailure 25
+# define OSSL_CMP_PKIFAILUREINFO_duplicateCertReq 26
+# define OSSL_CMP_PKIFAILUREINFO_MAX 26
+# define OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN \
+ ((1 << (OSSL_CMP_PKIFAILUREINFO_MAX + 1)) - 1)
+# if OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN > INT_MAX
+# error CMP_PKIFAILUREINFO_MAX bit pattern does not fit in type int
+# endif
+
+typedef ASN1_BIT_STRING OSSL_CMP_PKIFAILUREINFO;
+
+# define OSSL_CMP_CTX_FAILINFO_badAlg (1 << 0)
+# define OSSL_CMP_CTX_FAILINFO_badMessageCheck (1 << 1)
+# define OSSL_CMP_CTX_FAILINFO_badRequest (1 << 2)
+# define OSSL_CMP_CTX_FAILINFO_badTime (1 << 3)
+# define OSSL_CMP_CTX_FAILINFO_badCertId (1 << 4)
+# define OSSL_CMP_CTX_FAILINFO_badDataFormat (1 << 5)
+# define OSSL_CMP_CTX_FAILINFO_wrongAuthority (1 << 6)
+# define OSSL_CMP_CTX_FAILINFO_incorrectData (1 << 7)
+# define OSSL_CMP_CTX_FAILINFO_missingTimeStamp (1 << 8)
+# define OSSL_CMP_CTX_FAILINFO_badPOP (1 << 9)
+# define OSSL_CMP_CTX_FAILINFO_certRevoked (1 << 10)
+# define OSSL_CMP_CTX_FAILINFO_certConfirmed (1 << 11)
+# define OSSL_CMP_CTX_FAILINFO_wrongIntegrity (1 << 12)
+# define OSSL_CMP_CTX_FAILINFO_badRecipientNonce (1 << 13)
+# define OSSL_CMP_CTX_FAILINFO_timeNotAvailable (1 << 14)
+# define OSSL_CMP_CTX_FAILINFO_unacceptedPolicy (1 << 15)
+# define OSSL_CMP_CTX_FAILINFO_unacceptedExtension (1 << 16)
+# define OSSL_CMP_CTX_FAILINFO_addInfoNotAvailable (1 << 17)
+# define OSSL_CMP_CTX_FAILINFO_badSenderNonce (1 << 18)
+# define OSSL_CMP_CTX_FAILINFO_badCertTemplate (1 << 19)
+# define OSSL_CMP_CTX_FAILINFO_signerNotTrusted (1 << 20)
+# define OSSL_CMP_CTX_FAILINFO_transactionIdInUse (1 << 21)
+# define OSSL_CMP_CTX_FAILINFO_unsupportedVersion (1 << 22)
+# define OSSL_CMP_CTX_FAILINFO_notAuthorized (1 << 23)
+# define OSSL_CMP_CTX_FAILINFO_systemUnavail (1 << 24)
+# define OSSL_CMP_CTX_FAILINFO_systemFailure (1 << 25)
+# define OSSL_CMP_CTX_FAILINFO_duplicateCertReq (1 << 26)
+
+/*-
+ * PKIStatus ::= INTEGER {
+ * accepted (0),
+ * -- you got exactly what you asked for
+ * grantedWithMods (1),
+ * -- you got something like what you asked for; the
+ * -- requester is responsible for ascertaining the differences
+ * rejection (2),
+ * -- you don't get it, more information elsewhere in the message
+ * waiting (3),
+ * -- the request body part has not yet been processed; expect to
+ * -- hear more later (note: proper handling of this status
+ * -- response MAY use the polling req/rep PKIMessages specified
+ * -- in Section 5.3.22; alternatively, polling in the underlying
+ * -- transport layer MAY have some utility in this regard)
+ * revocationWarning (4),
+ * -- this message contains a warning that a revocation is
+ * -- imminent
+ * revocationNotification (5),
+ * -- notification that a revocation has occurred
+ * keyUpdateWarning (6)
+ * -- update already done for the oldCertId specified in
+ * -- CertReqMsg
+ * }
+ */
+# define OSSL_CMP_PKISTATUS_accepted 0
+# define OSSL_CMP_PKISTATUS_grantedWithMods 1
+# define OSSL_CMP_PKISTATUS_rejection 2
+# define OSSL_CMP_PKISTATUS_waiting 3
+# define OSSL_CMP_PKISTATUS_revocationWarning 4
+# define OSSL_CMP_PKISTATUS_revocationNotification 5
+# define OSSL_CMP_PKISTATUS_keyUpdateWarning 6
+
+typedef ASN1_INTEGER OSSL_CMP_PKISTATUS;
+DECLARE_ASN1_ITEM(OSSL_CMP_PKISTATUS)
+
+# define OSSL_CMP_CERTORENCCERT_CERTIFICATE 0
+# define OSSL_CMP_CERTORENCCERT_ENCRYPTEDCERT 1
+
+/* data type declarations */
+typedef struct ossl_cmp_ctx_st OSSL_CMP_CTX;
+typedef struct ossl_cmp_pkiheader_st OSSL_CMP_PKIHEADER;
+DECLARE_ASN1_FUNCTIONS(OSSL_CMP_PKIHEADER)
+typedef struct ossl_cmp_msg_st OSSL_CMP_MSG;
+DECLARE_ASN1_DUP_FUNCTION(OSSL_CMP_MSG)
+DECLARE_ASN1_ENCODE_FUNCTIONS(OSSL_CMP_MSG, OSSL_CMP_MSG, OSSL_CMP_MSG)
+typedef struct ossl_cmp_certstatus_st OSSL_CMP_CERTSTATUS;
+DEFINE_OR_DECLARE_STACK_OF(OSSL_CMP_CERTSTATUS)
+typedef struct ossl_cmp_itav_st OSSL_CMP_ITAV;
+DECLARE_ASN1_DUP_FUNCTION(OSSL_CMP_ITAV)
+DEFINE_OR_DECLARE_STACK_OF(OSSL_CMP_ITAV)
+typedef struct ossl_cmp_revrepcontent_st OSSL_CMP_REVREPCONTENT;
+typedef struct ossl_cmp_pkisi_st OSSL_CMP_PKISI;
+DECLARE_ASN1_FUNCTIONS(OSSL_CMP_PKISI)
+DECLARE_ASN1_DUP_FUNCTION(OSSL_CMP_PKISI)
+DEFINE_OR_DECLARE_STACK_OF(OSSL_CMP_PKISI)
+typedef struct ossl_cmp_certrepmessage_st OSSL_CMP_CERTREPMESSAGE;
+DEFINE_OR_DECLARE_STACK_OF(OSSL_CMP_CERTREPMESSAGE)
+typedef struct ossl_cmp_pollrep_st OSSL_CMP_POLLREP;
+typedef STACK_OF(OSSL_CMP_POLLREP) OSSL_CMP_POLLREPCONTENT;
+typedef struct ossl_cmp_certresponse_st OSSL_CMP_CERTRESPONSE;
+DEFINE_OR_DECLARE_STACK_OF(OSSL_CMP_CERTRESPONSE)
+typedef STACK_OF(ASN1_UTF8STRING) OSSL_CMP_PKIFREETEXT;
+
+/*
+ * function DECLARATIONS
+ */
+
+/* from cmp_asn.c */
+OSSL_CMP_ITAV *OSSL_CMP_ITAV_create(ASN1_OBJECT *type, ASN1_TYPE *value);
+void OSSL_CMP_ITAV_set0(OSSL_CMP_ITAV *itav, ASN1_OBJECT *type,
+ ASN1_TYPE *value);
+ASN1_OBJECT *OSSL_CMP_ITAV_get0_type(const OSSL_CMP_ITAV *itav);
+ASN1_TYPE *OSSL_CMP_ITAV_get0_value(const OSSL_CMP_ITAV *itav);
+int OSSL_CMP_ITAV_push0_stack_item(STACK_OF(OSSL_CMP_ITAV) **itav_sk_p,
+ OSSL_CMP_ITAV *itav);
+void OSSL_CMP_ITAV_free(OSSL_CMP_ITAV *itav);
+void OSSL_CMP_MSG_free(OSSL_CMP_MSG *msg);
+
+/* from cmp_ctx.c */
+OSSL_CMP_CTX *OSSL_CMP_CTX_new(void);
+void OSSL_CMP_CTX_free(OSSL_CMP_CTX *ctx);
+int OSSL_CMP_CTX_reinit(OSSL_CMP_CTX *ctx);
+/* various CMP options: */
+# define OSSL_CMP_OPT_LOG_VERBOSITY 0
+# define OSSL_CMP_OPT_MSG_TIMEOUT 1
+# define OSSL_CMP_OPT_TOTAL_TIMEOUT 2
+# define OSSL_CMP_OPT_VALIDITY_DAYS 3
+# define OSSL_CMP_OPT_SUBJECTALTNAME_NODEFAULT 4
+# define OSSL_CMP_OPT_SUBJECTALTNAME_CRITICAL 5
+# define OSSL_CMP_OPT_POLICIES_CRITICAL 6
+# define OSSL_CMP_OPT_POPO_METHOD 7
+# define OSSL_CMP_OPT_DIGEST_ALGNID 8
+# define OSSL_CMP_OPT_OWF_ALGNID 9
+# define OSSL_CMP_OPT_MAC_ALGNID 10
+# define OSSL_CMP_OPT_REVOCATION_REASON 11
+# define OSSL_CMP_OPT_IMPLICIT_CONFIRM 12
+# define OSSL_CMP_OPT_DISABLE_CONFIRM 13
+# define OSSL_CMP_OPT_UNPROTECTED_SEND 14
+# define OSSL_CMP_OPT_UNPROTECTED_ERRORS 15
+# define OSSL_CMP_OPT_IGNORE_KEYUSAGE 16
+# define OSSL_CMP_OPT_PERMIT_TA_IN_EXTRACERTS_FOR_IR 17
+int OSSL_CMP_CTX_set_option(OSSL_CMP_CTX *ctx, int opt, int val);
+int OSSL_CMP_CTX_get_option(const OSSL_CMP_CTX *ctx, int opt);
+/* CMP-specific callback for logging and outputting the error queue: */
+int OSSL_CMP_CTX_set_log_cb(OSSL_CMP_CTX *ctx, OSSL_CMP_log_cb_t cb);
+# define OSSL_CMP_CTX_set_log_verbosity(ctx, level) \
+ OSSL_CMP_CTX_set_option(ctx, OSSL_CMP_OPT_LOG_VERBOSITY, level)
+void OSSL_CMP_CTX_print_errors(const OSSL_CMP_CTX *ctx);
+/* message transfer: */
+int OSSL_CMP_CTX_set1_serverPath(OSSL_CMP_CTX *ctx, const char *path);
+int OSSL_CMP_CTX_set1_server(OSSL_CMP_CTX *ctx, const char *address);
+int OSSL_CMP_CTX_set_serverPort(OSSL_CMP_CTX *ctx, int port);
+int OSSL_CMP_CTX_set1_proxy(OSSL_CMP_CTX *ctx, const char *name);
+int OSSL_CMP_CTX_set1_no_proxy(OSSL_CMP_CTX *ctx, const char *names);
+int OSSL_CMP_CTX_set_http_cb(OSSL_CMP_CTX *ctx, OSSL_HTTP_bio_cb_t cb);
+int OSSL_CMP_CTX_set_http_cb_arg(OSSL_CMP_CTX *ctx, void *arg);
+void *OSSL_CMP_CTX_get_http_cb_arg(const OSSL_CMP_CTX *ctx);
+typedef OSSL_CMP_MSG *(*OSSL_CMP_transfer_cb_t) (OSSL_CMP_CTX *ctx,
+ const OSSL_CMP_MSG *req);
+int OSSL_CMP_CTX_set_transfer_cb(OSSL_CMP_CTX *ctx, OSSL_CMP_transfer_cb_t cb);
+int OSSL_CMP_CTX_set_transfer_cb_arg(OSSL_CMP_CTX *ctx, void *arg);
+void *OSSL_CMP_CTX_get_transfer_cb_arg(const OSSL_CMP_CTX *ctx);
+/* server authentication: */
+int OSSL_CMP_CTX_set1_srvCert(OSSL_CMP_CTX *ctx, X509 *cert);
+int OSSL_CMP_CTX_set1_expected_sender(OSSL_CMP_CTX *ctx, const X509_NAME *name);
+int OSSL_CMP_CTX_set0_trustedStore(OSSL_CMP_CTX *ctx, X509_STORE *store);
+X509_STORE *OSSL_CMP_CTX_get0_trustedStore(const OSSL_CMP_CTX *ctx);
+int OSSL_CMP_CTX_set1_untrusted_certs(OSSL_CMP_CTX *ctx, STACK_OF(X509) *certs);
+STACK_OF(X509) *OSSL_CMP_CTX_get0_untrusted_certs(const OSSL_CMP_CTX *ctx);
+/* client authentication: */
+int OSSL_CMP_CTX_set1_cert(OSSL_CMP_CTX *ctx, X509 *cert);
+int OSSL_CMP_CTX_set1_pkey(OSSL_CMP_CTX *ctx, EVP_PKEY *pkey);
+int OSSL_CMP_CTX_set1_referenceValue(OSSL_CMP_CTX *ctx,
+ const unsigned char *ref, int len);
+int OSSL_CMP_CTX_set1_secretValue(OSSL_CMP_CTX *ctx, const unsigned char *sec,
+ const int len);
+/* CMP message header and extra certificates: */
+int OSSL_CMP_CTX_set1_recipient(OSSL_CMP_CTX *ctx, const X509_NAME *name);
+int OSSL_CMP_CTX_push0_geninfo_ITAV(OSSL_CMP_CTX *ctx, OSSL_CMP_ITAV *itav);
+int OSSL_CMP_CTX_set1_extraCertsOut(OSSL_CMP_CTX *ctx,
+ STACK_OF(X509) *extraCertsOut);
+/* certificate template: */
+int OSSL_CMP_CTX_set0_newPkey(OSSL_CMP_CTX *ctx, int priv, EVP_PKEY *pkey);
+EVP_PKEY *OSSL_CMP_CTX_get0_newPkey(const OSSL_CMP_CTX *ctx, int priv);
+int OSSL_CMP_CTX_set1_issuer(OSSL_CMP_CTX *ctx, const X509_NAME *name);
+int OSSL_CMP_CTX_set1_subjectName(OSSL_CMP_CTX *ctx, const X509_NAME *name);
+int OSSL_CMP_CTX_push1_subjectAltName(OSSL_CMP_CTX *ctx,
+ const GENERAL_NAME *name);
+int OSSL_CMP_CTX_set0_reqExtensions(OSSL_CMP_CTX *ctx, X509_EXTENSIONS *exts);
+int OSSL_CMP_CTX_reqExtensions_have_SAN(OSSL_CMP_CTX *ctx);
+int OSSL_CMP_CTX_push0_policy(OSSL_CMP_CTX *ctx, POLICYINFO *pinfo);
+int OSSL_CMP_CTX_set1_oldCert(OSSL_CMP_CTX *ctx, X509 *cert);
+int OSSL_CMP_CTX_set1_p10CSR(OSSL_CMP_CTX *ctx, const X509_REQ *csr);
+/* misc body contents: */
+int OSSL_CMP_CTX_push0_genm_ITAV(OSSL_CMP_CTX *ctx, OSSL_CMP_ITAV *itav);
+/* certificate confirmation: */
+typedef int (*OSSL_CMP_certConf_cb_t) (OSSL_CMP_CTX *ctx, X509 *cert,
+ int fail_info, const char **txt);
+int OSSL_CMP_CTX_set_certConf_cb(OSSL_CMP_CTX *ctx, OSSL_CMP_certConf_cb_t cb);
+int OSSL_CMP_CTX_set_certConf_cb_arg(OSSL_CMP_CTX *ctx, void *arg);
+void *OSSL_CMP_CTX_get_certConf_cb_arg(const OSSL_CMP_CTX *ctx);
+/* result fetching: */
+int OSSL_CMP_CTX_get_status(const OSSL_CMP_CTX *ctx);
+OSSL_CMP_PKIFREETEXT *OSSL_CMP_CTX_get0_statusString(const OSSL_CMP_CTX *ctx);
+int OSSL_CMP_CTX_get_failInfoCode(const OSSL_CMP_CTX *ctx);
+# define OSSL_CMP_PKISI_BUFLEN 1024
+X509 *OSSL_CMP_CTX_get0_newCert(const OSSL_CMP_CTX *ctx);
+STACK_OF(X509) *OSSL_CMP_CTX_get1_caPubs(const OSSL_CMP_CTX *ctx);
+STACK_OF(X509) *OSSL_CMP_CTX_get1_extraCertsIn(const OSSL_CMP_CTX *ctx);
+int OSSL_CMP_CTX_set1_transactionID(OSSL_CMP_CTX *ctx,
+ const ASN1_OCTET_STRING *id);
+int OSSL_CMP_CTX_set1_senderNonce(OSSL_CMP_CTX *ctx,
+ const ASN1_OCTET_STRING *nonce);
+
+/* from cmp_status.c */
+char *OSSL_CMP_CTX_snprint_PKIStatus(const OSSL_CMP_CTX *ctx, char *buf,
+ size_t bufsize);
+char *OSSL_CMP_snprint_PKIStatusInfo(const OSSL_CMP_PKISI *statusInfo,
+ char *buf, size_t bufsize);
+OSSL_CMP_PKISI *
+OSSL_CMP_STATUSINFO_new(int status, int fail_info, const char *text);
+
+/* from cmp_hdr.c */
+ASN1_OCTET_STRING *OSSL_CMP_HDR_get0_transactionID(const
+ OSSL_CMP_PKIHEADER *hdr);
+ASN1_OCTET_STRING *OSSL_CMP_HDR_get0_recipNonce(const OSSL_CMP_PKIHEADER *hdr);
+
+/* from cmp_msg.c */
+OSSL_CMP_PKIHEADER *OSSL_CMP_MSG_get0_header(const OSSL_CMP_MSG *msg);
+int OSSL_CMP_MSG_update_transactionID(OSSL_CMP_CTX *ctx, OSSL_CMP_MSG *msg);
+OSSL_CMP_MSG *d2i_OSSL_CMP_MSG_bio(BIO *bio, OSSL_CMP_MSG **msg);
+int i2d_OSSL_CMP_MSG_bio(BIO *bio, const OSSL_CMP_MSG *msg);
+
+/* from cmp_vfy.c */
+int OSSL_CMP_validate_msg(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg);
+int OSSL_CMP_validate_cert_path(const OSSL_CMP_CTX *ctx,
+ X509_STORE *trusted_store, X509 *cert);
+
+/* from cmp_http.c */
+OSSL_CMP_MSG *OSSL_CMP_MSG_http_perform(OSSL_CMP_CTX *ctx,
+ const OSSL_CMP_MSG *req);
+
+/* from cmp_server.c */
+typedef struct ossl_cmp_srv_ctx_st OSSL_CMP_SRV_CTX;
+OSSL_CMP_MSG *OSSL_CMP_SRV_process_request(OSSL_CMP_SRV_CTX *srv_ctx,
+ const OSSL_CMP_MSG *req);
+OSSL_CMP_MSG * OSSL_CMP_CTX_server_perform(OSSL_CMP_CTX *client_ctx,
+ const OSSL_CMP_MSG *req);
+OSSL_CMP_SRV_CTX *OSSL_CMP_SRV_CTX_new(void);
+void OSSL_CMP_SRV_CTX_free(OSSL_CMP_SRV_CTX *srv_ctx);
+typedef OSSL_CMP_PKISI *(*OSSL_CMP_SRV_cert_request_cb_t)
+ (OSSL_CMP_SRV_CTX *srv_ctx, const OSSL_CMP_MSG *req, int certReqId,
+ const OSSL_CRMF_MSG *crm, const X509_REQ *p10cr,
+ X509 **certOut, STACK_OF(X509) **chainOut, STACK_OF(X509) **caPubs);
+typedef OSSL_CMP_PKISI *(*OSSL_CMP_SRV_rr_cb_t)(OSSL_CMP_SRV_CTX *srv_ctx,
+ const OSSL_CMP_MSG *req,
+ const X509_NAME *issuer,
+ const ASN1_INTEGER *serial);
+typedef int (*OSSL_CMP_SRV_genm_cb_t)(OSSL_CMP_SRV_CTX *srv_ctx,
+ const OSSL_CMP_MSG *req,
+ const STACK_OF(OSSL_CMP_ITAV) *in,
+ STACK_OF(OSSL_CMP_ITAV) **out);
+typedef void (*OSSL_CMP_SRV_error_cb_t)(OSSL_CMP_SRV_CTX *srv_ctx,
+ const OSSL_CMP_MSG *req,
+ const OSSL_CMP_PKISI *statusInfo,
+ const ASN1_INTEGER *errorCode,
+ const OSSL_CMP_PKIFREETEXT *errDetails);
+typedef int (*OSSL_CMP_SRV_certConf_cb_t)(OSSL_CMP_SRV_CTX *srv_ctx,
+ const OSSL_CMP_MSG *req,
+ int certReqId,
+ const ASN1_OCTET_STRING *certHash,
+ const OSSL_CMP_PKISI *si);
+typedef int (*OSSL_CMP_SRV_pollReq_cb_t)(OSSL_CMP_SRV_CTX *srv_ctx,
+ const OSSL_CMP_MSG *req, int certReqId,
+ OSSL_CMP_MSG **certReq,
+ int64_t *check_after);
+int OSSL_CMP_SRV_CTX_init(OSSL_CMP_SRV_CTX *srv_ctx, void *custom_ctx,
+ OSSL_CMP_SRV_cert_request_cb_t process_cert_request,
+ OSSL_CMP_SRV_rr_cb_t process_rr,
+ OSSL_CMP_SRV_genm_cb_t process_genm,
+ OSSL_CMP_SRV_error_cb_t process_error,
+ OSSL_CMP_SRV_certConf_cb_t process_certConf,
+ OSSL_CMP_SRV_pollReq_cb_t process_pollReq);
+OSSL_CMP_CTX *OSSL_CMP_SRV_CTX_get0_cmp_ctx(const OSSL_CMP_SRV_CTX *srv_ctx);
+void *OSSL_CMP_SRV_CTX_get0_custom_ctx(const OSSL_CMP_SRV_CTX *srv_ctx);
+int OSSL_CMP_SRV_CTX_set_send_unprotected_errors(OSSL_CMP_SRV_CTX *srv_ctx,
+ int val);
+int OSSL_CMP_SRV_CTX_set_accept_unprotected(OSSL_CMP_SRV_CTX *srv_ctx, int val);
+int OSSL_CMP_SRV_CTX_set_accept_raverified(OSSL_CMP_SRV_CTX *srv_ctx, int val);
+int OSSL_CMP_SRV_CTX_set_grant_implicit_confirm(OSSL_CMP_SRV_CTX *srv_ctx,
+ int val);
+
+/* from cmp_client.c */
+X509 *OSSL_CMP_exec_IR_ses(OSSL_CMP_CTX *ctx);
+X509 *OSSL_CMP_exec_CR_ses(OSSL_CMP_CTX *ctx);
+X509 *OSSL_CMP_exec_P10CR_ses(OSSL_CMP_CTX *ctx);
+X509 *OSSL_CMP_exec_KUR_ses(OSSL_CMP_CTX *ctx);
+# define OSSL_CMP_IR OSSL_CMP_PKIBODY_IR
+# define OSSL_CMP_CR OSSL_CMP_PKIBODY_CR
+# define OSSL_CMP_P10CR OSSL_CMP_PKIBODY_P10CR
+# define OSSL_CMP_KUR OSSL_CMP_PKIBODY_KUR
+int OSSL_CMP_try_certreq(OSSL_CMP_CTX *ctx, int req_type, int *checkAfter);
+int OSSL_CMP_certConf_cb(OSSL_CMP_CTX *ctx, X509 *cert, int fail_info,
+ const char **text);
+X509 *OSSL_CMP_exec_RR_ses(OSSL_CMP_CTX *ctx);
+STACK_OF(OSSL_CMP_ITAV) *OSSL_CMP_exec_GENM_ses(OSSL_CMP_CTX *ctx);
+
+# ifdef __cplusplus
+}
+# endif
+# endif /* !defined(OPENSSL_NO_CMP) */
+#endif /* !defined(OPENSSL_CMP_H) */
diff --git a/openssl/include/openssl/cmp_util.h b/openssl/include/openssl/cmp_util.h new file mode 100644 index 00000000..2651b847 --- /dev/null +++ b/openssl/include/openssl/cmp_util.h @@ -0,0 +1,53 @@ +/*
+ * Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright Nokia 2007-2019
+ * Copyright Siemens AG 2015-2019
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_CMP_UTIL_H
+# define OPENSSL_CMP_UTIL_H
+
+# include <openssl/opensslconf.h>
+# ifndef OPENSSL_NO_CMP
+
+# include <openssl/macros.h>
+# include <openssl/trace.h>
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+int OSSL_CMP_log_open(void);
+void OSSL_CMP_log_close(void);
+# define OSSL_CMP_LOG_PREFIX "CMP "
+
+/*
+ * generalized logging/error callback mirroring the severity levels of syslog.h
+ */
+typedef int OSSL_CMP_severity;
+# define OSSL_CMP_LOG_EMERG 0
+# define OSSL_CMP_LOG_ALERT 1
+# define OSSL_CMP_LOG_CRIT 2
+# define OSSL_CMP_LOG_ERR 3
+# define OSSL_CMP_LOG_WARNING 4
+# define OSSL_CMP_LOG_NOTICE 5
+# define OSSL_CMP_LOG_INFO 6
+# define OSSL_CMP_LOG_DEBUG 7
+typedef int (*OSSL_CMP_log_cb_t)(const char *func, const char *file, int line,
+ OSSL_CMP_severity level, const char *msg);
+
+int OSSL_CMP_print_to_bio(BIO *bio, const char *component, const char *file,
+ int line, OSSL_CMP_severity level, const char *msg);
+/* use of the logging callback for outputting error queue */
+void OSSL_CMP_print_errors_cb(OSSL_CMP_log_cb_t log_fn);
+
+# ifdef __cplusplus
+}
+# endif
+# endif /* !defined(OPENSSL_NO_CMP) */
+#endif /* !defined(OPENSSL_CMP_UTIL_H) */
diff --git a/openssl/include/openssl/cmperr.h b/openssl/include/openssl/cmperr.h new file mode 100644 index 00000000..7bdf2e3e --- /dev/null +++ b/openssl/include/openssl/cmperr.h @@ -0,0 +1,122 @@ +/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_CMPERR_H
+# define OPENSSL_CMPERR_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_CMP
+
+# ifdef __cplusplus
+extern "C"
+# endif
+int ERR_load_CMP_strings(void);
+
+/*
+ * CMP function codes.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# endif
+
+/*
+ * CMP reason codes.
+ */
+# define CMP_R_ALGORITHM_NOT_SUPPORTED 139
+# define CMP_R_BAD_CHECKAFTER_IN_POLLREP 167
+# define CMP_R_BAD_REQUEST_ID 108
+# define CMP_R_CERTHASH_UNMATCHED 156
+# define CMP_R_CERTID_NOT_FOUND 109
+# define CMP_R_CERTIFICATE_NOT_ACCEPTED 169
+# define CMP_R_CERTIFICATE_NOT_FOUND 112
+# define CMP_R_CERTREQMSG_NOT_FOUND 157
+# define CMP_R_CERTRESPONSE_NOT_FOUND 113
+# define CMP_R_CERT_AND_KEY_DO_NOT_MATCH 114
+# define CMP_R_CHECKAFTER_OUT_OF_RANGE 181
+# define CMP_R_CHECKING_PBM_NO_SECRET_AVAILABLE 166
+# define CMP_R_ENCOUNTERED_KEYUPDATEWARNING 176
+# define CMP_R_ENCOUNTERED_WAITING 162
+# define CMP_R_ERROR_CALCULATING_PROTECTION 115
+# define CMP_R_ERROR_CREATING_CERTCONF 116
+# define CMP_R_ERROR_CREATING_CERTREP 117
+# define CMP_R_ERROR_CREATING_CR 163
+# define CMP_R_ERROR_CREATING_ERROR 118
+# define CMP_R_ERROR_CREATING_GENM 119
+# define CMP_R_ERROR_CREATING_GENP 120
+# define CMP_R_ERROR_CREATING_IR 164
+# define CMP_R_ERROR_CREATING_KUR 165
+# define CMP_R_ERROR_CREATING_P10CR 121
+# define CMP_R_ERROR_CREATING_PKICONF 122
+# define CMP_R_ERROR_CREATING_POLLREP 123
+# define CMP_R_ERROR_CREATING_POLLREQ 124
+# define CMP_R_ERROR_CREATING_RP 125
+# define CMP_R_ERROR_CREATING_RR 126
+# define CMP_R_ERROR_PARSING_PKISTATUS 107
+# define CMP_R_ERROR_PROCESSING_MESSAGE 158
+# define CMP_R_ERROR_PROTECTING_MESSAGE 127
+# define CMP_R_ERROR_SETTING_CERTHASH 128
+# define CMP_R_ERROR_UNEXPECTED_CERTCONF 160
+# define CMP_R_ERROR_VALIDATING_PROTECTION 140
+# define CMP_R_ERROR_VALIDATING_SIGNATURE 171
+# define CMP_R_FAILED_EXTRACTING_PUBKEY 141
+# define CMP_R_FAILURE_OBTAINING_RANDOM 110
+# define CMP_R_FAIL_INFO_OUT_OF_RANGE 129
+# define CMP_R_INVALID_ARGS 100
+# define CMP_R_INVALID_OPTION 174
+# define CMP_R_MISSING_KEY_INPUT_FOR_CREATING_PROTECTION 130
+# define CMP_R_MISSING_KEY_USAGE_DIGITALSIGNATURE 142
+# define CMP_R_MISSING_PRIVATE_KEY 131
+# define CMP_R_MISSING_PROTECTION 143
+# define CMP_R_MISSING_REFERENCE_CERT 168
+# define CMP_R_MISSING_SENDER_IDENTIFICATION 111
+# define CMP_R_MISSING_TRUST_STORE 144
+# define CMP_R_MULTIPLE_REQUESTS_NOT_SUPPORTED 161
+# define CMP_R_MULTIPLE_RESPONSES_NOT_SUPPORTED 170
+# define CMP_R_MULTIPLE_SAN_SOURCES 102
+# define CMP_R_NO_STDIO 194
+# define CMP_R_NO_SUITABLE_SENDER_CERT 145
+# define CMP_R_NULL_ARGUMENT 103
+# define CMP_R_PKIBODY_ERROR 146
+# define CMP_R_PKISTATUSINFO_NOT_FOUND 132
+# define CMP_R_POLLING_FAILED 172
+# define CMP_R_POTENTIALLY_INVALID_CERTIFICATE 147
+# define CMP_R_RECEIVED_ERROR 180
+# define CMP_R_RECIPNONCE_UNMATCHED 148
+# define CMP_R_REQUEST_NOT_ACCEPTED 149
+# define CMP_R_REQUEST_REJECTED_BY_SERVER 182
+# define CMP_R_SENDER_GENERALNAME_TYPE_NOT_SUPPORTED 150
+# define CMP_R_SRVCERT_DOES_NOT_VALIDATE_MSG 151
+# define CMP_R_TOTAL_TIMEOUT 184
+# define CMP_R_TRANSACTIONID_UNMATCHED 152
+# define CMP_R_TRANSFER_ERROR 159
+# define CMP_R_UNEXPECTED_PKIBODY 133
+# define CMP_R_UNEXPECTED_PKISTATUS 185
+# define CMP_R_UNEXPECTED_PVNO 153
+# define CMP_R_UNKNOWN_ALGORITHM_ID 134
+# define CMP_R_UNKNOWN_CERT_TYPE 135
+# define CMP_R_UNKNOWN_PKISTATUS 186
+# define CMP_R_UNSUPPORTED_ALGORITHM 136
+# define CMP_R_UNSUPPORTED_KEY_TYPE 137
+# define CMP_R_UNSUPPORTED_PROTECTION_ALG_DHBASEDMAC 154
+# define CMP_R_VALUE_TOO_LARGE 175
+# define CMP_R_VALUE_TOO_SMALL 177
+# define CMP_R_WRONG_ALGORITHM_OID 138
+# define CMP_R_WRONG_CERTID_IN_RP 187
+# define CMP_R_WRONG_PBM_VALUE 155
+# define CMP_R_WRONG_RP_COMPONENT_COUNT 188
+# define CMP_R_WRONG_SERIAL_IN_RP 173
+
+# endif
+#endif
diff --git a/openssl/include/openssl/cms.h b/openssl/include/openssl/cms.h new file mode 100644 index 00000000..c5ea3919 --- /dev/null +++ b/openssl/include/openssl/cms.h @@ -0,0 +1,352 @@ +/*
+ * Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_CMS_H
+# define OPENSSL_CMS_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_CMS_H
+# endif
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_CMS
+# include <openssl/x509.h>
+# include <openssl/x509v3.h>
+# include <openssl/cmserr.h>
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+typedef struct CMS_ContentInfo_st CMS_ContentInfo;
+typedef struct CMS_SignerInfo_st CMS_SignerInfo;
+typedef struct CMS_CertificateChoices CMS_CertificateChoices;
+typedef struct CMS_RevocationInfoChoice_st CMS_RevocationInfoChoice;
+typedef struct CMS_RecipientInfo_st CMS_RecipientInfo;
+typedef struct CMS_ReceiptRequest_st CMS_ReceiptRequest;
+typedef struct CMS_Receipt_st CMS_Receipt;
+typedef struct CMS_RecipientEncryptedKey_st CMS_RecipientEncryptedKey;
+typedef struct CMS_OtherKeyAttribute_st CMS_OtherKeyAttribute;
+
+DEFINE_OR_DECLARE_STACK_OF(CMS_SignerInfo)
+DEFINE_OR_DECLARE_STACK_OF(CMS_RecipientEncryptedKey)
+DEFINE_OR_DECLARE_STACK_OF(CMS_RecipientInfo)
+DEFINE_OR_DECLARE_STACK_OF(CMS_RevocationInfoChoice)
+
+DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
+DECLARE_ASN1_FUNCTIONS(CMS_ReceiptRequest)
+DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
+
+# define CMS_SIGNERINFO_ISSUER_SERIAL 0
+# define CMS_SIGNERINFO_KEYIDENTIFIER 1
+
+# define CMS_RECIPINFO_NONE -1
+# define CMS_RECIPINFO_TRANS 0
+# define CMS_RECIPINFO_AGREE 1
+# define CMS_RECIPINFO_KEK 2
+# define CMS_RECIPINFO_PASS 3
+# define CMS_RECIPINFO_OTHER 4
+
+/* S/MIME related flags */
+
+# define CMS_TEXT 0x1
+# define CMS_NOCERTS 0x2
+# define CMS_NO_CONTENT_VERIFY 0x4
+# define CMS_NO_ATTR_VERIFY 0x8
+# define CMS_NOSIGS \
+ (CMS_NO_CONTENT_VERIFY|CMS_NO_ATTR_VERIFY)
+# define CMS_NOINTERN 0x10
+# define CMS_NO_SIGNER_CERT_VERIFY 0x20
+# define CMS_NOVERIFY 0x20
+# define CMS_DETACHED 0x40
+# define CMS_BINARY 0x80
+# define CMS_NOATTR 0x100
+# define CMS_NOSMIMECAP 0x200
+# define CMS_NOOLDMIMETYPE 0x400
+# define CMS_CRLFEOL 0x800
+# define CMS_STREAM 0x1000
+# define CMS_NOCRL 0x2000
+# define CMS_PARTIAL 0x4000
+# define CMS_REUSE_DIGEST 0x8000
+# define CMS_USE_KEYID 0x10000
+# define CMS_DEBUG_DECRYPT 0x20000
+# define CMS_KEY_PARAM 0x40000
+# define CMS_ASCIICRLF 0x80000
+# define CMS_CADES 0x100000
+# define CMS_USE_ORIGINATOR_KEYID 0x200000
+
+const ASN1_OBJECT *CMS_get0_type(const CMS_ContentInfo *cms);
+
+BIO *CMS_dataInit(CMS_ContentInfo *cms, BIO *icont);
+int CMS_dataFinal(CMS_ContentInfo *cms, BIO *bio);
+
+ASN1_OCTET_STRING **CMS_get0_content(CMS_ContentInfo *cms);
+int CMS_is_detached(CMS_ContentInfo *cms);
+int CMS_set_detached(CMS_ContentInfo *cms, int detached);
+
+# ifdef OPENSSL_PEM_H
+DECLARE_PEM_rw(CMS, CMS_ContentInfo)
+# endif
+int CMS_stream(unsigned char ***boundary, CMS_ContentInfo *cms);
+CMS_ContentInfo *d2i_CMS_bio(BIO *bp, CMS_ContentInfo **cms);
+int i2d_CMS_bio(BIO *bp, CMS_ContentInfo *cms);
+
+BIO *BIO_new_CMS(BIO *out, CMS_ContentInfo *cms);
+int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags);
+int PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *in,
+ int flags);
+CMS_ContentInfo *SMIME_read_CMS(BIO *bio, BIO **bcont);
+int SMIME_write_CMS(BIO *bio, CMS_ContentInfo *cms, BIO *data, int flags);
+
+int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont,
+ unsigned int flags);
+
+CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey,
+ STACK_OF(X509) *certs, BIO *data,
+ unsigned int flags);
+
+CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
+ X509 *signcert, EVP_PKEY *pkey,
+ STACK_OF(X509) *certs, unsigned int flags);
+
+int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags);
+CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags);
+
+int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
+ unsigned int flags);
+CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md,
+ unsigned int flags);
+
+int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms,
+ const unsigned char *key, size_t keylen,
+ BIO *dcont, BIO *out, unsigned int flags);
+
+CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
+ const unsigned char *key,
+ size_t keylen, unsigned int flags);
+
+int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph,
+ const unsigned char *key, size_t keylen);
+
+int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
+ X509_STORE *store, BIO *dcont, BIO *out, unsigned int flags);
+
+int CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms,
+ STACK_OF(X509) *certs,
+ X509_STORE *store, unsigned int flags);
+
+STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms);
+
+CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in,
+ const EVP_CIPHER *cipher, unsigned int flags);
+
+int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pkey, X509 *cert,
+ BIO *dcont, BIO *out, unsigned int flags);
+
+int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert);
+int CMS_decrypt_set1_pkey_and_peer(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert, X509 *peer);
+int CMS_decrypt_set1_key(CMS_ContentInfo *cms,
+ unsigned char *key, size_t keylen,
+ const unsigned char *id, size_t idlen);
+int CMS_decrypt_set1_password(CMS_ContentInfo *cms,
+ unsigned char *pass, ossl_ssize_t passlen);
+
+STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
+int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
+EVP_PKEY_CTX *CMS_RecipientInfo_get0_pkey_ctx(CMS_RecipientInfo *ri);
+CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher);
+CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms,
+ X509 *recip, unsigned int flags);
+CMS_RecipientInfo *CMS_add1_recipient(CMS_ContentInfo *cms, X509 *recip,
+ EVP_PKEY *originatorPrivKey, X509 * originator, unsigned int flags);
+int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey);
+int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert);
+int CMS_RecipientInfo_ktri_get0_algs(CMS_RecipientInfo *ri,
+ EVP_PKEY **pk, X509 **recip,
+ X509_ALGOR **palg);
+int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri,
+ ASN1_OCTET_STRING **keyid,
+ X509_NAME **issuer,
+ ASN1_INTEGER **sno);
+
+CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid,
+ unsigned char *key, size_t keylen,
+ unsigned char *id, size_t idlen,
+ ASN1_GENERALIZEDTIME *date,
+ ASN1_OBJECT *otherTypeId,
+ ASN1_TYPE *otherType);
+
+int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri,
+ X509_ALGOR **palg,
+ ASN1_OCTET_STRING **pid,
+ ASN1_GENERALIZEDTIME **pdate,
+ ASN1_OBJECT **potherid,
+ ASN1_TYPE **pothertype);
+
+int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri,
+ unsigned char *key, size_t keylen);
+
+int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri,
+ const unsigned char *id, size_t idlen);
+
+int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri,
+ unsigned char *pass,
+ ossl_ssize_t passlen);
+
+CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
+ int iter, int wrap_nid,
+ int pbe_nid,
+ unsigned char *pass,
+ ossl_ssize_t passlen,
+ const EVP_CIPHER *kekciph);
+
+int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
+int CMS_RecipientInfo_encrypt(const CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
+
+int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
+ unsigned int flags);
+CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags);
+
+int CMS_set1_eContentType(CMS_ContentInfo *cms, const ASN1_OBJECT *oid);
+const ASN1_OBJECT *CMS_get0_eContentType(CMS_ContentInfo *cms);
+
+CMS_CertificateChoices *CMS_add0_CertificateChoices(CMS_ContentInfo *cms);
+int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert);
+int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert);
+STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms);
+
+CMS_RevocationInfoChoice *CMS_add0_RevocationInfoChoice(CMS_ContentInfo *cms);
+int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl);
+int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl);
+STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms);
+
+int CMS_SignedData_init(CMS_ContentInfo *cms);
+CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
+ X509 *signer, EVP_PKEY *pk, const EVP_MD *md,
+ unsigned int flags);
+EVP_PKEY_CTX *CMS_SignerInfo_get0_pkey_ctx(CMS_SignerInfo *si);
+EVP_MD_CTX *CMS_SignerInfo_get0_md_ctx(CMS_SignerInfo *si);
+STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms);
+
+void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer);
+int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si,
+ ASN1_OCTET_STRING **keyid,
+ X509_NAME **issuer, ASN1_INTEGER **sno);
+int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert);
+int CMS_set1_signers_certs(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
+ unsigned int flags);
+void CMS_SignerInfo_get0_algs(CMS_SignerInfo *si, EVP_PKEY **pk,
+ X509 **signer, X509_ALGOR **pdig,
+ X509_ALGOR **psig);
+ASN1_OCTET_STRING *CMS_SignerInfo_get0_signature(CMS_SignerInfo *si);
+int CMS_SignerInfo_sign(CMS_SignerInfo *si);
+int CMS_SignerInfo_verify(CMS_SignerInfo *si);
+int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain);
+
+int CMS_add_smimecap(CMS_SignerInfo *si, STACK_OF(X509_ALGOR) *algs);
+int CMS_add_simple_smimecap(STACK_OF(X509_ALGOR) **algs,
+ int algnid, int keysize);
+int CMS_add_standard_smimecap(STACK_OF(X509_ALGOR) **smcap);
+
+int CMS_signed_get_attr_count(const CMS_SignerInfo *si);
+int CMS_signed_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
+ int lastpos);
+int CMS_signed_get_attr_by_OBJ(const CMS_SignerInfo *si, const ASN1_OBJECT *obj,
+ int lastpos);
+X509_ATTRIBUTE *CMS_signed_get_attr(const CMS_SignerInfo *si, int loc);
+X509_ATTRIBUTE *CMS_signed_delete_attr(CMS_SignerInfo *si, int loc);
+int CMS_signed_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr);
+int CMS_signed_add1_attr_by_OBJ(CMS_SignerInfo *si,
+ const ASN1_OBJECT *obj, int type,
+ const void *bytes, int len);
+int CMS_signed_add1_attr_by_NID(CMS_SignerInfo *si,
+ int nid, int type,
+ const void *bytes, int len);
+int CMS_signed_add1_attr_by_txt(CMS_SignerInfo *si,
+ const char *attrname, int type,
+ const void *bytes, int len);
+void *CMS_signed_get0_data_by_OBJ(CMS_SignerInfo *si, const ASN1_OBJECT *oid,
+ int lastpos, int type);
+
+int CMS_unsigned_get_attr_count(const CMS_SignerInfo *si);
+int CMS_unsigned_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
+ int lastpos);
+int CMS_unsigned_get_attr_by_OBJ(const CMS_SignerInfo *si,
+ const ASN1_OBJECT *obj, int lastpos);
+X509_ATTRIBUTE *CMS_unsigned_get_attr(const CMS_SignerInfo *si, int loc);
+X509_ATTRIBUTE *CMS_unsigned_delete_attr(CMS_SignerInfo *si, int loc);
+int CMS_unsigned_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr);
+int CMS_unsigned_add1_attr_by_OBJ(CMS_SignerInfo *si,
+ const ASN1_OBJECT *obj, int type,
+ const void *bytes, int len);
+int CMS_unsigned_add1_attr_by_NID(CMS_SignerInfo *si,
+ int nid, int type,
+ const void *bytes, int len);
+int CMS_unsigned_add1_attr_by_txt(CMS_SignerInfo *si,
+ const char *attrname, int type,
+ const void *bytes, int len);
+void *CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
+ int lastpos, int type);
+
+int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr);
+CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
+ int allorfirst,
+ STACK_OF(GENERAL_NAMES)
+ *receiptList, STACK_OF(GENERAL_NAMES)
+ *receiptsTo);
+int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr);
+void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr,
+ ASN1_STRING **pcid,
+ int *pallorfirst,
+ STACK_OF(GENERAL_NAMES) **plist,
+ STACK_OF(GENERAL_NAMES) **prto);
+int CMS_RecipientInfo_kari_get0_alg(CMS_RecipientInfo *ri,
+ X509_ALGOR **palg,
+ ASN1_OCTET_STRING **pukm);
+STACK_OF(CMS_RecipientEncryptedKey)
+*CMS_RecipientInfo_kari_get0_reks(CMS_RecipientInfo *ri);
+
+int CMS_RecipientInfo_kari_get0_orig_id(CMS_RecipientInfo *ri,
+ X509_ALGOR **pubalg,
+ ASN1_BIT_STRING **pubkey,
+ ASN1_OCTET_STRING **keyid,
+ X509_NAME **issuer,
+ ASN1_INTEGER **sno);
+
+int CMS_RecipientInfo_kari_orig_id_cmp(CMS_RecipientInfo *ri, X509 *cert);
+
+int CMS_RecipientEncryptedKey_get0_id(CMS_RecipientEncryptedKey *rek,
+ ASN1_OCTET_STRING **keyid,
+ ASN1_GENERALIZEDTIME **tm,
+ CMS_OtherKeyAttribute **other,
+ X509_NAME **issuer, ASN1_INTEGER **sno);
+int CMS_RecipientEncryptedKey_cert_cmp(CMS_RecipientEncryptedKey *rek,
+ X509 *cert);
+int CMS_RecipientInfo_kari_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pk);
+int CMS_RecipientInfo_kari_set0_pkey_and_peer(CMS_RecipientInfo *ri, EVP_PKEY *pk, X509 *peer);
+EVP_CIPHER_CTX *CMS_RecipientInfo_kari_get0_ctx(CMS_RecipientInfo *ri);
+int CMS_RecipientInfo_kari_decrypt(CMS_ContentInfo *cms,
+ CMS_RecipientInfo *ri,
+ CMS_RecipientEncryptedKey *rek);
+
+int CMS_SharedInfo_encode(unsigned char **pder, X509_ALGOR *kekalg,
+ ASN1_OCTET_STRING *ukm, int keylen);
+
+/* Backward compatibility for spelling errors. */
+# define CMS_R_UNKNOWN_DIGEST_ALGORITM CMS_R_UNKNOWN_DIGEST_ALGORITHM
+# define CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE \
+ CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE
+
+# ifdef __cplusplus
+}
+# endif
+# endif
+#endif
diff --git a/openssl/include/openssl/cmserr.h b/openssl/include/openssl/cmserr.h new file mode 100644 index 00000000..e6565725 --- /dev/null +++ b/openssl/include/openssl/cmserr.h @@ -0,0 +1,216 @@ +/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_CMSERR_H
+# define OPENSSL_CMSERR_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_CMS
+
+# ifdef __cplusplus
+extern "C"
+# endif
+int ERR_load_CMS_strings(void);
+
+/*
+ * CMS function codes.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define CMS_F_CHECK_CONTENT 0
+# define CMS_F_CMS_ADD0_CERT 0
+# define CMS_F_CMS_ADD0_RECIPIENT_KEY 0
+# define CMS_F_CMS_ADD0_RECIPIENT_PASSWORD 0
+# define CMS_F_CMS_ADD1_RECEIPTREQUEST 0
+# define CMS_F_CMS_ADD1_RECIPIENT 0
+# define CMS_F_CMS_ADD1_RECIPIENT_CERT 0
+# define CMS_F_CMS_ADD1_SIGNER 0
+# define CMS_F_CMS_ADD1_SIGNINGTIME 0
+# define CMS_F_CMS_ADD1_SIGNING_CERT 0
+# define CMS_F_CMS_ADD1_SIGNING_CERT_V2 0
+# define CMS_F_CMS_COMPRESS 0
+# define CMS_F_CMS_COMPRESSEDDATA_CREATE 0
+# define CMS_F_CMS_COMPRESSEDDATA_INIT_BIO 0
+# define CMS_F_CMS_COPY_CONTENT 0
+# define CMS_F_CMS_COPY_MESSAGEDIGEST 0
+# define CMS_F_CMS_DATA 0
+# define CMS_F_CMS_DATAFINAL 0
+# define CMS_F_CMS_DATAINIT 0
+# define CMS_F_CMS_DECRYPT 0
+# define CMS_F_CMS_DECRYPT_SET1_KEY 0
+# define CMS_F_CMS_DECRYPT_SET1_PASSWORD 0
+# define CMS_F_CMS_DECRYPT_SET1_PKEY 0
+# define CMS_F_CMS_DECRYPT_SET1_PKEY_AND_PEER 0
+# define CMS_F_CMS_DIGESTALGORITHM_FIND_CTX 0
+# define CMS_F_CMS_DIGESTALGORITHM_INIT_BIO 0
+# define CMS_F_CMS_DIGESTEDDATA_DO_FINAL 0
+# define CMS_F_CMS_DIGEST_VERIFY 0
+# define CMS_F_CMS_ENCODE_RECEIPT 0
+# define CMS_F_CMS_ENCRYPT 0
+# define CMS_F_CMS_ENCRYPTEDCONTENT_INIT 0
+# define CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO 0
+# define CMS_F_CMS_ENCRYPTEDDATA_DECRYPT 0
+# define CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT 0
+# define CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY 0
+# define CMS_F_CMS_ENVELOPEDDATA_CREATE 0
+# define CMS_F_CMS_ENVELOPEDDATA_ENCRYPTION_INIT_BIO 0
+# define CMS_F_CMS_ENVELOPEDDATA_FINAL 0
+# define CMS_F_CMS_ENVELOPEDDATA_INIT_BIO 0
+# define CMS_F_CMS_ENVELOPED_DATA_INIT 0
+# define CMS_F_CMS_ENV_ASN1_CTRL 0
+# define CMS_F_CMS_FINAL 0
+# define CMS_F_CMS_GET0_CERTIFICATE_CHOICES 0
+# define CMS_F_CMS_GET0_CONTENT 0
+# define CMS_F_CMS_GET0_ECONTENT_TYPE 0
+# define CMS_F_CMS_GET0_ENVELOPED 0
+# define CMS_F_CMS_GET0_REVOCATION_CHOICES 0
+# define CMS_F_CMS_GET0_SIGNED 0
+# define CMS_F_CMS_MSGSIGDIGEST_ADD1 0
+# define CMS_F_CMS_RECEIPTREQUEST_CREATE0 0
+# define CMS_F_CMS_RECEIPT_VERIFY 0
+# define CMS_F_CMS_RECIPIENTINFO_DECRYPT 0
+# define CMS_F_CMS_RECIPIENTINFO_ENCRYPT 0
+# define CMS_F_CMS_RECIPIENTINFO_KARI_DECRYPT 0
+# define CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT 0
+# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG 0
+# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID 0
+# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_REKS 0
+# define CMS_F_CMS_RECIPIENTINFO_KARI_ORIG_ID_CMP 0
+# define CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT 0
+# define CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT 0
+# define CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID 0
+# define CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP 0
+# define CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP 0
+# define CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT 0
+# define CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT 0
+# define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS 0
+# define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID 0
+# define CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT 0
+# define CMS_F_CMS_RECIPIENTINFO_SET0_KEY 0
+# define CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD 0
+# define CMS_F_CMS_RECIPIENTINFO_SET0_PKEY 0
+# define CMS_F_CMS_SD_ASN1_CTRL 0
+# define CMS_F_CMS_SET1_IAS 0
+# define CMS_F_CMS_SET1_KEYID 0
+# define CMS_F_CMS_SET1_SIGNERIDENTIFIER 0
+# define CMS_F_CMS_SET_DETACHED 0
+# define CMS_F_CMS_SIGN 0
+# define CMS_F_CMS_SIGNED_DATA_INIT 0
+# define CMS_F_CMS_SIGNERINFO_CONTENT_SIGN 0
+# define CMS_F_CMS_SIGNERINFO_GET_CHAIN 0
+# define CMS_F_CMS_SIGNERINFO_SIGN 0
+# define CMS_F_CMS_SIGNERINFO_VERIFY 0
+# define CMS_F_CMS_SIGNERINFO_VERIFY_CERT 0
+# define CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT 0
+# define CMS_F_CMS_SIGN_RECEIPT 0
+# define CMS_F_CMS_SI_CHECK_ATTRIBUTES 0
+# define CMS_F_CMS_STREAM 0
+# define CMS_F_CMS_UNCOMPRESS 0
+# define CMS_F_CMS_VERIFY 0
+# define CMS_F_ESS_CHECK_SIGNING_CERTS 0
+# define CMS_F_KEK_UNWRAP_KEY 0
+# endif
+
+/*
+ * CMS reason codes.
+ */
+# define CMS_R_ADD_SIGNER_ERROR 99
+# define CMS_R_ATTRIBUTE_ERROR 161
+# define CMS_R_CERTIFICATE_ALREADY_PRESENT 175
+# define CMS_R_CERTIFICATE_HAS_NO_KEYID 160
+# define CMS_R_CERTIFICATE_VERIFY_ERROR 100
+# define CMS_R_CIPHER_INITIALISATION_ERROR 101
+# define CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR 102
+# define CMS_R_CMS_DATAFINAL_ERROR 103
+# define CMS_R_CMS_LIB 104
+# define CMS_R_CONTENTIDENTIFIER_MISMATCH 170
+# define CMS_R_CONTENT_NOT_FOUND 105
+# define CMS_R_CONTENT_TYPE_MISMATCH 171
+# define CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA 106
+# define CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA 107
+# define CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA 108
+# define CMS_R_CONTENT_VERIFY_ERROR 109
+# define CMS_R_CTRL_ERROR 110
+# define CMS_R_CTRL_FAILURE 111
+# define CMS_R_DECRYPT_ERROR 112
+# define CMS_R_ERROR_GETTING_PUBLIC_KEY 113
+# define CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE 114
+# define CMS_R_ERROR_SETTING_KEY 115
+# define CMS_R_ERROR_SETTING_RECIPIENTINFO 116
+# define CMS_R_ESS_NO_SIGNING_CERTID_ATTRIBUTE 182
+# define CMS_R_ESS_SIGNING_CERTID_MISMATCH_ERROR 183
+# define CMS_R_INVALID_ENCRYPTED_KEY_LENGTH 117
+# define CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER 176
+# define CMS_R_INVALID_KEY_LENGTH 118
+# define CMS_R_MD_BIO_INIT_ERROR 119
+# define CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH 120
+# define CMS_R_MESSAGEDIGEST_WRONG_LENGTH 121
+# define CMS_R_MSGSIGDIGEST_ERROR 172
+# define CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE 162
+# define CMS_R_MSGSIGDIGEST_WRONG_LENGTH 163
+# define CMS_R_NEED_ONE_SIGNER 164
+# define CMS_R_NOT_A_SIGNED_RECEIPT 165
+# define CMS_R_NOT_ENCRYPTED_DATA 122
+# define CMS_R_NOT_KEK 123
+# define CMS_R_NOT_KEY_AGREEMENT 181
+# define CMS_R_NOT_KEY_TRANSPORT 124
+# define CMS_R_NOT_PWRI 177
+# define CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 125
+# define CMS_R_NO_CIPHER 126
+# define CMS_R_NO_CONTENT 127
+# define CMS_R_NO_CONTENT_TYPE 173
+# define CMS_R_NO_DEFAULT_DIGEST 128
+# define CMS_R_NO_DIGEST_SET 129
+# define CMS_R_NO_KEY 130
+# define CMS_R_NO_KEY_OR_CERT 174
+# define CMS_R_NO_MATCHING_DIGEST 131
+# define CMS_R_NO_MATCHING_RECIPIENT 132
+# define CMS_R_NO_MATCHING_SIGNATURE 166
+# define CMS_R_NO_MSGSIGDIGEST 167
+# define CMS_R_NO_PASSWORD 178
+# define CMS_R_NO_PRIVATE_KEY 133
+# define CMS_R_NO_PUBLIC_KEY 134
+# define CMS_R_NO_RECEIPT_REQUEST 168
+# define CMS_R_NO_SIGNERS 135
+# define CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 136
+# define CMS_R_RECEIPT_DECODE_ERROR 169
+# define CMS_R_RECIPIENT_ERROR 137
+# define CMS_R_SIGNER_CERTIFICATE_NOT_FOUND 138
+# define CMS_R_SIGNFINAL_ERROR 139
+# define CMS_R_SMIME_TEXT_ERROR 140
+# define CMS_R_STORE_INIT_ERROR 141
+# define CMS_R_TYPE_NOT_COMPRESSED_DATA 142
+# define CMS_R_TYPE_NOT_DATA 143
+# define CMS_R_TYPE_NOT_DIGESTED_DATA 144
+# define CMS_R_TYPE_NOT_ENCRYPTED_DATA 145
+# define CMS_R_TYPE_NOT_ENVELOPED_DATA 146
+# define CMS_R_UNABLE_TO_FINALIZE_CONTEXT 147
+# define CMS_R_UNKNOWN_CIPHER 148
+# define CMS_R_UNKNOWN_DIGEST_ALGORITHM 149
+# define CMS_R_UNKNOWN_ID 150
+# define CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM 151
+# define CMS_R_UNSUPPORTED_CONTENT_TYPE 152
+# define CMS_R_UNSUPPORTED_KEK_ALGORITHM 153
+# define CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM 179
+# define CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE 155
+# define CMS_R_UNSUPPORTED_RECIPIENT_TYPE 154
+# define CMS_R_UNSUPPORTED_TYPE 156
+# define CMS_R_UNWRAP_ERROR 157
+# define CMS_R_UNWRAP_FAILURE 180
+# define CMS_R_VERIFICATION_FAILURE 158
+# define CMS_R_WRAP_ERROR 159
+
+# endif
+#endif
diff --git a/openssl/include/openssl/comp.h b/openssl/include/openssl/comp.h new file mode 100644 index 00000000..2522c485 --- /dev/null +++ b/openssl/include/openssl/comp.h @@ -0,0 +1,59 @@ +/*
+ * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_COMP_H
+# define OPENSSL_COMP_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_COMP_H
+# endif
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_COMP
+# include <openssl/crypto.h>
+# include <openssl/comperr.h>
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+
+
+COMP_CTX *COMP_CTX_new(COMP_METHOD *meth);
+const COMP_METHOD *COMP_CTX_get_method(const COMP_CTX *ctx);
+int COMP_CTX_get_type(const COMP_CTX* comp);
+int COMP_get_type(const COMP_METHOD *meth);
+const char *COMP_get_name(const COMP_METHOD *meth);
+void COMP_CTX_free(COMP_CTX *ctx);
+
+int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen,
+ unsigned char *in, int ilen);
+int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen,
+ unsigned char *in, int ilen);
+
+COMP_METHOD *COMP_zlib(void);
+
+#ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# define COMP_zlib_cleanup() while(0) continue
+#endif
+
+# ifdef OPENSSL_BIO_H
+# ifdef ZLIB
+const BIO_METHOD *BIO_f_zlib(void);
+# endif
+# endif
+
+
+# ifdef __cplusplus
+}
+# endif
+# endif
+#endif
diff --git a/openssl/include/openssl/comperr.h b/openssl/include/openssl/comperr.h new file mode 100644 index 00000000..f12e9c54 --- /dev/null +++ b/openssl/include/openssl/comperr.h @@ -0,0 +1,47 @@ +/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_COMPERR_H
+# define OPENSSL_COMPERR_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_COMP
+
+# ifdef __cplusplus
+extern "C"
+# endif
+int ERR_load_COMP_strings(void);
+
+/*
+ * COMP function codes.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define COMP_F_BIO_ZLIB_FLUSH 0
+# define COMP_F_BIO_ZLIB_NEW 0
+# define COMP_F_BIO_ZLIB_READ 0
+# define COMP_F_BIO_ZLIB_WRITE 0
+# define COMP_F_COMP_CTX_NEW 0
+# endif
+
+/*
+ * COMP reason codes.
+ */
+# define COMP_R_ZLIB_DEFLATE_ERROR 99
+# define COMP_R_ZLIB_INFLATE_ERROR 100
+# define COMP_R_ZLIB_NOT_SUPPORTED 101
+
+# endif
+#endif
diff --git a/openssl/include/openssl/conf.h b/openssl/include/openssl/conf.h new file mode 100644 index 00000000..4022a9b9 --- /dev/null +++ b/openssl/include/openssl/conf.h @@ -0,0 +1,180 @@ +/*
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_CONF_H
+# define OPENSSL_CONF_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_CONF_H
+# endif
+
+# include <openssl/bio.h>
+# include <openssl/lhash.h>
+# include <openssl/safestack.h>
+# include <openssl/e_os2.h>
+# include <openssl/types.h>
+# include <openssl/conferr.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct {
+ char *section;
+ char *name;
+ char *value;
+} CONF_VALUE;
+
+DEFINE_OR_DECLARE_STACK_OF(CONF_VALUE)
+
+DEFINE_LHASH_OF(CONF_VALUE);
+
+struct conf_st;
+struct conf_method_st;
+typedef struct conf_method_st CONF_METHOD;
+
+struct conf_method_st {
+ const char *name;
+ CONF *(*create) (CONF_METHOD *meth);
+ int (*init) (CONF *conf);
+ int (*destroy) (CONF *conf);
+ int (*destroy_data) (CONF *conf);
+ int (*load_bio) (CONF *conf, BIO *bp, long *eline);
+ int (*dump) (const CONF *conf, BIO *bp);
+ int (*is_number) (const CONF *conf, char c);
+ int (*to_int) (const CONF *conf, char c);
+ int (*load) (CONF *conf, const char *name, long *eline);
+};
+
+/* Module definitions */
+
+typedef struct conf_imodule_st CONF_IMODULE;
+typedef struct conf_module_st CONF_MODULE;
+
+STACK_OF(CONF_MODULE);
+STACK_OF(CONF_IMODULE);
+
+/* DSO module function typedefs */
+typedef int conf_init_func (CONF_IMODULE *md, const CONF *cnf);
+typedef void conf_finish_func (CONF_IMODULE *md);
+
+# define CONF_MFLAGS_IGNORE_ERRORS 0x1
+# define CONF_MFLAGS_IGNORE_RETURN_CODES 0x2
+# define CONF_MFLAGS_SILENT 0x4
+# define CONF_MFLAGS_NO_DSO 0x8
+# define CONF_MFLAGS_IGNORE_MISSING_FILE 0x10
+# define CONF_MFLAGS_DEFAULT_SECTION 0x20
+
+int CONF_set_default_method(CONF_METHOD *meth);
+void CONF_set_nconf(CONF *conf, LHASH_OF(CONF_VALUE) *hash);
+LHASH_OF(CONF_VALUE) *CONF_load(LHASH_OF(CONF_VALUE) *conf, const char *file,
+ long *eline);
+# ifndef OPENSSL_NO_STDIO
+LHASH_OF(CONF_VALUE) *CONF_load_fp(LHASH_OF(CONF_VALUE) *conf, FILE *fp,
+ long *eline);
+# endif
+LHASH_OF(CONF_VALUE) *CONF_load_bio(LHASH_OF(CONF_VALUE) *conf, BIO *bp,
+ long *eline);
+STACK_OF(CONF_VALUE) *CONF_get_section(LHASH_OF(CONF_VALUE) *conf,
+ const char *section);
+char *CONF_get_string(LHASH_OF(CONF_VALUE) *conf, const char *group,
+ const char *name);
+long CONF_get_number(LHASH_OF(CONF_VALUE) *conf, const char *group,
+ const char *name);
+void CONF_free(LHASH_OF(CONF_VALUE) *conf);
+#ifndef OPENSSL_NO_STDIO
+int CONF_dump_fp(LHASH_OF(CONF_VALUE) *conf, FILE *out);
+#endif
+int CONF_dump_bio(LHASH_OF(CONF_VALUE) *conf, BIO *out);
+
+DEPRECATEDIN_1_1_0(void OPENSSL_config(const char *config_name))
+
+#ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# define OPENSSL_no_config() \
+ OPENSSL_init_crypto(OPENSSL_INIT_NO_LOAD_CONFIG, NULL)
+#endif
+
+/*
+ * New conf code. The semantics are different from the functions above. If
+ * that wasn't the case, the above functions would have been replaced
+ */
+
+struct conf_st {
+ CONF_METHOD *meth;
+ void *meth_data;
+ LHASH_OF(CONF_VALUE) *data;
+ unsigned int flag_dollarid:1;
+ OPENSSL_CTX *libctx;
+};
+
+CONF *NCONF_new_with_libctx(OPENSSL_CTX *libctx, CONF_METHOD *meth);
+CONF *NCONF_new(CONF_METHOD *meth);
+CONF_METHOD *NCONF_default(void);
+DEPRECATEDIN_3_0(CONF_METHOD *NCONF_WIN32(void))
+void NCONF_free(CONF *conf);
+void NCONF_free_data(CONF *conf);
+
+int NCONF_load(CONF *conf, const char *file, long *eline);
+# ifndef OPENSSL_NO_STDIO
+int NCONF_load_fp(CONF *conf, FILE *fp, long *eline);
+# endif
+int NCONF_load_bio(CONF *conf, BIO *bp, long *eline);
+STACK_OF(CONF_VALUE) *NCONF_get_section(const CONF *conf,
+ const char *section);
+char *NCONF_get_string(const CONF *conf, const char *group, const char *name);
+int NCONF_get_number_e(const CONF *conf, const char *group, const char *name,
+ long *result);
+#ifndef OPENSSL_NO_STDIO
+int NCONF_dump_fp(const CONF *conf, FILE *out);
+#endif
+int NCONF_dump_bio(const CONF *conf, BIO *out);
+
+#define NCONF_get_number(c,g,n,r) NCONF_get_number_e(c,g,n,r)
+
+/* Module functions */
+
+int CONF_modules_load(const CONF *cnf, const char *appname,
+ unsigned long flags);
+int CONF_modules_load_file_with_libctx(OPENSSL_CTX *libctx, const char *filename,
+ const char *appname, unsigned long flags);
+int CONF_modules_load_file(const char *filename, const char *appname,
+ unsigned long flags);
+void CONF_modules_unload(int all);
+void CONF_modules_finish(void);
+#ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# define CONF_modules_free() while(0) continue
+#endif
+int CONF_module_add(const char *name, conf_init_func *ifunc,
+ conf_finish_func *ffunc);
+
+const char *CONF_imodule_get_name(const CONF_IMODULE *md);
+const char *CONF_imodule_get_value(const CONF_IMODULE *md);
+void *CONF_imodule_get_usr_data(const CONF_IMODULE *md);
+void CONF_imodule_set_usr_data(CONF_IMODULE *md, void *usr_data);
+CONF_MODULE *CONF_imodule_get_module(const CONF_IMODULE *md);
+unsigned long CONF_imodule_get_flags(const CONF_IMODULE *md);
+void CONF_imodule_set_flags(CONF_IMODULE *md, unsigned long flags);
+void *CONF_module_get_usr_data(CONF_MODULE *pmod);
+void CONF_module_set_usr_data(CONF_MODULE *pmod, void *usr_data);
+
+char *CONF_get1_default_config_file(void);
+
+int CONF_parse_list(const char *list, int sep, int nospc,
+ int (*list_cb) (const char *elem, int len, void *usr),
+ void *arg);
+
+void OPENSSL_load_builtin_modules(void);
+
+
+# ifdef __cplusplus
+}
+# endif
+#endif
diff --git a/openssl/include/openssl/conf_api.h b/openssl/include/openssl/conf_api.h new file mode 100644 index 00000000..22d98791 --- /dev/null +++ b/openssl/include/openssl/conf_api.h @@ -0,0 +1,46 @@ +/*
+ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_CONF_API_H
+# define OPENSSL_CONF_API_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_CONF_API_H
+# endif
+
+# include <openssl/lhash.h>
+# include <openssl/conf.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Up until OpenSSL 0.9.5a, this was new_section */
+CONF_VALUE *_CONF_new_section(CONF *conf, const char *section);
+/* Up until OpenSSL 0.9.5a, this was get_section */
+CONF_VALUE *_CONF_get_section(const CONF *conf, const char *section);
+/* Up until OpenSSL 0.9.5a, this was CONF_get_section */
+STACK_OF(CONF_VALUE) *_CONF_get_section_values(const CONF *conf,
+ const char *section);
+
+int _CONF_add_string(CONF *conf, CONF_VALUE *section, CONF_VALUE *value);
+char *_CONF_get_string(const CONF *conf, const char *section,
+ const char *name);
+long _CONF_get_number(const CONF *conf, const char *section,
+ const char *name);
+
+int _CONF_new_data(CONF *conf);
+void _CONF_free_data(CONF *conf);
+
+#ifdef __cplusplus
+}
+#endif
+#endif
diff --git a/openssl/include/openssl/conferr.h b/openssl/include/openssl/conferr.h new file mode 100644 index 00000000..1f9a40a7 --- /dev/null +++ b/openssl/include/openssl/conferr.h @@ -0,0 +1,81 @@ +/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_CONFERR_H
+# define OPENSSL_CONFERR_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+
+
+# ifdef __cplusplus
+extern "C"
+# endif
+int ERR_load_CONF_strings(void);
+
+/*
+ * CONF function codes.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define CONF_F_CONF_DUMP_FP 0
+# define CONF_F_CONF_LOAD 0
+# define CONF_F_CONF_LOAD_FP 0
+# define CONF_F_CONF_PARSE_LIST 0
+# define CONF_F_DEF_LOAD 0
+# define CONF_F_DEF_LOAD_BIO 0
+# define CONF_F_GET_NEXT_FILE 0
+# define CONF_F_MODULE_ADD 0
+# define CONF_F_MODULE_INIT 0
+# define CONF_F_MODULE_LOAD_DSO 0
+# define CONF_F_MODULE_RUN 0
+# define CONF_F_NCONF_DUMP_BIO 0
+# define CONF_F_NCONF_DUMP_FP 0
+# define CONF_F_NCONF_GET_NUMBER_E 0
+# define CONF_F_NCONF_GET_SECTION 0
+# define CONF_F_NCONF_GET_STRING 0
+# define CONF_F_NCONF_LOAD 0
+# define CONF_F_NCONF_LOAD_BIO 0
+# define CONF_F_NCONF_LOAD_FP 0
+# define CONF_F_NCONF_NEW 0
+# define CONF_F_PROCESS_INCLUDE 0
+# define CONF_F_SSL_MODULE_INIT 0
+# define CONF_F_STR_COPY 0
+# endif
+
+/*
+ * CONF reason codes.
+ */
+# define CONF_R_ERROR_LOADING_DSO 110
+# define CONF_R_INVALID_PRAGMA 122
+# define CONF_R_LIST_CANNOT_BE_NULL 115
+# define CONF_R_MANDATORY_BRACES_IN_VARIABLE_EXPANSION 123
+# define CONF_R_MISSING_CLOSE_SQUARE_BRACKET 100
+# define CONF_R_MISSING_EQUAL_SIGN 101
+# define CONF_R_MISSING_INIT_FUNCTION 112
+# define CONF_R_MODULE_INITIALIZATION_ERROR 109
+# define CONF_R_NO_CLOSE_BRACE 102
+# define CONF_R_NO_CONF 105
+# define CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE 106
+# define CONF_R_NO_SECTION 107
+# define CONF_R_NO_SUCH_FILE 114
+# define CONF_R_NO_VALUE 108
+# define CONF_R_NUMBER_TOO_LARGE 121
+# define CONF_R_RECURSIVE_DIRECTORY_INCLUDE 111
+# define CONF_R_SSL_COMMAND_SECTION_EMPTY 117
+# define CONF_R_SSL_COMMAND_SECTION_NOT_FOUND 118
+# define CONF_R_SSL_SECTION_EMPTY 119
+# define CONF_R_SSL_SECTION_NOT_FOUND 120
+# define CONF_R_UNABLE_TO_CREATE_NEW_SECTION 103
+# define CONF_R_UNKNOWN_MODULE_NAME 113
+# define CONF_R_VARIABLE_EXPANSION_TOO_LONG 116
+# define CONF_R_VARIABLE_HAS_NO_VALUE 104
+
+#endif
diff --git a/openssl/include/openssl/configuration.h b/openssl/include/openssl/configuration.h new file mode 100644 index 00000000..d3a49be7 --- /dev/null +++ b/openssl/include/openssl/configuration.h @@ -0,0 +1,129 @@ +/*
+ * WARNING: do not edit!
+ * Generated by makefile from include\openssl\configuration.h.in
+ *
+ * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_CONFIGURATION_H
+# define OPENSSL_CONFIGURATION_H
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+# ifdef OPENSSL_ALGORITHM_DEFINES
+# error OPENSSL_ALGORITHM_DEFINES no longer supported
+# endif
+
+/*
+ * OpenSSL was configured with the following options:
+ */
+
+# ifndef OPENSSL_SYS_WIN32
+# define OPENSSL_SYS_WIN32 1
+# endif
+# define OPENSSL_CONFIGURED_API 30000
+# ifndef OPENSSL_RAND_SEED_OS
+# define OPENSSL_RAND_SEED_OS
+# endif
+# ifndef OPENSSL_THREADS
+# define OPENSSL_THREADS
+# endif
+# ifndef OPENSSL_NO_AFALGENG
+# define OPENSSL_NO_AFALGENG
+# endif
+# ifndef OPENSSL_NO_ASAN
+# define OPENSSL_NO_ASAN
+# endif
+# ifndef OPENSSL_NO_CRYPTO_MDEBUG
+# define OPENSSL_NO_CRYPTO_MDEBUG
+# endif
+# ifndef OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
+# define OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
+# endif
+# ifndef OPENSSL_NO_DEVCRYPTOENG
+# define OPENSSL_NO_DEVCRYPTOENG
+# endif
+# ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+# define OPENSSL_NO_EC_NISTP_64_GCC_128
+# endif
+# ifndef OPENSSL_NO_EGD
+# define OPENSSL_NO_EGD
+# endif
+# ifndef OPENSSL_NO_EXTERNAL_TESTS
+# define OPENSSL_NO_EXTERNAL_TESTS
+# endif
+# ifndef OPENSSL_NO_FUZZ_AFL
+# define OPENSSL_NO_FUZZ_AFL
+# endif
+# ifndef OPENSSL_NO_FUZZ_LIBFUZZER
+# define OPENSSL_NO_FUZZ_LIBFUZZER
+# endif
+# ifndef OPENSSL_NO_KTLS
+# define OPENSSL_NO_KTLS
+# endif
+# ifndef OPENSSL_NO_MD2
+# define OPENSSL_NO_MD2
+# endif
+# ifndef OPENSSL_NO_MSAN
+# define OPENSSL_NO_MSAN
+# endif
+# ifndef OPENSSL_NO_RC5
+# define OPENSSL_NO_RC5
+# endif
+# ifndef OPENSSL_NO_SCTP
+# define OPENSSL_NO_SCTP
+# endif
+# ifndef OPENSSL_NO_SSL_TRACE
+# define OPENSSL_NO_SSL_TRACE
+# endif
+# ifndef OPENSSL_NO_SSL3
+# define OPENSSL_NO_SSL3
+# endif
+# ifndef OPENSSL_NO_SSL3_METHOD
+# define OPENSSL_NO_SSL3_METHOD
+# endif
+# ifndef OPENSSL_NO_TRACE
+# define OPENSSL_NO_TRACE
+# endif
+# ifndef OPENSSL_NO_UBSAN
+# define OPENSSL_NO_UBSAN
+# endif
+# ifndef OPENSSL_NO_UNIT_TEST
+# define OPENSSL_NO_UNIT_TEST
+# endif
+# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+# define OPENSSL_NO_WEAK_SSL_CIPHERS
+# endif
+# ifndef OPENSSL_NO_STATIC_ENGINE
+# define OPENSSL_NO_STATIC_ENGINE
+# endif
+
+
+/* Generate 80386 code? */
+# undef I386_ONLY
+
+/*
+ * The following are cipher-specific, but are part of the public API.
+ */
+# if !defined(OPENSSL_SYS_UEFI)
+# define BN_LLONG
+/* Only one for the following should be defined */
+# undef SIXTY_FOUR_BIT_LONG
+# undef SIXTY_FOUR_BIT
+# define THIRTY_TWO_BIT
+# endif
+
+# define RC4_INT unsigned int
+
+# ifdef __cplusplus
+}
+# endif
+
+#endif /* OPENSSL_CONFIGURATION_H */
diff --git a/openssl/include/openssl/core.h b/openssl/include/openssl/core.h new file mode 100644 index 00000000..ab9ad5b5 --- /dev/null +++ b/openssl/include/openssl/core.h @@ -0,0 +1,231 @@ +/*
+ * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_CORE_H
+# define OPENSSL_CORE_H
+
+# include <stddef.h>
+# include <openssl/types.h>
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+/*-
+ * Base types
+ * ----------
+ *
+ * These are the types that the OpenSSL core and providers have in common
+ * to communicate data between them.
+ */
+
+/* Opaque handles to be used with core upcall functions from providers */
+typedef struct ossl_core_handle_st OSSL_CORE_HANDLE;
+typedef struct openssl_core_ctx_st OPENSSL_CORE_CTX;
+typedef struct ossl_core_bio_st OSSL_CORE_BIO;
+
+/*
+ * Dispatch table element. function_id numbers are defined further down,
+ * see macros with '_FUNC' in their names.
+ *
+ * An array of these is always terminated by function_id == 0
+ */
+struct ossl_dispatch_st {
+ int function_id;
+ void (*function)(void);
+};
+
+/*
+ * Other items, essentially an int<->pointer map element.
+ *
+ * We make this type distinct from OSSL_DISPATCH to ensure that dispatch
+ * tables remain tables with function pointers only.
+ *
+ * This is used whenever we need to pass things like a table of error reason
+ * codes <-> reason string maps, ...
+ *
+ * Usage determines which field works as key if any, rather than field order.
+ *
+ * An array of these is always terminated by id == 0 && ptr == NULL
+ */
+struct ossl_item_st {
+ unsigned int id;
+ void *ptr;
+};
+
+/*
+ * Type to tie together algorithm names, property definition string and
+ * the algorithm implementation in the form of a dispatch table.
+ *
+ * An array of these is always terminated by algorithm_names == NULL
+ */
+struct ossl_algorithm_st {
+ const char *algorithm_names; /* key */
+ const char *property_definition; /* key */
+ const OSSL_DISPATCH *implementation;
+};
+
+/*
+ * Type to pass object data in a uniform way, without exposing the object
+ * structure.
+ *
+ * An array of these is always terminated by key == NULL
+ */
+struct ossl_param_st {
+ const char *key; /* the name of the parameter */
+ unsigned int data_type; /* declare what kind of content is in buffer */
+ void *data; /* value being passed in or out */
+ size_t data_size; /* data size */
+ size_t return_size; /* returned content size */
+};
+
+/* Currently supported OSSL_PARAM data types */
+/*
+ * OSSL_PARAM_INTEGER and OSSL_PARAM_UNSIGNED_INTEGER
+ * are arbitrary length and therefore require an arbitrarily sized buffer,
+ * since they may be used to pass numbers larger than what is natively
+ * available.
+ *
+ * The number must be buffered in native form, i.e. MSB first on B_ENDIAN
+ * systems and LSB first on L_ENDIAN systems. This means that arbitrary
+ * native integers can be stored in the buffer, just make sure that the
+ * buffer size is correct and the buffer itself is properly aligned (for
+ * example by having the buffer field point at a C integer).
+ */
+# define OSSL_PARAM_INTEGER 1
+# define OSSL_PARAM_UNSIGNED_INTEGER 2
+/*-
+ * OSSL_PARAM_REAL
+ * is a C binary floating point values in native form and alignment.
+ */
+# define OSSL_PARAM_REAL 3
+/*-
+ * OSSL_PARAM_UTF8_STRING
+ * is a printable string. Is expteced to be printed as it is.
+ */
+# define OSSL_PARAM_UTF8_STRING 4
+/*-
+ * OSSL_PARAM_OCTET_STRING
+ * is a string of bytes with no further specification. Is expected to be
+ * printed as a hexdump.
+ */
+# define OSSL_PARAM_OCTET_STRING 5
+/*-
+ * OSSL_PARAM_UTF8_PTR
+ * is a pointer to a printable string. Is expteced to be printed as it is.
+ *
+ * The difference between this and OSSL_PARAM_UTF8_STRING is that only pointers
+ * are manipulated for this type.
+ *
+ * This is more relevant for parameter requests, where the responding
+ * function doesn't need to copy the data to the provided buffer, but
+ * sets the provided buffer to point at the actual data instead.
+ *
+ * WARNING! Using these is FRAGILE, as it assumes that the actual
+ * data and its location are constant.
+ *
+ * EXTRA WARNING! If you are not completely sure you most likely want
+ * to use the OSSL_PARAM_UTF8_STRING type.
+ */
+# define OSSL_PARAM_UTF8_PTR 6
+/*-
+ * OSSL_PARAM_OCTET_PTR
+ * is a pointer to a string of bytes with no further specification. It is
+ * expected to be printed as a hexdump.
+ *
+ * The difference between this and OSSL_PARAM_OCTET_STRING is that only pointers
+ * are manipulated for this type.
+ *
+ * This is more relevant for parameter requests, where the responding
+ * function doesn't need to copy the data to the provided buffer, but
+ * sets the provided buffer to point at the actual data instead.
+ *
+ * WARNING! Using these is FRAGILE, as it assumes that the actual
+ * data and its location are constant.
+ *
+ * EXTRA WARNING! If you are not completely sure you most likely want
+ * to use the OSSL_PARAM_OCTET_STRING type.
+ */
+# define OSSL_PARAM_OCTET_PTR 7
+
+/*
+ * Typedef for the thread stop handling callback. Used both internally and by
+ * providers.
+ *
+ * Providers may register for notifications about threads stopping by
+ * registering a callback to hear about such events. Providers register the
+ * callback using the OSSL_FUNC_CORE_THREAD_START function in the |in| dispatch
+ * table passed to OSSL_provider_init(). The arg passed back to a provider will
+ * be the provider side context object.
+ */
+typedef void (*OSSL_thread_stop_handler_fn)(void *arg);
+
+
+/*-
+ * Provider entry point
+ * --------------------
+ *
+ * This function is expected to be present in any dynamically loadable
+ * provider module. By definition, if this function doesn't exist in a
+ * module, that module is not an OpenSSL provider module.
+ */
+/*-
+ * |handle| pointer to opaque type OSSL_CORE_HANDLE. This can be used
+ * together with some functions passed via |in| to query data.
+ * |in| is the array of functions that the Core passes to the provider.
+ * |out| will be the array of base functions that the provider passes
+ * back to the Core.
+ * |provctx| a provider side context object, optionally created if the
+ * provider needs it. This value is passed to other provider
+ * functions, notably other context constructors.
+ */
+typedef int (OSSL_provider_init_fn)(const OSSL_CORE_HANDLE *handle,
+ const OSSL_DISPATCH *in,
+ const OSSL_DISPATCH **out,
+ void **provctx);
+# ifdef __VMS
+# pragma names save
+# pragma names uppercase,truncated
+# endif
+extern OSSL_provider_init_fn OSSL_provider_init;
+# ifdef __VMS
+# pragma names restore
+# endif
+
+/*
+ * Generic callback function signature.
+ *
+ * The expectation is that any provider function that wants to offer
+ * a callback / hook can do so by taking an argument with this type,
+ * as well as a pointer to caller-specific data. When calling the
+ * callback, the provider function can populate an OSSL_PARAM array
+ * with data of its choice and pass that in the callback call, along
+ * with the caller data argument.
+ *
+ * libcrypto may use the OSSL_PARAM array to create arguments for an
+ * application callback it knows about.
+ */
+typedef int (OSSL_CALLBACK)(const OSSL_PARAM params[], void *arg);
+typedef int (OSSL_INOUT_CALLBACK)(const OSSL_PARAM in_params[],
+ OSSL_PARAM out_params[], void *arg);
+/*
+ * Passphrase callback function signature
+ *
+ * This is similar to the generic callback function above, but adds a
+ * result parameter.
+ */
+typedef int (OSSL_PASSPHRASE_CALLBACK)(char *pass, size_t pass_size,
+ size_t *pass_len,
+ const OSSL_PARAM params[], void *arg);
+
+# ifdef __cplusplus
+}
+# endif
+
+#endif
diff --git a/openssl/include/openssl/core_dispatch.h b/openssl/include/openssl/core_dispatch.h new file mode 100644 index 00000000..85abac55 --- /dev/null +++ b/openssl/include/openssl/core_dispatch.h @@ -0,0 +1,717 @@ +/*
+ * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_CORE_NUMBERS_H
+# define OPENSSL_CORE_NUMBERS_H
+
+# include <stdarg.h>
+# include <openssl/core.h>
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+/*-
+ * Identities
+ * ----------
+ *
+ * All series start with 1, to allow 0 to be an array terminator.
+ * For any FUNC identity, we also provide a function signature typedef
+ * and a static inline function to extract a function pointer from a
+ * OSSL_DISPATCH element in a type safe manner.
+ *
+ * Names:
+ * for any function base name 'foo' (uppercase form 'FOO'), we will have
+ * the following:
+ * - a macro for the identity with the name OSSL_FUNC_'FOO' or derivatives
+ * thereof (to be specified further down)
+ * - a function signature typedef with the name OSSL_FUNC_'foo'_fn
+ * - a function pointer extractor function with the name OSSL_FUNC_'foo'
+ */
+
+/*
+ * Helper macro to create the function signature typedef and the extractor
+ * |type| is the return-type of the function, |name| is the name of the
+ * function to fetch, and |args| is a parenthesized list of parameters
+ * for the function (that is, it is |name|'s function signature).
+ */
+#define OSSL_CORE_MAKE_FUNC(type,name,args) \
+ typedef type (OSSL_FUNC_##name##_fn)args; \
+ static ossl_inline \
+ OSSL_FUNC_##name##_fn *OSSL_FUNC_##name(const OSSL_DISPATCH *opf) \
+ { \
+ return (OSSL_FUNC_##name##_fn *)opf->function; \
+ }
+
+/*
+ * Core function identities, for the two OSSL_DISPATCH tables being passed
+ * in the OSSL_provider_init call.
+ *
+ * 0 serves as a marker for the end of the OSSL_DISPATCH array, and must
+ * therefore NEVER be used as a function identity.
+ */
+/* Functions provided by the Core to the provider, reserved numbers 1-1023 */
+# define OSSL_FUNC_CORE_GETTABLE_PARAMS 1
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *,
+ core_gettable_params,(const OSSL_CORE_HANDLE *prov))
+# define OSSL_FUNC_CORE_GET_PARAMS 2
+OSSL_CORE_MAKE_FUNC(int,core_get_params,(const OSSL_CORE_HANDLE *prov,
+ OSSL_PARAM params[]))
+# define OSSL_FUNC_CORE_THREAD_START 3
+OSSL_CORE_MAKE_FUNC(int,core_thread_start,(const OSSL_CORE_HANDLE *prov,
+ OSSL_thread_stop_handler_fn handfn))
+# define OSSL_FUNC_CORE_GET_LIBRARY_CONTEXT 4
+OSSL_CORE_MAKE_FUNC(OPENSSL_CORE_CTX *,core_get_library_context,
+ (const OSSL_CORE_HANDLE *prov))
+# define OSSL_FUNC_CORE_NEW_ERROR 5
+OSSL_CORE_MAKE_FUNC(void,core_new_error,(const OSSL_CORE_HANDLE *prov))
+# define OSSL_FUNC_CORE_SET_ERROR_DEBUG 6
+OSSL_CORE_MAKE_FUNC(void,core_set_error_debug,
+ (const OSSL_CORE_HANDLE *prov,
+ const char *file, int line, const char *func))
+# define OSSL_FUNC_CORE_VSET_ERROR 7
+OSSL_CORE_MAKE_FUNC(void,core_vset_error,
+ (const OSSL_CORE_HANDLE *prov,
+ uint32_t reason, const char *fmt, va_list args))
+# define OSSL_FUNC_CORE_SET_ERROR_MARK 8
+OSSL_CORE_MAKE_FUNC(int, core_set_error_mark, (const OSSL_CORE_HANDLE *prov))
+# define OSSL_FUNC_CORE_CLEAR_LAST_ERROR_MARK 9
+OSSL_CORE_MAKE_FUNC(int, core_clear_last_error_mark,
+ (const OSSL_CORE_HANDLE *prov))
+# define OSSL_FUNC_CORE_POP_ERROR_TO_MARK 10
+OSSL_CORE_MAKE_FUNC(int, core_pop_error_to_mark, (const OSSL_CORE_HANDLE *prov))
+
+/* Memory allocation, freeing, clearing. */
+#define OSSL_FUNC_CRYPTO_MALLOC 20
+OSSL_CORE_MAKE_FUNC(void *,
+ CRYPTO_malloc, (size_t num, const char *file, int line))
+#define OSSL_FUNC_CRYPTO_ZALLOC 21
+OSSL_CORE_MAKE_FUNC(void *,
+ CRYPTO_zalloc, (size_t num, const char *file, int line))
+#define OSSL_FUNC_CRYPTO_FREE 22
+OSSL_CORE_MAKE_FUNC(void,
+ CRYPTO_free, (void *ptr, const char *file, int line))
+#define OSSL_FUNC_CRYPTO_CLEAR_FREE 23
+OSSL_CORE_MAKE_FUNC(void,
+ CRYPTO_clear_free, (void *ptr, size_t num, const char *file, int line))
+#define OSSL_FUNC_CRYPTO_REALLOC 24
+OSSL_CORE_MAKE_FUNC(void *,
+ CRYPTO_realloc, (void *addr, size_t num, const char *file, int line))
+#define OSSL_FUNC_CRYPTO_CLEAR_REALLOC 25
+OSSL_CORE_MAKE_FUNC(void *,
+ CRYPTO_clear_realloc, (void *addr, size_t old_num, size_t num,
+ const char *file, int line))
+#define OSSL_FUNC_CRYPTO_SECURE_MALLOC 26
+OSSL_CORE_MAKE_FUNC(void *,
+ CRYPTO_secure_malloc, (size_t num, const char *file, int line))
+#define OSSL_FUNC_CRYPTO_SECURE_ZALLOC 27
+OSSL_CORE_MAKE_FUNC(void *,
+ CRYPTO_secure_zalloc, (size_t num, const char *file, int line))
+#define OSSL_FUNC_CRYPTO_SECURE_FREE 28
+OSSL_CORE_MAKE_FUNC(void,
+ CRYPTO_secure_free, (void *ptr, const char *file, int line))
+#define OSSL_FUNC_CRYPTO_SECURE_CLEAR_FREE 29
+OSSL_CORE_MAKE_FUNC(void,
+ CRYPTO_secure_clear_free, (void *ptr, size_t num, const char *file,
+ int line))
+#define OSSL_FUNC_CRYPTO_SECURE_ALLOCATED 30
+OSSL_CORE_MAKE_FUNC(int,
+ CRYPTO_secure_allocated, (const void *ptr))
+#define OSSL_FUNC_OPENSSL_CLEANSE 31
+OSSL_CORE_MAKE_FUNC(void,
+ OPENSSL_cleanse, (void *ptr, size_t len))
+
+/* Bio functions provided by the core */
+#define OSSL_FUNC_BIO_NEW_FILE 40
+#define OSSL_FUNC_BIO_NEW_MEMBUF 41
+#define OSSL_FUNC_BIO_READ_EX 42
+#define OSSL_FUNC_BIO_WRITE_EX 43
+#define OSSL_FUNC_BIO_FREE 44
+#define OSSL_FUNC_BIO_VPRINTF 45
+#define OSSL_FUNC_BIO_VSNPRINTF 46
+
+OSSL_CORE_MAKE_FUNC(OSSL_CORE_BIO *, BIO_new_file, (const char *filename,
+ const char *mode))
+OSSL_CORE_MAKE_FUNC(OSSL_CORE_BIO *, BIO_new_membuf, (const void *buf, int len))
+OSSL_CORE_MAKE_FUNC(int, BIO_read_ex, (OSSL_CORE_BIO *bio, void *data,
+ size_t data_len, size_t *bytes_read))
+OSSL_CORE_MAKE_FUNC(int, BIO_write_ex, (OSSL_CORE_BIO *bio, const void *data,
+ size_t data_len, size_t *written))
+OSSL_CORE_MAKE_FUNC(int, BIO_free, (OSSL_CORE_BIO *bio))
+OSSL_CORE_MAKE_FUNC(int, BIO_vprintf, (OSSL_CORE_BIO *bio, const char *format,
+ va_list args))
+OSSL_CORE_MAKE_FUNC(int, BIO_vsnprintf,
+ (char *buf, size_t n, const char *fmt, va_list args))
+
+#define OSSL_FUNC_SELF_TEST_CB 100
+OSSL_CORE_MAKE_FUNC(void, self_test_cb, (OPENSSL_CORE_CTX *ctx, OSSL_CALLBACK **cb,
+ void **cbarg))
+
+/* Functions provided by the provider to the Core, reserved numbers 1024-1535 */
+# define OSSL_FUNC_PROVIDER_TEARDOWN 1024
+OSSL_CORE_MAKE_FUNC(void,provider_teardown,(void *provctx))
+# define OSSL_FUNC_PROVIDER_GETTABLE_PARAMS 1025
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *,
+ provider_gettable_params,(void *provctx))
+# define OSSL_FUNC_PROVIDER_GET_PARAMS 1026
+OSSL_CORE_MAKE_FUNC(int,provider_get_params,(void *provctx,
+ OSSL_PARAM params[]))
+# define OSSL_FUNC_PROVIDER_QUERY_OPERATION 1027
+OSSL_CORE_MAKE_FUNC(const OSSL_ALGORITHM *,provider_query_operation,
+ (void *provctx, int operation_id, int *no_store))
+# define OSSL_FUNC_PROVIDER_GET_REASON_STRINGS 1028
+OSSL_CORE_MAKE_FUNC(const OSSL_ITEM *,provider_get_reason_strings,
+ (void *provctx))
+# define OSSL_FUNC_PROVIDER_GET_CAPABILITIES 1029
+OSSL_CORE_MAKE_FUNC(int, provider_get_capabilities, (void *provctx,
+ const char *capability, OSSL_CALLBACK *cb, void *arg))
+
+/* Operations */
+
+# define OSSL_OP_DIGEST 1
+# define OSSL_OP_CIPHER 2 /* Symmetric Ciphers */
+# define OSSL_OP_MAC 3
+# define OSSL_OP_KDF 4
+# define OSSL_OP_RAND 5
+# define OSSL_OP_KEYMGMT 10
+# define OSSL_OP_KEYEXCH 11
+# define OSSL_OP_SIGNATURE 12
+# define OSSL_OP_ASYM_CIPHER 13
+/* New section for non-EVP operations */
+# define OSSL_OP_SERIALIZER 20
+/* Highest known operation number */
+# define OSSL_OP__HIGHEST 20
+
+/* Digests */
+
+# define OSSL_FUNC_DIGEST_NEWCTX 1
+# define OSSL_FUNC_DIGEST_INIT 2
+# define OSSL_FUNC_DIGEST_UPDATE 3
+# define OSSL_FUNC_DIGEST_FINAL 4
+# define OSSL_FUNC_DIGEST_DIGEST 5
+# define OSSL_FUNC_DIGEST_FREECTX 6
+# define OSSL_FUNC_DIGEST_DUPCTX 7
+# define OSSL_FUNC_DIGEST_GET_PARAMS 8
+# define OSSL_FUNC_DIGEST_SET_CTX_PARAMS 9
+# define OSSL_FUNC_DIGEST_GET_CTX_PARAMS 10
+# define OSSL_FUNC_DIGEST_GETTABLE_PARAMS 11
+# define OSSL_FUNC_DIGEST_SETTABLE_CTX_PARAMS 12
+# define OSSL_FUNC_DIGEST_GETTABLE_CTX_PARAMS 13
+
+OSSL_CORE_MAKE_FUNC(void *, digest_newctx, (void *provctx))
+OSSL_CORE_MAKE_FUNC(int, digest_init, (void *dctx))
+OSSL_CORE_MAKE_FUNC(int, digest_update,
+ (void *dctx, const unsigned char *in, size_t inl))
+OSSL_CORE_MAKE_FUNC(int, digest_final,
+ (void *dctx,
+ unsigned char *out, size_t *outl, size_t outsz))
+OSSL_CORE_MAKE_FUNC(int, digest_digest,
+ (void *provctx, const unsigned char *in, size_t inl,
+ unsigned char *out, size_t *outl, size_t outsz))
+
+OSSL_CORE_MAKE_FUNC(void, digest_freectx, (void *dctx))
+OSSL_CORE_MAKE_FUNC(void *, digest_dupctx, (void *dctx))
+
+OSSL_CORE_MAKE_FUNC(int, digest_get_params, (OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(int, digest_set_ctx_params,
+ (void *vctx, const OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(int, digest_get_ctx_params,
+ (void *vctx, OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, digest_gettable_params, (void))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, digest_settable_ctx_params, (void))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, digest_gettable_ctx_params, (void))
+
+/* Symmetric Ciphers */
+
+# define OSSL_FUNC_CIPHER_NEWCTX 1
+# define OSSL_FUNC_CIPHER_ENCRYPT_INIT 2
+# define OSSL_FUNC_CIPHER_DECRYPT_INIT 3
+# define OSSL_FUNC_CIPHER_UPDATE 4
+# define OSSL_FUNC_CIPHER_FINAL 5
+# define OSSL_FUNC_CIPHER_CIPHER 6
+# define OSSL_FUNC_CIPHER_FREECTX 7
+# define OSSL_FUNC_CIPHER_DUPCTX 8
+# define OSSL_FUNC_CIPHER_GET_PARAMS 9
+# define OSSL_FUNC_CIPHER_GET_CTX_PARAMS 10
+# define OSSL_FUNC_CIPHER_SET_CTX_PARAMS 11
+# define OSSL_FUNC_CIPHER_GETTABLE_PARAMS 12
+# define OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS 13
+# define OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS 14
+
+OSSL_CORE_MAKE_FUNC(void *, cipher_newctx, (void *provctx))
+OSSL_CORE_MAKE_FUNC(int, cipher_encrypt_init, (void *cctx,
+ const unsigned char *key,
+ size_t keylen,
+ const unsigned char *iv,
+ size_t ivlen))
+OSSL_CORE_MAKE_FUNC(int, cipher_decrypt_init, (void *cctx,
+ const unsigned char *key,
+ size_t keylen,
+ const unsigned char *iv,
+ size_t ivlen))
+OSSL_CORE_MAKE_FUNC(int, cipher_update,
+ (void *cctx,
+ unsigned char *out, size_t *outl, size_t outsize,
+ const unsigned char *in, size_t inl))
+OSSL_CORE_MAKE_FUNC(int, cipher_final,
+ (void *cctx,
+ unsigned char *out, size_t *outl, size_t outsize))
+OSSL_CORE_MAKE_FUNC(int, cipher_cipher,
+ (void *cctx,
+ unsigned char *out, size_t *outl, size_t outsize,
+ const unsigned char *in, size_t inl))
+OSSL_CORE_MAKE_FUNC(void, cipher_freectx, (void *cctx))
+OSSL_CORE_MAKE_FUNC(void *, cipher_dupctx, (void *cctx))
+OSSL_CORE_MAKE_FUNC(int, cipher_get_params, (OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(int, cipher_get_ctx_params, (void *cctx,
+ OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(int, cipher_set_ctx_params, (void *cctx,
+ const OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, cipher_gettable_params, (void))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, cipher_settable_ctx_params, (void))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, cipher_gettable_ctx_params, (void))
+
+/* MACs */
+
+# define OSSL_FUNC_MAC_NEWCTX 1
+# define OSSL_FUNC_MAC_DUPCTX 2
+# define OSSL_FUNC_MAC_FREECTX 3
+# define OSSL_FUNC_MAC_INIT 4
+# define OSSL_FUNC_MAC_UPDATE 5
+# define OSSL_FUNC_MAC_FINAL 6
+# define OSSL_FUNC_MAC_GET_PARAMS 7
+# define OSSL_FUNC_MAC_GET_CTX_PARAMS 8
+# define OSSL_FUNC_MAC_SET_CTX_PARAMS 9
+# define OSSL_FUNC_MAC_GETTABLE_PARAMS 10
+# define OSSL_FUNC_MAC_GETTABLE_CTX_PARAMS 11
+# define OSSL_FUNC_MAC_SETTABLE_CTX_PARAMS 12
+
+OSSL_CORE_MAKE_FUNC(void *, mac_newctx, (void *provctx))
+OSSL_CORE_MAKE_FUNC(void *, mac_dupctx, (void *src))
+OSSL_CORE_MAKE_FUNC(void, mac_freectx, (void *mctx))
+OSSL_CORE_MAKE_FUNC(size_t, mac_size, (void *mctx))
+OSSL_CORE_MAKE_FUNC(int, mac_init, (void *mctx))
+OSSL_CORE_MAKE_FUNC(int, mac_update,
+ (void *mctx, const unsigned char *in, size_t inl))
+OSSL_CORE_MAKE_FUNC(int, mac_final,
+ (void *mctx,
+ unsigned char *out, size_t *outl, size_t outsize))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, mac_gettable_params, (void))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, mac_gettable_ctx_params, (void))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, mac_settable_ctx_params, (void))
+OSSL_CORE_MAKE_FUNC(int, mac_get_params, (OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(int, mac_get_ctx_params,
+ (void *mctx, OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(int, mac_set_ctx_params,
+ (void *mctx, const OSSL_PARAM params[]))
+
+/* KDFs and PRFs */
+
+# define OSSL_FUNC_KDF_NEWCTX 1
+# define OSSL_FUNC_KDF_DUPCTX 2
+# define OSSL_FUNC_KDF_FREECTX 3
+# define OSSL_FUNC_KDF_RESET 4
+# define OSSL_FUNC_KDF_DERIVE 5
+# define OSSL_FUNC_KDF_GETTABLE_PARAMS 6
+# define OSSL_FUNC_KDF_GETTABLE_CTX_PARAMS 7
+# define OSSL_FUNC_KDF_SETTABLE_CTX_PARAMS 8
+# define OSSL_FUNC_KDF_GET_PARAMS 9
+# define OSSL_FUNC_KDF_GET_CTX_PARAMS 10
+# define OSSL_FUNC_KDF_SET_CTX_PARAMS 11
+
+OSSL_CORE_MAKE_FUNC(void *, kdf_newctx, (void *provctx))
+OSSL_CORE_MAKE_FUNC(void *, kdf_dupctx, (void *src))
+OSSL_CORE_MAKE_FUNC(void, kdf_freectx, (void *kctx))
+OSSL_CORE_MAKE_FUNC(void, kdf_reset, (void *kctx))
+OSSL_CORE_MAKE_FUNC(int, kdf_derive, (void *kctx, unsigned char *key,
+ size_t keylen))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, kdf_gettable_params, (void))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, kdf_gettable_ctx_params, (void))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, kdf_settable_ctx_params, (void))
+OSSL_CORE_MAKE_FUNC(int, kdf_get_params, (OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(int, kdf_get_ctx_params,
+ (void *kctx, OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(int, kdf_set_ctx_params,
+ (void *kctx, const OSSL_PARAM params[]))
+
+/* RAND */
+
+# define OSSL_FUNC_RAND_NEWCTX 1
+# define OSSL_FUNC_RAND_FREECTX 2
+# define OSSL_FUNC_RAND_INSTANTIATE 3
+# define OSSL_FUNC_RAND_UNINSTANTIATE 4
+# define OSSL_FUNC_RAND_GENERATE 5
+# define OSSL_FUNC_RAND_RESEED 6
+# define OSSL_FUNC_RAND_NONCE 7
+# define OSSL_FUNC_RAND_ENABLE_LOCKING 8
+# define OSSL_FUNC_RAND_LOCK 9
+# define OSSL_FUNC_RAND_UNLOCK 10
+# define OSSL_FUNC_RAND_GETTABLE_PARAMS 11
+# define OSSL_FUNC_RAND_GETTABLE_CTX_PARAMS 12
+# define OSSL_FUNC_RAND_SETTABLE_CTX_PARAMS 13
+# define OSSL_FUNC_RAND_GET_PARAMS 14
+# define OSSL_FUNC_RAND_GET_CTX_PARAMS 15
+# define OSSL_FUNC_RAND_SET_CTX_PARAMS 16
+# define OSSL_FUNC_RAND_SET_CALLBACKS 17
+# define OSSL_FUNC_RAND_VERIFY_ZEROIZATION 18
+
+OSSL_CORE_MAKE_FUNC(void *,rand_newctx,
+ (void *provctx, void *parent,
+ const OSSL_DISPATCH *parent_calls))
+OSSL_CORE_MAKE_FUNC(void,rand_freectx, (void *vctx))
+OSSL_CORE_MAKE_FUNC(int,rand_instantiate,
+ (void *vdrbg, unsigned int strength,
+ int prediction_resistance,
+ const unsigned char *pstr, size_t pstr_len))
+OSSL_CORE_MAKE_FUNC(int,rand_uninstantiate, (void *vdrbg))
+OSSL_CORE_MAKE_FUNC(int,rand_generate,
+ (void *vctx, unsigned char *out, size_t outlen,
+ unsigned int strength, int prediction_resistance,
+ const unsigned char *addin, size_t addin_len))
+OSSL_CORE_MAKE_FUNC(int,rand_reseed,
+ (void *vctx, int prediction_resistance,
+ const unsigned char *ent, size_t ent_len,
+ const unsigned char *addin, size_t addin_len))
+OSSL_CORE_MAKE_FUNC(size_t,rand_nonce,
+ (void *vctx, unsigned char *out, unsigned int strength,
+ size_t min_noncelen, size_t max_noncelen))
+OSSL_CORE_MAKE_FUNC(int,rand_enable_locking, (void *vctx))
+OSSL_CORE_MAKE_FUNC(int,rand_lock, (void *vctx))
+OSSL_CORE_MAKE_FUNC(void,rand_unlock, (void *vctx))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *,rand_gettable_params, (void))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *,rand_gettable_ctx_params, (void))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *,rand_settable_ctx_params, (void))
+OSSL_CORE_MAKE_FUNC(int,rand_get_params, (OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(int,rand_get_ctx_params,
+ (void *vctx, OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(int,rand_set_ctx_params,
+ (void *vctx, const OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(void,rand_set_callbacks,
+ (void *vctx, OSSL_INOUT_CALLBACK *get_entropy,
+ OSSL_CALLBACK *cleanup_entropy,
+ OSSL_INOUT_CALLBACK *get_nonce,
+ OSSL_CALLBACK *cleanup_nonce, void *arg))
+OSSL_CORE_MAKE_FUNC(int,rand_verify_zeroization,
+ (void *vctx))
+
+/*-
+ * Key management
+ *
+ * The Key Management takes care of provider side key objects, and includes
+ * all current functionality to create them, destroy them, set parameters
+ * and key material, etc, essentially everything that manipulates the keys
+ * themselves and their parameters.
+ *
+ * The key objects are commonly refered to as |keydata|, and it MUST be able
+ * to contain parameters if the key has any, the public key and the private
+ * key. All parts are optional, but their presence determines what can be
+ * done with the key object in terms of encryption, signature, and so on.
+ * The assumption from libcrypto is that the key object contains any of the
+ * following data combinations:
+ *
+ * - parameters only
+ * - public key only
+ * - public key + private key
+ * - parameters + public key
+ * - parameters + public key + private key
+ *
+ * What "parameters", "public key" and "private key" means in detail is left
+ * to the implementation. In the case of DH and DSA, they would typically
+ * include domain parameters, while for certain variants of RSA, they would
+ * typically include PSS or OAEP parameters.
+ *
+ * Key objects are created with OSSL_FUNC_keymgmt_new() and destroyed with
+ * OSSL_FUNC_keymgmt_free(). Key objects can have data filled in with
+ * OSSL_FUNC_keymgmt_import().
+ *
+ * Three functions are made available to check what selection of data is
+ * present in a key object: OSSL_FUNC_keymgmt_has_parameters(),
+ * OSSL_FUNC_keymgmt_has_public_key(), and OSSL_FUNC_keymgmt_has_private_key(),
+ */
+
+/* Key data subset selection - individual bits */
+# define OSSL_KEYMGMT_SELECT_PRIVATE_KEY 0x01
+# define OSSL_KEYMGMT_SELECT_PUBLIC_KEY 0x02
+# define OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS 0x04
+# define OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS 0x80
+
+/* Key data subset selection - combinations */
+# define OSSL_KEYMGMT_SELECT_ALL_PARAMETERS \
+ ( OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS \
+ | OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS)
+# define OSSL_KEYMGMT_SELECT_KEYPAIR \
+ ( OSSL_KEYMGMT_SELECT_PRIVATE_KEY | OSSL_KEYMGMT_SELECT_PUBLIC_KEY )
+# define OSSL_KEYMGMT_SELECT_ALL \
+ ( OSSL_KEYMGMT_SELECT_KEYPAIR | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS )
+
+/* Basic key object creation */
+# define OSSL_FUNC_KEYMGMT_NEW 1
+OSSL_CORE_MAKE_FUNC(void *, keymgmt_new, (void *provctx))
+
+/* Generation, a more complex constructor */
+# define OSSL_FUNC_KEYMGMT_GEN_INIT 2
+# define OSSL_FUNC_KEYMGMT_GEN_SET_TEMPLATE 3
+# define OSSL_FUNC_KEYMGMT_GEN_SET_PARAMS 4
+# define OSSL_FUNC_KEYMGMT_GEN_SETTABLE_PARAMS 5
+# define OSSL_FUNC_KEYMGMT_GEN 6
+# define OSSL_FUNC_KEYMGMT_GEN_CLEANUP 7
+OSSL_CORE_MAKE_FUNC(void *, keymgmt_gen_init,
+ (void *provctx, int selection))
+OSSL_CORE_MAKE_FUNC(int, keymgmt_gen_set_template,
+ (void *genctx, void *templ))
+OSSL_CORE_MAKE_FUNC(int, keymgmt_gen_set_params,
+ (void *genctx, const OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *,
+ keymgmt_gen_settable_params, (void *provctx))
+OSSL_CORE_MAKE_FUNC(int, keymgmt_gen_get_params,
+ (void *genctx, OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *,
+ keymgmt_gen_gettable_params, (void *provctx))
+OSSL_CORE_MAKE_FUNC(void *, keymgmt_gen,
+ (void *genctx, OSSL_CALLBACK *cb, void *cbarg))
+OSSL_CORE_MAKE_FUNC(void, keymgmt_gen_cleanup, (void *genctx))
+
+/* Basic key object destruction */
+# define OSSL_FUNC_KEYMGMT_FREE 10
+OSSL_CORE_MAKE_FUNC(void, keymgmt_free, (void *keydata))
+
+/* Key object information, with discovery */
+#define OSSL_FUNC_KEYMGMT_GET_PARAMS 11
+#define OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS 12
+OSSL_CORE_MAKE_FUNC(int, keymgmt_get_params,
+ (void *keydata, OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, keymgmt_gettable_params, (void))
+
+#define OSSL_FUNC_KEYMGMT_SET_PARAMS 13
+#define OSSL_FUNC_KEYMGMT_SETTABLE_PARAMS 14
+OSSL_CORE_MAKE_FUNC(int, keymgmt_set_params,
+ (void *keydata, const OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, keymgmt_settable_params, (void))
+
+/* Key checks - discovery of supported operations */
+# define OSSL_FUNC_KEYMGMT_QUERY_OPERATION_NAME 20
+OSSL_CORE_MAKE_FUNC(const char *, keymgmt_query_operation_name,
+ (int operation_id))
+
+/* Key checks - key data content checks */
+# define OSSL_FUNC_KEYMGMT_HAS 21
+OSSL_CORE_MAKE_FUNC(int, keymgmt_has, (void *keydata, int selection))
+
+/* Key checks - validation */
+# define OSSL_FUNC_KEYMGMT_VALIDATE 22
+OSSL_CORE_MAKE_FUNC(int, keymgmt_validate, (void *keydata, int selection))
+
+/* Key checks - matching */
+# define OSSL_FUNC_KEYMGMT_MATCH 23
+OSSL_CORE_MAKE_FUNC(int, keymgmt_match,
+ (const void *keydata1, const void *keydata2,
+ int selection))
+
+/* Import and export functions, with discovery */
+# define OSSL_FUNC_KEYMGMT_IMPORT 40
+# define OSSL_FUNC_KEYMGMT_IMPORT_TYPES 41
+# define OSSL_FUNC_KEYMGMT_EXPORT 42
+# define OSSL_FUNC_KEYMGMT_EXPORT_TYPES 43
+OSSL_CORE_MAKE_FUNC(int, keymgmt_import,
+ (void *keydata, int selection, const OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, keymgmt_import_types,
+ (int selection))
+OSSL_CORE_MAKE_FUNC(int, keymgmt_export,
+ (void *keydata, int selection,
+ OSSL_CALLBACK *param_cb, void *cbarg))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, keymgmt_export_types,
+ (int selection))
+
+/* Copy function, only works for matching keymgmt */
+# define OSSL_FUNC_KEYMGMT_COPY 44
+OSSL_CORE_MAKE_FUNC(int, keymgmt_copy,
+ ( void *keydata_to, const void *keydata_from,
+ int selection))
+
+/* Key Exchange */
+
+# define OSSL_FUNC_KEYEXCH_NEWCTX 1
+# define OSSL_FUNC_KEYEXCH_INIT 2
+# define OSSL_FUNC_KEYEXCH_DERIVE 3
+# define OSSL_FUNC_KEYEXCH_SET_PEER 4
+# define OSSL_FUNC_KEYEXCH_FREECTX 5
+# define OSSL_FUNC_KEYEXCH_DUPCTX 6
+# define OSSL_FUNC_KEYEXCH_SET_CTX_PARAMS 7
+# define OSSL_FUNC_KEYEXCH_SETTABLE_CTX_PARAMS 8
+# define OSSL_FUNC_KEYEXCH_GET_CTX_PARAMS 9
+# define OSSL_FUNC_KEYEXCH_GETTABLE_CTX_PARAMS 10
+
+OSSL_CORE_MAKE_FUNC(void *, keyexch_newctx, (void *provctx))
+OSSL_CORE_MAKE_FUNC(int, keyexch_init, (void *ctx, void *provkey))
+OSSL_CORE_MAKE_FUNC(int, keyexch_derive, (void *ctx, unsigned char *secret,
+ size_t *secretlen, size_t outlen))
+OSSL_CORE_MAKE_FUNC(int, keyexch_set_peer, (void *ctx, void *provkey))
+OSSL_CORE_MAKE_FUNC(void, keyexch_freectx, (void *ctx))
+OSSL_CORE_MAKE_FUNC(void *, keyexch_dupctx, (void *ctx))
+OSSL_CORE_MAKE_FUNC(int, keyexch_set_ctx_params, (void *ctx,
+ const OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, keyexch_settable_ctx_params,
+ (void))
+OSSL_CORE_MAKE_FUNC(int, keyexch_get_ctx_params, (void *ctx,
+ OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, keyexch_gettable_ctx_params,
+ (void))
+
+/* Signature */
+
+# define OSSL_FUNC_SIGNATURE_NEWCTX 1
+# define OSSL_FUNC_SIGNATURE_SIGN_INIT 2
+# define OSSL_FUNC_SIGNATURE_SIGN 3
+# define OSSL_FUNC_SIGNATURE_VERIFY_INIT 4
+# define OSSL_FUNC_SIGNATURE_VERIFY 5
+# define OSSL_FUNC_SIGNATURE_VERIFY_RECOVER_INIT 6
+# define OSSL_FUNC_SIGNATURE_VERIFY_RECOVER 7
+# define OSSL_FUNC_SIGNATURE_DIGEST_SIGN_INIT 8
+# define OSSL_FUNC_SIGNATURE_DIGEST_SIGN_UPDATE 9
+# define OSSL_FUNC_SIGNATURE_DIGEST_SIGN_FINAL 10
+# define OSSL_FUNC_SIGNATURE_DIGEST_SIGN 11
+# define OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_INIT 12
+# define OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_UPDATE 13
+# define OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_FINAL 14
+# define OSSL_FUNC_SIGNATURE_DIGEST_VERIFY 15
+# define OSSL_FUNC_SIGNATURE_FREECTX 16
+# define OSSL_FUNC_SIGNATURE_DUPCTX 17
+# define OSSL_FUNC_SIGNATURE_GET_CTX_PARAMS 18
+# define OSSL_FUNC_SIGNATURE_GETTABLE_CTX_PARAMS 19
+# define OSSL_FUNC_SIGNATURE_SET_CTX_PARAMS 20
+# define OSSL_FUNC_SIGNATURE_SETTABLE_CTX_PARAMS 21
+# define OSSL_FUNC_SIGNATURE_GET_CTX_MD_PARAMS 22
+# define OSSL_FUNC_SIGNATURE_GETTABLE_CTX_MD_PARAMS 23
+# define OSSL_FUNC_SIGNATURE_SET_CTX_MD_PARAMS 24
+# define OSSL_FUNC_SIGNATURE_SETTABLE_CTX_MD_PARAMS 25
+
+OSSL_CORE_MAKE_FUNC(void *, signature_newctx, (void *provctx,
+ const char *propq))
+OSSL_CORE_MAKE_FUNC(int, signature_sign_init, (void *ctx, void *provkey))
+OSSL_CORE_MAKE_FUNC(int, signature_sign, (void *ctx, unsigned char *sig,
+ size_t *siglen, size_t sigsize,
+ const unsigned char *tbs,
+ size_t tbslen))
+OSSL_CORE_MAKE_FUNC(int, signature_verify_init, (void *ctx, void *provkey))
+OSSL_CORE_MAKE_FUNC(int, signature_verify, (void *ctx,
+ const unsigned char *sig,
+ size_t siglen,
+ const unsigned char *tbs,
+ size_t tbslen))
+OSSL_CORE_MAKE_FUNC(int, signature_verify_recover_init, (void *ctx,
+ void *provkey))
+OSSL_CORE_MAKE_FUNC(int, signature_verify_recover, (void *ctx,
+ unsigned char *rout,
+ size_t *routlen,
+ size_t routsize,
+ const unsigned char *sig,
+ size_t siglen))
+OSSL_CORE_MAKE_FUNC(int, signature_digest_sign_init,
+ (void *ctx, const char *mdname, void *provkey))
+OSSL_CORE_MAKE_FUNC(int, signature_digest_sign_update,
+ (void *ctx, const unsigned char *data, size_t datalen))
+OSSL_CORE_MAKE_FUNC(int, signature_digest_sign_final,
+ (void *ctx, unsigned char *sig, size_t *siglen,
+ size_t sigsize))
+OSSL_CORE_MAKE_FUNC(int, signature_digest_sign,
+ (void *ctx, unsigned char *sigret, size_t *siglen,
+ size_t sigsize, const unsigned char *tbs, size_t tbslen))
+OSSL_CORE_MAKE_FUNC(int, signature_digest_verify_init,
+ (void *ctx, const char *mdname, void *provkey))
+OSSL_CORE_MAKE_FUNC(int, signature_digest_verify_update,
+ (void *ctx, const unsigned char *data, size_t datalen))
+OSSL_CORE_MAKE_FUNC(int, signature_digest_verify_final,
+ (void *ctx, const unsigned char *sig, size_t siglen))
+OSSL_CORE_MAKE_FUNC(int, signature_digest_verify,
+ (void *ctx, const unsigned char *sig, size_t siglen,
+ const unsigned char *tbs, size_t tbslen))
+OSSL_CORE_MAKE_FUNC(void, signature_freectx, (void *ctx))
+OSSL_CORE_MAKE_FUNC(void *, signature_dupctx, (void *ctx))
+OSSL_CORE_MAKE_FUNC(int, signature_get_ctx_params,
+ (void *ctx, OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, signature_gettable_ctx_params,
+ (void))
+OSSL_CORE_MAKE_FUNC(int, signature_set_ctx_params,
+ (void *ctx, const OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, signature_settable_ctx_params,
+ (void))
+OSSL_CORE_MAKE_FUNC(int, signature_get_ctx_md_params,
+ (void *ctx, OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, signature_gettable_ctx_md_params,
+ (void *ctx))
+OSSL_CORE_MAKE_FUNC(int, signature_set_ctx_md_params,
+ (void *ctx, const OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, signature_settable_ctx_md_params,
+ (void *ctx))
+
+
+/* Asymmetric Ciphers */
+
+# define OSSL_FUNC_ASYM_CIPHER_NEWCTX 1
+# define OSSL_FUNC_ASYM_CIPHER_ENCRYPT_INIT 2
+# define OSSL_FUNC_ASYM_CIPHER_ENCRYPT 3
+# define OSSL_FUNC_ASYM_CIPHER_DECRYPT_INIT 4
+# define OSSL_FUNC_ASYM_CIPHER_DECRYPT 5
+# define OSSL_FUNC_ASYM_CIPHER_FREECTX 6
+# define OSSL_FUNC_ASYM_CIPHER_DUPCTX 7
+# define OSSL_FUNC_ASYM_CIPHER_GET_CTX_PARAMS 8
+# define OSSL_FUNC_ASYM_CIPHER_GETTABLE_CTX_PARAMS 9
+# define OSSL_FUNC_ASYM_CIPHER_SET_CTX_PARAMS 10
+# define OSSL_FUNC_ASYM_CIPHER_SETTABLE_CTX_PARAMS 11
+
+OSSL_CORE_MAKE_FUNC(void *, asym_cipher_newctx, (void *provctx))
+OSSL_CORE_MAKE_FUNC(int, asym_cipher_encrypt_init, (void *ctx, void *provkey))
+OSSL_CORE_MAKE_FUNC(int, asym_cipher_encrypt, (void *ctx, unsigned char *out,
+ size_t *outlen,
+ size_t outsize,
+ const unsigned char *in,
+ size_t inlen))
+OSSL_CORE_MAKE_FUNC(int, asym_cipher_decrypt_init, (void *ctx, void *provkey))
+OSSL_CORE_MAKE_FUNC(int, asym_cipher_decrypt, (void *ctx, unsigned char *out,
+ size_t *outlen,
+ size_t outsize,
+ const unsigned char *in,
+ size_t inlen))
+OSSL_CORE_MAKE_FUNC(void, asym_cipher_freectx, (void *ctx))
+OSSL_CORE_MAKE_FUNC(void *, asym_cipher_dupctx, (void *ctx))
+OSSL_CORE_MAKE_FUNC(int, asym_cipher_get_ctx_params,
+ (void *ctx, OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, asym_cipher_gettable_ctx_params,
+ (void))
+OSSL_CORE_MAKE_FUNC(int, asym_cipher_set_ctx_params,
+ (void *ctx, const OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, asym_cipher_settable_ctx_params,
+ (void))
+
+/* Serializers */
+# define OSSL_FUNC_SERIALIZER_NEWCTX 1
+# define OSSL_FUNC_SERIALIZER_FREECTX 2
+# define OSSL_FUNC_SERIALIZER_SET_CTX_PARAMS 3
+# define OSSL_FUNC_SERIALIZER_SETTABLE_CTX_PARAMS 4
+# define OSSL_FUNC_SERIALIZER_SERIALIZE_DATA 10
+# define OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT 11
+OSSL_CORE_MAKE_FUNC(void *, serializer_newctx, (void *provctx))
+OSSL_CORE_MAKE_FUNC(void, serializer_freectx, (void *ctx))
+OSSL_CORE_MAKE_FUNC(int, serializer_set_ctx_params,
+ (void *ctx, const OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, serializer_settable_ctx_params,
+ (void))
+
+OSSL_CORE_MAKE_FUNC(int, serializer_serialize_data,
+ (void *ctx, const OSSL_PARAM[], OSSL_CORE_BIO *out,
+ OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg))
+OSSL_CORE_MAKE_FUNC(int, serializer_serialize_object,
+ (void *ctx, void *obj, OSSL_CORE_BIO *out,
+ OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg))
+
+# ifdef __cplusplus
+}
+# endif
+
+#endif
diff --git a/openssl/include/openssl/core_names.h b/openssl/include/openssl/core_names.h new file mode 100644 index 00000000..965e3154 --- /dev/null +++ b/openssl/include/openssl/core_names.h @@ -0,0 +1,435 @@ +/*
+ * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_CORE_NAMES_H
+# define OPENSSL_CORE_NAMES_H
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+/* Well known parameter names that core passes to providers */
+#define OSSL_PROV_PARAM_CORE_VERSION "openssl-version" /* utf8_ptr */
+#define OSSL_PROV_PARAM_CORE_PROV_NAME "provider-name" /* utf8_ptr */
+#define OSSL_PROV_PARAM_CORE_MODULE_FILENAME "module-filename" /* utf8_ptr */
+
+/* Well known parameter names that Providers can define */
+#define OSSL_PROV_PARAM_NAME "name" /* utf8_string */
+#define OSSL_PROV_PARAM_VERSION "version" /* utf8_string */
+#define OSSL_PROV_PARAM_BUILDINFO "buildinfo" /* utf8_string */
+
+/* Self test callback parameters */
+#define OSSL_PROV_PARAM_SELF_TEST_PHASE "st-phase" /* utf8_string */
+#define OSSL_PROV_PARAM_SELF_TEST_TYPE "st-type" /* utf8_string */
+#define OSSL_PROV_PARAM_SELF_TEST_DESC "st-desc" /* utf8_string */
+
+/*
+ * Algorithm parameters
+ * If "engine" or "properties" are specified, they should always be paired
+ * with the algorithm type.
+ * Note these are common names that are shared by many types (such as kdf, mac,
+ * and pkey) e.g: see OSSL_MAC_PARAM_DIGEST below.
+ */
+#define OSSL_ALG_PARAM_DIGEST "digest" /* utf8_string */
+#define OSSL_ALG_PARAM_CIPHER "cipher" /* utf8_string */
+#define OSSL_ALG_PARAM_MAC "mac" /* utf8_string */
+#define OSSL_ALG_PARAM_PROPERTIES "properties"/* utf8_string */
+
+/* cipher parameters */
+#define OSSL_CIPHER_PARAM_PADDING "padding" /* uint */
+#define OSSL_CIPHER_PARAM_MODE "mode" /* uint */
+#define OSSL_CIPHER_PARAM_BLOCK_SIZE "blocksize" /* size_t */
+#define OSSL_CIPHER_PARAM_FLAGS "flags" /* ulong */
+#define OSSL_CIPHER_PARAM_KEYLEN "keylen" /* size_t */
+#define OSSL_CIPHER_PARAM_IVLEN "ivlen" /* size_t */
+#define OSSL_CIPHER_PARAM_IV "iv" /* octet_string OR octet_ptr */
+#define OSSL_CIPHER_PARAM_NUM "num" /* uint */
+#define OSSL_CIPHER_PARAM_ROUNDS "rounds" /* uint */
+#define OSSL_CIPHER_PARAM_AEAD_TAG "tag" /* octet_string */
+#define OSSL_CIPHER_PARAM_AEAD_TLS1_AAD "tlsaad" /* octet_string */
+#define OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD "tlsaadpad" /* size_t */
+#define OSSL_CIPHER_PARAM_AEAD_TLS1_IV_FIXED "tlsivfixed" /* octet_string */
+#define OSSL_CIPHER_PARAM_AEAD_TLS1_GET_IV_GEN "tlsivgen" /* octet_string */
+#define OSSL_CIPHER_PARAM_AEAD_TLS1_SET_IV_INV "tlsivinv" /* octet_string */
+#define OSSL_CIPHER_PARAM_AEAD_IVLEN OSSL_CIPHER_PARAM_IVLEN
+#define OSSL_CIPHER_PARAM_AEAD_TAGLEN "taglen" /* size_t */
+#define OSSL_CIPHER_PARAM_AEAD_MAC_KEY "mackey" /* octet_string */
+#define OSSL_CIPHER_PARAM_RANDOM_KEY "randkey" /* octet_string */
+#define OSSL_CIPHER_PARAM_RC2_KEYBITS "keybits" /* size_t */
+#define OSSL_CIPHER_PARAM_SPEED "speed" /* uint */
+/* For passing the AlgorithmIdentifier parameter in DER form */
+#define OSSL_CIPHER_PARAM_ALG_ID "alg_id_param" /* octet_string */
+
+#define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_SEND_FRAGMENT \
+ "tls1multi_maxsndfrag" /* uint */
+#define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_BUFSIZE \
+ "tls1multi_maxbufsz" /* size_t */
+#define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE \
+ "tls1multi_interleave" /* uint */
+#define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD \
+ "tls1multi_aad" /* octet_string */
+#define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD_PACKLEN \
+ "tls1multi_aadpacklen" /* uint */
+#define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC \
+ "tls1multi_enc" /* octet_string */
+#define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_IN \
+ "tls1multi_encin" /* octet_string */
+#define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_LEN \
+ "tls1multi_enclen" /* size_t */
+
+/* digest parameters */
+#define OSSL_DIGEST_PARAM_XOFLEN "xoflen" /* size_t */
+#define OSSL_DIGEST_PARAM_SSL3_MS "ssl3-ms" /* octet string */
+#define OSSL_DIGEST_PARAM_PAD_TYPE "pad_type" /* uint */
+#define OSSL_DIGEST_PARAM_MICALG "micalg" /* utf8 string */
+#define OSSL_DIGEST_PARAM_BLOCK_SIZE "blocksize" /* size_t */
+#define OSSL_DIGEST_PARAM_SIZE "size" /* size_t */
+#define OSSL_DIGEST_PARAM_FLAGS "flags" /* ulong */
+
+/* Known DIGEST names (not a complete list) */
+#define OSSL_DIGEST_NAME_MD5 "MD5"
+#define OSSL_DIGEST_NAME_MD5_SHA1 "MD5-SHA1"
+#define OSSL_DIGEST_NAME_SHA1 "SHA1"
+#define OSSL_DIGEST_NAME_SHA2_224 "SHA2-224"
+#define OSSL_DIGEST_NAME_SHA2_256 "SHA2-256"
+#define OSSL_DIGEST_NAME_SHA2_384 "SHA2-384"
+#define OSSL_DIGEST_NAME_SHA2_512 "SHA2-512"
+#define OSSL_DIGEST_NAME_SHA2_512_224 "SHA2-512/224"
+#define OSSL_DIGEST_NAME_SHA2_512_256 "SHA2-512/256"
+#define OSSL_DIGEST_NAME_MD2 "MD2"
+#define OSSL_DIGEST_NAME_MD4 "MD4"
+#define OSSL_DIGEST_NAME_MDC2 "MDC2"
+#define OSSL_DIGEST_NAME_RIPEMD160 "RIPEMD160"
+#define OSSL_DIGEST_NAME_SHA3_224 "SHA3-224"
+#define OSSL_DIGEST_NAME_SHA3_256 "SHA3-256"
+#define OSSL_DIGEST_NAME_SHA3_384 "SHA3-384"
+#define OSSL_DIGEST_NAME_SHA3_512 "SHA3-512"
+#define OSSL_DIGEST_NAME_KECCAK_KMAC128 "KECCAK-KMAC-128"
+#define OSSL_DIGEST_NAME_KECCAK_KMAC256 "KECCAK-KMAC-256"
+
+/* MAC parameters */
+#define OSSL_MAC_PARAM_KEY "key" /* octet string */
+#define OSSL_MAC_PARAM_IV "iv" /* octet string */
+#define OSSL_MAC_PARAM_CUSTOM "custom" /* utf8 string */
+#define OSSL_MAC_PARAM_SALT "salt" /* octet string */
+#define OSSL_MAC_PARAM_XOF "xof" /* int, 0 or 1 */
+#define OSSL_MAC_PARAM_FLAGS "flags" /* int */
+/*
+ * If "engine" or "properties" are specified, they should always be paired
+ * with "cipher" or "digest".
+ */
+#define OSSL_MAC_PARAM_CIPHER OSSL_ALG_PARAM_CIPHER /* utf8 string */
+#define OSSL_MAC_PARAM_DIGEST OSSL_ALG_PARAM_DIGEST /* utf8 string */
+#define OSSL_MAC_PARAM_PROPERTIES OSSL_ALG_PARAM_PROPERTIES /* utf8 string */
+#define OSSL_MAC_PARAM_SIZE "size" /* size_t */
+
+/* Known MAC names */
+#define OSSL_MAC_NAME_BLAKE2BMAC "BLAKE2BMAC"
+#define OSSL_MAC_NAME_BLAKE2SMAC "BLAKE2SMAC"
+#define OSSL_MAC_NAME_CMAC "CMAC"
+#define OSSL_MAC_NAME_GMAC "GMAC"
+#define OSSL_MAC_NAME_HMAC "HMAC"
+#define OSSL_MAC_NAME_KMAC128 "KMAC128"
+#define OSSL_MAC_NAME_KMAC256 "KMAC256"
+#define OSSL_MAC_NAME_POLY1305 "POLY1305"
+#define OSSL_MAC_NAME_SIPHASH "SIPHASH"
+
+/* KDF / PRF parameters */
+#define OSSL_KDF_PARAM_SECRET "secret" /* octet string */
+#define OSSL_KDF_PARAM_KEY "key" /* octet string */
+#define OSSL_KDF_PARAM_SALT "salt" /* octet string */
+#define OSSL_KDF_PARAM_PASSWORD "pass" /* octet string */
+#define OSSL_KDF_PARAM_DIGEST OSSL_ALG_PARAM_DIGEST /* utf8 string */
+#define OSSL_KDF_PARAM_CIPHER OSSL_ALG_PARAM_CIPHER /* utf8 string */
+#define OSSL_KDF_PARAM_MAC OSSL_ALG_PARAM_MAC /* utf8 string */
+#define OSSL_KDF_PARAM_MAC_SIZE "maclen" /* size_t */
+#define OSSL_KDF_PARAM_PROPERTIES OSSL_ALG_PARAM_PROPERTIES /* utf8 string */
+#define OSSL_KDF_PARAM_ITER "iter" /* unsigned int */
+#define OSSL_KDF_PARAM_MODE "mode" /* utf8 string or int */
+#define OSSL_KDF_PARAM_PKCS5 "pkcs5" /* int */
+#define OSSL_KDF_PARAM_UKM "ukm" /* octet string */
+#define OSSL_KDF_PARAM_CEK_ALG "cekalg" /* utf8 string */
+#define OSSL_KDF_PARAM_SCRYPT_N "n" /* uint64_t */
+#define OSSL_KDF_PARAM_SCRYPT_R "r" /* uint32_t */
+#define OSSL_KDF_PARAM_SCRYPT_P "p" /* uint32_t */
+#define OSSL_KDF_PARAM_SCRYPT_MAXMEM "maxmem_bytes" /* uint64_t */
+#define OSSL_KDF_PARAM_INFO "info" /* octet string */
+#define OSSL_KDF_PARAM_SEED "seed" /* octet string */
+#define OSSL_KDF_PARAM_SSHKDF_XCGHASH "xcghash" /* octet string */
+#define OSSL_KDF_PARAM_SSHKDF_SESSION_ID "session_id" /* octet string */
+#define OSSL_KDF_PARAM_SSHKDF_TYPE "type" /* int */
+#define OSSL_KDF_PARAM_SIZE "size" /* size_t */
+#define OSSL_KDF_PARAM_CIPHER OSSL_ALG_PARAM_CIPHER /* utf8 string */
+#define OSSL_KDF_PARAM_CONSTANT "constant" /* octet string */
+
+/* Known KDF names */
+#define OSSL_KDF_NAME_HKDF "HKDF"
+#define OSSL_KDF_NAME_PBKDF2 "PBKDF2"
+#define OSSL_KDF_NAME_SCRYPT "SCRYPT"
+#define OSSL_KDF_NAME_SSHKDF "SSHKDF"
+#define OSSL_KDF_NAME_SSKDF "SSKDF"
+#define OSSL_KDF_NAME_TLS1_PRF "TLS1-PRF"
+#define OSSL_KDF_NAME_X942KDF "X942KDF"
+#define OSSL_KDF_NAME_X963KDF "X963KDF"
+#define OSSL_KDF_NAME_KBKDF "KBKDF"
+#define OSSL_KDF_NAME_KRB5KDF "KRB5KDF"
+
+/* Known RAND names */
+#define OSSL_RAND_PARAM_STATE "state"
+#define OSSL_RAND_PARAM_STRENGTH "strength"
+#define OSSL_RAND_PARAM_TEST_ENTROPY "test_entropy"
+#define OSSL_RAND_PARAM_TEST_NONCE "test_nonce"
+
+/* RAND/DRBG names */
+#define OSSL_DRBG_PARAM_RESEED_REQUESTS "reseed_requests"
+#define OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL "reseed_time_interval"
+#define OSSL_DRBG_PARAM_MAX_REQUEST "max_request"
+#define OSSL_DRBG_PARAM_MIN_ENTROPYLEN "min_entropylen"
+#define OSSL_DRBG_PARAM_MAX_ENTROPYLEN "max_entropylen"
+#define OSSL_DRBG_PARAM_MIN_NONCELEN "min_noncelen"
+#define OSSL_DRBG_PARAM_MAX_NONCELEN "max_noncelen"
+#define OSSL_DRBG_PARAM_MAX_PERSLEN "max_perslen"
+#define OSSL_DRBG_PARAM_MAX_ADINLEN "max_adinlen"
+#define OSSL_DRBG_PARAM_RESEED_CTR "reseed_counter"
+#define OSSL_DRBG_PARAM_RESEED_TIME "reseed_time"
+#define OSSL_DRBG_PARAM_PROPERTIES OSSL_ALG_PARAM_PROPERTIES
+#define OSSL_DRBG_PARAM_DIGEST OSSL_ALG_PARAM_DIGEST
+#define OSSL_DRBG_PARAM_CIPHER OSSL_ALG_PARAM_CIPHER
+#define OSSL_DRBG_PARAM_MAC OSSL_ALG_PARAM_MAC
+#define OSSL_DRBG_PARAM_USE_DF "use_derivation_function"
+
+/* DRBG call back parameters */
+#define OSSL_DRBG_PARAM_ENTROPY_REQUIRED "entropy_required"
+#define OSSL_DRBG_PARAM_PREDICTION_RESISTANCE "prediction_resistance"
+#define OSSL_DRBG_PARAM_MIN_LENGTH "minium_length"
+#define OSSL_DRBG_PARAM_MAX_LENGTH "maxium_length"
+#define OSSL_DRBG_PARAM_RANDOM_DATA "random_data"
+#define OSSL_DRBG_PARAM_SIZE "size"
+
+/* PKEY parameters */
+/* Common PKEY parameters */
+#define OSSL_PKEY_PARAM_BITS "bits" /* integer */
+#define OSSL_PKEY_PARAM_MAX_SIZE "max-size" /* integer */
+#define OSSL_PKEY_PARAM_SECURITY_BITS "security-bits" /* integer */
+#define OSSL_PKEY_PARAM_DIGEST OSSL_ALG_PARAM_DIGEST
+#define OSSL_PKEY_PARAM_PROPERTIES OSSL_ALG_PARAM_PROPERTIES
+#define OSSL_PKEY_PARAM_DEFAULT_DIGEST "default-digest" /* utf8 string */
+#define OSSL_PKEY_PARAM_MANDATORY_DIGEST "mandatory-digest" /* utf8 string */
+#define OSSL_PKEY_PARAM_PAD_MODE "pad-mode"
+#define OSSL_PKEY_PARAM_DIGEST_SIZE "digest-size"
+#define OSSL_PKEY_PARAM_MASKGENFUNC "mgf"
+#define OSSL_PKEY_PARAM_MGF1_DIGEST "mgf1-digest"
+#define OSSL_PKEY_PARAM_MGF1_PROPERTIES "mgf1-properties"
+#define OSSL_PKEY_PARAM_TLS_ENCODED_PT "tls-encoded-pt"
+#define OSSL_PKEY_PARAM_GROUP_NAME "group"
+
+/* Diffie-Hellman/DSA public/private key */
+#define OSSL_PKEY_PARAM_PUB_KEY "pub"
+#define OSSL_PKEY_PARAM_PRIV_KEY "priv"
+
+/* Diffie-Hellman/DSA Parameters */
+#define OSSL_PKEY_PARAM_FFC_P "p"
+#define OSSL_PKEY_PARAM_FFC_G "g"
+#define OSSL_PKEY_PARAM_FFC_Q "q"
+#define OSSL_PKEY_PARAM_FFC_GINDEX "gindex"
+#define OSSL_PKEY_PARAM_FFC_PCOUNTER "pcounter"
+#define OSSL_PKEY_PARAM_FFC_SEED "seed"
+#define OSSL_PKEY_PARAM_FFC_COFACTOR "j"
+#define OSSL_PKEY_PARAM_FFC_H "hindex"
+#define OSSL_PKEY_PARAM_FFC_VALIDATE_TYPE "valid-type"
+
+/* Diffie-Hellman/DSA Parameters parameter validation types */
+#define OSSL_FFC_PARAM_VALIDATE_PQ "validate-pq"
+#define OSSL_FFC_PARAM_VALIDATE_G "validate-g"
+#define OSSL_FFC_PARAM_VALIDATE_PQG "validate-pqg"
+
+/* Diffie-Hellman params */
+#define OSSL_PKEY_PARAM_DH_GENERATOR "safeprime-generator"
+#define OSSL_PKEY_PARAM_DH_PRIV_LEN "priv_len"
+
+/* Elliptic Curve Domain Parameters */
+#define OSSL_PKEY_PARAM_EC_PUB_X "qx"
+#define OSSL_PKEY_PARAM_EC_PUB_Y "qy"
+
+/* Elliptic Curve Key Parameters */
+#define OSSL_PKEY_PARAM_USE_COFACTOR_FLAG "use-cofactor-flag"
+#define OSSL_PKEY_PARAM_USE_COFACTOR_ECDH \
+ OSSL_PKEY_PARAM_USE_COFACTOR_FLAG
+
+/* RSA Keys */
+/*
+ * n, e, d are the usual public and private key components
+ *
+ * rsa-num is the number of factors, including p and q
+ * rsa-factor is used for each factor: p, q, r_i (i = 3, ...)
+ * rsa-exponent is used for each exponent: dP, dQ, d_i (i = 3, ...)
+ * rsa-coefficient is used for each coefficient: qInv, t_i (i = 3, ...)
+ *
+ * The number of rsa-factor items must be equal to the number of rsa-exponent
+ * items, and the number of rsa-coefficients must be one less.
+ * (the base i for the coefficients is 2, not 1, at least as implied by
+ * RFC 8017)
+ */
+#define OSSL_PKEY_PARAM_RSA_N "n"
+#define OSSL_PKEY_PARAM_RSA_E "e"
+#define OSSL_PKEY_PARAM_RSA_D "d"
+#define OSSL_PKEY_PARAM_RSA_FACTOR "rsa-factor"
+#define OSSL_PKEY_PARAM_RSA_EXPONENT "rsa-exponent"
+#define OSSL_PKEY_PARAM_RSA_COEFFICIENT "rsa-coefficient"
+#define OSSL_PKEY_PARAM_RSA_FACTOR1 OSSL_PKEY_PARAM_RSA_FACTOR"1"
+#define OSSL_PKEY_PARAM_RSA_FACTOR2 OSSL_PKEY_PARAM_RSA_FACTOR"2"
+#define OSSL_PKEY_PARAM_RSA_FACTOR3 OSSL_PKEY_PARAM_RSA_FACTOR"3"
+#define OSSL_PKEY_PARAM_RSA_FACTOR4 OSSL_PKEY_PARAM_RSA_FACTOR"4"
+#define OSSL_PKEY_PARAM_RSA_FACTOR5 OSSL_PKEY_PARAM_RSA_FACTOR"5"
+#define OSSL_PKEY_PARAM_RSA_FACTOR6 OSSL_PKEY_PARAM_RSA_FACTOR"6"
+#define OSSL_PKEY_PARAM_RSA_FACTOR7 OSSL_PKEY_PARAM_RSA_FACTOR"7"
+#define OSSL_PKEY_PARAM_RSA_FACTOR8 OSSL_PKEY_PARAM_RSA_FACTOR"8"
+#define OSSL_PKEY_PARAM_RSA_FACTOR9 OSSL_PKEY_PARAM_RSA_FACTOR"9"
+#define OSSL_PKEY_PARAM_RSA_FACTOR10 OSSL_PKEY_PARAM_RSA_FACTOR"10"
+#define OSSL_PKEY_PARAM_RSA_EXPONENT1 OSSL_PKEY_PARAM_RSA_EXPONENT"1"
+#define OSSL_PKEY_PARAM_RSA_EXPONENT2 OSSL_PKEY_PARAM_RSA_EXPONENT"2"
+#define OSSL_PKEY_PARAM_RSA_EXPONENT3 OSSL_PKEY_PARAM_RSA_EXPONENT"3"
+#define OSSL_PKEY_PARAM_RSA_EXPONENT4 OSSL_PKEY_PARAM_RSA_EXPONENT"4"
+#define OSSL_PKEY_PARAM_RSA_EXPONENT5 OSSL_PKEY_PARAM_RSA_EXPONENT"5"
+#define OSSL_PKEY_PARAM_RSA_EXPONENT6 OSSL_PKEY_PARAM_RSA_EXPONENT"6"
+#define OSSL_PKEY_PARAM_RSA_EXPONENT7 OSSL_PKEY_PARAM_RSA_EXPONENT"7"
+#define OSSL_PKEY_PARAM_RSA_EXPONENT8 OSSL_PKEY_PARAM_RSA_EXPONENT"8"
+#define OSSL_PKEY_PARAM_RSA_EXPONENT9 OSSL_PKEY_PARAM_RSA_EXPONENT"9"
+#define OSSL_PKEY_PARAM_RSA_EXPONENT10 OSSL_PKEY_PARAM_RSA_EXPONENT"10"
+#define OSSL_PKEY_PARAM_RSA_COEFFICIENT1 OSSL_PKEY_PARAM_RSA_COEFFICIENT"1"
+#define OSSL_PKEY_PARAM_RSA_COEFFICIENT2 OSSL_PKEY_PARAM_RSA_COEFFICIENT"2"
+#define OSSL_PKEY_PARAM_RSA_COEFFICIENT3 OSSL_PKEY_PARAM_RSA_COEFFICIENT"3"
+#define OSSL_PKEY_PARAM_RSA_COEFFICIENT4 OSSL_PKEY_PARAM_RSA_COEFFICIENT"4"
+#define OSSL_PKEY_PARAM_RSA_COEFFICIENT5 OSSL_PKEY_PARAM_RSA_COEFFICIENT"5"
+#define OSSL_PKEY_PARAM_RSA_COEFFICIENT6 OSSL_PKEY_PARAM_RSA_COEFFICIENT"6"
+#define OSSL_PKEY_PARAM_RSA_COEFFICIENT7 OSSL_PKEY_PARAM_RSA_COEFFICIENT"7"
+#define OSSL_PKEY_PARAM_RSA_COEFFICIENT8 OSSL_PKEY_PARAM_RSA_COEFFICIENT"8"
+#define OSSL_PKEY_PARAM_RSA_COEFFICIENT9 OSSL_PKEY_PARAM_RSA_COEFFICIENT"9"
+
+/* RSA padding modes */
+#define OSSL_PKEY_RSA_PAD_MODE_NONE "none"
+#define OSSL_PKEY_RSA_PAD_MODE_PKCSV15 "pkcs1"
+#define OSSL_PKEY_RSA_PAD_MODE_SSLV23 "sslv23"
+#define OSSL_PKEY_RSA_PAD_MODE_OAEP "oaep"
+#define OSSL_PKEY_RSA_PAD_MODE_X931 "x931"
+#define OSSL_PKEY_RSA_PAD_MODE_PSS "pss"
+
+/* RSA pss padding salt length */
+#define OSSL_PKEY_RSA_PSS_SALT_LEN_DIGEST "digest"
+#define OSSL_PKEY_RSA_PSS_SALT_LEN_MAX "max"
+#define OSSL_PKEY_RSA_PSS_SALT_LEN_AUTO "auto"
+
+/* Key generation parameters */
+#define OSSL_PKEY_PARAM_RSA_BITS OSSL_PKEY_PARAM_BITS
+#define OSSL_PKEY_PARAM_RSA_PRIMES "primes"
+#define OSSL_PKEY_PARAM_RSA_DIGEST OSSL_PKEY_PARAM_DIGEST
+#define OSSL_PKEY_PARAM_RSA_MASKGENFUNC OSSL_PKEY_PARAM_MASKGENFUNC
+#define OSSL_PKEY_PARAM_RSA_MGF1_DIGEST OSSL_PKEY_PARAM_MGF1_DIGEST
+#define OSSL_PKEY_PARAM_RSA_PSS_SALTLEN "saltlen"
+
+/* Key generation parameters */
+#define OSSL_PKEY_PARAM_FFC_TYPE "type"
+#define OSSL_PKEY_PARAM_FFC_PBITS "pbits"
+#define OSSL_PKEY_PARAM_FFC_QBITS "qbits"
+#define OSSL_PKEY_PARAM_FFC_DIGEST OSSL_PKEY_PARAM_DIGEST
+#define OSSL_PKEY_PARAM_FFC_DIGEST_PROPS OSSL_PKEY_PARAM_PROPERTIES
+
+/* Key Exchange parameters */
+#define OSSL_EXCHANGE_PARAM_PAD "pad" /* uint */
+#define OSSL_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE "ecdh-cofactor-mode" /* int */
+#define OSSL_EXCHANGE_PARAM_KDF_TYPE "kdf-type" /* utf8_string */
+#define OSSL_EXCHANGE_PARAM_KDF_DIGEST "kdf-digest" /* utf8_string */
+#define OSSL_EXCHANGE_PARAM_KDF_DIGEST_PROPS "kdf-digest-props" /* utf8_string */
+#define OSSL_EXCHANGE_PARAM_KDF_OUTLEN "kdf-outlen" /* size_t */
+
+/*
+ * TODO(3.0): improve this pattern
+ *
+ * Currently the sole internal user of OSSL_EXCHANGE_PARAM_KDF_UKM is
+ * EVP_PKEY_CTX_{set0,get0}_ecdh_kdf_ukm():
+ * OSSL_EXCHANGE_PARAM_KDF_UKM is handled as a octet_string on set0,
+ * and as an octet_ptr on get0.
+ *
+ * This pattern is borrowed from the handling of
+ * OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL in
+ * EVP_PKEY_CTX_{set0,get0}_rsa_oaep_label().
+ */
+#define OSSL_EXCHANGE_PARAM_KDF_UKM "kdf-ukm" /* see note above */
+#define OSSL_EXCHANGE_PARAM_KDF_UKM_LEN "kdf-ukm-len" /* size_t */
+
+/* Signature parameters */
+#define OSSL_SIGNATURE_PARAM_ALGORITHM_ID "algorithm-id"
+#define OSSL_SIGNATURE_PARAM_PAD_MODE OSSL_PKEY_PARAM_PAD_MODE
+#define OSSL_SIGNATURE_PARAM_DIGEST OSSL_PKEY_PARAM_DIGEST
+#define OSSL_SIGNATURE_PARAM_PROPERTIES OSSL_PKEY_PARAM_PROPERTIES
+#define OSSL_SIGNATURE_PARAM_PSS_SALTLEN "saltlen"
+#define OSSL_SIGNATURE_PARAM_MGF1_DIGEST OSSL_PKEY_PARAM_MGF1_DIGEST
+#define OSSL_SIGNATURE_PARAM_MGF1_PROPERTIES \
+ OSSL_PKEY_PARAM_MGF1_PROPERTIES
+#define OSSL_SIGNATURE_PARAM_DIGEST_SIZE OSSL_PKEY_PARAM_DIGEST_SIZE
+
+/* Asym cipher parameters */
+#define OSSL_ASYM_CIPHER_PARAM_PAD_MODE OSSL_PKEY_PARAM_PAD_MODE
+#define OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST \
+ OSSL_PKEY_PARAM_MGF1_DIGEST
+#define OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST_PROPS \
+ OSSL_PKEY_PARAM_MGF1_PROPERTIES
+#define OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST OSSL_ALG_PARAM_DIGEST
+#define OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST_PROPS "digest-props"
+#define OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL "oaep-label"
+#define OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL_LEN "oaep-label-len"
+#define OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION "tls-client-version"
+#define OSSL_ASYM_CIPHER_PARAM_TLS_NEGOTIATED_VERSION "tls-negotiated-version"
+
+/*
+ * Serializer parameters
+ */
+/* The passphrase may be passed as a utf8 string or an octet string */
+#define OSSL_SERIALIZER_PARAM_CIPHER OSSL_ALG_PARAM_CIPHER
+#define OSSL_SERIALIZER_PARAM_PROPERTIES OSSL_ALG_PARAM_PROPERTIES
+#define OSSL_SERIALIZER_PARAM_PASS "passphrase"
+
+/* Passphrase callback parameters */
+#define OSSL_PASSPHRASE_PARAM_INFO "info"
+
+/* Keygen callback parameters, from provider to libcrypto */
+#define OSSL_GEN_PARAM_POTENTIAL "potential" /* integer */
+#define OSSL_GEN_PARAM_ITERATION "iteration" /* integer */
+
+/* ACVP Test parameters : These should not be used normally */
+#define OSSL_PKEY_PARAM_RSA_TEST_XP1 "xp1"
+#define OSSL_PKEY_PARAM_RSA_TEST_XP2 "xp2"
+#define OSSL_PKEY_PARAM_RSA_TEST_XP "xp"
+#define OSSL_PKEY_PARAM_RSA_TEST_XQ1 "xq1"
+#define OSSL_PKEY_PARAM_RSA_TEST_XQ2 "xq2"
+#define OSSL_PKEY_PARAM_RSA_TEST_XQ "xq"
+#define OSSL_PKEY_PARAM_RSA_TEST_P1 "p1"
+#define OSSL_PKEY_PARAM_RSA_TEST_P2 "p2"
+#define OSSL_PKEY_PARAM_RSA_TEST_Q1 "q1"
+#define OSSL_PKEY_PARAM_RSA_TEST_Q2 "q2"
+#define OSSL_SIGNATURE_PARAM_KAT "kat"
+
+/* Capabilities */
+
+/* TLS-GROUP Capbility */
+#define OSSL_CAPABILITY_TLS_GROUP_NAME "tls-group-name"
+#define OSSL_CAPABILITY_TLS_GROUP_NAME_INTERNAL "tls-group-name-internal"
+#define OSSL_CAPABILITY_TLS_GROUP_ID "tls-group-id"
+#define OSSL_CAPABILITY_TLS_GROUP_ALG "tls-group-alg"
+#define OSSL_CAPABILITY_TLS_GROUP_SECURITY_BITS "tls-group-sec-bits"
+#define OSSL_CAPABILITY_TLS_GROUP_MIN_TLS "tls-min-tls"
+#define OSSL_CAPABILITY_TLS_GROUP_MAX_TLS "tls-max-tls"
+#define OSSL_CAPABILITY_TLS_GROUP_MIN_DTLS "tls-min-dtls"
+#define OSSL_CAPABILITY_TLS_GROUP_MAX_DTLS "tls-max-dtls"
+
+# ifdef __cplusplus
+}
+# endif
+
+#endif
diff --git a/openssl/include/openssl/crmf.h b/openssl/include/openssl/crmf.h new file mode 100644 index 00000000..22afa5c5 --- /dev/null +++ b/openssl/include/openssl/crmf.h @@ -0,0 +1,145 @@ +/*-
+ * Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright Nokia 2007-2019
+ * Copyright Siemens AG 2015-2019
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ *
+ * CRMF (RFC 4211) implementation by M. Peylo, M. Viljanen, and D. von Oheimb.
+ */
+
+#ifndef OPENSSL_CRMF_H
+# define OPENSSL_CRMF_H
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_CRMF
+# include <openssl/opensslv.h>
+# include <openssl/safestack.h>
+# include <openssl/crmferr.h>
+# include <openssl/x509v3.h> /* for GENERAL_NAME etc. */
+
+/* explicit #includes not strictly needed since implied by the above: */
+# include <openssl/types.h>
+# include <openssl/x509.h>
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+# define OSSL_CRMF_POPOPRIVKEY_THISMESSAGE 0
+# define OSSL_CRMF_POPOPRIVKEY_SUBSEQUENTMESSAGE 1
+# define OSSL_CRMF_POPOPRIVKEY_DHMAC 2
+# define OSSL_CRMF_POPOPRIVKEY_AGREEMAC 3
+# define OSSL_CRMF_POPOPRIVKEY_ENCRYPTEDKEY 4
+
+# define OSSL_CRMF_SUBSEQUENTMESSAGE_ENCRCERT 0
+# define OSSL_CRMF_SUBSEQUENTMESSAGE_CHALLENGERESP 1
+
+typedef struct ossl_crmf_encryptedvalue_st OSSL_CRMF_ENCRYPTEDVALUE;
+DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_ENCRYPTEDVALUE)
+typedef struct ossl_crmf_msg_st OSSL_CRMF_MSG;
+DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_MSG)
+DEFINE_OR_DECLARE_STACK_OF(OSSL_CRMF_MSG)
+typedef struct ossl_crmf_attributetypeandvalue_st OSSL_CRMF_ATTRIBUTETYPEANDVALUE;
+typedef struct ossl_crmf_pbmparameter_st OSSL_CRMF_PBMPARAMETER;
+DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_PBMPARAMETER)
+typedef struct ossl_crmf_poposigningkey_st OSSL_CRMF_POPOSIGNINGKEY;
+typedef struct ossl_crmf_certrequest_st OSSL_CRMF_CERTREQUEST;
+typedef struct ossl_crmf_certid_st OSSL_CRMF_CERTID;
+DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_CERTID)
+DECLARE_ASN1_DUP_FUNCTION(OSSL_CRMF_CERTID)
+DEFINE_OR_DECLARE_STACK_OF(OSSL_CRMF_CERTID)
+
+typedef struct ossl_crmf_pkipublicationinfo_st OSSL_CRMF_PKIPUBLICATIONINFO;
+DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_PKIPUBLICATIONINFO)
+typedef struct ossl_crmf_singlepubinfo_st OSSL_CRMF_SINGLEPUBINFO;
+DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_SINGLEPUBINFO)
+typedef struct ossl_crmf_certtemplate_st OSSL_CRMF_CERTTEMPLATE;
+DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_CERTTEMPLATE)
+typedef STACK_OF(OSSL_CRMF_MSG) OSSL_CRMF_MSGS;
+DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_MSGS)
+
+typedef struct ossl_crmf_optionalvalidity_st OSSL_CRMF_OPTIONALVALIDITY;
+
+/* crmf_pbm.c */
+OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(size_t slen, int owfnid,
+ int itercnt, int macnid);
+int OSSL_CRMF_pbm_new(const OSSL_CRMF_PBMPARAMETER *pbmp,
+ const unsigned char *msg, size_t msglen,
+ const unsigned char *sec, size_t seclen,
+ unsigned char **mac, size_t *maclen);
+
+/* crmf_lib.c */
+int OSSL_CRMF_MSG_set1_regCtrl_regToken(OSSL_CRMF_MSG *msg,
+ const ASN1_UTF8STRING *tok);
+int OSSL_CRMF_MSG_set1_regCtrl_authenticator(OSSL_CRMF_MSG *msg,
+ const ASN1_UTF8STRING *auth);
+int
+OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo(OSSL_CRMF_PKIPUBLICATIONINFO *pi,
+ OSSL_CRMF_SINGLEPUBINFO *spi);
+# define OSSL_CRMF_PUB_METHOD_DONTCARE 0
+# define OSSL_CRMF_PUB_METHOD_X500 1
+# define OSSL_CRMF_PUB_METHOD_WEB 2
+# define OSSL_CRMF_PUB_METHOD_LDAP 3
+int OSSL_CRMF_MSG_set0_SinglePubInfo(OSSL_CRMF_SINGLEPUBINFO *spi,
+ int method, GENERAL_NAME *nm);
+# define OSSL_CRMF_PUB_ACTION_DONTPUBLISH 0
+# define OSSL_CRMF_PUB_ACTION_PLEASEPUBLISH 1
+int OSSL_CRMF_MSG_set_PKIPublicationInfo_action(OSSL_CRMF_PKIPUBLICATIONINFO *pi,
+ int action);
+int OSSL_CRMF_MSG_set1_regCtrl_pkiPublicationInfo(OSSL_CRMF_MSG *msg,
+ const OSSL_CRMF_PKIPUBLICATIONINFO *pi);
+int OSSL_CRMF_MSG_set1_regCtrl_protocolEncrKey(OSSL_CRMF_MSG *msg,
+ const X509_PUBKEY *pubkey);
+int OSSL_CRMF_MSG_set1_regCtrl_oldCertID(OSSL_CRMF_MSG *msg,
+ const OSSL_CRMF_CERTID *cid);
+OSSL_CRMF_CERTID *OSSL_CRMF_CERTID_gen(const X509_NAME *issuer,
+ const ASN1_INTEGER *serial);
+
+int OSSL_CRMF_MSG_set1_regInfo_utf8Pairs(OSSL_CRMF_MSG *msg,
+ const ASN1_UTF8STRING *utf8pairs);
+int OSSL_CRMF_MSG_set1_regInfo_certReq(OSSL_CRMF_MSG *msg,
+ const OSSL_CRMF_CERTREQUEST *cr);
+
+int OSSL_CRMF_MSG_set0_validity(OSSL_CRMF_MSG *crm,
+ ASN1_TIME *notBefore, ASN1_TIME *notAfter);
+int OSSL_CRMF_MSG_set_certReqId(OSSL_CRMF_MSG *crm, int rid);
+int OSSL_CRMF_MSG_get_certReqId(const OSSL_CRMF_MSG *crm);
+int OSSL_CRMF_MSG_set0_extensions(OSSL_CRMF_MSG *crm, X509_EXTENSIONS *exts);
+
+int OSSL_CRMF_MSG_push0_extension(OSSL_CRMF_MSG *crm, X509_EXTENSION *ext);
+# define OSSL_CRMF_POPO_NONE -1
+# define OSSL_CRMF_POPO_RAVERIFIED 0
+# define OSSL_CRMF_POPO_SIGNATURE 1
+# define OSSL_CRMF_POPO_KEYENC 2
+# define OSSL_CRMF_POPO_KEYAGREE 3
+int OSSL_CRMF_MSG_create_popo(OSSL_CRMF_MSG *crm, EVP_PKEY *pkey,
+ int dgst, int ppmtd);
+int OSSL_CRMF_MSGS_verify_popo(const OSSL_CRMF_MSGS *reqs,
+ int rid, int acceptRAVerified);
+OSSL_CRMF_CERTTEMPLATE *OSSL_CRMF_MSG_get0_tmpl(const OSSL_CRMF_MSG *crm);
+ASN1_INTEGER
+*OSSL_CRMF_CERTTEMPLATE_get0_serialNumber(const OSSL_CRMF_CERTTEMPLATE *tmpl);
+const X509_NAME
+*OSSL_CRMF_CERTTEMPLATE_get0_issuer(const OSSL_CRMF_CERTTEMPLATE *tmpl);
+const X509_NAME
+*OSSL_CRMF_CERTID_get0_issuer(const OSSL_CRMF_CERTID *cid);
+ASN1_INTEGER *OSSL_CRMF_CERTID_get0_serialNumber(const OSSL_CRMF_CERTID *cid);
+int OSSL_CRMF_CERTTEMPLATE_fill(OSSL_CRMF_CERTTEMPLATE *tmpl,
+ EVP_PKEY *pubkey,
+ const X509_NAME *subject,
+ const X509_NAME *issuer,
+ const ASN1_INTEGER *serial);
+X509
+*OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert(const OSSL_CRMF_ENCRYPTEDVALUE *ecert,
+ EVP_PKEY *pkey);
+
+# ifdef __cplusplus
+}
+# endif
+# endif /* !defined(OPENSSL_NO_CRMF) */
+#endif /* !defined(OPENSSL_CRMF_H) */
diff --git a/openssl/include/openssl/crmferr.h b/openssl/include/openssl/crmferr.h new file mode 100644 index 00000000..1d198ec6 --- /dev/null +++ b/openssl/include/openssl/crmferr.h @@ -0,0 +1,79 @@ +/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_CRMFERR_H
+# define OPENSSL_CRMFERR_H
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_CRMF
+
+# ifdef __cplusplus
+extern "C"
+# endif
+int ERR_load_CRMF_strings(void);
+
+/*
+ * CRMF function codes.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define CRMF_F_CRMF_POPOSIGNINGKEY_INIT 0
+# define CRMF_F_OSSL_CRMF_CERTID_GEN 0
+# define CRMF_F_OSSL_CRMF_CERTTEMPLATE_FILL 0
+# define CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT 0
+# define CRMF_F_OSSL_CRMF_MSGS_VERIFY_POPO 0
+# define CRMF_F_OSSL_CRMF_MSG_CREATE_POPO 0
+# define CRMF_F_OSSL_CRMF_MSG_GET0_TMPL 0
+# define CRMF_F_OSSL_CRMF_MSG_GET_CERTREQID 0
+# define CRMF_F_OSSL_CRMF_MSG_PKIPUBLICATIONINFO_PUSH0_SINGLEPUBINFO 0
+# define CRMF_F_OSSL_CRMF_MSG_PUSH0_EXTENSION 0
+# define CRMF_F_OSSL_CRMF_MSG_PUSH0_REGCTRL 0
+# define CRMF_F_OSSL_CRMF_MSG_PUSH0_REGINFO 0
+# define CRMF_F_OSSL_CRMF_MSG_SET0_EXTENSIONS 0
+# define CRMF_F_OSSL_CRMF_MSG_SET0_SINGLEPUBINFO 0
+# define CRMF_F_OSSL_CRMF_MSG_SET_CERTREQID 0
+# define CRMF_F_OSSL_CRMF_MSG_SET_PKIPUBLICATIONINFO_ACTION 0
+# define CRMF_F_OSSL_CRMF_MSG_SET0_VALIDITY 0
+# define CRMF_F_OSSL_CRMF_PBMP_NEW 0
+# define CRMF_F_OSSL_CRMF_PBM_NEW 0
+# endif
+
+/*
+ * CRMF reason codes.
+ */
+# define CRMF_R_BAD_PBM_ITERATIONCOUNT 100
+# define CRMF_R_CRMFERROR 102
+# define CRMF_R_ERROR 103
+# define CRMF_R_ERROR_DECODING_CERTIFICATE 104
+# define CRMF_R_ERROR_DECRYPTING_CERTIFICATE 105
+# define CRMF_R_ERROR_DECRYPTING_SYMMETRIC_KEY 106
+# define CRMF_R_FAILURE_OBTAINING_RANDOM 107
+# define CRMF_R_ITERATIONCOUNT_BELOW_100 108
+# define CRMF_R_MALFORMED_IV 101
+# define CRMF_R_NULL_ARGUMENT 109
+# define CRMF_R_POPO_INCONSISTENT_PUBLIC_KEY 117
+# define CRMF_R_POPO_MISSING 121
+# define CRMF_R_POPO_MISSING_PUBLIC_KEY 118
+# define CRMF_R_POPO_MISSING_SUBJECT 119
+# define CRMF_R_POPO_RAVERIFIED_NOT_ACCEPTED 120
+# define CRMF_R_SETTING_MAC_ALGOR_FAILURE 110
+# define CRMF_R_SETTING_OWF_ALGOR_FAILURE 111
+# define CRMF_R_UNSUPPORTED_ALGORITHM 112
+# define CRMF_R_UNSUPPORTED_ALG_FOR_POPSIGNINGKEY 113
+# define CRMF_R_UNSUPPORTED_CIPHER 114
+# define CRMF_R_UNSUPPORTED_METHOD_FOR_CREATING_POPO 115
+# define CRMF_R_UNSUPPORTED_POPO_METHOD 116
+
+# endif
+#endif
diff --git a/openssl/include/openssl/crypto.h b/openssl/include/openssl/crypto.h new file mode 100644 index 00000000..96781f46 --- /dev/null +++ b/openssl/include/openssl/crypto.h @@ -0,0 +1,501 @@ +/*
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_CRYPTO_H
+# define OPENSSL_CRYPTO_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_CRYPTO_H
+# endif
+
+# include <stdlib.h>
+# include <time.h>
+
+# include <openssl/e_os2.h>
+
+# ifndef OPENSSL_NO_STDIO
+# include <stdio.h>
+# endif
+
+# include <openssl/safestack.h>
+# include <openssl/opensslv.h>
+# include <openssl/types.h>
+# include <openssl/opensslconf.h>
+# include <openssl/cryptoerr.h>
+
+# ifdef CHARSET_EBCDIC
+# include <openssl/ebcdic.h>
+# endif
+
+/*
+ * Resolve problems on some operating systems with symbol names that clash
+ * one way or another
+ */
+# include <openssl/symhacks.h>
+
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# include <openssl/opensslv.h>
+# endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# define SSLeay OpenSSL_version_num
+# define SSLeay_version OpenSSL_version
+# define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER
+# define SSLEAY_VERSION OPENSSL_VERSION
+# define SSLEAY_CFLAGS OPENSSL_CFLAGS
+# define SSLEAY_BUILT_ON OPENSSL_BUILT_ON
+# define SSLEAY_PLATFORM OPENSSL_PLATFORM
+# define SSLEAY_DIR OPENSSL_DIR
+
+/*
+ * Old type for allocating dynamic locks. No longer used. Use the new thread
+ * API instead.
+ */
+typedef struct {
+ int dummy;
+} CRYPTO_dynlock;
+
+# endif /* OPENSSL_NO_DEPRECATED_1_1_0 */
+
+typedef void CRYPTO_RWLOCK;
+
+CRYPTO_RWLOCK *CRYPTO_THREAD_lock_new(void);
+int CRYPTO_THREAD_read_lock(CRYPTO_RWLOCK *lock);
+int CRYPTO_THREAD_write_lock(CRYPTO_RWLOCK *lock);
+int CRYPTO_THREAD_unlock(CRYPTO_RWLOCK *lock);
+void CRYPTO_THREAD_lock_free(CRYPTO_RWLOCK *lock);
+
+int CRYPTO_atomic_add(int *val, int amount, int *ret, CRYPTO_RWLOCK *lock);
+
+/* No longer needed, so this is a no-op */
+#define OPENSSL_malloc_init() while(0) continue
+
+# define OPENSSL_malloc(num) \
+ CRYPTO_malloc(num, OPENSSL_FILE, OPENSSL_LINE)
+# define OPENSSL_zalloc(num) \
+ CRYPTO_zalloc(num, OPENSSL_FILE, OPENSSL_LINE)
+# define OPENSSL_realloc(addr, num) \
+ CRYPTO_realloc(addr, num, OPENSSL_FILE, OPENSSL_LINE)
+# define OPENSSL_clear_realloc(addr, old_num, num) \
+ CRYPTO_clear_realloc(addr, old_num, num, OPENSSL_FILE, OPENSSL_LINE)
+# define OPENSSL_clear_free(addr, num) \
+ CRYPTO_clear_free(addr, num, OPENSSL_FILE, OPENSSL_LINE)
+# define OPENSSL_free(addr) \
+ CRYPTO_free(addr, OPENSSL_FILE, OPENSSL_LINE)
+# define OPENSSL_memdup(str, s) \
+ CRYPTO_memdup((str), s, OPENSSL_FILE, OPENSSL_LINE)
+# define OPENSSL_strdup(str) \
+ CRYPTO_strdup(str, OPENSSL_FILE, OPENSSL_LINE)
+# define OPENSSL_strndup(str, n) \
+ CRYPTO_strndup(str, n, OPENSSL_FILE, OPENSSL_LINE)
+# define OPENSSL_secure_malloc(num) \
+ CRYPTO_secure_malloc(num, OPENSSL_FILE, OPENSSL_LINE)
+# define OPENSSL_secure_zalloc(num) \
+ CRYPTO_secure_zalloc(num, OPENSSL_FILE, OPENSSL_LINE)
+# define OPENSSL_secure_free(addr) \
+ CRYPTO_secure_free(addr, OPENSSL_FILE, OPENSSL_LINE)
+# define OPENSSL_secure_clear_free(addr, num) \
+ CRYPTO_secure_clear_free(addr, num, OPENSSL_FILE, OPENSSL_LINE)
+# define OPENSSL_secure_actual_size(ptr) \
+ CRYPTO_secure_actual_size(ptr)
+
+size_t OPENSSL_strlcpy(char *dst, const char *src, size_t siz);
+size_t OPENSSL_strlcat(char *dst, const char *src, size_t siz);
+size_t OPENSSL_strnlen(const char *str, size_t maxlen);
+int OPENSSL_buf2hexstr_ex(char *str, size_t str_n, size_t *strlen,
+ const unsigned char *buf, size_t buflen);
+char *OPENSSL_buf2hexstr(const unsigned char *buf, long buflen);
+int OPENSSL_hexstr2buf_ex(unsigned char *buf, size_t buf_n, size_t *buflen,
+ const char *str);
+unsigned char *OPENSSL_hexstr2buf(const char *str, long *buflen);
+int OPENSSL_hexchar2int(unsigned char c);
+
+# define OPENSSL_MALLOC_MAX_NELEMS(type) (((1U<<(sizeof(int)*8-1))-1)/sizeof(type))
+
+/*
+ * These functions return the values of OPENSSL_VERSION_MAJOR,
+ * OPENSSL_VERSION_MINOR, OPENSSL_VERSION_PATCH, OPENSSL_VERSION_PRE_RELEASE
+ * and OPENSSL_VERSION_BUILD_METADATA, respectively.
+ */
+unsigned int OPENSSL_version_major(void);
+unsigned int OPENSSL_version_minor(void);
+unsigned int OPENSSL_version_patch(void);
+const char *OPENSSL_version_pre_release(void);
+const char *OPENSSL_version_build_metadata(void);
+
+unsigned long OpenSSL_version_num(void);
+const char *OpenSSL_version(int type);
+# define OPENSSL_VERSION 0
+# define OPENSSL_CFLAGS 1
+# define OPENSSL_BUILT_ON 2
+# define OPENSSL_PLATFORM 3
+# define OPENSSL_DIR 4
+# define OPENSSL_ENGINES_DIR 5
+# define OPENSSL_VERSION_STRING 6
+# define OPENSSL_FULL_VERSION_STRING 7
+# define OPENSSL_MODULES_DIR 8
+# define OPENSSL_CPU_INFO 9
+
+const char *OPENSSL_info(int type);
+/*
+ * The series starts at 1001 to avoid confusion with the OpenSSL_version
+ * types.
+ */
+# define OPENSSL_INFO_CONFIG_DIR 1001
+# define OPENSSL_INFO_ENGINES_DIR 1002
+# define OPENSSL_INFO_MODULES_DIR 1003
+# define OPENSSL_INFO_DSO_EXTENSION 1004
+# define OPENSSL_INFO_DIR_FILENAME_SEPARATOR 1005
+# define OPENSSL_INFO_LIST_SEPARATOR 1006
+# define OPENSSL_INFO_SEED_SOURCE 1007
+# define OPENSSL_INFO_CPU_SETTINGS 1008
+
+int OPENSSL_issetugid(void);
+
+struct crypto_ex_data_st {
+ OPENSSL_CTX *ctx;
+ STACK_OF(void) *sk;
+};
+
+DEFINE_OR_DECLARE_STACK_OF(void)
+
+/*
+ * Per class, we have a STACK of function pointers.
+ */
+# define CRYPTO_EX_INDEX_SSL 0
+# define CRYPTO_EX_INDEX_SSL_CTX 1
+# define CRYPTO_EX_INDEX_SSL_SESSION 2
+# define CRYPTO_EX_INDEX_X509 3
+# define CRYPTO_EX_INDEX_X509_STORE 4
+# define CRYPTO_EX_INDEX_X509_STORE_CTX 5
+# define CRYPTO_EX_INDEX_DH 6
+# define CRYPTO_EX_INDEX_DSA 7
+# define CRYPTO_EX_INDEX_EC_KEY 8
+# define CRYPTO_EX_INDEX_RSA 9
+# define CRYPTO_EX_INDEX_ENGINE 10
+# define CRYPTO_EX_INDEX_UI 11
+# define CRYPTO_EX_INDEX_BIO 12
+# define CRYPTO_EX_INDEX_APP 13
+# define CRYPTO_EX_INDEX_UI_METHOD 14
+# define CRYPTO_EX_INDEX_RAND_DRBG 15
+# define CRYPTO_EX_INDEX_DRBG CRYPTO_EX_INDEX_RAND_DRBG
+# define CRYPTO_EX_INDEX_OPENSSL_CTX 16
+# define CRYPTO_EX_INDEX_EVP_PKEY 17
+# define CRYPTO_EX_INDEX__COUNT 18
+
+typedef void CRYPTO_EX_new (void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+ int idx, long argl, void *argp);
+typedef void CRYPTO_EX_free (void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+ int idx, long argl, void *argp);
+typedef int CRYPTO_EX_dup (CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from,
+ void **from_d, int idx, long argl, void *argp);
+__owur int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp,
+ CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func,
+ CRYPTO_EX_free *free_func);
+/* No longer use an index. */
+int CRYPTO_free_ex_index(int class_index, int idx);
+
+/*
+ * Initialise/duplicate/free CRYPTO_EX_DATA variables corresponding to a
+ * given class (invokes whatever per-class callbacks are applicable)
+ */
+int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad);
+int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to,
+ const CRYPTO_EX_DATA *from);
+
+void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad);
+
+/* Allocate a single item in the CRYPTO_EX_DATA variable */
+int CRYPTO_alloc_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad,
+ int idx);
+
+/*
+ * Get/set data in a CRYPTO_EX_DATA variable corresponding to a particular
+ * index (relative to the class type involved)
+ */
+int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val);
+void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad, int idx);
+
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+/*
+ * This function cleans up all "ex_data" state. It mustn't be called under
+ * potential race-conditions.
+ */
+# define CRYPTO_cleanup_all_ex_data() while(0) continue
+
+/*
+ * The old locking functions have been removed completely without compatibility
+ * macros. This is because the old functions either could not properly report
+ * errors, or the returned error values were not clearly documented.
+ * Replacing the locking functions with no-ops would cause race condition
+ * issues in the affected applications. It is far better for them to fail at
+ * compile time.
+ * On the other hand, the locking callbacks are no longer used. Consequently,
+ * the callback management functions can be safely replaced with no-op macros.
+ */
+# define CRYPTO_num_locks() (1)
+# define CRYPTO_set_locking_callback(func)
+# define CRYPTO_get_locking_callback() (NULL)
+# define CRYPTO_set_add_lock_callback(func)
+# define CRYPTO_get_add_lock_callback() (NULL)
+
+/*
+ * These defines where used in combination with the old locking callbacks,
+ * they are not called anymore, but old code that's not called might still
+ * use them.
+ */
+# define CRYPTO_LOCK 1
+# define CRYPTO_UNLOCK 2
+# define CRYPTO_READ 4
+# define CRYPTO_WRITE 8
+
+/* This structure is no longer used */
+typedef struct crypto_threadid_st {
+ int dummy;
+} CRYPTO_THREADID;
+/* Only use CRYPTO_THREADID_set_[numeric|pointer]() within callbacks */
+# define CRYPTO_THREADID_set_numeric(id, val)
+# define CRYPTO_THREADID_set_pointer(id, ptr)
+# define CRYPTO_THREADID_set_callback(threadid_func) (0)
+# define CRYPTO_THREADID_get_callback() (NULL)
+# define CRYPTO_THREADID_current(id)
+# define CRYPTO_THREADID_cmp(a, b) (-1)
+# define CRYPTO_THREADID_cpy(dest, src)
+# define CRYPTO_THREADID_hash(id) (0UL)
+
+# ifndef OPENSSL_NO_DEPRECATED_1_0_0
+# define CRYPTO_set_id_callback(func)
+# define CRYPTO_get_id_callback() (NULL)
+# define CRYPTO_thread_id() (0UL)
+# endif /* OPENSSL_NO_DEPRECATED_1_0_0 */
+
+# define CRYPTO_set_dynlock_create_callback(dyn_create_function)
+# define CRYPTO_set_dynlock_lock_callback(dyn_lock_function)
+# define CRYPTO_set_dynlock_destroy_callback(dyn_destroy_function)
+# define CRYPTO_get_dynlock_create_callback() (NULL)
+# define CRYPTO_get_dynlock_lock_callback() (NULL)
+# define CRYPTO_get_dynlock_destroy_callback() (NULL)
+# endif /* OPENSSL_NO_DEPRECATED_1_1_0 */
+
+typedef void *(*CRYPTO_malloc_fn)(size_t num, const char *file, int line);
+typedef void *(*CRYPTO_realloc_fn)(void *addr, size_t num, const char *file,
+ int line);
+typedef void (*CRYPTO_free_fn)(void *addr, const char *file, int line);
+int CRYPTO_set_mem_functions(CRYPTO_malloc_fn malloc_fn,
+ CRYPTO_realloc_fn realloc_fn,
+ CRYPTO_free_fn free_fn);
+void CRYPTO_get_mem_functions(CRYPTO_malloc_fn *malloc_fn,
+ CRYPTO_realloc_fn *realloc_fn,
+ CRYPTO_free_fn *free_fn);
+
+void *CRYPTO_malloc(size_t num, const char *file, int line);
+void *CRYPTO_zalloc(size_t num, const char *file, int line);
+void *CRYPTO_memdup(const void *str, size_t siz, const char *file, int line);
+char *CRYPTO_strdup(const char *str, const char *file, int line);
+char *CRYPTO_strndup(const char *str, size_t s, const char *file, int line);
+void CRYPTO_free(void *ptr, const char *file, int line);
+void CRYPTO_clear_free(void *ptr, size_t num, const char *file, int line);
+void *CRYPTO_realloc(void *addr, size_t num, const char *file, int line);
+void *CRYPTO_clear_realloc(void *addr, size_t old_num, size_t num,
+ const char *file, int line);
+
+int CRYPTO_secure_malloc_init(size_t sz, size_t minsize);
+int CRYPTO_secure_malloc_done(void);
+void *CRYPTO_secure_malloc(size_t num, const char *file, int line);
+void *CRYPTO_secure_zalloc(size_t num, const char *file, int line);
+void CRYPTO_secure_free(void *ptr, const char *file, int line);
+void CRYPTO_secure_clear_free(void *ptr, size_t num,
+ const char *file, int line);
+int CRYPTO_secure_allocated(const void *ptr);
+int CRYPTO_secure_malloc_initialized(void);
+size_t CRYPTO_secure_actual_size(void *ptr);
+size_t CRYPTO_secure_used(void);
+
+void OPENSSL_cleanse(void *ptr, size_t len);
+
+# ifndef OPENSSL_NO_CRYPTO_MDEBUG
+/*
+ * The following can be used to detect memory leaks in the library. If
+ * used, it turns on malloc checking
+ */
+# define CRYPTO_MEM_CHECK_OFF 0x0 /* Control only */
+# define CRYPTO_MEM_CHECK_ON 0x1 /* Control and mode bit */
+# define CRYPTO_MEM_CHECK_ENABLE 0x2 /* Control and mode bit */
+# define CRYPTO_MEM_CHECK_DISABLE 0x3 /* Control only */
+
+void CRYPTO_get_alloc_counts(int *mcount, int *rcount, int *fcount);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define OPENSSL_mem_debug_push(info) \
+ CRYPTO_mem_debug_push(info, OPENSSL_FILE, OPENSSL_LINE)
+# define OPENSSL_mem_debug_pop() \
+ CRYPTO_mem_debug_pop()
+# endif
+DEPRECATEDIN_3_0(int CRYPTO_set_mem_debug(int flag))
+DEPRECATEDIN_3_0(int CRYPTO_mem_ctrl(int mode))
+DEPRECATEDIN_3_0(int CRYPTO_mem_debug_push(const char *info,
+ const char *file, int line))
+DEPRECATEDIN_3_0(int CRYPTO_mem_debug_pop(void))
+
+DEPRECATEDIN_3_0(void CRYPTO_mem_debug_malloc(void *addr, size_t num,
+ int flag,
+ const char *file, int line))
+DEPRECATEDIN_3_0(void CRYPTO_mem_debug_realloc(void *addr1, void *addr2,
+ size_t num, int flag,
+ const char *file, int line))
+DEPRECATEDIN_3_0(void CRYPTO_mem_debug_free(void *addr, int flag,
+ const char *file, int line))
+
+DEPRECATEDIN_3_0(int CRYPTO_mem_leaks_cb(
+ int (*cb)(const char *str, size_t len, void *u), void *u))
+# ifndef OPENSSL_NO_STDIO
+DEPRECATEDIN_3_0(int CRYPTO_mem_leaks_fp(FILE *))
+# endif
+DEPRECATEDIN_3_0(int CRYPTO_mem_leaks(BIO *bio))
+# endif /* OPENSSL_NO_CRYPTO_MDEBUG */
+
+/* die if we have to */
+ossl_noreturn void OPENSSL_die(const char *assertion, const char *file, int line);
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# define OpenSSLDie(f,l,a) OPENSSL_die((a),(f),(l))
+# endif
+# define OPENSSL_assert(e) \
+ (void)((e) ? 0 : (OPENSSL_die("assertion failed: " #e, OPENSSL_FILE, OPENSSL_LINE), 1))
+
+int OPENSSL_isservice(void);
+
+void OPENSSL_init(void);
+# ifdef OPENSSL_SYS_UNIX
+void OPENSSL_fork_prepare(void);
+void OPENSSL_fork_parent(void);
+void OPENSSL_fork_child(void);
+# endif
+
+struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result);
+int OPENSSL_gmtime_adj(struct tm *tm, int offset_day, long offset_sec);
+int OPENSSL_gmtime_diff(int *pday, int *psec,
+ const struct tm *from, const struct tm *to);
+
+/*
+ * CRYPTO_memcmp returns zero iff the |len| bytes at |a| and |b| are equal.
+ * It takes an amount of time dependent on |len|, but independent of the
+ * contents of |a| and |b|. Unlike memcmp, it cannot be used to put elements
+ * into a defined order as the return value when a != b is undefined, other
+ * than to be non-zero.
+ */
+int CRYPTO_memcmp(const void * in_a, const void * in_b, size_t len);
+
+/* Standard initialisation options */
+# define OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS 0x00000001L
+# define OPENSSL_INIT_LOAD_CRYPTO_STRINGS 0x00000002L
+# define OPENSSL_INIT_ADD_ALL_CIPHERS 0x00000004L
+# define OPENSSL_INIT_ADD_ALL_DIGESTS 0x00000008L
+# define OPENSSL_INIT_NO_ADD_ALL_CIPHERS 0x00000010L
+# define OPENSSL_INIT_NO_ADD_ALL_DIGESTS 0x00000020L
+# define OPENSSL_INIT_LOAD_CONFIG 0x00000040L
+# define OPENSSL_INIT_NO_LOAD_CONFIG 0x00000080L
+# define OPENSSL_INIT_ASYNC 0x00000100L
+# define OPENSSL_INIT_ENGINE_RDRAND 0x00000200L
+# define OPENSSL_INIT_ENGINE_DYNAMIC 0x00000400L
+# define OPENSSL_INIT_ENGINE_OPENSSL 0x00000800L
+# define OPENSSL_INIT_ENGINE_CRYPTODEV 0x00001000L
+# define OPENSSL_INIT_ENGINE_CAPI 0x00002000L
+# define OPENSSL_INIT_ENGINE_PADLOCK 0x00004000L
+# define OPENSSL_INIT_ENGINE_AFALG 0x00008000L
+/* OPENSSL_INIT_ZLIB 0x00010000L */
+# define OPENSSL_INIT_ATFORK 0x00020000L
+/* OPENSSL_INIT_BASE_ONLY 0x00040000L */
+# define OPENSSL_INIT_NO_ATEXIT 0x00080000L
+/* OPENSSL_INIT flag range 0x03f00000 reserved for OPENSSL_init_ssl() */
+/* FREE: 0x04000000L */
+/* FREE: 0x08000000L */
+/* FREE: 0x10000000L */
+/* FREE: 0x20000000L */
+/* FREE: 0x40000000L */
+/* FREE: 0x80000000L */
+/* Max OPENSSL_INIT flag value is 0x80000000 */
+
+/* openssl and dasync not counted as builtin */
+# define OPENSSL_INIT_ENGINE_ALL_BUILTIN \
+ (OPENSSL_INIT_ENGINE_RDRAND | OPENSSL_INIT_ENGINE_DYNAMIC \
+ | OPENSSL_INIT_ENGINE_CRYPTODEV | OPENSSL_INIT_ENGINE_CAPI | \
+ OPENSSL_INIT_ENGINE_PADLOCK)
+
+
+/* Library initialisation functions */
+void OPENSSL_cleanup(void);
+int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings);
+int OPENSSL_atexit(void (*handler)(void));
+void OPENSSL_thread_stop(void);
+void OPENSSL_thread_stop_ex(OPENSSL_CTX *ctx);
+
+/* Low-level control of initialization */
+OPENSSL_INIT_SETTINGS *OPENSSL_INIT_new(void);
+# ifndef OPENSSL_NO_STDIO
+int OPENSSL_INIT_set_config_filename(OPENSSL_INIT_SETTINGS *settings,
+ const char *config_filename);
+void OPENSSL_INIT_set_config_file_flags(OPENSSL_INIT_SETTINGS *settings,
+ unsigned long flags);
+int OPENSSL_INIT_set_config_appname(OPENSSL_INIT_SETTINGS *settings,
+ const char *config_appname);
+# endif
+void OPENSSL_INIT_free(OPENSSL_INIT_SETTINGS *settings);
+
+# if defined(OPENSSL_THREADS) && !defined(CRYPTO_TDEBUG)
+# if defined(_WIN32)
+# if defined(BASETYPES) || defined(_WINDEF_H)
+/* application has to include <windows.h> in order to use this */
+typedef DWORD CRYPTO_THREAD_LOCAL;
+typedef DWORD CRYPTO_THREAD_ID;
+
+typedef LONG CRYPTO_ONCE;
+# define CRYPTO_ONCE_STATIC_INIT 0
+# endif
+# else
+# include <pthread.h>
+typedef pthread_once_t CRYPTO_ONCE;
+typedef pthread_key_t CRYPTO_THREAD_LOCAL;
+typedef pthread_t CRYPTO_THREAD_ID;
+
+# define CRYPTO_ONCE_STATIC_INIT PTHREAD_ONCE_INIT
+# endif
+# endif
+
+# if !defined(CRYPTO_ONCE_STATIC_INIT)
+typedef unsigned int CRYPTO_ONCE;
+typedef unsigned int CRYPTO_THREAD_LOCAL;
+typedef unsigned int CRYPTO_THREAD_ID;
+# define CRYPTO_ONCE_STATIC_INIT 0
+# endif
+
+int CRYPTO_THREAD_run_once(CRYPTO_ONCE *once, void (*init)(void));
+
+int CRYPTO_THREAD_init_local(CRYPTO_THREAD_LOCAL *key, void (*cleanup)(void *));
+void *CRYPTO_THREAD_get_local(CRYPTO_THREAD_LOCAL *key);
+int CRYPTO_THREAD_set_local(CRYPTO_THREAD_LOCAL *key, void *val);
+int CRYPTO_THREAD_cleanup_local(CRYPTO_THREAD_LOCAL *key);
+
+CRYPTO_THREAD_ID CRYPTO_THREAD_get_current_id(void);
+int CRYPTO_THREAD_compare_id(CRYPTO_THREAD_ID a, CRYPTO_THREAD_ID b);
+
+OPENSSL_CTX *OPENSSL_CTX_new(void);
+int OPENSSL_CTX_load_config(OPENSSL_CTX *ctx, const char *config_file);
+void OPENSSL_CTX_free(OPENSSL_CTX *);
+
+# ifdef __cplusplus
+}
+# endif
+#endif
diff --git a/openssl/include/openssl/cryptoerr.h b/openssl/include/openssl/cryptoerr.h new file mode 100644 index 00000000..c44dcb12 --- /dev/null +++ b/openssl/include/openssl/cryptoerr.h @@ -0,0 +1,100 @@ +/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_CRYPTOERR_H
+# define OPENSSL_CRYPTOERR_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+
+
+# ifdef __cplusplus
+extern "C"
+# endif
+int ERR_load_CRYPTO_strings(void);
+
+/*
+ * CRYPTO function codes.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define CRYPTO_F_CMAC_CTX_NEW 0
+# define CRYPTO_F_CRYPTO_DUP_EX_DATA 0
+# define CRYPTO_F_CRYPTO_FREE_EX_DATA 0
+# define CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX 0
+# define CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX_EX 0
+# define CRYPTO_F_CRYPTO_MEMDUP 0
+# define CRYPTO_F_CRYPTO_NEW_EX_DATA 0
+# define CRYPTO_F_CRYPTO_NEW_EX_DATA_EX 0
+# define CRYPTO_F_CRYPTO_OCB128_COPY_CTX 0
+# define CRYPTO_F_CRYPTO_OCB128_INIT 0
+# define CRYPTO_F_CRYPTO_SET_EX_DATA 0
+# define CRYPTO_F_FIPS_MODE_SET 0
+# define CRYPTO_F_GET_AND_LOCK 0
+# define CRYPTO_F_GET_PROVIDER_STORE 0
+# define CRYPTO_F_OPENSSL_ATEXIT 0
+# define CRYPTO_F_OPENSSL_BUF2HEXSTR 0
+# define CRYPTO_F_OPENSSL_BUF2HEXSTR_EX 0
+# define CRYPTO_F_OPENSSL_FOPEN 0
+# define CRYPTO_F_OPENSSL_HEXSTR2BUF 0
+# define CRYPTO_F_OPENSSL_HEXSTR2BUF_EX 0
+# define CRYPTO_F_OPENSSL_INIT_CRYPTO 0
+# define CRYPTO_F_OPENSSL_LH_NEW 0
+# define CRYPTO_F_OPENSSL_SK_DEEP_COPY 0
+# define CRYPTO_F_OPENSSL_SK_DUP 0
+# define CRYPTO_F_OSSL_PARAM_BLD_PUSH_BN 0
+# define CRYPTO_F_OSSL_PARAM_BLD_PUSH_OCTET_PTR 0
+# define CRYPTO_F_OSSL_PARAM_BLD_PUSH_OCTET_STRING 0
+# define CRYPTO_F_OSSL_PARAM_BLD_PUSH_UTF8_PTR 0
+# define CRYPTO_F_OSSL_PARAM_BLD_PUSH_UTF8_STRING 0
+# define CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM 0
+# define CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM_EX 0
+# define CRYPTO_F_OSSL_PARAM_TYPE_TO_PARAM 0
+# define CRYPTO_F_OSSL_PROVIDER_ACTIVATE 0
+# define CRYPTO_F_OSSL_PROVIDER_ADD_BUILTIN 0
+# define CRYPTO_F_OSSL_PROVIDER_ADD_PARAMETER 0
+# define CRYPTO_F_OSSL_PROVIDER_NEW 0
+# define CRYPTO_F_OSSL_PROVIDER_SET_MODULE_PATH 0
+# define CRYPTO_F_PARAM_PUSH 0
+# define CRYPTO_F_PARAM_PUSH_NUM 0
+# define CRYPTO_F_PKEY_HMAC_INIT 0
+# define CRYPTO_F_PKEY_POLY1305_INIT 0
+# define CRYPTO_F_PKEY_SIPHASH_INIT 0
+# define CRYPTO_F_PROVIDER_ACTIVATE 0
+# define CRYPTO_F_PROVIDER_CONF_INIT 0
+# define CRYPTO_F_PROVIDER_CONF_LOAD 0
+# define CRYPTO_F_PROVIDER_NEW 0
+# define CRYPTO_F_PROVIDER_STORE_NEW 0
+# define CRYPTO_F_SK_RESERVE 0
+# endif
+
+/*
+ * CRYPTO reason codes.
+ */
+# define CRYPTO_R_BAD_ALGORITHM_NAME 117
+# define CRYPTO_R_CONFLICTING_NAMES 118
+# define CRYPTO_R_FIPS_MODE_NOT_SUPPORTED 101
+# define CRYPTO_R_ILLEGAL_HEX_DIGIT 102
+# define CRYPTO_R_INSUFFICIENT_DATA_SPACE 106
+# define CRYPTO_R_INSUFFICIENT_PARAM_SIZE 107
+# define CRYPTO_R_INSUFFICIENT_SECURE_DATA_SPACE 108
+# define CRYPTO_R_INVALID_NULL_ARGUMENT 109
+# define CRYPTO_R_INVALID_OSSL_PARAM_TYPE 110
+# define CRYPTO_R_ODD_NUMBER_OF_DIGITS 103
+# define CRYPTO_R_PROVIDER_ALREADY_EXISTS 104
+# define CRYPTO_R_PROVIDER_SECTION_ERROR 105
+# define CRYPTO_R_SECURE_MALLOC_FAILURE 111
+# define CRYPTO_R_STRING_TOO_LONG 112
+# define CRYPTO_R_TOO_MANY_BYTES 113
+# define CRYPTO_R_TOO_MANY_RECORDS 114
+# define CRYPTO_R_TOO_SMALL_BUFFER 116
+# define CRYPTO_R_ZERO_LENGTH_NUMBER 115
+
+#endif
diff --git a/openssl/include/openssl/ct.h b/openssl/include/openssl/ct.h new file mode 100644 index 00000000..0a2fac67 --- /dev/null +++ b/openssl/include/openssl/ct.h @@ -0,0 +1,516 @@ +/*
+ * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_CT_H
+# define OPENSSL_CT_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_CT_H
+# endif
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_CT
+# include <openssl/types.h>
+# include <openssl/safestack.h>
+# include <openssl/x509.h>
+# include <openssl/cterr.h>
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+
+/* Minimum RSA key size, from RFC6962 */
+# define SCT_MIN_RSA_BITS 2048
+
+/* All hashes are SHA256 in v1 of Certificate Transparency */
+# define CT_V1_HASHLEN SHA256_DIGEST_LENGTH
+
+DEFINE_OR_DECLARE_STACK_OF(SCT)
+DEFINE_OR_DECLARE_STACK_OF(CTLOG)
+
+typedef enum {
+ CT_LOG_ENTRY_TYPE_NOT_SET = -1,
+ CT_LOG_ENTRY_TYPE_X509 = 0,
+ CT_LOG_ENTRY_TYPE_PRECERT = 1
+} ct_log_entry_type_t;
+
+typedef enum {
+ SCT_VERSION_NOT_SET = -1,
+ SCT_VERSION_V1 = 0
+} sct_version_t;
+
+typedef enum {
+ SCT_SOURCE_UNKNOWN,
+ SCT_SOURCE_TLS_EXTENSION,
+ SCT_SOURCE_X509V3_EXTENSION,
+ SCT_SOURCE_OCSP_STAPLED_RESPONSE
+} sct_source_t;
+
+typedef enum {
+ SCT_VALIDATION_STATUS_NOT_SET,
+ SCT_VALIDATION_STATUS_UNKNOWN_LOG,
+ SCT_VALIDATION_STATUS_VALID,
+ SCT_VALIDATION_STATUS_INVALID,
+ SCT_VALIDATION_STATUS_UNVERIFIED,
+ SCT_VALIDATION_STATUS_UNKNOWN_VERSION
+} sct_validation_status_t;
+
+/******************************************
+ * CT policy evaluation context functions *
+ ******************************************/
+
+/*
+ * Creates a new, empty policy evaluation context associated with the given
+ * library context and property query string.
+ * The caller is responsible for calling CT_POLICY_EVAL_CTX_free when finished
+ * with the CT_POLICY_EVAL_CTX.
+ */
+CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new_with_libctx(OPENSSL_CTX *libctx,
+ const char *propq);
+
+/*
+ * The same as CT_POLICY_EVAL_CTX_new_with_libctx() but the default library
+ * context and property query string is used.
+ */
+CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new(void);
+
+/* Deletes a policy evaluation context and anything it owns. */
+void CT_POLICY_EVAL_CTX_free(CT_POLICY_EVAL_CTX *ctx);
+
+/* Gets the peer certificate that the SCTs are for */
+X509* CT_POLICY_EVAL_CTX_get0_cert(const CT_POLICY_EVAL_CTX *ctx);
+
+/*
+ * Sets the certificate associated with the received SCTs.
+ * Increments the reference count of cert.
+ * Returns 1 on success, 0 otherwise.
+ */
+int CT_POLICY_EVAL_CTX_set1_cert(CT_POLICY_EVAL_CTX *ctx, X509 *cert);
+
+/* Gets the issuer of the aforementioned certificate */
+X509* CT_POLICY_EVAL_CTX_get0_issuer(const CT_POLICY_EVAL_CTX *ctx);
+
+/*
+ * Sets the issuer of the certificate associated with the received SCTs.
+ * Increments the reference count of issuer.
+ * Returns 1 on success, 0 otherwise.
+ */
+int CT_POLICY_EVAL_CTX_set1_issuer(CT_POLICY_EVAL_CTX *ctx, X509 *issuer);
+
+/* Gets the CT logs that are trusted sources of SCTs */
+const CTLOG_STORE *CT_POLICY_EVAL_CTX_get0_log_store(const CT_POLICY_EVAL_CTX *ctx);
+
+/* Sets the log store that is in use. It must outlive the CT_POLICY_EVAL_CTX. */
+void CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE(CT_POLICY_EVAL_CTX *ctx,
+ CTLOG_STORE *log_store);
+
+/*
+ * Gets the time, in milliseconds since the Unix epoch, that will be used as the
+ * current time when checking whether an SCT was issued in the future.
+ * Such SCTs will fail validation, as required by RFC6962.
+ */
+uint64_t CT_POLICY_EVAL_CTX_get_time(const CT_POLICY_EVAL_CTX *ctx);
+
+/*
+ * Sets the time to evaluate SCTs against, in milliseconds since the Unix epoch.
+ * If an SCT's timestamp is after this time, it will be interpreted as having
+ * been issued in the future. RFC6962 states that "TLS clients MUST reject SCTs
+ * whose timestamp is in the future", so an SCT will not validate in this case.
+ */
+void CT_POLICY_EVAL_CTX_set_time(CT_POLICY_EVAL_CTX *ctx, uint64_t time_in_ms);
+
+/*****************
+ * SCT functions *
+ *****************/
+
+/*
+ * Creates a new, blank SCT.
+ * The caller is responsible for calling SCT_free when finished with the SCT.
+ */
+SCT *SCT_new(void);
+
+/*
+ * Creates a new SCT from some base64-encoded strings.
+ * The caller is responsible for calling SCT_free when finished with the SCT.
+ */
+SCT *SCT_new_from_base64(unsigned char version,
+ const char *logid_base64,
+ ct_log_entry_type_t entry_type,
+ uint64_t timestamp,
+ const char *extensions_base64,
+ const char *signature_base64);
+
+/*
+ * Frees the SCT and the underlying data structures.
+ */
+void SCT_free(SCT *sct);
+
+/*
+ * Free a stack of SCTs, and the underlying SCTs themselves.
+ * Intended to be compatible with X509V3_EXT_FREE.
+ */
+void SCT_LIST_free(STACK_OF(SCT) *a);
+
+/*
+ * Returns the version of the SCT.
+ */
+sct_version_t SCT_get_version(const SCT *sct);
+
+/*
+ * Set the version of an SCT.
+ * Returns 1 on success, 0 if the version is unrecognized.
+ */
+__owur int SCT_set_version(SCT *sct, sct_version_t version);
+
+/*
+ * Returns the log entry type of the SCT.
+ */
+ct_log_entry_type_t SCT_get_log_entry_type(const SCT *sct);
+
+/*
+ * Set the log entry type of an SCT.
+ * Returns 1 on success, 0 otherwise.
+ */
+__owur int SCT_set_log_entry_type(SCT *sct, ct_log_entry_type_t entry_type);
+
+/*
+ * Gets the ID of the log that an SCT came from.
+ * Ownership of the log ID remains with the SCT.
+ * Returns the length of the log ID.
+ */
+size_t SCT_get0_log_id(const SCT *sct, unsigned char **log_id);
+
+/*
+ * Set the log ID of an SCT to point directly to the *log_id specified.
+ * The SCT takes ownership of the specified pointer.
+ * Returns 1 on success, 0 otherwise.
+ */
+__owur int SCT_set0_log_id(SCT *sct, unsigned char *log_id, size_t log_id_len);
+
+/*
+ * Set the log ID of an SCT.
+ * This makes a copy of the log_id.
+ * Returns 1 on success, 0 otherwise.
+ */
+__owur int SCT_set1_log_id(SCT *sct, const unsigned char *log_id,
+ size_t log_id_len);
+
+/*
+ * Returns the timestamp for the SCT (epoch time in milliseconds).
+ */
+uint64_t SCT_get_timestamp(const SCT *sct);
+
+/*
+ * Set the timestamp of an SCT (epoch time in milliseconds).
+ */
+void SCT_set_timestamp(SCT *sct, uint64_t timestamp);
+
+/*
+ * Return the NID for the signature used by the SCT.
+ * For CT v1, this will be either NID_sha256WithRSAEncryption or
+ * NID_ecdsa_with_SHA256 (or NID_undef if incorrect/unset).
+ */
+int SCT_get_signature_nid(const SCT *sct);
+
+/*
+ * Set the signature type of an SCT
+ * For CT v1, this should be either NID_sha256WithRSAEncryption or
+ * NID_ecdsa_with_SHA256.
+ * Returns 1 on success, 0 otherwise.
+ */
+__owur int SCT_set_signature_nid(SCT *sct, int nid);
+
+/*
+ * Set *ext to point to the extension data for the SCT. ext must not be NULL.
+ * The SCT retains ownership of this pointer.
+ * Returns length of the data pointed to.
+ */
+size_t SCT_get0_extensions(const SCT *sct, unsigned char **ext);
+
+/*
+ * Set the extensions of an SCT to point directly to the *ext specified.
+ * The SCT takes ownership of the specified pointer.
+ */
+void SCT_set0_extensions(SCT *sct, unsigned char *ext, size_t ext_len);
+
+/*
+ * Set the extensions of an SCT.
+ * This takes a copy of the ext.
+ * Returns 1 on success, 0 otherwise.
+ */
+__owur int SCT_set1_extensions(SCT *sct, const unsigned char *ext,
+ size_t ext_len);
+
+/*
+ * Set *sig to point to the signature for the SCT. sig must not be NULL.
+ * The SCT retains ownership of this pointer.
+ * Returns length of the data pointed to.
+ */
+size_t SCT_get0_signature(const SCT *sct, unsigned char **sig);
+
+/*
+ * Set the signature of an SCT to point directly to the *sig specified.
+ * The SCT takes ownership of the specified pointer.
+ */
+void SCT_set0_signature(SCT *sct, unsigned char *sig, size_t sig_len);
+
+/*
+ * Set the signature of an SCT to be a copy of the *sig specified.
+ * Returns 1 on success, 0 otherwise.
+ */
+__owur int SCT_set1_signature(SCT *sct, const unsigned char *sig,
+ size_t sig_len);
+
+/*
+ * The origin of this SCT, e.g. TLS extension, OCSP response, etc.
+ */
+sct_source_t SCT_get_source(const SCT *sct);
+
+/*
+ * Set the origin of this SCT, e.g. TLS extension, OCSP response, etc.
+ * Returns 1 on success, 0 otherwise.
+ */
+__owur int SCT_set_source(SCT *sct, sct_source_t source);
+
+/*
+ * Returns a text string describing the validation status of |sct|.
+ */
+const char *SCT_validation_status_string(const SCT *sct);
+
+/*
+ * Pretty-prints an |sct| to |out|.
+ * It will be indented by the number of spaces specified by |indent|.
+ * If |logs| is not NULL, it will be used to lookup the CT log that the SCT came
+ * from, so that the log name can be printed.
+ */
+void SCT_print(const SCT *sct, BIO *out, int indent, const CTLOG_STORE *logs);
+
+/*
+ * Pretty-prints an |sct_list| to |out|.
+ * It will be indented by the number of spaces specified by |indent|.
+ * SCTs will be delimited by |separator|.
+ * If |logs| is not NULL, it will be used to lookup the CT log that each SCT
+ * came from, so that the log names can be printed.
+ */
+void SCT_LIST_print(const STACK_OF(SCT) *sct_list, BIO *out, int indent,
+ const char *separator, const CTLOG_STORE *logs);
+
+/*
+ * Gets the last result of validating this SCT.
+ * If it has not been validated yet, returns SCT_VALIDATION_STATUS_NOT_SET.
+ */
+sct_validation_status_t SCT_get_validation_status(const SCT *sct);
+
+/*
+ * Validates the given SCT with the provided context.
+ * Sets the "validation_status" field of the SCT.
+ * Returns 1 if the SCT is valid and the signature verifies.
+ * Returns 0 if the SCT is invalid or could not be verified.
+ * Returns -1 if an error occurs.
+ */
+__owur int SCT_validate(SCT *sct, const CT_POLICY_EVAL_CTX *ctx);
+
+/*
+ * Validates the given list of SCTs with the provided context.
+ * Sets the "validation_status" field of each SCT.
+ * Returns 1 if there are no invalid SCTs and all signatures verify.
+ * Returns 0 if at least one SCT is invalid or could not be verified.
+ * Returns a negative integer if an error occurs.
+ */
+__owur int SCT_LIST_validate(const STACK_OF(SCT) *scts,
+ CT_POLICY_EVAL_CTX *ctx);
+
+
+/*********************************
+ * SCT parsing and serialisation *
+ *********************************/
+
+/*
+ * Serialize (to TLS format) a stack of SCTs and return the length.
+ * "a" must not be NULL.
+ * If "pp" is NULL, just return the length of what would have been serialized.
+ * If "pp" is not NULL and "*pp" is null, function will allocate a new pointer
+ * for data that caller is responsible for freeing (only if function returns
+ * successfully).
+ * If "pp" is NULL and "*pp" is not NULL, caller is responsible for ensuring
+ * that "*pp" is large enough to accept all of the serialized data.
+ * Returns < 0 on error, >= 0 indicating bytes written (or would have been)
+ * on success.
+ */
+__owur int i2o_SCT_LIST(const STACK_OF(SCT) *a, unsigned char **pp);
+
+/*
+ * Convert TLS format SCT list to a stack of SCTs.
+ * If "a" or "*a" is NULL, a new stack will be created that the caller is
+ * responsible for freeing (by calling SCT_LIST_free).
+ * "**pp" and "*pp" must not be NULL.
+ * Upon success, "*pp" will point to after the last bytes read, and a stack
+ * will be returned.
+ * Upon failure, a NULL pointer will be returned, and the position of "*pp" is
+ * not defined.
+ */
+STACK_OF(SCT) *o2i_SCT_LIST(STACK_OF(SCT) **a, const unsigned char **pp,
+ size_t len);
+
+/*
+ * Serialize (to DER format) a stack of SCTs and return the length.
+ * "a" must not be NULL.
+ * If "pp" is NULL, just returns the length of what would have been serialized.
+ * If "pp" is not NULL and "*pp" is null, function will allocate a new pointer
+ * for data that caller is responsible for freeing (only if function returns
+ * successfully).
+ * If "pp" is NULL and "*pp" is not NULL, caller is responsible for ensuring
+ * that "*pp" is large enough to accept all of the serialized data.
+ * Returns < 0 on error, >= 0 indicating bytes written (or would have been)
+ * on success.
+ */
+__owur int i2d_SCT_LIST(const STACK_OF(SCT) *a, unsigned char **pp);
+
+/*
+ * Parses an SCT list in DER format and returns it.
+ * If "a" or "*a" is NULL, a new stack will be created that the caller is
+ * responsible for freeing (by calling SCT_LIST_free).
+ * "**pp" and "*pp" must not be NULL.
+ * Upon success, "*pp" will point to after the last bytes read, and a stack
+ * will be returned.
+ * Upon failure, a NULL pointer will be returned, and the position of "*pp" is
+ * not defined.
+ */
+STACK_OF(SCT) *d2i_SCT_LIST(STACK_OF(SCT) **a, const unsigned char **pp,
+ long len);
+
+/*
+ * Serialize (to TLS format) an |sct| and write it to |out|.
+ * If |out| is null, no SCT will be output but the length will still be returned.
+ * If |out| points to a null pointer, a string will be allocated to hold the
+ * TLS-format SCT. It is the responsibility of the caller to free it.
+ * If |out| points to an allocated string, the TLS-format SCT will be written
+ * to it.
+ * The length of the SCT in TLS format will be returned.
+ */
+__owur int i2o_SCT(const SCT *sct, unsigned char **out);
+
+/*
+ * Parses an SCT in TLS format and returns it.
+ * If |psct| is not null, it will end up pointing to the parsed SCT. If it
+ * already points to a non-null pointer, the pointer will be free'd.
+ * |in| should be a pointer to a string containing the TLS-format SCT.
+ * |in| will be advanced to the end of the SCT if parsing succeeds.
+ * |len| should be the length of the SCT in |in|.
+ * Returns NULL if an error occurs.
+ * If the SCT is an unsupported version, only the SCT's 'sct' and 'sct_len'
+ * fields will be populated (with |in| and |len| respectively).
+ */
+SCT *o2i_SCT(SCT **psct, const unsigned char **in, size_t len);
+
+/********************
+ * CT log functions *
+ ********************/
+
+/*
+ * Creates a new CT log instance with the given |public_key| and |name| and
+ * associates it with the give library context |libctx| and property query
+ * string |propq|.
+ * Takes ownership of |public_key| but copies |name|.
+ * Returns NULL if malloc fails or if |public_key| cannot be converted to DER.
+ * Should be deleted by the caller using CTLOG_free when no longer needed.
+ */
+CTLOG *CTLOG_new_with_libctx(EVP_PKEY *public_key, const char *name,
+ OPENSSL_CTX *libctx, const char *propq);
+
+/*
+ * The same as CTLOG_new_with_libctx except that the default library context and
+ * property query string are used.
+ */
+CTLOG *CTLOG_new(EVP_PKEY *public_key, const char *name);
+
+/*
+ * Creates a new CTLOG instance with the base64-encoded SubjectPublicKeyInfo DER
+ * in |pkey_base64| and associated with the given library context |libctx| and
+ * property query string |propq|. The |name| is a string to help users identify
+ * this log.
+ * Returns 1 on success, 0 on failure.
+ * Should be deleted by the caller using CTLOG_free when no longer needed.
+ */
+int CTLOG_new_from_base64_with_libctx(CTLOG **ct_log, const char *pkey_base64,
+ const char *name, OPENSSL_CTX *libctx,
+ const char *propq);
+
+/*
+ * The same as CTLOG_new_from_base64_with_libctx() except that the default
+ * library context and property query string are used.
+ * Returns 1 on success, 0 on failure.
+ */
+int CTLOG_new_from_base64(CTLOG ** ct_log,
+ const char *pkey_base64, const char *name);
+
+/*
+ * Deletes a CT log instance and its fields.
+ */
+void CTLOG_free(CTLOG *log);
+
+/* Gets the name of the CT log */
+const char *CTLOG_get0_name(const CTLOG *log);
+/* Gets the ID of the CT log */
+void CTLOG_get0_log_id(const CTLOG *log, const uint8_t **log_id,
+ size_t *log_id_len);
+/* Gets the public key of the CT log */
+EVP_PKEY *CTLOG_get0_public_key(const CTLOG *log);
+
+/**************************
+ * CT log store functions *
+ **************************/
+
+/*
+ * Creates a new CT log store and associates it with the given libctx and
+ * property query string.
+ * Should be deleted by the caller using CTLOG_STORE_free when no longer needed.
+ */
+CTLOG_STORE *CTLOG_STORE_new_with_libctx(OPENSSL_CTX *libctx, const char *propq);
+
+/*
+ * Same as CTLOG_STORE_new_with_libctx except that the default libctx and
+ * property query string are used.
+ * Should be deleted by the caller using CTLOG_STORE_free when no longer needed.
+ */
+CTLOG_STORE *CTLOG_STORE_new(void);
+
+/*
+ * Deletes a CT log store and all of the CT log instances held within.
+ */
+void CTLOG_STORE_free(CTLOG_STORE *store);
+
+/*
+ * Finds a CT log in the store based on its log ID.
+ * Returns the CT log, or NULL if no match is found.
+ */
+const CTLOG *CTLOG_STORE_get0_log_by_id(const CTLOG_STORE *store,
+ const uint8_t *log_id,
+ size_t log_id_len);
+
+/*
+ * Loads a CT log list into a |store| from a |file|.
+ * Returns 1 if loading is successful, or 0 otherwise.
+ */
+__owur int CTLOG_STORE_load_file(CTLOG_STORE *store, const char *file);
+
+/*
+ * Loads the default CT log list into a |store|.
+ * Returns 1 if loading is successful, or 0 otherwise.
+ */
+__owur int CTLOG_STORE_load_default_file(CTLOG_STORE *store);
+
+# ifdef __cplusplus
+}
+# endif
+# endif
+#endif
diff --git a/openssl/include/openssl/cterr.h b/openssl/include/openssl/cterr.h new file mode 100644 index 00000000..67f10e91 --- /dev/null +++ b/openssl/include/openssl/cterr.h @@ -0,0 +1,83 @@ +/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_CTERR_H
+# define OPENSSL_CTERR_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_CT
+
+# ifdef __cplusplus
+extern "C"
+# endif
+int ERR_load_CT_strings(void);
+
+/*
+ * CT function codes.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define CT_F_CTLOG_NEW 0
+# define CT_F_CTLOG_NEW_FROM_BASE64 0
+# define CT_F_CTLOG_NEW_FROM_CONF 0
+# define CT_F_CTLOG_STORE_LOAD_CTX_NEW 0
+# define CT_F_CTLOG_STORE_LOAD_FILE 0
+# define CT_F_CTLOG_STORE_LOAD_LOG 0
+# define CT_F_CTLOG_STORE_NEW 0
+# define CT_F_CT_BASE64_DECODE 0
+# define CT_F_CT_POLICY_EVAL_CTX_NEW 0
+# define CT_F_CT_V1_LOG_ID_FROM_PKEY 0
+# define CT_F_I2O_SCT 0
+# define CT_F_I2O_SCT_LIST 0
+# define CT_F_I2O_SCT_SIGNATURE 0
+# define CT_F_O2I_SCT 0
+# define CT_F_O2I_SCT_LIST 0
+# define CT_F_O2I_SCT_SIGNATURE 0
+# define CT_F_SCT_CTX_NEW 0
+# define CT_F_SCT_CTX_VERIFY 0
+# define CT_F_SCT_NEW 0
+# define CT_F_SCT_NEW_FROM_BASE64 0
+# define CT_F_SCT_SET0_LOG_ID 0
+# define CT_F_SCT_SET1_EXTENSIONS 0
+# define CT_F_SCT_SET1_LOG_ID 0
+# define CT_F_SCT_SET1_SIGNATURE 0
+# define CT_F_SCT_SET_LOG_ENTRY_TYPE 0
+# define CT_F_SCT_SET_SIGNATURE_NID 0
+# define CT_F_SCT_SET_VERSION 0
+# endif
+
+/*
+ * CT reason codes.
+ */
+# define CT_R_BASE64_DECODE_ERROR 108
+# define CT_R_INVALID_LOG_ID_LENGTH 100
+# define CT_R_LOG_CONF_INVALID 109
+# define CT_R_LOG_CONF_INVALID_KEY 110
+# define CT_R_LOG_CONF_MISSING_DESCRIPTION 111
+# define CT_R_LOG_CONF_MISSING_KEY 112
+# define CT_R_LOG_KEY_INVALID 113
+# define CT_R_SCT_FUTURE_TIMESTAMP 116
+# define CT_R_SCT_INVALID 104
+# define CT_R_SCT_INVALID_SIGNATURE 107
+# define CT_R_SCT_LIST_INVALID 105
+# define CT_R_SCT_LOG_ID_MISMATCH 114
+# define CT_R_SCT_NOT_SET 106
+# define CT_R_SCT_UNSUPPORTED_VERSION 115
+# define CT_R_UNRECOGNIZED_SIGNATURE_NID 101
+# define CT_R_UNSUPPORTED_ENTRY_TYPE 102
+# define CT_R_UNSUPPORTED_VERSION 103
+
+# endif
+#endif
diff --git a/openssl/include/openssl/des.h b/openssl/include/openssl/des.h new file mode 100644 index 00000000..fe27c6f2 --- /dev/null +++ b/openssl/include/openssl/des.h @@ -0,0 +1,207 @@ +/*
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_DES_H
+# define OPENSSL_DES_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_DES_H
+# endif
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_DES
+# ifdef __cplusplus
+extern "C" {
+# endif
+# include <openssl/e_os2.h>
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+typedef unsigned int DES_LONG;
+
+# ifdef OPENSSL_BUILD_SHLIBCRYPTO
+# undef OPENSSL_EXTERN
+# define OPENSSL_EXTERN OPENSSL_EXPORT
+# endif
+
+typedef unsigned char DES_cblock[8];
+typedef /* const */ unsigned char const_DES_cblock[8];
+/*
+ * With "const", gcc 2.8.1 on Solaris thinks that DES_cblock * and
+ * const_DES_cblock * are incompatible pointer types.
+ */
+
+typedef struct DES_ks {
+ union {
+ DES_cblock cblock;
+ /*
+ * make sure things are correct size on machines with 8 byte longs
+ */
+ DES_LONG deslong[2];
+ } ks[16];
+} DES_key_schedule;
+
+# define DES_KEY_SZ (sizeof(DES_cblock))
+# define DES_SCHEDULE_SZ (sizeof(DES_key_schedule))
+
+# define DES_ENCRYPT 1
+# define DES_DECRYPT 0
+
+# define DES_CBC_MODE 0
+# define DES_PCBC_MODE 1
+
+# define DES_ecb2_encrypt(i,o,k1,k2,e) \
+ DES_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
+
+# define DES_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
+ DES_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
+
+# define DES_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
+ DES_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
+
+# define DES_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
+ DES_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
+
+# define DES_fixup_key_parity DES_set_odd_parity
+# endif
+
+DEPRECATEDIN_3_0(const char *DES_options(void))
+DEPRECATEDIN_3_0(void DES_ecb3_encrypt(const_DES_cblock *input,
+ DES_cblock *output,
+ DES_key_schedule *ks1,
+ DES_key_schedule *ks2,
+ DES_key_schedule *ks3, int enc))
+DEPRECATEDIN_3_0(DES_LONG DES_cbc_cksum(const unsigned char *input,
+ DES_cblock *output, long length,
+ DES_key_schedule *schedule,
+ const_DES_cblock *ivec))
+/* DES_cbc_encrypt does not update the IV! Use DES_ncbc_encrypt instead. */
+DEPRECATEDIN_3_0(void DES_cbc_encrypt(const unsigned char *input,
+ unsigned char *output, long length,
+ DES_key_schedule *schedule,
+ DES_cblock *ivec, int enc))
+DEPRECATEDIN_3_0(void DES_ncbc_encrypt(const unsigned char *input,
+ unsigned char *output, long length,
+ DES_key_schedule *schedule,
+ DES_cblock *ivec, int enc))
+DEPRECATEDIN_3_0(void DES_xcbc_encrypt(const unsigned char *input,
+ unsigned char *output, long length,
+ DES_key_schedule *schedule,
+ DES_cblock *ivec, const_DES_cblock *inw,
+ const_DES_cblock *outw, int enc))
+DEPRECATEDIN_3_0(void DES_cfb_encrypt(const unsigned char *in,
+ unsigned char *out, int numbits,
+ long length, DES_key_schedule *schedule,
+ DES_cblock *ivec, int enc))
+DEPRECATEDIN_3_0(void DES_ecb_encrypt(const_DES_cblock *input,
+ DES_cblock *output, DES_key_schedule *ks,
+ int enc))
+
+/*
+ * This is the DES encryption function that gets called by just about every
+ * other DES routine in the library. You should not use this function except
+ * to implement 'modes' of DES. I say this because the functions that call
+ * this routine do the conversion from 'char *' to long, and this needs to be
+ * done to make sure 'non-aligned' memory access do not occur. The
+ * characters are loaded 'little endian'. Data is a pointer to 2 unsigned
+ * long's and ks is the DES_key_schedule to use. enc, is non zero specifies
+ * encryption, zero if decryption.
+ */
+DEPRECATEDIN_3_0(void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks,
+ int enc))
+
+/*
+ * This functions is the same as DES_encrypt1() except that the DES initial
+ * permutation (IP) and final permutation (FP) have been left out. As for
+ * DES_encrypt1(), you should not use this function. It is used by the
+ * routines in the library that implement triple DES. IP() DES_encrypt2()
+ * DES_encrypt2() DES_encrypt2() FP() is the same as DES_encrypt1()
+ * DES_encrypt1() DES_encrypt1() except faster :-).
+ */
+DEPRECATEDIN_3_0(void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks,
+ int enc))
+
+DEPRECATEDIN_3_0(void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1,
+ DES_key_schedule *ks2, DES_key_schedule *ks3))
+DEPRECATEDIN_3_0(void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1,
+ DES_key_schedule *ks2, DES_key_schedule *ks3))
+DEPRECATEDIN_3_0(void DES_ede3_cbc_encrypt(const unsigned char *input,
+ unsigned char *output, long length,
+ DES_key_schedule *ks1,
+ DES_key_schedule *ks2,
+ DES_key_schedule *ks3,
+ DES_cblock *ivec, int enc))
+DEPRECATEDIN_3_0(void DES_ede3_cfb64_encrypt(const unsigned char *in,
+ unsigned char *out, long length,
+ DES_key_schedule *ks1,
+ DES_key_schedule *ks2,
+ DES_key_schedule *ks3,
+ DES_cblock *ivec, int *num,
+ int enc))
+DEPRECATEDIN_3_0(void DES_ede3_cfb_encrypt(const unsigned char *in,
+ unsigned char *out, int numbits,
+ long length, DES_key_schedule *ks1,
+ DES_key_schedule *ks2,
+ DES_key_schedule *ks3,
+ DES_cblock *ivec, int enc))
+DEPRECATEDIN_3_0(void DES_ede3_ofb64_encrypt(const unsigned char *in,
+ unsigned char *out, long length,
+ DES_key_schedule *ks1,
+ DES_key_schedule *ks2,
+ DES_key_schedule *ks3,
+ DES_cblock *ivec, int *num))
+DEPRECATEDIN_3_0(char *DES_fcrypt(const char *buf, const char *salt, char *ret))
+DEPRECATEDIN_3_0(char *DES_crypt(const char *buf, const char *salt))
+DEPRECATEDIN_3_0(void DES_ofb_encrypt(const unsigned char *in,
+ unsigned char *out, int numbits,
+ long length, DES_key_schedule *schedule,
+ DES_cblock *ivec))
+DEPRECATEDIN_3_0(void DES_pcbc_encrypt(const unsigned char *input,
+ unsigned char *output, long length,
+ DES_key_schedule *schedule,
+ DES_cblock *ivec, int enc))
+DEPRECATEDIN_3_0(DES_LONG DES_quad_cksum(const unsigned char *input,
+ DES_cblock output[], long length,
+ int out_count, DES_cblock *seed))
+DEPRECATEDIN_3_0(int DES_random_key(DES_cblock *ret))
+DEPRECATEDIN_3_0(void DES_set_odd_parity(DES_cblock *key))
+DEPRECATEDIN_3_0(int DES_check_key_parity(const_DES_cblock *key))
+DEPRECATEDIN_3_0(int DES_is_weak_key(const_DES_cblock *key))
+/*
+ * DES_set_key (= set_key = DES_key_sched = key_sched) calls
+ * DES_set_key_checked
+ */
+DEPRECATEDIN_3_0(int DES_set_key(const_DES_cblock *key,
+ DES_key_schedule *schedule))
+DEPRECATEDIN_3_0(int DES_key_sched(const_DES_cblock *key,
+ DES_key_schedule *schedule))
+DEPRECATEDIN_3_0(int DES_set_key_checked(const_DES_cblock *key,
+ DES_key_schedule *schedule))
+DEPRECATEDIN_3_0(void DES_set_key_unchecked(const_DES_cblock *key,
+ DES_key_schedule *schedule))
+DEPRECATEDIN_3_0(void DES_string_to_key(const char *str, DES_cblock *key))
+DEPRECATEDIN_3_0(void DES_string_to_2keys(const char *str, DES_cblock *key1,
+ DES_cblock *key2))
+DEPRECATEDIN_3_0(void DES_cfb64_encrypt(const unsigned char *in,
+ unsigned char *out, long length,
+ DES_key_schedule *schedule,
+ DES_cblock *ivec, int *num, int enc))
+DEPRECATEDIN_3_0(void DES_ofb64_encrypt(const unsigned char *in,
+ unsigned char *out, long length,
+ DES_key_schedule *schedule,
+ DES_cblock *ivec, int *num))
+
+# ifdef __cplusplus
+}
+# endif
+# endif
+
+#endif
diff --git a/openssl/include/openssl/dh.h b/openssl/include/openssl/dh.h new file mode 100644 index 00000000..f47816d5 --- /dev/null +++ b/openssl/include/openssl/dh.h @@ -0,0 +1,352 @@ +/*
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_DH_H
+# define OPENSSL_DH_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_DH_H
+# endif
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_DH
+# include <openssl/e_os2.h>
+# include <openssl/bio.h>
+# include <openssl/asn1.h>
+# include <openssl/types.h>
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# include <openssl/bn.h>
+# endif
+# include <openssl/dherr.h>
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+# ifndef OPENSSL_DH_MAX_MODULUS_BITS
+# define OPENSSL_DH_MAX_MODULUS_BITS 10000
+# endif
+
+# define OPENSSL_DH_FIPS_MIN_MODULUS_BITS 1024
+
+# define DH_FLAG_CACHE_MONT_P 0x01
+
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+/*
+ * Does nothing. Previously this switched off constant time behaviour.
+ */
+# define DH_FLAG_NO_EXP_CONSTTIME 0x00
+# endif
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+/*
+ * If this flag is set the DH method is FIPS compliant and can be used in
+ * FIPS mode. This is set in the validated module method. If an application
+ * sets this flag in its own methods it is its responsibility to ensure the
+ * result is compliant.
+ */
+
+# define DH_FLAG_FIPS_METHOD 0x0400
+
+/*
+ * If this flag is set the operations normally disabled in FIPS mode are
+ * permitted it is then the applications responsibility to ensure that the
+ * usage is compliant.
+ */
+
+# define DH_FLAG_NON_FIPS_ALLOW 0x0400
+# endif
+
+/* Already defined in ossl_typ.h */
+/* typedef struct dh_st DH; */
+/* typedef struct dh_method DH_METHOD; */
+
+DECLARE_ASN1_ITEM(DHparams)
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define DH_GENERATOR_2 2
+# define DH_GENERATOR_3 3
+# define DH_GENERATOR_5 5
+
+/* DH_check error codes */
+/*
+ * NB: These values must align with the equivalently named macros in
+ * internal/ffc.h.
+ */
+# define DH_CHECK_P_NOT_PRIME 0x01
+# define DH_CHECK_P_NOT_SAFE_PRIME 0x02
+# define DH_UNABLE_TO_CHECK_GENERATOR 0x04
+# define DH_NOT_SUITABLE_GENERATOR 0x08
+# define DH_CHECK_Q_NOT_PRIME 0x10
+# define DH_CHECK_INVALID_Q_VALUE 0x20
+# define DH_CHECK_INVALID_J_VALUE 0x40
+# define DH_MODULUS_TOO_SMALL 0x80
+# define DH_MODULUS_TOO_LARGE 0x100
+
+/* DH_check_pub_key error codes */
+# define DH_CHECK_PUBKEY_TOO_SMALL 0x01
+# define DH_CHECK_PUBKEY_TOO_LARGE 0x02
+# define DH_CHECK_PUBKEY_INVALID 0x04
+
+/*
+ * primes p where (p-1)/2 is prime too are called "safe"; we define this for
+ * backward compatibility:
+ */
+# define DH_CHECK_P_NOT_STRONG_PRIME DH_CHECK_P_NOT_SAFE_PRIME
+
+/* DH parameter generation types used by EVP_PKEY_CTX_set_dh_paramgen_type() */
+# define DH_PARAMGEN_TYPE_GENERATOR 0 /* Use a safe prime generator */
+# define DH_PARAMGEN_TYPE_FIPS_186_2 1 /* Use FIPS186-2 standard */
+# define DH_PARAMGEN_TYPE_FIPS_186_4 2 /* Use FIPS186-4 standard */
+# define DH_PARAMGEN_TYPE_GROUP 3 /* Use a named safe prime group */
+
+# define d2i_DHparams_fp(fp, x) \
+ (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
+ (char *(*)())d2i_DHparams, \
+ (fp), \
+ (unsigned char **)(x))
+# define i2d_DHparams_fp(fp, x) \
+ ASN1_i2d_fp(i2d_DHparams,(fp), (unsigned char *)(x))
+# define d2i_DHparams_bio(bp, x) \
+ ASN1_d2i_bio_of(DH, DH_new, d2i_DHparams, bp, x)
+# define i2d_DHparams_bio(bp, x) \
+ ASN1_i2d_bio_of(DH, i2d_DHparams, bp, x)
+
+# define d2i_DHxparams_fp(fp,x) \
+ (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
+ (char *(*)())d2i_DHxparams, \
+ (fp), \
+ (unsigned char **)(x))
+# define i2d_DHxparams_fp(fp, x) \
+ ASN1_i2d_fp(i2d_DHxparams,(fp), (unsigned char *)(x))
+# define d2i_DHxparams_bio(bp, x) \
+ ASN1_d2i_bio_of(DH, DH_new, d2i_DHxparams, bp, x)
+# define i2d_DHxparams_bio(bp, x) \
+ ASN1_i2d_bio_of(DH, i2d_DHxparams, bp, x)
+# endif
+
+DECLARE_ASN1_DUP_FUNCTION_name(DH, DHparams)
+
+DEPRECATEDIN_3_0(const DH_METHOD *DH_OpenSSL(void))
+
+DEPRECATEDIN_3_0(void DH_set_default_method(const DH_METHOD *meth))
+DEPRECATEDIN_3_0(const DH_METHOD *DH_get_default_method(void))
+DEPRECATEDIN_3_0(int DH_set_method(DH *dh, const DH_METHOD *meth))
+DEPRECATEDIN_3_0(DH *DH_new_method(ENGINE *engine))
+
+DH *DH_new(void);
+void DH_free(DH *dh);
+int DH_up_ref(DH *dh);
+int DH_bits(const DH *dh);
+DEPRECATEDIN_3_0(int DH_size(const DH *dh))
+DEPRECATEDIN_3_0(int DH_security_bits(const DH *dh))
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define DH_get_ex_new_index(l, p, newf, dupf, freef) \
+ CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DH, l, p, newf, dupf, freef)
+# endif
+DEPRECATEDIN_3_0(int DH_set_ex_data(DH *d, int idx, void *arg))
+DEPRECATEDIN_3_0(void *DH_get_ex_data(const DH *d, int idx))
+
+/* Deprecated version */
+DEPRECATEDIN_0_9_8(DH *DH_generate_parameters(int prime_len, int generator,
+ void (*callback) (int, int,
+ void *),
+ void *cb_arg))
+
+/* New version */
+DEPRECATEDIN_3_0(int DH_generate_parameters_ex(DH *dh, int prime_len,
+ int generator, BN_GENCB *cb))
+
+DEPRECATEDIN_3_0(int DH_check_params_ex(const DH *dh))
+DEPRECATEDIN_3_0(int DH_check_ex(const DH *dh))
+DEPRECATEDIN_3_0(int DH_check_pub_key_ex(const DH *dh, const BIGNUM *pub_key))
+/*
+ * TODO(3.0): deprecate DH_check_params once ssl/statem/statem_clnt.c is fixed.
+ */
+int DH_check_params(const DH *dh, int *ret);
+DEPRECATEDIN_3_0(int DH_check(const DH *dh, int *codes))
+DEPRECATEDIN_3_0(int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key,
+ int *codes))
+DEPRECATEDIN_3_0(int DH_generate_key(DH *dh))
+DEPRECATEDIN_3_0(int DH_compute_key(unsigned char *key, const BIGNUM *pub_key,
+ DH *dh))
+DEPRECATEDIN_3_0(int DH_compute_key_padded(unsigned char *key,
+ const BIGNUM *pub_key, DH *dh))
+DECLARE_ASN1_ENCODE_FUNCTIONS_only(DH, DHparams)
+DECLARE_ASN1_ENCODE_FUNCTIONS_only(DH, DHxparams)
+# ifndef OPENSSL_NO_STDIO
+DEPRECATEDIN_3_0(int DHparams_print_fp(FILE *fp, const DH *x))
+# endif
+DEPRECATEDIN_3_0(int DHparams_print(BIO *bp, const DH *x))
+
+/* RFC 5114 parameters */
+DH *DH_get_1024_160(void);
+DH *DH_get_2048_224(void);
+DH *DH_get_2048_256(void);
+
+/* Named parameters, currently RFC7919 and RFC3526 */
+/* TODO(3.0): deprecate DH_new_by_nid() after converting ssl/s3_lib.c */
+DH *DH_new_by_nid(int nid);
+DEPRECATEDIN_3_0(int DH_get_nid(const DH *dh))
+
+# ifndef OPENSSL_NO_CMS
+/* RFC2631 KDF */
+DEPRECATEDIN_3_0(int DH_KDF_X9_42(unsigned char *out, size_t outlen,
+ const unsigned char *Z, size_t Zlen,
+ ASN1_OBJECT *key_oid,
+ const unsigned char *ukm,
+ size_t ukmlen, const EVP_MD *md))
+# endif
+
+void DH_get0_pqg(const DH *dh,
+ const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
+int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+void DH_get0_key(const DH *dh,
+ const BIGNUM **pub_key, const BIGNUM **priv_key);
+int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key);
+const BIGNUM *DH_get0_p(const DH *dh);
+const BIGNUM *DH_get0_q(const DH *dh);
+const BIGNUM *DH_get0_g(const DH *dh);
+const BIGNUM *DH_get0_priv_key(const DH *dh);
+const BIGNUM *DH_get0_pub_key(const DH *dh);
+void DH_clear_flags(DH *dh, int flags);
+int DH_test_flags(const DH *dh, int flags);
+void DH_set_flags(DH *dh, int flags);
+DEPRECATEDIN_3_0(ENGINE *DH_get0_engine(DH *d))
+long DH_get_length(const DH *dh);
+int DH_set_length(DH *dh, long length);
+
+DEPRECATEDIN_3_0(DH_METHOD *DH_meth_new(const char *name, int flags))
+DEPRECATEDIN_3_0(void DH_meth_free(DH_METHOD *dhm))
+DEPRECATEDIN_3_0(DH_METHOD *DH_meth_dup(const DH_METHOD *dhm))
+DEPRECATEDIN_3_0(const char *DH_meth_get0_name(const DH_METHOD *dhm))
+DEPRECATEDIN_3_0(int DH_meth_set1_name(DH_METHOD *dhm, const char *name))
+DEPRECATEDIN_3_0(int DH_meth_get_flags(const DH_METHOD *dhm))
+DEPRECATEDIN_3_0(int DH_meth_set_flags(DH_METHOD *dhm, int flags))
+DEPRECATEDIN_3_0(void *DH_meth_get0_app_data(const DH_METHOD *dhm))
+DEPRECATEDIN_3_0(int DH_meth_set0_app_data(DH_METHOD *dhm, void *app_data))
+DEPRECATEDIN_3_0(int (*DH_meth_get_generate_key(const DH_METHOD *dhm)) (DH *))
+DEPRECATEDIN_3_0(int DH_meth_set_generate_key(DH_METHOD *dhm,
+ int (*generate_key) (DH *)))
+DEPRECATEDIN_3_0(int (*DH_meth_get_compute_key(const DH_METHOD *dhm))
+ (unsigned char *key,
+ const BIGNUM *pub_key, DH *dh))
+DEPRECATEDIN_3_0(int DH_meth_set_compute_key(DH_METHOD *dhm,
+ int (*compute_key)
+ (unsigned char *key,
+ const BIGNUM *pub_key,
+ DH *dh)))
+DEPRECATEDIN_3_0(int (*DH_meth_get_bn_mod_exp(const DH_METHOD *dhm))
+ (const DH *, BIGNUM *,
+ const BIGNUM *,
+ const BIGNUM *,
+ const BIGNUM *, BN_CTX *,
+ BN_MONT_CTX *))
+DEPRECATEDIN_3_0(int DH_meth_set_bn_mod_exp(DH_METHOD *dhm,
+ int (*bn_mod_exp)
+ (const DH *, BIGNUM *,
+ const BIGNUM *, const BIGNUM *,
+ const BIGNUM *, BN_CTX *,
+ BN_MONT_CTX *)))
+DEPRECATEDIN_3_0(int (*DH_meth_get_init(const DH_METHOD *dhm))(DH *))
+DEPRECATEDIN_3_0(int DH_meth_set_init(DH_METHOD *dhm, int (*init)(DH *)))
+DEPRECATEDIN_3_0(int (*DH_meth_get_finish(const DH_METHOD *dhm)) (DH *))
+DEPRECATEDIN_3_0(int DH_meth_set_finish(DH_METHOD *dhm, int (*finish) (DH *)))
+DEPRECATEDIN_3_0(int (*DH_meth_get_generate_params(const DH_METHOD *dhm))
+ (DH *, int, int,
+ BN_GENCB *))
+DEPRECATEDIN_3_0(int DH_meth_set_generate_params(DH_METHOD *dhm,
+ int (*generate_params)
+ (DH *, int, int,
+ BN_GENCB *)))
+
+int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int typ);
+int EVP_PKEY_CTX_set_dh_paramgen_gindex(EVP_PKEY_CTX *ctx, int gindex);
+int EVP_PKEY_CTX_set_dh_paramgen_seed(EVP_PKEY_CTX *ctx,
+ const unsigned char *seed,
+ size_t seedlen);
+int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int pbits);
+int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int qlen);
+int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int gen);
+int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int gen);
+int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+
+# define EVP_PKEY_CTX_set_dh_kdf_type(ctx, kdf) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_DH_KDF_TYPE, kdf, NULL)
+
+# define EVP_PKEY_CTX_get_dh_kdf_type(ctx) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_DH_KDF_TYPE, -2, NULL)
+
+# define EVP_PKEY_CTX_set0_dh_kdf_oid(ctx, oid) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_DH_KDF_OID, 0, (void *)(oid))
+
+# define EVP_PKEY_CTX_get0_dh_kdf_oid(ctx, poid) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_GET_DH_KDF_OID, 0, (void *)(poid))
+
+# define EVP_PKEY_CTX_set_dh_kdf_md(ctx, md) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_DH_KDF_MD, 0, (void *)(md))
+
+# define EVP_PKEY_CTX_get_dh_kdf_md(ctx, pmd) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_GET_DH_KDF_MD, 0, (void *)(pmd))
+
+# define EVP_PKEY_CTX_set_dh_kdf_outlen(ctx, len) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_DH_KDF_OUTLEN, len, NULL)
+
+# define EVP_PKEY_CTX_get_dh_kdf_outlen(ctx, plen) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN, 0, (void *)(plen))
+
+# define EVP_PKEY_CTX_set0_dh_kdf_ukm(ctx, p, plen) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_DH_KDF_UKM, plen, (void *)(p))
+
+# define EVP_PKEY_CTX_get0_dh_kdf_ukm(ctx, p) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_GET_DH_KDF_UKM, 0, (void *)(p))
+
+# define EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN (EVP_PKEY_ALG_CTRL + 1)
+# define EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR (EVP_PKEY_ALG_CTRL + 2)
+# define EVP_PKEY_CTRL_DH_RFC5114 (EVP_PKEY_ALG_CTRL + 3)
+# define EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN (EVP_PKEY_ALG_CTRL + 4)
+# define EVP_PKEY_CTRL_DH_PARAMGEN_TYPE (EVP_PKEY_ALG_CTRL + 5)
+# define EVP_PKEY_CTRL_DH_KDF_TYPE (EVP_PKEY_ALG_CTRL + 6)
+# define EVP_PKEY_CTRL_DH_KDF_MD (EVP_PKEY_ALG_CTRL + 7)
+# define EVP_PKEY_CTRL_GET_DH_KDF_MD (EVP_PKEY_ALG_CTRL + 8)
+# define EVP_PKEY_CTRL_DH_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 9)
+# define EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 10)
+# define EVP_PKEY_CTRL_DH_KDF_UKM (EVP_PKEY_ALG_CTRL + 11)
+# define EVP_PKEY_CTRL_GET_DH_KDF_UKM (EVP_PKEY_ALG_CTRL + 12)
+# define EVP_PKEY_CTRL_DH_KDF_OID (EVP_PKEY_ALG_CTRL + 13)
+# define EVP_PKEY_CTRL_GET_DH_KDF_OID (EVP_PKEY_ALG_CTRL + 14)
+# define EVP_PKEY_CTRL_DH_NID (EVP_PKEY_ALG_CTRL + 15)
+# define EVP_PKEY_CTRL_DH_PAD (EVP_PKEY_ALG_CTRL + 16)
+
+/* KDF types */
+# define EVP_PKEY_DH_KDF_NONE 1
+# ifndef OPENSSL_NO_CMS
+# define EVP_PKEY_DH_KDF_X9_42 2
+# endif
+
+# ifdef __cplusplus
+}
+# endif
+# endif
+#endif
diff --git a/openssl/include/openssl/dherr.h b/openssl/include/openssl/dherr.h new file mode 100644 index 00000000..7d8dd079 --- /dev/null +++ b/openssl/include/openssl/dherr.h @@ -0,0 +1,95 @@ +/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_DHERR_H
+# define OPENSSL_DHERR_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_DH
+
+# ifdef __cplusplus
+extern "C"
+# endif
+int ERR_load_DH_strings(void);
+
+/*
+ * DH function codes.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define DH_F_COMPUTE_KEY 0
+# define DH_F_DHPARAMS_PRINT_FP 0
+# define DH_F_DH_BUF2KEY 0
+# define DH_F_DH_BUILTIN_GENPARAMS 0
+# define DH_F_DH_CHECK_EX 0
+# define DH_F_DH_CHECK_PARAMS_EX 0
+# define DH_F_DH_CHECK_PUB_KEY_EX 0
+# define DH_F_DH_CMS_DECRYPT 0
+# define DH_F_DH_CMS_SET_PEERKEY 0
+# define DH_F_DH_CMS_SET_SHARED_INFO 0
+# define DH_F_DH_KEY2BUF 0
+# define DH_F_DH_METH_DUP 0
+# define DH_F_DH_METH_NEW 0
+# define DH_F_DH_METH_SET1_NAME 0
+# define DH_F_DH_NEW_BY_NID 0
+# define DH_F_DH_NEW_METHOD 0
+# define DH_F_DH_PARAM_DECODE 0
+# define DH_F_DH_PKEY_PUBLIC_CHECK 0
+# define DH_F_DH_PRIV_DECODE 0
+# define DH_F_DH_PRIV_ENCODE 0
+# define DH_F_DH_PUB_DECODE 0
+# define DH_F_DH_PUB_ENCODE 0
+# define DH_F_DO_DH_PRINT 0
+# define DH_F_GENERATE_KEY 0
+# define DH_F_PKEY_DH_CTRL_STR 0
+# define DH_F_PKEY_DH_DERIVE 0
+# define DH_F_PKEY_DH_INIT 0
+# define DH_F_PKEY_DH_KEYGEN 0
+# endif
+
+/*
+ * DH reason codes.
+ */
+# define DH_R_BAD_FFC_PARAMETERS 127
+# define DH_R_BAD_GENERATOR 101
+# define DH_R_BN_DECODE_ERROR 109
+# define DH_R_BN_ERROR 106
+# define DH_R_CHECK_INVALID_J_VALUE 115
+# define DH_R_CHECK_INVALID_Q_VALUE 116
+# define DH_R_CHECK_PUBKEY_INVALID 122
+# define DH_R_CHECK_PUBKEY_TOO_LARGE 123
+# define DH_R_CHECK_PUBKEY_TOO_SMALL 124
+# define DH_R_CHECK_P_NOT_PRIME 117
+# define DH_R_CHECK_P_NOT_SAFE_PRIME 118
+# define DH_R_CHECK_Q_NOT_PRIME 119
+# define DH_R_DECODE_ERROR 104
+# define DH_R_INVALID_PARAMETER_NAME 110
+# define DH_R_INVALID_PARAMETER_NID 114
+# define DH_R_INVALID_PUBKEY 102
+# define DH_R_KDF_PARAMETER_ERROR 112
+# define DH_R_KEYS_NOT_SET 108
+# define DH_R_MISSING_PUBKEY 125
+# define DH_R_MODULUS_TOO_LARGE 103
+# define DH_R_MODULUS_TOO_SMALL 126
+# define DH_R_NOT_SUITABLE_GENERATOR 120
+# define DH_R_NO_PARAMETERS_SET 107
+# define DH_R_NO_PRIVATE_VALUE 100
+# define DH_R_PARAMETER_ENCODING_ERROR 105
+# define DH_R_PEER_KEY_ERROR 111
+# define DH_R_SHARED_INFO_ERROR 113
+# define DH_R_UNABLE_TO_CHECK_GENERATOR 121
+
+# endif
+#endif
diff --git a/openssl/include/openssl/dsa.h b/openssl/include/openssl/dsa.h new file mode 100644 index 00000000..773c5e7a --- /dev/null +++ b/openssl/include/openssl/dsa.h @@ -0,0 +1,268 @@ +/*
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_DSA_H
+# define OPENSSL_DSA_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_DSA_H
+# endif
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_DSA
+# ifdef __cplusplus
+extern "C" {
+# endif
+# include <openssl/e_os2.h>
+# include <openssl/asn1.h>
+# include <openssl/bio.h>
+# include <openssl/crypto.h>
+# include <openssl/types.h>
+# include <openssl/bn.h>
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# include <openssl/dh.h>
+# endif
+# include <openssl/dsaerr.h>
+
+# ifndef OPENSSL_DSA_MAX_MODULUS_BITS
+# define OPENSSL_DSA_MAX_MODULUS_BITS 10000
+# endif
+
+# define OPENSSL_DSA_FIPS_MIN_MODULUS_BITS 1024
+
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+/*
+ * Does nothing. Previously this switched off constant time behaviour.
+ */
+# define DSA_FLAG_NO_EXP_CONSTTIME 0x00
+# endif
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define DSA_FLAG_CACHE_MONT_P 0x01
+
+/*
+ * If this flag is set the DSA method is FIPS compliant and can be used in
+ * FIPS mode. This is set in the validated module method. If an application
+ * sets this flag in its own methods it is its responsibility to ensure the
+ * result is compliant.
+ */
+
+# define DSA_FLAG_FIPS_METHOD 0x0400
+
+/*
+ * If this flag is set the operations normally disabled in FIPS mode are
+ * permitted it is then the applications responsibility to ensure that the
+ * usage is compliant.
+ */
+
+# define DSA_FLAG_NON_FIPS_ALLOW 0x0400
+# define DSA_FLAG_FIPS_CHECKED 0x0800
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
+
+/* Already defined in ossl_typ.h */
+/* typedef struct dsa_st DSA; */
+/* typedef struct dsa_method DSA_METHOD; */
+
+typedef struct DSA_SIG_st DSA_SIG;
+
+/*
+ * TODO(3.0): consider removing the ASN.1 encoding and decoding when
+ * deserialisation is completed elsewhere.
+ */
+# define d2i_DSAparams_fp(fp, x) \
+ (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \
+ (char *(*)())d2i_DSAparams, (fp), \
+ (unsigned char **)(x))
+# define i2d_DSAparams_fp(fp, x) \
+ ASN1_i2d_fp(i2d_DSAparams, (fp), (unsigned char *)(x))
+# define d2i_DSAparams_bio(bp, x) \
+ ASN1_d2i_bio_of(DSA, DSA_new, d2i_DSAparams, bp, x)
+# define i2d_DSAparams_bio(bp, x) \
+ ASN1_i2d_bio_of(DSA, i2d_DSAparams, bp, x)
+
+DECLARE_ASN1_DUP_FUNCTION_name(DSA, DSAparams)
+DSA_SIG *DSA_SIG_new(void);
+void DSA_SIG_free(DSA_SIG *a);
+DECLARE_ASN1_ENCODE_FUNCTIONS_only(DSA_SIG, DSA_SIG)
+void DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps);
+int DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s);
+
+DEPRECATEDIN_3_0(DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen,
+ DSA *dsa))
+DEPRECATEDIN_3_0(int DSA_do_verify(const unsigned char *dgst, int dgst_len,
+ DSA_SIG *sig, DSA *dsa))
+
+DEPRECATEDIN_3_0(const DSA_METHOD *DSA_OpenSSL(void))
+
+DEPRECATEDIN_3_0(void DSA_set_default_method(const DSA_METHOD *))
+DEPRECATEDIN_3_0(const DSA_METHOD *DSA_get_default_method(void))
+DEPRECATEDIN_3_0(int DSA_set_method(DSA *dsa, const DSA_METHOD *))
+DEPRECATEDIN_3_0(const DSA_METHOD *DSA_get_method(DSA *d))
+
+DSA *DSA_new(void);
+DEPRECATEDIN_3_0(DSA *DSA_new_method(ENGINE *engine))
+void DSA_free(DSA *r);
+/* "up" the DSA object's reference count */
+int DSA_up_ref(DSA *r);
+DEPRECATEDIN_3_0(int DSA_size(const DSA *))
+int DSA_bits(const DSA *d);
+DEPRECATEDIN_3_0(int DSA_security_bits(const DSA *d))
+ /* next 4 return -1 on error */
+DEPRECATEDIN_3_0(int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
+ BIGNUM **rp))
+DEPRECATEDIN_3_0(int DSA_sign(int type, const unsigned char *dgst, int dlen,
+ unsigned char *sig, unsigned int *siglen,
+ DSA *dsa))
+DEPRECATEDIN_3_0(int DSA_verify(int type, const unsigned char *dgst,
+ int dgst_len, const unsigned char *sigbuf,
+ int siglen, DSA *dsa))
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define DSA_get_ex_new_index(l, p, newf, dupf, freef) \
+ CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DSA, l, p, newf, dupf, freef)
+# endif
+DEPRECATEDIN_3_0(int DSA_set_ex_data(DSA *d, int idx, void *arg))
+DEPRECATEDIN_3_0(void *DSA_get_ex_data(const DSA *d, int idx))
+
+DECLARE_ASN1_ENCODE_FUNCTIONS_only(DSA, DSAPublicKey)
+DECLARE_ASN1_ENCODE_FUNCTIONS_only(DSA, DSAPrivateKey)
+DECLARE_ASN1_ENCODE_FUNCTIONS_only(DSA, DSAparams)
+
+/* Deprecated version */
+DEPRECATEDIN_0_9_8(DSA *DSA_generate_parameters(int bits,
+ unsigned char *seed,
+ int seed_len,
+ int *counter_ret,
+ unsigned long *h_ret, void
+ (*callback) (int, int,
+ void *),
+ void *cb_arg))
+
+/* New version */
+DEPRECATEDIN_3_0(int DSA_generate_parameters_ex(DSA *dsa, int bits,
+ const unsigned char *seed,
+ int seed_len, int *counter_ret,
+ unsigned long *h_ret,
+ BN_GENCB *cb))
+
+DEPRECATEDIN_3_0(int DSA_generate_key(DSA *a))
+
+DEPRECATEDIN_3_0(int DSAparams_print(BIO *bp, const DSA *x))
+DEPRECATEDIN_3_0(int DSA_print(BIO *bp, const DSA *x, int off))
+# ifndef OPENSSL_NO_STDIO
+DEPRECATEDIN_3_0(int DSAparams_print_fp(FILE *fp, const DSA *x))
+DEPRECATEDIN_3_0(int DSA_print_fp(FILE *bp, const DSA *x, int off))
+# endif
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define DSS_prime_checks 64
+/*
+ * Primality test according to FIPS PUB 186-4, Appendix C.3. Since we only
+ * have one value here we set the number of checks to 64 which is the 128 bit
+ * security level that is the highest level and valid for creating a 3072 bit
+ * DSA key.
+ */
+# define DSA_is_prime(n, callback, cb_arg) \
+ BN_is_prime(n, DSS_prime_checks, callback, NULL, cb_arg)
+# endif
+
+# ifndef OPENSSL_NO_DH
+/*
+ * Convert DSA structure (key or just parameters) into DH structure (be
+ * careful to avoid small subgroup attacks when using this!)
+ */
+DEPRECATEDIN_3_0(DH *DSA_dup_DH(const DSA *r))
+# endif
+
+int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+int EVP_PKEY_CTX_set_dsa_paramgen_q_bits(EVP_PKEY_CTX *ctx, int qbits);
+int EVP_PKEY_CTX_set_dsa_paramgen_md_props(EVP_PKEY_CTX *ctx,
+ const char *md_name,
+ const char *md_properties);
+int EVP_PKEY_CTX_set_dsa_paramgen_gindex(EVP_PKEY_CTX *ctx, int gindex);
+int EVP_PKEY_CTX_set_dsa_paramgen_type(EVP_PKEY_CTX *ctx, const char *name);
+int EVP_PKEY_CTX_set_dsa_paramgen_seed(EVP_PKEY_CTX *ctx,
+ const unsigned char *seed,
+ size_t seedlen);
+int EVP_PKEY_CTX_set_dsa_paramgen_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+
+# define EVP_PKEY_CTRL_DSA_PARAMGEN_BITS (EVP_PKEY_ALG_CTRL + 1)
+# define EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS (EVP_PKEY_ALG_CTRL + 2)
+# define EVP_PKEY_CTRL_DSA_PARAMGEN_MD (EVP_PKEY_ALG_CTRL + 3)
+
+void DSA_get0_pqg(const DSA *d,
+ const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
+int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+void DSA_get0_key(const DSA *d,
+ const BIGNUM **pub_key, const BIGNUM **priv_key);
+int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key);
+const BIGNUM *DSA_get0_p(const DSA *d);
+const BIGNUM *DSA_get0_q(const DSA *d);
+const BIGNUM *DSA_get0_g(const DSA *d);
+const BIGNUM *DSA_get0_pub_key(const DSA *d);
+const BIGNUM *DSA_get0_priv_key(const DSA *d);
+void DSA_clear_flags(DSA *d, int flags);
+int DSA_test_flags(const DSA *d, int flags);
+void DSA_set_flags(DSA *d, int flags);
+DEPRECATEDIN_3_0(ENGINE *DSA_get0_engine(DSA *d))
+
+DEPRECATEDIN_3_0(DSA_METHOD *DSA_meth_new(const char *name, int flags))
+DEPRECATEDIN_3_0(void DSA_meth_free(DSA_METHOD *dsam))
+DEPRECATEDIN_3_0(DSA_METHOD *DSA_meth_dup(const DSA_METHOD *dsam))
+DEPRECATEDIN_3_0(const char *DSA_meth_get0_name(const DSA_METHOD *dsam))
+DEPRECATEDIN_3_0(int DSA_meth_set1_name(DSA_METHOD *dsam, const char *name))
+DEPRECATEDIN_3_0(int DSA_meth_get_flags(const DSA_METHOD *dsam))
+DEPRECATEDIN_3_0(int DSA_meth_set_flags(DSA_METHOD *dsam, int flags))
+DEPRECATEDIN_3_0(void *DSA_meth_get0_app_data(const DSA_METHOD *dsam))
+DEPRECATEDIN_3_0(int DSA_meth_set0_app_data(DSA_METHOD *dsam, void *app_data))
+DEPRECATEDIN_3_0(DSA_SIG *(*DSA_meth_get_sign(const DSA_METHOD *dsam))
+ (const unsigned char *, int, DSA *))
+DEPRECATEDIN_3_0(int DSA_meth_set_sign(DSA_METHOD *dsam,
+ DSA_SIG *(*sign) (const unsigned char *, int, DSA *)))
+DEPRECATEDIN_3_0(int (*DSA_meth_get_sign_setup(const DSA_METHOD *dsam))
+ (DSA *, BN_CTX *, BIGNUM **, BIGNUM **))
+DEPRECATEDIN_3_0(int DSA_meth_set_sign_setup(DSA_METHOD *dsam,
+ int (*sign_setup) (DSA *, BN_CTX *, BIGNUM **, BIGNUM **)))
+DEPRECATEDIN_3_0(int (*DSA_meth_get_verify(const DSA_METHOD *dsam))
+ (const unsigned char *, int, DSA_SIG *, DSA *))
+DEPRECATEDIN_3_0(int DSA_meth_set_verify(DSA_METHOD *dsam,
+ int (*verify) (const unsigned char *, int, DSA_SIG *, DSA *)))
+DEPRECATEDIN_3_0(int (*DSA_meth_get_mod_exp(const DSA_METHOD *dsam))
+ (DSA *, BIGNUM *, const BIGNUM *, const BIGNUM *, const BIGNUM *,
+ const BIGNUM *, const BIGNUM *, BN_CTX *, BN_MONT_CTX *))
+DEPRECATEDIN_3_0(int DSA_meth_set_mod_exp(DSA_METHOD *dsam,
+ int (*mod_exp) (DSA *, BIGNUM *, const BIGNUM *, const BIGNUM *,
+ const BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *,
+ BN_MONT_CTX *)))
+DEPRECATEDIN_3_0(int (*DSA_meth_get_bn_mod_exp(const DSA_METHOD *dsam))
+ (DSA *, BIGNUM *, const BIGNUM *, const BIGNUM *, const BIGNUM *,
+ BN_CTX *, BN_MONT_CTX *))
+DEPRECATEDIN_3_0(int DSA_meth_set_bn_mod_exp(DSA_METHOD *dsam,
+ int (*bn_mod_exp) (DSA *, BIGNUM *, const BIGNUM *, const BIGNUM *,
+ const BIGNUM *, BN_CTX *, BN_MONT_CTX *)))
+DEPRECATEDIN_3_0(int (*DSA_meth_get_init(const DSA_METHOD *dsam))(DSA *))
+DEPRECATEDIN_3_0(int DSA_meth_set_init(DSA_METHOD *dsam, int (*init)(DSA *)))
+DEPRECATEDIN_3_0(int (*DSA_meth_get_finish(const DSA_METHOD *dsam)) (DSA *))
+DEPRECATEDIN_3_0(int DSA_meth_set_finish(DSA_METHOD *dsam, int (*finish) (DSA *)))
+DEPRECATEDIN_3_0(int (*DSA_meth_get_paramgen(const DSA_METHOD *dsam))
+ (DSA *, int, const unsigned char *, int, int *, unsigned long *,
+ BN_GENCB *))
+DEPRECATEDIN_3_0(int DSA_meth_set_paramgen(DSA_METHOD *dsam,
+ int (*paramgen) (DSA *, int, const unsigned char *, int, int *,
+ unsigned long *, BN_GENCB *)))
+DEPRECATEDIN_3_0(int (*DSA_meth_get_keygen(const DSA_METHOD *dsam)) (DSA *))
+DEPRECATEDIN_3_0(int DSA_meth_set_keygen(DSA_METHOD *dsam, int (*keygen) (DSA *)))
+
+# ifdef __cplusplus
+}
+# endif
+# endif
+#endif
diff --git a/openssl/include/openssl/dsaerr.h b/openssl/include/openssl/dsaerr.h new file mode 100644 index 00000000..dfb59614 --- /dev/null +++ b/openssl/include/openssl/dsaerr.h @@ -0,0 +1,76 @@ +/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_DSAERR_H
+# define OPENSSL_DSAERR_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_DSA
+
+# ifdef __cplusplus
+extern "C"
+# endif
+int ERR_load_DSA_strings(void);
+
+/*
+ * DSA function codes.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define DSA_F_DSAPARAMS_PRINT 0
+# define DSA_F_DSAPARAMS_PRINT_FP 0
+# define DSA_F_DSA_BUILTIN_PARAMGEN 0
+# define DSA_F_DSA_BUILTIN_PARAMGEN2 0
+# define DSA_F_DSA_DO_SIGN 0
+# define DSA_F_DSA_DO_VERIFY 0
+# define DSA_F_DSA_METH_DUP 0
+# define DSA_F_DSA_METH_NEW 0
+# define DSA_F_DSA_METH_SET1_NAME 0
+# define DSA_F_DSA_NEW_METHOD 0
+# define DSA_F_DSA_PARAM_DECODE 0
+# define DSA_F_DSA_PRINT_FP 0
+# define DSA_F_DSA_PRIV_DECODE 0
+# define DSA_F_DSA_PRIV_ENCODE 0
+# define DSA_F_DSA_PUB_DECODE 0
+# define DSA_F_DSA_PUB_ENCODE 0
+# define DSA_F_DSA_SIGN 0
+# define DSA_F_DSA_SIGN_SETUP 0
+# define DSA_F_DSA_SIG_NEW 0
+# define DSA_F_OLD_DSA_PRIV_DECODE 0
+# define DSA_F_PKEY_DSA_CTRL 0
+# define DSA_F_PKEY_DSA_CTRL_STR 0
+# define DSA_F_PKEY_DSA_KEYGEN 0
+# endif
+
+/*
+ * DSA reason codes.
+ */
+# define DSA_R_BAD_FFC_PARAMETERS 114
+# define DSA_R_BAD_Q_VALUE 102
+# define DSA_R_BN_DECODE_ERROR 108
+# define DSA_R_BN_ERROR 109
+# define DSA_R_DECODE_ERROR 104
+# define DSA_R_INVALID_DIGEST_TYPE 106
+# define DSA_R_INVALID_PARAMETERS 112
+# define DSA_R_MISSING_PARAMETERS 101
+# define DSA_R_MISSING_PRIVATE_KEY 111
+# define DSA_R_MODULUS_TOO_LARGE 103
+# define DSA_R_NO_PARAMETERS_SET 107
+# define DSA_R_PARAMETER_ENCODING_ERROR 105
+# define DSA_R_Q_NOT_PRIME 113
+# define DSA_R_SEED_LEN_SMALL 110
+
+# endif
+#endif
diff --git a/openssl/include/openssl/dtls1.h b/openssl/include/openssl/dtls1.h new file mode 100644 index 00000000..f0000268 --- /dev/null +++ b/openssl/include/openssl/dtls1.h @@ -0,0 +1,62 @@ +/*
+ * Copyright 2005-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_DTLS1_H
+# define OPENSSL_DTLS1_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_DTLS1_H
+# endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <openssl/opensslconf.h>
+
+# define DTLS1_VERSION 0xFEFF
+# define DTLS1_2_VERSION 0xFEFD
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define DTLS_MIN_VERSION DTLS1_VERSION
+# define DTLS_MAX_VERSION DTLS1_2_VERSION
+# endif
+# define DTLS1_VERSION_MAJOR 0xFE
+
+# define DTLS1_BAD_VER 0x0100
+
+/* Special value for method supporting multiple versions */
+# define DTLS_ANY_VERSION 0x1FFFF
+
+/* lengths of messages */
+
+# define DTLS1_COOKIE_LENGTH 255
+
+# define DTLS1_RT_HEADER_LENGTH 13
+
+# define DTLS1_HM_HEADER_LENGTH 12
+
+# define DTLS1_HM_BAD_FRAGMENT -2
+# define DTLS1_HM_FRAGMENT_RETRY -3
+
+# define DTLS1_CCS_HEADER_LENGTH 1
+
+# define DTLS1_AL_HEADER_LENGTH 2
+
+/* Timeout multipliers */
+# define DTLS1_TMO_READ_COUNT 2
+# define DTLS1_TMO_WRITE_COUNT 2
+
+# define DTLS1_TMO_ALERT_COUNT 12
+
+#ifdef __cplusplus
+}
+#endif
+#endif
diff --git a/openssl/include/openssl/e_os2.h b/openssl/include/openssl/e_os2.h new file mode 100644 index 00000000..97371f52 --- /dev/null +++ b/openssl/include/openssl/e_os2.h @@ -0,0 +1,280 @@ +/*
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_E_OS2_H
+# define OPENSSL_E_OS2_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_E_OS2_H
+# endif
+
+# include <openssl/opensslconf.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/******************************************************************************
+ * Detect operating systems. This probably needs completing.
+ * The result is that at least one OPENSSL_SYS_os macro should be defined.
+ * However, if none is defined, Unix is assumed.
+ **/
+
+# define OPENSSL_SYS_UNIX
+
+/* --------------------- Microsoft operating systems ---------------------- */
+
+/*
+ * Note that MSDOS actually denotes 32-bit environments running on top of
+ * MS-DOS, such as DJGPP one.
+ */
+# if defined(OPENSSL_SYS_MSDOS)
+# undef OPENSSL_SYS_UNIX
+# endif
+
+/*
+ * For 32 bit environment, there seems to be the CygWin environment and then
+ * all the others that try to do the same thing Microsoft does...
+ */
+/*
+ * UEFI lives here because it might be built with a Microsoft toolchain and
+ * we need to avoid the false positive match on Windows.
+ */
+# if defined(OPENSSL_SYS_UEFI)
+# undef OPENSSL_SYS_UNIX
+# elif defined(OPENSSL_SYS_UWIN)
+# undef OPENSSL_SYS_UNIX
+# define OPENSSL_SYS_WIN32_UWIN
+# else
+# if defined(__CYGWIN__) || defined(OPENSSL_SYS_CYGWIN)
+# define OPENSSL_SYS_WIN32_CYGWIN
+# else
+# if defined(_WIN32) || defined(OPENSSL_SYS_WIN32)
+# undef OPENSSL_SYS_UNIX
+# if !defined(OPENSSL_SYS_WIN32)
+# define OPENSSL_SYS_WIN32
+# endif
+# endif
+# if defined(_WIN64) || defined(OPENSSL_SYS_WIN64)
+# undef OPENSSL_SYS_UNIX
+# if !defined(OPENSSL_SYS_WIN64)
+# define OPENSSL_SYS_WIN64
+# endif
+# endif
+# if defined(OPENSSL_SYS_WINNT)
+# undef OPENSSL_SYS_UNIX
+# endif
+# if defined(OPENSSL_SYS_WINCE)
+# undef OPENSSL_SYS_UNIX
+# endif
+# endif
+# endif
+
+/* Anything that tries to look like Microsoft is "Windows" */
+# if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN64) || defined(OPENSSL_SYS_WINNT) || defined(OPENSSL_SYS_WINCE)
+# undef OPENSSL_SYS_UNIX
+# define OPENSSL_SYS_WINDOWS
+# ifndef OPENSSL_SYS_MSDOS
+# define OPENSSL_SYS_MSDOS
+# endif
+# endif
+
+/*
+ * DLL settings. This part is a bit tough, because it's up to the
+ * application implementor how he or she will link the application, so it
+ * requires some macro to be used.
+ */
+# ifdef OPENSSL_SYS_WINDOWS
+# ifndef OPENSSL_OPT_WINDLL
+# if defined(_WINDLL) /* This is used when building OpenSSL to
+ * indicate that DLL linkage should be used */
+# define OPENSSL_OPT_WINDLL
+# endif
+# endif
+# endif
+
+/* ------------------------------- OpenVMS -------------------------------- */
+# if defined(__VMS) || defined(VMS) || defined(OPENSSL_SYS_VMS)
+# if !defined(OPENSSL_SYS_VMS)
+# undef OPENSSL_SYS_UNIX
+# endif
+# define OPENSSL_SYS_VMS
+# if defined(__DECC)
+# define OPENSSL_SYS_VMS_DECC
+# elif defined(__DECCXX)
+# define OPENSSL_SYS_VMS_DECC
+# define OPENSSL_SYS_VMS_DECCXX
+# else
+# define OPENSSL_SYS_VMS_NODECC
+# endif
+# endif
+
+/* -------------------------------- Unix ---------------------------------- */
+# ifdef OPENSSL_SYS_UNIX
+# if defined(linux) || defined(__linux__) && !defined(OPENSSL_SYS_LINUX)
+# define OPENSSL_SYS_LINUX
+# endif
+# if defined(_AIX) && !defined(OPENSSL_SYS_AIX)
+# define OPENSSL_SYS_AIX
+# endif
+# endif
+
+/* -------------------------------- VOS ----------------------------------- */
+# if defined(__VOS__) && !defined(OPENSSL_SYS_VOS)
+# define OPENSSL_SYS_VOS
+# ifdef __HPPA__
+# define OPENSSL_SYS_VOS_HPPA
+# endif
+# ifdef __IA32__
+# define OPENSSL_SYS_VOS_IA32
+# endif
+# endif
+
+/**
+ * That's it for OS-specific stuff
+ *****************************************************************************/
+
+/*-
+ * OPENSSL_EXTERN is normally used to declare a symbol with possible extra
+ * attributes to handle its presence in a shared library.
+ * OPENSSL_EXPORT is used to define a symbol with extra possible attributes
+ * to make it visible in a shared library.
+ * Care needs to be taken when a header file is used both to declare and
+ * define symbols. Basically, for any library that exports some global
+ * variables, the following code must be present in the header file that
+ * declares them, before OPENSSL_EXTERN is used:
+ *
+ * #ifdef SOME_BUILD_FLAG_MACRO
+ * # undef OPENSSL_EXTERN
+ * # define OPENSSL_EXTERN OPENSSL_EXPORT
+ * #endif
+ *
+ * The default is to have OPENSSL_EXPORT and OPENSSL_EXTERN
+ * have some generally sensible values.
+ */
+
+# if defined(OPENSSL_SYS_WINDOWS) && defined(OPENSSL_OPT_WINDLL)
+# define OPENSSL_EXPORT extern __declspec(dllexport)
+# define OPENSSL_EXTERN extern __declspec(dllimport)
+# else
+# define OPENSSL_EXPORT extern
+# define OPENSSL_EXTERN extern
+# endif
+
+# ifdef _WIN32
+# ifdef _WIN64
+# define ossl_ssize_t __int64
+# define OSSL_SSIZE_MAX _I64_MAX
+# else
+# define ossl_ssize_t int
+# define OSSL_SSIZE_MAX INT_MAX
+# endif
+# endif
+
+# if defined(OPENSSL_SYS_UEFI) && !defined(ossl_ssize_t)
+# define ossl_ssize_t INTN
+# define OSSL_SSIZE_MAX MAX_INTN
+# endif
+
+# ifndef ossl_ssize_t
+# define ossl_ssize_t ssize_t
+# if defined(SSIZE_MAX)
+# define OSSL_SSIZE_MAX SSIZE_MAX
+# elif defined(_POSIX_SSIZE_MAX)
+# define OSSL_SSIZE_MAX _POSIX_SSIZE_MAX
+# else
+# define OSSL_SSIZE_MAX ((ssize_t)(SIZE_MAX>>1))
+# endif
+# endif
+
+# ifdef DEBUG_UNUSED
+# define __owur __attribute__((__warn_unused_result__))
+# else
+# define __owur
+# endif
+
+/* Standard integer types */
+# define OPENSSL_NO_INTTYPES_H
+# define OPENSSL_NO_STDINT_H
+# if defined(OPENSSL_SYS_UEFI)
+typedef INT8 int8_t;
+typedef UINT8 uint8_t;
+typedef INT16 int16_t;
+typedef UINT16 uint16_t;
+typedef INT32 int32_t;
+typedef UINT32 uint32_t;
+typedef INT64 int64_t;
+typedef UINT64 uint64_t;
+# elif (defined(__STDC_VERSION__) && __STDC_VERSION__ >= 199901L) || \
+ defined(__osf__) || defined(__sgi) || defined(__hpux) || \
+ defined(OPENSSL_SYS_VMS) || defined (__OpenBSD__)
+# include <inttypes.h>
+# undef OPENSSL_NO_INTTYPES_H
+/* Because the specs say that inttypes.h includes stdint.h if present */
+# undef OPENSSL_NO_STDINT_H
+# elif defined(_MSC_VER) && _MSC_VER<=1500
+/*
+ * minimally required typdefs for systems not supporting inttypes.h or
+ * stdint.h: currently just older VC++
+ */
+typedef signed char int8_t;
+typedef unsigned char uint8_t;
+typedef short int16_t;
+typedef unsigned short uint16_t;
+typedef int int32_t;
+typedef unsigned int uint32_t;
+typedef __int64 int64_t;
+typedef unsigned __int64 uint64_t;
+# else
+# include <stdint.h>
+# undef OPENSSL_NO_STDINT_H
+# endif
+
+/* ossl_inline: portable inline definition usable in public headers */
+# if !defined(inline) && !defined(__cplusplus)
+# if defined(__STDC_VERSION__) && __STDC_VERSION__>=199901L
+ /* just use inline */
+# define ossl_inline inline
+# elif defined(__GNUC__) && __GNUC__>=2
+# define ossl_inline __inline__
+# elif defined(_MSC_VER)
+ /*
+ * Visual Studio: inline is available in C++ only, however
+ * __inline is available for C, see
+ * http://msdn.microsoft.com/en-us/library/z8y1yy88.aspx
+ */
+# define ossl_inline __inline
+# else
+# define ossl_inline
+# endif
+# else
+# define ossl_inline inline
+# endif
+
+# if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 201112L
+# define ossl_noreturn _Noreturn
+# elif defined(__GNUC__) && __GNUC__ >= 2
+# define ossl_noreturn __attribute__((noreturn))
+# else
+# define ossl_noreturn
+# endif
+
+/* ossl_unused: portable unused attribute for use in public headers */
+# if defined(__GNUC__)
+# define ossl_unused __attribute__((unused))
+# else
+# define ossl_unused
+# endif
+
+#ifdef __cplusplus
+}
+#endif
+#endif
diff --git a/openssl/include/openssl/ebcdic.h b/openssl/include/openssl/ebcdic.h new file mode 100644 index 00000000..9333bc2c --- /dev/null +++ b/openssl/include/openssl/ebcdic.h @@ -0,0 +1,39 @@ +/*
+ * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_EBCDIC_H
+# define OPENSSL_EBCDIC_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_EBCDIC_H
+# endif
+
+# include <stdlib.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Avoid name clashes with other applications */
+# define os_toascii _openssl_os_toascii
+# define os_toebcdic _openssl_os_toebcdic
+# define ebcdic2ascii _openssl_ebcdic2ascii
+# define ascii2ebcdic _openssl_ascii2ebcdic
+
+extern const unsigned char os_toascii[256];
+extern const unsigned char os_toebcdic[256];
+void *ebcdic2ascii(void *dest, const void *srce, size_t count);
+void *ascii2ebcdic(void *dest, const void *srce, size_t count);
+
+#ifdef __cplusplus
+}
+#endif
+#endif
diff --git a/openssl/include/openssl/ec.h b/openssl/include/openssl/ec.h new file mode 100644 index 00000000..099ac1da --- /dev/null +++ b/openssl/include/openssl/ec.h @@ -0,0 +1,1521 @@ +/*
+ * Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_EC_H
+# define OPENSSL_EC_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_EC_H
+# endif
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_EC
+# include <openssl/asn1.h>
+# include <openssl/symhacks.h>
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# include <openssl/bn.h>
+# endif
+# include <openssl/ecerr.h>
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+# ifndef OPENSSL_ECC_MAX_FIELD_BITS
+# define OPENSSL_ECC_MAX_FIELD_BITS 661
+# endif
+
+/** Enum for the point conversion form as defined in X9.62 (ECDSA)
+ * for the encoding of a elliptic curve point (x,y) */
+typedef enum {
+ /** the point is encoded as z||x, where the octet z specifies
+ * which solution of the quadratic equation y is */
+ POINT_CONVERSION_COMPRESSED = 2,
+ /** the point is encoded as z||x||y, where z is the octet 0x04 */
+ POINT_CONVERSION_UNCOMPRESSED = 4,
+ /** the point is encoded as z||x||y, where the octet z specifies
+ * which solution of the quadratic equation y is */
+ POINT_CONVERSION_HYBRID = 6
+} point_conversion_form_t;
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+typedef struct ec_method_st EC_METHOD;
+# endif
+typedef struct ec_group_st EC_GROUP;
+typedef struct ec_point_st EC_POINT;
+typedef struct ecpk_parameters_st ECPKPARAMETERS;
+typedef struct ec_parameters_st ECPARAMETERS;
+
+/********************************************************************/
+/* EC_METHODs for curves over GF(p) */
+/********************************************************************/
+
+/** Returns the basic GFp ec methods which provides the basis for the
+ * optimized methods.
+ * \return EC_METHOD object
+ */
+DEPRECATEDIN_3_0(const EC_METHOD *EC_GFp_simple_method(void))
+
+/** Returns GFp methods using montgomery multiplication.
+ * \return EC_METHOD object
+ */
+DEPRECATEDIN_3_0(const EC_METHOD *EC_GFp_mont_method(void))
+
+/** Returns GFp methods using optimized methods for NIST recommended curves
+ * \return EC_METHOD object
+ */
+DEPRECATEDIN_3_0(const EC_METHOD *EC_GFp_nist_method(void))
+
+# ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+/** Returns 64-bit optimized methods for nistp224
+ * \return EC_METHOD object
+ */
+DEPRECATEDIN_3_0(const EC_METHOD *EC_GFp_nistp224_method(void))
+
+/** Returns 64-bit optimized methods for nistp256
+ * \return EC_METHOD object
+ */
+DEPRECATEDIN_3_0(const EC_METHOD *EC_GFp_nistp256_method(void))
+
+/** Returns 64-bit optimized methods for nistp521
+ * \return EC_METHOD object
+ */
+DEPRECATEDIN_3_0(const EC_METHOD *EC_GFp_nistp521_method(void))
+# endif
+
+# ifndef OPENSSL_NO_EC2M
+/********************************************************************/
+/* EC_METHOD for curves over GF(2^m) */
+/********************************************************************/
+
+/** Returns the basic GF2m ec method
+ * \return EC_METHOD object
+ */
+DEPRECATEDIN_3_0(const EC_METHOD *EC_GF2m_simple_method(void))
+
+# endif
+
+/********************************************************************/
+/* EC_GROUP functions */
+/********************************************************************/
+
+/**
+ * Creates a new EC_GROUP object
+ * \param meth EC_METHOD to use
+ * \return newly created EC_GROUP object or NULL in case of an error.
+ */
+DEPRECATEDIN_3_0(EC_GROUP *EC_GROUP_new(const EC_METHOD *meth))
+
+/** Frees a EC_GROUP object
+ * \param group EC_GROUP object to be freed.
+ */
+void EC_GROUP_free(EC_GROUP *group);
+
+/** Clears and frees a EC_GROUP object
+ * \param group EC_GROUP object to be cleared and freed.
+ */
+DEPRECATEDIN_3_0(void EC_GROUP_clear_free(EC_GROUP *group))
+
+/** Copies EC_GROUP objects. Note: both EC_GROUPs must use the same EC_METHOD.
+ * \param dst destination EC_GROUP object
+ * \param src source EC_GROUP object
+ * \return 1 on success and 0 if an error occurred.
+ */
+int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
+
+/** Creates a new EC_GROUP object and copies the content
+ * form src to the newly created EC_KEY object
+ * \param src source EC_GROUP object
+ * \return newly created EC_GROUP object or NULL in case of an error.
+ */
+EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
+
+/** Returns the EC_METHOD of the EC_GROUP object.
+ * \param group EC_GROUP object
+ * \return EC_METHOD used in this EC_GROUP object.
+ */
+DEPRECATEDIN_3_0(const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group))
+
+/** Returns the field type of the EC_METHOD.
+ * \param meth EC_METHOD object
+ * \return NID of the underlying field type OID.
+ */
+DEPRECATEDIN_3_0(int EC_METHOD_get_field_type(const EC_METHOD *meth))
+
+/** Sets the generator and its order/cofactor of a EC_GROUP object.
+ * \param group EC_GROUP object
+ * \param generator EC_POINT object with the generator.
+ * \param order the order of the group generated by the generator.
+ * \param cofactor the index of the sub-group generated by the generator
+ * in the group of all points on the elliptic curve.
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
+ const BIGNUM *order, const BIGNUM *cofactor);
+
+/** Returns the generator of a EC_GROUP object.
+ * \param group EC_GROUP object
+ * \return the currently used generator (possibly NULL).
+ */
+const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
+
+/** Returns the montgomery data for order(Generator)
+ * \param group EC_GROUP object
+ * \return the currently used montgomery data (possibly NULL).
+*/
+BN_MONT_CTX *EC_GROUP_get_mont_data(const EC_GROUP *group);
+
+/** Gets the order of a EC_GROUP
+ * \param group EC_GROUP object
+ * \param order BIGNUM to which the order is copied
+ * \param ctx unused
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
+
+/** Gets the order of an EC_GROUP
+ * \param group EC_GROUP object
+ * \return the group order
+ */
+const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group);
+
+/** Gets the number of bits of the order of an EC_GROUP
+ * \param group EC_GROUP object
+ * \return number of bits of group order.
+ */
+int EC_GROUP_order_bits(const EC_GROUP *group);
+
+/** Gets the cofactor of a EC_GROUP
+ * \param group EC_GROUP object
+ * \param cofactor BIGNUM to which the cofactor is copied
+ * \param ctx unused
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor,
+ BN_CTX *ctx);
+
+/** Gets the cofactor of an EC_GROUP
+ * \param group EC_GROUP object
+ * \return the group cofactor
+ */
+const BIGNUM *EC_GROUP_get0_cofactor(const EC_GROUP *group);
+
+/** Sets the name of a EC_GROUP object
+ * \param group EC_GROUP object
+ * \param nid NID of the curve name OID
+ */
+void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
+
+/** Returns the curve name of a EC_GROUP object
+ * \param group EC_GROUP object
+ * \return NID of the curve name OID or 0 if not set.
+ */
+int EC_GROUP_get_curve_name(const EC_GROUP *group);
+
+/** Gets the field of an EC_GROUP
+ * \param group EC_GROUP object
+ * \return the group field
+ */
+const BIGNUM *EC_GROUP_get0_field(const EC_GROUP *group);
+
+/** Returns the field type of the EC_GROUP.
+ * \param group EC_GROUP object
+ * \return NID of the underlying field type OID.
+ */
+int EC_GROUP_get_field_type(const EC_GROUP *group);
+
+void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
+int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
+
+void EC_GROUP_set_point_conversion_form(EC_GROUP *group,
+ point_conversion_form_t form);
+point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
+
+unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
+size_t EC_GROUP_get_seed_len(const EC_GROUP *);
+size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
+
+/** Sets the parameters of a ec curve defined by y^2 = x^3 + a*x + b (for GFp)
+ * or y^2 + x*y = x^3 + a*x^2 + b (for GF2m)
+ * \param group EC_GROUP object
+ * \param p BIGNUM with the prime number (GFp) or the polynomial
+ * defining the underlying field (GF2m)
+ * \param a BIGNUM with parameter a of the equation
+ * \param b BIGNUM with parameter b of the equation
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_GROUP_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
+ const BIGNUM *b, BN_CTX *ctx);
+
+/** Gets the parameters of the ec curve defined by y^2 = x^3 + a*x + b (for GFp)
+ * or y^2 + x*y = x^3 + a*x^2 + b (for GF2m)
+ * \param group EC_GROUP object
+ * \param p BIGNUM with the prime number (GFp) or the polynomial
+ * defining the underlying field (GF2m)
+ * \param a BIGNUM for parameter a of the equation
+ * \param b BIGNUM for parameter b of the equation
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_GROUP_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b,
+ BN_CTX *ctx);
+
+/** Sets the parameters of an ec curve. Synonym for EC_GROUP_set_curve
+ * \param group EC_GROUP object
+ * \param p BIGNUM with the prime number (GFp) or the polynomial
+ * defining the underlying field (GF2m)
+ * \param a BIGNUM with parameter a of the equation
+ * \param b BIGNUM with parameter b of the equation
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+DEPRECATEDIN_3_0(int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p,
+ const BIGNUM *a, const BIGNUM *b,
+ BN_CTX *ctx))
+
+/** Gets the parameters of an ec curve. Synonym for EC_GROUP_get_curve
+ * \param group EC_GROUP object
+ * \param p BIGNUM with the prime number (GFp) or the polynomial
+ * defining the underlying field (GF2m)
+ * \param a BIGNUM for parameter a of the equation
+ * \param b BIGNUM for parameter b of the equation
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+DEPRECATEDIN_3_0(int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p,
+ BIGNUM *a, BIGNUM *b,
+ BN_CTX *ctx))
+
+# ifndef OPENSSL_NO_EC2M
+/** Sets the parameter of an ec curve. Synonym for EC_GROUP_set_curve
+ * \param group EC_GROUP object
+ * \param p BIGNUM with the prime number (GFp) or the polynomial
+ * defining the underlying field (GF2m)
+ * \param a BIGNUM with parameter a of the equation
+ * \param b BIGNUM with parameter b of the equation
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+DEPRECATEDIN_3_0(int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p,
+ const BIGNUM *a, const BIGNUM *b,
+ BN_CTX *ctx))
+
+/** Gets the parameters of an ec curve. Synonym for EC_GROUP_get_curve
+ * \param group EC_GROUP object
+ * \param p BIGNUM with the prime number (GFp) or the polynomial
+ * defining the underlying field (GF2m)
+ * \param a BIGNUM for parameter a of the equation
+ * \param b BIGNUM for parameter b of the equation
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+DEPRECATEDIN_3_0(int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p,
+ BIGNUM *a, BIGNUM *b,
+ BN_CTX *ctx))
+# endif
+/** Returns the number of bits needed to represent a field element
+ * \param group EC_GROUP object
+ * \return number of bits needed to represent a field element
+ */
+int EC_GROUP_get_degree(const EC_GROUP *group);
+
+/** Checks whether the parameter in the EC_GROUP define a valid ec group
+ * \param group EC_GROUP object
+ * \param ctx BN_CTX object (optional)
+ * \return 1 if group is a valid ec group and 0 otherwise
+ */
+int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
+
+/** Checks whether the discriminant of the elliptic curve is zero or not
+ * \param group EC_GROUP object
+ * \param ctx BN_CTX object (optional)
+ * \return 1 if the discriminant is not zero and 0 otherwise
+ */
+int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
+
+/** Compares two EC_GROUP objects
+ * \param a first EC_GROUP object
+ * \param b second EC_GROUP object
+ * \param ctx BN_CTX object (optional)
+ * \return 0 if the groups are equal, 1 if not, or -1 on error
+ */
+int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
+
+/*
+ * EC_GROUP_new_GF*() calls EC_GROUP_new() and EC_GROUP_set_GF*() after
+ * choosing an appropriate EC_METHOD
+ */
+
+/** Creates a new EC_GROUP object with the specified parameters defined
+ * over GFp (defined by the equation y^2 = x^3 + a*x + b)
+ * \param p BIGNUM with the prime number
+ * \param a BIGNUM with the parameter a of the equation
+ * \param b BIGNUM with the parameter b of the equation
+ * \param ctx BN_CTX object (optional)
+ * \return newly created EC_GROUP object with the specified parameters
+ */
+EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a,
+ const BIGNUM *b, BN_CTX *ctx);
+# ifndef OPENSSL_NO_EC2M
+/** Creates a new EC_GROUP object with the specified parameters defined
+ * over GF2m (defined by the equation y^2 + x*y = x^3 + a*x^2 + b)
+ * \param p BIGNUM with the polynomial defining the underlying field
+ * \param a BIGNUM with the parameter a of the equation
+ * \param b BIGNUM with the parameter b of the equation
+ * \param ctx BN_CTX object (optional)
+ * \return newly created EC_GROUP object with the specified parameters
+ */
+EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a,
+ const BIGNUM *b, BN_CTX *ctx);
+# endif
+
+/**
+ * Creates a EC_GROUP object with a curve specified by a NID
+ * \param libctx The associated library context or NULL for the default
+ * context
+ * \param propq A property query string
+ * \param nid NID of the OID of the curve name
+ * \return newly created EC_GROUP object with specified curve or NULL
+ * if an error occurred
+ */
+EC_GROUP *EC_GROUP_new_by_curve_name_with_libctx(OPENSSL_CTX *libctx,
+ const char *propq, int nid);
+
+/**
+ * Creates a EC_GROUP object with a curve specified by a NID. Same as
+ * EC_GROUP_new_by_curve_name_with_libctx but the libctx and propq are always
+ * NULL.
+ * \param nid NID of the OID of the curve name
+ * \return newly created EC_GROUP object with specified curve or NULL
+ * if an error occurred
+ */
+EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
+
+/** Creates a new EC_GROUP object from an ECPARAMETERS object
+ * \param params pointer to the ECPARAMETERS object
+ * \return newly created EC_GROUP object with specified curve or NULL
+ * if an error occurred
+ */
+EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params);
+
+/** Creates an ECPARAMETERS object for the given EC_GROUP object.
+ * \param group pointer to the EC_GROUP object
+ * \param params pointer to an existing ECPARAMETERS object or NULL
+ * \return pointer to the new ECPARAMETERS object or NULL
+ * if an error occurred.
+ */
+ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group,
+ ECPARAMETERS *params);
+
+/** Creates a new EC_GROUP object from an ECPKPARAMETERS object
+ * \param params pointer to an existing ECPKPARAMETERS object, or NULL
+ * \return newly created EC_GROUP object with specified curve, or NULL
+ * if an error occurred
+ */
+EC_GROUP *EC_GROUP_new_from_ecpkparameters(const ECPKPARAMETERS *params);
+
+/** Creates an ECPKPARAMETERS object for the given EC_GROUP object.
+ * \param group pointer to the EC_GROUP object
+ * \param params pointer to an existing ECPKPARAMETERS object or NULL
+ * \return pointer to the new ECPKPARAMETERS object or NULL
+ * if an error occurred.
+ */
+ECPKPARAMETERS *EC_GROUP_get_ecpkparameters(const EC_GROUP *group,
+ ECPKPARAMETERS *params);
+
+/********************************************************************/
+/* handling of internal curves */
+/********************************************************************/
+
+typedef struct {
+ int nid;
+ const char *comment;
+} EC_builtin_curve;
+
+/*
+ * EC_builtin_curves(EC_builtin_curve *r, size_t size) returns number of all
+ * available curves or zero if a error occurred. In case r is not zero,
+ * nitems EC_builtin_curve structures are filled with the data of the first
+ * nitems internal groups
+ */
+size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems);
+
+const char *EC_curve_nid2nist(int nid);
+int EC_curve_nist2nid(const char *name);
+int EC_GROUP_check_named_curve(const EC_GROUP *group, int nist_only,
+ BN_CTX *ctx);
+
+/********************************************************************/
+/* EC_POINT functions */
+/********************************************************************/
+
+/** Creates a new EC_POINT object for the specified EC_GROUP
+ * \param group EC_GROUP the underlying EC_GROUP object
+ * \return newly created EC_POINT object or NULL if an error occurred
+ */
+EC_POINT *EC_POINT_new(const EC_GROUP *group);
+
+/** Frees a EC_POINT object
+ * \param point EC_POINT object to be freed
+ */
+void EC_POINT_free(EC_POINT *point);
+
+/** Clears and frees a EC_POINT object
+ * \param point EC_POINT object to be cleared and freed
+ */
+void EC_POINT_clear_free(EC_POINT *point);
+
+/** Copies EC_POINT object
+ * \param dst destination EC_POINT object
+ * \param src source EC_POINT object
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
+
+/** Creates a new EC_POINT object and copies the content of the supplied
+ * EC_POINT
+ * \param src source EC_POINT object
+ * \param group underlying the EC_GROUP object
+ * \return newly created EC_POINT object or NULL if an error occurred
+ */
+EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
+
+/** Returns the EC_METHOD used in EC_POINT object
+ * \param point EC_POINT object
+ * \return the EC_METHOD used
+ */
+DEPRECATEDIN_3_0(const EC_METHOD *EC_POINT_method_of(const EC_POINT *point))
+
+/** Sets a point to infinity (neutral element)
+ * \param group underlying EC_GROUP object
+ * \param point EC_POINT to set to infinity
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
+
+/** Sets the jacobian projective coordinates of a EC_POINT over GFp
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param x BIGNUM with the x-coordinate
+ * \param y BIGNUM with the y-coordinate
+ * \param z BIGNUM with the z-coordinate
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+DEPRECATEDIN_3_0(int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
+ EC_POINT *p, const BIGNUM *x,
+ const BIGNUM *y, const BIGNUM *z,
+ BN_CTX *ctx))
+
+/** Gets the jacobian projective coordinates of a EC_POINT over GFp
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param x BIGNUM for the x-coordinate
+ * \param y BIGNUM for the y-coordinate
+ * \param z BIGNUM for the z-coordinate
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+DEPRECATEDIN_3_0(int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+ const EC_POINT *p, BIGNUM *x,
+ BIGNUM *y, BIGNUM *z,
+ BN_CTX *ctx))
+
+/** Sets the affine coordinates of an EC_POINT
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param x BIGNUM with the x-coordinate
+ * \param y BIGNUM with the y-coordinate
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_POINT_set_affine_coordinates(const EC_GROUP *group, EC_POINT *p,
+ const BIGNUM *x, const BIGNUM *y,
+ BN_CTX *ctx);
+
+/** Gets the affine coordinates of an EC_POINT.
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param x BIGNUM for the x-coordinate
+ * \param y BIGNUM for the y-coordinate
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *p,
+ BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+
+/** Sets the affine coordinates of an EC_POINT. A synonym of
+ * EC_POINT_set_affine_coordinates
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param x BIGNUM with the x-coordinate
+ * \param y BIGNUM with the y-coordinate
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+DEPRECATEDIN_3_0(int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group,
+ EC_POINT *p,
+ const BIGNUM *x,
+ const BIGNUM *y,
+ BN_CTX *ctx))
+
+/** Gets the affine coordinates of an EC_POINT. A synonym of
+ * EC_POINT_get_affine_coordinates
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param x BIGNUM for the x-coordinate
+ * \param y BIGNUM for the y-coordinate
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+DEPRECATEDIN_3_0(int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
+ const EC_POINT *p,
+ BIGNUM *x,
+ BIGNUM *y,
+ BN_CTX *ctx))
+
+/** Sets the x9.62 compressed coordinates of a EC_POINT
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param x BIGNUM with x-coordinate
+ * \param y_bit integer with the y-Bit (either 0 or 1)
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_POINT_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *p,
+ const BIGNUM *x, int y_bit,
+ BN_CTX *ctx);
+
+/** Sets the x9.62 compressed coordinates of a EC_POINT. A synonym of
+ * EC_POINT_set_compressed_coordinates
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param x BIGNUM with x-coordinate
+ * \param y_bit integer with the y-Bit (either 0 or 1)
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+DEPRECATEDIN_3_0(int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
+ EC_POINT *p,
+ const BIGNUM *x,
+ int y_bit,
+ BN_CTX *ctx))
+# ifndef OPENSSL_NO_EC2M
+/** Sets the affine coordinates of an EC_POINT. A synonym of
+ * EC_POINT_set_affine_coordinates
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param x BIGNUM with the x-coordinate
+ * \param y BIGNUM with the y-coordinate
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+DEPRECATEDIN_3_0(int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group,
+ EC_POINT *p,
+ const BIGNUM *x,
+ const BIGNUM *y,
+ BN_CTX *ctx))
+
+/** Gets the affine coordinates of an EC_POINT. A synonym of
+ * EC_POINT_get_affine_coordinates
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param x BIGNUM for the x-coordinate
+ * \param y BIGNUM for the y-coordinate
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+DEPRECATEDIN_3_0(int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
+ const EC_POINT *p,
+ BIGNUM *x,
+ BIGNUM *y,
+ BN_CTX *ctx))
+
+/** Sets the x9.62 compressed coordinates of a EC_POINT. A synonym of
+ * EC_POINT_set_compressed_coordinates
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param x BIGNUM with x-coordinate
+ * \param y_bit integer with the y-Bit (either 0 or 1)
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+DEPRECATEDIN_3_0(int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
+ EC_POINT *p,
+ const BIGNUM *x,
+ int y_bit,
+ BN_CTX *ctx))
+# endif
+/** Encodes a EC_POINT object to a octet string
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param form point conversion form
+ * \param buf memory buffer for the result. If NULL the function returns
+ * required buffer size.
+ * \param len length of the memory buffer
+ * \param ctx BN_CTX object (optional)
+ * \return the length of the encoded octet string or 0 if an error occurred
+ */
+size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
+ point_conversion_form_t form,
+ unsigned char *buf, size_t len, BN_CTX *ctx);
+
+/** Decodes a EC_POINT from a octet string
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param buf memory buffer with the encoded ec point
+ * \param len length of the encoded ec point
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
+ const unsigned char *buf, size_t len, BN_CTX *ctx);
+
+/** Encodes an EC_POINT object to an allocated octet string
+ * \param group underlying EC_GROUP object
+ * \param point EC_POINT object
+ * \param form point conversion form
+ * \param pbuf returns pointer to allocated buffer
+ * \param ctx BN_CTX object (optional)
+ * \return the length of the encoded octet string or 0 if an error occurred
+ */
+size_t EC_POINT_point2buf(const EC_GROUP *group, const EC_POINT *point,
+ point_conversion_form_t form,
+ unsigned char **pbuf, BN_CTX *ctx);
+
+/* other interfaces to point2oct/oct2point: */
+BIGNUM *EC_POINT_point2bn(const EC_GROUP *, const EC_POINT *,
+ point_conversion_form_t form, BIGNUM *, BN_CTX *);
+EC_POINT *EC_POINT_bn2point(const EC_GROUP *, const BIGNUM *,
+ EC_POINT *, BN_CTX *);
+char *EC_POINT_point2hex(const EC_GROUP *, const EC_POINT *,
+ point_conversion_form_t form, BN_CTX *);
+EC_POINT *EC_POINT_hex2point(const EC_GROUP *, const char *,
+ EC_POINT *, BN_CTX *);
+
+/********************************************************************/
+/* functions for doing EC_POINT arithmetic */
+/********************************************************************/
+
+/** Computes the sum of two EC_POINT
+ * \param group underlying EC_GROUP object
+ * \param r EC_POINT object for the result (r = a + b)
+ * \param a EC_POINT object with the first summand
+ * \param b EC_POINT object with the second summand
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
+ const EC_POINT *b, BN_CTX *ctx);
+
+/** Computes the double of a EC_POINT
+ * \param group underlying EC_GROUP object
+ * \param r EC_POINT object for the result (r = 2 * a)
+ * \param a EC_POINT object
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
+ BN_CTX *ctx);
+
+/** Computes the inverse of a EC_POINT
+ * \param group underlying EC_GROUP object
+ * \param a EC_POINT object to be inverted (it's used for the result as well)
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx);
+
+/** Checks whether the point is the neutral element of the group
+ * \param group the underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \return 1 if the point is the neutral element and 0 otherwise
+ */
+int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *p);
+
+/** Checks whether the point is on the curve
+ * \param group underlying EC_GROUP object
+ * \param point EC_POINT object to check
+ * \param ctx BN_CTX object (optional)
+ * \return 1 if the point is on the curve, 0 if not, or -1 on error
+ */
+int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point,
+ BN_CTX *ctx);
+
+/** Compares two EC_POINTs
+ * \param group underlying EC_GROUP object
+ * \param a first EC_POINT object
+ * \param b second EC_POINT object
+ * \param ctx BN_CTX object (optional)
+ * \return 1 if the points are not equal, 0 if they are, or -1 on error
+ */
+int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b,
+ BN_CTX *ctx);
+
+DEPRECATEDIN_3_0(int EC_POINT_make_affine(const EC_GROUP *group,
+ EC_POINT *point, BN_CTX *ctx))
+DEPRECATEDIN_3_0(int EC_POINTs_make_affine(const EC_GROUP *group, size_t num,
+ EC_POINT *points[], BN_CTX *ctx))
+
+/** Computes r = generator * n + sum_{i=0}^{num-1} p[i] * m[i]
+ * \param group underlying EC_GROUP object
+ * \param r EC_POINT object for the result
+ * \param n BIGNUM with the multiplier for the group generator (optional)
+ * \param num number further summands
+ * \param p array of size num of EC_POINT objects
+ * \param m array of size num of BIGNUM objects
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+DEPRECATEDIN_3_0(int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r,
+ const BIGNUM *n, size_t num,
+ const EC_POINT *p[], const BIGNUM *m[],
+ BN_CTX *ctx))
+
+/** Computes r = generator * n + q * m
+ * \param group underlying EC_GROUP object
+ * \param r EC_POINT object for the result
+ * \param n BIGNUM with the multiplier for the group generator (optional)
+ * \param q EC_POINT object with the first factor of the second summand
+ * \param m BIGNUM with the second factor of the second summand
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n,
+ const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx);
+
+/** Stores multiples of generator for faster point multiplication
+ * \param group EC_GROUP object
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+DEPRECATEDIN_3_0(int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx))
+
+/** Reports whether a precomputation has been done
+ * \param group EC_GROUP object
+ * \return 1 if a pre-computation has been done and 0 otherwise
+ */
+DEPRECATEDIN_3_0(int EC_GROUP_have_precompute_mult(const EC_GROUP *group))
+
+/********************************************************************/
+/* ASN1 stuff */
+/********************************************************************/
+
+DECLARE_ASN1_ITEM(ECPKPARAMETERS)
+DECLARE_ASN1_ALLOC_FUNCTIONS(ECPKPARAMETERS)
+DECLARE_ASN1_ITEM(ECPARAMETERS)
+DECLARE_ASN1_ALLOC_FUNCTIONS(ECPARAMETERS)
+
+/*
+ * EC_GROUP_get_basis_type() returns the NID of the basis type used to
+ * represent the field elements
+ */
+int EC_GROUP_get_basis_type(const EC_GROUP *);
+# ifndef OPENSSL_NO_EC2M
+int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
+int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
+ unsigned int *k2, unsigned int *k3);
+# endif
+
+# define OPENSSL_EC_EXPLICIT_CURVE 0x000
+# define OPENSSL_EC_NAMED_CURVE 0x001
+
+EC_GROUP *d2i_ECPKParameters(EC_GROUP **, const unsigned char **in, long len);
+int i2d_ECPKParameters(const EC_GROUP *, unsigned char **out);
+
+# define d2i_ECPKParameters_bio(bp,x) \
+ ASN1_d2i_bio_of(EC_GROUP, NULL, d2i_ECPKParameters, bp, x)
+# define i2d_ECPKParameters_bio(bp,x) \
+ ASN1_i2d_bio_of(EC_GROUP, i2d_ECPKParameters, bp, x)
+# define d2i_ECPKParameters_fp(fp,x) \
+ (EC_GROUP *)ASN1_d2i_fp(NULL, (char *(*)())d2i_ECPKParameters, (fp), \
+ (unsigned char **)(x))
+# define i2d_ECPKParameters_fp(fp,x) \
+ ASN1_i2d_fp(i2d_ECPKParameters,(fp), (unsigned char *)(x))
+
+int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off);
+# ifndef OPENSSL_NO_STDIO
+int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off);
+# endif
+
+/********************************************************************/
+/* EC_KEY functions */
+/********************************************************************/
+
+/* some values for the encoding_flag */
+# define EC_PKEY_NO_PARAMETERS 0x001
+# define EC_PKEY_NO_PUBKEY 0x002
+
+/* some values for the flags field */
+# define EC_FLAG_NON_FIPS_ALLOW 0x1
+# define EC_FLAG_FIPS_CHECKED 0x2
+# define EC_FLAG_COFACTOR_ECDH 0x1000
+
+/**
+ * Creates a new EC_KEY object.
+ * \param ctx The library context for to use for this EC_KEY. May be NULL in
+ * which case the default library context is used.
+ * \return EC_KEY object or NULL if an error occurred.
+ */
+EC_KEY *EC_KEY_new_with_libctx(OPENSSL_CTX *ctx, const char *propq);
+
+/**
+ * Creates a new EC_KEY object. Same as calling EC_KEY_new_with_libctx with a
+ * NULL library context
+ * \return EC_KEY object or NULL if an error occurred.
+ */
+EC_KEY *EC_KEY_new(void);
+
+int EC_KEY_get_flags(const EC_KEY *key);
+
+void EC_KEY_set_flags(EC_KEY *key, int flags);
+
+void EC_KEY_clear_flags(EC_KEY *key, int flags);
+
+/**
+ * Creates a new EC_KEY object using a named curve as underlying
+ * EC_GROUP object.
+ * \param ctx The library context for to use for this EC_KEY. May be NULL in
+ * which case the default library context is used.
+ * \param propq Any property query string
+ * \param nid NID of the named curve.
+ * \return EC_KEY object or NULL if an error occurred.
+ */
+EC_KEY *EC_KEY_new_by_curve_name_with_libctx(OPENSSL_CTX *ctx, const char *propq,
+ int nid);
+
+/**
+ * Creates a new EC_KEY object using a named curve as underlying
+ * EC_GROUP object. Same as calling EC_KEY_new_by_curve_name_ex with a NULL
+ * library context and property query string.
+ * \param nid NID of the named curve.
+ * \return EC_KEY object or NULL if an error occurred.
+ */
+EC_KEY *EC_KEY_new_by_curve_name(int nid);
+
+
+/** Frees a EC_KEY object.
+ * \param key EC_KEY object to be freed.
+ */
+void EC_KEY_free(EC_KEY *key);
+
+/** Copies a EC_KEY object.
+ * \param dst destination EC_KEY object
+ * \param src src EC_KEY object
+ * \return dst or NULL if an error occurred.
+ */
+EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+
+/** Creates a new EC_KEY object and copies the content from src to it.
+ * \param src the source EC_KEY object
+ * \return newly created EC_KEY object or NULL if an error occurred.
+ */
+EC_KEY *EC_KEY_dup(const EC_KEY *src);
+
+/** Increases the internal reference count of a EC_KEY object.
+ * \param key EC_KEY object
+ * \return 1 on success and 0 if an error occurred.
+ */
+int EC_KEY_up_ref(EC_KEY *key);
+
+/** Returns the ENGINE object of a EC_KEY object
+ * \param eckey EC_KEY object
+ * \return the ENGINE object (possibly NULL).
+ */
+ENGINE *EC_KEY_get0_engine(const EC_KEY *eckey);
+
+/** Returns the EC_GROUP object of a EC_KEY object
+ * \param key EC_KEY object
+ * \return the EC_GROUP object (possibly NULL).
+ */
+const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+
+/** Sets the EC_GROUP of a EC_KEY object.
+ * \param key EC_KEY object
+ * \param group EC_GROUP to use in the EC_KEY object (note: the EC_KEY
+ * object will use an own copy of the EC_GROUP).
+ * \return 1 on success and 0 if an error occurred.
+ */
+int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+
+/** Returns the private key of a EC_KEY object.
+ * \param key EC_KEY object
+ * \return a BIGNUM with the private key (possibly NULL).
+ */
+const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+
+/** Sets the private key of a EC_KEY object.
+ * \param key EC_KEY object
+ * \param prv BIGNUM with the private key (note: the EC_KEY object
+ * will use an own copy of the BIGNUM).
+ * \return 1 on success and 0 if an error occurred.
+ */
+int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+
+/** Returns the public key of a EC_KEY object.
+ * \param key the EC_KEY object
+ * \return a EC_POINT object with the public key (possibly NULL)
+ */
+const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+
+/** Sets the public key of a EC_KEY object.
+ * \param key EC_KEY object
+ * \param pub EC_POINT object with the public key (note: the EC_KEY object
+ * will use an own copy of the EC_POINT object).
+ * \return 1 on success and 0 if an error occurred.
+ */
+int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+
+unsigned EC_KEY_get_enc_flags(const EC_KEY *key);
+void EC_KEY_set_enc_flags(EC_KEY *eckey, unsigned int flags);
+point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+
+# define EC_KEY_get_ex_new_index(l, p, newf, dupf, freef) \
+ CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_EC_KEY, l, p, newf, dupf, freef)
+int EC_KEY_set_ex_data(EC_KEY *key, int idx, void *arg);
+void *EC_KEY_get_ex_data(const EC_KEY *key, int idx);
+
+/* wrapper functions for the underlying EC_GROUP object */
+void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+
+/** Creates a table of pre-computed multiples of the generator to
+ * accelerate further EC_KEY operations.
+ * \param key EC_KEY object
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred.
+ */
+DEPRECATEDIN_3_0(int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx))
+
+/** Creates a new ec private (and optional a new public) key.
+ * \param key EC_KEY object
+ * \return 1 on success and 0 if an error occurred.
+ */
+int EC_KEY_generate_key(EC_KEY *key);
+
+/** Verifies that a private and/or public key is valid.
+ * \param key the EC_KEY object
+ * \return 1 on success and 0 otherwise.
+ */
+int EC_KEY_check_key(const EC_KEY *key);
+
+/** Indicates if an EC_KEY can be used for signing.
+ * \param eckey the EC_KEY object
+ * \return 1 if can can sign and 0 otherwise.
+ */
+int EC_KEY_can_sign(const EC_KEY *eckey);
+
+/** Sets a public key from affine coordinates performing
+ * necessary NIST PKV tests.
+ * \param key the EC_KEY object
+ * \param x public key x coordinate
+ * \param y public key y coordinate
+ * \return 1 on success and 0 otherwise.
+ */
+int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x,
+ BIGNUM *y);
+
+/** Encodes an EC_KEY public key to an allocated octet string
+ * \param key key to encode
+ * \param form point conversion form
+ * \param pbuf returns pointer to allocated buffer
+ * \param ctx BN_CTX object (optional)
+ * \return the length of the encoded octet string or 0 if an error occurred
+ */
+size_t EC_KEY_key2buf(const EC_KEY *key, point_conversion_form_t form,
+ unsigned char **pbuf, BN_CTX *ctx);
+
+/** Decodes a EC_KEY public key from a octet string
+ * \param key key to decode
+ * \param buf memory buffer with the encoded ec point
+ * \param len length of the encoded ec point
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred
+ */
+
+int EC_KEY_oct2key(EC_KEY *key, const unsigned char *buf, size_t len,
+ BN_CTX *ctx);
+
+/** Decodes an EC_KEY private key from an octet string
+ * \param key key to decode
+ * \param buf memory buffer with the encoded private key
+ * \param len length of the encoded key
+ * \return 1 on success and 0 if an error occurred
+ */
+
+int EC_KEY_oct2priv(EC_KEY *key, const unsigned char *buf, size_t len);
+
+/** Encodes a EC_KEY private key to an octet string
+ * \param key key to encode
+ * \param buf memory buffer for the result. If NULL the function returns
+ * required buffer size.
+ * \param len length of the memory buffer
+ * \return the length of the encoded octet string or 0 if an error occurred
+ */
+
+size_t EC_KEY_priv2oct(const EC_KEY *key, unsigned char *buf, size_t len);
+
+/** Encodes an EC_KEY private key to an allocated octet string
+ * \param eckey key to encode
+ * \param pbuf returns pointer to allocated buffer
+ * \return the length of the encoded octet string or 0 if an error occurred
+ */
+size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf);
+
+/********************************************************************/
+/* de- and encoding functions for SEC1 ECPrivateKey */
+/********************************************************************/
+
+/** Decodes a private key from a memory buffer.
+ * \param key a pointer to a EC_KEY object which should be used (or NULL)
+ * \param in pointer to memory with the DER encoded private key
+ * \param len length of the DER encoded private key
+ * \return the decoded private key or NULL if an error occurred.
+ */
+EC_KEY *d2i_ECPrivateKey(EC_KEY **key, const unsigned char **in, long len);
+
+/** Encodes a private key object and stores the result in a buffer.
+ * \param key the EC_KEY object to encode
+ * \param out the buffer for the result (if NULL the function returns number
+ * of bytes needed).
+ * \return 1 on success and 0 if an error occurred.
+ */
+int i2d_ECPrivateKey(const EC_KEY *key, unsigned char **out);
+
+/********************************************************************/
+/* de- and encoding functions for EC parameters */
+/********************************************************************/
+
+/** Decodes ec parameter from a memory buffer.
+ * \param key a pointer to a EC_KEY object which should be used (or NULL)
+ * \param in pointer to memory with the DER encoded ec parameters
+ * \param len length of the DER encoded ec parameters
+ * \return a EC_KEY object with the decoded parameters or NULL if an error
+ * occurred.
+ */
+EC_KEY *d2i_ECParameters(EC_KEY **key, const unsigned char **in, long len);
+
+/** Encodes ec parameter and stores the result in a buffer.
+ * \param key the EC_KEY object with ec parameters to encode
+ * \param out the buffer for the result (if NULL the function returns number
+ * of bytes needed).
+ * \return 1 on success and 0 if an error occurred.
+ */
+int i2d_ECParameters(const EC_KEY *key, unsigned char **out);
+
+/********************************************************************/
+/* de- and encoding functions for EC public key */
+/* (octet string, not DER -- hence 'o2i' and 'i2o') */
+/********************************************************************/
+
+/** Decodes a ec public key from a octet string.
+ * \param key a pointer to a EC_KEY object which should be used
+ * \param in memory buffer with the encoded public key
+ * \param len length of the encoded public key
+ * \return EC_KEY object with decoded public key or NULL if an error
+ * occurred.
+ */
+EC_KEY *o2i_ECPublicKey(EC_KEY **key, const unsigned char **in, long len);
+
+/** Encodes a ec public key in an octet string.
+ * \param key the EC_KEY object with the public key
+ * \param out the buffer for the result (if NULL the function returns number
+ * of bytes needed).
+ * \return 1 on success and 0 if an error occurred
+ */
+int i2o_ECPublicKey(const EC_KEY *key, unsigned char **out);
+
+/** Prints out the ec parameters on human readable form.
+ * \param bp BIO object to which the information is printed
+ * \param key EC_KEY object
+ * \return 1 on success and 0 if an error occurred
+ */
+int ECParameters_print(BIO *bp, const EC_KEY *key);
+
+/** Prints out the contents of a EC_KEY object
+ * \param bp BIO object to which the information is printed
+ * \param key EC_KEY object
+ * \param off line offset
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_KEY_print(BIO *bp, const EC_KEY *key, int off);
+
+# ifndef OPENSSL_NO_STDIO
+/** Prints out the ec parameters on human readable form.
+ * \param fp file descriptor to which the information is printed
+ * \param key EC_KEY object
+ * \return 1 on success and 0 if an error occurred
+ */
+int ECParameters_print_fp(FILE *fp, const EC_KEY *key);
+
+/** Prints out the contents of a EC_KEY object
+ * \param fp file descriptor to which the information is printed
+ * \param key EC_KEY object
+ * \param off line offset
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_KEY_print_fp(FILE *fp, const EC_KEY *key, int off);
+
+# endif
+
+const EC_KEY_METHOD *EC_KEY_OpenSSL(void);
+const EC_KEY_METHOD *EC_KEY_get_default_method(void);
+void EC_KEY_set_default_method(const EC_KEY_METHOD *meth);
+const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
+int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
+EC_KEY *EC_KEY_new_method(ENGINE *engine);
+
+/** The old name for ecdh_KDF_X9_63
+ * The ECDH KDF specification has been mistakingly attributed to ANSI X9.62,
+ * it is actually specified in ANSI X9.63.
+ * This identifier is retained for backwards compatibility
+ */
+DEPRECATEDIN_3_0(int ECDH_KDF_X9_62(unsigned char *out, size_t outlen,
+ const unsigned char *Z, size_t Zlen,
+ const unsigned char *sinfo, size_t sinfolen,
+ const EVP_MD *md))
+
+DEPRECATEDIN_3_0(int ECDH_compute_key(void *out, size_t outlen,
+ const EC_POINT *pub_key,
+ const EC_KEY *ecdh,
+ void *(*KDF)(const void *in, size_t inlen,
+ void *out, size_t *outlen)))
+
+typedef struct ECDSA_SIG_st ECDSA_SIG;
+
+/** Allocates and initialize a ECDSA_SIG structure
+ * \return pointer to a ECDSA_SIG structure or NULL if an error occurred
+ */
+ECDSA_SIG *ECDSA_SIG_new(void);
+
+/** frees a ECDSA_SIG structure
+ * \param sig pointer to the ECDSA_SIG structure
+ */
+void ECDSA_SIG_free(ECDSA_SIG *sig);
+
+/** i2d_ECDSA_SIG encodes content of ECDSA_SIG (note: this function modifies *pp
+ * (*pp += length of the DER encoded signature)).
+ * \param sig pointer to the ECDSA_SIG object
+ * \param pp pointer to a unsigned char pointer for the output or NULL
+ * \return the length of the DER encoded ECDSA_SIG object or a negative value
+ * on error
+ */
+DECLARE_ASN1_ENCODE_FUNCTIONS_only(ECDSA_SIG, ECDSA_SIG)
+
+/** d2i_ECDSA_SIG decodes an ECDSA signature (note: this function modifies *pp
+ * (*pp += len)).
+ * \param sig pointer to ECDSA_SIG pointer (may be NULL)
+ * \param pp memory buffer with the DER encoded signature
+ * \param len length of the buffer
+ * \return pointer to the decoded ECDSA_SIG structure (or NULL)
+ */
+
+/** Accessor for r and s fields of ECDSA_SIG
+ * \param sig pointer to ECDSA_SIG structure
+ * \param pr pointer to BIGNUM pointer for r (may be NULL)
+ * \param ps pointer to BIGNUM pointer for s (may be NULL)
+ */
+void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps);
+
+/** Accessor for r field of ECDSA_SIG
+ * \param sig pointer to ECDSA_SIG structure
+ */
+const BIGNUM *ECDSA_SIG_get0_r(const ECDSA_SIG *sig);
+
+/** Accessor for s field of ECDSA_SIG
+ * \param sig pointer to ECDSA_SIG structure
+ */
+const BIGNUM *ECDSA_SIG_get0_s(const ECDSA_SIG *sig);
+
+/** Setter for r and s fields of ECDSA_SIG
+ * \param sig pointer to ECDSA_SIG structure
+ * \param r pointer to BIGNUM for r (may be NULL)
+ * \param s pointer to BIGNUM for s (may be NULL)
+ */
+int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s);
+
+/** Computes the ECDSA signature of the given hash value using
+ * the supplied private key and returns the created signature.
+ * \param dgst pointer to the hash value
+ * \param dgst_len length of the hash value
+ * \param eckey EC_KEY object containing a private EC key
+ * \return pointer to a ECDSA_SIG structure or NULL if an error occurred
+ */
+DEPRECATEDIN_3_0(ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst,
+ int dgst_len, EC_KEY *eckey))
+
+/** Computes ECDSA signature of a given hash value using the supplied
+ * private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
+ * \param dgst pointer to the hash value to sign
+ * \param dgstlen length of the hash value
+ * \param kinv BIGNUM with a pre-computed inverse k (optional)
+ * \param rp BIGNUM with a pre-computed rp value (optional),
+ * see ECDSA_sign_setup
+ * \param eckey EC_KEY object containing a private EC key
+ * \return pointer to a ECDSA_SIG structure or NULL if an error occurred
+ */
+DEPRECATEDIN_3_0(ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst,
+ int dgstlen, const BIGNUM *kinv,
+ const BIGNUM *rp, EC_KEY *eckey))
+
+/** Verifies that the supplied signature is a valid ECDSA
+ * signature of the supplied hash value using the supplied public key.
+ * \param dgst pointer to the hash value
+ * \param dgst_len length of the hash value
+ * \param sig ECDSA_SIG structure
+ * \param eckey EC_KEY object containing a public EC key
+ * \return 1 if the signature is valid, 0 if the signature is invalid
+ * and -1 on error
+ */
+DEPRECATEDIN_3_0(int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
+ const ECDSA_SIG *sig, EC_KEY *eckey))
+
+/** Precompute parts of the signing operation
+ * \param eckey EC_KEY object containing a private EC key
+ * \param ctx BN_CTX object (optional)
+ * \param kinv BIGNUM pointer for the inverse of k
+ * \param rp BIGNUM pointer for x coordinate of k * generator
+ * \return 1 on success and 0 otherwise
+ */
+DEPRECATEDIN_3_0(int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx,
+ BIGNUM **kinv, BIGNUM **rp))
+
+/** Computes ECDSA signature of a given hash value using the supplied
+ * private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
+ * \param type this parameter is ignored
+ * \param dgst pointer to the hash value to sign
+ * \param dgstlen length of the hash value
+ * \param sig memory for the DER encoded created signature
+ * \param siglen pointer to the length of the returned signature
+ * \param eckey EC_KEY object containing a private EC key
+ * \return 1 on success and 0 otherwise
+ */
+DEPRECATEDIN_3_0(int ECDSA_sign(int type, const unsigned char *dgst,
+ int dgstlen, unsigned char *sig,
+ unsigned int *siglen, EC_KEY *eckey))
+
+/** Computes ECDSA signature of a given hash value using the supplied
+ * private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
+ * \param type this parameter is ignored
+ * \param dgst pointer to the hash value to sign
+ * \param dgstlen length of the hash value
+ * \param sig buffer to hold the DER encoded signature
+ * \param siglen pointer to the length of the returned signature
+ * \param kinv BIGNUM with a pre-computed inverse k (optional)
+ * \param rp BIGNUM with a pre-computed rp value (optional),
+ * see ECDSA_sign_setup
+ * \param eckey EC_KEY object containing a private EC key
+ * \return 1 on success and 0 otherwise
+ */
+DEPRECATEDIN_3_0(int ECDSA_sign_ex(int type, const unsigned char *dgst,
+ int dgstlen, unsigned char *sig,
+ unsigned int *siglen, const BIGNUM *kinv,
+ const BIGNUM *rp, EC_KEY *eckey))
+
+/** Verifies that the given signature is valid ECDSA signature
+ * of the supplied hash value using the specified public key.
+ * \param type this parameter is ignored
+ * \param dgst pointer to the hash value
+ * \param dgstlen length of the hash value
+ * \param sig pointer to the DER encoded signature
+ * \param siglen length of the DER encoded signature
+ * \param eckey EC_KEY object containing a public EC key
+ * \return 1 if the signature is valid, 0 if the signature is invalid
+ * and -1 on error
+ */
+DEPRECATEDIN_3_0(int ECDSA_verify(int type, const unsigned char *dgst,
+ int dgstlen, const unsigned char *sig,
+ int siglen, EC_KEY *eckey))
+
+/** Returns the maximum length of the DER encoded signature
+ * \param eckey EC_KEY object
+ * \return numbers of bytes required for the DER encoded signature
+ */
+DEPRECATEDIN_3_0(int ECDSA_size(const EC_KEY *eckey))
+
+/********************************************************************/
+/* EC_KEY_METHOD constructors, destructors, writers and accessors */
+/********************************************************************/
+
+DEPRECATEDIN_3_0(EC_KEY_METHOD *EC_KEY_METHOD_new(const EC_KEY_METHOD *meth))
+DEPRECATEDIN_3_0(void EC_KEY_METHOD_free(EC_KEY_METHOD *meth))
+DEPRECATEDIN_3_0(void EC_KEY_METHOD_set_init
+ (EC_KEY_METHOD *meth,
+ int (*init)(EC_KEY *key),
+ void (*finish)(EC_KEY *key),
+ int (*copy)(EC_KEY *dest, const EC_KEY *src),
+ int (*set_group)(EC_KEY *key, const EC_GROUP *grp),
+ int (*set_private)(EC_KEY *key,
+ const BIGNUM *priv_key),
+ int (*set_public)(EC_KEY *key,
+ const EC_POINT *pub_key)))
+
+DEPRECATEDIN_3_0(void EC_KEY_METHOD_set_keygen(EC_KEY_METHOD *meth,
+ int (*keygen)(EC_KEY *key)))
+
+DEPRECATEDIN_3_0(void EC_KEY_METHOD_set_compute_key
+ (EC_KEY_METHOD *meth,
+ int (*ckey)(unsigned char **psec,
+ size_t *pseclen,
+ const EC_POINT *pub_key,
+ const EC_KEY *ecdh)))
+
+DEPRECATEDIN_3_0(void EC_KEY_METHOD_set_sign
+ (EC_KEY_METHOD *meth,
+ int (*sign)(int type, const unsigned char *dgst,
+ int dlen, unsigned char *sig,
+ unsigned int *siglen,
+ const BIGNUM *kinv, const BIGNUM *r,
+ EC_KEY *eckey),
+ int (*sign_setup)(EC_KEY *eckey, BN_CTX *ctx_in,
+ BIGNUM **kinvp, BIGNUM **rp),
+ ECDSA_SIG *(*sign_sig)(const unsigned char *dgst,
+ int dgst_len,
+ const BIGNUM *in_kinv,
+ const BIGNUM *in_r,
+ EC_KEY *eckey)))
+
+DEPRECATEDIN_3_0(void EC_KEY_METHOD_set_verify
+ (EC_KEY_METHOD *meth,
+ int (*verify)(int type, const unsigned
+ char *dgst, int dgst_len,
+ const unsigned char *sigbuf,
+ int sig_len, EC_KEY *eckey),
+ int (*verify_sig)(const unsigned char *dgst,
+ int dgst_len,
+ const ECDSA_SIG *sig,
+ EC_KEY *eckey)))
+
+DEPRECATEDIN_3_0(void EC_KEY_METHOD_get_init
+ (const EC_KEY_METHOD *meth,
+ int (**pinit)(EC_KEY *key),
+ void (**pfinish)(EC_KEY *key),
+ int (**pcopy)(EC_KEY *dest, const EC_KEY *src),
+ int (**pset_group)(EC_KEY *key,
+ const EC_GROUP *grp),
+ int (**pset_private)(EC_KEY *key,
+ const BIGNUM *priv_key),
+ int (**pset_public)(EC_KEY *key,
+ const EC_POINT *pub_key)))
+
+DEPRECATEDIN_3_0(void EC_KEY_METHOD_get_keygen(const EC_KEY_METHOD *meth,
+ int (**pkeygen)(EC_KEY *key)))
+
+DEPRECATEDIN_3_0(void EC_KEY_METHOD_get_compute_key
+ (const EC_KEY_METHOD *meth,
+ int (**pck)(unsigned char **psec,
+ size_t *pseclen,
+ const EC_POINT *pub_key,
+ const EC_KEY *ecdh)))
+
+DEPRECATEDIN_3_0(void EC_KEY_METHOD_get_sign
+ (const EC_KEY_METHOD *meth,
+ int (**psign)(int type, const unsigned char *dgst,
+ int dlen, unsigned char *sig,
+ unsigned int *siglen,
+ const BIGNUM *kinv, const BIGNUM *r,
+ EC_KEY *eckey),
+ int (**psign_setup)(EC_KEY *eckey, BN_CTX *ctx_in,
+ BIGNUM **kinvp, BIGNUM **rp),
+ ECDSA_SIG *(**psign_sig)(const unsigned char *dgst,
+ int dgst_len,
+ const BIGNUM *in_kinv,
+ const BIGNUM *in_r,
+ EC_KEY *eckey)))
+
+DEPRECATEDIN_3_0(void EC_KEY_METHOD_get_verify
+ (const EC_KEY_METHOD *meth,
+ int (**pverify)(int type, const unsigned
+ char *dgst, int dgst_len,
+ const unsigned char *sigbuf,
+ int sig_len, EC_KEY *eckey),
+ int (**pverify_sig)(const unsigned char *dgst,
+ int dgst_len,
+ const ECDSA_SIG *sig,
+ EC_KEY *eckey)))
+
+# define ECParameters_dup(x) ASN1_dup_of(EC_KEY, i2d_ECParameters, \
+ d2i_ECParameters, x)
+
+# ifndef __cplusplus
+# if defined(__SUNPRO_C)
+# if __SUNPRO_C >= 0x520
+# pragma error_messages (default,E_ARRAY_OF_INCOMPLETE_NONAME,E_ARRAY_OF_INCOMPLETE)
+# endif
+# endif
+# endif
+
+int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+
+# define EVP_PKEY_CTX_set_ec_param_enc(ctx, flag) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+ EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN, \
+ EVP_PKEY_CTRL_EC_PARAM_ENC, flag, NULL)
+
+int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+
+int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+
+int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+
+int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+
+int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm,
+ int len);
+int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+
+/* SM2 will skip the operation check so no need to pass operation here */
+# define EVP_PKEY_CTX_set1_id(ctx, id, id_len) \
+ EVP_PKEY_CTX_ctrl(ctx, -1, -1, \
+ EVP_PKEY_CTRL_SET1_ID, (int)id_len, (void*)(id))
+# define EVP_PKEY_CTX_get1_id(ctx, id) \
+ EVP_PKEY_CTX_ctrl(ctx, -1, -1, \
+ EVP_PKEY_CTRL_GET1_ID, 0, (void*)(id))
+
+# define EVP_PKEY_CTX_get1_id_len(ctx, id_len) \
+ EVP_PKEY_CTX_ctrl(ctx, -1, -1, \
+ EVP_PKEY_CTRL_GET1_ID_LEN, 0, (void*)(id_len))
+
+# define EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID (EVP_PKEY_ALG_CTRL + 1)
+# define EVP_PKEY_CTRL_EC_PARAM_ENC (EVP_PKEY_ALG_CTRL + 2)
+# define EVP_PKEY_CTRL_EC_ECDH_COFACTOR (EVP_PKEY_ALG_CTRL + 3)
+# define EVP_PKEY_CTRL_EC_KDF_TYPE (EVP_PKEY_ALG_CTRL + 4)
+# define EVP_PKEY_CTRL_EC_KDF_MD (EVP_PKEY_ALG_CTRL + 5)
+# define EVP_PKEY_CTRL_GET_EC_KDF_MD (EVP_PKEY_ALG_CTRL + 6)
+# define EVP_PKEY_CTRL_EC_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 7)
+# define EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 8)
+# define EVP_PKEY_CTRL_EC_KDF_UKM (EVP_PKEY_ALG_CTRL + 9)
+# define EVP_PKEY_CTRL_GET_EC_KDF_UKM (EVP_PKEY_ALG_CTRL + 10)
+# define EVP_PKEY_CTRL_SET1_ID (EVP_PKEY_ALG_CTRL + 11)
+# define EVP_PKEY_CTRL_GET1_ID (EVP_PKEY_ALG_CTRL + 12)
+# define EVP_PKEY_CTRL_GET1_ID_LEN (EVP_PKEY_ALG_CTRL + 13)
+
+/* KDF types */
+# define EVP_PKEY_ECDH_KDF_NONE 1
+# define EVP_PKEY_ECDH_KDF_X9_63 2
+/** The old name for EVP_PKEY_ECDH_KDF_X9_63
+ * The ECDH KDF specification has been mistakingly attributed to ANSI X9.62,
+ * it is actually specified in ANSI X9.63.
+ * This identifier is retained for backwards compatibility
+ */
+# define EVP_PKEY_ECDH_KDF_X9_62 EVP_PKEY_ECDH_KDF_X9_63
+
+# ifdef __cplusplus
+}
+# endif
+# endif
+#endif
diff --git a/openssl/include/openssl/ecdh.h b/openssl/include/openssl/ecdh.h new file mode 100644 index 00000000..1e7e876c --- /dev/null +++ b/openssl/include/openssl/ecdh.h @@ -0,0 +1,10 @@ +/*
+ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <openssl/ec.h>
diff --git a/openssl/include/openssl/ecdsa.h b/openssl/include/openssl/ecdsa.h new file mode 100644 index 00000000..1e7e876c --- /dev/null +++ b/openssl/include/openssl/ecdsa.h @@ -0,0 +1,10 @@ +/*
+ * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <openssl/ec.h>
diff --git a/openssl/include/openssl/ecerr.h b/openssl/include/openssl/ecerr.h new file mode 100644 index 00000000..651b31a3 --- /dev/null +++ b/openssl/include/openssl/ecerr.h @@ -0,0 +1,296 @@ +/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_ECERR_H
+# define OPENSSL_ECERR_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_EC
+
+# ifdef __cplusplus
+extern "C"
+# endif
+int ERR_load_EC_strings(void);
+
+/*
+ * EC function codes.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define EC_F_BN_TO_FELEM 0
+# define EC_F_D2I_ECPARAMETERS 0
+# define EC_F_D2I_ECPKPARAMETERS 0
+# define EC_F_D2I_ECPRIVATEKEY 0
+# define EC_F_DO_EC_KEY_PRINT 0
+# define EC_F_ECDH_CMS_DECRYPT 0
+# define EC_F_ECDH_CMS_SET_SHARED_INFO 0
+# define EC_F_ECDH_COMPUTE_KEY 0
+# define EC_F_ECDH_SIMPLE_COMPUTE_KEY 0
+# define EC_F_ECDSA_DO_SIGN_EX 0
+# define EC_F_ECDSA_DO_VERIFY 0
+# define EC_F_ECDSA_S390X_NISTP_SIGN_SIG 0
+# define EC_F_ECDSA_S390X_NISTP_VERIFY_SIG 0
+# define EC_F_ECDSA_SIGN_EX 0
+# define EC_F_ECDSA_SIGN_SETUP 0
+# define EC_F_ECDSA_SIG_NEW 0
+# define EC_F_ECDSA_SIMPLE_SIGN_SETUP 0
+# define EC_F_ECDSA_SIMPLE_SIGN_SIG 0
+# define EC_F_ECDSA_SIMPLE_VERIFY_SIG 0
+# define EC_F_ECDSA_VERIFY 0
+# define EC_F_ECD_ITEM_VERIFY 0
+# define EC_F_ECKEY_PARAM2TYPE 0
+# define EC_F_ECKEY_PARAM_DECODE 0
+# define EC_F_ECKEY_PRIV_DECODE 0
+# define EC_F_ECKEY_PRIV_ENCODE 0
+# define EC_F_ECKEY_PUB_DECODE 0
+# define EC_F_ECKEY_PUB_ENCODE 0
+# define EC_F_ECKEY_TYPE2PARAM 0
+# define EC_F_ECPARAMETERS_PRINT 0
+# define EC_F_ECPARAMETERS_PRINT_FP 0
+# define EC_F_ECPKPARAMETERS_PRINT 0
+# define EC_F_ECPKPARAMETERS_PRINT_FP 0
+# define EC_F_ECP_NISTZ256_GET_AFFINE 0
+# define EC_F_ECP_NISTZ256_INV_MOD_ORD 0
+# define EC_F_ECP_NISTZ256_MULT_PRECOMPUTE 0
+# define EC_F_ECP_NISTZ256_POINTS_MUL 0
+# define EC_F_ECP_NISTZ256_PRE_COMP_NEW 0
+# define EC_F_ECP_NISTZ256_WINDOWED_MUL 0
+# define EC_F_ECX_KEY_OP 0
+# define EC_F_ECX_PRIV_ENCODE 0
+# define EC_F_ECX_PUB_ENCODE 0
+# define EC_F_EC_ASN1_GROUP2CURVE 0
+# define EC_F_EC_ASN1_GROUP2FIELDID 0
+# define EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY 0
+# define EC_F_EC_GF2M_SIMPLE_FIELD_INV 0
+# define EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT 0
+# define EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE 0
+# define EC_F_EC_GF2M_SIMPLE_LADDER_POST 0
+# define EC_F_EC_GF2M_SIMPLE_LADDER_PRE 0
+# define EC_F_EC_GF2M_SIMPLE_OCT2POINT 0
+# define EC_F_EC_GF2M_SIMPLE_POINT2OCT 0
+# define EC_F_EC_GF2M_SIMPLE_POINTS_MUL 0
+# define EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES 0
+# define EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES 0
+# define EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES 0
+# define EC_F_EC_GFP_MONT_FIELD_DECODE 0
+# define EC_F_EC_GFP_MONT_FIELD_ENCODE 0
+# define EC_F_EC_GFP_MONT_FIELD_INV 0
+# define EC_F_EC_GFP_MONT_FIELD_MUL 0
+# define EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE 0
+# define EC_F_EC_GFP_MONT_FIELD_SQR 0
+# define EC_F_EC_GFP_MONT_GROUP_SET_CURVE 0
+# define EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE 0
+# define EC_F_EC_GFP_NISTP224_POINTS_MUL 0
+# define EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES 0
+# define EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE 0
+# define EC_F_EC_GFP_NISTP256_POINTS_MUL 0
+# define EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES 0
+# define EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE 0
+# define EC_F_EC_GFP_NISTP521_POINTS_MUL 0
+# define EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES 0
+# define EC_F_EC_GFP_NIST_FIELD_MUL 0
+# define EC_F_EC_GFP_NIST_FIELD_SQR 0
+# define EC_F_EC_GFP_NIST_GROUP_SET_CURVE 0
+# define EC_F_EC_GFP_SIMPLE_BLIND_COORDINATES 0
+# define EC_F_EC_GFP_SIMPLE_FIELD_INV 0
+# define EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT 0
+# define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE 0
+# define EC_F_EC_GFP_SIMPLE_MAKE_AFFINE 0
+# define EC_F_EC_GFP_SIMPLE_OCT2POINT 0
+# define EC_F_EC_GFP_SIMPLE_POINT2OCT 0
+# define EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE 0
+# define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES 0
+# define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES 0
+# define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES 0
+# define EC_F_EC_GROUP_CHECK 0
+# define EC_F_EC_GROUP_CHECK_DISCRIMINANT 0
+# define EC_F_EC_GROUP_CHECK_NAMED_CURVE 0
+# define EC_F_EC_GROUP_COPY 0
+# define EC_F_EC_GROUP_GET_CURVE 0
+# define EC_F_EC_GROUP_GET_CURVE_GF2M 0
+# define EC_F_EC_GROUP_GET_CURVE_GFP 0
+# define EC_F_EC_GROUP_GET_DEGREE 0
+# define EC_F_EC_GROUP_GET_ECPARAMETERS 0
+# define EC_F_EC_GROUP_GET_ECPKPARAMETERS 0
+# define EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS 0
+# define EC_F_EC_GROUP_GET_TRINOMIAL_BASIS 0
+# define EC_F_EC_GROUP_NEW 0
+# define EC_F_EC_GROUP_NEW_BY_CURVE_NAME 0
+# define EC_F_EC_GROUP_NEW_EX 0
+# define EC_F_EC_GROUP_NEW_FROM_DATA 0
+# define EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS 0
+# define EC_F_EC_GROUP_NEW_FROM_ECPKPARAMETERS 0
+# define EC_F_EC_GROUP_SET_CURVE 0
+# define EC_F_EC_GROUP_SET_CURVE_GF2M 0
+# define EC_F_EC_GROUP_SET_CURVE_GFP 0
+# define EC_F_EC_GROUP_SET_GENERATOR 0
+# define EC_F_EC_GROUP_SET_SEED 0
+# define EC_F_EC_KEY_CHECK_KEY 0
+# define EC_F_EC_KEY_COPY 0
+# define EC_F_EC_KEY_GENERATE_KEY 0
+# define EC_F_EC_KEY_NEW 0
+# define EC_F_EC_KEY_NEW_METHOD 0
+# define EC_F_EC_KEY_NEW_METHOD_INT 0
+# define EC_F_EC_KEY_OCT2PRIV 0
+# define EC_F_EC_KEY_PRINT 0
+# define EC_F_EC_KEY_PRINT_FP 0
+# define EC_F_EC_KEY_PRIV2BUF 0
+# define EC_F_EC_KEY_PRIV2OCT 0
+# define EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES 0
+# define EC_F_EC_KEY_SIMPLE_CHECK_KEY 0
+# define EC_F_EC_KEY_SIMPLE_OCT2PRIV 0
+# define EC_F_EC_KEY_SIMPLE_PRIV2OCT 0
+# define EC_F_EC_PKEY_CHECK 0
+# define EC_F_EC_PKEY_PARAM_CHECK 0
+# define EC_F_EC_POINTS_MAKE_AFFINE 0
+# define EC_F_EC_POINTS_MUL 0
+# define EC_F_EC_POINT_ADD 0
+# define EC_F_EC_POINT_BN2POINT 0
+# define EC_F_EC_POINT_CMP 0
+# define EC_F_EC_POINT_COPY 0
+# define EC_F_EC_POINT_DBL 0
+# define EC_F_EC_POINT_GET_AFFINE_COORDINATES 0
+# define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M 0
+# define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP 0
+# define EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP 0
+# define EC_F_EC_POINT_INVERT 0
+# define EC_F_EC_POINT_IS_AT_INFINITY 0
+# define EC_F_EC_POINT_IS_ON_CURVE 0
+# define EC_F_EC_POINT_MAKE_AFFINE 0
+# define EC_F_EC_POINT_MUL 0
+# define EC_F_EC_POINT_NEW 0
+# define EC_F_EC_POINT_OCT2POINT 0
+# define EC_F_EC_POINT_POINT2BUF 0
+# define EC_F_EC_POINT_POINT2OCT 0
+# define EC_F_EC_POINT_SET_AFFINE_COORDINATES 0
+# define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M 0
+# define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP 0
+# define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES 0
+# define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M 0
+# define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP 0
+# define EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP 0
+# define EC_F_EC_POINT_SET_TO_INFINITY 0
+# define EC_F_EC_PRE_COMP_NEW 0
+# define EC_F_EC_SCALAR_MUL_LADDER 0
+# define EC_F_EC_WNAF_MUL 0
+# define EC_F_EC_WNAF_PRECOMPUTE_MULT 0
+# define EC_F_I2D_ECPARAMETERS 0
+# define EC_F_I2D_ECPKPARAMETERS 0
+# define EC_F_I2D_ECPRIVATEKEY 0
+# define EC_F_I2O_ECPUBLICKEY 0
+# define EC_F_NISTP224_PRE_COMP_NEW 0
+# define EC_F_NISTP256_PRE_COMP_NEW 0
+# define EC_F_NISTP521_PRE_COMP_NEW 0
+# define EC_F_O2I_ECPUBLICKEY 0
+# define EC_F_OLD_EC_PRIV_DECODE 0
+# define EC_F_OSSL_ECDH_COMPUTE_KEY 0
+# define EC_F_OSSL_ECDSA_SIGN_SETUP 0
+# define EC_F_OSSL_ECDSA_SIGN_SIG 0
+# define EC_F_OSSL_ECDSA_VERIFY_SIG 0
+# define EC_F_PKEY_ECD_CTRL 0
+# define EC_F_PKEY_ECD_DIGESTSIGN 0
+# define EC_F_PKEY_ECD_DIGESTSIGN25519 0
+# define EC_F_PKEY_ECD_DIGESTSIGN448 0
+# define EC_F_PKEY_ECX_DERIVE 0
+# define EC_F_PKEY_EC_CTRL 0
+# define EC_F_PKEY_EC_CTRL_STR 0
+# define EC_F_PKEY_EC_DERIVE 0
+# define EC_F_PKEY_EC_INIT 0
+# define EC_F_PKEY_EC_KDF_DERIVE 0
+# define EC_F_PKEY_EC_KEYGEN 0
+# define EC_F_PKEY_EC_PARAMGEN 0
+# define EC_F_PKEY_EC_SIGN 0
+# define EC_F_S390X_PKEY_ECD_DIGESTSIGN25519 0
+# define EC_F_S390X_PKEY_ECD_DIGESTSIGN448 0
+# define EC_F_S390X_PKEY_ECD_KEYGEN25519 0
+# define EC_F_S390X_PKEY_ECD_KEYGEN448 0
+# define EC_F_S390X_PKEY_ECX_KEYGEN25519 0
+# define EC_F_S390X_PKEY_ECX_KEYGEN448 0
+# define EC_F_VALIDATE_ECX_DERIVE 0
+# endif
+
+/*
+ * EC reason codes.
+ */
+# define EC_R_ASN1_ERROR 115
+# define EC_R_BAD_SIGNATURE 156
+# define EC_R_BIGNUM_OUT_OF_RANGE 144
+# define EC_R_BUFFER_TOO_SMALL 100
+# define EC_R_CANNOT_INVERT 165
+# define EC_R_COORDINATES_OUT_OF_RANGE 146
+# define EC_R_CURVE_DOES_NOT_SUPPORT_ECDH 160
+# define EC_R_CURVE_DOES_NOT_SUPPORT_ECDSA 170
+# define EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING 159
+# define EC_R_D2I_ECPKPARAMETERS_FAILURE 117
+# define EC_R_DECODE_ERROR 142
+# define EC_R_DISCRIMINANT_IS_ZERO 118
+# define EC_R_EC_GROUP_NEW_BY_NAME_FAILURE 119
+# define EC_R_FAILED_MAKING_PUBLIC_KEY 166
+# define EC_R_FIELD_TOO_LARGE 143
+# define EC_R_GF2M_NOT_SUPPORTED 147
+# define EC_R_GROUP2PKPARAMETERS_FAILURE 120
+# define EC_R_I2D_ECPKPARAMETERS_FAILURE 121
+# define EC_R_INCOMPATIBLE_OBJECTS 101
+# define EC_R_INVALID_ARGUMENT 112
+# define EC_R_INVALID_COMPRESSED_POINT 110
+# define EC_R_INVALID_COMPRESSION_BIT 109
+# define EC_R_INVALID_CURVE 141
+# define EC_R_INVALID_DIGEST 151
+# define EC_R_INVALID_DIGEST_TYPE 138
+# define EC_R_INVALID_ENCODING 102
+# define EC_R_INVALID_FIELD 103
+# define EC_R_INVALID_FORM 104
+# define EC_R_INVALID_GROUP_ORDER 122
+# define EC_R_INVALID_KEY 116
+# define EC_R_INVALID_OUTPUT_LENGTH 161
+# define EC_R_INVALID_PEER_KEY 133
+# define EC_R_INVALID_PENTANOMIAL_BASIS 132
+# define EC_R_INVALID_PRIVATE_KEY 123
+# define EC_R_INVALID_TRINOMIAL_BASIS 137
+# define EC_R_KDF_PARAMETER_ERROR 148
+# define EC_R_KEYS_NOT_SET 140
+# define EC_R_LADDER_POST_FAILURE 136
+# define EC_R_LADDER_PRE_FAILURE 153
+# define EC_R_LADDER_STEP_FAILURE 162
+# define EC_R_MISSING_PARAMETERS 124
+# define EC_R_MISSING_PRIVATE_KEY 125
+# define EC_R_NEED_NEW_SETUP_VALUES 157
+# define EC_R_NOT_A_NIST_PRIME 135
+# define EC_R_NOT_IMPLEMENTED 126
+# define EC_R_NOT_INITIALIZED 111
+# define EC_R_NO_PARAMETERS_SET 139
+# define EC_R_NO_PRIVATE_VALUE 154
+# define EC_R_OPERATION_NOT_SUPPORTED 152
+# define EC_R_PASSED_NULL_PARAMETER 134
+# define EC_R_PEER_KEY_ERROR 149
+# define EC_R_PKPARAMETERS2GROUP_FAILURE 127
+# define EC_R_POINT_ARITHMETIC_FAILURE 155
+# define EC_R_POINT_AT_INFINITY 106
+# define EC_R_POINT_COORDINATES_BLIND_FAILURE 163
+# define EC_R_POINT_IS_NOT_ON_CURVE 107
+# define EC_R_RANDOM_NUMBER_GENERATION_FAILED 158
+# define EC_R_SHARED_INFO_ERROR 150
+# define EC_R_SLOT_FULL 108
+# define EC_R_UNDEFINED_GENERATOR 113
+# define EC_R_UNDEFINED_ORDER 128
+# define EC_R_UNKNOWN_COFACTOR 164
+# define EC_R_UNKNOWN_GROUP 129
+# define EC_R_UNKNOWN_ORDER 114
+# define EC_R_UNSUPPORTED_FIELD 131
+# define EC_R_WRONG_CURVE_PARAMETERS 145
+# define EC_R_WRONG_ORDER 130
+
+# endif
+#endif
diff --git a/openssl/include/openssl/engine.h b/openssl/include/openssl/engine.h new file mode 100644 index 00000000..2aa3a22c --- /dev/null +++ b/openssl/include/openssl/engine.h @@ -0,0 +1,757 @@ +/*
+ * Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_ENGINE_H
+# define OPENSSL_ENGINE_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_ENGINE_H
+# endif
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_ENGINE
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# include <openssl/bn.h>
+# include <openssl/rsa.h>
+# include <openssl/dsa.h>
+# include <openssl/dh.h>
+# include <openssl/ec.h>
+# include <openssl/rand.h>
+# include <openssl/ui.h>
+# include <openssl/err.h>
+# endif
+# include <openssl/types.h>
+# include <openssl/symhacks.h>
+# include <openssl/x509.h>
+# include <openssl/engineerr.h>
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+/*
+ * These flags are used to control combinations of algorithm (methods) by
+ * bitwise "OR"ing.
+ */
+# define ENGINE_METHOD_RSA (unsigned int)0x0001
+# define ENGINE_METHOD_DSA (unsigned int)0x0002
+# define ENGINE_METHOD_DH (unsigned int)0x0004
+# define ENGINE_METHOD_RAND (unsigned int)0x0008
+# define ENGINE_METHOD_CIPHERS (unsigned int)0x0040
+# define ENGINE_METHOD_DIGESTS (unsigned int)0x0080
+# define ENGINE_METHOD_PKEY_METHS (unsigned int)0x0200
+# define ENGINE_METHOD_PKEY_ASN1_METHS (unsigned int)0x0400
+# define ENGINE_METHOD_EC (unsigned int)0x0800
+/* Obvious all-or-nothing cases. */
+# define ENGINE_METHOD_ALL (unsigned int)0xFFFF
+# define ENGINE_METHOD_NONE (unsigned int)0x0000
+
+/*
+ * This(ese) flag(s) controls behaviour of the ENGINE_TABLE mechanism used
+ * internally to control registration of ENGINE implementations, and can be
+ * set by ENGINE_set_table_flags(). The "NOINIT" flag prevents attempts to
+ * initialise registered ENGINEs if they are not already initialised.
+ */
+# define ENGINE_TABLE_FLAG_NOINIT (unsigned int)0x0001
+
+/* ENGINE flags that can be set by ENGINE_set_flags(). */
+/* Not used */
+/* #define ENGINE_FLAGS_MALLOCED 0x0001 */
+
+/*
+ * This flag is for ENGINEs that wish to handle the various 'CMD'-related
+ * control commands on their own. Without this flag, ENGINE_ctrl() handles
+ * these control commands on behalf of the ENGINE using their "cmd_defns"
+ * data.
+ */
+# define ENGINE_FLAGS_MANUAL_CMD_CTRL (int)0x0002
+
+/*
+ * This flag is for ENGINEs who return new duplicate structures when found
+ * via "ENGINE_by_id()". When an ENGINE must store state (eg. if
+ * ENGINE_ctrl() commands are called in sequence as part of some stateful
+ * process like key-generation setup and execution), it can set this flag -
+ * then each attempt to obtain the ENGINE will result in it being copied into
+ * a new structure. Normally, ENGINEs don't declare this flag so
+ * ENGINE_by_id() just increments the existing ENGINE's structural reference
+ * count.
+ */
+# define ENGINE_FLAGS_BY_ID_COPY (int)0x0004
+
+/*
+ * This flag if for an ENGINE that does not want its methods registered as
+ * part of ENGINE_register_all_complete() for example if the methods are not
+ * usable as default methods.
+ */
+
+# define ENGINE_FLAGS_NO_REGISTER_ALL (int)0x0008
+
+/*
+ * ENGINEs can support their own command types, and these flags are used in
+ * ENGINE_CTRL_GET_CMD_FLAGS to indicate to the caller what kind of input
+ * each command expects. Currently only numeric and string input is
+ * supported. If a control command supports none of the _NUMERIC, _STRING, or
+ * _NO_INPUT options, then it is regarded as an "internal" control command -
+ * and not for use in config setting situations. As such, they're not
+ * available to the ENGINE_ctrl_cmd_string() function, only raw ENGINE_ctrl()
+ * access. Changes to this list of 'command types' should be reflected
+ * carefully in ENGINE_cmd_is_executable() and ENGINE_ctrl_cmd_string().
+ */
+
+/* accepts a 'long' input value (3rd parameter to ENGINE_ctrl) */
+# define ENGINE_CMD_FLAG_NUMERIC (unsigned int)0x0001
+/*
+ * accepts string input (cast from 'void*' to 'const char *', 4th parameter
+ * to ENGINE_ctrl)
+ */
+# define ENGINE_CMD_FLAG_STRING (unsigned int)0x0002
+/*
+ * Indicates that the control command takes *no* input. Ie. the control
+ * command is unparameterised.
+ */
+# define ENGINE_CMD_FLAG_NO_INPUT (unsigned int)0x0004
+/*
+ * Indicates that the control command is internal. This control command won't
+ * be shown in any output, and is only usable through the ENGINE_ctrl_cmd()
+ * function.
+ */
+# define ENGINE_CMD_FLAG_INTERNAL (unsigned int)0x0008
+
+/*
+ * NB: These 3 control commands are deprecated and should not be used.
+ * ENGINEs relying on these commands should compile conditional support for
+ * compatibility (eg. if these symbols are defined) but should also migrate
+ * the same functionality to their own ENGINE-specific control functions that
+ * can be "discovered" by calling applications. The fact these control
+ * commands wouldn't be "executable" (ie. usable by text-based config)
+ * doesn't change the fact that application code can find and use them
+ * without requiring per-ENGINE hacking.
+ */
+
+/*
+ * These flags are used to tell the ctrl function what should be done. All
+ * command numbers are shared between all engines, even if some don't make
+ * sense to some engines. In such a case, they do nothing but return the
+ * error ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED.
+ */
+# define ENGINE_CTRL_SET_LOGSTREAM 1
+# define ENGINE_CTRL_SET_PASSWORD_CALLBACK 2
+# define ENGINE_CTRL_HUP 3/* Close and reinitialise
+ * any handles/connections
+ * etc. */
+# define ENGINE_CTRL_SET_USER_INTERFACE 4/* Alternative to callback */
+# define ENGINE_CTRL_SET_CALLBACK_DATA 5/* User-specific data, used
+ * when calling the password
+ * callback and the user
+ * interface */
+# define ENGINE_CTRL_LOAD_CONFIGURATION 6/* Load a configuration,
+ * given a string that
+ * represents a file name
+ * or so */
+# define ENGINE_CTRL_LOAD_SECTION 7/* Load data from a given
+ * section in the already
+ * loaded configuration */
+
+/*
+ * These control commands allow an application to deal with an arbitrary
+ * engine in a dynamic way. Warn: Negative return values indicate errors FOR
+ * THESE COMMANDS because zero is used to indicate 'end-of-list'. Other
+ * commands, including ENGINE-specific command types, return zero for an
+ * error. An ENGINE can choose to implement these ctrl functions, and can
+ * internally manage things however it chooses - it does so by setting the
+ * ENGINE_FLAGS_MANUAL_CMD_CTRL flag (using ENGINE_set_flags()). Otherwise
+ * the ENGINE_ctrl() code handles this on the ENGINE's behalf using the
+ * cmd_defns data (set using ENGINE_set_cmd_defns()). This means an ENGINE's
+ * ctrl() handler need only implement its own commands - the above "meta"
+ * commands will be taken care of.
+ */
+
+/*
+ * Returns non-zero if the supplied ENGINE has a ctrl() handler. If "not",
+ * then all the remaining control commands will return failure, so it is
+ * worth checking this first if the caller is trying to "discover" the
+ * engine's capabilities and doesn't want errors generated unnecessarily.
+ */
+# define ENGINE_CTRL_HAS_CTRL_FUNCTION 10
+/*
+ * Returns a positive command number for the first command supported by the
+ * engine. Returns zero if no ctrl commands are supported.
+ */
+# define ENGINE_CTRL_GET_FIRST_CMD_TYPE 11
+/*
+ * The 'long' argument specifies a command implemented by the engine, and the
+ * return value is the next command supported, or zero if there are no more.
+ */
+# define ENGINE_CTRL_GET_NEXT_CMD_TYPE 12
+/*
+ * The 'void*' argument is a command name (cast from 'const char *'), and the
+ * return value is the command that corresponds to it.
+ */
+# define ENGINE_CTRL_GET_CMD_FROM_NAME 13
+/*
+ * The next two allow a command to be converted into its corresponding string
+ * form. In each case, the 'long' argument supplies the command. In the
+ * NAME_LEN case, the return value is the length of the command name (not
+ * counting a trailing EOL). In the NAME case, the 'void*' argument must be a
+ * string buffer large enough, and it will be populated with the name of the
+ * command (WITH a trailing EOL).
+ */
+# define ENGINE_CTRL_GET_NAME_LEN_FROM_CMD 14
+# define ENGINE_CTRL_GET_NAME_FROM_CMD 15
+/* The next two are similar but give a "short description" of a command. */
+# define ENGINE_CTRL_GET_DESC_LEN_FROM_CMD 16
+# define ENGINE_CTRL_GET_DESC_FROM_CMD 17
+/*
+ * With this command, the return value is the OR'd combination of
+ * ENGINE_CMD_FLAG_*** values that indicate what kind of input a given
+ * engine-specific ctrl command expects.
+ */
+# define ENGINE_CTRL_GET_CMD_FLAGS 18
+
+/*
+ * ENGINE implementations should start the numbering of their own control
+ * commands from this value. (ie. ENGINE_CMD_BASE, ENGINE_CMD_BASE + 1, etc).
+ */
+# define ENGINE_CMD_BASE 200
+
+/*
+ * NB: These 2 nCipher "chil" control commands are deprecated, and their
+ * functionality is now available through ENGINE-specific control commands
+ * (exposed through the above-mentioned 'CMD'-handling). Code using these 2
+ * commands should be migrated to the more general command handling before
+ * these are removed.
+ */
+
+/* Flags specific to the nCipher "chil" engine */
+# define ENGINE_CTRL_CHIL_SET_FORKCHECK 100
+ /*
+ * Depending on the value of the (long)i argument, this sets or
+ * unsets the SimpleForkCheck flag in the CHIL API to enable or
+ * disable checking and workarounds for applications that fork().
+ */
+# define ENGINE_CTRL_CHIL_NO_LOCKING 101
+ /*
+ * This prevents the initialisation function from providing mutex
+ * callbacks to the nCipher library.
+ */
+
+/*
+ * If an ENGINE supports its own specific control commands and wishes the
+ * framework to handle the above 'ENGINE_CMD_***'-manipulation commands on
+ * its behalf, it should supply a null-terminated array of ENGINE_CMD_DEFN
+ * entries to ENGINE_set_cmd_defns(). It should also implement a ctrl()
+ * handler that supports the stated commands (ie. the "cmd_num" entries as
+ * described by the array). NB: The array must be ordered in increasing order
+ * of cmd_num. "null-terminated" means that the last ENGINE_CMD_DEFN element
+ * has cmd_num set to zero and/or cmd_name set to NULL.
+ */
+typedef struct ENGINE_CMD_DEFN_st {
+ unsigned int cmd_num; /* The command number */
+ const char *cmd_name; /* The command name itself */
+ const char *cmd_desc; /* A short description of the command */
+ unsigned int cmd_flags; /* The input the command expects */
+} ENGINE_CMD_DEFN;
+
+/* Generic function pointer */
+typedef int (*ENGINE_GEN_FUNC_PTR) (void);
+/* Generic function pointer taking no arguments */
+typedef int (*ENGINE_GEN_INT_FUNC_PTR) (ENGINE *);
+/* Specific control function pointer */
+typedef int (*ENGINE_CTRL_FUNC_PTR) (ENGINE *, int, long, void *,
+ void (*f) (void));
+/* Generic load_key function pointer */
+typedef EVP_PKEY *(*ENGINE_LOAD_KEY_PTR)(ENGINE *, const char *,
+ UI_METHOD *ui_method,
+ void *callback_data);
+typedef int (*ENGINE_SSL_CLIENT_CERT_PTR) (ENGINE *, SSL *ssl,
+ STACK_OF(X509_NAME) *ca_dn,
+ X509 **pcert, EVP_PKEY **pkey,
+ STACK_OF(X509) **pother,
+ UI_METHOD *ui_method,
+ void *callback_data);
+/*-
+ * These callback types are for an ENGINE's handler for cipher and digest logic.
+ * These handlers have these prototypes;
+ * int foo(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid);
+ * int foo(ENGINE *e, const EVP_MD **digest, const int **nids, int nid);
+ * Looking at how to implement these handlers in the case of cipher support, if
+ * the framework wants the EVP_CIPHER for 'nid', it will call;
+ * foo(e, &p_evp_cipher, NULL, nid); (return zero for failure)
+ * If the framework wants a list of supported 'nid's, it will call;
+ * foo(e, NULL, &p_nids, 0); (returns number of 'nids' or -1 for error)
+ */
+/*
+ * Returns to a pointer to the array of supported cipher 'nid's. If the
+ * second parameter is non-NULL it is set to the size of the returned array.
+ */
+typedef int (*ENGINE_CIPHERS_PTR) (ENGINE *, const EVP_CIPHER **,
+ const int **, int);
+typedef int (*ENGINE_DIGESTS_PTR) (ENGINE *, const EVP_MD **, const int **,
+ int);
+typedef int (*ENGINE_PKEY_METHS_PTR) (ENGINE *, EVP_PKEY_METHOD **,
+ const int **, int);
+typedef int (*ENGINE_PKEY_ASN1_METHS_PTR) (ENGINE *, EVP_PKEY_ASN1_METHOD **,
+ const int **, int);
+/*
+ * STRUCTURE functions ... all of these functions deal with pointers to
+ * ENGINE structures where the pointers have a "structural reference". This
+ * means that their reference is to allowed access to the structure but it
+ * does not imply that the structure is functional. To simply increment or
+ * decrement the structural reference count, use ENGINE_by_id and
+ * ENGINE_free. NB: This is not required when iterating using ENGINE_get_next
+ * as it will automatically decrement the structural reference count of the
+ * "current" ENGINE and increment the structural reference count of the
+ * ENGINE it returns (unless it is NULL).
+ */
+
+/* Get the first/last "ENGINE" type available. */
+ENGINE *ENGINE_get_first(void);
+ENGINE *ENGINE_get_last(void);
+/* Iterate to the next/previous "ENGINE" type (NULL = end of the list). */
+ENGINE *ENGINE_get_next(ENGINE *e);
+ENGINE *ENGINE_get_prev(ENGINE *e);
+/* Add another "ENGINE" type into the array. */
+int ENGINE_add(ENGINE *e);
+/* Remove an existing "ENGINE" type from the array. */
+int ENGINE_remove(ENGINE *e);
+/* Retrieve an engine from the list by its unique "id" value. */
+ENGINE *ENGINE_by_id(const char *id);
+
+#ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# define ENGINE_load_openssl() \
+ OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_OPENSSL, NULL)
+# define ENGINE_load_dynamic() \
+ OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_DYNAMIC, NULL)
+# ifndef OPENSSL_NO_STATIC_ENGINE
+# define ENGINE_load_padlock() \
+ OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_PADLOCK, NULL)
+# define ENGINE_load_capi() \
+ OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_CAPI, NULL)
+# define ENGINE_load_afalg() \
+ OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_AFALG, NULL)
+# endif
+# define ENGINE_load_cryptodev() \
+ OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_CRYPTODEV, NULL)
+# define ENGINE_load_rdrand() \
+ OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_RDRAND, NULL)
+#endif
+void ENGINE_load_builtin_engines(void);
+
+/*
+ * Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation
+ * "registry" handling.
+ */
+unsigned int ENGINE_get_table_flags(void);
+void ENGINE_set_table_flags(unsigned int flags);
+
+/*- Manage registration of ENGINEs per "table". For each type, there are 3
+ * functions;
+ * ENGINE_register_***(e) - registers the implementation from 'e' (if it has one)
+ * ENGINE_unregister_***(e) - unregister the implementation from 'e'
+ * ENGINE_register_all_***() - call ENGINE_register_***() for each 'e' in the list
+ * Cleanup is automatically registered from each table when required.
+ */
+
+int ENGINE_register_RSA(ENGINE *e);
+void ENGINE_unregister_RSA(ENGINE *e);
+void ENGINE_register_all_RSA(void);
+
+int ENGINE_register_DSA(ENGINE *e);
+void ENGINE_unregister_DSA(ENGINE *e);
+void ENGINE_register_all_DSA(void);
+
+int ENGINE_register_EC(ENGINE *e);
+void ENGINE_unregister_EC(ENGINE *e);
+void ENGINE_register_all_EC(void);
+
+int ENGINE_register_DH(ENGINE *e);
+void ENGINE_unregister_DH(ENGINE *e);
+void ENGINE_register_all_DH(void);
+
+int ENGINE_register_RAND(ENGINE *e);
+void ENGINE_unregister_RAND(ENGINE *e);
+void ENGINE_register_all_RAND(void);
+
+int ENGINE_register_ciphers(ENGINE *e);
+void ENGINE_unregister_ciphers(ENGINE *e);
+void ENGINE_register_all_ciphers(void);
+
+int ENGINE_register_digests(ENGINE *e);
+void ENGINE_unregister_digests(ENGINE *e);
+void ENGINE_register_all_digests(void);
+
+int ENGINE_register_pkey_meths(ENGINE *e);
+void ENGINE_unregister_pkey_meths(ENGINE *e);
+void ENGINE_register_all_pkey_meths(void);
+
+int ENGINE_register_pkey_asn1_meths(ENGINE *e);
+void ENGINE_unregister_pkey_asn1_meths(ENGINE *e);
+void ENGINE_register_all_pkey_asn1_meths(void);
+
+/*
+ * These functions register all support from the above categories. Note, use
+ * of these functions can result in static linkage of code your application
+ * may not need. If you only need a subset of functionality, consider using
+ * more selective initialisation.
+ */
+int ENGINE_register_complete(ENGINE *e);
+int ENGINE_register_all_complete(void);
+
+/*
+ * Send parameterised control commands to the engine. The possibilities to
+ * send down an integer, a pointer to data or a function pointer are
+ * provided. Any of the parameters may or may not be NULL, depending on the
+ * command number. In actuality, this function only requires a structural
+ * (rather than functional) reference to an engine, but many control commands
+ * may require the engine be functional. The caller should be aware of trying
+ * commands that require an operational ENGINE, and only use functional
+ * references in such situations.
+ */
+int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
+
+/*
+ * This function tests if an ENGINE-specific command is usable as a
+ * "setting". Eg. in an application's config file that gets processed through
+ * ENGINE_ctrl_cmd_string(). If this returns zero, it is not available to
+ * ENGINE_ctrl_cmd_string(), only ENGINE_ctrl().
+ */
+int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+
+/*
+ * This function works like ENGINE_ctrl() with the exception of taking a
+ * command name instead of a command number, and can handle optional
+ * commands. See the comment on ENGINE_ctrl_cmd_string() for an explanation
+ * on how to use the cmd_name and cmd_optional.
+ */
+int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+ long i, void *p, void (*f) (void), int cmd_optional);
+
+/*
+ * This function passes a command-name and argument to an ENGINE. The
+ * cmd_name is converted to a command number and the control command is
+ * called using 'arg' as an argument (unless the ENGINE doesn't support such
+ * a command, in which case no control command is called). The command is
+ * checked for input flags, and if necessary the argument will be converted
+ * to a numeric value. If cmd_optional is non-zero, then if the ENGINE
+ * doesn't support the given cmd_name the return value will be success
+ * anyway. This function is intended for applications to use so that users
+ * (or config files) can supply engine-specific config data to the ENGINE at
+ * run-time to control behaviour of specific engines. As such, it shouldn't
+ * be used for calling ENGINE_ctrl() functions that return data, deal with
+ * binary data, or that are otherwise supposed to be used directly through
+ * ENGINE_ctrl() in application code. Any "return" data from an ENGINE_ctrl()
+ * operation in this function will be lost - the return value is interpreted
+ * as failure if the return value is zero, success otherwise, and this
+ * function returns a boolean value as a result. In other words, vendors of
+ * 'ENGINE'-enabled devices should write ENGINE implementations with
+ * parameterisations that work in this scheme, so that compliant ENGINE-based
+ * applications can work consistently with the same configuration for the
+ * same ENGINE-enabled devices, across applications.
+ */
+int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+ int cmd_optional);
+
+/*
+ * These functions are useful for manufacturing new ENGINE structures. They
+ * don't address reference counting at all - one uses them to populate an
+ * ENGINE structure with personalised implementations of things prior to
+ * using it directly or adding it to the builtin ENGINE list in OpenSSL.
+ * These are also here so that the ENGINE structure doesn't have to be
+ * exposed and break binary compatibility!
+ */
+ENGINE *ENGINE_new(void);
+int ENGINE_free(ENGINE *e);
+int ENGINE_up_ref(ENGINE *e);
+int ENGINE_set_id(ENGINE *e, const char *id);
+int ENGINE_set_name(ENGINE *e, const char *name);
+int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+int ENGINE_set_EC(ENGINE *e, const EC_KEY_METHOD *ecdsa_meth);
+int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+int ENGINE_set_load_privkey_function(ENGINE *e,
+ ENGINE_LOAD_KEY_PTR loadpriv_f);
+int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+int ENGINE_set_load_ssl_client_cert_function(ENGINE *e,
+ ENGINE_SSL_CLIENT_CERT_PTR
+ loadssl_f);
+int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+int ENGINE_set_pkey_meths(ENGINE *e, ENGINE_PKEY_METHS_PTR f);
+int ENGINE_set_pkey_asn1_meths(ENGINE *e, ENGINE_PKEY_ASN1_METHS_PTR f);
+int ENGINE_set_flags(ENGINE *e, int flags);
+int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+/* These functions allow control over any per-structure ENGINE data. */
+#define ENGINE_get_ex_new_index(l, p, newf, dupf, freef) \
+ CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ENGINE, l, p, newf, dupf, freef)
+int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg);
+void *ENGINE_get_ex_data(const ENGINE *e, int idx);
+
+#ifndef OPENSSL_NO_DEPRECATED_1_1_0
+/*
+ * This function previously cleaned up anything that needs it. Auto-deinit will
+ * now take care of it so it is no longer required to call this function.
+ */
+# define ENGINE_cleanup() while(0) continue
+#endif
+
+/*
+ * These return values from within the ENGINE structure. These can be useful
+ * with functional references as well as structural references - it depends
+ * which you obtained. Using the result for functional purposes if you only
+ * obtained a structural reference may be problematic!
+ */
+const char *ENGINE_get_id(const ENGINE *e);
+const char *ENGINE_get_name(const ENGINE *e);
+const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+const EC_KEY_METHOD *ENGINE_get_EC(const ENGINE *e);
+const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ENGINE_SSL_CLIENT_CERT_PTR ENGINE_get_ssl_client_cert_function(const ENGINE
+ *e);
+ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ENGINE_PKEY_METHS_PTR ENGINE_get_pkey_meths(const ENGINE *e);
+ENGINE_PKEY_ASN1_METHS_PTR ENGINE_get_pkey_asn1_meths(const ENGINE *e);
+const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+const EVP_PKEY_METHOD *ENGINE_get_pkey_meth(ENGINE *e, int nid);
+const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth(ENGINE *e, int nid);
+const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth_str(ENGINE *e,
+ const char *str,
+ int len);
+const EVP_PKEY_ASN1_METHOD *ENGINE_pkey_asn1_find_str(ENGINE **pe,
+ const char *str,
+ int len);
+const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+int ENGINE_get_flags(const ENGINE *e);
+
+/*
+ * FUNCTIONAL functions. These functions deal with ENGINE structures that
+ * have (or will) be initialised for use. Broadly speaking, the structural
+ * functions are useful for iterating the list of available engine types,
+ * creating new engine types, and other "list" operations. These functions
+ * actually deal with ENGINEs that are to be used. As such these functions
+ * can fail (if applicable) when particular engines are unavailable - eg. if
+ * a hardware accelerator is not attached or not functioning correctly. Each
+ * ENGINE has 2 reference counts; structural and functional. Every time a
+ * functional reference is obtained or released, a corresponding structural
+ * reference is automatically obtained or released too.
+ */
+
+/*
+ * Initialise a engine type for use (or up its reference count if it's
+ * already in use). This will fail if the engine is not currently operational
+ * and cannot initialise.
+ */
+int ENGINE_init(ENGINE *e);
+/*
+ * Free a functional reference to a engine type. This does not require a
+ * corresponding call to ENGINE_free as it also releases a structural
+ * reference.
+ */
+int ENGINE_finish(ENGINE *e);
+
+/*
+ * The following functions handle keys that are stored in some secondary
+ * location, handled by the engine. The storage may be on a card or
+ * whatever.
+ */
+EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+ UI_METHOD *ui_method, void *callback_data);
+EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+ UI_METHOD *ui_method, void *callback_data);
+int ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s,
+ STACK_OF(X509_NAME) *ca_dn, X509 **pcert,
+ EVP_PKEY **ppkey, STACK_OF(X509) **pother,
+ UI_METHOD *ui_method, void *callback_data);
+
+/*
+ * This returns a pointer for the current ENGINE structure that is (by
+ * default) performing any RSA operations. The value returned is an
+ * incremented reference, so it should be free'd (ENGINE_finish) before it is
+ * discarded.
+ */
+ENGINE *ENGINE_get_default_RSA(void);
+/* Same for the other "methods" */
+ENGINE *ENGINE_get_default_DSA(void);
+ENGINE *ENGINE_get_default_EC(void);
+ENGINE *ENGINE_get_default_DH(void);
+ENGINE *ENGINE_get_default_RAND(void);
+/*
+ * These functions can be used to get a functional reference to perform
+ * ciphering or digesting corresponding to "nid".
+ */
+ENGINE *ENGINE_get_cipher_engine(int nid);
+ENGINE *ENGINE_get_digest_engine(int nid);
+ENGINE *ENGINE_get_pkey_meth_engine(int nid);
+ENGINE *ENGINE_get_pkey_asn1_meth_engine(int nid);
+
+/*
+ * This sets a new default ENGINE structure for performing RSA operations. If
+ * the result is non-zero (success) then the ENGINE structure will have had
+ * its reference count up'd so the caller should still free their own
+ * reference 'e'.
+ */
+int ENGINE_set_default_RSA(ENGINE *e);
+int ENGINE_set_default_string(ENGINE *e, const char *def_list);
+/* Same for the other "methods" */
+int ENGINE_set_default_DSA(ENGINE *e);
+int ENGINE_set_default_EC(ENGINE *e);
+int ENGINE_set_default_DH(ENGINE *e);
+int ENGINE_set_default_RAND(ENGINE *e);
+int ENGINE_set_default_ciphers(ENGINE *e);
+int ENGINE_set_default_digests(ENGINE *e);
+int ENGINE_set_default_pkey_meths(ENGINE *e);
+int ENGINE_set_default_pkey_asn1_meths(ENGINE *e);
+
+/*
+ * The combination "set" - the flags are bitwise "OR"d from the
+ * ENGINE_METHOD_*** defines above. As with the "ENGINE_register_complete()"
+ * function, this function can result in unnecessary static linkage. If your
+ * application requires only specific functionality, consider using more
+ * selective functions.
+ */
+int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+void ENGINE_add_conf_module(void);
+
+/* Deprecated functions ... */
+/* int ENGINE_clear_defaults(void); */
+
+/**************************/
+/* DYNAMIC ENGINE SUPPORT */
+/**************************/
+
+/* Binary/behaviour compatibility levels */
+# define OSSL_DYNAMIC_VERSION (unsigned long)0x00030000
+/*
+ * Binary versions older than this are too old for us (whether we're a loader
+ * or a loadee)
+ */
+# define OSSL_DYNAMIC_OLDEST (unsigned long)0x00030000
+
+/*
+ * When compiling an ENGINE entirely as an external shared library, loadable
+ * by the "dynamic" ENGINE, these types are needed. The 'dynamic_fns'
+ * structure type provides the calling application's (or library's) error
+ * functionality and memory management function pointers to the loaded
+ * library. These should be used/set in the loaded library code so that the
+ * loading application's 'state' will be used/changed in all operations. The
+ * 'static_state' pointer allows the loaded library to know if it shares the
+ * same static data as the calling application (or library), and thus whether
+ * these callbacks need to be set or not.
+ */
+typedef void *(*dyn_MEM_malloc_fn) (size_t, const char *, int);
+typedef void *(*dyn_MEM_realloc_fn) (void *, size_t, const char *, int);
+typedef void (*dyn_MEM_free_fn) (void *, const char *, int);
+typedef struct st_dynamic_MEM_fns {
+ dyn_MEM_malloc_fn malloc_fn;
+ dyn_MEM_realloc_fn realloc_fn;
+ dyn_MEM_free_fn free_fn;
+} dynamic_MEM_fns;
+/*
+ * FIXME: Perhaps the memory and locking code (crypto.h) should declare and
+ * use these types so we (and any other dependent code) can simplify a bit??
+ */
+/* The top-level structure */
+typedef struct st_dynamic_fns {
+ void *static_state;
+ dynamic_MEM_fns mem_fns;
+} dynamic_fns;
+
+/*
+ * The version checking function should be of this prototype. NB: The
+ * ossl_version value passed in is the OSSL_DYNAMIC_VERSION of the loading
+ * code. If this function returns zero, it indicates a (potential) version
+ * incompatibility and the loaded library doesn't believe it can proceed.
+ * Otherwise, the returned value is the (latest) version supported by the
+ * loading library. The loader may still decide that the loaded code's
+ * version is unsatisfactory and could veto the load. The function is
+ * expected to be implemented with the symbol name "v_check", and a default
+ * implementation can be fully instantiated with
+ * IMPLEMENT_DYNAMIC_CHECK_FN().
+ */
+typedef unsigned long (*dynamic_v_check_fn) (unsigned long ossl_version);
+# define IMPLEMENT_DYNAMIC_CHECK_FN() \
+ OPENSSL_EXPORT unsigned long v_check(unsigned long v); \
+ OPENSSL_EXPORT unsigned long v_check(unsigned long v) { \
+ if (v >= OSSL_DYNAMIC_OLDEST) return OSSL_DYNAMIC_VERSION; \
+ return 0; }
+
+/*
+ * This function is passed the ENGINE structure to initialise with its own
+ * function and command settings. It should not adjust the structural or
+ * functional reference counts. If this function returns zero, (a) the load
+ * will be aborted, (b) the previous ENGINE state will be memcpy'd back onto
+ * the structure, and (c) the shared library will be unloaded. So
+ * implementations should do their own internal cleanup in failure
+ * circumstances otherwise they could leak. The 'id' parameter, if non-NULL,
+ * represents the ENGINE id that the loader is looking for. If this is NULL,
+ * the shared library can choose to return failure or to initialise a
+ * 'default' ENGINE. If non-NULL, the shared library must initialise only an
+ * ENGINE matching the passed 'id'. The function is expected to be
+ * implemented with the symbol name "bind_engine". A standard implementation
+ * can be instantiated with IMPLEMENT_DYNAMIC_BIND_FN(fn) where the parameter
+ * 'fn' is a callback function that populates the ENGINE structure and
+ * returns an int value (zero for failure). 'fn' should have prototype;
+ * [static] int fn(ENGINE *e, const char *id);
+ */
+typedef int (*dynamic_bind_engine) (ENGINE *e, const char *id,
+ const dynamic_fns *fns);
+# define IMPLEMENT_DYNAMIC_BIND_FN(fn) \
+ OPENSSL_EXPORT \
+ int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns); \
+ OPENSSL_EXPORT \
+ int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \
+ if (ENGINE_get_static_state() == fns->static_state) goto skip_cbs; \
+ CRYPTO_set_mem_functions(fns->mem_fns.malloc_fn, \
+ fns->mem_fns.realloc_fn, \
+ fns->mem_fns.free_fn); \
+ skip_cbs: \
+ if (!fn(e, id)) return 0; \
+ return 1; }
+
+/*
+ * If the loading application (or library) and the loaded ENGINE library
+ * share the same static data (eg. they're both dynamically linked to the
+ * same libcrypto.so) we need a way to avoid trying to set system callbacks -
+ * this would fail, and for the same reason that it's unnecessary to try. If
+ * the loaded ENGINE has (or gets from through the loader) its own copy of
+ * the libcrypto static data, we will need to set the callbacks. The easiest
+ * way to detect this is to have a function that returns a pointer to some
+ * static data and let the loading application and loaded ENGINE compare
+ * their respective values.
+ */
+void *ENGINE_get_static_state(void);
+
+# if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(__DragonFly__)
+DEPRECATEDIN_1_1_0(void ENGINE_setup_bsd_cryptodev(void))
+# endif
+
+
+# ifdef __cplusplus
+}
+# endif
+# endif
+#endif
diff --git a/openssl/include/openssl/engineerr.h b/openssl/include/openssl/engineerr.h new file mode 100644 index 00000000..b424afd4 --- /dev/null +++ b/openssl/include/openssl/engineerr.h @@ -0,0 +1,114 @@ +/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_ENGINEERR_H
+# define OPENSSL_ENGINEERR_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_ENGINE
+
+# ifdef __cplusplus
+extern "C"
+# endif
+int ERR_load_ENGINE_strings(void);
+
+/*
+ * ENGINE function codes.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define ENGINE_F_DIGEST_UPDATE 0
+# define ENGINE_F_DYNAMIC_CTRL 0
+# define ENGINE_F_DYNAMIC_GET_DATA_CTX 0
+# define ENGINE_F_DYNAMIC_LOAD 0
+# define ENGINE_F_DYNAMIC_SET_DATA_CTX 0
+# define ENGINE_F_ENGINE_ADD 0
+# define ENGINE_F_ENGINE_BY_ID 0
+# define ENGINE_F_ENGINE_CMD_IS_EXECUTABLE 0
+# define ENGINE_F_ENGINE_CTRL 0
+# define ENGINE_F_ENGINE_CTRL_CMD 0
+# define ENGINE_F_ENGINE_CTRL_CMD_STRING 0
+# define ENGINE_F_ENGINE_FINISH 0
+# define ENGINE_F_ENGINE_GET_CIPHER 0
+# define ENGINE_F_ENGINE_GET_DIGEST 0
+# define ENGINE_F_ENGINE_GET_FIRST 0
+# define ENGINE_F_ENGINE_GET_LAST 0
+# define ENGINE_F_ENGINE_GET_NEXT 0
+# define ENGINE_F_ENGINE_GET_PKEY_ASN1_METH 0
+# define ENGINE_F_ENGINE_GET_PKEY_METH 0
+# define ENGINE_F_ENGINE_GET_PREV 0
+# define ENGINE_F_ENGINE_INIT 0
+# define ENGINE_F_ENGINE_LIST_ADD 0
+# define ENGINE_F_ENGINE_LIST_REMOVE 0
+# define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY 0
+# define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY 0
+# define ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT 0
+# define ENGINE_F_ENGINE_NEW 0
+# define ENGINE_F_ENGINE_PKEY_ASN1_FIND_STR 0
+# define ENGINE_F_ENGINE_REMOVE 0
+# define ENGINE_F_ENGINE_SET_DEFAULT_STRING 0
+# define ENGINE_F_ENGINE_SET_ID 0
+# define ENGINE_F_ENGINE_SET_NAME 0
+# define ENGINE_F_ENGINE_TABLE_REGISTER 0
+# define ENGINE_F_ENGINE_UNLOCKED_FINISH 0
+# define ENGINE_F_ENGINE_UP_REF 0
+# define ENGINE_F_INT_CLEANUP_ITEM 0
+# define ENGINE_F_INT_CTRL_HELPER 0
+# define ENGINE_F_INT_ENGINE_CONFIGURE 0
+# define ENGINE_F_INT_ENGINE_MODULE_INIT 0
+# define ENGINE_F_OSSL_HMAC_INIT 0
+# endif
+
+/*
+ * ENGINE reason codes.
+ */
+# define ENGINE_R_ALREADY_LOADED 100
+# define ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER 133
+# define ENGINE_R_CMD_NOT_EXECUTABLE 134
+# define ENGINE_R_COMMAND_TAKES_INPUT 135
+# define ENGINE_R_COMMAND_TAKES_NO_INPUT 136
+# define ENGINE_R_CONFLICTING_ENGINE_ID 103
+# define ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED 119
+# define ENGINE_R_DSO_FAILURE 104
+# define ENGINE_R_DSO_NOT_FOUND 132
+# define ENGINE_R_ENGINES_SECTION_ERROR 148
+# define ENGINE_R_ENGINE_CONFIGURATION_ERROR 102
+# define ENGINE_R_ENGINE_IS_NOT_IN_LIST 105
+# define ENGINE_R_ENGINE_SECTION_ERROR 149
+# define ENGINE_R_FAILED_LOADING_PRIVATE_KEY 128
+# define ENGINE_R_FAILED_LOADING_PUBLIC_KEY 129
+# define ENGINE_R_FINISH_FAILED 106
+# define ENGINE_R_ID_OR_NAME_MISSING 108
+# define ENGINE_R_INIT_FAILED 109
+# define ENGINE_R_INTERNAL_LIST_ERROR 110
+# define ENGINE_R_INVALID_ARGUMENT 143
+# define ENGINE_R_INVALID_CMD_NAME 137
+# define ENGINE_R_INVALID_CMD_NUMBER 138
+# define ENGINE_R_INVALID_INIT_VALUE 151
+# define ENGINE_R_INVALID_STRING 150
+# define ENGINE_R_NOT_INITIALISED 117
+# define ENGINE_R_NOT_LOADED 112
+# define ENGINE_R_NO_CONTROL_FUNCTION 120
+# define ENGINE_R_NO_INDEX 144
+# define ENGINE_R_NO_LOAD_FUNCTION 125
+# define ENGINE_R_NO_REFERENCE 130
+# define ENGINE_R_NO_SUCH_ENGINE 116
+# define ENGINE_R_UNIMPLEMENTED_CIPHER 146
+# define ENGINE_R_UNIMPLEMENTED_DIGEST 147
+# define ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD 101
+# define ENGINE_R_VERSION_INCOMPATIBILITY 145
+
+# endif
+#endif
diff --git a/openssl/include/openssl/err.h b/openssl/include/openssl/err.h new file mode 100644 index 00000000..c41517c7 --- /dev/null +++ b/openssl/include/openssl/err.h @@ -0,0 +1,364 @@ +/*
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_ERR_H
+# define OPENSSL_ERR_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_ERR_H
+# endif
+
+# include <openssl/e_os2.h>
+
+# ifndef OPENSSL_NO_STDIO
+# include <stdio.h>
+# include <stdlib.h>
+# endif
+
+# include <openssl/types.h>
+# include <openssl/bio.h>
+# include <openssl/lhash.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# ifndef OPENSSL_NO_FILENAMES
+# define ERR_PUT_error(l,f,r,fn,ln) ERR_put_error(l,f,r,fn,ln)
+# else
+# define ERR_PUT_error(l,f,r,fn,ln) ERR_put_error(l,f,r,NULL,0)
+# endif
+# endif
+
+# include <errno.h>
+
+# define ERR_TXT_MALLOCED 0x01
+# define ERR_TXT_STRING 0x02
+
+# if !defined(OPENSSL_NO_DEPRECATED_3_0) || defined(OSSL_FORCE_ERR_STATE)
+# define ERR_FLAG_MARK 0x01
+# define ERR_FLAG_CLEAR 0x02
+
+# define ERR_NUM_ERRORS 16
+struct err_state_st {
+ int err_flags[ERR_NUM_ERRORS];
+ unsigned long err_buffer[ERR_NUM_ERRORS];
+ char *err_data[ERR_NUM_ERRORS];
+ size_t err_data_size[ERR_NUM_ERRORS];
+ int err_data_flags[ERR_NUM_ERRORS];
+ const char *err_file[ERR_NUM_ERRORS];
+ int err_line[ERR_NUM_ERRORS];
+ const char *err_func[ERR_NUM_ERRORS];
+ int top, bottom;
+};
+# endif
+
+/* library */
+# define ERR_LIB_NONE 1
+# define ERR_LIB_SYS 2
+# define ERR_LIB_BN 3
+# define ERR_LIB_RSA 4
+# define ERR_LIB_DH 5
+# define ERR_LIB_EVP 6
+# define ERR_LIB_BUF 7
+# define ERR_LIB_OBJ 8
+# define ERR_LIB_PEM 9
+# define ERR_LIB_DSA 10
+# define ERR_LIB_X509 11
+/* #define ERR_LIB_METH 12 */
+# define ERR_LIB_ASN1 13
+# define ERR_LIB_CONF 14
+# define ERR_LIB_CRYPTO 15
+# define ERR_LIB_EC 16
+# define ERR_LIB_SSL 20
+/* #define ERR_LIB_SSL23 21 */
+/* #define ERR_LIB_SSL2 22 */
+/* #define ERR_LIB_SSL3 23 */
+/* #define ERR_LIB_RSAREF 30 */
+/* #define ERR_LIB_PROXY 31 */
+# define ERR_LIB_BIO 32
+# define ERR_LIB_PKCS7 33
+# define ERR_LIB_X509V3 34
+# define ERR_LIB_PKCS12 35
+# define ERR_LIB_RAND 36
+# define ERR_LIB_DSO 37
+# define ERR_LIB_ENGINE 38
+# define ERR_LIB_OCSP 39
+# define ERR_LIB_UI 40
+# define ERR_LIB_COMP 41
+# define ERR_LIB_ECDSA 42
+# define ERR_LIB_ECDH 43
+# define ERR_LIB_OSSL_STORE 44
+# define ERR_LIB_FIPS 45
+# define ERR_LIB_CMS 46
+# define ERR_LIB_TS 47
+# define ERR_LIB_HMAC 48
+/* # define ERR_LIB_JPAKE 49 */
+# define ERR_LIB_CT 50
+# define ERR_LIB_ASYNC 51
+# define ERR_LIB_KDF 52
+# define ERR_LIB_SM2 53
+# define ERR_LIB_ESS 54
+# define ERR_LIB_PROP 55
+# define ERR_LIB_CRMF 56
+# define ERR_LIB_PROV 57
+# define ERR_LIB_CMP 58
+# define ERR_LIB_OSSL_SERIALIZER 59
+# define ERR_LIB_HTTP 60
+
+# define ERR_LIB_USER 128
+
+# if 1 || !defined(OPENSSL_NO_DEPRECATED_3_0)
+# define ASN1err(f, r) ERR_raise_data(ERR_LIB_ASN1, (r), NULL)
+# define ASYNCerr(f, r) ERR_raise_data(ERR_LIB_ASYNC, (r), NULL)
+# define BIOerr(f, r) ERR_raise_data(ERR_LIB_BIO, (r), NULL)
+# define BNerr(f, r) ERR_raise_data(ERR_LIB_BN, (r), NULL)
+# define BUFerr(f, r) ERR_raise_data(ERR_LIB_BUF, (r), NULL)
+# define CMPerr(f, r) ERR_raise_data(ERR_LIB_CMP, (r), NULL)
+# define CMSerr(f, r) ERR_raise_data(ERR_LIB_CMS, (r), NULL)
+# define COMPerr(f, r) ERR_raise_data(ERR_LIB_COMP, (r), NULL)
+# define CONFerr(f, r) ERR_raise_data(ERR_LIB_CONF, (r), NULL)
+# define CRMFerr(f, r) ERR_raise_data(ERR_LIB_CRMF, (r), NULL)
+# define CRYPTOerr(f, r) ERR_raise_data(ERR_LIB_CRYPTO, (r), NULL)
+# define CTerr(f, r) ERR_raise_data(ERR_LIB_CT, (r), NULL)
+# define DHerr(f, r) ERR_raise_data(ERR_LIB_DH, (r), NULL)
+# define DSAerr(f, r) ERR_raise_data(ERR_LIB_DSA, (r), NULL)
+# define DSOerr(f, r) ERR_raise_data(ERR_LIB_DSO, (r), NULL)
+# define ECDHerr(f, r) ERR_raise_data(ERR_LIB_ECDH, (r), NULL)
+# define ECDSAerr(f, r) ERR_raise_data(ERR_LIB_ECDSA, (r), NULL)
+# define ECerr(f, r) ERR_raise_data(ERR_LIB_EC, (r), NULL)
+# define ENGINEerr(f, r) ERR_raise_data(ERR_LIB_ENGINE, (r), NULL)
+# define ESSerr(f, r) ERR_raise_data(ERR_LIB_ESS, (r), NULL)
+# define EVPerr(f, r) ERR_raise_data(ERR_LIB_EVP, (r), NULL)
+# define FIPSerr(f, r) ERR_raise_data(ERR_LIB_FIPS, (r), NULL)
+# define HMACerr(f, r) ERR_raise_data(ERR_LIB_HMAC, (r), NULL)
+# define HTTPerr(f, r) ERR_raise_data(ERR_LIB_HTTP, (r), NULL)
+# define KDFerr(f, r) ERR_raise_data(ERR_LIB_KDF, (r), NULL)
+# define OBJerr(f, r) ERR_raise_data(ERR_LIB_OBJ, (r), NULL)
+# define OCSPerr(f, r) ERR_raise_data(ERR_LIB_OCSP, (r), NULL)
+# define OSSL_STOREerr(f, r) ERR_raise_data(ERR_LIB_OSSL_STORE, (r), NULL)
+# define PEMerr(f, r) ERR_raise_data(ERR_LIB_PEM, (r), NULL)
+# define PKCS12err(f, r) ERR_raise_data(ERR_LIB_PKCS12, (r), NULL)
+# define PKCS7err(f, r) ERR_raise_data(ERR_LIB_PKCS7, (r), NULL)
+# define PROPerr(f, r) ERR_raise_data(ERR_LIB_PROP, (r), NULL)
+# define PROVerr(f, r) ERR_raise_data(ERR_LIB_PROV, (r), NULL)
+# define RANDerr(f, r) ERR_raise_data(ERR_LIB_RAND, (r), NULL)
+# define RSAerr(f, r) ERR_raise_data(ERR_LIB_RSA, (r), NULL)
+# define KDFerr(f, r) ERR_raise_data(ERR_LIB_KDF, (r), NULL)
+# define SM2err(f, r) ERR_raise_data(ERR_LIB_SM2, (r), NULL)
+# define SSLerr(f, r) ERR_raise_data(ERR_LIB_SSL, (r), NULL)
+# define SYSerr(f, r) ERR_raise_data(ERR_LIB_SYS, (r), NULL)
+# define TSerr(f, r) ERR_raise_data(ERR_LIB_TS, (r), NULL)
+# define UIerr(f, r) ERR_raise_data(ERR_LIB_UI, (r), NULL)
+# define X509V3err(f, r) ERR_raise_data(ERR_LIB_X509V3, (r), NULL)
+# define X509err(f, r) ERR_raise_data(ERR_LIB_X509, (r), NULL)
+# endif
+
+# define ERR_PACK(l,f,r) ( \
+ (((unsigned int)(l) & 0x0FF) << 24L) | \
+ (((unsigned int)(f) & 0xFFF) << 12L) | \
+ (((unsigned int)(r) & 0xFFF) ) )
+# define ERR_GET_LIB(l) (int)(((l) >> 24L) & 0x0FFL)
+# define ERR_GET_FUNC(l) (int)(((l) >> 12L) & 0xFFFL)
+# define ERR_GET_REASON(l) (int)( (l) & 0xFFFL)
+# define ERR_FATAL_ERROR(l) (int)( (l) & ERR_R_FATAL)
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define SYS_F_FOPEN 0
+# define SYS_F_CONNECT 0
+# define SYS_F_GETSERVBYNAME 0
+# define SYS_F_SOCKET 0
+# define SYS_F_IOCTLSOCKET 0
+# define SYS_F_BIND 0
+# define SYS_F_LISTEN 0
+# define SYS_F_ACCEPT 0
+# define SYS_F_WSASTARTUP 0
+# define SYS_F_OPENDIR 0
+# define SYS_F_FREAD 0
+# define SYS_F_GETADDRINFO 0
+# define SYS_F_GETNAMEINFO 0
+# define SYS_F_SETSOCKOPT 0
+# define SYS_F_GETSOCKOPT 0
+# define SYS_F_GETSOCKNAME 0
+# define SYS_F_GETHOSTBYNAME 0
+# define SYS_F_FFLUSH 0
+# define SYS_F_OPEN 0
+# define SYS_F_CLOSE 0
+# define SYS_F_IOCTL 0
+# define SYS_F_STAT 0
+# define SYS_F_FCNTL 0
+# define SYS_F_FSTAT 0
+# define SYS_F_SENDFILE 0
+# endif
+
+/* reasons */
+# define ERR_R_SYS_LIB ERR_LIB_SYS/* 2 */
+# define ERR_R_BN_LIB ERR_LIB_BN/* 3 */
+# define ERR_R_RSA_LIB ERR_LIB_RSA/* 4 */
+# define ERR_R_DH_LIB ERR_LIB_DH/* 5 */
+# define ERR_R_EVP_LIB ERR_LIB_EVP/* 6 */
+# define ERR_R_BUF_LIB ERR_LIB_BUF/* 7 */
+# define ERR_R_OBJ_LIB ERR_LIB_OBJ/* 8 */
+# define ERR_R_PEM_LIB ERR_LIB_PEM/* 9 */
+# define ERR_R_DSA_LIB ERR_LIB_DSA/* 10 */
+# define ERR_R_X509_LIB ERR_LIB_X509/* 11 */
+# define ERR_R_ASN1_LIB ERR_LIB_ASN1/* 13 */
+# define ERR_R_EC_LIB ERR_LIB_EC/* 16 */
+# define ERR_R_BIO_LIB ERR_LIB_BIO/* 32 */
+# define ERR_R_PKCS7_LIB ERR_LIB_PKCS7/* 33 */
+# define ERR_R_X509V3_LIB ERR_LIB_X509V3/* 34 */
+# define ERR_R_ENGINE_LIB ERR_LIB_ENGINE/* 38 */
+# define ERR_R_UI_LIB ERR_LIB_UI/* 40 */
+# define ERR_R_ECDSA_LIB ERR_LIB_ECDSA/* 42 */
+# define ERR_R_OSSL_STORE_LIB ERR_LIB_OSSL_STORE/* 44 */
+
+# define ERR_R_NESTED_ASN1_ERROR 58
+# define ERR_R_MISSING_ASN1_EOS 63
+
+/* fatal error */
+# define ERR_R_FATAL 64
+# define ERR_R_MALLOC_FAILURE (1|ERR_R_FATAL)
+# define ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED (2|ERR_R_FATAL)
+# define ERR_R_PASSED_NULL_PARAMETER (3|ERR_R_FATAL)
+# define ERR_R_INTERNAL_ERROR (4|ERR_R_FATAL)
+# define ERR_R_DISABLED (5|ERR_R_FATAL)
+# define ERR_R_INIT_FAIL (6|ERR_R_FATAL)
+# define ERR_R_PASSED_INVALID_ARGUMENT (7)
+# define ERR_R_OPERATION_FAIL (8|ERR_R_FATAL)
+# define ERR_R_INVALID_PROVIDER_FUNCTIONS (9|ERR_R_FATAL)
+# define ERR_R_INTERRUPTED_OR_CANCELLED (10)
+
+/*
+ * 99 is the maximum possible ERR_R_... code, higher values are reserved for
+ * the individual libraries
+ */
+
+typedef struct ERR_string_data_st {
+ unsigned long error;
+ const char *string;
+} ERR_STRING_DATA;
+
+DEFINE_LHASH_OF(ERR_STRING_DATA);
+
+/* 12 lines and some on an 80 column terminal */
+#define ERR_MAX_DATA_SIZE 1024
+
+/* Building blocks */
+void ERR_new(void);
+void ERR_set_debug(const char *file, int line, const char *func);
+void ERR_set_error(int lib, int reason, const char *fmt, ...);
+void ERR_vset_error(int lib, int reason, const char *fmt, va_list args);
+
+/* Main error raising functions */
+# define ERR_raise(lib, reason) ERR_raise_data((lib),(reason),NULL)
+# define ERR_raise_data \
+ (ERR_new(), \
+ ERR_set_debug(OPENSSL_FILE,OPENSSL_LINE,OPENSSL_FUNC), \
+ ERR_set_error)
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+/* Backward compatibility */
+# define ERR_put_error(lib, func, reason, file, line) \
+ (ERR_new(), \
+ ERR_set_debug((file), (line), OPENSSL_FUNC), \
+ ERR_set_error((lib), (reason), NULL))
+# endif
+
+void ERR_set_error_data(char *data, int flags);
+
+unsigned long ERR_get_error(void);
+/*
+ * TODO(3.0) consider if the following three functions should be deprecated.
+ * They all drop the error record from the error queue, so regardless of which
+ * one is used, the rest of the information is lost, making them not so useful.
+ * The recommendation should be to use the peek functions to extract all the
+ * additional data.
+ */
+unsigned long ERR_get_error_line(const char **file, int *line);
+unsigned long ERR_get_error_func(const char **func);
+unsigned long ERR_get_error_data(const char **data, int *flags);
+unsigned long ERR_get_error_all(const char **file, int *line,
+ const char **func,
+ const char **data, int *flags);
+DEPRECATEDIN_3_0(unsigned long ERR_get_error_line_data(const char **file,
+ int *line,
+ const char **data,
+ int *flags))
+unsigned long ERR_peek_error(void);
+unsigned long ERR_peek_error_line(const char **file, int *line);
+unsigned long ERR_peek_error_func(const char **func);
+unsigned long ERR_peek_error_data(const char **data, int *flags);
+unsigned long ERR_peek_error_all(const char **file, int *line,
+ const char **func,
+ const char **data, int *flags);
+DEPRECATEDIN_3_0(unsigned long ERR_peek_error_line_data(const char **file,
+ int *line,
+ const char **data,
+ int *flags))
+unsigned long ERR_peek_last_error(void);
+unsigned long ERR_peek_last_error_line(const char **file, int *line);
+unsigned long ERR_peek_last_error_func(const char **func);
+unsigned long ERR_peek_last_error_data(const char **data, int *flags);
+unsigned long ERR_peek_last_error_all(const char **file, int *line,
+ const char **func,
+ const char **data, int *flags);
+DEPRECATEDIN_3_0(unsigned long ERR_peek_last_error_line_data(const char **file,
+ int *line,
+ const char **data,
+ int *flags))
+
+void ERR_clear_error(void);
+
+char *ERR_error_string(unsigned long e, char *buf);
+void ERR_error_string_n(unsigned long e, char *buf, size_t len);
+const char *ERR_lib_error_string(unsigned long e);
+DEPRECATEDIN_3_0(const char *ERR_func_error_string(unsigned long e))
+const char *ERR_reason_error_string(unsigned long e);
+
+void ERR_print_errors_cb(int (*cb) (const char *str, size_t len, void *u),
+ void *u);
+# ifndef OPENSSL_NO_STDIO
+void ERR_print_errors_fp(FILE *fp);
+# endif
+void ERR_print_errors(BIO *bp);
+
+void ERR_add_error_data(int num, ...);
+void ERR_add_error_vdata(int num, va_list args);
+void ERR_add_error_txt(const char *sepr, const char *txt);
+void ERR_add_error_mem_bio(const char *sep, BIO *bio);
+
+int ERR_load_strings(int lib, ERR_STRING_DATA *str);
+int ERR_load_strings_const(const ERR_STRING_DATA *str);
+int ERR_unload_strings(int lib, ERR_STRING_DATA *str);
+int ERR_load_ERR_strings(void);
+
+#ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# define ERR_load_crypto_strings() \
+ OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL)
+# define ERR_free_strings() while(0) continue
+#endif
+
+DEPRECATEDIN_1_1_0(void ERR_remove_thread_state(void *))
+DEPRECATEDIN_1_0_0(void ERR_remove_state(unsigned long pid))
+DEPRECATEDIN_3_0(ERR_STATE *ERR_get_state(void))
+
+int ERR_get_next_error_library(void);
+
+int ERR_set_mark(void);
+int ERR_pop_to_mark(void);
+int ERR_clear_last_mark(void);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/openssl/include/openssl/ess.h b/openssl/include/openssl/ess.h new file mode 100644 index 00000000..507bf9c3 --- /dev/null +++ b/openssl/include/openssl/ess.h @@ -0,0 +1,57 @@ +/*
+ * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_ESS_H
+# define OPENSSL_ESS_H
+
+# include <openssl/opensslconf.h>
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+# include <openssl/safestack.h>
+# include <openssl/x509.h>
+# include <openssl/esserr.h>
+
+
+typedef struct ESS_issuer_serial ESS_ISSUER_SERIAL;
+typedef struct ESS_cert_id ESS_CERT_ID;
+typedef struct ESS_signing_cert ESS_SIGNING_CERT;
+
+DEFINE_OR_DECLARE_STACK_OF(ESS_CERT_ID)
+
+typedef struct ESS_signing_cert_v2_st ESS_SIGNING_CERT_V2;
+typedef struct ESS_cert_id_v2_st ESS_CERT_ID_V2;
+
+DEFINE_OR_DECLARE_STACK_OF(ESS_CERT_ID_V2)
+
+DECLARE_ASN1_ALLOC_FUNCTIONS(ESS_ISSUER_SERIAL)
+DECLARE_ASN1_ENCODE_FUNCTIONS_only(ESS_ISSUER_SERIAL, ESS_ISSUER_SERIAL)
+DECLARE_ASN1_DUP_FUNCTION(ESS_ISSUER_SERIAL)
+
+DECLARE_ASN1_ALLOC_FUNCTIONS(ESS_CERT_ID)
+DECLARE_ASN1_ENCODE_FUNCTIONS_only(ESS_CERT_ID, ESS_CERT_ID)
+DECLARE_ASN1_DUP_FUNCTION(ESS_CERT_ID)
+
+DECLARE_ASN1_ALLOC_FUNCTIONS(ESS_SIGNING_CERT)
+DECLARE_ASN1_ENCODE_FUNCTIONS_only(ESS_SIGNING_CERT, ESS_SIGNING_CERT)
+DECLARE_ASN1_DUP_FUNCTION(ESS_SIGNING_CERT)
+
+DECLARE_ASN1_ALLOC_FUNCTIONS(ESS_CERT_ID_V2)
+DECLARE_ASN1_ENCODE_FUNCTIONS_only(ESS_CERT_ID_V2, ESS_CERT_ID_V2)
+DECLARE_ASN1_DUP_FUNCTION(ESS_CERT_ID_V2)
+
+DECLARE_ASN1_ALLOC_FUNCTIONS(ESS_SIGNING_CERT_V2)
+DECLARE_ASN1_ENCODE_FUNCTIONS_only(ESS_SIGNING_CERT_V2, ESS_SIGNING_CERT_V2)
+DECLARE_ASN1_DUP_FUNCTION(ESS_SIGNING_CERT_V2)
+
+# ifdef __cplusplus
+}
+# endif
+#endif
diff --git a/openssl/include/openssl/esserr.h b/openssl/include/openssl/esserr.h new file mode 100644 index 00000000..6dd31163 --- /dev/null +++ b/openssl/include/openssl/esserr.h @@ -0,0 +1,43 @@ +/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_ESSERR_H
+# define OPENSSL_ESSERR_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+
+
+# ifdef __cplusplus
+extern "C"
+# endif
+int ERR_load_ESS_strings(void);
+
+/*
+ * ESS function codes.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define ESS_F_ESS_CERT_ID_NEW_INIT 0
+# define ESS_F_ESS_CERT_ID_V2_NEW_INIT 0
+# define ESS_F_ESS_SIGNING_CERT_ADD 0
+# define ESS_F_ESS_SIGNING_CERT_NEW_INIT 0
+# define ESS_F_ESS_SIGNING_CERT_V2_ADD 0
+# define ESS_F_ESS_SIGNING_CERT_V2_NEW_INIT 0
+# endif
+
+/*
+ * ESS reason codes.
+ */
+# define ESS_R_ESS_SIGNING_CERTIFICATE_ERROR 102
+# define ESS_R_ESS_SIGNING_CERT_ADD_ERROR 100
+# define ESS_R_ESS_SIGNING_CERT_V2_ADD_ERROR 101
+
+#endif
diff --git a/openssl/include/openssl/evp.h b/openssl/include/openssl/evp.h new file mode 100644 index 00000000..1f824957 --- /dev/null +++ b/openssl/include/openssl/evp.h @@ -0,0 +1,1948 @@ +/*
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_EVP_H
+# define OPENSSL_EVP_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_ENVELOPE_H
+# endif
+
+# include <stdarg.h>
+
+# include <openssl/opensslconf.h>
+# include <openssl/types.h>
+# include <openssl/core.h>
+# include <openssl/symhacks.h>
+# include <openssl/bio.h>
+# include <openssl/evperr.h>
+# include <openssl/params.h>
+
+# include <openssl/mac.h>
+
+# define EVP_MAX_MD_SIZE 64/* longest known is SHA512 */
+# define EVP_MAX_KEY_LENGTH 64
+# define EVP_MAX_IV_LENGTH 16
+# define EVP_MAX_BLOCK_LENGTH 32
+
+# define PKCS5_SALT_LEN 8
+/* Default PKCS#5 iteration count */
+# define PKCS5_DEFAULT_ITER 2048
+
+# include <openssl/objects.h>
+
+# define EVP_PK_RSA 0x0001
+# define EVP_PK_DSA 0x0002
+# define EVP_PK_DH 0x0004
+# define EVP_PK_EC 0x0008
+# define EVP_PKT_SIGN 0x0010
+# define EVP_PKT_ENC 0x0020
+# define EVP_PKT_EXCH 0x0040
+# define EVP_PKS_RSA 0x0100
+# define EVP_PKS_DSA 0x0200
+# define EVP_PKS_EC 0x0400
+
+# define EVP_PKEY_NONE NID_undef
+# define EVP_PKEY_RSA NID_rsaEncryption
+# define EVP_PKEY_RSA2 NID_rsa
+# define EVP_PKEY_RSA_PSS NID_rsassaPss
+# define EVP_PKEY_DSA NID_dsa
+# define EVP_PKEY_DSA1 NID_dsa_2
+# define EVP_PKEY_DSA2 NID_dsaWithSHA
+# define EVP_PKEY_DSA3 NID_dsaWithSHA1
+# define EVP_PKEY_DSA4 NID_dsaWithSHA1_2
+# define EVP_PKEY_DH NID_dhKeyAgreement
+# define EVP_PKEY_DHX NID_dhpublicnumber
+# define EVP_PKEY_EC NID_X9_62_id_ecPublicKey
+# define EVP_PKEY_SM2 NID_sm2
+# define EVP_PKEY_HMAC NID_hmac
+# define EVP_PKEY_CMAC NID_cmac
+# define EVP_PKEY_SCRYPT NID_id_scrypt
+# define EVP_PKEY_TLS1_PRF NID_tls1_prf
+# define EVP_PKEY_HKDF NID_hkdf
+# define EVP_PKEY_POLY1305 NID_poly1305
+# define EVP_PKEY_SIPHASH NID_siphash
+# define EVP_PKEY_X25519 NID_X25519
+# define EVP_PKEY_ED25519 NID_ED25519
+# define EVP_PKEY_X448 NID_X448
+# define EVP_PKEY_ED448 NID_ED448
+/* Special indicator that the object is uniquely provider side */
+# define EVP_PKEY_KEYMGMT -1
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+int EVP_set_default_properties(OPENSSL_CTX *libctx, const char *propq);
+int EVP_default_properties_is_fips_enabled(OPENSSL_CTX *libctx);
+int EVP_default_properties_enable_fips(OPENSSL_CTX *libctx, int enable);
+
+# define EVP_PKEY_MO_SIGN 0x0001
+# define EVP_PKEY_MO_VERIFY 0x0002
+# define EVP_PKEY_MO_ENCRYPT 0x0004
+# define EVP_PKEY_MO_DECRYPT 0x0008
+
+# ifndef EVP_MD
+EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type);
+EVP_MD *EVP_MD_meth_dup(const EVP_MD *md);
+void EVP_MD_meth_free(EVP_MD *md);
+
+int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize);
+int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize);
+int EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize);
+int EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags);
+int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx));
+int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx,
+ const void *data,
+ size_t count));
+int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx,
+ unsigned char *md));
+int EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to,
+ const EVP_MD_CTX *from));
+int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx));
+int EVP_MD_meth_set_ctrl(EVP_MD *md, int (*ctrl)(EVP_MD_CTX *ctx, int cmd,
+ int p1, void *p2));
+
+int EVP_MD_meth_get_input_blocksize(const EVP_MD *md);
+int EVP_MD_meth_get_result_size(const EVP_MD *md);
+int EVP_MD_meth_get_app_datasize(const EVP_MD *md);
+unsigned long EVP_MD_meth_get_flags(const EVP_MD *md);
+int (*EVP_MD_meth_get_init(const EVP_MD *md))(EVP_MD_CTX *ctx);
+int (*EVP_MD_meth_get_update(const EVP_MD *md))(EVP_MD_CTX *ctx,
+ const void *data,
+ size_t count);
+int (*EVP_MD_meth_get_final(const EVP_MD *md))(EVP_MD_CTX *ctx,
+ unsigned char *md);
+int (*EVP_MD_meth_get_copy(const EVP_MD *md))(EVP_MD_CTX *to,
+ const EVP_MD_CTX *from);
+int (*EVP_MD_meth_get_cleanup(const EVP_MD *md))(EVP_MD_CTX *ctx);
+int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd,
+ int p1, void *p2);
+
+/* digest can only handle a single block */
+# define EVP_MD_FLAG_ONESHOT 0x0001
+
+/* digest is extensible-output function, XOF */
+# define EVP_MD_FLAG_XOF 0x0002
+
+/* DigestAlgorithmIdentifier flags... */
+
+# define EVP_MD_FLAG_DIGALGID_MASK 0x0018
+
+/* NULL or absent parameter accepted. Use NULL */
+
+# define EVP_MD_FLAG_DIGALGID_NULL 0x0000
+
+/* NULL or absent parameter accepted. Use NULL for PKCS#1 otherwise absent */
+
+# define EVP_MD_FLAG_DIGALGID_ABSENT 0x0008
+
+/* Custom handling via ctrl */
+
+# define EVP_MD_FLAG_DIGALGID_CUSTOM 0x0018
+
+/* Note if suitable for use in FIPS mode */
+# define EVP_MD_FLAG_FIPS 0x0400
+
+/* Digest ctrls */
+
+# define EVP_MD_CTRL_DIGALGID 0x1
+# define EVP_MD_CTRL_MICALG 0x2
+# define EVP_MD_CTRL_XOF_LEN 0x3
+# define EVP_MD_CTRL_TLSTREE 0x4
+
+/* Minimum Algorithm specific ctrl value */
+
+# define EVP_MD_CTRL_ALG_CTRL 0x1000
+
+# endif /* !EVP_MD */
+
+/* values for EVP_MD_CTX flags */
+
+# define EVP_MD_CTX_FLAG_ONESHOT 0x0001/* digest update will be
+ * called once only */
+# define EVP_MD_CTX_FLAG_CLEANED 0x0002/* context has already been
+ * cleaned */
+# define EVP_MD_CTX_FLAG_REUSE 0x0004/* Don't free up ctx->md_data
+ * in EVP_MD_CTX_reset */
+/*
+ * FIPS and pad options are ignored in 1.0.0, definitions are here so we
+ * don't accidentally reuse the values for other purposes.
+ */
+
+# define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW 0x0008/* Allow use of non FIPS
+ * digest in FIPS mode */
+
+/*
+ * The following PAD options are also currently ignored in 1.0.0, digest
+ * parameters are handled through EVP_DigestSign*() and EVP_DigestVerify*()
+ * instead.
+ */
+# define EVP_MD_CTX_FLAG_PAD_MASK 0xF0/* RSA mode to use */
+# define EVP_MD_CTX_FLAG_PAD_PKCS1 0x00/* PKCS#1 v1.5 mode */
+# define EVP_MD_CTX_FLAG_PAD_X931 0x10/* X9.31 mode */
+# define EVP_MD_CTX_FLAG_PAD_PSS 0x20/* PSS mode */
+
+# define EVP_MD_CTX_FLAG_NO_INIT 0x0100/* Don't initialize md_data */
+/*
+ * Some functions such as EVP_DigestSign only finalise copies of internal
+ * contexts so additional data can be included after the finalisation call.
+ * This is inefficient if this functionality is not required: it is disabled
+ * if the following flag is set.
+ */
+# define EVP_MD_CTX_FLAG_FINALISE 0x0200
+/* NOTE: 0x0400 is reserved for internal usage */
+
+EVP_CIPHER *EVP_CIPHER_meth_new(int cipher_type, int block_size, int key_len);
+EVP_CIPHER *EVP_CIPHER_meth_dup(const EVP_CIPHER *cipher);
+void EVP_CIPHER_meth_free(EVP_CIPHER *cipher);
+
+int EVP_CIPHER_meth_set_iv_length(EVP_CIPHER *cipher, int iv_len);
+int EVP_CIPHER_meth_set_flags(EVP_CIPHER *cipher, unsigned long flags);
+int EVP_CIPHER_meth_set_impl_ctx_size(EVP_CIPHER *cipher, int ctx_size);
+int EVP_CIPHER_meth_set_init(EVP_CIPHER *cipher,
+ int (*init) (EVP_CIPHER_CTX *ctx,
+ const unsigned char *key,
+ const unsigned char *iv,
+ int enc));
+int EVP_CIPHER_meth_set_do_cipher(EVP_CIPHER *cipher,
+ int (*do_cipher) (EVP_CIPHER_CTX *ctx,
+ unsigned char *out,
+ const unsigned char *in,
+ size_t inl));
+int EVP_CIPHER_meth_set_cleanup(EVP_CIPHER *cipher,
+ int (*cleanup) (EVP_CIPHER_CTX *));
+int EVP_CIPHER_meth_set_set_asn1_params(EVP_CIPHER *cipher,
+ int (*set_asn1_parameters) (EVP_CIPHER_CTX *,
+ ASN1_TYPE *));
+int EVP_CIPHER_meth_set_get_asn1_params(EVP_CIPHER *cipher,
+ int (*get_asn1_parameters) (EVP_CIPHER_CTX *,
+ ASN1_TYPE *));
+int EVP_CIPHER_meth_set_ctrl(EVP_CIPHER *cipher,
+ int (*ctrl) (EVP_CIPHER_CTX *, int type,
+ int arg, void *ptr));
+
+int (*EVP_CIPHER_meth_get_init(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+ const unsigned char *key,
+ const unsigned char *iv,
+ int enc);
+int (*EVP_CIPHER_meth_get_do_cipher(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+ unsigned char *out,
+ const unsigned char *in,
+ size_t inl);
+int (*EVP_CIPHER_meth_get_cleanup(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *);
+int (*EVP_CIPHER_meth_get_set_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+ ASN1_TYPE *);
+int (*EVP_CIPHER_meth_get_get_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+ ASN1_TYPE *);
+int (*EVP_CIPHER_meth_get_ctrl(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+ int type, int arg,
+ void *ptr);
+
+/* Values for cipher flags */
+
+/* Modes for ciphers */
+
+# define EVP_CIPH_STREAM_CIPHER 0x0
+# define EVP_CIPH_ECB_MODE 0x1
+# define EVP_CIPH_CBC_MODE 0x2
+# define EVP_CIPH_CFB_MODE 0x3
+# define EVP_CIPH_OFB_MODE 0x4
+# define EVP_CIPH_CTR_MODE 0x5
+# define EVP_CIPH_GCM_MODE 0x6
+# define EVP_CIPH_CCM_MODE 0x7
+# define EVP_CIPH_XTS_MODE 0x10001
+# define EVP_CIPH_WRAP_MODE 0x10002
+# define EVP_CIPH_OCB_MODE 0x10003
+# define EVP_CIPH_SIV_MODE 0x10004
+# define EVP_CIPH_MODE 0xF0007
+/* Set if variable length cipher */
+# define EVP_CIPH_VARIABLE_LENGTH 0x8
+/* Set if the iv handling should be done by the cipher itself */
+# define EVP_CIPH_CUSTOM_IV 0x10
+/* Set if the cipher's init() function should be called if key is NULL */
+# define EVP_CIPH_ALWAYS_CALL_INIT 0x20
+/* Call ctrl() to init cipher parameters */
+# define EVP_CIPH_CTRL_INIT 0x40
+/* Don't use standard key length function */
+# define EVP_CIPH_CUSTOM_KEY_LENGTH 0x80
+/* Don't use standard block padding */
+# define EVP_CIPH_NO_PADDING 0x100
+/* cipher handles random key generation */
+# define EVP_CIPH_RAND_KEY 0x200
+/* cipher has its own additional copying logic */
+# define EVP_CIPH_CUSTOM_COPY 0x400
+/* Don't use standard iv length function */
+# define EVP_CIPH_CUSTOM_IV_LENGTH 0x800
+/* Legacy and no longer relevant: Allow use default ASN1 get/set iv */
+# define EVP_CIPH_FLAG_DEFAULT_ASN1 0
+/* Free: 0x1000 */
+/* Buffer length in bits not bytes: CFB1 mode only */
+# define EVP_CIPH_FLAG_LENGTH_BITS 0x2000
+/* Note if suitable for use in FIPS mode */
+# define EVP_CIPH_FLAG_FIPS 0x4000
+/* Allow non FIPS cipher in FIPS mode */
+# define EVP_CIPH_FLAG_NON_FIPS_ALLOW 0x8000
+/*
+ * Cipher handles any and all padding logic as well as finalisation.
+ */
+# define EVP_CIPH_FLAG_CUSTOM_CIPHER 0x100000
+# define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000
+# define EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK 0x400000
+/* Cipher can handle pipeline operations */
+# define EVP_CIPH_FLAG_PIPELINE 0X800000
+/* For provider implementations that handle ASN1 get/set param themselves */
+# define EVP_CIPH_FLAG_CUSTOM_ASN1 0x1000000
+/* For ciphers generating unprotected CMS attributes */
+# define EVP_CIPH_FLAG_CIPHER_WITH_MAC 0x2000000
+/* For supplementary wrap cipher support */
+# define EVP_CIPH_FLAG_GET_WRAP_CIPHER 0x4000000
+
+/*
+ * Cipher context flag to indicate we can handle wrap mode: if allowed in
+ * older applications it could overflow buffers.
+ */
+
+# define EVP_CIPHER_CTX_FLAG_WRAP_ALLOW 0x1
+
+/* ctrl() values */
+
+# define EVP_CTRL_INIT 0x0
+# define EVP_CTRL_SET_KEY_LENGTH 0x1
+# define EVP_CTRL_GET_RC2_KEY_BITS 0x2
+# define EVP_CTRL_SET_RC2_KEY_BITS 0x3
+# define EVP_CTRL_GET_RC5_ROUNDS 0x4
+# define EVP_CTRL_SET_RC5_ROUNDS 0x5
+# define EVP_CTRL_RAND_KEY 0x6
+# define EVP_CTRL_PBE_PRF_NID 0x7
+# define EVP_CTRL_COPY 0x8
+# define EVP_CTRL_AEAD_SET_IVLEN 0x9
+# define EVP_CTRL_AEAD_GET_TAG 0x10
+# define EVP_CTRL_AEAD_SET_TAG 0x11
+# define EVP_CTRL_AEAD_SET_IV_FIXED 0x12
+# define EVP_CTRL_GCM_SET_IVLEN EVP_CTRL_AEAD_SET_IVLEN
+# define EVP_CTRL_GCM_GET_TAG EVP_CTRL_AEAD_GET_TAG
+# define EVP_CTRL_GCM_SET_TAG EVP_CTRL_AEAD_SET_TAG
+# define EVP_CTRL_GCM_SET_IV_FIXED EVP_CTRL_AEAD_SET_IV_FIXED
+# define EVP_CTRL_GCM_IV_GEN 0x13
+# define EVP_CTRL_CCM_SET_IVLEN EVP_CTRL_AEAD_SET_IVLEN
+# define EVP_CTRL_CCM_GET_TAG EVP_CTRL_AEAD_GET_TAG
+# define EVP_CTRL_CCM_SET_TAG EVP_CTRL_AEAD_SET_TAG
+# define EVP_CTRL_CCM_SET_IV_FIXED EVP_CTRL_AEAD_SET_IV_FIXED
+# define EVP_CTRL_CCM_SET_L 0x14
+# define EVP_CTRL_CCM_SET_MSGLEN 0x15
+/*
+ * AEAD cipher deduces payload length and returns number of bytes required to
+ * store MAC and eventual padding. Subsequent call to EVP_Cipher even
+ * appends/verifies MAC.
+ */
+# define EVP_CTRL_AEAD_TLS1_AAD 0x16
+/* Used by composite AEAD ciphers, no-op in GCM, CCM... */
+# define EVP_CTRL_AEAD_SET_MAC_KEY 0x17
+/* Set the GCM invocation field, decrypt only */
+# define EVP_CTRL_GCM_SET_IV_INV 0x18
+
+# define EVP_CTRL_TLS1_1_MULTIBLOCK_AAD 0x19
+# define EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT 0x1a
+# define EVP_CTRL_TLS1_1_MULTIBLOCK_DECRYPT 0x1b
+# define EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE 0x1c
+
+# define EVP_CTRL_SSL3_MASTER_SECRET 0x1d
+
+/* EVP_CTRL_SET_SBOX takes the char * specifying S-boxes */
+# define EVP_CTRL_SET_SBOX 0x1e
+/*
+ * EVP_CTRL_SBOX_USED takes a 'size_t' and 'char *', pointing at a
+ * pre-allocated buffer with specified size
+ */
+# define EVP_CTRL_SBOX_USED 0x1f
+/* EVP_CTRL_KEY_MESH takes 'size_t' number of bytes to mesh the key after,
+ * 0 switches meshing off
+ */
+# define EVP_CTRL_KEY_MESH 0x20
+/* EVP_CTRL_BLOCK_PADDING_MODE takes the padding mode */
+# define EVP_CTRL_BLOCK_PADDING_MODE 0x21
+
+/* Set the output buffers to use for a pipelined operation */
+# define EVP_CTRL_SET_PIPELINE_OUTPUT_BUFS 0x22
+/* Set the input buffers to use for a pipelined operation */
+# define EVP_CTRL_SET_PIPELINE_INPUT_BUFS 0x23
+/* Set the input buffer lengths to use for a pipelined operation */
+# define EVP_CTRL_SET_PIPELINE_INPUT_LENS 0x24
+/* Get the IV length used by the cipher */
+# define EVP_CTRL_GET_IVLEN 0x25
+/* Get the IV used by the cipher */
+# define EVP_CTRL_GET_IV 0x26
+/* Tell the cipher it's doing a speed test (SIV disallows multiple ops) */
+# define EVP_CTRL_SET_SPEED 0x27
+/* Get the unprotectedAttrs from cipher ctx */
+# define EVP_CTRL_PROCESS_UNPROTECTED 0x28
+/* Get the supplementary wrap cipher */
+#define EVP_CTRL_GET_WRAP_CIPHER 0x29
+/* TLSTREE key diversification */
+#define EVP_CTRL_TLSTREE 0x2A
+
+/* Padding modes */
+#define EVP_PADDING_PKCS7 1
+#define EVP_PADDING_ISO7816_4 2
+#define EVP_PADDING_ANSI923 3
+#define EVP_PADDING_ISO10126 4
+#define EVP_PADDING_ZERO 5
+
+/* RFC 5246 defines additional data to be 13 bytes in length */
+# define EVP_AEAD_TLS1_AAD_LEN 13
+
+typedef struct {
+ unsigned char *out;
+ const unsigned char *inp;
+ size_t len;
+ unsigned int interleave;
+} EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM;
+
+/* GCM TLS constants */
+/* Length of fixed part of IV derived from PRF */
+# define EVP_GCM_TLS_FIXED_IV_LEN 4
+/* Length of explicit part of IV part of TLS records */
+# define EVP_GCM_TLS_EXPLICIT_IV_LEN 8
+/* Length of tag for TLS */
+# define EVP_GCM_TLS_TAG_LEN 16
+
+/* CCM TLS constants */
+/* Length of fixed part of IV derived from PRF */
+# define EVP_CCM_TLS_FIXED_IV_LEN 4
+/* Length of explicit part of IV part of TLS records */
+# define EVP_CCM_TLS_EXPLICIT_IV_LEN 8
+/* Total length of CCM IV length for TLS */
+# define EVP_CCM_TLS_IV_LEN 12
+/* Length of tag for TLS */
+# define EVP_CCM_TLS_TAG_LEN 16
+/* Length of CCM8 tag for TLS */
+# define EVP_CCM8_TLS_TAG_LEN 8
+
+/* Length of tag for TLS */
+# define EVP_CHACHAPOLY_TLS_TAG_LEN 16
+
+typedef struct evp_cipher_info_st {
+ const EVP_CIPHER *cipher;
+ unsigned char iv[EVP_MAX_IV_LENGTH];
+} EVP_CIPHER_INFO;
+
+
+/* Password based encryption function */
+typedef int (EVP_PBE_KEYGEN) (EVP_CIPHER_CTX *ctx, const char *pass,
+ int passlen, ASN1_TYPE *param,
+ const EVP_CIPHER *cipher, const EVP_MD *md,
+ int en_de);
+
+# ifndef OPENSSL_NO_RSA
+# define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
+ (rsa))
+# endif
+
+# ifndef OPENSSL_NO_DSA
+# define EVP_PKEY_assign_DSA(pkey,dsa) EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\
+ (dsa))
+# endif
+
+# ifndef OPENSSL_NO_DH
+# define EVP_PKEY_assign_DH(pkey,dh) EVP_PKEY_assign((pkey),EVP_PKEY_DH,(dh))
+# endif
+
+# ifndef OPENSSL_NO_EC
+# define EVP_PKEY_assign_EC_KEY(pkey,eckey) EVP_PKEY_assign((pkey),EVP_PKEY_EC,\
+ (eckey))
+# endif
+# ifndef OPENSSL_NO_SIPHASH
+# define EVP_PKEY_assign_SIPHASH(pkey,shkey) EVP_PKEY_assign((pkey),\
+ EVP_PKEY_SIPHASH,(shkey))
+# endif
+
+# ifndef OPENSSL_NO_POLY1305
+# define EVP_PKEY_assign_POLY1305(pkey,polykey) EVP_PKEY_assign((pkey),\
+ EVP_PKEY_POLY1305,(polykey))
+# endif
+
+/* Add some extra combinations */
+# define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a))
+# define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a))
+# define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a))
+# define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a))
+
+int EVP_MD_type(const EVP_MD *md);
+# define EVP_MD_nid(e) EVP_MD_type(e)
+const char *EVP_MD_name(const EVP_MD *md);
+int EVP_MD_number(const EVP_MD *md);
+int EVP_MD_is_a(const EVP_MD *md, const char *name);
+void EVP_MD_names_do_all(const EVP_MD *md,
+ void (*fn)(const char *name, void *data),
+ void *data);
+const OSSL_PROVIDER *EVP_MD_provider(const EVP_MD *md);
+int EVP_MD_pkey_type(const EVP_MD *md);
+int EVP_MD_size(const EVP_MD *md);
+int EVP_MD_block_size(const EVP_MD *md);
+unsigned long EVP_MD_flags(const EVP_MD *md);
+
+const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+int (*EVP_MD_CTX_update_fn(EVP_MD_CTX *ctx))(EVP_MD_CTX *ctx,
+ const void *data, size_t count);
+void EVP_MD_CTX_set_update_fn(EVP_MD_CTX *ctx,
+ int (*update) (EVP_MD_CTX *ctx,
+ const void *data, size_t count));
+# define EVP_MD_CTX_name(e) EVP_MD_name(EVP_MD_CTX_md(e))
+# define EVP_MD_CTX_size(e) EVP_MD_size(EVP_MD_CTX_md(e))
+# define EVP_MD_CTX_block_size(e) EVP_MD_block_size(EVP_MD_CTX_md(e))
+# define EVP_MD_CTX_type(e) EVP_MD_type(EVP_MD_CTX_md(e))
+EVP_PKEY_CTX *EVP_MD_CTX_pkey_ctx(const EVP_MD_CTX *ctx);
+void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx);
+void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx);
+
+int EVP_CIPHER_nid(const EVP_CIPHER *cipher);
+const char *EVP_CIPHER_name(const EVP_CIPHER *cipher);
+int EVP_CIPHER_number(const EVP_CIPHER *cipher);
+int EVP_CIPHER_is_a(const EVP_CIPHER *cipher, const char *name);
+void EVP_CIPHER_names_do_all(const EVP_CIPHER *cipher,
+ void (*fn)(const char *name, void *data),
+ void *data);
+const OSSL_PROVIDER *EVP_CIPHER_provider(const EVP_CIPHER *cipher);
+int EVP_CIPHER_block_size(const EVP_CIPHER *cipher);
+int EVP_CIPHER_impl_ctx_size(const EVP_CIPHER *cipher);
+int EVP_CIPHER_key_length(const EVP_CIPHER *cipher);
+int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher);
+unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher);
+int EVP_CIPHER_mode(const EVP_CIPHER *cipher);
+EVP_CIPHER *EVP_CIPHER_fetch(OPENSSL_CTX *ctx, const char *algorithm,
+ const char *properties);
+int EVP_CIPHER_up_ref(EVP_CIPHER *cipher);
+void EVP_CIPHER_free(EVP_CIPHER *cipher);
+
+const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+int EVP_CIPHER_CTX_encrypting(const EVP_CIPHER_CTX *ctx);
+int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+int EVP_CIPHER_CTX_tag_length(const EVP_CIPHER_CTX *ctx);
+const unsigned char *EVP_CIPHER_CTX_iv(const EVP_CIPHER_CTX *ctx);
+const unsigned char *EVP_CIPHER_CTX_original_iv(const EVP_CIPHER_CTX *ctx);
+unsigned char *EVP_CIPHER_CTX_iv_noconst(EVP_CIPHER_CTX *ctx);
+unsigned char *EVP_CIPHER_CTX_buf_noconst(EVP_CIPHER_CTX *ctx);
+int EVP_CIPHER_CTX_num(const EVP_CIPHER_CTX *ctx);
+int EVP_CIPHER_CTX_set_num(EVP_CIPHER_CTX *ctx, int num);
+int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in);
+void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data);
+void *EVP_CIPHER_CTX_get_cipher_data(const EVP_CIPHER_CTX *ctx);
+void *EVP_CIPHER_CTX_set_cipher_data(EVP_CIPHER_CTX *ctx, void *cipher_data);
+# define EVP_CIPHER_CTX_name(c) EVP_CIPHER_name(EVP_CIPHER_CTX_cipher(c))
+# define EVP_CIPHER_CTX_type(c) EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c))
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# define EVP_CIPHER_CTX_flags(c) EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(c))
+# endif
+# define EVP_CIPHER_CTX_mode(c) EVP_CIPHER_mode(EVP_CIPHER_CTX_cipher(c))
+
+# define EVP_ENCODE_LENGTH(l) ((((l)+2)/3*4)+((l)/48+1)*2+80)
+# define EVP_DECODE_LENGTH(l) (((l)+3)/4*3+80)
+
+# define EVP_SignInit_ex(a,b,c) EVP_DigestInit_ex(a,b,c)
+# define EVP_SignInit(a,b) EVP_DigestInit(a,b)
+# define EVP_SignUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
+# define EVP_VerifyInit_ex(a,b,c) EVP_DigestInit_ex(a,b,c)
+# define EVP_VerifyInit(a,b) EVP_DigestInit(a,b)
+# define EVP_VerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
+# define EVP_OpenUpdate(a,b,c,d,e) EVP_DecryptUpdate(a,b,c,d,e)
+# define EVP_SealUpdate(a,b,c,d,e) EVP_EncryptUpdate(a,b,c,d,e)
+
+# ifdef CONST_STRICT
+void BIO_set_md(BIO *, const EVP_MD *md);
+# else
+# define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,0,(void *)(md))
+# endif
+# define BIO_get_md(b,mdp) BIO_ctrl(b,BIO_C_GET_MD,0,(mdp))
+# define BIO_get_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_GET_MD_CTX,0,(mdcp))
+# define BIO_set_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_SET_MD_CTX,0,(mdcp))
+# define BIO_get_cipher_status(b) BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL)
+# define BIO_get_cipher_ctx(b,c_pp) BIO_ctrl(b,BIO_C_GET_CIPHER_CTX,0,(c_pp))
+
+/*__owur*/ int EVP_Cipher(EVP_CIPHER_CTX *c,
+ unsigned char *out,
+ const unsigned char *in, unsigned int inl);
+
+# define EVP_add_cipher_alias(n,alias) \
+ OBJ_NAME_add((alias),OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS,(n))
+# define EVP_add_digest_alias(n,alias) \
+ OBJ_NAME_add((alias),OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,(n))
+# define EVP_delete_cipher_alias(alias) \
+ OBJ_NAME_remove(alias,OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS);
+# define EVP_delete_digest_alias(alias) \
+ OBJ_NAME_remove(alias,OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS);
+
+int EVP_MD_get_params(const EVP_MD *digest, OSSL_PARAM params[]);
+int EVP_MD_CTX_set_params(EVP_MD_CTX *ctx, const OSSL_PARAM params[]);
+int EVP_MD_CTX_get_params(EVP_MD_CTX *ctx, OSSL_PARAM params[]);
+const OSSL_PARAM *EVP_MD_gettable_params(const EVP_MD *digest);
+const OSSL_PARAM *EVP_MD_settable_ctx_params(const EVP_MD *md);
+const OSSL_PARAM *EVP_MD_gettable_ctx_params(const EVP_MD *md);
+const OSSL_PARAM *EVP_MD_CTX_settable_params(EVP_MD_CTX *ctx);
+const OSSL_PARAM *EVP_MD_CTX_gettable_params(EVP_MD_CTX *ctx);
+int EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2);
+EVP_MD_CTX *EVP_MD_CTX_new(void);
+int EVP_MD_CTX_reset(EVP_MD_CTX *ctx);
+void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
+# define EVP_MD_CTX_create() EVP_MD_CTX_new()
+# define EVP_MD_CTX_init(ctx) EVP_MD_CTX_reset((ctx))
+# define EVP_MD_CTX_destroy(ctx) EVP_MD_CTX_free((ctx))
+__owur int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
+void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
+void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
+int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
+__owur int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type,
+ ENGINE *impl);
+__owur int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d,
+ size_t cnt);
+__owur int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md,
+ unsigned int *s);
+__owur int EVP_Digest(const void *data, size_t count,
+ unsigned char *md, unsigned int *size,
+ const EVP_MD *type, ENGINE *impl);
+
+__owur int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in);
+__owur int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+__owur int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md,
+ unsigned int *s);
+__owur int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md,
+ size_t len);
+
+__owur EVP_MD *EVP_MD_fetch(OPENSSL_CTX *ctx, const char *algorithm,
+ const char *properties);
+int EVP_MD_up_ref(EVP_MD *md);
+void EVP_MD_free(EVP_MD *md);
+
+int EVP_read_pw_string(char *buf, int length, const char *prompt, int verify);
+int EVP_read_pw_string_min(char *buf, int minlen, int maxlen,
+ const char *prompt, int verify);
+void EVP_set_pw_prompt(const char *prompt);
+char *EVP_get_pw_prompt(void);
+
+__owur int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
+ const unsigned char *salt,
+ const unsigned char *data, int datal, int count,
+ unsigned char *key, unsigned char *iv);
+
+void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags);
+void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags);
+int EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags);
+
+__owur int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
+ const unsigned char *key, const unsigned char *iv);
+/*__owur*/ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,
+ const EVP_CIPHER *cipher, ENGINE *impl,
+ const unsigned char *key,
+ const unsigned char *iv);
+/*__owur*/ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ int *outl, const unsigned char *in, int inl);
+/*__owur*/ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ int *outl);
+/*__owur*/ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ int *outl);
+
+__owur int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
+ const unsigned char *key, const unsigned char *iv);
+/*__owur*/ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx,
+ const EVP_CIPHER *cipher, ENGINE *impl,
+ const unsigned char *key,
+ const unsigned char *iv);
+/*__owur*/ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ int *outl, const unsigned char *in, int inl);
+__owur int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm,
+ int *outl);
+/*__owur*/ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm,
+ int *outl);
+
+__owur int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
+ const unsigned char *key, const unsigned char *iv,
+ int enc);
+/*__owur*/ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx,
+ const EVP_CIPHER *cipher, ENGINE *impl,
+ const unsigned char *key,
+ const unsigned char *iv, int enc);
+__owur int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ int *outl, const unsigned char *in, int inl);
+__owur int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm,
+ int *outl);
+__owur int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm,
+ int *outl);
+
+__owur int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s,
+ EVP_PKEY *pkey);
+
+__owur int EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret,
+ size_t *siglen, const unsigned char *tbs,
+ size_t tbslen);
+
+__owur int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
+ unsigned int siglen, EVP_PKEY *pkey);
+
+__owur int EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret,
+ size_t siglen, const unsigned char *tbs,
+ size_t tbslen);
+
+int EVP_DigestSignInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+ const char *mdname, const char *props, EVP_PKEY *pkey,
+ OPENSSL_CTX *libctx);
+/*__owur*/ int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+ const EVP_MD *type, ENGINE *e,
+ EVP_PKEY *pkey);
+int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *data, size_t dsize);
+__owur int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
+ size_t *siglen);
+
+int EVP_DigestVerifyInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+ const char *mdname, const char *props,
+ EVP_PKEY *pkey, OPENSSL_CTX *libctx);
+__owur int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+ const EVP_MD *type, ENGINE *e,
+ EVP_PKEY *pkey);
+int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *data, size_t dsize);
+__owur int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig,
+ size_t siglen);
+
+# ifndef OPENSSL_NO_RSA
+__owur int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+ const unsigned char *ek, int ekl,
+ const unsigned char *iv, EVP_PKEY *priv);
+__owur int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+__owur int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+ unsigned char **ek, int *ekl, unsigned char *iv,
+ EVP_PKEY **pubk, int npubk);
+__owur int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+# endif
+
+EVP_ENCODE_CTX *EVP_ENCODE_CTX_new(void);
+void EVP_ENCODE_CTX_free(EVP_ENCODE_CTX *ctx);
+int EVP_ENCODE_CTX_copy(EVP_ENCODE_CTX *dctx, const EVP_ENCODE_CTX *sctx);
+int EVP_ENCODE_CTX_num(EVP_ENCODE_CTX *ctx);
+void EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
+int EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+ const unsigned char *in, int inl);
+void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
+int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n);
+
+void EVP_DecodeInit(EVP_ENCODE_CTX *ctx);
+int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+ const unsigned char *in, int inl);
+int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned
+ char *out, int *outl);
+int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);
+
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# define EVP_CIPHER_CTX_init(c) EVP_CIPHER_CTX_reset(c)
+# define EVP_CIPHER_CTX_cleanup(c) EVP_CIPHER_CTX_reset(c)
+# endif
+EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *c);
+void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *c);
+int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *c, int pad);
+int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+int EVP_CIPHER_get_params(EVP_CIPHER *cipher, OSSL_PARAM params[]);
+int EVP_CIPHER_CTX_set_params(EVP_CIPHER_CTX *ctx, const OSSL_PARAM params[]);
+int EVP_CIPHER_CTX_get_params(EVP_CIPHER_CTX *ctx, OSSL_PARAM params[]);
+const OSSL_PARAM *EVP_CIPHER_gettable_params(const EVP_CIPHER *cipher);
+const OSSL_PARAM *EVP_CIPHER_settable_ctx_params(const EVP_CIPHER *cipher);
+const OSSL_PARAM *EVP_CIPHER_gettable_ctx_params(const EVP_CIPHER *cipher);
+
+const BIO_METHOD *BIO_f_md(void);
+const BIO_METHOD *BIO_f_base64(void);
+const BIO_METHOD *BIO_f_cipher(void);
+const BIO_METHOD *BIO_f_reliable(void);
+__owur int BIO_set_cipher(BIO *b, const EVP_CIPHER *c, const unsigned char *k,
+ const unsigned char *i, int enc);
+
+const EVP_MD *EVP_md_null(void);
+# ifndef OPENSSL_NO_MD2
+const EVP_MD *EVP_md2(void);
+# endif
+# ifndef OPENSSL_NO_MD4
+const EVP_MD *EVP_md4(void);
+# endif
+# ifndef OPENSSL_NO_MD5
+const EVP_MD *EVP_md5(void);
+const EVP_MD *EVP_md5_sha1(void);
+# endif
+# ifndef OPENSSL_NO_BLAKE2
+const EVP_MD *EVP_blake2b512(void);
+const EVP_MD *EVP_blake2s256(void);
+# endif
+const EVP_MD *EVP_sha1(void);
+const EVP_MD *EVP_sha224(void);
+const EVP_MD *EVP_sha256(void);
+const EVP_MD *EVP_sha384(void);
+const EVP_MD *EVP_sha512(void);
+const EVP_MD *EVP_sha512_224(void);
+const EVP_MD *EVP_sha512_256(void);
+const EVP_MD *EVP_sha3_224(void);
+const EVP_MD *EVP_sha3_256(void);
+const EVP_MD *EVP_sha3_384(void);
+const EVP_MD *EVP_sha3_512(void);
+const EVP_MD *EVP_shake128(void);
+const EVP_MD *EVP_shake256(void);
+
+# ifndef OPENSSL_NO_MDC2
+const EVP_MD *EVP_mdc2(void);
+# endif
+# ifndef OPENSSL_NO_RMD160
+const EVP_MD *EVP_ripemd160(void);
+# endif
+# ifndef OPENSSL_NO_WHIRLPOOL
+const EVP_MD *EVP_whirlpool(void);
+# endif
+# ifndef OPENSSL_NO_SM3
+const EVP_MD *EVP_sm3(void);
+# endif
+const EVP_CIPHER *EVP_enc_null(void); /* does nothing :-) */
+# ifndef OPENSSL_NO_DES
+const EVP_CIPHER *EVP_des_ecb(void);
+const EVP_CIPHER *EVP_des_ede(void);
+const EVP_CIPHER *EVP_des_ede3(void);
+const EVP_CIPHER *EVP_des_ede_ecb(void);
+const EVP_CIPHER *EVP_des_ede3_ecb(void);
+const EVP_CIPHER *EVP_des_cfb64(void);
+# define EVP_des_cfb EVP_des_cfb64
+const EVP_CIPHER *EVP_des_cfb1(void);
+const EVP_CIPHER *EVP_des_cfb8(void);
+const EVP_CIPHER *EVP_des_ede_cfb64(void);
+# define EVP_des_ede_cfb EVP_des_ede_cfb64
+const EVP_CIPHER *EVP_des_ede3_cfb64(void);
+# define EVP_des_ede3_cfb EVP_des_ede3_cfb64
+const EVP_CIPHER *EVP_des_ede3_cfb1(void);
+const EVP_CIPHER *EVP_des_ede3_cfb8(void);
+const EVP_CIPHER *EVP_des_ofb(void);
+const EVP_CIPHER *EVP_des_ede_ofb(void);
+const EVP_CIPHER *EVP_des_ede3_ofb(void);
+const EVP_CIPHER *EVP_des_cbc(void);
+const EVP_CIPHER *EVP_des_ede_cbc(void);
+const EVP_CIPHER *EVP_des_ede3_cbc(void);
+const EVP_CIPHER *EVP_desx_cbc(void);
+const EVP_CIPHER *EVP_des_ede3_wrap(void);
+/*
+ * This should now be supported through the dev_crypto ENGINE. But also, why
+ * are rc4 and md5 declarations made here inside a "NO_DES" precompiler
+ * branch?
+ */
+# endif
+# ifndef OPENSSL_NO_RC4
+const EVP_CIPHER *EVP_rc4(void);
+const EVP_CIPHER *EVP_rc4_40(void);
+# ifndef OPENSSL_NO_MD5
+const EVP_CIPHER *EVP_rc4_hmac_md5(void);
+# endif
+# endif
+# ifndef OPENSSL_NO_IDEA
+const EVP_CIPHER *EVP_idea_ecb(void);
+const EVP_CIPHER *EVP_idea_cfb64(void);
+# define EVP_idea_cfb EVP_idea_cfb64
+const EVP_CIPHER *EVP_idea_ofb(void);
+const EVP_CIPHER *EVP_idea_cbc(void);
+# endif
+# ifndef OPENSSL_NO_RC2
+const EVP_CIPHER *EVP_rc2_ecb(void);
+const EVP_CIPHER *EVP_rc2_cbc(void);
+const EVP_CIPHER *EVP_rc2_40_cbc(void);
+const EVP_CIPHER *EVP_rc2_64_cbc(void);
+const EVP_CIPHER *EVP_rc2_cfb64(void);
+# define EVP_rc2_cfb EVP_rc2_cfb64
+const EVP_CIPHER *EVP_rc2_ofb(void);
+# endif
+# ifndef OPENSSL_NO_BF
+const EVP_CIPHER *EVP_bf_ecb(void);
+const EVP_CIPHER *EVP_bf_cbc(void);
+const EVP_CIPHER *EVP_bf_cfb64(void);
+# define EVP_bf_cfb EVP_bf_cfb64
+const EVP_CIPHER *EVP_bf_ofb(void);
+# endif
+# ifndef OPENSSL_NO_CAST
+const EVP_CIPHER *EVP_cast5_ecb(void);
+const EVP_CIPHER *EVP_cast5_cbc(void);
+const EVP_CIPHER *EVP_cast5_cfb64(void);
+# define EVP_cast5_cfb EVP_cast5_cfb64
+const EVP_CIPHER *EVP_cast5_ofb(void);
+# endif
+# ifndef OPENSSL_NO_RC5
+const EVP_CIPHER *EVP_rc5_32_12_16_cbc(void);
+const EVP_CIPHER *EVP_rc5_32_12_16_ecb(void);
+const EVP_CIPHER *EVP_rc5_32_12_16_cfb64(void);
+# define EVP_rc5_32_12_16_cfb EVP_rc5_32_12_16_cfb64
+const EVP_CIPHER *EVP_rc5_32_12_16_ofb(void);
+# endif
+const EVP_CIPHER *EVP_aes_128_ecb(void);
+const EVP_CIPHER *EVP_aes_128_cbc(void);
+const EVP_CIPHER *EVP_aes_128_cfb1(void);
+const EVP_CIPHER *EVP_aes_128_cfb8(void);
+const EVP_CIPHER *EVP_aes_128_cfb128(void);
+# define EVP_aes_128_cfb EVP_aes_128_cfb128
+const EVP_CIPHER *EVP_aes_128_ofb(void);
+const EVP_CIPHER *EVP_aes_128_ctr(void);
+const EVP_CIPHER *EVP_aes_128_ccm(void);
+const EVP_CIPHER *EVP_aes_128_gcm(void);
+const EVP_CIPHER *EVP_aes_128_xts(void);
+const EVP_CIPHER *EVP_aes_128_wrap(void);
+const EVP_CIPHER *EVP_aes_128_wrap_pad(void);
+# ifndef OPENSSL_NO_OCB
+const EVP_CIPHER *EVP_aes_128_ocb(void);
+# endif
+const EVP_CIPHER *EVP_aes_192_ecb(void);
+const EVP_CIPHER *EVP_aes_192_cbc(void);
+const EVP_CIPHER *EVP_aes_192_cfb1(void);
+const EVP_CIPHER *EVP_aes_192_cfb8(void);
+const EVP_CIPHER *EVP_aes_192_cfb128(void);
+# define EVP_aes_192_cfb EVP_aes_192_cfb128
+const EVP_CIPHER *EVP_aes_192_ofb(void);
+const EVP_CIPHER *EVP_aes_192_ctr(void);
+const EVP_CIPHER *EVP_aes_192_ccm(void);
+const EVP_CIPHER *EVP_aes_192_gcm(void);
+const EVP_CIPHER *EVP_aes_192_wrap(void);
+const EVP_CIPHER *EVP_aes_192_wrap_pad(void);
+# ifndef OPENSSL_NO_OCB
+const EVP_CIPHER *EVP_aes_192_ocb(void);
+# endif
+const EVP_CIPHER *EVP_aes_256_ecb(void);
+const EVP_CIPHER *EVP_aes_256_cbc(void);
+const EVP_CIPHER *EVP_aes_256_cfb1(void);
+const EVP_CIPHER *EVP_aes_256_cfb8(void);
+const EVP_CIPHER *EVP_aes_256_cfb128(void);
+# define EVP_aes_256_cfb EVP_aes_256_cfb128
+const EVP_CIPHER *EVP_aes_256_ofb(void);
+const EVP_CIPHER *EVP_aes_256_ctr(void);
+const EVP_CIPHER *EVP_aes_256_ccm(void);
+const EVP_CIPHER *EVP_aes_256_gcm(void);
+const EVP_CIPHER *EVP_aes_256_xts(void);
+const EVP_CIPHER *EVP_aes_256_wrap(void);
+const EVP_CIPHER *EVP_aes_256_wrap_pad(void);
+# ifndef OPENSSL_NO_OCB
+const EVP_CIPHER *EVP_aes_256_ocb(void);
+# endif
+const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void);
+const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void);
+const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha256(void);
+const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha256(void);
+# ifndef OPENSSL_NO_SIV
+const EVP_CIPHER *EVP_aes_128_siv(void);
+const EVP_CIPHER *EVP_aes_192_siv(void);
+const EVP_CIPHER *EVP_aes_256_siv(void);
+# endif
+# ifndef OPENSSL_NO_ARIA
+const EVP_CIPHER *EVP_aria_128_ecb(void);
+const EVP_CIPHER *EVP_aria_128_cbc(void);
+const EVP_CIPHER *EVP_aria_128_cfb1(void);
+const EVP_CIPHER *EVP_aria_128_cfb8(void);
+const EVP_CIPHER *EVP_aria_128_cfb128(void);
+# define EVP_aria_128_cfb EVP_aria_128_cfb128
+const EVP_CIPHER *EVP_aria_128_ctr(void);
+const EVP_CIPHER *EVP_aria_128_ofb(void);
+const EVP_CIPHER *EVP_aria_128_gcm(void);
+const EVP_CIPHER *EVP_aria_128_ccm(void);
+const EVP_CIPHER *EVP_aria_192_ecb(void);
+const EVP_CIPHER *EVP_aria_192_cbc(void);
+const EVP_CIPHER *EVP_aria_192_cfb1(void);
+const EVP_CIPHER *EVP_aria_192_cfb8(void);
+const EVP_CIPHER *EVP_aria_192_cfb128(void);
+# define EVP_aria_192_cfb EVP_aria_192_cfb128
+const EVP_CIPHER *EVP_aria_192_ctr(void);
+const EVP_CIPHER *EVP_aria_192_ofb(void);
+const EVP_CIPHER *EVP_aria_192_gcm(void);
+const EVP_CIPHER *EVP_aria_192_ccm(void);
+const EVP_CIPHER *EVP_aria_256_ecb(void);
+const EVP_CIPHER *EVP_aria_256_cbc(void);
+const EVP_CIPHER *EVP_aria_256_cfb1(void);
+const EVP_CIPHER *EVP_aria_256_cfb8(void);
+const EVP_CIPHER *EVP_aria_256_cfb128(void);
+# define EVP_aria_256_cfb EVP_aria_256_cfb128
+const EVP_CIPHER *EVP_aria_256_ctr(void);
+const EVP_CIPHER *EVP_aria_256_ofb(void);
+const EVP_CIPHER *EVP_aria_256_gcm(void);
+const EVP_CIPHER *EVP_aria_256_ccm(void);
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+const EVP_CIPHER *EVP_camellia_128_ecb(void);
+const EVP_CIPHER *EVP_camellia_128_cbc(void);
+const EVP_CIPHER *EVP_camellia_128_cfb1(void);
+const EVP_CIPHER *EVP_camellia_128_cfb8(void);
+const EVP_CIPHER *EVP_camellia_128_cfb128(void);
+# define EVP_camellia_128_cfb EVP_camellia_128_cfb128
+const EVP_CIPHER *EVP_camellia_128_ofb(void);
+const EVP_CIPHER *EVP_camellia_128_ctr(void);
+const EVP_CIPHER *EVP_camellia_192_ecb(void);
+const EVP_CIPHER *EVP_camellia_192_cbc(void);
+const EVP_CIPHER *EVP_camellia_192_cfb1(void);
+const EVP_CIPHER *EVP_camellia_192_cfb8(void);
+const EVP_CIPHER *EVP_camellia_192_cfb128(void);
+# define EVP_camellia_192_cfb EVP_camellia_192_cfb128
+const EVP_CIPHER *EVP_camellia_192_ofb(void);
+const EVP_CIPHER *EVP_camellia_192_ctr(void);
+const EVP_CIPHER *EVP_camellia_256_ecb(void);
+const EVP_CIPHER *EVP_camellia_256_cbc(void);
+const EVP_CIPHER *EVP_camellia_256_cfb1(void);
+const EVP_CIPHER *EVP_camellia_256_cfb8(void);
+const EVP_CIPHER *EVP_camellia_256_cfb128(void);
+# define EVP_camellia_256_cfb EVP_camellia_256_cfb128
+const EVP_CIPHER *EVP_camellia_256_ofb(void);
+const EVP_CIPHER *EVP_camellia_256_ctr(void);
+# endif
+# ifndef OPENSSL_NO_CHACHA
+const EVP_CIPHER *EVP_chacha20(void);
+# ifndef OPENSSL_NO_POLY1305
+const EVP_CIPHER *EVP_chacha20_poly1305(void);
+# endif
+# endif
+
+# ifndef OPENSSL_NO_SEED
+const EVP_CIPHER *EVP_seed_ecb(void);
+const EVP_CIPHER *EVP_seed_cbc(void);
+const EVP_CIPHER *EVP_seed_cfb128(void);
+# define EVP_seed_cfb EVP_seed_cfb128
+const EVP_CIPHER *EVP_seed_ofb(void);
+# endif
+
+# ifndef OPENSSL_NO_SM4
+const EVP_CIPHER *EVP_sm4_ecb(void);
+const EVP_CIPHER *EVP_sm4_cbc(void);
+const EVP_CIPHER *EVP_sm4_cfb128(void);
+# define EVP_sm4_cfb EVP_sm4_cfb128
+const EVP_CIPHER *EVP_sm4_ofb(void);
+const EVP_CIPHER *EVP_sm4_ctr(void);
+# endif
+
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# define OPENSSL_add_all_algorithms_conf() \
+ OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \
+ | OPENSSL_INIT_ADD_ALL_DIGESTS \
+ | OPENSSL_INIT_LOAD_CONFIG, NULL)
+# define OPENSSL_add_all_algorithms_noconf() \
+ OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \
+ | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL)
+
+# ifdef OPENSSL_LOAD_CONF
+# define OpenSSL_add_all_algorithms() OPENSSL_add_all_algorithms_conf()
+# else
+# define OpenSSL_add_all_algorithms() OPENSSL_add_all_algorithms_noconf()
+# endif
+
+# define OpenSSL_add_all_ciphers() \
+ OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS, NULL)
+# define OpenSSL_add_all_digests() \
+ OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_DIGESTS, NULL)
+
+# define EVP_cleanup() while(0) continue
+# endif
+
+int EVP_add_cipher(const EVP_CIPHER *cipher);
+int EVP_add_digest(const EVP_MD *digest);
+
+const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+const EVP_MD *EVP_get_digestbyname(const char *name);
+
+void EVP_CIPHER_do_all(void (*fn) (const EVP_CIPHER *ciph,
+ const char *from, const char *to, void *x),
+ void *arg);
+void EVP_CIPHER_do_all_sorted(void (*fn)
+ (const EVP_CIPHER *ciph, const char *from,
+ const char *to, void *x), void *arg);
+void EVP_CIPHER_do_all_provided(OPENSSL_CTX *libctx,
+ void (*fn)(EVP_CIPHER *cipher, void *arg),
+ void *arg);
+
+void EVP_MD_do_all(void (*fn) (const EVP_MD *ciph,
+ const char *from, const char *to, void *x),
+ void *arg);
+void EVP_MD_do_all_sorted(void (*fn)
+ (const EVP_MD *ciph, const char *from,
+ const char *to, void *x), void *arg);
+void EVP_MD_do_all_provided(OPENSSL_CTX *libctx,
+ void (*fn)(EVP_MD *md, void *arg),
+ void *arg);
+
+/* RAND stuff */
+EVP_RAND *EVP_RAND_fetch(OPENSSL_CTX *libctx, const char *algorithm,
+ const char *properties);
+int EVP_RAND_up_ref(EVP_RAND *rand);
+void EVP_RAND_free(EVP_RAND *rand);
+int EVP_RAND_number(const EVP_RAND *rand);
+const char *EVP_RAND_name(const EVP_RAND *rand);
+int EVP_RAND_is_a(const EVP_RAND *rand, const char *name);
+const OSSL_PROVIDER *EVP_RAND_provider(const EVP_RAND *rand);
+int EVP_RAND_get_params(EVP_RAND *rand, OSSL_PARAM params[]);
+
+EVP_RAND_CTX *EVP_RAND_CTX_new(EVP_RAND *rand, EVP_RAND_CTX *parent);
+void EVP_RAND_CTX_free(EVP_RAND_CTX *ctx);
+EVP_RAND *EVP_RAND_CTX_rand(EVP_RAND_CTX *ctx);
+int EVP_RAND_get_ctx_params(EVP_RAND_CTX *ctx, OSSL_PARAM params[]);
+int EVP_RAND_set_ctx_params(EVP_RAND_CTX *ctx, const OSSL_PARAM params[]);
+const OSSL_PARAM *EVP_RAND_gettable_params(const EVP_RAND *rand);
+const OSSL_PARAM *EVP_RAND_gettable_ctx_params(const EVP_RAND *rand);
+const OSSL_PARAM *EVP_RAND_settable_ctx_params(const EVP_RAND *rand);
+
+void EVP_RAND_do_all_provided(OPENSSL_CTX *libctx,
+ void (*fn)(EVP_RAND *rand, void *arg),
+ void *arg);
+void EVP_RAND_names_do_all(const EVP_RAND *rand,
+ void (*fn)(const char *name, void *data),
+ void *data);
+
+__owur int EVP_RAND_instantiate(EVP_RAND_CTX *ctx, unsigned int strength,
+ int prediction_resistance,
+ const unsigned char *pstr, size_t pstr_len);
+int EVP_RAND_uninstantiate(EVP_RAND_CTX *ctx);
+__owur int EVP_RAND_generate(EVP_RAND_CTX *ctx, unsigned char *out,
+ size_t outlen, unsigned int strength,
+ int prediction_resistance,
+ const unsigned char *addin, size_t addin_len);
+int EVP_RAND_reseed(EVP_RAND_CTX *ctx, int prediction_resistance,
+ const unsigned char *ent, size_t ent_len,
+ const unsigned char *addin, size_t addin_len);
+__owur int EVP_RAND_nonce(EVP_RAND_CTX *ctx, unsigned char *out, size_t outlen);
+__owur int EVP_RAND_enable_locking(EVP_RAND_CTX *ctx);
+int EVP_RAND_set_callbacks(EVP_RAND_CTX *ctx,
+ OSSL_INOUT_CALLBACK *get_entropy,
+ OSSL_CALLBACK *cleanup_entropy,
+ OSSL_INOUT_CALLBACK *get_nonce,
+ OSSL_CALLBACK *cleanup_nonce, void *arg);
+int EVP_RAND_verify_zeroization(EVP_RAND_CTX *ctx);
+unsigned int EVP_RAND_strength(EVP_RAND_CTX *ctx);
+int EVP_RAND_state(EVP_RAND_CTX *ctx);
+
+#define EVP_RAND_STATE_UNINITIALISED 0
+#define EVP_RAND_STATE_READY 1
+#define EVP_RAND_STATE_ERROR 2
+
+/* PKEY stuff */
+DEPRECATEDIN_3_0(int EVP_PKEY_decrypt_old(unsigned char *dec_key,
+ const unsigned char *enc_key,
+ int enc_key_len,
+ EVP_PKEY *private_key))
+DEPRECATEDIN_3_0(int EVP_PKEY_encrypt_old(unsigned char *enc_key,
+ const unsigned char *key,
+ int key_len, EVP_PKEY *pub_key))
+int EVP_PKEY_is_a(const EVP_PKEY *pkey, const char *name);
+int EVP_PKEY_type(int type);
+int EVP_PKEY_id(const EVP_PKEY *pkey);
+int EVP_PKEY_base_id(const EVP_PKEY *pkey);
+int EVP_PKEY_bits(const EVP_PKEY *pkey);
+int EVP_PKEY_security_bits(const EVP_PKEY *pkey);
+int EVP_PKEY_size(const EVP_PKEY *pkey);
+int EVP_PKEY_can_sign(const EVP_PKEY *pkey);
+int EVP_PKEY_set_type(EVP_PKEY *pkey, int type);
+int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len);
+int EVP_PKEY_set_type_by_keymgmt(EVP_PKEY *pkey, EVP_KEYMGMT *keymgmt);
+int EVP_PKEY_set_alias_type(EVP_PKEY *pkey, int type);
+# ifndef OPENSSL_NO_ENGINE
+int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *e);
+ENGINE *EVP_PKEY_get0_engine(const EVP_PKEY *pkey);
+# endif
+int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key);
+void *EVP_PKEY_get0(const EVP_PKEY *pkey);
+const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len);
+# ifndef OPENSSL_NO_POLY1305
+const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len);
+# endif
+# ifndef OPENSSL_NO_SIPHASH
+const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len);
+# endif
+
+# ifndef OPENSSL_NO_RSA
+struct rsa_st;
+int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, struct rsa_st *key);
+struct rsa_st *EVP_PKEY_get0_RSA(const EVP_PKEY *pkey);
+struct rsa_st *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
+# endif
+# ifndef OPENSSL_NO_DSA
+struct dsa_st;
+int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, struct dsa_st *key);
+struct dsa_st *EVP_PKEY_get0_DSA(const EVP_PKEY *pkey);
+struct dsa_st *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
+# endif
+# ifndef OPENSSL_NO_DH
+struct dh_st;
+int EVP_PKEY_set1_DH(EVP_PKEY *pkey, struct dh_st *key);
+struct dh_st *EVP_PKEY_get0_DH(const EVP_PKEY *pkey);
+struct dh_st *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
+# endif
+# ifndef OPENSSL_NO_EC
+struct ec_key_st;
+int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, struct ec_key_st *key);
+struct ec_key_st *EVP_PKEY_get0_EC_KEY(const EVP_PKEY *pkey);
+struct ec_key_st *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
+# endif
+
+EVP_PKEY *EVP_PKEY_new(void);
+int EVP_PKEY_up_ref(EVP_PKEY *pkey);
+void EVP_PKEY_free(EVP_PKEY *pkey);
+
+EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
+ long length);
+int i2d_PublicKey(const EVP_PKEY *a, unsigned char **pp);
+
+
+EVP_PKEY *d2i_PrivateKey_ex(int type, EVP_PKEY **a, const unsigned char **pp,
+ long length, OPENSSL_CTX *libctx, const char *propq);
+EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
+ long length);
+EVP_PKEY *d2i_AutoPrivateKey_ex(EVP_PKEY **a, const unsigned char **pp,
+ long length, OPENSSL_CTX *libctx,
+ const char *propq);
+EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
+ long length);
+int i2d_PrivateKey(const EVP_PKEY *a, unsigned char **pp);
+
+int i2d_KeyParams(const EVP_PKEY *a, unsigned char **pp);
+EVP_PKEY *d2i_KeyParams(int type, EVP_PKEY **a, const unsigned char **pp,
+ long length);
+int i2d_KeyParams_bio(BIO *bp, const EVP_PKEY *pkey);
+EVP_PKEY *d2i_KeyParams_bio(int type, EVP_PKEY **a, BIO *in);
+
+int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from);
+int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey);
+int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode);
+#ifndef OPENSSL_NO_DEPRECATED_3_0
+int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b);
+#endif
+int EVP_PKEY_parameters_eq(const EVP_PKEY *a, const EVP_PKEY *b);
+
+#ifndef OPENSSL_NO_DEPRECATED_3_0
+int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b);
+#endif
+int EVP_PKEY_eq(const EVP_PKEY *a, const EVP_PKEY *b);
+
+int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey,
+ int indent, ASN1_PCTX *pctx);
+int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
+ int indent, ASN1_PCTX *pctx);
+int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
+ int indent, ASN1_PCTX *pctx);
+
+int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid);
+int EVP_PKEY_get_default_digest_name(EVP_PKEY *pkey,
+ char *mdname, size_t mdname_sz);
+int EVP_PKEY_supports_digest_nid(EVP_PKEY *pkey, int nid);
+
+int EVP_PKEY_set1_tls_encodedpoint(EVP_PKEY *pkey,
+ const unsigned char *pt, size_t ptlen);
+size_t EVP_PKEY_get1_tls_encodedpoint(EVP_PKEY *pkey, unsigned char **ppt);
+
+int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+/* calls methods */
+int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+
+/* These are used by EVP_CIPHER methods */
+int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+
+/* PKCS5 password based encryption */
+int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
+ ASN1_TYPE *param, const EVP_CIPHER *cipher,
+ const EVP_MD *md, int en_de);
+int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
+ const unsigned char *salt, int saltlen, int iter,
+ int keylen, unsigned char *out);
+int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
+ const unsigned char *salt, int saltlen, int iter,
+ const EVP_MD *digest, int keylen, unsigned char *out);
+int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
+ ASN1_TYPE *param, const EVP_CIPHER *cipher,
+ const EVP_MD *md, int en_de);
+
+#ifndef OPENSSL_NO_SCRYPT
+int EVP_PBE_scrypt(const char *pass, size_t passlen,
+ const unsigned char *salt, size_t saltlen,
+ uint64_t N, uint64_t r, uint64_t p, uint64_t maxmem,
+ unsigned char *key, size_t keylen);
+
+int PKCS5_v2_scrypt_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass,
+ int passlen, ASN1_TYPE *param,
+ const EVP_CIPHER *c, const EVP_MD *md, int en_de);
+#endif
+
+void PKCS5_PBE_add(void);
+
+int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
+ ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de);
+
+/* PBE type */
+
+/* Can appear as the outermost AlgorithmIdentifier */
+# define EVP_PBE_TYPE_OUTER 0x0
+/* Is an PRF type OID */
+# define EVP_PBE_TYPE_PRF 0x1
+/* Is a PKCS#5 v2.0 KDF */
+# define EVP_PBE_TYPE_KDF 0x2
+
+int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid,
+ int md_nid, EVP_PBE_KEYGEN *keygen);
+int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
+ EVP_PBE_KEYGEN *keygen);
+int EVP_PBE_find(int type, int pbe_nid, int *pcnid, int *pmnid,
+ EVP_PBE_KEYGEN **pkeygen);
+void EVP_PBE_cleanup(void);
+int EVP_PBE_get(int *ptype, int *ppbe_nid, size_t num);
+
+# define ASN1_PKEY_ALIAS 0x1
+# define ASN1_PKEY_DYNAMIC 0x2
+# define ASN1_PKEY_SIGPARAM_NULL 0x4
+
+# define ASN1_PKEY_CTRL_PKCS7_SIGN 0x1
+# define ASN1_PKEY_CTRL_PKCS7_ENCRYPT 0x2
+# define ASN1_PKEY_CTRL_DEFAULT_MD_NID 0x3
+# define ASN1_PKEY_CTRL_CMS_SIGN 0x5
+# define ASN1_PKEY_CTRL_CMS_ENVELOPE 0x7
+# define ASN1_PKEY_CTRL_CMS_RI_TYPE 0x8
+
+# define ASN1_PKEY_CTRL_SET1_TLS_ENCPT 0x9
+# define ASN1_PKEY_CTRL_GET1_TLS_ENCPT 0xa
+# define ASN1_PKEY_CTRL_SUPPORTS_MD_NID 0xb
+# define ASN1_PKEY_CTRL_CMS_IS_RI_TYPE_SUPPORTED 0xc
+
+int EVP_PKEY_asn1_get_count(void);
+const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx);
+const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type);
+const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe,
+ const char *str, int len);
+int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
+int EVP_PKEY_asn1_add_alias(int to, int from);
+int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *pkey_base_id,
+ int *ppkey_flags, const char **pinfo,
+ const char **ppem_str,
+ const EVP_PKEY_ASN1_METHOD *ameth);
+
+const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(const EVP_PKEY *pkey);
+EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
+ const char *pem_str,
+ const char *info);
+void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
+ const EVP_PKEY_ASN1_METHOD *src);
+void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
+void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
+ int (*pub_decode) (EVP_PKEY *pk,
+ const X509_PUBKEY *pub),
+ int (*pub_encode) (X509_PUBKEY *pub,
+ const EVP_PKEY *pk),
+ int (*pub_cmp) (const EVP_PKEY *a,
+ const EVP_PKEY *b),
+ int (*pub_print) (BIO *out,
+ const EVP_PKEY *pkey,
+ int indent, ASN1_PCTX *pctx),
+ int (*pkey_size) (const EVP_PKEY *pk),
+ int (*pkey_bits) (const EVP_PKEY *pk));
+void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
+ int (*priv_decode) (EVP_PKEY *pk,
+ const PKCS8_PRIV_KEY_INFO
+ *p8inf),
+ int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8,
+ const EVP_PKEY *pk),
+ int (*priv_print) (BIO *out,
+ const EVP_PKEY *pkey,
+ int indent,
+ ASN1_PCTX *pctx));
+void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
+ int (*param_decode) (EVP_PKEY *pkey,
+ const unsigned char **pder,
+ int derlen),
+ int (*param_encode) (const EVP_PKEY *pkey,
+ unsigned char **pder),
+ int (*param_missing) (const EVP_PKEY *pk),
+ int (*param_copy) (EVP_PKEY *to,
+ const EVP_PKEY *from),
+ int (*param_cmp) (const EVP_PKEY *a,
+ const EVP_PKEY *b),
+ int (*param_print) (BIO *out,
+ const EVP_PKEY *pkey,
+ int indent,
+ ASN1_PCTX *pctx));
+
+void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
+ void (*pkey_free) (EVP_PKEY *pkey));
+void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
+ int (*pkey_ctrl) (EVP_PKEY *pkey, int op,
+ long arg1, void *arg2));
+void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth,
+ int (*item_verify) (EVP_MD_CTX *ctx,
+ const ASN1_ITEM *it,
+ void *asn,
+ X509_ALGOR *a,
+ ASN1_BIT_STRING *sig,
+ EVP_PKEY *pkey),
+ int (*item_sign) (EVP_MD_CTX *ctx,
+ const ASN1_ITEM *it,
+ void *asn,
+ X509_ALGOR *alg1,
+ X509_ALGOR *alg2,
+ ASN1_BIT_STRING *sig));
+
+void EVP_PKEY_asn1_set_siginf(EVP_PKEY_ASN1_METHOD *ameth,
+ int (*siginf_set) (X509_SIG_INFO *siginf,
+ const X509_ALGOR *alg,
+ const ASN1_STRING *sig));
+
+void EVP_PKEY_asn1_set_check(EVP_PKEY_ASN1_METHOD *ameth,
+ int (*pkey_check) (const EVP_PKEY *pk));
+
+void EVP_PKEY_asn1_set_public_check(EVP_PKEY_ASN1_METHOD *ameth,
+ int (*pkey_pub_check) (const EVP_PKEY *pk));
+
+void EVP_PKEY_asn1_set_param_check(EVP_PKEY_ASN1_METHOD *ameth,
+ int (*pkey_param_check) (const EVP_PKEY *pk));
+
+void EVP_PKEY_asn1_set_set_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+ int (*set_priv_key) (EVP_PKEY *pk,
+ const unsigned char
+ *priv,
+ size_t len));
+void EVP_PKEY_asn1_set_set_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+ int (*set_pub_key) (EVP_PKEY *pk,
+ const unsigned char *pub,
+ size_t len));
+void EVP_PKEY_asn1_set_get_priv_key(EVP_PKEY_ASN1_METHOD *ameth,
+ int (*get_priv_key) (const EVP_PKEY *pk,
+ unsigned char *priv,
+ size_t *len));
+void EVP_PKEY_asn1_set_get_pub_key(EVP_PKEY_ASN1_METHOD *ameth,
+ int (*get_pub_key) (const EVP_PKEY *pk,
+ unsigned char *pub,
+ size_t *len));
+
+void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth,
+ int (*pkey_security_bits) (const EVP_PKEY
+ *pk));
+
+int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+
+# define EVP_PKEY_OP_UNDEFINED 0
+# define EVP_PKEY_OP_PARAMGEN (1<<1)
+# define EVP_PKEY_OP_KEYGEN (1<<2)
+# define EVP_PKEY_OP_PARAMFROMDATA (1<<3)
+# define EVP_PKEY_OP_KEYFROMDATA (1<<4)
+# define EVP_PKEY_OP_SIGN (1<<5)
+# define EVP_PKEY_OP_VERIFY (1<<6)
+# define EVP_PKEY_OP_VERIFYRECOVER (1<<7)
+# define EVP_PKEY_OP_SIGNCTX (1<<8)
+# define EVP_PKEY_OP_VERIFYCTX (1<<9)
+# define EVP_PKEY_OP_ENCRYPT (1<<10)
+# define EVP_PKEY_OP_DECRYPT (1<<11)
+# define EVP_PKEY_OP_DERIVE (1<<12)
+
+# define EVP_PKEY_OP_TYPE_SIG \
+ (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY | EVP_PKEY_OP_VERIFYRECOVER \
+ | EVP_PKEY_OP_SIGNCTX | EVP_PKEY_OP_VERIFYCTX)
+
+# define EVP_PKEY_OP_TYPE_CRYPT \
+ (EVP_PKEY_OP_ENCRYPT | EVP_PKEY_OP_DECRYPT)
+
+# define EVP_PKEY_OP_TYPE_NOGEN \
+ (EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT | EVP_PKEY_OP_DERIVE)
+
+# define EVP_PKEY_OP_TYPE_GEN \
+ (EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN)
+
+# define EVP_PKEY_OP_TYPE_FROMDATA \
+ (EVP_PKEY_OP_PARAMFROMDATA | EVP_PKEY_OP_KEYFROMDATA)
+
+# define EVP_PKEY_CTX_set_mac_key(ctx, key, len) \
+ EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_KEYGEN, \
+ EVP_PKEY_CTRL_SET_MAC_KEY, len, (void *)(key))
+
+# define EVP_PKEY_CTRL_MD 1
+# define EVP_PKEY_CTRL_PEER_KEY 2
+
+# define EVP_PKEY_CTRL_PKCS7_ENCRYPT 3
+# define EVP_PKEY_CTRL_PKCS7_DECRYPT 4
+
+# define EVP_PKEY_CTRL_PKCS7_SIGN 5
+
+# define EVP_PKEY_CTRL_SET_MAC_KEY 6
+
+# define EVP_PKEY_CTRL_DIGESTINIT 7
+
+/* Used by GOST key encryption in TLS */
+# define EVP_PKEY_CTRL_SET_IV 8
+
+# define EVP_PKEY_CTRL_CMS_ENCRYPT 9
+# define EVP_PKEY_CTRL_CMS_DECRYPT 10
+# define EVP_PKEY_CTRL_CMS_SIGN 11
+
+# define EVP_PKEY_CTRL_CIPHER 12
+
+# define EVP_PKEY_CTRL_GET_MD 13
+
+# define EVP_PKEY_CTRL_SET_DIGEST_SIZE 14
+
+# define EVP_PKEY_ALG_CTRL 0x1000
+
+# define EVP_PKEY_FLAG_AUTOARGLEN 2
+/*
+ * Method handles all operations: don't assume any digest related defaults.
+ */
+# define EVP_PKEY_FLAG_SIGCTX_CUSTOM 4
+
+const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags,
+ const EVP_PKEY_METHOD *meth);
+void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+size_t EVP_PKEY_meth_get_count(void);
+const EVP_PKEY_METHOD *EVP_PKEY_meth_get0(size_t idx);
+
+EVP_KEYMGMT *EVP_KEYMGMT_fetch(OPENSSL_CTX *ctx, const char *algorithm,
+ const char *properties);
+int EVP_KEYMGMT_up_ref(EVP_KEYMGMT *keymgmt);
+void EVP_KEYMGMT_free(EVP_KEYMGMT *keymgmt);
+const OSSL_PROVIDER *EVP_KEYMGMT_provider(const EVP_KEYMGMT *keymgmt);
+int EVP_KEYMGMT_number(const EVP_KEYMGMT *keymgmt);
+int EVP_KEYMGMT_is_a(const EVP_KEYMGMT *keymgmt, const char *name);
+void EVP_KEYMGMT_do_all_provided(OPENSSL_CTX *libctx,
+ void (*fn)(EVP_KEYMGMT *keymgmt, void *arg),
+ void *arg);
+void EVP_KEYMGMT_names_do_all(const EVP_KEYMGMT *keymgmt,
+ void (*fn)(const char *name, void *data),
+ void *data);
+
+EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
+EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
+EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_name(OPENSSL_CTX *libctx,
+ const char *name,
+ const char *propquery);
+EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_pkey(OPENSSL_CTX *libctx,
+ EVP_PKEY *pkey, const char *propquery);
+EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *ctx);
+void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);
+
+int EVP_PKEY_CTX_get_params(EVP_PKEY_CTX *ctx, OSSL_PARAM *params);
+const OSSL_PARAM *EVP_PKEY_CTX_gettable_params(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_CTX_set_params(EVP_PKEY_CTX *ctx, OSSL_PARAM *params);
+const OSSL_PARAM *EVP_PKEY_CTX_settable_params(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+ int cmd, int p1, void *p2);
+int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+ const char *value);
+int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
+ int cmd, uint64_t value);
+
+int EVP_PKEY_CTX_str2ctrl(EVP_PKEY_CTX *ctx, int cmd, const char *str);
+int EVP_PKEY_CTX_hex2ctrl(EVP_PKEY_CTX *ctx, int cmd, const char *hex);
+
+int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md);
+
+int EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx);
+void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen);
+
+EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e,
+ const unsigned char *key, int keylen);
+EVP_PKEY *EVP_PKEY_new_raw_private_key_with_libctx(OPENSSL_CTX *libctx,
+ const char *keytype,
+ const char *propq,
+ const unsigned char *priv,
+ size_t len);
+EVP_PKEY *EVP_PKEY_new_raw_private_key(int type, ENGINE *e,
+ const unsigned char *priv,
+ size_t len);
+EVP_PKEY *EVP_PKEY_new_raw_public_key_with_libctx(OPENSSL_CTX *libctx,
+ const char *keytype,
+ const char *propq,
+ const unsigned char *pub,
+ size_t len);
+EVP_PKEY *EVP_PKEY_new_raw_public_key(int type, ENGINE *e,
+ const unsigned char *pub,
+ size_t len);
+int EVP_PKEY_get_raw_private_key(const EVP_PKEY *pkey, unsigned char *priv,
+ size_t *len);
+int EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey, unsigned char *pub,
+ size_t *len);
+
+EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv,
+ size_t len, const EVP_CIPHER *cipher);
+
+void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data);
+void *EVP_PKEY_CTX_get_data(const EVP_PKEY_CTX *ctx);
+EVP_PKEY *EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx);
+
+EVP_PKEY *EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx);
+
+void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data);
+void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx);
+
+void EVP_SIGNATURE_free(EVP_SIGNATURE *signature);
+int EVP_SIGNATURE_up_ref(EVP_SIGNATURE *signature);
+OSSL_PROVIDER *EVP_SIGNATURE_provider(const EVP_SIGNATURE *signature);
+EVP_SIGNATURE *EVP_SIGNATURE_fetch(OPENSSL_CTX *ctx, const char *algorithm,
+ const char *properties);
+int EVP_SIGNATURE_is_a(const EVP_SIGNATURE *signature, const char *name);
+int EVP_SIGNATURE_number(const EVP_SIGNATURE *signature);
+void EVP_SIGNATURE_do_all_provided(OPENSSL_CTX *libctx,
+ void (*fn)(EVP_SIGNATURE *signature,
+ void *data),
+ void *data);
+void EVP_SIGNATURE_names_do_all(const EVP_SIGNATURE *signature,
+ void (*fn)(const char *name, void *data),
+ void *data);
+
+void EVP_ASYM_CIPHER_free(EVP_ASYM_CIPHER *cipher);
+int EVP_ASYM_CIPHER_up_ref(EVP_ASYM_CIPHER *cipher);
+OSSL_PROVIDER *EVP_ASYM_CIPHER_provider(const EVP_ASYM_CIPHER *cipher);
+EVP_ASYM_CIPHER *EVP_ASYM_CIPHER_fetch(OPENSSL_CTX *ctx, const char *algorithm,
+ const char *properties);
+int EVP_ASYM_CIPHER_is_a(const EVP_ASYM_CIPHER *cipher, const char *name);
+int EVP_ASYM_CIPHER_number(const EVP_ASYM_CIPHER *cipher);
+void EVP_ASYM_CIPHER_do_all_provided(OPENSSL_CTX *libctx,
+ void (*fn)(EVP_ASYM_CIPHER *cipher,
+ void *arg),
+ void *arg);
+void EVP_ASYM_CIPHER_names_do_all(const EVP_ASYM_CIPHER *cipher,
+ void (*fn)(const char *name, void *data),
+ void *data);
+
+int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
+ unsigned char *sig, size_t *siglen,
+ const unsigned char *tbs, size_t tbslen);
+int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_verify(EVP_PKEY_CTX *ctx,
+ const unsigned char *sig, size_t siglen,
+ const unsigned char *tbs, size_t tbslen);
+int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx,
+ unsigned char *rout, size_t *routlen,
+ const unsigned char *sig, size_t siglen);
+int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
+ unsigned char *out, size_t *outlen,
+ const unsigned char *in, size_t inlen);
+int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
+ unsigned char *out, size_t *outlen,
+ const unsigned char *in, size_t inlen);
+
+int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer);
+int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
+
+typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx);
+
+int EVP_PKEY_param_fromdata_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_key_fromdata_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_fromdata(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey, OSSL_PARAM param[]);
+const OSSL_PARAM *EVP_PKEY_param_fromdata_settable(EVP_PKEY_CTX *ctx);
+const OSSL_PARAM *EVP_PKEY_key_fromdata_settable(EVP_PKEY_CTX *ctx);
+const OSSL_PARAM *EVP_PKEY_gettable_params(EVP_PKEY *pkey);
+int EVP_PKEY_get_int_param(EVP_PKEY *pkey, const char *key_name, int *out);
+int EVP_PKEY_get_size_t_param(EVP_PKEY *pkey, const char *key_name, size_t *out);
+int EVP_PKEY_get_bn_param(EVP_PKEY *pkey, const char *key_name, BIGNUM **bn);
+int EVP_PKEY_get_utf8_string_param(EVP_PKEY *pkey, const char *key_name,
+ char *str, size_t max_buf_sz, size_t *out_sz);
+int EVP_PKEY_get_octet_string_param(EVP_PKEY *pkey, const char *key_name,
+ unsigned char *buf, size_t max_buf_sz,
+ size_t *out_sz);
+
+int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+int EVP_PKEY_gen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+int EVP_PKEY_check(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_public_check(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_param_check(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_private_check(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_pairwise_check(EVP_PKEY_CTX *ctx);
+
+# define EVP_PKEY_get_ex_new_index(l, p, newf, dupf, freef) \
+ CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_EVP_PKEY, l, p, newf, dupf, freef)
+int EVP_PKEY_set_ex_data(EVP_PKEY *key, int idx, void *arg);
+void *EVP_PKEY_get_ex_data(const EVP_PKEY *key, int idx);
+
+void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb);
+EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
+
+int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx);
+
+void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+ int (*init) (EVP_PKEY_CTX *ctx));
+
+void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+ int (*copy) (EVP_PKEY_CTX *dst,
+ const EVP_PKEY_CTX *src));
+
+void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+ void (*cleanup) (EVP_PKEY_CTX *ctx));
+
+void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+ int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+ int (*paramgen) (EVP_PKEY_CTX *ctx,
+ EVP_PKEY *pkey));
+
+void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+ int (*keygen_init) (EVP_PKEY_CTX *ctx),
+ int (*keygen) (EVP_PKEY_CTX *ctx,
+ EVP_PKEY *pkey));
+
+void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+ int (*sign_init) (EVP_PKEY_CTX *ctx),
+ int (*sign) (EVP_PKEY_CTX *ctx,
+ unsigned char *sig, size_t *siglen,
+ const unsigned char *tbs,
+ size_t tbslen));
+
+void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+ int (*verify_init) (EVP_PKEY_CTX *ctx),
+ int (*verify) (EVP_PKEY_CTX *ctx,
+ const unsigned char *sig,
+ size_t siglen,
+ const unsigned char *tbs,
+ size_t tbslen));
+
+void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+ int (*verify_recover_init) (EVP_PKEY_CTX
+ *ctx),
+ int (*verify_recover) (EVP_PKEY_CTX
+ *ctx,
+ unsigned char
+ *sig,
+ size_t *siglen,
+ const unsigned
+ char *tbs,
+ size_t tbslen));
+
+void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+ int (*signctx_init) (EVP_PKEY_CTX *ctx,
+ EVP_MD_CTX *mctx),
+ int (*signctx) (EVP_PKEY_CTX *ctx,
+ unsigned char *sig,
+ size_t *siglen,
+ EVP_MD_CTX *mctx));
+
+void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+ int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+ EVP_MD_CTX *mctx),
+ int (*verifyctx) (EVP_PKEY_CTX *ctx,
+ const unsigned char *sig,
+ int siglen,
+ EVP_MD_CTX *mctx));
+
+void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+ int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+ int (*encryptfn) (EVP_PKEY_CTX *ctx,
+ unsigned char *out,
+ size_t *outlen,
+ const unsigned char *in,
+ size_t inlen));
+
+void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+ int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+ int (*decrypt) (EVP_PKEY_CTX *ctx,
+ unsigned char *out,
+ size_t *outlen,
+ const unsigned char *in,
+ size_t inlen));
+
+void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+ int (*derive_init) (EVP_PKEY_CTX *ctx),
+ int (*derive) (EVP_PKEY_CTX *ctx,
+ unsigned char *key,
+ size_t *keylen));
+
+void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+ int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+ void *p2),
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+ const char *type,
+ const char *value));
+
+void EVP_PKEY_meth_set_digestsign(EVP_PKEY_METHOD *pmeth,
+ int (*digestsign) (EVP_MD_CTX *ctx,
+ unsigned char *sig,
+ size_t *siglen,
+ const unsigned char *tbs,
+ size_t tbslen));
+
+void EVP_PKEY_meth_set_digestverify(EVP_PKEY_METHOD *pmeth,
+ int (*digestverify) (EVP_MD_CTX *ctx,
+ const unsigned char *sig,
+ size_t siglen,
+ const unsigned char *tbs,
+ size_t tbslen));
+
+void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
+ int (*check) (EVP_PKEY *pkey));
+
+void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
+ int (*check) (EVP_PKEY *pkey));
+
+void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
+ int (*check) (EVP_PKEY *pkey));
+
+void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
+ int (*digest_custom) (EVP_PKEY_CTX *ctx,
+ EVP_MD_CTX *mctx));
+
+void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
+ int (**pinit) (EVP_PKEY_CTX *ctx));
+
+void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
+ int (**pcopy) (EVP_PKEY_CTX *dst,
+ const EVP_PKEY_CTX *src));
+
+void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
+ void (**pcleanup) (EVP_PKEY_CTX *ctx));
+
+void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
+ int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+ int (**pparamgen) (EVP_PKEY_CTX *ctx,
+ EVP_PKEY *pkey));
+
+void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
+ int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+ int (**pkeygen) (EVP_PKEY_CTX *ctx,
+ EVP_PKEY *pkey));
+
+void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
+ int (**psign_init) (EVP_PKEY_CTX *ctx),
+ int (**psign) (EVP_PKEY_CTX *ctx,
+ unsigned char *sig, size_t *siglen,
+ const unsigned char *tbs,
+ size_t tbslen));
+
+void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
+ int (**pverify_init) (EVP_PKEY_CTX *ctx),
+ int (**pverify) (EVP_PKEY_CTX *ctx,
+ const unsigned char *sig,
+ size_t siglen,
+ const unsigned char *tbs,
+ size_t tbslen));
+
+void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
+ int (**pverify_recover_init) (EVP_PKEY_CTX
+ *ctx),
+ int (**pverify_recover) (EVP_PKEY_CTX
+ *ctx,
+ unsigned char
+ *sig,
+ size_t *siglen,
+ const unsigned
+ char *tbs,
+ size_t tbslen));
+
+void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
+ int (**psignctx_init) (EVP_PKEY_CTX *ctx,
+ EVP_MD_CTX *mctx),
+ int (**psignctx) (EVP_PKEY_CTX *ctx,
+ unsigned char *sig,
+ size_t *siglen,
+ EVP_MD_CTX *mctx));
+
+void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
+ int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
+ EVP_MD_CTX *mctx),
+ int (**pverifyctx) (EVP_PKEY_CTX *ctx,
+ const unsigned char *sig,
+ int siglen,
+ EVP_MD_CTX *mctx));
+
+void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
+ int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+ int (**pencryptfn) (EVP_PKEY_CTX *ctx,
+ unsigned char *out,
+ size_t *outlen,
+ const unsigned char *in,
+ size_t inlen));
+
+void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
+ int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+ int (**pdecrypt) (EVP_PKEY_CTX *ctx,
+ unsigned char *out,
+ size_t *outlen,
+ const unsigned char *in,
+ size_t inlen));
+
+void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
+ int (**pderive_init) (EVP_PKEY_CTX *ctx),
+ int (**pderive) (EVP_PKEY_CTX *ctx,
+ unsigned char *key,
+ size_t *keylen));
+
+void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
+ int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+ void *p2),
+ int (**pctrl_str) (EVP_PKEY_CTX *ctx,
+ const char *type,
+ const char *value));
+
+void EVP_PKEY_meth_get_digestsign(EVP_PKEY_METHOD *pmeth,
+ int (**digestsign) (EVP_MD_CTX *ctx,
+ unsigned char *sig,
+ size_t *siglen,
+ const unsigned char *tbs,
+ size_t tbslen));
+
+void EVP_PKEY_meth_get_digestverify(EVP_PKEY_METHOD *pmeth,
+ int (**digestverify) (EVP_MD_CTX *ctx,
+ const unsigned char *sig,
+ size_t siglen,
+ const unsigned char *tbs,
+ size_t tbslen));
+
+void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
+ int (**pcheck) (EVP_PKEY *pkey));
+
+void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
+ int (**pcheck) (EVP_PKEY *pkey));
+
+void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
+ int (**pcheck) (EVP_PKEY *pkey));
+
+void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
+ int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
+ EVP_MD_CTX *mctx));
+
+void EVP_KEYEXCH_free(EVP_KEYEXCH *exchange);
+int EVP_KEYEXCH_up_ref(EVP_KEYEXCH *exchange);
+EVP_KEYEXCH *EVP_KEYEXCH_fetch(OPENSSL_CTX *ctx, const char *algorithm,
+ const char *properties);
+OSSL_PROVIDER *EVP_KEYEXCH_provider(const EVP_KEYEXCH *exchange);
+int EVP_KEYEXCH_is_a(const EVP_KEYEXCH *keyexch, const char *name);
+int EVP_KEYEXCH_number(const EVP_KEYEXCH *keyexch);
+void EVP_KEYEXCH_do_all_provided(OPENSSL_CTX *libctx,
+ void (*fn)(EVP_KEYEXCH *keyexch, void *data),
+ void *data);
+void EVP_KEYEXCH_names_do_all(const EVP_KEYEXCH *keyexch,
+ void (*fn)(const char *name, void *data),
+ void *data);
+
+void EVP_add_alg_module(void);
+
+/*
+ * Convenient helper functions to transfer string based controls.
+ * The callback gets called with the parsed value.
+ */
+int EVP_str2ctrl(int (*cb)(void *ctx, int cmd, void *buf, size_t buflen),
+ void *ctx, int cmd, const char *value);
+int EVP_hex2ctrl(int (*cb)(void *ctx, int cmd, void *buf, size_t buflen),
+ void *ctx, int cmd, const char *hex);
+
+int EVP_PKEY_CTX_set_group_name(EVP_PKEY_CTX *ctx, const char *name);
+int EVP_PKEY_CTX_get_group_name(EVP_PKEY_CTX *ctx, char *name, size_t namelen);
+
+# ifdef __cplusplus
+}
+# endif
+#endif
diff --git a/openssl/include/openssl/evperr.h b/openssl/include/openssl/evperr.h new file mode 100644 index 00000000..1c3a2451 --- /dev/null +++ b/openssl/include/openssl/evperr.h @@ -0,0 +1,267 @@ +/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_EVPERR_H
+# define OPENSSL_EVPERR_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+
+
+# ifdef __cplusplus
+extern "C"
+# endif
+int ERR_load_EVP_strings(void);
+
+/*
+ * EVP function codes.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define EVP_F_AESNI_INIT_KEY 0
+# define EVP_F_AESNI_XTS_INIT_KEY 0
+# define EVP_F_AES_GCM_CTRL 0
+# define EVP_F_AES_GCM_TLS_CIPHER 0
+# define EVP_F_AES_INIT_KEY 0
+# define EVP_F_AES_OCB_CIPHER 0
+# define EVP_F_AES_T4_INIT_KEY 0
+# define EVP_F_AES_T4_XTS_INIT_KEY 0
+# define EVP_F_AES_WRAP_CIPHER 0
+# define EVP_F_AES_XTS_CIPHER 0
+# define EVP_F_AES_XTS_INIT_KEY 0
+# define EVP_F_ALG_MODULE_INIT 0
+# define EVP_F_ARIA_CCM_INIT_KEY 0
+# define EVP_F_ARIA_GCM_CTRL 0
+# define EVP_F_ARIA_GCM_INIT_KEY 0
+# define EVP_F_ARIA_INIT_KEY 0
+# define EVP_F_B64_NEW 0
+# define EVP_F_CAMELLIA_INIT_KEY 0
+# define EVP_F_CHACHA20_POLY1305_CTRL 0
+# define EVP_F_CMLL_T4_INIT_KEY 0
+# define EVP_F_DES_EDE3_WRAP_CIPHER 0
+# define EVP_F_DO_SIGVER_INIT 0
+# define EVP_F_ENC_NEW 0
+# define EVP_F_EVP_CIPHERINIT_EX 0
+# define EVP_F_EVP_CIPHER_ASN1_TO_PARAM 0
+# define EVP_F_EVP_CIPHER_CTX_COPY 0
+# define EVP_F_EVP_CIPHER_CTX_CTRL 0
+# define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 0
+# define EVP_F_EVP_CIPHER_CTX_SET_PADDING 0
+# define EVP_F_EVP_CIPHER_FROM_DISPATCH 0
+# define EVP_F_EVP_CIPHER_MODE 0
+# define EVP_F_EVP_CIPHER_PARAM_TO_ASN1 0
+# define EVP_F_EVP_DECRYPTFINAL_EX 0
+# define EVP_F_EVP_DECRYPTUPDATE 0
+# define EVP_F_EVP_DIGESTFINALXOF 0
+# define EVP_F_EVP_DIGESTFINAL_EX 0
+# define EVP_F_EVP_DIGESTINIT_EX 0
+# define EVP_F_EVP_DIGESTUPDATE 0
+# define EVP_F_EVP_ENCRYPTDECRYPTUPDATE 0
+# define EVP_F_EVP_ENCRYPTFINAL_EX 0
+# define EVP_F_EVP_ENCRYPTUPDATE 0
+# define EVP_F_EVP_KDF_CTX_DUP 0
+# define EVP_F_EVP_KDF_CTX_NEW 0
+# define EVP_F_EVP_KEYEXCH_FETCH 0
+# define EVP_F_EVP_KEYEXCH_FROM_DISPATCH 0
+# define EVP_F_EVP_MAC_CTRL 0
+# define EVP_F_EVP_MAC_CTRL_STR 0
+# define EVP_F_EVP_MAC_INIT 0
+# define EVP_F_EVP_MD_BLOCK_SIZE 0
+# define EVP_F_EVP_MD_CTX_COPY_EX 0
+# define EVP_F_EVP_MD_SIZE 0
+# define EVP_F_EVP_OPENINIT 0
+# define EVP_F_EVP_PBE_ALG_ADD 0
+# define EVP_F_EVP_PBE_ALG_ADD_TYPE 0
+# define EVP_F_EVP_PBE_CIPHERINIT 0
+# define EVP_F_EVP_PBE_SCRYPT 0
+# define EVP_F_EVP_PKCS82PKEY 0
+# define EVP_F_EVP_PKEY2PKCS8 0
+# define EVP_F_EVP_PKEY_ASN1_ADD0 0
+# define EVP_F_EVP_PKEY_CHECK 0
+# define EVP_F_EVP_PKEY_COPY_PARAMETERS 0
+# define EVP_F_EVP_PKEY_CTX_CTRL 0
+# define EVP_F_EVP_PKEY_CTX_CTRL_STR 0
+# define EVP_F_EVP_PKEY_CTX_DUP 0
+# define EVP_F_EVP_PKEY_CTX_MD 0
+# define EVP_F_EVP_PKEY_DECRYPT 0
+# define EVP_F_EVP_PKEY_DECRYPT_INIT 0
+# define EVP_F_EVP_PKEY_DECRYPT_OLD 0
+# define EVP_F_EVP_PKEY_DERIVE 0
+# define EVP_F_EVP_PKEY_DERIVE_INIT 0
+# define EVP_F_EVP_PKEY_DERIVE_INIT_EX 0
+# define EVP_F_EVP_PKEY_DERIVE_SET_PEER 0
+# define EVP_F_EVP_PKEY_ENCRYPT 0
+# define EVP_F_EVP_PKEY_ENCRYPT_INIT 0
+# define EVP_F_EVP_PKEY_ENCRYPT_OLD 0
+# define EVP_F_EVP_PKEY_GET0_DH 0
+# define EVP_F_EVP_PKEY_GET0_DSA 0
+# define EVP_F_EVP_PKEY_GET0_EC_KEY 0
+# define EVP_F_EVP_PKEY_GET0_HMAC 0
+# define EVP_F_EVP_PKEY_GET0_POLY1305 0
+# define EVP_F_EVP_PKEY_GET0_RSA 0
+# define EVP_F_EVP_PKEY_GET0_SIPHASH 0
+# define EVP_F_EVP_PKEY_GET_RAW_PRIVATE_KEY 0
+# define EVP_F_EVP_PKEY_GET_RAW_PUBLIC_KEY 0
+# define EVP_F_EVP_PKEY_KEYGEN 0
+# define EVP_F_EVP_PKEY_KEYGEN_INIT 0
+# define EVP_F_EVP_PKEY_METH_ADD0 0
+# define EVP_F_EVP_PKEY_METH_NEW 0
+# define EVP_F_EVP_PKEY_NEW 0
+# define EVP_F_EVP_PKEY_NEW_CMAC_KEY 0
+# define EVP_F_EVP_PKEY_NEW_RAW_PRIVATE_KEY 0
+# define EVP_F_EVP_PKEY_NEW_RAW_PUBLIC_KEY 0
+# define EVP_F_EVP_PKEY_PARAMGEN 0
+# define EVP_F_EVP_PKEY_PARAMGEN_INIT 0
+# define EVP_F_EVP_PKEY_PARAM_CHECK 0
+# define EVP_F_EVP_PKEY_PUBLIC_CHECK 0
+# define EVP_F_EVP_PKEY_SET1_ENGINE 0
+# define EVP_F_EVP_PKEY_SET_ALIAS_TYPE 0
+# define EVP_F_EVP_PKEY_SIGN 0
+# define EVP_F_EVP_PKEY_SIGN_INIT 0
+# define EVP_F_EVP_PKEY_VERIFY 0
+# define EVP_F_EVP_PKEY_VERIFY_INIT 0
+# define EVP_F_EVP_PKEY_VERIFY_RECOVER 0
+# define EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT 0
+# define EVP_F_EVP_SET_DEFAULT_PROPERTIES 0
+# define EVP_F_EVP_SIGNFINAL 0
+# define EVP_F_EVP_VERIFYFINAL 0
+# define EVP_F_GMAC_CTRL 0
+# define EVP_F_INT_CTX_NEW 0
+# define EVP_F_KMAC_CTRL 0
+# define EVP_F_KMAC_INIT 0
+# define EVP_F_OK_NEW 0
+# define EVP_F_PKCS5_PBE_KEYIVGEN 0
+# define EVP_F_PKCS5_V2_PBE_KEYIVGEN 0
+# define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN 0
+# define EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN 0
+# define EVP_F_PKEY_KDF_CTRL 0
+# define EVP_F_PKEY_MAC_COPY 0
+# define EVP_F_PKEY_MAC_INIT 0
+# define EVP_F_PKEY_SET_TYPE 0
+# define EVP_F_POLY1305_CTRL 0
+# define EVP_F_RC2_MAGIC_TO_METH 0
+# define EVP_F_RC5_CTRL 0
+# define EVP_F_R_32_12_16_INIT_KEY 0
+# define EVP_F_S390X_AES_GCM_CTRL 0
+# define EVP_F_S390X_AES_GCM_TLS_CIPHER 0
+# define EVP_F_SCRYPT_ALG 0
+# define EVP_F_UPDATE 0
+# endif
+
+/*
+ * EVP reason codes.
+ */
+# define EVP_R_AES_KEY_SETUP_FAILED 143
+# define EVP_R_ARIA_KEY_SETUP_FAILED 176
+# define EVP_R_BAD_ALGORITHM_NAME 200
+# define EVP_R_BAD_DECRYPT 100
+# define EVP_R_BAD_KEY_LENGTH 195
+# define EVP_R_BUFFER_TOO_SMALL 155
+# define EVP_R_CAMELLIA_KEY_SETUP_FAILED 157
+# define EVP_R_CANNOT_GET_PARAMETERS 197
+# define EVP_R_CANNOT_SET_PARAMETERS 198
+# define EVP_R_CIPHER_NOT_GCM_MODE 184
+# define EVP_R_CIPHER_PARAMETER_ERROR 122
+# define EVP_R_COMMAND_NOT_SUPPORTED 147
+# define EVP_R_CONFLICTING_ALGORITHM_NAME 201
+# define EVP_R_COPY_ERROR 173
+# define EVP_R_CTRL_NOT_IMPLEMENTED 132
+# define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED 133
+# define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH 138
+# define EVP_R_DECODE_ERROR 114
+# define EVP_R_DEFAULT_QUERY_PARSE_ERROR 210
+# define EVP_R_DIFFERENT_KEY_TYPES 101
+# define EVP_R_DIFFERENT_PARAMETERS 153
+# define EVP_R_ERROR_LOADING_SECTION 165
+# define EVP_R_ERROR_SETTING_FIPS_MODE 166
+# define EVP_R_EXPECTING_AN_HMAC_KEY 174
+# define EVP_R_EXPECTING_AN_RSA_KEY 127
+# define EVP_R_EXPECTING_A_DH_KEY 128
+# define EVP_R_EXPECTING_A_DSA_KEY 129
+# define EVP_R_EXPECTING_A_EC_KEY 142
+# define EVP_R_EXPECTING_A_POLY1305_KEY 164
+# define EVP_R_EXPECTING_A_SIPHASH_KEY 175
+# define EVP_R_FETCH_FAILED 202
+# define EVP_R_FINAL_ERROR 188
+# define EVP_R_FIPS_MODE_NOT_SUPPORTED 167
+# define EVP_R_GENERATE_ERROR 214
+# define EVP_R_GET_RAW_KEY_FAILED 182
+# define EVP_R_ILLEGAL_SCRYPT_PARAMETERS 171
+# define EVP_R_INACCESSIBLE_DOMAIN_PARAMETERS 204
+# define EVP_R_INACCESSIBLE_KEY 203
+# define EVP_R_INITIALIZATION_ERROR 134
+# define EVP_R_INPUT_NOT_INITIALIZED 111
+# define EVP_R_INVALID_CUSTOM_LENGTH 185
+# define EVP_R_INVALID_DIGEST 152
+# define EVP_R_INVALID_FIPS_MODE 168
+# define EVP_R_INVALID_IV_LENGTH 194
+# define EVP_R_INVALID_KEY 163
+# define EVP_R_INVALID_KEY_LENGTH 130
+# define EVP_R_INVALID_NULL_ALGORITHM 218
+# define EVP_R_INVALID_OPERATION 148
+# define EVP_R_INVALID_PROVIDER_FUNCTIONS 193
+# define EVP_R_INVALID_SALT_LENGTH 186
+# define EVP_R_KEYGEN_FAILURE 120
+# define EVP_R_KEYMGMT_EXPORT_FAILURE 205
+# define EVP_R_KEY_SETUP_FAILED 180
+# define EVP_R_LOCKING_NOT_SUPPORTED 213
+# define EVP_R_MEMORY_LIMIT_EXCEEDED 172
+# define EVP_R_MESSAGE_DIGEST_IS_NULL 159
+# define EVP_R_METHOD_NOT_SUPPORTED 144
+# define EVP_R_MISSING_PARAMETERS 103
+# define EVP_R_NOT_ABLE_TO_COPY_CTX 190
+# define EVP_R_NOT_XOF_OR_INVALID_LENGTH 178
+# define EVP_R_NO_CIPHER_SET 131
+# define EVP_R_NO_DEFAULT_DIGEST 158
+# define EVP_R_NO_DIGEST_SET 139
+# define EVP_R_NO_IMPORT_FUNCTION 206
+# define EVP_R_NO_KEYMGMT_AVAILABLE 199
+# define EVP_R_NO_KEYMGMT_PRESENT 196
+# define EVP_R_NO_KEY_SET 154
+# define EVP_R_NO_OPERATION_SET 149
+# define EVP_R_NULL_MAC_PKEY_CTX 208
+# define EVP_R_ONLY_ONESHOT_SUPPORTED 177
+# define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 150
+# define EVP_R_OPERATON_NOT_INITIALIZED 151
+# define EVP_R_PARAMETER_TOO_LARGE 187
+# define EVP_R_PARTIALLY_OVERLAPPING 162
+# define EVP_R_PBKDF2_ERROR 181
+# define EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED 179
+# define EVP_R_PRIVATE_KEY_DECODE_ERROR 145
+# define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146
+# define EVP_R_PUBLIC_KEY_NOT_RSA 106
+# define EVP_R_SET_DEFAULT_PROPERTY_FAILURE 209
+# define EVP_R_TOO_MANY_RECORDS 183
+# define EVP_R_UNABLE_TO_ENABLE_PARENT_LOCKING 212
+# define EVP_R_UNABLE_TO_GET_MAXIMUM_REQUEST_SIZE 215
+# define EVP_R_UNABLE_TO_GET_RANDOM_STRENGTH 216
+# define EVP_R_UNABLE_TO_LOCK_CONTEXT 211
+# define EVP_R_UNABLE_TO_SET_CALLBACKS 217
+# define EVP_R_UNKNOWN_CIPHER 160
+# define EVP_R_UNKNOWN_DIGEST 161
+# define EVP_R_UNKNOWN_KEY_TYPE 207
+# define EVP_R_UNKNOWN_OPTION 169
+# define EVP_R_UNKNOWN_PBE_ALGORITHM 121
+# define EVP_R_UNSUPPORTED_ALGORITHM 156
+# define EVP_R_UNSUPPORTED_CIPHER 107
+# define EVP_R_UNSUPPORTED_KEYLENGTH 123
+# define EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION 124
+# define EVP_R_UNSUPPORTED_KEY_SIZE 108
+# define EVP_R_UNSUPPORTED_NUMBER_OF_ROUNDS 135
+# define EVP_R_UNSUPPORTED_PRF 125
+# define EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM 118
+# define EVP_R_UNSUPPORTED_SALT_TYPE 126
+# define EVP_R_UPDATE_ERROR 189
+# define EVP_R_WRAP_MODE_NOT_ALLOWED 170
+# define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109
+# define EVP_R_XTS_DATA_UNIT_IS_TOO_LARGE 191
+# define EVP_R_XTS_DUPLICATED_KEYS 192
+
+#endif
diff --git a/openssl/include/openssl/fips_names.h b/openssl/include/openssl/fips_names.h new file mode 100644 index 00000000..09c6771e --- /dev/null +++ b/openssl/include/openssl/fips_names.h @@ -0,0 +1,46 @@ +/*
+ * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_FIPS_NAMES_H
+# define OPENSSL_FIPS_NAMES_H
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+/*
+ * Parameter names that the FIPS Provider defines
+ */
+
+/*
+ * The calculated MAC of the module file (Used for FIPS Self Testing)
+ * Type: OSSL_PARAM_UTF8_STRING
+ */
+# define OSSL_PROV_FIPS_PARAM_MODULE_MAC "module-mac"
+/*
+ * A version number for the fips install process (Used for FIPS Self Testing)
+ * Type: OSSL_PARAM_UTF8_STRING
+ */
+# define OSSL_PROV_FIPS_PARAM_INSTALL_VERSION "install-version"
+/*
+ * The calculated MAC of the install status indicator (Used for FIPS Self Testing)
+ * Type: OSSL_PARAM_UTF8_STRING
+ */
+# define OSSL_PROV_FIPS_PARAM_INSTALL_MAC "install-mac"
+/*
+ * The install status indicator (Used for FIPS Self Testing)
+ * Type: OSSL_PARAM_UTF8_STRING
+ */
+# define OSSL_PROV_FIPS_PARAM_INSTALL_STATUS "install-status"
+
+# ifdef __cplusplus
+}
+# endif
+
+#endif /* OPENSSL_FIPS_NAMES_H */
diff --git a/openssl/include/openssl/hmac.h b/openssl/include/openssl/hmac.h new file mode 100644 index 00000000..71272a9a --- /dev/null +++ b/openssl/include/openssl/hmac.h @@ -0,0 +1,58 @@ +/*
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_HMAC_H
+# define OPENSSL_HMAC_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_HMAC_H
+# endif
+
+# include <openssl/opensslconf.h>
+
+# include <openssl/evp.h>
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HMAC_MAX_MD_CBLOCK 128 /* Deprecated */
+# endif
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+DEPRECATEDIN_3_0(size_t HMAC_size(const HMAC_CTX *e))
+DEPRECATEDIN_3_0(HMAC_CTX *HMAC_CTX_new(void))
+DEPRECATEDIN_3_0(int HMAC_CTX_reset(HMAC_CTX *ctx))
+DEPRECATEDIN_3_0(void HMAC_CTX_free(HMAC_CTX *ctx))
+
+DEPRECATEDIN_1_1_0(__owur int HMAC_Init(HMAC_CTX *ctx, const void *key, int len,
+ const EVP_MD *md))
+
+DEPRECATEDIN_3_0(int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
+ const EVP_MD *md, ENGINE *impl))
+DEPRECATEDIN_3_0(int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data,
+ size_t len))
+DEPRECATEDIN_3_0(int HMAC_Final(HMAC_CTX *ctx, unsigned char *md,
+ unsigned int *len))
+DEPRECATEDIN_3_0(unsigned char *HMAC(const EVP_MD *evp_md, const void *key,
+ int key_len, const unsigned char *d,
+ size_t n, unsigned char *md,
+ unsigned int *md_len))
+DEPRECATEDIN_3_0(__owur int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx))
+
+DEPRECATEDIN_3_0(void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags))
+DEPRECATEDIN_3_0(const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx))
+
+# ifdef __cplusplus
+}
+# endif
+
+#endif
diff --git a/openssl/include/openssl/http.h b/openssl/include/openssl/http.h new file mode 100644 index 00000000..8dc46367 --- /dev/null +++ b/openssl/include/openssl/http.h @@ -0,0 +1,82 @@ +/*
+ * Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright Siemens AG 2018-2020
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_HTTP_H
+# define OPENSSL_HTTP_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+
+# include <openssl/bio.h>
+# include <openssl/asn1.h>
+# include <openssl/conf.h>
+
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+typedef BIO *(*OSSL_HTTP_bio_cb_t)(BIO *bio, void *arg, int connect, int detail);
+
+# define OSSL_HTTP_NAME "http"
+# define OSSL_HTTPS_NAME "https"
+# define OSSL_HTTP_PREFIX OSSL_HTTP_NAME"://"
+# define OSSL_HTTPS_PREFIX OSSL_HTTPS_NAME"://"
+# define OSSL_HTTP_PORT "80"
+# define OSSL_HTTPS_PORT "443"
+# define OPENSSL_NO_PROXY "NO_PROXY"
+# define OPENSSL_HTTP_PROXY "HTTP_PROXY"
+# define OPENSSL_HTTPS_PROXY "HTTPS_PROXY"
+
+BIO *OSSL_HTTP_get(const char *url, const char *proxy, const char *no_proxy,
+ BIO *bio, BIO *rbio,
+ OSSL_HTTP_bio_cb_t bio_update_fn, void *arg,
+ const STACK_OF(CONF_VALUE) *headers,
+ int maxline, unsigned long max_resp_len, int timeout,
+ const char *expected_content_type, int expect_asn1);
+ASN1_VALUE *OSSL_HTTP_get_asn1(const char *url,
+ const char *proxy, const char *no_proxy,
+ BIO *bio, BIO *rbio,
+ OSSL_HTTP_bio_cb_t bio_update_fn, void *arg,
+ const STACK_OF(CONF_VALUE) *headers,
+ int maxline, unsigned long max_resp_len,
+ int timeout, const char *expected_content_type,
+ const ASN1_ITEM *it);
+ASN1_VALUE *OSSL_HTTP_post_asn1(const char *server, const char *port,
+ const char *path, int use_ssl,
+ const char *proxy, const char *no_proxy,
+ BIO *bio, BIO *rbio,
+ OSSL_HTTP_bio_cb_t bio_update_fn, void *arg,
+ const STACK_OF(CONF_VALUE) *headers,
+ const char *content_type,
+ const ASN1_VALUE *req, const ASN1_ITEM *req_it,
+ int maxline, unsigned long max_resp_len,
+ int timeout, const char *expected_ct,
+ const ASN1_ITEM *rsp_it);
+BIO *OSSL_HTTP_transfer(const char *server, const char *port, const char *path,
+ int use_ssl, const char *proxy, const char *no_proxy,
+ BIO *bio, BIO *rbio,
+ OSSL_HTTP_bio_cb_t bio_update_fn, void *arg,
+ const STACK_OF(CONF_VALUE) *headers,
+ const char *content_type, BIO *req_mem,
+ int maxline, unsigned long max_resp_len, int timeout,
+ const char *expected_ct, int expect_asn1,
+ char **redirection_url);
+int OSSL_HTTP_proxy_connect(BIO *bio, const char *server, const char *port,
+ const char *proxyuser, const char *proxypass,
+ int timeout, BIO *bio_err, const char *prog);
+
+int OSSL_HTTP_parse_url(const char *url, char **phost, char **pport,
+ char **ppath, int *pssl);
+
+# ifdef __cplusplus
+}
+# endif
+#endif /* !defined(OPENSSL_HTTP_H) */
diff --git a/openssl/include/openssl/httperr.h b/openssl/include/openssl/httperr.h new file mode 100644 index 00000000..a627cb01 --- /dev/null +++ b/openssl/include/openssl/httperr.h @@ -0,0 +1,56 @@ +/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_HTTPERR_H
+# define OPENSSL_HTTPERR_H
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+
+
+# ifdef __cplusplus
+extern "C"
+# endif
+int ERR_load_HTTP_strings(void);
+
+/*
+ * HTTP function codes.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# endif
+
+/*
+ * HTTP reason codes.
+ */
+# define HTTP_R_ASN1_LEN_EXCEEDS_MAX_RESP_LEN 108
+# define HTTP_R_CONNECT_FAILURE 100
+# define HTTP_R_ERROR_PARSING_ASN1_LENGTH 109
+# define HTTP_R_ERROR_PARSING_CONTENT_LENGTH 119
+# define HTTP_R_ERROR_PARSING_URL 101
+# define HTTP_R_ERROR_RECEIVING 103
+# define HTTP_R_ERROR_SENDING 102
+# define HTTP_R_INCONSISTENT_CONTENT_LENGTH 120
+# define HTTP_R_MAX_RESP_LEN_EXCEEDED 117
+# define HTTP_R_MISSING_ASN1_ENCODING 110
+# define HTTP_R_MISSING_CONTENT_TYPE 121
+# define HTTP_R_MISSING_REDIRECT_LOCATION 111
+# define HTTP_R_RECEIVED_ERROR 105
+# define HTTP_R_RECEIVED_WRONG_HTTP_VERSION 106
+# define HTTP_R_REDIRECTION_FROM_HTTPS_TO_HTTP 112
+# define HTTP_R_REDIRECTION_NOT_ENABLED 116
+# define HTTP_R_RESPONSE_LINE_TOO_LONG 113
+# define HTTP_R_RESPONSE_PARSE_ERROR 104
+# define HTTP_R_SOCK_NOT_SUPPORTED 122
+# define HTTP_R_STATUS_CODE_UNSUPPORTED 114
+# define HTTP_R_TLS_NOT_ENABLED 107
+# define HTTP_R_TOO_MANY_REDIRECTIONS 115
+# define HTTP_R_UNEXPECTED_CONTENT_TYPE 118
+
+#endif
diff --git a/openssl/include/openssl/idea.h b/openssl/include/openssl/idea.h new file mode 100644 index 00000000..ea3dccdb --- /dev/null +++ b/openssl/include/openssl/idea.h @@ -0,0 +1,79 @@ +/*
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_IDEA_H
+# define OPENSSL_IDEA_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_IDEA_H
+# endif
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_IDEA
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+# define IDEA_BLOCK 8
+# define IDEA_KEY_LENGTH 16
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+
+typedef unsigned int IDEA_INT;
+
+# define IDEA_ENCRYPT 1
+# define IDEA_DECRYPT 0
+
+typedef struct idea_key_st {
+ IDEA_INT data[9][6];
+} IDEA_KEY_SCHEDULE;
+#endif
+
+DEPRECATEDIN_3_0(const char *IDEA_options(void))
+DEPRECATEDIN_3_0(void IDEA_ecb_encrypt(const unsigned char *in,
+ unsigned char *out,
+ IDEA_KEY_SCHEDULE *ks))
+DEPRECATEDIN_3_0(void IDEA_set_encrypt_key(const unsigned char *key,
+ IDEA_KEY_SCHEDULE *ks))
+DEPRECATEDIN_3_0(void IDEA_set_decrypt_key(IDEA_KEY_SCHEDULE *ek,
+ IDEA_KEY_SCHEDULE *dk))
+DEPRECATEDIN_3_0(void IDEA_cbc_encrypt(const unsigned char *in,
+ unsigned char *out, long length,
+ IDEA_KEY_SCHEDULE *ks,
+ unsigned char *iv, int enc))
+DEPRECATEDIN_3_0(void IDEA_cfb64_encrypt(const unsigned char *in,
+ unsigned char *out, long length,
+ IDEA_KEY_SCHEDULE *ks,
+ unsigned char *iv, int *num, int enc))
+DEPRECATEDIN_3_0(void IDEA_ofb64_encrypt(const unsigned char *in,
+ unsigned char *out, long length,
+ IDEA_KEY_SCHEDULE *ks,
+ unsigned char *iv, int *num))
+DEPRECATEDIN_3_0(void IDEA_encrypt(unsigned long *in, IDEA_KEY_SCHEDULE *ks))
+
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# define idea_options IDEA_options
+# define idea_ecb_encrypt IDEA_ecb_encrypt
+# define idea_set_encrypt_key IDEA_set_encrypt_key
+# define idea_set_decrypt_key IDEA_set_decrypt_key
+# define idea_cbc_encrypt IDEA_cbc_encrypt
+# define idea_cfb64_encrypt IDEA_cfb64_encrypt
+# define idea_ofb64_encrypt IDEA_ofb64_encrypt
+# define idea_encrypt IDEA_encrypt
+# endif
+
+# ifdef __cplusplus
+}
+# endif
+# endif
+
+#endif
diff --git a/openssl/include/openssl/kdf.h b/openssl/include/openssl/kdf.h new file mode 100644 index 00000000..738865df --- /dev/null +++ b/openssl/include/openssl/kdf.h @@ -0,0 +1,178 @@ +/*
+ * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_KDF_H
+# define OPENSSL_KDF_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_KDF_H
+# endif
+
+# include <stdarg.h>
+# include <stddef.h>
+# include <openssl/types.h>
+# include <openssl/core.h>
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+int EVP_KDF_up_ref(EVP_KDF *kdf);
+void EVP_KDF_free(EVP_KDF *kdf);
+EVP_KDF *EVP_KDF_fetch(OPENSSL_CTX *libctx, const char *algorithm,
+ const char *properties);
+
+EVP_KDF_CTX *EVP_KDF_new_ctx(EVP_KDF *kdf);
+void EVP_KDF_free_ctx(EVP_KDF_CTX *ctx);
+EVP_KDF_CTX *EVP_KDF_dup_ctx(const EVP_KDF_CTX *src);
+int EVP_KDF_number(const EVP_KDF *kdf);
+int EVP_KDF_is_a(const EVP_KDF *kdf, const char *name);
+const OSSL_PROVIDER *EVP_KDF_provider(const EVP_KDF *kdf);
+const EVP_KDF *EVP_KDF_get_ctx_kdf(EVP_KDF_CTX *ctx);
+
+void EVP_KDF_reset(EVP_KDF_CTX *ctx);
+size_t EVP_KDF_size(EVP_KDF_CTX *ctx);
+int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen);
+int EVP_KDF_get_params(EVP_KDF *kdf, OSSL_PARAM params[]);
+int EVP_KDF_get_ctx_params(EVP_KDF_CTX *ctx, OSSL_PARAM params[]);
+int EVP_KDF_set_ctx_params(EVP_KDF_CTX *ctx, const OSSL_PARAM params[]);
+const OSSL_PARAM *EVP_KDF_gettable_params(const EVP_KDF *kdf);
+const OSSL_PARAM *EVP_KDF_gettable_ctx_params(const EVP_KDF *kdf);
+const OSSL_PARAM *EVP_KDF_settable_ctx_params(const EVP_KDF *kdf);
+
+void EVP_KDF_do_all_provided(OPENSSL_CTX *libctx,
+ void (*fn)(EVP_KDF *kdf, void *arg),
+ void *arg);
+void EVP_KDF_names_do_all(const EVP_KDF *kdf,
+ void (*fn)(const char *name, void *data),
+ void *data);
+
+# define EVP_KDF_CTRL_SET_PASS 0x01 /* unsigned char *, size_t */
+# define EVP_KDF_CTRL_SET_SALT 0x02 /* unsigned char *, size_t */
+# define EVP_KDF_CTRL_SET_ITER 0x03 /* int */
+# define EVP_KDF_CTRL_SET_MD 0x04 /* EVP_MD * */
+# define EVP_KDF_CTRL_SET_KEY 0x05 /* unsigned char *, size_t */
+# define EVP_KDF_CTRL_SET_MAXMEM_BYTES 0x06 /* uint64_t */
+# define EVP_KDF_CTRL_SET_TLS_SECRET 0x07 /* unsigned char *, size_t */
+# define EVP_KDF_CTRL_ADD_TLS_SEED 0x08 /* unsigned char *, size_t */
+# define EVP_KDF_CTRL_RESET_HKDF_INFO 0x09
+# define EVP_KDF_CTRL_ADD_HKDF_INFO 0x0a /* unsigned char *, size_t */
+# define EVP_KDF_CTRL_SET_HKDF_MODE 0x0b /* int */
+# define EVP_KDF_CTRL_SET_SCRYPT_N 0x0c /* uint64_t */
+# define EVP_KDF_CTRL_SET_SCRYPT_R 0x0d /* uint32_t */
+# define EVP_KDF_CTRL_SET_SCRYPT_P 0x0e /* uint32_t */
+# define EVP_KDF_CTRL_SET_SSHKDF_XCGHASH 0x0f /* unsigned char *, size_t */
+# define EVP_KDF_CTRL_SET_SSHKDF_SESSION_ID 0x10 /* unsigned char *, size_t */
+# define EVP_KDF_CTRL_SET_SSHKDF_TYPE 0x11 /* int */
+# define EVP_KDF_CTRL_SET_MAC 0x12 /* EVP_MAC * */
+# define EVP_KDF_CTRL_SET_MAC_SIZE 0x13 /* size_t */
+# define EVP_KDF_CTRL_SET_SSKDF_INFO 0x14 /* unsigned char *, size_t */
+# define EVP_KDF_CTRL_SET_PBKDF2_PKCS5_MODE 0x15 /* int */
+# define EVP_KDF_CTRL_SET_UKM 0x16 /* unsigned char *, size_t */
+# define EVP_KDF_CTRL_SET_CEK_ALG 0x17 /* char * */
+# define EVP_KDF_CTRL_SET_SHARED_INFO EVP_KDF_CTRL_SET_SSKDF_INFO
+
+# define EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND 0
+# define EVP_KDF_HKDF_MODE_EXTRACT_ONLY 1
+# define EVP_KDF_HKDF_MODE_EXPAND_ONLY 2
+
+#define EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV 65
+#define EVP_KDF_SSHKDF_TYPE_INITIAL_IV_SRV_TO_CLI 66
+#define EVP_KDF_SSHKDF_TYPE_ENCRYPTION_KEY_CLI_TO_SRV 67
+#define EVP_KDF_SSHKDF_TYPE_ENCRYPTION_KEY_SRV_TO_CLI 68
+#define EVP_KDF_SSHKDF_TYPE_INTEGRITY_KEY_CLI_TO_SRV 69
+#define EVP_KDF_SSHKDF_TYPE_INTEGRITY_KEY_SRV_TO_CLI 70
+
+/**** The legacy PKEY-based KDF API follows. ****/
+
+# define EVP_PKEY_CTRL_TLS_MD (EVP_PKEY_ALG_CTRL)
+# define EVP_PKEY_CTRL_TLS_SECRET (EVP_PKEY_ALG_CTRL + 1)
+# define EVP_PKEY_CTRL_TLS_SEED (EVP_PKEY_ALG_CTRL + 2)
+# define EVP_PKEY_CTRL_HKDF_MD (EVP_PKEY_ALG_CTRL + 3)
+# define EVP_PKEY_CTRL_HKDF_SALT (EVP_PKEY_ALG_CTRL + 4)
+# define EVP_PKEY_CTRL_HKDF_KEY (EVP_PKEY_ALG_CTRL + 5)
+# define EVP_PKEY_CTRL_HKDF_INFO (EVP_PKEY_ALG_CTRL + 6)
+# define EVP_PKEY_CTRL_HKDF_MODE (EVP_PKEY_ALG_CTRL + 7)
+# define EVP_PKEY_CTRL_PASS (EVP_PKEY_ALG_CTRL + 8)
+# define EVP_PKEY_CTRL_SCRYPT_SALT (EVP_PKEY_ALG_CTRL + 9)
+# define EVP_PKEY_CTRL_SCRYPT_N (EVP_PKEY_ALG_CTRL + 10)
+# define EVP_PKEY_CTRL_SCRYPT_R (EVP_PKEY_ALG_CTRL + 11)
+# define EVP_PKEY_CTRL_SCRYPT_P (EVP_PKEY_ALG_CTRL + 12)
+# define EVP_PKEY_CTRL_SCRYPT_MAXMEM_BYTES (EVP_PKEY_ALG_CTRL + 13)
+
+# define EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND \
+ EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND
+# define EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY \
+ EVP_KDF_HKDF_MODE_EXTRACT_ONLY
+# define EVP_PKEY_HKDEF_MODE_EXPAND_ONLY \
+ EVP_KDF_HKDF_MODE_EXPAND_ONLY
+
+# define EVP_PKEY_CTX_set_tls1_prf_md(pctx, md) \
+ EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_TLS_MD, 0, (void *)(md))
+
+# define EVP_PKEY_CTX_set1_tls1_prf_secret(pctx, sec, seclen) \
+ EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_TLS_SECRET, seclen, (void *)(sec))
+
+# define EVP_PKEY_CTX_add1_tls1_prf_seed(pctx, seed, seedlen) \
+ EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_TLS_SEED, seedlen, (void *)(seed))
+
+# define EVP_PKEY_CTX_set_hkdf_md(pctx, md) \
+ EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_HKDF_MD, 0, (void *)(md))
+
+# define EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt, saltlen) \
+ EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_HKDF_SALT, saltlen, (void *)(salt))
+
+# define EVP_PKEY_CTX_set1_hkdf_key(pctx, key, keylen) \
+ EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_HKDF_KEY, keylen, (void *)(key))
+
+# define EVP_PKEY_CTX_add1_hkdf_info(pctx, info, infolen) \
+ EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_HKDF_INFO, infolen, (void *)(info))
+
+# define EVP_PKEY_CTX_hkdf_mode(pctx, mode) \
+ EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_HKDF_MODE, mode, NULL)
+
+# define EVP_PKEY_CTX_set1_pbe_pass(pctx, pass, passlen) \
+ EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_PASS, passlen, (void *)(pass))
+
+# define EVP_PKEY_CTX_set1_scrypt_salt(pctx, salt, saltlen) \
+ EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_SCRYPT_SALT, saltlen, (void *)(salt))
+
+# define EVP_PKEY_CTX_set_scrypt_N(pctx, n) \
+ EVP_PKEY_CTX_ctrl_uint64(pctx, -1, EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_SCRYPT_N, n)
+
+# define EVP_PKEY_CTX_set_scrypt_r(pctx, r) \
+ EVP_PKEY_CTX_ctrl_uint64(pctx, -1, EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_SCRYPT_R, r)
+
+# define EVP_PKEY_CTX_set_scrypt_p(pctx, p) \
+ EVP_PKEY_CTX_ctrl_uint64(pctx, -1, EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_SCRYPT_P, p)
+
+# define EVP_PKEY_CTX_set_scrypt_maxmem_bytes(pctx, maxmem_bytes) \
+ EVP_PKEY_CTX_ctrl_uint64(pctx, -1, EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_SCRYPT_MAXMEM_BYTES, maxmem_bytes)
+
+
+# ifdef __cplusplus
+}
+# endif
+#endif
diff --git a/openssl/include/openssl/kdferr.h b/openssl/include/openssl/kdferr.h new file mode 100644 index 00000000..0459d1c5 --- /dev/null +++ b/openssl/include/openssl/kdferr.h @@ -0,0 +1,113 @@ +/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_KDFERR_H
+# define OPENSSL_KDFERR_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+
+
+# ifdef __cplusplus
+extern "C"
+# endif
+DEPRECATEDIN_3_0(int ERR_load_KDF_strings(void))
+
+/*
+ * KDF function codes.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define KDF_F_HKDF_EXTRACT 0
+# define KDF_F_KDF_HKDF_DERIVE 0
+# define KDF_F_KDF_HKDF_NEW 0
+# define KDF_F_KDF_HKDF_SIZE 0
+# define KDF_F_KDF_MD2CTRL 0
+# define KDF_F_KDF_PBKDF2_CTRL 0
+# define KDF_F_KDF_PBKDF2_CTRL_STR 0
+# define KDF_F_KDF_PBKDF2_DERIVE 0
+# define KDF_F_KDF_PBKDF2_NEW 0
+# define KDF_F_KDF_SCRYPT_CTRL_STR 0
+# define KDF_F_KDF_SCRYPT_CTRL_UINT32 0
+# define KDF_F_KDF_SCRYPT_CTRL_UINT64 0
+# define KDF_F_KDF_SCRYPT_DERIVE 0
+# define KDF_F_KDF_SCRYPT_NEW 0
+# define KDF_F_KDF_SSHKDF_CTRL 0
+# define KDF_F_KDF_SSHKDF_CTRL_STR 0
+# define KDF_F_KDF_SSHKDF_DERIVE 0
+# define KDF_F_KDF_SSHKDF_NEW 0
+# define KDF_F_KDF_TLS1_PRF_CTRL_STR 0
+# define KDF_F_KDF_TLS1_PRF_DERIVE 0
+# define KDF_F_KDF_TLS1_PRF_NEW 0
+# define KDF_F_PBKDF2_DERIVE 0
+# define KDF_F_PBKDF2_SET_MEMBUF 0
+# define KDF_F_PKEY_HKDF_CTRL_STR 0
+# define KDF_F_PKEY_HKDF_DERIVE 0
+# define KDF_F_PKEY_HKDF_INIT 0
+# define KDF_F_PKEY_SCRYPT_CTRL_STR 0
+# define KDF_F_PKEY_SCRYPT_CTRL_UINT64 0
+# define KDF_F_PKEY_SCRYPT_DERIVE 0
+# define KDF_F_PKEY_SCRYPT_INIT 0
+# define KDF_F_PKEY_SCRYPT_SET_MEMBUF 0
+# define KDF_F_PKEY_TLS1_PRF_CTRL_STR 0
+# define KDF_F_PKEY_TLS1_PRF_DERIVE 0
+# define KDF_F_PKEY_TLS1_PRF_INIT 0
+# define KDF_F_SCRYPT_SET_MEMBUF 0
+# define KDF_F_SSKDF_CTRL_STR 0
+# define KDF_F_SSKDF_DERIVE 0
+# define KDF_F_SSKDF_MAC2CTRL 0
+# define KDF_F_SSKDF_NEW 0
+# define KDF_F_SSKDF_SIZE 0
+# define KDF_F_TLS1_PRF_ALG 0
+# define KDF_F_X942KDF_CTRL 0
+# define KDF_F_X942KDF_DERIVE 0
+# define KDF_F_X942KDF_HASH_KDM 0
+# define KDF_F_X942KDF_NEW 0
+# define KDF_F_X942KDF_SIZE 0
+# define KDF_F_X963KDF_DERIVE 0
+# endif
+
+/*
+ * KDF reason codes.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define KDF_R_BAD_ENCODING 122
+# define KDF_R_BAD_LENGTH 123
+# define KDF_R_BOTH_MODE_AND_MODE_INT 127
+# define KDF_R_INAVLID_UKM_LEN 124
+# define KDF_R_INVALID_DIGEST 100
+# define KDF_R_INVALID_ITERATION_COUNT 119
+# define KDF_R_INVALID_KEY_LEN 120
+# define KDF_R_INVALID_MAC_TYPE 116
+# define KDF_R_INVALID_MODE 128
+# define KDF_R_INVALID_MODE_INT 129
+# define KDF_R_INVALID_SALT_LEN 121
+# define KDF_R_MISSING_CEK_ALG 125
+# define KDF_R_MISSING_ITERATION_COUNT 109
+# define KDF_R_MISSING_KEY 104
+# define KDF_R_MISSING_MESSAGE_DIGEST 105
+# define KDF_R_MISSING_PARAMETER 101
+# define KDF_R_MISSING_PASS 110
+# define KDF_R_MISSING_SALT 111
+# define KDF_R_MISSING_SECRET 107
+# define KDF_R_MISSING_SEED 106
+# define KDF_R_MISSING_SESSION_ID 113
+# define KDF_R_MISSING_TYPE 114
+# define KDF_R_MISSING_XCGHASH 115
+# define KDF_R_NOT_SUPPORTED 118
+# define KDF_R_UNKNOWN_PARAMETER_TYPE 103
+# define KDF_R_UNSUPPORTED_CEK_ALG 126
+# define KDF_R_UNSUPPORTED_MAC_TYPE 117
+# define KDF_R_VALUE_ERROR 108
+# define KDF_R_VALUE_MISSING 102
+# define KDF_R_WRONG_OUTPUT_BUFFER_SIZE 112
+# endif
+
+#endif
diff --git a/openssl/include/openssl/lhash.h b/openssl/include/openssl/lhash.h new file mode 100644 index 00000000..2aeba73f --- /dev/null +++ b/openssl/include/openssl/lhash.h @@ -0,0 +1,253 @@ +/*
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/*
+ * Header for dynamic hash table routines Author - Eric Young
+ */
+
+#ifndef OPENSSL_LHASH_H
+# define OPENSSL_LHASH_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_LHASH_H
+# endif
+
+# include <openssl/e_os2.h>
+# include <openssl/bio.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct lhash_node_st OPENSSL_LH_NODE;
+typedef int (*OPENSSL_LH_COMPFUNC) (const void *, const void *);
+typedef unsigned long (*OPENSSL_LH_HASHFUNC) (const void *);
+typedef void (*OPENSSL_LH_DOALL_FUNC) (void *);
+typedef void (*OPENSSL_LH_DOALL_FUNCARG) (void *, void *);
+typedef struct lhash_st OPENSSL_LHASH;
+
+/*
+ * Macros for declaring and implementing type-safe wrappers for LHASH
+ * callbacks. This way, callbacks can be provided to LHASH structures without
+ * function pointer casting and the macro-defined callbacks provide
+ * per-variable casting before deferring to the underlying type-specific
+ * callbacks. NB: It is possible to place a "static" in front of both the
+ * DECLARE and IMPLEMENT macros if the functions are strictly internal.
+ */
+
+/* First: "hash" functions */
+# define DECLARE_LHASH_HASH_FN(name, o_type) \
+ unsigned long name##_LHASH_HASH(const void *);
+# define IMPLEMENT_LHASH_HASH_FN(name, o_type) \
+ unsigned long name##_LHASH_HASH(const void *arg) { \
+ const o_type *a = arg; \
+ return name##_hash(a); }
+# define LHASH_HASH_FN(name) name##_LHASH_HASH
+
+/* Second: "compare" functions */
+# define DECLARE_LHASH_COMP_FN(name, o_type) \
+ int name##_LHASH_COMP(const void *, const void *);
+# define IMPLEMENT_LHASH_COMP_FN(name, o_type) \
+ int name##_LHASH_COMP(const void *arg1, const void *arg2) { \
+ const o_type *a = arg1; \
+ const o_type *b = arg2; \
+ return name##_cmp(a,b); }
+# define LHASH_COMP_FN(name) name##_LHASH_COMP
+
+/* Fourth: "doall_arg" functions */
+# define DECLARE_LHASH_DOALL_ARG_FN(name, o_type, a_type) \
+ void name##_LHASH_DOALL_ARG(void *, void *);
+# define IMPLEMENT_LHASH_DOALL_ARG_FN(name, o_type, a_type) \
+ void name##_LHASH_DOALL_ARG(void *arg1, void *arg2) { \
+ o_type *a = arg1; \
+ a_type *b = arg2; \
+ name##_doall_arg(a, b); }
+# define LHASH_DOALL_ARG_FN(name) name##_LHASH_DOALL_ARG
+
+
+# define LH_LOAD_MULT 256
+
+int OPENSSL_LH_error(OPENSSL_LHASH *lh);
+OPENSSL_LHASH *OPENSSL_LH_new(OPENSSL_LH_HASHFUNC h, OPENSSL_LH_COMPFUNC c);
+void OPENSSL_LH_free(OPENSSL_LHASH *lh);
+void OPENSSL_LH_flush(OPENSSL_LHASH *lh);
+void *OPENSSL_LH_insert(OPENSSL_LHASH *lh, void *data);
+void *OPENSSL_LH_delete(OPENSSL_LHASH *lh, const void *data);
+void *OPENSSL_LH_retrieve(OPENSSL_LHASH *lh, const void *data);
+void OPENSSL_LH_doall(OPENSSL_LHASH *lh, OPENSSL_LH_DOALL_FUNC func);
+void OPENSSL_LH_doall_arg(OPENSSL_LHASH *lh, OPENSSL_LH_DOALL_FUNCARG func, void *arg);
+unsigned long OPENSSL_LH_strhash(const char *c);
+unsigned long OPENSSL_LH_num_items(const OPENSSL_LHASH *lh);
+unsigned long OPENSSL_LH_get_down_load(const OPENSSL_LHASH *lh);
+void OPENSSL_LH_set_down_load(OPENSSL_LHASH *lh, unsigned long down_load);
+
+# ifndef OPENSSL_NO_STDIO
+void OPENSSL_LH_stats(const OPENSSL_LHASH *lh, FILE *fp);
+void OPENSSL_LH_node_stats(const OPENSSL_LHASH *lh, FILE *fp);
+void OPENSSL_LH_node_usage_stats(const OPENSSL_LHASH *lh, FILE *fp);
+# endif
+void OPENSSL_LH_stats_bio(const OPENSSL_LHASH *lh, BIO *out);
+void OPENSSL_LH_node_stats_bio(const OPENSSL_LHASH *lh, BIO *out);
+void OPENSSL_LH_node_usage_stats_bio(const OPENSSL_LHASH *lh, BIO *out);
+
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# define _LHASH OPENSSL_LHASH
+# define LHASH_NODE OPENSSL_LH_NODE
+# define lh_error OPENSSL_LH_error
+# define lh_new OPENSSL_LH_new
+# define lh_free OPENSSL_LH_free
+# define lh_insert OPENSSL_LH_insert
+# define lh_delete OPENSSL_LH_delete
+# define lh_retrieve OPENSSL_LH_retrieve
+# define lh_doall OPENSSL_LH_doall
+# define lh_doall_arg OPENSSL_LH_doall_arg
+# define lh_strhash OPENSSL_LH_strhash
+# define lh_num_items OPENSSL_LH_num_items
+# ifndef OPENSSL_NO_STDIO
+# define lh_stats OPENSSL_LH_stats
+# define lh_node_stats OPENSSL_LH_node_stats
+# define lh_node_usage_stats OPENSSL_LH_node_usage_stats
+# endif
+# define lh_stats_bio OPENSSL_LH_stats_bio
+# define lh_node_stats_bio OPENSSL_LH_node_stats_bio
+# define lh_node_usage_stats_bio OPENSSL_LH_node_usage_stats_bio
+# endif
+
+/* Type checking... */
+
+# define LHASH_OF(type) struct lhash_st_##type
+
+# define DEFINE_LHASH_OF(type) \
+ LHASH_OF(type) { union lh_##type##_dummy { void* d1; unsigned long d2; int d3; } dummy; }; \
+ static ossl_unused ossl_inline LHASH_OF(type) *lh_##type##_new(unsigned long (*hfn)(const type *), \
+ int (*cfn)(const type *, const type *)) \
+ { \
+ return (LHASH_OF(type) *) \
+ OPENSSL_LH_new((OPENSSL_LH_HASHFUNC)hfn, (OPENSSL_LH_COMPFUNC)cfn); \
+ } \
+ static ossl_unused ossl_inline void lh_##type##_free(LHASH_OF(type) *lh) \
+ { \
+ OPENSSL_LH_free((OPENSSL_LHASH *)lh); \
+ } \
+ static ossl_unused ossl_inline void lh_##type##_flush(LHASH_OF(type) *lh) \
+ { \
+ OPENSSL_LH_flush((OPENSSL_LHASH *)lh); \
+ } \
+ static ossl_unused ossl_inline type *lh_##type##_insert(LHASH_OF(type) *lh, type *d) \
+ { \
+ return (type *)OPENSSL_LH_insert((OPENSSL_LHASH *)lh, d); \
+ } \
+ static ossl_unused ossl_inline type *lh_##type##_delete(LHASH_OF(type) *lh, const type *d) \
+ { \
+ return (type *)OPENSSL_LH_delete((OPENSSL_LHASH *)lh, d); \
+ } \
+ static ossl_unused ossl_inline type *lh_##type##_retrieve(LHASH_OF(type) *lh, const type *d) \
+ { \
+ return (type *)OPENSSL_LH_retrieve((OPENSSL_LHASH *)lh, d); \
+ } \
+ static ossl_unused ossl_inline int lh_##type##_error(LHASH_OF(type) *lh) \
+ { \
+ return OPENSSL_LH_error((OPENSSL_LHASH *)lh); \
+ } \
+ static ossl_unused ossl_inline unsigned long lh_##type##_num_items(LHASH_OF(type) *lh) \
+ { \
+ return OPENSSL_LH_num_items((OPENSSL_LHASH *)lh); \
+ } \
+ static ossl_unused ossl_inline void lh_##type##_node_stats_bio(const LHASH_OF(type) *lh, BIO *out) \
+ { \
+ OPENSSL_LH_node_stats_bio((const OPENSSL_LHASH *)lh, out); \
+ } \
+ static ossl_unused ossl_inline void lh_##type##_node_usage_stats_bio(const LHASH_OF(type) *lh, BIO *out) \
+ { \
+ OPENSSL_LH_node_usage_stats_bio((const OPENSSL_LHASH *)lh, out); \
+ } \
+ static ossl_unused ossl_inline void lh_##type##_stats_bio(const LHASH_OF(type) *lh, BIO *out) \
+ { \
+ OPENSSL_LH_stats_bio((const OPENSSL_LHASH *)lh, out); \
+ } \
+ static ossl_unused ossl_inline unsigned long lh_##type##_get_down_load(LHASH_OF(type) *lh) \
+ { \
+ return OPENSSL_LH_get_down_load((OPENSSL_LHASH *)lh); \
+ } \
+ static ossl_unused ossl_inline void lh_##type##_set_down_load(LHASH_OF(type) *lh, unsigned long dl) \
+ { \
+ OPENSSL_LH_set_down_load((OPENSSL_LHASH *)lh, dl); \
+ } \
+ static ossl_unused ossl_inline void lh_##type##_doall(LHASH_OF(type) *lh, \
+ void (*doall)(type *)) \
+ { \
+ OPENSSL_LH_doall((OPENSSL_LHASH *)lh, (OPENSSL_LH_DOALL_FUNC)doall); \
+ } \
+ LHASH_OF(type)
+
+#define IMPLEMENT_LHASH_DOALL_ARG_CONST(type, argtype) \
+ int_implement_lhash_doall(type, argtype, const type)
+
+#define IMPLEMENT_LHASH_DOALL_ARG(type, argtype) \
+ int_implement_lhash_doall(type, argtype, type)
+
+#define int_implement_lhash_doall(type, argtype, cbargtype) \
+ static ossl_unused ossl_inline void \
+ lh_##type##_doall_##argtype(LHASH_OF(type) *lh, \
+ void (*fn)(cbargtype *, argtype *), \
+ argtype *arg) \
+ { \
+ OPENSSL_LH_doall_arg((OPENSSL_LHASH *)lh, (OPENSSL_LH_DOALL_FUNCARG)fn, (void *)arg); \
+ } \
+ LHASH_OF(type)
+
+DEFINE_LHASH_OF(OPENSSL_STRING);
+# ifdef _MSC_VER
+/*
+ * push and pop this warning:
+ * warning C4090: 'function': different 'const' qualifiers
+ */
+# pragma warning (push)
+# pragma warning (disable: 4090)
+# endif
+
+DEFINE_LHASH_OF(OPENSSL_CSTRING);
+
+# ifdef _MSC_VER
+# pragma warning (pop)
+# endif
+
+/*
+ * If called without higher optimization (min. -xO3) the Oracle Developer
+ * Studio compiler generates code for the defined (static inline) functions
+ * above.
+ * This would later lead to the linker complaining about missing symbols when
+ * this header file is included but the resulting object is not linked against
+ * the Crypto library (openssl#6912).
+ */
+# ifdef __SUNPRO_C
+# pragma weak OPENSSL_LH_new
+# pragma weak OPENSSL_LH_flush
+# pragma weak OPENSSL_LH_free
+# pragma weak OPENSSL_LH_insert
+# pragma weak OPENSSL_LH_delete
+# pragma weak OPENSSL_LH_retrieve
+# pragma weak OPENSSL_LH_error
+# pragma weak OPENSSL_LH_num_items
+# pragma weak OPENSSL_LH_node_stats_bio
+# pragma weak OPENSSL_LH_node_usage_stats_bio
+# pragma weak OPENSSL_LH_stats_bio
+# pragma weak OPENSSL_LH_get_down_load
+# pragma weak OPENSSL_LH_set_down_load
+# pragma weak OPENSSL_LH_doall
+# pragma weak OPENSSL_LH_doall_arg
+# endif /* __SUNPRO_C */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/openssl/include/openssl/mac.h b/openssl/include/openssl/mac.h new file mode 100644 index 00000000..ac658e15 --- /dev/null +++ b/openssl/include/openssl/mac.h @@ -0,0 +1,59 @@ +/*
+ * Copyright 2019-2020=-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/* MAC stuff */
+
+#ifndef OPENSSL_EVP_MAC_H
+# define OPENSSL_EVP_MAC_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+# include <openssl/types.h>
+# include <openssl/core.h>
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+EVP_MAC *EVP_MAC_fetch(OPENSSL_CTX *libctx, const char *algorithm,
+ const char *properties);
+int EVP_MAC_up_ref(EVP_MAC *mac);
+void EVP_MAC_free(EVP_MAC *mac);
+int EVP_MAC_number(const EVP_MAC *mac);
+int EVP_MAC_is_a(const EVP_MAC *mac, const char *name);
+const OSSL_PROVIDER *EVP_MAC_provider(const EVP_MAC *mac);
+int EVP_MAC_get_params(EVP_MAC *mac, OSSL_PARAM params[]);
+
+EVP_MAC_CTX *EVP_MAC_new_ctx(EVP_MAC *mac);
+void EVP_MAC_free_ctx(EVP_MAC_CTX *ctx);
+EVP_MAC_CTX *EVP_MAC_dup_ctx(const EVP_MAC_CTX *src);
+EVP_MAC *EVP_MAC_get_ctx_mac(EVP_MAC_CTX *ctx);
+int EVP_MAC_get_ctx_params(EVP_MAC_CTX *ctx, OSSL_PARAM params[]);
+int EVP_MAC_set_ctx_params(EVP_MAC_CTX *ctx, const OSSL_PARAM params[]);
+
+size_t EVP_MAC_size(EVP_MAC_CTX *ctx);
+int EVP_MAC_init(EVP_MAC_CTX *ctx);
+int EVP_MAC_update(EVP_MAC_CTX *ctx, const unsigned char *data, size_t datalen);
+int EVP_MAC_final(EVP_MAC_CTX *ctx,
+ unsigned char *out, size_t *outl, size_t outsize);
+const OSSL_PARAM *EVP_MAC_gettable_params(const EVP_MAC *mac);
+const OSSL_PARAM *EVP_MAC_gettable_ctx_params(const EVP_MAC *mac);
+const OSSL_PARAM *EVP_MAC_settable_ctx_params(const EVP_MAC *mac);
+
+void EVP_MAC_do_all_provided(OPENSSL_CTX *libctx,
+ void (*fn)(EVP_MAC *mac, void *arg),
+ void *arg);
+void EVP_MAC_names_do_all(const EVP_MAC *mac,
+ void (*fn)(const char *name, void *data),
+ void *data);
+
+# ifdef __cplusplus
+}
+# endif
+#endif /* OPENSSL_EVP_MAC_H */
diff --git a/openssl/include/openssl/macros.h b/openssl/include/openssl/macros.h new file mode 100644 index 00000000..8aeec22d --- /dev/null +++ b/openssl/include/openssl/macros.h @@ -0,0 +1,256 @@ +/*
+ * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <openssl/opensslconf.h>
+#include <openssl/opensslv.h>
+
+#ifndef OPENSSL_MACROS_H
+# define OPENSSL_MACROS_H
+
+/* Helper macros for CPP string composition */
+# define OPENSSL_MSTR_HELPER(x) #x
+# define OPENSSL_MSTR(x) OPENSSL_MSTR_HELPER(x)
+
+/*
+ * Sometimes OPENSSSL_NO_xxx ends up with an empty file and some compilers
+ * don't like that. This will hopefully silence them.
+ */
+# define NON_EMPTY_TRANSLATION_UNIT static void *dummy = &dummy;
+
+/*
+ * Generic deprecation macro
+ *
+ * If OPENSSL_SUPPRESS_DEPRECATED is defined, then DECLARE_DEPRECATED
+ * becomes a no-op
+ */
+# ifndef DECLARE_DEPRECATED
+# define DECLARE_DEPRECATED(f) f;
+# ifndef OPENSSL_SUPPRESS_DEPRECATED
+# ifdef __GNUC__
+# if __GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ > 0)
+# undef DECLARE_DEPRECATED
+# define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated));
+# endif
+# elif defined(__SUNPRO_C)
+# if (__SUNPRO_C >= 0x5130)
+# undef DECLARE_DEPRECATED
+# define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated));
+# endif
+# endif
+# endif
+# endif
+
+/*
+ * Applications should use -DOPENSSL_API_COMPAT=<version> to suppress the
+ * declarations of functions deprecated in or before <version>. If this is
+ * undefined, the value of the macro OPENSSL_CONFIGURED_API (defined in
+ * <openssl/opensslconf.h>) is the default.
+ *
+ * For any version number up until version 1.1.x, <version> is expected to be
+ * the calculated version number 0xMNNFFPPSL.
+ * For version numbers 3.0 and on, <version> is expected to be a computation
+ * of the major and minor numbers in decimal using this formula:
+ *
+ * MAJOR * 10000 + MINOR * 100
+ *
+ * So version 3.0 becomes 30000, version 3.2 becomes 30200, etc.
+ */
+
+/*
+ * We use the OPENSSL_API_COMPAT value to define API level macros. These
+ * macros are used to enable or disable features at that API version boundary.
+ */
+
+# ifdef OPENSSL_API_LEVEL
+# error "OPENSSL_API_LEVEL must not be defined by application"
+# endif
+
+/*
+ * We figure out what API level was intended by simple numeric comparison.
+ * The lowest old style number we recognise is 0x00908000L, so we take some
+ * safety margin and assume that anything below 0x00900000L is a new style
+ * number. This allows new versions up to and including v943.71.83.
+ */
+# ifdef OPENSSL_API_COMPAT
+# if OPENSSL_API_COMPAT < 0x900000L
+# define OPENSSL_API_LEVEL (OPENSSL_API_COMPAT)
+# else
+# define OPENSSL_API_LEVEL \
+ (((OPENSSL_API_COMPAT >> 28) & 0xF) * 10000 \
+ + ((OPENSSL_API_COMPAT >> 20) & 0xFF) * 100 \
+ + ((OPENSSL_API_COMPAT >> 12) & 0xFF))
+# endif
+# endif
+
+/*
+ * If OPENSSL_API_COMPAT wasn't given, we use default numbers to set
+ * the API compatibility level.
+ */
+# ifndef OPENSSL_API_LEVEL
+# if OPENSSL_CONFIGURED_API > 0
+# define OPENSSL_API_LEVEL (OPENSSL_CONFIGURED_API)
+# else
+# define OPENSSL_API_LEVEL \
+ (OPENSSL_VERSION_MAJOR * 10000 + OPENSSL_VERSION_MINOR * 100)
+# endif
+# endif
+
+# if OPENSSL_API_LEVEL > OPENSSL_CONFIGURED_API
+# error "The requested API level higher than the configured API compatibility level"
+# endif
+
+/*
+ * Check of sane values.
+ */
+/* Can't go higher than the current version. */
+# if OPENSSL_API_LEVEL > (OPENSSL_VERSION_MAJOR * 10000 + OPENSSL_VERSION_MINOR * 100)
+# error "OPENSSL_API_COMPAT expresses an impossible API compatibility level"
+# endif
+/* OpenSSL will have no version 2.y.z */
+# if OPENSSL_API_LEVEL < 30000 && OPENSSL_API_LEVEL >= 20000
+# error "OPENSSL_API_COMPAT expresses an impossible API compatibility level"
+# endif
+/* Below 0.9.8 is unacceptably low */
+# if OPENSSL_API_LEVEL < 908
+# error "OPENSSL_API_COMPAT expresses an impossible API compatibility level"
+# endif
+
+/*
+ * Define macros for deprecation purposes. We always define the macros
+ * DEPERECATEDIN_{major}_{minor}() for all OpenSSL versions we care for,
+ * and OPENSSL_NO_DEPRECATED_{major}_{minor} to be used to check if
+ * removal of deprecated functions applies on that particular version.
+ */
+
+# undef OPENSSL_NO_DEPRECATED_3_0
+# undef OPENSSL_NO_DEPRECATED_1_1_1
+# undef OPENSSL_NO_DEPRECATED_1_1_0
+# undef OPENSSL_NO_DEPRECATED_1_0_2
+# undef OPENSSL_NO_DEPRECATED_1_0_1
+# undef OPENSSL_NO_DEPRECATED_1_0_0
+# undef OPENSSL_NO_DEPRECATED_0_9_8
+
+# if OPENSSL_API_LEVEL >= 30000
+# ifndef OPENSSL_NO_DEPRECATED
+# define DEPRECATEDIN_3_0(f) DECLARE_DEPRECATED(f)
+# else
+# define DEPRECATEDIN_3_0(f)
+# define OPENSSL_NO_DEPRECATED_3_0
+# endif
+# else
+# define DEPRECATEDIN_3_0(f) f;
+# endif
+# if OPENSSL_API_LEVEL >= 10101
+# ifndef OPENSSL_NO_DEPRECATED
+# define DEPRECATEDIN_1_1_1(f) DECLARE_DEPRECATED(f)
+# else
+# define DEPRECATEDIN_1_1_1(f)
+# define OPENSSL_NO_DEPRECATED_1_1_1
+# endif
+# else
+# define DEPRECATEDIN_1_1_1(f) f;
+# endif
+# if OPENSSL_API_LEVEL >= 10100
+# ifndef OPENSSL_NO_DEPRECATED
+# define DEPRECATEDIN_1_1_0(f) DECLARE_DEPRECATED(f)
+# else
+# define DEPRECATEDIN_1_1_0(f)
+# define OPENSSL_NO_DEPRECATED_1_1_0
+# endif
+# else
+# define DEPRECATEDIN_1_1_0(f) f;
+# endif
+# if OPENSSL_API_LEVEL >= 10002
+# ifndef OPENSSL_NO_DEPRECATED
+# define DEPRECATEDIN_1_0_2(f) DECLARE_DEPRECATED(f)
+# else
+# define DEPRECATEDIN_1_0_2(f)
+# define OPENSSL_NO_DEPRECATED_1_0_2
+# endif
+# else
+# define DEPRECATEDIN_1_0_2(f) f;
+# endif
+# if OPENSSL_API_LEVEL >= 10001
+# ifndef OPENSSL_NO_DEPRECATED
+# define DEPRECATEDIN_1_0_1(f) DECLARE_DEPRECATED(f)
+# else
+# define DEPRECATEDIN_1_0_1(f)
+# define OPENSSL_NO_DEPRECATED_1_0_1
+# endif
+# else
+# define DEPRECATEDIN_1_0_1(f) f;
+# endif
+# if OPENSSL_API_LEVEL >= 10000
+# ifndef OPENSSL_NO_DEPRECATED
+# define DEPRECATEDIN_1_0_0(f) DECLARE_DEPRECATED(f)
+# else
+# define DEPRECATEDIN_1_0_0(f)
+# define OPENSSL_NO_DEPRECATED_1_0_0
+# endif
+# else
+# define DEPRECATEDIN_1_0_0(f) f;
+# endif
+# if OPENSSL_API_LEVEL >= 908
+# ifndef OPENSSL_NO_DEPRECATED
+# define DEPRECATEDIN_0_9_8(f) DECLARE_DEPRECATED(f)
+# else
+# define DEPRECATEDIN_0_9_8(f)
+# define OPENSSL_NO_DEPRECATED_0_9_8
+# endif
+# else
+# define DEPRECATEDIN_0_9_8(f) f;
+# endif
+
+/*
+ * Make our own variants of __FILE__ and __LINE__, depending on configuration
+ */
+
+# ifndef OPENSSL_FILE
+# ifdef OPENSSL_NO_FILENAMES
+# define OPENSSL_FILE ""
+# define OPENSSL_LINE 0
+# else
+# define OPENSSL_FILE __FILE__
+# define OPENSSL_LINE __LINE__
+# endif
+# endif
+
+/*
+ * __func__ was standardized in C99, so for any compiler that claims
+ * to implement that language level or newer, we assume we can safely
+ * use that symbol.
+ *
+ * GNU C also provides __FUNCTION__ since version 2, which predates
+ * C99. We can, however, only use this if __STDC_VERSION__ exists,
+ * as it's otherwise not allowed according to ISO C standards (C90).
+ * (compiling with GNU C's -pedantic tells us so)
+ *
+ * If none of the above applies, we check if the compiler is MSVC,
+ * and use __FUNCTION__ if that's the case.
+ */
+# ifndef OPENSSL_FUNC
+# if defined(__STDC_VERSION__)
+# if __STDC_VERSION__ >= 199901L
+# define OPENSSL_FUNC __func__
+# elif defined(__GNUC__) && __GNUC__ >= 2
+# define OPENSSL_FUNC __FUNCTION__
+# endif
+# elif defined(_MSC_VER)
+# define OPENSSL_FUNC __FUNCTION__
+# endif
+/*
+ * If all these possibilities are exhausted, we give up and use a
+ * static string.
+ */
+# ifndef OPENSSL_FUNC
+# define OPENSSL_FUNC "(unknown function)"
+# endif
+# endif
+
+#endif /* OPENSSL_MACROS_H */
diff --git a/openssl/include/openssl/md2.h b/openssl/include/openssl/md2.h new file mode 100644 index 00000000..9beeb6a4 --- /dev/null +++ b/openssl/include/openssl/md2.h @@ -0,0 +1,55 @@ +/*
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_MD2_H
+# define OPENSSL_MD2_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_MD2_H
+# endif
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_MD2
+# include <stddef.h>
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+# define MD2_DIGEST_LENGTH 16
+
+# if !defined(OPENSSL_NO_DEPRECATED_3_0)
+
+typedef unsigned char MD2_INT;
+
+# define MD2_BLOCK 16
+
+typedef struct MD2state_st {
+ unsigned int num;
+ unsigned char data[MD2_BLOCK];
+ MD2_INT cksm[MD2_BLOCK];
+ MD2_INT state[MD2_BLOCK];
+} MD2_CTX;
+# endif
+
+DEPRECATEDIN_3_0(const char *MD2_options(void))
+DEPRECATEDIN_3_0(int MD2_Init(MD2_CTX *c))
+DEPRECATEDIN_3_0(int MD2_Update(MD2_CTX *c, const unsigned char *data,
+ size_t len))
+DEPRECATEDIN_3_0(int MD2_Final(unsigned char *md, MD2_CTX *c))
+DEPRECATEDIN_3_0(unsigned char *MD2(const unsigned char *d, size_t n,
+ unsigned char *md))
+
+# ifdef __cplusplus
+}
+# endif
+# endif
+#endif
diff --git a/openssl/include/openssl/md4.h b/openssl/include/openssl/md4.h new file mode 100644 index 00000000..a06241df --- /dev/null +++ b/openssl/include/openssl/md4.h @@ -0,0 +1,62 @@ +/*
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_MD4_H
+# define OPENSSL_MD4_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_MD4_H
+# endif
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_MD4
+# include <openssl/e_os2.h>
+# include <stddef.h>
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+# define MD4_DIGEST_LENGTH 16
+
+# if !defined(OPENSSL_NO_DEPRECATED_3_0)
+
+/*-
+ * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+ * ! MD4_LONG has to be at least 32 bits wide. !
+ * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+ */
+# define MD4_LONG unsigned int
+
+# define MD4_CBLOCK 64
+# define MD4_LBLOCK (MD4_CBLOCK/4)
+
+typedef struct MD4state_st {
+ MD4_LONG A, B, C, D;
+ MD4_LONG Nl, Nh;
+ MD4_LONG data[MD4_LBLOCK];
+ unsigned int num;
+} MD4_CTX;
+# endif
+
+DEPRECATEDIN_3_0(int MD4_Init(MD4_CTX *c))
+DEPRECATEDIN_3_0(int MD4_Update(MD4_CTX *c, const void *data, size_t len))
+DEPRECATEDIN_3_0(int MD4_Final(unsigned char *md, MD4_CTX *c))
+DEPRECATEDIN_3_0(unsigned char *MD4(const unsigned char *d, size_t n,
+ unsigned char *md))
+DEPRECATEDIN_3_0(void MD4_Transform(MD4_CTX *c, const unsigned char *b))
+
+# ifdef __cplusplus
+}
+# endif
+# endif
+
+#endif
diff --git a/openssl/include/openssl/md5.h b/openssl/include/openssl/md5.h new file mode 100644 index 00000000..809a961f --- /dev/null +++ b/openssl/include/openssl/md5.h @@ -0,0 +1,56 @@ +/*
+ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_MD5_H
+# define OPENSSL_MD5_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_MD5_H
+# endif
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_MD5
+# include <openssl/e_os2.h>
+# include <stddef.h>
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+/*
+ * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+ * ! MD5_LONG has to be at least 32 bits wide. !
+ * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+ */
+# define MD5_LONG unsigned int
+
+# define MD5_CBLOCK 64
+# define MD5_LBLOCK (MD5_CBLOCK/4)
+# define MD5_DIGEST_LENGTH 16
+
+typedef struct MD5state_st {
+ MD5_LONG A, B, C, D;
+ MD5_LONG Nl, Nh;
+ MD5_LONG data[MD5_LBLOCK];
+ unsigned int num;
+} MD5_CTX;
+
+int MD5_Init(MD5_CTX *c);
+int MD5_Update(MD5_CTX *c, const void *data, size_t len);
+int MD5_Final(unsigned char *md, MD5_CTX *c);
+unsigned char *MD5(const unsigned char *d, size_t n, unsigned char *md);
+void MD5_Transform(MD5_CTX *c, const unsigned char *b);
+# ifdef __cplusplus
+}
+# endif
+# endif
+
+#endif
diff --git a/openssl/include/openssl/mdc2.h b/openssl/include/openssl/mdc2.h new file mode 100644 index 00000000..8db49f0d --- /dev/null +++ b/openssl/include/openssl/mdc2.h @@ -0,0 +1,54 @@ +/*
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_MDC2_H
+# define OPENSSL_MDC2_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_MDC2_H
+# endif
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_MDC2
+# include <stdlib.h>
+# include <openssl/des.h>
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+# define MDC2_DIGEST_LENGTH 16
+
+# if !defined(OPENSSL_NO_DEPRECATED_3_0)
+
+# define MDC2_BLOCK 8
+
+typedef struct mdc2_ctx_st {
+ unsigned int num;
+ unsigned char data[MDC2_BLOCK];
+ DES_cblock h, hh;
+ unsigned int pad_type; /* either 1 or 2, default 1 */
+} MDC2_CTX;
+# endif
+
+DEPRECATEDIN_3_0(int MDC2_Init(MDC2_CTX *c))
+DEPRECATEDIN_3_0(int MDC2_Update(MDC2_CTX *c, const unsigned char *data,
+ size_t len))
+DEPRECATEDIN_3_0(int MDC2_Final(unsigned char *md, MDC2_CTX *c))
+DEPRECATEDIN_3_0(unsigned char *MDC2(const unsigned char *d, size_t n,
+ unsigned char *md))
+
+# ifdef __cplusplus
+}
+# endif
+# endif
+
+#endif
diff --git a/openssl/include/openssl/modes.h b/openssl/include/openssl/modes.h new file mode 100644 index 00000000..4fffcf3f --- /dev/null +++ b/openssl/include/openssl/modes.h @@ -0,0 +1,219 @@ +/*
+ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_MODES_H
+# define OPENSSL_MODES_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_MODES_H
+# endif
+
+# include <stddef.h>
+# include <openssl/types.h>
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+typedef void (*block128_f) (const unsigned char in[16],
+ unsigned char out[16], const void *key);
+
+typedef void (*cbc128_f) (const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16], int enc);
+
+typedef void (*ecb128_f) (const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ int enc);
+
+typedef void (*ctr128_f) (const unsigned char *in, unsigned char *out,
+ size_t blocks, const void *key,
+ const unsigned char ivec[16]);
+
+typedef void (*ccm128_f) (const unsigned char *in, unsigned char *out,
+ size_t blocks, const void *key,
+ const unsigned char ivec[16],
+ unsigned char cmac[16]);
+
+void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16], block128_f block);
+void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16], block128_f block);
+
+void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16],
+ unsigned char ecount_buf[16], unsigned int *num,
+ block128_f block);
+
+void CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16],
+ unsigned char ecount_buf[16],
+ unsigned int *num, ctr128_f ctr);
+
+void CRYPTO_ofb128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16], int *num,
+ block128_f block);
+
+void CRYPTO_cfb128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16], int *num,
+ int enc, block128_f block);
+void CRYPTO_cfb128_8_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const void *key,
+ unsigned char ivec[16], int *num,
+ int enc, block128_f block);
+void CRYPTO_cfb128_1_encrypt(const unsigned char *in, unsigned char *out,
+ size_t bits, const void *key,
+ unsigned char ivec[16], int *num,
+ int enc, block128_f block);
+
+size_t CRYPTO_cts128_encrypt_block(const unsigned char *in,
+ unsigned char *out, size_t len,
+ const void *key, unsigned char ivec[16],
+ block128_f block);
+size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16], cbc128_f cbc);
+size_t CRYPTO_cts128_decrypt_block(const unsigned char *in,
+ unsigned char *out, size_t len,
+ const void *key, unsigned char ivec[16],
+ block128_f block);
+size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16], cbc128_f cbc);
+
+size_t CRYPTO_nistcts128_encrypt_block(const unsigned char *in,
+ unsigned char *out, size_t len,
+ const void *key,
+ unsigned char ivec[16],
+ block128_f block);
+size_t CRYPTO_nistcts128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16], cbc128_f cbc);
+size_t CRYPTO_nistcts128_decrypt_block(const unsigned char *in,
+ unsigned char *out, size_t len,
+ const void *key,
+ unsigned char ivec[16],
+ block128_f block);
+size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const void *key,
+ unsigned char ivec[16], cbc128_f cbc);
+
+typedef struct gcm128_context GCM128_CONTEXT;
+
+GCM128_CONTEXT *CRYPTO_gcm128_new(void *key, block128_f block);
+void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx, void *key, block128_f block);
+void CRYPTO_gcm128_setiv(GCM128_CONTEXT *ctx, const unsigned char *iv,
+ size_t len);
+int CRYPTO_gcm128_aad(GCM128_CONTEXT *ctx, const unsigned char *aad,
+ size_t len);
+int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx,
+ const unsigned char *in, unsigned char *out,
+ size_t len);
+int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx,
+ const unsigned char *in, unsigned char *out,
+ size_t len);
+int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx,
+ const unsigned char *in, unsigned char *out,
+ size_t len, ctr128_f stream);
+int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx,
+ const unsigned char *in, unsigned char *out,
+ size_t len, ctr128_f stream);
+int CRYPTO_gcm128_finish(GCM128_CONTEXT *ctx, const unsigned char *tag,
+ size_t len);
+void CRYPTO_gcm128_tag(GCM128_CONTEXT *ctx, unsigned char *tag, size_t len);
+void CRYPTO_gcm128_release(GCM128_CONTEXT *ctx);
+
+typedef struct ccm128_context CCM128_CONTEXT;
+
+void CRYPTO_ccm128_init(CCM128_CONTEXT *ctx,
+ unsigned int M, unsigned int L, void *key,
+ block128_f block);
+int CRYPTO_ccm128_setiv(CCM128_CONTEXT *ctx, const unsigned char *nonce,
+ size_t nlen, size_t mlen);
+void CRYPTO_ccm128_aad(CCM128_CONTEXT *ctx, const unsigned char *aad,
+ size_t alen);
+int CRYPTO_ccm128_encrypt(CCM128_CONTEXT *ctx, const unsigned char *inp,
+ unsigned char *out, size_t len);
+int CRYPTO_ccm128_decrypt(CCM128_CONTEXT *ctx, const unsigned char *inp,
+ unsigned char *out, size_t len);
+int CRYPTO_ccm128_encrypt_ccm64(CCM128_CONTEXT *ctx, const unsigned char *inp,
+ unsigned char *out, size_t len,
+ ccm128_f stream);
+int CRYPTO_ccm128_decrypt_ccm64(CCM128_CONTEXT *ctx, const unsigned char *inp,
+ unsigned char *out, size_t len,
+ ccm128_f stream);
+size_t CRYPTO_ccm128_tag(CCM128_CONTEXT *ctx, unsigned char *tag, size_t len);
+
+typedef struct xts128_context XTS128_CONTEXT;
+
+int CRYPTO_xts128_encrypt(const XTS128_CONTEXT *ctx,
+ const unsigned char iv[16],
+ const unsigned char *inp, unsigned char *out,
+ size_t len, int enc);
+
+size_t CRYPTO_128_wrap(void *key, const unsigned char *iv,
+ unsigned char *out,
+ const unsigned char *in, size_t inlen,
+ block128_f block);
+
+size_t CRYPTO_128_unwrap(void *key, const unsigned char *iv,
+ unsigned char *out,
+ const unsigned char *in, size_t inlen,
+ block128_f block);
+size_t CRYPTO_128_wrap_pad(void *key, const unsigned char *icv,
+ unsigned char *out, const unsigned char *in,
+ size_t inlen, block128_f block);
+size_t CRYPTO_128_unwrap_pad(void *key, const unsigned char *icv,
+ unsigned char *out, const unsigned char *in,
+ size_t inlen, block128_f block);
+
+# ifndef OPENSSL_NO_OCB
+typedef struct ocb128_context OCB128_CONTEXT;
+
+typedef void (*ocb128_f) (const unsigned char *in, unsigned char *out,
+ size_t blocks, const void *key,
+ size_t start_block_num,
+ unsigned char offset_i[16],
+ const unsigned char L_[][16],
+ unsigned char checksum[16]);
+
+OCB128_CONTEXT *CRYPTO_ocb128_new(void *keyenc, void *keydec,
+ block128_f encrypt, block128_f decrypt,
+ ocb128_f stream);
+int CRYPTO_ocb128_init(OCB128_CONTEXT *ctx, void *keyenc, void *keydec,
+ block128_f encrypt, block128_f decrypt,
+ ocb128_f stream);
+int CRYPTO_ocb128_copy_ctx(OCB128_CONTEXT *dest, OCB128_CONTEXT *src,
+ void *keyenc, void *keydec);
+int CRYPTO_ocb128_setiv(OCB128_CONTEXT *ctx, const unsigned char *iv,
+ size_t len, size_t taglen);
+int CRYPTO_ocb128_aad(OCB128_CONTEXT *ctx, const unsigned char *aad,
+ size_t len);
+int CRYPTO_ocb128_encrypt(OCB128_CONTEXT *ctx, const unsigned char *in,
+ unsigned char *out, size_t len);
+int CRYPTO_ocb128_decrypt(OCB128_CONTEXT *ctx, const unsigned char *in,
+ unsigned char *out, size_t len);
+int CRYPTO_ocb128_finish(OCB128_CONTEXT *ctx, const unsigned char *tag,
+ size_t len);
+int CRYPTO_ocb128_tag(OCB128_CONTEXT *ctx, unsigned char *tag, size_t len);
+void CRYPTO_ocb128_cleanup(OCB128_CONTEXT *ctx);
+# endif /* OPENSSL_NO_OCB */
+
+# ifdef __cplusplus
+}
+# endif
+
+#endif
diff --git a/openssl/include/openssl/obj_mac.h b/openssl/include/openssl/obj_mac.h new file mode 100644 index 00000000..302d97e2 --- /dev/null +++ b/openssl/include/openssl/obj_mac.h @@ -0,0 +1,5344 @@ +/*
+ * WARNING: do not edit!
+ * Generated by crypto/objects/objects.pl
+ *
+ * Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#define SN_undef "UNDEF"
+#define LN_undef "undefined"
+#define NID_undef 0
+#define OBJ_undef 0L
+
+#define SN_itu_t "ITU-T"
+#define LN_itu_t "itu-t"
+#define NID_itu_t 645
+#define OBJ_itu_t 0L
+
+#define NID_ccitt 404
+#define OBJ_ccitt OBJ_itu_t
+
+#define SN_iso "ISO"
+#define LN_iso "iso"
+#define NID_iso 181
+#define OBJ_iso 1L
+
+#define SN_joint_iso_itu_t "JOINT-ISO-ITU-T"
+#define LN_joint_iso_itu_t "joint-iso-itu-t"
+#define NID_joint_iso_itu_t 646
+#define OBJ_joint_iso_itu_t 2L
+
+#define NID_joint_iso_ccitt 393
+#define OBJ_joint_iso_ccitt OBJ_joint_iso_itu_t
+
+#define SN_member_body "member-body"
+#define LN_member_body "ISO Member Body"
+#define NID_member_body 182
+#define OBJ_member_body OBJ_iso,2L
+
+#define SN_identified_organization "identified-organization"
+#define NID_identified_organization 676
+#define OBJ_identified_organization OBJ_iso,3L
+
+#define SN_gmac "GMAC"
+#define LN_gmac "gmac"
+#define NID_gmac 1195
+#define OBJ_gmac OBJ_iso,0L,9797L,3L,4L
+
+#define SN_hmac_md5 "HMAC-MD5"
+#define LN_hmac_md5 "hmac-md5"
+#define NID_hmac_md5 780
+#define OBJ_hmac_md5 OBJ_identified_organization,6L,1L,5L,5L,8L,1L,1L
+
+#define SN_hmac_sha1 "HMAC-SHA1"
+#define LN_hmac_sha1 "hmac-sha1"
+#define NID_hmac_sha1 781
+#define OBJ_hmac_sha1 OBJ_identified_organization,6L,1L,5L,5L,8L,1L,2L
+
+#define SN_x509ExtAdmission "x509ExtAdmission"
+#define LN_x509ExtAdmission "Professional Information or basis for Admission"
+#define NID_x509ExtAdmission 1093
+#define OBJ_x509ExtAdmission OBJ_identified_organization,36L,8L,3L,3L
+
+#define SN_certicom_arc "certicom-arc"
+#define NID_certicom_arc 677
+#define OBJ_certicom_arc OBJ_identified_organization,132L
+
+#define SN_ieee "ieee"
+#define NID_ieee 1170
+#define OBJ_ieee OBJ_identified_organization,111L
+
+#define SN_ieee_siswg "ieee-siswg"
+#define LN_ieee_siswg "IEEE Security in Storage Working Group"
+#define NID_ieee_siswg 1171
+#define OBJ_ieee_siswg OBJ_ieee,2L,1619L
+
+#define SN_international_organizations "international-organizations"
+#define LN_international_organizations "International Organizations"
+#define NID_international_organizations 647
+#define OBJ_international_organizations OBJ_joint_iso_itu_t,23L
+
+#define SN_wap "wap"
+#define NID_wap 678
+#define OBJ_wap OBJ_international_organizations,43L
+
+#define SN_wap_wsg "wap-wsg"
+#define NID_wap_wsg 679
+#define OBJ_wap_wsg OBJ_wap,1L
+
+#define SN_selected_attribute_types "selected-attribute-types"
+#define LN_selected_attribute_types "Selected Attribute Types"
+#define NID_selected_attribute_types 394
+#define OBJ_selected_attribute_types OBJ_joint_iso_itu_t,5L,1L,5L
+
+#define SN_clearance "clearance"
+#define NID_clearance 395
+#define OBJ_clearance OBJ_selected_attribute_types,55L
+
+#define SN_ISO_US "ISO-US"
+#define LN_ISO_US "ISO US Member Body"
+#define NID_ISO_US 183
+#define OBJ_ISO_US OBJ_member_body,840L
+
+#define SN_X9_57 "X9-57"
+#define LN_X9_57 "X9.57"
+#define NID_X9_57 184
+#define OBJ_X9_57 OBJ_ISO_US,10040L
+
+#define SN_X9cm "X9cm"
+#define LN_X9cm "X9.57 CM ?"
+#define NID_X9cm 185
+#define OBJ_X9cm OBJ_X9_57,4L
+
+#define SN_ISO_CN "ISO-CN"
+#define LN_ISO_CN "ISO CN Member Body"
+#define NID_ISO_CN 1140
+#define OBJ_ISO_CN OBJ_member_body,156L
+
+#define SN_oscca "oscca"
+#define NID_oscca 1141
+#define OBJ_oscca OBJ_ISO_CN,10197L
+
+#define SN_sm_scheme "sm-scheme"
+#define NID_sm_scheme 1142
+#define OBJ_sm_scheme OBJ_oscca,1L
+
+#define SN_dsa "DSA"
+#define LN_dsa "dsaEncryption"
+#define NID_dsa 116
+#define OBJ_dsa OBJ_X9cm,1L
+
+#define SN_dsaWithSHA1 "DSA-SHA1"
+#define LN_dsaWithSHA1 "dsaWithSHA1"
+#define NID_dsaWithSHA1 113
+#define OBJ_dsaWithSHA1 OBJ_X9cm,3L
+
+#define SN_ansi_X9_62 "ansi-X9-62"
+#define LN_ansi_X9_62 "ANSI X9.62"
+#define NID_ansi_X9_62 405
+#define OBJ_ansi_X9_62 OBJ_ISO_US,10045L
+
+#define OBJ_X9_62_id_fieldType OBJ_ansi_X9_62,1L
+
+#define SN_X9_62_prime_field "prime-field"
+#define NID_X9_62_prime_field 406
+#define OBJ_X9_62_prime_field OBJ_X9_62_id_fieldType,1L
+
+#define SN_X9_62_characteristic_two_field "characteristic-two-field"
+#define NID_X9_62_characteristic_two_field 407
+#define OBJ_X9_62_characteristic_two_field OBJ_X9_62_id_fieldType,2L
+
+#define SN_X9_62_id_characteristic_two_basis "id-characteristic-two-basis"
+#define NID_X9_62_id_characteristic_two_basis 680
+#define OBJ_X9_62_id_characteristic_two_basis OBJ_X9_62_characteristic_two_field,3L
+
+#define SN_X9_62_onBasis "onBasis"
+#define NID_X9_62_onBasis 681
+#define OBJ_X9_62_onBasis OBJ_X9_62_id_characteristic_two_basis,1L
+
+#define SN_X9_62_tpBasis "tpBasis"
+#define NID_X9_62_tpBasis 682
+#define OBJ_X9_62_tpBasis OBJ_X9_62_id_characteristic_two_basis,2L
+
+#define SN_X9_62_ppBasis "ppBasis"
+#define NID_X9_62_ppBasis 683
+#define OBJ_X9_62_ppBasis OBJ_X9_62_id_characteristic_two_basis,3L
+
+#define OBJ_X9_62_id_publicKeyType OBJ_ansi_X9_62,2L
+
+#define SN_X9_62_id_ecPublicKey "id-ecPublicKey"
+#define NID_X9_62_id_ecPublicKey 408
+#define OBJ_X9_62_id_ecPublicKey OBJ_X9_62_id_publicKeyType,1L
+
+#define OBJ_X9_62_ellipticCurve OBJ_ansi_X9_62,3L
+
+#define OBJ_X9_62_c_TwoCurve OBJ_X9_62_ellipticCurve,0L
+
+#define SN_X9_62_c2pnb163v1 "c2pnb163v1"
+#define NID_X9_62_c2pnb163v1 684
+#define OBJ_X9_62_c2pnb163v1 OBJ_X9_62_c_TwoCurve,1L
+
+#define SN_X9_62_c2pnb163v2 "c2pnb163v2"
+#define NID_X9_62_c2pnb163v2 685
+#define OBJ_X9_62_c2pnb163v2 OBJ_X9_62_c_TwoCurve,2L
+
+#define SN_X9_62_c2pnb163v3 "c2pnb163v3"
+#define NID_X9_62_c2pnb163v3 686
+#define OBJ_X9_62_c2pnb163v3 OBJ_X9_62_c_TwoCurve,3L
+
+#define SN_X9_62_c2pnb176v1 "c2pnb176v1"
+#define NID_X9_62_c2pnb176v1 687
+#define OBJ_X9_62_c2pnb176v1 OBJ_X9_62_c_TwoCurve,4L
+
+#define SN_X9_62_c2tnb191v1 "c2tnb191v1"
+#define NID_X9_62_c2tnb191v1 688
+#define OBJ_X9_62_c2tnb191v1 OBJ_X9_62_c_TwoCurve,5L
+
+#define SN_X9_62_c2tnb191v2 "c2tnb191v2"
+#define NID_X9_62_c2tnb191v2 689
+#define OBJ_X9_62_c2tnb191v2 OBJ_X9_62_c_TwoCurve,6L
+
+#define SN_X9_62_c2tnb191v3 "c2tnb191v3"
+#define NID_X9_62_c2tnb191v3 690
+#define OBJ_X9_62_c2tnb191v3 OBJ_X9_62_c_TwoCurve,7L
+
+#define SN_X9_62_c2onb191v4 "c2onb191v4"
+#define NID_X9_62_c2onb191v4 691
+#define OBJ_X9_62_c2onb191v4 OBJ_X9_62_c_TwoCurve,8L
+
+#define SN_X9_62_c2onb191v5 "c2onb191v5"
+#define NID_X9_62_c2onb191v5 692
+#define OBJ_X9_62_c2onb191v5 OBJ_X9_62_c_TwoCurve,9L
+
+#define SN_X9_62_c2pnb208w1 "c2pnb208w1"
+#define NID_X9_62_c2pnb208w1 693
+#define OBJ_X9_62_c2pnb208w1 OBJ_X9_62_c_TwoCurve,10L
+
+#define SN_X9_62_c2tnb239v1 "c2tnb239v1"
+#define NID_X9_62_c2tnb239v1 694
+#define OBJ_X9_62_c2tnb239v1 OBJ_X9_62_c_TwoCurve,11L
+
+#define SN_X9_62_c2tnb239v2 "c2tnb239v2"
+#define NID_X9_62_c2tnb239v2 695
+#define OBJ_X9_62_c2tnb239v2 OBJ_X9_62_c_TwoCurve,12L
+
+#define SN_X9_62_c2tnb239v3 "c2tnb239v3"
+#define NID_X9_62_c2tnb239v3 696
+#define OBJ_X9_62_c2tnb239v3 OBJ_X9_62_c_TwoCurve,13L
+
+#define SN_X9_62_c2onb239v4 "c2onb239v4"
+#define NID_X9_62_c2onb239v4 697
+#define OBJ_X9_62_c2onb239v4 OBJ_X9_62_c_TwoCurve,14L
+
+#define SN_X9_62_c2onb239v5 "c2onb239v5"
+#define NID_X9_62_c2onb239v5 698
+#define OBJ_X9_62_c2onb239v5 OBJ_X9_62_c_TwoCurve,15L
+
+#define SN_X9_62_c2pnb272w1 "c2pnb272w1"
+#define NID_X9_62_c2pnb272w1 699
+#define OBJ_X9_62_c2pnb272w1 OBJ_X9_62_c_TwoCurve,16L
+
+#define SN_X9_62_c2pnb304w1 "c2pnb304w1"
+#define NID_X9_62_c2pnb304w1 700
+#define OBJ_X9_62_c2pnb304w1 OBJ_X9_62_c_TwoCurve,17L
+
+#define SN_X9_62_c2tnb359v1 "c2tnb359v1"
+#define NID_X9_62_c2tnb359v1 701
+#define OBJ_X9_62_c2tnb359v1 OBJ_X9_62_c_TwoCurve,18L
+
+#define SN_X9_62_c2pnb368w1 "c2pnb368w1"
+#define NID_X9_62_c2pnb368w1 702
+#define OBJ_X9_62_c2pnb368w1 OBJ_X9_62_c_TwoCurve,19L
+
+#define SN_X9_62_c2tnb431r1 "c2tnb431r1"
+#define NID_X9_62_c2tnb431r1 703
+#define OBJ_X9_62_c2tnb431r1 OBJ_X9_62_c_TwoCurve,20L
+
+#define OBJ_X9_62_primeCurve OBJ_X9_62_ellipticCurve,1L
+
+#define SN_X9_62_prime192v1 "prime192v1"
+#define NID_X9_62_prime192v1 409
+#define OBJ_X9_62_prime192v1 OBJ_X9_62_primeCurve,1L
+
+#define SN_X9_62_prime192v2 "prime192v2"
+#define NID_X9_62_prime192v2 410
+#define OBJ_X9_62_prime192v2 OBJ_X9_62_primeCurve,2L
+
+#define SN_X9_62_prime192v3 "prime192v3"
+#define NID_X9_62_prime192v3 411
+#define OBJ_X9_62_prime192v3 OBJ_X9_62_primeCurve,3L
+
+#define SN_X9_62_prime239v1 "prime239v1"
+#define NID_X9_62_prime239v1 412
+#define OBJ_X9_62_prime239v1 OBJ_X9_62_primeCurve,4L
+
+#define SN_X9_62_prime239v2 "prime239v2"
+#define NID_X9_62_prime239v2 413
+#define OBJ_X9_62_prime239v2 OBJ_X9_62_primeCurve,5L
+
+#define SN_X9_62_prime239v3 "prime239v3"
+#define NID_X9_62_prime239v3 414
+#define OBJ_X9_62_prime239v3 OBJ_X9_62_primeCurve,6L
+
+#define SN_X9_62_prime256v1 "prime256v1"
+#define NID_X9_62_prime256v1 415
+#define OBJ_X9_62_prime256v1 OBJ_X9_62_primeCurve,7L
+
+#define OBJ_X9_62_id_ecSigType OBJ_ansi_X9_62,4L
+
+#define SN_ecdsa_with_SHA1 "ecdsa-with-SHA1"
+#define NID_ecdsa_with_SHA1 416
+#define OBJ_ecdsa_with_SHA1 OBJ_X9_62_id_ecSigType,1L
+
+#define SN_ecdsa_with_Recommended "ecdsa-with-Recommended"
+#define NID_ecdsa_with_Recommended 791
+#define OBJ_ecdsa_with_Recommended OBJ_X9_62_id_ecSigType,2L
+
+#define SN_ecdsa_with_Specified "ecdsa-with-Specified"
+#define NID_ecdsa_with_Specified 792
+#define OBJ_ecdsa_with_Specified OBJ_X9_62_id_ecSigType,3L
+
+#define SN_ecdsa_with_SHA224 "ecdsa-with-SHA224"
+#define NID_ecdsa_with_SHA224 793
+#define OBJ_ecdsa_with_SHA224 OBJ_ecdsa_with_Specified,1L
+
+#define SN_ecdsa_with_SHA256 "ecdsa-with-SHA256"
+#define NID_ecdsa_with_SHA256 794
+#define OBJ_ecdsa_with_SHA256 OBJ_ecdsa_with_Specified,2L
+
+#define SN_ecdsa_with_SHA384 "ecdsa-with-SHA384"
+#define NID_ecdsa_with_SHA384 795
+#define OBJ_ecdsa_with_SHA384 OBJ_ecdsa_with_Specified,3L
+
+#define SN_ecdsa_with_SHA512 "ecdsa-with-SHA512"
+#define NID_ecdsa_with_SHA512 796
+#define OBJ_ecdsa_with_SHA512 OBJ_ecdsa_with_Specified,4L
+
+#define OBJ_secg_ellipticCurve OBJ_certicom_arc,0L
+
+#define SN_secp112r1 "secp112r1"
+#define NID_secp112r1 704
+#define OBJ_secp112r1 OBJ_secg_ellipticCurve,6L
+
+#define SN_secp112r2 "secp112r2"
+#define NID_secp112r2 705
+#define OBJ_secp112r2 OBJ_secg_ellipticCurve,7L
+
+#define SN_secp128r1 "secp128r1"
+#define NID_secp128r1 706
+#define OBJ_secp128r1 OBJ_secg_ellipticCurve,28L
+
+#define SN_secp128r2 "secp128r2"
+#define NID_secp128r2 707
+#define OBJ_secp128r2 OBJ_secg_ellipticCurve,29L
+
+#define SN_secp160k1 "secp160k1"
+#define NID_secp160k1 708
+#define OBJ_secp160k1 OBJ_secg_ellipticCurve,9L
+
+#define SN_secp160r1 "secp160r1"
+#define NID_secp160r1 709
+#define OBJ_secp160r1 OBJ_secg_ellipticCurve,8L
+
+#define SN_secp160r2 "secp160r2"
+#define NID_secp160r2 710
+#define OBJ_secp160r2 OBJ_secg_ellipticCurve,30L
+
+#define SN_secp192k1 "secp192k1"
+#define NID_secp192k1 711
+#define OBJ_secp192k1 OBJ_secg_ellipticCurve,31L
+
+#define SN_secp224k1 "secp224k1"
+#define NID_secp224k1 712
+#define OBJ_secp224k1 OBJ_secg_ellipticCurve,32L
+
+#define SN_secp224r1 "secp224r1"
+#define NID_secp224r1 713
+#define OBJ_secp224r1 OBJ_secg_ellipticCurve,33L
+
+#define SN_secp256k1 "secp256k1"
+#define NID_secp256k1 714
+#define OBJ_secp256k1 OBJ_secg_ellipticCurve,10L
+
+#define SN_secp384r1 "secp384r1"
+#define NID_secp384r1 715
+#define OBJ_secp384r1 OBJ_secg_ellipticCurve,34L
+
+#define SN_secp521r1 "secp521r1"
+#define NID_secp521r1 716
+#define OBJ_secp521r1 OBJ_secg_ellipticCurve,35L
+
+#define SN_sect113r1 "sect113r1"
+#define NID_sect113r1 717
+#define OBJ_sect113r1 OBJ_secg_ellipticCurve,4L
+
+#define SN_sect113r2 "sect113r2"
+#define NID_sect113r2 718
+#define OBJ_sect113r2 OBJ_secg_ellipticCurve,5L
+
+#define SN_sect131r1 "sect131r1"
+#define NID_sect131r1 719
+#define OBJ_sect131r1 OBJ_secg_ellipticCurve,22L
+
+#define SN_sect131r2 "sect131r2"
+#define NID_sect131r2 720
+#define OBJ_sect131r2 OBJ_secg_ellipticCurve,23L
+
+#define SN_sect163k1 "sect163k1"
+#define NID_sect163k1 721
+#define OBJ_sect163k1 OBJ_secg_ellipticCurve,1L
+
+#define SN_sect163r1 "sect163r1"
+#define NID_sect163r1 722
+#define OBJ_sect163r1 OBJ_secg_ellipticCurve,2L
+
+#define SN_sect163r2 "sect163r2"
+#define NID_sect163r2 723
+#define OBJ_sect163r2 OBJ_secg_ellipticCurve,15L
+
+#define SN_sect193r1 "sect193r1"
+#define NID_sect193r1 724
+#define OBJ_sect193r1 OBJ_secg_ellipticCurve,24L
+
+#define SN_sect193r2 "sect193r2"
+#define NID_sect193r2 725
+#define OBJ_sect193r2 OBJ_secg_ellipticCurve,25L
+
+#define SN_sect233k1 "sect233k1"
+#define NID_sect233k1 726
+#define OBJ_sect233k1 OBJ_secg_ellipticCurve,26L
+
+#define SN_sect233r1 "sect233r1"
+#define NID_sect233r1 727
+#define OBJ_sect233r1 OBJ_secg_ellipticCurve,27L
+
+#define SN_sect239k1 "sect239k1"
+#define NID_sect239k1 728
+#define OBJ_sect239k1 OBJ_secg_ellipticCurve,3L
+
+#define SN_sect283k1 "sect283k1"
+#define NID_sect283k1 729
+#define OBJ_sect283k1 OBJ_secg_ellipticCurve,16L
+
+#define SN_sect283r1 "sect283r1"
+#define NID_sect283r1 730
+#define OBJ_sect283r1 OBJ_secg_ellipticCurve,17L
+
+#define SN_sect409k1 "sect409k1"
+#define NID_sect409k1 731
+#define OBJ_sect409k1 OBJ_secg_ellipticCurve,36L
+
+#define SN_sect409r1 "sect409r1"
+#define NID_sect409r1 732
+#define OBJ_sect409r1 OBJ_secg_ellipticCurve,37L
+
+#define SN_sect571k1 "sect571k1"
+#define NID_sect571k1 733
+#define OBJ_sect571k1 OBJ_secg_ellipticCurve,38L
+
+#define SN_sect571r1 "sect571r1"
+#define NID_sect571r1 734
+#define OBJ_sect571r1 OBJ_secg_ellipticCurve,39L
+
+#define OBJ_wap_wsg_idm_ecid OBJ_wap_wsg,4L
+
+#define SN_wap_wsg_idm_ecid_wtls1 "wap-wsg-idm-ecid-wtls1"
+#define NID_wap_wsg_idm_ecid_wtls1 735
+#define OBJ_wap_wsg_idm_ecid_wtls1 OBJ_wap_wsg_idm_ecid,1L
+
+#define SN_wap_wsg_idm_ecid_wtls3 "wap-wsg-idm-ecid-wtls3"
+#define NID_wap_wsg_idm_ecid_wtls3 736
+#define OBJ_wap_wsg_idm_ecid_wtls3 OBJ_wap_wsg_idm_ecid,3L
+
+#define SN_wap_wsg_idm_ecid_wtls4 "wap-wsg-idm-ecid-wtls4"
+#define NID_wap_wsg_idm_ecid_wtls4 737
+#define OBJ_wap_wsg_idm_ecid_wtls4 OBJ_wap_wsg_idm_ecid,4L
+
+#define SN_wap_wsg_idm_ecid_wtls5 "wap-wsg-idm-ecid-wtls5"
+#define NID_wap_wsg_idm_ecid_wtls5 738
+#define OBJ_wap_wsg_idm_ecid_wtls5 OBJ_wap_wsg_idm_ecid,5L
+
+#define SN_wap_wsg_idm_ecid_wtls6 "wap-wsg-idm-ecid-wtls6"
+#define NID_wap_wsg_idm_ecid_wtls6 739
+#define OBJ_wap_wsg_idm_ecid_wtls6 OBJ_wap_wsg_idm_ecid,6L
+
+#define SN_wap_wsg_idm_ecid_wtls7 "wap-wsg-idm-ecid-wtls7"
+#define NID_wap_wsg_idm_ecid_wtls7 740
+#define OBJ_wap_wsg_idm_ecid_wtls7 OBJ_wap_wsg_idm_ecid,7L
+
+#define SN_wap_wsg_idm_ecid_wtls8 "wap-wsg-idm-ecid-wtls8"
+#define NID_wap_wsg_idm_ecid_wtls8 741
+#define OBJ_wap_wsg_idm_ecid_wtls8 OBJ_wap_wsg_idm_ecid,8L
+
+#define SN_wap_wsg_idm_ecid_wtls9 "wap-wsg-idm-ecid-wtls9"
+#define NID_wap_wsg_idm_ecid_wtls9 742
+#define OBJ_wap_wsg_idm_ecid_wtls9 OBJ_wap_wsg_idm_ecid,9L
+
+#define SN_wap_wsg_idm_ecid_wtls10 "wap-wsg-idm-ecid-wtls10"
+#define NID_wap_wsg_idm_ecid_wtls10 743
+#define OBJ_wap_wsg_idm_ecid_wtls10 OBJ_wap_wsg_idm_ecid,10L
+
+#define SN_wap_wsg_idm_ecid_wtls11 "wap-wsg-idm-ecid-wtls11"
+#define NID_wap_wsg_idm_ecid_wtls11 744
+#define OBJ_wap_wsg_idm_ecid_wtls11 OBJ_wap_wsg_idm_ecid,11L
+
+#define SN_wap_wsg_idm_ecid_wtls12 "wap-wsg-idm-ecid-wtls12"
+#define NID_wap_wsg_idm_ecid_wtls12 745
+#define OBJ_wap_wsg_idm_ecid_wtls12 OBJ_wap_wsg_idm_ecid,12L
+
+#define SN_cast5_cbc "CAST5-CBC"
+#define LN_cast5_cbc "cast5-cbc"
+#define NID_cast5_cbc 108
+#define OBJ_cast5_cbc OBJ_ISO_US,113533L,7L,66L,10L
+
+#define SN_cast5_ecb "CAST5-ECB"
+#define LN_cast5_ecb "cast5-ecb"
+#define NID_cast5_ecb 109
+
+#define SN_cast5_cfb64 "CAST5-CFB"
+#define LN_cast5_cfb64 "cast5-cfb"
+#define NID_cast5_cfb64 110
+
+#define SN_cast5_ofb64 "CAST5-OFB"
+#define LN_cast5_ofb64 "cast5-ofb"
+#define NID_cast5_ofb64 111
+
+#define LN_pbeWithMD5AndCast5_CBC "pbeWithMD5AndCast5CBC"
+#define NID_pbeWithMD5AndCast5_CBC 112
+#define OBJ_pbeWithMD5AndCast5_CBC OBJ_ISO_US,113533L,7L,66L,12L
+
+#define SN_id_PasswordBasedMAC "id-PasswordBasedMAC"
+#define LN_id_PasswordBasedMAC "password based MAC"
+#define NID_id_PasswordBasedMAC 782
+#define OBJ_id_PasswordBasedMAC OBJ_ISO_US,113533L,7L,66L,13L
+
+#define SN_id_DHBasedMac "id-DHBasedMac"
+#define LN_id_DHBasedMac "Diffie-Hellman based MAC"
+#define NID_id_DHBasedMac 783
+#define OBJ_id_DHBasedMac OBJ_ISO_US,113533L,7L,66L,30L
+
+#define SN_rsadsi "rsadsi"
+#define LN_rsadsi "RSA Data Security, Inc."
+#define NID_rsadsi 1
+#define OBJ_rsadsi OBJ_ISO_US,113549L
+
+#define SN_pkcs "pkcs"
+#define LN_pkcs "RSA Data Security, Inc. PKCS"
+#define NID_pkcs 2
+#define OBJ_pkcs OBJ_rsadsi,1L
+
+#define SN_pkcs1 "pkcs1"
+#define NID_pkcs1 186
+#define OBJ_pkcs1 OBJ_pkcs,1L
+
+#define LN_rsaEncryption "rsaEncryption"
+#define NID_rsaEncryption 6
+#define OBJ_rsaEncryption OBJ_pkcs1,1L
+
+#define SN_md2WithRSAEncryption "RSA-MD2"
+#define LN_md2WithRSAEncryption "md2WithRSAEncryption"
+#define NID_md2WithRSAEncryption 7
+#define OBJ_md2WithRSAEncryption OBJ_pkcs1,2L
+
+#define SN_md4WithRSAEncryption "RSA-MD4"
+#define LN_md4WithRSAEncryption "md4WithRSAEncryption"
+#define NID_md4WithRSAEncryption 396
+#define OBJ_md4WithRSAEncryption OBJ_pkcs1,3L
+
+#define SN_md5WithRSAEncryption "RSA-MD5"
+#define LN_md5WithRSAEncryption "md5WithRSAEncryption"
+#define NID_md5WithRSAEncryption 8
+#define OBJ_md5WithRSAEncryption OBJ_pkcs1,4L
+
+#define SN_sha1WithRSAEncryption "RSA-SHA1"
+#define LN_sha1WithRSAEncryption "sha1WithRSAEncryption"
+#define NID_sha1WithRSAEncryption 65
+#define OBJ_sha1WithRSAEncryption OBJ_pkcs1,5L
+
+#define SN_rsaesOaep "RSAES-OAEP"
+#define LN_rsaesOaep "rsaesOaep"
+#define NID_rsaesOaep 919
+#define OBJ_rsaesOaep OBJ_pkcs1,7L
+
+#define SN_mgf1 "MGF1"
+#define LN_mgf1 "mgf1"
+#define NID_mgf1 911
+#define OBJ_mgf1 OBJ_pkcs1,8L
+
+#define SN_pSpecified "PSPECIFIED"
+#define LN_pSpecified "pSpecified"
+#define NID_pSpecified 935
+#define OBJ_pSpecified OBJ_pkcs1,9L
+
+#define SN_rsassaPss "RSASSA-PSS"
+#define LN_rsassaPss "rsassaPss"
+#define NID_rsassaPss 912
+#define OBJ_rsassaPss OBJ_pkcs1,10L
+
+#define SN_sha256WithRSAEncryption "RSA-SHA256"
+#define LN_sha256WithRSAEncryption "sha256WithRSAEncryption"
+#define NID_sha256WithRSAEncryption 668
+#define OBJ_sha256WithRSAEncryption OBJ_pkcs1,11L
+
+#define SN_sha384WithRSAEncryption "RSA-SHA384"
+#define LN_sha384WithRSAEncryption "sha384WithRSAEncryption"
+#define NID_sha384WithRSAEncryption 669
+#define OBJ_sha384WithRSAEncryption OBJ_pkcs1,12L
+
+#define SN_sha512WithRSAEncryption "RSA-SHA512"
+#define LN_sha512WithRSAEncryption "sha512WithRSAEncryption"
+#define NID_sha512WithRSAEncryption 670
+#define OBJ_sha512WithRSAEncryption OBJ_pkcs1,13L
+
+#define SN_sha224WithRSAEncryption "RSA-SHA224"
+#define LN_sha224WithRSAEncryption "sha224WithRSAEncryption"
+#define NID_sha224WithRSAEncryption 671
+#define OBJ_sha224WithRSAEncryption OBJ_pkcs1,14L
+
+#define SN_sha512_224WithRSAEncryption "RSA-SHA512/224"
+#define LN_sha512_224WithRSAEncryption "sha512-224WithRSAEncryption"
+#define NID_sha512_224WithRSAEncryption 1145
+#define OBJ_sha512_224WithRSAEncryption OBJ_pkcs1,15L
+
+#define SN_sha512_256WithRSAEncryption "RSA-SHA512/256"
+#define LN_sha512_256WithRSAEncryption "sha512-256WithRSAEncryption"
+#define NID_sha512_256WithRSAEncryption 1146
+#define OBJ_sha512_256WithRSAEncryption OBJ_pkcs1,16L
+
+#define SN_pkcs3 "pkcs3"
+#define NID_pkcs3 27
+#define OBJ_pkcs3 OBJ_pkcs,3L
+
+#define LN_dhKeyAgreement "dhKeyAgreement"
+#define NID_dhKeyAgreement 28
+#define OBJ_dhKeyAgreement OBJ_pkcs3,1L
+
+#define SN_pkcs5 "pkcs5"
+#define NID_pkcs5 187
+#define OBJ_pkcs5 OBJ_pkcs,5L
+
+#define SN_pbeWithMD2AndDES_CBC "PBE-MD2-DES"
+#define LN_pbeWithMD2AndDES_CBC "pbeWithMD2AndDES-CBC"
+#define NID_pbeWithMD2AndDES_CBC 9
+#define OBJ_pbeWithMD2AndDES_CBC OBJ_pkcs5,1L
+
+#define SN_pbeWithMD5AndDES_CBC "PBE-MD5-DES"
+#define LN_pbeWithMD5AndDES_CBC "pbeWithMD5AndDES-CBC"
+#define NID_pbeWithMD5AndDES_CBC 10
+#define OBJ_pbeWithMD5AndDES_CBC OBJ_pkcs5,3L
+
+#define SN_pbeWithMD2AndRC2_CBC "PBE-MD2-RC2-64"
+#define LN_pbeWithMD2AndRC2_CBC "pbeWithMD2AndRC2-CBC"
+#define NID_pbeWithMD2AndRC2_CBC 168
+#define OBJ_pbeWithMD2AndRC2_CBC OBJ_pkcs5,4L
+
+#define SN_pbeWithMD5AndRC2_CBC "PBE-MD5-RC2-64"
+#define LN_pbeWithMD5AndRC2_CBC "pbeWithMD5AndRC2-CBC"
+#define NID_pbeWithMD5AndRC2_CBC 169
+#define OBJ_pbeWithMD5AndRC2_CBC OBJ_pkcs5,6L
+
+#define SN_pbeWithSHA1AndDES_CBC "PBE-SHA1-DES"
+#define LN_pbeWithSHA1AndDES_CBC "pbeWithSHA1AndDES-CBC"
+#define NID_pbeWithSHA1AndDES_CBC 170
+#define OBJ_pbeWithSHA1AndDES_CBC OBJ_pkcs5,10L
+
+#define SN_pbeWithSHA1AndRC2_CBC "PBE-SHA1-RC2-64"
+#define LN_pbeWithSHA1AndRC2_CBC "pbeWithSHA1AndRC2-CBC"
+#define NID_pbeWithSHA1AndRC2_CBC 68
+#define OBJ_pbeWithSHA1AndRC2_CBC OBJ_pkcs5,11L
+
+#define LN_id_pbkdf2 "PBKDF2"
+#define NID_id_pbkdf2 69
+#define OBJ_id_pbkdf2 OBJ_pkcs5,12L
+
+#define LN_pbes2 "PBES2"
+#define NID_pbes2 161
+#define OBJ_pbes2 OBJ_pkcs5,13L
+
+#define LN_pbmac1 "PBMAC1"
+#define NID_pbmac1 162
+#define OBJ_pbmac1 OBJ_pkcs5,14L
+
+#define SN_pkcs7 "pkcs7"
+#define NID_pkcs7 20
+#define OBJ_pkcs7 OBJ_pkcs,7L
+
+#define LN_pkcs7_data "pkcs7-data"
+#define NID_pkcs7_data 21
+#define OBJ_pkcs7_data OBJ_pkcs7,1L
+
+#define LN_pkcs7_signed "pkcs7-signedData"
+#define NID_pkcs7_signed 22
+#define OBJ_pkcs7_signed OBJ_pkcs7,2L
+
+#define LN_pkcs7_enveloped "pkcs7-envelopedData"
+#define NID_pkcs7_enveloped 23
+#define OBJ_pkcs7_enveloped OBJ_pkcs7,3L
+
+#define LN_pkcs7_signedAndEnveloped "pkcs7-signedAndEnvelopedData"
+#define NID_pkcs7_signedAndEnveloped 24
+#define OBJ_pkcs7_signedAndEnveloped OBJ_pkcs7,4L
+
+#define LN_pkcs7_digest "pkcs7-digestData"
+#define NID_pkcs7_digest 25
+#define OBJ_pkcs7_digest OBJ_pkcs7,5L
+
+#define LN_pkcs7_encrypted "pkcs7-encryptedData"
+#define NID_pkcs7_encrypted 26
+#define OBJ_pkcs7_encrypted OBJ_pkcs7,6L
+
+#define SN_pkcs9 "pkcs9"
+#define NID_pkcs9 47
+#define OBJ_pkcs9 OBJ_pkcs,9L
+
+#define LN_pkcs9_emailAddress "emailAddress"
+#define NID_pkcs9_emailAddress 48
+#define OBJ_pkcs9_emailAddress OBJ_pkcs9,1L
+
+#define LN_pkcs9_unstructuredName "unstructuredName"
+#define NID_pkcs9_unstructuredName 49
+#define OBJ_pkcs9_unstructuredName OBJ_pkcs9,2L
+
+#define LN_pkcs9_contentType "contentType"
+#define NID_pkcs9_contentType 50
+#define OBJ_pkcs9_contentType OBJ_pkcs9,3L
+
+#define LN_pkcs9_messageDigest "messageDigest"
+#define NID_pkcs9_messageDigest 51
+#define OBJ_pkcs9_messageDigest OBJ_pkcs9,4L
+
+#define LN_pkcs9_signingTime "signingTime"
+#define NID_pkcs9_signingTime 52
+#define OBJ_pkcs9_signingTime OBJ_pkcs9,5L
+
+#define LN_pkcs9_countersignature "countersignature"
+#define NID_pkcs9_countersignature 53
+#define OBJ_pkcs9_countersignature OBJ_pkcs9,6L
+
+#define LN_pkcs9_challengePassword "challengePassword"
+#define NID_pkcs9_challengePassword 54
+#define OBJ_pkcs9_challengePassword OBJ_pkcs9,7L
+
+#define LN_pkcs9_unstructuredAddress "unstructuredAddress"
+#define NID_pkcs9_unstructuredAddress 55
+#define OBJ_pkcs9_unstructuredAddress OBJ_pkcs9,8L
+
+#define LN_pkcs9_extCertAttributes "extendedCertificateAttributes"
+#define NID_pkcs9_extCertAttributes 56
+#define OBJ_pkcs9_extCertAttributes OBJ_pkcs9,9L
+
+#define SN_ext_req "extReq"
+#define LN_ext_req "Extension Request"
+#define NID_ext_req 172
+#define OBJ_ext_req OBJ_pkcs9,14L
+
+#define SN_SMIMECapabilities "SMIME-CAPS"
+#define LN_SMIMECapabilities "S/MIME Capabilities"
+#define NID_SMIMECapabilities 167
+#define OBJ_SMIMECapabilities OBJ_pkcs9,15L
+
+#define SN_SMIME "SMIME"
+#define LN_SMIME "S/MIME"
+#define NID_SMIME 188
+#define OBJ_SMIME OBJ_pkcs9,16L
+
+#define SN_id_smime_mod "id-smime-mod"
+#define NID_id_smime_mod 189
+#define OBJ_id_smime_mod OBJ_SMIME,0L
+
+#define SN_id_smime_ct "id-smime-ct"
+#define NID_id_smime_ct 190
+#define OBJ_id_smime_ct OBJ_SMIME,1L
+
+#define SN_id_smime_aa "id-smime-aa"
+#define NID_id_smime_aa 191
+#define OBJ_id_smime_aa OBJ_SMIME,2L
+
+#define SN_id_smime_alg "id-smime-alg"
+#define NID_id_smime_alg 192
+#define OBJ_id_smime_alg OBJ_SMIME,3L
+
+#define SN_id_smime_cd "id-smime-cd"
+#define NID_id_smime_cd 193
+#define OBJ_id_smime_cd OBJ_SMIME,4L
+
+#define SN_id_smime_spq "id-smime-spq"
+#define NID_id_smime_spq 194
+#define OBJ_id_smime_spq OBJ_SMIME,5L
+
+#define SN_id_smime_cti "id-smime-cti"
+#define NID_id_smime_cti 195
+#define OBJ_id_smime_cti OBJ_SMIME,6L
+
+#define SN_id_smime_mod_cms "id-smime-mod-cms"
+#define NID_id_smime_mod_cms 196
+#define OBJ_id_smime_mod_cms OBJ_id_smime_mod,1L
+
+#define SN_id_smime_mod_ess "id-smime-mod-ess"
+#define NID_id_smime_mod_ess 197
+#define OBJ_id_smime_mod_ess OBJ_id_smime_mod,2L
+
+#define SN_id_smime_mod_oid "id-smime-mod-oid"
+#define NID_id_smime_mod_oid 198
+#define OBJ_id_smime_mod_oid OBJ_id_smime_mod,3L
+
+#define SN_id_smime_mod_msg_v3 "id-smime-mod-msg-v3"
+#define NID_id_smime_mod_msg_v3 199
+#define OBJ_id_smime_mod_msg_v3 OBJ_id_smime_mod,4L
+
+#define SN_id_smime_mod_ets_eSignature_88 "id-smime-mod-ets-eSignature-88"
+#define NID_id_smime_mod_ets_eSignature_88 200
+#define OBJ_id_smime_mod_ets_eSignature_88 OBJ_id_smime_mod,5L
+
+#define SN_id_smime_mod_ets_eSignature_97 "id-smime-mod-ets-eSignature-97"
+#define NID_id_smime_mod_ets_eSignature_97 201
+#define OBJ_id_smime_mod_ets_eSignature_97 OBJ_id_smime_mod,6L
+
+#define SN_id_smime_mod_ets_eSigPolicy_88 "id-smime-mod-ets-eSigPolicy-88"
+#define NID_id_smime_mod_ets_eSigPolicy_88 202
+#define OBJ_id_smime_mod_ets_eSigPolicy_88 OBJ_id_smime_mod,7L
+
+#define SN_id_smime_mod_ets_eSigPolicy_97 "id-smime-mod-ets-eSigPolicy-97"
+#define NID_id_smime_mod_ets_eSigPolicy_97 203
+#define OBJ_id_smime_mod_ets_eSigPolicy_97 OBJ_id_smime_mod,8L
+
+#define SN_id_smime_ct_receipt "id-smime-ct-receipt"
+#define NID_id_smime_ct_receipt 204
+#define OBJ_id_smime_ct_receipt OBJ_id_smime_ct,1L
+
+#define SN_id_smime_ct_authData "id-smime-ct-authData"
+#define NID_id_smime_ct_authData 205
+#define OBJ_id_smime_ct_authData OBJ_id_smime_ct,2L
+
+#define SN_id_smime_ct_publishCert "id-smime-ct-publishCert"
+#define NID_id_smime_ct_publishCert 206
+#define OBJ_id_smime_ct_publishCert OBJ_id_smime_ct,3L
+
+#define SN_id_smime_ct_TSTInfo "id-smime-ct-TSTInfo"
+#define NID_id_smime_ct_TSTInfo 207
+#define OBJ_id_smime_ct_TSTInfo OBJ_id_smime_ct,4L
+
+#define SN_id_smime_ct_TDTInfo "id-smime-ct-TDTInfo"
+#define NID_id_smime_ct_TDTInfo 208
+#define OBJ_id_smime_ct_TDTInfo OBJ_id_smime_ct,5L
+
+#define SN_id_smime_ct_contentInfo "id-smime-ct-contentInfo"
+#define NID_id_smime_ct_contentInfo 209
+#define OBJ_id_smime_ct_contentInfo OBJ_id_smime_ct,6L
+
+#define SN_id_smime_ct_DVCSRequestData "id-smime-ct-DVCSRequestData"
+#define NID_id_smime_ct_DVCSRequestData 210
+#define OBJ_id_smime_ct_DVCSRequestData OBJ_id_smime_ct,7L
+
+#define SN_id_smime_ct_DVCSResponseData "id-smime-ct-DVCSResponseData"
+#define NID_id_smime_ct_DVCSResponseData 211
+#define OBJ_id_smime_ct_DVCSResponseData OBJ_id_smime_ct,8L
+
+#define SN_id_smime_ct_compressedData "id-smime-ct-compressedData"
+#define NID_id_smime_ct_compressedData 786
+#define OBJ_id_smime_ct_compressedData OBJ_id_smime_ct,9L
+
+#define SN_id_smime_ct_contentCollection "id-smime-ct-contentCollection"
+#define NID_id_smime_ct_contentCollection 1058
+#define OBJ_id_smime_ct_contentCollection OBJ_id_smime_ct,19L
+
+#define SN_id_smime_ct_authEnvelopedData "id-smime-ct-authEnvelopedData"
+#define NID_id_smime_ct_authEnvelopedData 1059
+#define OBJ_id_smime_ct_authEnvelopedData OBJ_id_smime_ct,23L
+
+#define SN_id_ct_asciiTextWithCRLF "id-ct-asciiTextWithCRLF"
+#define NID_id_ct_asciiTextWithCRLF 787
+#define OBJ_id_ct_asciiTextWithCRLF OBJ_id_smime_ct,27L
+
+#define SN_id_ct_xml "id-ct-xml"
+#define NID_id_ct_xml 1060
+#define OBJ_id_ct_xml OBJ_id_smime_ct,28L
+
+#define SN_id_smime_aa_receiptRequest "id-smime-aa-receiptRequest"
+#define NID_id_smime_aa_receiptRequest 212
+#define OBJ_id_smime_aa_receiptRequest OBJ_id_smime_aa,1L
+
+#define SN_id_smime_aa_securityLabel "id-smime-aa-securityLabel"
+#define NID_id_smime_aa_securityLabel 213
+#define OBJ_id_smime_aa_securityLabel OBJ_id_smime_aa,2L
+
+#define SN_id_smime_aa_mlExpandHistory "id-smime-aa-mlExpandHistory"
+#define NID_id_smime_aa_mlExpandHistory 214
+#define OBJ_id_smime_aa_mlExpandHistory OBJ_id_smime_aa,3L
+
+#define SN_id_smime_aa_contentHint "id-smime-aa-contentHint"
+#define NID_id_smime_aa_contentHint 215
+#define OBJ_id_smime_aa_contentHint OBJ_id_smime_aa,4L
+
+#define SN_id_smime_aa_msgSigDigest "id-smime-aa-msgSigDigest"
+#define NID_id_smime_aa_msgSigDigest 216
+#define OBJ_id_smime_aa_msgSigDigest OBJ_id_smime_aa,5L
+
+#define SN_id_smime_aa_encapContentType "id-smime-aa-encapContentType"
+#define NID_id_smime_aa_encapContentType 217
+#define OBJ_id_smime_aa_encapContentType OBJ_id_smime_aa,6L
+
+#define SN_id_smime_aa_contentIdentifier "id-smime-aa-contentIdentifier"
+#define NID_id_smime_aa_contentIdentifier 218
+#define OBJ_id_smime_aa_contentIdentifier OBJ_id_smime_aa,7L
+
+#define SN_id_smime_aa_macValue "id-smime-aa-macValue"
+#define NID_id_smime_aa_macValue 219
+#define OBJ_id_smime_aa_macValue OBJ_id_smime_aa,8L
+
+#define SN_id_smime_aa_equivalentLabels "id-smime-aa-equivalentLabels"
+#define NID_id_smime_aa_equivalentLabels 220
+#define OBJ_id_smime_aa_equivalentLabels OBJ_id_smime_aa,9L
+
+#define SN_id_smime_aa_contentReference "id-smime-aa-contentReference"
+#define NID_id_smime_aa_contentReference 221
+#define OBJ_id_smime_aa_contentReference OBJ_id_smime_aa,10L
+
+#define SN_id_smime_aa_encrypKeyPref "id-smime-aa-encrypKeyPref"
+#define NID_id_smime_aa_encrypKeyPref 222
+#define OBJ_id_smime_aa_encrypKeyPref OBJ_id_smime_aa,11L
+
+#define SN_id_smime_aa_signingCertificate "id-smime-aa-signingCertificate"
+#define NID_id_smime_aa_signingCertificate 223
+#define OBJ_id_smime_aa_signingCertificate OBJ_id_smime_aa,12L
+
+#define SN_id_smime_aa_smimeEncryptCerts "id-smime-aa-smimeEncryptCerts"
+#define NID_id_smime_aa_smimeEncryptCerts 224
+#define OBJ_id_smime_aa_smimeEncryptCerts OBJ_id_smime_aa,13L
+
+#define SN_id_smime_aa_timeStampToken "id-smime-aa-timeStampToken"
+#define NID_id_smime_aa_timeStampToken 225
+#define OBJ_id_smime_aa_timeStampToken OBJ_id_smime_aa,14L
+
+#define SN_id_smime_aa_ets_sigPolicyId "id-smime-aa-ets-sigPolicyId"
+#define NID_id_smime_aa_ets_sigPolicyId 226
+#define OBJ_id_smime_aa_ets_sigPolicyId OBJ_id_smime_aa,15L
+
+#define SN_id_smime_aa_ets_commitmentType "id-smime-aa-ets-commitmentType"
+#define NID_id_smime_aa_ets_commitmentType 227
+#define OBJ_id_smime_aa_ets_commitmentType OBJ_id_smime_aa,16L
+
+#define SN_id_smime_aa_ets_signerLocation "id-smime-aa-ets-signerLocation"
+#define NID_id_smime_aa_ets_signerLocation 228
+#define OBJ_id_smime_aa_ets_signerLocation OBJ_id_smime_aa,17L
+
+#define SN_id_smime_aa_ets_signerAttr "id-smime-aa-ets-signerAttr"
+#define NID_id_smime_aa_ets_signerAttr 229
+#define OBJ_id_smime_aa_ets_signerAttr OBJ_id_smime_aa,18L
+
+#define SN_id_smime_aa_ets_otherSigCert "id-smime-aa-ets-otherSigCert"
+#define NID_id_smime_aa_ets_otherSigCert 230
+#define OBJ_id_smime_aa_ets_otherSigCert OBJ_id_smime_aa,19L
+
+#define SN_id_smime_aa_ets_contentTimestamp "id-smime-aa-ets-contentTimestamp"
+#define NID_id_smime_aa_ets_contentTimestamp 231
+#define OBJ_id_smime_aa_ets_contentTimestamp OBJ_id_smime_aa,20L
+
+#define SN_id_smime_aa_ets_CertificateRefs "id-smime-aa-ets-CertificateRefs"
+#define NID_id_smime_aa_ets_CertificateRefs 232
+#define OBJ_id_smime_aa_ets_CertificateRefs OBJ_id_smime_aa,21L
+
+#define SN_id_smime_aa_ets_RevocationRefs "id-smime-aa-ets-RevocationRefs"
+#define NID_id_smime_aa_ets_RevocationRefs 233
+#define OBJ_id_smime_aa_ets_RevocationRefs OBJ_id_smime_aa,22L
+
+#define SN_id_smime_aa_ets_certValues "id-smime-aa-ets-certValues"
+#define NID_id_smime_aa_ets_certValues 234
+#define OBJ_id_smime_aa_ets_certValues OBJ_id_smime_aa,23L
+
+#define SN_id_smime_aa_ets_revocationValues "id-smime-aa-ets-revocationValues"
+#define NID_id_smime_aa_ets_revocationValues 235
+#define OBJ_id_smime_aa_ets_revocationValues OBJ_id_smime_aa,24L
+
+#define SN_id_smime_aa_ets_escTimeStamp "id-smime-aa-ets-escTimeStamp"
+#define NID_id_smime_aa_ets_escTimeStamp 236
+#define OBJ_id_smime_aa_ets_escTimeStamp OBJ_id_smime_aa,25L
+
+#define SN_id_smime_aa_ets_certCRLTimestamp "id-smime-aa-ets-certCRLTimestamp"
+#define NID_id_smime_aa_ets_certCRLTimestamp 237
+#define OBJ_id_smime_aa_ets_certCRLTimestamp OBJ_id_smime_aa,26L
+
+#define SN_id_smime_aa_ets_archiveTimeStamp "id-smime-aa-ets-archiveTimeStamp"
+#define NID_id_smime_aa_ets_archiveTimeStamp 238
+#define OBJ_id_smime_aa_ets_archiveTimeStamp OBJ_id_smime_aa,27L
+
+#define SN_id_smime_aa_signatureType "id-smime-aa-signatureType"
+#define NID_id_smime_aa_signatureType 239
+#define OBJ_id_smime_aa_signatureType OBJ_id_smime_aa,28L
+
+#define SN_id_smime_aa_dvcs_dvc "id-smime-aa-dvcs-dvc"
+#define NID_id_smime_aa_dvcs_dvc 240
+#define OBJ_id_smime_aa_dvcs_dvc OBJ_id_smime_aa,29L
+
+#define SN_id_smime_aa_signingCertificateV2 "id-smime-aa-signingCertificateV2"
+#define NID_id_smime_aa_signingCertificateV2 1086
+#define OBJ_id_smime_aa_signingCertificateV2 OBJ_id_smime_aa,47L
+
+#define SN_id_smime_alg_ESDHwith3DES "id-smime-alg-ESDHwith3DES"
+#define NID_id_smime_alg_ESDHwith3DES 241
+#define OBJ_id_smime_alg_ESDHwith3DES OBJ_id_smime_alg,1L
+
+#define SN_id_smime_alg_ESDHwithRC2 "id-smime-alg-ESDHwithRC2"
+#define NID_id_smime_alg_ESDHwithRC2 242
+#define OBJ_id_smime_alg_ESDHwithRC2 OBJ_id_smime_alg,2L
+
+#define SN_id_smime_alg_3DESwrap "id-smime-alg-3DESwrap"
+#define NID_id_smime_alg_3DESwrap 243
+#define OBJ_id_smime_alg_3DESwrap OBJ_id_smime_alg,3L
+
+#define SN_id_smime_alg_RC2wrap "id-smime-alg-RC2wrap"
+#define NID_id_smime_alg_RC2wrap 244
+#define OBJ_id_smime_alg_RC2wrap OBJ_id_smime_alg,4L
+
+#define SN_id_smime_alg_ESDH "id-smime-alg-ESDH"
+#define NID_id_smime_alg_ESDH 245
+#define OBJ_id_smime_alg_ESDH OBJ_id_smime_alg,5L
+
+#define SN_id_smime_alg_CMS3DESwrap "id-smime-alg-CMS3DESwrap"
+#define NID_id_smime_alg_CMS3DESwrap 246
+#define OBJ_id_smime_alg_CMS3DESwrap OBJ_id_smime_alg,6L
+
+#define SN_id_smime_alg_CMSRC2wrap "id-smime-alg-CMSRC2wrap"
+#define NID_id_smime_alg_CMSRC2wrap 247
+#define OBJ_id_smime_alg_CMSRC2wrap OBJ_id_smime_alg,7L
+
+#define SN_id_alg_PWRI_KEK "id-alg-PWRI-KEK"
+#define NID_id_alg_PWRI_KEK 893
+#define OBJ_id_alg_PWRI_KEK OBJ_id_smime_alg,9L
+
+#define SN_id_smime_cd_ldap "id-smime-cd-ldap"
+#define NID_id_smime_cd_ldap 248
+#define OBJ_id_smime_cd_ldap OBJ_id_smime_cd,1L
+
+#define SN_id_smime_spq_ets_sqt_uri "id-smime-spq-ets-sqt-uri"
+#define NID_id_smime_spq_ets_sqt_uri 249
+#define OBJ_id_smime_spq_ets_sqt_uri OBJ_id_smime_spq,1L
+
+#define SN_id_smime_spq_ets_sqt_unotice "id-smime-spq-ets-sqt-unotice"
+#define NID_id_smime_spq_ets_sqt_unotice 250
+#define OBJ_id_smime_spq_ets_sqt_unotice OBJ_id_smime_spq,2L
+
+#define SN_id_smime_cti_ets_proofOfOrigin "id-smime-cti-ets-proofOfOrigin"
+#define NID_id_smime_cti_ets_proofOfOrigin 251
+#define OBJ_id_smime_cti_ets_proofOfOrigin OBJ_id_smime_cti,1L
+
+#define SN_id_smime_cti_ets_proofOfReceipt "id-smime-cti-ets-proofOfReceipt"
+#define NID_id_smime_cti_ets_proofOfReceipt 252
+#define OBJ_id_smime_cti_ets_proofOfReceipt OBJ_id_smime_cti,2L
+
+#define SN_id_smime_cti_ets_proofOfDelivery "id-smime-cti-ets-proofOfDelivery"
+#define NID_id_smime_cti_ets_proofOfDelivery 253
+#define OBJ_id_smime_cti_ets_proofOfDelivery OBJ_id_smime_cti,3L
+
+#define SN_id_smime_cti_ets_proofOfSender "id-smime-cti-ets-proofOfSender"
+#define NID_id_smime_cti_ets_proofOfSender 254
+#define OBJ_id_smime_cti_ets_proofOfSender OBJ_id_smime_cti,4L
+
+#define SN_id_smime_cti_ets_proofOfApproval "id-smime-cti-ets-proofOfApproval"
+#define NID_id_smime_cti_ets_proofOfApproval 255
+#define OBJ_id_smime_cti_ets_proofOfApproval OBJ_id_smime_cti,5L
+
+#define SN_id_smime_cti_ets_proofOfCreation "id-smime-cti-ets-proofOfCreation"
+#define NID_id_smime_cti_ets_proofOfCreation 256
+#define OBJ_id_smime_cti_ets_proofOfCreation OBJ_id_smime_cti,6L
+
+#define LN_friendlyName "friendlyName"
+#define NID_friendlyName 156
+#define OBJ_friendlyName OBJ_pkcs9,20L
+
+#define LN_localKeyID "localKeyID"
+#define NID_localKeyID 157
+#define OBJ_localKeyID OBJ_pkcs9,21L
+
+#define SN_ms_csp_name "CSPName"
+#define LN_ms_csp_name "Microsoft CSP Name"
+#define NID_ms_csp_name 417
+#define OBJ_ms_csp_name 1L,3L,6L,1L,4L,1L,311L,17L,1L
+
+#define SN_LocalKeySet "LocalKeySet"
+#define LN_LocalKeySet "Microsoft Local Key set"
+#define NID_LocalKeySet 856
+#define OBJ_LocalKeySet 1L,3L,6L,1L,4L,1L,311L,17L,2L
+
+#define OBJ_certTypes OBJ_pkcs9,22L
+
+#define LN_x509Certificate "x509Certificate"
+#define NID_x509Certificate 158
+#define OBJ_x509Certificate OBJ_certTypes,1L
+
+#define LN_sdsiCertificate "sdsiCertificate"
+#define NID_sdsiCertificate 159
+#define OBJ_sdsiCertificate OBJ_certTypes,2L
+
+#define OBJ_crlTypes OBJ_pkcs9,23L
+
+#define LN_x509Crl "x509Crl"
+#define NID_x509Crl 160
+#define OBJ_x509Crl OBJ_crlTypes,1L
+
+#define OBJ_pkcs12 OBJ_pkcs,12L
+
+#define OBJ_pkcs12_pbeids OBJ_pkcs12,1L
+
+#define SN_pbe_WithSHA1And128BitRC4 "PBE-SHA1-RC4-128"
+#define LN_pbe_WithSHA1And128BitRC4 "pbeWithSHA1And128BitRC4"
+#define NID_pbe_WithSHA1And128BitRC4 144
+#define OBJ_pbe_WithSHA1And128BitRC4 OBJ_pkcs12_pbeids,1L
+
+#define SN_pbe_WithSHA1And40BitRC4 "PBE-SHA1-RC4-40"
+#define LN_pbe_WithSHA1And40BitRC4 "pbeWithSHA1And40BitRC4"
+#define NID_pbe_WithSHA1And40BitRC4 145
+#define OBJ_pbe_WithSHA1And40BitRC4 OBJ_pkcs12_pbeids,2L
+
+#define SN_pbe_WithSHA1And3_Key_TripleDES_CBC "PBE-SHA1-3DES"
+#define LN_pbe_WithSHA1And3_Key_TripleDES_CBC "pbeWithSHA1And3-KeyTripleDES-CBC"
+#define NID_pbe_WithSHA1And3_Key_TripleDES_CBC 146
+#define OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC OBJ_pkcs12_pbeids,3L
+
+#define SN_pbe_WithSHA1And2_Key_TripleDES_CBC "PBE-SHA1-2DES"
+#define LN_pbe_WithSHA1And2_Key_TripleDES_CBC "pbeWithSHA1And2-KeyTripleDES-CBC"
+#define NID_pbe_WithSHA1And2_Key_TripleDES_CBC 147
+#define OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC OBJ_pkcs12_pbeids,4L
+
+#define SN_pbe_WithSHA1And128BitRC2_CBC "PBE-SHA1-RC2-128"
+#define LN_pbe_WithSHA1And128BitRC2_CBC "pbeWithSHA1And128BitRC2-CBC"
+#define NID_pbe_WithSHA1And128BitRC2_CBC 148
+#define OBJ_pbe_WithSHA1And128BitRC2_CBC OBJ_pkcs12_pbeids,5L
+
+#define SN_pbe_WithSHA1And40BitRC2_CBC "PBE-SHA1-RC2-40"
+#define LN_pbe_WithSHA1And40BitRC2_CBC "pbeWithSHA1And40BitRC2-CBC"
+#define NID_pbe_WithSHA1And40BitRC2_CBC 149
+#define OBJ_pbe_WithSHA1And40BitRC2_CBC OBJ_pkcs12_pbeids,6L
+
+#define OBJ_pkcs12_Version1 OBJ_pkcs12,10L
+
+#define OBJ_pkcs12_BagIds OBJ_pkcs12_Version1,1L
+
+#define LN_keyBag "keyBag"
+#define NID_keyBag 150
+#define OBJ_keyBag OBJ_pkcs12_BagIds,1L
+
+#define LN_pkcs8ShroudedKeyBag "pkcs8ShroudedKeyBag"
+#define NID_pkcs8ShroudedKeyBag 151
+#define OBJ_pkcs8ShroudedKeyBag OBJ_pkcs12_BagIds,2L
+
+#define LN_certBag "certBag"
+#define NID_certBag 152
+#define OBJ_certBag OBJ_pkcs12_BagIds,3L
+
+#define LN_crlBag "crlBag"
+#define NID_crlBag 153
+#define OBJ_crlBag OBJ_pkcs12_BagIds,4L
+
+#define LN_secretBag "secretBag"
+#define NID_secretBag 154
+#define OBJ_secretBag OBJ_pkcs12_BagIds,5L
+
+#define LN_safeContentsBag "safeContentsBag"
+#define NID_safeContentsBag 155
+#define OBJ_safeContentsBag OBJ_pkcs12_BagIds,6L
+
+#define SN_md2 "MD2"
+#define LN_md2 "md2"
+#define NID_md2 3
+#define OBJ_md2 OBJ_rsadsi,2L,2L
+
+#define SN_md4 "MD4"
+#define LN_md4 "md4"
+#define NID_md4 257
+#define OBJ_md4 OBJ_rsadsi,2L,4L
+
+#define SN_md5 "MD5"
+#define LN_md5 "md5"
+#define NID_md5 4
+#define OBJ_md5 OBJ_rsadsi,2L,5L
+
+#define SN_md5_sha1 "MD5-SHA1"
+#define LN_md5_sha1 "md5-sha1"
+#define NID_md5_sha1 114
+
+#define LN_hmacWithMD5 "hmacWithMD5"
+#define NID_hmacWithMD5 797
+#define OBJ_hmacWithMD5 OBJ_rsadsi,2L,6L
+
+#define LN_hmacWithSHA1 "hmacWithSHA1"
+#define NID_hmacWithSHA1 163
+#define OBJ_hmacWithSHA1 OBJ_rsadsi,2L,7L
+
+#define SN_sm2 "SM2"
+#define LN_sm2 "sm2"
+#define NID_sm2 1172
+#define OBJ_sm2 OBJ_sm_scheme,301L
+
+#define SN_sm3 "SM3"
+#define LN_sm3 "sm3"
+#define NID_sm3 1143
+#define OBJ_sm3 OBJ_sm_scheme,401L
+
+#define SN_sm3WithRSAEncryption "RSA-SM3"
+#define LN_sm3WithRSAEncryption "sm3WithRSAEncryption"
+#define NID_sm3WithRSAEncryption 1144
+#define OBJ_sm3WithRSAEncryption OBJ_sm_scheme,504L
+
+#define SN_SM2_with_SM3 "SM2-SM3"
+#define LN_SM2_with_SM3 "SM2-with-SM3"
+#define NID_SM2_with_SM3 1204
+#define OBJ_SM2_with_SM3 OBJ_sm_scheme,501L
+
+#define LN_hmacWithSHA224 "hmacWithSHA224"
+#define NID_hmacWithSHA224 798
+#define OBJ_hmacWithSHA224 OBJ_rsadsi,2L,8L
+
+#define LN_hmacWithSHA256 "hmacWithSHA256"
+#define NID_hmacWithSHA256 799
+#define OBJ_hmacWithSHA256 OBJ_rsadsi,2L,9L
+
+#define LN_hmacWithSHA384 "hmacWithSHA384"
+#define NID_hmacWithSHA384 800
+#define OBJ_hmacWithSHA384 OBJ_rsadsi,2L,10L
+
+#define LN_hmacWithSHA512 "hmacWithSHA512"
+#define NID_hmacWithSHA512 801
+#define OBJ_hmacWithSHA512 OBJ_rsadsi,2L,11L
+
+#define LN_hmacWithSHA512_224 "hmacWithSHA512-224"
+#define NID_hmacWithSHA512_224 1193
+#define OBJ_hmacWithSHA512_224 OBJ_rsadsi,2L,12L
+
+#define LN_hmacWithSHA512_256 "hmacWithSHA512-256"
+#define NID_hmacWithSHA512_256 1194
+#define OBJ_hmacWithSHA512_256 OBJ_rsadsi,2L,13L
+
+#define SN_rc2_cbc "RC2-CBC"
+#define LN_rc2_cbc "rc2-cbc"
+#define NID_rc2_cbc 37
+#define OBJ_rc2_cbc OBJ_rsadsi,3L,2L
+
+#define SN_rc2_ecb "RC2-ECB"
+#define LN_rc2_ecb "rc2-ecb"
+#define NID_rc2_ecb 38
+
+#define SN_rc2_cfb64 "RC2-CFB"
+#define LN_rc2_cfb64 "rc2-cfb"
+#define NID_rc2_cfb64 39
+
+#define SN_rc2_ofb64 "RC2-OFB"
+#define LN_rc2_ofb64 "rc2-ofb"
+#define NID_rc2_ofb64 40
+
+#define SN_rc2_40_cbc "RC2-40-CBC"
+#define LN_rc2_40_cbc "rc2-40-cbc"
+#define NID_rc2_40_cbc 98
+
+#define SN_rc2_64_cbc "RC2-64-CBC"
+#define LN_rc2_64_cbc "rc2-64-cbc"
+#define NID_rc2_64_cbc 166
+
+#define SN_rc4 "RC4"
+#define LN_rc4 "rc4"
+#define NID_rc4 5
+#define OBJ_rc4 OBJ_rsadsi,3L,4L
+
+#define SN_rc4_40 "RC4-40"
+#define LN_rc4_40 "rc4-40"
+#define NID_rc4_40 97
+
+#define SN_des_ede3_cbc "DES-EDE3-CBC"
+#define LN_des_ede3_cbc "des-ede3-cbc"
+#define NID_des_ede3_cbc 44
+#define OBJ_des_ede3_cbc OBJ_rsadsi,3L,7L
+
+#define SN_rc5_cbc "RC5-CBC"
+#define LN_rc5_cbc "rc5-cbc"
+#define NID_rc5_cbc 120
+#define OBJ_rc5_cbc OBJ_rsadsi,3L,8L
+
+#define SN_rc5_ecb "RC5-ECB"
+#define LN_rc5_ecb "rc5-ecb"
+#define NID_rc5_ecb 121
+
+#define SN_rc5_cfb64 "RC5-CFB"
+#define LN_rc5_cfb64 "rc5-cfb"
+#define NID_rc5_cfb64 122
+
+#define SN_rc5_ofb64 "RC5-OFB"
+#define LN_rc5_ofb64 "rc5-ofb"
+#define NID_rc5_ofb64 123
+
+#define SN_ms_ext_req "msExtReq"
+#define LN_ms_ext_req "Microsoft Extension Request"
+#define NID_ms_ext_req 171
+#define OBJ_ms_ext_req 1L,3L,6L,1L,4L,1L,311L,2L,1L,14L
+
+#define SN_ms_code_ind "msCodeInd"
+#define LN_ms_code_ind "Microsoft Individual Code Signing"
+#define NID_ms_code_ind 134
+#define OBJ_ms_code_ind 1L,3L,6L,1L,4L,1L,311L,2L,1L,21L
+
+#define SN_ms_code_com "msCodeCom"
+#define LN_ms_code_com "Microsoft Commercial Code Signing"
+#define NID_ms_code_com 135
+#define OBJ_ms_code_com 1L,3L,6L,1L,4L,1L,311L,2L,1L,22L
+
+#define SN_ms_ctl_sign "msCTLSign"
+#define LN_ms_ctl_sign "Microsoft Trust List Signing"
+#define NID_ms_ctl_sign 136
+#define OBJ_ms_ctl_sign 1L,3L,6L,1L,4L,1L,311L,10L,3L,1L
+
+#define SN_ms_sgc "msSGC"
+#define LN_ms_sgc "Microsoft Server Gated Crypto"
+#define NID_ms_sgc 137
+#define OBJ_ms_sgc 1L,3L,6L,1L,4L,1L,311L,10L,3L,3L
+
+#define SN_ms_efs "msEFS"
+#define LN_ms_efs "Microsoft Encrypted File System"
+#define NID_ms_efs 138
+#define OBJ_ms_efs 1L,3L,6L,1L,4L,1L,311L,10L,3L,4L
+
+#define SN_ms_smartcard_login "msSmartcardLogin"
+#define LN_ms_smartcard_login "Microsoft Smartcard Login"
+#define NID_ms_smartcard_login 648
+#define OBJ_ms_smartcard_login 1L,3L,6L,1L,4L,1L,311L,20L,2L,2L
+
+#define SN_ms_upn "msUPN"
+#define LN_ms_upn "Microsoft User Principal Name"
+#define NID_ms_upn 649
+#define OBJ_ms_upn 1L,3L,6L,1L,4L,1L,311L,20L,2L,3L
+
+#define SN_idea_cbc "IDEA-CBC"
+#define LN_idea_cbc "idea-cbc"
+#define NID_idea_cbc 34
+#define OBJ_idea_cbc 1L,3L,6L,1L,4L,1L,188L,7L,1L,1L,2L
+
+#define SN_idea_ecb "IDEA-ECB"
+#define LN_idea_ecb "idea-ecb"
+#define NID_idea_ecb 36
+
+#define SN_idea_cfb64 "IDEA-CFB"
+#define LN_idea_cfb64 "idea-cfb"
+#define NID_idea_cfb64 35
+
+#define SN_idea_ofb64 "IDEA-OFB"
+#define LN_idea_ofb64 "idea-ofb"
+#define NID_idea_ofb64 46
+
+#define SN_bf_cbc "BF-CBC"
+#define LN_bf_cbc "bf-cbc"
+#define NID_bf_cbc 91
+#define OBJ_bf_cbc 1L,3L,6L,1L,4L,1L,3029L,1L,2L
+
+#define SN_bf_ecb "BF-ECB"
+#define LN_bf_ecb "bf-ecb"
+#define NID_bf_ecb 92
+
+#define SN_bf_cfb64 "BF-CFB"
+#define LN_bf_cfb64 "bf-cfb"
+#define NID_bf_cfb64 93
+
+#define SN_bf_ofb64 "BF-OFB"
+#define LN_bf_ofb64 "bf-ofb"
+#define NID_bf_ofb64 94
+
+#define SN_id_pkix "PKIX"
+#define NID_id_pkix 127
+#define OBJ_id_pkix 1L,3L,6L,1L,5L,5L,7L
+
+#define SN_id_pkix_mod "id-pkix-mod"
+#define NID_id_pkix_mod 258
+#define OBJ_id_pkix_mod OBJ_id_pkix,0L
+
+#define SN_id_pe "id-pe"
+#define NID_id_pe 175
+#define OBJ_id_pe OBJ_id_pkix,1L
+
+#define SN_id_qt "id-qt"
+#define NID_id_qt 259
+#define OBJ_id_qt OBJ_id_pkix,2L
+
+#define SN_id_kp "id-kp"
+#define NID_id_kp 128
+#define OBJ_id_kp OBJ_id_pkix,3L
+
+#define SN_id_it "id-it"
+#define NID_id_it 260
+#define OBJ_id_it OBJ_id_pkix,4L
+
+#define SN_id_pkip "id-pkip"
+#define NID_id_pkip 261
+#define OBJ_id_pkip OBJ_id_pkix,5L
+
+#define SN_id_alg "id-alg"
+#define NID_id_alg 262
+#define OBJ_id_alg OBJ_id_pkix,6L
+
+#define SN_id_cmc "id-cmc"
+#define NID_id_cmc 263
+#define OBJ_id_cmc OBJ_id_pkix,7L
+
+#define SN_id_on "id-on"
+#define NID_id_on 264
+#define OBJ_id_on OBJ_id_pkix,8L
+
+#define SN_id_pda "id-pda"
+#define NID_id_pda 265
+#define OBJ_id_pda OBJ_id_pkix,9L
+
+#define SN_id_aca "id-aca"
+#define NID_id_aca 266
+#define OBJ_id_aca OBJ_id_pkix,10L
+
+#define SN_id_qcs "id-qcs"
+#define NID_id_qcs 267
+#define OBJ_id_qcs OBJ_id_pkix,11L
+
+#define SN_id_cct "id-cct"
+#define NID_id_cct 268
+#define OBJ_id_cct OBJ_id_pkix,12L
+
+#define SN_id_ppl "id-ppl"
+#define NID_id_ppl 662
+#define OBJ_id_ppl OBJ_id_pkix,21L
+
+#define SN_id_ad "id-ad"
+#define NID_id_ad 176
+#define OBJ_id_ad OBJ_id_pkix,48L
+
+#define SN_id_pkix1_explicit_88 "id-pkix1-explicit-88"
+#define NID_id_pkix1_explicit_88 269
+#define OBJ_id_pkix1_explicit_88 OBJ_id_pkix_mod,1L
+
+#define SN_id_pkix1_implicit_88 "id-pkix1-implicit-88"
+#define NID_id_pkix1_implicit_88 270
+#define OBJ_id_pkix1_implicit_88 OBJ_id_pkix_mod,2L
+
+#define SN_id_pkix1_explicit_93 "id-pkix1-explicit-93"
+#define NID_id_pkix1_explicit_93 271
+#define OBJ_id_pkix1_explicit_93 OBJ_id_pkix_mod,3L
+
+#define SN_id_pkix1_implicit_93 "id-pkix1-implicit-93"
+#define NID_id_pkix1_implicit_93 272
+#define OBJ_id_pkix1_implicit_93 OBJ_id_pkix_mod,4L
+
+#define SN_id_mod_crmf "id-mod-crmf"
+#define NID_id_mod_crmf 273
+#define OBJ_id_mod_crmf OBJ_id_pkix_mod,5L
+
+#define SN_id_mod_cmc "id-mod-cmc"
+#define NID_id_mod_cmc 274
+#define OBJ_id_mod_cmc OBJ_id_pkix_mod,6L
+
+#define SN_id_mod_kea_profile_88 "id-mod-kea-profile-88"
+#define NID_id_mod_kea_profile_88 275
+#define OBJ_id_mod_kea_profile_88 OBJ_id_pkix_mod,7L
+
+#define SN_id_mod_kea_profile_93 "id-mod-kea-profile-93"
+#define NID_id_mod_kea_profile_93 276
+#define OBJ_id_mod_kea_profile_93 OBJ_id_pkix_mod,8L
+
+#define SN_id_mod_cmp "id-mod-cmp"
+#define NID_id_mod_cmp 277
+#define OBJ_id_mod_cmp OBJ_id_pkix_mod,9L
+
+#define SN_id_mod_qualified_cert_88 "id-mod-qualified-cert-88"
+#define NID_id_mod_qualified_cert_88 278
+#define OBJ_id_mod_qualified_cert_88 OBJ_id_pkix_mod,10L
+
+#define SN_id_mod_qualified_cert_93 "id-mod-qualified-cert-93"
+#define NID_id_mod_qualified_cert_93 279
+#define OBJ_id_mod_qualified_cert_93 OBJ_id_pkix_mod,11L
+
+#define SN_id_mod_attribute_cert "id-mod-attribute-cert"
+#define NID_id_mod_attribute_cert 280
+#define OBJ_id_mod_attribute_cert OBJ_id_pkix_mod,12L
+
+#define SN_id_mod_timestamp_protocol "id-mod-timestamp-protocol"
+#define NID_id_mod_timestamp_protocol 281
+#define OBJ_id_mod_timestamp_protocol OBJ_id_pkix_mod,13L
+
+#define SN_id_mod_ocsp "id-mod-ocsp"
+#define NID_id_mod_ocsp 282
+#define OBJ_id_mod_ocsp OBJ_id_pkix_mod,14L
+
+#define SN_id_mod_dvcs "id-mod-dvcs"
+#define NID_id_mod_dvcs 283
+#define OBJ_id_mod_dvcs OBJ_id_pkix_mod,15L
+
+#define SN_id_mod_cmp2000 "id-mod-cmp2000"
+#define NID_id_mod_cmp2000 284
+#define OBJ_id_mod_cmp2000 OBJ_id_pkix_mod,16L
+
+#define SN_info_access "authorityInfoAccess"
+#define LN_info_access "Authority Information Access"
+#define NID_info_access 177
+#define OBJ_info_access OBJ_id_pe,1L
+
+#define SN_biometricInfo "biometricInfo"
+#define LN_biometricInfo "Biometric Info"
+#define NID_biometricInfo 285
+#define OBJ_biometricInfo OBJ_id_pe,2L
+
+#define SN_qcStatements "qcStatements"
+#define NID_qcStatements 286
+#define OBJ_qcStatements OBJ_id_pe,3L
+
+#define SN_ac_auditEntity "ac-auditEntity"
+#define NID_ac_auditEntity 287
+#define OBJ_ac_auditEntity OBJ_id_pe,4L
+
+#define SN_ac_targeting "ac-targeting"
+#define NID_ac_targeting 288
+#define OBJ_ac_targeting OBJ_id_pe,5L
+
+#define SN_aaControls "aaControls"
+#define NID_aaControls 289
+#define OBJ_aaControls OBJ_id_pe,6L
+
+#define SN_sbgp_ipAddrBlock "sbgp-ipAddrBlock"
+#define NID_sbgp_ipAddrBlock 290
+#define OBJ_sbgp_ipAddrBlock OBJ_id_pe,7L
+
+#define SN_sbgp_autonomousSysNum "sbgp-autonomousSysNum"
+#define NID_sbgp_autonomousSysNum 291
+#define OBJ_sbgp_autonomousSysNum OBJ_id_pe,8L
+
+#define SN_sbgp_routerIdentifier "sbgp-routerIdentifier"
+#define NID_sbgp_routerIdentifier 292
+#define OBJ_sbgp_routerIdentifier OBJ_id_pe,9L
+
+#define SN_ac_proxying "ac-proxying"
+#define NID_ac_proxying 397
+#define OBJ_ac_proxying OBJ_id_pe,10L
+
+#define SN_sinfo_access "subjectInfoAccess"
+#define LN_sinfo_access "Subject Information Access"
+#define NID_sinfo_access 398
+#define OBJ_sinfo_access OBJ_id_pe,11L
+
+#define SN_proxyCertInfo "proxyCertInfo"
+#define LN_proxyCertInfo "Proxy Certificate Information"
+#define NID_proxyCertInfo 663
+#define OBJ_proxyCertInfo OBJ_id_pe,14L
+
+#define SN_tlsfeature "tlsfeature"
+#define LN_tlsfeature "TLS Feature"
+#define NID_tlsfeature 1020
+#define OBJ_tlsfeature OBJ_id_pe,24L
+
+#define SN_id_qt_cps "id-qt-cps"
+#define LN_id_qt_cps "Policy Qualifier CPS"
+#define NID_id_qt_cps 164
+#define OBJ_id_qt_cps OBJ_id_qt,1L
+
+#define SN_id_qt_unotice "id-qt-unotice"
+#define LN_id_qt_unotice "Policy Qualifier User Notice"
+#define NID_id_qt_unotice 165
+#define OBJ_id_qt_unotice OBJ_id_qt,2L
+
+#define SN_textNotice "textNotice"
+#define NID_textNotice 293
+#define OBJ_textNotice OBJ_id_qt,3L
+
+#define SN_server_auth "serverAuth"
+#define LN_server_auth "TLS Web Server Authentication"
+#define NID_server_auth 129
+#define OBJ_server_auth OBJ_id_kp,1L
+
+#define SN_client_auth "clientAuth"
+#define LN_client_auth "TLS Web Client Authentication"
+#define NID_client_auth 130
+#define OBJ_client_auth OBJ_id_kp,2L
+
+#define SN_code_sign "codeSigning"
+#define LN_code_sign "Code Signing"
+#define NID_code_sign 131
+#define OBJ_code_sign OBJ_id_kp,3L
+
+#define SN_email_protect "emailProtection"
+#define LN_email_protect "E-mail Protection"
+#define NID_email_protect 132
+#define OBJ_email_protect OBJ_id_kp,4L
+
+#define SN_ipsecEndSystem "ipsecEndSystem"
+#define LN_ipsecEndSystem "IPSec End System"
+#define NID_ipsecEndSystem 294
+#define OBJ_ipsecEndSystem OBJ_id_kp,5L
+
+#define SN_ipsecTunnel "ipsecTunnel"
+#define LN_ipsecTunnel "IPSec Tunnel"
+#define NID_ipsecTunnel 295
+#define OBJ_ipsecTunnel OBJ_id_kp,6L
+
+#define SN_ipsecUser "ipsecUser"
+#define LN_ipsecUser "IPSec User"
+#define NID_ipsecUser 296
+#define OBJ_ipsecUser OBJ_id_kp,7L
+
+#define SN_time_stamp "timeStamping"
+#define LN_time_stamp "Time Stamping"
+#define NID_time_stamp 133
+#define OBJ_time_stamp OBJ_id_kp,8L
+
+#define SN_OCSP_sign "OCSPSigning"
+#define LN_OCSP_sign "OCSP Signing"
+#define NID_OCSP_sign 180
+#define OBJ_OCSP_sign OBJ_id_kp,9L
+
+#define SN_dvcs "DVCS"
+#define LN_dvcs "dvcs"
+#define NID_dvcs 297
+#define OBJ_dvcs OBJ_id_kp,10L
+
+#define SN_ipsec_IKE "ipsecIKE"
+#define LN_ipsec_IKE "ipsec Internet Key Exchange"
+#define NID_ipsec_IKE 1022
+#define OBJ_ipsec_IKE OBJ_id_kp,17L
+
+#define SN_capwapAC "capwapAC"
+#define LN_capwapAC "Ctrl/provision WAP Access"
+#define NID_capwapAC 1023
+#define OBJ_capwapAC OBJ_id_kp,18L
+
+#define SN_capwapWTP "capwapWTP"
+#define LN_capwapWTP "Ctrl/Provision WAP Termination"
+#define NID_capwapWTP 1024
+#define OBJ_capwapWTP OBJ_id_kp,19L
+
+#define SN_sshClient "secureShellClient"
+#define LN_sshClient "SSH Client"
+#define NID_sshClient 1025
+#define OBJ_sshClient OBJ_id_kp,21L
+
+#define SN_sshServer "secureShellServer"
+#define LN_sshServer "SSH Server"
+#define NID_sshServer 1026
+#define OBJ_sshServer OBJ_id_kp,22L
+
+#define SN_sendRouter "sendRouter"
+#define LN_sendRouter "Send Router"
+#define NID_sendRouter 1027
+#define OBJ_sendRouter OBJ_id_kp,23L
+
+#define SN_sendProxiedRouter "sendProxiedRouter"
+#define LN_sendProxiedRouter "Send Proxied Router"
+#define NID_sendProxiedRouter 1028
+#define OBJ_sendProxiedRouter OBJ_id_kp,24L
+
+#define SN_sendOwner "sendOwner"
+#define LN_sendOwner "Send Owner"
+#define NID_sendOwner 1029
+#define OBJ_sendOwner OBJ_id_kp,25L
+
+#define SN_sendProxiedOwner "sendProxiedOwner"
+#define LN_sendProxiedOwner "Send Proxied Owner"
+#define NID_sendProxiedOwner 1030
+#define OBJ_sendProxiedOwner OBJ_id_kp,26L
+
+#define SN_cmcCA "cmcCA"
+#define LN_cmcCA "CMC Certificate Authority"
+#define NID_cmcCA 1131
+#define OBJ_cmcCA OBJ_id_kp,27L
+
+#define SN_cmcRA "cmcRA"
+#define LN_cmcRA "CMC Registration Authority"
+#define NID_cmcRA 1132
+#define OBJ_cmcRA OBJ_id_kp,28L
+
+#define SN_id_it_caProtEncCert "id-it-caProtEncCert"
+#define NID_id_it_caProtEncCert 298
+#define OBJ_id_it_caProtEncCert OBJ_id_it,1L
+
+#define SN_id_it_signKeyPairTypes "id-it-signKeyPairTypes"
+#define NID_id_it_signKeyPairTypes 299
+#define OBJ_id_it_signKeyPairTypes OBJ_id_it,2L
+
+#define SN_id_it_encKeyPairTypes "id-it-encKeyPairTypes"
+#define NID_id_it_encKeyPairTypes 300
+#define OBJ_id_it_encKeyPairTypes OBJ_id_it,3L
+
+#define SN_id_it_preferredSymmAlg "id-it-preferredSymmAlg"
+#define NID_id_it_preferredSymmAlg 301
+#define OBJ_id_it_preferredSymmAlg OBJ_id_it,4L
+
+#define SN_id_it_caKeyUpdateInfo "id-it-caKeyUpdateInfo"
+#define NID_id_it_caKeyUpdateInfo 302
+#define OBJ_id_it_caKeyUpdateInfo OBJ_id_it,5L
+
+#define SN_id_it_currentCRL "id-it-currentCRL"
+#define NID_id_it_currentCRL 303
+#define OBJ_id_it_currentCRL OBJ_id_it,6L
+
+#define SN_id_it_unsupportedOIDs "id-it-unsupportedOIDs"
+#define NID_id_it_unsupportedOIDs 304
+#define OBJ_id_it_unsupportedOIDs OBJ_id_it,7L
+
+#define SN_id_it_subscriptionRequest "id-it-subscriptionRequest"
+#define NID_id_it_subscriptionRequest 305
+#define OBJ_id_it_subscriptionRequest OBJ_id_it,8L
+
+#define SN_id_it_subscriptionResponse "id-it-subscriptionResponse"
+#define NID_id_it_subscriptionResponse 306
+#define OBJ_id_it_subscriptionResponse OBJ_id_it,9L
+
+#define SN_id_it_keyPairParamReq "id-it-keyPairParamReq"
+#define NID_id_it_keyPairParamReq 307
+#define OBJ_id_it_keyPairParamReq OBJ_id_it,10L
+
+#define SN_id_it_keyPairParamRep "id-it-keyPairParamRep"
+#define NID_id_it_keyPairParamRep 308
+#define OBJ_id_it_keyPairParamRep OBJ_id_it,11L
+
+#define SN_id_it_revPassphrase "id-it-revPassphrase"
+#define NID_id_it_revPassphrase 309
+#define OBJ_id_it_revPassphrase OBJ_id_it,12L
+
+#define SN_id_it_implicitConfirm "id-it-implicitConfirm"
+#define NID_id_it_implicitConfirm 310
+#define OBJ_id_it_implicitConfirm OBJ_id_it,13L
+
+#define SN_id_it_confirmWaitTime "id-it-confirmWaitTime"
+#define NID_id_it_confirmWaitTime 311
+#define OBJ_id_it_confirmWaitTime OBJ_id_it,14L
+
+#define SN_id_it_origPKIMessage "id-it-origPKIMessage"
+#define NID_id_it_origPKIMessage 312
+#define OBJ_id_it_origPKIMessage OBJ_id_it,15L
+
+#define SN_id_it_suppLangTags "id-it-suppLangTags"
+#define NID_id_it_suppLangTags 784
+#define OBJ_id_it_suppLangTags OBJ_id_it,16L
+
+#define SN_id_regCtrl "id-regCtrl"
+#define NID_id_regCtrl 313
+#define OBJ_id_regCtrl OBJ_id_pkip,1L
+
+#define SN_id_regInfo "id-regInfo"
+#define NID_id_regInfo 314
+#define OBJ_id_regInfo OBJ_id_pkip,2L
+
+#define SN_id_regCtrl_regToken "id-regCtrl-regToken"
+#define NID_id_regCtrl_regToken 315
+#define OBJ_id_regCtrl_regToken OBJ_id_regCtrl,1L
+
+#define SN_id_regCtrl_authenticator "id-regCtrl-authenticator"
+#define NID_id_regCtrl_authenticator 316
+#define OBJ_id_regCtrl_authenticator OBJ_id_regCtrl,2L
+
+#define SN_id_regCtrl_pkiPublicationInfo "id-regCtrl-pkiPublicationInfo"
+#define NID_id_regCtrl_pkiPublicationInfo 317
+#define OBJ_id_regCtrl_pkiPublicationInfo OBJ_id_regCtrl,3L
+
+#define SN_id_regCtrl_pkiArchiveOptions "id-regCtrl-pkiArchiveOptions"
+#define NID_id_regCtrl_pkiArchiveOptions 318
+#define OBJ_id_regCtrl_pkiArchiveOptions OBJ_id_regCtrl,4L
+
+#define SN_id_regCtrl_oldCertID "id-regCtrl-oldCertID"
+#define NID_id_regCtrl_oldCertID 319
+#define OBJ_id_regCtrl_oldCertID OBJ_id_regCtrl,5L
+
+#define SN_id_regCtrl_protocolEncrKey "id-regCtrl-protocolEncrKey"
+#define NID_id_regCtrl_protocolEncrKey 320
+#define OBJ_id_regCtrl_protocolEncrKey OBJ_id_regCtrl,6L
+
+#define SN_id_regInfo_utf8Pairs "id-regInfo-utf8Pairs"
+#define NID_id_regInfo_utf8Pairs 321
+#define OBJ_id_regInfo_utf8Pairs OBJ_id_regInfo,1L
+
+#define SN_id_regInfo_certReq "id-regInfo-certReq"
+#define NID_id_regInfo_certReq 322
+#define OBJ_id_regInfo_certReq OBJ_id_regInfo,2L
+
+#define SN_id_alg_des40 "id-alg-des40"
+#define NID_id_alg_des40 323
+#define OBJ_id_alg_des40 OBJ_id_alg,1L
+
+#define SN_id_alg_noSignature "id-alg-noSignature"
+#define NID_id_alg_noSignature 324
+#define OBJ_id_alg_noSignature OBJ_id_alg,2L
+
+#define SN_id_alg_dh_sig_hmac_sha1 "id-alg-dh-sig-hmac-sha1"
+#define NID_id_alg_dh_sig_hmac_sha1 325
+#define OBJ_id_alg_dh_sig_hmac_sha1 OBJ_id_alg,3L
+
+#define SN_id_alg_dh_pop "id-alg-dh-pop"
+#define NID_id_alg_dh_pop 326
+#define OBJ_id_alg_dh_pop OBJ_id_alg,4L
+
+#define SN_id_cmc_statusInfo "id-cmc-statusInfo"
+#define NID_id_cmc_statusInfo 327
+#define OBJ_id_cmc_statusInfo OBJ_id_cmc,1L
+
+#define SN_id_cmc_identification "id-cmc-identification"
+#define NID_id_cmc_identification 328
+#define OBJ_id_cmc_identification OBJ_id_cmc,2L
+
+#define SN_id_cmc_identityProof "id-cmc-identityProof"
+#define NID_id_cmc_identityProof 329
+#define OBJ_id_cmc_identityProof OBJ_id_cmc,3L
+
+#define SN_id_cmc_dataReturn "id-cmc-dataReturn"
+#define NID_id_cmc_dataReturn 330
+#define OBJ_id_cmc_dataReturn OBJ_id_cmc,4L
+
+#define SN_id_cmc_transactionId "id-cmc-transactionId"
+#define NID_id_cmc_transactionId 331
+#define OBJ_id_cmc_transactionId OBJ_id_cmc,5L
+
+#define SN_id_cmc_senderNonce "id-cmc-senderNonce"
+#define NID_id_cmc_senderNonce 332
+#define OBJ_id_cmc_senderNonce OBJ_id_cmc,6L
+
+#define SN_id_cmc_recipientNonce "id-cmc-recipientNonce"
+#define NID_id_cmc_recipientNonce 333
+#define OBJ_id_cmc_recipientNonce OBJ_id_cmc,7L
+
+#define SN_id_cmc_addExtensions "id-cmc-addExtensions"
+#define NID_id_cmc_addExtensions 334
+#define OBJ_id_cmc_addExtensions OBJ_id_cmc,8L
+
+#define SN_id_cmc_encryptedPOP "id-cmc-encryptedPOP"
+#define NID_id_cmc_encryptedPOP 335
+#define OBJ_id_cmc_encryptedPOP OBJ_id_cmc,9L
+
+#define SN_id_cmc_decryptedPOP "id-cmc-decryptedPOP"
+#define NID_id_cmc_decryptedPOP 336
+#define OBJ_id_cmc_decryptedPOP OBJ_id_cmc,10L
+
+#define SN_id_cmc_lraPOPWitness "id-cmc-lraPOPWitness"
+#define NID_id_cmc_lraPOPWitness 337
+#define OBJ_id_cmc_lraPOPWitness OBJ_id_cmc,11L
+
+#define SN_id_cmc_getCert "id-cmc-getCert"
+#define NID_id_cmc_getCert 338
+#define OBJ_id_cmc_getCert OBJ_id_cmc,15L
+
+#define SN_id_cmc_getCRL "id-cmc-getCRL"
+#define NID_id_cmc_getCRL 339
+#define OBJ_id_cmc_getCRL OBJ_id_cmc,16L
+
+#define SN_id_cmc_revokeRequest "id-cmc-revokeRequest"
+#define NID_id_cmc_revokeRequest 340
+#define OBJ_id_cmc_revokeRequest OBJ_id_cmc,17L
+
+#define SN_id_cmc_regInfo "id-cmc-regInfo"
+#define NID_id_cmc_regInfo 341
+#define OBJ_id_cmc_regInfo OBJ_id_cmc,18L
+
+#define SN_id_cmc_responseInfo "id-cmc-responseInfo"
+#define NID_id_cmc_responseInfo 342
+#define OBJ_id_cmc_responseInfo OBJ_id_cmc,19L
+
+#define SN_id_cmc_queryPending "id-cmc-queryPending"
+#define NID_id_cmc_queryPending 343
+#define OBJ_id_cmc_queryPending OBJ_id_cmc,21L
+
+#define SN_id_cmc_popLinkRandom "id-cmc-popLinkRandom"
+#define NID_id_cmc_popLinkRandom 344
+#define OBJ_id_cmc_popLinkRandom OBJ_id_cmc,22L
+
+#define SN_id_cmc_popLinkWitness "id-cmc-popLinkWitness"
+#define NID_id_cmc_popLinkWitness 345
+#define OBJ_id_cmc_popLinkWitness OBJ_id_cmc,23L
+
+#define SN_id_cmc_confirmCertAcceptance "id-cmc-confirmCertAcceptance"
+#define NID_id_cmc_confirmCertAcceptance 346
+#define OBJ_id_cmc_confirmCertAcceptance OBJ_id_cmc,24L
+
+#define SN_id_on_personalData "id-on-personalData"
+#define NID_id_on_personalData 347
+#define OBJ_id_on_personalData OBJ_id_on,1L
+
+#define SN_id_on_permanentIdentifier "id-on-permanentIdentifier"
+#define LN_id_on_permanentIdentifier "Permanent Identifier"
+#define NID_id_on_permanentIdentifier 858
+#define OBJ_id_on_permanentIdentifier OBJ_id_on,3L
+
+#define SN_XmppAddr "id-on-xmppAddr"
+#define LN_XmppAddr "XmppAddr"
+#define NID_XmppAddr 1209
+#define OBJ_XmppAddr OBJ_id_on,5L
+
+#define SN_SRVName "id-on-dnsSRV"
+#define LN_SRVName "SRVName"
+#define NID_SRVName 1210
+#define OBJ_SRVName OBJ_id_on,7L
+
+#define SN_NAIRealm "id-on-NAIRealm"
+#define LN_NAIRealm "NAIRealm"
+#define NID_NAIRealm 1211
+#define OBJ_NAIRealm OBJ_id_on,8L
+
+#define SN_id_on_SmtpUTF8Mailbox "id-on-SmtpUTF8Mailbox"
+#define LN_id_on_SmtpUTF8Mailbox "Smtp UTF8 Mailbox"
+#define NID_id_on_SmtpUTF8Mailbox 1208
+#define OBJ_id_on_SmtpUTF8Mailbox OBJ_id_on,9L
+
+#define SN_id_pda_dateOfBirth "id-pda-dateOfBirth"
+#define NID_id_pda_dateOfBirth 348
+#define OBJ_id_pda_dateOfBirth OBJ_id_pda,1L
+
+#define SN_id_pda_placeOfBirth "id-pda-placeOfBirth"
+#define NID_id_pda_placeOfBirth 349
+#define OBJ_id_pda_placeOfBirth OBJ_id_pda,2L
+
+#define SN_id_pda_gender "id-pda-gender"
+#define NID_id_pda_gender 351
+#define OBJ_id_pda_gender OBJ_id_pda,3L
+
+#define SN_id_pda_countryOfCitizenship "id-pda-countryOfCitizenship"
+#define NID_id_pda_countryOfCitizenship 352
+#define OBJ_id_pda_countryOfCitizenship OBJ_id_pda,4L
+
+#define SN_id_pda_countryOfResidence "id-pda-countryOfResidence"
+#define NID_id_pda_countryOfResidence 353
+#define OBJ_id_pda_countryOfResidence OBJ_id_pda,5L
+
+#define SN_id_aca_authenticationInfo "id-aca-authenticationInfo"
+#define NID_id_aca_authenticationInfo 354
+#define OBJ_id_aca_authenticationInfo OBJ_id_aca,1L
+
+#define SN_id_aca_accessIdentity "id-aca-accessIdentity"
+#define NID_id_aca_accessIdentity 355
+#define OBJ_id_aca_accessIdentity OBJ_id_aca,2L
+
+#define SN_id_aca_chargingIdentity "id-aca-chargingIdentity"
+#define NID_id_aca_chargingIdentity 356
+#define OBJ_id_aca_chargingIdentity OBJ_id_aca,3L
+
+#define SN_id_aca_group "id-aca-group"
+#define NID_id_aca_group 357
+#define OBJ_id_aca_group OBJ_id_aca,4L
+
+#define SN_id_aca_role "id-aca-role"
+#define NID_id_aca_role 358
+#define OBJ_id_aca_role OBJ_id_aca,5L
+
+#define SN_id_aca_encAttrs "id-aca-encAttrs"
+#define NID_id_aca_encAttrs 399
+#define OBJ_id_aca_encAttrs OBJ_id_aca,6L
+
+#define SN_id_qcs_pkixQCSyntax_v1 "id-qcs-pkixQCSyntax-v1"
+#define NID_id_qcs_pkixQCSyntax_v1 359
+#define OBJ_id_qcs_pkixQCSyntax_v1 OBJ_id_qcs,1L
+
+#define SN_id_cct_crs "id-cct-crs"
+#define NID_id_cct_crs 360
+#define OBJ_id_cct_crs OBJ_id_cct,1L
+
+#define SN_id_cct_PKIData "id-cct-PKIData"
+#define NID_id_cct_PKIData 361
+#define OBJ_id_cct_PKIData OBJ_id_cct,2L
+
+#define SN_id_cct_PKIResponse "id-cct-PKIResponse"
+#define NID_id_cct_PKIResponse 362
+#define OBJ_id_cct_PKIResponse OBJ_id_cct,3L
+
+#define SN_id_ppl_anyLanguage "id-ppl-anyLanguage"
+#define LN_id_ppl_anyLanguage "Any language"
+#define NID_id_ppl_anyLanguage 664
+#define OBJ_id_ppl_anyLanguage OBJ_id_ppl,0L
+
+#define SN_id_ppl_inheritAll "id-ppl-inheritAll"
+#define LN_id_ppl_inheritAll "Inherit all"
+#define NID_id_ppl_inheritAll 665
+#define OBJ_id_ppl_inheritAll OBJ_id_ppl,1L
+
+#define SN_Independent "id-ppl-independent"
+#define LN_Independent "Independent"
+#define NID_Independent 667
+#define OBJ_Independent OBJ_id_ppl,2L
+
+#define SN_ad_OCSP "OCSP"
+#define LN_ad_OCSP "OCSP"
+#define NID_ad_OCSP 178
+#define OBJ_ad_OCSP OBJ_id_ad,1L
+
+#define SN_ad_ca_issuers "caIssuers"
+#define LN_ad_ca_issuers "CA Issuers"
+#define NID_ad_ca_issuers 179
+#define OBJ_ad_ca_issuers OBJ_id_ad,2L
+
+#define SN_ad_timeStamping "ad_timestamping"
+#define LN_ad_timeStamping "AD Time Stamping"
+#define NID_ad_timeStamping 363
+#define OBJ_ad_timeStamping OBJ_id_ad,3L
+
+#define SN_ad_dvcs "AD_DVCS"
+#define LN_ad_dvcs "ad dvcs"
+#define NID_ad_dvcs 364
+#define OBJ_ad_dvcs OBJ_id_ad,4L
+
+#define SN_caRepository "caRepository"
+#define LN_caRepository "CA Repository"
+#define NID_caRepository 785
+#define OBJ_caRepository OBJ_id_ad,5L
+
+#define OBJ_id_pkix_OCSP OBJ_ad_OCSP
+
+#define SN_id_pkix_OCSP_basic "basicOCSPResponse"
+#define LN_id_pkix_OCSP_basic "Basic OCSP Response"
+#define NID_id_pkix_OCSP_basic 365
+#define OBJ_id_pkix_OCSP_basic OBJ_id_pkix_OCSP,1L
+
+#define SN_id_pkix_OCSP_Nonce "Nonce"
+#define LN_id_pkix_OCSP_Nonce "OCSP Nonce"
+#define NID_id_pkix_OCSP_Nonce 366
+#define OBJ_id_pkix_OCSP_Nonce OBJ_id_pkix_OCSP,2L
+
+#define SN_id_pkix_OCSP_CrlID "CrlID"
+#define LN_id_pkix_OCSP_CrlID "OCSP CRL ID"
+#define NID_id_pkix_OCSP_CrlID 367
+#define OBJ_id_pkix_OCSP_CrlID OBJ_id_pkix_OCSP,3L
+
+#define SN_id_pkix_OCSP_acceptableResponses "acceptableResponses"
+#define LN_id_pkix_OCSP_acceptableResponses "Acceptable OCSP Responses"
+#define NID_id_pkix_OCSP_acceptableResponses 368
+#define OBJ_id_pkix_OCSP_acceptableResponses OBJ_id_pkix_OCSP,4L
+
+#define SN_id_pkix_OCSP_noCheck "noCheck"
+#define LN_id_pkix_OCSP_noCheck "OCSP No Check"
+#define NID_id_pkix_OCSP_noCheck 369
+#define OBJ_id_pkix_OCSP_noCheck OBJ_id_pkix_OCSP,5L
+
+#define SN_id_pkix_OCSP_archiveCutoff "archiveCutoff"
+#define LN_id_pkix_OCSP_archiveCutoff "OCSP Archive Cutoff"
+#define NID_id_pkix_OCSP_archiveCutoff 370
+#define OBJ_id_pkix_OCSP_archiveCutoff OBJ_id_pkix_OCSP,6L
+
+#define SN_id_pkix_OCSP_serviceLocator "serviceLocator"
+#define LN_id_pkix_OCSP_serviceLocator "OCSP Service Locator"
+#define NID_id_pkix_OCSP_serviceLocator 371
+#define OBJ_id_pkix_OCSP_serviceLocator OBJ_id_pkix_OCSP,7L
+
+#define SN_id_pkix_OCSP_extendedStatus "extendedStatus"
+#define LN_id_pkix_OCSP_extendedStatus "Extended OCSP Status"
+#define NID_id_pkix_OCSP_extendedStatus 372
+#define OBJ_id_pkix_OCSP_extendedStatus OBJ_id_pkix_OCSP,8L
+
+#define SN_id_pkix_OCSP_valid "valid"
+#define NID_id_pkix_OCSP_valid 373
+#define OBJ_id_pkix_OCSP_valid OBJ_id_pkix_OCSP,9L
+
+#define SN_id_pkix_OCSP_path "path"
+#define NID_id_pkix_OCSP_path 374
+#define OBJ_id_pkix_OCSP_path OBJ_id_pkix_OCSP,10L
+
+#define SN_id_pkix_OCSP_trustRoot "trustRoot"
+#define LN_id_pkix_OCSP_trustRoot "Trust Root"
+#define NID_id_pkix_OCSP_trustRoot 375
+#define OBJ_id_pkix_OCSP_trustRoot OBJ_id_pkix_OCSP,11L
+
+#define SN_algorithm "algorithm"
+#define LN_algorithm "algorithm"
+#define NID_algorithm 376
+#define OBJ_algorithm 1L,3L,14L,3L,2L
+
+#define SN_md5WithRSA "RSA-NP-MD5"
+#define LN_md5WithRSA "md5WithRSA"
+#define NID_md5WithRSA 104
+#define OBJ_md5WithRSA OBJ_algorithm,3L
+
+#define SN_des_ecb "DES-ECB"
+#define LN_des_ecb "des-ecb"
+#define NID_des_ecb 29
+#define OBJ_des_ecb OBJ_algorithm,6L
+
+#define SN_des_cbc "DES-CBC"
+#define LN_des_cbc "des-cbc"
+#define NID_des_cbc 31
+#define OBJ_des_cbc OBJ_algorithm,7L
+
+#define SN_des_ofb64 "DES-OFB"
+#define LN_des_ofb64 "des-ofb"
+#define NID_des_ofb64 45
+#define OBJ_des_ofb64 OBJ_algorithm,8L
+
+#define SN_des_cfb64 "DES-CFB"
+#define LN_des_cfb64 "des-cfb"
+#define NID_des_cfb64 30
+#define OBJ_des_cfb64 OBJ_algorithm,9L
+
+#define SN_rsaSignature "rsaSignature"
+#define NID_rsaSignature 377
+#define OBJ_rsaSignature OBJ_algorithm,11L
+
+#define SN_dsa_2 "DSA-old"
+#define LN_dsa_2 "dsaEncryption-old"
+#define NID_dsa_2 67
+#define OBJ_dsa_2 OBJ_algorithm,12L
+
+#define SN_dsaWithSHA "DSA-SHA"
+#define LN_dsaWithSHA "dsaWithSHA"
+#define NID_dsaWithSHA 66
+#define OBJ_dsaWithSHA OBJ_algorithm,13L
+
+#define SN_shaWithRSAEncryption "RSA-SHA"
+#define LN_shaWithRSAEncryption "shaWithRSAEncryption"
+#define NID_shaWithRSAEncryption 42
+#define OBJ_shaWithRSAEncryption OBJ_algorithm,15L
+
+#define SN_des_ede_ecb "DES-EDE"
+#define LN_des_ede_ecb "des-ede"
+#define NID_des_ede_ecb 32
+#define OBJ_des_ede_ecb OBJ_algorithm,17L
+
+#define SN_des_ede3_ecb "DES-EDE3"
+#define LN_des_ede3_ecb "des-ede3"
+#define NID_des_ede3_ecb 33
+
+#define SN_des_ede_cbc "DES-EDE-CBC"
+#define LN_des_ede_cbc "des-ede-cbc"
+#define NID_des_ede_cbc 43
+
+#define SN_des_ede_cfb64 "DES-EDE-CFB"
+#define LN_des_ede_cfb64 "des-ede-cfb"
+#define NID_des_ede_cfb64 60
+
+#define SN_des_ede3_cfb64 "DES-EDE3-CFB"
+#define LN_des_ede3_cfb64 "des-ede3-cfb"
+#define NID_des_ede3_cfb64 61
+
+#define SN_des_ede_ofb64 "DES-EDE-OFB"
+#define LN_des_ede_ofb64 "des-ede-ofb"
+#define NID_des_ede_ofb64 62
+
+#define SN_des_ede3_ofb64 "DES-EDE3-OFB"
+#define LN_des_ede3_ofb64 "des-ede3-ofb"
+#define NID_des_ede3_ofb64 63
+
+#define SN_desx_cbc "DESX-CBC"
+#define LN_desx_cbc "desx-cbc"
+#define NID_desx_cbc 80
+
+#define SN_sha "SHA"
+#define LN_sha "sha"
+#define NID_sha 41
+#define OBJ_sha OBJ_algorithm,18L
+
+#define SN_sha1 "SHA1"
+#define LN_sha1 "sha1"
+#define NID_sha1 64
+#define OBJ_sha1 OBJ_algorithm,26L
+
+#define SN_dsaWithSHA1_2 "DSA-SHA1-old"
+#define LN_dsaWithSHA1_2 "dsaWithSHA1-old"
+#define NID_dsaWithSHA1_2 70
+#define OBJ_dsaWithSHA1_2 OBJ_algorithm,27L
+
+#define SN_sha1WithRSA "RSA-SHA1-2"
+#define LN_sha1WithRSA "sha1WithRSA"
+#define NID_sha1WithRSA 115
+#define OBJ_sha1WithRSA OBJ_algorithm,29L
+
+#define SN_ripemd160 "RIPEMD160"
+#define LN_ripemd160 "ripemd160"
+#define NID_ripemd160 117
+#define OBJ_ripemd160 1L,3L,36L,3L,2L,1L
+
+#define SN_ripemd160WithRSA "RSA-RIPEMD160"
+#define LN_ripemd160WithRSA "ripemd160WithRSA"
+#define NID_ripemd160WithRSA 119
+#define OBJ_ripemd160WithRSA 1L,3L,36L,3L,3L,1L,2L
+
+#define SN_blake2bmac "BLAKE2BMAC"
+#define LN_blake2bmac "blake2bmac"
+#define NID_blake2bmac 1201
+#define OBJ_blake2bmac 1L,3L,6L,1L,4L,1L,1722L,12L,2L,1L
+
+#define SN_blake2smac "BLAKE2SMAC"
+#define LN_blake2smac "blake2smac"
+#define NID_blake2smac 1202
+#define OBJ_blake2smac 1L,3L,6L,1L,4L,1L,1722L,12L,2L,2L
+
+#define SN_blake2b512 "BLAKE2b512"
+#define LN_blake2b512 "blake2b512"
+#define NID_blake2b512 1056
+#define OBJ_blake2b512 OBJ_blake2bmac,16L
+
+#define SN_blake2s256 "BLAKE2s256"
+#define LN_blake2s256 "blake2s256"
+#define NID_blake2s256 1057
+#define OBJ_blake2s256 OBJ_blake2smac,8L
+
+#define SN_sxnet "SXNetID"
+#define LN_sxnet "Strong Extranet ID"
+#define NID_sxnet 143
+#define OBJ_sxnet 1L,3L,101L,1L,4L,1L
+
+#define SN_X500 "X500"
+#define LN_X500 "directory services (X.500)"
+#define NID_X500 11
+#define OBJ_X500 2L,5L
+
+#define SN_X509 "X509"
+#define NID_X509 12
+#define OBJ_X509 OBJ_X500,4L
+
+#define SN_commonName "CN"
+#define LN_commonName "commonName"
+#define NID_commonName 13
+#define OBJ_commonName OBJ_X509,3L
+
+#define SN_surname "SN"
+#define LN_surname "surname"
+#define NID_surname 100
+#define OBJ_surname OBJ_X509,4L
+
+#define LN_serialNumber "serialNumber"
+#define NID_serialNumber 105
+#define OBJ_serialNumber OBJ_X509,5L
+
+#define SN_countryName "C"
+#define LN_countryName "countryName"
+#define NID_countryName 14
+#define OBJ_countryName OBJ_X509,6L
+
+#define SN_localityName "L"
+#define LN_localityName "localityName"
+#define NID_localityName 15
+#define OBJ_localityName OBJ_X509,7L
+
+#define SN_stateOrProvinceName "ST"
+#define LN_stateOrProvinceName "stateOrProvinceName"
+#define NID_stateOrProvinceName 16
+#define OBJ_stateOrProvinceName OBJ_X509,8L
+
+#define SN_streetAddress "street"
+#define LN_streetAddress "streetAddress"
+#define NID_streetAddress 660
+#define OBJ_streetAddress OBJ_X509,9L
+
+#define SN_organizationName "O"
+#define LN_organizationName "organizationName"
+#define NID_organizationName 17
+#define OBJ_organizationName OBJ_X509,10L
+
+#define SN_organizationalUnitName "OU"
+#define LN_organizationalUnitName "organizationalUnitName"
+#define NID_organizationalUnitName 18
+#define OBJ_organizationalUnitName OBJ_X509,11L
+
+#define SN_title "title"
+#define LN_title "title"
+#define NID_title 106
+#define OBJ_title OBJ_X509,12L
+
+#define LN_description "description"
+#define NID_description 107
+#define OBJ_description OBJ_X509,13L
+
+#define LN_searchGuide "searchGuide"
+#define NID_searchGuide 859
+#define OBJ_searchGuide OBJ_X509,14L
+
+#define LN_businessCategory "businessCategory"
+#define NID_businessCategory 860
+#define OBJ_businessCategory OBJ_X509,15L
+
+#define LN_postalAddress "postalAddress"
+#define NID_postalAddress 861
+#define OBJ_postalAddress OBJ_X509,16L
+
+#define LN_postalCode "postalCode"
+#define NID_postalCode 661
+#define OBJ_postalCode OBJ_X509,17L
+
+#define LN_postOfficeBox "postOfficeBox"
+#define NID_postOfficeBox 862
+#define OBJ_postOfficeBox OBJ_X509,18L
+
+#define LN_physicalDeliveryOfficeName "physicalDeliveryOfficeName"
+#define NID_physicalDeliveryOfficeName 863
+#define OBJ_physicalDeliveryOfficeName OBJ_X509,19L
+
+#define LN_telephoneNumber "telephoneNumber"
+#define NID_telephoneNumber 864
+#define OBJ_telephoneNumber OBJ_X509,20L
+
+#define LN_telexNumber "telexNumber"
+#define NID_telexNumber 865
+#define OBJ_telexNumber OBJ_X509,21L
+
+#define LN_teletexTerminalIdentifier "teletexTerminalIdentifier"
+#define NID_teletexTerminalIdentifier 866
+#define OBJ_teletexTerminalIdentifier OBJ_X509,22L
+
+#define LN_facsimileTelephoneNumber "facsimileTelephoneNumber"
+#define NID_facsimileTelephoneNumber 867
+#define OBJ_facsimileTelephoneNumber OBJ_X509,23L
+
+#define LN_x121Address "x121Address"
+#define NID_x121Address 868
+#define OBJ_x121Address OBJ_X509,24L
+
+#define LN_internationaliSDNNumber "internationaliSDNNumber"
+#define NID_internationaliSDNNumber 869
+#define OBJ_internationaliSDNNumber OBJ_X509,25L
+
+#define LN_registeredAddress "registeredAddress"
+#define NID_registeredAddress 870
+#define OBJ_registeredAddress OBJ_X509,26L
+
+#define LN_destinationIndicator "destinationIndicator"
+#define NID_destinationIndicator 871
+#define OBJ_destinationIndicator OBJ_X509,27L
+
+#define LN_preferredDeliveryMethod "preferredDeliveryMethod"
+#define NID_preferredDeliveryMethod 872
+#define OBJ_preferredDeliveryMethod OBJ_X509,28L
+
+#define LN_presentationAddress "presentationAddress"
+#define NID_presentationAddress 873
+#define OBJ_presentationAddress OBJ_X509,29L
+
+#define LN_supportedApplicationContext "supportedApplicationContext"
+#define NID_supportedApplicationContext 874
+#define OBJ_supportedApplicationContext OBJ_X509,30L
+
+#define SN_member "member"
+#define NID_member 875
+#define OBJ_member OBJ_X509,31L
+
+#define SN_owner "owner"
+#define NID_owner 876
+#define OBJ_owner OBJ_X509,32L
+
+#define LN_roleOccupant "roleOccupant"
+#define NID_roleOccupant 877
+#define OBJ_roleOccupant OBJ_X509,33L
+
+#define SN_seeAlso "seeAlso"
+#define NID_seeAlso 878
+#define OBJ_seeAlso OBJ_X509,34L
+
+#define LN_userPassword "userPassword"
+#define NID_userPassword 879
+#define OBJ_userPassword OBJ_X509,35L
+
+#define LN_userCertificate "userCertificate"
+#define NID_userCertificate 880
+#define OBJ_userCertificate OBJ_X509,36L
+
+#define LN_cACertificate "cACertificate"
+#define NID_cACertificate 881
+#define OBJ_cACertificate OBJ_X509,37L
+
+#define LN_authorityRevocationList "authorityRevocationList"
+#define NID_authorityRevocationList 882
+#define OBJ_authorityRevocationList OBJ_X509,38L
+
+#define LN_certificateRevocationList "certificateRevocationList"
+#define NID_certificateRevocationList 883
+#define OBJ_certificateRevocationList OBJ_X509,39L
+
+#define LN_crossCertificatePair "crossCertificatePair"
+#define NID_crossCertificatePair 884
+#define OBJ_crossCertificatePair OBJ_X509,40L
+
+#define SN_name "name"
+#define LN_name "name"
+#define NID_name 173
+#define OBJ_name OBJ_X509,41L
+
+#define SN_givenName "GN"
+#define LN_givenName "givenName"
+#define NID_givenName 99
+#define OBJ_givenName OBJ_X509,42L
+
+#define SN_initials "initials"
+#define LN_initials "initials"
+#define NID_initials 101
+#define OBJ_initials OBJ_X509,43L
+
+#define LN_generationQualifier "generationQualifier"
+#define NID_generationQualifier 509
+#define OBJ_generationQualifier OBJ_X509,44L
+
+#define LN_x500UniqueIdentifier "x500UniqueIdentifier"
+#define NID_x500UniqueIdentifier 503
+#define OBJ_x500UniqueIdentifier OBJ_X509,45L
+
+#define SN_dnQualifier "dnQualifier"
+#define LN_dnQualifier "dnQualifier"
+#define NID_dnQualifier 174
+#define OBJ_dnQualifier OBJ_X509,46L
+
+#define LN_enhancedSearchGuide "enhancedSearchGuide"
+#define NID_enhancedSearchGuide 885
+#define OBJ_enhancedSearchGuide OBJ_X509,47L
+
+#define LN_protocolInformation "protocolInformation"
+#define NID_protocolInformation 886
+#define OBJ_protocolInformation OBJ_X509,48L
+
+#define LN_distinguishedName "distinguishedName"
+#define NID_distinguishedName 887
+#define OBJ_distinguishedName OBJ_X509,49L
+
+#define LN_uniqueMember "uniqueMember"
+#define NID_uniqueMember 888
+#define OBJ_uniqueMember OBJ_X509,50L
+
+#define LN_houseIdentifier "houseIdentifier"
+#define NID_houseIdentifier 889
+#define OBJ_houseIdentifier OBJ_X509,51L
+
+#define LN_supportedAlgorithms "supportedAlgorithms"
+#define NID_supportedAlgorithms 890
+#define OBJ_supportedAlgorithms OBJ_X509,52L
+
+#define LN_deltaRevocationList "deltaRevocationList"
+#define NID_deltaRevocationList 891
+#define OBJ_deltaRevocationList OBJ_X509,53L
+
+#define SN_dmdName "dmdName"
+#define NID_dmdName 892
+#define OBJ_dmdName OBJ_X509,54L
+
+#define LN_pseudonym "pseudonym"
+#define NID_pseudonym 510
+#define OBJ_pseudonym OBJ_X509,65L
+
+#define SN_role "role"
+#define LN_role "role"
+#define NID_role 400
+#define OBJ_role OBJ_X509,72L
+
+#define LN_organizationIdentifier "organizationIdentifier"
+#define NID_organizationIdentifier 1089
+#define OBJ_organizationIdentifier OBJ_X509,97L
+
+#define SN_countryCode3c "c3"
+#define LN_countryCode3c "countryCode3c"
+#define NID_countryCode3c 1090
+#define OBJ_countryCode3c OBJ_X509,98L
+
+#define SN_countryCode3n "n3"
+#define LN_countryCode3n "countryCode3n"
+#define NID_countryCode3n 1091
+#define OBJ_countryCode3n OBJ_X509,99L
+
+#define LN_dnsName "dnsName"
+#define NID_dnsName 1092
+#define OBJ_dnsName OBJ_X509,100L
+
+#define SN_X500algorithms "X500algorithms"
+#define LN_X500algorithms "directory services - algorithms"
+#define NID_X500algorithms 378
+#define OBJ_X500algorithms OBJ_X500,8L
+
+#define SN_rsa "RSA"
+#define LN_rsa "rsa"
+#define NID_rsa 19
+#define OBJ_rsa OBJ_X500algorithms,1L,1L
+
+#define SN_mdc2WithRSA "RSA-MDC2"
+#define LN_mdc2WithRSA "mdc2WithRSA"
+#define NID_mdc2WithRSA 96
+#define OBJ_mdc2WithRSA OBJ_X500algorithms,3L,100L
+
+#define SN_mdc2 "MDC2"
+#define LN_mdc2 "mdc2"
+#define NID_mdc2 95
+#define OBJ_mdc2 OBJ_X500algorithms,3L,101L
+
+#define SN_id_ce "id-ce"
+#define NID_id_ce 81
+#define OBJ_id_ce OBJ_X500,29L
+
+#define SN_subject_directory_attributes "subjectDirectoryAttributes"
+#define LN_subject_directory_attributes "X509v3 Subject Directory Attributes"
+#define NID_subject_directory_attributes 769
+#define OBJ_subject_directory_attributes OBJ_id_ce,9L
+
+#define SN_subject_key_identifier "subjectKeyIdentifier"
+#define LN_subject_key_identifier "X509v3 Subject Key Identifier"
+#define NID_subject_key_identifier 82
+#define OBJ_subject_key_identifier OBJ_id_ce,14L
+
+#define SN_key_usage "keyUsage"
+#define LN_key_usage "X509v3 Key Usage"
+#define NID_key_usage 83
+#define OBJ_key_usage OBJ_id_ce,15L
+
+#define SN_private_key_usage_period "privateKeyUsagePeriod"
+#define LN_private_key_usage_period "X509v3 Private Key Usage Period"
+#define NID_private_key_usage_period 84
+#define OBJ_private_key_usage_period OBJ_id_ce,16L
+
+#define SN_subject_alt_name "subjectAltName"
+#define LN_subject_alt_name "X509v3 Subject Alternative Name"
+#define NID_subject_alt_name 85
+#define OBJ_subject_alt_name OBJ_id_ce,17L
+
+#define SN_issuer_alt_name "issuerAltName"
+#define LN_issuer_alt_name "X509v3 Issuer Alternative Name"
+#define NID_issuer_alt_name 86
+#define OBJ_issuer_alt_name OBJ_id_ce,18L
+
+#define SN_basic_constraints "basicConstraints"
+#define LN_basic_constraints "X509v3 Basic Constraints"
+#define NID_basic_constraints 87
+#define OBJ_basic_constraints OBJ_id_ce,19L
+
+#define SN_crl_number "crlNumber"
+#define LN_crl_number "X509v3 CRL Number"
+#define NID_crl_number 88
+#define OBJ_crl_number OBJ_id_ce,20L
+
+#define SN_crl_reason "CRLReason"
+#define LN_crl_reason "X509v3 CRL Reason Code"
+#define NID_crl_reason 141
+#define OBJ_crl_reason OBJ_id_ce,21L
+
+#define SN_invalidity_date "invalidityDate"
+#define LN_invalidity_date "Invalidity Date"
+#define NID_invalidity_date 142
+#define OBJ_invalidity_date OBJ_id_ce,24L
+
+#define SN_delta_crl "deltaCRL"
+#define LN_delta_crl "X509v3 Delta CRL Indicator"
+#define NID_delta_crl 140
+#define OBJ_delta_crl OBJ_id_ce,27L
+
+#define SN_issuing_distribution_point "issuingDistributionPoint"
+#define LN_issuing_distribution_point "X509v3 Issuing Distribution Point"
+#define NID_issuing_distribution_point 770
+#define OBJ_issuing_distribution_point OBJ_id_ce,28L
+
+#define SN_certificate_issuer "certificateIssuer"
+#define LN_certificate_issuer "X509v3 Certificate Issuer"
+#define NID_certificate_issuer 771
+#define OBJ_certificate_issuer OBJ_id_ce,29L
+
+#define SN_name_constraints "nameConstraints"
+#define LN_name_constraints "X509v3 Name Constraints"
+#define NID_name_constraints 666
+#define OBJ_name_constraints OBJ_id_ce,30L
+
+#define SN_crl_distribution_points "crlDistributionPoints"
+#define LN_crl_distribution_points "X509v3 CRL Distribution Points"
+#define NID_crl_distribution_points 103
+#define OBJ_crl_distribution_points OBJ_id_ce,31L
+
+#define SN_certificate_policies "certificatePolicies"
+#define LN_certificate_policies "X509v3 Certificate Policies"
+#define NID_certificate_policies 89
+#define OBJ_certificate_policies OBJ_id_ce,32L
+
+#define SN_any_policy "anyPolicy"
+#define LN_any_policy "X509v3 Any Policy"
+#define NID_any_policy 746
+#define OBJ_any_policy OBJ_certificate_policies,0L
+
+#define SN_policy_mappings "policyMappings"
+#define LN_policy_mappings "X509v3 Policy Mappings"
+#define NID_policy_mappings 747
+#define OBJ_policy_mappings OBJ_id_ce,33L
+
+#define SN_authority_key_identifier "authorityKeyIdentifier"
+#define LN_authority_key_identifier "X509v3 Authority Key Identifier"
+#define NID_authority_key_identifier 90
+#define OBJ_authority_key_identifier OBJ_id_ce,35L
+
+#define SN_policy_constraints "policyConstraints"
+#define LN_policy_constraints "X509v3 Policy Constraints"
+#define NID_policy_constraints 401
+#define OBJ_policy_constraints OBJ_id_ce,36L
+
+#define SN_ext_key_usage "extendedKeyUsage"
+#define LN_ext_key_usage "X509v3 Extended Key Usage"
+#define NID_ext_key_usage 126
+#define OBJ_ext_key_usage OBJ_id_ce,37L
+
+#define SN_freshest_crl "freshestCRL"
+#define LN_freshest_crl "X509v3 Freshest CRL"
+#define NID_freshest_crl 857
+#define OBJ_freshest_crl OBJ_id_ce,46L
+
+#define SN_inhibit_any_policy "inhibitAnyPolicy"
+#define LN_inhibit_any_policy "X509v3 Inhibit Any Policy"
+#define NID_inhibit_any_policy 748
+#define OBJ_inhibit_any_policy OBJ_id_ce,54L
+
+#define SN_target_information "targetInformation"
+#define LN_target_information "X509v3 AC Targeting"
+#define NID_target_information 402
+#define OBJ_target_information OBJ_id_ce,55L
+
+#define SN_no_rev_avail "noRevAvail"
+#define LN_no_rev_avail "X509v3 No Revocation Available"
+#define NID_no_rev_avail 403
+#define OBJ_no_rev_avail OBJ_id_ce,56L
+
+#define SN_anyExtendedKeyUsage "anyExtendedKeyUsage"
+#define LN_anyExtendedKeyUsage "Any Extended Key Usage"
+#define NID_anyExtendedKeyUsage 910
+#define OBJ_anyExtendedKeyUsage OBJ_ext_key_usage,0L
+
+#define SN_netscape "Netscape"
+#define LN_netscape "Netscape Communications Corp."
+#define NID_netscape 57
+#define OBJ_netscape 2L,16L,840L,1L,113730L
+
+#define SN_netscape_cert_extension "nsCertExt"
+#define LN_netscape_cert_extension "Netscape Certificate Extension"
+#define NID_netscape_cert_extension 58
+#define OBJ_netscape_cert_extension OBJ_netscape,1L
+
+#define SN_netscape_data_type "nsDataType"
+#define LN_netscape_data_type "Netscape Data Type"
+#define NID_netscape_data_type 59
+#define OBJ_netscape_data_type OBJ_netscape,2L
+
+#define SN_netscape_cert_type "nsCertType"
+#define LN_netscape_cert_type "Netscape Cert Type"
+#define NID_netscape_cert_type 71
+#define OBJ_netscape_cert_type OBJ_netscape_cert_extension,1L
+
+#define SN_netscape_base_url "nsBaseUrl"
+#define LN_netscape_base_url "Netscape Base Url"
+#define NID_netscape_base_url 72
+#define OBJ_netscape_base_url OBJ_netscape_cert_extension,2L
+
+#define SN_netscape_revocation_url "nsRevocationUrl"
+#define LN_netscape_revocation_url "Netscape Revocation Url"
+#define NID_netscape_revocation_url 73
+#define OBJ_netscape_revocation_url OBJ_netscape_cert_extension,3L
+
+#define SN_netscape_ca_revocation_url "nsCaRevocationUrl"
+#define LN_netscape_ca_revocation_url "Netscape CA Revocation Url"
+#define NID_netscape_ca_revocation_url 74
+#define OBJ_netscape_ca_revocation_url OBJ_netscape_cert_extension,4L
+
+#define SN_netscape_renewal_url "nsRenewalUrl"
+#define LN_netscape_renewal_url "Netscape Renewal Url"
+#define NID_netscape_renewal_url 75
+#define OBJ_netscape_renewal_url OBJ_netscape_cert_extension,7L
+
+#define SN_netscape_ca_policy_url "nsCaPolicyUrl"
+#define LN_netscape_ca_policy_url "Netscape CA Policy Url"
+#define NID_netscape_ca_policy_url 76
+#define OBJ_netscape_ca_policy_url OBJ_netscape_cert_extension,8L
+
+#define SN_netscape_ssl_server_name "nsSslServerName"
+#define LN_netscape_ssl_server_name "Netscape SSL Server Name"
+#define NID_netscape_ssl_server_name 77
+#define OBJ_netscape_ssl_server_name OBJ_netscape_cert_extension,12L
+
+#define SN_netscape_comment "nsComment"
+#define LN_netscape_comment "Netscape Comment"
+#define NID_netscape_comment 78
+#define OBJ_netscape_comment OBJ_netscape_cert_extension,13L
+
+#define SN_netscape_cert_sequence "nsCertSequence"
+#define LN_netscape_cert_sequence "Netscape Certificate Sequence"
+#define NID_netscape_cert_sequence 79
+#define OBJ_netscape_cert_sequence OBJ_netscape_data_type,5L
+
+#define SN_ns_sgc "nsSGC"
+#define LN_ns_sgc "Netscape Server Gated Crypto"
+#define NID_ns_sgc 139
+#define OBJ_ns_sgc OBJ_netscape,4L,1L
+
+#define SN_org "ORG"
+#define LN_org "org"
+#define NID_org 379
+#define OBJ_org OBJ_iso,3L
+
+#define SN_dod "DOD"
+#define LN_dod "dod"
+#define NID_dod 380
+#define OBJ_dod OBJ_org,6L
+
+#define SN_iana "IANA"
+#define LN_iana "iana"
+#define NID_iana 381
+#define OBJ_iana OBJ_dod,1L
+
+#define OBJ_internet OBJ_iana
+
+#define SN_Directory "directory"
+#define LN_Directory "Directory"
+#define NID_Directory 382
+#define OBJ_Directory OBJ_internet,1L
+
+#define SN_Management "mgmt"
+#define LN_Management "Management"
+#define NID_Management 383
+#define OBJ_Management OBJ_internet,2L
+
+#define SN_Experimental "experimental"
+#define LN_Experimental "Experimental"
+#define NID_Experimental 384
+#define OBJ_Experimental OBJ_internet,3L
+
+#define SN_Private "private"
+#define LN_Private "Private"
+#define NID_Private 385
+#define OBJ_Private OBJ_internet,4L
+
+#define SN_Security "security"
+#define LN_Security "Security"
+#define NID_Security 386
+#define OBJ_Security OBJ_internet,5L
+
+#define SN_SNMPv2 "snmpv2"
+#define LN_SNMPv2 "SNMPv2"
+#define NID_SNMPv2 387
+#define OBJ_SNMPv2 OBJ_internet,6L
+
+#define LN_Mail "Mail"
+#define NID_Mail 388
+#define OBJ_Mail OBJ_internet,7L
+
+#define SN_Enterprises "enterprises"
+#define LN_Enterprises "Enterprises"
+#define NID_Enterprises 389
+#define OBJ_Enterprises OBJ_Private,1L
+
+#define SN_dcObject "dcobject"
+#define LN_dcObject "dcObject"
+#define NID_dcObject 390
+#define OBJ_dcObject OBJ_Enterprises,1466L,344L
+
+#define SN_mime_mhs "mime-mhs"
+#define LN_mime_mhs "MIME MHS"
+#define NID_mime_mhs 504
+#define OBJ_mime_mhs OBJ_Mail,1L
+
+#define SN_mime_mhs_headings "mime-mhs-headings"
+#define LN_mime_mhs_headings "mime-mhs-headings"
+#define NID_mime_mhs_headings 505
+#define OBJ_mime_mhs_headings OBJ_mime_mhs,1L
+
+#define SN_mime_mhs_bodies "mime-mhs-bodies"
+#define LN_mime_mhs_bodies "mime-mhs-bodies"
+#define NID_mime_mhs_bodies 506
+#define OBJ_mime_mhs_bodies OBJ_mime_mhs,2L
+
+#define SN_id_hex_partial_message "id-hex-partial-message"
+#define LN_id_hex_partial_message "id-hex-partial-message"
+#define NID_id_hex_partial_message 507
+#define OBJ_id_hex_partial_message OBJ_mime_mhs_headings,1L
+
+#define SN_id_hex_multipart_message "id-hex-multipart-message"
+#define LN_id_hex_multipart_message "id-hex-multipart-message"
+#define NID_id_hex_multipart_message 508
+#define OBJ_id_hex_multipart_message OBJ_mime_mhs_headings,2L
+
+#define SN_zlib_compression "ZLIB"
+#define LN_zlib_compression "zlib compression"
+#define NID_zlib_compression 125
+#define OBJ_zlib_compression OBJ_id_smime_alg,8L
+
+#define OBJ_csor 2L,16L,840L,1L,101L,3L
+
+#define OBJ_nistAlgorithms OBJ_csor,4L
+
+#define OBJ_aes OBJ_nistAlgorithms,1L
+
+#define SN_aes_128_ecb "AES-128-ECB"
+#define LN_aes_128_ecb "aes-128-ecb"
+#define NID_aes_128_ecb 418
+#define OBJ_aes_128_ecb OBJ_aes,1L
+
+#define SN_aes_128_cbc "AES-128-CBC"
+#define LN_aes_128_cbc "aes-128-cbc"
+#define NID_aes_128_cbc 419
+#define OBJ_aes_128_cbc OBJ_aes,2L
+
+#define SN_aes_128_ofb128 "AES-128-OFB"
+#define LN_aes_128_ofb128 "aes-128-ofb"
+#define NID_aes_128_ofb128 420
+#define OBJ_aes_128_ofb128 OBJ_aes,3L
+
+#define SN_aes_128_cfb128 "AES-128-CFB"
+#define LN_aes_128_cfb128 "aes-128-cfb"
+#define NID_aes_128_cfb128 421
+#define OBJ_aes_128_cfb128 OBJ_aes,4L
+
+#define SN_id_aes128_wrap "id-aes128-wrap"
+#define NID_id_aes128_wrap 788
+#define OBJ_id_aes128_wrap OBJ_aes,5L
+
+#define SN_aes_128_gcm "id-aes128-GCM"
+#define LN_aes_128_gcm "aes-128-gcm"
+#define NID_aes_128_gcm 895
+#define OBJ_aes_128_gcm OBJ_aes,6L
+
+#define SN_aes_128_ccm "id-aes128-CCM"
+#define LN_aes_128_ccm "aes-128-ccm"
+#define NID_aes_128_ccm 896
+#define OBJ_aes_128_ccm OBJ_aes,7L
+
+#define SN_id_aes128_wrap_pad "id-aes128-wrap-pad"
+#define NID_id_aes128_wrap_pad 897
+#define OBJ_id_aes128_wrap_pad OBJ_aes,8L
+
+#define SN_aes_192_ecb "AES-192-ECB"
+#define LN_aes_192_ecb "aes-192-ecb"
+#define NID_aes_192_ecb 422
+#define OBJ_aes_192_ecb OBJ_aes,21L
+
+#define SN_aes_192_cbc "AES-192-CBC"
+#define LN_aes_192_cbc "aes-192-cbc"
+#define NID_aes_192_cbc 423
+#define OBJ_aes_192_cbc OBJ_aes,22L
+
+#define SN_aes_192_ofb128 "AES-192-OFB"
+#define LN_aes_192_ofb128 "aes-192-ofb"
+#define NID_aes_192_ofb128 424
+#define OBJ_aes_192_ofb128 OBJ_aes,23L
+
+#define SN_aes_192_cfb128 "AES-192-CFB"
+#define LN_aes_192_cfb128 "aes-192-cfb"
+#define NID_aes_192_cfb128 425
+#define OBJ_aes_192_cfb128 OBJ_aes,24L
+
+#define SN_id_aes192_wrap "id-aes192-wrap"
+#define NID_id_aes192_wrap 789
+#define OBJ_id_aes192_wrap OBJ_aes,25L
+
+#define SN_aes_192_gcm "id-aes192-GCM"
+#define LN_aes_192_gcm "aes-192-gcm"
+#define NID_aes_192_gcm 898
+#define OBJ_aes_192_gcm OBJ_aes,26L
+
+#define SN_aes_192_ccm "id-aes192-CCM"
+#define LN_aes_192_ccm "aes-192-ccm"
+#define NID_aes_192_ccm 899
+#define OBJ_aes_192_ccm OBJ_aes,27L
+
+#define SN_id_aes192_wrap_pad "id-aes192-wrap-pad"
+#define NID_id_aes192_wrap_pad 900
+#define OBJ_id_aes192_wrap_pad OBJ_aes,28L
+
+#define SN_aes_256_ecb "AES-256-ECB"
+#define LN_aes_256_ecb "aes-256-ecb"
+#define NID_aes_256_ecb 426
+#define OBJ_aes_256_ecb OBJ_aes,41L
+
+#define SN_aes_256_cbc "AES-256-CBC"
+#define LN_aes_256_cbc "aes-256-cbc"
+#define NID_aes_256_cbc 427
+#define OBJ_aes_256_cbc OBJ_aes,42L
+
+#define SN_aes_256_ofb128 "AES-256-OFB"
+#define LN_aes_256_ofb128 "aes-256-ofb"
+#define NID_aes_256_ofb128 428
+#define OBJ_aes_256_ofb128 OBJ_aes,43L
+
+#define SN_aes_256_cfb128 "AES-256-CFB"
+#define LN_aes_256_cfb128 "aes-256-cfb"
+#define NID_aes_256_cfb128 429
+#define OBJ_aes_256_cfb128 OBJ_aes,44L
+
+#define SN_id_aes256_wrap "id-aes256-wrap"
+#define NID_id_aes256_wrap 790
+#define OBJ_id_aes256_wrap OBJ_aes,45L
+
+#define SN_aes_256_gcm "id-aes256-GCM"
+#define LN_aes_256_gcm "aes-256-gcm"
+#define NID_aes_256_gcm 901
+#define OBJ_aes_256_gcm OBJ_aes,46L
+
+#define SN_aes_256_ccm "id-aes256-CCM"
+#define LN_aes_256_ccm "aes-256-ccm"
+#define NID_aes_256_ccm 902
+#define OBJ_aes_256_ccm OBJ_aes,47L
+
+#define SN_id_aes256_wrap_pad "id-aes256-wrap-pad"
+#define NID_id_aes256_wrap_pad 903
+#define OBJ_id_aes256_wrap_pad OBJ_aes,48L
+
+#define SN_aes_128_xts "AES-128-XTS"
+#define LN_aes_128_xts "aes-128-xts"
+#define NID_aes_128_xts 913
+#define OBJ_aes_128_xts OBJ_ieee_siswg,0L,1L,1L
+
+#define SN_aes_256_xts "AES-256-XTS"
+#define LN_aes_256_xts "aes-256-xts"
+#define NID_aes_256_xts 914
+#define OBJ_aes_256_xts OBJ_ieee_siswg,0L,1L,2L
+
+#define SN_aes_128_cfb1 "AES-128-CFB1"
+#define LN_aes_128_cfb1 "aes-128-cfb1"
+#define NID_aes_128_cfb1 650
+
+#define SN_aes_192_cfb1 "AES-192-CFB1"
+#define LN_aes_192_cfb1 "aes-192-cfb1"
+#define NID_aes_192_cfb1 651
+
+#define SN_aes_256_cfb1 "AES-256-CFB1"
+#define LN_aes_256_cfb1 "aes-256-cfb1"
+#define NID_aes_256_cfb1 652
+
+#define SN_aes_128_cfb8 "AES-128-CFB8"
+#define LN_aes_128_cfb8 "aes-128-cfb8"
+#define NID_aes_128_cfb8 653
+
+#define SN_aes_192_cfb8 "AES-192-CFB8"
+#define LN_aes_192_cfb8 "aes-192-cfb8"
+#define NID_aes_192_cfb8 654
+
+#define SN_aes_256_cfb8 "AES-256-CFB8"
+#define LN_aes_256_cfb8 "aes-256-cfb8"
+#define NID_aes_256_cfb8 655
+
+#define SN_aes_128_ctr "AES-128-CTR"
+#define LN_aes_128_ctr "aes-128-ctr"
+#define NID_aes_128_ctr 904
+
+#define SN_aes_192_ctr "AES-192-CTR"
+#define LN_aes_192_ctr "aes-192-ctr"
+#define NID_aes_192_ctr 905
+
+#define SN_aes_256_ctr "AES-256-CTR"
+#define LN_aes_256_ctr "aes-256-ctr"
+#define NID_aes_256_ctr 906
+
+#define SN_aes_128_ocb "AES-128-OCB"
+#define LN_aes_128_ocb "aes-128-ocb"
+#define NID_aes_128_ocb 958
+
+#define SN_aes_192_ocb "AES-192-OCB"
+#define LN_aes_192_ocb "aes-192-ocb"
+#define NID_aes_192_ocb 959
+
+#define SN_aes_256_ocb "AES-256-OCB"
+#define LN_aes_256_ocb "aes-256-ocb"
+#define NID_aes_256_ocb 960
+
+#define SN_des_cfb1 "DES-CFB1"
+#define LN_des_cfb1 "des-cfb1"
+#define NID_des_cfb1 656
+
+#define SN_des_cfb8 "DES-CFB8"
+#define LN_des_cfb8 "des-cfb8"
+#define NID_des_cfb8 657
+
+#define SN_des_ede3_cfb1 "DES-EDE3-CFB1"
+#define LN_des_ede3_cfb1 "des-ede3-cfb1"
+#define NID_des_ede3_cfb1 658
+
+#define SN_des_ede3_cfb8 "DES-EDE3-CFB8"
+#define LN_des_ede3_cfb8 "des-ede3-cfb8"
+#define NID_des_ede3_cfb8 659
+
+#define OBJ_nist_hashalgs OBJ_nistAlgorithms,2L
+
+#define SN_sha256 "SHA256"
+#define LN_sha256 "sha256"
+#define NID_sha256 672
+#define OBJ_sha256 OBJ_nist_hashalgs,1L
+
+#define SN_sha384 "SHA384"
+#define LN_sha384 "sha384"
+#define NID_sha384 673
+#define OBJ_sha384 OBJ_nist_hashalgs,2L
+
+#define SN_sha512 "SHA512"
+#define LN_sha512 "sha512"
+#define NID_sha512 674
+#define OBJ_sha512 OBJ_nist_hashalgs,3L
+
+#define SN_sha224 "SHA224"
+#define LN_sha224 "sha224"
+#define NID_sha224 675
+#define OBJ_sha224 OBJ_nist_hashalgs,4L
+
+#define SN_sha512_224 "SHA512-224"
+#define LN_sha512_224 "sha512-224"
+#define NID_sha512_224 1094
+#define OBJ_sha512_224 OBJ_nist_hashalgs,5L
+
+#define SN_sha512_256 "SHA512-256"
+#define LN_sha512_256 "sha512-256"
+#define NID_sha512_256 1095
+#define OBJ_sha512_256 OBJ_nist_hashalgs,6L
+
+#define SN_sha3_224 "SHA3-224"
+#define LN_sha3_224 "sha3-224"
+#define NID_sha3_224 1096
+#define OBJ_sha3_224 OBJ_nist_hashalgs,7L
+
+#define SN_sha3_256 "SHA3-256"
+#define LN_sha3_256 "sha3-256"
+#define NID_sha3_256 1097
+#define OBJ_sha3_256 OBJ_nist_hashalgs,8L
+
+#define SN_sha3_384 "SHA3-384"
+#define LN_sha3_384 "sha3-384"
+#define NID_sha3_384 1098
+#define OBJ_sha3_384 OBJ_nist_hashalgs,9L
+
+#define SN_sha3_512 "SHA3-512"
+#define LN_sha3_512 "sha3-512"
+#define NID_sha3_512 1099
+#define OBJ_sha3_512 OBJ_nist_hashalgs,10L
+
+#define SN_shake128 "SHAKE128"
+#define LN_shake128 "shake128"
+#define NID_shake128 1100
+#define OBJ_shake128 OBJ_nist_hashalgs,11L
+
+#define SN_shake256 "SHAKE256"
+#define LN_shake256 "shake256"
+#define NID_shake256 1101
+#define OBJ_shake256 OBJ_nist_hashalgs,12L
+
+#define SN_hmac_sha3_224 "id-hmacWithSHA3-224"
+#define LN_hmac_sha3_224 "hmac-sha3-224"
+#define NID_hmac_sha3_224 1102
+#define OBJ_hmac_sha3_224 OBJ_nist_hashalgs,13L
+
+#define SN_hmac_sha3_256 "id-hmacWithSHA3-256"
+#define LN_hmac_sha3_256 "hmac-sha3-256"
+#define NID_hmac_sha3_256 1103
+#define OBJ_hmac_sha3_256 OBJ_nist_hashalgs,14L
+
+#define SN_hmac_sha3_384 "id-hmacWithSHA3-384"
+#define LN_hmac_sha3_384 "hmac-sha3-384"
+#define NID_hmac_sha3_384 1104
+#define OBJ_hmac_sha3_384 OBJ_nist_hashalgs,15L
+
+#define SN_hmac_sha3_512 "id-hmacWithSHA3-512"
+#define LN_hmac_sha3_512 "hmac-sha3-512"
+#define NID_hmac_sha3_512 1105
+#define OBJ_hmac_sha3_512 OBJ_nist_hashalgs,16L
+
+#define SN_kmac128 "KMAC128"
+#define LN_kmac128 "kmac128"
+#define NID_kmac128 1196
+#define OBJ_kmac128 OBJ_nist_hashalgs,19L
+
+#define SN_kmac256 "KMAC256"
+#define LN_kmac256 "kmac256"
+#define NID_kmac256 1197
+#define OBJ_kmac256 OBJ_nist_hashalgs,20L
+
+#define OBJ_dsa_with_sha2 OBJ_nistAlgorithms,3L
+
+#define SN_dsa_with_SHA224 "dsa_with_SHA224"
+#define NID_dsa_with_SHA224 802
+#define OBJ_dsa_with_SHA224 OBJ_dsa_with_sha2,1L
+
+#define SN_dsa_with_SHA256 "dsa_with_SHA256"
+#define NID_dsa_with_SHA256 803
+#define OBJ_dsa_with_SHA256 OBJ_dsa_with_sha2,2L
+
+#define OBJ_sigAlgs OBJ_nistAlgorithms,3L
+
+#define SN_dsa_with_SHA384 "id-dsa-with-sha384"
+#define LN_dsa_with_SHA384 "dsa_with_SHA384"
+#define NID_dsa_with_SHA384 1106
+#define OBJ_dsa_with_SHA384 OBJ_sigAlgs,3L
+
+#define SN_dsa_with_SHA512 "id-dsa-with-sha512"
+#define LN_dsa_with_SHA512 "dsa_with_SHA512"
+#define NID_dsa_with_SHA512 1107
+#define OBJ_dsa_with_SHA512 OBJ_sigAlgs,4L
+
+#define SN_dsa_with_SHA3_224 "id-dsa-with-sha3-224"
+#define LN_dsa_with_SHA3_224 "dsa_with_SHA3-224"
+#define NID_dsa_with_SHA3_224 1108
+#define OBJ_dsa_with_SHA3_224 OBJ_sigAlgs,5L
+
+#define SN_dsa_with_SHA3_256 "id-dsa-with-sha3-256"
+#define LN_dsa_with_SHA3_256 "dsa_with_SHA3-256"
+#define NID_dsa_with_SHA3_256 1109
+#define OBJ_dsa_with_SHA3_256 OBJ_sigAlgs,6L
+
+#define SN_dsa_with_SHA3_384 "id-dsa-with-sha3-384"
+#define LN_dsa_with_SHA3_384 "dsa_with_SHA3-384"
+#define NID_dsa_with_SHA3_384 1110
+#define OBJ_dsa_with_SHA3_384 OBJ_sigAlgs,7L
+
+#define SN_dsa_with_SHA3_512 "id-dsa-with-sha3-512"
+#define LN_dsa_with_SHA3_512 "dsa_with_SHA3-512"
+#define NID_dsa_with_SHA3_512 1111
+#define OBJ_dsa_with_SHA3_512 OBJ_sigAlgs,8L
+
+#define SN_ecdsa_with_SHA3_224 "id-ecdsa-with-sha3-224"
+#define LN_ecdsa_with_SHA3_224 "ecdsa_with_SHA3-224"
+#define NID_ecdsa_with_SHA3_224 1112
+#define OBJ_ecdsa_with_SHA3_224 OBJ_sigAlgs,9L
+
+#define SN_ecdsa_with_SHA3_256 "id-ecdsa-with-sha3-256"
+#define LN_ecdsa_with_SHA3_256 "ecdsa_with_SHA3-256"
+#define NID_ecdsa_with_SHA3_256 1113
+#define OBJ_ecdsa_with_SHA3_256 OBJ_sigAlgs,10L
+
+#define SN_ecdsa_with_SHA3_384 "id-ecdsa-with-sha3-384"
+#define LN_ecdsa_with_SHA3_384 "ecdsa_with_SHA3-384"
+#define NID_ecdsa_with_SHA3_384 1114
+#define OBJ_ecdsa_with_SHA3_384 OBJ_sigAlgs,11L
+
+#define SN_ecdsa_with_SHA3_512 "id-ecdsa-with-sha3-512"
+#define LN_ecdsa_with_SHA3_512 "ecdsa_with_SHA3-512"
+#define NID_ecdsa_with_SHA3_512 1115
+#define OBJ_ecdsa_with_SHA3_512 OBJ_sigAlgs,12L
+
+#define SN_RSA_SHA3_224 "id-rsassa-pkcs1-v1_5-with-sha3-224"
+#define LN_RSA_SHA3_224 "RSA-SHA3-224"
+#define NID_RSA_SHA3_224 1116
+#define OBJ_RSA_SHA3_224 OBJ_sigAlgs,13L
+
+#define SN_RSA_SHA3_256 "id-rsassa-pkcs1-v1_5-with-sha3-256"
+#define LN_RSA_SHA3_256 "RSA-SHA3-256"
+#define NID_RSA_SHA3_256 1117
+#define OBJ_RSA_SHA3_256 OBJ_sigAlgs,14L
+
+#define SN_RSA_SHA3_384 "id-rsassa-pkcs1-v1_5-with-sha3-384"
+#define LN_RSA_SHA3_384 "RSA-SHA3-384"
+#define NID_RSA_SHA3_384 1118
+#define OBJ_RSA_SHA3_384 OBJ_sigAlgs,15L
+
+#define SN_RSA_SHA3_512 "id-rsassa-pkcs1-v1_5-with-sha3-512"
+#define LN_RSA_SHA3_512 "RSA-SHA3-512"
+#define NID_RSA_SHA3_512 1119
+#define OBJ_RSA_SHA3_512 OBJ_sigAlgs,16L
+
+#define SN_hold_instruction_code "holdInstructionCode"
+#define LN_hold_instruction_code "Hold Instruction Code"
+#define NID_hold_instruction_code 430
+#define OBJ_hold_instruction_code OBJ_id_ce,23L
+
+#define OBJ_holdInstruction OBJ_X9_57,2L
+
+#define SN_hold_instruction_none "holdInstructionNone"
+#define LN_hold_instruction_none "Hold Instruction None"
+#define NID_hold_instruction_none 431
+#define OBJ_hold_instruction_none OBJ_holdInstruction,1L
+
+#define SN_hold_instruction_call_issuer "holdInstructionCallIssuer"
+#define LN_hold_instruction_call_issuer "Hold Instruction Call Issuer"
+#define NID_hold_instruction_call_issuer 432
+#define OBJ_hold_instruction_call_issuer OBJ_holdInstruction,2L
+
+#define SN_hold_instruction_reject "holdInstructionReject"
+#define LN_hold_instruction_reject "Hold Instruction Reject"
+#define NID_hold_instruction_reject 433
+#define OBJ_hold_instruction_reject OBJ_holdInstruction,3L
+
+#define SN_data "data"
+#define NID_data 434
+#define OBJ_data OBJ_itu_t,9L
+
+#define SN_pss "pss"
+#define NID_pss 435
+#define OBJ_pss OBJ_data,2342L
+
+#define SN_ucl "ucl"
+#define NID_ucl 436
+#define OBJ_ucl OBJ_pss,19200300L
+
+#define SN_pilot "pilot"
+#define NID_pilot 437
+#define OBJ_pilot OBJ_ucl,100L
+
+#define LN_pilotAttributeType "pilotAttributeType"
+#define NID_pilotAttributeType 438
+#define OBJ_pilotAttributeType OBJ_pilot,1L
+
+#define LN_pilotAttributeSyntax "pilotAttributeSyntax"
+#define NID_pilotAttributeSyntax 439
+#define OBJ_pilotAttributeSyntax OBJ_pilot,3L
+
+#define LN_pilotObjectClass "pilotObjectClass"
+#define NID_pilotObjectClass 440
+#define OBJ_pilotObjectClass OBJ_pilot,4L
+
+#define LN_pilotGroups "pilotGroups"
+#define NID_pilotGroups 441
+#define OBJ_pilotGroups OBJ_pilot,10L
+
+#define LN_iA5StringSyntax "iA5StringSyntax"
+#define NID_iA5StringSyntax 442
+#define OBJ_iA5StringSyntax OBJ_pilotAttributeSyntax,4L
+
+#define LN_caseIgnoreIA5StringSyntax "caseIgnoreIA5StringSyntax"
+#define NID_caseIgnoreIA5StringSyntax 443
+#define OBJ_caseIgnoreIA5StringSyntax OBJ_pilotAttributeSyntax,5L
+
+#define LN_pilotObject "pilotObject"
+#define NID_pilotObject 444
+#define OBJ_pilotObject OBJ_pilotObjectClass,3L
+
+#define LN_pilotPerson "pilotPerson"
+#define NID_pilotPerson 445
+#define OBJ_pilotPerson OBJ_pilotObjectClass,4L
+
+#define SN_account "account"
+#define NID_account 446
+#define OBJ_account OBJ_pilotObjectClass,5L
+
+#define SN_document "document"
+#define NID_document 447
+#define OBJ_document OBJ_pilotObjectClass,6L
+
+#define SN_room "room"
+#define NID_room 448
+#define OBJ_room OBJ_pilotObjectClass,7L
+
+#define LN_documentSeries "documentSeries"
+#define NID_documentSeries 449
+#define OBJ_documentSeries OBJ_pilotObjectClass,9L
+
+#define SN_Domain "domain"
+#define LN_Domain "Domain"
+#define NID_Domain 392
+#define OBJ_Domain OBJ_pilotObjectClass,13L
+
+#define LN_rFC822localPart "rFC822localPart"
+#define NID_rFC822localPart 450
+#define OBJ_rFC822localPart OBJ_pilotObjectClass,14L
+
+#define LN_dNSDomain "dNSDomain"
+#define NID_dNSDomain 451
+#define OBJ_dNSDomain OBJ_pilotObjectClass,15L
+
+#define LN_domainRelatedObject "domainRelatedObject"
+#define NID_domainRelatedObject 452
+#define OBJ_domainRelatedObject OBJ_pilotObjectClass,17L
+
+#define LN_friendlyCountry "friendlyCountry"
+#define NID_friendlyCountry 453
+#define OBJ_friendlyCountry OBJ_pilotObjectClass,18L
+
+#define LN_simpleSecurityObject "simpleSecurityObject"
+#define NID_simpleSecurityObject 454
+#define OBJ_simpleSecurityObject OBJ_pilotObjectClass,19L
+
+#define LN_pilotOrganization "pilotOrganization"
+#define NID_pilotOrganization 455
+#define OBJ_pilotOrganization OBJ_pilotObjectClass,20L
+
+#define LN_pilotDSA "pilotDSA"
+#define NID_pilotDSA 456
+#define OBJ_pilotDSA OBJ_pilotObjectClass,21L
+
+#define LN_qualityLabelledData "qualityLabelledData"
+#define NID_qualityLabelledData 457
+#define OBJ_qualityLabelledData OBJ_pilotObjectClass,22L
+
+#define SN_userId "UID"
+#define LN_userId "userId"
+#define NID_userId 458
+#define OBJ_userId OBJ_pilotAttributeType,1L
+
+#define LN_textEncodedORAddress "textEncodedORAddress"
+#define NID_textEncodedORAddress 459
+#define OBJ_textEncodedORAddress OBJ_pilotAttributeType,2L
+
+#define SN_rfc822Mailbox "mail"
+#define LN_rfc822Mailbox "rfc822Mailbox"
+#define NID_rfc822Mailbox 460
+#define OBJ_rfc822Mailbox OBJ_pilotAttributeType,3L
+
+#define SN_info "info"
+#define NID_info 461
+#define OBJ_info OBJ_pilotAttributeType,4L
+
+#define LN_favouriteDrink "favouriteDrink"
+#define NID_favouriteDrink 462
+#define OBJ_favouriteDrink OBJ_pilotAttributeType,5L
+
+#define LN_roomNumber "roomNumber"
+#define NID_roomNumber 463
+#define OBJ_roomNumber OBJ_pilotAttributeType,6L
+
+#define SN_photo "photo"
+#define NID_photo 464
+#define OBJ_photo OBJ_pilotAttributeType,7L
+
+#define LN_userClass "userClass"
+#define NID_userClass 465
+#define OBJ_userClass OBJ_pilotAttributeType,8L
+
+#define SN_host "host"
+#define NID_host 466
+#define OBJ_host OBJ_pilotAttributeType,9L
+
+#define SN_manager "manager"
+#define NID_manager 467
+#define OBJ_manager OBJ_pilotAttributeType,10L
+
+#define LN_documentIdentifier "documentIdentifier"
+#define NID_documentIdentifier 468
+#define OBJ_documentIdentifier OBJ_pilotAttributeType,11L
+
+#define LN_documentTitle "documentTitle"
+#define NID_documentTitle 469
+#define OBJ_documentTitle OBJ_pilotAttributeType,12L
+
+#define LN_documentVersion "documentVersion"
+#define NID_documentVersion 470
+#define OBJ_documentVersion OBJ_pilotAttributeType,13L
+
+#define LN_documentAuthor "documentAuthor"
+#define NID_documentAuthor 471
+#define OBJ_documentAuthor OBJ_pilotAttributeType,14L
+
+#define LN_documentLocation "documentLocation"
+#define NID_documentLocation 472
+#define OBJ_documentLocation OBJ_pilotAttributeType,15L
+
+#define LN_homeTelephoneNumber "homeTelephoneNumber"
+#define NID_homeTelephoneNumber 473
+#define OBJ_homeTelephoneNumber OBJ_pilotAttributeType,20L
+
+#define SN_secretary "secretary"
+#define NID_secretary 474
+#define OBJ_secretary OBJ_pilotAttributeType,21L
+
+#define LN_otherMailbox "otherMailbox"
+#define NID_otherMailbox 475
+#define OBJ_otherMailbox OBJ_pilotAttributeType,22L
+
+#define LN_lastModifiedTime "lastModifiedTime"
+#define NID_lastModifiedTime 476
+#define OBJ_lastModifiedTime OBJ_pilotAttributeType,23L
+
+#define LN_lastModifiedBy "lastModifiedBy"
+#define NID_lastModifiedBy 477
+#define OBJ_lastModifiedBy OBJ_pilotAttributeType,24L
+
+#define SN_domainComponent "DC"
+#define LN_domainComponent "domainComponent"
+#define NID_domainComponent 391
+#define OBJ_domainComponent OBJ_pilotAttributeType,25L
+
+#define LN_aRecord "aRecord"
+#define NID_aRecord 478
+#define OBJ_aRecord OBJ_pilotAttributeType,26L
+
+#define LN_pilotAttributeType27 "pilotAttributeType27"
+#define NID_pilotAttributeType27 479
+#define OBJ_pilotAttributeType27 OBJ_pilotAttributeType,27L
+
+#define LN_mXRecord "mXRecord"
+#define NID_mXRecord 480
+#define OBJ_mXRecord OBJ_pilotAttributeType,28L
+
+#define LN_nSRecord "nSRecord"
+#define NID_nSRecord 481
+#define OBJ_nSRecord OBJ_pilotAttributeType,29L
+
+#define LN_sOARecord "sOARecord"
+#define NID_sOARecord 482
+#define OBJ_sOARecord OBJ_pilotAttributeType,30L
+
+#define LN_cNAMERecord "cNAMERecord"
+#define NID_cNAMERecord 483
+#define OBJ_cNAMERecord OBJ_pilotAttributeType,31L
+
+#define LN_associatedDomain "associatedDomain"
+#define NID_associatedDomain 484
+#define OBJ_associatedDomain OBJ_pilotAttributeType,37L
+
+#define LN_associatedName "associatedName"
+#define NID_associatedName 485
+#define OBJ_associatedName OBJ_pilotAttributeType,38L
+
+#define LN_homePostalAddress "homePostalAddress"
+#define NID_homePostalAddress 486
+#define OBJ_homePostalAddress OBJ_pilotAttributeType,39L
+
+#define LN_personalTitle "personalTitle"
+#define NID_personalTitle 487
+#define OBJ_personalTitle OBJ_pilotAttributeType,40L
+
+#define LN_mobileTelephoneNumber "mobileTelephoneNumber"
+#define NID_mobileTelephoneNumber 488
+#define OBJ_mobileTelephoneNumber OBJ_pilotAttributeType,41L
+
+#define LN_pagerTelephoneNumber "pagerTelephoneNumber"
+#define NID_pagerTelephoneNumber 489
+#define OBJ_pagerTelephoneNumber OBJ_pilotAttributeType,42L
+
+#define LN_friendlyCountryName "friendlyCountryName"
+#define NID_friendlyCountryName 490
+#define OBJ_friendlyCountryName OBJ_pilotAttributeType,43L
+
+#define SN_uniqueIdentifier "uid"
+#define LN_uniqueIdentifier "uniqueIdentifier"
+#define NID_uniqueIdentifier 102
+#define OBJ_uniqueIdentifier OBJ_pilotAttributeType,44L
+
+#define LN_organizationalStatus "organizationalStatus"
+#define NID_organizationalStatus 491
+#define OBJ_organizationalStatus OBJ_pilotAttributeType,45L
+
+#define LN_janetMailbox "janetMailbox"
+#define NID_janetMailbox 492
+#define OBJ_janetMailbox OBJ_pilotAttributeType,46L
+
+#define LN_mailPreferenceOption "mailPreferenceOption"
+#define NID_mailPreferenceOption 493
+#define OBJ_mailPreferenceOption OBJ_pilotAttributeType,47L
+
+#define LN_buildingName "buildingName"
+#define NID_buildingName 494
+#define OBJ_buildingName OBJ_pilotAttributeType,48L
+
+#define LN_dSAQuality "dSAQuality"
+#define NID_dSAQuality 495
+#define OBJ_dSAQuality OBJ_pilotAttributeType,49L
+
+#define LN_singleLevelQuality "singleLevelQuality"
+#define NID_singleLevelQuality 496
+#define OBJ_singleLevelQuality OBJ_pilotAttributeType,50L
+
+#define LN_subtreeMinimumQuality "subtreeMinimumQuality"
+#define NID_subtreeMinimumQuality 497
+#define OBJ_subtreeMinimumQuality OBJ_pilotAttributeType,51L
+
+#define LN_subtreeMaximumQuality "subtreeMaximumQuality"
+#define NID_subtreeMaximumQuality 498
+#define OBJ_subtreeMaximumQuality OBJ_pilotAttributeType,52L
+
+#define LN_personalSignature "personalSignature"
+#define NID_personalSignature 499
+#define OBJ_personalSignature OBJ_pilotAttributeType,53L
+
+#define LN_dITRedirect "dITRedirect"
+#define NID_dITRedirect 500
+#define OBJ_dITRedirect OBJ_pilotAttributeType,54L
+
+#define SN_audio "audio"
+#define NID_audio 501
+#define OBJ_audio OBJ_pilotAttributeType,55L
+
+#define LN_documentPublisher "documentPublisher"
+#define NID_documentPublisher 502
+#define OBJ_documentPublisher OBJ_pilotAttributeType,56L
+
+#define SN_id_set "id-set"
+#define LN_id_set "Secure Electronic Transactions"
+#define NID_id_set 512
+#define OBJ_id_set OBJ_international_organizations,42L
+
+#define SN_set_ctype "set-ctype"
+#define LN_set_ctype "content types"
+#define NID_set_ctype 513
+#define OBJ_set_ctype OBJ_id_set,0L
+
+#define SN_set_msgExt "set-msgExt"
+#define LN_set_msgExt "message extensions"
+#define NID_set_msgExt 514
+#define OBJ_set_msgExt OBJ_id_set,1L
+
+#define SN_set_attr "set-attr"
+#define NID_set_attr 515
+#define OBJ_set_attr OBJ_id_set,3L
+
+#define SN_set_policy "set-policy"
+#define NID_set_policy 516
+#define OBJ_set_policy OBJ_id_set,5L
+
+#define SN_set_certExt "set-certExt"
+#define LN_set_certExt "certificate extensions"
+#define NID_set_certExt 517
+#define OBJ_set_certExt OBJ_id_set,7L
+
+#define SN_set_brand "set-brand"
+#define NID_set_brand 518
+#define OBJ_set_brand OBJ_id_set,8L
+
+#define SN_setct_PANData "setct-PANData"
+#define NID_setct_PANData 519
+#define OBJ_setct_PANData OBJ_set_ctype,0L
+
+#define SN_setct_PANToken "setct-PANToken"
+#define NID_setct_PANToken 520
+#define OBJ_setct_PANToken OBJ_set_ctype,1L
+
+#define SN_setct_PANOnly "setct-PANOnly"
+#define NID_setct_PANOnly 521
+#define OBJ_setct_PANOnly OBJ_set_ctype,2L
+
+#define SN_setct_OIData "setct-OIData"
+#define NID_setct_OIData 522
+#define OBJ_setct_OIData OBJ_set_ctype,3L
+
+#define SN_setct_PI "setct-PI"
+#define NID_setct_PI 523
+#define OBJ_setct_PI OBJ_set_ctype,4L
+
+#define SN_setct_PIData "setct-PIData"
+#define NID_setct_PIData 524
+#define OBJ_setct_PIData OBJ_set_ctype,5L
+
+#define SN_setct_PIDataUnsigned "setct-PIDataUnsigned"
+#define NID_setct_PIDataUnsigned 525
+#define OBJ_setct_PIDataUnsigned OBJ_set_ctype,6L
+
+#define SN_setct_HODInput "setct-HODInput"
+#define NID_setct_HODInput 526
+#define OBJ_setct_HODInput OBJ_set_ctype,7L
+
+#define SN_setct_AuthResBaggage "setct-AuthResBaggage"
+#define NID_setct_AuthResBaggage 527
+#define OBJ_setct_AuthResBaggage OBJ_set_ctype,8L
+
+#define SN_setct_AuthRevReqBaggage "setct-AuthRevReqBaggage"
+#define NID_setct_AuthRevReqBaggage 528
+#define OBJ_setct_AuthRevReqBaggage OBJ_set_ctype,9L
+
+#define SN_setct_AuthRevResBaggage "setct-AuthRevResBaggage"
+#define NID_setct_AuthRevResBaggage 529
+#define OBJ_setct_AuthRevResBaggage OBJ_set_ctype,10L
+
+#define SN_setct_CapTokenSeq "setct-CapTokenSeq"
+#define NID_setct_CapTokenSeq 530
+#define OBJ_setct_CapTokenSeq OBJ_set_ctype,11L
+
+#define SN_setct_PInitResData "setct-PInitResData"
+#define NID_setct_PInitResData 531
+#define OBJ_setct_PInitResData OBJ_set_ctype,12L
+
+#define SN_setct_PI_TBS "setct-PI-TBS"
+#define NID_setct_PI_TBS 532
+#define OBJ_setct_PI_TBS OBJ_set_ctype,13L
+
+#define SN_setct_PResData "setct-PResData"
+#define NID_setct_PResData 533
+#define OBJ_setct_PResData OBJ_set_ctype,14L
+
+#define SN_setct_AuthReqTBS "setct-AuthReqTBS"
+#define NID_setct_AuthReqTBS 534
+#define OBJ_setct_AuthReqTBS OBJ_set_ctype,16L
+
+#define SN_setct_AuthResTBS "setct-AuthResTBS"
+#define NID_setct_AuthResTBS 535
+#define OBJ_setct_AuthResTBS OBJ_set_ctype,17L
+
+#define SN_setct_AuthResTBSX "setct-AuthResTBSX"
+#define NID_setct_AuthResTBSX 536
+#define OBJ_setct_AuthResTBSX OBJ_set_ctype,18L
+
+#define SN_setct_AuthTokenTBS "setct-AuthTokenTBS"
+#define NID_setct_AuthTokenTBS 537
+#define OBJ_setct_AuthTokenTBS OBJ_set_ctype,19L
+
+#define SN_setct_CapTokenData "setct-CapTokenData"
+#define NID_setct_CapTokenData 538
+#define OBJ_setct_CapTokenData OBJ_set_ctype,20L
+
+#define SN_setct_CapTokenTBS "setct-CapTokenTBS"
+#define NID_setct_CapTokenTBS 539
+#define OBJ_setct_CapTokenTBS OBJ_set_ctype,21L
+
+#define SN_setct_AcqCardCodeMsg "setct-AcqCardCodeMsg"
+#define NID_setct_AcqCardCodeMsg 540
+#define OBJ_setct_AcqCardCodeMsg OBJ_set_ctype,22L
+
+#define SN_setct_AuthRevReqTBS "setct-AuthRevReqTBS"
+#define NID_setct_AuthRevReqTBS 541
+#define OBJ_setct_AuthRevReqTBS OBJ_set_ctype,23L
+
+#define SN_setct_AuthRevResData "setct-AuthRevResData"
+#define NID_setct_AuthRevResData 542
+#define OBJ_setct_AuthRevResData OBJ_set_ctype,24L
+
+#define SN_setct_AuthRevResTBS "setct-AuthRevResTBS"
+#define NID_setct_AuthRevResTBS 543
+#define OBJ_setct_AuthRevResTBS OBJ_set_ctype,25L
+
+#define SN_setct_CapReqTBS "setct-CapReqTBS"
+#define NID_setct_CapReqTBS 544
+#define OBJ_setct_CapReqTBS OBJ_set_ctype,26L
+
+#define SN_setct_CapReqTBSX "setct-CapReqTBSX"
+#define NID_setct_CapReqTBSX 545
+#define OBJ_setct_CapReqTBSX OBJ_set_ctype,27L
+
+#define SN_setct_CapResData "setct-CapResData"
+#define NID_setct_CapResData 546
+#define OBJ_setct_CapResData OBJ_set_ctype,28L
+
+#define SN_setct_CapRevReqTBS "setct-CapRevReqTBS"
+#define NID_setct_CapRevReqTBS 547
+#define OBJ_setct_CapRevReqTBS OBJ_set_ctype,29L
+
+#define SN_setct_CapRevReqTBSX "setct-CapRevReqTBSX"
+#define NID_setct_CapRevReqTBSX 548
+#define OBJ_setct_CapRevReqTBSX OBJ_set_ctype,30L
+
+#define SN_setct_CapRevResData "setct-CapRevResData"
+#define NID_setct_CapRevResData 549
+#define OBJ_setct_CapRevResData OBJ_set_ctype,31L
+
+#define SN_setct_CredReqTBS "setct-CredReqTBS"
+#define NID_setct_CredReqTBS 550
+#define OBJ_setct_CredReqTBS OBJ_set_ctype,32L
+
+#define SN_setct_CredReqTBSX "setct-CredReqTBSX"
+#define NID_setct_CredReqTBSX 551
+#define OBJ_setct_CredReqTBSX OBJ_set_ctype,33L
+
+#define SN_setct_CredResData "setct-CredResData"
+#define NID_setct_CredResData 552
+#define OBJ_setct_CredResData OBJ_set_ctype,34L
+
+#define SN_setct_CredRevReqTBS "setct-CredRevReqTBS"
+#define NID_setct_CredRevReqTBS 553
+#define OBJ_setct_CredRevReqTBS OBJ_set_ctype,35L
+
+#define SN_setct_CredRevReqTBSX "setct-CredRevReqTBSX"
+#define NID_setct_CredRevReqTBSX 554
+#define OBJ_setct_CredRevReqTBSX OBJ_set_ctype,36L
+
+#define SN_setct_CredRevResData "setct-CredRevResData"
+#define NID_setct_CredRevResData 555
+#define OBJ_setct_CredRevResData OBJ_set_ctype,37L
+
+#define SN_setct_PCertReqData "setct-PCertReqData"
+#define NID_setct_PCertReqData 556
+#define OBJ_setct_PCertReqData OBJ_set_ctype,38L
+
+#define SN_setct_PCertResTBS "setct-PCertResTBS"
+#define NID_setct_PCertResTBS 557
+#define OBJ_setct_PCertResTBS OBJ_set_ctype,39L
+
+#define SN_setct_BatchAdminReqData "setct-BatchAdminReqData"
+#define NID_setct_BatchAdminReqData 558
+#define OBJ_setct_BatchAdminReqData OBJ_set_ctype,40L
+
+#define SN_setct_BatchAdminResData "setct-BatchAdminResData"
+#define NID_setct_BatchAdminResData 559
+#define OBJ_setct_BatchAdminResData OBJ_set_ctype,41L
+
+#define SN_setct_CardCInitResTBS "setct-CardCInitResTBS"
+#define NID_setct_CardCInitResTBS 560
+#define OBJ_setct_CardCInitResTBS OBJ_set_ctype,42L
+
+#define SN_setct_MeAqCInitResTBS "setct-MeAqCInitResTBS"
+#define NID_setct_MeAqCInitResTBS 561
+#define OBJ_setct_MeAqCInitResTBS OBJ_set_ctype,43L
+
+#define SN_setct_RegFormResTBS "setct-RegFormResTBS"
+#define NID_setct_RegFormResTBS 562
+#define OBJ_setct_RegFormResTBS OBJ_set_ctype,44L
+
+#define SN_setct_CertReqData "setct-CertReqData"
+#define NID_setct_CertReqData 563
+#define OBJ_setct_CertReqData OBJ_set_ctype,45L
+
+#define SN_setct_CertReqTBS "setct-CertReqTBS"
+#define NID_setct_CertReqTBS 564
+#define OBJ_setct_CertReqTBS OBJ_set_ctype,46L
+
+#define SN_setct_CertResData "setct-CertResData"
+#define NID_setct_CertResData 565
+#define OBJ_setct_CertResData OBJ_set_ctype,47L
+
+#define SN_setct_CertInqReqTBS "setct-CertInqReqTBS"
+#define NID_setct_CertInqReqTBS 566
+#define OBJ_setct_CertInqReqTBS OBJ_set_ctype,48L
+
+#define SN_setct_ErrorTBS "setct-ErrorTBS"
+#define NID_setct_ErrorTBS 567
+#define OBJ_setct_ErrorTBS OBJ_set_ctype,49L
+
+#define SN_setct_PIDualSignedTBE "setct-PIDualSignedTBE"
+#define NID_setct_PIDualSignedTBE 568
+#define OBJ_setct_PIDualSignedTBE OBJ_set_ctype,50L
+
+#define SN_setct_PIUnsignedTBE "setct-PIUnsignedTBE"
+#define NID_setct_PIUnsignedTBE 569
+#define OBJ_setct_PIUnsignedTBE OBJ_set_ctype,51L
+
+#define SN_setct_AuthReqTBE "setct-AuthReqTBE"
+#define NID_setct_AuthReqTBE 570
+#define OBJ_setct_AuthReqTBE OBJ_set_ctype,52L
+
+#define SN_setct_AuthResTBE "setct-AuthResTBE"
+#define NID_setct_AuthResTBE 571
+#define OBJ_setct_AuthResTBE OBJ_set_ctype,53L
+
+#define SN_setct_AuthResTBEX "setct-AuthResTBEX"
+#define NID_setct_AuthResTBEX 572
+#define OBJ_setct_AuthResTBEX OBJ_set_ctype,54L
+
+#define SN_setct_AuthTokenTBE "setct-AuthTokenTBE"
+#define NID_setct_AuthTokenTBE 573
+#define OBJ_setct_AuthTokenTBE OBJ_set_ctype,55L
+
+#define SN_setct_CapTokenTBE "setct-CapTokenTBE"
+#define NID_setct_CapTokenTBE 574
+#define OBJ_setct_CapTokenTBE OBJ_set_ctype,56L
+
+#define SN_setct_CapTokenTBEX "setct-CapTokenTBEX"
+#define NID_setct_CapTokenTBEX 575
+#define OBJ_setct_CapTokenTBEX OBJ_set_ctype,57L
+
+#define SN_setct_AcqCardCodeMsgTBE "setct-AcqCardCodeMsgTBE"
+#define NID_setct_AcqCardCodeMsgTBE 576
+#define OBJ_setct_AcqCardCodeMsgTBE OBJ_set_ctype,58L
+
+#define SN_setct_AuthRevReqTBE "setct-AuthRevReqTBE"
+#define NID_setct_AuthRevReqTBE 577
+#define OBJ_setct_AuthRevReqTBE OBJ_set_ctype,59L
+
+#define SN_setct_AuthRevResTBE "setct-AuthRevResTBE"
+#define NID_setct_AuthRevResTBE 578
+#define OBJ_setct_AuthRevResTBE OBJ_set_ctype,60L
+
+#define SN_setct_AuthRevResTBEB "setct-AuthRevResTBEB"
+#define NID_setct_AuthRevResTBEB 579
+#define OBJ_setct_AuthRevResTBEB OBJ_set_ctype,61L
+
+#define SN_setct_CapReqTBE "setct-CapReqTBE"
+#define NID_setct_CapReqTBE 580
+#define OBJ_setct_CapReqTBE OBJ_set_ctype,62L
+
+#define SN_setct_CapReqTBEX "setct-CapReqTBEX"
+#define NID_setct_CapReqTBEX 581
+#define OBJ_setct_CapReqTBEX OBJ_set_ctype,63L
+
+#define SN_setct_CapResTBE "setct-CapResTBE"
+#define NID_setct_CapResTBE 582
+#define OBJ_setct_CapResTBE OBJ_set_ctype,64L
+
+#define SN_setct_CapRevReqTBE "setct-CapRevReqTBE"
+#define NID_setct_CapRevReqTBE 583
+#define OBJ_setct_CapRevReqTBE OBJ_set_ctype,65L
+
+#define SN_setct_CapRevReqTBEX "setct-CapRevReqTBEX"
+#define NID_setct_CapRevReqTBEX 584
+#define OBJ_setct_CapRevReqTBEX OBJ_set_ctype,66L
+
+#define SN_setct_CapRevResTBE "setct-CapRevResTBE"
+#define NID_setct_CapRevResTBE 585
+#define OBJ_setct_CapRevResTBE OBJ_set_ctype,67L
+
+#define SN_setct_CredReqTBE "setct-CredReqTBE"
+#define NID_setct_CredReqTBE 586
+#define OBJ_setct_CredReqTBE OBJ_set_ctype,68L
+
+#define SN_setct_CredReqTBEX "setct-CredReqTBEX"
+#define NID_setct_CredReqTBEX 587
+#define OBJ_setct_CredReqTBEX OBJ_set_ctype,69L
+
+#define SN_setct_CredResTBE "setct-CredResTBE"
+#define NID_setct_CredResTBE 588
+#define OBJ_setct_CredResTBE OBJ_set_ctype,70L
+
+#define SN_setct_CredRevReqTBE "setct-CredRevReqTBE"
+#define NID_setct_CredRevReqTBE 589
+#define OBJ_setct_CredRevReqTBE OBJ_set_ctype,71L
+
+#define SN_setct_CredRevReqTBEX "setct-CredRevReqTBEX"
+#define NID_setct_CredRevReqTBEX 590
+#define OBJ_setct_CredRevReqTBEX OBJ_set_ctype,72L
+
+#define SN_setct_CredRevResTBE "setct-CredRevResTBE"
+#define NID_setct_CredRevResTBE 591
+#define OBJ_setct_CredRevResTBE OBJ_set_ctype,73L
+
+#define SN_setct_BatchAdminReqTBE "setct-BatchAdminReqTBE"
+#define NID_setct_BatchAdminReqTBE 592
+#define OBJ_setct_BatchAdminReqTBE OBJ_set_ctype,74L
+
+#define SN_setct_BatchAdminResTBE "setct-BatchAdminResTBE"
+#define NID_setct_BatchAdminResTBE 593
+#define OBJ_setct_BatchAdminResTBE OBJ_set_ctype,75L
+
+#define SN_setct_RegFormReqTBE "setct-RegFormReqTBE"
+#define NID_setct_RegFormReqTBE 594
+#define OBJ_setct_RegFormReqTBE OBJ_set_ctype,76L
+
+#define SN_setct_CertReqTBE "setct-CertReqTBE"
+#define NID_setct_CertReqTBE 595
+#define OBJ_setct_CertReqTBE OBJ_set_ctype,77L
+
+#define SN_setct_CertReqTBEX "setct-CertReqTBEX"
+#define NID_setct_CertReqTBEX 596
+#define OBJ_setct_CertReqTBEX OBJ_set_ctype,78L
+
+#define SN_setct_CertResTBE "setct-CertResTBE"
+#define NID_setct_CertResTBE 597
+#define OBJ_setct_CertResTBE OBJ_set_ctype,79L
+
+#define SN_setct_CRLNotificationTBS "setct-CRLNotificationTBS"
+#define NID_setct_CRLNotificationTBS 598
+#define OBJ_setct_CRLNotificationTBS OBJ_set_ctype,80L
+
+#define SN_setct_CRLNotificationResTBS "setct-CRLNotificationResTBS"
+#define NID_setct_CRLNotificationResTBS 599
+#define OBJ_setct_CRLNotificationResTBS OBJ_set_ctype,81L
+
+#define SN_setct_BCIDistributionTBS "setct-BCIDistributionTBS"
+#define NID_setct_BCIDistributionTBS 600
+#define OBJ_setct_BCIDistributionTBS OBJ_set_ctype,82L
+
+#define SN_setext_genCrypt "setext-genCrypt"
+#define LN_setext_genCrypt "generic cryptogram"
+#define NID_setext_genCrypt 601
+#define OBJ_setext_genCrypt OBJ_set_msgExt,1L
+
+#define SN_setext_miAuth "setext-miAuth"
+#define LN_setext_miAuth "merchant initiated auth"
+#define NID_setext_miAuth 602
+#define OBJ_setext_miAuth OBJ_set_msgExt,3L
+
+#define SN_setext_pinSecure "setext-pinSecure"
+#define NID_setext_pinSecure 603
+#define OBJ_setext_pinSecure OBJ_set_msgExt,4L
+
+#define SN_setext_pinAny "setext-pinAny"
+#define NID_setext_pinAny 604
+#define OBJ_setext_pinAny OBJ_set_msgExt,5L
+
+#define SN_setext_track2 "setext-track2"
+#define NID_setext_track2 605
+#define OBJ_setext_track2 OBJ_set_msgExt,7L
+
+#define SN_setext_cv "setext-cv"
+#define LN_setext_cv "additional verification"
+#define NID_setext_cv 606
+#define OBJ_setext_cv OBJ_set_msgExt,8L
+
+#define SN_set_policy_root "set-policy-root"
+#define NID_set_policy_root 607
+#define OBJ_set_policy_root OBJ_set_policy,0L
+
+#define SN_setCext_hashedRoot "setCext-hashedRoot"
+#define NID_setCext_hashedRoot 608
+#define OBJ_setCext_hashedRoot OBJ_set_certExt,0L
+
+#define SN_setCext_certType "setCext-certType"
+#define NID_setCext_certType 609
+#define OBJ_setCext_certType OBJ_set_certExt,1L
+
+#define SN_setCext_merchData "setCext-merchData"
+#define NID_setCext_merchData 610
+#define OBJ_setCext_merchData OBJ_set_certExt,2L
+
+#define SN_setCext_cCertRequired "setCext-cCertRequired"
+#define NID_setCext_cCertRequired 611
+#define OBJ_setCext_cCertRequired OBJ_set_certExt,3L
+
+#define SN_setCext_tunneling "setCext-tunneling"
+#define NID_setCext_tunneling 612
+#define OBJ_setCext_tunneling OBJ_set_certExt,4L
+
+#define SN_setCext_setExt "setCext-setExt"
+#define NID_setCext_setExt 613
+#define OBJ_setCext_setExt OBJ_set_certExt,5L
+
+#define SN_setCext_setQualf "setCext-setQualf"
+#define NID_setCext_setQualf 614
+#define OBJ_setCext_setQualf OBJ_set_certExt,6L
+
+#define SN_setCext_PGWYcapabilities "setCext-PGWYcapabilities"
+#define NID_setCext_PGWYcapabilities 615
+#define OBJ_setCext_PGWYcapabilities OBJ_set_certExt,7L
+
+#define SN_setCext_TokenIdentifier "setCext-TokenIdentifier"
+#define NID_setCext_TokenIdentifier 616
+#define OBJ_setCext_TokenIdentifier OBJ_set_certExt,8L
+
+#define SN_setCext_Track2Data "setCext-Track2Data"
+#define NID_setCext_Track2Data 617
+#define OBJ_setCext_Track2Data OBJ_set_certExt,9L
+
+#define SN_setCext_TokenType "setCext-TokenType"
+#define NID_setCext_TokenType 618
+#define OBJ_setCext_TokenType OBJ_set_certExt,10L
+
+#define SN_setCext_IssuerCapabilities "setCext-IssuerCapabilities"
+#define NID_setCext_IssuerCapabilities 619
+#define OBJ_setCext_IssuerCapabilities OBJ_set_certExt,11L
+
+#define SN_setAttr_Cert "setAttr-Cert"
+#define NID_setAttr_Cert 620
+#define OBJ_setAttr_Cert OBJ_set_attr,0L
+
+#define SN_setAttr_PGWYcap "setAttr-PGWYcap"
+#define LN_setAttr_PGWYcap "payment gateway capabilities"
+#define NID_setAttr_PGWYcap 621
+#define OBJ_setAttr_PGWYcap OBJ_set_attr,1L
+
+#define SN_setAttr_TokenType "setAttr-TokenType"
+#define NID_setAttr_TokenType 622
+#define OBJ_setAttr_TokenType OBJ_set_attr,2L
+
+#define SN_setAttr_IssCap "setAttr-IssCap"
+#define LN_setAttr_IssCap "issuer capabilities"
+#define NID_setAttr_IssCap 623
+#define OBJ_setAttr_IssCap OBJ_set_attr,3L
+
+#define SN_set_rootKeyThumb "set-rootKeyThumb"
+#define NID_set_rootKeyThumb 624
+#define OBJ_set_rootKeyThumb OBJ_setAttr_Cert,0L
+
+#define SN_set_addPolicy "set-addPolicy"
+#define NID_set_addPolicy 625
+#define OBJ_set_addPolicy OBJ_setAttr_Cert,1L
+
+#define SN_setAttr_Token_EMV "setAttr-Token-EMV"
+#define NID_setAttr_Token_EMV 626
+#define OBJ_setAttr_Token_EMV OBJ_setAttr_TokenType,1L
+
+#define SN_setAttr_Token_B0Prime "setAttr-Token-B0Prime"
+#define NID_setAttr_Token_B0Prime 627
+#define OBJ_setAttr_Token_B0Prime OBJ_setAttr_TokenType,2L
+
+#define SN_setAttr_IssCap_CVM "setAttr-IssCap-CVM"
+#define NID_setAttr_IssCap_CVM 628
+#define OBJ_setAttr_IssCap_CVM OBJ_setAttr_IssCap,3L
+
+#define SN_setAttr_IssCap_T2 "setAttr-IssCap-T2"
+#define NID_setAttr_IssCap_T2 629
+#define OBJ_setAttr_IssCap_T2 OBJ_setAttr_IssCap,4L
+
+#define SN_setAttr_IssCap_Sig "setAttr-IssCap-Sig"
+#define NID_setAttr_IssCap_Sig 630
+#define OBJ_setAttr_IssCap_Sig OBJ_setAttr_IssCap,5L
+
+#define SN_setAttr_GenCryptgrm "setAttr-GenCryptgrm"
+#define LN_setAttr_GenCryptgrm "generate cryptogram"
+#define NID_setAttr_GenCryptgrm 631
+#define OBJ_setAttr_GenCryptgrm OBJ_setAttr_IssCap_CVM,1L
+
+#define SN_setAttr_T2Enc "setAttr-T2Enc"
+#define LN_setAttr_T2Enc "encrypted track 2"
+#define NID_setAttr_T2Enc 632
+#define OBJ_setAttr_T2Enc OBJ_setAttr_IssCap_T2,1L
+
+#define SN_setAttr_T2cleartxt "setAttr-T2cleartxt"
+#define LN_setAttr_T2cleartxt "cleartext track 2"
+#define NID_setAttr_T2cleartxt 633
+#define OBJ_setAttr_T2cleartxt OBJ_setAttr_IssCap_T2,2L
+
+#define SN_setAttr_TokICCsig "setAttr-TokICCsig"
+#define LN_setAttr_TokICCsig "ICC or token signature"
+#define NID_setAttr_TokICCsig 634
+#define OBJ_setAttr_TokICCsig OBJ_setAttr_IssCap_Sig,1L
+
+#define SN_setAttr_SecDevSig "setAttr-SecDevSig"
+#define LN_setAttr_SecDevSig "secure device signature"
+#define NID_setAttr_SecDevSig 635
+#define OBJ_setAttr_SecDevSig OBJ_setAttr_IssCap_Sig,2L
+
+#define SN_set_brand_IATA_ATA "set-brand-IATA-ATA"
+#define NID_set_brand_IATA_ATA 636
+#define OBJ_set_brand_IATA_ATA OBJ_set_brand,1L
+
+#define SN_set_brand_Diners "set-brand-Diners"
+#define NID_set_brand_Diners 637
+#define OBJ_set_brand_Diners OBJ_set_brand,30L
+
+#define SN_set_brand_AmericanExpress "set-brand-AmericanExpress"
+#define NID_set_brand_AmericanExpress 638
+#define OBJ_set_brand_AmericanExpress OBJ_set_brand,34L
+
+#define SN_set_brand_JCB "set-brand-JCB"
+#define NID_set_brand_JCB 639
+#define OBJ_set_brand_JCB OBJ_set_brand,35L
+
+#define SN_set_brand_Visa "set-brand-Visa"
+#define NID_set_brand_Visa 640
+#define OBJ_set_brand_Visa OBJ_set_brand,4L
+
+#define SN_set_brand_MasterCard "set-brand-MasterCard"
+#define NID_set_brand_MasterCard 641
+#define OBJ_set_brand_MasterCard OBJ_set_brand,5L
+
+#define SN_set_brand_Novus "set-brand-Novus"
+#define NID_set_brand_Novus 642
+#define OBJ_set_brand_Novus OBJ_set_brand,6011L
+
+#define SN_des_cdmf "DES-CDMF"
+#define LN_des_cdmf "des-cdmf"
+#define NID_des_cdmf 643
+#define OBJ_des_cdmf OBJ_rsadsi,3L,10L
+
+#define SN_rsaOAEPEncryptionSET "rsaOAEPEncryptionSET"
+#define NID_rsaOAEPEncryptionSET 644
+#define OBJ_rsaOAEPEncryptionSET OBJ_rsadsi,1L,1L,6L
+
+#define SN_ipsec3 "Oakley-EC2N-3"
+#define LN_ipsec3 "ipsec3"
+#define NID_ipsec3 749
+
+#define SN_ipsec4 "Oakley-EC2N-4"
+#define LN_ipsec4 "ipsec4"
+#define NID_ipsec4 750
+
+#define SN_whirlpool "whirlpool"
+#define NID_whirlpool 804
+#define OBJ_whirlpool OBJ_iso,0L,10118L,3L,0L,55L
+
+#define SN_cryptopro "cryptopro"
+#define NID_cryptopro 805
+#define OBJ_cryptopro OBJ_member_body,643L,2L,2L
+
+#define SN_cryptocom "cryptocom"
+#define NID_cryptocom 806
+#define OBJ_cryptocom OBJ_member_body,643L,2L,9L
+
+#define SN_id_tc26 "id-tc26"
+#define NID_id_tc26 974
+#define OBJ_id_tc26 OBJ_member_body,643L,7L,1L
+
+#define SN_id_GostR3411_94_with_GostR3410_2001 "id-GostR3411-94-with-GostR3410-2001"
+#define LN_id_GostR3411_94_with_GostR3410_2001 "GOST R 34.11-94 with GOST R 34.10-2001"
+#define NID_id_GostR3411_94_with_GostR3410_2001 807
+#define OBJ_id_GostR3411_94_with_GostR3410_2001 OBJ_cryptopro,3L
+
+#define SN_id_GostR3411_94_with_GostR3410_94 "id-GostR3411-94-with-GostR3410-94"
+#define LN_id_GostR3411_94_with_GostR3410_94 "GOST R 34.11-94 with GOST R 34.10-94"
+#define NID_id_GostR3411_94_with_GostR3410_94 808
+#define OBJ_id_GostR3411_94_with_GostR3410_94 OBJ_cryptopro,4L
+
+#define SN_id_GostR3411_94 "md_gost94"
+#define LN_id_GostR3411_94 "GOST R 34.11-94"
+#define NID_id_GostR3411_94 809
+#define OBJ_id_GostR3411_94 OBJ_cryptopro,9L
+
+#define SN_id_HMACGostR3411_94 "id-HMACGostR3411-94"
+#define LN_id_HMACGostR3411_94 "HMAC GOST 34.11-94"
+#define NID_id_HMACGostR3411_94 810
+#define OBJ_id_HMACGostR3411_94 OBJ_cryptopro,10L
+
+#define SN_id_GostR3410_2001 "gost2001"
+#define LN_id_GostR3410_2001 "GOST R 34.10-2001"
+#define NID_id_GostR3410_2001 811
+#define OBJ_id_GostR3410_2001 OBJ_cryptopro,19L
+
+#define SN_id_GostR3410_94 "gost94"
+#define LN_id_GostR3410_94 "GOST R 34.10-94"
+#define NID_id_GostR3410_94 812
+#define OBJ_id_GostR3410_94 OBJ_cryptopro,20L
+
+#define SN_id_Gost28147_89 "gost89"
+#define LN_id_Gost28147_89 "GOST 28147-89"
+#define NID_id_Gost28147_89 813
+#define OBJ_id_Gost28147_89 OBJ_cryptopro,21L
+
+#define SN_gost89_cnt "gost89-cnt"
+#define NID_gost89_cnt 814
+
+#define SN_gost89_cnt_12 "gost89-cnt-12"
+#define NID_gost89_cnt_12 975
+
+#define SN_gost89_cbc "gost89-cbc"
+#define NID_gost89_cbc 1009
+
+#define SN_gost89_ecb "gost89-ecb"
+#define NID_gost89_ecb 1010
+
+#define SN_gost89_ctr "gost89-ctr"
+#define NID_gost89_ctr 1011
+
+#define SN_id_Gost28147_89_MAC "gost-mac"
+#define LN_id_Gost28147_89_MAC "GOST 28147-89 MAC"
+#define NID_id_Gost28147_89_MAC 815
+#define OBJ_id_Gost28147_89_MAC OBJ_cryptopro,22L
+
+#define SN_gost_mac_12 "gost-mac-12"
+#define NID_gost_mac_12 976
+
+#define SN_id_GostR3411_94_prf "prf-gostr3411-94"
+#define LN_id_GostR3411_94_prf "GOST R 34.11-94 PRF"
+#define NID_id_GostR3411_94_prf 816
+#define OBJ_id_GostR3411_94_prf OBJ_cryptopro,23L
+
+#define SN_id_GostR3410_2001DH "id-GostR3410-2001DH"
+#define LN_id_GostR3410_2001DH "GOST R 34.10-2001 DH"
+#define NID_id_GostR3410_2001DH 817
+#define OBJ_id_GostR3410_2001DH OBJ_cryptopro,98L
+
+#define SN_id_GostR3410_94DH "id-GostR3410-94DH"
+#define LN_id_GostR3410_94DH "GOST R 34.10-94 DH"
+#define NID_id_GostR3410_94DH 818
+#define OBJ_id_GostR3410_94DH OBJ_cryptopro,99L
+
+#define SN_id_Gost28147_89_CryptoPro_KeyMeshing "id-Gost28147-89-CryptoPro-KeyMeshing"
+#define NID_id_Gost28147_89_CryptoPro_KeyMeshing 819
+#define OBJ_id_Gost28147_89_CryptoPro_KeyMeshing OBJ_cryptopro,14L,1L
+
+#define SN_id_Gost28147_89_None_KeyMeshing "id-Gost28147-89-None-KeyMeshing"
+#define NID_id_Gost28147_89_None_KeyMeshing 820
+#define OBJ_id_Gost28147_89_None_KeyMeshing OBJ_cryptopro,14L,0L
+
+#define SN_id_GostR3411_94_TestParamSet "id-GostR3411-94-TestParamSet"
+#define NID_id_GostR3411_94_TestParamSet 821
+#define OBJ_id_GostR3411_94_TestParamSet OBJ_cryptopro,30L,0L
+
+#define SN_id_GostR3411_94_CryptoProParamSet "id-GostR3411-94-CryptoProParamSet"
+#define NID_id_GostR3411_94_CryptoProParamSet 822
+#define OBJ_id_GostR3411_94_CryptoProParamSet OBJ_cryptopro,30L,1L
+
+#define SN_id_Gost28147_89_TestParamSet "id-Gost28147-89-TestParamSet"
+#define NID_id_Gost28147_89_TestParamSet 823
+#define OBJ_id_Gost28147_89_TestParamSet OBJ_cryptopro,31L,0L
+
+#define SN_id_Gost28147_89_CryptoPro_A_ParamSet "id-Gost28147-89-CryptoPro-A-ParamSet"
+#define NID_id_Gost28147_89_CryptoPro_A_ParamSet 824
+#define OBJ_id_Gost28147_89_CryptoPro_A_ParamSet OBJ_cryptopro,31L,1L
+
+#define SN_id_Gost28147_89_CryptoPro_B_ParamSet "id-Gost28147-89-CryptoPro-B-ParamSet"
+#define NID_id_Gost28147_89_CryptoPro_B_ParamSet 825
+#define OBJ_id_Gost28147_89_CryptoPro_B_ParamSet OBJ_cryptopro,31L,2L
+
+#define SN_id_Gost28147_89_CryptoPro_C_ParamSet "id-Gost28147-89-CryptoPro-C-ParamSet"
+#define NID_id_Gost28147_89_CryptoPro_C_ParamSet 826
+#define OBJ_id_Gost28147_89_CryptoPro_C_ParamSet OBJ_cryptopro,31L,3L
+
+#define SN_id_Gost28147_89_CryptoPro_D_ParamSet "id-Gost28147-89-CryptoPro-D-ParamSet"
+#define NID_id_Gost28147_89_CryptoPro_D_ParamSet 827
+#define OBJ_id_Gost28147_89_CryptoPro_D_ParamSet OBJ_cryptopro,31L,4L
+
+#define SN_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet"
+#define NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet 828
+#define OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet OBJ_cryptopro,31L,5L
+
+#define SN_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet"
+#define NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet 829
+#define OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet OBJ_cryptopro,31L,6L
+
+#define SN_id_Gost28147_89_CryptoPro_RIC_1_ParamSet "id-Gost28147-89-CryptoPro-RIC-1-ParamSet"
+#define NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet 830
+#define OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet OBJ_cryptopro,31L,7L
+
+#define SN_id_GostR3410_94_TestParamSet "id-GostR3410-94-TestParamSet"
+#define NID_id_GostR3410_94_TestParamSet 831
+#define OBJ_id_GostR3410_94_TestParamSet OBJ_cryptopro,32L,0L
+
+#define SN_id_GostR3410_94_CryptoPro_A_ParamSet "id-GostR3410-94-CryptoPro-A-ParamSet"
+#define NID_id_GostR3410_94_CryptoPro_A_ParamSet 832
+#define OBJ_id_GostR3410_94_CryptoPro_A_ParamSet OBJ_cryptopro,32L,2L
+
+#define SN_id_GostR3410_94_CryptoPro_B_ParamSet "id-GostR3410-94-CryptoPro-B-ParamSet"
+#define NID_id_GostR3410_94_CryptoPro_B_ParamSet 833
+#define OBJ_id_GostR3410_94_CryptoPro_B_ParamSet OBJ_cryptopro,32L,3L
+
+#define SN_id_GostR3410_94_CryptoPro_C_ParamSet "id-GostR3410-94-CryptoPro-C-ParamSet"
+#define NID_id_GostR3410_94_CryptoPro_C_ParamSet 834
+#define OBJ_id_GostR3410_94_CryptoPro_C_ParamSet OBJ_cryptopro,32L,4L
+
+#define SN_id_GostR3410_94_CryptoPro_D_ParamSet "id-GostR3410-94-CryptoPro-D-ParamSet"
+#define NID_id_GostR3410_94_CryptoPro_D_ParamSet 835
+#define OBJ_id_GostR3410_94_CryptoPro_D_ParamSet OBJ_cryptopro,32L,5L
+
+#define SN_id_GostR3410_94_CryptoPro_XchA_ParamSet "id-GostR3410-94-CryptoPro-XchA-ParamSet"
+#define NID_id_GostR3410_94_CryptoPro_XchA_ParamSet 836
+#define OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet OBJ_cryptopro,33L,1L
+
+#define SN_id_GostR3410_94_CryptoPro_XchB_ParamSet "id-GostR3410-94-CryptoPro-XchB-ParamSet"
+#define NID_id_GostR3410_94_CryptoPro_XchB_ParamSet 837
+#define OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet OBJ_cryptopro,33L,2L
+
+#define SN_id_GostR3410_94_CryptoPro_XchC_ParamSet "id-GostR3410-94-CryptoPro-XchC-ParamSet"
+#define NID_id_GostR3410_94_CryptoPro_XchC_ParamSet 838
+#define OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet OBJ_cryptopro,33L,3L
+
+#define SN_id_GostR3410_2001_TestParamSet "id-GostR3410-2001-TestParamSet"
+#define NID_id_GostR3410_2001_TestParamSet 839
+#define OBJ_id_GostR3410_2001_TestParamSet OBJ_cryptopro,35L,0L
+
+#define SN_id_GostR3410_2001_CryptoPro_A_ParamSet "id-GostR3410-2001-CryptoPro-A-ParamSet"
+#define NID_id_GostR3410_2001_CryptoPro_A_ParamSet 840
+#define OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet OBJ_cryptopro,35L,1L
+
+#define SN_id_GostR3410_2001_CryptoPro_B_ParamSet "id-GostR3410-2001-CryptoPro-B-ParamSet"
+#define NID_id_GostR3410_2001_CryptoPro_B_ParamSet 841
+#define OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet OBJ_cryptopro,35L,2L
+
+#define SN_id_GostR3410_2001_CryptoPro_C_ParamSet "id-GostR3410-2001-CryptoPro-C-ParamSet"
+#define NID_id_GostR3410_2001_CryptoPro_C_ParamSet 842
+#define OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet OBJ_cryptopro,35L,3L
+
+#define SN_id_GostR3410_2001_CryptoPro_XchA_ParamSet "id-GostR3410-2001-CryptoPro-XchA-ParamSet"
+#define NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet 843
+#define OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet OBJ_cryptopro,36L,0L
+
+#define SN_id_GostR3410_2001_CryptoPro_XchB_ParamSet "id-GostR3410-2001-CryptoPro-XchB-ParamSet"
+#define NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet 844
+#define OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet OBJ_cryptopro,36L,1L
+
+#define SN_id_GostR3410_94_a "id-GostR3410-94-a"
+#define NID_id_GostR3410_94_a 845
+#define OBJ_id_GostR3410_94_a OBJ_id_GostR3410_94,1L
+
+#define SN_id_GostR3410_94_aBis "id-GostR3410-94-aBis"
+#define NID_id_GostR3410_94_aBis 846
+#define OBJ_id_GostR3410_94_aBis OBJ_id_GostR3410_94,2L
+
+#define SN_id_GostR3410_94_b "id-GostR3410-94-b"
+#define NID_id_GostR3410_94_b 847
+#define OBJ_id_GostR3410_94_b OBJ_id_GostR3410_94,3L
+
+#define SN_id_GostR3410_94_bBis "id-GostR3410-94-bBis"
+#define NID_id_GostR3410_94_bBis 848
+#define OBJ_id_GostR3410_94_bBis OBJ_id_GostR3410_94,4L
+
+#define SN_id_Gost28147_89_cc "id-Gost28147-89-cc"
+#define LN_id_Gost28147_89_cc "GOST 28147-89 Cryptocom ParamSet"
+#define NID_id_Gost28147_89_cc 849
+#define OBJ_id_Gost28147_89_cc OBJ_cryptocom,1L,6L,1L
+
+#define SN_id_GostR3410_94_cc "gost94cc"
+#define LN_id_GostR3410_94_cc "GOST 34.10-94 Cryptocom"
+#define NID_id_GostR3410_94_cc 850
+#define OBJ_id_GostR3410_94_cc OBJ_cryptocom,1L,5L,3L
+
+#define SN_id_GostR3410_2001_cc "gost2001cc"
+#define LN_id_GostR3410_2001_cc "GOST 34.10-2001 Cryptocom"
+#define NID_id_GostR3410_2001_cc 851
+#define OBJ_id_GostR3410_2001_cc OBJ_cryptocom,1L,5L,4L
+
+#define SN_id_GostR3411_94_with_GostR3410_94_cc "id-GostR3411-94-with-GostR3410-94-cc"
+#define LN_id_GostR3411_94_with_GostR3410_94_cc "GOST R 34.11-94 with GOST R 34.10-94 Cryptocom"
+#define NID_id_GostR3411_94_with_GostR3410_94_cc 852
+#define OBJ_id_GostR3411_94_with_GostR3410_94_cc OBJ_cryptocom,1L,3L,3L
+
+#define SN_id_GostR3411_94_with_GostR3410_2001_cc "id-GostR3411-94-with-GostR3410-2001-cc"
+#define LN_id_GostR3411_94_with_GostR3410_2001_cc "GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom"
+#define NID_id_GostR3411_94_with_GostR3410_2001_cc 853
+#define OBJ_id_GostR3411_94_with_GostR3410_2001_cc OBJ_cryptocom,1L,3L,4L
+
+#define SN_id_GostR3410_2001_ParamSet_cc "id-GostR3410-2001-ParamSet-cc"
+#define LN_id_GostR3410_2001_ParamSet_cc "GOST R 3410-2001 Parameter Set Cryptocom"
+#define NID_id_GostR3410_2001_ParamSet_cc 854
+#define OBJ_id_GostR3410_2001_ParamSet_cc OBJ_cryptocom,1L,8L,1L
+
+#define SN_id_tc26_algorithms "id-tc26-algorithms"
+#define NID_id_tc26_algorithms 977
+#define OBJ_id_tc26_algorithms OBJ_id_tc26,1L
+
+#define SN_id_tc26_sign "id-tc26-sign"
+#define NID_id_tc26_sign 978
+#define OBJ_id_tc26_sign OBJ_id_tc26_algorithms,1L
+
+#define SN_id_GostR3410_2012_256 "gost2012_256"
+#define LN_id_GostR3410_2012_256 "GOST R 34.10-2012 with 256 bit modulus"
+#define NID_id_GostR3410_2012_256 979
+#define OBJ_id_GostR3410_2012_256 OBJ_id_tc26_sign,1L
+
+#define SN_id_GostR3410_2012_512 "gost2012_512"
+#define LN_id_GostR3410_2012_512 "GOST R 34.10-2012 with 512 bit modulus"
+#define NID_id_GostR3410_2012_512 980
+#define OBJ_id_GostR3410_2012_512 OBJ_id_tc26_sign,2L
+
+#define SN_id_tc26_digest "id-tc26-digest"
+#define NID_id_tc26_digest 981
+#define OBJ_id_tc26_digest OBJ_id_tc26_algorithms,2L
+
+#define SN_id_GostR3411_2012_256 "md_gost12_256"
+#define LN_id_GostR3411_2012_256 "GOST R 34.11-2012 with 256 bit hash"
+#define NID_id_GostR3411_2012_256 982
+#define OBJ_id_GostR3411_2012_256 OBJ_id_tc26_digest,2L
+
+#define SN_id_GostR3411_2012_512 "md_gost12_512"
+#define LN_id_GostR3411_2012_512 "GOST R 34.11-2012 with 512 bit hash"
+#define NID_id_GostR3411_2012_512 983
+#define OBJ_id_GostR3411_2012_512 OBJ_id_tc26_digest,3L
+
+#define SN_id_tc26_signwithdigest "id-tc26-signwithdigest"
+#define NID_id_tc26_signwithdigest 984
+#define OBJ_id_tc26_signwithdigest OBJ_id_tc26_algorithms,3L
+
+#define SN_id_tc26_signwithdigest_gost3410_2012_256 "id-tc26-signwithdigest-gost3410-2012-256"
+#define LN_id_tc26_signwithdigest_gost3410_2012_256 "GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)"
+#define NID_id_tc26_signwithdigest_gost3410_2012_256 985
+#define OBJ_id_tc26_signwithdigest_gost3410_2012_256 OBJ_id_tc26_signwithdigest,2L
+
+#define SN_id_tc26_signwithdigest_gost3410_2012_512 "id-tc26-signwithdigest-gost3410-2012-512"
+#define LN_id_tc26_signwithdigest_gost3410_2012_512 "GOST R 34.10-2012 with GOST R 34.11-2012 (512 bit)"
+#define NID_id_tc26_signwithdigest_gost3410_2012_512 986
+#define OBJ_id_tc26_signwithdigest_gost3410_2012_512 OBJ_id_tc26_signwithdigest,3L
+
+#define SN_id_tc26_mac "id-tc26-mac"
+#define NID_id_tc26_mac 987
+#define OBJ_id_tc26_mac OBJ_id_tc26_algorithms,4L
+
+#define SN_id_tc26_hmac_gost_3411_2012_256 "id-tc26-hmac-gost-3411-2012-256"
+#define LN_id_tc26_hmac_gost_3411_2012_256 "HMAC GOST 34.11-2012 256 bit"
+#define NID_id_tc26_hmac_gost_3411_2012_256 988
+#define OBJ_id_tc26_hmac_gost_3411_2012_256 OBJ_id_tc26_mac,1L
+
+#define SN_id_tc26_hmac_gost_3411_2012_512 "id-tc26-hmac-gost-3411-2012-512"
+#define LN_id_tc26_hmac_gost_3411_2012_512 "HMAC GOST 34.11-2012 512 bit"
+#define NID_id_tc26_hmac_gost_3411_2012_512 989
+#define OBJ_id_tc26_hmac_gost_3411_2012_512 OBJ_id_tc26_mac,2L
+
+#define SN_id_tc26_cipher "id-tc26-cipher"
+#define NID_id_tc26_cipher 990
+#define OBJ_id_tc26_cipher OBJ_id_tc26_algorithms,5L
+
+#define SN_id_tc26_cipher_gostr3412_2015_magma "id-tc26-cipher-gostr3412-2015-magma"
+#define NID_id_tc26_cipher_gostr3412_2015_magma 1173
+#define OBJ_id_tc26_cipher_gostr3412_2015_magma OBJ_id_tc26_cipher,1L
+
+#define SN_magma_ctr_acpkm "magma-ctr-acpkm"
+#define NID_magma_ctr_acpkm 1174
+#define OBJ_magma_ctr_acpkm OBJ_id_tc26_cipher_gostr3412_2015_magma,1L
+
+#define SN_magma_ctr_acpkm_omac "magma-ctr-acpkm-omac"
+#define NID_magma_ctr_acpkm_omac 1175
+#define OBJ_magma_ctr_acpkm_omac OBJ_id_tc26_cipher_gostr3412_2015_magma,2L
+
+#define SN_id_tc26_cipher_gostr3412_2015_kuznyechik "id-tc26-cipher-gostr3412-2015-kuznyechik"
+#define NID_id_tc26_cipher_gostr3412_2015_kuznyechik 1176
+#define OBJ_id_tc26_cipher_gostr3412_2015_kuznyechik OBJ_id_tc26_cipher,2L
+
+#define SN_kuznyechik_ctr_acpkm "kuznyechik-ctr-acpkm"
+#define NID_kuznyechik_ctr_acpkm 1177
+#define OBJ_kuznyechik_ctr_acpkm OBJ_id_tc26_cipher_gostr3412_2015_kuznyechik,1L
+
+#define SN_kuznyechik_ctr_acpkm_omac "kuznyechik-ctr-acpkm-omac"
+#define NID_kuznyechik_ctr_acpkm_omac 1178
+#define OBJ_kuznyechik_ctr_acpkm_omac OBJ_id_tc26_cipher_gostr3412_2015_kuznyechik,2L
+
+#define SN_id_tc26_agreement "id-tc26-agreement"
+#define NID_id_tc26_agreement 991
+#define OBJ_id_tc26_agreement OBJ_id_tc26_algorithms,6L
+
+#define SN_id_tc26_agreement_gost_3410_2012_256 "id-tc26-agreement-gost-3410-2012-256"
+#define NID_id_tc26_agreement_gost_3410_2012_256 992
+#define OBJ_id_tc26_agreement_gost_3410_2012_256 OBJ_id_tc26_agreement,1L
+
+#define SN_id_tc26_agreement_gost_3410_2012_512 "id-tc26-agreement-gost-3410-2012-512"
+#define NID_id_tc26_agreement_gost_3410_2012_512 993
+#define OBJ_id_tc26_agreement_gost_3410_2012_512 OBJ_id_tc26_agreement,2L
+
+#define SN_id_tc26_wrap "id-tc26-wrap"
+#define NID_id_tc26_wrap 1179
+#define OBJ_id_tc26_wrap OBJ_id_tc26_algorithms,7L
+
+#define SN_id_tc26_wrap_gostr3412_2015_magma "id-tc26-wrap-gostr3412-2015-magma"
+#define NID_id_tc26_wrap_gostr3412_2015_magma 1180
+#define OBJ_id_tc26_wrap_gostr3412_2015_magma OBJ_id_tc26_wrap,1L
+
+#define SN_magma_kexp15 "magma-kexp15"
+#define NID_magma_kexp15 1181
+#define OBJ_magma_kexp15 OBJ_id_tc26_wrap_gostr3412_2015_magma,1L
+
+#define SN_id_tc26_wrap_gostr3412_2015_kuznyechik "id-tc26-wrap-gostr3412-2015-kuznyechik"
+#define NID_id_tc26_wrap_gostr3412_2015_kuznyechik 1182
+#define OBJ_id_tc26_wrap_gostr3412_2015_kuznyechik OBJ_id_tc26_wrap,2L
+
+#define SN_kuznyechik_kexp15 "kuznyechik-kexp15"
+#define NID_kuznyechik_kexp15 1183
+#define OBJ_kuznyechik_kexp15 OBJ_id_tc26_wrap_gostr3412_2015_kuznyechik,1L
+
+#define SN_id_tc26_constants "id-tc26-constants"
+#define NID_id_tc26_constants 994
+#define OBJ_id_tc26_constants OBJ_id_tc26,2L
+
+#define SN_id_tc26_sign_constants "id-tc26-sign-constants"
+#define NID_id_tc26_sign_constants 995
+#define OBJ_id_tc26_sign_constants OBJ_id_tc26_constants,1L
+
+#define SN_id_tc26_gost_3410_2012_256_constants "id-tc26-gost-3410-2012-256-constants"
+#define NID_id_tc26_gost_3410_2012_256_constants 1147
+#define OBJ_id_tc26_gost_3410_2012_256_constants OBJ_id_tc26_sign_constants,1L
+
+#define SN_id_tc26_gost_3410_2012_256_paramSetA "id-tc26-gost-3410-2012-256-paramSetA"
+#define LN_id_tc26_gost_3410_2012_256_paramSetA "GOST R 34.10-2012 (256 bit) ParamSet A"
+#define NID_id_tc26_gost_3410_2012_256_paramSetA 1148
+#define OBJ_id_tc26_gost_3410_2012_256_paramSetA OBJ_id_tc26_gost_3410_2012_256_constants,1L
+
+#define SN_id_tc26_gost_3410_2012_256_paramSetB "id-tc26-gost-3410-2012-256-paramSetB"
+#define LN_id_tc26_gost_3410_2012_256_paramSetB "GOST R 34.10-2012 (256 bit) ParamSet B"
+#define NID_id_tc26_gost_3410_2012_256_paramSetB 1184
+#define OBJ_id_tc26_gost_3410_2012_256_paramSetB OBJ_id_tc26_gost_3410_2012_256_constants,2L
+
+#define SN_id_tc26_gost_3410_2012_256_paramSetC "id-tc26-gost-3410-2012-256-paramSetC"
+#define LN_id_tc26_gost_3410_2012_256_paramSetC "GOST R 34.10-2012 (256 bit) ParamSet C"
+#define NID_id_tc26_gost_3410_2012_256_paramSetC 1185
+#define OBJ_id_tc26_gost_3410_2012_256_paramSetC OBJ_id_tc26_gost_3410_2012_256_constants,3L
+
+#define SN_id_tc26_gost_3410_2012_256_paramSetD "id-tc26-gost-3410-2012-256-paramSetD"
+#define LN_id_tc26_gost_3410_2012_256_paramSetD "GOST R 34.10-2012 (256 bit) ParamSet D"
+#define NID_id_tc26_gost_3410_2012_256_paramSetD 1186
+#define OBJ_id_tc26_gost_3410_2012_256_paramSetD OBJ_id_tc26_gost_3410_2012_256_constants,4L
+
+#define SN_id_tc26_gost_3410_2012_512_constants "id-tc26-gost-3410-2012-512-constants"
+#define NID_id_tc26_gost_3410_2012_512_constants 996
+#define OBJ_id_tc26_gost_3410_2012_512_constants OBJ_id_tc26_sign_constants,2L
+
+#define SN_id_tc26_gost_3410_2012_512_paramSetTest "id-tc26-gost-3410-2012-512-paramSetTest"
+#define LN_id_tc26_gost_3410_2012_512_paramSetTest "GOST R 34.10-2012 (512 bit) testing parameter set"
+#define NID_id_tc26_gost_3410_2012_512_paramSetTest 997
+#define OBJ_id_tc26_gost_3410_2012_512_paramSetTest OBJ_id_tc26_gost_3410_2012_512_constants,0L
+
+#define SN_id_tc26_gost_3410_2012_512_paramSetA "id-tc26-gost-3410-2012-512-paramSetA"
+#define LN_id_tc26_gost_3410_2012_512_paramSetA "GOST R 34.10-2012 (512 bit) ParamSet A"
+#define NID_id_tc26_gost_3410_2012_512_paramSetA 998
+#define OBJ_id_tc26_gost_3410_2012_512_paramSetA OBJ_id_tc26_gost_3410_2012_512_constants,1L
+
+#define SN_id_tc26_gost_3410_2012_512_paramSetB "id-tc26-gost-3410-2012-512-paramSetB"
+#define LN_id_tc26_gost_3410_2012_512_paramSetB "GOST R 34.10-2012 (512 bit) ParamSet B"
+#define NID_id_tc26_gost_3410_2012_512_paramSetB 999
+#define OBJ_id_tc26_gost_3410_2012_512_paramSetB OBJ_id_tc26_gost_3410_2012_512_constants,2L
+
+#define SN_id_tc26_gost_3410_2012_512_paramSetC "id-tc26-gost-3410-2012-512-paramSetC"
+#define LN_id_tc26_gost_3410_2012_512_paramSetC "GOST R 34.10-2012 (512 bit) ParamSet C"
+#define NID_id_tc26_gost_3410_2012_512_paramSetC 1149
+#define OBJ_id_tc26_gost_3410_2012_512_paramSetC OBJ_id_tc26_gost_3410_2012_512_constants,3L
+
+#define SN_id_tc26_digest_constants "id-tc26-digest-constants"
+#define NID_id_tc26_digest_constants 1000
+#define OBJ_id_tc26_digest_constants OBJ_id_tc26_constants,2L
+
+#define SN_id_tc26_cipher_constants "id-tc26-cipher-constants"
+#define NID_id_tc26_cipher_constants 1001
+#define OBJ_id_tc26_cipher_constants OBJ_id_tc26_constants,5L
+
+#define SN_id_tc26_gost_28147_constants "id-tc26-gost-28147-constants"
+#define NID_id_tc26_gost_28147_constants 1002
+#define OBJ_id_tc26_gost_28147_constants OBJ_id_tc26_cipher_constants,1L
+
+#define SN_id_tc26_gost_28147_param_Z "id-tc26-gost-28147-param-Z"
+#define LN_id_tc26_gost_28147_param_Z "GOST 28147-89 TC26 parameter set"
+#define NID_id_tc26_gost_28147_param_Z 1003
+#define OBJ_id_tc26_gost_28147_param_Z OBJ_id_tc26_gost_28147_constants,1L
+
+#define SN_INN "INN"
+#define LN_INN "INN"
+#define NID_INN 1004
+#define OBJ_INN OBJ_member_body,643L,3L,131L,1L,1L
+
+#define SN_OGRN "OGRN"
+#define LN_OGRN "OGRN"
+#define NID_OGRN 1005
+#define OBJ_OGRN OBJ_member_body,643L,100L,1L
+
+#define SN_SNILS "SNILS"
+#define LN_SNILS "SNILS"
+#define NID_SNILS 1006
+#define OBJ_SNILS OBJ_member_body,643L,100L,3L
+
+#define SN_subjectSignTool "subjectSignTool"
+#define LN_subjectSignTool "Signing Tool of Subject"
+#define NID_subjectSignTool 1007
+#define OBJ_subjectSignTool OBJ_member_body,643L,100L,111L
+
+#define SN_issuerSignTool "issuerSignTool"
+#define LN_issuerSignTool "Signing Tool of Issuer"
+#define NID_issuerSignTool 1008
+#define OBJ_issuerSignTool OBJ_member_body,643L,100L,112L
+
+#define SN_kuznyechik_ecb "kuznyechik-ecb"
+#define NID_kuznyechik_ecb 1012
+
+#define SN_kuznyechik_ctr "kuznyechik-ctr"
+#define NID_kuznyechik_ctr 1013
+
+#define SN_kuznyechik_ofb "kuznyechik-ofb"
+#define NID_kuznyechik_ofb 1014
+
+#define SN_kuznyechik_cbc "kuznyechik-cbc"
+#define NID_kuznyechik_cbc 1015
+
+#define SN_kuznyechik_cfb "kuznyechik-cfb"
+#define NID_kuznyechik_cfb 1016
+
+#define SN_kuznyechik_mac "kuznyechik-mac"
+#define NID_kuznyechik_mac 1017
+
+#define SN_magma_ecb "magma-ecb"
+#define NID_magma_ecb 1187
+
+#define SN_magma_ctr "magma-ctr"
+#define NID_magma_ctr 1188
+
+#define SN_magma_ofb "magma-ofb"
+#define NID_magma_ofb 1189
+
+#define SN_magma_cbc "magma-cbc"
+#define NID_magma_cbc 1190
+
+#define SN_magma_cfb "magma-cfb"
+#define NID_magma_cfb 1191
+
+#define SN_magma_mac "magma-mac"
+#define NID_magma_mac 1192
+
+#define SN_camellia_128_cbc "CAMELLIA-128-CBC"
+#define LN_camellia_128_cbc "camellia-128-cbc"
+#define NID_camellia_128_cbc 751
+#define OBJ_camellia_128_cbc 1L,2L,392L,200011L,61L,1L,1L,1L,2L
+
+#define SN_camellia_192_cbc "CAMELLIA-192-CBC"
+#define LN_camellia_192_cbc "camellia-192-cbc"
+#define NID_camellia_192_cbc 752
+#define OBJ_camellia_192_cbc 1L,2L,392L,200011L,61L,1L,1L,1L,3L
+
+#define SN_camellia_256_cbc "CAMELLIA-256-CBC"
+#define LN_camellia_256_cbc "camellia-256-cbc"
+#define NID_camellia_256_cbc 753
+#define OBJ_camellia_256_cbc 1L,2L,392L,200011L,61L,1L,1L,1L,4L
+
+#define SN_id_camellia128_wrap "id-camellia128-wrap"
+#define NID_id_camellia128_wrap 907
+#define OBJ_id_camellia128_wrap 1L,2L,392L,200011L,61L,1L,1L,3L,2L
+
+#define SN_id_camellia192_wrap "id-camellia192-wrap"
+#define NID_id_camellia192_wrap 908
+#define OBJ_id_camellia192_wrap 1L,2L,392L,200011L,61L,1L,1L,3L,3L
+
+#define SN_id_camellia256_wrap "id-camellia256-wrap"
+#define NID_id_camellia256_wrap 909
+#define OBJ_id_camellia256_wrap 1L,2L,392L,200011L,61L,1L,1L,3L,4L
+
+#define OBJ_ntt_ds 0L,3L,4401L,5L
+
+#define OBJ_camellia OBJ_ntt_ds,3L,1L,9L
+
+#define SN_camellia_128_ecb "CAMELLIA-128-ECB"
+#define LN_camellia_128_ecb "camellia-128-ecb"
+#define NID_camellia_128_ecb 754
+#define OBJ_camellia_128_ecb OBJ_camellia,1L
+
+#define SN_camellia_128_ofb128 "CAMELLIA-128-OFB"
+#define LN_camellia_128_ofb128 "camellia-128-ofb"
+#define NID_camellia_128_ofb128 766
+#define OBJ_camellia_128_ofb128 OBJ_camellia,3L
+
+#define SN_camellia_128_cfb128 "CAMELLIA-128-CFB"
+#define LN_camellia_128_cfb128 "camellia-128-cfb"
+#define NID_camellia_128_cfb128 757
+#define OBJ_camellia_128_cfb128 OBJ_camellia,4L
+
+#define SN_camellia_128_gcm "CAMELLIA-128-GCM"
+#define LN_camellia_128_gcm "camellia-128-gcm"
+#define NID_camellia_128_gcm 961
+#define OBJ_camellia_128_gcm OBJ_camellia,6L
+
+#define SN_camellia_128_ccm "CAMELLIA-128-CCM"
+#define LN_camellia_128_ccm "camellia-128-ccm"
+#define NID_camellia_128_ccm 962
+#define OBJ_camellia_128_ccm OBJ_camellia,7L
+
+#define SN_camellia_128_ctr "CAMELLIA-128-CTR"
+#define LN_camellia_128_ctr "camellia-128-ctr"
+#define NID_camellia_128_ctr 963
+#define OBJ_camellia_128_ctr OBJ_camellia,9L
+
+#define SN_camellia_128_cmac "CAMELLIA-128-CMAC"
+#define LN_camellia_128_cmac "camellia-128-cmac"
+#define NID_camellia_128_cmac 964
+#define OBJ_camellia_128_cmac OBJ_camellia,10L
+
+#define SN_camellia_192_ecb "CAMELLIA-192-ECB"
+#define LN_camellia_192_ecb "camellia-192-ecb"
+#define NID_camellia_192_ecb 755
+#define OBJ_camellia_192_ecb OBJ_camellia,21L
+
+#define SN_camellia_192_ofb128 "CAMELLIA-192-OFB"
+#define LN_camellia_192_ofb128 "camellia-192-ofb"
+#define NID_camellia_192_ofb128 767
+#define OBJ_camellia_192_ofb128 OBJ_camellia,23L
+
+#define SN_camellia_192_cfb128 "CAMELLIA-192-CFB"
+#define LN_camellia_192_cfb128 "camellia-192-cfb"
+#define NID_camellia_192_cfb128 758
+#define OBJ_camellia_192_cfb128 OBJ_camellia,24L
+
+#define SN_camellia_192_gcm "CAMELLIA-192-GCM"
+#define LN_camellia_192_gcm "camellia-192-gcm"
+#define NID_camellia_192_gcm 965
+#define OBJ_camellia_192_gcm OBJ_camellia,26L
+
+#define SN_camellia_192_ccm "CAMELLIA-192-CCM"
+#define LN_camellia_192_ccm "camellia-192-ccm"
+#define NID_camellia_192_ccm 966
+#define OBJ_camellia_192_ccm OBJ_camellia,27L
+
+#define SN_camellia_192_ctr "CAMELLIA-192-CTR"
+#define LN_camellia_192_ctr "camellia-192-ctr"
+#define NID_camellia_192_ctr 967
+#define OBJ_camellia_192_ctr OBJ_camellia,29L
+
+#define SN_camellia_192_cmac "CAMELLIA-192-CMAC"
+#define LN_camellia_192_cmac "camellia-192-cmac"
+#define NID_camellia_192_cmac 968
+#define OBJ_camellia_192_cmac OBJ_camellia,30L
+
+#define SN_camellia_256_ecb "CAMELLIA-256-ECB"
+#define LN_camellia_256_ecb "camellia-256-ecb"
+#define NID_camellia_256_ecb 756
+#define OBJ_camellia_256_ecb OBJ_camellia,41L
+
+#define SN_camellia_256_ofb128 "CAMELLIA-256-OFB"
+#define LN_camellia_256_ofb128 "camellia-256-ofb"
+#define NID_camellia_256_ofb128 768
+#define OBJ_camellia_256_ofb128 OBJ_camellia,43L
+
+#define SN_camellia_256_cfb128 "CAMELLIA-256-CFB"
+#define LN_camellia_256_cfb128 "camellia-256-cfb"
+#define NID_camellia_256_cfb128 759
+#define OBJ_camellia_256_cfb128 OBJ_camellia,44L
+
+#define SN_camellia_256_gcm "CAMELLIA-256-GCM"
+#define LN_camellia_256_gcm "camellia-256-gcm"
+#define NID_camellia_256_gcm 969
+#define OBJ_camellia_256_gcm OBJ_camellia,46L
+
+#define SN_camellia_256_ccm "CAMELLIA-256-CCM"
+#define LN_camellia_256_ccm "camellia-256-ccm"
+#define NID_camellia_256_ccm 970
+#define OBJ_camellia_256_ccm OBJ_camellia,47L
+
+#define SN_camellia_256_ctr "CAMELLIA-256-CTR"
+#define LN_camellia_256_ctr "camellia-256-ctr"
+#define NID_camellia_256_ctr 971
+#define OBJ_camellia_256_ctr OBJ_camellia,49L
+
+#define SN_camellia_256_cmac "CAMELLIA-256-CMAC"
+#define LN_camellia_256_cmac "camellia-256-cmac"
+#define NID_camellia_256_cmac 972
+#define OBJ_camellia_256_cmac OBJ_camellia,50L
+
+#define SN_camellia_128_cfb1 "CAMELLIA-128-CFB1"
+#define LN_camellia_128_cfb1 "camellia-128-cfb1"
+#define NID_camellia_128_cfb1 760
+
+#define SN_camellia_192_cfb1 "CAMELLIA-192-CFB1"
+#define LN_camellia_192_cfb1 "camellia-192-cfb1"
+#define NID_camellia_192_cfb1 761
+
+#define SN_camellia_256_cfb1 "CAMELLIA-256-CFB1"
+#define LN_camellia_256_cfb1 "camellia-256-cfb1"
+#define NID_camellia_256_cfb1 762
+
+#define SN_camellia_128_cfb8 "CAMELLIA-128-CFB8"
+#define LN_camellia_128_cfb8 "camellia-128-cfb8"
+#define NID_camellia_128_cfb8 763
+
+#define SN_camellia_192_cfb8 "CAMELLIA-192-CFB8"
+#define LN_camellia_192_cfb8 "camellia-192-cfb8"
+#define NID_camellia_192_cfb8 764
+
+#define SN_camellia_256_cfb8 "CAMELLIA-256-CFB8"
+#define LN_camellia_256_cfb8 "camellia-256-cfb8"
+#define NID_camellia_256_cfb8 765
+
+#define OBJ_aria 1L,2L,410L,200046L,1L,1L
+
+#define SN_aria_128_ecb "ARIA-128-ECB"
+#define LN_aria_128_ecb "aria-128-ecb"
+#define NID_aria_128_ecb 1065
+#define OBJ_aria_128_ecb OBJ_aria,1L
+
+#define SN_aria_128_cbc "ARIA-128-CBC"
+#define LN_aria_128_cbc "aria-128-cbc"
+#define NID_aria_128_cbc 1066
+#define OBJ_aria_128_cbc OBJ_aria,2L
+
+#define SN_aria_128_cfb128 "ARIA-128-CFB"
+#define LN_aria_128_cfb128 "aria-128-cfb"
+#define NID_aria_128_cfb128 1067
+#define OBJ_aria_128_cfb128 OBJ_aria,3L
+
+#define SN_aria_128_ofb128 "ARIA-128-OFB"
+#define LN_aria_128_ofb128 "aria-128-ofb"
+#define NID_aria_128_ofb128 1068
+#define OBJ_aria_128_ofb128 OBJ_aria,4L
+
+#define SN_aria_128_ctr "ARIA-128-CTR"
+#define LN_aria_128_ctr "aria-128-ctr"
+#define NID_aria_128_ctr 1069
+#define OBJ_aria_128_ctr OBJ_aria,5L
+
+#define SN_aria_192_ecb "ARIA-192-ECB"
+#define LN_aria_192_ecb "aria-192-ecb"
+#define NID_aria_192_ecb 1070
+#define OBJ_aria_192_ecb OBJ_aria,6L
+
+#define SN_aria_192_cbc "ARIA-192-CBC"
+#define LN_aria_192_cbc "aria-192-cbc"
+#define NID_aria_192_cbc 1071
+#define OBJ_aria_192_cbc OBJ_aria,7L
+
+#define SN_aria_192_cfb128 "ARIA-192-CFB"
+#define LN_aria_192_cfb128 "aria-192-cfb"
+#define NID_aria_192_cfb128 1072
+#define OBJ_aria_192_cfb128 OBJ_aria,8L
+
+#define SN_aria_192_ofb128 "ARIA-192-OFB"
+#define LN_aria_192_ofb128 "aria-192-ofb"
+#define NID_aria_192_ofb128 1073
+#define OBJ_aria_192_ofb128 OBJ_aria,9L
+
+#define SN_aria_192_ctr "ARIA-192-CTR"
+#define LN_aria_192_ctr "aria-192-ctr"
+#define NID_aria_192_ctr 1074
+#define OBJ_aria_192_ctr OBJ_aria,10L
+
+#define SN_aria_256_ecb "ARIA-256-ECB"
+#define LN_aria_256_ecb "aria-256-ecb"
+#define NID_aria_256_ecb 1075
+#define OBJ_aria_256_ecb OBJ_aria,11L
+
+#define SN_aria_256_cbc "ARIA-256-CBC"
+#define LN_aria_256_cbc "aria-256-cbc"
+#define NID_aria_256_cbc 1076
+#define OBJ_aria_256_cbc OBJ_aria,12L
+
+#define SN_aria_256_cfb128 "ARIA-256-CFB"
+#define LN_aria_256_cfb128 "aria-256-cfb"
+#define NID_aria_256_cfb128 1077
+#define OBJ_aria_256_cfb128 OBJ_aria,13L
+
+#define SN_aria_256_ofb128 "ARIA-256-OFB"
+#define LN_aria_256_ofb128 "aria-256-ofb"
+#define NID_aria_256_ofb128 1078
+#define OBJ_aria_256_ofb128 OBJ_aria,14L
+
+#define SN_aria_256_ctr "ARIA-256-CTR"
+#define LN_aria_256_ctr "aria-256-ctr"
+#define NID_aria_256_ctr 1079
+#define OBJ_aria_256_ctr OBJ_aria,15L
+
+#define SN_aria_128_cfb1 "ARIA-128-CFB1"
+#define LN_aria_128_cfb1 "aria-128-cfb1"
+#define NID_aria_128_cfb1 1080
+
+#define SN_aria_192_cfb1 "ARIA-192-CFB1"
+#define LN_aria_192_cfb1 "aria-192-cfb1"
+#define NID_aria_192_cfb1 1081
+
+#define SN_aria_256_cfb1 "ARIA-256-CFB1"
+#define LN_aria_256_cfb1 "aria-256-cfb1"
+#define NID_aria_256_cfb1 1082
+
+#define SN_aria_128_cfb8 "ARIA-128-CFB8"
+#define LN_aria_128_cfb8 "aria-128-cfb8"
+#define NID_aria_128_cfb8 1083
+
+#define SN_aria_192_cfb8 "ARIA-192-CFB8"
+#define LN_aria_192_cfb8 "aria-192-cfb8"
+#define NID_aria_192_cfb8 1084
+
+#define SN_aria_256_cfb8 "ARIA-256-CFB8"
+#define LN_aria_256_cfb8 "aria-256-cfb8"
+#define NID_aria_256_cfb8 1085
+
+#define SN_aria_128_ccm "ARIA-128-CCM"
+#define LN_aria_128_ccm "aria-128-ccm"
+#define NID_aria_128_ccm 1120
+#define OBJ_aria_128_ccm OBJ_aria,37L
+
+#define SN_aria_192_ccm "ARIA-192-CCM"
+#define LN_aria_192_ccm "aria-192-ccm"
+#define NID_aria_192_ccm 1121
+#define OBJ_aria_192_ccm OBJ_aria,38L
+
+#define SN_aria_256_ccm "ARIA-256-CCM"
+#define LN_aria_256_ccm "aria-256-ccm"
+#define NID_aria_256_ccm 1122
+#define OBJ_aria_256_ccm OBJ_aria,39L
+
+#define SN_aria_128_gcm "ARIA-128-GCM"
+#define LN_aria_128_gcm "aria-128-gcm"
+#define NID_aria_128_gcm 1123
+#define OBJ_aria_128_gcm OBJ_aria,34L
+
+#define SN_aria_192_gcm "ARIA-192-GCM"
+#define LN_aria_192_gcm "aria-192-gcm"
+#define NID_aria_192_gcm 1124
+#define OBJ_aria_192_gcm OBJ_aria,35L
+
+#define SN_aria_256_gcm "ARIA-256-GCM"
+#define LN_aria_256_gcm "aria-256-gcm"
+#define NID_aria_256_gcm 1125
+#define OBJ_aria_256_gcm OBJ_aria,36L
+
+#define SN_kisa "KISA"
+#define LN_kisa "kisa"
+#define NID_kisa 773
+#define OBJ_kisa OBJ_member_body,410L,200004L
+
+#define SN_seed_ecb "SEED-ECB"
+#define LN_seed_ecb "seed-ecb"
+#define NID_seed_ecb 776
+#define OBJ_seed_ecb OBJ_kisa,1L,3L
+
+#define SN_seed_cbc "SEED-CBC"
+#define LN_seed_cbc "seed-cbc"
+#define NID_seed_cbc 777
+#define OBJ_seed_cbc OBJ_kisa,1L,4L
+
+#define SN_seed_cfb128 "SEED-CFB"
+#define LN_seed_cfb128 "seed-cfb"
+#define NID_seed_cfb128 779
+#define OBJ_seed_cfb128 OBJ_kisa,1L,5L
+
+#define SN_seed_ofb128 "SEED-OFB"
+#define LN_seed_ofb128 "seed-ofb"
+#define NID_seed_ofb128 778
+#define OBJ_seed_ofb128 OBJ_kisa,1L,6L
+
+#define SN_sm4_ecb "SM4-ECB"
+#define LN_sm4_ecb "sm4-ecb"
+#define NID_sm4_ecb 1133
+#define OBJ_sm4_ecb OBJ_sm_scheme,104L,1L
+
+#define SN_sm4_cbc "SM4-CBC"
+#define LN_sm4_cbc "sm4-cbc"
+#define NID_sm4_cbc 1134
+#define OBJ_sm4_cbc OBJ_sm_scheme,104L,2L
+
+#define SN_sm4_ofb128 "SM4-OFB"
+#define LN_sm4_ofb128 "sm4-ofb"
+#define NID_sm4_ofb128 1135
+#define OBJ_sm4_ofb128 OBJ_sm_scheme,104L,3L
+
+#define SN_sm4_cfb128 "SM4-CFB"
+#define LN_sm4_cfb128 "sm4-cfb"
+#define NID_sm4_cfb128 1137
+#define OBJ_sm4_cfb128 OBJ_sm_scheme,104L,4L
+
+#define SN_sm4_cfb1 "SM4-CFB1"
+#define LN_sm4_cfb1 "sm4-cfb1"
+#define NID_sm4_cfb1 1136
+#define OBJ_sm4_cfb1 OBJ_sm_scheme,104L,5L
+
+#define SN_sm4_cfb8 "SM4-CFB8"
+#define LN_sm4_cfb8 "sm4-cfb8"
+#define NID_sm4_cfb8 1138
+#define OBJ_sm4_cfb8 OBJ_sm_scheme,104L,6L
+
+#define SN_sm4_ctr "SM4-CTR"
+#define LN_sm4_ctr "sm4-ctr"
+#define NID_sm4_ctr 1139
+#define OBJ_sm4_ctr OBJ_sm_scheme,104L,7L
+
+#define SN_hmac "HMAC"
+#define LN_hmac "hmac"
+#define NID_hmac 855
+
+#define SN_cmac "CMAC"
+#define LN_cmac "cmac"
+#define NID_cmac 894
+
+#define SN_rc4_hmac_md5 "RC4-HMAC-MD5"
+#define LN_rc4_hmac_md5 "rc4-hmac-md5"
+#define NID_rc4_hmac_md5 915
+
+#define SN_aes_128_cbc_hmac_sha1 "AES-128-CBC-HMAC-SHA1"
+#define LN_aes_128_cbc_hmac_sha1 "aes-128-cbc-hmac-sha1"
+#define NID_aes_128_cbc_hmac_sha1 916
+
+#define SN_aes_192_cbc_hmac_sha1 "AES-192-CBC-HMAC-SHA1"
+#define LN_aes_192_cbc_hmac_sha1 "aes-192-cbc-hmac-sha1"
+#define NID_aes_192_cbc_hmac_sha1 917
+
+#define SN_aes_256_cbc_hmac_sha1 "AES-256-CBC-HMAC-SHA1"
+#define LN_aes_256_cbc_hmac_sha1 "aes-256-cbc-hmac-sha1"
+#define NID_aes_256_cbc_hmac_sha1 918
+
+#define SN_aes_128_cbc_hmac_sha256 "AES-128-CBC-HMAC-SHA256"
+#define LN_aes_128_cbc_hmac_sha256 "aes-128-cbc-hmac-sha256"
+#define NID_aes_128_cbc_hmac_sha256 948
+
+#define SN_aes_192_cbc_hmac_sha256 "AES-192-CBC-HMAC-SHA256"
+#define LN_aes_192_cbc_hmac_sha256 "aes-192-cbc-hmac-sha256"
+#define NID_aes_192_cbc_hmac_sha256 949
+
+#define SN_aes_256_cbc_hmac_sha256 "AES-256-CBC-HMAC-SHA256"
+#define LN_aes_256_cbc_hmac_sha256 "aes-256-cbc-hmac-sha256"
+#define NID_aes_256_cbc_hmac_sha256 950
+
+#define SN_chacha20_poly1305 "ChaCha20-Poly1305"
+#define LN_chacha20_poly1305 "chacha20-poly1305"
+#define NID_chacha20_poly1305 1018
+
+#define SN_chacha20 "ChaCha20"
+#define LN_chacha20 "chacha20"
+#define NID_chacha20 1019
+
+#define SN_dhpublicnumber "dhpublicnumber"
+#define LN_dhpublicnumber "X9.42 DH"
+#define NID_dhpublicnumber 920
+#define OBJ_dhpublicnumber OBJ_ISO_US,10046L,2L,1L
+
+#define SN_brainpoolP160r1 "brainpoolP160r1"
+#define NID_brainpoolP160r1 921
+#define OBJ_brainpoolP160r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,1L
+
+#define SN_brainpoolP160t1 "brainpoolP160t1"
+#define NID_brainpoolP160t1 922
+#define OBJ_brainpoolP160t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,2L
+
+#define SN_brainpoolP192r1 "brainpoolP192r1"
+#define NID_brainpoolP192r1 923
+#define OBJ_brainpoolP192r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,3L
+
+#define SN_brainpoolP192t1 "brainpoolP192t1"
+#define NID_brainpoolP192t1 924
+#define OBJ_brainpoolP192t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,4L
+
+#define SN_brainpoolP224r1 "brainpoolP224r1"
+#define NID_brainpoolP224r1 925
+#define OBJ_brainpoolP224r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,5L
+
+#define SN_brainpoolP224t1 "brainpoolP224t1"
+#define NID_brainpoolP224t1 926
+#define OBJ_brainpoolP224t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,6L
+
+#define SN_brainpoolP256r1 "brainpoolP256r1"
+#define NID_brainpoolP256r1 927
+#define OBJ_brainpoolP256r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,7L
+
+#define SN_brainpoolP256t1 "brainpoolP256t1"
+#define NID_brainpoolP256t1 928
+#define OBJ_brainpoolP256t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,8L
+
+#define SN_brainpoolP320r1 "brainpoolP320r1"
+#define NID_brainpoolP320r1 929
+#define OBJ_brainpoolP320r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,9L
+
+#define SN_brainpoolP320t1 "brainpoolP320t1"
+#define NID_brainpoolP320t1 930
+#define OBJ_brainpoolP320t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,10L
+
+#define SN_brainpoolP384r1 "brainpoolP384r1"
+#define NID_brainpoolP384r1 931
+#define OBJ_brainpoolP384r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,11L
+
+#define SN_brainpoolP384t1 "brainpoolP384t1"
+#define NID_brainpoolP384t1 932
+#define OBJ_brainpoolP384t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,12L
+
+#define SN_brainpoolP512r1 "brainpoolP512r1"
+#define NID_brainpoolP512r1 933
+#define OBJ_brainpoolP512r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,13L
+
+#define SN_brainpoolP512t1 "brainpoolP512t1"
+#define NID_brainpoolP512t1 934
+#define OBJ_brainpoolP512t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,14L
+
+#define OBJ_x9_63_scheme 1L,3L,133L,16L,840L,63L,0L
+
+#define OBJ_secg_scheme OBJ_certicom_arc,1L
+
+#define SN_dhSinglePass_stdDH_sha1kdf_scheme "dhSinglePass-stdDH-sha1kdf-scheme"
+#define NID_dhSinglePass_stdDH_sha1kdf_scheme 936
+#define OBJ_dhSinglePass_stdDH_sha1kdf_scheme OBJ_x9_63_scheme,2L
+
+#define SN_dhSinglePass_stdDH_sha224kdf_scheme "dhSinglePass-stdDH-sha224kdf-scheme"
+#define NID_dhSinglePass_stdDH_sha224kdf_scheme 937
+#define OBJ_dhSinglePass_stdDH_sha224kdf_scheme OBJ_secg_scheme,11L,0L
+
+#define SN_dhSinglePass_stdDH_sha256kdf_scheme "dhSinglePass-stdDH-sha256kdf-scheme"
+#define NID_dhSinglePass_stdDH_sha256kdf_scheme 938
+#define OBJ_dhSinglePass_stdDH_sha256kdf_scheme OBJ_secg_scheme,11L,1L
+
+#define SN_dhSinglePass_stdDH_sha384kdf_scheme "dhSinglePass-stdDH-sha384kdf-scheme"
+#define NID_dhSinglePass_stdDH_sha384kdf_scheme 939
+#define OBJ_dhSinglePass_stdDH_sha384kdf_scheme OBJ_secg_scheme,11L,2L
+
+#define SN_dhSinglePass_stdDH_sha512kdf_scheme "dhSinglePass-stdDH-sha512kdf-scheme"
+#define NID_dhSinglePass_stdDH_sha512kdf_scheme 940
+#define OBJ_dhSinglePass_stdDH_sha512kdf_scheme OBJ_secg_scheme,11L,3L
+
+#define SN_dhSinglePass_cofactorDH_sha1kdf_scheme "dhSinglePass-cofactorDH-sha1kdf-scheme"
+#define NID_dhSinglePass_cofactorDH_sha1kdf_scheme 941
+#define OBJ_dhSinglePass_cofactorDH_sha1kdf_scheme OBJ_x9_63_scheme,3L
+
+#define SN_dhSinglePass_cofactorDH_sha224kdf_scheme "dhSinglePass-cofactorDH-sha224kdf-scheme"
+#define NID_dhSinglePass_cofactorDH_sha224kdf_scheme 942
+#define OBJ_dhSinglePass_cofactorDH_sha224kdf_scheme OBJ_secg_scheme,14L,0L
+
+#define SN_dhSinglePass_cofactorDH_sha256kdf_scheme "dhSinglePass-cofactorDH-sha256kdf-scheme"
+#define NID_dhSinglePass_cofactorDH_sha256kdf_scheme 943
+#define OBJ_dhSinglePass_cofactorDH_sha256kdf_scheme OBJ_secg_scheme,14L,1L
+
+#define SN_dhSinglePass_cofactorDH_sha384kdf_scheme "dhSinglePass-cofactorDH-sha384kdf-scheme"
+#define NID_dhSinglePass_cofactorDH_sha384kdf_scheme 944
+#define OBJ_dhSinglePass_cofactorDH_sha384kdf_scheme OBJ_secg_scheme,14L,2L
+
+#define SN_dhSinglePass_cofactorDH_sha512kdf_scheme "dhSinglePass-cofactorDH-sha512kdf-scheme"
+#define NID_dhSinglePass_cofactorDH_sha512kdf_scheme 945
+#define OBJ_dhSinglePass_cofactorDH_sha512kdf_scheme OBJ_secg_scheme,14L,3L
+
+#define SN_dh_std_kdf "dh-std-kdf"
+#define NID_dh_std_kdf 946
+
+#define SN_dh_cofactor_kdf "dh-cofactor-kdf"
+#define NID_dh_cofactor_kdf 947
+
+#define SN_ct_precert_scts "ct_precert_scts"
+#define LN_ct_precert_scts "CT Precertificate SCTs"
+#define NID_ct_precert_scts 951
+#define OBJ_ct_precert_scts 1L,3L,6L,1L,4L,1L,11129L,2L,4L,2L
+
+#define SN_ct_precert_poison "ct_precert_poison"
+#define LN_ct_precert_poison "CT Precertificate Poison"
+#define NID_ct_precert_poison 952
+#define OBJ_ct_precert_poison 1L,3L,6L,1L,4L,1L,11129L,2L,4L,3L
+
+#define SN_ct_precert_signer "ct_precert_signer"
+#define LN_ct_precert_signer "CT Precertificate Signer"
+#define NID_ct_precert_signer 953
+#define OBJ_ct_precert_signer 1L,3L,6L,1L,4L,1L,11129L,2L,4L,4L
+
+#define SN_ct_cert_scts "ct_cert_scts"
+#define LN_ct_cert_scts "CT Certificate SCTs"
+#define NID_ct_cert_scts 954
+#define OBJ_ct_cert_scts 1L,3L,6L,1L,4L,1L,11129L,2L,4L,5L
+
+#define SN_jurisdictionLocalityName "jurisdictionL"
+#define LN_jurisdictionLocalityName "jurisdictionLocalityName"
+#define NID_jurisdictionLocalityName 955
+#define OBJ_jurisdictionLocalityName 1L,3L,6L,1L,4L,1L,311L,60L,2L,1L,1L
+
+#define SN_jurisdictionStateOrProvinceName "jurisdictionST"
+#define LN_jurisdictionStateOrProvinceName "jurisdictionStateOrProvinceName"
+#define NID_jurisdictionStateOrProvinceName 956
+#define OBJ_jurisdictionStateOrProvinceName 1L,3L,6L,1L,4L,1L,311L,60L,2L,1L,2L
+
+#define SN_jurisdictionCountryName "jurisdictionC"
+#define LN_jurisdictionCountryName "jurisdictionCountryName"
+#define NID_jurisdictionCountryName 957
+#define OBJ_jurisdictionCountryName 1L,3L,6L,1L,4L,1L,311L,60L,2L,1L,3L
+
+#define SN_id_scrypt "id-scrypt"
+#define LN_id_scrypt "scrypt"
+#define NID_id_scrypt 973
+#define OBJ_id_scrypt 1L,3L,6L,1L,4L,1L,11591L,4L,11L
+
+#define SN_tls1_prf "TLS1-PRF"
+#define LN_tls1_prf "tls1-prf"
+#define NID_tls1_prf 1021
+
+#define SN_hkdf "HKDF"
+#define LN_hkdf "hkdf"
+#define NID_hkdf 1036
+
+#define SN_sshkdf "SSHKDF"
+#define LN_sshkdf "sshkdf"
+#define NID_sshkdf 1203
+
+#define SN_sskdf "SSKDF"
+#define LN_sskdf "sskdf"
+#define NID_sskdf 1205
+
+#define SN_x942kdf "X942KDF"
+#define LN_x942kdf "x942kdf"
+#define NID_x942kdf 1207
+
+#define SN_x963kdf "X963KDF"
+#define LN_x963kdf "x963kdf"
+#define NID_x963kdf 1206
+
+#define SN_id_pkinit "id-pkinit"
+#define NID_id_pkinit 1031
+#define OBJ_id_pkinit 1L,3L,6L,1L,5L,2L,3L
+
+#define SN_pkInitClientAuth "pkInitClientAuth"
+#define LN_pkInitClientAuth "PKINIT Client Auth"
+#define NID_pkInitClientAuth 1032
+#define OBJ_pkInitClientAuth OBJ_id_pkinit,4L
+
+#define SN_pkInitKDC "pkInitKDC"
+#define LN_pkInitKDC "Signing KDC Response"
+#define NID_pkInitKDC 1033
+#define OBJ_pkInitKDC OBJ_id_pkinit,5L
+
+#define SN_X25519 "X25519"
+#define NID_X25519 1034
+#define OBJ_X25519 1L,3L,101L,110L
+
+#define SN_X448 "X448"
+#define NID_X448 1035
+#define OBJ_X448 1L,3L,101L,111L
+
+#define SN_ED25519 "ED25519"
+#define NID_ED25519 1087
+#define OBJ_ED25519 1L,3L,101L,112L
+
+#define SN_ED448 "ED448"
+#define NID_ED448 1088
+#define OBJ_ED448 1L,3L,101L,113L
+
+#define SN_kx_rsa "KxRSA"
+#define LN_kx_rsa "kx-rsa"
+#define NID_kx_rsa 1037
+
+#define SN_kx_ecdhe "KxECDHE"
+#define LN_kx_ecdhe "kx-ecdhe"
+#define NID_kx_ecdhe 1038
+
+#define SN_kx_dhe "KxDHE"
+#define LN_kx_dhe "kx-dhe"
+#define NID_kx_dhe 1039
+
+#define SN_kx_ecdhe_psk "KxECDHE-PSK"
+#define LN_kx_ecdhe_psk "kx-ecdhe-psk"
+#define NID_kx_ecdhe_psk 1040
+
+#define SN_kx_dhe_psk "KxDHE-PSK"
+#define LN_kx_dhe_psk "kx-dhe-psk"
+#define NID_kx_dhe_psk 1041
+
+#define SN_kx_rsa_psk "KxRSA_PSK"
+#define LN_kx_rsa_psk "kx-rsa-psk"
+#define NID_kx_rsa_psk 1042
+
+#define SN_kx_psk "KxPSK"
+#define LN_kx_psk "kx-psk"
+#define NID_kx_psk 1043
+
+#define SN_kx_srp "KxSRP"
+#define LN_kx_srp "kx-srp"
+#define NID_kx_srp 1044
+
+#define SN_kx_gost "KxGOST"
+#define LN_kx_gost "kx-gost"
+#define NID_kx_gost 1045
+
+#define SN_kx_gost18 "KxGOST18"
+#define LN_kx_gost18 "kx-gost18"
+#define NID_kx_gost18 1218
+
+#define SN_kx_any "KxANY"
+#define LN_kx_any "kx-any"
+#define NID_kx_any 1063
+
+#define SN_auth_rsa "AuthRSA"
+#define LN_auth_rsa "auth-rsa"
+#define NID_auth_rsa 1046
+
+#define SN_auth_ecdsa "AuthECDSA"
+#define LN_auth_ecdsa "auth-ecdsa"
+#define NID_auth_ecdsa 1047
+
+#define SN_auth_psk "AuthPSK"
+#define LN_auth_psk "auth-psk"
+#define NID_auth_psk 1048
+
+#define SN_auth_dss "AuthDSS"
+#define LN_auth_dss "auth-dss"
+#define NID_auth_dss 1049
+
+#define SN_auth_gost01 "AuthGOST01"
+#define LN_auth_gost01 "auth-gost01"
+#define NID_auth_gost01 1050
+
+#define SN_auth_gost12 "AuthGOST12"
+#define LN_auth_gost12 "auth-gost12"
+#define NID_auth_gost12 1051
+
+#define SN_auth_srp "AuthSRP"
+#define LN_auth_srp "auth-srp"
+#define NID_auth_srp 1052
+
+#define SN_auth_null "AuthNULL"
+#define LN_auth_null "auth-null"
+#define NID_auth_null 1053
+
+#define SN_auth_any "AuthANY"
+#define LN_auth_any "auth-any"
+#define NID_auth_any 1064
+
+#define SN_poly1305 "Poly1305"
+#define LN_poly1305 "poly1305"
+#define NID_poly1305 1061
+
+#define SN_siphash "SipHash"
+#define LN_siphash "siphash"
+#define NID_siphash 1062
+
+#define SN_ffdhe2048 "ffdhe2048"
+#define NID_ffdhe2048 1126
+
+#define SN_ffdhe3072 "ffdhe3072"
+#define NID_ffdhe3072 1127
+
+#define SN_ffdhe4096 "ffdhe4096"
+#define NID_ffdhe4096 1128
+
+#define SN_ffdhe6144 "ffdhe6144"
+#define NID_ffdhe6144 1129
+
+#define SN_ffdhe8192 "ffdhe8192"
+#define NID_ffdhe8192 1130
+
+#define SN_modp_1536 "modp_1536"
+#define NID_modp_1536 1212
+
+#define SN_modp_2048 "modp_2048"
+#define NID_modp_2048 1213
+
+#define SN_modp_3072 "modp_3072"
+#define NID_modp_3072 1214
+
+#define SN_modp_4096 "modp_4096"
+#define NID_modp_4096 1215
+
+#define SN_modp_6144 "modp_6144"
+#define NID_modp_6144 1216
+
+#define SN_modp_8192 "modp_8192"
+#define NID_modp_8192 1217
+
+#define SN_ISO_UA "ISO-UA"
+#define NID_ISO_UA 1150
+#define OBJ_ISO_UA OBJ_member_body,804L
+
+#define SN_ua_pki "ua-pki"
+#define NID_ua_pki 1151
+#define OBJ_ua_pki OBJ_ISO_UA,2L,1L,1L,1L
+
+#define SN_dstu28147 "dstu28147"
+#define LN_dstu28147 "DSTU Gost 28147-2009"
+#define NID_dstu28147 1152
+#define OBJ_dstu28147 OBJ_ua_pki,1L,1L,1L
+
+#define SN_dstu28147_ofb "dstu28147-ofb"
+#define LN_dstu28147_ofb "DSTU Gost 28147-2009 OFB mode"
+#define NID_dstu28147_ofb 1153
+#define OBJ_dstu28147_ofb OBJ_dstu28147,2L
+
+#define SN_dstu28147_cfb "dstu28147-cfb"
+#define LN_dstu28147_cfb "DSTU Gost 28147-2009 CFB mode"
+#define NID_dstu28147_cfb 1154
+#define OBJ_dstu28147_cfb OBJ_dstu28147,3L
+
+#define SN_dstu28147_wrap "dstu28147-wrap"
+#define LN_dstu28147_wrap "DSTU Gost 28147-2009 key wrap"
+#define NID_dstu28147_wrap 1155
+#define OBJ_dstu28147_wrap OBJ_dstu28147,5L
+
+#define SN_hmacWithDstu34311 "hmacWithDstu34311"
+#define LN_hmacWithDstu34311 "HMAC DSTU Gost 34311-95"
+#define NID_hmacWithDstu34311 1156
+#define OBJ_hmacWithDstu34311 OBJ_ua_pki,1L,1L,2L
+
+#define SN_dstu34311 "dstu34311"
+#define LN_dstu34311 "DSTU Gost 34311-95"
+#define NID_dstu34311 1157
+#define OBJ_dstu34311 OBJ_ua_pki,1L,2L,1L
+
+#define SN_dstu4145le "dstu4145le"
+#define LN_dstu4145le "DSTU 4145-2002 little endian"
+#define NID_dstu4145le 1158
+#define OBJ_dstu4145le OBJ_ua_pki,1L,3L,1L,1L
+
+#define SN_dstu4145be "dstu4145be"
+#define LN_dstu4145be "DSTU 4145-2002 big endian"
+#define NID_dstu4145be 1159
+#define OBJ_dstu4145be OBJ_dstu4145le,1L,1L
+
+#define SN_uacurve0 "uacurve0"
+#define LN_uacurve0 "DSTU curve 0"
+#define NID_uacurve0 1160
+#define OBJ_uacurve0 OBJ_dstu4145le,2L,0L
+
+#define SN_uacurve1 "uacurve1"
+#define LN_uacurve1 "DSTU curve 1"
+#define NID_uacurve1 1161
+#define OBJ_uacurve1 OBJ_dstu4145le,2L,1L
+
+#define SN_uacurve2 "uacurve2"
+#define LN_uacurve2 "DSTU curve 2"
+#define NID_uacurve2 1162
+#define OBJ_uacurve2 OBJ_dstu4145le,2L,2L
+
+#define SN_uacurve3 "uacurve3"
+#define LN_uacurve3 "DSTU curve 3"
+#define NID_uacurve3 1163
+#define OBJ_uacurve3 OBJ_dstu4145le,2L,3L
+
+#define SN_uacurve4 "uacurve4"
+#define LN_uacurve4 "DSTU curve 4"
+#define NID_uacurve4 1164
+#define OBJ_uacurve4 OBJ_dstu4145le,2L,4L
+
+#define SN_uacurve5 "uacurve5"
+#define LN_uacurve5 "DSTU curve 5"
+#define NID_uacurve5 1165
+#define OBJ_uacurve5 OBJ_dstu4145le,2L,5L
+
+#define SN_uacurve6 "uacurve6"
+#define LN_uacurve6 "DSTU curve 6"
+#define NID_uacurve6 1166
+#define OBJ_uacurve6 OBJ_dstu4145le,2L,6L
+
+#define SN_uacurve7 "uacurve7"
+#define LN_uacurve7 "DSTU curve 7"
+#define NID_uacurve7 1167
+#define OBJ_uacurve7 OBJ_dstu4145le,2L,7L
+
+#define SN_uacurve8 "uacurve8"
+#define LN_uacurve8 "DSTU curve 8"
+#define NID_uacurve8 1168
+#define OBJ_uacurve8 OBJ_dstu4145le,2L,8L
+
+#define SN_uacurve9 "uacurve9"
+#define LN_uacurve9 "DSTU curve 9"
+#define NID_uacurve9 1169
+#define OBJ_uacurve9 OBJ_dstu4145le,2L,9L
+
+#define SN_aes_128_siv "AES-128-SIV"
+#define LN_aes_128_siv "aes-128-siv"
+#define NID_aes_128_siv 1198
+
+#define SN_aes_192_siv "AES-192-SIV"
+#define LN_aes_192_siv "aes-192-siv"
+#define NID_aes_192_siv 1199
+
+#define SN_aes_256_siv "AES-256-SIV"
+#define LN_aes_256_siv "aes-256-siv"
+#define NID_aes_256_siv 1200
+
+#ifndef OPENSSL_NO_DEPRECATED_3_0
+
+#define SN_id_tc26_cipher_gostr3412_2015_magma_ctracpkm SN_magma_ctr_acpkm
+#define NID_id_tc26_cipher_gostr3412_2015_magma_ctracpkm NID_magma_ctr_acpkm
+#define OBJ_id_tc26_cipher_gostr3412_2015_magma_ctracpkm OBJ_magma_ctr_acpkm
+
+#define SN_id_tc26_cipher_gostr3412_2015_magma_ctracpkm_omac SN_magma_ctr_acpkm_omac
+#define NID_id_tc26_cipher_gostr3412_2015_magma_ctracpkm_omac NID_magma_ctr_acpkm_omac
+#define OBJ_id_tc26_cipher_gostr3412_2015_magma_ctracpkm_omac OBJ_magma_ctr_acpkm_omac
+
+#define SN_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm SN_kuznyechik_ctr_acpkm
+#define NID_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm NID_kuznyechik_ctr_acpkm
+#define OBJ_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm OBJ_kuznyechik_ctr_acpkm
+
+#define SN_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac SN_kuznyechik_ctr_acpkm_omac
+#define NID_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac NID_kuznyechik_ctr_acpkm_omac
+#define OBJ_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac OBJ_kuznyechik_ctr_acpkm_omac
+
+#define SN_id_tc26_wrap_gostr3412_2015_magma_kexp15 SN_magma_kexp15
+#define NID_id_tc26_wrap_gostr3412_2015_magma_kexp15 NID_magma_kexp15
+#define OBJ_id_tc26_wrap_gostr3412_2015_magma_kexp15 OBJ_magma_kexp15
+
+#define SN_id_tc26_wrap_gostr3412_2015_kuznyechik_kexp15 SN_kuznyechik_kexp15
+#define NID_id_tc26_wrap_gostr3412_2015_kuznyechik_kexp15 NID_kuznyechik_kexp15
+#define OBJ_id_tc26_wrap_gostr3412_2015_kuznyechik_kexp15 OBJ_kuznyechik_kexp15
+
+#define SN_grasshopper_ecb SN_kuznyechik_ecb
+#define NID_grasshopper_ecb NID_kuznyechik_ecb
+
+#define SN_grasshopper_ctr SN_kuznyechik_ctr
+#define NID_grasshopper_ctr NID_kuznyechik_ctr
+
+#define SN_grasshopper_ofb SN_kuznyechik_ofb
+#define NID_grasshopper_ofb NID_kuznyechik_ofb
+
+#define SN_grasshopper_cbc SN_kuznyechik_cbc
+#define NID_grasshopper_cbc NID_kuznyechik_cbc
+
+#define SN_grasshopper_cfb SN_kuznyechik_cfb
+#define NID_grasshopper_cfb NID_kuznyechik_cfb
+
+#define SN_grasshopper_mac SN_kuznyechik_mac
+#define NID_grasshopper_mac NID_kuznyechik_mac
+
+#endif
diff --git a/openssl/include/openssl/objects.h b/openssl/include/openssl/objects.h new file mode 100644 index 00000000..113ce45f --- /dev/null +++ b/openssl/include/openssl/objects.h @@ -0,0 +1,183 @@ +/*
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_OBJECTS_H
+# define OPENSSL_OBJECTS_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_OBJECTS_H
+# endif
+
+# include <openssl/obj_mac.h>
+# include <openssl/bio.h>
+# include <openssl/asn1.h>
+# include <openssl/objectserr.h>
+
+# define OBJ_NAME_TYPE_UNDEF 0x00
+# define OBJ_NAME_TYPE_MD_METH 0x01
+# define OBJ_NAME_TYPE_CIPHER_METH 0x02
+# define OBJ_NAME_TYPE_PKEY_METH 0x03
+# define OBJ_NAME_TYPE_COMP_METH 0x04
+# define OBJ_NAME_TYPE_MAC_METH 0x05
+# define OBJ_NAME_TYPE_KDF_METH 0x06
+# define OBJ_NAME_TYPE_NUM 0x07
+
+# define OBJ_NAME_ALIAS 0x8000
+
+# define OBJ_BSEARCH_VALUE_ON_NOMATCH 0x01
+# define OBJ_BSEARCH_FIRST_VALUE_ON_MATCH 0x02
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct obj_name_st {
+ int type;
+ int alias;
+ const char *name;
+ const char *data;
+} OBJ_NAME;
+
+# define OBJ_create_and_add_object(a,b,c) OBJ_create(a,b,c)
+
+int OBJ_NAME_init(void);
+int OBJ_NAME_new_index(unsigned long (*hash_func) (const char *),
+ int (*cmp_func) (const char *, const char *),
+ void (*free_func) (const char *, int, const char *));
+const char *OBJ_NAME_get(const char *name, int type);
+int OBJ_NAME_add(const char *name, int type, const char *data);
+int OBJ_NAME_remove(const char *name, int type);
+void OBJ_NAME_cleanup(int type); /* -1 for everything */
+void OBJ_NAME_do_all(int type, void (*fn) (const OBJ_NAME *, void *arg),
+ void *arg);
+void OBJ_NAME_do_all_sorted(int type,
+ void (*fn) (const OBJ_NAME *, void *arg),
+ void *arg);
+
+DECLARE_ASN1_DUP_FUNCTION_name(ASN1_OBJECT, OBJ)
+ASN1_OBJECT *OBJ_nid2obj(int n);
+const char *OBJ_nid2ln(int n);
+const char *OBJ_nid2sn(int n);
+int OBJ_obj2nid(const ASN1_OBJECT *o);
+ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name);
+int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
+int OBJ_txt2nid(const char *s);
+int OBJ_ln2nid(const char *s);
+int OBJ_sn2nid(const char *s);
+int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b);
+const void *OBJ_bsearch_(const void *key, const void *base, int num, int size,
+ int (*cmp) (const void *, const void *));
+const void *OBJ_bsearch_ex_(const void *key, const void *base, int num,
+ int size,
+ int (*cmp) (const void *, const void *),
+ int flags);
+
+# define _DECLARE_OBJ_BSEARCH_CMP_FN(scope, type1, type2, nm) \
+ static int nm##_cmp_BSEARCH_CMP_FN(const void *, const void *); \
+ static int nm##_cmp(type1 const *, type2 const *); \
+ scope type2 * OBJ_bsearch_##nm(type1 *key, type2 const *base, int num)
+
+# define DECLARE_OBJ_BSEARCH_CMP_FN(type1, type2, cmp) \
+ _DECLARE_OBJ_BSEARCH_CMP_FN(static, type1, type2, cmp)
+# define DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN(type1, type2, nm) \
+ type2 * OBJ_bsearch_##nm(type1 *key, type2 const *base, int num)
+
+/*-
+ * Unsolved problem: if a type is actually a pointer type, like
+ * nid_triple is, then its impossible to get a const where you need
+ * it. Consider:
+ *
+ * typedef int nid_triple[3];
+ * const void *a_;
+ * const nid_triple const *a = a_;
+ *
+ * The assignment discards a const because what you really want is:
+ *
+ * const int const * const *a = a_;
+ *
+ * But if you do that, you lose the fact that a is an array of 3 ints,
+ * which breaks comparison functions.
+ *
+ * Thus we end up having to cast, sadly, or unpack the
+ * declarations. Or, as I finally did in this case, declare nid_triple
+ * to be a struct, which it should have been in the first place.
+ *
+ * Ben, August 2008.
+ *
+ * Also, strictly speaking not all types need be const, but handling
+ * the non-constness means a lot of complication, and in practice
+ * comparison routines do always not touch their arguments.
+ */
+
+# define IMPLEMENT_OBJ_BSEARCH_CMP_FN(type1, type2, nm) \
+ static int nm##_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_) \
+ { \
+ type1 const *a = a_; \
+ type2 const *b = b_; \
+ return nm##_cmp(a,b); \
+ } \
+ static type2 *OBJ_bsearch_##nm(type1 *key, type2 const *base, int num) \
+ { \
+ return (type2 *)OBJ_bsearch_(key, base, num, sizeof(type2), \
+ nm##_cmp_BSEARCH_CMP_FN); \
+ } \
+ extern void dummy_prototype(void)
+
+# define IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(type1, type2, nm) \
+ static int nm##_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_) \
+ { \
+ type1 const *a = a_; \
+ type2 const *b = b_; \
+ return nm##_cmp(a,b); \
+ } \
+ type2 *OBJ_bsearch_##nm(type1 *key, type2 const *base, int num) \
+ { \
+ return (type2 *)OBJ_bsearch_(key, base, num, sizeof(type2), \
+ nm##_cmp_BSEARCH_CMP_FN); \
+ } \
+ extern void dummy_prototype(void)
+
+# define OBJ_bsearch(type1,key,type2,base,num,cmp) \
+ ((type2 *)OBJ_bsearch_(CHECKED_PTR_OF(type1,key),CHECKED_PTR_OF(type2,base), \
+ num,sizeof(type2), \
+ ((void)CHECKED_PTR_OF(type1,cmp##_type_1), \
+ (void)CHECKED_PTR_OF(type2,cmp##_type_2), \
+ cmp##_BSEARCH_CMP_FN)))
+
+# define OBJ_bsearch_ex(type1,key,type2,base,num,cmp,flags) \
+ ((type2 *)OBJ_bsearch_ex_(CHECKED_PTR_OF(type1,key),CHECKED_PTR_OF(type2,base), \
+ num,sizeof(type2), \
+ ((void)CHECKED_PTR_OF(type1,cmp##_type_1), \
+ (void)type_2=CHECKED_PTR_OF(type2,cmp##_type_2), \
+ cmp##_BSEARCH_CMP_FN)),flags)
+
+int OBJ_new_nid(int num);
+int OBJ_add_object(const ASN1_OBJECT *obj);
+int OBJ_create(const char *oid, const char *sn, const char *ln);
+#ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# define OBJ_cleanup() while(0) continue
+#endif
+int OBJ_create_objects(BIO *in);
+
+size_t OBJ_length(const ASN1_OBJECT *obj);
+const unsigned char *OBJ_get0_data(const ASN1_OBJECT *obj);
+
+int OBJ_find_sigid_algs(int signid, int *pdig_nid, int *ppkey_nid);
+int OBJ_find_sigid_by_algs(int *psignid, int dig_nid, int pkey_nid);
+int OBJ_add_sigid(int signid, int dig_id, int pkey_id);
+void OBJ_sigid_free(void);
+
+
+# ifdef __cplusplus
+}
+# endif
+#endif
diff --git a/openssl/include/openssl/objectserr.h b/openssl/include/openssl/objectserr.h new file mode 100644 index 00000000..6125b0f3 --- /dev/null +++ b/openssl/include/openssl/objectserr.h @@ -0,0 +1,45 @@ +/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_OBJECTSERR_H
+# define OPENSSL_OBJECTSERR_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+
+
+# ifdef __cplusplus
+extern "C"
+# endif
+int ERR_load_OBJ_strings(void);
+
+/*
+ * OBJ function codes.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define OBJ_F_OBJ_ADD_OBJECT 0
+# define OBJ_F_OBJ_ADD_SIGID 0
+# define OBJ_F_OBJ_CREATE 0
+# define OBJ_F_OBJ_DUP 0
+# define OBJ_F_OBJ_NAME_NEW_INDEX 0
+# define OBJ_F_OBJ_NID2LN 0
+# define OBJ_F_OBJ_NID2OBJ 0
+# define OBJ_F_OBJ_NID2SN 0
+# define OBJ_F_OBJ_TXT2OBJ 0
+# endif
+
+/*
+ * OBJ reason codes.
+ */
+# define OBJ_R_OID_EXISTS 102
+# define OBJ_R_UNKNOWN_NID 101
+
+#endif
diff --git a/openssl/include/openssl/ocsp.h b/openssl/include/openssl/ocsp.h new file mode 100644 index 00000000..5c6b8814 --- /dev/null +++ b/openssl/include/openssl/ocsp.h @@ -0,0 +1,376 @@ +/*
+ * Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_OCSP_H
+# define OPENSSL_OCSP_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_OCSP_H
+# endif
+
+# include <openssl/opensslconf.h>
+
+/*
+ * These definitions are outside the OPENSSL_NO_OCSP guard because although for
+ * historical reasons they have OCSP_* names, they can actually be used
+ * independently of OCSP. E.g. see RFC5280
+ */
+/*-
+ * CRLReason ::= ENUMERATED {
+ * unspecified (0),
+ * keyCompromise (1),
+ * cACompromise (2),
+ * affiliationChanged (3),
+ * superseded (4),
+ * cessationOfOperation (5),
+ * certificateHold (6),
+ * -- value 7 is not used
+ * removeFromCRL (8),
+ * privilegeWithdrawn (9),
+ * aACompromise (10) }
+ */
+# define OCSP_REVOKED_STATUS_NOSTATUS -1
+# define OCSP_REVOKED_STATUS_UNSPECIFIED 0
+# define OCSP_REVOKED_STATUS_KEYCOMPROMISE 1
+# define OCSP_REVOKED_STATUS_CACOMPROMISE 2
+# define OCSP_REVOKED_STATUS_AFFILIATIONCHANGED 3
+# define OCSP_REVOKED_STATUS_SUPERSEDED 4
+# define OCSP_REVOKED_STATUS_CESSATIONOFOPERATION 5
+# define OCSP_REVOKED_STATUS_CERTIFICATEHOLD 6
+# define OCSP_REVOKED_STATUS_REMOVEFROMCRL 8
+# define OCSP_REVOKED_STATUS_PRIVILEGEWITHDRAWN 9
+# define OCSP_REVOKED_STATUS_AACOMPROMISE 10
+
+/*
+ * These definitions are outside the OPENSSL_NO_OCSP guard because although for
+ * historical reasons they have OCSP_* names, they are used for the HTTP client.
+ */
+# include <openssl/asn1.h>
+/* The following functions are used only internally */
+OCSP_REQ_CTX *OCSP_REQ_CTX_new(BIO *wbio, BIO *rbio,
+ int method_GET, int maxline,
+ unsigned long max_resp_len, int timeout,
+ const char *expected_content_type,
+ int expect_asn1);
+void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx);
+int OCSP_REQ_CTX_http(OCSP_REQ_CTX *rctx,
+ const char *server, const char *port, const char *path);
+int OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx,
+ const char *name, const char *value);
+int OCSP_REQ_CTX_i2d(OCSP_REQ_CTX *rctx, const char *content_type,
+ const ASN1_ITEM *it, ASN1_VALUE *req);
+int OCSP_REQ_CTX_nbio(OCSP_REQ_CTX *rctx);
+ASN1_VALUE *OCSP_REQ_CTX_nbio_d2i(OCSP_REQ_CTX *rctx, const ASN1_ITEM *it);
+BIO *OCSP_REQ_CTX_get0_mem_bio(OCSP_REQ_CTX *rctx);
+void OCSP_set_max_response_length(OCSP_REQ_CTX *rctx, unsigned long len);
+/* End of functions used only internally */
+
+
+# ifndef OPENSSL_NO_OCSP
+
+# include <openssl/x509.h>
+# include <openssl/x509v3.h>
+# include <openssl/safestack.h>
+# include <openssl/ocsperr.h>
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+/* Various flags and values */
+
+# define OCSP_DEFAULT_NONCE_LENGTH 16
+
+# define OCSP_NOCERTS 0x1
+# define OCSP_NOINTERN 0x2
+# define OCSP_NOSIGS 0x4
+# define OCSP_NOCHAIN 0x8
+# define OCSP_NOVERIFY 0x10
+# define OCSP_NOEXPLICIT 0x20
+# define OCSP_NOCASIGN 0x40
+# define OCSP_NODELEGATED 0x80
+# define OCSP_NOCHECKS 0x100
+# define OCSP_TRUSTOTHER 0x200
+# define OCSP_RESPID_KEY 0x400
+# define OCSP_NOTIME 0x800
+
+typedef struct ocsp_cert_id_st OCSP_CERTID;
+typedef struct ocsp_one_request_st OCSP_ONEREQ;
+typedef struct ocsp_req_info_st OCSP_REQINFO;
+typedef struct ocsp_signature_st OCSP_SIGNATURE;
+typedef struct ocsp_request_st OCSP_REQUEST;
+
+DEFINE_OR_DECLARE_STACK_OF(OCSP_CERTID)
+DEFINE_OR_DECLARE_STACK_OF(OCSP_ONEREQ)
+
+# define OCSP_RESPONSE_STATUS_SUCCESSFUL 0
+# define OCSP_RESPONSE_STATUS_MALFORMEDREQUEST 1
+# define OCSP_RESPONSE_STATUS_INTERNALERROR 2
+# define OCSP_RESPONSE_STATUS_TRYLATER 3
+# define OCSP_RESPONSE_STATUS_SIGREQUIRED 5
+# define OCSP_RESPONSE_STATUS_UNAUTHORIZED 6
+
+typedef struct ocsp_resp_bytes_st OCSP_RESPBYTES;
+
+# define V_OCSP_RESPID_NAME 0
+# define V_OCSP_RESPID_KEY 1
+
+DEFINE_OR_DECLARE_STACK_OF(OCSP_RESPID)
+
+typedef struct ocsp_revoked_info_st OCSP_REVOKEDINFO;
+
+# define V_OCSP_CERTSTATUS_GOOD 0
+# define V_OCSP_CERTSTATUS_REVOKED 1
+# define V_OCSP_CERTSTATUS_UNKNOWN 2
+
+typedef struct ocsp_cert_status_st OCSP_CERTSTATUS;
+typedef struct ocsp_single_response_st OCSP_SINGLERESP;
+
+DEFINE_OR_DECLARE_STACK_OF(OCSP_SINGLERESP)
+
+typedef struct ocsp_response_data_st OCSP_RESPDATA;
+
+typedef struct ocsp_basic_response_st OCSP_BASICRESP;
+
+typedef struct ocsp_crl_id_st OCSP_CRLID;
+typedef struct ocsp_service_locator_st OCSP_SERVICELOC;
+
+# define PEM_STRING_OCSP_REQUEST "OCSP REQUEST"
+# define PEM_STRING_OCSP_RESPONSE "OCSP RESPONSE"
+
+# define d2i_OCSP_REQUEST_bio(bp,p) ASN1_d2i_bio_of(OCSP_REQUEST,OCSP_REQUEST_new,d2i_OCSP_REQUEST,bp,p)
+
+# define d2i_OCSP_RESPONSE_bio(bp,p) ASN1_d2i_bio_of(OCSP_RESPONSE,OCSP_RESPONSE_new,d2i_OCSP_RESPONSE,bp,p)
+
+# define PEM_read_bio_OCSP_REQUEST(bp,x,cb) (OCSP_REQUEST *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_OCSP_REQUEST,PEM_STRING_OCSP_REQUEST, \
+ bp,(char **)(x),cb,NULL)
+
+# define PEM_read_bio_OCSP_RESPONSE(bp,x,cb) (OCSP_RESPONSE *)PEM_ASN1_read_bio(\
+ (char *(*)())d2i_OCSP_RESPONSE,PEM_STRING_OCSP_RESPONSE, \
+ bp,(char **)(x),cb,NULL)
+
+# define PEM_write_bio_OCSP_REQUEST(bp,o) \
+ PEM_ASN1_write_bio((int (*)())i2d_OCSP_REQUEST,PEM_STRING_OCSP_REQUEST,\
+ bp,(char *)(o), NULL,NULL,0,NULL,NULL)
+
+# define PEM_write_bio_OCSP_RESPONSE(bp,o) \
+ PEM_ASN1_write_bio((int (*)())i2d_OCSP_RESPONSE,PEM_STRING_OCSP_RESPONSE,\
+ bp,(char *)(o), NULL,NULL,0,NULL,NULL)
+
+# define i2d_OCSP_RESPONSE_bio(bp,o) ASN1_i2d_bio_of(OCSP_RESPONSE,i2d_OCSP_RESPONSE,bp,o)
+
+# define i2d_OCSP_REQUEST_bio(bp,o) ASN1_i2d_bio_of(OCSP_REQUEST,i2d_OCSP_REQUEST,bp,o)
+
+# define ASN1_BIT_STRING_digest(data,type,md,len) \
+ ASN1_item_digest(ASN1_ITEM_rptr(ASN1_BIT_STRING),type,data,md,len)
+
+# define OCSP_CERTSTATUS_dup(cs)\
+ (OCSP_CERTSTATUS*)ASN1_dup((i2d_of_void *)i2d_OCSP_CERTSTATUS,\
+ (d2i_of_void *)d2i_OCSP_CERTSTATUS,(char *)(cs))
+
+DECLARE_ASN1_DUP_FUNCTION(OCSP_CERTID)
+
+OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, const char *path, OCSP_REQUEST *req);
+OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, const char *path, OCSP_REQUEST *req,
+ int maxline);
+int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx);
+
+/* TODO: remove this (documented but) meanwhile obsolete function? */
+int OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, const OCSP_REQUEST *req);
+
+OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, const X509 *subject,
+ const X509 *issuer);
+
+OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst,
+ const X509_NAME *issuerName,
+ const ASN1_BIT_STRING *issuerKey,
+ const ASN1_INTEGER *serialNumber);
+
+OCSP_ONEREQ *OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid);
+
+int OCSP_request_add1_nonce(OCSP_REQUEST *req, unsigned char *val, int len);
+int OCSP_basic_add1_nonce(OCSP_BASICRESP *resp, unsigned char *val, int len);
+int OCSP_check_nonce(OCSP_REQUEST *req, OCSP_BASICRESP *bs);
+int OCSP_copy_nonce(OCSP_BASICRESP *resp, OCSP_REQUEST *req);
+
+int OCSP_request_set1_name(OCSP_REQUEST *req, const X509_NAME *nm);
+int OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert);
+
+int OCSP_request_sign(OCSP_REQUEST *req,
+ X509 *signer,
+ EVP_PKEY *key,
+ const EVP_MD *dgst,
+ STACK_OF(X509) *certs, unsigned long flags);
+
+int OCSP_response_status(OCSP_RESPONSE *resp);
+OCSP_BASICRESP *OCSP_response_get1_basic(OCSP_RESPONSE *resp);
+
+const ASN1_OCTET_STRING *OCSP_resp_get0_signature(const OCSP_BASICRESP *bs);
+const X509_ALGOR *OCSP_resp_get0_tbs_sigalg(const OCSP_BASICRESP *bs);
+const OCSP_RESPDATA *OCSP_resp_get0_respdata(const OCSP_BASICRESP *bs);
+int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer,
+ STACK_OF(X509) *extra_certs);
+
+int OCSP_resp_count(OCSP_BASICRESP *bs);
+OCSP_SINGLERESP *OCSP_resp_get0(OCSP_BASICRESP *bs, int idx);
+const ASN1_GENERALIZEDTIME *OCSP_resp_get0_produced_at(const OCSP_BASICRESP* bs);
+const STACK_OF(X509) *OCSP_resp_get0_certs(const OCSP_BASICRESP *bs);
+int OCSP_resp_get0_id(const OCSP_BASICRESP *bs,
+ const ASN1_OCTET_STRING **pid,
+ const X509_NAME **pname);
+int OCSP_resp_get1_id(const OCSP_BASICRESP *bs,
+ ASN1_OCTET_STRING **pid,
+ X509_NAME **pname);
+
+int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last);
+int OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason,
+ ASN1_GENERALIZEDTIME **revtime,
+ ASN1_GENERALIZEDTIME **thisupd,
+ ASN1_GENERALIZEDTIME **nextupd);
+int OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status,
+ int *reason,
+ ASN1_GENERALIZEDTIME **revtime,
+ ASN1_GENERALIZEDTIME **thisupd,
+ ASN1_GENERALIZEDTIME **nextupd);
+int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd,
+ ASN1_GENERALIZEDTIME *nextupd, long sec, long maxsec);
+
+int OCSP_request_verify(OCSP_REQUEST *req, STACK_OF(X509) *certs,
+ X509_STORE *store, unsigned long flags);
+
+# define OCSP_parse_url OSSL_HTTP_parse_url /* for backward compatibility */
+
+int OCSP_id_issuer_cmp(const OCSP_CERTID *a, const OCSP_CERTID *b);
+int OCSP_id_cmp(const OCSP_CERTID *a, const OCSP_CERTID *b);
+
+int OCSP_request_onereq_count(OCSP_REQUEST *req);
+OCSP_ONEREQ *OCSP_request_onereq_get0(OCSP_REQUEST *req, int i);
+OCSP_CERTID *OCSP_onereq_get0_id(OCSP_ONEREQ *one);
+int OCSP_id_get0_info(ASN1_OCTET_STRING **piNameHash, ASN1_OBJECT **pmd,
+ ASN1_OCTET_STRING **pikeyHash,
+ ASN1_INTEGER **pserial, OCSP_CERTID *cid);
+int OCSP_request_is_signed(OCSP_REQUEST *req);
+OCSP_RESPONSE *OCSP_response_create(int status, OCSP_BASICRESP *bs);
+OCSP_SINGLERESP *OCSP_basic_add1_status(OCSP_BASICRESP *rsp,
+ OCSP_CERTID *cid,
+ int status, int reason,
+ ASN1_TIME *revtime,
+ ASN1_TIME *thisupd,
+ ASN1_TIME *nextupd);
+int OCSP_basic_add1_cert(OCSP_BASICRESP *resp, X509 *cert);
+int OCSP_basic_sign(OCSP_BASICRESP *brsp,
+ X509 *signer, EVP_PKEY *key, const EVP_MD *dgst,
+ STACK_OF(X509) *certs, unsigned long flags);
+int OCSP_basic_sign_ctx(OCSP_BASICRESP *brsp,
+ X509 *signer, EVP_MD_CTX *ctx,
+ STACK_OF(X509) *certs, unsigned long flags);
+int OCSP_RESPID_set_by_name(OCSP_RESPID *respid, X509 *cert);
+int OCSP_RESPID_set_by_key_ex(OCSP_RESPID *respid, X509 *cert,
+ OPENSSL_CTX *libctx, const char *propq);
+int OCSP_RESPID_set_by_key(OCSP_RESPID *respid, X509 *cert);
+int OCSP_RESPID_match_ex(OCSP_RESPID *respid, X509 *cert, OPENSSL_CTX *libctx,
+ const char *propq);
+int OCSP_RESPID_match(OCSP_RESPID *respid, X509 *cert);
+
+X509_EXTENSION *OCSP_crlID_new(const char *url, long *n, char *tim);
+
+X509_EXTENSION *OCSP_accept_responses_new(char **oids);
+
+X509_EXTENSION *OCSP_archive_cutoff_new(char *tim);
+
+X509_EXTENSION *OCSP_url_svcloc_new(const X509_NAME *issuer, const char **urls);
+
+int OCSP_REQUEST_get_ext_count(OCSP_REQUEST *x);
+int OCSP_REQUEST_get_ext_by_NID(OCSP_REQUEST *x, int nid, int lastpos);
+int OCSP_REQUEST_get_ext_by_OBJ(OCSP_REQUEST *x, const ASN1_OBJECT *obj,
+ int lastpos);
+int OCSP_REQUEST_get_ext_by_critical(OCSP_REQUEST *x, int crit, int lastpos);
+X509_EXTENSION *OCSP_REQUEST_get_ext(OCSP_REQUEST *x, int loc);
+X509_EXTENSION *OCSP_REQUEST_delete_ext(OCSP_REQUEST *x, int loc);
+void *OCSP_REQUEST_get1_ext_d2i(OCSP_REQUEST *x, int nid, int *crit,
+ int *idx);
+int OCSP_REQUEST_add1_ext_i2d(OCSP_REQUEST *x, int nid, void *value, int crit,
+ unsigned long flags);
+int OCSP_REQUEST_add_ext(OCSP_REQUEST *x, X509_EXTENSION *ex, int loc);
+
+int OCSP_ONEREQ_get_ext_count(OCSP_ONEREQ *x);
+int OCSP_ONEREQ_get_ext_by_NID(OCSP_ONEREQ *x, int nid, int lastpos);
+int OCSP_ONEREQ_get_ext_by_OBJ(OCSP_ONEREQ *x, const ASN1_OBJECT *obj, int lastpos);
+int OCSP_ONEREQ_get_ext_by_critical(OCSP_ONEREQ *x, int crit, int lastpos);
+X509_EXTENSION *OCSP_ONEREQ_get_ext(OCSP_ONEREQ *x, int loc);
+X509_EXTENSION *OCSP_ONEREQ_delete_ext(OCSP_ONEREQ *x, int loc);
+void *OCSP_ONEREQ_get1_ext_d2i(OCSP_ONEREQ *x, int nid, int *crit, int *idx);
+int OCSP_ONEREQ_add1_ext_i2d(OCSP_ONEREQ *x, int nid, void *value, int crit,
+ unsigned long flags);
+int OCSP_ONEREQ_add_ext(OCSP_ONEREQ *x, X509_EXTENSION *ex, int loc);
+
+int OCSP_BASICRESP_get_ext_count(OCSP_BASICRESP *x);
+int OCSP_BASICRESP_get_ext_by_NID(OCSP_BASICRESP *x, int nid, int lastpos);
+int OCSP_BASICRESP_get_ext_by_OBJ(OCSP_BASICRESP *x, const ASN1_OBJECT *obj,
+ int lastpos);
+int OCSP_BASICRESP_get_ext_by_critical(OCSP_BASICRESP *x, int crit,
+ int lastpos);
+X509_EXTENSION *OCSP_BASICRESP_get_ext(OCSP_BASICRESP *x, int loc);
+X509_EXTENSION *OCSP_BASICRESP_delete_ext(OCSP_BASICRESP *x, int loc);
+void *OCSP_BASICRESP_get1_ext_d2i(OCSP_BASICRESP *x, int nid, int *crit,
+ int *idx);
+int OCSP_BASICRESP_add1_ext_i2d(OCSP_BASICRESP *x, int nid, void *value,
+ int crit, unsigned long flags);
+int OCSP_BASICRESP_add_ext(OCSP_BASICRESP *x, X509_EXTENSION *ex, int loc);
+
+int OCSP_SINGLERESP_get_ext_count(OCSP_SINGLERESP *x);
+int OCSP_SINGLERESP_get_ext_by_NID(OCSP_SINGLERESP *x, int nid, int lastpos);
+int OCSP_SINGLERESP_get_ext_by_OBJ(OCSP_SINGLERESP *x, const ASN1_OBJECT *obj,
+ int lastpos);
+int OCSP_SINGLERESP_get_ext_by_critical(OCSP_SINGLERESP *x, int crit,
+ int lastpos);
+X509_EXTENSION *OCSP_SINGLERESP_get_ext(OCSP_SINGLERESP *x, int loc);
+X509_EXTENSION *OCSP_SINGLERESP_delete_ext(OCSP_SINGLERESP *x, int loc);
+void *OCSP_SINGLERESP_get1_ext_d2i(OCSP_SINGLERESP *x, int nid, int *crit,
+ int *idx);
+int OCSP_SINGLERESP_add1_ext_i2d(OCSP_SINGLERESP *x, int nid, void *value,
+ int crit, unsigned long flags);
+int OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, int loc);
+const OCSP_CERTID *OCSP_SINGLERESP_get0_id(const OCSP_SINGLERESP *x);
+
+DECLARE_ASN1_FUNCTIONS(OCSP_SINGLERESP)
+DECLARE_ASN1_FUNCTIONS(OCSP_CERTSTATUS)
+DECLARE_ASN1_FUNCTIONS(OCSP_REVOKEDINFO)
+DECLARE_ASN1_FUNCTIONS(OCSP_BASICRESP)
+DECLARE_ASN1_FUNCTIONS(OCSP_RESPDATA)
+DECLARE_ASN1_FUNCTIONS(OCSP_RESPID)
+DECLARE_ASN1_FUNCTIONS(OCSP_RESPONSE)
+DECLARE_ASN1_FUNCTIONS(OCSP_RESPBYTES)
+DECLARE_ASN1_FUNCTIONS(OCSP_ONEREQ)
+DECLARE_ASN1_FUNCTIONS(OCSP_CERTID)
+DECLARE_ASN1_FUNCTIONS(OCSP_REQUEST)
+DECLARE_ASN1_FUNCTIONS(OCSP_SIGNATURE)
+DECLARE_ASN1_FUNCTIONS(OCSP_REQINFO)
+DECLARE_ASN1_FUNCTIONS(OCSP_CRLID)
+DECLARE_ASN1_FUNCTIONS(OCSP_SERVICELOC)
+
+const char *OCSP_response_status_str(long s);
+const char *OCSP_cert_status_str(long s);
+const char *OCSP_crl_reason_str(long s);
+
+int OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST *a, unsigned long flags);
+int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE *o, unsigned long flags);
+
+int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
+ X509_STORE *st, unsigned long flags);
+
+
+# ifdef __cplusplus
+}
+# endif
+# endif /* !defined(OPENSSL_NO_OCSP) */
+#endif
diff --git a/openssl/include/openssl/ocsperr.h b/openssl/include/openssl/ocsperr.h new file mode 100644 index 00000000..b24055f2 --- /dev/null +++ b/openssl/include/openssl/ocsperr.h @@ -0,0 +1,76 @@ +/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_OCSPERR_H
+# define OPENSSL_OCSPERR_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_OCSP
+
+# ifdef __cplusplus
+extern "C"
+# endif
+int ERR_load_OCSP_strings(void);
+
+/*
+ * OCSP function codes.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define OCSP_F_D2I_OCSP_NONCE 0
+# define OCSP_F_OCSP_BASIC_ADD1_STATUS 0
+# define OCSP_F_OCSP_BASIC_SIGN 0
+# define OCSP_F_OCSP_BASIC_SIGN_CTX 0
+# define OCSP_F_OCSP_BASIC_VERIFY 0
+# define OCSP_F_OCSP_CERT_ID_NEW 0
+# define OCSP_F_OCSP_CHECK_DELEGATED 0
+# define OCSP_F_OCSP_CHECK_IDS 0
+# define OCSP_F_OCSP_CHECK_ISSUER 0
+# define OCSP_F_OCSP_CHECK_VALIDITY 0
+# define OCSP_F_OCSP_MATCH_ISSUERID 0
+# define OCSP_F_OCSP_REQUEST_SIGN 0
+# define OCSP_F_OCSP_REQUEST_VERIFY 0
+# define OCSP_F_OCSP_RESPONSE_GET1_BASIC 0
+# endif
+
+/*
+ * OCSP reason codes.
+ */
+# define OCSP_R_CERTIFICATE_VERIFY_ERROR 101
+# define OCSP_R_DIGEST_ERR 102
+# define OCSP_R_ERROR_IN_NEXTUPDATE_FIELD 122
+# define OCSP_R_ERROR_IN_THISUPDATE_FIELD 123
+# define OCSP_R_MISSING_OCSPSIGNING_USAGE 103
+# define OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE 124
+# define OCSP_R_NOT_BASIC_RESPONSE 104
+# define OCSP_R_NO_CERTIFICATES_IN_CHAIN 105
+# define OCSP_R_NO_RESPONSE_DATA 108
+# define OCSP_R_NO_REVOKED_TIME 109
+# define OCSP_R_NO_SIGNER_KEY 130
+# define OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 110
+# define OCSP_R_REQUEST_NOT_SIGNED 128
+# define OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA 111
+# define OCSP_R_ROOT_CA_NOT_TRUSTED 112
+# define OCSP_R_SIGNATURE_FAILURE 117
+# define OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND 118
+# define OCSP_R_STATUS_EXPIRED 125
+# define OCSP_R_STATUS_NOT_YET_VALID 126
+# define OCSP_R_STATUS_TOO_OLD 127
+# define OCSP_R_UNKNOWN_MESSAGE_DIGEST 119
+# define OCSP_R_UNKNOWN_NID 120
+# define OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE 129
+
+# endif
+#endif
diff --git a/openssl/include/openssl/opensslconf.h b/openssl/include/openssl/opensslconf.h new file mode 100644 index 00000000..dd61b527 --- /dev/null +++ b/openssl/include/openssl/opensslconf.h @@ -0,0 +1,16 @@ +/*
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_OPENSSLCONF_H
+# define OPENSSL_OPENSSLCONF_H
+
+#include <openssl/configuration.h>
+#include <openssl/macros.h>
+
+#endif /* OPENSSL_OPENSSLCONF_H */
diff --git a/openssl/include/openssl/opensslv.h b/openssl/include/openssl/opensslv.h new file mode 100644 index 00000000..0d90871b --- /dev/null +++ b/openssl/include/openssl/opensslv.h @@ -0,0 +1,114 @@ +/*
+ * WARNING: do not edit!
+ * Generated by makefile from include\openssl\opensslv.h.in
+ *
+ * Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_OPENSSLV_H
+# define OPENSSL_OPENSSLV_H
+# pragma once
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+/*
+ * SECTION 1: VERSION DATA. These will change for each release
+ */
+
+/*
+ * Base version macros
+ *
+ * These macros express version number MAJOR.MINOR.PATCH exactly
+ */
+# define OPENSSL_VERSION_MAJOR 3
+# define OPENSSL_VERSION_MINOR 0
+# define OPENSSL_VERSION_PATCH 0
+
+/*
+ * Additional version information
+ *
+ * These are also part of the new version scheme, but aren't part
+ * of the version number itself.
+ */
+
+/* Could be: #define OPENSSL_VERSION_PRE_RELEASE "-alpha.1" */
+# define OPENSSL_VERSION_PRE_RELEASE "-alpha5-dev"
+/* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
+/* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
+# define OPENSSL_VERSION_BUILD_METADATA ""
+
+/*
+ * Note: The OpenSSL Project will never define OPENSSL_VERSION_BUILD_METADATA
+ * to be anything but the empty string. Its use is entirely reserved for
+ * others
+ */
+
+/*
+ * Shared library version
+ *
+ * This is strictly to express ABI version, which may or may not
+ * be related to the API version expressed with the macros above.
+ * This is defined in free form.
+ */
+# define OPENSSL_SHLIB_VERSION 3
+
+/*
+ * SECTION 2: USEFUL MACROS
+ */
+
+/* For checking general API compatibility when preprocessing */
+# define OPENSSL_VERSION_PREREQ(maj,min) \
+ ((OPENSSL_VERSION_MAJOR << 16) + OPENSSL_VERSION_MINOR >= ((maj) << 16) + (min))
+
+/*
+ * Macros to get the version in easily digested string form, both the short
+ * "MAJOR.MINOR.PATCH" variant (where MAJOR, MINOR and PATCH are replaced
+ * with the values from the corresponding OPENSSL_VERSION_ macros) and the
+ * longer variant with OPENSSL_VERSION_PRE_RELEASE_STR and
+ * OPENSSL_VERSION_BUILD_METADATA_STR appended.
+ */
+# define OPENSSL_VERSION_STR "3.0.0"
+# define OPENSSL_FULL_VERSION_STR "3.0.0-alpha5-dev"
+
+/*
+ * SECTION 3: ADDITIONAL METADATA
+ *
+ * These strings are defined separately to allow them to be parsable.
+ */
+# define OPENSSL_RELEASE_DATE ""
+
+/*
+ * SECTION 4: BACKWARD COMPATIBILITY
+ */
+
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.0-alpha5-dev "
+
+/* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
+# ifdef OPENSSL_VERSION_PRE_RELEASE
+# define _OPENSSL_VERSION_PRE_RELEASE 0x0L
+# else
+# define _OPENSSL_VERSION_PRE_RELEASE 0xfL
+# endif
+# define OPENSSL_VERSION_NUMBER \
+ ( (OPENSSL_VERSION_MAJOR<<28) \
+ |(OPENSSL_VERSION_MINOR<<20) \
+ |(OPENSSL_VERSION_PATCH<<4) \
+ |_OPENSSL_VERSION_PRE_RELEASE )
+
+# ifdef __cplusplus
+}
+# endif
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_OPENSSLV_H
+# endif
+
+#endif /* OPENSSL_OPENSSLV_H */
diff --git a/openssl/include/openssl/ossl_typ.h b/openssl/include/openssl/ossl_typ.h new file mode 100644 index 00000000..66506d7e --- /dev/null +++ b/openssl/include/openssl/ossl_typ.h @@ -0,0 +1,16 @@ +/*
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/*
+ * The original <openssl/ossl_typ.h> was renamed to <openssl/types.h>
+ *
+ * This header file only exists for compatibility reasons with older
+ * applications which #include <openssl/ossl_typ.h>.
+ */
+# include <openssl/types.h>
diff --git a/openssl/include/openssl/param_build.h b/openssl/include/openssl/param_build.h new file mode 100644 index 00000000..89840449 --- /dev/null +++ b/openssl/include/openssl/param_build.h @@ -0,0 +1,51 @@ +/*
+ * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <openssl/params.h>
+#include <openssl/types.h>
+
+OSSL_PARAM_BLD *OSSL_PARAM_BLD_new(void);
+OSSL_PARAM *OSSL_PARAM_BLD_to_param(OSSL_PARAM_BLD *bld);
+void OSSL_PARAM_BLD_free(OSSL_PARAM_BLD *bld);
+void OSSL_PARAM_BLD_free_params(OSSL_PARAM *params);
+
+int OSSL_PARAM_BLD_push_int(OSSL_PARAM_BLD *bld, const char *key, int val);
+int OSSL_PARAM_BLD_push_uint(OSSL_PARAM_BLD *bld, const char *key,
+ unsigned int val);
+int OSSL_PARAM_BLD_push_long(OSSL_PARAM_BLD *bld, const char *key,
+ long int val);
+int OSSL_PARAM_BLD_push_ulong(OSSL_PARAM_BLD *bld, const char *key,
+ unsigned long int val);
+int OSSL_PARAM_BLD_push_int32(OSSL_PARAM_BLD *bld, const char *key,
+ int32_t val);
+int OSSL_PARAM_BLD_push_uint32(OSSL_PARAM_BLD *bld, const char *key,
+ uint32_t val);
+int OSSL_PARAM_BLD_push_int64(OSSL_PARAM_BLD *bld, const char *key,
+ int64_t val);
+int OSSL_PARAM_BLD_push_uint64(OSSL_PARAM_BLD *bld, const char *key,
+ uint64_t val);
+int OSSL_PARAM_BLD_push_size_t(OSSL_PARAM_BLD *bld, const char *key,
+ size_t val);
+int OSSL_PARAM_BLD_push_time_t(OSSL_PARAM_BLD *bld, const char *key,
+ time_t val);
+int OSSL_PARAM_BLD_push_double(OSSL_PARAM_BLD *bld, const char *key,
+ double val);
+int OSSL_PARAM_BLD_push_BN(OSSL_PARAM_BLD *bld, const char *key,
+ const BIGNUM *bn);
+int OSSL_PARAM_BLD_push_BN_pad(OSSL_PARAM_BLD *bld, const char *key,
+ const BIGNUM *bn, size_t sz);
+int OSSL_PARAM_BLD_push_utf8_string(OSSL_PARAM_BLD *bld, const char *key,
+ const char *buf, size_t bsize);
+int OSSL_PARAM_BLD_push_utf8_ptr(OSSL_PARAM_BLD *bld, const char *key,
+ char *buf, size_t bsize);
+int OSSL_PARAM_BLD_push_octet_string(OSSL_PARAM_BLD *bld, const char *key,
+ const void *buf, size_t bsize);
+int OSSL_PARAM_BLD_push_octet_ptr(OSSL_PARAM_BLD *bld, const char *key,
+ void *buf, size_t bsize);
diff --git a/openssl/include/openssl/params.h b/openssl/include/openssl/params.h new file mode 100644 index 00000000..40162f51 --- /dev/null +++ b/openssl/include/openssl/params.h @@ -0,0 +1,151 @@ +/*
+ * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_PARAMS_H
+# define OPENSSL_PARAMS_H
+
+# include <openssl/core.h>
+# include <openssl/bn.h>
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+# define OSSL_PARAM_UNMODIFIED ((size_t)-1)
+
+# define OSSL_PARAM_END \
+ { NULL, 0, NULL, 0, 0 }
+
+# define OSSL_PARAM_DEFN(key, type, addr, sz) \
+ { (key), (type), (addr), (sz), OSSL_PARAM_UNMODIFIED }
+
+/* Basic parameter types without return sizes */
+# define OSSL_PARAM_int(key, addr) \
+ OSSL_PARAM_DEFN((key), OSSL_PARAM_INTEGER, (addr), sizeof(int))
+# define OSSL_PARAM_uint(key, addr) \
+ OSSL_PARAM_DEFN((key), OSSL_PARAM_UNSIGNED_INTEGER, (addr), \
+ sizeof(unsigned int))
+# define OSSL_PARAM_long(key, addr) \
+ OSSL_PARAM_DEFN((key), OSSL_PARAM_INTEGER, (addr), sizeof(long int))
+# define OSSL_PARAM_ulong(key, addr) \
+ OSSL_PARAM_DEFN((key), OSSL_PARAM_UNSIGNED_INTEGER, (addr), \
+ sizeof(unsigned long int))
+# define OSSL_PARAM_int32(key, addr) \
+ OSSL_PARAM_DEFN((key), OSSL_PARAM_INTEGER, (addr), sizeof(int32_t))
+# define OSSL_PARAM_uint32(key, addr) \
+ OSSL_PARAM_DEFN((key), OSSL_PARAM_UNSIGNED_INTEGER, (addr), \
+ sizeof(uint32_t))
+# define OSSL_PARAM_int64(key, addr) \
+ OSSL_PARAM_DEFN((key), OSSL_PARAM_INTEGER, (addr), sizeof(int64_t))
+# define OSSL_PARAM_uint64(key, addr) \
+ OSSL_PARAM_DEFN((key), OSSL_PARAM_UNSIGNED_INTEGER, (addr), \
+ sizeof(uint64_t))
+# define OSSL_PARAM_size_t(key, addr) \
+ OSSL_PARAM_DEFN((key), OSSL_PARAM_UNSIGNED_INTEGER, (addr), sizeof(size_t))
+# define OSSL_PARAM_time_t(key, addr) \
+ OSSL_PARAM_DEFN((key), OSSL_PARAM_INTEGER, (addr), sizeof(time_t))
+# define OSSL_PARAM_double(key, addr) \
+ OSSL_PARAM_DEFN((key), OSSL_PARAM_REAL, (addr), sizeof(double))
+
+# define OSSL_PARAM_BN(key, bn, sz) \
+ OSSL_PARAM_DEFN((key), OSSL_PARAM_UNSIGNED_INTEGER, (bn), (sz))
+# define OSSL_PARAM_utf8_string(key, addr, sz) \
+ OSSL_PARAM_DEFN((key), OSSL_PARAM_UTF8_STRING, (addr), sz)
+# define OSSL_PARAM_octet_string(key, addr, sz) \
+ OSSL_PARAM_DEFN((key), OSSL_PARAM_OCTET_STRING, (addr), sz)
+
+# define OSSL_PARAM_utf8_ptr(key, addr, sz) \
+ OSSL_PARAM_DEFN((key), OSSL_PARAM_UTF8_PTR, &(addr), sz)
+# define OSSL_PARAM_octet_ptr(key, addr, sz) \
+ OSSL_PARAM_DEFN((key), OSSL_PARAM_OCTET_PTR, &(addr), sz)
+
+/* Search an OSSL_PARAM array for a matching name */
+OSSL_PARAM *OSSL_PARAM_locate(OSSL_PARAM *p, const char *key);
+const OSSL_PARAM *OSSL_PARAM_locate_const(const OSSL_PARAM *p, const char *key);
+
+/* Basic parameter type run-time construction */
+OSSL_PARAM OSSL_PARAM_construct_int(const char *key, int *buf);
+OSSL_PARAM OSSL_PARAM_construct_uint(const char *key, unsigned int *buf);
+OSSL_PARAM OSSL_PARAM_construct_long(const char *key, long int *buf);
+OSSL_PARAM OSSL_PARAM_construct_ulong(const char *key, unsigned long int *buf);
+OSSL_PARAM OSSL_PARAM_construct_int32(const char *key, int32_t *buf);
+OSSL_PARAM OSSL_PARAM_construct_uint32(const char *key, uint32_t *buf);
+OSSL_PARAM OSSL_PARAM_construct_int64(const char *key, int64_t *buf);
+OSSL_PARAM OSSL_PARAM_construct_uint64(const char *key, uint64_t *buf);
+OSSL_PARAM OSSL_PARAM_construct_size_t(const char *key, size_t *buf);
+OSSL_PARAM OSSL_PARAM_construct_time_t(const char *key, time_t *buf);
+OSSL_PARAM OSSL_PARAM_construct_BN(const char *key, unsigned char *buf,
+ size_t bsize);
+OSSL_PARAM OSSL_PARAM_construct_double(const char *key, double *buf);
+OSSL_PARAM OSSL_PARAM_construct_utf8_string(const char *key, char *buf,
+ size_t bsize);
+OSSL_PARAM OSSL_PARAM_construct_utf8_ptr(const char *key, char **buf,
+ size_t bsize);
+OSSL_PARAM OSSL_PARAM_construct_octet_string(const char *key, void *buf,
+ size_t bsize);
+OSSL_PARAM OSSL_PARAM_construct_octet_ptr(const char *key, void **buf,
+ size_t bsize);
+OSSL_PARAM OSSL_PARAM_construct_end(void);
+
+int OSSL_PARAM_allocate_from_text(OSSL_PARAM *to,
+ const OSSL_PARAM *paramdefs,
+ const char *key, const char *value,
+ size_t value_n, int *found);
+
+int OSSL_PARAM_get_int(const OSSL_PARAM *p, int *val);
+int OSSL_PARAM_get_uint(const OSSL_PARAM *p, unsigned int *val);
+int OSSL_PARAM_get_long(const OSSL_PARAM *p, long int *val);
+int OSSL_PARAM_get_ulong(const OSSL_PARAM *p, unsigned long int *val);
+int OSSL_PARAM_get_int32(const OSSL_PARAM *p, int32_t *val);
+int OSSL_PARAM_get_uint32(const OSSL_PARAM *p, uint32_t *val);
+int OSSL_PARAM_get_int64(const OSSL_PARAM *p, int64_t *val);
+int OSSL_PARAM_get_uint64(const OSSL_PARAM *p, uint64_t *val);
+int OSSL_PARAM_get_size_t(const OSSL_PARAM *p, size_t *val);
+int OSSL_PARAM_get_time_t(const OSSL_PARAM *p, time_t *val);
+
+int OSSL_PARAM_set_int(OSSL_PARAM *p, int val);
+int OSSL_PARAM_set_uint(OSSL_PARAM *p, unsigned int val);
+int OSSL_PARAM_set_long(OSSL_PARAM *p, long int val);
+int OSSL_PARAM_set_ulong(OSSL_PARAM *p, unsigned long int val);
+int OSSL_PARAM_set_int32(OSSL_PARAM *p, int32_t val);
+int OSSL_PARAM_set_uint32(OSSL_PARAM *p, uint32_t val);
+int OSSL_PARAM_set_int64(OSSL_PARAM *p, int64_t val);
+int OSSL_PARAM_set_uint64(OSSL_PARAM *p, uint64_t val);
+int OSSL_PARAM_set_size_t(OSSL_PARAM *p, size_t val);
+int OSSL_PARAM_set_time_t(OSSL_PARAM *p, time_t val);
+
+int OSSL_PARAM_get_double(const OSSL_PARAM *p, double *val);
+int OSSL_PARAM_set_double(OSSL_PARAM *p, double val);
+
+int OSSL_PARAM_get_BN(const OSSL_PARAM *p, BIGNUM **val);
+int OSSL_PARAM_set_BN(OSSL_PARAM *p, const BIGNUM *val);
+
+int OSSL_PARAM_get_utf8_string(const OSSL_PARAM *p, char **val, size_t max_len);
+int OSSL_PARAM_set_utf8_string(OSSL_PARAM *p, const char *val);
+
+int OSSL_PARAM_get_octet_string(const OSSL_PARAM *p, void **val, size_t max_len,
+ size_t *used_len);
+int OSSL_PARAM_set_octet_string(OSSL_PARAM *p, const void *val, size_t len);
+
+int OSSL_PARAM_get_utf8_ptr(const OSSL_PARAM *p, const char **val);
+int OSSL_PARAM_set_utf8_ptr(OSSL_PARAM *p, const char *val);
+
+int OSSL_PARAM_get_octet_ptr(const OSSL_PARAM *p, const void **val,
+ size_t *used_len);
+int OSSL_PARAM_set_octet_ptr(OSSL_PARAM *p, const void *val,
+ size_t used_len);
+
+int OSSL_PARAM_modified(const OSSL_PARAM *p);
+void OSSL_PARAM_set_all_unmodified(OSSL_PARAM *p);
+
+# ifdef __cplusplus
+}
+# endif
+#endif
diff --git a/openssl/include/openssl/pem.h b/openssl/include/openssl/pem.h new file mode 100644 index 00000000..57e3ec86 --- /dev/null +++ b/openssl/include/openssl/pem.h @@ -0,0 +1,419 @@ +/*
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_PEM_H
+# define OPENSSL_PEM_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_PEM_H
+# endif
+
+# include <openssl/e_os2.h>
+# include <openssl/bio.h>
+# include <openssl/safestack.h>
+# include <openssl/evp.h>
+# include <openssl/x509.h>
+# include <openssl/pemerr.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# define PEM_BUFSIZE 1024
+
+# define PEM_STRING_X509_OLD "X509 CERTIFICATE"
+# define PEM_STRING_X509 "CERTIFICATE"
+# define PEM_STRING_X509_TRUSTED "TRUSTED CERTIFICATE"
+# define PEM_STRING_X509_REQ_OLD "NEW CERTIFICATE REQUEST"
+# define PEM_STRING_X509_REQ "CERTIFICATE REQUEST"
+# define PEM_STRING_X509_CRL "X509 CRL"
+# define PEM_STRING_EVP_PKEY "ANY PRIVATE KEY"
+# define PEM_STRING_PUBLIC "PUBLIC KEY"
+# define PEM_STRING_RSA "RSA PRIVATE KEY"
+# define PEM_STRING_RSA_PUBLIC "RSA PUBLIC KEY"
+# define PEM_STRING_DSA "DSA PRIVATE KEY"
+# define PEM_STRING_DSA_PUBLIC "DSA PUBLIC KEY"
+# define PEM_STRING_PKCS7 "PKCS7"
+# define PEM_STRING_PKCS7_SIGNED "PKCS #7 SIGNED DATA"
+# define PEM_STRING_PKCS8 "ENCRYPTED PRIVATE KEY"
+# define PEM_STRING_PKCS8INF "PRIVATE KEY"
+# define PEM_STRING_DHPARAMS "DH PARAMETERS"
+# define PEM_STRING_DHXPARAMS "X9.42 DH PARAMETERS"
+# define PEM_STRING_SSL_SESSION "SSL SESSION PARAMETERS"
+# define PEM_STRING_DSAPARAMS "DSA PARAMETERS"
+# define PEM_STRING_ECDSA_PUBLIC "ECDSA PUBLIC KEY"
+# define PEM_STRING_ECPARAMETERS "EC PARAMETERS"
+# define PEM_STRING_ECPRIVATEKEY "EC PRIVATE KEY"
+# define PEM_STRING_PARAMETERS "PARAMETERS"
+# define PEM_STRING_CMS "CMS"
+
+# define PEM_TYPE_ENCRYPTED 10
+# define PEM_TYPE_MIC_ONLY 20
+# define PEM_TYPE_MIC_CLEAR 30
+# define PEM_TYPE_CLEAR 40
+
+/*
+ * These macros make the PEM_read/PEM_write functions easier to maintain and
+ * write. Now they are all implemented with either: IMPLEMENT_PEM_rw(...) or
+ * IMPLEMENT_PEM_rw_cb(...)
+ */
+
+# define PEM_write_fnsig(name, type, OUTTYPE, writename) \
+ int PEM_##writename##_##name(OUTTYPE *out, const type *x)
+# define PEM_write_cb_fnsig(name, type, OUTTYPE, writename) \
+ int PEM_##writename##_##name(OUTTYPE *out, const type *x, \
+ const EVP_CIPHER *enc, \
+ const unsigned char *kstr, int klen, \
+ pem_password_cb *cb, void *u)
+
+# ifdef OPENSSL_NO_STDIO
+
+# define IMPLEMENT_PEM_read_fp(name, type, str, asn1) /**/
+# define IMPLEMENT_PEM_write_fp(name, type, str, asn1) /**/
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) /**/
+# endif
+# define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) /**/
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) /**/
+# endif
+# else
+
+# define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \
+ type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u) \
+ { \
+ return PEM_ASN1_read((d2i_of_void *)d2i_##asn1, str, fp, \
+ (void **)x, cb, u); \
+ }
+
+# define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \
+ PEM_write_fnsig(name, type, FILE, write) \
+ { \
+ return PEM_ASN1_write((i2d_of_void *)i2d_##asn1, str, out, \
+ x, NULL, NULL, 0, NULL, NULL); \
+ }
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_fp(name, type, str, asn1)
+# endif
+
+# define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \
+ PEM_write_cb_fnsig(name, type, FILE, write) \
+ { \
+ return PEM_ASN1_write((i2d_of_void *)i2d_##asn1, str, out, \
+ x, enc, kstr, klen, cb, u); \
+ }
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1)
+# endif
+# endif
+
+# define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
+ type *PEM_read_bio_##name(BIO *bp, type **x, \
+ pem_password_cb *cb, void *u) \
+ { \
+ return PEM_ASN1_read_bio((d2i_of_void *)d2i_##asn1, str, bp, \
+ (void **)x, cb, u); \
+ }
+
+# define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
+ PEM_write_fnsig(name, type, BIO, write_bio) \
+ { \
+ return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1, str, out, \
+ x, NULL,NULL,0,NULL,NULL); \
+ }
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_bio(name, type, str, asn1)
+# endif
+
+# define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
+ PEM_write_cb_fnsig(name, type, BIO, write_bio) \
+ { \
+ return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1, str, out, \
+ x, enc, kstr, klen, cb, u); \
+ }
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1)
+# endif
+
+# define IMPLEMENT_PEM_write(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_fp(name, type, str, asn1)
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define IMPLEMENT_PEM_write_const(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_fp_const(name, type, str, asn1)
+# endif
+
+# define IMPLEMENT_PEM_write_cb(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1)
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define IMPLEMENT_PEM_write_cb_const(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1)
+# endif
+
+# define IMPLEMENT_PEM_read(name, type, str, asn1) \
+ IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
+ IMPLEMENT_PEM_read_fp(name, type, str, asn1)
+
+# define IMPLEMENT_PEM_rw(name, type, str, asn1) \
+ IMPLEMENT_PEM_read(name, type, str, asn1) \
+ IMPLEMENT_PEM_write(name, type, str, asn1)
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define IMPLEMENT_PEM_rw_const(name, type, str, asn1) \
+ IMPLEMENT_PEM_read(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_const(name, type, str, asn1)
+# endif
+
+# define IMPLEMENT_PEM_rw_cb(name, type, str, asn1) \
+ IMPLEMENT_PEM_read(name, type, str, asn1) \
+ IMPLEMENT_PEM_write_cb(name, type, str, asn1)
+
+/* These are the same except they are for the declarations */
+
+# if defined(OPENSSL_NO_STDIO)
+
+# define DECLARE_PEM_read_fp(name, type) /**/
+# define DECLARE_PEM_write_fp(name, type) /**/
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define DECLARE_PEM_write_fp_const(name, type) /**/
+# endif
+# define DECLARE_PEM_write_cb_fp(name, type) /**/
+# else
+
+# define DECLARE_PEM_read_fp(name, type) \
+ type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u);
+
+# define DECLARE_PEM_write_fp(name, type) \
+ PEM_write_fnsig(name, type, FILE, write);
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define DECLARE_PEM_write_fp_const(name, type) \
+ PEM_write_fnsig(name, type, FILE, write);
+# endif
+
+# define DECLARE_PEM_write_cb_fp(name, type) \
+ PEM_write_cb_fnsig(name, type, FILE, write);
+
+# endif
+
+# define DECLARE_PEM_read_bio(name, type) \
+ type *PEM_read_bio_##name(BIO *bp, type **x, \
+ pem_password_cb *cb, void *u);
+
+# define DECLARE_PEM_write_bio(name, type) \
+ PEM_write_fnsig(name, type, BIO, write_bio);
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define DECLARE_PEM_write_bio_const(name, type) \
+ PEM_write_fnsig(name, type, BIO, write_bio);
+# endif
+
+# define DECLARE_PEM_write_cb_bio(name, type) \
+ PEM_write_cb_fnsig(name, type, BIO, write_bio);
+
+# define DECLARE_PEM_write(name, type) \
+ DECLARE_PEM_write_bio(name, type) \
+ DECLARE_PEM_write_fp(name, type)
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define DECLARE_PEM_write_const(name, type) \
+ DECLARE_PEM_write_bio_const(name, type) \
+ DECLARE_PEM_write_fp_const(name, type)
+# endif
+# define DECLARE_PEM_write_cb(name, type) \
+ DECLARE_PEM_write_cb_bio(name, type) \
+ DECLARE_PEM_write_cb_fp(name, type)
+# define DECLARE_PEM_read(name, type) \
+ DECLARE_PEM_read_bio(name, type) \
+ DECLARE_PEM_read_fp(name, type)
+# define DECLARE_PEM_rw(name, type) \
+ DECLARE_PEM_read(name, type) \
+ DECLARE_PEM_write(name, type)
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define DECLARE_PEM_rw_const(name, type) \
+ DECLARE_PEM_read(name, type) \
+ DECLARE_PEM_write_const(name, type)
+# endif
+# define DECLARE_PEM_rw_cb(name, type) \
+ DECLARE_PEM_read(name, type) \
+ DECLARE_PEM_write_cb(name, type)
+
+int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher);
+int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *len,
+ pem_password_cb *callback, void *u);
+
+int PEM_read_bio(BIO *bp, char **name, char **header,
+ unsigned char **data, long *len);
+# define PEM_FLAG_SECURE 0x1
+# define PEM_FLAG_EAY_COMPATIBLE 0x2
+# define PEM_FLAG_ONLY_B64 0x4
+int PEM_read_bio_ex(BIO *bp, char **name, char **header,
+ unsigned char **data, long *len, unsigned int flags);
+int PEM_bytes_read_bio_secmem(unsigned char **pdata, long *plen, char **pnm,
+ const char *name, BIO *bp, pem_password_cb *cb,
+ void *u);
+int PEM_write_bio(BIO *bp, const char *name, const char *hdr,
+ const unsigned char *data, long len);
+int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm,
+ const char *name, BIO *bp, pem_password_cb *cb,
+ void *u);
+void *PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp, void **x,
+ pem_password_cb *cb, void *u);
+int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
+ const void *x, const EVP_CIPHER *enc,
+ const unsigned char *kstr, int klen,
+ pem_password_cb *cb, void *u);
+
+STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk,
+ pem_password_cb *cb, void *u);
+int PEM_X509_INFO_write_bio(BIO *bp, const X509_INFO *xi, EVP_CIPHER *enc,
+ const unsigned char *kstr, int klen,
+ pem_password_cb *cd, void *u);
+
+#ifndef OPENSSL_NO_STDIO
+int PEM_read(FILE *fp, char **name, char **header,
+ unsigned char **data, long *len);
+int PEM_write(FILE *fp, const char *name, const char *hdr,
+ const unsigned char *data, long len);
+void *PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x,
+ pem_password_cb *cb, void *u);
+int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp,
+ const void *x, const EVP_CIPHER *enc,
+ const unsigned char *kstr, int klen,
+ pem_password_cb *callback, void *u);
+STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk,
+ pem_password_cb *cb, void *u);
+#endif
+
+int PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type);
+int PEM_SignUpdate(EVP_MD_CTX *ctx, const unsigned char *d, unsigned int cnt);
+int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
+ unsigned int *siglen, EVP_PKEY *pkey);
+
+/* The default pem_password_cb that's used internally */
+int PEM_def_callback(char *buf, int num, int rwflag, void *userdata);
+void PEM_proc_type(char *buf, int type);
+void PEM_dek_info(char *buf, const char *type, int len, const char *str);
+
+# include <openssl/symhacks.h>
+
+DECLARE_PEM_rw(X509, X509)
+DECLARE_PEM_rw(X509_AUX, X509)
+DECLARE_PEM_rw(X509_REQ, X509_REQ)
+DECLARE_PEM_write(X509_REQ_NEW, X509_REQ)
+DECLARE_PEM_rw(X509_CRL, X509_CRL)
+DECLARE_PEM_rw(X509_PUBKEY, X509_PUBKEY)
+DECLARE_PEM_rw(PKCS7, PKCS7)
+DECLARE_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE)
+DECLARE_PEM_rw(PKCS8, X509_SIG)
+DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO)
+# ifndef OPENSSL_NO_RSA
+DECLARE_PEM_rw_cb(RSAPrivateKey, RSA)
+DECLARE_PEM_rw(RSAPublicKey, RSA)
+DECLARE_PEM_rw(RSA_PUBKEY, RSA)
+# endif
+# ifndef OPENSSL_NO_DSA
+DECLARE_PEM_rw_cb(DSAPrivateKey, DSA)
+DECLARE_PEM_rw(DSA_PUBKEY, DSA)
+DECLARE_PEM_rw(DSAparams, DSA)
+# endif
+# ifndef OPENSSL_NO_EC
+DECLARE_PEM_rw(ECPKParameters, EC_GROUP)
+DECLARE_PEM_rw_cb(ECPrivateKey, EC_KEY)
+DECLARE_PEM_rw(EC_PUBKEY, EC_KEY)
+# endif
+# ifndef OPENSSL_NO_DH
+DECLARE_PEM_rw(DHparams, DH)
+DECLARE_PEM_write(DHxparams, DH)
+# endif
+DECLARE_PEM_rw_cb(PrivateKey, EVP_PKEY)
+EVP_PKEY *PEM_read_bio_PrivateKey_ex(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
+ void *u, OPENSSL_CTX *libctx,
+ const char *propq);
+# ifndef OPENSSL_NO_STDIO
+EVP_PKEY *PEM_read_PrivateKey_ex(FILE *fp, EVP_PKEY **x, pem_password_cb *cb,
+ void *u, OPENSSL_CTX *libctx,
+ const char *propq);
+# endif
+DECLARE_PEM_rw(PUBKEY, EVP_PKEY)
+
+int PEM_write_bio_PrivateKey_traditional(BIO *bp, const EVP_PKEY *x,
+ const EVP_CIPHER *enc,
+ const unsigned char *kstr, int klen,
+ pem_password_cb *cb, void *u);
+
+/* Why do these take a signed char *kstr? */
+int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, const EVP_PKEY *x, int nid,
+ const char *kstr, int klen,
+ pem_password_cb *cb, void *u);
+int PEM_write_bio_PKCS8PrivateKey(BIO *, const EVP_PKEY *, const EVP_CIPHER *,
+ const char *kstr, int klen,
+ pem_password_cb *cb, void *u);
+int i2d_PKCS8PrivateKey_bio(BIO *bp, const EVP_PKEY *x, const EVP_CIPHER *enc,
+ const char *kstr, int klen,
+ pem_password_cb *cb, void *u);
+int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, const EVP_PKEY *x, int nid,
+ const char *kstr, int klen,
+ pem_password_cb *cb, void *u);
+EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
+ void *u);
+
+# ifndef OPENSSL_NO_STDIO
+int i2d_PKCS8PrivateKey_fp(FILE *fp, const EVP_PKEY *x, const EVP_CIPHER *enc,
+ const char *kstr, int klen,
+ pem_password_cb *cb, void *u);
+int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, const EVP_PKEY *x, int nid,
+ const char *kstr, int klen,
+ pem_password_cb *cb, void *u);
+int PEM_write_PKCS8PrivateKey_nid(FILE *fp, const EVP_PKEY *x, int nid,
+ const char *kstr, int klen,
+ pem_password_cb *cb, void *u);
+
+EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb,
+ void *u);
+
+int PEM_write_PKCS8PrivateKey(FILE *fp, const EVP_PKEY *x, const EVP_CIPHER *enc,
+ const char *kstr, int klen,
+ pem_password_cb *cd, void *u);
+# endif
+EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x);
+int PEM_write_bio_Parameters(BIO *bp, const EVP_PKEY *x);
+
+# ifndef OPENSSL_NO_DSA
+EVP_PKEY *b2i_PrivateKey(const unsigned char **in, long length);
+EVP_PKEY *b2i_PublicKey(const unsigned char **in, long length);
+EVP_PKEY *b2i_PrivateKey_bio(BIO *in);
+EVP_PKEY *b2i_PublicKey_bio(BIO *in);
+int i2b_PrivateKey_bio(BIO *out, const EVP_PKEY *pk);
+int i2b_PublicKey_bio(BIO *out, const EVP_PKEY *pk);
+# ifndef OPENSSL_NO_RC4
+EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u);
+int i2b_PVK_bio(BIO *out, const EVP_PKEY *pk, int enclevel,
+ pem_password_cb *cb, void *u);
+# endif
+# endif
+
+# ifdef __cplusplus
+}
+# endif
+#endif
diff --git a/openssl/include/openssl/pem2.h b/openssl/include/openssl/pem2.h new file mode 100644 index 00000000..64e6ffdc --- /dev/null +++ b/openssl/include/openssl/pem2.h @@ -0,0 +1,19 @@ +/*
+ * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_PEM2_H
+# define OPENSSL_PEM2_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_PEM2_H
+# endif
+# include <openssl/pemerr.h>
+#endif
diff --git a/openssl/include/openssl/pemerr.h b/openssl/include/openssl/pemerr.h new file mode 100644 index 00000000..1291c77f --- /dev/null +++ b/openssl/include/openssl/pemerr.h @@ -0,0 +1,106 @@ +/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_PEMERR_H
+# define OPENSSL_PEMERR_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+
+
+# ifdef __cplusplus
+extern "C"
+# endif
+int ERR_load_PEM_strings(void);
+
+/*
+ * PEM function codes.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define PEM_F_B2I_DSS 0
+# define PEM_F_B2I_PVK_BIO 0
+# define PEM_F_B2I_RSA 0
+# define PEM_F_CHECK_BITLEN_DSA 0
+# define PEM_F_CHECK_BITLEN_RSA 0
+# define PEM_F_D2I_PKCS8PRIVATEKEY_BIO 0
+# define PEM_F_D2I_PKCS8PRIVATEKEY_FP 0
+# define PEM_F_DO_B2I 0
+# define PEM_F_DO_B2I_BIO 0
+# define PEM_F_DO_BLOB_HEADER 0
+# define PEM_F_DO_I2B 0
+# define PEM_F_DO_PK8PKEY 0
+# define PEM_F_DO_PK8PKEY_FP 0
+# define PEM_F_DO_PVK_BODY 0
+# define PEM_F_DO_PVK_HEADER 0
+# define PEM_F_GET_HEADER_AND_DATA 0
+# define PEM_F_GET_NAME 0
+# define PEM_F_I2B_PVK 0
+# define PEM_F_I2B_PVK_BIO 0
+# define PEM_F_LOAD_IV 0
+# define PEM_F_PEM_ASN1_READ 0
+# define PEM_F_PEM_ASN1_READ_BIO 0
+# define PEM_F_PEM_ASN1_WRITE 0
+# define PEM_F_PEM_ASN1_WRITE_BIO 0
+# define PEM_F_PEM_DEF_CALLBACK 0
+# define PEM_F_PEM_DO_HEADER 0
+# define PEM_F_PEM_GET_EVP_CIPHER_INFO 0
+# define PEM_F_PEM_READ 0
+# define PEM_F_PEM_READ_BIO 0
+# define PEM_F_PEM_READ_BIO_DHPARAMS 0
+# define PEM_F_PEM_READ_BIO_EX 0
+# define PEM_F_PEM_READ_BIO_PARAMETERS 0
+# define PEM_F_PEM_READ_BIO_PRIVATEKEY 0
+# define PEM_F_PEM_READ_DHPARAMS 0
+# define PEM_F_PEM_READ_PRIVATEKEY 0
+# define PEM_F_PEM_SIGNFINAL 0
+# define PEM_F_PEM_WRITE 0
+# define PEM_F_PEM_WRITE_BIO 0
+# define PEM_F_PEM_WRITE_PRIVATEKEY 0
+# define PEM_F_PEM_X509_INFO_READ 0
+# define PEM_F_PEM_X509_INFO_READ_BIO 0
+# define PEM_F_PEM_X509_INFO_WRITE_BIO 0
+# endif
+
+/*
+ * PEM reason codes.
+ */
+# define PEM_R_BAD_BASE64_DECODE 100
+# define PEM_R_BAD_DECRYPT 101
+# define PEM_R_BAD_END_LINE 102
+# define PEM_R_BAD_IV_CHARS 103
+# define PEM_R_BAD_MAGIC_NUMBER 116
+# define PEM_R_BAD_PASSWORD_READ 104
+# define PEM_R_BAD_VERSION_NUMBER 117
+# define PEM_R_BIO_WRITE_FAILURE 118
+# define PEM_R_CIPHER_IS_NULL 127
+# define PEM_R_ERROR_CONVERTING_PRIVATE_KEY 115
+# define PEM_R_EXPECTING_PRIVATE_KEY_BLOB 119
+# define PEM_R_EXPECTING_PUBLIC_KEY_BLOB 120
+# define PEM_R_HEADER_TOO_LONG 128
+# define PEM_R_INCONSISTENT_HEADER 121
+# define PEM_R_KEYBLOB_HEADER_PARSE_ERROR 122
+# define PEM_R_KEYBLOB_TOO_SHORT 123
+# define PEM_R_MISSING_DEK_IV 129
+# define PEM_R_NOT_DEK_INFO 105
+# define PEM_R_NOT_ENCRYPTED 106
+# define PEM_R_NOT_PROC_TYPE 107
+# define PEM_R_NO_START_LINE 108
+# define PEM_R_PROBLEMS_GETTING_PASSWORD 109
+# define PEM_R_PVK_DATA_TOO_SHORT 124
+# define PEM_R_PVK_TOO_SHORT 125
+# define PEM_R_READ_KEY 111
+# define PEM_R_SHORT_HEADER 112
+# define PEM_R_UNEXPECTED_DEK_IV 130
+# define PEM_R_UNSUPPORTED_CIPHER 113
+# define PEM_R_UNSUPPORTED_ENCRYPTION 114
+# define PEM_R_UNSUPPORTED_KEY_COMPONENTS 126
+
+#endif
diff --git a/openssl/include/openssl/pkcs12.h b/openssl/include/openssl/pkcs12.h new file mode 100644 index 00000000..cfa57a43 --- /dev/null +++ b/openssl/include/openssl/pkcs12.h @@ -0,0 +1,229 @@ +/*
+ * Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_PKCS12_H
+# define OPENSSL_PKCS12_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_PKCS12_H
+# endif
+
+# include <openssl/bio.h>
+# include <openssl/x509.h>
+# include <openssl/pkcs12err.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# define PKCS12_KEY_ID 1
+# define PKCS12_IV_ID 2
+# define PKCS12_MAC_ID 3
+
+/* Default iteration count */
+# ifndef PKCS12_DEFAULT_ITER
+# define PKCS12_DEFAULT_ITER PKCS5_DEFAULT_ITER
+# endif
+
+# define PKCS12_MAC_KEY_LENGTH 20
+
+# define PKCS12_SALT_LEN 8
+
+/* It's not clear if these are actually needed... */
+# define PKCS12_key_gen PKCS12_key_gen_utf8
+# define PKCS12_add_friendlyname PKCS12_add_friendlyname_utf8
+
+/* MS key usage constants */
+
+# define KEY_EX 0x10
+# define KEY_SIG 0x80
+
+typedef struct PKCS12_MAC_DATA_st PKCS12_MAC_DATA;
+
+typedef struct PKCS12_st PKCS12;
+
+typedef struct PKCS12_SAFEBAG_st PKCS12_SAFEBAG;
+
+DEFINE_OR_DECLARE_STACK_OF(PKCS12_SAFEBAG)
+
+typedef struct pkcs12_bag_st PKCS12_BAGS;
+
+# define PKCS12_ERROR 0
+# define PKCS12_OK 1
+
+/* Compatibility macros */
+
+#ifndef OPENSSL_NO_DEPRECATED_1_1_0
+
+# define M_PKCS12_bag_type PKCS12_bag_type
+# define M_PKCS12_cert_bag_type PKCS12_cert_bag_type
+# define M_PKCS12_crl_bag_type PKCS12_cert_bag_type
+
+# define PKCS12_certbag2x509 PKCS12_SAFEBAG_get1_cert
+# define PKCS12_certbag2scrl PKCS12_SAFEBAG_get1_crl
+# define PKCS12_bag_type PKCS12_SAFEBAG_get_nid
+# define PKCS12_cert_bag_type PKCS12_SAFEBAG_get_bag_nid
+# define PKCS12_x5092certbag PKCS12_SAFEBAG_create_cert
+# define PKCS12_x509crl2certbag PKCS12_SAFEBAG_create_crl
+# define PKCS12_MAKE_KEYBAG PKCS12_SAFEBAG_create0_p8inf
+# define PKCS12_MAKE_SHKEYBAG PKCS12_SAFEBAG_create_pkcs8_encrypt
+
+#endif
+
+DEPRECATEDIN_1_1_0(ASN1_TYPE *PKCS12_get_attr(const PKCS12_SAFEBAG *bag, int attr_nid))
+
+ASN1_TYPE *PKCS8_get_attr(PKCS8_PRIV_KEY_INFO *p8, int attr_nid);
+int PKCS12_mac_present(const PKCS12 *p12);
+void PKCS12_get0_mac(const ASN1_OCTET_STRING **pmac,
+ const X509_ALGOR **pmacalg,
+ const ASN1_OCTET_STRING **psalt,
+ const ASN1_INTEGER **piter,
+ const PKCS12 *p12);
+
+const ASN1_TYPE *PKCS12_SAFEBAG_get0_attr(const PKCS12_SAFEBAG *bag,
+ int attr_nid);
+const ASN1_OBJECT *PKCS12_SAFEBAG_get0_type(const PKCS12_SAFEBAG *bag);
+int PKCS12_SAFEBAG_get_nid(const PKCS12_SAFEBAG *bag);
+int PKCS12_SAFEBAG_get_bag_nid(const PKCS12_SAFEBAG *bag);
+
+X509 *PKCS12_SAFEBAG_get1_cert(const PKCS12_SAFEBAG *bag);
+X509_CRL *PKCS12_SAFEBAG_get1_crl(const PKCS12_SAFEBAG *bag);
+const STACK_OF(PKCS12_SAFEBAG) *
+PKCS12_SAFEBAG_get0_safes(const PKCS12_SAFEBAG *bag);
+const PKCS8_PRIV_KEY_INFO *PKCS12_SAFEBAG_get0_p8inf(const PKCS12_SAFEBAG *bag);
+const X509_SIG *PKCS12_SAFEBAG_get0_pkcs8(const PKCS12_SAFEBAG *bag);
+
+PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_cert(X509 *x509);
+PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_crl(X509_CRL *crl);
+PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_p8inf(PKCS8_PRIV_KEY_INFO *p8);
+PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_pkcs8(X509_SIG *p8);
+PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_pkcs8_encrypt(int pbe_nid,
+ const char *pass,
+ int passlen,
+ unsigned char *salt,
+ int saltlen, int iter,
+ PKCS8_PRIV_KEY_INFO *p8inf);
+
+PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it,
+ int nid1, int nid2);
+PKCS8_PRIV_KEY_INFO *PKCS8_decrypt(const X509_SIG *p8, const char *pass,
+ int passlen);
+PKCS8_PRIV_KEY_INFO *PKCS12_decrypt_skey(const PKCS12_SAFEBAG *bag,
+ const char *pass, int passlen);
+X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher,
+ const char *pass, int passlen, unsigned char *salt,
+ int saltlen, int iter, PKCS8_PRIV_KEY_INFO *p8);
+X509_SIG *PKCS8_set0_pbe(const char *pass, int passlen,
+ PKCS8_PRIV_KEY_INFO *p8inf, X509_ALGOR *pbe);
+PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk);
+STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7);
+PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen,
+ unsigned char *salt, int saltlen, int iter,
+ STACK_OF(PKCS12_SAFEBAG) *bags);
+STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7encdata(PKCS7 *p7, const char *pass,
+ int passlen);
+
+int PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes);
+STACK_OF(PKCS7) *PKCS12_unpack_authsafes(const PKCS12 *p12);
+
+int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name,
+ int namelen);
+int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name,
+ int namelen);
+int PKCS12_add_friendlyname_utf8(PKCS12_SAFEBAG *bag, const char *name,
+ int namelen);
+int PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name,
+ int namelen);
+int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag,
+ const unsigned char *name, int namelen);
+int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage);
+ASN1_TYPE *PKCS12_get_attr_gen(const STACK_OF(X509_ATTRIBUTE) *attrs,
+ int attr_nid);
+char *PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag);
+const STACK_OF(X509_ATTRIBUTE) *
+PKCS12_SAFEBAG_get0_attrs(const PKCS12_SAFEBAG *bag);
+unsigned char *PKCS12_pbe_crypt(const X509_ALGOR *algor,
+ const char *pass, int passlen,
+ const unsigned char *in, int inlen,
+ unsigned char **data, int *datalen,
+ int en_de);
+void *PKCS12_item_decrypt_d2i(const X509_ALGOR *algor, const ASN1_ITEM *it,
+ const char *pass, int passlen,
+ const ASN1_OCTET_STRING *oct, int zbuf);
+ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor,
+ const ASN1_ITEM *it,
+ const char *pass, int passlen,
+ void *obj, int zbuf);
+PKCS12 *PKCS12_init(int mode);
+int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
+ int saltlen, int id, int iter, int n,
+ unsigned char *out, const EVP_MD *md_type);
+int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
+ int saltlen, int id, int iter, int n,
+ unsigned char *out, const EVP_MD *md_type);
+int PKCS12_key_gen_utf8(const char *pass, int passlen, unsigned char *salt,
+ int saltlen, int id, int iter, int n,
+ unsigned char *out, const EVP_MD *md_type);
+int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
+ ASN1_TYPE *param, const EVP_CIPHER *cipher,
+ const EVP_MD *md_type, int en_de);
+int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
+ unsigned char *mac, unsigned int *maclen);
+int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen);
+int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen,
+ unsigned char *salt, int saltlen, int iter,
+ const EVP_MD *md_type);
+int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt,
+ int saltlen, const EVP_MD *md_type);
+unsigned char *OPENSSL_asc2uni(const char *asc, int asclen,
+ unsigned char **uni, int *unilen);
+char *OPENSSL_uni2asc(const unsigned char *uni, int unilen);
+unsigned char *OPENSSL_utf82uni(const char *asc, int asclen,
+ unsigned char **uni, int *unilen);
+char *OPENSSL_uni2utf8(const unsigned char *uni, int unilen);
+
+DECLARE_ASN1_FUNCTIONS(PKCS12)
+DECLARE_ASN1_FUNCTIONS(PKCS12_MAC_DATA)
+DECLARE_ASN1_FUNCTIONS(PKCS12_SAFEBAG)
+DECLARE_ASN1_FUNCTIONS(PKCS12_BAGS)
+
+DECLARE_ASN1_ITEM(PKCS12_SAFEBAGS)
+DECLARE_ASN1_ITEM(PKCS12_AUTHSAFES)
+
+void PKCS12_PBE_add(void);
+int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
+ STACK_OF(X509) **ca);
+PKCS12 *PKCS12_create(const char *pass, const char *name, EVP_PKEY *pkey,
+ X509 *cert, STACK_OF(X509) *ca, int nid_key, int nid_cert,
+ int iter, int mac_iter, int keytype);
+
+PKCS12_SAFEBAG *PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert);
+PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags,
+ EVP_PKEY *key, int key_usage, int iter,
+ int key_nid, const char *pass);
+int PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags,
+ int safe_nid, int iter, const char *pass);
+PKCS12 *PKCS12_add_safes(STACK_OF(PKCS7) *safes, int p7_nid);
+
+int i2d_PKCS12_bio(BIO *bp, const PKCS12 *p12);
+# ifndef OPENSSL_NO_STDIO
+int i2d_PKCS12_fp(FILE *fp, const PKCS12 *p12);
+# endif
+PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12);
+# ifndef OPENSSL_NO_STDIO
+PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12);
+# endif
+int PKCS12_newpass(PKCS12 *p12, const char *oldpass, const char *newpass);
+
+# ifdef __cplusplus
+}
+# endif
+#endif
diff --git a/openssl/include/openssl/pkcs12err.h b/openssl/include/openssl/pkcs12err.h new file mode 100644 index 00000000..18daf70a --- /dev/null +++ b/openssl/include/openssl/pkcs12err.h @@ -0,0 +1,84 @@ +/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_PKCS12ERR_H
+# define OPENSSL_PKCS12ERR_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+
+
+# ifdef __cplusplus
+extern "C"
+# endif
+int ERR_load_PKCS12_strings(void);
+
+/*
+ * PKCS12 function codes.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define PKCS12_F_OPENSSL_ASC2UNI 0
+# define PKCS12_F_OPENSSL_UNI2ASC 0
+# define PKCS12_F_OPENSSL_UNI2UTF8 0
+# define PKCS12_F_OPENSSL_UTF82UNI 0
+# define PKCS12_F_PKCS12_CREATE 0
+# define PKCS12_F_PKCS12_GEN_MAC 0
+# define PKCS12_F_PKCS12_INIT 0
+# define PKCS12_F_PKCS12_ITEM_DECRYPT_D2I 0
+# define PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT 0
+# define PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG 0
+# define PKCS12_F_PKCS12_KEY_GEN_ASC 0
+# define PKCS12_F_PKCS12_KEY_GEN_UNI 0
+# define PKCS12_F_PKCS12_KEY_GEN_UTF8 0
+# define PKCS12_F_PKCS12_NEWPASS 0
+# define PKCS12_F_PKCS12_PACK_P7DATA 0
+# define PKCS12_F_PKCS12_PACK_P7ENCDATA 0
+# define PKCS12_F_PKCS12_PARSE 0
+# define PKCS12_F_PKCS12_PBE_CRYPT 0
+# define PKCS12_F_PKCS12_PBE_KEYIVGEN 0
+# define PKCS12_F_PKCS12_SAFEBAG_CREATE0_P8INF 0
+# define PKCS12_F_PKCS12_SAFEBAG_CREATE0_PKCS8 0
+# define PKCS12_F_PKCS12_SAFEBAG_CREATE_PKCS8_ENCRYPT 0
+# define PKCS12_F_PKCS12_SETUP_MAC 0
+# define PKCS12_F_PKCS12_SET_MAC 0
+# define PKCS12_F_PKCS12_UNPACK_AUTHSAFES 0
+# define PKCS12_F_PKCS12_UNPACK_P7DATA 0
+# define PKCS12_F_PKCS12_VERIFY_MAC 0
+# define PKCS12_F_PKCS8_ENCRYPT 0
+# define PKCS12_F_PKCS8_SET0_PBE 0
+# endif
+
+/*
+ * PKCS12 reason codes.
+ */
+# define PKCS12_R_CANT_PACK_STRUCTURE 100
+# define PKCS12_R_CONTENT_TYPE_NOT_DATA 121
+# define PKCS12_R_DECODE_ERROR 101
+# define PKCS12_R_ENCODE_ERROR 102
+# define PKCS12_R_ENCRYPT_ERROR 103
+# define PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE 120
+# define PKCS12_R_INVALID_NULL_ARGUMENT 104
+# define PKCS12_R_INVALID_NULL_PKCS12_POINTER 105
+# define PKCS12_R_IV_GEN_ERROR 106
+# define PKCS12_R_KEY_GEN_ERROR 107
+# define PKCS12_R_MAC_ABSENT 108
+# define PKCS12_R_MAC_GENERATION_ERROR 109
+# define PKCS12_R_MAC_SETUP_ERROR 110
+# define PKCS12_R_MAC_STRING_SET_ERROR 111
+# define PKCS12_R_MAC_VERIFY_FAILURE 113
+# define PKCS12_R_PARSE_ERROR 114
+# define PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR 115
+# define PKCS12_R_PKCS12_CIPHERFINAL_ERROR 116
+# define PKCS12_R_PKCS12_PBE_CRYPT_ERROR 117
+# define PKCS12_R_UNKNOWN_DIGEST_ALGORITHM 118
+# define PKCS12_R_UNSUPPORTED_PKCS12_MODE 119
+
+#endif
diff --git a/openssl/include/openssl/pkcs7.h b/openssl/include/openssl/pkcs7.h new file mode 100644 index 00000000..05ec1f2a --- /dev/null +++ b/openssl/include/openssl/pkcs7.h @@ -0,0 +1,325 @@ +/*
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_PKCS7_H
+# define OPENSSL_PKCS7_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_PKCS7_H
+# endif
+
+# include <openssl/asn1.h>
+# include <openssl/bio.h>
+# include <openssl/e_os2.h>
+
+# include <openssl/symhacks.h>
+# include <openssl/types.h>
+# include <openssl/pkcs7err.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+
+/*-
+Encryption_ID DES-CBC
+Digest_ID MD5
+Digest_Encryption_ID rsaEncryption
+Key_Encryption_ID rsaEncryption
+*/
+
+typedef struct pkcs7_issuer_and_serial_st {
+ X509_NAME *issuer;
+ ASN1_INTEGER *serial;
+} PKCS7_ISSUER_AND_SERIAL;
+
+typedef struct pkcs7_signer_info_st {
+ ASN1_INTEGER *version; /* version 1 */
+ PKCS7_ISSUER_AND_SERIAL *issuer_and_serial;
+ X509_ALGOR *digest_alg;
+ STACK_OF(X509_ATTRIBUTE) *auth_attr; /* [ 0 ] */
+ X509_ALGOR *digest_enc_alg;
+ ASN1_OCTET_STRING *enc_digest;
+ STACK_OF(X509_ATTRIBUTE) *unauth_attr; /* [ 1 ] */
+ /* The private key to sign with */
+ EVP_PKEY *pkey;
+} PKCS7_SIGNER_INFO;
+DEFINE_OR_DECLARE_STACK_OF(PKCS7_SIGNER_INFO)
+
+typedef struct pkcs7_recip_info_st {
+ ASN1_INTEGER *version; /* version 0 */
+ PKCS7_ISSUER_AND_SERIAL *issuer_and_serial;
+ X509_ALGOR *key_enc_algor;
+ ASN1_OCTET_STRING *enc_key;
+ X509 *cert; /* get the pub-key from this */
+} PKCS7_RECIP_INFO;
+DEFINE_OR_DECLARE_STACK_OF(PKCS7_RECIP_INFO)
+
+
+typedef struct pkcs7_signed_st {
+ ASN1_INTEGER *version; /* version 1 */
+ STACK_OF(X509_ALGOR) *md_algs; /* md used */
+ STACK_OF(X509) *cert; /* [ 0 ] */
+ STACK_OF(X509_CRL) *crl; /* [ 1 ] */
+ STACK_OF(PKCS7_SIGNER_INFO) *signer_info;
+ struct pkcs7_st *contents;
+} PKCS7_SIGNED;
+/*
+ * The above structure is very very similar to PKCS7_SIGN_ENVELOPE. How about
+ * merging the two
+ */
+
+typedef struct pkcs7_enc_content_st {
+ ASN1_OBJECT *content_type;
+ X509_ALGOR *algorithm;
+ ASN1_OCTET_STRING *enc_data; /* [ 0 ] */
+ const EVP_CIPHER *cipher;
+} PKCS7_ENC_CONTENT;
+
+typedef struct pkcs7_enveloped_st {
+ ASN1_INTEGER *version; /* version 0 */
+ STACK_OF(PKCS7_RECIP_INFO) *recipientinfo;
+ PKCS7_ENC_CONTENT *enc_data;
+} PKCS7_ENVELOPE;
+
+typedef struct pkcs7_signedandenveloped_st {
+ ASN1_INTEGER *version; /* version 1 */
+ STACK_OF(X509_ALGOR) *md_algs; /* md used */
+ STACK_OF(X509) *cert; /* [ 0 ] */
+ STACK_OF(X509_CRL) *crl; /* [ 1 ] */
+ STACK_OF(PKCS7_SIGNER_INFO) *signer_info;
+ PKCS7_ENC_CONTENT *enc_data;
+ STACK_OF(PKCS7_RECIP_INFO) *recipientinfo;
+} PKCS7_SIGN_ENVELOPE;
+
+typedef struct pkcs7_digest_st {
+ ASN1_INTEGER *version; /* version 0 */
+ X509_ALGOR *md; /* md used */
+ struct pkcs7_st *contents;
+ ASN1_OCTET_STRING *digest;
+} PKCS7_DIGEST;
+
+typedef struct pkcs7_encrypted_st {
+ ASN1_INTEGER *version; /* version 0 */
+ PKCS7_ENC_CONTENT *enc_data;
+} PKCS7_ENCRYPT;
+
+typedef struct pkcs7_st {
+ /*
+ * The following is non NULL if it contains ASN1 encoding of this
+ * structure
+ */
+ unsigned char *asn1;
+ long length;
+# define PKCS7_S_HEADER 0
+# define PKCS7_S_BODY 1
+# define PKCS7_S_TAIL 2
+ int state; /* used during processing */
+ int detached;
+ ASN1_OBJECT *type;
+ /* content as defined by the type */
+ /*
+ * all encryption/message digests are applied to the 'contents', leaving
+ * out the 'type' field.
+ */
+ union {
+ char *ptr;
+ /* NID_pkcs7_data */
+ ASN1_OCTET_STRING *data;
+ /* NID_pkcs7_signed */
+ PKCS7_SIGNED *sign;
+ /* NID_pkcs7_enveloped */
+ PKCS7_ENVELOPE *enveloped;
+ /* NID_pkcs7_signedAndEnveloped */
+ PKCS7_SIGN_ENVELOPE *signed_and_enveloped;
+ /* NID_pkcs7_digest */
+ PKCS7_DIGEST *digest;
+ /* NID_pkcs7_encrypted */
+ PKCS7_ENCRYPT *encrypted;
+ /* Anything else */
+ ASN1_TYPE *other;
+ } d;
+} PKCS7;
+DEFINE_OR_DECLARE_STACK_OF(PKCS7)
+
+
+# define PKCS7_OP_SET_DETACHED_SIGNATURE 1
+# define PKCS7_OP_GET_DETACHED_SIGNATURE 2
+
+# define PKCS7_get_signed_attributes(si) ((si)->auth_attr)
+# define PKCS7_get_attributes(si) ((si)->unauth_attr)
+
+# define PKCS7_type_is_signed(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_signed)
+# define PKCS7_type_is_encrypted(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_encrypted)
+# define PKCS7_type_is_enveloped(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_enveloped)
+# define PKCS7_type_is_signedAndEnveloped(a) \
+ (OBJ_obj2nid((a)->type) == NID_pkcs7_signedAndEnveloped)
+# define PKCS7_type_is_data(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_data)
+# define PKCS7_type_is_digest(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_digest)
+
+# define PKCS7_set_detached(p,v) \
+ PKCS7_ctrl(p,PKCS7_OP_SET_DETACHED_SIGNATURE,v,NULL)
+# define PKCS7_get_detached(p) \
+ PKCS7_ctrl(p,PKCS7_OP_GET_DETACHED_SIGNATURE,0,NULL)
+
+# define PKCS7_is_detached(p7) (PKCS7_type_is_signed(p7) && PKCS7_get_detached(p7))
+
+/* S/MIME related flags */
+
+# define PKCS7_TEXT 0x1
+# define PKCS7_NOCERTS 0x2
+# define PKCS7_NOSIGS 0x4
+# define PKCS7_NOCHAIN 0x8
+# define PKCS7_NOINTERN 0x10
+# define PKCS7_NOVERIFY 0x20
+# define PKCS7_DETACHED 0x40
+# define PKCS7_BINARY 0x80
+# define PKCS7_NOATTR 0x100
+# define PKCS7_NOSMIMECAP 0x200
+# define PKCS7_NOOLDMIMETYPE 0x400
+# define PKCS7_CRLFEOL 0x800
+# define PKCS7_STREAM 0x1000
+# define PKCS7_NOCRL 0x2000
+# define PKCS7_PARTIAL 0x4000
+# define PKCS7_REUSE_DIGEST 0x8000
+# define PKCS7_NO_DUAL_CONTENT 0x10000
+
+/* Flags: for compatibility with older code */
+
+# define SMIME_TEXT PKCS7_TEXT
+# define SMIME_NOCERTS PKCS7_NOCERTS
+# define SMIME_NOSIGS PKCS7_NOSIGS
+# define SMIME_NOCHAIN PKCS7_NOCHAIN
+# define SMIME_NOINTERN PKCS7_NOINTERN
+# define SMIME_NOVERIFY PKCS7_NOVERIFY
+# define SMIME_DETACHED PKCS7_DETACHED
+# define SMIME_BINARY PKCS7_BINARY
+# define SMIME_NOATTR PKCS7_NOATTR
+
+/* CRLF ASCII canonicalisation */
+# define SMIME_ASCIICRLF 0x80000
+
+DECLARE_ASN1_FUNCTIONS(PKCS7_ISSUER_AND_SERIAL)
+
+int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,
+ const EVP_MD *type, unsigned char *md,
+ unsigned int *len);
+# ifndef OPENSSL_NO_STDIO
+PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7);
+int i2d_PKCS7_fp(FILE *fp, const PKCS7 *p7);
+# endif
+DECLARE_ASN1_DUP_FUNCTION(PKCS7)
+PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7);
+int i2d_PKCS7_bio(BIO *bp, const PKCS7 *p7);
+int i2d_PKCS7_bio_stream(BIO *out, PKCS7 *p7, BIO *in, int flags);
+int PEM_write_bio_PKCS7_stream(BIO *out, PKCS7 *p7, BIO *in, int flags);
+
+DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNER_INFO)
+DECLARE_ASN1_FUNCTIONS(PKCS7_RECIP_INFO)
+DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNED)
+DECLARE_ASN1_FUNCTIONS(PKCS7_ENC_CONTENT)
+DECLARE_ASN1_FUNCTIONS(PKCS7_ENVELOPE)
+DECLARE_ASN1_FUNCTIONS(PKCS7_SIGN_ENVELOPE)
+DECLARE_ASN1_FUNCTIONS(PKCS7_DIGEST)
+DECLARE_ASN1_FUNCTIONS(PKCS7_ENCRYPT)
+DECLARE_ASN1_FUNCTIONS(PKCS7)
+
+DECLARE_ASN1_ITEM(PKCS7_ATTR_SIGN)
+DECLARE_ASN1_ITEM(PKCS7_ATTR_VERIFY)
+
+DECLARE_ASN1_NDEF_FUNCTION(PKCS7)
+DECLARE_ASN1_PRINT_FUNCTION(PKCS7)
+
+long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg);
+
+int PKCS7_set_type(PKCS7 *p7, int type);
+int PKCS7_set0_type_other(PKCS7 *p7, int type, ASN1_TYPE *other);
+int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data);
+int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
+ const EVP_MD *dgst);
+int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si);
+int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i);
+int PKCS7_add_certificate(PKCS7 *p7, X509 *x509);
+int PKCS7_add_crl(PKCS7 *p7, X509_CRL *x509);
+int PKCS7_content_new(PKCS7 *p7, int nid);
+int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx,
+ BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si);
+int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
+ X509 *x509);
+
+BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio);
+int PKCS7_dataFinal(PKCS7 *p7, BIO *bio);
+BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert);
+
+PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509,
+ EVP_PKEY *pkey, const EVP_MD *dgst);
+X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si);
+int PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md);
+STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7);
+
+PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509);
+void PKCS7_SIGNER_INFO_get0_algs(PKCS7_SIGNER_INFO *si, EVP_PKEY **pk,
+ X509_ALGOR **pdig, X509_ALGOR **psig);
+void PKCS7_RECIP_INFO_get0_alg(PKCS7_RECIP_INFO *ri, X509_ALGOR **penc);
+int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri);
+int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509);
+int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher);
+int PKCS7_stream(unsigned char ***boundary, PKCS7 *p7);
+
+PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx);
+ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk);
+int PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int type,
+ void *data);
+int PKCS7_add_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,
+ void *value);
+ASN1_TYPE *PKCS7_get_attribute(PKCS7_SIGNER_INFO *si, int nid);
+ASN1_TYPE *PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO *si, int nid);
+int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si,
+ STACK_OF(X509_ATTRIBUTE) *sk);
+int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si,
+ STACK_OF(X509_ATTRIBUTE) *sk);
+
+PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
+ BIO *data, int flags);
+
+PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7,
+ X509 *signcert, EVP_PKEY *pkey,
+ const EVP_MD *md, int flags);
+
+int PKCS7_final(PKCS7 *p7, BIO *data, int flags);
+int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
+ BIO *indata, BIO *out, int flags);
+STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs,
+ int flags);
+PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher,
+ int flags);
+int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data,
+ int flags);
+
+int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si,
+ STACK_OF(X509_ALGOR) *cap);
+STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si);
+int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg);
+
+int PKCS7_add_attrib_content_type(PKCS7_SIGNER_INFO *si, ASN1_OBJECT *coid);
+int PKCS7_add0_attrib_signing_time(PKCS7_SIGNER_INFO *si, ASN1_TIME *t);
+int PKCS7_add1_attrib_digest(PKCS7_SIGNER_INFO *si,
+ const unsigned char *md, int mdlen);
+
+int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags);
+PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont);
+
+BIO *BIO_new_PKCS7(BIO *out, PKCS7 *p7);
+
+# ifdef __cplusplus
+}
+# endif
+#endif
diff --git a/openssl/include/openssl/pkcs7err.h b/openssl/include/openssl/pkcs7err.h new file mode 100644 index 00000000..d539beb1 --- /dev/null +++ b/openssl/include/openssl/pkcs7err.h @@ -0,0 +1,106 @@ +/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_PKCS7ERR_H
+# define OPENSSL_PKCS7ERR_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+
+
+# ifdef __cplusplus
+extern "C"
+# endif
+int ERR_load_PKCS7_strings(void);
+
+/*
+ * PKCS7 function codes.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define PKCS7_F_DO_PKCS7_SIGNED_ATTRIB 0
+# define PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME 0
+# define PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP 0
+# define PKCS7_F_PKCS7_ADD_CERTIFICATE 0
+# define PKCS7_F_PKCS7_ADD_CRL 0
+# define PKCS7_F_PKCS7_ADD_RECIPIENT_INFO 0
+# define PKCS7_F_PKCS7_ADD_SIGNATURE 0
+# define PKCS7_F_PKCS7_ADD_SIGNER 0
+# define PKCS7_F_PKCS7_BIO_ADD_DIGEST 0
+# define PKCS7_F_PKCS7_COPY_EXISTING_DIGEST 0
+# define PKCS7_F_PKCS7_CTRL 0
+# define PKCS7_F_PKCS7_DATADECODE 0
+# define PKCS7_F_PKCS7_DATAFINAL 0
+# define PKCS7_F_PKCS7_DATAINIT 0
+# define PKCS7_F_PKCS7_DATAVERIFY 0
+# define PKCS7_F_PKCS7_DECRYPT 0
+# define PKCS7_F_PKCS7_DECRYPT_RINFO 0
+# define PKCS7_F_PKCS7_ENCODE_RINFO 0
+# define PKCS7_F_PKCS7_ENCRYPT 0
+# define PKCS7_F_PKCS7_FINAL 0
+# define PKCS7_F_PKCS7_FIND_DIGEST 0
+# define PKCS7_F_PKCS7_GET0_SIGNERS 0
+# define PKCS7_F_PKCS7_RECIP_INFO_SET 0
+# define PKCS7_F_PKCS7_SET_CIPHER 0
+# define PKCS7_F_PKCS7_SET_CONTENT 0
+# define PKCS7_F_PKCS7_SET_DIGEST 0
+# define PKCS7_F_PKCS7_SET_TYPE 0
+# define PKCS7_F_PKCS7_SIGN 0
+# define PKCS7_F_PKCS7_SIGNATUREVERIFY 0
+# define PKCS7_F_PKCS7_SIGNER_INFO_SET 0
+# define PKCS7_F_PKCS7_SIGNER_INFO_SIGN 0
+# define PKCS7_F_PKCS7_SIGN_ADD_SIGNER 0
+# define PKCS7_F_PKCS7_SIMPLE_SMIMECAP 0
+# define PKCS7_F_PKCS7_VERIFY 0
+# endif
+
+/*
+ * PKCS7 reason codes.
+ */
+# define PKCS7_R_CERTIFICATE_VERIFY_ERROR 117
+# define PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 144
+# define PKCS7_R_CIPHER_NOT_INITIALIZED 116
+# define PKCS7_R_CONTENT_AND_DATA_PRESENT 118
+# define PKCS7_R_CTRL_ERROR 152
+# define PKCS7_R_DECRYPT_ERROR 119
+# define PKCS7_R_DIGEST_FAILURE 101
+# define PKCS7_R_ENCRYPTION_CTRL_FAILURE 149
+# define PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 150
+# define PKCS7_R_ERROR_ADDING_RECIPIENT 120
+# define PKCS7_R_ERROR_SETTING_CIPHER 121
+# define PKCS7_R_INVALID_NULL_POINTER 143
+# define PKCS7_R_INVALID_SIGNED_DATA_TYPE 155
+# define PKCS7_R_NO_CONTENT 122
+# define PKCS7_R_NO_DEFAULT_DIGEST 151
+# define PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND 154
+# define PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE 115
+# define PKCS7_R_NO_SIGNATURES_ON_DATA 123
+# define PKCS7_R_NO_SIGNERS 142
+# define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE 104
+# define PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR 124
+# define PKCS7_R_PKCS7_ADD_SIGNER_ERROR 153
+# define PKCS7_R_PKCS7_DATASIGN 145
+# define PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 127
+# define PKCS7_R_SIGNATURE_FAILURE 105
+# define PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND 128
+# define PKCS7_R_SIGNING_CTRL_FAILURE 147
+# define PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 148
+# define PKCS7_R_SMIME_TEXT_ERROR 129
+# define PKCS7_R_UNABLE_TO_FIND_CERTIFICATE 106
+# define PKCS7_R_UNABLE_TO_FIND_MEM_BIO 107
+# define PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST 108
+# define PKCS7_R_UNKNOWN_DIGEST_TYPE 109
+# define PKCS7_R_UNKNOWN_OPERATION 110
+# define PKCS7_R_UNSUPPORTED_CIPHER_TYPE 111
+# define PKCS7_R_UNSUPPORTED_CONTENT_TYPE 112
+# define PKCS7_R_WRONG_CONTENT_TYPE 113
+# define PKCS7_R_WRONG_PKCS7_TYPE 114
+
+#endif
diff --git a/openssl/include/openssl/provider.h b/openssl/include/openssl/provider.h new file mode 100644 index 00000000..e2edf410 --- /dev/null +++ b/openssl/include/openssl/provider.h @@ -0,0 +1,53 @@ +/*
+ * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_PROVIDER_H
+# define OPENSSL_PROVIDER_H
+
+# include <openssl/core.h>
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+/* Set the default provider search path */
+int OSSL_PROVIDER_set_default_search_path(OPENSSL_CTX *, const char *path);
+
+/* Load and unload a provider */
+OSSL_PROVIDER *OSSL_PROVIDER_load(OPENSSL_CTX *, const char *name);
+int OSSL_PROVIDER_unload(OSSL_PROVIDER *prov);
+int OSSL_PROVIDER_available(OPENSSL_CTX *, const char *name);
+int OSSL_PROVIDER_do_all(OPENSSL_CTX *ctx,
+ int (*cb)(OSSL_PROVIDER *provider, void *cbdata),
+ void *cbdata);
+
+const OSSL_PARAM *OSSL_PROVIDER_gettable_params(const OSSL_PROVIDER *prov);
+int OSSL_PROVIDER_get_params(const OSSL_PROVIDER *prov, OSSL_PARAM params[]);
+int OSSL_PROVIDER_get_capabilities(const OSSL_PROVIDER *prov,
+ const char *capability,
+ OSSL_CALLBACK *cb,
+ void *arg);
+
+const OSSL_ALGORITHM *OSSL_PROVIDER_query_operation(const OSSL_PROVIDER *prov,
+ int operation_id,
+ int *no_cache);
+void *OSSL_PROVIDER_get0_provider_ctx(const OSSL_PROVIDER *prov);
+
+/* Add a built in providers */
+int OSSL_PROVIDER_add_builtin(OPENSSL_CTX *, const char *name,
+ OSSL_provider_init_fn *init_fn);
+
+/* Information */
+const char *OSSL_PROVIDER_name(const OSSL_PROVIDER *prov);
+
+# ifdef __cplusplus
+}
+# endif
+
+#endif
diff --git a/openssl/include/openssl/rand.h b/openssl/include/openssl/rand.h new file mode 100644 index 00000000..a7eb9019 --- /dev/null +++ b/openssl/include/openssl/rand.h @@ -0,0 +1,89 @@ +/*
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_RAND_H
+# define OPENSSL_RAND_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_RAND_H
+# endif
+
+# include <stdlib.h>
+# include <openssl/types.h>
+# include <openssl/e_os2.h>
+# include <openssl/randerr.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct rand_meth_st {
+ int (*seed) (const void *buf, int num);
+ int (*bytes) (unsigned char *buf, int num);
+ void (*cleanup) (void);
+ int (*add) (const void *buf, int num, double randomness);
+ int (*pseudorand) (unsigned char *buf, int num);
+ int (*status) (void);
+};
+
+int RAND_set_rand_method(const RAND_METHOD *meth);
+const RAND_METHOD *RAND_get_rand_method(void);
+# ifndef OPENSSL_NO_ENGINE
+int RAND_set_rand_engine(ENGINE *engine);
+# endif
+
+RAND_METHOD *RAND_OpenSSL(void);
+
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# define RAND_cleanup() while(0) continue
+# endif
+int RAND_bytes(unsigned char *buf, int num);
+int RAND_priv_bytes(unsigned char *buf, int num);
+
+/* Equivalent of RAND_priv_bytes() but additionally taking an OPENSSL_CTX */
+int RAND_priv_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num);
+
+/* Equivalent of RAND_bytes() but additionally taking an OPENSSL_CTX */
+int RAND_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num);
+
+DEPRECATEDIN_1_1_0(int RAND_pseudo_bytes(unsigned char *buf, int num))
+
+void RAND_seed(const void *buf, int num);
+void RAND_keep_random_devices_open(int keep);
+
+# if defined(__ANDROID__) && defined(__NDK_FPABI__)
+__NDK_FPABI__ /* __attribute__((pcs("aapcs"))) on ARM */
+# endif
+void RAND_add(const void *buf, int num, double randomness);
+int RAND_load_file(const char *file, long max_bytes);
+int RAND_write_file(const char *file);
+const char *RAND_file_name(char *file, size_t num);
+int RAND_status(void);
+
+# ifndef OPENSSL_NO_EGD
+int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes);
+int RAND_egd(const char *path);
+int RAND_egd_bytes(const char *path, int bytes);
+# endif
+
+int RAND_poll(void);
+
+# if defined(_WIN32) && (defined(BASETYPES) || defined(_WINDEF_H))
+/* application has to include <windows.h> in order to use these */
+DEPRECATEDIN_1_1_0(void RAND_screen(void))
+DEPRECATEDIN_1_1_0(int RAND_event(UINT, WPARAM, LPARAM))
+# endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/openssl/include/openssl/rand_drbg.h b/openssl/include/openssl/rand_drbg.h new file mode 100644 index 00000000..3b09dcef --- /dev/null +++ b/openssl/include/openssl/rand_drbg.h @@ -0,0 +1,161 @@ +/*
+ * Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_RAND_DRBG_H
+# define OPENSSL_RAND_DRBG_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_DRBG_RAND_H
+# endif
+
+# include <time.h>
+# include <openssl/types.h>
+# include <openssl/obj_mac.h>
+
+/*
+ * RAND_DRBG flags
+ *
+ * Note: if new flags are added, the constant `rand_drbg_used_flags`
+ * in drbg_lib.c needs to be updated accordingly.
+ */
+
+/* In CTR mode, disable derivation function ctr_df */
+# define RAND_DRBG_FLAG_CTR_NO_DF 0x1
+/*
+ * This flag is only used when a digest NID is specified (i.e: not a CTR cipher)
+ * Selects DRBG_HMAC if this is set otherwise use DRBG_HASH.
+ */
+# define RAND_DRBG_FLAG_HMAC 0x2
+
+/* Used by RAND_DRBG_set_defaults() to set the master DRBG type and flags. */
+# define RAND_DRBG_FLAG_MASTER 0x4
+/* Used by RAND_DRBG_set_defaults() to set the public DRBG type and flags. */
+# define RAND_DRBG_FLAG_PUBLIC 0x8
+/* Used by RAND_DRBG_set_defaults() to set the private DRBG type and flags. */
+# define RAND_DRBG_FLAG_PRIVATE 0x10
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+/* This #define was replaced by an internal constant and should not be used. */
+# define RAND_DRBG_USED_FLAGS (RAND_DRBG_FLAG_CTR_NO_DF)
+# endif
+
+/*
+ * Default security strength (in the sense of [NIST SP 800-90Ar1])
+ *
+ * NIST SP 800-90Ar1 supports the strength of the DRBG being smaller than that
+ * of the cipher by collecting less entropy. The current DRBG implementation
+ * does not take RAND_DRBG_STRENGTH into account and sets the strength of the
+ * DRBG to that of the cipher.
+ *
+ * RAND_DRBG_STRENGTH is currently only used for the legacy RAND
+ * implementation.
+ *
+ * Currently supported ciphers are: NID_aes_128_ctr, NID_aes_192_ctr and
+ * NID_aes_256_ctr.
+ * The digest types for DRBG_hash or DRBG_hmac are: NID_sha1, NID_sha224,
+ * NID_sha256, NID_sha384, NID_sha512, NID_sha512_224, NID_sha512_256,
+ * NID_sha3_224, NID_sha3_256, NID_sha3_384 and NID_sha3_512.
+ */
+# define RAND_DRBG_STRENGTH 256
+/* Default drbg type */
+# define RAND_DRBG_TYPE NID_aes_256_ctr
+/* Default drbg flags */
+# define RAND_DRBG_FLAGS 0
+
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+/*
+ * Object lifetime functions.
+ */
+RAND_DRBG *RAND_DRBG_new_ex(OPENSSL_CTX *ctx, int type, unsigned int flags,
+ RAND_DRBG *parent);
+RAND_DRBG *RAND_DRBG_new(int type, unsigned int flags, RAND_DRBG *parent);
+DEPRECATEDIN_3_0(int RAND_DRBG_set(RAND_DRBG *drbg, int type,
+ unsigned int flags))
+int RAND_DRBG_set_defaults(int type, unsigned int flags);
+int RAND_DRBG_instantiate(RAND_DRBG *drbg,
+ const unsigned char *pers, size_t perslen);
+int RAND_DRBG_uninstantiate(RAND_DRBG *drbg);
+void RAND_DRBG_free(RAND_DRBG *drbg);
+
+/*
+ * Object "use" functions.
+ */
+int RAND_DRBG_reseed(RAND_DRBG *drbg,
+ const unsigned char *adin, size_t adinlen,
+ int prediction_resistance);
+int RAND_DRBG_generate(RAND_DRBG *drbg, unsigned char *out, size_t outlen,
+ int prediction_resistance,
+ const unsigned char *adin, size_t adinlen);
+int RAND_DRBG_bytes(RAND_DRBG *drbg, unsigned char *out, size_t outlen);
+
+int RAND_DRBG_set_reseed_interval(RAND_DRBG *drbg, unsigned int interval);
+int RAND_DRBG_set_reseed_time_interval(RAND_DRBG *drbg, time_t interval);
+
+int RAND_DRBG_set_reseed_defaults(
+ unsigned int master_reseed_interval,
+ unsigned int slave_reseed_interval,
+ time_t master_reseed_time_interval,
+ time_t slave_reseed_time_interval
+ );
+
+RAND_DRBG *OPENSSL_CTX_get0_master_drbg(OPENSSL_CTX *ctx);
+RAND_DRBG *OPENSSL_CTX_get0_public_drbg(OPENSSL_CTX *ctx);
+RAND_DRBG *OPENSSL_CTX_get0_private_drbg(OPENSSL_CTX *ctx);
+RAND_DRBG *RAND_DRBG_get0_master(void);
+RAND_DRBG *RAND_DRBG_get0_public(void);
+RAND_DRBG *RAND_DRBG_get0_private(void);
+
+/*
+ * EXDATA
+ */
+# define RAND_DRBG_get_ex_new_index(l, p, newf, dupf, freef) \
+ CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_RAND_DRBG, l, p, newf, dupf, freef)
+int RAND_DRBG_set_ex_data(RAND_DRBG *drbg, int idx, void *arg);
+void *RAND_DRBG_get_ex_data(const RAND_DRBG *drbg, int idx);
+
+/*
+ * Callback function typedefs
+ */
+typedef size_t (*RAND_DRBG_get_entropy_fn)(RAND_DRBG *drbg,
+ unsigned char **pout,
+ int entropy, size_t min_len,
+ size_t max_len,
+ int prediction_resistance);
+typedef void (*RAND_DRBG_cleanup_entropy_fn)(RAND_DRBG *ctx,
+ unsigned char *out, size_t outlen);
+typedef size_t (*RAND_DRBG_get_nonce_fn)(RAND_DRBG *drbg, unsigned char **pout,
+ int entropy, size_t min_len,
+ size_t max_len);
+typedef void (*RAND_DRBG_cleanup_nonce_fn)(RAND_DRBG *drbg,
+ unsigned char *out, size_t outlen);
+
+int RAND_DRBG_set_callbacks(RAND_DRBG *drbg,
+ RAND_DRBG_get_entropy_fn get_entropy,
+ RAND_DRBG_cleanup_entropy_fn cleanup_entropy,
+ RAND_DRBG_get_nonce_fn get_nonce,
+ RAND_DRBG_cleanup_nonce_fn cleanup_nonce);
+
+
+int RAND_DRBG_set_callback_data(RAND_DRBG *drbg, void *data);
+
+void *RAND_DRBG_get_callback_data(RAND_DRBG *drbg);
+
+int RAND_DRBG_verify_zeroization(RAND_DRBG *drbg);
+
+# ifdef __cplusplus
+}
+# endif
+
+#endif
diff --git a/openssl/include/openssl/randerr.h b/openssl/include/openssl/randerr.h new file mode 100644 index 00000000..26179b23 --- /dev/null +++ b/openssl/include/openssl/randerr.h @@ -0,0 +1,108 @@ +/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_RANDERR_H
+# define OPENSSL_RANDERR_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+
+
+# ifdef __cplusplus
+extern "C"
+# endif
+int ERR_load_RAND_strings(void);
+
+/*
+ * RAND function codes.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define RAND_F_DRBG_BYTES 0
+# define RAND_F_DRBG_CTR_INIT 0
+# define RAND_F_DRBG_GET_ENTROPY 0
+# define RAND_F_DRBG_SETUP 0
+# define RAND_F_GET_ENTROPY 0
+# define RAND_F_RAND_BYTES 0
+# define RAND_F_RAND_BYTES_EX 0
+# define RAND_F_RAND_DRBG_ENABLE_LOCKING 0
+# define RAND_F_RAND_DRBG_GENERATE 0
+# define RAND_F_RAND_DRBG_GET_ENTROPY 0
+# define RAND_F_RAND_DRBG_GET_NONCE 0
+# define RAND_F_RAND_DRBG_INIT_METHOD 0
+# define RAND_F_RAND_DRBG_INSTANTIATE 0
+# define RAND_F_RAND_DRBG_NEW 0
+# define RAND_F_RAND_DRBG_RESEED 0
+# define RAND_F_RAND_DRBG_RESTART 0
+# define RAND_F_RAND_DRBG_SET 0
+# define RAND_F_RAND_DRBG_SET_DEFAULTS 0
+# define RAND_F_RAND_DRBG_UNINSTANTIATE 0
+# define RAND_F_RAND_LOAD_FILE 0
+# define RAND_F_RAND_POOL_ACQUIRE_ENTROPY 0
+# define RAND_F_RAND_POOL_ADD 0
+# define RAND_F_RAND_POOL_ADD_BEGIN 0
+# define RAND_F_RAND_POOL_ADD_END 0
+# define RAND_F_RAND_POOL_ATTACH 0
+# define RAND_F_RAND_POOL_BYTES_NEEDED 0
+# define RAND_F_RAND_POOL_GROW 0
+# define RAND_F_RAND_POOL_NEW 0
+# define RAND_F_RAND_PRIV_BYTES_EX 0
+# define RAND_F_RAND_PSEUDO_BYTES 0
+# define RAND_F_RAND_WRITE_FILE 0
+# endif
+
+/*
+ * RAND reason codes.
+ */
+# define RAND_R_ADDITIONAL_INPUT_TOO_LONG 102
+# define RAND_R_ALREADY_INSTANTIATED 103
+# define RAND_R_ARGUMENT_OUT_OF_RANGE 105
+# define RAND_R_CANNOT_OPEN_FILE 121
+# define RAND_R_DERIVATION_FUNCTION_MANDATORY_FOR_FIPS 137
+# define RAND_R_DRBG_ALREADY_INITIALIZED 129
+# define RAND_R_DRBG_NOT_INITIALISED 104
+# define RAND_R_ENTROPY_INPUT_TOO_LONG 106
+# define RAND_R_ENTROPY_OUT_OF_RANGE 124
+# define RAND_R_ERROR_ENTROPY_POOL_WAS_IGNORED 127
+# define RAND_R_ERROR_INITIALISING_DRBG 107
+# define RAND_R_ERROR_INSTANTIATING_DRBG 108
+# define RAND_R_ERROR_RETRIEVING_ADDITIONAL_INPUT 109
+# define RAND_R_ERROR_RETRIEVING_ENTROPY 110
+# define RAND_R_ERROR_RETRIEVING_NONCE 111
+# define RAND_R_FAILED_TO_CREATE_LOCK 126
+# define RAND_R_FUNC_NOT_IMPLEMENTED 101
+# define RAND_R_FWRITE_ERROR 123
+# define RAND_R_GENERATE_ERROR 112
+# define RAND_R_INSUFFICIENT_DRBG_STRENGTH 139
+# define RAND_R_INTERNAL_ERROR 113
+# define RAND_R_IN_ERROR_STATE 114
+# define RAND_R_NOT_A_REGULAR_FILE 122
+# define RAND_R_NOT_INSTANTIATED 115
+# define RAND_R_NO_DRBG_IMPLEMENTATION_SELECTED 128
+# define RAND_R_PARENT_LOCKING_NOT_ENABLED 130
+# define RAND_R_PARENT_STRENGTH_TOO_WEAK 131
+# define RAND_R_PERSONALISATION_STRING_TOO_LONG 116
+# define RAND_R_PREDICTION_RESISTANCE_NOT_SUPPORTED 133
+# define RAND_R_PRNG_NOT_SEEDED 100
+# define RAND_R_RANDOM_POOL_OVERFLOW 125
+# define RAND_R_RANDOM_POOL_UNDERFLOW 134
+# define RAND_R_REQUEST_TOO_LARGE_FOR_DRBG 117
+# define RAND_R_RESEED_ERROR 118
+# define RAND_R_SELFTEST_FAILURE 119
+# define RAND_R_TOO_LITTLE_NONCE_REQUESTED 135
+# define RAND_R_TOO_MUCH_NONCE_REQUESTED 136
+# define RAND_R_UNABLE_TO_GET_PARENT_RESEED_PROP_COUNTER 141
+# define RAND_R_UNABLE_TO_GET_PARENT_STRENGTH 138
+# define RAND_R_UNABLE_TO_GET_RESEED_PROP_CTR 142
+# define RAND_R_UNABLE_TO_LOCK_PARENT 140
+# define RAND_R_UNSUPPORTED_DRBG_FLAGS 132
+# define RAND_R_UNSUPPORTED_DRBG_TYPE 120
+
+#endif
diff --git a/openssl/include/openssl/rc2.h b/openssl/include/openssl/rc2.h new file mode 100644 index 00000000..37d05c8f --- /dev/null +++ b/openssl/include/openssl/rc2.h @@ -0,0 +1,64 @@ +/*
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_RC2_H
+# define OPENSSL_RC2_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_RC2_H
+# endif
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_RC2
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+# define RC2_BLOCK 8
+# define RC2_KEY_LENGTH 16
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+typedef unsigned int RC2_INT;
+
+# define RC2_ENCRYPT 1
+# define RC2_DECRYPT 0
+
+typedef struct rc2_key_st {
+ RC2_INT data[64];
+} RC2_KEY;
+# endif
+
+DEPRECATEDIN_3_0(void RC2_set_key(RC2_KEY *key, int len,
+ const unsigned char *data, int bits))
+DEPRECATEDIN_3_0(void RC2_ecb_encrypt(const unsigned char *in,
+ unsigned char *out, RC2_KEY *key,
+ int enc))
+DEPRECATEDIN_3_0(void RC2_encrypt(unsigned long *data, RC2_KEY *key))
+DEPRECATEDIN_3_0(void RC2_decrypt(unsigned long *data, RC2_KEY *key))
+DEPRECATEDIN_3_0(void RC2_cbc_encrypt(const unsigned char *in,
+ unsigned char *out, long length,
+ RC2_KEY *ks, unsigned char *iv, int enc))
+DEPRECATEDIN_3_0(void RC2_cfb64_encrypt(const unsigned char *in,
+ unsigned char *out, long length,
+ RC2_KEY *schedule, unsigned char *ivec,
+ int *num, int enc))
+DEPRECATEDIN_3_0(void RC2_ofb64_encrypt(const unsigned char *in,
+ unsigned char *out, long length,
+ RC2_KEY *schedule, unsigned char *ivec,
+ int *num))
+
+# ifdef __cplusplus
+}
+# endif
+# endif
+
+#endif
diff --git a/openssl/include/openssl/rc4.h b/openssl/include/openssl/rc4.h new file mode 100644 index 00000000..3a2e1ca0 --- /dev/null +++ b/openssl/include/openssl/rc4.h @@ -0,0 +1,45 @@ +/*
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_RC4_H
+# define OPENSSL_RC4_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_RC4_H
+# endif
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_RC4
+# include <stddef.h>
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+typedef struct rc4_key_st {
+ RC4_INT x, y;
+ RC4_INT data[256];
+} RC4_KEY;
+# endif
+
+DEPRECATEDIN_3_0(const char *RC4_options(void))
+DEPRECATEDIN_3_0(void RC4_set_key(RC4_KEY *key, int len,
+ const unsigned char *data))
+DEPRECATEDIN_3_0(void RC4(RC4_KEY *key, size_t len, const unsigned char *indata,
+ unsigned char *outdata))
+
+# ifdef __cplusplus
+}
+# endif
+# endif
+
+#endif
diff --git a/openssl/include/openssl/rc5.h b/openssl/include/openssl/rc5.h new file mode 100644 index 00000000..28afabe4 --- /dev/null +++ b/openssl/include/openssl/rc5.h @@ -0,0 +1,76 @@ +/*
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_RC5_H
+# define OPENSSL_RC5_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_RC5_H
+# endif
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_RC5
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+# define RC5_32_BLOCK 8
+# define RC5_32_KEY_LENGTH 16/* This is a default, max is 255 */
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define RC5_ENCRYPT 1
+# define RC5_DECRYPT 0
+
+# define RC5_32_INT unsigned int
+
+/*
+ * This are the only values supported. Tweak the code if you want more The
+ * most supported modes will be RC5-32/12/16 RC5-32/16/8
+ */
+# define RC5_8_ROUNDS 8
+# define RC5_12_ROUNDS 12
+# define RC5_16_ROUNDS 16
+
+typedef struct rc5_key_st {
+ /* Number of rounds */
+ int rounds;
+ RC5_32_INT data[2 * (RC5_16_ROUNDS + 1)];
+} RC5_32_KEY;
+# endif
+
+DEPRECATEDIN_3_0(int RC5_32_set_key(RC5_32_KEY *key, int len,
+ const unsigned char *data, int rounds))
+DEPRECATEDIN_3_0(void RC5_32_ecb_encrypt(const unsigned char *in,
+ unsigned char *out, RC5_32_KEY *key,
+ int enc))
+DEPRECATEDIN_3_0(void RC5_32_encrypt(unsigned long *data, RC5_32_KEY *key))
+DEPRECATEDIN_3_0(void RC5_32_decrypt(unsigned long *data, RC5_32_KEY *key))
+DEPRECATEDIN_3_0(void RC5_32_cbc_encrypt(const unsigned char *in,
+ unsigned char *out, long length,
+ RC5_32_KEY *ks, unsigned char *iv,
+ int enc))
+DEPRECATEDIN_3_0(void RC5_32_cfb64_encrypt(const unsigned char *in,
+ unsigned char *out, long length,
+ RC5_32_KEY *schedule,
+ unsigned char *ivec, int *num,
+ int enc))
+DEPRECATEDIN_3_0(void RC5_32_ofb64_encrypt(const unsigned char *in,
+ unsigned char *out, long length,
+ RC5_32_KEY *schedule,
+ unsigned char *ivec, int *num))
+
+# ifdef __cplusplus
+}
+# endif
+# endif
+
+#endif
diff --git a/openssl/include/openssl/ripemd.h b/openssl/include/openssl/ripemd.h new file mode 100644 index 00000000..af9c2b4f --- /dev/null +++ b/openssl/include/openssl/ripemd.h @@ -0,0 +1,58 @@ +/*
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_RIPEMD_H
+# define OPENSSL_RIPEMD_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_RIPEMD_H
+# endif
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_RMD160
+# include <openssl/e_os2.h>
+# include <stddef.h>
+
+# define RIPEMD160_DIGEST_LENGTH 20
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+# if !defined(OPENSSL_NO_DEPRECATED_3_0)
+
+# define RIPEMD160_LONG unsigned int
+
+# define RIPEMD160_CBLOCK 64
+# define RIPEMD160_LBLOCK (RIPEMD160_CBLOCK/4)
+
+typedef struct RIPEMD160state_st {
+ RIPEMD160_LONG A, B, C, D, E;
+ RIPEMD160_LONG Nl, Nh;
+ RIPEMD160_LONG data[RIPEMD160_LBLOCK];
+ unsigned int num;
+} RIPEMD160_CTX;
+# endif
+
+DEPRECATEDIN_3_0(int RIPEMD160_Init(RIPEMD160_CTX *c))
+DEPRECATEDIN_3_0(int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data,
+ size_t len))
+DEPRECATEDIN_3_0(int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c))
+DEPRECATEDIN_3_0(unsigned char *RIPEMD160(const unsigned char *d, size_t n,
+ unsigned char *md))
+DEPRECATEDIN_3_0(void RIPEMD160_Transform(RIPEMD160_CTX *c,
+ const unsigned char *b))
+
+# ifdef __cplusplus
+}
+# endif
+# endif
+#endif
diff --git a/openssl/include/openssl/rsa.h b/openssl/include/openssl/rsa.h new file mode 100644 index 00000000..0899f324 --- /dev/null +++ b/openssl/include/openssl/rsa.h @@ -0,0 +1,561 @@ +/*
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_RSA_H
+# define OPENSSL_RSA_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_RSA_H
+# endif
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_RSA
+# include <openssl/asn1.h>
+# include <openssl/bio.h>
+# include <openssl/crypto.h>
+# include <openssl/types.h>
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# include <openssl/bn.h>
+# endif
+# include <openssl/rsaerr.h>
+# include <openssl/safestack.h>
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+# ifndef OPENSSL_RSA_MAX_MODULUS_BITS
+# define OPENSSL_RSA_MAX_MODULUS_BITS 16384
+# endif
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+/* The types RSA and RSA_METHOD are defined in ossl_typ.h */
+
+# define OPENSSL_RSA_FIPS_MIN_MODULUS_BITS 2048
+
+# ifndef OPENSSL_RSA_SMALL_MODULUS_BITS
+# define OPENSSL_RSA_SMALL_MODULUS_BITS 3072
+# endif
+
+/* exponent limit enforced for "large" modulus only */
+# ifndef OPENSSL_RSA_MAX_PUBEXP_BITS
+# define OPENSSL_RSA_MAX_PUBEXP_BITS 64
+# endif
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
+
+# define RSA_3 0x3L
+# define RSA_F4 0x10001L
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+/* based on RFC 8017 appendix A.1.2 */
+# define RSA_ASN1_VERSION_DEFAULT 0
+# define RSA_ASN1_VERSION_MULTI 1
+
+# define RSA_DEFAULT_PRIME_NUM 2
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
+
+/* Don't check pub/private match */
+/* TODO(3.0): deprecate this? It is exposed for sls/t1_lib.c's use */
+# define RSA_METHOD_FLAG_NO_CHECK 0x0001
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define RSA_FLAG_CACHE_PUBLIC 0x0002
+# define RSA_FLAG_CACHE_PRIVATE 0x0004
+# define RSA_FLAG_BLINDING 0x0008
+# define RSA_FLAG_THREAD_SAFE 0x0010
+/*
+ * This flag means the private key operations will be handled by rsa_mod_exp
+ * and that they do not depend on the private key components being present:
+ * for example a key stored in external hardware. Without this flag
+ * bn_mod_exp gets called when private key components are absent.
+ */
+# define RSA_FLAG_EXT_PKEY 0x0020
+
+/*
+ * new with 0.9.6j and 0.9.7b; the built-in
+ * RSA implementation now uses blinding by
+ * default (ignoring RSA_FLAG_BLINDING),
+ * but other engines might not need it
+ */
+# define RSA_FLAG_NO_BLINDING 0x0080
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
+/*
+ * Does nothing. Previously this switched off constant time behaviour.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# define RSA_FLAG_NO_CONSTTIME 0x0000
+# endif
+/* deprecated name for the flag*/
+/*
+ * new with 0.9.7h; the built-in RSA
+ * implementation now uses constant time
+ * modular exponentiation for secret exponents
+ * by default. This flag causes the
+ * faster variable sliding window method to
+ * be used for all exponents.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_0_9_8
+# define RSA_FLAG_NO_EXP_CONSTTIME RSA_FLAG_NO_CONSTTIME
+# endif
+
+/*-
+ * New with 3.0: use part of the flags to denote exact type of RSA key,
+ * some of which are limited to specific signature and encryption schemes.
+ * These different types share the same RSA structure, but indicate the
+ * use of certain fields in that structure.
+ * Currently known are:
+ * RSA - this is the "normal" unlimited RSA structure (typenum 0)
+ * RSASSA-PSS - indicates that the PSS parameters are used.
+ * RSAES-OAEP - no specific field used for the moment, but OAEP padding
+ * is expected. (currently unused)
+ *
+ * 4 bits allow for 16 types
+ */
+# define RSA_FLAG_TYPE_MASK 0xF000
+# define RSA_FLAG_TYPE_RSA 0x0000
+# define RSA_FLAG_TYPE_RSASSAPSS 0x1000
+# define RSA_FLAG_TYPE_RSAESOAEP 0x2000
+
+int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad_mode);
+int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad_mode);
+
+int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int saltlen);
+int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *saltlen);
+
+int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int bits);
+int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
+int EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen(EVP_PKEY_CTX *ctx, int saltlen);
+
+/* Salt length matches digest */
+# define RSA_PSS_SALTLEN_DIGEST -1
+/* Verify only: auto detect salt length */
+# define RSA_PSS_SALTLEN_AUTO -2
+/* Set salt length to maximum possible */
+# define RSA_PSS_SALTLEN_MAX -3
+/* Old compatible max salt length for sign only */
+# define RSA_PSS_SALTLEN_MAX_SIGN -2
+
+int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+int EVP_PKEY_CTX_set_rsa_mgf1_md_name(EVP_PKEY_CTX *ctx, const char *mdname,
+ const char *mdprops);
+int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+int EVP_PKEY_CTX_get_rsa_mgf1_md_name(EVP_PKEY_CTX *ctx, char *name,
+ size_t namelen);
+int EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+int EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md_name(EVP_PKEY_CTX *ctx,
+ const char *mdname);
+
+int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+int EVP_PKEY_CTX_set_rsa_oaep_md_name(EVP_PKEY_CTX *ctx, const char *mdname,
+ const char *mdprops);
+int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+int EVP_PKEY_CTX_get_rsa_oaep_md_name(EVP_PKEY_CTX *ctx, char *name,
+ size_t namelen);
+int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, void *label, int llen);
+int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
+
+# define EVP_PKEY_CTX_set_rsa_pss_keygen_md(ctx, md) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA_PSS, \
+ EVP_PKEY_OP_KEYGEN, EVP_PKEY_CTRL_MD, \
+ 0, (void *)(md))
+
+
+# define EVP_PKEY_CTRL_RSA_PADDING (EVP_PKEY_ALG_CTRL + 1)
+# define EVP_PKEY_CTRL_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 2)
+
+# define EVP_PKEY_CTRL_RSA_KEYGEN_BITS (EVP_PKEY_ALG_CTRL + 3)
+# define EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP (EVP_PKEY_ALG_CTRL + 4)
+# define EVP_PKEY_CTRL_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 5)
+
+# define EVP_PKEY_CTRL_GET_RSA_PADDING (EVP_PKEY_ALG_CTRL + 6)
+# define EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 7)
+# define EVP_PKEY_CTRL_GET_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 8)
+
+# define EVP_PKEY_CTRL_RSA_OAEP_MD (EVP_PKEY_ALG_CTRL + 9)
+# define EVP_PKEY_CTRL_RSA_OAEP_LABEL (EVP_PKEY_ALG_CTRL + 10)
+
+# define EVP_PKEY_CTRL_GET_RSA_OAEP_MD (EVP_PKEY_ALG_CTRL + 11)
+# define EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL (EVP_PKEY_ALG_CTRL + 12)
+
+# define EVP_PKEY_CTRL_RSA_KEYGEN_PRIMES (EVP_PKEY_ALG_CTRL + 13)
+
+# define RSA_PKCS1_PADDING 1
+# define RSA_SSLV23_PADDING 2
+# define RSA_NO_PADDING 3
+# define RSA_PKCS1_OAEP_PADDING 4
+# define RSA_X931_PADDING 5
+
+/* EVP_PKEY_ only */
+# define RSA_PKCS1_PSS_PADDING 6
+# define RSA_PKCS1_WITH_TLS_PADDING 7
+
+# define RSA_PKCS1_PADDING_SIZE 11
+
+# define RSA_set_app_data(s,arg) RSA_set_ex_data(s,0,arg)
+# define RSA_get_app_data(s) RSA_get_ex_data(s,0)
+
+RSA *RSA_new(void);
+DEPRECATEDIN_3_0(RSA *RSA_new_method(ENGINE *engine))
+int RSA_bits(const RSA *rsa);
+DEPRECATEDIN_3_0(int RSA_size(const RSA *rsa))
+DEPRECATEDIN_3_0(int RSA_security_bits(const RSA *rsa))
+
+int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
+int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
+int RSA_set0_crt_params(RSA *r,BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp);
+int RSA_set0_multi_prime_params(RSA *r, BIGNUM *primes[], BIGNUM *exps[],
+ BIGNUM *coeffs[], int pnum);
+void RSA_get0_key(const RSA *r,
+ const BIGNUM **n, const BIGNUM **e, const BIGNUM **d);
+void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q);
+int RSA_get_multi_prime_extra_count(const RSA *r);
+int RSA_get0_multi_prime_factors(const RSA *r, const BIGNUM *primes[]);
+void RSA_get0_crt_params(const RSA *r,
+ const BIGNUM **dmp1, const BIGNUM **dmq1,
+ const BIGNUM **iqmp);
+int RSA_get0_multi_prime_crt_params(const RSA *r, const BIGNUM *exps[],
+ const BIGNUM *coeffs[]);
+const BIGNUM *RSA_get0_n(const RSA *d);
+const BIGNUM *RSA_get0_e(const RSA *d);
+const BIGNUM *RSA_get0_d(const RSA *d);
+const BIGNUM *RSA_get0_p(const RSA *d);
+const BIGNUM *RSA_get0_q(const RSA *d);
+const BIGNUM *RSA_get0_dmp1(const RSA *r);
+const BIGNUM *RSA_get0_dmq1(const RSA *r);
+const BIGNUM *RSA_get0_iqmp(const RSA *r);
+DEPRECATEDIN_3_0(const RSA_PSS_PARAMS *RSA_get0_pss_params(const RSA *r))
+void RSA_clear_flags(RSA *r, int flags);
+int RSA_test_flags(const RSA *r, int flags);
+void RSA_set_flags(RSA *r, int flags);
+DEPRECATEDIN_3_0(int RSA_get_version(RSA *r))
+DEPRECATEDIN_3_0(ENGINE *RSA_get0_engine(const RSA *r))
+
+/* Deprecated version */
+DEPRECATEDIN_0_9_8(RSA *RSA_generate_key(int bits, unsigned long e, void
+ (*callback) (int, int, void *),
+ void *cb_arg))
+
+/* New version */
+DEPRECATEDIN_3_0(int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e,
+ BN_GENCB *cb))
+/* Multi-prime version */
+DEPRECATEDIN_3_0(int RSA_generate_multi_prime_key(RSA *rsa, int bits,
+ int primes, BIGNUM *e,
+ BN_GENCB *cb))
+
+DEPRECATEDIN_3_0(int RSA_X931_derive_ex(RSA *rsa, BIGNUM *p1, BIGNUM *p2,
+ BIGNUM *q1, BIGNUM *q2,
+ const BIGNUM *Xp1, const BIGNUM *Xp2,
+ const BIGNUM *Xp, const BIGNUM *Xq1,
+ const BIGNUM *Xq2, const BIGNUM *Xq,
+ const BIGNUM *e, BN_GENCB *cb))
+DEPRECATEDIN_3_0(int RSA_X931_generate_key_ex(RSA *rsa, int bits,
+ const BIGNUM *e, BN_GENCB *cb))
+
+DEPRECATEDIN_3_0(int RSA_check_key(const RSA *))
+DEPRECATEDIN_3_0(int RSA_check_key_ex(const RSA *, BN_GENCB *cb))
+ /* next 4 return -1 on error */
+DEPRECATEDIN_3_0(int RSA_public_encrypt(int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa,
+ int padding))
+DEPRECATEDIN_3_0(int RSA_private_encrypt(int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa,
+ int padding))
+DEPRECATEDIN_3_0(int RSA_public_decrypt(int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa,
+ int padding))
+DEPRECATEDIN_3_0(int RSA_private_decrypt(int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa,
+ int padding))
+void RSA_free(RSA *r);
+/* "up" the RSA object's reference count */
+int RSA_up_ref(RSA *r);
+
+/* TODO(3.0): deprecate this one ssl/ssl_rsa.c can be changed to avoid it */
+int RSA_flags(const RSA *r);
+
+DEPRECATEDIN_3_0(void RSA_set_default_method(const RSA_METHOD *meth))
+DEPRECATEDIN_3_0(const RSA_METHOD *RSA_get_default_method(void))
+DEPRECATEDIN_3_0(const RSA_METHOD *RSA_null_method(void))
+DEPRECATEDIN_3_0(const RSA_METHOD *RSA_get_method(const RSA *rsa))
+DEPRECATEDIN_3_0(int RSA_set_method(RSA *rsa, const RSA_METHOD *meth))
+
+/* these are the actual RSA functions */
+DEPRECATEDIN_3_0(const RSA_METHOD *RSA_PKCS1_OpenSSL(void))
+
+int RSA_pkey_ctx_ctrl(EVP_PKEY_CTX *ctx, int optype, int cmd, int p1, void *p2);
+
+DECLARE_ASN1_ENCODE_FUNCTIONS_name(RSA, RSAPublicKey)
+DECLARE_ASN1_ENCODE_FUNCTIONS_name(RSA, RSAPrivateKey)
+
+struct rsa_pss_params_st {
+ X509_ALGOR *hashAlgorithm;
+ X509_ALGOR *maskGenAlgorithm;
+ ASN1_INTEGER *saltLength;
+ ASN1_INTEGER *trailerField;
+ /* Decoded hash algorithm from maskGenAlgorithm */
+ X509_ALGOR *maskHash;
+};
+
+DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
+
+typedef struct rsa_oaep_params_st {
+ X509_ALGOR *hashFunc;
+ X509_ALGOR *maskGenFunc;
+ X509_ALGOR *pSourceFunc;
+ /* Decoded hash algorithm from maskGenFunc */
+ X509_ALGOR *maskHash;
+} RSA_OAEP_PARAMS;
+
+DECLARE_ASN1_FUNCTIONS(RSA_OAEP_PARAMS)
+
+# ifndef OPENSSL_NO_STDIO
+DEPRECATEDIN_3_0(int RSA_print_fp(FILE *fp, const RSA *r, int offset))
+# endif
+
+DEPRECATEDIN_3_0(int RSA_print(BIO *bp, const RSA *r, int offset))
+
+/*
+ * The following 2 functions sign and verify a X509_SIG ASN1 object inside
+ * PKCS#1 padded RSA encryption
+ */
+DEPRECATEDIN_3_0(int RSA_sign(int type, const unsigned char *m,
+ unsigned int m_length, unsigned char *sigret,
+ unsigned int *siglen, RSA *rsa))
+DEPRECATEDIN_3_0(int RSA_verify(int type, const unsigned char *m,
+ unsigned int m_length,
+ const unsigned char *sigbuf,
+ unsigned int siglen, RSA *rsa))
+
+/*
+ * The following 2 function sign and verify a ASN1_OCTET_STRING object inside
+ * PKCS#1 padded RSA encryption
+ */
+DEPRECATEDIN_3_0(int RSA_sign_ASN1_OCTET_STRING(int type,
+ const unsigned char *m,
+ unsigned int m_length,
+ unsigned char *sigret,
+ unsigned int *siglen, RSA *rsa))
+DEPRECATEDIN_3_0(int RSA_verify_ASN1_OCTET_STRING(int type,
+ const unsigned char *m,
+ unsigned int m_length,
+ unsigned char *sigbuf,
+ unsigned int siglen,
+ RSA *rsa))
+
+/* TODO(3.0): figure out how to deprecate these two */
+int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
+void RSA_blinding_off(RSA *rsa);
+DEPRECATEDIN_3_0(BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *ctx))
+
+DEPRECATEDIN_3_0(int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
+ const unsigned char *f,
+ int fl))
+DEPRECATEDIN_3_0(int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
+ const unsigned char *f,
+ int fl, int rsa_len))
+DEPRECATEDIN_3_0(int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
+ const unsigned char *f,
+ int fl))
+DEPRECATEDIN_3_0(int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
+ const unsigned char *f,
+ int fl, int rsa_len))
+DEPRECATEDIN_3_0(int PKCS1_MGF1(unsigned char *mask, long len,
+ const unsigned char *seed, long seedlen,
+ const EVP_MD *dgst))
+DEPRECATEDIN_3_0(int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
+ const unsigned char *f, int fl,
+ const unsigned char *p, int pl))
+DEPRECATEDIN_3_0(int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
+ const unsigned char *f,
+ int fl, int rsa_len,
+ const unsigned char *p,
+ int pl))
+DEPRECATEDIN_3_0(int RSA_padding_add_PKCS1_OAEP_mgf1(unsigned char *to,
+ int tlen,
+ const unsigned char *from,
+ int flen,
+ const unsigned char *param,
+ int plen,
+ const EVP_MD *md,
+ const EVP_MD *mgf1md))
+DEPRECATEDIN_3_0(int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to,
+ int tlen,
+ const unsigned char *from,
+ int flen, int num,
+ const unsigned char *param,
+ int plen, const EVP_MD *md,
+ const EVP_MD *mgf1md))
+DEPRECATEDIN_3_0(int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
+ const unsigned char *f, int fl))
+DEPRECATEDIN_3_0(int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
+ const unsigned char *f, int fl,
+ int rsa_len))
+DEPRECATEDIN_3_0(int RSA_padding_add_none(unsigned char *to, int tlen,
+ const unsigned char *f, int fl))
+DEPRECATEDIN_3_0(int RSA_padding_check_none(unsigned char *to, int tlen,
+ const unsigned char *f, int fl,
+ int rsa_len))
+DEPRECATEDIN_3_0(int RSA_padding_add_X931(unsigned char *to, int tlen,
+ const unsigned char *f, int fl))
+DEPRECATEDIN_3_0(int RSA_padding_check_X931(unsigned char *to, int tlen,
+ const unsigned char *f, int fl,
+ int rsa_len))
+DEPRECATEDIN_3_0(int RSA_X931_hash_id(int nid))
+
+DEPRECATEDIN_3_0(int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
+ const EVP_MD *Hash,
+ const unsigned char *EM, int sLen))
+DEPRECATEDIN_3_0(int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
+ const unsigned char *mHash,
+ const EVP_MD *Hash, int sLen))
+
+DEPRECATEDIN_3_0(int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa,
+ const unsigned char *mHash,
+ const EVP_MD *Hash,
+ const EVP_MD *mgf1Hash,
+ const unsigned char *EM,
+ int sLen))
+
+DEPRECATEDIN_3_0(int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa,
+ unsigned char *EM,
+ const unsigned char *mHash,
+ const EVP_MD *Hash,
+ const EVP_MD *mgf1Hash,
+ int sLen))
+
+# define RSA_get_ex_new_index(l, p, newf, dupf, freef) \
+ CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_RSA, l, p, newf, dupf, freef)
+DEPRECATEDIN_3_0(int RSA_set_ex_data(RSA *r, int idx, void *arg))
+DEPRECATEDIN_3_0(void *RSA_get_ex_data(const RSA *r, int idx))
+
+DECLARE_ASN1_DUP_FUNCTION_name(RSA, RSAPublicKey)
+DECLARE_ASN1_DUP_FUNCTION_name(RSA, RSAPrivateKey)
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+/*
+ * If this flag is set the RSA method is FIPS compliant and can be used in
+ * FIPS mode. This is set in the validated module method. If an application
+ * sets this flag in its own methods it is its responsibility to ensure the
+ * result is compliant.
+ */
+
+# define RSA_FLAG_FIPS_METHOD 0x0400
+
+/*
+ * If this flag is set the operations normally disabled in FIPS mode are
+ * permitted it is then the applications responsibility to ensure that the
+ * usage is compliant.
+ */
+
+# define RSA_FLAG_NON_FIPS_ALLOW 0x0400
+/*
+ * Application has decided PRNG is good enough to generate a key: don't
+ * check.
+ */
+# define RSA_FLAG_CHECKED 0x0800
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
+
+DEPRECATEDIN_3_0(RSA_METHOD *RSA_meth_new(const char *name, int flags))
+DEPRECATEDIN_3_0(void RSA_meth_free(RSA_METHOD *meth))
+DEPRECATEDIN_3_0(RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth))
+DEPRECATEDIN_3_0(const char *RSA_meth_get0_name(const RSA_METHOD *meth))
+DEPRECATEDIN_3_0(int RSA_meth_set1_name(RSA_METHOD *meth, const char *name))
+DEPRECATEDIN_3_0(int RSA_meth_get_flags(const RSA_METHOD *meth))
+DEPRECATEDIN_3_0(int RSA_meth_set_flags(RSA_METHOD *meth, int flags))
+DEPRECATEDIN_3_0(void *RSA_meth_get0_app_data(const RSA_METHOD *meth))
+DEPRECATEDIN_3_0(int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data))
+DEPRECATEDIN_3_0(int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))
+ (int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding))
+DEPRECATEDIN_3_0(int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+ int (*pub_enc) (int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa,
+ int padding)))
+DEPRECATEDIN_3_0(int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+ (int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding))
+DEPRECATEDIN_3_0(int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+ int (*pub_dec) (int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa,
+ int padding)))
+DEPRECATEDIN_3_0(int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))
+ (int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding))
+DEPRECATEDIN_3_0(int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+ int (*priv_enc) (int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa,
+ int padding)))
+DEPRECATEDIN_3_0(int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))
+ (int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding))
+DEPRECATEDIN_3_0(int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
+ int (*priv_dec) (int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa,
+ int padding)))
+DEPRECATEDIN_3_0(int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))
+ (BIGNUM *r0, const BIGNUM *i, RSA *rsa, BN_CTX *ctx))
+DEPRECATEDIN_3_0(int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
+ int (*mod_exp) (BIGNUM *r0, const BIGNUM *i, RSA *rsa,
+ BN_CTX *ctx)))
+DEPRECATEDIN_3_0(int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))
+ (BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx))
+DEPRECATEDIN_3_0(int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
+ int (*bn_mod_exp) (BIGNUM *r,
+ const BIGNUM *a,
+ const BIGNUM *p,
+ const BIGNUM *m,
+ BN_CTX *ctx,
+ BN_MONT_CTX *m_ctx)))
+DEPRECATEDIN_3_0(int (*RSA_meth_get_init(const RSA_METHOD *meth)) (RSA *rsa))
+DEPRECATEDIN_3_0(int RSA_meth_set_init(RSA_METHOD *rsa, int (*init) (RSA *rsa)))
+DEPRECATEDIN_3_0(int (*RSA_meth_get_finish(const RSA_METHOD *meth)) (RSA *rsa))
+DEPRECATEDIN_3_0(int RSA_meth_set_finish(RSA_METHOD *rsa,
+ int (*finish) (RSA *rsa)))
+DEPRECATEDIN_3_0(int (*RSA_meth_get_sign(const RSA_METHOD *meth))
+ (int type,
+ const unsigned char *m, unsigned int m_length,
+ unsigned char *sigret, unsigned int *siglen,
+ const RSA *rsa))
+DEPRECATEDIN_3_0(int RSA_meth_set_sign(RSA_METHOD *rsa,
+ int (*sign) (int type, const unsigned char *m,
+ unsigned int m_length,
+ unsigned char *sigret, unsigned int *siglen,
+ const RSA *rsa)))
+DEPRECATEDIN_3_0(int (*RSA_meth_get_verify(const RSA_METHOD *meth))
+ (int dtype, const unsigned char *m,
+ unsigned int m_length, const unsigned char *sigbuf,
+ unsigned int siglen, const RSA *rsa))
+DEPRECATEDIN_3_0(int RSA_meth_set_verify(RSA_METHOD *rsa,
+ int (*verify) (int dtype, const unsigned char *m,
+ unsigned int m_length,
+ const unsigned char *sigbuf,
+ unsigned int siglen, const RSA *rsa)))
+DEPRECATEDIN_3_0(int (*RSA_meth_get_keygen(const RSA_METHOD *meth))
+ (RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb))
+DEPRECATEDIN_3_0(int RSA_meth_set_keygen(RSA_METHOD *rsa,
+ int (*keygen) (RSA *rsa, int bits, BIGNUM *e,
+ BN_GENCB *cb)))
+DEPRECATEDIN_3_0(int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))
+ (RSA *rsa, int bits, int primes, BIGNUM *e, BN_GENCB *cb))
+DEPRECATEDIN_3_0(int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
+ int (*keygen) (RSA *rsa, int bits,
+ int primes, BIGNUM *e,
+ BN_GENCB *cb)))
+
+# ifdef __cplusplus
+}
+# endif
+# endif
+#endif
diff --git a/openssl/include/openssl/rsaerr.h b/openssl/include/openssl/rsaerr.h new file mode 100644 index 00000000..05664651 --- /dev/null +++ b/openssl/include/openssl/rsaerr.h @@ -0,0 +1,182 @@ +/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_RSAERR_H
+# define OPENSSL_RSAERR_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+
+
+# ifdef __cplusplus
+extern "C"
+# endif
+int ERR_load_RSA_strings(void);
+
+/*
+ * RSA function codes.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define RSA_F_CHECK_PADDING_MD 0
+# define RSA_F_ENCODE_PKCS1 0
+# define RSA_F_INT_RSA_VERIFY 0
+# define RSA_F_OLD_RSA_PRIV_DECODE 0
+# define RSA_F_PKEY_PSS_INIT 0
+# define RSA_F_PKEY_RSA_CTRL 0
+# define RSA_F_PKEY_RSA_CTRL_STR 0
+# define RSA_F_PKEY_RSA_SIGN 0
+# define RSA_F_PKEY_RSA_VERIFY 0
+# define RSA_F_PKEY_RSA_VERIFYRECOVER 0
+# define RSA_F_RSA_ALGOR_TO_MD 0
+# define RSA_F_RSA_BUILTIN_KEYGEN 0
+# define RSA_F_RSA_CHECK_KEY 0
+# define RSA_F_RSA_CHECK_KEY_EX 0
+# define RSA_F_RSA_CMS_DECRYPT 0
+# define RSA_F_RSA_CMS_VERIFY 0
+# define RSA_F_RSA_FIPS186_4_GEN_PROB_PRIMES 0
+# define RSA_F_RSA_ITEM_VERIFY 0
+# define RSA_F_RSA_METH_DUP 0
+# define RSA_F_RSA_METH_NEW 0
+# define RSA_F_RSA_METH_SET1_NAME 0
+# define RSA_F_RSA_MGF1_TO_MD 0
+# define RSA_F_RSA_MULTIP_INFO_NEW 0
+# define RSA_F_RSA_NEW_METHOD 0
+# define RSA_F_RSA_NULL 0
+# define RSA_F_RSA_NULL_PRIVATE_DECRYPT 0
+# define RSA_F_RSA_NULL_PRIVATE_ENCRYPT 0
+# define RSA_F_RSA_NULL_PUBLIC_DECRYPT 0
+# define RSA_F_RSA_NULL_PUBLIC_ENCRYPT 0
+# define RSA_F_RSA_OSSL_PRIVATE_DECRYPT 0
+# define RSA_F_RSA_OSSL_PRIVATE_ENCRYPT 0
+# define RSA_F_RSA_OSSL_PUBLIC_DECRYPT 0
+# define RSA_F_RSA_OSSL_PUBLIC_ENCRYPT 0
+# define RSA_F_RSA_PADDING_ADD_NONE 0
+# define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 0
+# define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1 0
+# define RSA_F_RSA_PADDING_ADD_PKCS1_PSS 0
+# define RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1 0
+# define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 0
+# define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 0
+# define RSA_F_RSA_PADDING_ADD_SSLV23 0
+# define RSA_F_RSA_PADDING_ADD_X931 0
+# define RSA_F_RSA_PADDING_CHECK_NONE 0
+# define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP 0
+# define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1 0
+# define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 0
+# define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 0
+# define RSA_F_RSA_PADDING_CHECK_SSLV23 0
+# define RSA_F_RSA_PADDING_CHECK_X931 0
+# define RSA_F_RSA_PARAM_DECODE 0
+# define RSA_F_RSA_PRINT 0
+# define RSA_F_RSA_PRINT_FP 0
+# define RSA_F_RSA_PRIV_DECODE 0
+# define RSA_F_RSA_PRIV_ENCODE 0
+# define RSA_F_RSA_PSS_GET_PARAM 0
+# define RSA_F_RSA_PSS_TO_CTX 0
+# define RSA_F_RSA_PUB_DECODE 0
+# define RSA_F_RSA_SETUP_BLINDING 0
+# define RSA_F_RSA_SIGN 0
+# define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 0
+# define RSA_F_RSA_SP800_56B_CHECK_KEYPAIR 0
+# define RSA_F_RSA_SP800_56B_CHECK_PUBLIC 0
+# define RSA_F_RSA_SP800_56B_PAIRWISE_TEST 0
+# define RSA_F_RSA_SP800_56B_VALIDATE_STRENGTH 0
+# define RSA_F_RSA_VERIFY 0
+# define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 0
+# define RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1 0
+# define RSA_F_SETUP_TBUF 0
+# endif
+
+/*
+ * RSA reason codes.
+ */
+# define RSA_R_ALGORITHM_MISMATCH 100
+# define RSA_R_BAD_E_VALUE 101
+# define RSA_R_BAD_FIXED_HEADER_DECRYPT 102
+# define RSA_R_BAD_PAD_BYTE_COUNT 103
+# define RSA_R_BAD_SIGNATURE 104
+# define RSA_R_BLOCK_TYPE_IS_NOT_01 106
+# define RSA_R_BLOCK_TYPE_IS_NOT_02 107
+# define RSA_R_DATA_GREATER_THAN_MOD_LEN 108
+# define RSA_R_DATA_TOO_LARGE 109
+# define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 110
+# define RSA_R_DATA_TOO_LARGE_FOR_MODULUS 132
+# define RSA_R_DATA_TOO_SMALL 111
+# define RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE 122
+# define RSA_R_DIGEST_DOES_NOT_MATCH 158
+# define RSA_R_DIGEST_NOT_ALLOWED 145
+# define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY 112
+# define RSA_R_DMP1_NOT_CONGRUENT_TO_D 124
+# define RSA_R_DMQ1_NOT_CONGRUENT_TO_D 125
+# define RSA_R_D_E_NOT_CONGRUENT_TO_1 123
+# define RSA_R_FIRST_OCTET_INVALID 133
+# define RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE 144
+# define RSA_R_INVALID_DIGEST 157
+# define RSA_R_INVALID_DIGEST_LENGTH 143
+# define RSA_R_INVALID_HEADER 137
+# define RSA_R_INVALID_KEYPAIR 171
+# define RSA_R_INVALID_KEY_LENGTH 173
+# define RSA_R_INVALID_LABEL 160
+# define RSA_R_INVALID_MESSAGE_LENGTH 131
+# define RSA_R_INVALID_MGF1_MD 156
+# define RSA_R_INVALID_MODULUS 174
+# define RSA_R_INVALID_MULTI_PRIME_KEY 167
+# define RSA_R_INVALID_OAEP_PARAMETERS 161
+# define RSA_R_INVALID_PADDING 138
+# define RSA_R_INVALID_PADDING_MODE 141
+# define RSA_R_INVALID_PSS_PARAMETERS 149
+# define RSA_R_INVALID_PSS_SALTLEN 146
+# define RSA_R_INVALID_REQUEST 175
+# define RSA_R_INVALID_SALT_LENGTH 150
+# define RSA_R_INVALID_STRENGTH 176
+# define RSA_R_INVALID_TRAILER 139
+# define RSA_R_INVALID_X931_DIGEST 142
+# define RSA_R_IQMP_NOT_INVERSE_OF_Q 126
+# define RSA_R_KEY_PRIME_NUM_INVALID 165
+# define RSA_R_KEY_SIZE_TOO_SMALL 120
+# define RSA_R_LAST_OCTET_INVALID 134
+# define RSA_R_MGF1_DIGEST_NOT_ALLOWED 152
+# define RSA_R_MISSING_PRIVATE_KEY 179
+# define RSA_R_MODULUS_TOO_LARGE 105
+# define RSA_R_MP_COEFFICIENT_NOT_INVERSE_OF_R 168
+# define RSA_R_MP_EXPONENT_NOT_CONGRUENT_TO_D 169
+# define RSA_R_MP_R_NOT_PRIME 170
+# define RSA_R_NO_PUBLIC_EXPONENT 140
+# define RSA_R_NULL_BEFORE_BLOCK_MISSING 113
+# define RSA_R_N_DOES_NOT_EQUAL_PRODUCT_OF_PRIMES 172
+# define RSA_R_N_DOES_NOT_EQUAL_P_Q 127
+# define RSA_R_OAEP_DECODING_ERROR 121
+# define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 148
+# define RSA_R_PADDING_CHECK_FAILED 114
+# define RSA_R_PAIRWISE_TEST_FAILURE 177
+# define RSA_R_PKCS_DECODING_ERROR 159
+# define RSA_R_PSS_SALTLEN_TOO_SMALL 164
+# define RSA_R_PUB_EXPONENT_OUT_OF_RANGE 178
+# define RSA_R_P_NOT_PRIME 128
+# define RSA_R_Q_NOT_PRIME 129
+# define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED 130
+# define RSA_R_SLEN_CHECK_FAILED 136
+# define RSA_R_SLEN_RECOVERY_FAILED 135
+# define RSA_R_SSLV3_ROLLBACK_ATTACK 115
+# define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
+# define RSA_R_UNKNOWN_ALGORITHM_TYPE 117
+# define RSA_R_UNKNOWN_DIGEST 166
+# define RSA_R_UNKNOWN_MASK_DIGEST 151
+# define RSA_R_UNKNOWN_PADDING_TYPE 118
+# define RSA_R_UNSUPPORTED_ENCRYPTION_TYPE 162
+# define RSA_R_UNSUPPORTED_LABEL_SOURCE 163
+# define RSA_R_UNSUPPORTED_MASK_ALGORITHM 153
+# define RSA_R_UNSUPPORTED_MASK_PARAMETER 154
+# define RSA_R_UNSUPPORTED_SIGNATURE_TYPE 155
+# define RSA_R_VALUE_MISSING 147
+# define RSA_R_WRONG_SIGNATURE_LENGTH 119
+
+#endif
diff --git a/openssl/include/openssl/safestack.h b/openssl/include/openssl/safestack.h new file mode 100644 index 00000000..67503808 --- /dev/null +++ b/openssl/include/openssl/safestack.h @@ -0,0 +1,237 @@ +/*
+ * Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_SAFESTACK_H
+# define OPENSSL_SAFESTACK_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_SAFESTACK_H
+# endif
+
+# include <openssl/stack.h>
+# include <openssl/e_os2.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# define STACK_OF(type) struct stack_st_##type
+
+# define SKM_DEFINE_STACK_OF(t1, t2, t3) \
+ STACK_OF(t1); \
+ typedef int (*sk_##t1##_compfunc)(const t3 * const *a, const t3 *const *b); \
+ typedef void (*sk_##t1##_freefunc)(t3 *a); \
+ typedef t3 * (*sk_##t1##_copyfunc)(const t3 *a); \
+ static ossl_unused ossl_inline int sk_##t1##_num(const STACK_OF(t1) *sk) \
+ { \
+ return OPENSSL_sk_num((const OPENSSL_STACK *)sk); \
+ } \
+ static ossl_unused ossl_inline t2 *sk_##t1##_value(const STACK_OF(t1) *sk, int idx) \
+ { \
+ return (t2 *)OPENSSL_sk_value((const OPENSSL_STACK *)sk, idx); \
+ } \
+ static ossl_unused ossl_inline STACK_OF(t1) *sk_##t1##_new(sk_##t1##_compfunc compare) \
+ { \
+ return (STACK_OF(t1) *)OPENSSL_sk_new((OPENSSL_sk_compfunc)compare); \
+ } \
+ static ossl_unused ossl_inline STACK_OF(t1) *sk_##t1##_new_null(void) \
+ { \
+ return (STACK_OF(t1) *)OPENSSL_sk_new_null(); \
+ } \
+ static ossl_unused ossl_inline STACK_OF(t1) *sk_##t1##_new_reserve(sk_##t1##_compfunc compare, int n) \
+ { \
+ return (STACK_OF(t1) *)OPENSSL_sk_new_reserve((OPENSSL_sk_compfunc)compare, n); \
+ } \
+ static ossl_unused ossl_inline int sk_##t1##_reserve(STACK_OF(t1) *sk, int n) \
+ { \
+ return OPENSSL_sk_reserve((OPENSSL_STACK *)sk, n); \
+ } \
+ static ossl_unused ossl_inline void sk_##t1##_free(STACK_OF(t1) *sk) \
+ { \
+ OPENSSL_sk_free((OPENSSL_STACK *)sk); \
+ } \
+ static ossl_unused ossl_inline void sk_##t1##_zero(STACK_OF(t1) *sk) \
+ { \
+ OPENSSL_sk_zero((OPENSSL_STACK *)sk); \
+ } \
+ static ossl_unused ossl_inline t2 *sk_##t1##_delete(STACK_OF(t1) *sk, int i) \
+ { \
+ return (t2 *)OPENSSL_sk_delete((OPENSSL_STACK *)sk, i); \
+ } \
+ static ossl_unused ossl_inline t2 *sk_##t1##_delete_ptr(STACK_OF(t1) *sk, t2 *ptr) \
+ { \
+ return (t2 *)OPENSSL_sk_delete_ptr((OPENSSL_STACK *)sk, \
+ (const void *)ptr); \
+ } \
+ static ossl_unused ossl_inline int sk_##t1##_push(STACK_OF(t1) *sk, t2 *ptr) \
+ { \
+ return OPENSSL_sk_push((OPENSSL_STACK *)sk, (const void *)ptr); \
+ } \
+ static ossl_unused ossl_inline int sk_##t1##_unshift(STACK_OF(t1) *sk, t2 *ptr) \
+ { \
+ return OPENSSL_sk_unshift((OPENSSL_STACK *)sk, (const void *)ptr); \
+ } \
+ static ossl_unused ossl_inline t2 *sk_##t1##_pop(STACK_OF(t1) *sk) \
+ { \
+ return (t2 *)OPENSSL_sk_pop((OPENSSL_STACK *)sk); \
+ } \
+ static ossl_unused ossl_inline t2 *sk_##t1##_shift(STACK_OF(t1) *sk) \
+ { \
+ return (t2 *)OPENSSL_sk_shift((OPENSSL_STACK *)sk); \
+ } \
+ static ossl_unused ossl_inline void sk_##t1##_pop_free(STACK_OF(t1) *sk, sk_##t1##_freefunc freefunc) \
+ { \
+ OPENSSL_sk_pop_free((OPENSSL_STACK *)sk, (OPENSSL_sk_freefunc)freefunc); \
+ } \
+ static ossl_unused ossl_inline int sk_##t1##_insert(STACK_OF(t1) *sk, t2 *ptr, int idx) \
+ { \
+ return OPENSSL_sk_insert((OPENSSL_STACK *)sk, (const void *)ptr, idx); \
+ } \
+ static ossl_unused ossl_inline t2 *sk_##t1##_set(STACK_OF(t1) *sk, int idx, t2 *ptr) \
+ { \
+ return (t2 *)OPENSSL_sk_set((OPENSSL_STACK *)sk, idx, (const void *)ptr); \
+ } \
+ static ossl_unused ossl_inline int sk_##t1##_find(STACK_OF(t1) *sk, t2 *ptr) \
+ { \
+ return OPENSSL_sk_find((OPENSSL_STACK *)sk, (const void *)ptr); \
+ } \
+ static ossl_unused ossl_inline int sk_##t1##_find_ex(STACK_OF(t1) *sk, t2 *ptr) \
+ { \
+ return OPENSSL_sk_find_ex((OPENSSL_STACK *)sk, (const void *)ptr); \
+ } \
+ static ossl_unused ossl_inline void sk_##t1##_sort(STACK_OF(t1) *sk) \
+ { \
+ OPENSSL_sk_sort((OPENSSL_STACK *)sk); \
+ } \
+ static ossl_unused ossl_inline int sk_##t1##_is_sorted(const STACK_OF(t1) *sk) \
+ { \
+ return OPENSSL_sk_is_sorted((const OPENSSL_STACK *)sk); \
+ } \
+ static ossl_unused ossl_inline STACK_OF(t1) * sk_##t1##_dup(const STACK_OF(t1) *sk) \
+ { \
+ return (STACK_OF(t1) *)OPENSSL_sk_dup((const OPENSSL_STACK *)sk); \
+ } \
+ static ossl_unused ossl_inline STACK_OF(t1) *sk_##t1##_deep_copy(const STACK_OF(t1) *sk, \
+ sk_##t1##_copyfunc copyfunc, \
+ sk_##t1##_freefunc freefunc) \
+ { \
+ return (STACK_OF(t1) *)OPENSSL_sk_deep_copy((const OPENSSL_STACK *)sk, \
+ (OPENSSL_sk_copyfunc)copyfunc, \
+ (OPENSSL_sk_freefunc)freefunc); \
+ } \
+ static ossl_unused ossl_inline sk_##t1##_compfunc sk_##t1##_set_cmp_func(STACK_OF(t1) *sk, sk_##t1##_compfunc compare) \
+ { \
+ return (sk_##t1##_compfunc)OPENSSL_sk_set_cmp_func((OPENSSL_STACK *)sk, (OPENSSL_sk_compfunc)compare); \
+ }
+
+# define DEFINE_STACK_OF(t) SKM_DEFINE_STACK_OF(t, t, t)
+# define DEFINE_STACK_OF_CONST(t) SKM_DEFINE_STACK_OF(t, const t, t)
+# define DEFINE_SPECIAL_STACK_OF(t1, t2) SKM_DEFINE_STACK_OF(t1, t2, t2)
+# define DEFINE_SPECIAL_STACK_OF_CONST(t1, t2) \
+ SKM_DEFINE_STACK_OF(t1, const t2, t2)
+
+/*-
+ * Strings are special: normally an lhash entry will point to a single
+ * (somewhat) mutable object. In the case of strings:
+ *
+ * a) Instead of a single char, there is an array of chars, NUL-terminated.
+ * b) The string may have be immutable.
+ *
+ * So, they need their own declarations. Especially important for
+ * type-checking tools, such as Deputy.
+ *
+ * In practice, however, it appears to be hard to have a const
+ * string. For now, I'm settling for dealing with the fact it is a
+ * string at all.
+ */
+typedef char *OPENSSL_STRING;
+typedef const char *OPENSSL_CSTRING;
+
+# define DEFINE_STACK_OF_STRING() \
+ DEFINE_SPECIAL_STACK_OF(OPENSSL_STRING, char)
+# define DEFINE_STACK_OF_CSTRING() \
+ DEFINE_SPECIAL_STACK_OF_CONST(OPENSSL_CSTRING, char)
+
+/*
+ * If we're building OpenSSL, or we have no-deprecated configured,
+ * then we don't define the inline functions (see |SKM_DEFINE_STACK_OF|,
+ * above), we just declare the stack datatypes. Otherwise, for compatibility
+ * and to not remove the API's, we define the functions. We have the
+ * trailing semicolon so that uses of this never need it.
+ */
+#if defined(OPENSSL_BUILDING_OPENSSL) || defined(OPENSSL_NO_DEPRECATED_3_0)
+# define DEFINE_OR_DECLARE_STACK_OF(s) STACK_OF(s);
+# define DEFINE_OR_DECLARE_STACK_OF_STRING() STACK_OF(OPENSSL_STRING);
+# define DEFINE_OR_DECLARE_STACK_OF_CSTRING() STACK_OF(OPENSSL_CSTRING);
+#else
+# define DEFINE_OR_DECLARE_STACK_OF(s) DEFINE_STACK_OF(s)
+# define DEFINE_OR_DECLARE_STACK_OF_STRING() DEFINE_STACK_OF_STRING()
+# define DEFINE_OR_DECLARE_STACK_OF_CSTRING() DEFINE_STACK_OF_CSTRING()
+#endif
+
+/*-
+ * Confusingly, LHASH_OF(STRING) deals with char ** throughout, but
+ * STACK_OF(STRING) is really more like STACK_OF(char), only, as mentioned
+ * above, instead of a single char each entry is a NUL-terminated array of
+ * chars. So, we have to implement STRING specially for STACK_OF. This is
+ * dealt with in the autogenerated macros below.
+ */
+DEFINE_OR_DECLARE_STACK_OF_STRING()
+DEFINE_OR_DECLARE_STACK_OF_CSTRING()
+
+#if !defined(OPENSSL_NO_DEPRECATED_3_0)
+/*
+ * This is not used by OpenSSL. A block of bytes, NOT nul-terminated.
+ * These should also be distinguished from "normal" stacks.
+ */
+typedef void *OPENSSL_BLOCK;
+DEFINE_SPECIAL_STACK_OF(OPENSSL_BLOCK, void)
+#endif
+
+/*
+ * If called without higher optimization (min. -xO3) the Oracle Developer
+ * Studio compiler generates code for the defined (static inline) functions
+ * above.
+ * This would later lead to the linker complaining about missing symbols when
+ * this header file is included but the resulting object is not linked against
+ * the Crypto library (openssl#6912).
+ */
+# ifdef __SUNPRO_C
+# pragma weak OPENSSL_sk_num
+# pragma weak OPENSSL_sk_value
+# pragma weak OPENSSL_sk_new
+# pragma weak OPENSSL_sk_new_null
+# pragma weak OPENSSL_sk_new_reserve
+# pragma weak OPENSSL_sk_reserve
+# pragma weak OPENSSL_sk_free
+# pragma weak OPENSSL_sk_zero
+# pragma weak OPENSSL_sk_delete
+# pragma weak OPENSSL_sk_delete_ptr
+# pragma weak OPENSSL_sk_push
+# pragma weak OPENSSL_sk_unshift
+# pragma weak OPENSSL_sk_pop
+# pragma weak OPENSSL_sk_shift
+# pragma weak OPENSSL_sk_pop_free
+# pragma weak OPENSSL_sk_insert
+# pragma weak OPENSSL_sk_set
+# pragma weak OPENSSL_sk_find
+# pragma weak OPENSSL_sk_find_ex
+# pragma weak OPENSSL_sk_sort
+# pragma weak OPENSSL_sk_is_sorted
+# pragma weak OPENSSL_sk_dup
+# pragma weak OPENSSL_sk_deep_copy
+# pragma weak OPENSSL_sk_set_cmp_func
+# endif /* __SUNPRO_C */
+
+# ifdef __cplusplus
+}
+# endif
+#endif
diff --git a/openssl/include/openssl/seed.h b/openssl/include/openssl/seed.h new file mode 100644 index 00000000..4b8b12d4 --- /dev/null +++ b/openssl/include/openssl/seed.h @@ -0,0 +1,110 @@ +/*
+ * Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/*
+ * Copyright (c) 2007 KISA(Korea Information Security Agency). All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Neither the name of author nor the names of its contributors may
+ * be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifndef OPENSSL_SEED_H
+# define OPENSSL_SEED_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_SEED_H
+# endif
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_SEED
+# include <openssl/e_os2.h>
+# include <openssl/crypto.h>
+# include <sys/types.h>
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+# define SEED_BLOCK_SIZE 16
+# define SEED_KEY_LENGTH 16
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+/* look whether we need 'long' to get 32 bits */
+# ifdef AES_LONG
+# ifndef SEED_LONG
+# define SEED_LONG 1
+# endif
+# endif
+
+
+typedef struct seed_key_st {
+# ifdef SEED_LONG
+ unsigned long data[32];
+# else
+ unsigned int data[32];
+# endif
+} SEED_KEY_SCHEDULE;
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
+
+DEPRECATEDIN_3_0(void SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH],
+ SEED_KEY_SCHEDULE *ks))
+
+DEPRECATEDIN_3_0(void SEED_encrypt(const unsigned char s[SEED_BLOCK_SIZE],
+ unsigned char d[SEED_BLOCK_SIZE],
+ const SEED_KEY_SCHEDULE *ks))
+DEPRECATEDIN_3_0(void SEED_decrypt(const unsigned char s[SEED_BLOCK_SIZE],
+ unsigned char d[SEED_BLOCK_SIZE],
+ const SEED_KEY_SCHEDULE *ks))
+
+DEPRECATEDIN_3_0(void SEED_ecb_encrypt(const unsigned char *in,
+ unsigned char *out,
+ const SEED_KEY_SCHEDULE *ks, int enc))
+DEPRECATEDIN_3_0(void SEED_cbc_encrypt(const unsigned char *in,
+ unsigned char *out, size_t len,
+ const SEED_KEY_SCHEDULE *ks,
+ unsigned char ivec[SEED_BLOCK_SIZE],
+ int enc))
+DEPRECATEDIN_3_0(void SEED_cfb128_encrypt(const unsigned char *in,
+ unsigned char *out, size_t len,
+ const SEED_KEY_SCHEDULE *ks,
+ unsigned char ivec[SEED_BLOCK_SIZE],
+ int *num, int enc))
+DEPRECATEDIN_3_0(void SEED_ofb128_encrypt(const unsigned char *in,
+ unsigned char *out, size_t len,
+ const SEED_KEY_SCHEDULE *ks,
+ unsigned char ivec[SEED_BLOCK_SIZE],
+ int *num))
+
+# ifdef __cplusplus
+}
+# endif
+# endif
+
+#endif
diff --git a/openssl/include/openssl/self_test.h b/openssl/include/openssl/self_test.h new file mode 100644 index 00000000..5a242e65 --- /dev/null +++ b/openssl/include/openssl/self_test.h @@ -0,0 +1,77 @@ +/*
+ * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_SELF_TEST_H
+# define OPENSSL_SELF_TEST_H
+
+# include <openssl/core.h> /* OSSL_CALLBACK */
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+/* The test event phases */
+# define OSSL_SELF_TEST_PHASE_NONE "None"
+# define OSSL_SELF_TEST_PHASE_START "Start"
+# define OSSL_SELF_TEST_PHASE_CORRUPT "Corrupt"
+# define OSSL_SELF_TEST_PHASE_PASS "Pass"
+# define OSSL_SELF_TEST_PHASE_FAIL "Fail"
+
+/* Test event categories */
+# define OSSL_SELF_TEST_TYPE_NONE "None"
+# define OSSL_SELF_TEST_TYPE_MODULE_INTEGRITY "Module_Integrity"
+# define OSSL_SELF_TEST_TYPE_INSTALL_INTEGRITY "Install_Integrity"
+# define OSSL_SELF_TEST_TYPE_PCT "Pairwise_Consistency_Test"
+# define OSSL_SELF_TEST_TYPE_KAT_CIPHER "KAT_Cipher"
+# define OSSL_SELF_TEST_TYPE_KAT_DIGEST "KAT_Digest"
+# define OSSL_SELF_TEST_TYPE_KAT_SIGNATURE "KAT_Signature"
+# define OSSL_SELF_TEST_TYPE_KAT_KDF "KAT_KDF"
+# define OSSL_SELF_TEST_TYPE_KAT_KA "KAT_KA"
+# define OSSL_SELF_TEST_TYPE_DRBG "DRBG"
+
+/* Test event sub categories */
+# define OSSL_SELF_TEST_DESC_NONE "None"
+# define OSSL_SELF_TEST_DESC_INTEGRITY_HMAC "HMAC"
+# define OSSL_SELF_TEST_DESC_PCT_RSA_PKCS1 "RSA"
+# define OSSL_SELF_TEST_DESC_PCT_ECDSA "ECDSA"
+# define OSSL_SELF_TEST_DESC_PCT_DSA "DSA"
+# define OSSL_SELF_TEST_DESC_CIPHER_AES_GCM "AES_GCM"
+# define OSSL_SELF_TEST_DESC_CIPHER_TDES "TDES"
+# define OSSL_SELF_TEST_DESC_MD_SHA1 "SHA1"
+# define OSSL_SELF_TEST_DESC_MD_SHA2 "SHA2"
+# define OSSL_SELF_TEST_DESC_MD_SHA3 "SHA3"
+# define OSSL_SELF_TEST_DESC_SIGN_DSA "DSA"
+# define OSSL_SELF_TEST_DESC_SIGN_RSA "RSA"
+# define OSSL_SELF_TEST_DESC_SIGN_ECDSA "ECDSA"
+# define OSSL_SELF_TEST_DESC_DRBG_CTR "CTR"
+# define OSSL_SELF_TEST_DESC_DRBG_HASH "HASH"
+# define OSSL_SELF_TEST_DESC_DRBG_HMAC "HMAC"
+# define OSSL_SELF_TEST_DESC_KA_DH "DH"
+# define OSSL_SELF_TEST_DESC_KA_ECDH "ECDH"
+# define OSSL_SELF_TEST_DESC_KDF_HKDF "HKDF"
+# define OSSL_SELF_TEST_DESC_KDF_SSKDF "SSKDF"
+
+# ifdef __cplusplus
+}
+# endif
+
+void OSSL_SELF_TEST_set_callback(OPENSSL_CTX *libctx, OSSL_CALLBACK *cb,
+ void *cbarg);
+void OSSL_SELF_TEST_get_callback(OPENSSL_CTX *libctx, OSSL_CALLBACK **cb,
+ void **cbarg);
+
+OSSL_SELF_TEST *OSSL_SELF_TEST_new(OSSL_CALLBACK *cb, void *cbarg);
+void OSSL_SELF_TEST_free(OSSL_SELF_TEST *st);
+
+void OSSL_SELF_TEST_onbegin(OSSL_SELF_TEST *st, const char *type,
+ const char *desc);
+void OSSL_SELF_TEST_oncorrupt_byte(OSSL_SELF_TEST *st, unsigned char *bytes);
+void OSSL_SELF_TEST_onend(OSSL_SELF_TEST *st, int ret);
+
+#endif /* OPENSSL_SELF_TEST_H */
diff --git a/openssl/include/openssl/serializer.h b/openssl/include/openssl/serializer.h new file mode 100644 index 00000000..582639a7 --- /dev/null +++ b/openssl/include/openssl/serializer.h @@ -0,0 +1,104 @@ +/*
+ * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_SERIALIZER_H
+# define OPENSSL_SERIALIZER_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_STDIO
+# include <stdio.h>
+# endif
+# include <stdarg.h>
+# include <stddef.h>
+# include <openssl/serializererr.h>
+# include <openssl/types.h>
+# include <openssl/core.h>
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+OSSL_SERIALIZER *OSSL_SERIALIZER_fetch(OPENSSL_CTX *libctx,
+ const char *name,
+ const char *properties);
+int OSSL_SERIALIZER_up_ref(OSSL_SERIALIZER *ser);
+void OSSL_SERIALIZER_free(OSSL_SERIALIZER *ser);
+
+const OSSL_PROVIDER *OSSL_SERIALIZER_provider(const OSSL_SERIALIZER *ser);
+const char *OSSL_SERIALIZER_properties(const OSSL_SERIALIZER *ser);
+int OSSL_SERIALIZER_number(const OSSL_SERIALIZER *ser);
+int OSSL_SERIALIZER_is_a(const OSSL_SERIALIZER *ser,
+ const char *name);
+
+void OSSL_SERIALIZER_do_all_provided(OPENSSL_CTX *libctx,
+ void (*fn)(OSSL_SERIALIZER *ser,
+ void *arg),
+ void *arg);
+void OSSL_SERIALIZER_names_do_all(const OSSL_SERIALIZER *ser,
+ void (*fn)(const char *name, void *data),
+ void *data);
+
+const OSSL_PARAM *OSSL_SERIALIZER_settable_ctx_params(OSSL_SERIALIZER *ser);
+OSSL_SERIALIZER_CTX *OSSL_SERIALIZER_CTX_new(OSSL_SERIALIZER *ser);
+const OSSL_SERIALIZER *
+OSSL_SERIALIZER_CTX_get_serializer(OSSL_SERIALIZER_CTX *ctx);
+int OSSL_SERIALIZER_CTX_set_params(OSSL_SERIALIZER_CTX *ctx,
+ const OSSL_PARAM params[]);
+void OSSL_SERIALIZER_CTX_free(OSSL_SERIALIZER_CTX *ctx);
+
+/* Utilities that help set specific parameters */
+int OSSL_SERIALIZER_CTX_set_cipher(OSSL_SERIALIZER_CTX *ctx,
+ const char *cipher_name,
+ const char *propquery);
+int OSSL_SERIALIZER_CTX_set_passphrase(OSSL_SERIALIZER_CTX *ctx,
+ const unsigned char *kstr,
+ size_t klen);
+int OSSL_SERIALIZER_CTX_set_passphrase_cb(OSSL_SERIALIZER_CTX *ctx, int enc,
+ pem_password_cb *cb, void *cbarg);
+int OSSL_SERIALIZER_CTX_set_passphrase_ui(OSSL_SERIALIZER_CTX *ctx,
+ const UI_METHOD *ui_method,
+ void *ui_data);
+
+/* Utilities to output the object to serialize */
+int OSSL_SERIALIZER_to_bio(OSSL_SERIALIZER_CTX *ctx, BIO *out);
+#ifndef OPENSSL_NO_STDIO
+int OSSL_SERIALIZER_to_fp(OSSL_SERIALIZER_CTX *ctx, FILE *fp);
+#endif
+
+/*
+ * Create the OSSL_SERIALIZER_CTX with an associated type. This will perform
+ * an implicit OSSL_SERIALIZER_fetch(), suitable for the object of that type.
+ * This is more useful than calling OSSL_SERIALIZER_CTX_new().
+ */
+OSSL_SERIALIZER_CTX *OSSL_SERIALIZER_CTX_new_by_EVP_PKEY(const EVP_PKEY *pkey,
+ const char *propquery);
+
+/*
+ * These macros define the last argument to pass to
+ * OSSL_SERIALIZER_CTX_new_by_TYPE().
+ */
+# define OSSL_SERIALIZER_PUBKEY_TO_PEM_PQ "format=pem,type=public"
+# define OSSL_SERIALIZER_PrivateKey_TO_PEM_PQ "format=pem,type=private"
+# define OSSL_SERIALIZER_Parameters_TO_PEM_PQ "format=pem,type=parameters"
+
+# define OSSL_SERIALIZER_PUBKEY_TO_DER_PQ "format=der,type=public"
+# define OSSL_SERIALIZER_PrivateKey_TO_DER_PQ "format=der,type=private"
+# define OSSL_SERIALIZER_Parameters_TO_DER_PQ "format=der,type=parameters"
+
+/* Corresponding macros for text output */
+# define OSSL_SERIALIZER_PUBKEY_TO_TEXT_PQ "format=text,type=public"
+# define OSSL_SERIALIZER_PrivateKey_TO_TEXT_PQ "format=text,type=private"
+# define OSSL_SERIALIZER_Parameters_TO_TEXT_PQ "format=text,type=parameters"
+
+# ifdef __cplusplus
+}
+# endif
+#endif
diff --git a/openssl/include/openssl/serializererr.h b/openssl/include/openssl/serializererr.h new file mode 100644 index 00000000..abec01e3 --- /dev/null +++ b/openssl/include/openssl/serializererr.h @@ -0,0 +1,36 @@ +/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_OSSL_SERIALIZERERR_H
+# define OPENSSL_OSSL_SERIALIZERERR_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+
+
+# ifdef __cplusplus
+extern "C"
+# endif
+int ERR_load_OSSL_SERIALIZER_strings(void);
+
+/*
+ * OSSL_SERIALIZER function codes.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# endif
+
+/*
+ * OSSL_SERIALIZER reason codes.
+ */
+# define OSSL_SERIALIZER_R_INCORRECT_PROPERTY_QUERY 100
+# define OSSL_SERIALIZER_R_SERIALIZER_NOT_FOUND 101
+
+#endif
diff --git a/openssl/include/openssl/sha.h b/openssl/include/openssl/sha.h new file mode 100644 index 00000000..756a24ca --- /dev/null +++ b/openssl/include/openssl/sha.h @@ -0,0 +1,122 @@ +/*
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_SHA_H
+# define OPENSSL_SHA_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_SHA_H
+# endif
+
+# include <openssl/e_os2.h>
+# include <stddef.h>
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+/*-
+ * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+ * ! SHA_LONG has to be at least 32 bits wide. !
+ * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+ */
+# define SHA_LONG unsigned int
+
+# define SHA_LBLOCK 16
+# define SHA_CBLOCK (SHA_LBLOCK*4)/* SHA treats input data as a
+ * contiguous array of 32 bit wide
+ * big-endian values. */
+# define SHA_LAST_BLOCK (SHA_CBLOCK-8)
+# define SHA_DIGEST_LENGTH 20
+
+typedef struct SHAstate_st {
+ SHA_LONG h0, h1, h2, h3, h4;
+ SHA_LONG Nl, Nh;
+ SHA_LONG data[SHA_LBLOCK];
+ unsigned int num;
+} SHA_CTX;
+
+int SHA1_Init(SHA_CTX *c);
+int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
+int SHA1_Final(unsigned char *md, SHA_CTX *c);
+unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md);
+void SHA1_Transform(SHA_CTX *c, const unsigned char *data);
+
+# define SHA256_CBLOCK (SHA_LBLOCK*4)/* SHA-256 treats input data as a
+ * contiguous array of 32 bit wide
+ * big-endian values. */
+
+typedef struct SHA256state_st {
+ SHA_LONG h[8];
+ SHA_LONG Nl, Nh;
+ SHA_LONG data[SHA_LBLOCK];
+ unsigned int num, md_len;
+} SHA256_CTX;
+
+int SHA224_Init(SHA256_CTX *c);
+int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
+int SHA224_Final(unsigned char *md, SHA256_CTX *c);
+unsigned char *SHA224(const unsigned char *d, size_t n, unsigned char *md);
+int SHA256_Init(SHA256_CTX *c);
+int SHA256_Update(SHA256_CTX *c, const void *data, size_t len);
+int SHA256_Final(unsigned char *md, SHA256_CTX *c);
+unsigned char *SHA256(const unsigned char *d, size_t n, unsigned char *md);
+void SHA256_Transform(SHA256_CTX *c, const unsigned char *data);
+
+# define SHA224_DIGEST_LENGTH 28
+# define SHA256_DIGEST_LENGTH 32
+# define SHA384_DIGEST_LENGTH 48
+# define SHA512_DIGEST_LENGTH 64
+
+/*
+ * Unlike 32-bit digest algorithms, SHA-512 *relies* on SHA_LONG64
+ * being exactly 64-bit wide. See Implementation Notes in sha512.c
+ * for further details.
+ */
+/*
+ * SHA-512 treats input data as a
+ * contiguous array of 64 bit
+ * wide big-endian values.
+ */
+# define SHA512_CBLOCK (SHA_LBLOCK*8)
+# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
+# define SHA_LONG64 unsigned __int64
+# elif defined(__arch64__)
+# define SHA_LONG64 unsigned long
+# else
+# define SHA_LONG64 unsigned long long
+# endif
+
+typedef struct SHA512state_st {
+ SHA_LONG64 h[8];
+ SHA_LONG64 Nl, Nh;
+ union {
+ SHA_LONG64 d[SHA_LBLOCK];
+ unsigned char p[SHA512_CBLOCK];
+ } u;
+ unsigned int num, md_len;
+} SHA512_CTX;
+
+int SHA384_Init(SHA512_CTX *c);
+int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
+int SHA384_Final(unsigned char *md, SHA512_CTX *c);
+unsigned char *SHA384(const unsigned char *d, size_t n, unsigned char *md);
+int SHA512_Init(SHA512_CTX *c);
+int SHA512_Update(SHA512_CTX *c, const void *data, size_t len);
+int SHA512_Final(unsigned char *md, SHA512_CTX *c);
+unsigned char *SHA512(const unsigned char *d, size_t n, unsigned char *md);
+void SHA512_Transform(SHA512_CTX *c, const unsigned char *data);
+
+# ifdef __cplusplus
+}
+# endif
+
+#endif
diff --git a/openssl/include/openssl/srp.h b/openssl/include/openssl/srp.h new file mode 100644 index 00000000..aac68f28 --- /dev/null +++ b/openssl/include/openssl/srp.h @@ -0,0 +1,159 @@ +/*
+ * Copyright 2004-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright (c) 2004, EdelKey Project. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ *
+ * Originally written by Christophe Renou and Peter Sylvester,
+ * for the EdelKey project.
+ */
+
+#ifndef OPENSSL_SRP_H
+# define OPENSSL_SRP_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_SRP_H
+# endif
+
+#include <openssl/opensslconf.h>
+
+#ifndef OPENSSL_NO_SRP
+# include <stdio.h>
+# include <string.h>
+# include <openssl/safestack.h>
+# include <openssl/bn.h>
+# include <openssl/crypto.h>
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+typedef struct SRP_gN_cache_st {
+ char *b64_bn;
+ BIGNUM *bn;
+} SRP_gN_cache;
+DEFINE_OR_DECLARE_STACK_OF(SRP_gN_cache)
+
+typedef struct SRP_user_pwd_st {
+ /* Owned by us. */
+ char *id;
+ BIGNUM *s;
+ BIGNUM *v;
+ /* Not owned by us. */
+ const BIGNUM *g;
+ const BIGNUM *N;
+ /* Owned by us. */
+ char *info;
+} SRP_user_pwd;
+DEFINE_OR_DECLARE_STACK_OF(SRP_user_pwd)
+
+SRP_user_pwd *SRP_user_pwd_new(void);
+void SRP_user_pwd_free(SRP_user_pwd *user_pwd);
+
+void SRP_user_pwd_set_gN(SRP_user_pwd *user_pwd, const BIGNUM *g, const BIGNUM *N);
+int SRP_user_pwd_set1_ids(SRP_user_pwd *user_pwd, const char *id, const char *info);
+int SRP_user_pwd_set0_sv(SRP_user_pwd *user_pwd, BIGNUM *s, BIGNUM *v);
+
+typedef struct SRP_VBASE_st {
+ STACK_OF(SRP_user_pwd) *users_pwd;
+ STACK_OF(SRP_gN_cache) *gN_cache;
+/* to simulate a user */
+ char *seed_key;
+ const BIGNUM *default_g;
+ const BIGNUM *default_N;
+} SRP_VBASE;
+
+/*
+ * Internal structure storing N and g pair
+ */
+typedef struct SRP_gN_st {
+ char *id;
+ const BIGNUM *g;
+ const BIGNUM *N;
+} SRP_gN;
+DEFINE_OR_DECLARE_STACK_OF(SRP_gN)
+
+SRP_VBASE *SRP_VBASE_new(char *seed_key);
+void SRP_VBASE_free(SRP_VBASE *vb);
+int SRP_VBASE_init(SRP_VBASE *vb, char *verifier_file);
+
+int SRP_VBASE_add0_user(SRP_VBASE *vb, SRP_user_pwd *user_pwd);
+/* This method ignores the configured seed and fails for an unknown user. */
+DEPRECATEDIN_1_1_0(SRP_user_pwd *SRP_VBASE_get_by_user(SRP_VBASE *vb, char *username))
+/* NOTE: unlike in SRP_VBASE_get_by_user, caller owns the returned pointer.*/
+SRP_user_pwd *SRP_VBASE_get1_by_user(SRP_VBASE *vb, char *username);
+
+char *SRP_create_verifier_ex(const char *user, const char *pass, char **salt,
+ char **verifier, const char *N, const char *g,
+ OPENSSL_CTX *libctx, const char *propq);
+char *SRP_create_verifier(const char *user, const char *pass, char **salt,
+ char **verifier, const char *N, const char *g);
+int SRP_create_verifier_BN_ex(const char *user, const char *pass, BIGNUM **salt,
+ BIGNUM **verifier, const BIGNUM *N,
+ const BIGNUM *g, OPENSSL_CTX *libctx,
+ const char *propq);
+int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt,
+ BIGNUM **verifier, const BIGNUM *N,
+ const BIGNUM *g);
+
+# define SRP_NO_ERROR 0
+# define SRP_ERR_VBASE_INCOMPLETE_FILE 1
+# define SRP_ERR_VBASE_BN_LIB 2
+# define SRP_ERR_OPEN_FILE 3
+# define SRP_ERR_MEMORY 4
+
+# define DB_srptype 0
+# define DB_srpverifier 1
+# define DB_srpsalt 2
+# define DB_srpid 3
+# define DB_srpgN 4
+# define DB_srpinfo 5
+# undef DB_NUMBER
+# define DB_NUMBER 6
+
+# define DB_SRP_INDEX 'I'
+# define DB_SRP_VALID 'V'
+# define DB_SRP_REVOKED 'R'
+# define DB_SRP_MODIF 'v'
+
+/* see srp.c */
+char *SRP_check_known_gN_param(const BIGNUM *g, const BIGNUM *N);
+SRP_gN *SRP_get_default_gN(const char *id);
+
+/* server side .... */
+BIGNUM *SRP_Calc_server_key(const BIGNUM *A, const BIGNUM *v, const BIGNUM *u,
+ const BIGNUM *b, const BIGNUM *N);
+BIGNUM *SRP_Calc_B_ex(const BIGNUM *b, const BIGNUM *N, const BIGNUM *g,
+ const BIGNUM *v, OPENSSL_CTX *libctx, const char *propq);
+BIGNUM *SRP_Calc_B(const BIGNUM *b, const BIGNUM *N, const BIGNUM *g,
+ const BIGNUM *v);
+int SRP_Verify_A_mod_N(const BIGNUM *A, const BIGNUM *N);
+BIGNUM *SRP_Calc_u_ex(const BIGNUM *A, const BIGNUM *B, const BIGNUM *N,
+ OPENSSL_CTX *libctx, const char *propq);
+BIGNUM *SRP_Calc_u(const BIGNUM *A, const BIGNUM *B, const BIGNUM *N);
+
+/* client side .... */
+BIGNUM *SRP_Calc_x_ex(const BIGNUM *s, const char *user, const char *pass,
+ OPENSSL_CTX *libctx, const char *propq);
+BIGNUM *SRP_Calc_x(const BIGNUM *s, const char *user, const char *pass);
+BIGNUM *SRP_Calc_A(const BIGNUM *a, const BIGNUM *N, const BIGNUM *g);
+BIGNUM *SRP_Calc_client_key_ex(const BIGNUM *N, const BIGNUM *B, const BIGNUM *g,
+ const BIGNUM *x, const BIGNUM *a, const BIGNUM *u,
+ OPENSSL_CTX *libctx, const char *propq);
+BIGNUM *SRP_Calc_client_key(const BIGNUM *N, const BIGNUM *B, const BIGNUM *g,
+ const BIGNUM *x, const BIGNUM *a, const BIGNUM *u);
+int SRP_Verify_B_mod_N(const BIGNUM *B, const BIGNUM *N);
+
+# define SRP_MINIMAL_N 1024
+
+# ifdef __cplusplus
+}
+# endif
+# endif
+
+#endif
diff --git a/openssl/include/openssl/srtp.h b/openssl/include/openssl/srtp.h new file mode 100644 index 00000000..123d7967 --- /dev/null +++ b/openssl/include/openssl/srtp.h @@ -0,0 +1,56 @@ +/*
+ * Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/*
+ * DTLS code by Eric Rescorla <ekr@rtfm.com>
+ *
+ * Copyright (C) 2006, Network Resonance, Inc. Copyright (C) 2011, RTFM, Inc.
+ */
+
+#ifndef OPENSSL_SRTP_H
+# define OPENSSL_SRTP_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_D1_SRTP_H
+# endif
+
+# include <openssl/ssl.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# define SRTP_AES128_CM_SHA1_80 0x0001
+# define SRTP_AES128_CM_SHA1_32 0x0002
+# define SRTP_AES128_F8_SHA1_80 0x0003
+# define SRTP_AES128_F8_SHA1_32 0x0004
+# define SRTP_NULL_SHA1_80 0x0005
+# define SRTP_NULL_SHA1_32 0x0006
+
+/* AEAD SRTP protection profiles from RFC 7714 */
+# define SRTP_AEAD_AES_128_GCM 0x0007
+# define SRTP_AEAD_AES_256_GCM 0x0008
+
+# ifndef OPENSSL_NO_SRTP
+
+__owur int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles);
+__owur int SSL_set_tlsext_use_srtp(SSL *ssl, const char *profiles);
+
+__owur STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *ssl);
+__owur SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s);
+
+# endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/openssl/include/openssl/ssl.h b/openssl/include/openssl/ssl.h new file mode 100644 index 00000000..353e5376 --- /dev/null +++ b/openssl/include/openssl/ssl.h @@ -0,0 +1,2484 @@ +/*
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_SSL_H
+# define OPENSSL_SSL_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_SSL_H
+# endif
+
+# include <openssl/e_os2.h>
+# include <openssl/opensslconf.h>
+# include <openssl/comp.h>
+# include <openssl/bio.h>
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# include <openssl/x509.h>
+# include <openssl/crypto.h>
+# include <openssl/buffer.h>
+# endif
+# include <openssl/lhash.h>
+# include <openssl/pem.h>
+# include <openssl/hmac.h>
+# include <openssl/async.h>
+
+# include <openssl/safestack.h>
+# include <openssl/symhacks.h>
+# include <openssl/ct.h>
+# include <openssl/sslerr.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* OpenSSL version number for ASN.1 encoding of the session information */
+/*-
+ * Version 0 - initial version
+ * Version 1 - added the optional peer certificate
+ */
+# define SSL_SESSION_ASN1_VERSION 0x0001
+
+# define SSL_MAX_SSL_SESSION_ID_LENGTH 32
+# define SSL_MAX_SID_CTX_LENGTH 32
+
+# define SSL_MIN_RSA_MODULUS_LENGTH_IN_BYTES (512/8)
+# define SSL_MAX_KEY_ARG_LENGTH 8
+# define SSL_MAX_MASTER_KEY_LENGTH 48
+
+/* The maximum number of encrypt/decrypt pipelines we can support */
+# define SSL_MAX_PIPELINES 32
+
+/* text strings for the ciphers */
+
+/* These are used to specify which ciphers to use and not to use */
+
+# define SSL_TXT_LOW "LOW"
+# define SSL_TXT_MEDIUM "MEDIUM"
+# define SSL_TXT_HIGH "HIGH"
+# define SSL_TXT_FIPS "FIPS"
+
+# define SSL_TXT_aNULL "aNULL"
+# define SSL_TXT_eNULL "eNULL"
+# define SSL_TXT_NULL "NULL"
+
+# define SSL_TXT_kRSA "kRSA"
+# define SSL_TXT_kDHr "kDHr"/* this cipher class has been removed */
+# define SSL_TXT_kDHd "kDHd"/* this cipher class has been removed */
+# define SSL_TXT_kDH "kDH"/* this cipher class has been removed */
+# define SSL_TXT_kEDH "kEDH"/* alias for kDHE */
+# define SSL_TXT_kDHE "kDHE"
+# define SSL_TXT_kECDHr "kECDHr"/* this cipher class has been removed */
+# define SSL_TXT_kECDHe "kECDHe"/* this cipher class has been removed */
+# define SSL_TXT_kECDH "kECDH"/* this cipher class has been removed */
+# define SSL_TXT_kEECDH "kEECDH"/* alias for kECDHE */
+# define SSL_TXT_kECDHE "kECDHE"
+# define SSL_TXT_kPSK "kPSK"
+# define SSL_TXT_kRSAPSK "kRSAPSK"
+# define SSL_TXT_kECDHEPSK "kECDHEPSK"
+# define SSL_TXT_kDHEPSK "kDHEPSK"
+# define SSL_TXT_kGOST "kGOST"
+# define SSL_TXT_kGOST18 "kGOST18"
+# define SSL_TXT_kSRP "kSRP"
+
+# define SSL_TXT_aRSA "aRSA"
+# define SSL_TXT_aDSS "aDSS"
+# define SSL_TXT_aDH "aDH"/* this cipher class has been removed */
+# define SSL_TXT_aECDH "aECDH"/* this cipher class has been removed */
+# define SSL_TXT_aECDSA "aECDSA"
+# define SSL_TXT_aPSK "aPSK"
+# define SSL_TXT_aGOST94 "aGOST94"
+# define SSL_TXT_aGOST01 "aGOST01"
+# define SSL_TXT_aGOST12 "aGOST12"
+# define SSL_TXT_aGOST "aGOST"
+# define SSL_TXT_aSRP "aSRP"
+
+# define SSL_TXT_DSS "DSS"
+# define SSL_TXT_DH "DH"
+# define SSL_TXT_DHE "DHE"/* same as "kDHE:-ADH" */
+# define SSL_TXT_EDH "EDH"/* alias for DHE */
+# define SSL_TXT_ADH "ADH"
+# define SSL_TXT_RSA "RSA"
+# define SSL_TXT_ECDH "ECDH"
+# define SSL_TXT_EECDH "EECDH"/* alias for ECDHE" */
+# define SSL_TXT_ECDHE "ECDHE"/* same as "kECDHE:-AECDH" */
+# define SSL_TXT_AECDH "AECDH"
+# define SSL_TXT_ECDSA "ECDSA"
+# define SSL_TXT_PSK "PSK"
+# define SSL_TXT_SRP "SRP"
+
+# define SSL_TXT_DES "DES"
+# define SSL_TXT_3DES "3DES"
+# define SSL_TXT_RC4 "RC4"
+# define SSL_TXT_RC2 "RC2"
+# define SSL_TXT_IDEA "IDEA"
+# define SSL_TXT_SEED "SEED"
+# define SSL_TXT_AES128 "AES128"
+# define SSL_TXT_AES256 "AES256"
+# define SSL_TXT_AES "AES"
+# define SSL_TXT_AES_GCM "AESGCM"
+# define SSL_TXT_AES_CCM "AESCCM"
+# define SSL_TXT_AES_CCM_8 "AESCCM8"
+# define SSL_TXT_CAMELLIA128 "CAMELLIA128"
+# define SSL_TXT_CAMELLIA256 "CAMELLIA256"
+# define SSL_TXT_CAMELLIA "CAMELLIA"
+# define SSL_TXT_CHACHA20 "CHACHA20"
+# define SSL_TXT_GOST "GOST89"
+# define SSL_TXT_ARIA "ARIA"
+# define SSL_TXT_ARIA_GCM "ARIAGCM"
+# define SSL_TXT_ARIA128 "ARIA128"
+# define SSL_TXT_ARIA256 "ARIA256"
+# define SSL_TXT_GOST2012_GOST8912_GOST8912 "GOST2012-GOST8912-GOST8912"
+# define SSL_TXT_CBC "CBC"
+
+# define SSL_TXT_MD5 "MD5"
+# define SSL_TXT_SHA1 "SHA1"
+# define SSL_TXT_SHA "SHA"/* same as "SHA1" */
+# define SSL_TXT_GOST94 "GOST94"
+# define SSL_TXT_GOST89MAC "GOST89MAC"
+# define SSL_TXT_GOST12 "GOST12"
+# define SSL_TXT_GOST89MAC12 "GOST89MAC12"
+# define SSL_TXT_SHA256 "SHA256"
+# define SSL_TXT_SHA384 "SHA384"
+
+# define SSL_TXT_SSLV3 "SSLv3"
+# define SSL_TXT_TLSV1 "TLSv1"
+# define SSL_TXT_TLSV1_1 "TLSv1.1"
+# define SSL_TXT_TLSV1_2 "TLSv1.2"
+
+# define SSL_TXT_ALL "ALL"
+
+/*-
+ * COMPLEMENTOF* definitions. These identifiers are used to (de-select)
+ * ciphers normally not being used.
+ * Example: "RC4" will activate all ciphers using RC4 including ciphers
+ * without authentication, which would normally disabled by DEFAULT (due
+ * the "!ADH" being part of default). Therefore "RC4:!COMPLEMENTOFDEFAULT"
+ * will make sure that it is also disabled in the specific selection.
+ * COMPLEMENTOF* identifiers are portable between version, as adjustments
+ * to the default cipher setup will also be included here.
+ *
+ * COMPLEMENTOFDEFAULT does not experience the same special treatment that
+ * DEFAULT gets, as only selection is being done and no sorting as needed
+ * for DEFAULT.
+ */
+# define SSL_TXT_CMPALL "COMPLEMENTOFALL"
+# define SSL_TXT_CMPDEF "COMPLEMENTOFDEFAULT"
+
+/*
+ * The following cipher list is used by default. It also is substituted when
+ * an application-defined cipher list string starts with 'DEFAULT'.
+ * This applies to ciphersuites for TLSv1.2 and below.
+ * DEPRECATED IN 3.0.0, in favor of OSSL_default_cipher_list()
+ * Update both macro and function simultaneously
+ */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define SSL_DEFAULT_CIPHER_LIST "ALL:!COMPLEMENTOFDEFAULT:!eNULL"
+/*
+ * This is the default set of TLSv1.3 ciphersuites
+ * DEPRECATED IN 3.0.0, in favor of OSSL_default_ciphersuites()
+ * Update both macro and function simultaneously
+ */
+# if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
+# define TLS_DEFAULT_CIPHERSUITES "TLS_AES_256_GCM_SHA384:" \
+ "TLS_CHACHA20_POLY1305_SHA256:" \
+ "TLS_AES_128_GCM_SHA256"
+# else
+# define TLS_DEFAULT_CIPHERSUITES "TLS_AES_256_GCM_SHA384:" \
+ "TLS_AES_128_GCM_SHA256"
+# endif
+# endif
+/*
+ * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
+ * starts with a reasonable order, and all we have to do for DEFAULT is
+ * throwing out anonymous and unencrypted ciphersuites! (The latter are not
+ * actually enabled by ALL, but "ALL:RSA" would enable some of them.)
+ */
+
+/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
+# define SSL_SENT_SHUTDOWN 1
+# define SSL_RECEIVED_SHUTDOWN 2
+
+#ifdef __cplusplus
+}
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1
+# define SSL_FILETYPE_PEM X509_FILETYPE_PEM
+
+/*
+ * This is needed to stop compilers complaining about the 'struct ssl_st *'
+ * function parameters used to prototype callbacks in SSL_CTX.
+ */
+typedef struct ssl_st *ssl_crock_st;
+typedef struct tls_session_ticket_ext_st TLS_SESSION_TICKET_EXT;
+typedef struct ssl_method_st SSL_METHOD;
+typedef struct ssl_cipher_st SSL_CIPHER;
+typedef struct ssl_session_st SSL_SESSION;
+typedef struct tls_sigalgs_st TLS_SIGALGS;
+typedef struct ssl_conf_ctx_st SSL_CONF_CTX;
+typedef struct ssl_comp_st SSL_COMP;
+
+STACK_OF(SSL_CIPHER);
+STACK_OF(SSL_COMP);
+
+/* SRTP protection profiles for use with the use_srtp extension (RFC 5764)*/
+typedef struct srtp_protection_profile_st {
+ const char *name;
+ unsigned long id;
+} SRTP_PROTECTION_PROFILE;
+DEFINE_OR_DECLARE_STACK_OF(SRTP_PROTECTION_PROFILE)
+
+
+typedef int (*tls_session_ticket_ext_cb_fn)(SSL *s, const unsigned char *data,
+ int len, void *arg);
+typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len,
+ STACK_OF(SSL_CIPHER) *peer_ciphers,
+ const SSL_CIPHER **cipher, void *arg);
+
+/* Extension context codes */
+/* This extension is only allowed in TLS */
+#define SSL_EXT_TLS_ONLY 0x0001
+/* This extension is only allowed in DTLS */
+#define SSL_EXT_DTLS_ONLY 0x0002
+/* Some extensions may be allowed in DTLS but we don't implement them for it */
+#define SSL_EXT_TLS_IMPLEMENTATION_ONLY 0x0004
+/* Most extensions are not defined for SSLv3 but EXT_TYPE_renegotiate is */
+#define SSL_EXT_SSL3_ALLOWED 0x0008
+/* Extension is only defined for TLS1.2 and below */
+#define SSL_EXT_TLS1_2_AND_BELOW_ONLY 0x0010
+/* Extension is only defined for TLS1.3 and above */
+#define SSL_EXT_TLS1_3_ONLY 0x0020
+/* Ignore this extension during parsing if we are resuming */
+#define SSL_EXT_IGNORE_ON_RESUMPTION 0x0040
+#define SSL_EXT_CLIENT_HELLO 0x0080
+/* Really means TLS1.2 or below */
+#define SSL_EXT_TLS1_2_SERVER_HELLO 0x0100
+#define SSL_EXT_TLS1_3_SERVER_HELLO 0x0200
+#define SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS 0x0400
+#define SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST 0x0800
+#define SSL_EXT_TLS1_3_CERTIFICATE 0x1000
+#define SSL_EXT_TLS1_3_NEW_SESSION_TICKET 0x2000
+#define SSL_EXT_TLS1_3_CERTIFICATE_REQUEST 0x4000
+
+/* Typedefs for handling custom extensions */
+
+typedef int (*custom_ext_add_cb)(SSL *s, unsigned int ext_type,
+ const unsigned char **out, size_t *outlen,
+ int *al, void *add_arg);
+
+typedef void (*custom_ext_free_cb)(SSL *s, unsigned int ext_type,
+ const unsigned char *out, void *add_arg);
+
+typedef int (*custom_ext_parse_cb)(SSL *s, unsigned int ext_type,
+ const unsigned char *in, size_t inlen,
+ int *al, void *parse_arg);
+
+
+typedef int (*SSL_custom_ext_add_cb_ex)(SSL *s, unsigned int ext_type,
+ unsigned int context,
+ const unsigned char **out,
+ size_t *outlen, X509 *x,
+ size_t chainidx,
+ int *al, void *add_arg);
+
+typedef void (*SSL_custom_ext_free_cb_ex)(SSL *s, unsigned int ext_type,
+ unsigned int context,
+ const unsigned char *out,
+ void *add_arg);
+
+typedef int (*SSL_custom_ext_parse_cb_ex)(SSL *s, unsigned int ext_type,
+ unsigned int context,
+ const unsigned char *in,
+ size_t inlen, X509 *x,
+ size_t chainidx,
+ int *al, void *parse_arg);
+
+/* Typedef for verification callback */
+typedef int (*SSL_verify_cb)(int preverify_ok, X509_STORE_CTX *x509_ctx);
+
+/* Typedef for SSL async callback */
+typedef int (*SSL_async_callback_fn)(SSL *s, void *arg);
+
+/*
+ * Some values are reserved until OpenSSL 3.0.0 because they were previously
+ * included in SSL_OP_ALL in a 1.1.x release.
+ */
+
+/* Disable Extended master secret */
+# define SSL_OP_NO_EXTENDED_MASTER_SECRET 0x00000001U
+
+/* Reserved value (until OpenSSL 3.0.0) 0x00000002U */
+
+/* Allow initial connection to servers that don't support RI */
+# define SSL_OP_LEGACY_SERVER_CONNECT 0x00000004U
+
+# define SSL_OP_TLSEXT_PADDING 0x00000010U
+# define SSL_OP_SAFARI_ECDHE_ECDSA_BUG 0x00000040U
+# define SSL_OP_IGNORE_UNEXPECTED_EOF 0x00000080U
+
+# define SSL_OP_DISABLE_TLSEXT_CA_NAMES 0x00000200U
+
+/* In TLSv1.3 allow a non-(ec)dhe based kex_mode */
+# define SSL_OP_ALLOW_NO_DHE_KEX 0x00000400U
+
+/*
+ * Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added in
+ * OpenSSL 0.9.6d. Usually (depending on the application protocol) the
+ * workaround is not needed. Unfortunately some broken SSL/TLS
+ * implementations cannot handle it at all, which is why we include it in
+ * SSL_OP_ALL. Added in 0.9.6e
+ */
+# define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS 0x00000800U
+
+/* DTLS options */
+# define SSL_OP_NO_QUERY_MTU 0x00001000U
+/* Turn on Cookie Exchange (on relevant for servers) */
+# define SSL_OP_COOKIE_EXCHANGE 0x00002000U
+/* Don't use RFC4507 ticket extension */
+# define SSL_OP_NO_TICKET 0x00004000U
+# ifndef OPENSSL_NO_DTLS1_METHOD
+/* Use Cisco's "speshul" version of DTLS_BAD_VER
+ * (only with deprecated DTLSv1_client_method()) */
+# define SSL_OP_CISCO_ANYCONNECT 0x00008000U
+# endif
+
+/* As server, disallow session resumption on renegotiation */
+# define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000U
+/* Don't use compression even if supported */
+# define SSL_OP_NO_COMPRESSION 0x00020000U
+/* Permit unsafe legacy renegotiation */
+# define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00040000U
+/* Disable encrypt-then-mac */
+# define SSL_OP_NO_ENCRYPT_THEN_MAC 0x00080000U
+
+/*
+ * Enable TLSv1.3 Compatibility mode. This is on by default. A future version
+ * of OpenSSL may have this disabled by default.
+ */
+# define SSL_OP_ENABLE_MIDDLEBOX_COMPAT 0x00100000U
+
+/* Prioritize Chacha20Poly1305 when client does.
+ * Modifies SSL_OP_CIPHER_SERVER_PREFERENCE */
+# define SSL_OP_PRIORITIZE_CHACHA 0x00200000U
+
+/*
+ * Set on servers to choose the cipher according to the server's preferences
+ */
+# define SSL_OP_CIPHER_SERVER_PREFERENCE 0x00400000U
+/*
+ * If set, a server will allow a client to issue a SSLv3.0 version number as
+ * latest version supported in the premaster secret, even when TLSv1.0
+ * (version 3.1) was announced in the client hello. Normally this is
+ * forbidden to prevent version rollback attacks.
+ */
+# define SSL_OP_TLS_ROLLBACK_BUG 0x00800000U
+
+/*
+ * Switches off automatic TLSv1.3 anti-replay protection for early data. This
+ * is a server-side option only (no effect on the client).
+ */
+# define SSL_OP_NO_ANTI_REPLAY 0x01000000U
+
+# define SSL_OP_NO_SSLv3 0x02000000U
+# define SSL_OP_NO_TLSv1 0x04000000U
+# define SSL_OP_NO_TLSv1_2 0x08000000U
+# define SSL_OP_NO_TLSv1_1 0x10000000U
+# define SSL_OP_NO_TLSv1_3 0x20000000U
+
+# define SSL_OP_NO_DTLSv1 0x04000000U
+# define SSL_OP_NO_DTLSv1_2 0x08000000U
+
+# define SSL_OP_NO_SSL_MASK (SSL_OP_NO_SSLv3|\
+ SSL_OP_NO_TLSv1|SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1_2|SSL_OP_NO_TLSv1_3)
+# define SSL_OP_NO_DTLS_MASK (SSL_OP_NO_DTLSv1|SSL_OP_NO_DTLSv1_2)
+
+/* Disallow all renegotiation */
+# define SSL_OP_NO_RENEGOTIATION 0x40000000U
+
+/*
+ * Make server add server-hello extension from early version of cryptopro
+ * draft, when GOST ciphersuite is negotiated. Required for interoperability
+ * with CryptoPro CSP 3.x
+ */
+# define SSL_OP_CRYPTOPRO_TLSEXT_BUG 0x80000000U
+
+/*
+ * SSL_OP_ALL: various bug workarounds that should be rather harmless.
+ * This used to be 0x000FFFFFL before 0.9.7.
+ * This used to be 0x80000BFFU before 1.1.1.
+ */
+# define SSL_OP_ALL (SSL_OP_CRYPTOPRO_TLSEXT_BUG|\
+ SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS|\
+ SSL_OP_LEGACY_SERVER_CONNECT|\
+ SSL_OP_TLSEXT_PADDING|\
+ SSL_OP_SAFARI_ECDHE_ECDSA_BUG)
+
+/* OBSOLETE OPTIONS: retained for compatibility */
+
+/* Removed from OpenSSL 1.1.0. Was 0x00000001L */
+/* Related to removed SSLv2. */
+# define SSL_OP_MICROSOFT_SESS_ID_BUG 0x0
+/* Removed from OpenSSL 1.1.0. Was 0x00000002L */
+/* Related to removed SSLv2. */
+# define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x0
+/* Removed from OpenSSL 0.9.8q and 1.0.0c. Was 0x00000008L */
+/* Dead forever, see CVE-2010-4180 */
+# define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x0
+/* Removed from OpenSSL 1.0.1h and 1.0.2. Was 0x00000010L */
+/* Refers to ancient SSLREF and SSLv2. */
+# define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x0
+/* Removed from OpenSSL 1.1.0. Was 0x00000020 */
+# define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x0
+/* Removed from OpenSSL 0.9.7h and 0.9.8b. Was 0x00000040L */
+# define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x0
+/* Removed from OpenSSL 1.1.0. Was 0x00000080 */
+/* Ancient SSLeay version. */
+# define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x0
+/* Removed from OpenSSL 1.1.0. Was 0x00000100L */
+# define SSL_OP_TLS_D5_BUG 0x0
+/* Removed from OpenSSL 1.1.0. Was 0x00000200L */
+# define SSL_OP_TLS_BLOCK_PADDING_BUG 0x0
+/* Removed from OpenSSL 1.1.0. Was 0x00080000L */
+# define SSL_OP_SINGLE_ECDH_USE 0x0
+/* Removed from OpenSSL 1.1.0. Was 0x00100000L */
+# define SSL_OP_SINGLE_DH_USE 0x0
+/* Removed from OpenSSL 1.0.1k and 1.0.2. Was 0x00200000L */
+# define SSL_OP_EPHEMERAL_RSA 0x0
+/* Removed from OpenSSL 1.1.0. Was 0x01000000L */
+# define SSL_OP_NO_SSLv2 0x0
+/* Removed from OpenSSL 1.0.1. Was 0x08000000L */
+# define SSL_OP_PKCS1_CHECK_1 0x0
+/* Removed from OpenSSL 1.0.1. Was 0x10000000L */
+# define SSL_OP_PKCS1_CHECK_2 0x0
+/* Removed from OpenSSL 1.1.0. Was 0x20000000L */
+# define SSL_OP_NETSCAPE_CA_DN_BUG 0x0
+/* Removed from OpenSSL 1.1.0. Was 0x40000000L */
+# define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x0
+
+/*
+ * Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success
+ * when just a single record has been written):
+ */
+# define SSL_MODE_ENABLE_PARTIAL_WRITE 0x00000001U
+/*
+ * Make it possible to retry SSL_write() with changed buffer location (buffer
+ * contents must stay the same!); this is not the default to avoid the
+ * misconception that non-blocking SSL_write() behaves like non-blocking
+ * write():
+ */
+# define SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 0x00000002U
+/*
+ * Never bother the application with retries if the transport is blocking:
+ */
+# define SSL_MODE_AUTO_RETRY 0x00000004U
+/* Don't attempt to automatically build certificate chain */
+# define SSL_MODE_NO_AUTO_CHAIN 0x00000008U
+/*
+ * Save RAM by releasing read and write buffers when they're empty. (SSL3 and
+ * TLS only.) Released buffers are freed.
+ */
+# define SSL_MODE_RELEASE_BUFFERS 0x00000010U
+/*
+ * Send the current time in the Random fields of the ClientHello and
+ * ServerHello records for compatibility with hypothetical implementations
+ * that require it.
+ */
+# define SSL_MODE_SEND_CLIENTHELLO_TIME 0x00000020U
+# define SSL_MODE_SEND_SERVERHELLO_TIME 0x00000040U
+/*
+ * Send TLS_FALLBACK_SCSV in the ClientHello. To be set only by applications
+ * that reconnect with a downgraded protocol version; see
+ * draft-ietf-tls-downgrade-scsv-00 for details. DO NOT ENABLE THIS if your
+ * application attempts a normal handshake. Only use this in explicit
+ * fallback retries, following the guidance in
+ * draft-ietf-tls-downgrade-scsv-00.
+ */
+# define SSL_MODE_SEND_FALLBACK_SCSV 0x00000080U
+/*
+ * Support Asynchronous operation
+ */
+# define SSL_MODE_ASYNC 0x00000100U
+/*
+ * Don't use the kernel TLS data-path for sending.
+ */
+# define SSL_MODE_NO_KTLS_TX 0x00000200U
+/*
+ * When using DTLS/SCTP, include the terminating zero in the label
+ * used for computing the endpoint-pair shared secret. Required for
+ * interoperability with implementations having this bug like these
+ * older version of OpenSSL:
+ * - OpenSSL 1.0.0 series
+ * - OpenSSL 1.0.1 series
+ * - OpenSSL 1.0.2 series
+ * - OpenSSL 1.1.0 series
+ * - OpenSSL 1.1.1 and 1.1.1a
+ */
+# define SSL_MODE_DTLS_SCTP_LABEL_LENGTH_BUG 0x00000400U
+/*
+ * Don't use the kernel TLS data-path for receiving.
+ */
+# define SSL_MODE_NO_KTLS_RX 0x00000800U
+
+/* Cert related flags */
+/*
+ * Many implementations ignore some aspects of the TLS standards such as
+ * enforcing certificate chain algorithms. When this is set we enforce them.
+ */
+# define SSL_CERT_FLAG_TLS_STRICT 0x00000001U
+
+/* Suite B modes, takes same values as certificate verify flags */
+# define SSL_CERT_FLAG_SUITEB_128_LOS_ONLY 0x10000
+/* Suite B 192 bit only mode */
+# define SSL_CERT_FLAG_SUITEB_192_LOS 0x20000
+/* Suite B 128 bit mode allowing 192 bit algorithms */
+# define SSL_CERT_FLAG_SUITEB_128_LOS 0x30000
+
+/* Perform all sorts of protocol violations for testing purposes */
+# define SSL_CERT_FLAG_BROKEN_PROTOCOL 0x10000000
+
+/* Flags for building certificate chains */
+/* Treat any existing certificates as untrusted CAs */
+# define SSL_BUILD_CHAIN_FLAG_UNTRUSTED 0x1
+/* Don't include root CA in chain */
+# define SSL_BUILD_CHAIN_FLAG_NO_ROOT 0x2
+/* Just check certificates already there */
+# define SSL_BUILD_CHAIN_FLAG_CHECK 0x4
+/* Ignore verification errors */
+# define SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR 0x8
+/* Clear verification errors from queue */
+# define SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR 0x10
+
+/* Flags returned by SSL_check_chain */
+/* Certificate can be used with this session */
+# define CERT_PKEY_VALID 0x1
+/* Certificate can also be used for signing */
+# define CERT_PKEY_SIGN 0x2
+/* EE certificate signing algorithm OK */
+# define CERT_PKEY_EE_SIGNATURE 0x10
+/* CA signature algorithms OK */
+# define CERT_PKEY_CA_SIGNATURE 0x20
+/* EE certificate parameters OK */
+# define CERT_PKEY_EE_PARAM 0x40
+/* CA certificate parameters OK */
+# define CERT_PKEY_CA_PARAM 0x80
+/* Signing explicitly allowed as opposed to SHA1 fallback */
+# define CERT_PKEY_EXPLICIT_SIGN 0x100
+/* Client CA issuer names match (always set for server cert) */
+# define CERT_PKEY_ISSUER_NAME 0x200
+/* Cert type matches client types (always set for server cert) */
+# define CERT_PKEY_CERT_TYPE 0x400
+/* Cert chain suitable to Suite B */
+# define CERT_PKEY_SUITEB 0x800
+
+# define SSL_CONF_FLAG_CMDLINE 0x1
+# define SSL_CONF_FLAG_FILE 0x2
+# define SSL_CONF_FLAG_CLIENT 0x4
+# define SSL_CONF_FLAG_SERVER 0x8
+# define SSL_CONF_FLAG_SHOW_ERRORS 0x10
+# define SSL_CONF_FLAG_CERTIFICATE 0x20
+# define SSL_CONF_FLAG_REQUIRE_PRIVATE 0x40
+/* Configuration value types */
+# define SSL_CONF_TYPE_UNKNOWN 0x0
+# define SSL_CONF_TYPE_STRING 0x1
+# define SSL_CONF_TYPE_FILE 0x2
+# define SSL_CONF_TYPE_DIR 0x3
+# define SSL_CONF_TYPE_NONE 0x4
+# define SSL_CONF_TYPE_STORE 0x5
+
+/* Maximum length of the application-controlled segment of a a TLSv1.3 cookie */
+# define SSL_COOKIE_LENGTH 4096
+
+/*
+ * Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value, they
+ * cannot be used to clear bits.
+ */
+
+unsigned long SSL_CTX_get_options(const SSL_CTX *ctx);
+unsigned long SSL_get_options(const SSL *s);
+unsigned long SSL_CTX_clear_options(SSL_CTX *ctx, unsigned long op);
+unsigned long SSL_clear_options(SSL *s, unsigned long op);
+unsigned long SSL_CTX_set_options(SSL_CTX *ctx, unsigned long op);
+unsigned long SSL_set_options(SSL *s, unsigned long op);
+
+# define SSL_CTX_set_mode(ctx,op) \
+ SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL)
+# define SSL_CTX_clear_mode(ctx,op) \
+ SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_MODE,(op),NULL)
+# define SSL_CTX_get_mode(ctx) \
+ SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,0,NULL)
+# define SSL_clear_mode(ssl,op) \
+ SSL_ctrl((ssl),SSL_CTRL_CLEAR_MODE,(op),NULL)
+# define SSL_set_mode(ssl,op) \
+ SSL_ctrl((ssl),SSL_CTRL_MODE,(op),NULL)
+# define SSL_get_mode(ssl) \
+ SSL_ctrl((ssl),SSL_CTRL_MODE,0,NULL)
+# define SSL_set_mtu(ssl, mtu) \
+ SSL_ctrl((ssl),SSL_CTRL_SET_MTU,(mtu),NULL)
+# define DTLS_set_link_mtu(ssl, mtu) \
+ SSL_ctrl((ssl),DTLS_CTRL_SET_LINK_MTU,(mtu),NULL)
+# define DTLS_get_link_min_mtu(ssl) \
+ SSL_ctrl((ssl),DTLS_CTRL_GET_LINK_MIN_MTU,0,NULL)
+
+# define SSL_get_secure_renegotiation_support(ssl) \
+ SSL_ctrl((ssl), SSL_CTRL_GET_RI_SUPPORT, 0, NULL)
+
+# define SSL_CTX_set_cert_flags(ctx,op) \
+ SSL_CTX_ctrl((ctx),SSL_CTRL_CERT_FLAGS,(op),NULL)
+# define SSL_set_cert_flags(s,op) \
+ SSL_ctrl((s),SSL_CTRL_CERT_FLAGS,(op),NULL)
+# define SSL_CTX_clear_cert_flags(ctx,op) \
+ SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_CERT_FLAGS,(op),NULL)
+# define SSL_clear_cert_flags(s,op) \
+ SSL_ctrl((s),SSL_CTRL_CLEAR_CERT_FLAGS,(op),NULL)
+
+void SSL_CTX_set_msg_callback(SSL_CTX *ctx,
+ void (*cb) (int write_p, int version,
+ int content_type, const void *buf,
+ size_t len, SSL *ssl, void *arg));
+void SSL_set_msg_callback(SSL *ssl,
+ void (*cb) (int write_p, int version,
+ int content_type, const void *buf,
+ size_t len, SSL *ssl, void *arg));
+# define SSL_CTX_set_msg_callback_arg(ctx, arg) SSL_CTX_ctrl((ctx), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
+# define SSL_set_msg_callback_arg(ssl, arg) SSL_ctrl((ssl), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
+
+# define SSL_get_extms_support(s) \
+ SSL_ctrl((s),SSL_CTRL_GET_EXTMS_SUPPORT,0,NULL)
+
+# ifndef OPENSSL_NO_SRP
+
+/* see tls_srp.c */
+__owur int SSL_SRP_CTX_init(SSL *s);
+__owur int SSL_CTX_SRP_CTX_init(SSL_CTX *ctx);
+int SSL_SRP_CTX_free(SSL *ctx);
+int SSL_CTX_SRP_CTX_free(SSL_CTX *ctx);
+__owur int SSL_srp_server_param_with_username(SSL *s, int *ad);
+__owur int SRP_Calc_A_param(SSL *s);
+
+# endif
+
+/* 100k max cert list */
+# define SSL_MAX_CERT_LIST_DEFAULT 1024*100
+
+# define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT (1024*20)
+
+/*
+ * This callback type is used inside SSL_CTX, SSL, and in the functions that
+ * set them. It is used to override the generation of SSL/TLS session IDs in
+ * a server. Return value should be zero on an error, non-zero to proceed.
+ * Also, callbacks should themselves check if the id they generate is unique
+ * otherwise the SSL handshake will fail with an error - callbacks can do
+ * this using the 'ssl' value they're passed by;
+ * SSL_has_matching_session_id(ssl, id, *id_len) The length value passed in
+ * is set at the maximum size the session ID can be. In SSLv3/TLSv1 it is 32
+ * bytes. The callback can alter this length to be less if desired. It is
+ * also an error for the callback to set the size to zero.
+ */
+typedef int (*GEN_SESSION_CB) (SSL *ssl, unsigned char *id,
+ unsigned int *id_len);
+
+# define SSL_SESS_CACHE_OFF 0x0000
+# define SSL_SESS_CACHE_CLIENT 0x0001
+# define SSL_SESS_CACHE_SERVER 0x0002
+# define SSL_SESS_CACHE_BOTH (SSL_SESS_CACHE_CLIENT|SSL_SESS_CACHE_SERVER)
+# define SSL_SESS_CACHE_NO_AUTO_CLEAR 0x0080
+/* enough comments already ... see SSL_CTX_set_session_cache_mode(3) */
+# define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP 0x0100
+# define SSL_SESS_CACHE_NO_INTERNAL_STORE 0x0200
+# define SSL_SESS_CACHE_NO_INTERNAL \
+ (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP|SSL_SESS_CACHE_NO_INTERNAL_STORE)
+
+LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx);
+# define SSL_CTX_sess_number(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_NUMBER,0,NULL)
+# define SSL_CTX_sess_connect(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT,0,NULL)
+# define SSL_CTX_sess_connect_good(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_GOOD,0,NULL)
+# define SSL_CTX_sess_connect_renegotiate(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_RENEGOTIATE,0,NULL)
+# define SSL_CTX_sess_accept(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT,0,NULL)
+# define SSL_CTX_sess_accept_renegotiate(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_RENEGOTIATE,0,NULL)
+# define SSL_CTX_sess_accept_good(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_GOOD,0,NULL)
+# define SSL_CTX_sess_hits(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_HIT,0,NULL)
+# define SSL_CTX_sess_cb_hits(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CB_HIT,0,NULL)
+# define SSL_CTX_sess_misses(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_MISSES,0,NULL)
+# define SSL_CTX_sess_timeouts(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_TIMEOUTS,0,NULL)
+# define SSL_CTX_sess_cache_full(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CACHE_FULL,0,NULL)
+
+void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
+ int (*new_session_cb) (struct ssl_st *ssl,
+ SSL_SESSION *sess));
+int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx)) (struct ssl_st *ssl,
+ SSL_SESSION *sess);
+void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
+ void (*remove_session_cb) (struct ssl_ctx_st
+ *ctx,
+ SSL_SESSION *sess));
+void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx)) (struct ssl_ctx_st *ctx,
+ SSL_SESSION *sess);
+void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
+ SSL_SESSION *(*get_session_cb) (struct ssl_st
+ *ssl,
+ const unsigned char
+ *data, int len,
+ int *copy));
+SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx)) (struct ssl_st *ssl,
+ const unsigned char *data,
+ int len, int *copy);
+void SSL_CTX_set_info_callback(SSL_CTX *ctx,
+ void (*cb) (const SSL *ssl, int type, int val));
+void (*SSL_CTX_get_info_callback(SSL_CTX *ctx)) (const SSL *ssl, int type,
+ int val);
+void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx,
+ int (*client_cert_cb) (SSL *ssl, X509 **x509,
+ EVP_PKEY **pkey));
+int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx)) (SSL *ssl, X509 **x509,
+ EVP_PKEY **pkey);
+# ifndef OPENSSL_NO_ENGINE
+__owur int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e);
+# endif
+void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx,
+ int (*app_gen_cookie_cb) (SSL *ssl,
+ unsigned char
+ *cookie,
+ unsigned int
+ *cookie_len));
+void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
+ int (*app_verify_cookie_cb) (SSL *ssl,
+ const unsigned
+ char *cookie,
+ unsigned int
+ cookie_len));
+
+void SSL_CTX_set_stateless_cookie_generate_cb(
+ SSL_CTX *ctx,
+ int (*gen_stateless_cookie_cb) (SSL *ssl,
+ unsigned char *cookie,
+ size_t *cookie_len));
+void SSL_CTX_set_stateless_cookie_verify_cb(
+ SSL_CTX *ctx,
+ int (*verify_stateless_cookie_cb) (SSL *ssl,
+ const unsigned char *cookie,
+ size_t cookie_len));
+# ifndef OPENSSL_NO_NEXTPROTONEG
+
+typedef int (*SSL_CTX_npn_advertised_cb_func)(SSL *ssl,
+ const unsigned char **out,
+ unsigned int *outlen,
+ void *arg);
+void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *s,
+ SSL_CTX_npn_advertised_cb_func cb,
+ void *arg);
+# define SSL_CTX_set_npn_advertised_cb SSL_CTX_set_next_protos_advertised_cb
+
+typedef int (*SSL_CTX_npn_select_cb_func)(SSL *s,
+ unsigned char **out,
+ unsigned char *outlen,
+ const unsigned char *in,
+ unsigned int inlen,
+ void *arg);
+void SSL_CTX_set_next_proto_select_cb(SSL_CTX *s,
+ SSL_CTX_npn_select_cb_func cb,
+ void *arg);
+# define SSL_CTX_set_npn_select_cb SSL_CTX_set_next_proto_select_cb
+
+void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
+ unsigned *len);
+# define SSL_get0_npn_negotiated SSL_get0_next_proto_negotiated
+# endif
+
+__owur int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
+ const unsigned char *in, unsigned int inlen,
+ const unsigned char *client,
+ unsigned int client_len);
+
+# define OPENSSL_NPN_UNSUPPORTED 0
+# define OPENSSL_NPN_NEGOTIATED 1
+# define OPENSSL_NPN_NO_OVERLAP 2
+
+__owur int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
+ unsigned int protos_len);
+__owur int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
+ unsigned int protos_len);
+typedef int (*SSL_CTX_alpn_select_cb_func)(SSL *ssl,
+ const unsigned char **out,
+ unsigned char *outlen,
+ const unsigned char *in,
+ unsigned int inlen,
+ void *arg);
+void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx,
+ SSL_CTX_alpn_select_cb_func cb,
+ void *arg);
+void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
+ unsigned int *len);
+
+# ifndef OPENSSL_NO_PSK
+/*
+ * the maximum length of the buffer given to callbacks containing the
+ * resulting identity/psk
+ */
+# define PSK_MAX_IDENTITY_LEN 128
+# define PSK_MAX_PSK_LEN 256
+typedef unsigned int (*SSL_psk_client_cb_func)(SSL *ssl,
+ const char *hint,
+ char *identity,
+ unsigned int max_identity_len,
+ unsigned char *psk,
+ unsigned int max_psk_len);
+void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx, SSL_psk_client_cb_func cb);
+void SSL_set_psk_client_callback(SSL *ssl, SSL_psk_client_cb_func cb);
+
+typedef unsigned int (*SSL_psk_server_cb_func)(SSL *ssl,
+ const char *identity,
+ unsigned char *psk,
+ unsigned int max_psk_len);
+void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx, SSL_psk_server_cb_func cb);
+void SSL_set_psk_server_callback(SSL *ssl, SSL_psk_server_cb_func cb);
+
+__owur int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint);
+__owur int SSL_use_psk_identity_hint(SSL *s, const char *identity_hint);
+const char *SSL_get_psk_identity_hint(const SSL *s);
+const char *SSL_get_psk_identity(const SSL *s);
+# endif
+
+typedef int (*SSL_psk_find_session_cb_func)(SSL *ssl,
+ const unsigned char *identity,
+ size_t identity_len,
+ SSL_SESSION **sess);
+typedef int (*SSL_psk_use_session_cb_func)(SSL *ssl, const EVP_MD *md,
+ const unsigned char **id,
+ size_t *idlen,
+ SSL_SESSION **sess);
+
+void SSL_set_psk_find_session_callback(SSL *s, SSL_psk_find_session_cb_func cb);
+void SSL_CTX_set_psk_find_session_callback(SSL_CTX *ctx,
+ SSL_psk_find_session_cb_func cb);
+void SSL_set_psk_use_session_callback(SSL *s, SSL_psk_use_session_cb_func cb);
+void SSL_CTX_set_psk_use_session_callback(SSL_CTX *ctx,
+ SSL_psk_use_session_cb_func cb);
+
+/* Register callbacks to handle custom TLS Extensions for client or server. */
+
+__owur int SSL_CTX_has_client_custom_ext(const SSL_CTX *ctx,
+ unsigned int ext_type);
+
+__owur int SSL_CTX_add_client_custom_ext(SSL_CTX *ctx,
+ unsigned int ext_type,
+ custom_ext_add_cb add_cb,
+ custom_ext_free_cb free_cb,
+ void *add_arg,
+ custom_ext_parse_cb parse_cb,
+ void *parse_arg);
+
+__owur int SSL_CTX_add_server_custom_ext(SSL_CTX *ctx,
+ unsigned int ext_type,
+ custom_ext_add_cb add_cb,
+ custom_ext_free_cb free_cb,
+ void *add_arg,
+ custom_ext_parse_cb parse_cb,
+ void *parse_arg);
+
+__owur int SSL_CTX_add_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
+ unsigned int context,
+ SSL_custom_ext_add_cb_ex add_cb,
+ SSL_custom_ext_free_cb_ex free_cb,
+ void *add_arg,
+ SSL_custom_ext_parse_cb_ex parse_cb,
+ void *parse_arg);
+
+__owur int SSL_extension_supported(unsigned int ext_type);
+
+# define SSL_NOTHING 1
+# define SSL_WRITING 2
+# define SSL_READING 3
+# define SSL_X509_LOOKUP 4
+# define SSL_ASYNC_PAUSED 5
+# define SSL_ASYNC_NO_JOBS 6
+# define SSL_CLIENT_HELLO_CB 7
+
+/* These will only be used when doing non-blocking IO */
+# define SSL_want_nothing(s) (SSL_want(s) == SSL_NOTHING)
+# define SSL_want_read(s) (SSL_want(s) == SSL_READING)
+# define SSL_want_write(s) (SSL_want(s) == SSL_WRITING)
+# define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP)
+# define SSL_want_async(s) (SSL_want(s) == SSL_ASYNC_PAUSED)
+# define SSL_want_async_job(s) (SSL_want(s) == SSL_ASYNC_NO_JOBS)
+# define SSL_want_client_hello_cb(s) (SSL_want(s) == SSL_CLIENT_HELLO_CB)
+
+# define SSL_MAC_FLAG_READ_MAC_STREAM 1
+# define SSL_MAC_FLAG_WRITE_MAC_STREAM 2
+# define SSL_MAC_FLAG_READ_MAC_TLSTREE 4
+# define SSL_MAC_FLAG_WRITE_MAC_TLSTREE 8
+
+/*
+ * A callback for logging out TLS key material. This callback should log out
+ * |line| followed by a newline.
+ */
+typedef void (*SSL_CTX_keylog_cb_func)(const SSL *ssl, const char *line);
+
+/*
+ * SSL_CTX_set_keylog_callback configures a callback to log key material. This
+ * is intended for debugging use with tools like Wireshark. The cb function
+ * should log line followed by a newline.
+ */
+void SSL_CTX_set_keylog_callback(SSL_CTX *ctx, SSL_CTX_keylog_cb_func cb);
+
+/*
+ * SSL_CTX_get_keylog_callback returns the callback configured by
+ * SSL_CTX_set_keylog_callback.
+ */
+SSL_CTX_keylog_cb_func SSL_CTX_get_keylog_callback(const SSL_CTX *ctx);
+
+int SSL_CTX_set_max_early_data(SSL_CTX *ctx, uint32_t max_early_data);
+uint32_t SSL_CTX_get_max_early_data(const SSL_CTX *ctx);
+int SSL_set_max_early_data(SSL *s, uint32_t max_early_data);
+uint32_t SSL_get_max_early_data(const SSL *s);
+int SSL_CTX_set_recv_max_early_data(SSL_CTX *ctx, uint32_t recv_max_early_data);
+uint32_t SSL_CTX_get_recv_max_early_data(const SSL_CTX *ctx);
+int SSL_set_recv_max_early_data(SSL *s, uint32_t recv_max_early_data);
+uint32_t SSL_get_recv_max_early_data(const SSL *s);
+
+#ifdef __cplusplus
+}
+#endif
+
+# include <openssl/ssl2.h>
+# include <openssl/ssl3.h>
+# include <openssl/tls1.h> /* This is mostly sslv3 with a few tweaks */
+# include <openssl/dtls1.h> /* Datagram TLS */
+# include <openssl/srtp.h> /* Support for the use_srtp extension */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * These need to be after the above set of includes due to a compiler bug
+ * in VisualStudio 2015
+ */
+DEFINE_OR_DECLARE_STACK_OF(SSL_CIPHER)
+DEFINE_OR_DECLARE_STACK_OF(SSL_COMP)
+
+/* compatibility */
+# define SSL_set_app_data(s,arg) (SSL_set_ex_data(s,0,(char *)(arg)))
+# define SSL_get_app_data(s) (SSL_get_ex_data(s,0))
+# define SSL_SESSION_set_app_data(s,a) (SSL_SESSION_set_ex_data(s,0, \
+ (char *)(a)))
+# define SSL_SESSION_get_app_data(s) (SSL_SESSION_get_ex_data(s,0))
+# define SSL_CTX_get_app_data(ctx) (SSL_CTX_get_ex_data(ctx,0))
+# define SSL_CTX_set_app_data(ctx,arg) (SSL_CTX_set_ex_data(ctx,0, \
+ (char *)(arg)))
+DEPRECATEDIN_1_1_0(void SSL_set_debug(SSL *s, int debug))
+
+/* TLSv1.3 KeyUpdate message types */
+/* -1 used so that this is an invalid value for the on-the-wire protocol */
+#define SSL_KEY_UPDATE_NONE -1
+/* Values as defined for the on-the-wire protocol */
+#define SSL_KEY_UPDATE_NOT_REQUESTED 0
+#define SSL_KEY_UPDATE_REQUESTED 1
+
+/*
+ * The valid handshake states (one for each type message sent and one for each
+ * type of message received). There are also two "special" states:
+ * TLS = TLS or DTLS state
+ * DTLS = DTLS specific state
+ * CR/SR = Client Read/Server Read
+ * CW/SW = Client Write/Server Write
+ *
+ * The "special" states are:
+ * TLS_ST_BEFORE = No handshake has been initiated yet
+ * TLS_ST_OK = A handshake has been successfully completed
+ */
+typedef enum {
+ TLS_ST_BEFORE,
+ TLS_ST_OK,
+ DTLS_ST_CR_HELLO_VERIFY_REQUEST,
+ TLS_ST_CR_SRVR_HELLO,
+ TLS_ST_CR_CERT,
+ TLS_ST_CR_CERT_STATUS,
+ TLS_ST_CR_KEY_EXCH,
+ TLS_ST_CR_CERT_REQ,
+ TLS_ST_CR_SRVR_DONE,
+ TLS_ST_CR_SESSION_TICKET,
+ TLS_ST_CR_CHANGE,
+ TLS_ST_CR_FINISHED,
+ TLS_ST_CW_CLNT_HELLO,
+ TLS_ST_CW_CERT,
+ TLS_ST_CW_KEY_EXCH,
+ TLS_ST_CW_CERT_VRFY,
+ TLS_ST_CW_CHANGE,
+ TLS_ST_CW_NEXT_PROTO,
+ TLS_ST_CW_FINISHED,
+ TLS_ST_SW_HELLO_REQ,
+ TLS_ST_SR_CLNT_HELLO,
+ DTLS_ST_SW_HELLO_VERIFY_REQUEST,
+ TLS_ST_SW_SRVR_HELLO,
+ TLS_ST_SW_CERT,
+ TLS_ST_SW_KEY_EXCH,
+ TLS_ST_SW_CERT_REQ,
+ TLS_ST_SW_SRVR_DONE,
+ TLS_ST_SR_CERT,
+ TLS_ST_SR_KEY_EXCH,
+ TLS_ST_SR_CERT_VRFY,
+ TLS_ST_SR_NEXT_PROTO,
+ TLS_ST_SR_CHANGE,
+ TLS_ST_SR_FINISHED,
+ TLS_ST_SW_SESSION_TICKET,
+ TLS_ST_SW_CERT_STATUS,
+ TLS_ST_SW_CHANGE,
+ TLS_ST_SW_FINISHED,
+ TLS_ST_SW_ENCRYPTED_EXTENSIONS,
+ TLS_ST_CR_ENCRYPTED_EXTENSIONS,
+ TLS_ST_CR_CERT_VRFY,
+ TLS_ST_SW_CERT_VRFY,
+ TLS_ST_CR_HELLO_REQ,
+ TLS_ST_SW_KEY_UPDATE,
+ TLS_ST_CW_KEY_UPDATE,
+ TLS_ST_SR_KEY_UPDATE,
+ TLS_ST_CR_KEY_UPDATE,
+ TLS_ST_EARLY_DATA,
+ TLS_ST_PENDING_EARLY_DATA_END,
+ TLS_ST_CW_END_OF_EARLY_DATA,
+ TLS_ST_SR_END_OF_EARLY_DATA
+} OSSL_HANDSHAKE_STATE;
+
+/*
+ * Most of the following state values are no longer used and are defined to be
+ * the closest equivalent value in the current state machine code. Not all
+ * defines have an equivalent and are set to a dummy value (-1). SSL_ST_CONNECT
+ * and SSL_ST_ACCEPT are still in use in the definition of SSL_CB_ACCEPT_LOOP,
+ * SSL_CB_ACCEPT_EXIT, SSL_CB_CONNECT_LOOP and SSL_CB_CONNECT_EXIT.
+ */
+
+# define SSL_ST_CONNECT 0x1000
+# define SSL_ST_ACCEPT 0x2000
+
+# define SSL_ST_MASK 0x0FFF
+
+# define SSL_CB_LOOP 0x01
+# define SSL_CB_EXIT 0x02
+# define SSL_CB_READ 0x04
+# define SSL_CB_WRITE 0x08
+# define SSL_CB_ALERT 0x4000/* used in callback */
+# define SSL_CB_READ_ALERT (SSL_CB_ALERT|SSL_CB_READ)
+# define SSL_CB_WRITE_ALERT (SSL_CB_ALERT|SSL_CB_WRITE)
+# define SSL_CB_ACCEPT_LOOP (SSL_ST_ACCEPT|SSL_CB_LOOP)
+# define SSL_CB_ACCEPT_EXIT (SSL_ST_ACCEPT|SSL_CB_EXIT)
+# define SSL_CB_CONNECT_LOOP (SSL_ST_CONNECT|SSL_CB_LOOP)
+# define SSL_CB_CONNECT_EXIT (SSL_ST_CONNECT|SSL_CB_EXIT)
+# define SSL_CB_HANDSHAKE_START 0x10
+# define SSL_CB_HANDSHAKE_DONE 0x20
+
+/* Is the SSL_connection established? */
+# define SSL_in_connect_init(a) (SSL_in_init(a) && !SSL_is_server(a))
+# define SSL_in_accept_init(a) (SSL_in_init(a) && SSL_is_server(a))
+int SSL_in_init(const SSL *s);
+int SSL_in_before(const SSL *s);
+int SSL_is_init_finished(const SSL *s);
+
+/*
+ * The following 3 states are kept in ssl->rlayer.rstate when reads fail, you
+ * should not need these
+ */
+# define SSL_ST_READ_HEADER 0xF0
+# define SSL_ST_READ_BODY 0xF1
+# define SSL_ST_READ_DONE 0xF2
+
+/*-
+ * Obtain latest Finished message
+ * -- that we sent (SSL_get_finished)
+ * -- that we expected from peer (SSL_get_peer_finished).
+ * Returns length (0 == no Finished so far), copies up to 'count' bytes.
+ */
+size_t SSL_get_finished(const SSL *s, void *buf, size_t count);
+size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count);
+
+/*
+ * use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 3 options are
+ * 'ored' with SSL_VERIFY_PEER if they are desired
+ */
+# define SSL_VERIFY_NONE 0x00
+# define SSL_VERIFY_PEER 0x01
+# define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02
+# define SSL_VERIFY_CLIENT_ONCE 0x04
+# define SSL_VERIFY_POST_HANDSHAKE 0x08
+
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# define OpenSSL_add_ssl_algorithms() SSL_library_init()
+# define SSLeay_add_ssl_algorithms() SSL_library_init()
+# endif
+
+/* More backward compatibility */
+# define SSL_get_cipher(s) \
+ SSL_CIPHER_get_name(SSL_get_current_cipher(s))
+# define SSL_get_cipher_bits(s,np) \
+ SSL_CIPHER_get_bits(SSL_get_current_cipher(s),np)
+# define SSL_get_cipher_version(s) \
+ SSL_CIPHER_get_version(SSL_get_current_cipher(s))
+# define SSL_get_cipher_name(s) \
+ SSL_CIPHER_get_name(SSL_get_current_cipher(s))
+# define SSL_get_time(a) SSL_SESSION_get_time(a)
+# define SSL_set_time(a,b) SSL_SESSION_set_time((a),(b))
+# define SSL_get_timeout(a) SSL_SESSION_get_timeout(a)
+# define SSL_set_timeout(a,b) SSL_SESSION_set_timeout((a),(b))
+
+# define d2i_SSL_SESSION_bio(bp,s_id) ASN1_d2i_bio_of(SSL_SESSION,SSL_SESSION_new,d2i_SSL_SESSION,bp,s_id)
+# define i2d_SSL_SESSION_bio(bp,s_id) ASN1_i2d_bio_of(SSL_SESSION,i2d_SSL_SESSION,bp,s_id)
+
+DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
+# define SSL_AD_REASON_OFFSET 1000/* offset to get SSL_R_... value
+ * from SSL_AD_... */
+/* These alert types are for SSLv3 and TLSv1 */
+# define SSL_AD_CLOSE_NOTIFY SSL3_AD_CLOSE_NOTIFY
+/* fatal */
+# define SSL_AD_UNEXPECTED_MESSAGE SSL3_AD_UNEXPECTED_MESSAGE
+/* fatal */
+# define SSL_AD_BAD_RECORD_MAC SSL3_AD_BAD_RECORD_MAC
+# define SSL_AD_DECRYPTION_FAILED TLS1_AD_DECRYPTION_FAILED
+# define SSL_AD_RECORD_OVERFLOW TLS1_AD_RECORD_OVERFLOW
+/* fatal */
+# define SSL_AD_DECOMPRESSION_FAILURE SSL3_AD_DECOMPRESSION_FAILURE
+/* fatal */
+# define SSL_AD_HANDSHAKE_FAILURE SSL3_AD_HANDSHAKE_FAILURE
+/* Not for TLS */
+# define SSL_AD_NO_CERTIFICATE SSL3_AD_NO_CERTIFICATE
+# define SSL_AD_BAD_CERTIFICATE SSL3_AD_BAD_CERTIFICATE
+# define SSL_AD_UNSUPPORTED_CERTIFICATE SSL3_AD_UNSUPPORTED_CERTIFICATE
+# define SSL_AD_CERTIFICATE_REVOKED SSL3_AD_CERTIFICATE_REVOKED
+# define SSL_AD_CERTIFICATE_EXPIRED SSL3_AD_CERTIFICATE_EXPIRED
+# define SSL_AD_CERTIFICATE_UNKNOWN SSL3_AD_CERTIFICATE_UNKNOWN
+/* fatal */
+# define SSL_AD_ILLEGAL_PARAMETER SSL3_AD_ILLEGAL_PARAMETER
+/* fatal */
+# define SSL_AD_UNKNOWN_CA TLS1_AD_UNKNOWN_CA
+/* fatal */
+# define SSL_AD_ACCESS_DENIED TLS1_AD_ACCESS_DENIED
+/* fatal */
+# define SSL_AD_DECODE_ERROR TLS1_AD_DECODE_ERROR
+# define SSL_AD_DECRYPT_ERROR TLS1_AD_DECRYPT_ERROR
+/* fatal */
+# define SSL_AD_EXPORT_RESTRICTION TLS1_AD_EXPORT_RESTRICTION
+/* fatal */
+# define SSL_AD_PROTOCOL_VERSION TLS1_AD_PROTOCOL_VERSION
+/* fatal */
+# define SSL_AD_INSUFFICIENT_SECURITY TLS1_AD_INSUFFICIENT_SECURITY
+/* fatal */
+# define SSL_AD_INTERNAL_ERROR TLS1_AD_INTERNAL_ERROR
+# define SSL_AD_USER_CANCELLED TLS1_AD_USER_CANCELLED
+# define SSL_AD_NO_RENEGOTIATION TLS1_AD_NO_RENEGOTIATION
+# define SSL_AD_MISSING_EXTENSION TLS13_AD_MISSING_EXTENSION
+# define SSL_AD_CERTIFICATE_REQUIRED TLS13_AD_CERTIFICATE_REQUIRED
+# define SSL_AD_UNSUPPORTED_EXTENSION TLS1_AD_UNSUPPORTED_EXTENSION
+# define SSL_AD_CERTIFICATE_UNOBTAINABLE TLS1_AD_CERTIFICATE_UNOBTAINABLE
+# define SSL_AD_UNRECOGNIZED_NAME TLS1_AD_UNRECOGNIZED_NAME
+# define SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE
+# define SSL_AD_BAD_CERTIFICATE_HASH_VALUE TLS1_AD_BAD_CERTIFICATE_HASH_VALUE
+/* fatal */
+# define SSL_AD_UNKNOWN_PSK_IDENTITY TLS1_AD_UNKNOWN_PSK_IDENTITY
+/* fatal */
+# define SSL_AD_INAPPROPRIATE_FALLBACK TLS1_AD_INAPPROPRIATE_FALLBACK
+# define SSL_AD_NO_APPLICATION_PROTOCOL TLS1_AD_NO_APPLICATION_PROTOCOL
+# define SSL_ERROR_NONE 0
+# define SSL_ERROR_SSL 1
+# define SSL_ERROR_WANT_READ 2
+# define SSL_ERROR_WANT_WRITE 3
+# define SSL_ERROR_WANT_X509_LOOKUP 4
+# define SSL_ERROR_SYSCALL 5/* look at error stack/return
+ * value/errno */
+# define SSL_ERROR_ZERO_RETURN 6
+# define SSL_ERROR_WANT_CONNECT 7
+# define SSL_ERROR_WANT_ACCEPT 8
+# define SSL_ERROR_WANT_ASYNC 9
+# define SSL_ERROR_WANT_ASYNC_JOB 10
+# define SSL_ERROR_WANT_CLIENT_HELLO_CB 11
+# define SSL_CTRL_SET_TMP_DH 3
+# define SSL_CTRL_SET_TMP_ECDH 4
+# define SSL_CTRL_SET_TMP_DH_CB 6
+# define SSL_CTRL_GET_CLIENT_CERT_REQUEST 9
+# define SSL_CTRL_GET_NUM_RENEGOTIATIONS 10
+# define SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS 11
+# define SSL_CTRL_GET_TOTAL_RENEGOTIATIONS 12
+# define SSL_CTRL_GET_FLAGS 13
+# define SSL_CTRL_EXTRA_CHAIN_CERT 14
+# define SSL_CTRL_SET_MSG_CALLBACK 15
+# define SSL_CTRL_SET_MSG_CALLBACK_ARG 16
+/* only applies to datagram connections */
+# define SSL_CTRL_SET_MTU 17
+/* Stats */
+# define SSL_CTRL_SESS_NUMBER 20
+# define SSL_CTRL_SESS_CONNECT 21
+# define SSL_CTRL_SESS_CONNECT_GOOD 22
+# define SSL_CTRL_SESS_CONNECT_RENEGOTIATE 23
+# define SSL_CTRL_SESS_ACCEPT 24
+# define SSL_CTRL_SESS_ACCEPT_GOOD 25
+# define SSL_CTRL_SESS_ACCEPT_RENEGOTIATE 26
+# define SSL_CTRL_SESS_HIT 27
+# define SSL_CTRL_SESS_CB_HIT 28
+# define SSL_CTRL_SESS_MISSES 29
+# define SSL_CTRL_SESS_TIMEOUTS 30
+# define SSL_CTRL_SESS_CACHE_FULL 31
+# define SSL_CTRL_MODE 33
+# define SSL_CTRL_GET_READ_AHEAD 40
+# define SSL_CTRL_SET_READ_AHEAD 41
+# define SSL_CTRL_SET_SESS_CACHE_SIZE 42
+# define SSL_CTRL_GET_SESS_CACHE_SIZE 43
+# define SSL_CTRL_SET_SESS_CACHE_MODE 44
+# define SSL_CTRL_GET_SESS_CACHE_MODE 45
+# define SSL_CTRL_GET_MAX_CERT_LIST 50
+# define SSL_CTRL_SET_MAX_CERT_LIST 51
+# define SSL_CTRL_SET_MAX_SEND_FRAGMENT 52
+/* see tls1.h for macros based on these */
+# define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB 53
+# define SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG 54
+# define SSL_CTRL_SET_TLSEXT_HOSTNAME 55
+# define SSL_CTRL_SET_TLSEXT_DEBUG_CB 56
+# define SSL_CTRL_SET_TLSEXT_DEBUG_ARG 57
+# define SSL_CTRL_GET_TLSEXT_TICKET_KEYS 58
+# define SSL_CTRL_SET_TLSEXT_TICKET_KEYS 59
+/*# define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT 60 */
+/*# define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB 61 */
+/*# define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG 62 */
+# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB 63
+# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG 64
+# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE 65
+# define SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS 66
+# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS 67
+# define SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS 68
+# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS 69
+# define SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP 70
+# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP 71
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB 72
+# endif
+# define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB 75
+# define SSL_CTRL_SET_SRP_VERIFY_PARAM_CB 76
+# define SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB 77
+# define SSL_CTRL_SET_SRP_ARG 78
+# define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME 79
+# define SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH 80
+# define SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD 81
+# define DTLS_CTRL_GET_TIMEOUT 73
+# define DTLS_CTRL_HANDLE_TIMEOUT 74
+# define SSL_CTRL_GET_RI_SUPPORT 76
+# define SSL_CTRL_CLEAR_MODE 78
+# define SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB 79
+# define SSL_CTRL_GET_EXTRA_CHAIN_CERTS 82
+# define SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS 83
+# define SSL_CTRL_CHAIN 88
+# define SSL_CTRL_CHAIN_CERT 89
+# define SSL_CTRL_GET_GROUPS 90
+# define SSL_CTRL_SET_GROUPS 91
+# define SSL_CTRL_SET_GROUPS_LIST 92
+# define SSL_CTRL_GET_SHARED_GROUP 93
+# define SSL_CTRL_SET_SIGALGS 97
+# define SSL_CTRL_SET_SIGALGS_LIST 98
+# define SSL_CTRL_CERT_FLAGS 99
+# define SSL_CTRL_CLEAR_CERT_FLAGS 100
+# define SSL_CTRL_SET_CLIENT_SIGALGS 101
+# define SSL_CTRL_SET_CLIENT_SIGALGS_LIST 102
+# define SSL_CTRL_GET_CLIENT_CERT_TYPES 103
+# define SSL_CTRL_SET_CLIENT_CERT_TYPES 104
+# define SSL_CTRL_BUILD_CERT_CHAIN 105
+# define SSL_CTRL_SET_VERIFY_CERT_STORE 106
+# define SSL_CTRL_SET_CHAIN_CERT_STORE 107
+# define SSL_CTRL_GET_PEER_SIGNATURE_NID 108
+# define SSL_CTRL_GET_PEER_TMP_KEY 109
+# define SSL_CTRL_GET_RAW_CIPHERLIST 110
+# define SSL_CTRL_GET_EC_POINT_FORMATS 111
+# define SSL_CTRL_GET_CHAIN_CERTS 115
+# define SSL_CTRL_SELECT_CURRENT_CERT 116
+# define SSL_CTRL_SET_CURRENT_CERT 117
+# define SSL_CTRL_SET_DH_AUTO 118
+# define DTLS_CTRL_SET_LINK_MTU 120
+# define DTLS_CTRL_GET_LINK_MIN_MTU 121
+# define SSL_CTRL_GET_EXTMS_SUPPORT 122
+# define SSL_CTRL_SET_MIN_PROTO_VERSION 123
+# define SSL_CTRL_SET_MAX_PROTO_VERSION 124
+# define SSL_CTRL_SET_SPLIT_SEND_FRAGMENT 125
+# define SSL_CTRL_SET_MAX_PIPELINES 126
+# define SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE 127
+# define SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB 128
+# define SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG 129
+# define SSL_CTRL_GET_MIN_PROTO_VERSION 130
+# define SSL_CTRL_GET_MAX_PROTO_VERSION 131
+# define SSL_CTRL_GET_SIGNATURE_NID 132
+# define SSL_CTRL_GET_TMP_KEY 133
+# define SSL_CTRL_GET_NEGOTIATED_GROUP 134
+# define SSL_CERT_SET_FIRST 1
+# define SSL_CERT_SET_NEXT 2
+# define SSL_CERT_SET_SERVER 3
+# define DTLSv1_get_timeout(ssl, arg) \
+ SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)(arg))
+# define DTLSv1_handle_timeout(ssl) \
+ SSL_ctrl(ssl,DTLS_CTRL_HANDLE_TIMEOUT,0, NULL)
+# define SSL_num_renegotiations(ssl) \
+ SSL_ctrl((ssl),SSL_CTRL_GET_NUM_RENEGOTIATIONS,0,NULL)
+# define SSL_clear_num_renegotiations(ssl) \
+ SSL_ctrl((ssl),SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS,0,NULL)
+# define SSL_total_renegotiations(ssl) \
+ SSL_ctrl((ssl),SSL_CTRL_GET_TOTAL_RENEGOTIATIONS,0,NULL)
+# define SSL_CTX_set_tmp_dh(ctx,dh) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)(dh))
+# define SSL_CTX_set_dh_auto(ctx, onoff) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_DH_AUTO,onoff,NULL)
+# define SSL_set_dh_auto(s, onoff) \
+ SSL_ctrl(s,SSL_CTRL_SET_DH_AUTO,onoff,NULL)
+# define SSL_set_tmp_dh(ssl,dh) \
+ SSL_ctrl(ssl,SSL_CTRL_SET_TMP_DH,0,(char *)(dh))
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define SSL_CTX_set_tmp_ecdh(ctx,ecdh) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH,0,(char *)(ecdh))
+# define SSL_set_tmp_ecdh(ssl,ecdh) \
+ SSL_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH,0,(char *)(ecdh))
+# endif
+# define SSL_CTX_add_extra_chain_cert(ctx,x509) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)(x509))
+# define SSL_CTX_get_extra_chain_certs(ctx,px509) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_GET_EXTRA_CHAIN_CERTS,0,px509)
+# define SSL_CTX_get_extra_chain_certs_only(ctx,px509) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_GET_EXTRA_CHAIN_CERTS,1,px509)
+# define SSL_CTX_clear_extra_chain_certs(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS,0,NULL)
+# define SSL_CTX_set0_chain(ctx,sk) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN,0,(char *)(sk))
+# define SSL_CTX_set1_chain(ctx,sk) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN,1,(char *)(sk))
+# define SSL_CTX_add0_chain_cert(ctx,x509) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN_CERT,0,(char *)(x509))
+# define SSL_CTX_add1_chain_cert(ctx,x509) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN_CERT,1,(char *)(x509))
+# define SSL_CTX_get0_chain_certs(ctx,px509) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_GET_CHAIN_CERTS,0,px509)
+# define SSL_CTX_clear_chain_certs(ctx) \
+ SSL_CTX_set0_chain(ctx,NULL)
+# define SSL_CTX_build_cert_chain(ctx, flags) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_BUILD_CERT_CHAIN, flags, NULL)
+# define SSL_CTX_select_current_cert(ctx,x509) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SELECT_CURRENT_CERT,0,(char *)(x509))
+# define SSL_CTX_set_current_cert(ctx, op) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CURRENT_CERT, op, NULL)
+# define SSL_CTX_set0_verify_cert_store(ctx,st) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_VERIFY_CERT_STORE,0,(char *)(st))
+# define SSL_CTX_set1_verify_cert_store(ctx,st) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_VERIFY_CERT_STORE,1,(char *)(st))
+# define SSL_CTX_set0_chain_cert_store(ctx,st) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CHAIN_CERT_STORE,0,(char *)(st))
+# define SSL_CTX_set1_chain_cert_store(ctx,st) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CHAIN_CERT_STORE,1,(char *)(st))
+# define SSL_set0_chain(s,sk) \
+ SSL_ctrl(s,SSL_CTRL_CHAIN,0,(char *)(sk))
+# define SSL_set1_chain(s,sk) \
+ SSL_ctrl(s,SSL_CTRL_CHAIN,1,(char *)(sk))
+# define SSL_add0_chain_cert(s,x509) \
+ SSL_ctrl(s,SSL_CTRL_CHAIN_CERT,0,(char *)(x509))
+# define SSL_add1_chain_cert(s,x509) \
+ SSL_ctrl(s,SSL_CTRL_CHAIN_CERT,1,(char *)(x509))
+# define SSL_get0_chain_certs(s,px509) \
+ SSL_ctrl(s,SSL_CTRL_GET_CHAIN_CERTS,0,px509)
+# define SSL_clear_chain_certs(s) \
+ SSL_set0_chain(s,NULL)
+# define SSL_build_cert_chain(s, flags) \
+ SSL_ctrl(s,SSL_CTRL_BUILD_CERT_CHAIN, flags, NULL)
+# define SSL_select_current_cert(s,x509) \
+ SSL_ctrl(s,SSL_CTRL_SELECT_CURRENT_CERT,0,(char *)(x509))
+# define SSL_set_current_cert(s,op) \
+ SSL_ctrl(s,SSL_CTRL_SET_CURRENT_CERT, op, NULL)
+# define SSL_set0_verify_cert_store(s,st) \
+ SSL_ctrl(s,SSL_CTRL_SET_VERIFY_CERT_STORE,0,(char *)(st))
+# define SSL_set1_verify_cert_store(s,st) \
+ SSL_ctrl(s,SSL_CTRL_SET_VERIFY_CERT_STORE,1,(char *)(st))
+# define SSL_set0_chain_cert_store(s,st) \
+ SSL_ctrl(s,SSL_CTRL_SET_CHAIN_CERT_STORE,0,(char *)(st))
+# define SSL_set1_chain_cert_store(s,st) \
+ SSL_ctrl(s,SSL_CTRL_SET_CHAIN_CERT_STORE,1,(char *)(st))
+# define SSL_get1_groups(s, glist) \
+ SSL_ctrl(s,SSL_CTRL_GET_GROUPS,0,(int*)(glist))
+# define SSL_CTX_set1_groups(ctx, glist, glistlen) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_GROUPS,glistlen,(int *)(glist))
+# define SSL_CTX_set1_groups_list(ctx, s) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_GROUPS_LIST,0,(char *)(s))
+# define SSL_set1_groups(s, glist, glistlen) \
+ SSL_ctrl(s,SSL_CTRL_SET_GROUPS,glistlen,(char *)(glist))
+# define SSL_set1_groups_list(s, str) \
+ SSL_ctrl(s,SSL_CTRL_SET_GROUPS_LIST,0,(char *)(str))
+# define SSL_get_shared_group(s, n) \
+ SSL_ctrl(s,SSL_CTRL_GET_SHARED_GROUP,n,NULL)
+# define SSL_get_negotiated_group(s) \
+ SSL_ctrl(s,SSL_CTRL_GET_NEGOTIATED_GROUP,0,NULL)
+# define SSL_CTX_set1_sigalgs(ctx, slist, slistlen) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SIGALGS,slistlen,(int *)(slist))
+# define SSL_CTX_set1_sigalgs_list(ctx, s) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SIGALGS_LIST,0,(char *)(s))
+# define SSL_set1_sigalgs(s, slist, slistlen) \
+ SSL_ctrl(s,SSL_CTRL_SET_SIGALGS,slistlen,(int *)(slist))
+# define SSL_set1_sigalgs_list(s, str) \
+ SSL_ctrl(s,SSL_CTRL_SET_SIGALGS_LIST,0,(char *)(str))
+# define SSL_CTX_set1_client_sigalgs(ctx, slist, slistlen) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CLIENT_SIGALGS,slistlen,(int *)(slist))
+# define SSL_CTX_set1_client_sigalgs_list(ctx, s) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CLIENT_SIGALGS_LIST,0,(char *)(s))
+# define SSL_set1_client_sigalgs(s, slist, slistlen) \
+ SSL_ctrl(s,SSL_CTRL_SET_CLIENT_SIGALGS,slistlen,(int *)(slist))
+# define SSL_set1_client_sigalgs_list(s, str) \
+ SSL_ctrl(s,SSL_CTRL_SET_CLIENT_SIGALGS_LIST,0,(char *)(str))
+# define SSL_get0_certificate_types(s, clist) \
+ SSL_ctrl(s, SSL_CTRL_GET_CLIENT_CERT_TYPES, 0, (char *)(clist))
+# define SSL_CTX_set1_client_certificate_types(ctx, clist, clistlen) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CLIENT_CERT_TYPES,clistlen, \
+ (char *)(clist))
+# define SSL_set1_client_certificate_types(s, clist, clistlen) \
+ SSL_ctrl(s,SSL_CTRL_SET_CLIENT_CERT_TYPES,clistlen,(char *)(clist))
+# define SSL_get_signature_nid(s, pn) \
+ SSL_ctrl(s,SSL_CTRL_GET_SIGNATURE_NID,0,pn)
+# define SSL_get_peer_signature_nid(s, pn) \
+ SSL_ctrl(s,SSL_CTRL_GET_PEER_SIGNATURE_NID,0,pn)
+# define SSL_get_peer_tmp_key(s, pk) \
+ SSL_ctrl(s,SSL_CTRL_GET_PEER_TMP_KEY,0,pk)
+# define SSL_get_tmp_key(s, pk) \
+ SSL_ctrl(s,SSL_CTRL_GET_TMP_KEY,0,pk)
+# define SSL_get0_raw_cipherlist(s, plst) \
+ SSL_ctrl(s,SSL_CTRL_GET_RAW_CIPHERLIST,0,plst)
+# define SSL_get0_ec_point_formats(s, plst) \
+ SSL_ctrl(s,SSL_CTRL_GET_EC_POINT_FORMATS,0,plst)
+# define SSL_CTX_set_min_proto_version(ctx, version) \
+ SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MIN_PROTO_VERSION, version, NULL)
+# define SSL_CTX_set_max_proto_version(ctx, version) \
+ SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION, version, NULL)
+# define SSL_CTX_get_min_proto_version(ctx) \
+ SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, NULL)
+# define SSL_CTX_get_max_proto_version(ctx) \
+ SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, NULL)
+# define SSL_set_min_proto_version(s, version) \
+ SSL_ctrl(s, SSL_CTRL_SET_MIN_PROTO_VERSION, version, NULL)
+# define SSL_set_max_proto_version(s, version) \
+ SSL_ctrl(s, SSL_CTRL_SET_MAX_PROTO_VERSION, version, NULL)
+# define SSL_get_min_proto_version(s) \
+ SSL_ctrl(s, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, NULL)
+# define SSL_get_max_proto_version(s) \
+ SSL_ctrl(s, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, NULL)
+
+/* Backwards compatibility, original 1.1.0 names */
+# define SSL_CTRL_GET_SERVER_TMP_KEY \
+ SSL_CTRL_GET_PEER_TMP_KEY
+# define SSL_get_server_tmp_key(s, pk) \
+ SSL_get_peer_tmp_key(s, pk)
+
+/*
+ * The following symbol names are old and obsolete. They are kept
+ * for compatibility reasons only and should not be used anymore.
+ */
+# define SSL_CTRL_GET_CURVES SSL_CTRL_GET_GROUPS
+# define SSL_CTRL_SET_CURVES SSL_CTRL_SET_GROUPS
+# define SSL_CTRL_SET_CURVES_LIST SSL_CTRL_SET_GROUPS_LIST
+# define SSL_CTRL_GET_SHARED_CURVE SSL_CTRL_GET_SHARED_GROUP
+
+# define SSL_get1_curves SSL_get1_groups
+# define SSL_CTX_set1_curves SSL_CTX_set1_groups
+# define SSL_CTX_set1_curves_list SSL_CTX_set1_groups_list
+# define SSL_set1_curves SSL_set1_groups
+# define SSL_set1_curves_list SSL_set1_groups_list
+# define SSL_get_shared_curve SSL_get_shared_group
+
+
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+/* Provide some compatibility macros for removed functionality. */
+# define SSL_CTX_need_tmp_RSA(ctx) 0
+# define SSL_CTX_set_tmp_rsa(ctx,rsa) 1
+# define SSL_need_tmp_RSA(ssl) 0
+# define SSL_set_tmp_rsa(ssl,rsa) 1
+# define SSL_CTX_set_ecdh_auto(dummy, onoff) ((onoff) != 0)
+# define SSL_set_ecdh_auto(dummy, onoff) ((onoff) != 0)
+/*
+ * We "pretend" to call the callback to avoid warnings about unused static
+ * functions.
+ */
+# define SSL_CTX_set_tmp_rsa_callback(ctx, cb) while(0) (cb)(NULL, 0, 0)
+# define SSL_set_tmp_rsa_callback(ssl, cb) while(0) (cb)(NULL, 0, 0)
+# endif
+__owur const BIO_METHOD *BIO_f_ssl(void);
+__owur BIO *BIO_new_ssl(SSL_CTX *ctx, int client);
+__owur BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
+__owur BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);
+__owur int BIO_ssl_copy_session_id(BIO *to, BIO *from);
+void BIO_ssl_shutdown(BIO *ssl_bio);
+
+__owur int SSL_CTX_set_cipher_list(SSL_CTX *, const char *str);
+__owur SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth);
+__owur SSL_CTX *SSL_CTX_new_with_libctx(OPENSSL_CTX *libctx, const char *propq,
+ const SSL_METHOD *meth);
+int SSL_CTX_up_ref(SSL_CTX *ctx);
+void SSL_CTX_free(SSL_CTX *);
+__owur long SSL_CTX_set_timeout(SSL_CTX *ctx, long t);
+__owur long SSL_CTX_get_timeout(const SSL_CTX *ctx);
+__owur X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *);
+void SSL_CTX_set_cert_store(SSL_CTX *, X509_STORE *);
+void SSL_CTX_set1_cert_store(SSL_CTX *, X509_STORE *);
+__owur int SSL_want(const SSL *s);
+__owur int SSL_clear(SSL *s);
+
+void SSL_CTX_flush_sessions(SSL_CTX *ctx, long tm);
+
+__owur const SSL_CIPHER *SSL_get_current_cipher(const SSL *s);
+__owur const SSL_CIPHER *SSL_get_pending_cipher(const SSL *s);
+__owur int SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits);
+__owur const char *SSL_CIPHER_get_version(const SSL_CIPHER *c);
+__owur const char *SSL_CIPHER_get_name(const SSL_CIPHER *c);
+__owur const char *SSL_CIPHER_standard_name(const SSL_CIPHER *c);
+__owur const char *OPENSSL_cipher_name(const char *rfc_name);
+__owur uint32_t SSL_CIPHER_get_id(const SSL_CIPHER *c);
+__owur uint16_t SSL_CIPHER_get_protocol_id(const SSL_CIPHER *c);
+__owur int SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c);
+__owur int SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c);
+__owur const EVP_MD *SSL_CIPHER_get_handshake_digest(const SSL_CIPHER *c);
+__owur int SSL_CIPHER_is_aead(const SSL_CIPHER *c);
+
+__owur int SSL_get_fd(const SSL *s);
+__owur int SSL_get_rfd(const SSL *s);
+__owur int SSL_get_wfd(const SSL *s);
+__owur const char *SSL_get_cipher_list(const SSL *s, int n);
+__owur char *SSL_get_shared_ciphers(const SSL *s, char *buf, int size);
+__owur int SSL_get_read_ahead(const SSL *s);
+__owur int SSL_pending(const SSL *s);
+__owur int SSL_has_pending(const SSL *s);
+# ifndef OPENSSL_NO_SOCK
+__owur int SSL_set_fd(SSL *s, int fd);
+__owur int SSL_set_rfd(SSL *s, int fd);
+__owur int SSL_set_wfd(SSL *s, int fd);
+# endif
+void SSL_set0_rbio(SSL *s, BIO *rbio);
+void SSL_set0_wbio(SSL *s, BIO *wbio);
+void SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio);
+__owur BIO *SSL_get_rbio(const SSL *s);
+__owur BIO *SSL_get_wbio(const SSL *s);
+__owur int SSL_set_cipher_list(SSL *s, const char *str);
+__owur int SSL_CTX_set_ciphersuites(SSL_CTX *ctx, const char *str);
+__owur int SSL_set_ciphersuites(SSL *s, const char *str);
+void SSL_set_read_ahead(SSL *s, int yes);
+__owur int SSL_get_verify_mode(const SSL *s);
+__owur int SSL_get_verify_depth(const SSL *s);
+__owur SSL_verify_cb SSL_get_verify_callback(const SSL *s);
+void SSL_set_verify(SSL *s, int mode, SSL_verify_cb callback);
+void SSL_set_verify_depth(SSL *s, int depth);
+void SSL_set_cert_cb(SSL *s, int (*cb) (SSL *ssl, void *arg), void *arg);
+# ifndef OPENSSL_NO_RSA
+__owur int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
+__owur int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, const unsigned char *d,
+ long len);
+# endif
+__owur int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
+__owur int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, const unsigned char *d,
+ long len);
+__owur int SSL_use_certificate(SSL *ssl, X509 *x);
+__owur int SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len);
+__owur int SSL_use_cert_and_key(SSL *ssl, X509 *x509, EVP_PKEY *privatekey,
+ STACK_OF(X509) *chain, int override);
+
+
+/* serverinfo file format versions */
+# define SSL_SERVERINFOV1 1
+# define SSL_SERVERINFOV2 2
+
+/* Set serverinfo data for the current active cert. */
+__owur int SSL_CTX_use_serverinfo(SSL_CTX *ctx, const unsigned char *serverinfo,
+ size_t serverinfo_length);
+__owur int SSL_CTX_use_serverinfo_ex(SSL_CTX *ctx, unsigned int version,
+ const unsigned char *serverinfo,
+ size_t serverinfo_length);
+__owur int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file);
+
+#ifndef OPENSSL_NO_RSA
+__owur int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
+#endif
+
+__owur int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
+__owur int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
+
+#ifndef OPENSSL_NO_RSA
+__owur int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file,
+ int type);
+#endif
+__owur int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file,
+ int type);
+__owur int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file,
+ int type);
+/* PEM type */
+__owur int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
+__owur int SSL_use_certificate_chain_file(SSL *ssl, const char *file);
+__owur STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);
+__owur int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
+ const char *file);
+int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
+ const char *dir);
+int SSL_add_store_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
+ const char *uri);
+
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# define SSL_load_error_strings() \
+ OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS \
+ | OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL)
+# endif
+
+__owur const char *SSL_state_string(const SSL *s);
+__owur const char *SSL_rstate_string(const SSL *s);
+__owur const char *SSL_state_string_long(const SSL *s);
+__owur const char *SSL_rstate_string_long(const SSL *s);
+__owur long SSL_SESSION_get_time(const SSL_SESSION *s);
+__owur long SSL_SESSION_set_time(SSL_SESSION *s, long t);
+__owur long SSL_SESSION_get_timeout(const SSL_SESSION *s);
+__owur long SSL_SESSION_set_timeout(SSL_SESSION *s, long t);
+__owur int SSL_SESSION_get_protocol_version(const SSL_SESSION *s);
+__owur int SSL_SESSION_set_protocol_version(SSL_SESSION *s, int version);
+
+__owur const char *SSL_SESSION_get0_hostname(const SSL_SESSION *s);
+__owur int SSL_SESSION_set1_hostname(SSL_SESSION *s, const char *hostname);
+void SSL_SESSION_get0_alpn_selected(const SSL_SESSION *s,
+ const unsigned char **alpn,
+ size_t *len);
+__owur int SSL_SESSION_set1_alpn_selected(SSL_SESSION *s,
+ const unsigned char *alpn,
+ size_t len);
+__owur const SSL_CIPHER *SSL_SESSION_get0_cipher(const SSL_SESSION *s);
+__owur int SSL_SESSION_set_cipher(SSL_SESSION *s, const SSL_CIPHER *cipher);
+__owur int SSL_SESSION_has_ticket(const SSL_SESSION *s);
+__owur unsigned long SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s);
+void SSL_SESSION_get0_ticket(const SSL_SESSION *s, const unsigned char **tick,
+ size_t *len);
+__owur uint32_t SSL_SESSION_get_max_early_data(const SSL_SESSION *s);
+__owur int SSL_SESSION_set_max_early_data(SSL_SESSION *s,
+ uint32_t max_early_data);
+__owur int SSL_copy_session_id(SSL *to, const SSL *from);
+__owur X509 *SSL_SESSION_get0_peer(SSL_SESSION *s);
+__owur int SSL_SESSION_set1_id_context(SSL_SESSION *s,
+ const unsigned char *sid_ctx,
+ unsigned int sid_ctx_len);
+__owur int SSL_SESSION_set1_id(SSL_SESSION *s, const unsigned char *sid,
+ unsigned int sid_len);
+__owur int SSL_SESSION_is_resumable(const SSL_SESSION *s);
+
+__owur SSL_SESSION *SSL_SESSION_new(void);
+__owur SSL_SESSION *SSL_SESSION_dup(const SSL_SESSION *src);
+const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s,
+ unsigned int *len);
+const unsigned char *SSL_SESSION_get0_id_context(const SSL_SESSION *s,
+ unsigned int *len);
+__owur unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s);
+# ifndef OPENSSL_NO_STDIO
+int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *ses);
+# endif
+int SSL_SESSION_print(BIO *fp, const SSL_SESSION *ses);
+int SSL_SESSION_print_keylog(BIO *bp, const SSL_SESSION *x);
+int SSL_SESSION_up_ref(SSL_SESSION *ses);
+void SSL_SESSION_free(SSL_SESSION *ses);
+__owur int i2d_SSL_SESSION(const SSL_SESSION *in, unsigned char **pp);
+__owur int SSL_set_session(SSL *to, SSL_SESSION *session);
+int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *session);
+int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *session);
+__owur int SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb);
+__owur int SSL_set_generate_session_id(SSL *s, GEN_SESSION_CB cb);
+__owur int SSL_has_matching_session_id(const SSL *s,
+ const unsigned char *id,
+ unsigned int id_len);
+SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
+ long length);
+
+# ifdef OPENSSL_X509_H
+__owur X509 *SSL_get_peer_certificate(const SSL *s);
+# endif
+
+__owur STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s);
+
+__owur int SSL_CTX_get_verify_mode(const SSL_CTX *ctx);
+__owur int SSL_CTX_get_verify_depth(const SSL_CTX *ctx);
+__owur SSL_verify_cb SSL_CTX_get_verify_callback(const SSL_CTX *ctx);
+void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, SSL_verify_cb callback);
+void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth);
+void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,
+ int (*cb) (X509_STORE_CTX *, void *),
+ void *arg);
+void SSL_CTX_set_cert_cb(SSL_CTX *c, int (*cb) (SSL *ssl, void *arg),
+ void *arg);
+# ifndef OPENSSL_NO_RSA
+__owur int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
+__owur int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d,
+ long len);
+# endif
+__owur int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
+__owur int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx,
+ const unsigned char *d, long len);
+__owur int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
+__owur int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len,
+ const unsigned char *d);
+__owur int SSL_CTX_use_cert_and_key(SSL_CTX *ctx, X509 *x509, EVP_PKEY *privatekey,
+ STACK_OF(X509) *chain, int override);
+
+void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb);
+void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u);
+pem_password_cb *SSL_CTX_get_default_passwd_cb(SSL_CTX *ctx);
+void *SSL_CTX_get_default_passwd_cb_userdata(SSL_CTX *ctx);
+void SSL_set_default_passwd_cb(SSL *s, pem_password_cb *cb);
+void SSL_set_default_passwd_cb_userdata(SSL *s, void *u);
+pem_password_cb *SSL_get_default_passwd_cb(SSL *s);
+void *SSL_get_default_passwd_cb_userdata(SSL *s);
+
+__owur int SSL_CTX_check_private_key(const SSL_CTX *ctx);
+__owur int SSL_check_private_key(const SSL *ctx);
+
+__owur int SSL_CTX_set_session_id_context(SSL_CTX *ctx,
+ const unsigned char *sid_ctx,
+ unsigned int sid_ctx_len);
+
+SSL *SSL_new(SSL_CTX *ctx);
+int SSL_up_ref(SSL *s);
+int SSL_is_dtls(const SSL *s);
+__owur int SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
+ unsigned int sid_ctx_len);
+
+__owur int SSL_CTX_set_purpose(SSL_CTX *ctx, int purpose);
+__owur int SSL_set_purpose(SSL *ssl, int purpose);
+__owur int SSL_CTX_set_trust(SSL_CTX *ctx, int trust);
+__owur int SSL_set_trust(SSL *ssl, int trust);
+
+__owur int SSL_set1_host(SSL *s, const char *hostname);
+__owur int SSL_add1_host(SSL *s, const char *hostname);
+__owur const char *SSL_get0_peername(SSL *s);
+void SSL_set_hostflags(SSL *s, unsigned int flags);
+
+__owur int SSL_CTX_dane_enable(SSL_CTX *ctx);
+__owur int SSL_CTX_dane_mtype_set(SSL_CTX *ctx, const EVP_MD *md,
+ uint8_t mtype, uint8_t ord);
+__owur int SSL_dane_enable(SSL *s, const char *basedomain);
+__owur int SSL_dane_tlsa_add(SSL *s, uint8_t usage, uint8_t selector,
+ uint8_t mtype, unsigned const char *data, size_t dlen);
+__owur int SSL_get0_dane_authority(SSL *s, X509 **mcert, EVP_PKEY **mspki);
+__owur int SSL_get0_dane_tlsa(SSL *s, uint8_t *usage, uint8_t *selector,
+ uint8_t *mtype, unsigned const char **data,
+ size_t *dlen);
+/*
+ * Bridge opacity barrier between libcrypt and libssl, also needed to support
+ * offline testing in test/danetest.c
+ */
+SSL_DANE *SSL_get0_dane(SSL *ssl);
+/*
+ * DANE flags
+ */
+unsigned long SSL_CTX_dane_set_flags(SSL_CTX *ctx, unsigned long flags);
+unsigned long SSL_CTX_dane_clear_flags(SSL_CTX *ctx, unsigned long flags);
+unsigned long SSL_dane_set_flags(SSL *ssl, unsigned long flags);
+unsigned long SSL_dane_clear_flags(SSL *ssl, unsigned long flags);
+
+__owur int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm);
+__owur int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm);
+
+__owur X509_VERIFY_PARAM *SSL_CTX_get0_param(SSL_CTX *ctx);
+__owur X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl);
+
+# ifndef OPENSSL_NO_SRP
+int SSL_CTX_set_srp_username(SSL_CTX *ctx, char *name);
+int SSL_CTX_set_srp_password(SSL_CTX *ctx, char *password);
+int SSL_CTX_set_srp_strength(SSL_CTX *ctx, int strength);
+int SSL_CTX_set_srp_client_pwd_callback(SSL_CTX *ctx,
+ char *(*cb) (SSL *, void *));
+int SSL_CTX_set_srp_verify_param_callback(SSL_CTX *ctx,
+ int (*cb) (SSL *, void *));
+int SSL_CTX_set_srp_username_callback(SSL_CTX *ctx,
+ int (*cb) (SSL *, int *, void *));
+int SSL_CTX_set_srp_cb_arg(SSL_CTX *ctx, void *arg);
+
+int SSL_set_srp_server_param(SSL *s, const BIGNUM *N, const BIGNUM *g,
+ BIGNUM *sa, BIGNUM *v, char *info);
+int SSL_set_srp_server_param_pw(SSL *s, const char *user, const char *pass,
+ const char *grp);
+
+__owur BIGNUM *SSL_get_srp_g(SSL *s);
+__owur BIGNUM *SSL_get_srp_N(SSL *s);
+
+__owur char *SSL_get_srp_username(SSL *s);
+__owur char *SSL_get_srp_userinfo(SSL *s);
+# endif
+
+/*
+ * ClientHello callback and helpers.
+ */
+
+# define SSL_CLIENT_HELLO_SUCCESS 1
+# define SSL_CLIENT_HELLO_ERROR 0
+# define SSL_CLIENT_HELLO_RETRY (-1)
+
+typedef int (*SSL_client_hello_cb_fn) (SSL *s, int *al, void *arg);
+void SSL_CTX_set_client_hello_cb(SSL_CTX *c, SSL_client_hello_cb_fn cb,
+ void *arg);
+int SSL_client_hello_isv2(SSL *s);
+unsigned int SSL_client_hello_get0_legacy_version(SSL *s);
+size_t SSL_client_hello_get0_random(SSL *s, const unsigned char **out);
+size_t SSL_client_hello_get0_session_id(SSL *s, const unsigned char **out);
+size_t SSL_client_hello_get0_ciphers(SSL *s, const unsigned char **out);
+size_t SSL_client_hello_get0_compression_methods(SSL *s,
+ const unsigned char **out);
+int SSL_client_hello_get1_extensions_present(SSL *s, int **out, size_t *outlen);
+int SSL_client_hello_get0_ext(SSL *s, unsigned int type,
+ const unsigned char **out, size_t *outlen);
+
+void SSL_certs_clear(SSL *s);
+void SSL_free(SSL *ssl);
+# ifdef OSSL_ASYNC_FD
+/*
+ * Windows application developer has to include windows.h to use these.
+ */
+__owur int SSL_waiting_for_async(SSL *s);
+__owur int SSL_get_all_async_fds(SSL *s, OSSL_ASYNC_FD *fds, size_t *numfds);
+__owur int SSL_get_changed_async_fds(SSL *s, OSSL_ASYNC_FD *addfd,
+ size_t *numaddfds, OSSL_ASYNC_FD *delfd,
+ size_t *numdelfds);
+__owur int SSL_CTX_set_async_callback(SSL_CTX *ctx, SSL_async_callback_fn callback);
+__owur int SSL_CTX_set_async_callback_arg(SSL_CTX *ctx, void *arg);
+__owur int SSL_set_async_callback(SSL *s, SSL_async_callback_fn callback);
+__owur int SSL_set_async_callback_arg(SSL *s, void *arg);
+__owur int SSL_get_async_status(SSL *s, int *status);
+
+# endif
+__owur int SSL_accept(SSL *ssl);
+__owur int SSL_stateless(SSL *s);
+__owur int SSL_connect(SSL *ssl);
+__owur int SSL_read(SSL *ssl, void *buf, int num);
+__owur int SSL_read_ex(SSL *ssl, void *buf, size_t num, size_t *readbytes);
+
+# define SSL_READ_EARLY_DATA_ERROR 0
+# define SSL_READ_EARLY_DATA_SUCCESS 1
+# define SSL_READ_EARLY_DATA_FINISH 2
+
+__owur int SSL_read_early_data(SSL *s, void *buf, size_t num,
+ size_t *readbytes);
+__owur int SSL_peek(SSL *ssl, void *buf, int num);
+__owur int SSL_peek_ex(SSL *ssl, void *buf, size_t num, size_t *readbytes);
+__owur ossl_ssize_t SSL_sendfile(SSL *s, int fd, off_t offset, size_t size,
+ int flags);
+__owur int SSL_write(SSL *ssl, const void *buf, int num);
+__owur int SSL_write_ex(SSL *s, const void *buf, size_t num, size_t *written);
+__owur int SSL_write_early_data(SSL *s, const void *buf, size_t num,
+ size_t *written);
+long SSL_ctrl(SSL *ssl, int cmd, long larg, void *parg);
+long SSL_callback_ctrl(SSL *, int, void (*)(void));
+long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg);
+long SSL_CTX_callback_ctrl(SSL_CTX *, int, void (*)(void));
+
+# define SSL_EARLY_DATA_NOT_SENT 0
+# define SSL_EARLY_DATA_REJECTED 1
+# define SSL_EARLY_DATA_ACCEPTED 2
+
+__owur int SSL_get_early_data_status(const SSL *s);
+
+__owur int SSL_get_error(const SSL *s, int ret_code);
+__owur const char *SSL_get_version(const SSL *s);
+
+/* This sets the 'default' SSL version that SSL_new() will create */
+__owur int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth);
+
+# ifndef OPENSSL_NO_SSL3_METHOD
+DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *SSLv3_method(void)) /* SSLv3 */
+DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *SSLv3_server_method(void))
+DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *SSLv3_client_method(void))
+# endif
+
+#define SSLv23_method TLS_method
+#define SSLv23_server_method TLS_server_method
+#define SSLv23_client_method TLS_client_method
+
+/* Negotiate highest available SSL/TLS version */
+__owur const SSL_METHOD *TLS_method(void);
+__owur const SSL_METHOD *TLS_server_method(void);
+__owur const SSL_METHOD *TLS_client_method(void);
+
+# ifndef OPENSSL_NO_TLS1_METHOD
+DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *TLSv1_method(void)) /* TLSv1.0 */
+DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *TLSv1_server_method(void))
+DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *TLSv1_client_method(void))
+# endif
+
+# ifndef OPENSSL_NO_TLS1_1_METHOD
+DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *TLSv1_1_method(void)) /* TLSv1.1 */
+DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *TLSv1_1_server_method(void))
+DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *TLSv1_1_client_method(void))
+# endif
+
+# ifndef OPENSSL_NO_TLS1_2_METHOD
+DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *TLSv1_2_method(void)) /* TLSv1.2 */
+DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *TLSv1_2_server_method(void))
+DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *TLSv1_2_client_method(void))
+# endif
+
+# ifndef OPENSSL_NO_DTLS1_METHOD
+DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *DTLSv1_method(void)) /* DTLSv1.0 */
+DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *DTLSv1_server_method(void))
+DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *DTLSv1_client_method(void))
+# endif
+
+# ifndef OPENSSL_NO_DTLS1_2_METHOD
+/* DTLSv1.2 */
+DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *DTLSv1_2_method(void))
+DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *DTLSv1_2_server_method(void))
+DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *DTLSv1_2_client_method(void))
+# endif
+
+__owur const SSL_METHOD *DTLS_method(void); /* DTLS 1.0 and 1.2 */
+__owur const SSL_METHOD *DTLS_server_method(void); /* DTLS 1.0 and 1.2 */
+__owur const SSL_METHOD *DTLS_client_method(void); /* DTLS 1.0 and 1.2 */
+
+__owur size_t DTLS_get_data_mtu(const SSL *s);
+
+__owur STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s);
+__owur STACK_OF(SSL_CIPHER) *SSL_CTX_get_ciphers(const SSL_CTX *ctx);
+__owur STACK_OF(SSL_CIPHER) *SSL_get_client_ciphers(const SSL *s);
+__owur STACK_OF(SSL_CIPHER) *SSL_get1_supported_ciphers(SSL *s);
+
+__owur int SSL_do_handshake(SSL *s);
+int SSL_key_update(SSL *s, int updatetype);
+int SSL_get_key_update_type(const SSL *s);
+int SSL_renegotiate(SSL *s);
+int SSL_renegotiate_abbreviated(SSL *s);
+__owur int SSL_renegotiate_pending(const SSL *s);
+int SSL_new_session_ticket(SSL *s);
+int SSL_shutdown(SSL *s);
+__owur int SSL_verify_client_post_handshake(SSL *s);
+void SSL_CTX_set_post_handshake_auth(SSL_CTX *ctx, int val);
+void SSL_set_post_handshake_auth(SSL *s, int val);
+
+__owur const SSL_METHOD *SSL_CTX_get_ssl_method(const SSL_CTX *ctx);
+__owur const SSL_METHOD *SSL_get_ssl_method(const SSL *s);
+__owur int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method);
+__owur const char *SSL_alert_type_string_long(int value);
+__owur const char *SSL_alert_type_string(int value);
+__owur const char *SSL_alert_desc_string_long(int value);
+__owur const char *SSL_alert_desc_string(int value);
+
+void SSL_set0_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list);
+void SSL_CTX_set0_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list);
+__owur const STACK_OF(X509_NAME) *SSL_get0_CA_list(const SSL *s);
+__owur const STACK_OF(X509_NAME) *SSL_CTX_get0_CA_list(const SSL_CTX *ctx);
+__owur int SSL_add1_to_CA_list(SSL *ssl, const X509 *x);
+__owur int SSL_CTX_add1_to_CA_list(SSL_CTX *ctx, const X509 *x);
+__owur const STACK_OF(X509_NAME) *SSL_get0_peer_CA_list(const SSL *s);
+
+void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list);
+void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list);
+__owur STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s);
+__owur STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *s);
+__owur int SSL_add_client_CA(SSL *ssl, X509 *x);
+__owur int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x);
+
+void SSL_set_connect_state(SSL *s);
+void SSL_set_accept_state(SSL *s);
+
+__owur long SSL_get_default_timeout(const SSL *s);
+
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# define SSL_library_init() OPENSSL_init_ssl(0, NULL)
+# endif
+
+__owur char *SSL_CIPHER_description(const SSL_CIPHER *, char *buf, int size);
+__owur STACK_OF(X509_NAME) *SSL_dup_CA_list(const STACK_OF(X509_NAME) *sk);
+
+__owur SSL *SSL_dup(SSL *ssl);
+
+__owur X509 *SSL_get_certificate(const SSL *ssl);
+/*
+ * EVP_PKEY
+ */
+struct evp_pkey_st *SSL_get_privatekey(const SSL *ssl);
+
+__owur X509 *SSL_CTX_get0_certificate(const SSL_CTX *ctx);
+__owur EVP_PKEY *SSL_CTX_get0_privatekey(const SSL_CTX *ctx);
+
+void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode);
+__owur int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx);
+void SSL_set_quiet_shutdown(SSL *ssl, int mode);
+__owur int SSL_get_quiet_shutdown(const SSL *ssl);
+void SSL_set_shutdown(SSL *ssl, int mode);
+__owur int SSL_get_shutdown(const SSL *ssl);
+__owur int SSL_version(const SSL *ssl);
+__owur int SSL_client_version(const SSL *s);
+__owur int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);
+__owur int SSL_CTX_set_default_verify_dir(SSL_CTX *ctx);
+__owur int SSL_CTX_set_default_verify_file(SSL_CTX *ctx);
+__owur int SSL_CTX_set_default_verify_store(SSL_CTX *ctx);
+__owur int SSL_CTX_load_verify_file(SSL_CTX *ctx, const char *CAfile);
+__owur int SSL_CTX_load_verify_dir(SSL_CTX *ctx, const char *CApath);
+__owur int SSL_CTX_load_verify_store(SSL_CTX *ctx, const char *CAstore);
+__owur int SSL_CTX_load_verify_locations(SSL_CTX *ctx,
+ const char *CAfile,
+ const char *CApath);
+# define SSL_get0_session SSL_get_session/* just peek at pointer */
+__owur SSL_SESSION *SSL_get_session(const SSL *ssl);
+__owur SSL_SESSION *SSL_get1_session(SSL *ssl); /* obtain a reference count */
+__owur SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl);
+SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx);
+void SSL_set_info_callback(SSL *ssl,
+ void (*cb) (const SSL *ssl, int type, int val));
+void (*SSL_get_info_callback(const SSL *ssl)) (const SSL *ssl, int type,
+ int val);
+__owur OSSL_HANDSHAKE_STATE SSL_get_state(const SSL *ssl);
+
+void SSL_set_verify_result(SSL *ssl, long v);
+__owur long SSL_get_verify_result(const SSL *ssl);
+__owur STACK_OF(X509) *SSL_get0_verified_chain(const SSL *s);
+
+__owur size_t SSL_get_client_random(const SSL *ssl, unsigned char *out,
+ size_t outlen);
+__owur size_t SSL_get_server_random(const SSL *ssl, unsigned char *out,
+ size_t outlen);
+__owur size_t SSL_SESSION_get_master_key(const SSL_SESSION *sess,
+ unsigned char *out, size_t outlen);
+__owur int SSL_SESSION_set1_master_key(SSL_SESSION *sess,
+ const unsigned char *in, size_t len);
+uint8_t SSL_SESSION_get_max_fragment_length(const SSL_SESSION *sess);
+
+#define SSL_get_ex_new_index(l, p, newf, dupf, freef) \
+ CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, l, p, newf, dupf, freef)
+__owur int SSL_set_ex_data(SSL *ssl, int idx, void *data);
+void *SSL_get_ex_data(const SSL *ssl, int idx);
+#define SSL_SESSION_get_ex_new_index(l, p, newf, dupf, freef) \
+ CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_SESSION, l, p, newf, dupf, freef)
+__owur int SSL_SESSION_set_ex_data(SSL_SESSION *ss, int idx, void *data);
+void *SSL_SESSION_get_ex_data(const SSL_SESSION *ss, int idx);
+#define SSL_CTX_get_ex_new_index(l, p, newf, dupf, freef) \
+ CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, l, p, newf, dupf, freef)
+__owur int SSL_CTX_set_ex_data(SSL_CTX *ssl, int idx, void *data);
+void *SSL_CTX_get_ex_data(const SSL_CTX *ssl, int idx);
+
+__owur int SSL_get_ex_data_X509_STORE_CTX_idx(void);
+
+# define SSL_CTX_sess_set_cache_size(ctx,t) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_SIZE,t,NULL)
+# define SSL_CTX_sess_get_cache_size(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_SIZE,0,NULL)
+# define SSL_CTX_set_session_cache_mode(ctx,m) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_MODE,m,NULL)
+# define SSL_CTX_get_session_cache_mode(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_MODE,0,NULL)
+
+# define SSL_CTX_get_default_read_ahead(ctx) SSL_CTX_get_read_ahead(ctx)
+# define SSL_CTX_set_default_read_ahead(ctx,m) SSL_CTX_set_read_ahead(ctx,m)
+# define SSL_CTX_get_read_ahead(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_GET_READ_AHEAD,0,NULL)
+# define SSL_CTX_set_read_ahead(ctx,m) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_READ_AHEAD,m,NULL)
+# define SSL_CTX_get_max_cert_list(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL)
+# define SSL_CTX_set_max_cert_list(ctx,m) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
+# define SSL_get_max_cert_list(ssl) \
+ SSL_ctrl(ssl,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL)
+# define SSL_set_max_cert_list(ssl,m) \
+ SSL_ctrl(ssl,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
+
+# define SSL_CTX_set_max_send_fragment(ctx,m) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL)
+# define SSL_set_max_send_fragment(ssl,m) \
+ SSL_ctrl(ssl,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL)
+# define SSL_CTX_set_split_send_fragment(ctx,m) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SPLIT_SEND_FRAGMENT,m,NULL)
+# define SSL_set_split_send_fragment(ssl,m) \
+ SSL_ctrl(ssl,SSL_CTRL_SET_SPLIT_SEND_FRAGMENT,m,NULL)
+# define SSL_CTX_set_max_pipelines(ctx,m) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_PIPELINES,m,NULL)
+# define SSL_set_max_pipelines(ssl,m) \
+ SSL_ctrl(ssl,SSL_CTRL_SET_MAX_PIPELINES,m,NULL)
+
+void SSL_CTX_set_default_read_buffer_len(SSL_CTX *ctx, size_t len);
+void SSL_set_default_read_buffer_len(SSL *s, size_t len);
+
+# ifndef OPENSSL_NO_DH
+/* NB: the |keylength| is only applicable when is_export is true */
+void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
+ DH *(*dh) (SSL *ssl, int is_export,
+ int keylength));
+void SSL_set_tmp_dh_callback(SSL *ssl,
+ DH *(*dh) (SSL *ssl, int is_export,
+ int keylength));
+# endif
+
+__owur const COMP_METHOD *SSL_get_current_compression(const SSL *s);
+__owur const COMP_METHOD *SSL_get_current_expansion(const SSL *s);
+__owur const char *SSL_COMP_get_name(const COMP_METHOD *comp);
+__owur const char *SSL_COMP_get0_name(const SSL_COMP *comp);
+__owur int SSL_COMP_get_id(const SSL_COMP *comp);
+STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void);
+__owur STACK_OF(SSL_COMP) *SSL_COMP_set0_compression_methods(STACK_OF(SSL_COMP)
+ *meths);
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# define SSL_COMP_free_compression_methods() while(0) continue
+# endif
+__owur int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm);
+
+const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr);
+int SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c);
+int SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c);
+int SSL_bytes_to_cipher_list(SSL *s, const unsigned char *bytes, size_t len,
+ int isv2format, STACK_OF(SSL_CIPHER) **sk,
+ STACK_OF(SSL_CIPHER) **scsvs);
+
+/* TLS extensions functions */
+__owur int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len);
+
+__owur int SSL_set_session_ticket_ext_cb(SSL *s,
+ tls_session_ticket_ext_cb_fn cb,
+ void *arg);
+
+/* Pre-shared secret session resumption functions */
+__owur int SSL_set_session_secret_cb(SSL *s,
+ tls_session_secret_cb_fn session_secret_cb,
+ void *arg);
+
+void SSL_CTX_set_not_resumable_session_callback(SSL_CTX *ctx,
+ int (*cb) (SSL *ssl,
+ int
+ is_forward_secure));
+
+void SSL_set_not_resumable_session_callback(SSL *ssl,
+ int (*cb) (SSL *ssl,
+ int is_forward_secure));
+
+void SSL_CTX_set_record_padding_callback(SSL_CTX *ctx,
+ size_t (*cb) (SSL *ssl, int type,
+ size_t len, void *arg));
+void SSL_CTX_set_record_padding_callback_arg(SSL_CTX *ctx, void *arg);
+void *SSL_CTX_get_record_padding_callback_arg(const SSL_CTX *ctx);
+int SSL_CTX_set_block_padding(SSL_CTX *ctx, size_t block_size);
+
+int SSL_set_record_padding_callback(SSL *ssl,
+ size_t (*cb) (SSL *ssl, int type,
+ size_t len, void *arg));
+void SSL_set_record_padding_callback_arg(SSL *ssl, void *arg);
+void *SSL_get_record_padding_callback_arg(const SSL *ssl);
+int SSL_set_block_padding(SSL *ssl, size_t block_size);
+
+int SSL_set_num_tickets(SSL *s, size_t num_tickets);
+size_t SSL_get_num_tickets(const SSL *s);
+int SSL_CTX_set_num_tickets(SSL_CTX *ctx, size_t num_tickets);
+size_t SSL_CTX_get_num_tickets(const SSL_CTX *ctx);
+
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# define SSL_cache_hit(s) SSL_session_reused(s)
+# endif
+
+__owur int SSL_session_reused(const SSL *s);
+__owur int SSL_is_server(const SSL *s);
+
+__owur __owur SSL_CONF_CTX *SSL_CONF_CTX_new(void);
+int SSL_CONF_CTX_finish(SSL_CONF_CTX *cctx);
+void SSL_CONF_CTX_free(SSL_CONF_CTX *cctx);
+unsigned int SSL_CONF_CTX_set_flags(SSL_CONF_CTX *cctx, unsigned int flags);
+__owur unsigned int SSL_CONF_CTX_clear_flags(SSL_CONF_CTX *cctx,
+ unsigned int flags);
+__owur int SSL_CONF_CTX_set1_prefix(SSL_CONF_CTX *cctx, const char *pre);
+
+void SSL_CONF_CTX_set_ssl(SSL_CONF_CTX *cctx, SSL *ssl);
+void SSL_CONF_CTX_set_ssl_ctx(SSL_CONF_CTX *cctx, SSL_CTX *ctx);
+
+__owur int SSL_CONF_cmd(SSL_CONF_CTX *cctx, const char *cmd, const char *value);
+__owur int SSL_CONF_cmd_argv(SSL_CONF_CTX *cctx, int *pargc, char ***pargv);
+__owur int SSL_CONF_cmd_value_type(SSL_CONF_CTX *cctx, const char *cmd);
+
+void SSL_add_ssl_module(void);
+int SSL_config(SSL *s, const char *name);
+int SSL_CTX_config(SSL_CTX *ctx, const char *name);
+
+# ifndef OPENSSL_NO_SSL_TRACE
+void SSL_trace(int write_p, int version, int content_type,
+ const void *buf, size_t len, SSL *ssl, void *arg);
+# endif
+
+# ifndef OPENSSL_NO_SOCK
+int DTLSv1_listen(SSL *s, BIO_ADDR *client);
+# endif
+
+# ifndef OPENSSL_NO_CT
+
+/*
+ * A callback for verifying that the received SCTs are sufficient.
+ * Expected to return 1 if they are sufficient, otherwise 0.
+ * May return a negative integer if an error occurs.
+ * A connection should be aborted if the SCTs are deemed insufficient.
+ */
+typedef int (*ssl_ct_validation_cb)(const CT_POLICY_EVAL_CTX *ctx,
+ const STACK_OF(SCT) *scts, void *arg);
+
+/*
+ * Sets a |callback| that is invoked upon receipt of ServerHelloDone to validate
+ * the received SCTs.
+ * If the callback returns a non-positive result, the connection is terminated.
+ * Call this function before beginning a handshake.
+ * If a NULL |callback| is provided, SCT validation is disabled.
+ * |arg| is arbitrary userdata that will be passed to the callback whenever it
+ * is invoked. Ownership of |arg| remains with the caller.
+ *
+ * NOTE: A side-effect of setting a CT callback is that an OCSP stapled response
+ * will be requested.
+ */
+int SSL_set_ct_validation_callback(SSL *s, ssl_ct_validation_cb callback,
+ void *arg);
+int SSL_CTX_set_ct_validation_callback(SSL_CTX *ctx,
+ ssl_ct_validation_cb callback,
+ void *arg);
+#define SSL_disable_ct(s) \
+ ((void) SSL_set_validation_callback((s), NULL, NULL))
+#define SSL_CTX_disable_ct(ctx) \
+ ((void) SSL_CTX_set_validation_callback((ctx), NULL, NULL))
+
+/*
+ * The validation type enumerates the available behaviours of the built-in SSL
+ * CT validation callback selected via SSL_enable_ct() and SSL_CTX_enable_ct().
+ * The underlying callback is a static function in libssl.
+ */
+enum {
+ SSL_CT_VALIDATION_PERMISSIVE = 0,
+ SSL_CT_VALIDATION_STRICT
+};
+
+/*
+ * Enable CT by setting up a callback that implements one of the built-in
+ * validation variants. The SSL_CT_VALIDATION_PERMISSIVE variant always
+ * continues the handshake, the application can make appropriate decisions at
+ * handshake completion. The SSL_CT_VALIDATION_STRICT variant requires at
+ * least one valid SCT, or else handshake termination will be requested. The
+ * handshake may continue anyway if SSL_VERIFY_NONE is in effect.
+ */
+int SSL_enable_ct(SSL *s, int validation_mode);
+int SSL_CTX_enable_ct(SSL_CTX *ctx, int validation_mode);
+
+/*
+ * Report whether a non-NULL callback is enabled.
+ */
+int SSL_ct_is_enabled(const SSL *s);
+int SSL_CTX_ct_is_enabled(const SSL_CTX *ctx);
+
+/* Gets the SCTs received from a connection */
+const STACK_OF(SCT) *SSL_get0_peer_scts(SSL *s);
+
+/*
+ * Loads the CT log list from the default location.
+ * If a CTLOG_STORE has previously been set using SSL_CTX_set_ctlog_store,
+ * the log information loaded from this file will be appended to the
+ * CTLOG_STORE.
+ * Returns 1 on success, 0 otherwise.
+ */
+int SSL_CTX_set_default_ctlog_list_file(SSL_CTX *ctx);
+
+/*
+ * Loads the CT log list from the specified file path.
+ * If a CTLOG_STORE has previously been set using SSL_CTX_set_ctlog_store,
+ * the log information loaded from this file will be appended to the
+ * CTLOG_STORE.
+ * Returns 1 on success, 0 otherwise.
+ */
+int SSL_CTX_set_ctlog_list_file(SSL_CTX *ctx, const char *path);
+
+/*
+ * Sets the CT log list used by all SSL connections created from this SSL_CTX.
+ * Ownership of the CTLOG_STORE is transferred to the SSL_CTX.
+ */
+void SSL_CTX_set0_ctlog_store(SSL_CTX *ctx, CTLOG_STORE *logs);
+
+/*
+ * Gets the CT log list used by all SSL connections created from this SSL_CTX.
+ * This will be NULL unless one of the following functions has been called:
+ * - SSL_CTX_set_default_ctlog_list_file
+ * - SSL_CTX_set_ctlog_list_file
+ * - SSL_CTX_set_ctlog_store
+ */
+const CTLOG_STORE *SSL_CTX_get0_ctlog_store(const SSL_CTX *ctx);
+
+# endif /* OPENSSL_NO_CT */
+
+/* What the "other" parameter contains in security callback */
+/* Mask for type */
+# define SSL_SECOP_OTHER_TYPE 0xffff0000
+# define SSL_SECOP_OTHER_NONE 0
+# define SSL_SECOP_OTHER_CIPHER (1 << 16)
+# define SSL_SECOP_OTHER_CURVE (2 << 16)
+# define SSL_SECOP_OTHER_DH (3 << 16)
+# define SSL_SECOP_OTHER_PKEY (4 << 16)
+# define SSL_SECOP_OTHER_SIGALG (5 << 16)
+# define SSL_SECOP_OTHER_CERT (6 << 16)
+
+/* Indicated operation refers to peer key or certificate */
+# define SSL_SECOP_PEER 0x1000
+
+/* Values for "op" parameter in security callback */
+
+/* Called to filter ciphers */
+/* Ciphers client supports */
+# define SSL_SECOP_CIPHER_SUPPORTED (1 | SSL_SECOP_OTHER_CIPHER)
+/* Cipher shared by client/server */
+# define SSL_SECOP_CIPHER_SHARED (2 | SSL_SECOP_OTHER_CIPHER)
+/* Sanity check of cipher server selects */
+# define SSL_SECOP_CIPHER_CHECK (3 | SSL_SECOP_OTHER_CIPHER)
+/* Curves supported by client */
+# define SSL_SECOP_CURVE_SUPPORTED (4 | SSL_SECOP_OTHER_CURVE)
+/* Curves shared by client/server */
+# define SSL_SECOP_CURVE_SHARED (5 | SSL_SECOP_OTHER_CURVE)
+/* Sanity check of curve server selects */
+# define SSL_SECOP_CURVE_CHECK (6 | SSL_SECOP_OTHER_CURVE)
+/* Temporary DH key */
+# define SSL_SECOP_TMP_DH (7 | SSL_SECOP_OTHER_PKEY)
+/* SSL/TLS version */
+# define SSL_SECOP_VERSION (9 | SSL_SECOP_OTHER_NONE)
+/* Session tickets */
+# define SSL_SECOP_TICKET (10 | SSL_SECOP_OTHER_NONE)
+/* Supported signature algorithms sent to peer */
+# define SSL_SECOP_SIGALG_SUPPORTED (11 | SSL_SECOP_OTHER_SIGALG)
+/* Shared signature algorithm */
+# define SSL_SECOP_SIGALG_SHARED (12 | SSL_SECOP_OTHER_SIGALG)
+/* Sanity check signature algorithm allowed */
+# define SSL_SECOP_SIGALG_CHECK (13 | SSL_SECOP_OTHER_SIGALG)
+/* Used to get mask of supported public key signature algorithms */
+# define SSL_SECOP_SIGALG_MASK (14 | SSL_SECOP_OTHER_SIGALG)
+/* Use to see if compression is allowed */
+# define SSL_SECOP_COMPRESSION (15 | SSL_SECOP_OTHER_NONE)
+/* EE key in certificate */
+# define SSL_SECOP_EE_KEY (16 | SSL_SECOP_OTHER_CERT)
+/* CA key in certificate */
+# define SSL_SECOP_CA_KEY (17 | SSL_SECOP_OTHER_CERT)
+/* CA digest algorithm in certificate */
+# define SSL_SECOP_CA_MD (18 | SSL_SECOP_OTHER_CERT)
+/* Peer EE key in certificate */
+# define SSL_SECOP_PEER_EE_KEY (SSL_SECOP_EE_KEY | SSL_SECOP_PEER)
+/* Peer CA key in certificate */
+# define SSL_SECOP_PEER_CA_KEY (SSL_SECOP_CA_KEY | SSL_SECOP_PEER)
+/* Peer CA digest algorithm in certificate */
+# define SSL_SECOP_PEER_CA_MD (SSL_SECOP_CA_MD | SSL_SECOP_PEER)
+
+void SSL_set_security_level(SSL *s, int level);
+__owur int SSL_get_security_level(const SSL *s);
+void SSL_set_security_callback(SSL *s,
+ int (*cb) (const SSL *s, const SSL_CTX *ctx,
+ int op, int bits, int nid,
+ void *other, void *ex));
+int (*SSL_get_security_callback(const SSL *s)) (const SSL *s,
+ const SSL_CTX *ctx, int op,
+ int bits, int nid, void *other,
+ void *ex);
+void SSL_set0_security_ex_data(SSL *s, void *ex);
+__owur void *SSL_get0_security_ex_data(const SSL *s);
+
+void SSL_CTX_set_security_level(SSL_CTX *ctx, int level);
+__owur int SSL_CTX_get_security_level(const SSL_CTX *ctx);
+void SSL_CTX_set_security_callback(SSL_CTX *ctx,
+ int (*cb) (const SSL *s, const SSL_CTX *ctx,
+ int op, int bits, int nid,
+ void *other, void *ex));
+int (*SSL_CTX_get_security_callback(const SSL_CTX *ctx)) (const SSL *s,
+ const SSL_CTX *ctx,
+ int op, int bits,
+ int nid,
+ void *other,
+ void *ex);
+void SSL_CTX_set0_security_ex_data(SSL_CTX *ctx, void *ex);
+__owur void *SSL_CTX_get0_security_ex_data(const SSL_CTX *ctx);
+
+/* OPENSSL_INIT flag 0x010000 reserved for internal use */
+# define OPENSSL_INIT_NO_LOAD_SSL_STRINGS 0x00100000L
+# define OPENSSL_INIT_LOAD_SSL_STRINGS 0x00200000L
+
+# define OPENSSL_INIT_SSL_DEFAULT \
+ (OPENSSL_INIT_LOAD_SSL_STRINGS | OPENSSL_INIT_LOAD_CRYPTO_STRINGS)
+
+int OPENSSL_init_ssl(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings);
+
+# ifndef OPENSSL_NO_UNIT_TEST
+__owur const struct openssl_ssl_test_functions *SSL_test_functions(void);
+# endif
+
+__owur int SSL_free_buffers(SSL *ssl);
+__owur int SSL_alloc_buffers(SSL *ssl);
+
+/* Status codes passed to the decrypt session ticket callback. Some of these
+ * are for internal use only and are never passed to the callback. */
+typedef int SSL_TICKET_STATUS;
+
+/* Support for ticket appdata */
+/* fatal error, malloc failure */
+# define SSL_TICKET_FATAL_ERR_MALLOC 0
+/* fatal error, either from parsing or decrypting the ticket */
+# define SSL_TICKET_FATAL_ERR_OTHER 1
+/* No ticket present */
+# define SSL_TICKET_NONE 2
+/* Empty ticket present */
+# define SSL_TICKET_EMPTY 3
+/* the ticket couldn't be decrypted */
+# define SSL_TICKET_NO_DECRYPT 4
+/* a ticket was successfully decrypted */
+# define SSL_TICKET_SUCCESS 5
+/* same as above but the ticket needs to be renewed */
+# define SSL_TICKET_SUCCESS_RENEW 6
+
+/* Return codes for the decrypt session ticket callback */
+typedef int SSL_TICKET_RETURN;
+
+/* An error occurred */
+#define SSL_TICKET_RETURN_ABORT 0
+/* Do not use the ticket, do not send a renewed ticket to the client */
+#define SSL_TICKET_RETURN_IGNORE 1
+/* Do not use the ticket, send a renewed ticket to the client */
+#define SSL_TICKET_RETURN_IGNORE_RENEW 2
+/* Use the ticket, do not send a renewed ticket to the client */
+#define SSL_TICKET_RETURN_USE 3
+/* Use the ticket, send a renewed ticket to the client */
+#define SSL_TICKET_RETURN_USE_RENEW 4
+
+typedef int (*SSL_CTX_generate_session_ticket_fn)(SSL *s, void *arg);
+typedef SSL_TICKET_RETURN (*SSL_CTX_decrypt_session_ticket_fn)(SSL *s, SSL_SESSION *ss,
+ const unsigned char *keyname,
+ size_t keyname_length,
+ SSL_TICKET_STATUS status,
+ void *arg);
+int SSL_CTX_set_session_ticket_cb(SSL_CTX *ctx,
+ SSL_CTX_generate_session_ticket_fn gen_cb,
+ SSL_CTX_decrypt_session_ticket_fn dec_cb,
+ void *arg);
+int SSL_SESSION_set1_ticket_appdata(SSL_SESSION *ss, const void *data, size_t len);
+int SSL_SESSION_get0_ticket_appdata(SSL_SESSION *ss, void **data, size_t *len);
+
+typedef unsigned int (*DTLS_timer_cb)(SSL *s, unsigned int timer_us);
+
+void DTLS_set_timer_cb(SSL *s, DTLS_timer_cb cb);
+
+
+typedef int (*SSL_allow_early_data_cb_fn)(SSL *s, void *arg);
+void SSL_CTX_set_allow_early_data_cb(SSL_CTX *ctx,
+ SSL_allow_early_data_cb_fn cb,
+ void *arg);
+void SSL_set_allow_early_data_cb(SSL *s,
+ SSL_allow_early_data_cb_fn cb,
+ void *arg);
+
+/* store the default cipher strings inside the library */
+const char *OSSL_default_cipher_list(void);
+const char *OSSL_default_ciphersuites(void);
+
+# ifdef __cplusplus
+}
+# endif
+#endif
diff --git a/openssl/include/openssl/ssl2.h b/openssl/include/openssl/ssl2.h new file mode 100644 index 00000000..8ecd89e5 --- /dev/null +++ b/openssl/include/openssl/ssl2.h @@ -0,0 +1,30 @@ +/*
+ * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_SSL2_H
+# define OPENSSL_SSL2_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_SSL2_H
+# endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# define SSL2_VERSION 0x0002
+
+# define SSL2_MT_CLIENT_HELLO 1
+
+#ifdef __cplusplus
+}
+#endif
+#endif
diff --git a/openssl/include/openssl/ssl3.h b/openssl/include/openssl/ssl3.h new file mode 100644 index 00000000..c316de32 --- /dev/null +++ b/openssl/include/openssl/ssl3.h @@ -0,0 +1,347 @@ +/*
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_SSL3_H
+# define OPENSSL_SSL3_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_SSL3_H
+# endif
+
+# include <openssl/comp.h>
+# include <openssl/buffer.h>
+# include <openssl/evp.h>
+# include <openssl/ssl.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * Signalling cipher suite value from RFC 5746
+ * (TLS_EMPTY_RENEGOTIATION_INFO_SCSV)
+ */
+# define SSL3_CK_SCSV 0x030000FF
+
+/*
+ * Signalling cipher suite value from draft-ietf-tls-downgrade-scsv-00
+ * (TLS_FALLBACK_SCSV)
+ */
+# define SSL3_CK_FALLBACK_SCSV 0x03005600
+
+# define SSL3_CK_RSA_NULL_MD5 0x03000001
+# define SSL3_CK_RSA_NULL_SHA 0x03000002
+# define SSL3_CK_RSA_RC4_40_MD5 0x03000003
+# define SSL3_CK_RSA_RC4_128_MD5 0x03000004
+# define SSL3_CK_RSA_RC4_128_SHA 0x03000005
+# define SSL3_CK_RSA_RC2_40_MD5 0x03000006
+# define SSL3_CK_RSA_IDEA_128_SHA 0x03000007
+# define SSL3_CK_RSA_DES_40_CBC_SHA 0x03000008
+# define SSL3_CK_RSA_DES_64_CBC_SHA 0x03000009
+# define SSL3_CK_RSA_DES_192_CBC3_SHA 0x0300000A
+
+# define SSL3_CK_DH_DSS_DES_40_CBC_SHA 0x0300000B
+# define SSL3_CK_DH_DSS_DES_64_CBC_SHA 0x0300000C
+# define SSL3_CK_DH_DSS_DES_192_CBC3_SHA 0x0300000D
+# define SSL3_CK_DH_RSA_DES_40_CBC_SHA 0x0300000E
+# define SSL3_CK_DH_RSA_DES_64_CBC_SHA 0x0300000F
+# define SSL3_CK_DH_RSA_DES_192_CBC3_SHA 0x03000010
+
+# define SSL3_CK_DHE_DSS_DES_40_CBC_SHA 0x03000011
+# define SSL3_CK_EDH_DSS_DES_40_CBC_SHA SSL3_CK_DHE_DSS_DES_40_CBC_SHA
+# define SSL3_CK_DHE_DSS_DES_64_CBC_SHA 0x03000012
+# define SSL3_CK_EDH_DSS_DES_64_CBC_SHA SSL3_CK_DHE_DSS_DES_64_CBC_SHA
+# define SSL3_CK_DHE_DSS_DES_192_CBC3_SHA 0x03000013
+# define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA SSL3_CK_DHE_DSS_DES_192_CBC3_SHA
+# define SSL3_CK_DHE_RSA_DES_40_CBC_SHA 0x03000014
+# define SSL3_CK_EDH_RSA_DES_40_CBC_SHA SSL3_CK_DHE_RSA_DES_40_CBC_SHA
+# define SSL3_CK_DHE_RSA_DES_64_CBC_SHA 0x03000015
+# define SSL3_CK_EDH_RSA_DES_64_CBC_SHA SSL3_CK_DHE_RSA_DES_64_CBC_SHA
+# define SSL3_CK_DHE_RSA_DES_192_CBC3_SHA 0x03000016
+# define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA SSL3_CK_DHE_RSA_DES_192_CBC3_SHA
+
+# define SSL3_CK_ADH_RC4_40_MD5 0x03000017
+# define SSL3_CK_ADH_RC4_128_MD5 0x03000018
+# define SSL3_CK_ADH_DES_40_CBC_SHA 0x03000019
+# define SSL3_CK_ADH_DES_64_CBC_SHA 0x0300001A
+# define SSL3_CK_ADH_DES_192_CBC_SHA 0x0300001B
+
+/* a bundle of RFC standard cipher names, generated from ssl3_ciphers[] */
+# define SSL3_RFC_RSA_NULL_MD5 "TLS_RSA_WITH_NULL_MD5"
+# define SSL3_RFC_RSA_NULL_SHA "TLS_RSA_WITH_NULL_SHA"
+# define SSL3_RFC_RSA_DES_192_CBC3_SHA "TLS_RSA_WITH_3DES_EDE_CBC_SHA"
+# define SSL3_RFC_DHE_DSS_DES_192_CBC3_SHA "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA"
+# define SSL3_RFC_DHE_RSA_DES_192_CBC3_SHA "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA"
+# define SSL3_RFC_ADH_DES_192_CBC_SHA "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA"
+# define SSL3_RFC_RSA_IDEA_128_SHA "TLS_RSA_WITH_IDEA_CBC_SHA"
+# define SSL3_RFC_RSA_RC4_128_MD5 "TLS_RSA_WITH_RC4_128_MD5"
+# define SSL3_RFC_RSA_RC4_128_SHA "TLS_RSA_WITH_RC4_128_SHA"
+# define SSL3_RFC_ADH_RC4_128_MD5 "TLS_DH_anon_WITH_RC4_128_MD5"
+
+# define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5"
+# define SSL3_TXT_RSA_NULL_SHA "NULL-SHA"
+# define SSL3_TXT_RSA_RC4_40_MD5 "EXP-RC4-MD5"
+# define SSL3_TXT_RSA_RC4_128_MD5 "RC4-MD5"
+# define SSL3_TXT_RSA_RC4_128_SHA "RC4-SHA"
+# define SSL3_TXT_RSA_RC2_40_MD5 "EXP-RC2-CBC-MD5"
+# define SSL3_TXT_RSA_IDEA_128_SHA "IDEA-CBC-SHA"
+# define SSL3_TXT_RSA_DES_40_CBC_SHA "EXP-DES-CBC-SHA"
+# define SSL3_TXT_RSA_DES_64_CBC_SHA "DES-CBC-SHA"
+# define SSL3_TXT_RSA_DES_192_CBC3_SHA "DES-CBC3-SHA"
+
+# define SSL3_TXT_DH_DSS_DES_40_CBC_SHA "EXP-DH-DSS-DES-CBC-SHA"
+# define SSL3_TXT_DH_DSS_DES_64_CBC_SHA "DH-DSS-DES-CBC-SHA"
+# define SSL3_TXT_DH_DSS_DES_192_CBC3_SHA "DH-DSS-DES-CBC3-SHA"
+# define SSL3_TXT_DH_RSA_DES_40_CBC_SHA "EXP-DH-RSA-DES-CBC-SHA"
+# define SSL3_TXT_DH_RSA_DES_64_CBC_SHA "DH-RSA-DES-CBC-SHA"
+# define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA "DH-RSA-DES-CBC3-SHA"
+
+# define SSL3_TXT_DHE_DSS_DES_40_CBC_SHA "EXP-DHE-DSS-DES-CBC-SHA"
+# define SSL3_TXT_DHE_DSS_DES_64_CBC_SHA "DHE-DSS-DES-CBC-SHA"
+# define SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA "DHE-DSS-DES-CBC3-SHA"
+# define SSL3_TXT_DHE_RSA_DES_40_CBC_SHA "EXP-DHE-RSA-DES-CBC-SHA"
+# define SSL3_TXT_DHE_RSA_DES_64_CBC_SHA "DHE-RSA-DES-CBC-SHA"
+# define SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA "DHE-RSA-DES-CBC3-SHA"
+
+/*
+ * This next block of six "EDH" labels is for backward compatibility with
+ * older versions of OpenSSL. New code should use the six "DHE" labels above
+ * instead:
+ */
+# define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA "EXP-EDH-DSS-DES-CBC-SHA"
+# define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA "EDH-DSS-DES-CBC-SHA"
+# define SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA "EDH-DSS-DES-CBC3-SHA"
+# define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA "EXP-EDH-RSA-DES-CBC-SHA"
+# define SSL3_TXT_EDH_RSA_DES_64_CBC_SHA "EDH-RSA-DES-CBC-SHA"
+# define SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA "EDH-RSA-DES-CBC3-SHA"
+
+# define SSL3_TXT_ADH_RC4_40_MD5 "EXP-ADH-RC4-MD5"
+# define SSL3_TXT_ADH_RC4_128_MD5 "ADH-RC4-MD5"
+# define SSL3_TXT_ADH_DES_40_CBC_SHA "EXP-ADH-DES-CBC-SHA"
+# define SSL3_TXT_ADH_DES_64_CBC_SHA "ADH-DES-CBC-SHA"
+# define SSL3_TXT_ADH_DES_192_CBC_SHA "ADH-DES-CBC3-SHA"
+
+# define SSL3_SSL_SESSION_ID_LENGTH 32
+# define SSL3_MAX_SSL_SESSION_ID_LENGTH 32
+
+# define SSL3_MASTER_SECRET_SIZE 48
+# define SSL3_RANDOM_SIZE 32
+# define SSL3_SESSION_ID_SIZE 32
+# define SSL3_RT_HEADER_LENGTH 5
+
+# define SSL3_HM_HEADER_LENGTH 4
+
+# ifndef SSL3_ALIGN_PAYLOAD
+ /*
+ * Some will argue that this increases memory footprint, but it's not
+ * actually true. Point is that malloc has to return at least 64-bit aligned
+ * pointers, meaning that allocating 5 bytes wastes 3 bytes in either case.
+ * Suggested pre-gaping simply moves these wasted bytes from the end of
+ * allocated region to its front, but makes data payload aligned, which
+ * improves performance:-)
+ */
+# define SSL3_ALIGN_PAYLOAD 8
+# else
+# if (SSL3_ALIGN_PAYLOAD&(SSL3_ALIGN_PAYLOAD-1))!=0
+# error "insane SSL3_ALIGN_PAYLOAD"
+# undef SSL3_ALIGN_PAYLOAD
+# endif
+# endif
+
+/*
+ * This is the maximum MAC (digest) size used by the SSL library. Currently
+ * maximum of 20 is used by SHA1, but we reserve for future extension for
+ * 512-bit hashes.
+ */
+
+# define SSL3_RT_MAX_MD_SIZE 64
+
+/*
+ * Maximum block size used in all ciphersuites. Currently 16 for AES.
+ */
+
+# define SSL_RT_MAX_CIPHER_BLOCK_SIZE 16
+
+# define SSL3_RT_MAX_EXTRA (16384)
+
+/* Maximum plaintext length: defined by SSL/TLS standards */
+# define SSL3_RT_MAX_PLAIN_LENGTH 16384
+/* Maximum compression overhead: defined by SSL/TLS standards */
+# define SSL3_RT_MAX_COMPRESSED_OVERHEAD 1024
+
+/*
+ * The standards give a maximum encryption overhead of 1024 bytes. In
+ * practice the value is lower than this. The overhead is the maximum number
+ * of padding bytes (256) plus the mac size.
+ */
+# define SSL3_RT_MAX_ENCRYPTED_OVERHEAD (256 + SSL3_RT_MAX_MD_SIZE)
+# define SSL3_RT_MAX_TLS13_ENCRYPTED_OVERHEAD 256
+
+/*
+ * OpenSSL currently only uses a padding length of at most one block so the
+ * send overhead is smaller.
+ */
+
+# define SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD \
+ (SSL_RT_MAX_CIPHER_BLOCK_SIZE + SSL3_RT_MAX_MD_SIZE)
+
+/* If compression isn't used don't include the compression overhead */
+
+# ifdef OPENSSL_NO_COMP
+# define SSL3_RT_MAX_COMPRESSED_LENGTH SSL3_RT_MAX_PLAIN_LENGTH
+# else
+# define SSL3_RT_MAX_COMPRESSED_LENGTH \
+ (SSL3_RT_MAX_PLAIN_LENGTH+SSL3_RT_MAX_COMPRESSED_OVERHEAD)
+# endif
+# define SSL3_RT_MAX_ENCRYPTED_LENGTH \
+ (SSL3_RT_MAX_ENCRYPTED_OVERHEAD+SSL3_RT_MAX_COMPRESSED_LENGTH)
+# define SSL3_RT_MAX_TLS13_ENCRYPTED_LENGTH \
+ (SSL3_RT_MAX_PLAIN_LENGTH + SSL3_RT_MAX_TLS13_ENCRYPTED_OVERHEAD)
+# define SSL3_RT_MAX_PACKET_SIZE \
+ (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH)
+
+# define SSL3_MD_CLIENT_FINISHED_CONST "\x43\x4C\x4E\x54"
+# define SSL3_MD_SERVER_FINISHED_CONST "\x53\x52\x56\x52"
+
+# define SSL3_VERSION 0x0300
+# define SSL3_VERSION_MAJOR 0x03
+# define SSL3_VERSION_MINOR 0x00
+
+# define SSL3_RT_CHANGE_CIPHER_SPEC 20
+# define SSL3_RT_ALERT 21
+# define SSL3_RT_HANDSHAKE 22
+# define SSL3_RT_APPLICATION_DATA 23
+
+/* Pseudo content types to indicate additional parameters */
+# define TLS1_RT_CRYPTO 0x1000
+# define TLS1_RT_CRYPTO_PREMASTER (TLS1_RT_CRYPTO | 0x1)
+# define TLS1_RT_CRYPTO_CLIENT_RANDOM (TLS1_RT_CRYPTO | 0x2)
+# define TLS1_RT_CRYPTO_SERVER_RANDOM (TLS1_RT_CRYPTO | 0x3)
+# define TLS1_RT_CRYPTO_MASTER (TLS1_RT_CRYPTO | 0x4)
+
+# define TLS1_RT_CRYPTO_READ 0x0000
+# define TLS1_RT_CRYPTO_WRITE 0x0100
+# define TLS1_RT_CRYPTO_MAC (TLS1_RT_CRYPTO | 0x5)
+# define TLS1_RT_CRYPTO_KEY (TLS1_RT_CRYPTO | 0x6)
+# define TLS1_RT_CRYPTO_IV (TLS1_RT_CRYPTO | 0x7)
+# define TLS1_RT_CRYPTO_FIXED_IV (TLS1_RT_CRYPTO | 0x8)
+
+/* Pseudo content types for SSL/TLS header info */
+# define SSL3_RT_HEADER 0x100
+# define SSL3_RT_INNER_CONTENT_TYPE 0x101
+
+# define SSL3_AL_WARNING 1
+# define SSL3_AL_FATAL 2
+
+# define SSL3_AD_CLOSE_NOTIFY 0
+# define SSL3_AD_UNEXPECTED_MESSAGE 10/* fatal */
+# define SSL3_AD_BAD_RECORD_MAC 20/* fatal */
+# define SSL3_AD_DECOMPRESSION_FAILURE 30/* fatal */
+# define SSL3_AD_HANDSHAKE_FAILURE 40/* fatal */
+# define SSL3_AD_NO_CERTIFICATE 41
+# define SSL3_AD_BAD_CERTIFICATE 42
+# define SSL3_AD_UNSUPPORTED_CERTIFICATE 43
+# define SSL3_AD_CERTIFICATE_REVOKED 44
+# define SSL3_AD_CERTIFICATE_EXPIRED 45
+# define SSL3_AD_CERTIFICATE_UNKNOWN 46
+# define SSL3_AD_ILLEGAL_PARAMETER 47/* fatal */
+
+# define TLS1_HB_REQUEST 1
+# define TLS1_HB_RESPONSE 2
+
+
+# define SSL3_CT_RSA_SIGN 1
+# define SSL3_CT_DSS_SIGN 2
+# define SSL3_CT_RSA_FIXED_DH 3
+# define SSL3_CT_DSS_FIXED_DH 4
+# define SSL3_CT_RSA_EPHEMERAL_DH 5
+# define SSL3_CT_DSS_EPHEMERAL_DH 6
+# define SSL3_CT_FORTEZZA_DMS 20
+/*
+ * SSL3_CT_NUMBER is used to size arrays and it must be large enough to
+ * contain all of the cert types defined for *either* SSLv3 and TLSv1.
+ */
+# define SSL3_CT_NUMBER 12
+
+# if defined(TLS_CT_NUMBER)
+# if TLS_CT_NUMBER != SSL3_CT_NUMBER
+# error "SSL/TLS CT_NUMBER values do not match"
+# endif
+# endif
+
+/* No longer used as of OpenSSL 1.1.1 */
+# define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001
+
+/* Removed from OpenSSL 1.1.0 */
+# define TLS1_FLAGS_TLS_PADDING_BUG 0x0
+
+# define TLS1_FLAGS_SKIP_CERT_VERIFY 0x0010
+
+/* Set if we encrypt then mac instead of usual mac then encrypt */
+# define TLS1_FLAGS_ENCRYPT_THEN_MAC_READ 0x0100
+# define TLS1_FLAGS_ENCRYPT_THEN_MAC TLS1_FLAGS_ENCRYPT_THEN_MAC_READ
+
+/* Set if extended master secret extension received from peer */
+# define TLS1_FLAGS_RECEIVED_EXTMS 0x0200
+
+# define TLS1_FLAGS_ENCRYPT_THEN_MAC_WRITE 0x0400
+
+# define TLS1_FLAGS_STATELESS 0x0800
+
+/* Set if extended master secret extension required on renegotiation */
+# define TLS1_FLAGS_REQUIRED_EXTMS 0x1000
+
+# define SSL3_MT_HELLO_REQUEST 0
+# define SSL3_MT_CLIENT_HELLO 1
+# define SSL3_MT_SERVER_HELLO 2
+# define SSL3_MT_NEWSESSION_TICKET 4
+# define SSL3_MT_END_OF_EARLY_DATA 5
+# define SSL3_MT_ENCRYPTED_EXTENSIONS 8
+# define SSL3_MT_CERTIFICATE 11
+# define SSL3_MT_SERVER_KEY_EXCHANGE 12
+# define SSL3_MT_CERTIFICATE_REQUEST 13
+# define SSL3_MT_SERVER_DONE 14
+# define SSL3_MT_CERTIFICATE_VERIFY 15
+# define SSL3_MT_CLIENT_KEY_EXCHANGE 16
+# define SSL3_MT_FINISHED 20
+# define SSL3_MT_CERTIFICATE_URL 21
+# define SSL3_MT_CERTIFICATE_STATUS 22
+# define SSL3_MT_SUPPLEMENTAL_DATA 23
+# define SSL3_MT_KEY_UPDATE 24
+# ifndef OPENSSL_NO_NEXTPROTONEG
+# define SSL3_MT_NEXT_PROTO 67
+# endif
+# define SSL3_MT_MESSAGE_HASH 254
+# define DTLS1_MT_HELLO_VERIFY_REQUEST 3
+
+/* Dummy message type for handling CCS like a normal handshake message */
+# define SSL3_MT_CHANGE_CIPHER_SPEC 0x0101
+
+# define SSL3_MT_CCS 1
+
+/* These are used when changing over to a new cipher */
+# define SSL3_CC_READ 0x001
+# define SSL3_CC_WRITE 0x002
+# define SSL3_CC_CLIENT 0x010
+# define SSL3_CC_SERVER 0x020
+# define SSL3_CC_EARLY 0x040
+# define SSL3_CC_HANDSHAKE 0x080
+# define SSL3_CC_APPLICATION 0x100
+# define SSL3_CHANGE_CIPHER_CLIENT_WRITE (SSL3_CC_CLIENT|SSL3_CC_WRITE)
+# define SSL3_CHANGE_CIPHER_SERVER_READ (SSL3_CC_SERVER|SSL3_CC_READ)
+# define SSL3_CHANGE_CIPHER_CLIENT_READ (SSL3_CC_CLIENT|SSL3_CC_READ)
+# define SSL3_CHANGE_CIPHER_SERVER_WRITE (SSL3_CC_SERVER|SSL3_CC_WRITE)
+
+#ifdef __cplusplus
+}
+#endif
+#endif
diff --git a/openssl/include/openssl/sslerr.h b/openssl/include/openssl/sslerr.h new file mode 100644 index 00000000..702d0e0f --- /dev/null +++ b/openssl/include/openssl/sslerr.h @@ -0,0 +1,779 @@ +/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_SSLERR_H
+# define OPENSSL_SSLERR_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+
+
+# ifdef __cplusplus
+extern "C"
+# endif
+int ERR_load_SSL_strings(void);
+
+/*
+ * SSL function codes.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define SSL_F_ADD_CLIENT_KEY_SHARE_EXT 0
+# define SSL_F_ADD_KEY_SHARE 0
+# define SSL_F_BYTES_TO_CIPHER_LIST 0
+# define SSL_F_CHECK_SUITEB_CIPHER_LIST 0
+# define SSL_F_CIPHERSUITE_CB 0
+# define SSL_F_CONSTRUCT_CA_NAMES 0
+# define SSL_F_CONSTRUCT_KEY_EXCHANGE_TBS 0
+# define SSL_F_CONSTRUCT_STATEFUL_TICKET 0
+# define SSL_F_CONSTRUCT_STATELESS_TICKET 0
+# define SSL_F_CREATE_SYNTHETIC_MESSAGE_HASH 0
+# define SSL_F_CREATE_TICKET_PREQUEL 0
+# define SSL_F_CT_MOVE_SCTS 0
+# define SSL_F_CT_STRICT 0
+# define SSL_F_CUSTOM_EXT_ADD 0
+# define SSL_F_CUSTOM_EXT_PARSE 0
+# define SSL_F_D2I_SSL_SESSION 0
+# define SSL_F_DANE_CTX_ENABLE 0
+# define SSL_F_DANE_MTYPE_SET 0
+# define SSL_F_DANE_TLSA_ADD 0
+# define SSL_F_DERIVE_SECRET_KEY_AND_IV 0
+# define SSL_F_DO_DTLS1_WRITE 0
+# define SSL_F_DO_SSL3_WRITE 0
+# define SSL_F_DTLS1_BUFFER_RECORD 0
+# define SSL_F_DTLS1_CHECK_TIMEOUT_NUM 0
+# define SSL_F_DTLS1_HM_FRAGMENT_NEW 0
+# define SSL_F_DTLS1_PREPROCESS_FRAGMENT 0
+# define SSL_F_DTLS1_PROCESS_BUFFERED_RECORDS 0
+# define SSL_F_DTLS1_PROCESS_RECORD 0
+# define SSL_F_DTLS1_READ_BYTES 0
+# define SSL_F_DTLS1_READ_FAILED 0
+# define SSL_F_DTLS1_RETRANSMIT_MESSAGE 0
+# define SSL_F_DTLS1_WRITE_APP_DATA_BYTES 0
+# define SSL_F_DTLS1_WRITE_BYTES 0
+# define SSL_F_DTLSV1_LISTEN 0
+# define SSL_F_DTLS_CONSTRUCT_CHANGE_CIPHER_SPEC 0
+# define SSL_F_DTLS_CONSTRUCT_HELLO_VERIFY_REQUEST 0
+# define SSL_F_DTLS_GET_REASSEMBLED_MESSAGE 0
+# define SSL_F_DTLS_PROCESS_HELLO_VERIFY 0
+# define SSL_F_DTLS_RECORD_LAYER_NEW 0
+# define SSL_F_DTLS_WAIT_FOR_DRY 0
+# define SSL_F_EARLY_DATA_COUNT_OK 0
+# define SSL_F_FINAL_EARLY_DATA 0
+# define SSL_F_FINAL_EC_PT_FORMATS 0
+# define SSL_F_FINAL_EMS 0
+# define SSL_F_FINAL_KEY_SHARE 0
+# define SSL_F_FINAL_MAXFRAGMENTLEN 0
+# define SSL_F_FINAL_RENEGOTIATE 0
+# define SSL_F_FINAL_SERVER_NAME 0
+# define SSL_F_FINAL_SIG_ALGS 0
+# define SSL_F_GET_CERT_VERIFY_TBS_DATA 0
+# define SSL_F_NSS_KEYLOG_INT 0
+# define SSL_F_OPENSSL_INIT_SSL 0
+# define SSL_F_OSSL_STATEM_CLIENT13_READ_TRANSITION 0
+# define SSL_F_OSSL_STATEM_CLIENT13_WRITE_TRANSITION 0
+# define SSL_F_OSSL_STATEM_CLIENT_CONSTRUCT_MESSAGE 0
+# define SSL_F_OSSL_STATEM_CLIENT_POST_PROCESS_MESSAGE 0
+# define SSL_F_OSSL_STATEM_CLIENT_PROCESS_MESSAGE 0
+# define SSL_F_OSSL_STATEM_CLIENT_READ_TRANSITION 0
+# define SSL_F_OSSL_STATEM_CLIENT_WRITE_TRANSITION 0
+# define SSL_F_OSSL_STATEM_SERVER13_READ_TRANSITION 0
+# define SSL_F_OSSL_STATEM_SERVER13_WRITE_TRANSITION 0
+# define SSL_F_OSSL_STATEM_SERVER_CONSTRUCT_MESSAGE 0
+# define SSL_F_OSSL_STATEM_SERVER_POST_PROCESS_MESSAGE 0
+# define SSL_F_OSSL_STATEM_SERVER_POST_WORK 0
+# define SSL_F_OSSL_STATEM_SERVER_PRE_WORK 0
+# define SSL_F_OSSL_STATEM_SERVER_PROCESS_MESSAGE 0
+# define SSL_F_OSSL_STATEM_SERVER_READ_TRANSITION 0
+# define SSL_F_OSSL_STATEM_SERVER_WRITE_TRANSITION 0
+# define SSL_F_PARSE_CA_NAMES 0
+# define SSL_F_PITEM_NEW 0
+# define SSL_F_PQUEUE_NEW 0
+# define SSL_F_PROCESS_KEY_SHARE_EXT 0
+# define SSL_F_READ_STATE_MACHINE 0
+# define SSL_F_SET_CLIENT_CIPHERSUITE 0
+# define SSL_F_SRP_GENERATE_CLIENT_MASTER_SECRET 0
+# define SSL_F_SRP_GENERATE_SERVER_MASTER_SECRET 0
+# define SSL_F_SRP_VERIFY_SERVER_PARAM 0
+# define SSL_F_SSL3_CHANGE_CIPHER_STATE 0
+# define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 0
+# define SSL_F_SSL3_CTRL 0
+# define SSL_F_SSL3_CTX_CTRL 0
+# define SSL_F_SSL3_DIGEST_CACHED_RECORDS 0
+# define SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC 0
+# define SSL_F_SSL3_ENC 0
+# define SSL_F_SSL3_FINAL_FINISH_MAC 0
+# define SSL_F_SSL3_FINISH_MAC 0
+# define SSL_F_SSL3_GENERATE_KEY_BLOCK 0
+# define SSL_F_SSL3_GENERATE_MASTER_SECRET 0
+# define SSL_F_SSL3_GET_RECORD 0
+# define SSL_F_SSL3_INIT_FINISHED_MAC 0
+# define SSL_F_SSL3_OUTPUT_CERT_CHAIN 0
+# define SSL_F_SSL3_READ_BYTES 0
+# define SSL_F_SSL3_READ_N 0
+# define SSL_F_SSL3_SETUP_KEY_BLOCK 0
+# define SSL_F_SSL3_SETUP_READ_BUFFER 0
+# define SSL_F_SSL3_SETUP_WRITE_BUFFER 0
+# define SSL_F_SSL3_WRITE_BYTES 0
+# define SSL_F_SSL3_WRITE_PENDING 0
+# define SSL_F_SSL_ADD_CERT_CHAIN 0
+# define SSL_F_SSL_ADD_CERT_TO_BUF 0
+# define SSL_F_SSL_ADD_CERT_TO_WPACKET 0
+# define SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT 0
+# define SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT 0
+# define SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT 0
+# define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK 0
+# define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK 0
+# define SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT 0
+# define SSL_F_SSL_ADD_SERVERHELLO_TLSEXT 0
+# define SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT 0
+# define SSL_F_SSL_BAD_METHOD 0
+# define SSL_F_SSL_BUILD_CERT_CHAIN 0
+# define SSL_F_SSL_BYTES_TO_CIPHER_LIST 0
+# define SSL_F_SSL_CACHE_CIPHERLIST 0
+# define SSL_F_SSL_CERT_ADD0_CHAIN_CERT 0
+# define SSL_F_SSL_CERT_DUP 0
+# define SSL_F_SSL_CERT_NEW 0
+# define SSL_F_SSL_CERT_SET0_CHAIN 0
+# define SSL_F_SSL_CHECK_PRIVATE_KEY 0
+# define SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT 0
+# define SSL_F_SSL_CHECK_SRP_EXT_CLIENTHELLO 0
+# define SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG 0
+# define SSL_F_SSL_CHOOSE_CLIENT_VERSION 0
+# define SSL_F_SSL_CIPHER_DESCRIPTION 0
+# define SSL_F_SSL_CIPHER_LIST_TO_BYTES 0
+# define SSL_F_SSL_CIPHER_PROCESS_RULESTR 0
+# define SSL_F_SSL_CIPHER_STRENGTH_SORT 0
+# define SSL_F_SSL_CLEAR 0
+# define SSL_F_SSL_CLIENT_HELLO_GET1_EXTENSIONS_PRESENT 0
+# define SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD 0
+# define SSL_F_SSL_CONF_CMD 0
+# define SSL_F_SSL_CREATE_CIPHER_LIST 0
+# define SSL_F_SSL_CTRL 0
+# define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 0
+# define SSL_F_SSL_CTX_ENABLE_CT 0
+# define SSL_F_SSL_CTX_MAKE_PROFILES 0
+# define SSL_F_SSL_CTX_NEW 0
+# define SSL_F_SSL_CTX_SET_ALPN_PROTOS 0
+# define SSL_F_SSL_CTX_SET_CIPHER_LIST 0
+# define SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE 0
+# define SSL_F_SSL_CTX_SET_CT_VALIDATION_CALLBACK 0
+# define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT 0
+# define SSL_F_SSL_CTX_SET_SSL_VERSION 0
+# define SSL_F_SSL_CTX_SET_TLSEXT_MAX_FRAGMENT_LENGTH 0
+# define SSL_F_SSL_CTX_USE_CERTIFICATE 0
+# define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1 0
+# define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE 0
+# define SSL_F_SSL_CTX_USE_PRIVATEKEY 0
+# define SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1 0
+# define SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE 0
+# define SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT 0
+# define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY 0
+# define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1 0
+# define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE 0
+# define SSL_F_SSL_CTX_USE_SERVERINFO 0
+# define SSL_F_SSL_CTX_USE_SERVERINFO_EX 0
+# define SSL_F_SSL_CTX_USE_SERVERINFO_FILE 0
+# define SSL_F_SSL_DANE_DUP 0
+# define SSL_F_SSL_DANE_ENABLE 0
+# define SSL_F_SSL_DERIVE 0
+# define SSL_F_SSL_DO_CONFIG 0
+# define SSL_F_SSL_DO_HANDSHAKE 0
+# define SSL_F_SSL_DUP_CA_LIST 0
+# define SSL_F_SSL_ENABLE_CT 0
+# define SSL_F_SSL_GENERATE_PKEY_GROUP 0
+# define SSL_F_SSL_GENERATE_SESSION_ID 0
+# define SSL_F_SSL_GET_NEW_SESSION 0
+# define SSL_F_SSL_GET_PREV_SESSION 0
+# define SSL_F_SSL_GET_SERVER_CERT_INDEX 0
+# define SSL_F_SSL_GET_SIGN_PKEY 0
+# define SSL_F_SSL_HANDSHAKE_HASH 0
+# define SSL_F_SSL_INIT_WBIO_BUFFER 0
+# define SSL_F_SSL_KEY_UPDATE 0
+# define SSL_F_SSL_LOAD_CLIENT_CA_FILE 0
+# define SSL_F_SSL_LOG_MASTER_SECRET 0
+# define SSL_F_SSL_LOG_RSA_CLIENT_KEY_EXCHANGE 0
+# define SSL_F_SSL_MODULE_INIT 0
+# define SSL_F_SSL_NEW 0
+# define SSL_F_SSL_NEXT_PROTO_VALIDATE 0
+# define SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT 0
+# define SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT 0
+# define SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT 0
+# define SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT 0
+# define SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT 0
+# define SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT 0
+# define SSL_F_SSL_PEEK 0
+# define SSL_F_SSL_PEEK_EX 0
+# define SSL_F_SSL_PEEK_INTERNAL 0
+# define SSL_F_SSL_READ 0
+# define SSL_F_SSL_READ_EARLY_DATA 0
+# define SSL_F_SSL_READ_EX 0
+# define SSL_F_SSL_READ_INTERNAL 0
+# define SSL_F_SSL_RENEGOTIATE 0
+# define SSL_F_SSL_RENEGOTIATE_ABBREVIATED 0
+# define SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT 0
+# define SSL_F_SSL_SCAN_SERVERHELLO_TLSEXT 0
+# define SSL_F_SSL_SENDFILE 0
+# define SSL_F_SSL_SESSION_DUP 0
+# define SSL_F_SSL_SESSION_NEW 0
+# define SSL_F_SSL_SESSION_PRINT_FP 0
+# define SSL_F_SSL_SESSION_SET1_ID 0
+# define SSL_F_SSL_SESSION_SET1_ID_CONTEXT 0
+# define SSL_F_SSL_SET_ALPN_PROTOS 0
+# define SSL_F_SSL_SET_CERT 0
+# define SSL_F_SSL_SET_CERT_AND_KEY 0
+# define SSL_F_SSL_SET_CIPHER_LIST 0
+# define SSL_F_SSL_SET_CT_VALIDATION_CALLBACK 0
+# define SSL_F_SSL_SET_FD 0
+# define SSL_F_SSL_SET_PKEY 0
+# define SSL_F_SSL_SET_RFD 0
+# define SSL_F_SSL_SET_SESSION 0
+# define SSL_F_SSL_SET_SESSION_ID_CONTEXT 0
+# define SSL_F_SSL_SET_SESSION_TICKET_EXT 0
+# define SSL_F_SSL_SET_TLSEXT_MAX_FRAGMENT_LENGTH 0
+# define SSL_F_SSL_SET_WFD 0
+# define SSL_F_SSL_SHUTDOWN 0
+# define SSL_F_SSL_SRP_CTX_INIT 0
+# define SSL_F_SSL_START_ASYNC_JOB 0
+# define SSL_F_SSL_UNDEFINED_FUNCTION 0
+# define SSL_F_SSL_UNDEFINED_VOID_FUNCTION 0
+# define SSL_F_SSL_USE_CERTIFICATE 0
+# define SSL_F_SSL_USE_CERTIFICATE_ASN1 0
+# define SSL_F_SSL_USE_CERTIFICATE_FILE 0
+# define SSL_F_SSL_USE_PRIVATEKEY 0
+# define SSL_F_SSL_USE_PRIVATEKEY_ASN1 0
+# define SSL_F_SSL_USE_PRIVATEKEY_FILE 0
+# define SSL_F_SSL_USE_PSK_IDENTITY_HINT 0
+# define SSL_F_SSL_USE_RSAPRIVATEKEY 0
+# define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 0
+# define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE 0
+# define SSL_F_SSL_VALIDATE_CT 0
+# define SSL_F_SSL_VERIFY_CERT_CHAIN 0
+# define SSL_F_SSL_VERIFY_CLIENT_POST_HANDSHAKE 0
+# define SSL_F_SSL_WRITE 0
+# define SSL_F_SSL_WRITE_EARLY_DATA 0
+# define SSL_F_SSL_WRITE_EARLY_FINISH 0
+# define SSL_F_SSL_WRITE_EX 0
+# define SSL_F_SSL_WRITE_INTERNAL 0
+# define SSL_F_STATE_MACHINE 0
+# define SSL_F_TLS12_CHECK_PEER_SIGALG 0
+# define SSL_F_TLS12_COPY_SIGALGS 0
+# define SSL_F_TLS13_CHANGE_CIPHER_STATE 0
+# define SSL_F_TLS13_ENC 0
+# define SSL_F_TLS13_FINAL_FINISH_MAC 0
+# define SSL_F_TLS13_GENERATE_SECRET 0
+# define SSL_F_TLS13_HKDF_EXPAND 0
+# define SSL_F_TLS13_RESTORE_HANDSHAKE_DIGEST_FOR_PHA 0
+# define SSL_F_TLS13_SAVE_HANDSHAKE_DIGEST_FOR_PHA 0
+# define SSL_F_TLS13_SETUP_KEY_BLOCK 0
+# define SSL_F_TLS1_CHANGE_CIPHER_STATE 0
+# define SSL_F_TLS1_CHECK_DUPLICATE_EXTENSIONS 0
+# define SSL_F_TLS1_ENC 0
+# define SSL_F_TLS1_EXPORT_KEYING_MATERIAL 0
+# define SSL_F_TLS1_GET_CURVELIST 0
+# define SSL_F_TLS1_PRF 0
+# define SSL_F_TLS1_SAVE_U16 0
+# define SSL_F_TLS1_SETUP_KEY_BLOCK 0
+# define SSL_F_TLS1_SET_GROUPS 0
+# define SSL_F_TLS1_SET_RAW_SIGALGS 0
+# define SSL_F_TLS1_SET_SERVER_SIGALGS 0
+# define SSL_F_TLS1_SET_SHARED_SIGALGS 0
+# define SSL_F_TLS1_SET_SIGALGS 0
+# define SSL_F_TLS_CHOOSE_SIGALG 0
+# define SSL_F_TLS_CLIENT_KEY_EXCHANGE_POST_WORK 0
+# define SSL_F_TLS_COLLECT_EXTENSIONS 0
+# define SSL_F_TLS_CONSTRUCT_CERTIFICATE_AUTHORITIES 0
+# define SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST 0
+# define SSL_F_TLS_CONSTRUCT_CERT_STATUS 0
+# define SSL_F_TLS_CONSTRUCT_CERT_STATUS_BODY 0
+# define SSL_F_TLS_CONSTRUCT_CERT_VERIFY 0
+# define SSL_F_TLS_CONSTRUCT_CHANGE_CIPHER_SPEC 0
+# define SSL_F_TLS_CONSTRUCT_CKE_DHE 0
+# define SSL_F_TLS_CONSTRUCT_CKE_ECDHE 0
+# define SSL_F_TLS_CONSTRUCT_CKE_GOST 0
+# define SSL_F_TLS_CONSTRUCT_CKE_GOST18 0
+# define SSL_F_TLS_CONSTRUCT_CKE_PSK_PREAMBLE 0
+# define SSL_F_TLS_CONSTRUCT_CKE_RSA 0
+# define SSL_F_TLS_CONSTRUCT_CKE_SRP 0
+# define SSL_F_TLS_CONSTRUCT_CLIENT_CERTIFICATE 0
+# define SSL_F_TLS_CONSTRUCT_CLIENT_HELLO 0
+# define SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE 0
+# define SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_ALPN 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_CERTIFICATE 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_COOKIE 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_EARLY_DATA 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_EC_PT_FORMATS 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_EMS 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_ETM 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_HELLO 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_KEY_EXCHANGE 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_KEY_SHARE 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_MAXFRAGMENTLEN 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_NPN 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_PADDING 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_POST_HANDSHAKE_AUTH 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_PSK 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_PSK_KEX_MODES 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_RENEGOTIATE 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_SCT 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_SERVER_NAME 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_SESSION_TICKET 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_SIG_ALGS 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_SRP 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_STATUS_REQUEST 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_GROUPS 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_VERSIONS 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_USE_SRTP 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_VERIFY 0
+# define SSL_F_TLS_CONSTRUCT_ENCRYPTED_EXTENSIONS 0
+# define SSL_F_TLS_CONSTRUCT_END_OF_EARLY_DATA 0
+# define SSL_F_TLS_CONSTRUCT_EXTENSIONS 0
+# define SSL_F_TLS_CONSTRUCT_FINISHED 0
+# define SSL_F_TLS_CONSTRUCT_HELLO_REQUEST 0
+# define SSL_F_TLS_CONSTRUCT_HELLO_RETRY_REQUEST 0
+# define SSL_F_TLS_CONSTRUCT_KEY_UPDATE 0
+# define SSL_F_TLS_CONSTRUCT_NEW_SESSION_TICKET 0
+# define SSL_F_TLS_CONSTRUCT_NEXT_PROTO 0
+# define SSL_F_TLS_CONSTRUCT_SERVER_CERTIFICATE 0
+# define SSL_F_TLS_CONSTRUCT_SERVER_HELLO 0
+# define SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE 0
+# define SSL_F_TLS_CONSTRUCT_STOC_ALPN 0
+# define SSL_F_TLS_CONSTRUCT_STOC_CERTIFICATE 0
+# define SSL_F_TLS_CONSTRUCT_STOC_COOKIE 0
+# define SSL_F_TLS_CONSTRUCT_STOC_CRYPTOPRO_BUG 0
+# define SSL_F_TLS_CONSTRUCT_STOC_DONE 0
+# define SSL_F_TLS_CONSTRUCT_STOC_EARLY_DATA 0
+# define SSL_F_TLS_CONSTRUCT_STOC_EARLY_DATA_INFO 0
+# define SSL_F_TLS_CONSTRUCT_STOC_EC_PT_FORMATS 0
+# define SSL_F_TLS_CONSTRUCT_STOC_EMS 0
+# define SSL_F_TLS_CONSTRUCT_STOC_ETM 0
+# define SSL_F_TLS_CONSTRUCT_STOC_HELLO 0
+# define SSL_F_TLS_CONSTRUCT_STOC_KEY_EXCHANGE 0
+# define SSL_F_TLS_CONSTRUCT_STOC_KEY_SHARE 0
+# define SSL_F_TLS_CONSTRUCT_STOC_MAXFRAGMENTLEN 0
+# define SSL_F_TLS_CONSTRUCT_STOC_NEXT_PROTO_NEG 0
+# define SSL_F_TLS_CONSTRUCT_STOC_PSK 0
+# define SSL_F_TLS_CONSTRUCT_STOC_RENEGOTIATE 0
+# define SSL_F_TLS_CONSTRUCT_STOC_SERVER_NAME 0
+# define SSL_F_TLS_CONSTRUCT_STOC_SESSION_TICKET 0
+# define SSL_F_TLS_CONSTRUCT_STOC_STATUS_REQUEST 0
+# define SSL_F_TLS_CONSTRUCT_STOC_SUPPORTED_GROUPS 0
+# define SSL_F_TLS_CONSTRUCT_STOC_SUPPORTED_VERSIONS 0
+# define SSL_F_TLS_CONSTRUCT_STOC_USE_SRTP 0
+# define SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO 0
+# define SSL_F_TLS_FINISH_HANDSHAKE 0
+# define SSL_F_TLS_GET_MESSAGE_BODY 0
+# define SSL_F_TLS_GET_MESSAGE_HEADER 0
+# define SSL_F_TLS_HANDLE_ALPN 0
+# define SSL_F_TLS_HANDLE_STATUS_REQUEST 0
+# define SSL_F_TLS_PARSE_CERTIFICATE_AUTHORITIES 0
+# define SSL_F_TLS_PARSE_CLIENTHELLO_TLSEXT 0
+# define SSL_F_TLS_PARSE_CTOS_ALPN 0
+# define SSL_F_TLS_PARSE_CTOS_COOKIE 0
+# define SSL_F_TLS_PARSE_CTOS_EARLY_DATA 0
+# define SSL_F_TLS_PARSE_CTOS_EC_PT_FORMATS 0
+# define SSL_F_TLS_PARSE_CTOS_EMS 0
+# define SSL_F_TLS_PARSE_CTOS_KEY_SHARE 0
+# define SSL_F_TLS_PARSE_CTOS_MAXFRAGMENTLEN 0
+# define SSL_F_TLS_PARSE_CTOS_POST_HANDSHAKE_AUTH 0
+# define SSL_F_TLS_PARSE_CTOS_PSK 0
+# define SSL_F_TLS_PARSE_CTOS_PSK_KEX_MODES 0
+# define SSL_F_TLS_PARSE_CTOS_RENEGOTIATE 0
+# define SSL_F_TLS_PARSE_CTOS_SERVER_NAME 0
+# define SSL_F_TLS_PARSE_CTOS_SESSION_TICKET 0
+# define SSL_F_TLS_PARSE_CTOS_SIG_ALGS 0
+# define SSL_F_TLS_PARSE_CTOS_SIG_ALGS_CERT 0
+# define SSL_F_TLS_PARSE_CTOS_SRP 0
+# define SSL_F_TLS_PARSE_CTOS_STATUS_REQUEST 0
+# define SSL_F_TLS_PARSE_CTOS_SUPPORTED_GROUPS 0
+# define SSL_F_TLS_PARSE_CTOS_USE_SRTP 0
+# define SSL_F_TLS_PARSE_STOC_ALPN 0
+# define SSL_F_TLS_PARSE_STOC_COOKIE 0
+# define SSL_F_TLS_PARSE_STOC_EARLY_DATA 0
+# define SSL_F_TLS_PARSE_STOC_EARLY_DATA_INFO 0
+# define SSL_F_TLS_PARSE_STOC_EC_PT_FORMATS 0
+# define SSL_F_TLS_PARSE_STOC_KEY_SHARE 0
+# define SSL_F_TLS_PARSE_STOC_MAXFRAGMENTLEN 0
+# define SSL_F_TLS_PARSE_STOC_NPN 0
+# define SSL_F_TLS_PARSE_STOC_PSK 0
+# define SSL_F_TLS_PARSE_STOC_RENEGOTIATE 0
+# define SSL_F_TLS_PARSE_STOC_SCT 0
+# define SSL_F_TLS_PARSE_STOC_SERVER_NAME 0
+# define SSL_F_TLS_PARSE_STOC_SESSION_TICKET 0
+# define SSL_F_TLS_PARSE_STOC_STATUS_REQUEST 0
+# define SSL_F_TLS_PARSE_STOC_SUPPORTED_VERSIONS 0
+# define SSL_F_TLS_PARSE_STOC_USE_SRTP 0
+# define SSL_F_TLS_POST_PROCESS_CLIENT_HELLO 0
+# define SSL_F_TLS_POST_PROCESS_CLIENT_KEY_EXCHANGE 0
+# define SSL_F_TLS_PREPARE_CLIENT_CERTIFICATE 0
+# define SSL_F_TLS_PROCESS_AS_HELLO_RETRY_REQUEST 0
+# define SSL_F_TLS_PROCESS_CERTIFICATE_REQUEST 0
+# define SSL_F_TLS_PROCESS_CERT_STATUS 0
+# define SSL_F_TLS_PROCESS_CERT_STATUS_BODY 0
+# define SSL_F_TLS_PROCESS_CERT_VERIFY 0
+# define SSL_F_TLS_PROCESS_CHANGE_CIPHER_SPEC 0
+# define SSL_F_TLS_PROCESS_CKE_DHE 0
+# define SSL_F_TLS_PROCESS_CKE_ECDHE 0
+# define SSL_F_TLS_PROCESS_CKE_GOST 0
+# define SSL_F_TLS_PROCESS_CKE_GOST18 0
+# define SSL_F_TLS_PROCESS_CKE_PSK_PREAMBLE 0
+# define SSL_F_TLS_PROCESS_CKE_RSA 0
+# define SSL_F_TLS_PROCESS_CKE_SRP 0
+# define SSL_F_TLS_PROCESS_CLIENT_CERTIFICATE 0
+# define SSL_F_TLS_PROCESS_CLIENT_HELLO 0
+# define SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE 0
+# define SSL_F_TLS_PROCESS_ENCRYPTED_EXTENSIONS 0
+# define SSL_F_TLS_PROCESS_END_OF_EARLY_DATA 0
+# define SSL_F_TLS_PROCESS_FINISHED 0
+# define SSL_F_TLS_PROCESS_HELLO_REQ 0
+# define SSL_F_TLS_PROCESS_HELLO_RETRY_REQUEST 0
+# define SSL_F_TLS_PROCESS_INITIAL_SERVER_FLIGHT 0
+# define SSL_F_TLS_PROCESS_KEY_EXCHANGE 0
+# define SSL_F_TLS_PROCESS_KEY_UPDATE 0
+# define SSL_F_TLS_PROCESS_NEW_SESSION_TICKET 0
+# define SSL_F_TLS_PROCESS_NEXT_PROTO 0
+# define SSL_F_TLS_PROCESS_SERVER_CERTIFICATE 0
+# define SSL_F_TLS_PROCESS_SERVER_DONE 0
+# define SSL_F_TLS_PROCESS_SERVER_HELLO 0
+# define SSL_F_TLS_PROCESS_SKE_DHE 0
+# define SSL_F_TLS_PROCESS_SKE_ECDHE 0
+# define SSL_F_TLS_PROCESS_SKE_PSK_PREAMBLE 0
+# define SSL_F_TLS_PROCESS_SKE_SRP 0
+# define SSL_F_TLS_PSK_DO_BINDER 0
+# define SSL_F_TLS_SCAN_CLIENTHELLO_TLSEXT 0
+# define SSL_F_TLS_SETUP_HANDSHAKE 0
+# define SSL_F_USE_CERTIFICATE_CHAIN_FILE 0
+# define SSL_F_WPACKET_INTERN_INIT_LEN 0
+# define SSL_F_WPACKET_START_SUB_PACKET_LEN__ 0
+# define SSL_F_WRITE_STATE_MACHINE 0
+# endif
+
+/*
+ * SSL reason codes.
+ */
+# define SSL_R_ALGORITHM_FETCH_FAILED 295
+# define SSL_R_APPLICATION_DATA_AFTER_CLOSE_NOTIFY 291
+# define SSL_R_APP_DATA_IN_HANDSHAKE 100
+# define SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT 272
+# define SSL_R_AT_LEAST_TLS_1_0_NEEDED_IN_FIPS_MODE 143
+# define SSL_R_AT_LEAST_TLS_1_2_NEEDED_IN_SUITEB_MODE 158
+# define SSL_R_BAD_CHANGE_CIPHER_SPEC 103
+# define SSL_R_BAD_CIPHER 186
+# define SSL_R_BAD_DATA 390
+# define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 106
+# define SSL_R_BAD_DECOMPRESSION 107
+# define SSL_R_BAD_DH_VALUE 102
+# define SSL_R_BAD_DIGEST_LENGTH 111
+# define SSL_R_BAD_EARLY_DATA 233
+# define SSL_R_BAD_ECC_CERT 304
+# define SSL_R_BAD_ECPOINT 306
+# define SSL_R_BAD_EXTENSION 110
+# define SSL_R_BAD_HANDSHAKE_LENGTH 332
+# define SSL_R_BAD_HANDSHAKE_STATE 236
+# define SSL_R_BAD_HELLO_REQUEST 105
+# define SSL_R_BAD_HRR_VERSION 263
+# define SSL_R_BAD_KEY_SHARE 108
+# define SSL_R_BAD_KEY_UPDATE 122
+# define SSL_R_BAD_LEGACY_VERSION 292
+# define SSL_R_BAD_LENGTH 271
+# define SSL_R_BAD_PACKET 240
+# define SSL_R_BAD_PACKET_LENGTH 115
+# define SSL_R_BAD_PROTOCOL_VERSION_NUMBER 116
+# define SSL_R_BAD_PSK 219
+# define SSL_R_BAD_PSK_IDENTITY 114
+# define SSL_R_BAD_RECORD_TYPE 443
+# define SSL_R_BAD_RSA_ENCRYPT 119
+# define SSL_R_BAD_SIGNATURE 123
+# define SSL_R_BAD_SRP_A_LENGTH 347
+# define SSL_R_BAD_SRP_PARAMETERS 371
+# define SSL_R_BAD_SRTP_MKI_VALUE 352
+# define SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST 353
+# define SSL_R_BAD_SSL_FILETYPE 124
+# define SSL_R_BAD_VALUE 384
+# define SSL_R_BAD_WRITE_RETRY 127
+# define SSL_R_BINDER_DOES_NOT_VERIFY 253
+# define SSL_R_BIO_NOT_SET 128
+# define SSL_R_BLOCK_CIPHER_PAD_IS_WRONG 129
+# define SSL_R_BN_LIB 130
+# define SSL_R_CALLBACK_FAILED 234
+# define SSL_R_CANNOT_CHANGE_CIPHER 109
+# define SSL_R_CA_DN_LENGTH_MISMATCH 131
+# define SSL_R_CA_KEY_TOO_SMALL 397
+# define SSL_R_CA_MD_TOO_WEAK 398
+# define SSL_R_CCS_RECEIVED_EARLY 133
+# define SSL_R_CERTIFICATE_VERIFY_FAILED 134
+# define SSL_R_CERT_CB_ERROR 377
+# define SSL_R_CERT_LENGTH_MISMATCH 135
+# define SSL_R_CIPHERSUITE_DIGEST_HAS_CHANGED 218
+# define SSL_R_CIPHER_CODE_WRONG_LENGTH 137
+# define SSL_R_CIPHER_OR_HASH_UNAVAILABLE 138
+# define SSL_R_CLIENTHELLO_TLSEXT 226
+# define SSL_R_COMPRESSED_LENGTH_TOO_LONG 140
+# define SSL_R_COMPRESSION_DISABLED 343
+# define SSL_R_COMPRESSION_FAILURE 141
+# define SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE 307
+# define SSL_R_COMPRESSION_LIBRARY_ERROR 142
+# define SSL_R_CONNECTION_TYPE_NOT_SET 144
+# define SSL_R_CONTEXT_NOT_DANE_ENABLED 167
+# define SSL_R_COOKIE_GEN_CALLBACK_FAILURE 400
+# define SSL_R_COOKIE_MISMATCH 308
+# define SSL_R_COPY_PARAMETERS_FAILED 296
+# define SSL_R_CUSTOM_EXT_HANDLER_ALREADY_INSTALLED 206
+# define SSL_R_DANE_ALREADY_ENABLED 172
+# define SSL_R_DANE_CANNOT_OVERRIDE_MTYPE_FULL 173
+# define SSL_R_DANE_NOT_ENABLED 175
+# define SSL_R_DANE_TLSA_BAD_CERTIFICATE 180
+# define SSL_R_DANE_TLSA_BAD_CERTIFICATE_USAGE 184
+# define SSL_R_DANE_TLSA_BAD_DATA_LENGTH 189
+# define SSL_R_DANE_TLSA_BAD_DIGEST_LENGTH 192
+# define SSL_R_DANE_TLSA_BAD_MATCHING_TYPE 200
+# define SSL_R_DANE_TLSA_BAD_PUBLIC_KEY 201
+# define SSL_R_DANE_TLSA_BAD_SELECTOR 202
+# define SSL_R_DANE_TLSA_NULL_DATA 203
+# define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED 145
+# define SSL_R_DATA_LENGTH_TOO_LONG 146
+# define SSL_R_DECRYPTION_FAILED 147
+# define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC 281
+# define SSL_R_DH_KEY_TOO_SMALL 394
+# define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148
+# define SSL_R_DIGEST_CHECK_FAILED 149
+# define SSL_R_DTLS_MESSAGE_TOO_BIG 334
+# define SSL_R_DUPLICATE_COMPRESSION_ID 309
+# define SSL_R_ECC_CERT_NOT_FOR_SIGNING 318
+# define SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE 374
+# define SSL_R_EE_KEY_TOO_SMALL 399
+# define SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST 354
+# define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150
+# define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151
+# define SSL_R_ERROR_SETTING_TLSA_BASE_DOMAIN 204
+# define SSL_R_EXCEEDS_MAX_FRAGMENT_SIZE 194
+# define SSL_R_EXCESSIVE_MESSAGE_SIZE 152
+# define SSL_R_EXTENSION_NOT_RECEIVED 279
+# define SSL_R_EXTRA_DATA_IN_MESSAGE 153
+# define SSL_R_EXT_LENGTH_MISMATCH 163
+# define SSL_R_FAILED_TO_INIT_ASYNC 405
+# define SSL_R_FRAGMENTED_CLIENT_HELLO 401
+# define SSL_R_GOT_A_FIN_BEFORE_A_CCS 154
+# define SSL_R_HTTPS_PROXY_REQUEST 155
+# define SSL_R_HTTP_REQUEST 156
+# define SSL_R_ILLEGAL_POINT_COMPRESSION 162
+# define SSL_R_ILLEGAL_SUITEB_DIGEST 380
+# define SSL_R_INAPPROPRIATE_FALLBACK 373
+# define SSL_R_INCONSISTENT_COMPRESSION 340
+# define SSL_R_INCONSISTENT_EARLY_DATA_ALPN 222
+# define SSL_R_INCONSISTENT_EARLY_DATA_SNI 231
+# define SSL_R_INCONSISTENT_EXTMS 104
+# define SSL_R_INSUFFICIENT_SECURITY 241
+# define SSL_R_INVALID_ALERT 205
+# define SSL_R_INVALID_CCS_MESSAGE 260
+# define SSL_R_INVALID_CERTIFICATE_OR_ALG 238
+# define SSL_R_INVALID_COMMAND 280
+# define SSL_R_INVALID_COMPRESSION_ALGORITHM 341
+# define SSL_R_INVALID_CONFIG 283
+# define SSL_R_INVALID_CONFIGURATION_NAME 113
+# define SSL_R_INVALID_CONTEXT 282
+# define SSL_R_INVALID_CT_VALIDATION_TYPE 212
+# define SSL_R_INVALID_KEY_UPDATE_TYPE 120
+# define SSL_R_INVALID_MAX_EARLY_DATA 174
+# define SSL_R_INVALID_NULL_CMD_NAME 385
+# define SSL_R_INVALID_SEQUENCE_NUMBER 402
+# define SSL_R_INVALID_SERVERINFO_DATA 388
+# define SSL_R_INVALID_SESSION_ID 999
+# define SSL_R_INVALID_SRP_USERNAME 357
+# define SSL_R_INVALID_STATUS_RESPONSE 328
+# define SSL_R_INVALID_TICKET_KEYS_LENGTH 325
+# define SSL_R_LENGTH_MISMATCH 159
+# define SSL_R_LENGTH_TOO_LONG 404
+# define SSL_R_LENGTH_TOO_SHORT 160
+# define SSL_R_LIBRARY_BUG 274
+# define SSL_R_LIBRARY_HAS_NO_CIPHERS 161
+# define SSL_R_MISSING_DSA_SIGNING_CERT 165
+# define SSL_R_MISSING_ECDSA_SIGNING_CERT 381
+# define SSL_R_MISSING_FATAL 256
+# define SSL_R_MISSING_PARAMETERS 290
+# define SSL_R_MISSING_RSA_CERTIFICATE 168
+# define SSL_R_MISSING_RSA_ENCRYPTING_CERT 169
+# define SSL_R_MISSING_RSA_SIGNING_CERT 170
+# define SSL_R_MISSING_SIGALGS_EXTENSION 112
+# define SSL_R_MISSING_SIGNING_CERT 221
+# define SSL_R_MISSING_SRP_PARAM 358
+# define SSL_R_MISSING_SUPPORTED_GROUPS_EXTENSION 209
+# define SSL_R_MISSING_TMP_DH_KEY 171
+# define SSL_R_MISSING_TMP_ECDH_KEY 311
+# define SSL_R_MIXED_HANDSHAKE_AND_NON_HANDSHAKE_DATA 293
+# define SSL_R_NOT_ON_RECORD_BOUNDARY 182
+# define SSL_R_NOT_REPLACING_CERTIFICATE 289
+# define SSL_R_NOT_SERVER 284
+# define SSL_R_NO_APPLICATION_PROTOCOL 235
+# define SSL_R_NO_CERTIFICATES_RETURNED 176
+# define SSL_R_NO_CERTIFICATE_ASSIGNED 177
+# define SSL_R_NO_CERTIFICATE_SET 179
+# define SSL_R_NO_CHANGE_FOLLOWING_HRR 214
+# define SSL_R_NO_CIPHERS_AVAILABLE 181
+# define SSL_R_NO_CIPHERS_SPECIFIED 183
+# define SSL_R_NO_CIPHER_MATCH 185
+# define SSL_R_NO_CLIENT_CERT_METHOD 331
+# define SSL_R_NO_COMPRESSION_SPECIFIED 187
+# define SSL_R_NO_COOKIE_CALLBACK_SET 287
+# define SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER 330
+# define SSL_R_NO_METHOD_SPECIFIED 188
+# define SSL_R_NO_PEM_EXTENSIONS 389
+# define SSL_R_NO_PRIVATE_KEY_ASSIGNED 190
+# define SSL_R_NO_PROTOCOLS_AVAILABLE 191
+# define SSL_R_NO_RENEGOTIATION 339
+# define SSL_R_NO_REQUIRED_DIGEST 324
+# define SSL_R_NO_SHARED_CIPHER 193
+# define SSL_R_NO_SHARED_GROUPS 410
+# define SSL_R_NO_SHARED_SIGNATURE_ALGORITHMS 376
+# define SSL_R_NO_SRTP_PROFILES 359
+# define SSL_R_NO_SUITABLE_KEY_SHARE 101
+# define SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM 118
+# define SSL_R_NO_VALID_SCTS 216
+# define SSL_R_NO_VERIFY_COOKIE_CALLBACK 403
+# define SSL_R_NULL_SSL_CTX 195
+# define SSL_R_NULL_SSL_METHOD_PASSED 196
+# define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 197
+# define SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED 344
+# define SSL_R_OVERFLOW_ERROR 237
+# define SSL_R_PACKET_LENGTH_TOO_LONG 198
+# define SSL_R_PARSE_TLSEXT 227
+# define SSL_R_PATH_TOO_LONG 270
+# define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 199
+# define SSL_R_PEM_NAME_BAD_PREFIX 391
+# define SSL_R_PEM_NAME_TOO_SHORT 392
+# define SSL_R_PIPELINE_FAILURE 406
+# define SSL_R_POST_HANDSHAKE_AUTH_ENCODING_ERR 278
+# define SSL_R_PRIVATE_KEY_MISMATCH 288
+# define SSL_R_PROTOCOL_IS_SHUTDOWN 207
+# define SSL_R_PSK_IDENTITY_NOT_FOUND 223
+# define SSL_R_PSK_NO_CLIENT_CB 224
+# define SSL_R_PSK_NO_SERVER_CB 225
+# define SSL_R_READ_BIO_NOT_SET 211
+# define SSL_R_READ_TIMEOUT_EXPIRED 312
+# define SSL_R_RECORD_LENGTH_MISMATCH 213
+# define SSL_R_RECORD_TOO_SMALL 298
+# define SSL_R_RENEGOTIATE_EXT_TOO_LONG 335
+# define SSL_R_RENEGOTIATION_ENCODING_ERR 336
+# define SSL_R_RENEGOTIATION_MISMATCH 337
+# define SSL_R_REQUEST_PENDING 285
+# define SSL_R_REQUEST_SENT 286
+# define SSL_R_REQUIRED_CIPHER_MISSING 215
+# define SSL_R_REQUIRED_COMPRESSION_ALGORITHM_MISSING 342
+# define SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING 345
+# define SSL_R_SCT_VERIFICATION_FAILED 208
+# define SSL_R_SERVERHELLO_TLSEXT 275
+# define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277
+# define SSL_R_SHUTDOWN_WHILE_IN_INIT 407
+# define SSL_R_SIGNATURE_ALGORITHMS_ERROR 360
+# define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220
+# define SSL_R_SRP_A_CALC 361
+# define SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES 362
+# define SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG 363
+# define SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE 364
+# define SSL_R_SSL3_EXT_INVALID_MAX_FRAGMENT_LENGTH 232
+# define SSL_R_SSL3_EXT_INVALID_SERVERNAME 319
+# define SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE 320
+# define SSL_R_SSL3_SESSION_ID_TOO_LONG 300
+# define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042
+# define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020
+# define SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED 1045
+# define SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED 1044
+# define SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN 1046
+# define SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE 1030
+# define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE 1040
+# define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER 1047
+# define SSL_R_SSLV3_ALERT_NO_CERTIFICATE 1041
+# define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010
+# define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE 1043
+# define SSL_R_SSL_COMMAND_SECTION_EMPTY 117
+# define SSL_R_SSL_COMMAND_SECTION_NOT_FOUND 125
+# define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION 228
+# define SSL_R_SSL_HANDSHAKE_FAILURE 229
+# define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS 230
+# define SSL_R_SSL_NEGATIVE_LENGTH 372
+# define SSL_R_SSL_SECTION_EMPTY 126
+# define SSL_R_SSL_SECTION_NOT_FOUND 136
+# define SSL_R_SSL_SESSION_ID_CALLBACK_FAILED 301
+# define SSL_R_SSL_SESSION_ID_CONFLICT 302
+# define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG 273
+# define SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH 303
+# define SSL_R_SSL_SESSION_ID_TOO_LONG 408
+# define SSL_R_SSL_SESSION_VERSION_MISMATCH 210
+# define SSL_R_STILL_IN_INIT 121
+# define SSL_R_TLSV13_ALERT_CERTIFICATE_REQUIRED 1116
+# define SSL_R_TLSV13_ALERT_MISSING_EXTENSION 1109
+# define SSL_R_TLSV1_ALERT_ACCESS_DENIED 1049
+# define SSL_R_TLSV1_ALERT_DECODE_ERROR 1050
+# define SSL_R_TLSV1_ALERT_DECRYPTION_FAILED 1021
+# define SSL_R_TLSV1_ALERT_DECRYPT_ERROR 1051
+# define SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION 1060
+# define SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK 1086
+# define SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071
+# define SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080
+# define SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100
+# define SSL_R_TLSV1_ALERT_PROTOCOL_VERSION 1070
+# define SSL_R_TLSV1_ALERT_RECORD_OVERFLOW 1022
+# define SSL_R_TLSV1_ALERT_UNKNOWN_CA 1048
+# define SSL_R_TLSV1_ALERT_USER_CANCELLED 1090
+# define SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE 1114
+# define SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE 1113
+# define SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE 1111
+# define SSL_R_TLSV1_UNRECOGNIZED_NAME 1112
+# define SSL_R_TLSV1_UNSUPPORTED_EXTENSION 1110
+# define SSL_R_TLS_ILLEGAL_EXPORTER_LABEL 367
+# define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 157
+# define SSL_R_TOO_MANY_KEY_UPDATES 132
+# define SSL_R_TOO_MANY_WARN_ALERTS 409
+# define SSL_R_TOO_MUCH_EARLY_DATA 164
+# define SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS 314
+# define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 239
+# define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES 242
+# define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES 243
+# define SSL_R_UNEXPECTED_CCS_MESSAGE 262
+# define SSL_R_UNEXPECTED_END_OF_EARLY_DATA 178
+# define SSL_R_UNEXPECTED_EOF_WHILE_READING 294
+# define SSL_R_UNEXPECTED_MESSAGE 244
+# define SSL_R_UNEXPECTED_RECORD 245
+# define SSL_R_UNINITIALIZED 276
+# define SSL_R_UNKNOWN_ALERT_TYPE 246
+# define SSL_R_UNKNOWN_CERTIFICATE_TYPE 247
+# define SSL_R_UNKNOWN_CIPHER_RETURNED 248
+# define SSL_R_UNKNOWN_CIPHER_TYPE 249
+# define SSL_R_UNKNOWN_CMD_NAME 386
+# define SSL_R_UNKNOWN_COMMAND 139
+# define SSL_R_UNKNOWN_DIGEST 368
+# define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE 250
+# define SSL_R_UNKNOWN_PKEY_TYPE 251
+# define SSL_R_UNKNOWN_PROTOCOL 252
+# define SSL_R_UNKNOWN_SSL_VERSION 254
+# define SSL_R_UNKNOWN_STATE 255
+# define SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED 338
+# define SSL_R_UNSOLICITED_EXTENSION 217
+# define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 257
+# define SSL_R_UNSUPPORTED_ELLIPTIC_CURVE 315
+# define SSL_R_UNSUPPORTED_PROTOCOL 258
+# define SSL_R_UNSUPPORTED_SSL_VERSION 259
+# define SSL_R_UNSUPPORTED_STATUS_TYPE 329
+# define SSL_R_USE_SRTP_NOT_NEGOTIATED 369
+# define SSL_R_VERSION_TOO_HIGH 166
+# define SSL_R_VERSION_TOO_LOW 396
+# define SSL_R_WRONG_CERTIFICATE_TYPE 383
+# define SSL_R_WRONG_CIPHER_RETURNED 261
+# define SSL_R_WRONG_CURVE 378
+# define SSL_R_WRONG_SIGNATURE_LENGTH 264
+# define SSL_R_WRONG_SIGNATURE_SIZE 265
+# define SSL_R_WRONG_SIGNATURE_TYPE 370
+# define SSL_R_WRONG_SSL_VERSION 266
+# define SSL_R_WRONG_VERSION_NUMBER 267
+# define SSL_R_X509_LIB 268
+# define SSL_R_X509_VERIFICATION_SETUP_PROBLEMS 269
+
+#endif
diff --git a/openssl/include/openssl/stack.h b/openssl/include/openssl/stack.h new file mode 100644 index 00000000..a2c0489e --- /dev/null +++ b/openssl/include/openssl/stack.h @@ -0,0 +1,89 @@ +/*
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_STACK_H
+# define OPENSSL_STACK_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_STACK_H
+# endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct stack_st OPENSSL_STACK; /* Use STACK_OF(...) instead */
+
+typedef int (*OPENSSL_sk_compfunc)(const void *, const void *);
+typedef void (*OPENSSL_sk_freefunc)(void *);
+typedef void *(*OPENSSL_sk_copyfunc)(const void *);
+
+int OPENSSL_sk_num(const OPENSSL_STACK *);
+void *OPENSSL_sk_value(const OPENSSL_STACK *, int);
+
+void *OPENSSL_sk_set(OPENSSL_STACK *st, int i, const void *data);
+
+OPENSSL_STACK *OPENSSL_sk_new(OPENSSL_sk_compfunc cmp);
+OPENSSL_STACK *OPENSSL_sk_new_null(void);
+OPENSSL_STACK *OPENSSL_sk_new_reserve(OPENSSL_sk_compfunc c, int n);
+int OPENSSL_sk_reserve(OPENSSL_STACK *st, int n);
+void OPENSSL_sk_free(OPENSSL_STACK *);
+void OPENSSL_sk_pop_free(OPENSSL_STACK *st, void (*func) (void *));
+OPENSSL_STACK *OPENSSL_sk_deep_copy(const OPENSSL_STACK *,
+ OPENSSL_sk_copyfunc c,
+ OPENSSL_sk_freefunc f);
+int OPENSSL_sk_insert(OPENSSL_STACK *sk, const void *data, int where);
+void *OPENSSL_sk_delete(OPENSSL_STACK *st, int loc);
+void *OPENSSL_sk_delete_ptr(OPENSSL_STACK *st, const void *p);
+int OPENSSL_sk_find(OPENSSL_STACK *st, const void *data);
+int OPENSSL_sk_find_ex(OPENSSL_STACK *st, const void *data);
+int OPENSSL_sk_push(OPENSSL_STACK *st, const void *data);
+int OPENSSL_sk_unshift(OPENSSL_STACK *st, const void *data);
+void *OPENSSL_sk_shift(OPENSSL_STACK *st);
+void *OPENSSL_sk_pop(OPENSSL_STACK *st);
+void OPENSSL_sk_zero(OPENSSL_STACK *st);
+OPENSSL_sk_compfunc OPENSSL_sk_set_cmp_func(OPENSSL_STACK *sk,
+ OPENSSL_sk_compfunc cmp);
+OPENSSL_STACK *OPENSSL_sk_dup(const OPENSSL_STACK *st);
+void OPENSSL_sk_sort(OPENSSL_STACK *st);
+int OPENSSL_sk_is_sorted(const OPENSSL_STACK *st);
+
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# define _STACK OPENSSL_STACK
+# define sk_num OPENSSL_sk_num
+# define sk_value OPENSSL_sk_value
+# define sk_set OPENSSL_sk_set
+# define sk_new OPENSSL_sk_new
+# define sk_new_null OPENSSL_sk_new_null
+# define sk_free OPENSSL_sk_free
+# define sk_pop_free OPENSSL_sk_pop_free
+# define sk_deep_copy OPENSSL_sk_deep_copy
+# define sk_insert OPENSSL_sk_insert
+# define sk_delete OPENSSL_sk_delete
+# define sk_delete_ptr OPENSSL_sk_delete_ptr
+# define sk_find OPENSSL_sk_find
+# define sk_find_ex OPENSSL_sk_find_ex
+# define sk_push OPENSSL_sk_push
+# define sk_unshift OPENSSL_sk_unshift
+# define sk_shift OPENSSL_sk_shift
+# define sk_pop OPENSSL_sk_pop
+# define sk_zero OPENSSL_sk_zero
+# define sk_set_cmp_func OPENSSL_sk_set_cmp_func
+# define sk_dup OPENSSL_sk_dup
+# define sk_sort OPENSSL_sk_sort
+# define sk_is_sorted OPENSSL_sk_is_sorted
+# endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/openssl/include/openssl/store.h b/openssl/include/openssl/store.h new file mode 100644 index 00000000..b9d64ecc --- /dev/null +++ b/openssl/include/openssl/store.h @@ -0,0 +1,300 @@ +/*
+ * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_STORE_H
+# define OPENSSL_STORE_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_OSSL_STORE_H
+# endif
+
+# include <stdarg.h>
+# include <openssl/types.h>
+# include <openssl/pem.h>
+# include <openssl/storeerr.h>
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+/*-
+ * The main OSSL_STORE functions.
+ * ------------------------------
+ *
+ * These allow applications to open a channel to a resource with supported
+ * data (keys, certs, crls, ...), read the data a piece at a time and decide
+ * what to do with it, and finally close.
+ */
+
+typedef struct ossl_store_ctx_st OSSL_STORE_CTX;
+
+/*
+ * Typedef for the OSSL_STORE_INFO post processing callback. This can be used
+ * to massage the given OSSL_STORE_INFO, or to drop it entirely (by returning
+ * NULL).
+ */
+typedef OSSL_STORE_INFO *(*OSSL_STORE_post_process_info_fn)(OSSL_STORE_INFO *,
+ void *);
+
+/*
+ * Open a channel given a URI. The given UI method will be used any time the
+ * loader needs extra input, for example when a password or pin is needed, and
+ * will be passed the same user data every time it's needed in this context.
+ *
+ * Returns a context reference which represents the channel to communicate
+ * through.
+ */
+OSSL_STORE_CTX *OSSL_STORE_open(const char *uri, const UI_METHOD *ui_method,
+ void *ui_data,
+ OSSL_STORE_post_process_info_fn post_process,
+ void *post_process_data);
+
+/*
+ * Control / fine tune the OSSL_STORE channel. |cmd| determines what is to be
+ * done, and depends on the underlying loader (use OSSL_STORE_get0_scheme to
+ * determine which loader is used), except for common commands (see below).
+ * Each command takes different arguments.
+ */
+int OSSL_STORE_ctrl(OSSL_STORE_CTX *ctx, int cmd, ... /* args */);
+int OSSL_STORE_vctrl(OSSL_STORE_CTX *ctx, int cmd, va_list args);
+
+/*
+ * Common ctrl commands that different loaders may choose to support.
+ */
+/* int on = 0 or 1; STORE_ctrl(ctx, STORE_C_USE_SECMEM, &on); */
+# define OSSL_STORE_C_USE_SECMEM 1
+/* Where custom commands start */
+# define OSSL_STORE_C_CUSTOM_START 100
+
+/*
+ * Read one data item (a key, a cert, a CRL) that is supported by the OSSL_STORE
+ * functionality, given a context.
+ * Returns a OSSL_STORE_INFO pointer, from which OpenSSL typed data can be
+ * extracted with OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT(), ...
+ * NULL is returned on error, which may include that the data found at the URI
+ * can't be figured out for certain or is ambiguous.
+ */
+OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx);
+
+/*
+ * Check if end of data (end of file) is reached
+ * Returns 1 on end, 0 otherwise.
+ */
+int OSSL_STORE_eof(OSSL_STORE_CTX *ctx);
+
+/*
+ * Check if an error occurred
+ * Returns 1 if it did, 0 otherwise.
+ */
+int OSSL_STORE_error(OSSL_STORE_CTX *ctx);
+
+/*
+ * Close the channel
+ * Returns 1 on success, 0 on error.
+ */
+int OSSL_STORE_close(OSSL_STORE_CTX *ctx);
+
+/*
+ * Attach to a BIO. This works like OSSL_STORE_open() except it takes a
+ * BIO instead of a uri, along with a scheme to use when reading.
+ * The given UI method will be used any time the loader needs extra input,
+ * for example when a password or pin is needed, and will be passed the
+ * same user data every time it's needed in this context.
+ *
+ * Returns a context reference which represents the channel to communicate
+ * through.
+ *
+ * Note that this function is considered unsafe, all depending on what the
+ * BIO actually reads.
+ */
+OSSL_STORE_CTX *OSSL_STORE_attach(BIO *bio, OPENSSL_CTX *libctx,
+ const char *scheme, const char *propq,
+ const UI_METHOD *ui_method, void *ui_data,
+ OSSL_STORE_post_process_info_fn post_process,
+ void *post_process_data);
+
+/*-
+ * Extracting OpenSSL types from and creating new OSSL_STORE_INFOs
+ * ---------------------------------------------------------------
+ */
+
+/*
+ * Types of data that can be ossl_stored in a OSSL_STORE_INFO.
+ * OSSL_STORE_INFO_NAME is typically found when getting a listing of
+ * available "files" / "tokens" / what have you.
+ */
+# define OSSL_STORE_INFO_NAME 1 /* char * */
+# define OSSL_STORE_INFO_PARAMS 2 /* EVP_PKEY * */
+# define OSSL_STORE_INFO_PKEY 3 /* EVP_PKEY * */
+# define OSSL_STORE_INFO_CERT 4 /* X509 * */
+# define OSSL_STORE_INFO_CRL 5 /* X509_CRL * */
+
+/*
+ * Functions to generate OSSL_STORE_INFOs, one function for each type we
+ * support having in them, as well as a generic constructor.
+ *
+ * In all cases, ownership of the object is transferred to the OSSL_STORE_INFO
+ * and will therefore be freed when the OSSL_STORE_INFO is freed.
+ */
+OSSL_STORE_INFO *OSSL_STORE_INFO_new_NAME(char *name);
+int OSSL_STORE_INFO_set0_NAME_description(OSSL_STORE_INFO *info, char *desc);
+OSSL_STORE_INFO *OSSL_STORE_INFO_new_PARAMS(EVP_PKEY *params);
+OSSL_STORE_INFO *OSSL_STORE_INFO_new_PKEY(EVP_PKEY *pkey);
+OSSL_STORE_INFO *OSSL_STORE_INFO_new_CERT(X509 *x509);
+OSSL_STORE_INFO *OSSL_STORE_INFO_new_CRL(X509_CRL *crl);
+
+/*
+ * Functions to try to extract data from a OSSL_STORE_INFO.
+ */
+int OSSL_STORE_INFO_get_type(const OSSL_STORE_INFO *info);
+const char *OSSL_STORE_INFO_get0_NAME(const OSSL_STORE_INFO *info);
+char *OSSL_STORE_INFO_get1_NAME(const OSSL_STORE_INFO *info);
+const char *OSSL_STORE_INFO_get0_NAME_description(const OSSL_STORE_INFO *info);
+char *OSSL_STORE_INFO_get1_NAME_description(const OSSL_STORE_INFO *info);
+EVP_PKEY *OSSL_STORE_INFO_get0_PARAMS(const OSSL_STORE_INFO *info);
+EVP_PKEY *OSSL_STORE_INFO_get1_PARAMS(const OSSL_STORE_INFO *info);
+EVP_PKEY *OSSL_STORE_INFO_get0_PKEY(const OSSL_STORE_INFO *info);
+EVP_PKEY *OSSL_STORE_INFO_get1_PKEY(const OSSL_STORE_INFO *info);
+X509 *OSSL_STORE_INFO_get0_CERT(const OSSL_STORE_INFO *info);
+X509 *OSSL_STORE_INFO_get1_CERT(const OSSL_STORE_INFO *info);
+X509_CRL *OSSL_STORE_INFO_get0_CRL(const OSSL_STORE_INFO *info);
+X509_CRL *OSSL_STORE_INFO_get1_CRL(const OSSL_STORE_INFO *info);
+
+const char *OSSL_STORE_INFO_type_string(int type);
+
+/*
+ * Free the OSSL_STORE_INFO
+ */
+void OSSL_STORE_INFO_free(OSSL_STORE_INFO *info);
+
+
+/*-
+ * Functions to construct a search URI from a base URI and search criteria
+ * -----------------------------------------------------------------------
+ */
+
+/* OSSL_STORE search types */
+# define OSSL_STORE_SEARCH_BY_NAME 1 /* subject in certs, issuer in CRLs */
+# define OSSL_STORE_SEARCH_BY_ISSUER_SERIAL 2
+# define OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT 3
+# define OSSL_STORE_SEARCH_BY_ALIAS 4
+
+/* To check what search types the scheme handler supports */
+int OSSL_STORE_supports_search(OSSL_STORE_CTX *ctx, int search_type);
+
+/* Search term constructors */
+/*
+ * The input is considered to be owned by the caller, and must therefore
+ * remain present throughout the lifetime of the returned OSSL_STORE_SEARCH
+ */
+OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_name(X509_NAME *name);
+OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_issuer_serial(X509_NAME *name,
+ const ASN1_INTEGER
+ *serial);
+OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_key_fingerprint(const EVP_MD *digest,
+ const unsigned char
+ *bytes, size_t len);
+OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_alias(const char *alias);
+
+/* Search term destructor */
+void OSSL_STORE_SEARCH_free(OSSL_STORE_SEARCH *search);
+
+/* Search term accessors */
+int OSSL_STORE_SEARCH_get_type(const OSSL_STORE_SEARCH *criterion);
+X509_NAME *OSSL_STORE_SEARCH_get0_name(const OSSL_STORE_SEARCH *criterion);
+const ASN1_INTEGER *OSSL_STORE_SEARCH_get0_serial(const OSSL_STORE_SEARCH
+ *criterion);
+const unsigned char *OSSL_STORE_SEARCH_get0_bytes(const OSSL_STORE_SEARCH
+ *criterion, size_t *length);
+const char *OSSL_STORE_SEARCH_get0_string(const OSSL_STORE_SEARCH *criterion);
+const EVP_MD *OSSL_STORE_SEARCH_get0_digest(const OSSL_STORE_SEARCH *criterion);
+
+/*
+ * Add search criterion and expected return type (which can be unspecified)
+ * to the loading channel. This MUST happen before the first OSSL_STORE_load().
+ */
+int OSSL_STORE_expect(OSSL_STORE_CTX *ctx, int expected_type);
+int OSSL_STORE_find(OSSL_STORE_CTX *ctx, const OSSL_STORE_SEARCH *search);
+
+
+/*-
+ * Function to register a loader for the given URI scheme.
+ * -------------------------------------------------------
+ *
+ * The loader receives all the main components of an URI except for the
+ * scheme.
+ */
+
+typedef struct ossl_store_loader_st OSSL_STORE_LOADER;
+OSSL_STORE_LOADER *OSSL_STORE_LOADER_new(ENGINE *e, const char *scheme);
+const ENGINE *OSSL_STORE_LOADER_get0_engine(const OSSL_STORE_LOADER *loader);
+const char *OSSL_STORE_LOADER_get0_scheme(const OSSL_STORE_LOADER *loader);
+/* struct ossl_store_loader_ctx_st is defined differently by each loader */
+typedef struct ossl_store_loader_ctx_st OSSL_STORE_LOADER_CTX;
+typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_fn)(const OSSL_STORE_LOADER
+ *loader,
+ const char *uri,
+ const UI_METHOD *ui_method,
+ void *ui_data);
+int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *loader,
+ OSSL_STORE_open_fn open_function);
+typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_attach_fn)(const OSSL_STORE_LOADER
+ *loader,
+ BIO *bio,
+ OPENSSL_CTX *libctx,
+ const char *propq,
+ const UI_METHOD
+ *ui_method,
+ void *ui_data);
+int OSSL_STORE_LOADER_set_attach(OSSL_STORE_LOADER *loader,
+ OSSL_STORE_attach_fn attach_function);
+typedef int (*OSSL_STORE_ctrl_fn)(OSSL_STORE_LOADER_CTX *ctx, int cmd,
+ va_list args);
+int OSSL_STORE_LOADER_set_ctrl(OSSL_STORE_LOADER *loader,
+ OSSL_STORE_ctrl_fn ctrl_function);
+typedef int (*OSSL_STORE_expect_fn)(OSSL_STORE_LOADER_CTX *ctx, int expected);
+int OSSL_STORE_LOADER_set_expect(OSSL_STORE_LOADER *loader,
+ OSSL_STORE_expect_fn expect_function);
+typedef int (*OSSL_STORE_find_fn)(OSSL_STORE_LOADER_CTX *ctx,
+ const OSSL_STORE_SEARCH *criteria);
+int OSSL_STORE_LOADER_set_find(OSSL_STORE_LOADER *loader,
+ OSSL_STORE_find_fn find_function);
+typedef OSSL_STORE_INFO *(*OSSL_STORE_load_fn)(OSSL_STORE_LOADER_CTX *ctx,
+ const UI_METHOD *ui_method,
+ void *ui_data);
+int OSSL_STORE_LOADER_set_load(OSSL_STORE_LOADER *loader,
+ OSSL_STORE_load_fn load_function);
+typedef int (*OSSL_STORE_eof_fn)(OSSL_STORE_LOADER_CTX *ctx);
+int OSSL_STORE_LOADER_set_eof(OSSL_STORE_LOADER *loader,
+ OSSL_STORE_eof_fn eof_function);
+typedef int (*OSSL_STORE_error_fn)(OSSL_STORE_LOADER_CTX *ctx);
+int OSSL_STORE_LOADER_set_error(OSSL_STORE_LOADER *loader,
+ OSSL_STORE_error_fn error_function);
+typedef int (*OSSL_STORE_close_fn)(OSSL_STORE_LOADER_CTX *ctx);
+int OSSL_STORE_LOADER_set_close(OSSL_STORE_LOADER *loader,
+ OSSL_STORE_close_fn close_function);
+void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *loader);
+
+int OSSL_STORE_register_loader(OSSL_STORE_LOADER *loader);
+OSSL_STORE_LOADER *OSSL_STORE_unregister_loader(const char *scheme);
+
+/*-
+ * Functions to list STORE loaders
+ * -------------------------------
+ */
+int OSSL_STORE_do_all_loaders(void (*do_function) (const OSSL_STORE_LOADER
+ *loader, void *do_arg),
+ void *do_arg);
+
+# ifdef __cplusplus
+}
+# endif
+#endif
diff --git a/openssl/include/openssl/storeerr.h b/openssl/include/openssl/storeerr.h new file mode 100644 index 00000000..0f03c698 --- /dev/null +++ b/openssl/include/openssl/storeerr.h @@ -0,0 +1,94 @@ +/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_OSSL_STOREERR_H
+# define OPENSSL_OSSL_STOREERR_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+
+
+# ifdef __cplusplus
+extern "C"
+# endif
+int ERR_load_OSSL_STORE_strings(void);
+
+/*
+ * OSSL_STORE function codes.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define OSSL_STORE_F_FILE_ATTACH 0
+# define OSSL_STORE_F_FILE_CTRL 0
+# define OSSL_STORE_F_FILE_FIND 0
+# define OSSL_STORE_F_FILE_GET_PASS 0
+# define OSSL_STORE_F_FILE_LOAD 0
+# define OSSL_STORE_F_FILE_LOAD_TRY_DECODE 0
+# define OSSL_STORE_F_FILE_NAME_TO_URI 0
+# define OSSL_STORE_F_FILE_OPEN 0
+# define OSSL_STORE_F_OSSL_STORE_ATTACH 0
+# define OSSL_STORE_F_OSSL_STORE_EXPECT 0
+# define OSSL_STORE_F_OSSL_STORE_FIND 0
+# define OSSL_STORE_F_OSSL_STORE_GET0_LOADER_INT 0
+# define OSSL_STORE_F_OSSL_STORE_INFO_GET1_CERT 0
+# define OSSL_STORE_F_OSSL_STORE_INFO_GET1_CRL 0
+# define OSSL_STORE_F_OSSL_STORE_INFO_GET1_NAME 0
+# define OSSL_STORE_F_OSSL_STORE_INFO_GET1_NAME_DESCRIPTION 0
+# define OSSL_STORE_F_OSSL_STORE_INFO_GET1_PARAMS 0
+# define OSSL_STORE_F_OSSL_STORE_INFO_GET1_PKEY 0
+# define OSSL_STORE_F_OSSL_STORE_INFO_NEW_CERT 0
+# define OSSL_STORE_F_OSSL_STORE_INFO_NEW_CRL 0
+# define OSSL_STORE_F_OSSL_STORE_INFO_NEW_EMBEDDED 0
+# define OSSL_STORE_F_OSSL_STORE_INFO_NEW_NAME 0
+# define OSSL_STORE_F_OSSL_STORE_INFO_NEW_PARAMS 0
+# define OSSL_STORE_F_OSSL_STORE_INFO_NEW_PKEY 0
+# define OSSL_STORE_F_OSSL_STORE_INFO_SET0_NAME_DESCRIPTION 0
+# define OSSL_STORE_F_OSSL_STORE_INIT_ONCE 0
+# define OSSL_STORE_F_OSSL_STORE_LOADER_NEW 0
+# define OSSL_STORE_F_OSSL_STORE_OPEN 0
+# define OSSL_STORE_F_OSSL_STORE_OPEN_INT 0
+# define OSSL_STORE_F_OSSL_STORE_REGISTER_LOADER_INT 0
+# define OSSL_STORE_F_OSSL_STORE_SEARCH_BY_ALIAS 0
+# define OSSL_STORE_F_OSSL_STORE_SEARCH_BY_ISSUER_SERIAL 0
+# define OSSL_STORE_F_OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT 0
+# define OSSL_STORE_F_OSSL_STORE_SEARCH_BY_NAME 0
+# define OSSL_STORE_F_OSSL_STORE_UNREGISTER_LOADER_INT 0
+# define OSSL_STORE_F_TRY_DECODE_PARAMS 0
+# define OSSL_STORE_F_TRY_DECODE_PKCS12 0
+# define OSSL_STORE_F_TRY_DECODE_PKCS8ENCRYPTED 0
+# endif
+
+/*
+ * OSSL_STORE reason codes.
+ */
+# define OSSL_STORE_R_AMBIGUOUS_CONTENT_TYPE 107
+# define OSSL_STORE_R_BAD_PASSWORD_READ 115
+# define OSSL_STORE_R_ERROR_VERIFYING_PKCS12_MAC 113
+# define OSSL_STORE_R_FINGERPRINT_SIZE_DOES_NOT_MATCH_DIGEST 121
+# define OSSL_STORE_R_INVALID_SCHEME 106
+# define OSSL_STORE_R_IS_NOT_A 112
+# define OSSL_STORE_R_LOADER_INCOMPLETE 116
+# define OSSL_STORE_R_LOADING_STARTED 117
+# define OSSL_STORE_R_NOT_A_CERTIFICATE 100
+# define OSSL_STORE_R_NOT_A_CRL 101
+# define OSSL_STORE_R_NOT_A_KEY 102
+# define OSSL_STORE_R_NOT_A_NAME 103
+# define OSSL_STORE_R_NOT_PARAMETERS 104
+# define OSSL_STORE_R_PASSPHRASE_CALLBACK_ERROR 114
+# define OSSL_STORE_R_PATH_MUST_BE_ABSOLUTE 108
+# define OSSL_STORE_R_SEARCH_ONLY_SUPPORTED_FOR_DIRECTORIES 119
+# define OSSL_STORE_R_UI_PROCESS_INTERRUPTED_OR_CANCELLED 109
+# define OSSL_STORE_R_UNREGISTERED_SCHEME 105
+# define OSSL_STORE_R_UNSUPPORTED_CONTENT_TYPE 110
+# define OSSL_STORE_R_UNSUPPORTED_OPERATION 118
+# define OSSL_STORE_R_UNSUPPORTED_SEARCH_TYPE 120
+# define OSSL_STORE_R_URI_AUTHORITY_UNSUPPORTED 111
+
+#endif
diff --git a/openssl/include/openssl/symhacks.h b/openssl/include/openssl/symhacks.h new file mode 100644 index 00000000..f731d37f --- /dev/null +++ b/openssl/include/openssl/symhacks.h @@ -0,0 +1,43 @@ +/*
+ * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_SYMHACKS_H
+# define OPENSSL_SYMHACKS_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_SYMHACKS_H
+# endif
+
+# include <openssl/e_os2.h>
+
+/* Case insensitive linking causes problems.... */
+# if defined(OPENSSL_SYS_VMS)
+# undef ERR_load_CRYPTO_strings
+# define ERR_load_CRYPTO_strings ERR_load_CRYPTOlib_strings
+# undef OCSP_crlID_new
+# define OCSP_crlID_new OCSP_crlID2_new
+
+# undef d2i_ECPARAMETERS
+# define d2i_ECPARAMETERS d2i_UC_ECPARAMETERS
+# undef i2d_ECPARAMETERS
+# define i2d_ECPARAMETERS i2d_UC_ECPARAMETERS
+# undef d2i_ECPKPARAMETERS
+# define d2i_ECPKPARAMETERS d2i_UC_ECPKPARAMETERS
+# undef i2d_ECPKPARAMETERS
+# define i2d_ECPKPARAMETERS i2d_UC_ECPKPARAMETERS
+
+/* This one clashes with CMS_data_create */
+# undef cms_Data_create
+# define cms_Data_create priv_cms_Data_create
+
+# endif
+
+#endif /* ! defined HEADER_VMS_IDHACKS_H */
diff --git a/openssl/include/openssl/tls1.h b/openssl/include/openssl/tls1.h new file mode 100644 index 00000000..2412db61 --- /dev/null +++ b/openssl/include/openssl/tls1.h @@ -0,0 +1,1220 @@ +/*
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_TLS1_H
+# define OPENSSL_TLS1_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_TLS1_H
+# endif
+
+# include <openssl/buffer.h>
+# include <openssl/x509.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Default security level if not overridden at config time */
+# ifndef OPENSSL_TLS_SECURITY_LEVEL
+# define OPENSSL_TLS_SECURITY_LEVEL 1
+# endif
+
+# define TLS1_VERSION 0x0301
+# define TLS1_1_VERSION 0x0302
+# define TLS1_2_VERSION 0x0303
+# define TLS1_3_VERSION 0x0304
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define TLS_MAX_VERSION TLS1_3_VERSION
+# endif
+
+/* Special value for method supporting multiple versions */
+# define TLS_ANY_VERSION 0x10000
+
+# define TLS1_VERSION_MAJOR 0x03
+# define TLS1_VERSION_MINOR 0x01
+
+# define TLS1_1_VERSION_MAJOR 0x03
+# define TLS1_1_VERSION_MINOR 0x02
+
+# define TLS1_2_VERSION_MAJOR 0x03
+# define TLS1_2_VERSION_MINOR 0x03
+
+# define TLS1_get_version(s) \
+ ((SSL_version(s) >> 8) == TLS1_VERSION_MAJOR ? SSL_version(s) : 0)
+
+# define TLS1_get_client_version(s) \
+ ((SSL_client_version(s) >> 8) == TLS1_VERSION_MAJOR ? SSL_client_version(s) : 0)
+
+# define TLS1_AD_DECRYPTION_FAILED 21
+# define TLS1_AD_RECORD_OVERFLOW 22
+# define TLS1_AD_UNKNOWN_CA 48/* fatal */
+# define TLS1_AD_ACCESS_DENIED 49/* fatal */
+# define TLS1_AD_DECODE_ERROR 50/* fatal */
+# define TLS1_AD_DECRYPT_ERROR 51
+# define TLS1_AD_EXPORT_RESTRICTION 60/* fatal */
+# define TLS1_AD_PROTOCOL_VERSION 70/* fatal */
+# define TLS1_AD_INSUFFICIENT_SECURITY 71/* fatal */
+# define TLS1_AD_INTERNAL_ERROR 80/* fatal */
+# define TLS1_AD_INAPPROPRIATE_FALLBACK 86/* fatal */
+# define TLS1_AD_USER_CANCELLED 90
+# define TLS1_AD_NO_RENEGOTIATION 100
+/* TLSv1.3 alerts */
+# define TLS13_AD_MISSING_EXTENSION 109 /* fatal */
+# define TLS13_AD_CERTIFICATE_REQUIRED 116 /* fatal */
+/* codes 110-114 are from RFC3546 */
+# define TLS1_AD_UNSUPPORTED_EXTENSION 110
+# define TLS1_AD_CERTIFICATE_UNOBTAINABLE 111
+# define TLS1_AD_UNRECOGNIZED_NAME 112
+# define TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE 113
+# define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE 114
+# define TLS1_AD_UNKNOWN_PSK_IDENTITY 115/* fatal */
+# define TLS1_AD_NO_APPLICATION_PROTOCOL 120 /* fatal */
+
+/* ExtensionType values from RFC3546 / RFC4366 / RFC6066 */
+# define TLSEXT_TYPE_server_name 0
+# define TLSEXT_TYPE_max_fragment_length 1
+# define TLSEXT_TYPE_client_certificate_url 2
+# define TLSEXT_TYPE_trusted_ca_keys 3
+# define TLSEXT_TYPE_truncated_hmac 4
+# define TLSEXT_TYPE_status_request 5
+/* ExtensionType values from RFC4681 */
+# define TLSEXT_TYPE_user_mapping 6
+/* ExtensionType values from RFC5878 */
+# define TLSEXT_TYPE_client_authz 7
+# define TLSEXT_TYPE_server_authz 8
+/* ExtensionType values from RFC6091 */
+# define TLSEXT_TYPE_cert_type 9
+
+/* ExtensionType values from RFC4492 */
+/*
+ * Prior to TLSv1.3 the supported_groups extension was known as
+ * elliptic_curves
+ */
+# define TLSEXT_TYPE_supported_groups 10
+# define TLSEXT_TYPE_elliptic_curves TLSEXT_TYPE_supported_groups
+# define TLSEXT_TYPE_ec_point_formats 11
+
+
+/* ExtensionType value from RFC5054 */
+# define TLSEXT_TYPE_srp 12
+
+/* ExtensionType values from RFC5246 */
+# define TLSEXT_TYPE_signature_algorithms 13
+
+/* ExtensionType value from RFC5764 */
+# define TLSEXT_TYPE_use_srtp 14
+
+/* ExtensionType value from RFC7301 */
+# define TLSEXT_TYPE_application_layer_protocol_negotiation 16
+
+/*
+ * Extension type for Certificate Transparency
+ * https://tools.ietf.org/html/rfc6962#section-3.3.1
+ */
+# define TLSEXT_TYPE_signed_certificate_timestamp 18
+
+/*
+ * ExtensionType value for TLS padding extension.
+ * http://tools.ietf.org/html/draft-agl-tls-padding
+ */
+# define TLSEXT_TYPE_padding 21
+
+/* ExtensionType value from RFC7366 */
+# define TLSEXT_TYPE_encrypt_then_mac 22
+
+/* ExtensionType value from RFC7627 */
+# define TLSEXT_TYPE_extended_master_secret 23
+
+/* ExtensionType value from RFC4507 */
+# define TLSEXT_TYPE_session_ticket 35
+
+/* As defined for TLS1.3 */
+# define TLSEXT_TYPE_psk 41
+# define TLSEXT_TYPE_early_data 42
+# define TLSEXT_TYPE_supported_versions 43
+# define TLSEXT_TYPE_cookie 44
+# define TLSEXT_TYPE_psk_kex_modes 45
+# define TLSEXT_TYPE_certificate_authorities 47
+# define TLSEXT_TYPE_post_handshake_auth 49
+# define TLSEXT_TYPE_signature_algorithms_cert 50
+# define TLSEXT_TYPE_key_share 51
+
+/* Temporary extension type */
+# define TLSEXT_TYPE_renegotiate 0xff01
+
+# ifndef OPENSSL_NO_NEXTPROTONEG
+/* This is not an IANA defined extension number */
+# define TLSEXT_TYPE_next_proto_neg 13172
+# endif
+
+/* NameType value from RFC3546 */
+# define TLSEXT_NAMETYPE_host_name 0
+/* status request value from RFC3546 */
+# define TLSEXT_STATUSTYPE_ocsp 1
+
+/* ECPointFormat values from RFC4492 */
+# define TLSEXT_ECPOINTFORMAT_first 0
+# define TLSEXT_ECPOINTFORMAT_uncompressed 0
+# define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime 1
+# define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2 2
+# define TLSEXT_ECPOINTFORMAT_last 2
+
+/* Signature and hash algorithms from RFC5246 */
+# define TLSEXT_signature_anonymous 0
+# define TLSEXT_signature_rsa 1
+# define TLSEXT_signature_dsa 2
+# define TLSEXT_signature_ecdsa 3
+# define TLSEXT_signature_gostr34102001 237
+# define TLSEXT_signature_gostr34102012_256 238
+# define TLSEXT_signature_gostr34102012_512 239
+
+/* Total number of different signature algorithms */
+# define TLSEXT_signature_num 7
+
+# define TLSEXT_hash_none 0
+# define TLSEXT_hash_md5 1
+# define TLSEXT_hash_sha1 2
+# define TLSEXT_hash_sha224 3
+# define TLSEXT_hash_sha256 4
+# define TLSEXT_hash_sha384 5
+# define TLSEXT_hash_sha512 6
+# define TLSEXT_hash_gostr3411 237
+# define TLSEXT_hash_gostr34112012_256 238
+# define TLSEXT_hash_gostr34112012_512 239
+
+/* Total number of different digest algorithms */
+
+# define TLSEXT_hash_num 10
+
+/* Flag set for unrecognised algorithms */
+# define TLSEXT_nid_unknown 0x1000000
+
+/* ECC curves */
+
+# define TLSEXT_curve_P_256 23
+# define TLSEXT_curve_P_384 24
+
+/* OpenSSL value to disable maximum fragment length extension */
+# define TLSEXT_max_fragment_length_DISABLED 0
+/* Allowed values for max fragment length extension */
+# define TLSEXT_max_fragment_length_512 1
+# define TLSEXT_max_fragment_length_1024 2
+# define TLSEXT_max_fragment_length_2048 3
+# define TLSEXT_max_fragment_length_4096 4
+
+int SSL_CTX_set_tlsext_max_fragment_length(SSL_CTX *ctx, uint8_t mode);
+int SSL_set_tlsext_max_fragment_length(SSL *ssl, uint8_t mode);
+
+# define TLSEXT_MAXLEN_host_name 255
+
+__owur const char *SSL_get_servername(const SSL *s, const int type);
+__owur int SSL_get_servername_type(const SSL *s);
+/*
+ * SSL_export_keying_material exports a value derived from the master secret,
+ * as specified in RFC 5705. It writes |olen| bytes to |out| given a label and
+ * optional context. (Since a zero length context is allowed, the |use_context|
+ * flag controls whether a context is included.) It returns 1 on success and
+ * 0 or -1 otherwise.
+ */
+__owur int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
+ const char *label, size_t llen,
+ const unsigned char *context,
+ size_t contextlen, int use_context);
+
+/*
+ * SSL_export_keying_material_early exports a value derived from the
+ * early exporter master secret, as specified in
+ * https://tools.ietf.org/html/draft-ietf-tls-tls13-23. It writes
+ * |olen| bytes to |out| given a label and optional context. It
+ * returns 1 on success and 0 otherwise.
+ */
+__owur int SSL_export_keying_material_early(SSL *s, unsigned char *out,
+ size_t olen, const char *label,
+ size_t llen,
+ const unsigned char *context,
+ size_t contextlen);
+
+int SSL_get_peer_signature_type_nid(const SSL *s, int *pnid);
+int SSL_get_signature_type_nid(const SSL *s, int *pnid);
+
+int SSL_get_sigalgs(SSL *s, int idx,
+ int *psign, int *phash, int *psignandhash,
+ unsigned char *rsig, unsigned char *rhash);
+
+int SSL_get_shared_sigalgs(SSL *s, int idx,
+ int *psign, int *phash, int *psignandhash,
+ unsigned char *rsig, unsigned char *rhash);
+
+__owur int SSL_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain);
+
+# define SSL_set_tlsext_host_name(s,name) \
+ SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name,\
+ (void *)name)
+
+# define SSL_set_tlsext_debug_callback(ssl, cb) \
+ SSL_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_CB,\
+ (void (*)(void))cb)
+
+# define SSL_set_tlsext_debug_arg(ssl, arg) \
+ SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_ARG,0,arg)
+
+# define SSL_get_tlsext_status_type(ssl) \
+ SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE,0,NULL)
+
+# define SSL_set_tlsext_status_type(ssl, type) \
+ SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE,type,NULL)
+
+# define SSL_get_tlsext_status_exts(ssl, arg) \
+ SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS,0,arg)
+
+# define SSL_set_tlsext_status_exts(ssl, arg) \
+ SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS,0,arg)
+
+# define SSL_get_tlsext_status_ids(ssl, arg) \
+ SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS,0,arg)
+
+# define SSL_set_tlsext_status_ids(ssl, arg) \
+ SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS,0,arg)
+
+# define SSL_get_tlsext_status_ocsp_resp(ssl, arg) \
+ SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP,0,arg)
+
+# define SSL_set_tlsext_status_ocsp_resp(ssl, arg, arglen) \
+ SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP,arglen,arg)
+
+# define SSL_CTX_set_tlsext_servername_callback(ctx, cb) \
+ SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_CB,\
+ (void (*)(void))cb)
+
+# define SSL_TLSEXT_ERR_OK 0
+# define SSL_TLSEXT_ERR_ALERT_WARNING 1
+# define SSL_TLSEXT_ERR_ALERT_FATAL 2
+# define SSL_TLSEXT_ERR_NOACK 3
+
+# define SSL_CTX_set_tlsext_servername_arg(ctx, arg) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG,0,arg)
+
+# define SSL_CTX_get_tlsext_ticket_keys(ctx, keys, keylen) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_GET_TLSEXT_TICKET_KEYS,keylen,keys)
+# define SSL_CTX_set_tlsext_ticket_keys(ctx, keys, keylen) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_TICKET_KEYS,keylen,keys)
+
+# define SSL_CTX_get_tlsext_status_cb(ssl, cb) \
+ SSL_CTX_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB,0,(void *)cb)
+# define SSL_CTX_set_tlsext_status_cb(ssl, cb) \
+ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB,\
+ (void (*)(void))cb)
+
+# define SSL_CTX_get_tlsext_status_arg(ssl, arg) \
+ SSL_CTX_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG,0,arg)
+# define SSL_CTX_set_tlsext_status_arg(ssl, arg) \
+ SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG,0,arg)
+
+# define SSL_CTX_set_tlsext_status_type(ssl, type) \
+ SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE,type,NULL)
+
+# define SSL_CTX_get_tlsext_status_type(ssl) \
+ SSL_CTX_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE,0,NULL)
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define SSL_CTX_set_tlsext_ticket_key_cb(ssl, cb) \
+ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,\
+ (void (*)(void))cb)
+# endif
+int SSL_CTX_set_tlsext_ticket_key_evp_cb
+ (SSL_CTX *ctx, int (*fp)(SSL *, unsigned char *, unsigned char *,
+ EVP_CIPHER_CTX *, EVP_MAC_CTX *, int));
+
+/* PSK ciphersuites from 4279 */
+# define TLS1_CK_PSK_WITH_RC4_128_SHA 0x0300008A
+# define TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA 0x0300008B
+# define TLS1_CK_PSK_WITH_AES_128_CBC_SHA 0x0300008C
+# define TLS1_CK_PSK_WITH_AES_256_CBC_SHA 0x0300008D
+# define TLS1_CK_DHE_PSK_WITH_RC4_128_SHA 0x0300008E
+# define TLS1_CK_DHE_PSK_WITH_3DES_EDE_CBC_SHA 0x0300008F
+# define TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA 0x03000090
+# define TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA 0x03000091
+# define TLS1_CK_RSA_PSK_WITH_RC4_128_SHA 0x03000092
+# define TLS1_CK_RSA_PSK_WITH_3DES_EDE_CBC_SHA 0x03000093
+# define TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA 0x03000094
+# define TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA 0x03000095
+
+/* PSK ciphersuites from 5487 */
+# define TLS1_CK_PSK_WITH_AES_128_GCM_SHA256 0x030000A8
+# define TLS1_CK_PSK_WITH_AES_256_GCM_SHA384 0x030000A9
+# define TLS1_CK_DHE_PSK_WITH_AES_128_GCM_SHA256 0x030000AA
+# define TLS1_CK_DHE_PSK_WITH_AES_256_GCM_SHA384 0x030000AB
+# define TLS1_CK_RSA_PSK_WITH_AES_128_GCM_SHA256 0x030000AC
+# define TLS1_CK_RSA_PSK_WITH_AES_256_GCM_SHA384 0x030000AD
+# define TLS1_CK_PSK_WITH_AES_128_CBC_SHA256 0x030000AE
+# define TLS1_CK_PSK_WITH_AES_256_CBC_SHA384 0x030000AF
+# define TLS1_CK_PSK_WITH_NULL_SHA256 0x030000B0
+# define TLS1_CK_PSK_WITH_NULL_SHA384 0x030000B1
+# define TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA256 0x030000B2
+# define TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA384 0x030000B3
+# define TLS1_CK_DHE_PSK_WITH_NULL_SHA256 0x030000B4
+# define TLS1_CK_DHE_PSK_WITH_NULL_SHA384 0x030000B5
+# define TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA256 0x030000B6
+# define TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA384 0x030000B7
+# define TLS1_CK_RSA_PSK_WITH_NULL_SHA256 0x030000B8
+# define TLS1_CK_RSA_PSK_WITH_NULL_SHA384 0x030000B9
+
+/* NULL PSK ciphersuites from RFC4785 */
+# define TLS1_CK_PSK_WITH_NULL_SHA 0x0300002C
+# define TLS1_CK_DHE_PSK_WITH_NULL_SHA 0x0300002D
+# define TLS1_CK_RSA_PSK_WITH_NULL_SHA 0x0300002E
+
+/* AES ciphersuites from RFC3268 */
+# define TLS1_CK_RSA_WITH_AES_128_SHA 0x0300002F
+# define TLS1_CK_DH_DSS_WITH_AES_128_SHA 0x03000030
+# define TLS1_CK_DH_RSA_WITH_AES_128_SHA 0x03000031
+# define TLS1_CK_DHE_DSS_WITH_AES_128_SHA 0x03000032
+# define TLS1_CK_DHE_RSA_WITH_AES_128_SHA 0x03000033
+# define TLS1_CK_ADH_WITH_AES_128_SHA 0x03000034
+# define TLS1_CK_RSA_WITH_AES_256_SHA 0x03000035
+# define TLS1_CK_DH_DSS_WITH_AES_256_SHA 0x03000036
+# define TLS1_CK_DH_RSA_WITH_AES_256_SHA 0x03000037
+# define TLS1_CK_DHE_DSS_WITH_AES_256_SHA 0x03000038
+# define TLS1_CK_DHE_RSA_WITH_AES_256_SHA 0x03000039
+# define TLS1_CK_ADH_WITH_AES_256_SHA 0x0300003A
+
+/* TLS v1.2 ciphersuites */
+# define TLS1_CK_RSA_WITH_NULL_SHA256 0x0300003B
+# define TLS1_CK_RSA_WITH_AES_128_SHA256 0x0300003C
+# define TLS1_CK_RSA_WITH_AES_256_SHA256 0x0300003D
+# define TLS1_CK_DH_DSS_WITH_AES_128_SHA256 0x0300003E
+# define TLS1_CK_DH_RSA_WITH_AES_128_SHA256 0x0300003F
+# define TLS1_CK_DHE_DSS_WITH_AES_128_SHA256 0x03000040
+
+/* Camellia ciphersuites from RFC4132 */
+# define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000041
+# define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA 0x03000042
+# define TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000043
+# define TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA 0x03000044
+# define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000045
+# define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA 0x03000046
+
+/* TLS v1.2 ciphersuites */
+# define TLS1_CK_DHE_RSA_WITH_AES_128_SHA256 0x03000067
+# define TLS1_CK_DH_DSS_WITH_AES_256_SHA256 0x03000068
+# define TLS1_CK_DH_RSA_WITH_AES_256_SHA256 0x03000069
+# define TLS1_CK_DHE_DSS_WITH_AES_256_SHA256 0x0300006A
+# define TLS1_CK_DHE_RSA_WITH_AES_256_SHA256 0x0300006B
+# define TLS1_CK_ADH_WITH_AES_128_SHA256 0x0300006C
+# define TLS1_CK_ADH_WITH_AES_256_SHA256 0x0300006D
+
+/* Camellia ciphersuites from RFC4132 */
+# define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000084
+# define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA 0x03000085
+# define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000086
+# define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA 0x03000087
+# define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000088
+# define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA 0x03000089
+
+/* SEED ciphersuites from RFC4162 */
+# define TLS1_CK_RSA_WITH_SEED_SHA 0x03000096
+# define TLS1_CK_DH_DSS_WITH_SEED_SHA 0x03000097
+# define TLS1_CK_DH_RSA_WITH_SEED_SHA 0x03000098
+# define TLS1_CK_DHE_DSS_WITH_SEED_SHA 0x03000099
+# define TLS1_CK_DHE_RSA_WITH_SEED_SHA 0x0300009A
+# define TLS1_CK_ADH_WITH_SEED_SHA 0x0300009B
+
+/* TLS v1.2 GCM ciphersuites from RFC5288 */
+# define TLS1_CK_RSA_WITH_AES_128_GCM_SHA256 0x0300009C
+# define TLS1_CK_RSA_WITH_AES_256_GCM_SHA384 0x0300009D
+# define TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256 0x0300009E
+# define TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384 0x0300009F
+# define TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256 0x030000A0
+# define TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384 0x030000A1
+# define TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256 0x030000A2
+# define TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384 0x030000A3
+# define TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256 0x030000A4
+# define TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384 0x030000A5
+# define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256 0x030000A6
+# define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384 0x030000A7
+
+/* CCM ciphersuites from RFC6655 */
+# define TLS1_CK_RSA_WITH_AES_128_CCM 0x0300C09C
+# define TLS1_CK_RSA_WITH_AES_256_CCM 0x0300C09D
+# define TLS1_CK_DHE_RSA_WITH_AES_128_CCM 0x0300C09E
+# define TLS1_CK_DHE_RSA_WITH_AES_256_CCM 0x0300C09F
+# define TLS1_CK_RSA_WITH_AES_128_CCM_8 0x0300C0A0
+# define TLS1_CK_RSA_WITH_AES_256_CCM_8 0x0300C0A1
+# define TLS1_CK_DHE_RSA_WITH_AES_128_CCM_8 0x0300C0A2
+# define TLS1_CK_DHE_RSA_WITH_AES_256_CCM_8 0x0300C0A3
+# define TLS1_CK_PSK_WITH_AES_128_CCM 0x0300C0A4
+# define TLS1_CK_PSK_WITH_AES_256_CCM 0x0300C0A5
+# define TLS1_CK_DHE_PSK_WITH_AES_128_CCM 0x0300C0A6
+# define TLS1_CK_DHE_PSK_WITH_AES_256_CCM 0x0300C0A7
+# define TLS1_CK_PSK_WITH_AES_128_CCM_8 0x0300C0A8
+# define TLS1_CK_PSK_WITH_AES_256_CCM_8 0x0300C0A9
+# define TLS1_CK_DHE_PSK_WITH_AES_128_CCM_8 0x0300C0AA
+# define TLS1_CK_DHE_PSK_WITH_AES_256_CCM_8 0x0300C0AB
+
+/* CCM ciphersuites from RFC7251 */
+# define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM 0x0300C0AC
+# define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM 0x0300C0AD
+# define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM_8 0x0300C0AE
+# define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM_8 0x0300C0AF
+
+/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
+# define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BA
+# define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 0x030000BB
+# define TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BC
+# define TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 0x030000BD
+# define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x030000BE
+# define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256 0x030000BF
+
+# define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C0
+# define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 0x030000C1
+# define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C2
+# define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 0x030000C3
+# define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0x030000C4
+# define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256 0x030000C5
+
+/* ECC ciphersuites from RFC4492 */
+# define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA 0x0300C001
+# define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA 0x0300C002
+# define TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA 0x0300C003
+# define TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0x0300C004
+# define TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0x0300C005
+
+# define TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA 0x0300C006
+# define TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA 0x0300C007
+# define TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA 0x0300C008
+# define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0x0300C009
+# define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0x0300C00A
+
+# define TLS1_CK_ECDH_RSA_WITH_NULL_SHA 0x0300C00B
+# define TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA 0x0300C00C
+# define TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA 0x0300C00D
+# define TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA 0x0300C00E
+# define TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA 0x0300C00F
+
+# define TLS1_CK_ECDHE_RSA_WITH_NULL_SHA 0x0300C010
+# define TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA 0x0300C011
+# define TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA 0x0300C012
+# define TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA 0x0300C013
+# define TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA 0x0300C014
+
+# define TLS1_CK_ECDH_anon_WITH_NULL_SHA 0x0300C015
+# define TLS1_CK_ECDH_anon_WITH_RC4_128_SHA 0x0300C016
+# define TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA 0x0300C017
+# define TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA 0x0300C018
+# define TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA 0x0300C019
+
+/* SRP ciphersuites from RFC 5054 */
+# define TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA 0x0300C01A
+# define TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA 0x0300C01B
+# define TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA 0x0300C01C
+# define TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA 0x0300C01D
+# define TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA 0x0300C01E
+# define TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA 0x0300C01F
+# define TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA 0x0300C020
+# define TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA 0x0300C021
+# define TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA 0x0300C022
+
+/* ECDH HMAC based ciphersuites from RFC5289 */
+# define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256 0x0300C023
+# define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384 0x0300C024
+# define TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256 0x0300C025
+# define TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384 0x0300C026
+# define TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256 0x0300C027
+# define TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384 0x0300C028
+# define TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256 0x0300C029
+# define TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384 0x0300C02A
+
+/* ECDH GCM based ciphersuites from RFC5289 */
+# define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0x0300C02B
+# define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0x0300C02C
+# define TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0x0300C02D
+# define TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0x0300C02E
+# define TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0x0300C02F
+# define TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0x0300C030
+# define TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256 0x0300C031
+# define TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384 0x0300C032
+
+/* ECDHE PSK ciphersuites from RFC5489 */
+# define TLS1_CK_ECDHE_PSK_WITH_RC4_128_SHA 0x0300C033
+# define TLS1_CK_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA 0x0300C034
+# define TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA 0x0300C035
+# define TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA 0x0300C036
+
+# define TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256 0x0300C037
+# define TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384 0x0300C038
+
+/* NULL PSK ciphersuites from RFC4785 */
+# define TLS1_CK_ECDHE_PSK_WITH_NULL_SHA 0x0300C039
+# define TLS1_CK_ECDHE_PSK_WITH_NULL_SHA256 0x0300C03A
+# define TLS1_CK_ECDHE_PSK_WITH_NULL_SHA384 0x0300C03B
+
+/* Camellia-CBC ciphersuites from RFC6367 */
+# define TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0x0300C072
+# define TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0x0300C073
+# define TLS1_CK_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0x0300C074
+# define TLS1_CK_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0x0300C075
+# define TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x0300C076
+# define TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 0x0300C077
+# define TLS1_CK_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0x0300C078
+# define TLS1_CK_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 0x0300C079
+
+# define TLS1_CK_PSK_WITH_CAMELLIA_128_CBC_SHA256 0x0300C094
+# define TLS1_CK_PSK_WITH_CAMELLIA_256_CBC_SHA384 0x0300C095
+# define TLS1_CK_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0x0300C096
+# define TLS1_CK_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0x0300C097
+# define TLS1_CK_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 0x0300C098
+# define TLS1_CK_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 0x0300C099
+# define TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0x0300C09A
+# define TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0x0300C09B
+
+/* draft-ietf-tls-chacha20-poly1305-03 */
+# define TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305 0x0300CCA8
+# define TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 0x0300CCA9
+# define TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305 0x0300CCAA
+# define TLS1_CK_PSK_WITH_CHACHA20_POLY1305 0x0300CCAB
+# define TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305 0x0300CCAC
+# define TLS1_CK_DHE_PSK_WITH_CHACHA20_POLY1305 0x0300CCAD
+# define TLS1_CK_RSA_PSK_WITH_CHACHA20_POLY1305 0x0300CCAE
+
+/* TLS v1.3 ciphersuites */
+# define TLS1_3_CK_AES_128_GCM_SHA256 0x03001301
+# define TLS1_3_CK_AES_256_GCM_SHA384 0x03001302
+# define TLS1_3_CK_CHACHA20_POLY1305_SHA256 0x03001303
+# define TLS1_3_CK_AES_128_CCM_SHA256 0x03001304
+# define TLS1_3_CK_AES_128_CCM_8_SHA256 0x03001305
+
+/* Aria ciphersuites from RFC6209 */
+# define TLS1_CK_RSA_WITH_ARIA_128_GCM_SHA256 0x0300C050
+# define TLS1_CK_RSA_WITH_ARIA_256_GCM_SHA384 0x0300C051
+# define TLS1_CK_DHE_RSA_WITH_ARIA_128_GCM_SHA256 0x0300C052
+# define TLS1_CK_DHE_RSA_WITH_ARIA_256_GCM_SHA384 0x0300C053
+# define TLS1_CK_DH_RSA_WITH_ARIA_128_GCM_SHA256 0x0300C054
+# define TLS1_CK_DH_RSA_WITH_ARIA_256_GCM_SHA384 0x0300C055
+# define TLS1_CK_DHE_DSS_WITH_ARIA_128_GCM_SHA256 0x0300C056
+# define TLS1_CK_DHE_DSS_WITH_ARIA_256_GCM_SHA384 0x0300C057
+# define TLS1_CK_DH_DSS_WITH_ARIA_128_GCM_SHA256 0x0300C058
+# define TLS1_CK_DH_DSS_WITH_ARIA_256_GCM_SHA384 0x0300C059
+# define TLS1_CK_DH_anon_WITH_ARIA_128_GCM_SHA256 0x0300C05A
+# define TLS1_CK_DH_anon_WITH_ARIA_256_GCM_SHA384 0x0300C05B
+# define TLS1_CK_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 0x0300C05C
+# define TLS1_CK_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 0x0300C05D
+# define TLS1_CK_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 0x0300C05E
+# define TLS1_CK_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 0x0300C05F
+# define TLS1_CK_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 0x0300C060
+# define TLS1_CK_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 0x0300C061
+# define TLS1_CK_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 0x0300C062
+# define TLS1_CK_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 0x0300C063
+# define TLS1_CK_PSK_WITH_ARIA_128_GCM_SHA256 0x0300C06A
+# define TLS1_CK_PSK_WITH_ARIA_256_GCM_SHA384 0x0300C06B
+# define TLS1_CK_DHE_PSK_WITH_ARIA_128_GCM_SHA256 0x0300C06C
+# define TLS1_CK_DHE_PSK_WITH_ARIA_256_GCM_SHA384 0x0300C06D
+# define TLS1_CK_RSA_PSK_WITH_ARIA_128_GCM_SHA256 0x0300C06E
+# define TLS1_CK_RSA_PSK_WITH_ARIA_256_GCM_SHA384 0x0300C06F
+
+/* a bundle of RFC standard cipher names, generated from ssl3_ciphers[] */
+# define TLS1_RFC_RSA_WITH_AES_128_SHA "TLS_RSA_WITH_AES_128_CBC_SHA"
+# define TLS1_RFC_DHE_DSS_WITH_AES_128_SHA "TLS_DHE_DSS_WITH_AES_128_CBC_SHA"
+# define TLS1_RFC_DHE_RSA_WITH_AES_128_SHA "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"
+# define TLS1_RFC_ADH_WITH_AES_128_SHA "TLS_DH_anon_WITH_AES_128_CBC_SHA"
+# define TLS1_RFC_RSA_WITH_AES_256_SHA "TLS_RSA_WITH_AES_256_CBC_SHA"
+# define TLS1_RFC_DHE_DSS_WITH_AES_256_SHA "TLS_DHE_DSS_WITH_AES_256_CBC_SHA"
+# define TLS1_RFC_DHE_RSA_WITH_AES_256_SHA "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"
+# define TLS1_RFC_ADH_WITH_AES_256_SHA "TLS_DH_anon_WITH_AES_256_CBC_SHA"
+# define TLS1_RFC_RSA_WITH_NULL_SHA256 "TLS_RSA_WITH_NULL_SHA256"
+# define TLS1_RFC_RSA_WITH_AES_128_SHA256 "TLS_RSA_WITH_AES_128_CBC_SHA256"
+# define TLS1_RFC_RSA_WITH_AES_256_SHA256 "TLS_RSA_WITH_AES_256_CBC_SHA256"
+# define TLS1_RFC_DHE_DSS_WITH_AES_128_SHA256 "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"
+# define TLS1_RFC_DHE_RSA_WITH_AES_128_SHA256 "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"
+# define TLS1_RFC_DHE_DSS_WITH_AES_256_SHA256 "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"
+# define TLS1_RFC_DHE_RSA_WITH_AES_256_SHA256 "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"
+# define TLS1_RFC_ADH_WITH_AES_128_SHA256 "TLS_DH_anon_WITH_AES_128_CBC_SHA256"
+# define TLS1_RFC_ADH_WITH_AES_256_SHA256 "TLS_DH_anon_WITH_AES_256_CBC_SHA256"
+# define TLS1_RFC_RSA_WITH_AES_128_GCM_SHA256 "TLS_RSA_WITH_AES_128_GCM_SHA256"
+# define TLS1_RFC_RSA_WITH_AES_256_GCM_SHA384 "TLS_RSA_WITH_AES_256_GCM_SHA384"
+# define TLS1_RFC_DHE_RSA_WITH_AES_128_GCM_SHA256 "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256"
+# define TLS1_RFC_DHE_RSA_WITH_AES_256_GCM_SHA384 "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384"
+# define TLS1_RFC_DHE_DSS_WITH_AES_128_GCM_SHA256 "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256"
+# define TLS1_RFC_DHE_DSS_WITH_AES_256_GCM_SHA384 "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384"
+# define TLS1_RFC_ADH_WITH_AES_128_GCM_SHA256 "TLS_DH_anon_WITH_AES_128_GCM_SHA256"
+# define TLS1_RFC_ADH_WITH_AES_256_GCM_SHA384 "TLS_DH_anon_WITH_AES_256_GCM_SHA384"
+# define TLS1_RFC_RSA_WITH_AES_128_CCM "TLS_RSA_WITH_AES_128_CCM"
+# define TLS1_RFC_RSA_WITH_AES_256_CCM "TLS_RSA_WITH_AES_256_CCM"
+# define TLS1_RFC_DHE_RSA_WITH_AES_128_CCM "TLS_DHE_RSA_WITH_AES_128_CCM"
+# define TLS1_RFC_DHE_RSA_WITH_AES_256_CCM "TLS_DHE_RSA_WITH_AES_256_CCM"
+# define TLS1_RFC_RSA_WITH_AES_128_CCM_8 "TLS_RSA_WITH_AES_128_CCM_8"
+# define TLS1_RFC_RSA_WITH_AES_256_CCM_8 "TLS_RSA_WITH_AES_256_CCM_8"
+# define TLS1_RFC_DHE_RSA_WITH_AES_128_CCM_8 "TLS_DHE_RSA_WITH_AES_128_CCM_8"
+# define TLS1_RFC_DHE_RSA_WITH_AES_256_CCM_8 "TLS_DHE_RSA_WITH_AES_256_CCM_8"
+# define TLS1_RFC_PSK_WITH_AES_128_CCM "TLS_PSK_WITH_AES_128_CCM"
+# define TLS1_RFC_PSK_WITH_AES_256_CCM "TLS_PSK_WITH_AES_256_CCM"
+# define TLS1_RFC_DHE_PSK_WITH_AES_128_CCM "TLS_DHE_PSK_WITH_AES_128_CCM"
+# define TLS1_RFC_DHE_PSK_WITH_AES_256_CCM "TLS_DHE_PSK_WITH_AES_256_CCM"
+# define TLS1_RFC_PSK_WITH_AES_128_CCM_8 "TLS_PSK_WITH_AES_128_CCM_8"
+# define TLS1_RFC_PSK_WITH_AES_256_CCM_8 "TLS_PSK_WITH_AES_256_CCM_8"
+# define TLS1_RFC_DHE_PSK_WITH_AES_128_CCM_8 "TLS_PSK_DHE_WITH_AES_128_CCM_8"
+# define TLS1_RFC_DHE_PSK_WITH_AES_256_CCM_8 "TLS_PSK_DHE_WITH_AES_256_CCM_8"
+# define TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM "TLS_ECDHE_ECDSA_WITH_AES_128_CCM"
+# define TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM "TLS_ECDHE_ECDSA_WITH_AES_256_CCM"
+# define TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM_8 "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8"
+# define TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM_8 "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8"
+# define TLS1_3_RFC_AES_128_GCM_SHA256 "TLS_AES_128_GCM_SHA256"
+# define TLS1_3_RFC_AES_256_GCM_SHA384 "TLS_AES_256_GCM_SHA384"
+# define TLS1_3_RFC_CHACHA20_POLY1305_SHA256 "TLS_CHACHA20_POLY1305_SHA256"
+# define TLS1_3_RFC_AES_128_CCM_SHA256 "TLS_AES_128_CCM_SHA256"
+# define TLS1_3_RFC_AES_128_CCM_8_SHA256 "TLS_AES_128_CCM_8_SHA256"
+# define TLS1_RFC_ECDHE_ECDSA_WITH_NULL_SHA "TLS_ECDHE_ECDSA_WITH_NULL_SHA"
+# define TLS1_RFC_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"
+# define TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CBC_SHA "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"
+# define TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CBC_SHA "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"
+# define TLS1_RFC_ECDHE_RSA_WITH_NULL_SHA "TLS_ECDHE_RSA_WITH_NULL_SHA"
+# define TLS1_RFC_ECDHE_RSA_WITH_DES_192_CBC3_SHA "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"
+# define TLS1_RFC_ECDHE_RSA_WITH_AES_128_CBC_SHA "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"
+# define TLS1_RFC_ECDHE_RSA_WITH_AES_256_CBC_SHA "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
+# define TLS1_RFC_ECDH_anon_WITH_NULL_SHA "TLS_ECDH_anon_WITH_NULL_SHA"
+# define TLS1_RFC_ECDH_anon_WITH_DES_192_CBC3_SHA "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA"
+# define TLS1_RFC_ECDH_anon_WITH_AES_128_CBC_SHA "TLS_ECDH_anon_WITH_AES_128_CBC_SHA"
+# define TLS1_RFC_ECDH_anon_WITH_AES_256_CBC_SHA "TLS_ECDH_anon_WITH_AES_256_CBC_SHA"
+# define TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_SHA256 "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"
+# define TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_SHA384 "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"
+# define TLS1_RFC_ECDHE_RSA_WITH_AES_128_SHA256 "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"
+# define TLS1_RFC_ECDHE_RSA_WITH_AES_256_SHA384 "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"
+# define TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"
+# define TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"
+# define TLS1_RFC_ECDHE_RSA_WITH_AES_128_GCM_SHA256 "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
+# define TLS1_RFC_ECDHE_RSA_WITH_AES_256_GCM_SHA384 "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
+# define TLS1_RFC_PSK_WITH_NULL_SHA "TLS_PSK_WITH_NULL_SHA"
+# define TLS1_RFC_DHE_PSK_WITH_NULL_SHA "TLS_DHE_PSK_WITH_NULL_SHA"
+# define TLS1_RFC_RSA_PSK_WITH_NULL_SHA "TLS_RSA_PSK_WITH_NULL_SHA"
+# define TLS1_RFC_PSK_WITH_3DES_EDE_CBC_SHA "TLS_PSK_WITH_3DES_EDE_CBC_SHA"
+# define TLS1_RFC_PSK_WITH_AES_128_CBC_SHA "TLS_PSK_WITH_AES_128_CBC_SHA"
+# define TLS1_RFC_PSK_WITH_AES_256_CBC_SHA "TLS_PSK_WITH_AES_256_CBC_SHA"
+# define TLS1_RFC_DHE_PSK_WITH_3DES_EDE_CBC_SHA "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA"
+# define TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA "TLS_DHE_PSK_WITH_AES_128_CBC_SHA"
+# define TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA "TLS_DHE_PSK_WITH_AES_256_CBC_SHA"
+# define TLS1_RFC_RSA_PSK_WITH_3DES_EDE_CBC_SHA "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA"
+# define TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA "TLS_RSA_PSK_WITH_AES_128_CBC_SHA"
+# define TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA "TLS_RSA_PSK_WITH_AES_256_CBC_SHA"
+# define TLS1_RFC_PSK_WITH_AES_128_GCM_SHA256 "TLS_PSK_WITH_AES_128_GCM_SHA256"
+# define TLS1_RFC_PSK_WITH_AES_256_GCM_SHA384 "TLS_PSK_WITH_AES_256_GCM_SHA384"
+# define TLS1_RFC_DHE_PSK_WITH_AES_128_GCM_SHA256 "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256"
+# define TLS1_RFC_DHE_PSK_WITH_AES_256_GCM_SHA384 "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384"
+# define TLS1_RFC_RSA_PSK_WITH_AES_128_GCM_SHA256 "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256"
+# define TLS1_RFC_RSA_PSK_WITH_AES_256_GCM_SHA384 "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384"
+# define TLS1_RFC_PSK_WITH_AES_128_CBC_SHA256 "TLS_PSK_WITH_AES_128_CBC_SHA256"
+# define TLS1_RFC_PSK_WITH_AES_256_CBC_SHA384 "TLS_PSK_WITH_AES_256_CBC_SHA384"
+# define TLS1_RFC_PSK_WITH_NULL_SHA256 "TLS_PSK_WITH_NULL_SHA256"
+# define TLS1_RFC_PSK_WITH_NULL_SHA384 "TLS_PSK_WITH_NULL_SHA384"
+# define TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA256 "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256"
+# define TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA384 "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384"
+# define TLS1_RFC_DHE_PSK_WITH_NULL_SHA256 "TLS_DHE_PSK_WITH_NULL_SHA256"
+# define TLS1_RFC_DHE_PSK_WITH_NULL_SHA384 "TLS_DHE_PSK_WITH_NULL_SHA384"
+# define TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA256 "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256"
+# define TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA384 "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384"
+# define TLS1_RFC_RSA_PSK_WITH_NULL_SHA256 "TLS_RSA_PSK_WITH_NULL_SHA256"
+# define TLS1_RFC_RSA_PSK_WITH_NULL_SHA384 "TLS_RSA_PSK_WITH_NULL_SHA384"
+# define TLS1_RFC_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA"
+# define TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA"
+# define TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA"
+# define TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA256 "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256"
+# define TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA384 "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384"
+# define TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA "TLS_ECDHE_PSK_WITH_NULL_SHA"
+# define TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA256 "TLS_ECDHE_PSK_WITH_NULL_SHA256"
+# define TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA384 "TLS_ECDHE_PSK_WITH_NULL_SHA384"
+# define TLS1_RFC_SRP_SHA_WITH_3DES_EDE_CBC_SHA "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA"
+# define TLS1_RFC_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA"
+# define TLS1_RFC_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA"
+# define TLS1_RFC_SRP_SHA_WITH_AES_128_CBC_SHA "TLS_SRP_SHA_WITH_AES_128_CBC_SHA"
+# define TLS1_RFC_SRP_SHA_RSA_WITH_AES_128_CBC_SHA "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA"
+# define TLS1_RFC_SRP_SHA_DSS_WITH_AES_128_CBC_SHA "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA"
+# define TLS1_RFC_SRP_SHA_WITH_AES_256_CBC_SHA "TLS_SRP_SHA_WITH_AES_256_CBC_SHA"
+# define TLS1_RFC_SRP_SHA_RSA_WITH_AES_256_CBC_SHA "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA"
+# define TLS1_RFC_SRP_SHA_DSS_WITH_AES_256_CBC_SHA "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA"
+# define TLS1_RFC_DHE_RSA_WITH_CHACHA20_POLY1305 "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256"
+# define TLS1_RFC_ECDHE_RSA_WITH_CHACHA20_POLY1305 "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256"
+# define TLS1_RFC_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256"
+# define TLS1_RFC_PSK_WITH_CHACHA20_POLY1305 "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256"
+# define TLS1_RFC_ECDHE_PSK_WITH_CHACHA20_POLY1305 "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256"
+# define TLS1_RFC_DHE_PSK_WITH_CHACHA20_POLY1305 "TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256"
+# define TLS1_RFC_RSA_PSK_WITH_CHACHA20_POLY1305 "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256"
+# define TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA256 "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256"
+# define TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256"
+# define TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
+# define TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA256 "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256"
+# define TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA256 "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256"
+# define TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256"
+# define TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256"
+# define TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA256 "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256"
+# define TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA"
+# define TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA"
+# define TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA"
+# define TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA"
+# define TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA"
+# define TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA"
+# define TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA"
+# define TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA"
+# define TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"
+# define TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"
+# define TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
+# define TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384"
+# define TLS1_RFC_PSK_WITH_CAMELLIA_128_CBC_SHA256 "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256"
+# define TLS1_RFC_PSK_WITH_CAMELLIA_256_CBC_SHA384 "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384"
+# define TLS1_RFC_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
+# define TLS1_RFC_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
+# define TLS1_RFC_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256"
+# define TLS1_RFC_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384"
+# define TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
+# define TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
+# define TLS1_RFC_RSA_WITH_SEED_SHA "TLS_RSA_WITH_SEED_CBC_SHA"
+# define TLS1_RFC_DHE_DSS_WITH_SEED_SHA "TLS_DHE_DSS_WITH_SEED_CBC_SHA"
+# define TLS1_RFC_DHE_RSA_WITH_SEED_SHA "TLS_DHE_RSA_WITH_SEED_CBC_SHA"
+# define TLS1_RFC_ADH_WITH_SEED_SHA "TLS_DH_anon_WITH_SEED_CBC_SHA"
+# define TLS1_RFC_ECDHE_PSK_WITH_RC4_128_SHA "TLS_ECDHE_PSK_WITH_RC4_128_SHA"
+# define TLS1_RFC_ECDH_anon_WITH_RC4_128_SHA "TLS_ECDH_anon_WITH_RC4_128_SHA"
+# define TLS1_RFC_ECDHE_ECDSA_WITH_RC4_128_SHA "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA"
+# define TLS1_RFC_ECDHE_RSA_WITH_RC4_128_SHA "TLS_ECDHE_RSA_WITH_RC4_128_SHA"
+# define TLS1_RFC_PSK_WITH_RC4_128_SHA "TLS_PSK_WITH_RC4_128_SHA"
+# define TLS1_RFC_RSA_PSK_WITH_RC4_128_SHA "TLS_RSA_PSK_WITH_RC4_128_SHA"
+# define TLS1_RFC_DHE_PSK_WITH_RC4_128_SHA "TLS_DHE_PSK_WITH_RC4_128_SHA"
+# define TLS1_RFC_RSA_WITH_ARIA_128_GCM_SHA256 "TLS_RSA_WITH_ARIA_128_GCM_SHA256"
+# define TLS1_RFC_RSA_WITH_ARIA_256_GCM_SHA384 "TLS_RSA_WITH_ARIA_256_GCM_SHA384"
+# define TLS1_RFC_DHE_RSA_WITH_ARIA_128_GCM_SHA256 "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256"
+# define TLS1_RFC_DHE_RSA_WITH_ARIA_256_GCM_SHA384 "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384"
+# define TLS1_RFC_DH_RSA_WITH_ARIA_128_GCM_SHA256 "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256"
+# define TLS1_RFC_DH_RSA_WITH_ARIA_256_GCM_SHA384 "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384"
+# define TLS1_RFC_DHE_DSS_WITH_ARIA_128_GCM_SHA256 "TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256"
+# define TLS1_RFC_DHE_DSS_WITH_ARIA_256_GCM_SHA384 "TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384"
+# define TLS1_RFC_DH_DSS_WITH_ARIA_128_GCM_SHA256 "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256"
+# define TLS1_RFC_DH_DSS_WITH_ARIA_256_GCM_SHA384 "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384"
+# define TLS1_RFC_DH_anon_WITH_ARIA_128_GCM_SHA256 "TLS_DH_anon_WITH_ARIA_128_GCM_SHA256"
+# define TLS1_RFC_DH_anon_WITH_ARIA_256_GCM_SHA384 "TLS_DH_anon_WITH_ARIA_256_GCM_SHA384"
+# define TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256"
+# define TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384"
+# define TLS1_RFC_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256"
+# define TLS1_RFC_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384"
+# define TLS1_RFC_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256"
+# define TLS1_RFC_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384"
+# define TLS1_RFC_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256"
+# define TLS1_RFC_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384"
+# define TLS1_RFC_PSK_WITH_ARIA_128_GCM_SHA256 "TLS_PSK_WITH_ARIA_128_GCM_SHA256"
+# define TLS1_RFC_PSK_WITH_ARIA_256_GCM_SHA384 "TLS_PSK_WITH_ARIA_256_GCM_SHA384"
+# define TLS1_RFC_DHE_PSK_WITH_ARIA_128_GCM_SHA256 "TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256"
+# define TLS1_RFC_DHE_PSK_WITH_ARIA_256_GCM_SHA384 "TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384"
+# define TLS1_RFC_RSA_PSK_WITH_ARIA_128_GCM_SHA256 "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256"
+# define TLS1_RFC_RSA_PSK_WITH_ARIA_256_GCM_SHA384 "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384"
+
+
+/*
+ * XXX Backward compatibility alert: Older versions of OpenSSL gave some DHE
+ * ciphers names with "EDH" instead of "DHE". Going forward, we should be
+ * using DHE everywhere, though we may indefinitely maintain aliases for
+ * users or configurations that used "EDH"
+ */
+# define TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA "DHE-DSS-RC4-SHA"
+
+# define TLS1_TXT_PSK_WITH_NULL_SHA "PSK-NULL-SHA"
+# define TLS1_TXT_DHE_PSK_WITH_NULL_SHA "DHE-PSK-NULL-SHA"
+# define TLS1_TXT_RSA_PSK_WITH_NULL_SHA "RSA-PSK-NULL-SHA"
+
+/* AES ciphersuites from RFC3268 */
+# define TLS1_TXT_RSA_WITH_AES_128_SHA "AES128-SHA"
+# define TLS1_TXT_DH_DSS_WITH_AES_128_SHA "DH-DSS-AES128-SHA"
+# define TLS1_TXT_DH_RSA_WITH_AES_128_SHA "DH-RSA-AES128-SHA"
+# define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA "DHE-DSS-AES128-SHA"
+# define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA "DHE-RSA-AES128-SHA"
+# define TLS1_TXT_ADH_WITH_AES_128_SHA "ADH-AES128-SHA"
+
+# define TLS1_TXT_RSA_WITH_AES_256_SHA "AES256-SHA"
+# define TLS1_TXT_DH_DSS_WITH_AES_256_SHA "DH-DSS-AES256-SHA"
+# define TLS1_TXT_DH_RSA_WITH_AES_256_SHA "DH-RSA-AES256-SHA"
+# define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA "DHE-DSS-AES256-SHA"
+# define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA "DHE-RSA-AES256-SHA"
+# define TLS1_TXT_ADH_WITH_AES_256_SHA "ADH-AES256-SHA"
+
+/* ECC ciphersuites from RFC4492 */
+# define TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA "ECDH-ECDSA-NULL-SHA"
+# define TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA "ECDH-ECDSA-RC4-SHA"
+# define TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA "ECDH-ECDSA-DES-CBC3-SHA"
+# define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA "ECDH-ECDSA-AES128-SHA"
+# define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA "ECDH-ECDSA-AES256-SHA"
+
+# define TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA "ECDHE-ECDSA-NULL-SHA"
+# define TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA "ECDHE-ECDSA-RC4-SHA"
+# define TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA "ECDHE-ECDSA-DES-CBC3-SHA"
+# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA "ECDHE-ECDSA-AES128-SHA"
+# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA "ECDHE-ECDSA-AES256-SHA"
+
+# define TLS1_TXT_ECDH_RSA_WITH_NULL_SHA "ECDH-RSA-NULL-SHA"
+# define TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA "ECDH-RSA-RC4-SHA"
+# define TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA "ECDH-RSA-DES-CBC3-SHA"
+# define TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA "ECDH-RSA-AES128-SHA"
+# define TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA "ECDH-RSA-AES256-SHA"
+
+# define TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA "ECDHE-RSA-NULL-SHA"
+# define TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA "ECDHE-RSA-RC4-SHA"
+# define TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA "ECDHE-RSA-DES-CBC3-SHA"
+# define TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA "ECDHE-RSA-AES128-SHA"
+# define TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA "ECDHE-RSA-AES256-SHA"
+
+# define TLS1_TXT_ECDH_anon_WITH_NULL_SHA "AECDH-NULL-SHA"
+# define TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA "AECDH-RC4-SHA"
+# define TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA "AECDH-DES-CBC3-SHA"
+# define TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA "AECDH-AES128-SHA"
+# define TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA "AECDH-AES256-SHA"
+
+/* PSK ciphersuites from RFC 4279 */
+# define TLS1_TXT_PSK_WITH_RC4_128_SHA "PSK-RC4-SHA"
+# define TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA "PSK-3DES-EDE-CBC-SHA"
+# define TLS1_TXT_PSK_WITH_AES_128_CBC_SHA "PSK-AES128-CBC-SHA"
+# define TLS1_TXT_PSK_WITH_AES_256_CBC_SHA "PSK-AES256-CBC-SHA"
+
+# define TLS1_TXT_DHE_PSK_WITH_RC4_128_SHA "DHE-PSK-RC4-SHA"
+# define TLS1_TXT_DHE_PSK_WITH_3DES_EDE_CBC_SHA "DHE-PSK-3DES-EDE-CBC-SHA"
+# define TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA "DHE-PSK-AES128-CBC-SHA"
+# define TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA "DHE-PSK-AES256-CBC-SHA"
+# define TLS1_TXT_RSA_PSK_WITH_RC4_128_SHA "RSA-PSK-RC4-SHA"
+# define TLS1_TXT_RSA_PSK_WITH_3DES_EDE_CBC_SHA "RSA-PSK-3DES-EDE-CBC-SHA"
+# define TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA "RSA-PSK-AES128-CBC-SHA"
+# define TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA "RSA-PSK-AES256-CBC-SHA"
+
+/* PSK ciphersuites from RFC 5487 */
+# define TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256 "PSK-AES128-GCM-SHA256"
+# define TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384 "PSK-AES256-GCM-SHA384"
+# define TLS1_TXT_DHE_PSK_WITH_AES_128_GCM_SHA256 "DHE-PSK-AES128-GCM-SHA256"
+# define TLS1_TXT_DHE_PSK_WITH_AES_256_GCM_SHA384 "DHE-PSK-AES256-GCM-SHA384"
+# define TLS1_TXT_RSA_PSK_WITH_AES_128_GCM_SHA256 "RSA-PSK-AES128-GCM-SHA256"
+# define TLS1_TXT_RSA_PSK_WITH_AES_256_GCM_SHA384 "RSA-PSK-AES256-GCM-SHA384"
+
+# define TLS1_TXT_PSK_WITH_AES_128_CBC_SHA256 "PSK-AES128-CBC-SHA256"
+# define TLS1_TXT_PSK_WITH_AES_256_CBC_SHA384 "PSK-AES256-CBC-SHA384"
+# define TLS1_TXT_PSK_WITH_NULL_SHA256 "PSK-NULL-SHA256"
+# define TLS1_TXT_PSK_WITH_NULL_SHA384 "PSK-NULL-SHA384"
+
+# define TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA256 "DHE-PSK-AES128-CBC-SHA256"
+# define TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA384 "DHE-PSK-AES256-CBC-SHA384"
+# define TLS1_TXT_DHE_PSK_WITH_NULL_SHA256 "DHE-PSK-NULL-SHA256"
+# define TLS1_TXT_DHE_PSK_WITH_NULL_SHA384 "DHE-PSK-NULL-SHA384"
+
+# define TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA256 "RSA-PSK-AES128-CBC-SHA256"
+# define TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA384 "RSA-PSK-AES256-CBC-SHA384"
+# define TLS1_TXT_RSA_PSK_WITH_NULL_SHA256 "RSA-PSK-NULL-SHA256"
+# define TLS1_TXT_RSA_PSK_WITH_NULL_SHA384 "RSA-PSK-NULL-SHA384"
+
+/* SRP ciphersuite from RFC 5054 */
+# define TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA "SRP-3DES-EDE-CBC-SHA"
+# define TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA "SRP-RSA-3DES-EDE-CBC-SHA"
+# define TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA "SRP-DSS-3DES-EDE-CBC-SHA"
+# define TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA "SRP-AES-128-CBC-SHA"
+# define TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA "SRP-RSA-AES-128-CBC-SHA"
+# define TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA "SRP-DSS-AES-128-CBC-SHA"
+# define TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA "SRP-AES-256-CBC-SHA"
+# define TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA "SRP-RSA-AES-256-CBC-SHA"
+# define TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA "SRP-DSS-AES-256-CBC-SHA"
+
+/* Camellia ciphersuites from RFC4132 */
+# define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA "CAMELLIA128-SHA"
+# define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA "DH-DSS-CAMELLIA128-SHA"
+# define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA "DH-RSA-CAMELLIA128-SHA"
+# define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA "DHE-DSS-CAMELLIA128-SHA"
+# define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA "DHE-RSA-CAMELLIA128-SHA"
+# define TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA "ADH-CAMELLIA128-SHA"
+
+# define TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA "CAMELLIA256-SHA"
+# define TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA "DH-DSS-CAMELLIA256-SHA"
+# define TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA "DH-RSA-CAMELLIA256-SHA"
+# define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA "DHE-DSS-CAMELLIA256-SHA"
+# define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA "DHE-RSA-CAMELLIA256-SHA"
+# define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA "ADH-CAMELLIA256-SHA"
+
+/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
+# define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256 "CAMELLIA128-SHA256"
+# define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 "DH-DSS-CAMELLIA128-SHA256"
+# define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 "DH-RSA-CAMELLIA128-SHA256"
+# define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 "DHE-DSS-CAMELLIA128-SHA256"
+# define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 "DHE-RSA-CAMELLIA128-SHA256"
+# define TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256 "ADH-CAMELLIA128-SHA256"
+
+# define TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256 "CAMELLIA256-SHA256"
+# define TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 "DH-DSS-CAMELLIA256-SHA256"
+# define TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 "DH-RSA-CAMELLIA256-SHA256"
+# define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 "DHE-DSS-CAMELLIA256-SHA256"
+# define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 "DHE-RSA-CAMELLIA256-SHA256"
+# define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256 "ADH-CAMELLIA256-SHA256"
+
+# define TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256 "PSK-CAMELLIA128-SHA256"
+# define TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384 "PSK-CAMELLIA256-SHA384"
+# define TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 "DHE-PSK-CAMELLIA128-SHA256"
+# define TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 "DHE-PSK-CAMELLIA256-SHA384"
+# define TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 "RSA-PSK-CAMELLIA128-SHA256"
+# define TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 "RSA-PSK-CAMELLIA256-SHA384"
+# define TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 "ECDHE-PSK-CAMELLIA128-SHA256"
+# define TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 "ECDHE-PSK-CAMELLIA256-SHA384"
+
+/* SEED ciphersuites from RFC4162 */
+# define TLS1_TXT_RSA_WITH_SEED_SHA "SEED-SHA"
+# define TLS1_TXT_DH_DSS_WITH_SEED_SHA "DH-DSS-SEED-SHA"
+# define TLS1_TXT_DH_RSA_WITH_SEED_SHA "DH-RSA-SEED-SHA"
+# define TLS1_TXT_DHE_DSS_WITH_SEED_SHA "DHE-DSS-SEED-SHA"
+# define TLS1_TXT_DHE_RSA_WITH_SEED_SHA "DHE-RSA-SEED-SHA"
+# define TLS1_TXT_ADH_WITH_SEED_SHA "ADH-SEED-SHA"
+
+/* TLS v1.2 ciphersuites */
+# define TLS1_TXT_RSA_WITH_NULL_SHA256 "NULL-SHA256"
+# define TLS1_TXT_RSA_WITH_AES_128_SHA256 "AES128-SHA256"
+# define TLS1_TXT_RSA_WITH_AES_256_SHA256 "AES256-SHA256"
+# define TLS1_TXT_DH_DSS_WITH_AES_128_SHA256 "DH-DSS-AES128-SHA256"
+# define TLS1_TXT_DH_RSA_WITH_AES_128_SHA256 "DH-RSA-AES128-SHA256"
+# define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256 "DHE-DSS-AES128-SHA256"
+# define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256 "DHE-RSA-AES128-SHA256"
+# define TLS1_TXT_DH_DSS_WITH_AES_256_SHA256 "DH-DSS-AES256-SHA256"
+# define TLS1_TXT_DH_RSA_WITH_AES_256_SHA256 "DH-RSA-AES256-SHA256"
+# define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256 "DHE-DSS-AES256-SHA256"
+# define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256 "DHE-RSA-AES256-SHA256"
+# define TLS1_TXT_ADH_WITH_AES_128_SHA256 "ADH-AES128-SHA256"
+# define TLS1_TXT_ADH_WITH_AES_256_SHA256 "ADH-AES256-SHA256"
+
+/* TLS v1.2 GCM ciphersuites from RFC5288 */
+# define TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256 "AES128-GCM-SHA256"
+# define TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384 "AES256-GCM-SHA384"
+# define TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256 "DHE-RSA-AES128-GCM-SHA256"
+# define TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384 "DHE-RSA-AES256-GCM-SHA384"
+# define TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256 "DH-RSA-AES128-GCM-SHA256"
+# define TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384 "DH-RSA-AES256-GCM-SHA384"
+# define TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256 "DHE-DSS-AES128-GCM-SHA256"
+# define TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384 "DHE-DSS-AES256-GCM-SHA384"
+# define TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256 "DH-DSS-AES128-GCM-SHA256"
+# define TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384 "DH-DSS-AES256-GCM-SHA384"
+# define TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256 "ADH-AES128-GCM-SHA256"
+# define TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384 "ADH-AES256-GCM-SHA384"
+
+/* CCM ciphersuites from RFC6655 */
+# define TLS1_TXT_RSA_WITH_AES_128_CCM "AES128-CCM"
+# define TLS1_TXT_RSA_WITH_AES_256_CCM "AES256-CCM"
+# define TLS1_TXT_DHE_RSA_WITH_AES_128_CCM "DHE-RSA-AES128-CCM"
+# define TLS1_TXT_DHE_RSA_WITH_AES_256_CCM "DHE-RSA-AES256-CCM"
+
+# define TLS1_TXT_RSA_WITH_AES_128_CCM_8 "AES128-CCM8"
+# define TLS1_TXT_RSA_WITH_AES_256_CCM_8 "AES256-CCM8"
+# define TLS1_TXT_DHE_RSA_WITH_AES_128_CCM_8 "DHE-RSA-AES128-CCM8"
+# define TLS1_TXT_DHE_RSA_WITH_AES_256_CCM_8 "DHE-RSA-AES256-CCM8"
+
+# define TLS1_TXT_PSK_WITH_AES_128_CCM "PSK-AES128-CCM"
+# define TLS1_TXT_PSK_WITH_AES_256_CCM "PSK-AES256-CCM"
+# define TLS1_TXT_DHE_PSK_WITH_AES_128_CCM "DHE-PSK-AES128-CCM"
+# define TLS1_TXT_DHE_PSK_WITH_AES_256_CCM "DHE-PSK-AES256-CCM"
+
+# define TLS1_TXT_PSK_WITH_AES_128_CCM_8 "PSK-AES128-CCM8"
+# define TLS1_TXT_PSK_WITH_AES_256_CCM_8 "PSK-AES256-CCM8"
+# define TLS1_TXT_DHE_PSK_WITH_AES_128_CCM_8 "DHE-PSK-AES128-CCM8"
+# define TLS1_TXT_DHE_PSK_WITH_AES_256_CCM_8 "DHE-PSK-AES256-CCM8"
+
+/* CCM ciphersuites from RFC7251 */
+# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM "ECDHE-ECDSA-AES128-CCM"
+# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM "ECDHE-ECDSA-AES256-CCM"
+# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM_8 "ECDHE-ECDSA-AES128-CCM8"
+# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM_8 "ECDHE-ECDSA-AES256-CCM8"
+
+/* ECDH HMAC based ciphersuites from RFC5289 */
+# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256 "ECDHE-ECDSA-AES128-SHA256"
+# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384 "ECDHE-ECDSA-AES256-SHA384"
+# define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256 "ECDH-ECDSA-AES128-SHA256"
+# define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384 "ECDH-ECDSA-AES256-SHA384"
+# define TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256 "ECDHE-RSA-AES128-SHA256"
+# define TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384 "ECDHE-RSA-AES256-SHA384"
+# define TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256 "ECDH-RSA-AES128-SHA256"
+# define TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384 "ECDH-RSA-AES256-SHA384"
+
+/* ECDH GCM based ciphersuites from RFC5289 */
+# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 "ECDHE-ECDSA-AES128-GCM-SHA256"
+# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 "ECDHE-ECDSA-AES256-GCM-SHA384"
+# define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 "ECDH-ECDSA-AES128-GCM-SHA256"
+# define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 "ECDH-ECDSA-AES256-GCM-SHA384"
+# define TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256 "ECDHE-RSA-AES128-GCM-SHA256"
+# define TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384 "ECDHE-RSA-AES256-GCM-SHA384"
+# define TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256 "ECDH-RSA-AES128-GCM-SHA256"
+# define TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384 "ECDH-RSA-AES256-GCM-SHA384"
+
+/* TLS v1.2 PSK GCM ciphersuites from RFC5487 */
+# define TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256 "PSK-AES128-GCM-SHA256"
+# define TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384 "PSK-AES256-GCM-SHA384"
+
+/* ECDHE PSK ciphersuites from RFC 5489 */
+# define TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA "ECDHE-PSK-RC4-SHA"
+# define TLS1_TXT_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA "ECDHE-PSK-3DES-EDE-CBC-SHA"
+# define TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA "ECDHE-PSK-AES128-CBC-SHA"
+# define TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA "ECDHE-PSK-AES256-CBC-SHA"
+
+# define TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256 "ECDHE-PSK-AES128-CBC-SHA256"
+# define TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384 "ECDHE-PSK-AES256-CBC-SHA384"
+
+# define TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA "ECDHE-PSK-NULL-SHA"
+# define TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA256 "ECDHE-PSK-NULL-SHA256"
+# define TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA384 "ECDHE-PSK-NULL-SHA384"
+
+/* Camellia-CBC ciphersuites from RFC6367 */
+# define TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 "ECDHE-ECDSA-CAMELLIA128-SHA256"
+# define TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 "ECDHE-ECDSA-CAMELLIA256-SHA384"
+# define TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 "ECDH-ECDSA-CAMELLIA128-SHA256"
+# define TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 "ECDH-ECDSA-CAMELLIA256-SHA384"
+# define TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 "ECDHE-RSA-CAMELLIA128-SHA256"
+# define TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 "ECDHE-RSA-CAMELLIA256-SHA384"
+# define TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 "ECDH-RSA-CAMELLIA128-SHA256"
+# define TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 "ECDH-RSA-CAMELLIA256-SHA384"
+
+/* draft-ietf-tls-chacha20-poly1305-03 */
+# define TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305 "ECDHE-RSA-CHACHA20-POLY1305"
+# define TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 "ECDHE-ECDSA-CHACHA20-POLY1305"
+# define TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305 "DHE-RSA-CHACHA20-POLY1305"
+# define TLS1_TXT_PSK_WITH_CHACHA20_POLY1305 "PSK-CHACHA20-POLY1305"
+# define TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305 "ECDHE-PSK-CHACHA20-POLY1305"
+# define TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305 "DHE-PSK-CHACHA20-POLY1305"
+# define TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305 "RSA-PSK-CHACHA20-POLY1305"
+
+/* Aria ciphersuites from RFC6209 */
+# define TLS1_TXT_RSA_WITH_ARIA_128_GCM_SHA256 "ARIA128-GCM-SHA256"
+# define TLS1_TXT_RSA_WITH_ARIA_256_GCM_SHA384 "ARIA256-GCM-SHA384"
+# define TLS1_TXT_DHE_RSA_WITH_ARIA_128_GCM_SHA256 "DHE-RSA-ARIA128-GCM-SHA256"
+# define TLS1_TXT_DHE_RSA_WITH_ARIA_256_GCM_SHA384 "DHE-RSA-ARIA256-GCM-SHA384"
+# define TLS1_TXT_DH_RSA_WITH_ARIA_128_GCM_SHA256 "DH-RSA-ARIA128-GCM-SHA256"
+# define TLS1_TXT_DH_RSA_WITH_ARIA_256_GCM_SHA384 "DH-RSA-ARIA256-GCM-SHA384"
+# define TLS1_TXT_DHE_DSS_WITH_ARIA_128_GCM_SHA256 "DHE-DSS-ARIA128-GCM-SHA256"
+# define TLS1_TXT_DHE_DSS_WITH_ARIA_256_GCM_SHA384 "DHE-DSS-ARIA256-GCM-SHA384"
+# define TLS1_TXT_DH_DSS_WITH_ARIA_128_GCM_SHA256 "DH-DSS-ARIA128-GCM-SHA256"
+# define TLS1_TXT_DH_DSS_WITH_ARIA_256_GCM_SHA384 "DH-DSS-ARIA256-GCM-SHA384"
+# define TLS1_TXT_DH_anon_WITH_ARIA_128_GCM_SHA256 "ADH-ARIA128-GCM-SHA256"
+# define TLS1_TXT_DH_anon_WITH_ARIA_256_GCM_SHA384 "ADH-ARIA256-GCM-SHA384"
+# define TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 "ECDHE-ECDSA-ARIA128-GCM-SHA256"
+# define TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 "ECDHE-ECDSA-ARIA256-GCM-SHA384"
+# define TLS1_TXT_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 "ECDH-ECDSA-ARIA128-GCM-SHA256"
+# define TLS1_TXT_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 "ECDH-ECDSA-ARIA256-GCM-SHA384"
+# define TLS1_TXT_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 "ECDHE-ARIA128-GCM-SHA256"
+# define TLS1_TXT_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 "ECDHE-ARIA256-GCM-SHA384"
+# define TLS1_TXT_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 "ECDH-ARIA128-GCM-SHA256"
+# define TLS1_TXT_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 "ECDH-ARIA256-GCM-SHA384"
+# define TLS1_TXT_PSK_WITH_ARIA_128_GCM_SHA256 "PSK-ARIA128-GCM-SHA256"
+# define TLS1_TXT_PSK_WITH_ARIA_256_GCM_SHA384 "PSK-ARIA256-GCM-SHA384"
+# define TLS1_TXT_DHE_PSK_WITH_ARIA_128_GCM_SHA256 "DHE-PSK-ARIA128-GCM-SHA256"
+# define TLS1_TXT_DHE_PSK_WITH_ARIA_256_GCM_SHA384 "DHE-PSK-ARIA256-GCM-SHA384"
+# define TLS1_TXT_RSA_PSK_WITH_ARIA_128_GCM_SHA256 "RSA-PSK-ARIA128-GCM-SHA256"
+# define TLS1_TXT_RSA_PSK_WITH_ARIA_256_GCM_SHA384 "RSA-PSK-ARIA256-GCM-SHA384"
+
+# define TLS_CT_RSA_SIGN 1
+# define TLS_CT_DSS_SIGN 2
+# define TLS_CT_RSA_FIXED_DH 3
+# define TLS_CT_DSS_FIXED_DH 4
+# define TLS_CT_ECDSA_SIGN 64
+# define TLS_CT_RSA_FIXED_ECDH 65
+# define TLS_CT_ECDSA_FIXED_ECDH 66
+# define TLS_CT_GOST01_SIGN 22
+# define TLS_CT_GOST12_IANA_SIGN 67
+# define TLS_CT_GOST12_IANA_512_SIGN 68
+# define TLS_CT_GOST12_LEGACY_SIGN 238
+# define TLS_CT_GOST12_LEGACY_512_SIGN 239
+
+/*
+ * when correcting this number, correct also SSL3_CT_NUMBER in ssl3.h (see
+ * comment there)
+ */
+# define TLS_CT_NUMBER 12
+
+# if defined(SSL3_CT_NUMBER)
+# if TLS_CT_NUMBER != SSL3_CT_NUMBER
+# error "SSL/TLS CT_NUMBER values do not match"
+# endif
+# endif
+
+# define TLS1_FINISH_MAC_LENGTH 12
+
+# define TLS_MD_MAX_CONST_SIZE 22
+# define TLS_MD_CLIENT_FINISH_CONST "client finished"
+# define TLS_MD_CLIENT_FINISH_CONST_SIZE 15
+# define TLS_MD_SERVER_FINISH_CONST "server finished"
+# define TLS_MD_SERVER_FINISH_CONST_SIZE 15
+# define TLS_MD_KEY_EXPANSION_CONST "key expansion"
+# define TLS_MD_KEY_EXPANSION_CONST_SIZE 13
+# define TLS_MD_CLIENT_WRITE_KEY_CONST "client write key"
+# define TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE 16
+# define TLS_MD_SERVER_WRITE_KEY_CONST "server write key"
+# define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE 16
+# define TLS_MD_IV_BLOCK_CONST "IV block"
+# define TLS_MD_IV_BLOCK_CONST_SIZE 8
+# define TLS_MD_MASTER_SECRET_CONST "master secret"
+# define TLS_MD_MASTER_SECRET_CONST_SIZE 13
+# define TLS_MD_EXTENDED_MASTER_SECRET_CONST "extended master secret"
+# define TLS_MD_EXTENDED_MASTER_SECRET_CONST_SIZE 22
+
+# ifdef CHARSET_EBCDIC
+# undef TLS_MD_CLIENT_FINISH_CONST
+/*
+ * client finished
+ */
+# define TLS_MD_CLIENT_FINISH_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x66\x69\x6e\x69\x73\x68\x65\x64"
+
+# undef TLS_MD_SERVER_FINISH_CONST
+/*
+ * server finished
+ */
+# define TLS_MD_SERVER_FINISH_CONST "\x73\x65\x72\x76\x65\x72\x20\x66\x69\x6e\x69\x73\x68\x65\x64"
+
+# undef TLS_MD_SERVER_WRITE_KEY_CONST
+/*
+ * server write key
+ */
+# define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
+
+# undef TLS_MD_KEY_EXPANSION_CONST
+/*
+ * key expansion
+ */
+# define TLS_MD_KEY_EXPANSION_CONST "\x6b\x65\x79\x20\x65\x78\x70\x61\x6e\x73\x69\x6f\x6e"
+
+# undef TLS_MD_CLIENT_WRITE_KEY_CONST
+/*
+ * client write key
+ */
+# define TLS_MD_CLIENT_WRITE_KEY_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
+
+# undef TLS_MD_SERVER_WRITE_KEY_CONST
+/*
+ * server write key
+ */
+# define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
+
+# undef TLS_MD_IV_BLOCK_CONST
+/*
+ * IV block
+ */
+# define TLS_MD_IV_BLOCK_CONST "\x49\x56\x20\x62\x6c\x6f\x63\x6b"
+
+# undef TLS_MD_MASTER_SECRET_CONST
+/*
+ * master secret
+ */
+# define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74"
+# undef TLS_MD_EXTENDED_MASTER_SECRET_CONST
+/*
+ * extended master secret
+ */
+# define TLS_MD_EXTENDED_MASTER_SECRET_CONST "\x65\x78\x74\x65\x6e\x64\x65\x64\x20\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74"
+# endif
+
+/* TLS Session Ticket extension struct */
+struct tls_session_ticket_ext_st {
+ unsigned short length;
+ void *data;
+};
+
+#ifdef __cplusplus
+}
+#endif
+#endif
diff --git a/openssl/include/openssl/trace.h b/openssl/include/openssl/trace.h new file mode 100644 index 00000000..f68b3ada --- /dev/null +++ b/openssl/include/openssl/trace.h @@ -0,0 +1,297 @@ +/*
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_TRACE_H
+# define OPENSSL_TRACE_H
+
+# include <stdarg.h>
+
+# include <openssl/bio.h>
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+/*
+ * TRACE CATEGORIES
+ */
+
+/*
+ * The trace messages of the OpenSSL libraries are organized into different
+ * categories. For every trace category, the application can register a separate
+ * tracer callback. When a callback is registered, a so called trace channel is
+ * created for this category. This channel consists essentially of an internal
+ * BIO which sends all trace output it receives to the registered application
+ * callback.
+ *
+ * The ALL category can be used as a fallback category to register a single
+ * channel which receives the output from all categories. However, if the
+ * application intends to print the trace channel name in the line prefix,
+ * it is better to register channels for all categories separately.
+ * (This is how the openssl application does it.)
+ */
+# define OSSL_TRACE_CATEGORY_ALL 0 /* The fallback */
+# define OSSL_TRACE_CATEGORY_TRACE 1
+# define OSSL_TRACE_CATEGORY_INIT 2
+# define OSSL_TRACE_CATEGORY_TLS 3
+# define OSSL_TRACE_CATEGORY_TLS_CIPHER 4
+# define OSSL_TRACE_CATEGORY_CONF 5
+# define OSSL_TRACE_CATEGORY_ENGINE_TABLE 6
+# define OSSL_TRACE_CATEGORY_ENGINE_REF_COUNT 7
+# define OSSL_TRACE_CATEGORY_PKCS5V2 8
+# define OSSL_TRACE_CATEGORY_PKCS12_KEYGEN 9
+# define OSSL_TRACE_CATEGORY_PKCS12_DECRYPT 10
+# define OSSL_TRACE_CATEGORY_X509V3_POLICY 11
+# define OSSL_TRACE_CATEGORY_BN_CTX 12
+# define OSSL_TRACE_CATEGORY_CMP 13
+# define OSSL_TRACE_CATEGORY_STORE 14
+# define OSSL_TRACE_CATEGORY_NUM 15
+
+/* Returns the trace category number for the given |name| */
+int OSSL_trace_get_category_num(const char *name);
+
+/* Returns the trace category name for the given |num| */
+const char *OSSL_trace_get_category_name(int num);
+
+/*
+ * TRACE CONSUMERS
+ */
+
+/*
+ * Enables tracing for the given |category| by providing a BIO sink
+ * as |channel|. If a null pointer is passed as |channel|, an existing
+ * trace channel is removed and tracing for the category is disabled.
+ *
+ * Returns 1 on success and 0 on failure
+ */
+int OSSL_trace_set_channel(int category, BIO* channel);
+
+/*
+ * Attach a prefix and a suffix to the given |category|, to be printed at the
+ * beginning and at the end of each trace output group, i.e. when
+ * OSSL_trace_begin() and OSSL_trace_end() are called.
+ * If a null pointer is passed as argument, the existing prefix or suffix is
+ * removed.
+ *
+ * They return 1 on success and 0 on failure
+ */
+int OSSL_trace_set_prefix(int category, const char *prefix);
+int OSSL_trace_set_suffix(int category, const char *suffix);
+
+/*
+ * OSSL_trace_cb is the type tracing callback provided by the application.
+ * It MUST return the number of bytes written, or 0 on error (in other words,
+ * it can never write zero bytes).
+ *
+ * The |buffer| will always contain text, which may consist of several lines.
+ * The |data| argument points to whatever data was provided by the application
+ * when registering the tracer function.
+ *
+ * The |category| number is given, as well as a |cmd| number, described below.
+ */
+typedef size_t (*OSSL_trace_cb)(const char *buffer, size_t count,
+ int category, int cmd, void *data);
+/*
+ * Possible |cmd| numbers.
+ */
+# define OSSL_TRACE_CTRL_BEGIN 0
+# define OSSL_TRACE_CTRL_WRITE 1
+# define OSSL_TRACE_CTRL_END 2
+
+/*
+ * Enables tracing for the given |category| by creating an internal
+ * trace channel which sends the output to the given |callback|.
+ * If a null pointer is passed as callback, an existing trace channel
+ * is removed and tracing for the category is disabled.
+ *
+ * NOTE: OSSL_trace_set_channel() and OSSL_trace_set_callback() are mutually
+ * exclusive.
+ *
+ * Returns 1 on success and 0 on failure
+ */
+int OSSL_trace_set_callback(int category, OSSL_trace_cb callback, void *data);
+
+/*
+ * TRACE PRODUCERS
+ */
+
+/*
+ * Returns 1 if tracing for the specified category is enabled, otherwise 0
+ */
+int OSSL_trace_enabled(int category);
+
+/*
+ * Wrap a group of tracing output calls. OSSL_trace_begin() locks tracing and
+ * returns the trace channel associated with the given category, or NULL if no
+ * channel is associated with the category. OSSL_trace_end() unlocks tracing.
+ *
+ * Usage:
+ *
+ * BIO *out;
+ * if ((out = OSSL_trace_begin(category)) != NULL) {
+ * ...
+ * BIO_fprintf(out, ...);
+ * ...
+ * OSSL_trace_end(category, out);
+ * }
+ *
+ * See also the convenience macros OSSL_TRACE_BEGIN and OSSL_TRACE_END below.
+ */
+BIO *OSSL_trace_begin(int category);
+void OSSL_trace_end(int category, BIO *channel);
+
+/*
+ * OSSL_TRACE* Convenience Macros
+ */
+
+/*
+ * When the tracing feature is disabled, these macros are defined to
+ * produce dead code, which a good compiler should eliminate.
+ */
+
+/*
+ * OSSL_TRACE_BEGIN, OSSL_TRACE_END - Define a Trace Group
+ *
+ * These two macros can be used to create a block which is executed only
+ * if the corresponding trace category is enabled. Inside this block, a
+ * local variable named |trc_out| is defined, which points to the channel
+ * associated with the given trace category.
+ *
+ * Usage: (using 'TLS' as an example category)
+ *
+ * OSSL_TRACE_BEGIN(TLS) {
+ *
+ * BIO_fprintf(trc_out, ... );
+ *
+ * } OSSL_TRACE_END(TLS);
+ *
+ *
+ * This expands to the following code
+ *
+ * do {
+ * BIO *trc_out = OSSL_trace_begin(OSSL_TRACE_CATEGORY_TLS);
+ * if (trc_out != NULL) {
+ * ...
+ * BIO_fprintf(trc_out, ...);
+ * }
+ * OSSL_trace_end(OSSL_TRACE_CATEGORY_TLS, trc_out);
+ * } while (0);
+ *
+ * The use of the inner '{...}' group and the trailing ';' is enforced
+ * by the definition of the macros in order to make the code look as much
+ * like C code as possible.
+ *
+ * Before returning from inside the trace block, it is necessary to
+ * call OSSL_TRACE_CANCEL(category).
+ */
+
+# ifndef OPENSSL_NO_TRACE
+
+# define OSSL_TRACE_BEGIN(category) \
+ do { \
+ BIO *trc_out = OSSL_trace_begin(OSSL_TRACE_CATEGORY_##category); \
+ \
+ if (trc_out != NULL)
+
+# define OSSL_TRACE_END(category) \
+ OSSL_trace_end(OSSL_TRACE_CATEGORY_##category, trc_out); \
+ } while (0)
+
+# define OSSL_TRACE_CANCEL(category) \
+ OSSL_trace_end(OSSL_TRACE_CATEGORY_##category, trc_out) \
+
+# else
+
+# define OSSL_TRACE_BEGIN(category) \
+ do { \
+ BIO *trc_out = NULL; \
+ if (0)
+
+# define OSSL_TRACE_END(category) \
+ } while(0)
+
+# define OSSL_TRACE_CANCEL(category) \
+ ((void)0)
+
+# endif
+
+/*
+ * OSSL_TRACE_ENABLED() - Check whether tracing is enabled for |category|
+ *
+ * Usage:
+ *
+ * if (OSSL_TRACE_ENABLED(TLS)) {
+ * ...
+ * }
+ */
+# ifndef OPENSSL_NO_TRACE
+
+# define OSSL_TRACE_ENABLED(category) \
+ OSSL_trace_enabled(OSSL_TRACE_CATEGORY_##category)
+
+# else
+
+# define OSSL_TRACE_ENABLED(category) (0)
+
+# endif
+
+/*
+ * OSSL_TRACE*() - OneShot Trace Macros
+ *
+ * These macros are intended to produce a simple printf-style trace output.
+ * Unfortunately, C90 macros don't support variable arguments, so the
+ * "vararg" OSSL_TRACEV() macro has a rather weird usage pattern:
+ *
+ * OSSL_TRACEV(category, (trc_out, "format string", ...args...));
+ *
+ * Where 'channel' is the literal symbol of this name, not a variable.
+ * For that reason, it is currently not intended to be used directly,
+ * but only as helper macro for the other oneshot trace macros
+ * OSSL_TRACE(), OSSL_TRACE1(), OSSL_TRACE2(), ...
+ *
+ * Usage:
+ *
+ * OSSL_TRACE(INIT, "Hello world!\n");
+ * OSSL_TRACE1(TLS, "The answer is %d\n", 42);
+ * OSSL_TRACE2(TLS, "The ultimate question to answer %d is '%s'\n",
+ * 42, "What do you get when you multiply six by nine?");
+ */
+
+# define OSSL_TRACEV(category, args) \
+ OSSL_TRACE_BEGIN(category) \
+ BIO_printf args; \
+ OSSL_TRACE_END(category)
+
+# define OSSL_TRACE(category, text) \
+ OSSL_TRACEV(category, (trc_out, "%s", text))
+
+# define OSSL_TRACE1(category, format, arg1) \
+ OSSL_TRACEV(category, (trc_out, format, arg1))
+# define OSSL_TRACE2(category, format, arg1, arg2) \
+ OSSL_TRACEV(category, (trc_out, format, arg1, arg2))
+# define OSSL_TRACE3(category, format, arg1, arg2, arg3) \
+ OSSL_TRACEV(category, (trc_out, format, arg1, arg2, arg3))
+# define OSSL_TRACE4(category, format, arg1, arg2, arg3, arg4) \
+ OSSL_TRACEV(category, (trc_out, format, arg1, arg2, arg3, arg4))
+# define OSSL_TRACE5(category, format, arg1, arg2, arg3, arg4, arg5) \
+ OSSL_TRACEV(category, (trc_out, format, arg1, arg2, arg3, arg4, arg5))
+# define OSSL_TRACE6(category, format, arg1, arg2, arg3, arg4, arg5, arg6) \
+ OSSL_TRACEV(category, (trc_out, format, arg1, arg2, arg3, arg4, arg5, arg6))
+# define OSSL_TRACE7(category, format, arg1, arg2, arg3, arg4, arg5, arg6, arg7) \
+ OSSL_TRACEV(category, (trc_out, format, arg1, arg2, arg3, arg4, arg5, arg6, arg7))
+# define OSSL_TRACE8(category, format, arg1, arg2, arg3, arg4, arg5, arg6, arg7, arg8) \
+ OSSL_TRACEV(category, (trc_out, format, arg1, arg2, arg3, arg4, arg5, arg6, arg7, arg8))
+# define OSSL_TRACE9(category, format, arg1, arg2, arg3, arg4, arg5, arg6, arg7, arg8) \
+ OSSL_TRACEV(category, (trc_out, format, arg1, arg2, arg3, arg4, arg5, arg6, arg7, arg8, arg9))
+
+# ifdef __cplusplus
+}
+# endif
+
+#endif
diff --git a/openssl/include/openssl/ts.h b/openssl/include/openssl/ts.h new file mode 100644 index 00000000..da7a7cb9 --- /dev/null +++ b/openssl/include/openssl/ts.h @@ -0,0 +1,502 @@ +/*
+ * Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_TS_H
+# define OPENSSL_TS_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_TS_H
+# endif
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_TS
+# include <openssl/symhacks.h>
+# include <openssl/buffer.h>
+# include <openssl/evp.h>
+# include <openssl/bio.h>
+# include <openssl/asn1.h>
+# include <openssl/safestack.h>
+# include <openssl/rsa.h>
+# include <openssl/dsa.h>
+# include <openssl/dh.h>
+# include <openssl/tserr.h>
+# include <openssl/ess.h>
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+# include <openssl/x509.h>
+# include <openssl/x509v3.h>
+
+typedef struct TS_msg_imprint_st TS_MSG_IMPRINT;
+typedef struct TS_req_st TS_REQ;
+typedef struct TS_accuracy_st TS_ACCURACY;
+typedef struct TS_tst_info_st TS_TST_INFO;
+
+/* Possible values for status. */
+# define TS_STATUS_GRANTED 0
+# define TS_STATUS_GRANTED_WITH_MODS 1
+# define TS_STATUS_REJECTION 2
+# define TS_STATUS_WAITING 3
+# define TS_STATUS_REVOCATION_WARNING 4
+# define TS_STATUS_REVOCATION_NOTIFICATION 5
+
+/* Possible values for failure_info. */
+# define TS_INFO_BAD_ALG 0
+# define TS_INFO_BAD_REQUEST 2
+# define TS_INFO_BAD_DATA_FORMAT 5
+# define TS_INFO_TIME_NOT_AVAILABLE 14
+# define TS_INFO_UNACCEPTED_POLICY 15
+# define TS_INFO_UNACCEPTED_EXTENSION 16
+# define TS_INFO_ADD_INFO_NOT_AVAILABLE 17
+# define TS_INFO_SYSTEM_FAILURE 25
+
+
+typedef struct TS_status_info_st TS_STATUS_INFO;
+
+typedef struct TS_resp_st TS_RESP;
+
+DECLARE_ASN1_ALLOC_FUNCTIONS(TS_REQ)
+DECLARE_ASN1_ENCODE_FUNCTIONS_only(TS_REQ, TS_REQ)
+DECLARE_ASN1_DUP_FUNCTION(TS_REQ)
+
+#ifndef OPENSSL_NO_STDIO
+TS_REQ *d2i_TS_REQ_fp(FILE *fp, TS_REQ **a);
+int i2d_TS_REQ_fp(FILE *fp, const TS_REQ *a);
+#endif
+TS_REQ *d2i_TS_REQ_bio(BIO *fp, TS_REQ **a);
+int i2d_TS_REQ_bio(BIO *fp, const TS_REQ *a);
+
+DECLARE_ASN1_ALLOC_FUNCTIONS(TS_MSG_IMPRINT)
+DECLARE_ASN1_ENCODE_FUNCTIONS_only(TS_MSG_IMPRINT, TS_MSG_IMPRINT)
+DECLARE_ASN1_DUP_FUNCTION(TS_MSG_IMPRINT)
+
+#ifndef OPENSSL_NO_STDIO
+TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT **a);
+int i2d_TS_MSG_IMPRINT_fp(FILE *fp, const TS_MSG_IMPRINT *a);
+#endif
+TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_bio(BIO *bio, TS_MSG_IMPRINT **a);
+int i2d_TS_MSG_IMPRINT_bio(BIO *bio, const TS_MSG_IMPRINT *a);
+
+DECLARE_ASN1_ALLOC_FUNCTIONS(TS_RESP)
+DECLARE_ASN1_ENCODE_FUNCTIONS_only(TS_RESP, TS_RESP)
+DECLARE_ASN1_DUP_FUNCTION(TS_RESP)
+
+#ifndef OPENSSL_NO_STDIO
+TS_RESP *d2i_TS_RESP_fp(FILE *fp, TS_RESP **a);
+int i2d_TS_RESP_fp(FILE *fp, const TS_RESP *a);
+#endif
+TS_RESP *d2i_TS_RESP_bio(BIO *bio, TS_RESP **a);
+int i2d_TS_RESP_bio(BIO *bio, const TS_RESP *a);
+
+DECLARE_ASN1_ALLOC_FUNCTIONS(TS_STATUS_INFO)
+DECLARE_ASN1_ENCODE_FUNCTIONS_only(TS_STATUS_INFO, TS_STATUS_INFO)
+DECLARE_ASN1_DUP_FUNCTION(TS_STATUS_INFO)
+
+DECLARE_ASN1_ALLOC_FUNCTIONS(TS_TST_INFO)
+DECLARE_ASN1_ENCODE_FUNCTIONS_only(TS_TST_INFO, TS_TST_INFO)
+DECLARE_ASN1_DUP_FUNCTION(TS_TST_INFO)
+TS_TST_INFO *PKCS7_to_TS_TST_INFO(PKCS7 *token);
+
+#ifndef OPENSSL_NO_STDIO
+TS_TST_INFO *d2i_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO **a);
+int i2d_TS_TST_INFO_fp(FILE *fp, const TS_TST_INFO *a);
+#endif
+TS_TST_INFO *d2i_TS_TST_INFO_bio(BIO *bio, TS_TST_INFO **a);
+int i2d_TS_TST_INFO_bio(BIO *bio, const TS_TST_INFO *a);
+
+DECLARE_ASN1_ALLOC_FUNCTIONS(TS_ACCURACY)
+DECLARE_ASN1_ENCODE_FUNCTIONS_only(TS_ACCURACY, TS_ACCURACY)
+DECLARE_ASN1_DUP_FUNCTION(TS_ACCURACY)
+
+int TS_REQ_set_version(TS_REQ *a, long version);
+long TS_REQ_get_version(const TS_REQ *a);
+
+int TS_STATUS_INFO_set_status(TS_STATUS_INFO *a, int i);
+const ASN1_INTEGER *TS_STATUS_INFO_get0_status(const TS_STATUS_INFO *a);
+
+const STACK_OF(ASN1_UTF8STRING) *
+TS_STATUS_INFO_get0_text(const TS_STATUS_INFO *a);
+
+const ASN1_BIT_STRING *
+TS_STATUS_INFO_get0_failure_info(const TS_STATUS_INFO *a);
+
+int TS_REQ_set_msg_imprint(TS_REQ *a, TS_MSG_IMPRINT *msg_imprint);
+TS_MSG_IMPRINT *TS_REQ_get_msg_imprint(TS_REQ *a);
+
+int TS_MSG_IMPRINT_set_algo(TS_MSG_IMPRINT *a, X509_ALGOR *alg);
+X509_ALGOR *TS_MSG_IMPRINT_get_algo(TS_MSG_IMPRINT *a);
+
+int TS_MSG_IMPRINT_set_msg(TS_MSG_IMPRINT *a, unsigned char *d, int len);
+ASN1_OCTET_STRING *TS_MSG_IMPRINT_get_msg(TS_MSG_IMPRINT *a);
+
+int TS_REQ_set_policy_id(TS_REQ *a, const ASN1_OBJECT *policy);
+ASN1_OBJECT *TS_REQ_get_policy_id(TS_REQ *a);
+
+int TS_REQ_set_nonce(TS_REQ *a, const ASN1_INTEGER *nonce);
+const ASN1_INTEGER *TS_REQ_get_nonce(const TS_REQ *a);
+
+int TS_REQ_set_cert_req(TS_REQ *a, int cert_req);
+int TS_REQ_get_cert_req(const TS_REQ *a);
+
+STACK_OF(X509_EXTENSION) *TS_REQ_get_exts(TS_REQ *a);
+void TS_REQ_ext_free(TS_REQ *a);
+int TS_REQ_get_ext_count(TS_REQ *a);
+int TS_REQ_get_ext_by_NID(TS_REQ *a, int nid, int lastpos);
+int TS_REQ_get_ext_by_OBJ(TS_REQ *a, const ASN1_OBJECT *obj, int lastpos);
+int TS_REQ_get_ext_by_critical(TS_REQ *a, int crit, int lastpos);
+X509_EXTENSION *TS_REQ_get_ext(TS_REQ *a, int loc);
+X509_EXTENSION *TS_REQ_delete_ext(TS_REQ *a, int loc);
+int TS_REQ_add_ext(TS_REQ *a, X509_EXTENSION *ex, int loc);
+void *TS_REQ_get_ext_d2i(TS_REQ *a, int nid, int *crit, int *idx);
+
+/* Function declarations for TS_REQ defined in ts/ts_req_print.c */
+
+int TS_REQ_print_bio(BIO *bio, TS_REQ *a);
+
+/* Function declarations for TS_RESP defined in ts/ts_resp_utils.c */
+
+int TS_RESP_set_status_info(TS_RESP *a, TS_STATUS_INFO *info);
+TS_STATUS_INFO *TS_RESP_get_status_info(TS_RESP *a);
+
+/* Caller loses ownership of PKCS7 and TS_TST_INFO objects. */
+void TS_RESP_set_tst_info(TS_RESP *a, PKCS7 *p7, TS_TST_INFO *tst_info);
+PKCS7 *TS_RESP_get_token(TS_RESP *a);
+TS_TST_INFO *TS_RESP_get_tst_info(TS_RESP *a);
+
+int TS_TST_INFO_set_version(TS_TST_INFO *a, long version);
+long TS_TST_INFO_get_version(const TS_TST_INFO *a);
+
+int TS_TST_INFO_set_policy_id(TS_TST_INFO *a, ASN1_OBJECT *policy_id);
+ASN1_OBJECT *TS_TST_INFO_get_policy_id(TS_TST_INFO *a);
+
+int TS_TST_INFO_set_msg_imprint(TS_TST_INFO *a, TS_MSG_IMPRINT *msg_imprint);
+TS_MSG_IMPRINT *TS_TST_INFO_get_msg_imprint(TS_TST_INFO *a);
+
+int TS_TST_INFO_set_serial(TS_TST_INFO *a, const ASN1_INTEGER *serial);
+const ASN1_INTEGER *TS_TST_INFO_get_serial(const TS_TST_INFO *a);
+
+int TS_TST_INFO_set_time(TS_TST_INFO *a, const ASN1_GENERALIZEDTIME *gtime);
+const ASN1_GENERALIZEDTIME *TS_TST_INFO_get_time(const TS_TST_INFO *a);
+
+int TS_TST_INFO_set_accuracy(TS_TST_INFO *a, TS_ACCURACY *accuracy);
+TS_ACCURACY *TS_TST_INFO_get_accuracy(TS_TST_INFO *a);
+
+int TS_ACCURACY_set_seconds(TS_ACCURACY *a, const ASN1_INTEGER *seconds);
+const ASN1_INTEGER *TS_ACCURACY_get_seconds(const TS_ACCURACY *a);
+
+int TS_ACCURACY_set_millis(TS_ACCURACY *a, const ASN1_INTEGER *millis);
+const ASN1_INTEGER *TS_ACCURACY_get_millis(const TS_ACCURACY *a);
+
+int TS_ACCURACY_set_micros(TS_ACCURACY *a, const ASN1_INTEGER *micros);
+const ASN1_INTEGER *TS_ACCURACY_get_micros(const TS_ACCURACY *a);
+
+int TS_TST_INFO_set_ordering(TS_TST_INFO *a, int ordering);
+int TS_TST_INFO_get_ordering(const TS_TST_INFO *a);
+
+int TS_TST_INFO_set_nonce(TS_TST_INFO *a, const ASN1_INTEGER *nonce);
+const ASN1_INTEGER *TS_TST_INFO_get_nonce(const TS_TST_INFO *a);
+
+int TS_TST_INFO_set_tsa(TS_TST_INFO *a, GENERAL_NAME *tsa);
+GENERAL_NAME *TS_TST_INFO_get_tsa(TS_TST_INFO *a);
+
+STACK_OF(X509_EXTENSION) *TS_TST_INFO_get_exts(TS_TST_INFO *a);
+void TS_TST_INFO_ext_free(TS_TST_INFO *a);
+int TS_TST_INFO_get_ext_count(TS_TST_INFO *a);
+int TS_TST_INFO_get_ext_by_NID(TS_TST_INFO *a, int nid, int lastpos);
+int TS_TST_INFO_get_ext_by_OBJ(TS_TST_INFO *a, const ASN1_OBJECT *obj,
+ int lastpos);
+int TS_TST_INFO_get_ext_by_critical(TS_TST_INFO *a, int crit, int lastpos);
+X509_EXTENSION *TS_TST_INFO_get_ext(TS_TST_INFO *a, int loc);
+X509_EXTENSION *TS_TST_INFO_delete_ext(TS_TST_INFO *a, int loc);
+int TS_TST_INFO_add_ext(TS_TST_INFO *a, X509_EXTENSION *ex, int loc);
+void *TS_TST_INFO_get_ext_d2i(TS_TST_INFO *a, int nid, int *crit, int *idx);
+
+/*
+ * Declarations related to response generation, defined in ts/ts_resp_sign.c.
+ */
+
+/* Optional flags for response generation. */
+
+/* Don't include the TSA name in response. */
+# define TS_TSA_NAME 0x01
+
+/* Set ordering to true in response. */
+# define TS_ORDERING 0x02
+
+/*
+ * Include the signer certificate and the other specified certificates in
+ * the ESS signing certificate attribute beside the PKCS7 signed data.
+ * Only the signer certificates is included by default.
+ */
+# define TS_ESS_CERT_ID_CHAIN 0x04
+
+/* Forward declaration. */
+struct TS_resp_ctx;
+
+/* This must return a unique number less than 160 bits long. */
+typedef ASN1_INTEGER *(*TS_serial_cb) (struct TS_resp_ctx *, void *);
+
+/*
+ * This must return the seconds and microseconds since Jan 1, 1970 in the sec
+ * and usec variables allocated by the caller. Return non-zero for success
+ * and zero for failure.
+ */
+typedef int (*TS_time_cb) (struct TS_resp_ctx *, void *, long *sec,
+ long *usec);
+
+/*
+ * This must process the given extension. It can modify the TS_TST_INFO
+ * object of the context. Return values: !0 (processed), 0 (error, it must
+ * set the status info/failure info of the response).
+ */
+typedef int (*TS_extension_cb) (struct TS_resp_ctx *, X509_EXTENSION *,
+ void *);
+
+typedef struct TS_resp_ctx TS_RESP_CTX;
+
+/* Creates a response context that can be used for generating responses. */
+TS_RESP_CTX *TS_RESP_CTX_new(void);
+void TS_RESP_CTX_free(TS_RESP_CTX *ctx);
+
+/* This parameter must be set. */
+int TS_RESP_CTX_set_signer_cert(TS_RESP_CTX *ctx, X509 *signer);
+
+/* This parameter must be set. */
+int TS_RESP_CTX_set_signer_key(TS_RESP_CTX *ctx, EVP_PKEY *key);
+
+int TS_RESP_CTX_set_signer_digest(TS_RESP_CTX *ctx,
+ const EVP_MD *signer_digest);
+int TS_RESP_CTX_set_ess_cert_id_digest(TS_RESP_CTX *ctx, const EVP_MD *md);
+
+/* This parameter must be set. */
+int TS_RESP_CTX_set_def_policy(TS_RESP_CTX *ctx, const ASN1_OBJECT *def_policy);
+
+/* No additional certs are included in the response by default. */
+int TS_RESP_CTX_set_certs(TS_RESP_CTX *ctx, STACK_OF(X509) *certs);
+
+/*
+ * Adds a new acceptable policy, only the default policy is accepted by
+ * default.
+ */
+int TS_RESP_CTX_add_policy(TS_RESP_CTX *ctx, const ASN1_OBJECT *policy);
+
+/*
+ * Adds a new acceptable message digest. Note that no message digests are
+ * accepted by default. The md argument is shared with the caller.
+ */
+int TS_RESP_CTX_add_md(TS_RESP_CTX *ctx, const EVP_MD *md);
+
+/* Accuracy is not included by default. */
+int TS_RESP_CTX_set_accuracy(TS_RESP_CTX *ctx,
+ int secs, int millis, int micros);
+
+/*
+ * Clock precision digits, i.e. the number of decimal digits: '0' means sec,
+ * '3' msec, '6' usec, and so on. Default is 0.
+ */
+int TS_RESP_CTX_set_clock_precision_digits(TS_RESP_CTX *ctx,
+ unsigned clock_precision_digits);
+/* At most we accept usec precision. */
+# define TS_MAX_CLOCK_PRECISION_DIGITS 6
+
+/* Maximum status message length */
+# define TS_MAX_STATUS_LENGTH (1024 * 1024)
+
+/* No flags are set by default. */
+void TS_RESP_CTX_add_flags(TS_RESP_CTX *ctx, int flags);
+
+/* Default callback always returns a constant. */
+void TS_RESP_CTX_set_serial_cb(TS_RESP_CTX *ctx, TS_serial_cb cb, void *data);
+
+/* Default callback uses the gettimeofday() and gmtime() system calls. */
+void TS_RESP_CTX_set_time_cb(TS_RESP_CTX *ctx, TS_time_cb cb, void *data);
+
+/*
+ * Default callback rejects all extensions. The extension callback is called
+ * when the TS_TST_INFO object is already set up and not signed yet.
+ */
+/* FIXME: extension handling is not tested yet. */
+void TS_RESP_CTX_set_extension_cb(TS_RESP_CTX *ctx,
+ TS_extension_cb cb, void *data);
+
+/* The following methods can be used in the callbacks. */
+int TS_RESP_CTX_set_status_info(TS_RESP_CTX *ctx,
+ int status, const char *text);
+
+/* Sets the status info only if it is still TS_STATUS_GRANTED. */
+int TS_RESP_CTX_set_status_info_cond(TS_RESP_CTX *ctx,
+ int status, const char *text);
+
+int TS_RESP_CTX_add_failure_info(TS_RESP_CTX *ctx, int failure);
+
+/* The get methods below can be used in the extension callback. */
+TS_REQ *TS_RESP_CTX_get_request(TS_RESP_CTX *ctx);
+
+TS_TST_INFO *TS_RESP_CTX_get_tst_info(TS_RESP_CTX *ctx);
+
+/*
+ * Creates the signed TS_TST_INFO and puts it in TS_RESP.
+ * In case of errors it sets the status info properly.
+ * Returns NULL only in case of memory allocation/fatal error.
+ */
+TS_RESP *TS_RESP_create_response(TS_RESP_CTX *ctx, BIO *req_bio);
+
+/*
+ * Declarations related to response verification,
+ * they are defined in ts/ts_resp_verify.c.
+ */
+
+int TS_RESP_verify_signature(PKCS7 *token, STACK_OF(X509) *certs,
+ X509_STORE *store, X509 **signer_out);
+
+/* Context structure for the generic verify method. */
+
+/* Verify the signer's certificate and the signature of the response. */
+# define TS_VFY_SIGNATURE (1u << 0)
+/* Verify the version number of the response. */
+# define TS_VFY_VERSION (1u << 1)
+/* Verify if the policy supplied by the user matches the policy of the TSA. */
+# define TS_VFY_POLICY (1u << 2)
+/*
+ * Verify the message imprint provided by the user. This flag should not be
+ * specified with TS_VFY_DATA.
+ */
+# define TS_VFY_IMPRINT (1u << 3)
+/*
+ * Verify the message imprint computed by the verify method from the user
+ * provided data and the MD algorithm of the response. This flag should not
+ * be specified with TS_VFY_IMPRINT.
+ */
+# define TS_VFY_DATA (1u << 4)
+/* Verify the nonce value. */
+# define TS_VFY_NONCE (1u << 5)
+/* Verify if the TSA name field matches the signer certificate. */
+# define TS_VFY_SIGNER (1u << 6)
+/* Verify if the TSA name field equals to the user provided name. */
+# define TS_VFY_TSA_NAME (1u << 7)
+
+/* You can use the following convenience constants. */
+# define TS_VFY_ALL_IMPRINT (TS_VFY_SIGNATURE \
+ | TS_VFY_VERSION \
+ | TS_VFY_POLICY \
+ | TS_VFY_IMPRINT \
+ | TS_VFY_NONCE \
+ | TS_VFY_SIGNER \
+ | TS_VFY_TSA_NAME)
+# define TS_VFY_ALL_DATA (TS_VFY_SIGNATURE \
+ | TS_VFY_VERSION \
+ | TS_VFY_POLICY \
+ | TS_VFY_DATA \
+ | TS_VFY_NONCE \
+ | TS_VFY_SIGNER \
+ | TS_VFY_TSA_NAME)
+
+typedef struct TS_verify_ctx TS_VERIFY_CTX;
+
+int TS_RESP_verify_response(TS_VERIFY_CTX *ctx, TS_RESP *response);
+int TS_RESP_verify_token(TS_VERIFY_CTX *ctx, PKCS7 *token);
+
+/*
+ * Declarations related to response verification context,
+ */
+TS_VERIFY_CTX *TS_VERIFY_CTX_new(void);
+void TS_VERIFY_CTX_init(TS_VERIFY_CTX *ctx);
+void TS_VERIFY_CTX_free(TS_VERIFY_CTX *ctx);
+void TS_VERIFY_CTX_cleanup(TS_VERIFY_CTX *ctx);
+int TS_VERIFY_CTX_set_flags(TS_VERIFY_CTX *ctx, int f);
+int TS_VERIFY_CTX_add_flags(TS_VERIFY_CTX *ctx, int f);
+BIO *TS_VERIFY_CTX_set_data(TS_VERIFY_CTX *ctx, BIO *b);
+unsigned char *TS_VERIFY_CTX_set_imprint(TS_VERIFY_CTX *ctx,
+ unsigned char *hexstr, long len);
+X509_STORE *TS_VERIFY_CTX_set_store(TS_VERIFY_CTX *ctx, X509_STORE *s);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define TS_VERIFY_CTS_set_certs(ctx, cert) TS_VERIFY_CTX_set_certs(ctx,cert)
+# endif
+STACK_OF(X509) *TS_VERIFY_CTX_set_certs(TS_VERIFY_CTX *ctx, STACK_OF(X509) *certs);
+
+/*-
+ * If ctx is NULL, it allocates and returns a new object, otherwise
+ * it returns ctx. It initialises all the members as follows:
+ * flags = TS_VFY_ALL_IMPRINT & ~(TS_VFY_TSA_NAME | TS_VFY_SIGNATURE)
+ * certs = NULL
+ * store = NULL
+ * policy = policy from the request or NULL if absent (in this case
+ * TS_VFY_POLICY is cleared from flags as well)
+ * md_alg = MD algorithm from request
+ * imprint, imprint_len = imprint from request
+ * data = NULL
+ * nonce, nonce_len = nonce from the request or NULL if absent (in this case
+ * TS_VFY_NONCE is cleared from flags as well)
+ * tsa_name = NULL
+ * Important: after calling this method TS_VFY_SIGNATURE should be added!
+ */
+TS_VERIFY_CTX *TS_REQ_to_TS_VERIFY_CTX(TS_REQ *req, TS_VERIFY_CTX *ctx);
+
+/* Function declarations for TS_RESP defined in ts/ts_resp_print.c */
+
+int TS_RESP_print_bio(BIO *bio, TS_RESP *a);
+int TS_STATUS_INFO_print_bio(BIO *bio, TS_STATUS_INFO *a);
+int TS_TST_INFO_print_bio(BIO *bio, TS_TST_INFO *a);
+
+/* Common utility functions defined in ts/ts_lib.c */
+
+int TS_ASN1_INTEGER_print_bio(BIO *bio, const ASN1_INTEGER *num);
+int TS_OBJ_print_bio(BIO *bio, const ASN1_OBJECT *obj);
+int TS_ext_print_bio(BIO *bio, const STACK_OF(X509_EXTENSION) *extensions);
+int TS_X509_ALGOR_print_bio(BIO *bio, const X509_ALGOR *alg);
+int TS_MSG_IMPRINT_print_bio(BIO *bio, TS_MSG_IMPRINT *msg);
+
+/*
+ * Function declarations for handling configuration options, defined in
+ * ts/ts_conf.c
+ */
+
+X509 *TS_CONF_load_cert(const char *file);
+STACK_OF(X509) *TS_CONF_load_certs(const char *file);
+EVP_PKEY *TS_CONF_load_key(const char *file, const char *pass);
+const char *TS_CONF_get_tsa_section(CONF *conf, const char *section);
+int TS_CONF_set_serial(CONF *conf, const char *section, TS_serial_cb cb,
+ TS_RESP_CTX *ctx);
+#ifndef OPENSSL_NO_ENGINE
+int TS_CONF_set_crypto_device(CONF *conf, const char *section,
+ const char *device);
+int TS_CONF_set_default_engine(const char *name);
+#endif
+int TS_CONF_set_signer_cert(CONF *conf, const char *section,
+ const char *cert, TS_RESP_CTX *ctx);
+int TS_CONF_set_certs(CONF *conf, const char *section, const char *certs,
+ TS_RESP_CTX *ctx);
+int TS_CONF_set_signer_key(CONF *conf, const char *section,
+ const char *key, const char *pass,
+ TS_RESP_CTX *ctx);
+int TS_CONF_set_signer_digest(CONF *conf, const char *section,
+ const char *md, TS_RESP_CTX *ctx);
+int TS_CONF_set_def_policy(CONF *conf, const char *section,
+ const char *policy, TS_RESP_CTX *ctx);
+int TS_CONF_set_policies(CONF *conf, const char *section, TS_RESP_CTX *ctx);
+int TS_CONF_set_digests(CONF *conf, const char *section, TS_RESP_CTX *ctx);
+int TS_CONF_set_accuracy(CONF *conf, const char *section, TS_RESP_CTX *ctx);
+int TS_CONF_set_clock_precision_digits(CONF *conf, const char *section,
+ TS_RESP_CTX *ctx);
+int TS_CONF_set_ordering(CONF *conf, const char *section, TS_RESP_CTX *ctx);
+int TS_CONF_set_tsa_name(CONF *conf, const char *section, TS_RESP_CTX *ctx);
+int TS_CONF_set_ess_cert_id_chain(CONF *conf, const char *section,
+ TS_RESP_CTX *ctx);
+int TS_CONF_set_ess_cert_id_digest(CONF *conf, const char *section,
+ TS_RESP_CTX *ctx);
+
+# ifdef __cplusplus
+}
+# endif
+# endif
+#endif
diff --git a/openssl/include/openssl/tserr.h b/openssl/include/openssl/tserr.h new file mode 100644 index 00000000..64e15d53 --- /dev/null +++ b/openssl/include/openssl/tserr.h @@ -0,0 +1,129 @@ +/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_TSERR_H
+# define OPENSSL_TSERR_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_TS
+
+# ifdef __cplusplus
+extern "C"
+# endif
+int ERR_load_TS_strings(void);
+
+/*
+ * TS function codes.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define TS_F_DEF_SERIAL_CB 0
+# define TS_F_DEF_TIME_CB 0
+# define TS_F_INT_TS_RESP_VERIFY_TOKEN 0
+# define TS_F_PKCS7_TO_TS_TST_INFO 0
+# define TS_F_TS_ACCURACY_SET_MICROS 0
+# define TS_F_TS_ACCURACY_SET_MILLIS 0
+# define TS_F_TS_ACCURACY_SET_SECONDS 0
+# define TS_F_TS_CHECK_IMPRINTS 0
+# define TS_F_TS_CHECK_NONCES 0
+# define TS_F_TS_CHECK_POLICY 0
+# define TS_F_TS_CHECK_SIGNING_CERTS 0
+# define TS_F_TS_CHECK_STATUS_INFO 0
+# define TS_F_TS_COMPUTE_IMPRINT 0
+# define TS_F_TS_CONF_INVALID 0
+# define TS_F_TS_CONF_LOAD_CERT 0
+# define TS_F_TS_CONF_LOAD_CERTS 0
+# define TS_F_TS_CONF_LOAD_KEY 0
+# define TS_F_TS_CONF_LOOKUP_FAIL 0
+# define TS_F_TS_CONF_SET_DEFAULT_ENGINE 0
+# define TS_F_TS_GET_STATUS_TEXT 0
+# define TS_F_TS_MSG_IMPRINT_SET_ALGO 0
+# define TS_F_TS_REQ_SET_MSG_IMPRINT 0
+# define TS_F_TS_REQ_SET_NONCE 0
+# define TS_F_TS_REQ_SET_POLICY_ID 0
+# define TS_F_TS_RESP_CREATE_RESPONSE 0
+# define TS_F_TS_RESP_CREATE_TST_INFO 0
+# define TS_F_TS_RESP_CTX_ADD_FAILURE_INFO 0
+# define TS_F_TS_RESP_CTX_ADD_MD 0
+# define TS_F_TS_RESP_CTX_ADD_POLICY 0
+# define TS_F_TS_RESP_CTX_NEW 0
+# define TS_F_TS_RESP_CTX_SET_ACCURACY 0
+# define TS_F_TS_RESP_CTX_SET_CERTS 0
+# define TS_F_TS_RESP_CTX_SET_DEF_POLICY 0
+# define TS_F_TS_RESP_CTX_SET_SIGNER_CERT 0
+# define TS_F_TS_RESP_CTX_SET_STATUS_INFO 0
+# define TS_F_TS_RESP_GET_POLICY 0
+# define TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION 0
+# define TS_F_TS_RESP_SET_STATUS_INFO 0
+# define TS_F_TS_RESP_SET_TST_INFO 0
+# define TS_F_TS_RESP_SIGN 0
+# define TS_F_TS_RESP_VERIFY_SIGNATURE 0
+# define TS_F_TS_TST_INFO_SET_ACCURACY 0
+# define TS_F_TS_TST_INFO_SET_MSG_IMPRINT 0
+# define TS_F_TS_TST_INFO_SET_NONCE 0
+# define TS_F_TS_TST_INFO_SET_POLICY_ID 0
+# define TS_F_TS_TST_INFO_SET_SERIAL 0
+# define TS_F_TS_TST_INFO_SET_TIME 0
+# define TS_F_TS_TST_INFO_SET_TSA 0
+# define TS_F_TS_VERIFY 0
+# define TS_F_TS_VERIFY_CERT 0
+# define TS_F_TS_VERIFY_CTX_NEW 0
+# endif
+
+/*
+ * TS reason codes.
+ */
+# define TS_R_BAD_PKCS7_TYPE 132
+# define TS_R_BAD_TYPE 133
+# define TS_R_CANNOT_LOAD_CERT 137
+# define TS_R_CANNOT_LOAD_KEY 138
+# define TS_R_CERTIFICATE_VERIFY_ERROR 100
+# define TS_R_COULD_NOT_SET_ENGINE 127
+# define TS_R_COULD_NOT_SET_TIME 115
+# define TS_R_DETACHED_CONTENT 134
+# define TS_R_ESS_ADD_SIGNING_CERT_ERROR 116
+# define TS_R_ESS_ADD_SIGNING_CERT_V2_ERROR 139
+# define TS_R_ESS_SIGNING_CERTIFICATE_ERROR 101
+# define TS_R_INVALID_NULL_POINTER 102
+# define TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE 117
+# define TS_R_MESSAGE_IMPRINT_MISMATCH 103
+# define TS_R_NONCE_MISMATCH 104
+# define TS_R_NONCE_NOT_RETURNED 105
+# define TS_R_NO_CONTENT 106
+# define TS_R_NO_TIME_STAMP_TOKEN 107
+# define TS_R_PKCS7_ADD_SIGNATURE_ERROR 118
+# define TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR 119
+# define TS_R_PKCS7_TO_TS_TST_INFO_FAILED 129
+# define TS_R_POLICY_MISMATCH 108
+# define TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 120
+# define TS_R_RESPONSE_SETUP_ERROR 121
+# define TS_R_SIGNATURE_FAILURE 109
+# define TS_R_THERE_MUST_BE_ONE_SIGNER 110
+# define TS_R_TIME_SYSCALL_ERROR 122
+# define TS_R_TOKEN_NOT_PRESENT 130
+# define TS_R_TOKEN_PRESENT 131
+# define TS_R_TSA_NAME_MISMATCH 111
+# define TS_R_TSA_UNTRUSTED 112
+# define TS_R_TST_INFO_SETUP_ERROR 123
+# define TS_R_TS_DATASIGN 124
+# define TS_R_UNACCEPTABLE_POLICY 125
+# define TS_R_UNSUPPORTED_MD_ALGORITHM 126
+# define TS_R_UNSUPPORTED_VERSION 113
+# define TS_R_VAR_BAD_VALUE 135
+# define TS_R_VAR_LOOKUP_FAILURE 136
+# define TS_R_WRONG_CONTENT_TYPE 114
+
+# endif
+#endif
diff --git a/openssl/include/openssl/txt_db.h b/openssl/include/openssl/txt_db.h new file mode 100644 index 00000000..7951bbaa --- /dev/null +++ b/openssl/include/openssl/txt_db.h @@ -0,0 +1,63 @@ +/*
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_TXT_DB_H
+# define OPENSSL_TXT_DB_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_TXT_DB_H
+# endif
+
+# include <openssl/opensslconf.h>
+# include <openssl/bio.h>
+# include <openssl/safestack.h>
+# include <openssl/lhash.h>
+
+# define DB_ERROR_OK 0
+# define DB_ERROR_MALLOC 1
+# define DB_ERROR_INDEX_CLASH 2
+# define DB_ERROR_INDEX_OUT_OF_RANGE 3
+# define DB_ERROR_NO_INDEX 4
+# define DB_ERROR_INSERT_INDEX_CLASH 5
+# define DB_ERROR_WRONG_NUM_FIELDS 6
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef OPENSSL_STRING *OPENSSL_PSTRING;
+DEFINE_SPECIAL_STACK_OF(OPENSSL_PSTRING, OPENSSL_STRING)
+
+typedef struct txt_db_st {
+ int num_fields;
+ STACK_OF(OPENSSL_PSTRING) *data;
+ LHASH_OF(OPENSSL_STRING) **index;
+ int (**qual) (OPENSSL_STRING *);
+ long error;
+ long arg1;
+ long arg2;
+ OPENSSL_STRING *arg_row;
+} TXT_DB;
+
+TXT_DB *TXT_DB_read(BIO *in, int num);
+long TXT_DB_write(BIO *out, TXT_DB *db);
+int TXT_DB_create_index(TXT_DB *db, int field, int (*qual) (OPENSSL_STRING *),
+ OPENSSL_LH_HASHFUNC hash, OPENSSL_LH_COMPFUNC cmp);
+void TXT_DB_free(TXT_DB *db);
+OPENSSL_STRING *TXT_DB_get_by_index(TXT_DB *db, int idx,
+ OPENSSL_STRING *value);
+int TXT_DB_insert(TXT_DB *db, OPENSSL_STRING *value);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/openssl/include/openssl/types.h b/openssl/include/openssl/types.h new file mode 100644 index 00000000..cde76a4f --- /dev/null +++ b/openssl/include/openssl/types.h @@ -0,0 +1,239 @@ +/*
+ * Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_TYPES_H
+# define OPENSSL_TYPES_H
+
+#include <limits.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# include <openssl/e_os2.h>
+# include <openssl/safestack.h>
+
+typedef struct ossl_provider_st OSSL_PROVIDER; /* Provider Object */
+
+# ifdef NO_ASN1_TYPEDEFS
+# define ASN1_INTEGER ASN1_STRING
+# define ASN1_ENUMERATED ASN1_STRING
+# define ASN1_BIT_STRING ASN1_STRING
+# define ASN1_OCTET_STRING ASN1_STRING
+# define ASN1_PRINTABLESTRING ASN1_STRING
+# define ASN1_T61STRING ASN1_STRING
+# define ASN1_IA5STRING ASN1_STRING
+# define ASN1_UTCTIME ASN1_STRING
+# define ASN1_GENERALIZEDTIME ASN1_STRING
+# define ASN1_TIME ASN1_STRING
+# define ASN1_GENERALSTRING ASN1_STRING
+# define ASN1_UNIVERSALSTRING ASN1_STRING
+# define ASN1_BMPSTRING ASN1_STRING
+# define ASN1_VISIBLESTRING ASN1_STRING
+# define ASN1_UTF8STRING ASN1_STRING
+# define ASN1_BOOLEAN int
+# define ASN1_NULL int
+# else
+typedef struct asn1_string_st ASN1_INTEGER;
+typedef struct asn1_string_st ASN1_ENUMERATED;
+typedef struct asn1_string_st ASN1_BIT_STRING;
+typedef struct asn1_string_st ASN1_OCTET_STRING;
+typedef struct asn1_string_st ASN1_PRINTABLESTRING;
+typedef struct asn1_string_st ASN1_T61STRING;
+typedef struct asn1_string_st ASN1_IA5STRING;
+typedef struct asn1_string_st ASN1_GENERALSTRING;
+typedef struct asn1_string_st ASN1_UNIVERSALSTRING;
+typedef struct asn1_string_st ASN1_BMPSTRING;
+typedef struct asn1_string_st ASN1_UTCTIME;
+typedef struct asn1_string_st ASN1_TIME;
+typedef struct asn1_string_st ASN1_GENERALIZEDTIME;
+typedef struct asn1_string_st ASN1_VISIBLESTRING;
+typedef struct asn1_string_st ASN1_UTF8STRING;
+typedef struct asn1_string_st ASN1_STRING;
+typedef int ASN1_BOOLEAN;
+typedef int ASN1_NULL;
+# endif
+
+typedef struct asn1_type_st ASN1_TYPE;
+typedef struct asn1_object_st ASN1_OBJECT;
+typedef struct asn1_string_table_st ASN1_STRING_TABLE;
+
+typedef struct ASN1_ITEM_st ASN1_ITEM;
+typedef struct asn1_pctx_st ASN1_PCTX;
+typedef struct asn1_sctx_st ASN1_SCTX;
+
+# ifdef _WIN32
+# undef X509_NAME
+# undef X509_EXTENSIONS
+# undef PKCS7_ISSUER_AND_SERIAL
+# undef PKCS7_SIGNER_INFO
+# undef OCSP_REQUEST
+# undef OCSP_RESPONSE
+# endif
+
+# ifdef BIGNUM
+# undef BIGNUM
+# endif
+
+typedef struct bio_st BIO;
+typedef struct bignum_st BIGNUM;
+typedef struct bignum_ctx BN_CTX;
+typedef struct bn_blinding_st BN_BLINDING;
+typedef struct bn_mont_ctx_st BN_MONT_CTX;
+typedef struct bn_recp_ctx_st BN_RECP_CTX;
+typedef struct bn_gencb_st BN_GENCB;
+
+typedef struct buf_mem_st BUF_MEM;
+
+STACK_OF(BIGNUM);
+STACK_OF(BIGNUM_const);
+
+typedef struct err_state_st ERR_STATE;
+
+typedef struct evp_cipher_st EVP_CIPHER;
+typedef struct evp_cipher_ctx_st EVP_CIPHER_CTX;
+typedef struct evp_md_st EVP_MD;
+typedef struct evp_md_ctx_st EVP_MD_CTX;
+typedef struct evp_mac_st EVP_MAC;
+typedef struct evp_mac_ctx_st EVP_MAC_CTX;
+typedef struct evp_pkey_st EVP_PKEY;
+
+typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
+
+typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+typedef struct evp_pkey_ctx_st EVP_PKEY_CTX;
+
+typedef struct evp_keymgmt_st EVP_KEYMGMT;
+
+typedef struct evp_kdf_st EVP_KDF;
+typedef struct evp_kdf_ctx_st EVP_KDF_CTX;
+
+typedef struct evp_rand_st EVP_RAND;
+typedef struct evp_rand_ctx_st EVP_RAND_CTX;
+
+typedef struct evp_keyexch_st EVP_KEYEXCH;
+
+typedef struct evp_signature_st EVP_SIGNATURE;
+
+typedef struct evp_asym_cipher_st EVP_ASYM_CIPHER;
+
+typedef struct evp_Encode_Ctx_st EVP_ENCODE_CTX;
+
+typedef struct hmac_ctx_st HMAC_CTX;
+
+typedef struct dh_st DH;
+typedef struct dh_method DH_METHOD;
+
+typedef struct dsa_st DSA;
+typedef struct dsa_method DSA_METHOD;
+
+typedef struct rsa_st RSA;
+typedef struct rsa_meth_st RSA_METHOD;
+typedef struct rsa_pss_params_st RSA_PSS_PARAMS;
+
+typedef struct ec_key_st EC_KEY;
+typedef struct ec_key_method_st EC_KEY_METHOD;
+
+typedef struct rand_meth_st RAND_METHOD;
+typedef struct rand_drbg_st RAND_DRBG;
+
+typedef struct ssl_dane_st SSL_DANE;
+typedef struct x509_st X509;
+typedef struct X509_algor_st X509_ALGOR;
+typedef struct X509_crl_st X509_CRL;
+typedef struct x509_crl_method_st X509_CRL_METHOD;
+typedef struct x509_revoked_st X509_REVOKED;
+typedef struct X509_name_st X509_NAME;
+typedef struct X509_pubkey_st X509_PUBKEY;
+typedef struct x509_store_st X509_STORE;
+typedef struct x509_store_ctx_st X509_STORE_CTX;
+
+typedef struct x509_object_st X509_OBJECT;
+typedef struct x509_lookup_st X509_LOOKUP;
+typedef struct x509_lookup_method_st X509_LOOKUP_METHOD;
+typedef struct X509_VERIFY_PARAM_st X509_VERIFY_PARAM;
+
+typedef struct x509_sig_info_st X509_SIG_INFO;
+
+typedef struct pkcs8_priv_key_info_st PKCS8_PRIV_KEY_INFO;
+
+typedef struct v3_ext_ctx X509V3_CTX;
+typedef struct conf_st CONF;
+typedef struct ossl_init_settings_st OPENSSL_INIT_SETTINGS;
+
+typedef struct ui_st UI;
+typedef struct ui_method_st UI_METHOD;
+
+typedef struct engine_st ENGINE;
+typedef struct ssl_st SSL;
+typedef struct ssl_ctx_st SSL_CTX;
+
+typedef struct comp_ctx_st COMP_CTX;
+typedef struct comp_method_st COMP_METHOD;
+
+typedef struct X509_POLICY_NODE_st X509_POLICY_NODE;
+typedef struct X509_POLICY_LEVEL_st X509_POLICY_LEVEL;
+typedef struct X509_POLICY_TREE_st X509_POLICY_TREE;
+typedef struct X509_POLICY_CACHE_st X509_POLICY_CACHE;
+
+typedef struct AUTHORITY_KEYID_st AUTHORITY_KEYID;
+typedef struct DIST_POINT_st DIST_POINT;
+typedef struct ISSUING_DIST_POINT_st ISSUING_DIST_POINT;
+typedef struct NAME_CONSTRAINTS_st NAME_CONSTRAINTS;
+
+typedef struct crypto_ex_data_st CRYPTO_EX_DATA;
+
+typedef struct ossl_http_req_ctx_st OCSP_REQ_CTX; /* backward compatibility */
+typedef struct ocsp_response_st OCSP_RESPONSE;
+typedef struct ocsp_responder_id_st OCSP_RESPID;
+
+typedef struct sct_st SCT;
+typedef struct sct_ctx_st SCT_CTX;
+typedef struct ctlog_st CTLOG;
+typedef struct ctlog_store_st CTLOG_STORE;
+typedef struct ct_policy_eval_ctx_st CT_POLICY_EVAL_CTX;
+
+typedef struct ossl_store_info_st OSSL_STORE_INFO;
+typedef struct ossl_store_search_st OSSL_STORE_SEARCH;
+
+typedef struct openssl_ctx_st OPENSSL_CTX;
+
+typedef struct ossl_dispatch_st OSSL_DISPATCH;
+typedef struct ossl_item_st OSSL_ITEM;
+typedef struct ossl_algorithm_st OSSL_ALGORITHM;
+typedef struct ossl_param_st OSSL_PARAM;
+typedef struct ossl_param_bld_st OSSL_PARAM_BLD;
+
+typedef int pem_password_cb (char *buf, int size, int rwflag, void *userdata);
+
+typedef struct ossl_serializer_st OSSL_SERIALIZER;
+typedef struct ossl_serializer_ctx_st OSSL_SERIALIZER_CTX;
+
+typedef struct ossl_self_test_st OSSL_SELF_TEST;
+
+#if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 199901L && \
+ defined(INTMAX_MAX) && defined(UINTMAX_MAX)
+typedef intmax_t ossl_intmax_t;
+typedef uintmax_t ossl_uintmax_t;
+#else
+/*
+ * Not long long, because the C-library can only be expected to provide
+ * strtoll(), strtoull() at the same time as intmax_t and strtoimax(),
+ * strtoumax(). Since we use these for parsing arguments, we need the
+ * conversion functions, not just the sizes.
+ */
+typedef long ossl_intmax_t;
+typedef unsigned long ossl_uintmax_t;
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* OPENSSL_TYPES_H */
diff --git a/openssl/include/openssl/ui.h b/openssl/include/openssl/ui.h new file mode 100644 index 00000000..9ec42e5a --- /dev/null +++ b/openssl/include/openssl/ui.h @@ -0,0 +1,375 @@ +/*
+ * Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_UI_H
+# define OPENSSL_UI_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_UI_H
+# endif
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# include <openssl/crypto.h>
+# endif
+# include <openssl/safestack.h>
+# include <openssl/pem.h>
+# include <openssl/types.h>
+# include <openssl/uierr.h>
+
+/* For compatibility reasons, the macro OPENSSL_NO_UI is currently retained */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# ifdef OPENSSL_NO_UI_CONSOLE
+# define OPENSSL_NO_UI
+# endif
+# endif
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+/*
+ * All the following functions return -1 or NULL on error and in some cases
+ * (UI_process()) -2 if interrupted or in some other way cancelled. When
+ * everything is fine, they return 0, a positive value or a non-NULL pointer,
+ * all depending on their purpose.
+ */
+
+/* Creators and destructor. */
+UI *UI_new(void);
+UI *UI_new_method(const UI_METHOD *method);
+void UI_free(UI *ui);
+
+/*-
+ The following functions are used to add strings to be printed and prompt
+ strings to prompt for data. The names are UI_{add,dup}_<function>_string
+ and UI_{add,dup}_input_boolean.
+
+ UI_{add,dup}_<function>_string have the following meanings:
+ add add a text or prompt string. The pointers given to these
+ functions are used verbatim, no copying is done.
+ dup make a copy of the text or prompt string, then add the copy
+ to the collection of strings in the user interface.
+ <function>
+ The function is a name for the functionality that the given
+ string shall be used for. It can be one of:
+ input use the string as data prompt.
+ verify use the string as verification prompt. This
+ is used to verify a previous input.
+ info use the string for informational output.
+ error use the string for error output.
+ Honestly, there's currently no difference between info and error for the
+ moment.
+
+ UI_{add,dup}_input_boolean have the same semantics for "add" and "dup",
+ and are typically used when one wants to prompt for a yes/no response.
+
+ All of the functions in this group take a UI and a prompt string.
+ The string input and verify addition functions also take a flag argument,
+ a buffer for the result to end up with, a minimum input size and a maximum
+ input size (the result buffer MUST be large enough to be able to contain
+ the maximum number of characters). Additionally, the verify addition
+ functions takes another buffer to compare the result against.
+ The boolean input functions take an action description string (which should
+ be safe to ignore if the expected user action is obvious, for example with
+ a dialog box with an OK button and a Cancel button), a string of acceptable
+ characters to mean OK and to mean Cancel. The two last strings are checked
+ to make sure they don't have common characters. Additionally, the same
+ flag argument as for the string input is taken, as well as a result buffer.
+ The result buffer is required to be at least one byte long. Depending on
+ the answer, the first character from the OK or the Cancel character strings
+ will be stored in the first byte of the result buffer. No NUL will be
+ added, so the result is *not* a string.
+
+ On success, the all return an index of the added information. That index
+ is useful when retrieving results with UI_get0_result(). */
+int UI_add_input_string(UI *ui, const char *prompt, int flags,
+ char *result_buf, int minsize, int maxsize);
+int UI_dup_input_string(UI *ui, const char *prompt, int flags,
+ char *result_buf, int minsize, int maxsize);
+int UI_add_verify_string(UI *ui, const char *prompt, int flags,
+ char *result_buf, int minsize, int maxsize,
+ const char *test_buf);
+int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
+ char *result_buf, int minsize, int maxsize,
+ const char *test_buf);
+int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+ const char *ok_chars, const char *cancel_chars,
+ int flags, char *result_buf);
+int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+ const char *ok_chars, const char *cancel_chars,
+ int flags, char *result_buf);
+int UI_add_info_string(UI *ui, const char *text);
+int UI_dup_info_string(UI *ui, const char *text);
+int UI_add_error_string(UI *ui, const char *text);
+int UI_dup_error_string(UI *ui, const char *text);
+
+/* These are the possible flags. They can be or'ed together. */
+/* Use to have echoing of input */
+# define UI_INPUT_FLAG_ECHO 0x01
+/*
+ * Use a default password. Where that password is found is completely up to
+ * the application, it might for example be in the user data set with
+ * UI_add_user_data(). It is not recommended to have more than one input in
+ * each UI being marked with this flag, or the application might get
+ * confused.
+ */
+# define UI_INPUT_FLAG_DEFAULT_PWD 0x02
+
+/*-
+ * The user of these routines may want to define flags of their own. The core
+ * UI won't look at those, but will pass them on to the method routines. They
+ * must use higher bits so they don't get confused with the UI bits above.
+ * UI_INPUT_FLAG_USER_BASE tells which is the lowest bit to use. A good
+ * example of use is this:
+ *
+ * #define MY_UI_FLAG1 (0x01 << UI_INPUT_FLAG_USER_BASE)
+ *
+*/
+# define UI_INPUT_FLAG_USER_BASE 16
+
+/*-
+ * The following function helps construct a prompt. object_desc is a
+ * textual short description of the object, for example "pass phrase",
+ * and object_name is the name of the object (might be a card name or
+ * a file name.
+ * The returned string shall always be allocated on the heap with
+ * OPENSSL_malloc(), and need to be free'd with OPENSSL_free().
+ *
+ * If the ui_method doesn't contain a pointer to a user-defined prompt
+ * constructor, a default string is built, looking like this:
+ *
+ * "Enter {object_desc} for {object_name}:"
+ *
+ * So, if object_desc has the value "pass phrase" and object_name has
+ * the value "foo.key", the resulting string is:
+ *
+ * "Enter pass phrase for foo.key:"
+*/
+char *UI_construct_prompt(UI *ui_method,
+ const char *object_desc, const char *object_name);
+
+/*
+ * The following function is used to store a pointer to user-specific data.
+ * Any previous such pointer will be returned and replaced.
+ *
+ * For callback purposes, this function makes a lot more sense than using
+ * ex_data, since the latter requires that different parts of OpenSSL or
+ * applications share the same ex_data index.
+ *
+ * Note that the UI_OpenSSL() method completely ignores the user data. Other
+ * methods may not, however.
+ */
+void *UI_add_user_data(UI *ui, void *user_data);
+/*
+ * Alternatively, this function is used to duplicate the user data.
+ * This uses the duplicator method function. The destroy function will
+ * be used to free the user data in this case.
+ */
+int UI_dup_user_data(UI *ui, void *user_data);
+/* We need a user data retrieving function as well. */
+void *UI_get0_user_data(UI *ui);
+
+/* Return the result associated with a prompt given with the index i. */
+const char *UI_get0_result(UI *ui, int i);
+int UI_get_result_length(UI *ui, int i);
+
+/* When all strings have been added, process the whole thing. */
+int UI_process(UI *ui);
+
+/*
+ * Give a user interface parameterised control commands. This can be used to
+ * send down an integer, a data pointer or a function pointer, as well as be
+ * used to get information from a UI.
+ */
+int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f) (void));
+
+/* The commands */
+/*
+ * Use UI_CONTROL_PRINT_ERRORS with the value 1 to have UI_process print the
+ * OpenSSL error stack before printing any info or added error messages and
+ * before any prompting.
+ */
+# define UI_CTRL_PRINT_ERRORS 1
+/*
+ * Check if a UI_process() is possible to do again with the same instance of
+ * a user interface. This makes UI_ctrl() return 1 if it is redoable, and 0
+ * if not.
+ */
+# define UI_CTRL_IS_REDOABLE 2
+
+/* Some methods may use extra data */
+# define UI_set_app_data(s,arg) UI_set_ex_data(s,0,arg)
+# define UI_get_app_data(s) UI_get_ex_data(s,0)
+
+# define UI_get_ex_new_index(l, p, newf, dupf, freef) \
+ CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_UI, l, p, newf, dupf, freef)
+int UI_set_ex_data(UI *r, int idx, void *arg);
+void *UI_get_ex_data(const UI *r, int idx);
+
+/* Use specific methods instead of the built-in one */
+void UI_set_default_method(const UI_METHOD *meth);
+const UI_METHOD *UI_get_default_method(void);
+const UI_METHOD *UI_get_method(UI *ui);
+const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
+
+# ifndef OPENSSL_NO_UI_CONSOLE
+
+/* The method with all the built-in thingies */
+UI_METHOD *UI_OpenSSL(void);
+
+# endif
+
+/*
+ * NULL method. Literally does nothing, but may serve as a placeholder
+ * to avoid internal default.
+ */
+const UI_METHOD *UI_null(void);
+
+/* ---------- For method writers ---------- */
+/*-
+ A method contains a number of functions that implement the low level
+ of the User Interface. The functions are:
+
+ an opener This function starts a session, maybe by opening
+ a channel to a tty, or by opening a window.
+ a writer This function is called to write a given string,
+ maybe to the tty, maybe as a field label in a
+ window.
+ a flusher This function is called to flush everything that
+ has been output so far. It can be used to actually
+ display a dialog box after it has been built.
+ a reader This function is called to read a given prompt,
+ maybe from the tty, maybe from a field in a
+ window. Note that it's called with all string
+ structures, not only the prompt ones, so it must
+ check such things itself.
+ a closer This function closes the session, maybe by closing
+ the channel to the tty, or closing the window.
+
+ All these functions are expected to return:
+
+ 0 on error.
+ 1 on success.
+ -1 on out-of-band events, for example if some prompting has
+ been canceled (by pressing Ctrl-C, for example). This is
+ only checked when returned by the flusher or the reader.
+
+ The way this is used, the opener is first called, then the writer for all
+ strings, then the flusher, then the reader for all strings and finally the
+ closer. Note that if you want to prompt from a terminal or other command
+ line interface, the best is to have the reader also write the prompts
+ instead of having the writer do it. If you want to prompt from a dialog
+ box, the writer can be used to build up the contents of the box, and the
+ flusher to actually display the box and run the event loop until all data
+ has been given, after which the reader only grabs the given data and puts
+ them back into the UI strings.
+
+ All method functions take a UI as argument. Additionally, the writer and
+ the reader take a UI_STRING.
+*/
+
+/*
+ * The UI_STRING type is the data structure that contains all the needed info
+ * about a string or a prompt, including test data for a verification prompt.
+ */
+typedef struct ui_string_st UI_STRING;
+
+DEFINE_OR_DECLARE_STACK_OF(UI_STRING)
+
+/*
+ * The different types of strings that are currently supported. This is only
+ * needed by method authors.
+ */
+enum UI_string_types {
+ UIT_NONE = 0,
+ UIT_PROMPT, /* Prompt for a string */
+ UIT_VERIFY, /* Prompt for a string and verify */
+ UIT_BOOLEAN, /* Prompt for a yes/no response */
+ UIT_INFO, /* Send info to the user */
+ UIT_ERROR /* Send an error message to the user */
+};
+
+/* Create and manipulate methods */
+UI_METHOD *UI_create_method(const char *name);
+void UI_destroy_method(UI_METHOD *ui_method);
+int UI_method_set_opener(UI_METHOD *method, int (*opener) (UI *ui));
+int UI_method_set_writer(UI_METHOD *method,
+ int (*writer) (UI *ui, UI_STRING *uis));
+int UI_method_set_flusher(UI_METHOD *method, int (*flusher) (UI *ui));
+int UI_method_set_reader(UI_METHOD *method,
+ int (*reader) (UI *ui, UI_STRING *uis));
+int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui));
+int UI_method_set_data_duplicator(UI_METHOD *method,
+ void *(*duplicator) (UI *ui, void *ui_data),
+ void (*destructor)(UI *ui, void *ui_data));
+int UI_method_set_prompt_constructor(UI_METHOD *method,
+ char *(*prompt_constructor) (UI *ui,
+ const char
+ *object_desc,
+ const char
+ *object_name));
+int UI_method_set_ex_data(UI_METHOD *method, int idx, void *data);
+int (*UI_method_get_opener(const UI_METHOD *method)) (UI *);
+int (*UI_method_get_writer(const UI_METHOD *method)) (UI *, UI_STRING *);
+int (*UI_method_get_flusher(const UI_METHOD *method)) (UI *);
+int (*UI_method_get_reader(const UI_METHOD *method)) (UI *, UI_STRING *);
+int (*UI_method_get_closer(const UI_METHOD *method)) (UI *);
+char *(*UI_method_get_prompt_constructor(const UI_METHOD *method))
+ (UI *, const char *, const char *);
+void *(*UI_method_get_data_duplicator(const UI_METHOD *method)) (UI *, void *);
+void (*UI_method_get_data_destructor(const UI_METHOD *method)) (UI *, void *);
+const void *UI_method_get_ex_data(const UI_METHOD *method, int idx);
+
+/*
+ * The following functions are helpers for method writers to access relevant
+ * data from a UI_STRING.
+ */
+
+/* Return type of the UI_STRING */
+enum UI_string_types UI_get_string_type(UI_STRING *uis);
+/* Return input flags of the UI_STRING */
+int UI_get_input_flags(UI_STRING *uis);
+/* Return the actual string to output (the prompt, info or error) */
+const char *UI_get0_output_string(UI_STRING *uis);
+/*
+ * Return the optional action string to output (the boolean prompt
+ * instruction)
+ */
+const char *UI_get0_action_string(UI_STRING *uis);
+/* Return the result of a prompt */
+const char *UI_get0_result_string(UI_STRING *uis);
+int UI_get_result_string_length(UI_STRING *uis);
+/*
+ * Return the string to test the result against. Only useful with verifies.
+ */
+const char *UI_get0_test_string(UI_STRING *uis);
+/* Return the required minimum size of the result */
+int UI_get_result_minsize(UI_STRING *uis);
+/* Return the required maximum size of the result */
+int UI_get_result_maxsize(UI_STRING *uis);
+/* Set the result of a UI_STRING. */
+int UI_set_result(UI *ui, UI_STRING *uis, const char *result);
+int UI_set_result_ex(UI *ui, UI_STRING *uis, const char *result, int len);
+
+/* A couple of popular utility functions */
+int UI_UTIL_read_pw_string(char *buf, int length, const char *prompt,
+ int verify);
+int UI_UTIL_read_pw(char *buf, char *buff, int size, const char *prompt,
+ int verify);
+UI_METHOD *UI_UTIL_wrap_read_pem_callback(pem_password_cb *cb, int rwflag);
+
+
+# ifdef __cplusplus
+}
+# endif
+#endif
diff --git a/openssl/include/openssl/uierr.h b/openssl/include/openssl/uierr.h new file mode 100644 index 00000000..44d243cf --- /dev/null +++ b/openssl/include/openssl/uierr.h @@ -0,0 +1,68 @@ +/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_UIERR_H
+# define OPENSSL_UIERR_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+
+
+# ifdef __cplusplus
+extern "C"
+# endif
+int ERR_load_UI_strings(void);
+
+/*
+ * UI function codes.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define UI_F_CLOSE_CONSOLE 0
+# define UI_F_ECHO_CONSOLE 0
+# define UI_F_GENERAL_ALLOCATE_BOOLEAN 0
+# define UI_F_GENERAL_ALLOCATE_PROMPT 0
+# define UI_F_NOECHO_CONSOLE 0
+# define UI_F_OPEN_CONSOLE 0
+# define UI_F_UI_CONSTRUCT_PROMPT 0
+# define UI_F_UI_CREATE_METHOD 0
+# define UI_F_UI_CTRL 0
+# define UI_F_UI_DUP_ERROR_STRING 0
+# define UI_F_UI_DUP_INFO_STRING 0
+# define UI_F_UI_DUP_INPUT_BOOLEAN 0
+# define UI_F_UI_DUP_INPUT_STRING 0
+# define UI_F_UI_DUP_USER_DATA 0
+# define UI_F_UI_DUP_VERIFY_STRING 0
+# define UI_F_UI_GET0_RESULT 0
+# define UI_F_UI_GET_RESULT_LENGTH 0
+# define UI_F_UI_NEW_METHOD 0
+# define UI_F_UI_PROCESS 0
+# define UI_F_UI_SET_RESULT 0
+# define UI_F_UI_SET_RESULT_EX 0
+# endif
+
+/*
+ * UI reason codes.
+ */
+# define UI_R_COMMON_OK_AND_CANCEL_CHARACTERS 104
+# define UI_R_INDEX_TOO_LARGE 102
+# define UI_R_INDEX_TOO_SMALL 103
+# define UI_R_NO_RESULT_BUFFER 105
+# define UI_R_PROCESSING_ERROR 107
+# define UI_R_RESULT_TOO_LARGE 100
+# define UI_R_RESULT_TOO_SMALL 101
+# define UI_R_SYSASSIGN_ERROR 109
+# define UI_R_SYSDASSGN_ERROR 110
+# define UI_R_SYSQIOW_ERROR 111
+# define UI_R_UNKNOWN_CONTROL_COMMAND 106
+# define UI_R_UNKNOWN_TTYGET_ERRNO_VALUE 108
+# define UI_R_USER_DATA_DUPLICATION_UNSUPPORTED 112
+
+#endif
diff --git a/openssl/include/openssl/whrlpool.h b/openssl/include/openssl/whrlpool.h new file mode 100644 index 00000000..e6a27b3d --- /dev/null +++ b/openssl/include/openssl/whrlpool.h @@ -0,0 +1,61 @@ +/*
+ * Copyright 2005-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_WHRLPOOL_H
+# define OPENSSL_WHRLPOOL_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_WHRLPOOL_H
+# endif
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_WHIRLPOOL
+# include <openssl/e_os2.h>
+# include <stddef.h>
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+# define WHIRLPOOL_DIGEST_LENGTH (512/8)
+
+# if !defined(OPENSSL_NO_DEPRECATED_3_0)
+
+# define WHIRLPOOL_BBLOCK 512
+# define WHIRLPOOL_COUNTER (256/8)
+
+typedef struct {
+ union {
+ unsigned char c[WHIRLPOOL_DIGEST_LENGTH];
+ /* double q is here to ensure 64-bit alignment */
+ double q[WHIRLPOOL_DIGEST_LENGTH / sizeof(double)];
+ } H;
+ unsigned char data[WHIRLPOOL_BBLOCK / 8];
+ unsigned int bitoff;
+ size_t bitlen[WHIRLPOOL_COUNTER / sizeof(size_t)];
+} WHIRLPOOL_CTX;
+# endif
+
+DEPRECATEDIN_3_0(int WHIRLPOOL_Init(WHIRLPOOL_CTX *c))
+DEPRECATEDIN_3_0(int WHIRLPOOL_Update(WHIRLPOOL_CTX *c,
+ const void *inp, size_t bytes))
+DEPRECATEDIN_3_0(void WHIRLPOOL_BitUpdate(WHIRLPOOL_CTX *c, const void *inp,
+ size_t bits))
+DEPRECATEDIN_3_0(int WHIRLPOOL_Final(unsigned char *md, WHIRLPOOL_CTX *c))
+DEPRECATEDIN_3_0(unsigned char *WHIRLPOOL(const void *inp, size_t bytes,
+ unsigned char *md))
+
+# ifdef __cplusplus
+}
+# endif
+# endif
+
+#endif
diff --git a/openssl/include/openssl/x509.h b/openssl/include/openssl/x509.h new file mode 100644 index 00000000..6b47f1e6 --- /dev/null +++ b/openssl/include/openssl/x509.h @@ -0,0 +1,1072 @@ +/*
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_X509_H
+# define OPENSSL_X509_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_X509_H
+# endif
+
+# include <openssl/e_os2.h>
+# include <openssl/types.h>
+# include <openssl/symhacks.h>
+# include <openssl/buffer.h>
+# include <openssl/evp.h>
+# include <openssl/bio.h>
+# include <openssl/asn1.h>
+# include <openssl/safestack.h>
+# include <openssl/ec.h>
+
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# include <openssl/rsa.h>
+# include <openssl/dsa.h>
+# include <openssl/dh.h>
+# endif
+
+# include <openssl/sha.h>
+# include <openssl/x509err.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Needed stacks for types defined in other headers */
+DEFINE_OR_DECLARE_STACK_OF(X509_NAME)
+DEFINE_OR_DECLARE_STACK_OF(X509)
+DEFINE_OR_DECLARE_STACK_OF(X509_REVOKED)
+DEFINE_OR_DECLARE_STACK_OF(X509_CRL)
+
+/* Flags for X509_get_signature_info() */
+/* Signature info is valid */
+# define X509_SIG_INFO_VALID 0x1
+/* Signature is suitable for TLS use */
+# define X509_SIG_INFO_TLS 0x2
+
+# define X509_FILETYPE_PEM 1
+# define X509_FILETYPE_ASN1 2
+# define X509_FILETYPE_DEFAULT 3
+
+# define X509v3_KU_DIGITAL_SIGNATURE 0x0080
+# define X509v3_KU_NON_REPUDIATION 0x0040
+# define X509v3_KU_KEY_ENCIPHERMENT 0x0020
+# define X509v3_KU_DATA_ENCIPHERMENT 0x0010
+# define X509v3_KU_KEY_AGREEMENT 0x0008
+# define X509v3_KU_KEY_CERT_SIGN 0x0004
+# define X509v3_KU_CRL_SIGN 0x0002
+# define X509v3_KU_ENCIPHER_ONLY 0x0001
+# define X509v3_KU_DECIPHER_ONLY 0x8000
+# define X509v3_KU_UNDEF 0xffff
+
+struct X509_algor_st {
+ ASN1_OBJECT *algorithm;
+ ASN1_TYPE *parameter;
+} /* X509_ALGOR */ ;
+
+typedef STACK_OF(X509_ALGOR) X509_ALGORS;
+
+typedef struct X509_val_st {
+ ASN1_TIME *notBefore;
+ ASN1_TIME *notAfter;
+} X509_VAL;
+
+typedef struct X509_sig_st X509_SIG;
+
+typedef struct X509_name_entry_st X509_NAME_ENTRY;
+DEFINE_OR_DECLARE_STACK_OF(X509_NAME_ENTRY)
+
+
+# define X509_EX_V_NETSCAPE_HACK 0x8000
+# define X509_EX_V_INIT 0x0001
+typedef struct X509_extension_st X509_EXTENSION;
+DEFINE_OR_DECLARE_STACK_OF(X509_EXTENSION)
+typedef STACK_OF(X509_EXTENSION) X509_EXTENSIONS;
+typedef struct x509_attributes_st X509_ATTRIBUTE;
+DEFINE_OR_DECLARE_STACK_OF(X509_ATTRIBUTE)
+typedef struct X509_req_info_st X509_REQ_INFO;
+typedef struct X509_req_st X509_REQ;
+typedef struct x509_cert_aux_st X509_CERT_AUX;
+typedef struct x509_cinf_st X509_CINF;
+
+/* This is used for a table of trust checking functions */
+
+typedef struct x509_trust_st {
+ int trust;
+ int flags;
+ int (*check_trust) (struct x509_trust_st *, X509 *, int);
+ char *name;
+ int arg1;
+ void *arg2;
+} X509_TRUST;
+DEFINE_OR_DECLARE_STACK_OF(X509_TRUST)
+
+
+/* standard trust ids */
+
+# define X509_TRUST_DEFAULT 0 /* Only valid in purpose settings */
+
+# define X509_TRUST_COMPAT 1
+# define X509_TRUST_SSL_CLIENT 2
+# define X509_TRUST_SSL_SERVER 3
+# define X509_TRUST_EMAIL 4
+# define X509_TRUST_OBJECT_SIGN 5
+# define X509_TRUST_OCSP_SIGN 6
+# define X509_TRUST_OCSP_REQUEST 7
+# define X509_TRUST_TSA 8
+
+/* Keep these up to date! */
+# define X509_TRUST_MIN 1
+# define X509_TRUST_MAX 8
+
+/* trust_flags values */
+# define X509_TRUST_DYNAMIC (1U << 0)
+# define X509_TRUST_DYNAMIC_NAME (1U << 1)
+/* No compat trust if self-signed, preempts "DO_SS" */
+# define X509_TRUST_NO_SS_COMPAT (1U << 2)
+/* Compat trust if no explicit accepted trust EKUs */
+# define X509_TRUST_DO_SS_COMPAT (1U << 3)
+/* Accept "anyEKU" as a wildcard trust OID */
+# define X509_TRUST_OK_ANY_EKU (1U << 4)
+
+/* check_trust return codes */
+
+# define X509_TRUST_TRUSTED 1
+# define X509_TRUST_REJECTED 2
+# define X509_TRUST_UNTRUSTED 3
+
+/* Flags for X509_print_ex() */
+
+# define X509_FLAG_COMPAT 0
+# define X509_FLAG_NO_HEADER 1L
+# define X509_FLAG_NO_VERSION (1L << 1)
+# define X509_FLAG_NO_SERIAL (1L << 2)
+# define X509_FLAG_NO_SIGNAME (1L << 3)
+# define X509_FLAG_NO_ISSUER (1L << 4)
+# define X509_FLAG_NO_VALIDITY (1L << 5)
+# define X509_FLAG_NO_SUBJECT (1L << 6)
+# define X509_FLAG_NO_PUBKEY (1L << 7)
+# define X509_FLAG_NO_EXTENSIONS (1L << 8)
+# define X509_FLAG_NO_SIGDUMP (1L << 9)
+# define X509_FLAG_NO_AUX (1L << 10)
+# define X509_FLAG_NO_ATTRIBUTES (1L << 11)
+# define X509_FLAG_NO_IDS (1L << 12)
+
+/* Flags specific to X509_NAME_print_ex() */
+
+/* The field separator information */
+
+# define XN_FLAG_SEP_MASK (0xf << 16)
+
+# define XN_FLAG_COMPAT 0/* Traditional; use old X509_NAME_print */
+# define XN_FLAG_SEP_COMMA_PLUS (1 << 16)/* RFC2253 ,+ */
+# define XN_FLAG_SEP_CPLUS_SPC (2 << 16)/* ,+ spaced: more readable */
+# define XN_FLAG_SEP_SPLUS_SPC (3 << 16)/* ;+ spaced */
+# define XN_FLAG_SEP_MULTILINE (4 << 16)/* One line per field */
+
+# define XN_FLAG_DN_REV (1 << 20)/* Reverse DN order */
+
+/* How the field name is shown */
+
+# define XN_FLAG_FN_MASK (0x3 << 21)
+
+# define XN_FLAG_FN_SN 0/* Object short name */
+# define XN_FLAG_FN_LN (1 << 21)/* Object long name */
+# define XN_FLAG_FN_OID (2 << 21)/* Always use OIDs */
+# define XN_FLAG_FN_NONE (3 << 21)/* No field names */
+
+# define XN_FLAG_SPC_EQ (1 << 23)/* Put spaces round '=' */
+
+/*
+ * This determines if we dump fields we don't recognise: RFC2253 requires
+ * this.
+ */
+
+# define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24)
+
+# define XN_FLAG_FN_ALIGN (1 << 25)/* Align field names to 20
+ * characters */
+
+/* Complete set of RFC2253 flags */
+
+# define XN_FLAG_RFC2253 (ASN1_STRFLGS_RFC2253 | \
+ XN_FLAG_SEP_COMMA_PLUS | \
+ XN_FLAG_DN_REV | \
+ XN_FLAG_FN_SN | \
+ XN_FLAG_DUMP_UNKNOWN_FIELDS)
+
+/* readable oneline form */
+
+# define XN_FLAG_ONELINE (ASN1_STRFLGS_RFC2253 | \
+ ASN1_STRFLGS_ESC_QUOTE | \
+ XN_FLAG_SEP_CPLUS_SPC | \
+ XN_FLAG_SPC_EQ | \
+ XN_FLAG_FN_SN)
+
+/* readable multiline form */
+
+# define XN_FLAG_MULTILINE (ASN1_STRFLGS_ESC_CTRL | \
+ ASN1_STRFLGS_ESC_MSB | \
+ XN_FLAG_SEP_MULTILINE | \
+ XN_FLAG_SPC_EQ | \
+ XN_FLAG_FN_LN | \
+ XN_FLAG_FN_ALIGN)
+
+typedef struct X509_crl_info_st X509_CRL_INFO;
+
+typedef struct private_key_st {
+ int version;
+ /* The PKCS#8 data types */
+ X509_ALGOR *enc_algor;
+ ASN1_OCTET_STRING *enc_pkey; /* encrypted pub key */
+ /* When decrypted, the following will not be NULL */
+ EVP_PKEY *dec_pkey;
+ /* used to encrypt and decrypt */
+ int key_length;
+ char *key_data;
+ int key_free; /* true if we should auto free key_data */
+ /* expanded version of 'enc_algor' */
+ EVP_CIPHER_INFO cipher;
+} X509_PKEY;
+
+typedef struct X509_info_st {
+ X509 *x509;
+ X509_CRL *crl;
+ X509_PKEY *x_pkey;
+ EVP_CIPHER_INFO enc_cipher;
+ int enc_len;
+ char *enc_data;
+} X509_INFO;
+DEFINE_OR_DECLARE_STACK_OF(X509_INFO)
+
+/*
+ * The next 2 structures and their 8 routines are used to manipulate Netscape's
+ * spki structures - useful if you are writing a CA web page
+ */
+typedef struct Netscape_spkac_st {
+ X509_PUBKEY *pubkey;
+ ASN1_IA5STRING *challenge; /* challenge sent in atlas >= PR2 */
+} NETSCAPE_SPKAC;
+
+typedef struct Netscape_spki_st {
+ NETSCAPE_SPKAC *spkac; /* signed public key and challenge */
+ X509_ALGOR sig_algor;
+ ASN1_BIT_STRING *signature;
+} NETSCAPE_SPKI;
+
+/* Netscape certificate sequence structure */
+typedef struct Netscape_certificate_sequence {
+ ASN1_OBJECT *type;
+ STACK_OF(X509) *certs;
+} NETSCAPE_CERT_SEQUENCE;
+
+/*- Unused (and iv length is wrong)
+typedef struct CBCParameter_st
+ {
+ unsigned char iv[8];
+ } CBC_PARAM;
+*/
+
+/* Password based encryption structure */
+
+typedef struct PBEPARAM_st {
+ ASN1_OCTET_STRING *salt;
+ ASN1_INTEGER *iter;
+} PBEPARAM;
+
+/* Password based encryption V2 structures */
+
+typedef struct PBE2PARAM_st {
+ X509_ALGOR *keyfunc;
+ X509_ALGOR *encryption;
+} PBE2PARAM;
+
+typedef struct PBKDF2PARAM_st {
+/* Usually OCTET STRING but could be anything */
+ ASN1_TYPE *salt;
+ ASN1_INTEGER *iter;
+ ASN1_INTEGER *keylength;
+ X509_ALGOR *prf;
+} PBKDF2PARAM;
+
+#ifndef OPENSSL_NO_SCRYPT
+typedef struct SCRYPT_PARAMS_st {
+ ASN1_OCTET_STRING *salt;
+ ASN1_INTEGER *costParameter;
+ ASN1_INTEGER *blockSize;
+ ASN1_INTEGER *parallelizationParameter;
+ ASN1_INTEGER *keyLength;
+} SCRYPT_PARAMS;
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+# include <openssl/x509_vfy.h>
+# include <openssl/pkcs7.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# define X509_EXT_PACK_UNKNOWN 1
+# define X509_EXT_PACK_STRING 2
+
+# define X509_extract_key(x) X509_get_pubkey(x)/*****/
+# define X509_REQ_extract_key(a) X509_REQ_get_pubkey(a)
+# define X509_name_cmp(a,b) X509_NAME_cmp((a),(b))
+
+void X509_CRL_set_default_method(const X509_CRL_METHOD *meth);
+X509_CRL_METHOD *X509_CRL_METHOD_new(int (*crl_init) (X509_CRL *crl),
+ int (*crl_free) (X509_CRL *crl),
+ int (*crl_lookup) (X509_CRL *crl,
+ X509_REVOKED **ret,
+ const
+ ASN1_INTEGER *serial,
+ const
+ X509_NAME *issuer),
+ int (*crl_verify) (X509_CRL *crl,
+ EVP_PKEY *pk));
+void X509_CRL_METHOD_free(X509_CRL_METHOD *m);
+
+void X509_CRL_set_meth_data(X509_CRL *crl, void *dat);
+void *X509_CRL_get_meth_data(X509_CRL *crl);
+
+const char *X509_verify_cert_error_string(long n);
+
+int X509_verify_ex(X509 *a, EVP_PKEY *r, OPENSSL_CTX *libctx, const char *propq);
+int X509_verify(X509 *a, EVP_PKEY *r);
+
+int X509_REQ_verify_ex(X509_REQ *a, EVP_PKEY *r, OPENSSL_CTX *libctx,
+ const char *propq);
+int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r);
+int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r);
+int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r);
+
+NETSCAPE_SPKI *NETSCAPE_SPKI_b64_decode(const char *str, int len);
+char *NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *x);
+EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *x);
+int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey);
+
+int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki);
+
+int X509_signature_dump(BIO *bp, const ASN1_STRING *sig, int indent);
+int X509_signature_print(BIO *bp, const X509_ALGOR *alg,
+ const ASN1_STRING *sig);
+
+int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
+int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx);
+int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md);
+int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx);
+int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md);
+int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx);
+int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md);
+
+int X509_pubkey_digest(const X509 *data, const EVP_MD *type,
+ unsigned char *md, unsigned int *len);
+int X509_digest(const X509 *data, const EVP_MD *type,
+ unsigned char *md, unsigned int *len);
+ASN1_OCTET_STRING *X509_digest_sig(const X509 *cert);
+int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type,
+ unsigned char *md, unsigned int *len);
+int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type,
+ unsigned char *md, unsigned int *len);
+int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type,
+ unsigned char *md, unsigned int *len);
+
+# if !defined(OPENSSL_NO_SOCK)
+X509 *X509_load_http(const char *url, BIO *bio, BIO *rbio, int timeout);
+# define X509_http_nbio(url) X509_load_http(url, NULL, NULL, 0)
+X509_CRL *X509_CRL_load_http(const char *url, BIO *bio, BIO *rbio, int timeout);
+# define X509_CRL_http_nbio(url) X509_CRL_load_http(url, NULL, NULL, 0)
+# endif
+
+# ifndef OPENSSL_NO_STDIO
+X509 *d2i_X509_fp(FILE *fp, X509 **x509);
+int i2d_X509_fp(FILE *fp, const X509 *x509);
+X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl);
+int i2d_X509_CRL_fp(FILE *fp, const X509_CRL *crl);
+X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req);
+int i2d_X509_REQ_fp(FILE *fp, const X509_REQ *req);
+# ifndef OPENSSL_NO_RSA
+RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa);
+int i2d_RSAPrivateKey_fp(FILE *fp, const RSA *rsa);
+RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa);
+int i2d_RSAPublicKey_fp(FILE *fp, const RSA *rsa);
+RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa);
+int i2d_RSA_PUBKEY_fp(FILE *fp, const RSA *rsa);
+# endif
+# ifndef OPENSSL_NO_DSA
+DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa);
+int i2d_DSA_PUBKEY_fp(FILE *fp, const DSA *dsa);
+DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa);
+int i2d_DSAPrivateKey_fp(FILE *fp, const DSA *dsa);
+# endif
+# ifndef OPENSSL_NO_EC
+EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey);
+int i2d_EC_PUBKEY_fp(FILE *fp, const EC_KEY *eckey);
+EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey);
+int i2d_ECPrivateKey_fp(FILE *fp, const EC_KEY *eckey);
+# endif
+X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8);
+int i2d_PKCS8_fp(FILE *fp, const X509_SIG *p8);
+X509_PUBKEY *d2i_X509_PUBKEY_fp(FILE *fp, X509_PUBKEY **xpk);
+int i2d_X509_PUBKEY_fp(FILE *fp, const X509_PUBKEY *xpk);
+PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
+ PKCS8_PRIV_KEY_INFO **p8inf);
+int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, const PKCS8_PRIV_KEY_INFO *p8inf);
+int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, const EVP_PKEY *key);
+int i2d_PrivateKey_fp(FILE *fp, const EVP_PKEY *pkey);
+EVP_PKEY *d2i_PrivateKey_ex_fp(FILE *fp, EVP_PKEY **a, OPENSSL_CTX *libctx,
+ const char *propq);
+EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a);
+int i2d_PUBKEY_fp(FILE *fp, const EVP_PKEY *pkey);
+EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a);
+# endif
+
+X509 *d2i_X509_bio(BIO *bp, X509 **x509);
+int i2d_X509_bio(BIO *bp, const X509 *x509);
+X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl);
+int i2d_X509_CRL_bio(BIO *bp, const X509_CRL *crl);
+X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req);
+int i2d_X509_REQ_bio(BIO *bp, const X509_REQ *req);
+# ifndef OPENSSL_NO_RSA
+RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa);
+int i2d_RSAPrivateKey_bio(BIO *bp, const RSA *rsa);
+RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa);
+int i2d_RSAPublicKey_bio(BIO *bp, const RSA *rsa);
+RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa);
+int i2d_RSA_PUBKEY_bio(BIO *bp, const RSA *rsa);
+# endif
+# ifndef OPENSSL_NO_DSA
+DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa);
+int i2d_DSA_PUBKEY_bio(BIO *bp, const DSA *dsa);
+DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa);
+int i2d_DSAPrivateKey_bio(BIO *bp, const DSA *dsa);
+# endif
+# ifndef OPENSSL_NO_EC
+EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey);
+int i2d_EC_PUBKEY_bio(BIO *bp, const EC_KEY *eckey);
+EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey);
+int i2d_ECPrivateKey_bio(BIO *bp, const EC_KEY *eckey);
+# endif
+X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8);
+int i2d_PKCS8_bio(BIO *bp, const X509_SIG *p8);
+X509_PUBKEY *d2i_X509_PUBKEY_bio(BIO *bp, X509_PUBKEY **xpk);
+int i2d_X509_PUBKEY_bio(BIO *bp, const X509_PUBKEY *xpk);
+PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,
+ PKCS8_PRIV_KEY_INFO **p8inf);
+int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, const PKCS8_PRIV_KEY_INFO *p8inf);
+int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, const EVP_PKEY *key);
+int i2d_PrivateKey_bio(BIO *bp, const EVP_PKEY *pkey);
+EVP_PKEY *d2i_PrivateKey_ex_bio(BIO *bp, EVP_PKEY **a, OPENSSL_CTX *libctx,
+ const char *propq);
+EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a);
+int i2d_PUBKEY_bio(BIO *bp, const EVP_PKEY *pkey);
+EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a);
+
+DECLARE_ASN1_DUP_FUNCTION(X509)
+DECLARE_ASN1_DUP_FUNCTION(X509_ALGOR)
+DECLARE_ASN1_DUP_FUNCTION(X509_ATTRIBUTE)
+DECLARE_ASN1_DUP_FUNCTION(X509_CRL)
+DECLARE_ASN1_DUP_FUNCTION(X509_EXTENSION)
+DECLARE_ASN1_DUP_FUNCTION(X509_PUBKEY)
+DECLARE_ASN1_DUP_FUNCTION(X509_REQ)
+DECLARE_ASN1_DUP_FUNCTION(X509_REVOKED)
+int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype,
+ void *pval);
+void X509_ALGOR_get0(const ASN1_OBJECT **paobj, int *pptype,
+ const void **ppval, const X509_ALGOR *algor);
+void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md);
+int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b);
+int X509_ALGOR_copy(X509_ALGOR *dest, const X509_ALGOR *src);
+
+DECLARE_ASN1_DUP_FUNCTION(X509_NAME)
+DECLARE_ASN1_DUP_FUNCTION(X509_NAME_ENTRY)
+
+int X509_cmp_time(const ASN1_TIME *s, time_t *t);
+int X509_cmp_current_time(const ASN1_TIME *s);
+int X509_cmp_timeframe(const X509_VERIFY_PARAM *vpm,
+ const ASN1_TIME *start, const ASN1_TIME *end);
+ASN1_TIME *X509_time_adj(ASN1_TIME *s, long adj, time_t *t);
+ASN1_TIME *X509_time_adj_ex(ASN1_TIME *s,
+ int offset_day, long offset_sec, time_t *t);
+ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj);
+
+const char *X509_get_default_cert_area(void);
+const char *X509_get_default_cert_dir(void);
+const char *X509_get_default_cert_file(void);
+const char *X509_get_default_cert_dir_env(void);
+const char *X509_get_default_cert_file_env(void);
+const char *X509_get_default_private_dir(void);
+
+X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
+X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey);
+
+DECLARE_ASN1_FUNCTIONS(X509_ALGOR)
+DECLARE_ASN1_ENCODE_FUNCTIONS(X509_ALGORS, X509_ALGORS, X509_ALGORS)
+DECLARE_ASN1_FUNCTIONS(X509_VAL)
+
+DECLARE_ASN1_FUNCTIONS(X509_PUBKEY)
+
+int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
+EVP_PKEY *X509_PUBKEY_get0(const X509_PUBKEY *key);
+EVP_PKEY *X509_PUBKEY_get(const X509_PUBKEY *key);
+int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain);
+long X509_get_pathlen(X509 *x);
+DECLARE_ASN1_ENCODE_FUNCTIONS_only(EVP_PKEY, PUBKEY)
+# ifndef OPENSSL_NO_RSA
+DECLARE_ASN1_ENCODE_FUNCTIONS_only(RSA, RSA_PUBKEY)
+# endif
+# ifndef OPENSSL_NO_DSA
+DECLARE_ASN1_ENCODE_FUNCTIONS_only(DSA, DSA_PUBKEY)
+# endif
+# ifndef OPENSSL_NO_EC
+DECLARE_ASN1_ENCODE_FUNCTIONS_only(EC_KEY, EC_PUBKEY)
+# endif
+
+DECLARE_ASN1_FUNCTIONS(X509_SIG)
+void X509_SIG_get0(const X509_SIG *sig, const X509_ALGOR **palg,
+ const ASN1_OCTET_STRING **pdigest);
+void X509_SIG_getm(X509_SIG *sig, X509_ALGOR **palg,
+ ASN1_OCTET_STRING **pdigest);
+
+DECLARE_ASN1_FUNCTIONS(X509_REQ_INFO)
+DECLARE_ASN1_FUNCTIONS(X509_REQ)
+
+DECLARE_ASN1_FUNCTIONS(X509_ATTRIBUTE)
+X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value);
+
+DECLARE_ASN1_FUNCTIONS(X509_EXTENSION)
+DECLARE_ASN1_ENCODE_FUNCTIONS(X509_EXTENSIONS, X509_EXTENSIONS, X509_EXTENSIONS)
+
+DECLARE_ASN1_FUNCTIONS(X509_NAME_ENTRY)
+
+DECLARE_ASN1_FUNCTIONS(X509_NAME)
+
+int X509_NAME_set(X509_NAME **xn, const X509_NAME *name);
+
+DECLARE_ASN1_FUNCTIONS(X509_CINF)
+DECLARE_ASN1_FUNCTIONS(X509)
+DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX)
+
+#define X509_get_ex_new_index(l, p, newf, dupf, freef) \
+ CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509, l, p, newf, dupf, freef)
+int X509_set_ex_data(X509 *r, int idx, void *arg);
+void *X509_get_ex_data(const X509 *r, int idx);
+DECLARE_ASN1_ENCODE_FUNCTIONS_only(X509,X509_AUX)
+
+int i2d_re_X509_tbs(X509 *x, unsigned char **pp);
+
+int X509_SIG_INFO_get(const X509_SIG_INFO *siginf, int *mdnid, int *pknid,
+ int *secbits, uint32_t *flags);
+void X509_SIG_INFO_set(X509_SIG_INFO *siginf, int mdnid, int pknid,
+ int secbits, uint32_t flags);
+
+int X509_get_signature_info(X509 *x, int *mdnid, int *pknid, int *secbits,
+ uint32_t *flags);
+
+void X509_get0_signature(const ASN1_BIT_STRING **psig,
+ const X509_ALGOR **palg, const X509 *x);
+int X509_get_signature_nid(const X509 *x);
+
+void X509_set0_distinguishing_id(X509 *x, ASN1_OCTET_STRING *d_id);
+ASN1_OCTET_STRING *X509_get0_distinguishing_id(X509 *x);
+void X509_REQ_set0_distinguishing_id(X509_REQ *x, ASN1_OCTET_STRING *d_id);
+ASN1_OCTET_STRING *X509_REQ_get0_distinguishing_id(X509_REQ *x);
+
+int X509_trusted(const X509 *x);
+int X509_alias_set1(X509 *x, const unsigned char *name, int len);
+int X509_keyid_set1(X509 *x, const unsigned char *id, int len);
+unsigned char *X509_alias_get0(X509 *x, int *len);
+unsigned char *X509_keyid_get0(X509 *x, int *len);
+int (*X509_TRUST_set_default(int (*trust) (int, X509 *, int))) (int, X509 *,
+ int);
+int X509_TRUST_set(int *t, int trust);
+int X509_add1_trust_object(X509 *x, const ASN1_OBJECT *obj);
+int X509_add1_reject_object(X509 *x, const ASN1_OBJECT *obj);
+void X509_trust_clear(X509 *x);
+void X509_reject_clear(X509 *x);
+
+STACK_OF(ASN1_OBJECT) *X509_get0_trust_objects(X509 *x);
+STACK_OF(ASN1_OBJECT) *X509_get0_reject_objects(X509 *x);
+
+DECLARE_ASN1_FUNCTIONS(X509_REVOKED)
+DECLARE_ASN1_FUNCTIONS(X509_CRL_INFO)
+DECLARE_ASN1_FUNCTIONS(X509_CRL)
+
+int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
+int X509_CRL_get0_by_serial(X509_CRL *crl,
+ X509_REVOKED **ret, const ASN1_INTEGER *serial);
+int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x);
+
+X509_PKEY *X509_PKEY_new(void);
+void X509_PKEY_free(X509_PKEY *a);
+
+DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKI)
+DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKAC)
+DECLARE_ASN1_FUNCTIONS(NETSCAPE_CERT_SEQUENCE)
+
+X509_INFO *X509_INFO_new(void);
+void X509_INFO_free(X509_INFO *a);
+char *X509_NAME_oneline(const X509_NAME *a, char *buf, int size);
+
+DEPRECATEDIN_3_0(int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *algor1,
+ ASN1_BIT_STRING *signature, char *data,
+ EVP_PKEY *pkey))
+
+DEPRECATEDIN_3_0(int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type,
+ char *data,
+ unsigned char *md, unsigned int *len))
+
+DEPRECATEDIN_3_0(int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1,
+ X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
+ char *data, EVP_PKEY *pkey, const EVP_MD *type))
+
+int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *data,
+ unsigned char *md, unsigned int *len);
+
+int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *algor1,
+ ASN1_BIT_STRING *signature, void *data, EVP_PKEY *pkey);
+int ASN1_item_verify_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1,
+ ASN1_BIT_STRING *signature, void *data,
+ EVP_MD_CTX *ctx);
+
+int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1,
+ X509_ALGOR *algor2, ASN1_BIT_STRING *signature, void *data,
+ EVP_PKEY *pkey, const EVP_MD *type);
+int ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1,
+ X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
+ void *asn, EVP_MD_CTX *ctx);
+
+long X509_get_version(const X509 *x);
+int X509_set_version(X509 *x, long version);
+int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial);
+ASN1_INTEGER *X509_get_serialNumber(X509 *x);
+const ASN1_INTEGER *X509_get0_serialNumber(const X509 *x);
+int X509_set_issuer_name(X509 *x, const X509_NAME *name);
+X509_NAME *X509_get_issuer_name(const X509 *a); /* TODO change to get0_ */
+int X509_set_subject_name(X509 *x, const X509_NAME *name);
+X509_NAME *X509_get_subject_name(const X509 *a); /* TODO change to get0_ */
+const ASN1_TIME * X509_get0_notBefore(const X509 *x);
+ASN1_TIME *X509_getm_notBefore(const X509 *x);
+int X509_set1_notBefore(X509 *x, const ASN1_TIME *tm);
+const ASN1_TIME *X509_get0_notAfter(const X509 *x);
+ASN1_TIME *X509_getm_notAfter(const X509 *x);
+int X509_set1_notAfter(X509 *x, const ASN1_TIME *tm);
+int X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
+int X509_up_ref(X509 *x);
+int X509_get_signature_type(const X509 *x);
+
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# define X509_get_notBefore X509_getm_notBefore
+# define X509_get_notAfter X509_getm_notAfter
+# define X509_set_notBefore X509_set1_notBefore
+# define X509_set_notAfter X509_set1_notAfter
+#endif
+
+
+/*
+ * This one is only used so that a binary form can output, as in
+ * i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x), &buf)
+ */
+X509_PUBKEY *X509_get_X509_PUBKEY(const X509 *x);
+const STACK_OF(X509_EXTENSION) *X509_get0_extensions(const X509 *x);
+void X509_get0_uids(const X509 *x, const ASN1_BIT_STRING **piuid,
+ const ASN1_BIT_STRING **psuid);
+const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x);
+
+EVP_PKEY *X509_get0_pubkey(const X509 *x);
+EVP_PKEY *X509_get_pubkey(X509 *x);
+ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x);
+int X509_certificate_type(const X509 *x, const EVP_PKEY *pubkey);
+
+long X509_REQ_get_version(const X509_REQ *req);
+int X509_REQ_set_version(X509_REQ *x, long version);
+X509_NAME *X509_REQ_get_subject_name(const X509_REQ *req); /* TODO change to get0_ */
+int X509_REQ_set_subject_name(X509_REQ *req, const X509_NAME *name);
+void X509_REQ_get0_signature(const X509_REQ *req, const ASN1_BIT_STRING **psig,
+ const X509_ALGOR **palg);
+void X509_REQ_set0_signature(X509_REQ *req, ASN1_BIT_STRING *psig);
+int X509_REQ_set1_signature_algo(X509_REQ *req, X509_ALGOR *palg);
+int X509_REQ_get_signature_nid(const X509_REQ *req);
+int i2d_re_X509_REQ_tbs(X509_REQ *req, unsigned char **pp);
+int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey);
+EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req);
+EVP_PKEY *X509_REQ_get0_pubkey(X509_REQ *req);
+X509_PUBKEY *X509_REQ_get_X509_PUBKEY(X509_REQ *req);
+int X509_REQ_extension_nid(int nid);
+int *X509_REQ_get_extension_nids(void);
+void X509_REQ_set_extension_nids(int *nids);
+STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req);
+int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts,
+ int nid);
+int X509_REQ_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts);
+int X509_REQ_get_attr_count(const X509_REQ *req);
+int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid, int lastpos);
+int X509_REQ_get_attr_by_OBJ(const X509_REQ *req, const ASN1_OBJECT *obj,
+ int lastpos);
+X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc);
+X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc);
+int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr);
+int X509_REQ_add1_attr_by_OBJ(X509_REQ *req,
+ const ASN1_OBJECT *obj, int type,
+ const unsigned char *bytes, int len);
+int X509_REQ_add1_attr_by_NID(X509_REQ *req,
+ int nid, int type,
+ const unsigned char *bytes, int len);
+int X509_REQ_add1_attr_by_txt(X509_REQ *req,
+ const char *attrname, int type,
+ const unsigned char *bytes, int len);
+
+int X509_CRL_set_version(X509_CRL *x, long version);
+int X509_CRL_set_issuer_name(X509_CRL *x, const X509_NAME *name);
+int X509_CRL_set1_lastUpdate(X509_CRL *x, const ASN1_TIME *tm);
+int X509_CRL_set1_nextUpdate(X509_CRL *x, const ASN1_TIME *tm);
+int X509_CRL_sort(X509_CRL *crl);
+int X509_CRL_up_ref(X509_CRL *crl);
+
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# define X509_CRL_set_lastUpdate X509_CRL_set1_lastUpdate
+# define X509_CRL_set_nextUpdate X509_CRL_set1_nextUpdate
+#endif
+
+long X509_CRL_get_version(const X509_CRL *crl);
+const ASN1_TIME *X509_CRL_get0_lastUpdate(const X509_CRL *crl);
+const ASN1_TIME *X509_CRL_get0_nextUpdate(const X509_CRL *crl);
+DEPRECATEDIN_1_1_0(ASN1_TIME *X509_CRL_get_lastUpdate(X509_CRL *crl))
+DEPRECATEDIN_1_1_0(ASN1_TIME *X509_CRL_get_nextUpdate(X509_CRL *crl))
+X509_NAME *X509_CRL_get_issuer(const X509_CRL *crl); /* TODO change to get0_ */
+const STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(const X509_CRL *crl);
+STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl);
+void X509_CRL_get0_signature(const X509_CRL *crl, const ASN1_BIT_STRING **psig,
+ const X509_ALGOR **palg);
+int X509_CRL_get_signature_nid(const X509_CRL *crl);
+int i2d_re_X509_CRL_tbs(X509_CRL *req, unsigned char **pp);
+
+const ASN1_INTEGER *X509_REVOKED_get0_serialNumber(const X509_REVOKED *x);
+int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial);
+const ASN1_TIME *X509_REVOKED_get0_revocationDate(const X509_REVOKED *x);
+int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm);
+const STACK_OF(X509_EXTENSION) *
+X509_REVOKED_get0_extensions(const X509_REVOKED *r);
+
+X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer,
+ EVP_PKEY *skey, const EVP_MD *md, unsigned int flags);
+
+int X509_REQ_check_private_key(X509_REQ *x509, EVP_PKEY *pkey);
+
+int X509_check_private_key(const X509 *x509, const EVP_PKEY *pkey);
+int X509_chain_check_suiteb(int *perror_depth,
+ X509 *x, STACK_OF(X509) *chain,
+ unsigned long flags);
+int X509_CRL_check_suiteb(X509_CRL *crl, EVP_PKEY *pk, unsigned long flags);
+STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain);
+
+int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b);
+unsigned long X509_issuer_and_serial_hash(X509 *a);
+
+int X509_issuer_name_cmp(const X509 *a, const X509 *b);
+unsigned long X509_issuer_name_hash(X509 *a);
+
+int X509_subject_name_cmp(const X509 *a, const X509 *b);
+unsigned long X509_subject_name_hash(X509 *x);
+
+# ifndef OPENSSL_NO_MD5
+unsigned long X509_issuer_name_hash_old(X509 *a);
+unsigned long X509_subject_name_hash_old(X509 *x);
+# endif
+
+int X509_cmp(const X509 *a, const X509 *b);
+int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b);
+unsigned long X509_NAME_hash(const X509_NAME *x);
+unsigned long X509_NAME_hash_old(const X509_NAME *x);
+
+int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b);
+int X509_CRL_match(const X509_CRL *a, const X509_CRL *b);
+int X509_aux_print(BIO *out, X509 *x, int indent);
+# ifndef OPENSSL_NO_STDIO
+int X509_print_ex_fp(FILE *bp, X509 *x, unsigned long nmflag,
+ unsigned long cflag);
+int X509_print_fp(FILE *bp, X509 *x);
+int X509_CRL_print_fp(FILE *bp, X509_CRL *x);
+int X509_REQ_print_fp(FILE *bp, X509_REQ *req);
+int X509_NAME_print_ex_fp(FILE *fp, const X509_NAME *nm, int indent,
+ unsigned long flags);
+# endif
+
+int X509_NAME_print(BIO *bp, const X509_NAME *name, int obase);
+int X509_NAME_print_ex(BIO *out, const X509_NAME *nm, int indent,
+ unsigned long flags);
+int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflag,
+ unsigned long cflag);
+int X509_print(BIO *bp, X509 *x);
+int X509_ocspid_print(BIO *bp, X509 *x);
+int X509_CRL_print_ex(BIO *out, X509_CRL *x, unsigned long nmflag);
+int X509_CRL_print(BIO *bp, X509_CRL *x);
+int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflag,
+ unsigned long cflag);
+int X509_REQ_print(BIO *bp, X509_REQ *req);
+
+int X509_NAME_entry_count(const X509_NAME *name);
+int X509_NAME_get_text_by_NID(const X509_NAME *name, int nid,
+ char *buf, int len);
+int X509_NAME_get_text_by_OBJ(const X509_NAME *name, const ASN1_OBJECT *obj,
+ char *buf, int len);
+
+/*
+ * NOTE: you should be passing -1, not 0 as lastpos. The functions that use
+ * lastpos, search after that position on.
+ */
+int X509_NAME_get_index_by_NID(const X509_NAME *name, int nid, int lastpos);
+int X509_NAME_get_index_by_OBJ(const X509_NAME *name, const ASN1_OBJECT *obj,
+ int lastpos);
+X509_NAME_ENTRY *X509_NAME_get_entry(const X509_NAME *name, int loc);
+X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc);
+int X509_NAME_add_entry(X509_NAME *name, const X509_NAME_ENTRY *ne,
+ int loc, int set);
+int X509_NAME_add_entry_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, int type,
+ const unsigned char *bytes, int len, int loc,
+ int set);
+int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type,
+ const unsigned char *bytes, int len, int loc,
+ int set);
+X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne,
+ const char *field, int type,
+ const unsigned char *bytes,
+ int len);
+X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
+ int type,
+ const unsigned char *bytes,
+ int len);
+int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type,
+ const unsigned char *bytes, int len, int loc,
+ int set);
+X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
+ const ASN1_OBJECT *obj, int type,
+ const unsigned char *bytes,
+ int len);
+int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, const ASN1_OBJECT *obj);
+int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
+ const unsigned char *bytes, int len);
+ASN1_OBJECT *X509_NAME_ENTRY_get_object(const X509_NAME_ENTRY *ne);
+ASN1_STRING * X509_NAME_ENTRY_get_data(const X509_NAME_ENTRY *ne);
+int X509_NAME_ENTRY_set(const X509_NAME_ENTRY *ne);
+
+int X509_NAME_get0_der(const X509_NAME *nm, const unsigned char **pder,
+ size_t *pderlen);
+
+int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+ int nid, int lastpos);
+int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+ const ASN1_OBJECT *obj, int lastpos);
+int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+ int crit, int lastpos);
+X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
+X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
+STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
+ X509_EXTENSION *ex, int loc);
+
+int X509_get_ext_count(const X509 *x);
+int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
+int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, int lastpos);
+int X509_get_ext_by_critical(const X509 *x, int crit, int lastpos);
+X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
+X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
+int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+void *X509_get_ext_d2i(const X509 *x, int nid, int *crit, int *idx);
+int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
+ unsigned long flags);
+
+int X509_CRL_get_ext_count(const X509_CRL *x);
+int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, int lastpos);
+int X509_CRL_get_ext_by_OBJ(const X509_CRL *x, const ASN1_OBJECT *obj,
+ int lastpos);
+int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, int lastpos);
+X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
+X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
+int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
+void *X509_CRL_get_ext_d2i(const X509_CRL *x, int nid, int *crit, int *idx);
+int X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value, int crit,
+ unsigned long flags);
+
+int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
+int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, int lastpos);
+int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, const ASN1_OBJECT *obj,
+ int lastpos);
+int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, int crit,
+ int lastpos);
+X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, int loc);
+X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
+int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);
+void *X509_REVOKED_get_ext_d2i(const X509_REVOKED *x, int nid, int *crit,
+ int *idx);
+int X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid, void *value, int crit,
+ unsigned long flags);
+
+X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex,
+ int nid, int crit,
+ ASN1_OCTET_STRING *data);
+X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex,
+ const ASN1_OBJECT *obj, int crit,
+ ASN1_OCTET_STRING *data);
+int X509_EXTENSION_set_object(X509_EXTENSION *ex, const ASN1_OBJECT *obj);
+int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit);
+int X509_EXTENSION_set_data(X509_EXTENSION *ex, ASN1_OCTET_STRING *data);
+ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex);
+ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);
+int X509_EXTENSION_get_critical(const X509_EXTENSION *ex);
+
+int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x);
+int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid,
+ int lastpos);
+int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk,
+ const ASN1_OBJECT *obj, int lastpos);
+X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc);
+X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc);
+STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
+ X509_ATTRIBUTE *attr);
+STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE)
+ **x, const ASN1_OBJECT *obj,
+ int type,
+ const unsigned char *bytes,
+ int len);
+STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE)
+ **x, int nid, int type,
+ const unsigned char *bytes,
+ int len);
+STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE)
+ **x, const char *attrname,
+ int type,
+ const unsigned char *bytes,
+ int len);
+void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x,
+ const ASN1_OBJECT *obj, int lastpos, int type);
+X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
+ int atrtype, const void *data,
+ int len);
+X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
+ const ASN1_OBJECT *obj,
+ int atrtype, const void *data,
+ int len);
+X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr,
+ const char *atrname, int type,
+ const unsigned char *bytes,
+ int len);
+int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj);
+int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype,
+ const void *data, int len);
+void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx, int atrtype,
+ void *data);
+int X509_ATTRIBUTE_count(const X509_ATTRIBUTE *attr);
+ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr);
+ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx);
+
+int EVP_PKEY_get_attr_count(const EVP_PKEY *key);
+int EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid, int lastpos);
+int EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, const ASN1_OBJECT *obj,
+ int lastpos);
+X509_ATTRIBUTE *EVP_PKEY_get_attr(const EVP_PKEY *key, int loc);
+X509_ATTRIBUTE *EVP_PKEY_delete_attr(EVP_PKEY *key, int loc);
+int EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr);
+int EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key,
+ const ASN1_OBJECT *obj, int type,
+ const unsigned char *bytes, int len);
+int EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key,
+ int nid, int type,
+ const unsigned char *bytes, int len);
+int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key,
+ const char *attrname, int type,
+ const unsigned char *bytes, int len);
+
+int X509_verify_cert(X509_STORE_CTX *ctx);
+
+/* lookup a cert from a X509 STACK */
+X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk, const X509_NAME *name,
+ const ASN1_INTEGER *serial);
+X509 *X509_find_by_subject(STACK_OF(X509) *sk, const X509_NAME *name);
+
+DECLARE_ASN1_FUNCTIONS(PBEPARAM)
+DECLARE_ASN1_FUNCTIONS(PBE2PARAM)
+DECLARE_ASN1_FUNCTIONS(PBKDF2PARAM)
+#ifndef OPENSSL_NO_SCRYPT
+DECLARE_ASN1_FUNCTIONS(SCRYPT_PARAMS)
+#endif
+
+int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,
+ const unsigned char *salt, int saltlen);
+
+X509_ALGOR *PKCS5_pbe_set(int alg, int iter,
+ const unsigned char *salt, int saltlen);
+X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
+ unsigned char *salt, int saltlen);
+X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
+ unsigned char *salt, int saltlen,
+ unsigned char *aiv, int prf_nid);
+
+#ifndef OPENSSL_NO_SCRYPT
+X509_ALGOR *PKCS5_pbe2_set_scrypt(const EVP_CIPHER *cipher,
+ const unsigned char *salt, int saltlen,
+ unsigned char *aiv, uint64_t N, uint64_t r,
+ uint64_t p);
+#endif
+
+X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
+ int prf_nid, int keylen);
+
+/* PKCS#8 utilities */
+
+DECLARE_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO)
+
+EVP_PKEY *EVP_PKCS82PKEY(const PKCS8_PRIV_KEY_INFO *p8);
+PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(const EVP_PKEY *pkey);
+
+int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj,
+ int version, int ptype, void *pval,
+ unsigned char *penc, int penclen);
+int PKCS8_pkey_get0(const ASN1_OBJECT **ppkalg,
+ const unsigned char **pk, int *ppklen,
+ const X509_ALGOR **pa, const PKCS8_PRIV_KEY_INFO *p8);
+
+const STACK_OF(X509_ATTRIBUTE) *
+PKCS8_pkey_get0_attrs(const PKCS8_PRIV_KEY_INFO *p8);
+int PKCS8_pkey_add1_attr(PKCS8_PRIV_KEY_INFO *p8, X509_ATTRIBUTE *attr);
+int PKCS8_pkey_add1_attr_by_NID(PKCS8_PRIV_KEY_INFO *p8, int nid, int type,
+ const unsigned char *bytes, int len);
+int PKCS8_pkey_add1_attr_by_OBJ(PKCS8_PRIV_KEY_INFO *p8, const ASN1_OBJECT *obj,
+ int type, const unsigned char *bytes, int len);
+
+
+int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
+ int ptype, void *pval,
+ unsigned char *penc, int penclen);
+int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
+ const unsigned char **pk, int *ppklen,
+ X509_ALGOR **pa, const X509_PUBKEY *pub);
+int X509_PUBKEY_eq(const X509_PUBKEY *a, const X509_PUBKEY *b);
+
+int X509_check_trust(X509 *x, int id, int flags);
+int X509_TRUST_get_count(void);
+X509_TRUST *X509_TRUST_get0(int idx);
+int X509_TRUST_get_by_id(int id);
+int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST *, X509 *, int),
+ const char *name, int arg1, void *arg2);
+void X509_TRUST_cleanup(void);
+int X509_TRUST_get_flags(const X509_TRUST *xp);
+char *X509_TRUST_get0_name(const X509_TRUST *xp);
+int X509_TRUST_get_trust(const X509_TRUST *xp);
+
+# ifdef __cplusplus
+}
+# endif
+#endif
diff --git a/openssl/include/openssl/x509_vfy.h b/openssl/include/openssl/x509_vfy.h new file mode 100644 index 00000000..fc27c835 --- /dev/null +++ b/openssl/include/openssl/x509_vfy.h @@ -0,0 +1,661 @@ +/*
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_X509_VFY_H
+# define OPENSSL_X509_VFY_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_X509_VFY_H
+# endif
+
+/*
+ * Protect against recursion, x509.h and x509_vfy.h each include the other.
+ */
+# ifndef OPENSSL_X509_H
+# include <openssl/x509.h>
+# endif
+
+# include <openssl/opensslconf.h>
+# include <openssl/lhash.h>
+# include <openssl/bio.h>
+# include <openssl/crypto.h>
+# include <openssl/symhacks.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*-
+SSL_CTX -> X509_STORE
+ -> X509_LOOKUP
+ ->X509_LOOKUP_METHOD
+ -> X509_LOOKUP
+ ->X509_LOOKUP_METHOD
+
+SSL -> X509_STORE_CTX
+ ->X509_STORE
+
+The X509_STORE holds the tables etc for verification stuff.
+A X509_STORE_CTX is used while validating a single certificate.
+The X509_STORE has X509_LOOKUPs for looking up certs.
+The X509_STORE then calls a function to actually verify the
+certificate chain.
+*/
+
+typedef enum {
+ X509_LU_NONE = 0,
+ X509_LU_X509, X509_LU_CRL
+} X509_LOOKUP_TYPE;
+
+#ifndef OPENSSL_NO_DEPRECATED_1_1_0
+#define X509_LU_RETRY -1
+#define X509_LU_FAIL 0
+#endif
+
+DEFINE_OR_DECLARE_STACK_OF(X509_LOOKUP)
+DEFINE_OR_DECLARE_STACK_OF(X509_OBJECT)
+DEFINE_OR_DECLARE_STACK_OF(X509_VERIFY_PARAM)
+
+int X509_STORE_set_depth(X509_STORE *store, int depth);
+
+typedef int (*X509_STORE_CTX_verify_cb)(int, X509_STORE_CTX *);
+int X509_STORE_CTX_print_verify_cb(int ok, X509_STORE_CTX *ctx);
+typedef int (*X509_STORE_CTX_verify_fn)(X509_STORE_CTX *);
+typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **issuer,
+ X509_STORE_CTX *ctx, X509 *x);
+typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx,
+ X509 *x, X509 *issuer);
+typedef int (*X509_STORE_CTX_check_revocation_fn)(X509_STORE_CTX *ctx);
+typedef int (*X509_STORE_CTX_get_crl_fn)(X509_STORE_CTX *ctx,
+ X509_CRL **crl, X509 *x);
+typedef int (*X509_STORE_CTX_check_crl_fn)(X509_STORE_CTX *ctx, X509_CRL *crl);
+typedef int (*X509_STORE_CTX_cert_crl_fn)(X509_STORE_CTX *ctx,
+ X509_CRL *crl, X509 *x);
+typedef int (*X509_STORE_CTX_check_policy_fn)(X509_STORE_CTX *ctx);
+typedef STACK_OF(X509)
+ *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+ const X509_NAME *nm);
+typedef STACK_OF(X509_CRL)
+ *(*X509_STORE_CTX_lookup_crls_fn)(const X509_STORE_CTX *ctx,
+ const X509_NAME *nm);
+typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
+
+
+void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
+
+# define X509_STORE_CTX_set_app_data(ctx,data) \
+ X509_STORE_CTX_set_ex_data(ctx,0,data)
+# define X509_STORE_CTX_get_app_data(ctx) \
+ X509_STORE_CTX_get_ex_data(ctx,0)
+
+# define X509_L_FILE_LOAD 1
+# define X509_L_ADD_DIR 2
+# define X509_L_ADD_STORE 3
+# define X509_L_LOAD_STORE 4
+
+# define X509_LOOKUP_load_file(x,name,type) \
+ X509_LOOKUP_ctrl((x),X509_L_FILE_LOAD,(name),(long)(type),NULL)
+
+# define X509_LOOKUP_add_dir(x,name,type) \
+ X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(long)(type),NULL)
+
+# define X509_LOOKUP_add_store(x,name) \
+ X509_LOOKUP_ctrl((x),X509_L_ADD_STORE,(name),0,NULL)
+
+# define X509_LOOKUP_load_store(x,name) \
+ X509_LOOKUP_ctrl((x),X509_L_LOAD_STORE,(name),0,NULL)
+
+# define X509_V_OK 0
+# define X509_V_ERR_UNSPECIFIED 1
+# define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT 2
+# define X509_V_ERR_UNABLE_TO_GET_CRL 3
+# define X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE 4
+# define X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE 5
+# define X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY 6
+# define X509_V_ERR_CERT_SIGNATURE_FAILURE 7
+# define X509_V_ERR_CRL_SIGNATURE_FAILURE 8
+# define X509_V_ERR_CERT_NOT_YET_VALID 9
+# define X509_V_ERR_CERT_HAS_EXPIRED 10
+# define X509_V_ERR_CRL_NOT_YET_VALID 11
+# define X509_V_ERR_CRL_HAS_EXPIRED 12
+# define X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD 13
+# define X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD 14
+# define X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD 15
+# define X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD 16
+# define X509_V_ERR_OUT_OF_MEM 17
+# define X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT 18
+# define X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN 19
+# define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY 20
+# define X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE 21
+# define X509_V_ERR_CERT_CHAIN_TOO_LONG 22
+# define X509_V_ERR_CERT_REVOKED 23
+# define X509_V_ERR_INVALID_CA 24
+# define X509_V_ERR_PATH_LENGTH_EXCEEDED 25
+# define X509_V_ERR_INVALID_PURPOSE 26
+# define X509_V_ERR_CERT_UNTRUSTED 27
+# define X509_V_ERR_CERT_REJECTED 28
+/* These are 'informational' when looking for issuer cert */
+# define X509_V_ERR_SUBJECT_ISSUER_MISMATCH 29
+# define X509_V_ERR_AKID_SKID_MISMATCH 30
+# define X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH 31
+# define X509_V_ERR_KEYUSAGE_NO_CERTSIGN 32
+# define X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER 33
+# define X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION 34
+# define X509_V_ERR_KEYUSAGE_NO_CRL_SIGN 35
+# define X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION 36
+# define X509_V_ERR_INVALID_NON_CA 37
+# define X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED 38
+# define X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE 39
+# define X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED 40
+# define X509_V_ERR_INVALID_EXTENSION 41
+# define X509_V_ERR_INVALID_POLICY_EXTENSION 42
+# define X509_V_ERR_NO_EXPLICIT_POLICY 43
+# define X509_V_ERR_DIFFERENT_CRL_SCOPE 44
+# define X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE 45
+# define X509_V_ERR_UNNESTED_RESOURCE 46
+# define X509_V_ERR_PERMITTED_VIOLATION 47
+# define X509_V_ERR_EXCLUDED_VIOLATION 48
+# define X509_V_ERR_SUBTREE_MINMAX 49
+/* The application is not happy */
+# define X509_V_ERR_APPLICATION_VERIFICATION 50
+# define X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE 51
+# define X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX 52
+# define X509_V_ERR_UNSUPPORTED_NAME_SYNTAX 53
+# define X509_V_ERR_CRL_PATH_VALIDATION_ERROR 54
+/* Another issuer check debug option */
+# define X509_V_ERR_PATH_LOOP 55
+/* Suite B mode algorithm violation */
+# define X509_V_ERR_SUITE_B_INVALID_VERSION 56
+# define X509_V_ERR_SUITE_B_INVALID_ALGORITHM 57
+# define X509_V_ERR_SUITE_B_INVALID_CURVE 58
+# define X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM 59
+# define X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED 60
+# define X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 61
+/* Host, email and IP check errors */
+# define X509_V_ERR_HOSTNAME_MISMATCH 62
+# define X509_V_ERR_EMAIL_MISMATCH 63
+# define X509_V_ERR_IP_ADDRESS_MISMATCH 64
+/* DANE TLSA errors */
+# define X509_V_ERR_DANE_NO_MATCH 65
+/* security level errors */
+# define X509_V_ERR_EE_KEY_TOO_SMALL 66
+# define X509_V_ERR_CA_KEY_TOO_SMALL 67
+# define X509_V_ERR_CA_MD_TOO_WEAK 68
+/* Caller error */
+# define X509_V_ERR_INVALID_CALL 69
+/* Issuer lookup error */
+# define X509_V_ERR_STORE_LOOKUP 70
+/* Certificate transparency */
+# define X509_V_ERR_NO_VALID_SCTS 71
+
+# define X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION 72
+/* OCSP status errors */
+# define X509_V_ERR_OCSP_VERIFY_NEEDED 73 /* Need OCSP verification */
+# define X509_V_ERR_OCSP_VERIFY_FAILED 74 /* Couldn't verify cert through OCSP */
+# define X509_V_ERR_OCSP_CERT_UNKNOWN 75 /* Certificate wasn't recognized by the OCSP responder */
+
+# define X509_V_ERR_SIGNATURE_ALGORITHM_MISMATCH 76
+# define X509_V_ERR_NO_ISSUER_PUBLIC_KEY 77
+
+
+/* Certificate verify flags */
+
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# define X509_V_FLAG_CB_ISSUER_CHECK 0x0 /* Deprecated */
+# endif
+/* Use check time instead of current time */
+# define X509_V_FLAG_USE_CHECK_TIME 0x2
+/* Lookup CRLs */
+# define X509_V_FLAG_CRL_CHECK 0x4
+/* Lookup CRLs for whole chain */
+# define X509_V_FLAG_CRL_CHECK_ALL 0x8
+/* Ignore unhandled critical extensions */
+# define X509_V_FLAG_IGNORE_CRITICAL 0x10
+/* Disable workarounds for broken certificates */
+# define X509_V_FLAG_X509_STRICT 0x20
+/* Enable proxy certificate validation */
+# define X509_V_FLAG_ALLOW_PROXY_CERTS 0x40
+/* Enable policy checking */
+# define X509_V_FLAG_POLICY_CHECK 0x80
+/* Policy variable require-explicit-policy */
+# define X509_V_FLAG_EXPLICIT_POLICY 0x100
+/* Policy variable inhibit-any-policy */
+# define X509_V_FLAG_INHIBIT_ANY 0x200
+/* Policy variable inhibit-policy-mapping */
+# define X509_V_FLAG_INHIBIT_MAP 0x400
+/* Notify callback that policy is OK */
+# define X509_V_FLAG_NOTIFY_POLICY 0x800
+/* Extended CRL features such as indirect CRLs, alternate CRL signing keys */
+# define X509_V_FLAG_EXTENDED_CRL_SUPPORT 0x1000
+/* Delta CRL support */
+# define X509_V_FLAG_USE_DELTAS 0x2000
+/* Check self-signed CA signature */
+# define X509_V_FLAG_CHECK_SS_SIGNATURE 0x4000
+/* Use trusted store first */
+# define X509_V_FLAG_TRUSTED_FIRST 0x8000
+/* Suite B 128 bit only mode: not normally used */
+# define X509_V_FLAG_SUITEB_128_LOS_ONLY 0x10000
+/* Suite B 192 bit only mode */
+# define X509_V_FLAG_SUITEB_192_LOS 0x20000
+/* Suite B 128 bit mode allowing 192 bit algorithms */
+# define X509_V_FLAG_SUITEB_128_LOS 0x30000
+/* Allow partial chains if at least one certificate is in trusted store */
+# define X509_V_FLAG_PARTIAL_CHAIN 0x80000
+/*
+ * If the initial chain is not trusted, do not attempt to build an alternative
+ * chain. Alternate chain checking was introduced in 1.1.0. Setting this flag
+ * will force the behaviour to match that of previous versions.
+ */
+# define X509_V_FLAG_NO_ALT_CHAINS 0x100000
+/* Do not check certificate/CRL validity against current time */
+# define X509_V_FLAG_NO_CHECK_TIME 0x200000
+
+# define X509_VP_FLAG_DEFAULT 0x1
+# define X509_VP_FLAG_OVERWRITE 0x2
+# define X509_VP_FLAG_RESET_FLAGS 0x4
+# define X509_VP_FLAG_LOCKED 0x8
+# define X509_VP_FLAG_ONCE 0x10
+
+/* Internal use: mask of policy related options */
+# define X509_V_FLAG_POLICY_MASK (X509_V_FLAG_POLICY_CHECK \
+ | X509_V_FLAG_EXPLICIT_POLICY \
+ | X509_V_FLAG_INHIBIT_ANY \
+ | X509_V_FLAG_INHIBIT_MAP)
+
+int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, X509_LOOKUP_TYPE type,
+ const X509_NAME *name);
+X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h,
+ X509_LOOKUP_TYPE type,
+ const X509_NAME *name);
+X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h,
+ X509_OBJECT *x);
+int X509_OBJECT_up_ref_count(X509_OBJECT *a);
+X509_OBJECT *X509_OBJECT_new(void);
+void X509_OBJECT_free(X509_OBJECT *a);
+X509_LOOKUP_TYPE X509_OBJECT_get_type(const X509_OBJECT *a);
+X509 *X509_OBJECT_get0_X509(const X509_OBJECT *a);
+int X509_OBJECT_set1_X509(X509_OBJECT *a, X509 *obj);
+X509_CRL *X509_OBJECT_get0_X509_CRL(const X509_OBJECT *a);
+int X509_OBJECT_set1_X509_CRL(X509_OBJECT *a, X509_CRL *obj);
+X509_STORE *X509_STORE_new(void);
+void X509_STORE_free(X509_STORE *v);
+int X509_STORE_lock(X509_STORE *ctx);
+int X509_STORE_unlock(X509_STORE *ctx);
+int X509_STORE_up_ref(X509_STORE *v);
+STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(const X509_STORE *v);
+STACK_OF(X509) *X509_STORE_get1_all_certs(X509_STORE *st);
+STACK_OF(X509) *X509_STORE_CTX_get1_certs(X509_STORE_CTX *st,
+ const X509_NAME *nm);
+STACK_OF(X509_CRL) *X509_STORE_CTX_get1_crls(const X509_STORE_CTX *st,
+ const X509_NAME *nm);
+int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags);
+int X509_STORE_set_purpose(X509_STORE *ctx, int purpose);
+int X509_STORE_set_trust(X509_STORE *ctx, int trust);
+int X509_STORE_set1_param(X509_STORE *ctx, const X509_VERIFY_PARAM *pm);
+X509_VERIFY_PARAM *X509_STORE_get0_param(const X509_STORE *ctx);
+
+void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify);
+#define X509_STORE_set_verify_func(ctx, func) \
+ X509_STORE_set_verify((ctx),(func))
+void X509_STORE_CTX_set_verify(X509_STORE_CTX *ctx,
+ X509_STORE_CTX_verify_fn verify);
+X509_STORE_CTX_verify_fn X509_STORE_get_verify(const X509_STORE *ctx);
+void X509_STORE_set_verify_cb(X509_STORE *ctx,
+ X509_STORE_CTX_verify_cb verify_cb);
+# define X509_STORE_set_verify_cb_func(ctx,func) \
+ X509_STORE_set_verify_cb((ctx),(func))
+X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(const X509_STORE *ctx);
+void X509_STORE_set_get_issuer(X509_STORE *ctx,
+ X509_STORE_CTX_get_issuer_fn get_issuer);
+X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(const X509_STORE *ctx);
+void X509_STORE_set_check_issued(X509_STORE *ctx,
+ X509_STORE_CTX_check_issued_fn check_issued);
+X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(const X509_STORE *ctx);
+void X509_STORE_set_check_revocation(X509_STORE *ctx,
+ X509_STORE_CTX_check_revocation_fn check_revocation);
+X509_STORE_CTX_check_revocation_fn
+ X509_STORE_get_check_revocation(const X509_STORE *ctx);
+void X509_STORE_set_get_crl(X509_STORE *ctx,
+ X509_STORE_CTX_get_crl_fn get_crl);
+X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(const X509_STORE *ctx);
+void X509_STORE_set_check_crl(X509_STORE *ctx,
+ X509_STORE_CTX_check_crl_fn check_crl);
+X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(const X509_STORE *ctx);
+void X509_STORE_set_cert_crl(X509_STORE *ctx,
+ X509_STORE_CTX_cert_crl_fn cert_crl);
+X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(const X509_STORE *ctx);
+void X509_STORE_set_check_policy(X509_STORE *ctx,
+ X509_STORE_CTX_check_policy_fn check_policy);
+X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(const X509_STORE *ctx);
+void X509_STORE_set_lookup_certs(X509_STORE *ctx,
+ X509_STORE_CTX_lookup_certs_fn lookup_certs);
+X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(const X509_STORE *ctx);
+void X509_STORE_set_lookup_crls(X509_STORE *ctx,
+ X509_STORE_CTX_lookup_crls_fn lookup_crls);
+#define X509_STORE_set_lookup_crls_cb(ctx, func) \
+ X509_STORE_set_lookup_crls((ctx), (func))
+X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(const X509_STORE *ctx);
+void X509_STORE_set_cleanup(X509_STORE *ctx,
+ X509_STORE_CTX_cleanup_fn cleanup);
+X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(const X509_STORE *ctx);
+
+#define X509_STORE_get_ex_new_index(l, p, newf, dupf, freef) \
+ CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE, l, p, newf, dupf, freef)
+int X509_STORE_set_ex_data(X509_STORE *ctx, int idx, void *data);
+void *X509_STORE_get_ex_data(const X509_STORE *ctx, int idx);
+
+X509_STORE_CTX *X509_STORE_CTX_new_with_libctx(OPENSSL_CTX *libctx,
+ const char *propq);
+X509_STORE_CTX *X509_STORE_CTX_new(void);
+
+int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
+
+void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
+int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
+ X509 *x509, STACK_OF(X509) *chain);
+void X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
+
+X509_STORE *X509_STORE_CTX_get0_store(const X509_STORE_CTX *ctx);
+X509 *X509_STORE_CTX_get0_cert(const X509_STORE_CTX *ctx);
+STACK_OF(X509)* X509_STORE_CTX_get0_untrusted(const X509_STORE_CTX *ctx);
+void X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
+ X509_STORE_CTX_verify_cb verify);
+X509_STORE_CTX_verify_cb X509_STORE_CTX_get_verify_cb(const X509_STORE_CTX *ctx);
+X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(const X509_STORE_CTX *ctx);
+X509_STORE_CTX_get_issuer_fn X509_STORE_CTX_get_get_issuer(const X509_STORE_CTX *ctx);
+X509_STORE_CTX_check_issued_fn X509_STORE_CTX_get_check_issued(const X509_STORE_CTX *ctx);
+X509_STORE_CTX_check_revocation_fn X509_STORE_CTX_get_check_revocation(const X509_STORE_CTX *ctx);
+X509_STORE_CTX_get_crl_fn X509_STORE_CTX_get_get_crl(const X509_STORE_CTX *ctx);
+X509_STORE_CTX_check_crl_fn X509_STORE_CTX_get_check_crl(const X509_STORE_CTX *ctx);
+X509_STORE_CTX_cert_crl_fn X509_STORE_CTX_get_cert_crl(const X509_STORE_CTX *ctx);
+X509_STORE_CTX_check_policy_fn X509_STORE_CTX_get_check_policy(const X509_STORE_CTX *ctx);
+X509_STORE_CTX_lookup_certs_fn X509_STORE_CTX_get_lookup_certs(const X509_STORE_CTX *ctx);
+X509_STORE_CTX_lookup_crls_fn X509_STORE_CTX_get_lookup_crls(const X509_STORE_CTX *ctx);
+X509_STORE_CTX_cleanup_fn X509_STORE_CTX_get_cleanup(const X509_STORE_CTX *ctx);
+
+#ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# define X509_STORE_CTX_get_chain X509_STORE_CTX_get0_chain
+# define X509_STORE_CTX_set_chain X509_STORE_CTX_set0_untrusted
+# define X509_STORE_CTX_trusted_stack X509_STORE_CTX_set0_trusted_stack
+# define X509_STORE_get_by_subject X509_STORE_CTX_get_by_subject
+# define X509_STORE_get1_certs X509_STORE_CTX_get1_certs
+# define X509_STORE_get1_crls X509_STORE_CTX_get1_crls
+/* the following macro is misspelled; use X509_STORE_get1_certs instead */
+# define X509_STORE_get1_cert X509_STORE_CTX_get1_certs
+/* the following macro is misspelled; use X509_STORE_get1_crls instead */
+# define X509_STORE_get1_crl X509_STORE_CTX_get1_crls
+#endif
+
+X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m);
+X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void);
+X509_LOOKUP_METHOD *X509_LOOKUP_file(void);
+X509_LOOKUP_METHOD *X509_LOOKUP_store(void);
+
+typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc,
+ long argl, char **ret);
+typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx,
+ X509_LOOKUP_TYPE type,
+ const X509_NAME *name,
+ X509_OBJECT *ret);
+typedef int (*X509_LOOKUP_get_by_issuer_serial_fn)(X509_LOOKUP *ctx,
+ X509_LOOKUP_TYPE type,
+ const X509_NAME *name,
+ const ASN1_INTEGER *serial,
+ X509_OBJECT *ret);
+typedef int (*X509_LOOKUP_get_by_fingerprint_fn)(X509_LOOKUP *ctx,
+ X509_LOOKUP_TYPE type,
+ const unsigned char* bytes,
+ int len,
+ X509_OBJECT *ret);
+typedef int (*X509_LOOKUP_get_by_alias_fn)(X509_LOOKUP *ctx,
+ X509_LOOKUP_TYPE type,
+ const char *str,
+ int len,
+ X509_OBJECT *ret);
+
+X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name);
+void X509_LOOKUP_meth_free(X509_LOOKUP_METHOD *method);
+
+int X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
+ int (*new_item) (X509_LOOKUP *ctx));
+int (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
+ (X509_LOOKUP *ctx);
+
+int X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
+ void (*free_fn) (X509_LOOKUP *ctx));
+void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
+ (X509_LOOKUP *ctx);
+
+int X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
+ int (*init) (X509_LOOKUP *ctx));
+int (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
+ (X509_LOOKUP *ctx);
+
+int X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
+ int (*shutdown) (X509_LOOKUP *ctx));
+int (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
+ (X509_LOOKUP *ctx);
+
+int X509_LOOKUP_meth_set_ctrl(X509_LOOKUP_METHOD *method,
+ X509_LOOKUP_ctrl_fn ctrl_fn);
+X509_LOOKUP_ctrl_fn X509_LOOKUP_meth_get_ctrl(const X509_LOOKUP_METHOD *method);
+
+int X509_LOOKUP_meth_set_get_by_subject(X509_LOOKUP_METHOD *method,
+ X509_LOOKUP_get_by_subject_fn fn);
+X509_LOOKUP_get_by_subject_fn X509_LOOKUP_meth_get_get_by_subject(
+ const X509_LOOKUP_METHOD *method);
+
+int X509_LOOKUP_meth_set_get_by_issuer_serial(X509_LOOKUP_METHOD *method,
+ X509_LOOKUP_get_by_issuer_serial_fn fn);
+X509_LOOKUP_get_by_issuer_serial_fn X509_LOOKUP_meth_get_get_by_issuer_serial(
+ const X509_LOOKUP_METHOD *method);
+
+int X509_LOOKUP_meth_set_get_by_fingerprint(X509_LOOKUP_METHOD *method,
+ X509_LOOKUP_get_by_fingerprint_fn fn);
+X509_LOOKUP_get_by_fingerprint_fn X509_LOOKUP_meth_get_get_by_fingerprint(
+ const X509_LOOKUP_METHOD *method);
+
+int X509_LOOKUP_meth_set_get_by_alias(X509_LOOKUP_METHOD *method,
+ X509_LOOKUP_get_by_alias_fn fn);
+X509_LOOKUP_get_by_alias_fn X509_LOOKUP_meth_get_get_by_alias(
+ const X509_LOOKUP_METHOD *method);
+
+
+int X509_STORE_add_cert(X509_STORE *ctx, X509 *x);
+int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);
+
+int X509_STORE_CTX_get_by_subject(const X509_STORE_CTX *vs,
+ X509_LOOKUP_TYPE type,
+ const X509_NAME *name, X509_OBJECT *ret);
+X509_OBJECT *X509_STORE_CTX_get_obj_by_subject(X509_STORE_CTX *vs,
+ X509_LOOKUP_TYPE type,
+ const X509_NAME *name);
+
+int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc,
+ long argl, char **ret);
+
+int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type);
+int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type);
+int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type);
+
+X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method);
+void X509_LOOKUP_free(X509_LOOKUP *ctx);
+int X509_LOOKUP_init(X509_LOOKUP *ctx);
+int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
+ const X509_NAME *name, X509_OBJECT *ret);
+int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
+ const X509_NAME *name,
+ const ASN1_INTEGER *serial,
+ X509_OBJECT *ret);
+int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
+ const unsigned char *bytes, int len,
+ X509_OBJECT *ret);
+int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
+ const char *str, int len, X509_OBJECT *ret);
+int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data);
+void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);
+X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);
+int X509_LOOKUP_shutdown(X509_LOOKUP *ctx);
+
+int X509_STORE_load_file(X509_STORE *ctx, const char *file);
+int X509_STORE_load_path(X509_STORE *ctx, const char *path);
+int X509_STORE_load_store(X509_STORE *ctx, const char *store);
+int X509_STORE_load_locations(X509_STORE *ctx,
+ const char *file,
+ const char *dir);
+int X509_STORE_set_default_paths(X509_STORE *ctx);
+
+#define X509_STORE_CTX_get_ex_new_index(l, p, newf, dupf, freef) \
+ CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE_CTX, l, p, newf, dupf, freef)
+int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data);
+void *X509_STORE_CTX_get_ex_data(const X509_STORE_CTX *ctx, int idx);
+int X509_STORE_CTX_get_error(const X509_STORE_CTX *ctx);
+void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int s);
+int X509_STORE_CTX_get_error_depth(const X509_STORE_CTX *ctx);
+void X509_STORE_CTX_set_error_depth(X509_STORE_CTX *ctx, int depth);
+X509 *X509_STORE_CTX_get_current_cert(const X509_STORE_CTX *ctx);
+void X509_STORE_CTX_set_current_cert(X509_STORE_CTX *ctx, X509 *x);
+X509 *X509_STORE_CTX_get0_current_issuer(const X509_STORE_CTX *ctx);
+X509_CRL *X509_STORE_CTX_get0_current_crl(const X509_STORE_CTX *ctx);
+X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(const X509_STORE_CTX *ctx);
+STACK_OF(X509) *X509_STORE_CTX_get0_chain(const X509_STORE_CTX *ctx);
+STACK_OF(X509) *X509_STORE_CTX_get1_chain(const X509_STORE_CTX *ctx);
+void X509_STORE_CTX_set_cert(X509_STORE_CTX *c, X509 *x);
+void X509_STORE_CTX_set0_verified_chain(X509_STORE_CTX *c, STACK_OF(X509) *sk);
+void X509_STORE_CTX_set0_crls(X509_STORE_CTX *c, STACK_OF(X509_CRL) *sk);
+int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose);
+int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust);
+int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
+ int purpose, int trust);
+void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags);
+void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags,
+ time_t t);
+
+X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(const X509_STORE_CTX *ctx);
+int X509_STORE_CTX_get_explicit_policy(const X509_STORE_CTX *ctx);
+int X509_STORE_CTX_get_num_untrusted(const X509_STORE_CTX *ctx);
+
+X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(const X509_STORE_CTX *ctx);
+void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param);
+int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name);
+
+/*
+ * Bridge opacity barrier between libcrypt and libssl, also needed to support
+ * offline testing in test/danetest.c
+ */
+void X509_STORE_CTX_set0_dane(X509_STORE_CTX *ctx, SSL_DANE *dane);
+#define DANE_FLAG_NO_DANE_EE_NAMECHECKS (1L << 0)
+
+/* X509_VERIFY_PARAM functions */
+
+X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void);
+void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param);
+int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *to,
+ const X509_VERIFY_PARAM *from);
+int X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to,
+ const X509_VERIFY_PARAM *from);
+int X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM *param, const char *name);
+int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
+ unsigned long flags);
+int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
+ unsigned long flags);
+unsigned long X509_VERIFY_PARAM_get_flags(const X509_VERIFY_PARAM *param);
+int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
+int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
+void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
+void X509_VERIFY_PARAM_set_auth_level(X509_VERIFY_PARAM *param, int auth_level);
+time_t X509_VERIFY_PARAM_get_time(const X509_VERIFY_PARAM *param);
+void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
+int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
+ ASN1_OBJECT *policy);
+int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
+ STACK_OF(ASN1_OBJECT) *policies);
+
+int X509_VERIFY_PARAM_set_inh_flags(X509_VERIFY_PARAM *param,
+ uint32_t flags);
+uint32_t X509_VERIFY_PARAM_get_inh_flags(const X509_VERIFY_PARAM *param);
+
+char *X509_VERIFY_PARAM_get0_host(X509_VERIFY_PARAM *param, int idx);
+int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
+ const char *name, size_t namelen);
+int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
+ const char *name, size_t namelen);
+void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
+ unsigned int flags);
+unsigned int X509_VERIFY_PARAM_get_hostflags(const X509_VERIFY_PARAM *param);
+char *X509_VERIFY_PARAM_get0_peername(const X509_VERIFY_PARAM *param);
+void X509_VERIFY_PARAM_move_peername(X509_VERIFY_PARAM *, X509_VERIFY_PARAM *);
+char *X509_VERIFY_PARAM_get0_email(X509_VERIFY_PARAM *param);
+int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
+ const char *email, size_t emaillen);
+char *X509_VERIFY_PARAM_get1_ip_asc(X509_VERIFY_PARAM *param);
+int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
+ const unsigned char *ip, size_t iplen);
+int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param,
+ const char *ipasc);
+
+int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
+int X509_VERIFY_PARAM_get_auth_level(const X509_VERIFY_PARAM *param);
+const char *X509_VERIFY_PARAM_get0_name(const X509_VERIFY_PARAM *param);
+
+int X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM *param);
+int X509_VERIFY_PARAM_get_count(void);
+const X509_VERIFY_PARAM *X509_VERIFY_PARAM_get0(int id);
+const X509_VERIFY_PARAM *X509_VERIFY_PARAM_lookup(const char *name);
+void X509_VERIFY_PARAM_table_cleanup(void);
+
+/* Non positive return values are errors */
+#define X509_PCY_TREE_FAILURE -2 /* Failure to satisfy explicit policy */
+#define X509_PCY_TREE_INVALID -1 /* Inconsistent or invalid extensions */
+#define X509_PCY_TREE_INTERNAL 0 /* Internal error, most likely malloc */
+
+/*
+ * Positive return values form a bit mask, all but the first are internal to
+ * the library and don't appear in results from X509_policy_check().
+ */
+#define X509_PCY_TREE_VALID 1 /* The policy tree is valid */
+#define X509_PCY_TREE_EMPTY 2 /* The policy tree is empty */
+#define X509_PCY_TREE_EXPLICIT 4 /* Explicit policy required */
+
+int X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy,
+ STACK_OF(X509) *certs,
+ STACK_OF(ASN1_OBJECT) *policy_oids, unsigned int flags);
+
+void X509_policy_tree_free(X509_POLICY_TREE *tree);
+
+int X509_policy_tree_level_count(const X509_POLICY_TREE *tree);
+X509_POLICY_LEVEL *X509_policy_tree_get0_level(const X509_POLICY_TREE *tree,
+ int i);
+
+STACK_OF(X509_POLICY_NODE)
+ *X509_policy_tree_get0_policies(const X509_POLICY_TREE *tree);
+
+STACK_OF(X509_POLICY_NODE)
+ *X509_policy_tree_get0_user_policies(const X509_POLICY_TREE *tree);
+
+int X509_policy_level_node_count(X509_POLICY_LEVEL *level);
+
+X509_POLICY_NODE *X509_policy_level_get0_node(const X509_POLICY_LEVEL *level,
+ int i);
+
+const ASN1_OBJECT *X509_policy_node_get0_policy(const X509_POLICY_NODE *node);
+
+STACK_OF(POLICYQUALINFO)
+ *X509_policy_node_get0_qualifiers(const X509_POLICY_NODE *node);
+const X509_POLICY_NODE
+ *X509_policy_node_get0_parent(const X509_POLICY_NODE *node);
+
+#ifdef __cplusplus
+}
+#endif
+#endif
diff --git a/openssl/include/openssl/x509err.h b/openssl/include/openssl/x509err.h new file mode 100644 index 00000000..85e7419d --- /dev/null +++ b/openssl/include/openssl/x509err.h @@ -0,0 +1,141 @@ +/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_X509ERR_H
+# define OPENSSL_X509ERR_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+
+
+# ifdef __cplusplus
+extern "C"
+# endif
+int ERR_load_X509_strings(void);
+
+/*
+ * X509 function codes.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define X509_F_ADD_CERT_DIR 0
+# define X509_F_BUILD_CHAIN 0
+# define X509_F_BY_FILE_CTRL 0
+# define X509_F_CACHE_OBJECTS 0
+# define X509_F_CHECK_NAME_CONSTRAINTS 0
+# define X509_F_CHECK_POLICY 0
+# define X509_F_COMMON_VERIFY_SM2 0
+# define X509_F_DANE_I2D 0
+# define X509_F_DIR_CTRL 0
+# define X509_F_GET_CERT_BY_SUBJECT 0
+# define X509_F_I2D_X509_AUX 0
+# define X509_F_LOOKUP_CERTS_SK 0
+# define X509_F_NETSCAPE_SPKI_B64_DECODE 0
+# define X509_F_NETSCAPE_SPKI_B64_ENCODE 0
+# define X509_F_NEW_DIR 0
+# define X509_F_X509AT_ADD1_ATTR 0
+# define X509_F_X509V3_ADD_EXT 0
+# define X509_F_X509_ATTRIBUTE_CREATE_BY_NID 0
+# define X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ 0
+# define X509_F_X509_ATTRIBUTE_CREATE_BY_TXT 0
+# define X509_F_X509_ATTRIBUTE_GET0_DATA 0
+# define X509_F_X509_ATTRIBUTE_SET1_DATA 0
+# define X509_F_X509_CHECK_PRIVATE_KEY 0
+# define X509_F_X509_CRL_DIFF 0
+# define X509_F_X509_CRL_METHOD_NEW 0
+# define X509_F_X509_CRL_PRINT_FP 0
+# define X509_F_X509_EXTENSION_CREATE_BY_NID 0
+# define X509_F_X509_EXTENSION_CREATE_BY_OBJ 0
+# define X509_F_X509_GET_PUBKEY_PARAMETERS 0
+# define X509_F_X509_LOAD_CERT_CRL_FILE 0
+# define X509_F_X509_LOAD_CERT_FILE 0
+# define X509_F_X509_LOAD_CRL_FILE 0
+# define X509_F_X509_LOOKUP_METH_NEW 0
+# define X509_F_X509_LOOKUP_NEW 0
+# define X509_F_X509_NAME_ADD_ENTRY 0
+# define X509_F_X509_NAME_CANON 0
+# define X509_F_X509_NAME_ENTRY_CREATE_BY_NID 0
+# define X509_F_X509_NAME_ENTRY_CREATE_BY_TXT 0
+# define X509_F_X509_NAME_ENTRY_SET_OBJECT 0
+# define X509_F_X509_NAME_ONELINE 0
+# define X509_F_X509_NAME_PRINT 0
+# define X509_F_X509_OBJECT_NEW 0
+# define X509_F_X509_PRINT_EX_FP 0
+# define X509_F_X509_PUBKEY_DECODE 0
+# define X509_F_X509_PUBKEY_GET 0
+# define X509_F_X509_PUBKEY_GET0 0
+# define X509_F_X509_PUBKEY_SET 0
+# define X509_F_X509_REQ_CHECK_PRIVATE_KEY 0
+# define X509_F_X509_REQ_PRINT_EX 0
+# define X509_F_X509_REQ_PRINT_FP 0
+# define X509_F_X509_REQ_TO_X509 0
+# define X509_F_X509_REQ_VERIFY 0
+# define X509_F_X509_REQ_VERIFY_SM2 0
+# define X509_F_X509_STORE_ADD_CERT 0
+# define X509_F_X509_STORE_ADD_CRL 0
+# define X509_F_X509_STORE_ADD_LOOKUP 0
+# define X509_F_X509_STORE_CTX_GET1_ISSUER 0
+# define X509_F_X509_STORE_CTX_INIT 0
+# define X509_F_X509_STORE_CTX_NEW 0
+# define X509_F_X509_STORE_CTX_PURPOSE_INHERIT 0
+# define X509_F_X509_STORE_NEW 0
+# define X509_F_X509_TO_X509_REQ 0
+# define X509_F_X509_TRUST_ADD 0
+# define X509_F_X509_TRUST_SET 0
+# define X509_F_X509_VERIFY 0
+# define X509_F_X509_VERIFY_CERT 0
+# define X509_F_X509_VERIFY_PARAM_NEW 0
+# define X509_F_X509_VERIFY_SM2 0
+# endif
+
+/*
+ * X509 reason codes.
+ */
+# define X509_R_AKID_MISMATCH 110
+# define X509_R_BAD_SELECTOR 133
+# define X509_R_BAD_X509_FILETYPE 100
+# define X509_R_BASE64_DECODE_ERROR 118
+# define X509_R_CANT_CHECK_DH_KEY 114
+# define X509_R_CERTIFICATE_VERIFICATION_FAILED 139
+# define X509_R_CERT_ALREADY_IN_HASH_TABLE 101
+# define X509_R_CRL_ALREADY_DELTA 127
+# define X509_R_CRL_VERIFY_FAILURE 131
+# define X509_R_IDP_MISMATCH 128
+# define X509_R_INVALID_ATTRIBUTES 138
+# define X509_R_INVALID_DIRECTORY 113
+# define X509_R_INVALID_FIELD_NAME 119
+# define X509_R_INVALID_TRUST 123
+# define X509_R_ISSUER_MISMATCH 129
+# define X509_R_KEY_TYPE_MISMATCH 115
+# define X509_R_KEY_VALUES_MISMATCH 116
+# define X509_R_LOADING_CERT_DIR 103
+# define X509_R_LOADING_DEFAULTS 104
+# define X509_R_METHOD_NOT_SUPPORTED 124
+# define X509_R_NAME_TOO_LONG 134
+# define X509_R_NEWER_CRL_NOT_NEWER 132
+# define X509_R_NO_CERTIFICATE_FOUND 135
+# define X509_R_NO_CERTIFICATE_OR_CRL_FOUND 136
+# define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105
+# define X509_R_NO_CRL_FOUND 137
+# define X509_R_NO_CRL_NUMBER 130
+# define X509_R_PUBLIC_KEY_DECODE_ERROR 125
+# define X509_R_PUBLIC_KEY_ENCODE_ERROR 126
+# define X509_R_SHOULD_RETRY 106
+# define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN 107
+# define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY 108
+# define X509_R_UNKNOWN_KEY_TYPE 117
+# define X509_R_UNKNOWN_NID 109
+# define X509_R_UNKNOWN_PURPOSE_ID 121
+# define X509_R_UNKNOWN_TRUST_ID 120
+# define X509_R_UNSUPPORTED_ALGORITHM 111
+# define X509_R_WRONG_LOOKUP_TYPE 112
+# define X509_R_WRONG_TYPE 122
+
+#endif
diff --git a/openssl/include/openssl/x509v3.h b/openssl/include/openssl/x509v3.h new file mode 100644 index 00000000..26d0fd80 --- /dev/null +++ b/openssl/include/openssl/x509v3.h @@ -0,0 +1,956 @@ +/*
+ * Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_X509V3_H
+# define OPENSSL_X509V3_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_X509V3_H
+# endif
+
+# include <openssl/bio.h>
+# include <openssl/x509.h>
+# include <openssl/conf.h>
+# include <openssl/x509v3err.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Forward reference */
+struct v3_ext_method;
+struct v3_ext_ctx;
+
+/* Useful typedefs */
+
+typedef void *(*X509V3_EXT_NEW)(void);
+typedef void (*X509V3_EXT_FREE) (void *);
+typedef void *(*X509V3_EXT_D2I)(void *, const unsigned char **, long);
+typedef int (*X509V3_EXT_I2D) (const void *, unsigned char **);
+typedef STACK_OF(CONF_VALUE) *
+ (*X509V3_EXT_I2V) (const struct v3_ext_method *method, void *ext,
+ STACK_OF(CONF_VALUE) *extlist);
+typedef void *(*X509V3_EXT_V2I)(const struct v3_ext_method *method,
+ struct v3_ext_ctx *ctx,
+ STACK_OF(CONF_VALUE) *values);
+typedef char *(*X509V3_EXT_I2S)(const struct v3_ext_method *method,
+ void *ext);
+typedef void *(*X509V3_EXT_S2I)(const struct v3_ext_method *method,
+ struct v3_ext_ctx *ctx, const char *str);
+typedef int (*X509V3_EXT_I2R) (const struct v3_ext_method *method, void *ext,
+ BIO *out, int indent);
+typedef void *(*X509V3_EXT_R2I)(const struct v3_ext_method *method,
+ struct v3_ext_ctx *ctx, const char *str);
+
+/* V3 extension structure */
+
+struct v3_ext_method {
+ int ext_nid;
+ int ext_flags;
+/* If this is set the following four fields are ignored */
+ ASN1_ITEM_EXP *it;
+/* Old style ASN1 calls */
+ X509V3_EXT_NEW ext_new;
+ X509V3_EXT_FREE ext_free;
+ X509V3_EXT_D2I d2i;
+ X509V3_EXT_I2D i2d;
+/* The following pair is used for string extensions */
+ X509V3_EXT_I2S i2s;
+ X509V3_EXT_S2I s2i;
+/* The following pair is used for multi-valued extensions */
+ X509V3_EXT_I2V i2v;
+ X509V3_EXT_V2I v2i;
+/* The following are used for raw extensions */
+ X509V3_EXT_I2R i2r;
+ X509V3_EXT_R2I r2i;
+ void *usr_data; /* Any extension specific data */
+};
+
+typedef struct X509V3_CONF_METHOD_st {
+ char *(*get_string) (void *db, const char *section, const char *value);
+ STACK_OF(CONF_VALUE) *(*get_section) (void *db, const char *section);
+ void (*free_string) (void *db, char *string);
+ void (*free_section) (void *db, STACK_OF(CONF_VALUE) *section);
+} X509V3_CONF_METHOD;
+
+/* Context specific info */
+struct v3_ext_ctx {
+# define CTX_TEST 0x1
+# define X509V3_CTX_REPLACE 0x2
+ int flags;
+ X509 *issuer_cert;
+ X509 *subject_cert;
+ X509_REQ *subject_req;
+ X509_CRL *crl;
+ X509V3_CONF_METHOD *db_meth;
+ void *db;
+/* Maybe more here */
+};
+
+typedef struct v3_ext_method X509V3_EXT_METHOD;
+
+DEFINE_OR_DECLARE_STACK_OF(X509V3_EXT_METHOD)
+
+/* ext_flags values */
+# define X509V3_EXT_DYNAMIC 0x1
+# define X509V3_EXT_CTX_DEP 0x2
+# define X509V3_EXT_MULTILINE 0x4
+
+typedef BIT_STRING_BITNAME ENUMERATED_NAMES;
+
+typedef struct BASIC_CONSTRAINTS_st {
+ int ca;
+ ASN1_INTEGER *pathlen;
+} BASIC_CONSTRAINTS;
+
+typedef struct PKEY_USAGE_PERIOD_st {
+ ASN1_GENERALIZEDTIME *notBefore;
+ ASN1_GENERALIZEDTIME *notAfter;
+} PKEY_USAGE_PERIOD;
+
+typedef struct otherName_st {
+ ASN1_OBJECT *type_id;
+ ASN1_TYPE *value;
+} OTHERNAME;
+
+typedef struct EDIPartyName_st {
+ ASN1_STRING *nameAssigner;
+ ASN1_STRING *partyName;
+} EDIPARTYNAME;
+
+typedef struct GENERAL_NAME_st {
+# define GEN_OTHERNAME 0
+# define GEN_EMAIL 1
+# define GEN_DNS 2
+# define GEN_X400 3
+# define GEN_DIRNAME 4
+# define GEN_EDIPARTY 5
+# define GEN_URI 6
+# define GEN_IPADD 7
+# define GEN_RID 8
+ int type;
+ union {
+ char *ptr;
+ OTHERNAME *otherName; /* otherName */
+ ASN1_IA5STRING *rfc822Name;
+ ASN1_IA5STRING *dNSName;
+ ASN1_TYPE *x400Address;
+ X509_NAME *directoryName;
+ EDIPARTYNAME *ediPartyName;
+ ASN1_IA5STRING *uniformResourceIdentifier;
+ ASN1_OCTET_STRING *iPAddress;
+ ASN1_OBJECT *registeredID;
+ /* Old names */
+ ASN1_OCTET_STRING *ip; /* iPAddress */
+ X509_NAME *dirn; /* dirn */
+ ASN1_IA5STRING *ia5; /* rfc822Name, dNSName,
+ * uniformResourceIdentifier */
+ ASN1_OBJECT *rid; /* registeredID */
+ ASN1_TYPE *other; /* x400Address */
+ } d;
+} GENERAL_NAME;
+
+typedef struct ACCESS_DESCRIPTION_st {
+ ASN1_OBJECT *method;
+ GENERAL_NAME *location;
+} ACCESS_DESCRIPTION;
+
+DEFINE_OR_DECLARE_STACK_OF(ACCESS_DESCRIPTION)
+DEFINE_OR_DECLARE_STACK_OF(GENERAL_NAME)
+
+typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
+typedef STACK_OF(ASN1_OBJECT) EXTENDED_KEY_USAGE;
+typedef STACK_OF(ASN1_INTEGER) TLS_FEATURE;
+typedef STACK_OF(GENERAL_NAME) GENERAL_NAMES;
+
+DEFINE_OR_DECLARE_STACK_OF(GENERAL_NAMES)
+
+typedef struct DIST_POINT_NAME_st {
+ int type;
+ union {
+ GENERAL_NAMES *fullname;
+ STACK_OF(X509_NAME_ENTRY) *relativename;
+ } name;
+/* If relativename then this contains the full distribution point name */
+ X509_NAME *dpname;
+} DIST_POINT_NAME;
+/* All existing reasons */
+# define CRLDP_ALL_REASONS 0x807f
+
+# define CRL_REASON_NONE -1
+# define CRL_REASON_UNSPECIFIED 0
+# define CRL_REASON_KEY_COMPROMISE 1
+# define CRL_REASON_CA_COMPROMISE 2
+# define CRL_REASON_AFFILIATION_CHANGED 3
+# define CRL_REASON_SUPERSEDED 4
+# define CRL_REASON_CESSATION_OF_OPERATION 5
+# define CRL_REASON_CERTIFICATE_HOLD 6
+# define CRL_REASON_REMOVE_FROM_CRL 8
+# define CRL_REASON_PRIVILEGE_WITHDRAWN 9
+# define CRL_REASON_AA_COMPROMISE 10
+
+struct DIST_POINT_st {
+ DIST_POINT_NAME *distpoint;
+ ASN1_BIT_STRING *reasons;
+ GENERAL_NAMES *CRLissuer;
+ int dp_reasons;
+};
+
+DEFINE_OR_DECLARE_STACK_OF(DIST_POINT)
+
+typedef STACK_OF(DIST_POINT) CRL_DIST_POINTS;
+
+struct AUTHORITY_KEYID_st {
+ ASN1_OCTET_STRING *keyid;
+ GENERAL_NAMES *issuer;
+ ASN1_INTEGER *serial;
+};
+
+/* Strong extranet structures */
+
+typedef struct SXNET_ID_st {
+ ASN1_INTEGER *zone;
+ ASN1_OCTET_STRING *user;
+} SXNETID;
+
+DEFINE_OR_DECLARE_STACK_OF(SXNETID)
+
+typedef struct SXNET_st {
+ ASN1_INTEGER *version;
+ STACK_OF(SXNETID) *ids;
+} SXNET;
+
+typedef struct ISSUER_SIGN_TOOL_st {
+ ASN1_UTF8STRING *signTool;
+ ASN1_UTF8STRING *cATool;
+ ASN1_UTF8STRING *signToolCert;
+ ASN1_UTF8STRING *cAToolCert;
+} ISSUER_SIGN_TOOL;
+
+typedef struct NOTICEREF_st {
+ ASN1_STRING *organization;
+ STACK_OF(ASN1_INTEGER) *noticenos;
+} NOTICEREF;
+
+typedef struct USERNOTICE_st {
+ NOTICEREF *noticeref;
+ ASN1_STRING *exptext;
+} USERNOTICE;
+
+typedef struct POLICYQUALINFO_st {
+ ASN1_OBJECT *pqualid;
+ union {
+ ASN1_IA5STRING *cpsuri;
+ USERNOTICE *usernotice;
+ ASN1_TYPE *other;
+ } d;
+} POLICYQUALINFO;
+
+DEFINE_OR_DECLARE_STACK_OF(POLICYQUALINFO)
+
+typedef struct POLICYINFO_st {
+ ASN1_OBJECT *policyid;
+ STACK_OF(POLICYQUALINFO) *qualifiers;
+} POLICYINFO;
+
+DEFINE_OR_DECLARE_STACK_OF(POLICYINFO)
+
+typedef STACK_OF(POLICYINFO) CERTIFICATEPOLICIES;
+
+typedef struct POLICY_MAPPING_st {
+ ASN1_OBJECT *issuerDomainPolicy;
+ ASN1_OBJECT *subjectDomainPolicy;
+} POLICY_MAPPING;
+
+DEFINE_OR_DECLARE_STACK_OF(POLICY_MAPPING)
+
+typedef STACK_OF(POLICY_MAPPING) POLICY_MAPPINGS;
+
+typedef struct GENERAL_SUBTREE_st {
+ GENERAL_NAME *base;
+ ASN1_INTEGER *minimum;
+ ASN1_INTEGER *maximum;
+} GENERAL_SUBTREE;
+
+DEFINE_OR_DECLARE_STACK_OF(GENERAL_SUBTREE)
+
+struct NAME_CONSTRAINTS_st {
+ STACK_OF(GENERAL_SUBTREE) *permittedSubtrees;
+ STACK_OF(GENERAL_SUBTREE) *excludedSubtrees;
+};
+
+typedef struct POLICY_CONSTRAINTS_st {
+ ASN1_INTEGER *requireExplicitPolicy;
+ ASN1_INTEGER *inhibitPolicyMapping;
+} POLICY_CONSTRAINTS;
+
+/* Proxy certificate structures, see RFC 3820 */
+typedef struct PROXY_POLICY_st {
+ ASN1_OBJECT *policyLanguage;
+ ASN1_OCTET_STRING *policy;
+} PROXY_POLICY;
+
+typedef struct PROXY_CERT_INFO_EXTENSION_st {
+ ASN1_INTEGER *pcPathLengthConstraint;
+ PROXY_POLICY *proxyPolicy;
+} PROXY_CERT_INFO_EXTENSION;
+
+DECLARE_ASN1_FUNCTIONS(PROXY_POLICY)
+DECLARE_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION)
+
+struct ISSUING_DIST_POINT_st {
+ DIST_POINT_NAME *distpoint;
+ int onlyuser;
+ int onlyCA;
+ ASN1_BIT_STRING *onlysomereasons;
+ int indirectCRL;
+ int onlyattr;
+};
+
+/* Values in idp_flags field */
+/* IDP present */
+# define IDP_PRESENT 0x1
+/* IDP values inconsistent */
+# define IDP_INVALID 0x2
+/* onlyuser true */
+# define IDP_ONLYUSER 0x4
+/* onlyCA true */
+# define IDP_ONLYCA 0x8
+/* onlyattr true */
+# define IDP_ONLYATTR 0x10
+/* indirectCRL true */
+# define IDP_INDIRECT 0x20
+/* onlysomereasons present */
+# define IDP_REASONS 0x40
+
+# define X509V3_conf_err(val) ERR_add_error_data(6, \
+ "section:", (val)->section, \
+ ",name:", (val)->name, ",value:", (val)->value)
+
+# define X509V3_set_ctx_test(ctx) \
+ X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST)
+# define X509V3_set_ctx_nodb(ctx) (ctx)->db = NULL;
+
+# define EXT_BITSTRING(nid, table) { nid, 0, ASN1_ITEM_ref(ASN1_BIT_STRING), \
+ 0,0,0,0, \
+ 0,0, \
+ (X509V3_EXT_I2V)i2v_ASN1_BIT_STRING, \
+ (X509V3_EXT_V2I)v2i_ASN1_BIT_STRING, \
+ NULL, NULL, \
+ table}
+
+# define EXT_IA5STRING(nid) { nid, 0, ASN1_ITEM_ref(ASN1_IA5STRING), \
+ 0,0,0,0, \
+ (X509V3_EXT_I2S)i2s_ASN1_IA5STRING, \
+ (X509V3_EXT_S2I)s2i_ASN1_IA5STRING, \
+ 0,0,0,0, \
+ NULL}
+
+# define EXT_END { -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}
+
+/* X509_PURPOSE stuff */
+
+# define EXFLAG_BCONS 0x1
+# define EXFLAG_KUSAGE 0x2
+# define EXFLAG_XKUSAGE 0x4
+# define EXFLAG_NSCERT 0x8
+
+# define EXFLAG_CA 0x10
+/* Really self issued not necessarily self signed */
+# define EXFLAG_SI 0x20
+# define EXFLAG_V1 0x40
+# define EXFLAG_INVALID 0x80
+/* EXFLAG_SET is set to indicate that some values have been precomputed */
+# define EXFLAG_SET 0x100
+# define EXFLAG_CRITICAL 0x200
+# define EXFLAG_PROXY 0x400
+
+# define EXFLAG_INVALID_POLICY 0x800
+# define EXFLAG_FRESHEST 0x1000
+/* Self signed */
+# define EXFLAG_SS 0x2000
+
+# define KU_DIGITAL_SIGNATURE 0x0080
+# define KU_NON_REPUDIATION 0x0040
+# define KU_KEY_ENCIPHERMENT 0x0020
+# define KU_DATA_ENCIPHERMENT 0x0010
+# define KU_KEY_AGREEMENT 0x0008
+# define KU_KEY_CERT_SIGN 0x0004
+# define KU_CRL_SIGN 0x0002
+# define KU_ENCIPHER_ONLY 0x0001
+# define KU_DECIPHER_ONLY 0x8000
+
+# define NS_SSL_CLIENT 0x80
+# define NS_SSL_SERVER 0x40
+# define NS_SMIME 0x20
+# define NS_OBJSIGN 0x10
+# define NS_SSL_CA 0x04
+# define NS_SMIME_CA 0x02
+# define NS_OBJSIGN_CA 0x01
+# define NS_ANY_CA (NS_SSL_CA|NS_SMIME_CA|NS_OBJSIGN_CA)
+
+# define XKU_SSL_SERVER 0x1
+# define XKU_SSL_CLIENT 0x2
+# define XKU_SMIME 0x4
+# define XKU_CODE_SIGN 0x8
+# define XKU_SGC 0x10
+# define XKU_OCSP_SIGN 0x20
+# define XKU_TIMESTAMP 0x40
+# define XKU_DVCS 0x80
+# define XKU_ANYEKU 0x100
+
+# define X509_PURPOSE_DYNAMIC 0x1
+# define X509_PURPOSE_DYNAMIC_NAME 0x2
+
+typedef struct x509_purpose_st {
+ int purpose;
+ int trust; /* Default trust ID */
+ int flags;
+ int (*check_purpose) (const struct x509_purpose_st *, const X509 *, int);
+ char *name;
+ char *sname;
+ void *usr_data;
+} X509_PURPOSE;
+
+DEFINE_OR_DECLARE_STACK_OF(X509_PURPOSE)
+
+# define X509_PURPOSE_SSL_CLIENT 1
+# define X509_PURPOSE_SSL_SERVER 2
+# define X509_PURPOSE_NS_SSL_SERVER 3
+# define X509_PURPOSE_SMIME_SIGN 4
+# define X509_PURPOSE_SMIME_ENCRYPT 5
+# define X509_PURPOSE_CRL_SIGN 6
+# define X509_PURPOSE_ANY 7
+# define X509_PURPOSE_OCSP_HELPER 8
+# define X509_PURPOSE_TIMESTAMP_SIGN 9
+
+# define X509_PURPOSE_MIN 1
+# define X509_PURPOSE_MAX 9
+
+/* Flags for X509V3_EXT_print() */
+
+# define X509V3_EXT_UNKNOWN_MASK (0xfL << 16)
+/* Return error for unknown extensions */
+# define X509V3_EXT_DEFAULT 0
+/* Print error for unknown extensions */
+# define X509V3_EXT_ERROR_UNKNOWN (1L << 16)
+/* ASN1 parse unknown extensions */
+# define X509V3_EXT_PARSE_UNKNOWN (2L << 16)
+/* BIO_dump unknown extensions */
+# define X509V3_EXT_DUMP_UNKNOWN (3L << 16)
+
+/* Flags for X509V3_add1_i2d */
+
+# define X509V3_ADD_OP_MASK 0xfL
+# define X509V3_ADD_DEFAULT 0L
+# define X509V3_ADD_APPEND 1L
+# define X509V3_ADD_REPLACE 2L
+# define X509V3_ADD_REPLACE_EXISTING 3L
+# define X509V3_ADD_KEEP_EXISTING 4L
+# define X509V3_ADD_DELETE 5L
+# define X509V3_ADD_SILENT 0x10
+
+DECLARE_ASN1_FUNCTIONS(BASIC_CONSTRAINTS)
+
+DECLARE_ASN1_FUNCTIONS(SXNET)
+DECLARE_ASN1_FUNCTIONS(SXNETID)
+
+DECLARE_ASN1_FUNCTIONS(ISSUER_SIGN_TOOL)
+
+int SXNET_add_id_asc(SXNET **psx, const char *zone, const char *user, int userlen);
+int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, const char *user,
+ int userlen);
+int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *izone, const char *user,
+ int userlen);
+
+ASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, const char *zone);
+ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone);
+ASN1_OCTET_STRING *SXNET_get_id_INTEGER(SXNET *sx, ASN1_INTEGER *zone);
+
+DECLARE_ASN1_FUNCTIONS(AUTHORITY_KEYID)
+
+DECLARE_ASN1_FUNCTIONS(PKEY_USAGE_PERIOD)
+
+DECLARE_ASN1_FUNCTIONS(GENERAL_NAME)
+DECLARE_ASN1_DUP_FUNCTION(GENERAL_NAME)
+int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b);
+
+ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx,
+ STACK_OF(CONF_VALUE) *nval);
+STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
+ ASN1_BIT_STRING *bits,
+ STACK_OF(CONF_VALUE) *extlist);
+char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, ASN1_IA5STRING *ia5);
+ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx, const char *str);
+
+STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
+ GENERAL_NAME *gen,
+ STACK_OF(CONF_VALUE) *ret);
+int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen);
+
+DECLARE_ASN1_FUNCTIONS(GENERAL_NAMES)
+
+STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
+ GENERAL_NAMES *gen,
+ STACK_OF(CONF_VALUE) *extlist);
+GENERAL_NAMES *v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
+
+DECLARE_ASN1_FUNCTIONS(OTHERNAME)
+DECLARE_ASN1_FUNCTIONS(EDIPARTYNAME)
+int OTHERNAME_cmp(OTHERNAME *a, OTHERNAME *b);
+void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type, void *value);
+void *GENERAL_NAME_get0_value(const GENERAL_NAME *a, int *ptype);
+int GENERAL_NAME_set0_othername(GENERAL_NAME *gen,
+ ASN1_OBJECT *oid, ASN1_TYPE *value);
+int GENERAL_NAME_get0_otherName(const GENERAL_NAME *gen,
+ ASN1_OBJECT **poid, ASN1_TYPE **pvalue);
+
+char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
+ const ASN1_OCTET_STRING *ia5);
+ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx, const char *str);
+
+DECLARE_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE)
+int i2a_ACCESS_DESCRIPTION(BIO *bp, const ACCESS_DESCRIPTION *a);
+
+DECLARE_ASN1_ALLOC_FUNCTIONS(TLS_FEATURE)
+
+DECLARE_ASN1_FUNCTIONS(CERTIFICATEPOLICIES)
+DECLARE_ASN1_FUNCTIONS(POLICYINFO)
+DECLARE_ASN1_FUNCTIONS(POLICYQUALINFO)
+DECLARE_ASN1_FUNCTIONS(USERNOTICE)
+DECLARE_ASN1_FUNCTIONS(NOTICEREF)
+
+DECLARE_ASN1_FUNCTIONS(CRL_DIST_POINTS)
+DECLARE_ASN1_FUNCTIONS(DIST_POINT)
+DECLARE_ASN1_FUNCTIONS(DIST_POINT_NAME)
+DECLARE_ASN1_FUNCTIONS(ISSUING_DIST_POINT)
+
+int DIST_POINT_set_dpname(DIST_POINT_NAME *dpn, const X509_NAME *iname);
+
+int NAME_CONSTRAINTS_check(X509 *x, NAME_CONSTRAINTS *nc);
+int NAME_CONSTRAINTS_check_CN(X509 *x, NAME_CONSTRAINTS *nc);
+
+DECLARE_ASN1_FUNCTIONS(ACCESS_DESCRIPTION)
+DECLARE_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS)
+
+DECLARE_ASN1_ITEM(POLICY_MAPPING)
+DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_MAPPING)
+DECLARE_ASN1_ITEM(POLICY_MAPPINGS)
+
+DECLARE_ASN1_ITEM(GENERAL_SUBTREE)
+DECLARE_ASN1_ALLOC_FUNCTIONS(GENERAL_SUBTREE)
+
+DECLARE_ASN1_ITEM(NAME_CONSTRAINTS)
+DECLARE_ASN1_ALLOC_FUNCTIONS(NAME_CONSTRAINTS)
+
+DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_CONSTRAINTS)
+DECLARE_ASN1_ITEM(POLICY_CONSTRAINTS)
+
+GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out,
+ const X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx, int gen_type,
+ const char *value, int is_nc);
+
+# ifdef OPENSSL_CONF_H
+GENERAL_NAME *v2i_GENERAL_NAME(const X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx, CONF_VALUE *cnf);
+GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
+ const X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx, CONF_VALUE *cnf,
+ int is_nc);
+
+int X509v3_cache_extensions(X509 *x, OPENSSL_CTX *libctx, const char *propq);
+
+void X509V3_conf_free(CONF_VALUE *val);
+
+X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid,
+ const char *value);
+X509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, const char *name,
+ const char *value);
+int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, const char *section,
+ STACK_OF(X509_EXTENSION) **sk);
+int X509V3_EXT_add_nconf(CONF *conf, X509V3_CTX *ctx, const char *section,
+ X509 *cert);
+int X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx, const char *section,
+ X509_REQ *req);
+int X509V3_EXT_CRL_add_nconf(CONF *conf, X509V3_CTX *ctx, const char *section,
+ X509_CRL *crl);
+
+X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf,
+ X509V3_CTX *ctx, int ext_nid,
+ const char *value);
+X509_EXTENSION *X509V3_EXT_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
+ const char *name, const char *value);
+int X509V3_EXT_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
+ const char *section, X509 *cert);
+int X509V3_EXT_REQ_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
+ const char *section, X509_REQ *req);
+int X509V3_EXT_CRL_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
+ const char *section, X509_CRL *crl);
+
+int X509V3_add_value_bool_nf(const char *name, int asn1_bool,
+ STACK_OF(CONF_VALUE) **extlist);
+int X509V3_get_value_bool(const CONF_VALUE *value, int *asn1_bool);
+int X509V3_get_value_int(const CONF_VALUE *value, ASN1_INTEGER **aint);
+void X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf);
+void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH_OF(CONF_VALUE) *lhash);
+# endif
+
+char *X509V3_get_string(X509V3_CTX *ctx, const char *name, const char *section);
+STACK_OF(CONF_VALUE) *X509V3_get_section(X509V3_CTX *ctx, const char *section);
+void X509V3_string_free(X509V3_CTX *ctx, char *str);
+void X509V3_section_free(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section);
+void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject,
+ X509_REQ *req, X509_CRL *crl, int flags);
+
+int X509V3_add_value(const char *name, const char *value,
+ STACK_OF(CONF_VALUE) **extlist);
+int X509V3_add_value_uchar(const char *name, const unsigned char *value,
+ STACK_OF(CONF_VALUE) **extlist);
+int X509V3_add_value_bool(const char *name, int asn1_bool,
+ STACK_OF(CONF_VALUE) **extlist);
+int X509V3_add_value_int(const char *name, const ASN1_INTEGER *aint,
+ STACK_OF(CONF_VALUE) **extlist);
+char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, const ASN1_INTEGER *aint);
+ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *meth, const char *value);
+char *i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *meth, const ASN1_ENUMERATED *aint);
+char *i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *meth,
+ const ASN1_ENUMERATED *aint);
+int X509V3_EXT_add(X509V3_EXT_METHOD *ext);
+int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist);
+int X509V3_EXT_add_alias(int nid_to, int nid_from);
+void X509V3_EXT_cleanup(void);
+
+const X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext);
+const X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid);
+int X509V3_add_standard_extensions(void);
+STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line);
+void *X509V3_EXT_d2i(X509_EXTENSION *ext);
+void *X509V3_get_d2i(const STACK_OF(X509_EXTENSION) *x, int nid, int *crit,
+ int *idx);
+
+X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc);
+int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
+ int crit, unsigned long flags);
+
+#ifndef OPENSSL_NO_DEPRECATED_1_1_0
+/* The new declarations are in crypto.h, but the old ones were here. */
+# define hex_to_string OPENSSL_buf2hexstr
+# define string_to_hex OPENSSL_hexstr2buf
+#endif
+
+void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent,
+ int ml);
+int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag,
+ int indent);
+#ifndef OPENSSL_NO_STDIO
+int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
+#endif
+int X509V3_extensions_print(BIO *out, const char *title,
+ const STACK_OF(X509_EXTENSION) *exts,
+ unsigned long flag, int indent);
+
+int X509_check_ca(X509 *x);
+int X509_check_purpose(X509 *x, int id, int ca);
+int X509_supported_extension(X509_EXTENSION *ex);
+int X509_PURPOSE_set(int *p, int purpose);
+int X509_check_issued(X509 *issuer, X509 *subject);
+int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid);
+void X509_set_proxy_flag(X509 *x);
+void X509_set_proxy_pathlen(X509 *x, long l);
+long X509_get_proxy_pathlen(X509 *x);
+
+uint32_t X509_get_extension_flags(X509 *x);
+uint32_t X509_get_key_usage(X509 *x);
+uint32_t X509_get_extended_key_usage(X509 *x);
+const ASN1_OCTET_STRING *X509_get0_subject_key_id(X509 *x);
+const ASN1_OCTET_STRING *X509_get0_authority_key_id(X509 *x);
+const GENERAL_NAMES *X509_get0_authority_issuer(X509 *x);
+const ASN1_INTEGER *X509_get0_authority_serial(X509 *x);
+
+int X509_PURPOSE_get_count(void);
+X509_PURPOSE *X509_PURPOSE_get0(int idx);
+int X509_PURPOSE_get_by_sname(const char *sname);
+int X509_PURPOSE_get_by_id(int id);
+int X509_PURPOSE_add(int id, int trust, int flags,
+ int (*ck) (const X509_PURPOSE *, const X509 *, int),
+ const char *name, const char *sname, void *arg);
+char *X509_PURPOSE_get0_name(const X509_PURPOSE *xp);
+char *X509_PURPOSE_get0_sname(const X509_PURPOSE *xp);
+int X509_PURPOSE_get_trust(const X509_PURPOSE *xp);
+void X509_PURPOSE_cleanup(void);
+int X509_PURPOSE_get_id(const X509_PURPOSE *);
+
+STACK_OF(OPENSSL_STRING) *X509_get1_email(X509 *x);
+STACK_OF(OPENSSL_STRING) *X509_REQ_get1_email(X509_REQ *x);
+void X509_email_free(STACK_OF(OPENSSL_STRING) *sk);
+STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(X509 *x);
+/* Flags for X509_check_* functions */
+
+/*
+ * Always check subject name for host match even if subject alt names present
+ */
+# define X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT 0x1
+/* Disable wildcard matching for dnsName fields and common name. */
+# define X509_CHECK_FLAG_NO_WILDCARDS 0x2
+/* Wildcards must not match a partial label. */
+# define X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS 0x4
+/* Allow (non-partial) wildcards to match multiple labels. */
+# define X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS 0x8
+/* Constraint verifier subdomain patterns to match a single labels. */
+# define X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS 0x10
+/* Never check the subject CN */
+# define X509_CHECK_FLAG_NEVER_CHECK_SUBJECT 0x20
+/*
+ * Match reference identifiers starting with "." to any sub-domain.
+ * This is a non-public flag, turned on implicitly when the subject
+ * reference identity is a DNS name.
+ */
+# define _X509_CHECK_FLAG_DOT_SUBDOMAINS 0x8000
+
+int X509_check_host(X509 *x, const char *chk, size_t chklen,
+ unsigned int flags, char **peername);
+int X509_check_email(X509 *x, const char *chk, size_t chklen,
+ unsigned int flags);
+int X509_check_ip(X509 *x, const unsigned char *chk, size_t chklen,
+ unsigned int flags);
+int X509_check_ip_asc(X509 *x, const char *ipasc, unsigned int flags);
+
+ASN1_OCTET_STRING *a2i_IPADDRESS(const char *ipasc);
+ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc);
+int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE) *dn_sk,
+ unsigned long chtype);
+
+void X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node, int indent);
+DEFINE_OR_DECLARE_STACK_OF(X509_POLICY_NODE)
+
+#ifndef OPENSSL_NO_RFC3779
+typedef struct ASRange_st {
+ ASN1_INTEGER *min, *max;
+} ASRange;
+
+# define ASIdOrRange_id 0
+# define ASIdOrRange_range 1
+
+typedef struct ASIdOrRange_st {
+ int type;
+ union {
+ ASN1_INTEGER *id;
+ ASRange *range;
+ } u;
+} ASIdOrRange;
+
+DEFINE_OR_DECLARE_STACK_OF(ASIdOrRange)
+
+typedef STACK_OF(ASIdOrRange) ASIdOrRanges;
+
+# define ASIdentifierChoice_inherit 0
+# define ASIdentifierChoice_asIdsOrRanges 1
+
+typedef struct ASIdentifierChoice_st {
+ int type;
+ union {
+ ASN1_NULL *inherit;
+ ASIdOrRanges *asIdsOrRanges;
+ } u;
+} ASIdentifierChoice;
+
+typedef struct ASIdentifiers_st {
+ ASIdentifierChoice *asnum, *rdi;
+} ASIdentifiers;
+
+DECLARE_ASN1_FUNCTIONS(ASRange)
+DECLARE_ASN1_FUNCTIONS(ASIdOrRange)
+DECLARE_ASN1_FUNCTIONS(ASIdentifierChoice)
+DECLARE_ASN1_FUNCTIONS(ASIdentifiers)
+
+typedef struct IPAddressRange_st {
+ ASN1_BIT_STRING *min, *max;
+} IPAddressRange;
+
+# define IPAddressOrRange_addressPrefix 0
+# define IPAddressOrRange_addressRange 1
+
+typedef struct IPAddressOrRange_st {
+ int type;
+ union {
+ ASN1_BIT_STRING *addressPrefix;
+ IPAddressRange *addressRange;
+ } u;
+} IPAddressOrRange;
+
+DEFINE_OR_DECLARE_STACK_OF(IPAddressOrRange)
+
+typedef STACK_OF(IPAddressOrRange) IPAddressOrRanges;
+
+# define IPAddressChoice_inherit 0
+# define IPAddressChoice_addressesOrRanges 1
+
+typedef struct IPAddressChoice_st {
+ int type;
+ union {
+ ASN1_NULL *inherit;
+ IPAddressOrRanges *addressesOrRanges;
+ } u;
+} IPAddressChoice;
+
+typedef struct IPAddressFamily_st {
+ ASN1_OCTET_STRING *addressFamily;
+ IPAddressChoice *ipAddressChoice;
+} IPAddressFamily;
+
+DEFINE_OR_DECLARE_STACK_OF(IPAddressFamily)
+
+typedef STACK_OF(IPAddressFamily) IPAddrBlocks;
+
+DECLARE_ASN1_FUNCTIONS(IPAddressRange)
+DECLARE_ASN1_FUNCTIONS(IPAddressOrRange)
+DECLARE_ASN1_FUNCTIONS(IPAddressChoice)
+DECLARE_ASN1_FUNCTIONS(IPAddressFamily)
+
+/*
+ * API tag for elements of the ASIdentifer SEQUENCE.
+ */
+# define V3_ASID_ASNUM 0
+# define V3_ASID_RDI 1
+
+/*
+ * AFI values, assigned by IANA. It'd be nice to make the AFI
+ * handling code totally generic, but there are too many little things
+ * that would need to be defined for other address families for it to
+ * be worth the trouble.
+ */
+# define IANA_AFI_IPV4 1
+# define IANA_AFI_IPV6 2
+
+/*
+ * Utilities to construct and extract values from RFC3779 extensions,
+ * since some of the encodings (particularly for IP address prefixes
+ * and ranges) are a bit tedious to work with directly.
+ */
+int X509v3_asid_add_inherit(ASIdentifiers *asid, int which);
+int X509v3_asid_add_id_or_range(ASIdentifiers *asid, int which,
+ ASN1_INTEGER *min, ASN1_INTEGER *max);
+int X509v3_addr_add_inherit(IPAddrBlocks *addr,
+ const unsigned afi, const unsigned *safi);
+int X509v3_addr_add_prefix(IPAddrBlocks *addr,
+ const unsigned afi, const unsigned *safi,
+ unsigned char *a, const int prefixlen);
+int X509v3_addr_add_range(IPAddrBlocks *addr,
+ const unsigned afi, const unsigned *safi,
+ unsigned char *min, unsigned char *max);
+unsigned X509v3_addr_get_afi(const IPAddressFamily *f);
+int X509v3_addr_get_range(IPAddressOrRange *aor, const unsigned afi,
+ unsigned char *min, unsigned char *max,
+ const int length);
+
+/*
+ * Canonical forms.
+ */
+int X509v3_asid_is_canonical(ASIdentifiers *asid);
+int X509v3_addr_is_canonical(IPAddrBlocks *addr);
+int X509v3_asid_canonize(ASIdentifiers *asid);
+int X509v3_addr_canonize(IPAddrBlocks *addr);
+
+/*
+ * Tests for inheritance and containment.
+ */
+int X509v3_asid_inherits(ASIdentifiers *asid);
+int X509v3_addr_inherits(IPAddrBlocks *addr);
+int X509v3_asid_subset(ASIdentifiers *a, ASIdentifiers *b);
+int X509v3_addr_subset(IPAddrBlocks *a, IPAddrBlocks *b);
+
+/*
+ * Check whether RFC 3779 extensions nest properly in chains.
+ */
+int X509v3_asid_validate_path(X509_STORE_CTX *);
+int X509v3_addr_validate_path(X509_STORE_CTX *);
+int X509v3_asid_validate_resource_set(STACK_OF(X509) *chain,
+ ASIdentifiers *ext,
+ int allow_inheritance);
+int X509v3_addr_validate_resource_set(STACK_OF(X509) *chain,
+ IPAddrBlocks *ext, int allow_inheritance);
+
+#endif /* OPENSSL_NO_RFC3779 */
+
+DEFINE_OR_DECLARE_STACK_OF(ASN1_STRING)
+
+/*
+ * Admission Syntax
+ */
+typedef struct NamingAuthority_st NAMING_AUTHORITY;
+typedef struct ProfessionInfo_st PROFESSION_INFO;
+typedef struct Admissions_st ADMISSIONS;
+typedef struct AdmissionSyntax_st ADMISSION_SYNTAX;
+DECLARE_ASN1_FUNCTIONS(NAMING_AUTHORITY)
+DECLARE_ASN1_FUNCTIONS(PROFESSION_INFO)
+DECLARE_ASN1_FUNCTIONS(ADMISSIONS)
+DECLARE_ASN1_FUNCTIONS(ADMISSION_SYNTAX)
+DEFINE_OR_DECLARE_STACK_OF(PROFESSION_INFO)
+DEFINE_OR_DECLARE_STACK_OF(ADMISSIONS)
+typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
+
+const ASN1_OBJECT *NAMING_AUTHORITY_get0_authorityId(
+ const NAMING_AUTHORITY *n);
+const ASN1_IA5STRING *NAMING_AUTHORITY_get0_authorityURL(
+ const NAMING_AUTHORITY *n);
+const ASN1_STRING *NAMING_AUTHORITY_get0_authorityText(
+ const NAMING_AUTHORITY *n);
+void NAMING_AUTHORITY_set0_authorityId(NAMING_AUTHORITY *n,
+ ASN1_OBJECT* namingAuthorityId);
+void NAMING_AUTHORITY_set0_authorityURL(NAMING_AUTHORITY *n,
+ ASN1_IA5STRING* namingAuthorityUrl);
+void NAMING_AUTHORITY_set0_authorityText(NAMING_AUTHORITY *n,
+ ASN1_STRING* namingAuthorityText);
+
+const GENERAL_NAME *ADMISSION_SYNTAX_get0_admissionAuthority(
+ const ADMISSION_SYNTAX *as);
+void ADMISSION_SYNTAX_set0_admissionAuthority(
+ ADMISSION_SYNTAX *as, GENERAL_NAME *aa);
+const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(
+ const ADMISSION_SYNTAX *as);
+void ADMISSION_SYNTAX_set0_contentsOfAdmissions(
+ ADMISSION_SYNTAX *as, STACK_OF(ADMISSIONS) *a);
+const GENERAL_NAME *ADMISSIONS_get0_admissionAuthority(const ADMISSIONS *a);
+void ADMISSIONS_set0_admissionAuthority(ADMISSIONS *a, GENERAL_NAME *aa);
+const NAMING_AUTHORITY *ADMISSIONS_get0_namingAuthority(const ADMISSIONS *a);
+void ADMISSIONS_set0_namingAuthority(ADMISSIONS *a, NAMING_AUTHORITY *na);
+const PROFESSION_INFOS *ADMISSIONS_get0_professionInfos(const ADMISSIONS *a);
+void ADMISSIONS_set0_professionInfos(ADMISSIONS *a, PROFESSION_INFOS *pi);
+const ASN1_OCTET_STRING *PROFESSION_INFO_get0_addProfessionInfo(
+ const PROFESSION_INFO *pi);
+void PROFESSION_INFO_set0_addProfessionInfo(
+ PROFESSION_INFO *pi, ASN1_OCTET_STRING *aos);
+const NAMING_AUTHORITY *PROFESSION_INFO_get0_namingAuthority(
+ const PROFESSION_INFO *pi);
+void PROFESSION_INFO_set0_namingAuthority(
+ PROFESSION_INFO *pi, NAMING_AUTHORITY *na);
+const STACK_OF(ASN1_STRING) *PROFESSION_INFO_get0_professionItems(
+ const PROFESSION_INFO *pi);
+void PROFESSION_INFO_set0_professionItems(
+ PROFESSION_INFO *pi, STACK_OF(ASN1_STRING) *as);
+const STACK_OF(ASN1_OBJECT) *PROFESSION_INFO_get0_professionOIDs(
+ const PROFESSION_INFO *pi);
+void PROFESSION_INFO_set0_professionOIDs(
+ PROFESSION_INFO *pi, STACK_OF(ASN1_OBJECT) *po);
+const ASN1_PRINTABLESTRING *PROFESSION_INFO_get0_registrationNumber(
+ const PROFESSION_INFO *pi);
+void PROFESSION_INFO_set0_registrationNumber(
+ PROFESSION_INFO *pi, ASN1_PRINTABLESTRING *rn);
+
+# ifdef __cplusplus
+}
+# endif
+#endif
diff --git a/openssl/include/openssl/x509v3err.h b/openssl/include/openssl/x509v3err.h new file mode 100644 index 00000000..ca21ab5c --- /dev/null +++ b/openssl/include/openssl/x509v3err.h @@ -0,0 +1,169 @@ +/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_X509V3ERR_H
+# define OPENSSL_X509V3ERR_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+
+
+# ifdef __cplusplus
+extern "C"
+# endif
+int ERR_load_X509V3_strings(void);
+
+/*
+ * X509V3 function codes.
+ */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define X509V3_F_A2I_GENERAL_NAME 0
+# define X509V3_F_ADDR_VALIDATE_PATH_INTERNAL 0
+# define X509V3_F_ASIDENTIFIERCHOICE_CANONIZE 0
+# define X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL 0
+# define X509V3_F_BIGNUM_TO_STRING 0
+# define X509V3_F_COPY_EMAIL 0
+# define X509V3_F_COPY_ISSUER 0
+# define X509V3_F_DO_DIRNAME 0
+# define X509V3_F_DO_EXT_I2D 0
+# define X509V3_F_DO_EXT_NCONF 0
+# define X509V3_F_GNAMES_FROM_SECTNAME 0
+# define X509V3_F_I2R_ISSUER_SIGN_TOOL 0
+# define X509V3_F_I2S_ASN1_ENUMERATED 0
+# define X509V3_F_I2S_ASN1_IA5STRING 0
+# define X509V3_F_I2S_ASN1_INTEGER 0
+# define X509V3_F_I2S_ASN1_UTF8STRING 0
+# define X509V3_F_I2V_AUTHORITY_INFO_ACCESS 0
+# define X509V3_F_LEVEL_ADD_NODE 0
+# define X509V3_F_NOTICE_SECTION 0
+# define X509V3_F_NREF_NOS 0
+# define X509V3_F_POLICY_CACHE_CREATE 0
+# define X509V3_F_POLICY_CACHE_NEW 0
+# define X509V3_F_POLICY_DATA_NEW 0
+# define X509V3_F_POLICY_SECTION 0
+# define X509V3_F_PROCESS_PCI_VALUE 0
+# define X509V3_F_R2I_CERTPOL 0
+# define X509V3_F_R2I_PCI 0
+# define X509V3_F_S2I_ASN1_IA5STRING 0
+# define X509V3_F_S2I_ASN1_INTEGER 0
+# define X509V3_F_S2I_ASN1_OCTET_STRING 0
+# define X509V3_F_S2I_ASN1_UTF8STRING 0
+# define X509V3_F_S2I_SKEY_ID 0
+# define X509V3_F_SET_DIST_POINT_NAME 0
+# define X509V3_F_SXNET_ADD_ID_ASC 0
+# define X509V3_F_SXNET_ADD_ID_INTEGER 0
+# define X509V3_F_SXNET_ADD_ID_ULONG 0
+# define X509V3_F_SXNET_GET_ID_ASC 0
+# define X509V3_F_SXNET_GET_ID_ULONG 0
+# define X509V3_F_TREE_INIT 0
+# define X509V3_F_V2I_ASIDENTIFIERS 0
+# define X509V3_F_V2I_ASN1_BIT_STRING 0
+# define X509V3_F_V2I_AUTHORITY_INFO_ACCESS 0
+# define X509V3_F_V2I_AUTHORITY_KEYID 0
+# define X509V3_F_V2I_BASIC_CONSTRAINTS 0
+# define X509V3_F_V2I_CRLD 0
+# define X509V3_F_V2I_EXTENDED_KEY_USAGE 0
+# define X509V3_F_V2I_GENERAL_NAMES 0
+# define X509V3_F_V2I_GENERAL_NAME_EX 0
+# define X509V3_F_V2I_IDP 0
+# define X509V3_F_V2I_IPADDRBLOCKS 0
+# define X509V3_F_V2I_ISSUER_ALT 0
+# define X509V3_F_V2I_ISSUER_SIGN_TOOL 0
+# define X509V3_F_V2I_NAME_CONSTRAINTS 0
+# define X509V3_F_V2I_POLICY_CONSTRAINTS 0
+# define X509V3_F_V2I_POLICY_MAPPINGS 0
+# define X509V3_F_V2I_SUBJECT_ALT 0
+# define X509V3_F_V2I_TLS_FEATURE 0
+# define X509V3_F_V3_GENERIC_EXTENSION 0
+# define X509V3_F_X509V3_ADD1_I2D 0
+# define X509V3_F_X509V3_ADD_VALUE 0
+# define X509V3_F_X509V3_EXT_ADD 0
+# define X509V3_F_X509V3_EXT_ADD_ALIAS 0
+# define X509V3_F_X509V3_EXT_I2D 0
+# define X509V3_F_X509V3_EXT_NCONF 0
+# define X509V3_F_X509V3_GET_SECTION 0
+# define X509V3_F_X509V3_GET_STRING 0
+# define X509V3_F_X509V3_GET_VALUE_BOOL 0
+# define X509V3_F_X509V3_PARSE_LIST 0
+# define X509V3_F_X509_PURPOSE_ADD 0
+# define X509V3_F_X509_PURPOSE_SET 0
+# endif
+
+/*
+ * X509V3 reason codes.
+ */
+# define X509V3_R_BAD_IP_ADDRESS 118
+# define X509V3_R_BAD_OBJECT 119
+# define X509V3_R_BN_DEC2BN_ERROR 100
+# define X509V3_R_BN_TO_ASN1_INTEGER_ERROR 101
+# define X509V3_R_DIRNAME_ERROR 149
+# define X509V3_R_DISTPOINT_ALREADY_SET 160
+# define X509V3_R_DUPLICATE_ZONE_ID 133
+# define X509V3_R_ERROR_CONVERTING_ZONE 131
+# define X509V3_R_ERROR_CREATING_EXTENSION 144
+# define X509V3_R_ERROR_IN_EXTENSION 128
+# define X509V3_R_EXPECTED_A_SECTION_NAME 137
+# define X509V3_R_EXTENSION_EXISTS 145
+# define X509V3_R_EXTENSION_NAME_ERROR 115
+# define X509V3_R_EXTENSION_NOT_FOUND 102
+# define X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED 103
+# define X509V3_R_EXTENSION_VALUE_ERROR 116
+# define X509V3_R_ILLEGAL_EMPTY_EXTENSION 151
+# define X509V3_R_INCORRECT_POLICY_SYNTAX_TAG 152
+# define X509V3_R_INVALID_ASNUMBER 162
+# define X509V3_R_INVALID_ASRANGE 163
+# define X509V3_R_INVALID_BOOLEAN_STRING 104
+# define X509V3_R_INVALID_EXTENSION_STRING 105
+# define X509V3_R_INVALID_INHERITANCE 165
+# define X509V3_R_INVALID_IPADDRESS 166
+# define X509V3_R_INVALID_MULTIPLE_RDNS 161
+# define X509V3_R_INVALID_NAME 106
+# define X509V3_R_INVALID_NULL_ARGUMENT 107
+# define X509V3_R_INVALID_NULL_NAME 108
+# define X509V3_R_INVALID_NULL_VALUE 109
+# define X509V3_R_INVALID_NUMBER 140
+# define X509V3_R_INVALID_NUMBERS 141
+# define X509V3_R_INVALID_OBJECT_IDENTIFIER 110
+# define X509V3_R_INVALID_OPTION 138
+# define X509V3_R_INVALID_POLICY_IDENTIFIER 134
+# define X509V3_R_INVALID_PROXY_POLICY_SETTING 153
+# define X509V3_R_INVALID_PURPOSE 146
+# define X509V3_R_INVALID_SAFI 164
+# define X509V3_R_INVALID_SECTION 135
+# define X509V3_R_INVALID_SYNTAX 143
+# define X509V3_R_ISSUER_DECODE_ERROR 126
+# define X509V3_R_MISSING_VALUE 124
+# define X509V3_R_NEED_ORGANIZATION_AND_NUMBERS 142
+# define X509V3_R_NO_CONFIG_DATABASE 136
+# define X509V3_R_NO_ISSUER_CERTIFICATE 121
+# define X509V3_R_NO_ISSUER_DETAILS 127
+# define X509V3_R_NO_POLICY_IDENTIFIER 139
+# define X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED 154
+# define X509V3_R_NO_PUBLIC_KEY 114
+# define X509V3_R_NO_SUBJECT_DETAILS 125
+# define X509V3_R_OPERATION_NOT_DEFINED 148
+# define X509V3_R_OTHERNAME_ERROR 147
+# define X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED 155
+# define X509V3_R_POLICY_PATH_LENGTH 156
+# define X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED 157
+# define X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY 159
+# define X509V3_R_SECTION_NOT_FOUND 150
+# define X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS 122
+# define X509V3_R_UNABLE_TO_GET_ISSUER_KEYID 123
+# define X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT 111
+# define X509V3_R_UNKNOWN_EXTENSION 129
+# define X509V3_R_UNKNOWN_EXTENSION_NAME 130
+# define X509V3_R_UNKNOWN_OPTION 120
+# define X509V3_R_UNSUPPORTED_OPTION 117
+# define X509V3_R_UNSUPPORTED_TYPE 167
+# define X509V3_R_USER_TOO_LONG 132
+
+#endif
diff --git a/openssl/lib/libcrypto.lib b/openssl/lib/libcrypto.lib Binary files differnew file mode 100644 index 00000000..252bc8ed --- /dev/null +++ b/openssl/lib/libcrypto.lib diff --git a/openssl/lib/libssl.lib b/openssl/lib/libssl.lib Binary files differnew file mode 100644 index 00000000..b79ebf7a --- /dev/null +++ b/openssl/lib/libssl.lib diff --git a/pith/pine.hlp b/pith/pine.hlp index fb7ecdc8..dea70ac2 100644 --- a/pith/pine.hlp +++ b/pith/pine.hlp @@ -140,7 +140,7 @@ with help text for the config screen and the composer that didn't have any reasonable place to be called from. Dummy change to get revision in pine.hlp ============= h_revision ================= -Alpine Commit 475 2020-06-29 18:37:01 +Alpine Commit 476 2020-06-30 21:37:04 ============= h_news ================= <HTML> <HEAD> |