summaryrefslogtreecommitdiff
path: root/openssl/include
diff options
context:
space:
mode:
authorEduardo Chappa <chappa@washington.edu>2021-08-31 23:47:17 -0600
committerEduardo Chappa <chappa@washington.edu>2021-08-31 23:47:17 -0600
commit60237f4d3c4c3e60009c1a5dc3c2dc19c2301cfb (patch)
treeae59a233f0ca0228a24ebdfaa23697499c43be3e /openssl/include
parent2f8f84a46df87844ba4c090d17408cdb24512aa8 (diff)
downloadalpine-60237f4d3c4c3e60009c1a5dc3c2dc19c2301cfb.tar.xz
* Update to latest version of Openssl in git at the time of this
update, for the Windows version of Alpine.
Diffstat (limited to 'openssl/include')
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/__DECC_INCLUDE_EPILOGUE.H (renamed from openssl/include/__DECC_INCLUDE_EPILOGUE.H)0
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/__DECC_INCLUDE_PROLOGUE.H (renamed from openssl/include/__DECC_INCLUDE_PROLOGUE.H)0
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/aes.h113
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/asn1.h360
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/asn1_mac.h0
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/asn1err.h131
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/asn1t.h155
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/async.h0
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/asyncerr.h20
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/bio.h81
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/bioerr.h71
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/blowfish.h46
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/bn.h90
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/bnerr.h62
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/buffer.h0
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/buffererr.h16
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/camellia.h105
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/cast.h53
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/cmac.h28
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/cmp.h234
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/cmp_util.h5
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/cmperr.h26
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/cms.h165
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/cmserr.h118
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/comp.h0
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/comperr.h20
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/conf.h91
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/conf_api.h0
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/conferr.h38
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/configuration.h12
-rwxr-xr-xopenssl/include/openssl/conftypes.h44
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/core.h14
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/core_dispatch.h406
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/core_names.h303
-rwxr-xr-xopenssl/include/openssl/core_object.h41
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/crmf.h104
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/crmferr.h37
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/crypto.h129
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/cryptoerr.h65
-rwxr-xr-xopenssl/include/openssl/cryptoerr_legacy.h1466
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/ct.h87
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/cterr.h42
-rwxr-xr-xopenssl/include/openssl/decoder.h133
-rwxr-xr-xopenssl/include/openssl/decodererr.h28
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/des.h206
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/dh.h402
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/dherr.h44
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/dsa.h317
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/dsaerr.h39
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/dtls1.h13
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/e_os2.h37
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/ebcdic.h0
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/ec.h807
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/ecdh.h0
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/ecdsa.h0
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/ecerr.h216
-rwxr-xr-xopenssl/include/openssl/encoder.h124
-rwxr-xr-xopenssl/include/openssl/encodererr.h28
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/engine.h487
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/engineerr.h55
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/err.h292
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/ess.h91
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/esserr.h27
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/evp.h1286
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/evperr.h159
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/fips_names.h16
-rwxr-xr-xopenssl/include/openssl/fipskey.h36
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/hmac.h52
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/http.h101
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/httperr.h20
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/idea.h47
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/kdf.h130
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/kdferr.h103
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/lhash.h117
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/mac.h0
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/macros.h126
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/md2.h17
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/md4.h15
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/md5.h40
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/mdc2.h15
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/modes.h0
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/obj_mac.h141
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/objects.h0
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/objectserr.h23
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/ocsp.h181
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/ocsperr.h31
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/opensslconf.h7
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/opensslv.h6
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/ossl_typ.h0
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/param_build.h20
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/params.h15
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/pem.h269
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/pem2.h0
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/pemerr.h58
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/pkcs12.h129
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/pkcs12err.h45
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/pkcs7.h114
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/pkcs7err.h47
-rwxr-xr-xopenssl/include/openssl/prov_ssl.h34
-rwxr-xr-xopenssl/include/openssl/proverr.h148
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/provider.h21
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/rand.h62
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/rand_drbg.h0
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/randerr.h48
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/rc2.h42
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/rc4.h14
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/rc5.h45
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/ripemd.h19
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/rsa.h741
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/rsaerr.h83
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/safestack.h182
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/seed.h61
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/self_test.h23
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/serializer.h0
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/serializererr.h0
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/sha.h86
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/srp.h194
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/srtp.h0
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/ssl.h513
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/ssl2.h0
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/ssl3.h4
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/sslerr.h450
-rwxr-xr-xopenssl/include/openssl/sslerr_legacy.h468
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/stack.h3
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/store.h157
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/storeerr.h59
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/symhacks.h6
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/tls1.h13
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/trace.h31
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/ts.h5
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/tserr.h66
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/txt_db.h0
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/types.h43
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/ui.h50
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/uierr.h34
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/whrlpool.h19
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/x509.h530
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/x509_vfy.h417
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/x509err.h85
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/x509v3.h554
-rwxr-xr-x[-rw-r--r--]openssl/include/openssl/x509v3err.h88
141 files changed, 10636 insertions, 6252 deletions
diff --git a/openssl/include/__DECC_INCLUDE_EPILOGUE.H b/openssl/include/openssl/__DECC_INCLUDE_EPILOGUE.H
index ea75c13c..ea75c13c 100644..100755
--- a/openssl/include/__DECC_INCLUDE_EPILOGUE.H
+++ b/openssl/include/openssl/__DECC_INCLUDE_EPILOGUE.H
diff --git a/openssl/include/__DECC_INCLUDE_PROLOGUE.H b/openssl/include/openssl/__DECC_INCLUDE_PROLOGUE.H
index 493596e3..493596e3 100644..100755
--- a/openssl/include/__DECC_INCLUDE_PROLOGUE.H
+++ b/openssl/include/openssl/__DECC_INCLUDE_PROLOGUE.H
diff --git a/openssl/include/openssl/aes.h b/openssl/include/openssl/aes.h
index 74958ac5..43eed58d 100644..100755
--- a/openssl/include/openssl/aes.h
+++ b/openssl/include/openssl/aes.h
@@ -45,68 +45,63 @@ struct aes_key_st {
typedef struct aes_key_st AES_KEY;
# endif
-
-DEPRECATEDIN_3_0(const char *AES_options(void))
-
-DEPRECATEDIN_3_0(int
- AES_set_encrypt_key(const unsigned char *userKey,
- const int bits, AES_KEY *key))
-DEPRECATEDIN_3_0(int
- AES_set_decrypt_key(const unsigned char *userKey,
- const int bits, AES_KEY *key))
-
-DEPRECATEDIN_3_0(void
- AES_encrypt(const unsigned char *in, unsigned char *out,
- const AES_KEY *key))
-DEPRECATEDIN_3_0(void
- AES_decrypt(const unsigned char *in, unsigned char *out,
- const AES_KEY *key))
-
-DEPRECATEDIN_3_0(void
- AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
- const AES_KEY *key, const int enc))
-DEPRECATEDIN_3_0(void
- AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const AES_KEY *key,
- unsigned char *ivec, const int enc))
-DEPRECATEDIN_3_0(void
- AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const AES_KEY *key,
- unsigned char *ivec, int *num,
- const int enc))
-DEPRECATEDIN_3_0(void
- AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const AES_KEY *key,
- unsigned char *ivec, int *num, const int enc))
-DEPRECATEDIN_3_0(void
- AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const AES_KEY *key,
- unsigned char *ivec, int *num, const int enc))
-DEPRECATEDIN_3_0(void
- AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const AES_KEY *key,
- unsigned char *ivec, int *num))
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 const char *AES_options(void);
+OSSL_DEPRECATEDIN_3_0
+int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+ AES_KEY *key);
+OSSL_DEPRECATEDIN_3_0
+int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
+ AES_KEY *key);
+OSSL_DEPRECATEDIN_3_0
+void AES_encrypt(const unsigned char *in, unsigned char *out,
+ const AES_KEY *key);
+OSSL_DEPRECATEDIN_3_0
+void AES_decrypt(const unsigned char *in, unsigned char *out,
+ const AES_KEY *key);
+OSSL_DEPRECATEDIN_3_0
+void AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
+ const AES_KEY *key, const int enc);
+OSSL_DEPRECATEDIN_3_0
+void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ unsigned char *ivec, const int enc);
+OSSL_DEPRECATEDIN_3_0
+void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ unsigned char *ivec, int *num, const int enc);
+OSSL_DEPRECATEDIN_3_0
+void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ unsigned char *ivec, int *num, const int enc);
+OSSL_DEPRECATEDIN_3_0
+void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ unsigned char *ivec, int *num, const int enc);
+OSSL_DEPRECATEDIN_3_0
+void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ unsigned char *ivec, int *num);
/* NB: the IV is _two_ blocks long */
-DEPRECATEDIN_3_0(void
- AES_ige_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const AES_KEY *key,
- unsigned char *ivec, const int enc))
+OSSL_DEPRECATEDIN_3_0
+void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key,
+ unsigned char *ivec, const int enc);
/* NB: the IV is _four_ blocks long */
-DEPRECATEDIN_3_0(void
- AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
- size_t length, const AES_KEY *key,
- const AES_KEY *key2,
- const unsigned char *ivec, const int enc))
-
-DEPRECATEDIN_3_0(int
- AES_wrap_key(AES_KEY *key, const unsigned char *iv,
- unsigned char *out, const unsigned char *in,
- unsigned int inlen))
-DEPRECATEDIN_3_0(int
- AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
- unsigned char *out, const unsigned char *in,
- unsigned int inlen))
+OSSL_DEPRECATEDIN_3_0
+void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const AES_KEY *key, const AES_KEY *key2,
+ const unsigned char *ivec, const int enc);
+OSSL_DEPRECATEDIN_3_0
+int AES_wrap_key(AES_KEY *key, const unsigned char *iv,
+ unsigned char *out, const unsigned char *in,
+ unsigned int inlen);
+OSSL_DEPRECATEDIN_3_0
+int AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
+ unsigned char *out, const unsigned char *in,
+ unsigned int inlen);
+# endif
# ifdef __cplusplus
diff --git a/openssl/include/openssl/asn1.h b/openssl/include/openssl/asn1.h
index a4452542..c91c908c 100644..100755
--- a/openssl/include/openssl/asn1.h
+++ b/openssl/include/openssl/asn1.h
@@ -1,5 +1,8 @@
/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * WARNING: do not edit!
+ * Generated by makefile from include\openssl\asn1.h.in
+ *
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -7,6 +10,8 @@
* https://www.openssl.org/source/license.html
*/
+
+
#ifndef OPENSSL_ASN1_H
# define OPENSSL_ASN1_H
# pragma once
@@ -121,7 +126,34 @@ extern "C" {
# define SMIME_STREAM 0x1000
/* Stacks for types not otherwise defined in this header */
-DEFINE_OR_DECLARE_STACK_OF(X509_ALGOR)
+SKM_DEFINE_STACK_OF_INTERNAL(X509_ALGOR, X509_ALGOR, X509_ALGOR)
+#define sk_X509_ALGOR_num(sk) OPENSSL_sk_num(ossl_check_const_X509_ALGOR_sk_type(sk))
+#define sk_X509_ALGOR_value(sk, idx) ((X509_ALGOR *)OPENSSL_sk_value(ossl_check_const_X509_ALGOR_sk_type(sk), (idx)))
+#define sk_X509_ALGOR_new(cmp) ((STACK_OF(X509_ALGOR) *)OPENSSL_sk_new(ossl_check_X509_ALGOR_compfunc_type(cmp)))
+#define sk_X509_ALGOR_new_null() ((STACK_OF(X509_ALGOR) *)OPENSSL_sk_new_null())
+#define sk_X509_ALGOR_new_reserve(cmp, n) ((STACK_OF(X509_ALGOR) *)OPENSSL_sk_new_reserve(ossl_check_X509_ALGOR_compfunc_type(cmp), (n)))
+#define sk_X509_ALGOR_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_X509_ALGOR_sk_type(sk), (n))
+#define sk_X509_ALGOR_free(sk) OPENSSL_sk_free(ossl_check_X509_ALGOR_sk_type(sk))
+#define sk_X509_ALGOR_zero(sk) OPENSSL_sk_zero(ossl_check_X509_ALGOR_sk_type(sk))
+#define sk_X509_ALGOR_delete(sk, i) ((X509_ALGOR *)OPENSSL_sk_delete(ossl_check_X509_ALGOR_sk_type(sk), (i)))
+#define sk_X509_ALGOR_delete_ptr(sk, ptr) ((X509_ALGOR *)OPENSSL_sk_delete_ptr(ossl_check_X509_ALGOR_sk_type(sk), ossl_check_X509_ALGOR_type(ptr)))
+#define sk_X509_ALGOR_push(sk, ptr) OPENSSL_sk_push(ossl_check_X509_ALGOR_sk_type(sk), ossl_check_X509_ALGOR_type(ptr))
+#define sk_X509_ALGOR_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_X509_ALGOR_sk_type(sk), ossl_check_X509_ALGOR_type(ptr))
+#define sk_X509_ALGOR_pop(sk) ((X509_ALGOR *)OPENSSL_sk_pop(ossl_check_X509_ALGOR_sk_type(sk)))
+#define sk_X509_ALGOR_shift(sk) ((X509_ALGOR *)OPENSSL_sk_shift(ossl_check_X509_ALGOR_sk_type(sk)))
+#define sk_X509_ALGOR_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_X509_ALGOR_sk_type(sk),ossl_check_X509_ALGOR_freefunc_type(freefunc))
+#define sk_X509_ALGOR_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_X509_ALGOR_sk_type(sk), ossl_check_X509_ALGOR_type(ptr), (idx))
+#define sk_X509_ALGOR_set(sk, idx, ptr) ((X509_ALGOR *)OPENSSL_sk_set(ossl_check_X509_ALGOR_sk_type(sk), (idx), ossl_check_X509_ALGOR_type(ptr)))
+#define sk_X509_ALGOR_find(sk, ptr) OPENSSL_sk_find(ossl_check_X509_ALGOR_sk_type(sk), ossl_check_X509_ALGOR_type(ptr))
+#define sk_X509_ALGOR_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_X509_ALGOR_sk_type(sk), ossl_check_X509_ALGOR_type(ptr))
+#define sk_X509_ALGOR_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_X509_ALGOR_sk_type(sk), ossl_check_X509_ALGOR_type(ptr), pnum)
+#define sk_X509_ALGOR_sort(sk) OPENSSL_sk_sort(ossl_check_X509_ALGOR_sk_type(sk))
+#define sk_X509_ALGOR_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_X509_ALGOR_sk_type(sk))
+#define sk_X509_ALGOR_dup(sk) ((STACK_OF(X509_ALGOR) *)OPENSSL_sk_dup(ossl_check_const_X509_ALGOR_sk_type(sk)))
+#define sk_X509_ALGOR_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(X509_ALGOR) *)OPENSSL_sk_deep_copy(ossl_check_const_X509_ALGOR_sk_type(sk), ossl_check_X509_ALGOR_copyfunc_type(copyfunc), ossl_check_X509_ALGOR_freefunc_type(freefunc)))
+#define sk_X509_ALGOR_set_cmp_func(sk, cmp) ((sk_X509_ALGOR_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_X509_ALGOR_sk_type(sk), ossl_check_X509_ALGOR_compfunc_type(cmp)))
+
+
# define ASN1_STRING_FLAG_BITS_LEFT 0x08/* Set if 0x07 has bits left value */
/*
@@ -196,7 +228,33 @@ struct asn1_string_table_st {
unsigned long flags;
};
-DEFINE_OR_DECLARE_STACK_OF(ASN1_STRING_TABLE)
+SKM_DEFINE_STACK_OF_INTERNAL(ASN1_STRING_TABLE, ASN1_STRING_TABLE, ASN1_STRING_TABLE)
+#define sk_ASN1_STRING_TABLE_num(sk) OPENSSL_sk_num(ossl_check_const_ASN1_STRING_TABLE_sk_type(sk))
+#define sk_ASN1_STRING_TABLE_value(sk, idx) ((ASN1_STRING_TABLE *)OPENSSL_sk_value(ossl_check_const_ASN1_STRING_TABLE_sk_type(sk), (idx)))
+#define sk_ASN1_STRING_TABLE_new(cmp) ((STACK_OF(ASN1_STRING_TABLE) *)OPENSSL_sk_new(ossl_check_ASN1_STRING_TABLE_compfunc_type(cmp)))
+#define sk_ASN1_STRING_TABLE_new_null() ((STACK_OF(ASN1_STRING_TABLE) *)OPENSSL_sk_new_null())
+#define sk_ASN1_STRING_TABLE_new_reserve(cmp, n) ((STACK_OF(ASN1_STRING_TABLE) *)OPENSSL_sk_new_reserve(ossl_check_ASN1_STRING_TABLE_compfunc_type(cmp), (n)))
+#define sk_ASN1_STRING_TABLE_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_ASN1_STRING_TABLE_sk_type(sk), (n))
+#define sk_ASN1_STRING_TABLE_free(sk) OPENSSL_sk_free(ossl_check_ASN1_STRING_TABLE_sk_type(sk))
+#define sk_ASN1_STRING_TABLE_zero(sk) OPENSSL_sk_zero(ossl_check_ASN1_STRING_TABLE_sk_type(sk))
+#define sk_ASN1_STRING_TABLE_delete(sk, i) ((ASN1_STRING_TABLE *)OPENSSL_sk_delete(ossl_check_ASN1_STRING_TABLE_sk_type(sk), (i)))
+#define sk_ASN1_STRING_TABLE_delete_ptr(sk, ptr) ((ASN1_STRING_TABLE *)OPENSSL_sk_delete_ptr(ossl_check_ASN1_STRING_TABLE_sk_type(sk), ossl_check_ASN1_STRING_TABLE_type(ptr)))
+#define sk_ASN1_STRING_TABLE_push(sk, ptr) OPENSSL_sk_push(ossl_check_ASN1_STRING_TABLE_sk_type(sk), ossl_check_ASN1_STRING_TABLE_type(ptr))
+#define sk_ASN1_STRING_TABLE_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_ASN1_STRING_TABLE_sk_type(sk), ossl_check_ASN1_STRING_TABLE_type(ptr))
+#define sk_ASN1_STRING_TABLE_pop(sk) ((ASN1_STRING_TABLE *)OPENSSL_sk_pop(ossl_check_ASN1_STRING_TABLE_sk_type(sk)))
+#define sk_ASN1_STRING_TABLE_shift(sk) ((ASN1_STRING_TABLE *)OPENSSL_sk_shift(ossl_check_ASN1_STRING_TABLE_sk_type(sk)))
+#define sk_ASN1_STRING_TABLE_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_ASN1_STRING_TABLE_sk_type(sk),ossl_check_ASN1_STRING_TABLE_freefunc_type(freefunc))
+#define sk_ASN1_STRING_TABLE_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_ASN1_STRING_TABLE_sk_type(sk), ossl_check_ASN1_STRING_TABLE_type(ptr), (idx))
+#define sk_ASN1_STRING_TABLE_set(sk, idx, ptr) ((ASN1_STRING_TABLE *)OPENSSL_sk_set(ossl_check_ASN1_STRING_TABLE_sk_type(sk), (idx), ossl_check_ASN1_STRING_TABLE_type(ptr)))
+#define sk_ASN1_STRING_TABLE_find(sk, ptr) OPENSSL_sk_find(ossl_check_ASN1_STRING_TABLE_sk_type(sk), ossl_check_ASN1_STRING_TABLE_type(ptr))
+#define sk_ASN1_STRING_TABLE_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_ASN1_STRING_TABLE_sk_type(sk), ossl_check_ASN1_STRING_TABLE_type(ptr))
+#define sk_ASN1_STRING_TABLE_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_ASN1_STRING_TABLE_sk_type(sk), ossl_check_ASN1_STRING_TABLE_type(ptr), pnum)
+#define sk_ASN1_STRING_TABLE_sort(sk) OPENSSL_sk_sort(ossl_check_ASN1_STRING_TABLE_sk_type(sk))
+#define sk_ASN1_STRING_TABLE_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_ASN1_STRING_TABLE_sk_type(sk))
+#define sk_ASN1_STRING_TABLE_dup(sk) ((STACK_OF(ASN1_STRING_TABLE) *)OPENSSL_sk_dup(ossl_check_const_ASN1_STRING_TABLE_sk_type(sk)))
+#define sk_ASN1_STRING_TABLE_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(ASN1_STRING_TABLE) *)OPENSSL_sk_deep_copy(ossl_check_const_ASN1_STRING_TABLE_sk_type(sk), ossl_check_ASN1_STRING_TABLE_copyfunc_type(copyfunc), ossl_check_ASN1_STRING_TABLE_freefunc_type(freefunc)))
+#define sk_ASN1_STRING_TABLE_set_cmp_func(sk, cmp) ((sk_ASN1_STRING_TABLE_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_ASN1_STRING_TABLE_sk_type(sk), ossl_check_ASN1_STRING_TABLE_compfunc_type(cmp)))
+
/* size limits: this stuff is taken straight from RFC2459 */
@@ -219,45 +277,76 @@ typedef struct ASN1_VALUE_st ASN1_VALUE;
/* Declare ASN1 functions: the implement macro in in asn1t.h */
-# define DECLARE_ASN1_FUNCTIONS(type) DECLARE_ASN1_FUNCTIONS_name(type, type)
-
-# define DECLARE_ASN1_ALLOC_FUNCTIONS(type) \
- DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, type)
-
-# define DECLARE_ASN1_FUNCTIONS_name(type, name) \
- DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
- DECLARE_ASN1_ENCODE_FUNCTIONS_name(type, name)
-
-# define DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) \
- DECLARE_ASN1_ENCODE_FUNCTIONS_only(type, name) \
- DECLARE_ASN1_ITEM(itname)
+/*
+ * The mysterious 'extern' that's passed to some macros is innocuous,
+ * and is there to quiet pre-C99 compilers that may complain about empty
+ * arguments in macro calls.
+ */
+# define DECLARE_ASN1_FUNCTIONS_attr(attr, type) \
+ DECLARE_ASN1_FUNCTIONS_name_attr(attr, type, type)
+# define DECLARE_ASN1_FUNCTIONS(type) \
+ DECLARE_ASN1_FUNCTIONS_attr(extern, type)
+
+# define DECLARE_ASN1_ALLOC_FUNCTIONS_attr(attr, type) \
+ DECLARE_ASN1_ALLOC_FUNCTIONS_name_attr(attr, type, type)
+# define DECLARE_ASN1_ALLOC_FUNCTIONS(type) \
+ DECLARE_ASN1_ALLOC_FUNCTIONS_attr(extern, type)
+
+# define DECLARE_ASN1_FUNCTIONS_name_attr(attr, type, name) \
+ DECLARE_ASN1_ALLOC_FUNCTIONS_name_attr(attr, type, name) \
+ DECLARE_ASN1_ENCODE_FUNCTIONS_name_attr(attr, type, name)
+# define DECLARE_ASN1_FUNCTIONS_name(type, name) \
+ DECLARE_ASN1_FUNCTIONS_name_attr(extern, type, name)
+
+# define DECLARE_ASN1_ENCODE_FUNCTIONS_attr(attr, type, itname, name) \
+ DECLARE_ASN1_ENCODE_FUNCTIONS_only_attr(attr, type, name) \
+ DECLARE_ASN1_ITEM_attr(attr, itname)
+# define DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) \
+ DECLARE_ASN1_ENCODE_FUNCTIONS_attr(extern, type, itname, name)
+
+# define DECLARE_ASN1_ENCODE_FUNCTIONS_name_attr(attr, type, name) \
+ DECLARE_ASN1_ENCODE_FUNCTIONS_attr(attr, type, name, name)
# define DECLARE_ASN1_ENCODE_FUNCTIONS_name(type, name) \
- DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name)
-
-# define DECLARE_ASN1_ENCODE_FUNCTIONS_only(type, name) \
- type *d2i_##name(type **a, const unsigned char **in, long len); \
- int i2d_##name(const type *a, unsigned char **out);
-
-# define DECLARE_ASN1_NDEF_FUNCTION(name) \
- int i2d_##name##_NDEF(const name *a, unsigned char **out);
-
-# define DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
- type *name##_new(void); \
- void name##_free(type *a);
-
-# define DECLARE_ASN1_DUP_FUNCTION(type) \
- DECLARE_ASN1_DUP_FUNCTION_name(type, type)
-
-# define DECLARE_ASN1_DUP_FUNCTION_name(type, name) \
- type *name##_dup(const type *a);
-
-# define DECLARE_ASN1_PRINT_FUNCTION(stname) \
- DECLARE_ASN1_PRINT_FUNCTION_fname(stname, stname)
-
-# define DECLARE_ASN1_PRINT_FUNCTION_fname(stname, fname) \
- int fname##_print_ctx(BIO *out, const stname *x, int indent, \
- const ASN1_PCTX *pctx);
+ DECLARE_ASN1_ENCODE_FUNCTIONS_name_attr(extern, type, name)
+
+# define DECLARE_ASN1_ENCODE_FUNCTIONS_only_attr(attr, type, name) \
+ attr type *d2i_##name(type **a, const unsigned char **in, long len); \
+ attr int i2d_##name(const type *a, unsigned char **out);
+# define DECLARE_ASN1_ENCODE_FUNCTIONS_only(type, name) \
+ DECLARE_ASN1_ENCODE_FUNCTIONS_only_attr(extern, type, name)
+
+# define DECLARE_ASN1_NDEF_FUNCTION_attr(attr, name) \
+ attr int i2d_##name##_NDEF(const name *a, unsigned char **out);
+# define DECLARE_ASN1_NDEF_FUNCTION(name) \
+ DECLARE_ASN1_NDEF_FUNCTION_attr(extern, name)
+
+# define DECLARE_ASN1_ALLOC_FUNCTIONS_name_attr(attr, type, name) \
+ attr type *name##_new(void); \
+ attr void name##_free(type *a);
+# define DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
+ DECLARE_ASN1_ALLOC_FUNCTIONS_name_attr(extern, type, name)
+
+# define DECLARE_ASN1_DUP_FUNCTION_attr(attr, type) \
+ DECLARE_ASN1_DUP_FUNCTION_name_attr(attr, type, type)
+# define DECLARE_ASN1_DUP_FUNCTION(type) \
+ DECLARE_ASN1_DUP_FUNCTION_attr(extern, type)
+
+# define DECLARE_ASN1_DUP_FUNCTION_name_attr(attr, type, name) \
+ attr type *name##_dup(const type *a);
+# define DECLARE_ASN1_DUP_FUNCTION_name(type, name) \
+ DECLARE_ASN1_DUP_FUNCTION_name_attr(extern, type, name)
+
+# define DECLARE_ASN1_PRINT_FUNCTION_attr(attr, stname) \
+ DECLARE_ASN1_PRINT_FUNCTION_fname_attr(attr, stname, stname)
+# define DECLARE_ASN1_PRINT_FUNCTION(stname) \
+ DECLARE_ASN1_PRINT_FUNCTION_attr(extern, stname)
+
+# define DECLARE_ASN1_PRINT_FUNCTION_fname_attr(attr, stname, fname) \
+ attr int fname##_print_ctx(BIO *out, const stname *x, int indent, \
+ const ASN1_PCTX *pctx);
+# define DECLARE_ASN1_PRINT_FUNCTION_fname(stname, fname) \
+ DECLARE_ASN1_PRINT_FUNCTION_fname_attr(extern, stname, fname)
# define D2I_OF(type) type *(*)(type **,const unsigned char **,long)
# define I2D_OF(type) int (*)(const type *,unsigned char **)
@@ -333,8 +422,10 @@ typedef const ASN1_ITEM *ASN1_ITEM_EXP (void);
# define ASN1_ITEM_rptr(ref) (ref##_it())
-# define DECLARE_ASN1_ITEM(name) \
- const ASN1_ITEM * name##_it(void);
+# define DECLARE_ASN1_ITEM_attr(attr, name) \
+ attr const ASN1_ITEM * name##_it(void);
+# define DECLARE_ASN1_ITEM(name) \
+ DECLARE_ASN1_ITEM_attr(extern, name)
/* Parameters used by ASN1_STRING_print_ex() */
@@ -347,6 +438,11 @@ typedef const ASN1_ITEM *ASN1_ITEM_EXP (void);
# define ASN1_STRFLGS_ESC_CTRL 2
# define ASN1_STRFLGS_ESC_MSB 4
+/* Lower 8 bits are reserved as an output type specifier */
+# define ASN1_DTFLGS_TYPE_MASK 0x0FUL
+# define ASN1_DTFLGS_RFC822 0x00UL
+# define ASN1_DTFLGS_ISO8601 0x01UL
+
/*
* This flag determines how we do escaping: normally RC2253 backslash only,
* set this to use backslash and quote.
@@ -452,7 +548,33 @@ struct asn1_type_st {
} value;
};
-DEFINE_OR_DECLARE_STACK_OF(ASN1_TYPE)
+SKM_DEFINE_STACK_OF_INTERNAL(ASN1_TYPE, ASN1_TYPE, ASN1_TYPE)
+#define sk_ASN1_TYPE_num(sk) OPENSSL_sk_num(ossl_check_const_ASN1_TYPE_sk_type(sk))
+#define sk_ASN1_TYPE_value(sk, idx) ((ASN1_TYPE *)OPENSSL_sk_value(ossl_check_const_ASN1_TYPE_sk_type(sk), (idx)))
+#define sk_ASN1_TYPE_new(cmp) ((STACK_OF(ASN1_TYPE) *)OPENSSL_sk_new(ossl_check_ASN1_TYPE_compfunc_type(cmp)))
+#define sk_ASN1_TYPE_new_null() ((STACK_OF(ASN1_TYPE) *)OPENSSL_sk_new_null())
+#define sk_ASN1_TYPE_new_reserve(cmp, n) ((STACK_OF(ASN1_TYPE) *)OPENSSL_sk_new_reserve(ossl_check_ASN1_TYPE_compfunc_type(cmp), (n)))
+#define sk_ASN1_TYPE_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_ASN1_TYPE_sk_type(sk), (n))
+#define sk_ASN1_TYPE_free(sk) OPENSSL_sk_free(ossl_check_ASN1_TYPE_sk_type(sk))
+#define sk_ASN1_TYPE_zero(sk) OPENSSL_sk_zero(ossl_check_ASN1_TYPE_sk_type(sk))
+#define sk_ASN1_TYPE_delete(sk, i) ((ASN1_TYPE *)OPENSSL_sk_delete(ossl_check_ASN1_TYPE_sk_type(sk), (i)))
+#define sk_ASN1_TYPE_delete_ptr(sk, ptr) ((ASN1_TYPE *)OPENSSL_sk_delete_ptr(ossl_check_ASN1_TYPE_sk_type(sk), ossl_check_ASN1_TYPE_type(ptr)))
+#define sk_ASN1_TYPE_push(sk, ptr) OPENSSL_sk_push(ossl_check_ASN1_TYPE_sk_type(sk), ossl_check_ASN1_TYPE_type(ptr))
+#define sk_ASN1_TYPE_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_ASN1_TYPE_sk_type(sk), ossl_check_ASN1_TYPE_type(ptr))
+#define sk_ASN1_TYPE_pop(sk) ((ASN1_TYPE *)OPENSSL_sk_pop(ossl_check_ASN1_TYPE_sk_type(sk)))
+#define sk_ASN1_TYPE_shift(sk) ((ASN1_TYPE *)OPENSSL_sk_shift(ossl_check_ASN1_TYPE_sk_type(sk)))
+#define sk_ASN1_TYPE_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_ASN1_TYPE_sk_type(sk),ossl_check_ASN1_TYPE_freefunc_type(freefunc))
+#define sk_ASN1_TYPE_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_ASN1_TYPE_sk_type(sk), ossl_check_ASN1_TYPE_type(ptr), (idx))
+#define sk_ASN1_TYPE_set(sk, idx, ptr) ((ASN1_TYPE *)OPENSSL_sk_set(ossl_check_ASN1_TYPE_sk_type(sk), (idx), ossl_check_ASN1_TYPE_type(ptr)))
+#define sk_ASN1_TYPE_find(sk, ptr) OPENSSL_sk_find(ossl_check_ASN1_TYPE_sk_type(sk), ossl_check_ASN1_TYPE_type(ptr))
+#define sk_ASN1_TYPE_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_ASN1_TYPE_sk_type(sk), ossl_check_ASN1_TYPE_type(ptr))
+#define sk_ASN1_TYPE_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_ASN1_TYPE_sk_type(sk), ossl_check_ASN1_TYPE_type(ptr), pnum)
+#define sk_ASN1_TYPE_sort(sk) OPENSSL_sk_sort(ossl_check_ASN1_TYPE_sk_type(sk))
+#define sk_ASN1_TYPE_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_ASN1_TYPE_sk_type(sk))
+#define sk_ASN1_TYPE_dup(sk) ((STACK_OF(ASN1_TYPE) *)OPENSSL_sk_dup(ossl_check_const_ASN1_TYPE_sk_type(sk)))
+#define sk_ASN1_TYPE_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(ASN1_TYPE) *)OPENSSL_sk_deep_copy(ossl_check_const_ASN1_TYPE_sk_type(sk), ossl_check_ASN1_TYPE_copyfunc_type(copyfunc), ossl_check_ASN1_TYPE_freefunc_type(freefunc)))
+#define sk_ASN1_TYPE_set_cmp_func(sk, cmp) ((sk_ASN1_TYPE_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_ASN1_TYPE_sk_type(sk), ossl_check_ASN1_TYPE_compfunc_type(cmp)))
+
typedef STACK_OF(ASN1_TYPE) ASN1_SEQUENCE_ANY;
@@ -506,7 +628,33 @@ int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b);
ASN1_TYPE *ASN1_TYPE_pack_sequence(const ASN1_ITEM *it, void *s, ASN1_TYPE **t);
void *ASN1_TYPE_unpack_sequence(const ASN1_ITEM *it, const ASN1_TYPE *t);
-DEFINE_OR_DECLARE_STACK_OF(ASN1_OBJECT)
+SKM_DEFINE_STACK_OF_INTERNAL(ASN1_OBJECT, ASN1_OBJECT, ASN1_OBJECT)
+#define sk_ASN1_OBJECT_num(sk) OPENSSL_sk_num(ossl_check_const_ASN1_OBJECT_sk_type(sk))
+#define sk_ASN1_OBJECT_value(sk, idx) ((ASN1_OBJECT *)OPENSSL_sk_value(ossl_check_const_ASN1_OBJECT_sk_type(sk), (idx)))
+#define sk_ASN1_OBJECT_new(cmp) ((STACK_OF(ASN1_OBJECT) *)OPENSSL_sk_new(ossl_check_ASN1_OBJECT_compfunc_type(cmp)))
+#define sk_ASN1_OBJECT_new_null() ((STACK_OF(ASN1_OBJECT) *)OPENSSL_sk_new_null())
+#define sk_ASN1_OBJECT_new_reserve(cmp, n) ((STACK_OF(ASN1_OBJECT) *)OPENSSL_sk_new_reserve(ossl_check_ASN1_OBJECT_compfunc_type(cmp), (n)))
+#define sk_ASN1_OBJECT_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_ASN1_OBJECT_sk_type(sk), (n))
+#define sk_ASN1_OBJECT_free(sk) OPENSSL_sk_free(ossl_check_ASN1_OBJECT_sk_type(sk))
+#define sk_ASN1_OBJECT_zero(sk) OPENSSL_sk_zero(ossl_check_ASN1_OBJECT_sk_type(sk))
+#define sk_ASN1_OBJECT_delete(sk, i) ((ASN1_OBJECT *)OPENSSL_sk_delete(ossl_check_ASN1_OBJECT_sk_type(sk), (i)))
+#define sk_ASN1_OBJECT_delete_ptr(sk, ptr) ((ASN1_OBJECT *)OPENSSL_sk_delete_ptr(ossl_check_ASN1_OBJECT_sk_type(sk), ossl_check_ASN1_OBJECT_type(ptr)))
+#define sk_ASN1_OBJECT_push(sk, ptr) OPENSSL_sk_push(ossl_check_ASN1_OBJECT_sk_type(sk), ossl_check_ASN1_OBJECT_type(ptr))
+#define sk_ASN1_OBJECT_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_ASN1_OBJECT_sk_type(sk), ossl_check_ASN1_OBJECT_type(ptr))
+#define sk_ASN1_OBJECT_pop(sk) ((ASN1_OBJECT *)OPENSSL_sk_pop(ossl_check_ASN1_OBJECT_sk_type(sk)))
+#define sk_ASN1_OBJECT_shift(sk) ((ASN1_OBJECT *)OPENSSL_sk_shift(ossl_check_ASN1_OBJECT_sk_type(sk)))
+#define sk_ASN1_OBJECT_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_ASN1_OBJECT_sk_type(sk),ossl_check_ASN1_OBJECT_freefunc_type(freefunc))
+#define sk_ASN1_OBJECT_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_ASN1_OBJECT_sk_type(sk), ossl_check_ASN1_OBJECT_type(ptr), (idx))
+#define sk_ASN1_OBJECT_set(sk, idx, ptr) ((ASN1_OBJECT *)OPENSSL_sk_set(ossl_check_ASN1_OBJECT_sk_type(sk), (idx), ossl_check_ASN1_OBJECT_type(ptr)))
+#define sk_ASN1_OBJECT_find(sk, ptr) OPENSSL_sk_find(ossl_check_ASN1_OBJECT_sk_type(sk), ossl_check_ASN1_OBJECT_type(ptr))
+#define sk_ASN1_OBJECT_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_ASN1_OBJECT_sk_type(sk), ossl_check_ASN1_OBJECT_type(ptr))
+#define sk_ASN1_OBJECT_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_ASN1_OBJECT_sk_type(sk), ossl_check_ASN1_OBJECT_type(ptr), pnum)
+#define sk_ASN1_OBJECT_sort(sk) OPENSSL_sk_sort(ossl_check_ASN1_OBJECT_sk_type(sk))
+#define sk_ASN1_OBJECT_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_ASN1_OBJECT_sk_type(sk))
+#define sk_ASN1_OBJECT_dup(sk) ((STACK_OF(ASN1_OBJECT) *)OPENSSL_sk_dup(ossl_check_const_ASN1_OBJECT_sk_type(sk)))
+#define sk_ASN1_OBJECT_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(ASN1_OBJECT) *)OPENSSL_sk_deep_copy(ossl_check_const_ASN1_OBJECT_sk_type(sk), ossl_check_ASN1_OBJECT_copyfunc_type(copyfunc), ossl_check_ASN1_OBJECT_freefunc_type(freefunc)))
+#define sk_ASN1_OBJECT_set_cmp_func(sk, cmp) ((sk_ASN1_OBJECT_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_ASN1_OBJECT_sk_type(sk), ossl_check_ASN1_OBJECT_compfunc_type(cmp)))
+
DECLARE_ASN1_FUNCTIONS(ASN1_OBJECT)
@@ -524,9 +672,13 @@ int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b);
int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);
void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len);
int ASN1_STRING_length(const ASN1_STRING *x);
-void ASN1_STRING_length_set(ASN1_STRING *x, int n);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 void ASN1_STRING_length_set(ASN1_STRING *x, int n);
+# endif
int ASN1_STRING_type(const ASN1_STRING *x);
-DEPRECATEDIN_1_1_0(unsigned char *ASN1_STRING_data(ASN1_STRING *x))
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+OSSL_DEPRECATEDIN_1_1_0 unsigned char *ASN1_STRING_data(ASN1_STRING *x);
+# endif
const unsigned char *ASN1_STRING_get0_data(const ASN1_STRING *x);
DECLARE_ASN1_FUNCTIONS(ASN1_BIT_STRING)
@@ -542,7 +694,34 @@ int ASN1_BIT_STRING_num_asc(const char *name, BIT_STRING_BITNAME *tbl);
int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, const char *name, int value,
BIT_STRING_BITNAME *tbl);
-DEFINE_OR_DECLARE_STACK_OF(ASN1_INTEGER)
+SKM_DEFINE_STACK_OF_INTERNAL(ASN1_INTEGER, ASN1_INTEGER, ASN1_INTEGER)
+#define sk_ASN1_INTEGER_num(sk) OPENSSL_sk_num(ossl_check_const_ASN1_INTEGER_sk_type(sk))
+#define sk_ASN1_INTEGER_value(sk, idx) ((ASN1_INTEGER *)OPENSSL_sk_value(ossl_check_const_ASN1_INTEGER_sk_type(sk), (idx)))
+#define sk_ASN1_INTEGER_new(cmp) ((STACK_OF(ASN1_INTEGER) *)OPENSSL_sk_new(ossl_check_ASN1_INTEGER_compfunc_type(cmp)))
+#define sk_ASN1_INTEGER_new_null() ((STACK_OF(ASN1_INTEGER) *)OPENSSL_sk_new_null())
+#define sk_ASN1_INTEGER_new_reserve(cmp, n) ((STACK_OF(ASN1_INTEGER) *)OPENSSL_sk_new_reserve(ossl_check_ASN1_INTEGER_compfunc_type(cmp), (n)))
+#define sk_ASN1_INTEGER_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_ASN1_INTEGER_sk_type(sk), (n))
+#define sk_ASN1_INTEGER_free(sk) OPENSSL_sk_free(ossl_check_ASN1_INTEGER_sk_type(sk))
+#define sk_ASN1_INTEGER_zero(sk) OPENSSL_sk_zero(ossl_check_ASN1_INTEGER_sk_type(sk))
+#define sk_ASN1_INTEGER_delete(sk, i) ((ASN1_INTEGER *)OPENSSL_sk_delete(ossl_check_ASN1_INTEGER_sk_type(sk), (i)))
+#define sk_ASN1_INTEGER_delete_ptr(sk, ptr) ((ASN1_INTEGER *)OPENSSL_sk_delete_ptr(ossl_check_ASN1_INTEGER_sk_type(sk), ossl_check_ASN1_INTEGER_type(ptr)))
+#define sk_ASN1_INTEGER_push(sk, ptr) OPENSSL_sk_push(ossl_check_ASN1_INTEGER_sk_type(sk), ossl_check_ASN1_INTEGER_type(ptr))
+#define sk_ASN1_INTEGER_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_ASN1_INTEGER_sk_type(sk), ossl_check_ASN1_INTEGER_type(ptr))
+#define sk_ASN1_INTEGER_pop(sk) ((ASN1_INTEGER *)OPENSSL_sk_pop(ossl_check_ASN1_INTEGER_sk_type(sk)))
+#define sk_ASN1_INTEGER_shift(sk) ((ASN1_INTEGER *)OPENSSL_sk_shift(ossl_check_ASN1_INTEGER_sk_type(sk)))
+#define sk_ASN1_INTEGER_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_ASN1_INTEGER_sk_type(sk),ossl_check_ASN1_INTEGER_freefunc_type(freefunc))
+#define sk_ASN1_INTEGER_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_ASN1_INTEGER_sk_type(sk), ossl_check_ASN1_INTEGER_type(ptr), (idx))
+#define sk_ASN1_INTEGER_set(sk, idx, ptr) ((ASN1_INTEGER *)OPENSSL_sk_set(ossl_check_ASN1_INTEGER_sk_type(sk), (idx), ossl_check_ASN1_INTEGER_type(ptr)))
+#define sk_ASN1_INTEGER_find(sk, ptr) OPENSSL_sk_find(ossl_check_ASN1_INTEGER_sk_type(sk), ossl_check_ASN1_INTEGER_type(ptr))
+#define sk_ASN1_INTEGER_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_ASN1_INTEGER_sk_type(sk), ossl_check_ASN1_INTEGER_type(ptr))
+#define sk_ASN1_INTEGER_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_ASN1_INTEGER_sk_type(sk), ossl_check_ASN1_INTEGER_type(ptr), pnum)
+#define sk_ASN1_INTEGER_sort(sk) OPENSSL_sk_sort(ossl_check_ASN1_INTEGER_sk_type(sk))
+#define sk_ASN1_INTEGER_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_ASN1_INTEGER_sk_type(sk))
+#define sk_ASN1_INTEGER_dup(sk) ((STACK_OF(ASN1_INTEGER) *)OPENSSL_sk_dup(ossl_check_const_ASN1_INTEGER_sk_type(sk)))
+#define sk_ASN1_INTEGER_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(ASN1_INTEGER) *)OPENSSL_sk_deep_copy(ossl_check_const_ASN1_INTEGER_sk_type(sk), ossl_check_ASN1_INTEGER_copyfunc_type(copyfunc), ossl_check_ASN1_INTEGER_freefunc_type(freefunc)))
+#define sk_ASN1_INTEGER_set_cmp_func(sk, cmp) ((sk_ASN1_INTEGER_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_ASN1_INTEGER_sk_type(sk), ossl_check_ASN1_INTEGER_compfunc_type(cmp)))
+
+
DECLARE_ASN1_FUNCTIONS(ASN1_INTEGER)
ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,
@@ -577,7 +756,33 @@ int ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a,
int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, const unsigned char *data,
int len);
-DEFINE_OR_DECLARE_STACK_OF(ASN1_UTF8STRING)
+SKM_DEFINE_STACK_OF_INTERNAL(ASN1_UTF8STRING, ASN1_UTF8STRING, ASN1_UTF8STRING)
+#define sk_ASN1_UTF8STRING_num(sk) OPENSSL_sk_num(ossl_check_const_ASN1_UTF8STRING_sk_type(sk))
+#define sk_ASN1_UTF8STRING_value(sk, idx) ((ASN1_UTF8STRING *)OPENSSL_sk_value(ossl_check_const_ASN1_UTF8STRING_sk_type(sk), (idx)))
+#define sk_ASN1_UTF8STRING_new(cmp) ((STACK_OF(ASN1_UTF8STRING) *)OPENSSL_sk_new(ossl_check_ASN1_UTF8STRING_compfunc_type(cmp)))
+#define sk_ASN1_UTF8STRING_new_null() ((STACK_OF(ASN1_UTF8STRING) *)OPENSSL_sk_new_null())
+#define sk_ASN1_UTF8STRING_new_reserve(cmp, n) ((STACK_OF(ASN1_UTF8STRING) *)OPENSSL_sk_new_reserve(ossl_check_ASN1_UTF8STRING_compfunc_type(cmp), (n)))
+#define sk_ASN1_UTF8STRING_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_ASN1_UTF8STRING_sk_type(sk), (n))
+#define sk_ASN1_UTF8STRING_free(sk) OPENSSL_sk_free(ossl_check_ASN1_UTF8STRING_sk_type(sk))
+#define sk_ASN1_UTF8STRING_zero(sk) OPENSSL_sk_zero(ossl_check_ASN1_UTF8STRING_sk_type(sk))
+#define sk_ASN1_UTF8STRING_delete(sk, i) ((ASN1_UTF8STRING *)OPENSSL_sk_delete(ossl_check_ASN1_UTF8STRING_sk_type(sk), (i)))
+#define sk_ASN1_UTF8STRING_delete_ptr(sk, ptr) ((ASN1_UTF8STRING *)OPENSSL_sk_delete_ptr(ossl_check_ASN1_UTF8STRING_sk_type(sk), ossl_check_ASN1_UTF8STRING_type(ptr)))
+#define sk_ASN1_UTF8STRING_push(sk, ptr) OPENSSL_sk_push(ossl_check_ASN1_UTF8STRING_sk_type(sk), ossl_check_ASN1_UTF8STRING_type(ptr))
+#define sk_ASN1_UTF8STRING_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_ASN1_UTF8STRING_sk_type(sk), ossl_check_ASN1_UTF8STRING_type(ptr))
+#define sk_ASN1_UTF8STRING_pop(sk) ((ASN1_UTF8STRING *)OPENSSL_sk_pop(ossl_check_ASN1_UTF8STRING_sk_type(sk)))
+#define sk_ASN1_UTF8STRING_shift(sk) ((ASN1_UTF8STRING *)OPENSSL_sk_shift(ossl_check_ASN1_UTF8STRING_sk_type(sk)))
+#define sk_ASN1_UTF8STRING_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_ASN1_UTF8STRING_sk_type(sk),ossl_check_ASN1_UTF8STRING_freefunc_type(freefunc))
+#define sk_ASN1_UTF8STRING_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_ASN1_UTF8STRING_sk_type(sk), ossl_check_ASN1_UTF8STRING_type(ptr), (idx))
+#define sk_ASN1_UTF8STRING_set(sk, idx, ptr) ((ASN1_UTF8STRING *)OPENSSL_sk_set(ossl_check_ASN1_UTF8STRING_sk_type(sk), (idx), ossl_check_ASN1_UTF8STRING_type(ptr)))
+#define sk_ASN1_UTF8STRING_find(sk, ptr) OPENSSL_sk_find(ossl_check_ASN1_UTF8STRING_sk_type(sk), ossl_check_ASN1_UTF8STRING_type(ptr))
+#define sk_ASN1_UTF8STRING_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_ASN1_UTF8STRING_sk_type(sk), ossl_check_ASN1_UTF8STRING_type(ptr))
+#define sk_ASN1_UTF8STRING_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_ASN1_UTF8STRING_sk_type(sk), ossl_check_ASN1_UTF8STRING_type(ptr), pnum)
+#define sk_ASN1_UTF8STRING_sort(sk) OPENSSL_sk_sort(ossl_check_ASN1_UTF8STRING_sk_type(sk))
+#define sk_ASN1_UTF8STRING_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_ASN1_UTF8STRING_sk_type(sk))
+#define sk_ASN1_UTF8STRING_dup(sk) ((STACK_OF(ASN1_UTF8STRING) *)OPENSSL_sk_dup(ossl_check_const_ASN1_UTF8STRING_sk_type(sk)))
+#define sk_ASN1_UTF8STRING_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(ASN1_UTF8STRING) *)OPENSSL_sk_deep_copy(ossl_check_const_ASN1_UTF8STRING_sk_type(sk), ossl_check_ASN1_UTF8STRING_copyfunc_type(copyfunc), ossl_check_ASN1_UTF8STRING_freefunc_type(freefunc)))
+#define sk_ASN1_UTF8STRING_set_cmp_func(sk, cmp) ((sk_ASN1_UTF8STRING_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_ASN1_UTF8STRING_sk_type(sk), ossl_check_ASN1_UTF8STRING_compfunc_type(cmp)))
+
DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING)
DECLARE_ASN1_FUNCTIONS(ASN1_UNIVERSALSTRING)
@@ -588,7 +793,33 @@ DECLARE_ASN1_FUNCTIONS(ASN1_BMPSTRING)
int UTF8_getc(const unsigned char *str, int len, unsigned long *val);
int UTF8_putc(unsigned char *str, int len, unsigned long value);
-DEFINE_OR_DECLARE_STACK_OF(ASN1_GENERALSTRING)
+SKM_DEFINE_STACK_OF_INTERNAL(ASN1_GENERALSTRING, ASN1_GENERALSTRING, ASN1_GENERALSTRING)
+#define sk_ASN1_GENERALSTRING_num(sk) OPENSSL_sk_num(ossl_check_const_ASN1_GENERALSTRING_sk_type(sk))
+#define sk_ASN1_GENERALSTRING_value(sk, idx) ((ASN1_GENERALSTRING *)OPENSSL_sk_value(ossl_check_const_ASN1_GENERALSTRING_sk_type(sk), (idx)))
+#define sk_ASN1_GENERALSTRING_new(cmp) ((STACK_OF(ASN1_GENERALSTRING) *)OPENSSL_sk_new(ossl_check_ASN1_GENERALSTRING_compfunc_type(cmp)))
+#define sk_ASN1_GENERALSTRING_new_null() ((STACK_OF(ASN1_GENERALSTRING) *)OPENSSL_sk_new_null())
+#define sk_ASN1_GENERALSTRING_new_reserve(cmp, n) ((STACK_OF(ASN1_GENERALSTRING) *)OPENSSL_sk_new_reserve(ossl_check_ASN1_GENERALSTRING_compfunc_type(cmp), (n)))
+#define sk_ASN1_GENERALSTRING_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_ASN1_GENERALSTRING_sk_type(sk), (n))
+#define sk_ASN1_GENERALSTRING_free(sk) OPENSSL_sk_free(ossl_check_ASN1_GENERALSTRING_sk_type(sk))
+#define sk_ASN1_GENERALSTRING_zero(sk) OPENSSL_sk_zero(ossl_check_ASN1_GENERALSTRING_sk_type(sk))
+#define sk_ASN1_GENERALSTRING_delete(sk, i) ((ASN1_GENERALSTRING *)OPENSSL_sk_delete(ossl_check_ASN1_GENERALSTRING_sk_type(sk), (i)))
+#define sk_ASN1_GENERALSTRING_delete_ptr(sk, ptr) ((ASN1_GENERALSTRING *)OPENSSL_sk_delete_ptr(ossl_check_ASN1_GENERALSTRING_sk_type(sk), ossl_check_ASN1_GENERALSTRING_type(ptr)))
+#define sk_ASN1_GENERALSTRING_push(sk, ptr) OPENSSL_sk_push(ossl_check_ASN1_GENERALSTRING_sk_type(sk), ossl_check_ASN1_GENERALSTRING_type(ptr))
+#define sk_ASN1_GENERALSTRING_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_ASN1_GENERALSTRING_sk_type(sk), ossl_check_ASN1_GENERALSTRING_type(ptr))
+#define sk_ASN1_GENERALSTRING_pop(sk) ((ASN1_GENERALSTRING *)OPENSSL_sk_pop(ossl_check_ASN1_GENERALSTRING_sk_type(sk)))
+#define sk_ASN1_GENERALSTRING_shift(sk) ((ASN1_GENERALSTRING *)OPENSSL_sk_shift(ossl_check_ASN1_GENERALSTRING_sk_type(sk)))
+#define sk_ASN1_GENERALSTRING_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_ASN1_GENERALSTRING_sk_type(sk),ossl_check_ASN1_GENERALSTRING_freefunc_type(freefunc))
+#define sk_ASN1_GENERALSTRING_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_ASN1_GENERALSTRING_sk_type(sk), ossl_check_ASN1_GENERALSTRING_type(ptr), (idx))
+#define sk_ASN1_GENERALSTRING_set(sk, idx, ptr) ((ASN1_GENERALSTRING *)OPENSSL_sk_set(ossl_check_ASN1_GENERALSTRING_sk_type(sk), (idx), ossl_check_ASN1_GENERALSTRING_type(ptr)))
+#define sk_ASN1_GENERALSTRING_find(sk, ptr) OPENSSL_sk_find(ossl_check_ASN1_GENERALSTRING_sk_type(sk), ossl_check_ASN1_GENERALSTRING_type(ptr))
+#define sk_ASN1_GENERALSTRING_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_ASN1_GENERALSTRING_sk_type(sk), ossl_check_ASN1_GENERALSTRING_type(ptr))
+#define sk_ASN1_GENERALSTRING_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_ASN1_GENERALSTRING_sk_type(sk), ossl_check_ASN1_GENERALSTRING_type(ptr), pnum)
+#define sk_ASN1_GENERALSTRING_sort(sk) OPENSSL_sk_sort(ossl_check_ASN1_GENERALSTRING_sk_type(sk))
+#define sk_ASN1_GENERALSTRING_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_ASN1_GENERALSTRING_sk_type(sk))
+#define sk_ASN1_GENERALSTRING_dup(sk) ((STACK_OF(ASN1_GENERALSTRING) *)OPENSSL_sk_dup(ossl_check_const_ASN1_GENERALSTRING_sk_type(sk)))
+#define sk_ASN1_GENERALSTRING_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(ASN1_GENERALSTRING) *)OPENSSL_sk_deep_copy(ossl_check_const_ASN1_GENERALSTRING_sk_type(sk), ossl_check_ASN1_GENERALSTRING_copyfunc_type(copyfunc), ossl_check_ASN1_GENERALSTRING_freefunc_type(freefunc)))
+#define sk_ASN1_GENERALSTRING_set_cmp_func(sk, cmp) ((sk_ASN1_GENERALSTRING_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_ASN1_GENERALSTRING_sk_type(sk), ossl_check_ASN1_GENERALSTRING_compfunc_type(cmp)))
+
DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, ASN1_PRINTABLE)
@@ -678,6 +909,15 @@ void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, const void *x);
CHECKED_PTR_OF(const type, x)))
void *ASN1_item_dup(const ASN1_ITEM *it, const void *x);
+int ASN1_item_sign_ex(const ASN1_ITEM *it, X509_ALGOR *algor1,
+ X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
+ const void *data, const ASN1_OCTET_STRING *id,
+ EVP_PKEY *pkey, const EVP_MD *md, OSSL_LIB_CTX *libctx,
+ const char *propq);
+int ASN1_item_verify_ex(const ASN1_ITEM *it, const X509_ALGOR *alg,
+ const ASN1_BIT_STRING *signature, const void *data,
+ const ASN1_OCTET_STRING *id, EVP_PKEY *pkey,
+ OSSL_LIB_CTX *libctx, const char *propq);
/* ASN1 alloc/free macros for when a type is only used internally */
@@ -694,6 +934,8 @@ void *ASN1_d2i_fp(void *(*xnew) (void), d2i_of_void *d2i, FILE *in, void **x);
in, \
CHECKED_PPTR_OF(type, x)))
+void *ASN1_item_d2i_fp_ex(const ASN1_ITEM *it, FILE *in, void *x,
+ OSSL_LIB_CTX *libctx, const char *propq);
void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x);
int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, const void *x);
@@ -716,7 +958,9 @@ void *ASN1_d2i_bio(void *(*xnew) (void), d2i_of_void *d2i, BIO *in, void **x);
in, \
CHECKED_PPTR_OF(type, x)))
-void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x);
+void *ASN1_item_d2i_bio_ex(const ASN1_ITEM *it, BIO *in, void *pval,
+ OSSL_LIB_CTX *libctx, const char *propq);
+void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *pval);
int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, const void *x);
# define ASN1_i2d_bio_of(type,i2d,out,x) \
@@ -725,9 +969,11 @@ int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, const void *x);
CHECKED_PTR_OF(const type, x)))
int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, const void *x);
+BIO *ASN1_item_i2d_mem_bio(const ASN1_ITEM *it, const ASN1_VALUE *val);
int ASN1_UTCTIME_print(BIO *fp, const ASN1_UTCTIME *a);
int ASN1_GENERALIZEDTIME_print(BIO *fp, const ASN1_GENERALIZEDTIME *a);
-int ASN1_TIME_print(BIO *fp, const ASN1_TIME *a);
+int ASN1_TIME_print(BIO *bp, const ASN1_TIME *tm);
+int ASN1_TIME_print_ex(BIO *bp, const ASN1_TIME *tm, unsigned long flags);
int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v);
int ASN1_STRING_print_ex(BIO *out, const ASN1_STRING *str, unsigned long flags);
int ASN1_buf_print(BIO *bp, const unsigned char *buf, size_t buflen, int off);
@@ -774,7 +1020,12 @@ void ASN1_STRING_TABLE_cleanup(void);
/* Old API compatible functions */
ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it);
+ASN1_VALUE *ASN1_item_new_ex(const ASN1_ITEM *it, OSSL_LIB_CTX *libctx,
+ const char *propq);
void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it);
+ASN1_VALUE *ASN1_item_d2i_ex(ASN1_VALUE **val, const unsigned char **in,
+ long len, const ASN1_ITEM *it,
+ OSSL_LIB_CTX *libctx, const char *propq);
ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **val, const unsigned char **in,
long len, const ASN1_ITEM *it);
int ASN1_item_i2d(const ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it);
@@ -845,7 +1096,14 @@ int PEM_write_bio_ASN1_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
int ctype_nid, int econt_nid,
STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it);
+int SMIME_write_ASN1_ex(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
+ int ctype_nid, int econt_nid,
+ STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it,
+ OSSL_LIB_CTX *libctx, const char *propq);
ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it);
+ASN1_VALUE *SMIME_read_ASN1_ex(BIO *bio, int flags, BIO **bcont,
+ const ASN1_ITEM *it, ASN1_VALUE **x,
+ OSSL_LIB_CTX *libctx, const char *propq);
int SMIME_crlf_copy(BIO *in, BIO *out, int flags);
int SMIME_text(BIO *in, BIO *out);
diff --git a/openssl/include/openssl/asn1_mac.h b/openssl/include/openssl/asn1_mac.h
index 50aa9e0f..50aa9e0f 100644..100755
--- a/openssl/include/openssl/asn1_mac.h
+++ b/openssl/include/openssl/asn1_mac.h
diff --git a/openssl/include/openssl/asn1err.h b/openssl/include/openssl/asn1err.h
index ab8c90fc..33ff6071 100644..100755
--- a/openssl/include/openssl/asn1err.h
+++ b/openssl/include/openssl/asn1err.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -14,133 +14,9 @@
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
+# include <openssl/cryptoerr_legacy.h>
-# ifdef __cplusplus
-extern "C"
-# endif
-int ERR_load_ASN1_strings(void);
-
-/*
- * ASN1 function codes.
- */
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define ASN1_F_A2D_ASN1_OBJECT 0
-# define ASN1_F_A2I_ASN1_INTEGER 0
-# define ASN1_F_A2I_ASN1_STRING 0
-# define ASN1_F_APPEND_EXP 0
-# define ASN1_F_ASN1_BIO_INIT 0
-# define ASN1_F_ASN1_BIT_STRING_SET_BIT 0
-# define ASN1_F_ASN1_CB 0
-# define ASN1_F_ASN1_CHECK_TLEN 0
-# define ASN1_F_ASN1_COLLECT 0
-# define ASN1_F_ASN1_D2I_EX_PRIMITIVE 0
-# define ASN1_F_ASN1_D2I_FP 0
-# define ASN1_F_ASN1_D2I_READ_BIO 0
-# define ASN1_F_ASN1_DIGEST 0
-# define ASN1_F_ASN1_DO_ADB 0
-# define ASN1_F_ASN1_DO_LOCK 0
-# define ASN1_F_ASN1_DUP 0
-# define ASN1_F_ASN1_ENC_SAVE 0
-# define ASN1_F_ASN1_EX_C2I 0
-# define ASN1_F_ASN1_FIND_END 0
-# define ASN1_F_ASN1_GENERALIZEDTIME_ADJ 0
-# define ASN1_F_ASN1_GENERATE_V3 0
-# define ASN1_F_ASN1_GET_INT64 0
-# define ASN1_F_ASN1_GET_OBJECT 0
-# define ASN1_F_ASN1_GET_UINT64 0
-# define ASN1_F_ASN1_I2D_BIO 0
-# define ASN1_F_ASN1_I2D_FP 0
-# define ASN1_F_ASN1_ITEM_D2I_FP 0
-# define ASN1_F_ASN1_ITEM_DUP 0
-# define ASN1_F_ASN1_ITEM_EMBED_D2I 0
-# define ASN1_F_ASN1_ITEM_EMBED_NEW 0
-# define ASN1_F_ASN1_ITEM_FLAGS_I2D 0
-# define ASN1_F_ASN1_ITEM_I2D_BIO 0
-# define ASN1_F_ASN1_ITEM_I2D_FP 0
-# define ASN1_F_ASN1_ITEM_PACK 0
-# define ASN1_F_ASN1_ITEM_SIGN 0
-# define ASN1_F_ASN1_ITEM_SIGN_CTX 0
-# define ASN1_F_ASN1_ITEM_UNPACK 0
-# define ASN1_F_ASN1_ITEM_VERIFY 0
-# define ASN1_F_ASN1_MBSTRING_NCOPY 0
-# define ASN1_F_ASN1_OBJECT_NEW 0
-# define ASN1_F_ASN1_OUTPUT_DATA 0
-# define ASN1_F_ASN1_PCTX_NEW 0
-# define ASN1_F_ASN1_PRIMITIVE_NEW 0
-# define ASN1_F_ASN1_SCTX_NEW 0
-# define ASN1_F_ASN1_SIGN 0
-# define ASN1_F_ASN1_STR2TYPE 0
-# define ASN1_F_ASN1_STRING_GET_INT64 0
-# define ASN1_F_ASN1_STRING_GET_UINT64 0
-# define ASN1_F_ASN1_STRING_SET 0
-# define ASN1_F_ASN1_STRING_TABLE_ADD 0
-# define ASN1_F_ASN1_STRING_TO_BN 0
-# define ASN1_F_ASN1_STRING_TYPE_NEW 0
-# define ASN1_F_ASN1_TEMPLATE_EX_D2I 0
-# define ASN1_F_ASN1_TEMPLATE_NEW 0
-# define ASN1_F_ASN1_TEMPLATE_NOEXP_D2I 0
-# define ASN1_F_ASN1_TIME_ADJ 0
-# define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 0
-# define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 0
-# define ASN1_F_ASN1_UTCTIME_ADJ 0
-# define ASN1_F_ASN1_VERIFY 0
-# define ASN1_F_B64_READ_ASN1 0
-# define ASN1_F_B64_WRITE_ASN1 0
-# define ASN1_F_BIO_NEW_NDEF 0
-# define ASN1_F_BITSTR_CB 0
-# define ASN1_F_BN_TO_ASN1_STRING 0
-# define ASN1_F_C2I_ASN1_BIT_STRING 0
-# define ASN1_F_C2I_ASN1_INTEGER 0
-# define ASN1_F_C2I_ASN1_OBJECT 0
-# define ASN1_F_C2I_IBUF 0
-# define ASN1_F_C2I_UINT64_INT 0
-# define ASN1_F_COLLECT_DATA 0
-# define ASN1_F_D2I_ASN1_OBJECT 0
-# define ASN1_F_D2I_ASN1_UINTEGER 0
-# define ASN1_F_D2I_AUTOPRIVATEKEY 0
-# define ASN1_F_D2I_KEYPARAMS 0
-# define ASN1_F_D2I_PRIVATEKEY 0
-# define ASN1_F_D2I_PUBLICKEY 0
-# define ASN1_F_DO_BUF 0
-# define ASN1_F_DO_CREATE 0
-# define ASN1_F_DO_DUMP 0
-# define ASN1_F_DO_TCREATE 0
-# define ASN1_F_I2A_ASN1_OBJECT 0
-# define ASN1_F_I2D_ASN1_BIO_STREAM 0
-# define ASN1_F_I2D_ASN1_OBJECT 0
-# define ASN1_F_I2D_DSA_PUBKEY 0
-# define ASN1_F_I2D_EC_PUBKEY 0
-# define ASN1_F_I2D_KEYPARAMS 0
-# define ASN1_F_I2D_PRIVATEKEY 0
-# define ASN1_F_I2D_PUBLICKEY 0
-# define ASN1_F_I2D_RSA_PUBKEY 0
-# define ASN1_F_LONG_C2I 0
-# define ASN1_F_NDEF_PREFIX 0
-# define ASN1_F_NDEF_SUFFIX 0
-# define ASN1_F_OID_MODULE_INIT 0
-# define ASN1_F_PARSE_TAGGING 0
-# define ASN1_F_PKCS5_PBE2_SET_IV 0
-# define ASN1_F_PKCS5_PBE2_SET_SCRYPT 0
-# define ASN1_F_PKCS5_PBE_SET 0
-# define ASN1_F_PKCS5_PBE_SET0_ALGOR 0
-# define ASN1_F_PKCS5_PBKDF2_SET 0
-# define ASN1_F_PKCS5_SCRYPT_SET 0
-# define ASN1_F_SMIME_READ_ASN1 0
-# define ASN1_F_SMIME_TEXT 0
-# define ASN1_F_STABLE_GET 0
-# define ASN1_F_STBL_MODULE_INIT 0
-# define ASN1_F_UINT32_C2I 0
-# define ASN1_F_UINT32_NEW 0
-# define ASN1_F_UINT64_C2I 0
-# define ASN1_F_UINT64_NEW 0
-# define ASN1_F_X509_CRL_ADD0_REVOKED 0
-# define ASN1_F_X509_INFO_NEW 0
-# define ASN1_F_X509_NAME_ENCODE 0
-# define ASN1_F_X509_NAME_EX_D2I 0
-# define ASN1_F_X509_NAME_EX_NEW 0
-# define ASN1_F_X509_PKEY_NEW 0
-# endif
/*
* ASN1 reason codes.
@@ -150,6 +26,7 @@ int ERR_load_ASN1_strings(void);
# define ASN1_R_ASN1_SIG_PARSE_ERROR 204
# define ASN1_R_AUX_ERROR 100
# define ASN1_R_BAD_OBJECT_HEADER 102
+# define ASN1_R_BAD_TEMPLATE 230
# define ASN1_R_BMPSTRING_IS_WRONG_LENGTH 214
# define ASN1_R_BN_LIB 105
# define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 106
@@ -204,6 +81,7 @@ int ERR_load_ASN1_strings(void);
# define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH 133
# define ASN1_R_INVALID_UTF8STRING 134
# define ASN1_R_INVALID_VALUE 219
+# define ASN1_R_LENGTH_TOO_LONG 231
# define ASN1_R_LIST_ERROR 188
# define ASN1_R_MIME_NO_CONTENT_TYPE 206
# define ASN1_R_MIME_PARSE_ERROR 207
@@ -244,6 +122,7 @@ int ERR_load_ASN1_strings(void);
# define ASN1_R_TYPE_NOT_PRIMITIVE 195
# define ASN1_R_UNEXPECTED_EOC 159
# define ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH 215
+# define ASN1_R_UNKNOWN_DIGEST 229
# define ASN1_R_UNKNOWN_FORMAT 160
# define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 161
# define ASN1_R_UNKNOWN_OBJECT_TYPE 162
diff --git a/openssl/include/openssl/asn1t.h b/openssl/include/openssl/asn1t.h
index 75feb33a..9852afd7 100644..100755
--- a/openssl/include/openssl/asn1t.h
+++ b/openssl/include/openssl/asn1t.h
@@ -1,5 +1,8 @@
/*
- * Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * WARNING: do not edit!
+ * Generated by makefile from include\openssl\asn1t.h.in
+ *
+ * Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -7,6 +10,8 @@
* https://www.openssl.org/source/license.html
*/
+
+
#ifndef OPENSSL_ASN1T_H
# define OPENSSL_ASN1T_H
# pragma once
@@ -31,6 +36,55 @@
extern "C" {
#endif
+/*-
+ * These are the possible values for the itype field of the
+ * ASN1_ITEM structure and determine how it is interpreted.
+ *
+ * For PRIMITIVE types the underlying type
+ * determines the behaviour if items is NULL.
+ *
+ * Otherwise templates must contain a single
+ * template and the type is treated in the
+ * same way as the type specified in the template.
+ *
+ * For SEQUENCE types the templates field points
+ * to the members, the size field is the
+ * structure size.
+ *
+ * For CHOICE types the templates field points
+ * to each possible member (typically a union)
+ * and the 'size' field is the offset of the
+ * selector.
+ *
+ * The 'funcs' field is used for application-specific
+ * data and functions.
+ *
+ * The EXTERN type uses a new style d2i/i2d.
+ * The new style should be used where possible
+ * because it avoids things like the d2i IMPLICIT
+ * hack.
+ *
+ * MSTRING is a multiple string type, it is used
+ * for a CHOICE of character strings where the
+ * actual strings all occupy an ASN1_STRING
+ * structure. In this case the 'utype' field
+ * has a special meaning, it is used as a mask
+ * of acceptable types using the B_ASN1 constants.
+ *
+ * NDEF_SEQUENCE is the same as SEQUENCE except
+ * that it will use indefinite length constructed
+ * encoding if requested.
+ *
+ */
+
+# define ASN1_ITYPE_PRIMITIVE 0x0
+# define ASN1_ITYPE_SEQUENCE 0x1
+# define ASN1_ITYPE_CHOICE 0x2
+/* unused value 0x3 */
+# define ASN1_ITYPE_EXTERN 0x4
+# define ASN1_ITYPE_MSTRING 0x5
+# define ASN1_ITYPE_NDEF_SEQUENCE 0x6
+
/* Macro to obtain ASN1_ADB pointer from a type (only used internally) */
# define ASN1_ADB_ptr(iptr) ((const ASN1_ADB *)((iptr)()))
@@ -551,64 +605,12 @@ struct ASN1_ITEM_st {
const ASN1_TEMPLATE *templates; /* If SEQUENCE or CHOICE this contains
* the contents */
long tcount; /* Number of templates if SEQUENCE or CHOICE */
- const void *funcs; /* functions that handle this type */
+ const void *funcs; /* further data and type-specific functions */
+ /* funcs can be ASN1_PRIMITIVE_FUNCS*, ASN1_EXTERN_FUNCS*, or ASN1_AUX* */
long size; /* Structure size (usually) */
const char *sname; /* Structure name */
};
-/*-
- * These are values for the itype field and
- * determine how the type is interpreted.
- *
- * For PRIMITIVE types the underlying type
- * determines the behaviour if items is NULL.
- *
- * Otherwise templates must contain a single
- * template and the type is treated in the
- * same way as the type specified in the template.
- *
- * For SEQUENCE types the templates field points
- * to the members, the size field is the
- * structure size.
- *
- * For CHOICE types the templates field points
- * to each possible member (typically a union)
- * and the 'size' field is the offset of the
- * selector.
- *
- * The 'funcs' field is used for application
- * specific functions.
- *
- * The EXTERN type uses a new style d2i/i2d.
- * The new style should be used where possible
- * because it avoids things like the d2i IMPLICIT
- * hack.
- *
- * MSTRING is a multiple string type, it is used
- * for a CHOICE of character strings where the
- * actual strings all occupy an ASN1_STRING
- * structure. In this case the 'utype' field
- * has a special meaning, it is used as a mask
- * of acceptable types using the B_ASN1 constants.
- *
- * NDEF_SEQUENCE is the same as SEQUENCE except
- * that it will use indefinite length constructed
- * encoding if requested.
- *
- */
-
-# define ASN1_ITYPE_PRIMITIVE 0x0
-
-# define ASN1_ITYPE_SEQUENCE 0x1
-
-# define ASN1_ITYPE_CHOICE 0x2
-
-# define ASN1_ITYPE_EXTERN 0x4
-
-# define ASN1_ITYPE_MSTRING 0x5
-
-# define ASN1_ITYPE_NDEF_SEQUENCE 0x6
-
/*
* Cache for ASN1 tag and length, so we don't keep re-reading it for things
* like CHOICE
@@ -628,9 +630,15 @@ typedef int ASN1_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
const ASN1_ITEM *it, int tag, int aclass, char opt,
ASN1_TLC *ctx);
+typedef int ASN1_ex_d2i_ex(ASN1_VALUE **pval, const unsigned char **in, long len,
+ const ASN1_ITEM *it, int tag, int aclass, char opt,
+ ASN1_TLC *ctx, OSSL_LIB_CTX *libctx,
+ const char *propq);
typedef int ASN1_ex_i2d(const ASN1_VALUE **pval, unsigned char **out,
const ASN1_ITEM *it, int tag, int aclass);
typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
+typedef int ASN1_ex_new_ex_func(ASN1_VALUE **pval, const ASN1_ITEM *it,
+ OSSL_LIB_CTX *libctx, const char *propq);
typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
typedef int ASN1_ex_print_func(BIO *out, const ASN1_VALUE **pval,
@@ -654,6 +662,8 @@ typedef struct ASN1_EXTERN_FUNCS_st {
ASN1_ex_d2i *asn1_ex_d2i;
ASN1_ex_i2d *asn1_ex_i2d;
ASN1_ex_print_func *asn1_ex_print;
+ ASN1_ex_new_ex_func *asn1_ex_new_ex;
+ ASN1_ex_d2i_ex *asn1_ex_d2i_ex;
} ASN1_EXTERN_FUNCS;
typedef struct ASN1_PRIMITIVE_FUNCS_st {
@@ -693,7 +703,7 @@ typedef struct ASN1_AUX_st {
void *app_data;
int flags;
int ref_offset; /* Offset of reference value */
- int ref_lock; /* Lock type to use */
+ int ref_lock; /* Offset of lock value */
ASN1_aux_cb *asn1_cb;
int enc_offset; /* Offset of ASN1_ENCODING structure */
ASN1_aux_const_cb *asn1_const_cb; /* for ASN1_OP_I2D_ and ASN1_OP_PRINT_ */
@@ -743,6 +753,10 @@ typedef struct ASN1_STREAM_ARG_st {
# define ASN1_OP_STREAM_POST 11
# define ASN1_OP_DETACHED_PRE 12
# define ASN1_OP_DETACHED_POST 13
+# define ASN1_OP_DUP_PRE 14
+# define ASN1_OP_DUP_POST 15
+# define ASN1_OP_GET0_LIBCTX 16
+# define ASN1_OP_GET0_PROPQ 17
/* Macro to implement a primitive type */
# define IMPLEMENT_ASN1_TYPE(stname) IMPLEMENT_ASN1_TYPE_ex(stname, stname, 0)
@@ -880,7 +894,34 @@ DECLARE_ASN1_ITEM(LONG)
DECLARE_ASN1_ITEM(ZLONG)
# endif
-DEFINE_OR_DECLARE_STACK_OF(ASN1_VALUE)
+SKM_DEFINE_STACK_OF_INTERNAL(ASN1_VALUE, ASN1_VALUE, ASN1_VALUE)
+#define sk_ASN1_VALUE_num(sk) OPENSSL_sk_num(ossl_check_const_ASN1_VALUE_sk_type(sk))
+#define sk_ASN1_VALUE_value(sk, idx) ((ASN1_VALUE *)OPENSSL_sk_value(ossl_check_const_ASN1_VALUE_sk_type(sk), (idx)))
+#define sk_ASN1_VALUE_new(cmp) ((STACK_OF(ASN1_VALUE) *)OPENSSL_sk_new(ossl_check_ASN1_VALUE_compfunc_type(cmp)))
+#define sk_ASN1_VALUE_new_null() ((STACK_OF(ASN1_VALUE) *)OPENSSL_sk_new_null())
+#define sk_ASN1_VALUE_new_reserve(cmp, n) ((STACK_OF(ASN1_VALUE) *)OPENSSL_sk_new_reserve(ossl_check_ASN1_VALUE_compfunc_type(cmp), (n)))
+#define sk_ASN1_VALUE_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_ASN1_VALUE_sk_type(sk), (n))
+#define sk_ASN1_VALUE_free(sk) OPENSSL_sk_free(ossl_check_ASN1_VALUE_sk_type(sk))
+#define sk_ASN1_VALUE_zero(sk) OPENSSL_sk_zero(ossl_check_ASN1_VALUE_sk_type(sk))
+#define sk_ASN1_VALUE_delete(sk, i) ((ASN1_VALUE *)OPENSSL_sk_delete(ossl_check_ASN1_VALUE_sk_type(sk), (i)))
+#define sk_ASN1_VALUE_delete_ptr(sk, ptr) ((ASN1_VALUE *)OPENSSL_sk_delete_ptr(ossl_check_ASN1_VALUE_sk_type(sk), ossl_check_ASN1_VALUE_type(ptr)))
+#define sk_ASN1_VALUE_push(sk, ptr) OPENSSL_sk_push(ossl_check_ASN1_VALUE_sk_type(sk), ossl_check_ASN1_VALUE_type(ptr))
+#define sk_ASN1_VALUE_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_ASN1_VALUE_sk_type(sk), ossl_check_ASN1_VALUE_type(ptr))
+#define sk_ASN1_VALUE_pop(sk) ((ASN1_VALUE *)OPENSSL_sk_pop(ossl_check_ASN1_VALUE_sk_type(sk)))
+#define sk_ASN1_VALUE_shift(sk) ((ASN1_VALUE *)OPENSSL_sk_shift(ossl_check_ASN1_VALUE_sk_type(sk)))
+#define sk_ASN1_VALUE_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_ASN1_VALUE_sk_type(sk),ossl_check_ASN1_VALUE_freefunc_type(freefunc))
+#define sk_ASN1_VALUE_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_ASN1_VALUE_sk_type(sk), ossl_check_ASN1_VALUE_type(ptr), (idx))
+#define sk_ASN1_VALUE_set(sk, idx, ptr) ((ASN1_VALUE *)OPENSSL_sk_set(ossl_check_ASN1_VALUE_sk_type(sk), (idx), ossl_check_ASN1_VALUE_type(ptr)))
+#define sk_ASN1_VALUE_find(sk, ptr) OPENSSL_sk_find(ossl_check_ASN1_VALUE_sk_type(sk), ossl_check_ASN1_VALUE_type(ptr))
+#define sk_ASN1_VALUE_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_ASN1_VALUE_sk_type(sk), ossl_check_ASN1_VALUE_type(ptr))
+#define sk_ASN1_VALUE_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_ASN1_VALUE_sk_type(sk), ossl_check_ASN1_VALUE_type(ptr), pnum)
+#define sk_ASN1_VALUE_sort(sk) OPENSSL_sk_sort(ossl_check_ASN1_VALUE_sk_type(sk))
+#define sk_ASN1_VALUE_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_ASN1_VALUE_sk_type(sk))
+#define sk_ASN1_VALUE_dup(sk) ((STACK_OF(ASN1_VALUE) *)OPENSSL_sk_dup(ossl_check_const_ASN1_VALUE_sk_type(sk)))
+#define sk_ASN1_VALUE_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(ASN1_VALUE) *)OPENSSL_sk_deep_copy(ossl_check_const_ASN1_VALUE_sk_type(sk), ossl_check_ASN1_VALUE_copyfunc_type(copyfunc), ossl_check_ASN1_VALUE_freefunc_type(freefunc)))
+#define sk_ASN1_VALUE_set_cmp_func(sk, cmp) ((sk_ASN1_VALUE_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_ASN1_VALUE_sk_type(sk), ossl_check_ASN1_VALUE_compfunc_type(cmp)))
+
+
/* Functions used internally by the ASN1 code */
diff --git a/openssl/include/openssl/async.h b/openssl/include/openssl/async.h
index 2e2751f9..2e2751f9 100644..100755
--- a/openssl/include/openssl/async.h
+++ b/openssl/include/openssl/async.h
diff --git a/openssl/include/openssl/asyncerr.h b/openssl/include/openssl/asyncerr.h
index 647ce5b2..494c2ae1 100644..100755
--- a/openssl/include/openssl/asyncerr.h
+++ b/openssl/include/openssl/asyncerr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -14,25 +14,9 @@
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
+# include <openssl/cryptoerr_legacy.h>
-# ifdef __cplusplus
-extern "C"
-# endif
-int ERR_load_ASYNC_strings(void);
-
-/*
- * ASYNC function codes.
- */
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define ASYNC_F_ASYNC_CTX_NEW 0
-# define ASYNC_F_ASYNC_INIT_THREAD 0
-# define ASYNC_F_ASYNC_JOB_NEW 0
-# define ASYNC_F_ASYNC_PAUSE_JOB 0
-# define ASYNC_F_ASYNC_START_FUNC 0
-# define ASYNC_F_ASYNC_START_JOB 0
-# define ASYNC_F_ASYNC_WAIT_CTX_SET_WAIT_FD 0
-# endif
/*
* ASYNC reason codes.
diff --git a/openssl/include/openssl/bio.h b/openssl/include/openssl/bio.h
index e268dc63..387919cf 100644..100755
--- a/openssl/include/openssl/bio.h
+++ b/openssl/include/openssl/bio.h
@@ -1,5 +1,8 @@
/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * WARNING: do not edit!
+ * Generated by makefile from include\openssl\bio.h.in
+ *
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -7,6 +10,7 @@
* https://www.openssl.org/source/license.html
*/
+
#ifndef OPENSSL_BIO_H
# define OPENSSL_BIO_H
# pragma once
@@ -25,6 +29,7 @@
# include <openssl/crypto.h>
# include <openssl/bioerr.h>
+# include <openssl/core.h>
#ifdef __cplusplus
extern "C" {
@@ -61,7 +66,7 @@ extern "C" {
# ifndef OPENSSL_NO_SCTP
# define BIO_TYPE_DGRAM_SCTP (24|BIO_TYPE_SOURCE_SINK|BIO_TYPE_DESCRIPTOR)
# endif
-# define BIO_TYPE_CORE_TO_PROV (25|BIO_TYPE_FILTER)
+# define BIO_TYPE_CORE_TO_PROV (25|BIO_TYPE_SOURCE_SINK)
#define BIO_TYPE_START 128
@@ -104,7 +109,7 @@ extern "C" {
# define BIO_CTRL_DGRAM_GET_SEND_TIMEOUT 36/* getsockopt, essentially */
# define BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP 37/* flag whether the last */
-# define BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP 38/* I/O operation tiemd out */
+# define BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP 38/* I/O operation timed out */
/* #ifdef IP_MTU_DISCOVER */
# define BIO_CTRL_DGRAM_MTU_DISCOVER 39/* set DF bit on egress packets */
@@ -265,16 +270,23 @@ void BIO_clear_flags(BIO *b, int flags);
# define BIO_cb_pre(a) (!((a)&BIO_CB_RETURN))
# define BIO_cb_post(a) ((a)&BIO_CB_RETURN)
+# ifndef OPENSSL_NO_DEPRECATED_3_0
typedef long (*BIO_callback_fn)(BIO *b, int oper, const char *argp, int argi,
long argl, long ret);
+OSSL_DEPRECATEDIN_3_0 BIO_callback_fn BIO_get_callback(const BIO *b);
+OSSL_DEPRECATEDIN_3_0 void BIO_set_callback(BIO *b, BIO_callback_fn callback);
+OSSL_DEPRECATEDIN_3_0 long BIO_debug_callback(BIO *bio, int cmd,
+ const char *argp, int argi,
+ long argl, long ret);
+# endif
+
typedef long (*BIO_callback_fn_ex)(BIO *b, int oper, const char *argp,
size_t len, int argi,
long argl, int ret, size_t *processed);
-BIO_callback_fn BIO_get_callback(const BIO *b);
-void BIO_set_callback(BIO *b, BIO_callback_fn callback);
-
BIO_callback_fn_ex BIO_get_callback_ex(const BIO *b);
void BIO_set_callback_ex(BIO *b, BIO_callback_fn_ex callback);
+long BIO_debug_callback_ex(BIO *bio, int oper, const char *argp, size_t len,
+ int argi, long argl, int ret, size_t *processed);
char *BIO_get_callback_arg(const BIO *b);
void BIO_set_callback_arg(BIO *b, char *arg);
@@ -287,7 +299,34 @@ int BIO_method_type(const BIO *b);
typedef int BIO_info_cb(BIO *, int, int);
typedef BIO_info_cb bio_info_cb; /* backward compatibility */
-DEFINE_OR_DECLARE_STACK_OF(BIO)
+SKM_DEFINE_STACK_OF_INTERNAL(BIO, BIO, BIO)
+#define sk_BIO_num(sk) OPENSSL_sk_num(ossl_check_const_BIO_sk_type(sk))
+#define sk_BIO_value(sk, idx) ((BIO *)OPENSSL_sk_value(ossl_check_const_BIO_sk_type(sk), (idx)))
+#define sk_BIO_new(cmp) ((STACK_OF(BIO) *)OPENSSL_sk_new(ossl_check_BIO_compfunc_type(cmp)))
+#define sk_BIO_new_null() ((STACK_OF(BIO) *)OPENSSL_sk_new_null())
+#define sk_BIO_new_reserve(cmp, n) ((STACK_OF(BIO) *)OPENSSL_sk_new_reserve(ossl_check_BIO_compfunc_type(cmp), (n)))
+#define sk_BIO_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_BIO_sk_type(sk), (n))
+#define sk_BIO_free(sk) OPENSSL_sk_free(ossl_check_BIO_sk_type(sk))
+#define sk_BIO_zero(sk) OPENSSL_sk_zero(ossl_check_BIO_sk_type(sk))
+#define sk_BIO_delete(sk, i) ((BIO *)OPENSSL_sk_delete(ossl_check_BIO_sk_type(sk), (i)))
+#define sk_BIO_delete_ptr(sk, ptr) ((BIO *)OPENSSL_sk_delete_ptr(ossl_check_BIO_sk_type(sk), ossl_check_BIO_type(ptr)))
+#define sk_BIO_push(sk, ptr) OPENSSL_sk_push(ossl_check_BIO_sk_type(sk), ossl_check_BIO_type(ptr))
+#define sk_BIO_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_BIO_sk_type(sk), ossl_check_BIO_type(ptr))
+#define sk_BIO_pop(sk) ((BIO *)OPENSSL_sk_pop(ossl_check_BIO_sk_type(sk)))
+#define sk_BIO_shift(sk) ((BIO *)OPENSSL_sk_shift(ossl_check_BIO_sk_type(sk)))
+#define sk_BIO_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_BIO_sk_type(sk),ossl_check_BIO_freefunc_type(freefunc))
+#define sk_BIO_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_BIO_sk_type(sk), ossl_check_BIO_type(ptr), (idx))
+#define sk_BIO_set(sk, idx, ptr) ((BIO *)OPENSSL_sk_set(ossl_check_BIO_sk_type(sk), (idx), ossl_check_BIO_type(ptr)))
+#define sk_BIO_find(sk, ptr) OPENSSL_sk_find(ossl_check_BIO_sk_type(sk), ossl_check_BIO_type(ptr))
+#define sk_BIO_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_BIO_sk_type(sk), ossl_check_BIO_type(ptr))
+#define sk_BIO_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_BIO_sk_type(sk), ossl_check_BIO_type(ptr), pnum)
+#define sk_BIO_sort(sk) OPENSSL_sk_sort(ossl_check_BIO_sk_type(sk))
+#define sk_BIO_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_BIO_sk_type(sk))
+#define sk_BIO_dup(sk) ((STACK_OF(BIO) *)OPENSSL_sk_dup(ossl_check_const_BIO_sk_type(sk)))
+#define sk_BIO_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(BIO) *)OPENSSL_sk_deep_copy(ossl_check_const_BIO_sk_type(sk), ossl_check_BIO_copyfunc_type(copyfunc), ossl_check_BIO_freefunc_type(freefunc)))
+#define sk_BIO_set_cmp_func(sk, cmp) ((sk_BIO_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_BIO_sk_type(sk), ossl_check_BIO_compfunc_type(cmp)))
+
+
/* Prefix and suffix callback in ASN1 BIO */
typedef int asn1_ps_func (BIO *b, unsigned char **pbuf, int *plen,
@@ -435,12 +474,11 @@ struct bio_dgram_sctp_prinfo {
# define BIO_BIND_REUSEADDR_IF_UNUSED BIO_SOCK_REUSEADDR
# define BIO_set_bind_mode(b,mode) BIO_ctrl(b,BIO_C_SET_BIND_MODE,mode,NULL)
# define BIO_get_bind_mode(b) BIO_ctrl(b,BIO_C_GET_BIND_MODE,0,NULL)
-
-/* BIO_s_accept() and BIO_s_connect() */
-# define BIO_do_connect(b) BIO_do_handshake(b)
-# define BIO_do_accept(b) BIO_do_handshake(b)
# endif /* OPENSSL_NO_SOCK */
+# define BIO_do_connect(b) BIO_do_handshake(b)
+# define BIO_do_accept(b) BIO_do_handshake(b)
+
# define BIO_do_handshake(b) BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)
/* BIO_s_datagram(), BIO_s_fd(), BIO_s_socket(), BIO_s_accept() and BIO_s_connect() */
@@ -583,9 +621,11 @@ int BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix,
const BIO_METHOD *BIO_s_file(void);
BIO *BIO_new_file(const char *filename, const char *mode);
+BIO *BIO_new_from_core_bio(OSSL_LIB_CTX *libctx, OSSL_CORE_BIO *corebio);
# ifndef OPENSSL_NO_STDIO
BIO *BIO_new_fp(FILE *stream, int close_flag);
# endif
+BIO *BIO_new_ex(OSSL_LIB_CTX *libctx, const BIO_METHOD *method);
BIO *BIO_new(const BIO_METHOD *type);
int BIO_free(BIO *a);
void BIO_set_data(BIO *a, void *ptr);
@@ -599,6 +639,7 @@ int BIO_up_ref(BIO *a);
int BIO_read(BIO *b, void *data, int dlen);
int BIO_read_ex(BIO *b, void *data, size_t dlen, size_t *readbytes);
int BIO_gets(BIO *bp, char *buf, int size);
+int BIO_get_line(BIO *bio, char *buf, int size);
int BIO_write(BIO *b, const void *data, int dlen);
int BIO_write_ex(BIO *b, const void *data, size_t dlen, size_t *written);
int BIO_puts(BIO *bp, const char *buf);
@@ -623,9 +664,6 @@ int BIO_nread(BIO *bio, char **buf, int num);
int BIO_nwrite0(BIO *bio, char **buf);
int BIO_nwrite(BIO *bio, char **buf, int num);
-long BIO_debug_callback(BIO *bio, int cmd, const char *argp, int argi,
- long argl, long ret);
-
const BIO_METHOD *BIO_s_mem(void);
const BIO_METHOD *BIO_s_secmem(void);
BIO *BIO_new_mem_buf(const void *buf, int len);
@@ -640,9 +678,11 @@ const BIO_METHOD *BIO_s_bio(void);
const BIO_METHOD *BIO_s_null(void);
const BIO_METHOD *BIO_f_null(void);
const BIO_METHOD *BIO_f_buffer(void);
+const BIO_METHOD *BIO_f_readbuffer(void);
const BIO_METHOD *BIO_f_linebuffer(void);
const BIO_METHOD *BIO_f_nbio_test(void);
const BIO_METHOD *BIO_f_prefix(void);
+const BIO_METHOD *BIO_s_core(void);
# ifndef OPENSSL_NO_DGRAM
const BIO_METHOD *BIO_s_datagram(void);
int BIO_dgram_non_fatal_error(int error);
@@ -724,12 +764,13 @@ int BIO_sock_init(void);
# define BIO_sock_cleanup() while(0) continue
# endif
int BIO_set_tcp_ndelay(int sock, int turn_on);
-
-DEPRECATEDIN_1_1_0(struct hostent *BIO_gethostbyname(const char *name))
-DEPRECATEDIN_1_1_0(int BIO_get_port(const char *str, unsigned short *port_ptr))
-DEPRECATEDIN_1_1_0(int BIO_get_host_ip(const char *str, unsigned char *ip))
-DEPRECATEDIN_1_1_0(int BIO_get_accept_socket(char *host_port, int mode))
-DEPRECATEDIN_1_1_0(int BIO_accept(int sock, char **ip_port))
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+OSSL_DEPRECATEDIN_1_1_0 struct hostent *BIO_gethostbyname(const char *name);
+OSSL_DEPRECATEDIN_1_1_0 int BIO_get_port(const char *str, unsigned short *port_ptr);
+OSSL_DEPRECATEDIN_1_1_0 int BIO_get_host_ip(const char *str, unsigned char *ip);
+OSSL_DEPRECATEDIN_1_1_0 int BIO_get_accept_socket(char *host_port, int mode);
+OSSL_DEPRECATEDIN_1_1_0 int BIO_accept(int sock, char **ip_port);
+# endif
union BIO_sock_info_u {
BIO_ADDR *addr;
diff --git a/openssl/include/openssl/bioerr.h b/openssl/include/openssl/bioerr.h
index 98b02005..5ae15660 100644..100755
--- a/openssl/include/openssl/bioerr.h
+++ b/openssl/include/openssl/bioerr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -14,74 +14,9 @@
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
+# include <openssl/cryptoerr_legacy.h>
-# ifdef __cplusplus
-extern "C"
-# endif
-int ERR_load_BIO_strings(void);
-
-/*
- * BIO function codes.
- */
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define BIO_F_ACPT_STATE 0
-# define BIO_F_ADDRINFO_WRAP 0
-# define BIO_F_ADDR_STRINGS 0
-# define BIO_F_BIO_ACCEPT 0
-# define BIO_F_BIO_ACCEPT_EX 0
-# define BIO_F_BIO_ACCEPT_NEW 0
-# define BIO_F_BIO_ADDR_NEW 0
-# define BIO_F_BIO_BIND 0
-# define BIO_F_BIO_CALLBACK_CTRL 0
-# define BIO_F_BIO_CONNECT 0
-# define BIO_F_BIO_CONNECT_NEW 0
-# define BIO_F_BIO_CTRL 0
-# define BIO_F_BIO_GETS 0
-# define BIO_F_BIO_GET_HOST_IP 0
-# define BIO_F_BIO_GET_NEW_INDEX 0
-# define BIO_F_BIO_GET_PORT 0
-# define BIO_F_BIO_LISTEN 0
-# define BIO_F_BIO_LOOKUP 0
-# define BIO_F_BIO_LOOKUP_EX 0
-# define BIO_F_BIO_MAKE_PAIR 0
-# define BIO_F_BIO_METH_NEW 0
-# define BIO_F_BIO_NEW 0
-# define BIO_F_BIO_NEW_DGRAM_SCTP 0
-# define BIO_F_BIO_NEW_FILE 0
-# define BIO_F_BIO_NEW_MEM_BUF 0
-# define BIO_F_BIO_NREAD 0
-# define BIO_F_BIO_NREAD0 0
-# define BIO_F_BIO_NWRITE 0
-# define BIO_F_BIO_NWRITE0 0
-# define BIO_F_BIO_PARSE_HOSTSERV 0
-# define BIO_F_BIO_PUTS 0
-# define BIO_F_BIO_READ 0
-# define BIO_F_BIO_READ_EX 0
-# define BIO_F_BIO_READ_INTERN 0
-# define BIO_F_BIO_SOCKET 0
-# define BIO_F_BIO_SOCKET_NBIO 0
-# define BIO_F_BIO_SOCK_INFO 0
-# define BIO_F_BIO_SOCK_INIT 0
-# define BIO_F_BIO_WRITE 0
-# define BIO_F_BIO_WRITE_EX 0
-# define BIO_F_BIO_WRITE_INTERN 0
-# define BIO_F_BUFFER_CTRL 0
-# define BIO_F_CONN_CTRL 0
-# define BIO_F_CONN_STATE 0
-# define BIO_F_DGRAM_SCTP_NEW 0
-# define BIO_F_DGRAM_SCTP_READ 0
-# define BIO_F_DGRAM_SCTP_WRITE 0
-# define BIO_F_DOAPR_OUTCH 0
-# define BIO_F_FILE_CTRL 0
-# define BIO_F_FILE_READ 0
-# define BIO_F_LINEBUFFER_CTRL 0
-# define BIO_F_LINEBUFFER_NEW 0
-# define BIO_F_MEM_WRITE 0
-# define BIO_F_NBIOF_NEW 0
-# define BIO_F_SLG_WRITE 0
-# define BIO_F_SSL_NEW 0
-# endif
/*
* BIO reason codes.
@@ -109,7 +44,7 @@ int ERR_load_BIO_strings(void);
# define BIO_R_NO_HOSTNAME_OR_SERVICE_SPECIFIED 144
# define BIO_R_NO_PORT_DEFINED 113
# define BIO_R_NO_SUCH_FILE 128
-# define BIO_R_NULL_PARAMETER 115
+# define BIO_R_NULL_PARAMETER 115 /* unused */
# define BIO_R_TRANSFER_ERROR 104
# define BIO_R_TRANSFER_TIMEOUT 105
# define BIO_R_UNABLE_TO_BIND_SOCKET 117
diff --git a/openssl/include/openssl/blowfish.h b/openssl/include/openssl/blowfish.h
index 0ce70e66..46215fe1 100644..100755
--- a/openssl/include/openssl/blowfish.h
+++ b/openssl/include/openssl/blowfish.h
@@ -46,29 +46,29 @@ typedef struct bf_key_st {
} BF_KEY;
# endif /* OPENSSL_NO_DEPRECATED_3_0 */
-
-DEPRECATEDIN_3_0(void BF_set_key(BF_KEY *key, int len,
- const unsigned char *data))
-
-DEPRECATEDIN_3_0(void BF_encrypt(BF_LONG *data, const BF_KEY *key))
-DEPRECATEDIN_3_0(void BF_decrypt(BF_LONG *data, const BF_KEY *key))
-
-DEPRECATEDIN_3_0(void BF_ecb_encrypt(const unsigned char *in,
- unsigned char *out, const BF_KEY *key,
- int enc))
-DEPRECATEDIN_3_0(void BF_cbc_encrypt(const unsigned char *in,
- unsigned char *out, long length,
- const BF_KEY *schedule,
- unsigned char *ivec, int enc))
-DEPRECATEDIN_3_0(void BF_cfb64_encrypt(const unsigned char *in,
- unsigned char *out,
- long length, const BF_KEY *schedule,
- unsigned char *ivec, int *num, int enc))
-DEPRECATEDIN_3_0(void BF_ofb64_encrypt(const unsigned char *in,
- unsigned char *out,
- long length, const BF_KEY *schedule,
- unsigned char *ivec, int *num))
-DEPRECATEDIN_3_0(const char *BF_options(void))
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 void BF_set_key(BF_KEY *key, int len,
+ const unsigned char *data);
+OSSL_DEPRECATEDIN_3_0 void BF_encrypt(BF_LONG *data, const BF_KEY *key);
+OSSL_DEPRECATEDIN_3_0 void BF_decrypt(BF_LONG *data, const BF_KEY *key);
+OSSL_DEPRECATEDIN_3_0 void BF_ecb_encrypt(const unsigned char *in,
+ unsigned char *out, const BF_KEY *key,
+ int enc);
+OSSL_DEPRECATEDIN_3_0 void BF_cbc_encrypt(const unsigned char *in,
+ unsigned char *out, long length,
+ const BF_KEY *schedule,
+ unsigned char *ivec, int enc);
+OSSL_DEPRECATEDIN_3_0 void BF_cfb64_encrypt(const unsigned char *in,
+ unsigned char *out,
+ long length, const BF_KEY *schedule,
+ unsigned char *ivec, int *num,
+ int enc);
+OSSL_DEPRECATEDIN_3_0 void BF_ofb64_encrypt(const unsigned char *in,
+ unsigned char *out,
+ long length, const BF_KEY *schedule,
+ unsigned char *ivec, int *num);
+OSSL_DEPRECATEDIN_3_0 const char *BF_options(void);
+# endif
# ifdef __cplusplus
}
diff --git a/openssl/include/openssl/bn.h b/openssl/include/openssl/bn.h
index 7180a253..796511d6 100644..100755
--- a/openssl/include/openssl/bn.h
+++ b/openssl/include/openssl/bn.h
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
@@ -206,24 +206,32 @@ void BN_zero_ex(BIGNUM *a);
const BIGNUM *BN_value_one(void);
char *BN_options(void);
-BN_CTX *BN_CTX_new_ex(OPENSSL_CTX *ctx);
+BN_CTX *BN_CTX_new_ex(OSSL_LIB_CTX *ctx);
BN_CTX *BN_CTX_new(void);
-BN_CTX *BN_CTX_secure_new_ex(OPENSSL_CTX *ctx);
+BN_CTX *BN_CTX_secure_new_ex(OSSL_LIB_CTX *ctx);
BN_CTX *BN_CTX_secure_new(void);
void BN_CTX_free(BN_CTX *c);
void BN_CTX_start(BN_CTX *ctx);
BIGNUM *BN_CTX_get(BN_CTX *ctx);
void BN_CTX_end(BN_CTX *ctx);
-int BN_rand_ex(BIGNUM *rnd, int bits, int top, int bottom, BN_CTX *ctx);
+int BN_rand_ex(BIGNUM *rnd, int bits, int top, int bottom,
+ unsigned int strength, BN_CTX *ctx);
int BN_rand(BIGNUM *rnd, int bits, int top, int bottom);
-int BN_priv_rand_ex(BIGNUM *rnd, int bits, int top, int bottom, BN_CTX *ctx);
+int BN_priv_rand_ex(BIGNUM *rnd, int bits, int top, int bottom,
+ unsigned int strength, BN_CTX *ctx);
int BN_priv_rand(BIGNUM *rnd, int bits, int top, int bottom);
-int BN_rand_range_ex(BIGNUM *r, const BIGNUM *range, BN_CTX *ctx);
+int BN_rand_range_ex(BIGNUM *r, const BIGNUM *range, unsigned int strength,
+ BN_CTX *ctx);
int BN_rand_range(BIGNUM *rnd, const BIGNUM *range);
-int BN_priv_rand_range_ex(BIGNUM *r, const BIGNUM *range, BN_CTX *ctx);
+int BN_priv_rand_range_ex(BIGNUM *r, const BIGNUM *range,
+ unsigned int strength, BN_CTX *ctx);
int BN_priv_rand_range(BIGNUM *rnd, const BIGNUM *range);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0
int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom);
+OSSL_DEPRECATEDIN_3_0
int BN_pseudo_rand_range(BIGNUM *rnd, const BIGNUM *range);
+# endif
int BN_num_bits(const BIGNUM *a);
int BN_num_bits_word(BN_ULONG l);
int BN_security_bits(int L, int N);
@@ -308,6 +316,11 @@ int BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1, const BIGNUM *p1,
BN_CTX *ctx, BN_MONT_CTX *m_ctx);
int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx);
+int BN_mod_exp_mont_consttime_x2(BIGNUM *rr1, const BIGNUM *a1, const BIGNUM *p1,
+ const BIGNUM *m1, BN_MONT_CTX *in_mont1,
+ BIGNUM *rr2, const BIGNUM *a2, const BIGNUM *p2,
+ const BIGNUM *m2, BN_MONT_CTX *in_mont2,
+ BN_CTX *ctx);
int BN_mask_bits(BIGNUM *a, int n);
# ifndef OPENSSL_NO_STDIO
@@ -339,42 +352,51 @@ BIGNUM *BN_mod_sqrt(BIGNUM *ret,
void BN_consttime_swap(BN_ULONG swap, BIGNUM *a, BIGNUM *b, int nwords);
/* Deprecated versions */
-DEPRECATEDIN_0_9_8(BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe,
- const BIGNUM *add,
- const BIGNUM *rem,
- void (*callback) (int, int,
- void *),
- void *cb_arg))
-DEPRECATEDIN_0_9_8(int
- BN_is_prime(const BIGNUM *p, int nchecks,
- void (*callback) (int, int, void *),
- BN_CTX *ctx, void *cb_arg))
-DEPRECATEDIN_0_9_8(int
- BN_is_prime_fasttest(const BIGNUM *p, int nchecks,
- void (*callback) (int, int, void *),
- BN_CTX *ctx, void *cb_arg,
- int do_trial_division))
-
-DEPRECATEDIN_3_0(int BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, BN_GENCB *cb))
-DEPRECATEDIN_3_0(int BN_is_prime_fasttest_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx,
- int do_trial_division, BN_GENCB *cb))
+# ifndef OPENSSL_NO_DEPRECATED_0_9_8
+OSSL_DEPRECATEDIN_0_9_8
+BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe,
+ const BIGNUM *add, const BIGNUM *rem,
+ void (*callback) (int, int, void *),
+ void *cb_arg);
+OSSL_DEPRECATEDIN_0_9_8
+int BN_is_prime(const BIGNUM *p, int nchecks,
+ void (*callback) (int, int, void *),
+ BN_CTX *ctx, void *cb_arg);
+OSSL_DEPRECATEDIN_0_9_8
+int BN_is_prime_fasttest(const BIGNUM *p, int nchecks,
+ void (*callback) (int, int, void *),
+ BN_CTX *ctx, void *cb_arg,
+ int do_trial_division);
+# endif
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0
+int BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, BN_GENCB *cb);
+OSSL_DEPRECATEDIN_3_0
+int BN_is_prime_fasttest_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx,
+ int do_trial_division, BN_GENCB *cb);
+# endif
/* Newer versions */
int BN_generate_prime_ex2(BIGNUM *ret, int bits, int safe,
- const BIGNUM *add, const BIGNUM *rem, BN_GENCB *cb,
- BN_CTX *ctx);
+ const BIGNUM *add, const BIGNUM *rem, BN_GENCB *cb,
+ BN_CTX *ctx);
int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
const BIGNUM *rem, BN_GENCB *cb);
int BN_check_prime(const BIGNUM *p, BN_CTX *ctx, BN_GENCB *cb);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0
int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx);
+OSSL_DEPRECATEDIN_3_0
int BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
const BIGNUM *Xp, const BIGNUM *Xp1,
const BIGNUM *Xp2, const BIGNUM *e, BN_CTX *ctx,
BN_GENCB *cb);
+OSSL_DEPRECATEDIN_3_0
int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, BIGNUM *Xp1,
BIGNUM *Xp2, const BIGNUM *Xp, const BIGNUM *e,
BN_CTX *ctx, BN_GENCB *cb);
+# endif
BN_MONT_CTX *BN_MONT_CTX_new(void);
int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
@@ -418,10 +440,12 @@ BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
BN_CTX *ctx,
BN_MONT_CTX *m_ctx),
BN_MONT_CTX *m_ctx);
-
-DEPRECATEDIN_0_9_8(void BN_set_params(int mul, int high, int low, int mont))
-DEPRECATEDIN_0_9_8(int BN_get_params(int which)) /* 0, mul, 1 high, 2 low, 3
- * mont */
+# ifndef OPENSSL_NO_DEPRECATED_0_9_8
+OSSL_DEPRECATEDIN_0_9_8
+void BN_set_params(int mul, int high, int low, int mont);
+OSSL_DEPRECATEDIN_0_9_8
+int BN_get_params(int which); /* 0, mul, 1 high, 2 low, 3 mont */
+# endif
BN_RECP_CTX *BN_RECP_CTX_new(void);
void BN_RECP_CTX_free(BN_RECP_CTX *recp);
@@ -527,7 +551,6 @@ int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range,
const BIGNUM *priv, const unsigned char *message,
size_t message_len, BN_CTX *ctx);
-# ifndef OPENSSL_NO_DH
/* Primes from RFC 2409 */
BIGNUM *BN_get_rfc2409_prime_768(BIGNUM *bn);
BIGNUM *BN_get_rfc2409_prime_1024(BIGNUM *bn);
@@ -550,7 +573,6 @@ BIGNUM *BN_get_rfc3526_prime_8192(BIGNUM *bn);
# define get_rfc3526_prime_6144 BN_get_rfc3526_prime_6144
# define get_rfc3526_prime_8192 BN_get_rfc3526_prime_8192
# endif
-# endif
int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom);
diff --git a/openssl/include/openssl/bnerr.h b/openssl/include/openssl/bnerr.h
index 0400304f..46779e07 100644..100755
--- a/openssl/include/openssl/bnerr.h
+++ b/openssl/include/openssl/bnerr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -14,67 +14,9 @@
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
+# include <openssl/cryptoerr_legacy.h>
-# ifdef __cplusplus
-extern "C"
-# endif
-int ERR_load_BN_strings(void);
-
-/*
- * BN function codes.
- */
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define BN_F_BNRAND 0
-# define BN_F_BNRAND_RANGE 0
-# define BN_F_BN_BLINDING_CONVERT_EX 0
-# define BN_F_BN_BLINDING_CREATE_PARAM 0
-# define BN_F_BN_BLINDING_INVERT_EX 0
-# define BN_F_BN_BLINDING_NEW 0
-# define BN_F_BN_BLINDING_UPDATE 0
-# define BN_F_BN_BN2DEC 0
-# define BN_F_BN_BN2HEX 0
-# define BN_F_BN_COMPUTE_WNAF 0
-# define BN_F_BN_CTX_GET 0
-# define BN_F_BN_CTX_NEW 0
-# define BN_F_BN_CTX_NEW_EX 0
-# define BN_F_BN_CTX_START 0
-# define BN_F_BN_DIV 0
-# define BN_F_BN_DIV_RECP 0
-# define BN_F_BN_EXP 0
-# define BN_F_BN_EXPAND_INTERNAL 0
-# define BN_F_BN_GENCB_NEW 0
-# define BN_F_BN_GENERATE_DSA_NONCE 0
-# define BN_F_BN_GENERATE_PRIME_EX 0
-# define BN_F_BN_GF2M_MOD 0
-# define BN_F_BN_GF2M_MOD_EXP 0
-# define BN_F_BN_GF2M_MOD_MUL 0
-# define BN_F_BN_GF2M_MOD_SOLVE_QUAD 0
-# define BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR 0
-# define BN_F_BN_GF2M_MOD_SQR 0
-# define BN_F_BN_GF2M_MOD_SQRT 0
-# define BN_F_BN_LSHIFT 0
-# define BN_F_BN_MOD_EXP2_MONT 0
-# define BN_F_BN_MOD_EXP_MONT 0
-# define BN_F_BN_MOD_EXP_MONT_CONSTTIME 0
-# define BN_F_BN_MOD_EXP_MONT_WORD 0
-# define BN_F_BN_MOD_EXP_RECP 0
-# define BN_F_BN_MOD_EXP_SIMPLE 0
-# define BN_F_BN_MOD_INVERSE 0
-# define BN_F_BN_MOD_LSHIFT_QUICK 0
-# define BN_F_BN_MOD_SQRT 0
-# define BN_F_BN_MONT_CTX_NEW 0
-# define BN_F_BN_MPI2BN 0
-# define BN_F_BN_NEW 0
-# define BN_F_BN_POOL_GET 0
-# define BN_F_BN_RAND 0
-# define BN_F_BN_RAND_RANGE 0
-# define BN_F_BN_RECP_CTX_NEW 0
-# define BN_F_BN_RSHIFT 0
-# define BN_F_BN_SET_WORDS 0
-# define BN_F_BN_STACK_PUSH 0
-# define BN_F_BN_USUB 0
-# endif
/*
* BN reason codes.
diff --git a/openssl/include/openssl/buffer.h b/openssl/include/openssl/buffer.h
index 2bad93c6..2bad93c6 100644..100755
--- a/openssl/include/openssl/buffer.h
+++ b/openssl/include/openssl/buffer.h
diff --git a/openssl/include/openssl/buffererr.h b/openssl/include/openssl/buffererr.h
index fec58acd..7a188998 100644..100755
--- a/openssl/include/openssl/buffererr.h
+++ b/openssl/include/openssl/buffererr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -14,21 +14,9 @@
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
+# include <openssl/cryptoerr_legacy.h>
-# ifdef __cplusplus
-extern "C"
-# endif
-int ERR_load_BUF_strings(void);
-
-/*
- * BUF function codes.
- */
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define BUF_F_BUF_MEM_GROW 0
-# define BUF_F_BUF_MEM_GROW_CLEAN 0
-# define BUF_F_BUF_MEM_NEW 0
-# endif
/*
* BUF reason codes.
diff --git a/openssl/include/openssl/camellia.h b/openssl/include/openssl/camellia.h
index 3129d198..de7a82ea 100644..100755
--- a/openssl/include/openssl/camellia.h
+++ b/openssl/include/openssl/camellia.h
@@ -54,61 +54,60 @@ struct camellia_key_st {
typedef struct camellia_key_st CAMELLIA_KEY;
# endif /* OPENSSL_NO_DEPRECATED_3_0 */
-
-DEPRECATEDIN_3_0(int Camellia_set_key(const unsigned char *userKey,
- const int bits,
- CAMELLIA_KEY *key))
-
-DEPRECATEDIN_3_0(void Camellia_encrypt(const unsigned char *in,
- unsigned char *out,
- const CAMELLIA_KEY *key))
-DEPRECATEDIN_3_0(void Camellia_decrypt(const unsigned char *in,
- unsigned char *out,
- const CAMELLIA_KEY *key))
-
-DEPRECATEDIN_3_0(void Camellia_ecb_encrypt(const unsigned char *in,
- unsigned char *out,
- const CAMELLIA_KEY *key,
- const int enc))
-DEPRECATEDIN_3_0(void Camellia_cbc_encrypt(const unsigned char *in,
- unsigned char *out,
- size_t length, const
- CAMELLIA_KEY *key,
- unsigned char *ivec, const int enc))
-DEPRECATEDIN_3_0(void Camellia_cfb128_encrypt(const unsigned char *in,
- unsigned char *out,
- size_t length,
- const CAMELLIA_KEY *key,
- unsigned char *ivec,
- int *num,
- const int enc))
-DEPRECATEDIN_3_0(void Camellia_cfb1_encrypt(const unsigned char *in,
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int Camellia_set_key(const unsigned char *userKey,
+ const int bits,
+ CAMELLIA_KEY *key);
+OSSL_DEPRECATEDIN_3_0 void Camellia_encrypt(const unsigned char *in,
unsigned char *out,
- size_t length,
- const CAMELLIA_KEY *key,
- unsigned char *ivec,
- int *num,
- const int enc))
-DEPRECATEDIN_3_0(void Camellia_cfb8_encrypt(const unsigned char *in,
+ const CAMELLIA_KEY *key);
+OSSL_DEPRECATEDIN_3_0 void Camellia_decrypt(const unsigned char *in,
unsigned char *out,
- size_t length,
- const CAMELLIA_KEY *key,
- unsigned char *ivec,
- int *num,
- const int enc))
-DEPRECATEDIN_3_0(void Camellia_ofb128_encrypt(const unsigned char *in,
- unsigned char *out,
- size_t length,
- const CAMELLIA_KEY *key,
- unsigned char *ivec,
- int *num))
-DEPRECATEDIN_3_0(void Camellia_ctr128_encrypt(const unsigned char *in,
- unsigned char *out,
- size_t length,
- const CAMELLIA_KEY *key,
- unsigned char ivec[CAMELLIA_BLOCK_SIZE],
- unsigned char ecount_buf[CAMELLIA_BLOCK_SIZE],
- unsigned int *num))
+ const CAMELLIA_KEY *key);
+OSSL_DEPRECATEDIN_3_0 void Camellia_ecb_encrypt(const unsigned char *in,
+ unsigned char *out,
+ const CAMELLIA_KEY *key,
+ const int enc);
+OSSL_DEPRECATEDIN_3_0 void Camellia_cbc_encrypt(const unsigned char *in,
+ unsigned char *out,
+ size_t length,
+ const CAMELLIA_KEY *key,
+ unsigned char *ivec,
+ const int enc);
+OSSL_DEPRECATEDIN_3_0 void Camellia_cfb128_encrypt(const unsigned char *in,
+ unsigned char *out,
+ size_t length,
+ const CAMELLIA_KEY *key,
+ unsigned char *ivec,
+ int *num,
+ const int enc);
+OSSL_DEPRECATEDIN_3_0 void Camellia_cfb1_encrypt(const unsigned char *in,
+ unsigned char *out,
+ size_t length,
+ const CAMELLIA_KEY *key,
+ unsigned char *ivec,
+ int *num,
+ const int enc);
+OSSL_DEPRECATEDIN_3_0 void Camellia_cfb8_encrypt(const unsigned char *in,
+ unsigned char *out,
+ size_t length,
+ const CAMELLIA_KEY *key,
+ unsigned char *ivec,
+ int *num,
+ const int enc);
+OSSL_DEPRECATEDIN_3_0 void Camellia_ofb128_encrypt(const unsigned char *in,
+ unsigned char *out,
+ size_t length,
+ const CAMELLIA_KEY *key,
+ unsigned char *ivec,
+ int *num);
+OSSL_DEPRECATEDIN_3_0
+void Camellia_ctr128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const CAMELLIA_KEY *key,
+ unsigned char ivec[CAMELLIA_BLOCK_SIZE],
+ unsigned char ecount_buf[CAMELLIA_BLOCK_SIZE],
+ unsigned int *num);
+# endif
# ifdef __cplusplus
}
diff --git a/openssl/include/openssl/cast.h b/openssl/include/openssl/cast.h
index 6e0eca36..f3352b80 100644..100755
--- a/openssl/include/openssl/cast.h
+++ b/openssl/include/openssl/cast.h
@@ -39,36 +39,29 @@ typedef struct cast_key_st {
} CAST_KEY;
# endif /* OPENSSL_NO_DEPRECATED_3_0 */
-
-DEPRECATEDIN_3_0(void CAST_set_key(CAST_KEY *key, int len,
- const unsigned char *data))
-DEPRECATEDIN_3_0(void CAST_ecb_encrypt(const unsigned char *in,
- unsigned char *out,
- const CAST_KEY *key,
- int enc))
-DEPRECATEDIN_3_0(void CAST_encrypt(CAST_LONG *data,
- const CAST_KEY *key))
-DEPRECATEDIN_3_0(void CAST_decrypt(CAST_LONG *data,
- const CAST_KEY *key))
-DEPRECATEDIN_3_0(void CAST_cbc_encrypt(const unsigned char *in,
- unsigned char *out,
- long length,
- const CAST_KEY *ks,
- unsigned char *iv,
- int enc))
-DEPRECATEDIN_3_0(void CAST_cfb64_encrypt(const unsigned char *in,
- unsigned char *out,
- long length,
- const CAST_KEY *schedule,
- unsigned char *ivec,
- int *num,
- int enc))
-DEPRECATEDIN_3_0(void CAST_ofb64_encrypt(const unsigned char *in,
- unsigned char *out,
- long length,
- const CAST_KEY *schedule,
- unsigned char *ivec,
- int *num))
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0
+void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
+OSSL_DEPRECATEDIN_3_0
+void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out,
+ const CAST_KEY *key, int enc);
+OSSL_DEPRECATEDIN_3_0
+void CAST_encrypt(CAST_LONG *data, const CAST_KEY *key);
+OSSL_DEPRECATEDIN_3_0
+void CAST_decrypt(CAST_LONG *data, const CAST_KEY *key);
+OSSL_DEPRECATEDIN_3_0
+void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out,
+ long length, const CAST_KEY *ks, unsigned char *iv,
+ int enc);
+OSSL_DEPRECATEDIN_3_0
+void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, const CAST_KEY *schedule,
+ unsigned char *ivec, int *num, int enc);
+OSSL_DEPRECATEDIN_3_0
+void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, const CAST_KEY *schedule,
+ unsigned char *ivec, int *num);
+# endif
# ifdef __cplusplus
}
diff --git a/openssl/include/openssl/cmac.h b/openssl/include/openssl/cmac.h
index 28959f17..46643475 100644..100755
--- a/openssl/include/openssl/cmac.h
+++ b/openssl/include/openssl/cmac.h
@@ -28,19 +28,21 @@ extern "C" {
/* Opaque */
typedef struct CMAC_CTX_st CMAC_CTX;
# endif
-
-DEPRECATEDIN_3_0(CMAC_CTX *CMAC_CTX_new(void))
-DEPRECATEDIN_3_0(void CMAC_CTX_cleanup(CMAC_CTX *ctx))
-DEPRECATEDIN_3_0(void CMAC_CTX_free(CMAC_CTX *ctx))
-DEPRECATEDIN_3_0(EVP_CIPHER_CTX *CMAC_CTX_get0_cipher_ctx(CMAC_CTX *ctx))
-DEPRECATEDIN_3_0(int CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in))
-
-DEPRECATEDIN_3_0(int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
- const EVP_CIPHER *cipher, ENGINE *impl))
-DEPRECATEDIN_3_0(int CMAC_Update(CMAC_CTX *ctx, const void *data, size_t dlen))
-DEPRECATEDIN_3_0(int CMAC_Final(CMAC_CTX *ctx, unsigned char *out,
- size_t *poutlen))
-DEPRECATEDIN_3_0(int CMAC_resume(CMAC_CTX *ctx))
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 CMAC_CTX *CMAC_CTX_new(void);
+OSSL_DEPRECATEDIN_3_0 void CMAC_CTX_cleanup(CMAC_CTX *ctx);
+OSSL_DEPRECATEDIN_3_0 void CMAC_CTX_free(CMAC_CTX *ctx);
+OSSL_DEPRECATEDIN_3_0 EVP_CIPHER_CTX *CMAC_CTX_get0_cipher_ctx(CMAC_CTX *ctx);
+OSSL_DEPRECATEDIN_3_0 int CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in);
+OSSL_DEPRECATEDIN_3_0 int CMAC_Init(CMAC_CTX *ctx,
+ const void *key, size_t keylen,
+ const EVP_CIPHER *cipher, ENGINE *impl);
+OSSL_DEPRECATEDIN_3_0 int CMAC_Update(CMAC_CTX *ctx,
+ const void *data, size_t dlen);
+OSSL_DEPRECATEDIN_3_0 int CMAC_Final(CMAC_CTX *ctx,
+ unsigned char *out, size_t *poutlen);
+OSSL_DEPRECATEDIN_3_0 int CMAC_resume(CMAC_CTX *ctx);
+# endif
# ifdef __cplusplus
}
diff --git a/openssl/include/openssl/cmp.h b/openssl/include/openssl/cmp.h
index e315f462..e28c9ac1 100644..100755
--- a/openssl/include/openssl/cmp.h
+++ b/openssl/include/openssl/cmp.h
@@ -1,5 +1,8 @@
/*
- * Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * WARNING: do not edit!
+ * Generated by makefile from include\openssl\cmp.h.in
+ *
+ * Copyright 2007-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright Nokia 2007-2019
* Copyright Siemens AG 2015-2019
*
@@ -9,6 +12,8 @@
* https://www.openssl.org/source/license.html
*/
+
+
#ifndef OPENSSL_CMP_H
# define OPENSSL_CMP_H
@@ -210,21 +215,151 @@ typedef struct ossl_cmp_msg_st OSSL_CMP_MSG;
DECLARE_ASN1_DUP_FUNCTION(OSSL_CMP_MSG)
DECLARE_ASN1_ENCODE_FUNCTIONS(OSSL_CMP_MSG, OSSL_CMP_MSG, OSSL_CMP_MSG)
typedef struct ossl_cmp_certstatus_st OSSL_CMP_CERTSTATUS;
-DEFINE_OR_DECLARE_STACK_OF(OSSL_CMP_CERTSTATUS)
+SKM_DEFINE_STACK_OF_INTERNAL(OSSL_CMP_CERTSTATUS, OSSL_CMP_CERTSTATUS, OSSL_CMP_CERTSTATUS)
+#define sk_OSSL_CMP_CERTSTATUS_num(sk) OPENSSL_sk_num(ossl_check_const_OSSL_CMP_CERTSTATUS_sk_type(sk))
+#define sk_OSSL_CMP_CERTSTATUS_value(sk, idx) ((OSSL_CMP_CERTSTATUS *)OPENSSL_sk_value(ossl_check_const_OSSL_CMP_CERTSTATUS_sk_type(sk), (idx)))
+#define sk_OSSL_CMP_CERTSTATUS_new(cmp) ((STACK_OF(OSSL_CMP_CERTSTATUS) *)OPENSSL_sk_new(ossl_check_OSSL_CMP_CERTSTATUS_compfunc_type(cmp)))
+#define sk_OSSL_CMP_CERTSTATUS_new_null() ((STACK_OF(OSSL_CMP_CERTSTATUS) *)OPENSSL_sk_new_null())
+#define sk_OSSL_CMP_CERTSTATUS_new_reserve(cmp, n) ((STACK_OF(OSSL_CMP_CERTSTATUS) *)OPENSSL_sk_new_reserve(ossl_check_OSSL_CMP_CERTSTATUS_compfunc_type(cmp), (n)))
+#define sk_OSSL_CMP_CERTSTATUS_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk), (n))
+#define sk_OSSL_CMP_CERTSTATUS_free(sk) OPENSSL_sk_free(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk))
+#define sk_OSSL_CMP_CERTSTATUS_zero(sk) OPENSSL_sk_zero(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk))
+#define sk_OSSL_CMP_CERTSTATUS_delete(sk, i) ((OSSL_CMP_CERTSTATUS *)OPENSSL_sk_delete(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk), (i)))
+#define sk_OSSL_CMP_CERTSTATUS_delete_ptr(sk, ptr) ((OSSL_CMP_CERTSTATUS *)OPENSSL_sk_delete_ptr(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk), ossl_check_OSSL_CMP_CERTSTATUS_type(ptr)))
+#define sk_OSSL_CMP_CERTSTATUS_push(sk, ptr) OPENSSL_sk_push(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk), ossl_check_OSSL_CMP_CERTSTATUS_type(ptr))
+#define sk_OSSL_CMP_CERTSTATUS_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk), ossl_check_OSSL_CMP_CERTSTATUS_type(ptr))
+#define sk_OSSL_CMP_CERTSTATUS_pop(sk) ((OSSL_CMP_CERTSTATUS *)OPENSSL_sk_pop(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk)))
+#define sk_OSSL_CMP_CERTSTATUS_shift(sk) ((OSSL_CMP_CERTSTATUS *)OPENSSL_sk_shift(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk)))
+#define sk_OSSL_CMP_CERTSTATUS_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk),ossl_check_OSSL_CMP_CERTSTATUS_freefunc_type(freefunc))
+#define sk_OSSL_CMP_CERTSTATUS_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk), ossl_check_OSSL_CMP_CERTSTATUS_type(ptr), (idx))
+#define sk_OSSL_CMP_CERTSTATUS_set(sk, idx, ptr) ((OSSL_CMP_CERTSTATUS *)OPENSSL_sk_set(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk), (idx), ossl_check_OSSL_CMP_CERTSTATUS_type(ptr)))
+#define sk_OSSL_CMP_CERTSTATUS_find(sk, ptr) OPENSSL_sk_find(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk), ossl_check_OSSL_CMP_CERTSTATUS_type(ptr))
+#define sk_OSSL_CMP_CERTSTATUS_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk), ossl_check_OSSL_CMP_CERTSTATUS_type(ptr))
+#define sk_OSSL_CMP_CERTSTATUS_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk), ossl_check_OSSL_CMP_CERTSTATUS_type(ptr), pnum)
+#define sk_OSSL_CMP_CERTSTATUS_sort(sk) OPENSSL_sk_sort(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk))
+#define sk_OSSL_CMP_CERTSTATUS_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OSSL_CMP_CERTSTATUS_sk_type(sk))
+#define sk_OSSL_CMP_CERTSTATUS_dup(sk) ((STACK_OF(OSSL_CMP_CERTSTATUS) *)OPENSSL_sk_dup(ossl_check_const_OSSL_CMP_CERTSTATUS_sk_type(sk)))
+#define sk_OSSL_CMP_CERTSTATUS_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OSSL_CMP_CERTSTATUS) *)OPENSSL_sk_deep_copy(ossl_check_const_OSSL_CMP_CERTSTATUS_sk_type(sk), ossl_check_OSSL_CMP_CERTSTATUS_copyfunc_type(copyfunc), ossl_check_OSSL_CMP_CERTSTATUS_freefunc_type(freefunc)))
+#define sk_OSSL_CMP_CERTSTATUS_set_cmp_func(sk, cmp) ((sk_OSSL_CMP_CERTSTATUS_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OSSL_CMP_CERTSTATUS_sk_type(sk), ossl_check_OSSL_CMP_CERTSTATUS_compfunc_type(cmp)))
+
typedef struct ossl_cmp_itav_st OSSL_CMP_ITAV;
DECLARE_ASN1_DUP_FUNCTION(OSSL_CMP_ITAV)
-DEFINE_OR_DECLARE_STACK_OF(OSSL_CMP_ITAV)
+SKM_DEFINE_STACK_OF_INTERNAL(OSSL_CMP_ITAV, OSSL_CMP_ITAV, OSSL_CMP_ITAV)
+#define sk_OSSL_CMP_ITAV_num(sk) OPENSSL_sk_num(ossl_check_const_OSSL_CMP_ITAV_sk_type(sk))
+#define sk_OSSL_CMP_ITAV_value(sk, idx) ((OSSL_CMP_ITAV *)OPENSSL_sk_value(ossl_check_const_OSSL_CMP_ITAV_sk_type(sk), (idx)))
+#define sk_OSSL_CMP_ITAV_new(cmp) ((STACK_OF(OSSL_CMP_ITAV) *)OPENSSL_sk_new(ossl_check_OSSL_CMP_ITAV_compfunc_type(cmp)))
+#define sk_OSSL_CMP_ITAV_new_null() ((STACK_OF(OSSL_CMP_ITAV) *)OPENSSL_sk_new_null())
+#define sk_OSSL_CMP_ITAV_new_reserve(cmp, n) ((STACK_OF(OSSL_CMP_ITAV) *)OPENSSL_sk_new_reserve(ossl_check_OSSL_CMP_ITAV_compfunc_type(cmp), (n)))
+#define sk_OSSL_CMP_ITAV_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OSSL_CMP_ITAV_sk_type(sk), (n))
+#define sk_OSSL_CMP_ITAV_free(sk) OPENSSL_sk_free(ossl_check_OSSL_CMP_ITAV_sk_type(sk))
+#define sk_OSSL_CMP_ITAV_zero(sk) OPENSSL_sk_zero(ossl_check_OSSL_CMP_ITAV_sk_type(sk))
+#define sk_OSSL_CMP_ITAV_delete(sk, i) ((OSSL_CMP_ITAV *)OPENSSL_sk_delete(ossl_check_OSSL_CMP_ITAV_sk_type(sk), (i)))
+#define sk_OSSL_CMP_ITAV_delete_ptr(sk, ptr) ((OSSL_CMP_ITAV *)OPENSSL_sk_delete_ptr(ossl_check_OSSL_CMP_ITAV_sk_type(sk), ossl_check_OSSL_CMP_ITAV_type(ptr)))
+#define sk_OSSL_CMP_ITAV_push(sk, ptr) OPENSSL_sk_push(ossl_check_OSSL_CMP_ITAV_sk_type(sk), ossl_check_OSSL_CMP_ITAV_type(ptr))
+#define sk_OSSL_CMP_ITAV_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OSSL_CMP_ITAV_sk_type(sk), ossl_check_OSSL_CMP_ITAV_type(ptr))
+#define sk_OSSL_CMP_ITAV_pop(sk) ((OSSL_CMP_ITAV *)OPENSSL_sk_pop(ossl_check_OSSL_CMP_ITAV_sk_type(sk)))
+#define sk_OSSL_CMP_ITAV_shift(sk) ((OSSL_CMP_ITAV *)OPENSSL_sk_shift(ossl_check_OSSL_CMP_ITAV_sk_type(sk)))
+#define sk_OSSL_CMP_ITAV_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OSSL_CMP_ITAV_sk_type(sk),ossl_check_OSSL_CMP_ITAV_freefunc_type(freefunc))
+#define sk_OSSL_CMP_ITAV_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OSSL_CMP_ITAV_sk_type(sk), ossl_check_OSSL_CMP_ITAV_type(ptr), (idx))
+#define sk_OSSL_CMP_ITAV_set(sk, idx, ptr) ((OSSL_CMP_ITAV *)OPENSSL_sk_set(ossl_check_OSSL_CMP_ITAV_sk_type(sk), (idx), ossl_check_OSSL_CMP_ITAV_type(ptr)))
+#define sk_OSSL_CMP_ITAV_find(sk, ptr) OPENSSL_sk_find(ossl_check_OSSL_CMP_ITAV_sk_type(sk), ossl_check_OSSL_CMP_ITAV_type(ptr))
+#define sk_OSSL_CMP_ITAV_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OSSL_CMP_ITAV_sk_type(sk), ossl_check_OSSL_CMP_ITAV_type(ptr))
+#define sk_OSSL_CMP_ITAV_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OSSL_CMP_ITAV_sk_type(sk), ossl_check_OSSL_CMP_ITAV_type(ptr), pnum)
+#define sk_OSSL_CMP_ITAV_sort(sk) OPENSSL_sk_sort(ossl_check_OSSL_CMP_ITAV_sk_type(sk))
+#define sk_OSSL_CMP_ITAV_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OSSL_CMP_ITAV_sk_type(sk))
+#define sk_OSSL_CMP_ITAV_dup(sk) ((STACK_OF(OSSL_CMP_ITAV) *)OPENSSL_sk_dup(ossl_check_const_OSSL_CMP_ITAV_sk_type(sk)))
+#define sk_OSSL_CMP_ITAV_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OSSL_CMP_ITAV) *)OPENSSL_sk_deep_copy(ossl_check_const_OSSL_CMP_ITAV_sk_type(sk), ossl_check_OSSL_CMP_ITAV_copyfunc_type(copyfunc), ossl_check_OSSL_CMP_ITAV_freefunc_type(freefunc)))
+#define sk_OSSL_CMP_ITAV_set_cmp_func(sk, cmp) ((sk_OSSL_CMP_ITAV_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OSSL_CMP_ITAV_sk_type(sk), ossl_check_OSSL_CMP_ITAV_compfunc_type(cmp)))
+
typedef struct ossl_cmp_revrepcontent_st OSSL_CMP_REVREPCONTENT;
typedef struct ossl_cmp_pkisi_st OSSL_CMP_PKISI;
DECLARE_ASN1_FUNCTIONS(OSSL_CMP_PKISI)
DECLARE_ASN1_DUP_FUNCTION(OSSL_CMP_PKISI)
-DEFINE_OR_DECLARE_STACK_OF(OSSL_CMP_PKISI)
+SKM_DEFINE_STACK_OF_INTERNAL(OSSL_CMP_PKISI, OSSL_CMP_PKISI, OSSL_CMP_PKISI)
+#define sk_OSSL_CMP_PKISI_num(sk) OPENSSL_sk_num(ossl_check_const_OSSL_CMP_PKISI_sk_type(sk))
+#define sk_OSSL_CMP_PKISI_value(sk, idx) ((OSSL_CMP_PKISI *)OPENSSL_sk_value(ossl_check_const_OSSL_CMP_PKISI_sk_type(sk), (idx)))
+#define sk_OSSL_CMP_PKISI_new(cmp) ((STACK_OF(OSSL_CMP_PKISI) *)OPENSSL_sk_new(ossl_check_OSSL_CMP_PKISI_compfunc_type(cmp)))
+#define sk_OSSL_CMP_PKISI_new_null() ((STACK_OF(OSSL_CMP_PKISI) *)OPENSSL_sk_new_null())
+#define sk_OSSL_CMP_PKISI_new_reserve(cmp, n) ((STACK_OF(OSSL_CMP_PKISI) *)OPENSSL_sk_new_reserve(ossl_check_OSSL_CMP_PKISI_compfunc_type(cmp), (n)))
+#define sk_OSSL_CMP_PKISI_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OSSL_CMP_PKISI_sk_type(sk), (n))
+#define sk_OSSL_CMP_PKISI_free(sk) OPENSSL_sk_free(ossl_check_OSSL_CMP_PKISI_sk_type(sk))
+#define sk_OSSL_CMP_PKISI_zero(sk) OPENSSL_sk_zero(ossl_check_OSSL_CMP_PKISI_sk_type(sk))
+#define sk_OSSL_CMP_PKISI_delete(sk, i) ((OSSL_CMP_PKISI *)OPENSSL_sk_delete(ossl_check_OSSL_CMP_PKISI_sk_type(sk), (i)))
+#define sk_OSSL_CMP_PKISI_delete_ptr(sk, ptr) ((OSSL_CMP_PKISI *)OPENSSL_sk_delete_ptr(ossl_check_OSSL_CMP_PKISI_sk_type(sk), ossl_check_OSSL_CMP_PKISI_type(ptr)))
+#define sk_OSSL_CMP_PKISI_push(sk, ptr) OPENSSL_sk_push(ossl_check_OSSL_CMP_PKISI_sk_type(sk), ossl_check_OSSL_CMP_PKISI_type(ptr))
+#define sk_OSSL_CMP_PKISI_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OSSL_CMP_PKISI_sk_type(sk), ossl_check_OSSL_CMP_PKISI_type(ptr))
+#define sk_OSSL_CMP_PKISI_pop(sk) ((OSSL_CMP_PKISI *)OPENSSL_sk_pop(ossl_check_OSSL_CMP_PKISI_sk_type(sk)))
+#define sk_OSSL_CMP_PKISI_shift(sk) ((OSSL_CMP_PKISI *)OPENSSL_sk_shift(ossl_check_OSSL_CMP_PKISI_sk_type(sk)))
+#define sk_OSSL_CMP_PKISI_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OSSL_CMP_PKISI_sk_type(sk),ossl_check_OSSL_CMP_PKISI_freefunc_type(freefunc))
+#define sk_OSSL_CMP_PKISI_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OSSL_CMP_PKISI_sk_type(sk), ossl_check_OSSL_CMP_PKISI_type(ptr), (idx))
+#define sk_OSSL_CMP_PKISI_set(sk, idx, ptr) ((OSSL_CMP_PKISI *)OPENSSL_sk_set(ossl_check_OSSL_CMP_PKISI_sk_type(sk), (idx), ossl_check_OSSL_CMP_PKISI_type(ptr)))
+#define sk_OSSL_CMP_PKISI_find(sk, ptr) OPENSSL_sk_find(ossl_check_OSSL_CMP_PKISI_sk_type(sk), ossl_check_OSSL_CMP_PKISI_type(ptr))
+#define sk_OSSL_CMP_PKISI_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OSSL_CMP_PKISI_sk_type(sk), ossl_check_OSSL_CMP_PKISI_type(ptr))
+#define sk_OSSL_CMP_PKISI_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OSSL_CMP_PKISI_sk_type(sk), ossl_check_OSSL_CMP_PKISI_type(ptr), pnum)
+#define sk_OSSL_CMP_PKISI_sort(sk) OPENSSL_sk_sort(ossl_check_OSSL_CMP_PKISI_sk_type(sk))
+#define sk_OSSL_CMP_PKISI_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OSSL_CMP_PKISI_sk_type(sk))
+#define sk_OSSL_CMP_PKISI_dup(sk) ((STACK_OF(OSSL_CMP_PKISI) *)OPENSSL_sk_dup(ossl_check_const_OSSL_CMP_PKISI_sk_type(sk)))
+#define sk_OSSL_CMP_PKISI_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OSSL_CMP_PKISI) *)OPENSSL_sk_deep_copy(ossl_check_const_OSSL_CMP_PKISI_sk_type(sk), ossl_check_OSSL_CMP_PKISI_copyfunc_type(copyfunc), ossl_check_OSSL_CMP_PKISI_freefunc_type(freefunc)))
+#define sk_OSSL_CMP_PKISI_set_cmp_func(sk, cmp) ((sk_OSSL_CMP_PKISI_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OSSL_CMP_PKISI_sk_type(sk), ossl_check_OSSL_CMP_PKISI_compfunc_type(cmp)))
+
typedef struct ossl_cmp_certrepmessage_st OSSL_CMP_CERTREPMESSAGE;
-DEFINE_OR_DECLARE_STACK_OF(OSSL_CMP_CERTREPMESSAGE)
+SKM_DEFINE_STACK_OF_INTERNAL(OSSL_CMP_CERTREPMESSAGE, OSSL_CMP_CERTREPMESSAGE, OSSL_CMP_CERTREPMESSAGE)
+#define sk_OSSL_CMP_CERTREPMESSAGE_num(sk) OPENSSL_sk_num(ossl_check_const_OSSL_CMP_CERTREPMESSAGE_sk_type(sk))
+#define sk_OSSL_CMP_CERTREPMESSAGE_value(sk, idx) ((OSSL_CMP_CERTREPMESSAGE *)OPENSSL_sk_value(ossl_check_const_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), (idx)))
+#define sk_OSSL_CMP_CERTREPMESSAGE_new(cmp) ((STACK_OF(OSSL_CMP_CERTREPMESSAGE) *)OPENSSL_sk_new(ossl_check_OSSL_CMP_CERTREPMESSAGE_compfunc_type(cmp)))
+#define sk_OSSL_CMP_CERTREPMESSAGE_new_null() ((STACK_OF(OSSL_CMP_CERTREPMESSAGE) *)OPENSSL_sk_new_null())
+#define sk_OSSL_CMP_CERTREPMESSAGE_new_reserve(cmp, n) ((STACK_OF(OSSL_CMP_CERTREPMESSAGE) *)OPENSSL_sk_new_reserve(ossl_check_OSSL_CMP_CERTREPMESSAGE_compfunc_type(cmp), (n)))
+#define sk_OSSL_CMP_CERTREPMESSAGE_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), (n))
+#define sk_OSSL_CMP_CERTREPMESSAGE_free(sk) OPENSSL_sk_free(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk))
+#define sk_OSSL_CMP_CERTREPMESSAGE_zero(sk) OPENSSL_sk_zero(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk))
+#define sk_OSSL_CMP_CERTREPMESSAGE_delete(sk, i) ((OSSL_CMP_CERTREPMESSAGE *)OPENSSL_sk_delete(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), (i)))
+#define sk_OSSL_CMP_CERTREPMESSAGE_delete_ptr(sk, ptr) ((OSSL_CMP_CERTREPMESSAGE *)OPENSSL_sk_delete_ptr(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), ossl_check_OSSL_CMP_CERTREPMESSAGE_type(ptr)))
+#define sk_OSSL_CMP_CERTREPMESSAGE_push(sk, ptr) OPENSSL_sk_push(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), ossl_check_OSSL_CMP_CERTREPMESSAGE_type(ptr))
+#define sk_OSSL_CMP_CERTREPMESSAGE_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), ossl_check_OSSL_CMP_CERTREPMESSAGE_type(ptr))
+#define sk_OSSL_CMP_CERTREPMESSAGE_pop(sk) ((OSSL_CMP_CERTREPMESSAGE *)OPENSSL_sk_pop(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk)))
+#define sk_OSSL_CMP_CERTREPMESSAGE_shift(sk) ((OSSL_CMP_CERTREPMESSAGE *)OPENSSL_sk_shift(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk)))
+#define sk_OSSL_CMP_CERTREPMESSAGE_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk),ossl_check_OSSL_CMP_CERTREPMESSAGE_freefunc_type(freefunc))
+#define sk_OSSL_CMP_CERTREPMESSAGE_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), ossl_check_OSSL_CMP_CERTREPMESSAGE_type(ptr), (idx))
+#define sk_OSSL_CMP_CERTREPMESSAGE_set(sk, idx, ptr) ((OSSL_CMP_CERTREPMESSAGE *)OPENSSL_sk_set(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), (idx), ossl_check_OSSL_CMP_CERTREPMESSAGE_type(ptr)))
+#define sk_OSSL_CMP_CERTREPMESSAGE_find(sk, ptr) OPENSSL_sk_find(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), ossl_check_OSSL_CMP_CERTREPMESSAGE_type(ptr))
+#define sk_OSSL_CMP_CERTREPMESSAGE_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), ossl_check_OSSL_CMP_CERTREPMESSAGE_type(ptr))
+#define sk_OSSL_CMP_CERTREPMESSAGE_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), ossl_check_OSSL_CMP_CERTREPMESSAGE_type(ptr), pnum)
+#define sk_OSSL_CMP_CERTREPMESSAGE_sort(sk) OPENSSL_sk_sort(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk))
+#define sk_OSSL_CMP_CERTREPMESSAGE_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OSSL_CMP_CERTREPMESSAGE_sk_type(sk))
+#define sk_OSSL_CMP_CERTREPMESSAGE_dup(sk) ((STACK_OF(OSSL_CMP_CERTREPMESSAGE) *)OPENSSL_sk_dup(ossl_check_const_OSSL_CMP_CERTREPMESSAGE_sk_type(sk)))
+#define sk_OSSL_CMP_CERTREPMESSAGE_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OSSL_CMP_CERTREPMESSAGE) *)OPENSSL_sk_deep_copy(ossl_check_const_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), ossl_check_OSSL_CMP_CERTREPMESSAGE_copyfunc_type(copyfunc), ossl_check_OSSL_CMP_CERTREPMESSAGE_freefunc_type(freefunc)))
+#define sk_OSSL_CMP_CERTREPMESSAGE_set_cmp_func(sk, cmp) ((sk_OSSL_CMP_CERTREPMESSAGE_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OSSL_CMP_CERTREPMESSAGE_sk_type(sk), ossl_check_OSSL_CMP_CERTREPMESSAGE_compfunc_type(cmp)))
+
typedef struct ossl_cmp_pollrep_st OSSL_CMP_POLLREP;
typedef STACK_OF(OSSL_CMP_POLLREP) OSSL_CMP_POLLREPCONTENT;
typedef struct ossl_cmp_certresponse_st OSSL_CMP_CERTRESPONSE;
-DEFINE_OR_DECLARE_STACK_OF(OSSL_CMP_CERTRESPONSE)
+SKM_DEFINE_STACK_OF_INTERNAL(OSSL_CMP_CERTRESPONSE, OSSL_CMP_CERTRESPONSE, OSSL_CMP_CERTRESPONSE)
+#define sk_OSSL_CMP_CERTRESPONSE_num(sk) OPENSSL_sk_num(ossl_check_const_OSSL_CMP_CERTRESPONSE_sk_type(sk))
+#define sk_OSSL_CMP_CERTRESPONSE_value(sk, idx) ((OSSL_CMP_CERTRESPONSE *)OPENSSL_sk_value(ossl_check_const_OSSL_CMP_CERTRESPONSE_sk_type(sk), (idx)))
+#define sk_OSSL_CMP_CERTRESPONSE_new(cmp) ((STACK_OF(OSSL_CMP_CERTRESPONSE) *)OPENSSL_sk_new(ossl_check_OSSL_CMP_CERTRESPONSE_compfunc_type(cmp)))
+#define sk_OSSL_CMP_CERTRESPONSE_new_null() ((STACK_OF(OSSL_CMP_CERTRESPONSE) *)OPENSSL_sk_new_null())
+#define sk_OSSL_CMP_CERTRESPONSE_new_reserve(cmp, n) ((STACK_OF(OSSL_CMP_CERTRESPONSE) *)OPENSSL_sk_new_reserve(ossl_check_OSSL_CMP_CERTRESPONSE_compfunc_type(cmp), (n)))
+#define sk_OSSL_CMP_CERTRESPONSE_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk), (n))
+#define sk_OSSL_CMP_CERTRESPONSE_free(sk) OPENSSL_sk_free(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk))
+#define sk_OSSL_CMP_CERTRESPONSE_zero(sk) OPENSSL_sk_zero(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk))
+#define sk_OSSL_CMP_CERTRESPONSE_delete(sk, i) ((OSSL_CMP_CERTRESPONSE *)OPENSSL_sk_delete(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk), (i)))
+#define sk_OSSL_CMP_CERTRESPONSE_delete_ptr(sk, ptr) ((OSSL_CMP_CERTRESPONSE *)OPENSSL_sk_delete_ptr(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk), ossl_check_OSSL_CMP_CERTRESPONSE_type(ptr)))
+#define sk_OSSL_CMP_CERTRESPONSE_push(sk, ptr) OPENSSL_sk_push(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk), ossl_check_OSSL_CMP_CERTRESPONSE_type(ptr))
+#define sk_OSSL_CMP_CERTRESPONSE_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk), ossl_check_OSSL_CMP_CERTRESPONSE_type(ptr))
+#define sk_OSSL_CMP_CERTRESPONSE_pop(sk) ((OSSL_CMP_CERTRESPONSE *)OPENSSL_sk_pop(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk)))
+#define sk_OSSL_CMP_CERTRESPONSE_shift(sk) ((OSSL_CMP_CERTRESPONSE *)OPENSSL_sk_shift(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk)))
+#define sk_OSSL_CMP_CERTRESPONSE_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk),ossl_check_OSSL_CMP_CERTRESPONSE_freefunc_type(freefunc))
+#define sk_OSSL_CMP_CERTRESPONSE_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk), ossl_check_OSSL_CMP_CERTRESPONSE_type(ptr), (idx))
+#define sk_OSSL_CMP_CERTRESPONSE_set(sk, idx, ptr) ((OSSL_CMP_CERTRESPONSE *)OPENSSL_sk_set(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk), (idx), ossl_check_OSSL_CMP_CERTRESPONSE_type(ptr)))
+#define sk_OSSL_CMP_CERTRESPONSE_find(sk, ptr) OPENSSL_sk_find(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk), ossl_check_OSSL_CMP_CERTRESPONSE_type(ptr))
+#define sk_OSSL_CMP_CERTRESPONSE_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk), ossl_check_OSSL_CMP_CERTRESPONSE_type(ptr))
+#define sk_OSSL_CMP_CERTRESPONSE_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk), ossl_check_OSSL_CMP_CERTRESPONSE_type(ptr), pnum)
+#define sk_OSSL_CMP_CERTRESPONSE_sort(sk) OPENSSL_sk_sort(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk))
+#define sk_OSSL_CMP_CERTRESPONSE_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OSSL_CMP_CERTRESPONSE_sk_type(sk))
+#define sk_OSSL_CMP_CERTRESPONSE_dup(sk) ((STACK_OF(OSSL_CMP_CERTRESPONSE) *)OPENSSL_sk_dup(ossl_check_const_OSSL_CMP_CERTRESPONSE_sk_type(sk)))
+#define sk_OSSL_CMP_CERTRESPONSE_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OSSL_CMP_CERTRESPONSE) *)OPENSSL_sk_deep_copy(ossl_check_const_OSSL_CMP_CERTRESPONSE_sk_type(sk), ossl_check_OSSL_CMP_CERTRESPONSE_copyfunc_type(copyfunc), ossl_check_OSSL_CMP_CERTRESPONSE_freefunc_type(freefunc)))
+#define sk_OSSL_CMP_CERTRESPONSE_set_cmp_func(sk, cmp) ((sk_OSSL_CMP_CERTRESPONSE_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OSSL_CMP_CERTRESPONSE_sk_type(sk), ossl_check_OSSL_CMP_CERTRESPONSE_compfunc_type(cmp)))
+
typedef STACK_OF(ASN1_UTF8STRING) OSSL_CMP_PKIFREETEXT;
/*
@@ -243,28 +378,32 @@ void OSSL_CMP_ITAV_free(OSSL_CMP_ITAV *itav);
void OSSL_CMP_MSG_free(OSSL_CMP_MSG *msg);
/* from cmp_ctx.c */
-OSSL_CMP_CTX *OSSL_CMP_CTX_new(void);
+OSSL_CMP_CTX *OSSL_CMP_CTX_new(OSSL_LIB_CTX *libctx, const char *propq);
void OSSL_CMP_CTX_free(OSSL_CMP_CTX *ctx);
int OSSL_CMP_CTX_reinit(OSSL_CMP_CTX *ctx);
-/* various CMP options: */
+/* CMP general options: */
# define OSSL_CMP_OPT_LOG_VERBOSITY 0
-# define OSSL_CMP_OPT_MSG_TIMEOUT 1
-# define OSSL_CMP_OPT_TOTAL_TIMEOUT 2
-# define OSSL_CMP_OPT_VALIDITY_DAYS 3
-# define OSSL_CMP_OPT_SUBJECTALTNAME_NODEFAULT 4
-# define OSSL_CMP_OPT_SUBJECTALTNAME_CRITICAL 5
-# define OSSL_CMP_OPT_POLICIES_CRITICAL 6
-# define OSSL_CMP_OPT_POPO_METHOD 7
-# define OSSL_CMP_OPT_DIGEST_ALGNID 8
-# define OSSL_CMP_OPT_OWF_ALGNID 9
-# define OSSL_CMP_OPT_MAC_ALGNID 10
-# define OSSL_CMP_OPT_REVOCATION_REASON 11
-# define OSSL_CMP_OPT_IMPLICIT_CONFIRM 12
-# define OSSL_CMP_OPT_DISABLE_CONFIRM 13
-# define OSSL_CMP_OPT_UNPROTECTED_SEND 14
-# define OSSL_CMP_OPT_UNPROTECTED_ERRORS 15
-# define OSSL_CMP_OPT_IGNORE_KEYUSAGE 16
-# define OSSL_CMP_OPT_PERMIT_TA_IN_EXTRACERTS_FOR_IR 17
+/* CMP transfer options: */
+# define OSSL_CMP_OPT_KEEP_ALIVE 10
+# define OSSL_CMP_OPT_MSG_TIMEOUT 11
+# define OSSL_CMP_OPT_TOTAL_TIMEOUT 12
+/* CMP request options: */
+# define OSSL_CMP_OPT_VALIDITY_DAYS 20
+# define OSSL_CMP_OPT_SUBJECTALTNAME_NODEFAULT 21
+# define OSSL_CMP_OPT_SUBJECTALTNAME_CRITICAL 22
+# define OSSL_CMP_OPT_POLICIES_CRITICAL 23
+# define OSSL_CMP_OPT_POPO_METHOD 24
+# define OSSL_CMP_OPT_IMPLICIT_CONFIRM 25
+# define OSSL_CMP_OPT_DISABLE_CONFIRM 26
+# define OSSL_CMP_OPT_REVOCATION_REASON 27
+/* CMP protection options: */
+# define OSSL_CMP_OPT_UNPROTECTED_SEND 30
+# define OSSL_CMP_OPT_UNPROTECTED_ERRORS 31
+# define OSSL_CMP_OPT_OWF_ALGNID 32
+# define OSSL_CMP_OPT_MAC_ALGNID 33
+# define OSSL_CMP_OPT_DIGEST_ALGNID 34
+# define OSSL_CMP_OPT_IGNORE_KEYUSAGE 35
+# define OSSL_CMP_OPT_PERMIT_TA_IN_EXTRACERTS_FOR_IR 36
int OSSL_CMP_CTX_set_option(OSSL_CMP_CTX *ctx, int opt, int val);
int OSSL_CMP_CTX_get_option(const OSSL_CMP_CTX *ctx, int opt);
/* CMP-specific callback for logging and outputting the error queue: */
@@ -291,10 +430,12 @@ int OSSL_CMP_CTX_set1_srvCert(OSSL_CMP_CTX *ctx, X509 *cert);
int OSSL_CMP_CTX_set1_expected_sender(OSSL_CMP_CTX *ctx, const X509_NAME *name);
int OSSL_CMP_CTX_set0_trustedStore(OSSL_CMP_CTX *ctx, X509_STORE *store);
X509_STORE *OSSL_CMP_CTX_get0_trustedStore(const OSSL_CMP_CTX *ctx);
-int OSSL_CMP_CTX_set1_untrusted_certs(OSSL_CMP_CTX *ctx, STACK_OF(X509) *certs);
-STACK_OF(X509) *OSSL_CMP_CTX_get0_untrusted_certs(const OSSL_CMP_CTX *ctx);
+int OSSL_CMP_CTX_set1_untrusted(OSSL_CMP_CTX *ctx, STACK_OF(X509) *certs);
+STACK_OF(X509) *OSSL_CMP_CTX_get0_untrusted(const OSSL_CMP_CTX *ctx);
/* client authentication: */
int OSSL_CMP_CTX_set1_cert(OSSL_CMP_CTX *ctx, X509 *cert);
+int OSSL_CMP_CTX_build_cert_chain(OSSL_CMP_CTX *ctx, X509_STORE *own_trusted,
+ STACK_OF(X509) *candidates);
int OSSL_CMP_CTX_set1_pkey(OSSL_CMP_CTX *ctx, EVP_PKEY *pkey);
int OSSL_CMP_CTX_set1_referenceValue(OSSL_CMP_CTX *ctx,
const unsigned char *ref, int len);
@@ -322,6 +463,8 @@ int OSSL_CMP_CTX_push0_genm_ITAV(OSSL_CMP_CTX *ctx, OSSL_CMP_ITAV *itav);
/* certificate confirmation: */
typedef int (*OSSL_CMP_certConf_cb_t) (OSSL_CMP_CTX *ctx, X509 *cert,
int fail_info, const char **txt);
+int OSSL_CMP_certConf_cb(OSSL_CMP_CTX *ctx, X509 *cert, int fail_info,
+ const char **text);
int OSSL_CMP_CTX_set_certConf_cb(OSSL_CMP_CTX *ctx, OSSL_CMP_certConf_cb_t cb);
int OSSL_CMP_CTX_set_certConf_cb_arg(OSSL_CMP_CTX *ctx, void *arg);
void *OSSL_CMP_CTX_get_certConf_cb_arg(const OSSL_CMP_CTX *ctx);
@@ -331,6 +474,7 @@ OSSL_CMP_PKIFREETEXT *OSSL_CMP_CTX_get0_statusString(const OSSL_CMP_CTX *ctx);
int OSSL_CMP_CTX_get_failInfoCode(const OSSL_CMP_CTX *ctx);
# define OSSL_CMP_PKISI_BUFLEN 1024
X509 *OSSL_CMP_CTX_get0_newCert(const OSSL_CMP_CTX *ctx);
+STACK_OF(X509) *OSSL_CMP_CTX_get1_newChain(const OSSL_CMP_CTX *ctx);
STACK_OF(X509) *OSSL_CMP_CTX_get1_caPubs(const OSSL_CMP_CTX *ctx);
STACK_OF(X509) *OSSL_CMP_CTX_get1_extraCertsIn(const OSSL_CMP_CTX *ctx);
int OSSL_CMP_CTX_set1_transactionID(OSSL_CMP_CTX *ctx,
@@ -353,7 +497,12 @@ ASN1_OCTET_STRING *OSSL_CMP_HDR_get0_recipNonce(const OSSL_CMP_PKIHEADER *hdr);
/* from cmp_msg.c */
OSSL_CMP_PKIHEADER *OSSL_CMP_MSG_get0_header(const OSSL_CMP_MSG *msg);
+int OSSL_CMP_MSG_get_bodytype(const OSSL_CMP_MSG *msg);
int OSSL_CMP_MSG_update_transactionID(OSSL_CMP_CTX *ctx, OSSL_CMP_MSG *msg);
+OSSL_CRMF_MSG *OSSL_CMP_CTX_setup_CRM(OSSL_CMP_CTX *ctx, int for_KUR, int rid);
+OSSL_CMP_MSG *OSSL_CMP_MSG_read(const char *file, OSSL_LIB_CTX *libctx,
+ const char *propq);
+int OSSL_CMP_MSG_write(const char *file, const OSSL_CMP_MSG *msg);
OSSL_CMP_MSG *d2i_OSSL_CMP_MSG_bio(BIO *bio, OSSL_CMP_MSG **msg);
int i2d_OSSL_CMP_MSG_bio(BIO *bio, const OSSL_CMP_MSG *msg);
@@ -372,7 +521,7 @@ OSSL_CMP_MSG *OSSL_CMP_SRV_process_request(OSSL_CMP_SRV_CTX *srv_ctx,
const OSSL_CMP_MSG *req);
OSSL_CMP_MSG * OSSL_CMP_CTX_server_perform(OSSL_CMP_CTX *client_ctx,
const OSSL_CMP_MSG *req);
-OSSL_CMP_SRV_CTX *OSSL_CMP_SRV_CTX_new(void);
+OSSL_CMP_SRV_CTX *OSSL_CMP_SRV_CTX_new(OSSL_LIB_CTX *libctx, const char *propq);
void OSSL_CMP_SRV_CTX_free(OSSL_CMP_SRV_CTX *srv_ctx);
typedef OSSL_CMP_PKISI *(*OSSL_CMP_SRV_cert_request_cb_t)
(OSSL_CMP_SRV_CTX *srv_ctx, const OSSL_CMP_MSG *req, int certReqId,
@@ -417,18 +566,23 @@ int OSSL_CMP_SRV_CTX_set_grant_implicit_confirm(OSSL_CMP_SRV_CTX *srv_ctx,
int val);
/* from cmp_client.c */
-X509 *OSSL_CMP_exec_IR_ses(OSSL_CMP_CTX *ctx);
-X509 *OSSL_CMP_exec_CR_ses(OSSL_CMP_CTX *ctx);
-X509 *OSSL_CMP_exec_P10CR_ses(OSSL_CMP_CTX *ctx);
-X509 *OSSL_CMP_exec_KUR_ses(OSSL_CMP_CTX *ctx);
-# define OSSL_CMP_IR OSSL_CMP_PKIBODY_IR
-# define OSSL_CMP_CR OSSL_CMP_PKIBODY_CR
-# define OSSL_CMP_P10CR OSSL_CMP_PKIBODY_P10CR
-# define OSSL_CMP_KUR OSSL_CMP_PKIBODY_KUR
-int OSSL_CMP_try_certreq(OSSL_CMP_CTX *ctx, int req_type, int *checkAfter);
-int OSSL_CMP_certConf_cb(OSSL_CMP_CTX *ctx, X509 *cert, int fail_info,
- const char **text);
-X509 *OSSL_CMP_exec_RR_ses(OSSL_CMP_CTX *ctx);
+X509 *OSSL_CMP_exec_certreq(OSSL_CMP_CTX *ctx, int req_type,
+ const OSSL_CRMF_MSG *crm);
+# define OSSL_CMP_IR 0
+# define OSSL_CMP_CR 2
+# define OSSL_CMP_P10CR 4
+# define OSSL_CMP_KUR 7
+# define OSSL_CMP_exec_IR_ses(ctx) \
+ OSSL_CMP_exec_certreq(ctx, OSSL_CMP_IR, NULL)
+# define OSSL_CMP_exec_CR_ses(ctx) \
+ OSSL_CMP_exec_certreq(ctx, OSSL_CMP_CR, NULL)
+# define OSSL_CMP_exec_P10CR_ses(ctx) \
+ OSSL_CMP_exec_certreq(ctx, OSSL_CMP_P10CR, NULL)
+# define OSSL_CMP_exec_KUR_ses(ctx) \
+ OSSL_CMP_exec_certreq(ctx, OSSL_CMP_KUR, NULL)
+int OSSL_CMP_try_certreq(OSSL_CMP_CTX *ctx, int req_type,
+ const OSSL_CRMF_MSG *crm, int *checkAfter);
+int OSSL_CMP_exec_RR_ses(OSSL_CMP_CTX *ctx);
STACK_OF(OSSL_CMP_ITAV) *OSSL_CMP_exec_GENM_ses(OSSL_CMP_CTX *ctx);
# ifdef __cplusplus
diff --git a/openssl/include/openssl/cmp_util.h b/openssl/include/openssl/cmp_util.h
index 2651b847..b1efb13d 100644..100755
--- a/openssl/include/openssl/cmp_util.h
+++ b/openssl/include/openssl/cmp_util.h
@@ -1,5 +1,5 @@
/*
- * Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2007-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright Nokia 2007-2019
* Copyright Siemens AG 2015-2019
*
@@ -11,6 +11,7 @@
#ifndef OPENSSL_CMP_UTIL_H
# define OPENSSL_CMP_UTIL_H
+# pragma once
# include <openssl/opensslconf.h>
# ifndef OPENSSL_NO_CMP
@@ -38,6 +39,8 @@ typedef int OSSL_CMP_severity;
# define OSSL_CMP_LOG_NOTICE 5
# define OSSL_CMP_LOG_INFO 6
# define OSSL_CMP_LOG_DEBUG 7
+# define OSSL_CMP_LOG_TRACE 8
+# define OSSL_CMP_LOG_MAX OSSL_CMP_LOG_TRACE
typedef int (*OSSL_CMP_log_cb_t)(const char *func, const char *file, int line,
OSSL_CMP_severity level, const char *msg);
diff --git a/openssl/include/openssl/cmperr.h b/openssl/include/openssl/cmperr.h
index 7bdf2e3e..a0dbea28 100644..100755
--- a/openssl/include/openssl/cmperr.h
+++ b/openssl/include/openssl/cmperr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -14,22 +14,11 @@
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
+# include <openssl/cryptoerr_legacy.h>
-# include <openssl/opensslconf.h>
-
# ifndef OPENSSL_NO_CMP
-# ifdef __cplusplus
-extern "C"
-# endif
-int ERR_load_CMP_strings(void);
-
-/*
- * CMP function codes.
- */
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# endif
/*
* CMP reason codes.
@@ -45,19 +34,15 @@ int ERR_load_CMP_strings(void);
# define CMP_R_CERTRESPONSE_NOT_FOUND 113
# define CMP_R_CERT_AND_KEY_DO_NOT_MATCH 114
# define CMP_R_CHECKAFTER_OUT_OF_RANGE 181
-# define CMP_R_CHECKING_PBM_NO_SECRET_AVAILABLE 166
# define CMP_R_ENCOUNTERED_KEYUPDATEWARNING 176
# define CMP_R_ENCOUNTERED_WAITING 162
# define CMP_R_ERROR_CALCULATING_PROTECTION 115
# define CMP_R_ERROR_CREATING_CERTCONF 116
# define CMP_R_ERROR_CREATING_CERTREP 117
-# define CMP_R_ERROR_CREATING_CR 163
+# define CMP_R_ERROR_CREATING_CERTREQ 163
# define CMP_R_ERROR_CREATING_ERROR 118
# define CMP_R_ERROR_CREATING_GENM 119
# define CMP_R_ERROR_CREATING_GENP 120
-# define CMP_R_ERROR_CREATING_IR 164
-# define CMP_R_ERROR_CREATING_KUR 165
-# define CMP_R_ERROR_CREATING_P10CR 121
# define CMP_R_ERROR_CREATING_PKICONF 122
# define CMP_R_ERROR_CREATING_POLLREP 123
# define CMP_R_ERROR_CREATING_POLLREQ 124
@@ -70,13 +55,17 @@ int ERR_load_CMP_strings(void);
# define CMP_R_ERROR_UNEXPECTED_CERTCONF 160
# define CMP_R_ERROR_VALIDATING_PROTECTION 140
# define CMP_R_ERROR_VALIDATING_SIGNATURE 171
+# define CMP_R_FAILED_BUILDING_OWN_CHAIN 164
# define CMP_R_FAILED_EXTRACTING_PUBKEY 141
# define CMP_R_FAILURE_OBTAINING_RANDOM 110
# define CMP_R_FAIL_INFO_OUT_OF_RANGE 129
# define CMP_R_INVALID_ARGS 100
# define CMP_R_INVALID_OPTION 174
+# define CMP_R_MISSING_CERTID 165
# define CMP_R_MISSING_KEY_INPUT_FOR_CREATING_PROTECTION 130
# define CMP_R_MISSING_KEY_USAGE_DIGITALSIGNATURE 142
+# define CMP_R_MISSING_P10CSR 121
+# define CMP_R_MISSING_PBM_SECRET 166
# define CMP_R_MISSING_PRIVATE_KEY 131
# define CMP_R_MISSING_PROTECTION 143
# define CMP_R_MISSING_REFERENCE_CERT 168
@@ -113,6 +102,7 @@ int ERR_load_CMP_strings(void);
# define CMP_R_VALUE_TOO_LARGE 175
# define CMP_R_VALUE_TOO_SMALL 177
# define CMP_R_WRONG_ALGORITHM_OID 138
+# define CMP_R_WRONG_CERTID 189
# define CMP_R_WRONG_CERTID_IN_RP 187
# define CMP_R_WRONG_PBM_VALUE 155
# define CMP_R_WRONG_RP_COMPONENT_COUNT 188
diff --git a/openssl/include/openssl/cms.h b/openssl/include/openssl/cms.h
index c5ea3919..1d54675e 100644..100755
--- a/openssl/include/openssl/cms.h
+++ b/openssl/include/openssl/cms.h
@@ -1,5 +1,8 @@
/*
- * Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * WARNING: do not edit!
+ * Generated by makefile from include\openssl\cms.h.in
+ *
+ * Copyright 2008-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -7,6 +10,8 @@
* https://www.openssl.org/source/license.html
*/
+
+
#ifndef OPENSSL_CMS_H
# define OPENSSL_CMS_H
# pragma once
@@ -36,15 +41,118 @@ typedef struct CMS_Receipt_st CMS_Receipt;
typedef struct CMS_RecipientEncryptedKey_st CMS_RecipientEncryptedKey;
typedef struct CMS_OtherKeyAttribute_st CMS_OtherKeyAttribute;
-DEFINE_OR_DECLARE_STACK_OF(CMS_SignerInfo)
-DEFINE_OR_DECLARE_STACK_OF(CMS_RecipientEncryptedKey)
-DEFINE_OR_DECLARE_STACK_OF(CMS_RecipientInfo)
-DEFINE_OR_DECLARE_STACK_OF(CMS_RevocationInfoChoice)
+SKM_DEFINE_STACK_OF_INTERNAL(CMS_SignerInfo, CMS_SignerInfo, CMS_SignerInfo)
+#define sk_CMS_SignerInfo_num(sk) OPENSSL_sk_num(ossl_check_const_CMS_SignerInfo_sk_type(sk))
+#define sk_CMS_SignerInfo_value(sk, idx) ((CMS_SignerInfo *)OPENSSL_sk_value(ossl_check_const_CMS_SignerInfo_sk_type(sk), (idx)))
+#define sk_CMS_SignerInfo_new(cmp) ((STACK_OF(CMS_SignerInfo) *)OPENSSL_sk_new(ossl_check_CMS_SignerInfo_compfunc_type(cmp)))
+#define sk_CMS_SignerInfo_new_null() ((STACK_OF(CMS_SignerInfo) *)OPENSSL_sk_new_null())
+#define sk_CMS_SignerInfo_new_reserve(cmp, n) ((STACK_OF(CMS_SignerInfo) *)OPENSSL_sk_new_reserve(ossl_check_CMS_SignerInfo_compfunc_type(cmp), (n)))
+#define sk_CMS_SignerInfo_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_CMS_SignerInfo_sk_type(sk), (n))
+#define sk_CMS_SignerInfo_free(sk) OPENSSL_sk_free(ossl_check_CMS_SignerInfo_sk_type(sk))
+#define sk_CMS_SignerInfo_zero(sk) OPENSSL_sk_zero(ossl_check_CMS_SignerInfo_sk_type(sk))
+#define sk_CMS_SignerInfo_delete(sk, i) ((CMS_SignerInfo *)OPENSSL_sk_delete(ossl_check_CMS_SignerInfo_sk_type(sk), (i)))
+#define sk_CMS_SignerInfo_delete_ptr(sk, ptr) ((CMS_SignerInfo *)OPENSSL_sk_delete_ptr(ossl_check_CMS_SignerInfo_sk_type(sk), ossl_check_CMS_SignerInfo_type(ptr)))
+#define sk_CMS_SignerInfo_push(sk, ptr) OPENSSL_sk_push(ossl_check_CMS_SignerInfo_sk_type(sk), ossl_check_CMS_SignerInfo_type(ptr))
+#define sk_CMS_SignerInfo_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_CMS_SignerInfo_sk_type(sk), ossl_check_CMS_SignerInfo_type(ptr))
+#define sk_CMS_SignerInfo_pop(sk) ((CMS_SignerInfo *)OPENSSL_sk_pop(ossl_check_CMS_SignerInfo_sk_type(sk)))
+#define sk_CMS_SignerInfo_shift(sk) ((CMS_SignerInfo *)OPENSSL_sk_shift(ossl_check_CMS_SignerInfo_sk_type(sk)))
+#define sk_CMS_SignerInfo_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_CMS_SignerInfo_sk_type(sk),ossl_check_CMS_SignerInfo_freefunc_type(freefunc))
+#define sk_CMS_SignerInfo_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_CMS_SignerInfo_sk_type(sk), ossl_check_CMS_SignerInfo_type(ptr), (idx))
+#define sk_CMS_SignerInfo_set(sk, idx, ptr) ((CMS_SignerInfo *)OPENSSL_sk_set(ossl_check_CMS_SignerInfo_sk_type(sk), (idx), ossl_check_CMS_SignerInfo_type(ptr)))
+#define sk_CMS_SignerInfo_find(sk, ptr) OPENSSL_sk_find(ossl_check_CMS_SignerInfo_sk_type(sk), ossl_check_CMS_SignerInfo_type(ptr))
+#define sk_CMS_SignerInfo_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_CMS_SignerInfo_sk_type(sk), ossl_check_CMS_SignerInfo_type(ptr))
+#define sk_CMS_SignerInfo_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_CMS_SignerInfo_sk_type(sk), ossl_check_CMS_SignerInfo_type(ptr), pnum)
+#define sk_CMS_SignerInfo_sort(sk) OPENSSL_sk_sort(ossl_check_CMS_SignerInfo_sk_type(sk))
+#define sk_CMS_SignerInfo_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_CMS_SignerInfo_sk_type(sk))
+#define sk_CMS_SignerInfo_dup(sk) ((STACK_OF(CMS_SignerInfo) *)OPENSSL_sk_dup(ossl_check_const_CMS_SignerInfo_sk_type(sk)))
+#define sk_CMS_SignerInfo_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(CMS_SignerInfo) *)OPENSSL_sk_deep_copy(ossl_check_const_CMS_SignerInfo_sk_type(sk), ossl_check_CMS_SignerInfo_copyfunc_type(copyfunc), ossl_check_CMS_SignerInfo_freefunc_type(freefunc)))
+#define sk_CMS_SignerInfo_set_cmp_func(sk, cmp) ((sk_CMS_SignerInfo_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_CMS_SignerInfo_sk_type(sk), ossl_check_CMS_SignerInfo_compfunc_type(cmp)))
+SKM_DEFINE_STACK_OF_INTERNAL(CMS_RecipientEncryptedKey, CMS_RecipientEncryptedKey, CMS_RecipientEncryptedKey)
+#define sk_CMS_RecipientEncryptedKey_num(sk) OPENSSL_sk_num(ossl_check_const_CMS_RecipientEncryptedKey_sk_type(sk))
+#define sk_CMS_RecipientEncryptedKey_value(sk, idx) ((CMS_RecipientEncryptedKey *)OPENSSL_sk_value(ossl_check_const_CMS_RecipientEncryptedKey_sk_type(sk), (idx)))
+#define sk_CMS_RecipientEncryptedKey_new(cmp) ((STACK_OF(CMS_RecipientEncryptedKey) *)OPENSSL_sk_new(ossl_check_CMS_RecipientEncryptedKey_compfunc_type(cmp)))
+#define sk_CMS_RecipientEncryptedKey_new_null() ((STACK_OF(CMS_RecipientEncryptedKey) *)OPENSSL_sk_new_null())
+#define sk_CMS_RecipientEncryptedKey_new_reserve(cmp, n) ((STACK_OF(CMS_RecipientEncryptedKey) *)OPENSSL_sk_new_reserve(ossl_check_CMS_RecipientEncryptedKey_compfunc_type(cmp), (n)))
+#define sk_CMS_RecipientEncryptedKey_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_CMS_RecipientEncryptedKey_sk_type(sk), (n))
+#define sk_CMS_RecipientEncryptedKey_free(sk) OPENSSL_sk_free(ossl_check_CMS_RecipientEncryptedKey_sk_type(sk))
+#define sk_CMS_RecipientEncryptedKey_zero(sk) OPENSSL_sk_zero(ossl_check_CMS_RecipientEncryptedKey_sk_type(sk))
+#define sk_CMS_RecipientEncryptedKey_delete(sk, i) ((CMS_RecipientEncryptedKey *)OPENSSL_sk_delete(ossl_check_CMS_RecipientEncryptedKey_sk_type(sk), (i)))
+#define sk_CMS_RecipientEncryptedKey_delete_ptr(sk, ptr) ((CMS_RecipientEncryptedKey *)OPENSSL_sk_delete_ptr(ossl_check_CMS_RecipientEncryptedKey_sk_type(sk), ossl_check_CMS_RecipientEncryptedKey_type(ptr)))
+#define sk_CMS_RecipientEncryptedKey_push(sk, ptr) OPENSSL_sk_push(ossl_check_CMS_RecipientEncryptedKey_sk_type(sk), ossl_check_CMS_RecipientEncryptedKey_type(ptr))
+#define sk_CMS_RecipientEncryptedKey_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_CMS_RecipientEncryptedKey_sk_type(sk), ossl_check_CMS_RecipientEncryptedKey_type(ptr))
+#define sk_CMS_RecipientEncryptedKey_pop(sk) ((CMS_RecipientEncryptedKey *)OPENSSL_sk_pop(ossl_check_CMS_RecipientEncryptedKey_sk_type(sk)))
+#define sk_CMS_RecipientEncryptedKey_shift(sk) ((CMS_RecipientEncryptedKey *)OPENSSL_sk_shift(ossl_check_CMS_RecipientEncryptedKey_sk_type(sk)))
+#define sk_CMS_RecipientEncryptedKey_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_CMS_RecipientEncryptedKey_sk_type(sk),ossl_check_CMS_RecipientEncryptedKey_freefunc_type(freefunc))
+#define sk_CMS_RecipientEncryptedKey_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_CMS_RecipientEncryptedKey_sk_type(sk), ossl_check_CMS_RecipientEncryptedKey_type(ptr), (idx))
+#define sk_CMS_RecipientEncryptedKey_set(sk, idx, ptr) ((CMS_RecipientEncryptedKey *)OPENSSL_sk_set(ossl_check_CMS_RecipientEncryptedKey_sk_type(sk), (idx), ossl_check_CMS_RecipientEncryptedKey_type(ptr)))
+#define sk_CMS_RecipientEncryptedKey_find(sk, ptr) OPENSSL_sk_find(ossl_check_CMS_RecipientEncryptedKey_sk_type(sk), ossl_check_CMS_RecipientEncryptedKey_type(ptr))
+#define sk_CMS_RecipientEncryptedKey_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_CMS_RecipientEncryptedKey_sk_type(sk), ossl_check_CMS_RecipientEncryptedKey_type(ptr))
+#define sk_CMS_RecipientEncryptedKey_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_CMS_RecipientEncryptedKey_sk_type(sk), ossl_check_CMS_RecipientEncryptedKey_type(ptr), pnum)
+#define sk_CMS_RecipientEncryptedKey_sort(sk) OPENSSL_sk_sort(ossl_check_CMS_RecipientEncryptedKey_sk_type(sk))
+#define sk_CMS_RecipientEncryptedKey_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_CMS_RecipientEncryptedKey_sk_type(sk))
+#define sk_CMS_RecipientEncryptedKey_dup(sk) ((STACK_OF(CMS_RecipientEncryptedKey) *)OPENSSL_sk_dup(ossl_check_const_CMS_RecipientEncryptedKey_sk_type(sk)))
+#define sk_CMS_RecipientEncryptedKey_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(CMS_RecipientEncryptedKey) *)OPENSSL_sk_deep_copy(ossl_check_const_CMS_RecipientEncryptedKey_sk_type(sk), ossl_check_CMS_RecipientEncryptedKey_copyfunc_type(copyfunc), ossl_check_CMS_RecipientEncryptedKey_freefunc_type(freefunc)))
+#define sk_CMS_RecipientEncryptedKey_set_cmp_func(sk, cmp) ((sk_CMS_RecipientEncryptedKey_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_CMS_RecipientEncryptedKey_sk_type(sk), ossl_check_CMS_RecipientEncryptedKey_compfunc_type(cmp)))
+SKM_DEFINE_STACK_OF_INTERNAL(CMS_RecipientInfo, CMS_RecipientInfo, CMS_RecipientInfo)
+#define sk_CMS_RecipientInfo_num(sk) OPENSSL_sk_num(ossl_check_const_CMS_RecipientInfo_sk_type(sk))
+#define sk_CMS_RecipientInfo_value(sk, idx) ((CMS_RecipientInfo *)OPENSSL_sk_value(ossl_check_const_CMS_RecipientInfo_sk_type(sk), (idx)))
+#define sk_CMS_RecipientInfo_new(cmp) ((STACK_OF(CMS_RecipientInfo) *)OPENSSL_sk_new(ossl_check_CMS_RecipientInfo_compfunc_type(cmp)))
+#define sk_CMS_RecipientInfo_new_null() ((STACK_OF(CMS_RecipientInfo) *)OPENSSL_sk_new_null())
+#define sk_CMS_RecipientInfo_new_reserve(cmp, n) ((STACK_OF(CMS_RecipientInfo) *)OPENSSL_sk_new_reserve(ossl_check_CMS_RecipientInfo_compfunc_type(cmp), (n)))
+#define sk_CMS_RecipientInfo_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_CMS_RecipientInfo_sk_type(sk), (n))
+#define sk_CMS_RecipientInfo_free(sk) OPENSSL_sk_free(ossl_check_CMS_RecipientInfo_sk_type(sk))
+#define sk_CMS_RecipientInfo_zero(sk) OPENSSL_sk_zero(ossl_check_CMS_RecipientInfo_sk_type(sk))
+#define sk_CMS_RecipientInfo_delete(sk, i) ((CMS_RecipientInfo *)OPENSSL_sk_delete(ossl_check_CMS_RecipientInfo_sk_type(sk), (i)))
+#define sk_CMS_RecipientInfo_delete_ptr(sk, ptr) ((CMS_RecipientInfo *)OPENSSL_sk_delete_ptr(ossl_check_CMS_RecipientInfo_sk_type(sk), ossl_check_CMS_RecipientInfo_type(ptr)))
+#define sk_CMS_RecipientInfo_push(sk, ptr) OPENSSL_sk_push(ossl_check_CMS_RecipientInfo_sk_type(sk), ossl_check_CMS_RecipientInfo_type(ptr))
+#define sk_CMS_RecipientInfo_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_CMS_RecipientInfo_sk_type(sk), ossl_check_CMS_RecipientInfo_type(ptr))
+#define sk_CMS_RecipientInfo_pop(sk) ((CMS_RecipientInfo *)OPENSSL_sk_pop(ossl_check_CMS_RecipientInfo_sk_type(sk)))
+#define sk_CMS_RecipientInfo_shift(sk) ((CMS_RecipientInfo *)OPENSSL_sk_shift(ossl_check_CMS_RecipientInfo_sk_type(sk)))
+#define sk_CMS_RecipientInfo_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_CMS_RecipientInfo_sk_type(sk),ossl_check_CMS_RecipientInfo_freefunc_type(freefunc))
+#define sk_CMS_RecipientInfo_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_CMS_RecipientInfo_sk_type(sk), ossl_check_CMS_RecipientInfo_type(ptr), (idx))
+#define sk_CMS_RecipientInfo_set(sk, idx, ptr) ((CMS_RecipientInfo *)OPENSSL_sk_set(ossl_check_CMS_RecipientInfo_sk_type(sk), (idx), ossl_check_CMS_RecipientInfo_type(ptr)))
+#define sk_CMS_RecipientInfo_find(sk, ptr) OPENSSL_sk_find(ossl_check_CMS_RecipientInfo_sk_type(sk), ossl_check_CMS_RecipientInfo_type(ptr))
+#define sk_CMS_RecipientInfo_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_CMS_RecipientInfo_sk_type(sk), ossl_check_CMS_RecipientInfo_type(ptr))
+#define sk_CMS_RecipientInfo_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_CMS_RecipientInfo_sk_type(sk), ossl_check_CMS_RecipientInfo_type(ptr), pnum)
+#define sk_CMS_RecipientInfo_sort(sk) OPENSSL_sk_sort(ossl_check_CMS_RecipientInfo_sk_type(sk))
+#define sk_CMS_RecipientInfo_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_CMS_RecipientInfo_sk_type(sk))
+#define sk_CMS_RecipientInfo_dup(sk) ((STACK_OF(CMS_RecipientInfo) *)OPENSSL_sk_dup(ossl_check_const_CMS_RecipientInfo_sk_type(sk)))
+#define sk_CMS_RecipientInfo_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(CMS_RecipientInfo) *)OPENSSL_sk_deep_copy(ossl_check_const_CMS_RecipientInfo_sk_type(sk), ossl_check_CMS_RecipientInfo_copyfunc_type(copyfunc), ossl_check_CMS_RecipientInfo_freefunc_type(freefunc)))
+#define sk_CMS_RecipientInfo_set_cmp_func(sk, cmp) ((sk_CMS_RecipientInfo_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_CMS_RecipientInfo_sk_type(sk), ossl_check_CMS_RecipientInfo_compfunc_type(cmp)))
+SKM_DEFINE_STACK_OF_INTERNAL(CMS_RevocationInfoChoice, CMS_RevocationInfoChoice, CMS_RevocationInfoChoice)
+#define sk_CMS_RevocationInfoChoice_num(sk) OPENSSL_sk_num(ossl_check_const_CMS_RevocationInfoChoice_sk_type(sk))
+#define sk_CMS_RevocationInfoChoice_value(sk, idx) ((CMS_RevocationInfoChoice *)OPENSSL_sk_value(ossl_check_const_CMS_RevocationInfoChoice_sk_type(sk), (idx)))
+#define sk_CMS_RevocationInfoChoice_new(cmp) ((STACK_OF(CMS_RevocationInfoChoice) *)OPENSSL_sk_new(ossl_check_CMS_RevocationInfoChoice_compfunc_type(cmp)))
+#define sk_CMS_RevocationInfoChoice_new_null() ((STACK_OF(CMS_RevocationInfoChoice) *)OPENSSL_sk_new_null())
+#define sk_CMS_RevocationInfoChoice_new_reserve(cmp, n) ((STACK_OF(CMS_RevocationInfoChoice) *)OPENSSL_sk_new_reserve(ossl_check_CMS_RevocationInfoChoice_compfunc_type(cmp), (n)))
+#define sk_CMS_RevocationInfoChoice_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_CMS_RevocationInfoChoice_sk_type(sk), (n))
+#define sk_CMS_RevocationInfoChoice_free(sk) OPENSSL_sk_free(ossl_check_CMS_RevocationInfoChoice_sk_type(sk))
+#define sk_CMS_RevocationInfoChoice_zero(sk) OPENSSL_sk_zero(ossl_check_CMS_RevocationInfoChoice_sk_type(sk))
+#define sk_CMS_RevocationInfoChoice_delete(sk, i) ((CMS_RevocationInfoChoice *)OPENSSL_sk_delete(ossl_check_CMS_RevocationInfoChoice_sk_type(sk), (i)))
+#define sk_CMS_RevocationInfoChoice_delete_ptr(sk, ptr) ((CMS_RevocationInfoChoice *)OPENSSL_sk_delete_ptr(ossl_check_CMS_RevocationInfoChoice_sk_type(sk), ossl_check_CMS_RevocationInfoChoice_type(ptr)))
+#define sk_CMS_RevocationInfoChoice_push(sk, ptr) OPENSSL_sk_push(ossl_check_CMS_RevocationInfoChoice_sk_type(sk), ossl_check_CMS_RevocationInfoChoice_type(ptr))
+#define sk_CMS_RevocationInfoChoice_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_CMS_RevocationInfoChoice_sk_type(sk), ossl_check_CMS_RevocationInfoChoice_type(ptr))
+#define sk_CMS_RevocationInfoChoice_pop(sk) ((CMS_RevocationInfoChoice *)OPENSSL_sk_pop(ossl_check_CMS_RevocationInfoChoice_sk_type(sk)))
+#define sk_CMS_RevocationInfoChoice_shift(sk) ((CMS_RevocationInfoChoice *)OPENSSL_sk_shift(ossl_check_CMS_RevocationInfoChoice_sk_type(sk)))
+#define sk_CMS_RevocationInfoChoice_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_CMS_RevocationInfoChoice_sk_type(sk),ossl_check_CMS_RevocationInfoChoice_freefunc_type(freefunc))
+#define sk_CMS_RevocationInfoChoice_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_CMS_RevocationInfoChoice_sk_type(sk), ossl_check_CMS_RevocationInfoChoice_type(ptr), (idx))
+#define sk_CMS_RevocationInfoChoice_set(sk, idx, ptr) ((CMS_RevocationInfoChoice *)OPENSSL_sk_set(ossl_check_CMS_RevocationInfoChoice_sk_type(sk), (idx), ossl_check_CMS_RevocationInfoChoice_type(ptr)))
+#define sk_CMS_RevocationInfoChoice_find(sk, ptr) OPENSSL_sk_find(ossl_check_CMS_RevocationInfoChoice_sk_type(sk), ossl_check_CMS_RevocationInfoChoice_type(ptr))
+#define sk_CMS_RevocationInfoChoice_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_CMS_RevocationInfoChoice_sk_type(sk), ossl_check_CMS_RevocationInfoChoice_type(ptr))
+#define sk_CMS_RevocationInfoChoice_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_CMS_RevocationInfoChoice_sk_type(sk), ossl_check_CMS_RevocationInfoChoice_type(ptr), pnum)
+#define sk_CMS_RevocationInfoChoice_sort(sk) OPENSSL_sk_sort(ossl_check_CMS_RevocationInfoChoice_sk_type(sk))
+#define sk_CMS_RevocationInfoChoice_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_CMS_RevocationInfoChoice_sk_type(sk))
+#define sk_CMS_RevocationInfoChoice_dup(sk) ((STACK_OF(CMS_RevocationInfoChoice) *)OPENSSL_sk_dup(ossl_check_const_CMS_RevocationInfoChoice_sk_type(sk)))
+#define sk_CMS_RevocationInfoChoice_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(CMS_RevocationInfoChoice) *)OPENSSL_sk_deep_copy(ossl_check_const_CMS_RevocationInfoChoice_sk_type(sk), ossl_check_CMS_RevocationInfoChoice_copyfunc_type(copyfunc), ossl_check_CMS_RevocationInfoChoice_freefunc_type(freefunc)))
+#define sk_CMS_RevocationInfoChoice_set_cmp_func(sk, cmp) ((sk_CMS_RevocationInfoChoice_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_CMS_RevocationInfoChoice_sk_type(sk), ossl_check_CMS_RevocationInfoChoice_compfunc_type(cmp)))
+
DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
DECLARE_ASN1_FUNCTIONS(CMS_ReceiptRequest)
DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
+CMS_ContentInfo *CMS_ContentInfo_new_ex(OSSL_LIB_CTX *libctx, const char *propq);
+
# define CMS_SIGNERINFO_ISSUER_SERIAL 0
# define CMS_SIGNERINFO_KEYIDENTIFIER 1
@@ -104,6 +212,7 @@ int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags);
int PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *in,
int flags);
CMS_ContentInfo *SMIME_read_CMS(BIO *bio, BIO **bcont);
+CMS_ContentInfo *SMIME_read_CMS_ex(BIO *bio, int flags, BIO **bcont, CMS_ContentInfo **ci);
int SMIME_write_CMS(BIO *bio, CMS_ContentInfo *cms, BIO *data, int flags);
int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont,
@@ -112,6 +221,10 @@ int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont,
CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey,
STACK_OF(X509) *certs, BIO *data,
unsigned int flags);
+CMS_ContentInfo *CMS_sign_ex(X509 *signcert, EVP_PKEY *pkey,
+ STACK_OF(X509) *certs, BIO *data,
+ unsigned int flags, OSSL_LIB_CTX *ctx,
+ const char *propq);
CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
X509 *signcert, EVP_PKEY *pkey,
@@ -119,11 +232,16 @@ CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags);
CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags);
+CMS_ContentInfo *CMS_data_create_ex(BIO *in, unsigned int flags,
+ OSSL_LIB_CTX *ctx, const char *propq);
int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
unsigned int flags);
CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md,
unsigned int flags);
+CMS_ContentInfo *CMS_digest_create_ex(BIO *in, const EVP_MD *md,
+ unsigned int flags, OSSL_LIB_CTX *ctx,
+ const char *propq);
int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms,
const unsigned char *key, size_t keylen,
@@ -132,6 +250,11 @@ int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms,
CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
const unsigned char *key,
size_t keylen, unsigned int flags);
+CMS_ContentInfo *CMS_EncryptedData_encrypt_ex(BIO *in, const EVP_CIPHER *cipher,
+ const unsigned char *key,
+ size_t keylen, unsigned int flags,
+ OSSL_LIB_CTX *ctx,
+ const char *propq);
int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph,
const unsigned char *key, size_t keylen);
@@ -147,12 +270,16 @@ STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms);
CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in,
const EVP_CIPHER *cipher, unsigned int flags);
+CMS_ContentInfo *CMS_encrypt_ex(STACK_OF(X509) *certs, BIO *in,
+ const EVP_CIPHER *cipher, unsigned int flags,
+ OSSL_LIB_CTX *ctx, const char *propq);
int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pkey, X509 *cert,
BIO *dcont, BIO *out, unsigned int flags);
int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert);
-int CMS_decrypt_set1_pkey_and_peer(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert, X509 *peer);
+int CMS_decrypt_set1_pkey_and_peer(CMS_ContentInfo *cms, EVP_PKEY *pk,
+ X509 *cert, X509 *peer);
int CMS_decrypt_set1_key(CMS_ContentInfo *cms,
unsigned char *key, size_t keylen,
const unsigned char *id, size_t idlen);
@@ -162,7 +289,15 @@ int CMS_decrypt_set1_password(CMS_ContentInfo *cms,
STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
EVP_PKEY_CTX *CMS_RecipientInfo_get0_pkey_ctx(CMS_RecipientInfo *ri);
+CMS_ContentInfo *CMS_AuthEnvelopedData_create(const EVP_CIPHER *cipher);
+CMS_ContentInfo *
+CMS_AuthEnvelopedData_create_ex(const EVP_CIPHER *cipher, OSSL_LIB_CTX *ctx,
+ const char *propq);
CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher);
+CMS_ContentInfo *CMS_EnvelopedData_create_ex(const EVP_CIPHER *cipher,
+ OSSL_LIB_CTX *ctx,
+ const char *propq);
+
CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms,
X509 *recip, unsigned int flags);
CMS_RecipientInfo *CMS_add1_recipient(CMS_ContentInfo *cms, X509 *recip,
@@ -273,7 +408,8 @@ int CMS_signed_add1_attr_by_NID(CMS_SignerInfo *si,
int CMS_signed_add1_attr_by_txt(CMS_SignerInfo *si,
const char *attrname, int type,
const void *bytes, int len);
-void *CMS_signed_get0_data_by_OBJ(CMS_SignerInfo *si, const ASN1_OBJECT *oid,
+void *CMS_signed_get0_data_by_OBJ(const CMS_SignerInfo *si,
+ const ASN1_OBJECT *oid,
int lastpos, int type);
int CMS_unsigned_get_attr_count(const CMS_SignerInfo *si);
@@ -297,11 +433,16 @@ void *CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
int lastpos, int type);
int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr);
-CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
- int allorfirst,
- STACK_OF(GENERAL_NAMES)
- *receiptList, STACK_OF(GENERAL_NAMES)
- *receiptsTo);
+CMS_ReceiptRequest *CMS_ReceiptRequest_create0(
+ unsigned char *id, int idlen, int allorfirst,
+ STACK_OF(GENERAL_NAMES) *receiptList,
+ STACK_OF(GENERAL_NAMES) *receiptsTo);
+CMS_ReceiptRequest *CMS_ReceiptRequest_create0_ex(
+ unsigned char *id, int idlen, int allorfirst,
+ STACK_OF(GENERAL_NAMES) *receiptList,
+ STACK_OF(GENERAL_NAMES) *receiptsTo,
+ OSSL_LIB_CTX *ctx);
+
int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr);
void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr,
ASN1_STRING **pcid,
diff --git a/openssl/include/openssl/cmserr.h b/openssl/include/openssl/cmserr.h
index e6565725..90115144 100644..100755
--- a/openssl/include/openssl/cmserr.h
+++ b/openssl/include/openssl/cmserr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -14,114 +14,11 @@
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
+# include <openssl/cryptoerr_legacy.h>
-# include <openssl/opensslconf.h>
-
# ifndef OPENSSL_NO_CMS
-# ifdef __cplusplus
-extern "C"
-# endif
-int ERR_load_CMS_strings(void);
-
-/*
- * CMS function codes.
- */
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define CMS_F_CHECK_CONTENT 0
-# define CMS_F_CMS_ADD0_CERT 0
-# define CMS_F_CMS_ADD0_RECIPIENT_KEY 0
-# define CMS_F_CMS_ADD0_RECIPIENT_PASSWORD 0
-# define CMS_F_CMS_ADD1_RECEIPTREQUEST 0
-# define CMS_F_CMS_ADD1_RECIPIENT 0
-# define CMS_F_CMS_ADD1_RECIPIENT_CERT 0
-# define CMS_F_CMS_ADD1_SIGNER 0
-# define CMS_F_CMS_ADD1_SIGNINGTIME 0
-# define CMS_F_CMS_ADD1_SIGNING_CERT 0
-# define CMS_F_CMS_ADD1_SIGNING_CERT_V2 0
-# define CMS_F_CMS_COMPRESS 0
-# define CMS_F_CMS_COMPRESSEDDATA_CREATE 0
-# define CMS_F_CMS_COMPRESSEDDATA_INIT_BIO 0
-# define CMS_F_CMS_COPY_CONTENT 0
-# define CMS_F_CMS_COPY_MESSAGEDIGEST 0
-# define CMS_F_CMS_DATA 0
-# define CMS_F_CMS_DATAFINAL 0
-# define CMS_F_CMS_DATAINIT 0
-# define CMS_F_CMS_DECRYPT 0
-# define CMS_F_CMS_DECRYPT_SET1_KEY 0
-# define CMS_F_CMS_DECRYPT_SET1_PASSWORD 0
-# define CMS_F_CMS_DECRYPT_SET1_PKEY 0
-# define CMS_F_CMS_DECRYPT_SET1_PKEY_AND_PEER 0
-# define CMS_F_CMS_DIGESTALGORITHM_FIND_CTX 0
-# define CMS_F_CMS_DIGESTALGORITHM_INIT_BIO 0
-# define CMS_F_CMS_DIGESTEDDATA_DO_FINAL 0
-# define CMS_F_CMS_DIGEST_VERIFY 0
-# define CMS_F_CMS_ENCODE_RECEIPT 0
-# define CMS_F_CMS_ENCRYPT 0
-# define CMS_F_CMS_ENCRYPTEDCONTENT_INIT 0
-# define CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO 0
-# define CMS_F_CMS_ENCRYPTEDDATA_DECRYPT 0
-# define CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT 0
-# define CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY 0
-# define CMS_F_CMS_ENVELOPEDDATA_CREATE 0
-# define CMS_F_CMS_ENVELOPEDDATA_ENCRYPTION_INIT_BIO 0
-# define CMS_F_CMS_ENVELOPEDDATA_FINAL 0
-# define CMS_F_CMS_ENVELOPEDDATA_INIT_BIO 0
-# define CMS_F_CMS_ENVELOPED_DATA_INIT 0
-# define CMS_F_CMS_ENV_ASN1_CTRL 0
-# define CMS_F_CMS_FINAL 0
-# define CMS_F_CMS_GET0_CERTIFICATE_CHOICES 0
-# define CMS_F_CMS_GET0_CONTENT 0
-# define CMS_F_CMS_GET0_ECONTENT_TYPE 0
-# define CMS_F_CMS_GET0_ENVELOPED 0
-# define CMS_F_CMS_GET0_REVOCATION_CHOICES 0
-# define CMS_F_CMS_GET0_SIGNED 0
-# define CMS_F_CMS_MSGSIGDIGEST_ADD1 0
-# define CMS_F_CMS_RECEIPTREQUEST_CREATE0 0
-# define CMS_F_CMS_RECEIPT_VERIFY 0
-# define CMS_F_CMS_RECIPIENTINFO_DECRYPT 0
-# define CMS_F_CMS_RECIPIENTINFO_ENCRYPT 0
-# define CMS_F_CMS_RECIPIENTINFO_KARI_DECRYPT 0
-# define CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT 0
-# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG 0
-# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID 0
-# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_REKS 0
-# define CMS_F_CMS_RECIPIENTINFO_KARI_ORIG_ID_CMP 0
-# define CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT 0
-# define CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT 0
-# define CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID 0
-# define CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP 0
-# define CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP 0
-# define CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT 0
-# define CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT 0
-# define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS 0
-# define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID 0
-# define CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT 0
-# define CMS_F_CMS_RECIPIENTINFO_SET0_KEY 0
-# define CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD 0
-# define CMS_F_CMS_RECIPIENTINFO_SET0_PKEY 0
-# define CMS_F_CMS_SD_ASN1_CTRL 0
-# define CMS_F_CMS_SET1_IAS 0
-# define CMS_F_CMS_SET1_KEYID 0
-# define CMS_F_CMS_SET1_SIGNERIDENTIFIER 0
-# define CMS_F_CMS_SET_DETACHED 0
-# define CMS_F_CMS_SIGN 0
-# define CMS_F_CMS_SIGNED_DATA_INIT 0
-# define CMS_F_CMS_SIGNERINFO_CONTENT_SIGN 0
-# define CMS_F_CMS_SIGNERINFO_GET_CHAIN 0
-# define CMS_F_CMS_SIGNERINFO_SIGN 0
-# define CMS_F_CMS_SIGNERINFO_VERIFY 0
-# define CMS_F_CMS_SIGNERINFO_VERIFY_CERT 0
-# define CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT 0
-# define CMS_F_CMS_SIGN_RECEIPT 0
-# define CMS_F_CMS_SI_CHECK_ATTRIBUTES 0
-# define CMS_F_CMS_STREAM 0
-# define CMS_F_CMS_UNCOMPRESS 0
-# define CMS_F_CMS_VERIFY 0
-# define CMS_F_ESS_CHECK_SIGNING_CERTS 0
-# define CMS_F_KEK_UNWRAP_KEY 0
-# endif
/*
* CMS reason codes.
@@ -131,6 +28,8 @@ int ERR_load_CMS_strings(void);
# define CMS_R_CERTIFICATE_ALREADY_PRESENT 175
# define CMS_R_CERTIFICATE_HAS_NO_KEYID 160
# define CMS_R_CERTIFICATE_VERIFY_ERROR 100
+# define CMS_R_CIPHER_AEAD_SET_TAG_ERROR 184
+# define CMS_R_CIPHER_GET_TAG 185
# define CMS_R_CIPHER_INITIALISATION_ERROR 101
# define CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR 102
# define CMS_R_CMS_DATAFINAL_ERROR 103
@@ -144,16 +43,19 @@ int ERR_load_CMS_strings(void);
# define CMS_R_CONTENT_VERIFY_ERROR 109
# define CMS_R_CTRL_ERROR 110
# define CMS_R_CTRL_FAILURE 111
+# define CMS_R_DECODE_ERROR 187
# define CMS_R_DECRYPT_ERROR 112
# define CMS_R_ERROR_GETTING_PUBLIC_KEY 113
# define CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE 114
# define CMS_R_ERROR_SETTING_KEY 115
# define CMS_R_ERROR_SETTING_RECIPIENTINFO 116
-# define CMS_R_ESS_NO_SIGNING_CERTID_ATTRIBUTE 182
# define CMS_R_ESS_SIGNING_CERTID_MISMATCH_ERROR 183
# define CMS_R_INVALID_ENCRYPTED_KEY_LENGTH 117
# define CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER 176
# define CMS_R_INVALID_KEY_LENGTH 118
+# define CMS_R_INVALID_LABEL 190
+# define CMS_R_INVALID_OAEP_PARAMETERS 191
+# define CMS_R_KDF_PARAMETER_ERROR 186
# define CMS_R_MD_BIO_INIT_ERROR 119
# define CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH 120
# define CMS_R_MESSAGEDIGEST_WRONG_LENGTH 121
@@ -184,9 +86,11 @@ int ERR_load_CMS_strings(void);
# define CMS_R_NO_PUBLIC_KEY 134
# define CMS_R_NO_RECEIPT_REQUEST 168
# define CMS_R_NO_SIGNERS 135
+# define CMS_R_PEER_KEY_ERROR 188
# define CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 136
# define CMS_R_RECEIPT_DECODE_ERROR 169
# define CMS_R_RECIPIENT_ERROR 137
+# define CMS_R_SHARED_INFO_ERROR 189
# define CMS_R_SIGNER_CERTIFICATE_NOT_FOUND 138
# define CMS_R_SIGNFINAL_ERROR 139
# define CMS_R_SMIME_TEXT_ERROR 140
@@ -202,8 +106,10 @@ int ERR_load_CMS_strings(void);
# define CMS_R_UNKNOWN_ID 150
# define CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM 151
# define CMS_R_UNSUPPORTED_CONTENT_TYPE 152
+# define CMS_R_UNSUPPORTED_ENCRYPTION_TYPE 192
# define CMS_R_UNSUPPORTED_KEK_ALGORITHM 153
# define CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM 179
+# define CMS_R_UNSUPPORTED_LABEL_SOURCE 193
# define CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE 155
# define CMS_R_UNSUPPORTED_RECIPIENT_TYPE 154
# define CMS_R_UNSUPPORTED_TYPE 156
diff --git a/openssl/include/openssl/comp.h b/openssl/include/openssl/comp.h
index 2522c485..2522c485 100644..100755
--- a/openssl/include/openssl/comp.h
+++ b/openssl/include/openssl/comp.h
diff --git a/openssl/include/openssl/comperr.h b/openssl/include/openssl/comperr.h
index f12e9c54..de67952e 100644..100755
--- a/openssl/include/openssl/comperr.h
+++ b/openssl/include/openssl/comperr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -14,27 +14,11 @@
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
+# include <openssl/cryptoerr_legacy.h>
-# include <openssl/opensslconf.h>
-
# ifndef OPENSSL_NO_COMP
-# ifdef __cplusplus
-extern "C"
-# endif
-int ERR_load_COMP_strings(void);
-
-/*
- * COMP function codes.
- */
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define COMP_F_BIO_ZLIB_FLUSH 0
-# define COMP_F_BIO_ZLIB_NEW 0
-# define COMP_F_BIO_ZLIB_READ 0
-# define COMP_F_BIO_ZLIB_WRITE 0
-# define COMP_F_COMP_CTX_NEW 0
-# endif
/*
* COMP reason codes.
diff --git a/openssl/include/openssl/conf.h b/openssl/include/openssl/conf.h
index 4022a9b9..3f18eacc 100644..100755
--- a/openssl/include/openssl/conf.h
+++ b/openssl/include/openssl/conf.h
@@ -1,5 +1,8 @@
/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * WARNING: do not edit!
+ * Generated by makefile from include\openssl\conf.h.in
+ *
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -7,6 +10,8 @@
* https://www.openssl.org/source/license.html
*/
+
+
#ifndef OPENSSL_CONF_H
# define OPENSSL_CONF_H
# pragma once
@@ -33,29 +38,58 @@ typedef struct {
char *value;
} CONF_VALUE;
-DEFINE_OR_DECLARE_STACK_OF(CONF_VALUE)
+SKM_DEFINE_STACK_OF_INTERNAL(CONF_VALUE, CONF_VALUE, CONF_VALUE)
+#define sk_CONF_VALUE_num(sk) OPENSSL_sk_num(ossl_check_const_CONF_VALUE_sk_type(sk))
+#define sk_CONF_VALUE_value(sk, idx) ((CONF_VALUE *)OPENSSL_sk_value(ossl_check_const_CONF_VALUE_sk_type(sk), (idx)))
+#define sk_CONF_VALUE_new(cmp) ((STACK_OF(CONF_VALUE) *)OPENSSL_sk_new(ossl_check_CONF_VALUE_compfunc_type(cmp)))
+#define sk_CONF_VALUE_new_null() ((STACK_OF(CONF_VALUE) *)OPENSSL_sk_new_null())
+#define sk_CONF_VALUE_new_reserve(cmp, n) ((STACK_OF(CONF_VALUE) *)OPENSSL_sk_new_reserve(ossl_check_CONF_VALUE_compfunc_type(cmp), (n)))
+#define sk_CONF_VALUE_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_CONF_VALUE_sk_type(sk), (n))
+#define sk_CONF_VALUE_free(sk) OPENSSL_sk_free(ossl_check_CONF_VALUE_sk_type(sk))
+#define sk_CONF_VALUE_zero(sk) OPENSSL_sk_zero(ossl_check_CONF_VALUE_sk_type(sk))
+#define sk_CONF_VALUE_delete(sk, i) ((CONF_VALUE *)OPENSSL_sk_delete(ossl_check_CONF_VALUE_sk_type(sk), (i)))
+#define sk_CONF_VALUE_delete_ptr(sk, ptr) ((CONF_VALUE *)OPENSSL_sk_delete_ptr(ossl_check_CONF_VALUE_sk_type(sk), ossl_check_CONF_VALUE_type(ptr)))
+#define sk_CONF_VALUE_push(sk, ptr) OPENSSL_sk_push(ossl_check_CONF_VALUE_sk_type(sk), ossl_check_CONF_VALUE_type(ptr))
+#define sk_CONF_VALUE_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_CONF_VALUE_sk_type(sk), ossl_check_CONF_VALUE_type(ptr))
+#define sk_CONF_VALUE_pop(sk) ((CONF_VALUE *)OPENSSL_sk_pop(ossl_check_CONF_VALUE_sk_type(sk)))
+#define sk_CONF_VALUE_shift(sk) ((CONF_VALUE *)OPENSSL_sk_shift(ossl_check_CONF_VALUE_sk_type(sk)))
+#define sk_CONF_VALUE_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_CONF_VALUE_sk_type(sk),ossl_check_CONF_VALUE_freefunc_type(freefunc))
+#define sk_CONF_VALUE_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_CONF_VALUE_sk_type(sk), ossl_check_CONF_VALUE_type(ptr), (idx))
+#define sk_CONF_VALUE_set(sk, idx, ptr) ((CONF_VALUE *)OPENSSL_sk_set(ossl_check_CONF_VALUE_sk_type(sk), (idx), ossl_check_CONF_VALUE_type(ptr)))
+#define sk_CONF_VALUE_find(sk, ptr) OPENSSL_sk_find(ossl_check_CONF_VALUE_sk_type(sk), ossl_check_CONF_VALUE_type(ptr))
+#define sk_CONF_VALUE_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_CONF_VALUE_sk_type(sk), ossl_check_CONF_VALUE_type(ptr))
+#define sk_CONF_VALUE_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_CONF_VALUE_sk_type(sk), ossl_check_CONF_VALUE_type(ptr), pnum)
+#define sk_CONF_VALUE_sort(sk) OPENSSL_sk_sort(ossl_check_CONF_VALUE_sk_type(sk))
+#define sk_CONF_VALUE_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_CONF_VALUE_sk_type(sk))
+#define sk_CONF_VALUE_dup(sk) ((STACK_OF(CONF_VALUE) *)OPENSSL_sk_dup(ossl_check_const_CONF_VALUE_sk_type(sk)))
+#define sk_CONF_VALUE_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(CONF_VALUE) *)OPENSSL_sk_deep_copy(ossl_check_const_CONF_VALUE_sk_type(sk), ossl_check_CONF_VALUE_copyfunc_type(copyfunc), ossl_check_CONF_VALUE_freefunc_type(freefunc)))
+#define sk_CONF_VALUE_set_cmp_func(sk, cmp) ((sk_CONF_VALUE_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_CONF_VALUE_sk_type(sk), ossl_check_CONF_VALUE_compfunc_type(cmp)))
+DEFINE_LHASH_OF_INTERNAL(CONF_VALUE);
+#define lh_CONF_VALUE_new(hfn, cmp) ((LHASH_OF(CONF_VALUE) *)OPENSSL_LH_new(ossl_check_CONF_VALUE_lh_hashfunc_type(hfn), ossl_check_CONF_VALUE_lh_compfunc_type(cmp)))
+#define lh_CONF_VALUE_free(lh) OPENSSL_LH_free(ossl_check_CONF_VALUE_lh_type(lh))
+#define lh_CONF_VALUE_flush(lh) OPENSSL_LH_flush(ossl_check_CONF_VALUE_lh_type(lh))
+#define lh_CONF_VALUE_insert(lh, ptr) ((CONF_VALUE *)OPENSSL_LH_insert(ossl_check_CONF_VALUE_lh_type(lh), ossl_check_CONF_VALUE_lh_plain_type(ptr)))
+#define lh_CONF_VALUE_delete(lh, ptr) ((CONF_VALUE *)OPENSSL_LH_delete(ossl_check_CONF_VALUE_lh_type(lh), ossl_check_const_CONF_VALUE_lh_plain_type(ptr)))
+#define lh_CONF_VALUE_retrieve(lh, ptr) ((CONF_VALUE *)OPENSSL_LH_retrieve(ossl_check_CONF_VALUE_lh_type(lh), ossl_check_const_CONF_VALUE_lh_plain_type(ptr)))
+#define lh_CONF_VALUE_error(lh) OPENSSL_LH_error(ossl_check_CONF_VALUE_lh_type(lh))
+#define lh_CONF_VALUE_num_items(lh) OPENSSL_LH_num_items(ossl_check_CONF_VALUE_lh_type(lh))
+#define lh_CONF_VALUE_node_stats_bio(lh, out) OPENSSL_LH_node_stats_bio(ossl_check_const_CONF_VALUE_lh_type(lh), out)
+#define lh_CONF_VALUE_node_usage_stats_bio(lh, out) OPENSSL_LH_node_usage_stats_bio(ossl_check_const_CONF_VALUE_lh_type(lh), out)
+#define lh_CONF_VALUE_stats_bio(lh, out) OPENSSL_LH_stats_bio(ossl_check_const_CONF_VALUE_lh_type(lh), out)
+#define lh_CONF_VALUE_get_down_load(lh) OPENSSL_LH_get_down_load(ossl_check_CONF_VALUE_lh_type(lh))
+#define lh_CONF_VALUE_set_down_load(lh, dl) OPENSSL_LH_set_down_load(ossl_check_CONF_VALUE_lh_type(lh), dl)
+#define lh_CONF_VALUE_doall(lh, dfn) OPENSSL_LH_doall(ossl_check_CONF_VALUE_lh_type(lh), ossl_check_CONF_VALUE_lh_doallfunc_type(dfn))
-DEFINE_LHASH_OF(CONF_VALUE);
struct conf_st;
struct conf_method_st;
typedef struct conf_method_st CONF_METHOD;
-struct conf_method_st {
- const char *name;
- CONF *(*create) (CONF_METHOD *meth);
- int (*init) (CONF *conf);
- int (*destroy) (CONF *conf);
- int (*destroy_data) (CONF *conf);
- int (*load_bio) (CONF *conf, BIO *bp, long *eline);
- int (*dump) (const CONF *conf, BIO *bp);
- int (*is_number) (const CONF *conf, char c);
- int (*to_int) (const CONF *conf, char c);
- int (*load) (CONF *conf, const char *name, long *eline);
-};
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# include <openssl/conftypes.h>
+# endif
/* Module definitions */
-
typedef struct conf_imodule_st CONF_IMODULE;
typedef struct conf_module_st CONF_MODULE;
@@ -94,8 +128,9 @@ void CONF_free(LHASH_OF(CONF_VALUE) *conf);
int CONF_dump_fp(LHASH_OF(CONF_VALUE) *conf, FILE *out);
#endif
int CONF_dump_bio(LHASH_OF(CONF_VALUE) *conf, BIO *out);
-
-DEPRECATEDIN_1_1_0(void OPENSSL_config(const char *config_name))
+#ifndef OPENSSL_NO_DEPRECATED_1_1_0
+OSSL_DEPRECATEDIN_1_1_0 void OPENSSL_config(const char *config_name);
+#endif
#ifndef OPENSSL_NO_DEPRECATED_1_1_0
# define OPENSSL_no_config() \
@@ -107,18 +142,13 @@ DEPRECATEDIN_1_1_0(void OPENSSL_config(const char *config_name))
* that wasn't the case, the above functions would have been replaced
*/
-struct conf_st {
- CONF_METHOD *meth;
- void *meth_data;
- LHASH_OF(CONF_VALUE) *data;
- unsigned int flag_dollarid:1;
- OPENSSL_CTX *libctx;
-};
-
-CONF *NCONF_new_with_libctx(OPENSSL_CTX *libctx, CONF_METHOD *meth);
+CONF *NCONF_new_ex(OSSL_LIB_CTX *libctx, CONF_METHOD *meth);
+OSSL_LIB_CTX *NCONF_get0_libctx(const CONF *conf);
CONF *NCONF_new(CONF_METHOD *meth);
CONF_METHOD *NCONF_default(void);
-DEPRECATEDIN_3_0(CONF_METHOD *NCONF_WIN32(void))
+#ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 CONF_METHOD *NCONF_WIN32(void);
+#endif
void NCONF_free(CONF *conf);
void NCONF_free_data(CONF *conf);
@@ -127,6 +157,7 @@ int NCONF_load(CONF *conf, const char *file, long *eline);
int NCONF_load_fp(CONF *conf, FILE *fp, long *eline);
# endif
int NCONF_load_bio(CONF *conf, BIO *bp, long *eline);
+STACK_OF(OPENSSL_CSTRING) *NCONF_get_section_names(const CONF *conf);
STACK_OF(CONF_VALUE) *NCONF_get_section(const CONF *conf,
const char *section);
char *NCONF_get_string(const CONF *conf, const char *group, const char *name);
@@ -143,8 +174,8 @@ int NCONF_dump_bio(const CONF *conf, BIO *out);
int CONF_modules_load(const CONF *cnf, const char *appname,
unsigned long flags);
-int CONF_modules_load_file_with_libctx(OPENSSL_CTX *libctx, const char *filename,
- const char *appname, unsigned long flags);
+int CONF_modules_load_file_ex(OSSL_LIB_CTX *libctx, const char *filename,
+ const char *appname, unsigned long flags);
int CONF_modules_load_file(const char *filename, const char *appname,
unsigned long flags);
void CONF_modules_unload(int all);
diff --git a/openssl/include/openssl/conf_api.h b/openssl/include/openssl/conf_api.h
index 22d98791..22d98791 100644..100755
--- a/openssl/include/openssl/conf_api.h
+++ b/openssl/include/openssl/conf_api.h
diff --git a/openssl/include/openssl/conferr.h b/openssl/include/openssl/conferr.h
index 1f9a40a7..e4d7013e 100644..100755
--- a/openssl/include/openssl/conferr.h
+++ b/openssl/include/openssl/conferr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -14,41 +14,9 @@
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
+# include <openssl/cryptoerr_legacy.h>
-# ifdef __cplusplus
-extern "C"
-# endif
-int ERR_load_CONF_strings(void);
-
-/*
- * CONF function codes.
- */
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define CONF_F_CONF_DUMP_FP 0
-# define CONF_F_CONF_LOAD 0
-# define CONF_F_CONF_LOAD_FP 0
-# define CONF_F_CONF_PARSE_LIST 0
-# define CONF_F_DEF_LOAD 0
-# define CONF_F_DEF_LOAD_BIO 0
-# define CONF_F_GET_NEXT_FILE 0
-# define CONF_F_MODULE_ADD 0
-# define CONF_F_MODULE_INIT 0
-# define CONF_F_MODULE_LOAD_DSO 0
-# define CONF_F_MODULE_RUN 0
-# define CONF_F_NCONF_DUMP_BIO 0
-# define CONF_F_NCONF_DUMP_FP 0
-# define CONF_F_NCONF_GET_NUMBER_E 0
-# define CONF_F_NCONF_GET_SECTION 0
-# define CONF_F_NCONF_GET_STRING 0
-# define CONF_F_NCONF_LOAD 0
-# define CONF_F_NCONF_LOAD_BIO 0
-# define CONF_F_NCONF_LOAD_FP 0
-# define CONF_F_NCONF_NEW 0
-# define CONF_F_PROCESS_INCLUDE 0
-# define CONF_F_SSL_MODULE_INIT 0
-# define CONF_F_STR_COPY 0
-# endif
/*
* CONF reason codes.
@@ -68,7 +36,9 @@ int ERR_load_CONF_strings(void);
# define CONF_R_NO_SUCH_FILE 114
# define CONF_R_NO_VALUE 108
# define CONF_R_NUMBER_TOO_LARGE 121
+# define CONF_R_OPENSSL_CONF_REFERENCES_MISSING_SECTION 124
# define CONF_R_RECURSIVE_DIRECTORY_INCLUDE 111
+# define CONF_R_RELATIVE_PATH 125
# define CONF_R_SSL_COMMAND_SECTION_EMPTY 117
# define CONF_R_SSL_COMMAND_SECTION_NOT_FOUND 118
# define CONF_R_SSL_SECTION_EMPTY 119
diff --git a/openssl/include/openssl/configuration.h b/openssl/include/openssl/configuration.h
index d3a49be7..9726677d 100644..100755
--- a/openssl/include/openssl/configuration.h
+++ b/openssl/include/openssl/configuration.h
@@ -2,7 +2,7 @@
* WARNING: do not edit!
* Generated by makefile from include\openssl\configuration.h.in
*
- * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -12,6 +12,7 @@
#ifndef OPENSSL_CONFIGURATION_H
# define OPENSSL_CONFIGURATION_H
+# pragma once
# ifdef __cplusplus
extern "C" {
@@ -35,6 +36,9 @@ extern "C" {
# ifndef OPENSSL_THREADS
# define OPENSSL_THREADS
# endif
+# ifndef OPENSSL_NO_ACVP_TESTS
+# define OPENSSL_NO_ACVP_TESTS
+# endif
# ifndef OPENSSL_NO_AFALGENG
# define OPENSSL_NO_AFALGENG
# endif
@@ -59,6 +63,9 @@ extern "C" {
# ifndef OPENSSL_NO_EXTERNAL_TESTS
# define OPENSSL_NO_EXTERNAL_TESTS
# endif
+# ifndef OPENSSL_NO_FIPS_SECURITYCHECKS
+# define OPENSSL_NO_FIPS_SECURITYCHECKS
+# endif
# ifndef OPENSSL_NO_FUZZ_AFL
# define OPENSSL_NO_FUZZ_AFL
# endif
@@ -80,9 +87,6 @@ extern "C" {
# ifndef OPENSSL_NO_SCTP
# define OPENSSL_NO_SCTP
# endif
-# ifndef OPENSSL_NO_SSL_TRACE
-# define OPENSSL_NO_SSL_TRACE
-# endif
# ifndef OPENSSL_NO_SSL3
# define OPENSSL_NO_SSL3
# endif
diff --git a/openssl/include/openssl/conftypes.h b/openssl/include/openssl/conftypes.h
new file mode 100755
index 00000000..ee55bc56
--- /dev/null
+++ b/openssl/include/openssl/conftypes.h
@@ -0,0 +1,44 @@
+/*
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_CONFTYPES_H
+# define OPENSSL_CONFTYPES_H
+# pragma once
+
+#ifndef OPENSSL_CONF_H
+# include <openssl/conf.h>
+#endif
+
+/*
+ * The contents of this file are deprecated and will be made opaque
+ */
+struct conf_method_st {
+ const char *name;
+ CONF *(*create) (CONF_METHOD *meth);
+ int (*init) (CONF *conf);
+ int (*destroy) (CONF *conf);
+ int (*destroy_data) (CONF *conf);
+ int (*load_bio) (CONF *conf, BIO *bp, long *eline);
+ int (*dump) (const CONF *conf, BIO *bp);
+ int (*is_number) (const CONF *conf, char c);
+ int (*to_int) (const CONF *conf, char c);
+ int (*load) (CONF *conf, const char *name, long *eline);
+};
+
+struct conf_st {
+ CONF_METHOD *meth;
+ void *meth_data;
+ LHASH_OF(CONF_VALUE) *data;
+ int flag_dollarid;
+ int flag_abspath;
+ char *includedir;
+ OSSL_LIB_CTX *libctx;
+};
+
+#endif
diff --git a/openssl/include/openssl/core.h b/openssl/include/openssl/core.h
index ab9ad5b5..ca6f68b9 100644..100755
--- a/openssl/include/openssl/core.h
+++ b/openssl/include/openssl/core.h
@@ -1,5 +1,5 @@
/*
- * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -9,6 +9,7 @@
#ifndef OPENSSL_CORE_H
# define OPENSSL_CORE_H
+# pragma once
# include <stddef.h>
# include <openssl/types.h>
@@ -31,8 +32,8 @@ typedef struct openssl_core_ctx_st OPENSSL_CORE_CTX;
typedef struct ossl_core_bio_st OSSL_CORE_BIO;
/*
- * Dispatch table element. function_id numbers are defined further down,
- * see macros with '_FUNC' in their names.
+ * Dispatch table element. function_id numbers and the functions are defined
+ * in core_dispatch.h, see macros with 'OSSL_CORE_MAKE_FUNC' in their names.
*
* An array of these is always terminated by function_id == 0
*/
@@ -69,6 +70,7 @@ struct ossl_algorithm_st {
const char *algorithm_names; /* key */
const char *property_definition; /* key */
const OSSL_DISPATCH *implementation;
+ const char *algorithm_description;
};
/*
@@ -107,18 +109,18 @@ struct ossl_param_st {
# define OSSL_PARAM_REAL 3
/*-
* OSSL_PARAM_UTF8_STRING
- * is a printable string. Is expteced to be printed as it is.
+ * is a printable string. It is expected to be printed as it is.
*/
# define OSSL_PARAM_UTF8_STRING 4
/*-
* OSSL_PARAM_OCTET_STRING
- * is a string of bytes with no further specification. Is expected to be
+ * is a string of bytes with no further specification. It is expected to be
* printed as a hexdump.
*/
# define OSSL_PARAM_OCTET_STRING 5
/*-
* OSSL_PARAM_UTF8_PTR
- * is a pointer to a printable string. Is expteced to be printed as it is.
+ * is a pointer to a printable string. It is expected to be printed as it is.
*
* The difference between this and OSSL_PARAM_UTF8_STRING is that only pointers
* are manipulated for this type.
diff --git a/openssl/include/openssl/core_dispatch.h b/openssl/include/openssl/core_dispatch.h
index 85abac55..596362ec 100644..100755
--- a/openssl/include/openssl/core_dispatch.h
+++ b/openssl/include/openssl/core_dispatch.h
@@ -1,5 +1,5 @@
/*
- * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -9,6 +9,7 @@
#ifndef OPENSSL_CORE_NUMBERS_H
# define OPENSSL_CORE_NUMBERS_H
+# pragma once
# include <stdarg.h>
# include <openssl/core.h>
@@ -40,10 +41,12 @@ extern "C" {
* |type| is the return-type of the function, |name| is the name of the
* function to fetch, and |args| is a parenthesized list of parameters
* for the function (that is, it is |name|'s function signature).
+ * Note: This is considered a "reserved" internal macro. Applications should
+ * not use this or assume its existence.
*/
#define OSSL_CORE_MAKE_FUNC(type,name,args) \
typedef type (OSSL_FUNC_##name##_fn)args; \
- static ossl_inline \
+ static ossl_unused ossl_inline \
OSSL_FUNC_##name##_fn *OSSL_FUNC_##name(const OSSL_DISPATCH *opf) \
{ \
return (OSSL_FUNC_##name##_fn *)opf->function; \
@@ -65,9 +68,10 @@ OSSL_CORE_MAKE_FUNC(int,core_get_params,(const OSSL_CORE_HANDLE *prov,
OSSL_PARAM params[]))
# define OSSL_FUNC_CORE_THREAD_START 3
OSSL_CORE_MAKE_FUNC(int,core_thread_start,(const OSSL_CORE_HANDLE *prov,
- OSSL_thread_stop_handler_fn handfn))
-# define OSSL_FUNC_CORE_GET_LIBRARY_CONTEXT 4
-OSSL_CORE_MAKE_FUNC(OPENSSL_CORE_CTX *,core_get_library_context,
+ OSSL_thread_stop_handler_fn handfn,
+ void *arg))
+# define OSSL_FUNC_CORE_GET_LIBCTX 4
+OSSL_CORE_MAKE_FUNC(OPENSSL_CORE_CTX *,core_get_libctx,
(const OSSL_CORE_HANDLE *prov))
# define OSSL_FUNC_CORE_NEW_ERROR 5
OSSL_CORE_MAKE_FUNC(void,core_new_error,(const OSSL_CORE_HANDLE *prov))
@@ -87,6 +91,19 @@ OSSL_CORE_MAKE_FUNC(int, core_clear_last_error_mark,
# define OSSL_FUNC_CORE_POP_ERROR_TO_MARK 10
OSSL_CORE_MAKE_FUNC(int, core_pop_error_to_mark, (const OSSL_CORE_HANDLE *prov))
+
+/* Functions to access the OBJ database */
+
+#define OSSL_FUNC_CORE_OBJ_ADD_SIGID 11
+#define OSSL_FUNC_CORE_OBJ_CREATE 12
+
+OSSL_CORE_MAKE_FUNC(int, core_obj_add_sigid,
+ (const OSSL_CORE_HANDLE *prov, const char *sign_name,
+ const char *digest_name, const char *pkey_name))
+OSSL_CORE_MAKE_FUNC(int, core_obj_create,
+ (const OSSL_CORE_HANDLE *prov, const char *oid,
+ const char *sn, const char *ln))
+
/* Memory allocation, freeing, clearing. */
#define OSSL_FUNC_CRYPTO_MALLOC 20
OSSL_CORE_MAKE_FUNC(void *,
@@ -132,9 +149,14 @@ OSSL_CORE_MAKE_FUNC(void,
#define OSSL_FUNC_BIO_NEW_MEMBUF 41
#define OSSL_FUNC_BIO_READ_EX 42
#define OSSL_FUNC_BIO_WRITE_EX 43
-#define OSSL_FUNC_BIO_FREE 44
-#define OSSL_FUNC_BIO_VPRINTF 45
-#define OSSL_FUNC_BIO_VSNPRINTF 46
+#define OSSL_FUNC_BIO_UP_REF 44
+#define OSSL_FUNC_BIO_FREE 45
+#define OSSL_FUNC_BIO_VPRINTF 46
+#define OSSL_FUNC_BIO_VSNPRINTF 47
+#define OSSL_FUNC_BIO_PUTS 48
+#define OSSL_FUNC_BIO_GETS 49
+#define OSSL_FUNC_BIO_CTRL 50
+
OSSL_CORE_MAKE_FUNC(OSSL_CORE_BIO *, BIO_new_file, (const char *filename,
const char *mode))
@@ -143,16 +165,66 @@ OSSL_CORE_MAKE_FUNC(int, BIO_read_ex, (OSSL_CORE_BIO *bio, void *data,
size_t data_len, size_t *bytes_read))
OSSL_CORE_MAKE_FUNC(int, BIO_write_ex, (OSSL_CORE_BIO *bio, const void *data,
size_t data_len, size_t *written))
+OSSL_CORE_MAKE_FUNC(int, BIO_gets, (OSSL_CORE_BIO *bio, char *buf, int size))
+OSSL_CORE_MAKE_FUNC(int, BIO_puts, (OSSL_CORE_BIO *bio, const char *str))
+OSSL_CORE_MAKE_FUNC(int, BIO_up_ref, (OSSL_CORE_BIO *bio))
OSSL_CORE_MAKE_FUNC(int, BIO_free, (OSSL_CORE_BIO *bio))
OSSL_CORE_MAKE_FUNC(int, BIO_vprintf, (OSSL_CORE_BIO *bio, const char *format,
va_list args))
OSSL_CORE_MAKE_FUNC(int, BIO_vsnprintf,
(char *buf, size_t n, const char *fmt, va_list args))
+OSSL_CORE_MAKE_FUNC(int, BIO_ctrl, (OSSL_CORE_BIO *bio,
+ int cmd, long num, void *ptr))
#define OSSL_FUNC_SELF_TEST_CB 100
OSSL_CORE_MAKE_FUNC(void, self_test_cb, (OPENSSL_CORE_CTX *ctx, OSSL_CALLBACK **cb,
void **cbarg))
+/* Functions to get seed material from the operating system */
+#define OSSL_FUNC_GET_ENTROPY 101
+#define OSSL_FUNC_CLEANUP_ENTROPY 102
+#define OSSL_FUNC_GET_NONCE 103
+#define OSSL_FUNC_CLEANUP_NONCE 104
+OSSL_CORE_MAKE_FUNC(size_t, get_entropy, (const OSSL_CORE_HANDLE *handle,
+ unsigned char **pout, int entropy,
+ size_t min_len, size_t max_len))
+OSSL_CORE_MAKE_FUNC(void, cleanup_entropy, (const OSSL_CORE_HANDLE *handle,
+ unsigned char *buf, size_t len))
+OSSL_CORE_MAKE_FUNC(size_t, get_nonce, (const OSSL_CORE_HANDLE *handle,
+ unsigned char **pout, size_t min_len,
+ size_t max_len, const void *salt,
+ size_t salt_len))
+OSSL_CORE_MAKE_FUNC(void, cleanup_nonce, (const OSSL_CORE_HANDLE *handle,
+ unsigned char *buf, size_t len))
+
+/* Functions to access the core's providers */
+#define OSSL_FUNC_PROVIDER_REGISTER_CHILD_CB 105
+#define OSSL_FUNC_PROVIDER_DEREGISTER_CHILD_CB 106
+#define OSSL_FUNC_PROVIDER_NAME 107
+#define OSSL_FUNC_PROVIDER_GET0_PROVIDER_CTX 108
+#define OSSL_FUNC_PROVIDER_GET0_DISPATCH 109
+#define OSSL_FUNC_PROVIDER_UP_REF 110
+#define OSSL_FUNC_PROVIDER_FREE 111
+
+OSSL_CORE_MAKE_FUNC(int, provider_register_child_cb,
+ (const OSSL_CORE_HANDLE *handle,
+ int (*create_cb)(const OSSL_CORE_HANDLE *provider, void *cbdata),
+ int (*remove_cb)(const OSSL_CORE_HANDLE *provider, void *cbdata),
+ int (*global_props_cb)(const char *props, void *cbdata),
+ void *cbdata))
+OSSL_CORE_MAKE_FUNC(void, provider_deregister_child_cb,
+ (const OSSL_CORE_HANDLE *handle))
+OSSL_CORE_MAKE_FUNC(const char *, provider_name,
+ (const OSSL_CORE_HANDLE *prov))
+OSSL_CORE_MAKE_FUNC(void *, provider_get0_provider_ctx,
+ (const OSSL_CORE_HANDLE *prov))
+OSSL_CORE_MAKE_FUNC(const OSSL_DISPATCH *, provider_get0_dispatch,
+ (const OSSL_CORE_HANDLE *prov))
+OSSL_CORE_MAKE_FUNC(int, provider_up_ref,
+ (const OSSL_CORE_HANDLE *prov, int activate))
+OSSL_CORE_MAKE_FUNC(int, provider_free,
+ (const OSSL_CORE_HANDLE *prov, int deactivate))
+
/* Functions provided by the provider to the Core, reserved numbers 1024-1535 */
# define OSSL_FUNC_PROVIDER_TEARDOWN 1024
OSSL_CORE_MAKE_FUNC(void,provider_teardown,(void *provctx))
@@ -165,12 +237,17 @@ OSSL_CORE_MAKE_FUNC(int,provider_get_params,(void *provctx,
# define OSSL_FUNC_PROVIDER_QUERY_OPERATION 1027
OSSL_CORE_MAKE_FUNC(const OSSL_ALGORITHM *,provider_query_operation,
(void *provctx, int operation_id, int *no_store))
-# define OSSL_FUNC_PROVIDER_GET_REASON_STRINGS 1028
+# define OSSL_FUNC_PROVIDER_UNQUERY_OPERATION 1028
+OSSL_CORE_MAKE_FUNC(void, provider_unquery_operation,
+ (void *provctx, int operation_id, const OSSL_ALGORITHM *))
+# define OSSL_FUNC_PROVIDER_GET_REASON_STRINGS 1029
OSSL_CORE_MAKE_FUNC(const OSSL_ITEM *,provider_get_reason_strings,
(void *provctx))
-# define OSSL_FUNC_PROVIDER_GET_CAPABILITIES 1029
+# define OSSL_FUNC_PROVIDER_GET_CAPABILITIES 1030
OSSL_CORE_MAKE_FUNC(int, provider_get_capabilities, (void *provctx,
const char *capability, OSSL_CALLBACK *cb, void *arg))
+# define OSSL_FUNC_PROVIDER_SELF_TEST 1031
+OSSL_CORE_MAKE_FUNC(int, provider_self_test, (void *provctx))
/* Operations */
@@ -183,10 +260,13 @@ OSSL_CORE_MAKE_FUNC(int, provider_get_capabilities, (void *provctx,
# define OSSL_OP_KEYEXCH 11
# define OSSL_OP_SIGNATURE 12
# define OSSL_OP_ASYM_CIPHER 13
+# define OSSL_OP_KEM 14
/* New section for non-EVP operations */
-# define OSSL_OP_SERIALIZER 20
+# define OSSL_OP_ENCODER 20
+# define OSSL_OP_DECODER 21
+# define OSSL_OP_STORE 22
/* Highest known operation number */
-# define OSSL_OP__HIGHEST 20
+# define OSSL_OP__HIGHEST 22
/* Digests */
@@ -205,7 +285,7 @@ OSSL_CORE_MAKE_FUNC(int, provider_get_capabilities, (void *provctx,
# define OSSL_FUNC_DIGEST_GETTABLE_CTX_PARAMS 13
OSSL_CORE_MAKE_FUNC(void *, digest_newctx, (void *provctx))
-OSSL_CORE_MAKE_FUNC(int, digest_init, (void *dctx))
+OSSL_CORE_MAKE_FUNC(int, digest_init, (void *dctx, const OSSL_PARAM params[]))
OSSL_CORE_MAKE_FUNC(int, digest_update,
(void *dctx, const unsigned char *in, size_t inl))
OSSL_CORE_MAKE_FUNC(int, digest_final,
@@ -223,9 +303,12 @@ OSSL_CORE_MAKE_FUNC(int, digest_set_ctx_params,
(void *vctx, const OSSL_PARAM params[]))
OSSL_CORE_MAKE_FUNC(int, digest_get_ctx_params,
(void *vctx, OSSL_PARAM params[]))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, digest_gettable_params, (void))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, digest_settable_ctx_params, (void))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, digest_gettable_ctx_params, (void))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, digest_gettable_params,
+ (void *provctx))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, digest_settable_ctx_params,
+ (void *dctx, void *provctx))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, digest_gettable_ctx_params,
+ (void *dctx, void *provctx))
/* Symmetric Ciphers */
@@ -249,12 +332,14 @@ OSSL_CORE_MAKE_FUNC(int, cipher_encrypt_init, (void *cctx,
const unsigned char *key,
size_t keylen,
const unsigned char *iv,
- size_t ivlen))
+ size_t ivlen,
+ const OSSL_PARAM params[]))
OSSL_CORE_MAKE_FUNC(int, cipher_decrypt_init, (void *cctx,
const unsigned char *key,
size_t keylen,
const unsigned char *iv,
- size_t ivlen))
+ size_t ivlen,
+ const OSSL_PARAM params[]))
OSSL_CORE_MAKE_FUNC(int, cipher_update,
(void *cctx,
unsigned char *out, size_t *outl, size_t outsize,
@@ -273,9 +358,12 @@ OSSL_CORE_MAKE_FUNC(int, cipher_get_ctx_params, (void *cctx,
OSSL_PARAM params[]))
OSSL_CORE_MAKE_FUNC(int, cipher_set_ctx_params, (void *cctx,
const OSSL_PARAM params[]))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, cipher_gettable_params, (void))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, cipher_settable_ctx_params, (void))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, cipher_gettable_ctx_params, (void))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, cipher_gettable_params,
+ (void *provctx))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, cipher_settable_ctx_params,
+ (void *cctx, void *provctx))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, cipher_gettable_ctx_params,
+ (void *cctx, void *provctx))
/* MACs */
@@ -295,16 +383,18 @@ OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, cipher_gettable_ctx_params, (void))
OSSL_CORE_MAKE_FUNC(void *, mac_newctx, (void *provctx))
OSSL_CORE_MAKE_FUNC(void *, mac_dupctx, (void *src))
OSSL_CORE_MAKE_FUNC(void, mac_freectx, (void *mctx))
-OSSL_CORE_MAKE_FUNC(size_t, mac_size, (void *mctx))
-OSSL_CORE_MAKE_FUNC(int, mac_init, (void *mctx))
+OSSL_CORE_MAKE_FUNC(int, mac_init, (void *mctx, const unsigned char *key,
+ size_t keylen, const OSSL_PARAM params[]))
OSSL_CORE_MAKE_FUNC(int, mac_update,
(void *mctx, const unsigned char *in, size_t inl))
OSSL_CORE_MAKE_FUNC(int, mac_final,
(void *mctx,
unsigned char *out, size_t *outl, size_t outsize))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, mac_gettable_params, (void))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, mac_gettable_ctx_params, (void))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, mac_settable_ctx_params, (void))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, mac_gettable_params, (void *provctx))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, mac_gettable_ctx_params,
+ (void *mctx, void *provctx))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, mac_settable_ctx_params,
+ (void *mctx, void *provctx))
OSSL_CORE_MAKE_FUNC(int, mac_get_params, (OSSL_PARAM params[]))
OSSL_CORE_MAKE_FUNC(int, mac_get_ctx_params,
(void *mctx, OSSL_PARAM params[]))
@@ -330,10 +420,12 @@ OSSL_CORE_MAKE_FUNC(void *, kdf_dupctx, (void *src))
OSSL_CORE_MAKE_FUNC(void, kdf_freectx, (void *kctx))
OSSL_CORE_MAKE_FUNC(void, kdf_reset, (void *kctx))
OSSL_CORE_MAKE_FUNC(int, kdf_derive, (void *kctx, unsigned char *key,
- size_t keylen))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, kdf_gettable_params, (void))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, kdf_gettable_ctx_params, (void))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, kdf_settable_ctx_params, (void))
+ size_t keylen, const OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, kdf_gettable_params, (void *provctx))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, kdf_gettable_ctx_params,
+ (void *kctx, void *provctx))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, kdf_settable_ctx_params,
+ (void *kctx, void *provctx))
OSSL_CORE_MAKE_FUNC(int, kdf_get_params, (OSSL_PARAM params[]))
OSSL_CORE_MAKE_FUNC(int, kdf_get_ctx_params,
(void *kctx, OSSL_PARAM params[]))
@@ -358,8 +450,9 @@ OSSL_CORE_MAKE_FUNC(int, kdf_set_ctx_params,
# define OSSL_FUNC_RAND_GET_PARAMS 14
# define OSSL_FUNC_RAND_GET_CTX_PARAMS 15
# define OSSL_FUNC_RAND_SET_CTX_PARAMS 16
-# define OSSL_FUNC_RAND_SET_CALLBACKS 17
-# define OSSL_FUNC_RAND_VERIFY_ZEROIZATION 18
+# define OSSL_FUNC_RAND_VERIFY_ZEROIZATION 17
+# define OSSL_FUNC_RAND_GET_SEED 18
+# define OSSL_FUNC_RAND_CLEAR_SEED 19
OSSL_CORE_MAKE_FUNC(void *,rand_newctx,
(void *provctx, void *parent,
@@ -368,7 +461,8 @@ OSSL_CORE_MAKE_FUNC(void,rand_freectx, (void *vctx))
OSSL_CORE_MAKE_FUNC(int,rand_instantiate,
(void *vdrbg, unsigned int strength,
int prediction_resistance,
- const unsigned char *pstr, size_t pstr_len))
+ const unsigned char *pstr, size_t pstr_len,
+ const OSSL_PARAM params[]))
OSSL_CORE_MAKE_FUNC(int,rand_uninstantiate, (void *vdrbg))
OSSL_CORE_MAKE_FUNC(int,rand_generate,
(void *vctx, unsigned char *out, size_t outlen,
@@ -384,9 +478,11 @@ OSSL_CORE_MAKE_FUNC(size_t,rand_nonce,
OSSL_CORE_MAKE_FUNC(int,rand_enable_locking, (void *vctx))
OSSL_CORE_MAKE_FUNC(int,rand_lock, (void *vctx))
OSSL_CORE_MAKE_FUNC(void,rand_unlock, (void *vctx))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *,rand_gettable_params, (void))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *,rand_gettable_ctx_params, (void))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *,rand_settable_ctx_params, (void))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *,rand_gettable_params, (void *provctx))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *,rand_gettable_ctx_params,
+ (void *vctx, void *provctx))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *,rand_settable_ctx_params,
+ (void *vctx, void *provctx))
OSSL_CORE_MAKE_FUNC(int,rand_get_params, (OSSL_PARAM params[]))
OSSL_CORE_MAKE_FUNC(int,rand_get_ctx_params,
(void *vctx, OSSL_PARAM params[]))
@@ -399,6 +495,13 @@ OSSL_CORE_MAKE_FUNC(void,rand_set_callbacks,
OSSL_CALLBACK *cleanup_nonce, void *arg))
OSSL_CORE_MAKE_FUNC(int,rand_verify_zeroization,
(void *vctx))
+OSSL_CORE_MAKE_FUNC(size_t,rand_get_seed,
+ (void *vctx, unsigned char **buffer,
+ int entropy, size_t min_len, size_t max_len,
+ int prediction_resistance,
+ const unsigned char *adin, size_t adin_len))
+OSSL_CORE_MAKE_FUNC(void,rand_clear_seed,
+ (void *vctx, unsigned char *buffer, size_t b_len))
/*-
* Key management
@@ -450,6 +553,9 @@ OSSL_CORE_MAKE_FUNC(int,rand_verify_zeroization,
# define OSSL_KEYMGMT_SELECT_ALL \
( OSSL_KEYMGMT_SELECT_KEYPAIR | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS )
+# define OSSL_KEYMGMT_VALIDATE_FULL_CHECK 0
+# define OSSL_KEYMGMT_VALIDATE_QUICK_CHECK 1
+
/* Basic key object creation */
# define OSSL_FUNC_KEYMGMT_NEW 1
OSSL_CORE_MAKE_FUNC(void *, keymgmt_new, (void *provctx))
@@ -462,21 +568,23 @@ OSSL_CORE_MAKE_FUNC(void *, keymgmt_new, (void *provctx))
# define OSSL_FUNC_KEYMGMT_GEN 6
# define OSSL_FUNC_KEYMGMT_GEN_CLEANUP 7
OSSL_CORE_MAKE_FUNC(void *, keymgmt_gen_init,
- (void *provctx, int selection))
+ (void *provctx, int selection, const OSSL_PARAM params[]))
OSSL_CORE_MAKE_FUNC(int, keymgmt_gen_set_template,
(void *genctx, void *templ))
OSSL_CORE_MAKE_FUNC(int, keymgmt_gen_set_params,
(void *genctx, const OSSL_PARAM params[]))
OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *,
- keymgmt_gen_settable_params, (void *provctx))
-OSSL_CORE_MAKE_FUNC(int, keymgmt_gen_get_params,
- (void *genctx, OSSL_PARAM params[]))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *,
- keymgmt_gen_gettable_params, (void *provctx))
+ keymgmt_gen_settable_params,
+ (void *genctx, void *provctx))
OSSL_CORE_MAKE_FUNC(void *, keymgmt_gen,
(void *genctx, OSSL_CALLBACK *cb, void *cbarg))
OSSL_CORE_MAKE_FUNC(void, keymgmt_gen_cleanup, (void *genctx))
+/* Key loading by object reference */
+# define OSSL_FUNC_KEYMGMT_LOAD 8
+OSSL_CORE_MAKE_FUNC(void *, keymgmt_load,
+ (const void *reference, size_t reference_sz))
+
/* Basic key object destruction */
# define OSSL_FUNC_KEYMGMT_FREE 10
OSSL_CORE_MAKE_FUNC(void, keymgmt_free, (void *keydata))
@@ -486,13 +594,15 @@ OSSL_CORE_MAKE_FUNC(void, keymgmt_free, (void *keydata))
#define OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS 12
OSSL_CORE_MAKE_FUNC(int, keymgmt_get_params,
(void *keydata, OSSL_PARAM params[]))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, keymgmt_gettable_params, (void))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, keymgmt_gettable_params,
+ (void *provctx))
#define OSSL_FUNC_KEYMGMT_SET_PARAMS 13
#define OSSL_FUNC_KEYMGMT_SETTABLE_PARAMS 14
OSSL_CORE_MAKE_FUNC(int, keymgmt_set_params,
(void *keydata, const OSSL_PARAM params[]))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, keymgmt_settable_params, (void))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, keymgmt_settable_params,
+ (void *provctx))
/* Key checks - discovery of supported operations */
# define OSSL_FUNC_KEYMGMT_QUERY_OPERATION_NAME 20
@@ -501,11 +611,12 @@ OSSL_CORE_MAKE_FUNC(const char *, keymgmt_query_operation_name,
/* Key checks - key data content checks */
# define OSSL_FUNC_KEYMGMT_HAS 21
-OSSL_CORE_MAKE_FUNC(int, keymgmt_has, (void *keydata, int selection))
+OSSL_CORE_MAKE_FUNC(int, keymgmt_has, (const void *keydata, int selection))
/* Key checks - validation */
# define OSSL_FUNC_KEYMGMT_VALIDATE 22
-OSSL_CORE_MAKE_FUNC(int, keymgmt_validate, (void *keydata, int selection))
+OSSL_CORE_MAKE_FUNC(int, keymgmt_validate, (const void *keydata, int selection,
+ int checktype))
/* Key checks - matching */
# define OSSL_FUNC_KEYMGMT_MATCH 23
@@ -528,11 +639,10 @@ OSSL_CORE_MAKE_FUNC(int, keymgmt_export,
OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, keymgmt_export_types,
(int selection))
-/* Copy function, only works for matching keymgmt */
-# define OSSL_FUNC_KEYMGMT_COPY 44
-OSSL_CORE_MAKE_FUNC(int, keymgmt_copy,
- ( void *keydata_to, const void *keydata_from,
- int selection))
+/* Dup function, constructor */
+# define OSSL_FUNC_KEYMGMT_DUP 44
+OSSL_CORE_MAKE_FUNC(void *, keymgmt_dup,
+ (const void *keydata_from, int selection))
/* Key Exchange */
@@ -548,7 +658,8 @@ OSSL_CORE_MAKE_FUNC(int, keymgmt_copy,
# define OSSL_FUNC_KEYEXCH_GETTABLE_CTX_PARAMS 10
OSSL_CORE_MAKE_FUNC(void *, keyexch_newctx, (void *provctx))
-OSSL_CORE_MAKE_FUNC(int, keyexch_init, (void *ctx, void *provkey))
+OSSL_CORE_MAKE_FUNC(int, keyexch_init, (void *ctx, void *provkey,
+ const OSSL_PARAM params[]))
OSSL_CORE_MAKE_FUNC(int, keyexch_derive, (void *ctx, unsigned char *secret,
size_t *secretlen, size_t outlen))
OSSL_CORE_MAKE_FUNC(int, keyexch_set_peer, (void *ctx, void *provkey))
@@ -557,11 +668,11 @@ OSSL_CORE_MAKE_FUNC(void *, keyexch_dupctx, (void *ctx))
OSSL_CORE_MAKE_FUNC(int, keyexch_set_ctx_params, (void *ctx,
const OSSL_PARAM params[]))
OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, keyexch_settable_ctx_params,
- (void))
+ (void *ctx, void *provctx))
OSSL_CORE_MAKE_FUNC(int, keyexch_get_ctx_params, (void *ctx,
OSSL_PARAM params[]))
OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, keyexch_gettable_ctx_params,
- (void))
+ (void *ctx, void *provctx))
/* Signature */
@@ -593,27 +704,27 @@ OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, keyexch_gettable_ctx_params,
OSSL_CORE_MAKE_FUNC(void *, signature_newctx, (void *provctx,
const char *propq))
-OSSL_CORE_MAKE_FUNC(int, signature_sign_init, (void *ctx, void *provkey))
+OSSL_CORE_MAKE_FUNC(int, signature_sign_init, (void *ctx, void *provkey,
+ const OSSL_PARAM params[]))
OSSL_CORE_MAKE_FUNC(int, signature_sign, (void *ctx, unsigned char *sig,
size_t *siglen, size_t sigsize,
const unsigned char *tbs,
size_t tbslen))
-OSSL_CORE_MAKE_FUNC(int, signature_verify_init, (void *ctx, void *provkey))
+OSSL_CORE_MAKE_FUNC(int, signature_verify_init, (void *ctx, void *provkey,
+ const OSSL_PARAM params[]))
OSSL_CORE_MAKE_FUNC(int, signature_verify, (void *ctx,
const unsigned char *sig,
size_t siglen,
const unsigned char *tbs,
size_t tbslen))
-OSSL_CORE_MAKE_FUNC(int, signature_verify_recover_init, (void *ctx,
- void *provkey))
-OSSL_CORE_MAKE_FUNC(int, signature_verify_recover, (void *ctx,
- unsigned char *rout,
- size_t *routlen,
- size_t routsize,
- const unsigned char *sig,
- size_t siglen))
+OSSL_CORE_MAKE_FUNC(int, signature_verify_recover_init,
+ (void *ctx, void *provkey, const OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(int, signature_verify_recover,
+ (void *ctx, unsigned char *rout, size_t *routlen,
+ size_t routsize, const unsigned char *sig, size_t siglen))
OSSL_CORE_MAKE_FUNC(int, signature_digest_sign_init,
- (void *ctx, const char *mdname, void *provkey))
+ (void *ctx, const char *mdname, void *provkey,
+ const OSSL_PARAM params[]))
OSSL_CORE_MAKE_FUNC(int, signature_digest_sign_update,
(void *ctx, const unsigned char *data, size_t datalen))
OSSL_CORE_MAKE_FUNC(int, signature_digest_sign_final,
@@ -623,7 +734,8 @@ OSSL_CORE_MAKE_FUNC(int, signature_digest_sign,
(void *ctx, unsigned char *sigret, size_t *siglen,
size_t sigsize, const unsigned char *tbs, size_t tbslen))
OSSL_CORE_MAKE_FUNC(int, signature_digest_verify_init,
- (void *ctx, const char *mdname, void *provkey))
+ (void *ctx, const char *mdname, void *provkey,
+ const OSSL_PARAM params[]))
OSSL_CORE_MAKE_FUNC(int, signature_digest_verify_update,
(void *ctx, const unsigned char *data, size_t datalen))
OSSL_CORE_MAKE_FUNC(int, signature_digest_verify_final,
@@ -636,11 +748,11 @@ OSSL_CORE_MAKE_FUNC(void *, signature_dupctx, (void *ctx))
OSSL_CORE_MAKE_FUNC(int, signature_get_ctx_params,
(void *ctx, OSSL_PARAM params[]))
OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, signature_gettable_ctx_params,
- (void))
+ (void *ctx, void *provctx))
OSSL_CORE_MAKE_FUNC(int, signature_set_ctx_params,
(void *ctx, const OSSL_PARAM params[]))
OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, signature_settable_ctx_params,
- (void))
+ (void *ctx, void *provctx))
OSSL_CORE_MAKE_FUNC(int, signature_get_ctx_md_params,
(void *ctx, OSSL_PARAM params[]))
OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, signature_gettable_ctx_md_params,
@@ -666,13 +778,15 @@ OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, signature_settable_ctx_md_params,
# define OSSL_FUNC_ASYM_CIPHER_SETTABLE_CTX_PARAMS 11
OSSL_CORE_MAKE_FUNC(void *, asym_cipher_newctx, (void *provctx))
-OSSL_CORE_MAKE_FUNC(int, asym_cipher_encrypt_init, (void *ctx, void *provkey))
+OSSL_CORE_MAKE_FUNC(int, asym_cipher_encrypt_init, (void *ctx, void *provkey,
+ const OSSL_PARAM params[]))
OSSL_CORE_MAKE_FUNC(int, asym_cipher_encrypt, (void *ctx, unsigned char *out,
size_t *outlen,
size_t outsize,
const unsigned char *in,
size_t inlen))
-OSSL_CORE_MAKE_FUNC(int, asym_cipher_decrypt_init, (void *ctx, void *provkey))
+OSSL_CORE_MAKE_FUNC(int, asym_cipher_decrypt_init, (void *ctx, void *provkey,
+ const OSSL_PARAM params[]))
OSSL_CORE_MAKE_FUNC(int, asym_cipher_decrypt, (void *ctx, unsigned char *out,
size_t *outlen,
size_t outsize,
@@ -683,33 +797,145 @@ OSSL_CORE_MAKE_FUNC(void *, asym_cipher_dupctx, (void *ctx))
OSSL_CORE_MAKE_FUNC(int, asym_cipher_get_ctx_params,
(void *ctx, OSSL_PARAM params[]))
OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, asym_cipher_gettable_ctx_params,
- (void))
+ (void *ctx, void *provctx))
OSSL_CORE_MAKE_FUNC(int, asym_cipher_set_ctx_params,
(void *ctx, const OSSL_PARAM params[]))
OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, asym_cipher_settable_ctx_params,
- (void))
-
-/* Serializers */
-# define OSSL_FUNC_SERIALIZER_NEWCTX 1
-# define OSSL_FUNC_SERIALIZER_FREECTX 2
-# define OSSL_FUNC_SERIALIZER_SET_CTX_PARAMS 3
-# define OSSL_FUNC_SERIALIZER_SETTABLE_CTX_PARAMS 4
-# define OSSL_FUNC_SERIALIZER_SERIALIZE_DATA 10
-# define OSSL_FUNC_SERIALIZER_SERIALIZE_OBJECT 11
-OSSL_CORE_MAKE_FUNC(void *, serializer_newctx, (void *provctx))
-OSSL_CORE_MAKE_FUNC(void, serializer_freectx, (void *ctx))
-OSSL_CORE_MAKE_FUNC(int, serializer_set_ctx_params,
+ (void *ctx, void *provctx))
+
+/* Asymmetric Key encapsulation */
+# define OSSL_FUNC_KEM_NEWCTX 1
+# define OSSL_FUNC_KEM_ENCAPSULATE_INIT 2
+# define OSSL_FUNC_KEM_ENCAPSULATE 3
+# define OSSL_FUNC_KEM_DECAPSULATE_INIT 4
+# define OSSL_FUNC_KEM_DECAPSULATE 5
+# define OSSL_FUNC_KEM_FREECTX 6
+# define OSSL_FUNC_KEM_DUPCTX 7
+# define OSSL_FUNC_KEM_GET_CTX_PARAMS 8
+# define OSSL_FUNC_KEM_GETTABLE_CTX_PARAMS 9
+# define OSSL_FUNC_KEM_SET_CTX_PARAMS 10
+# define OSSL_FUNC_KEM_SETTABLE_CTX_PARAMS 11
+
+OSSL_CORE_MAKE_FUNC(void *, kem_newctx, (void *provctx))
+OSSL_CORE_MAKE_FUNC(int, kem_encapsulate_init, (void *ctx, void *provkey,
+ const OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(int, kem_encapsulate, (void *ctx,
+ unsigned char *out, size_t *outlen,
+ unsigned char *secret,
+ size_t *secretlen))
+OSSL_CORE_MAKE_FUNC(int, kem_decapsulate_init, (void *ctx, void *provkey,
+ const OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(int, kem_decapsulate, (void *ctx,
+ unsigned char *out, size_t *outlen,
+ const unsigned char *in, size_t inlen))
+OSSL_CORE_MAKE_FUNC(void, kem_freectx, (void *ctx))
+OSSL_CORE_MAKE_FUNC(void *, kem_dupctx, (void *ctx))
+OSSL_CORE_MAKE_FUNC(int, kem_get_ctx_params, (void *ctx, OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, kem_gettable_ctx_params,
+ (void *ctx, void *provctx))
+OSSL_CORE_MAKE_FUNC(int, kem_set_ctx_params,
+ (void *ctx, const OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, kem_settable_ctx_params,
+ (void *ctx, void *provctx))
+
+/* Encoders and decoders */
+# define OSSL_FUNC_ENCODER_NEWCTX 1
+# define OSSL_FUNC_ENCODER_FREECTX 2
+# define OSSL_FUNC_ENCODER_GET_PARAMS 3
+# define OSSL_FUNC_ENCODER_GETTABLE_PARAMS 4
+# define OSSL_FUNC_ENCODER_SET_CTX_PARAMS 5
+# define OSSL_FUNC_ENCODER_SETTABLE_CTX_PARAMS 6
+# define OSSL_FUNC_ENCODER_DOES_SELECTION 10
+# define OSSL_FUNC_ENCODER_ENCODE 11
+# define OSSL_FUNC_ENCODER_IMPORT_OBJECT 20
+# define OSSL_FUNC_ENCODER_FREE_OBJECT 21
+OSSL_CORE_MAKE_FUNC(void *, encoder_newctx, (void *provctx))
+OSSL_CORE_MAKE_FUNC(void, encoder_freectx, (void *ctx))
+OSSL_CORE_MAKE_FUNC(int, encoder_get_params, (OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, encoder_gettable_params,
+ (void *provctx))
+OSSL_CORE_MAKE_FUNC(int, encoder_set_ctx_params,
(void *ctx, const OSSL_PARAM params[]))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, serializer_settable_ctx_params,
- (void))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, encoder_settable_ctx_params,
+ (void *provctx))
-OSSL_CORE_MAKE_FUNC(int, serializer_serialize_data,
- (void *ctx, const OSSL_PARAM[], OSSL_CORE_BIO *out,
- OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg))
-OSSL_CORE_MAKE_FUNC(int, serializer_serialize_object,
- (void *ctx, void *obj, OSSL_CORE_BIO *out,
+OSSL_CORE_MAKE_FUNC(int, encoder_does_selection,
+ (void *provctx, int selection))
+OSSL_CORE_MAKE_FUNC(int, encoder_encode,
+ (void *ctx, OSSL_CORE_BIO *out,
+ const void *obj_raw, const OSSL_PARAM obj_abstract[],
+ int selection,
OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg))
+OSSL_CORE_MAKE_FUNC(void *, encoder_import_object,
+ (void *ctx, int selection, const OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(void, encoder_free_object, (void *obj))
+
+# define OSSL_FUNC_DECODER_NEWCTX 1
+# define OSSL_FUNC_DECODER_FREECTX 2
+# define OSSL_FUNC_DECODER_GET_PARAMS 3
+# define OSSL_FUNC_DECODER_GETTABLE_PARAMS 4
+# define OSSL_FUNC_DECODER_SET_CTX_PARAMS 5
+# define OSSL_FUNC_DECODER_SETTABLE_CTX_PARAMS 6
+# define OSSL_FUNC_DECODER_DOES_SELECTION 10
+# define OSSL_FUNC_DECODER_DECODE 11
+# define OSSL_FUNC_DECODER_EXPORT_OBJECT 20
+OSSL_CORE_MAKE_FUNC(void *, decoder_newctx, (void *provctx))
+OSSL_CORE_MAKE_FUNC(void, decoder_freectx, (void *ctx))
+OSSL_CORE_MAKE_FUNC(int, decoder_get_params, (OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, decoder_gettable_params,
+ (void *provctx))
+OSSL_CORE_MAKE_FUNC(int, decoder_set_ctx_params,
+ (void *ctx, const OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, decoder_settable_ctx_params,
+ (void *provctx))
+
+OSSL_CORE_MAKE_FUNC(int, decoder_does_selection,
+ (void *provctx, int selection))
+OSSL_CORE_MAKE_FUNC(int, decoder_decode,
+ (void *ctx, OSSL_CORE_BIO *in, int selection,
+ OSSL_CALLBACK *data_cb, void *data_cbarg,
+ OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg))
+OSSL_CORE_MAKE_FUNC(int, decoder_export_object,
+ (void *ctx, const void *objref, size_t objref_sz,
+ OSSL_CALLBACK *export_cb, void *export_cbarg))
+
+/*-
+ * Store
+ *
+ * Objects are scanned by using the 'open', 'load', 'eof' and 'close'
+ * functions, which implement an OSSL_STORE loader.
+ *
+ * store_load() works in a way that's very similar to the decoders, in
+ * that they pass an abstract object through a callback, either as a DER
+ * octet string or as an object reference, which libcrypto will have to
+ * deal with.
+ */
+
+#define OSSL_FUNC_STORE_OPEN 1
+#define OSSL_FUNC_STORE_ATTACH 2
+#define OSSL_FUNC_STORE_SETTABLE_CTX_PARAMS 3
+#define OSSL_FUNC_STORE_SET_CTX_PARAMS 4
+#define OSSL_FUNC_STORE_LOAD 5
+#define OSSL_FUNC_STORE_EOF 6
+#define OSSL_FUNC_STORE_CLOSE 7
+#define OSSL_FUNC_STORE_EXPORT_OBJECT 8
+OSSL_CORE_MAKE_FUNC(void *, store_open, (void *provctx, const char *uri))
+OSSL_CORE_MAKE_FUNC(void *, store_attach, (void *provctx, OSSL_CORE_BIO *in))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, store_settable_ctx_params,
+ (void *provctx))
+OSSL_CORE_MAKE_FUNC(int, store_set_ctx_params,
+ (void *loaderctx, const OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(int, store_load,
+ (void *loaderctx,
+ OSSL_CALLBACK *object_cb, void *object_cbarg,
+ OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg))
+OSSL_CORE_MAKE_FUNC(int, store_eof, (void *loaderctx))
+OSSL_CORE_MAKE_FUNC(int, store_close, (void *loaderctx))
+OSSL_CORE_MAKE_FUNC(int, store_export_object,
+ (void *loaderctx, const void *objref, size_t objref_sz,
+ OSSL_CALLBACK *export_cb, void *export_cbarg))
+
# ifdef __cplusplus
}
# endif
diff --git a/openssl/include/openssl/core_names.h b/openssl/include/openssl/core_names.h
index 965e3154..3d5780e7 100644..100755
--- a/openssl/include/openssl/core_names.h
+++ b/openssl/include/openssl/core_names.h
@@ -1,5 +1,5 @@
/*
- * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -9,6 +9,7 @@
#ifndef OPENSSL_CORE_NAMES_H
# define OPENSSL_CORE_NAMES_H
+# pragma once
# ifdef __cplusplus
extern "C" {
@@ -23,12 +24,32 @@ extern "C" {
#define OSSL_PROV_PARAM_NAME "name" /* utf8_string */
#define OSSL_PROV_PARAM_VERSION "version" /* utf8_string */
#define OSSL_PROV_PARAM_BUILDINFO "buildinfo" /* utf8_string */
+#define OSSL_PROV_PARAM_STATUS "status" /* uint */
+#define OSSL_PROV_PARAM_SECURITY_CHECKS "security-checks" /* uint */
/* Self test callback parameters */
#define OSSL_PROV_PARAM_SELF_TEST_PHASE "st-phase" /* utf8_string */
#define OSSL_PROV_PARAM_SELF_TEST_TYPE "st-type" /* utf8_string */
#define OSSL_PROV_PARAM_SELF_TEST_DESC "st-desc" /* utf8_string */
+/*-
+ * Provider-native object abstractions
+ *
+ * These are used when a provider wants to pass object data or an object
+ * reference back to libcrypto. This is only useful for provider functions
+ * that take a callback to which an OSSL_PARAM array with these parameters
+ * can be passed.
+ *
+ * This set of parameter names is explained in detail in provider-object(7)
+ * (doc/man7/provider-object.pod)
+ */
+#define OSSL_OBJECT_PARAM_TYPE "type" /* INTEGER */
+#define OSSL_OBJECT_PARAM_DATA_TYPE "data-type" /* UTF8_STRING */
+#define OSSL_OBJECT_PARAM_DATA_STRUCTURE "data-structure" /* UTF8_STRING */
+#define OSSL_OBJECT_PARAM_REFERENCE "reference" /* OCTET_STRING */
+#define OSSL_OBJECT_PARAM_DATA "data" /* OCTET_STRING or UTF8_STRING */
+#define OSSL_OBJECT_PARAM_DESC "desc" /* UTF8_STRING */
+
/*
* Algorithm parameters
* If "engine" or "properties" are specified, they should always be paired
@@ -38,33 +59,44 @@ extern "C" {
*/
#define OSSL_ALG_PARAM_DIGEST "digest" /* utf8_string */
#define OSSL_ALG_PARAM_CIPHER "cipher" /* utf8_string */
+#define OSSL_ALG_PARAM_ENGINE "engine" /* utf8_string */
#define OSSL_ALG_PARAM_MAC "mac" /* utf8_string */
#define OSSL_ALG_PARAM_PROPERTIES "properties"/* utf8_string */
/* cipher parameters */
-#define OSSL_CIPHER_PARAM_PADDING "padding" /* uint */
-#define OSSL_CIPHER_PARAM_MODE "mode" /* uint */
-#define OSSL_CIPHER_PARAM_BLOCK_SIZE "blocksize" /* size_t */
-#define OSSL_CIPHER_PARAM_FLAGS "flags" /* ulong */
-#define OSSL_CIPHER_PARAM_KEYLEN "keylen" /* size_t */
-#define OSSL_CIPHER_PARAM_IVLEN "ivlen" /* size_t */
-#define OSSL_CIPHER_PARAM_IV "iv" /* octet_string OR octet_ptr */
-#define OSSL_CIPHER_PARAM_NUM "num" /* uint */
-#define OSSL_CIPHER_PARAM_ROUNDS "rounds" /* uint */
-#define OSSL_CIPHER_PARAM_AEAD_TAG "tag" /* octet_string */
-#define OSSL_CIPHER_PARAM_AEAD_TLS1_AAD "tlsaad" /* octet_string */
-#define OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD "tlsaadpad" /* size_t */
-#define OSSL_CIPHER_PARAM_AEAD_TLS1_IV_FIXED "tlsivfixed" /* octet_string */
-#define OSSL_CIPHER_PARAM_AEAD_TLS1_GET_IV_GEN "tlsivgen" /* octet_string */
-#define OSSL_CIPHER_PARAM_AEAD_TLS1_SET_IV_INV "tlsivinv" /* octet_string */
+#define OSSL_CIPHER_PARAM_PADDING "padding" /* uint */
+#define OSSL_CIPHER_PARAM_USE_BITS "use-bits" /* uint */
+#define OSSL_CIPHER_PARAM_TLS_VERSION "tls-version" /* uint */
+#define OSSL_CIPHER_PARAM_TLS_MAC "tls-mac" /* octet_ptr */
+#define OSSL_CIPHER_PARAM_TLS_MAC_SIZE "tls-mac-size" /* size_t */
+#define OSSL_CIPHER_PARAM_MODE "mode" /* uint */
+#define OSSL_CIPHER_PARAM_BLOCK_SIZE "blocksize" /* size_t */
+#define OSSL_CIPHER_PARAM_AEAD "aead" /* int, 0 or 1 */
+#define OSSL_CIPHER_PARAM_CUSTOM_IV "custom-iv" /* int, 0 or 1 */
+#define OSSL_CIPHER_PARAM_CTS "cts" /* int, 0 or 1 */
+#define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK "tls-multi" /* int, 0 or 1 */
+#define OSSL_CIPHER_PARAM_HAS_RAND_KEY "has-randkey" /* int, 0 or 1 */
+#define OSSL_CIPHER_PARAM_KEYLEN "keylen" /* size_t */
+#define OSSL_CIPHER_PARAM_IVLEN "ivlen" /* size_t */
+#define OSSL_CIPHER_PARAM_IV "iv" /* octet_string OR octet_ptr */
+#define OSSL_CIPHER_PARAM_UPDATED_IV "updated-iv" /* octet_string OR octet_ptr */
+#define OSSL_CIPHER_PARAM_NUM "num" /* uint */
+#define OSSL_CIPHER_PARAM_ROUNDS "rounds" /* uint */
+#define OSSL_CIPHER_PARAM_AEAD_TAG "tag" /* octet_string */
+#define OSSL_CIPHER_PARAM_AEAD_TLS1_AAD "tlsaad" /* octet_string */
+#define OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD "tlsaadpad" /* size_t */
+#define OSSL_CIPHER_PARAM_AEAD_TLS1_IV_FIXED "tlsivfixed" /* octet_string */
+#define OSSL_CIPHER_PARAM_AEAD_TLS1_GET_IV_GEN "tlsivgen" /* octet_string */
+#define OSSL_CIPHER_PARAM_AEAD_TLS1_SET_IV_INV "tlsivinv" /* octet_string */
#define OSSL_CIPHER_PARAM_AEAD_IVLEN OSSL_CIPHER_PARAM_IVLEN
-#define OSSL_CIPHER_PARAM_AEAD_TAGLEN "taglen" /* size_t */
-#define OSSL_CIPHER_PARAM_AEAD_MAC_KEY "mackey" /* octet_string */
-#define OSSL_CIPHER_PARAM_RANDOM_KEY "randkey" /* octet_string */
-#define OSSL_CIPHER_PARAM_RC2_KEYBITS "keybits" /* size_t */
-#define OSSL_CIPHER_PARAM_SPEED "speed" /* uint */
+#define OSSL_CIPHER_PARAM_AEAD_TAGLEN "taglen" /* size_t */
+#define OSSL_CIPHER_PARAM_AEAD_MAC_KEY "mackey" /* octet_string */
+#define OSSL_CIPHER_PARAM_RANDOM_KEY "randkey" /* octet_string */
+#define OSSL_CIPHER_PARAM_RC2_KEYBITS "keybits" /* size_t */
+#define OSSL_CIPHER_PARAM_SPEED "speed" /* uint */
+#define OSSL_CIPHER_PARAM_CTS_MODE "cts_mode" /* utf8_string */
/* For passing the AlgorithmIdentifier parameter in DER form */
-#define OSSL_CIPHER_PARAM_ALG_ID "alg_id_param" /* octet_string */
+#define OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS "alg_id_param" /* octet_string */
#define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_SEND_FRAGMENT \
"tls1multi_maxsndfrag" /* uint */
@@ -83,14 +115,20 @@ extern "C" {
#define OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_LEN \
"tls1multi_enclen" /* size_t */
+/* OSSL_CIPHER_PARAM_CTS_MODE Values */
+#define OSSL_CIPHER_CTS_MODE_CS1 "CS1"
+#define OSSL_CIPHER_CTS_MODE_CS2 "CS2"
+#define OSSL_CIPHER_CTS_MODE_CS3 "CS3"
+
/* digest parameters */
-#define OSSL_DIGEST_PARAM_XOFLEN "xoflen" /* size_t */
-#define OSSL_DIGEST_PARAM_SSL3_MS "ssl3-ms" /* octet string */
-#define OSSL_DIGEST_PARAM_PAD_TYPE "pad_type" /* uint */
-#define OSSL_DIGEST_PARAM_MICALG "micalg" /* utf8 string */
-#define OSSL_DIGEST_PARAM_BLOCK_SIZE "blocksize" /* size_t */
-#define OSSL_DIGEST_PARAM_SIZE "size" /* size_t */
-#define OSSL_DIGEST_PARAM_FLAGS "flags" /* ulong */
+#define OSSL_DIGEST_PARAM_XOFLEN "xoflen" /* size_t */
+#define OSSL_DIGEST_PARAM_SSL3_MS "ssl3-ms" /* octet string */
+#define OSSL_DIGEST_PARAM_PAD_TYPE "pad-type" /* uint */
+#define OSSL_DIGEST_PARAM_MICALG "micalg" /* utf8 string */
+#define OSSL_DIGEST_PARAM_BLOCK_SIZE "blocksize" /* size_t */
+#define OSSL_DIGEST_PARAM_SIZE "size" /* size_t */
+#define OSSL_DIGEST_PARAM_XOF "xof" /* int, 0 or 1 */
+#define OSSL_DIGEST_PARAM_ALGID_ABSENT "algid-absent" /* int, 0 or 1 */
/* Known DIGEST names (not a complete list) */
#define OSSL_DIGEST_NAME_MD5 "MD5"
@@ -112,22 +150,29 @@ extern "C" {
#define OSSL_DIGEST_NAME_SHA3_512 "SHA3-512"
#define OSSL_DIGEST_NAME_KECCAK_KMAC128 "KECCAK-KMAC-128"
#define OSSL_DIGEST_NAME_KECCAK_KMAC256 "KECCAK-KMAC-256"
+#define OSSL_DIGEST_NAME_SM3 "SM3"
/* MAC parameters */
-#define OSSL_MAC_PARAM_KEY "key" /* octet string */
-#define OSSL_MAC_PARAM_IV "iv" /* octet string */
-#define OSSL_MAC_PARAM_CUSTOM "custom" /* utf8 string */
-#define OSSL_MAC_PARAM_SALT "salt" /* octet string */
-#define OSSL_MAC_PARAM_XOF "xof" /* int, 0 or 1 */
-#define OSSL_MAC_PARAM_FLAGS "flags" /* int */
+#define OSSL_MAC_PARAM_KEY "key" /* octet string */
+#define OSSL_MAC_PARAM_IV "iv" /* octet string */
+#define OSSL_MAC_PARAM_CUSTOM "custom" /* utf8 string */
+#define OSSL_MAC_PARAM_SALT "salt" /* octet string */
+#define OSSL_MAC_PARAM_XOF "xof" /* int, 0 or 1 */
+#define OSSL_MAC_PARAM_DIGEST_NOINIT "digest-noinit" /* int, 0 or 1 */
+#define OSSL_MAC_PARAM_DIGEST_ONESHOT "digest-oneshot" /* int, 0 or 1 */
+#define OSSL_MAC_PARAM_C_ROUNDS "c-rounds" /* unsigned int */
+#define OSSL_MAC_PARAM_D_ROUNDS "d-rounds" /* unsigned int */
+
/*
* If "engine" or "properties" are specified, they should always be paired
* with "cipher" or "digest".
*/
-#define OSSL_MAC_PARAM_CIPHER OSSL_ALG_PARAM_CIPHER /* utf8 string */
-#define OSSL_MAC_PARAM_DIGEST OSSL_ALG_PARAM_DIGEST /* utf8 string */
-#define OSSL_MAC_PARAM_PROPERTIES OSSL_ALG_PARAM_PROPERTIES /* utf8 string */
-#define OSSL_MAC_PARAM_SIZE "size" /* size_t */
+#define OSSL_MAC_PARAM_CIPHER OSSL_ALG_PARAM_CIPHER /* utf8 string */
+#define OSSL_MAC_PARAM_DIGEST OSSL_ALG_PARAM_DIGEST /* utf8 string */
+#define OSSL_MAC_PARAM_PROPERTIES OSSL_ALG_PARAM_PROPERTIES /* utf8 string */
+#define OSSL_MAC_PARAM_SIZE "size" /* size_t */
+#define OSSL_MAC_PARAM_BLOCK_SIZE "block-size" /* size_t */
+#define OSSL_MAC_PARAM_TLS_DATA_SIZE "tls-data-size" /* size_t */
/* Known MAC names */
#define OSSL_MAC_NAME_BLAKE2BMAC "BLAKE2BMAC"
@@ -145,6 +190,9 @@ extern "C" {
#define OSSL_KDF_PARAM_KEY "key" /* octet string */
#define OSSL_KDF_PARAM_SALT "salt" /* octet string */
#define OSSL_KDF_PARAM_PASSWORD "pass" /* octet string */
+#define OSSL_KDF_PARAM_PREFIX "prefix" /* octet string */
+#define OSSL_KDF_PARAM_LABEL "label" /* octet string */
+#define OSSL_KDF_PARAM_DATA "data" /* octet string */
#define OSSL_KDF_PARAM_DIGEST OSSL_ALG_PARAM_DIGEST /* utf8 string */
#define OSSL_KDF_PARAM_CIPHER OSSL_ALG_PARAM_CIPHER /* utf8 string */
#define OSSL_KDF_PARAM_MAC OSSL_ALG_PARAM_MAC /* utf8 string */
@@ -165,38 +213,49 @@ extern "C" {
#define OSSL_KDF_PARAM_SSHKDF_SESSION_ID "session_id" /* octet string */
#define OSSL_KDF_PARAM_SSHKDF_TYPE "type" /* int */
#define OSSL_KDF_PARAM_SIZE "size" /* size_t */
-#define OSSL_KDF_PARAM_CIPHER OSSL_ALG_PARAM_CIPHER /* utf8 string */
#define OSSL_KDF_PARAM_CONSTANT "constant" /* octet string */
+#define OSSL_KDF_PARAM_PKCS12_ID "id" /* int */
+#define OSSL_KDF_PARAM_KBKDF_USE_L "use-l" /* int */
+#define OSSL_KDF_PARAM_KBKDF_USE_SEPARATOR "use-separator" /* int */
+#define OSSL_KDF_PARAM_X942_ACVPINFO "acvp-info"
+#define OSSL_KDF_PARAM_X942_PARTYUINFO "partyu-info"
+#define OSSL_KDF_PARAM_X942_PARTYVINFO "partyv-info"
+#define OSSL_KDF_PARAM_X942_SUPP_PUBINFO "supp-pubinfo"
+#define OSSL_KDF_PARAM_X942_SUPP_PRIVINFO "supp-privinfo"
+#define OSSL_KDF_PARAM_X942_USE_KEYBITS "use-keybits"
/* Known KDF names */
-#define OSSL_KDF_NAME_HKDF "HKDF"
-#define OSSL_KDF_NAME_PBKDF2 "PBKDF2"
-#define OSSL_KDF_NAME_SCRYPT "SCRYPT"
-#define OSSL_KDF_NAME_SSHKDF "SSHKDF"
-#define OSSL_KDF_NAME_SSKDF "SSKDF"
-#define OSSL_KDF_NAME_TLS1_PRF "TLS1-PRF"
-#define OSSL_KDF_NAME_X942KDF "X942KDF"
-#define OSSL_KDF_NAME_X963KDF "X963KDF"
-#define OSSL_KDF_NAME_KBKDF "KBKDF"
-#define OSSL_KDF_NAME_KRB5KDF "KRB5KDF"
+#define OSSL_KDF_NAME_HKDF "HKDF"
+#define OSSL_KDF_NAME_TLS1_3_KDF "TLS13-KDF"
+#define OSSL_KDF_NAME_PBKDF1 "PBKDF1"
+#define OSSL_KDF_NAME_PBKDF2 "PBKDF2"
+#define OSSL_KDF_NAME_SCRYPT "SCRYPT"
+#define OSSL_KDF_NAME_SSHKDF "SSHKDF"
+#define OSSL_KDF_NAME_SSKDF "SSKDF"
+#define OSSL_KDF_NAME_TLS1_PRF "TLS1-PRF"
+#define OSSL_KDF_NAME_X942KDF_ASN1 "X942KDF-ASN1"
+#define OSSL_KDF_NAME_X942KDF_CONCAT "X942KDF-CONCAT"
+#define OSSL_KDF_NAME_X963KDF "X963KDF"
+#define OSSL_KDF_NAME_KBKDF "KBKDF"
+#define OSSL_KDF_NAME_KRB5KDF "KRB5KDF"
/* Known RAND names */
#define OSSL_RAND_PARAM_STATE "state"
#define OSSL_RAND_PARAM_STRENGTH "strength"
+#define OSSL_RAND_PARAM_MAX_REQUEST "max_request"
#define OSSL_RAND_PARAM_TEST_ENTROPY "test_entropy"
#define OSSL_RAND_PARAM_TEST_NONCE "test_nonce"
/* RAND/DRBG names */
#define OSSL_DRBG_PARAM_RESEED_REQUESTS "reseed_requests"
#define OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL "reseed_time_interval"
-#define OSSL_DRBG_PARAM_MAX_REQUEST "max_request"
#define OSSL_DRBG_PARAM_MIN_ENTROPYLEN "min_entropylen"
#define OSSL_DRBG_PARAM_MAX_ENTROPYLEN "max_entropylen"
#define OSSL_DRBG_PARAM_MIN_NONCELEN "min_noncelen"
#define OSSL_DRBG_PARAM_MAX_NONCELEN "max_noncelen"
#define OSSL_DRBG_PARAM_MAX_PERSLEN "max_perslen"
#define OSSL_DRBG_PARAM_MAX_ADINLEN "max_adinlen"
-#define OSSL_DRBG_PARAM_RESEED_CTR "reseed_counter"
+#define OSSL_DRBG_PARAM_RESEED_COUNTER "reseed_counter"
#define OSSL_DRBG_PARAM_RESEED_TIME "reseed_time"
#define OSSL_DRBG_PARAM_PROPERTIES OSSL_ALG_PARAM_PROPERTIES
#define OSSL_DRBG_PARAM_DIGEST OSSL_ALG_PARAM_DIGEST
@@ -218,6 +277,8 @@ extern "C" {
#define OSSL_PKEY_PARAM_MAX_SIZE "max-size" /* integer */
#define OSSL_PKEY_PARAM_SECURITY_BITS "security-bits" /* integer */
#define OSSL_PKEY_PARAM_DIGEST OSSL_ALG_PARAM_DIGEST
+#define OSSL_PKEY_PARAM_CIPHER OSSL_ALG_PARAM_CIPHER /* utf8 string */
+#define OSSL_PKEY_PARAM_ENGINE OSSL_ALG_PARAM_ENGINE /* utf8 string */
#define OSSL_PKEY_PARAM_PROPERTIES OSSL_ALG_PARAM_PROPERTIES
#define OSSL_PKEY_PARAM_DEFAULT_DIGEST "default-digest" /* utf8 string */
#define OSSL_PKEY_PARAM_MANDATORY_DIGEST "mandatory-digest" /* utf8 string */
@@ -226,10 +287,9 @@ extern "C" {
#define OSSL_PKEY_PARAM_MASKGENFUNC "mgf"
#define OSSL_PKEY_PARAM_MGF1_DIGEST "mgf1-digest"
#define OSSL_PKEY_PARAM_MGF1_PROPERTIES "mgf1-properties"
-#define OSSL_PKEY_PARAM_TLS_ENCODED_PT "tls-encoded-pt"
+#define OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY "encoded-pub-key"
#define OSSL_PKEY_PARAM_GROUP_NAME "group"
-
-/* Diffie-Hellman/DSA public/private key */
+#define OSSL_PKEY_PARAM_DIST_ID "distid"
#define OSSL_PKEY_PARAM_PUB_KEY "pub"
#define OSSL_PKEY_PARAM_PRIV_KEY "priv"
@@ -242,12 +302,9 @@ extern "C" {
#define OSSL_PKEY_PARAM_FFC_SEED "seed"
#define OSSL_PKEY_PARAM_FFC_COFACTOR "j"
#define OSSL_PKEY_PARAM_FFC_H "hindex"
-#define OSSL_PKEY_PARAM_FFC_VALIDATE_TYPE "valid-type"
-
-/* Diffie-Hellman/DSA Parameters parameter validation types */
-#define OSSL_FFC_PARAM_VALIDATE_PQ "validate-pq"
-#define OSSL_FFC_PARAM_VALIDATE_G "validate-g"
-#define OSSL_FFC_PARAM_VALIDATE_PQG "validate-pqg"
+#define OSSL_PKEY_PARAM_FFC_VALIDATE_PQ "validate-pq"
+#define OSSL_PKEY_PARAM_FFC_VALIDATE_G "validate-g"
+#define OSSL_PKEY_PARAM_FFC_VALIDATE_LEGACY "validate-legacy"
/* Diffie-Hellman params */
#define OSSL_PKEY_PARAM_DH_GENERATOR "safeprime-generator"
@@ -257,6 +314,23 @@ extern "C" {
#define OSSL_PKEY_PARAM_EC_PUB_X "qx"
#define OSSL_PKEY_PARAM_EC_PUB_Y "qy"
+/* Elliptic Curve Explicit Domain Parameters */
+#define OSSL_PKEY_PARAM_EC_FIELD_TYPE "field-type"
+#define OSSL_PKEY_PARAM_EC_P "p"
+#define OSSL_PKEY_PARAM_EC_A "a"
+#define OSSL_PKEY_PARAM_EC_B "b"
+#define OSSL_PKEY_PARAM_EC_GENERATOR "generator"
+#define OSSL_PKEY_PARAM_EC_ORDER "order"
+#define OSSL_PKEY_PARAM_EC_COFACTOR "cofactor"
+#define OSSL_PKEY_PARAM_EC_SEED "seed"
+#define OSSL_PKEY_PARAM_EC_CHAR2_M "m"
+#define OSSL_PKEY_PARAM_EC_CHAR2_TYPE "basis-type"
+#define OSSL_PKEY_PARAM_EC_CHAR2_TP_BASIS "tp"
+#define OSSL_PKEY_PARAM_EC_CHAR2_PP_K1 "k1"
+#define OSSL_PKEY_PARAM_EC_CHAR2_PP_K2 "k2"
+#define OSSL_PKEY_PARAM_EC_CHAR2_PP_K3 "k3"
+#define OSSL_PKEY_PARAM_EC_DECODED_FROM_EXPLICIT_PARAMS "decoded-from-explicit"
+
/* Elliptic Curve Key Parameters */
#define OSSL_PKEY_PARAM_USE_COFACTOR_FLAG "use-cofactor-flag"
#define OSSL_PKEY_PARAM_USE_COFACTOR_ECDH \
@@ -315,7 +389,6 @@ extern "C" {
/* RSA padding modes */
#define OSSL_PKEY_RSA_PAD_MODE_NONE "none"
#define OSSL_PKEY_RSA_PAD_MODE_PKCSV15 "pkcs1"
-#define OSSL_PKEY_RSA_PAD_MODE_SSLV23 "sslv23"
#define OSSL_PKEY_RSA_PAD_MODE_OAEP "oaep"
#define OSSL_PKEY_RSA_PAD_MODE_X931 "x931"
#define OSSL_PKEY_RSA_PAD_MODE_PSS "pss"
@@ -326,12 +399,13 @@ extern "C" {
#define OSSL_PKEY_RSA_PSS_SALT_LEN_AUTO "auto"
/* Key generation parameters */
-#define OSSL_PKEY_PARAM_RSA_BITS OSSL_PKEY_PARAM_BITS
-#define OSSL_PKEY_PARAM_RSA_PRIMES "primes"
-#define OSSL_PKEY_PARAM_RSA_DIGEST OSSL_PKEY_PARAM_DIGEST
-#define OSSL_PKEY_PARAM_RSA_MASKGENFUNC OSSL_PKEY_PARAM_MASKGENFUNC
-#define OSSL_PKEY_PARAM_RSA_MGF1_DIGEST OSSL_PKEY_PARAM_MGF1_DIGEST
-#define OSSL_PKEY_PARAM_RSA_PSS_SALTLEN "saltlen"
+#define OSSL_PKEY_PARAM_RSA_BITS OSSL_PKEY_PARAM_BITS
+#define OSSL_PKEY_PARAM_RSA_PRIMES "primes"
+#define OSSL_PKEY_PARAM_RSA_DIGEST OSSL_PKEY_PARAM_DIGEST
+#define OSSL_PKEY_PARAM_RSA_DIGEST_PROPS OSSL_PKEY_PARAM_PROPERTIES
+#define OSSL_PKEY_PARAM_RSA_MASKGENFUNC OSSL_PKEY_PARAM_MASKGENFUNC
+#define OSSL_PKEY_PARAM_RSA_MGF1_DIGEST OSSL_PKEY_PARAM_MGF1_DIGEST
+#define OSSL_PKEY_PARAM_RSA_PSS_SALTLEN "saltlen"
/* Key generation parameters */
#define OSSL_PKEY_PARAM_FFC_TYPE "type"
@@ -340,6 +414,23 @@ extern "C" {
#define OSSL_PKEY_PARAM_FFC_DIGEST OSSL_PKEY_PARAM_DIGEST
#define OSSL_PKEY_PARAM_FFC_DIGEST_PROPS OSSL_PKEY_PARAM_PROPERTIES
+#define OSSL_PKEY_PARAM_EC_ENCODING "encoding" /* utf8_string */
+#define OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT "point-format"
+#define OSSL_PKEY_PARAM_EC_GROUP_CHECK_TYPE "group-check"
+#define OSSL_PKEY_PARAM_EC_INCLUDE_PUBLIC "include-public"
+
+/* OSSL_PKEY_PARAM_EC_ENCODING values */
+#define OSSL_PKEY_EC_ENCODING_EXPLICIT "explicit"
+#define OSSL_PKEY_EC_ENCODING_GROUP "named_curve"
+
+#define OSSL_PKEY_EC_POINT_CONVERSION_FORMAT_UNCOMPRESSED "uncompressed"
+#define OSSL_PKEY_EC_POINT_CONVERSION_FORMAT_COMPRESSED "compressed"
+#define OSSL_PKEY_EC_POINT_CONVERSION_FORMAT_HYBRID "hybrid"
+
+#define OSSL_PKEY_EC_GROUP_CHECK_DEFAULT "default"
+#define OSSL_PKEY_EC_GROUP_CHECK_NAMED "named"
+#define OSSL_PKEY_EC_GROUP_CHECK_NAMED_NIST "named-nist"
+
/* Key Exchange parameters */
#define OSSL_EXCHANGE_PARAM_PAD "pad" /* uint */
#define OSSL_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE "ecdh-cofactor-mode" /* int */
@@ -347,21 +438,8 @@ extern "C" {
#define OSSL_EXCHANGE_PARAM_KDF_DIGEST "kdf-digest" /* utf8_string */
#define OSSL_EXCHANGE_PARAM_KDF_DIGEST_PROPS "kdf-digest-props" /* utf8_string */
#define OSSL_EXCHANGE_PARAM_KDF_OUTLEN "kdf-outlen" /* size_t */
-
-/*
- * TODO(3.0): improve this pattern
- *
- * Currently the sole internal user of OSSL_EXCHANGE_PARAM_KDF_UKM is
- * EVP_PKEY_CTX_{set0,get0}_ecdh_kdf_ukm():
- * OSSL_EXCHANGE_PARAM_KDF_UKM is handled as a octet_string on set0,
- * and as an octet_ptr on get0.
- *
- * This pattern is borrowed from the handling of
- * OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL in
- * EVP_PKEY_CTX_{set0,get0}_rsa_oaep_label().
- */
-#define OSSL_EXCHANGE_PARAM_KDF_UKM "kdf-ukm" /* see note above */
-#define OSSL_EXCHANGE_PARAM_KDF_UKM_LEN "kdf-ukm-len" /* size_t */
+/* The following parameter is an octet_string on set and an octet_ptr on get */
+#define OSSL_EXCHANGE_PARAM_KDF_UKM "kdf-ukm"
/* Signature parameters */
#define OSSL_SIGNATURE_PARAM_ALGORITHM_ID "algorithm-id"
@@ -375,6 +453,9 @@ extern "C" {
#define OSSL_SIGNATURE_PARAM_DIGEST_SIZE OSSL_PKEY_PARAM_DIGEST_SIZE
/* Asym cipher parameters */
+#define OSSL_ASYM_CIPHER_PARAM_DIGEST OSSL_PKEY_PARAM_DIGEST
+#define OSSL_ASYM_CIPHER_PARAM_PROPERTIES OSSL_PKEY_PARAM_PROPERTIES
+#define OSSL_ASYM_CIPHER_PARAM_ENGINE OSSL_PKEY_PARAM_ENGINE
#define OSSL_ASYM_CIPHER_PARAM_PAD_MODE OSSL_PKEY_PARAM_PAD_MODE
#define OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST \
OSSL_PKEY_PARAM_MGF1_DIGEST
@@ -382,21 +463,24 @@ extern "C" {
OSSL_PKEY_PARAM_MGF1_PROPERTIES
#define OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST OSSL_ALG_PARAM_DIGEST
#define OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST_PROPS "digest-props"
+/* The following parameter is an octet_string on set and an octet_ptr on get */
#define OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL "oaep-label"
-#define OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL_LEN "oaep-label-len"
#define OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION "tls-client-version"
#define OSSL_ASYM_CIPHER_PARAM_TLS_NEGOTIATED_VERSION "tls-negotiated-version"
/*
- * Serializer parameters
+ * Encoder / decoder parameters
*/
-/* The passphrase may be passed as a utf8 string or an octet string */
-#define OSSL_SERIALIZER_PARAM_CIPHER OSSL_ALG_PARAM_CIPHER
-#define OSSL_SERIALIZER_PARAM_PROPERTIES OSSL_ALG_PARAM_PROPERTIES
-#define OSSL_SERIALIZER_PARAM_PASS "passphrase"
+#define OSSL_ENCODER_PARAM_CIPHER OSSL_ALG_PARAM_CIPHER
+#define OSSL_ENCODER_PARAM_PROPERTIES OSSL_ALG_PARAM_PROPERTIES
+/* Currently PVK only, but reusable for others as needed */
+#define OSSL_ENCODER_PARAM_ENCRYPT_LEVEL "encrypt-level"
+#define OSSL_ENCODER_PARAM_SAVE_PARAMETERS "save-parameters" /* integer */
+
+#define OSSL_DECODER_PARAM_PROPERTIES OSSL_ALG_PARAM_PROPERTIES
/* Passphrase callback parameters */
-#define OSSL_PASSPHRASE_PARAM_INFO "info"
+#define OSSL_PASSPHRASE_PARAM_INFO "info"
/* Keygen callback parameters, from provider to libcrypto */
#define OSSL_GEN_PARAM_POTENTIAL "potential" /* integer */
@@ -415,19 +499,56 @@ extern "C" {
#define OSSL_PKEY_PARAM_RSA_TEST_Q2 "q2"
#define OSSL_SIGNATURE_PARAM_KAT "kat"
+/* KEM parameters */
+#define OSSL_KEM_PARAM_OPERATION "operation"
+
+/* OSSL_KEM_PARAM_OPERATION values */
+#define OSSL_KEM_PARAM_OPERATION_RSASVE "RSASVE"
+
/* Capabilities */
-/* TLS-GROUP Capbility */
+/* TLS-GROUP Capability */
#define OSSL_CAPABILITY_TLS_GROUP_NAME "tls-group-name"
#define OSSL_CAPABILITY_TLS_GROUP_NAME_INTERNAL "tls-group-name-internal"
#define OSSL_CAPABILITY_TLS_GROUP_ID "tls-group-id"
#define OSSL_CAPABILITY_TLS_GROUP_ALG "tls-group-alg"
#define OSSL_CAPABILITY_TLS_GROUP_SECURITY_BITS "tls-group-sec-bits"
+#define OSSL_CAPABILITY_TLS_GROUP_IS_KEM "tls-group-is-kem"
#define OSSL_CAPABILITY_TLS_GROUP_MIN_TLS "tls-min-tls"
#define OSSL_CAPABILITY_TLS_GROUP_MAX_TLS "tls-max-tls"
#define OSSL_CAPABILITY_TLS_GROUP_MIN_DTLS "tls-min-dtls"
#define OSSL_CAPABILITY_TLS_GROUP_MAX_DTLS "tls-max-dtls"
+/*-
+ * storemgmt parameters
+ */
+
+/*
+ * Used by storemgmt_ctx_set_params():
+ *
+ * - OSSL_STORE_PARAM_EXPECT is an INTEGER, and the value is any of the
+ * OSSL_STORE_INFO numbers. This is used to set the expected type of
+ * object loaded.
+ *
+ * - OSSL_STORE_PARAM_SUBJECT, OSSL_STORE_PARAM_ISSUER,
+ * OSSL_STORE_PARAM_SERIAL, OSSL_STORE_PARAM_FINGERPRINT,
+ * OSSL_STORE_PARAM_DIGEST, OSSL_STORE_PARAM_ALIAS
+ * are used as search criteria.
+ * (OSSL_STORE_PARAM_DIGEST is used with OSSL_STORE_PARAM_FINGERPRINT)
+ */
+#define OSSL_STORE_PARAM_EXPECT "expect" /* INTEGER */
+#define OSSL_STORE_PARAM_SUBJECT "subject" /* DER blob => OCTET_STRING */
+#define OSSL_STORE_PARAM_ISSUER "name" /* DER blob => OCTET_STRING */
+#define OSSL_STORE_PARAM_SERIAL "serial" /* INTEGER */
+#define OSSL_STORE_PARAM_DIGEST "digest" /* UTF8_STRING */
+#define OSSL_STORE_PARAM_FINGERPRINT "fingerprint" /* OCTET_STRING */
+#define OSSL_STORE_PARAM_ALIAS "alias" /* UTF8_STRING */
+
+/* You may want to pass properties for the provider implementation to use */
+#define OSSL_STORE_PARAM_PROPERTIES "properties" /* utf8_string */
+/* OSSL_DECODER input type if a decoder is used by the store */
+#define OSSL_STORE_PARAM_INPUT_TYPE "input-type" /* UTF8_STRING */
+
# ifdef __cplusplus
}
# endif
diff --git a/openssl/include/openssl/core_object.h b/openssl/include/openssl/core_object.h
new file mode 100755
index 00000000..e2a647fa
--- /dev/null
+++ b/openssl/include/openssl/core_object.h
@@ -0,0 +1,41 @@
+/*
+ * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_CORE_OBJECT_H
+# define OPENSSL_CORE_OBJECT_H
+# pragma once
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+/*-
+ * Known object types
+ *
+ * These numbers are used as values for the OSSL_PARAM parameter
+ * OSSL_OBJECT_PARAM_TYPE.
+ *
+ * For most of these types, there's a corresponding libcrypto object type.
+ * The corresponding type is indicated with a comment after the number.
+ */
+# define OSSL_OBJECT_UNKNOWN 0
+# define OSSL_OBJECT_NAME 1 /* char * */
+# define OSSL_OBJECT_PKEY 2 /* EVP_PKEY * */
+# define OSSL_OBJECT_CERT 3 /* X509 * */
+# define OSSL_OBJECT_CRL 4 /* X509_CRL * */
+
+/*
+ * The rest of the associated OSSL_PARAM elements is described in core_names.h
+ */
+
+# ifdef __cplusplus
+}
+# endif
+
+#endif
diff --git a/openssl/include/openssl/crmf.h b/openssl/include/openssl/crmf.h
index 22afa5c5..b80e3e90 100644..100755
--- a/openssl/include/openssl/crmf.h
+++ b/openssl/include/openssl/crmf.h
@@ -1,5 +1,8 @@
/*-
- * Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * WARNING: do not edit!
+ * Generated by makefile from include\openssl\crmf.h.in
+ *
+ * Copyright 2007-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright Nokia 2007-2019
* Copyright Siemens AG 2015-2019
*
@@ -11,6 +14,8 @@
* CRMF (RFC 4211) implementation by M. Peylo, M. Viljanen, and D. von Oheimb.
*/
+
+
#ifndef OPENSSL_CRMF_H
# define OPENSSL_CRMF_H
@@ -43,7 +48,34 @@ typedef struct ossl_crmf_encryptedvalue_st OSSL_CRMF_ENCRYPTEDVALUE;
DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_ENCRYPTEDVALUE)
typedef struct ossl_crmf_msg_st OSSL_CRMF_MSG;
DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_MSG)
-DEFINE_OR_DECLARE_STACK_OF(OSSL_CRMF_MSG)
+DECLARE_ASN1_DUP_FUNCTION(OSSL_CRMF_MSG)
+SKM_DEFINE_STACK_OF_INTERNAL(OSSL_CRMF_MSG, OSSL_CRMF_MSG, OSSL_CRMF_MSG)
+#define sk_OSSL_CRMF_MSG_num(sk) OPENSSL_sk_num(ossl_check_const_OSSL_CRMF_MSG_sk_type(sk))
+#define sk_OSSL_CRMF_MSG_value(sk, idx) ((OSSL_CRMF_MSG *)OPENSSL_sk_value(ossl_check_const_OSSL_CRMF_MSG_sk_type(sk), (idx)))
+#define sk_OSSL_CRMF_MSG_new(cmp) ((STACK_OF(OSSL_CRMF_MSG) *)OPENSSL_sk_new(ossl_check_OSSL_CRMF_MSG_compfunc_type(cmp)))
+#define sk_OSSL_CRMF_MSG_new_null() ((STACK_OF(OSSL_CRMF_MSG) *)OPENSSL_sk_new_null())
+#define sk_OSSL_CRMF_MSG_new_reserve(cmp, n) ((STACK_OF(OSSL_CRMF_MSG) *)OPENSSL_sk_new_reserve(ossl_check_OSSL_CRMF_MSG_compfunc_type(cmp), (n)))
+#define sk_OSSL_CRMF_MSG_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OSSL_CRMF_MSG_sk_type(sk), (n))
+#define sk_OSSL_CRMF_MSG_free(sk) OPENSSL_sk_free(ossl_check_OSSL_CRMF_MSG_sk_type(sk))
+#define sk_OSSL_CRMF_MSG_zero(sk) OPENSSL_sk_zero(ossl_check_OSSL_CRMF_MSG_sk_type(sk))
+#define sk_OSSL_CRMF_MSG_delete(sk, i) ((OSSL_CRMF_MSG *)OPENSSL_sk_delete(ossl_check_OSSL_CRMF_MSG_sk_type(sk), (i)))
+#define sk_OSSL_CRMF_MSG_delete_ptr(sk, ptr) ((OSSL_CRMF_MSG *)OPENSSL_sk_delete_ptr(ossl_check_OSSL_CRMF_MSG_sk_type(sk), ossl_check_OSSL_CRMF_MSG_type(ptr)))
+#define sk_OSSL_CRMF_MSG_push(sk, ptr) OPENSSL_sk_push(ossl_check_OSSL_CRMF_MSG_sk_type(sk), ossl_check_OSSL_CRMF_MSG_type(ptr))
+#define sk_OSSL_CRMF_MSG_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OSSL_CRMF_MSG_sk_type(sk), ossl_check_OSSL_CRMF_MSG_type(ptr))
+#define sk_OSSL_CRMF_MSG_pop(sk) ((OSSL_CRMF_MSG *)OPENSSL_sk_pop(ossl_check_OSSL_CRMF_MSG_sk_type(sk)))
+#define sk_OSSL_CRMF_MSG_shift(sk) ((OSSL_CRMF_MSG *)OPENSSL_sk_shift(ossl_check_OSSL_CRMF_MSG_sk_type(sk)))
+#define sk_OSSL_CRMF_MSG_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OSSL_CRMF_MSG_sk_type(sk),ossl_check_OSSL_CRMF_MSG_freefunc_type(freefunc))
+#define sk_OSSL_CRMF_MSG_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OSSL_CRMF_MSG_sk_type(sk), ossl_check_OSSL_CRMF_MSG_type(ptr), (idx))
+#define sk_OSSL_CRMF_MSG_set(sk, idx, ptr) ((OSSL_CRMF_MSG *)OPENSSL_sk_set(ossl_check_OSSL_CRMF_MSG_sk_type(sk), (idx), ossl_check_OSSL_CRMF_MSG_type(ptr)))
+#define sk_OSSL_CRMF_MSG_find(sk, ptr) OPENSSL_sk_find(ossl_check_OSSL_CRMF_MSG_sk_type(sk), ossl_check_OSSL_CRMF_MSG_type(ptr))
+#define sk_OSSL_CRMF_MSG_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OSSL_CRMF_MSG_sk_type(sk), ossl_check_OSSL_CRMF_MSG_type(ptr))
+#define sk_OSSL_CRMF_MSG_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OSSL_CRMF_MSG_sk_type(sk), ossl_check_OSSL_CRMF_MSG_type(ptr), pnum)
+#define sk_OSSL_CRMF_MSG_sort(sk) OPENSSL_sk_sort(ossl_check_OSSL_CRMF_MSG_sk_type(sk))
+#define sk_OSSL_CRMF_MSG_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OSSL_CRMF_MSG_sk_type(sk))
+#define sk_OSSL_CRMF_MSG_dup(sk) ((STACK_OF(OSSL_CRMF_MSG) *)OPENSSL_sk_dup(ossl_check_const_OSSL_CRMF_MSG_sk_type(sk)))
+#define sk_OSSL_CRMF_MSG_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OSSL_CRMF_MSG) *)OPENSSL_sk_deep_copy(ossl_check_const_OSSL_CRMF_MSG_sk_type(sk), ossl_check_OSSL_CRMF_MSG_copyfunc_type(copyfunc), ossl_check_OSSL_CRMF_MSG_freefunc_type(freefunc)))
+#define sk_OSSL_CRMF_MSG_set_cmp_func(sk, cmp) ((sk_OSSL_CRMF_MSG_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OSSL_CRMF_MSG_sk_type(sk), ossl_check_OSSL_CRMF_MSG_compfunc_type(cmp)))
+
typedef struct ossl_crmf_attributetypeandvalue_st OSSL_CRMF_ATTRIBUTETYPEANDVALUE;
typedef struct ossl_crmf_pbmparameter_st OSSL_CRMF_PBMPARAMETER;
DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_PBMPARAMETER)
@@ -52,7 +84,33 @@ typedef struct ossl_crmf_certrequest_st OSSL_CRMF_CERTREQUEST;
typedef struct ossl_crmf_certid_st OSSL_CRMF_CERTID;
DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_CERTID)
DECLARE_ASN1_DUP_FUNCTION(OSSL_CRMF_CERTID)
-DEFINE_OR_DECLARE_STACK_OF(OSSL_CRMF_CERTID)
+SKM_DEFINE_STACK_OF_INTERNAL(OSSL_CRMF_CERTID, OSSL_CRMF_CERTID, OSSL_CRMF_CERTID)
+#define sk_OSSL_CRMF_CERTID_num(sk) OPENSSL_sk_num(ossl_check_const_OSSL_CRMF_CERTID_sk_type(sk))
+#define sk_OSSL_CRMF_CERTID_value(sk, idx) ((OSSL_CRMF_CERTID *)OPENSSL_sk_value(ossl_check_const_OSSL_CRMF_CERTID_sk_type(sk), (idx)))
+#define sk_OSSL_CRMF_CERTID_new(cmp) ((STACK_OF(OSSL_CRMF_CERTID) *)OPENSSL_sk_new(ossl_check_OSSL_CRMF_CERTID_compfunc_type(cmp)))
+#define sk_OSSL_CRMF_CERTID_new_null() ((STACK_OF(OSSL_CRMF_CERTID) *)OPENSSL_sk_new_null())
+#define sk_OSSL_CRMF_CERTID_new_reserve(cmp, n) ((STACK_OF(OSSL_CRMF_CERTID) *)OPENSSL_sk_new_reserve(ossl_check_OSSL_CRMF_CERTID_compfunc_type(cmp), (n)))
+#define sk_OSSL_CRMF_CERTID_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OSSL_CRMF_CERTID_sk_type(sk), (n))
+#define sk_OSSL_CRMF_CERTID_free(sk) OPENSSL_sk_free(ossl_check_OSSL_CRMF_CERTID_sk_type(sk))
+#define sk_OSSL_CRMF_CERTID_zero(sk) OPENSSL_sk_zero(ossl_check_OSSL_CRMF_CERTID_sk_type(sk))
+#define sk_OSSL_CRMF_CERTID_delete(sk, i) ((OSSL_CRMF_CERTID *)OPENSSL_sk_delete(ossl_check_OSSL_CRMF_CERTID_sk_type(sk), (i)))
+#define sk_OSSL_CRMF_CERTID_delete_ptr(sk, ptr) ((OSSL_CRMF_CERTID *)OPENSSL_sk_delete_ptr(ossl_check_OSSL_CRMF_CERTID_sk_type(sk), ossl_check_OSSL_CRMF_CERTID_type(ptr)))
+#define sk_OSSL_CRMF_CERTID_push(sk, ptr) OPENSSL_sk_push(ossl_check_OSSL_CRMF_CERTID_sk_type(sk), ossl_check_OSSL_CRMF_CERTID_type(ptr))
+#define sk_OSSL_CRMF_CERTID_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OSSL_CRMF_CERTID_sk_type(sk), ossl_check_OSSL_CRMF_CERTID_type(ptr))
+#define sk_OSSL_CRMF_CERTID_pop(sk) ((OSSL_CRMF_CERTID *)OPENSSL_sk_pop(ossl_check_OSSL_CRMF_CERTID_sk_type(sk)))
+#define sk_OSSL_CRMF_CERTID_shift(sk) ((OSSL_CRMF_CERTID *)OPENSSL_sk_shift(ossl_check_OSSL_CRMF_CERTID_sk_type(sk)))
+#define sk_OSSL_CRMF_CERTID_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OSSL_CRMF_CERTID_sk_type(sk),ossl_check_OSSL_CRMF_CERTID_freefunc_type(freefunc))
+#define sk_OSSL_CRMF_CERTID_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OSSL_CRMF_CERTID_sk_type(sk), ossl_check_OSSL_CRMF_CERTID_type(ptr), (idx))
+#define sk_OSSL_CRMF_CERTID_set(sk, idx, ptr) ((OSSL_CRMF_CERTID *)OPENSSL_sk_set(ossl_check_OSSL_CRMF_CERTID_sk_type(sk), (idx), ossl_check_OSSL_CRMF_CERTID_type(ptr)))
+#define sk_OSSL_CRMF_CERTID_find(sk, ptr) OPENSSL_sk_find(ossl_check_OSSL_CRMF_CERTID_sk_type(sk), ossl_check_OSSL_CRMF_CERTID_type(ptr))
+#define sk_OSSL_CRMF_CERTID_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OSSL_CRMF_CERTID_sk_type(sk), ossl_check_OSSL_CRMF_CERTID_type(ptr))
+#define sk_OSSL_CRMF_CERTID_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OSSL_CRMF_CERTID_sk_type(sk), ossl_check_OSSL_CRMF_CERTID_type(ptr), pnum)
+#define sk_OSSL_CRMF_CERTID_sort(sk) OPENSSL_sk_sort(ossl_check_OSSL_CRMF_CERTID_sk_type(sk))
+#define sk_OSSL_CRMF_CERTID_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OSSL_CRMF_CERTID_sk_type(sk))
+#define sk_OSSL_CRMF_CERTID_dup(sk) ((STACK_OF(OSSL_CRMF_CERTID) *)OPENSSL_sk_dup(ossl_check_const_OSSL_CRMF_CERTID_sk_type(sk)))
+#define sk_OSSL_CRMF_CERTID_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OSSL_CRMF_CERTID) *)OPENSSL_sk_deep_copy(ossl_check_const_OSSL_CRMF_CERTID_sk_type(sk), ossl_check_OSSL_CRMF_CERTID_copyfunc_type(copyfunc), ossl_check_OSSL_CRMF_CERTID_freefunc_type(freefunc)))
+#define sk_OSSL_CRMF_CERTID_set_cmp_func(sk, cmp) ((sk_OSSL_CRMF_CERTID_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OSSL_CRMF_CERTID_sk_type(sk), ossl_check_OSSL_CRMF_CERTID_compfunc_type(cmp)))
+
typedef struct ossl_crmf_pkipublicationinfo_st OSSL_CRMF_PKIPUBLICATIONINFO;
DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_PKIPUBLICATIONINFO)
@@ -66,9 +124,11 @@ DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_MSGS)
typedef struct ossl_crmf_optionalvalidity_st OSSL_CRMF_OPTIONALVALIDITY;
/* crmf_pbm.c */
-OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(size_t slen, int owfnid,
- int itercnt, int macnid);
-int OSSL_CRMF_pbm_new(const OSSL_CRMF_PBMPARAMETER *pbmp,
+OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(OSSL_LIB_CTX *libctx, size_t slen,
+ int owfnid, size_t itercnt,
+ int macnid);
+int OSSL_CRMF_pbm_new(OSSL_LIB_CTX *libctx, const char *propq,
+ const OSSL_CRMF_PBMPARAMETER *pbmp,
const unsigned char *msg, size_t msglen,
const unsigned char *sec, size_t seclen,
unsigned char **mac, size_t *maclen);
@@ -76,8 +136,12 @@ int OSSL_CRMF_pbm_new(const OSSL_CRMF_PBMPARAMETER *pbmp,
/* crmf_lib.c */
int OSSL_CRMF_MSG_set1_regCtrl_regToken(OSSL_CRMF_MSG *msg,
const ASN1_UTF8STRING *tok);
+ASN1_UTF8STRING
+*OSSL_CRMF_MSG_get0_regCtrl_regToken(const OSSL_CRMF_MSG *msg);
int OSSL_CRMF_MSG_set1_regCtrl_authenticator(OSSL_CRMF_MSG *msg,
const ASN1_UTF8STRING *auth);
+ASN1_UTF8STRING
+*OSSL_CRMF_MSG_get0_regCtrl_authenticator(const OSSL_CRMF_MSG *msg);
int
OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo(OSSL_CRMF_PKIPUBLICATIONINFO *pi,
OSSL_CRMF_SINGLEPUBINFO *spi);
@@ -93,17 +157,27 @@ int OSSL_CRMF_MSG_set_PKIPublicationInfo_action(OSSL_CRMF_PKIPUBLICATIONINFO *pi
int action);
int OSSL_CRMF_MSG_set1_regCtrl_pkiPublicationInfo(OSSL_CRMF_MSG *msg,
const OSSL_CRMF_PKIPUBLICATIONINFO *pi);
+OSSL_CRMF_PKIPUBLICATIONINFO
+*OSSL_CRMF_MSG_get0_regCtrl_pkiPublicationInfo(const OSSL_CRMF_MSG *msg);
int OSSL_CRMF_MSG_set1_regCtrl_protocolEncrKey(OSSL_CRMF_MSG *msg,
const X509_PUBKEY *pubkey);
+X509_PUBKEY
+*OSSL_CRMF_MSG_get0_regCtrl_protocolEncrKey(const OSSL_CRMF_MSG *msg);
int OSSL_CRMF_MSG_set1_regCtrl_oldCertID(OSSL_CRMF_MSG *msg,
const OSSL_CRMF_CERTID *cid);
+OSSL_CRMF_CERTID
+*OSSL_CRMF_MSG_get0_regCtrl_oldCertID(const OSSL_CRMF_MSG *msg);
OSSL_CRMF_CERTID *OSSL_CRMF_CERTID_gen(const X509_NAME *issuer,
const ASN1_INTEGER *serial);
int OSSL_CRMF_MSG_set1_regInfo_utf8Pairs(OSSL_CRMF_MSG *msg,
const ASN1_UTF8STRING *utf8pairs);
+ASN1_UTF8STRING
+*OSSL_CRMF_MSG_get0_regInfo_utf8Pairs(const OSSL_CRMF_MSG *msg);
int OSSL_CRMF_MSG_set1_regInfo_certReq(OSSL_CRMF_MSG *msg,
const OSSL_CRMF_CERTREQUEST *cr);
+OSSL_CRMF_CERTREQUEST
+*OSSL_CRMF_MSG_get0_regInfo_certReq(const OSSL_CRMF_MSG *msg);
int OSSL_CRMF_MSG_set0_validity(OSSL_CRMF_MSG *crm,
ASN1_TIME *notBefore, ASN1_TIME *notAfter);
@@ -117,18 +191,25 @@ int OSSL_CRMF_MSG_push0_extension(OSSL_CRMF_MSG *crm, X509_EXTENSION *ext);
# define OSSL_CRMF_POPO_SIGNATURE 1
# define OSSL_CRMF_POPO_KEYENC 2
# define OSSL_CRMF_POPO_KEYAGREE 3
-int OSSL_CRMF_MSG_create_popo(OSSL_CRMF_MSG *crm, EVP_PKEY *pkey,
- int dgst, int ppmtd);
+int OSSL_CRMF_MSG_create_popo(int meth, OSSL_CRMF_MSG *crm,
+ EVP_PKEY *pkey, const EVP_MD *digest,
+ OSSL_LIB_CTX *libctx, const char *propq);
int OSSL_CRMF_MSGS_verify_popo(const OSSL_CRMF_MSGS *reqs,
- int rid, int acceptRAVerified);
+ int rid, int acceptRAVerified,
+ OSSL_LIB_CTX *libctx, const char *propq);
OSSL_CRMF_CERTTEMPLATE *OSSL_CRMF_MSG_get0_tmpl(const OSSL_CRMF_MSG *crm);
-ASN1_INTEGER
+const ASN1_INTEGER
*OSSL_CRMF_CERTTEMPLATE_get0_serialNumber(const OSSL_CRMF_CERTTEMPLATE *tmpl);
const X509_NAME
+*OSSL_CRMF_CERTTEMPLATE_get0_subject(const OSSL_CRMF_CERTTEMPLATE *tmpl);
+const X509_NAME
*OSSL_CRMF_CERTTEMPLATE_get0_issuer(const OSSL_CRMF_CERTTEMPLATE *tmpl);
+X509_EXTENSIONS
+*OSSL_CRMF_CERTTEMPLATE_get0_extensions(const OSSL_CRMF_CERTTEMPLATE *tmpl);
const X509_NAME
*OSSL_CRMF_CERTID_get0_issuer(const OSSL_CRMF_CERTID *cid);
-ASN1_INTEGER *OSSL_CRMF_CERTID_get0_serialNumber(const OSSL_CRMF_CERTID *cid);
+const ASN1_INTEGER
+*OSSL_CRMF_CERTID_get0_serialNumber(const OSSL_CRMF_CERTID *cid);
int OSSL_CRMF_CERTTEMPLATE_fill(OSSL_CRMF_CERTTEMPLATE *tmpl,
EVP_PKEY *pubkey,
const X509_NAME *subject,
@@ -136,6 +217,7 @@ int OSSL_CRMF_CERTTEMPLATE_fill(OSSL_CRMF_CERTTEMPLATE *tmpl,
const ASN1_INTEGER *serial);
X509
*OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert(const OSSL_CRMF_ENCRYPTEDVALUE *ecert,
+ OSSL_LIB_CTX *libctx, const char *propq,
EVP_PKEY *pkey);
# ifdef __cplusplus
diff --git a/openssl/include/openssl/crmferr.h b/openssl/include/openssl/crmferr.h
index 1d198ec6..8a1b9888 100644..100755
--- a/openssl/include/openssl/crmferr.h
+++ b/openssl/include/openssl/crmferr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -10,44 +10,15 @@
#ifndef OPENSSL_CRMFERR_H
# define OPENSSL_CRMFERR_H
+# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
+# include <openssl/cryptoerr_legacy.h>
-# include <openssl/opensslconf.h>
-
# ifndef OPENSSL_NO_CRMF
-# ifdef __cplusplus
-extern "C"
-# endif
-int ERR_load_CRMF_strings(void);
-
-/*
- * CRMF function codes.
- */
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define CRMF_F_CRMF_POPOSIGNINGKEY_INIT 0
-# define CRMF_F_OSSL_CRMF_CERTID_GEN 0
-# define CRMF_F_OSSL_CRMF_CERTTEMPLATE_FILL 0
-# define CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT 0
-# define CRMF_F_OSSL_CRMF_MSGS_VERIFY_POPO 0
-# define CRMF_F_OSSL_CRMF_MSG_CREATE_POPO 0
-# define CRMF_F_OSSL_CRMF_MSG_GET0_TMPL 0
-# define CRMF_F_OSSL_CRMF_MSG_GET_CERTREQID 0
-# define CRMF_F_OSSL_CRMF_MSG_PKIPUBLICATIONINFO_PUSH0_SINGLEPUBINFO 0
-# define CRMF_F_OSSL_CRMF_MSG_PUSH0_EXTENSION 0
-# define CRMF_F_OSSL_CRMF_MSG_PUSH0_REGCTRL 0
-# define CRMF_F_OSSL_CRMF_MSG_PUSH0_REGINFO 0
-# define CRMF_F_OSSL_CRMF_MSG_SET0_EXTENSIONS 0
-# define CRMF_F_OSSL_CRMF_MSG_SET0_SINGLEPUBINFO 0
-# define CRMF_F_OSSL_CRMF_MSG_SET_CERTREQID 0
-# define CRMF_F_OSSL_CRMF_MSG_SET_PKIPUBLICATIONINFO_ACTION 0
-# define CRMF_F_OSSL_CRMF_MSG_SET0_VALIDITY 0
-# define CRMF_F_OSSL_CRMF_PBMP_NEW 0
-# define CRMF_F_OSSL_CRMF_PBM_NEW 0
-# endif
/*
* CRMF reason codes.
@@ -62,6 +33,7 @@ int ERR_load_CRMF_strings(void);
# define CRMF_R_ITERATIONCOUNT_BELOW_100 108
# define CRMF_R_MALFORMED_IV 101
# define CRMF_R_NULL_ARGUMENT 109
+# define CRMF_R_POPOSKINPUT_NOT_SUPPORTED 113
# define CRMF_R_POPO_INCONSISTENT_PUBLIC_KEY 117
# define CRMF_R_POPO_MISSING 121
# define CRMF_R_POPO_MISSING_PUBLIC_KEY 118
@@ -70,7 +42,6 @@ int ERR_load_CRMF_strings(void);
# define CRMF_R_SETTING_MAC_ALGOR_FAILURE 110
# define CRMF_R_SETTING_OWF_ALGOR_FAILURE 111
# define CRMF_R_UNSUPPORTED_ALGORITHM 112
-# define CRMF_R_UNSUPPORTED_ALG_FOR_POPSIGNINGKEY 113
# define CRMF_R_UNSUPPORTED_CIPHER 114
# define CRMF_R_UNSUPPORTED_METHOD_FOR_CREATING_POPO 115
# define CRMF_R_UNSUPPORTED_POPO_METHOD 116
diff --git a/openssl/include/openssl/crypto.h b/openssl/include/openssl/crypto.h
index 96781f46..9e8144eb 100644..100755
--- a/openssl/include/openssl/crypto.h
+++ b/openssl/include/openssl/crypto.h
@@ -1,5 +1,8 @@
/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * WARNING: do not edit!
+ * Generated by makefile from include\openssl\crypto.h.in
+ *
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
@@ -8,6 +11,8 @@
* https://www.openssl.org/source/license.html
*/
+
+
#ifndef OPENSSL_CRYPTO_H
# define OPENSSL_CRYPTO_H
# pragma once
@@ -31,6 +36,7 @@
# include <openssl/types.h>
# include <openssl/opensslconf.h>
# include <openssl/cryptoerr.h>
+# include <openssl/core.h>
# ifdef CHARSET_EBCDIC
# include <openssl/ebcdic.h>
@@ -73,12 +79,15 @@ typedef struct {
typedef void CRYPTO_RWLOCK;
CRYPTO_RWLOCK *CRYPTO_THREAD_lock_new(void);
-int CRYPTO_THREAD_read_lock(CRYPTO_RWLOCK *lock);
-int CRYPTO_THREAD_write_lock(CRYPTO_RWLOCK *lock);
+__owur int CRYPTO_THREAD_read_lock(CRYPTO_RWLOCK *lock);
+__owur int CRYPTO_THREAD_write_lock(CRYPTO_RWLOCK *lock);
int CRYPTO_THREAD_unlock(CRYPTO_RWLOCK *lock);
void CRYPTO_THREAD_lock_free(CRYPTO_RWLOCK *lock);
int CRYPTO_atomic_add(int *val, int amount, int *ret, CRYPTO_RWLOCK *lock);
+int CRYPTO_atomic_or(uint64_t *val, uint64_t op, uint64_t *ret,
+ CRYPTO_RWLOCK *lock);
+int CRYPTO_atomic_load(uint64_t *val, uint64_t *ret, CRYPTO_RWLOCK *lock);
/* No longer needed, so this is a no-op */
#define OPENSSL_malloc_init() while(0) continue
@@ -116,10 +125,11 @@ size_t OPENSSL_strlcpy(char *dst, const char *src, size_t siz);
size_t OPENSSL_strlcat(char *dst, const char *src, size_t siz);
size_t OPENSSL_strnlen(const char *str, size_t maxlen);
int OPENSSL_buf2hexstr_ex(char *str, size_t str_n, size_t *strlen,
- const unsigned char *buf, size_t buflen);
+ const unsigned char *buf, size_t buflen,
+ const char sep);
char *OPENSSL_buf2hexstr(const unsigned char *buf, long buflen);
int OPENSSL_hexstr2buf_ex(unsigned char *buf, size_t buf_n, size_t *buflen,
- const char *str);
+ const char *str, const char sep);
unsigned char *OPENSSL_hexstr2buf(const char *str, long *buflen);
int OPENSSL_hexchar2int(unsigned char c);
@@ -166,11 +176,38 @@ const char *OPENSSL_info(int type);
int OPENSSL_issetugid(void);
struct crypto_ex_data_st {
- OPENSSL_CTX *ctx;
+ OSSL_LIB_CTX *ctx;
STACK_OF(void) *sk;
};
-DEFINE_OR_DECLARE_STACK_OF(void)
+SKM_DEFINE_STACK_OF_INTERNAL(void, void, void)
+#define sk_void_num(sk) OPENSSL_sk_num(ossl_check_const_void_sk_type(sk))
+#define sk_void_value(sk, idx) ((void *)OPENSSL_sk_value(ossl_check_const_void_sk_type(sk), (idx)))
+#define sk_void_new(cmp) ((STACK_OF(void) *)OPENSSL_sk_new(ossl_check_void_compfunc_type(cmp)))
+#define sk_void_new_null() ((STACK_OF(void) *)OPENSSL_sk_new_null())
+#define sk_void_new_reserve(cmp, n) ((STACK_OF(void) *)OPENSSL_sk_new_reserve(ossl_check_void_compfunc_type(cmp), (n)))
+#define sk_void_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_void_sk_type(sk), (n))
+#define sk_void_free(sk) OPENSSL_sk_free(ossl_check_void_sk_type(sk))
+#define sk_void_zero(sk) OPENSSL_sk_zero(ossl_check_void_sk_type(sk))
+#define sk_void_delete(sk, i) ((void *)OPENSSL_sk_delete(ossl_check_void_sk_type(sk), (i)))
+#define sk_void_delete_ptr(sk, ptr) ((void *)OPENSSL_sk_delete_ptr(ossl_check_void_sk_type(sk), ossl_check_void_type(ptr)))
+#define sk_void_push(sk, ptr) OPENSSL_sk_push(ossl_check_void_sk_type(sk), ossl_check_void_type(ptr))
+#define sk_void_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_void_sk_type(sk), ossl_check_void_type(ptr))
+#define sk_void_pop(sk) ((void *)OPENSSL_sk_pop(ossl_check_void_sk_type(sk)))
+#define sk_void_shift(sk) ((void *)OPENSSL_sk_shift(ossl_check_void_sk_type(sk)))
+#define sk_void_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_void_sk_type(sk),ossl_check_void_freefunc_type(freefunc))
+#define sk_void_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_void_sk_type(sk), ossl_check_void_type(ptr), (idx))
+#define sk_void_set(sk, idx, ptr) ((void *)OPENSSL_sk_set(ossl_check_void_sk_type(sk), (idx), ossl_check_void_type(ptr)))
+#define sk_void_find(sk, ptr) OPENSSL_sk_find(ossl_check_void_sk_type(sk), ossl_check_void_type(ptr))
+#define sk_void_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_void_sk_type(sk), ossl_check_void_type(ptr))
+#define sk_void_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_void_sk_type(sk), ossl_check_void_type(ptr), pnum)
+#define sk_void_sort(sk) OPENSSL_sk_sort(ossl_check_void_sk_type(sk))
+#define sk_void_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_void_sk_type(sk))
+#define sk_void_dup(sk) ((STACK_OF(void) *)OPENSSL_sk_dup(ossl_check_const_void_sk_type(sk)))
+#define sk_void_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(void) *)OPENSSL_sk_deep_copy(ossl_check_const_void_sk_type(sk), ossl_check_void_copyfunc_type(copyfunc), ossl_check_void_freefunc_type(freefunc)))
+#define sk_void_set_cmp_func(sk, cmp) ((sk_void_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_void_sk_type(sk), ossl_check_void_compfunc_type(cmp)))
+
+
/*
* Per class, we have a STACK of function pointers.
@@ -192,7 +229,7 @@ DEFINE_OR_DECLARE_STACK_OF(void)
# define CRYPTO_EX_INDEX_UI_METHOD 14
# define CRYPTO_EX_INDEX_RAND_DRBG 15
# define CRYPTO_EX_INDEX_DRBG CRYPTO_EX_INDEX_RAND_DRBG
-# define CRYPTO_EX_INDEX_OPENSSL_CTX 16
+# define CRYPTO_EX_INDEX_OSSL_LIB_CTX 16
# define CRYPTO_EX_INDEX_EVP_PKEY 17
# define CRYPTO_EX_INDEX__COUNT 18
@@ -344,27 +381,32 @@ void CRYPTO_get_alloc_counts(int *mcount, int *rcount, int *fcount);
# define OPENSSL_mem_debug_pop() \
CRYPTO_mem_debug_pop()
# endif
-DEPRECATEDIN_3_0(int CRYPTO_set_mem_debug(int flag))
-DEPRECATEDIN_3_0(int CRYPTO_mem_ctrl(int mode))
-DEPRECATEDIN_3_0(int CRYPTO_mem_debug_push(const char *info,
- const char *file, int line))
-DEPRECATEDIN_3_0(int CRYPTO_mem_debug_pop(void))
-
-DEPRECATEDIN_3_0(void CRYPTO_mem_debug_malloc(void *addr, size_t num,
- int flag,
- const char *file, int line))
-DEPRECATEDIN_3_0(void CRYPTO_mem_debug_realloc(void *addr1, void *addr2,
- size_t num, int flag,
- const char *file, int line))
-DEPRECATEDIN_3_0(void CRYPTO_mem_debug_free(void *addr, int flag,
- const char *file, int line))
-
-DEPRECATEDIN_3_0(int CRYPTO_mem_leaks_cb(
- int (*cb)(const char *str, size_t len, void *u), void *u))
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int CRYPTO_set_mem_debug(int flag);
+OSSL_DEPRECATEDIN_3_0 int CRYPTO_mem_ctrl(int mode);
+OSSL_DEPRECATEDIN_3_0 int CRYPTO_mem_debug_push(const char *info,
+ const char *file, int line);
+OSSL_DEPRECATEDIN_3_0 int CRYPTO_mem_debug_pop(void);
+OSSL_DEPRECATEDIN_3_0 void CRYPTO_mem_debug_malloc(void *addr, size_t num,
+ int flag,
+ const char *file, int line);
+OSSL_DEPRECATEDIN_3_0 void CRYPTO_mem_debug_realloc(void *addr1, void *addr2,
+ size_t num, int flag,
+ const char *file, int line);
+OSSL_DEPRECATEDIN_3_0 void CRYPTO_mem_debug_free(void *addr, int flag,
+ const char *file, int line);
+OSSL_DEPRECATEDIN_3_0
+int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+ void *u);
+# endif
# ifndef OPENSSL_NO_STDIO
-DEPRECATEDIN_3_0(int CRYPTO_mem_leaks_fp(FILE *))
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int CRYPTO_mem_leaks_fp(FILE *);
# endif
-DEPRECATEDIN_3_0(int CRYPTO_mem_leaks(BIO *bio))
+# endif
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int CRYPTO_mem_leaks(BIO *bio);
+# endif
# endif /* OPENSSL_NO_CRYPTO_MDEBUG */
/* die if we have to */
@@ -379,9 +421,11 @@ int OPENSSL_isservice(void);
void OPENSSL_init(void);
# ifdef OPENSSL_SYS_UNIX
-void OPENSSL_fork_prepare(void);
-void OPENSSL_fork_parent(void);
-void OPENSSL_fork_child(void);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 void OPENSSL_fork_prepare(void);
+OSSL_DEPRECATEDIN_3_0 void OPENSSL_fork_parent(void);
+OSSL_DEPRECATEDIN_3_0 void OPENSSL_fork_child(void);
+# endif
# endif
struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result);
@@ -415,7 +459,7 @@ int CRYPTO_memcmp(const void * in_a, const void * in_b, size_t len);
# define OPENSSL_INIT_ENGINE_CAPI 0x00002000L
# define OPENSSL_INIT_ENGINE_PADLOCK 0x00004000L
# define OPENSSL_INIT_ENGINE_AFALG 0x00008000L
-/* OPENSSL_INIT_ZLIB 0x00010000L */
+/* FREE: 0x00010000L */
# define OPENSSL_INIT_ATFORK 0x00020000L
/* OPENSSL_INIT_BASE_ONLY 0x00040000L */
# define OPENSSL_INIT_NO_ATEXIT 0x00080000L
@@ -434,13 +478,12 @@ int CRYPTO_memcmp(const void * in_a, const void * in_b, size_t len);
| OPENSSL_INIT_ENGINE_CRYPTODEV | OPENSSL_INIT_ENGINE_CAPI | \
OPENSSL_INIT_ENGINE_PADLOCK)
-
/* Library initialisation functions */
void OPENSSL_cleanup(void);
int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings);
int OPENSSL_atexit(void (*handler)(void));
void OPENSSL_thread_stop(void);
-void OPENSSL_thread_stop_ex(OPENSSL_CTX *ctx);
+void OPENSSL_thread_stop_ex(OSSL_LIB_CTX *ctx);
/* Low-level control of initialization */
OPENSSL_INIT_SETTINGS *OPENSSL_INIT_new(void);
@@ -465,7 +508,13 @@ typedef LONG CRYPTO_ONCE;
# define CRYPTO_ONCE_STATIC_INIT 0
# endif
# else
-# include <pthread.h>
+# if defined(__TANDEM) && defined(_SPT_MODEL_)
+# define SPT_THREAD_SIGNAL 1
+# define SPT_THREAD_AWARE 1
+# include <spthread.h>
+# else
+# include <pthread.h>
+# endif
typedef pthread_once_t CRYPTO_ONCE;
typedef pthread_key_t CRYPTO_THREAD_LOCAL;
typedef pthread_t CRYPTO_THREAD_ID;
@@ -491,9 +540,15 @@ int CRYPTO_THREAD_cleanup_local(CRYPTO_THREAD_LOCAL *key);
CRYPTO_THREAD_ID CRYPTO_THREAD_get_current_id(void);
int CRYPTO_THREAD_compare_id(CRYPTO_THREAD_ID a, CRYPTO_THREAD_ID b);
-OPENSSL_CTX *OPENSSL_CTX_new(void);
-int OPENSSL_CTX_load_config(OPENSSL_CTX *ctx, const char *config_file);
-void OPENSSL_CTX_free(OPENSSL_CTX *);
+OSSL_LIB_CTX *OSSL_LIB_CTX_new(void);
+OSSL_LIB_CTX *OSSL_LIB_CTX_new_from_dispatch(const OSSL_CORE_HANDLE *handle,
+ const OSSL_DISPATCH *in);
+OSSL_LIB_CTX *OSSL_LIB_CTX_new_child(const OSSL_CORE_HANDLE *handle,
+ const OSSL_DISPATCH *in);
+int OSSL_LIB_CTX_load_config(OSSL_LIB_CTX *ctx, const char *config_file);
+void OSSL_LIB_CTX_free(OSSL_LIB_CTX *);
+OSSL_LIB_CTX *OSSL_LIB_CTX_get0_global_default(void);
+OSSL_LIB_CTX *OSSL_LIB_CTX_set0_default(OSSL_LIB_CTX *libctx);
# ifdef __cplusplus
}
diff --git a/openssl/include/openssl/cryptoerr.h b/openssl/include/openssl/cryptoerr.h
index c44dcb12..d7ff0abd 100644..100755
--- a/openssl/include/openssl/cryptoerr.h
+++ b/openssl/include/openssl/cryptoerr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -14,73 +14,16 @@
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
+# include <openssl/cryptoerr_legacy.h>
-# ifdef __cplusplus
-extern "C"
-# endif
-int ERR_load_CRYPTO_strings(void);
-
-/*
- * CRYPTO function codes.
- */
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define CRYPTO_F_CMAC_CTX_NEW 0
-# define CRYPTO_F_CRYPTO_DUP_EX_DATA 0
-# define CRYPTO_F_CRYPTO_FREE_EX_DATA 0
-# define CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX 0
-# define CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX_EX 0
-# define CRYPTO_F_CRYPTO_MEMDUP 0
-# define CRYPTO_F_CRYPTO_NEW_EX_DATA 0
-# define CRYPTO_F_CRYPTO_NEW_EX_DATA_EX 0
-# define CRYPTO_F_CRYPTO_OCB128_COPY_CTX 0
-# define CRYPTO_F_CRYPTO_OCB128_INIT 0
-# define CRYPTO_F_CRYPTO_SET_EX_DATA 0
-# define CRYPTO_F_FIPS_MODE_SET 0
-# define CRYPTO_F_GET_AND_LOCK 0
-# define CRYPTO_F_GET_PROVIDER_STORE 0
-# define CRYPTO_F_OPENSSL_ATEXIT 0
-# define CRYPTO_F_OPENSSL_BUF2HEXSTR 0
-# define CRYPTO_F_OPENSSL_BUF2HEXSTR_EX 0
-# define CRYPTO_F_OPENSSL_FOPEN 0
-# define CRYPTO_F_OPENSSL_HEXSTR2BUF 0
-# define CRYPTO_F_OPENSSL_HEXSTR2BUF_EX 0
-# define CRYPTO_F_OPENSSL_INIT_CRYPTO 0
-# define CRYPTO_F_OPENSSL_LH_NEW 0
-# define CRYPTO_F_OPENSSL_SK_DEEP_COPY 0
-# define CRYPTO_F_OPENSSL_SK_DUP 0
-# define CRYPTO_F_OSSL_PARAM_BLD_PUSH_BN 0
-# define CRYPTO_F_OSSL_PARAM_BLD_PUSH_OCTET_PTR 0
-# define CRYPTO_F_OSSL_PARAM_BLD_PUSH_OCTET_STRING 0
-# define CRYPTO_F_OSSL_PARAM_BLD_PUSH_UTF8_PTR 0
-# define CRYPTO_F_OSSL_PARAM_BLD_PUSH_UTF8_STRING 0
-# define CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM 0
-# define CRYPTO_F_OSSL_PARAM_BLD_TO_PARAM_EX 0
-# define CRYPTO_F_OSSL_PARAM_TYPE_TO_PARAM 0
-# define CRYPTO_F_OSSL_PROVIDER_ACTIVATE 0
-# define CRYPTO_F_OSSL_PROVIDER_ADD_BUILTIN 0
-# define CRYPTO_F_OSSL_PROVIDER_ADD_PARAMETER 0
-# define CRYPTO_F_OSSL_PROVIDER_NEW 0
-# define CRYPTO_F_OSSL_PROVIDER_SET_MODULE_PATH 0
-# define CRYPTO_F_PARAM_PUSH 0
-# define CRYPTO_F_PARAM_PUSH_NUM 0
-# define CRYPTO_F_PKEY_HMAC_INIT 0
-# define CRYPTO_F_PKEY_POLY1305_INIT 0
-# define CRYPTO_F_PKEY_SIPHASH_INIT 0
-# define CRYPTO_F_PROVIDER_ACTIVATE 0
-# define CRYPTO_F_PROVIDER_CONF_INIT 0
-# define CRYPTO_F_PROVIDER_CONF_LOAD 0
-# define CRYPTO_F_PROVIDER_NEW 0
-# define CRYPTO_F_PROVIDER_STORE_NEW 0
-# define CRYPTO_F_SK_RESERVE 0
-# endif
/*
* CRYPTO reason codes.
*/
# define CRYPTO_R_BAD_ALGORITHM_NAME 117
# define CRYPTO_R_CONFLICTING_NAMES 118
-# define CRYPTO_R_FIPS_MODE_NOT_SUPPORTED 101
+# define CRYPTO_R_HEX_STRING_TOO_SHORT 121
# define CRYPTO_R_ILLEGAL_HEX_DIGIT 102
# define CRYPTO_R_INSUFFICIENT_DATA_SPACE 106
# define CRYPTO_R_INSUFFICIENT_PARAM_SIZE 107
@@ -90,11 +33,13 @@ int ERR_load_CRYPTO_strings(void);
# define CRYPTO_R_ODD_NUMBER_OF_DIGITS 103
# define CRYPTO_R_PROVIDER_ALREADY_EXISTS 104
# define CRYPTO_R_PROVIDER_SECTION_ERROR 105
+# define CRYPTO_R_RANDOM_SECTION_ERROR 119
# define CRYPTO_R_SECURE_MALLOC_FAILURE 111
# define CRYPTO_R_STRING_TOO_LONG 112
# define CRYPTO_R_TOO_MANY_BYTES 113
# define CRYPTO_R_TOO_MANY_RECORDS 114
# define CRYPTO_R_TOO_SMALL_BUFFER 116
+# define CRYPTO_R_UNKNOWN_NAME_IN_RANDOM_SECTION 120
# define CRYPTO_R_ZERO_LENGTH_NUMBER 115
#endif
diff --git a/openssl/include/openssl/cryptoerr_legacy.h b/openssl/include/openssl/cryptoerr_legacy.h
new file mode 100755
index 00000000..8bf2bb23
--- /dev/null
+++ b/openssl/include/openssl/cryptoerr_legacy.h
@@ -0,0 +1,1466 @@
+/*
+ * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/*
+ * This header file preserves symbols from pre-3.0 OpenSSL.
+ * It should never be included directly, as it's already included
+ * by the public {lib}err.h headers, and since it will go away some
+ * time in the future.
+ */
+
+#ifndef OPENSSL_CRYPTOERR_LEGACY_H
+# define OPENSSL_CRYPTOERR_LEGACY_H
+# pragma once
+
+# include <openssl/macros.h>
+# include <openssl/symhacks.h>
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int ERR_load_ASN1_strings(void);
+OSSL_DEPRECATEDIN_3_0 int ERR_load_ASYNC_strings(void);
+OSSL_DEPRECATEDIN_3_0 int ERR_load_BIO_strings(void);
+OSSL_DEPRECATEDIN_3_0 int ERR_load_BN_strings(void);
+OSSL_DEPRECATEDIN_3_0 int ERR_load_BUF_strings(void);
+# ifndef OPENSSL_NO_CMS
+OSSL_DEPRECATEDIN_3_0 int ERR_load_CMS_strings(void);
+# endif
+# ifndef OPENSSL_NO_COMP
+OSSL_DEPRECATEDIN_3_0 int ERR_load_COMP_strings(void);
+# endif
+OSSL_DEPRECATEDIN_3_0 int ERR_load_CONF_strings(void);
+OSSL_DEPRECATEDIN_3_0 int ERR_load_CRYPTO_strings(void);
+# ifndef OPENSSL_NO_CT
+OSSL_DEPRECATEDIN_3_0 int ERR_load_CT_strings(void);
+# endif
+# ifndef OPENSSL_NO_DH
+OSSL_DEPRECATEDIN_3_0 int ERR_load_DH_strings(void);
+# endif
+# ifndef OPENSSL_NO_DSA
+OSSL_DEPRECATEDIN_3_0 int ERR_load_DSA_strings(void);
+# endif
+# ifndef OPENSSL_NO_EC
+OSSL_DEPRECATEDIN_3_0 int ERR_load_EC_strings(void);
+# endif
+# ifndef OPENSSL_NO_ENGINE
+OSSL_DEPRECATEDIN_3_0 int ERR_load_ENGINE_strings(void);
+# endif
+OSSL_DEPRECATEDIN_3_0 int ERR_load_ERR_strings(void);
+OSSL_DEPRECATEDIN_3_0 int ERR_load_EVP_strings(void);
+OSSL_DEPRECATEDIN_3_0 int ERR_load_KDF_strings(void);
+OSSL_DEPRECATEDIN_3_0 int ERR_load_OBJ_strings(void);
+# ifndef OPENSSL_NO_OCSP
+OSSL_DEPRECATEDIN_3_0 int ERR_load_OCSP_strings(void);
+# endif
+OSSL_DEPRECATEDIN_3_0 int ERR_load_PEM_strings(void);
+OSSL_DEPRECATEDIN_3_0 int ERR_load_PKCS12_strings(void);
+OSSL_DEPRECATEDIN_3_0 int ERR_load_PKCS7_strings(void);
+OSSL_DEPRECATEDIN_3_0 int ERR_load_RAND_strings(void);
+OSSL_DEPRECATEDIN_3_0 int ERR_load_RSA_strings(void);
+OSSL_DEPRECATEDIN_3_0 int ERR_load_OSSL_STORE_strings(void);
+# ifndef OPENSSL_NO_TS
+OSSL_DEPRECATEDIN_3_0 int ERR_load_TS_strings(void);
+# endif
+OSSL_DEPRECATEDIN_3_0 int ERR_load_UI_strings(void);
+OSSL_DEPRECATEDIN_3_0 int ERR_load_X509_strings(void);
+OSSL_DEPRECATEDIN_3_0 int ERR_load_X509V3_strings(void);
+
+/* Collected _F_ macros from OpenSSL 1.1.1 */
+
+/*
+ * ASN1 function codes.
+ */
+# define ASN1_F_A2D_ASN1_OBJECT 0
+# define ASN1_F_A2I_ASN1_INTEGER 0
+# define ASN1_F_A2I_ASN1_STRING 0
+# define ASN1_F_APPEND_EXP 0
+# define ASN1_F_ASN1_BIO_INIT 0
+# define ASN1_F_ASN1_BIT_STRING_SET_BIT 0
+# define ASN1_F_ASN1_CB 0
+# define ASN1_F_ASN1_CHECK_TLEN 0
+# define ASN1_F_ASN1_COLLECT 0
+# define ASN1_F_ASN1_D2I_EX_PRIMITIVE 0
+# define ASN1_F_ASN1_D2I_FP 0
+# define ASN1_F_ASN1_D2I_READ_BIO 0
+# define ASN1_F_ASN1_DIGEST 0
+# define ASN1_F_ASN1_DO_ADB 0
+# define ASN1_F_ASN1_DO_LOCK 0
+# define ASN1_F_ASN1_DUP 0
+# define ASN1_F_ASN1_ENC_SAVE 0
+# define ASN1_F_ASN1_EX_C2I 0
+# define ASN1_F_ASN1_FIND_END 0
+# define ASN1_F_ASN1_GENERALIZEDTIME_ADJ 0
+# define ASN1_F_ASN1_GENERATE_V3 0
+# define ASN1_F_ASN1_GET_INT64 0
+# define ASN1_F_ASN1_GET_OBJECT 0
+# define ASN1_F_ASN1_GET_UINT64 0
+# define ASN1_F_ASN1_I2D_BIO 0
+# define ASN1_F_ASN1_I2D_FP 0
+# define ASN1_F_ASN1_ITEM_D2I_FP 0
+# define ASN1_F_ASN1_ITEM_DUP 0
+# define ASN1_F_ASN1_ITEM_EMBED_D2I 0
+# define ASN1_F_ASN1_ITEM_EMBED_NEW 0
+# define ASN1_F_ASN1_ITEM_FLAGS_I2D 0
+# define ASN1_F_ASN1_ITEM_I2D_BIO 0
+# define ASN1_F_ASN1_ITEM_I2D_FP 0
+# define ASN1_F_ASN1_ITEM_PACK 0
+# define ASN1_F_ASN1_ITEM_SIGN 0
+# define ASN1_F_ASN1_ITEM_SIGN_CTX 0
+# define ASN1_F_ASN1_ITEM_UNPACK 0
+# define ASN1_F_ASN1_ITEM_VERIFY 0
+# define ASN1_F_ASN1_MBSTRING_NCOPY 0
+# define ASN1_F_ASN1_OBJECT_NEW 0
+# define ASN1_F_ASN1_OUTPUT_DATA 0
+# define ASN1_F_ASN1_PCTX_NEW 0
+# define ASN1_F_ASN1_PRIMITIVE_NEW 0
+# define ASN1_F_ASN1_SCTX_NEW 0
+# define ASN1_F_ASN1_SIGN 0
+# define ASN1_F_ASN1_STR2TYPE 0
+# define ASN1_F_ASN1_STRING_GET_INT64 0
+# define ASN1_F_ASN1_STRING_GET_UINT64 0
+# define ASN1_F_ASN1_STRING_SET 0
+# define ASN1_F_ASN1_STRING_TABLE_ADD 0
+# define ASN1_F_ASN1_STRING_TO_BN 0
+# define ASN1_F_ASN1_STRING_TYPE_NEW 0
+# define ASN1_F_ASN1_TEMPLATE_EX_D2I 0
+# define ASN1_F_ASN1_TEMPLATE_NEW 0
+# define ASN1_F_ASN1_TEMPLATE_NOEXP_D2I 0
+# define ASN1_F_ASN1_TIME_ADJ 0
+# define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 0
+# define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 0
+# define ASN1_F_ASN1_UTCTIME_ADJ 0
+# define ASN1_F_ASN1_VERIFY 0
+# define ASN1_F_B64_READ_ASN1 0
+# define ASN1_F_B64_WRITE_ASN1 0
+# define ASN1_F_BIO_NEW_NDEF 0
+# define ASN1_F_BITSTR_CB 0
+# define ASN1_F_BN_TO_ASN1_STRING 0
+# define ASN1_F_C2I_ASN1_BIT_STRING 0
+# define ASN1_F_C2I_ASN1_INTEGER 0
+# define ASN1_F_C2I_ASN1_OBJECT 0
+# define ASN1_F_C2I_IBUF 0
+# define ASN1_F_C2I_UINT64_INT 0
+# define ASN1_F_COLLECT_DATA 0
+# define ASN1_F_D2I_ASN1_OBJECT 0
+# define ASN1_F_D2I_ASN1_UINTEGER 0
+# define ASN1_F_D2I_AUTOPRIVATEKEY 0
+# define ASN1_F_D2I_PRIVATEKEY 0
+# define ASN1_F_D2I_PUBLICKEY 0
+# define ASN1_F_DO_BUF 0
+# define ASN1_F_DO_CREATE 0
+# define ASN1_F_DO_DUMP 0
+# define ASN1_F_DO_TCREATE 0
+# define ASN1_F_I2A_ASN1_OBJECT 0
+# define ASN1_F_I2D_ASN1_BIO_STREAM 0
+# define ASN1_F_I2D_ASN1_OBJECT 0
+# define ASN1_F_I2D_DSA_PUBKEY 0
+# define ASN1_F_I2D_EC_PUBKEY 0
+# define ASN1_F_I2D_PRIVATEKEY 0
+# define ASN1_F_I2D_PUBLICKEY 0
+# define ASN1_F_I2D_RSA_PUBKEY 0
+# define ASN1_F_LONG_C2I 0
+# define ASN1_F_NDEF_PREFIX 0
+# define ASN1_F_NDEF_SUFFIX 0
+# define ASN1_F_OID_MODULE_INIT 0
+# define ASN1_F_PARSE_TAGGING 0
+# define ASN1_F_PKCS5_PBE2_SET_IV 0
+# define ASN1_F_PKCS5_PBE2_SET_SCRYPT 0
+# define ASN1_F_PKCS5_PBE_SET 0
+# define ASN1_F_PKCS5_PBE_SET0_ALGOR 0
+# define ASN1_F_PKCS5_PBKDF2_SET 0
+# define ASN1_F_PKCS5_SCRYPT_SET 0
+# define ASN1_F_SMIME_READ_ASN1 0
+# define ASN1_F_SMIME_TEXT 0
+# define ASN1_F_STABLE_GET 0
+# define ASN1_F_STBL_MODULE_INIT 0
+# define ASN1_F_UINT32_C2I 0
+# define ASN1_F_UINT32_NEW 0
+# define ASN1_F_UINT64_C2I 0
+# define ASN1_F_UINT64_NEW 0
+# define ASN1_F_X509_CRL_ADD0_REVOKED 0
+# define ASN1_F_X509_INFO_NEW 0
+# define ASN1_F_X509_NAME_ENCODE 0
+# define ASN1_F_X509_NAME_EX_D2I 0
+# define ASN1_F_X509_NAME_EX_NEW 0
+# define ASN1_F_X509_PKEY_NEW 0
+
+/*
+ * ASYNC function codes.
+ */
+# define ASYNC_F_ASYNC_CTX_NEW 0
+# define ASYNC_F_ASYNC_INIT_THREAD 0
+# define ASYNC_F_ASYNC_JOB_NEW 0
+# define ASYNC_F_ASYNC_PAUSE_JOB 0
+# define ASYNC_F_ASYNC_START_FUNC 0
+# define ASYNC_F_ASYNC_START_JOB 0
+# define ASYNC_F_ASYNC_WAIT_CTX_SET_WAIT_FD 0
+
+/*
+ * BIO function codes.
+ */
+# define BIO_F_ACPT_STATE 0
+# define BIO_F_ADDRINFO_WRAP 0
+# define BIO_F_ADDR_STRINGS 0
+# define BIO_F_BIO_ACCEPT 0
+# define BIO_F_BIO_ACCEPT_EX 0
+# define BIO_F_BIO_ACCEPT_NEW 0
+# define BIO_F_BIO_ADDR_NEW 0
+# define BIO_F_BIO_BIND 0
+# define BIO_F_BIO_CALLBACK_CTRL 0
+# define BIO_F_BIO_CONNECT 0
+# define BIO_F_BIO_CONNECT_NEW 0
+# define BIO_F_BIO_CTRL 0
+# define BIO_F_BIO_GETS 0
+# define BIO_F_BIO_GET_HOST_IP 0
+# define BIO_F_BIO_GET_NEW_INDEX 0
+# define BIO_F_BIO_GET_PORT 0
+# define BIO_F_BIO_LISTEN 0
+# define BIO_F_BIO_LOOKUP 0
+# define BIO_F_BIO_LOOKUP_EX 0
+# define BIO_F_BIO_MAKE_PAIR 0
+# define BIO_F_BIO_METH_NEW 0
+# define BIO_F_BIO_NEW 0
+# define BIO_F_BIO_NEW_DGRAM_SCTP 0
+# define BIO_F_BIO_NEW_FILE 0
+# define BIO_F_BIO_NEW_MEM_BUF 0
+# define BIO_F_BIO_NREAD 0
+# define BIO_F_BIO_NREAD0 0
+# define BIO_F_BIO_NWRITE 0
+# define BIO_F_BIO_NWRITE0 0
+# define BIO_F_BIO_PARSE_HOSTSERV 0
+# define BIO_F_BIO_PUTS 0
+# define BIO_F_BIO_READ 0
+# define BIO_F_BIO_READ_EX 0
+# define BIO_F_BIO_READ_INTERN 0
+# define BIO_F_BIO_SOCKET 0
+# define BIO_F_BIO_SOCKET_NBIO 0
+# define BIO_F_BIO_SOCK_INFO 0
+# define BIO_F_BIO_SOCK_INIT 0
+# define BIO_F_BIO_WRITE 0
+# define BIO_F_BIO_WRITE_EX 0
+# define BIO_F_BIO_WRITE_INTERN 0
+# define BIO_F_BUFFER_CTRL 0
+# define BIO_F_CONN_CTRL 0
+# define BIO_F_CONN_STATE 0
+# define BIO_F_DGRAM_SCTP_NEW 0
+# define BIO_F_DGRAM_SCTP_READ 0
+# define BIO_F_DGRAM_SCTP_WRITE 0
+# define BIO_F_DOAPR_OUTCH 0
+# define BIO_F_FILE_CTRL 0
+# define BIO_F_FILE_READ 0
+# define BIO_F_LINEBUFFER_CTRL 0
+# define BIO_F_LINEBUFFER_NEW 0
+# define BIO_F_MEM_WRITE 0
+# define BIO_F_NBIOF_NEW 0
+# define BIO_F_SLG_WRITE 0
+# define BIO_F_SSL_NEW 0
+
+/*
+ * BN function codes.
+ */
+# define BN_F_BNRAND 0
+# define BN_F_BNRAND_RANGE 0
+# define BN_F_BN_BLINDING_CONVERT_EX 0
+# define BN_F_BN_BLINDING_CREATE_PARAM 0
+# define BN_F_BN_BLINDING_INVERT_EX 0
+# define BN_F_BN_BLINDING_NEW 0
+# define BN_F_BN_BLINDING_UPDATE 0
+# define BN_F_BN_BN2DEC 0
+# define BN_F_BN_BN2HEX 0
+# define BN_F_BN_COMPUTE_WNAF 0
+# define BN_F_BN_CTX_GET 0
+# define BN_F_BN_CTX_NEW 0
+# define BN_F_BN_CTX_START 0
+# define BN_F_BN_DIV 0
+# define BN_F_BN_DIV_RECP 0
+# define BN_F_BN_EXP 0
+# define BN_F_BN_EXPAND_INTERNAL 0
+# define BN_F_BN_GENCB_NEW 0
+# define BN_F_BN_GENERATE_DSA_NONCE 0
+# define BN_F_BN_GENERATE_PRIME_EX 0
+# define BN_F_BN_GF2M_MOD 0
+# define BN_F_BN_GF2M_MOD_EXP 0
+# define BN_F_BN_GF2M_MOD_MUL 0
+# define BN_F_BN_GF2M_MOD_SOLVE_QUAD 0
+# define BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR 0
+# define BN_F_BN_GF2M_MOD_SQR 0
+# define BN_F_BN_GF2M_MOD_SQRT 0
+# define BN_F_BN_LSHIFT 0
+# define BN_F_BN_MOD_EXP2_MONT 0
+# define BN_F_BN_MOD_EXP_MONT 0
+# define BN_F_BN_MOD_EXP_MONT_CONSTTIME 0
+# define BN_F_BN_MOD_EXP_MONT_WORD 0
+# define BN_F_BN_MOD_EXP_RECP 0
+# define BN_F_BN_MOD_EXP_SIMPLE 0
+# define BN_F_BN_MOD_INVERSE 0
+# define BN_F_BN_MOD_INVERSE_NO_BRANCH 0
+# define BN_F_BN_MOD_LSHIFT_QUICK 0
+# define BN_F_BN_MOD_SQRT 0
+# define BN_F_BN_MONT_CTX_NEW 0
+# define BN_F_BN_MPI2BN 0
+# define BN_F_BN_NEW 0
+# define BN_F_BN_POOL_GET 0
+# define BN_F_BN_RAND 0
+# define BN_F_BN_RAND_RANGE 0
+# define BN_F_BN_RECP_CTX_NEW 0
+# define BN_F_BN_RSHIFT 0
+# define BN_F_BN_SET_WORDS 0
+# define BN_F_BN_STACK_PUSH 0
+# define BN_F_BN_USUB 0
+
+/*
+ * BUF function codes.
+ */
+# define BUF_F_BUF_MEM_GROW 0
+# define BUF_F_BUF_MEM_GROW_CLEAN 0
+# define BUF_F_BUF_MEM_NEW 0
+
+# ifndef OPENSSL_NO_CMS
+/*
+ * CMS function codes.
+ */
+# define CMS_F_CHECK_CONTENT 0
+# define CMS_F_CMS_ADD0_CERT 0
+# define CMS_F_CMS_ADD0_RECIPIENT_KEY 0
+# define CMS_F_CMS_ADD0_RECIPIENT_PASSWORD 0
+# define CMS_F_CMS_ADD1_RECEIPTREQUEST 0
+# define CMS_F_CMS_ADD1_RECIPIENT_CERT 0
+# define CMS_F_CMS_ADD1_SIGNER 0
+# define CMS_F_CMS_ADD1_SIGNINGTIME 0
+# define CMS_F_CMS_COMPRESS 0
+# define CMS_F_CMS_COMPRESSEDDATA_CREATE 0
+# define CMS_F_CMS_COMPRESSEDDATA_INIT_BIO 0
+# define CMS_F_CMS_COPY_CONTENT 0
+# define CMS_F_CMS_COPY_MESSAGEDIGEST 0
+# define CMS_F_CMS_DATA 0
+# define CMS_F_CMS_DATAFINAL 0
+# define CMS_F_CMS_DATAINIT 0
+# define CMS_F_CMS_DECRYPT 0
+# define CMS_F_CMS_DECRYPT_SET1_KEY 0
+# define CMS_F_CMS_DECRYPT_SET1_PASSWORD 0
+# define CMS_F_CMS_DECRYPT_SET1_PKEY 0
+# define CMS_F_CMS_DIGESTALGORITHM_FIND_CTX 0
+# define CMS_F_CMS_DIGESTALGORITHM_INIT_BIO 0
+# define CMS_F_CMS_DIGESTEDDATA_DO_FINAL 0
+# define CMS_F_CMS_DIGEST_VERIFY 0
+# define CMS_F_CMS_ENCODE_RECEIPT 0
+# define CMS_F_CMS_ENCRYPT 0
+# define CMS_F_CMS_ENCRYPTEDCONTENT_INIT 0
+# define CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO 0
+# define CMS_F_CMS_ENCRYPTEDDATA_DECRYPT 0
+# define CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT 0
+# define CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY 0
+# define CMS_F_CMS_ENVELOPEDDATA_CREATE 0
+# define CMS_F_CMS_ENVELOPEDDATA_INIT_BIO 0
+# define CMS_F_CMS_ENVELOPED_DATA_INIT 0
+# define CMS_F_CMS_ENV_ASN1_CTRL 0
+# define CMS_F_CMS_FINAL 0
+# define CMS_F_CMS_GET0_CERTIFICATE_CHOICES 0
+# define CMS_F_CMS_GET0_CONTENT 0
+# define CMS_F_CMS_GET0_ECONTENT_TYPE 0
+# define CMS_F_CMS_GET0_ENVELOPED 0
+# define CMS_F_CMS_GET0_REVOCATION_CHOICES 0
+# define CMS_F_CMS_GET0_SIGNED 0
+# define CMS_F_CMS_MSGSIGDIGEST_ADD1 0
+# define CMS_F_CMS_RECEIPTREQUEST_CREATE0 0
+# define CMS_F_CMS_RECEIPT_VERIFY 0
+# define CMS_F_CMS_RECIPIENTINFO_DECRYPT 0
+# define CMS_F_CMS_RECIPIENTINFO_ENCRYPT 0
+# define CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT 0
+# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG 0
+# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID 0
+# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_REKS 0
+# define CMS_F_CMS_RECIPIENTINFO_KARI_ORIG_ID_CMP 0
+# define CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT 0
+# define CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT 0
+# define CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID 0
+# define CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP 0
+# define CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP 0
+# define CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT 0
+# define CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT 0
+# define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS 0
+# define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID 0
+# define CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT 0
+# define CMS_F_CMS_RECIPIENTINFO_SET0_KEY 0
+# define CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD 0
+# define CMS_F_CMS_RECIPIENTINFO_SET0_PKEY 0
+# define CMS_F_CMS_SD_ASN1_CTRL 0
+# define CMS_F_CMS_SET1_IAS 0
+# define CMS_F_CMS_SET1_KEYID 0
+# define CMS_F_CMS_SET1_SIGNERIDENTIFIER 0
+# define CMS_F_CMS_SET_DETACHED 0
+# define CMS_F_CMS_SIGN 0
+# define CMS_F_CMS_SIGNED_DATA_INIT 0
+# define CMS_F_CMS_SIGNERINFO_CONTENT_SIGN 0
+# define CMS_F_CMS_SIGNERINFO_SIGN 0
+# define CMS_F_CMS_SIGNERINFO_VERIFY 0
+# define CMS_F_CMS_SIGNERINFO_VERIFY_CERT 0
+# define CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT 0
+# define CMS_F_CMS_SIGN_RECEIPT 0
+# define CMS_F_CMS_SI_CHECK_ATTRIBUTES 0
+# define CMS_F_CMS_STREAM 0
+# define CMS_F_CMS_UNCOMPRESS 0
+# define CMS_F_CMS_VERIFY 0
+# define CMS_F_KEK_UNWRAP_KEY 0
+# endif
+
+# ifndef OPENSSL_NO_COMP
+/*
+ * COMP function codes.
+ */
+# define COMP_F_BIO_ZLIB_FLUSH 0
+# define COMP_F_BIO_ZLIB_NEW 0
+# define COMP_F_BIO_ZLIB_READ 0
+# define COMP_F_BIO_ZLIB_WRITE 0
+# define COMP_F_COMP_CTX_NEW 0
+# endif
+
+/*
+ * CONF function codes.
+ */
+# define CONF_F_CONF_DUMP_FP 0
+# define CONF_F_CONF_LOAD 0
+# define CONF_F_CONF_LOAD_FP 0
+# define CONF_F_CONF_PARSE_LIST 0
+# define CONF_F_DEF_LOAD 0
+# define CONF_F_DEF_LOAD_BIO 0
+# define CONF_F_GET_NEXT_FILE 0
+# define CONF_F_MODULE_ADD 0
+# define CONF_F_MODULE_INIT 0
+# define CONF_F_MODULE_LOAD_DSO 0
+# define CONF_F_MODULE_RUN 0
+# define CONF_F_NCONF_DUMP_BIO 0
+# define CONF_F_NCONF_DUMP_FP 0
+# define CONF_F_NCONF_GET_NUMBER_E 0
+# define CONF_F_NCONF_GET_SECTION 0
+# define CONF_F_NCONF_GET_STRING 0
+# define CONF_F_NCONF_LOAD 0
+# define CONF_F_NCONF_LOAD_BIO 0
+# define CONF_F_NCONF_LOAD_FP 0
+# define CONF_F_NCONF_NEW 0
+# define CONF_F_PROCESS_INCLUDE 0
+# define CONF_F_SSL_MODULE_INIT 0
+# define CONF_F_STR_COPY 0
+
+/*
+ * CRYPTO function codes.
+ */
+# define CRYPTO_F_CMAC_CTX_NEW 0
+# define CRYPTO_F_CRYPTO_DUP_EX_DATA 0
+# define CRYPTO_F_CRYPTO_FREE_EX_DATA 0
+# define CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX 0
+# define CRYPTO_F_CRYPTO_MEMDUP 0
+# define CRYPTO_F_CRYPTO_NEW_EX_DATA 0
+# define CRYPTO_F_CRYPTO_OCB128_COPY_CTX 0
+# define CRYPTO_F_CRYPTO_OCB128_INIT 0
+# define CRYPTO_F_CRYPTO_SET_EX_DATA 0
+# define CRYPTO_F_GET_AND_LOCK 0
+# define CRYPTO_F_OPENSSL_ATEXIT 0
+# define CRYPTO_F_OPENSSL_BUF2HEXSTR 0
+# define CRYPTO_F_OPENSSL_FOPEN 0
+# define CRYPTO_F_OPENSSL_HEXSTR2BUF 0
+# define CRYPTO_F_OPENSSL_INIT_CRYPTO 0
+# define CRYPTO_F_OPENSSL_LH_NEW 0
+# define CRYPTO_F_OPENSSL_SK_DEEP_COPY 0
+# define CRYPTO_F_OPENSSL_SK_DUP 0
+# define CRYPTO_F_PKEY_HMAC_INIT 0
+# define CRYPTO_F_PKEY_POLY1305_INIT 0
+# define CRYPTO_F_PKEY_SIPHASH_INIT 0
+# define CRYPTO_F_SK_RESERVE 0
+
+# ifndef OPENSSL_NO_CT
+/*
+ * CT function codes.
+ */
+# define CT_F_CTLOG_NEW 0
+# define CT_F_CTLOG_NEW_FROM_BASE64 0
+# define CT_F_CTLOG_NEW_FROM_CONF 0
+# define CT_F_CTLOG_STORE_LOAD_CTX_NEW 0
+# define CT_F_CTLOG_STORE_LOAD_FILE 0
+# define CT_F_CTLOG_STORE_LOAD_LOG 0
+# define CT_F_CTLOG_STORE_NEW 0
+# define CT_F_CT_BASE64_DECODE 0
+# define CT_F_CT_POLICY_EVAL_CTX_NEW 0
+# define CT_F_CT_V1_LOG_ID_FROM_PKEY 0
+# define CT_F_I2O_SCT 0
+# define CT_F_I2O_SCT_LIST 0
+# define CT_F_I2O_SCT_SIGNATURE 0
+# define CT_F_O2I_SCT 0
+# define CT_F_O2I_SCT_LIST 0
+# define CT_F_O2I_SCT_SIGNATURE 0
+# define CT_F_SCT_CTX_NEW 0
+# define CT_F_SCT_CTX_VERIFY 0
+# define CT_F_SCT_NEW 0
+# define CT_F_SCT_NEW_FROM_BASE64 0
+# define CT_F_SCT_SET0_LOG_ID 0
+# define CT_F_SCT_SET1_EXTENSIONS 0
+# define CT_F_SCT_SET1_LOG_ID 0
+# define CT_F_SCT_SET1_SIGNATURE 0
+# define CT_F_SCT_SET_LOG_ENTRY_TYPE 0
+# define CT_F_SCT_SET_SIGNATURE_NID 0
+# define CT_F_SCT_SET_VERSION 0
+# endif
+
+# ifndef OPENSSL_NO_DH
+/*
+ * DH function codes.
+ */
+# define DH_F_COMPUTE_KEY 0
+# define DH_F_DHPARAMS_PRINT_FP 0
+# define DH_F_DH_BUILTIN_GENPARAMS 0
+# define DH_F_DH_CHECK_EX 0
+# define DH_F_DH_CHECK_PARAMS_EX 0
+# define DH_F_DH_CHECK_PUB_KEY_EX 0
+# define DH_F_DH_CMS_DECRYPT 0
+# define DH_F_DH_CMS_SET_PEERKEY 0
+# define DH_F_DH_CMS_SET_SHARED_INFO 0
+# define DH_F_DH_METH_DUP 0
+# define DH_F_DH_METH_NEW 0
+# define DH_F_DH_METH_SET1_NAME 0
+# define DH_F_DH_NEW_BY_NID 0
+# define DH_F_DH_NEW_METHOD 0
+# define DH_F_DH_PARAM_DECODE 0
+# define DH_F_DH_PKEY_PUBLIC_CHECK 0
+# define DH_F_DH_PRIV_DECODE 0
+# define DH_F_DH_PRIV_ENCODE 0
+# define DH_F_DH_PUB_DECODE 0
+# define DH_F_DH_PUB_ENCODE 0
+# define DH_F_DO_DH_PRINT 0
+# define DH_F_GENERATE_KEY 0
+# define DH_F_PKEY_DH_CTRL_STR 0
+# define DH_F_PKEY_DH_DERIVE 0
+# define DH_F_PKEY_DH_INIT 0
+# define DH_F_PKEY_DH_KEYGEN 0
+# endif
+
+# ifndef OPENSSL_NO_DSA
+/*
+ * DSA function codes.
+ */
+# define DSA_F_DSAPARAMS_PRINT 0
+# define DSA_F_DSAPARAMS_PRINT_FP 0
+# define DSA_F_DSA_BUILTIN_PARAMGEN 0
+# define DSA_F_DSA_BUILTIN_PARAMGEN2 0
+# define DSA_F_DSA_DO_SIGN 0
+# define DSA_F_DSA_DO_VERIFY 0
+# define DSA_F_DSA_METH_DUP 0
+# define DSA_F_DSA_METH_NEW 0
+# define DSA_F_DSA_METH_SET1_NAME 0
+# define DSA_F_DSA_NEW_METHOD 0
+# define DSA_F_DSA_PARAM_DECODE 0
+# define DSA_F_DSA_PRINT_FP 0
+# define DSA_F_DSA_PRIV_DECODE 0
+# define DSA_F_DSA_PRIV_ENCODE 0
+# define DSA_F_DSA_PUB_DECODE 0
+# define DSA_F_DSA_PUB_ENCODE 0
+# define DSA_F_DSA_SIGN 0
+# define DSA_F_DSA_SIGN_SETUP 0
+# define DSA_F_DSA_SIG_NEW 0
+# define DSA_F_OLD_DSA_PRIV_DECODE 0
+# define DSA_F_PKEY_DSA_CTRL 0
+# define DSA_F_PKEY_DSA_CTRL_STR 0
+# define DSA_F_PKEY_DSA_KEYGEN 0
+# endif
+
+# ifndef OPENSSL_NO_EC
+/*
+ * EC function codes.
+ */
+# define EC_F_BN_TO_FELEM 0
+# define EC_F_D2I_ECPARAMETERS 0
+# define EC_F_D2I_ECPKPARAMETERS 0
+# define EC_F_D2I_ECPRIVATEKEY 0
+# define EC_F_DO_EC_KEY_PRINT 0
+# define EC_F_ECDH_CMS_DECRYPT 0
+# define EC_F_ECDH_CMS_SET_SHARED_INFO 0
+# define EC_F_ECDH_COMPUTE_KEY 0
+# define EC_F_ECDH_SIMPLE_COMPUTE_KEY 0
+# define EC_F_ECDSA_DO_SIGN_EX 0
+# define EC_F_ECDSA_DO_VERIFY 0
+# define EC_F_ECDSA_SIGN_EX 0
+# define EC_F_ECDSA_SIGN_SETUP 0
+# define EC_F_ECDSA_SIG_NEW 0
+# define EC_F_ECDSA_VERIFY 0
+# define EC_F_ECD_ITEM_VERIFY 0
+# define EC_F_ECKEY_PARAM2TYPE 0
+# define EC_F_ECKEY_PARAM_DECODE 0
+# define EC_F_ECKEY_PRIV_DECODE 0
+# define EC_F_ECKEY_PRIV_ENCODE 0
+# define EC_F_ECKEY_PUB_DECODE 0
+# define EC_F_ECKEY_PUB_ENCODE 0
+# define EC_F_ECKEY_TYPE2PARAM 0
+# define EC_F_ECPARAMETERS_PRINT 0
+# define EC_F_ECPARAMETERS_PRINT_FP 0
+# define EC_F_ECPKPARAMETERS_PRINT 0
+# define EC_F_ECPKPARAMETERS_PRINT_FP 0
+# define EC_F_ECP_NISTZ256_GET_AFFINE 0
+# define EC_F_ECP_NISTZ256_INV_MOD_ORD 0
+# define EC_F_ECP_NISTZ256_MULT_PRECOMPUTE 0
+# define EC_F_ECP_NISTZ256_POINTS_MUL 0
+# define EC_F_ECP_NISTZ256_PRE_COMP_NEW 0
+# define EC_F_ECP_NISTZ256_WINDOWED_MUL 0
+# define EC_F_ECX_KEY_OP 0
+# define EC_F_ECX_PRIV_ENCODE 0
+# define EC_F_ECX_PUB_ENCODE 0
+# define EC_F_EC_ASN1_GROUP2CURVE 0
+# define EC_F_EC_ASN1_GROUP2FIELDID 0
+# define EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY 0
+# define EC_F_EC_GF2M_SIMPLE_FIELD_INV 0
+# define EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT 0
+# define EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE 0
+# define EC_F_EC_GF2M_SIMPLE_LADDER_POST 0
+# define EC_F_EC_GF2M_SIMPLE_LADDER_PRE 0
+# define EC_F_EC_GF2M_SIMPLE_OCT2POINT 0
+# define EC_F_EC_GF2M_SIMPLE_POINT2OCT 0
+# define EC_F_EC_GF2M_SIMPLE_POINTS_MUL 0
+# define EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES 0
+# define EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES 0
+# define EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES 0
+# define EC_F_EC_GFP_MONT_FIELD_DECODE 0
+# define EC_F_EC_GFP_MONT_FIELD_ENCODE 0
+# define EC_F_EC_GFP_MONT_FIELD_INV 0
+# define EC_F_EC_GFP_MONT_FIELD_MUL 0
+# define EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE 0
+# define EC_F_EC_GFP_MONT_FIELD_SQR 0
+# define EC_F_EC_GFP_MONT_GROUP_SET_CURVE 0
+# define EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE 0
+# define EC_F_EC_GFP_NISTP224_POINTS_MUL 0
+# define EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES 0
+# define EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE 0
+# define EC_F_EC_GFP_NISTP256_POINTS_MUL 0
+# define EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES 0
+# define EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE 0
+# define EC_F_EC_GFP_NISTP521_POINTS_MUL 0
+# define EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES 0
+# define EC_F_EC_GFP_NIST_FIELD_MUL 0
+# define EC_F_EC_GFP_NIST_FIELD_SQR 0
+# define EC_F_EC_GFP_NIST_GROUP_SET_CURVE 0
+# define EC_F_EC_GFP_SIMPLE_BLIND_COORDINATES 0
+# define EC_F_EC_GFP_SIMPLE_FIELD_INV 0
+# define EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT 0
+# define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE 0
+# define EC_F_EC_GFP_SIMPLE_MAKE_AFFINE 0
+# define EC_F_EC_GFP_SIMPLE_OCT2POINT 0
+# define EC_F_EC_GFP_SIMPLE_POINT2OCT 0
+# define EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE 0
+# define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES 0
+# define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES 0
+# define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES 0
+# define EC_F_EC_GROUP_CHECK 0
+# define EC_F_EC_GROUP_CHECK_DISCRIMINANT 0
+# define EC_F_EC_GROUP_COPY 0
+# define EC_F_EC_GROUP_GET_CURVE 0
+# define EC_F_EC_GROUP_GET_CURVE_GF2M 0
+# define EC_F_EC_GROUP_GET_CURVE_GFP 0
+# define EC_F_EC_GROUP_GET_DEGREE 0
+# define EC_F_EC_GROUP_GET_ECPARAMETERS 0
+# define EC_F_EC_GROUP_GET_ECPKPARAMETERS 0
+# define EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS 0
+# define EC_F_EC_GROUP_GET_TRINOMIAL_BASIS 0
+# define EC_F_EC_GROUP_NEW 0
+# define EC_F_EC_GROUP_NEW_BY_CURVE_NAME 0
+# define EC_F_EC_GROUP_NEW_FROM_DATA 0
+# define EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS 0
+# define EC_F_EC_GROUP_NEW_FROM_ECPKPARAMETERS 0
+# define EC_F_EC_GROUP_SET_CURVE 0
+# define EC_F_EC_GROUP_SET_CURVE_GF2M 0
+# define EC_F_EC_GROUP_SET_CURVE_GFP 0
+# define EC_F_EC_GROUP_SET_GENERATOR 0
+# define EC_F_EC_GROUP_SET_SEED 0
+# define EC_F_EC_KEY_CHECK_KEY 0
+# define EC_F_EC_KEY_COPY 0
+# define EC_F_EC_KEY_GENERATE_KEY 0
+# define EC_F_EC_KEY_NEW 0
+# define EC_F_EC_KEY_NEW_METHOD 0
+# define EC_F_EC_KEY_OCT2PRIV 0
+# define EC_F_EC_KEY_PRINT 0
+# define EC_F_EC_KEY_PRINT_FP 0
+# define EC_F_EC_KEY_PRIV2BUF 0
+# define EC_F_EC_KEY_PRIV2OCT 0
+# define EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES 0
+# define EC_F_EC_KEY_SIMPLE_CHECK_KEY 0
+# define EC_F_EC_KEY_SIMPLE_OCT2PRIV 0
+# define EC_F_EC_KEY_SIMPLE_PRIV2OCT 0
+# define EC_F_EC_PKEY_CHECK 0
+# define EC_F_EC_PKEY_PARAM_CHECK 0
+# define EC_F_EC_POINTS_MAKE_AFFINE 0
+# define EC_F_EC_POINTS_MUL 0
+# define EC_F_EC_POINT_ADD 0
+# define EC_F_EC_POINT_BN2POINT 0
+# define EC_F_EC_POINT_CMP 0
+# define EC_F_EC_POINT_COPY 0
+# define EC_F_EC_POINT_DBL 0
+# define EC_F_EC_POINT_GET_AFFINE_COORDINATES 0
+# define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M 0
+# define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP 0
+# define EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP 0
+# define EC_F_EC_POINT_INVERT 0
+# define EC_F_EC_POINT_IS_AT_INFINITY 0
+# define EC_F_EC_POINT_IS_ON_CURVE 0
+# define EC_F_EC_POINT_MAKE_AFFINE 0
+# define EC_F_EC_POINT_NEW 0
+# define EC_F_EC_POINT_OCT2POINT 0
+# define EC_F_EC_POINT_POINT2BUF 0
+# define EC_F_EC_POINT_POINT2OCT 0
+# define EC_F_EC_POINT_SET_AFFINE_COORDINATES 0
+# define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M 0
+# define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP 0
+# define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES 0
+# define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M 0
+# define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP 0
+# define EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP 0
+# define EC_F_EC_POINT_SET_TO_INFINITY 0
+# define EC_F_EC_PRE_COMP_NEW 0
+# define EC_F_EC_SCALAR_MUL_LADDER 0
+# define EC_F_EC_WNAF_MUL 0
+# define EC_F_EC_WNAF_PRECOMPUTE_MULT 0
+# define EC_F_I2D_ECPARAMETERS 0
+# define EC_F_I2D_ECPKPARAMETERS 0
+# define EC_F_I2D_ECPRIVATEKEY 0
+# define EC_F_I2O_ECPUBLICKEY 0
+# define EC_F_NISTP224_PRE_COMP_NEW 0
+# define EC_F_NISTP256_PRE_COMP_NEW 0
+# define EC_F_NISTP521_PRE_COMP_NEW 0
+# define EC_F_O2I_ECPUBLICKEY 0
+# define EC_F_OLD_EC_PRIV_DECODE 0
+# define EC_F_OSSL_ECDH_COMPUTE_KEY 0
+# define EC_F_OSSL_ECDSA_SIGN_SIG 0
+# define EC_F_OSSL_ECDSA_VERIFY_SIG 0
+# define EC_F_PKEY_ECD_CTRL 0
+# define EC_F_PKEY_ECD_DIGESTSIGN 0
+# define EC_F_PKEY_ECD_DIGESTSIGN25519 0
+# define EC_F_PKEY_ECD_DIGESTSIGN448 0
+# define EC_F_PKEY_ECX_DERIVE 0
+# define EC_F_PKEY_EC_CTRL 0
+# define EC_F_PKEY_EC_CTRL_STR 0
+# define EC_F_PKEY_EC_DERIVE 0
+# define EC_F_PKEY_EC_INIT 0
+# define EC_F_PKEY_EC_KDF_DERIVE 0
+# define EC_F_PKEY_EC_KEYGEN 0
+# define EC_F_PKEY_EC_PARAMGEN 0
+# define EC_F_PKEY_EC_SIGN 0
+# define EC_F_VALIDATE_ECX_DERIVE 0
+# endif
+
+# ifndef OPENSSL_NO_ENGINE
+/*
+ * ENGINE function codes.
+ */
+# define ENGINE_F_DIGEST_UPDATE 0
+# define ENGINE_F_DYNAMIC_CTRL 0
+# define ENGINE_F_DYNAMIC_GET_DATA_CTX 0
+# define ENGINE_F_DYNAMIC_LOAD 0
+# define ENGINE_F_DYNAMIC_SET_DATA_CTX 0
+# define ENGINE_F_ENGINE_ADD 0
+# define ENGINE_F_ENGINE_BY_ID 0
+# define ENGINE_F_ENGINE_CMD_IS_EXECUTABLE 0
+# define ENGINE_F_ENGINE_CTRL 0
+# define ENGINE_F_ENGINE_CTRL_CMD 0
+# define ENGINE_F_ENGINE_CTRL_CMD_STRING 0
+# define ENGINE_F_ENGINE_FINISH 0
+# define ENGINE_F_ENGINE_GET_CIPHER 0
+# define ENGINE_F_ENGINE_GET_DIGEST 0
+# define ENGINE_F_ENGINE_GET_FIRST 0
+# define ENGINE_F_ENGINE_GET_LAST 0
+# define ENGINE_F_ENGINE_GET_NEXT 0
+# define ENGINE_F_ENGINE_GET_PKEY_ASN1_METH 0
+# define ENGINE_F_ENGINE_GET_PKEY_METH 0
+# define ENGINE_F_ENGINE_GET_PREV 0
+# define ENGINE_F_ENGINE_INIT 0
+# define ENGINE_F_ENGINE_LIST_ADD 0
+# define ENGINE_F_ENGINE_LIST_REMOVE 0
+# define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY 0
+# define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY 0
+# define ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT 0
+# define ENGINE_F_ENGINE_NEW 0
+# define ENGINE_F_ENGINE_PKEY_ASN1_FIND_STR 0
+# define ENGINE_F_ENGINE_REMOVE 0
+# define ENGINE_F_ENGINE_SET_DEFAULT_STRING 0
+# define ENGINE_F_ENGINE_SET_ID 0
+# define ENGINE_F_ENGINE_SET_NAME 0
+# define ENGINE_F_ENGINE_TABLE_REGISTER 0
+# define ENGINE_F_ENGINE_UNLOCKED_FINISH 0
+# define ENGINE_F_ENGINE_UP_REF 0
+# define ENGINE_F_INT_CLEANUP_ITEM 0
+# define ENGINE_F_INT_CTRL_HELPER 0
+# define ENGINE_F_INT_ENGINE_CONFIGURE 0
+# define ENGINE_F_INT_ENGINE_MODULE_INIT 0
+# define ENGINE_F_OSSL_HMAC_INIT 0
+# endif
+
+/*
+ * EVP function codes.
+ */
+# define EVP_F_AESNI_INIT_KEY 0
+# define EVP_F_AESNI_XTS_INIT_KEY 0
+# define EVP_F_AES_GCM_CTRL 0
+# define EVP_F_AES_INIT_KEY 0
+# define EVP_F_AES_OCB_CIPHER 0
+# define EVP_F_AES_T4_INIT_KEY 0
+# define EVP_F_AES_T4_XTS_INIT_KEY 0
+# define EVP_F_AES_WRAP_CIPHER 0
+# define EVP_F_AES_XTS_INIT_KEY 0
+# define EVP_F_ALG_MODULE_INIT 0
+# define EVP_F_ARIA_CCM_INIT_KEY 0
+# define EVP_F_ARIA_GCM_CTRL 0
+# define EVP_F_ARIA_GCM_INIT_KEY 0
+# define EVP_F_ARIA_INIT_KEY 0
+# define EVP_F_B64_NEW 0
+# define EVP_F_CAMELLIA_INIT_KEY 0
+# define EVP_F_CHACHA20_POLY1305_CTRL 0
+# define EVP_F_CMLL_T4_INIT_KEY 0
+# define EVP_F_DES_EDE3_WRAP_CIPHER 0
+# define EVP_F_DO_SIGVER_INIT 0
+# define EVP_F_ENC_NEW 0
+# define EVP_F_EVP_CIPHERINIT_EX 0
+# define EVP_F_EVP_CIPHER_ASN1_TO_PARAM 0
+# define EVP_F_EVP_CIPHER_CTX_COPY 0
+# define EVP_F_EVP_CIPHER_CTX_CTRL 0
+# define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 0
+# define EVP_F_EVP_CIPHER_PARAM_TO_ASN1 0
+# define EVP_F_EVP_DECRYPTFINAL_EX 0
+# define EVP_F_EVP_DECRYPTUPDATE 0
+# define EVP_F_EVP_DIGESTFINALXOF 0
+# define EVP_F_EVP_DIGESTINIT_EX 0
+# define EVP_F_EVP_ENCRYPTDECRYPTUPDATE 0
+# define EVP_F_EVP_ENCRYPTFINAL_EX 0
+# define EVP_F_EVP_ENCRYPTUPDATE 0
+# define EVP_F_EVP_MD_CTX_COPY_EX 0
+# define EVP_F_EVP_MD_SIZE 0
+# define EVP_F_EVP_OPENINIT 0
+# define EVP_F_EVP_PBE_ALG_ADD 0
+# define EVP_F_EVP_PBE_ALG_ADD_TYPE 0
+# define EVP_F_EVP_PBE_CIPHERINIT 0
+# define EVP_F_EVP_PBE_SCRYPT 0
+# define EVP_F_EVP_PKCS82PKEY 0
+# define EVP_F_EVP_PKEY2PKCS8 0
+# define EVP_F_EVP_PKEY_ASN1_ADD0 0
+# define EVP_F_EVP_PKEY_CHECK 0
+# define EVP_F_EVP_PKEY_COPY_PARAMETERS 0
+# define EVP_F_EVP_PKEY_CTX_CTRL 0
+# define EVP_F_EVP_PKEY_CTX_CTRL_STR 0
+# define EVP_F_EVP_PKEY_CTX_DUP 0
+# define EVP_F_EVP_PKEY_CTX_MD 0
+# define EVP_F_EVP_PKEY_DECRYPT 0
+# define EVP_F_EVP_PKEY_DECRYPT_INIT 0
+# define EVP_F_EVP_PKEY_DECRYPT_OLD 0
+# define EVP_F_EVP_PKEY_DERIVE 0
+# define EVP_F_EVP_PKEY_DERIVE_INIT 0
+# define EVP_F_EVP_PKEY_DERIVE_SET_PEER 0
+# define EVP_F_EVP_PKEY_ENCRYPT 0
+# define EVP_F_EVP_PKEY_ENCRYPT_INIT 0
+# define EVP_F_EVP_PKEY_ENCRYPT_OLD 0
+# define EVP_F_EVP_PKEY_GET0_DH 0
+# define EVP_F_EVP_PKEY_GET0_DSA 0
+# define EVP_F_EVP_PKEY_GET0_EC_KEY 0
+# define EVP_F_EVP_PKEY_GET0_HMAC 0
+# define EVP_F_EVP_PKEY_GET0_POLY1305 0
+# define EVP_F_EVP_PKEY_GET0_RSA 0
+# define EVP_F_EVP_PKEY_GET0_SIPHASH 0
+# define EVP_F_EVP_PKEY_GET_RAW_PRIVATE_KEY 0
+# define EVP_F_EVP_PKEY_GET_RAW_PUBLIC_KEY 0
+# define EVP_F_EVP_PKEY_KEYGEN 0
+# define EVP_F_EVP_PKEY_KEYGEN_INIT 0
+# define EVP_F_EVP_PKEY_METH_ADD0 0
+# define EVP_F_EVP_PKEY_METH_NEW 0
+# define EVP_F_EVP_PKEY_NEW 0
+# define EVP_F_EVP_PKEY_NEW_CMAC_KEY 0
+# define EVP_F_EVP_PKEY_NEW_RAW_PRIVATE_KEY 0
+# define EVP_F_EVP_PKEY_NEW_RAW_PUBLIC_KEY 0
+# define EVP_F_EVP_PKEY_PARAMGEN 0
+# define EVP_F_EVP_PKEY_PARAMGEN_INIT 0
+# define EVP_F_EVP_PKEY_PARAM_CHECK 0
+# define EVP_F_EVP_PKEY_PUBLIC_CHECK 0
+# define EVP_F_EVP_PKEY_SET1_ENGINE 0
+# define EVP_F_EVP_PKEY_SET_ALIAS_TYPE 0
+# define EVP_F_EVP_PKEY_SIGN 0
+# define EVP_F_EVP_PKEY_SIGN_INIT 0
+# define EVP_F_EVP_PKEY_VERIFY 0
+# define EVP_F_EVP_PKEY_VERIFY_INIT 0
+# define EVP_F_EVP_PKEY_VERIFY_RECOVER 0
+# define EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT 0
+# define EVP_F_EVP_SIGNFINAL 0
+# define EVP_F_EVP_VERIFYFINAL 0
+# define EVP_F_INT_CTX_NEW 0
+# define EVP_F_OK_NEW 0
+# define EVP_F_PKCS5_PBE_KEYIVGEN 0
+# define EVP_F_PKCS5_V2_PBE_KEYIVGEN 0
+# define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN 0
+# define EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN 0
+# define EVP_F_PKEY_SET_TYPE 0
+# define EVP_F_RC2_MAGIC_TO_METH 0
+# define EVP_F_RC5_CTRL 0
+# define EVP_F_R_32_12_16_INIT_KEY 0
+# define EVP_F_S390X_AES_GCM_CTRL 0
+# define EVP_F_UPDATE 0
+
+/*
+ * KDF function codes.
+ */
+# define KDF_F_PKEY_HKDF_CTRL_STR 0
+# define KDF_F_PKEY_HKDF_DERIVE 0
+# define KDF_F_PKEY_HKDF_INIT 0
+# define KDF_F_PKEY_SCRYPT_CTRL_STR 0
+# define KDF_F_PKEY_SCRYPT_CTRL_UINT64 0
+# define KDF_F_PKEY_SCRYPT_DERIVE 0
+# define KDF_F_PKEY_SCRYPT_INIT 0
+# define KDF_F_PKEY_SCRYPT_SET_MEMBUF 0
+# define KDF_F_PKEY_TLS1_PRF_CTRL_STR 0
+# define KDF_F_PKEY_TLS1_PRF_DERIVE 0
+# define KDF_F_PKEY_TLS1_PRF_INIT 0
+# define KDF_F_TLS1_PRF_ALG 0
+
+/*
+ * KDF reason codes.
+ */
+# define KDF_R_INVALID_DIGEST 0
+# define KDF_R_MISSING_ITERATION_COUNT 0
+# define KDF_R_MISSING_KEY 0
+# define KDF_R_MISSING_MESSAGE_DIGEST 0
+# define KDF_R_MISSING_PARAMETER 0
+# define KDF_R_MISSING_PASS 0
+# define KDF_R_MISSING_SALT 0
+# define KDF_R_MISSING_SECRET 0
+# define KDF_R_MISSING_SEED 0
+# define KDF_R_UNKNOWN_PARAMETER_TYPE 0
+# define KDF_R_VALUE_ERROR 0
+# define KDF_R_VALUE_MISSING 0
+
+/*
+ * OBJ function codes.
+ */
+# define OBJ_F_OBJ_ADD_OBJECT 0
+# define OBJ_F_OBJ_ADD_SIGID 0
+# define OBJ_F_OBJ_CREATE 0
+# define OBJ_F_OBJ_DUP 0
+# define OBJ_F_OBJ_NAME_NEW_INDEX 0
+# define OBJ_F_OBJ_NID2LN 0
+# define OBJ_F_OBJ_NID2OBJ 0
+# define OBJ_F_OBJ_NID2SN 0
+# define OBJ_F_OBJ_TXT2OBJ 0
+
+# ifndef OPENSSL_NO_OCSP
+/*
+ * OCSP function codes.
+ */
+# define OCSP_F_D2I_OCSP_NONCE 0
+# define OCSP_F_OCSP_BASIC_ADD1_STATUS 0
+# define OCSP_F_OCSP_BASIC_SIGN 0
+# define OCSP_F_OCSP_BASIC_SIGN_CTX 0
+# define OCSP_F_OCSP_BASIC_VERIFY 0
+# define OCSP_F_OCSP_CERT_ID_NEW 0
+# define OCSP_F_OCSP_CHECK_DELEGATED 0
+# define OCSP_F_OCSP_CHECK_IDS 0
+# define OCSP_F_OCSP_CHECK_ISSUER 0
+# define OCSP_F_OCSP_CHECK_VALIDITY 0
+# define OCSP_F_OCSP_MATCH_ISSUERID 0
+# define OCSP_F_OCSP_PARSE_URL 0
+# define OCSP_F_OCSP_REQUEST_SIGN 0
+# define OCSP_F_OCSP_REQUEST_VERIFY 0
+# define OCSP_F_OCSP_RESPONSE_GET1_BASIC 0
+# define OCSP_F_PARSE_HTTP_LINE1 0
+# endif
+
+/*
+ * PEM function codes.
+ */
+# define PEM_F_B2I_DSS 0
+# define PEM_F_B2I_PVK_BIO 0
+# define PEM_F_B2I_RSA 0
+# define PEM_F_CHECK_BITLEN_DSA 0
+# define PEM_F_CHECK_BITLEN_RSA 0
+# define PEM_F_D2I_PKCS8PRIVATEKEY_BIO 0
+# define PEM_F_D2I_PKCS8PRIVATEKEY_FP 0
+# define PEM_F_DO_B2I 0
+# define PEM_F_DO_B2I_BIO 0
+# define PEM_F_DO_BLOB_HEADER 0
+# define PEM_F_DO_I2B 0
+# define PEM_F_DO_PK8PKEY 0
+# define PEM_F_DO_PK8PKEY_FP 0
+# define PEM_F_DO_PVK_BODY 0
+# define PEM_F_DO_PVK_HEADER 0
+# define PEM_F_GET_HEADER_AND_DATA 0
+# define PEM_F_GET_NAME 0
+# define PEM_F_I2B_PVK 0
+# define PEM_F_I2B_PVK_BIO 0
+# define PEM_F_LOAD_IV 0
+# define PEM_F_PEM_ASN1_READ 0
+# define PEM_F_PEM_ASN1_READ_BIO 0
+# define PEM_F_PEM_ASN1_WRITE 0
+# define PEM_F_PEM_ASN1_WRITE_BIO 0
+# define PEM_F_PEM_DEF_CALLBACK 0
+# define PEM_F_PEM_DO_HEADER 0
+# define PEM_F_PEM_GET_EVP_CIPHER_INFO 0
+# define PEM_F_PEM_READ 0
+# define PEM_F_PEM_READ_BIO 0
+# define PEM_F_PEM_READ_BIO_DHPARAMS 0
+# define PEM_F_PEM_READ_BIO_EX 0
+# define PEM_F_PEM_READ_BIO_PARAMETERS 0
+# define PEM_F_PEM_READ_BIO_PRIVATEKEY 0
+# define PEM_F_PEM_READ_DHPARAMS 0
+# define PEM_F_PEM_READ_PRIVATEKEY 0
+# define PEM_F_PEM_SIGNFINAL 0
+# define PEM_F_PEM_WRITE 0
+# define PEM_F_PEM_WRITE_BIO 0
+# define PEM_F_PEM_WRITE_BIO_PRIVATEKEY_TRADITIONAL 0
+# define PEM_F_PEM_WRITE_PRIVATEKEY 0
+# define PEM_F_PEM_X509_INFO_READ 0
+# define PEM_F_PEM_X509_INFO_READ_BIO 0
+# define PEM_F_PEM_X509_INFO_WRITE_BIO 0
+
+/*
+ * PKCS12 function codes.
+ */
+# define PKCS12_F_OPENSSL_ASC2UNI 0
+# define PKCS12_F_OPENSSL_UNI2ASC 0
+# define PKCS12_F_OPENSSL_UNI2UTF8 0
+# define PKCS12_F_OPENSSL_UTF82UNI 0
+# define PKCS12_F_PKCS12_CREATE 0
+# define PKCS12_F_PKCS12_GEN_MAC 0
+# define PKCS12_F_PKCS12_INIT 0
+# define PKCS12_F_PKCS12_ITEM_DECRYPT_D2I 0
+# define PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT 0
+# define PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG 0
+# define PKCS12_F_PKCS12_KEY_GEN_ASC 0
+# define PKCS12_F_PKCS12_KEY_GEN_UNI 0
+# define PKCS12_F_PKCS12_KEY_GEN_UTF8 0
+# define PKCS12_F_PKCS12_NEWPASS 0
+# define PKCS12_F_PKCS12_PACK_P7DATA 0
+# define PKCS12_F_PKCS12_PACK_P7ENCDATA 0
+# define PKCS12_F_PKCS12_PARSE 0
+# define PKCS12_F_PKCS12_PBE_CRYPT 0
+# define PKCS12_F_PKCS12_PBE_KEYIVGEN 0
+# define PKCS12_F_PKCS12_SAFEBAG_CREATE0_P8INF 0
+# define PKCS12_F_PKCS12_SAFEBAG_CREATE0_PKCS8 0
+# define PKCS12_F_PKCS12_SAFEBAG_CREATE_PKCS8_ENCRYPT 0
+# define PKCS12_F_PKCS12_SETUP_MAC 0
+# define PKCS12_F_PKCS12_SET_MAC 0
+# define PKCS12_F_PKCS12_UNPACK_AUTHSAFES 0
+# define PKCS12_F_PKCS12_UNPACK_P7DATA 0
+# define PKCS12_F_PKCS12_VERIFY_MAC 0
+# define PKCS12_F_PKCS8_ENCRYPT 0
+# define PKCS12_F_PKCS8_SET0_PBE 0
+
+/*
+ * PKCS7 function codes.
+ */
+# define PKCS7_F_DO_PKCS7_SIGNED_ATTRIB 0
+# define PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME 0
+# define PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP 0
+# define PKCS7_F_PKCS7_ADD_CERTIFICATE 0
+# define PKCS7_F_PKCS7_ADD_CRL 0
+# define PKCS7_F_PKCS7_ADD_RECIPIENT_INFO 0
+# define PKCS7_F_PKCS7_ADD_SIGNATURE 0
+# define PKCS7_F_PKCS7_ADD_SIGNER 0
+# define PKCS7_F_PKCS7_BIO_ADD_DIGEST 0
+# define PKCS7_F_PKCS7_COPY_EXISTING_DIGEST 0
+# define PKCS7_F_PKCS7_CTRL 0
+# define PKCS7_F_PKCS7_DATADECODE 0
+# define PKCS7_F_PKCS7_DATAFINAL 0
+# define PKCS7_F_PKCS7_DATAINIT 0
+# define PKCS7_F_PKCS7_DATAVERIFY 0
+# define PKCS7_F_PKCS7_DECRYPT 0
+# define PKCS7_F_PKCS7_DECRYPT_RINFO 0
+# define PKCS7_F_PKCS7_ENCODE_RINFO 0
+# define PKCS7_F_PKCS7_ENCRYPT 0
+# define PKCS7_F_PKCS7_FINAL 0
+# define PKCS7_F_PKCS7_FIND_DIGEST 0
+# define PKCS7_F_PKCS7_GET0_SIGNERS 0
+# define PKCS7_F_PKCS7_RECIP_INFO_SET 0
+# define PKCS7_F_PKCS7_SET_CIPHER 0
+# define PKCS7_F_PKCS7_SET_CONTENT 0
+# define PKCS7_F_PKCS7_SET_DIGEST 0
+# define PKCS7_F_PKCS7_SET_TYPE 0
+# define PKCS7_F_PKCS7_SIGN 0
+# define PKCS7_F_PKCS7_SIGNATUREVERIFY 0
+# define PKCS7_F_PKCS7_SIGNER_INFO_SET 0
+# define PKCS7_F_PKCS7_SIGNER_INFO_SIGN 0
+# define PKCS7_F_PKCS7_SIGN_ADD_SIGNER 0
+# define PKCS7_F_PKCS7_SIMPLE_SMIMECAP 0
+# define PKCS7_F_PKCS7_VERIFY 0
+
+/*
+ * RAND function codes.
+ */
+# define RAND_F_DATA_COLLECT_METHOD 0
+# define RAND_F_DRBG_BYTES 0
+# define RAND_F_DRBG_GET_ENTROPY 0
+# define RAND_F_DRBG_SETUP 0
+# define RAND_F_GET_ENTROPY 0
+# define RAND_F_RAND_BYTES 0
+# define RAND_F_RAND_DRBG_ENABLE_LOCKING 0
+# define RAND_F_RAND_DRBG_GENERATE 0
+# define RAND_F_RAND_DRBG_GET_ENTROPY 0
+# define RAND_F_RAND_DRBG_GET_NONCE 0
+# define RAND_F_RAND_DRBG_INSTANTIATE 0
+# define RAND_F_RAND_DRBG_NEW 0
+# define RAND_F_RAND_DRBG_RESEED 0
+# define RAND_F_RAND_DRBG_RESTART 0
+# define RAND_F_RAND_DRBG_SET 0
+# define RAND_F_RAND_DRBG_SET_DEFAULTS 0
+# define RAND_F_RAND_DRBG_UNINSTANTIATE 0
+# define RAND_F_RAND_LOAD_FILE 0
+# define RAND_F_RAND_POOL_ACQUIRE_ENTROPY 0
+# define RAND_F_RAND_POOL_ADD 0
+# define RAND_F_RAND_POOL_ADD_BEGIN 0
+# define RAND_F_RAND_POOL_ADD_END 0
+# define RAND_F_RAND_POOL_ATTACH 0
+# define RAND_F_RAND_POOL_BYTES_NEEDED 0
+# define RAND_F_RAND_POOL_GROW 0
+# define RAND_F_RAND_POOL_NEW 0
+# define RAND_F_RAND_PSEUDO_BYTES 0
+# define RAND_F_RAND_WRITE_FILE 0
+
+/*
+ * RSA function codes.
+ */
+# define RSA_F_CHECK_PADDING_MD 0
+# define RSA_F_ENCODE_PKCS1 0
+# define RSA_F_INT_RSA_VERIFY 0
+# define RSA_F_OLD_RSA_PRIV_DECODE 0
+# define RSA_F_PKEY_PSS_INIT 0
+# define RSA_F_PKEY_RSA_CTRL 0
+# define RSA_F_PKEY_RSA_CTRL_STR 0
+# define RSA_F_PKEY_RSA_SIGN 0
+# define RSA_F_PKEY_RSA_VERIFY 0
+# define RSA_F_PKEY_RSA_VERIFYRECOVER 0
+# define RSA_F_RSA_ALGOR_TO_MD 0
+# define RSA_F_RSA_BUILTIN_KEYGEN 0
+# define RSA_F_RSA_CHECK_KEY 0
+# define RSA_F_RSA_CHECK_KEY_EX 0
+# define RSA_F_RSA_CMS_DECRYPT 0
+# define RSA_F_RSA_CMS_VERIFY 0
+# define RSA_F_RSA_ITEM_VERIFY 0
+# define RSA_F_RSA_METH_DUP 0
+# define RSA_F_RSA_METH_NEW 0
+# define RSA_F_RSA_METH_SET1_NAME 0
+# define RSA_F_RSA_MGF1_TO_MD 0
+# define RSA_F_RSA_MULTIP_INFO_NEW 0
+# define RSA_F_RSA_NEW_METHOD 0
+# define RSA_F_RSA_NULL 0
+# define RSA_F_RSA_NULL_PRIVATE_DECRYPT 0
+# define RSA_F_RSA_NULL_PRIVATE_ENCRYPT 0
+# define RSA_F_RSA_NULL_PUBLIC_DECRYPT 0
+# define RSA_F_RSA_NULL_PUBLIC_ENCRYPT 0
+# define RSA_F_RSA_OSSL_PRIVATE_DECRYPT 0
+# define RSA_F_RSA_OSSL_PRIVATE_ENCRYPT 0
+# define RSA_F_RSA_OSSL_PUBLIC_DECRYPT 0
+# define RSA_F_RSA_OSSL_PUBLIC_ENCRYPT 0
+# define RSA_F_RSA_PADDING_ADD_NONE 0
+# define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 0
+# define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1 0
+# define RSA_F_RSA_PADDING_ADD_PKCS1_PSS 0
+# define RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1 0
+# define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 0
+# define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 0
+# define RSA_F_RSA_PADDING_ADD_SSLV23 0
+# define RSA_F_RSA_PADDING_ADD_X931 0
+# define RSA_F_RSA_PADDING_CHECK_NONE 0
+# define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP 0
+# define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1 0
+# define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 0
+# define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 0
+# define RSA_F_RSA_PADDING_CHECK_SSLV23 0
+# define RSA_F_RSA_PADDING_CHECK_X931 0
+# define RSA_F_RSA_PARAM_DECODE 0
+# define RSA_F_RSA_PRINT 0
+# define RSA_F_RSA_PRINT_FP 0
+# define RSA_F_RSA_PRIV_DECODE 0
+# define RSA_F_RSA_PRIV_ENCODE 0
+# define RSA_F_RSA_PSS_GET_PARAM 0
+# define RSA_F_RSA_PSS_TO_CTX 0
+# define RSA_F_RSA_PUB_DECODE 0
+# define RSA_F_RSA_SETUP_BLINDING 0
+# define RSA_F_RSA_SIGN 0
+# define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 0
+# define RSA_F_RSA_VERIFY 0
+# define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 0
+# define RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1 0
+# define RSA_F_SETUP_TBUF 0
+
+/*
+ * OSSL_STORE function codes.
+ */
+# define OSSL_STORE_F_FILE_CTRL 0
+# define OSSL_STORE_F_FILE_FIND 0
+# define OSSL_STORE_F_FILE_GET_PASS 0
+# define OSSL_STORE_F_FILE_LOAD 0
+# define OSSL_STORE_F_FILE_LOAD_TRY_DECODE 0
+# define OSSL_STORE_F_FILE_NAME_TO_URI 0
+# define OSSL_STORE_F_FILE_OPEN 0
+# define OSSL_STORE_F_OSSL_STORE_ATTACH_PEM_BIO 0
+# define OSSL_STORE_F_OSSL_STORE_EXPECT 0
+# define OSSL_STORE_F_OSSL_STORE_FILE_ATTACH_PEM_BIO_INT 0
+# define OSSL_STORE_F_OSSL_STORE_FIND 0
+# define OSSL_STORE_F_OSSL_STORE_GET0_LOADER_INT 0
+# define OSSL_STORE_F_OSSL_STORE_INFO_GET1_CERT 0
+# define OSSL_STORE_F_OSSL_STORE_INFO_GET1_CRL 0
+# define OSSL_STORE_F_OSSL_STORE_INFO_GET1_NAME 0
+# define OSSL_STORE_F_OSSL_STORE_INFO_GET1_NAME_DESCRIPTION 0
+# define OSSL_STORE_F_OSSL_STORE_INFO_GET1_PARAMS 0
+# define OSSL_STORE_F_OSSL_STORE_INFO_GET1_PKEY 0
+# define OSSL_STORE_F_OSSL_STORE_INFO_NEW_CERT 0
+# define OSSL_STORE_F_OSSL_STORE_INFO_NEW_CRL 0
+# define OSSL_STORE_F_OSSL_STORE_INFO_NEW_EMBEDDED 0
+# define OSSL_STORE_F_OSSL_STORE_INFO_NEW_NAME 0
+# define OSSL_STORE_F_OSSL_STORE_INFO_NEW_PARAMS 0
+# define OSSL_STORE_F_OSSL_STORE_INFO_NEW_PKEY 0
+# define OSSL_STORE_F_OSSL_STORE_INFO_SET0_NAME_DESCRIPTION 0
+# define OSSL_STORE_F_OSSL_STORE_INIT_ONCE 0
+# define OSSL_STORE_F_OSSL_STORE_LOADER_NEW 0
+# define OSSL_STORE_F_OSSL_STORE_OPEN 0
+# define OSSL_STORE_F_OSSL_STORE_OPEN_INT 0
+# define OSSL_STORE_F_OSSL_STORE_REGISTER_LOADER_INT 0
+# define OSSL_STORE_F_OSSL_STORE_SEARCH_BY_ALIAS 0
+# define OSSL_STORE_F_OSSL_STORE_SEARCH_BY_ISSUER_SERIAL 0
+# define OSSL_STORE_F_OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT 0
+# define OSSL_STORE_F_OSSL_STORE_SEARCH_BY_NAME 0
+# define OSSL_STORE_F_OSSL_STORE_UNREGISTER_LOADER_INT 0
+# define OSSL_STORE_F_TRY_DECODE_PARAMS 0
+# define OSSL_STORE_F_TRY_DECODE_PKCS12 0
+# define OSSL_STORE_F_TRY_DECODE_PKCS8ENCRYPTED 0
+
+# ifndef OPENSSL_NO_TS
+/*
+ * TS function codes.
+ */
+# define TS_F_DEF_SERIAL_CB 0
+# define TS_F_DEF_TIME_CB 0
+# define TS_F_ESS_ADD_SIGNING_CERT 0
+# define TS_F_ESS_ADD_SIGNING_CERT_V2 0
+# define TS_F_ESS_CERT_ID_NEW_INIT 0
+# define TS_F_ESS_CERT_ID_V2_NEW_INIT 0
+# define TS_F_ESS_SIGNING_CERT_NEW_INIT 0
+# define TS_F_ESS_SIGNING_CERT_V2_NEW_INIT 0
+# define TS_F_INT_TS_RESP_VERIFY_TOKEN 0
+# define TS_F_PKCS7_TO_TS_TST_INFO 0
+# define TS_F_TS_ACCURACY_SET_MICROS 0
+# define TS_F_TS_ACCURACY_SET_MILLIS 0
+# define TS_F_TS_ACCURACY_SET_SECONDS 0
+# define TS_F_TS_CHECK_IMPRINTS 0
+# define TS_F_TS_CHECK_NONCES 0
+# define TS_F_TS_CHECK_POLICY 0
+# define TS_F_TS_CHECK_SIGNING_CERTS 0
+# define TS_F_TS_CHECK_STATUS_INFO 0
+# define TS_F_TS_COMPUTE_IMPRINT 0
+# define TS_F_TS_CONF_INVALID 0
+# define TS_F_TS_CONF_LOAD_CERT 0
+# define TS_F_TS_CONF_LOAD_CERTS 0
+# define TS_F_TS_CONF_LOAD_KEY 0
+# define TS_F_TS_CONF_LOOKUP_FAIL 0
+# define TS_F_TS_CONF_SET_DEFAULT_ENGINE 0
+# define TS_F_TS_GET_STATUS_TEXT 0
+# define TS_F_TS_MSG_IMPRINT_SET_ALGO 0
+# define TS_F_TS_REQ_SET_MSG_IMPRINT 0
+# define TS_F_TS_REQ_SET_NONCE 0
+# define TS_F_TS_REQ_SET_POLICY_ID 0
+# define TS_F_TS_RESP_CREATE_RESPONSE 0
+# define TS_F_TS_RESP_CREATE_TST_INFO 0
+# define TS_F_TS_RESP_CTX_ADD_FAILURE_INFO 0
+# define TS_F_TS_RESP_CTX_ADD_MD 0
+# define TS_F_TS_RESP_CTX_ADD_POLICY 0
+# define TS_F_TS_RESP_CTX_NEW 0
+# define TS_F_TS_RESP_CTX_SET_ACCURACY 0
+# define TS_F_TS_RESP_CTX_SET_CERTS 0
+# define TS_F_TS_RESP_CTX_SET_DEF_POLICY 0
+# define TS_F_TS_RESP_CTX_SET_SIGNER_CERT 0
+# define TS_F_TS_RESP_CTX_SET_STATUS_INFO 0
+# define TS_F_TS_RESP_GET_POLICY 0
+# define TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION 0
+# define TS_F_TS_RESP_SET_STATUS_INFO 0
+# define TS_F_TS_RESP_SET_TST_INFO 0
+# define TS_F_TS_RESP_SIGN 0
+# define TS_F_TS_RESP_VERIFY_SIGNATURE 0
+# define TS_F_TS_TST_INFO_SET_ACCURACY 0
+# define TS_F_TS_TST_INFO_SET_MSG_IMPRINT 0
+# define TS_F_TS_TST_INFO_SET_NONCE 0
+# define TS_F_TS_TST_INFO_SET_POLICY_ID 0
+# define TS_F_TS_TST_INFO_SET_SERIAL 0
+# define TS_F_TS_TST_INFO_SET_TIME 0
+# define TS_F_TS_TST_INFO_SET_TSA 0
+# define TS_F_TS_VERIFY 0
+# define TS_F_TS_VERIFY_CERT 0
+# define TS_F_TS_VERIFY_CTX_NEW 0
+# endif
+
+/*
+ * UI function codes.
+ */
+# define UI_F_CLOSE_CONSOLE 0
+# define UI_F_ECHO_CONSOLE 0
+# define UI_F_GENERAL_ALLOCATE_BOOLEAN 0
+# define UI_F_GENERAL_ALLOCATE_PROMPT 0
+# define UI_F_NOECHO_CONSOLE 0
+# define UI_F_OPEN_CONSOLE 0
+# define UI_F_UI_CONSTRUCT_PROMPT 0
+# define UI_F_UI_CREATE_METHOD 0
+# define UI_F_UI_CTRL 0
+# define UI_F_UI_DUP_ERROR_STRING 0
+# define UI_F_UI_DUP_INFO_STRING 0
+# define UI_F_UI_DUP_INPUT_BOOLEAN 0
+# define UI_F_UI_DUP_INPUT_STRING 0
+# define UI_F_UI_DUP_USER_DATA 0
+# define UI_F_UI_DUP_VERIFY_STRING 0
+# define UI_F_UI_GET0_RESULT 0
+# define UI_F_UI_GET_RESULT_LENGTH 0
+# define UI_F_UI_NEW_METHOD 0
+# define UI_F_UI_PROCESS 0
+# define UI_F_UI_SET_RESULT 0
+# define UI_F_UI_SET_RESULT_EX 0
+
+/*
+ * X509 function codes.
+ */
+# define X509_F_ADD_CERT_DIR 0
+# define X509_F_BUILD_CHAIN 0
+# define X509_F_BY_FILE_CTRL 0
+# define X509_F_CHECK_NAME_CONSTRAINTS 0
+# define X509_F_CHECK_POLICY 0
+# define X509_F_DANE_I2D 0
+# define X509_F_DIR_CTRL 0
+# define X509_F_GET_CERT_BY_SUBJECT 0
+# define X509_F_I2D_X509_AUX 0
+# define X509_F_LOOKUP_CERTS_SK 0
+# define X509_F_NETSCAPE_SPKI_B64_DECODE 0
+# define X509_F_NETSCAPE_SPKI_B64_ENCODE 0
+# define X509_F_NEW_DIR 0
+# define X509_F_X509AT_ADD1_ATTR 0
+# define X509_F_X509V3_ADD_EXT 0
+# define X509_F_X509_ATTRIBUTE_CREATE_BY_NID 0
+# define X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ 0
+# define X509_F_X509_ATTRIBUTE_CREATE_BY_TXT 0
+# define X509_F_X509_ATTRIBUTE_GET0_DATA 0
+# define X509_F_X509_ATTRIBUTE_SET1_DATA 0
+# define X509_F_X509_CHECK_PRIVATE_KEY 0
+# define X509_F_X509_CRL_DIFF 0
+# define X509_F_X509_CRL_METHOD_NEW 0
+# define X509_F_X509_CRL_PRINT_FP 0
+# define X509_F_X509_EXTENSION_CREATE_BY_NID 0
+# define X509_F_X509_EXTENSION_CREATE_BY_OBJ 0
+# define X509_F_X509_GET_PUBKEY_PARAMETERS 0
+# define X509_F_X509_LOAD_CERT_CRL_FILE 0
+# define X509_F_X509_LOAD_CERT_FILE 0
+# define X509_F_X509_LOAD_CRL_FILE 0
+# define X509_F_X509_LOOKUP_METH_NEW 0
+# define X509_F_X509_LOOKUP_NEW 0
+# define X509_F_X509_NAME_ADD_ENTRY 0
+# define X509_F_X509_NAME_CANON 0
+# define X509_F_X509_NAME_ENTRY_CREATE_BY_NID 0
+# define X509_F_X509_NAME_ENTRY_CREATE_BY_TXT 0
+# define X509_F_X509_NAME_ENTRY_SET_OBJECT 0
+# define X509_F_X509_NAME_ONELINE 0
+# define X509_F_X509_NAME_PRINT 0
+# define X509_F_X509_OBJECT_NEW 0
+# define X509_F_X509_PRINT_EX_FP 0
+# define X509_F_X509_PUBKEY_DECODE 0
+# define X509_F_X509_PUBKEY_GET 0
+# define X509_F_X509_PUBKEY_GET0 0
+# define X509_F_X509_PUBKEY_SET 0
+# define X509_F_X509_REQ_CHECK_PRIVATE_KEY 0
+# define X509_F_X509_REQ_PRINT_EX 0
+# define X509_F_X509_REQ_PRINT_FP 0
+# define X509_F_X509_REQ_TO_X509 0
+# define X509_F_X509_STORE_ADD_CERT 0
+# define X509_F_X509_STORE_ADD_CRL 0
+# define X509_F_X509_STORE_ADD_LOOKUP 0
+# define X509_F_X509_STORE_CTX_GET1_ISSUER 0
+# define X509_F_X509_STORE_CTX_INIT 0
+# define X509_F_X509_STORE_CTX_NEW 0
+# define X509_F_X509_STORE_CTX_PURPOSE_INHERIT 0
+# define X509_F_X509_STORE_NEW 0
+# define X509_F_X509_TO_X509_REQ 0
+# define X509_F_X509_TRUST_ADD 0
+# define X509_F_X509_TRUST_SET 0
+# define X509_F_X509_VERIFY_CERT 0
+# define X509_F_X509_VERIFY_PARAM_NEW 0
+
+/*
+ * X509V3 function codes.
+ */
+# define X509V3_F_A2I_GENERAL_NAME 0
+# define X509V3_F_ADDR_VALIDATE_PATH_INTERNAL 0
+# define X509V3_F_ASIDENTIFIERCHOICE_CANONIZE 0
+# define X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL 0
+# define X509V3_F_BIGNUM_TO_STRING 0
+# define X509V3_F_COPY_EMAIL 0
+# define X509V3_F_COPY_ISSUER 0
+# define X509V3_F_DO_DIRNAME 0
+# define X509V3_F_DO_EXT_I2D 0
+# define X509V3_F_DO_EXT_NCONF 0
+# define X509V3_F_GNAMES_FROM_SECTNAME 0
+# define X509V3_F_I2S_ASN1_ENUMERATED 0
+# define X509V3_F_I2S_ASN1_IA5STRING 0
+# define X509V3_F_I2S_ASN1_INTEGER 0
+# define X509V3_F_I2V_AUTHORITY_INFO_ACCESS 0
+# define X509V3_F_LEVEL_ADD_NODE 0
+# define X509V3_F_NOTICE_SECTION 0
+# define X509V3_F_NREF_NOS 0
+# define X509V3_F_POLICY_CACHE_CREATE 0
+# define X509V3_F_POLICY_CACHE_NEW 0
+# define X509V3_F_POLICY_DATA_NEW 0
+# define X509V3_F_POLICY_SECTION 0
+# define X509V3_F_PROCESS_PCI_VALUE 0
+# define X509V3_F_R2I_CERTPOL 0
+# define X509V3_F_R2I_PCI 0
+# define X509V3_F_S2I_ASN1_IA5STRING 0
+# define X509V3_F_S2I_ASN1_INTEGER 0
+# define X509V3_F_S2I_ASN1_OCTET_STRING 0
+# define X509V3_F_S2I_SKEY_ID 0
+# define X509V3_F_SET_DIST_POINT_NAME 0
+# define X509V3_F_SXNET_ADD_ID_ASC 0
+# define X509V3_F_SXNET_ADD_ID_INTEGER 0
+# define X509V3_F_SXNET_ADD_ID_ULONG 0
+# define X509V3_F_SXNET_GET_ID_ASC 0
+# define X509V3_F_SXNET_GET_ID_ULONG 0
+# define X509V3_F_TREE_INIT 0
+# define X509V3_F_V2I_ASIDENTIFIERS 0
+# define X509V3_F_V2I_ASN1_BIT_STRING 0
+# define X509V3_F_V2I_AUTHORITY_INFO_ACCESS 0
+# define X509V3_F_V2I_AUTHORITY_KEYID 0
+# define X509V3_F_V2I_BASIC_CONSTRAINTS 0
+# define X509V3_F_V2I_CRLD 0
+# define X509V3_F_V2I_EXTENDED_KEY_USAGE 0
+# define X509V3_F_V2I_GENERAL_NAMES 0
+# define X509V3_F_V2I_GENERAL_NAME_EX 0
+# define X509V3_F_V2I_IDP 0
+# define X509V3_F_V2I_IPADDRBLOCKS 0
+# define X509V3_F_V2I_ISSUER_ALT 0
+# define X509V3_F_V2I_NAME_CONSTRAINTS 0
+# define X509V3_F_V2I_POLICY_CONSTRAINTS 0
+# define X509V3_F_V2I_POLICY_MAPPINGS 0
+# define X509V3_F_V2I_SUBJECT_ALT 0
+# define X509V3_F_V2I_TLS_FEATURE 0
+# define X509V3_F_V3_GENERIC_EXTENSION 0
+# define X509V3_F_X509V3_ADD1_I2D 0
+# define X509V3_F_X509V3_ADD_VALUE 0
+# define X509V3_F_X509V3_EXT_ADD 0
+# define X509V3_F_X509V3_EXT_ADD_ALIAS 0
+# define X509V3_F_X509V3_EXT_I2D 0
+# define X509V3_F_X509V3_EXT_NCONF 0
+# define X509V3_F_X509V3_GET_SECTION 0
+# define X509V3_F_X509V3_GET_STRING 0
+# define X509V3_F_X509V3_GET_VALUE_BOOL 0
+# define X509V3_F_X509V3_PARSE_LIST 0
+# define X509V3_F_X509_PURPOSE_ADD 0
+# define X509V3_F_X509_PURPOSE_SET 0
+
+/*
+ * Compatibility defines.
+ */
+# define EVP_R_OPERATON_NOT_INITIALIZED EVP_R_OPERATION_NOT_INITIALIZED
+
+# endif
+
+# ifdef __cplusplus
+}
+# endif
+#endif
diff --git a/openssl/include/openssl/ct.h b/openssl/include/openssl/ct.h
index 0a2fac67..47358a81 100644..100755
--- a/openssl/include/openssl/ct.h
+++ b/openssl/include/openssl/ct.h
@@ -1,4 +1,7 @@
/*
+ * WARNING: do not edit!
+ * Generated by makefile from include\openssl\ct.h.in
+ *
* Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
@@ -7,6 +10,8 @@
* https://www.openssl.org/source/license.html
*/
+
+
#ifndef OPENSSL_CT_H
# define OPENSSL_CT_H
# pragma once
@@ -34,8 +39,60 @@ extern "C" {
/* All hashes are SHA256 in v1 of Certificate Transparency */
# define CT_V1_HASHLEN SHA256_DIGEST_LENGTH
-DEFINE_OR_DECLARE_STACK_OF(SCT)
-DEFINE_OR_DECLARE_STACK_OF(CTLOG)
+SKM_DEFINE_STACK_OF_INTERNAL(SCT, SCT, SCT)
+#define sk_SCT_num(sk) OPENSSL_sk_num(ossl_check_const_SCT_sk_type(sk))
+#define sk_SCT_value(sk, idx) ((SCT *)OPENSSL_sk_value(ossl_check_const_SCT_sk_type(sk), (idx)))
+#define sk_SCT_new(cmp) ((STACK_OF(SCT) *)OPENSSL_sk_new(ossl_check_SCT_compfunc_type(cmp)))
+#define sk_SCT_new_null() ((STACK_OF(SCT) *)OPENSSL_sk_new_null())
+#define sk_SCT_new_reserve(cmp, n) ((STACK_OF(SCT) *)OPENSSL_sk_new_reserve(ossl_check_SCT_compfunc_type(cmp), (n)))
+#define sk_SCT_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_SCT_sk_type(sk), (n))
+#define sk_SCT_free(sk) OPENSSL_sk_free(ossl_check_SCT_sk_type(sk))
+#define sk_SCT_zero(sk) OPENSSL_sk_zero(ossl_check_SCT_sk_type(sk))
+#define sk_SCT_delete(sk, i) ((SCT *)OPENSSL_sk_delete(ossl_check_SCT_sk_type(sk), (i)))
+#define sk_SCT_delete_ptr(sk, ptr) ((SCT *)OPENSSL_sk_delete_ptr(ossl_check_SCT_sk_type(sk), ossl_check_SCT_type(ptr)))
+#define sk_SCT_push(sk, ptr) OPENSSL_sk_push(ossl_check_SCT_sk_type(sk), ossl_check_SCT_type(ptr))
+#define sk_SCT_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_SCT_sk_type(sk), ossl_check_SCT_type(ptr))
+#define sk_SCT_pop(sk) ((SCT *)OPENSSL_sk_pop(ossl_check_SCT_sk_type(sk)))
+#define sk_SCT_shift(sk) ((SCT *)OPENSSL_sk_shift(ossl_check_SCT_sk_type(sk)))
+#define sk_SCT_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_SCT_sk_type(sk),ossl_check_SCT_freefunc_type(freefunc))
+#define sk_SCT_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_SCT_sk_type(sk), ossl_check_SCT_type(ptr), (idx))
+#define sk_SCT_set(sk, idx, ptr) ((SCT *)OPENSSL_sk_set(ossl_check_SCT_sk_type(sk), (idx), ossl_check_SCT_type(ptr)))
+#define sk_SCT_find(sk, ptr) OPENSSL_sk_find(ossl_check_SCT_sk_type(sk), ossl_check_SCT_type(ptr))
+#define sk_SCT_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_SCT_sk_type(sk), ossl_check_SCT_type(ptr))
+#define sk_SCT_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_SCT_sk_type(sk), ossl_check_SCT_type(ptr), pnum)
+#define sk_SCT_sort(sk) OPENSSL_sk_sort(ossl_check_SCT_sk_type(sk))
+#define sk_SCT_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_SCT_sk_type(sk))
+#define sk_SCT_dup(sk) ((STACK_OF(SCT) *)OPENSSL_sk_dup(ossl_check_const_SCT_sk_type(sk)))
+#define sk_SCT_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(SCT) *)OPENSSL_sk_deep_copy(ossl_check_const_SCT_sk_type(sk), ossl_check_SCT_copyfunc_type(copyfunc), ossl_check_SCT_freefunc_type(freefunc)))
+#define sk_SCT_set_cmp_func(sk, cmp) ((sk_SCT_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_SCT_sk_type(sk), ossl_check_SCT_compfunc_type(cmp)))
+SKM_DEFINE_STACK_OF_INTERNAL(CTLOG, CTLOG, CTLOG)
+#define sk_CTLOG_num(sk) OPENSSL_sk_num(ossl_check_const_CTLOG_sk_type(sk))
+#define sk_CTLOG_value(sk, idx) ((CTLOG *)OPENSSL_sk_value(ossl_check_const_CTLOG_sk_type(sk), (idx)))
+#define sk_CTLOG_new(cmp) ((STACK_OF(CTLOG) *)OPENSSL_sk_new(ossl_check_CTLOG_compfunc_type(cmp)))
+#define sk_CTLOG_new_null() ((STACK_OF(CTLOG) *)OPENSSL_sk_new_null())
+#define sk_CTLOG_new_reserve(cmp, n) ((STACK_OF(CTLOG) *)OPENSSL_sk_new_reserve(ossl_check_CTLOG_compfunc_type(cmp), (n)))
+#define sk_CTLOG_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_CTLOG_sk_type(sk), (n))
+#define sk_CTLOG_free(sk) OPENSSL_sk_free(ossl_check_CTLOG_sk_type(sk))
+#define sk_CTLOG_zero(sk) OPENSSL_sk_zero(ossl_check_CTLOG_sk_type(sk))
+#define sk_CTLOG_delete(sk, i) ((CTLOG *)OPENSSL_sk_delete(ossl_check_CTLOG_sk_type(sk), (i)))
+#define sk_CTLOG_delete_ptr(sk, ptr) ((CTLOG *)OPENSSL_sk_delete_ptr(ossl_check_CTLOG_sk_type(sk), ossl_check_CTLOG_type(ptr)))
+#define sk_CTLOG_push(sk, ptr) OPENSSL_sk_push(ossl_check_CTLOG_sk_type(sk), ossl_check_CTLOG_type(ptr))
+#define sk_CTLOG_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_CTLOG_sk_type(sk), ossl_check_CTLOG_type(ptr))
+#define sk_CTLOG_pop(sk) ((CTLOG *)OPENSSL_sk_pop(ossl_check_CTLOG_sk_type(sk)))
+#define sk_CTLOG_shift(sk) ((CTLOG *)OPENSSL_sk_shift(ossl_check_CTLOG_sk_type(sk)))
+#define sk_CTLOG_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_CTLOG_sk_type(sk),ossl_check_CTLOG_freefunc_type(freefunc))
+#define sk_CTLOG_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_CTLOG_sk_type(sk), ossl_check_CTLOG_type(ptr), (idx))
+#define sk_CTLOG_set(sk, idx, ptr) ((CTLOG *)OPENSSL_sk_set(ossl_check_CTLOG_sk_type(sk), (idx), ossl_check_CTLOG_type(ptr)))
+#define sk_CTLOG_find(sk, ptr) OPENSSL_sk_find(ossl_check_CTLOG_sk_type(sk), ossl_check_CTLOG_type(ptr))
+#define sk_CTLOG_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_CTLOG_sk_type(sk), ossl_check_CTLOG_type(ptr))
+#define sk_CTLOG_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_CTLOG_sk_type(sk), ossl_check_CTLOG_type(ptr), pnum)
+#define sk_CTLOG_sort(sk) OPENSSL_sk_sort(ossl_check_CTLOG_sk_type(sk))
+#define sk_CTLOG_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_CTLOG_sk_type(sk))
+#define sk_CTLOG_dup(sk) ((STACK_OF(CTLOG) *)OPENSSL_sk_dup(ossl_check_const_CTLOG_sk_type(sk)))
+#define sk_CTLOG_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(CTLOG) *)OPENSSL_sk_deep_copy(ossl_check_const_CTLOG_sk_type(sk), ossl_check_CTLOG_copyfunc_type(copyfunc), ossl_check_CTLOG_freefunc_type(freefunc)))
+#define sk_CTLOG_set_cmp_func(sk, cmp) ((sk_CTLOG_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_CTLOG_sk_type(sk), ossl_check_CTLOG_compfunc_type(cmp)))
+
+
typedef enum {
CT_LOG_ENTRY_TYPE_NOT_SET = -1,
@@ -74,11 +131,11 @@ typedef enum {
* The caller is responsible for calling CT_POLICY_EVAL_CTX_free when finished
* with the CT_POLICY_EVAL_CTX.
*/
-CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new_with_libctx(OPENSSL_CTX *libctx,
- const char *propq);
+CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new_ex(OSSL_LIB_CTX *libctx,
+ const char *propq);
/*
- * The same as CT_POLICY_EVAL_CTX_new_with_libctx() but the default library
+ * The same as CT_POLICY_EVAL_CTX_new_ex() but the default library
* context and property query string is used.
*/
CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new(void);
@@ -331,7 +388,7 @@ __owur int SCT_LIST_validate(const STACK_OF(SCT) *scts,
/*********************************
- * SCT parsing and serialisation *
+ * SCT parsing and serialization *
*********************************/
/*
@@ -424,11 +481,11 @@ SCT *o2i_SCT(SCT **psct, const unsigned char **in, size_t len);
* Returns NULL if malloc fails or if |public_key| cannot be converted to DER.
* Should be deleted by the caller using CTLOG_free when no longer needed.
*/
-CTLOG *CTLOG_new_with_libctx(EVP_PKEY *public_key, const char *name,
- OPENSSL_CTX *libctx, const char *propq);
+CTLOG *CTLOG_new_ex(EVP_PKEY *public_key, const char *name, OSSL_LIB_CTX *libctx,
+ const char *propq);
/*
- * The same as CTLOG_new_with_libctx except that the default library context and
+ * The same as CTLOG_new_ex except that the default library context and
* property query string are used.
*/
CTLOG *CTLOG_new(EVP_PKEY *public_key, const char *name);
@@ -441,12 +498,12 @@ CTLOG *CTLOG_new(EVP_PKEY *public_key, const char *name);
* Returns 1 on success, 0 on failure.
* Should be deleted by the caller using CTLOG_free when no longer needed.
*/
-int CTLOG_new_from_base64_with_libctx(CTLOG **ct_log, const char *pkey_base64,
- const char *name, OPENSSL_CTX *libctx,
- const char *propq);
+int CTLOG_new_from_base64_ex(CTLOG **ct_log, const char *pkey_base64,
+ const char *name, OSSL_LIB_CTX *libctx,
+ const char *propq);
/*
- * The same as CTLOG_new_from_base64_with_libctx() except that the default
+ * The same as CTLOG_new_from_base64_ex() except that the default
* library context and property query string are used.
* Returns 1 on success, 0 on failure.
*/
@@ -475,10 +532,10 @@ EVP_PKEY *CTLOG_get0_public_key(const CTLOG *log);
* property query string.
* Should be deleted by the caller using CTLOG_STORE_free when no longer needed.
*/
-CTLOG_STORE *CTLOG_STORE_new_with_libctx(OPENSSL_CTX *libctx, const char *propq);
+CTLOG_STORE *CTLOG_STORE_new_ex(OSSL_LIB_CTX *libctx, const char *propq);
/*
- * Same as CTLOG_STORE_new_with_libctx except that the default libctx and
+ * Same as CTLOG_STORE_new_ex except that the default libctx and
* property query string are used.
* Should be deleted by the caller using CTLOG_STORE_free when no longer needed.
*/
diff --git a/openssl/include/openssl/cterr.h b/openssl/include/openssl/cterr.h
index 67f10e91..4762b044 100644..100755
--- a/openssl/include/openssl/cterr.h
+++ b/openssl/include/openssl/cterr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -14,49 +14,11 @@
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
+# include <openssl/cryptoerr_legacy.h>
-# include <openssl/opensslconf.h>
-
# ifndef OPENSSL_NO_CT
-# ifdef __cplusplus
-extern "C"
-# endif
-int ERR_load_CT_strings(void);
-
-/*
- * CT function codes.
- */
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define CT_F_CTLOG_NEW 0
-# define CT_F_CTLOG_NEW_FROM_BASE64 0
-# define CT_F_CTLOG_NEW_FROM_CONF 0
-# define CT_F_CTLOG_STORE_LOAD_CTX_NEW 0
-# define CT_F_CTLOG_STORE_LOAD_FILE 0
-# define CT_F_CTLOG_STORE_LOAD_LOG 0
-# define CT_F_CTLOG_STORE_NEW 0
-# define CT_F_CT_BASE64_DECODE 0
-# define CT_F_CT_POLICY_EVAL_CTX_NEW 0
-# define CT_F_CT_V1_LOG_ID_FROM_PKEY 0
-# define CT_F_I2O_SCT 0
-# define CT_F_I2O_SCT_LIST 0
-# define CT_F_I2O_SCT_SIGNATURE 0
-# define CT_F_O2I_SCT 0
-# define CT_F_O2I_SCT_LIST 0
-# define CT_F_O2I_SCT_SIGNATURE 0
-# define CT_F_SCT_CTX_NEW 0
-# define CT_F_SCT_CTX_VERIFY 0
-# define CT_F_SCT_NEW 0
-# define CT_F_SCT_NEW_FROM_BASE64 0
-# define CT_F_SCT_SET0_LOG_ID 0
-# define CT_F_SCT_SET1_EXTENSIONS 0
-# define CT_F_SCT_SET1_LOG_ID 0
-# define CT_F_SCT_SET1_SIGNATURE 0
-# define CT_F_SCT_SET_LOG_ENTRY_TYPE 0
-# define CT_F_SCT_SET_SIGNATURE_NID 0
-# define CT_F_SCT_SET_VERSION 0
-# endif
/*
* CT reason codes.
diff --git a/openssl/include/openssl/decoder.h b/openssl/include/openssl/decoder.h
new file mode 100755
index 00000000..702041af
--- /dev/null
+++ b/openssl/include/openssl/decoder.h
@@ -0,0 +1,133 @@
+/*
+ * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_DECODER_H
+# define OPENSSL_DECODER_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_STDIO
+# include <stdio.h>
+# endif
+# include <stdarg.h>
+# include <stddef.h>
+# include <openssl/decodererr.h>
+# include <openssl/types.h>
+# include <openssl/core.h>
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+OSSL_DECODER *OSSL_DECODER_fetch(OSSL_LIB_CTX *libctx, const char *name,
+ const char *properties);
+int OSSL_DECODER_up_ref(OSSL_DECODER *encoder);
+void OSSL_DECODER_free(OSSL_DECODER *encoder);
+
+const OSSL_PROVIDER *OSSL_DECODER_get0_provider(const OSSL_DECODER *encoder);
+const char *OSSL_DECODER_get0_properties(const OSSL_DECODER *encoder);
+const char *OSSL_DECODER_get0_name(const OSSL_DECODER *decoder);
+const char *OSSL_DECODER_get0_description(const OSSL_DECODER *decoder);
+int OSSL_DECODER_is_a(const OSSL_DECODER *encoder, const char *name);
+
+void OSSL_DECODER_do_all_provided(OSSL_LIB_CTX *libctx,
+ void (*fn)(OSSL_DECODER *encoder, void *arg),
+ void *arg);
+int OSSL_DECODER_names_do_all(const OSSL_DECODER *encoder,
+ void (*fn)(const char *name, void *data),
+ void *data);
+const OSSL_PARAM *OSSL_DECODER_gettable_params(OSSL_DECODER *decoder);
+int OSSL_DECODER_get_params(OSSL_DECODER *decoder, OSSL_PARAM params[]);
+
+const OSSL_PARAM *OSSL_DECODER_settable_ctx_params(OSSL_DECODER *encoder);
+OSSL_DECODER_CTX *OSSL_DECODER_CTX_new(void);
+int OSSL_DECODER_CTX_set_params(OSSL_DECODER_CTX *ctx,
+ const OSSL_PARAM params[]);
+void OSSL_DECODER_CTX_free(OSSL_DECODER_CTX *ctx);
+
+/* Utilities that help set specific parameters */
+int OSSL_DECODER_CTX_set_passphrase(OSSL_DECODER_CTX *ctx,
+ const unsigned char *kstr, size_t klen);
+int OSSL_DECODER_CTX_set_pem_password_cb(OSSL_DECODER_CTX *ctx,
+ pem_password_cb *cb, void *cbarg);
+int OSSL_DECODER_CTX_set_passphrase_cb(OSSL_DECODER_CTX *ctx,
+ OSSL_PASSPHRASE_CALLBACK *cb,
+ void *cbarg);
+int OSSL_DECODER_CTX_set_passphrase_ui(OSSL_DECODER_CTX *ctx,
+ const UI_METHOD *ui_method,
+ void *ui_data);
+
+/*
+ * Utilities to read the object to decode, with the result sent to cb.
+ * These will discover all provided methods
+ */
+
+int OSSL_DECODER_CTX_set_selection(OSSL_DECODER_CTX *ctx, int selection);
+int OSSL_DECODER_CTX_set_input_type(OSSL_DECODER_CTX *ctx,
+ const char *input_type);
+int OSSL_DECODER_CTX_set_input_structure(OSSL_DECODER_CTX *ctx,
+ const char *input_structure);
+int OSSL_DECODER_CTX_add_decoder(OSSL_DECODER_CTX *ctx, OSSL_DECODER *decoder);
+int OSSL_DECODER_CTX_add_extra(OSSL_DECODER_CTX *ctx,
+ OSSL_LIB_CTX *libctx, const char *propq);
+int OSSL_DECODER_CTX_get_num_decoders(OSSL_DECODER_CTX *ctx);
+
+typedef struct ossl_decoder_instance_st OSSL_DECODER_INSTANCE;
+OSSL_DECODER *
+OSSL_DECODER_INSTANCE_get_decoder(OSSL_DECODER_INSTANCE *decoder_inst);
+void *
+OSSL_DECODER_INSTANCE_get_decoder_ctx(OSSL_DECODER_INSTANCE *decoder_inst);
+const char *
+OSSL_DECODER_INSTANCE_get_input_type(OSSL_DECODER_INSTANCE *decoder_inst);
+const char *
+OSSL_DECODER_INSTANCE_get_input_structure(OSSL_DECODER_INSTANCE *decoder_inst,
+ int *was_set);
+
+typedef int OSSL_DECODER_CONSTRUCT(OSSL_DECODER_INSTANCE *decoder_inst,
+ const OSSL_PARAM *params,
+ void *construct_data);
+typedef void OSSL_DECODER_CLEANUP(void *construct_data);
+
+int OSSL_DECODER_CTX_set_construct(OSSL_DECODER_CTX *ctx,
+ OSSL_DECODER_CONSTRUCT *construct);
+int OSSL_DECODER_CTX_set_construct_data(OSSL_DECODER_CTX *ctx,
+ void *construct_data);
+int OSSL_DECODER_CTX_set_cleanup(OSSL_DECODER_CTX *ctx,
+ OSSL_DECODER_CLEANUP *cleanup);
+OSSL_DECODER_CONSTRUCT *OSSL_DECODER_CTX_get_construct(OSSL_DECODER_CTX *ctx);
+void *OSSL_DECODER_CTX_get_construct_data(OSSL_DECODER_CTX *ctx);
+OSSL_DECODER_CLEANUP *OSSL_DECODER_CTX_get_cleanup(OSSL_DECODER_CTX *ctx);
+
+int OSSL_DECODER_export(OSSL_DECODER_INSTANCE *decoder_inst,
+ void *reference, size_t reference_sz,
+ OSSL_CALLBACK *export_cb, void *export_cbarg);
+
+int OSSL_DECODER_from_bio(OSSL_DECODER_CTX *ctx, BIO *in);
+#ifndef OPENSSL_NO_STDIO
+int OSSL_DECODER_from_fp(OSSL_DECODER_CTX *ctx, FILE *in);
+#endif
+int OSSL_DECODER_from_data(OSSL_DECODER_CTX *ctx, const unsigned char **pdata,
+ size_t *pdata_len);
+
+/*
+ * Create the OSSL_DECODER_CTX with an associated type. This will perform
+ * an implicit OSSL_DECODER_fetch(), suitable for the object of that type.
+ */
+OSSL_DECODER_CTX *
+OSSL_DECODER_CTX_new_for_pkey(EVP_PKEY **pkey,
+ const char *input_type,
+ const char *input_struct,
+ const char *keytype, int selection,
+ OSSL_LIB_CTX *libctx, const char *propquery);
+
+# ifdef __cplusplus
+}
+# endif
+#endif
diff --git a/openssl/include/openssl/decodererr.h b/openssl/include/openssl/decodererr.h
new file mode 100755
index 00000000..6259c1bf
--- /dev/null
+++ b/openssl/include/openssl/decodererr.h
@@ -0,0 +1,28 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_DECODERERR_H
+# define OPENSSL_DECODERERR_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+# include <openssl/cryptoerr_legacy.h>
+
+
+
+/*
+ * OSSL_DECODER reason codes.
+ */
+# define OSSL_DECODER_R_COULD_NOT_DECODE_OBJECT 101
+# define OSSL_DECODER_R_DECODER_NOT_FOUND 102
+# define OSSL_DECODER_R_MISSING_GET_PARAMS 100
+
+#endif
diff --git a/openssl/include/openssl/des.h b/openssl/include/openssl/des.h
index fe27c6f2..87cb14db 100644..100755
--- a/openssl/include/openssl/des.h
+++ b/openssl/include/openssl/des.h
@@ -72,38 +72,39 @@ typedef struct DES_ks {
# define DES_fixup_key_parity DES_set_odd_parity
# endif
-
-DEPRECATEDIN_3_0(const char *DES_options(void))
-DEPRECATEDIN_3_0(void DES_ecb3_encrypt(const_DES_cblock *input,
- DES_cblock *output,
- DES_key_schedule *ks1,
- DES_key_schedule *ks2,
- DES_key_schedule *ks3, int enc))
-DEPRECATEDIN_3_0(DES_LONG DES_cbc_cksum(const unsigned char *input,
- DES_cblock *output, long length,
- DES_key_schedule *schedule,
- const_DES_cblock *ivec))
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 const char *DES_options(void);
+OSSL_DEPRECATEDIN_3_0
+void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+ DES_key_schedule *ks1, DES_key_schedule *ks2,
+ DES_key_schedule *ks3, int enc);
+OSSL_DEPRECATEDIN_3_0
+DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
+ long length, DES_key_schedule *schedule,
+ const_DES_cblock *ivec);
+# endif
/* DES_cbc_encrypt does not update the IV! Use DES_ncbc_encrypt instead. */
-DEPRECATEDIN_3_0(void DES_cbc_encrypt(const unsigned char *input,
- unsigned char *output, long length,
- DES_key_schedule *schedule,
- DES_cblock *ivec, int enc))
-DEPRECATEDIN_3_0(void DES_ncbc_encrypt(const unsigned char *input,
- unsigned char *output, long length,
- DES_key_schedule *schedule,
- DES_cblock *ivec, int enc))
-DEPRECATEDIN_3_0(void DES_xcbc_encrypt(const unsigned char *input,
- unsigned char *output, long length,
- DES_key_schedule *schedule,
- DES_cblock *ivec, const_DES_cblock *inw,
- const_DES_cblock *outw, int enc))
-DEPRECATEDIN_3_0(void DES_cfb_encrypt(const unsigned char *in,
- unsigned char *out, int numbits,
- long length, DES_key_schedule *schedule,
- DES_cblock *ivec, int enc))
-DEPRECATEDIN_3_0(void DES_ecb_encrypt(const_DES_cblock *input,
- DES_cblock *output, DES_key_schedule *ks,
- int enc))
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0
+void DES_cbc_encrypt(const unsigned char *input, unsigned char *output,
+ long length, DES_key_schedule *schedule, DES_cblock *ivec,
+ int enc);
+OSSL_DEPRECATEDIN_3_0
+void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
+ long length, DES_key_schedule *schedule, DES_cblock *ivec,
+ int enc);
+OSSL_DEPRECATEDIN_3_0
+void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
+ long length, DES_key_schedule *schedule, DES_cblock *ivec,
+ const_DES_cblock *inw, const_DES_cblock *outw, int enc);
+OSSL_DEPRECATEDIN_3_0
+void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
+ long length, DES_key_schedule *schedule, DES_cblock *ivec,
+ int enc);
+OSSL_DEPRECATEDIN_3_0
+void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+ DES_key_schedule *ks, int enc);
+# endif
/*
* This is the DES encryption function that gets called by just about every
@@ -115,8 +116,10 @@ DEPRECATEDIN_3_0(void DES_ecb_encrypt(const_DES_cblock *input,
* long's and ks is the DES_key_schedule to use. enc, is non zero specifies
* encryption, zero if decryption.
*/
-DEPRECATEDIN_3_0(void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks,
- int enc))
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0
+void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc);
+# endif
/*
* This functions is the same as DES_encrypt1() except that the DES initial
@@ -126,78 +129,79 @@ DEPRECATEDIN_3_0(void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks,
* DES_encrypt2() DES_encrypt2() FP() is the same as DES_encrypt1()
* DES_encrypt1() DES_encrypt1() except faster :-).
*/
-DEPRECATEDIN_3_0(void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks,
- int enc))
-
-DEPRECATEDIN_3_0(void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1,
- DES_key_schedule *ks2, DES_key_schedule *ks3))
-DEPRECATEDIN_3_0(void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1,
- DES_key_schedule *ks2, DES_key_schedule *ks3))
-DEPRECATEDIN_3_0(void DES_ede3_cbc_encrypt(const unsigned char *input,
- unsigned char *output, long length,
- DES_key_schedule *ks1,
- DES_key_schedule *ks2,
- DES_key_schedule *ks3,
- DES_cblock *ivec, int enc))
-DEPRECATEDIN_3_0(void DES_ede3_cfb64_encrypt(const unsigned char *in,
- unsigned char *out, long length,
- DES_key_schedule *ks1,
- DES_key_schedule *ks2,
- DES_key_schedule *ks3,
- DES_cblock *ivec, int *num,
- int enc))
-DEPRECATEDIN_3_0(void DES_ede3_cfb_encrypt(const unsigned char *in,
- unsigned char *out, int numbits,
- long length, DES_key_schedule *ks1,
- DES_key_schedule *ks2,
- DES_key_schedule *ks3,
- DES_cblock *ivec, int enc))
-DEPRECATEDIN_3_0(void DES_ede3_ofb64_encrypt(const unsigned char *in,
- unsigned char *out, long length,
- DES_key_schedule *ks1,
- DES_key_schedule *ks2,
- DES_key_schedule *ks3,
- DES_cblock *ivec, int *num))
-DEPRECATEDIN_3_0(char *DES_fcrypt(const char *buf, const char *salt, char *ret))
-DEPRECATEDIN_3_0(char *DES_crypt(const char *buf, const char *salt))
-DEPRECATEDIN_3_0(void DES_ofb_encrypt(const unsigned char *in,
- unsigned char *out, int numbits,
- long length, DES_key_schedule *schedule,
- DES_cblock *ivec))
-DEPRECATEDIN_3_0(void DES_pcbc_encrypt(const unsigned char *input,
- unsigned char *output, long length,
- DES_key_schedule *schedule,
- DES_cblock *ivec, int enc))
-DEPRECATEDIN_3_0(DES_LONG DES_quad_cksum(const unsigned char *input,
- DES_cblock output[], long length,
- int out_count, DES_cblock *seed))
-DEPRECATEDIN_3_0(int DES_random_key(DES_cblock *ret))
-DEPRECATEDIN_3_0(void DES_set_odd_parity(DES_cblock *key))
-DEPRECATEDIN_3_0(int DES_check_key_parity(const_DES_cblock *key))
-DEPRECATEDIN_3_0(int DES_is_weak_key(const_DES_cblock *key))
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0
+void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks, int enc);
+OSSL_DEPRECATEDIN_3_0
+void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1, DES_key_schedule *ks2,
+ DES_key_schedule *ks3);
+OSSL_DEPRECATEDIN_3_0
+void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1, DES_key_schedule *ks2,
+ DES_key_schedule *ks3);
+OSSL_DEPRECATEDIN_3_0
+void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
+ long length, DES_key_schedule *ks1,
+ DES_key_schedule *ks2, DES_key_schedule *ks3,
+ DES_cblock *ivec, int enc);
+OSSL_DEPRECATEDIN_3_0
+void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, DES_key_schedule *ks1,
+ DES_key_schedule *ks2, DES_key_schedule *ks3,
+ DES_cblock *ivec, int *num, int enc);
+OSSL_DEPRECATEDIN_3_0
+void DES_ede3_cfb_encrypt(const unsigned char *in, unsigned char *out,
+ int numbits, long length, DES_key_schedule *ks1,
+ DES_key_schedule *ks2, DES_key_schedule *ks3,
+ DES_cblock *ivec, int enc);
+OSSL_DEPRECATEDIN_3_0
+void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, DES_key_schedule *ks1,
+ DES_key_schedule *ks2, DES_key_schedule *ks3,
+ DES_cblock *ivec, int *num);
+OSSL_DEPRECATEDIN_3_0
+char *DES_fcrypt(const char *buf, const char *salt, char *ret);
+OSSL_DEPRECATEDIN_3_0
+char *DES_crypt(const char *buf, const char *salt);
+OSSL_DEPRECATEDIN_3_0
+void DES_ofb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
+ long length, DES_key_schedule *schedule, DES_cblock *ivec);
+OSSL_DEPRECATEDIN_3_0
+void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+ long length, DES_key_schedule *schedule,
+ DES_cblock *ivec, int enc);
+OSSL_DEPRECATEDIN_3_0
+DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+ long length, int out_count, DES_cblock *seed);
+OSSL_DEPRECATEDIN_3_0 int DES_random_key(DES_cblock *ret);
+OSSL_DEPRECATEDIN_3_0 void DES_set_odd_parity(DES_cblock *key);
+OSSL_DEPRECATEDIN_3_0 int DES_check_key_parity(const_DES_cblock *key);
+OSSL_DEPRECATEDIN_3_0 int DES_is_weak_key(const_DES_cblock *key);
+# endif
/*
* DES_set_key (= set_key = DES_key_sched = key_sched) calls
* DES_set_key_checked
*/
-DEPRECATEDIN_3_0(int DES_set_key(const_DES_cblock *key,
- DES_key_schedule *schedule))
-DEPRECATEDIN_3_0(int DES_key_sched(const_DES_cblock *key,
- DES_key_schedule *schedule))
-DEPRECATEDIN_3_0(int DES_set_key_checked(const_DES_cblock *key,
- DES_key_schedule *schedule))
-DEPRECATEDIN_3_0(void DES_set_key_unchecked(const_DES_cblock *key,
- DES_key_schedule *schedule))
-DEPRECATEDIN_3_0(void DES_string_to_key(const char *str, DES_cblock *key))
-DEPRECATEDIN_3_0(void DES_string_to_2keys(const char *str, DES_cblock *key1,
- DES_cblock *key2))
-DEPRECATEDIN_3_0(void DES_cfb64_encrypt(const unsigned char *in,
- unsigned char *out, long length,
- DES_key_schedule *schedule,
- DES_cblock *ivec, int *num, int enc))
-DEPRECATEDIN_3_0(void DES_ofb64_encrypt(const unsigned char *in,
- unsigned char *out, long length,
- DES_key_schedule *schedule,
- DES_cblock *ivec, int *num))
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0
+int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
+OSSL_DEPRECATEDIN_3_0
+int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
+OSSL_DEPRECATEDIN_3_0
+int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
+OSSL_DEPRECATEDIN_3_0
+void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
+OSSL_DEPRECATEDIN_3_0 void DES_string_to_key(const char *str, DES_cblock *key);
+OSSL_DEPRECATEDIN_3_0
+void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
+OSSL_DEPRECATEDIN_3_0
+void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, DES_key_schedule *schedule,
+ DES_cblock *ivec, int *num, int enc);
+OSSL_DEPRECATEDIN_3_0
+void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, DES_key_schedule *schedule,
+ DES_cblock *ivec, int *num);
+# endif
# ifdef __cplusplus
}
diff --git a/openssl/include/openssl/dh.h b/openssl/include/openssl/dh.h
index f47816d5..a94380d6 100644..100755
--- a/openssl/include/openssl/dh.h
+++ b/openssl/include/openssl/dh.h
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -17,21 +17,77 @@
# endif
# include <openssl/opensslconf.h>
+# include <openssl/types.h>
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+#include <stdlib.h>
+
+/* DH parameter generation types used by EVP_PKEY_CTX_set_dh_paramgen_type() */
+# define DH_PARAMGEN_TYPE_GENERATOR 0 /* Use a safe prime generator */
+# define DH_PARAMGEN_TYPE_FIPS_186_2 1 /* Use FIPS186-2 standard */
+# define DH_PARAMGEN_TYPE_FIPS_186_4 2 /* Use FIPS186-4 standard */
+# define DH_PARAMGEN_TYPE_GROUP 3 /* Use a named safe prime group */
+
+int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int typ);
+int EVP_PKEY_CTX_set_dh_paramgen_gindex(EVP_PKEY_CTX *ctx, int gindex);
+int EVP_PKEY_CTX_set_dh_paramgen_seed(EVP_PKEY_CTX *ctx,
+ const unsigned char *seed,
+ size_t seedlen);
+int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int pbits);
+int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int qlen);
+int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
+int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int gen);
+int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int gen);
+int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
+
+int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid);
+int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid);
+int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0
+int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+#endif
+
+# define EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN (EVP_PKEY_ALG_CTRL + 1)
+# define EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR (EVP_PKEY_ALG_CTRL + 2)
+# define EVP_PKEY_CTRL_DH_RFC5114 (EVP_PKEY_ALG_CTRL + 3)
+# define EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN (EVP_PKEY_ALG_CTRL + 4)
+# define EVP_PKEY_CTRL_DH_PARAMGEN_TYPE (EVP_PKEY_ALG_CTRL + 5)
+# define EVP_PKEY_CTRL_DH_KDF_TYPE (EVP_PKEY_ALG_CTRL + 6)
+# define EVP_PKEY_CTRL_DH_KDF_MD (EVP_PKEY_ALG_CTRL + 7)
+# define EVP_PKEY_CTRL_GET_DH_KDF_MD (EVP_PKEY_ALG_CTRL + 8)
+# define EVP_PKEY_CTRL_DH_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 9)
+# define EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 10)
+# define EVP_PKEY_CTRL_DH_KDF_UKM (EVP_PKEY_ALG_CTRL + 11)
+# define EVP_PKEY_CTRL_GET_DH_KDF_UKM (EVP_PKEY_ALG_CTRL + 12)
+# define EVP_PKEY_CTRL_DH_KDF_OID (EVP_PKEY_ALG_CTRL + 13)
+# define EVP_PKEY_CTRL_GET_DH_KDF_OID (EVP_PKEY_ALG_CTRL + 14)
+# define EVP_PKEY_CTRL_DH_NID (EVP_PKEY_ALG_CTRL + 15)
+# define EVP_PKEY_CTRL_DH_PAD (EVP_PKEY_ALG_CTRL + 16)
+
+/* KDF types */
+# define EVP_PKEY_DH_KDF_NONE 1
+# define EVP_PKEY_DH_KDF_X9_42 2
# ifndef OPENSSL_NO_DH
# include <openssl/e_os2.h>
# include <openssl/bio.h>
# include <openssl/asn1.h>
-# include <openssl/types.h>
# ifndef OPENSSL_NO_DEPRECATED_1_1_0
# include <openssl/bn.h>
# endif
# include <openssl/dherr.h>
-# ifdef __cplusplus
-extern "C" {
-# endif
-
# ifndef OPENSSL_DH_MAX_MODULUS_BITS
# define OPENSSL_DH_MAX_MODULUS_BITS 10000
# endif
@@ -40,6 +96,10 @@ extern "C" {
# define DH_FLAG_CACHE_MONT_P 0x01
+# define DH_FLAG_TYPE_MASK 0xF000
+# define DH_FLAG_TYPE_DH 0x0000
+# define DH_FLAG_TYPE_DHX 0x1000
+
# ifndef OPENSSL_NO_DEPRECATED_1_1_0
/*
* Does nothing. Previously this switched off constant time behaviour.
@@ -101,13 +161,7 @@ DECLARE_ASN1_ITEM(DHparams)
* primes p where (p-1)/2 is prime too are called "safe"; we define this for
* backward compatibility:
*/
-# define DH_CHECK_P_NOT_STRONG_PRIME DH_CHECK_P_NOT_SAFE_PRIME
-
-/* DH parameter generation types used by EVP_PKEY_CTX_set_dh_paramgen_type() */
-# define DH_PARAMGEN_TYPE_GENERATOR 0 /* Use a safe prime generator */
-# define DH_PARAMGEN_TYPE_FIPS_186_2 1 /* Use FIPS186-2 standard */
-# define DH_PARAMGEN_TYPE_FIPS_186_4 2 /* Use FIPS186-4 standard */
-# define DH_PARAMGEN_TYPE_GROUP 3 /* Use a named safe prime group */
+# define DH_CHECK_P_NOT_STRONG_PRIME DH_CHECK_P_NOT_SAFE_PRIME
# define d2i_DHparams_fp(fp, x) \
(DH *)ASN1_d2i_fp((char *(*)())DH_new, \
@@ -132,221 +186,143 @@ DECLARE_ASN1_ITEM(DHparams)
ASN1_d2i_bio_of(DH, DH_new, d2i_DHxparams, bp, x)
# define i2d_DHxparams_bio(bp, x) \
ASN1_i2d_bio_of(DH, i2d_DHxparams, bp, x)
-# endif
-DECLARE_ASN1_DUP_FUNCTION_name(DH, DHparams)
+DECLARE_ASN1_DUP_FUNCTION_name_attr(OSSL_DEPRECATEDIN_3_0, DH, DHparams)
-DEPRECATEDIN_3_0(const DH_METHOD *DH_OpenSSL(void))
+OSSL_DEPRECATEDIN_3_0 const DH_METHOD *DH_OpenSSL(void);
-DEPRECATEDIN_3_0(void DH_set_default_method(const DH_METHOD *meth))
-DEPRECATEDIN_3_0(const DH_METHOD *DH_get_default_method(void))
-DEPRECATEDIN_3_0(int DH_set_method(DH *dh, const DH_METHOD *meth))
-DEPRECATEDIN_3_0(DH *DH_new_method(ENGINE *engine))
+OSSL_DEPRECATEDIN_3_0 void DH_set_default_method(const DH_METHOD *meth);
+OSSL_DEPRECATEDIN_3_0 const DH_METHOD *DH_get_default_method(void);
+OSSL_DEPRECATEDIN_3_0 int DH_set_method(DH *dh, const DH_METHOD *meth);
+OSSL_DEPRECATEDIN_3_0 DH *DH_new_method(ENGINE *engine);
+
+OSSL_DEPRECATEDIN_3_0 DH *DH_new(void);
+OSSL_DEPRECATEDIN_3_0 void DH_free(DH *dh);
+OSSL_DEPRECATEDIN_3_0 int DH_up_ref(DH *dh);
+OSSL_DEPRECATEDIN_3_0 int DH_bits(const DH *dh);
+OSSL_DEPRECATEDIN_3_0 int DH_size(const DH *dh);
+OSSL_DEPRECATEDIN_3_0 int DH_security_bits(const DH *dh);
-DH *DH_new(void);
-void DH_free(DH *dh);
-int DH_up_ref(DH *dh);
-int DH_bits(const DH *dh);
-DEPRECATEDIN_3_0(int DH_size(const DH *dh))
-DEPRECATEDIN_3_0(int DH_security_bits(const DH *dh))
-# ifndef OPENSSL_NO_DEPRECATED_3_0
# define DH_get_ex_new_index(l, p, newf, dupf, freef) \
CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DH, l, p, newf, dupf, freef)
-# endif
-DEPRECATEDIN_3_0(int DH_set_ex_data(DH *d, int idx, void *arg))
-DEPRECATEDIN_3_0(void *DH_get_ex_data(const DH *d, int idx))
-/* Deprecated version */
-DEPRECATEDIN_0_9_8(DH *DH_generate_parameters(int prime_len, int generator,
- void (*callback) (int, int,
- void *),
- void *cb_arg))
-
-/* New version */
-DEPRECATEDIN_3_0(int DH_generate_parameters_ex(DH *dh, int prime_len,
- int generator, BN_GENCB *cb))
-
-DEPRECATEDIN_3_0(int DH_check_params_ex(const DH *dh))
-DEPRECATEDIN_3_0(int DH_check_ex(const DH *dh))
-DEPRECATEDIN_3_0(int DH_check_pub_key_ex(const DH *dh, const BIGNUM *pub_key))
-/*
- * TODO(3.0): deprecate DH_check_params once ssl/statem/statem_clnt.c is fixed.
- */
-int DH_check_params(const DH *dh, int *ret);
-DEPRECATEDIN_3_0(int DH_check(const DH *dh, int *codes))
-DEPRECATEDIN_3_0(int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key,
- int *codes))
-DEPRECATEDIN_3_0(int DH_generate_key(DH *dh))
-DEPRECATEDIN_3_0(int DH_compute_key(unsigned char *key, const BIGNUM *pub_key,
- DH *dh))
-DEPRECATEDIN_3_0(int DH_compute_key_padded(unsigned char *key,
- const BIGNUM *pub_key, DH *dh))
-DECLARE_ASN1_ENCODE_FUNCTIONS_only(DH, DHparams)
-DECLARE_ASN1_ENCODE_FUNCTIONS_only(DH, DHxparams)
-# ifndef OPENSSL_NO_STDIO
-DEPRECATEDIN_3_0(int DHparams_print_fp(FILE *fp, const DH *x))
-# endif
-DEPRECATEDIN_3_0(int DHparams_print(BIO *bp, const DH *x))
+OSSL_DEPRECATEDIN_3_0 int DH_set_ex_data(DH *d, int idx, void *arg);
+OSSL_DEPRECATEDIN_3_0 void *DH_get_ex_data(const DH *d, int idx);
+
+OSSL_DEPRECATEDIN_3_0 int DH_generate_parameters_ex(DH *dh, int prime_len,
+ int generator,
+ BN_GENCB *cb);
+
+OSSL_DEPRECATEDIN_3_0 int DH_check_params_ex(const DH *dh);
+OSSL_DEPRECATEDIN_3_0 int DH_check_ex(const DH *dh);
+OSSL_DEPRECATEDIN_3_0 int DH_check_pub_key_ex(const DH *dh, const BIGNUM *pub_key);
+OSSL_DEPRECATEDIN_3_0 int DH_check_params(const DH *dh, int *ret);
+OSSL_DEPRECATEDIN_3_0 int DH_check(const DH *dh, int *codes);
+OSSL_DEPRECATEDIN_3_0 int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key,
+ int *codes);
+OSSL_DEPRECATEDIN_3_0 int DH_generate_key(DH *dh);
+OSSL_DEPRECATEDIN_3_0 int DH_compute_key(unsigned char *key,
+ const BIGNUM *pub_key, DH *dh);
+OSSL_DEPRECATEDIN_3_0 int DH_compute_key_padded(unsigned char *key,
+ const BIGNUM *pub_key, DH *dh);
+
+DECLARE_ASN1_ENCODE_FUNCTIONS_only_attr(OSSL_DEPRECATEDIN_3_0, DH, DHparams)
+DECLARE_ASN1_ENCODE_FUNCTIONS_only_attr(OSSL_DEPRECATEDIN_3_0, DH, DHxparams)
+
+# ifndef OPENSSL_NO_STDIO
+OSSL_DEPRECATEDIN_3_0 int DHparams_print_fp(FILE *fp, const DH *x);
+# endif
+OSSL_DEPRECATEDIN_3_0 int DHparams_print(BIO *bp, const DH *x);
/* RFC 5114 parameters */
-DH *DH_get_1024_160(void);
-DH *DH_get_2048_224(void);
-DH *DH_get_2048_256(void);
+OSSL_DEPRECATEDIN_3_0 DH *DH_get_1024_160(void);
+OSSL_DEPRECATEDIN_3_0 DH *DH_get_2048_224(void);
+OSSL_DEPRECATEDIN_3_0 DH *DH_get_2048_256(void);
/* Named parameters, currently RFC7919 and RFC3526 */
-/* TODO(3.0): deprecate DH_new_by_nid() after converting ssl/s3_lib.c */
-DH *DH_new_by_nid(int nid);
-DEPRECATEDIN_3_0(int DH_get_nid(const DH *dh))
+OSSL_DEPRECATEDIN_3_0 DH *DH_new_by_nid(int nid);
+OSSL_DEPRECATEDIN_3_0 int DH_get_nid(const DH *dh);
-# ifndef OPENSSL_NO_CMS
/* RFC2631 KDF */
-DEPRECATEDIN_3_0(int DH_KDF_X9_42(unsigned char *out, size_t outlen,
- const unsigned char *Z, size_t Zlen,
- ASN1_OBJECT *key_oid,
- const unsigned char *ukm,
- size_t ukmlen, const EVP_MD *md))
-# endif
-
-void DH_get0_pqg(const DH *dh,
- const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
-int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
-void DH_get0_key(const DH *dh,
- const BIGNUM **pub_key, const BIGNUM **priv_key);
-int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key);
-const BIGNUM *DH_get0_p(const DH *dh);
-const BIGNUM *DH_get0_q(const DH *dh);
-const BIGNUM *DH_get0_g(const DH *dh);
-const BIGNUM *DH_get0_priv_key(const DH *dh);
-const BIGNUM *DH_get0_pub_key(const DH *dh);
-void DH_clear_flags(DH *dh, int flags);
-int DH_test_flags(const DH *dh, int flags);
-void DH_set_flags(DH *dh, int flags);
-DEPRECATEDIN_3_0(ENGINE *DH_get0_engine(DH *d))
-long DH_get_length(const DH *dh);
-int DH_set_length(DH *dh, long length);
-
-DEPRECATEDIN_3_0(DH_METHOD *DH_meth_new(const char *name, int flags))
-DEPRECATEDIN_3_0(void DH_meth_free(DH_METHOD *dhm))
-DEPRECATEDIN_3_0(DH_METHOD *DH_meth_dup(const DH_METHOD *dhm))
-DEPRECATEDIN_3_0(const char *DH_meth_get0_name(const DH_METHOD *dhm))
-DEPRECATEDIN_3_0(int DH_meth_set1_name(DH_METHOD *dhm, const char *name))
-DEPRECATEDIN_3_0(int DH_meth_get_flags(const DH_METHOD *dhm))
-DEPRECATEDIN_3_0(int DH_meth_set_flags(DH_METHOD *dhm, int flags))
-DEPRECATEDIN_3_0(void *DH_meth_get0_app_data(const DH_METHOD *dhm))
-DEPRECATEDIN_3_0(int DH_meth_set0_app_data(DH_METHOD *dhm, void *app_data))
-DEPRECATEDIN_3_0(int (*DH_meth_get_generate_key(const DH_METHOD *dhm)) (DH *))
-DEPRECATEDIN_3_0(int DH_meth_set_generate_key(DH_METHOD *dhm,
- int (*generate_key) (DH *)))
-DEPRECATEDIN_3_0(int (*DH_meth_get_compute_key(const DH_METHOD *dhm))
- (unsigned char *key,
- const BIGNUM *pub_key, DH *dh))
-DEPRECATEDIN_3_0(int DH_meth_set_compute_key(DH_METHOD *dhm,
- int (*compute_key)
- (unsigned char *key,
- const BIGNUM *pub_key,
- DH *dh)))
-DEPRECATEDIN_3_0(int (*DH_meth_get_bn_mod_exp(const DH_METHOD *dhm))
- (const DH *, BIGNUM *,
- const BIGNUM *,
- const BIGNUM *,
- const BIGNUM *, BN_CTX *,
- BN_MONT_CTX *))
-DEPRECATEDIN_3_0(int DH_meth_set_bn_mod_exp(DH_METHOD *dhm,
- int (*bn_mod_exp)
- (const DH *, BIGNUM *,
- const BIGNUM *, const BIGNUM *,
- const BIGNUM *, BN_CTX *,
- BN_MONT_CTX *)))
-DEPRECATEDIN_3_0(int (*DH_meth_get_init(const DH_METHOD *dhm))(DH *))
-DEPRECATEDIN_3_0(int DH_meth_set_init(DH_METHOD *dhm, int (*init)(DH *)))
-DEPRECATEDIN_3_0(int (*DH_meth_get_finish(const DH_METHOD *dhm)) (DH *))
-DEPRECATEDIN_3_0(int DH_meth_set_finish(DH_METHOD *dhm, int (*finish) (DH *)))
-DEPRECATEDIN_3_0(int (*DH_meth_get_generate_params(const DH_METHOD *dhm))
- (DH *, int, int,
- BN_GENCB *))
-DEPRECATEDIN_3_0(int DH_meth_set_generate_params(DH_METHOD *dhm,
- int (*generate_params)
- (DH *, int, int,
- BN_GENCB *)))
-
-int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int typ);
-int EVP_PKEY_CTX_set_dh_paramgen_gindex(EVP_PKEY_CTX *ctx, int gindex);
-int EVP_PKEY_CTX_set_dh_paramgen_seed(EVP_PKEY_CTX *ctx,
- const unsigned char *seed,
- size_t seedlen);
-int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int pbits);
-int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int qlen);
-int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
-int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
-int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int gen);
-int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int gen);
-int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
-
-# define EVP_PKEY_CTX_set_dh_kdf_type(ctx, kdf) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_DH_KDF_TYPE, kdf, NULL)
-
-# define EVP_PKEY_CTX_get_dh_kdf_type(ctx) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_DH_KDF_TYPE, -2, NULL)
-
-# define EVP_PKEY_CTX_set0_dh_kdf_oid(ctx, oid) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_DH_KDF_OID, 0, (void *)(oid))
-
-# define EVP_PKEY_CTX_get0_dh_kdf_oid(ctx, poid) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_GET_DH_KDF_OID, 0, (void *)(poid))
-
-# define EVP_PKEY_CTX_set_dh_kdf_md(ctx, md) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_DH_KDF_MD, 0, (void *)(md))
-
-# define EVP_PKEY_CTX_get_dh_kdf_md(ctx, pmd) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_GET_DH_KDF_MD, 0, (void *)(pmd))
-
-# define EVP_PKEY_CTX_set_dh_kdf_outlen(ctx, len) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_DH_KDF_OUTLEN, len, NULL)
-
-# define EVP_PKEY_CTX_get_dh_kdf_outlen(ctx, plen) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN, 0, (void *)(plen))
-
-# define EVP_PKEY_CTX_set0_dh_kdf_ukm(ctx, p, plen) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_DH_KDF_UKM, plen, (void *)(p))
-
-# define EVP_PKEY_CTX_get0_dh_kdf_ukm(ctx, p) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_GET_DH_KDF_UKM, 0, (void *)(p))
-
-# define EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN (EVP_PKEY_ALG_CTRL + 1)
-# define EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR (EVP_PKEY_ALG_CTRL + 2)
-# define EVP_PKEY_CTRL_DH_RFC5114 (EVP_PKEY_ALG_CTRL + 3)
-# define EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN (EVP_PKEY_ALG_CTRL + 4)
-# define EVP_PKEY_CTRL_DH_PARAMGEN_TYPE (EVP_PKEY_ALG_CTRL + 5)
-# define EVP_PKEY_CTRL_DH_KDF_TYPE (EVP_PKEY_ALG_CTRL + 6)
-# define EVP_PKEY_CTRL_DH_KDF_MD (EVP_PKEY_ALG_CTRL + 7)
-# define EVP_PKEY_CTRL_GET_DH_KDF_MD (EVP_PKEY_ALG_CTRL + 8)
-# define EVP_PKEY_CTRL_DH_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 9)
-# define EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 10)
-# define EVP_PKEY_CTRL_DH_KDF_UKM (EVP_PKEY_ALG_CTRL + 11)
-# define EVP_PKEY_CTRL_GET_DH_KDF_UKM (EVP_PKEY_ALG_CTRL + 12)
-# define EVP_PKEY_CTRL_DH_KDF_OID (EVP_PKEY_ALG_CTRL + 13)
-# define EVP_PKEY_CTRL_GET_DH_KDF_OID (EVP_PKEY_ALG_CTRL + 14)
-# define EVP_PKEY_CTRL_DH_NID (EVP_PKEY_ALG_CTRL + 15)
-# define EVP_PKEY_CTRL_DH_PAD (EVP_PKEY_ALG_CTRL + 16)
-
-/* KDF types */
-# define EVP_PKEY_DH_KDF_NONE 1
-# ifndef OPENSSL_NO_CMS
-# define EVP_PKEY_DH_KDF_X9_42 2
+OSSL_DEPRECATEDIN_3_0 int DH_KDF_X9_42(unsigned char *out, size_t outlen,
+ const unsigned char *Z, size_t Zlen,
+ ASN1_OBJECT *key_oid,
+ const unsigned char *ukm,
+ size_t ukmlen, const EVP_MD *md);
+
+OSSL_DEPRECATEDIN_3_0 void DH_get0_pqg(const DH *dh, const BIGNUM **p,
+ const BIGNUM **q, const BIGNUM **g);
+OSSL_DEPRECATEDIN_3_0 int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+OSSL_DEPRECATEDIN_3_0 void DH_get0_key(const DH *dh, const BIGNUM **pub_key,
+ const BIGNUM **priv_key);
+OSSL_DEPRECATEDIN_3_0 int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key);
+OSSL_DEPRECATEDIN_3_0 const BIGNUM *DH_get0_p(const DH *dh);
+OSSL_DEPRECATEDIN_3_0 const BIGNUM *DH_get0_q(const DH *dh);
+OSSL_DEPRECATEDIN_3_0 const BIGNUM *DH_get0_g(const DH *dh);
+OSSL_DEPRECATEDIN_3_0 const BIGNUM *DH_get0_priv_key(const DH *dh);
+OSSL_DEPRECATEDIN_3_0 const BIGNUM *DH_get0_pub_key(const DH *dh);
+OSSL_DEPRECATEDIN_3_0 void DH_clear_flags(DH *dh, int flags);
+OSSL_DEPRECATEDIN_3_0 int DH_test_flags(const DH *dh, int flags);
+OSSL_DEPRECATEDIN_3_0 void DH_set_flags(DH *dh, int flags);
+OSSL_DEPRECATEDIN_3_0 ENGINE *DH_get0_engine(DH *d);
+OSSL_DEPRECATEDIN_3_0 long DH_get_length(const DH *dh);
+OSSL_DEPRECATEDIN_3_0 int DH_set_length(DH *dh, long length);
+
+OSSL_DEPRECATEDIN_3_0 DH_METHOD *DH_meth_new(const char *name, int flags);
+OSSL_DEPRECATEDIN_3_0 void DH_meth_free(DH_METHOD *dhm);
+OSSL_DEPRECATEDIN_3_0 DH_METHOD *DH_meth_dup(const DH_METHOD *dhm);
+OSSL_DEPRECATEDIN_3_0 const char *DH_meth_get0_name(const DH_METHOD *dhm);
+OSSL_DEPRECATEDIN_3_0 int DH_meth_set1_name(DH_METHOD *dhm, const char *name);
+OSSL_DEPRECATEDIN_3_0 int DH_meth_get_flags(const DH_METHOD *dhm);
+OSSL_DEPRECATEDIN_3_0 int DH_meth_set_flags(DH_METHOD *dhm, int flags);
+OSSL_DEPRECATEDIN_3_0 void *DH_meth_get0_app_data(const DH_METHOD *dhm);
+OSSL_DEPRECATEDIN_3_0 int DH_meth_set0_app_data(DH_METHOD *dhm, void *app_data);
+OSSL_DEPRECATEDIN_3_0 int (*DH_meth_get_generate_key(const DH_METHOD *dhm)) (DH *);
+OSSL_DEPRECATEDIN_3_0 int DH_meth_set_generate_key(DH_METHOD *dhm,
+ int (*generate_key) (DH *));
+OSSL_DEPRECATEDIN_3_0 int (*DH_meth_get_compute_key(const DH_METHOD *dhm))
+ (unsigned char *key,
+ const BIGNUM *pub_key,
+ DH *dh);
+OSSL_DEPRECATEDIN_3_0 int DH_meth_set_compute_key(DH_METHOD *dhm,
+ int (*compute_key)
+ (unsigned char *key,
+ const BIGNUM *pub_key,
+ DH *dh));
+OSSL_DEPRECATEDIN_3_0 int (*DH_meth_get_bn_mod_exp(const DH_METHOD *dhm))
+ (const DH *, BIGNUM *,
+ const BIGNUM *,
+ const BIGNUM *,
+ const BIGNUM *, BN_CTX *,
+ BN_MONT_CTX *);
+OSSL_DEPRECATEDIN_3_0 int DH_meth_set_bn_mod_exp(DH_METHOD *dhm,
+ int (*bn_mod_exp)
+ (const DH *, BIGNUM *,
+ const BIGNUM *, const BIGNUM *,
+ const BIGNUM *, BN_CTX *,
+ BN_MONT_CTX *));
+OSSL_DEPRECATEDIN_3_0 int (*DH_meth_get_init(const DH_METHOD *dhm))(DH *);
+OSSL_DEPRECATEDIN_3_0 int DH_meth_set_init(DH_METHOD *dhm, int (*init)(DH *));
+OSSL_DEPRECATEDIN_3_0 int (*DH_meth_get_finish(const DH_METHOD *dhm)) (DH *);
+OSSL_DEPRECATEDIN_3_0 int DH_meth_set_finish(DH_METHOD *dhm, int (*finish) (DH *));
+OSSL_DEPRECATEDIN_3_0 int (*DH_meth_get_generate_params(const DH_METHOD *dhm))
+ (DH *, int, int,
+ BN_GENCB *);
+OSSL_DEPRECATEDIN_3_0 int DH_meth_set_generate_params(DH_METHOD *dhm,
+ int (*generate_params)
+ (DH *, int, int,
+ BN_GENCB *));
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
+
+# ifndef OPENSSL_NO_DEPRECATED_0_9_8
+OSSL_DEPRECATEDIN_0_9_8 DH *DH_generate_parameters(int prime_len, int generator,
+ void (*callback) (int, int,
+ void *),
+ void *cb_arg);
# endif
-# ifdef __cplusplus
+# endif
+# ifdef __cplusplus
}
-# endif
# endif
#endif
diff --git a/openssl/include/openssl/dherr.h b/openssl/include/openssl/dherr.h
index 7d8dd079..db56a2f4 100644..100755
--- a/openssl/include/openssl/dherr.h
+++ b/openssl/include/openssl/dherr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -14,50 +14,11 @@
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
+# include <openssl/cryptoerr_legacy.h>
-# include <openssl/opensslconf.h>
-
# ifndef OPENSSL_NO_DH
-# ifdef __cplusplus
-extern "C"
-# endif
-int ERR_load_DH_strings(void);
-
-/*
- * DH function codes.
- */
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define DH_F_COMPUTE_KEY 0
-# define DH_F_DHPARAMS_PRINT_FP 0
-# define DH_F_DH_BUF2KEY 0
-# define DH_F_DH_BUILTIN_GENPARAMS 0
-# define DH_F_DH_CHECK_EX 0
-# define DH_F_DH_CHECK_PARAMS_EX 0
-# define DH_F_DH_CHECK_PUB_KEY_EX 0
-# define DH_F_DH_CMS_DECRYPT 0
-# define DH_F_DH_CMS_SET_PEERKEY 0
-# define DH_F_DH_CMS_SET_SHARED_INFO 0
-# define DH_F_DH_KEY2BUF 0
-# define DH_F_DH_METH_DUP 0
-# define DH_F_DH_METH_NEW 0
-# define DH_F_DH_METH_SET1_NAME 0
-# define DH_F_DH_NEW_BY_NID 0
-# define DH_F_DH_NEW_METHOD 0
-# define DH_F_DH_PARAM_DECODE 0
-# define DH_F_DH_PKEY_PUBLIC_CHECK 0
-# define DH_F_DH_PRIV_DECODE 0
-# define DH_F_DH_PRIV_ENCODE 0
-# define DH_F_DH_PUB_DECODE 0
-# define DH_F_DH_PUB_ENCODE 0
-# define DH_F_DO_DH_PRINT 0
-# define DH_F_GENERATE_KEY 0
-# define DH_F_PKEY_DH_CTRL_STR 0
-# define DH_F_PKEY_DH_DERIVE 0
-# define DH_F_PKEY_DH_INIT 0
-# define DH_F_PKEY_DH_KEYGEN 0
-# endif
/*
* DH reason codes.
@@ -78,6 +39,7 @@ int ERR_load_DH_strings(void);
# define DH_R_INVALID_PARAMETER_NAME 110
# define DH_R_INVALID_PARAMETER_NID 114
# define DH_R_INVALID_PUBKEY 102
+# define DH_R_INVALID_SECRET 128
# define DH_R_KDF_PARAMETER_ERROR 112
# define DH_R_KEYS_NOT_SET 108
# define DH_R_MISSING_PUBKEY 125
diff --git a/openssl/include/openssl/dsa.h b/openssl/include/openssl/dsa.h
index 773c5e7a..aba3e9f2 100644..100755
--- a/openssl/include/openssl/dsa.h
+++ b/openssl/include/openssl/dsa.h
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -17,16 +17,35 @@
# endif
# include <openssl/opensslconf.h>
+# include <openssl/types.h>
-# ifndef OPENSSL_NO_DSA
-# ifdef __cplusplus
+# ifdef __cplusplus
extern "C" {
-# endif
+# endif
+
+# include <stdlib.h>
+
+int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+int EVP_PKEY_CTX_set_dsa_paramgen_q_bits(EVP_PKEY_CTX *ctx, int qbits);
+int EVP_PKEY_CTX_set_dsa_paramgen_md_props(EVP_PKEY_CTX *ctx,
+ const char *md_name,
+ const char *md_properties);
+int EVP_PKEY_CTX_set_dsa_paramgen_gindex(EVP_PKEY_CTX *ctx, int gindex);
+int EVP_PKEY_CTX_set_dsa_paramgen_type(EVP_PKEY_CTX *ctx, const char *name);
+int EVP_PKEY_CTX_set_dsa_paramgen_seed(EVP_PKEY_CTX *ctx,
+ const unsigned char *seed,
+ size_t seedlen);
+int EVP_PKEY_CTX_set_dsa_paramgen_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+
+# define EVP_PKEY_CTRL_DSA_PARAMGEN_BITS (EVP_PKEY_ALG_CTRL + 1)
+# define EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS (EVP_PKEY_ALG_CTRL + 2)
+# define EVP_PKEY_CTRL_DSA_PARAMGEN_MD (EVP_PKEY_ALG_CTRL + 3)
+
+# ifndef OPENSSL_NO_DSA
# include <openssl/e_os2.h>
# include <openssl/asn1.h>
# include <openssl/bio.h>
# include <openssl/crypto.h>
-# include <openssl/types.h>
# include <openssl/bn.h>
# ifndef OPENSSL_NO_DEPRECATED_1_1_0
# include <openssl/dh.h>
@@ -39,6 +58,14 @@ extern "C" {
# define OPENSSL_DSA_FIPS_MIN_MODULUS_BITS 1024
+typedef struct DSA_SIG_st DSA_SIG;
+DSA_SIG *DSA_SIG_new(void);
+void DSA_SIG_free(DSA_SIG *a);
+DECLARE_ASN1_ENCODE_FUNCTIONS_only(DSA_SIG, DSA_SIG)
+void DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps);
+int DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s);
+
+
# ifndef OPENSSL_NO_DEPRECATED_1_1_0
/*
* Does nothing. Previously this switched off constant time behaviour.
@@ -66,103 +93,93 @@ extern "C" {
# define DSA_FLAG_NON_FIPS_ALLOW 0x0400
# define DSA_FLAG_FIPS_CHECKED 0x0800
-# endif /* OPENSSL_NO_DEPRECATED_3_0 */
/* Already defined in ossl_typ.h */
/* typedef struct dsa_st DSA; */
/* typedef struct dsa_method DSA_METHOD; */
-typedef struct DSA_SIG_st DSA_SIG;
-
-/*
- * TODO(3.0): consider removing the ASN.1 encoding and decoding when
- * deserialisation is completed elsewhere.
- */
-# define d2i_DSAparams_fp(fp, x) \
+# define d2i_DSAparams_fp(fp, x) \
(DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \
(char *(*)())d2i_DSAparams, (fp), \
(unsigned char **)(x))
-# define i2d_DSAparams_fp(fp, x) \
+# define i2d_DSAparams_fp(fp, x) \
ASN1_i2d_fp(i2d_DSAparams, (fp), (unsigned char *)(x))
-# define d2i_DSAparams_bio(bp, x) \
+# define d2i_DSAparams_bio(bp, x) \
ASN1_d2i_bio_of(DSA, DSA_new, d2i_DSAparams, bp, x)
-# define i2d_DSAparams_bio(bp, x) \
+# define i2d_DSAparams_bio(bp, x) \
ASN1_i2d_bio_of(DSA, i2d_DSAparams, bp, x)
-DECLARE_ASN1_DUP_FUNCTION_name(DSA, DSAparams)
-DSA_SIG *DSA_SIG_new(void);
-void DSA_SIG_free(DSA_SIG *a);
-DECLARE_ASN1_ENCODE_FUNCTIONS_only(DSA_SIG, DSA_SIG)
-void DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps);
-int DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s);
-
-DEPRECATEDIN_3_0(DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen,
- DSA *dsa))
-DEPRECATEDIN_3_0(int DSA_do_verify(const unsigned char *dgst, int dgst_len,
- DSA_SIG *sig, DSA *dsa))
+DECLARE_ASN1_DUP_FUNCTION_name_attr(OSSL_DEPRECATEDIN_3_0, DSA, DSAparams)
+OSSL_DEPRECATEDIN_3_0 DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen,
+ DSA *dsa);
+OSSL_DEPRECATEDIN_3_0 int DSA_do_verify(const unsigned char *dgst, int dgst_len,
+ DSA_SIG *sig, DSA *dsa);
-DEPRECATEDIN_3_0(const DSA_METHOD *DSA_OpenSSL(void))
+OSSL_DEPRECATEDIN_3_0 const DSA_METHOD *DSA_OpenSSL(void);
-DEPRECATEDIN_3_0(void DSA_set_default_method(const DSA_METHOD *))
-DEPRECATEDIN_3_0(const DSA_METHOD *DSA_get_default_method(void))
-DEPRECATEDIN_3_0(int DSA_set_method(DSA *dsa, const DSA_METHOD *))
-DEPRECATEDIN_3_0(const DSA_METHOD *DSA_get_method(DSA *d))
+OSSL_DEPRECATEDIN_3_0 void DSA_set_default_method(const DSA_METHOD *);
+OSSL_DEPRECATEDIN_3_0 const DSA_METHOD *DSA_get_default_method(void);
+OSSL_DEPRECATEDIN_3_0 int DSA_set_method(DSA *dsa, const DSA_METHOD *);
+OSSL_DEPRECATEDIN_3_0 const DSA_METHOD *DSA_get_method(DSA *d);
-DSA *DSA_new(void);
-DEPRECATEDIN_3_0(DSA *DSA_new_method(ENGINE *engine))
-void DSA_free(DSA *r);
+OSSL_DEPRECATEDIN_3_0 DSA *DSA_new(void);
+OSSL_DEPRECATEDIN_3_0 DSA *DSA_new_method(ENGINE *engine);
+OSSL_DEPRECATEDIN_3_0 void DSA_free(DSA *r);
/* "up" the DSA object's reference count */
-int DSA_up_ref(DSA *r);
-DEPRECATEDIN_3_0(int DSA_size(const DSA *))
-int DSA_bits(const DSA *d);
-DEPRECATEDIN_3_0(int DSA_security_bits(const DSA *d))
+OSSL_DEPRECATEDIN_3_0 int DSA_up_ref(DSA *r);
+OSSL_DEPRECATEDIN_3_0 int DSA_size(const DSA *);
+OSSL_DEPRECATEDIN_3_0 int DSA_bits(const DSA *d);
+OSSL_DEPRECATEDIN_3_0 int DSA_security_bits(const DSA *d);
/* next 4 return -1 on error */
-DEPRECATEDIN_3_0(int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
- BIGNUM **rp))
-DEPRECATEDIN_3_0(int DSA_sign(int type, const unsigned char *dgst, int dlen,
- unsigned char *sig, unsigned int *siglen,
- DSA *dsa))
-DEPRECATEDIN_3_0(int DSA_verify(int type, const unsigned char *dgst,
- int dgst_len, const unsigned char *sigbuf,
- int siglen, DSA *dsa))
-# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in,
+ BIGNUM **kinvp, BIGNUM **rp);
+OSSL_DEPRECATEDIN_3_0 int DSA_sign(int type, const unsigned char *dgst,
+ int dlen, unsigned char *sig,
+ unsigned int *siglen, DSA *dsa);
+OSSL_DEPRECATEDIN_3_0 int DSA_verify(int type, const unsigned char *dgst,
+ int dgst_len, const unsigned char *sigbuf,
+ int siglen, DSA *dsa);
+
# define DSA_get_ex_new_index(l, p, newf, dupf, freef) \
CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DSA, l, p, newf, dupf, freef)
+OSSL_DEPRECATEDIN_3_0 int DSA_set_ex_data(DSA *d, int idx, void *arg);
+OSSL_DEPRECATEDIN_3_0 void *DSA_get_ex_data(const DSA *d, int idx);
+
+DECLARE_ASN1_ENCODE_FUNCTIONS_only_attr(OSSL_DEPRECATEDIN_3_0,
+ DSA, DSAPublicKey)
+DECLARE_ASN1_ENCODE_FUNCTIONS_only_attr(OSSL_DEPRECATEDIN_3_0,
+ DSA, DSAPrivateKey)
+DECLARE_ASN1_ENCODE_FUNCTIONS_only_attr(OSSL_DEPRECATEDIN_3_0,
+ DSA, DSAparams)
# endif
-DEPRECATEDIN_3_0(int DSA_set_ex_data(DSA *d, int idx, void *arg))
-DEPRECATEDIN_3_0(void *DSA_get_ex_data(const DSA *d, int idx))
-
-DECLARE_ASN1_ENCODE_FUNCTIONS_only(DSA, DSAPublicKey)
-DECLARE_ASN1_ENCODE_FUNCTIONS_only(DSA, DSAPrivateKey)
-DECLARE_ASN1_ENCODE_FUNCTIONS_only(DSA, DSAparams)
+# ifndef OPENSSL_NO_DEPRECATED_0_9_8
/* Deprecated version */
-DEPRECATEDIN_0_9_8(DSA *DSA_generate_parameters(int bits,
- unsigned char *seed,
- int seed_len,
- int *counter_ret,
- unsigned long *h_ret, void
- (*callback) (int, int,
- void *),
- void *cb_arg))
-
-/* New version */
-DEPRECATEDIN_3_0(int DSA_generate_parameters_ex(DSA *dsa, int bits,
- const unsigned char *seed,
- int seed_len, int *counter_ret,
- unsigned long *h_ret,
- BN_GENCB *cb))
-
-DEPRECATEDIN_3_0(int DSA_generate_key(DSA *a))
-
-DEPRECATEDIN_3_0(int DSAparams_print(BIO *bp, const DSA *x))
-DEPRECATEDIN_3_0(int DSA_print(BIO *bp, const DSA *x, int off))
-# ifndef OPENSSL_NO_STDIO
-DEPRECATEDIN_3_0(int DSAparams_print_fp(FILE *fp, const DSA *x))
-DEPRECATEDIN_3_0(int DSA_print_fp(FILE *bp, const DSA *x, int off))
+OSSL_DEPRECATEDIN_0_9_8
+DSA *DSA_generate_parameters(int bits, unsigned char *seed, int seed_len,
+ int *counter_ret, unsigned long *h_ret,
+ void (*callback) (int, int, void *),
+ void *cb_arg);
# endif
# ifndef OPENSSL_NO_DEPRECATED_3_0
+/* New version */
+OSSL_DEPRECATEDIN_3_0 int DSA_generate_parameters_ex(DSA *dsa, int bits,
+ const unsigned char *seed,
+ int seed_len,
+ int *counter_ret,
+ unsigned long *h_ret,
+ BN_GENCB *cb);
+
+OSSL_DEPRECATEDIN_3_0 int DSA_generate_key(DSA *a);
+
+OSSL_DEPRECATEDIN_3_0 int DSAparams_print(BIO *bp, const DSA *x);
+OSSL_DEPRECATEDIN_3_0 int DSA_print(BIO *bp, const DSA *x, int off);
+# ifndef OPENSSL_NO_STDIO
+OSSL_DEPRECATEDIN_3_0 int DSAparams_print_fp(FILE *fp, const DSA *x);
+OSSL_DEPRECATEDIN_3_0 int DSA_print_fp(FILE *bp, const DSA *x, int off);
+# endif
+
# define DSS_prime_checks 64
/*
* Primality test according to FIPS PUB 186-4, Appendix C.3. Since we only
@@ -172,97 +189,87 @@ DEPRECATEDIN_3_0(int DSA_print_fp(FILE *bp, const DSA *x, int off))
*/
# define DSA_is_prime(n, callback, cb_arg) \
BN_is_prime(n, DSS_prime_checks, callback, NULL, cb_arg)
-# endif
-# ifndef OPENSSL_NO_DH
+# ifndef OPENSSL_NO_DH
/*
* Convert DSA structure (key or just parameters) into DH structure (be
* careful to avoid small subgroup attacks when using this!)
*/
-DEPRECATEDIN_3_0(DH *DSA_dup_DH(const DSA *r))
-# endif
-
-int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
-int EVP_PKEY_CTX_set_dsa_paramgen_q_bits(EVP_PKEY_CTX *ctx, int qbits);
-int EVP_PKEY_CTX_set_dsa_paramgen_md_props(EVP_PKEY_CTX *ctx,
- const char *md_name,
- const char *md_properties);
-int EVP_PKEY_CTX_set_dsa_paramgen_gindex(EVP_PKEY_CTX *ctx, int gindex);
-int EVP_PKEY_CTX_set_dsa_paramgen_type(EVP_PKEY_CTX *ctx, const char *name);
-int EVP_PKEY_CTX_set_dsa_paramgen_seed(EVP_PKEY_CTX *ctx,
- const unsigned char *seed,
- size_t seedlen);
-int EVP_PKEY_CTX_set_dsa_paramgen_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
-
-# define EVP_PKEY_CTRL_DSA_PARAMGEN_BITS (EVP_PKEY_ALG_CTRL + 1)
-# define EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS (EVP_PKEY_ALG_CTRL + 2)
-# define EVP_PKEY_CTRL_DSA_PARAMGEN_MD (EVP_PKEY_ALG_CTRL + 3)
-
-void DSA_get0_pqg(const DSA *d,
- const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
-int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g);
-void DSA_get0_key(const DSA *d,
- const BIGNUM **pub_key, const BIGNUM **priv_key);
-int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key);
-const BIGNUM *DSA_get0_p(const DSA *d);
-const BIGNUM *DSA_get0_q(const DSA *d);
-const BIGNUM *DSA_get0_g(const DSA *d);
-const BIGNUM *DSA_get0_pub_key(const DSA *d);
-const BIGNUM *DSA_get0_priv_key(const DSA *d);
-void DSA_clear_flags(DSA *d, int flags);
-int DSA_test_flags(const DSA *d, int flags);
-void DSA_set_flags(DSA *d, int flags);
-DEPRECATEDIN_3_0(ENGINE *DSA_get0_engine(DSA *d))
-
-DEPRECATEDIN_3_0(DSA_METHOD *DSA_meth_new(const char *name, int flags))
-DEPRECATEDIN_3_0(void DSA_meth_free(DSA_METHOD *dsam))
-DEPRECATEDIN_3_0(DSA_METHOD *DSA_meth_dup(const DSA_METHOD *dsam))
-DEPRECATEDIN_3_0(const char *DSA_meth_get0_name(const DSA_METHOD *dsam))
-DEPRECATEDIN_3_0(int DSA_meth_set1_name(DSA_METHOD *dsam, const char *name))
-DEPRECATEDIN_3_0(int DSA_meth_get_flags(const DSA_METHOD *dsam))
-DEPRECATEDIN_3_0(int DSA_meth_set_flags(DSA_METHOD *dsam, int flags))
-DEPRECATEDIN_3_0(void *DSA_meth_get0_app_data(const DSA_METHOD *dsam))
-DEPRECATEDIN_3_0(int DSA_meth_set0_app_data(DSA_METHOD *dsam, void *app_data))
-DEPRECATEDIN_3_0(DSA_SIG *(*DSA_meth_get_sign(const DSA_METHOD *dsam))
- (const unsigned char *, int, DSA *))
-DEPRECATEDIN_3_0(int DSA_meth_set_sign(DSA_METHOD *dsam,
- DSA_SIG *(*sign) (const unsigned char *, int, DSA *)))
-DEPRECATEDIN_3_0(int (*DSA_meth_get_sign_setup(const DSA_METHOD *dsam))
- (DSA *, BN_CTX *, BIGNUM **, BIGNUM **))
-DEPRECATEDIN_3_0(int DSA_meth_set_sign_setup(DSA_METHOD *dsam,
- int (*sign_setup) (DSA *, BN_CTX *, BIGNUM **, BIGNUM **)))
-DEPRECATEDIN_3_0(int (*DSA_meth_get_verify(const DSA_METHOD *dsam))
- (const unsigned char *, int, DSA_SIG *, DSA *))
-DEPRECATEDIN_3_0(int DSA_meth_set_verify(DSA_METHOD *dsam,
- int (*verify) (const unsigned char *, int, DSA_SIG *, DSA *)))
-DEPRECATEDIN_3_0(int (*DSA_meth_get_mod_exp(const DSA_METHOD *dsam))
+OSSL_DEPRECATEDIN_3_0 DH *DSA_dup_DH(const DSA *r);
+# endif
+
+OSSL_DEPRECATEDIN_3_0 void DSA_get0_pqg(const DSA *d, const BIGNUM **p,
+ const BIGNUM **q, const BIGNUM **g);
+OSSL_DEPRECATEDIN_3_0 int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+OSSL_DEPRECATEDIN_3_0 void DSA_get0_key(const DSA *d, const BIGNUM **pub_key,
+ const BIGNUM **priv_key);
+OSSL_DEPRECATEDIN_3_0 int DSA_set0_key(DSA *d, BIGNUM *pub_key,
+ BIGNUM *priv_key);
+OSSL_DEPRECATEDIN_3_0 const BIGNUM *DSA_get0_p(const DSA *d);
+OSSL_DEPRECATEDIN_3_0 const BIGNUM *DSA_get0_q(const DSA *d);
+OSSL_DEPRECATEDIN_3_0 const BIGNUM *DSA_get0_g(const DSA *d);
+OSSL_DEPRECATEDIN_3_0 const BIGNUM *DSA_get0_pub_key(const DSA *d);
+OSSL_DEPRECATEDIN_3_0 const BIGNUM *DSA_get0_priv_key(const DSA *d);
+OSSL_DEPRECATEDIN_3_0 void DSA_clear_flags(DSA *d, int flags);
+OSSL_DEPRECATEDIN_3_0 int DSA_test_flags(const DSA *d, int flags);
+OSSL_DEPRECATEDIN_3_0 void DSA_set_flags(DSA *d, int flags);
+OSSL_DEPRECATEDIN_3_0 ENGINE *DSA_get0_engine(DSA *d);
+
+OSSL_DEPRECATEDIN_3_0 DSA_METHOD *DSA_meth_new(const char *name, int flags);
+OSSL_DEPRECATEDIN_3_0 void DSA_meth_free(DSA_METHOD *dsam);
+OSSL_DEPRECATEDIN_3_0 DSA_METHOD *DSA_meth_dup(const DSA_METHOD *dsam);
+OSSL_DEPRECATEDIN_3_0 const char *DSA_meth_get0_name(const DSA_METHOD *dsam);
+OSSL_DEPRECATEDIN_3_0 int DSA_meth_set1_name(DSA_METHOD *dsam,
+ const char *name);
+OSSL_DEPRECATEDIN_3_0 int DSA_meth_get_flags(const DSA_METHOD *dsam);
+OSSL_DEPRECATEDIN_3_0 int DSA_meth_set_flags(DSA_METHOD *dsam, int flags);
+OSSL_DEPRECATEDIN_3_0 void *DSA_meth_get0_app_data(const DSA_METHOD *dsam);
+OSSL_DEPRECATEDIN_3_0 int DSA_meth_set0_app_data(DSA_METHOD *dsam,
+ void *app_data);
+OSSL_DEPRECATEDIN_3_0 DSA_SIG *(*DSA_meth_get_sign(const DSA_METHOD *dsam))
+ (const unsigned char *, int, DSA *);
+OSSL_DEPRECATEDIN_3_0 int DSA_meth_set_sign(DSA_METHOD *dsam,
+ DSA_SIG *(*sign) (const unsigned char *, int, DSA *));
+OSSL_DEPRECATEDIN_3_0 int (*DSA_meth_get_sign_setup(const DSA_METHOD *dsam))
+ (DSA *, BN_CTX *, BIGNUM **, BIGNUM **);
+OSSL_DEPRECATEDIN_3_0 int DSA_meth_set_sign_setup(DSA_METHOD *dsam,
+ int (*sign_setup) (DSA *, BN_CTX *, BIGNUM **, BIGNUM **));
+OSSL_DEPRECATEDIN_3_0 int (*DSA_meth_get_verify(const DSA_METHOD *dsam))
+ (const unsigned char *, int, DSA_SIG *, DSA *);
+OSSL_DEPRECATEDIN_3_0 int DSA_meth_set_verify(DSA_METHOD *dsam,
+ int (*verify) (const unsigned char *, int, DSA_SIG *, DSA *));
+OSSL_DEPRECATEDIN_3_0 int (*DSA_meth_get_mod_exp(const DSA_METHOD *dsam))
(DSA *, BIGNUM *, const BIGNUM *, const BIGNUM *, const BIGNUM *,
- const BIGNUM *, const BIGNUM *, BN_CTX *, BN_MONT_CTX *))
-DEPRECATEDIN_3_0(int DSA_meth_set_mod_exp(DSA_METHOD *dsam,
+ const BIGNUM *, const BIGNUM *, BN_CTX *, BN_MONT_CTX *);
+OSSL_DEPRECATEDIN_3_0 int DSA_meth_set_mod_exp(DSA_METHOD *dsam,
int (*mod_exp) (DSA *, BIGNUM *, const BIGNUM *, const BIGNUM *,
const BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *,
- BN_MONT_CTX *)))
-DEPRECATEDIN_3_0(int (*DSA_meth_get_bn_mod_exp(const DSA_METHOD *dsam))
+ BN_MONT_CTX *));
+OSSL_DEPRECATEDIN_3_0 int (*DSA_meth_get_bn_mod_exp(const DSA_METHOD *dsam))
(DSA *, BIGNUM *, const BIGNUM *, const BIGNUM *, const BIGNUM *,
- BN_CTX *, BN_MONT_CTX *))
-DEPRECATEDIN_3_0(int DSA_meth_set_bn_mod_exp(DSA_METHOD *dsam,
+ BN_CTX *, BN_MONT_CTX *);
+OSSL_DEPRECATEDIN_3_0 int DSA_meth_set_bn_mod_exp(DSA_METHOD *dsam,
int (*bn_mod_exp) (DSA *, BIGNUM *, const BIGNUM *, const BIGNUM *,
- const BIGNUM *, BN_CTX *, BN_MONT_CTX *)))
-DEPRECATEDIN_3_0(int (*DSA_meth_get_init(const DSA_METHOD *dsam))(DSA *))
-DEPRECATEDIN_3_0(int DSA_meth_set_init(DSA_METHOD *dsam, int (*init)(DSA *)))
-DEPRECATEDIN_3_0(int (*DSA_meth_get_finish(const DSA_METHOD *dsam)) (DSA *))
-DEPRECATEDIN_3_0(int DSA_meth_set_finish(DSA_METHOD *dsam, int (*finish) (DSA *)))
-DEPRECATEDIN_3_0(int (*DSA_meth_get_paramgen(const DSA_METHOD *dsam))
+ const BIGNUM *, BN_CTX *, BN_MONT_CTX *));
+OSSL_DEPRECATEDIN_3_0 int (*DSA_meth_get_init(const DSA_METHOD *dsam))(DSA *);
+OSSL_DEPRECATEDIN_3_0 int DSA_meth_set_init(DSA_METHOD *dsam,
+ int (*init)(DSA *));
+OSSL_DEPRECATEDIN_3_0 int (*DSA_meth_get_finish(const DSA_METHOD *dsam))(DSA *);
+OSSL_DEPRECATEDIN_3_0 int DSA_meth_set_finish(DSA_METHOD *dsam,
+ int (*finish)(DSA *));
+OSSL_DEPRECATEDIN_3_0 int (*DSA_meth_get_paramgen(const DSA_METHOD *dsam))
(DSA *, int, const unsigned char *, int, int *, unsigned long *,
- BN_GENCB *))
-DEPRECATEDIN_3_0(int DSA_meth_set_paramgen(DSA_METHOD *dsam,
+ BN_GENCB *);
+OSSL_DEPRECATEDIN_3_0 int DSA_meth_set_paramgen(DSA_METHOD *dsam,
int (*paramgen) (DSA *, int, const unsigned char *, int, int *,
- unsigned long *, BN_GENCB *)))
-DEPRECATEDIN_3_0(int (*DSA_meth_get_keygen(const DSA_METHOD *dsam)) (DSA *))
-DEPRECATEDIN_3_0(int DSA_meth_set_keygen(DSA_METHOD *dsam, int (*keygen) (DSA *)))
+ unsigned long *, BN_GENCB *));
+OSSL_DEPRECATEDIN_3_0 int (*DSA_meth_get_keygen(const DSA_METHOD *dsam))(DSA *);
+OSSL_DEPRECATEDIN_3_0 int DSA_meth_set_keygen(DSA_METHOD *dsam,
+ int (*keygen) (DSA *));
-# ifdef __cplusplus
-}
# endif
# endif
+# ifdef __cplusplus
+}
+# endif
#endif
diff --git a/openssl/include/openssl/dsaerr.h b/openssl/include/openssl/dsaerr.h
index dfb59614..efe63910 100644..100755
--- a/openssl/include/openssl/dsaerr.h
+++ b/openssl/include/openssl/dsaerr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -14,45 +14,11 @@
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
+# include <openssl/cryptoerr_legacy.h>
-# include <openssl/opensslconf.h>
-
# ifndef OPENSSL_NO_DSA
-# ifdef __cplusplus
-extern "C"
-# endif
-int ERR_load_DSA_strings(void);
-
-/*
- * DSA function codes.
- */
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define DSA_F_DSAPARAMS_PRINT 0
-# define DSA_F_DSAPARAMS_PRINT_FP 0
-# define DSA_F_DSA_BUILTIN_PARAMGEN 0
-# define DSA_F_DSA_BUILTIN_PARAMGEN2 0
-# define DSA_F_DSA_DO_SIGN 0
-# define DSA_F_DSA_DO_VERIFY 0
-# define DSA_F_DSA_METH_DUP 0
-# define DSA_F_DSA_METH_NEW 0
-# define DSA_F_DSA_METH_SET1_NAME 0
-# define DSA_F_DSA_NEW_METHOD 0
-# define DSA_F_DSA_PARAM_DECODE 0
-# define DSA_F_DSA_PRINT_FP 0
-# define DSA_F_DSA_PRIV_DECODE 0
-# define DSA_F_DSA_PRIV_ENCODE 0
-# define DSA_F_DSA_PUB_DECODE 0
-# define DSA_F_DSA_PUB_ENCODE 0
-# define DSA_F_DSA_SIGN 0
-# define DSA_F_DSA_SIGN_SETUP 0
-# define DSA_F_DSA_SIG_NEW 0
-# define DSA_F_OLD_DSA_PRIV_DECODE 0
-# define DSA_F_PKEY_DSA_CTRL 0
-# define DSA_F_PKEY_DSA_CTRL_STR 0
-# define DSA_F_PKEY_DSA_KEYGEN 0
-# endif
/*
* DSA reason codes.
@@ -69,6 +35,7 @@ int ERR_load_DSA_strings(void);
# define DSA_R_MODULUS_TOO_LARGE 103
# define DSA_R_NO_PARAMETERS_SET 107
# define DSA_R_PARAMETER_ENCODING_ERROR 105
+# define DSA_R_P_NOT_PRIME 115
# define DSA_R_Q_NOT_PRIME 113
# define DSA_R_SEED_LEN_SMALL 110
diff --git a/openssl/include/openssl/dtls1.h b/openssl/include/openssl/dtls1.h
index f0000268..0da98fff 100644..100755
--- a/openssl/include/openssl/dtls1.h
+++ b/openssl/include/openssl/dtls1.h
@@ -1,5 +1,5 @@
/*
- * Copyright 2005-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2005-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -16,22 +16,21 @@
# define HEADER_DTLS1_H
# endif
+# include <openssl/prov_ssl.h>
+
#ifdef __cplusplus
extern "C" {
#endif
#include <openssl/opensslconf.h>
-# define DTLS1_VERSION 0xFEFF
-# define DTLS1_2_VERSION 0xFEFD
+/* DTLS*_VERSION constants are defined in prov_ssl.h */
# ifndef OPENSSL_NO_DEPRECATED_3_0
# define DTLS_MIN_VERSION DTLS1_VERSION
# define DTLS_MAX_VERSION DTLS1_2_VERSION
# endif
# define DTLS1_VERSION_MAJOR 0xFE
-# define DTLS1_BAD_VER 0x0100
-
/* Special value for method supporting multiple versions */
# define DTLS_ANY_VERSION 0x1FFFF
@@ -50,10 +49,6 @@ extern "C" {
# define DTLS1_AL_HEADER_LENGTH 2
-/* Timeout multipliers */
-# define DTLS1_TMO_READ_COUNT 2
-# define DTLS1_TMO_WRITE_COUNT 2
-
# define DTLS1_TMO_ALERT_COUNT 12
#ifdef __cplusplus
diff --git a/openssl/include/openssl/e_os2.h b/openssl/include/openssl/e_os2.h
index 97371f52..5bd2dc5c 100644..100755
--- a/openssl/include/openssl/e_os2.h
+++ b/openssl/include/openssl/e_os2.h
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -102,11 +102,11 @@ extern "C" {
# endif
/* ------------------------------- OpenVMS -------------------------------- */
-# if defined(__VMS) || defined(VMS) || defined(OPENSSL_SYS_VMS)
+# if defined(__VMS) || defined(VMS)
# if !defined(OPENSSL_SYS_VMS)
# undef OPENSSL_SYS_UNIX
+# define OPENSSL_SYS_VMS
# endif
-# define OPENSSL_SYS_VMS
# if defined(__DECC)
# define OPENSSL_SYS_VMS_DECC
# elif defined(__DECCXX)
@@ -138,6 +138,21 @@ extern "C" {
# endif
# endif
+/* ---------------------------- HP NonStop -------------------------------- */
+# ifdef __TANDEM
+# ifdef _STRING
+# include <strings.h>
+# endif
+# define OPENSSL_USE_BUILD_DATE
+# if defined(OPENSSL_THREADS) && defined(_SPT_MODEL_)
+# define SPT_THREAD_SIGNAL 1
+# define SPT_THREAD_AWARE 1
+# include <spthread.h>
+# elif defined(OPENSSL_THREADS) && defined(_PUT_MODEL_)
+# include <pthread.h>
+# endif
+# endif
+
/**
* That's it for OS-specific stuff
*****************************************************************************/
@@ -195,7 +210,7 @@ extern "C" {
# endif
# endif
-# ifdef DEBUG_UNUSED
+# if defined(UNUSEDRESULT_DEBUG)
# define __owur __attribute__((__warn_unused_result__))
# else
# define __owur
@@ -220,7 +235,7 @@ typedef UINT64 uint64_t;
# undef OPENSSL_NO_INTTYPES_H
/* Because the specs say that inttypes.h includes stdint.h if present */
# undef OPENSSL_NO_STDINT_H
-# elif defined(_MSC_VER) && _MSC_VER<=1500
+# elif defined(_MSC_VER) && _MSC_VER<1600
/*
* minimally required typdefs for systems not supporting inttypes.h or
* stdint.h: currently just older VC++
@@ -237,6 +252,15 @@ typedef unsigned __int64 uint64_t;
# include <stdint.h>
# undef OPENSSL_NO_STDINT_H
# endif
+# if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 199901L && \
+ defined(INTMAX_MAX) && defined(UINTMAX_MAX)
+typedef intmax_t ossl_intmax_t;
+typedef uintmax_t ossl_uintmax_t;
+# else
+/* Fall back to the largest we know we require and can handle */
+typedef int64_t ossl_intmax_t;
+typedef uint64_t ossl_uintmax_t;
+# endif
/* ossl_inline: portable inline definition usable in public headers */
# if !defined(inline) && !defined(__cplusplus)
@@ -259,7 +283,8 @@ typedef unsigned __int64 uint64_t;
# define ossl_inline inline
# endif
-# if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 201112L
+# if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 201112L && \
+ !defined(__cplusplus)
# define ossl_noreturn _Noreturn
# elif defined(__GNUC__) && __GNUC__ >= 2
# define ossl_noreturn __attribute__((noreturn))
diff --git a/openssl/include/openssl/ebcdic.h b/openssl/include/openssl/ebcdic.h
index 9333bc2c..9333bc2c 100644..100755
--- a/openssl/include/openssl/ebcdic.h
+++ b/openssl/include/openssl/ebcdic.h
diff --git a/openssl/include/openssl/ec.h b/openssl/include/openssl/ec.h
index 099ac1da..284c7b10 100644..100755
--- a/openssl/include/openssl/ec.h
+++ b/openssl/include/openssl/ec.h
@@ -1,5 +1,5 @@
/*
- * Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2002-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
@@ -18,21 +18,58 @@
# endif
# include <openssl/opensslconf.h>
+# include <openssl/types.h>
-# ifndef OPENSSL_NO_EC
-# include <openssl/asn1.h>
-# include <openssl/symhacks.h>
-# ifndef OPENSSL_NO_DEPRECATED_1_1_0
-# include <openssl/bn.h>
-# endif
-# include <openssl/ecerr.h>
-# ifdef __cplusplus
+# ifdef __cplusplus
extern "C" {
-# endif
+# endif
-# ifndef OPENSSL_ECC_MAX_FIELD_BITS
-# define OPENSSL_ECC_MAX_FIELD_BITS 661
-# endif
+/* Values for EVP_PKEY_CTX_set_ec_param_enc() */
+# define OPENSSL_EC_EXPLICIT_CURVE 0x000
+# define OPENSSL_EC_NAMED_CURVE 0x001
+
+int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
+int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
+int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
+
+int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
+int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
+
+int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
+
+int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
+int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
+
+int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm,
+ int len);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0
+int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
+# endif
+
+# define EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID (EVP_PKEY_ALG_CTRL + 1)
+# define EVP_PKEY_CTRL_EC_PARAM_ENC (EVP_PKEY_ALG_CTRL + 2)
+# define EVP_PKEY_CTRL_EC_ECDH_COFACTOR (EVP_PKEY_ALG_CTRL + 3)
+# define EVP_PKEY_CTRL_EC_KDF_TYPE (EVP_PKEY_ALG_CTRL + 4)
+# define EVP_PKEY_CTRL_EC_KDF_MD (EVP_PKEY_ALG_CTRL + 5)
+# define EVP_PKEY_CTRL_GET_EC_KDF_MD (EVP_PKEY_ALG_CTRL + 6)
+# define EVP_PKEY_CTRL_EC_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 7)
+# define EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 8)
+# define EVP_PKEY_CTRL_EC_KDF_UKM (EVP_PKEY_ALG_CTRL + 9)
+# define EVP_PKEY_CTRL_GET_EC_KDF_UKM (EVP_PKEY_ALG_CTRL + 10)
+
+/* KDF types */
+# define EVP_PKEY_ECDH_KDF_NONE 1
+# define EVP_PKEY_ECDH_KDF_X9_63 2
+/*
+ * The old name for EVP_PKEY_ECDH_KDF_X9_63
+ * The ECDH KDF specification has been mistakenly attributed to ANSI X9.62,
+ * it is actually specified in ANSI X9.63.
+ * This identifier is retained for backwards compatibility
+ */
+# define EVP_PKEY_ECDH_KDF_X9_62 EVP_PKEY_ECDH_KDF_X9_63
/** Enum for the point conversion form as defined in X9.62 (ECDSA)
* for the encoding of a elliptic curve point (x,y) */
@@ -47,6 +84,21 @@ typedef enum {
POINT_CONVERSION_HYBRID = 6
} point_conversion_form_t;
+const char *OSSL_EC_curve_nid2name(int nid);
+
+# ifndef OPENSSL_NO_EC
+# include <openssl/asn1.h>
+# include <openssl/symhacks.h>
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# include <openssl/bn.h>
+# endif
+# include <openssl/ecerr.h>
+
+# ifndef OPENSSL_ECC_MAX_FIELD_BITS
+# define OPENSSL_ECC_MAX_FIELD_BITS 661
+# endif
+
+# include <openssl/params.h>
# ifndef OPENSSL_NO_DEPRECATED_3_0
typedef struct ec_method_st EC_METHOD;
# endif
@@ -59,40 +111,41 @@ typedef struct ec_parameters_st ECPARAMETERS;
/* EC_METHODs for curves over GF(p) */
/********************************************************************/
+# ifndef OPENSSL_NO_DEPRECATED_3_0
/** Returns the basic GFp ec methods which provides the basis for the
* optimized methods.
* \return EC_METHOD object
*/
-DEPRECATEDIN_3_0(const EC_METHOD *EC_GFp_simple_method(void))
+OSSL_DEPRECATEDIN_3_0 const EC_METHOD *EC_GFp_simple_method(void);
/** Returns GFp methods using montgomery multiplication.
* \return EC_METHOD object
*/
-DEPRECATEDIN_3_0(const EC_METHOD *EC_GFp_mont_method(void))
+OSSL_DEPRECATEDIN_3_0 const EC_METHOD *EC_GFp_mont_method(void);
/** Returns GFp methods using optimized methods for NIST recommended curves
* \return EC_METHOD object
*/
-DEPRECATEDIN_3_0(const EC_METHOD *EC_GFp_nist_method(void))
+OSSL_DEPRECATEDIN_3_0 const EC_METHOD *EC_GFp_nist_method(void);
-# ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+# ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
/** Returns 64-bit optimized methods for nistp224
* \return EC_METHOD object
*/
-DEPRECATEDIN_3_0(const EC_METHOD *EC_GFp_nistp224_method(void))
+OSSL_DEPRECATEDIN_3_0 const EC_METHOD *EC_GFp_nistp224_method(void);
/** Returns 64-bit optimized methods for nistp256
* \return EC_METHOD object
*/
-DEPRECATEDIN_3_0(const EC_METHOD *EC_GFp_nistp256_method(void))
+OSSL_DEPRECATEDIN_3_0 const EC_METHOD *EC_GFp_nistp256_method(void);
/** Returns 64-bit optimized methods for nistp521
* \return EC_METHOD object
*/
-DEPRECATEDIN_3_0(const EC_METHOD *EC_GFp_nistp521_method(void))
-# endif
+OSSL_DEPRECATEDIN_3_0 const EC_METHOD *EC_GFp_nistp521_method(void);
+# endif /* OPENSSL_NO_EC_NISTP_64_GCC_128 */
-# ifndef OPENSSL_NO_EC2M
+# ifndef OPENSSL_NO_EC2M
/********************************************************************/
/* EC_METHOD for curves over GF(2^m) */
/********************************************************************/
@@ -100,9 +153,9 @@ DEPRECATEDIN_3_0(const EC_METHOD *EC_GFp_nistp521_method(void))
/** Returns the basic GF2m ec method
* \return EC_METHOD object
*/
-DEPRECATEDIN_3_0(const EC_METHOD *EC_GF2m_simple_method(void))
+OSSL_DEPRECATEDIN_3_0 const EC_METHOD *EC_GF2m_simple_method(void);
-# endif
+# endif
/********************************************************************/
/* EC_GROUP functions */
@@ -113,18 +166,31 @@ DEPRECATEDIN_3_0(const EC_METHOD *EC_GF2m_simple_method(void))
* \param meth EC_METHOD to use
* \return newly created EC_GROUP object or NULL in case of an error.
*/
-DEPRECATEDIN_3_0(EC_GROUP *EC_GROUP_new(const EC_METHOD *meth))
+OSSL_DEPRECATEDIN_3_0 EC_GROUP *EC_GROUP_new(const EC_METHOD *meth);
+
+/** Clears and frees a EC_GROUP object
+ * \param group EC_GROUP object to be cleared and freed.
+ */
+OSSL_DEPRECATEDIN_3_0 void EC_GROUP_clear_free(EC_GROUP *group);
+
+/** Returns the EC_METHOD of the EC_GROUP object.
+ * \param group EC_GROUP object
+ * \return EC_METHOD used in this EC_GROUP object.
+ */
+OSSL_DEPRECATEDIN_3_0 const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
+
+/** Returns the field type of the EC_METHOD.
+ * \param meth EC_METHOD object
+ * \return NID of the underlying field type OID.
+ */
+OSSL_DEPRECATEDIN_3_0 int EC_METHOD_get_field_type(const EC_METHOD *meth);
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
/** Frees a EC_GROUP object
* \param group EC_GROUP object to be freed.
*/
void EC_GROUP_free(EC_GROUP *group);
-/** Clears and frees a EC_GROUP object
- * \param group EC_GROUP object to be cleared and freed.
- */
-DEPRECATEDIN_3_0(void EC_GROUP_clear_free(EC_GROUP *group))
-
/** Copies EC_GROUP objects. Note: both EC_GROUPs must use the same EC_METHOD.
* \param dst destination EC_GROUP object
* \param src source EC_GROUP object
@@ -139,18 +205,6 @@ int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
*/
EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
-/** Returns the EC_METHOD of the EC_GROUP object.
- * \param group EC_GROUP object
- * \return EC_METHOD used in this EC_GROUP object.
- */
-DEPRECATEDIN_3_0(const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group))
-
-/** Returns the field type of the EC_METHOD.
- * \param meth EC_METHOD object
- * \return NID of the underlying field type OID.
- */
-DEPRECATEDIN_3_0(int EC_METHOD_get_field_type(const EC_METHOD *meth))
-
/** Sets the generator and its order/cofactor of a EC_GROUP object.
* \param group EC_GROUP object
* \param generator EC_POINT object with the generator.
@@ -244,7 +298,7 @@ unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
size_t EC_GROUP_get_seed_len(const EC_GROUP *);
size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
-/** Sets the parameters of a ec curve defined by y^2 = x^3 + a*x + b (for GFp)
+/** Sets the parameters of an ec curve defined by y^2 = x^3 + a*x + b (for GFp)
* or y^2 + x*y = x^3 + a*x^2 + b (for GF2m)
* \param group EC_GROUP object
* \param p BIGNUM with the prime number (GFp) or the polynomial
@@ -270,6 +324,7 @@ int EC_GROUP_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
int EC_GROUP_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b,
BN_CTX *ctx);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
/** Sets the parameters of an ec curve. Synonym for EC_GROUP_set_curve
* \param group EC_GROUP object
* \param p BIGNUM with the prime number (GFp) or the polynomial
@@ -279,9 +334,11 @@ int EC_GROUP_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b,
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occurred
*/
-DEPRECATEDIN_3_0(int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p,
- const BIGNUM *a, const BIGNUM *b,
- BN_CTX *ctx))
+OSSL_DEPRECATEDIN_3_0 int EC_GROUP_set_curve_GFp(EC_GROUP *group,
+ const BIGNUM *p,
+ const BIGNUM *a,
+ const BIGNUM *b,
+ BN_CTX *ctx);
/** Gets the parameters of an ec curve. Synonym for EC_GROUP_get_curve
* \param group EC_GROUP object
@@ -292,11 +349,12 @@ DEPRECATEDIN_3_0(int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p,
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occurred
*/
-DEPRECATEDIN_3_0(int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p,
- BIGNUM *a, BIGNUM *b,
- BN_CTX *ctx))
+OSSL_DEPRECATEDIN_3_0 int EC_GROUP_get_curve_GFp(const EC_GROUP *group,
+ BIGNUM *p,
+ BIGNUM *a, BIGNUM *b,
+ BN_CTX *ctx);
-# ifndef OPENSSL_NO_EC2M
+# ifndef OPENSSL_NO_EC2M
/** Sets the parameter of an ec curve. Synonym for EC_GROUP_set_curve
* \param group EC_GROUP object
* \param p BIGNUM with the prime number (GFp) or the polynomial
@@ -306,9 +364,11 @@ DEPRECATEDIN_3_0(int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p,
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occurred
*/
-DEPRECATEDIN_3_0(int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p,
- const BIGNUM *a, const BIGNUM *b,
- BN_CTX *ctx))
+OSSL_DEPRECATEDIN_3_0 int EC_GROUP_set_curve_GF2m(EC_GROUP *group,
+ const BIGNUM *p,
+ const BIGNUM *a,
+ const BIGNUM *b,
+ BN_CTX *ctx);
/** Gets the parameters of an ec curve. Synonym for EC_GROUP_get_curve
* \param group EC_GROUP object
@@ -319,10 +379,13 @@ DEPRECATEDIN_3_0(int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p,
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occurred
*/
-DEPRECATEDIN_3_0(int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p,
- BIGNUM *a, BIGNUM *b,
- BN_CTX *ctx))
-# endif
+OSSL_DEPRECATEDIN_3_0 int EC_GROUP_get_curve_GF2m(const EC_GROUP *group,
+ BIGNUM *p,
+ BIGNUM *a, BIGNUM *b,
+ BN_CTX *ctx);
+# endif /* OPENSSL_NO_EC2M */
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
+
/** Returns the number of bits needed to represent a field element
* \param group EC_GROUP object
* \return number of bits needed to represent a field element
@@ -380,6 +443,19 @@ EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a,
# endif
/**
+ * Creates a EC_GROUP object with a curve specified by parameters.
+ * The parameters may be explicit or a named curve,
+ * \param params A list of parameters describing the group.
+ * \param libctx The associated library context or NULL for the default
+ * context
+ * \param propq A property query string
+ * \return newly created EC_GROUP object with specified parameters or NULL
+ * if an error occurred
+ */
+EC_GROUP *EC_GROUP_new_from_params(const OSSL_PARAM params[],
+ OSSL_LIB_CTX *libctx, const char *propq);
+
+/**
* Creates a EC_GROUP object with a curve specified by a NID
* \param libctx The associated library context or NULL for the default
* context
@@ -388,12 +464,12 @@ EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a,
* \return newly created EC_GROUP object with specified curve or NULL
* if an error occurred
*/
-EC_GROUP *EC_GROUP_new_by_curve_name_with_libctx(OPENSSL_CTX *libctx,
- const char *propq, int nid);
+EC_GROUP *EC_GROUP_new_by_curve_name_ex(OSSL_LIB_CTX *libctx, const char *propq,
+ int nid);
/**
* Creates a EC_GROUP object with a curve specified by a NID. Same as
- * EC_GROUP_new_by_curve_name_with_libctx but the libctx and propq are always
+ * EC_GROUP_new_by_curve_name_ex but the libctx and propq are always
* NULL.
* \param nid NID of the OID of the curve name
* \return newly created EC_GROUP object with specified curve or NULL
@@ -490,12 +566,6 @@ int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
*/
EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
-/** Returns the EC_METHOD used in EC_POINT object
- * \param point EC_POINT object
- * \return the EC_METHOD used
- */
-DEPRECATEDIN_3_0(const EC_METHOD *EC_POINT_method_of(const EC_POINT *point))
-
/** Sets a point to infinity (neutral element)
* \param group underlying EC_GROUP object
* \param point EC_POINT to set to infinity
@@ -503,6 +573,13 @@ DEPRECATEDIN_3_0(const EC_METHOD *EC_POINT_method_of(const EC_POINT *point))
*/
int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+/** Returns the EC_METHOD used in EC_POINT object
+ * \param point EC_POINT object
+ * \return the EC_METHOD used
+ */
+OSSL_DEPRECATEDIN_3_0 const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
+
/** Sets the jacobian projective coordinates of a EC_POINT over GFp
* \param group underlying EC_GROUP object
* \param p EC_POINT object
@@ -512,10 +589,10 @@ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occurred
*/
-DEPRECATEDIN_3_0(int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
- EC_POINT *p, const BIGNUM *x,
- const BIGNUM *y, const BIGNUM *z,
- BN_CTX *ctx))
+OSSL_DEPRECATEDIN_3_0 int EC_POINT_set_Jprojective_coordinates_GFp
+ (const EC_GROUP *group, EC_POINT *p,
+ const BIGNUM *x, const BIGNUM *y, const BIGNUM *z,
+ BN_CTX *ctx);
/** Gets the jacobian projective coordinates of a EC_POINT over GFp
* \param group underlying EC_GROUP object
@@ -526,10 +603,10 @@ DEPRECATEDIN_3_0(int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *gr
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occurred
*/
-DEPRECATEDIN_3_0(int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
- const EC_POINT *p, BIGNUM *x,
- BIGNUM *y, BIGNUM *z,
- BN_CTX *ctx))
+OSSL_DEPRECATEDIN_3_0 int EC_POINT_get_Jprojective_coordinates_GFp
+ (const EC_GROUP *group, const EC_POINT *p,
+ BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *ctx);
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
/** Sets the affine coordinates of an EC_POINT
* \param group underlying EC_GROUP object
@@ -554,6 +631,7 @@ int EC_POINT_set_affine_coordinates(const EC_GROUP *group, EC_POINT *p,
int EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *p,
BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
/** Sets the affine coordinates of an EC_POINT. A synonym of
* EC_POINT_set_affine_coordinates
* \param group underlying EC_GROUP object
@@ -563,11 +641,9 @@ int EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *p,
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occurred
*/
-DEPRECATEDIN_3_0(int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group,
- EC_POINT *p,
- const BIGNUM *x,
- const BIGNUM *y,
- BN_CTX *ctx))
+OSSL_DEPRECATEDIN_3_0 int EC_POINT_set_affine_coordinates_GFp
+ (const EC_GROUP *group, EC_POINT *p,
+ const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx);
/** Gets the affine coordinates of an EC_POINT. A synonym of
* EC_POINT_get_affine_coordinates
@@ -578,11 +654,10 @@ DEPRECATEDIN_3_0(int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group,
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occurred
*/
-DEPRECATEDIN_3_0(int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
- const EC_POINT *p,
- BIGNUM *x,
- BIGNUM *y,
- BN_CTX *ctx))
+OSSL_DEPRECATEDIN_3_0 int EC_POINT_get_affine_coordinates_GFp
+ (const EC_GROUP *group, const EC_POINT *p,
+ BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
/** Sets the x9.62 compressed coordinates of a EC_POINT
* \param group underlying EC_GROUP object
@@ -596,6 +671,7 @@ int EC_POINT_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *p,
const BIGNUM *x, int y_bit,
BN_CTX *ctx);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
/** Sets the x9.62 compressed coordinates of a EC_POINT. A synonym of
* EC_POINT_set_compressed_coordinates
* \param group underlying EC_GROUP object
@@ -605,12 +681,10 @@ int EC_POINT_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *p,
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occurred
*/
-DEPRECATEDIN_3_0(int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
- EC_POINT *p,
- const BIGNUM *x,
- int y_bit,
- BN_CTX *ctx))
-# ifndef OPENSSL_NO_EC2M
+OSSL_DEPRECATEDIN_3_0 int EC_POINT_set_compressed_coordinates_GFp
+ (const EC_GROUP *group, EC_POINT *p,
+ const BIGNUM *x, int y_bit, BN_CTX *ctx);
+# ifndef OPENSSL_NO_EC2M
/** Sets the affine coordinates of an EC_POINT. A synonym of
* EC_POINT_set_affine_coordinates
* \param group underlying EC_GROUP object
@@ -620,11 +694,9 @@ DEPRECATEDIN_3_0(int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *gro
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occurred
*/
-DEPRECATEDIN_3_0(int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group,
- EC_POINT *p,
- const BIGNUM *x,
- const BIGNUM *y,
- BN_CTX *ctx))
+OSSL_DEPRECATEDIN_3_0 int EC_POINT_set_affine_coordinates_GF2m
+ (const EC_GROUP *group, EC_POINT *p,
+ const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx);
/** Gets the affine coordinates of an EC_POINT. A synonym of
* EC_POINT_get_affine_coordinates
@@ -635,11 +707,9 @@ DEPRECATEDIN_3_0(int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group,
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occurred
*/
-DEPRECATEDIN_3_0(int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
- const EC_POINT *p,
- BIGNUM *x,
- BIGNUM *y,
- BN_CTX *ctx))
+OSSL_DEPRECATEDIN_3_0 int EC_POINT_get_affine_coordinates_GF2m
+ (const EC_GROUP *group, const EC_POINT *p,
+ BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
/** Sets the x9.62 compressed coordinates of a EC_POINT. A synonym of
* EC_POINT_set_compressed_coordinates
@@ -650,12 +720,12 @@ DEPRECATEDIN_3_0(int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occurred
*/
-DEPRECATEDIN_3_0(int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
- EC_POINT *p,
- const BIGNUM *x,
- int y_bit,
- BN_CTX *ctx))
-# endif
+OSSL_DEPRECATEDIN_3_0 int EC_POINT_set_compressed_coordinates_GF2m
+ (const EC_GROUP *group, EC_POINT *p,
+ const BIGNUM *x, int y_bit, BN_CTX *ctx);
+# endif
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
+
/** Encodes a EC_POINT object to a octet string
* \param group underlying EC_GROUP object
* \param p EC_POINT object
@@ -694,10 +764,16 @@ size_t EC_POINT_point2buf(const EC_GROUP *group, const EC_POINT *point,
unsigned char **pbuf, BN_CTX *ctx);
/* other interfaces to point2oct/oct2point: */
-BIGNUM *EC_POINT_point2bn(const EC_GROUP *, const EC_POINT *,
- point_conversion_form_t form, BIGNUM *, BN_CTX *);
-EC_POINT *EC_POINT_bn2point(const EC_GROUP *, const BIGNUM *,
- EC_POINT *, BN_CTX *);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 BIGNUM *EC_POINT_point2bn(const EC_GROUP *,
+ const EC_POINT *,
+ point_conversion_form_t form,
+ BIGNUM *, BN_CTX *);
+OSSL_DEPRECATEDIN_3_0 EC_POINT *EC_POINT_bn2point(const EC_GROUP *,
+ const BIGNUM *,
+ EC_POINT *, BN_CTX *);
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
+
char *EC_POINT_point2hex(const EC_GROUP *, const EC_POINT *,
point_conversion_form_t form, BN_CTX *);
EC_POINT *EC_POINT_hex2point(const EC_GROUP *, const char *,
@@ -762,10 +838,11 @@ int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point,
int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b,
BN_CTX *ctx);
-DEPRECATEDIN_3_0(int EC_POINT_make_affine(const EC_GROUP *group,
- EC_POINT *point, BN_CTX *ctx))
-DEPRECATEDIN_3_0(int EC_POINTs_make_affine(const EC_GROUP *group, size_t num,
- EC_POINT *points[], BN_CTX *ctx))
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int EC_POINT_make_affine(const EC_GROUP *group,
+ EC_POINT *point, BN_CTX *ctx);
+OSSL_DEPRECATEDIN_3_0 int EC_POINTs_make_affine(const EC_GROUP *group, size_t num,
+ EC_POINT *points[], BN_CTX *ctx);
/** Computes r = generator * n + sum_{i=0}^{num-1} p[i] * m[i]
* \param group underlying EC_GROUP object
@@ -777,10 +854,11 @@ DEPRECATEDIN_3_0(int EC_POINTs_make_affine(const EC_GROUP *group, size_t num,
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occurred
*/
-DEPRECATEDIN_3_0(int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r,
- const BIGNUM *n, size_t num,
- const EC_POINT *p[], const BIGNUM *m[],
- BN_CTX *ctx))
+OSSL_DEPRECATEDIN_3_0 int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r,
+ const BIGNUM *n, size_t num,
+ const EC_POINT *p[], const BIGNUM *m[],
+ BN_CTX *ctx);
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
/** Computes r = generator * n + q * m
* \param group underlying EC_GROUP object
@@ -794,18 +872,20 @@ DEPRECATEDIN_3_0(int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r,
int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n,
const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
/** Stores multiples of generator for faster point multiplication
* \param group EC_GROUP object
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occurred
*/
-DEPRECATEDIN_3_0(int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx))
+OSSL_DEPRECATEDIN_3_0 int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
/** Reports whether a precomputation has been done
* \param group EC_GROUP object
* \return 1 if a pre-computation has been done and 0 otherwise
*/
-DEPRECATEDIN_3_0(int EC_GROUP_have_precompute_mult(const EC_GROUP *group))
+OSSL_DEPRECATEDIN_3_0 int EC_GROUP_have_precompute_mult(const EC_GROUP *group);
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
/********************************************************************/
/* ASN1 stuff */
@@ -827,9 +907,6 @@ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
unsigned int *k2, unsigned int *k3);
# endif
-# define OPENSSL_EC_EXPLICIT_CURVE 0x000
-# define OPENSSL_EC_NAMED_CURVE 0x001
-
EC_GROUP *d2i_ECPKParameters(EC_GROUP **, const unsigned char **in, long len);
int i2d_ECPKParameters(const EC_GROUP *, unsigned char **out);
@@ -843,10 +920,14 @@ int i2d_ECPKParameters(const EC_GROUP *, unsigned char **out);
# define i2d_ECPKParameters_fp(fp,x) \
ASN1_i2d_fp(i2d_ECPKParameters,(fp), (unsigned char *)(x))
-int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off);
-# ifndef OPENSSL_NO_STDIO
-int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off);
-# endif
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int ECPKParameters_print(BIO *bp, const EC_GROUP *x,
+ int off);
+# ifndef OPENSSL_NO_STDIO
+OSSL_DEPRECATEDIN_3_0 int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x,
+ int off);
+# endif
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
/********************************************************************/
/* EC_KEY functions */
@@ -857,30 +938,40 @@ int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off);
# define EC_PKEY_NO_PUBKEY 0x002
/* some values for the flags field */
-# define EC_FLAG_NON_FIPS_ALLOW 0x1
-# define EC_FLAG_FIPS_CHECKED 0x2
-# define EC_FLAG_COFACTOR_ECDH 0x1000
+# define EC_FLAG_SM2_RANGE 0x0004
+# define EC_FLAG_COFACTOR_ECDH 0x1000
+# define EC_FLAG_CHECK_NAMED_GROUP 0x2000
+# define EC_FLAG_CHECK_NAMED_GROUP_NIST 0x4000
+# define EC_FLAG_CHECK_NAMED_GROUP_MASK \
+ (EC_FLAG_CHECK_NAMED_GROUP | EC_FLAG_CHECK_NAMED_GROUP_NIST)
+
+/* Deprecated flags - it was using 0x01..0x02 */
+# define EC_FLAG_NON_FIPS_ALLOW 0x0000
+# define EC_FLAG_FIPS_CHECKED 0x0000
+# ifndef OPENSSL_NO_DEPRECATED_3_0
/**
* Creates a new EC_KEY object.
* \param ctx The library context for to use for this EC_KEY. May be NULL in
* which case the default library context is used.
* \return EC_KEY object or NULL if an error occurred.
*/
-EC_KEY *EC_KEY_new_with_libctx(OPENSSL_CTX *ctx, const char *propq);
+OSSL_DEPRECATEDIN_3_0 EC_KEY *EC_KEY_new_ex(OSSL_LIB_CTX *ctx, const char *propq);
/**
- * Creates a new EC_KEY object. Same as calling EC_KEY_new_with_libctx with a
+ * Creates a new EC_KEY object. Same as calling EC_KEY_new_ex with a
* NULL library context
* \return EC_KEY object or NULL if an error occurred.
*/
-EC_KEY *EC_KEY_new(void);
+OSSL_DEPRECATEDIN_3_0 EC_KEY *EC_KEY_new(void);
+
+OSSL_DEPRECATEDIN_3_0 int EC_KEY_get_flags(const EC_KEY *key);
-int EC_KEY_get_flags(const EC_KEY *key);
+OSSL_DEPRECATEDIN_3_0 void EC_KEY_set_flags(EC_KEY *key, int flags);
-void EC_KEY_set_flags(EC_KEY *key, int flags);
+OSSL_DEPRECATEDIN_3_0 void EC_KEY_clear_flags(EC_KEY *key, int flags);
-void EC_KEY_clear_flags(EC_KEY *key, int flags);
+OSSL_DEPRECATEDIN_3_0 int EC_KEY_decoded_from_explicit_params(const EC_KEY *key);
/**
* Creates a new EC_KEY object using a named curve as underlying
@@ -891,8 +982,9 @@ void EC_KEY_clear_flags(EC_KEY *key, int flags);
* \param nid NID of the named curve.
* \return EC_KEY object or NULL if an error occurred.
*/
-EC_KEY *EC_KEY_new_by_curve_name_with_libctx(OPENSSL_CTX *ctx, const char *propq,
- int nid);
+OSSL_DEPRECATEDIN_3_0 EC_KEY *EC_KEY_new_by_curve_name_ex(OSSL_LIB_CTX *ctx,
+ const char *propq,
+ int nid);
/**
* Creates a new EC_KEY object using a named curve as underlying
@@ -901,44 +993,43 @@ EC_KEY *EC_KEY_new_by_curve_name_with_libctx(OPENSSL_CTX *ctx, const char *propq
* \param nid NID of the named curve.
* \return EC_KEY object or NULL if an error occurred.
*/
-EC_KEY *EC_KEY_new_by_curve_name(int nid);
-
+OSSL_DEPRECATEDIN_3_0 EC_KEY *EC_KEY_new_by_curve_name(int nid);
/** Frees a EC_KEY object.
* \param key EC_KEY object to be freed.
*/
-void EC_KEY_free(EC_KEY *key);
+OSSL_DEPRECATEDIN_3_0 void EC_KEY_free(EC_KEY *key);
/** Copies a EC_KEY object.
* \param dst destination EC_KEY object
* \param src src EC_KEY object
* \return dst or NULL if an error occurred.
*/
-EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+OSSL_DEPRECATEDIN_3_0 EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
/** Creates a new EC_KEY object and copies the content from src to it.
* \param src the source EC_KEY object
* \return newly created EC_KEY object or NULL if an error occurred.
*/
-EC_KEY *EC_KEY_dup(const EC_KEY *src);
+OSSL_DEPRECATEDIN_3_0 EC_KEY *EC_KEY_dup(const EC_KEY *src);
/** Increases the internal reference count of a EC_KEY object.
* \param key EC_KEY object
* \return 1 on success and 0 if an error occurred.
*/
-int EC_KEY_up_ref(EC_KEY *key);
+OSSL_DEPRECATEDIN_3_0 int EC_KEY_up_ref(EC_KEY *key);
/** Returns the ENGINE object of a EC_KEY object
* \param eckey EC_KEY object
* \return the ENGINE object (possibly NULL).
*/
-ENGINE *EC_KEY_get0_engine(const EC_KEY *eckey);
+OSSL_DEPRECATEDIN_3_0 ENGINE *EC_KEY_get0_engine(const EC_KEY *eckey);
/** Returns the EC_GROUP object of a EC_KEY object
* \param key EC_KEY object
* \return the EC_GROUP object (possibly NULL).
*/
-const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+OSSL_DEPRECATEDIN_3_0 const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
/** Sets the EC_GROUP of a EC_KEY object.
* \param key EC_KEY object
@@ -946,13 +1037,13 @@ const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
* object will use an own copy of the EC_GROUP).
* \return 1 on success and 0 if an error occurred.
*/
-int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+OSSL_DEPRECATEDIN_3_0 int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
/** Returns the private key of a EC_KEY object.
* \param key EC_KEY object
* \return a BIGNUM with the private key (possibly NULL).
*/
-const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+OSSL_DEPRECATEDIN_3_0 const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
/** Sets the private key of a EC_KEY object.
* \param key EC_KEY object
@@ -960,13 +1051,13 @@ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
* will use an own copy of the BIGNUM).
* \return 1 on success and 0 if an error occurred.
*/
-int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+OSSL_DEPRECATEDIN_3_0 int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
/** Returns the public key of a EC_KEY object.
* \param key the EC_KEY object
* \return a EC_POINT object with the public key (possibly NULL)
*/
-const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+OSSL_DEPRECATEDIN_3_0 const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
/** Sets the public key of a EC_KEY object.
* \param key EC_KEY object
@@ -974,20 +1065,24 @@ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
* will use an own copy of the EC_POINT object).
* \return 1 on success and 0 if an error occurred.
*/
-int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+OSSL_DEPRECATEDIN_3_0 int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
-unsigned EC_KEY_get_enc_flags(const EC_KEY *key);
-void EC_KEY_set_enc_flags(EC_KEY *eckey, unsigned int flags);
-point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
-void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+OSSL_DEPRECATEDIN_3_0 unsigned EC_KEY_get_enc_flags(const EC_KEY *key);
+OSSL_DEPRECATEDIN_3_0 void EC_KEY_set_enc_flags(EC_KEY *eckey, unsigned int flags);
+OSSL_DEPRECATEDIN_3_0 point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+OSSL_DEPRECATEDIN_3_0 void EC_KEY_set_conv_form(EC_KEY *eckey,
+ point_conversion_form_t cform);
+# endif /*OPENSSL_NO_DEPRECATED_3_0 */
-# define EC_KEY_get_ex_new_index(l, p, newf, dupf, freef) \
+# define EC_KEY_get_ex_new_index(l, p, newf, dupf, freef) \
CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_EC_KEY, l, p, newf, dupf, freef)
-int EC_KEY_set_ex_data(EC_KEY *key, int idx, void *arg);
-void *EC_KEY_get_ex_data(const EC_KEY *key, int idx);
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int EC_KEY_set_ex_data(EC_KEY *key, int idx, void *arg);
+OSSL_DEPRECATEDIN_3_0 void *EC_KEY_get_ex_data(const EC_KEY *key, int idx);
/* wrapper functions for the underlying EC_GROUP object */
-void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+OSSL_DEPRECATEDIN_3_0 void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
/** Creates a table of pre-computed multiples of the generator to
* accelerate further EC_KEY operations.
@@ -995,25 +1090,25 @@ void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
* \param ctx BN_CTX object (optional)
* \return 1 on success and 0 if an error occurred.
*/
-DEPRECATEDIN_3_0(int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx))
+OSSL_DEPRECATEDIN_3_0 int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
/** Creates a new ec private (and optional a new public) key.
* \param key EC_KEY object
* \return 1 on success and 0 if an error occurred.
*/
-int EC_KEY_generate_key(EC_KEY *key);
+OSSL_DEPRECATEDIN_3_0 int EC_KEY_generate_key(EC_KEY *key);
/** Verifies that a private and/or public key is valid.
* \param key the EC_KEY object
* \return 1 on success and 0 otherwise.
*/
-int EC_KEY_check_key(const EC_KEY *key);
+OSSL_DEPRECATEDIN_3_0 int EC_KEY_check_key(const EC_KEY *key);
/** Indicates if an EC_KEY can be used for signing.
* \param eckey the EC_KEY object
* \return 1 if can can sign and 0 otherwise.
*/
-int EC_KEY_can_sign(const EC_KEY *eckey);
+OSSL_DEPRECATEDIN_3_0 int EC_KEY_can_sign(const EC_KEY *eckey);
/** Sets a public key from affine coordinates performing
* necessary NIST PKV tests.
@@ -1022,8 +1117,9 @@ int EC_KEY_can_sign(const EC_KEY *eckey);
* \param y public key y coordinate
* \return 1 on success and 0 otherwise.
*/
-int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x,
- BIGNUM *y);
+OSSL_DEPRECATEDIN_3_0 int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key,
+ BIGNUM *x,
+ BIGNUM *y);
/** Encodes an EC_KEY public key to an allocated octet string
* \param key key to encode
@@ -1032,8 +1128,9 @@ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x,
* \param ctx BN_CTX object (optional)
* \return the length of the encoded octet string or 0 if an error occurred
*/
-size_t EC_KEY_key2buf(const EC_KEY *key, point_conversion_form_t form,
- unsigned char **pbuf, BN_CTX *ctx);
+OSSL_DEPRECATEDIN_3_0 size_t EC_KEY_key2buf(const EC_KEY *key,
+ point_conversion_form_t form,
+ unsigned char **pbuf, BN_CTX *ctx);
/** Decodes a EC_KEY public key from a octet string
* \param key key to decode
@@ -1043,8 +1140,8 @@ size_t EC_KEY_key2buf(const EC_KEY *key, point_conversion_form_t form,
* \return 1 on success and 0 if an error occurred
*/
-int EC_KEY_oct2key(EC_KEY *key, const unsigned char *buf, size_t len,
- BN_CTX *ctx);
+OSSL_DEPRECATEDIN_3_0 int EC_KEY_oct2key(EC_KEY *key, const unsigned char *buf,
+ size_t len, BN_CTX *ctx);
/** Decodes an EC_KEY private key from an octet string
* \param key key to decode
@@ -1053,7 +1150,8 @@ int EC_KEY_oct2key(EC_KEY *key, const unsigned char *buf, size_t len,
* \return 1 on success and 0 if an error occurred
*/
-int EC_KEY_oct2priv(EC_KEY *key, const unsigned char *buf, size_t len);
+OSSL_DEPRECATEDIN_3_0 int EC_KEY_oct2priv(EC_KEY *key, const unsigned char *buf,
+ size_t len);
/** Encodes a EC_KEY private key to an octet string
* \param key key to encode
@@ -1063,14 +1161,16 @@ int EC_KEY_oct2priv(EC_KEY *key, const unsigned char *buf, size_t len);
* \return the length of the encoded octet string or 0 if an error occurred
*/
-size_t EC_KEY_priv2oct(const EC_KEY *key, unsigned char *buf, size_t len);
+OSSL_DEPRECATEDIN_3_0 size_t EC_KEY_priv2oct(const EC_KEY *key,
+ unsigned char *buf, size_t len);
/** Encodes an EC_KEY private key to an allocated octet string
* \param eckey key to encode
* \param pbuf returns pointer to allocated buffer
* \return the length of the encoded octet string or 0 if an error occurred
*/
-size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf);
+OSSL_DEPRECATEDIN_3_0 size_t EC_KEY_priv2buf(const EC_KEY *eckey,
+ unsigned char **pbuf);
/********************************************************************/
/* de- and encoding functions for SEC1 ECPrivateKey */
@@ -1082,7 +1182,9 @@ size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf);
* \param len length of the DER encoded private key
* \return the decoded private key or NULL if an error occurred.
*/
-EC_KEY *d2i_ECPrivateKey(EC_KEY **key, const unsigned char **in, long len);
+OSSL_DEPRECATEDIN_3_0 EC_KEY *d2i_ECPrivateKey(EC_KEY **key,
+ const unsigned char **in,
+ long len);
/** Encodes a private key object and stores the result in a buffer.
* \param key the EC_KEY object to encode
@@ -1090,7 +1192,8 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **key, const unsigned char **in, long len);
* of bytes needed).
* \return 1 on success and 0 if an error occurred.
*/
-int i2d_ECPrivateKey(const EC_KEY *key, unsigned char **out);
+OSSL_DEPRECATEDIN_3_0 int i2d_ECPrivateKey(const EC_KEY *key,
+ unsigned char **out);
/********************************************************************/
/* de- and encoding functions for EC parameters */
@@ -1103,7 +1206,9 @@ int i2d_ECPrivateKey(const EC_KEY *key, unsigned char **out);
* \return a EC_KEY object with the decoded parameters or NULL if an error
* occurred.
*/
-EC_KEY *d2i_ECParameters(EC_KEY **key, const unsigned char **in, long len);
+OSSL_DEPRECATEDIN_3_0 EC_KEY *d2i_ECParameters(EC_KEY **key,
+ const unsigned char **in,
+ long len);
/** Encodes ec parameter and stores the result in a buffer.
* \param key the EC_KEY object with ec parameters to encode
@@ -1111,36 +1216,38 @@ EC_KEY *d2i_ECParameters(EC_KEY **key, const unsigned char **in, long len);
* of bytes needed).
* \return 1 on success and 0 if an error occurred.
*/
-int i2d_ECParameters(const EC_KEY *key, unsigned char **out);
+OSSL_DEPRECATEDIN_3_0 int i2d_ECParameters(const EC_KEY *key,
+ unsigned char **out);
/********************************************************************/
/* de- and encoding functions for EC public key */
/* (octet string, not DER -- hence 'o2i' and 'i2o') */
/********************************************************************/
-/** Decodes a ec public key from a octet string.
+/** Decodes an ec public key from a octet string.
* \param key a pointer to a EC_KEY object which should be used
* \param in memory buffer with the encoded public key
* \param len length of the encoded public key
* \return EC_KEY object with decoded public key or NULL if an error
* occurred.
*/
-EC_KEY *o2i_ECPublicKey(EC_KEY **key, const unsigned char **in, long len);
+OSSL_DEPRECATEDIN_3_0 EC_KEY *o2i_ECPublicKey(EC_KEY **key,
+ const unsigned char **in, long len);
-/** Encodes a ec public key in an octet string.
+/** Encodes an ec public key in an octet string.
* \param key the EC_KEY object with the public key
* \param out the buffer for the result (if NULL the function returns number
* of bytes needed).
* \return 1 on success and 0 if an error occurred
*/
-int i2o_ECPublicKey(const EC_KEY *key, unsigned char **out);
+OSSL_DEPRECATEDIN_3_0 int i2o_ECPublicKey(const EC_KEY *key, unsigned char **out);
/** Prints out the ec parameters on human readable form.
* \param bp BIO object to which the information is printed
* \param key EC_KEY object
* \return 1 on success and 0 if an error occurred
*/
-int ECParameters_print(BIO *bp, const EC_KEY *key);
+OSSL_DEPRECATEDIN_3_0 int ECParameters_print(BIO *bp, const EC_KEY *key);
/** Prints out the contents of a EC_KEY object
* \param bp BIO object to which the information is printed
@@ -1148,15 +1255,15 @@ int ECParameters_print(BIO *bp, const EC_KEY *key);
* \param off line offset
* \return 1 on success and 0 if an error occurred
*/
-int EC_KEY_print(BIO *bp, const EC_KEY *key, int off);
+OSSL_DEPRECATEDIN_3_0 int EC_KEY_print(BIO *bp, const EC_KEY *key, int off);
-# ifndef OPENSSL_NO_STDIO
+# ifndef OPENSSL_NO_STDIO
/** Prints out the ec parameters on human readable form.
* \param fp file descriptor to which the information is printed
* \param key EC_KEY object
* \return 1 on success and 0 if an error occurred
*/
-int ECParameters_print_fp(FILE *fp, const EC_KEY *key);
+OSSL_DEPRECATEDIN_3_0 int ECParameters_print_fp(FILE *fp, const EC_KEY *key);
/** Prints out the contents of a EC_KEY object
* \param fp file descriptor to which the information is printed
@@ -1164,32 +1271,33 @@ int ECParameters_print_fp(FILE *fp, const EC_KEY *key);
* \param off line offset
* \return 1 on success and 0 if an error occurred
*/
-int EC_KEY_print_fp(FILE *fp, const EC_KEY *key, int off);
-
-# endif
+OSSL_DEPRECATEDIN_3_0 int EC_KEY_print_fp(FILE *fp, const EC_KEY *key, int off);
+# endif /* OPENSSL_NO_STDIO */
-const EC_KEY_METHOD *EC_KEY_OpenSSL(void);
-const EC_KEY_METHOD *EC_KEY_get_default_method(void);
-void EC_KEY_set_default_method(const EC_KEY_METHOD *meth);
-const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
-int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
-EC_KEY *EC_KEY_new_method(ENGINE *engine);
+OSSL_DEPRECATEDIN_3_0 const EC_KEY_METHOD *EC_KEY_OpenSSL(void);
+OSSL_DEPRECATEDIN_3_0 const EC_KEY_METHOD *EC_KEY_get_default_method(void);
+OSSL_DEPRECATEDIN_3_0 void EC_KEY_set_default_method(const EC_KEY_METHOD *meth);
+OSSL_DEPRECATEDIN_3_0 const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
+OSSL_DEPRECATEDIN_3_0 int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
+OSSL_DEPRECATEDIN_3_0 EC_KEY *EC_KEY_new_method(ENGINE *engine);
/** The old name for ecdh_KDF_X9_63
* The ECDH KDF specification has been mistakingly attributed to ANSI X9.62,
* it is actually specified in ANSI X9.63.
* This identifier is retained for backwards compatibility
*/
-DEPRECATEDIN_3_0(int ECDH_KDF_X9_62(unsigned char *out, size_t outlen,
- const unsigned char *Z, size_t Zlen,
- const unsigned char *sinfo, size_t sinfolen,
- const EVP_MD *md))
+OSSL_DEPRECATEDIN_3_0 int ECDH_KDF_X9_62(unsigned char *out, size_t outlen,
+ const unsigned char *Z, size_t Zlen,
+ const unsigned char *sinfo,
+ size_t sinfolen, const EVP_MD *md);
-DEPRECATEDIN_3_0(int ECDH_compute_key(void *out, size_t outlen,
- const EC_POINT *pub_key,
- const EC_KEY *ecdh,
- void *(*KDF)(const void *in, size_t inlen,
- void *out, size_t *outlen)))
+OSSL_DEPRECATEDIN_3_0 int ECDH_compute_key(void *out, size_t outlen,
+ const EC_POINT *pub_key,
+ const EC_KEY *ecdh,
+ void *(*KDF)(const void *in,
+ size_t inlen, void *out,
+ size_t *outlen));
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
typedef struct ECDSA_SIG_st ECDSA_SIG;
@@ -1239,11 +1347,12 @@ const BIGNUM *ECDSA_SIG_get0_s(const ECDSA_SIG *sig);
/** Setter for r and s fields of ECDSA_SIG
* \param sig pointer to ECDSA_SIG structure
- * \param r pointer to BIGNUM for r (may be NULL)
- * \param s pointer to BIGNUM for s (may be NULL)
+ * \param r pointer to BIGNUM for r
+ * \param s pointer to BIGNUM for s
*/
int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
/** Computes the ECDSA signature of the given hash value using
* the supplied private key and returns the created signature.
* \param dgst pointer to the hash value
@@ -1251,8 +1360,8 @@ int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s);
* \param eckey EC_KEY object containing a private EC key
* \return pointer to a ECDSA_SIG structure or NULL if an error occurred
*/
-DEPRECATEDIN_3_0(ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst,
- int dgst_len, EC_KEY *eckey))
+OSSL_DEPRECATEDIN_3_0 ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst,
+ int dgst_len, EC_KEY *eckey);
/** Computes ECDSA signature of a given hash value using the supplied
* private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
@@ -1264,9 +1373,9 @@ DEPRECATEDIN_3_0(ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst,
* \param eckey EC_KEY object containing a private EC key
* \return pointer to a ECDSA_SIG structure or NULL if an error occurred
*/
-DEPRECATEDIN_3_0(ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst,
- int dgstlen, const BIGNUM *kinv,
- const BIGNUM *rp, EC_KEY *eckey))
+OSSL_DEPRECATEDIN_3_0 ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst,
+ int dgstlen, const BIGNUM *kinv,
+ const BIGNUM *rp, EC_KEY *eckey);
/** Verifies that the supplied signature is a valid ECDSA
* signature of the supplied hash value using the supplied public key.
@@ -1277,8 +1386,8 @@ DEPRECATEDIN_3_0(ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst,
* \return 1 if the signature is valid, 0 if the signature is invalid
* and -1 on error
*/
-DEPRECATEDIN_3_0(int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
- const ECDSA_SIG *sig, EC_KEY *eckey))
+OSSL_DEPRECATEDIN_3_0 int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
+ const ECDSA_SIG *sig, EC_KEY *eckey);
/** Precompute parts of the signing operation
* \param eckey EC_KEY object containing a private EC key
@@ -1287,8 +1396,8 @@ DEPRECATEDIN_3_0(int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
* \param rp BIGNUM pointer for x coordinate of k * generator
* \return 1 on success and 0 otherwise
*/
-DEPRECATEDIN_3_0(int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx,
- BIGNUM **kinv, BIGNUM **rp))
+OSSL_DEPRECATEDIN_3_0 int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx,
+ BIGNUM **kinv, BIGNUM **rp);
/** Computes ECDSA signature of a given hash value using the supplied
* private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
@@ -1300,9 +1409,9 @@ DEPRECATEDIN_3_0(int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx,
* \param eckey EC_KEY object containing a private EC key
* \return 1 on success and 0 otherwise
*/
-DEPRECATEDIN_3_0(int ECDSA_sign(int type, const unsigned char *dgst,
- int dgstlen, unsigned char *sig,
- unsigned int *siglen, EC_KEY *eckey))
+OSSL_DEPRECATEDIN_3_0 int ECDSA_sign(int type, const unsigned char *dgst,
+ int dgstlen, unsigned char *sig,
+ unsigned int *siglen, EC_KEY *eckey);
/** Computes ECDSA signature of a given hash value using the supplied
* private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
@@ -1317,10 +1426,10 @@ DEPRECATEDIN_3_0(int ECDSA_sign(int type, const unsigned char *dgst,
* \param eckey EC_KEY object containing a private EC key
* \return 1 on success and 0 otherwise
*/
-DEPRECATEDIN_3_0(int ECDSA_sign_ex(int type, const unsigned char *dgst,
- int dgstlen, unsigned char *sig,
- unsigned int *siglen, const BIGNUM *kinv,
- const BIGNUM *rp, EC_KEY *eckey))
+OSSL_DEPRECATEDIN_3_0 int ECDSA_sign_ex(int type, const unsigned char *dgst,
+ int dgstlen, unsigned char *sig,
+ unsigned int *siglen, const BIGNUM *kinv,
+ const BIGNUM *rp, EC_KEY *eckey);
/** Verifies that the given signature is valid ECDSA signature
* of the supplied hash value using the specified public key.
@@ -1333,119 +1442,114 @@ DEPRECATEDIN_3_0(int ECDSA_sign_ex(int type, const unsigned char *dgst,
* \return 1 if the signature is valid, 0 if the signature is invalid
* and -1 on error
*/
-DEPRECATEDIN_3_0(int ECDSA_verify(int type, const unsigned char *dgst,
- int dgstlen, const unsigned char *sig,
- int siglen, EC_KEY *eckey))
+OSSL_DEPRECATEDIN_3_0 int ECDSA_verify(int type, const unsigned char *dgst,
+ int dgstlen, const unsigned char *sig,
+ int siglen, EC_KEY *eckey);
/** Returns the maximum length of the DER encoded signature
* \param eckey EC_KEY object
* \return numbers of bytes required for the DER encoded signature
*/
-DEPRECATEDIN_3_0(int ECDSA_size(const EC_KEY *eckey))
+OSSL_DEPRECATEDIN_3_0 int ECDSA_size(const EC_KEY *eckey);
/********************************************************************/
/* EC_KEY_METHOD constructors, destructors, writers and accessors */
/********************************************************************/
-DEPRECATEDIN_3_0(EC_KEY_METHOD *EC_KEY_METHOD_new(const EC_KEY_METHOD *meth))
-DEPRECATEDIN_3_0(void EC_KEY_METHOD_free(EC_KEY_METHOD *meth))
-DEPRECATEDIN_3_0(void EC_KEY_METHOD_set_init
- (EC_KEY_METHOD *meth,
- int (*init)(EC_KEY *key),
- void (*finish)(EC_KEY *key),
- int (*copy)(EC_KEY *dest, const EC_KEY *src),
- int (*set_group)(EC_KEY *key, const EC_GROUP *grp),
- int (*set_private)(EC_KEY *key,
- const BIGNUM *priv_key),
- int (*set_public)(EC_KEY *key,
- const EC_POINT *pub_key)))
-
-DEPRECATEDIN_3_0(void EC_KEY_METHOD_set_keygen(EC_KEY_METHOD *meth,
- int (*keygen)(EC_KEY *key)))
-
-DEPRECATEDIN_3_0(void EC_KEY_METHOD_set_compute_key
- (EC_KEY_METHOD *meth,
- int (*ckey)(unsigned char **psec,
- size_t *pseclen,
- const EC_POINT *pub_key,
- const EC_KEY *ecdh)))
-
-DEPRECATEDIN_3_0(void EC_KEY_METHOD_set_sign
- (EC_KEY_METHOD *meth,
- int (*sign)(int type, const unsigned char *dgst,
- int dlen, unsigned char *sig,
- unsigned int *siglen,
- const BIGNUM *kinv, const BIGNUM *r,
- EC_KEY *eckey),
- int (*sign_setup)(EC_KEY *eckey, BN_CTX *ctx_in,
- BIGNUM **kinvp, BIGNUM **rp),
- ECDSA_SIG *(*sign_sig)(const unsigned char *dgst,
- int dgst_len,
- const BIGNUM *in_kinv,
- const BIGNUM *in_r,
- EC_KEY *eckey)))
-
-DEPRECATEDIN_3_0(void EC_KEY_METHOD_set_verify
- (EC_KEY_METHOD *meth,
- int (*verify)(int type, const unsigned
- char *dgst, int dgst_len,
- const unsigned char *sigbuf,
- int sig_len, EC_KEY *eckey),
- int (*verify_sig)(const unsigned char *dgst,
- int dgst_len,
- const ECDSA_SIG *sig,
- EC_KEY *eckey)))
-
-DEPRECATEDIN_3_0(void EC_KEY_METHOD_get_init
- (const EC_KEY_METHOD *meth,
- int (**pinit)(EC_KEY *key),
- void (**pfinish)(EC_KEY *key),
- int (**pcopy)(EC_KEY *dest, const EC_KEY *src),
- int (**pset_group)(EC_KEY *key,
- const EC_GROUP *grp),
- int (**pset_private)(EC_KEY *key,
- const BIGNUM *priv_key),
- int (**pset_public)(EC_KEY *key,
- const EC_POINT *pub_key)))
-
-DEPRECATEDIN_3_0(void EC_KEY_METHOD_get_keygen(const EC_KEY_METHOD *meth,
- int (**pkeygen)(EC_KEY *key)))
-
-DEPRECATEDIN_3_0(void EC_KEY_METHOD_get_compute_key
- (const EC_KEY_METHOD *meth,
- int (**pck)(unsigned char **psec,
- size_t *pseclen,
- const EC_POINT *pub_key,
- const EC_KEY *ecdh)))
-
-DEPRECATEDIN_3_0(void EC_KEY_METHOD_get_sign
- (const EC_KEY_METHOD *meth,
- int (**psign)(int type, const unsigned char *dgst,
- int dlen, unsigned char *sig,
- unsigned int *siglen,
- const BIGNUM *kinv, const BIGNUM *r,
- EC_KEY *eckey),
- int (**psign_setup)(EC_KEY *eckey, BN_CTX *ctx_in,
- BIGNUM **kinvp, BIGNUM **rp),
- ECDSA_SIG *(**psign_sig)(const unsigned char *dgst,
+OSSL_DEPRECATEDIN_3_0 EC_KEY_METHOD *EC_KEY_METHOD_new(const EC_KEY_METHOD *meth);
+OSSL_DEPRECATEDIN_3_0 void EC_KEY_METHOD_free(EC_KEY_METHOD *meth);
+OSSL_DEPRECATEDIN_3_0 void EC_KEY_METHOD_set_init
+ (EC_KEY_METHOD *meth,
+ int (*init)(EC_KEY *key),
+ void (*finish)(EC_KEY *key),
+ int (*copy)(EC_KEY *dest, const EC_KEY *src),
+ int (*set_group)(EC_KEY *key, const EC_GROUP *grp),
+ int (*set_private)(EC_KEY *key, const BIGNUM *priv_key),
+ int (*set_public)(EC_KEY *key, const EC_POINT *pub_key));
+
+OSSL_DEPRECATEDIN_3_0 void EC_KEY_METHOD_set_keygen(EC_KEY_METHOD *meth,
+ int (*keygen)(EC_KEY *key));
+
+OSSL_DEPRECATEDIN_3_0 void EC_KEY_METHOD_set_compute_key
+ (EC_KEY_METHOD *meth,
+ int (*ckey)(unsigned char **psec, size_t *pseclen,
+ const EC_POINT *pub_key, const EC_KEY *ecdh));
+
+OSSL_DEPRECATEDIN_3_0 void EC_KEY_METHOD_set_sign
+ (EC_KEY_METHOD *meth,
+ int (*sign)(int type, const unsigned char *dgst,
+ int dlen, unsigned char *sig,
+ unsigned int *siglen,
+ const BIGNUM *kinv, const BIGNUM *r,
+ EC_KEY *eckey),
+ int (*sign_setup)(EC_KEY *eckey, BN_CTX *ctx_in,
+ BIGNUM **kinvp, BIGNUM **rp),
+ ECDSA_SIG *(*sign_sig)(const unsigned char *dgst,
+ int dgst_len,
+ const BIGNUM *in_kinv,
+ const BIGNUM *in_r,
+ EC_KEY *eckey));
+
+OSSL_DEPRECATEDIN_3_0 void EC_KEY_METHOD_set_verify
+ (EC_KEY_METHOD *meth,
+ int (*verify)(int type, const unsigned
+ char *dgst, int dgst_len,
+ const unsigned char *sigbuf,
+ int sig_len, EC_KEY *eckey),
+ int (*verify_sig)(const unsigned char *dgst,
+ int dgst_len, const ECDSA_SIG *sig,
+ EC_KEY *eckey));
+
+OSSL_DEPRECATEDIN_3_0 void EC_KEY_METHOD_get_init
+ (const EC_KEY_METHOD *meth,
+ int (**pinit)(EC_KEY *key),
+ void (**pfinish)(EC_KEY *key),
+ int (**pcopy)(EC_KEY *dest, const EC_KEY *src),
+ int (**pset_group)(EC_KEY *key, const EC_GROUP *grp),
+ int (**pset_private)(EC_KEY *key, const BIGNUM *priv_key),
+ int (**pset_public)(EC_KEY *key, const EC_POINT *pub_key));
+
+OSSL_DEPRECATEDIN_3_0 void EC_KEY_METHOD_get_keygen
+ (const EC_KEY_METHOD *meth, int (**pkeygen)(EC_KEY *key));
+
+OSSL_DEPRECATEDIN_3_0 void EC_KEY_METHOD_get_compute_key
+ (const EC_KEY_METHOD *meth,
+ int (**pck)(unsigned char **psec,
+ size_t *pseclen,
+ const EC_POINT *pub_key,
+ const EC_KEY *ecdh));
+
+OSSL_DEPRECATEDIN_3_0 void EC_KEY_METHOD_get_sign
+ (const EC_KEY_METHOD *meth,
+ int (**psign)(int type, const unsigned char *dgst,
+ int dlen, unsigned char *sig,
+ unsigned int *siglen,
+ const BIGNUM *kinv, const BIGNUM *r,
+ EC_KEY *eckey),
+ int (**psign_setup)(EC_KEY *eckey, BN_CTX *ctx_in,
+ BIGNUM **kinvp, BIGNUM **rp),
+ ECDSA_SIG *(**psign_sig)(const unsigned char *dgst,
+ int dgst_len,
+ const BIGNUM *in_kinv,
+ const BIGNUM *in_r,
+ EC_KEY *eckey));
+
+OSSL_DEPRECATEDIN_3_0 void EC_KEY_METHOD_get_verify
+ (const EC_KEY_METHOD *meth,
+ int (**pverify)(int type, const unsigned
+ char *dgst, int dgst_len,
+ const unsigned char *sigbuf,
+ int sig_len, EC_KEY *eckey),
+ int (**pverify_sig)(const unsigned char *dgst,
int dgst_len,
- const BIGNUM *in_kinv,
- const BIGNUM *in_r,
- EC_KEY *eckey)))
-
-DEPRECATEDIN_3_0(void EC_KEY_METHOD_get_verify
- (const EC_KEY_METHOD *meth,
- int (**pverify)(int type, const unsigned
- char *dgst, int dgst_len,
- const unsigned char *sigbuf,
- int sig_len, EC_KEY *eckey),
- int (**pverify_sig)(const unsigned char *dgst,
- int dgst_len,
- const ECDSA_SIG *sig,
- EC_KEY *eckey)))
+ const ECDSA_SIG *sig,
+ EC_KEY *eckey));
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
+# define EVP_EC_gen(curve) \
+ EVP_PKEY_Q_keygen(NULL, NULL, "EC", (char *)(strstr(curve, "")))
# define ECParameters_dup(x) ASN1_dup_of(EC_KEY, i2d_ECParameters, \
- d2i_ECParameters, x)
+ d2i_ECParameters, x)
# ifndef __cplusplus
# if defined(__SUNPRO_C)
@@ -1455,67 +1559,8 @@ DEPRECATEDIN_3_0(void EC_KEY_METHOD_get_verify
# endif
# endif
-int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
-
-# define EVP_PKEY_CTX_set_ec_param_enc(ctx, flag) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
- EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN, \
- EVP_PKEY_CTRL_EC_PARAM_ENC, flag, NULL)
-
-int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode);
-int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx);
-
-int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf);
-int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx);
-
-int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
-int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
-
-int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len);
-int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len);
-
-int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm,
- int len);
-int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm);
-
-/* SM2 will skip the operation check so no need to pass operation here */
-# define EVP_PKEY_CTX_set1_id(ctx, id, id_len) \
- EVP_PKEY_CTX_ctrl(ctx, -1, -1, \
- EVP_PKEY_CTRL_SET1_ID, (int)id_len, (void*)(id))
-# define EVP_PKEY_CTX_get1_id(ctx, id) \
- EVP_PKEY_CTX_ctrl(ctx, -1, -1, \
- EVP_PKEY_CTRL_GET1_ID, 0, (void*)(id))
-
-# define EVP_PKEY_CTX_get1_id_len(ctx, id_len) \
- EVP_PKEY_CTX_ctrl(ctx, -1, -1, \
- EVP_PKEY_CTRL_GET1_ID_LEN, 0, (void*)(id_len))
-
-# define EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID (EVP_PKEY_ALG_CTRL + 1)
-# define EVP_PKEY_CTRL_EC_PARAM_ENC (EVP_PKEY_ALG_CTRL + 2)
-# define EVP_PKEY_CTRL_EC_ECDH_COFACTOR (EVP_PKEY_ALG_CTRL + 3)
-# define EVP_PKEY_CTRL_EC_KDF_TYPE (EVP_PKEY_ALG_CTRL + 4)
-# define EVP_PKEY_CTRL_EC_KDF_MD (EVP_PKEY_ALG_CTRL + 5)
-# define EVP_PKEY_CTRL_GET_EC_KDF_MD (EVP_PKEY_ALG_CTRL + 6)
-# define EVP_PKEY_CTRL_EC_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 7)
-# define EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 8)
-# define EVP_PKEY_CTRL_EC_KDF_UKM (EVP_PKEY_ALG_CTRL + 9)
-# define EVP_PKEY_CTRL_GET_EC_KDF_UKM (EVP_PKEY_ALG_CTRL + 10)
-# define EVP_PKEY_CTRL_SET1_ID (EVP_PKEY_ALG_CTRL + 11)
-# define EVP_PKEY_CTRL_GET1_ID (EVP_PKEY_ALG_CTRL + 12)
-# define EVP_PKEY_CTRL_GET1_ID_LEN (EVP_PKEY_ALG_CTRL + 13)
-
-/* KDF types */
-# define EVP_PKEY_ECDH_KDF_NONE 1
-# define EVP_PKEY_ECDH_KDF_X9_63 2
-/** The old name for EVP_PKEY_ECDH_KDF_X9_63
- * The ECDH KDF specification has been mistakingly attributed to ANSI X9.62,
- * it is actually specified in ANSI X9.63.
- * This identifier is retained for backwards compatibility
- */
-# define EVP_PKEY_ECDH_KDF_X9_62 EVP_PKEY_ECDH_KDF_X9_63
-
-# ifdef __cplusplus
+# endif
+# ifdef __cplusplus
}
-# endif
# endif
#endif
diff --git a/openssl/include/openssl/ecdh.h b/openssl/include/openssl/ecdh.h
index 1e7e876c..1e7e876c 100644..100755
--- a/openssl/include/openssl/ecdh.h
+++ b/openssl/include/openssl/ecdh.h
diff --git a/openssl/include/openssl/ecdsa.h b/openssl/include/openssl/ecdsa.h
index 1e7e876c..1e7e876c 100644..100755
--- a/openssl/include/openssl/ecdsa.h
+++ b/openssl/include/openssl/ecdsa.h
diff --git a/openssl/include/openssl/ecerr.h b/openssl/include/openssl/ecerr.h
index 651b31a3..d1e0269b 100644..100755
--- a/openssl/include/openssl/ecerr.h
+++ b/openssl/include/openssl/ecerr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -14,212 +14,11 @@
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
+# include <openssl/cryptoerr_legacy.h>
-# include <openssl/opensslconf.h>
-
# ifndef OPENSSL_NO_EC
-# ifdef __cplusplus
-extern "C"
-# endif
-int ERR_load_EC_strings(void);
-
-/*
- * EC function codes.
- */
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define EC_F_BN_TO_FELEM 0
-# define EC_F_D2I_ECPARAMETERS 0
-# define EC_F_D2I_ECPKPARAMETERS 0
-# define EC_F_D2I_ECPRIVATEKEY 0
-# define EC_F_DO_EC_KEY_PRINT 0
-# define EC_F_ECDH_CMS_DECRYPT 0
-# define EC_F_ECDH_CMS_SET_SHARED_INFO 0
-# define EC_F_ECDH_COMPUTE_KEY 0
-# define EC_F_ECDH_SIMPLE_COMPUTE_KEY 0
-# define EC_F_ECDSA_DO_SIGN_EX 0
-# define EC_F_ECDSA_DO_VERIFY 0
-# define EC_F_ECDSA_S390X_NISTP_SIGN_SIG 0
-# define EC_F_ECDSA_S390X_NISTP_VERIFY_SIG 0
-# define EC_F_ECDSA_SIGN_EX 0
-# define EC_F_ECDSA_SIGN_SETUP 0
-# define EC_F_ECDSA_SIG_NEW 0
-# define EC_F_ECDSA_SIMPLE_SIGN_SETUP 0
-# define EC_F_ECDSA_SIMPLE_SIGN_SIG 0
-# define EC_F_ECDSA_SIMPLE_VERIFY_SIG 0
-# define EC_F_ECDSA_VERIFY 0
-# define EC_F_ECD_ITEM_VERIFY 0
-# define EC_F_ECKEY_PARAM2TYPE 0
-# define EC_F_ECKEY_PARAM_DECODE 0
-# define EC_F_ECKEY_PRIV_DECODE 0
-# define EC_F_ECKEY_PRIV_ENCODE 0
-# define EC_F_ECKEY_PUB_DECODE 0
-# define EC_F_ECKEY_PUB_ENCODE 0
-# define EC_F_ECKEY_TYPE2PARAM 0
-# define EC_F_ECPARAMETERS_PRINT 0
-# define EC_F_ECPARAMETERS_PRINT_FP 0
-# define EC_F_ECPKPARAMETERS_PRINT 0
-# define EC_F_ECPKPARAMETERS_PRINT_FP 0
-# define EC_F_ECP_NISTZ256_GET_AFFINE 0
-# define EC_F_ECP_NISTZ256_INV_MOD_ORD 0
-# define EC_F_ECP_NISTZ256_MULT_PRECOMPUTE 0
-# define EC_F_ECP_NISTZ256_POINTS_MUL 0
-# define EC_F_ECP_NISTZ256_PRE_COMP_NEW 0
-# define EC_F_ECP_NISTZ256_WINDOWED_MUL 0
-# define EC_F_ECX_KEY_OP 0
-# define EC_F_ECX_PRIV_ENCODE 0
-# define EC_F_ECX_PUB_ENCODE 0
-# define EC_F_EC_ASN1_GROUP2CURVE 0
-# define EC_F_EC_ASN1_GROUP2FIELDID 0
-# define EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY 0
-# define EC_F_EC_GF2M_SIMPLE_FIELD_INV 0
-# define EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT 0
-# define EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE 0
-# define EC_F_EC_GF2M_SIMPLE_LADDER_POST 0
-# define EC_F_EC_GF2M_SIMPLE_LADDER_PRE 0
-# define EC_F_EC_GF2M_SIMPLE_OCT2POINT 0
-# define EC_F_EC_GF2M_SIMPLE_POINT2OCT 0
-# define EC_F_EC_GF2M_SIMPLE_POINTS_MUL 0
-# define EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES 0
-# define EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES 0
-# define EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES 0
-# define EC_F_EC_GFP_MONT_FIELD_DECODE 0
-# define EC_F_EC_GFP_MONT_FIELD_ENCODE 0
-# define EC_F_EC_GFP_MONT_FIELD_INV 0
-# define EC_F_EC_GFP_MONT_FIELD_MUL 0
-# define EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE 0
-# define EC_F_EC_GFP_MONT_FIELD_SQR 0
-# define EC_F_EC_GFP_MONT_GROUP_SET_CURVE 0
-# define EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE 0
-# define EC_F_EC_GFP_NISTP224_POINTS_MUL 0
-# define EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES 0
-# define EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE 0
-# define EC_F_EC_GFP_NISTP256_POINTS_MUL 0
-# define EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES 0
-# define EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE 0
-# define EC_F_EC_GFP_NISTP521_POINTS_MUL 0
-# define EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES 0
-# define EC_F_EC_GFP_NIST_FIELD_MUL 0
-# define EC_F_EC_GFP_NIST_FIELD_SQR 0
-# define EC_F_EC_GFP_NIST_GROUP_SET_CURVE 0
-# define EC_F_EC_GFP_SIMPLE_BLIND_COORDINATES 0
-# define EC_F_EC_GFP_SIMPLE_FIELD_INV 0
-# define EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT 0
-# define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE 0
-# define EC_F_EC_GFP_SIMPLE_MAKE_AFFINE 0
-# define EC_F_EC_GFP_SIMPLE_OCT2POINT 0
-# define EC_F_EC_GFP_SIMPLE_POINT2OCT 0
-# define EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE 0
-# define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES 0
-# define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES 0
-# define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES 0
-# define EC_F_EC_GROUP_CHECK 0
-# define EC_F_EC_GROUP_CHECK_DISCRIMINANT 0
-# define EC_F_EC_GROUP_CHECK_NAMED_CURVE 0
-# define EC_F_EC_GROUP_COPY 0
-# define EC_F_EC_GROUP_GET_CURVE 0
-# define EC_F_EC_GROUP_GET_CURVE_GF2M 0
-# define EC_F_EC_GROUP_GET_CURVE_GFP 0
-# define EC_F_EC_GROUP_GET_DEGREE 0
-# define EC_F_EC_GROUP_GET_ECPARAMETERS 0
-# define EC_F_EC_GROUP_GET_ECPKPARAMETERS 0
-# define EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS 0
-# define EC_F_EC_GROUP_GET_TRINOMIAL_BASIS 0
-# define EC_F_EC_GROUP_NEW 0
-# define EC_F_EC_GROUP_NEW_BY_CURVE_NAME 0
-# define EC_F_EC_GROUP_NEW_EX 0
-# define EC_F_EC_GROUP_NEW_FROM_DATA 0
-# define EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS 0
-# define EC_F_EC_GROUP_NEW_FROM_ECPKPARAMETERS 0
-# define EC_F_EC_GROUP_SET_CURVE 0
-# define EC_F_EC_GROUP_SET_CURVE_GF2M 0
-# define EC_F_EC_GROUP_SET_CURVE_GFP 0
-# define EC_F_EC_GROUP_SET_GENERATOR 0
-# define EC_F_EC_GROUP_SET_SEED 0
-# define EC_F_EC_KEY_CHECK_KEY 0
-# define EC_F_EC_KEY_COPY 0
-# define EC_F_EC_KEY_GENERATE_KEY 0
-# define EC_F_EC_KEY_NEW 0
-# define EC_F_EC_KEY_NEW_METHOD 0
-# define EC_F_EC_KEY_NEW_METHOD_INT 0
-# define EC_F_EC_KEY_OCT2PRIV 0
-# define EC_F_EC_KEY_PRINT 0
-# define EC_F_EC_KEY_PRINT_FP 0
-# define EC_F_EC_KEY_PRIV2BUF 0
-# define EC_F_EC_KEY_PRIV2OCT 0
-# define EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES 0
-# define EC_F_EC_KEY_SIMPLE_CHECK_KEY 0
-# define EC_F_EC_KEY_SIMPLE_OCT2PRIV 0
-# define EC_F_EC_KEY_SIMPLE_PRIV2OCT 0
-# define EC_F_EC_PKEY_CHECK 0
-# define EC_F_EC_PKEY_PARAM_CHECK 0
-# define EC_F_EC_POINTS_MAKE_AFFINE 0
-# define EC_F_EC_POINTS_MUL 0
-# define EC_F_EC_POINT_ADD 0
-# define EC_F_EC_POINT_BN2POINT 0
-# define EC_F_EC_POINT_CMP 0
-# define EC_F_EC_POINT_COPY 0
-# define EC_F_EC_POINT_DBL 0
-# define EC_F_EC_POINT_GET_AFFINE_COORDINATES 0
-# define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M 0
-# define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP 0
-# define EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP 0
-# define EC_F_EC_POINT_INVERT 0
-# define EC_F_EC_POINT_IS_AT_INFINITY 0
-# define EC_F_EC_POINT_IS_ON_CURVE 0
-# define EC_F_EC_POINT_MAKE_AFFINE 0
-# define EC_F_EC_POINT_MUL 0
-# define EC_F_EC_POINT_NEW 0
-# define EC_F_EC_POINT_OCT2POINT 0
-# define EC_F_EC_POINT_POINT2BUF 0
-# define EC_F_EC_POINT_POINT2OCT 0
-# define EC_F_EC_POINT_SET_AFFINE_COORDINATES 0
-# define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M 0
-# define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP 0
-# define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES 0
-# define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M 0
-# define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP 0
-# define EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP 0
-# define EC_F_EC_POINT_SET_TO_INFINITY 0
-# define EC_F_EC_PRE_COMP_NEW 0
-# define EC_F_EC_SCALAR_MUL_LADDER 0
-# define EC_F_EC_WNAF_MUL 0
-# define EC_F_EC_WNAF_PRECOMPUTE_MULT 0
-# define EC_F_I2D_ECPARAMETERS 0
-# define EC_F_I2D_ECPKPARAMETERS 0
-# define EC_F_I2D_ECPRIVATEKEY 0
-# define EC_F_I2O_ECPUBLICKEY 0
-# define EC_F_NISTP224_PRE_COMP_NEW 0
-# define EC_F_NISTP256_PRE_COMP_NEW 0
-# define EC_F_NISTP521_PRE_COMP_NEW 0
-# define EC_F_O2I_ECPUBLICKEY 0
-# define EC_F_OLD_EC_PRIV_DECODE 0
-# define EC_F_OSSL_ECDH_COMPUTE_KEY 0
-# define EC_F_OSSL_ECDSA_SIGN_SETUP 0
-# define EC_F_OSSL_ECDSA_SIGN_SIG 0
-# define EC_F_OSSL_ECDSA_VERIFY_SIG 0
-# define EC_F_PKEY_ECD_CTRL 0
-# define EC_F_PKEY_ECD_DIGESTSIGN 0
-# define EC_F_PKEY_ECD_DIGESTSIGN25519 0
-# define EC_F_PKEY_ECD_DIGESTSIGN448 0
-# define EC_F_PKEY_ECX_DERIVE 0
-# define EC_F_PKEY_EC_CTRL 0
-# define EC_F_PKEY_EC_CTRL_STR 0
-# define EC_F_PKEY_EC_DERIVE 0
-# define EC_F_PKEY_EC_INIT 0
-# define EC_F_PKEY_EC_KDF_DERIVE 0
-# define EC_F_PKEY_EC_KEYGEN 0
-# define EC_F_PKEY_EC_PARAMGEN 0
-# define EC_F_PKEY_EC_SIGN 0
-# define EC_F_S390X_PKEY_ECD_DIGESTSIGN25519 0
-# define EC_F_S390X_PKEY_ECD_DIGESTSIGN448 0
-# define EC_F_S390X_PKEY_ECD_KEYGEN25519 0
-# define EC_F_S390X_PKEY_ECD_KEYGEN448 0
-# define EC_F_S390X_PKEY_ECX_KEYGEN25519 0
-# define EC_F_S390X_PKEY_ECX_KEYGEN448 0
-# define EC_F_VALIDATE_ECX_DERIVE 0
-# endif
/*
* EC reason codes.
@@ -233,7 +32,6 @@ int ERR_load_EC_strings(void);
# define EC_R_CURVE_DOES_NOT_SUPPORT_ECDH 160
# define EC_R_CURVE_DOES_NOT_SUPPORT_ECDSA 170
# define EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING 159
-# define EC_R_D2I_ECPKPARAMETERS_FAILURE 117
# define EC_R_DECODE_ERROR 142
# define EC_R_DISCRIMINANT_IS_ZERO 118
# define EC_R_EC_GROUP_NEW_BY_NAME_FAILURE 119
@@ -243,7 +41,10 @@ int ERR_load_EC_strings(void);
# define EC_R_GROUP2PKPARAMETERS_FAILURE 120
# define EC_R_I2D_ECPKPARAMETERS_FAILURE 121
# define EC_R_INCOMPATIBLE_OBJECTS 101
+# define EC_R_INVALID_A 168
# define EC_R_INVALID_ARGUMENT 112
+# define EC_R_INVALID_B 169
+# define EC_R_INVALID_COFACTOR 171
# define EC_R_INVALID_COMPRESSED_POINT 110
# define EC_R_INVALID_COMPRESSION_BIT 109
# define EC_R_INVALID_CURVE 141
@@ -252,18 +53,24 @@ int ERR_load_EC_strings(void);
# define EC_R_INVALID_ENCODING 102
# define EC_R_INVALID_FIELD 103
# define EC_R_INVALID_FORM 104
+# define EC_R_INVALID_GENERATOR 173
# define EC_R_INVALID_GROUP_ORDER 122
# define EC_R_INVALID_KEY 116
+# define EC_R_INVALID_LENGTH 117
+# define EC_R_INVALID_NAMED_GROUP_CONVERSION 174
# define EC_R_INVALID_OUTPUT_LENGTH 161
+# define EC_R_INVALID_P 172
# define EC_R_INVALID_PEER_KEY 133
# define EC_R_INVALID_PENTANOMIAL_BASIS 132
# define EC_R_INVALID_PRIVATE_KEY 123
+# define EC_R_INVALID_SEED 175
# define EC_R_INVALID_TRINOMIAL_BASIS 137
# define EC_R_KDF_PARAMETER_ERROR 148
# define EC_R_KEYS_NOT_SET 140
# define EC_R_LADDER_POST_FAILURE 136
# define EC_R_LADDER_PRE_FAILURE 153
# define EC_R_LADDER_STEP_FAILURE 162
+# define EC_R_MISSING_OID 167
# define EC_R_MISSING_PARAMETERS 124
# define EC_R_MISSING_PRIVATE_KEY 125
# define EC_R_NEED_NEW_SETUP_VALUES 157
@@ -275,7 +82,6 @@ int ERR_load_EC_strings(void);
# define EC_R_OPERATION_NOT_SUPPORTED 152
# define EC_R_PASSED_NULL_PARAMETER 134
# define EC_R_PEER_KEY_ERROR 149
-# define EC_R_PKPARAMETERS2GROUP_FAILURE 127
# define EC_R_POINT_ARITHMETIC_FAILURE 155
# define EC_R_POINT_AT_INFINITY 106
# define EC_R_POINT_COORDINATES_BLIND_FAILURE 163
diff --git a/openssl/include/openssl/encoder.h b/openssl/include/openssl/encoder.h
new file mode 100755
index 00000000..8642319b
--- /dev/null
+++ b/openssl/include/openssl/encoder.h
@@ -0,0 +1,124 @@
+/*
+ * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_ENCODER_H
+# define OPENSSL_ENCODER_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_STDIO
+# include <stdio.h>
+# endif
+# include <stdarg.h>
+# include <stddef.h>
+# include <openssl/encodererr.h>
+# include <openssl/types.h>
+# include <openssl/core.h>
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+OSSL_ENCODER *OSSL_ENCODER_fetch(OSSL_LIB_CTX *libctx, const char *name,
+ const char *properties);
+int OSSL_ENCODER_up_ref(OSSL_ENCODER *encoder);
+void OSSL_ENCODER_free(OSSL_ENCODER *encoder);
+
+const OSSL_PROVIDER *OSSL_ENCODER_get0_provider(const OSSL_ENCODER *encoder);
+const char *OSSL_ENCODER_get0_properties(const OSSL_ENCODER *encoder);
+const char *OSSL_ENCODER_get0_name(const OSSL_ENCODER *kdf);
+const char *OSSL_ENCODER_get0_description(const OSSL_ENCODER *kdf);
+int OSSL_ENCODER_is_a(const OSSL_ENCODER *encoder, const char *name);
+
+void OSSL_ENCODER_do_all_provided(OSSL_LIB_CTX *libctx,
+ void (*fn)(OSSL_ENCODER *encoder, void *arg),
+ void *arg);
+int OSSL_ENCODER_names_do_all(const OSSL_ENCODER *encoder,
+ void (*fn)(const char *name, void *data),
+ void *data);
+const OSSL_PARAM *OSSL_ENCODER_gettable_params(OSSL_ENCODER *encoder);
+int OSSL_ENCODER_get_params(OSSL_ENCODER *encoder, OSSL_PARAM params[]);
+
+const OSSL_PARAM *OSSL_ENCODER_settable_ctx_params(OSSL_ENCODER *encoder);
+OSSL_ENCODER_CTX *OSSL_ENCODER_CTX_new(void);
+int OSSL_ENCODER_CTX_set_params(OSSL_ENCODER_CTX *ctx,
+ const OSSL_PARAM params[]);
+void OSSL_ENCODER_CTX_free(OSSL_ENCODER_CTX *ctx);
+
+/* Utilities that help set specific parameters */
+int OSSL_ENCODER_CTX_set_passphrase(OSSL_ENCODER_CTX *ctx,
+ const unsigned char *kstr, size_t klen);
+int OSSL_ENCODER_CTX_set_pem_password_cb(OSSL_ENCODER_CTX *ctx,
+ pem_password_cb *cb, void *cbarg);
+int OSSL_ENCODER_CTX_set_passphrase_cb(OSSL_ENCODER_CTX *ctx,
+ OSSL_PASSPHRASE_CALLBACK *cb,
+ void *cbarg);
+int OSSL_ENCODER_CTX_set_passphrase_ui(OSSL_ENCODER_CTX *ctx,
+ const UI_METHOD *ui_method,
+ void *ui_data);
+int OSSL_ENCODER_CTX_set_cipher(OSSL_ENCODER_CTX *ctx,
+ const char *cipher_name,
+ const char *propquery);
+int OSSL_ENCODER_CTX_set_selection(OSSL_ENCODER_CTX *ctx, int selection);
+int OSSL_ENCODER_CTX_set_output_type(OSSL_ENCODER_CTX *ctx,
+ const char *output_type);
+int OSSL_ENCODER_CTX_set_output_structure(OSSL_ENCODER_CTX *ctx,
+ const char *output_structure);
+
+/* Utilities to add encoders */
+int OSSL_ENCODER_CTX_add_encoder(OSSL_ENCODER_CTX *ctx, OSSL_ENCODER *encoder);
+int OSSL_ENCODER_CTX_add_extra(OSSL_ENCODER_CTX *ctx,
+ OSSL_LIB_CTX *libctx, const char *propq);
+int OSSL_ENCODER_CTX_get_num_encoders(OSSL_ENCODER_CTX *ctx);
+
+typedef struct ossl_encoder_instance_st OSSL_ENCODER_INSTANCE;
+OSSL_ENCODER *
+OSSL_ENCODER_INSTANCE_get_encoder(OSSL_ENCODER_INSTANCE *encoder_inst);
+void *
+OSSL_ENCODER_INSTANCE_get_encoder_ctx(OSSL_ENCODER_INSTANCE *encoder_inst);
+const char *
+OSSL_ENCODER_INSTANCE_get_output_type(OSSL_ENCODER_INSTANCE *encoder_inst);
+const char *
+OSSL_ENCODER_INSTANCE_get_output_structure(OSSL_ENCODER_INSTANCE *encoder_inst);
+
+typedef const void *OSSL_ENCODER_CONSTRUCT(OSSL_ENCODER_INSTANCE *encoder_inst,
+ void *construct_data);
+typedef void OSSL_ENCODER_CLEANUP(void *construct_data);
+
+int OSSL_ENCODER_CTX_set_construct(OSSL_ENCODER_CTX *ctx,
+ OSSL_ENCODER_CONSTRUCT *construct);
+int OSSL_ENCODER_CTX_set_construct_data(OSSL_ENCODER_CTX *ctx,
+ void *construct_data);
+int OSSL_ENCODER_CTX_set_cleanup(OSSL_ENCODER_CTX *ctx,
+ OSSL_ENCODER_CLEANUP *cleanup);
+
+/* Utilities to output the object to encode */
+int OSSL_ENCODER_to_bio(OSSL_ENCODER_CTX *ctx, BIO *out);
+#ifndef OPENSSL_NO_STDIO
+int OSSL_ENCODER_to_fp(OSSL_ENCODER_CTX *ctx, FILE *fp);
+#endif
+int OSSL_ENCODER_to_data(OSSL_ENCODER_CTX *ctx, unsigned char **pdata,
+ size_t *pdata_len);
+
+/*
+ * Create the OSSL_ENCODER_CTX with an associated type. This will perform
+ * an implicit OSSL_ENCODER_fetch(), suitable for the object of that type.
+ * This is more useful than calling OSSL_ENCODER_CTX_new().
+ */
+OSSL_ENCODER_CTX *OSSL_ENCODER_CTX_new_for_pkey(const EVP_PKEY *pkey,
+ int selection,
+ const char *output_type,
+ const char *output_struct,
+ const char *propquery);
+
+# ifdef __cplusplus
+}
+# endif
+#endif
diff --git a/openssl/include/openssl/encodererr.h b/openssl/include/openssl/encodererr.h
new file mode 100755
index 00000000..ab413f8b
--- /dev/null
+++ b/openssl/include/openssl/encodererr.h
@@ -0,0 +1,28 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_ENCODERERR_H
+# define OPENSSL_ENCODERERR_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+# include <openssl/cryptoerr_legacy.h>
+
+
+
+/*
+ * OSSL_ENCODER reason codes.
+ */
+# define OSSL_ENCODER_R_ENCODER_NOT_FOUND 101
+# define OSSL_ENCODER_R_INCORRECT_PROPERTY_QUERY 100
+# define OSSL_ENCODER_R_MISSING_GET_PARAMS 102
+
+#endif
diff --git a/openssl/include/openssl/engine.h b/openssl/include/openssl/engine.h
index 2aa3a22c..55d45773 100644..100755
--- a/openssl/include/openssl/engine.h
+++ b/openssl/include/openssl/engine.h
@@ -1,5 +1,5 @@
/*
- * Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
@@ -20,40 +20,40 @@
# include <openssl/opensslconf.h>
# ifndef OPENSSL_NO_ENGINE
-# ifndef OPENSSL_NO_DEPRECATED_1_1_0
-# include <openssl/bn.h>
-# include <openssl/rsa.h>
-# include <openssl/dsa.h>
-# include <openssl/dh.h>
-# include <openssl/ec.h>
-# include <openssl/rand.h>
-# include <openssl/ui.h>
-# include <openssl/err.h>
-# endif
-# include <openssl/types.h>
-# include <openssl/symhacks.h>
-# include <openssl/x509.h>
-# include <openssl/engineerr.h>
-# ifdef __cplusplus
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# include <openssl/bn.h>
+# include <openssl/rsa.h>
+# include <openssl/dsa.h>
+# include <openssl/dh.h>
+# include <openssl/ec.h>
+# include <openssl/rand.h>
+# include <openssl/ui.h>
+# include <openssl/err.h>
+# endif
+# include <openssl/types.h>
+# include <openssl/symhacks.h>
+# include <openssl/x509.h>
+# include <openssl/engineerr.h>
+# ifdef __cplusplus
extern "C" {
-# endif
+# endif
/*
* These flags are used to control combinations of algorithm (methods) by
* bitwise "OR"ing.
*/
-# define ENGINE_METHOD_RSA (unsigned int)0x0001
-# define ENGINE_METHOD_DSA (unsigned int)0x0002
-# define ENGINE_METHOD_DH (unsigned int)0x0004
-# define ENGINE_METHOD_RAND (unsigned int)0x0008
-# define ENGINE_METHOD_CIPHERS (unsigned int)0x0040
-# define ENGINE_METHOD_DIGESTS (unsigned int)0x0080
-# define ENGINE_METHOD_PKEY_METHS (unsigned int)0x0200
-# define ENGINE_METHOD_PKEY_ASN1_METHS (unsigned int)0x0400
-# define ENGINE_METHOD_EC (unsigned int)0x0800
+# define ENGINE_METHOD_RSA (unsigned int)0x0001
+# define ENGINE_METHOD_DSA (unsigned int)0x0002
+# define ENGINE_METHOD_DH (unsigned int)0x0004
+# define ENGINE_METHOD_RAND (unsigned int)0x0008
+# define ENGINE_METHOD_CIPHERS (unsigned int)0x0040
+# define ENGINE_METHOD_DIGESTS (unsigned int)0x0080
+# define ENGINE_METHOD_PKEY_METHS (unsigned int)0x0200
+# define ENGINE_METHOD_PKEY_ASN1_METHS (unsigned int)0x0400
+# define ENGINE_METHOD_EC (unsigned int)0x0800
/* Obvious all-or-nothing cases. */
-# define ENGINE_METHOD_ALL (unsigned int)0xFFFF
-# define ENGINE_METHOD_NONE (unsigned int)0x0000
+# define ENGINE_METHOD_ALL (unsigned int)0xFFFF
+# define ENGINE_METHOD_NONE (unsigned int)0x0000
/*
* This(ese) flag(s) controls behaviour of the ENGINE_TABLE mechanism used
@@ -61,7 +61,7 @@ extern "C" {
* set by ENGINE_set_table_flags(). The "NOINIT" flag prevents attempts to
* initialise registered ENGINEs if they are not already initialised.
*/
-# define ENGINE_TABLE_FLAG_NOINIT (unsigned int)0x0001
+# define ENGINE_TABLE_FLAG_NOINIT (unsigned int)0x0001
/* ENGINE flags that can be set by ENGINE_set_flags(). */
/* Not used */
@@ -73,7 +73,7 @@ extern "C" {
* these control commands on behalf of the ENGINE using their "cmd_defns"
* data.
*/
-# define ENGINE_FLAGS_MANUAL_CMD_CTRL (int)0x0002
+# define ENGINE_FLAGS_MANUAL_CMD_CTRL (int)0x0002
/*
* This flag is for ENGINEs who return new duplicate structures when found
@@ -85,7 +85,7 @@ extern "C" {
* ENGINE_by_id() just increments the existing ENGINE's structural reference
* count.
*/
-# define ENGINE_FLAGS_BY_ID_COPY (int)0x0004
+# define ENGINE_FLAGS_BY_ID_COPY (int)0x0004
/*
* This flag if for an ENGINE that does not want its methods registered as
@@ -93,7 +93,7 @@ extern "C" {
* usable as default methods.
*/
-# define ENGINE_FLAGS_NO_REGISTER_ALL (int)0x0008
+# define ENGINE_FLAGS_NO_REGISTER_ALL (int)0x0008
/*
* ENGINEs can support their own command types, and these flags are used in
@@ -108,23 +108,23 @@ extern "C" {
*/
/* accepts a 'long' input value (3rd parameter to ENGINE_ctrl) */
-# define ENGINE_CMD_FLAG_NUMERIC (unsigned int)0x0001
+# define ENGINE_CMD_FLAG_NUMERIC (unsigned int)0x0001
/*
* accepts string input (cast from 'void*' to 'const char *', 4th parameter
* to ENGINE_ctrl)
*/
-# define ENGINE_CMD_FLAG_STRING (unsigned int)0x0002
+# define ENGINE_CMD_FLAG_STRING (unsigned int)0x0002
/*
* Indicates that the control command takes *no* input. Ie. the control
* command is unparameterised.
*/
-# define ENGINE_CMD_FLAG_NO_INPUT (unsigned int)0x0004
+# define ENGINE_CMD_FLAG_NO_INPUT (unsigned int)0x0004
/*
* Indicates that the control command is internal. This control command won't
* be shown in any output, and is only usable through the ENGINE_ctrl_cmd()
* function.
*/
-# define ENGINE_CMD_FLAG_INTERNAL (unsigned int)0x0008
+# define ENGINE_CMD_FLAG_INTERNAL (unsigned int)0x0008
/*
* NB: These 3 control commands are deprecated and should not be used.
@@ -143,21 +143,21 @@ extern "C" {
* sense to some engines. In such a case, they do nothing but return the
* error ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED.
*/
-# define ENGINE_CTRL_SET_LOGSTREAM 1
-# define ENGINE_CTRL_SET_PASSWORD_CALLBACK 2
-# define ENGINE_CTRL_HUP 3/* Close and reinitialise
+# define ENGINE_CTRL_SET_LOGSTREAM 1
+# define ENGINE_CTRL_SET_PASSWORD_CALLBACK 2
+# define ENGINE_CTRL_HUP 3/* Close and reinitialise
* any handles/connections
* etc. */
-# define ENGINE_CTRL_SET_USER_INTERFACE 4/* Alternative to callback */
-# define ENGINE_CTRL_SET_CALLBACK_DATA 5/* User-specific data, used
+# define ENGINE_CTRL_SET_USER_INTERFACE 4/* Alternative to callback */
+# define ENGINE_CTRL_SET_CALLBACK_DATA 5/* User-specific data, used
* when calling the password
* callback and the user
* interface */
-# define ENGINE_CTRL_LOAD_CONFIGURATION 6/* Load a configuration,
+# define ENGINE_CTRL_LOAD_CONFIGURATION 6/* Load a configuration,
* given a string that
* represents a file name
* or so */
-# define ENGINE_CTRL_LOAD_SECTION 7/* Load data from a given
+# define ENGINE_CTRL_LOAD_SECTION 7/* Load data from a given
* section in the already
* loaded configuration */
@@ -181,22 +181,22 @@ extern "C" {
* worth checking this first if the caller is trying to "discover" the
* engine's capabilities and doesn't want errors generated unnecessarily.
*/
-# define ENGINE_CTRL_HAS_CTRL_FUNCTION 10
+# define ENGINE_CTRL_HAS_CTRL_FUNCTION 10
/*
* Returns a positive command number for the first command supported by the
* engine. Returns zero if no ctrl commands are supported.
*/
-# define ENGINE_CTRL_GET_FIRST_CMD_TYPE 11
+# define ENGINE_CTRL_GET_FIRST_CMD_TYPE 11
/*
* The 'long' argument specifies a command implemented by the engine, and the
* return value is the next command supported, or zero if there are no more.
*/
-# define ENGINE_CTRL_GET_NEXT_CMD_TYPE 12
+# define ENGINE_CTRL_GET_NEXT_CMD_TYPE 12
/*
* The 'void*' argument is a command name (cast from 'const char *'), and the
* return value is the command that corresponds to it.
*/
-# define ENGINE_CTRL_GET_CMD_FROM_NAME 13
+# define ENGINE_CTRL_GET_CMD_FROM_NAME 13
/*
* The next two allow a command to be converted into its corresponding string
* form. In each case, the 'long' argument supplies the command. In the
@@ -205,23 +205,23 @@ extern "C" {
* string buffer large enough, and it will be populated with the name of the
* command (WITH a trailing EOL).
*/
-# define ENGINE_CTRL_GET_NAME_LEN_FROM_CMD 14
-# define ENGINE_CTRL_GET_NAME_FROM_CMD 15
+# define ENGINE_CTRL_GET_NAME_LEN_FROM_CMD 14
+# define ENGINE_CTRL_GET_NAME_FROM_CMD 15
/* The next two are similar but give a "short description" of a command. */
-# define ENGINE_CTRL_GET_DESC_LEN_FROM_CMD 16
-# define ENGINE_CTRL_GET_DESC_FROM_CMD 17
+# define ENGINE_CTRL_GET_DESC_LEN_FROM_CMD 16
+# define ENGINE_CTRL_GET_DESC_FROM_CMD 17
/*
* With this command, the return value is the OR'd combination of
* ENGINE_CMD_FLAG_*** values that indicate what kind of input a given
* engine-specific ctrl command expects.
*/
-# define ENGINE_CTRL_GET_CMD_FLAGS 18
+# define ENGINE_CTRL_GET_CMD_FLAGS 18
/*
* ENGINE implementations should start the numbering of their own control
* commands from this value. (ie. ENGINE_CMD_BASE, ENGINE_CMD_BASE + 1, etc).
*/
-# define ENGINE_CMD_BASE 200
+# define ENGINE_CMD_BASE 200
/*
* NB: These 2 nCipher "chil" control commands are deprecated, and their
@@ -232,17 +232,17 @@ extern "C" {
*/
/* Flags specific to the nCipher "chil" engine */
-# define ENGINE_CTRL_CHIL_SET_FORKCHECK 100
- /*
- * Depending on the value of the (long)i argument, this sets or
- * unsets the SimpleForkCheck flag in the CHIL API to enable or
- * disable checking and workarounds for applications that fork().
- */
-# define ENGINE_CTRL_CHIL_NO_LOCKING 101
- /*
- * This prevents the initialisation function from providing mutex
- * callbacks to the nCipher library.
- */
+# define ENGINE_CTRL_CHIL_SET_FORKCHECK 100
+ /*
+ * Depending on the value of the (long)i argument, this sets or
+ * unsets the SimpleForkCheck flag in the CHIL API to enable or
+ * disable checking and workarounds for applications that fork().
+ */
+# define ENGINE_CTRL_CHIL_NO_LOCKING 101
+ /*
+ * This prevents the initialisation function from providing mutex
+ * callbacks to the nCipher library.
+ */
/*
* If an ENGINE supports its own specific control commands and wishes the
@@ -314,44 +314,58 @@ typedef int (*ENGINE_PKEY_ASN1_METHS_PTR) (ENGINE *, EVP_PKEY_ASN1_METHOD **,
*/
/* Get the first/last "ENGINE" type available. */
-ENGINE *ENGINE_get_first(void);
-ENGINE *ENGINE_get_last(void);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 ENGINE *ENGINE_get_first(void);
+OSSL_DEPRECATEDIN_3_0 ENGINE *ENGINE_get_last(void);
+# endif
/* Iterate to the next/previous "ENGINE" type (NULL = end of the list). */
-ENGINE *ENGINE_get_next(ENGINE *e);
-ENGINE *ENGINE_get_prev(ENGINE *e);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 ENGINE *ENGINE_get_next(ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 ENGINE *ENGINE_get_prev(ENGINE *e);
+# endif
/* Add another "ENGINE" type into the array. */
-int ENGINE_add(ENGINE *e);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int ENGINE_add(ENGINE *e);
+# endif
/* Remove an existing "ENGINE" type from the array. */
-int ENGINE_remove(ENGINE *e);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int ENGINE_remove(ENGINE *e);
+# endif
/* Retrieve an engine from the list by its unique "id" value. */
-ENGINE *ENGINE_by_id(const char *id);
-
-#ifndef OPENSSL_NO_DEPRECATED_1_1_0
-# define ENGINE_load_openssl() \
- OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_OPENSSL, NULL)
-# define ENGINE_load_dynamic() \
- OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_DYNAMIC, NULL)
-# ifndef OPENSSL_NO_STATIC_ENGINE
-# define ENGINE_load_padlock() \
- OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_PADLOCK, NULL)
-# define ENGINE_load_capi() \
- OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_CAPI, NULL)
-# define ENGINE_load_afalg() \
- OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_AFALG, NULL)
-# endif
-# define ENGINE_load_cryptodev() \
- OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_CRYPTODEV, NULL)
-# define ENGINE_load_rdrand() \
- OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_RDRAND, NULL)
-#endif
-void ENGINE_load_builtin_engines(void);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 ENGINE *ENGINE_by_id(const char *id);
+# endif
+
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# define ENGINE_load_openssl() \
+ OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_OPENSSL, NULL)
+# define ENGINE_load_dynamic() \
+ OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_DYNAMIC, NULL)
+# ifndef OPENSSL_NO_STATIC_ENGINE
+# define ENGINE_load_padlock() \
+ OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_PADLOCK, NULL)
+# define ENGINE_load_capi() \
+ OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_CAPI, NULL)
+# define ENGINE_load_afalg() \
+ OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_AFALG, NULL)
+# endif
+# define ENGINE_load_cryptodev() \
+ OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_CRYPTODEV, NULL)
+# define ENGINE_load_rdrand() \
+ OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_RDRAND, NULL)
+# endif
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 void ENGINE_load_builtin_engines(void);
+# endif
/*
* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation
* "registry" handling.
*/
-unsigned int ENGINE_get_table_flags(void);
-void ENGINE_set_table_flags(unsigned int flags);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 unsigned int ENGINE_get_table_flags(void);
+OSSL_DEPRECATEDIN_3_0 void ENGINE_set_table_flags(unsigned int flags);
+# endif
/*- Manage registration of ENGINEs per "table". For each type, there are 3
* functions;
@@ -360,42 +374,35 @@ void ENGINE_set_table_flags(unsigned int flags);
* ENGINE_register_all_***() - call ENGINE_register_***() for each 'e' in the list
* Cleanup is automatically registered from each table when required.
*/
-
-int ENGINE_register_RSA(ENGINE *e);
-void ENGINE_unregister_RSA(ENGINE *e);
-void ENGINE_register_all_RSA(void);
-
-int ENGINE_register_DSA(ENGINE *e);
-void ENGINE_unregister_DSA(ENGINE *e);
-void ENGINE_register_all_DSA(void);
-
-int ENGINE_register_EC(ENGINE *e);
-void ENGINE_unregister_EC(ENGINE *e);
-void ENGINE_register_all_EC(void);
-
-int ENGINE_register_DH(ENGINE *e);
-void ENGINE_unregister_DH(ENGINE *e);
-void ENGINE_register_all_DH(void);
-
-int ENGINE_register_RAND(ENGINE *e);
-void ENGINE_unregister_RAND(ENGINE *e);
-void ENGINE_register_all_RAND(void);
-
-int ENGINE_register_ciphers(ENGINE *e);
-void ENGINE_unregister_ciphers(ENGINE *e);
-void ENGINE_register_all_ciphers(void);
-
-int ENGINE_register_digests(ENGINE *e);
-void ENGINE_unregister_digests(ENGINE *e);
-void ENGINE_register_all_digests(void);
-
-int ENGINE_register_pkey_meths(ENGINE *e);
-void ENGINE_unregister_pkey_meths(ENGINE *e);
-void ENGINE_register_all_pkey_meths(void);
-
-int ENGINE_register_pkey_asn1_meths(ENGINE *e);
-void ENGINE_unregister_pkey_asn1_meths(ENGINE *e);
-void ENGINE_register_all_pkey_asn1_meths(void);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int ENGINE_register_RSA(ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 void ENGINE_unregister_RSA(ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 void ENGINE_register_all_RSA(void);
+OSSL_DEPRECATEDIN_3_0 int ENGINE_register_DSA(ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 void ENGINE_unregister_DSA(ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 void ENGINE_register_all_DSA(void);
+OSSL_DEPRECATEDIN_3_0 int ENGINE_register_EC(ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 void ENGINE_unregister_EC(ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 void ENGINE_register_all_EC(void);
+OSSL_DEPRECATEDIN_3_0 int ENGINE_register_DH(ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 void ENGINE_unregister_DH(ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 void ENGINE_register_all_DH(void);
+OSSL_DEPRECATEDIN_3_0 int ENGINE_register_RAND(ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 void ENGINE_unregister_RAND(ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 void ENGINE_register_all_RAND(void);
+OSSL_DEPRECATEDIN_3_0 int ENGINE_register_ciphers(ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 void ENGINE_unregister_ciphers(ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 void ENGINE_register_all_ciphers(void);
+OSSL_DEPRECATEDIN_3_0 int ENGINE_register_digests(ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 void ENGINE_unregister_digests(ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 void ENGINE_register_all_digests(void);
+OSSL_DEPRECATEDIN_3_0 int ENGINE_register_pkey_meths(ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 void ENGINE_unregister_pkey_meths(ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 void ENGINE_register_all_pkey_meths(void);
+OSSL_DEPRECATEDIN_3_0 int ENGINE_register_pkey_asn1_meths(ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 void ENGINE_unregister_pkey_asn1_meths(ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 void ENGINE_register_all_pkey_asn1_meths(void);
+# endif
/*
* These functions register all support from the above categories. Note, use
@@ -403,8 +410,10 @@ void ENGINE_register_all_pkey_asn1_meths(void);
* may not need. If you only need a subset of functionality, consider using
* more selective initialisation.
*/
-int ENGINE_register_complete(ENGINE *e);
-int ENGINE_register_all_complete(void);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int ENGINE_register_complete(ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 int ENGINE_register_all_complete(void);
+# endif
/*
* Send parameterised control commands to the engine. The possibilities to
@@ -416,7 +425,10 @@ int ENGINE_register_all_complete(void);
* commands that require an operational ENGINE, and only use functional
* references in such situations.
*/
-int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p,
+ void (*f) (void));
+# endif
/*
* This function tests if an ENGINE-specific command is usable as a
@@ -424,7 +436,9 @@ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
* ENGINE_ctrl_cmd_string(). If this returns zero, it is not available to
* ENGINE_ctrl_cmd_string(), only ENGINE_ctrl().
*/
-int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+# endif
/*
* This function works like ENGINE_ctrl() with the exception of taking a
@@ -432,8 +446,11 @@ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
* commands. See the comment on ENGINE_ctrl_cmd_string() for an explanation
* on how to use the cmd_name and cmd_optional.
*/
-int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
- long i, void *p, void (*f) (void), int cmd_optional);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+ long i, void *p, void (*f) (void),
+ int cmd_optional);
+# endif
/*
* This function passes a command-name and argument to an ENGINE. The
@@ -457,8 +474,11 @@ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
* applications can work consistently with the same configuration for the
* same ENGINE-enabled devices, across applications.
*/
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0
int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
int cmd_optional);
+# endif
/*
* These functions are useful for manufacturing new ENGINE structures. They
@@ -468,45 +488,59 @@ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
* These are also here so that the ENGINE structure doesn't have to be
* exposed and break binary compatibility!
*/
-ENGINE *ENGINE_new(void);
-int ENGINE_free(ENGINE *e);
-int ENGINE_up_ref(ENGINE *e);
-int ENGINE_set_id(ENGINE *e, const char *id);
-int ENGINE_set_name(ENGINE *e, const char *name);
-int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
-int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
-int ENGINE_set_EC(ENGINE *e, const EC_KEY_METHOD *ecdsa_meth);
-int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
-int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
-int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 ENGINE *ENGINE_new(void);
+OSSL_DEPRECATEDIN_3_0 int ENGINE_free(ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 int ENGINE_up_ref(ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 int ENGINE_set_id(ENGINE *e, const char *id);
+OSSL_DEPRECATEDIN_3_0 int ENGINE_set_name(ENGINE *e, const char *name);
+OSSL_DEPRECATEDIN_3_0 int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+OSSL_DEPRECATEDIN_3_0 int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+OSSL_DEPRECATEDIN_3_0 int ENGINE_set_EC(ENGINE *e, const EC_KEY_METHOD *ecdsa_meth);
+OSSL_DEPRECATEDIN_3_0 int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+OSSL_DEPRECATEDIN_3_0 int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+OSSL_DEPRECATEDIN_3_0
+int ENGINE_set_destroy_function(ENGINE *e,ENGINE_GEN_INT_FUNC_PTR destroy_f);
+OSSL_DEPRECATEDIN_3_0
int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+OSSL_DEPRECATEDIN_3_0
int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+OSSL_DEPRECATEDIN_3_0
int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
-int ENGINE_set_load_privkey_function(ENGINE *e,
- ENGINE_LOAD_KEY_PTR loadpriv_f);
+OSSL_DEPRECATEDIN_3_0
+int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+OSSL_DEPRECATEDIN_3_0
int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+OSSL_DEPRECATEDIN_3_0
int ENGINE_set_load_ssl_client_cert_function(ENGINE *e,
- ENGINE_SSL_CLIENT_CERT_PTR
- loadssl_f);
+ ENGINE_SSL_CLIENT_CERT_PTR loadssl_f);
+OSSL_DEPRECATEDIN_3_0
int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+OSSL_DEPRECATEDIN_3_0
int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+OSSL_DEPRECATEDIN_3_0
int ENGINE_set_pkey_meths(ENGINE *e, ENGINE_PKEY_METHS_PTR f);
+OSSL_DEPRECATEDIN_3_0
int ENGINE_set_pkey_asn1_meths(ENGINE *e, ENGINE_PKEY_ASN1_METHS_PTR f);
-int ENGINE_set_flags(ENGINE *e, int flags);
-int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+OSSL_DEPRECATEDIN_3_0 int ENGINE_set_flags(ENGINE *e, int flags);
+OSSL_DEPRECATEDIN_3_0 int ENGINE_set_cmd_defns(ENGINE *e,
+ const ENGINE_CMD_DEFN *defns);
+# endif
/* These functions allow control over any per-structure ENGINE data. */
-#define ENGINE_get_ex_new_index(l, p, newf, dupf, freef) \
+# define ENGINE_get_ex_new_index(l, p, newf, dupf, freef) \
CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ENGINE, l, p, newf, dupf, freef)
-int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg);
-void *ENGINE_get_ex_data(const ENGINE *e, int idx);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg);
+OSSL_DEPRECATEDIN_3_0 void *ENGINE_get_ex_data(const ENGINE *e, int idx);
+# endif
-#ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
/*
* This function previously cleaned up anything that needs it. Auto-deinit will
* now take care of it so it is no longer required to call this function.
*/
-# define ENGINE_cleanup() while(0) continue
-#endif
+# define ENGINE_cleanup() while(0) continue
+# endif
/*
* These return values from within the ENGINE structure. These can be useful
@@ -514,37 +548,55 @@ void *ENGINE_get_ex_data(const ENGINE *e, int idx);
* which you obtained. Using the result for functional purposes if you only
* obtained a structural reference may be problematic!
*/
-const char *ENGINE_get_id(const ENGINE *e);
-const char *ENGINE_get_name(const ENGINE *e);
-const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
-const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
-const EC_KEY_METHOD *ENGINE_get_EC(const ENGINE *e);
-const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
-const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 const char *ENGINE_get_id(const ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 const char *ENGINE_get_name(const ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 const EC_KEY_METHOD *ENGINE_get_EC(const ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+OSSL_DEPRECATEDIN_3_0
ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+OSSL_DEPRECATEDIN_3_0
ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+OSSL_DEPRECATEDIN_3_0
ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+OSSL_DEPRECATEDIN_3_0
ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+OSSL_DEPRECATEDIN_3_0
ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+OSSL_DEPRECATEDIN_3_0
ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
-ENGINE_SSL_CLIENT_CERT_PTR ENGINE_get_ssl_client_cert_function(const ENGINE
- *e);
+OSSL_DEPRECATEDIN_3_0
+ENGINE_SSL_CLIENT_CERT_PTR ENGINE_get_ssl_client_cert_function(const ENGINE *e);
+OSSL_DEPRECATEDIN_3_0
ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+OSSL_DEPRECATEDIN_3_0
ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+OSSL_DEPRECATEDIN_3_0
ENGINE_PKEY_METHS_PTR ENGINE_get_pkey_meths(const ENGINE *e);
+OSSL_DEPRECATEDIN_3_0
ENGINE_PKEY_ASN1_METHS_PTR ENGINE_get_pkey_asn1_meths(const ENGINE *e);
+OSSL_DEPRECATEDIN_3_0
const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+OSSL_DEPRECATEDIN_3_0
const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+OSSL_DEPRECATEDIN_3_0
const EVP_PKEY_METHOD *ENGINE_get_pkey_meth(ENGINE *e, int nid);
+OSSL_DEPRECATEDIN_3_0
const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth(ENGINE *e, int nid);
+OSSL_DEPRECATEDIN_3_0
const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth_str(ENGINE *e,
const char *str,
int len);
+OSSL_DEPRECATEDIN_3_0
const EVP_PKEY_ASN1_METHOD *ENGINE_pkey_asn1_find_str(ENGINE **pe,
- const char *str,
- int len);
+ const char *str, int len);
+OSSL_DEPRECATEDIN_3_0
const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
-int ENGINE_get_flags(const ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 int ENGINE_get_flags(const ENGINE *e);
+# endif
/*
* FUNCTIONAL functions. These functions deal with ENGINE structures that
@@ -564,27 +616,36 @@ int ENGINE_get_flags(const ENGINE *e);
* already in use). This will fail if the engine is not currently operational
* and cannot initialise.
*/
-int ENGINE_init(ENGINE *e);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int ENGINE_init(ENGINE *e);
+# endif
/*
* Free a functional reference to a engine type. This does not require a
* corresponding call to ENGINE_free as it also releases a structural
* reference.
*/
-int ENGINE_finish(ENGINE *e);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int ENGINE_finish(ENGINE *e);
+# endif
/*
* The following functions handle keys that are stored in some secondary
* location, handled by the engine. The storage may be on a card or
* whatever.
*/
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0
EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
UI_METHOD *ui_method, void *callback_data);
+OSSL_DEPRECATEDIN_3_0
EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
UI_METHOD *ui_method, void *callback_data);
-int ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s,
- STACK_OF(X509_NAME) *ca_dn, X509 **pcert,
- EVP_PKEY **ppkey, STACK_OF(X509) **pother,
+OSSL_DEPRECATEDIN_3_0
+int ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s, STACK_OF(X509_NAME) *ca_dn,
+ X509 **pcert, EVP_PKEY **ppkey,
+ STACK_OF(X509) **pother,
UI_METHOD *ui_method, void *callback_data);
+# endif
/*
* This returns a pointer for the current ENGINE structure that is (by
@@ -592,20 +653,26 @@ int ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s,
* incremented reference, so it should be free'd (ENGINE_finish) before it is
* discarded.
*/
-ENGINE *ENGINE_get_default_RSA(void);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 ENGINE *ENGINE_get_default_RSA(void);
+# endif
/* Same for the other "methods" */
-ENGINE *ENGINE_get_default_DSA(void);
-ENGINE *ENGINE_get_default_EC(void);
-ENGINE *ENGINE_get_default_DH(void);
-ENGINE *ENGINE_get_default_RAND(void);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 ENGINE *ENGINE_get_default_DSA(void);
+OSSL_DEPRECATEDIN_3_0 ENGINE *ENGINE_get_default_EC(void);
+OSSL_DEPRECATEDIN_3_0 ENGINE *ENGINE_get_default_DH(void);
+OSSL_DEPRECATEDIN_3_0 ENGINE *ENGINE_get_default_RAND(void);
+# endif
/*
* These functions can be used to get a functional reference to perform
* ciphering or digesting corresponding to "nid".
*/
-ENGINE *ENGINE_get_cipher_engine(int nid);
-ENGINE *ENGINE_get_digest_engine(int nid);
-ENGINE *ENGINE_get_pkey_meth_engine(int nid);
-ENGINE *ENGINE_get_pkey_asn1_meth_engine(int nid);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 ENGINE *ENGINE_get_cipher_engine(int nid);
+OSSL_DEPRECATEDIN_3_0 ENGINE *ENGINE_get_digest_engine(int nid);
+OSSL_DEPRECATEDIN_3_0 ENGINE *ENGINE_get_pkey_meth_engine(int nid);
+OSSL_DEPRECATEDIN_3_0 ENGINE *ENGINE_get_pkey_asn1_meth_engine(int nid);
+# endif
/*
* This sets a new default ENGINE structure for performing RSA operations. If
@@ -613,17 +680,22 @@ ENGINE *ENGINE_get_pkey_asn1_meth_engine(int nid);
* its reference count up'd so the caller should still free their own
* reference 'e'.
*/
-int ENGINE_set_default_RSA(ENGINE *e);
-int ENGINE_set_default_string(ENGINE *e, const char *def_list);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int ENGINE_set_default_RSA(ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 int ENGINE_set_default_string(ENGINE *e,
+ const char *def_list);
+# endif
/* Same for the other "methods" */
-int ENGINE_set_default_DSA(ENGINE *e);
-int ENGINE_set_default_EC(ENGINE *e);
-int ENGINE_set_default_DH(ENGINE *e);
-int ENGINE_set_default_RAND(ENGINE *e);
-int ENGINE_set_default_ciphers(ENGINE *e);
-int ENGINE_set_default_digests(ENGINE *e);
-int ENGINE_set_default_pkey_meths(ENGINE *e);
-int ENGINE_set_default_pkey_asn1_meths(ENGINE *e);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int ENGINE_set_default_DSA(ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 int ENGINE_set_default_EC(ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 int ENGINE_set_default_DH(ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 int ENGINE_set_default_RAND(ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 int ENGINE_set_default_ciphers(ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 int ENGINE_set_default_digests(ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 int ENGINE_set_default_pkey_meths(ENGINE *e);
+OSSL_DEPRECATEDIN_3_0 int ENGINE_set_default_pkey_asn1_meths(ENGINE *e);
+# endif
/*
* The combination "set" - the flags are bitwise "OR"d from the
@@ -632,9 +704,10 @@ int ENGINE_set_default_pkey_asn1_meths(ENGINE *e);
* application requires only specific functionality, consider using more
* selective functions.
*/
-int ENGINE_set_default(ENGINE *e, unsigned int flags);
-
-void ENGINE_add_conf_module(void);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int ENGINE_set_default(ENGINE *e, unsigned int flags);
+OSSL_DEPRECATEDIN_3_0 void ENGINE_add_conf_module(void);
+# endif
/* Deprecated functions ... */
/* int ENGINE_clear_defaults(void); */
@@ -644,12 +717,12 @@ void ENGINE_add_conf_module(void);
/**************************/
/* Binary/behaviour compatibility levels */
-# define OSSL_DYNAMIC_VERSION (unsigned long)0x00030000
+# define OSSL_DYNAMIC_VERSION (unsigned long)0x00030000
/*
* Binary versions older than this are too old for us (whether we're a loader
* or a loadee)
*/
-# define OSSL_DYNAMIC_OLDEST (unsigned long)0x00030000
+# define OSSL_DYNAMIC_OLDEST (unsigned long)0x00030000
/*
* When compiling an ENGINE entirely as an external shared library, loadable
@@ -693,7 +766,7 @@ typedef struct st_dynamic_fns {
* IMPLEMENT_DYNAMIC_CHECK_FN().
*/
typedef unsigned long (*dynamic_v_check_fn) (unsigned long ossl_version);
-# define IMPLEMENT_DYNAMIC_CHECK_FN() \
+# define IMPLEMENT_DYNAMIC_CHECK_FN() \
OPENSSL_EXPORT unsigned long v_check(unsigned long v); \
OPENSSL_EXPORT unsigned long v_check(unsigned long v) { \
if (v >= OSSL_DYNAMIC_OLDEST) return OSSL_DYNAMIC_VERSION; \
@@ -719,7 +792,7 @@ typedef unsigned long (*dynamic_v_check_fn) (unsigned long ossl_version);
*/
typedef int (*dynamic_bind_engine) (ENGINE *e, const char *id,
const dynamic_fns *fns);
-# define IMPLEMENT_DYNAMIC_BIND_FN(fn) \
+# define IMPLEMENT_DYNAMIC_BIND_FN(fn) \
OPENSSL_EXPORT \
int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns); \
OPENSSL_EXPORT \
@@ -745,13 +818,15 @@ typedef int (*dynamic_bind_engine) (ENGINE *e, const char *id,
*/
void *ENGINE_get_static_state(void);
-# if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(__DragonFly__)
-DEPRECATEDIN_1_1_0(void ENGINE_setup_bsd_cryptodev(void))
-# endif
+# if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(__DragonFly__)
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+OSSL_DEPRECATEDIN_1_1_0 void ENGINE_setup_bsd_cryptodev(void);
+# endif
+# endif
# ifdef __cplusplus
}
# endif
-# endif
-#endif
+# endif /* OPENSSL_NO_ENGINE */
+#endif /* OPENSSL_ENGINE_H */
diff --git a/openssl/include/openssl/engineerr.h b/openssl/include/openssl/engineerr.h
index b424afd4..1cfc690f 100644..100755
--- a/openssl/include/openssl/engineerr.h
+++ b/openssl/include/openssl/engineerr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -14,62 +14,11 @@
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
+# include <openssl/cryptoerr_legacy.h>
-# include <openssl/opensslconf.h>
-
# ifndef OPENSSL_NO_ENGINE
-# ifdef __cplusplus
-extern "C"
-# endif
-int ERR_load_ENGINE_strings(void);
-
-/*
- * ENGINE function codes.
- */
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define ENGINE_F_DIGEST_UPDATE 0
-# define ENGINE_F_DYNAMIC_CTRL 0
-# define ENGINE_F_DYNAMIC_GET_DATA_CTX 0
-# define ENGINE_F_DYNAMIC_LOAD 0
-# define ENGINE_F_DYNAMIC_SET_DATA_CTX 0
-# define ENGINE_F_ENGINE_ADD 0
-# define ENGINE_F_ENGINE_BY_ID 0
-# define ENGINE_F_ENGINE_CMD_IS_EXECUTABLE 0
-# define ENGINE_F_ENGINE_CTRL 0
-# define ENGINE_F_ENGINE_CTRL_CMD 0
-# define ENGINE_F_ENGINE_CTRL_CMD_STRING 0
-# define ENGINE_F_ENGINE_FINISH 0
-# define ENGINE_F_ENGINE_GET_CIPHER 0
-# define ENGINE_F_ENGINE_GET_DIGEST 0
-# define ENGINE_F_ENGINE_GET_FIRST 0
-# define ENGINE_F_ENGINE_GET_LAST 0
-# define ENGINE_F_ENGINE_GET_NEXT 0
-# define ENGINE_F_ENGINE_GET_PKEY_ASN1_METH 0
-# define ENGINE_F_ENGINE_GET_PKEY_METH 0
-# define ENGINE_F_ENGINE_GET_PREV 0
-# define ENGINE_F_ENGINE_INIT 0
-# define ENGINE_F_ENGINE_LIST_ADD 0
-# define ENGINE_F_ENGINE_LIST_REMOVE 0
-# define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY 0
-# define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY 0
-# define ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT 0
-# define ENGINE_F_ENGINE_NEW 0
-# define ENGINE_F_ENGINE_PKEY_ASN1_FIND_STR 0
-# define ENGINE_F_ENGINE_REMOVE 0
-# define ENGINE_F_ENGINE_SET_DEFAULT_STRING 0
-# define ENGINE_F_ENGINE_SET_ID 0
-# define ENGINE_F_ENGINE_SET_NAME 0
-# define ENGINE_F_ENGINE_TABLE_REGISTER 0
-# define ENGINE_F_ENGINE_UNLOCKED_FINISH 0
-# define ENGINE_F_ENGINE_UP_REF 0
-# define ENGINE_F_INT_CLEANUP_ITEM 0
-# define ENGINE_F_INT_CTRL_HELPER 0
-# define ENGINE_F_INT_ENGINE_CONFIGURE 0
-# define ENGINE_F_INT_ENGINE_MODULE_INIT 0
-# define ENGINE_F_OSSL_HMAC_INIT 0
-# endif
/*
* ENGINE reason codes.
diff --git a/openssl/include/openssl/err.h b/openssl/include/openssl/err.h
index c41517c7..2ca5b0ad 100644..100755
--- a/openssl/include/openssl/err.h
+++ b/openssl/include/openssl/err.h
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -7,6 +7,8 @@
* https://www.openssl.org/source/license.html
*/
+
+
#ifndef OPENSSL_ERR_H
# define OPENSSL_ERR_H
# pragma once
@@ -26,6 +28,7 @@
# include <openssl/types.h>
# include <openssl/bio.h>
# include <openssl/lhash.h>
+# include <openssl/cryptoerr_legacy.h>
#ifdef __cplusplus
extern "C" {
@@ -39,6 +42,7 @@ extern "C" {
# endif
# endif
+# include <limits.h>
# include <errno.h>
# define ERR_TXT_MALLOCED 0x01
@@ -51,13 +55,14 @@ extern "C" {
# define ERR_NUM_ERRORS 16
struct err_state_st {
int err_flags[ERR_NUM_ERRORS];
+ int err_marks[ERR_NUM_ERRORS];
unsigned long err_buffer[ERR_NUM_ERRORS];
char *err_data[ERR_NUM_ERRORS];
size_t err_data_size[ERR_NUM_ERRORS];
int err_data_flags[ERR_NUM_ERRORS];
- const char *err_file[ERR_NUM_ERRORS];
+ char *err_file[ERR_NUM_ERRORS];
int err_line[ERR_NUM_ERRORS];
- const char *err_func[ERR_NUM_ERRORS];
+ char *err_func[ERR_NUM_ERRORS];
int top, bottom;
};
# endif
@@ -112,12 +117,13 @@ struct err_state_st {
# define ERR_LIB_CRMF 56
# define ERR_LIB_PROV 57
# define ERR_LIB_CMP 58
-# define ERR_LIB_OSSL_SERIALIZER 59
-# define ERR_LIB_HTTP 60
+# define ERR_LIB_OSSL_ENCODER 59
+# define ERR_LIB_OSSL_DECODER 60
+# define ERR_LIB_HTTP 61
# define ERR_LIB_USER 128
-# if 1 || !defined(OPENSSL_NO_DEPRECATED_3_0)
+# ifndef OPENSSL_NO_DEPRECATED_3_0
# define ASN1err(f, r) ERR_raise_data(ERR_LIB_ASN1, (r), NULL)
# define ASYNCerr(f, r) ERR_raise_data(ERR_LIB_ASYNC, (r), NULL)
# define BIOerr(f, r) ERR_raise_data(ERR_LIB_BIO, (r), NULL)
@@ -163,14 +169,115 @@ struct err_state_st {
# define X509err(f, r) ERR_raise_data(ERR_LIB_X509, (r), NULL)
# endif
-# define ERR_PACK(l,f,r) ( \
- (((unsigned int)(l) & 0x0FF) << 24L) | \
- (((unsigned int)(f) & 0xFFF) << 12L) | \
- (((unsigned int)(r) & 0xFFF) ) )
-# define ERR_GET_LIB(l) (int)(((l) >> 24L) & 0x0FFL)
-# define ERR_GET_FUNC(l) (int)(((l) >> 12L) & 0xFFFL)
-# define ERR_GET_REASON(l) (int)( (l) & 0xFFFL)
-# define ERR_FATAL_ERROR(l) (int)( (l) & ERR_R_FATAL)
+/*-
+ * The error code packs differently depending on if it records a system
+ * error or an OpenSSL error.
+ *
+ * A system error packs like this (we follow POSIX and only allow positive
+ * numbers that fit in an |int|):
+ *
+ * +-+-------------------------------------------------------------+
+ * |1| system error number |
+ * +-+-------------------------------------------------------------+
+ *
+ * An OpenSSL error packs like this:
+ *
+ * <---------------------------- 32 bits -------------------------->
+ * <--- 8 bits ---><------------------ 23 bits ----------------->
+ * +-+---------------+---------------------------------------------+
+ * |0| library | reason |
+ * +-+---------------+---------------------------------------------+
+ *
+ * A few of the reason bits are reserved as flags with special meaning:
+ *
+ * <5 bits-<>--------- 19 bits ----------------->
+ * +-------+-+-----------------------------------+
+ * | rflags| | reason |
+ * +-------+-+-----------------------------------+
+ * ^
+ * |
+ * ERR_RFLAG_FATAL = ERR_R_FATAL
+ *
+ * The reason flags are part of the overall reason code for practical
+ * reasons, as they provide an easy way to place different types of
+ * reason codes in different numeric ranges.
+ *
+ * The currently known reason flags are:
+ *
+ * ERR_RFLAG_FATAL Flags that the reason code is considered fatal.
+ * For backward compatibility reasons, this flag
+ * is also the code for ERR_R_FATAL (that reason
+ * code served the dual purpose of flag and reason
+ * code in one in pre-3.0 OpenSSL).
+ * ERR_RFLAG_COMMON Flags that the reason code is common to all
+ * libraries. All ERR_R_ macros must use this flag,
+ * and no other _R_ macro is allowed to use it.
+ */
+
+/* Macros to help decode recorded system errors */
+# define ERR_SYSTEM_FLAG ((unsigned int)INT_MAX + 1)
+# define ERR_SYSTEM_MASK ((unsigned int)INT_MAX)
+
+/*
+ * Macros to help decode recorded OpenSSL errors
+ * As expressed above, RFLAGS and REASON overlap by one bit to allow
+ * ERR_R_FATAL to use ERR_RFLAG_FATAL as its reason code.
+ */
+# define ERR_LIB_OFFSET 23L
+# define ERR_LIB_MASK 0xFF
+# define ERR_RFLAGS_OFFSET 18L
+# define ERR_RFLAGS_MASK 0x1F
+# define ERR_REASON_MASK 0X7FFFFF
+
+/*
+ * Reason flags are defined pre-shifted to easily combine with the reason
+ * number.
+ */
+# define ERR_RFLAG_FATAL (0x1 << ERR_RFLAGS_OFFSET)
+# define ERR_RFLAG_COMMON (0x2 << ERR_RFLAGS_OFFSET)
+
+# define ERR_SYSTEM_ERROR(errcode) (((errcode) & ERR_SYSTEM_FLAG) != 0)
+
+static ossl_unused ossl_inline int ERR_GET_LIB(unsigned long errcode)
+{
+ if (ERR_SYSTEM_ERROR(errcode))
+ return ERR_LIB_SYS;
+ return (errcode >> ERR_LIB_OFFSET) & ERR_LIB_MASK;
+}
+
+static ossl_unused ossl_inline int ERR_GET_RFLAGS(unsigned long errcode)
+{
+ if (ERR_SYSTEM_ERROR(errcode))
+ return 0;
+ return errcode & (ERR_RFLAGS_MASK << ERR_RFLAGS_OFFSET);
+}
+
+static ossl_unused ossl_inline int ERR_GET_REASON(unsigned long errcode)
+{
+ if (ERR_SYSTEM_ERROR(errcode))
+ return errcode & ERR_SYSTEM_MASK;
+ return errcode & ERR_REASON_MASK;
+}
+
+static ossl_unused ossl_inline int ERR_FATAL_ERROR(unsigned long errcode)
+{
+ return (ERR_GET_RFLAGS(errcode) & ERR_RFLAG_FATAL) != 0;
+}
+
+static ossl_unused ossl_inline int ERR_COMMON_ERROR(unsigned long errcode)
+{
+ return (ERR_GET_RFLAGS(errcode) & ERR_RFLAG_COMMON) != 0;
+}
+
+/*
+ * ERR_PACK is a helper macro to properly pack OpenSSL error codes and may
+ * only be used for that purpose. System errors are packed internally.
+ * ERR_PACK takes reason flags and reason code combined in |reason|.
+ * ERR_PACK ignores |func|, that parameter is just legacy from pre-3.0 OpenSSL.
+ */
+# define ERR_PACK(lib,func,reason) \
+ ( (((unsigned long)(lib) & ERR_LIB_MASK ) << ERR_LIB_OFFSET) | \
+ (((unsigned long)(reason) & ERR_REASON_MASK)) )
# ifndef OPENSSL_NO_DEPRECATED_3_0
# define SYS_F_FOPEN 0
@@ -200,54 +307,74 @@ struct err_state_st {
# define SYS_F_SENDFILE 0
# endif
-/* reasons */
-# define ERR_R_SYS_LIB ERR_LIB_SYS/* 2 */
-# define ERR_R_BN_LIB ERR_LIB_BN/* 3 */
-# define ERR_R_RSA_LIB ERR_LIB_RSA/* 4 */
-# define ERR_R_DH_LIB ERR_LIB_DH/* 5 */
-# define ERR_R_EVP_LIB ERR_LIB_EVP/* 6 */
-# define ERR_R_BUF_LIB ERR_LIB_BUF/* 7 */
-# define ERR_R_OBJ_LIB ERR_LIB_OBJ/* 8 */
-# define ERR_R_PEM_LIB ERR_LIB_PEM/* 9 */
-# define ERR_R_DSA_LIB ERR_LIB_DSA/* 10 */
-# define ERR_R_X509_LIB ERR_LIB_X509/* 11 */
-# define ERR_R_ASN1_LIB ERR_LIB_ASN1/* 13 */
-# define ERR_R_EC_LIB ERR_LIB_EC/* 16 */
-# define ERR_R_BIO_LIB ERR_LIB_BIO/* 32 */
-# define ERR_R_PKCS7_LIB ERR_LIB_PKCS7/* 33 */
-# define ERR_R_X509V3_LIB ERR_LIB_X509V3/* 34 */
-# define ERR_R_ENGINE_LIB ERR_LIB_ENGINE/* 38 */
-# define ERR_R_UI_LIB ERR_LIB_UI/* 40 */
-# define ERR_R_ECDSA_LIB ERR_LIB_ECDSA/* 42 */
-# define ERR_R_OSSL_STORE_LIB ERR_LIB_OSSL_STORE/* 44 */
-
-# define ERR_R_NESTED_ASN1_ERROR 58
-# define ERR_R_MISSING_ASN1_EOS 63
-
-/* fatal error */
-# define ERR_R_FATAL 64
-# define ERR_R_MALLOC_FAILURE (1|ERR_R_FATAL)
-# define ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED (2|ERR_R_FATAL)
-# define ERR_R_PASSED_NULL_PARAMETER (3|ERR_R_FATAL)
-# define ERR_R_INTERNAL_ERROR (4|ERR_R_FATAL)
-# define ERR_R_DISABLED (5|ERR_R_FATAL)
-# define ERR_R_INIT_FAIL (6|ERR_R_FATAL)
-# define ERR_R_PASSED_INVALID_ARGUMENT (7)
-# define ERR_R_OPERATION_FAIL (8|ERR_R_FATAL)
-# define ERR_R_INVALID_PROVIDER_FUNCTIONS (9|ERR_R_FATAL)
-# define ERR_R_INTERRUPTED_OR_CANCELLED (10)
-
/*
- * 99 is the maximum possible ERR_R_... code, higher values are reserved for
- * the individual libraries
+ * All ERR_R_ codes must be combined with ERR_RFLAG_COMMON.
*/
+/* "we came from here" global reason codes, range 1..255 */
+# define ERR_R_SYS_LIB (ERR_LIB_SYS/* 2 */ | ERR_RFLAG_COMMON)
+# define ERR_R_BN_LIB (ERR_LIB_BN/* 3 */ | ERR_RFLAG_COMMON)
+# define ERR_R_RSA_LIB (ERR_LIB_RSA/* 4 */ | ERR_RFLAG_COMMON)
+# define ERR_R_DH_LIB (ERR_LIB_DH/* 5 */ | ERR_RFLAG_COMMON)
+# define ERR_R_EVP_LIB (ERR_LIB_EVP/* 6 */ | ERR_RFLAG_COMMON)
+# define ERR_R_BUF_LIB (ERR_LIB_BUF/* 7 */ | ERR_RFLAG_COMMON)
+# define ERR_R_OBJ_LIB (ERR_LIB_OBJ/* 8 */ | ERR_RFLAG_COMMON)
+# define ERR_R_PEM_LIB (ERR_LIB_PEM/* 9 */ | ERR_RFLAG_COMMON)
+# define ERR_R_DSA_LIB (ERR_LIB_DSA/* 10 */ | ERR_RFLAG_COMMON)
+# define ERR_R_X509_LIB (ERR_LIB_X509/* 11 */ | ERR_RFLAG_COMMON)
+# define ERR_R_ASN1_LIB (ERR_LIB_ASN1/* 13 */ | ERR_RFLAG_COMMON)
+# define ERR_R_CRYPTO_LIB (ERR_LIB_CRYPTO/* 15 */ | ERR_RFLAG_COMMON)
+# define ERR_R_EC_LIB (ERR_LIB_EC/* 16 */ | ERR_RFLAG_COMMON)
+# define ERR_R_BIO_LIB (ERR_LIB_BIO/* 32 */ | ERR_RFLAG_COMMON)
+# define ERR_R_PKCS7_LIB (ERR_LIB_PKCS7/* 33 */ | ERR_RFLAG_COMMON)
+# define ERR_R_X509V3_LIB (ERR_LIB_X509V3/* 34 */ | ERR_RFLAG_COMMON)
+# define ERR_R_ENGINE_LIB (ERR_LIB_ENGINE/* 38 */ | ERR_RFLAG_COMMON)
+# define ERR_R_UI_LIB (ERR_LIB_UI/* 40 */ | ERR_RFLAG_COMMON)
+# define ERR_R_ECDSA_LIB (ERR_LIB_ECDSA/* 42 */ | ERR_RFLAG_COMMON)
+# define ERR_R_OSSL_STORE_LIB (ERR_LIB_OSSL_STORE/* 44 */ | ERR_RFLAG_COMMON)
+# define ERR_R_OSSL_DECODER_LIB (ERR_LIB_OSSL_DECODER/* 60 */ | ERR_RFLAG_COMMON)
+
+/* Other common error codes, range 256..2^ERR_RFLAGS_OFFSET-1 */
+# define ERR_R_FATAL (ERR_RFLAG_FATAL|ERR_RFLAG_COMMON)
+# define ERR_R_MALLOC_FAILURE (256|ERR_R_FATAL)
+# define ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED (257|ERR_R_FATAL)
+# define ERR_R_PASSED_NULL_PARAMETER (258|ERR_R_FATAL)
+# define ERR_R_INTERNAL_ERROR (259|ERR_R_FATAL)
+# define ERR_R_DISABLED (260|ERR_R_FATAL)
+# define ERR_R_INIT_FAIL (261|ERR_R_FATAL)
+# define ERR_R_PASSED_INVALID_ARGUMENT (262|ERR_RFLAG_COMMON)
+# define ERR_R_OPERATION_FAIL (263|ERR_R_FATAL)
+# define ERR_R_INVALID_PROVIDER_FUNCTIONS (264|ERR_R_FATAL)
+# define ERR_R_INTERRUPTED_OR_CANCELLED (265|ERR_RFLAG_COMMON)
+# define ERR_R_NESTED_ASN1_ERROR (266|ERR_RFLAG_COMMON)
+# define ERR_R_MISSING_ASN1_EOS (267|ERR_RFLAG_COMMON)
+# define ERR_R_UNSUPPORTED (268|ERR_RFLAG_COMMON)
+# define ERR_R_FETCH_FAILED (269|ERR_RFLAG_COMMON)
+# define ERR_R_INVALID_PROPERTY_DEFINITION (270|ERR_RFLAG_COMMON)
+# define ERR_R_UNABLE_TO_GET_READ_LOCK (271|ERR_R_FATAL)
+# define ERR_R_UNABLE_TO_GET_WRITE_LOCK (272|ERR_R_FATAL)
+
typedef struct ERR_string_data_st {
unsigned long error;
const char *string;
} ERR_STRING_DATA;
-DEFINE_LHASH_OF(ERR_STRING_DATA);
+DEFINE_LHASH_OF_INTERNAL(ERR_STRING_DATA);
+#define lh_ERR_STRING_DATA_new(hfn, cmp) ((LHASH_OF(ERR_STRING_DATA) *)OPENSSL_LH_new(ossl_check_ERR_STRING_DATA_lh_hashfunc_type(hfn), ossl_check_ERR_STRING_DATA_lh_compfunc_type(cmp)))
+#define lh_ERR_STRING_DATA_free(lh) OPENSSL_LH_free(ossl_check_ERR_STRING_DATA_lh_type(lh))
+#define lh_ERR_STRING_DATA_flush(lh) OPENSSL_LH_flush(ossl_check_ERR_STRING_DATA_lh_type(lh))
+#define lh_ERR_STRING_DATA_insert(lh, ptr) ((ERR_STRING_DATA *)OPENSSL_LH_insert(ossl_check_ERR_STRING_DATA_lh_type(lh), ossl_check_ERR_STRING_DATA_lh_plain_type(ptr)))
+#define lh_ERR_STRING_DATA_delete(lh, ptr) ((ERR_STRING_DATA *)OPENSSL_LH_delete(ossl_check_ERR_STRING_DATA_lh_type(lh), ossl_check_const_ERR_STRING_DATA_lh_plain_type(ptr)))
+#define lh_ERR_STRING_DATA_retrieve(lh, ptr) ((ERR_STRING_DATA *)OPENSSL_LH_retrieve(ossl_check_ERR_STRING_DATA_lh_type(lh), ossl_check_const_ERR_STRING_DATA_lh_plain_type(ptr)))
+#define lh_ERR_STRING_DATA_error(lh) OPENSSL_LH_error(ossl_check_ERR_STRING_DATA_lh_type(lh))
+#define lh_ERR_STRING_DATA_num_items(lh) OPENSSL_LH_num_items(ossl_check_ERR_STRING_DATA_lh_type(lh))
+#define lh_ERR_STRING_DATA_node_stats_bio(lh, out) OPENSSL_LH_node_stats_bio(ossl_check_const_ERR_STRING_DATA_lh_type(lh), out)
+#define lh_ERR_STRING_DATA_node_usage_stats_bio(lh, out) OPENSSL_LH_node_usage_stats_bio(ossl_check_const_ERR_STRING_DATA_lh_type(lh), out)
+#define lh_ERR_STRING_DATA_stats_bio(lh, out) OPENSSL_LH_stats_bio(ossl_check_const_ERR_STRING_DATA_lh_type(lh), out)
+#define lh_ERR_STRING_DATA_get_down_load(lh) OPENSSL_LH_get_down_load(ossl_check_ERR_STRING_DATA_lh_type(lh))
+#define lh_ERR_STRING_DATA_set_down_load(lh, dl) OPENSSL_LH_set_down_load(ossl_check_ERR_STRING_DATA_lh_type(lh), dl)
+#define lh_ERR_STRING_DATA_doall(lh, dfn) OPENSSL_LH_doall(ossl_check_ERR_STRING_DATA_lh_type(lh), ossl_check_ERR_STRING_DATA_lh_doallfunc_type(dfn))
+
/* 12 lines and some on an 80 column terminal */
#define ERR_MAX_DATA_SIZE 1024
@@ -276,23 +403,16 @@ void ERR_vset_error(int lib, int reason, const char *fmt, va_list args);
void ERR_set_error_data(char *data, int flags);
unsigned long ERR_get_error(void);
-/*
- * TODO(3.0) consider if the following three functions should be deprecated.
- * They all drop the error record from the error queue, so regardless of which
- * one is used, the rest of the information is lost, making them not so useful.
- * The recommendation should be to use the peek functions to extract all the
- * additional data.
- */
-unsigned long ERR_get_error_line(const char **file, int *line);
-unsigned long ERR_get_error_func(const char **func);
-unsigned long ERR_get_error_data(const char **data, int *flags);
unsigned long ERR_get_error_all(const char **file, int *line,
const char **func,
const char **data, int *flags);
-DEPRECATEDIN_3_0(unsigned long ERR_get_error_line_data(const char **file,
- int *line,
- const char **data,
- int *flags))
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0
+unsigned long ERR_get_error_line(const char **file, int *line);
+OSSL_DEPRECATEDIN_3_0
+unsigned long ERR_get_error_line_data(const char **file, int *line,
+ const char **data, int *flags);
+#endif
unsigned long ERR_peek_error(void);
unsigned long ERR_peek_error_line(const char **file, int *line);
unsigned long ERR_peek_error_func(const char **func);
@@ -300,10 +420,11 @@ unsigned long ERR_peek_error_data(const char **data, int *flags);
unsigned long ERR_peek_error_all(const char **file, int *line,
const char **func,
const char **data, int *flags);
-DEPRECATEDIN_3_0(unsigned long ERR_peek_error_line_data(const char **file,
- int *line,
- const char **data,
- int *flags))
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0
+unsigned long ERR_peek_error_line_data(const char **file, int *line,
+ const char **data, int *flags);
+# endif
unsigned long ERR_peek_last_error(void);
unsigned long ERR_peek_last_error_line(const char **file, int *line);
unsigned long ERR_peek_last_error_func(const char **func);
@@ -311,17 +432,20 @@ unsigned long ERR_peek_last_error_data(const char **data, int *flags);
unsigned long ERR_peek_last_error_all(const char **file, int *line,
const char **func,
const char **data, int *flags);
-DEPRECATEDIN_3_0(unsigned long ERR_peek_last_error_line_data(const char **file,
- int *line,
- const char **data,
- int *flags))
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0
+unsigned long ERR_peek_last_error_line_data(const char **file, int *line,
+ const char **data, int *flags);
+# endif
void ERR_clear_error(void);
char *ERR_error_string(unsigned long e, char *buf);
void ERR_error_string_n(unsigned long e, char *buf, size_t len);
const char *ERR_lib_error_string(unsigned long e);
-DEPRECATEDIN_3_0(const char *ERR_func_error_string(unsigned long e))
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 const char *ERR_func_error_string(unsigned long e);
+# endif
const char *ERR_reason_error_string(unsigned long e);
void ERR_print_errors_cb(int (*cb) (const char *str, size_t len, void *u),
@@ -339,17 +463,21 @@ void ERR_add_error_mem_bio(const char *sep, BIO *bio);
int ERR_load_strings(int lib, ERR_STRING_DATA *str);
int ERR_load_strings_const(const ERR_STRING_DATA *str);
int ERR_unload_strings(int lib, ERR_STRING_DATA *str);
-int ERR_load_ERR_strings(void);
#ifndef OPENSSL_NO_DEPRECATED_1_1_0
# define ERR_load_crypto_strings() \
OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL)
# define ERR_free_strings() while(0) continue
#endif
-
-DEPRECATEDIN_1_1_0(void ERR_remove_thread_state(void *))
-DEPRECATEDIN_1_0_0(void ERR_remove_state(unsigned long pid))
-DEPRECATEDIN_3_0(ERR_STATE *ERR_get_state(void))
+#ifndef OPENSSL_NO_DEPRECATED_1_1_0
+OSSL_DEPRECATEDIN_1_1_0 void ERR_remove_thread_state(void *);
+#endif
+#ifndef OPENSSL_NO_DEPRECATED_1_0_0
+OSSL_DEPRECATEDIN_1_0_0 void ERR_remove_state(unsigned long pid);
+#endif
+#ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 ERR_STATE *ERR_get_state(void);
+#endif
int ERR_get_next_error_library(void);
diff --git a/openssl/include/openssl/ess.h b/openssl/include/openssl/ess.h
index 507bf9c3..f23b53f2 100644..100755
--- a/openssl/include/openssl/ess.h
+++ b/openssl/include/openssl/ess.h
@@ -1,5 +1,8 @@
/*
- * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * WARNING: do not edit!
+ * Generated by makefile from include\openssl\ess.h.in
+ *
+ * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -7,29 +10,86 @@
* https://www.openssl.org/source/license.html
*/
+
+
#ifndef OPENSSL_ESS_H
# define OPENSSL_ESS_H
+# pragma once
# include <openssl/opensslconf.h>
-# ifdef __cplusplus
-extern "C" {
-# endif
# include <openssl/safestack.h>
# include <openssl/x509.h>
# include <openssl/esserr.h>
+# ifdef __cplusplus
+extern "C" {
+# endif
+
typedef struct ESS_issuer_serial ESS_ISSUER_SERIAL;
typedef struct ESS_cert_id ESS_CERT_ID;
typedef struct ESS_signing_cert ESS_SIGNING_CERT;
-DEFINE_OR_DECLARE_STACK_OF(ESS_CERT_ID)
+SKM_DEFINE_STACK_OF_INTERNAL(ESS_CERT_ID, ESS_CERT_ID, ESS_CERT_ID)
+#define sk_ESS_CERT_ID_num(sk) OPENSSL_sk_num(ossl_check_const_ESS_CERT_ID_sk_type(sk))
+#define sk_ESS_CERT_ID_value(sk, idx) ((ESS_CERT_ID *)OPENSSL_sk_value(ossl_check_const_ESS_CERT_ID_sk_type(sk), (idx)))
+#define sk_ESS_CERT_ID_new(cmp) ((STACK_OF(ESS_CERT_ID) *)OPENSSL_sk_new(ossl_check_ESS_CERT_ID_compfunc_type(cmp)))
+#define sk_ESS_CERT_ID_new_null() ((STACK_OF(ESS_CERT_ID) *)OPENSSL_sk_new_null())
+#define sk_ESS_CERT_ID_new_reserve(cmp, n) ((STACK_OF(ESS_CERT_ID) *)OPENSSL_sk_new_reserve(ossl_check_ESS_CERT_ID_compfunc_type(cmp), (n)))
+#define sk_ESS_CERT_ID_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_ESS_CERT_ID_sk_type(sk), (n))
+#define sk_ESS_CERT_ID_free(sk) OPENSSL_sk_free(ossl_check_ESS_CERT_ID_sk_type(sk))
+#define sk_ESS_CERT_ID_zero(sk) OPENSSL_sk_zero(ossl_check_ESS_CERT_ID_sk_type(sk))
+#define sk_ESS_CERT_ID_delete(sk, i) ((ESS_CERT_ID *)OPENSSL_sk_delete(ossl_check_ESS_CERT_ID_sk_type(sk), (i)))
+#define sk_ESS_CERT_ID_delete_ptr(sk, ptr) ((ESS_CERT_ID *)OPENSSL_sk_delete_ptr(ossl_check_ESS_CERT_ID_sk_type(sk), ossl_check_ESS_CERT_ID_type(ptr)))
+#define sk_ESS_CERT_ID_push(sk, ptr) OPENSSL_sk_push(ossl_check_ESS_CERT_ID_sk_type(sk), ossl_check_ESS_CERT_ID_type(ptr))
+#define sk_ESS_CERT_ID_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_ESS_CERT_ID_sk_type(sk), ossl_check_ESS_CERT_ID_type(ptr))
+#define sk_ESS_CERT_ID_pop(sk) ((ESS_CERT_ID *)OPENSSL_sk_pop(ossl_check_ESS_CERT_ID_sk_type(sk)))
+#define sk_ESS_CERT_ID_shift(sk) ((ESS_CERT_ID *)OPENSSL_sk_shift(ossl_check_ESS_CERT_ID_sk_type(sk)))
+#define sk_ESS_CERT_ID_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_ESS_CERT_ID_sk_type(sk),ossl_check_ESS_CERT_ID_freefunc_type(freefunc))
+#define sk_ESS_CERT_ID_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_ESS_CERT_ID_sk_type(sk), ossl_check_ESS_CERT_ID_type(ptr), (idx))
+#define sk_ESS_CERT_ID_set(sk, idx, ptr) ((ESS_CERT_ID *)OPENSSL_sk_set(ossl_check_ESS_CERT_ID_sk_type(sk), (idx), ossl_check_ESS_CERT_ID_type(ptr)))
+#define sk_ESS_CERT_ID_find(sk, ptr) OPENSSL_sk_find(ossl_check_ESS_CERT_ID_sk_type(sk), ossl_check_ESS_CERT_ID_type(ptr))
+#define sk_ESS_CERT_ID_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_ESS_CERT_ID_sk_type(sk), ossl_check_ESS_CERT_ID_type(ptr))
+#define sk_ESS_CERT_ID_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_ESS_CERT_ID_sk_type(sk), ossl_check_ESS_CERT_ID_type(ptr), pnum)
+#define sk_ESS_CERT_ID_sort(sk) OPENSSL_sk_sort(ossl_check_ESS_CERT_ID_sk_type(sk))
+#define sk_ESS_CERT_ID_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_ESS_CERT_ID_sk_type(sk))
+#define sk_ESS_CERT_ID_dup(sk) ((STACK_OF(ESS_CERT_ID) *)OPENSSL_sk_dup(ossl_check_const_ESS_CERT_ID_sk_type(sk)))
+#define sk_ESS_CERT_ID_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(ESS_CERT_ID) *)OPENSSL_sk_deep_copy(ossl_check_const_ESS_CERT_ID_sk_type(sk), ossl_check_ESS_CERT_ID_copyfunc_type(copyfunc), ossl_check_ESS_CERT_ID_freefunc_type(freefunc)))
+#define sk_ESS_CERT_ID_set_cmp_func(sk, cmp) ((sk_ESS_CERT_ID_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_ESS_CERT_ID_sk_type(sk), ossl_check_ESS_CERT_ID_compfunc_type(cmp)))
+
+
typedef struct ESS_signing_cert_v2_st ESS_SIGNING_CERT_V2;
typedef struct ESS_cert_id_v2_st ESS_CERT_ID_V2;
-DEFINE_OR_DECLARE_STACK_OF(ESS_CERT_ID_V2)
+SKM_DEFINE_STACK_OF_INTERNAL(ESS_CERT_ID_V2, ESS_CERT_ID_V2, ESS_CERT_ID_V2)
+#define sk_ESS_CERT_ID_V2_num(sk) OPENSSL_sk_num(ossl_check_const_ESS_CERT_ID_V2_sk_type(sk))
+#define sk_ESS_CERT_ID_V2_value(sk, idx) ((ESS_CERT_ID_V2 *)OPENSSL_sk_value(ossl_check_const_ESS_CERT_ID_V2_sk_type(sk), (idx)))
+#define sk_ESS_CERT_ID_V2_new(cmp) ((STACK_OF(ESS_CERT_ID_V2) *)OPENSSL_sk_new(ossl_check_ESS_CERT_ID_V2_compfunc_type(cmp)))
+#define sk_ESS_CERT_ID_V2_new_null() ((STACK_OF(ESS_CERT_ID_V2) *)OPENSSL_sk_new_null())
+#define sk_ESS_CERT_ID_V2_new_reserve(cmp, n) ((STACK_OF(ESS_CERT_ID_V2) *)OPENSSL_sk_new_reserve(ossl_check_ESS_CERT_ID_V2_compfunc_type(cmp), (n)))
+#define sk_ESS_CERT_ID_V2_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_ESS_CERT_ID_V2_sk_type(sk), (n))
+#define sk_ESS_CERT_ID_V2_free(sk) OPENSSL_sk_free(ossl_check_ESS_CERT_ID_V2_sk_type(sk))
+#define sk_ESS_CERT_ID_V2_zero(sk) OPENSSL_sk_zero(ossl_check_ESS_CERT_ID_V2_sk_type(sk))
+#define sk_ESS_CERT_ID_V2_delete(sk, i) ((ESS_CERT_ID_V2 *)OPENSSL_sk_delete(ossl_check_ESS_CERT_ID_V2_sk_type(sk), (i)))
+#define sk_ESS_CERT_ID_V2_delete_ptr(sk, ptr) ((ESS_CERT_ID_V2 *)OPENSSL_sk_delete_ptr(ossl_check_ESS_CERT_ID_V2_sk_type(sk), ossl_check_ESS_CERT_ID_V2_type(ptr)))
+#define sk_ESS_CERT_ID_V2_push(sk, ptr) OPENSSL_sk_push(ossl_check_ESS_CERT_ID_V2_sk_type(sk), ossl_check_ESS_CERT_ID_V2_type(ptr))
+#define sk_ESS_CERT_ID_V2_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_ESS_CERT_ID_V2_sk_type(sk), ossl_check_ESS_CERT_ID_V2_type(ptr))
+#define sk_ESS_CERT_ID_V2_pop(sk) ((ESS_CERT_ID_V2 *)OPENSSL_sk_pop(ossl_check_ESS_CERT_ID_V2_sk_type(sk)))
+#define sk_ESS_CERT_ID_V2_shift(sk) ((ESS_CERT_ID_V2 *)OPENSSL_sk_shift(ossl_check_ESS_CERT_ID_V2_sk_type(sk)))
+#define sk_ESS_CERT_ID_V2_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_ESS_CERT_ID_V2_sk_type(sk),ossl_check_ESS_CERT_ID_V2_freefunc_type(freefunc))
+#define sk_ESS_CERT_ID_V2_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_ESS_CERT_ID_V2_sk_type(sk), ossl_check_ESS_CERT_ID_V2_type(ptr), (idx))
+#define sk_ESS_CERT_ID_V2_set(sk, idx, ptr) ((ESS_CERT_ID_V2 *)OPENSSL_sk_set(ossl_check_ESS_CERT_ID_V2_sk_type(sk), (idx), ossl_check_ESS_CERT_ID_V2_type(ptr)))
+#define sk_ESS_CERT_ID_V2_find(sk, ptr) OPENSSL_sk_find(ossl_check_ESS_CERT_ID_V2_sk_type(sk), ossl_check_ESS_CERT_ID_V2_type(ptr))
+#define sk_ESS_CERT_ID_V2_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_ESS_CERT_ID_V2_sk_type(sk), ossl_check_ESS_CERT_ID_V2_type(ptr))
+#define sk_ESS_CERT_ID_V2_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_ESS_CERT_ID_V2_sk_type(sk), ossl_check_ESS_CERT_ID_V2_type(ptr), pnum)
+#define sk_ESS_CERT_ID_V2_sort(sk) OPENSSL_sk_sort(ossl_check_ESS_CERT_ID_V2_sk_type(sk))
+#define sk_ESS_CERT_ID_V2_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_ESS_CERT_ID_V2_sk_type(sk))
+#define sk_ESS_CERT_ID_V2_dup(sk) ((STACK_OF(ESS_CERT_ID_V2) *)OPENSSL_sk_dup(ossl_check_const_ESS_CERT_ID_V2_sk_type(sk)))
+#define sk_ESS_CERT_ID_V2_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(ESS_CERT_ID_V2) *)OPENSSL_sk_deep_copy(ossl_check_const_ESS_CERT_ID_V2_sk_type(sk), ossl_check_ESS_CERT_ID_V2_copyfunc_type(copyfunc), ossl_check_ESS_CERT_ID_V2_freefunc_type(freefunc)))
+#define sk_ESS_CERT_ID_V2_set_cmp_func(sk, cmp) ((sk_ESS_CERT_ID_V2_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_ESS_CERT_ID_V2_sk_type(sk), ossl_check_ESS_CERT_ID_V2_compfunc_type(cmp)))
+
DECLARE_ASN1_ALLOC_FUNCTIONS(ESS_ISSUER_SERIAL)
DECLARE_ASN1_ENCODE_FUNCTIONS_only(ESS_ISSUER_SERIAL, ESS_ISSUER_SERIAL)
@@ -39,18 +99,29 @@ DECLARE_ASN1_ALLOC_FUNCTIONS(ESS_CERT_ID)
DECLARE_ASN1_ENCODE_FUNCTIONS_only(ESS_CERT_ID, ESS_CERT_ID)
DECLARE_ASN1_DUP_FUNCTION(ESS_CERT_ID)
-DECLARE_ASN1_ALLOC_FUNCTIONS(ESS_SIGNING_CERT)
-DECLARE_ASN1_ENCODE_FUNCTIONS_only(ESS_SIGNING_CERT, ESS_SIGNING_CERT)
+DECLARE_ASN1_FUNCTIONS(ESS_SIGNING_CERT)
DECLARE_ASN1_DUP_FUNCTION(ESS_SIGNING_CERT)
DECLARE_ASN1_ALLOC_FUNCTIONS(ESS_CERT_ID_V2)
DECLARE_ASN1_ENCODE_FUNCTIONS_only(ESS_CERT_ID_V2, ESS_CERT_ID_V2)
DECLARE_ASN1_DUP_FUNCTION(ESS_CERT_ID_V2)
-DECLARE_ASN1_ALLOC_FUNCTIONS(ESS_SIGNING_CERT_V2)
-DECLARE_ASN1_ENCODE_FUNCTIONS_only(ESS_SIGNING_CERT_V2, ESS_SIGNING_CERT_V2)
+DECLARE_ASN1_FUNCTIONS(ESS_SIGNING_CERT_V2)
DECLARE_ASN1_DUP_FUNCTION(ESS_SIGNING_CERT_V2)
+ESS_SIGNING_CERT *OSSL_ESS_signing_cert_new_init(const X509 *signcert,
+ const STACK_OF(X509) *certs,
+ int set_issuer_serial);
+ESS_SIGNING_CERT_V2 *OSSL_ESS_signing_cert_v2_new_init(const EVP_MD *hash_alg,
+ const X509 *signcert,
+ const
+ STACK_OF(X509) *certs,
+ int set_issuer_serial);
+int OSSL_ESS_check_signing_certs(const ESS_SIGNING_CERT *ss,
+ const ESS_SIGNING_CERT_V2 *ssv2,
+ const STACK_OF(X509) *chain,
+ int require_signing_cert);
+
# ifdef __cplusplus
}
# endif
diff --git a/openssl/include/openssl/esserr.h b/openssl/include/openssl/esserr.h
index 6dd31163..a31df3aa 100644..100755
--- a/openssl/include/openssl/esserr.h
+++ b/openssl/include/openssl/esserr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -14,30 +14,19 @@
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
-
-
-# ifdef __cplusplus
-extern "C"
-# endif
-int ERR_load_ESS_strings(void);
-
-/*
- * ESS function codes.
- */
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define ESS_F_ESS_CERT_ID_NEW_INIT 0
-# define ESS_F_ESS_CERT_ID_V2_NEW_INIT 0
-# define ESS_F_ESS_SIGNING_CERT_ADD 0
-# define ESS_F_ESS_SIGNING_CERT_NEW_INIT 0
-# define ESS_F_ESS_SIGNING_CERT_V2_ADD 0
-# define ESS_F_ESS_SIGNING_CERT_V2_NEW_INIT 0
-# endif
+# include <openssl/cryptoerr_legacy.h>
/*
* ESS reason codes.
*/
+# define ESS_R_EMPTY_ESS_CERT_ID_LIST 107
+# define ESS_R_ESS_CERT_DIGEST_ERROR 103
+# define ESS_R_ESS_CERT_ID_NOT_FOUND 104
+# define ESS_R_ESS_CERT_ID_WRONG_ORDER 105
+# define ESS_R_ESS_DIGEST_ALG_UNKNOWN 106
# define ESS_R_ESS_SIGNING_CERTIFICATE_ERROR 102
# define ESS_R_ESS_SIGNING_CERT_ADD_ERROR 100
# define ESS_R_ESS_SIGNING_CERT_V2_ADD_ERROR 101
+# define ESS_R_MISSING_SIGNING_CERTIFICATE_ATTRIBUTE 108
#endif
diff --git a/openssl/include/openssl/evp.h b/openssl/include/openssl/evp.h
index 1f824957..7e82b4f2 100644..100755
--- a/openssl/include/openssl/evp.h
+++ b/openssl/include/openssl/evp.h
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -18,16 +18,19 @@
# include <stdarg.h>
+# ifndef OPENSSL_NO_STDIO
+# include <stdio.h>
+# endif
+
# include <openssl/opensslconf.h>
# include <openssl/types.h>
# include <openssl/core.h>
+# include <openssl/core_dispatch.h>
# include <openssl/symhacks.h>
# include <openssl/bio.h>
# include <openssl/evperr.h>
# include <openssl/params.h>
-# include <openssl/mac.h>
-
# define EVP_MAX_MD_SIZE 64/* longest known is SHA512 */
# define EVP_MAX_KEY_LENGTH 64
# define EVP_MAX_IV_LENGTH 16
@@ -39,16 +42,18 @@
# include <openssl/objects.h>
-# define EVP_PK_RSA 0x0001
-# define EVP_PK_DSA 0x0002
-# define EVP_PK_DH 0x0004
-# define EVP_PK_EC 0x0008
-# define EVP_PKT_SIGN 0x0010
-# define EVP_PKT_ENC 0x0020
-# define EVP_PKT_EXCH 0x0040
-# define EVP_PKS_RSA 0x0100
-# define EVP_PKS_DSA 0x0200
-# define EVP_PKS_EC 0x0400
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define EVP_PK_RSA 0x0001
+# define EVP_PK_DSA 0x0002
+# define EVP_PK_DH 0x0004
+# define EVP_PK_EC 0x0008
+# define EVP_PKT_SIGN 0x0010
+# define EVP_PKT_ENC 0x0020
+# define EVP_PKT_EXCH 0x0040
+# define EVP_PKS_RSA 0x0100
+# define EVP_PKS_DSA 0x0200
+# define EVP_PKS_EC 0x0400
+# endif
# define EVP_PKEY_NONE NID_undef
# define EVP_PKEY_RSA NID_rsaEncryption
@@ -77,13 +82,21 @@
/* Special indicator that the object is uniquely provider side */
# define EVP_PKEY_KEYMGMT -1
+/* Easy to use macros for EVP_PKEY related selections */
+# define EVP_PKEY_KEY_PARAMETERS \
+ ( OSSL_KEYMGMT_SELECT_ALL_PARAMETERS )
+# define EVP_PKEY_PUBLIC_KEY \
+ ( EVP_PKEY_KEY_PARAMETERS | OSSL_KEYMGMT_SELECT_PUBLIC_KEY )
+# define EVP_PKEY_KEYPAIR \
+ ( EVP_PKEY_PUBLIC_KEY | OSSL_KEYMGMT_SELECT_PRIVATE_KEY )
+
#ifdef __cplusplus
extern "C" {
#endif
-int EVP_set_default_properties(OPENSSL_CTX *libctx, const char *propq);
-int EVP_default_properties_is_fips_enabled(OPENSSL_CTX *libctx);
-int EVP_default_properties_enable_fips(OPENSSL_CTX *libctx, int enable);
+int EVP_set_default_properties(OSSL_LIB_CTX *libctx, const char *propq);
+int EVP_default_properties_is_fips_enabled(OSSL_LIB_CTX *libctx);
+int EVP_default_properties_enable_fips(OSSL_LIB_CTX *libctx, int enable);
# define EVP_PKEY_MO_SIGN 0x0001
# define EVP_PKEY_MO_VERIFY 0x0002
@@ -91,42 +104,56 @@ int EVP_default_properties_enable_fips(OPENSSL_CTX *libctx, int enable);
# define EVP_PKEY_MO_DECRYPT 0x0008
# ifndef EVP_MD
-EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type);
-EVP_MD *EVP_MD_meth_dup(const EVP_MD *md);
-void EVP_MD_meth_free(EVP_MD *md);
-
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type);
+OSSL_DEPRECATEDIN_3_0 EVP_MD *EVP_MD_meth_dup(const EVP_MD *md);
+OSSL_DEPRECATEDIN_3_0 void EVP_MD_meth_free(EVP_MD *md);
+OSSL_DEPRECATEDIN_3_0
int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize);
+OSSL_DEPRECATEDIN_3_0
int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize);
+OSSL_DEPRECATEDIN_3_0
int EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize);
+OSSL_DEPRECATEDIN_3_0
int EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags);
+OSSL_DEPRECATEDIN_3_0
int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx));
+OSSL_DEPRECATEDIN_3_0
int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx,
const void *data,
size_t count));
+OSSL_DEPRECATEDIN_3_0
int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx,
unsigned char *md));
+OSSL_DEPRECATEDIN_3_0
int EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to,
const EVP_MD_CTX *from));
+OSSL_DEPRECATEDIN_3_0
int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx));
+OSSL_DEPRECATEDIN_3_0
int EVP_MD_meth_set_ctrl(EVP_MD *md, int (*ctrl)(EVP_MD_CTX *ctx, int cmd,
int p1, void *p2));
-
-int EVP_MD_meth_get_input_blocksize(const EVP_MD *md);
-int EVP_MD_meth_get_result_size(const EVP_MD *md);
-int EVP_MD_meth_get_app_datasize(const EVP_MD *md);
-unsigned long EVP_MD_meth_get_flags(const EVP_MD *md);
+OSSL_DEPRECATEDIN_3_0 int EVP_MD_meth_get_input_blocksize(const EVP_MD *md);
+OSSL_DEPRECATEDIN_3_0 int EVP_MD_meth_get_result_size(const EVP_MD *md);
+OSSL_DEPRECATEDIN_3_0 int EVP_MD_meth_get_app_datasize(const EVP_MD *md);
+OSSL_DEPRECATEDIN_3_0 unsigned long EVP_MD_meth_get_flags(const EVP_MD *md);
+OSSL_DEPRECATEDIN_3_0
int (*EVP_MD_meth_get_init(const EVP_MD *md))(EVP_MD_CTX *ctx);
+OSSL_DEPRECATEDIN_3_0
int (*EVP_MD_meth_get_update(const EVP_MD *md))(EVP_MD_CTX *ctx,
- const void *data,
- size_t count);
+ const void *data, size_t count);
+OSSL_DEPRECATEDIN_3_0
int (*EVP_MD_meth_get_final(const EVP_MD *md))(EVP_MD_CTX *ctx,
unsigned char *md);
+OSSL_DEPRECATEDIN_3_0
int (*EVP_MD_meth_get_copy(const EVP_MD *md))(EVP_MD_CTX *to,
const EVP_MD_CTX *from);
+OSSL_DEPRECATEDIN_3_0
int (*EVP_MD_meth_get_cleanup(const EVP_MD *md))(EVP_MD_CTX *ctx);
+OSSL_DEPRECATEDIN_3_0
int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd,
int p1, void *p2);
-
+# endif
/* digest can only handle a single block */
# define EVP_MD_FLAG_ONESHOT 0x0001
@@ -200,52 +227,68 @@ int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd,
*/
# define EVP_MD_CTX_FLAG_FINALISE 0x0200
/* NOTE: 0x0400 is reserved for internal usage */
-
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0
EVP_CIPHER *EVP_CIPHER_meth_new(int cipher_type, int block_size, int key_len);
+OSSL_DEPRECATEDIN_3_0
EVP_CIPHER *EVP_CIPHER_meth_dup(const EVP_CIPHER *cipher);
+OSSL_DEPRECATEDIN_3_0
void EVP_CIPHER_meth_free(EVP_CIPHER *cipher);
-
+OSSL_DEPRECATEDIN_3_0
int EVP_CIPHER_meth_set_iv_length(EVP_CIPHER *cipher, int iv_len);
+OSSL_DEPRECATEDIN_3_0
int EVP_CIPHER_meth_set_flags(EVP_CIPHER *cipher, unsigned long flags);
+OSSL_DEPRECATEDIN_3_0
int EVP_CIPHER_meth_set_impl_ctx_size(EVP_CIPHER *cipher, int ctx_size);
+OSSL_DEPRECATEDIN_3_0
int EVP_CIPHER_meth_set_init(EVP_CIPHER *cipher,
int (*init) (EVP_CIPHER_CTX *ctx,
const unsigned char *key,
const unsigned char *iv,
int enc));
+OSSL_DEPRECATEDIN_3_0
int EVP_CIPHER_meth_set_do_cipher(EVP_CIPHER *cipher,
int (*do_cipher) (EVP_CIPHER_CTX *ctx,
unsigned char *out,
const unsigned char *in,
size_t inl));
+OSSL_DEPRECATEDIN_3_0
int EVP_CIPHER_meth_set_cleanup(EVP_CIPHER *cipher,
int (*cleanup) (EVP_CIPHER_CTX *));
+OSSL_DEPRECATEDIN_3_0
int EVP_CIPHER_meth_set_set_asn1_params(EVP_CIPHER *cipher,
int (*set_asn1_parameters) (EVP_CIPHER_CTX *,
ASN1_TYPE *));
+OSSL_DEPRECATEDIN_3_0
int EVP_CIPHER_meth_set_get_asn1_params(EVP_CIPHER *cipher,
int (*get_asn1_parameters) (EVP_CIPHER_CTX *,
ASN1_TYPE *));
+OSSL_DEPRECATEDIN_3_0
int EVP_CIPHER_meth_set_ctrl(EVP_CIPHER *cipher,
int (*ctrl) (EVP_CIPHER_CTX *, int type,
int arg, void *ptr));
-
-int (*EVP_CIPHER_meth_get_init(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
- const unsigned char *key,
- const unsigned char *iv,
- int enc);
-int (*EVP_CIPHER_meth_get_do_cipher(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
- unsigned char *out,
- const unsigned char *in,
- size_t inl);
-int (*EVP_CIPHER_meth_get_cleanup(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *);
-int (*EVP_CIPHER_meth_get_set_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
- ASN1_TYPE *);
-int (*EVP_CIPHER_meth_get_get_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
- ASN1_TYPE *);
-int (*EVP_CIPHER_meth_get_ctrl(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
- int type, int arg,
- void *ptr);
+OSSL_DEPRECATEDIN_3_0 int
+(*EVP_CIPHER_meth_get_init(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+ const unsigned char *key,
+ const unsigned char *iv,
+ int enc);
+OSSL_DEPRECATEDIN_3_0 int
+(*EVP_CIPHER_meth_get_do_cipher(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *ctx,
+ unsigned char *out,
+ const unsigned char *in,
+ size_t inl);
+OSSL_DEPRECATEDIN_3_0 int
+(*EVP_CIPHER_meth_get_cleanup(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *);
+OSSL_DEPRECATEDIN_3_0 int
+(*EVP_CIPHER_meth_get_set_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+ ASN1_TYPE *);
+OSSL_DEPRECATEDIN_3_0 int
+(*EVP_CIPHER_meth_get_get_asn1_params(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
+ ASN1_TYPE *);
+OSSL_DEPRECATEDIN_3_0 int
+(*EVP_CIPHER_meth_get_ctrl(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *, int type,
+ int arg, void *ptr);
+# endif
/* Values for cipher flags */
@@ -287,13 +330,15 @@ int (*EVP_CIPHER_meth_get_ctrl(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
/* Free: 0x1000 */
/* Buffer length in bits not bytes: CFB1 mode only */
# define EVP_CIPH_FLAG_LENGTH_BITS 0x2000
-/* Note if suitable for use in FIPS mode */
-# define EVP_CIPH_FLAG_FIPS 0x4000
-/* Allow non FIPS cipher in FIPS mode */
-# define EVP_CIPH_FLAG_NON_FIPS_ALLOW 0x8000
+/* Deprecated FIPS flag: was 0x4000 */
+# define EVP_CIPH_FLAG_FIPS 0
+/* Deprecated FIPS flag: was 0x8000 */
+# define EVP_CIPH_FLAG_NON_FIPS_ALLOW 0
+
/*
* Cipher handles any and all padding logic as well as finalisation.
*/
+# define EVP_CIPH_FLAG_CTS 0x4000
# define EVP_CIPH_FLAG_CUSTOM_CIPHER 0x100000
# define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000
# define EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK 0x400000
@@ -305,6 +350,7 @@ int (*EVP_CIPHER_meth_get_ctrl(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
# define EVP_CIPH_FLAG_CIPHER_WITH_MAC 0x2000000
/* For supplementary wrap cipher support */
# define EVP_CIPH_FLAG_GET_WRAP_CIPHER 0x4000000
+# define EVP_CIPH_FLAG_INVERSE_CIPHER 0x8000000
/*
* Cipher context flag to indicate we can handle wrap mode: if allowed in
@@ -379,8 +425,7 @@ int (*EVP_CIPHER_meth_get_ctrl(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
# define EVP_CTRL_SET_PIPELINE_INPUT_LENS 0x24
/* Get the IV length used by the cipher */
# define EVP_CTRL_GET_IVLEN 0x25
-/* Get the IV used by the cipher */
-# define EVP_CTRL_GET_IV 0x26
+/* 0x26 is unused */
/* Tell the cipher it's doing a speed test (SIV disallows multiple ops) */
# define EVP_CTRL_SET_SPEED 0x27
/* Get the unprotectedAttrs from cipher ctx */
@@ -442,9 +487,14 @@ typedef int (EVP_PBE_KEYGEN) (EVP_CIPHER_CTX *ctx, const char *pass,
const EVP_CIPHER *cipher, const EVP_MD *md,
int en_de);
-# ifndef OPENSSL_NO_RSA
+typedef int (EVP_PBE_KEYGEN_EX) (EVP_CIPHER_CTX *ctx, const char *pass,
+ int passlen, ASN1_TYPE *param,
+ const EVP_CIPHER *cipher, const EVP_MD *md,
+ int en_de, OSSL_LIB_CTX *libctx, const char *propq);
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
# define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
- (rsa))
+ (rsa))
# endif
# ifndef OPENSSL_NO_DSA
@@ -452,13 +502,15 @@ typedef int (EVP_PBE_KEYGEN) (EVP_CIPHER_CTX *ctx, const char *pass,
(dsa))
# endif
-# ifndef OPENSSL_NO_DH
+# if !defined(OPENSSL_NO_DH) && !defined(OPENSSL_NO_DEPRECATED_3_0)
# define EVP_PKEY_assign_DH(pkey,dh) EVP_PKEY_assign((pkey),EVP_PKEY_DH,(dh))
# endif
-# ifndef OPENSSL_NO_EC
-# define EVP_PKEY_assign_EC_KEY(pkey,eckey) EVP_PKEY_assign((pkey),EVP_PKEY_EC,\
- (eckey))
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# ifndef OPENSSL_NO_EC
+# define EVP_PKEY_assign_EC_KEY(pkey,eckey) \
+ EVP_PKEY_assign((pkey), EVP_PKEY_EC, (eckey))
+# endif
# endif
# ifndef OPENSSL_NO_SIPHASH
# define EVP_PKEY_assign_SIPHASH(pkey,shkey) EVP_PKEY_assign((pkey),\
@@ -476,77 +528,125 @@ typedef int (EVP_PBE_KEYGEN) (EVP_CIPHER_CTX *ctx, const char *pass,
# define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a))
# define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a))
-int EVP_MD_type(const EVP_MD *md);
-# define EVP_MD_nid(e) EVP_MD_type(e)
-const char *EVP_MD_name(const EVP_MD *md);
-int EVP_MD_number(const EVP_MD *md);
+int EVP_MD_get_type(const EVP_MD *md);
+# define EVP_MD_type EVP_MD_get_type
+# define EVP_MD_nid EVP_MD_get_type
+const char *EVP_MD_get0_name(const EVP_MD *md);
+# define EVP_MD_name EVP_MD_get0_name
+const char *EVP_MD_get0_description(const EVP_MD *md);
int EVP_MD_is_a(const EVP_MD *md, const char *name);
-void EVP_MD_names_do_all(const EVP_MD *md,
- void (*fn)(const char *name, void *data),
- void *data);
-const OSSL_PROVIDER *EVP_MD_provider(const EVP_MD *md);
-int EVP_MD_pkey_type(const EVP_MD *md);
-int EVP_MD_size(const EVP_MD *md);
-int EVP_MD_block_size(const EVP_MD *md);
-unsigned long EVP_MD_flags(const EVP_MD *md);
-
+int EVP_MD_names_do_all(const EVP_MD *md,
+ void (*fn)(const char *name, void *data),
+ void *data);
+const OSSL_PROVIDER *EVP_MD_get0_provider(const EVP_MD *md);
+int EVP_MD_get_pkey_type(const EVP_MD *md);
+# define EVP_MD_pkey_type EVP_MD_get_pkey_type
+int EVP_MD_get_size(const EVP_MD *md);
+# define EVP_MD_size EVP_MD_get_size
+int EVP_MD_get_block_size(const EVP_MD *md);
+# define EVP_MD_block_size EVP_MD_get_block_size
+unsigned long EVP_MD_get_flags(const EVP_MD *md);
+# define EVP_MD_flags EVP_MD_get_flags
+
+const EVP_MD *EVP_MD_CTX_get0_md(const EVP_MD_CTX *ctx);
+EVP_MD *EVP_MD_CTX_get1_md(EVP_MD_CTX *ctx);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0
const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+OSSL_DEPRECATEDIN_3_0
int (*EVP_MD_CTX_update_fn(EVP_MD_CTX *ctx))(EVP_MD_CTX *ctx,
const void *data, size_t count);
+OSSL_DEPRECATEDIN_3_0
void EVP_MD_CTX_set_update_fn(EVP_MD_CTX *ctx,
int (*update) (EVP_MD_CTX *ctx,
const void *data, size_t count));
-# define EVP_MD_CTX_name(e) EVP_MD_name(EVP_MD_CTX_md(e))
-# define EVP_MD_CTX_size(e) EVP_MD_size(EVP_MD_CTX_md(e))
-# define EVP_MD_CTX_block_size(e) EVP_MD_block_size(EVP_MD_CTX_md(e))
-# define EVP_MD_CTX_type(e) EVP_MD_type(EVP_MD_CTX_md(e))
-EVP_PKEY_CTX *EVP_MD_CTX_pkey_ctx(const EVP_MD_CTX *ctx);
+# endif
+# define EVP_MD_CTX_get0_name(e) EVP_MD_get0_name(EVP_MD_CTX_get0_md(e))
+# define EVP_MD_CTX_get_size(e) EVP_MD_get_size(EVP_MD_CTX_get0_md(e))
+# define EVP_MD_CTX_size EVP_MD_CTX_get_size
+# define EVP_MD_CTX_get_block_size(e) EVP_MD_get_block_size(EVP_MD_CTX_get0_md(e))
+# define EVP_MD_CTX_block_size EVP_MD_CTX_get_block_size
+# define EVP_MD_CTX_get_type(e) EVP_MD_get_type(EVP_MD_CTX_get0_md(e))
+# define EVP_MD_CTX_type EVP_MD_CTX_get_type
+EVP_PKEY_CTX *EVP_MD_CTX_get_pkey_ctx(const EVP_MD_CTX *ctx);
+# define EVP_MD_CTX_pkey_ctx EVP_MD_CTX_get_pkey_ctx
void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx);
-void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx);
-
-int EVP_CIPHER_nid(const EVP_CIPHER *cipher);
-const char *EVP_CIPHER_name(const EVP_CIPHER *cipher);
-int EVP_CIPHER_number(const EVP_CIPHER *cipher);
+void *EVP_MD_CTX_get0_md_data(const EVP_MD_CTX *ctx);
+# define EVP_MD_CTX_md_data EVP_MD_CTX_get0_md_data
+
+int EVP_CIPHER_get_nid(const EVP_CIPHER *cipher);
+# define EVP_CIPHER_nid EVP_CIPHER_get_nid
+const char *EVP_CIPHER_get0_name(const EVP_CIPHER *cipher);
+# define EVP_CIPHER_name EVP_CIPHER_get0_name
+const char *EVP_CIPHER_get0_description(const EVP_CIPHER *cipher);
int EVP_CIPHER_is_a(const EVP_CIPHER *cipher, const char *name);
-void EVP_CIPHER_names_do_all(const EVP_CIPHER *cipher,
- void (*fn)(const char *name, void *data),
- void *data);
-const OSSL_PROVIDER *EVP_CIPHER_provider(const EVP_CIPHER *cipher);
-int EVP_CIPHER_block_size(const EVP_CIPHER *cipher);
+int EVP_CIPHER_names_do_all(const EVP_CIPHER *cipher,
+ void (*fn)(const char *name, void *data),
+ void *data);
+const OSSL_PROVIDER *EVP_CIPHER_get0_provider(const EVP_CIPHER *cipher);
+int EVP_CIPHER_get_block_size(const EVP_CIPHER *cipher);
+# define EVP_CIPHER_block_size EVP_CIPHER_get_block_size
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0
int EVP_CIPHER_impl_ctx_size(const EVP_CIPHER *cipher);
-int EVP_CIPHER_key_length(const EVP_CIPHER *cipher);
-int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher);
-unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher);
-int EVP_CIPHER_mode(const EVP_CIPHER *cipher);
-EVP_CIPHER *EVP_CIPHER_fetch(OPENSSL_CTX *ctx, const char *algorithm,
+# endif
+int EVP_CIPHER_get_key_length(const EVP_CIPHER *cipher);
+# define EVP_CIPHER_key_length EVP_CIPHER_get_key_length
+int EVP_CIPHER_get_iv_length(const EVP_CIPHER *cipher);
+# define EVP_CIPHER_iv_length EVP_CIPHER_get_iv_length
+unsigned long EVP_CIPHER_get_flags(const EVP_CIPHER *cipher);
+# define EVP_CIPHER_flags EVP_CIPHER_get_flags
+int EVP_CIPHER_get_mode(const EVP_CIPHER *cipher);
+# define EVP_CIPHER_mode EVP_CIPHER_get_mode
+int EVP_CIPHER_get_type(const EVP_CIPHER *cipher);
+# define EVP_CIPHER_type EVP_CIPHER_get_type
+EVP_CIPHER *EVP_CIPHER_fetch(OSSL_LIB_CTX *ctx, const char *algorithm,
const char *properties);
int EVP_CIPHER_up_ref(EVP_CIPHER *cipher);
void EVP_CIPHER_free(EVP_CIPHER *cipher);
+const EVP_CIPHER *EVP_CIPHER_CTX_get0_cipher(const EVP_CIPHER_CTX *ctx);
+EVP_CIPHER *EVP_CIPHER_CTX_get1_cipher(EVP_CIPHER_CTX *ctx);
+int EVP_CIPHER_CTX_is_encrypting(const EVP_CIPHER_CTX *ctx);
+# define EVP_CIPHER_CTX_encrypting EVP_CIPHER_CTX_is_encrypting
+int EVP_CIPHER_CTX_get_nid(const EVP_CIPHER_CTX *ctx);
+# define EVP_CIPHER_CTX_nid EVP_CIPHER_CTX_get_nid
+int EVP_CIPHER_CTX_get_block_size(const EVP_CIPHER_CTX *ctx);
+# define EVP_CIPHER_CTX_block_size EVP_CIPHER_CTX_get_block_size
+int EVP_CIPHER_CTX_get_key_length(const EVP_CIPHER_CTX *ctx);
+# define EVP_CIPHER_CTX_key_length EVP_CIPHER_CTX_get_key_length
+int EVP_CIPHER_CTX_get_iv_length(const EVP_CIPHER_CTX *ctx);
+# define EVP_CIPHER_CTX_iv_length EVP_CIPHER_CTX_get_iv_length
+int EVP_CIPHER_CTX_get_tag_length(const EVP_CIPHER_CTX *ctx);
+# define EVP_CIPHER_CTX_tag_length EVP_CIPHER_CTX_get_tag_length
+# ifndef OPENSSL_NO_DEPRECATED_3_0
const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
-int EVP_CIPHER_CTX_encrypting(const EVP_CIPHER_CTX *ctx);
-int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
-int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
-int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
-int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
-int EVP_CIPHER_CTX_tag_length(const EVP_CIPHER_CTX *ctx);
-const unsigned char *EVP_CIPHER_CTX_iv(const EVP_CIPHER_CTX *ctx);
-const unsigned char *EVP_CIPHER_CTX_original_iv(const EVP_CIPHER_CTX *ctx);
-unsigned char *EVP_CIPHER_CTX_iv_noconst(EVP_CIPHER_CTX *ctx);
+OSSL_DEPRECATEDIN_3_0 const unsigned char *EVP_CIPHER_CTX_iv(const EVP_CIPHER_CTX *ctx);
+OSSL_DEPRECATEDIN_3_0 const unsigned char *EVP_CIPHER_CTX_original_iv(const EVP_CIPHER_CTX *ctx);
+OSSL_DEPRECATEDIN_3_0 unsigned char *EVP_CIPHER_CTX_iv_noconst(EVP_CIPHER_CTX *ctx);
+# endif
+int EVP_CIPHER_CTX_get_updated_iv(EVP_CIPHER_CTX *ctx, void *buf, size_t len);
+int EVP_CIPHER_CTX_get_original_iv(EVP_CIPHER_CTX *ctx, void *buf, size_t len);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0
unsigned char *EVP_CIPHER_CTX_buf_noconst(EVP_CIPHER_CTX *ctx);
-int EVP_CIPHER_CTX_num(const EVP_CIPHER_CTX *ctx);
+# endif
+int EVP_CIPHER_CTX_get_num(const EVP_CIPHER_CTX *ctx);
+# define EVP_CIPHER_CTX_num EVP_CIPHER_CTX_get_num
int EVP_CIPHER_CTX_set_num(EVP_CIPHER_CTX *ctx, int num);
int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in);
void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data);
void *EVP_CIPHER_CTX_get_cipher_data(const EVP_CIPHER_CTX *ctx);
void *EVP_CIPHER_CTX_set_cipher_data(EVP_CIPHER_CTX *ctx, void *cipher_data);
-# define EVP_CIPHER_CTX_name(c) EVP_CIPHER_name(EVP_CIPHER_CTX_cipher(c))
-# define EVP_CIPHER_CTX_type(c) EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c))
+# define EVP_CIPHER_CTX_get0_name(c) EVP_CIPHER_get0_name(EVP_CIPHER_CTX_get0_cipher(c))
+# define EVP_CIPHER_CTX_get_type(c) EVP_CIPHER_get_type(EVP_CIPHER_CTX_get0_cipher(c))
+# define EVP_CIPHER_CTX_type EVP_CIPHER_CTX_get_type
# ifndef OPENSSL_NO_DEPRECATED_1_1_0
-# define EVP_CIPHER_CTX_flags(c) EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(c))
+# define EVP_CIPHER_CTX_flags(c) EVP_CIPHER_get_flags(EVP_CIPHER_CTX_get0_cipher(c))
# endif
-# define EVP_CIPHER_CTX_mode(c) EVP_CIPHER_mode(EVP_CIPHER_CTX_cipher(c))
+# define EVP_CIPHER_CTX_get_mode(c) EVP_CIPHER_get_mode(EVP_CIPHER_CTX_get0_cipher(c))
+# define EVP_CIPHER_CTX_mode EVP_CIPHER_CTX_get_mode
# define EVP_ENCODE_LENGTH(l) ((((l)+2)/3*4)+((l)/48+1)*2+80)
# define EVP_DECODE_LENGTH(l) (((l)+3)/4*3+80)
@@ -603,6 +703,8 @@ __owur int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
+__owur int EVP_DigestInit_ex2(EVP_MD_CTX *ctx, const EVP_MD *type,
+ const OSSL_PARAM params[]);
__owur int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type,
ENGINE *impl);
__owur int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d,
@@ -612,6 +714,9 @@ __owur int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md,
__owur int EVP_Digest(const void *data, size_t count,
unsigned char *md, unsigned int *size,
const EVP_MD *type, ENGINE *impl);
+__owur int EVP_Q_digest(OSSL_LIB_CTX *libctx, const char *name,
+ const char *propq, const void *data, size_t datalen,
+ unsigned char *md, size_t *mdlen);
__owur int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in);
__owur int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
@@ -620,8 +725,9 @@ __owur int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md,
__owur int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md,
size_t len);
-__owur EVP_MD *EVP_MD_fetch(OPENSSL_CTX *ctx, const char *algorithm,
+__owur EVP_MD *EVP_MD_fetch(OSSL_LIB_CTX *ctx, const char *algorithm,
const char *properties);
+
int EVP_MD_up_ref(EVP_MD *md);
void EVP_MD_free(EVP_MD *md);
@@ -646,6 +752,10 @@ __owur int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
const EVP_CIPHER *cipher, ENGINE *impl,
const unsigned char *key,
const unsigned char *iv);
+__owur int EVP_EncryptInit_ex2(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
+ const unsigned char *key,
+ const unsigned char *iv,
+ const OSSL_PARAM params[]);
/*__owur*/ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
int *outl, const unsigned char *in, int inl);
/*__owur*/ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out,
@@ -659,6 +769,10 @@ __owur int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
const EVP_CIPHER *cipher, ENGINE *impl,
const unsigned char *key,
const unsigned char *iv);
+__owur int EVP_DecryptInit_ex2(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
+ const unsigned char *key,
+ const unsigned char *iv,
+ const OSSL_PARAM params[]);
/*__owur*/ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
int *outl, const unsigned char *in, int inl);
__owur int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm,
@@ -673,6 +787,9 @@ __owur int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
const EVP_CIPHER *cipher, ENGINE *impl,
const unsigned char *key,
const unsigned char *iv, int enc);
+__owur int EVP_CipherInit_ex2(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
+ const unsigned char *key, const unsigned char *iv,
+ int enc, const OSSL_PARAM params[]);
__owur int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
int *outl, const unsigned char *in, int inl);
__owur int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm,
@@ -682,6 +799,9 @@ __owur int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm,
__owur int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s,
EVP_PKEY *pkey);
+__owur int EVP_SignFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s,
+ EVP_PKEY *pkey, OSSL_LIB_CTX *libctx,
+ const char *propq);
__owur int EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret,
size_t *siglen, const unsigned char *tbs,
@@ -689,14 +809,18 @@ __owur int EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret,
__owur int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
unsigned int siglen, EVP_PKEY *pkey);
+__owur int EVP_VerifyFinal_ex(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
+ unsigned int siglen, EVP_PKEY *pkey,
+ OSSL_LIB_CTX *libctx, const char *propq);
__owur int EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret,
size_t siglen, const unsigned char *tbs,
size_t tbslen);
int EVP_DigestSignInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
- const char *mdname, const char *props, EVP_PKEY *pkey,
- OPENSSL_CTX *libctx);
+ const char *mdname, OSSL_LIB_CTX *libctx,
+ const char *props, EVP_PKEY *pkey,
+ const OSSL_PARAM params[]);
/*__owur*/ int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const EVP_MD *type, ENGINE *e,
EVP_PKEY *pkey);
@@ -705,8 +829,9 @@ __owur int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
size_t *siglen);
int EVP_DigestVerifyInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
- const char *mdname, const char *props,
- EVP_PKEY *pkey, OPENSSL_CTX *libctx);
+ const char *mdname, OSSL_LIB_CTX *libctx,
+ const char *props, EVP_PKEY *pkey,
+ const OSSL_PARAM params[]);
__owur int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const EVP_MD *type, ENGINE *e,
EVP_PKEY *pkey);
@@ -714,7 +839,6 @@ int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *data, size_t dsize);
__owur int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig,
size_t siglen);
-# ifndef OPENSSL_NO_RSA
__owur int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
const unsigned char *ek, int ekl,
const unsigned char *iv, EVP_PKEY *priv);
@@ -724,7 +848,6 @@ __owur int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
unsigned char **ek, int *ekl, unsigned char *iv,
EVP_PKEY **pubk, int npubk);
__owur int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
-# endif
EVP_ENCODE_CTX *EVP_ENCODE_CTX_new(void);
void EVP_ENCODE_CTX_free(EVP_ENCODE_CTX *ctx);
@@ -760,6 +883,8 @@ int EVP_CIPHER_CTX_get_params(EVP_CIPHER_CTX *ctx, OSSL_PARAM params[]);
const OSSL_PARAM *EVP_CIPHER_gettable_params(const EVP_CIPHER *cipher);
const OSSL_PARAM *EVP_CIPHER_settable_ctx_params(const EVP_CIPHER *cipher);
const OSSL_PARAM *EVP_CIPHER_gettable_ctx_params(const EVP_CIPHER *cipher);
+const OSSL_PARAM *EVP_CIPHER_CTX_settable_params(EVP_CIPHER_CTX *ctx);
+const OSSL_PARAM *EVP_CIPHER_CTX_gettable_params(EVP_CIPHER_CTX *ctx);
const BIO_METHOD *BIO_f_md(void);
const BIO_METHOD *BIO_f_base64(void);
@@ -935,11 +1060,6 @@ const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void);
const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void);
const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha256(void);
const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha256(void);
-# ifndef OPENSSL_NO_SIV
-const EVP_CIPHER *EVP_aes_128_siv(void);
-const EVP_CIPHER *EVP_aes_192_siv(void);
-const EVP_CIPHER *EVP_aes_256_siv(void);
-# endif
# ifndef OPENSSL_NO_ARIA
const EVP_CIPHER *EVP_aria_128_ecb(void);
const EVP_CIPHER *EVP_aria_128_cbc(void);
@@ -1057,7 +1177,7 @@ void EVP_CIPHER_do_all(void (*fn) (const EVP_CIPHER *ciph,
void EVP_CIPHER_do_all_sorted(void (*fn)
(const EVP_CIPHER *ciph, const char *from,
const char *to, void *x), void *arg);
-void EVP_CIPHER_do_all_provided(OPENSSL_CTX *libctx,
+void EVP_CIPHER_do_all_provided(OSSL_LIB_CTX *libctx,
void (*fn)(EVP_CIPHER *cipher, void *arg),
void *arg);
@@ -1067,40 +1187,88 @@ void EVP_MD_do_all(void (*fn) (const EVP_MD *ciph,
void EVP_MD_do_all_sorted(void (*fn)
(const EVP_MD *ciph, const char *from,
const char *to, void *x), void *arg);
-void EVP_MD_do_all_provided(OPENSSL_CTX *libctx,
+void EVP_MD_do_all_provided(OSSL_LIB_CTX *libctx,
void (*fn)(EVP_MD *md, void *arg),
void *arg);
+/* MAC stuff */
+
+EVP_MAC *EVP_MAC_fetch(OSSL_LIB_CTX *libctx, const char *algorithm,
+ const char *properties);
+int EVP_MAC_up_ref(EVP_MAC *mac);
+void EVP_MAC_free(EVP_MAC *mac);
+const char *EVP_MAC_get0_name(const EVP_MAC *mac);
+const char *EVP_MAC_get0_description(const EVP_MAC *mac);
+int EVP_MAC_is_a(const EVP_MAC *mac, const char *name);
+const OSSL_PROVIDER *EVP_MAC_get0_provider(const EVP_MAC *mac);
+int EVP_MAC_get_params(EVP_MAC *mac, OSSL_PARAM params[]);
+
+EVP_MAC_CTX *EVP_MAC_CTX_new(EVP_MAC *mac);
+void EVP_MAC_CTX_free(EVP_MAC_CTX *ctx);
+EVP_MAC_CTX *EVP_MAC_CTX_dup(const EVP_MAC_CTX *src);
+EVP_MAC *EVP_MAC_CTX_get0_mac(EVP_MAC_CTX *ctx);
+int EVP_MAC_CTX_get_params(EVP_MAC_CTX *ctx, OSSL_PARAM params[]);
+int EVP_MAC_CTX_set_params(EVP_MAC_CTX *ctx, const OSSL_PARAM params[]);
+
+size_t EVP_MAC_CTX_get_mac_size(EVP_MAC_CTX *ctx);
+size_t EVP_MAC_CTX_get_block_size(EVP_MAC_CTX *ctx);
+unsigned char *EVP_Q_mac(OSSL_LIB_CTX *libctx, const char *name, const char *propq,
+ const char *subalg, const OSSL_PARAM *params,
+ const void *key, size_t keylen,
+ const unsigned char *data, size_t datalen,
+ unsigned char *out, size_t outsize, size_t *outlen);
+int EVP_MAC_init(EVP_MAC_CTX *ctx, const unsigned char *key, size_t keylen,
+ const OSSL_PARAM params[]);
+int EVP_MAC_update(EVP_MAC_CTX *ctx, const unsigned char *data, size_t datalen);
+int EVP_MAC_final(EVP_MAC_CTX *ctx,
+ unsigned char *out, size_t *outl, size_t outsize);
+int EVP_MAC_finalXOF(EVP_MAC_CTX *ctx, unsigned char *out, size_t outsize);
+const OSSL_PARAM *EVP_MAC_gettable_params(const EVP_MAC *mac);
+const OSSL_PARAM *EVP_MAC_gettable_ctx_params(const EVP_MAC *mac);
+const OSSL_PARAM *EVP_MAC_settable_ctx_params(const EVP_MAC *mac);
+const OSSL_PARAM *EVP_MAC_CTX_gettable_params(EVP_MAC_CTX *ctx);
+const OSSL_PARAM *EVP_MAC_CTX_settable_params(EVP_MAC_CTX *ctx);
+
+void EVP_MAC_do_all_provided(OSSL_LIB_CTX *libctx,
+ void (*fn)(EVP_MAC *mac, void *arg),
+ void *arg);
+int EVP_MAC_names_do_all(const EVP_MAC *mac,
+ void (*fn)(const char *name, void *data),
+ void *data);
+
/* RAND stuff */
-EVP_RAND *EVP_RAND_fetch(OPENSSL_CTX *libctx, const char *algorithm,
+EVP_RAND *EVP_RAND_fetch(OSSL_LIB_CTX *libctx, const char *algorithm,
const char *properties);
int EVP_RAND_up_ref(EVP_RAND *rand);
void EVP_RAND_free(EVP_RAND *rand);
-int EVP_RAND_number(const EVP_RAND *rand);
-const char *EVP_RAND_name(const EVP_RAND *rand);
+const char *EVP_RAND_get0_name(const EVP_RAND *rand);
+const char *EVP_RAND_get0_description(const EVP_RAND *md);
int EVP_RAND_is_a(const EVP_RAND *rand, const char *name);
-const OSSL_PROVIDER *EVP_RAND_provider(const EVP_RAND *rand);
+const OSSL_PROVIDER *EVP_RAND_get0_provider(const EVP_RAND *rand);
int EVP_RAND_get_params(EVP_RAND *rand, OSSL_PARAM params[]);
EVP_RAND_CTX *EVP_RAND_CTX_new(EVP_RAND *rand, EVP_RAND_CTX *parent);
void EVP_RAND_CTX_free(EVP_RAND_CTX *ctx);
-EVP_RAND *EVP_RAND_CTX_rand(EVP_RAND_CTX *ctx);
-int EVP_RAND_get_ctx_params(EVP_RAND_CTX *ctx, OSSL_PARAM params[]);
-int EVP_RAND_set_ctx_params(EVP_RAND_CTX *ctx, const OSSL_PARAM params[]);
+EVP_RAND *EVP_RAND_CTX_get0_rand(EVP_RAND_CTX *ctx);
+int EVP_RAND_CTX_get_params(EVP_RAND_CTX *ctx, OSSL_PARAM params[]);
+int EVP_RAND_CTX_set_params(EVP_RAND_CTX *ctx, const OSSL_PARAM params[]);
const OSSL_PARAM *EVP_RAND_gettable_params(const EVP_RAND *rand);
const OSSL_PARAM *EVP_RAND_gettable_ctx_params(const EVP_RAND *rand);
const OSSL_PARAM *EVP_RAND_settable_ctx_params(const EVP_RAND *rand);
+const OSSL_PARAM *EVP_RAND_CTX_gettable_params(EVP_RAND_CTX *ctx);
+const OSSL_PARAM *EVP_RAND_CTX_settable_params(EVP_RAND_CTX *ctx);
-void EVP_RAND_do_all_provided(OPENSSL_CTX *libctx,
+void EVP_RAND_do_all_provided(OSSL_LIB_CTX *libctx,
void (*fn)(EVP_RAND *rand, void *arg),
void *arg);
-void EVP_RAND_names_do_all(const EVP_RAND *rand,
- void (*fn)(const char *name, void *data),
- void *data);
+int EVP_RAND_names_do_all(const EVP_RAND *rand,
+ void (*fn)(const char *name, void *data),
+ void *data);
__owur int EVP_RAND_instantiate(EVP_RAND_CTX *ctx, unsigned int strength,
int prediction_resistance,
- const unsigned char *pstr, size_t pstr_len);
+ const unsigned char *pstr, size_t pstr_len,
+ const OSSL_PARAM params[]);
int EVP_RAND_uninstantiate(EVP_RAND_CTX *ctx);
__owur int EVP_RAND_generate(EVP_RAND_CTX *ctx, unsigned char *out,
size_t outlen, unsigned int strength,
@@ -1111,81 +1279,108 @@ int EVP_RAND_reseed(EVP_RAND_CTX *ctx, int prediction_resistance,
const unsigned char *addin, size_t addin_len);
__owur int EVP_RAND_nonce(EVP_RAND_CTX *ctx, unsigned char *out, size_t outlen);
__owur int EVP_RAND_enable_locking(EVP_RAND_CTX *ctx);
-int EVP_RAND_set_callbacks(EVP_RAND_CTX *ctx,
- OSSL_INOUT_CALLBACK *get_entropy,
- OSSL_CALLBACK *cleanup_entropy,
- OSSL_INOUT_CALLBACK *get_nonce,
- OSSL_CALLBACK *cleanup_nonce, void *arg);
+
int EVP_RAND_verify_zeroization(EVP_RAND_CTX *ctx);
-unsigned int EVP_RAND_strength(EVP_RAND_CTX *ctx);
-int EVP_RAND_state(EVP_RAND_CTX *ctx);
+unsigned int EVP_RAND_get_strength(EVP_RAND_CTX *ctx);
+int EVP_RAND_get_state(EVP_RAND_CTX *ctx);
-#define EVP_RAND_STATE_UNINITIALISED 0
-#define EVP_RAND_STATE_READY 1
-#define EVP_RAND_STATE_ERROR 2
+# define EVP_RAND_STATE_UNINITIALISED 0
+# define EVP_RAND_STATE_READY 1
+# define EVP_RAND_STATE_ERROR 2
/* PKEY stuff */
-DEPRECATEDIN_3_0(int EVP_PKEY_decrypt_old(unsigned char *dec_key,
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int EVP_PKEY_decrypt_old(unsigned char *dec_key,
const unsigned char *enc_key,
int enc_key_len,
- EVP_PKEY *private_key))
-DEPRECATEDIN_3_0(int EVP_PKEY_encrypt_old(unsigned char *enc_key,
+ EVP_PKEY *private_key);
+OSSL_DEPRECATEDIN_3_0 int EVP_PKEY_encrypt_old(unsigned char *enc_key,
const unsigned char *key,
- int key_len, EVP_PKEY *pub_key))
+ int key_len, EVP_PKEY *pub_key);
+# endif
int EVP_PKEY_is_a(const EVP_PKEY *pkey, const char *name);
+int EVP_PKEY_type_names_do_all(const EVP_PKEY *pkey,
+ void (*fn)(const char *name, void *data),
+ void *data);
int EVP_PKEY_type(int type);
-int EVP_PKEY_id(const EVP_PKEY *pkey);
-int EVP_PKEY_base_id(const EVP_PKEY *pkey);
-int EVP_PKEY_bits(const EVP_PKEY *pkey);
-int EVP_PKEY_security_bits(const EVP_PKEY *pkey);
-int EVP_PKEY_size(const EVP_PKEY *pkey);
+int EVP_PKEY_get_id(const EVP_PKEY *pkey);
+# define EVP_PKEY_id EVP_PKEY_get_id
+int EVP_PKEY_get_base_id(const EVP_PKEY *pkey);
+# define EVP_PKEY_base_id EVP_PKEY_get_base_id
+int EVP_PKEY_get_bits(const EVP_PKEY *pkey);
+# define EVP_PKEY_bits EVP_PKEY_get_bits
+int EVP_PKEY_get_security_bits(const EVP_PKEY *pkey);
+# define EVP_PKEY_security_bits EVP_PKEY_get_security_bits
+int EVP_PKEY_get_size(const EVP_PKEY *pkey);
+# define EVP_PKEY_size EVP_PKEY_get_size
int EVP_PKEY_can_sign(const EVP_PKEY *pkey);
int EVP_PKEY_set_type(EVP_PKEY *pkey, int type);
int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len);
int EVP_PKEY_set_type_by_keymgmt(EVP_PKEY *pkey, EVP_KEYMGMT *keymgmt);
-int EVP_PKEY_set_alias_type(EVP_PKEY *pkey, int type);
-# ifndef OPENSSL_NO_ENGINE
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# ifndef OPENSSL_NO_ENGINE
+OSSL_DEPRECATEDIN_3_0
int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *e);
+OSSL_DEPRECATEDIN_3_0
ENGINE *EVP_PKEY_get0_engine(const EVP_PKEY *pkey);
-# endif
+# endif
+OSSL_DEPRECATEDIN_3_0
int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key);
+OSSL_DEPRECATEDIN_3_0
void *EVP_PKEY_get0(const EVP_PKEY *pkey);
+OSSL_DEPRECATEDIN_3_0
const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len);
-# ifndef OPENSSL_NO_POLY1305
+# ifndef OPENSSL_NO_POLY1305
+OSSL_DEPRECATEDIN_3_0
const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len);
-# endif
-# ifndef OPENSSL_NO_SIPHASH
+# endif
+# ifndef OPENSSL_NO_SIPHASH
+OSSL_DEPRECATEDIN_3_0
const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len);
-# endif
+# endif
-# ifndef OPENSSL_NO_RSA
struct rsa_st;
+OSSL_DEPRECATEDIN_3_0
int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, struct rsa_st *key);
-struct rsa_st *EVP_PKEY_get0_RSA(const EVP_PKEY *pkey);
+OSSL_DEPRECATEDIN_3_0
+const struct rsa_st *EVP_PKEY_get0_RSA(const EVP_PKEY *pkey);
+OSSL_DEPRECATEDIN_3_0
struct rsa_st *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
-# endif
-# ifndef OPENSSL_NO_DSA
+
+# ifndef OPENSSL_NO_DSA
struct dsa_st;
+OSSL_DEPRECATEDIN_3_0
int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, struct dsa_st *key);
-struct dsa_st *EVP_PKEY_get0_DSA(const EVP_PKEY *pkey);
+OSSL_DEPRECATEDIN_3_0
+const struct dsa_st *EVP_PKEY_get0_DSA(const EVP_PKEY *pkey);
+OSSL_DEPRECATEDIN_3_0
struct dsa_st *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
-# endif
-# ifndef OPENSSL_NO_DH
+# endif
+
+# ifndef OPENSSL_NO_DH
struct dh_st;
-int EVP_PKEY_set1_DH(EVP_PKEY *pkey, struct dh_st *key);
-struct dh_st *EVP_PKEY_get0_DH(const EVP_PKEY *pkey);
-struct dh_st *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
-# endif
-# ifndef OPENSSL_NO_EC
+OSSL_DEPRECATEDIN_3_0 int EVP_PKEY_set1_DH(EVP_PKEY *pkey, struct dh_st *key);
+OSSL_DEPRECATEDIN_3_0 const struct dh_st *EVP_PKEY_get0_DH(const EVP_PKEY *pkey);
+OSSL_DEPRECATEDIN_3_0 struct dh_st *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
+# endif
+
+# ifndef OPENSSL_NO_EC
struct ec_key_st;
+OSSL_DEPRECATEDIN_3_0
int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, struct ec_key_st *key);
-struct ec_key_st *EVP_PKEY_get0_EC_KEY(const EVP_PKEY *pkey);
+OSSL_DEPRECATEDIN_3_0
+const struct ec_key_st *EVP_PKEY_get0_EC_KEY(const EVP_PKEY *pkey);
+OSSL_DEPRECATEDIN_3_0
struct ec_key_st *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
-# endif
+# endif
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
EVP_PKEY *EVP_PKEY_new(void);
int EVP_PKEY_up_ref(EVP_PKEY *pkey);
+EVP_PKEY *EVP_PKEY_dup(EVP_PKEY *pkey);
void EVP_PKEY_free(EVP_PKEY *pkey);
+const char *EVP_PKEY_get0_description(const EVP_PKEY *pkey);
+const OSSL_PROVIDER *EVP_PKEY_get0_provider(const EVP_PKEY *key);
EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
long length);
@@ -1193,11 +1388,12 @@ int i2d_PublicKey(const EVP_PKEY *a, unsigned char **pp);
EVP_PKEY *d2i_PrivateKey_ex(int type, EVP_PKEY **a, const unsigned char **pp,
- long length, OPENSSL_CTX *libctx, const char *propq);
+ long length, OSSL_LIB_CTX *libctx,
+ const char *propq);
EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
long length);
EVP_PKEY *d2i_AutoPrivateKey_ex(EVP_PKEY **a, const unsigned char **pp,
- long length, OPENSSL_CTX *libctx,
+ long length, OSSL_LIB_CTX *libctx,
const char *propq);
EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
long length);
@@ -1212,15 +1408,15 @@ EVP_PKEY *d2i_KeyParams_bio(int type, EVP_PKEY **a, BIO *in);
int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from);
int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey);
int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode);
-#ifndef OPENSSL_NO_DEPRECATED_3_0
-int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b);
-#endif
int EVP_PKEY_parameters_eq(const EVP_PKEY *a, const EVP_PKEY *b);
+int EVP_PKEY_eq(const EVP_PKEY *a, const EVP_PKEY *b);
-#ifndef OPENSSL_NO_DEPRECATED_3_0
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0
+int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b);
+OSSL_DEPRECATEDIN_3_0
int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b);
-#endif
-int EVP_PKEY_eq(const EVP_PKEY *a, const EVP_PKEY *b);
+# endif
int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey,
int indent, ASN1_PCTX *pctx);
@@ -1228,17 +1424,43 @@ int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
int indent, ASN1_PCTX *pctx);
int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
int indent, ASN1_PCTX *pctx);
+# ifndef OPENSSL_NO_STDIO
+int EVP_PKEY_print_public_fp(FILE *fp, const EVP_PKEY *pkey,
+ int indent, ASN1_PCTX *pctx);
+int EVP_PKEY_print_private_fp(FILE *fp, const EVP_PKEY *pkey,
+ int indent, ASN1_PCTX *pctx);
+int EVP_PKEY_print_params_fp(FILE *fp, const EVP_PKEY *pkey,
+ int indent, ASN1_PCTX *pctx);
+# endif
int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid);
int EVP_PKEY_get_default_digest_name(EVP_PKEY *pkey,
char *mdname, size_t mdname_sz);
-int EVP_PKEY_supports_digest_nid(EVP_PKEY *pkey, int nid);
+int EVP_PKEY_digestsign_supports_digest(EVP_PKEY *pkey, OSSL_LIB_CTX *libctx,
+ const char *name, const char *propq);
-int EVP_PKEY_set1_tls_encodedpoint(EVP_PKEY *pkey,
- const unsigned char *pt, size_t ptlen);
-size_t EVP_PKEY_get1_tls_encodedpoint(EVP_PKEY *pkey, unsigned char **ppt);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+/*
+ * For backwards compatibility. Use EVP_PKEY_set1_encoded_public_key in
+ * preference
+ */
+# define EVP_PKEY_set1_tls_encodedpoint(pkey, pt, ptlen) \
+ EVP_PKEY_set1_encoded_public_key((pkey), (pt), (ptlen))
+# endif
-int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+int EVP_PKEY_set1_encoded_public_key(EVP_PKEY *pkey,
+ const unsigned char *pub, size_t publen);
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+/*
+ * For backwards compatibility. Use EVP_PKEY_get1_encoded_public_key in
+ * preference
+ */
+# define EVP_PKEY_get1_tls_encodedpoint(pkey, ppt) \
+ EVP_PKEY_get1_encoded_public_key((pkey), (ppt))
+# endif
+
+size_t EVP_PKEY_get1_encoded_public_key(EVP_PKEY *pkey, unsigned char **ppub);
/* calls methods */
int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
@@ -1252,6 +1474,10 @@ int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
ASN1_TYPE *param, const EVP_CIPHER *cipher,
const EVP_MD *md, int en_de);
+int PKCS5_PBE_keyivgen_ex(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
+ ASN1_TYPE *param, const EVP_CIPHER *cipher,
+ const EVP_MD *md, int en_de, OSSL_LIB_CTX *libctx,
+ const char *propq);
int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
const unsigned char *salt, int saltlen, int iter,
int keylen, unsigned char *out);
@@ -1261,16 +1487,29 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
ASN1_TYPE *param, const EVP_CIPHER *cipher,
const EVP_MD *md, int en_de);
+int PKCS5_v2_PBE_keyivgen_ex(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
+ ASN1_TYPE *param, const EVP_CIPHER *cipher,
+ const EVP_MD *md, int en_de,
+ OSSL_LIB_CTX *libctx, const char *propq);
#ifndef OPENSSL_NO_SCRYPT
int EVP_PBE_scrypt(const char *pass, size_t passlen,
const unsigned char *salt, size_t saltlen,
uint64_t N, uint64_t r, uint64_t p, uint64_t maxmem,
unsigned char *key, size_t keylen);
+int EVP_PBE_scrypt_ex(const char *pass, size_t passlen,
+ const unsigned char *salt, size_t saltlen,
+ uint64_t N, uint64_t r, uint64_t p, uint64_t maxmem,
+ unsigned char *key, size_t keylen,
+ OSSL_LIB_CTX *ctx, const char *propq);
int PKCS5_v2_scrypt_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass,
int passlen, ASN1_TYPE *param,
const EVP_CIPHER *c, const EVP_MD *md, int en_de);
+int PKCS5_v2_scrypt_keyivgen_ex(EVP_CIPHER_CTX *ctx, const char *pass,
+ int passlen, ASN1_TYPE *param,
+ const EVP_CIPHER *c, const EVP_MD *md, int en_de,
+ OSSL_LIB_CTX *libctx, const char *propq);
#endif
void PKCS5_PBE_add(void);
@@ -1278,6 +1517,10 @@ void PKCS5_PBE_add(void);
int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de);
+int EVP_PBE_CipherInit_ex(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
+ ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de,
+ OSSL_LIB_CTX *libctx, const char *propq);
+
/* PBE type */
/* Can appear as the outermost AlgorithmIdentifier */
@@ -1293,6 +1536,8 @@ int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
EVP_PBE_KEYGEN *keygen);
int EVP_PBE_find(int type, int pbe_nid, int *pcnid, int *pmnid,
EVP_PBE_KEYGEN **pkeygen);
+int EVP_PBE_find_ex(int type, int pbe_nid, int *pcnid, int *pmnid,
+ EVP_PBE_KEYGEN **pkeygen, EVP_PBE_KEYGEN_EX **pkeygen_ex);
void EVP_PBE_cleanup(void);
int EVP_PBE_get(int *ptype, int *ppbe_nid, size_t num);
@@ -1309,8 +1554,7 @@ int EVP_PBE_get(int *ptype, int *ppbe_nid, size_t num);
# define ASN1_PKEY_CTRL_SET1_TLS_ENCPT 0x9
# define ASN1_PKEY_CTRL_GET1_TLS_ENCPT 0xa
-# define ASN1_PKEY_CTRL_SUPPORTS_MD_NID 0xb
-# define ASN1_PKEY_CTRL_CMS_IS_RI_TYPE_SUPPORTED 0xc
+# define ASN1_PKEY_CTRL_CMS_IS_RI_TYPE_SUPPORTED 0xb
int EVP_PKEY_asn1_get_count(void);
const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx);
@@ -1377,13 +1621,13 @@ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth,
int (*item_verify) (EVP_MD_CTX *ctx,
const ASN1_ITEM *it,
- void *asn,
- X509_ALGOR *a,
- ASN1_BIT_STRING *sig,
+ const void *data,
+ const X509_ALGOR *a,
+ const ASN1_BIT_STRING *sig,
EVP_PKEY *pkey),
int (*item_sign) (EVP_MD_CTX *ctx,
const ASN1_ITEM *it,
- void *asn,
+ const void *data,
X509_ALGOR *alg1,
X509_ALGOR *alg2,
ASN1_BIT_STRING *sig));
@@ -1427,19 +1671,28 @@ void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth,
int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **md);
int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, const void *id, int len);
+int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
+int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);
+
+int EVP_PKEY_CTX_set_kem_op(EVP_PKEY_CTX *ctx, const char *op);
+
+const char *EVP_PKEY_get0_type_name(const EVP_PKEY *key);
+
# define EVP_PKEY_OP_UNDEFINED 0
# define EVP_PKEY_OP_PARAMGEN (1<<1)
# define EVP_PKEY_OP_KEYGEN (1<<2)
-# define EVP_PKEY_OP_PARAMFROMDATA (1<<3)
-# define EVP_PKEY_OP_KEYFROMDATA (1<<4)
-# define EVP_PKEY_OP_SIGN (1<<5)
-# define EVP_PKEY_OP_VERIFY (1<<6)
-# define EVP_PKEY_OP_VERIFYRECOVER (1<<7)
-# define EVP_PKEY_OP_SIGNCTX (1<<8)
-# define EVP_PKEY_OP_VERIFYCTX (1<<9)
-# define EVP_PKEY_OP_ENCRYPT (1<<10)
-# define EVP_PKEY_OP_DECRYPT (1<<11)
-# define EVP_PKEY_OP_DERIVE (1<<12)
+# define EVP_PKEY_OP_FROMDATA (1<<3)
+# define EVP_PKEY_OP_SIGN (1<<4)
+# define EVP_PKEY_OP_VERIFY (1<<5)
+# define EVP_PKEY_OP_VERIFYRECOVER (1<<6)
+# define EVP_PKEY_OP_SIGNCTX (1<<7)
+# define EVP_PKEY_OP_VERIFYCTX (1<<8)
+# define EVP_PKEY_OP_ENCRYPT (1<<9)
+# define EVP_PKEY_OP_DECRYPT (1<<10)
+# define EVP_PKEY_OP_DERIVE (1<<11)
+# define EVP_PKEY_OP_ENCAPSULATE (1<<12)
+# define EVP_PKEY_OP_DECAPSULATE (1<<13)
# define EVP_PKEY_OP_TYPE_SIG \
(EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY | EVP_PKEY_OP_VERIFYRECOVER \
@@ -1454,37 +1707,30 @@ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
# define EVP_PKEY_OP_TYPE_GEN \
(EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN)
-# define EVP_PKEY_OP_TYPE_FROMDATA \
- (EVP_PKEY_OP_PARAMFROMDATA | EVP_PKEY_OP_KEYFROMDATA)
-# define EVP_PKEY_CTX_set_mac_key(ctx, key, len) \
- EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_KEYGEN, \
- EVP_PKEY_CTRL_SET_MAC_KEY, len, (void *)(key))
+int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, const unsigned char *key,
+ int keylen);
# define EVP_PKEY_CTRL_MD 1
# define EVP_PKEY_CTRL_PEER_KEY 2
-
-# define EVP_PKEY_CTRL_PKCS7_ENCRYPT 3
-# define EVP_PKEY_CTRL_PKCS7_DECRYPT 4
-
-# define EVP_PKEY_CTRL_PKCS7_SIGN 5
-
# define EVP_PKEY_CTRL_SET_MAC_KEY 6
-
# define EVP_PKEY_CTRL_DIGESTINIT 7
-
/* Used by GOST key encryption in TLS */
# define EVP_PKEY_CTRL_SET_IV 8
-
-# define EVP_PKEY_CTRL_CMS_ENCRYPT 9
-# define EVP_PKEY_CTRL_CMS_DECRYPT 10
-# define EVP_PKEY_CTRL_CMS_SIGN 11
-
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define EVP_PKEY_CTRL_PKCS7_ENCRYPT 3
+# define EVP_PKEY_CTRL_PKCS7_DECRYPT 4
+# define EVP_PKEY_CTRL_PKCS7_SIGN 5
+# define EVP_PKEY_CTRL_CMS_ENCRYPT 9
+# define EVP_PKEY_CTRL_CMS_DECRYPT 10
+# define EVP_PKEY_CTRL_CMS_SIGN 11
+# endif
# define EVP_PKEY_CTRL_CIPHER 12
-
# define EVP_PKEY_CTRL_GET_MD 13
-
# define EVP_PKEY_CTRL_SET_DIGEST_SIZE 14
+# define EVP_PKEY_CTRL_SET1_ID 15
+# define EVP_PKEY_CTRL_GET1_ID 16
+# define EVP_PKEY_CTRL_GET1_ID_LEN 17
# define EVP_PKEY_ALG_CTRL 0x1000
@@ -1493,46 +1739,53 @@ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
* Method handles all operations: don't assume any digest related defaults.
*/
# define EVP_PKEY_FLAG_SIGCTX_CUSTOM 4
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+OSSL_DEPRECATEDIN_3_0 EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags,
+ const EVP_PKEY_METHOD *meth);
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst,
+ const EVP_PKEY_METHOD *src);
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+OSSL_DEPRECATEDIN_3_0 int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+OSSL_DEPRECATEDIN_3_0 int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
+OSSL_DEPRECATEDIN_3_0 size_t EVP_PKEY_meth_get_count(void);
+OSSL_DEPRECATEDIN_3_0 const EVP_PKEY_METHOD *EVP_PKEY_meth_get0(size_t idx);
+# endif
-const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
-EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
-void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags,
- const EVP_PKEY_METHOD *meth);
-void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
-void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
-int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
-int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
-size_t EVP_PKEY_meth_get_count(void);
-const EVP_PKEY_METHOD *EVP_PKEY_meth_get0(size_t idx);
-
-EVP_KEYMGMT *EVP_KEYMGMT_fetch(OPENSSL_CTX *ctx, const char *algorithm,
+EVP_KEYMGMT *EVP_KEYMGMT_fetch(OSSL_LIB_CTX *ctx, const char *algorithm,
const char *properties);
int EVP_KEYMGMT_up_ref(EVP_KEYMGMT *keymgmt);
void EVP_KEYMGMT_free(EVP_KEYMGMT *keymgmt);
-const OSSL_PROVIDER *EVP_KEYMGMT_provider(const EVP_KEYMGMT *keymgmt);
-int EVP_KEYMGMT_number(const EVP_KEYMGMT *keymgmt);
+const OSSL_PROVIDER *EVP_KEYMGMT_get0_provider(const EVP_KEYMGMT *keymgmt);
+const char *EVP_KEYMGMT_get0_name(const EVP_KEYMGMT *keymgmt);
+const char *EVP_KEYMGMT_get0_description(const EVP_KEYMGMT *keymgmt);
int EVP_KEYMGMT_is_a(const EVP_KEYMGMT *keymgmt, const char *name);
-void EVP_KEYMGMT_do_all_provided(OPENSSL_CTX *libctx,
+void EVP_KEYMGMT_do_all_provided(OSSL_LIB_CTX *libctx,
void (*fn)(EVP_KEYMGMT *keymgmt, void *arg),
void *arg);
-void EVP_KEYMGMT_names_do_all(const EVP_KEYMGMT *keymgmt,
- void (*fn)(const char *name, void *data),
- void *data);
+int EVP_KEYMGMT_names_do_all(const EVP_KEYMGMT *keymgmt,
+ void (*fn)(const char *name, void *data),
+ void *data);
+const OSSL_PARAM *EVP_KEYMGMT_gettable_params(const EVP_KEYMGMT *keymgmt);
+const OSSL_PARAM *EVP_KEYMGMT_settable_params(const EVP_KEYMGMT *keymgmt);
+const OSSL_PARAM *EVP_KEYMGMT_gen_settable_params(const EVP_KEYMGMT *keymgmt);
EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
-EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_name(OPENSSL_CTX *libctx,
+EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_name(OSSL_LIB_CTX *libctx,
const char *name,
const char *propquery);
-EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_pkey(OPENSSL_CTX *libctx,
+EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_pkey(OSSL_LIB_CTX *libctx,
EVP_PKEY *pkey, const char *propquery);
EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *ctx);
void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_CTX_is_a(EVP_PKEY_CTX *ctx, const char *keytype);
int EVP_PKEY_CTX_get_params(EVP_PKEY_CTX *ctx, OSSL_PARAM *params);
-const OSSL_PARAM *EVP_PKEY_CTX_gettable_params(EVP_PKEY_CTX *ctx);
-int EVP_PKEY_CTX_set_params(EVP_PKEY_CTX *ctx, OSSL_PARAM *params);
-const OSSL_PARAM *EVP_PKEY_CTX_settable_params(EVP_PKEY_CTX *ctx);
+const OSSL_PARAM *EVP_PKEY_CTX_gettable_params(const EVP_PKEY_CTX *ctx);
+int EVP_PKEY_CTX_set_params(EVP_PKEY_CTX *ctx, const OSSL_PARAM *params);
+const OSSL_PARAM *EVP_PKEY_CTX_settable_params(const EVP_PKEY_CTX *ctx);
int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
int cmd, int p1, void *p2);
int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
@@ -1550,19 +1803,16 @@ void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen);
EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e,
const unsigned char *key, int keylen);
-EVP_PKEY *EVP_PKEY_new_raw_private_key_with_libctx(OPENSSL_CTX *libctx,
- const char *keytype,
- const char *propq,
- const unsigned char *priv,
- size_t len);
+EVP_PKEY *EVP_PKEY_new_raw_private_key_ex(OSSL_LIB_CTX *libctx,
+ const char *keytype,
+ const char *propq,
+ const unsigned char *priv, size_t len);
EVP_PKEY *EVP_PKEY_new_raw_private_key(int type, ENGINE *e,
const unsigned char *priv,
size_t len);
-EVP_PKEY *EVP_PKEY_new_raw_public_key_with_libctx(OPENSSL_CTX *libctx,
- const char *keytype,
- const char *propq,
- const unsigned char *pub,
- size_t len);
+EVP_PKEY *EVP_PKEY_new_raw_public_key_ex(OSSL_LIB_CTX *libctx,
+ const char *keytype, const char *propq,
+ const unsigned char *pub, size_t len);
EVP_PKEY *EVP_PKEY_new_raw_public_key(int type, ENGINE *e,
const unsigned char *pub,
size_t len);
@@ -1571,8 +1821,11 @@ int EVP_PKEY_get_raw_private_key(const EVP_PKEY *pkey, unsigned char *priv,
int EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey, unsigned char *pub,
size_t *len);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0
EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv,
size_t len, const EVP_CIPHER *cipher);
+# endif
void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data);
void *EVP_PKEY_CTX_get_data(const EVP_PKEY_CTX *ctx);
@@ -1585,84 +1838,149 @@ void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx);
void EVP_SIGNATURE_free(EVP_SIGNATURE *signature);
int EVP_SIGNATURE_up_ref(EVP_SIGNATURE *signature);
-OSSL_PROVIDER *EVP_SIGNATURE_provider(const EVP_SIGNATURE *signature);
-EVP_SIGNATURE *EVP_SIGNATURE_fetch(OPENSSL_CTX *ctx, const char *algorithm,
+OSSL_PROVIDER *EVP_SIGNATURE_get0_provider(const EVP_SIGNATURE *signature);
+EVP_SIGNATURE *EVP_SIGNATURE_fetch(OSSL_LIB_CTX *ctx, const char *algorithm,
const char *properties);
int EVP_SIGNATURE_is_a(const EVP_SIGNATURE *signature, const char *name);
-int EVP_SIGNATURE_number(const EVP_SIGNATURE *signature);
-void EVP_SIGNATURE_do_all_provided(OPENSSL_CTX *libctx,
+const char *EVP_SIGNATURE_get0_name(const EVP_SIGNATURE *signature);
+const char *EVP_SIGNATURE_get0_description(const EVP_SIGNATURE *signature);
+void EVP_SIGNATURE_do_all_provided(OSSL_LIB_CTX *libctx,
void (*fn)(EVP_SIGNATURE *signature,
void *data),
void *data);
-void EVP_SIGNATURE_names_do_all(const EVP_SIGNATURE *signature,
- void (*fn)(const char *name, void *data),
- void *data);
+int EVP_SIGNATURE_names_do_all(const EVP_SIGNATURE *signature,
+ void (*fn)(const char *name, void *data),
+ void *data);
+const OSSL_PARAM *EVP_SIGNATURE_gettable_ctx_params(const EVP_SIGNATURE *sig);
+const OSSL_PARAM *EVP_SIGNATURE_settable_ctx_params(const EVP_SIGNATURE *sig);
void EVP_ASYM_CIPHER_free(EVP_ASYM_CIPHER *cipher);
int EVP_ASYM_CIPHER_up_ref(EVP_ASYM_CIPHER *cipher);
-OSSL_PROVIDER *EVP_ASYM_CIPHER_provider(const EVP_ASYM_CIPHER *cipher);
-EVP_ASYM_CIPHER *EVP_ASYM_CIPHER_fetch(OPENSSL_CTX *ctx, const char *algorithm,
+OSSL_PROVIDER *EVP_ASYM_CIPHER_get0_provider(const EVP_ASYM_CIPHER *cipher);
+EVP_ASYM_CIPHER *EVP_ASYM_CIPHER_fetch(OSSL_LIB_CTX *ctx, const char *algorithm,
const char *properties);
int EVP_ASYM_CIPHER_is_a(const EVP_ASYM_CIPHER *cipher, const char *name);
-int EVP_ASYM_CIPHER_number(const EVP_ASYM_CIPHER *cipher);
-void EVP_ASYM_CIPHER_do_all_provided(OPENSSL_CTX *libctx,
+const char *EVP_ASYM_CIPHER_get0_name(const EVP_ASYM_CIPHER *cipher);
+const char *EVP_ASYM_CIPHER_get0_description(const EVP_ASYM_CIPHER *cipher);
+void EVP_ASYM_CIPHER_do_all_provided(OSSL_LIB_CTX *libctx,
void (*fn)(EVP_ASYM_CIPHER *cipher,
void *arg),
void *arg);
-void EVP_ASYM_CIPHER_names_do_all(const EVP_ASYM_CIPHER *cipher,
- void (*fn)(const char *name, void *data),
- void *data);
+int EVP_ASYM_CIPHER_names_do_all(const EVP_ASYM_CIPHER *cipher,
+ void (*fn)(const char *name, void *data),
+ void *data);
+const OSSL_PARAM *EVP_ASYM_CIPHER_gettable_ctx_params(const EVP_ASYM_CIPHER *ciph);
+const OSSL_PARAM *EVP_ASYM_CIPHER_settable_ctx_params(const EVP_ASYM_CIPHER *ciph);
+
+void EVP_KEM_free(EVP_KEM *wrap);
+int EVP_KEM_up_ref(EVP_KEM *wrap);
+OSSL_PROVIDER *EVP_KEM_get0_provider(const EVP_KEM *wrap);
+EVP_KEM *EVP_KEM_fetch(OSSL_LIB_CTX *ctx, const char *algorithm,
+ const char *properties);
+int EVP_KEM_is_a(const EVP_KEM *wrap, const char *name);
+const char *EVP_KEM_get0_name(const EVP_KEM *wrap);
+const char *EVP_KEM_get0_description(const EVP_KEM *wrap);
+void EVP_KEM_do_all_provided(OSSL_LIB_CTX *libctx,
+ void (*fn)(EVP_KEM *wrap, void *arg), void *arg);
+int EVP_KEM_names_do_all(const EVP_KEM *wrap,
+ void (*fn)(const char *name, void *data), void *data);
+const OSSL_PARAM *EVP_KEM_gettable_ctx_params(const EVP_KEM *kem);
+const OSSL_PARAM *EVP_KEM_settable_ctx_params(const EVP_KEM *kem);
int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_sign_init_ex(EVP_PKEY_CTX *ctx, const OSSL_PARAM params[]);
int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
unsigned char *sig, size_t *siglen,
const unsigned char *tbs, size_t tbslen);
int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_verify_init_ex(EVP_PKEY_CTX *ctx, const OSSL_PARAM params[]);
int EVP_PKEY_verify(EVP_PKEY_CTX *ctx,
const unsigned char *sig, size_t siglen,
const unsigned char *tbs, size_t tbslen);
int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_verify_recover_init_ex(EVP_PKEY_CTX *ctx,
+ const OSSL_PARAM params[]);
int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx,
unsigned char *rout, size_t *routlen,
const unsigned char *sig, size_t siglen);
int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_encrypt_init_ex(EVP_PKEY_CTX *ctx, const OSSL_PARAM params[]);
int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen);
int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_decrypt_init_ex(EVP_PKEY_CTX *ctx, const OSSL_PARAM params[]);
int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen);
int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_derive_init_ex(EVP_PKEY_CTX *ctx, const OSSL_PARAM params[]);
+int EVP_PKEY_derive_set_peer_ex(EVP_PKEY_CTX *ctx, EVP_PKEY *peer,
+ int validate_peer);
int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer);
int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
+int EVP_PKEY_encapsulate_init(EVP_PKEY_CTX *ctx, const OSSL_PARAM params[]);
+int EVP_PKEY_encapsulate(EVP_PKEY_CTX *ctx,
+ unsigned char *wrappedkey, size_t *wrappedkeylen,
+ unsigned char *genkey, size_t *genkeylen);
+int EVP_PKEY_decapsulate_init(EVP_PKEY_CTX *ctx, const OSSL_PARAM params[]);
+int EVP_PKEY_decapsulate(EVP_PKEY_CTX *ctx,
+ unsigned char *unwrapped, size_t *unwrappedlen,
+ const unsigned char *wrapped, size_t wrappedlen);
+
typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx);
-int EVP_PKEY_param_fromdata_init(EVP_PKEY_CTX *ctx);
-int EVP_PKEY_key_fromdata_init(EVP_PKEY_CTX *ctx);
-int EVP_PKEY_fromdata(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey, OSSL_PARAM param[]);
-const OSSL_PARAM *EVP_PKEY_param_fromdata_settable(EVP_PKEY_CTX *ctx);
-const OSSL_PARAM *EVP_PKEY_key_fromdata_settable(EVP_PKEY_CTX *ctx);
-const OSSL_PARAM *EVP_PKEY_gettable_params(EVP_PKEY *pkey);
-int EVP_PKEY_get_int_param(EVP_PKEY *pkey, const char *key_name, int *out);
-int EVP_PKEY_get_size_t_param(EVP_PKEY *pkey, const char *key_name, size_t *out);
-int EVP_PKEY_get_bn_param(EVP_PKEY *pkey, const char *key_name, BIGNUM **bn);
-int EVP_PKEY_get_utf8_string_param(EVP_PKEY *pkey, const char *key_name,
+int EVP_PKEY_fromdata_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_fromdata(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey, int selection,
+ OSSL_PARAM param[]);
+const OSSL_PARAM *EVP_PKEY_fromdata_settable(EVP_PKEY_CTX *ctx, int selection);
+
+int EVP_PKEY_todata(const EVP_PKEY *pkey, int selection, OSSL_PARAM **params);
+int EVP_PKEY_export(const EVP_PKEY *pkey, int selection,
+ OSSL_CALLBACK *export_cb, void *export_cbarg);
+
+const OSSL_PARAM *EVP_PKEY_gettable_params(const EVP_PKEY *pkey);
+int EVP_PKEY_get_params(const EVP_PKEY *pkey, OSSL_PARAM params[]);
+int EVP_PKEY_get_int_param(const EVP_PKEY *pkey, const char *key_name,
+ int *out);
+int EVP_PKEY_get_size_t_param(const EVP_PKEY *pkey, const char *key_name,
+ size_t *out);
+int EVP_PKEY_get_bn_param(const EVP_PKEY *pkey, const char *key_name,
+ BIGNUM **bn);
+int EVP_PKEY_get_utf8_string_param(const EVP_PKEY *pkey, const char *key_name,
char *str, size_t max_buf_sz, size_t *out_sz);
-int EVP_PKEY_get_octet_string_param(EVP_PKEY *pkey, const char *key_name,
+int EVP_PKEY_get_octet_string_param(const EVP_PKEY *pkey, const char *key_name,
unsigned char *buf, size_t max_buf_sz,
size_t *out_sz);
+const OSSL_PARAM *EVP_PKEY_settable_params(const EVP_PKEY *pkey);
+int EVP_PKEY_set_params(EVP_PKEY *pkey, OSSL_PARAM params[]);
+int EVP_PKEY_set_int_param(EVP_PKEY *pkey, const char *key_name, int in);
+int EVP_PKEY_set_size_t_param(EVP_PKEY *pkey, const char *key_name, size_t in);
+int EVP_PKEY_set_bn_param(EVP_PKEY *pkey, const char *key_name,
+ const BIGNUM *bn);
+int EVP_PKEY_set_utf8_string_param(EVP_PKEY *pkey, const char *key_name,
+ const char *str);
+int EVP_PKEY_set_octet_string_param(EVP_PKEY *pkey, const char *key_name,
+ const unsigned char *buf, size_t bsize);
+
+int EVP_PKEY_get_ec_point_conv_form(const EVP_PKEY *pkey);
+int EVP_PKEY_get_field_type(const EVP_PKEY *pkey);
+
+EVP_PKEY *EVP_PKEY_Q_keygen(OSSL_LIB_CTX *libctx, const char *propq,
+ const char *type, ...);
int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx);
int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx);
int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
-int EVP_PKEY_gen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+int EVP_PKEY_generate(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
int EVP_PKEY_check(EVP_PKEY_CTX *ctx);
int EVP_PKEY_public_check(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_public_check_quick(EVP_PKEY_CTX *ctx);
int EVP_PKEY_param_check(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_param_check_quick(EVP_PKEY_CTX *ctx);
int EVP_PKEY_private_check(EVP_PKEY_CTX *ctx);
int EVP_PKEY_pairwise_check(EVP_PKEY_CTX *ctx);
@@ -1675,272 +1993,176 @@ void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb);
EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx);
-
-void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
- int (*init) (EVP_PKEY_CTX *ctx));
-
-void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
- int (*copy) (EVP_PKEY_CTX *dst,
- const EVP_PKEY_CTX *src));
-
-void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
- void (*cleanup) (EVP_PKEY_CTX *ctx));
-
-void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
- int (*paramgen_init) (EVP_PKEY_CTX *ctx),
- int (*paramgen) (EVP_PKEY_CTX *ctx,
- EVP_PKEY *pkey));
-
-void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
- int (*keygen_init) (EVP_PKEY_CTX *ctx),
- int (*keygen) (EVP_PKEY_CTX *ctx,
- EVP_PKEY *pkey));
-
-void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
- int (*sign_init) (EVP_PKEY_CTX *ctx),
- int (*sign) (EVP_PKEY_CTX *ctx,
- unsigned char *sig, size_t *siglen,
- const unsigned char *tbs,
- size_t tbslen));
-
-void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
- int (*verify_init) (EVP_PKEY_CTX *ctx),
- int (*verify) (EVP_PKEY_CTX *ctx,
- const unsigned char *sig,
- size_t siglen,
- const unsigned char *tbs,
- size_t tbslen));
-
-void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
- int (*verify_recover_init) (EVP_PKEY_CTX
- *ctx),
- int (*verify_recover) (EVP_PKEY_CTX
- *ctx,
- unsigned char
- *sig,
- size_t *siglen,
- const unsigned
- char *tbs,
- size_t tbslen));
-
-void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
- int (*signctx_init) (EVP_PKEY_CTX *ctx,
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+ int (*init) (EVP_PKEY_CTX *ctx));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_copy
+ (EVP_PKEY_METHOD *pmeth, int (*copy) (EVP_PKEY_CTX *dst,
+ const EVP_PKEY_CTX *src));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_cleanup
+ (EVP_PKEY_METHOD *pmeth, void (*cleanup) (EVP_PKEY_CTX *ctx));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_paramgen
+ (EVP_PKEY_METHOD *pmeth, int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+ int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_keygen
+ (EVP_PKEY_METHOD *pmeth, int (*keygen_init) (EVP_PKEY_CTX *ctx),
+ int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_sign
+ (EVP_PKEY_METHOD *pmeth, int (*sign_init) (EVP_PKEY_CTX *ctx),
+ int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+ const unsigned char *tbs, size_t tbslen));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_verify
+ (EVP_PKEY_METHOD *pmeth, int (*verify_init) (EVP_PKEY_CTX *ctx),
+ int (*verify) (EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
+ const unsigned char *tbs, size_t tbslen));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_verify_recover
+ (EVP_PKEY_METHOD *pmeth, int (*verify_recover_init) (EVP_PKEY_CTX *ctx),
+ int (*verify_recover) (EVP_PKEY_CTX *ctx, unsigned char *sig,
+ size_t *siglen, const unsigned char *tbs,
+ size_t tbslen));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_signctx
+ (EVP_PKEY_METHOD *pmeth, int (*signctx_init) (EVP_PKEY_CTX *ctx,
+ EVP_MD_CTX *mctx),
+ int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+ EVP_MD_CTX *mctx));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_verifyctx
+ (EVP_PKEY_METHOD *pmeth, int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
EVP_MD_CTX *mctx),
- int (*signctx) (EVP_PKEY_CTX *ctx,
- unsigned char *sig,
- size_t *siglen,
- EVP_MD_CTX *mctx));
-
-void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
- int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
- EVP_MD_CTX *mctx),
- int (*verifyctx) (EVP_PKEY_CTX *ctx,
- const unsigned char *sig,
- int siglen,
+ int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+ EVP_MD_CTX *mctx));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_encrypt
+ (EVP_PKEY_METHOD *pmeth, int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+ int (*encryptfn) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+ const unsigned char *in, size_t inlen));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_decrypt
+ (EVP_PKEY_METHOD *pmeth, int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+ int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+ const unsigned char *in, size_t inlen));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_derive
+ (EVP_PKEY_METHOD *pmeth, int (*derive_init) (EVP_PKEY_CTX *ctx),
+ int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_ctrl
+ (EVP_PKEY_METHOD *pmeth, int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+ void *p2),
+ int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_digestsign
+ (EVP_PKEY_METHOD *pmeth,
+ int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+ const unsigned char *tbs, size_t tbslen));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_digestverify
+ (EVP_PKEY_METHOD *pmeth,
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+ size_t siglen, const unsigned char *tbs,
+ size_t tbslen));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_check
+ (EVP_PKEY_METHOD *pmeth, int (*check) (EVP_PKEY *pkey));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_public_check
+ (EVP_PKEY_METHOD *pmeth, int (*check) (EVP_PKEY *pkey));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_param_check
+ (EVP_PKEY_METHOD *pmeth, int (*check) (EVP_PKEY *pkey));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_set_digest_custom
+ (EVP_PKEY_METHOD *pmeth, int (*digest_custom) (EVP_PKEY_CTX *ctx,
EVP_MD_CTX *mctx));
-
-void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
- int (*encrypt_init) (EVP_PKEY_CTX *ctx),
- int (*encryptfn) (EVP_PKEY_CTX *ctx,
- unsigned char *out,
- size_t *outlen,
- const unsigned char *in,
- size_t inlen));
-
-void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
- int (*decrypt_init) (EVP_PKEY_CTX *ctx),
- int (*decrypt) (EVP_PKEY_CTX *ctx,
- unsigned char *out,
- size_t *outlen,
- const unsigned char *in,
- size_t inlen));
-
-void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
- int (*derive_init) (EVP_PKEY_CTX *ctx),
- int (*derive) (EVP_PKEY_CTX *ctx,
- unsigned char *key,
- size_t *keylen));
-
-void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
- int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
- void *p2),
- int (*ctrl_str) (EVP_PKEY_CTX *ctx,
- const char *type,
- const char *value));
-
-void EVP_PKEY_meth_set_digestsign(EVP_PKEY_METHOD *pmeth,
- int (*digestsign) (EVP_MD_CTX *ctx,
- unsigned char *sig,
- size_t *siglen,
- const unsigned char *tbs,
- size_t tbslen));
-
-void EVP_PKEY_meth_set_digestverify(EVP_PKEY_METHOD *pmeth,
- int (*digestverify) (EVP_MD_CTX *ctx,
- const unsigned char *sig,
- size_t siglen,
- const unsigned char *tbs,
- size_t tbslen));
-
-void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
- int (*check) (EVP_PKEY *pkey));
-
-void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
- int (*check) (EVP_PKEY *pkey));
-
-void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
- int (*check) (EVP_PKEY *pkey));
-
-void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
- int (*digest_custom) (EVP_PKEY_CTX *ctx,
- EVP_MD_CTX *mctx));
-
-void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
- int (**pinit) (EVP_PKEY_CTX *ctx));
-
-void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
- int (**pcopy) (EVP_PKEY_CTX *dst,
- const EVP_PKEY_CTX *src));
-
-void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
- void (**pcleanup) (EVP_PKEY_CTX *ctx));
-
-void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
- int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
- int (**pparamgen) (EVP_PKEY_CTX *ctx,
- EVP_PKEY *pkey));
-
-void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
- int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
- int (**pkeygen) (EVP_PKEY_CTX *ctx,
- EVP_PKEY *pkey));
-
-void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
- int (**psign_init) (EVP_PKEY_CTX *ctx),
- int (**psign) (EVP_PKEY_CTX *ctx,
- unsigned char *sig, size_t *siglen,
- const unsigned char *tbs,
- size_t tbslen));
-
-void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
- int (**pverify_init) (EVP_PKEY_CTX *ctx),
- int (**pverify) (EVP_PKEY_CTX *ctx,
- const unsigned char *sig,
- size_t siglen,
- const unsigned char *tbs,
- size_t tbslen));
-
-void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
- int (**pverify_recover_init) (EVP_PKEY_CTX
- *ctx),
- int (**pverify_recover) (EVP_PKEY_CTX
- *ctx,
- unsigned char
- *sig,
- size_t *siglen,
- const unsigned
- char *tbs,
- size_t tbslen));
-
-void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
- int (**psignctx_init) (EVP_PKEY_CTX *ctx,
- EVP_MD_CTX *mctx),
- int (**psignctx) (EVP_PKEY_CTX *ctx,
- unsigned char *sig,
- size_t *siglen,
- EVP_MD_CTX *mctx));
-
-void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
- int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
- EVP_MD_CTX *mctx),
- int (**pverifyctx) (EVP_PKEY_CTX *ctx,
- const unsigned char *sig,
- int siglen,
- EVP_MD_CTX *mctx));
-
-void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
- int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
- int (**pencryptfn) (EVP_PKEY_CTX *ctx,
- unsigned char *out,
- size_t *outlen,
- const unsigned char *in,
- size_t inlen));
-
-void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
- int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
- int (**pdecrypt) (EVP_PKEY_CTX *ctx,
- unsigned char *out,
- size_t *outlen,
- const unsigned char *in,
- size_t inlen));
-
-void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
- int (**pderive_init) (EVP_PKEY_CTX *ctx),
- int (**pderive) (EVP_PKEY_CTX *ctx,
- unsigned char *key,
- size_t *keylen));
-
-void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
- int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
- void *p2),
- int (**pctrl_str) (EVP_PKEY_CTX *ctx,
- const char *type,
- const char *value));
-
-void EVP_PKEY_meth_get_digestsign(EVP_PKEY_METHOD *pmeth,
- int (**digestsign) (EVP_MD_CTX *ctx,
- unsigned char *sig,
- size_t *siglen,
- const unsigned char *tbs,
- size_t tbslen));
-
-void EVP_PKEY_meth_get_digestverify(EVP_PKEY_METHOD *pmeth,
- int (**digestverify) (EVP_MD_CTX *ctx,
- const unsigned char *sig,
- size_t siglen,
- const unsigned char *tbs,
- size_t tbslen));
-
-void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
- int (**pcheck) (EVP_PKEY *pkey));
-
-void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
- int (**pcheck) (EVP_PKEY *pkey));
-
-void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
- int (**pcheck) (EVP_PKEY *pkey));
-
-void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
- int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
- EVP_MD_CTX *mctx));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_init
+ (const EVP_PKEY_METHOD *pmeth, int (**pinit) (EVP_PKEY_CTX *ctx));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_copy
+ (const EVP_PKEY_METHOD *pmeth, int (**pcopy) (EVP_PKEY_CTX *dst,
+ const EVP_PKEY_CTX *src));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_cleanup
+ (const EVP_PKEY_METHOD *pmeth, void (**pcleanup) (EVP_PKEY_CTX *ctx));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_paramgen
+ (const EVP_PKEY_METHOD *pmeth, int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
+ int (**pparamgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_keygen
+ (const EVP_PKEY_METHOD *pmeth, int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
+ int (**pkeygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_sign
+ (const EVP_PKEY_METHOD *pmeth, int (**psign_init) (EVP_PKEY_CTX *ctx),
+ int (**psign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+ const unsigned char *tbs, size_t tbslen));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_verify
+ (const EVP_PKEY_METHOD *pmeth, int (**pverify_init) (EVP_PKEY_CTX *ctx),
+ int (**pverify) (EVP_PKEY_CTX *ctx, const unsigned char *sig,
+ size_t siglen, const unsigned char *tbs, size_t tbslen));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_verify_recover
+ (const EVP_PKEY_METHOD *pmeth,
+ int (**pverify_recover_init) (EVP_PKEY_CTX *ctx),
+ int (**pverify_recover) (EVP_PKEY_CTX *ctx, unsigned char *sig,
+ size_t *siglen, const unsigned char *tbs,
+ size_t tbslen));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_signctx
+ (const EVP_PKEY_METHOD *pmeth,
+ int (**psignctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
+ int (**psignctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+ EVP_MD_CTX *mctx));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_verifyctx
+ (const EVP_PKEY_METHOD *pmeth,
+ int (**pverifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
+ int (**pverifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig,
+ int siglen, EVP_MD_CTX *mctx));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_encrypt
+ (const EVP_PKEY_METHOD *pmeth, int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
+ int (**pencryptfn) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+ const unsigned char *in, size_t inlen));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_decrypt
+ (const EVP_PKEY_METHOD *pmeth, int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
+ int (**pdecrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+ const unsigned char *in, size_t inlen));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_derive
+ (const EVP_PKEY_METHOD *pmeth, int (**pderive_init) (EVP_PKEY_CTX *ctx),
+ int (**pderive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_ctrl
+ (const EVP_PKEY_METHOD *pmeth,
+ int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2),
+ int (**pctrl_str) (EVP_PKEY_CTX *ctx, const char *type,
+ const char *value));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_digestsign
+ (const EVP_PKEY_METHOD *pmeth,
+ int (**digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+ const unsigned char *tbs, size_t tbslen));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_digestverify
+ (const EVP_PKEY_METHOD *pmeth,
+ int (**digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+ size_t siglen, const unsigned char *tbs,
+ size_t tbslen));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_check
+ (const EVP_PKEY_METHOD *pmeth, int (**pcheck) (EVP_PKEY *pkey));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_public_check
+ (const EVP_PKEY_METHOD *pmeth, int (**pcheck) (EVP_PKEY *pkey));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_param_check
+ (const EVP_PKEY_METHOD *pmeth, int (**pcheck) (EVP_PKEY *pkey));
+OSSL_DEPRECATEDIN_3_0 void EVP_PKEY_meth_get_digest_custom
+ (const EVP_PKEY_METHOD *pmeth,
+ int (**pdigest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx));
+# endif
void EVP_KEYEXCH_free(EVP_KEYEXCH *exchange);
int EVP_KEYEXCH_up_ref(EVP_KEYEXCH *exchange);
-EVP_KEYEXCH *EVP_KEYEXCH_fetch(OPENSSL_CTX *ctx, const char *algorithm,
+EVP_KEYEXCH *EVP_KEYEXCH_fetch(OSSL_LIB_CTX *ctx, const char *algorithm,
const char *properties);
-OSSL_PROVIDER *EVP_KEYEXCH_provider(const EVP_KEYEXCH *exchange);
+OSSL_PROVIDER *EVP_KEYEXCH_get0_provider(const EVP_KEYEXCH *exchange);
int EVP_KEYEXCH_is_a(const EVP_KEYEXCH *keyexch, const char *name);
-int EVP_KEYEXCH_number(const EVP_KEYEXCH *keyexch);
-void EVP_KEYEXCH_do_all_provided(OPENSSL_CTX *libctx,
+const char *EVP_KEYEXCH_get0_name(const EVP_KEYEXCH *keyexch);
+const char *EVP_KEYEXCH_get0_description(const EVP_KEYEXCH *keyexch);
+void EVP_KEYEXCH_do_all_provided(OSSL_LIB_CTX *libctx,
void (*fn)(EVP_KEYEXCH *keyexch, void *data),
void *data);
-void EVP_KEYEXCH_names_do_all(const EVP_KEYEXCH *keyexch,
- void (*fn)(const char *name, void *data),
- void *data);
+int EVP_KEYEXCH_names_do_all(const EVP_KEYEXCH *keyexch,
+ void (*fn)(const char *name, void *data),
+ void *data);
+const OSSL_PARAM *EVP_KEYEXCH_gettable_ctx_params(const EVP_KEYEXCH *keyexch);
+const OSSL_PARAM *EVP_KEYEXCH_settable_ctx_params(const EVP_KEYEXCH *keyexch);
void EVP_add_alg_module(void);
-/*
- * Convenient helper functions to transfer string based controls.
- * The callback gets called with the parsed value.
- */
-int EVP_str2ctrl(int (*cb)(void *ctx, int cmd, void *buf, size_t buflen),
- void *ctx, int cmd, const char *value);
-int EVP_hex2ctrl(int (*cb)(void *ctx, int cmd, void *buf, size_t buflen),
- void *ctx, int cmd, const char *hex);
-
int EVP_PKEY_CTX_set_group_name(EVP_PKEY_CTX *ctx, const char *name);
int EVP_PKEY_CTX_get_group_name(EVP_PKEY_CTX *ctx, char *name, size_t namelen);
+int EVP_PKEY_get_group_name(const EVP_PKEY *pkey, char *name, size_t name_sz,
+ size_t *gname_len);
+
+OSSL_LIB_CTX *EVP_PKEY_CTX_get0_libctx(EVP_PKEY_CTX *ctx);
+const char *EVP_PKEY_CTX_get0_propq(const EVP_PKEY_CTX *ctx);
+const OSSL_PROVIDER *EVP_PKEY_CTX_get0_provider(const EVP_PKEY_CTX *ctx);
# ifdef __cplusplus
}
diff --git a/openssl/include/openssl/evperr.h b/openssl/include/openssl/evperr.h
index 1c3a2451..4a705fcc 100644..100755
--- a/openssl/include/openssl/evperr.h
+++ b/openssl/include/openssl/evperr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -14,146 +14,9 @@
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
+# include <openssl/cryptoerr_legacy.h>
-# ifdef __cplusplus
-extern "C"
-# endif
-int ERR_load_EVP_strings(void);
-
-/*
- * EVP function codes.
- */
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define EVP_F_AESNI_INIT_KEY 0
-# define EVP_F_AESNI_XTS_INIT_KEY 0
-# define EVP_F_AES_GCM_CTRL 0
-# define EVP_F_AES_GCM_TLS_CIPHER 0
-# define EVP_F_AES_INIT_KEY 0
-# define EVP_F_AES_OCB_CIPHER 0
-# define EVP_F_AES_T4_INIT_KEY 0
-# define EVP_F_AES_T4_XTS_INIT_KEY 0
-# define EVP_F_AES_WRAP_CIPHER 0
-# define EVP_F_AES_XTS_CIPHER 0
-# define EVP_F_AES_XTS_INIT_KEY 0
-# define EVP_F_ALG_MODULE_INIT 0
-# define EVP_F_ARIA_CCM_INIT_KEY 0
-# define EVP_F_ARIA_GCM_CTRL 0
-# define EVP_F_ARIA_GCM_INIT_KEY 0
-# define EVP_F_ARIA_INIT_KEY 0
-# define EVP_F_B64_NEW 0
-# define EVP_F_CAMELLIA_INIT_KEY 0
-# define EVP_F_CHACHA20_POLY1305_CTRL 0
-# define EVP_F_CMLL_T4_INIT_KEY 0
-# define EVP_F_DES_EDE3_WRAP_CIPHER 0
-# define EVP_F_DO_SIGVER_INIT 0
-# define EVP_F_ENC_NEW 0
-# define EVP_F_EVP_CIPHERINIT_EX 0
-# define EVP_F_EVP_CIPHER_ASN1_TO_PARAM 0
-# define EVP_F_EVP_CIPHER_CTX_COPY 0
-# define EVP_F_EVP_CIPHER_CTX_CTRL 0
-# define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 0
-# define EVP_F_EVP_CIPHER_CTX_SET_PADDING 0
-# define EVP_F_EVP_CIPHER_FROM_DISPATCH 0
-# define EVP_F_EVP_CIPHER_MODE 0
-# define EVP_F_EVP_CIPHER_PARAM_TO_ASN1 0
-# define EVP_F_EVP_DECRYPTFINAL_EX 0
-# define EVP_F_EVP_DECRYPTUPDATE 0
-# define EVP_F_EVP_DIGESTFINALXOF 0
-# define EVP_F_EVP_DIGESTFINAL_EX 0
-# define EVP_F_EVP_DIGESTINIT_EX 0
-# define EVP_F_EVP_DIGESTUPDATE 0
-# define EVP_F_EVP_ENCRYPTDECRYPTUPDATE 0
-# define EVP_F_EVP_ENCRYPTFINAL_EX 0
-# define EVP_F_EVP_ENCRYPTUPDATE 0
-# define EVP_F_EVP_KDF_CTX_DUP 0
-# define EVP_F_EVP_KDF_CTX_NEW 0
-# define EVP_F_EVP_KEYEXCH_FETCH 0
-# define EVP_F_EVP_KEYEXCH_FROM_DISPATCH 0
-# define EVP_F_EVP_MAC_CTRL 0
-# define EVP_F_EVP_MAC_CTRL_STR 0
-# define EVP_F_EVP_MAC_INIT 0
-# define EVP_F_EVP_MD_BLOCK_SIZE 0
-# define EVP_F_EVP_MD_CTX_COPY_EX 0
-# define EVP_F_EVP_MD_SIZE 0
-# define EVP_F_EVP_OPENINIT 0
-# define EVP_F_EVP_PBE_ALG_ADD 0
-# define EVP_F_EVP_PBE_ALG_ADD_TYPE 0
-# define EVP_F_EVP_PBE_CIPHERINIT 0
-# define EVP_F_EVP_PBE_SCRYPT 0
-# define EVP_F_EVP_PKCS82PKEY 0
-# define EVP_F_EVP_PKEY2PKCS8 0
-# define EVP_F_EVP_PKEY_ASN1_ADD0 0
-# define EVP_F_EVP_PKEY_CHECK 0
-# define EVP_F_EVP_PKEY_COPY_PARAMETERS 0
-# define EVP_F_EVP_PKEY_CTX_CTRL 0
-# define EVP_F_EVP_PKEY_CTX_CTRL_STR 0
-# define EVP_F_EVP_PKEY_CTX_DUP 0
-# define EVP_F_EVP_PKEY_CTX_MD 0
-# define EVP_F_EVP_PKEY_DECRYPT 0
-# define EVP_F_EVP_PKEY_DECRYPT_INIT 0
-# define EVP_F_EVP_PKEY_DECRYPT_OLD 0
-# define EVP_F_EVP_PKEY_DERIVE 0
-# define EVP_F_EVP_PKEY_DERIVE_INIT 0
-# define EVP_F_EVP_PKEY_DERIVE_INIT_EX 0
-# define EVP_F_EVP_PKEY_DERIVE_SET_PEER 0
-# define EVP_F_EVP_PKEY_ENCRYPT 0
-# define EVP_F_EVP_PKEY_ENCRYPT_INIT 0
-# define EVP_F_EVP_PKEY_ENCRYPT_OLD 0
-# define EVP_F_EVP_PKEY_GET0_DH 0
-# define EVP_F_EVP_PKEY_GET0_DSA 0
-# define EVP_F_EVP_PKEY_GET0_EC_KEY 0
-# define EVP_F_EVP_PKEY_GET0_HMAC 0
-# define EVP_F_EVP_PKEY_GET0_POLY1305 0
-# define EVP_F_EVP_PKEY_GET0_RSA 0
-# define EVP_F_EVP_PKEY_GET0_SIPHASH 0
-# define EVP_F_EVP_PKEY_GET_RAW_PRIVATE_KEY 0
-# define EVP_F_EVP_PKEY_GET_RAW_PUBLIC_KEY 0
-# define EVP_F_EVP_PKEY_KEYGEN 0
-# define EVP_F_EVP_PKEY_KEYGEN_INIT 0
-# define EVP_F_EVP_PKEY_METH_ADD0 0
-# define EVP_F_EVP_PKEY_METH_NEW 0
-# define EVP_F_EVP_PKEY_NEW 0
-# define EVP_F_EVP_PKEY_NEW_CMAC_KEY 0
-# define EVP_F_EVP_PKEY_NEW_RAW_PRIVATE_KEY 0
-# define EVP_F_EVP_PKEY_NEW_RAW_PUBLIC_KEY 0
-# define EVP_F_EVP_PKEY_PARAMGEN 0
-# define EVP_F_EVP_PKEY_PARAMGEN_INIT 0
-# define EVP_F_EVP_PKEY_PARAM_CHECK 0
-# define EVP_F_EVP_PKEY_PUBLIC_CHECK 0
-# define EVP_F_EVP_PKEY_SET1_ENGINE 0
-# define EVP_F_EVP_PKEY_SET_ALIAS_TYPE 0
-# define EVP_F_EVP_PKEY_SIGN 0
-# define EVP_F_EVP_PKEY_SIGN_INIT 0
-# define EVP_F_EVP_PKEY_VERIFY 0
-# define EVP_F_EVP_PKEY_VERIFY_INIT 0
-# define EVP_F_EVP_PKEY_VERIFY_RECOVER 0
-# define EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT 0
-# define EVP_F_EVP_SET_DEFAULT_PROPERTIES 0
-# define EVP_F_EVP_SIGNFINAL 0
-# define EVP_F_EVP_VERIFYFINAL 0
-# define EVP_F_GMAC_CTRL 0
-# define EVP_F_INT_CTX_NEW 0
-# define EVP_F_KMAC_CTRL 0
-# define EVP_F_KMAC_INIT 0
-# define EVP_F_OK_NEW 0
-# define EVP_F_PKCS5_PBE_KEYIVGEN 0
-# define EVP_F_PKCS5_V2_PBE_KEYIVGEN 0
-# define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN 0
-# define EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN 0
-# define EVP_F_PKEY_KDF_CTRL 0
-# define EVP_F_PKEY_MAC_COPY 0
-# define EVP_F_PKEY_MAC_INIT 0
-# define EVP_F_PKEY_SET_TYPE 0
-# define EVP_F_POLY1305_CTRL 0
-# define EVP_F_RC2_MAGIC_TO_METH 0
-# define EVP_F_RC5_CTRL 0
-# define EVP_F_R_32_12_16_INIT_KEY 0
-# define EVP_F_S390X_AES_GCM_CTRL 0
-# define EVP_F_S390X_AES_GCM_TLS_CIPHER 0
-# define EVP_F_SCRYPT_ALG 0
-# define EVP_F_UPDATE 0
-# endif
/*
* EVP reason codes.
@@ -164,6 +27,7 @@ int ERR_load_EVP_strings(void);
# define EVP_R_BAD_DECRYPT 100
# define EVP_R_BAD_KEY_LENGTH 195
# define EVP_R_BUFFER_TOO_SMALL 155
+# define EVP_R_CACHE_CONSTANTS_FAILED 225
# define EVP_R_CAMELLIA_KEY_SETUP_FAILED 157
# define EVP_R_CANNOT_GET_PARAMETERS 197
# define EVP_R_CANNOT_SET_PARAMETERS 198
@@ -180,17 +44,15 @@ int ERR_load_EVP_strings(void);
# define EVP_R_DIFFERENT_KEY_TYPES 101
# define EVP_R_DIFFERENT_PARAMETERS 153
# define EVP_R_ERROR_LOADING_SECTION 165
-# define EVP_R_ERROR_SETTING_FIPS_MODE 166
# define EVP_R_EXPECTING_AN_HMAC_KEY 174
# define EVP_R_EXPECTING_AN_RSA_KEY 127
# define EVP_R_EXPECTING_A_DH_KEY 128
# define EVP_R_EXPECTING_A_DSA_KEY 129
+# define EVP_R_EXPECTING_A_ECX_KEY 219
# define EVP_R_EXPECTING_A_EC_KEY 142
# define EVP_R_EXPECTING_A_POLY1305_KEY 164
# define EVP_R_EXPECTING_A_SIPHASH_KEY 175
-# define EVP_R_FETCH_FAILED 202
# define EVP_R_FINAL_ERROR 188
-# define EVP_R_FIPS_MODE_NOT_SUPPORTED 167
# define EVP_R_GENERATE_ERROR 214
# define EVP_R_GET_RAW_KEY_FAILED 182
# define EVP_R_ILLEGAL_SCRYPT_PARAMETERS 171
@@ -200,15 +62,17 @@ int ERR_load_EVP_strings(void);
# define EVP_R_INPUT_NOT_INITIALIZED 111
# define EVP_R_INVALID_CUSTOM_LENGTH 185
# define EVP_R_INVALID_DIGEST 152
-# define EVP_R_INVALID_FIPS_MODE 168
# define EVP_R_INVALID_IV_LENGTH 194
# define EVP_R_INVALID_KEY 163
# define EVP_R_INVALID_KEY_LENGTH 130
+# define EVP_R_INVALID_LENGTH 221
# define EVP_R_INVALID_NULL_ALGORITHM 218
# define EVP_R_INVALID_OPERATION 148
# define EVP_R_INVALID_PROVIDER_FUNCTIONS 193
# define EVP_R_INVALID_SALT_LENGTH 186
-# define EVP_R_KEYGEN_FAILURE 120
+# define EVP_R_INVALID_SECRET_LENGTH 223
+# define EVP_R_INVALID_SEED_LENGTH 220
+# define EVP_R_INVALID_VALUE 222
# define EVP_R_KEYMGMT_EXPORT_FAILURE 205
# define EVP_R_KEY_SETUP_FAILED 180
# define EVP_R_LOCKING_NOT_SUPPORTED 213
@@ -228,8 +92,9 @@ int ERR_load_EVP_strings(void);
# define EVP_R_NO_OPERATION_SET 149
# define EVP_R_NULL_MAC_PKEY_CTX 208
# define EVP_R_ONLY_ONESHOT_SUPPORTED 177
+# define EVP_R_OPERATION_NOT_INITIALIZED 151
# define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 150
-# define EVP_R_OPERATON_NOT_INITIALIZED 151
+# define EVP_R_OUTPUT_WOULD_OVERFLOW 202
# define EVP_R_PARAMETER_TOO_LARGE 187
# define EVP_R_PARTIALLY_OVERLAPPING 162
# define EVP_R_PBKDF2_ERROR 181
@@ -237,9 +102,10 @@ int ERR_load_EVP_strings(void);
# define EVP_R_PRIVATE_KEY_DECODE_ERROR 145
# define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146
# define EVP_R_PUBLIC_KEY_NOT_RSA 106
+# define EVP_R_SETTING_XOF_FAILED 227
# define EVP_R_SET_DEFAULT_PROPERTY_FAILURE 209
# define EVP_R_TOO_MANY_RECORDS 183
-# define EVP_R_UNABLE_TO_ENABLE_PARENT_LOCKING 212
+# define EVP_R_UNABLE_TO_ENABLE_LOCKING 212
# define EVP_R_UNABLE_TO_GET_MAXIMUM_REQUEST_SIZE 215
# define EVP_R_UNABLE_TO_GET_RANDOM_STRENGTH 216
# define EVP_R_UNABLE_TO_LOCK_CONTEXT 211
@@ -254,6 +120,7 @@ int ERR_load_EVP_strings(void);
# define EVP_R_UNSUPPORTED_KEYLENGTH 123
# define EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION 124
# define EVP_R_UNSUPPORTED_KEY_SIZE 108
+# define EVP_R_UNSUPPORTED_KEY_TYPE 224
# define EVP_R_UNSUPPORTED_NUMBER_OF_ROUNDS 135
# define EVP_R_UNSUPPORTED_PRF 125
# define EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM 118
diff --git a/openssl/include/openssl/fips_names.h b/openssl/include/openssl/fips_names.h
index 09c6771e..f5499ca4 100644..100755
--- a/openssl/include/openssl/fips_names.h
+++ b/openssl/include/openssl/fips_names.h
@@ -1,5 +1,5 @@
/*
- * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -9,6 +9,7 @@
#ifndef OPENSSL_FIPS_NAMES_H
# define OPENSSL_FIPS_NAMES_H
+# pragma once
# ifdef __cplusplus
extern "C" {
@@ -39,6 +40,19 @@ extern "C" {
*/
# define OSSL_PROV_FIPS_PARAM_INSTALL_STATUS "install-status"
+/*
+ * A boolean that determines if the FIPS conditional test errors result in
+ * the module entering an error state.
+ * Type: OSSL_PARAM_UTF8_STRING
+ */
+# define OSSL_PROV_FIPS_PARAM_CONDITIONAL_ERRORS "conditional-errors"
+
+/*
+ * A boolean that determines if the runtime FIPS security checks are performed.
+ * Type: OSSL_PARAM_UTF8_STRING
+ */
+# define OSSL_PROV_FIPS_PARAM_SECURITY_CHECKS "security-checks"
+
# ifdef __cplusplus
}
# endif
diff --git a/openssl/include/openssl/fipskey.h b/openssl/include/openssl/fipskey.h
new file mode 100755
index 00000000..411a69ac
--- /dev/null
+++ b/openssl/include/openssl/fipskey.h
@@ -0,0 +1,36 @@
+/*
+ * WARNING: do not edit!
+ * Generated by makefile from include\openssl\fipskey.h.in
+ *
+ * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_FIPSKEY_H
+# define OPENSSL_FIPSKEY_H
+# pragma once
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+/*
+ * The FIPS validation HMAC key, usable as an array initializer.
+ */
+#define FIPS_KEY_ELEMENTS \
+ 0xf4, 0x55, 0x66, 0x50, 0xac, 0x31, 0xd3, 0x54, 0x61, 0x61, 0x0b, 0xac, 0x4e, 0xd8, 0x1b, 0x1a, 0x18, 0x1b, 0x2d, 0x8a, 0x43, 0xea, 0x28, 0x54, 0xcb, 0xae, 0x22, 0xca, 0x74, 0x56, 0x08, 0x13
+
+/*
+ * The FIPS validation key, as a string.
+ */
+#define FIPS_KEY_STRING "f4556650ac31d35461610bac4ed81b1a181b2d8a43ea2854cbae22ca74560813"
+
+# ifdef __cplusplus
+}
+# endif
+
+#endif
diff --git a/openssl/include/openssl/hmac.h b/openssl/include/openssl/hmac.h
index 71272a9a..fb82ffc0 100644..100755
--- a/openssl/include/openssl/hmac.h
+++ b/openssl/include/openssl/hmac.h
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -21,35 +21,39 @@
# include <openssl/evp.h>
# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define HMAC_MAX_MD_CBLOCK 128 /* Deprecated */
+# define HMAC_MAX_MD_CBLOCK 200 /* Deprecated */
# endif
# ifdef __cplusplus
extern "C" {
# endif
-DEPRECATEDIN_3_0(size_t HMAC_size(const HMAC_CTX *e))
-DEPRECATEDIN_3_0(HMAC_CTX *HMAC_CTX_new(void))
-DEPRECATEDIN_3_0(int HMAC_CTX_reset(HMAC_CTX *ctx))
-DEPRECATEDIN_3_0(void HMAC_CTX_free(HMAC_CTX *ctx))
-
-DEPRECATEDIN_1_1_0(__owur int HMAC_Init(HMAC_CTX *ctx, const void *key, int len,
- const EVP_MD *md))
-
-DEPRECATEDIN_3_0(int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
- const EVP_MD *md, ENGINE *impl))
-DEPRECATEDIN_3_0(int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data,
- size_t len))
-DEPRECATEDIN_3_0(int HMAC_Final(HMAC_CTX *ctx, unsigned char *md,
- unsigned int *len))
-DEPRECATEDIN_3_0(unsigned char *HMAC(const EVP_MD *evp_md, const void *key,
- int key_len, const unsigned char *d,
- size_t n, unsigned char *md,
- unsigned int *md_len))
-DEPRECATEDIN_3_0(__owur int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx))
-
-DEPRECATEDIN_3_0(void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags))
-DEPRECATEDIN_3_0(const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx))
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 size_t HMAC_size(const HMAC_CTX *e);
+OSSL_DEPRECATEDIN_3_0 HMAC_CTX *HMAC_CTX_new(void);
+OSSL_DEPRECATEDIN_3_0 int HMAC_CTX_reset(HMAC_CTX *ctx);
+OSSL_DEPRECATEDIN_3_0 void HMAC_CTX_free(HMAC_CTX *ctx);
+# endif
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+OSSL_DEPRECATEDIN_1_1_0 __owur int HMAC_Init(HMAC_CTX *ctx,
+ const void *key, int len,
+ const EVP_MD *md);
+# endif
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
+ const EVP_MD *md, ENGINE *impl);
+OSSL_DEPRECATEDIN_3_0 int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data,
+ size_t len);
+OSSL_DEPRECATEDIN_3_0 int HMAC_Final(HMAC_CTX *ctx, unsigned char *md,
+ unsigned int *len);
+OSSL_DEPRECATEDIN_3_0 __owur int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);
+OSSL_DEPRECATEDIN_3_0 void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags);
+OSSL_DEPRECATEDIN_3_0 const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx);
+# endif
+
+unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
+ const unsigned char *data, size_t data_len,
+ unsigned char *md, unsigned int *md_len);
# ifdef __cplusplus
}
diff --git a/openssl/include/openssl/http.h b/openssl/include/openssl/http.h
index 8dc46367..29458308 100644..100755
--- a/openssl/include/openssl/http.h
+++ b/openssl/include/openssl/http.h
@@ -1,5 +1,5 @@
/*
- * Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright Siemens AG 2018-2020
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
@@ -23,8 +23,6 @@
extern "C" {
# endif
-typedef BIO *(*OSSL_HTTP_bio_cb_t)(BIO *bio, void *arg, int connect, int detail);
-
# define OSSL_HTTP_NAME "http"
# define OSSL_HTTPS_NAME "https"
# define OSSL_HTTP_PREFIX OSSL_HTTP_NAME"://"
@@ -35,46 +33,75 @@ typedef BIO *(*OSSL_HTTP_bio_cb_t)(BIO *bio, void *arg, int connect, int detail)
# define OPENSSL_HTTP_PROXY "HTTP_PROXY"
# define OPENSSL_HTTPS_PROXY "HTTPS_PROXY"
+#define OSSL_HTTP_DEFAULT_MAX_LINE_LEN (4 * 1024)
+#define OSSL_HTTP_DEFAULT_MAX_RESP_LEN (100 * 1024)
+
+/* Low-level HTTP API */
+OSSL_HTTP_REQ_CTX *OSSL_HTTP_REQ_CTX_new(BIO *wbio, BIO *rbio, int buf_size);
+void OSSL_HTTP_REQ_CTX_free(OSSL_HTTP_REQ_CTX *rctx);
+int OSSL_HTTP_REQ_CTX_set_request_line(OSSL_HTTP_REQ_CTX *rctx, int method_POST,
+ const char *server, const char *port,
+ const char *path);
+int OSSL_HTTP_REQ_CTX_add1_header(OSSL_HTTP_REQ_CTX *rctx,
+ const char *name, const char *value);
+int OSSL_HTTP_REQ_CTX_set_expected(OSSL_HTTP_REQ_CTX *rctx,
+ const char *content_type, int asn1,
+ int timeout, int keep_alive);
+int OSSL_HTTP_REQ_CTX_set1_req(OSSL_HTTP_REQ_CTX *rctx, const char *content_type,
+ const ASN1_ITEM *it, const ASN1_VALUE *req);
+int OSSL_HTTP_REQ_CTX_nbio(OSSL_HTTP_REQ_CTX *rctx);
+int OSSL_HTTP_REQ_CTX_nbio_d2i(OSSL_HTTP_REQ_CTX *rctx,
+ ASN1_VALUE **pval, const ASN1_ITEM *it);
+BIO *OSSL_HTTP_REQ_CTX_exchange(OSSL_HTTP_REQ_CTX *rctx);
+BIO *OSSL_HTTP_REQ_CTX_get0_mem_bio(const OSSL_HTTP_REQ_CTX *rctx);
+size_t OSSL_HTTP_REQ_CTX_get_resp_len(const OSSL_HTTP_REQ_CTX *rctx);
+void OSSL_HTTP_REQ_CTX_set_max_response_length(OSSL_HTTP_REQ_CTX *rctx,
+ unsigned long len);
+int OSSL_HTTP_is_alive(const OSSL_HTTP_REQ_CTX *rctx);
+
+/* High-level HTTP API */
+typedef BIO *(*OSSL_HTTP_bio_cb_t)(BIO *bio, void *arg, int connect, int detail);
+OSSL_HTTP_REQ_CTX *OSSL_HTTP_open(const char *server, const char *port,
+ const char *proxy, const char *no_proxy,
+ int use_ssl, BIO *bio, BIO *rbio,
+ OSSL_HTTP_bio_cb_t bio_update_fn, void *arg,
+ int buf_size, int overall_timeout);
+int OSSL_HTTP_proxy_connect(BIO *bio, const char *server, const char *port,
+ const char *proxyuser, const char *proxypass,
+ int timeout, BIO *bio_err, const char *prog);
+int OSSL_HTTP_set1_request(OSSL_HTTP_REQ_CTX *rctx, const char *path,
+ const STACK_OF(CONF_VALUE) *headers,
+ const char *content_type, BIO *req,
+ const char *expected_content_type, int expect_asn1,
+ size_t max_resp_len, int timeout, int keep_alive);
+BIO *OSSL_HTTP_exchange(OSSL_HTTP_REQ_CTX *rctx, char **redirection_url);
BIO *OSSL_HTTP_get(const char *url, const char *proxy, const char *no_proxy,
BIO *bio, BIO *rbio,
OSSL_HTTP_bio_cb_t bio_update_fn, void *arg,
- const STACK_OF(CONF_VALUE) *headers,
- int maxline, unsigned long max_resp_len, int timeout,
- const char *expected_content_type, int expect_asn1);
-ASN1_VALUE *OSSL_HTTP_get_asn1(const char *url,
- const char *proxy, const char *no_proxy,
- BIO *bio, BIO *rbio,
- OSSL_HTTP_bio_cb_t bio_update_fn, void *arg,
- const STACK_OF(CONF_VALUE) *headers,
- int maxline, unsigned long max_resp_len,
- int timeout, const char *expected_content_type,
- const ASN1_ITEM *it);
-ASN1_VALUE *OSSL_HTTP_post_asn1(const char *server, const char *port,
- const char *path, int use_ssl,
- const char *proxy, const char *no_proxy,
- BIO *bio, BIO *rbio,
- OSSL_HTTP_bio_cb_t bio_update_fn, void *arg,
- const STACK_OF(CONF_VALUE) *headers,
- const char *content_type,
- const ASN1_VALUE *req, const ASN1_ITEM *req_it,
- int maxline, unsigned long max_resp_len,
- int timeout, const char *expected_ct,
- const ASN1_ITEM *rsp_it);
-BIO *OSSL_HTTP_transfer(const char *server, const char *port, const char *path,
- int use_ssl, const char *proxy, const char *no_proxy,
+ int buf_size, const STACK_OF(CONF_VALUE) *headers,
+ const char *expected_content_type, int expect_asn1,
+ size_t max_resp_len, int timeout);
+BIO *OSSL_HTTP_transfer(OSSL_HTTP_REQ_CTX **prctx,
+ const char *server, const char *port,
+ const char *path, int use_ssl,
+ const char *proxy, const char *no_proxy,
BIO *bio, BIO *rbio,
OSSL_HTTP_bio_cb_t bio_update_fn, void *arg,
- const STACK_OF(CONF_VALUE) *headers,
- const char *content_type, BIO *req_mem,
- int maxline, unsigned long max_resp_len, int timeout,
- const char *expected_ct, int expect_asn1,
- char **redirection_url);
-int OSSL_HTTP_proxy_connect(BIO *bio, const char *server, const char *port,
- const char *proxyuser, const char *proxypass,
- int timeout, BIO *bio_err, const char *prog);
+ int buf_size, const STACK_OF(CONF_VALUE) *headers,
+ const char *content_type, BIO *req,
+ const char *expected_content_type, int expect_asn1,
+ size_t max_resp_len, int timeout, int keep_alive);
+int OSSL_HTTP_close(OSSL_HTTP_REQ_CTX *rctx, int ok);
-int OSSL_HTTP_parse_url(const char *url, char **phost, char **pport,
- char **ppath, int *pssl);
+/* Auxiliary functions */
+int OSSL_parse_url(const char *url, char **pscheme, char **puser, char **phost,
+ char **pport, int *pport_num,
+ char **ppath, char **pquery, char **pfrag);
+int OSSL_HTTP_parse_url(const char *url, int *pssl, char **puser, char **phost,
+ char **pport, int *pport_num,
+ char **ppath, char **pquery, char **pfrag);
+const char *OSSL_HTTP_adapt_proxy(const char *proxy, const char *no_proxy,
+ const char *server, int use_ssl);
# ifdef __cplusplus
}
diff --git a/openssl/include/openssl/httperr.h b/openssl/include/openssl/httperr.h
index a627cb01..107c4abf 100644..100755
--- a/openssl/include/openssl/httperr.h
+++ b/openssl/include/openssl/httperr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -10,21 +10,13 @@
#ifndef OPENSSL_HTTPERR_H
# define OPENSSL_HTTPERR_H
+# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
+# include <openssl/cryptoerr_legacy.h>
-# ifdef __cplusplus
-extern "C"
-# endif
-int ERR_load_HTTP_strings(void);
-
-/*
- * HTTP function codes.
- */
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# endif
/*
* HTTP reason codes.
@@ -36,7 +28,12 @@ int ERR_load_HTTP_strings(void);
# define HTTP_R_ERROR_PARSING_URL 101
# define HTTP_R_ERROR_RECEIVING 103
# define HTTP_R_ERROR_SENDING 102
+# define HTTP_R_FAILED_READING_DATA 128
+# define HTTP_R_HEADER_PARSE_ERROR 126
# define HTTP_R_INCONSISTENT_CONTENT_LENGTH 120
+# define HTTP_R_INVALID_PORT_NUMBER 123
+# define HTTP_R_INVALID_URL_PATH 125
+# define HTTP_R_INVALID_URL_SCHEME 124
# define HTTP_R_MAX_RESP_LEN_EXCEEDED 117
# define HTTP_R_MISSING_ASN1_ENCODING 110
# define HTTP_R_MISSING_CONTENT_TYPE 121
@@ -47,6 +44,7 @@ int ERR_load_HTTP_strings(void);
# define HTTP_R_REDIRECTION_NOT_ENABLED 116
# define HTTP_R_RESPONSE_LINE_TOO_LONG 113
# define HTTP_R_RESPONSE_PARSE_ERROR 104
+# define HTTP_R_SERVER_CANCELED_CONNECTION 127
# define HTTP_R_SOCK_NOT_SUPPORTED 122
# define HTTP_R_STATUS_CODE_UNSUPPORTED 114
# define HTTP_R_TLS_NOT_ENABLED 107
diff --git a/openssl/include/openssl/idea.h b/openssl/include/openssl/idea.h
index ea3dccdb..fe8b6f67 100644..100755
--- a/openssl/include/openssl/idea.h
+++ b/openssl/include/openssl/idea.h
@@ -37,28 +37,31 @@ typedef struct idea_key_st {
IDEA_INT data[9][6];
} IDEA_KEY_SCHEDULE;
#endif
-
-DEPRECATEDIN_3_0(const char *IDEA_options(void))
-DEPRECATEDIN_3_0(void IDEA_ecb_encrypt(const unsigned char *in,
- unsigned char *out,
- IDEA_KEY_SCHEDULE *ks))
-DEPRECATEDIN_3_0(void IDEA_set_encrypt_key(const unsigned char *key,
- IDEA_KEY_SCHEDULE *ks))
-DEPRECATEDIN_3_0(void IDEA_set_decrypt_key(IDEA_KEY_SCHEDULE *ek,
- IDEA_KEY_SCHEDULE *dk))
-DEPRECATEDIN_3_0(void IDEA_cbc_encrypt(const unsigned char *in,
- unsigned char *out, long length,
- IDEA_KEY_SCHEDULE *ks,
- unsigned char *iv, int enc))
-DEPRECATEDIN_3_0(void IDEA_cfb64_encrypt(const unsigned char *in,
- unsigned char *out, long length,
- IDEA_KEY_SCHEDULE *ks,
- unsigned char *iv, int *num, int enc))
-DEPRECATEDIN_3_0(void IDEA_ofb64_encrypt(const unsigned char *in,
- unsigned char *out, long length,
- IDEA_KEY_SCHEDULE *ks,
- unsigned char *iv, int *num))
-DEPRECATEDIN_3_0(void IDEA_encrypt(unsigned long *in, IDEA_KEY_SCHEDULE *ks))
+#ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 const char *IDEA_options(void);
+OSSL_DEPRECATEDIN_3_0 void IDEA_ecb_encrypt(const unsigned char *in,
+ unsigned char *out,
+ IDEA_KEY_SCHEDULE *ks);
+OSSL_DEPRECATEDIN_3_0 void IDEA_set_encrypt_key(const unsigned char *key,
+ IDEA_KEY_SCHEDULE *ks);
+OSSL_DEPRECATEDIN_3_0 void IDEA_set_decrypt_key(IDEA_KEY_SCHEDULE *ek,
+ IDEA_KEY_SCHEDULE *dk);
+OSSL_DEPRECATEDIN_3_0 void IDEA_cbc_encrypt(const unsigned char *in,
+ unsigned char *out, long length,
+ IDEA_KEY_SCHEDULE *ks,
+ unsigned char *iv, int enc);
+OSSL_DEPRECATEDIN_3_0 void IDEA_cfb64_encrypt(const unsigned char *in,
+ unsigned char *out, long length,
+ IDEA_KEY_SCHEDULE *ks,
+ unsigned char *iv, int *num,
+ int enc);
+OSSL_DEPRECATEDIN_3_0 void IDEA_ofb64_encrypt(const unsigned char *in,
+ unsigned char *out, long length,
+ IDEA_KEY_SCHEDULE *ks,
+ unsigned char *iv, int *num);
+OSSL_DEPRECATEDIN_3_0 void IDEA_encrypt(unsigned long *in,
+ IDEA_KEY_SCHEDULE *ks);
+#endif
# ifndef OPENSSL_NO_DEPRECATED_1_1_0
# define idea_options IDEA_options
diff --git a/openssl/include/openssl/kdf.h b/openssl/include/openssl/kdf.h
index 738865df..05bb1636 100644..100755
--- a/openssl/include/openssl/kdf.h
+++ b/openssl/include/openssl/kdf.h
@@ -1,5 +1,5 @@
/*
- * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -27,58 +27,37 @@ extern "C" {
int EVP_KDF_up_ref(EVP_KDF *kdf);
void EVP_KDF_free(EVP_KDF *kdf);
-EVP_KDF *EVP_KDF_fetch(OPENSSL_CTX *libctx, const char *algorithm,
+EVP_KDF *EVP_KDF_fetch(OSSL_LIB_CTX *libctx, const char *algorithm,
const char *properties);
-EVP_KDF_CTX *EVP_KDF_new_ctx(EVP_KDF *kdf);
-void EVP_KDF_free_ctx(EVP_KDF_CTX *ctx);
-EVP_KDF_CTX *EVP_KDF_dup_ctx(const EVP_KDF_CTX *src);
-int EVP_KDF_number(const EVP_KDF *kdf);
+EVP_KDF_CTX *EVP_KDF_CTX_new(EVP_KDF *kdf);
+void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx);
+EVP_KDF_CTX *EVP_KDF_CTX_dup(const EVP_KDF_CTX *src);
+const char *EVP_KDF_get0_description(const EVP_KDF *kdf);
int EVP_KDF_is_a(const EVP_KDF *kdf, const char *name);
-const OSSL_PROVIDER *EVP_KDF_provider(const EVP_KDF *kdf);
-const EVP_KDF *EVP_KDF_get_ctx_kdf(EVP_KDF_CTX *ctx);
-
-void EVP_KDF_reset(EVP_KDF_CTX *ctx);
-size_t EVP_KDF_size(EVP_KDF_CTX *ctx);
-int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen);
+const char *EVP_KDF_get0_name(const EVP_KDF *kdf);
+const OSSL_PROVIDER *EVP_KDF_get0_provider(const EVP_KDF *kdf);
+const EVP_KDF *EVP_KDF_CTX_kdf(EVP_KDF_CTX *ctx);
+
+void EVP_KDF_CTX_reset(EVP_KDF_CTX *ctx);
+size_t EVP_KDF_CTX_get_kdf_size(EVP_KDF_CTX *ctx);
+int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen,
+ const OSSL_PARAM params[]);
int EVP_KDF_get_params(EVP_KDF *kdf, OSSL_PARAM params[]);
-int EVP_KDF_get_ctx_params(EVP_KDF_CTX *ctx, OSSL_PARAM params[]);
-int EVP_KDF_set_ctx_params(EVP_KDF_CTX *ctx, const OSSL_PARAM params[]);
+int EVP_KDF_CTX_get_params(EVP_KDF_CTX *ctx, OSSL_PARAM params[]);
+int EVP_KDF_CTX_set_params(EVP_KDF_CTX *ctx, const OSSL_PARAM params[]);
const OSSL_PARAM *EVP_KDF_gettable_params(const EVP_KDF *kdf);
const OSSL_PARAM *EVP_KDF_gettable_ctx_params(const EVP_KDF *kdf);
const OSSL_PARAM *EVP_KDF_settable_ctx_params(const EVP_KDF *kdf);
+const OSSL_PARAM *EVP_KDF_CTX_gettable_params(EVP_KDF_CTX *ctx);
+const OSSL_PARAM *EVP_KDF_CTX_settable_params(EVP_KDF_CTX *ctx);
-void EVP_KDF_do_all_provided(OPENSSL_CTX *libctx,
+void EVP_KDF_do_all_provided(OSSL_LIB_CTX *libctx,
void (*fn)(EVP_KDF *kdf, void *arg),
void *arg);
-void EVP_KDF_names_do_all(const EVP_KDF *kdf,
- void (*fn)(const char *name, void *data),
- void *data);
-
-# define EVP_KDF_CTRL_SET_PASS 0x01 /* unsigned char *, size_t */
-# define EVP_KDF_CTRL_SET_SALT 0x02 /* unsigned char *, size_t */
-# define EVP_KDF_CTRL_SET_ITER 0x03 /* int */
-# define EVP_KDF_CTRL_SET_MD 0x04 /* EVP_MD * */
-# define EVP_KDF_CTRL_SET_KEY 0x05 /* unsigned char *, size_t */
-# define EVP_KDF_CTRL_SET_MAXMEM_BYTES 0x06 /* uint64_t */
-# define EVP_KDF_CTRL_SET_TLS_SECRET 0x07 /* unsigned char *, size_t */
-# define EVP_KDF_CTRL_ADD_TLS_SEED 0x08 /* unsigned char *, size_t */
-# define EVP_KDF_CTRL_RESET_HKDF_INFO 0x09
-# define EVP_KDF_CTRL_ADD_HKDF_INFO 0x0a /* unsigned char *, size_t */
-# define EVP_KDF_CTRL_SET_HKDF_MODE 0x0b /* int */
-# define EVP_KDF_CTRL_SET_SCRYPT_N 0x0c /* uint64_t */
-# define EVP_KDF_CTRL_SET_SCRYPT_R 0x0d /* uint32_t */
-# define EVP_KDF_CTRL_SET_SCRYPT_P 0x0e /* uint32_t */
-# define EVP_KDF_CTRL_SET_SSHKDF_XCGHASH 0x0f /* unsigned char *, size_t */
-# define EVP_KDF_CTRL_SET_SSHKDF_SESSION_ID 0x10 /* unsigned char *, size_t */
-# define EVP_KDF_CTRL_SET_SSHKDF_TYPE 0x11 /* int */
-# define EVP_KDF_CTRL_SET_MAC 0x12 /* EVP_MAC * */
-# define EVP_KDF_CTRL_SET_MAC_SIZE 0x13 /* size_t */
-# define EVP_KDF_CTRL_SET_SSKDF_INFO 0x14 /* unsigned char *, size_t */
-# define EVP_KDF_CTRL_SET_PBKDF2_PKCS5_MODE 0x15 /* int */
-# define EVP_KDF_CTRL_SET_UKM 0x16 /* unsigned char *, size_t */
-# define EVP_KDF_CTRL_SET_CEK_ALG 0x17 /* char * */
-# define EVP_KDF_CTRL_SET_SHARED_INFO EVP_KDF_CTRL_SET_SSKDF_INFO
+int EVP_KDF_names_do_all(const EVP_KDF *kdf,
+ void (*fn)(const char *name, void *data),
+ void *data);
# define EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND 0
# define EVP_KDF_HKDF_MODE_EXTRACT_ONLY 1
@@ -115,61 +94,42 @@ void EVP_KDF_names_do_all(const EVP_KDF *kdf,
# define EVP_PKEY_HKDEF_MODE_EXPAND_ONLY \
EVP_KDF_HKDF_MODE_EXPAND_ONLY
-# define EVP_PKEY_CTX_set_tls1_prf_md(pctx, md) \
- EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_TLS_MD, 0, (void *)(md))
+int EVP_PKEY_CTX_set_tls1_prf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
-# define EVP_PKEY_CTX_set1_tls1_prf_secret(pctx, sec, seclen) \
- EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_TLS_SECRET, seclen, (void *)(sec))
+int EVP_PKEY_CTX_set1_tls1_prf_secret(EVP_PKEY_CTX *pctx,
+ const unsigned char *sec, int seclen);
-# define EVP_PKEY_CTX_add1_tls1_prf_seed(pctx, seed, seedlen) \
- EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_TLS_SEED, seedlen, (void *)(seed))
+int EVP_PKEY_CTX_add1_tls1_prf_seed(EVP_PKEY_CTX *pctx,
+ const unsigned char *seed, int seedlen);
-# define EVP_PKEY_CTX_set_hkdf_md(pctx, md) \
- EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_HKDF_MD, 0, (void *)(md))
+int EVP_PKEY_CTX_set_hkdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
-# define EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt, saltlen) \
- EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_HKDF_SALT, saltlen, (void *)(salt))
+int EVP_PKEY_CTX_set1_hkdf_salt(EVP_PKEY_CTX *ctx,
+ const unsigned char *salt, int saltlen);
-# define EVP_PKEY_CTX_set1_hkdf_key(pctx, key, keylen) \
- EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_HKDF_KEY, keylen, (void *)(key))
+int EVP_PKEY_CTX_set1_hkdf_key(EVP_PKEY_CTX *ctx,
+ const unsigned char *key, int keylen);
-# define EVP_PKEY_CTX_add1_hkdf_info(pctx, info, infolen) \
- EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_HKDF_INFO, infolen, (void *)(info))
+int EVP_PKEY_CTX_add1_hkdf_info(EVP_PKEY_CTX *ctx,
+ const unsigned char *info, int infolen);
-# define EVP_PKEY_CTX_hkdf_mode(pctx, mode) \
- EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_HKDF_MODE, mode, NULL)
+int EVP_PKEY_CTX_set_hkdf_mode(EVP_PKEY_CTX *ctx, int mode);
+# define EVP_PKEY_CTX_hkdf_mode EVP_PKEY_CTX_set_hkdf_mode
-# define EVP_PKEY_CTX_set1_pbe_pass(pctx, pass, passlen) \
- EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_PASS, passlen, (void *)(pass))
+int EVP_PKEY_CTX_set1_pbe_pass(EVP_PKEY_CTX *ctx, const char *pass,
+ int passlen);
-# define EVP_PKEY_CTX_set1_scrypt_salt(pctx, salt, saltlen) \
- EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_SCRYPT_SALT, saltlen, (void *)(salt))
+int EVP_PKEY_CTX_set1_scrypt_salt(EVP_PKEY_CTX *ctx,
+ const unsigned char *salt, int saltlen);
-# define EVP_PKEY_CTX_set_scrypt_N(pctx, n) \
- EVP_PKEY_CTX_ctrl_uint64(pctx, -1, EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_SCRYPT_N, n)
+int EVP_PKEY_CTX_set_scrypt_N(EVP_PKEY_CTX *ctx, uint64_t n);
-# define EVP_PKEY_CTX_set_scrypt_r(pctx, r) \
- EVP_PKEY_CTX_ctrl_uint64(pctx, -1, EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_SCRYPT_R, r)
+int EVP_PKEY_CTX_set_scrypt_r(EVP_PKEY_CTX *ctx, uint64_t r);
-# define EVP_PKEY_CTX_set_scrypt_p(pctx, p) \
- EVP_PKEY_CTX_ctrl_uint64(pctx, -1, EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_SCRYPT_P, p)
+int EVP_PKEY_CTX_set_scrypt_p(EVP_PKEY_CTX *ctx, uint64_t p);
-# define EVP_PKEY_CTX_set_scrypt_maxmem_bytes(pctx, maxmem_bytes) \
- EVP_PKEY_CTX_ctrl_uint64(pctx, -1, EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_SCRYPT_MAXMEM_BYTES, maxmem_bytes)
+int EVP_PKEY_CTX_set_scrypt_maxmem_bytes(EVP_PKEY_CTX *ctx,
+ uint64_t maxmem_bytes);
# ifdef __cplusplus
diff --git a/openssl/include/openssl/kdferr.h b/openssl/include/openssl/kdferr.h
index 0459d1c5..fe9ab0b2 100644..100755
--- a/openssl/include/openssl/kdferr.h
+++ b/openssl/include/openssl/kdferr.h
@@ -1,6 +1,5 @@
/*
- * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -12,102 +11,6 @@
# define OPENSSL_KDFERR_H
# pragma once
-# include <openssl/opensslconf.h>
-# include <openssl/symhacks.h>
+#include <openssl/cryptoerr_legacy.h>
-
-# ifdef __cplusplus
-extern "C"
-# endif
-DEPRECATEDIN_3_0(int ERR_load_KDF_strings(void))
-
-/*
- * KDF function codes.
- */
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define KDF_F_HKDF_EXTRACT 0
-# define KDF_F_KDF_HKDF_DERIVE 0
-# define KDF_F_KDF_HKDF_NEW 0
-# define KDF_F_KDF_HKDF_SIZE 0
-# define KDF_F_KDF_MD2CTRL 0
-# define KDF_F_KDF_PBKDF2_CTRL 0
-# define KDF_F_KDF_PBKDF2_CTRL_STR 0
-# define KDF_F_KDF_PBKDF2_DERIVE 0
-# define KDF_F_KDF_PBKDF2_NEW 0
-# define KDF_F_KDF_SCRYPT_CTRL_STR 0
-# define KDF_F_KDF_SCRYPT_CTRL_UINT32 0
-# define KDF_F_KDF_SCRYPT_CTRL_UINT64 0
-# define KDF_F_KDF_SCRYPT_DERIVE 0
-# define KDF_F_KDF_SCRYPT_NEW 0
-# define KDF_F_KDF_SSHKDF_CTRL 0
-# define KDF_F_KDF_SSHKDF_CTRL_STR 0
-# define KDF_F_KDF_SSHKDF_DERIVE 0
-# define KDF_F_KDF_SSHKDF_NEW 0
-# define KDF_F_KDF_TLS1_PRF_CTRL_STR 0
-# define KDF_F_KDF_TLS1_PRF_DERIVE 0
-# define KDF_F_KDF_TLS1_PRF_NEW 0
-# define KDF_F_PBKDF2_DERIVE 0
-# define KDF_F_PBKDF2_SET_MEMBUF 0
-# define KDF_F_PKEY_HKDF_CTRL_STR 0
-# define KDF_F_PKEY_HKDF_DERIVE 0
-# define KDF_F_PKEY_HKDF_INIT 0
-# define KDF_F_PKEY_SCRYPT_CTRL_STR 0
-# define KDF_F_PKEY_SCRYPT_CTRL_UINT64 0
-# define KDF_F_PKEY_SCRYPT_DERIVE 0
-# define KDF_F_PKEY_SCRYPT_INIT 0
-# define KDF_F_PKEY_SCRYPT_SET_MEMBUF 0
-# define KDF_F_PKEY_TLS1_PRF_CTRL_STR 0
-# define KDF_F_PKEY_TLS1_PRF_DERIVE 0
-# define KDF_F_PKEY_TLS1_PRF_INIT 0
-# define KDF_F_SCRYPT_SET_MEMBUF 0
-# define KDF_F_SSKDF_CTRL_STR 0
-# define KDF_F_SSKDF_DERIVE 0
-# define KDF_F_SSKDF_MAC2CTRL 0
-# define KDF_F_SSKDF_NEW 0
-# define KDF_F_SSKDF_SIZE 0
-# define KDF_F_TLS1_PRF_ALG 0
-# define KDF_F_X942KDF_CTRL 0
-# define KDF_F_X942KDF_DERIVE 0
-# define KDF_F_X942KDF_HASH_KDM 0
-# define KDF_F_X942KDF_NEW 0
-# define KDF_F_X942KDF_SIZE 0
-# define KDF_F_X963KDF_DERIVE 0
-# endif
-
-/*
- * KDF reason codes.
- */
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define KDF_R_BAD_ENCODING 122
-# define KDF_R_BAD_LENGTH 123
-# define KDF_R_BOTH_MODE_AND_MODE_INT 127
-# define KDF_R_INAVLID_UKM_LEN 124
-# define KDF_R_INVALID_DIGEST 100
-# define KDF_R_INVALID_ITERATION_COUNT 119
-# define KDF_R_INVALID_KEY_LEN 120
-# define KDF_R_INVALID_MAC_TYPE 116
-# define KDF_R_INVALID_MODE 128
-# define KDF_R_INVALID_MODE_INT 129
-# define KDF_R_INVALID_SALT_LEN 121
-# define KDF_R_MISSING_CEK_ALG 125
-# define KDF_R_MISSING_ITERATION_COUNT 109
-# define KDF_R_MISSING_KEY 104
-# define KDF_R_MISSING_MESSAGE_DIGEST 105
-# define KDF_R_MISSING_PARAMETER 101
-# define KDF_R_MISSING_PASS 110
-# define KDF_R_MISSING_SALT 111
-# define KDF_R_MISSING_SECRET 107
-# define KDF_R_MISSING_SEED 106
-# define KDF_R_MISSING_SESSION_ID 113
-# define KDF_R_MISSING_TYPE 114
-# define KDF_R_MISSING_XCGHASH 115
-# define KDF_R_NOT_SUPPORTED 118
-# define KDF_R_UNKNOWN_PARAMETER_TYPE 103
-# define KDF_R_UNSUPPORTED_CEK_ALG 126
-# define KDF_R_UNSUPPORTED_MAC_TYPE 117
-# define KDF_R_VALUE_ERROR 108
-# define KDF_R_VALUE_MISSING 102
-# define KDF_R_WRONG_OUTPUT_BUFFER_SIZE 112
-# endif
-
-#endif
+#endif /* !defined(OPENSSL_KDFERR_H) */
diff --git a/openssl/include/openssl/lhash.h b/openssl/include/openssl/lhash.h
index 2aeba73f..cbb26384 100644..100755
--- a/openssl/include/openssl/lhash.h
+++ b/openssl/include/openssl/lhash.h
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -7,6 +7,8 @@
* https://www.openssl.org/source/license.html
*/
+
+
/*
* Header for dynamic hash table routines Author - Eric Young
*/
@@ -125,6 +127,42 @@ void OPENSSL_LH_node_usage_stats_bio(const OPENSSL_LHASH *lh, BIO *out);
# define LHASH_OF(type) struct lhash_st_##type
+/* Helper macro for internal use */
+# define DEFINE_LHASH_OF_INTERNAL(type) \
+ LHASH_OF(type) { union lh_##type##_dummy { void* d1; unsigned long d2; int d3; } dummy; }; \
+ typedef int (*lh_##type##_compfunc)(const type *a, const type *b); \
+ typedef unsigned long (*lh_##type##_hashfunc)(const type *a); \
+ typedef void (*lh_##type##_doallfunc)(type *a); \
+ static ossl_unused ossl_inline type *ossl_check_##type##_lh_plain_type(type *ptr) \
+ { \
+ return ptr; \
+ } \
+ static ossl_unused ossl_inline const type *ossl_check_const_##type##_lh_plain_type(const type *ptr) \
+ { \
+ return ptr; \
+ } \
+ static ossl_unused ossl_inline const OPENSSL_LHASH *ossl_check_const_##type##_lh_type(const LHASH_OF(type) *lh) \
+ { \
+ return (const OPENSSL_LHASH *)lh; \
+ } \
+ static ossl_unused ossl_inline OPENSSL_LHASH *ossl_check_##type##_lh_type(LHASH_OF(type) *lh) \
+ { \
+ return (OPENSSL_LHASH *)lh; \
+ } \
+ static ossl_unused ossl_inline OPENSSL_LH_COMPFUNC ossl_check_##type##_lh_compfunc_type(lh_##type##_compfunc cmp) \
+ { \
+ return (OPENSSL_LH_COMPFUNC)cmp; \
+ } \
+ static ossl_unused ossl_inline OPENSSL_LH_HASHFUNC ossl_check_##type##_lh_hashfunc_type(lh_##type##_hashfunc hfn) \
+ { \
+ return (OPENSSL_LH_HASHFUNC)hfn; \
+ } \
+ static ossl_unused ossl_inline OPENSSL_LH_DOALL_FUNC ossl_check_##type##_lh_doallfunc_type(lh_##type##_doallfunc dfn) \
+ { \
+ return (OPENSSL_LH_DOALL_FUNC)dfn; \
+ } \
+ LHASH_OF(type)
+
# define DEFINE_LHASH_OF(type) \
LHASH_OF(type) { union lh_##type##_dummy { void* d1; unsigned long d2; int d3; } dummy; }; \
static ossl_unused ossl_inline LHASH_OF(type) *lh_##type##_new(unsigned long (*hfn)(const type *), \
@@ -186,6 +224,13 @@ void OPENSSL_LH_node_usage_stats_bio(const OPENSSL_LHASH *lh, BIO *out);
{ \
OPENSSL_LH_doall((OPENSSL_LHASH *)lh, (OPENSSL_LH_DOALL_FUNC)doall); \
} \
+ static ossl_unused ossl_inline void lh_##type##_doall_arg(LHASH_OF(type) *lh, \
+ void (*doallarg)(type *, void *), \
+ void *arg) \
+ { \
+ OPENSSL_LH_doall_arg((OPENSSL_LHASH *)lh, \
+ (OPENSSL_LH_DOALL_FUNCARG)doallarg, arg); \
+ } \
LHASH_OF(type)
#define IMPLEMENT_LHASH_DOALL_ARG_CONST(type, argtype) \
@@ -204,47 +249,37 @@ void OPENSSL_LH_node_usage_stats_bio(const OPENSSL_LHASH *lh, BIO *out);
} \
LHASH_OF(type)
-DEFINE_LHASH_OF(OPENSSL_STRING);
-# ifdef _MSC_VER
-/*
- * push and pop this warning:
- * warning C4090: 'function': different 'const' qualifiers
- */
-# pragma warning (push)
-# pragma warning (disable: 4090)
-# endif
-
-DEFINE_LHASH_OF(OPENSSL_CSTRING);
+DEFINE_LHASH_OF_INTERNAL(OPENSSL_STRING);
+#define lh_OPENSSL_STRING_new(hfn, cmp) ((LHASH_OF(OPENSSL_STRING) *)OPENSSL_LH_new(ossl_check_OPENSSL_STRING_lh_hashfunc_type(hfn), ossl_check_OPENSSL_STRING_lh_compfunc_type(cmp)))
+#define lh_OPENSSL_STRING_free(lh) OPENSSL_LH_free(ossl_check_OPENSSL_STRING_lh_type(lh))
+#define lh_OPENSSL_STRING_flush(lh) OPENSSL_LH_flush(ossl_check_OPENSSL_STRING_lh_type(lh))
+#define lh_OPENSSL_STRING_insert(lh, ptr) ((OPENSSL_STRING *)OPENSSL_LH_insert(ossl_check_OPENSSL_STRING_lh_type(lh), ossl_check_OPENSSL_STRING_lh_plain_type(ptr)))
+#define lh_OPENSSL_STRING_delete(lh, ptr) ((OPENSSL_STRING *)OPENSSL_LH_delete(ossl_check_OPENSSL_STRING_lh_type(lh), ossl_check_const_OPENSSL_STRING_lh_plain_type(ptr)))
+#define lh_OPENSSL_STRING_retrieve(lh, ptr) ((OPENSSL_STRING *)OPENSSL_LH_retrieve(ossl_check_OPENSSL_STRING_lh_type(lh), ossl_check_const_OPENSSL_STRING_lh_plain_type(ptr)))
+#define lh_OPENSSL_STRING_error(lh) OPENSSL_LH_error(ossl_check_OPENSSL_STRING_lh_type(lh))
+#define lh_OPENSSL_STRING_num_items(lh) OPENSSL_LH_num_items(ossl_check_OPENSSL_STRING_lh_type(lh))
+#define lh_OPENSSL_STRING_node_stats_bio(lh, out) OPENSSL_LH_node_stats_bio(ossl_check_const_OPENSSL_STRING_lh_type(lh), out)
+#define lh_OPENSSL_STRING_node_usage_stats_bio(lh, out) OPENSSL_LH_node_usage_stats_bio(ossl_check_const_OPENSSL_STRING_lh_type(lh), out)
+#define lh_OPENSSL_STRING_stats_bio(lh, out) OPENSSL_LH_stats_bio(ossl_check_const_OPENSSL_STRING_lh_type(lh), out)
+#define lh_OPENSSL_STRING_get_down_load(lh) OPENSSL_LH_get_down_load(ossl_check_OPENSSL_STRING_lh_type(lh))
+#define lh_OPENSSL_STRING_set_down_load(lh, dl) OPENSSL_LH_set_down_load(ossl_check_OPENSSL_STRING_lh_type(lh), dl)
+#define lh_OPENSSL_STRING_doall(lh, dfn) OPENSSL_LH_doall(ossl_check_OPENSSL_STRING_lh_type(lh), ossl_check_OPENSSL_STRING_lh_doallfunc_type(dfn))
+DEFINE_LHASH_OF_INTERNAL(OPENSSL_CSTRING);
+#define lh_OPENSSL_CSTRING_new(hfn, cmp) ((LHASH_OF(OPENSSL_CSTRING) *)OPENSSL_LH_new(ossl_check_OPENSSL_CSTRING_lh_hashfunc_type(hfn), ossl_check_OPENSSL_CSTRING_lh_compfunc_type(cmp)))
+#define lh_OPENSSL_CSTRING_free(lh) OPENSSL_LH_free(ossl_check_OPENSSL_CSTRING_lh_type(lh))
+#define lh_OPENSSL_CSTRING_flush(lh) OPENSSL_LH_flush(ossl_check_OPENSSL_CSTRING_lh_type(lh))
+#define lh_OPENSSL_CSTRING_insert(lh, ptr) ((OPENSSL_CSTRING *)OPENSSL_LH_insert(ossl_check_OPENSSL_CSTRING_lh_type(lh), ossl_check_OPENSSL_CSTRING_lh_plain_type(ptr)))
+#define lh_OPENSSL_CSTRING_delete(lh, ptr) ((OPENSSL_CSTRING *)OPENSSL_LH_delete(ossl_check_OPENSSL_CSTRING_lh_type(lh), ossl_check_const_OPENSSL_CSTRING_lh_plain_type(ptr)))
+#define lh_OPENSSL_CSTRING_retrieve(lh, ptr) ((OPENSSL_CSTRING *)OPENSSL_LH_retrieve(ossl_check_OPENSSL_CSTRING_lh_type(lh), ossl_check_const_OPENSSL_CSTRING_lh_plain_type(ptr)))
+#define lh_OPENSSL_CSTRING_error(lh) OPENSSL_LH_error(ossl_check_OPENSSL_CSTRING_lh_type(lh))
+#define lh_OPENSSL_CSTRING_num_items(lh) OPENSSL_LH_num_items(ossl_check_OPENSSL_CSTRING_lh_type(lh))
+#define lh_OPENSSL_CSTRING_node_stats_bio(lh, out) OPENSSL_LH_node_stats_bio(ossl_check_const_OPENSSL_CSTRING_lh_type(lh), out)
+#define lh_OPENSSL_CSTRING_node_usage_stats_bio(lh, out) OPENSSL_LH_node_usage_stats_bio(ossl_check_const_OPENSSL_CSTRING_lh_type(lh), out)
+#define lh_OPENSSL_CSTRING_stats_bio(lh, out) OPENSSL_LH_stats_bio(ossl_check_const_OPENSSL_CSTRING_lh_type(lh), out)
+#define lh_OPENSSL_CSTRING_get_down_load(lh) OPENSSL_LH_get_down_load(ossl_check_OPENSSL_CSTRING_lh_type(lh))
+#define lh_OPENSSL_CSTRING_set_down_load(lh, dl) OPENSSL_LH_set_down_load(ossl_check_OPENSSL_CSTRING_lh_type(lh), dl)
+#define lh_OPENSSL_CSTRING_doall(lh, dfn) OPENSSL_LH_doall(ossl_check_OPENSSL_CSTRING_lh_type(lh), ossl_check_OPENSSL_CSTRING_lh_doallfunc_type(dfn))
-# ifdef _MSC_VER
-# pragma warning (pop)
-# endif
-
-/*
- * If called without higher optimization (min. -xO3) the Oracle Developer
- * Studio compiler generates code for the defined (static inline) functions
- * above.
- * This would later lead to the linker complaining about missing symbols when
- * this header file is included but the resulting object is not linked against
- * the Crypto library (openssl#6912).
- */
-# ifdef __SUNPRO_C
-# pragma weak OPENSSL_LH_new
-# pragma weak OPENSSL_LH_flush
-# pragma weak OPENSSL_LH_free
-# pragma weak OPENSSL_LH_insert
-# pragma weak OPENSSL_LH_delete
-# pragma weak OPENSSL_LH_retrieve
-# pragma weak OPENSSL_LH_error
-# pragma weak OPENSSL_LH_num_items
-# pragma weak OPENSSL_LH_node_stats_bio
-# pragma weak OPENSSL_LH_node_usage_stats_bio
-# pragma weak OPENSSL_LH_stats_bio
-# pragma weak OPENSSL_LH_get_down_load
-# pragma weak OPENSSL_LH_set_down_load
-# pragma weak OPENSSL_LH_doall
-# pragma weak OPENSSL_LH_doall_arg
-# endif /* __SUNPRO_C */
#ifdef __cplusplus
}
diff --git a/openssl/include/openssl/mac.h b/openssl/include/openssl/mac.h
index ac658e15..ac658e15 100644..100755
--- a/openssl/include/openssl/mac.h
+++ b/openssl/include/openssl/mac.h
diff --git a/openssl/include/openssl/macros.h b/openssl/include/openssl/macros.h
index 8aeec22d..1cae0bf6 100644..100755
--- a/openssl/include/openssl/macros.h
+++ b/openssl/include/openssl/macros.h
@@ -1,5 +1,5 @@
/*
- * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -7,11 +7,13 @@
* https://www.openssl.org/source/license.html
*/
+#ifndef OPENSSL_MACROS_H
+# define OPENSSL_MACROS_H
+# pragma once
+
#include <openssl/opensslconf.h>
#include <openssl/opensslv.h>
-#ifndef OPENSSL_MACROS_H
-# define OPENSSL_MACROS_H
/* Helper macros for CPP string composition */
# define OPENSSL_MSTR_HELPER(x) #x
@@ -25,28 +27,60 @@
/*
* Generic deprecation macro
- *
- * If OPENSSL_SUPPRESS_DEPRECATED is defined, then DECLARE_DEPRECATED
- * becomes a no-op
+ *
+ * If OPENSSL_SUPPRESS_DEPRECATED is defined, then OSSL_DEPRECATED and
+ * OSSL_DEPRECATED_FOR become no-ops
*/
-# ifndef DECLARE_DEPRECATED
-# define DECLARE_DEPRECATED(f) f;
+# ifndef OSSL_DEPRECATED
+# undef OSSL_DEPRECATED_FOR
# ifndef OPENSSL_SUPPRESS_DEPRECATED
-# ifdef __GNUC__
-# if __GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ > 0)
-# undef DECLARE_DEPRECATED
-# define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated));
+# if defined(_MSC_VER)
+ /*
+ * MSVC supports __declspec(deprecated) since MSVC 2003 (13.10),
+ * and __declspec(deprecated(message)) since MSVC 2005 (14.00)
+ */
+# if _MSC_VER >= 1400
+# define OSSL_DEPRECATED(since) \
+ __declspec(deprecated("Since OpenSSL " # since))
+# define OSSL_DEPRECATED_FOR(since, message) \
+ __declspec(deprecated("Since OpenSSL " # since ";" message))
+# elif _MSC_VER >= 1310
+# define OSSL_DEPRECATED(since) __declspec(deprecated)
+# define OSSL_DEPRECATED_FOR(since, message) __declspec(deprecated)
+# endif
+# elif defined(__GNUC__)
+ /*
+ * According to GCC documentation, deprecations with message appeared in
+ * GCC 4.5.0
+ */
+# if __GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 5)
+# define OSSL_DEPRECATED(since) \
+ __attribute__((deprecated("Since OpenSSL " # since)))
+# define OSSL_DEPRECATED_FOR(since, message) \
+ __attribute__((deprecated("Since OpenSSL " # since ";" message)))
+# elif __GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ > 0)
+# define OSSL_DEPRECATED(since) __attribute__((deprecated))
+# define OSSL_DEPRECATED_FOR(since, message) __attribute__((deprecated))
# endif
# elif defined(__SUNPRO_C)
# if (__SUNPRO_C >= 0x5130)
-# undef DECLARE_DEPRECATED
-# define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated));
+# define OSSL_DEPRECATED(since) __attribute__ ((deprecated))
+# define OSSL_DEPRECATED_FOR(since, message) __attribute__ ((deprecated))
# endif
# endif
# endif
# endif
/*
+ * Still not defined? Then define no-op macros. This means these macros
+ * are unsuitable for use in a typedef.
+ */
+# ifndef OSSL_DEPRECATED
+# define OSSL_DEPRECATED(since) extern
+# define OSSL_DEPRECATED_FOR(since, message) extern
+# endif
+
+/*
* Applications should use -DOPENSSL_API_COMPAT=<version> to suppress the
* declarations of functions deprecated in or before <version>. If this is
* undefined, the value of the macro OPENSSL_CONFIGURED_API (defined in
@@ -122,10 +156,17 @@
# endif
/*
- * Define macros for deprecation purposes. We always define the macros
- * DEPERECATEDIN_{major}_{minor}() for all OpenSSL versions we care for,
- * and OPENSSL_NO_DEPRECATED_{major}_{minor} to be used to check if
- * removal of deprecated functions applies on that particular version.
+ * Define macros for deprecation and simulated removal purposes.
+ *
+ * The macros OSSL_DEPRECATED_{major}_{minor} are always defined for
+ * all OpenSSL versions we care for. They can be used as attributes
+ * in function declarations where appropriate.
+ *
+ * The macros OPENSSL_NO_DEPRECATED_{major}_{minor} are defined for
+ * all OpenSSL versions up to or equal to the version given with
+ * OPENSSL_API_COMPAT. They are used as guards around anything that's
+ * deprecated up to that version, as an effect of the developer option
+ * 'no-deprecated'.
*/
# undef OPENSSL_NO_DEPRECATED_3_0
@@ -138,73 +179,80 @@
# if OPENSSL_API_LEVEL >= 30000
# ifndef OPENSSL_NO_DEPRECATED
-# define DEPRECATEDIN_3_0(f) DECLARE_DEPRECATED(f)
+# define OSSL_DEPRECATEDIN_3_0 OSSL_DEPRECATED(3.0)
+# define OSSL_DEPRECATEDIN_3_0_FOR(msg) OSSL_DEPRECATED_FOR(3.0, msg)
# else
-# define DEPRECATEDIN_3_0(f)
# define OPENSSL_NO_DEPRECATED_3_0
# endif
# else
-# define DEPRECATEDIN_3_0(f) f;
+# define OSSL_DEPRECATEDIN_3_0
+# define OSSL_DEPRECATEDIN_3_0_FOR(msg)
# endif
# if OPENSSL_API_LEVEL >= 10101
# ifndef OPENSSL_NO_DEPRECATED
-# define DEPRECATEDIN_1_1_1(f) DECLARE_DEPRECATED(f)
+# define OSSL_DEPRECATEDIN_1_1_1 OSSL_DEPRECATED(1.1.1)
+# define OSSL_DEPRECATEDIN_1_1_1_FOR(msg) OSSL_DEPRECATED_FOR(1.1.1, msg)
# else
-# define DEPRECATEDIN_1_1_1(f)
# define OPENSSL_NO_DEPRECATED_1_1_1
# endif
# else
-# define DEPRECATEDIN_1_1_1(f) f;
+# define OSSL_DEPRECATEDIN_1_1_1
+# define OSSL_DEPRECATEDIN_1_1_1_FOR(msg)
# endif
# if OPENSSL_API_LEVEL >= 10100
# ifndef OPENSSL_NO_DEPRECATED
-# define DEPRECATEDIN_1_1_0(f) DECLARE_DEPRECATED(f)
+# define OSSL_DEPRECATEDIN_1_1_0 OSSL_DEPRECATED(1.1.0)
+# define OSSL_DEPRECATEDIN_1_1_0_FOR(msg) OSSL_DEPRECATED_FOR(1.1.0, msg)
# else
-# define DEPRECATEDIN_1_1_0(f)
# define OPENSSL_NO_DEPRECATED_1_1_0
# endif
# else
-# define DEPRECATEDIN_1_1_0(f) f;
+# define OSSL_DEPRECATEDIN_1_1_0
+# define OSSL_DEPRECATEDIN_1_1_0_FOR(msg)
# endif
# if OPENSSL_API_LEVEL >= 10002
# ifndef OPENSSL_NO_DEPRECATED
-# define DEPRECATEDIN_1_0_2(f) DECLARE_DEPRECATED(f)
+# define OSSL_DEPRECATEDIN_1_0_2 OSSL_DEPRECATED(1.0.2)
+# define OSSL_DEPRECATEDIN_1_0_2_FOR(msg) OSSL_DEPRECATED_FOR(1.0.2, msg)
# else
-# define DEPRECATEDIN_1_0_2(f)
# define OPENSSL_NO_DEPRECATED_1_0_2
# endif
# else
-# define DEPRECATEDIN_1_0_2(f) f;
+# define OSSL_DEPRECATEDIN_1_0_2
+# define OSSL_DEPRECATEDIN_1_0_2_FOR(msg)
# endif
# if OPENSSL_API_LEVEL >= 10001
# ifndef OPENSSL_NO_DEPRECATED
-# define DEPRECATEDIN_1_0_1(f) DECLARE_DEPRECATED(f)
+# define OSSL_DEPRECATEDIN_1_0_1 OSSL_DEPRECATED(1.0.1)
+# define OSSL_DEPRECATEDIN_1_0_1_FOR(msg) OSSL_DEPRECATED_FOR(1.0.1, msg)
# else
-# define DEPRECATEDIN_1_0_1(f)
# define OPENSSL_NO_DEPRECATED_1_0_1
# endif
# else
-# define DEPRECATEDIN_1_0_1(f) f;
+# define OSSL_DEPRECATEDIN_1_0_1
+# define OSSL_DEPRECATEDIN_1_0_1_FOR(msg)
# endif
# if OPENSSL_API_LEVEL >= 10000
# ifndef OPENSSL_NO_DEPRECATED
-# define DEPRECATEDIN_1_0_0(f) DECLARE_DEPRECATED(f)
+# define OSSL_DEPRECATEDIN_1_0_0 OSSL_DEPRECATED(1.0.0)
+# define OSSL_DEPRECATEDIN_1_0_0_FOR(msg) OSSL_DEPRECATED_FOR(1.0.0, msg)
# else
-# define DEPRECATEDIN_1_0_0(f)
# define OPENSSL_NO_DEPRECATED_1_0_0
# endif
# else
-# define DEPRECATEDIN_1_0_0(f) f;
+# define OSSL_DEPRECATEDIN_1_0_0
+# define OSSL_DEPRECATEDIN_1_0_0_FOR(msg)
# endif
# if OPENSSL_API_LEVEL >= 908
# ifndef OPENSSL_NO_DEPRECATED
-# define DEPRECATEDIN_0_9_8(f) DECLARE_DEPRECATED(f)
+# define OSSL_DEPRECATEDIN_0_9_8 OSSL_DEPRECATED(0.9.8)
+# define OSSL_DEPRECATEDIN_0_9_8_FOR(msg) OSSL_DEPRECATED_FOR(0.9.8, msg)
# else
-# define DEPRECATEDIN_0_9_8(f)
# define OPENSSL_NO_DEPRECATED_0_9_8
# endif
# else
-# define DEPRECATEDIN_0_9_8(f) f;
+# define OSSL_DEPRECATEDIN_0_9_8
+# define OSSL_DEPRECATEDIN_0_9_8_FOR(msg)
# endif
/*
diff --git a/openssl/include/openssl/md2.h b/openssl/include/openssl/md2.h
index 9beeb6a4..5ca33843 100644..100755
--- a/openssl/include/openssl/md2.h
+++ b/openssl/include/openssl/md2.h
@@ -39,14 +39,15 @@ typedef struct MD2state_st {
MD2_INT state[MD2_BLOCK];
} MD2_CTX;
# endif
-
-DEPRECATEDIN_3_0(const char *MD2_options(void))
-DEPRECATEDIN_3_0(int MD2_Init(MD2_CTX *c))
-DEPRECATEDIN_3_0(int MD2_Update(MD2_CTX *c, const unsigned char *data,
- size_t len))
-DEPRECATEDIN_3_0(int MD2_Final(unsigned char *md, MD2_CTX *c))
-DEPRECATEDIN_3_0(unsigned char *MD2(const unsigned char *d, size_t n,
- unsigned char *md))
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 const char *MD2_options(void);
+OSSL_DEPRECATEDIN_3_0 int MD2_Init(MD2_CTX *c);
+OSSL_DEPRECATEDIN_3_0 int MD2_Update(MD2_CTX *c, const unsigned char *data,
+ size_t len);
+OSSL_DEPRECATEDIN_3_0 int MD2_Final(unsigned char *md, MD2_CTX *c);
+OSSL_DEPRECATEDIN_3_0 unsigned char *MD2(const unsigned char *d, size_t n,
+ unsigned char *md);
+# endif
# ifdef __cplusplus
}
diff --git a/openssl/include/openssl/md4.h b/openssl/include/openssl/md4.h
index a06241df..eac3e6f3 100644..100755
--- a/openssl/include/openssl/md4.h
+++ b/openssl/include/openssl/md4.h
@@ -46,13 +46,14 @@ typedef struct MD4state_st {
unsigned int num;
} MD4_CTX;
# endif
-
-DEPRECATEDIN_3_0(int MD4_Init(MD4_CTX *c))
-DEPRECATEDIN_3_0(int MD4_Update(MD4_CTX *c, const void *data, size_t len))
-DEPRECATEDIN_3_0(int MD4_Final(unsigned char *md, MD4_CTX *c))
-DEPRECATEDIN_3_0(unsigned char *MD4(const unsigned char *d, size_t n,
- unsigned char *md))
-DEPRECATEDIN_3_0(void MD4_Transform(MD4_CTX *c, const unsigned char *b))
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int MD4_Init(MD4_CTX *c);
+OSSL_DEPRECATEDIN_3_0 int MD4_Update(MD4_CTX *c, const void *data, size_t len);
+OSSL_DEPRECATEDIN_3_0 int MD4_Final(unsigned char *md, MD4_CTX *c);
+OSSL_DEPRECATEDIN_3_0 unsigned char *MD4(const unsigned char *d, size_t n,
+ unsigned char *md);
+OSSL_DEPRECATEDIN_3_0 void MD4_Transform(MD4_CTX *c, const unsigned char *b);
+# endif
# ifdef __cplusplus
}
diff --git a/openssl/include/openssl/md5.h b/openssl/include/openssl/md5.h
index 809a961f..f9e7ac24 100644..100755
--- a/openssl/include/openssl/md5.h
+++ b/openssl/include/openssl/md5.h
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -19,22 +19,24 @@
# include <openssl/opensslconf.h>
# ifndef OPENSSL_NO_MD5
-# include <openssl/e_os2.h>
-# include <stddef.h>
-# ifdef __cplusplus
+# include <openssl/e_os2.h>
+# include <stddef.h>
+# ifdef __cplusplus
extern "C" {
-# endif
+# endif
+
+# define MD5_DIGEST_LENGTH 16
+# if !defined(OPENSSL_NO_DEPRECATED_3_0)
/*
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
* ! MD5_LONG has to be at least 32 bits wide. !
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
*/
-# define MD5_LONG unsigned int
+# define MD5_LONG unsigned int
-# define MD5_CBLOCK 64
-# define MD5_LBLOCK (MD5_CBLOCK/4)
-# define MD5_DIGEST_LENGTH 16
+# define MD5_CBLOCK 64
+# define MD5_LBLOCK (MD5_CBLOCK/4)
typedef struct MD5state_st {
MD5_LONG A, B, C, D;
@@ -42,15 +44,19 @@ typedef struct MD5state_st {
MD5_LONG data[MD5_LBLOCK];
unsigned int num;
} MD5_CTX;
-
-int MD5_Init(MD5_CTX *c);
-int MD5_Update(MD5_CTX *c, const void *data, size_t len);
-int MD5_Final(unsigned char *md, MD5_CTX *c);
-unsigned char *MD5(const unsigned char *d, size_t n, unsigned char *md);
-void MD5_Transform(MD5_CTX *c, const unsigned char *b);
-# ifdef __cplusplus
+# endif
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int MD5_Init(MD5_CTX *c);
+OSSL_DEPRECATEDIN_3_0 int MD5_Update(MD5_CTX *c, const void *data, size_t len);
+OSSL_DEPRECATEDIN_3_0 int MD5_Final(unsigned char *md, MD5_CTX *c);
+OSSL_DEPRECATEDIN_3_0 unsigned char *MD5(const unsigned char *d, size_t n,
+ unsigned char *md);
+OSSL_DEPRECATEDIN_3_0 void MD5_Transform(MD5_CTX *c, const unsigned char *b);
+# endif
+
+# ifdef __cplusplus
}
-# endif
+# endif
# endif
#endif
diff --git a/openssl/include/openssl/mdc2.h b/openssl/include/openssl/mdc2.h
index 8db49f0d..7e312662 100644..100755
--- a/openssl/include/openssl/mdc2.h
+++ b/openssl/include/openssl/mdc2.h
@@ -38,13 +38,14 @@ typedef struct mdc2_ctx_st {
unsigned int pad_type; /* either 1 or 2, default 1 */
} MDC2_CTX;
# endif
-
-DEPRECATEDIN_3_0(int MDC2_Init(MDC2_CTX *c))
-DEPRECATEDIN_3_0(int MDC2_Update(MDC2_CTX *c, const unsigned char *data,
- size_t len))
-DEPRECATEDIN_3_0(int MDC2_Final(unsigned char *md, MDC2_CTX *c))
-DEPRECATEDIN_3_0(unsigned char *MDC2(const unsigned char *d, size_t n,
- unsigned char *md))
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int MDC2_Init(MDC2_CTX *c);
+OSSL_DEPRECATEDIN_3_0 int MDC2_Update(MDC2_CTX *c, const unsigned char *data,
+ size_t len);
+OSSL_DEPRECATEDIN_3_0 int MDC2_Final(unsigned char *md, MDC2_CTX *c);
+OSSL_DEPRECATEDIN_3_0 unsigned char *MDC2(const unsigned char *d, size_t n,
+ unsigned char *md);
+# endif
# ifdef __cplusplus
}
diff --git a/openssl/include/openssl/modes.h b/openssl/include/openssl/modes.h
index 4fffcf3f..4fffcf3f 100644..100755
--- a/openssl/include/openssl/modes.h
+++ b/openssl/include/openssl/modes.h
diff --git a/openssl/include/openssl/obj_mac.h b/openssl/include/openssl/obj_mac.h
index 302d97e2..804d94b3 100644..100755
--- a/openssl/include/openssl/obj_mac.h
+++ b/openssl/include/openssl/obj_mac.h
@@ -2,13 +2,17 @@
* WARNING: do not edit!
* Generated by crypto/objects/objects.pl
*
- * Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
+#ifndef OPENSSL_OBJ_MAC_H
+# define OPENSSL_OBJ_MAC_H
+# pragma once
+
#define SN_undef "UNDEF"
#define LN_undef "undefined"
#define NID_undef 0
@@ -850,6 +854,14 @@
#define NID_id_smime_ct_authEnvelopedData 1059
#define OBJ_id_smime_ct_authEnvelopedData OBJ_id_smime_ct,23L
+#define SN_id_ct_routeOriginAuthz "id-ct-routeOriginAuthz"
+#define NID_id_ct_routeOriginAuthz 1234
+#define OBJ_id_ct_routeOriginAuthz OBJ_id_smime_ct,24L
+
+#define SN_id_ct_rpkiManifest "id-ct-rpkiManifest"
+#define NID_id_ct_rpkiManifest 1235
+#define OBJ_id_ct_rpkiManifest OBJ_id_smime_ct,26L
+
#define SN_id_ct_asciiTextWithCRLF "id-ct-asciiTextWithCRLF"
#define NID_id_ct_asciiTextWithCRLF 787
#define OBJ_id_ct_asciiTextWithCRLF OBJ_id_smime_ct,27L
@@ -858,6 +870,22 @@
#define NID_id_ct_xml 1060
#define OBJ_id_ct_xml OBJ_id_smime_ct,28L
+#define SN_id_ct_rpkiGhostbusters "id-ct-rpkiGhostbusters"
+#define NID_id_ct_rpkiGhostbusters 1236
+#define OBJ_id_ct_rpkiGhostbusters OBJ_id_smime_ct,35L
+
+#define SN_id_ct_resourceTaggedAttest "id-ct-resourceTaggedAttest"
+#define NID_id_ct_resourceTaggedAttest 1237
+#define OBJ_id_ct_resourceTaggedAttest OBJ_id_smime_ct,36L
+
+#define SN_id_ct_geofeedCSVwithCRLF "id-ct-geofeedCSVwithCRLF"
+#define NID_id_ct_geofeedCSVwithCRLF 1246
+#define OBJ_id_ct_geofeedCSVwithCRLF OBJ_id_smime_ct,47L
+
+#define SN_id_ct_signedChecklist "id-ct-signedChecklist"
+#define NID_id_ct_signedChecklist 1247
+#define OBJ_id_ct_signedChecklist OBJ_id_smime_ct,48L
+
#define SN_id_smime_aa_receiptRequest "id-smime-aa-receiptRequest"
#define NID_id_smime_aa_receiptRequest 212
#define OBJ_id_smime_aa_receiptRequest OBJ_id_smime_aa,1L
@@ -1395,6 +1423,10 @@
#define NID_id_qcs 267
#define OBJ_id_qcs OBJ_id_pkix,11L
+#define SN_id_cp "id-cp"
+#define NID_id_cp 1238
+#define OBJ_id_cp OBJ_id_pkix,14L
+
#define SN_id_cct "id-cct"
#define NID_id_cct 268
#define OBJ_id_cct OBJ_id_pkix,12L
@@ -1528,6 +1560,14 @@
#define NID_tlsfeature 1020
#define OBJ_tlsfeature OBJ_id_pe,24L
+#define SN_sbgp_ipAddrBlockv2 "sbgp-ipAddrBlockv2"
+#define NID_sbgp_ipAddrBlockv2 1239
+#define OBJ_sbgp_ipAddrBlockv2 OBJ_id_pe,28L
+
+#define SN_sbgp_autonomousSysNumv2 "sbgp-autonomousSysNumv2"
+#define NID_sbgp_autonomousSysNumv2 1240
+#define OBJ_sbgp_autonomousSysNumv2 OBJ_id_pe,29L
+
#define SN_id_qt_cps "id-qt-cps"
#define LN_id_qt_cps "Policy Qualifier CPS"
#define NID_id_qt_cps 164
@@ -1647,6 +1687,26 @@
#define NID_cmcRA 1132
#define OBJ_cmcRA OBJ_id_kp,28L
+#define SN_cmcArchive "cmcArchive"
+#define LN_cmcArchive "CMC Archive Server"
+#define NID_cmcArchive 1219
+#define OBJ_cmcArchive OBJ_id_kp,29L
+
+#define SN_id_kp_bgpsec_router "id-kp-bgpsec-router"
+#define LN_id_kp_bgpsec_router "BGPsec Router"
+#define NID_id_kp_bgpsec_router 1220
+#define OBJ_id_kp_bgpsec_router OBJ_id_kp,30L
+
+#define SN_id_kp_BrandIndicatorforMessageIdentification "id-kp-BrandIndicatorforMessageIdentification"
+#define LN_id_kp_BrandIndicatorforMessageIdentification "Brand Indicator for Message Identification"
+#define NID_id_kp_BrandIndicatorforMessageIdentification 1221
+#define OBJ_id_kp_BrandIndicatorforMessageIdentification OBJ_id_kp,31L
+
+#define SN_cmKGA "cmKGA"
+#define LN_cmKGA "Certificate Management Key Generation Authority"
+#define NID_cmKGA 1222
+#define OBJ_cmKGA OBJ_id_kp,32L
+
#define SN_id_it_caProtEncCert "id-it-caProtEncCert"
#define NID_id_it_caProtEncCert 298
#define OBJ_id_it_caProtEncCert OBJ_id_it,1L
@@ -1711,6 +1771,18 @@
#define NID_id_it_suppLangTags 784
#define OBJ_id_it_suppLangTags OBJ_id_it,16L
+#define SN_id_it_caCerts "id-it-caCerts"
+#define NID_id_it_caCerts 1223
+#define OBJ_id_it_caCerts OBJ_id_it,17L
+
+#define SN_id_it_rootCaKeyUpdate "id-it-rootCaKeyUpdate"
+#define NID_id_it_rootCaKeyUpdate 1224
+#define OBJ_id_it_rootCaKeyUpdate OBJ_id_it,18L
+
+#define SN_id_it_certReqTemplate "id-it-certReqTemplate"
+#define NID_id_it_certReqTemplate 1225
+#define OBJ_id_it_certReqTemplate OBJ_id_it,19L
+
#define SN_id_regCtrl "id-regCtrl"
#define NID_id_regCtrl 313
#define OBJ_id_regCtrl OBJ_id_pkip,1L
@@ -1924,6 +1996,14 @@
#define NID_id_qcs_pkixQCSyntax_v1 359
#define OBJ_id_qcs_pkixQCSyntax_v1 OBJ_id_qcs,1L
+#define SN_ipAddr_asNumber "ipAddr-asNumber"
+#define NID_ipAddr_asNumber 1241
+#define OBJ_ipAddr_asNumber OBJ_id_cp,2L
+
+#define SN_ipAddr_asNumberv2 "ipAddr-asNumberv2"
+#define NID_ipAddr_asNumberv2 1242
+#define OBJ_ipAddr_asNumberv2 OBJ_id_cp,3L
+
#define SN_id_cct_crs "id-cct-crs"
#define NID_id_cct_crs 360
#define OBJ_id_cct_crs OBJ_id_cct,1L
@@ -1976,6 +2056,21 @@
#define NID_caRepository 785
#define OBJ_caRepository OBJ_id_ad,5L
+#define SN_rpkiManifest "rpkiManifest"
+#define LN_rpkiManifest "RPKI Manifest"
+#define NID_rpkiManifest 1243
+#define OBJ_rpkiManifest OBJ_id_ad,10L
+
+#define SN_signedObject "signedObject"
+#define LN_signedObject "Signed Object"
+#define NID_signedObject 1244
+#define OBJ_signedObject OBJ_id_ad,11L
+
+#define SN_rpkiNotify "rpkiNotify"
+#define LN_rpkiNotify "RPKI Notify"
+#define NID_rpkiNotify 1245
+#define OBJ_rpkiNotify OBJ_id_ad,13L
+
#define OBJ_id_pkix_OCSP OBJ_ad_OCSP
#define SN_id_pkix_OCSP_basic "basicOCSPResponse"
@@ -4420,6 +4515,11 @@
#define NID_SNILS 1006
#define OBJ_SNILS OBJ_member_body,643L,100L,3L
+#define SN_OGRNIP "OGRNIP"
+#define LN_OGRNIP "OGRNIP"
+#define NID_OGRNIP 1226
+#define OBJ_OGRNIP OBJ_member_body,643L,100L,5L
+
#define SN_subjectSignTool "subjectSignTool"
#define LN_subjectSignTool "Signing Tool of Subject"
#define NID_subjectSignTool 1007
@@ -4430,6 +4530,41 @@
#define NID_issuerSignTool 1008
#define OBJ_issuerSignTool OBJ_member_body,643L,100L,112L
+#define SN_classSignTool "classSignTool"
+#define LN_classSignTool "Class of Signing Tool"
+#define NID_classSignTool 1227
+#define OBJ_classSignTool OBJ_member_body,643L,100L,113L
+
+#define SN_classSignToolKC1 "classSignToolKC1"
+#define LN_classSignToolKC1 "Class of Signing Tool KC1"
+#define NID_classSignToolKC1 1228
+#define OBJ_classSignToolKC1 OBJ_member_body,643L,100L,113L,1L
+
+#define SN_classSignToolKC2 "classSignToolKC2"
+#define LN_classSignToolKC2 "Class of Signing Tool KC2"
+#define NID_classSignToolKC2 1229
+#define OBJ_classSignToolKC2 OBJ_member_body,643L,100L,113L,2L
+
+#define SN_classSignToolKC3 "classSignToolKC3"
+#define LN_classSignToolKC3 "Class of Signing Tool KC3"
+#define NID_classSignToolKC3 1230
+#define OBJ_classSignToolKC3 OBJ_member_body,643L,100L,113L,3L
+
+#define SN_classSignToolKB1 "classSignToolKB1"
+#define LN_classSignToolKB1 "Class of Signing Tool KB1"
+#define NID_classSignToolKB1 1231
+#define OBJ_classSignToolKB1 OBJ_member_body,643L,100L,113L,4L
+
+#define SN_classSignToolKB2 "classSignToolKB2"
+#define LN_classSignToolKB2 "Class of Signing Tool KB2"
+#define NID_classSignToolKB2 1232
+#define OBJ_classSignToolKB2 OBJ_member_body,643L,100L,113L,5L
+
+#define SN_classSignToolKA1 "classSignToolKA1"
+#define LN_classSignToolKA1 "Class of Signing Tool KA1"
+#define NID_classSignToolKA1 1233
+#define OBJ_classSignToolKA1 OBJ_member_body,643L,100L,113L,6L
+
#define SN_kuznyechik_ecb "kuznyechik-ecb"
#define NID_kuznyechik_ecb 1012
@@ -5297,6 +5432,8 @@
#define LN_aes_256_siv "aes-256-siv"
#define NID_aes_256_siv 1200
+#endif /* OPENSSL_OBJ_MAC_H */
+
#ifndef OPENSSL_NO_DEPRECATED_3_0
#define SN_id_tc26_cipher_gostr3412_2015_magma_ctracpkm SN_magma_ctr_acpkm
@@ -5341,4 +5478,4 @@
#define SN_grasshopper_mac SN_kuznyechik_mac
#define NID_grasshopper_mac NID_kuznyechik_mac
-#endif
+#endif /* OPENSSL_NO_DEPRECATED_3_0 */
diff --git a/openssl/include/openssl/objects.h b/openssl/include/openssl/objects.h
index 113ce45f..113ce45f 100644..100755
--- a/openssl/include/openssl/objects.h
+++ b/openssl/include/openssl/objects.h
diff --git a/openssl/include/openssl/objectserr.h b/openssl/include/openssl/objectserr.h
index 6125b0f3..82e88718 100644..100755
--- a/openssl/include/openssl/objectserr.h
+++ b/openssl/include/openssl/objectserr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -14,32 +14,15 @@
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
+# include <openssl/cryptoerr_legacy.h>
-# ifdef __cplusplus
-extern "C"
-# endif
-int ERR_load_OBJ_strings(void);
-
-/*
- * OBJ function codes.
- */
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define OBJ_F_OBJ_ADD_OBJECT 0
-# define OBJ_F_OBJ_ADD_SIGID 0
-# define OBJ_F_OBJ_CREATE 0
-# define OBJ_F_OBJ_DUP 0
-# define OBJ_F_OBJ_NAME_NEW_INDEX 0
-# define OBJ_F_OBJ_NID2LN 0
-# define OBJ_F_OBJ_NID2OBJ 0
-# define OBJ_F_OBJ_NID2SN 0
-# define OBJ_F_OBJ_TXT2OBJ 0
-# endif
/*
* OBJ reason codes.
*/
# define OBJ_R_OID_EXISTS 102
# define OBJ_R_UNKNOWN_NID 101
+# define OBJ_R_UNKNOWN_OBJECT_NAME 103
#endif
diff --git a/openssl/include/openssl/ocsp.h b/openssl/include/openssl/ocsp.h
index 5c6b8814..f9522157 100644..100755
--- a/openssl/include/openssl/ocsp.h
+++ b/openssl/include/openssl/ocsp.h
@@ -1,5 +1,8 @@
/*
- * Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * WARNING: do not edit!
+ * Generated by makefile from include\openssl\ocsp.h.in
+ *
+ * Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -7,6 +10,8 @@
* https://www.openssl.org/source/license.html
*/
+
+
#ifndef OPENSSL_OCSP_H
# define OPENSSL_OCSP_H
# pragma once
@@ -17,6 +22,8 @@
# endif
# include <openssl/opensslconf.h>
+# include <openssl/http.h>
+# include <openssl/asn1.h>
/*
* These definitions are outside the OPENSSL_NO_OCSP guard because although for
@@ -49,30 +56,6 @@
# define OCSP_REVOKED_STATUS_PRIVILEGEWITHDRAWN 9
# define OCSP_REVOKED_STATUS_AACOMPROMISE 10
-/*
- * These definitions are outside the OPENSSL_NO_OCSP guard because although for
- * historical reasons they have OCSP_* names, they are used for the HTTP client.
- */
-# include <openssl/asn1.h>
-/* The following functions are used only internally */
-OCSP_REQ_CTX *OCSP_REQ_CTX_new(BIO *wbio, BIO *rbio,
- int method_GET, int maxline,
- unsigned long max_resp_len, int timeout,
- const char *expected_content_type,
- int expect_asn1);
-void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx);
-int OCSP_REQ_CTX_http(OCSP_REQ_CTX *rctx,
- const char *server, const char *port, const char *path);
-int OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx,
- const char *name, const char *value);
-int OCSP_REQ_CTX_i2d(OCSP_REQ_CTX *rctx, const char *content_type,
- const ASN1_ITEM *it, ASN1_VALUE *req);
-int OCSP_REQ_CTX_nbio(OCSP_REQ_CTX *rctx);
-ASN1_VALUE *OCSP_REQ_CTX_nbio_d2i(OCSP_REQ_CTX *rctx, const ASN1_ITEM *it);
-BIO *OCSP_REQ_CTX_get0_mem_bio(OCSP_REQ_CTX *rctx);
-void OCSP_set_max_response_length(OCSP_REQ_CTX *rctx, unsigned long len);
-/* End of functions used only internally */
-
# ifndef OPENSSL_NO_OCSP
@@ -101,6 +84,7 @@ extern "C" {
# define OCSP_TRUSTOTHER 0x200
# define OCSP_RESPID_KEY 0x400
# define OCSP_NOTIME 0x800
+# define OCSP_PARTIAL_CHAIN 0x1000
typedef struct ocsp_cert_id_st OCSP_CERTID;
typedef struct ocsp_one_request_st OCSP_ONEREQ;
@@ -108,8 +92,59 @@ typedef struct ocsp_req_info_st OCSP_REQINFO;
typedef struct ocsp_signature_st OCSP_SIGNATURE;
typedef struct ocsp_request_st OCSP_REQUEST;
-DEFINE_OR_DECLARE_STACK_OF(OCSP_CERTID)
-DEFINE_OR_DECLARE_STACK_OF(OCSP_ONEREQ)
+SKM_DEFINE_STACK_OF_INTERNAL(OCSP_CERTID, OCSP_CERTID, OCSP_CERTID)
+#define sk_OCSP_CERTID_num(sk) OPENSSL_sk_num(ossl_check_const_OCSP_CERTID_sk_type(sk))
+#define sk_OCSP_CERTID_value(sk, idx) ((OCSP_CERTID *)OPENSSL_sk_value(ossl_check_const_OCSP_CERTID_sk_type(sk), (idx)))
+#define sk_OCSP_CERTID_new(cmp) ((STACK_OF(OCSP_CERTID) *)OPENSSL_sk_new(ossl_check_OCSP_CERTID_compfunc_type(cmp)))
+#define sk_OCSP_CERTID_new_null() ((STACK_OF(OCSP_CERTID) *)OPENSSL_sk_new_null())
+#define sk_OCSP_CERTID_new_reserve(cmp, n) ((STACK_OF(OCSP_CERTID) *)OPENSSL_sk_new_reserve(ossl_check_OCSP_CERTID_compfunc_type(cmp), (n)))
+#define sk_OCSP_CERTID_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OCSP_CERTID_sk_type(sk), (n))
+#define sk_OCSP_CERTID_free(sk) OPENSSL_sk_free(ossl_check_OCSP_CERTID_sk_type(sk))
+#define sk_OCSP_CERTID_zero(sk) OPENSSL_sk_zero(ossl_check_OCSP_CERTID_sk_type(sk))
+#define sk_OCSP_CERTID_delete(sk, i) ((OCSP_CERTID *)OPENSSL_sk_delete(ossl_check_OCSP_CERTID_sk_type(sk), (i)))
+#define sk_OCSP_CERTID_delete_ptr(sk, ptr) ((OCSP_CERTID *)OPENSSL_sk_delete_ptr(ossl_check_OCSP_CERTID_sk_type(sk), ossl_check_OCSP_CERTID_type(ptr)))
+#define sk_OCSP_CERTID_push(sk, ptr) OPENSSL_sk_push(ossl_check_OCSP_CERTID_sk_type(sk), ossl_check_OCSP_CERTID_type(ptr))
+#define sk_OCSP_CERTID_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OCSP_CERTID_sk_type(sk), ossl_check_OCSP_CERTID_type(ptr))
+#define sk_OCSP_CERTID_pop(sk) ((OCSP_CERTID *)OPENSSL_sk_pop(ossl_check_OCSP_CERTID_sk_type(sk)))
+#define sk_OCSP_CERTID_shift(sk) ((OCSP_CERTID *)OPENSSL_sk_shift(ossl_check_OCSP_CERTID_sk_type(sk)))
+#define sk_OCSP_CERTID_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OCSP_CERTID_sk_type(sk),ossl_check_OCSP_CERTID_freefunc_type(freefunc))
+#define sk_OCSP_CERTID_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OCSP_CERTID_sk_type(sk), ossl_check_OCSP_CERTID_type(ptr), (idx))
+#define sk_OCSP_CERTID_set(sk, idx, ptr) ((OCSP_CERTID *)OPENSSL_sk_set(ossl_check_OCSP_CERTID_sk_type(sk), (idx), ossl_check_OCSP_CERTID_type(ptr)))
+#define sk_OCSP_CERTID_find(sk, ptr) OPENSSL_sk_find(ossl_check_OCSP_CERTID_sk_type(sk), ossl_check_OCSP_CERTID_type(ptr))
+#define sk_OCSP_CERTID_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OCSP_CERTID_sk_type(sk), ossl_check_OCSP_CERTID_type(ptr))
+#define sk_OCSP_CERTID_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OCSP_CERTID_sk_type(sk), ossl_check_OCSP_CERTID_type(ptr), pnum)
+#define sk_OCSP_CERTID_sort(sk) OPENSSL_sk_sort(ossl_check_OCSP_CERTID_sk_type(sk))
+#define sk_OCSP_CERTID_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OCSP_CERTID_sk_type(sk))
+#define sk_OCSP_CERTID_dup(sk) ((STACK_OF(OCSP_CERTID) *)OPENSSL_sk_dup(ossl_check_const_OCSP_CERTID_sk_type(sk)))
+#define sk_OCSP_CERTID_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OCSP_CERTID) *)OPENSSL_sk_deep_copy(ossl_check_const_OCSP_CERTID_sk_type(sk), ossl_check_OCSP_CERTID_copyfunc_type(copyfunc), ossl_check_OCSP_CERTID_freefunc_type(freefunc)))
+#define sk_OCSP_CERTID_set_cmp_func(sk, cmp) ((sk_OCSP_CERTID_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OCSP_CERTID_sk_type(sk), ossl_check_OCSP_CERTID_compfunc_type(cmp)))
+SKM_DEFINE_STACK_OF_INTERNAL(OCSP_ONEREQ, OCSP_ONEREQ, OCSP_ONEREQ)
+#define sk_OCSP_ONEREQ_num(sk) OPENSSL_sk_num(ossl_check_const_OCSP_ONEREQ_sk_type(sk))
+#define sk_OCSP_ONEREQ_value(sk, idx) ((OCSP_ONEREQ *)OPENSSL_sk_value(ossl_check_const_OCSP_ONEREQ_sk_type(sk), (idx)))
+#define sk_OCSP_ONEREQ_new(cmp) ((STACK_OF(OCSP_ONEREQ) *)OPENSSL_sk_new(ossl_check_OCSP_ONEREQ_compfunc_type(cmp)))
+#define sk_OCSP_ONEREQ_new_null() ((STACK_OF(OCSP_ONEREQ) *)OPENSSL_sk_new_null())
+#define sk_OCSP_ONEREQ_new_reserve(cmp, n) ((STACK_OF(OCSP_ONEREQ) *)OPENSSL_sk_new_reserve(ossl_check_OCSP_ONEREQ_compfunc_type(cmp), (n)))
+#define sk_OCSP_ONEREQ_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OCSP_ONEREQ_sk_type(sk), (n))
+#define sk_OCSP_ONEREQ_free(sk) OPENSSL_sk_free(ossl_check_OCSP_ONEREQ_sk_type(sk))
+#define sk_OCSP_ONEREQ_zero(sk) OPENSSL_sk_zero(ossl_check_OCSP_ONEREQ_sk_type(sk))
+#define sk_OCSP_ONEREQ_delete(sk, i) ((OCSP_ONEREQ *)OPENSSL_sk_delete(ossl_check_OCSP_ONEREQ_sk_type(sk), (i)))
+#define sk_OCSP_ONEREQ_delete_ptr(sk, ptr) ((OCSP_ONEREQ *)OPENSSL_sk_delete_ptr(ossl_check_OCSP_ONEREQ_sk_type(sk), ossl_check_OCSP_ONEREQ_type(ptr)))
+#define sk_OCSP_ONEREQ_push(sk, ptr) OPENSSL_sk_push(ossl_check_OCSP_ONEREQ_sk_type(sk), ossl_check_OCSP_ONEREQ_type(ptr))
+#define sk_OCSP_ONEREQ_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OCSP_ONEREQ_sk_type(sk), ossl_check_OCSP_ONEREQ_type(ptr))
+#define sk_OCSP_ONEREQ_pop(sk) ((OCSP_ONEREQ *)OPENSSL_sk_pop(ossl_check_OCSP_ONEREQ_sk_type(sk)))
+#define sk_OCSP_ONEREQ_shift(sk) ((OCSP_ONEREQ *)OPENSSL_sk_shift(ossl_check_OCSP_ONEREQ_sk_type(sk)))
+#define sk_OCSP_ONEREQ_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OCSP_ONEREQ_sk_type(sk),ossl_check_OCSP_ONEREQ_freefunc_type(freefunc))
+#define sk_OCSP_ONEREQ_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OCSP_ONEREQ_sk_type(sk), ossl_check_OCSP_ONEREQ_type(ptr), (idx))
+#define sk_OCSP_ONEREQ_set(sk, idx, ptr) ((OCSP_ONEREQ *)OPENSSL_sk_set(ossl_check_OCSP_ONEREQ_sk_type(sk), (idx), ossl_check_OCSP_ONEREQ_type(ptr)))
+#define sk_OCSP_ONEREQ_find(sk, ptr) OPENSSL_sk_find(ossl_check_OCSP_ONEREQ_sk_type(sk), ossl_check_OCSP_ONEREQ_type(ptr))
+#define sk_OCSP_ONEREQ_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OCSP_ONEREQ_sk_type(sk), ossl_check_OCSP_ONEREQ_type(ptr))
+#define sk_OCSP_ONEREQ_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OCSP_ONEREQ_sk_type(sk), ossl_check_OCSP_ONEREQ_type(ptr), pnum)
+#define sk_OCSP_ONEREQ_sort(sk) OPENSSL_sk_sort(ossl_check_OCSP_ONEREQ_sk_type(sk))
+#define sk_OCSP_ONEREQ_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OCSP_ONEREQ_sk_type(sk))
+#define sk_OCSP_ONEREQ_dup(sk) ((STACK_OF(OCSP_ONEREQ) *)OPENSSL_sk_dup(ossl_check_const_OCSP_ONEREQ_sk_type(sk)))
+#define sk_OCSP_ONEREQ_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OCSP_ONEREQ) *)OPENSSL_sk_deep_copy(ossl_check_const_OCSP_ONEREQ_sk_type(sk), ossl_check_OCSP_ONEREQ_copyfunc_type(copyfunc), ossl_check_OCSP_ONEREQ_freefunc_type(freefunc)))
+#define sk_OCSP_ONEREQ_set_cmp_func(sk, cmp) ((sk_OCSP_ONEREQ_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OCSP_ONEREQ_sk_type(sk), ossl_check_OCSP_ONEREQ_compfunc_type(cmp)))
+
# define OCSP_RESPONSE_STATUS_SUCCESSFUL 0
# define OCSP_RESPONSE_STATUS_MALFORMEDREQUEST 1
@@ -123,7 +158,33 @@ typedef struct ocsp_resp_bytes_st OCSP_RESPBYTES;
# define V_OCSP_RESPID_NAME 0
# define V_OCSP_RESPID_KEY 1
-DEFINE_OR_DECLARE_STACK_OF(OCSP_RESPID)
+SKM_DEFINE_STACK_OF_INTERNAL(OCSP_RESPID, OCSP_RESPID, OCSP_RESPID)
+#define sk_OCSP_RESPID_num(sk) OPENSSL_sk_num(ossl_check_const_OCSP_RESPID_sk_type(sk))
+#define sk_OCSP_RESPID_value(sk, idx) ((OCSP_RESPID *)OPENSSL_sk_value(ossl_check_const_OCSP_RESPID_sk_type(sk), (idx)))
+#define sk_OCSP_RESPID_new(cmp) ((STACK_OF(OCSP_RESPID) *)OPENSSL_sk_new(ossl_check_OCSP_RESPID_compfunc_type(cmp)))
+#define sk_OCSP_RESPID_new_null() ((STACK_OF(OCSP_RESPID) *)OPENSSL_sk_new_null())
+#define sk_OCSP_RESPID_new_reserve(cmp, n) ((STACK_OF(OCSP_RESPID) *)OPENSSL_sk_new_reserve(ossl_check_OCSP_RESPID_compfunc_type(cmp), (n)))
+#define sk_OCSP_RESPID_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OCSP_RESPID_sk_type(sk), (n))
+#define sk_OCSP_RESPID_free(sk) OPENSSL_sk_free(ossl_check_OCSP_RESPID_sk_type(sk))
+#define sk_OCSP_RESPID_zero(sk) OPENSSL_sk_zero(ossl_check_OCSP_RESPID_sk_type(sk))
+#define sk_OCSP_RESPID_delete(sk, i) ((OCSP_RESPID *)OPENSSL_sk_delete(ossl_check_OCSP_RESPID_sk_type(sk), (i)))
+#define sk_OCSP_RESPID_delete_ptr(sk, ptr) ((OCSP_RESPID *)OPENSSL_sk_delete_ptr(ossl_check_OCSP_RESPID_sk_type(sk), ossl_check_OCSP_RESPID_type(ptr)))
+#define sk_OCSP_RESPID_push(sk, ptr) OPENSSL_sk_push(ossl_check_OCSP_RESPID_sk_type(sk), ossl_check_OCSP_RESPID_type(ptr))
+#define sk_OCSP_RESPID_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OCSP_RESPID_sk_type(sk), ossl_check_OCSP_RESPID_type(ptr))
+#define sk_OCSP_RESPID_pop(sk) ((OCSP_RESPID *)OPENSSL_sk_pop(ossl_check_OCSP_RESPID_sk_type(sk)))
+#define sk_OCSP_RESPID_shift(sk) ((OCSP_RESPID *)OPENSSL_sk_shift(ossl_check_OCSP_RESPID_sk_type(sk)))
+#define sk_OCSP_RESPID_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OCSP_RESPID_sk_type(sk),ossl_check_OCSP_RESPID_freefunc_type(freefunc))
+#define sk_OCSP_RESPID_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OCSP_RESPID_sk_type(sk), ossl_check_OCSP_RESPID_type(ptr), (idx))
+#define sk_OCSP_RESPID_set(sk, idx, ptr) ((OCSP_RESPID *)OPENSSL_sk_set(ossl_check_OCSP_RESPID_sk_type(sk), (idx), ossl_check_OCSP_RESPID_type(ptr)))
+#define sk_OCSP_RESPID_find(sk, ptr) OPENSSL_sk_find(ossl_check_OCSP_RESPID_sk_type(sk), ossl_check_OCSP_RESPID_type(ptr))
+#define sk_OCSP_RESPID_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OCSP_RESPID_sk_type(sk), ossl_check_OCSP_RESPID_type(ptr))
+#define sk_OCSP_RESPID_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OCSP_RESPID_sk_type(sk), ossl_check_OCSP_RESPID_type(ptr), pnum)
+#define sk_OCSP_RESPID_sort(sk) OPENSSL_sk_sort(ossl_check_OCSP_RESPID_sk_type(sk))
+#define sk_OCSP_RESPID_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OCSP_RESPID_sk_type(sk))
+#define sk_OCSP_RESPID_dup(sk) ((STACK_OF(OCSP_RESPID) *)OPENSSL_sk_dup(ossl_check_const_OCSP_RESPID_sk_type(sk)))
+#define sk_OCSP_RESPID_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OCSP_RESPID) *)OPENSSL_sk_deep_copy(ossl_check_const_OCSP_RESPID_sk_type(sk), ossl_check_OCSP_RESPID_copyfunc_type(copyfunc), ossl_check_OCSP_RESPID_freefunc_type(freefunc)))
+#define sk_OCSP_RESPID_set_cmp_func(sk, cmp) ((sk_OCSP_RESPID_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OCSP_RESPID_sk_type(sk), ossl_check_OCSP_RESPID_compfunc_type(cmp)))
+
typedef struct ocsp_revoked_info_st OCSP_REVOKEDINFO;
@@ -134,7 +195,33 @@ typedef struct ocsp_revoked_info_st OCSP_REVOKEDINFO;
typedef struct ocsp_cert_status_st OCSP_CERTSTATUS;
typedef struct ocsp_single_response_st OCSP_SINGLERESP;
-DEFINE_OR_DECLARE_STACK_OF(OCSP_SINGLERESP)
+SKM_DEFINE_STACK_OF_INTERNAL(OCSP_SINGLERESP, OCSP_SINGLERESP, OCSP_SINGLERESP)
+#define sk_OCSP_SINGLERESP_num(sk) OPENSSL_sk_num(ossl_check_const_OCSP_SINGLERESP_sk_type(sk))
+#define sk_OCSP_SINGLERESP_value(sk, idx) ((OCSP_SINGLERESP *)OPENSSL_sk_value(ossl_check_const_OCSP_SINGLERESP_sk_type(sk), (idx)))
+#define sk_OCSP_SINGLERESP_new(cmp) ((STACK_OF(OCSP_SINGLERESP) *)OPENSSL_sk_new(ossl_check_OCSP_SINGLERESP_compfunc_type(cmp)))
+#define sk_OCSP_SINGLERESP_new_null() ((STACK_OF(OCSP_SINGLERESP) *)OPENSSL_sk_new_null())
+#define sk_OCSP_SINGLERESP_new_reserve(cmp, n) ((STACK_OF(OCSP_SINGLERESP) *)OPENSSL_sk_new_reserve(ossl_check_OCSP_SINGLERESP_compfunc_type(cmp), (n)))
+#define sk_OCSP_SINGLERESP_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OCSP_SINGLERESP_sk_type(sk), (n))
+#define sk_OCSP_SINGLERESP_free(sk) OPENSSL_sk_free(ossl_check_OCSP_SINGLERESP_sk_type(sk))
+#define sk_OCSP_SINGLERESP_zero(sk) OPENSSL_sk_zero(ossl_check_OCSP_SINGLERESP_sk_type(sk))
+#define sk_OCSP_SINGLERESP_delete(sk, i) ((OCSP_SINGLERESP *)OPENSSL_sk_delete(ossl_check_OCSP_SINGLERESP_sk_type(sk), (i)))
+#define sk_OCSP_SINGLERESP_delete_ptr(sk, ptr) ((OCSP_SINGLERESP *)OPENSSL_sk_delete_ptr(ossl_check_OCSP_SINGLERESP_sk_type(sk), ossl_check_OCSP_SINGLERESP_type(ptr)))
+#define sk_OCSP_SINGLERESP_push(sk, ptr) OPENSSL_sk_push(ossl_check_OCSP_SINGLERESP_sk_type(sk), ossl_check_OCSP_SINGLERESP_type(ptr))
+#define sk_OCSP_SINGLERESP_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OCSP_SINGLERESP_sk_type(sk), ossl_check_OCSP_SINGLERESP_type(ptr))
+#define sk_OCSP_SINGLERESP_pop(sk) ((OCSP_SINGLERESP *)OPENSSL_sk_pop(ossl_check_OCSP_SINGLERESP_sk_type(sk)))
+#define sk_OCSP_SINGLERESP_shift(sk) ((OCSP_SINGLERESP *)OPENSSL_sk_shift(ossl_check_OCSP_SINGLERESP_sk_type(sk)))
+#define sk_OCSP_SINGLERESP_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OCSP_SINGLERESP_sk_type(sk),ossl_check_OCSP_SINGLERESP_freefunc_type(freefunc))
+#define sk_OCSP_SINGLERESP_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OCSP_SINGLERESP_sk_type(sk), ossl_check_OCSP_SINGLERESP_type(ptr), (idx))
+#define sk_OCSP_SINGLERESP_set(sk, idx, ptr) ((OCSP_SINGLERESP *)OPENSSL_sk_set(ossl_check_OCSP_SINGLERESP_sk_type(sk), (idx), ossl_check_OCSP_SINGLERESP_type(ptr)))
+#define sk_OCSP_SINGLERESP_find(sk, ptr) OPENSSL_sk_find(ossl_check_OCSP_SINGLERESP_sk_type(sk), ossl_check_OCSP_SINGLERESP_type(ptr))
+#define sk_OCSP_SINGLERESP_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OCSP_SINGLERESP_sk_type(sk), ossl_check_OCSP_SINGLERESP_type(ptr))
+#define sk_OCSP_SINGLERESP_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OCSP_SINGLERESP_sk_type(sk), ossl_check_OCSP_SINGLERESP_type(ptr), pnum)
+#define sk_OCSP_SINGLERESP_sort(sk) OPENSSL_sk_sort(ossl_check_OCSP_SINGLERESP_sk_type(sk))
+#define sk_OCSP_SINGLERESP_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OCSP_SINGLERESP_sk_type(sk))
+#define sk_OCSP_SINGLERESP_dup(sk) ((STACK_OF(OCSP_SINGLERESP) *)OPENSSL_sk_dup(ossl_check_const_OCSP_SINGLERESP_sk_type(sk)))
+#define sk_OCSP_SINGLERESP_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OCSP_SINGLERESP) *)OPENSSL_sk_deep_copy(ossl_check_const_OCSP_SINGLERESP_sk_type(sk), ossl_check_OCSP_SINGLERESP_copyfunc_type(copyfunc), ossl_check_OCSP_SINGLERESP_freefunc_type(freefunc)))
+#define sk_OCSP_SINGLERESP_set_cmp_func(sk, cmp) ((sk_OCSP_SINGLERESP_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OCSP_SINGLERESP_sk_type(sk), ossl_check_OCSP_SINGLERESP_compfunc_type(cmp)))
+
typedef struct ocsp_response_data_st OCSP_RESPDATA;
@@ -179,13 +266,32 @@ typedef struct ocsp_service_locator_st OCSP_SERVICELOC;
DECLARE_ASN1_DUP_FUNCTION(OCSP_CERTID)
+OSSL_HTTP_REQ_CTX *OCSP_sendreq_new(BIO *io, const char *path,
+ const OCSP_REQUEST *req, int buf_size);
OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, const char *path, OCSP_REQUEST *req);
-OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, const char *path, OCSP_REQUEST *req,
- int maxline);
-int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx);
-/* TODO: remove this (documented but) meanwhile obsolete function? */
-int OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, const OCSP_REQUEST *req);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+typedef OSSL_HTTP_REQ_CTX OCSP_REQ_CTX;
+# define OCSP_REQ_CTX_new(io, buf_size) \
+ OSSL_HTTP_REQ_CTX_new(io, io, buf_size)
+# define OCSP_REQ_CTX_free OSSL_HTTP_REQ_CTX_free
+# define OCSP_REQ_CTX_http(rctx, op, path) \
+ (OSSL_HTTP_REQ_CTX_set_expected(rctx, NULL, 1 /* asn1 */, 0, 0) && \
+ OSSL_HTTP_REQ_CTX_set_request_line(rctx, strcmp(op, "POST") == 0, \
+ NULL, NULL, path))
+# define OCSP_REQ_CTX_add1_header OSSL_HTTP_REQ_CTX_add1_header
+# define OCSP_REQ_CTX_i2d(r, it, req) \
+ OSSL_HTTP_REQ_CTX_set1_req(r, "application/ocsp-request", it, req)
+# define OCSP_REQ_CTX_set1_req(r, req) \
+ OCSP_REQ_CTX_i2d(r, ASN1_ITEM_rptr(OCSP_REQUEST), (ASN1_VALUE *)(req))
+# define OCSP_REQ_CTX_nbio OSSL_HTTP_REQ_CTX_nbio
+# define OCSP_REQ_CTX_nbio_d2i OSSL_HTTP_REQ_CTX_nbio_d2i
+# define OCSP_sendreq_nbio(p, r) \
+ OSSL_HTTP_REQ_CTX_nbio_d2i(r, (ASN1_VALUE **)(p), \
+ ASN1_ITEM_rptr(OCSP_RESPONSE))
+# define OCSP_REQ_CTX_get0_mem_bio OSSL_HTTP_REQ_CTX_get0_mem_bio
+# define OCSP_set_max_response_length OSSL_HTTP_REQ_CTX_set_max_response_length
+# endif
OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, const X509 *subject,
const X509 *issuer);
@@ -247,7 +353,8 @@ int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd,
int OCSP_request_verify(OCSP_REQUEST *req, STACK_OF(X509) *certs,
X509_STORE *store, unsigned long flags);
-# define OCSP_parse_url OSSL_HTTP_parse_url /* for backward compatibility */
+# define OCSP_parse_url(url, host, port, path, ssl) \
+ OSSL_HTTP_parse_url(url, ssl, NULL, host, port, NULL, path, NULL, NULL)
int OCSP_id_issuer_cmp(const OCSP_CERTID *a, const OCSP_CERTID *b);
int OCSP_id_cmp(const OCSP_CERTID *a, const OCSP_CERTID *b);
@@ -275,9 +382,9 @@ int OCSP_basic_sign_ctx(OCSP_BASICRESP *brsp,
STACK_OF(X509) *certs, unsigned long flags);
int OCSP_RESPID_set_by_name(OCSP_RESPID *respid, X509 *cert);
int OCSP_RESPID_set_by_key_ex(OCSP_RESPID *respid, X509 *cert,
- OPENSSL_CTX *libctx, const char *propq);
+ OSSL_LIB_CTX *libctx, const char *propq);
int OCSP_RESPID_set_by_key(OCSP_RESPID *respid, X509 *cert);
-int OCSP_RESPID_match_ex(OCSP_RESPID *respid, X509 *cert, OPENSSL_CTX *libctx,
+int OCSP_RESPID_match_ex(OCSP_RESPID *respid, X509 *cert, OSSL_LIB_CTX *libctx,
const char *propq);
int OCSP_RESPID_match(OCSP_RESPID *respid, X509 *cert);
diff --git a/openssl/include/openssl/ocsperr.h b/openssl/include/openssl/ocsperr.h
index b24055f2..3a27ff1c 100644..100755
--- a/openssl/include/openssl/ocsperr.h
+++ b/openssl/include/openssl/ocsperr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -14,42 +14,19 @@
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
+# include <openssl/cryptoerr_legacy.h>
-# include <openssl/opensslconf.h>
-
# ifndef OPENSSL_NO_OCSP
-# ifdef __cplusplus
-extern "C"
-# endif
-int ERR_load_OCSP_strings(void);
-
-/*
- * OCSP function codes.
- */
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define OCSP_F_D2I_OCSP_NONCE 0
-# define OCSP_F_OCSP_BASIC_ADD1_STATUS 0
-# define OCSP_F_OCSP_BASIC_SIGN 0
-# define OCSP_F_OCSP_BASIC_SIGN_CTX 0
-# define OCSP_F_OCSP_BASIC_VERIFY 0
-# define OCSP_F_OCSP_CERT_ID_NEW 0
-# define OCSP_F_OCSP_CHECK_DELEGATED 0
-# define OCSP_F_OCSP_CHECK_IDS 0
-# define OCSP_F_OCSP_CHECK_ISSUER 0
-# define OCSP_F_OCSP_CHECK_VALIDITY 0
-# define OCSP_F_OCSP_MATCH_ISSUERID 0
-# define OCSP_F_OCSP_REQUEST_SIGN 0
-# define OCSP_F_OCSP_REQUEST_VERIFY 0
-# define OCSP_F_OCSP_RESPONSE_GET1_BASIC 0
-# endif
/*
* OCSP reason codes.
*/
# define OCSP_R_CERTIFICATE_VERIFY_ERROR 101
# define OCSP_R_DIGEST_ERR 102
+# define OCSP_R_DIGEST_NAME_ERR 106
+# define OCSP_R_DIGEST_SIZE_ERR 107
# define OCSP_R_ERROR_IN_NEXTUPDATE_FIELD 122
# define OCSP_R_ERROR_IN_THISUPDATE_FIELD 123
# define OCSP_R_MISSING_OCSPSIGNING_USAGE 103
diff --git a/openssl/include/openssl/opensslconf.h b/openssl/include/openssl/opensslconf.h
index dd61b527..eb59e0a3 100644..100755
--- a/openssl/include/openssl/opensslconf.h
+++ b/openssl/include/openssl/opensslconf.h
@@ -1,5 +1,5 @@
/*
- * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -9,8 +9,9 @@
#ifndef OPENSSL_OPENSSLCONF_H
# define OPENSSL_OPENSSLCONF_H
+# pragma once
-#include <openssl/configuration.h>
-#include <openssl/macros.h>
+# include <openssl/configuration.h>
+# include <openssl/macros.h>
#endif /* OPENSSL_OPENSSLCONF_H */
diff --git a/openssl/include/openssl/opensslv.h b/openssl/include/openssl/opensslv.h
index 0d90871b..db4c5d0e 100644..100755
--- a/openssl/include/openssl/opensslv.h
+++ b/openssl/include/openssl/opensslv.h
@@ -39,7 +39,7 @@ extern "C" {
*/
/* Could be: #define OPENSSL_VERSION_PRE_RELEASE "-alpha.1" */
-# define OPENSSL_VERSION_PRE_RELEASE "-alpha5-dev"
+# define OPENSSL_VERSION_PRE_RELEASE "-beta3-dev"
/* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+fips" */
/* Could be: #define OPENSSL_VERSION_BUILD_METADATA "+vendor.1" */
# define OPENSSL_VERSION_BUILD_METADATA ""
@@ -75,7 +75,7 @@ extern "C" {
* OPENSSL_VERSION_BUILD_METADATA_STR appended.
*/
# define OPENSSL_VERSION_STR "3.0.0"
-# define OPENSSL_FULL_VERSION_STR "3.0.0-alpha5-dev"
+# define OPENSSL_FULL_VERSION_STR "3.0.0-beta3-dev"
/*
* SECTION 3: ADDITIONAL METADATA
@@ -88,7 +88,7 @@ extern "C" {
* SECTION 4: BACKWARD COMPATIBILITY
*/
-# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.0-alpha5-dev "
+# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.0-beta3-dev "
/* Synthesize OPENSSL_VERSION_NUMBER with the layout 0xMNN00PPSL */
# ifdef OPENSSL_VERSION_PRE_RELEASE
diff --git a/openssl/include/openssl/ossl_typ.h b/openssl/include/openssl/ossl_typ.h
index 66506d7e..66506d7e 100644..100755
--- a/openssl/include/openssl/ossl_typ.h
+++ b/openssl/include/openssl/ossl_typ.h
diff --git a/openssl/include/openssl/param_build.h b/openssl/include/openssl/param_build.h
index 89840449..cf8b8f1a 100644..100755
--- a/openssl/include/openssl/param_build.h
+++ b/openssl/include/openssl/param_build.h
@@ -1,5 +1,5 @@
/*
- * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
@@ -8,13 +8,20 @@
* https://www.openssl.org/source/license.html
*/
-#include <openssl/params.h>
-#include <openssl/types.h>
+#ifndef OPENSSL_PARAM_BUILD_H
+# define OPENSSL_PARAM_BUILD_H
+# pragma once
+
+# include <openssl/params.h>
+# include <openssl/types.h>
+
+# ifdef __cplusplus
+extern "C" {
+# endif
OSSL_PARAM_BLD *OSSL_PARAM_BLD_new(void);
OSSL_PARAM *OSSL_PARAM_BLD_to_param(OSSL_PARAM_BLD *bld);
void OSSL_PARAM_BLD_free(OSSL_PARAM_BLD *bld);
-void OSSL_PARAM_BLD_free_params(OSSL_PARAM *params);
int OSSL_PARAM_BLD_push_int(OSSL_PARAM_BLD *bld, const char *key, int val);
int OSSL_PARAM_BLD_push_uint(OSSL_PARAM_BLD *bld, const char *key,
@@ -49,3 +56,8 @@ int OSSL_PARAM_BLD_push_octet_string(OSSL_PARAM_BLD *bld, const char *key,
const void *buf, size_t bsize);
int OSSL_PARAM_BLD_push_octet_ptr(OSSL_PARAM_BLD *bld, const char *key,
void *buf, size_t bsize);
+
+# ifdef __cplusplus
+}
+# endif
+#endif /* OPENSSL_PARAM_BUILD_H */
diff --git a/openssl/include/openssl/params.h b/openssl/include/openssl/params.h
index 40162f51..ce390577 100644..100755
--- a/openssl/include/openssl/params.h
+++ b/openssl/include/openssl/params.h
@@ -1,5 +1,5 @@
/*
- * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
@@ -10,6 +10,7 @@
#ifndef OPENSSL_PARAMS_H
# define OPENSSL_PARAMS_H
+# pragma once
# include <openssl/core.h>
# include <openssl/bn.h>
@@ -62,9 +63,9 @@ extern "C" {
OSSL_PARAM_DEFN((key), OSSL_PARAM_OCTET_STRING, (addr), sz)
# define OSSL_PARAM_utf8_ptr(key, addr, sz) \
- OSSL_PARAM_DEFN((key), OSSL_PARAM_UTF8_PTR, &(addr), sz)
+ OSSL_PARAM_DEFN((key), OSSL_PARAM_UTF8_PTR, (addr), sz)
# define OSSL_PARAM_octet_ptr(key, addr, sz) \
- OSSL_PARAM_DEFN((key), OSSL_PARAM_OCTET_PTR, &(addr), sz)
+ OSSL_PARAM_DEFN((key), OSSL_PARAM_OCTET_PTR, (addr), sz)
/* Search an OSSL_PARAM array for a matching name */
OSSL_PARAM *OSSL_PARAM_locate(OSSL_PARAM *p, const char *key);
@@ -142,9 +143,17 @@ int OSSL_PARAM_get_octet_ptr(const OSSL_PARAM *p, const void **val,
int OSSL_PARAM_set_octet_ptr(OSSL_PARAM *p, const void *val,
size_t used_len);
+int OSSL_PARAM_get_utf8_string_ptr(const OSSL_PARAM *p, const char **val);
+int OSSL_PARAM_get_octet_string_ptr(const OSSL_PARAM *p, const void **val,
+ size_t *used_len);
+
int OSSL_PARAM_modified(const OSSL_PARAM *p);
void OSSL_PARAM_set_all_unmodified(OSSL_PARAM *p);
+OSSL_PARAM *OSSL_PARAM_dup(const OSSL_PARAM *p);
+OSSL_PARAM *OSSL_PARAM_merge(const OSSL_PARAM *p1, const OSSL_PARAM *p2);
+void OSSL_PARAM_free(OSSL_PARAM *p);
+
# ifdef __cplusplus
}
# endif
diff --git a/openssl/include/openssl/pem.h b/openssl/include/openssl/pem.h
index 57e3ec86..f42021cc 100644..100755
--- a/openssl/include/openssl/pem.h
+++ b/openssl/include/openssl/pem.h
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -66,13 +66,33 @@ extern "C" {
* IMPLEMENT_PEM_rw_cb(...)
*/
-# define PEM_write_fnsig(name, type, OUTTYPE, writename) \
+# define PEM_read_cb_fnsig(name, type, INTYPE, readname) \
+ type *PEM_##readname##_##name(INTYPE *out, type **x, \
+ pem_password_cb *cb, void *u)
+# define PEM_read_cb_ex_fnsig(name, type, INTYPE, readname) \
+ type *PEM_##readname##_##name##_ex(INTYPE *out, type **x, \
+ pem_password_cb *cb, void *u, \
+ OSSL_LIB_CTX *libctx, \
+ const char *propq)
+
+# define PEM_write_fnsig(name, type, OUTTYPE, writename) \
int PEM_##writename##_##name(OUTTYPE *out, const type *x)
# define PEM_write_cb_fnsig(name, type, OUTTYPE, writename) \
int PEM_##writename##_##name(OUTTYPE *out, const type *x, \
const EVP_CIPHER *enc, \
const unsigned char *kstr, int klen, \
pem_password_cb *cb, void *u)
+# define PEM_write_ex_fnsig(name, type, OUTTYPE, writename) \
+ int PEM_##writename##_##name##_ex(OUTTYPE *out, const type *x, \
+ OSSL_LIB_CTX *libctx, \
+ const char *propq)
+# define PEM_write_cb_ex_fnsig(name, type, OUTTYPE, writename) \
+ int PEM_##writename##_##name##_ex(OUTTYPE *out, const type *x, \
+ const EVP_CIPHER *enc, \
+ const unsigned char *kstr, int klen, \
+ pem_password_cb *cb, void *u, \
+ OSSL_LIB_CTX *libctx, \
+ const char *propq)
# ifdef OPENSSL_NO_STDIO
@@ -191,72 +211,160 @@ extern "C" {
/* These are the same except they are for the declarations */
+/*
+ * The mysterious 'extern' that's passed to some macros is innocuous,
+ * and is there to quiet pre-C99 compilers that may complain about empty
+ * arguments in macro calls.
+ */
# if defined(OPENSSL_NO_STDIO)
-# define DECLARE_PEM_read_fp(name, type) /**/
-# define DECLARE_PEM_write_fp(name, type) /**/
+# define DECLARE_PEM_read_fp_attr(attr, name, type) /**/
+# define DECLARE_PEM_read_fp_ex_attr(attr, name, type) /**/
+# define DECLARE_PEM_write_fp_attr(attr, name, type) /**/
+# define DECLARE_PEM_write_fp_ex_attr(attr, name, type) /**/
# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define DECLARE_PEM_write_fp_const(name, type) /**/
+# define DECLARE_PEM_write_fp_const_attr(attr, name, type) /**/
# endif
-# define DECLARE_PEM_write_cb_fp(name, type) /**/
-# else
-
-# define DECLARE_PEM_read_fp(name, type) \
- type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u);
+# define DECLARE_PEM_write_cb_fp_attr(attr, name, type) /**/
+# define DECLARE_PEM_write_cb_fp_ex_attr(attr, name, type) /**/
-# define DECLARE_PEM_write_fp(name, type) \
- PEM_write_fnsig(name, type, FILE, write);
+# else
+# define DECLARE_PEM_read_fp_attr(attr, name, type) \
+ attr PEM_read_cb_fnsig(name, type, FILE, read);
+# define DECLARE_PEM_read_fp_ex_attr(attr, name, type) \
+ attr PEM_read_cb_fnsig(name, type, FILE, read); \
+ attr PEM_read_cb_ex_fnsig(name, type, FILE, read);
+
+# define DECLARE_PEM_write_fp_attr(attr, name, type) \
+ attr PEM_write_fnsig(name, type, FILE, write);
+# define DECLARE_PEM_write_fp_ex_attr(attr, name, type) \
+ attr PEM_write_fnsig(name, type, FILE, write); \
+ attr PEM_write_ex_fnsig(name, type, FILE, write);
# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define DECLARE_PEM_write_fp_const(name, type) \
- PEM_write_fnsig(name, type, FILE, write);
+# define DECLARE_PEM_write_fp_const_attr(attr, name, type) \
+ attr PEM_write_fnsig(name, type, FILE, write);
# endif
-
-# define DECLARE_PEM_write_cb_fp(name, type) \
- PEM_write_cb_fnsig(name, type, FILE, write);
+# define DECLARE_PEM_write_cb_fp_attr(attr, name, type) \
+ attr PEM_write_cb_fnsig(name, type, FILE, write);
+# define DECLARE_PEM_write_cb_fp_ex_attr(attr, name, type) \
+ attr PEM_write_cb_fnsig(name, type, FILE, write); \
+ attr PEM_write_cb_ex_fnsig(name, type, FILE, write);
# endif
-# define DECLARE_PEM_read_bio(name, type) \
- type *PEM_read_bio_##name(BIO *bp, type **x, \
- pem_password_cb *cb, void *u);
-
-# define DECLARE_PEM_write_bio(name, type) \
- PEM_write_fnsig(name, type, BIO, write_bio);
-
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define DECLARE_PEM_write_bio_const(name, type) \
- PEM_write_fnsig(name, type, BIO, write_bio);
-# endif
+# define DECLARE_PEM_read_fp(name, type) \
+ DECLARE_PEM_read_fp_attr(extern, name, type)
+# define DECLARE_PEM_write_fp(name, type) \
+ DECLARE_PEM_write_fp_attr(extern, name, type)
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define DECLARE_PEM_write_fp_const(name, type) \
+ DECLARE_PEM_write_fp_const_attr(extern, name, type)
+# endif
+# define DECLARE_PEM_write_cb_fp(name, type) \
+ DECLARE_PEM_write_cb_fp_attr(extern, name, type)
+
+# define DECLARE_PEM_read_bio_attr(attr, name, type) \
+ attr PEM_read_cb_fnsig(name, type, BIO, read_bio);
+# define DECLARE_PEM_read_bio_ex_attr(attr, name, type) \
+ attr PEM_read_cb_fnsig(name, type, BIO, read_bio); \
+ attr PEM_read_cb_ex_fnsig(name, type, BIO, read_bio);
+# define DECLARE_PEM_read_bio(name, type) \
+ DECLARE_PEM_read_bio_attr(extern, name, type)
+# define DECLARE_PEM_read_bio_ex(name, type) \
+ DECLARE_PEM_read_bio_ex_attr(extern, name, type)
+
+# define DECLARE_PEM_write_bio_attr(attr, name, type) \
+ attr PEM_write_fnsig(name, type, BIO, write_bio);
+# define DECLARE_PEM_write_bio_ex_attr(attr, name, type) \
+ attr PEM_write_fnsig(name, type, BIO, write_bio); \
+ attr PEM_write_ex_fnsig(name, type, BIO, write_bio);
+# define DECLARE_PEM_write_bio(name, type) \
+ DECLARE_PEM_write_bio_attr(extern, name, type)
+# define DECLARE_PEM_write_bio_ex(name, type) \
+ DECLARE_PEM_write_bio_ex_attr(extern, name, type)
-# define DECLARE_PEM_write_cb_bio(name, type) \
- PEM_write_cb_fnsig(name, type, BIO, write_bio);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define DECLARE_PEM_write_bio_const_attr(attr, name, type) \
+ attr PEM_write_fnsig(name, type, BIO, write_bio);
+# define DECLARE_PEM_write_bio_const(name, type) \
+ DECLARE_PEM_write_bio_const_attr(extern, name, type)
+# endif
+# define DECLARE_PEM_write_cb_bio_attr(attr, name, type) \
+ attr PEM_write_cb_fnsig(name, type, BIO, write_bio);
+# define DECLARE_PEM_write_cb_bio_ex_attr(attr, name, type) \
+ attr PEM_write_cb_fnsig(name, type, BIO, write_bio); \
+ attr PEM_write_cb_ex_fnsig(name, type, BIO, write_bio);
+# define DECLARE_PEM_write_cb_bio(name, type) \
+ DECLARE_PEM_write_cb_bio_attr(extern, name, type)
+# define DECLARE_PEM_write_cb_ex_bio(name, type) \
+ DECLARE_PEM_write_cb_bio_ex_attr(extern, name, type)
+
+# define DECLARE_PEM_write_attr(attr, name, type) \
+ DECLARE_PEM_write_bio_attr(attr, name, type) \
+ DECLARE_PEM_write_fp_attr(attr, name, type)
+# define DECLARE_PEM_write_ex_attr(attr, name, type) \
+ DECLARE_PEM_write_bio_ex_attr(attr, name, type) \
+ DECLARE_PEM_write_fp_ex_attr(attr, name, type)
# define DECLARE_PEM_write(name, type) \
- DECLARE_PEM_write_bio(name, type) \
- DECLARE_PEM_write_fp(name, type)
+ DECLARE_PEM_write_attr(extern, name, type)
+# define DECLARE_PEM_write_ex(name, type) \
+ DECLARE_PEM_write_ex_attr(extern, name, type)
# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define DECLARE_PEM_write_const(name, type) \
- DECLARE_PEM_write_bio_const(name, type) \
- DECLARE_PEM_write_fp_const(name, type)
+# define DECLARE_PEM_write_const_attr(attr, name, type) \
+ DECLARE_PEM_write_bio_const_attr(attr, name, type) \
+ DECLARE_PEM_write_fp_const_attr(attr, name, type)
+# define DECLARE_PEM_write_const(name, type) \
+ DECLARE_PEM_write_const_attr(extern, name, type)
# endif
-# define DECLARE_PEM_write_cb(name, type) \
- DECLARE_PEM_write_cb_bio(name, type) \
- DECLARE_PEM_write_cb_fp(name, type)
-# define DECLARE_PEM_read(name, type) \
- DECLARE_PEM_read_bio(name, type) \
- DECLARE_PEM_read_fp(name, type)
+# define DECLARE_PEM_write_cb_attr(attr, name, type) \
+ DECLARE_PEM_write_cb_bio_attr(attr, name, type) \
+ DECLARE_PEM_write_cb_fp_attr(attr, name, type)
+# define DECLARE_PEM_write_cb_ex_attr(attr, name, type) \
+ DECLARE_PEM_write_cb_bio_ex_attr(attr, name, type) \
+ DECLARE_PEM_write_cb_fp_ex_attr(attr, name, type)
+# define DECLARE_PEM_write_cb(name, type) \
+ DECLARE_PEM_write_cb_attr(extern, name, type)
+# define DECLARE_PEM_write_cb_ex(name, type) \
+ DECLARE_PEM_write_cb_ex_attr(extern, name, type)
+# define DECLARE_PEM_read_attr(attr, name, type) \
+ DECLARE_PEM_read_bio_attr(attr, name, type) \
+ DECLARE_PEM_read_fp_attr(attr, name, type)
+# define DECLARE_PEM_read_ex_attr(attr, name, type) \
+ DECLARE_PEM_read_bio_ex_attr(attr, name, type) \
+ DECLARE_PEM_read_fp_ex_attr(attr, name, type)
+# define DECLARE_PEM_read(name, type) \
+ DECLARE_PEM_read_attr(extern, name, type)
+# define DECLARE_PEM_read_ex(name, type) \
+ DECLARE_PEM_read_ex_attr(extern, name, type)
+# define DECLARE_PEM_rw_attr(attr, name, type) \
+ DECLARE_PEM_read_attr(attr, name, type) \
+ DECLARE_PEM_write_attr(attr, name, type)
+# define DECLARE_PEM_rw_ex_attr(attr, name, type) \
+ DECLARE_PEM_read_ex_attr(attr, name, type) \
+ DECLARE_PEM_write_ex_attr(attr, name, type)
# define DECLARE_PEM_rw(name, type) \
- DECLARE_PEM_read(name, type) \
- DECLARE_PEM_write(name, type)
+ DECLARE_PEM_rw_attr(extern, name, type)
+# define DECLARE_PEM_rw_ex(name, type) \
+ DECLARE_PEM_rw_ex_attr(extern, name, type)
# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define DECLARE_PEM_rw_const_attr(attr, name, type) \
+ DECLARE_PEM_read_attr(attr, name, type) \
+ DECLARE_PEM_write_const_attr(attr, name, type)
# define DECLARE_PEM_rw_const(name, type) \
- DECLARE_PEM_read(name, type) \
- DECLARE_PEM_write_const(name, type)
+ DECLARE_PEM_rw_const_attr(extern, name, type)
# endif
+# define DECLARE_PEM_rw_cb_attr(attr, name, type) \
+ DECLARE_PEM_read_attr(attr, name, type) \
+ DECLARE_PEM_write_cb_attr(attr, name, type)
+# define DECLARE_PEM_rw_cb_ex_attr(attr, name, type) \
+ DECLARE_PEM_read_ex_attr(attr, name, type) \
+ DECLARE_PEM_write_cb_ex_attr(attr, name, type)
# define DECLARE_PEM_rw_cb(name, type) \
- DECLARE_PEM_read(name, type) \
- DECLARE_PEM_write_cb(name, type)
+ DECLARE_PEM_rw_cb_attr(extern, name, type)
+# define DECLARE_PEM_rw_cb_ex(name, type) \
+ DECLARE_PEM_rw_cb_ex_attr(extern, name, type)
int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher);
int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *len,
@@ -286,6 +394,11 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk,
pem_password_cb *cb, void *u);
+STACK_OF(X509_INFO)
+*PEM_X509_INFO_read_bio_ex(BIO *bp, STACK_OF(X509_INFO) *sk,
+ pem_password_cb *cb, void *u, OSSL_LIB_CTX *libctx,
+ const char *propq);
+
int PEM_X509_INFO_write_bio(BIO *bp, const X509_INFO *xi, EVP_CIPHER *enc,
const unsigned char *kstr, int klen,
pem_password_cb *cd, void *u);
@@ -303,6 +416,9 @@ int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp,
pem_password_cb *callback, void *u);
STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk,
pem_password_cb *cb, void *u);
+STACK_OF(X509_INFO)
+*PEM_X509_INFO_read_ex(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb,
+ void *u, OSSL_LIB_CTX *libctx, const char *propq);
#endif
int PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type);
@@ -327,35 +443,35 @@ DECLARE_PEM_rw(PKCS7, PKCS7)
DECLARE_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE)
DECLARE_PEM_rw(PKCS8, X509_SIG)
DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO)
-# ifndef OPENSSL_NO_RSA
-DECLARE_PEM_rw_cb(RSAPrivateKey, RSA)
-DECLARE_PEM_rw(RSAPublicKey, RSA)
-DECLARE_PEM_rw(RSA_PUBKEY, RSA)
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+DECLARE_PEM_rw_cb_attr(OSSL_DEPRECATEDIN_3_0, RSAPrivateKey, RSA)
+DECLARE_PEM_rw_attr(OSSL_DEPRECATEDIN_3_0, RSAPublicKey, RSA)
+DECLARE_PEM_rw_attr(OSSL_DEPRECATEDIN_3_0, RSA_PUBKEY, RSA)
# endif
-# ifndef OPENSSL_NO_DSA
-DECLARE_PEM_rw_cb(DSAPrivateKey, DSA)
-DECLARE_PEM_rw(DSA_PUBKEY, DSA)
-DECLARE_PEM_rw(DSAparams, DSA)
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# ifndef OPENSSL_NO_DSA
+DECLARE_PEM_rw_cb_attr(OSSL_DEPRECATEDIN_3_0, DSAPrivateKey, DSA)
+DECLARE_PEM_rw_attr(OSSL_DEPRECATEDIN_3_0, DSA_PUBKEY, DSA)
+DECLARE_PEM_rw_attr(OSSL_DEPRECATEDIN_3_0, DSAparams, DSA)
+# endif
# endif
-# ifndef OPENSSL_NO_EC
-DECLARE_PEM_rw(ECPKParameters, EC_GROUP)
-DECLARE_PEM_rw_cb(ECPrivateKey, EC_KEY)
-DECLARE_PEM_rw(EC_PUBKEY, EC_KEY)
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# ifndef OPENSSL_NO_EC
+DECLARE_PEM_rw_attr(OSSL_DEPRECATEDIN_3_0, ECPKParameters, EC_GROUP)
+DECLARE_PEM_rw_cb_attr(OSSL_DEPRECATEDIN_3_0, ECPrivateKey, EC_KEY)
+DECLARE_PEM_rw_attr(OSSL_DEPRECATEDIN_3_0, EC_PUBKEY, EC_KEY)
+# endif
# endif
+
# ifndef OPENSSL_NO_DH
-DECLARE_PEM_rw(DHparams, DH)
-DECLARE_PEM_write(DHxparams, DH)
-# endif
-DECLARE_PEM_rw_cb(PrivateKey, EVP_PKEY)
-EVP_PKEY *PEM_read_bio_PrivateKey_ex(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
- void *u, OPENSSL_CTX *libctx,
- const char *propq);
-# ifndef OPENSSL_NO_STDIO
-EVP_PKEY *PEM_read_PrivateKey_ex(FILE *fp, EVP_PKEY **x, pem_password_cb *cb,
- void *u, OPENSSL_CTX *libctx,
- const char *propq);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+DECLARE_PEM_rw_attr(OSSL_DEPRECATEDIN_3_0, DHparams, DH)
+DECLARE_PEM_write_attr(OSSL_DEPRECATEDIN_3_0, DHxparams, DH)
+# endif
# endif
-DECLARE_PEM_rw(PUBKEY, EVP_PKEY)
+DECLARE_PEM_rw_cb_ex(PrivateKey, EVP_PKEY)
+DECLARE_PEM_rw_ex(PUBKEY, EVP_PKEY)
int PEM_write_bio_PrivateKey_traditional(BIO *bp, const EVP_PKEY *x,
const EVP_CIPHER *enc,
@@ -396,22 +512,25 @@ int PEM_write_PKCS8PrivateKey(FILE *fp, const EVP_PKEY *x, const EVP_CIPHER *enc
const char *kstr, int klen,
pem_password_cb *cd, void *u);
# endif
+EVP_PKEY *PEM_read_bio_Parameters_ex(BIO *bp, EVP_PKEY **x,
+ OSSL_LIB_CTX *libctx, const char *propq);
EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x);
int PEM_write_bio_Parameters(BIO *bp, const EVP_PKEY *x);
-# ifndef OPENSSL_NO_DSA
EVP_PKEY *b2i_PrivateKey(const unsigned char **in, long length);
EVP_PKEY *b2i_PublicKey(const unsigned char **in, long length);
EVP_PKEY *b2i_PrivateKey_bio(BIO *in);
EVP_PKEY *b2i_PublicKey_bio(BIO *in);
int i2b_PrivateKey_bio(BIO *out, const EVP_PKEY *pk);
int i2b_PublicKey_bio(BIO *out, const EVP_PKEY *pk);
-# ifndef OPENSSL_NO_RC4
EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u);
+EVP_PKEY *b2i_PVK_bio_ex(BIO *in, pem_password_cb *cb, void *u,
+ OSSL_LIB_CTX *libctx, const char *propq);
int i2b_PVK_bio(BIO *out, const EVP_PKEY *pk, int enclevel,
pem_password_cb *cb, void *u);
-# endif
-# endif
+int i2b_PVK_bio_ex(BIO *out, const EVP_PKEY *pk, int enclevel,
+ pem_password_cb *cb, void *u,
+ OSSL_LIB_CTX *libctx, const char *propq);
# ifdef __cplusplus
}
diff --git a/openssl/include/openssl/pem2.h b/openssl/include/openssl/pem2.h
index 64e6ffdc..64e6ffdc 100644..100755
--- a/openssl/include/openssl/pem2.h
+++ b/openssl/include/openssl/pem2.h
diff --git a/openssl/include/openssl/pemerr.h b/openssl/include/openssl/pemerr.h
index 1291c77f..71cd1ad4 100644..100755
--- a/openssl/include/openssl/pemerr.h
+++ b/openssl/include/openssl/pemerr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -14,60 +14,9 @@
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
+# include <openssl/cryptoerr_legacy.h>
-# ifdef __cplusplus
-extern "C"
-# endif
-int ERR_load_PEM_strings(void);
-
-/*
- * PEM function codes.
- */
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define PEM_F_B2I_DSS 0
-# define PEM_F_B2I_PVK_BIO 0
-# define PEM_F_B2I_RSA 0
-# define PEM_F_CHECK_BITLEN_DSA 0
-# define PEM_F_CHECK_BITLEN_RSA 0
-# define PEM_F_D2I_PKCS8PRIVATEKEY_BIO 0
-# define PEM_F_D2I_PKCS8PRIVATEKEY_FP 0
-# define PEM_F_DO_B2I 0
-# define PEM_F_DO_B2I_BIO 0
-# define PEM_F_DO_BLOB_HEADER 0
-# define PEM_F_DO_I2B 0
-# define PEM_F_DO_PK8PKEY 0
-# define PEM_F_DO_PK8PKEY_FP 0
-# define PEM_F_DO_PVK_BODY 0
-# define PEM_F_DO_PVK_HEADER 0
-# define PEM_F_GET_HEADER_AND_DATA 0
-# define PEM_F_GET_NAME 0
-# define PEM_F_I2B_PVK 0
-# define PEM_F_I2B_PVK_BIO 0
-# define PEM_F_LOAD_IV 0
-# define PEM_F_PEM_ASN1_READ 0
-# define PEM_F_PEM_ASN1_READ_BIO 0
-# define PEM_F_PEM_ASN1_WRITE 0
-# define PEM_F_PEM_ASN1_WRITE_BIO 0
-# define PEM_F_PEM_DEF_CALLBACK 0
-# define PEM_F_PEM_DO_HEADER 0
-# define PEM_F_PEM_GET_EVP_CIPHER_INFO 0
-# define PEM_F_PEM_READ 0
-# define PEM_F_PEM_READ_BIO 0
-# define PEM_F_PEM_READ_BIO_DHPARAMS 0
-# define PEM_F_PEM_READ_BIO_EX 0
-# define PEM_F_PEM_READ_BIO_PARAMETERS 0
-# define PEM_F_PEM_READ_BIO_PRIVATEKEY 0
-# define PEM_F_PEM_READ_DHPARAMS 0
-# define PEM_F_PEM_READ_PRIVATEKEY 0
-# define PEM_F_PEM_SIGNFINAL 0
-# define PEM_F_PEM_WRITE 0
-# define PEM_F_PEM_WRITE_BIO 0
-# define PEM_F_PEM_WRITE_PRIVATEKEY 0
-# define PEM_F_PEM_X509_INFO_READ 0
-# define PEM_F_PEM_X509_INFO_READ_BIO 0
-# define PEM_F_PEM_X509_INFO_WRITE_BIO 0
-# endif
/*
* PEM reason codes.
@@ -82,8 +31,10 @@ int ERR_load_PEM_strings(void);
# define PEM_R_BIO_WRITE_FAILURE 118
# define PEM_R_CIPHER_IS_NULL 127
# define PEM_R_ERROR_CONVERTING_PRIVATE_KEY 115
+# define PEM_R_EXPECTING_DSS_KEY_BLOB 131
# define PEM_R_EXPECTING_PRIVATE_KEY_BLOB 119
# define PEM_R_EXPECTING_PUBLIC_KEY_BLOB 120
+# define PEM_R_EXPECTING_RSA_KEY_BLOB 132
# define PEM_R_HEADER_TOO_LONG 128
# define PEM_R_INCONSISTENT_HEADER 121
# define PEM_R_KEYBLOB_HEADER_PARSE_ERROR 122
@@ -102,5 +53,6 @@ int ERR_load_PEM_strings(void);
# define PEM_R_UNSUPPORTED_CIPHER 113
# define PEM_R_UNSUPPORTED_ENCRYPTION 114
# define PEM_R_UNSUPPORTED_KEY_COMPONENTS 126
+# define PEM_R_UNSUPPORTED_PUBLIC_KEY_TYPE 110
#endif
diff --git a/openssl/include/openssl/pkcs12.h b/openssl/include/openssl/pkcs12.h
index cfa57a43..45e0ab43 100644..100755
--- a/openssl/include/openssl/pkcs12.h
+++ b/openssl/include/openssl/pkcs12.h
@@ -1,5 +1,8 @@
/*
- * Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * WARNING: do not edit!
+ * Generated by makefile from include\openssl\pkcs12.h.in
+ *
+ * Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -7,6 +10,8 @@
* https://www.openssl.org/source/license.html
*/
+
+
#ifndef OPENSSL_PKCS12_H
# define OPENSSL_PKCS12_H
# pragma once
@@ -17,6 +22,7 @@
# endif
# include <openssl/bio.h>
+# include <openssl/core.h>
# include <openssl/x509.h>
# include <openssl/pkcs12err.h>
@@ -52,7 +58,33 @@ typedef struct PKCS12_st PKCS12;
typedef struct PKCS12_SAFEBAG_st PKCS12_SAFEBAG;
-DEFINE_OR_DECLARE_STACK_OF(PKCS12_SAFEBAG)
+SKM_DEFINE_STACK_OF_INTERNAL(PKCS12_SAFEBAG, PKCS12_SAFEBAG, PKCS12_SAFEBAG)
+#define sk_PKCS12_SAFEBAG_num(sk) OPENSSL_sk_num(ossl_check_const_PKCS12_SAFEBAG_sk_type(sk))
+#define sk_PKCS12_SAFEBAG_value(sk, idx) ((PKCS12_SAFEBAG *)OPENSSL_sk_value(ossl_check_const_PKCS12_SAFEBAG_sk_type(sk), (idx)))
+#define sk_PKCS12_SAFEBAG_new(cmp) ((STACK_OF(PKCS12_SAFEBAG) *)OPENSSL_sk_new(ossl_check_PKCS12_SAFEBAG_compfunc_type(cmp)))
+#define sk_PKCS12_SAFEBAG_new_null() ((STACK_OF(PKCS12_SAFEBAG) *)OPENSSL_sk_new_null())
+#define sk_PKCS12_SAFEBAG_new_reserve(cmp, n) ((STACK_OF(PKCS12_SAFEBAG) *)OPENSSL_sk_new_reserve(ossl_check_PKCS12_SAFEBAG_compfunc_type(cmp), (n)))
+#define sk_PKCS12_SAFEBAG_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_PKCS12_SAFEBAG_sk_type(sk), (n))
+#define sk_PKCS12_SAFEBAG_free(sk) OPENSSL_sk_free(ossl_check_PKCS12_SAFEBAG_sk_type(sk))
+#define sk_PKCS12_SAFEBAG_zero(sk) OPENSSL_sk_zero(ossl_check_PKCS12_SAFEBAG_sk_type(sk))
+#define sk_PKCS12_SAFEBAG_delete(sk, i) ((PKCS12_SAFEBAG *)OPENSSL_sk_delete(ossl_check_PKCS12_SAFEBAG_sk_type(sk), (i)))
+#define sk_PKCS12_SAFEBAG_delete_ptr(sk, ptr) ((PKCS12_SAFEBAG *)OPENSSL_sk_delete_ptr(ossl_check_PKCS12_SAFEBAG_sk_type(sk), ossl_check_PKCS12_SAFEBAG_type(ptr)))
+#define sk_PKCS12_SAFEBAG_push(sk, ptr) OPENSSL_sk_push(ossl_check_PKCS12_SAFEBAG_sk_type(sk), ossl_check_PKCS12_SAFEBAG_type(ptr))
+#define sk_PKCS12_SAFEBAG_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_PKCS12_SAFEBAG_sk_type(sk), ossl_check_PKCS12_SAFEBAG_type(ptr))
+#define sk_PKCS12_SAFEBAG_pop(sk) ((PKCS12_SAFEBAG *)OPENSSL_sk_pop(ossl_check_PKCS12_SAFEBAG_sk_type(sk)))
+#define sk_PKCS12_SAFEBAG_shift(sk) ((PKCS12_SAFEBAG *)OPENSSL_sk_shift(ossl_check_PKCS12_SAFEBAG_sk_type(sk)))
+#define sk_PKCS12_SAFEBAG_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_PKCS12_SAFEBAG_sk_type(sk),ossl_check_PKCS12_SAFEBAG_freefunc_type(freefunc))
+#define sk_PKCS12_SAFEBAG_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_PKCS12_SAFEBAG_sk_type(sk), ossl_check_PKCS12_SAFEBAG_type(ptr), (idx))
+#define sk_PKCS12_SAFEBAG_set(sk, idx, ptr) ((PKCS12_SAFEBAG *)OPENSSL_sk_set(ossl_check_PKCS12_SAFEBAG_sk_type(sk), (idx), ossl_check_PKCS12_SAFEBAG_type(ptr)))
+#define sk_PKCS12_SAFEBAG_find(sk, ptr) OPENSSL_sk_find(ossl_check_PKCS12_SAFEBAG_sk_type(sk), ossl_check_PKCS12_SAFEBAG_type(ptr))
+#define sk_PKCS12_SAFEBAG_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_PKCS12_SAFEBAG_sk_type(sk), ossl_check_PKCS12_SAFEBAG_type(ptr))
+#define sk_PKCS12_SAFEBAG_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_PKCS12_SAFEBAG_sk_type(sk), ossl_check_PKCS12_SAFEBAG_type(ptr), pnum)
+#define sk_PKCS12_SAFEBAG_sort(sk) OPENSSL_sk_sort(ossl_check_PKCS12_SAFEBAG_sk_type(sk))
+#define sk_PKCS12_SAFEBAG_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_PKCS12_SAFEBAG_sk_type(sk))
+#define sk_PKCS12_SAFEBAG_dup(sk) ((STACK_OF(PKCS12_SAFEBAG) *)OPENSSL_sk_dup(ossl_check_const_PKCS12_SAFEBAG_sk_type(sk)))
+#define sk_PKCS12_SAFEBAG_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(PKCS12_SAFEBAG) *)OPENSSL_sk_deep_copy(ossl_check_const_PKCS12_SAFEBAG_sk_type(sk), ossl_check_PKCS12_SAFEBAG_copyfunc_type(copyfunc), ossl_check_PKCS12_SAFEBAG_freefunc_type(freefunc)))
+#define sk_PKCS12_SAFEBAG_set_cmp_func(sk, cmp) ((sk_PKCS12_SAFEBAG_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_PKCS12_SAFEBAG_sk_type(sk), ossl_check_PKCS12_SAFEBAG_compfunc_type(cmp)))
+
typedef struct pkcs12_bag_st PKCS12_BAGS;
@@ -77,8 +109,10 @@ typedef struct pkcs12_bag_st PKCS12_BAGS;
# define PKCS12_MAKE_SHKEYBAG PKCS12_SAFEBAG_create_pkcs8_encrypt
#endif
-
-DEPRECATEDIN_1_1_0(ASN1_TYPE *PKCS12_get_attr(const PKCS12_SAFEBAG *bag, int attr_nid))
+#ifndef OPENSSL_NO_DEPRECATED_1_1_0
+OSSL_DEPRECATEDIN_1_1_0 ASN1_TYPE *PKCS12_get_attr(const PKCS12_SAFEBAG *bag,
+ int attr_nid);
+#endif
ASN1_TYPE *PKCS8_get_attr(PKCS8_PRIV_KEY_INFO *p8, int attr_nid);
int PKCS12_mac_present(const PKCS12 *p12);
@@ -93,6 +127,8 @@ const ASN1_TYPE *PKCS12_SAFEBAG_get0_attr(const PKCS12_SAFEBAG *bag,
const ASN1_OBJECT *PKCS12_SAFEBAG_get0_type(const PKCS12_SAFEBAG *bag);
int PKCS12_SAFEBAG_get_nid(const PKCS12_SAFEBAG *bag);
int PKCS12_SAFEBAG_get_bag_nid(const PKCS12_SAFEBAG *bag);
+const ASN1_TYPE *PKCS12_SAFEBAG_get0_bag_obj(const PKCS12_SAFEBAG *bag);
+const ASN1_OBJECT *PKCS12_SAFEBAG_get0_bag_type(const PKCS12_SAFEBAG *bag);
X509 *PKCS12_SAFEBAG_get1_cert(const PKCS12_SAFEBAG *bag);
X509_CRL *PKCS12_SAFEBAG_get1_crl(const PKCS12_SAFEBAG *bag);
@@ -103,6 +139,7 @@ const X509_SIG *PKCS12_SAFEBAG_get0_pkcs8(const PKCS12_SAFEBAG *bag);
PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_cert(X509 *x509);
PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_crl(X509_CRL *crl);
+PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_secret(int type, int vtype, const unsigned char *value, int len);
PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_p8inf(PKCS8_PRIV_KEY_INFO *p8);
PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_pkcs8(X509_SIG *p8);
PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_pkcs8_encrypt(int pbe_nid,
@@ -111,23 +148,50 @@ PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_pkcs8_encrypt(int pbe_nid,
unsigned char *salt,
int saltlen, int iter,
PKCS8_PRIV_KEY_INFO *p8inf);
+PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_pkcs8_encrypt_ex(int pbe_nid,
+ const char *pass,
+ int passlen,
+ unsigned char *salt,
+ int saltlen, int iter,
+ PKCS8_PRIV_KEY_INFO *p8inf,
+ OSSL_LIB_CTX *ctx,
+ const char *propq);
PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it,
int nid1, int nid2);
PKCS8_PRIV_KEY_INFO *PKCS8_decrypt(const X509_SIG *p8, const char *pass,
int passlen);
+PKCS8_PRIV_KEY_INFO *PKCS8_decrypt_ex(const X509_SIG *p8, const char *pass,
+ int passlen, OSSL_LIB_CTX *ctx,
+ const char *propq);
PKCS8_PRIV_KEY_INFO *PKCS12_decrypt_skey(const PKCS12_SAFEBAG *bag,
const char *pass, int passlen);
+PKCS8_PRIV_KEY_INFO *PKCS12_decrypt_skey_ex(const PKCS12_SAFEBAG *bag,
+ const char *pass, int passlen,
+ OSSL_LIB_CTX *ctx,
+ const char *propq);
X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher,
const char *pass, int passlen, unsigned char *salt,
int saltlen, int iter, PKCS8_PRIV_KEY_INFO *p8);
+X509_SIG *PKCS8_encrypt_ex(int pbe_nid, const EVP_CIPHER *cipher,
+ const char *pass, int passlen, unsigned char *salt,
+ int saltlen, int iter, PKCS8_PRIV_KEY_INFO *p8,
+ OSSL_LIB_CTX *ctx, const char *propq);
X509_SIG *PKCS8_set0_pbe(const char *pass, int passlen,
PKCS8_PRIV_KEY_INFO *p8inf, X509_ALGOR *pbe);
+X509_SIG *PKCS8_set0_pbe_ex(const char *pass, int passlen,
+ PKCS8_PRIV_KEY_INFO *p8inf, X509_ALGOR *pbe,
+ OSSL_LIB_CTX *ctx, const char *propq);
PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk);
STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7);
PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen,
unsigned char *salt, int saltlen, int iter,
STACK_OF(PKCS12_SAFEBAG) *bags);
+PKCS7 *PKCS12_pack_p7encdata_ex(int pbe_nid, const char *pass, int passlen,
+ unsigned char *salt, int saltlen, int iter,
+ STACK_OF(PKCS12_SAFEBAG) *bags,
+ OSSL_LIB_CTX *ctx, const char *propq);
+
STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7encdata(PKCS7 *p7, const char *pass,
int passlen);
@@ -144,6 +208,10 @@ int PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name,
int namelen);
int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag,
const unsigned char *name, int namelen);
+int PKCS12_add1_attr_by_NID(PKCS12_SAFEBAG *bag, int nid, int type,
+ const unsigned char *bytes, int len);
+int PKCS12_add1_attr_by_txt(PKCS12_SAFEBAG *bag, const char *attrname, int type,
+ const unsigned char *bytes, int len);
int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage);
ASN1_TYPE *PKCS12_get_attr_gen(const STACK_OF(X509_ATTRIBUTE) *attrs,
int attr_nid);
@@ -155,26 +223,62 @@ unsigned char *PKCS12_pbe_crypt(const X509_ALGOR *algor,
const unsigned char *in, int inlen,
unsigned char **data, int *datalen,
int en_de);
+unsigned char *PKCS12_pbe_crypt_ex(const X509_ALGOR *algor,
+ const char *pass, int passlen,
+ const unsigned char *in, int inlen,
+ unsigned char **data, int *datalen,
+ int en_de, OSSL_LIB_CTX *libctx,
+ const char *propq);
void *PKCS12_item_decrypt_d2i(const X509_ALGOR *algor, const ASN1_ITEM *it,
const char *pass, int passlen,
const ASN1_OCTET_STRING *oct, int zbuf);
+void *PKCS12_item_decrypt_d2i_ex(const X509_ALGOR *algor, const ASN1_ITEM *it,
+ const char *pass, int passlen,
+ const ASN1_OCTET_STRING *oct, int zbuf,
+ OSSL_LIB_CTX *libctx,
+ const char *propq);
ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor,
const ASN1_ITEM *it,
const char *pass, int passlen,
void *obj, int zbuf);
+ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt_ex(X509_ALGOR *algor,
+ const ASN1_ITEM *it,
+ const char *pass, int passlen,
+ void *obj, int zbuf,
+ OSSL_LIB_CTX *ctx,
+ const char *propq);
PKCS12 *PKCS12_init(int mode);
+PKCS12 *PKCS12_init_ex(int mode, OSSL_LIB_CTX *ctx, const char *propq);
+
int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
int saltlen, int id, int iter, int n,
unsigned char *out, const EVP_MD *md_type);
+int PKCS12_key_gen_asc_ex(const char *pass, int passlen, unsigned char *salt,
+ int saltlen, int id, int iter, int n,
+ unsigned char *out, const EVP_MD *md_type,
+ OSSL_LIB_CTX *ctx, const char *propq);
int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
int saltlen, int id, int iter, int n,
unsigned char *out, const EVP_MD *md_type);
+int PKCS12_key_gen_uni_ex(unsigned char *pass, int passlen, unsigned char *salt,
+ int saltlen, int id, int iter, int n,
+ unsigned char *out, const EVP_MD *md_type,
+ OSSL_LIB_CTX *ctx, const char *propq);
int PKCS12_key_gen_utf8(const char *pass, int passlen, unsigned char *salt,
int saltlen, int id, int iter, int n,
unsigned char *out, const EVP_MD *md_type);
+int PKCS12_key_gen_utf8_ex(const char *pass, int passlen, unsigned char *salt,
+ int saltlen, int id, int iter, int n,
+ unsigned char *out, const EVP_MD *md_type,
+ OSSL_LIB_CTX *ctx, const char *propq);
+
int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
ASN1_TYPE *param, const EVP_CIPHER *cipher,
const EVP_MD *md_type, int en_de);
+int PKCS12_PBE_keyivgen_ex(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
+ ASN1_TYPE *param, const EVP_CIPHER *cipher,
+ const EVP_MD *md_type, int en_de,
+ OSSL_LIB_CTX *libctx, const char *propq);
int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
unsigned char *mac, unsigned int *maclen);
int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen);
@@ -204,14 +308,31 @@ int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
PKCS12 *PKCS12_create(const char *pass, const char *name, EVP_PKEY *pkey,
X509 *cert, STACK_OF(X509) *ca, int nid_key, int nid_cert,
int iter, int mac_iter, int keytype);
+PKCS12 *PKCS12_create_ex(const char *pass, const char *name, EVP_PKEY *pkey,
+ X509 *cert, STACK_OF(X509) *ca, int nid_key, int nid_cert,
+ int iter, int mac_iter, int keytype,
+ OSSL_LIB_CTX *ctx, const char *propq);
PKCS12_SAFEBAG *PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert);
PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags,
EVP_PKEY *key, int key_usage, int iter,
int key_nid, const char *pass);
+PKCS12_SAFEBAG *PKCS12_add_key_ex(STACK_OF(PKCS12_SAFEBAG) **pbags,
+ EVP_PKEY *key, int key_usage, int iter,
+ int key_nid, const char *pass,
+ OSSL_LIB_CTX *ctx, const char *propq);
+
+PKCS12_SAFEBAG *PKCS12_add_secret(STACK_OF(PKCS12_SAFEBAG) **pbags,
+ int nid_type, const unsigned char *value, int len);
int PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags,
int safe_nid, int iter, const char *pass);
+int PKCS12_add_safe_ex(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags,
+ int safe_nid, int iter, const char *pass,
+ OSSL_LIB_CTX *ctx, const char *propq);
+
PKCS12 *PKCS12_add_safes(STACK_OF(PKCS7) *safes, int p7_nid);
+PKCS12 *PKCS12_add_safes_ex(STACK_OF(PKCS7) *safes, int p7_nid,
+ OSSL_LIB_CTX *ctx, const char *propq);
int i2d_PKCS12_bio(BIO *bp, const PKCS12 *p12);
# ifndef OPENSSL_NO_STDIO
diff --git a/openssl/include/openssl/pkcs12err.h b/openssl/include/openssl/pkcs12err.h
index 18daf70a..e46e5aa0 100644..100755
--- a/openssl/include/openssl/pkcs12err.h
+++ b/openssl/include/openssl/pkcs12err.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -14,47 +14,9 @@
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
+# include <openssl/cryptoerr_legacy.h>
-# ifdef __cplusplus
-extern "C"
-# endif
-int ERR_load_PKCS12_strings(void);
-
-/*
- * PKCS12 function codes.
- */
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define PKCS12_F_OPENSSL_ASC2UNI 0
-# define PKCS12_F_OPENSSL_UNI2ASC 0
-# define PKCS12_F_OPENSSL_UNI2UTF8 0
-# define PKCS12_F_OPENSSL_UTF82UNI 0
-# define PKCS12_F_PKCS12_CREATE 0
-# define PKCS12_F_PKCS12_GEN_MAC 0
-# define PKCS12_F_PKCS12_INIT 0
-# define PKCS12_F_PKCS12_ITEM_DECRYPT_D2I 0
-# define PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT 0
-# define PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG 0
-# define PKCS12_F_PKCS12_KEY_GEN_ASC 0
-# define PKCS12_F_PKCS12_KEY_GEN_UNI 0
-# define PKCS12_F_PKCS12_KEY_GEN_UTF8 0
-# define PKCS12_F_PKCS12_NEWPASS 0
-# define PKCS12_F_PKCS12_PACK_P7DATA 0
-# define PKCS12_F_PKCS12_PACK_P7ENCDATA 0
-# define PKCS12_F_PKCS12_PARSE 0
-# define PKCS12_F_PKCS12_PBE_CRYPT 0
-# define PKCS12_F_PKCS12_PBE_KEYIVGEN 0
-# define PKCS12_F_PKCS12_SAFEBAG_CREATE0_P8INF 0
-# define PKCS12_F_PKCS12_SAFEBAG_CREATE0_PKCS8 0
-# define PKCS12_F_PKCS12_SAFEBAG_CREATE_PKCS8_ENCRYPT 0
-# define PKCS12_F_PKCS12_SETUP_MAC 0
-# define PKCS12_F_PKCS12_SET_MAC 0
-# define PKCS12_F_PKCS12_UNPACK_AUTHSAFES 0
-# define PKCS12_F_PKCS12_UNPACK_P7DATA 0
-# define PKCS12_F_PKCS12_VERIFY_MAC 0
-# define PKCS12_F_PKCS8_ENCRYPT 0
-# define PKCS12_F_PKCS8_SET0_PBE 0
-# endif
/*
* PKCS12 reason codes.
@@ -67,6 +29,7 @@ int ERR_load_PKCS12_strings(void);
# define PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE 120
# define PKCS12_R_INVALID_NULL_ARGUMENT 104
# define PKCS12_R_INVALID_NULL_PKCS12_POINTER 105
+# define PKCS12_R_INVALID_TYPE 112
# define PKCS12_R_IV_GEN_ERROR 106
# define PKCS12_R_KEY_GEN_ERROR 107
# define PKCS12_R_MAC_ABSENT 108
@@ -75,9 +38,7 @@ int ERR_load_PKCS12_strings(void);
# define PKCS12_R_MAC_STRING_SET_ERROR 111
# define PKCS12_R_MAC_VERIFY_FAILURE 113
# define PKCS12_R_PARSE_ERROR 114
-# define PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR 115
# define PKCS12_R_PKCS12_CIPHERFINAL_ERROR 116
-# define PKCS12_R_PKCS12_PBE_CRYPT_ERROR 117
# define PKCS12_R_UNKNOWN_DIGEST_ALGORITHM 118
# define PKCS12_R_UNSUPPORTED_PKCS12_MODE 119
diff --git a/openssl/include/openssl/pkcs7.h b/openssl/include/openssl/pkcs7.h
index 05ec1f2a..46085b0b 100644..100755
--- a/openssl/include/openssl/pkcs7.h
+++ b/openssl/include/openssl/pkcs7.h
@@ -1,5 +1,8 @@
/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * WARNING: do not edit!
+ * Generated by makefile from include\openssl\pkcs7.h.in
+ *
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -7,6 +10,8 @@
* https://www.openssl.org/source/license.html
*/
+
+
#ifndef OPENSSL_PKCS7_H
# define OPENSSL_PKCS7_H
# pragma once
@@ -36,6 +41,11 @@ Digest_Encryption_ID rsaEncryption
Key_Encryption_ID rsaEncryption
*/
+typedef struct PKCS7_CTX_st {
+ OSSL_LIB_CTX *libctx;
+ char *propq;
+} PKCS7_CTX;
+
typedef struct pkcs7_issuer_and_serial_st {
X509_NAME *issuer;
ASN1_INTEGER *serial;
@@ -51,8 +61,35 @@ typedef struct pkcs7_signer_info_st {
STACK_OF(X509_ATTRIBUTE) *unauth_attr; /* [ 1 ] */
/* The private key to sign with */
EVP_PKEY *pkey;
+ const PKCS7_CTX *ctx;
} PKCS7_SIGNER_INFO;
-DEFINE_OR_DECLARE_STACK_OF(PKCS7_SIGNER_INFO)
+SKM_DEFINE_STACK_OF_INTERNAL(PKCS7_SIGNER_INFO, PKCS7_SIGNER_INFO, PKCS7_SIGNER_INFO)
+#define sk_PKCS7_SIGNER_INFO_num(sk) OPENSSL_sk_num(ossl_check_const_PKCS7_SIGNER_INFO_sk_type(sk))
+#define sk_PKCS7_SIGNER_INFO_value(sk, idx) ((PKCS7_SIGNER_INFO *)OPENSSL_sk_value(ossl_check_const_PKCS7_SIGNER_INFO_sk_type(sk), (idx)))
+#define sk_PKCS7_SIGNER_INFO_new(cmp) ((STACK_OF(PKCS7_SIGNER_INFO) *)OPENSSL_sk_new(ossl_check_PKCS7_SIGNER_INFO_compfunc_type(cmp)))
+#define sk_PKCS7_SIGNER_INFO_new_null() ((STACK_OF(PKCS7_SIGNER_INFO) *)OPENSSL_sk_new_null())
+#define sk_PKCS7_SIGNER_INFO_new_reserve(cmp, n) ((STACK_OF(PKCS7_SIGNER_INFO) *)OPENSSL_sk_new_reserve(ossl_check_PKCS7_SIGNER_INFO_compfunc_type(cmp), (n)))
+#define sk_PKCS7_SIGNER_INFO_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_PKCS7_SIGNER_INFO_sk_type(sk), (n))
+#define sk_PKCS7_SIGNER_INFO_free(sk) OPENSSL_sk_free(ossl_check_PKCS7_SIGNER_INFO_sk_type(sk))
+#define sk_PKCS7_SIGNER_INFO_zero(sk) OPENSSL_sk_zero(ossl_check_PKCS7_SIGNER_INFO_sk_type(sk))
+#define sk_PKCS7_SIGNER_INFO_delete(sk, i) ((PKCS7_SIGNER_INFO *)OPENSSL_sk_delete(ossl_check_PKCS7_SIGNER_INFO_sk_type(sk), (i)))
+#define sk_PKCS7_SIGNER_INFO_delete_ptr(sk, ptr) ((PKCS7_SIGNER_INFO *)OPENSSL_sk_delete_ptr(ossl_check_PKCS7_SIGNER_INFO_sk_type(sk), ossl_check_PKCS7_SIGNER_INFO_type(ptr)))
+#define sk_PKCS7_SIGNER_INFO_push(sk, ptr) OPENSSL_sk_push(ossl_check_PKCS7_SIGNER_INFO_sk_type(sk), ossl_check_PKCS7_SIGNER_INFO_type(ptr))
+#define sk_PKCS7_SIGNER_INFO_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_PKCS7_SIGNER_INFO_sk_type(sk), ossl_check_PKCS7_SIGNER_INFO_type(ptr))
+#define sk_PKCS7_SIGNER_INFO_pop(sk) ((PKCS7_SIGNER_INFO *)OPENSSL_sk_pop(ossl_check_PKCS7_SIGNER_INFO_sk_type(sk)))
+#define sk_PKCS7_SIGNER_INFO_shift(sk) ((PKCS7_SIGNER_INFO *)OPENSSL_sk_shift(ossl_check_PKCS7_SIGNER_INFO_sk_type(sk)))
+#define sk_PKCS7_SIGNER_INFO_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_PKCS7_SIGNER_INFO_sk_type(sk),ossl_check_PKCS7_SIGNER_INFO_freefunc_type(freefunc))
+#define sk_PKCS7_SIGNER_INFO_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_PKCS7_SIGNER_INFO_sk_type(sk), ossl_check_PKCS7_SIGNER_INFO_type(ptr), (idx))
+#define sk_PKCS7_SIGNER_INFO_set(sk, idx, ptr) ((PKCS7_SIGNER_INFO *)OPENSSL_sk_set(ossl_check_PKCS7_SIGNER_INFO_sk_type(sk), (idx), ossl_check_PKCS7_SIGNER_INFO_type(ptr)))
+#define sk_PKCS7_SIGNER_INFO_find(sk, ptr) OPENSSL_sk_find(ossl_check_PKCS7_SIGNER_INFO_sk_type(sk), ossl_check_PKCS7_SIGNER_INFO_type(ptr))
+#define sk_PKCS7_SIGNER_INFO_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_PKCS7_SIGNER_INFO_sk_type(sk), ossl_check_PKCS7_SIGNER_INFO_type(ptr))
+#define sk_PKCS7_SIGNER_INFO_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_PKCS7_SIGNER_INFO_sk_type(sk), ossl_check_PKCS7_SIGNER_INFO_type(ptr), pnum)
+#define sk_PKCS7_SIGNER_INFO_sort(sk) OPENSSL_sk_sort(ossl_check_PKCS7_SIGNER_INFO_sk_type(sk))
+#define sk_PKCS7_SIGNER_INFO_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_PKCS7_SIGNER_INFO_sk_type(sk))
+#define sk_PKCS7_SIGNER_INFO_dup(sk) ((STACK_OF(PKCS7_SIGNER_INFO) *)OPENSSL_sk_dup(ossl_check_const_PKCS7_SIGNER_INFO_sk_type(sk)))
+#define sk_PKCS7_SIGNER_INFO_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(PKCS7_SIGNER_INFO) *)OPENSSL_sk_deep_copy(ossl_check_const_PKCS7_SIGNER_INFO_sk_type(sk), ossl_check_PKCS7_SIGNER_INFO_copyfunc_type(copyfunc), ossl_check_PKCS7_SIGNER_INFO_freefunc_type(freefunc)))
+#define sk_PKCS7_SIGNER_INFO_set_cmp_func(sk, cmp) ((sk_PKCS7_SIGNER_INFO_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_PKCS7_SIGNER_INFO_sk_type(sk), ossl_check_PKCS7_SIGNER_INFO_compfunc_type(cmp)))
+
typedef struct pkcs7_recip_info_st {
ASN1_INTEGER *version; /* version 0 */
@@ -60,8 +97,35 @@ typedef struct pkcs7_recip_info_st {
X509_ALGOR *key_enc_algor;
ASN1_OCTET_STRING *enc_key;
X509 *cert; /* get the pub-key from this */
+ const PKCS7_CTX *ctx;
} PKCS7_RECIP_INFO;
-DEFINE_OR_DECLARE_STACK_OF(PKCS7_RECIP_INFO)
+SKM_DEFINE_STACK_OF_INTERNAL(PKCS7_RECIP_INFO, PKCS7_RECIP_INFO, PKCS7_RECIP_INFO)
+#define sk_PKCS7_RECIP_INFO_num(sk) OPENSSL_sk_num(ossl_check_const_PKCS7_RECIP_INFO_sk_type(sk))
+#define sk_PKCS7_RECIP_INFO_value(sk, idx) ((PKCS7_RECIP_INFO *)OPENSSL_sk_value(ossl_check_const_PKCS7_RECIP_INFO_sk_type(sk), (idx)))
+#define sk_PKCS7_RECIP_INFO_new(cmp) ((STACK_OF(PKCS7_RECIP_INFO) *)OPENSSL_sk_new(ossl_check_PKCS7_RECIP_INFO_compfunc_type(cmp)))
+#define sk_PKCS7_RECIP_INFO_new_null() ((STACK_OF(PKCS7_RECIP_INFO) *)OPENSSL_sk_new_null())
+#define sk_PKCS7_RECIP_INFO_new_reserve(cmp, n) ((STACK_OF(PKCS7_RECIP_INFO) *)OPENSSL_sk_new_reserve(ossl_check_PKCS7_RECIP_INFO_compfunc_type(cmp), (n)))
+#define sk_PKCS7_RECIP_INFO_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_PKCS7_RECIP_INFO_sk_type(sk), (n))
+#define sk_PKCS7_RECIP_INFO_free(sk) OPENSSL_sk_free(ossl_check_PKCS7_RECIP_INFO_sk_type(sk))
+#define sk_PKCS7_RECIP_INFO_zero(sk) OPENSSL_sk_zero(ossl_check_PKCS7_RECIP_INFO_sk_type(sk))
+#define sk_PKCS7_RECIP_INFO_delete(sk, i) ((PKCS7_RECIP_INFO *)OPENSSL_sk_delete(ossl_check_PKCS7_RECIP_INFO_sk_type(sk), (i)))
+#define sk_PKCS7_RECIP_INFO_delete_ptr(sk, ptr) ((PKCS7_RECIP_INFO *)OPENSSL_sk_delete_ptr(ossl_check_PKCS7_RECIP_INFO_sk_type(sk), ossl_check_PKCS7_RECIP_INFO_type(ptr)))
+#define sk_PKCS7_RECIP_INFO_push(sk, ptr) OPENSSL_sk_push(ossl_check_PKCS7_RECIP_INFO_sk_type(sk), ossl_check_PKCS7_RECIP_INFO_type(ptr))
+#define sk_PKCS7_RECIP_INFO_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_PKCS7_RECIP_INFO_sk_type(sk), ossl_check_PKCS7_RECIP_INFO_type(ptr))
+#define sk_PKCS7_RECIP_INFO_pop(sk) ((PKCS7_RECIP_INFO *)OPENSSL_sk_pop(ossl_check_PKCS7_RECIP_INFO_sk_type(sk)))
+#define sk_PKCS7_RECIP_INFO_shift(sk) ((PKCS7_RECIP_INFO *)OPENSSL_sk_shift(ossl_check_PKCS7_RECIP_INFO_sk_type(sk)))
+#define sk_PKCS7_RECIP_INFO_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_PKCS7_RECIP_INFO_sk_type(sk),ossl_check_PKCS7_RECIP_INFO_freefunc_type(freefunc))
+#define sk_PKCS7_RECIP_INFO_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_PKCS7_RECIP_INFO_sk_type(sk), ossl_check_PKCS7_RECIP_INFO_type(ptr), (idx))
+#define sk_PKCS7_RECIP_INFO_set(sk, idx, ptr) ((PKCS7_RECIP_INFO *)OPENSSL_sk_set(ossl_check_PKCS7_RECIP_INFO_sk_type(sk), (idx), ossl_check_PKCS7_RECIP_INFO_type(ptr)))
+#define sk_PKCS7_RECIP_INFO_find(sk, ptr) OPENSSL_sk_find(ossl_check_PKCS7_RECIP_INFO_sk_type(sk), ossl_check_PKCS7_RECIP_INFO_type(ptr))
+#define sk_PKCS7_RECIP_INFO_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_PKCS7_RECIP_INFO_sk_type(sk), ossl_check_PKCS7_RECIP_INFO_type(ptr))
+#define sk_PKCS7_RECIP_INFO_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_PKCS7_RECIP_INFO_sk_type(sk), ossl_check_PKCS7_RECIP_INFO_type(ptr), pnum)
+#define sk_PKCS7_RECIP_INFO_sort(sk) OPENSSL_sk_sort(ossl_check_PKCS7_RECIP_INFO_sk_type(sk))
+#define sk_PKCS7_RECIP_INFO_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_PKCS7_RECIP_INFO_sk_type(sk))
+#define sk_PKCS7_RECIP_INFO_dup(sk) ((STACK_OF(PKCS7_RECIP_INFO) *)OPENSSL_sk_dup(ossl_check_const_PKCS7_RECIP_INFO_sk_type(sk)))
+#define sk_PKCS7_RECIP_INFO_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(PKCS7_RECIP_INFO) *)OPENSSL_sk_deep_copy(ossl_check_const_PKCS7_RECIP_INFO_sk_type(sk), ossl_check_PKCS7_RECIP_INFO_copyfunc_type(copyfunc), ossl_check_PKCS7_RECIP_INFO_freefunc_type(freefunc)))
+#define sk_PKCS7_RECIP_INFO_set_cmp_func(sk, cmp) ((sk_PKCS7_RECIP_INFO_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_PKCS7_RECIP_INFO_sk_type(sk), ossl_check_PKCS7_RECIP_INFO_compfunc_type(cmp)))
+
typedef struct pkcs7_signed_st {
@@ -82,6 +146,7 @@ typedef struct pkcs7_enc_content_st {
X509_ALGOR *algorithm;
ASN1_OCTET_STRING *enc_data; /* [ 0 ] */
const EVP_CIPHER *cipher;
+ const PKCS7_CTX *ctx;
} PKCS7_ENC_CONTENT;
typedef struct pkcs7_enveloped_st {
@@ -147,8 +212,35 @@ typedef struct pkcs7_st {
/* Anything else */
ASN1_TYPE *other;
} d;
+ PKCS7_CTX ctx;
} PKCS7;
-DEFINE_OR_DECLARE_STACK_OF(PKCS7)
+SKM_DEFINE_STACK_OF_INTERNAL(PKCS7, PKCS7, PKCS7)
+#define sk_PKCS7_num(sk) OPENSSL_sk_num(ossl_check_const_PKCS7_sk_type(sk))
+#define sk_PKCS7_value(sk, idx) ((PKCS7 *)OPENSSL_sk_value(ossl_check_const_PKCS7_sk_type(sk), (idx)))
+#define sk_PKCS7_new(cmp) ((STACK_OF(PKCS7) *)OPENSSL_sk_new(ossl_check_PKCS7_compfunc_type(cmp)))
+#define sk_PKCS7_new_null() ((STACK_OF(PKCS7) *)OPENSSL_sk_new_null())
+#define sk_PKCS7_new_reserve(cmp, n) ((STACK_OF(PKCS7) *)OPENSSL_sk_new_reserve(ossl_check_PKCS7_compfunc_type(cmp), (n)))
+#define sk_PKCS7_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_PKCS7_sk_type(sk), (n))
+#define sk_PKCS7_free(sk) OPENSSL_sk_free(ossl_check_PKCS7_sk_type(sk))
+#define sk_PKCS7_zero(sk) OPENSSL_sk_zero(ossl_check_PKCS7_sk_type(sk))
+#define sk_PKCS7_delete(sk, i) ((PKCS7 *)OPENSSL_sk_delete(ossl_check_PKCS7_sk_type(sk), (i)))
+#define sk_PKCS7_delete_ptr(sk, ptr) ((PKCS7 *)OPENSSL_sk_delete_ptr(ossl_check_PKCS7_sk_type(sk), ossl_check_PKCS7_type(ptr)))
+#define sk_PKCS7_push(sk, ptr) OPENSSL_sk_push(ossl_check_PKCS7_sk_type(sk), ossl_check_PKCS7_type(ptr))
+#define sk_PKCS7_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_PKCS7_sk_type(sk), ossl_check_PKCS7_type(ptr))
+#define sk_PKCS7_pop(sk) ((PKCS7 *)OPENSSL_sk_pop(ossl_check_PKCS7_sk_type(sk)))
+#define sk_PKCS7_shift(sk) ((PKCS7 *)OPENSSL_sk_shift(ossl_check_PKCS7_sk_type(sk)))
+#define sk_PKCS7_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_PKCS7_sk_type(sk),ossl_check_PKCS7_freefunc_type(freefunc))
+#define sk_PKCS7_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_PKCS7_sk_type(sk), ossl_check_PKCS7_type(ptr), (idx))
+#define sk_PKCS7_set(sk, idx, ptr) ((PKCS7 *)OPENSSL_sk_set(ossl_check_PKCS7_sk_type(sk), (idx), ossl_check_PKCS7_type(ptr)))
+#define sk_PKCS7_find(sk, ptr) OPENSSL_sk_find(ossl_check_PKCS7_sk_type(sk), ossl_check_PKCS7_type(ptr))
+#define sk_PKCS7_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_PKCS7_sk_type(sk), ossl_check_PKCS7_type(ptr))
+#define sk_PKCS7_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_PKCS7_sk_type(sk), ossl_check_PKCS7_type(ptr), pnum)
+#define sk_PKCS7_sort(sk) OPENSSL_sk_sort(ossl_check_PKCS7_sk_type(sk))
+#define sk_PKCS7_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_PKCS7_sk_type(sk))
+#define sk_PKCS7_dup(sk) ((STACK_OF(PKCS7) *)OPENSSL_sk_dup(ossl_check_const_PKCS7_sk_type(sk)))
+#define sk_PKCS7_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(PKCS7) *)OPENSSL_sk_deep_copy(ossl_check_const_PKCS7_sk_type(sk), ossl_check_PKCS7_copyfunc_type(copyfunc), ossl_check_PKCS7_freefunc_type(freefunc)))
+#define sk_PKCS7_set_cmp_func(sk, cmp) ((sk_PKCS7_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_PKCS7_sk_type(sk), ossl_check_PKCS7_compfunc_type(cmp)))
+
# define PKCS7_OP_SET_DETACHED_SIGNATURE 1
@@ -231,6 +323,7 @@ DECLARE_ASN1_FUNCTIONS(PKCS7_SIGN_ENVELOPE)
DECLARE_ASN1_FUNCTIONS(PKCS7_DIGEST)
DECLARE_ASN1_FUNCTIONS(PKCS7_ENCRYPT)
DECLARE_ASN1_FUNCTIONS(PKCS7)
+PKCS7 *PKCS7_new_ex(OSSL_LIB_CTX *libctx, const char *propq);
DECLARE_ASN1_ITEM(PKCS7_ATTR_SIGN)
DECLARE_ASN1_ITEM(PKCS7_ATTR_VERIFY)
@@ -240,6 +333,7 @@ DECLARE_ASN1_PRINT_FUNCTION(PKCS7)
long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg);
+int PKCS7_type_is_other(PKCS7 *p7);
int PKCS7_set_type(PKCS7 *p7, int type);
int PKCS7_set0_type_other(PKCS7 *p7, int type, ASN1_TYPE *other);
int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data);
@@ -275,13 +369,14 @@ int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher);
int PKCS7_stream(unsigned char ***boundary, PKCS7 *p7);
PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx);
+ASN1_OCTET_STRING *PKCS7_get_octet_string(PKCS7 *p7);
ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk);
int PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int type,
void *data);
int PKCS7_add_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,
void *value);
-ASN1_TYPE *PKCS7_get_attribute(PKCS7_SIGNER_INFO *si, int nid);
-ASN1_TYPE *PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO *si, int nid);
+ASN1_TYPE *PKCS7_get_attribute(const PKCS7_SIGNER_INFO *si, int nid);
+ASN1_TYPE *PKCS7_get_signed_attribute(const PKCS7_SIGNER_INFO *si, int nid);
int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si,
STACK_OF(X509_ATTRIBUTE) *sk);
int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si,
@@ -289,6 +384,9 @@ int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si,
PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
BIO *data, int flags);
+PKCS7 *PKCS7_sign_ex(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
+ BIO *data, int flags, OSSL_LIB_CTX *libctx,
+ const char *propq);
PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7,
X509 *signcert, EVP_PKEY *pkey,
@@ -301,6 +399,9 @@ STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs,
int flags);
PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher,
int flags);
+PKCS7 *PKCS7_encrypt_ex(STACK_OF(X509) *certs, BIO *in,
+ const EVP_CIPHER *cipher, int flags,
+ OSSL_LIB_CTX *libctx, const char *propq);
int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data,
int flags);
@@ -315,6 +416,7 @@ int PKCS7_add1_attrib_digest(PKCS7_SIGNER_INFO *si,
const unsigned char *md, int mdlen);
int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags);
+PKCS7 *SMIME_read_PKCS7_ex(BIO *bio, BIO **bcont, PKCS7 **p7);
PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont);
BIO *BIO_new_PKCS7(BIO *out, PKCS7 *p7);
diff --git a/openssl/include/openssl/pkcs7err.h b/openssl/include/openssl/pkcs7err.h
index d539beb1..6b4d3f34 100644..100755
--- a/openssl/include/openssl/pkcs7err.h
+++ b/openssl/include/openssl/pkcs7err.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -14,52 +14,9 @@
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
+# include <openssl/cryptoerr_legacy.h>
-# ifdef __cplusplus
-extern "C"
-# endif
-int ERR_load_PKCS7_strings(void);
-
-/*
- * PKCS7 function codes.
- */
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define PKCS7_F_DO_PKCS7_SIGNED_ATTRIB 0
-# define PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME 0
-# define PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP 0
-# define PKCS7_F_PKCS7_ADD_CERTIFICATE 0
-# define PKCS7_F_PKCS7_ADD_CRL 0
-# define PKCS7_F_PKCS7_ADD_RECIPIENT_INFO 0
-# define PKCS7_F_PKCS7_ADD_SIGNATURE 0
-# define PKCS7_F_PKCS7_ADD_SIGNER 0
-# define PKCS7_F_PKCS7_BIO_ADD_DIGEST 0
-# define PKCS7_F_PKCS7_COPY_EXISTING_DIGEST 0
-# define PKCS7_F_PKCS7_CTRL 0
-# define PKCS7_F_PKCS7_DATADECODE 0
-# define PKCS7_F_PKCS7_DATAFINAL 0
-# define PKCS7_F_PKCS7_DATAINIT 0
-# define PKCS7_F_PKCS7_DATAVERIFY 0
-# define PKCS7_F_PKCS7_DECRYPT 0
-# define PKCS7_F_PKCS7_DECRYPT_RINFO 0
-# define PKCS7_F_PKCS7_ENCODE_RINFO 0
-# define PKCS7_F_PKCS7_ENCRYPT 0
-# define PKCS7_F_PKCS7_FINAL 0
-# define PKCS7_F_PKCS7_FIND_DIGEST 0
-# define PKCS7_F_PKCS7_GET0_SIGNERS 0
-# define PKCS7_F_PKCS7_RECIP_INFO_SET 0
-# define PKCS7_F_PKCS7_SET_CIPHER 0
-# define PKCS7_F_PKCS7_SET_CONTENT 0
-# define PKCS7_F_PKCS7_SET_DIGEST 0
-# define PKCS7_F_PKCS7_SET_TYPE 0
-# define PKCS7_F_PKCS7_SIGN 0
-# define PKCS7_F_PKCS7_SIGNATUREVERIFY 0
-# define PKCS7_F_PKCS7_SIGNER_INFO_SET 0
-# define PKCS7_F_PKCS7_SIGNER_INFO_SIGN 0
-# define PKCS7_F_PKCS7_SIGN_ADD_SIGNER 0
-# define PKCS7_F_PKCS7_SIMPLE_SMIMECAP 0
-# define PKCS7_F_PKCS7_VERIFY 0
-# endif
/*
* PKCS7 reason codes.
diff --git a/openssl/include/openssl/prov_ssl.h b/openssl/include/openssl/prov_ssl.h
new file mode 100755
index 00000000..d4afaab6
--- /dev/null
+++ b/openssl/include/openssl/prov_ssl.h
@@ -0,0 +1,34 @@
+/*
+ * Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_PROV_SSL_H
+# define OPENSSL_PROV_SSL_H
+# pragma once
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+/* SSL/TLS related defines useful to providers */
+
+# define SSL_MAX_MASTER_KEY_LENGTH 48
+
+# define SSL3_VERSION 0x0300
+# define TLS1_VERSION 0x0301
+# define TLS1_1_VERSION 0x0302
+# define TLS1_2_VERSION 0x0303
+# define TLS1_3_VERSION 0x0304
+# define DTLS1_VERSION 0xFEFF
+# define DTLS1_2_VERSION 0xFEFD
+# define DTLS1_BAD_VER 0x0100
+
+# ifdef __cplusplus
+}
+# endif
+#endif /* OPENSSL_PROV_SSL_H */
diff --git a/openssl/include/openssl/proverr.h b/openssl/include/openssl/proverr.h
new file mode 100755
index 00000000..67833e04
--- /dev/null
+++ b/openssl/include/openssl/proverr.h
@@ -0,0 +1,148 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_PROVERR_H
+# define OPENSSL_PROVERR_H
+# pragma once
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+# include <openssl/cryptoerr_legacy.h>
+
+
+
+/*
+ * PROV reason codes.
+ */
+# define PROV_R_ADDITIONAL_INPUT_TOO_LONG 184
+# define PROV_R_ALGORITHM_MISMATCH 173
+# define PROV_R_ALREADY_INSTANTIATED 185
+# define PROV_R_BAD_DECRYPT 100
+# define PROV_R_BAD_ENCODING 141
+# define PROV_R_BAD_LENGTH 142
+# define PROV_R_BAD_TLS_CLIENT_VERSION 161
+# define PROV_R_BN_ERROR 160
+# define PROV_R_CIPHER_OPERATION_FAILED 102
+# define PROV_R_DERIVATION_FUNCTION_INIT_FAILED 205
+# define PROV_R_DIGEST_NOT_ALLOWED 174
+# define PROV_R_ENTROPY_SOURCE_STRENGTH_TOO_WEAK 186
+# define PROV_R_ERROR_INSTANTIATING_DRBG 188
+# define PROV_R_ERROR_RETRIEVING_ENTROPY 189
+# define PROV_R_ERROR_RETRIEVING_NONCE 190
+# define PROV_R_FAILED_DURING_DERIVATION 164
+# define PROV_R_FAILED_TO_CREATE_LOCK 180
+# define PROV_R_FAILED_TO_DECRYPT 162
+# define PROV_R_FAILED_TO_GENERATE_KEY 121
+# define PROV_R_FAILED_TO_GET_PARAMETER 103
+# define PROV_R_FAILED_TO_SET_PARAMETER 104
+# define PROV_R_FAILED_TO_SIGN 175
+# define PROV_R_FIPS_MODULE_CONDITIONAL_ERROR 227
+# define PROV_R_FIPS_MODULE_ENTERING_ERROR_STATE 224
+# define PROV_R_FIPS_MODULE_IN_ERROR_STATE 225
+# define PROV_R_GENERATE_ERROR 191
+# define PROV_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE 165
+# define PROV_R_INDICATOR_INTEGRITY_FAILURE 210
+# define PROV_R_INSUFFICIENT_DRBG_STRENGTH 181
+# define PROV_R_INVALID_AAD 108
+# define PROV_R_INVALID_CONFIG_DATA 211
+# define PROV_R_INVALID_CONSTANT_LENGTH 157
+# define PROV_R_INVALID_CURVE 176
+# define PROV_R_INVALID_CUSTOM_LENGTH 111
+# define PROV_R_INVALID_DATA 115
+# define PROV_R_INVALID_DIGEST 122
+# define PROV_R_INVALID_DIGEST_LENGTH 166
+# define PROV_R_INVALID_DIGEST_SIZE 218
+# define PROV_R_INVALID_INPUT_LENGTH 230
+# define PROV_R_INVALID_ITERATION_COUNT 123
+# define PROV_R_INVALID_IV_LENGTH 109
+# define PROV_R_INVALID_KEY 158
+# define PROV_R_INVALID_KEY_LENGTH 105
+# define PROV_R_INVALID_MAC 151
+# define PROV_R_INVALID_MGF1_MD 167
+# define PROV_R_INVALID_MODE 125
+# define PROV_R_INVALID_OUTPUT_LENGTH 217
+# define PROV_R_INVALID_PADDING_MODE 168
+# define PROV_R_INVALID_PUBINFO 198
+# define PROV_R_INVALID_SALT_LENGTH 112
+# define PROV_R_INVALID_SEED_LENGTH 154
+# define PROV_R_INVALID_SIGNATURE_SIZE 179
+# define PROV_R_INVALID_STATE 212
+# define PROV_R_INVALID_TAG 110
+# define PROV_R_INVALID_TAG_LENGTH 118
+# define PROV_R_INVALID_UKM_LENGTH 200
+# define PROV_R_INVALID_X931_DIGEST 170
+# define PROV_R_IN_ERROR_STATE 192
+# define PROV_R_KEY_SETUP_FAILED 101
+# define PROV_R_KEY_SIZE_TOO_SMALL 171
+# define PROV_R_LENGTH_TOO_LARGE 202
+# define PROV_R_MISMATCHING_DOMAIN_PARAMETERS 203
+# define PROV_R_MISSING_CEK_ALG 144
+# define PROV_R_MISSING_CIPHER 155
+# define PROV_R_MISSING_CONFIG_DATA 213
+# define PROV_R_MISSING_CONSTANT 156
+# define PROV_R_MISSING_KEY 128
+# define PROV_R_MISSING_MAC 150
+# define PROV_R_MISSING_MESSAGE_DIGEST 129
+# define PROV_R_MISSING_OID 209
+# define PROV_R_MISSING_PASS 130
+# define PROV_R_MISSING_SALT 131
+# define PROV_R_MISSING_SECRET 132
+# define PROV_R_MISSING_SEED 140
+# define PROV_R_MISSING_SESSION_ID 133
+# define PROV_R_MISSING_TYPE 134
+# define PROV_R_MISSING_XCGHASH 135
+# define PROV_R_MODULE_INTEGRITY_FAILURE 214
+# define PROV_R_NOT_A_PRIVATE_KEY 221
+# define PROV_R_NOT_A_PUBLIC_KEY 220
+# define PROV_R_NOT_INSTANTIATED 193
+# define PROV_R_NOT_PARAMETERS 226
+# define PROV_R_NOT_SUPPORTED 136
+# define PROV_R_NOT_XOF_OR_INVALID_LENGTH 113
+# define PROV_R_NO_KEY_SET 114
+# define PROV_R_NO_PARAMETERS_SET 177
+# define PROV_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 178
+# define PROV_R_OUTPUT_BUFFER_TOO_SMALL 106
+# define PROV_R_PARENT_CANNOT_GENERATE_RANDOM_NUMBERS 228
+# define PROV_R_PARENT_CANNOT_SUPPLY_ENTROPY_SEED 187
+# define PROV_R_PARENT_LOCKING_NOT_ENABLED 182
+# define PROV_R_PARENT_STRENGTH_TOO_WEAK 194
+# define PROV_R_PATH_MUST_BE_ABSOLUTE 219
+# define PROV_R_PERSONALISATION_STRING_TOO_LONG 195
+# define PROV_R_PSS_SALTLEN_TOO_SMALL 172
+# define PROV_R_REQUEST_TOO_LARGE_FOR_DRBG 196
+# define PROV_R_REQUIRE_CTR_MODE_CIPHER 206
+# define PROV_R_RESEED_ERROR 197
+# define PROV_R_SEARCH_ONLY_SUPPORTED_FOR_DIRECTORIES 222
+# define PROV_R_SEED_SOURCES_MUST_NOT_HAVE_A_PARENT 229
+# define PROV_R_SELF_TEST_KAT_FAILURE 215
+# define PROV_R_SELF_TEST_POST_FAILURE 216
+# define PROV_R_TAG_NOT_NEEDED 120
+# define PROV_R_TAG_NOT_SET 119
+# define PROV_R_TOO_MANY_RECORDS 126
+# define PROV_R_UNABLE_TO_FIND_CIPHERS 207
+# define PROV_R_UNABLE_TO_GET_PARENT_STRENGTH 199
+# define PROV_R_UNABLE_TO_GET_PASSPHRASE 159
+# define PROV_R_UNABLE_TO_INITIALISE_CIPHERS 208
+# define PROV_R_UNABLE_TO_LOAD_SHA256 147
+# define PROV_R_UNABLE_TO_LOCK_PARENT 201
+# define PROV_R_UNABLE_TO_RESEED 204
+# define PROV_R_UNSUPPORTED_CEK_ALG 145
+# define PROV_R_UNSUPPORTED_KEY_SIZE 153
+# define PROV_R_UNSUPPORTED_MAC_TYPE 137
+# define PROV_R_UNSUPPORTED_NUMBER_OF_ROUNDS 152
+# define PROV_R_URI_AUTHORITY_UNSUPPORTED 223
+# define PROV_R_VALUE_ERROR 138
+# define PROV_R_WRONG_FINAL_BLOCK_LENGTH 107
+# define PROV_R_WRONG_OUTPUT_BUFFER_SIZE 139
+# define PROV_R_XOF_DIGESTS_NOT_ALLOWED 183
+# define PROV_R_XTS_DATA_UNIT_IS_TOO_LARGE 148
+# define PROV_R_XTS_DUPLICATED_KEYS 149
+
+#endif
diff --git a/openssl/include/openssl/provider.h b/openssl/include/openssl/provider.h
index e2edf410..608fff8b 100644..100755
--- a/openssl/include/openssl/provider.h
+++ b/openssl/include/openssl/provider.h
@@ -1,5 +1,5 @@
/*
- * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -9,6 +9,7 @@
#ifndef OPENSSL_PROVIDER_H
# define OPENSSL_PROVIDER_H
+# pragma once
# include <openssl/core.h>
@@ -17,18 +18,21 @@ extern "C" {
# endif
/* Set the default provider search path */
-int OSSL_PROVIDER_set_default_search_path(OPENSSL_CTX *, const char *path);
+int OSSL_PROVIDER_set_default_search_path(OSSL_LIB_CTX *, const char *path);
/* Load and unload a provider */
-OSSL_PROVIDER *OSSL_PROVIDER_load(OPENSSL_CTX *, const char *name);
+OSSL_PROVIDER *OSSL_PROVIDER_load(OSSL_LIB_CTX *, const char *name);
+OSSL_PROVIDER *OSSL_PROVIDER_try_load(OSSL_LIB_CTX *, const char *name,
+ int retain_fallbacks);
int OSSL_PROVIDER_unload(OSSL_PROVIDER *prov);
-int OSSL_PROVIDER_available(OPENSSL_CTX *, const char *name);
-int OSSL_PROVIDER_do_all(OPENSSL_CTX *ctx,
+int OSSL_PROVIDER_available(OSSL_LIB_CTX *, const char *name);
+int OSSL_PROVIDER_do_all(OSSL_LIB_CTX *ctx,
int (*cb)(OSSL_PROVIDER *provider, void *cbdata),
void *cbdata);
const OSSL_PARAM *OSSL_PROVIDER_gettable_params(const OSSL_PROVIDER *prov);
int OSSL_PROVIDER_get_params(const OSSL_PROVIDER *prov, OSSL_PARAM params[]);
+int OSSL_PROVIDER_self_test(const OSSL_PROVIDER *prov);
int OSSL_PROVIDER_get_capabilities(const OSSL_PROVIDER *prov,
const char *capability,
OSSL_CALLBACK *cb,
@@ -37,14 +41,17 @@ int OSSL_PROVIDER_get_capabilities(const OSSL_PROVIDER *prov,
const OSSL_ALGORITHM *OSSL_PROVIDER_query_operation(const OSSL_PROVIDER *prov,
int operation_id,
int *no_cache);
+void OSSL_PROVIDER_unquery_operation(const OSSL_PROVIDER *prov,
+ int operation_id, const OSSL_ALGORITHM *algs);
void *OSSL_PROVIDER_get0_provider_ctx(const OSSL_PROVIDER *prov);
+const OSSL_DISPATCH *OSSL_PROVIDER_get0_dispatch(const OSSL_PROVIDER *prov);
/* Add a built in providers */
-int OSSL_PROVIDER_add_builtin(OPENSSL_CTX *, const char *name,
+int OSSL_PROVIDER_add_builtin(OSSL_LIB_CTX *, const char *name,
OSSL_provider_init_fn *init_fn);
/* Information */
-const char *OSSL_PROVIDER_name(const OSSL_PROVIDER *prov);
+const char *OSSL_PROVIDER_get0_name(const OSSL_PROVIDER *prov);
# ifdef __cplusplus
}
diff --git a/openssl/include/openssl/rand.h b/openssl/include/openssl/rand.h
index a7eb9019..eab00e33 100644..100755
--- a/openssl/include/openssl/rand.h
+++ b/openssl/include/openssl/rand.h
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -20,11 +20,23 @@
# include <openssl/types.h>
# include <openssl/e_os2.h>
# include <openssl/randerr.h>
+# include <openssl/evp.h>
#ifdef __cplusplus
extern "C" {
#endif
+/*
+ * Default security strength (in the sense of [NIST SP 800-90Ar1])
+ *
+ * NIST SP 800-90Ar1 supports the strength of the DRBG being smaller than that
+ * of the cipher by collecting less entropy. The current DRBG implementation
+ * does not take RAND_DRBG_STRENGTH into account and sets the strength of the
+ * DRBG to that of the cipher.
+ */
+# define RAND_DRBG_STRENGTH 256
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
struct rand_meth_st {
int (*seed) (const void *buf, int num);
int (*bytes) (unsigned char *buf, int num);
@@ -34,13 +46,14 @@ struct rand_meth_st {
int (*status) (void);
};
-int RAND_set_rand_method(const RAND_METHOD *meth);
-const RAND_METHOD *RAND_get_rand_method(void);
-# ifndef OPENSSL_NO_ENGINE
-int RAND_set_rand_engine(ENGINE *engine);
-# endif
+OSSL_DEPRECATEDIN_3_0 int RAND_set_rand_method(const RAND_METHOD *meth);
+OSSL_DEPRECATEDIN_3_0 const RAND_METHOD *RAND_get_rand_method(void);
+# ifndef OPENSSL_NO_ENGINE
+OSSL_DEPRECATEDIN_3_0 int RAND_set_rand_engine(ENGINE *engine);
+# endif
-RAND_METHOD *RAND_OpenSSL(void);
+OSSL_DEPRECATEDIN_3_0 RAND_METHOD *RAND_OpenSSL(void);
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
# ifndef OPENSSL_NO_DEPRECATED_1_1_0
# define RAND_cleanup() while(0) continue
@@ -48,13 +61,32 @@ RAND_METHOD *RAND_OpenSSL(void);
int RAND_bytes(unsigned char *buf, int num);
int RAND_priv_bytes(unsigned char *buf, int num);
-/* Equivalent of RAND_priv_bytes() but additionally taking an OPENSSL_CTX */
-int RAND_priv_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num);
+/*
+ * Equivalent of RAND_priv_bytes() but additionally taking an OSSL_LIB_CTX and
+ * a strength.
+ */
+int RAND_priv_bytes_ex(OSSL_LIB_CTX *ctx, unsigned char *buf, size_t num,
+ unsigned int strength);
+
+/*
+ * Equivalent of RAND_bytes() but additionally taking an OSSL_LIB_CTX and
+ * a strength.
+ */
+int RAND_bytes_ex(OSSL_LIB_CTX *ctx, unsigned char *buf, size_t num,
+ unsigned int strength);
+
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+OSSL_DEPRECATEDIN_1_1_0 int RAND_pseudo_bytes(unsigned char *buf, int num);
+# endif
-/* Equivalent of RAND_bytes() but additionally taking an OPENSSL_CTX */
-int RAND_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num);
+EVP_RAND_CTX *RAND_get0_primary(OSSL_LIB_CTX *ctx);
+EVP_RAND_CTX *RAND_get0_public(OSSL_LIB_CTX *ctx);
+EVP_RAND_CTX *RAND_get0_private(OSSL_LIB_CTX *ctx);
-DEPRECATEDIN_1_1_0(int RAND_pseudo_bytes(unsigned char *buf, int num))
+int RAND_set_DRBG_type(OSSL_LIB_CTX *ctx, const char *drbg, const char *propq,
+ const char *cipher, const char *digest);
+int RAND_set_seed_source_type(OSSL_LIB_CTX *ctx, const char *seed,
+ const char *propq);
void RAND_seed(const void *buf, int num);
void RAND_keep_random_devices_open(int keep);
@@ -78,8 +110,10 @@ int RAND_poll(void);
# if defined(_WIN32) && (defined(BASETYPES) || defined(_WINDEF_H))
/* application has to include <windows.h> in order to use these */
-DEPRECATEDIN_1_1_0(void RAND_screen(void))
-DEPRECATEDIN_1_1_0(int RAND_event(UINT, WPARAM, LPARAM))
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+OSSL_DEPRECATEDIN_1_1_0 void RAND_screen(void);
+OSSL_DEPRECATEDIN_1_1_0 int RAND_event(UINT, WPARAM, LPARAM);
+# endif
# endif
#ifdef __cplusplus
diff --git a/openssl/include/openssl/rand_drbg.h b/openssl/include/openssl/rand_drbg.h
index 3b09dcef..3b09dcef 100644..100755
--- a/openssl/include/openssl/rand_drbg.h
+++ b/openssl/include/openssl/rand_drbg.h
diff --git a/openssl/include/openssl/randerr.h b/openssl/include/openssl/randerr.h
index 26179b23..5af39df1 100644..100755
--- a/openssl/include/openssl/randerr.h
+++ b/openssl/include/openssl/randerr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -14,49 +14,9 @@
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
+# include <openssl/cryptoerr_legacy.h>
-# ifdef __cplusplus
-extern "C"
-# endif
-int ERR_load_RAND_strings(void);
-
-/*
- * RAND function codes.
- */
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define RAND_F_DRBG_BYTES 0
-# define RAND_F_DRBG_CTR_INIT 0
-# define RAND_F_DRBG_GET_ENTROPY 0
-# define RAND_F_DRBG_SETUP 0
-# define RAND_F_GET_ENTROPY 0
-# define RAND_F_RAND_BYTES 0
-# define RAND_F_RAND_BYTES_EX 0
-# define RAND_F_RAND_DRBG_ENABLE_LOCKING 0
-# define RAND_F_RAND_DRBG_GENERATE 0
-# define RAND_F_RAND_DRBG_GET_ENTROPY 0
-# define RAND_F_RAND_DRBG_GET_NONCE 0
-# define RAND_F_RAND_DRBG_INIT_METHOD 0
-# define RAND_F_RAND_DRBG_INSTANTIATE 0
-# define RAND_F_RAND_DRBG_NEW 0
-# define RAND_F_RAND_DRBG_RESEED 0
-# define RAND_F_RAND_DRBG_RESTART 0
-# define RAND_F_RAND_DRBG_SET 0
-# define RAND_F_RAND_DRBG_SET_DEFAULTS 0
-# define RAND_F_RAND_DRBG_UNINSTANTIATE 0
-# define RAND_F_RAND_LOAD_FILE 0
-# define RAND_F_RAND_POOL_ACQUIRE_ENTROPY 0
-# define RAND_F_RAND_POOL_ADD 0
-# define RAND_F_RAND_POOL_ADD_BEGIN 0
-# define RAND_F_RAND_POOL_ADD_END 0
-# define RAND_F_RAND_POOL_ATTACH 0
-# define RAND_F_RAND_POOL_BYTES_NEEDED 0
-# define RAND_F_RAND_POOL_GROW 0
-# define RAND_F_RAND_POOL_NEW 0
-# define RAND_F_RAND_PRIV_BYTES_EX 0
-# define RAND_F_RAND_PSEUDO_BYTES 0
-# define RAND_F_RAND_WRITE_FILE 0
-# endif
/*
* RAND reason codes.
@@ -65,7 +25,6 @@ int ERR_load_RAND_strings(void);
# define RAND_R_ALREADY_INSTANTIATED 103
# define RAND_R_ARGUMENT_OUT_OF_RANGE 105
# define RAND_R_CANNOT_OPEN_FILE 121
-# define RAND_R_DERIVATION_FUNCTION_MANDATORY_FOR_FIPS 137
# define RAND_R_DRBG_ALREADY_INITIALIZED 129
# define RAND_R_DRBG_NOT_INITIALISED 104
# define RAND_R_ENTROPY_INPUT_TOO_LONG 106
@@ -98,9 +57,10 @@ int ERR_load_RAND_strings(void);
# define RAND_R_SELFTEST_FAILURE 119
# define RAND_R_TOO_LITTLE_NONCE_REQUESTED 135
# define RAND_R_TOO_MUCH_NONCE_REQUESTED 136
+# define RAND_R_UNABLE_TO_CREATE_DRBG 143
+# define RAND_R_UNABLE_TO_FETCH_DRBG 144
# define RAND_R_UNABLE_TO_GET_PARENT_RESEED_PROP_COUNTER 141
# define RAND_R_UNABLE_TO_GET_PARENT_STRENGTH 138
-# define RAND_R_UNABLE_TO_GET_RESEED_PROP_CTR 142
# define RAND_R_UNABLE_TO_LOCK_PARENT 140
# define RAND_R_UNSUPPORTED_DRBG_FLAGS 132
# define RAND_R_UNSUPPORTED_DRBG_TYPE 120
diff --git a/openssl/include/openssl/rc2.h b/openssl/include/openssl/rc2.h
index 37d05c8f..1c196f85 100644..100755
--- a/openssl/include/openssl/rc2.h
+++ b/openssl/include/openssl/rc2.h
@@ -36,25 +36,29 @@ typedef struct rc2_key_st {
RC2_INT data[64];
} RC2_KEY;
# endif
-
-DEPRECATEDIN_3_0(void RC2_set_key(RC2_KEY *key, int len,
- const unsigned char *data, int bits))
-DEPRECATEDIN_3_0(void RC2_ecb_encrypt(const unsigned char *in,
- unsigned char *out, RC2_KEY *key,
- int enc))
-DEPRECATEDIN_3_0(void RC2_encrypt(unsigned long *data, RC2_KEY *key))
-DEPRECATEDIN_3_0(void RC2_decrypt(unsigned long *data, RC2_KEY *key))
-DEPRECATEDIN_3_0(void RC2_cbc_encrypt(const unsigned char *in,
- unsigned char *out, long length,
- RC2_KEY *ks, unsigned char *iv, int enc))
-DEPRECATEDIN_3_0(void RC2_cfb64_encrypt(const unsigned char *in,
- unsigned char *out, long length,
- RC2_KEY *schedule, unsigned char *ivec,
- int *num, int enc))
-DEPRECATEDIN_3_0(void RC2_ofb64_encrypt(const unsigned char *in,
- unsigned char *out, long length,
- RC2_KEY *schedule, unsigned char *ivec,
- int *num))
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 void RC2_set_key(RC2_KEY *key, int len,
+ const unsigned char *data, int bits);
+OSSL_DEPRECATEDIN_3_0 void RC2_ecb_encrypt(const unsigned char *in,
+ unsigned char *out, RC2_KEY *key,
+ int enc);
+OSSL_DEPRECATEDIN_3_0 void RC2_encrypt(unsigned long *data, RC2_KEY *key);
+OSSL_DEPRECATEDIN_3_0 void RC2_decrypt(unsigned long *data, RC2_KEY *key);
+OSSL_DEPRECATEDIN_3_0 void RC2_cbc_encrypt(const unsigned char *in,
+ unsigned char *out, long length,
+ RC2_KEY *ks, unsigned char *iv,
+ int enc);
+OSSL_DEPRECATEDIN_3_0 void RC2_cfb64_encrypt(const unsigned char *in,
+ unsigned char *out, long length,
+ RC2_KEY *schedule,
+ unsigned char *ivec,
+ int *num, int enc);
+OSSL_DEPRECATEDIN_3_0 void RC2_ofb64_encrypt(const unsigned char *in,
+ unsigned char *out, long length,
+ RC2_KEY *schedule,
+ unsigned char *ivec,
+ int *num);
+# endif
# ifdef __cplusplus
}
diff --git a/openssl/include/openssl/rc4.h b/openssl/include/openssl/rc4.h
index 3a2e1ca0..cb672298 100644..100755
--- a/openssl/include/openssl/rc4.h
+++ b/openssl/include/openssl/rc4.h
@@ -30,12 +30,14 @@ typedef struct rc4_key_st {
RC4_INT data[256];
} RC4_KEY;
# endif
-
-DEPRECATEDIN_3_0(const char *RC4_options(void))
-DEPRECATEDIN_3_0(void RC4_set_key(RC4_KEY *key, int len,
- const unsigned char *data))
-DEPRECATEDIN_3_0(void RC4(RC4_KEY *key, size_t len, const unsigned char *indata,
- unsigned char *outdata))
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 const char *RC4_options(void);
+OSSL_DEPRECATEDIN_3_0 void RC4_set_key(RC4_KEY *key, int len,
+ const unsigned char *data);
+OSSL_DEPRECATEDIN_3_0 void RC4(RC4_KEY *key, size_t len,
+ const unsigned char *indata,
+ unsigned char *outdata);
+# endif
# ifdef __cplusplus
}
diff --git a/openssl/include/openssl/rc5.h b/openssl/include/openssl/rc5.h
index 28afabe4..5dd59fba 100644..100755
--- a/openssl/include/openssl/rc5.h
+++ b/openssl/include/openssl/rc5.h
@@ -46,27 +46,30 @@ typedef struct rc5_key_st {
RC5_32_INT data[2 * (RC5_16_ROUNDS + 1)];
} RC5_32_KEY;
# endif
-
-DEPRECATEDIN_3_0(int RC5_32_set_key(RC5_32_KEY *key, int len,
- const unsigned char *data, int rounds))
-DEPRECATEDIN_3_0(void RC5_32_ecb_encrypt(const unsigned char *in,
- unsigned char *out, RC5_32_KEY *key,
- int enc))
-DEPRECATEDIN_3_0(void RC5_32_encrypt(unsigned long *data, RC5_32_KEY *key))
-DEPRECATEDIN_3_0(void RC5_32_decrypt(unsigned long *data, RC5_32_KEY *key))
-DEPRECATEDIN_3_0(void RC5_32_cbc_encrypt(const unsigned char *in,
- unsigned char *out, long length,
- RC5_32_KEY *ks, unsigned char *iv,
- int enc))
-DEPRECATEDIN_3_0(void RC5_32_cfb64_encrypt(const unsigned char *in,
- unsigned char *out, long length,
- RC5_32_KEY *schedule,
- unsigned char *ivec, int *num,
- int enc))
-DEPRECATEDIN_3_0(void RC5_32_ofb64_encrypt(const unsigned char *in,
- unsigned char *out, long length,
- RC5_32_KEY *schedule,
- unsigned char *ivec, int *num))
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int RC5_32_set_key(RC5_32_KEY *key, int len,
+ const unsigned char *data,
+ int rounds);
+OSSL_DEPRECATEDIN_3_0 void RC5_32_ecb_encrypt(const unsigned char *in,
+ unsigned char *out,
+ RC5_32_KEY *key,
+ int enc);
+OSSL_DEPRECATEDIN_3_0 void RC5_32_encrypt(unsigned long *data, RC5_32_KEY *key);
+OSSL_DEPRECATEDIN_3_0 void RC5_32_decrypt(unsigned long *data, RC5_32_KEY *key);
+OSSL_DEPRECATEDIN_3_0 void RC5_32_cbc_encrypt(const unsigned char *in,
+ unsigned char *out, long length,
+ RC5_32_KEY *ks, unsigned char *iv,
+ int enc);
+OSSL_DEPRECATEDIN_3_0 void RC5_32_cfb64_encrypt(const unsigned char *in,
+ unsigned char *out, long length,
+ RC5_32_KEY *schedule,
+ unsigned char *ivec, int *num,
+ int enc);
+OSSL_DEPRECATEDIN_3_0 void RC5_32_ofb64_encrypt(const unsigned char *in,
+ unsigned char *out, long length,
+ RC5_32_KEY *schedule,
+ unsigned char *ivec, int *num);
+# endif
# ifdef __cplusplus
}
diff --git a/openssl/include/openssl/ripemd.h b/openssl/include/openssl/ripemd.h
index af9c2b4f..2dbf3e61 100644..100755
--- a/openssl/include/openssl/ripemd.h
+++ b/openssl/include/openssl/ripemd.h
@@ -41,15 +41,16 @@ typedef struct RIPEMD160state_st {
unsigned int num;
} RIPEMD160_CTX;
# endif
-
-DEPRECATEDIN_3_0(int RIPEMD160_Init(RIPEMD160_CTX *c))
-DEPRECATEDIN_3_0(int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data,
- size_t len))
-DEPRECATEDIN_3_0(int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c))
-DEPRECATEDIN_3_0(unsigned char *RIPEMD160(const unsigned char *d, size_t n,
- unsigned char *md))
-DEPRECATEDIN_3_0(void RIPEMD160_Transform(RIPEMD160_CTX *c,
- const unsigned char *b))
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int RIPEMD160_Init(RIPEMD160_CTX *c);
+OSSL_DEPRECATEDIN_3_0 int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data,
+ size_t len);
+OSSL_DEPRECATEDIN_3_0 int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c);
+OSSL_DEPRECATEDIN_3_0 unsigned char *RIPEMD160(const unsigned char *d, size_t n,
+ unsigned char *md);
+OSSL_DEPRECATEDIN_3_0 void RIPEMD160_Transform(RIPEMD160_CTX *c,
+ const unsigned char *b);
+# endif
# ifdef __cplusplus
}
diff --git a/openssl/include/openssl/rsa.h b/openssl/include/openssl/rsa.h
index 0899f324..5b08b0ed 100644..100755
--- a/openssl/include/openssl/rsa.h
+++ b/openssl/include/openssl/rsa.h
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -18,67 +18,58 @@
# include <openssl/opensslconf.h>
-# ifndef OPENSSL_NO_RSA
-# include <openssl/asn1.h>
-# include <openssl/bio.h>
-# include <openssl/crypto.h>
-# include <openssl/types.h>
-# ifndef OPENSSL_NO_DEPRECATED_1_1_0
-# include <openssl/bn.h>
-# endif
-# include <openssl/rsaerr.h>
-# include <openssl/safestack.h>
+# include <openssl/asn1.h>
+# include <openssl/bio.h>
+# include <openssl/crypto.h>
+# include <openssl/types.h>
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# include <openssl/bn.h>
+# endif
+# include <openssl/rsaerr.h>
+# include <openssl/safestack.h>
-# ifdef __cplusplus
+# ifdef __cplusplus
extern "C" {
-# endif
+# endif
-# ifndef OPENSSL_RSA_MAX_MODULUS_BITS
-# define OPENSSL_RSA_MAX_MODULUS_BITS 16384
-# endif
+# ifndef OPENSSL_RSA_MAX_MODULUS_BITS
+# define OPENSSL_RSA_MAX_MODULUS_BITS 16384
+# endif
-# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define RSA_3 0x3L
+# define RSA_F4 0x10001L
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
/* The types RSA and RSA_METHOD are defined in ossl_typ.h */
-# define OPENSSL_RSA_FIPS_MIN_MODULUS_BITS 2048
+# define OPENSSL_RSA_FIPS_MIN_MODULUS_BITS 2048
-# ifndef OPENSSL_RSA_SMALL_MODULUS_BITS
-# define OPENSSL_RSA_SMALL_MODULUS_BITS 3072
-# endif
+# ifndef OPENSSL_RSA_SMALL_MODULUS_BITS
+# define OPENSSL_RSA_SMALL_MODULUS_BITS 3072
+# endif
/* exponent limit enforced for "large" modulus only */
-# ifndef OPENSSL_RSA_MAX_PUBEXP_BITS
-# define OPENSSL_RSA_MAX_PUBEXP_BITS 64
-# endif
-# endif /* OPENSSL_NO_DEPRECATED_3_0 */
-
-# define RSA_3 0x3L
-# define RSA_F4 0x10001L
-
-# ifndef OPENSSL_NO_DEPRECATED_3_0
+# ifndef OPENSSL_RSA_MAX_PUBEXP_BITS
+# define OPENSSL_RSA_MAX_PUBEXP_BITS 64
+# endif
/* based on RFC 8017 appendix A.1.2 */
-# define RSA_ASN1_VERSION_DEFAULT 0
-# define RSA_ASN1_VERSION_MULTI 1
+# define RSA_ASN1_VERSION_DEFAULT 0
+# define RSA_ASN1_VERSION_MULTI 1
-# define RSA_DEFAULT_PRIME_NUM 2
-# endif /* OPENSSL_NO_DEPRECATED_3_0 */
+# define RSA_DEFAULT_PRIME_NUM 2
-/* Don't check pub/private match */
-/* TODO(3.0): deprecate this? It is exposed for sls/t1_lib.c's use */
# define RSA_METHOD_FLAG_NO_CHECK 0x0001
-
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define RSA_FLAG_CACHE_PUBLIC 0x0002
-# define RSA_FLAG_CACHE_PRIVATE 0x0004
-# define RSA_FLAG_BLINDING 0x0008
-# define RSA_FLAG_THREAD_SAFE 0x0010
+# define RSA_FLAG_CACHE_PUBLIC 0x0002
+# define RSA_FLAG_CACHE_PRIVATE 0x0004
+# define RSA_FLAG_BLINDING 0x0008
+# define RSA_FLAG_THREAD_SAFE 0x0010
/*
* This flag means the private key operations will be handled by rsa_mod_exp
* and that they do not depend on the private key components being present:
* for example a key stored in external hardware. Without this flag
* bn_mod_exp gets called when private key components are absent.
*/
-# define RSA_FLAG_EXT_PKEY 0x0020
+# define RSA_FLAG_EXT_PKEY 0x0020
/*
* new with 0.9.6j and 0.9.7b; the built-in
@@ -86,14 +77,14 @@ extern "C" {
* default (ignoring RSA_FLAG_BLINDING),
* but other engines might not need it
*/
-# define RSA_FLAG_NO_BLINDING 0x0080
-# endif /* OPENSSL_NO_DEPRECATED_3_0 */
+# define RSA_FLAG_NO_BLINDING 0x0080
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
/*
* Does nothing. Previously this switched off constant time behaviour.
*/
-# ifndef OPENSSL_NO_DEPRECATED_1_1_0
-# define RSA_FLAG_NO_CONSTTIME 0x0000
-# endif
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# define RSA_FLAG_NO_CONSTTIME 0x0000
+# endif
/* deprecated name for the flag*/
/*
* new with 0.9.7h; the built-in RSA
@@ -103,9 +94,9 @@ extern "C" {
* faster variable sliding window method to
* be used for all exponents.
*/
-# ifndef OPENSSL_NO_DEPRECATED_0_9_8
-# define RSA_FLAG_NO_EXP_CONSTTIME RSA_FLAG_NO_CONSTTIME
-# endif
+# ifndef OPENSSL_NO_DEPRECATED_0_9_8
+# define RSA_FLAG_NO_EXP_CONSTTIME RSA_FLAG_NO_CONSTTIME
+# endif
/*-
* New with 3.0: use part of the flags to denote exact type of RSA key,
@@ -120,10 +111,10 @@ extern "C" {
*
* 4 bits allow for 16 types
*/
-# define RSA_FLAG_TYPE_MASK 0xF000
-# define RSA_FLAG_TYPE_RSA 0x0000
-# define RSA_FLAG_TYPE_RSASSAPSS 0x1000
-# define RSA_FLAG_TYPE_RSAESOAEP 0x2000
+# define RSA_FLAG_TYPE_MASK 0xF000
+# define RSA_FLAG_TYPE_RSA 0x0000
+# define RSA_FLAG_TYPE_RSASSAPSS 0x1000
+# define RSA_FLAG_TYPE_RSAESOAEP 0x2000
int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad_mode);
int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad_mode);
@@ -132,18 +123,22 @@ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int saltlen);
int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *saltlen);
int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int bits);
-int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+int EVP_PKEY_CTX_set1_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
int EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen(EVP_PKEY_CTX *ctx, int saltlen);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0
+int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+# endif
/* Salt length matches digest */
-# define RSA_PSS_SALTLEN_DIGEST -1
+# define RSA_PSS_SALTLEN_DIGEST -1
/* Verify only: auto detect salt length */
-# define RSA_PSS_SALTLEN_AUTO -2
+# define RSA_PSS_SALTLEN_AUTO -2
/* Set salt length to maximum possible */
-# define RSA_PSS_SALTLEN_MAX -3
+# define RSA_PSS_SALTLEN_MAX -3
/* Old compatible max salt length for sign only */
-# define RSA_PSS_SALTLEN_MAX_SIGN -2
+# define RSA_PSS_SALTLEN_MAX_SIGN -2
int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
int EVP_PKEY_CTX_set_rsa_mgf1_md_name(EVP_PKEY_CTX *ctx, const char *mdname,
@@ -155,6 +150,11 @@ int EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md)
int EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md_name(EVP_PKEY_CTX *ctx,
const char *mdname);
+int EVP_PKEY_CTX_set_rsa_pss_keygen_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+int EVP_PKEY_CTX_set_rsa_pss_keygen_md_name(EVP_PKEY_CTX *ctx,
+ const char *mdname,
+ const char *mdprops);
+
int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
int EVP_PKEY_CTX_set_rsa_oaep_md_name(EVP_PKEY_CTX *ctx, const char *mdname,
const char *mdprops);
@@ -164,139 +164,153 @@ int EVP_PKEY_CTX_get_rsa_oaep_md_name(EVP_PKEY_CTX *ctx, char *name,
int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, void *label, int llen);
int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
-# define EVP_PKEY_CTX_set_rsa_pss_keygen_md(ctx, md) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA_PSS, \
- EVP_PKEY_OP_KEYGEN, EVP_PKEY_CTRL_MD, \
- 0, (void *)(md))
+# define EVP_PKEY_CTRL_RSA_PADDING (EVP_PKEY_ALG_CTRL + 1)
+# define EVP_PKEY_CTRL_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 2)
+# define EVP_PKEY_CTRL_RSA_KEYGEN_BITS (EVP_PKEY_ALG_CTRL + 3)
+# define EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP (EVP_PKEY_ALG_CTRL + 4)
+# define EVP_PKEY_CTRL_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 5)
-# define EVP_PKEY_CTRL_RSA_PADDING (EVP_PKEY_ALG_CTRL + 1)
-# define EVP_PKEY_CTRL_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 2)
+# define EVP_PKEY_CTRL_GET_RSA_PADDING (EVP_PKEY_ALG_CTRL + 6)
+# define EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 7)
+# define EVP_PKEY_CTRL_GET_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 8)
-# define EVP_PKEY_CTRL_RSA_KEYGEN_BITS (EVP_PKEY_ALG_CTRL + 3)
-# define EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP (EVP_PKEY_ALG_CTRL + 4)
-# define EVP_PKEY_CTRL_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 5)
+# define EVP_PKEY_CTRL_RSA_OAEP_MD (EVP_PKEY_ALG_CTRL + 9)
+# define EVP_PKEY_CTRL_RSA_OAEP_LABEL (EVP_PKEY_ALG_CTRL + 10)
-# define EVP_PKEY_CTRL_GET_RSA_PADDING (EVP_PKEY_ALG_CTRL + 6)
-# define EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 7)
-# define EVP_PKEY_CTRL_GET_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 8)
+# define EVP_PKEY_CTRL_GET_RSA_OAEP_MD (EVP_PKEY_ALG_CTRL + 11)
+# define EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL (EVP_PKEY_ALG_CTRL + 12)
-# define EVP_PKEY_CTRL_RSA_OAEP_MD (EVP_PKEY_ALG_CTRL + 9)
-# define EVP_PKEY_CTRL_RSA_OAEP_LABEL (EVP_PKEY_ALG_CTRL + 10)
+# define EVP_PKEY_CTRL_RSA_KEYGEN_PRIMES (EVP_PKEY_ALG_CTRL + 13)
-# define EVP_PKEY_CTRL_GET_RSA_OAEP_MD (EVP_PKEY_ALG_CTRL + 11)
-# define EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL (EVP_PKEY_ALG_CTRL + 12)
+# define RSA_PKCS1_PADDING 1
+# define RSA_NO_PADDING 3
+# define RSA_PKCS1_OAEP_PADDING 4
+# define RSA_X931_PADDING 5
-# define EVP_PKEY_CTRL_RSA_KEYGEN_PRIMES (EVP_PKEY_ALG_CTRL + 13)
+/* EVP_PKEY_ only */
+# define RSA_PKCS1_PSS_PADDING 6
+# define RSA_PKCS1_WITH_TLS_PADDING 7
-# define RSA_PKCS1_PADDING 1
-# define RSA_SSLV23_PADDING 2
-# define RSA_NO_PADDING 3
-# define RSA_PKCS1_OAEP_PADDING 4
-# define RSA_X931_PADDING 5
+# define RSA_PKCS1_PADDING_SIZE 11
-/* EVP_PKEY_ only */
-# define RSA_PKCS1_PSS_PADDING 6
-# define RSA_PKCS1_WITH_TLS_PADDING 7
-
-# define RSA_PKCS1_PADDING_SIZE 11
-
-# define RSA_set_app_data(s,arg) RSA_set_ex_data(s,0,arg)
-# define RSA_get_app_data(s) RSA_get_ex_data(s,0)
-
-RSA *RSA_new(void);
-DEPRECATEDIN_3_0(RSA *RSA_new_method(ENGINE *engine))
-int RSA_bits(const RSA *rsa);
-DEPRECATEDIN_3_0(int RSA_size(const RSA *rsa))
-DEPRECATEDIN_3_0(int RSA_security_bits(const RSA *rsa))
-
-int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
-int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
-int RSA_set0_crt_params(RSA *r,BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp);
-int RSA_set0_multi_prime_params(RSA *r, BIGNUM *primes[], BIGNUM *exps[],
- BIGNUM *coeffs[], int pnum);
-void RSA_get0_key(const RSA *r,
- const BIGNUM **n, const BIGNUM **e, const BIGNUM **d);
-void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q);
-int RSA_get_multi_prime_extra_count(const RSA *r);
-int RSA_get0_multi_prime_factors(const RSA *r, const BIGNUM *primes[]);
-void RSA_get0_crt_params(const RSA *r,
- const BIGNUM **dmp1, const BIGNUM **dmq1,
- const BIGNUM **iqmp);
+# define RSA_set_app_data(s,arg) RSA_set_ex_data(s,0,arg)
+# define RSA_get_app_data(s) RSA_get_ex_data(s,0)
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 RSA *RSA_new(void);
+OSSL_DEPRECATEDIN_3_0 RSA *RSA_new_method(ENGINE *engine);
+OSSL_DEPRECATEDIN_3_0 int RSA_bits(const RSA *rsa);
+OSSL_DEPRECATEDIN_3_0 int RSA_size(const RSA *rsa);
+OSSL_DEPRECATEDIN_3_0 int RSA_security_bits(const RSA *rsa);
+
+OSSL_DEPRECATEDIN_3_0 int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
+OSSL_DEPRECATEDIN_3_0 int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
+OSSL_DEPRECATEDIN_3_0 int RSA_set0_crt_params(RSA *r,
+ BIGNUM *dmp1, BIGNUM *dmq1,
+ BIGNUM *iqmp);
+OSSL_DEPRECATEDIN_3_0 int RSA_set0_multi_prime_params(RSA *r,
+ BIGNUM *primes[],
+ BIGNUM *exps[],
+ BIGNUM *coeffs[],
+ int pnum);
+OSSL_DEPRECATEDIN_3_0 void RSA_get0_key(const RSA *r,
+ const BIGNUM **n, const BIGNUM **e,
+ const BIGNUM **d);
+OSSL_DEPRECATEDIN_3_0 void RSA_get0_factors(const RSA *r,
+ const BIGNUM **p, const BIGNUM **q);
+OSSL_DEPRECATEDIN_3_0 int RSA_get_multi_prime_extra_count(const RSA *r);
+OSSL_DEPRECATEDIN_3_0 int RSA_get0_multi_prime_factors(const RSA *r,
+ const BIGNUM *primes[]);
+OSSL_DEPRECATEDIN_3_0 void RSA_get0_crt_params(const RSA *r,
+ const BIGNUM **dmp1,
+ const BIGNUM **dmq1,
+ const BIGNUM **iqmp);
+OSSL_DEPRECATEDIN_3_0
int RSA_get0_multi_prime_crt_params(const RSA *r, const BIGNUM *exps[],
const BIGNUM *coeffs[]);
-const BIGNUM *RSA_get0_n(const RSA *d);
-const BIGNUM *RSA_get0_e(const RSA *d);
-const BIGNUM *RSA_get0_d(const RSA *d);
-const BIGNUM *RSA_get0_p(const RSA *d);
-const BIGNUM *RSA_get0_q(const RSA *d);
-const BIGNUM *RSA_get0_dmp1(const RSA *r);
-const BIGNUM *RSA_get0_dmq1(const RSA *r);
-const BIGNUM *RSA_get0_iqmp(const RSA *r);
-DEPRECATEDIN_3_0(const RSA_PSS_PARAMS *RSA_get0_pss_params(const RSA *r))
-void RSA_clear_flags(RSA *r, int flags);
-int RSA_test_flags(const RSA *r, int flags);
-void RSA_set_flags(RSA *r, int flags);
-DEPRECATEDIN_3_0(int RSA_get_version(RSA *r))
-DEPRECATEDIN_3_0(ENGINE *RSA_get0_engine(const RSA *r))
+OSSL_DEPRECATEDIN_3_0 const BIGNUM *RSA_get0_n(const RSA *d);
+OSSL_DEPRECATEDIN_3_0 const BIGNUM *RSA_get0_e(const RSA *d);
+OSSL_DEPRECATEDIN_3_0 const BIGNUM *RSA_get0_d(const RSA *d);
+OSSL_DEPRECATEDIN_3_0 const BIGNUM *RSA_get0_p(const RSA *d);
+OSSL_DEPRECATEDIN_3_0 const BIGNUM *RSA_get0_q(const RSA *d);
+OSSL_DEPRECATEDIN_3_0 const BIGNUM *RSA_get0_dmp1(const RSA *r);
+OSSL_DEPRECATEDIN_3_0 const BIGNUM *RSA_get0_dmq1(const RSA *r);
+OSSL_DEPRECATEDIN_3_0 const BIGNUM *RSA_get0_iqmp(const RSA *r);
+OSSL_DEPRECATEDIN_3_0 const RSA_PSS_PARAMS *RSA_get0_pss_params(const RSA *r);
+OSSL_DEPRECATEDIN_3_0 void RSA_clear_flags(RSA *r, int flags);
+OSSL_DEPRECATEDIN_3_0 int RSA_test_flags(const RSA *r, int flags);
+OSSL_DEPRECATEDIN_3_0 void RSA_set_flags(RSA *r, int flags);
+OSSL_DEPRECATEDIN_3_0 int RSA_get_version(RSA *r);
+OSSL_DEPRECATEDIN_3_0 ENGINE *RSA_get0_engine(const RSA *r);
+# endif /* !OPENSSL_NO_DEPRECATED_3_0 */
+
+# define EVP_RSA_gen(bits) \
+ EVP_PKEY_Q_keygen(NULL, NULL, "RSA", (size_t)(0 + (bits)))
/* Deprecated version */
-DEPRECATEDIN_0_9_8(RSA *RSA_generate_key(int bits, unsigned long e, void
- (*callback) (int, int, void *),
- void *cb_arg))
+# ifndef OPENSSL_NO_DEPRECATED_0_9_8
+OSSL_DEPRECATEDIN_0_9_8 RSA *RSA_generate_key(int bits, unsigned long e, void
+ (*callback) (int, int, void *),
+ void *cb_arg);
+# endif
/* New version */
-DEPRECATEDIN_3_0(int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e,
- BN_GENCB *cb))
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e,
+ BN_GENCB *cb);
/* Multi-prime version */
-DEPRECATEDIN_3_0(int RSA_generate_multi_prime_key(RSA *rsa, int bits,
- int primes, BIGNUM *e,
- BN_GENCB *cb))
-
-DEPRECATEDIN_3_0(int RSA_X931_derive_ex(RSA *rsa, BIGNUM *p1, BIGNUM *p2,
- BIGNUM *q1, BIGNUM *q2,
- const BIGNUM *Xp1, const BIGNUM *Xp2,
- const BIGNUM *Xp, const BIGNUM *Xq1,
- const BIGNUM *Xq2, const BIGNUM *Xq,
- const BIGNUM *e, BN_GENCB *cb))
-DEPRECATEDIN_3_0(int RSA_X931_generate_key_ex(RSA *rsa, int bits,
- const BIGNUM *e, BN_GENCB *cb))
-
-DEPRECATEDIN_3_0(int RSA_check_key(const RSA *))
-DEPRECATEDIN_3_0(int RSA_check_key_ex(const RSA *, BN_GENCB *cb))
+OSSL_DEPRECATEDIN_3_0 int RSA_generate_multi_prime_key(RSA *rsa, int bits,
+ int primes, BIGNUM *e,
+ BN_GENCB *cb);
+
+OSSL_DEPRECATEDIN_3_0
+int RSA_X931_derive_ex(RSA *rsa, BIGNUM *p1, BIGNUM *p2,
+ BIGNUM *q1, BIGNUM *q2,
+ const BIGNUM *Xp1, const BIGNUM *Xp2,
+ const BIGNUM *Xp, const BIGNUM *Xq1,
+ const BIGNUM *Xq2, const BIGNUM *Xq,
+ const BIGNUM *e, BN_GENCB *cb);
+OSSL_DEPRECATEDIN_3_0 int RSA_X931_generate_key_ex(RSA *rsa, int bits,
+ const BIGNUM *e,
+ BN_GENCB *cb);
+
+OSSL_DEPRECATEDIN_3_0 int RSA_check_key(const RSA *);
+OSSL_DEPRECATEDIN_3_0 int RSA_check_key_ex(const RSA *, BN_GENCB *cb);
/* next 4 return -1 on error */
-DEPRECATEDIN_3_0(int RSA_public_encrypt(int flen, const unsigned char *from,
- unsigned char *to, RSA *rsa,
- int padding))
-DEPRECATEDIN_3_0(int RSA_private_encrypt(int flen, const unsigned char *from,
- unsigned char *to, RSA *rsa,
- int padding))
-DEPRECATEDIN_3_0(int RSA_public_decrypt(int flen, const unsigned char *from,
- unsigned char *to, RSA *rsa,
- int padding))
-DEPRECATEDIN_3_0(int RSA_private_decrypt(int flen, const unsigned char *from,
- unsigned char *to, RSA *rsa,
- int padding))
-void RSA_free(RSA *r);
+OSSL_DEPRECATEDIN_3_0
+int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to,
+ RSA *rsa, int padding);
+OSSL_DEPRECATEDIN_3_0
+int RSA_private_encrypt(int flen, const unsigned char *from, unsigned char *to,
+ RSA *rsa, int padding);
+OSSL_DEPRECATEDIN_3_0
+int RSA_public_decrypt(int flen, const unsigned char *from, unsigned char *to,
+ RSA *rsa, int padding);
+OSSL_DEPRECATEDIN_3_0
+int RSA_private_decrypt(int flen, const unsigned char *from, unsigned char *to,
+ RSA *rsa, int padding);
+OSSL_DEPRECATEDIN_3_0 void RSA_free(RSA *r);
/* "up" the RSA object's reference count */
-int RSA_up_ref(RSA *r);
+OSSL_DEPRECATEDIN_3_0 int RSA_up_ref(RSA *r);
+OSSL_DEPRECATEDIN_3_0 int RSA_flags(const RSA *r);
-/* TODO(3.0): deprecate this one ssl/ssl_rsa.c can be changed to avoid it */
-int RSA_flags(const RSA *r);
-
-DEPRECATEDIN_3_0(void RSA_set_default_method(const RSA_METHOD *meth))
-DEPRECATEDIN_3_0(const RSA_METHOD *RSA_get_default_method(void))
-DEPRECATEDIN_3_0(const RSA_METHOD *RSA_null_method(void))
-DEPRECATEDIN_3_0(const RSA_METHOD *RSA_get_method(const RSA *rsa))
-DEPRECATEDIN_3_0(int RSA_set_method(RSA *rsa, const RSA_METHOD *meth))
+OSSL_DEPRECATEDIN_3_0 void RSA_set_default_method(const RSA_METHOD *meth);
+OSSL_DEPRECATEDIN_3_0 const RSA_METHOD *RSA_get_default_method(void);
+OSSL_DEPRECATEDIN_3_0 const RSA_METHOD *RSA_null_method(void);
+OSSL_DEPRECATEDIN_3_0 const RSA_METHOD *RSA_get_method(const RSA *rsa);
+OSSL_DEPRECATEDIN_3_0 int RSA_set_method(RSA *rsa, const RSA_METHOD *meth);
/* these are the actual RSA functions */
-DEPRECATEDIN_3_0(const RSA_METHOD *RSA_PKCS1_OpenSSL(void))
+OSSL_DEPRECATEDIN_3_0 const RSA_METHOD *RSA_PKCS1_OpenSSL(void);
-int RSA_pkey_ctx_ctrl(EVP_PKEY_CTX *ctx, int optype, int cmd, int p1, void *p2);
+DECLARE_ASN1_ENCODE_FUNCTIONS_name_attr(OSSL_DEPRECATEDIN_3_0,
+ RSA, RSAPublicKey)
+DECLARE_ASN1_ENCODE_FUNCTIONS_name_attr(OSSL_DEPRECATEDIN_3_0,
+ RSA, RSAPrivateKey)
+# endif /* !OPENSSL_NO_DEPRECATED_3_0 */
-DECLARE_ASN1_ENCODE_FUNCTIONS_name(RSA, RSAPublicKey)
-DECLARE_ASN1_ENCODE_FUNCTIONS_name(RSA, RSAPrivateKey)
+int RSA_pkey_ctx_ctrl(EVP_PKEY_CTX *ctx, int optype, int cmd, int p1, void *p2);
struct rsa_pss_params_st {
X509_ALGOR *hashAlgorithm;
@@ -308,6 +322,7 @@ struct rsa_pss_params_st {
};
DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
+DECLARE_ASN1_DUP_FUNCTION(RSA_PSS_PARAMS)
typedef struct rsa_oaep_params_st {
X509_ALGOR *hashFunc;
@@ -319,130 +334,120 @@ typedef struct rsa_oaep_params_st {
DECLARE_ASN1_FUNCTIONS(RSA_OAEP_PARAMS)
+# ifndef OPENSSL_NO_DEPRECATED_3_0
# ifndef OPENSSL_NO_STDIO
-DEPRECATEDIN_3_0(int RSA_print_fp(FILE *fp, const RSA *r, int offset))
+OSSL_DEPRECATEDIN_3_0 int RSA_print_fp(FILE *fp, const RSA *r, int offset);
# endif
-DEPRECATEDIN_3_0(int RSA_print(BIO *bp, const RSA *r, int offset))
+OSSL_DEPRECATEDIN_3_0 int RSA_print(BIO *bp, const RSA *r, int offset);
/*
* The following 2 functions sign and verify a X509_SIG ASN1 object inside
* PKCS#1 padded RSA encryption
*/
-DEPRECATEDIN_3_0(int RSA_sign(int type, const unsigned char *m,
- unsigned int m_length, unsigned char *sigret,
- unsigned int *siglen, RSA *rsa))
-DEPRECATEDIN_3_0(int RSA_verify(int type, const unsigned char *m,
- unsigned int m_length,
- const unsigned char *sigbuf,
- unsigned int siglen, RSA *rsa))
+OSSL_DEPRECATEDIN_3_0 int RSA_sign(int type, const unsigned char *m,
+ unsigned int m_length, unsigned char *sigret,
+ unsigned int *siglen, RSA *rsa);
+OSSL_DEPRECATEDIN_3_0 int RSA_verify(int type, const unsigned char *m,
+ unsigned int m_length,
+ const unsigned char *sigbuf,
+ unsigned int siglen, RSA *rsa);
/*
* The following 2 function sign and verify a ASN1_OCTET_STRING object inside
* PKCS#1 padded RSA encryption
*/
-DEPRECATEDIN_3_0(int RSA_sign_ASN1_OCTET_STRING(int type,
- const unsigned char *m,
- unsigned int m_length,
- unsigned char *sigret,
- unsigned int *siglen, RSA *rsa))
-DEPRECATEDIN_3_0(int RSA_verify_ASN1_OCTET_STRING(int type,
- const unsigned char *m,
- unsigned int m_length,
- unsigned char *sigbuf,
- unsigned int siglen,
- RSA *rsa))
-
-/* TODO(3.0): figure out how to deprecate these two */
-int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
-void RSA_blinding_off(RSA *rsa);
-DEPRECATEDIN_3_0(BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *ctx))
-
-DEPRECATEDIN_3_0(int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
- const unsigned char *f,
- int fl))
-DEPRECATEDIN_3_0(int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
- const unsigned char *f,
- int fl, int rsa_len))
-DEPRECATEDIN_3_0(int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
- const unsigned char *f,
- int fl))
-DEPRECATEDIN_3_0(int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
- const unsigned char *f,
- int fl, int rsa_len))
-DEPRECATEDIN_3_0(int PKCS1_MGF1(unsigned char *mask, long len,
- const unsigned char *seed, long seedlen,
- const EVP_MD *dgst))
-DEPRECATEDIN_3_0(int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
- const unsigned char *f, int fl,
- const unsigned char *p, int pl))
-DEPRECATEDIN_3_0(int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
- const unsigned char *f,
- int fl, int rsa_len,
- const unsigned char *p,
- int pl))
-DEPRECATEDIN_3_0(int RSA_padding_add_PKCS1_OAEP_mgf1(unsigned char *to,
- int tlen,
- const unsigned char *from,
- int flen,
- const unsigned char *param,
- int plen,
- const EVP_MD *md,
- const EVP_MD *mgf1md))
-DEPRECATEDIN_3_0(int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to,
- int tlen,
- const unsigned char *from,
- int flen, int num,
- const unsigned char *param,
- int plen, const EVP_MD *md,
- const EVP_MD *mgf1md))
-DEPRECATEDIN_3_0(int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
- const unsigned char *f, int fl))
-DEPRECATEDIN_3_0(int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
- const unsigned char *f, int fl,
- int rsa_len))
-DEPRECATEDIN_3_0(int RSA_padding_add_none(unsigned char *to, int tlen,
- const unsigned char *f, int fl))
-DEPRECATEDIN_3_0(int RSA_padding_check_none(unsigned char *to, int tlen,
- const unsigned char *f, int fl,
- int rsa_len))
-DEPRECATEDIN_3_0(int RSA_padding_add_X931(unsigned char *to, int tlen,
- const unsigned char *f, int fl))
-DEPRECATEDIN_3_0(int RSA_padding_check_X931(unsigned char *to, int tlen,
- const unsigned char *f, int fl,
- int rsa_len))
-DEPRECATEDIN_3_0(int RSA_X931_hash_id(int nid))
-
-DEPRECATEDIN_3_0(int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
- const EVP_MD *Hash,
- const unsigned char *EM, int sLen))
-DEPRECATEDIN_3_0(int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
- const unsigned char *mHash,
- const EVP_MD *Hash, int sLen))
-
-DEPRECATEDIN_3_0(int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa,
- const unsigned char *mHash,
- const EVP_MD *Hash,
- const EVP_MD *mgf1Hash,
- const unsigned char *EM,
- int sLen))
-
-DEPRECATEDIN_3_0(int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa,
- unsigned char *EM,
- const unsigned char *mHash,
- const EVP_MD *Hash,
- const EVP_MD *mgf1Hash,
- int sLen))
-
-# define RSA_get_ex_new_index(l, p, newf, dupf, freef) \
+OSSL_DEPRECATEDIN_3_0
+int RSA_sign_ASN1_OCTET_STRING(int type,
+ const unsigned char *m, unsigned int m_length,
+ unsigned char *sigret, unsigned int *siglen,
+ RSA *rsa);
+OSSL_DEPRECATEDIN_3_0
+int RSA_verify_ASN1_OCTET_STRING(int type,
+ const unsigned char *m, unsigned int m_length,
+ unsigned char *sigbuf, unsigned int siglen,
+ RSA *rsa);
+
+OSSL_DEPRECATEDIN_3_0 int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
+OSSL_DEPRECATEDIN_3_0 void RSA_blinding_off(RSA *rsa);
+OSSL_DEPRECATEDIN_3_0 BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *ctx);
+
+OSSL_DEPRECATEDIN_3_0
+int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
+ const unsigned char *f, int fl);
+OSSL_DEPRECATEDIN_3_0
+int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
+ const unsigned char *f, int fl,
+ int rsa_len);
+OSSL_DEPRECATEDIN_3_0
+int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
+ const unsigned char *f, int fl);
+OSSL_DEPRECATEDIN_3_0
+int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
+ const unsigned char *f, int fl,
+ int rsa_len);
+OSSL_DEPRECATEDIN_3_0 int PKCS1_MGF1(unsigned char *mask, long len,
+ const unsigned char *seed, long seedlen,
+ const EVP_MD *dgst);
+OSSL_DEPRECATEDIN_3_0
+int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
+ const unsigned char *f, int fl,
+ const unsigned char *p, int pl);
+OSSL_DEPRECATEDIN_3_0
+int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
+ const unsigned char *f, int fl, int rsa_len,
+ const unsigned char *p, int pl);
+OSSL_DEPRECATEDIN_3_0
+int RSA_padding_add_PKCS1_OAEP_mgf1(unsigned char *to, int tlen,
+ const unsigned char *from, int flen,
+ const unsigned char *param, int plen,
+ const EVP_MD *md, const EVP_MD *mgf1md);
+OSSL_DEPRECATEDIN_3_0
+int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen,
+ const unsigned char *from, int flen,
+ int num,
+ const unsigned char *param, int plen,
+ const EVP_MD *md, const EVP_MD *mgf1md);
+OSSL_DEPRECATEDIN_3_0 int RSA_padding_add_none(unsigned char *to, int tlen,
+ const unsigned char *f, int fl);
+OSSL_DEPRECATEDIN_3_0 int RSA_padding_check_none(unsigned char *to, int tlen,
+ const unsigned char *f, int fl,
+ int rsa_len);
+OSSL_DEPRECATEDIN_3_0 int RSA_padding_add_X931(unsigned char *to, int tlen,
+ const unsigned char *f, int fl);
+OSSL_DEPRECATEDIN_3_0 int RSA_padding_check_X931(unsigned char *to, int tlen,
+ const unsigned char *f, int fl,
+ int rsa_len);
+OSSL_DEPRECATEDIN_3_0 int RSA_X931_hash_id(int nid);
+
+OSSL_DEPRECATEDIN_3_0
+int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
+ const EVP_MD *Hash, const unsigned char *EM,
+ int sLen);
+OSSL_DEPRECATEDIN_3_0
+int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
+ const unsigned char *mHash, const EVP_MD *Hash,
+ int sLen);
+
+OSSL_DEPRECATEDIN_3_0
+int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
+ const EVP_MD *Hash, const EVP_MD *mgf1Hash,
+ const unsigned char *EM, int sLen);
+
+OSSL_DEPRECATEDIN_3_0
+int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
+ const unsigned char *mHash,
+ const EVP_MD *Hash, const EVP_MD *mgf1Hash,
+ int sLen);
+
+# define RSA_get_ex_new_index(l, p, newf, dupf, freef) \
CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_RSA, l, p, newf, dupf, freef)
-DEPRECATEDIN_3_0(int RSA_set_ex_data(RSA *r, int idx, void *arg))
-DEPRECATEDIN_3_0(void *RSA_get_ex_data(const RSA *r, int idx))
+OSSL_DEPRECATEDIN_3_0 int RSA_set_ex_data(RSA *r, int idx, void *arg);
+OSSL_DEPRECATEDIN_3_0 void *RSA_get_ex_data(const RSA *r, int idx);
-DECLARE_ASN1_DUP_FUNCTION_name(RSA, RSAPublicKey)
-DECLARE_ASN1_DUP_FUNCTION_name(RSA, RSAPrivateKey)
+DECLARE_ASN1_DUP_FUNCTION_name_attr(OSSL_DEPRECATEDIN_3_0, RSA, RSAPublicKey)
+DECLARE_ASN1_DUP_FUNCTION_name_attr(OSSL_DEPRECATEDIN_3_0, RSA, RSAPrivateKey)
-# ifndef OPENSSL_NO_DEPRECATED_3_0
/*
* If this flag is set the RSA method is FIPS compliant and can be used in
* FIPS mode. This is set in the validated module method. If an application
@@ -450,7 +455,7 @@ DECLARE_ASN1_DUP_FUNCTION_name(RSA, RSAPrivateKey)
* result is compliant.
*/
-# define RSA_FLAG_FIPS_METHOD 0x0400
+# define RSA_FLAG_FIPS_METHOD 0x0400
/*
* If this flag is set the operations normally disabled in FIPS mode are
@@ -458,104 +463,142 @@ DECLARE_ASN1_DUP_FUNCTION_name(RSA, RSAPrivateKey)
* usage is compliant.
*/
-# define RSA_FLAG_NON_FIPS_ALLOW 0x0400
+# define RSA_FLAG_NON_FIPS_ALLOW 0x0400
/*
* Application has decided PRNG is good enough to generate a key: don't
* check.
*/
-# define RSA_FLAG_CHECKED 0x0800
-# endif /* OPENSSL_NO_DEPRECATED_3_0 */
-
-DEPRECATEDIN_3_0(RSA_METHOD *RSA_meth_new(const char *name, int flags))
-DEPRECATEDIN_3_0(void RSA_meth_free(RSA_METHOD *meth))
-DEPRECATEDIN_3_0(RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth))
-DEPRECATEDIN_3_0(const char *RSA_meth_get0_name(const RSA_METHOD *meth))
-DEPRECATEDIN_3_0(int RSA_meth_set1_name(RSA_METHOD *meth, const char *name))
-DEPRECATEDIN_3_0(int RSA_meth_get_flags(const RSA_METHOD *meth))
-DEPRECATEDIN_3_0(int RSA_meth_set_flags(RSA_METHOD *meth, int flags))
-DEPRECATEDIN_3_0(void *RSA_meth_get0_app_data(const RSA_METHOD *meth))
-DEPRECATEDIN_3_0(int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data))
-DEPRECATEDIN_3_0(int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))
- (int flen, const unsigned char *from,
- unsigned char *to, RSA *rsa, int padding))
-DEPRECATEDIN_3_0(int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+# define RSA_FLAG_CHECKED 0x0800
+
+OSSL_DEPRECATEDIN_3_0 RSA_METHOD *RSA_meth_new(const char *name, int flags);
+OSSL_DEPRECATEDIN_3_0 void RSA_meth_free(RSA_METHOD *meth);
+OSSL_DEPRECATEDIN_3_0 RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth);
+OSSL_DEPRECATEDIN_3_0 const char *RSA_meth_get0_name(const RSA_METHOD *meth);
+OSSL_DEPRECATEDIN_3_0 int RSA_meth_set1_name(RSA_METHOD *meth,
+ const char *name);
+OSSL_DEPRECATEDIN_3_0 int RSA_meth_get_flags(const RSA_METHOD *meth);
+OSSL_DEPRECATEDIN_3_0 int RSA_meth_set_flags(RSA_METHOD *meth, int flags);
+OSSL_DEPRECATEDIN_3_0 void *RSA_meth_get0_app_data(const RSA_METHOD *meth);
+OSSL_DEPRECATEDIN_3_0 int RSA_meth_set0_app_data(RSA_METHOD *meth,
+ void *app_data);
+OSSL_DEPRECATEDIN_3_0
+int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth)) (int flen,
+ const unsigned char *from,
+ unsigned char *to,
+ RSA *rsa, int padding);
+OSSL_DEPRECATEDIN_3_0
+int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
int (*pub_enc) (int flen, const unsigned char *from,
unsigned char *to, RSA *rsa,
- int padding)))
-DEPRECATEDIN_3_0(int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
- (int flen, const unsigned char *from,
- unsigned char *to, RSA *rsa, int padding))
-DEPRECATEDIN_3_0(int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+ int padding));
+OSSL_DEPRECATEDIN_3_0
+int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth)) (int flen,
+ const unsigned char *from,
+ unsigned char *to,
+ RSA *rsa, int padding);
+OSSL_DEPRECATEDIN_3_0
+int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
int (*pub_dec) (int flen, const unsigned char *from,
unsigned char *to, RSA *rsa,
- int padding)))
-DEPRECATEDIN_3_0(int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))
- (int flen, const unsigned char *from,
- unsigned char *to, RSA *rsa, int padding))
-DEPRECATEDIN_3_0(int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+ int padding));
+OSSL_DEPRECATEDIN_3_0
+int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth)) (int flen,
+ const unsigned char *from,
+ unsigned char *to,
+ RSA *rsa, int padding);
+OSSL_DEPRECATEDIN_3_0
+int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
int (*priv_enc) (int flen, const unsigned char *from,
unsigned char *to, RSA *rsa,
- int padding)))
-DEPRECATEDIN_3_0(int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))
- (int flen, const unsigned char *from,
- unsigned char *to, RSA *rsa, int padding))
-DEPRECATEDIN_3_0(int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
+ int padding));
+OSSL_DEPRECATEDIN_3_0
+int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth)) (int flen,
+ const unsigned char *from,
+ unsigned char *to,
+ RSA *rsa, int padding);
+OSSL_DEPRECATEDIN_3_0
+int RSA_meth_set_priv_dec(RSA_METHOD *rsa,
int (*priv_dec) (int flen, const unsigned char *from,
unsigned char *to, RSA *rsa,
- int padding)))
-DEPRECATEDIN_3_0(int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))
- (BIGNUM *r0, const BIGNUM *i, RSA *rsa, BN_CTX *ctx))
-DEPRECATEDIN_3_0(int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
+ int padding));
+OSSL_DEPRECATEDIN_3_0
+int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth)) (BIGNUM *r0,
+ const BIGNUM *i,
+ RSA *rsa, BN_CTX *ctx);
+OSSL_DEPRECATEDIN_3_0
+int RSA_meth_set_mod_exp(RSA_METHOD *rsa,
int (*mod_exp) (BIGNUM *r0, const BIGNUM *i, RSA *rsa,
- BN_CTX *ctx)))
-DEPRECATEDIN_3_0(int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))
- (BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx))
-DEPRECATEDIN_3_0(int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
+ BN_CTX *ctx));
+OSSL_DEPRECATEDIN_3_0
+int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth)) (BIGNUM *r,
+ const BIGNUM *a,
+ const BIGNUM *p,
+ const BIGNUM *m,
+ BN_CTX *ctx,
+ BN_MONT_CTX *m_ctx);
+OSSL_DEPRECATEDIN_3_0
+int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa,
int (*bn_mod_exp) (BIGNUM *r,
const BIGNUM *a,
const BIGNUM *p,
const BIGNUM *m,
BN_CTX *ctx,
- BN_MONT_CTX *m_ctx)))
-DEPRECATEDIN_3_0(int (*RSA_meth_get_init(const RSA_METHOD *meth)) (RSA *rsa))
-DEPRECATEDIN_3_0(int RSA_meth_set_init(RSA_METHOD *rsa, int (*init) (RSA *rsa)))
-DEPRECATEDIN_3_0(int (*RSA_meth_get_finish(const RSA_METHOD *meth)) (RSA *rsa))
-DEPRECATEDIN_3_0(int RSA_meth_set_finish(RSA_METHOD *rsa,
- int (*finish) (RSA *rsa)))
-DEPRECATEDIN_3_0(int (*RSA_meth_get_sign(const RSA_METHOD *meth))
- (int type,
- const unsigned char *m, unsigned int m_length,
- unsigned char *sigret, unsigned int *siglen,
- const RSA *rsa))
-DEPRECATEDIN_3_0(int RSA_meth_set_sign(RSA_METHOD *rsa,
+ BN_MONT_CTX *m_ctx));
+OSSL_DEPRECATEDIN_3_0
+int (*RSA_meth_get_init(const RSA_METHOD *meth)) (RSA *rsa);
+OSSL_DEPRECATEDIN_3_0
+int RSA_meth_set_init(RSA_METHOD *rsa, int (*init) (RSA *rsa));
+OSSL_DEPRECATEDIN_3_0
+int (*RSA_meth_get_finish(const RSA_METHOD *meth)) (RSA *rsa);
+OSSL_DEPRECATEDIN_3_0
+int RSA_meth_set_finish(RSA_METHOD *rsa, int (*finish) (RSA *rsa));
+OSSL_DEPRECATEDIN_3_0
+int (*RSA_meth_get_sign(const RSA_METHOD *meth)) (int type,
+ const unsigned char *m,
+ unsigned int m_length,
+ unsigned char *sigret,
+ unsigned int *siglen,
+ const RSA *rsa);
+OSSL_DEPRECATEDIN_3_0
+int RSA_meth_set_sign(RSA_METHOD *rsa,
int (*sign) (int type, const unsigned char *m,
unsigned int m_length,
unsigned char *sigret, unsigned int *siglen,
- const RSA *rsa)))
-DEPRECATEDIN_3_0(int (*RSA_meth_get_verify(const RSA_METHOD *meth))
- (int dtype, const unsigned char *m,
- unsigned int m_length, const unsigned char *sigbuf,
- unsigned int siglen, const RSA *rsa))
-DEPRECATEDIN_3_0(int RSA_meth_set_verify(RSA_METHOD *rsa,
+ const RSA *rsa));
+OSSL_DEPRECATEDIN_3_0
+int (*RSA_meth_get_verify(const RSA_METHOD *meth)) (int dtype,
+ const unsigned char *m,
+ unsigned int m_length,
+ const unsigned char *sigbuf,
+ unsigned int siglen,
+ const RSA *rsa);
+OSSL_DEPRECATEDIN_3_0
+int RSA_meth_set_verify(RSA_METHOD *rsa,
int (*verify) (int dtype, const unsigned char *m,
unsigned int m_length,
const unsigned char *sigbuf,
- unsigned int siglen, const RSA *rsa)))
-DEPRECATEDIN_3_0(int (*RSA_meth_get_keygen(const RSA_METHOD *meth))
- (RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb))
-DEPRECATEDIN_3_0(int RSA_meth_set_keygen(RSA_METHOD *rsa,
+ unsigned int siglen, const RSA *rsa));
+OSSL_DEPRECATEDIN_3_0
+int (*RSA_meth_get_keygen(const RSA_METHOD *meth)) (RSA *rsa, int bits,
+ BIGNUM *e, BN_GENCB *cb);
+OSSL_DEPRECATEDIN_3_0
+int RSA_meth_set_keygen(RSA_METHOD *rsa,
int (*keygen) (RSA *rsa, int bits, BIGNUM *e,
- BN_GENCB *cb)))
-DEPRECATEDIN_3_0(int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))
- (RSA *rsa, int bits, int primes, BIGNUM *e, BN_GENCB *cb))
-DEPRECATEDIN_3_0(int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
+ BN_GENCB *cb));
+OSSL_DEPRECATEDIN_3_0
+int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth)) (RSA *rsa,
+ int bits,
+ int primes,
+ BIGNUM *e,
+ BN_GENCB *cb);
+OSSL_DEPRECATEDIN_3_0
+int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth,
int (*keygen) (RSA *rsa, int bits,
int primes, BIGNUM *e,
- BN_GENCB *cb)))
+ BN_GENCB *cb));
+#endif /* !OPENSSL_NO_DEPRECATED_3_0 */
-# ifdef __cplusplus
+# ifdef __cplusplus
}
-# endif
# endif
#endif
diff --git a/openssl/include/openssl/rsaerr.h b/openssl/include/openssl/rsaerr.h
index 05664651..1d6c57cd 100644..100755
--- a/openssl/include/openssl/rsaerr.h
+++ b/openssl/include/openssl/rsaerr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -14,86 +14,9 @@
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
+# include <openssl/cryptoerr_legacy.h>
-# ifdef __cplusplus
-extern "C"
-# endif
-int ERR_load_RSA_strings(void);
-
-/*
- * RSA function codes.
- */
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define RSA_F_CHECK_PADDING_MD 0
-# define RSA_F_ENCODE_PKCS1 0
-# define RSA_F_INT_RSA_VERIFY 0
-# define RSA_F_OLD_RSA_PRIV_DECODE 0
-# define RSA_F_PKEY_PSS_INIT 0
-# define RSA_F_PKEY_RSA_CTRL 0
-# define RSA_F_PKEY_RSA_CTRL_STR 0
-# define RSA_F_PKEY_RSA_SIGN 0
-# define RSA_F_PKEY_RSA_VERIFY 0
-# define RSA_F_PKEY_RSA_VERIFYRECOVER 0
-# define RSA_F_RSA_ALGOR_TO_MD 0
-# define RSA_F_RSA_BUILTIN_KEYGEN 0
-# define RSA_F_RSA_CHECK_KEY 0
-# define RSA_F_RSA_CHECK_KEY_EX 0
-# define RSA_F_RSA_CMS_DECRYPT 0
-# define RSA_F_RSA_CMS_VERIFY 0
-# define RSA_F_RSA_FIPS186_4_GEN_PROB_PRIMES 0
-# define RSA_F_RSA_ITEM_VERIFY 0
-# define RSA_F_RSA_METH_DUP 0
-# define RSA_F_RSA_METH_NEW 0
-# define RSA_F_RSA_METH_SET1_NAME 0
-# define RSA_F_RSA_MGF1_TO_MD 0
-# define RSA_F_RSA_MULTIP_INFO_NEW 0
-# define RSA_F_RSA_NEW_METHOD 0
-# define RSA_F_RSA_NULL 0
-# define RSA_F_RSA_NULL_PRIVATE_DECRYPT 0
-# define RSA_F_RSA_NULL_PRIVATE_ENCRYPT 0
-# define RSA_F_RSA_NULL_PUBLIC_DECRYPT 0
-# define RSA_F_RSA_NULL_PUBLIC_ENCRYPT 0
-# define RSA_F_RSA_OSSL_PRIVATE_DECRYPT 0
-# define RSA_F_RSA_OSSL_PRIVATE_ENCRYPT 0
-# define RSA_F_RSA_OSSL_PUBLIC_DECRYPT 0
-# define RSA_F_RSA_OSSL_PUBLIC_ENCRYPT 0
-# define RSA_F_RSA_PADDING_ADD_NONE 0
-# define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 0
-# define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1 0
-# define RSA_F_RSA_PADDING_ADD_PKCS1_PSS 0
-# define RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1 0
-# define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 0
-# define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 0
-# define RSA_F_RSA_PADDING_ADD_SSLV23 0
-# define RSA_F_RSA_PADDING_ADD_X931 0
-# define RSA_F_RSA_PADDING_CHECK_NONE 0
-# define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP 0
-# define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1 0
-# define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 0
-# define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 0
-# define RSA_F_RSA_PADDING_CHECK_SSLV23 0
-# define RSA_F_RSA_PADDING_CHECK_X931 0
-# define RSA_F_RSA_PARAM_DECODE 0
-# define RSA_F_RSA_PRINT 0
-# define RSA_F_RSA_PRINT_FP 0
-# define RSA_F_RSA_PRIV_DECODE 0
-# define RSA_F_RSA_PRIV_ENCODE 0
-# define RSA_F_RSA_PSS_GET_PARAM 0
-# define RSA_F_RSA_PSS_TO_CTX 0
-# define RSA_F_RSA_PUB_DECODE 0
-# define RSA_F_RSA_SETUP_BLINDING 0
-# define RSA_F_RSA_SIGN 0
-# define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 0
-# define RSA_F_RSA_SP800_56B_CHECK_KEYPAIR 0
-# define RSA_F_RSA_SP800_56B_CHECK_PUBLIC 0
-# define RSA_F_RSA_SP800_56B_PAIRWISE_TEST 0
-# define RSA_F_RSA_SP800_56B_VALIDATE_STRENGTH 0
-# define RSA_F_RSA_VERIFY 0
-# define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 0
-# define RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1 0
-# define RSA_F_SETUP_TBUF 0
-# endif
/*
* RSA reason codes.
@@ -125,6 +48,7 @@ int ERR_load_RSA_strings(void);
# define RSA_R_INVALID_KEYPAIR 171
# define RSA_R_INVALID_KEY_LENGTH 173
# define RSA_R_INVALID_LABEL 160
+# define RSA_R_INVALID_LENGTH 181
# define RSA_R_INVALID_MESSAGE_LENGTH 131
# define RSA_R_INVALID_MGF1_MD 156
# define RSA_R_INVALID_MODULUS 174
@@ -162,6 +86,7 @@ int ERR_load_RSA_strings(void);
# define RSA_R_PUB_EXPONENT_OUT_OF_RANGE 178
# define RSA_R_P_NOT_PRIME 128
# define RSA_R_Q_NOT_PRIME 129
+# define RSA_R_RANDOMNESS_SOURCE_STRENGTH_INSUFFICIENT 180
# define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED 130
# define RSA_R_SLEN_CHECK_FAILED 136
# define RSA_R_SLEN_RECOVERY_FAILED 135
diff --git a/openssl/include/openssl/safestack.h b/openssl/include/openssl/safestack.h
index 67503808..39832c41 100644..100755
--- a/openssl/include/openssl/safestack.h
+++ b/openssl/include/openssl/safestack.h
@@ -1,5 +1,8 @@
/*
- * Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * WARNING: do not edit!
+ * Generated by makefile from include\openssl\safestack.h.in
+ *
+ * Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -7,6 +10,8 @@
* https://www.openssl.org/source/license.html
*/
+
+
#ifndef OPENSSL_SAFESTACK_H
# define OPENSSL_SAFESTACK_H
# pragma once
@@ -25,6 +30,37 @@ extern "C" {
# define STACK_OF(type) struct stack_st_##type
+/* Helper macro for internal use */
+# define SKM_DEFINE_STACK_OF_INTERNAL(t1, t2, t3) \
+ STACK_OF(t1); \
+ typedef int (*sk_##t1##_compfunc)(const t3 * const *a, const t3 *const *b); \
+ typedef void (*sk_##t1##_freefunc)(t3 *a); \
+ typedef t3 * (*sk_##t1##_copyfunc)(const t3 *a); \
+ static ossl_unused ossl_inline t2 *ossl_check_##t1##_type(t2 *ptr) \
+ { \
+ return ptr; \
+ } \
+ static ossl_unused ossl_inline const OPENSSL_STACK *ossl_check_const_##t1##_sk_type(const STACK_OF(t1) *sk) \
+ { \
+ return (const OPENSSL_STACK *)sk; \
+ } \
+ static ossl_unused ossl_inline OPENSSL_STACK *ossl_check_##t1##_sk_type(STACK_OF(t1) *sk) \
+ { \
+ return (OPENSSL_STACK *)sk; \
+ } \
+ static ossl_unused ossl_inline OPENSSL_sk_compfunc ossl_check_##t1##_compfunc_type(sk_##t1##_compfunc cmp) \
+ { \
+ return (OPENSSL_sk_compfunc)cmp; \
+ } \
+ static ossl_unused ossl_inline OPENSSL_sk_copyfunc ossl_check_##t1##_copyfunc_type(sk_##t1##_copyfunc cpy) \
+ { \
+ return (OPENSSL_sk_copyfunc)cpy; \
+ } \
+ static ossl_unused ossl_inline OPENSSL_sk_freefunc ossl_check_##t1##_freefunc_type(sk_##t1##_freefunc fr) \
+ { \
+ return (OPENSSL_sk_freefunc)fr; \
+ }
+
# define SKM_DEFINE_STACK_OF(t1, t2, t3) \
STACK_OF(t1); \
typedef int (*sk_##t1##_compfunc)(const t3 * const *a, const t3 *const *b); \
@@ -107,6 +143,10 @@ extern "C" {
{ \
return OPENSSL_sk_find_ex((OPENSSL_STACK *)sk, (const void *)ptr); \
} \
+ static ossl_unused ossl_inline int sk_##t1##_find_all(STACK_OF(t1) *sk, t2 *ptr, int *pnum) \
+ { \
+ return OPENSSL_sk_find_all((OPENSSL_STACK *)sk, (const void *)ptr, pnum); \
+ } \
static ossl_unused ossl_inline void sk_##t1##_sort(STACK_OF(t1) *sk) \
{ \
OPENSSL_sk_sort((OPENSSL_STACK *)sk); \
@@ -155,28 +195,6 @@ extern "C" {
typedef char *OPENSSL_STRING;
typedef const char *OPENSSL_CSTRING;
-# define DEFINE_STACK_OF_STRING() \
- DEFINE_SPECIAL_STACK_OF(OPENSSL_STRING, char)
-# define DEFINE_STACK_OF_CSTRING() \
- DEFINE_SPECIAL_STACK_OF_CONST(OPENSSL_CSTRING, char)
-
-/*
- * If we're building OpenSSL, or we have no-deprecated configured,
- * then we don't define the inline functions (see |SKM_DEFINE_STACK_OF|,
- * above), we just declare the stack datatypes. Otherwise, for compatibility
- * and to not remove the API's, we define the functions. We have the
- * trailing semicolon so that uses of this never need it.
- */
-#if defined(OPENSSL_BUILDING_OPENSSL) || defined(OPENSSL_NO_DEPRECATED_3_0)
-# define DEFINE_OR_DECLARE_STACK_OF(s) STACK_OF(s);
-# define DEFINE_OR_DECLARE_STACK_OF_STRING() STACK_OF(OPENSSL_STRING);
-# define DEFINE_OR_DECLARE_STACK_OF_CSTRING() STACK_OF(OPENSSL_CSTRING);
-#else
-# define DEFINE_OR_DECLARE_STACK_OF(s) DEFINE_STACK_OF(s)
-# define DEFINE_OR_DECLARE_STACK_OF_STRING() DEFINE_STACK_OF_STRING()
-# define DEFINE_OR_DECLARE_STACK_OF_CSTRING() DEFINE_STACK_OF_CSTRING()
-#endif
-
/*-
* Confusingly, LHASH_OF(STRING) deals with char ** throughout, but
* STACK_OF(STRING) is really more like STACK_OF(char), only, as mentioned
@@ -184,8 +202,59 @@ typedef const char *OPENSSL_CSTRING;
* chars. So, we have to implement STRING specially for STACK_OF. This is
* dealt with in the autogenerated macros below.
*/
-DEFINE_OR_DECLARE_STACK_OF_STRING()
-DEFINE_OR_DECLARE_STACK_OF_CSTRING()
+SKM_DEFINE_STACK_OF_INTERNAL(OPENSSL_STRING, char, char)
+#define sk_OPENSSL_STRING_num(sk) OPENSSL_sk_num(ossl_check_const_OPENSSL_STRING_sk_type(sk))
+#define sk_OPENSSL_STRING_value(sk, idx) ((char *)OPENSSL_sk_value(ossl_check_const_OPENSSL_STRING_sk_type(sk), (idx)))
+#define sk_OPENSSL_STRING_new(cmp) ((STACK_OF(OPENSSL_STRING) *)OPENSSL_sk_new(ossl_check_OPENSSL_STRING_compfunc_type(cmp)))
+#define sk_OPENSSL_STRING_new_null() ((STACK_OF(OPENSSL_STRING) *)OPENSSL_sk_new_null())
+#define sk_OPENSSL_STRING_new_reserve(cmp, n) ((STACK_OF(OPENSSL_STRING) *)OPENSSL_sk_new_reserve(ossl_check_OPENSSL_STRING_compfunc_type(cmp), (n)))
+#define sk_OPENSSL_STRING_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OPENSSL_STRING_sk_type(sk), (n))
+#define sk_OPENSSL_STRING_free(sk) OPENSSL_sk_free(ossl_check_OPENSSL_STRING_sk_type(sk))
+#define sk_OPENSSL_STRING_zero(sk) OPENSSL_sk_zero(ossl_check_OPENSSL_STRING_sk_type(sk))
+#define sk_OPENSSL_STRING_delete(sk, i) ((char *)OPENSSL_sk_delete(ossl_check_OPENSSL_STRING_sk_type(sk), (i)))
+#define sk_OPENSSL_STRING_delete_ptr(sk, ptr) ((char *)OPENSSL_sk_delete_ptr(ossl_check_OPENSSL_STRING_sk_type(sk), ossl_check_OPENSSL_STRING_type(ptr)))
+#define sk_OPENSSL_STRING_push(sk, ptr) OPENSSL_sk_push(ossl_check_OPENSSL_STRING_sk_type(sk), ossl_check_OPENSSL_STRING_type(ptr))
+#define sk_OPENSSL_STRING_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OPENSSL_STRING_sk_type(sk), ossl_check_OPENSSL_STRING_type(ptr))
+#define sk_OPENSSL_STRING_pop(sk) ((char *)OPENSSL_sk_pop(ossl_check_OPENSSL_STRING_sk_type(sk)))
+#define sk_OPENSSL_STRING_shift(sk) ((char *)OPENSSL_sk_shift(ossl_check_OPENSSL_STRING_sk_type(sk)))
+#define sk_OPENSSL_STRING_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OPENSSL_STRING_sk_type(sk),ossl_check_OPENSSL_STRING_freefunc_type(freefunc))
+#define sk_OPENSSL_STRING_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OPENSSL_STRING_sk_type(sk), ossl_check_OPENSSL_STRING_type(ptr), (idx))
+#define sk_OPENSSL_STRING_set(sk, idx, ptr) ((char *)OPENSSL_sk_set(ossl_check_OPENSSL_STRING_sk_type(sk), (idx), ossl_check_OPENSSL_STRING_type(ptr)))
+#define sk_OPENSSL_STRING_find(sk, ptr) OPENSSL_sk_find(ossl_check_OPENSSL_STRING_sk_type(sk), ossl_check_OPENSSL_STRING_type(ptr))
+#define sk_OPENSSL_STRING_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OPENSSL_STRING_sk_type(sk), ossl_check_OPENSSL_STRING_type(ptr))
+#define sk_OPENSSL_STRING_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OPENSSL_STRING_sk_type(sk), ossl_check_OPENSSL_STRING_type(ptr), pnum)
+#define sk_OPENSSL_STRING_sort(sk) OPENSSL_sk_sort(ossl_check_OPENSSL_STRING_sk_type(sk))
+#define sk_OPENSSL_STRING_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OPENSSL_STRING_sk_type(sk))
+#define sk_OPENSSL_STRING_dup(sk) ((STACK_OF(OPENSSL_STRING) *)OPENSSL_sk_dup(ossl_check_const_OPENSSL_STRING_sk_type(sk)))
+#define sk_OPENSSL_STRING_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OPENSSL_STRING) *)OPENSSL_sk_deep_copy(ossl_check_const_OPENSSL_STRING_sk_type(sk), ossl_check_OPENSSL_STRING_copyfunc_type(copyfunc), ossl_check_OPENSSL_STRING_freefunc_type(freefunc)))
+#define sk_OPENSSL_STRING_set_cmp_func(sk, cmp) ((sk_OPENSSL_STRING_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OPENSSL_STRING_sk_type(sk), ossl_check_OPENSSL_STRING_compfunc_type(cmp)))
+SKM_DEFINE_STACK_OF_INTERNAL(OPENSSL_CSTRING, const char, char)
+#define sk_OPENSSL_CSTRING_num(sk) OPENSSL_sk_num(ossl_check_const_OPENSSL_CSTRING_sk_type(sk))
+#define sk_OPENSSL_CSTRING_value(sk, idx) ((const char *)OPENSSL_sk_value(ossl_check_const_OPENSSL_CSTRING_sk_type(sk), (idx)))
+#define sk_OPENSSL_CSTRING_new(cmp) ((STACK_OF(OPENSSL_CSTRING) *)OPENSSL_sk_new(ossl_check_OPENSSL_CSTRING_compfunc_type(cmp)))
+#define sk_OPENSSL_CSTRING_new_null() ((STACK_OF(OPENSSL_CSTRING) *)OPENSSL_sk_new_null())
+#define sk_OPENSSL_CSTRING_new_reserve(cmp, n) ((STACK_OF(OPENSSL_CSTRING) *)OPENSSL_sk_new_reserve(ossl_check_OPENSSL_CSTRING_compfunc_type(cmp), (n)))
+#define sk_OPENSSL_CSTRING_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OPENSSL_CSTRING_sk_type(sk), (n))
+#define sk_OPENSSL_CSTRING_free(sk) OPENSSL_sk_free(ossl_check_OPENSSL_CSTRING_sk_type(sk))
+#define sk_OPENSSL_CSTRING_zero(sk) OPENSSL_sk_zero(ossl_check_OPENSSL_CSTRING_sk_type(sk))
+#define sk_OPENSSL_CSTRING_delete(sk, i) ((const char *)OPENSSL_sk_delete(ossl_check_OPENSSL_CSTRING_sk_type(sk), (i)))
+#define sk_OPENSSL_CSTRING_delete_ptr(sk, ptr) ((const char *)OPENSSL_sk_delete_ptr(ossl_check_OPENSSL_CSTRING_sk_type(sk), ossl_check_OPENSSL_CSTRING_type(ptr)))
+#define sk_OPENSSL_CSTRING_push(sk, ptr) OPENSSL_sk_push(ossl_check_OPENSSL_CSTRING_sk_type(sk), ossl_check_OPENSSL_CSTRING_type(ptr))
+#define sk_OPENSSL_CSTRING_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OPENSSL_CSTRING_sk_type(sk), ossl_check_OPENSSL_CSTRING_type(ptr))
+#define sk_OPENSSL_CSTRING_pop(sk) ((const char *)OPENSSL_sk_pop(ossl_check_OPENSSL_CSTRING_sk_type(sk)))
+#define sk_OPENSSL_CSTRING_shift(sk) ((const char *)OPENSSL_sk_shift(ossl_check_OPENSSL_CSTRING_sk_type(sk)))
+#define sk_OPENSSL_CSTRING_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OPENSSL_CSTRING_sk_type(sk),ossl_check_OPENSSL_CSTRING_freefunc_type(freefunc))
+#define sk_OPENSSL_CSTRING_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OPENSSL_CSTRING_sk_type(sk), ossl_check_OPENSSL_CSTRING_type(ptr), (idx))
+#define sk_OPENSSL_CSTRING_set(sk, idx, ptr) ((const char *)OPENSSL_sk_set(ossl_check_OPENSSL_CSTRING_sk_type(sk), (idx), ossl_check_OPENSSL_CSTRING_type(ptr)))
+#define sk_OPENSSL_CSTRING_find(sk, ptr) OPENSSL_sk_find(ossl_check_OPENSSL_CSTRING_sk_type(sk), ossl_check_OPENSSL_CSTRING_type(ptr))
+#define sk_OPENSSL_CSTRING_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OPENSSL_CSTRING_sk_type(sk), ossl_check_OPENSSL_CSTRING_type(ptr))
+#define sk_OPENSSL_CSTRING_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OPENSSL_CSTRING_sk_type(sk), ossl_check_OPENSSL_CSTRING_type(ptr), pnum)
+#define sk_OPENSSL_CSTRING_sort(sk) OPENSSL_sk_sort(ossl_check_OPENSSL_CSTRING_sk_type(sk))
+#define sk_OPENSSL_CSTRING_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OPENSSL_CSTRING_sk_type(sk))
+#define sk_OPENSSL_CSTRING_dup(sk) ((STACK_OF(OPENSSL_CSTRING) *)OPENSSL_sk_dup(ossl_check_const_OPENSSL_CSTRING_sk_type(sk)))
+#define sk_OPENSSL_CSTRING_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OPENSSL_CSTRING) *)OPENSSL_sk_deep_copy(ossl_check_const_OPENSSL_CSTRING_sk_type(sk), ossl_check_OPENSSL_CSTRING_copyfunc_type(copyfunc), ossl_check_OPENSSL_CSTRING_freefunc_type(freefunc)))
+#define sk_OPENSSL_CSTRING_set_cmp_func(sk, cmp) ((sk_OPENSSL_CSTRING_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OPENSSL_CSTRING_sk_type(sk), ossl_check_OPENSSL_CSTRING_compfunc_type(cmp)))
+
#if !defined(OPENSSL_NO_DEPRECATED_3_0)
/*
@@ -193,43 +262,34 @@ DEFINE_OR_DECLARE_STACK_OF_CSTRING()
* These should also be distinguished from "normal" stacks.
*/
typedef void *OPENSSL_BLOCK;
-DEFINE_SPECIAL_STACK_OF(OPENSSL_BLOCK, void)
-#endif
+SKM_DEFINE_STACK_OF_INTERNAL(OPENSSL_BLOCK, void, void)
+#define sk_OPENSSL_BLOCK_num(sk) OPENSSL_sk_num(ossl_check_const_OPENSSL_BLOCK_sk_type(sk))
+#define sk_OPENSSL_BLOCK_value(sk, idx) ((void *)OPENSSL_sk_value(ossl_check_const_OPENSSL_BLOCK_sk_type(sk), (idx)))
+#define sk_OPENSSL_BLOCK_new(cmp) ((STACK_OF(OPENSSL_BLOCK) *)OPENSSL_sk_new(ossl_check_OPENSSL_BLOCK_compfunc_type(cmp)))
+#define sk_OPENSSL_BLOCK_new_null() ((STACK_OF(OPENSSL_BLOCK) *)OPENSSL_sk_new_null())
+#define sk_OPENSSL_BLOCK_new_reserve(cmp, n) ((STACK_OF(OPENSSL_BLOCK) *)OPENSSL_sk_new_reserve(ossl_check_OPENSSL_BLOCK_compfunc_type(cmp), (n)))
+#define sk_OPENSSL_BLOCK_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_OPENSSL_BLOCK_sk_type(sk), (n))
+#define sk_OPENSSL_BLOCK_free(sk) OPENSSL_sk_free(ossl_check_OPENSSL_BLOCK_sk_type(sk))
+#define sk_OPENSSL_BLOCK_zero(sk) OPENSSL_sk_zero(ossl_check_OPENSSL_BLOCK_sk_type(sk))
+#define sk_OPENSSL_BLOCK_delete(sk, i) ((void *)OPENSSL_sk_delete(ossl_check_OPENSSL_BLOCK_sk_type(sk), (i)))
+#define sk_OPENSSL_BLOCK_delete_ptr(sk, ptr) ((void *)OPENSSL_sk_delete_ptr(ossl_check_OPENSSL_BLOCK_sk_type(sk), ossl_check_OPENSSL_BLOCK_type(ptr)))
+#define sk_OPENSSL_BLOCK_push(sk, ptr) OPENSSL_sk_push(ossl_check_OPENSSL_BLOCK_sk_type(sk), ossl_check_OPENSSL_BLOCK_type(ptr))
+#define sk_OPENSSL_BLOCK_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_OPENSSL_BLOCK_sk_type(sk), ossl_check_OPENSSL_BLOCK_type(ptr))
+#define sk_OPENSSL_BLOCK_pop(sk) ((void *)OPENSSL_sk_pop(ossl_check_OPENSSL_BLOCK_sk_type(sk)))
+#define sk_OPENSSL_BLOCK_shift(sk) ((void *)OPENSSL_sk_shift(ossl_check_OPENSSL_BLOCK_sk_type(sk)))
+#define sk_OPENSSL_BLOCK_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_OPENSSL_BLOCK_sk_type(sk),ossl_check_OPENSSL_BLOCK_freefunc_type(freefunc))
+#define sk_OPENSSL_BLOCK_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_OPENSSL_BLOCK_sk_type(sk), ossl_check_OPENSSL_BLOCK_type(ptr), (idx))
+#define sk_OPENSSL_BLOCK_set(sk, idx, ptr) ((void *)OPENSSL_sk_set(ossl_check_OPENSSL_BLOCK_sk_type(sk), (idx), ossl_check_OPENSSL_BLOCK_type(ptr)))
+#define sk_OPENSSL_BLOCK_find(sk, ptr) OPENSSL_sk_find(ossl_check_OPENSSL_BLOCK_sk_type(sk), ossl_check_OPENSSL_BLOCK_type(ptr))
+#define sk_OPENSSL_BLOCK_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_OPENSSL_BLOCK_sk_type(sk), ossl_check_OPENSSL_BLOCK_type(ptr))
+#define sk_OPENSSL_BLOCK_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_OPENSSL_BLOCK_sk_type(sk), ossl_check_OPENSSL_BLOCK_type(ptr), pnum)
+#define sk_OPENSSL_BLOCK_sort(sk) OPENSSL_sk_sort(ossl_check_OPENSSL_BLOCK_sk_type(sk))
+#define sk_OPENSSL_BLOCK_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_OPENSSL_BLOCK_sk_type(sk))
+#define sk_OPENSSL_BLOCK_dup(sk) ((STACK_OF(OPENSSL_BLOCK) *)OPENSSL_sk_dup(ossl_check_const_OPENSSL_BLOCK_sk_type(sk)))
+#define sk_OPENSSL_BLOCK_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(OPENSSL_BLOCK) *)OPENSSL_sk_deep_copy(ossl_check_const_OPENSSL_BLOCK_sk_type(sk), ossl_check_OPENSSL_BLOCK_copyfunc_type(copyfunc), ossl_check_OPENSSL_BLOCK_freefunc_type(freefunc)))
+#define sk_OPENSSL_BLOCK_set_cmp_func(sk, cmp) ((sk_OPENSSL_BLOCK_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_OPENSSL_BLOCK_sk_type(sk), ossl_check_OPENSSL_BLOCK_compfunc_type(cmp)))
-/*
- * If called without higher optimization (min. -xO3) the Oracle Developer
- * Studio compiler generates code for the defined (static inline) functions
- * above.
- * This would later lead to the linker complaining about missing symbols when
- * this header file is included but the resulting object is not linked against
- * the Crypto library (openssl#6912).
- */
-# ifdef __SUNPRO_C
-# pragma weak OPENSSL_sk_num
-# pragma weak OPENSSL_sk_value
-# pragma weak OPENSSL_sk_new
-# pragma weak OPENSSL_sk_new_null
-# pragma weak OPENSSL_sk_new_reserve
-# pragma weak OPENSSL_sk_reserve
-# pragma weak OPENSSL_sk_free
-# pragma weak OPENSSL_sk_zero
-# pragma weak OPENSSL_sk_delete
-# pragma weak OPENSSL_sk_delete_ptr
-# pragma weak OPENSSL_sk_push
-# pragma weak OPENSSL_sk_unshift
-# pragma weak OPENSSL_sk_pop
-# pragma weak OPENSSL_sk_shift
-# pragma weak OPENSSL_sk_pop_free
-# pragma weak OPENSSL_sk_insert
-# pragma weak OPENSSL_sk_set
-# pragma weak OPENSSL_sk_find
-# pragma weak OPENSSL_sk_find_ex
-# pragma weak OPENSSL_sk_sort
-# pragma weak OPENSSL_sk_is_sorted
-# pragma weak OPENSSL_sk_dup
-# pragma weak OPENSSL_sk_deep_copy
-# pragma weak OPENSSL_sk_set_cmp_func
-# endif /* __SUNPRO_C */
+#endif
# ifdef __cplusplus
}
diff --git a/openssl/include/openssl/seed.h b/openssl/include/openssl/seed.h
index 4b8b12d4..1674e871 100644..100755
--- a/openssl/include/openssl/seed.h
+++ b/openssl/include/openssl/seed.h
@@ -72,35 +72,38 @@ typedef struct seed_key_st {
# endif
} SEED_KEY_SCHEDULE;
# endif /* OPENSSL_NO_DEPRECATED_3_0 */
-
-DEPRECATEDIN_3_0(void SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH],
- SEED_KEY_SCHEDULE *ks))
-
-DEPRECATEDIN_3_0(void SEED_encrypt(const unsigned char s[SEED_BLOCK_SIZE],
- unsigned char d[SEED_BLOCK_SIZE],
- const SEED_KEY_SCHEDULE *ks))
-DEPRECATEDIN_3_0(void SEED_decrypt(const unsigned char s[SEED_BLOCK_SIZE],
- unsigned char d[SEED_BLOCK_SIZE],
- const SEED_KEY_SCHEDULE *ks))
-
-DEPRECATEDIN_3_0(void SEED_ecb_encrypt(const unsigned char *in,
- unsigned char *out,
- const SEED_KEY_SCHEDULE *ks, int enc))
-DEPRECATEDIN_3_0(void SEED_cbc_encrypt(const unsigned char *in,
- unsigned char *out, size_t len,
- const SEED_KEY_SCHEDULE *ks,
- unsigned char ivec[SEED_BLOCK_SIZE],
- int enc))
-DEPRECATEDIN_3_0(void SEED_cfb128_encrypt(const unsigned char *in,
- unsigned char *out, size_t len,
- const SEED_KEY_SCHEDULE *ks,
- unsigned char ivec[SEED_BLOCK_SIZE],
- int *num, int enc))
-DEPRECATEDIN_3_0(void SEED_ofb128_encrypt(const unsigned char *in,
- unsigned char *out, size_t len,
- const SEED_KEY_SCHEDULE *ks,
- unsigned char ivec[SEED_BLOCK_SIZE],
- int *num))
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0
+void SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH],
+ SEED_KEY_SCHEDULE *ks);
+OSSL_DEPRECATEDIN_3_0
+void SEED_encrypt(const unsigned char s[SEED_BLOCK_SIZE],
+ unsigned char d[SEED_BLOCK_SIZE],
+ const SEED_KEY_SCHEDULE *ks);
+OSSL_DEPRECATEDIN_3_0
+void SEED_decrypt(const unsigned char s[SEED_BLOCK_SIZE],
+ unsigned char d[SEED_BLOCK_SIZE],
+ const SEED_KEY_SCHEDULE *ks);
+OSSL_DEPRECATEDIN_3_0
+void SEED_ecb_encrypt(const unsigned char *in,
+ unsigned char *out,
+ const SEED_KEY_SCHEDULE *ks, int enc);
+OSSL_DEPRECATEDIN_3_0
+void SEED_cbc_encrypt(const unsigned char *in, unsigned char *out, size_t len,
+ const SEED_KEY_SCHEDULE *ks,
+ unsigned char ivec[SEED_BLOCK_SIZE],
+ int enc);
+OSSL_DEPRECATEDIN_3_0
+void SEED_cfb128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const SEED_KEY_SCHEDULE *ks,
+ unsigned char ivec[SEED_BLOCK_SIZE],
+ int *num, int enc);
+OSSL_DEPRECATEDIN_3_0
+void SEED_ofb128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t len, const SEED_KEY_SCHEDULE *ks,
+ unsigned char ivec[SEED_BLOCK_SIZE],
+ int *num);
+# endif
# ifdef __cplusplus
}
diff --git a/openssl/include/openssl/self_test.h b/openssl/include/openssl/self_test.h
index 5a242e65..f3933fce 100644..100755
--- a/openssl/include/openssl/self_test.h
+++ b/openssl/include/openssl/self_test.h
@@ -1,5 +1,5 @@
/*
- * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -9,6 +9,7 @@
#ifndef OPENSSL_SELF_TEST_H
# define OPENSSL_SELF_TEST_H
+# pragma once
# include <openssl/core.h> /* OSSL_CALLBACK */
@@ -27,8 +28,10 @@ extern "C" {
# define OSSL_SELF_TEST_TYPE_NONE "None"
# define OSSL_SELF_TEST_TYPE_MODULE_INTEGRITY "Module_Integrity"
# define OSSL_SELF_TEST_TYPE_INSTALL_INTEGRITY "Install_Integrity"
+# define OSSL_SELF_TEST_TYPE_CRNG "Continuous_RNG_Test"
# define OSSL_SELF_TEST_TYPE_PCT "Pairwise_Consistency_Test"
# define OSSL_SELF_TEST_TYPE_KAT_CIPHER "KAT_Cipher"
+# define OSSL_SELF_TEST_TYPE_KAT_ASYM_CIPHER "KAT_AsymmetricCipher"
# define OSSL_SELF_TEST_TYPE_KAT_DIGEST "KAT_Digest"
# define OSSL_SELF_TEST_TYPE_KAT_SIGNATURE "KAT_Signature"
# define OSSL_SELF_TEST_TYPE_KAT_KDF "KAT_KDF"
@@ -42,7 +45,10 @@ extern "C" {
# define OSSL_SELF_TEST_DESC_PCT_ECDSA "ECDSA"
# define OSSL_SELF_TEST_DESC_PCT_DSA "DSA"
# define OSSL_SELF_TEST_DESC_CIPHER_AES_GCM "AES_GCM"
+# define OSSL_SELF_TEST_DESC_CIPHER_AES_ECB "AES_ECB_Decrypt"
# define OSSL_SELF_TEST_DESC_CIPHER_TDES "TDES"
+# define OSSL_SELF_TEST_DESC_ASYM_RSA_ENC "RSA_Encrypt"
+# define OSSL_SELF_TEST_DESC_ASYM_RSA_DEC "RSA_Decrypt"
# define OSSL_SELF_TEST_DESC_MD_SHA1 "SHA1"
# define OSSL_SELF_TEST_DESC_MD_SHA2 "SHA2"
# define OSSL_SELF_TEST_DESC_MD_SHA3 "SHA3"
@@ -56,14 +62,23 @@ extern "C" {
# define OSSL_SELF_TEST_DESC_KA_ECDH "ECDH"
# define OSSL_SELF_TEST_DESC_KDF_HKDF "HKDF"
# define OSSL_SELF_TEST_DESC_KDF_SSKDF "SSKDF"
+# define OSSL_SELF_TEST_DESC_KDF_X963KDF "X963KDF"
+# define OSSL_SELF_TEST_DESC_KDF_X942KDF "X942KDF"
+# define OSSL_SELF_TEST_DESC_KDF_PBKDF2 "PBKDF2"
+# define OSSL_SELF_TEST_DESC_KDF_SSHKDF "SSHKDF"
+# define OSSL_SELF_TEST_DESC_KDF_TLS12_PRF "TLS12_PRF"
+# define OSSL_SELF_TEST_DESC_KDF_KBKDF "KBKDF"
+# define OSSL_SELF_TEST_DESC_KDF_TLS13_EXTRACT "TLS13_KDF_EXTRACT"
+# define OSSL_SELF_TEST_DESC_KDF_TLS13_EXPAND "TLS13_KDF_EXPAND"
+# define OSSL_SELF_TEST_DESC_RNG "RNG"
# ifdef __cplusplus
}
# endif
-void OSSL_SELF_TEST_set_callback(OPENSSL_CTX *libctx, OSSL_CALLBACK *cb,
+void OSSL_SELF_TEST_set_callback(OSSL_LIB_CTX *libctx, OSSL_CALLBACK *cb,
void *cbarg);
-void OSSL_SELF_TEST_get_callback(OPENSSL_CTX *libctx, OSSL_CALLBACK **cb,
+void OSSL_SELF_TEST_get_callback(OSSL_LIB_CTX *libctx, OSSL_CALLBACK **cb,
void **cbarg);
OSSL_SELF_TEST *OSSL_SELF_TEST_new(OSSL_CALLBACK *cb, void *cbarg);
@@ -71,7 +86,7 @@ void OSSL_SELF_TEST_free(OSSL_SELF_TEST *st);
void OSSL_SELF_TEST_onbegin(OSSL_SELF_TEST *st, const char *type,
const char *desc);
-void OSSL_SELF_TEST_oncorrupt_byte(OSSL_SELF_TEST *st, unsigned char *bytes);
+int OSSL_SELF_TEST_oncorrupt_byte(OSSL_SELF_TEST *st, unsigned char *bytes);
void OSSL_SELF_TEST_onend(OSSL_SELF_TEST *st, int ret);
#endif /* OPENSSL_SELF_TEST_H */
diff --git a/openssl/include/openssl/serializer.h b/openssl/include/openssl/serializer.h
index 582639a7..582639a7 100644..100755
--- a/openssl/include/openssl/serializer.h
+++ b/openssl/include/openssl/serializer.h
diff --git a/openssl/include/openssl/serializererr.h b/openssl/include/openssl/serializererr.h
index abec01e3..abec01e3 100644..100755
--- a/openssl/include/openssl/serializererr.h
+++ b/openssl/include/openssl/serializererr.h
diff --git a/openssl/include/openssl/sha.h b/openssl/include/openssl/sha.h
index 756a24ca..a4b05679 100644..100755
--- a/openssl/include/openssl/sha.h
+++ b/openssl/include/openssl/sha.h
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -23,19 +23,21 @@
extern "C" {
# endif
+# define SHA_DIGEST_LENGTH 20
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
/*-
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
* ! SHA_LONG has to be at least 32 bits wide. !
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
*/
-# define SHA_LONG unsigned int
+# define SHA_LONG unsigned int
-# define SHA_LBLOCK 16
-# define SHA_CBLOCK (SHA_LBLOCK*4)/* SHA treats input data as a
- * contiguous array of 32 bit wide
- * big-endian values. */
-# define SHA_LAST_BLOCK (SHA_CBLOCK-8)
-# define SHA_DIGEST_LENGTH 20
+# define SHA_LBLOCK 16
+# define SHA_CBLOCK (SHA_LBLOCK*4)/* SHA treats input data as a
+ * contiguous array of 32 bit wide
+ * big-endian values. */
+# define SHA_LAST_BLOCK (SHA_CBLOCK-8)
typedef struct SHAstate_st {
SHA_LONG h0, h1, h2, h3, h4;
@@ -44,13 +46,16 @@ typedef struct SHAstate_st {
unsigned int num;
} SHA_CTX;
-int SHA1_Init(SHA_CTX *c);
-int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
-int SHA1_Final(unsigned char *md, SHA_CTX *c);
+OSSL_DEPRECATEDIN_3_0 int SHA1_Init(SHA_CTX *c);
+OSSL_DEPRECATEDIN_3_0 int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
+OSSL_DEPRECATEDIN_3_0 int SHA1_Final(unsigned char *md, SHA_CTX *c);
+OSSL_DEPRECATEDIN_3_0 void SHA1_Transform(SHA_CTX *c, const unsigned char *data);
+# endif
+
unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md);
-void SHA1_Transform(SHA_CTX *c, const unsigned char *data);
-# define SHA256_CBLOCK (SHA_LBLOCK*4)/* SHA-256 treats input data as a
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define SHA256_CBLOCK (SHA_LBLOCK*4)/* SHA-256 treats input data as a
* contiguous array of 32 bit wide
* big-endian values. */
@@ -61,21 +66,27 @@ typedef struct SHA256state_st {
unsigned int num, md_len;
} SHA256_CTX;
-int SHA224_Init(SHA256_CTX *c);
-int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
-int SHA224_Final(unsigned char *md, SHA256_CTX *c);
+OSSL_DEPRECATEDIN_3_0 int SHA224_Init(SHA256_CTX *c);
+OSSL_DEPRECATEDIN_3_0 int SHA224_Update(SHA256_CTX *c,
+ const void *data, size_t len);
+OSSL_DEPRECATEDIN_3_0 int SHA224_Final(unsigned char *md, SHA256_CTX *c);
+OSSL_DEPRECATEDIN_3_0 int SHA256_Init(SHA256_CTX *c);
+OSSL_DEPRECATEDIN_3_0 int SHA256_Update(SHA256_CTX *c,
+ const void *data, size_t len);
+OSSL_DEPRECATEDIN_3_0 int SHA256_Final(unsigned char *md, SHA256_CTX *c);
+OSSL_DEPRECATEDIN_3_0 void SHA256_Transform(SHA256_CTX *c,
+ const unsigned char *data);
+# endif
+
unsigned char *SHA224(const unsigned char *d, size_t n, unsigned char *md);
-int SHA256_Init(SHA256_CTX *c);
-int SHA256_Update(SHA256_CTX *c, const void *data, size_t len);
-int SHA256_Final(unsigned char *md, SHA256_CTX *c);
unsigned char *SHA256(const unsigned char *d, size_t n, unsigned char *md);
-void SHA256_Transform(SHA256_CTX *c, const unsigned char *data);
# define SHA224_DIGEST_LENGTH 28
# define SHA256_DIGEST_LENGTH 32
# define SHA384_DIGEST_LENGTH 48
# define SHA512_DIGEST_LENGTH 64
+# ifndef OPENSSL_NO_DEPRECATED_3_0
/*
* Unlike 32-bit digest algorithms, SHA-512 *relies* on SHA_LONG64
* being exactly 64-bit wide. See Implementation Notes in sha512.c
@@ -86,14 +97,14 @@ void SHA256_Transform(SHA256_CTX *c, const unsigned char *data);
* contiguous array of 64 bit
* wide big-endian values.
*/
-# define SHA512_CBLOCK (SHA_LBLOCK*8)
-# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
-# define SHA_LONG64 unsigned __int64
-# elif defined(__arch64__)
-# define SHA_LONG64 unsigned long
-# else
-# define SHA_LONG64 unsigned long long
-# endif
+# define SHA512_CBLOCK (SHA_LBLOCK*8)
+# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
+# define SHA_LONG64 unsigned __int64
+# elif defined(__arch64__)
+# define SHA_LONG64 unsigned long
+# else
+# define SHA_LONG64 unsigned long long
+# endif
typedef struct SHA512state_st {
SHA_LONG64 h[8];
@@ -105,15 +116,20 @@ typedef struct SHA512state_st {
unsigned int num, md_len;
} SHA512_CTX;
-int SHA384_Init(SHA512_CTX *c);
-int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
-int SHA384_Final(unsigned char *md, SHA512_CTX *c);
+OSSL_DEPRECATEDIN_3_0 int SHA384_Init(SHA512_CTX *c);
+OSSL_DEPRECATEDIN_3_0 int SHA384_Update(SHA512_CTX *c,
+ const void *data, size_t len);
+OSSL_DEPRECATEDIN_3_0 int SHA384_Final(unsigned char *md, SHA512_CTX *c);
+OSSL_DEPRECATEDIN_3_0 int SHA512_Init(SHA512_CTX *c);
+OSSL_DEPRECATEDIN_3_0 int SHA512_Update(SHA512_CTX *c,
+ const void *data, size_t len);
+OSSL_DEPRECATEDIN_3_0 int SHA512_Final(unsigned char *md, SHA512_CTX *c);
+OSSL_DEPRECATEDIN_3_0 void SHA512_Transform(SHA512_CTX *c,
+ const unsigned char *data);
+# endif
+
unsigned char *SHA384(const unsigned char *d, size_t n, unsigned char *md);
-int SHA512_Init(SHA512_CTX *c);
-int SHA512_Update(SHA512_CTX *c, const void *data, size_t len);
-int SHA512_Final(unsigned char *md, SHA512_CTX *c);
unsigned char *SHA512(const unsigned char *d, size_t n, unsigned char *md);
-void SHA512_Transform(SHA512_CTX *c, const unsigned char *data);
# ifdef __cplusplus
}
diff --git a/openssl/include/openssl/srp.h b/openssl/include/openssl/srp.h
index aac68f28..a4d26408 100644..100755
--- a/openssl/include/openssl/srp.h
+++ b/openssl/include/openssl/srp.h
@@ -1,5 +1,8 @@
/*
- * Copyright 2004-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * WARNING: do not edit!
+ * Generated by makefile from include\openssl\srp.h.in
+ *
+ * Copyright 2004-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2004, EdelKey Project. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
@@ -11,6 +14,8 @@
* for the EdelKey project.
*/
+
+
#ifndef OPENSSL_SRP_H
# define OPENSSL_SRP_H
# pragma once
@@ -33,11 +38,40 @@
extern "C" {
# endif
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+
typedef struct SRP_gN_cache_st {
char *b64_bn;
BIGNUM *bn;
} SRP_gN_cache;
-DEFINE_OR_DECLARE_STACK_OF(SRP_gN_cache)
+SKM_DEFINE_STACK_OF_INTERNAL(SRP_gN_cache, SRP_gN_cache, SRP_gN_cache)
+#define sk_SRP_gN_cache_num(sk) OPENSSL_sk_num(ossl_check_const_SRP_gN_cache_sk_type(sk))
+#define sk_SRP_gN_cache_value(sk, idx) ((SRP_gN_cache *)OPENSSL_sk_value(ossl_check_const_SRP_gN_cache_sk_type(sk), (idx)))
+#define sk_SRP_gN_cache_new(cmp) ((STACK_OF(SRP_gN_cache) *)OPENSSL_sk_new(ossl_check_SRP_gN_cache_compfunc_type(cmp)))
+#define sk_SRP_gN_cache_new_null() ((STACK_OF(SRP_gN_cache) *)OPENSSL_sk_new_null())
+#define sk_SRP_gN_cache_new_reserve(cmp, n) ((STACK_OF(SRP_gN_cache) *)OPENSSL_sk_new_reserve(ossl_check_SRP_gN_cache_compfunc_type(cmp), (n)))
+#define sk_SRP_gN_cache_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_SRP_gN_cache_sk_type(sk), (n))
+#define sk_SRP_gN_cache_free(sk) OPENSSL_sk_free(ossl_check_SRP_gN_cache_sk_type(sk))
+#define sk_SRP_gN_cache_zero(sk) OPENSSL_sk_zero(ossl_check_SRP_gN_cache_sk_type(sk))
+#define sk_SRP_gN_cache_delete(sk, i) ((SRP_gN_cache *)OPENSSL_sk_delete(ossl_check_SRP_gN_cache_sk_type(sk), (i)))
+#define sk_SRP_gN_cache_delete_ptr(sk, ptr) ((SRP_gN_cache *)OPENSSL_sk_delete_ptr(ossl_check_SRP_gN_cache_sk_type(sk), ossl_check_SRP_gN_cache_type(ptr)))
+#define sk_SRP_gN_cache_push(sk, ptr) OPENSSL_sk_push(ossl_check_SRP_gN_cache_sk_type(sk), ossl_check_SRP_gN_cache_type(ptr))
+#define sk_SRP_gN_cache_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_SRP_gN_cache_sk_type(sk), ossl_check_SRP_gN_cache_type(ptr))
+#define sk_SRP_gN_cache_pop(sk) ((SRP_gN_cache *)OPENSSL_sk_pop(ossl_check_SRP_gN_cache_sk_type(sk)))
+#define sk_SRP_gN_cache_shift(sk) ((SRP_gN_cache *)OPENSSL_sk_shift(ossl_check_SRP_gN_cache_sk_type(sk)))
+#define sk_SRP_gN_cache_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_SRP_gN_cache_sk_type(sk),ossl_check_SRP_gN_cache_freefunc_type(freefunc))
+#define sk_SRP_gN_cache_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_SRP_gN_cache_sk_type(sk), ossl_check_SRP_gN_cache_type(ptr), (idx))
+#define sk_SRP_gN_cache_set(sk, idx, ptr) ((SRP_gN_cache *)OPENSSL_sk_set(ossl_check_SRP_gN_cache_sk_type(sk), (idx), ossl_check_SRP_gN_cache_type(ptr)))
+#define sk_SRP_gN_cache_find(sk, ptr) OPENSSL_sk_find(ossl_check_SRP_gN_cache_sk_type(sk), ossl_check_SRP_gN_cache_type(ptr))
+#define sk_SRP_gN_cache_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_SRP_gN_cache_sk_type(sk), ossl_check_SRP_gN_cache_type(ptr))
+#define sk_SRP_gN_cache_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_SRP_gN_cache_sk_type(sk), ossl_check_SRP_gN_cache_type(ptr), pnum)
+#define sk_SRP_gN_cache_sort(sk) OPENSSL_sk_sort(ossl_check_SRP_gN_cache_sk_type(sk))
+#define sk_SRP_gN_cache_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_SRP_gN_cache_sk_type(sk))
+#define sk_SRP_gN_cache_dup(sk) ((STACK_OF(SRP_gN_cache) *)OPENSSL_sk_dup(ossl_check_const_SRP_gN_cache_sk_type(sk)))
+#define sk_SRP_gN_cache_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(SRP_gN_cache) *)OPENSSL_sk_deep_copy(ossl_check_const_SRP_gN_cache_sk_type(sk), ossl_check_SRP_gN_cache_copyfunc_type(copyfunc), ossl_check_SRP_gN_cache_freefunc_type(freefunc)))
+#define sk_SRP_gN_cache_set_cmp_func(sk, cmp) ((sk_SRP_gN_cache_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_SRP_gN_cache_sk_type(sk), ossl_check_SRP_gN_cache_compfunc_type(cmp)))
+
+
typedef struct SRP_user_pwd_st {
/* Owned by us. */
@@ -50,13 +84,46 @@ typedef struct SRP_user_pwd_st {
/* Owned by us. */
char *info;
} SRP_user_pwd;
-DEFINE_OR_DECLARE_STACK_OF(SRP_user_pwd)
+SKM_DEFINE_STACK_OF_INTERNAL(SRP_user_pwd, SRP_user_pwd, SRP_user_pwd)
+#define sk_SRP_user_pwd_num(sk) OPENSSL_sk_num(ossl_check_const_SRP_user_pwd_sk_type(sk))
+#define sk_SRP_user_pwd_value(sk, idx) ((SRP_user_pwd *)OPENSSL_sk_value(ossl_check_const_SRP_user_pwd_sk_type(sk), (idx)))
+#define sk_SRP_user_pwd_new(cmp) ((STACK_OF(SRP_user_pwd) *)OPENSSL_sk_new(ossl_check_SRP_user_pwd_compfunc_type(cmp)))
+#define sk_SRP_user_pwd_new_null() ((STACK_OF(SRP_user_pwd) *)OPENSSL_sk_new_null())
+#define sk_SRP_user_pwd_new_reserve(cmp, n) ((STACK_OF(SRP_user_pwd) *)OPENSSL_sk_new_reserve(ossl_check_SRP_user_pwd_compfunc_type(cmp), (n)))
+#define sk_SRP_user_pwd_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_SRP_user_pwd_sk_type(sk), (n))
+#define sk_SRP_user_pwd_free(sk) OPENSSL_sk_free(ossl_check_SRP_user_pwd_sk_type(sk))
+#define sk_SRP_user_pwd_zero(sk) OPENSSL_sk_zero(ossl_check_SRP_user_pwd_sk_type(sk))
+#define sk_SRP_user_pwd_delete(sk, i) ((SRP_user_pwd *)OPENSSL_sk_delete(ossl_check_SRP_user_pwd_sk_type(sk), (i)))
+#define sk_SRP_user_pwd_delete_ptr(sk, ptr) ((SRP_user_pwd *)OPENSSL_sk_delete_ptr(ossl_check_SRP_user_pwd_sk_type(sk), ossl_check_SRP_user_pwd_type(ptr)))
+#define sk_SRP_user_pwd_push(sk, ptr) OPENSSL_sk_push(ossl_check_SRP_user_pwd_sk_type(sk), ossl_check_SRP_user_pwd_type(ptr))
+#define sk_SRP_user_pwd_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_SRP_user_pwd_sk_type(sk), ossl_check_SRP_user_pwd_type(ptr))
+#define sk_SRP_user_pwd_pop(sk) ((SRP_user_pwd *)OPENSSL_sk_pop(ossl_check_SRP_user_pwd_sk_type(sk)))
+#define sk_SRP_user_pwd_shift(sk) ((SRP_user_pwd *)OPENSSL_sk_shift(ossl_check_SRP_user_pwd_sk_type(sk)))
+#define sk_SRP_user_pwd_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_SRP_user_pwd_sk_type(sk),ossl_check_SRP_user_pwd_freefunc_type(freefunc))
+#define sk_SRP_user_pwd_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_SRP_user_pwd_sk_type(sk), ossl_check_SRP_user_pwd_type(ptr), (idx))
+#define sk_SRP_user_pwd_set(sk, idx, ptr) ((SRP_user_pwd *)OPENSSL_sk_set(ossl_check_SRP_user_pwd_sk_type(sk), (idx), ossl_check_SRP_user_pwd_type(ptr)))
+#define sk_SRP_user_pwd_find(sk, ptr) OPENSSL_sk_find(ossl_check_SRP_user_pwd_sk_type(sk), ossl_check_SRP_user_pwd_type(ptr))
+#define sk_SRP_user_pwd_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_SRP_user_pwd_sk_type(sk), ossl_check_SRP_user_pwd_type(ptr))
+#define sk_SRP_user_pwd_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_SRP_user_pwd_sk_type(sk), ossl_check_SRP_user_pwd_type(ptr), pnum)
+#define sk_SRP_user_pwd_sort(sk) OPENSSL_sk_sort(ossl_check_SRP_user_pwd_sk_type(sk))
+#define sk_SRP_user_pwd_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_SRP_user_pwd_sk_type(sk))
+#define sk_SRP_user_pwd_dup(sk) ((STACK_OF(SRP_user_pwd) *)OPENSSL_sk_dup(ossl_check_const_SRP_user_pwd_sk_type(sk)))
+#define sk_SRP_user_pwd_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(SRP_user_pwd) *)OPENSSL_sk_deep_copy(ossl_check_const_SRP_user_pwd_sk_type(sk), ossl_check_SRP_user_pwd_copyfunc_type(copyfunc), ossl_check_SRP_user_pwd_freefunc_type(freefunc)))
+#define sk_SRP_user_pwd_set_cmp_func(sk, cmp) ((sk_SRP_user_pwd_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_SRP_user_pwd_sk_type(sk), ossl_check_SRP_user_pwd_compfunc_type(cmp)))
+
+OSSL_DEPRECATEDIN_3_0
SRP_user_pwd *SRP_user_pwd_new(void);
+OSSL_DEPRECATEDIN_3_0
void SRP_user_pwd_free(SRP_user_pwd *user_pwd);
-void SRP_user_pwd_set_gN(SRP_user_pwd *user_pwd, const BIGNUM *g, const BIGNUM *N);
-int SRP_user_pwd_set1_ids(SRP_user_pwd *user_pwd, const char *id, const char *info);
+OSSL_DEPRECATEDIN_3_0
+void SRP_user_pwd_set_gN(SRP_user_pwd *user_pwd, const BIGNUM *g,
+ const BIGNUM *N);
+OSSL_DEPRECATEDIN_3_0
+int SRP_user_pwd_set1_ids(SRP_user_pwd *user_pwd, const char *id,
+ const char *info);
+OSSL_DEPRECATEDIN_3_0
int SRP_user_pwd_set0_sv(SRP_user_pwd *user_pwd, BIGNUM *s, BIGNUM *v);
typedef struct SRP_VBASE_st {
@@ -76,80 +143,139 @@ typedef struct SRP_gN_st {
const BIGNUM *g;
const BIGNUM *N;
} SRP_gN;
-DEFINE_OR_DECLARE_STACK_OF(SRP_gN)
+SKM_DEFINE_STACK_OF_INTERNAL(SRP_gN, SRP_gN, SRP_gN)
+#define sk_SRP_gN_num(sk) OPENSSL_sk_num(ossl_check_const_SRP_gN_sk_type(sk))
+#define sk_SRP_gN_value(sk, idx) ((SRP_gN *)OPENSSL_sk_value(ossl_check_const_SRP_gN_sk_type(sk), (idx)))
+#define sk_SRP_gN_new(cmp) ((STACK_OF(SRP_gN) *)OPENSSL_sk_new(ossl_check_SRP_gN_compfunc_type(cmp)))
+#define sk_SRP_gN_new_null() ((STACK_OF(SRP_gN) *)OPENSSL_sk_new_null())
+#define sk_SRP_gN_new_reserve(cmp, n) ((STACK_OF(SRP_gN) *)OPENSSL_sk_new_reserve(ossl_check_SRP_gN_compfunc_type(cmp), (n)))
+#define sk_SRP_gN_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_SRP_gN_sk_type(sk), (n))
+#define sk_SRP_gN_free(sk) OPENSSL_sk_free(ossl_check_SRP_gN_sk_type(sk))
+#define sk_SRP_gN_zero(sk) OPENSSL_sk_zero(ossl_check_SRP_gN_sk_type(sk))
+#define sk_SRP_gN_delete(sk, i) ((SRP_gN *)OPENSSL_sk_delete(ossl_check_SRP_gN_sk_type(sk), (i)))
+#define sk_SRP_gN_delete_ptr(sk, ptr) ((SRP_gN *)OPENSSL_sk_delete_ptr(ossl_check_SRP_gN_sk_type(sk), ossl_check_SRP_gN_type(ptr)))
+#define sk_SRP_gN_push(sk, ptr) OPENSSL_sk_push(ossl_check_SRP_gN_sk_type(sk), ossl_check_SRP_gN_type(ptr))
+#define sk_SRP_gN_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_SRP_gN_sk_type(sk), ossl_check_SRP_gN_type(ptr))
+#define sk_SRP_gN_pop(sk) ((SRP_gN *)OPENSSL_sk_pop(ossl_check_SRP_gN_sk_type(sk)))
+#define sk_SRP_gN_shift(sk) ((SRP_gN *)OPENSSL_sk_shift(ossl_check_SRP_gN_sk_type(sk)))
+#define sk_SRP_gN_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_SRP_gN_sk_type(sk),ossl_check_SRP_gN_freefunc_type(freefunc))
+#define sk_SRP_gN_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_SRP_gN_sk_type(sk), ossl_check_SRP_gN_type(ptr), (idx))
+#define sk_SRP_gN_set(sk, idx, ptr) ((SRP_gN *)OPENSSL_sk_set(ossl_check_SRP_gN_sk_type(sk), (idx), ossl_check_SRP_gN_type(ptr)))
+#define sk_SRP_gN_find(sk, ptr) OPENSSL_sk_find(ossl_check_SRP_gN_sk_type(sk), ossl_check_SRP_gN_type(ptr))
+#define sk_SRP_gN_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_SRP_gN_sk_type(sk), ossl_check_SRP_gN_type(ptr))
+#define sk_SRP_gN_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_SRP_gN_sk_type(sk), ossl_check_SRP_gN_type(ptr), pnum)
+#define sk_SRP_gN_sort(sk) OPENSSL_sk_sort(ossl_check_SRP_gN_sk_type(sk))
+#define sk_SRP_gN_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_SRP_gN_sk_type(sk))
+#define sk_SRP_gN_dup(sk) ((STACK_OF(SRP_gN) *)OPENSSL_sk_dup(ossl_check_const_SRP_gN_sk_type(sk)))
+#define sk_SRP_gN_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(SRP_gN) *)OPENSSL_sk_deep_copy(ossl_check_const_SRP_gN_sk_type(sk), ossl_check_SRP_gN_copyfunc_type(copyfunc), ossl_check_SRP_gN_freefunc_type(freefunc)))
+#define sk_SRP_gN_set_cmp_func(sk, cmp) ((sk_SRP_gN_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_SRP_gN_sk_type(sk), ossl_check_SRP_gN_compfunc_type(cmp)))
+
+
+OSSL_DEPRECATEDIN_3_0
SRP_VBASE *SRP_VBASE_new(char *seed_key);
+OSSL_DEPRECATEDIN_3_0
void SRP_VBASE_free(SRP_VBASE *vb);
+OSSL_DEPRECATEDIN_3_0
int SRP_VBASE_init(SRP_VBASE *vb, char *verifier_file);
+OSSL_DEPRECATEDIN_3_0
int SRP_VBASE_add0_user(SRP_VBASE *vb, SRP_user_pwd *user_pwd);
-/* This method ignores the configured seed and fails for an unknown user. */
-DEPRECATEDIN_1_1_0(SRP_user_pwd *SRP_VBASE_get_by_user(SRP_VBASE *vb, char *username))
+
/* NOTE: unlike in SRP_VBASE_get_by_user, caller owns the returned pointer.*/
+OSSL_DEPRECATEDIN_3_0
SRP_user_pwd *SRP_VBASE_get1_by_user(SRP_VBASE *vb, char *username);
+OSSL_DEPRECATEDIN_3_0
char *SRP_create_verifier_ex(const char *user, const char *pass, char **salt,
char **verifier, const char *N, const char *g,
- OPENSSL_CTX *libctx, const char *propq);
+ OSSL_LIB_CTX *libctx, const char *propq);
+OSSL_DEPRECATEDIN_3_0
char *SRP_create_verifier(const char *user, const char *pass, char **salt,
char **verifier, const char *N, const char *g);
+OSSL_DEPRECATEDIN_3_0
int SRP_create_verifier_BN_ex(const char *user, const char *pass, BIGNUM **salt,
BIGNUM **verifier, const BIGNUM *N,
- const BIGNUM *g, OPENSSL_CTX *libctx,
+ const BIGNUM *g, OSSL_LIB_CTX *libctx,
const char *propq);
+OSSL_DEPRECATEDIN_3_0
int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt,
BIGNUM **verifier, const BIGNUM *N,
const BIGNUM *g);
-# define SRP_NO_ERROR 0
-# define SRP_ERR_VBASE_INCOMPLETE_FILE 1
-# define SRP_ERR_VBASE_BN_LIB 2
-# define SRP_ERR_OPEN_FILE 3
-# define SRP_ERR_MEMORY 4
-
-# define DB_srptype 0
-# define DB_srpverifier 1
-# define DB_srpsalt 2
-# define DB_srpid 3
-# define DB_srpgN 4
-# define DB_srpinfo 5
-# undef DB_NUMBER
-# define DB_NUMBER 6
-
-# define DB_SRP_INDEX 'I'
-# define DB_SRP_VALID 'V'
-# define DB_SRP_REVOKED 'R'
-# define DB_SRP_MODIF 'v'
+# define SRP_NO_ERROR 0
+# define SRP_ERR_VBASE_INCOMPLETE_FILE 1
+# define SRP_ERR_VBASE_BN_LIB 2
+# define SRP_ERR_OPEN_FILE 3
+# define SRP_ERR_MEMORY 4
+
+# define DB_srptype 0
+# define DB_srpverifier 1
+# define DB_srpsalt 2
+# define DB_srpid 3
+# define DB_srpgN 4
+# define DB_srpinfo 5
+# undef DB_NUMBER
+# define DB_NUMBER 6
+
+# define DB_SRP_INDEX 'I'
+# define DB_SRP_VALID 'V'
+# define DB_SRP_REVOKED 'R'
+# define DB_SRP_MODIF 'v'
/* see srp.c */
+OSSL_DEPRECATEDIN_3_0
char *SRP_check_known_gN_param(const BIGNUM *g, const BIGNUM *N);
+OSSL_DEPRECATEDIN_3_0
SRP_gN *SRP_get_default_gN(const char *id);
/* server side .... */
+OSSL_DEPRECATEDIN_3_0
BIGNUM *SRP_Calc_server_key(const BIGNUM *A, const BIGNUM *v, const BIGNUM *u,
const BIGNUM *b, const BIGNUM *N);
+OSSL_DEPRECATEDIN_3_0
BIGNUM *SRP_Calc_B_ex(const BIGNUM *b, const BIGNUM *N, const BIGNUM *g,
- const BIGNUM *v, OPENSSL_CTX *libctx, const char *propq);
+ const BIGNUM *v, OSSL_LIB_CTX *libctx, const char *propq);
+OSSL_DEPRECATEDIN_3_0
BIGNUM *SRP_Calc_B(const BIGNUM *b, const BIGNUM *N, const BIGNUM *g,
const BIGNUM *v);
+
+OSSL_DEPRECATEDIN_3_0
int SRP_Verify_A_mod_N(const BIGNUM *A, const BIGNUM *N);
+OSSL_DEPRECATEDIN_3_0
BIGNUM *SRP_Calc_u_ex(const BIGNUM *A, const BIGNUM *B, const BIGNUM *N,
- OPENSSL_CTX *libctx, const char *propq);
+ OSSL_LIB_CTX *libctx, const char *propq);
+OSSL_DEPRECATEDIN_3_0
BIGNUM *SRP_Calc_u(const BIGNUM *A, const BIGNUM *B, const BIGNUM *N);
/* client side .... */
+
+OSSL_DEPRECATEDIN_3_0
BIGNUM *SRP_Calc_x_ex(const BIGNUM *s, const char *user, const char *pass,
- OPENSSL_CTX *libctx, const char *propq);
+ OSSL_LIB_CTX *libctx, const char *propq);
+OSSL_DEPRECATEDIN_3_0
BIGNUM *SRP_Calc_x(const BIGNUM *s, const char *user, const char *pass);
+OSSL_DEPRECATEDIN_3_0
BIGNUM *SRP_Calc_A(const BIGNUM *a, const BIGNUM *N, const BIGNUM *g);
+OSSL_DEPRECATEDIN_3_0
BIGNUM *SRP_Calc_client_key_ex(const BIGNUM *N, const BIGNUM *B, const BIGNUM *g,
const BIGNUM *x, const BIGNUM *a, const BIGNUM *u,
- OPENSSL_CTX *libctx, const char *propq);
+ OSSL_LIB_CTX *libctx, const char *propq);
+OSSL_DEPRECATEDIN_3_0
BIGNUM *SRP_Calc_client_key(const BIGNUM *N, const BIGNUM *B, const BIGNUM *g,
const BIGNUM *x, const BIGNUM *a, const BIGNUM *u);
+OSSL_DEPRECATEDIN_3_0
int SRP_Verify_B_mod_N(const BIGNUM *B, const BIGNUM *N);
-# define SRP_MINIMAL_N 1024
+# define SRP_MINIMAL_N 1024
+
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
+
+/* This method ignores the configured seed and fails for an unknown user. */
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+OSSL_DEPRECATEDIN_1_1_0
+SRP_user_pwd *SRP_VBASE_get_by_user(SRP_VBASE *vb, char *username);
+# endif
# ifdef __cplusplus
}
diff --git a/openssl/include/openssl/srtp.h b/openssl/include/openssl/srtp.h
index 123d7967..123d7967 100644..100755
--- a/openssl/include/openssl/srtp.h
+++ b/openssl/include/openssl/srtp.h
diff --git a/openssl/include/openssl/ssl.h b/openssl/include/openssl/ssl.h
index 353e5376..d69786d9 100644..100755
--- a/openssl/include/openssl/ssl.h
+++ b/openssl/include/openssl/ssl.h
@@ -1,5 +1,8 @@
/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * WARNING: do not edit!
+ * Generated by makefile from include\openssl\ssl.h.in
+ *
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
* Copyright 2005 Nokia. All rights reserved.
*
@@ -9,6 +12,8 @@
* https://www.openssl.org/source/license.html
*/
+
+
#ifndef OPENSSL_SSL_H
# define OPENSSL_SSL_H
# pragma once
@@ -36,6 +41,7 @@
# include <openssl/symhacks.h>
# include <openssl/ct.h>
# include <openssl/sslerr.h>
+# include <openssl/prov_ssl.h>
#ifdef __cplusplus
extern "C" {
@@ -53,7 +59,7 @@ extern "C" {
# define SSL_MIN_RSA_MODULUS_LENGTH_IN_BYTES (512/8)
# define SSL_MAX_KEY_ARG_LENGTH 8
-# define SSL_MAX_MASTER_KEY_LENGTH 48
+/* SSL_MAX_MASTER_KEY_LENGTH is defined in prov_ssl.h */
/* The maximum number of encrypt/decrypt pipelines we can support */
# define SSL_MAX_PIPELINES 32
@@ -188,14 +194,9 @@ extern "C" {
* DEPRECATED IN 3.0.0, in favor of OSSL_default_ciphersuites()
* Update both macro and function simultaneously
*/
-# if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
-# define TLS_DEFAULT_CIPHERSUITES "TLS_AES_256_GCM_SHA384:" \
- "TLS_CHACHA20_POLY1305_SHA256:" \
- "TLS_AES_128_GCM_SHA256"
-# else
-# define TLS_DEFAULT_CIPHERSUITES "TLS_AES_256_GCM_SHA384:" \
+# define TLS_DEFAULT_CIPHERSUITES "TLS_AES_256_GCM_SHA384:" \
+ "TLS_CHACHA20_POLY1305_SHA256:" \
"TLS_AES_128_GCM_SHA256"
-# endif
# endif
/*
* As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
@@ -240,7 +241,33 @@ typedef struct srtp_protection_profile_st {
const char *name;
unsigned long id;
} SRTP_PROTECTION_PROFILE;
-DEFINE_OR_DECLARE_STACK_OF(SRTP_PROTECTION_PROFILE)
+SKM_DEFINE_STACK_OF_INTERNAL(SRTP_PROTECTION_PROFILE, SRTP_PROTECTION_PROFILE, SRTP_PROTECTION_PROFILE)
+#define sk_SRTP_PROTECTION_PROFILE_num(sk) OPENSSL_sk_num(ossl_check_const_SRTP_PROTECTION_PROFILE_sk_type(sk))
+#define sk_SRTP_PROTECTION_PROFILE_value(sk, idx) ((SRTP_PROTECTION_PROFILE *)OPENSSL_sk_value(ossl_check_const_SRTP_PROTECTION_PROFILE_sk_type(sk), (idx)))
+#define sk_SRTP_PROTECTION_PROFILE_new(cmp) ((STACK_OF(SRTP_PROTECTION_PROFILE) *)OPENSSL_sk_new(ossl_check_SRTP_PROTECTION_PROFILE_compfunc_type(cmp)))
+#define sk_SRTP_PROTECTION_PROFILE_new_null() ((STACK_OF(SRTP_PROTECTION_PROFILE) *)OPENSSL_sk_new_null())
+#define sk_SRTP_PROTECTION_PROFILE_new_reserve(cmp, n) ((STACK_OF(SRTP_PROTECTION_PROFILE) *)OPENSSL_sk_new_reserve(ossl_check_SRTP_PROTECTION_PROFILE_compfunc_type(cmp), (n)))
+#define sk_SRTP_PROTECTION_PROFILE_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_SRTP_PROTECTION_PROFILE_sk_type(sk), (n))
+#define sk_SRTP_PROTECTION_PROFILE_free(sk) OPENSSL_sk_free(ossl_check_SRTP_PROTECTION_PROFILE_sk_type(sk))
+#define sk_SRTP_PROTECTION_PROFILE_zero(sk) OPENSSL_sk_zero(ossl_check_SRTP_PROTECTION_PROFILE_sk_type(sk))
+#define sk_SRTP_PROTECTION_PROFILE_delete(sk, i) ((SRTP_PROTECTION_PROFILE *)OPENSSL_sk_delete(ossl_check_SRTP_PROTECTION_PROFILE_sk_type(sk), (i)))
+#define sk_SRTP_PROTECTION_PROFILE_delete_ptr(sk, ptr) ((SRTP_PROTECTION_PROFILE *)OPENSSL_sk_delete_ptr(ossl_check_SRTP_PROTECTION_PROFILE_sk_type(sk), ossl_check_SRTP_PROTECTION_PROFILE_type(ptr)))
+#define sk_SRTP_PROTECTION_PROFILE_push(sk, ptr) OPENSSL_sk_push(ossl_check_SRTP_PROTECTION_PROFILE_sk_type(sk), ossl_check_SRTP_PROTECTION_PROFILE_type(ptr))
+#define sk_SRTP_PROTECTION_PROFILE_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_SRTP_PROTECTION_PROFILE_sk_type(sk), ossl_check_SRTP_PROTECTION_PROFILE_type(ptr))
+#define sk_SRTP_PROTECTION_PROFILE_pop(sk) ((SRTP_PROTECTION_PROFILE *)OPENSSL_sk_pop(ossl_check_SRTP_PROTECTION_PROFILE_sk_type(sk)))
+#define sk_SRTP_PROTECTION_PROFILE_shift(sk) ((SRTP_PROTECTION_PROFILE *)OPENSSL_sk_shift(ossl_check_SRTP_PROTECTION_PROFILE_sk_type(sk)))
+#define sk_SRTP_PROTECTION_PROFILE_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_SRTP_PROTECTION_PROFILE_sk_type(sk),ossl_check_SRTP_PROTECTION_PROFILE_freefunc_type(freefunc))
+#define sk_SRTP_PROTECTION_PROFILE_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_SRTP_PROTECTION_PROFILE_sk_type(sk), ossl_check_SRTP_PROTECTION_PROFILE_type(ptr), (idx))
+#define sk_SRTP_PROTECTION_PROFILE_set(sk, idx, ptr) ((SRTP_PROTECTION_PROFILE *)OPENSSL_sk_set(ossl_check_SRTP_PROTECTION_PROFILE_sk_type(sk), (idx), ossl_check_SRTP_PROTECTION_PROFILE_type(ptr)))
+#define sk_SRTP_PROTECTION_PROFILE_find(sk, ptr) OPENSSL_sk_find(ossl_check_SRTP_PROTECTION_PROFILE_sk_type(sk), ossl_check_SRTP_PROTECTION_PROFILE_type(ptr))
+#define sk_SRTP_PROTECTION_PROFILE_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_SRTP_PROTECTION_PROFILE_sk_type(sk), ossl_check_SRTP_PROTECTION_PROFILE_type(ptr))
+#define sk_SRTP_PROTECTION_PROFILE_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_SRTP_PROTECTION_PROFILE_sk_type(sk), ossl_check_SRTP_PROTECTION_PROFILE_type(ptr), pnum)
+#define sk_SRTP_PROTECTION_PROFILE_sort(sk) OPENSSL_sk_sort(ossl_check_SRTP_PROTECTION_PROFILE_sk_type(sk))
+#define sk_SRTP_PROTECTION_PROFILE_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_SRTP_PROTECTION_PROFILE_sk_type(sk))
+#define sk_SRTP_PROTECTION_PROFILE_dup(sk) ((STACK_OF(SRTP_PROTECTION_PROFILE) *)OPENSSL_sk_dup(ossl_check_const_SRTP_PROTECTION_PROFILE_sk_type(sk)))
+#define sk_SRTP_PROTECTION_PROFILE_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(SRTP_PROTECTION_PROFILE) *)OPENSSL_sk_deep_copy(ossl_check_const_SRTP_PROTECTION_PROFILE_sk_type(sk), ossl_check_SRTP_PROTECTION_PROFILE_copyfunc_type(copyfunc), ossl_check_SRTP_PROTECTION_PROFILE_freefunc_type(freefunc)))
+#define sk_SRTP_PROTECTION_PROFILE_set_cmp_func(sk, cmp) ((sk_SRTP_PROTECTION_PROFILE_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_SRTP_PROTECTION_PROFILE_sk_type(sk), ossl_check_SRTP_PROTECTION_PROFILE_compfunc_type(cmp)))
+
typedef int (*tls_session_ticket_ext_cb_fn)(SSL *s, const unsigned char *data,
@@ -313,160 +340,131 @@ typedef int (*SSL_verify_cb)(int preverify_ok, X509_STORE_CTX *x509_ctx);
/* Typedef for SSL async callback */
typedef int (*SSL_async_callback_fn)(SSL *s, void *arg);
-/*
- * Some values are reserved until OpenSSL 3.0.0 because they were previously
- * included in SSL_OP_ALL in a 1.1.x release.
- */
-
-/* Disable Extended master secret */
-# define SSL_OP_NO_EXTENDED_MASTER_SECRET 0x00000001U
-
-/* Reserved value (until OpenSSL 3.0.0) 0x00000002U */
-
-/* Allow initial connection to servers that don't support RI */
-# define SSL_OP_LEGACY_SERVER_CONNECT 0x00000004U
-
-# define SSL_OP_TLSEXT_PADDING 0x00000010U
-# define SSL_OP_SAFARI_ECDHE_ECDSA_BUG 0x00000040U
-# define SSL_OP_IGNORE_UNEXPECTED_EOF 0x00000080U
-
-# define SSL_OP_DISABLE_TLSEXT_CA_NAMES 0x00000200U
-
-/* In TLSv1.3 allow a non-(ec)dhe based kex_mode */
-# define SSL_OP_ALLOW_NO_DHE_KEX 0x00000400U
+#define SSL_OP_BIT(n) ((uint64_t)1 << (uint64_t)n)
/*
- * Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added in
- * OpenSSL 0.9.6d. Usually (depending on the application protocol) the
- * workaround is not needed. Unfortunately some broken SSL/TLS
- * implementations cannot handle it at all, which is why we include it in
- * SSL_OP_ALL. Added in 0.9.6e
+ * SSL/TLS connection options.
*/
-# define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS 0x00000800U
-
-/* DTLS options */
-# define SSL_OP_NO_QUERY_MTU 0x00001000U
-/* Turn on Cookie Exchange (on relevant for servers) */
-# define SSL_OP_COOKIE_EXCHANGE 0x00002000U
-/* Don't use RFC4507 ticket extension */
-# define SSL_OP_NO_TICKET 0x00004000U
+ /* Disable Extended master secret */
+# define SSL_OP_NO_EXTENDED_MASTER_SECRET SSL_OP_BIT(0)
+ /* Cleanse plaintext copies of data delivered to the application */
+# define SSL_OP_CLEANSE_PLAINTEXT SSL_OP_BIT(1)
+ /* Allow initial connection to servers that don't support RI */
+# define SSL_OP_LEGACY_SERVER_CONNECT SSL_OP_BIT(2)
+ /* Enable support for Kernel TLS */
+# define SSL_OP_ENABLE_KTLS SSL_OP_BIT(3)
+# define SSL_OP_TLSEXT_PADDING SSL_OP_BIT(4)
+# define SSL_OP_SAFARI_ECDHE_ECDSA_BUG SSL_OP_BIT(6)
+# define SSL_OP_IGNORE_UNEXPECTED_EOF SSL_OP_BIT(7)
+# define SSL_OP_ALLOW_CLIENT_RENEGOTIATION SSL_OP_BIT(8)
+# define SSL_OP_DISABLE_TLSEXT_CA_NAMES SSL_OP_BIT(9)
+ /* In TLSv1.3 allow a non-(ec)dhe based kex_mode */
+# define SSL_OP_ALLOW_NO_DHE_KEX SSL_OP_BIT(10)
+ /*
+ * Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added
+ * in OpenSSL 0.9.6d. Usually (depending on the application protocol)
+ * the workaround is not needed. Unfortunately some broken SSL/TLS
+ * implementations cannot handle it at all, which is why we include it
+ * in SSL_OP_ALL. Added in 0.9.6e
+ */
+# define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS SSL_OP_BIT(11)
+ /* DTLS options */
+# define SSL_OP_NO_QUERY_MTU SSL_OP_BIT(12)
+ /* Turn on Cookie Exchange (on relevant for servers) */
+# define SSL_OP_COOKIE_EXCHANGE SSL_OP_BIT(13)
+ /* Don't use RFC4507 ticket extension */
+# define SSL_OP_NO_TICKET SSL_OP_BIT(14)
# ifndef OPENSSL_NO_DTLS1_METHOD
-/* Use Cisco's "speshul" version of DTLS_BAD_VER
- * (only with deprecated DTLSv1_client_method()) */
-# define SSL_OP_CISCO_ANYCONNECT 0x00008000U
+ /*
+ * Use Cisco's version identifier of DTLS_BAD_VER
+ * (only with deprecated DTLSv1_client_method())
+ */
+# define SSL_OP_CISCO_ANYCONNECT SSL_OP_BIT(15)
# endif
-
-/* As server, disallow session resumption on renegotiation */
-# define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000U
-/* Don't use compression even if supported */
-# define SSL_OP_NO_COMPRESSION 0x00020000U
-/* Permit unsafe legacy renegotiation */
-# define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00040000U
-/* Disable encrypt-then-mac */
-# define SSL_OP_NO_ENCRYPT_THEN_MAC 0x00080000U
-
-/*
- * Enable TLSv1.3 Compatibility mode. This is on by default. A future version
- * of OpenSSL may have this disabled by default.
- */
-# define SSL_OP_ENABLE_MIDDLEBOX_COMPAT 0x00100000U
-
-/* Prioritize Chacha20Poly1305 when client does.
- * Modifies SSL_OP_CIPHER_SERVER_PREFERENCE */
-# define SSL_OP_PRIORITIZE_CHACHA 0x00200000U
-
-/*
- * Set on servers to choose the cipher according to the server's preferences
- */
-# define SSL_OP_CIPHER_SERVER_PREFERENCE 0x00400000U
-/*
- * If set, a server will allow a client to issue a SSLv3.0 version number as
- * latest version supported in the premaster secret, even when TLSv1.0
- * (version 3.1) was announced in the client hello. Normally this is
- * forbidden to prevent version rollback attacks.
- */
-# define SSL_OP_TLS_ROLLBACK_BUG 0x00800000U
+ /* As server, disallow session resumption on renegotiation */
+# define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION SSL_OP_BIT(16)
+ /* Don't use compression even if supported */
+# define SSL_OP_NO_COMPRESSION SSL_OP_BIT(17)
+ /* Permit unsafe legacy renegotiation */
+# define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION SSL_OP_BIT(18)
+ /* Disable encrypt-then-mac */
+# define SSL_OP_NO_ENCRYPT_THEN_MAC SSL_OP_BIT(19)
+ /*
+ * Enable TLSv1.3 Compatibility mode. This is on by default. A future
+ * version of OpenSSL may have this disabled by default.
+ */
+# define SSL_OP_ENABLE_MIDDLEBOX_COMPAT SSL_OP_BIT(20)
+ /*
+ * Prioritize Chacha20Poly1305 when client does.
+ * Modifies SSL_OP_CIPHER_SERVER_PREFERENCE
+ */
+# define SSL_OP_PRIORITIZE_CHACHA SSL_OP_BIT(21)
+ /*
+ * Set on servers to choose the cipher according to server's preferences.
+ */
+# define SSL_OP_CIPHER_SERVER_PREFERENCE SSL_OP_BIT(22)
+ /*
+ * If set, a server will allow a client to issue a SSLv3.0 version
+ * number as latest version supported in the premaster secret, even when
+ * TLSv1.0 (version 3.1) was announced in the client hello. Normally
+ * this is forbidden to prevent version rollback attacks.
+ */
+# define SSL_OP_TLS_ROLLBACK_BUG SSL_OP_BIT(23)
+ /*
+ * Switches off automatic TLSv1.3 anti-replay protection for early data.
+ * This is a server-side option only (no effect on the client).
+ */
+# define SSL_OP_NO_ANTI_REPLAY SSL_OP_BIT(24)
+# define SSL_OP_NO_SSLv3 SSL_OP_BIT(25)
+# define SSL_OP_NO_TLSv1 SSL_OP_BIT(26)
+# define SSL_OP_NO_TLSv1_2 SSL_OP_BIT(27)
+# define SSL_OP_NO_TLSv1_1 SSL_OP_BIT(28)
+# define SSL_OP_NO_TLSv1_3 SSL_OP_BIT(29)
+# define SSL_OP_NO_DTLSv1 SSL_OP_BIT(26)
+# define SSL_OP_NO_DTLSv1_2 SSL_OP_BIT(27)
+ /* Disallow all renegotiation */
+# define SSL_OP_NO_RENEGOTIATION SSL_OP_BIT(30)
+ /*
+ * Make server add server-hello extension from early version of
+ * cryptopro draft, when GOST ciphersuite is negotiated. Required for
+ * interoperability with CryptoPro CSP 3.x
+ */
+# define SSL_OP_CRYPTOPRO_TLSEXT_BUG SSL_OP_BIT(31)
/*
- * Switches off automatic TLSv1.3 anti-replay protection for early data. This
- * is a server-side option only (no effect on the client).
+ * Option "collections."
*/
-# define SSL_OP_NO_ANTI_REPLAY 0x01000000U
-
-# define SSL_OP_NO_SSLv3 0x02000000U
-# define SSL_OP_NO_TLSv1 0x04000000U
-# define SSL_OP_NO_TLSv1_2 0x08000000U
-# define SSL_OP_NO_TLSv1_1 0x10000000U
-# define SSL_OP_NO_TLSv1_3 0x20000000U
+# define SSL_OP_NO_SSL_MASK \
+ ( SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 \
+ | SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3 )
+# define SSL_OP_NO_DTLS_MASK \
+ ( SSL_OP_NO_DTLSv1 | SSL_OP_NO_DTLSv1_2 )
-# define SSL_OP_NO_DTLSv1 0x04000000U
-# define SSL_OP_NO_DTLSv1_2 0x08000000U
-
-# define SSL_OP_NO_SSL_MASK (SSL_OP_NO_SSLv3|\
- SSL_OP_NO_TLSv1|SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1_2|SSL_OP_NO_TLSv1_3)
-# define SSL_OP_NO_DTLS_MASK (SSL_OP_NO_DTLSv1|SSL_OP_NO_DTLSv1_2)
-
-/* Disallow all renegotiation */
-# define SSL_OP_NO_RENEGOTIATION 0x40000000U
-
-/*
- * Make server add server-hello extension from early version of cryptopro
- * draft, when GOST ciphersuite is negotiated. Required for interoperability
- * with CryptoPro CSP 3.x
- */
-# define SSL_OP_CRYPTOPRO_TLSEXT_BUG 0x80000000U
+/* Various bug workarounds that should be rather harmless. */
+# define SSL_OP_ALL \
+ ( SSL_OP_CRYPTOPRO_TLSEXT_BUG | SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS \
+ | SSL_OP_TLSEXT_PADDING | SSL_OP_SAFARI_ECDHE_ECDSA_BUG )
/*
- * SSL_OP_ALL: various bug workarounds that should be rather harmless.
- * This used to be 0x000FFFFFL before 0.9.7.
- * This used to be 0x80000BFFU before 1.1.1.
+ * OBSOLETE OPTIONS retained for compatibility
*/
-# define SSL_OP_ALL (SSL_OP_CRYPTOPRO_TLSEXT_BUG|\
- SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS|\
- SSL_OP_LEGACY_SERVER_CONNECT|\
- SSL_OP_TLSEXT_PADDING|\
- SSL_OP_SAFARI_ECDHE_ECDSA_BUG)
-
-/* OBSOLETE OPTIONS: retained for compatibility */
-/* Removed from OpenSSL 1.1.0. Was 0x00000001L */
-/* Related to removed SSLv2. */
# define SSL_OP_MICROSOFT_SESS_ID_BUG 0x0
-/* Removed from OpenSSL 1.1.0. Was 0x00000002L */
-/* Related to removed SSLv2. */
# define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x0
-/* Removed from OpenSSL 0.9.8q and 1.0.0c. Was 0x00000008L */
-/* Dead forever, see CVE-2010-4180 */
# define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x0
-/* Removed from OpenSSL 1.0.1h and 1.0.2. Was 0x00000010L */
-/* Refers to ancient SSLREF and SSLv2. */
# define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x0
-/* Removed from OpenSSL 1.1.0. Was 0x00000020 */
# define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x0
-/* Removed from OpenSSL 0.9.7h and 0.9.8b. Was 0x00000040L */
# define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x0
-/* Removed from OpenSSL 1.1.0. Was 0x00000080 */
-/* Ancient SSLeay version. */
# define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x0
-/* Removed from OpenSSL 1.1.0. Was 0x00000100L */
# define SSL_OP_TLS_D5_BUG 0x0
-/* Removed from OpenSSL 1.1.0. Was 0x00000200L */
# define SSL_OP_TLS_BLOCK_PADDING_BUG 0x0
-/* Removed from OpenSSL 1.1.0. Was 0x00080000L */
# define SSL_OP_SINGLE_ECDH_USE 0x0
-/* Removed from OpenSSL 1.1.0. Was 0x00100000L */
# define SSL_OP_SINGLE_DH_USE 0x0
-/* Removed from OpenSSL 1.0.1k and 1.0.2. Was 0x00200000L */
# define SSL_OP_EPHEMERAL_RSA 0x0
-/* Removed from OpenSSL 1.1.0. Was 0x01000000L */
# define SSL_OP_NO_SSLv2 0x0
-/* Removed from OpenSSL 1.0.1. Was 0x08000000L */
# define SSL_OP_PKCS1_CHECK_1 0x0
-/* Removed from OpenSSL 1.0.1. Was 0x10000000L */
# define SSL_OP_PKCS1_CHECK_2 0x0
-/* Removed from OpenSSL 1.1.0. Was 0x20000000L */
# define SSL_OP_NETSCAPE_CA_DN_BUG 0x0
-/* Removed from OpenSSL 1.1.0. Was 0x40000000L */
# define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x0
/*
@@ -512,10 +510,7 @@ typedef int (*SSL_async_callback_fn)(SSL *s, void *arg);
* Support Asynchronous operation
*/
# define SSL_MODE_ASYNC 0x00000100U
-/*
- * Don't use the kernel TLS data-path for sending.
- */
-# define SSL_MODE_NO_KTLS_TX 0x00000200U
+
/*
* When using DTLS/SCTP, include the terminating zero in the label
* used for computing the endpoint-pair shared secret. Required for
@@ -528,10 +523,6 @@ typedef int (*SSL_async_callback_fn)(SSL *s, void *arg);
* - OpenSSL 1.1.1 and 1.1.1a
*/
# define SSL_MODE_DTLS_SCTP_LABEL_LENGTH_BUG 0x00000400U
-/*
- * Don't use the kernel TLS data-path for receiving.
- */
-# define SSL_MODE_NO_KTLS_RX 0x00000800U
/* Cert related flags */
/*
@@ -607,12 +598,12 @@ typedef int (*SSL_async_callback_fn)(SSL *s, void *arg);
* cannot be used to clear bits.
*/
-unsigned long SSL_CTX_get_options(const SSL_CTX *ctx);
-unsigned long SSL_get_options(const SSL *s);
-unsigned long SSL_CTX_clear_options(SSL_CTX *ctx, unsigned long op);
-unsigned long SSL_clear_options(SSL *s, unsigned long op);
-unsigned long SSL_CTX_set_options(SSL_CTX *ctx, unsigned long op);
-unsigned long SSL_set_options(SSL *s, unsigned long op);
+uint64_t SSL_CTX_get_options(const SSL_CTX *ctx);
+uint64_t SSL_get_options(const SSL *s);
+uint64_t SSL_CTX_clear_options(SSL_CTX *ctx, uint64_t op);
+uint64_t SSL_clear_options(SSL *s, uint64_t op);
+uint64_t SSL_CTX_set_options(SSL_CTX *ctx, uint64_t op);
+uint64_t SSL_set_options(SSL *s, uint64_t op);
# define SSL_CTX_set_mode(ctx,op) \
SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL)
@@ -660,19 +651,20 @@ void SSL_set_msg_callback(SSL *ssl,
SSL_ctrl((s),SSL_CTRL_GET_EXTMS_SUPPORT,0,NULL)
# ifndef OPENSSL_NO_SRP
-
/* see tls_srp.c */
-__owur int SSL_SRP_CTX_init(SSL *s);
-__owur int SSL_CTX_SRP_CTX_init(SSL_CTX *ctx);
-int SSL_SRP_CTX_free(SSL *ctx);
-int SSL_CTX_SRP_CTX_free(SSL_CTX *ctx);
-__owur int SSL_srp_server_param_with_username(SSL *s, int *ad);
-__owur int SRP_Calc_A_param(SSL *s);
-
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 __owur int SSL_SRP_CTX_init(SSL *s);
+OSSL_DEPRECATEDIN_3_0 __owur int SSL_CTX_SRP_CTX_init(SSL_CTX *ctx);
+OSSL_DEPRECATEDIN_3_0 int SSL_SRP_CTX_free(SSL *ctx);
+OSSL_DEPRECATEDIN_3_0 int SSL_CTX_SRP_CTX_free(SSL_CTX *ctx);
+OSSL_DEPRECATEDIN_3_0 __owur int SSL_srp_server_param_with_username(SSL *s,
+ int *ad);
+OSSL_DEPRECATEDIN_3_0 __owur int SRP_Calc_A_param(SSL *s);
+# endif
# endif
/* 100k max cert list */
-# define SSL_MAX_CERT_LIST_DEFAULT 1024*100
+# define SSL_MAX_CERT_LIST_DEFAULT (1024*100)
# define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT (1024*20)
@@ -701,6 +693,7 @@ typedef int (*GEN_SESSION_CB) (SSL *ssl, unsigned char *id,
# define SSL_SESS_CACHE_NO_INTERNAL_STORE 0x0200
# define SSL_SESS_CACHE_NO_INTERNAL \
(SSL_SESS_CACHE_NO_INTERNAL_LOOKUP|SSL_SESS_CACHE_NO_INTERNAL_STORE)
+# define SSL_SESS_CACHE_UPDATE_TIME 0x0400
LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx);
# define SSL_CTX_sess_number(ctx) \
@@ -840,8 +833,8 @@ void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
* the maximum length of the buffer given to callbacks containing the
* resulting identity/psk
*/
-# define PSK_MAX_IDENTITY_LEN 128
-# define PSK_MAX_PSK_LEN 256
+# define PSK_MAX_IDENTITY_LEN 256
+# define PSK_MAX_PSK_LEN 512
typedef unsigned int (*SSL_psk_client_cb_func)(SSL *ssl,
const char *hint,
char *identity,
@@ -918,12 +911,14 @@ __owur int SSL_extension_supported(unsigned int ext_type);
# define SSL_ASYNC_PAUSED 5
# define SSL_ASYNC_NO_JOBS 6
# define SSL_CLIENT_HELLO_CB 7
+# define SSL_RETRY_VERIFY 8
/* These will only be used when doing non-blocking IO */
# define SSL_want_nothing(s) (SSL_want(s) == SSL_NOTHING)
# define SSL_want_read(s) (SSL_want(s) == SSL_READING)
# define SSL_want_write(s) (SSL_want(s) == SSL_WRITING)
# define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP)
+# define SSL_want_retry_verify(s) (SSL_want(s) == SSL_RETRY_VERIFY)
# define SSL_want_async(s) (SSL_want(s) == SSL_ASYNC_PAUSED)
# define SSL_want_async_job(s) (SSL_want(s) == SSL_ASYNC_NO_JOBS)
# define SSL_want_client_hello_cb(s) (SSL_want(s) == SSL_CLIENT_HELLO_CB)
@@ -979,8 +974,59 @@ extern "C" {
* These need to be after the above set of includes due to a compiler bug
* in VisualStudio 2015
*/
-DEFINE_OR_DECLARE_STACK_OF(SSL_CIPHER)
-DEFINE_OR_DECLARE_STACK_OF(SSL_COMP)
+SKM_DEFINE_STACK_OF_INTERNAL(SSL_CIPHER, const SSL_CIPHER, SSL_CIPHER)
+#define sk_SSL_CIPHER_num(sk) OPENSSL_sk_num(ossl_check_const_SSL_CIPHER_sk_type(sk))
+#define sk_SSL_CIPHER_value(sk, idx) ((const SSL_CIPHER *)OPENSSL_sk_value(ossl_check_const_SSL_CIPHER_sk_type(sk), (idx)))
+#define sk_SSL_CIPHER_new(cmp) ((STACK_OF(SSL_CIPHER) *)OPENSSL_sk_new(ossl_check_SSL_CIPHER_compfunc_type(cmp)))
+#define sk_SSL_CIPHER_new_null() ((STACK_OF(SSL_CIPHER) *)OPENSSL_sk_new_null())
+#define sk_SSL_CIPHER_new_reserve(cmp, n) ((STACK_OF(SSL_CIPHER) *)OPENSSL_sk_new_reserve(ossl_check_SSL_CIPHER_compfunc_type(cmp), (n)))
+#define sk_SSL_CIPHER_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_SSL_CIPHER_sk_type(sk), (n))
+#define sk_SSL_CIPHER_free(sk) OPENSSL_sk_free(ossl_check_SSL_CIPHER_sk_type(sk))
+#define sk_SSL_CIPHER_zero(sk) OPENSSL_sk_zero(ossl_check_SSL_CIPHER_sk_type(sk))
+#define sk_SSL_CIPHER_delete(sk, i) ((const SSL_CIPHER *)OPENSSL_sk_delete(ossl_check_SSL_CIPHER_sk_type(sk), (i)))
+#define sk_SSL_CIPHER_delete_ptr(sk, ptr) ((const SSL_CIPHER *)OPENSSL_sk_delete_ptr(ossl_check_SSL_CIPHER_sk_type(sk), ossl_check_SSL_CIPHER_type(ptr)))
+#define sk_SSL_CIPHER_push(sk, ptr) OPENSSL_sk_push(ossl_check_SSL_CIPHER_sk_type(sk), ossl_check_SSL_CIPHER_type(ptr))
+#define sk_SSL_CIPHER_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_SSL_CIPHER_sk_type(sk), ossl_check_SSL_CIPHER_type(ptr))
+#define sk_SSL_CIPHER_pop(sk) ((const SSL_CIPHER *)OPENSSL_sk_pop(ossl_check_SSL_CIPHER_sk_type(sk)))
+#define sk_SSL_CIPHER_shift(sk) ((const SSL_CIPHER *)OPENSSL_sk_shift(ossl_check_SSL_CIPHER_sk_type(sk)))
+#define sk_SSL_CIPHER_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_SSL_CIPHER_sk_type(sk),ossl_check_SSL_CIPHER_freefunc_type(freefunc))
+#define sk_SSL_CIPHER_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_SSL_CIPHER_sk_type(sk), ossl_check_SSL_CIPHER_type(ptr), (idx))
+#define sk_SSL_CIPHER_set(sk, idx, ptr) ((const SSL_CIPHER *)OPENSSL_sk_set(ossl_check_SSL_CIPHER_sk_type(sk), (idx), ossl_check_SSL_CIPHER_type(ptr)))
+#define sk_SSL_CIPHER_find(sk, ptr) OPENSSL_sk_find(ossl_check_SSL_CIPHER_sk_type(sk), ossl_check_SSL_CIPHER_type(ptr))
+#define sk_SSL_CIPHER_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_SSL_CIPHER_sk_type(sk), ossl_check_SSL_CIPHER_type(ptr))
+#define sk_SSL_CIPHER_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_SSL_CIPHER_sk_type(sk), ossl_check_SSL_CIPHER_type(ptr), pnum)
+#define sk_SSL_CIPHER_sort(sk) OPENSSL_sk_sort(ossl_check_SSL_CIPHER_sk_type(sk))
+#define sk_SSL_CIPHER_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_SSL_CIPHER_sk_type(sk))
+#define sk_SSL_CIPHER_dup(sk) ((STACK_OF(SSL_CIPHER) *)OPENSSL_sk_dup(ossl_check_const_SSL_CIPHER_sk_type(sk)))
+#define sk_SSL_CIPHER_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(SSL_CIPHER) *)OPENSSL_sk_deep_copy(ossl_check_const_SSL_CIPHER_sk_type(sk), ossl_check_SSL_CIPHER_copyfunc_type(copyfunc), ossl_check_SSL_CIPHER_freefunc_type(freefunc)))
+#define sk_SSL_CIPHER_set_cmp_func(sk, cmp) ((sk_SSL_CIPHER_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_SSL_CIPHER_sk_type(sk), ossl_check_SSL_CIPHER_compfunc_type(cmp)))
+SKM_DEFINE_STACK_OF_INTERNAL(SSL_COMP, SSL_COMP, SSL_COMP)
+#define sk_SSL_COMP_num(sk) OPENSSL_sk_num(ossl_check_const_SSL_COMP_sk_type(sk))
+#define sk_SSL_COMP_value(sk, idx) ((SSL_COMP *)OPENSSL_sk_value(ossl_check_const_SSL_COMP_sk_type(sk), (idx)))
+#define sk_SSL_COMP_new(cmp) ((STACK_OF(SSL_COMP) *)OPENSSL_sk_new(ossl_check_SSL_COMP_compfunc_type(cmp)))
+#define sk_SSL_COMP_new_null() ((STACK_OF(SSL_COMP) *)OPENSSL_sk_new_null())
+#define sk_SSL_COMP_new_reserve(cmp, n) ((STACK_OF(SSL_COMP) *)OPENSSL_sk_new_reserve(ossl_check_SSL_COMP_compfunc_type(cmp), (n)))
+#define sk_SSL_COMP_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_SSL_COMP_sk_type(sk), (n))
+#define sk_SSL_COMP_free(sk) OPENSSL_sk_free(ossl_check_SSL_COMP_sk_type(sk))
+#define sk_SSL_COMP_zero(sk) OPENSSL_sk_zero(ossl_check_SSL_COMP_sk_type(sk))
+#define sk_SSL_COMP_delete(sk, i) ((SSL_COMP *)OPENSSL_sk_delete(ossl_check_SSL_COMP_sk_type(sk), (i)))
+#define sk_SSL_COMP_delete_ptr(sk, ptr) ((SSL_COMP *)OPENSSL_sk_delete_ptr(ossl_check_SSL_COMP_sk_type(sk), ossl_check_SSL_COMP_type(ptr)))
+#define sk_SSL_COMP_push(sk, ptr) OPENSSL_sk_push(ossl_check_SSL_COMP_sk_type(sk), ossl_check_SSL_COMP_type(ptr))
+#define sk_SSL_COMP_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_SSL_COMP_sk_type(sk), ossl_check_SSL_COMP_type(ptr))
+#define sk_SSL_COMP_pop(sk) ((SSL_COMP *)OPENSSL_sk_pop(ossl_check_SSL_COMP_sk_type(sk)))
+#define sk_SSL_COMP_shift(sk) ((SSL_COMP *)OPENSSL_sk_shift(ossl_check_SSL_COMP_sk_type(sk)))
+#define sk_SSL_COMP_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_SSL_COMP_sk_type(sk),ossl_check_SSL_COMP_freefunc_type(freefunc))
+#define sk_SSL_COMP_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_SSL_COMP_sk_type(sk), ossl_check_SSL_COMP_type(ptr), (idx))
+#define sk_SSL_COMP_set(sk, idx, ptr) ((SSL_COMP *)OPENSSL_sk_set(ossl_check_SSL_COMP_sk_type(sk), (idx), ossl_check_SSL_COMP_type(ptr)))
+#define sk_SSL_COMP_find(sk, ptr) OPENSSL_sk_find(ossl_check_SSL_COMP_sk_type(sk), ossl_check_SSL_COMP_type(ptr))
+#define sk_SSL_COMP_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_SSL_COMP_sk_type(sk), ossl_check_SSL_COMP_type(ptr))
+#define sk_SSL_COMP_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_SSL_COMP_sk_type(sk), ossl_check_SSL_COMP_type(ptr), pnum)
+#define sk_SSL_COMP_sort(sk) OPENSSL_sk_sort(ossl_check_SSL_COMP_sk_type(sk))
+#define sk_SSL_COMP_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_SSL_COMP_sk_type(sk))
+#define sk_SSL_COMP_dup(sk) ((STACK_OF(SSL_COMP) *)OPENSSL_sk_dup(ossl_check_const_SSL_COMP_sk_type(sk)))
+#define sk_SSL_COMP_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(SSL_COMP) *)OPENSSL_sk_deep_copy(ossl_check_const_SSL_COMP_sk_type(sk), ossl_check_SSL_COMP_copyfunc_type(copyfunc), ossl_check_SSL_COMP_freefunc_type(freefunc)))
+#define sk_SSL_COMP_set_cmp_func(sk, cmp) ((sk_SSL_COMP_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_SSL_COMP_sk_type(sk), ossl_check_SSL_COMP_compfunc_type(cmp)))
+
/* compatibility */
# define SSL_set_app_data(s,arg) (SSL_set_ex_data(s,0,(char *)(arg)))
@@ -991,7 +1037,9 @@ DEFINE_OR_DECLARE_STACK_OF(SSL_COMP)
# define SSL_CTX_get_app_data(ctx) (SSL_CTX_get_ex_data(ctx,0))
# define SSL_CTX_set_app_data(ctx,arg) (SSL_CTX_set_ex_data(ctx,0, \
(char *)(arg)))
-DEPRECATEDIN_1_1_0(void SSL_set_debug(SSL *s, int debug))
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+OSSL_DEPRECATEDIN_1_1_0 void SSL_set_debug(SSL *s, int debug);
+# endif
/* TLSv1.3 KeyUpdate message types */
/* -1 used so that this is an invalid value for the on-the-wire protocol */
@@ -1214,9 +1262,14 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
# define SSL_ERROR_WANT_ASYNC 9
# define SSL_ERROR_WANT_ASYNC_JOB 10
# define SSL_ERROR_WANT_CLIENT_HELLO_CB 11
-# define SSL_CTRL_SET_TMP_DH 3
-# define SSL_CTRL_SET_TMP_ECDH 4
-# define SSL_CTRL_SET_TMP_DH_CB 6
+# define SSL_ERROR_WANT_RETRY_VERIFY 12
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define SSL_CTRL_SET_TMP_DH 3
+# define SSL_CTRL_SET_TMP_ECDH 4
+# define SSL_CTRL_SET_TMP_DH_CB 6
+# endif
+
# define SSL_CTRL_GET_CLIENT_CERT_REQUEST 9
# define SSL_CTRL_GET_NUM_RENEGOTIATIONS 10
# define SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS 11
@@ -1340,14 +1393,18 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
SSL_ctrl((ssl),SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS,0,NULL)
# define SSL_total_renegotiations(ssl) \
SSL_ctrl((ssl),SSL_CTRL_GET_TOTAL_RENEGOTIATIONS,0,NULL)
-# define SSL_CTX_set_tmp_dh(ctx,dh) \
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define SSL_CTX_set_tmp_dh(ctx,dh) \
SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)(dh))
+# endif
# define SSL_CTX_set_dh_auto(ctx, onoff) \
SSL_CTX_ctrl(ctx,SSL_CTRL_SET_DH_AUTO,onoff,NULL)
# define SSL_set_dh_auto(s, onoff) \
SSL_ctrl(s,SSL_CTRL_SET_DH_AUTO,onoff,NULL)
-# define SSL_set_tmp_dh(ssl,dh) \
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define SSL_set_tmp_dh(ssl,dh) \
SSL_ctrl(ssl,SSL_CTRL_SET_TMP_DH,0,(char *)(dh))
+# endif
# ifndef OPENSSL_NO_DEPRECATED_3_0
# define SSL_CTX_set_tmp_ecdh(ctx,ecdh) \
SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH,0,(char *)(ecdh))
@@ -1480,12 +1537,17 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
# define SSL_get_max_proto_version(s) \
SSL_ctrl(s, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, NULL)
+const char *SSL_group_to_name(SSL *s, int id);
+
/* Backwards compatibility, original 1.1.0 names */
# define SSL_CTRL_GET_SERVER_TMP_KEY \
SSL_CTRL_GET_PEER_TMP_KEY
# define SSL_get_server_tmp_key(s, pk) \
SSL_get_peer_tmp_key(s, pk)
+int SSL_set0_tmp_dh_pkey(SSL *s, EVP_PKEY *dhpkey);
+int SSL_CTX_set0_tmp_dh_pkey(SSL_CTX *ctx, EVP_PKEY *dhpkey);
+
/*
* The following symbol names are old and obsolete. They are kept
* for compatibility reasons only and should not be used anymore.
@@ -1527,8 +1589,8 @@ void BIO_ssl_shutdown(BIO *ssl_bio);
__owur int SSL_CTX_set_cipher_list(SSL_CTX *, const char *str);
__owur SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth);
-__owur SSL_CTX *SSL_CTX_new_with_libctx(OPENSSL_CTX *libctx, const char *propq,
- const SSL_METHOD *meth);
+__owur SSL_CTX *SSL_CTX_new_ex(OSSL_LIB_CTX *libctx, const char *propq,
+ const SSL_METHOD *meth);
int SSL_CTX_up_ref(SSL_CTX *ctx);
void SSL_CTX_free(SSL_CTX *);
__owur long SSL_CTX_set_timeout(SSL_CTX *ctx, long t);
@@ -1583,10 +1645,11 @@ __owur SSL_verify_cb SSL_get_verify_callback(const SSL *s);
void SSL_set_verify(SSL *s, int mode, SSL_verify_cb callback);
void SSL_set_verify_depth(SSL *s, int depth);
void SSL_set_cert_cb(SSL *s, int (*cb) (SSL *ssl, void *arg), void *arg);
-# ifndef OPENSSL_NO_RSA
-__owur int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
-__owur int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, const unsigned char *d,
- long len);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 __owur int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
+OSSL_DEPRECATEDIN_3_0
+__owur int SSL_use_RSAPrivateKey_ASN1(SSL *ssl,
+ const unsigned char *d, long len);
# endif
__owur int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
__owur int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, const unsigned char *d,
@@ -1609,14 +1672,16 @@ __owur int SSL_CTX_use_serverinfo_ex(SSL_CTX *ctx, unsigned int version,
size_t serverinfo_length);
__owur int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file);
-#ifndef OPENSSL_NO_RSA
+#ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0
__owur int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
#endif
__owur int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
__owur int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
-#ifndef OPENSSL_NO_RSA
+#ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0
__owur int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file,
int type);
#endif
@@ -1628,6 +1693,9 @@ __owur int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file,
__owur int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
__owur int SSL_use_certificate_chain_file(SSL *ssl, const char *file);
__owur STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);
+__owur STACK_OF(X509_NAME)
+*SSL_load_client_CA_file_ex(const char *file, OSSL_LIB_CTX *libctx,
+ const char *propq);
__owur int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
const char *file);
int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
@@ -1705,7 +1773,12 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
long length);
# ifdef OPENSSL_X509_H
-__owur X509 *SSL_get_peer_certificate(const SSL *s);
+__owur X509 *SSL_get0_peer_certificate(const SSL *s);
+__owur X509 *SSL_get1_peer_certificate(const SSL *s);
+/* Deprecated in 3.0.0 */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define SSL_get_peer_certificate SSL_get1_peer_certificate
+# endif
# endif
__owur STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s);
@@ -1720,8 +1793,10 @@ void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,
void *arg);
void SSL_CTX_set_cert_cb(SSL_CTX *c, int (*cb) (SSL *ssl, void *arg),
void *arg);
-# ifndef OPENSSL_NO_RSA
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0
__owur int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
+OSSL_DEPRECATEDIN_3_0
__owur int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d,
long len);
# endif
@@ -1771,10 +1846,10 @@ __owur int SSL_CTX_dane_mtype_set(SSL_CTX *ctx, const EVP_MD *md,
uint8_t mtype, uint8_t ord);
__owur int SSL_dane_enable(SSL *s, const char *basedomain);
__owur int SSL_dane_tlsa_add(SSL *s, uint8_t usage, uint8_t selector,
- uint8_t mtype, unsigned const char *data, size_t dlen);
+ uint8_t mtype, const unsigned char *data, size_t dlen);
__owur int SSL_get0_dane_authority(SSL *s, X509 **mcert, EVP_PKEY **mspki);
__owur int SSL_get0_dane_tlsa(SSL *s, uint8_t *usage, uint8_t *selector,
- uint8_t *mtype, unsigned const char **data,
+ uint8_t *mtype, const unsigned char **data,
size_t *dlen);
/*
* Bridge opacity barrier between libcrypt and libssl, also needed to support
@@ -1796,27 +1871,34 @@ __owur X509_VERIFY_PARAM *SSL_CTX_get0_param(SSL_CTX *ctx);
__owur X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl);
# ifndef OPENSSL_NO_SRP
-int SSL_CTX_set_srp_username(SSL_CTX *ctx, char *name);
-int SSL_CTX_set_srp_password(SSL_CTX *ctx, char *password);
-int SSL_CTX_set_srp_strength(SSL_CTX *ctx, int strength);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int SSL_CTX_set_srp_username(SSL_CTX *ctx, char *name);
+OSSL_DEPRECATEDIN_3_0 int SSL_CTX_set_srp_password(SSL_CTX *ctx, char *password);
+OSSL_DEPRECATEDIN_3_0 int SSL_CTX_set_srp_strength(SSL_CTX *ctx, int strength);
+OSSL_DEPRECATEDIN_3_0
int SSL_CTX_set_srp_client_pwd_callback(SSL_CTX *ctx,
char *(*cb) (SSL *, void *));
+OSSL_DEPRECATEDIN_3_0
int SSL_CTX_set_srp_verify_param_callback(SSL_CTX *ctx,
int (*cb) (SSL *, void *));
+OSSL_DEPRECATEDIN_3_0
int SSL_CTX_set_srp_username_callback(SSL_CTX *ctx,
int (*cb) (SSL *, int *, void *));
-int SSL_CTX_set_srp_cb_arg(SSL_CTX *ctx, void *arg);
+OSSL_DEPRECATEDIN_3_0 int SSL_CTX_set_srp_cb_arg(SSL_CTX *ctx, void *arg);
+OSSL_DEPRECATEDIN_3_0
int SSL_set_srp_server_param(SSL *s, const BIGNUM *N, const BIGNUM *g,
BIGNUM *sa, BIGNUM *v, char *info);
+OSSL_DEPRECATEDIN_3_0
int SSL_set_srp_server_param_pw(SSL *s, const char *user, const char *pass,
const char *grp);
-__owur BIGNUM *SSL_get_srp_g(SSL *s);
-__owur BIGNUM *SSL_get_srp_N(SSL *s);
+OSSL_DEPRECATEDIN_3_0 __owur BIGNUM *SSL_get_srp_g(SSL *s);
+OSSL_DEPRECATEDIN_3_0 __owur BIGNUM *SSL_get_srp_N(SSL *s);
-__owur char *SSL_get_srp_username(SSL *s);
-__owur char *SSL_get_srp_userinfo(SSL *s);
+OSSL_DEPRECATEDIN_3_0 __owur char *SSL_get_srp_username(SSL *s);
+OSSL_DEPRECATEDIN_3_0 __owur char *SSL_get_srp_userinfo(SSL *s);
+# endif
# endif
/*
@@ -1894,12 +1976,17 @@ __owur int SSL_get_error(const SSL *s, int ret_code);
__owur const char *SSL_get_version(const SSL *s);
/* This sets the 'default' SSL version that SSL_new() will create */
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0
__owur int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth);
+# endif
# ifndef OPENSSL_NO_SSL3_METHOD
-DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *SSLv3_method(void)) /* SSLv3 */
-DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *SSLv3_server_method(void))
-DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *SSLv3_client_method(void))
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+OSSL_DEPRECATEDIN_1_1_0 __owur const SSL_METHOD *SSLv3_method(void); /* SSLv3 */
+OSSL_DEPRECATEDIN_1_1_0 __owur const SSL_METHOD *SSLv3_server_method(void);
+OSSL_DEPRECATEDIN_1_1_0 __owur const SSL_METHOD *SSLv3_client_method(void);
+# endif
# endif
#define SSLv23_method TLS_method
@@ -1912,34 +1999,44 @@ __owur const SSL_METHOD *TLS_server_method(void);
__owur const SSL_METHOD *TLS_client_method(void);
# ifndef OPENSSL_NO_TLS1_METHOD
-DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *TLSv1_method(void)) /* TLSv1.0 */
-DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *TLSv1_server_method(void))
-DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *TLSv1_client_method(void))
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+OSSL_DEPRECATEDIN_1_1_0 __owur const SSL_METHOD *TLSv1_method(void); /* TLSv1.0 */
+OSSL_DEPRECATEDIN_1_1_0 __owur const SSL_METHOD *TLSv1_server_method(void);
+OSSL_DEPRECATEDIN_1_1_0 __owur const SSL_METHOD *TLSv1_client_method(void);
+# endif
# endif
# ifndef OPENSSL_NO_TLS1_1_METHOD
-DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *TLSv1_1_method(void)) /* TLSv1.1 */
-DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *TLSv1_1_server_method(void))
-DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *TLSv1_1_client_method(void))
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+OSSL_DEPRECATEDIN_1_1_0 __owur const SSL_METHOD *TLSv1_1_method(void); /* TLSv1.1 */
+OSSL_DEPRECATEDIN_1_1_0 __owur const SSL_METHOD *TLSv1_1_server_method(void);
+OSSL_DEPRECATEDIN_1_1_0 __owur const SSL_METHOD *TLSv1_1_client_method(void);
+# endif
# endif
# ifndef OPENSSL_NO_TLS1_2_METHOD
-DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *TLSv1_2_method(void)) /* TLSv1.2 */
-DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *TLSv1_2_server_method(void))
-DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *TLSv1_2_client_method(void))
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+OSSL_DEPRECATEDIN_1_1_0 __owur const SSL_METHOD *TLSv1_2_method(void); /* TLSv1.2 */
+OSSL_DEPRECATEDIN_1_1_0 __owur const SSL_METHOD *TLSv1_2_server_method(void);
+OSSL_DEPRECATEDIN_1_1_0 __owur const SSL_METHOD *TLSv1_2_client_method(void);
+# endif
# endif
# ifndef OPENSSL_NO_DTLS1_METHOD
-DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *DTLSv1_method(void)) /* DTLSv1.0 */
-DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *DTLSv1_server_method(void))
-DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *DTLSv1_client_method(void))
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+OSSL_DEPRECATEDIN_1_1_0 __owur const SSL_METHOD *DTLSv1_method(void); /* DTLSv1.0 */
+OSSL_DEPRECATEDIN_1_1_0 __owur const SSL_METHOD *DTLSv1_server_method(void);
+OSSL_DEPRECATEDIN_1_1_0 __owur const SSL_METHOD *DTLSv1_client_method(void);
+# endif
# endif
# ifndef OPENSSL_NO_DTLS1_2_METHOD
/* DTLSv1.2 */
-DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *DTLSv1_2_method(void))
-DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *DTLSv1_2_server_method(void))
-DEPRECATEDIN_1_1_0(__owur const SSL_METHOD *DTLSv1_2_client_method(void))
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+OSSL_DEPRECATEDIN_1_1_0 __owur const SSL_METHOD *DTLSv1_2_method(void);
+OSSL_DEPRECATEDIN_1_1_0 __owur const SSL_METHOD *DTLSv1_2_server_method(void);
+OSSL_DEPRECATEDIN_1_1_0 __owur const SSL_METHOD *DTLSv1_2_client_method(void);
+# endif
# endif
__owur const SSL_METHOD *DTLS_method(void); /* DTLS 1.0 and 1.2 */
@@ -2110,13 +2207,17 @@ void SSL_CTX_set_default_read_buffer_len(SSL_CTX *ctx, size_t len);
void SSL_set_default_read_buffer_len(SSL *s, size_t len);
# ifndef OPENSSL_NO_DH
+# ifndef OPENSSL_NO_DEPRECATED_3_0
/* NB: the |keylength| is only applicable when is_export is true */
+OSSL_DEPRECATEDIN_3_0
void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
DH *(*dh) (SSL *ssl, int is_export,
int keylength));
+OSSL_DEPRECATEDIN_3_0
void SSL_set_tmp_dh_callback(SSL *ssl,
DH *(*dh) (SSL *ssl, int is_export,
int keylength));
+# endif
# endif
__owur const COMP_METHOD *SSL_get_current_compression(const SSL *s);
diff --git a/openssl/include/openssl/ssl2.h b/openssl/include/openssl/ssl2.h
index 8ecd89e5..8ecd89e5 100644..100755
--- a/openssl/include/openssl/ssl2.h
+++ b/openssl/include/openssl/ssl2.h
diff --git a/openssl/include/openssl/ssl3.h b/openssl/include/openssl/ssl3.h
index c316de32..e6f9c9db 100644..100755
--- a/openssl/include/openssl/ssl3.h
+++ b/openssl/include/openssl/ssl3.h
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
@@ -212,7 +212,7 @@ extern "C" {
# define SSL3_MD_CLIENT_FINISHED_CONST "\x43\x4C\x4E\x54"
# define SSL3_MD_SERVER_FINISHED_CONST "\x53\x52\x56\x52"
-# define SSL3_VERSION 0x0300
+/* SSL3_VERSION is defined in prov_ssl.h */
# define SSL3_VERSION_MAJOR 0x03
# define SSL3_VERSION_MINOR 0x00
diff --git a/openssl/include/openssl/sslerr.h b/openssl/include/openssl/sslerr.h
index 702d0e0f..c8269f0a 100644..100755
--- a/openssl/include/openssl/sslerr.h
+++ b/openssl/include/openssl/sslerr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -14,456 +14,16 @@
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
+# include <openssl/sslerr_legacy.h>
-# ifdef __cplusplus
-extern "C"
-# endif
-int ERR_load_SSL_strings(void);
-
-/*
- * SSL function codes.
- */
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define SSL_F_ADD_CLIENT_KEY_SHARE_EXT 0
-# define SSL_F_ADD_KEY_SHARE 0
-# define SSL_F_BYTES_TO_CIPHER_LIST 0
-# define SSL_F_CHECK_SUITEB_CIPHER_LIST 0
-# define SSL_F_CIPHERSUITE_CB 0
-# define SSL_F_CONSTRUCT_CA_NAMES 0
-# define SSL_F_CONSTRUCT_KEY_EXCHANGE_TBS 0
-# define SSL_F_CONSTRUCT_STATEFUL_TICKET 0
-# define SSL_F_CONSTRUCT_STATELESS_TICKET 0
-# define SSL_F_CREATE_SYNTHETIC_MESSAGE_HASH 0
-# define SSL_F_CREATE_TICKET_PREQUEL 0
-# define SSL_F_CT_MOVE_SCTS 0
-# define SSL_F_CT_STRICT 0
-# define SSL_F_CUSTOM_EXT_ADD 0
-# define SSL_F_CUSTOM_EXT_PARSE 0
-# define SSL_F_D2I_SSL_SESSION 0
-# define SSL_F_DANE_CTX_ENABLE 0
-# define SSL_F_DANE_MTYPE_SET 0
-# define SSL_F_DANE_TLSA_ADD 0
-# define SSL_F_DERIVE_SECRET_KEY_AND_IV 0
-# define SSL_F_DO_DTLS1_WRITE 0
-# define SSL_F_DO_SSL3_WRITE 0
-# define SSL_F_DTLS1_BUFFER_RECORD 0
-# define SSL_F_DTLS1_CHECK_TIMEOUT_NUM 0
-# define SSL_F_DTLS1_HM_FRAGMENT_NEW 0
-# define SSL_F_DTLS1_PREPROCESS_FRAGMENT 0
-# define SSL_F_DTLS1_PROCESS_BUFFERED_RECORDS 0
-# define SSL_F_DTLS1_PROCESS_RECORD 0
-# define SSL_F_DTLS1_READ_BYTES 0
-# define SSL_F_DTLS1_READ_FAILED 0
-# define SSL_F_DTLS1_RETRANSMIT_MESSAGE 0
-# define SSL_F_DTLS1_WRITE_APP_DATA_BYTES 0
-# define SSL_F_DTLS1_WRITE_BYTES 0
-# define SSL_F_DTLSV1_LISTEN 0
-# define SSL_F_DTLS_CONSTRUCT_CHANGE_CIPHER_SPEC 0
-# define SSL_F_DTLS_CONSTRUCT_HELLO_VERIFY_REQUEST 0
-# define SSL_F_DTLS_GET_REASSEMBLED_MESSAGE 0
-# define SSL_F_DTLS_PROCESS_HELLO_VERIFY 0
-# define SSL_F_DTLS_RECORD_LAYER_NEW 0
-# define SSL_F_DTLS_WAIT_FOR_DRY 0
-# define SSL_F_EARLY_DATA_COUNT_OK 0
-# define SSL_F_FINAL_EARLY_DATA 0
-# define SSL_F_FINAL_EC_PT_FORMATS 0
-# define SSL_F_FINAL_EMS 0
-# define SSL_F_FINAL_KEY_SHARE 0
-# define SSL_F_FINAL_MAXFRAGMENTLEN 0
-# define SSL_F_FINAL_RENEGOTIATE 0
-# define SSL_F_FINAL_SERVER_NAME 0
-# define SSL_F_FINAL_SIG_ALGS 0
-# define SSL_F_GET_CERT_VERIFY_TBS_DATA 0
-# define SSL_F_NSS_KEYLOG_INT 0
-# define SSL_F_OPENSSL_INIT_SSL 0
-# define SSL_F_OSSL_STATEM_CLIENT13_READ_TRANSITION 0
-# define SSL_F_OSSL_STATEM_CLIENT13_WRITE_TRANSITION 0
-# define SSL_F_OSSL_STATEM_CLIENT_CONSTRUCT_MESSAGE 0
-# define SSL_F_OSSL_STATEM_CLIENT_POST_PROCESS_MESSAGE 0
-# define SSL_F_OSSL_STATEM_CLIENT_PROCESS_MESSAGE 0
-# define SSL_F_OSSL_STATEM_CLIENT_READ_TRANSITION 0
-# define SSL_F_OSSL_STATEM_CLIENT_WRITE_TRANSITION 0
-# define SSL_F_OSSL_STATEM_SERVER13_READ_TRANSITION 0
-# define SSL_F_OSSL_STATEM_SERVER13_WRITE_TRANSITION 0
-# define SSL_F_OSSL_STATEM_SERVER_CONSTRUCT_MESSAGE 0
-# define SSL_F_OSSL_STATEM_SERVER_POST_PROCESS_MESSAGE 0
-# define SSL_F_OSSL_STATEM_SERVER_POST_WORK 0
-# define SSL_F_OSSL_STATEM_SERVER_PRE_WORK 0
-# define SSL_F_OSSL_STATEM_SERVER_PROCESS_MESSAGE 0
-# define SSL_F_OSSL_STATEM_SERVER_READ_TRANSITION 0
-# define SSL_F_OSSL_STATEM_SERVER_WRITE_TRANSITION 0
-# define SSL_F_PARSE_CA_NAMES 0
-# define SSL_F_PITEM_NEW 0
-# define SSL_F_PQUEUE_NEW 0
-# define SSL_F_PROCESS_KEY_SHARE_EXT 0
-# define SSL_F_READ_STATE_MACHINE 0
-# define SSL_F_SET_CLIENT_CIPHERSUITE 0
-# define SSL_F_SRP_GENERATE_CLIENT_MASTER_SECRET 0
-# define SSL_F_SRP_GENERATE_SERVER_MASTER_SECRET 0
-# define SSL_F_SRP_VERIFY_SERVER_PARAM 0
-# define SSL_F_SSL3_CHANGE_CIPHER_STATE 0
-# define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 0
-# define SSL_F_SSL3_CTRL 0
-# define SSL_F_SSL3_CTX_CTRL 0
-# define SSL_F_SSL3_DIGEST_CACHED_RECORDS 0
-# define SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC 0
-# define SSL_F_SSL3_ENC 0
-# define SSL_F_SSL3_FINAL_FINISH_MAC 0
-# define SSL_F_SSL3_FINISH_MAC 0
-# define SSL_F_SSL3_GENERATE_KEY_BLOCK 0
-# define SSL_F_SSL3_GENERATE_MASTER_SECRET 0
-# define SSL_F_SSL3_GET_RECORD 0
-# define SSL_F_SSL3_INIT_FINISHED_MAC 0
-# define SSL_F_SSL3_OUTPUT_CERT_CHAIN 0
-# define SSL_F_SSL3_READ_BYTES 0
-# define SSL_F_SSL3_READ_N 0
-# define SSL_F_SSL3_SETUP_KEY_BLOCK 0
-# define SSL_F_SSL3_SETUP_READ_BUFFER 0
-# define SSL_F_SSL3_SETUP_WRITE_BUFFER 0
-# define SSL_F_SSL3_WRITE_BYTES 0
-# define SSL_F_SSL3_WRITE_PENDING 0
-# define SSL_F_SSL_ADD_CERT_CHAIN 0
-# define SSL_F_SSL_ADD_CERT_TO_BUF 0
-# define SSL_F_SSL_ADD_CERT_TO_WPACKET 0
-# define SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT 0
-# define SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT 0
-# define SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT 0
-# define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK 0
-# define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK 0
-# define SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT 0
-# define SSL_F_SSL_ADD_SERVERHELLO_TLSEXT 0
-# define SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT 0
-# define SSL_F_SSL_BAD_METHOD 0
-# define SSL_F_SSL_BUILD_CERT_CHAIN 0
-# define SSL_F_SSL_BYTES_TO_CIPHER_LIST 0
-# define SSL_F_SSL_CACHE_CIPHERLIST 0
-# define SSL_F_SSL_CERT_ADD0_CHAIN_CERT 0
-# define SSL_F_SSL_CERT_DUP 0
-# define SSL_F_SSL_CERT_NEW 0
-# define SSL_F_SSL_CERT_SET0_CHAIN 0
-# define SSL_F_SSL_CHECK_PRIVATE_KEY 0
-# define SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT 0
-# define SSL_F_SSL_CHECK_SRP_EXT_CLIENTHELLO 0
-# define SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG 0
-# define SSL_F_SSL_CHOOSE_CLIENT_VERSION 0
-# define SSL_F_SSL_CIPHER_DESCRIPTION 0
-# define SSL_F_SSL_CIPHER_LIST_TO_BYTES 0
-# define SSL_F_SSL_CIPHER_PROCESS_RULESTR 0
-# define SSL_F_SSL_CIPHER_STRENGTH_SORT 0
-# define SSL_F_SSL_CLEAR 0
-# define SSL_F_SSL_CLIENT_HELLO_GET1_EXTENSIONS_PRESENT 0
-# define SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD 0
-# define SSL_F_SSL_CONF_CMD 0
-# define SSL_F_SSL_CREATE_CIPHER_LIST 0
-# define SSL_F_SSL_CTRL 0
-# define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 0
-# define SSL_F_SSL_CTX_ENABLE_CT 0
-# define SSL_F_SSL_CTX_MAKE_PROFILES 0
-# define SSL_F_SSL_CTX_NEW 0
-# define SSL_F_SSL_CTX_SET_ALPN_PROTOS 0
-# define SSL_F_SSL_CTX_SET_CIPHER_LIST 0
-# define SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE 0
-# define SSL_F_SSL_CTX_SET_CT_VALIDATION_CALLBACK 0
-# define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT 0
-# define SSL_F_SSL_CTX_SET_SSL_VERSION 0
-# define SSL_F_SSL_CTX_SET_TLSEXT_MAX_FRAGMENT_LENGTH 0
-# define SSL_F_SSL_CTX_USE_CERTIFICATE 0
-# define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1 0
-# define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE 0
-# define SSL_F_SSL_CTX_USE_PRIVATEKEY 0
-# define SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1 0
-# define SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE 0
-# define SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT 0
-# define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY 0
-# define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1 0
-# define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE 0
-# define SSL_F_SSL_CTX_USE_SERVERINFO 0
-# define SSL_F_SSL_CTX_USE_SERVERINFO_EX 0
-# define SSL_F_SSL_CTX_USE_SERVERINFO_FILE 0
-# define SSL_F_SSL_DANE_DUP 0
-# define SSL_F_SSL_DANE_ENABLE 0
-# define SSL_F_SSL_DERIVE 0
-# define SSL_F_SSL_DO_CONFIG 0
-# define SSL_F_SSL_DO_HANDSHAKE 0
-# define SSL_F_SSL_DUP_CA_LIST 0
-# define SSL_F_SSL_ENABLE_CT 0
-# define SSL_F_SSL_GENERATE_PKEY_GROUP 0
-# define SSL_F_SSL_GENERATE_SESSION_ID 0
-# define SSL_F_SSL_GET_NEW_SESSION 0
-# define SSL_F_SSL_GET_PREV_SESSION 0
-# define SSL_F_SSL_GET_SERVER_CERT_INDEX 0
-# define SSL_F_SSL_GET_SIGN_PKEY 0
-# define SSL_F_SSL_HANDSHAKE_HASH 0
-# define SSL_F_SSL_INIT_WBIO_BUFFER 0
-# define SSL_F_SSL_KEY_UPDATE 0
-# define SSL_F_SSL_LOAD_CLIENT_CA_FILE 0
-# define SSL_F_SSL_LOG_MASTER_SECRET 0
-# define SSL_F_SSL_LOG_RSA_CLIENT_KEY_EXCHANGE 0
-# define SSL_F_SSL_MODULE_INIT 0
-# define SSL_F_SSL_NEW 0
-# define SSL_F_SSL_NEXT_PROTO_VALIDATE 0
-# define SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT 0
-# define SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT 0
-# define SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT 0
-# define SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT 0
-# define SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT 0
-# define SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT 0
-# define SSL_F_SSL_PEEK 0
-# define SSL_F_SSL_PEEK_EX 0
-# define SSL_F_SSL_PEEK_INTERNAL 0
-# define SSL_F_SSL_READ 0
-# define SSL_F_SSL_READ_EARLY_DATA 0
-# define SSL_F_SSL_READ_EX 0
-# define SSL_F_SSL_READ_INTERNAL 0
-# define SSL_F_SSL_RENEGOTIATE 0
-# define SSL_F_SSL_RENEGOTIATE_ABBREVIATED 0
-# define SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT 0
-# define SSL_F_SSL_SCAN_SERVERHELLO_TLSEXT 0
-# define SSL_F_SSL_SENDFILE 0
-# define SSL_F_SSL_SESSION_DUP 0
-# define SSL_F_SSL_SESSION_NEW 0
-# define SSL_F_SSL_SESSION_PRINT_FP 0
-# define SSL_F_SSL_SESSION_SET1_ID 0
-# define SSL_F_SSL_SESSION_SET1_ID_CONTEXT 0
-# define SSL_F_SSL_SET_ALPN_PROTOS 0
-# define SSL_F_SSL_SET_CERT 0
-# define SSL_F_SSL_SET_CERT_AND_KEY 0
-# define SSL_F_SSL_SET_CIPHER_LIST 0
-# define SSL_F_SSL_SET_CT_VALIDATION_CALLBACK 0
-# define SSL_F_SSL_SET_FD 0
-# define SSL_F_SSL_SET_PKEY 0
-# define SSL_F_SSL_SET_RFD 0
-# define SSL_F_SSL_SET_SESSION 0
-# define SSL_F_SSL_SET_SESSION_ID_CONTEXT 0
-# define SSL_F_SSL_SET_SESSION_TICKET_EXT 0
-# define SSL_F_SSL_SET_TLSEXT_MAX_FRAGMENT_LENGTH 0
-# define SSL_F_SSL_SET_WFD 0
-# define SSL_F_SSL_SHUTDOWN 0
-# define SSL_F_SSL_SRP_CTX_INIT 0
-# define SSL_F_SSL_START_ASYNC_JOB 0
-# define SSL_F_SSL_UNDEFINED_FUNCTION 0
-# define SSL_F_SSL_UNDEFINED_VOID_FUNCTION 0
-# define SSL_F_SSL_USE_CERTIFICATE 0
-# define SSL_F_SSL_USE_CERTIFICATE_ASN1 0
-# define SSL_F_SSL_USE_CERTIFICATE_FILE 0
-# define SSL_F_SSL_USE_PRIVATEKEY 0
-# define SSL_F_SSL_USE_PRIVATEKEY_ASN1 0
-# define SSL_F_SSL_USE_PRIVATEKEY_FILE 0
-# define SSL_F_SSL_USE_PSK_IDENTITY_HINT 0
-# define SSL_F_SSL_USE_RSAPRIVATEKEY 0
-# define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 0
-# define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE 0
-# define SSL_F_SSL_VALIDATE_CT 0
-# define SSL_F_SSL_VERIFY_CERT_CHAIN 0
-# define SSL_F_SSL_VERIFY_CLIENT_POST_HANDSHAKE 0
-# define SSL_F_SSL_WRITE 0
-# define SSL_F_SSL_WRITE_EARLY_DATA 0
-# define SSL_F_SSL_WRITE_EARLY_FINISH 0
-# define SSL_F_SSL_WRITE_EX 0
-# define SSL_F_SSL_WRITE_INTERNAL 0
-# define SSL_F_STATE_MACHINE 0
-# define SSL_F_TLS12_CHECK_PEER_SIGALG 0
-# define SSL_F_TLS12_COPY_SIGALGS 0
-# define SSL_F_TLS13_CHANGE_CIPHER_STATE 0
-# define SSL_F_TLS13_ENC 0
-# define SSL_F_TLS13_FINAL_FINISH_MAC 0
-# define SSL_F_TLS13_GENERATE_SECRET 0
-# define SSL_F_TLS13_HKDF_EXPAND 0
-# define SSL_F_TLS13_RESTORE_HANDSHAKE_DIGEST_FOR_PHA 0
-# define SSL_F_TLS13_SAVE_HANDSHAKE_DIGEST_FOR_PHA 0
-# define SSL_F_TLS13_SETUP_KEY_BLOCK 0
-# define SSL_F_TLS1_CHANGE_CIPHER_STATE 0
-# define SSL_F_TLS1_CHECK_DUPLICATE_EXTENSIONS 0
-# define SSL_F_TLS1_ENC 0
-# define SSL_F_TLS1_EXPORT_KEYING_MATERIAL 0
-# define SSL_F_TLS1_GET_CURVELIST 0
-# define SSL_F_TLS1_PRF 0
-# define SSL_F_TLS1_SAVE_U16 0
-# define SSL_F_TLS1_SETUP_KEY_BLOCK 0
-# define SSL_F_TLS1_SET_GROUPS 0
-# define SSL_F_TLS1_SET_RAW_SIGALGS 0
-# define SSL_F_TLS1_SET_SERVER_SIGALGS 0
-# define SSL_F_TLS1_SET_SHARED_SIGALGS 0
-# define SSL_F_TLS1_SET_SIGALGS 0
-# define SSL_F_TLS_CHOOSE_SIGALG 0
-# define SSL_F_TLS_CLIENT_KEY_EXCHANGE_POST_WORK 0
-# define SSL_F_TLS_COLLECT_EXTENSIONS 0
-# define SSL_F_TLS_CONSTRUCT_CERTIFICATE_AUTHORITIES 0
-# define SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST 0
-# define SSL_F_TLS_CONSTRUCT_CERT_STATUS 0
-# define SSL_F_TLS_CONSTRUCT_CERT_STATUS_BODY 0
-# define SSL_F_TLS_CONSTRUCT_CERT_VERIFY 0
-# define SSL_F_TLS_CONSTRUCT_CHANGE_CIPHER_SPEC 0
-# define SSL_F_TLS_CONSTRUCT_CKE_DHE 0
-# define SSL_F_TLS_CONSTRUCT_CKE_ECDHE 0
-# define SSL_F_TLS_CONSTRUCT_CKE_GOST 0
-# define SSL_F_TLS_CONSTRUCT_CKE_GOST18 0
-# define SSL_F_TLS_CONSTRUCT_CKE_PSK_PREAMBLE 0
-# define SSL_F_TLS_CONSTRUCT_CKE_RSA 0
-# define SSL_F_TLS_CONSTRUCT_CKE_SRP 0
-# define SSL_F_TLS_CONSTRUCT_CLIENT_CERTIFICATE 0
-# define SSL_F_TLS_CONSTRUCT_CLIENT_HELLO 0
-# define SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE 0
-# define SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY 0
-# define SSL_F_TLS_CONSTRUCT_CTOS_ALPN 0
-# define SSL_F_TLS_CONSTRUCT_CTOS_CERTIFICATE 0
-# define SSL_F_TLS_CONSTRUCT_CTOS_COOKIE 0
-# define SSL_F_TLS_CONSTRUCT_CTOS_EARLY_DATA 0
-# define SSL_F_TLS_CONSTRUCT_CTOS_EC_PT_FORMATS 0
-# define SSL_F_TLS_CONSTRUCT_CTOS_EMS 0
-# define SSL_F_TLS_CONSTRUCT_CTOS_ETM 0
-# define SSL_F_TLS_CONSTRUCT_CTOS_HELLO 0
-# define SSL_F_TLS_CONSTRUCT_CTOS_KEY_EXCHANGE 0
-# define SSL_F_TLS_CONSTRUCT_CTOS_KEY_SHARE 0
-# define SSL_F_TLS_CONSTRUCT_CTOS_MAXFRAGMENTLEN 0
-# define SSL_F_TLS_CONSTRUCT_CTOS_NPN 0
-# define SSL_F_TLS_CONSTRUCT_CTOS_PADDING 0
-# define SSL_F_TLS_CONSTRUCT_CTOS_POST_HANDSHAKE_AUTH 0
-# define SSL_F_TLS_CONSTRUCT_CTOS_PSK 0
-# define SSL_F_TLS_CONSTRUCT_CTOS_PSK_KEX_MODES 0
-# define SSL_F_TLS_CONSTRUCT_CTOS_RENEGOTIATE 0
-# define SSL_F_TLS_CONSTRUCT_CTOS_SCT 0
-# define SSL_F_TLS_CONSTRUCT_CTOS_SERVER_NAME 0
-# define SSL_F_TLS_CONSTRUCT_CTOS_SESSION_TICKET 0
-# define SSL_F_TLS_CONSTRUCT_CTOS_SIG_ALGS 0
-# define SSL_F_TLS_CONSTRUCT_CTOS_SRP 0
-# define SSL_F_TLS_CONSTRUCT_CTOS_STATUS_REQUEST 0
-# define SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_GROUPS 0
-# define SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_VERSIONS 0
-# define SSL_F_TLS_CONSTRUCT_CTOS_USE_SRTP 0
-# define SSL_F_TLS_CONSTRUCT_CTOS_VERIFY 0
-# define SSL_F_TLS_CONSTRUCT_ENCRYPTED_EXTENSIONS 0
-# define SSL_F_TLS_CONSTRUCT_END_OF_EARLY_DATA 0
-# define SSL_F_TLS_CONSTRUCT_EXTENSIONS 0
-# define SSL_F_TLS_CONSTRUCT_FINISHED 0
-# define SSL_F_TLS_CONSTRUCT_HELLO_REQUEST 0
-# define SSL_F_TLS_CONSTRUCT_HELLO_RETRY_REQUEST 0
-# define SSL_F_TLS_CONSTRUCT_KEY_UPDATE 0
-# define SSL_F_TLS_CONSTRUCT_NEW_SESSION_TICKET 0
-# define SSL_F_TLS_CONSTRUCT_NEXT_PROTO 0
-# define SSL_F_TLS_CONSTRUCT_SERVER_CERTIFICATE 0
-# define SSL_F_TLS_CONSTRUCT_SERVER_HELLO 0
-# define SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE 0
-# define SSL_F_TLS_CONSTRUCT_STOC_ALPN 0
-# define SSL_F_TLS_CONSTRUCT_STOC_CERTIFICATE 0
-# define SSL_F_TLS_CONSTRUCT_STOC_COOKIE 0
-# define SSL_F_TLS_CONSTRUCT_STOC_CRYPTOPRO_BUG 0
-# define SSL_F_TLS_CONSTRUCT_STOC_DONE 0
-# define SSL_F_TLS_CONSTRUCT_STOC_EARLY_DATA 0
-# define SSL_F_TLS_CONSTRUCT_STOC_EARLY_DATA_INFO 0
-# define SSL_F_TLS_CONSTRUCT_STOC_EC_PT_FORMATS 0
-# define SSL_F_TLS_CONSTRUCT_STOC_EMS 0
-# define SSL_F_TLS_CONSTRUCT_STOC_ETM 0
-# define SSL_F_TLS_CONSTRUCT_STOC_HELLO 0
-# define SSL_F_TLS_CONSTRUCT_STOC_KEY_EXCHANGE 0
-# define SSL_F_TLS_CONSTRUCT_STOC_KEY_SHARE 0
-# define SSL_F_TLS_CONSTRUCT_STOC_MAXFRAGMENTLEN 0
-# define SSL_F_TLS_CONSTRUCT_STOC_NEXT_PROTO_NEG 0
-# define SSL_F_TLS_CONSTRUCT_STOC_PSK 0
-# define SSL_F_TLS_CONSTRUCT_STOC_RENEGOTIATE 0
-# define SSL_F_TLS_CONSTRUCT_STOC_SERVER_NAME 0
-# define SSL_F_TLS_CONSTRUCT_STOC_SESSION_TICKET 0
-# define SSL_F_TLS_CONSTRUCT_STOC_STATUS_REQUEST 0
-# define SSL_F_TLS_CONSTRUCT_STOC_SUPPORTED_GROUPS 0
-# define SSL_F_TLS_CONSTRUCT_STOC_SUPPORTED_VERSIONS 0
-# define SSL_F_TLS_CONSTRUCT_STOC_USE_SRTP 0
-# define SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO 0
-# define SSL_F_TLS_FINISH_HANDSHAKE 0
-# define SSL_F_TLS_GET_MESSAGE_BODY 0
-# define SSL_F_TLS_GET_MESSAGE_HEADER 0
-# define SSL_F_TLS_HANDLE_ALPN 0
-# define SSL_F_TLS_HANDLE_STATUS_REQUEST 0
-# define SSL_F_TLS_PARSE_CERTIFICATE_AUTHORITIES 0
-# define SSL_F_TLS_PARSE_CLIENTHELLO_TLSEXT 0
-# define SSL_F_TLS_PARSE_CTOS_ALPN 0
-# define SSL_F_TLS_PARSE_CTOS_COOKIE 0
-# define SSL_F_TLS_PARSE_CTOS_EARLY_DATA 0
-# define SSL_F_TLS_PARSE_CTOS_EC_PT_FORMATS 0
-# define SSL_F_TLS_PARSE_CTOS_EMS 0
-# define SSL_F_TLS_PARSE_CTOS_KEY_SHARE 0
-# define SSL_F_TLS_PARSE_CTOS_MAXFRAGMENTLEN 0
-# define SSL_F_TLS_PARSE_CTOS_POST_HANDSHAKE_AUTH 0
-# define SSL_F_TLS_PARSE_CTOS_PSK 0
-# define SSL_F_TLS_PARSE_CTOS_PSK_KEX_MODES 0
-# define SSL_F_TLS_PARSE_CTOS_RENEGOTIATE 0
-# define SSL_F_TLS_PARSE_CTOS_SERVER_NAME 0
-# define SSL_F_TLS_PARSE_CTOS_SESSION_TICKET 0
-# define SSL_F_TLS_PARSE_CTOS_SIG_ALGS 0
-# define SSL_F_TLS_PARSE_CTOS_SIG_ALGS_CERT 0
-# define SSL_F_TLS_PARSE_CTOS_SRP 0
-# define SSL_F_TLS_PARSE_CTOS_STATUS_REQUEST 0
-# define SSL_F_TLS_PARSE_CTOS_SUPPORTED_GROUPS 0
-# define SSL_F_TLS_PARSE_CTOS_USE_SRTP 0
-# define SSL_F_TLS_PARSE_STOC_ALPN 0
-# define SSL_F_TLS_PARSE_STOC_COOKIE 0
-# define SSL_F_TLS_PARSE_STOC_EARLY_DATA 0
-# define SSL_F_TLS_PARSE_STOC_EARLY_DATA_INFO 0
-# define SSL_F_TLS_PARSE_STOC_EC_PT_FORMATS 0
-# define SSL_F_TLS_PARSE_STOC_KEY_SHARE 0
-# define SSL_F_TLS_PARSE_STOC_MAXFRAGMENTLEN 0
-# define SSL_F_TLS_PARSE_STOC_NPN 0
-# define SSL_F_TLS_PARSE_STOC_PSK 0
-# define SSL_F_TLS_PARSE_STOC_RENEGOTIATE 0
-# define SSL_F_TLS_PARSE_STOC_SCT 0
-# define SSL_F_TLS_PARSE_STOC_SERVER_NAME 0
-# define SSL_F_TLS_PARSE_STOC_SESSION_TICKET 0
-# define SSL_F_TLS_PARSE_STOC_STATUS_REQUEST 0
-# define SSL_F_TLS_PARSE_STOC_SUPPORTED_VERSIONS 0
-# define SSL_F_TLS_PARSE_STOC_USE_SRTP 0
-# define SSL_F_TLS_POST_PROCESS_CLIENT_HELLO 0
-# define SSL_F_TLS_POST_PROCESS_CLIENT_KEY_EXCHANGE 0
-# define SSL_F_TLS_PREPARE_CLIENT_CERTIFICATE 0
-# define SSL_F_TLS_PROCESS_AS_HELLO_RETRY_REQUEST 0
-# define SSL_F_TLS_PROCESS_CERTIFICATE_REQUEST 0
-# define SSL_F_TLS_PROCESS_CERT_STATUS 0
-# define SSL_F_TLS_PROCESS_CERT_STATUS_BODY 0
-# define SSL_F_TLS_PROCESS_CERT_VERIFY 0
-# define SSL_F_TLS_PROCESS_CHANGE_CIPHER_SPEC 0
-# define SSL_F_TLS_PROCESS_CKE_DHE 0
-# define SSL_F_TLS_PROCESS_CKE_ECDHE 0
-# define SSL_F_TLS_PROCESS_CKE_GOST 0
-# define SSL_F_TLS_PROCESS_CKE_GOST18 0
-# define SSL_F_TLS_PROCESS_CKE_PSK_PREAMBLE 0
-# define SSL_F_TLS_PROCESS_CKE_RSA 0
-# define SSL_F_TLS_PROCESS_CKE_SRP 0
-# define SSL_F_TLS_PROCESS_CLIENT_CERTIFICATE 0
-# define SSL_F_TLS_PROCESS_CLIENT_HELLO 0
-# define SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE 0
-# define SSL_F_TLS_PROCESS_ENCRYPTED_EXTENSIONS 0
-# define SSL_F_TLS_PROCESS_END_OF_EARLY_DATA 0
-# define SSL_F_TLS_PROCESS_FINISHED 0
-# define SSL_F_TLS_PROCESS_HELLO_REQ 0
-# define SSL_F_TLS_PROCESS_HELLO_RETRY_REQUEST 0
-# define SSL_F_TLS_PROCESS_INITIAL_SERVER_FLIGHT 0
-# define SSL_F_TLS_PROCESS_KEY_EXCHANGE 0
-# define SSL_F_TLS_PROCESS_KEY_UPDATE 0
-# define SSL_F_TLS_PROCESS_NEW_SESSION_TICKET 0
-# define SSL_F_TLS_PROCESS_NEXT_PROTO 0
-# define SSL_F_TLS_PROCESS_SERVER_CERTIFICATE 0
-# define SSL_F_TLS_PROCESS_SERVER_DONE 0
-# define SSL_F_TLS_PROCESS_SERVER_HELLO 0
-# define SSL_F_TLS_PROCESS_SKE_DHE 0
-# define SSL_F_TLS_PROCESS_SKE_ECDHE 0
-# define SSL_F_TLS_PROCESS_SKE_PSK_PREAMBLE 0
-# define SSL_F_TLS_PROCESS_SKE_SRP 0
-# define SSL_F_TLS_PSK_DO_BINDER 0
-# define SSL_F_TLS_SCAN_CLIENTHELLO_TLSEXT 0
-# define SSL_F_TLS_SETUP_HANDSHAKE 0
-# define SSL_F_USE_CERTIFICATE_CHAIN_FILE 0
-# define SSL_F_WPACKET_INTERN_INIT_LEN 0
-# define SSL_F_WPACKET_START_SUB_PACKET_LEN__ 0
-# define SSL_F_WRITE_STATE_MACHINE 0
-# endif
/*
* SSL reason codes.
*/
-# define SSL_R_ALGORITHM_FETCH_FAILED 295
# define SSL_R_APPLICATION_DATA_AFTER_CLOSE_NOTIFY 291
# define SSL_R_APP_DATA_IN_HANDSHAKE 100
# define SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT 272
-# define SSL_R_AT_LEAST_TLS_1_0_NEEDED_IN_FIPS_MODE 143
# define SSL_R_AT_LEAST_TLS_1_2_NEEDED_IN_SUITEB_MODE 158
# define SSL_R_BAD_CHANGE_CIPHER_SPEC 103
# define SSL_R_BAD_CIPHER 186
@@ -505,6 +65,7 @@ int ERR_load_SSL_strings(void);
# define SSL_R_BN_LIB 130
# define SSL_R_CALLBACK_FAILED 234
# define SSL_R_CANNOT_CHANGE_CIPHER 109
+# define SSL_R_CANNOT_GET_GROUP_NAME 299
# define SSL_R_CA_DN_LENGTH_MISMATCH 131
# define SSL_R_CA_KEY_TOO_SMALL 397
# define SSL_R_CA_MD_TOO_WEAK 398
@@ -514,7 +75,6 @@ int ERR_load_SSL_strings(void);
# define SSL_R_CERT_LENGTH_MISMATCH 135
# define SSL_R_CIPHERSUITE_DIGEST_HAS_CHANGED 218
# define SSL_R_CIPHER_CODE_WRONG_LENGTH 137
-# define SSL_R_CIPHER_OR_HASH_UNAVAILABLE 138
# define SSL_R_CLIENTHELLO_TLSEXT 226
# define SSL_R_COMPRESSED_LENGTH_TOO_LONG 140
# define SSL_R_COMPRESSION_DISABLED 343
@@ -599,6 +159,7 @@ int ERR_load_SSL_strings(void);
# define SSL_R_MISSING_ECDSA_SIGNING_CERT 381
# define SSL_R_MISSING_FATAL 256
# define SSL_R_MISSING_PARAMETERS 290
+# define SSL_R_MISSING_PSK_KEX_MODES_EXTENSION 310
# define SSL_R_MISSING_RSA_CERTIFICATE 168
# define SSL_R_MISSING_RSA_ENCRYPTING_CERT 169
# define SSL_R_MISSING_RSA_SIGNING_CERT 170
@@ -634,12 +195,15 @@ int ERR_load_SSL_strings(void);
# define SSL_R_NO_SHARED_GROUPS 410
# define SSL_R_NO_SHARED_SIGNATURE_ALGORITHMS 376
# define SSL_R_NO_SRTP_PROFILES 359
+# define SSL_R_NO_SUITABLE_DIGEST_ALGORITHM 297
+# define SSL_R_NO_SUITABLE_GROUPS 295
# define SSL_R_NO_SUITABLE_KEY_SHARE 101
# define SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM 118
# define SSL_R_NO_VALID_SCTS 216
# define SSL_R_NO_VERIFY_COOKIE_CALLBACK 403
# define SSL_R_NULL_SSL_CTX 195
# define SSL_R_NULL_SSL_METHOD_PASSED 196
+# define SSL_R_OCSP_CALLBACK_FAILURE 305
# define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 197
# define SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED 344
# define SSL_R_OVERFLOW_ERROR 237
diff --git a/openssl/include/openssl/sslerr_legacy.h b/openssl/include/openssl/sslerr_legacy.h
new file mode 100755
index 00000000..8457c012
--- /dev/null
+++ b/openssl/include/openssl/sslerr_legacy.h
@@ -0,0 +1,468 @@
+/*
+ * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/*
+ * This header file preserves symbols from pre-3.0 OpenSSL.
+ * It should never be included directly, as it's already included
+ * by the public sslerr.h headers, and since it will go away some
+ * time in the future.
+ */
+
+#ifndef OPENSSL_SSLERR_LEGACY_H
+# define OPENSSL_SSLERR_LEGACY_H
+# pragma once
+
+# include <openssl/macros.h>
+# include <openssl/symhacks.h>
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int ERR_load_SSL_strings(void);
+
+/* Collected _F_ macros from OpenSSL 1.1.1 */
+
+/*
+ * SSL function codes.
+ */
+# define SSL_F_ADD_CLIENT_KEY_SHARE_EXT 0
+# define SSL_F_ADD_KEY_SHARE 0
+# define SSL_F_BYTES_TO_CIPHER_LIST 0
+# define SSL_F_CHECK_SUITEB_CIPHER_LIST 0
+# define SSL_F_CIPHERSUITE_CB 0
+# define SSL_F_CONSTRUCT_CA_NAMES 0
+# define SSL_F_CONSTRUCT_KEY_EXCHANGE_TBS 0
+# define SSL_F_CONSTRUCT_STATEFUL_TICKET 0
+# define SSL_F_CONSTRUCT_STATELESS_TICKET 0
+# define SSL_F_CREATE_SYNTHETIC_MESSAGE_HASH 0
+# define SSL_F_CREATE_TICKET_PREQUEL 0
+# define SSL_F_CT_MOVE_SCTS 0
+# define SSL_F_CT_STRICT 0
+# define SSL_F_CUSTOM_EXT_ADD 0
+# define SSL_F_CUSTOM_EXT_PARSE 0
+# define SSL_F_D2I_SSL_SESSION 0
+# define SSL_F_DANE_CTX_ENABLE 0
+# define SSL_F_DANE_MTYPE_SET 0
+# define SSL_F_DANE_TLSA_ADD 0
+# define SSL_F_DERIVE_SECRET_KEY_AND_IV 0
+# define SSL_F_DO_DTLS1_WRITE 0
+# define SSL_F_DO_SSL3_WRITE 0
+# define SSL_F_DTLS1_BUFFER_RECORD 0
+# define SSL_F_DTLS1_CHECK_TIMEOUT_NUM 0
+# define SSL_F_DTLS1_HEARTBEAT 0
+# define SSL_F_DTLS1_HM_FRAGMENT_NEW 0
+# define SSL_F_DTLS1_PREPROCESS_FRAGMENT 0
+# define SSL_F_DTLS1_PROCESS_BUFFERED_RECORDS 0
+# define SSL_F_DTLS1_PROCESS_RECORD 0
+# define SSL_F_DTLS1_READ_BYTES 0
+# define SSL_F_DTLS1_READ_FAILED 0
+# define SSL_F_DTLS1_RETRANSMIT_MESSAGE 0
+# define SSL_F_DTLS1_WRITE_APP_DATA_BYTES 0
+# define SSL_F_DTLS1_WRITE_BYTES 0
+# define SSL_F_DTLSV1_LISTEN 0
+# define SSL_F_DTLS_CONSTRUCT_CHANGE_CIPHER_SPEC 0
+# define SSL_F_DTLS_CONSTRUCT_HELLO_VERIFY_REQUEST 0
+# define SSL_F_DTLS_GET_REASSEMBLED_MESSAGE 0
+# define SSL_F_DTLS_PROCESS_HELLO_VERIFY 0
+# define SSL_F_DTLS_RECORD_LAYER_NEW 0
+# define SSL_F_DTLS_WAIT_FOR_DRY 0
+# define SSL_F_EARLY_DATA_COUNT_OK 0
+# define SSL_F_FINAL_EARLY_DATA 0
+# define SSL_F_FINAL_EC_PT_FORMATS 0
+# define SSL_F_FINAL_EMS 0
+# define SSL_F_FINAL_KEY_SHARE 0
+# define SSL_F_FINAL_MAXFRAGMENTLEN 0
+# define SSL_F_FINAL_RENEGOTIATE 0
+# define SSL_F_FINAL_SERVER_NAME 0
+# define SSL_F_FINAL_SIG_ALGS 0
+# define SSL_F_GET_CERT_VERIFY_TBS_DATA 0
+# define SSL_F_NSS_KEYLOG_INT 0
+# define SSL_F_OPENSSL_INIT_SSL 0
+# define SSL_F_OSSL_STATEM_CLIENT13_READ_TRANSITION 0
+# define SSL_F_OSSL_STATEM_CLIENT13_WRITE_TRANSITION 0
+# define SSL_F_OSSL_STATEM_CLIENT_CONSTRUCT_MESSAGE 0
+# define SSL_F_OSSL_STATEM_CLIENT_POST_PROCESS_MESSAGE 0
+# define SSL_F_OSSL_STATEM_CLIENT_PROCESS_MESSAGE 0
+# define SSL_F_OSSL_STATEM_CLIENT_READ_TRANSITION 0
+# define SSL_F_OSSL_STATEM_CLIENT_WRITE_TRANSITION 0
+# define SSL_F_OSSL_STATEM_SERVER13_READ_TRANSITION 0
+# define SSL_F_OSSL_STATEM_SERVER13_WRITE_TRANSITION 0
+# define SSL_F_OSSL_STATEM_SERVER_CONSTRUCT_MESSAGE 0
+# define SSL_F_OSSL_STATEM_SERVER_POST_PROCESS_MESSAGE 0
+# define SSL_F_OSSL_STATEM_SERVER_POST_WORK 0
+# define SSL_F_OSSL_STATEM_SERVER_PRE_WORK 0
+# define SSL_F_OSSL_STATEM_SERVER_PROCESS_MESSAGE 0
+# define SSL_F_OSSL_STATEM_SERVER_READ_TRANSITION 0
+# define SSL_F_OSSL_STATEM_SERVER_WRITE_TRANSITION 0
+# define SSL_F_PARSE_CA_NAMES 0
+# define SSL_F_PITEM_NEW 0
+# define SSL_F_PQUEUE_NEW 0
+# define SSL_F_PROCESS_KEY_SHARE_EXT 0
+# define SSL_F_READ_STATE_MACHINE 0
+# define SSL_F_SET_CLIENT_CIPHERSUITE 0
+# define SSL_F_SRP_GENERATE_CLIENT_MASTER_SECRET 0
+# define SSL_F_SRP_GENERATE_SERVER_MASTER_SECRET 0
+# define SSL_F_SRP_VERIFY_SERVER_PARAM 0
+# define SSL_F_SSL3_CHANGE_CIPHER_STATE 0
+# define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 0
+# define SSL_F_SSL3_CTRL 0
+# define SSL_F_SSL3_CTX_CTRL 0
+# define SSL_F_SSL3_DIGEST_CACHED_RECORDS 0
+# define SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC 0
+# define SSL_F_SSL3_ENC 0
+# define SSL_F_SSL3_FINAL_FINISH_MAC 0
+# define SSL_F_SSL3_FINISH_MAC 0
+# define SSL_F_SSL3_GENERATE_KEY_BLOCK 0
+# define SSL_F_SSL3_GENERATE_MASTER_SECRET 0
+# define SSL_F_SSL3_GET_RECORD 0
+# define SSL_F_SSL3_INIT_FINISHED_MAC 0
+# define SSL_F_SSL3_OUTPUT_CERT_CHAIN 0
+# define SSL_F_SSL3_READ_BYTES 0
+# define SSL_F_SSL3_READ_N 0
+# define SSL_F_SSL3_SETUP_KEY_BLOCK 0
+# define SSL_F_SSL3_SETUP_READ_BUFFER 0
+# define SSL_F_SSL3_SETUP_WRITE_BUFFER 0
+# define SSL_F_SSL3_WRITE_BYTES 0
+# define SSL_F_SSL3_WRITE_PENDING 0
+# define SSL_F_SSL_ADD_CERT_CHAIN 0
+# define SSL_F_SSL_ADD_CERT_TO_BUF 0
+# define SSL_F_SSL_ADD_CERT_TO_WPACKET 0
+# define SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT 0
+# define SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT 0
+# define SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT 0
+# define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK 0
+# define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK 0
+# define SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT 0
+# define SSL_F_SSL_ADD_SERVERHELLO_TLSEXT 0
+# define SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT 0
+# define SSL_F_SSL_BAD_METHOD 0
+# define SSL_F_SSL_BUILD_CERT_CHAIN 0
+# define SSL_F_SSL_BYTES_TO_CIPHER_LIST 0
+# define SSL_F_SSL_CACHE_CIPHERLIST 0
+# define SSL_F_SSL_CERT_ADD0_CHAIN_CERT 0
+# define SSL_F_SSL_CERT_DUP 0
+# define SSL_F_SSL_CERT_NEW 0
+# define SSL_F_SSL_CERT_SET0_CHAIN 0
+# define SSL_F_SSL_CHECK_PRIVATE_KEY 0
+# define SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT 0
+# define SSL_F_SSL_CHECK_SRP_EXT_CLIENTHELLO 0
+# define SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG 0
+# define SSL_F_SSL_CHOOSE_CLIENT_VERSION 0
+# define SSL_F_SSL_CIPHER_DESCRIPTION 0
+# define SSL_F_SSL_CIPHER_LIST_TO_BYTES 0
+# define SSL_F_SSL_CIPHER_PROCESS_RULESTR 0
+# define SSL_F_SSL_CIPHER_STRENGTH_SORT 0
+# define SSL_F_SSL_CLEAR 0
+# define SSL_F_SSL_CLIENT_HELLO_GET1_EXTENSIONS_PRESENT 0
+# define SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD 0
+# define SSL_F_SSL_CONF_CMD 0
+# define SSL_F_SSL_CREATE_CIPHER_LIST 0
+# define SSL_F_SSL_CTRL 0
+# define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 0
+# define SSL_F_SSL_CTX_ENABLE_CT 0
+# define SSL_F_SSL_CTX_MAKE_PROFILES 0
+# define SSL_F_SSL_CTX_NEW 0
+# define SSL_F_SSL_CTX_SET_ALPN_PROTOS 0
+# define SSL_F_SSL_CTX_SET_CIPHER_LIST 0
+# define SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE 0
+# define SSL_F_SSL_CTX_SET_CT_VALIDATION_CALLBACK 0
+# define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT 0
+# define SSL_F_SSL_CTX_SET_SSL_VERSION 0
+# define SSL_F_SSL_CTX_SET_TLSEXT_MAX_FRAGMENT_LENGTH 0
+# define SSL_F_SSL_CTX_USE_CERTIFICATE 0
+# define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1 0
+# define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE 0
+# define SSL_F_SSL_CTX_USE_PRIVATEKEY 0
+# define SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1 0
+# define SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE 0
+# define SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT 0
+# define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY 0
+# define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1 0
+# define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE 0
+# define SSL_F_SSL_CTX_USE_SERVERINFO 0
+# define SSL_F_SSL_CTX_USE_SERVERINFO_EX 0
+# define SSL_F_SSL_CTX_USE_SERVERINFO_FILE 0
+# define SSL_F_SSL_DANE_DUP 0
+# define SSL_F_SSL_DANE_ENABLE 0
+# define SSL_F_SSL_DERIVE 0
+# define SSL_F_SSL_DO_CONFIG 0
+# define SSL_F_SSL_DO_HANDSHAKE 0
+# define SSL_F_SSL_DUP_CA_LIST 0
+# define SSL_F_SSL_ENABLE_CT 0
+# define SSL_F_SSL_GENERATE_PKEY_GROUP 0
+# define SSL_F_SSL_GENERATE_SESSION_ID 0
+# define SSL_F_SSL_GET_NEW_SESSION 0
+# define SSL_F_SSL_GET_PREV_SESSION 0
+# define SSL_F_SSL_GET_SERVER_CERT_INDEX 0
+# define SSL_F_SSL_GET_SIGN_PKEY 0
+# define SSL_F_SSL_HANDSHAKE_HASH 0
+# define SSL_F_SSL_INIT_WBIO_BUFFER 0
+# define SSL_F_SSL_KEY_UPDATE 0
+# define SSL_F_SSL_LOAD_CLIENT_CA_FILE 0
+# define SSL_F_SSL_LOG_MASTER_SECRET 0
+# define SSL_F_SSL_LOG_RSA_CLIENT_KEY_EXCHANGE 0
+# define SSL_F_SSL_MODULE_INIT 0
+# define SSL_F_SSL_NEW 0
+# define SSL_F_SSL_NEXT_PROTO_VALIDATE 0
+# define SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT 0
+# define SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT 0
+# define SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT 0
+# define SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT 0
+# define SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT 0
+# define SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT 0
+# define SSL_F_SSL_PEEK 0
+# define SSL_F_SSL_PEEK_EX 0
+# define SSL_F_SSL_PEEK_INTERNAL 0
+# define SSL_F_SSL_READ 0
+# define SSL_F_SSL_READ_EARLY_DATA 0
+# define SSL_F_SSL_READ_EX 0
+# define SSL_F_SSL_READ_INTERNAL 0
+# define SSL_F_SSL_RENEGOTIATE 0
+# define SSL_F_SSL_RENEGOTIATE_ABBREVIATED 0
+# define SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT 0
+# define SSL_F_SSL_SCAN_SERVERHELLO_TLSEXT 0
+# define SSL_F_SSL_SESSION_DUP 0
+# define SSL_F_SSL_SESSION_NEW 0
+# define SSL_F_SSL_SESSION_PRINT_FP 0
+# define SSL_F_SSL_SESSION_SET1_ID 0
+# define SSL_F_SSL_SESSION_SET1_ID_CONTEXT 0
+# define SSL_F_SSL_SET_ALPN_PROTOS 0
+# define SSL_F_SSL_SET_CERT 0
+# define SSL_F_SSL_SET_CERT_AND_KEY 0
+# define SSL_F_SSL_SET_CIPHER_LIST 0
+# define SSL_F_SSL_SET_CT_VALIDATION_CALLBACK 0
+# define SSL_F_SSL_SET_FD 0
+# define SSL_F_SSL_SET_PKEY 0
+# define SSL_F_SSL_SET_RFD 0
+# define SSL_F_SSL_SET_SESSION 0
+# define SSL_F_SSL_SET_SESSION_ID_CONTEXT 0
+# define SSL_F_SSL_SET_SESSION_TICKET_EXT 0
+# define SSL_F_SSL_SET_TLSEXT_MAX_FRAGMENT_LENGTH 0
+# define SSL_F_SSL_SET_WFD 0
+# define SSL_F_SSL_SHUTDOWN 0
+# define SSL_F_SSL_SRP_CTX_INIT 0
+# define SSL_F_SSL_START_ASYNC_JOB 0
+# define SSL_F_SSL_UNDEFINED_FUNCTION 0
+# define SSL_F_SSL_UNDEFINED_VOID_FUNCTION 0
+# define SSL_F_SSL_USE_CERTIFICATE 0
+# define SSL_F_SSL_USE_CERTIFICATE_ASN1 0
+# define SSL_F_SSL_USE_CERTIFICATE_FILE 0
+# define SSL_F_SSL_USE_PRIVATEKEY 0
+# define SSL_F_SSL_USE_PRIVATEKEY_ASN1 0
+# define SSL_F_SSL_USE_PRIVATEKEY_FILE 0
+# define SSL_F_SSL_USE_PSK_IDENTITY_HINT 0
+# define SSL_F_SSL_USE_RSAPRIVATEKEY 0
+# define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 0
+# define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE 0
+# define SSL_F_SSL_VALIDATE_CT 0
+# define SSL_F_SSL_VERIFY_CERT_CHAIN 0
+# define SSL_F_SSL_VERIFY_CLIENT_POST_HANDSHAKE 0
+# define SSL_F_SSL_WRITE 0
+# define SSL_F_SSL_WRITE_EARLY_DATA 0
+# define SSL_F_SSL_WRITE_EARLY_FINISH 0
+# define SSL_F_SSL_WRITE_EX 0
+# define SSL_F_SSL_WRITE_INTERNAL 0
+# define SSL_F_STATE_MACHINE 0
+# define SSL_F_TLS12_CHECK_PEER_SIGALG 0
+# define SSL_F_TLS12_COPY_SIGALGS 0
+# define SSL_F_TLS13_CHANGE_CIPHER_STATE 0
+# define SSL_F_TLS13_ENC 0
+# define SSL_F_TLS13_FINAL_FINISH_MAC 0
+# define SSL_F_TLS13_GENERATE_SECRET 0
+# define SSL_F_TLS13_HKDF_EXPAND 0
+# define SSL_F_TLS13_RESTORE_HANDSHAKE_DIGEST_FOR_PHA 0
+# define SSL_F_TLS13_SAVE_HANDSHAKE_DIGEST_FOR_PHA 0
+# define SSL_F_TLS13_SETUP_KEY_BLOCK 0
+# define SSL_F_TLS1_CHANGE_CIPHER_STATE 0
+# define SSL_F_TLS1_CHECK_DUPLICATE_EXTENSIONS 0
+# define SSL_F_TLS1_ENC 0
+# define SSL_F_TLS1_EXPORT_KEYING_MATERIAL 0
+# define SSL_F_TLS1_GET_CURVELIST 0
+# define SSL_F_TLS1_PRF 0
+# define SSL_F_TLS1_SAVE_U16 0
+# define SSL_F_TLS1_SETUP_KEY_BLOCK 0
+# define SSL_F_TLS1_SET_GROUPS 0
+# define SSL_F_TLS1_SET_RAW_SIGALGS 0
+# define SSL_F_TLS1_SET_SERVER_SIGALGS 0
+# define SSL_F_TLS1_SET_SHARED_SIGALGS 0
+# define SSL_F_TLS1_SET_SIGALGS 0
+# define SSL_F_TLS_CHOOSE_SIGALG 0
+# define SSL_F_TLS_CLIENT_KEY_EXCHANGE_POST_WORK 0
+# define SSL_F_TLS_COLLECT_EXTENSIONS 0
+# define SSL_F_TLS_CONSTRUCT_CERTIFICATE_AUTHORITIES 0
+# define SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST 0
+# define SSL_F_TLS_CONSTRUCT_CERT_STATUS 0
+# define SSL_F_TLS_CONSTRUCT_CERT_STATUS_BODY 0
+# define SSL_F_TLS_CONSTRUCT_CERT_VERIFY 0
+# define SSL_F_TLS_CONSTRUCT_CHANGE_CIPHER_SPEC 0
+# define SSL_F_TLS_CONSTRUCT_CKE_DHE 0
+# define SSL_F_TLS_CONSTRUCT_CKE_ECDHE 0
+# define SSL_F_TLS_CONSTRUCT_CKE_GOST 0
+# define SSL_F_TLS_CONSTRUCT_CKE_PSK_PREAMBLE 0
+# define SSL_F_TLS_CONSTRUCT_CKE_RSA 0
+# define SSL_F_TLS_CONSTRUCT_CKE_SRP 0
+# define SSL_F_TLS_CONSTRUCT_CLIENT_CERTIFICATE 0
+# define SSL_F_TLS_CONSTRUCT_CLIENT_HELLO 0
+# define SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE 0
+# define SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_ALPN 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_CERTIFICATE 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_COOKIE 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_EARLY_DATA 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_EC_PT_FORMATS 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_EMS 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_ETM 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_HELLO 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_KEY_EXCHANGE 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_KEY_SHARE 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_MAXFRAGMENTLEN 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_NPN 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_PADDING 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_POST_HANDSHAKE_AUTH 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_PSK 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_PSK_KEX_MODES 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_RENEGOTIATE 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_SCT 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_SERVER_NAME 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_SESSION_TICKET 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_SIG_ALGS 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_SRP 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_STATUS_REQUEST 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_GROUPS 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_VERSIONS 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_USE_SRTP 0
+# define SSL_F_TLS_CONSTRUCT_CTOS_VERIFY 0
+# define SSL_F_TLS_CONSTRUCT_ENCRYPTED_EXTENSIONS 0
+# define SSL_F_TLS_CONSTRUCT_END_OF_EARLY_DATA 0
+# define SSL_F_TLS_CONSTRUCT_EXTENSIONS 0
+# define SSL_F_TLS_CONSTRUCT_FINISHED 0
+# define SSL_F_TLS_CONSTRUCT_HELLO_REQUEST 0
+# define SSL_F_TLS_CONSTRUCT_HELLO_RETRY_REQUEST 0
+# define SSL_F_TLS_CONSTRUCT_KEY_UPDATE 0
+# define SSL_F_TLS_CONSTRUCT_NEW_SESSION_TICKET 0
+# define SSL_F_TLS_CONSTRUCT_NEXT_PROTO 0
+# define SSL_F_TLS_CONSTRUCT_SERVER_CERTIFICATE 0
+# define SSL_F_TLS_CONSTRUCT_SERVER_HELLO 0
+# define SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE 0
+# define SSL_F_TLS_CONSTRUCT_STOC_ALPN 0
+# define SSL_F_TLS_CONSTRUCT_STOC_CERTIFICATE 0
+# define SSL_F_TLS_CONSTRUCT_STOC_COOKIE 0
+# define SSL_F_TLS_CONSTRUCT_STOC_CRYPTOPRO_BUG 0
+# define SSL_F_TLS_CONSTRUCT_STOC_DONE 0
+# define SSL_F_TLS_CONSTRUCT_STOC_EARLY_DATA 0
+# define SSL_F_TLS_CONSTRUCT_STOC_EARLY_DATA_INFO 0
+# define SSL_F_TLS_CONSTRUCT_STOC_EC_PT_FORMATS 0
+# define SSL_F_TLS_CONSTRUCT_STOC_EMS 0
+# define SSL_F_TLS_CONSTRUCT_STOC_ETM 0
+# define SSL_F_TLS_CONSTRUCT_STOC_HELLO 0
+# define SSL_F_TLS_CONSTRUCT_STOC_KEY_EXCHANGE 0
+# define SSL_F_TLS_CONSTRUCT_STOC_KEY_SHARE 0
+# define SSL_F_TLS_CONSTRUCT_STOC_MAXFRAGMENTLEN 0
+# define SSL_F_TLS_CONSTRUCT_STOC_NEXT_PROTO_NEG 0
+# define SSL_F_TLS_CONSTRUCT_STOC_PSK 0
+# define SSL_F_TLS_CONSTRUCT_STOC_RENEGOTIATE 0
+# define SSL_F_TLS_CONSTRUCT_STOC_SERVER_NAME 0
+# define SSL_F_TLS_CONSTRUCT_STOC_SESSION_TICKET 0
+# define SSL_F_TLS_CONSTRUCT_STOC_STATUS_REQUEST 0
+# define SSL_F_TLS_CONSTRUCT_STOC_SUPPORTED_GROUPS 0
+# define SSL_F_TLS_CONSTRUCT_STOC_SUPPORTED_VERSIONS 0
+# define SSL_F_TLS_CONSTRUCT_STOC_USE_SRTP 0
+# define SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO 0
+# define SSL_F_TLS_FINISH_HANDSHAKE 0
+# define SSL_F_TLS_GET_MESSAGE_BODY 0
+# define SSL_F_TLS_GET_MESSAGE_HEADER 0
+# define SSL_F_TLS_HANDLE_ALPN 0
+# define SSL_F_TLS_HANDLE_STATUS_REQUEST 0
+# define SSL_F_TLS_PARSE_CERTIFICATE_AUTHORITIES 0
+# define SSL_F_TLS_PARSE_CLIENTHELLO_TLSEXT 0
+# define SSL_F_TLS_PARSE_CTOS_ALPN 0
+# define SSL_F_TLS_PARSE_CTOS_COOKIE 0
+# define SSL_F_TLS_PARSE_CTOS_EARLY_DATA 0
+# define SSL_F_TLS_PARSE_CTOS_EC_PT_FORMATS 0
+# define SSL_F_TLS_PARSE_CTOS_EMS 0
+# define SSL_F_TLS_PARSE_CTOS_KEY_SHARE 0
+# define SSL_F_TLS_PARSE_CTOS_MAXFRAGMENTLEN 0
+# define SSL_F_TLS_PARSE_CTOS_POST_HANDSHAKE_AUTH 0
+# define SSL_F_TLS_PARSE_CTOS_PSK 0
+# define SSL_F_TLS_PARSE_CTOS_PSK_KEX_MODES 0
+# define SSL_F_TLS_PARSE_CTOS_RENEGOTIATE 0
+# define SSL_F_TLS_PARSE_CTOS_SERVER_NAME 0
+# define SSL_F_TLS_PARSE_CTOS_SESSION_TICKET 0
+# define SSL_F_TLS_PARSE_CTOS_SIG_ALGS 0
+# define SSL_F_TLS_PARSE_CTOS_SIG_ALGS_CERT 0
+# define SSL_F_TLS_PARSE_CTOS_SRP 0
+# define SSL_F_TLS_PARSE_CTOS_STATUS_REQUEST 0
+# define SSL_F_TLS_PARSE_CTOS_SUPPORTED_GROUPS 0
+# define SSL_F_TLS_PARSE_CTOS_USE_SRTP 0
+# define SSL_F_TLS_PARSE_STOC_ALPN 0
+# define SSL_F_TLS_PARSE_STOC_COOKIE 0
+# define SSL_F_TLS_PARSE_STOC_EARLY_DATA 0
+# define SSL_F_TLS_PARSE_STOC_EARLY_DATA_INFO 0
+# define SSL_F_TLS_PARSE_STOC_EC_PT_FORMATS 0
+# define SSL_F_TLS_PARSE_STOC_KEY_SHARE 0
+# define SSL_F_TLS_PARSE_STOC_MAXFRAGMENTLEN 0
+# define SSL_F_TLS_PARSE_STOC_NPN 0
+# define SSL_F_TLS_PARSE_STOC_PSK 0
+# define SSL_F_TLS_PARSE_STOC_RENEGOTIATE 0
+# define SSL_F_TLS_PARSE_STOC_SCT 0
+# define SSL_F_TLS_PARSE_STOC_SERVER_NAME 0
+# define SSL_F_TLS_PARSE_STOC_SESSION_TICKET 0
+# define SSL_F_TLS_PARSE_STOC_STATUS_REQUEST 0
+# define SSL_F_TLS_PARSE_STOC_SUPPORTED_VERSIONS 0
+# define SSL_F_TLS_PARSE_STOC_USE_SRTP 0
+# define SSL_F_TLS_POST_PROCESS_CLIENT_HELLO 0
+# define SSL_F_TLS_POST_PROCESS_CLIENT_KEY_EXCHANGE 0
+# define SSL_F_TLS_PREPARE_CLIENT_CERTIFICATE 0
+# define SSL_F_TLS_PROCESS_AS_HELLO_RETRY_REQUEST 0
+# define SSL_F_TLS_PROCESS_CERTIFICATE_REQUEST 0
+# define SSL_F_TLS_PROCESS_CERT_STATUS 0
+# define SSL_F_TLS_PROCESS_CERT_STATUS_BODY 0
+# define SSL_F_TLS_PROCESS_CERT_VERIFY 0
+# define SSL_F_TLS_PROCESS_CHANGE_CIPHER_SPEC 0
+# define SSL_F_TLS_PROCESS_CKE_DHE 0
+# define SSL_F_TLS_PROCESS_CKE_ECDHE 0
+# define SSL_F_TLS_PROCESS_CKE_GOST 0
+# define SSL_F_TLS_PROCESS_CKE_PSK_PREAMBLE 0
+# define SSL_F_TLS_PROCESS_CKE_RSA 0
+# define SSL_F_TLS_PROCESS_CKE_SRP 0
+# define SSL_F_TLS_PROCESS_CLIENT_CERTIFICATE 0
+# define SSL_F_TLS_PROCESS_CLIENT_HELLO 0
+# define SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE 0
+# define SSL_F_TLS_PROCESS_ENCRYPTED_EXTENSIONS 0
+# define SSL_F_TLS_PROCESS_END_OF_EARLY_DATA 0
+# define SSL_F_TLS_PROCESS_FINISHED 0
+# define SSL_F_TLS_PROCESS_HELLO_REQ 0
+# define SSL_F_TLS_PROCESS_HELLO_RETRY_REQUEST 0
+# define SSL_F_TLS_PROCESS_INITIAL_SERVER_FLIGHT 0
+# define SSL_F_TLS_PROCESS_KEY_EXCHANGE 0
+# define SSL_F_TLS_PROCESS_KEY_UPDATE 0
+# define SSL_F_TLS_PROCESS_NEW_SESSION_TICKET 0
+# define SSL_F_TLS_PROCESS_NEXT_PROTO 0
+# define SSL_F_TLS_PROCESS_SERVER_CERTIFICATE 0
+# define SSL_F_TLS_PROCESS_SERVER_DONE 0
+# define SSL_F_TLS_PROCESS_SERVER_HELLO 0
+# define SSL_F_TLS_PROCESS_SKE_DHE 0
+# define SSL_F_TLS_PROCESS_SKE_ECDHE 0
+# define SSL_F_TLS_PROCESS_SKE_PSK_PREAMBLE 0
+# define SSL_F_TLS_PROCESS_SKE_SRP 0
+# define SSL_F_TLS_PSK_DO_BINDER 0
+# define SSL_F_TLS_SCAN_CLIENTHELLO_TLSEXT 0
+# define SSL_F_TLS_SETUP_HANDSHAKE 0
+# define SSL_F_USE_CERTIFICATE_CHAIN_FILE 0
+# define SSL_F_WPACKET_INTERN_INIT_LEN 0
+# define SSL_F_WPACKET_START_SUB_PACKET_LEN__ 0
+# define SSL_F_WRITE_STATE_MACHINE 0
+# endif
+
+# ifdef __cplusplus
+}
+# endif
+#endif
diff --git a/openssl/include/openssl/stack.h b/openssl/include/openssl/stack.h
index a2c0489e..292d5a69 100644..100755
--- a/openssl/include/openssl/stack.h
+++ b/openssl/include/openssl/stack.h
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -45,6 +45,7 @@ void *OPENSSL_sk_delete(OPENSSL_STACK *st, int loc);
void *OPENSSL_sk_delete_ptr(OPENSSL_STACK *st, const void *p);
int OPENSSL_sk_find(OPENSSL_STACK *st, const void *data);
int OPENSSL_sk_find_ex(OPENSSL_STACK *st, const void *data);
+int OPENSSL_sk_find_all(OPENSSL_STACK *st, const void *data, int *pnum);
int OPENSSL_sk_push(OPENSSL_STACK *st, const void *data);
int OPENSSL_sk_unshift(OPENSSL_STACK *st, const void *data);
void *OPENSSL_sk_shift(OPENSSL_STACK *st);
diff --git a/openssl/include/openssl/store.h b/openssl/include/openssl/store.h
index b9d64ecc..41113025 100644..100755
--- a/openssl/include/openssl/store.h
+++ b/openssl/include/openssl/store.h
@@ -1,5 +1,5 @@
/*
- * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -52,10 +52,16 @@ typedef OSSL_STORE_INFO *(*OSSL_STORE_post_process_info_fn)(OSSL_STORE_INFO *,
* Returns a context reference which represents the channel to communicate
* through.
*/
-OSSL_STORE_CTX *OSSL_STORE_open(const char *uri, const UI_METHOD *ui_method,
- void *ui_data,
- OSSL_STORE_post_process_info_fn post_process,
- void *post_process_data);
+OSSL_STORE_CTX *
+OSSL_STORE_open(const char *uri, const UI_METHOD *ui_method, void *ui_data,
+ OSSL_STORE_post_process_info_fn post_process,
+ void *post_process_data);
+OSSL_STORE_CTX *
+OSSL_STORE_open_ex(const char *uri, OSSL_LIB_CTX *libctx, const char *propq,
+ const UI_METHOD *ui_method, void *ui_data,
+ const OSSL_PARAM params[],
+ OSSL_STORE_post_process_info_fn post_process,
+ void *post_process_data);
/*
* Control / fine tune the OSSL_STORE channel. |cmd| determines what is to be
@@ -63,8 +69,14 @@ OSSL_STORE_CTX *OSSL_STORE_open(const char *uri, const UI_METHOD *ui_method,
* determine which loader is used), except for common commands (see below).
* Each command takes different arguments.
*/
-int OSSL_STORE_ctrl(OSSL_STORE_CTX *ctx, int cmd, ... /* args */);
-int OSSL_STORE_vctrl(OSSL_STORE_CTX *ctx, int cmd, va_list args);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int OSSL_STORE_ctrl(OSSL_STORE_CTX *ctx, int cmd,
+ ... /* args */);
+OSSL_DEPRECATEDIN_3_0 int OSSL_STORE_vctrl(OSSL_STORE_CTX *ctx, int cmd,
+ va_list args);
+# endif
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
/*
* Common ctrl commands that different loaders may choose to support.
@@ -74,6 +86,8 @@ int OSSL_STORE_vctrl(OSSL_STORE_CTX *ctx, int cmd, va_list args);
/* Where custom commands start */
# define OSSL_STORE_C_CUSTOM_START 100
+# endif
+
/*
* Read one data item (a key, a cert, a CRL) that is supported by the OSSL_STORE
* functionality, given a context.
@@ -115,9 +129,10 @@ int OSSL_STORE_close(OSSL_STORE_CTX *ctx);
* Note that this function is considered unsafe, all depending on what the
* BIO actually reads.
*/
-OSSL_STORE_CTX *OSSL_STORE_attach(BIO *bio, OPENSSL_CTX *libctx,
- const char *scheme, const char *propq,
+OSSL_STORE_CTX *OSSL_STORE_attach(BIO *bio, const char *scheme,
+ OSSL_LIB_CTX *libctx, const char *propq,
const UI_METHOD *ui_method, void *ui_data,
+ const OSSL_PARAM params[],
OSSL_STORE_post_process_info_fn post_process,
void *post_process_data);
@@ -133,9 +148,10 @@ OSSL_STORE_CTX *OSSL_STORE_attach(BIO *bio, OPENSSL_CTX *libctx,
*/
# define OSSL_STORE_INFO_NAME 1 /* char * */
# define OSSL_STORE_INFO_PARAMS 2 /* EVP_PKEY * */
-# define OSSL_STORE_INFO_PKEY 3 /* EVP_PKEY * */
-# define OSSL_STORE_INFO_CERT 4 /* X509 * */
-# define OSSL_STORE_INFO_CRL 5 /* X509_CRL * */
+# define OSSL_STORE_INFO_PUBKEY 3 /* EVP_PKEY * */
+# define OSSL_STORE_INFO_PKEY 4 /* EVP_PKEY * */
+# define OSSL_STORE_INFO_CERT 5 /* X509 * */
+# define OSSL_STORE_INFO_CRL 6 /* X509_CRL * */
/*
* Functions to generate OSSL_STORE_INFOs, one function for each type we
@@ -144,9 +160,11 @@ OSSL_STORE_CTX *OSSL_STORE_attach(BIO *bio, OPENSSL_CTX *libctx,
* In all cases, ownership of the object is transferred to the OSSL_STORE_INFO
* and will therefore be freed when the OSSL_STORE_INFO is freed.
*/
+OSSL_STORE_INFO *OSSL_STORE_INFO_new(int type, void *data);
OSSL_STORE_INFO *OSSL_STORE_INFO_new_NAME(char *name);
int OSSL_STORE_INFO_set0_NAME_description(OSSL_STORE_INFO *info, char *desc);
OSSL_STORE_INFO *OSSL_STORE_INFO_new_PARAMS(EVP_PKEY *params);
+OSSL_STORE_INFO *OSSL_STORE_INFO_new_PUBKEY(EVP_PKEY *pubkey);
OSSL_STORE_INFO *OSSL_STORE_INFO_new_PKEY(EVP_PKEY *pkey);
OSSL_STORE_INFO *OSSL_STORE_INFO_new_CERT(X509 *x509);
OSSL_STORE_INFO *OSSL_STORE_INFO_new_CRL(X509_CRL *crl);
@@ -155,12 +173,15 @@ OSSL_STORE_INFO *OSSL_STORE_INFO_new_CRL(X509_CRL *crl);
* Functions to try to extract data from a OSSL_STORE_INFO.
*/
int OSSL_STORE_INFO_get_type(const OSSL_STORE_INFO *info);
+void *OSSL_STORE_INFO_get0_data(int type, const OSSL_STORE_INFO *info);
const char *OSSL_STORE_INFO_get0_NAME(const OSSL_STORE_INFO *info);
char *OSSL_STORE_INFO_get1_NAME(const OSSL_STORE_INFO *info);
const char *OSSL_STORE_INFO_get0_NAME_description(const OSSL_STORE_INFO *info);
char *OSSL_STORE_INFO_get1_NAME_description(const OSSL_STORE_INFO *info);
EVP_PKEY *OSSL_STORE_INFO_get0_PARAMS(const OSSL_STORE_INFO *info);
EVP_PKEY *OSSL_STORE_INFO_get1_PARAMS(const OSSL_STORE_INFO *info);
+EVP_PKEY *OSSL_STORE_INFO_get0_PUBKEY(const OSSL_STORE_INFO *info);
+EVP_PKEY *OSSL_STORE_INFO_get1_PUBKEY(const OSSL_STORE_INFO *info);
EVP_PKEY *OSSL_STORE_INFO_get0_PKEY(const OSSL_STORE_INFO *info);
EVP_PKEY *OSSL_STORE_INFO_get1_PKEY(const OSSL_STORE_INFO *info);
X509 *OSSL_STORE_INFO_get0_CERT(const OSSL_STORE_INFO *info);
@@ -226,6 +247,32 @@ int OSSL_STORE_find(OSSL_STORE_CTX *ctx, const OSSL_STORE_SEARCH *search);
/*-
+ * Function to fetch a loader and extract data from it
+ * ---------------------------------------------------
+ */
+
+typedef struct ossl_store_loader_st OSSL_STORE_LOADER;
+
+OSSL_STORE_LOADER *OSSL_STORE_LOADER_fetch(OSSL_LIB_CTX *libctx,
+ const char *scheme,
+ const char *properties);
+int OSSL_STORE_LOADER_up_ref(OSSL_STORE_LOADER *loader);
+void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *loader);
+const OSSL_PROVIDER *OSSL_STORE_LOADER_get0_provider(const OSSL_STORE_LOADER *
+ loader);
+const char *OSSL_STORE_LOADER_get0_properties(const OSSL_STORE_LOADER *loader);
+const char *OSSL_STORE_LOADER_get0_description(const OSSL_STORE_LOADER *loader);
+int OSSL_STORE_LOADER_is_a(const OSSL_STORE_LOADER *loader,
+ const char *scheme);
+void OSSL_STORE_LOADER_do_all_provided(OSSL_LIB_CTX *libctx,
+ void (*fn)(OSSL_STORE_LOADER *loader,
+ void *arg),
+ void *arg);
+int OSSL_STORE_LOADER_names_do_all(const OSSL_STORE_LOADER *loader,
+ void (*fn)(const char *name, void *data),
+ void *data);
+
+/*-
* Function to register a loader for the given URI scheme.
* -------------------------------------------------------
*
@@ -233,66 +280,88 @@ int OSSL_STORE_find(OSSL_STORE_CTX *ctx, const OSSL_STORE_SEARCH *search);
* scheme.
*/
-typedef struct ossl_store_loader_st OSSL_STORE_LOADER;
-OSSL_STORE_LOADER *OSSL_STORE_LOADER_new(ENGINE *e, const char *scheme);
-const ENGINE *OSSL_STORE_LOADER_get0_engine(const OSSL_STORE_LOADER *loader);
-const char *OSSL_STORE_LOADER_get0_scheme(const OSSL_STORE_LOADER *loader);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+
/* struct ossl_store_loader_ctx_st is defined differently by each loader */
typedef struct ossl_store_loader_ctx_st OSSL_STORE_LOADER_CTX;
-typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_fn)(const OSSL_STORE_LOADER
- *loader,
- const char *uri,
- const UI_METHOD *ui_method,
- void *ui_data);
+typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_fn)
+ (const OSSL_STORE_LOADER *loader, const char *uri,
+ const UI_METHOD *ui_method, void *ui_data);
+typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_ex_fn)
+ (const OSSL_STORE_LOADER *loader,
+ const char *uri, OSSL_LIB_CTX *libctx, const char *propq,
+ const UI_METHOD *ui_method, void *ui_data);
+
+typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_attach_fn)
+ (const OSSL_STORE_LOADER *loader, BIO *bio,
+ OSSL_LIB_CTX *libctx, const char *propq,
+ const UI_METHOD *ui_method, void *ui_data);
+typedef int (*OSSL_STORE_ctrl_fn)
+ (OSSL_STORE_LOADER_CTX *ctx, int cmd, va_list args);
+typedef int (*OSSL_STORE_expect_fn)
+ (OSSL_STORE_LOADER_CTX *ctx, int expected);
+typedef int (*OSSL_STORE_find_fn)
+ (OSSL_STORE_LOADER_CTX *ctx, const OSSL_STORE_SEARCH *criteria);
+typedef OSSL_STORE_INFO *(*OSSL_STORE_load_fn)
+ (OSSL_STORE_LOADER_CTX *ctx, const UI_METHOD *ui_method, void *ui_data);
+typedef int (*OSSL_STORE_eof_fn)(OSSL_STORE_LOADER_CTX *ctx);
+typedef int (*OSSL_STORE_error_fn)(OSSL_STORE_LOADER_CTX *ctx);
+typedef int (*OSSL_STORE_close_fn)(OSSL_STORE_LOADER_CTX *ctx);
+
+# endif
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0
+OSSL_STORE_LOADER *OSSL_STORE_LOADER_new(ENGINE *e, const char *scheme);
+OSSL_DEPRECATEDIN_3_0
int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *loader,
OSSL_STORE_open_fn open_function);
-typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_attach_fn)(const OSSL_STORE_LOADER
- *loader,
- BIO *bio,
- OPENSSL_CTX *libctx,
- const char *propq,
- const UI_METHOD
- *ui_method,
- void *ui_data);
+OSSL_DEPRECATEDIN_3_0
+int OSSL_STORE_LOADER_set_open_ex(OSSL_STORE_LOADER *loader,
+ OSSL_STORE_open_ex_fn open_ex_function);
+OSSL_DEPRECATEDIN_3_0
int OSSL_STORE_LOADER_set_attach(OSSL_STORE_LOADER *loader,
OSSL_STORE_attach_fn attach_function);
-typedef int (*OSSL_STORE_ctrl_fn)(OSSL_STORE_LOADER_CTX *ctx, int cmd,
- va_list args);
+OSSL_DEPRECATEDIN_3_0
int OSSL_STORE_LOADER_set_ctrl(OSSL_STORE_LOADER *loader,
OSSL_STORE_ctrl_fn ctrl_function);
-typedef int (*OSSL_STORE_expect_fn)(OSSL_STORE_LOADER_CTX *ctx, int expected);
+OSSL_DEPRECATEDIN_3_0
int OSSL_STORE_LOADER_set_expect(OSSL_STORE_LOADER *loader,
OSSL_STORE_expect_fn expect_function);
-typedef int (*OSSL_STORE_find_fn)(OSSL_STORE_LOADER_CTX *ctx,
- const OSSL_STORE_SEARCH *criteria);
+OSSL_DEPRECATEDIN_3_0
int OSSL_STORE_LOADER_set_find(OSSL_STORE_LOADER *loader,
OSSL_STORE_find_fn find_function);
-typedef OSSL_STORE_INFO *(*OSSL_STORE_load_fn)(OSSL_STORE_LOADER_CTX *ctx,
- const UI_METHOD *ui_method,
- void *ui_data);
+OSSL_DEPRECATEDIN_3_0
int OSSL_STORE_LOADER_set_load(OSSL_STORE_LOADER *loader,
OSSL_STORE_load_fn load_function);
-typedef int (*OSSL_STORE_eof_fn)(OSSL_STORE_LOADER_CTX *ctx);
+OSSL_DEPRECATEDIN_3_0
int OSSL_STORE_LOADER_set_eof(OSSL_STORE_LOADER *loader,
OSSL_STORE_eof_fn eof_function);
-typedef int (*OSSL_STORE_error_fn)(OSSL_STORE_LOADER_CTX *ctx);
+OSSL_DEPRECATEDIN_3_0
int OSSL_STORE_LOADER_set_error(OSSL_STORE_LOADER *loader,
OSSL_STORE_error_fn error_function);
-typedef int (*OSSL_STORE_close_fn)(OSSL_STORE_LOADER_CTX *ctx);
+OSSL_DEPRECATEDIN_3_0
int OSSL_STORE_LOADER_set_close(OSSL_STORE_LOADER *loader,
OSSL_STORE_close_fn close_function);
-void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *loader);
-
+OSSL_DEPRECATEDIN_3_0
+const ENGINE *OSSL_STORE_LOADER_get0_engine(const OSSL_STORE_LOADER *loader);
+OSSL_DEPRECATEDIN_3_0
+const char * OSSL_STORE_LOADER_get0_scheme(const OSSL_STORE_LOADER *loader);
+OSSL_DEPRECATEDIN_3_0
int OSSL_STORE_register_loader(OSSL_STORE_LOADER *loader);
+OSSL_DEPRECATEDIN_3_0
OSSL_STORE_LOADER *OSSL_STORE_unregister_loader(const char *scheme);
+# endif
/*-
* Functions to list STORE loaders
* -------------------------------
*/
-int OSSL_STORE_do_all_loaders(void (*do_function) (const OSSL_STORE_LOADER
- *loader, void *do_arg),
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0
+int OSSL_STORE_do_all_loaders(void (*do_function)(const OSSL_STORE_LOADER *loader,
+ void *do_arg),
void *do_arg);
+# endif
# ifdef __cplusplus
}
diff --git a/openssl/include/openssl/storeerr.h b/openssl/include/openssl/storeerr.h
index 0f03c698..98fd46f3 100644..100755
--- a/openssl/include/openssl/storeerr.h
+++ b/openssl/include/openssl/storeerr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -8,62 +8,15 @@
* https://www.openssl.org/source/license.html
*/
-#ifndef OPENSSL_OSSL_STOREERR_H
-# define OPENSSL_OSSL_STOREERR_H
+#ifndef OPENSSL_STOREERR_H
+# define OPENSSL_STOREERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
+# include <openssl/cryptoerr_legacy.h>
-# ifdef __cplusplus
-extern "C"
-# endif
-int ERR_load_OSSL_STORE_strings(void);
-
-/*
- * OSSL_STORE function codes.
- */
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define OSSL_STORE_F_FILE_ATTACH 0
-# define OSSL_STORE_F_FILE_CTRL 0
-# define OSSL_STORE_F_FILE_FIND 0
-# define OSSL_STORE_F_FILE_GET_PASS 0
-# define OSSL_STORE_F_FILE_LOAD 0
-# define OSSL_STORE_F_FILE_LOAD_TRY_DECODE 0
-# define OSSL_STORE_F_FILE_NAME_TO_URI 0
-# define OSSL_STORE_F_FILE_OPEN 0
-# define OSSL_STORE_F_OSSL_STORE_ATTACH 0
-# define OSSL_STORE_F_OSSL_STORE_EXPECT 0
-# define OSSL_STORE_F_OSSL_STORE_FIND 0
-# define OSSL_STORE_F_OSSL_STORE_GET0_LOADER_INT 0
-# define OSSL_STORE_F_OSSL_STORE_INFO_GET1_CERT 0
-# define OSSL_STORE_F_OSSL_STORE_INFO_GET1_CRL 0
-# define OSSL_STORE_F_OSSL_STORE_INFO_GET1_NAME 0
-# define OSSL_STORE_F_OSSL_STORE_INFO_GET1_NAME_DESCRIPTION 0
-# define OSSL_STORE_F_OSSL_STORE_INFO_GET1_PARAMS 0
-# define OSSL_STORE_F_OSSL_STORE_INFO_GET1_PKEY 0
-# define OSSL_STORE_F_OSSL_STORE_INFO_NEW_CERT 0
-# define OSSL_STORE_F_OSSL_STORE_INFO_NEW_CRL 0
-# define OSSL_STORE_F_OSSL_STORE_INFO_NEW_EMBEDDED 0
-# define OSSL_STORE_F_OSSL_STORE_INFO_NEW_NAME 0
-# define OSSL_STORE_F_OSSL_STORE_INFO_NEW_PARAMS 0
-# define OSSL_STORE_F_OSSL_STORE_INFO_NEW_PKEY 0
-# define OSSL_STORE_F_OSSL_STORE_INFO_SET0_NAME_DESCRIPTION 0
-# define OSSL_STORE_F_OSSL_STORE_INIT_ONCE 0
-# define OSSL_STORE_F_OSSL_STORE_LOADER_NEW 0
-# define OSSL_STORE_F_OSSL_STORE_OPEN 0
-# define OSSL_STORE_F_OSSL_STORE_OPEN_INT 0
-# define OSSL_STORE_F_OSSL_STORE_REGISTER_LOADER_INT 0
-# define OSSL_STORE_F_OSSL_STORE_SEARCH_BY_ALIAS 0
-# define OSSL_STORE_F_OSSL_STORE_SEARCH_BY_ISSUER_SERIAL 0
-# define OSSL_STORE_F_OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT 0
-# define OSSL_STORE_F_OSSL_STORE_SEARCH_BY_NAME 0
-# define OSSL_STORE_F_OSSL_STORE_UNREGISTER_LOADER_INT 0
-# define OSSL_STORE_F_TRY_DECODE_PARAMS 0
-# define OSSL_STORE_F_TRY_DECODE_PKCS12 0
-# define OSSL_STORE_F_TRY_DECODE_PKCS8ENCRYPTED 0
-# endif
/*
* OSSL_STORE reason codes.
@@ -78,9 +31,11 @@ int ERR_load_OSSL_STORE_strings(void);
# define OSSL_STORE_R_LOADING_STARTED 117
# define OSSL_STORE_R_NOT_A_CERTIFICATE 100
# define OSSL_STORE_R_NOT_A_CRL 101
-# define OSSL_STORE_R_NOT_A_KEY 102
# define OSSL_STORE_R_NOT_A_NAME 103
+# define OSSL_STORE_R_NOT_A_PRIVATE_KEY 102
+# define OSSL_STORE_R_NOT_A_PUBLIC_KEY 122
# define OSSL_STORE_R_NOT_PARAMETERS 104
+# define OSSL_STORE_R_NO_LOADERS_FOUND 123
# define OSSL_STORE_R_PASSPHRASE_CALLBACK_ERROR 114
# define OSSL_STORE_R_PATH_MUST_BE_ABSOLUTE 108
# define OSSL_STORE_R_SEARCH_ONLY_SUPPORTED_FOR_DIRECTORIES 119
diff --git a/openssl/include/openssl/symhacks.h b/openssl/include/openssl/symhacks.h
index f731d37f..2a571366 100644..100755
--- a/openssl/include/openssl/symhacks.h
+++ b/openssl/include/openssl/symhacks.h
@@ -1,5 +1,5 @@
/*
- * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -34,10 +34,6 @@
# undef i2d_ECPKPARAMETERS
# define i2d_ECPKPARAMETERS i2d_UC_ECPKPARAMETERS
-/* This one clashes with CMS_data_create */
-# undef cms_Data_create
-# define cms_Data_create priv_cms_Data_create
-
# endif
#endif /* ! defined HEADER_VMS_IDHACKS_H */
diff --git a/openssl/include/openssl/tls1.h b/openssl/include/openssl/tls1.h
index 2412db61..60eaf568 100644..100755
--- a/openssl/include/openssl/tls1.h
+++ b/openssl/include/openssl/tls1.h
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
* Copyright 2005 Nokia. All rights reserved.
*
@@ -20,6 +20,7 @@
# include <openssl/buffer.h>
# include <openssl/x509.h>
+# include <openssl/prov_ssl.h>
#ifdef __cplusplus
extern "C" {
@@ -30,10 +31,7 @@ extern "C" {
# define OPENSSL_TLS_SECURITY_LEVEL 1
# endif
-# define TLS1_VERSION 0x0301
-# define TLS1_1_VERSION 0x0302
-# define TLS1_2_VERSION 0x0303
-# define TLS1_3_VERSION 0x0304
+/* TLS*_VERSION constants are defined in prov_ssl.h */
# ifndef OPENSSL_NO_DEPRECATED_3_0
# define TLS_MAX_VERSION TLS1_3_VERSION
# endif
@@ -1121,6 +1119,11 @@ int SSL_CTX_set_tlsext_ticket_key_evp_cb
# define TLS_CT_GOST12_LEGACY_SIGN 238
# define TLS_CT_GOST12_LEGACY_512_SIGN 239
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define TLS_CT_GOST12_SIGN TLS_CT_GOST12_LEGACY_SIGN
+# define TLS_CT_GOST12_512_SIGN TLS_CT_GOST12_LEGACY_512_SIGN
+# endif
+
/*
* when correcting this number, correct also SSL3_CT_NUMBER in ssl3.h (see
* comment there)
diff --git a/openssl/include/openssl/trace.h b/openssl/include/openssl/trace.h
index f68b3ada..aaaa6962 100644..100755
--- a/openssl/include/openssl/trace.h
+++ b/openssl/include/openssl/trace.h
@@ -1,5 +1,5 @@
/*
- * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -9,6 +9,7 @@
#ifndef OPENSSL_TRACE_H
# define OPENSSL_TRACE_H
+# pragma once
# include <stdarg.h>
@@ -42,8 +43,10 @@ extern "C" {
# define OSSL_TRACE_CATEGORY_TLS 3
# define OSSL_TRACE_CATEGORY_TLS_CIPHER 4
# define OSSL_TRACE_CATEGORY_CONF 5
-# define OSSL_TRACE_CATEGORY_ENGINE_TABLE 6
-# define OSSL_TRACE_CATEGORY_ENGINE_REF_COUNT 7
+# ifndef OPENSSL_NO_ENGINE
+# define OSSL_TRACE_CATEGORY_ENGINE_TABLE 6
+# define OSSL_TRACE_CATEGORY_ENGINE_REF_COUNT 7
+# endif
# define OSSL_TRACE_CATEGORY_PKCS5V2 8
# define OSSL_TRACE_CATEGORY_PKCS12_KEYGEN 9
# define OSSL_TRACE_CATEGORY_PKCS12_DECRYPT 10
@@ -51,7 +54,11 @@ extern "C" {
# define OSSL_TRACE_CATEGORY_BN_CTX 12
# define OSSL_TRACE_CATEGORY_CMP 13
# define OSSL_TRACE_CATEGORY_STORE 14
-# define OSSL_TRACE_CATEGORY_NUM 15
+# define OSSL_TRACE_CATEGORY_DECODER 15
+# define OSSL_TRACE_CATEGORY_ENCODER 16
+# define OSSL_TRACE_CATEGORY_REF_COUNT 17
+/* Count of available categories. */
+# define OSSL_TRACE_CATEGORY_NUM 18
/* Returns the trace category number for the given |name| */
int OSSL_trace_get_category_num(const char *name);
@@ -191,7 +198,7 @@ void OSSL_trace_end(int category, BIO *channel);
* call OSSL_TRACE_CANCEL(category).
*/
-# ifndef OPENSSL_NO_TRACE
+# if !defined OPENSSL_NO_TRACE && !defined FIPS_MODULE
# define OSSL_TRACE_BEGIN(category) \
do { \
@@ -230,7 +237,7 @@ void OSSL_trace_end(int category, BIO *channel);
* ...
* }
*/
-# ifndef OPENSSL_NO_TRACE
+# if !defined OPENSSL_NO_TRACE && !defined FIPS_MODULE
# define OSSL_TRACE_ENABLED(category) \
OSSL_trace_enabled(OSSL_TRACE_CATEGORY_##category)
@@ -263,11 +270,19 @@ void OSSL_trace_end(int category, BIO *channel);
* 42, "What do you get when you multiply six by nine?");
*/
-# define OSSL_TRACEV(category, args) \
+# if !defined OPENSSL_NO_TRACE && !defined FIPS_MODULE
+
+# define OSSL_TRACEV(category, args) \
OSSL_TRACE_BEGIN(category) \
BIO_printf args; \
OSSL_TRACE_END(category)
+# else
+
+# define OSSL_TRACEV(category, args) ((void)0)
+
+# endif
+
# define OSSL_TRACE(category, text) \
OSSL_TRACEV(category, (trc_out, "%s", text))
@@ -287,7 +302,7 @@ void OSSL_trace_end(int category, BIO *channel);
OSSL_TRACEV(category, (trc_out, format, arg1, arg2, arg3, arg4, arg5, arg6, arg7))
# define OSSL_TRACE8(category, format, arg1, arg2, arg3, arg4, arg5, arg6, arg7, arg8) \
OSSL_TRACEV(category, (trc_out, format, arg1, arg2, arg3, arg4, arg5, arg6, arg7, arg8))
-# define OSSL_TRACE9(category, format, arg1, arg2, arg3, arg4, arg5, arg6, arg7, arg8) \
+# define OSSL_TRACE9(category, format, arg1, arg2, arg3, arg4, arg5, arg6, arg7, arg8, arg9) \
OSSL_TRACEV(category, (trc_out, format, arg1, arg2, arg3, arg4, arg5, arg6, arg7, arg8, arg9))
# ifdef __cplusplus
diff --git a/openssl/include/openssl/ts.h b/openssl/include/openssl/ts.h
index da7a7cb9..d4c66faf 100644..100755
--- a/openssl/include/openssl/ts.h
+++ b/openssl/include/openssl/ts.h
@@ -1,5 +1,5 @@
/*
- * Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -266,6 +266,7 @@ typedef struct TS_resp_ctx TS_RESP_CTX;
/* Creates a response context that can be used for generating responses. */
TS_RESP_CTX *TS_RESP_CTX_new(void);
+TS_RESP_CTX *TS_RESP_CTX_new_ex(OSSL_LIB_CTX *libctx, const char *propq);
void TS_RESP_CTX_free(TS_RESP_CTX *ctx);
/* This parameter must be set. */
@@ -486,7 +487,7 @@ int TS_CONF_set_def_policy(CONF *conf, const char *section,
int TS_CONF_set_policies(CONF *conf, const char *section, TS_RESP_CTX *ctx);
int TS_CONF_set_digests(CONF *conf, const char *section, TS_RESP_CTX *ctx);
int TS_CONF_set_accuracy(CONF *conf, const char *section, TS_RESP_CTX *ctx);
-int TS_CONF_set_clock_precision_digits(CONF *conf, const char *section,
+int TS_CONF_set_clock_precision_digits(const CONF *conf, const char *section,
TS_RESP_CTX *ctx);
int TS_CONF_set_ordering(CONF *conf, const char *section, TS_RESP_CTX *ctx);
int TS_CONF_set_tsa_name(CONF *conf, const char *section, TS_RESP_CTX *ctx);
diff --git a/openssl/include/openssl/tserr.h b/openssl/include/openssl/tserr.h
index 64e15d53..2b6dcc35 100644..100755
--- a/openssl/include/openssl/tserr.h
+++ b/openssl/include/openssl/tserr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -14,73 +14,11 @@
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
+# include <openssl/cryptoerr_legacy.h>
-# include <openssl/opensslconf.h>
-
# ifndef OPENSSL_NO_TS
-# ifdef __cplusplus
-extern "C"
-# endif
-int ERR_load_TS_strings(void);
-
-/*
- * TS function codes.
- */
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define TS_F_DEF_SERIAL_CB 0
-# define TS_F_DEF_TIME_CB 0
-# define TS_F_INT_TS_RESP_VERIFY_TOKEN 0
-# define TS_F_PKCS7_TO_TS_TST_INFO 0
-# define TS_F_TS_ACCURACY_SET_MICROS 0
-# define TS_F_TS_ACCURACY_SET_MILLIS 0
-# define TS_F_TS_ACCURACY_SET_SECONDS 0
-# define TS_F_TS_CHECK_IMPRINTS 0
-# define TS_F_TS_CHECK_NONCES 0
-# define TS_F_TS_CHECK_POLICY 0
-# define TS_F_TS_CHECK_SIGNING_CERTS 0
-# define TS_F_TS_CHECK_STATUS_INFO 0
-# define TS_F_TS_COMPUTE_IMPRINT 0
-# define TS_F_TS_CONF_INVALID 0
-# define TS_F_TS_CONF_LOAD_CERT 0
-# define TS_F_TS_CONF_LOAD_CERTS 0
-# define TS_F_TS_CONF_LOAD_KEY 0
-# define TS_F_TS_CONF_LOOKUP_FAIL 0
-# define TS_F_TS_CONF_SET_DEFAULT_ENGINE 0
-# define TS_F_TS_GET_STATUS_TEXT 0
-# define TS_F_TS_MSG_IMPRINT_SET_ALGO 0
-# define TS_F_TS_REQ_SET_MSG_IMPRINT 0
-# define TS_F_TS_REQ_SET_NONCE 0
-# define TS_F_TS_REQ_SET_POLICY_ID 0
-# define TS_F_TS_RESP_CREATE_RESPONSE 0
-# define TS_F_TS_RESP_CREATE_TST_INFO 0
-# define TS_F_TS_RESP_CTX_ADD_FAILURE_INFO 0
-# define TS_F_TS_RESP_CTX_ADD_MD 0
-# define TS_F_TS_RESP_CTX_ADD_POLICY 0
-# define TS_F_TS_RESP_CTX_NEW 0
-# define TS_F_TS_RESP_CTX_SET_ACCURACY 0
-# define TS_F_TS_RESP_CTX_SET_CERTS 0
-# define TS_F_TS_RESP_CTX_SET_DEF_POLICY 0
-# define TS_F_TS_RESP_CTX_SET_SIGNER_CERT 0
-# define TS_F_TS_RESP_CTX_SET_STATUS_INFO 0
-# define TS_F_TS_RESP_GET_POLICY 0
-# define TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION 0
-# define TS_F_TS_RESP_SET_STATUS_INFO 0
-# define TS_F_TS_RESP_SET_TST_INFO 0
-# define TS_F_TS_RESP_SIGN 0
-# define TS_F_TS_RESP_VERIFY_SIGNATURE 0
-# define TS_F_TS_TST_INFO_SET_ACCURACY 0
-# define TS_F_TS_TST_INFO_SET_MSG_IMPRINT 0
-# define TS_F_TS_TST_INFO_SET_NONCE 0
-# define TS_F_TS_TST_INFO_SET_POLICY_ID 0
-# define TS_F_TS_TST_INFO_SET_SERIAL 0
-# define TS_F_TS_TST_INFO_SET_TIME 0
-# define TS_F_TS_TST_INFO_SET_TSA 0
-# define TS_F_TS_VERIFY 0
-# define TS_F_TS_VERIFY_CERT 0
-# define TS_F_TS_VERIFY_CTX_NEW 0
-# endif
/*
* TS reason codes.
diff --git a/openssl/include/openssl/txt_db.h b/openssl/include/openssl/txt_db.h
index 7951bbaa..7951bbaa 100644..100755
--- a/openssl/include/openssl/txt_db.h
+++ b/openssl/include/openssl/txt_db.h
diff --git a/openssl/include/openssl/types.h b/openssl/include/openssl/types.h
index cde76a4f..b575a549 100644..100755
--- a/openssl/include/openssl/types.h
+++ b/openssl/include/openssl/types.h
@@ -1,5 +1,5 @@
/*
- * Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -9,15 +9,17 @@
#ifndef OPENSSL_TYPES_H
# define OPENSSL_TYPES_H
+# pragma once
-#include <limits.h>
+# include <limits.h>
-#ifdef __cplusplus
+# ifdef __cplusplus
extern "C" {
-#endif
+# endif
# include <openssl/e_os2.h>
# include <openssl/safestack.h>
+# include <openssl/macros.h>
typedef struct ossl_provider_st OSSL_PROVIDER; /* Provider Object */
@@ -123,6 +125,8 @@ typedef struct evp_signature_st EVP_SIGNATURE;
typedef struct evp_asym_cipher_st EVP_ASYM_CIPHER;
+typedef struct evp_kem_st EVP_KEM;
+
typedef struct evp_Encode_Ctx_st EVP_ENCODE_CTX;
typedef struct hmac_ctx_st HMAC_CTX;
@@ -130,15 +134,21 @@ typedef struct hmac_ctx_st HMAC_CTX;
typedef struct dh_st DH;
typedef struct dh_method DH_METHOD;
+# ifndef OPENSSL_NO_DEPRECATED_3_0
typedef struct dsa_st DSA;
typedef struct dsa_method DSA_METHOD;
+# endif
+# ifndef OPENSSL_NO_DEPRECATED_3_0
typedef struct rsa_st RSA;
typedef struct rsa_meth_st RSA_METHOD;
+# endif
typedef struct rsa_pss_params_st RSA_PSS_PARAMS;
+# ifndef OPENSSL_NO_DEPRECATED_3_0
typedef struct ec_key_st EC_KEY;
typedef struct ec_key_method_st EC_KEY_METHOD;
+# endif
typedef struct rand_meth_st RAND_METHOD;
typedef struct rand_drbg_st RAND_DRBG;
@@ -189,7 +199,7 @@ typedef struct NAME_CONSTRAINTS_st NAME_CONSTRAINTS;
typedef struct crypto_ex_data_st CRYPTO_EX_DATA;
-typedef struct ossl_http_req_ctx_st OCSP_REQ_CTX; /* backward compatibility */
+typedef struct ossl_http_req_ctx_st OSSL_HTTP_REQ_CTX;
typedef struct ocsp_response_st OCSP_RESPONSE;
typedef struct ocsp_responder_id_st OCSP_RESPID;
@@ -202,7 +212,7 @@ typedef struct ct_policy_eval_ctx_st CT_POLICY_EVAL_CTX;
typedef struct ossl_store_info_st OSSL_STORE_INFO;
typedef struct ossl_store_search_st OSSL_STORE_SEARCH;
-typedef struct openssl_ctx_st OPENSSL_CTX;
+typedef struct ossl_lib_ctx_st OSSL_LIB_CTX;
typedef struct ossl_dispatch_st OSSL_DISPATCH;
typedef struct ossl_item_st OSSL_ITEM;
@@ -212,26 +222,13 @@ typedef struct ossl_param_bld_st OSSL_PARAM_BLD;
typedef int pem_password_cb (char *buf, int size, int rwflag, void *userdata);
-typedef struct ossl_serializer_st OSSL_SERIALIZER;
-typedef struct ossl_serializer_ctx_st OSSL_SERIALIZER_CTX;
+typedef struct ossl_encoder_st OSSL_ENCODER;
+typedef struct ossl_encoder_ctx_st OSSL_ENCODER_CTX;
+typedef struct ossl_decoder_st OSSL_DECODER;
+typedef struct ossl_decoder_ctx_st OSSL_DECODER_CTX;
typedef struct ossl_self_test_st OSSL_SELF_TEST;
-#if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 199901L && \
- defined(INTMAX_MAX) && defined(UINTMAX_MAX)
-typedef intmax_t ossl_intmax_t;
-typedef uintmax_t ossl_uintmax_t;
-#else
-/*
- * Not long long, because the C-library can only be expected to provide
- * strtoll(), strtoull() at the same time as intmax_t and strtoimax(),
- * strtoumax(). Since we use these for parsing arguments, we need the
- * conversion functions, not just the sizes.
- */
-typedef long ossl_intmax_t;
-typedef unsigned long ossl_uintmax_t;
-#endif
-
#ifdef __cplusplus
}
#endif
diff --git a/openssl/include/openssl/ui.h b/openssl/include/openssl/ui.h
index 9ec42e5a..b1cddc41 100644..100755
--- a/openssl/include/openssl/ui.h
+++ b/openssl/include/openssl/ui.h
@@ -1,4 +1,7 @@
/*
+ * WARNING: do not edit!
+ * Generated by makefile from include\openssl\ui.h.in
+ *
* Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
@@ -7,6 +10,8 @@
* https://www.openssl.org/source/license.html
*/
+
+
#ifndef OPENSSL_UI_H
# define OPENSSL_UI_H
# pragma once
@@ -138,25 +143,26 @@ int UI_dup_error_string(UI *ui, const char *text);
# define UI_INPUT_FLAG_USER_BASE 16
/*-
- * The following function helps construct a prompt. object_desc is a
- * textual short description of the object, for example "pass phrase",
- * and object_name is the name of the object (might be a card name or
- * a file name.
+ * The following function helps construct a prompt.
+ * phrase_desc is a textual short description of the phrase to enter,
+ * for example "pass phrase", and
+ * object_name is the name of the object
+ * (which might be a card name or a file name) or NULL.
* The returned string shall always be allocated on the heap with
* OPENSSL_malloc(), and need to be free'd with OPENSSL_free().
*
* If the ui_method doesn't contain a pointer to a user-defined prompt
* constructor, a default string is built, looking like this:
*
- * "Enter {object_desc} for {object_name}:"
+ * "Enter {phrase_desc} for {object_name}:"
*
- * So, if object_desc has the value "pass phrase" and object_name has
+ * So, if phrase_desc has the value "pass phrase" and object_name has
* the value "foo.key", the resulting string is:
*
* "Enter pass phrase for foo.key:"
*/
char *UI_construct_prompt(UI *ui_method,
- const char *object_desc, const char *object_name);
+ const char *phrase_desc, const char *object_name);
/*
* The following function is used to store a pointer to user-specific data.
@@ -284,7 +290,33 @@ const UI_METHOD *UI_null(void);
*/
typedef struct ui_string_st UI_STRING;
-DEFINE_OR_DECLARE_STACK_OF(UI_STRING)
+SKM_DEFINE_STACK_OF_INTERNAL(UI_STRING, UI_STRING, UI_STRING)
+#define sk_UI_STRING_num(sk) OPENSSL_sk_num(ossl_check_const_UI_STRING_sk_type(sk))
+#define sk_UI_STRING_value(sk, idx) ((UI_STRING *)OPENSSL_sk_value(ossl_check_const_UI_STRING_sk_type(sk), (idx)))
+#define sk_UI_STRING_new(cmp) ((STACK_OF(UI_STRING) *)OPENSSL_sk_new(ossl_check_UI_STRING_compfunc_type(cmp)))
+#define sk_UI_STRING_new_null() ((STACK_OF(UI_STRING) *)OPENSSL_sk_new_null())
+#define sk_UI_STRING_new_reserve(cmp, n) ((STACK_OF(UI_STRING) *)OPENSSL_sk_new_reserve(ossl_check_UI_STRING_compfunc_type(cmp), (n)))
+#define sk_UI_STRING_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_UI_STRING_sk_type(sk), (n))
+#define sk_UI_STRING_free(sk) OPENSSL_sk_free(ossl_check_UI_STRING_sk_type(sk))
+#define sk_UI_STRING_zero(sk) OPENSSL_sk_zero(ossl_check_UI_STRING_sk_type(sk))
+#define sk_UI_STRING_delete(sk, i) ((UI_STRING *)OPENSSL_sk_delete(ossl_check_UI_STRING_sk_type(sk), (i)))
+#define sk_UI_STRING_delete_ptr(sk, ptr) ((UI_STRING *)OPENSSL_sk_delete_ptr(ossl_check_UI_STRING_sk_type(sk), ossl_check_UI_STRING_type(ptr)))
+#define sk_UI_STRING_push(sk, ptr) OPENSSL_sk_push(ossl_check_UI_STRING_sk_type(sk), ossl_check_UI_STRING_type(ptr))
+#define sk_UI_STRING_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_UI_STRING_sk_type(sk), ossl_check_UI_STRING_type(ptr))
+#define sk_UI_STRING_pop(sk) ((UI_STRING *)OPENSSL_sk_pop(ossl_check_UI_STRING_sk_type(sk)))
+#define sk_UI_STRING_shift(sk) ((UI_STRING *)OPENSSL_sk_shift(ossl_check_UI_STRING_sk_type(sk)))
+#define sk_UI_STRING_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_UI_STRING_sk_type(sk),ossl_check_UI_STRING_freefunc_type(freefunc))
+#define sk_UI_STRING_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_UI_STRING_sk_type(sk), ossl_check_UI_STRING_type(ptr), (idx))
+#define sk_UI_STRING_set(sk, idx, ptr) ((UI_STRING *)OPENSSL_sk_set(ossl_check_UI_STRING_sk_type(sk), (idx), ossl_check_UI_STRING_type(ptr)))
+#define sk_UI_STRING_find(sk, ptr) OPENSSL_sk_find(ossl_check_UI_STRING_sk_type(sk), ossl_check_UI_STRING_type(ptr))
+#define sk_UI_STRING_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_UI_STRING_sk_type(sk), ossl_check_UI_STRING_type(ptr))
+#define sk_UI_STRING_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_UI_STRING_sk_type(sk), ossl_check_UI_STRING_type(ptr), pnum)
+#define sk_UI_STRING_sort(sk) OPENSSL_sk_sort(ossl_check_UI_STRING_sk_type(sk))
+#define sk_UI_STRING_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_UI_STRING_sk_type(sk))
+#define sk_UI_STRING_dup(sk) ((STACK_OF(UI_STRING) *)OPENSSL_sk_dup(ossl_check_const_UI_STRING_sk_type(sk)))
+#define sk_UI_STRING_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(UI_STRING) *)OPENSSL_sk_deep_copy(ossl_check_const_UI_STRING_sk_type(sk), ossl_check_UI_STRING_copyfunc_type(copyfunc), ossl_check_UI_STRING_freefunc_type(freefunc)))
+#define sk_UI_STRING_set_cmp_func(sk, cmp) ((sk_UI_STRING_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_UI_STRING_sk_type(sk), ossl_check_UI_STRING_compfunc_type(cmp)))
+
/*
* The different types of strings that are currently supported. This is only
@@ -315,7 +347,7 @@ int UI_method_set_data_duplicator(UI_METHOD *method,
int UI_method_set_prompt_constructor(UI_METHOD *method,
char *(*prompt_constructor) (UI *ui,
const char
- *object_desc,
+ *phrase_desc,
const char
*object_name));
int UI_method_set_ex_data(UI_METHOD *method, int idx, void *data);
diff --git a/openssl/include/openssl/uierr.h b/openssl/include/openssl/uierr.h
index 44d243cf..6a455206 100644..100755
--- a/openssl/include/openssl/uierr.h
+++ b/openssl/include/openssl/uierr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -14,39 +14,9 @@
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
+# include <openssl/cryptoerr_legacy.h>
-# ifdef __cplusplus
-extern "C"
-# endif
-int ERR_load_UI_strings(void);
-
-/*
- * UI function codes.
- */
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define UI_F_CLOSE_CONSOLE 0
-# define UI_F_ECHO_CONSOLE 0
-# define UI_F_GENERAL_ALLOCATE_BOOLEAN 0
-# define UI_F_GENERAL_ALLOCATE_PROMPT 0
-# define UI_F_NOECHO_CONSOLE 0
-# define UI_F_OPEN_CONSOLE 0
-# define UI_F_UI_CONSTRUCT_PROMPT 0
-# define UI_F_UI_CREATE_METHOD 0
-# define UI_F_UI_CTRL 0
-# define UI_F_UI_DUP_ERROR_STRING 0
-# define UI_F_UI_DUP_INFO_STRING 0
-# define UI_F_UI_DUP_INPUT_BOOLEAN 0
-# define UI_F_UI_DUP_INPUT_STRING 0
-# define UI_F_UI_DUP_USER_DATA 0
-# define UI_F_UI_DUP_VERIFY_STRING 0
-# define UI_F_UI_GET0_RESULT 0
-# define UI_F_UI_GET_RESULT_LENGTH 0
-# define UI_F_UI_NEW_METHOD 0
-# define UI_F_UI_PROCESS 0
-# define UI_F_UI_SET_RESULT 0
-# define UI_F_UI_SET_RESULT_EX 0
-# endif
/*
* UI reason codes.
diff --git a/openssl/include/openssl/whrlpool.h b/openssl/include/openssl/whrlpool.h
index e6a27b3d..735f4031 100644..100755
--- a/openssl/include/openssl/whrlpool.h
+++ b/openssl/include/openssl/whrlpool.h
@@ -43,15 +43,16 @@ typedef struct {
size_t bitlen[WHIRLPOOL_COUNTER / sizeof(size_t)];
} WHIRLPOOL_CTX;
# endif
-
-DEPRECATEDIN_3_0(int WHIRLPOOL_Init(WHIRLPOOL_CTX *c))
-DEPRECATEDIN_3_0(int WHIRLPOOL_Update(WHIRLPOOL_CTX *c,
- const void *inp, size_t bytes))
-DEPRECATEDIN_3_0(void WHIRLPOOL_BitUpdate(WHIRLPOOL_CTX *c, const void *inp,
- size_t bits))
-DEPRECATEDIN_3_0(int WHIRLPOOL_Final(unsigned char *md, WHIRLPOOL_CTX *c))
-DEPRECATEDIN_3_0(unsigned char *WHIRLPOOL(const void *inp, size_t bytes,
- unsigned char *md))
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 int WHIRLPOOL_Init(WHIRLPOOL_CTX *c);
+OSSL_DEPRECATEDIN_3_0 int WHIRLPOOL_Update(WHIRLPOOL_CTX *c,
+ const void *inp, size_t bytes);
+OSSL_DEPRECATEDIN_3_0 void WHIRLPOOL_BitUpdate(WHIRLPOOL_CTX *c,
+ const void *inp, size_t bits);
+OSSL_DEPRECATEDIN_3_0 int WHIRLPOOL_Final(unsigned char *md, WHIRLPOOL_CTX *c);
+OSSL_DEPRECATEDIN_3_0 unsigned char *WHIRLPOOL(const void *inp, size_t bytes,
+ unsigned char *md);
+# endif
# ifdef __cplusplus
}
diff --git a/openssl/include/openssl/x509.h b/openssl/include/openssl/x509.h
index 6b47f1e6..41a1e905 100644..100755
--- a/openssl/include/openssl/x509.h
+++ b/openssl/include/openssl/x509.h
@@ -1,5 +1,8 @@
/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * WARNING: do not edit!
+ * Generated by makefile from include\openssl\x509.h.in
+ *
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
@@ -8,6 +11,8 @@
* https://www.openssl.org/source/license.html
*/
+
+
#ifndef OPENSSL_X509_H
# define OPENSSL_X509_H
# pragma once
@@ -41,10 +46,111 @@ extern "C" {
#endif
/* Needed stacks for types defined in other headers */
-DEFINE_OR_DECLARE_STACK_OF(X509_NAME)
-DEFINE_OR_DECLARE_STACK_OF(X509)
-DEFINE_OR_DECLARE_STACK_OF(X509_REVOKED)
-DEFINE_OR_DECLARE_STACK_OF(X509_CRL)
+SKM_DEFINE_STACK_OF_INTERNAL(X509_NAME, X509_NAME, X509_NAME)
+#define sk_X509_NAME_num(sk) OPENSSL_sk_num(ossl_check_const_X509_NAME_sk_type(sk))
+#define sk_X509_NAME_value(sk, idx) ((X509_NAME *)OPENSSL_sk_value(ossl_check_const_X509_NAME_sk_type(sk), (idx)))
+#define sk_X509_NAME_new(cmp) ((STACK_OF(X509_NAME) *)OPENSSL_sk_new(ossl_check_X509_NAME_compfunc_type(cmp)))
+#define sk_X509_NAME_new_null() ((STACK_OF(X509_NAME) *)OPENSSL_sk_new_null())
+#define sk_X509_NAME_new_reserve(cmp, n) ((STACK_OF(X509_NAME) *)OPENSSL_sk_new_reserve(ossl_check_X509_NAME_compfunc_type(cmp), (n)))
+#define sk_X509_NAME_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_X509_NAME_sk_type(sk), (n))
+#define sk_X509_NAME_free(sk) OPENSSL_sk_free(ossl_check_X509_NAME_sk_type(sk))
+#define sk_X509_NAME_zero(sk) OPENSSL_sk_zero(ossl_check_X509_NAME_sk_type(sk))
+#define sk_X509_NAME_delete(sk, i) ((X509_NAME *)OPENSSL_sk_delete(ossl_check_X509_NAME_sk_type(sk), (i)))
+#define sk_X509_NAME_delete_ptr(sk, ptr) ((X509_NAME *)OPENSSL_sk_delete_ptr(ossl_check_X509_NAME_sk_type(sk), ossl_check_X509_NAME_type(ptr)))
+#define sk_X509_NAME_push(sk, ptr) OPENSSL_sk_push(ossl_check_X509_NAME_sk_type(sk), ossl_check_X509_NAME_type(ptr))
+#define sk_X509_NAME_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_X509_NAME_sk_type(sk), ossl_check_X509_NAME_type(ptr))
+#define sk_X509_NAME_pop(sk) ((X509_NAME *)OPENSSL_sk_pop(ossl_check_X509_NAME_sk_type(sk)))
+#define sk_X509_NAME_shift(sk) ((X509_NAME *)OPENSSL_sk_shift(ossl_check_X509_NAME_sk_type(sk)))
+#define sk_X509_NAME_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_X509_NAME_sk_type(sk),ossl_check_X509_NAME_freefunc_type(freefunc))
+#define sk_X509_NAME_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_X509_NAME_sk_type(sk), ossl_check_X509_NAME_type(ptr), (idx))
+#define sk_X509_NAME_set(sk, idx, ptr) ((X509_NAME *)OPENSSL_sk_set(ossl_check_X509_NAME_sk_type(sk), (idx), ossl_check_X509_NAME_type(ptr)))
+#define sk_X509_NAME_find(sk, ptr) OPENSSL_sk_find(ossl_check_X509_NAME_sk_type(sk), ossl_check_X509_NAME_type(ptr))
+#define sk_X509_NAME_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_X509_NAME_sk_type(sk), ossl_check_X509_NAME_type(ptr))
+#define sk_X509_NAME_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_X509_NAME_sk_type(sk), ossl_check_X509_NAME_type(ptr), pnum)
+#define sk_X509_NAME_sort(sk) OPENSSL_sk_sort(ossl_check_X509_NAME_sk_type(sk))
+#define sk_X509_NAME_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_X509_NAME_sk_type(sk))
+#define sk_X509_NAME_dup(sk) ((STACK_OF(X509_NAME) *)OPENSSL_sk_dup(ossl_check_const_X509_NAME_sk_type(sk)))
+#define sk_X509_NAME_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(X509_NAME) *)OPENSSL_sk_deep_copy(ossl_check_const_X509_NAME_sk_type(sk), ossl_check_X509_NAME_copyfunc_type(copyfunc), ossl_check_X509_NAME_freefunc_type(freefunc)))
+#define sk_X509_NAME_set_cmp_func(sk, cmp) ((sk_X509_NAME_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_X509_NAME_sk_type(sk), ossl_check_X509_NAME_compfunc_type(cmp)))
+SKM_DEFINE_STACK_OF_INTERNAL(X509, X509, X509)
+#define sk_X509_num(sk) OPENSSL_sk_num(ossl_check_const_X509_sk_type(sk))
+#define sk_X509_value(sk, idx) ((X509 *)OPENSSL_sk_value(ossl_check_const_X509_sk_type(sk), (idx)))
+#define sk_X509_new(cmp) ((STACK_OF(X509) *)OPENSSL_sk_new(ossl_check_X509_compfunc_type(cmp)))
+#define sk_X509_new_null() ((STACK_OF(X509) *)OPENSSL_sk_new_null())
+#define sk_X509_new_reserve(cmp, n) ((STACK_OF(X509) *)OPENSSL_sk_new_reserve(ossl_check_X509_compfunc_type(cmp), (n)))
+#define sk_X509_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_X509_sk_type(sk), (n))
+#define sk_X509_free(sk) OPENSSL_sk_free(ossl_check_X509_sk_type(sk))
+#define sk_X509_zero(sk) OPENSSL_sk_zero(ossl_check_X509_sk_type(sk))
+#define sk_X509_delete(sk, i) ((X509 *)OPENSSL_sk_delete(ossl_check_X509_sk_type(sk), (i)))
+#define sk_X509_delete_ptr(sk, ptr) ((X509 *)OPENSSL_sk_delete_ptr(ossl_check_X509_sk_type(sk), ossl_check_X509_type(ptr)))
+#define sk_X509_push(sk, ptr) OPENSSL_sk_push(ossl_check_X509_sk_type(sk), ossl_check_X509_type(ptr))
+#define sk_X509_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_X509_sk_type(sk), ossl_check_X509_type(ptr))
+#define sk_X509_pop(sk) ((X509 *)OPENSSL_sk_pop(ossl_check_X509_sk_type(sk)))
+#define sk_X509_shift(sk) ((X509 *)OPENSSL_sk_shift(ossl_check_X509_sk_type(sk)))
+#define sk_X509_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_X509_sk_type(sk),ossl_check_X509_freefunc_type(freefunc))
+#define sk_X509_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_X509_sk_type(sk), ossl_check_X509_type(ptr), (idx))
+#define sk_X509_set(sk, idx, ptr) ((X509 *)OPENSSL_sk_set(ossl_check_X509_sk_type(sk), (idx), ossl_check_X509_type(ptr)))
+#define sk_X509_find(sk, ptr) OPENSSL_sk_find(ossl_check_X509_sk_type(sk), ossl_check_X509_type(ptr))
+#define sk_X509_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_X509_sk_type(sk), ossl_check_X509_type(ptr))
+#define sk_X509_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_X509_sk_type(sk), ossl_check_X509_type(ptr), pnum)
+#define sk_X509_sort(sk) OPENSSL_sk_sort(ossl_check_X509_sk_type(sk))
+#define sk_X509_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_X509_sk_type(sk))
+#define sk_X509_dup(sk) ((STACK_OF(X509) *)OPENSSL_sk_dup(ossl_check_const_X509_sk_type(sk)))
+#define sk_X509_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(X509) *)OPENSSL_sk_deep_copy(ossl_check_const_X509_sk_type(sk), ossl_check_X509_copyfunc_type(copyfunc), ossl_check_X509_freefunc_type(freefunc)))
+#define sk_X509_set_cmp_func(sk, cmp) ((sk_X509_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_X509_sk_type(sk), ossl_check_X509_compfunc_type(cmp)))
+SKM_DEFINE_STACK_OF_INTERNAL(X509_REVOKED, X509_REVOKED, X509_REVOKED)
+#define sk_X509_REVOKED_num(sk) OPENSSL_sk_num(ossl_check_const_X509_REVOKED_sk_type(sk))
+#define sk_X509_REVOKED_value(sk, idx) ((X509_REVOKED *)OPENSSL_sk_value(ossl_check_const_X509_REVOKED_sk_type(sk), (idx)))
+#define sk_X509_REVOKED_new(cmp) ((STACK_OF(X509_REVOKED) *)OPENSSL_sk_new(ossl_check_X509_REVOKED_compfunc_type(cmp)))
+#define sk_X509_REVOKED_new_null() ((STACK_OF(X509_REVOKED) *)OPENSSL_sk_new_null())
+#define sk_X509_REVOKED_new_reserve(cmp, n) ((STACK_OF(X509_REVOKED) *)OPENSSL_sk_new_reserve(ossl_check_X509_REVOKED_compfunc_type(cmp), (n)))
+#define sk_X509_REVOKED_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_X509_REVOKED_sk_type(sk), (n))
+#define sk_X509_REVOKED_free(sk) OPENSSL_sk_free(ossl_check_X509_REVOKED_sk_type(sk))
+#define sk_X509_REVOKED_zero(sk) OPENSSL_sk_zero(ossl_check_X509_REVOKED_sk_type(sk))
+#define sk_X509_REVOKED_delete(sk, i) ((X509_REVOKED *)OPENSSL_sk_delete(ossl_check_X509_REVOKED_sk_type(sk), (i)))
+#define sk_X509_REVOKED_delete_ptr(sk, ptr) ((X509_REVOKED *)OPENSSL_sk_delete_ptr(ossl_check_X509_REVOKED_sk_type(sk), ossl_check_X509_REVOKED_type(ptr)))
+#define sk_X509_REVOKED_push(sk, ptr) OPENSSL_sk_push(ossl_check_X509_REVOKED_sk_type(sk), ossl_check_X509_REVOKED_type(ptr))
+#define sk_X509_REVOKED_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_X509_REVOKED_sk_type(sk), ossl_check_X509_REVOKED_type(ptr))
+#define sk_X509_REVOKED_pop(sk) ((X509_REVOKED *)OPENSSL_sk_pop(ossl_check_X509_REVOKED_sk_type(sk)))
+#define sk_X509_REVOKED_shift(sk) ((X509_REVOKED *)OPENSSL_sk_shift(ossl_check_X509_REVOKED_sk_type(sk)))
+#define sk_X509_REVOKED_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_X509_REVOKED_sk_type(sk),ossl_check_X509_REVOKED_freefunc_type(freefunc))
+#define sk_X509_REVOKED_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_X509_REVOKED_sk_type(sk), ossl_check_X509_REVOKED_type(ptr), (idx))
+#define sk_X509_REVOKED_set(sk, idx, ptr) ((X509_REVOKED *)OPENSSL_sk_set(ossl_check_X509_REVOKED_sk_type(sk), (idx), ossl_check_X509_REVOKED_type(ptr)))
+#define sk_X509_REVOKED_find(sk, ptr) OPENSSL_sk_find(ossl_check_X509_REVOKED_sk_type(sk), ossl_check_X509_REVOKED_type(ptr))
+#define sk_X509_REVOKED_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_X509_REVOKED_sk_type(sk), ossl_check_X509_REVOKED_type(ptr))
+#define sk_X509_REVOKED_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_X509_REVOKED_sk_type(sk), ossl_check_X509_REVOKED_type(ptr), pnum)
+#define sk_X509_REVOKED_sort(sk) OPENSSL_sk_sort(ossl_check_X509_REVOKED_sk_type(sk))
+#define sk_X509_REVOKED_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_X509_REVOKED_sk_type(sk))
+#define sk_X509_REVOKED_dup(sk) ((STACK_OF(X509_REVOKED) *)OPENSSL_sk_dup(ossl_check_const_X509_REVOKED_sk_type(sk)))
+#define sk_X509_REVOKED_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(X509_REVOKED) *)OPENSSL_sk_deep_copy(ossl_check_const_X509_REVOKED_sk_type(sk), ossl_check_X509_REVOKED_copyfunc_type(copyfunc), ossl_check_X509_REVOKED_freefunc_type(freefunc)))
+#define sk_X509_REVOKED_set_cmp_func(sk, cmp) ((sk_X509_REVOKED_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_X509_REVOKED_sk_type(sk), ossl_check_X509_REVOKED_compfunc_type(cmp)))
+SKM_DEFINE_STACK_OF_INTERNAL(X509_CRL, X509_CRL, X509_CRL)
+#define sk_X509_CRL_num(sk) OPENSSL_sk_num(ossl_check_const_X509_CRL_sk_type(sk))
+#define sk_X509_CRL_value(sk, idx) ((X509_CRL *)OPENSSL_sk_value(ossl_check_const_X509_CRL_sk_type(sk), (idx)))
+#define sk_X509_CRL_new(cmp) ((STACK_OF(X509_CRL) *)OPENSSL_sk_new(ossl_check_X509_CRL_compfunc_type(cmp)))
+#define sk_X509_CRL_new_null() ((STACK_OF(X509_CRL) *)OPENSSL_sk_new_null())
+#define sk_X509_CRL_new_reserve(cmp, n) ((STACK_OF(X509_CRL) *)OPENSSL_sk_new_reserve(ossl_check_X509_CRL_compfunc_type(cmp), (n)))
+#define sk_X509_CRL_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_X509_CRL_sk_type(sk), (n))
+#define sk_X509_CRL_free(sk) OPENSSL_sk_free(ossl_check_X509_CRL_sk_type(sk))
+#define sk_X509_CRL_zero(sk) OPENSSL_sk_zero(ossl_check_X509_CRL_sk_type(sk))
+#define sk_X509_CRL_delete(sk, i) ((X509_CRL *)OPENSSL_sk_delete(ossl_check_X509_CRL_sk_type(sk), (i)))
+#define sk_X509_CRL_delete_ptr(sk, ptr) ((X509_CRL *)OPENSSL_sk_delete_ptr(ossl_check_X509_CRL_sk_type(sk), ossl_check_X509_CRL_type(ptr)))
+#define sk_X509_CRL_push(sk, ptr) OPENSSL_sk_push(ossl_check_X509_CRL_sk_type(sk), ossl_check_X509_CRL_type(ptr))
+#define sk_X509_CRL_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_X509_CRL_sk_type(sk), ossl_check_X509_CRL_type(ptr))
+#define sk_X509_CRL_pop(sk) ((X509_CRL *)OPENSSL_sk_pop(ossl_check_X509_CRL_sk_type(sk)))
+#define sk_X509_CRL_shift(sk) ((X509_CRL *)OPENSSL_sk_shift(ossl_check_X509_CRL_sk_type(sk)))
+#define sk_X509_CRL_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_X509_CRL_sk_type(sk),ossl_check_X509_CRL_freefunc_type(freefunc))
+#define sk_X509_CRL_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_X509_CRL_sk_type(sk), ossl_check_X509_CRL_type(ptr), (idx))
+#define sk_X509_CRL_set(sk, idx, ptr) ((X509_CRL *)OPENSSL_sk_set(ossl_check_X509_CRL_sk_type(sk), (idx), ossl_check_X509_CRL_type(ptr)))
+#define sk_X509_CRL_find(sk, ptr) OPENSSL_sk_find(ossl_check_X509_CRL_sk_type(sk), ossl_check_X509_CRL_type(ptr))
+#define sk_X509_CRL_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_X509_CRL_sk_type(sk), ossl_check_X509_CRL_type(ptr))
+#define sk_X509_CRL_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_X509_CRL_sk_type(sk), ossl_check_X509_CRL_type(ptr), pnum)
+#define sk_X509_CRL_sort(sk) OPENSSL_sk_sort(ossl_check_X509_CRL_sk_type(sk))
+#define sk_X509_CRL_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_X509_CRL_sk_type(sk))
+#define sk_X509_CRL_dup(sk) ((STACK_OF(X509_CRL) *)OPENSSL_sk_dup(ossl_check_const_X509_CRL_sk_type(sk)))
+#define sk_X509_CRL_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(X509_CRL) *)OPENSSL_sk_deep_copy(ossl_check_const_X509_CRL_sk_type(sk), ossl_check_X509_CRL_copyfunc_type(copyfunc), ossl_check_X509_CRL_freefunc_type(freefunc)))
+#define sk_X509_CRL_set_cmp_func(sk, cmp) ((sk_X509_CRL_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_X509_CRL_sk_type(sk), ossl_check_X509_CRL_compfunc_type(cmp)))
+
/* Flags for X509_get_signature_info() */
/* Signature info is valid */
@@ -82,67 +188,99 @@ typedef struct X509_val_st {
typedef struct X509_sig_st X509_SIG;
typedef struct X509_name_entry_st X509_NAME_ENTRY;
-DEFINE_OR_DECLARE_STACK_OF(X509_NAME_ENTRY)
+
+SKM_DEFINE_STACK_OF_INTERNAL(X509_NAME_ENTRY, X509_NAME_ENTRY, X509_NAME_ENTRY)
+#define sk_X509_NAME_ENTRY_num(sk) OPENSSL_sk_num(ossl_check_const_X509_NAME_ENTRY_sk_type(sk))
+#define sk_X509_NAME_ENTRY_value(sk, idx) ((X509_NAME_ENTRY *)OPENSSL_sk_value(ossl_check_const_X509_NAME_ENTRY_sk_type(sk), (idx)))
+#define sk_X509_NAME_ENTRY_new(cmp) ((STACK_OF(X509_NAME_ENTRY) *)OPENSSL_sk_new(ossl_check_X509_NAME_ENTRY_compfunc_type(cmp)))
+#define sk_X509_NAME_ENTRY_new_null() ((STACK_OF(X509_NAME_ENTRY) *)OPENSSL_sk_new_null())
+#define sk_X509_NAME_ENTRY_new_reserve(cmp, n) ((STACK_OF(X509_NAME_ENTRY) *)OPENSSL_sk_new_reserve(ossl_check_X509_NAME_ENTRY_compfunc_type(cmp), (n)))
+#define sk_X509_NAME_ENTRY_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_X509_NAME_ENTRY_sk_type(sk), (n))
+#define sk_X509_NAME_ENTRY_free(sk) OPENSSL_sk_free(ossl_check_X509_NAME_ENTRY_sk_type(sk))
+#define sk_X509_NAME_ENTRY_zero(sk) OPENSSL_sk_zero(ossl_check_X509_NAME_ENTRY_sk_type(sk))
+#define sk_X509_NAME_ENTRY_delete(sk, i) ((X509_NAME_ENTRY *)OPENSSL_sk_delete(ossl_check_X509_NAME_ENTRY_sk_type(sk), (i)))
+#define sk_X509_NAME_ENTRY_delete_ptr(sk, ptr) ((X509_NAME_ENTRY *)OPENSSL_sk_delete_ptr(ossl_check_X509_NAME_ENTRY_sk_type(sk), ossl_check_X509_NAME_ENTRY_type(ptr)))
+#define sk_X509_NAME_ENTRY_push(sk, ptr) OPENSSL_sk_push(ossl_check_X509_NAME_ENTRY_sk_type(sk), ossl_check_X509_NAME_ENTRY_type(ptr))
+#define sk_X509_NAME_ENTRY_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_X509_NAME_ENTRY_sk_type(sk), ossl_check_X509_NAME_ENTRY_type(ptr))
+#define sk_X509_NAME_ENTRY_pop(sk) ((X509_NAME_ENTRY *)OPENSSL_sk_pop(ossl_check_X509_NAME_ENTRY_sk_type(sk)))
+#define sk_X509_NAME_ENTRY_shift(sk) ((X509_NAME_ENTRY *)OPENSSL_sk_shift(ossl_check_X509_NAME_ENTRY_sk_type(sk)))
+#define sk_X509_NAME_ENTRY_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_X509_NAME_ENTRY_sk_type(sk),ossl_check_X509_NAME_ENTRY_freefunc_type(freefunc))
+#define sk_X509_NAME_ENTRY_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_X509_NAME_ENTRY_sk_type(sk), ossl_check_X509_NAME_ENTRY_type(ptr), (idx))
+#define sk_X509_NAME_ENTRY_set(sk, idx, ptr) ((X509_NAME_ENTRY *)OPENSSL_sk_set(ossl_check_X509_NAME_ENTRY_sk_type(sk), (idx), ossl_check_X509_NAME_ENTRY_type(ptr)))
+#define sk_X509_NAME_ENTRY_find(sk, ptr) OPENSSL_sk_find(ossl_check_X509_NAME_ENTRY_sk_type(sk), ossl_check_X509_NAME_ENTRY_type(ptr))
+#define sk_X509_NAME_ENTRY_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_X509_NAME_ENTRY_sk_type(sk), ossl_check_X509_NAME_ENTRY_type(ptr))
+#define sk_X509_NAME_ENTRY_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_X509_NAME_ENTRY_sk_type(sk), ossl_check_X509_NAME_ENTRY_type(ptr), pnum)
+#define sk_X509_NAME_ENTRY_sort(sk) OPENSSL_sk_sort(ossl_check_X509_NAME_ENTRY_sk_type(sk))
+#define sk_X509_NAME_ENTRY_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_X509_NAME_ENTRY_sk_type(sk))
+#define sk_X509_NAME_ENTRY_dup(sk) ((STACK_OF(X509_NAME_ENTRY) *)OPENSSL_sk_dup(ossl_check_const_X509_NAME_ENTRY_sk_type(sk)))
+#define sk_X509_NAME_ENTRY_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(X509_NAME_ENTRY) *)OPENSSL_sk_deep_copy(ossl_check_const_X509_NAME_ENTRY_sk_type(sk), ossl_check_X509_NAME_ENTRY_copyfunc_type(copyfunc), ossl_check_X509_NAME_ENTRY_freefunc_type(freefunc)))
+#define sk_X509_NAME_ENTRY_set_cmp_func(sk, cmp) ((sk_X509_NAME_ENTRY_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_X509_NAME_ENTRY_sk_type(sk), ossl_check_X509_NAME_ENTRY_compfunc_type(cmp)))
# define X509_EX_V_NETSCAPE_HACK 0x8000
# define X509_EX_V_INIT 0x0001
typedef struct X509_extension_st X509_EXTENSION;
-DEFINE_OR_DECLARE_STACK_OF(X509_EXTENSION)
+SKM_DEFINE_STACK_OF_INTERNAL(X509_EXTENSION, X509_EXTENSION, X509_EXTENSION)
+#define sk_X509_EXTENSION_num(sk) OPENSSL_sk_num(ossl_check_const_X509_EXTENSION_sk_type(sk))
+#define sk_X509_EXTENSION_value(sk, idx) ((X509_EXTENSION *)OPENSSL_sk_value(ossl_check_const_X509_EXTENSION_sk_type(sk), (idx)))
+#define sk_X509_EXTENSION_new(cmp) ((STACK_OF(X509_EXTENSION) *)OPENSSL_sk_new(ossl_check_X509_EXTENSION_compfunc_type(cmp)))
+#define sk_X509_EXTENSION_new_null() ((STACK_OF(X509_EXTENSION) *)OPENSSL_sk_new_null())
+#define sk_X509_EXTENSION_new_reserve(cmp, n) ((STACK_OF(X509_EXTENSION) *)OPENSSL_sk_new_reserve(ossl_check_X509_EXTENSION_compfunc_type(cmp), (n)))
+#define sk_X509_EXTENSION_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_X509_EXTENSION_sk_type(sk), (n))
+#define sk_X509_EXTENSION_free(sk) OPENSSL_sk_free(ossl_check_X509_EXTENSION_sk_type(sk))
+#define sk_X509_EXTENSION_zero(sk) OPENSSL_sk_zero(ossl_check_X509_EXTENSION_sk_type(sk))
+#define sk_X509_EXTENSION_delete(sk, i) ((X509_EXTENSION *)OPENSSL_sk_delete(ossl_check_X509_EXTENSION_sk_type(sk), (i)))
+#define sk_X509_EXTENSION_delete_ptr(sk, ptr) ((X509_EXTENSION *)OPENSSL_sk_delete_ptr(ossl_check_X509_EXTENSION_sk_type(sk), ossl_check_X509_EXTENSION_type(ptr)))
+#define sk_X509_EXTENSION_push(sk, ptr) OPENSSL_sk_push(ossl_check_X509_EXTENSION_sk_type(sk), ossl_check_X509_EXTENSION_type(ptr))
+#define sk_X509_EXTENSION_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_X509_EXTENSION_sk_type(sk), ossl_check_X509_EXTENSION_type(ptr))
+#define sk_X509_EXTENSION_pop(sk) ((X509_EXTENSION *)OPENSSL_sk_pop(ossl_check_X509_EXTENSION_sk_type(sk)))
+#define sk_X509_EXTENSION_shift(sk) ((X509_EXTENSION *)OPENSSL_sk_shift(ossl_check_X509_EXTENSION_sk_type(sk)))
+#define sk_X509_EXTENSION_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_X509_EXTENSION_sk_type(sk),ossl_check_X509_EXTENSION_freefunc_type(freefunc))
+#define sk_X509_EXTENSION_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_X509_EXTENSION_sk_type(sk), ossl_check_X509_EXTENSION_type(ptr), (idx))
+#define sk_X509_EXTENSION_set(sk, idx, ptr) ((X509_EXTENSION *)OPENSSL_sk_set(ossl_check_X509_EXTENSION_sk_type(sk), (idx), ossl_check_X509_EXTENSION_type(ptr)))
+#define sk_X509_EXTENSION_find(sk, ptr) OPENSSL_sk_find(ossl_check_X509_EXTENSION_sk_type(sk), ossl_check_X509_EXTENSION_type(ptr))
+#define sk_X509_EXTENSION_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_X509_EXTENSION_sk_type(sk), ossl_check_X509_EXTENSION_type(ptr))
+#define sk_X509_EXTENSION_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_X509_EXTENSION_sk_type(sk), ossl_check_X509_EXTENSION_type(ptr), pnum)
+#define sk_X509_EXTENSION_sort(sk) OPENSSL_sk_sort(ossl_check_X509_EXTENSION_sk_type(sk))
+#define sk_X509_EXTENSION_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_X509_EXTENSION_sk_type(sk))
+#define sk_X509_EXTENSION_dup(sk) ((STACK_OF(X509_EXTENSION) *)OPENSSL_sk_dup(ossl_check_const_X509_EXTENSION_sk_type(sk)))
+#define sk_X509_EXTENSION_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(X509_EXTENSION) *)OPENSSL_sk_deep_copy(ossl_check_const_X509_EXTENSION_sk_type(sk), ossl_check_X509_EXTENSION_copyfunc_type(copyfunc), ossl_check_X509_EXTENSION_freefunc_type(freefunc)))
+#define sk_X509_EXTENSION_set_cmp_func(sk, cmp) ((sk_X509_EXTENSION_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_X509_EXTENSION_sk_type(sk), ossl_check_X509_EXTENSION_compfunc_type(cmp)))
+
typedef STACK_OF(X509_EXTENSION) X509_EXTENSIONS;
typedef struct x509_attributes_st X509_ATTRIBUTE;
-DEFINE_OR_DECLARE_STACK_OF(X509_ATTRIBUTE)
+SKM_DEFINE_STACK_OF_INTERNAL(X509_ATTRIBUTE, X509_ATTRIBUTE, X509_ATTRIBUTE)
+#define sk_X509_ATTRIBUTE_num(sk) OPENSSL_sk_num(ossl_check_const_X509_ATTRIBUTE_sk_type(sk))
+#define sk_X509_ATTRIBUTE_value(sk, idx) ((X509_ATTRIBUTE *)OPENSSL_sk_value(ossl_check_const_X509_ATTRIBUTE_sk_type(sk), (idx)))
+#define sk_X509_ATTRIBUTE_new(cmp) ((STACK_OF(X509_ATTRIBUTE) *)OPENSSL_sk_new(ossl_check_X509_ATTRIBUTE_compfunc_type(cmp)))
+#define sk_X509_ATTRIBUTE_new_null() ((STACK_OF(X509_ATTRIBUTE) *)OPENSSL_sk_new_null())
+#define sk_X509_ATTRIBUTE_new_reserve(cmp, n) ((STACK_OF(X509_ATTRIBUTE) *)OPENSSL_sk_new_reserve(ossl_check_X509_ATTRIBUTE_compfunc_type(cmp), (n)))
+#define sk_X509_ATTRIBUTE_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_X509_ATTRIBUTE_sk_type(sk), (n))
+#define sk_X509_ATTRIBUTE_free(sk) OPENSSL_sk_free(ossl_check_X509_ATTRIBUTE_sk_type(sk))
+#define sk_X509_ATTRIBUTE_zero(sk) OPENSSL_sk_zero(ossl_check_X509_ATTRIBUTE_sk_type(sk))
+#define sk_X509_ATTRIBUTE_delete(sk, i) ((X509_ATTRIBUTE *)OPENSSL_sk_delete(ossl_check_X509_ATTRIBUTE_sk_type(sk), (i)))
+#define sk_X509_ATTRIBUTE_delete_ptr(sk, ptr) ((X509_ATTRIBUTE *)OPENSSL_sk_delete_ptr(ossl_check_X509_ATTRIBUTE_sk_type(sk), ossl_check_X509_ATTRIBUTE_type(ptr)))
+#define sk_X509_ATTRIBUTE_push(sk, ptr) OPENSSL_sk_push(ossl_check_X509_ATTRIBUTE_sk_type(sk), ossl_check_X509_ATTRIBUTE_type(ptr))
+#define sk_X509_ATTRIBUTE_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_X509_ATTRIBUTE_sk_type(sk), ossl_check_X509_ATTRIBUTE_type(ptr))
+#define sk_X509_ATTRIBUTE_pop(sk) ((X509_ATTRIBUTE *)OPENSSL_sk_pop(ossl_check_X509_ATTRIBUTE_sk_type(sk)))
+#define sk_X509_ATTRIBUTE_shift(sk) ((X509_ATTRIBUTE *)OPENSSL_sk_shift(ossl_check_X509_ATTRIBUTE_sk_type(sk)))
+#define sk_X509_ATTRIBUTE_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_X509_ATTRIBUTE_sk_type(sk),ossl_check_X509_ATTRIBUTE_freefunc_type(freefunc))
+#define sk_X509_ATTRIBUTE_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_X509_ATTRIBUTE_sk_type(sk), ossl_check_X509_ATTRIBUTE_type(ptr), (idx))
+#define sk_X509_ATTRIBUTE_set(sk, idx, ptr) ((X509_ATTRIBUTE *)OPENSSL_sk_set(ossl_check_X509_ATTRIBUTE_sk_type(sk), (idx), ossl_check_X509_ATTRIBUTE_type(ptr)))
+#define sk_X509_ATTRIBUTE_find(sk, ptr) OPENSSL_sk_find(ossl_check_X509_ATTRIBUTE_sk_type(sk), ossl_check_X509_ATTRIBUTE_type(ptr))
+#define sk_X509_ATTRIBUTE_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_X509_ATTRIBUTE_sk_type(sk), ossl_check_X509_ATTRIBUTE_type(ptr))
+#define sk_X509_ATTRIBUTE_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_X509_ATTRIBUTE_sk_type(sk), ossl_check_X509_ATTRIBUTE_type(ptr), pnum)
+#define sk_X509_ATTRIBUTE_sort(sk) OPENSSL_sk_sort(ossl_check_X509_ATTRIBUTE_sk_type(sk))
+#define sk_X509_ATTRIBUTE_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_X509_ATTRIBUTE_sk_type(sk))
+#define sk_X509_ATTRIBUTE_dup(sk) ((STACK_OF(X509_ATTRIBUTE) *)OPENSSL_sk_dup(ossl_check_const_X509_ATTRIBUTE_sk_type(sk)))
+#define sk_X509_ATTRIBUTE_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(X509_ATTRIBUTE) *)OPENSSL_sk_deep_copy(ossl_check_const_X509_ATTRIBUTE_sk_type(sk), ossl_check_X509_ATTRIBUTE_copyfunc_type(copyfunc), ossl_check_X509_ATTRIBUTE_freefunc_type(freefunc)))
+#define sk_X509_ATTRIBUTE_set_cmp_func(sk, cmp) ((sk_X509_ATTRIBUTE_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_X509_ATTRIBUTE_sk_type(sk), ossl_check_X509_ATTRIBUTE_compfunc_type(cmp)))
+
typedef struct X509_req_info_st X509_REQ_INFO;
typedef struct X509_req_st X509_REQ;
typedef struct x509_cert_aux_st X509_CERT_AUX;
typedef struct x509_cinf_st X509_CINF;
-/* This is used for a table of trust checking functions */
-
-typedef struct x509_trust_st {
- int trust;
- int flags;
- int (*check_trust) (struct x509_trust_st *, X509 *, int);
- char *name;
- int arg1;
- void *arg2;
-} X509_TRUST;
-DEFINE_OR_DECLARE_STACK_OF(X509_TRUST)
-
-
-/* standard trust ids */
-
-# define X509_TRUST_DEFAULT 0 /* Only valid in purpose settings */
-
-# define X509_TRUST_COMPAT 1
-# define X509_TRUST_SSL_CLIENT 2
-# define X509_TRUST_SSL_SERVER 3
-# define X509_TRUST_EMAIL 4
-# define X509_TRUST_OBJECT_SIGN 5
-# define X509_TRUST_OCSP_SIGN 6
-# define X509_TRUST_OCSP_REQUEST 7
-# define X509_TRUST_TSA 8
-
-/* Keep these up to date! */
-# define X509_TRUST_MIN 1
-# define X509_TRUST_MAX 8
-
-/* trust_flags values */
-# define X509_TRUST_DYNAMIC (1U << 0)
-# define X509_TRUST_DYNAMIC_NAME (1U << 1)
-/* No compat trust if self-signed, preempts "DO_SS" */
-# define X509_TRUST_NO_SS_COMPAT (1U << 2)
-/* Compat trust if no explicit accepted trust EKUs */
-# define X509_TRUST_DO_SS_COMPAT (1U << 3)
-/* Accept "anyEKU" as a wildcard trust OID */
-# define X509_TRUST_OK_ANY_EKU (1U << 4)
-
-/* check_trust return codes */
-
-# define X509_TRUST_TRUSTED 1
-# define X509_TRUST_REJECTED 2
-# define X509_TRUST_UNTRUSTED 3
-
/* Flags for X509_print_ex() */
# define X509_FLAG_COMPAT 0
@@ -159,6 +297,7 @@ DEFINE_OR_DECLARE_STACK_OF(X509_TRUST)
# define X509_FLAG_NO_AUX (1L << 10)
# define X509_FLAG_NO_ATTRIBUTES (1L << 11)
# define X509_FLAG_NO_IDS (1L << 12)
+# define X509_FLAG_EXTENSIONS_ONLY_KID (1L << 13)
/* Flags specific to X509_NAME_print_ex() */
@@ -245,7 +384,33 @@ typedef struct X509_info_st {
int enc_len;
char *enc_data;
} X509_INFO;
-DEFINE_OR_DECLARE_STACK_OF(X509_INFO)
+SKM_DEFINE_STACK_OF_INTERNAL(X509_INFO, X509_INFO, X509_INFO)
+#define sk_X509_INFO_num(sk) OPENSSL_sk_num(ossl_check_const_X509_INFO_sk_type(sk))
+#define sk_X509_INFO_value(sk, idx) ((X509_INFO *)OPENSSL_sk_value(ossl_check_const_X509_INFO_sk_type(sk), (idx)))
+#define sk_X509_INFO_new(cmp) ((STACK_OF(X509_INFO) *)OPENSSL_sk_new(ossl_check_X509_INFO_compfunc_type(cmp)))
+#define sk_X509_INFO_new_null() ((STACK_OF(X509_INFO) *)OPENSSL_sk_new_null())
+#define sk_X509_INFO_new_reserve(cmp, n) ((STACK_OF(X509_INFO) *)OPENSSL_sk_new_reserve(ossl_check_X509_INFO_compfunc_type(cmp), (n)))
+#define sk_X509_INFO_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_X509_INFO_sk_type(sk), (n))
+#define sk_X509_INFO_free(sk) OPENSSL_sk_free(ossl_check_X509_INFO_sk_type(sk))
+#define sk_X509_INFO_zero(sk) OPENSSL_sk_zero(ossl_check_X509_INFO_sk_type(sk))
+#define sk_X509_INFO_delete(sk, i) ((X509_INFO *)OPENSSL_sk_delete(ossl_check_X509_INFO_sk_type(sk), (i)))
+#define sk_X509_INFO_delete_ptr(sk, ptr) ((X509_INFO *)OPENSSL_sk_delete_ptr(ossl_check_X509_INFO_sk_type(sk), ossl_check_X509_INFO_type(ptr)))
+#define sk_X509_INFO_push(sk, ptr) OPENSSL_sk_push(ossl_check_X509_INFO_sk_type(sk), ossl_check_X509_INFO_type(ptr))
+#define sk_X509_INFO_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_X509_INFO_sk_type(sk), ossl_check_X509_INFO_type(ptr))
+#define sk_X509_INFO_pop(sk) ((X509_INFO *)OPENSSL_sk_pop(ossl_check_X509_INFO_sk_type(sk)))
+#define sk_X509_INFO_shift(sk) ((X509_INFO *)OPENSSL_sk_shift(ossl_check_X509_INFO_sk_type(sk)))
+#define sk_X509_INFO_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_X509_INFO_sk_type(sk),ossl_check_X509_INFO_freefunc_type(freefunc))
+#define sk_X509_INFO_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_X509_INFO_sk_type(sk), ossl_check_X509_INFO_type(ptr), (idx))
+#define sk_X509_INFO_set(sk, idx, ptr) ((X509_INFO *)OPENSSL_sk_set(ossl_check_X509_INFO_sk_type(sk), (idx), ossl_check_X509_INFO_type(ptr)))
+#define sk_X509_INFO_find(sk, ptr) OPENSSL_sk_find(ossl_check_X509_INFO_sk_type(sk), ossl_check_X509_INFO_type(ptr))
+#define sk_X509_INFO_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_X509_INFO_sk_type(sk), ossl_check_X509_INFO_type(ptr))
+#define sk_X509_INFO_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_X509_INFO_sk_type(sk), ossl_check_X509_INFO_type(ptr), pnum)
+#define sk_X509_INFO_sort(sk) OPENSSL_sk_sort(ossl_check_X509_INFO_sk_type(sk))
+#define sk_X509_INFO_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_X509_INFO_sk_type(sk))
+#define sk_X509_INFO_dup(sk) ((STACK_OF(X509_INFO) *)OPENSSL_sk_dup(ossl_check_const_X509_INFO_sk_type(sk)))
+#define sk_X509_INFO_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(X509_INFO) *)OPENSSL_sk_deep_copy(ossl_check_const_X509_INFO_sk_type(sk), ossl_check_X509_INFO_copyfunc_type(copyfunc), ossl_check_X509_INFO_freefunc_type(freefunc)))
+#define sk_X509_INFO_set_cmp_func(sk, cmp) ((sk_X509_INFO_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_X509_INFO_sk_type(sk), ossl_check_X509_INFO_compfunc_type(cmp)))
+
/*
* The next 2 structures and their 8 routines are used to manipulate Netscape's
@@ -343,10 +508,10 @@ void *X509_CRL_get_meth_data(X509_CRL *crl);
const char *X509_verify_cert_error_string(long n);
-int X509_verify_ex(X509 *a, EVP_PKEY *r, OPENSSL_CTX *libctx, const char *propq);
int X509_verify(X509 *a, EVP_PKEY *r);
+int X509_self_signed(X509 *cert, int verify_signature);
-int X509_REQ_verify_ex(X509_REQ *a, EVP_PKEY *r, OPENSSL_CTX *libctx,
+int X509_REQ_verify_ex(X509_REQ *a, EVP_PKEY *r, OSSL_LIB_CTX *libctx,
const char *propq);
int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r);
int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r);
@@ -375,7 +540,8 @@ int X509_pubkey_digest(const X509 *data, const EVP_MD *type,
unsigned char *md, unsigned int *len);
int X509_digest(const X509 *data, const EVP_MD *type,
unsigned char *md, unsigned int *len);
-ASN1_OCTET_STRING *X509_digest_sig(const X509 *cert);
+ASN1_OCTET_STRING *X509_digest_sig(const X509 *cert,
+ EVP_MD **md_used, int *md_is_fallback);
int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type,
unsigned char *md, unsigned int *len);
int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type,
@@ -383,11 +549,14 @@ int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type,
int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type,
unsigned char *md, unsigned int *len);
-# if !defined(OPENSSL_NO_SOCK)
X509 *X509_load_http(const char *url, BIO *bio, BIO *rbio, int timeout);
-# define X509_http_nbio(url) X509_load_http(url, NULL, NULL, 0)
X509_CRL *X509_CRL_load_http(const char *url, BIO *bio, BIO *rbio, int timeout);
-# define X509_CRL_http_nbio(url) X509_CRL_load_http(url, NULL, NULL, 0)
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# include <openssl/ocsp.h> /* OCSP_REQ_CTX_nbio_d2i */
+# define X509_http_nbio(rctx, pcert) \
+ OCSP_REQ_CTX_nbio_d2i(rctx, pcert, ASN1_ITEM_rptr(X509))
+# define X509_CRL_http_nbio(rctx, pcrl) \
+ OCSP_REQ_CTX_nbio_d2i(rctx, pcrl, ASN1_ITEM_rptr(X509_CRL))
# endif
# ifndef OPENSSL_NO_STDIO
@@ -397,26 +566,30 @@ X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl);
int i2d_X509_CRL_fp(FILE *fp, const X509_CRL *crl);
X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req);
int i2d_X509_REQ_fp(FILE *fp, const X509_REQ *req);
-# ifndef OPENSSL_NO_RSA
-RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa);
-int i2d_RSAPrivateKey_fp(FILE *fp, const RSA *rsa);
-RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa);
-int i2d_RSAPublicKey_fp(FILE *fp, const RSA *rsa);
-RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa);
-int i2d_RSA_PUBKEY_fp(FILE *fp, const RSA *rsa);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa);
+OSSL_DEPRECATEDIN_3_0 int i2d_RSAPrivateKey_fp(FILE *fp, const RSA *rsa);
+OSSL_DEPRECATEDIN_3_0 RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa);
+OSSL_DEPRECATEDIN_3_0 int i2d_RSAPublicKey_fp(FILE *fp, const RSA *rsa);
+OSSL_DEPRECATEDIN_3_0 RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa);
+OSSL_DEPRECATEDIN_3_0 int i2d_RSA_PUBKEY_fp(FILE *fp, const RSA *rsa);
# endif
-# ifndef OPENSSL_NO_DSA
-DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa);
-int i2d_DSA_PUBKEY_fp(FILE *fp, const DSA *dsa);
-DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa);
-int i2d_DSAPrivateKey_fp(FILE *fp, const DSA *dsa);
-# endif
-# ifndef OPENSSL_NO_EC
-EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey);
-int i2d_EC_PUBKEY_fp(FILE *fp, const EC_KEY *eckey);
-EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey);
-int i2d_ECPrivateKey_fp(FILE *fp, const EC_KEY *eckey);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# ifndef OPENSSL_NO_DSA
+OSSL_DEPRECATEDIN_3_0 DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa);
+OSSL_DEPRECATEDIN_3_0 int i2d_DSA_PUBKEY_fp(FILE *fp, const DSA *dsa);
+OSSL_DEPRECATEDIN_3_0 DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa);
+OSSL_DEPRECATEDIN_3_0 int i2d_DSAPrivateKey_fp(FILE *fp, const DSA *dsa);
+# endif
# endif
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# ifndef OPENSSL_NO_EC
+OSSL_DEPRECATEDIN_3_0 EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey);
+OSSL_DEPRECATEDIN_3_0 int i2d_EC_PUBKEY_fp(FILE *fp, const EC_KEY *eckey);
+OSSL_DEPRECATEDIN_3_0 EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey);
+OSSL_DEPRECATEDIN_3_0 int i2d_ECPrivateKey_fp(FILE *fp, const EC_KEY *eckey);
+# endif /* OPENSSL_NO_EC */
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8);
int i2d_PKCS8_fp(FILE *fp, const X509_SIG *p8);
X509_PUBKEY *d2i_X509_PUBKEY_fp(FILE *fp, X509_PUBKEY **xpk);
@@ -426,7 +599,7 @@ PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, const PKCS8_PRIV_KEY_INFO *p8inf);
int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, const EVP_PKEY *key);
int i2d_PrivateKey_fp(FILE *fp, const EVP_PKEY *pkey);
-EVP_PKEY *d2i_PrivateKey_ex_fp(FILE *fp, EVP_PKEY **a, OPENSSL_CTX *libctx,
+EVP_PKEY *d2i_PrivateKey_ex_fp(FILE *fp, EVP_PKEY **a, OSSL_LIB_CTX *libctx,
const char *propq);
EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a);
int i2d_PUBKEY_fp(FILE *fp, const EVP_PKEY *pkey);
@@ -439,26 +612,32 @@ X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl);
int i2d_X509_CRL_bio(BIO *bp, const X509_CRL *crl);
X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req);
int i2d_X509_REQ_bio(BIO *bp, const X509_REQ *req);
-# ifndef OPENSSL_NO_RSA
-RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa);
-int i2d_RSAPrivateKey_bio(BIO *bp, const RSA *rsa);
-RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa);
-int i2d_RSAPublicKey_bio(BIO *bp, const RSA *rsa);
-RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa);
-int i2d_RSA_PUBKEY_bio(BIO *bp, const RSA *rsa);
-# endif
-# ifndef OPENSSL_NO_DSA
-DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa);
-int i2d_DSA_PUBKEY_bio(BIO *bp, const DSA *dsa);
-DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa);
-int i2d_DSAPrivateKey_bio(BIO *bp, const DSA *dsa);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0 RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa);
+OSSL_DEPRECATEDIN_3_0 int i2d_RSAPrivateKey_bio(BIO *bp, const RSA *rsa);
+OSSL_DEPRECATEDIN_3_0 RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa);
+OSSL_DEPRECATEDIN_3_0 int i2d_RSAPublicKey_bio(BIO *bp, const RSA *rsa);
+OSSL_DEPRECATEDIN_3_0 RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa);
+OSSL_DEPRECATEDIN_3_0 int i2d_RSA_PUBKEY_bio(BIO *bp, const RSA *rsa);
# endif
-# ifndef OPENSSL_NO_EC
-EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey);
-int i2d_EC_PUBKEY_bio(BIO *bp, const EC_KEY *eckey);
-EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey);
-int i2d_ECPrivateKey_bio(BIO *bp, const EC_KEY *eckey);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# ifndef OPENSSL_NO_DSA
+OSSL_DEPRECATEDIN_3_0 DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa);
+OSSL_DEPRECATEDIN_3_0 int i2d_DSA_PUBKEY_bio(BIO *bp, const DSA *dsa);
+OSSL_DEPRECATEDIN_3_0 DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa);
+OSSL_DEPRECATEDIN_3_0 int i2d_DSAPrivateKey_bio(BIO *bp, const DSA *dsa);
+# endif
# endif
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# ifndef OPENSSL_NO_EC
+OSSL_DEPRECATEDIN_3_0 EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey);
+OSSL_DEPRECATEDIN_3_0 int i2d_EC_PUBKEY_bio(BIO *bp, const EC_KEY *eckey);
+OSSL_DEPRECATEDIN_3_0 EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey);
+OSSL_DEPRECATEDIN_3_0 int i2d_ECPrivateKey_bio(BIO *bp, const EC_KEY *eckey);
+# endif /* OPENSSL_NO_EC */
+# endif /* OPENSSL_NO_DEPRECATED_3_0 */
+
X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8);
int i2d_PKCS8_bio(BIO *bp, const X509_SIG *p8);
X509_PUBKEY *d2i_X509_PUBKEY_bio(BIO *bp, X509_PUBKEY **xpk);
@@ -468,7 +647,7 @@ PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,
int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, const PKCS8_PRIV_KEY_INFO *p8inf);
int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, const EVP_PKEY *key);
int i2d_PrivateKey_bio(BIO *bp, const EVP_PKEY *pkey);
-EVP_PKEY *d2i_PrivateKey_ex_bio(BIO *bp, EVP_PKEY **a, OPENSSL_CTX *libctx,
+EVP_PKEY *d2i_PrivateKey_ex_bio(BIO *bp, EVP_PKEY **a, OSSL_LIB_CTX *libctx,
const char *propq);
EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a);
int i2d_PUBKEY_bio(BIO *bp, const EVP_PKEY *pkey);
@@ -518,20 +697,27 @@ DECLARE_ASN1_FUNCTIONS(X509_VAL)
DECLARE_ASN1_FUNCTIONS(X509_PUBKEY)
+X509_PUBKEY *X509_PUBKEY_new_ex(OSSL_LIB_CTX *libctx, const char *propq);
int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
EVP_PKEY *X509_PUBKEY_get0(const X509_PUBKEY *key);
EVP_PKEY *X509_PUBKEY_get(const X509_PUBKEY *key);
int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain);
long X509_get_pathlen(X509 *x);
DECLARE_ASN1_ENCODE_FUNCTIONS_only(EVP_PKEY, PUBKEY)
-# ifndef OPENSSL_NO_RSA
-DECLARE_ASN1_ENCODE_FUNCTIONS_only(RSA, RSA_PUBKEY)
+EVP_PKEY *d2i_PUBKEY_ex(EVP_PKEY **a, const unsigned char **pp, long length,
+ OSSL_LIB_CTX *libctx, const char *propq);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+DECLARE_ASN1_ENCODE_FUNCTIONS_only_attr(OSSL_DEPRECATEDIN_3_0,RSA, RSA_PUBKEY)
# endif
-# ifndef OPENSSL_NO_DSA
-DECLARE_ASN1_ENCODE_FUNCTIONS_only(DSA, DSA_PUBKEY)
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# ifndef OPENSSL_NO_DSA
+DECLARE_ASN1_ENCODE_FUNCTIONS_only_attr(OSSL_DEPRECATEDIN_3_0,DSA, DSA_PUBKEY)
+# endif
# endif
-# ifndef OPENSSL_NO_EC
-DECLARE_ASN1_ENCODE_FUNCTIONS_only(EC_KEY, EC_PUBKEY)
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# ifndef OPENSSL_NO_EC
+DECLARE_ASN1_ENCODE_FUNCTIONS_only_attr(OSSL_DEPRECATEDIN_3_0, EC_KEY, EC_PUBKEY)
+# endif
# endif
DECLARE_ASN1_FUNCTIONS(X509_SIG)
@@ -542,6 +728,7 @@ void X509_SIG_getm(X509_SIG *sig, X509_ALGOR **palg,
DECLARE_ASN1_FUNCTIONS(X509_REQ_INFO)
DECLARE_ASN1_FUNCTIONS(X509_REQ)
+X509_REQ *X509_REQ_new_ex(OSSL_LIB_CTX *libctx, const char *propq);
DECLARE_ASN1_FUNCTIONS(X509_ATTRIBUTE)
X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value);
@@ -557,6 +744,7 @@ int X509_NAME_set(X509_NAME **xn, const X509_NAME *name);
DECLARE_ASN1_FUNCTIONS(X509_CINF)
DECLARE_ASN1_FUNCTIONS(X509)
+X509 *X509_new_ex(OSSL_LIB_CTX *libctx, const char *propq);
DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX)
#define X509_get_ex_new_index(l, p, newf, dupf, freef) \
@@ -584,25 +772,15 @@ ASN1_OCTET_STRING *X509_get0_distinguishing_id(X509 *x);
void X509_REQ_set0_distinguishing_id(X509_REQ *x, ASN1_OCTET_STRING *d_id);
ASN1_OCTET_STRING *X509_REQ_get0_distinguishing_id(X509_REQ *x);
-int X509_trusted(const X509 *x);
int X509_alias_set1(X509 *x, const unsigned char *name, int len);
int X509_keyid_set1(X509 *x, const unsigned char *id, int len);
unsigned char *X509_alias_get0(X509 *x, int *len);
unsigned char *X509_keyid_get0(X509 *x, int *len);
-int (*X509_TRUST_set_default(int (*trust) (int, X509 *, int))) (int, X509 *,
- int);
-int X509_TRUST_set(int *t, int trust);
-int X509_add1_trust_object(X509 *x, const ASN1_OBJECT *obj);
-int X509_add1_reject_object(X509 *x, const ASN1_OBJECT *obj);
-void X509_trust_clear(X509 *x);
-void X509_reject_clear(X509 *x);
-
-STACK_OF(ASN1_OBJECT) *X509_get0_trust_objects(X509 *x);
-STACK_OF(ASN1_OBJECT) *X509_get0_reject_objects(X509 *x);
DECLARE_ASN1_FUNCTIONS(X509_REVOKED)
DECLARE_ASN1_FUNCTIONS(X509_CRL_INFO)
DECLARE_ASN1_FUNCTIONS(X509_CRL)
+X509_CRL *X509_CRL_new_ex(OSSL_LIB_CTX *libctx, const char *propq);
int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
int X509_CRL_get0_by_serial(X509_CRL *crl,
@@ -620,33 +798,36 @@ X509_INFO *X509_INFO_new(void);
void X509_INFO_free(X509_INFO *a);
char *X509_NAME_oneline(const X509_NAME *a, char *buf, int size);
-DEPRECATEDIN_3_0(int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *algor1,
- ASN1_BIT_STRING *signature, char *data,
- EVP_PKEY *pkey))
-
-DEPRECATEDIN_3_0(int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type,
- char *data,
- unsigned char *md, unsigned int *len))
-
-DEPRECATEDIN_3_0(int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1,
- X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
- char *data, EVP_PKEY *pkey, const EVP_MD *type))
-
+#ifndef OPENSSL_NO_DEPRECATED_3_0
+OSSL_DEPRECATEDIN_3_0
+int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *algor1,
+ ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey);
+OSSL_DEPRECATEDIN_3_0
+int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data,
+ unsigned char *md, unsigned int *len);
+OSSL_DEPRECATEDIN_3_0
+int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1, X509_ALGOR *algor2,
+ ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey,
+ const EVP_MD *type);
+#endif
int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *data,
unsigned char *md, unsigned int *len);
-
-int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *algor1,
- ASN1_BIT_STRING *signature, void *data, EVP_PKEY *pkey);
-int ASN1_item_verify_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1,
- ASN1_BIT_STRING *signature, void *data,
+int ASN1_item_verify(const ASN1_ITEM *it, const X509_ALGOR *alg,
+ const ASN1_BIT_STRING *signature, const void *data,
+ EVP_PKEY *pkey);
+int ASN1_item_verify_ctx(const ASN1_ITEM *it, const X509_ALGOR *alg,
+ const ASN1_BIT_STRING *signature, const void *data,
EVP_MD_CTX *ctx);
-
-int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1,
- X509_ALGOR *algor2, ASN1_BIT_STRING *signature, void *data,
- EVP_PKEY *pkey, const EVP_MD *type);
+int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
+ ASN1_BIT_STRING *signature, const void *data,
+ EVP_PKEY *pkey, const EVP_MD *md);
int ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1,
X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
- void *asn, EVP_MD_CTX *ctx);
+ const void *data, EVP_MD_CTX *ctx);
+
+#define X509_VERSION_1 0
+#define X509_VERSION_2 1
+#define X509_VERSION_3 2
long X509_get_version(const X509 *x);
int X509_set_version(X509 *x, long version);
@@ -654,9 +835,9 @@ int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial);
ASN1_INTEGER *X509_get_serialNumber(X509 *x);
const ASN1_INTEGER *X509_get0_serialNumber(const X509 *x);
int X509_set_issuer_name(X509 *x, const X509_NAME *name);
-X509_NAME *X509_get_issuer_name(const X509 *a); /* TODO change to get0_ */
+X509_NAME *X509_get_issuer_name(const X509 *a);
int X509_set_subject_name(X509 *x, const X509_NAME *name);
-X509_NAME *X509_get_subject_name(const X509 *a); /* TODO change to get0_ */
+X509_NAME *X509_get_subject_name(const X509 *a);
const ASN1_TIME * X509_get0_notBefore(const X509 *x);
ASN1_TIME *X509_getm_notBefore(const X509 *x);
int X509_set1_notBefore(X509 *x, const ASN1_TIME *tm);
@@ -688,11 +869,12 @@ const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x);
EVP_PKEY *X509_get0_pubkey(const X509 *x);
EVP_PKEY *X509_get_pubkey(X509 *x);
ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x);
-int X509_certificate_type(const X509 *x, const EVP_PKEY *pubkey);
+
+#define X509_REQ_VERSION_1 0
long X509_REQ_get_version(const X509_REQ *req);
int X509_REQ_set_version(X509_REQ *x, long version);
-X509_NAME *X509_REQ_get_subject_name(const X509_REQ *req); /* TODO change to get0_ */
+X509_NAME *X509_REQ_get_subject_name(const X509_REQ *req);
int X509_REQ_set_subject_name(X509_REQ *req, const X509_NAME *name);
void X509_REQ_get0_signature(const X509_REQ *req, const ASN1_BIT_STRING **psig,
const X509_ALGOR **palg);
@@ -708,9 +890,9 @@ int X509_REQ_extension_nid(int nid);
int *X509_REQ_get_extension_nids(void);
void X509_REQ_set_extension_nids(int *nids);
STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req);
-int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts,
- int nid);
-int X509_REQ_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts);
+int X509_REQ_add_extensions_nid(X509_REQ *req,
+ const STACK_OF(X509_EXTENSION) *exts, int nid);
+int X509_REQ_add_extensions(X509_REQ *req, const STACK_OF(X509_EXTENSION) *ext);
int X509_REQ_get_attr_count(const X509_REQ *req);
int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid, int lastpos);
int X509_REQ_get_attr_by_OBJ(const X509_REQ *req, const ASN1_OBJECT *obj,
@@ -728,6 +910,9 @@ int X509_REQ_add1_attr_by_txt(X509_REQ *req,
const char *attrname, int type,
const unsigned char *bytes, int len);
+#define X509_CRL_VERSION_1 0
+#define X509_CRL_VERSION_2 1
+
int X509_CRL_set_version(X509_CRL *x, long version);
int X509_CRL_set_issuer_name(X509_CRL *x, const X509_NAME *name);
int X509_CRL_set1_lastUpdate(X509_CRL *x, const ASN1_TIME *tm);
@@ -743,9 +928,11 @@ int X509_CRL_up_ref(X509_CRL *crl);
long X509_CRL_get_version(const X509_CRL *crl);
const ASN1_TIME *X509_CRL_get0_lastUpdate(const X509_CRL *crl);
const ASN1_TIME *X509_CRL_get0_nextUpdate(const X509_CRL *crl);
-DEPRECATEDIN_1_1_0(ASN1_TIME *X509_CRL_get_lastUpdate(X509_CRL *crl))
-DEPRECATEDIN_1_1_0(ASN1_TIME *X509_CRL_get_nextUpdate(X509_CRL *crl))
-X509_NAME *X509_CRL_get_issuer(const X509_CRL *crl); /* TODO change to get0_ */
+#ifndef OPENSSL_NO_DEPRECATED_1_1_0
+OSSL_DEPRECATEDIN_1_1_0 ASN1_TIME *X509_CRL_get_lastUpdate(X509_CRL *crl);
+OSSL_DEPRECATEDIN_1_1_0 ASN1_TIME *X509_CRL_get_nextUpdate(X509_CRL *crl);
+#endif
+X509_NAME *X509_CRL_get_issuer(const X509_CRL *crl);
const STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(const X509_CRL *crl);
STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl);
void X509_CRL_get0_signature(const X509_CRL *crl, const ASN1_BIT_STRING **psig,
@@ -786,9 +973,23 @@ unsigned long X509_issuer_name_hash_old(X509 *a);
unsigned long X509_subject_name_hash_old(X509 *x);
# endif
+# define X509_ADD_FLAG_DEFAULT 0
+# define X509_ADD_FLAG_UP_REF 0x1
+# define X509_ADD_FLAG_PREPEND 0x2
+# define X509_ADD_FLAG_NO_DUP 0x4
+# define X509_ADD_FLAG_NO_SS 0x8
+int X509_add_cert(STACK_OF(X509) *sk, X509 *cert, int flags);
+int X509_add_certs(STACK_OF(X509) *sk, STACK_OF(X509) *certs, int flags);
+
int X509_cmp(const X509 *a, const X509 *b);
int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b);
-unsigned long X509_NAME_hash(const X509_NAME *x);
+#ifndef OPENSSL_NO_DEPRECATED_3_0
+# define X509_NAME_hash(x) X509_NAME_hash_ex(x, NULL, NULL, NULL)
+OSSL_DEPRECATEDIN_3_0 int X509_certificate_type(const X509 *x,
+ const EVP_PKEY *pubkey);
+#endif
+unsigned long X509_NAME_hash_ex(const X509_NAME *x, OSSL_LIB_CTX *libctx,
+ const char *propq, int *ok);
unsigned long X509_NAME_hash_old(const X509_NAME *x);
int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b);
@@ -950,7 +1151,7 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE)
int type,
const unsigned char *bytes,
int len);
-void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x,
+void *X509at_get0_data_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *x,
const ASN1_OBJECT *obj, int lastpos, int type);
X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
int atrtype, const void *data,
@@ -989,8 +1190,6 @@ int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key,
const char *attrname, int type,
const unsigned char *bytes, int len);
-int X509_verify_cert(X509_STORE_CTX *ctx);
-
/* lookup a cert from a X509 STACK */
X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk, const X509_NAME *name,
const ASN1_INTEGER *serial);
@@ -1005,14 +1204,25 @@ DECLARE_ASN1_FUNCTIONS(SCRYPT_PARAMS)
int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,
const unsigned char *salt, int saltlen);
+int PKCS5_pbe_set0_algor_ex(X509_ALGOR *algor, int alg, int iter,
+ const unsigned char *salt, int saltlen,
+ OSSL_LIB_CTX *libctx);
X509_ALGOR *PKCS5_pbe_set(int alg, int iter,
const unsigned char *salt, int saltlen);
+X509_ALGOR *PKCS5_pbe_set_ex(int alg, int iter,
+ const unsigned char *salt, int saltlen,
+ OSSL_LIB_CTX *libctx);
+
X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
unsigned char *salt, int saltlen);
X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
unsigned char *salt, int saltlen,
unsigned char *aiv, int prf_nid);
+X509_ALGOR *PKCS5_pbe2_set_iv_ex(const EVP_CIPHER *cipher, int iter,
+ unsigned char *salt, int saltlen,
+ unsigned char *aiv, int prf_nid,
+ OSSL_LIB_CTX *libctx);
#ifndef OPENSSL_NO_SCRYPT
X509_ALGOR *PKCS5_pbe2_set_scrypt(const EVP_CIPHER *cipher,
@@ -1023,12 +1233,17 @@ X509_ALGOR *PKCS5_pbe2_set_scrypt(const EVP_CIPHER *cipher,
X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
int prf_nid, int keylen);
+X509_ALGOR *PKCS5_pbkdf2_set_ex(int iter, unsigned char *salt, int saltlen,
+ int prf_nid, int keylen,
+ OSSL_LIB_CTX *libctx);
/* PKCS#8 utilities */
DECLARE_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO)
EVP_PKEY *EVP_PKCS82PKEY(const PKCS8_PRIV_KEY_INFO *p8);
+EVP_PKEY *EVP_PKCS82PKEY_ex(const PKCS8_PRIV_KEY_INFO *p8, OSSL_LIB_CTX *libctx,
+ const char *propq);
PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(const EVP_PKEY *pkey);
int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj,
@@ -1055,17 +1270,6 @@ int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
X509_ALGOR **pa, const X509_PUBKEY *pub);
int X509_PUBKEY_eq(const X509_PUBKEY *a, const X509_PUBKEY *b);
-int X509_check_trust(X509 *x, int id, int flags);
-int X509_TRUST_get_count(void);
-X509_TRUST *X509_TRUST_get0(int idx);
-int X509_TRUST_get_by_id(int id);
-int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST *, X509 *, int),
- const char *name, int arg1, void *arg2);
-void X509_TRUST_cleanup(void);
-int X509_TRUST_get_flags(const X509_TRUST *xp);
-char *X509_TRUST_get0_name(const X509_TRUST *xp);
-int X509_TRUST_get_trust(const X509_TRUST *xp);
-
# ifdef __cplusplus
}
# endif
diff --git a/openssl/include/openssl/x509_vfy.h b/openssl/include/openssl/x509_vfy.h
index fc27c835..ac383380 100644..100755
--- a/openssl/include/openssl/x509_vfy.h
+++ b/openssl/include/openssl/x509_vfy.h
@@ -1,5 +1,8 @@
/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * WARNING: do not edit!
+ * Generated by makefile from include\openssl\x509_vfy.h.in
+ *
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -7,6 +10,8 @@
* https://www.openssl.org/source/license.html
*/
+
+
#ifndef OPENSSL_X509_VFY_H
# define OPENSSL_X509_VFY_H
# pragma once
@@ -60,9 +65,180 @@ typedef enum {
#define X509_LU_FAIL 0
#endif
-DEFINE_OR_DECLARE_STACK_OF(X509_LOOKUP)
-DEFINE_OR_DECLARE_STACK_OF(X509_OBJECT)
-DEFINE_OR_DECLARE_STACK_OF(X509_VERIFY_PARAM)
+SKM_DEFINE_STACK_OF_INTERNAL(X509_LOOKUP, X509_LOOKUP, X509_LOOKUP)
+#define sk_X509_LOOKUP_num(sk) OPENSSL_sk_num(ossl_check_const_X509_LOOKUP_sk_type(sk))
+#define sk_X509_LOOKUP_value(sk, idx) ((X509_LOOKUP *)OPENSSL_sk_value(ossl_check_const_X509_LOOKUP_sk_type(sk), (idx)))
+#define sk_X509_LOOKUP_new(cmp) ((STACK_OF(X509_LOOKUP) *)OPENSSL_sk_new(ossl_check_X509_LOOKUP_compfunc_type(cmp)))
+#define sk_X509_LOOKUP_new_null() ((STACK_OF(X509_LOOKUP) *)OPENSSL_sk_new_null())
+#define sk_X509_LOOKUP_new_reserve(cmp, n) ((STACK_OF(X509_LOOKUP) *)OPENSSL_sk_new_reserve(ossl_check_X509_LOOKUP_compfunc_type(cmp), (n)))
+#define sk_X509_LOOKUP_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_X509_LOOKUP_sk_type(sk), (n))
+#define sk_X509_LOOKUP_free(sk) OPENSSL_sk_free(ossl_check_X509_LOOKUP_sk_type(sk))
+#define sk_X509_LOOKUP_zero(sk) OPENSSL_sk_zero(ossl_check_X509_LOOKUP_sk_type(sk))
+#define sk_X509_LOOKUP_delete(sk, i) ((X509_LOOKUP *)OPENSSL_sk_delete(ossl_check_X509_LOOKUP_sk_type(sk), (i)))
+#define sk_X509_LOOKUP_delete_ptr(sk, ptr) ((X509_LOOKUP *)OPENSSL_sk_delete_ptr(ossl_check_X509_LOOKUP_sk_type(sk), ossl_check_X509_LOOKUP_type(ptr)))
+#define sk_X509_LOOKUP_push(sk, ptr) OPENSSL_sk_push(ossl_check_X509_LOOKUP_sk_type(sk), ossl_check_X509_LOOKUP_type(ptr))
+#define sk_X509_LOOKUP_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_X509_LOOKUP_sk_type(sk), ossl_check_X509_LOOKUP_type(ptr))
+#define sk_X509_LOOKUP_pop(sk) ((X509_LOOKUP *)OPENSSL_sk_pop(ossl_check_X509_LOOKUP_sk_type(sk)))
+#define sk_X509_LOOKUP_shift(sk) ((X509_LOOKUP *)OPENSSL_sk_shift(ossl_check_X509_LOOKUP_sk_type(sk)))
+#define sk_X509_LOOKUP_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_X509_LOOKUP_sk_type(sk),ossl_check_X509_LOOKUP_freefunc_type(freefunc))
+#define sk_X509_LOOKUP_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_X509_LOOKUP_sk_type(sk), ossl_check_X509_LOOKUP_type(ptr), (idx))
+#define sk_X509_LOOKUP_set(sk, idx, ptr) ((X509_LOOKUP *)OPENSSL_sk_set(ossl_check_X509_LOOKUP_sk_type(sk), (idx), ossl_check_X509_LOOKUP_type(ptr)))
+#define sk_X509_LOOKUP_find(sk, ptr) OPENSSL_sk_find(ossl_check_X509_LOOKUP_sk_type(sk), ossl_check_X509_LOOKUP_type(ptr))
+#define sk_X509_LOOKUP_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_X509_LOOKUP_sk_type(sk), ossl_check_X509_LOOKUP_type(ptr))
+#define sk_X509_LOOKUP_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_X509_LOOKUP_sk_type(sk), ossl_check_X509_LOOKUP_type(ptr), pnum)
+#define sk_X509_LOOKUP_sort(sk) OPENSSL_sk_sort(ossl_check_X509_LOOKUP_sk_type(sk))
+#define sk_X509_LOOKUP_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_X509_LOOKUP_sk_type(sk))
+#define sk_X509_LOOKUP_dup(sk) ((STACK_OF(X509_LOOKUP) *)OPENSSL_sk_dup(ossl_check_const_X509_LOOKUP_sk_type(sk)))
+#define sk_X509_LOOKUP_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(X509_LOOKUP) *)OPENSSL_sk_deep_copy(ossl_check_const_X509_LOOKUP_sk_type(sk), ossl_check_X509_LOOKUP_copyfunc_type(copyfunc), ossl_check_X509_LOOKUP_freefunc_type(freefunc)))
+#define sk_X509_LOOKUP_set_cmp_func(sk, cmp) ((sk_X509_LOOKUP_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_X509_LOOKUP_sk_type(sk), ossl_check_X509_LOOKUP_compfunc_type(cmp)))
+SKM_DEFINE_STACK_OF_INTERNAL(X509_OBJECT, X509_OBJECT, X509_OBJECT)
+#define sk_X509_OBJECT_num(sk) OPENSSL_sk_num(ossl_check_const_X509_OBJECT_sk_type(sk))
+#define sk_X509_OBJECT_value(sk, idx) ((X509_OBJECT *)OPENSSL_sk_value(ossl_check_const_X509_OBJECT_sk_type(sk), (idx)))
+#define sk_X509_OBJECT_new(cmp) ((STACK_OF(X509_OBJECT) *)OPENSSL_sk_new(ossl_check_X509_OBJECT_compfunc_type(cmp)))
+#define sk_X509_OBJECT_new_null() ((STACK_OF(X509_OBJECT) *)OPENSSL_sk_new_null())
+#define sk_X509_OBJECT_new_reserve(cmp, n) ((STACK_OF(X509_OBJECT) *)OPENSSL_sk_new_reserve(ossl_check_X509_OBJECT_compfunc_type(cmp), (n)))
+#define sk_X509_OBJECT_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_X509_OBJECT_sk_type(sk), (n))
+#define sk_X509_OBJECT_free(sk) OPENSSL_sk_free(ossl_check_X509_OBJECT_sk_type(sk))
+#define sk_X509_OBJECT_zero(sk) OPENSSL_sk_zero(ossl_check_X509_OBJECT_sk_type(sk))
+#define sk_X509_OBJECT_delete(sk, i) ((X509_OBJECT *)OPENSSL_sk_delete(ossl_check_X509_OBJECT_sk_type(sk), (i)))
+#define sk_X509_OBJECT_delete_ptr(sk, ptr) ((X509_OBJECT *)OPENSSL_sk_delete_ptr(ossl_check_X509_OBJECT_sk_type(sk), ossl_check_X509_OBJECT_type(ptr)))
+#define sk_X509_OBJECT_push(sk, ptr) OPENSSL_sk_push(ossl_check_X509_OBJECT_sk_type(sk), ossl_check_X509_OBJECT_type(ptr))
+#define sk_X509_OBJECT_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_X509_OBJECT_sk_type(sk), ossl_check_X509_OBJECT_type(ptr))
+#define sk_X509_OBJECT_pop(sk) ((X509_OBJECT *)OPENSSL_sk_pop(ossl_check_X509_OBJECT_sk_type(sk)))
+#define sk_X509_OBJECT_shift(sk) ((X509_OBJECT *)OPENSSL_sk_shift(ossl_check_X509_OBJECT_sk_type(sk)))
+#define sk_X509_OBJECT_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_X509_OBJECT_sk_type(sk),ossl_check_X509_OBJECT_freefunc_type(freefunc))
+#define sk_X509_OBJECT_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_X509_OBJECT_sk_type(sk), ossl_check_X509_OBJECT_type(ptr), (idx))
+#define sk_X509_OBJECT_set(sk, idx, ptr) ((X509_OBJECT *)OPENSSL_sk_set(ossl_check_X509_OBJECT_sk_type(sk), (idx), ossl_check_X509_OBJECT_type(ptr)))
+#define sk_X509_OBJECT_find(sk, ptr) OPENSSL_sk_find(ossl_check_X509_OBJECT_sk_type(sk), ossl_check_X509_OBJECT_type(ptr))
+#define sk_X509_OBJECT_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_X509_OBJECT_sk_type(sk), ossl_check_X509_OBJECT_type(ptr))
+#define sk_X509_OBJECT_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_X509_OBJECT_sk_type(sk), ossl_check_X509_OBJECT_type(ptr), pnum)
+#define sk_X509_OBJECT_sort(sk) OPENSSL_sk_sort(ossl_check_X509_OBJECT_sk_type(sk))
+#define sk_X509_OBJECT_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_X509_OBJECT_sk_type(sk))
+#define sk_X509_OBJECT_dup(sk) ((STACK_OF(X509_OBJECT) *)OPENSSL_sk_dup(ossl_check_const_X509_OBJECT_sk_type(sk)))
+#define sk_X509_OBJECT_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(X509_OBJECT) *)OPENSSL_sk_deep_copy(ossl_check_const_X509_OBJECT_sk_type(sk), ossl_check_X509_OBJECT_copyfunc_type(copyfunc), ossl_check_X509_OBJECT_freefunc_type(freefunc)))
+#define sk_X509_OBJECT_set_cmp_func(sk, cmp) ((sk_X509_OBJECT_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_X509_OBJECT_sk_type(sk), ossl_check_X509_OBJECT_compfunc_type(cmp)))
+SKM_DEFINE_STACK_OF_INTERNAL(X509_VERIFY_PARAM, X509_VERIFY_PARAM, X509_VERIFY_PARAM)
+#define sk_X509_VERIFY_PARAM_num(sk) OPENSSL_sk_num(ossl_check_const_X509_VERIFY_PARAM_sk_type(sk))
+#define sk_X509_VERIFY_PARAM_value(sk, idx) ((X509_VERIFY_PARAM *)OPENSSL_sk_value(ossl_check_const_X509_VERIFY_PARAM_sk_type(sk), (idx)))
+#define sk_X509_VERIFY_PARAM_new(cmp) ((STACK_OF(X509_VERIFY_PARAM) *)OPENSSL_sk_new(ossl_check_X509_VERIFY_PARAM_compfunc_type(cmp)))
+#define sk_X509_VERIFY_PARAM_new_null() ((STACK_OF(X509_VERIFY_PARAM) *)OPENSSL_sk_new_null())
+#define sk_X509_VERIFY_PARAM_new_reserve(cmp, n) ((STACK_OF(X509_VERIFY_PARAM) *)OPENSSL_sk_new_reserve(ossl_check_X509_VERIFY_PARAM_compfunc_type(cmp), (n)))
+#define sk_X509_VERIFY_PARAM_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_X509_VERIFY_PARAM_sk_type(sk), (n))
+#define sk_X509_VERIFY_PARAM_free(sk) OPENSSL_sk_free(ossl_check_X509_VERIFY_PARAM_sk_type(sk))
+#define sk_X509_VERIFY_PARAM_zero(sk) OPENSSL_sk_zero(ossl_check_X509_VERIFY_PARAM_sk_type(sk))
+#define sk_X509_VERIFY_PARAM_delete(sk, i) ((X509_VERIFY_PARAM *)OPENSSL_sk_delete(ossl_check_X509_VERIFY_PARAM_sk_type(sk), (i)))
+#define sk_X509_VERIFY_PARAM_delete_ptr(sk, ptr) ((X509_VERIFY_PARAM *)OPENSSL_sk_delete_ptr(ossl_check_X509_VERIFY_PARAM_sk_type(sk), ossl_check_X509_VERIFY_PARAM_type(ptr)))
+#define sk_X509_VERIFY_PARAM_push(sk, ptr) OPENSSL_sk_push(ossl_check_X509_VERIFY_PARAM_sk_type(sk), ossl_check_X509_VERIFY_PARAM_type(ptr))
+#define sk_X509_VERIFY_PARAM_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_X509_VERIFY_PARAM_sk_type(sk), ossl_check_X509_VERIFY_PARAM_type(ptr))
+#define sk_X509_VERIFY_PARAM_pop(sk) ((X509_VERIFY_PARAM *)OPENSSL_sk_pop(ossl_check_X509_VERIFY_PARAM_sk_type(sk)))
+#define sk_X509_VERIFY_PARAM_shift(sk) ((X509_VERIFY_PARAM *)OPENSSL_sk_shift(ossl_check_X509_VERIFY_PARAM_sk_type(sk)))
+#define sk_X509_VERIFY_PARAM_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_X509_VERIFY_PARAM_sk_type(sk),ossl_check_X509_VERIFY_PARAM_freefunc_type(freefunc))
+#define sk_X509_VERIFY_PARAM_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_X509_VERIFY_PARAM_sk_type(sk), ossl_check_X509_VERIFY_PARAM_type(ptr), (idx))
+#define sk_X509_VERIFY_PARAM_set(sk, idx, ptr) ((X509_VERIFY_PARAM *)OPENSSL_sk_set(ossl_check_X509_VERIFY_PARAM_sk_type(sk), (idx), ossl_check_X509_VERIFY_PARAM_type(ptr)))
+#define sk_X509_VERIFY_PARAM_find(sk, ptr) OPENSSL_sk_find(ossl_check_X509_VERIFY_PARAM_sk_type(sk), ossl_check_X509_VERIFY_PARAM_type(ptr))
+#define sk_X509_VERIFY_PARAM_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_X509_VERIFY_PARAM_sk_type(sk), ossl_check_X509_VERIFY_PARAM_type(ptr))
+#define sk_X509_VERIFY_PARAM_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_X509_VERIFY_PARAM_sk_type(sk), ossl_check_X509_VERIFY_PARAM_type(ptr), pnum)
+#define sk_X509_VERIFY_PARAM_sort(sk) OPENSSL_sk_sort(ossl_check_X509_VERIFY_PARAM_sk_type(sk))
+#define sk_X509_VERIFY_PARAM_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_X509_VERIFY_PARAM_sk_type(sk))
+#define sk_X509_VERIFY_PARAM_dup(sk) ((STACK_OF(X509_VERIFY_PARAM) *)OPENSSL_sk_dup(ossl_check_const_X509_VERIFY_PARAM_sk_type(sk)))
+#define sk_X509_VERIFY_PARAM_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(X509_VERIFY_PARAM) *)OPENSSL_sk_deep_copy(ossl_check_const_X509_VERIFY_PARAM_sk_type(sk), ossl_check_X509_VERIFY_PARAM_copyfunc_type(copyfunc), ossl_check_X509_VERIFY_PARAM_freefunc_type(freefunc)))
+#define sk_X509_VERIFY_PARAM_set_cmp_func(sk, cmp) ((sk_X509_VERIFY_PARAM_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_X509_VERIFY_PARAM_sk_type(sk), ossl_check_X509_VERIFY_PARAM_compfunc_type(cmp)))
+
+
+/* This is used for a table of trust checking functions */
+typedef struct x509_trust_st {
+ int trust;
+ int flags;
+ int (*check_trust) (struct x509_trust_st *, X509 *, int);
+ char *name;
+ int arg1;
+ void *arg2;
+} X509_TRUST;
+SKM_DEFINE_STACK_OF_INTERNAL(X509_TRUST, X509_TRUST, X509_TRUST)
+#define sk_X509_TRUST_num(sk) OPENSSL_sk_num(ossl_check_const_X509_TRUST_sk_type(sk))
+#define sk_X509_TRUST_value(sk, idx) ((X509_TRUST *)OPENSSL_sk_value(ossl_check_const_X509_TRUST_sk_type(sk), (idx)))
+#define sk_X509_TRUST_new(cmp) ((STACK_OF(X509_TRUST) *)OPENSSL_sk_new(ossl_check_X509_TRUST_compfunc_type(cmp)))
+#define sk_X509_TRUST_new_null() ((STACK_OF(X509_TRUST) *)OPENSSL_sk_new_null())
+#define sk_X509_TRUST_new_reserve(cmp, n) ((STACK_OF(X509_TRUST) *)OPENSSL_sk_new_reserve(ossl_check_X509_TRUST_compfunc_type(cmp), (n)))
+#define sk_X509_TRUST_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_X509_TRUST_sk_type(sk), (n))
+#define sk_X509_TRUST_free(sk) OPENSSL_sk_free(ossl_check_X509_TRUST_sk_type(sk))
+#define sk_X509_TRUST_zero(sk) OPENSSL_sk_zero(ossl_check_X509_TRUST_sk_type(sk))
+#define sk_X509_TRUST_delete(sk, i) ((X509_TRUST *)OPENSSL_sk_delete(ossl_check_X509_TRUST_sk_type(sk), (i)))
+#define sk_X509_TRUST_delete_ptr(sk, ptr) ((X509_TRUST *)OPENSSL_sk_delete_ptr(ossl_check_X509_TRUST_sk_type(sk), ossl_check_X509_TRUST_type(ptr)))
+#define sk_X509_TRUST_push(sk, ptr) OPENSSL_sk_push(ossl_check_X509_TRUST_sk_type(sk), ossl_check_X509_TRUST_type(ptr))
+#define sk_X509_TRUST_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_X509_TRUST_sk_type(sk), ossl_check_X509_TRUST_type(ptr))
+#define sk_X509_TRUST_pop(sk) ((X509_TRUST *)OPENSSL_sk_pop(ossl_check_X509_TRUST_sk_type(sk)))
+#define sk_X509_TRUST_shift(sk) ((X509_TRUST *)OPENSSL_sk_shift(ossl_check_X509_TRUST_sk_type(sk)))
+#define sk_X509_TRUST_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_X509_TRUST_sk_type(sk),ossl_check_X509_TRUST_freefunc_type(freefunc))
+#define sk_X509_TRUST_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_X509_TRUST_sk_type(sk), ossl_check_X509_TRUST_type(ptr), (idx))
+#define sk_X509_TRUST_set(sk, idx, ptr) ((X509_TRUST *)OPENSSL_sk_set(ossl_check_X509_TRUST_sk_type(sk), (idx), ossl_check_X509_TRUST_type(ptr)))
+#define sk_X509_TRUST_find(sk, ptr) OPENSSL_sk_find(ossl_check_X509_TRUST_sk_type(sk), ossl_check_X509_TRUST_type(ptr))
+#define sk_X509_TRUST_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_X509_TRUST_sk_type(sk), ossl_check_X509_TRUST_type(ptr))
+#define sk_X509_TRUST_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_X509_TRUST_sk_type(sk), ossl_check_X509_TRUST_type(ptr), pnum)
+#define sk_X509_TRUST_sort(sk) OPENSSL_sk_sort(ossl_check_X509_TRUST_sk_type(sk))
+#define sk_X509_TRUST_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_X509_TRUST_sk_type(sk))
+#define sk_X509_TRUST_dup(sk) ((STACK_OF(X509_TRUST) *)OPENSSL_sk_dup(ossl_check_const_X509_TRUST_sk_type(sk)))
+#define sk_X509_TRUST_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(X509_TRUST) *)OPENSSL_sk_deep_copy(ossl_check_const_X509_TRUST_sk_type(sk), ossl_check_X509_TRUST_copyfunc_type(copyfunc), ossl_check_X509_TRUST_freefunc_type(freefunc)))
+#define sk_X509_TRUST_set_cmp_func(sk, cmp) ((sk_X509_TRUST_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_X509_TRUST_sk_type(sk), ossl_check_X509_TRUST_compfunc_type(cmp)))
+
+
+/* standard trust ids */
+# define X509_TRUST_DEFAULT 0 /* Only valid in purpose settings */
+# define X509_TRUST_COMPAT 1
+# define X509_TRUST_SSL_CLIENT 2
+# define X509_TRUST_SSL_SERVER 3
+# define X509_TRUST_EMAIL 4
+# define X509_TRUST_OBJECT_SIGN 5
+# define X509_TRUST_OCSP_SIGN 6
+# define X509_TRUST_OCSP_REQUEST 7
+# define X509_TRUST_TSA 8
+/* Keep these up to date! */
+# define X509_TRUST_MIN 1
+# define X509_TRUST_MAX 8
+
+/* trust_flags values */
+# define X509_TRUST_DYNAMIC (1U << 0)
+# define X509_TRUST_DYNAMIC_NAME (1U << 1)
+/* No compat trust if self-signed, preempts "DO_SS" */
+# define X509_TRUST_NO_SS_COMPAT (1U << 2)
+/* Compat trust if no explicit accepted trust EKUs */
+# define X509_TRUST_DO_SS_COMPAT (1U << 3)
+/* Accept "anyEKU" as a wildcard rejection OID and as a wildcard trust OID */
+# define X509_TRUST_OK_ANY_EKU (1U << 4)
+
+/* check_trust return codes */
+# define X509_TRUST_TRUSTED 1
+# define X509_TRUST_REJECTED 2
+# define X509_TRUST_UNTRUSTED 3
+
+int X509_TRUST_set(int *t, int trust);
+int X509_TRUST_get_count(void);
+X509_TRUST *X509_TRUST_get0(int idx);
+int X509_TRUST_get_by_id(int id);
+int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST *, X509 *, int),
+ const char *name, int arg1, void *arg2);
+void X509_TRUST_cleanup(void);
+int X509_TRUST_get_flags(const X509_TRUST *xp);
+char *X509_TRUST_get0_name(const X509_TRUST *xp);
+int X509_TRUST_get_trust(const X509_TRUST *xp);
+
+int X509_trusted(const X509 *x);
+int X509_add1_trust_object(X509 *x, const ASN1_OBJECT *obj);
+int X509_add1_reject_object(X509 *x, const ASN1_OBJECT *obj);
+void X509_trust_clear(X509 *x);
+void X509_reject_clear(X509 *x);
+STACK_OF(ASN1_OBJECT) *X509_get0_trust_objects(X509 *x);
+STACK_OF(ASN1_OBJECT) *X509_get0_reject_objects(X509 *x);
+
+int (*X509_TRUST_set_default(int (*trust) (int, X509 *, int))) (int, X509 *,
+ int);
+int X509_check_trust(X509 *x, int id, int flags);
+
+int X509_verify_cert(X509_STORE_CTX *ctx);
+int X509_STORE_CTX_verify(X509_STORE_CTX *ctx);
+STACK_OF(X509) *X509_build_chain(X509 *target, STACK_OF(X509) *certs,
+ X509_STORE *store, int with_self_signed,
+ OSSL_LIB_CTX *libctx, const char *propq);
int X509_STORE_set_depth(X509_STORE *store, int depth);
@@ -88,7 +264,6 @@ typedef STACK_OF(X509_CRL)
const X509_NAME *nm);
typedef int (*X509_STORE_CTX_cleanup_fn)(X509_STORE_CTX *ctx);
-
void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
# define X509_STORE_CTX_set_app_data(ctx,data) \
@@ -113,101 +288,131 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
# define X509_LOOKUP_load_store(x,name) \
X509_LOOKUP_ctrl((x),X509_L_LOAD_STORE,(name),0,NULL)
-# define X509_V_OK 0
-# define X509_V_ERR_UNSPECIFIED 1
-# define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT 2
-# define X509_V_ERR_UNABLE_TO_GET_CRL 3
-# define X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE 4
-# define X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE 5
-# define X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY 6
-# define X509_V_ERR_CERT_SIGNATURE_FAILURE 7
-# define X509_V_ERR_CRL_SIGNATURE_FAILURE 8
-# define X509_V_ERR_CERT_NOT_YET_VALID 9
-# define X509_V_ERR_CERT_HAS_EXPIRED 10
-# define X509_V_ERR_CRL_NOT_YET_VALID 11
-# define X509_V_ERR_CRL_HAS_EXPIRED 12
-# define X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD 13
-# define X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD 14
-# define X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD 15
-# define X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD 16
-# define X509_V_ERR_OUT_OF_MEM 17
-# define X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT 18
-# define X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN 19
-# define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY 20
-# define X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE 21
-# define X509_V_ERR_CERT_CHAIN_TOO_LONG 22
-# define X509_V_ERR_CERT_REVOKED 23
-# define X509_V_ERR_INVALID_CA 24
-# define X509_V_ERR_PATH_LENGTH_EXCEEDED 25
-# define X509_V_ERR_INVALID_PURPOSE 26
-# define X509_V_ERR_CERT_UNTRUSTED 27
-# define X509_V_ERR_CERT_REJECTED 28
+# define X509_LOOKUP_load_file_ex(x, name, type, libctx, propq) \
+X509_LOOKUP_ctrl_ex((x), X509_L_FILE_LOAD, (name), (long)(type), NULL,\
+ (libctx), (propq))
+
+# define X509_LOOKUP_load_store_ex(x, name, libctx, propq) \
+X509_LOOKUP_ctrl_ex((x), X509_L_LOAD_STORE, (name), 0, NULL, \
+ (libctx), (propq))
+
+# define X509_LOOKUP_add_store_ex(x, name, libctx, propq) \
+X509_LOOKUP_ctrl_ex((x), X509_L_ADD_STORE, (name), 0, NULL, \
+ (libctx), (propq))
+
+# define X509_V_OK 0
+# define X509_V_ERR_UNSPECIFIED 1
+# define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT 2
+# define X509_V_ERR_UNABLE_TO_GET_CRL 3
+# define X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE 4
+# define X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE 5
+# define X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY 6
+# define X509_V_ERR_CERT_SIGNATURE_FAILURE 7
+# define X509_V_ERR_CRL_SIGNATURE_FAILURE 8
+# define X509_V_ERR_CERT_NOT_YET_VALID 9
+# define X509_V_ERR_CERT_HAS_EXPIRED 10
+# define X509_V_ERR_CRL_NOT_YET_VALID 11
+# define X509_V_ERR_CRL_HAS_EXPIRED 12
+# define X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD 13
+# define X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD 14
+# define X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD 15
+# define X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD 16
+# define X509_V_ERR_OUT_OF_MEM 17
+# define X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT 18
+# define X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN 19
+# define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY 20
+# define X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE 21
+# define X509_V_ERR_CERT_CHAIN_TOO_LONG 22
+# define X509_V_ERR_CERT_REVOKED 23
+# define X509_V_ERR_NO_ISSUER_PUBLIC_KEY 24
+# define X509_V_ERR_PATH_LENGTH_EXCEEDED 25
+# define X509_V_ERR_INVALID_PURPOSE 26
+# define X509_V_ERR_CERT_UNTRUSTED 27
+# define X509_V_ERR_CERT_REJECTED 28
+
/* These are 'informational' when looking for issuer cert */
-# define X509_V_ERR_SUBJECT_ISSUER_MISMATCH 29
-# define X509_V_ERR_AKID_SKID_MISMATCH 30
-# define X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH 31
-# define X509_V_ERR_KEYUSAGE_NO_CERTSIGN 32
-# define X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER 33
-# define X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION 34
-# define X509_V_ERR_KEYUSAGE_NO_CRL_SIGN 35
-# define X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION 36
-# define X509_V_ERR_INVALID_NON_CA 37
-# define X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED 38
-# define X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE 39
-# define X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED 40
-# define X509_V_ERR_INVALID_EXTENSION 41
-# define X509_V_ERR_INVALID_POLICY_EXTENSION 42
-# define X509_V_ERR_NO_EXPLICIT_POLICY 43
-# define X509_V_ERR_DIFFERENT_CRL_SCOPE 44
-# define X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE 45
-# define X509_V_ERR_UNNESTED_RESOURCE 46
-# define X509_V_ERR_PERMITTED_VIOLATION 47
-# define X509_V_ERR_EXCLUDED_VIOLATION 48
-# define X509_V_ERR_SUBTREE_MINMAX 49
+# define X509_V_ERR_SUBJECT_ISSUER_MISMATCH 29
+# define X509_V_ERR_AKID_SKID_MISMATCH 30
+# define X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH 31
+# define X509_V_ERR_KEYUSAGE_NO_CERTSIGN 32
+# define X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER 33
+# define X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION 34
+# define X509_V_ERR_KEYUSAGE_NO_CRL_SIGN 35
+# define X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION 36
+# define X509_V_ERR_INVALID_NON_CA 37
+# define X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED 38
+# define X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE 39
+# define X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED 40
+# define X509_V_ERR_INVALID_EXTENSION 41
+# define X509_V_ERR_INVALID_POLICY_EXTENSION 42
+# define X509_V_ERR_NO_EXPLICIT_POLICY 43
+# define X509_V_ERR_DIFFERENT_CRL_SCOPE 44
+# define X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE 45
+# define X509_V_ERR_UNNESTED_RESOURCE 46
+# define X509_V_ERR_PERMITTED_VIOLATION 47
+# define X509_V_ERR_EXCLUDED_VIOLATION 48
+# define X509_V_ERR_SUBTREE_MINMAX 49
/* The application is not happy */
-# define X509_V_ERR_APPLICATION_VERIFICATION 50
-# define X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE 51
-# define X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX 52
-# define X509_V_ERR_UNSUPPORTED_NAME_SYNTAX 53
-# define X509_V_ERR_CRL_PATH_VALIDATION_ERROR 54
+# define X509_V_ERR_APPLICATION_VERIFICATION 50
+# define X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE 51
+# define X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX 52
+# define X509_V_ERR_UNSUPPORTED_NAME_SYNTAX 53
+# define X509_V_ERR_CRL_PATH_VALIDATION_ERROR 54
/* Another issuer check debug option */
-# define X509_V_ERR_PATH_LOOP 55
+# define X509_V_ERR_PATH_LOOP 55
/* Suite B mode algorithm violation */
-# define X509_V_ERR_SUITE_B_INVALID_VERSION 56
-# define X509_V_ERR_SUITE_B_INVALID_ALGORITHM 57
-# define X509_V_ERR_SUITE_B_INVALID_CURVE 58
-# define X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM 59
-# define X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED 60
-# define X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 61
+# define X509_V_ERR_SUITE_B_INVALID_VERSION 56
+# define X509_V_ERR_SUITE_B_INVALID_ALGORITHM 57
+# define X509_V_ERR_SUITE_B_INVALID_CURVE 58
+# define X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM 59
+# define X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED 60
+# define X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 61
/* Host, email and IP check errors */
-# define X509_V_ERR_HOSTNAME_MISMATCH 62
-# define X509_V_ERR_EMAIL_MISMATCH 63
-# define X509_V_ERR_IP_ADDRESS_MISMATCH 64
+# define X509_V_ERR_HOSTNAME_MISMATCH 62
+# define X509_V_ERR_EMAIL_MISMATCH 63
+# define X509_V_ERR_IP_ADDRESS_MISMATCH 64
/* DANE TLSA errors */
-# define X509_V_ERR_DANE_NO_MATCH 65
+# define X509_V_ERR_DANE_NO_MATCH 65
/* security level errors */
-# define X509_V_ERR_EE_KEY_TOO_SMALL 66
-# define X509_V_ERR_CA_KEY_TOO_SMALL 67
-# define X509_V_ERR_CA_MD_TOO_WEAK 68
+# define X509_V_ERR_EE_KEY_TOO_SMALL 66
+# define X509_V_ERR_CA_KEY_TOO_SMALL 67
+# define X509_V_ERR_CA_MD_TOO_WEAK 68
/* Caller error */
-# define X509_V_ERR_INVALID_CALL 69
+# define X509_V_ERR_INVALID_CALL 69
/* Issuer lookup error */
-# define X509_V_ERR_STORE_LOOKUP 70
+# define X509_V_ERR_STORE_LOOKUP 70
/* Certificate transparency */
-# define X509_V_ERR_NO_VALID_SCTS 71
+# define X509_V_ERR_NO_VALID_SCTS 71
-# define X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION 72
+# define X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION 72
/* OCSP status errors */
-# define X509_V_ERR_OCSP_VERIFY_NEEDED 73 /* Need OCSP verification */
-# define X509_V_ERR_OCSP_VERIFY_FAILED 74 /* Couldn't verify cert through OCSP */
-# define X509_V_ERR_OCSP_CERT_UNKNOWN 75 /* Certificate wasn't recognized by the OCSP responder */
-
-# define X509_V_ERR_SIGNATURE_ALGORITHM_MISMATCH 76
-# define X509_V_ERR_NO_ISSUER_PUBLIC_KEY 77
-
+# define X509_V_ERR_OCSP_VERIFY_NEEDED 73 /* Need OCSP verification */
+# define X509_V_ERR_OCSP_VERIFY_FAILED 74 /* Couldn't verify cert through OCSP */
+# define X509_V_ERR_OCSP_CERT_UNKNOWN 75 /* Certificate wasn't recognized by the OCSP responder */
+
+# define X509_V_ERR_UNSUPPORTED_SIGNATURE_ALGORITHM 76
+# define X509_V_ERR_SIGNATURE_ALGORITHM_MISMATCH 77
+
+/* Errors in case a check in X509_V_FLAG_X509_STRICT mode fails */
+# define X509_V_ERR_SIGNATURE_ALGORITHM_INCONSISTENCY 78
+# define X509_V_ERR_INVALID_CA 79
+# define X509_V_ERR_PATHLEN_INVALID_FOR_NON_CA 80
+# define X509_V_ERR_PATHLEN_WITHOUT_KU_KEY_CERT_SIGN 81
+# define X509_V_ERR_KU_KEY_CERT_SIGN_INVALID_FOR_NON_CA 82
+# define X509_V_ERR_ISSUER_NAME_EMPTY 83
+# define X509_V_ERR_SUBJECT_NAME_EMPTY 84
+# define X509_V_ERR_MISSING_AUTHORITY_KEY_IDENTIFIER 85
+# define X509_V_ERR_MISSING_SUBJECT_KEY_IDENTIFIER 86
+# define X509_V_ERR_EMPTY_SUBJECT_ALT_NAME 87
+# define X509_V_ERR_EMPTY_SUBJECT_SAN_NOT_CRITICAL 88
+# define X509_V_ERR_CA_BCONS_NOT_CRITICAL 89
+# define X509_V_ERR_AUTHORITY_KEY_IDENTIFIER_CRITICAL 90
+# define X509_V_ERR_SUBJECT_KEY_IDENTIFIER_CRITICAL 91
+# define X509_V_ERR_CA_CERT_MISSING_KEY_USAGE 92
+# define X509_V_ERR_EXTENSIONS_REQUIRE_VERSION_3 93
+# define X509_V_ERR_EC_KEY_EXPLICIT_PARAMS 94
/* Certificate verify flags */
-
# ifndef OPENSSL_NO_DEPRECATED_1_1_0
# define X509_V_FLAG_CB_ISSUER_CHECK 0x0 /* Deprecated */
# endif
@@ -352,15 +557,14 @@ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(const X509_STORE *ctx);
int X509_STORE_set_ex_data(X509_STORE *ctx, int idx, void *data);
void *X509_STORE_get_ex_data(const X509_STORE *ctx, int idx);
-X509_STORE_CTX *X509_STORE_CTX_new_with_libctx(OPENSSL_CTX *libctx,
- const char *propq);
+X509_STORE_CTX *X509_STORE_CTX_new_ex(OSSL_LIB_CTX *libctx, const char *propq);
X509_STORE_CTX *X509_STORE_CTX_new(void);
int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
-int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
- X509 *x509, STACK_OF(X509) *chain);
+int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *trust_store,
+ X509 *target, STACK_OF(X509) *untrusted);
void X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
@@ -403,10 +607,20 @@ X509_LOOKUP_METHOD *X509_LOOKUP_store(void);
typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc,
long argl, char **ret);
+typedef int (*X509_LOOKUP_ctrl_ex_fn)(
+ X509_LOOKUP *ctx, int cmd, const char *argc, long argl, char **ret,
+ OSSL_LIB_CTX *libctx, const char *propq);
+
typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx,
X509_LOOKUP_TYPE type,
const X509_NAME *name,
X509_OBJECT *ret);
+typedef int (*X509_LOOKUP_get_by_subject_ex_fn)(X509_LOOKUP *ctx,
+ X509_LOOKUP_TYPE type,
+ const X509_NAME *name,
+ X509_OBJECT *ret,
+ OSSL_LIB_CTX *libctx,
+ const char *propq);
typedef int (*X509_LOOKUP_get_by_issuer_serial_fn)(X509_LOOKUP *ctx,
X509_LOOKUP_TYPE type,
const X509_NAME *name,
@@ -483,16 +697,25 @@ X509_OBJECT *X509_STORE_CTX_get_obj_by_subject(X509_STORE_CTX *vs,
int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc,
long argl, char **ret);
+int X509_LOOKUP_ctrl_ex(X509_LOOKUP *ctx, int cmd, const char *argc, long argl,
+ char **ret, OSSL_LIB_CTX *libctx, const char *propq);
int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type);
+int X509_load_cert_file_ex(X509_LOOKUP *ctx, const char *file, int type,
+ OSSL_LIB_CTX *libctx, const char *propq);
int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type);
int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type);
+int X509_load_cert_crl_file_ex(X509_LOOKUP *ctx, const char *file, int type,
+ OSSL_LIB_CTX *libctx, const char *propq);
X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method);
void X509_LOOKUP_free(X509_LOOKUP *ctx);
int X509_LOOKUP_init(X509_LOOKUP *ctx);
int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
const X509_NAME *name, X509_OBJECT *ret);
+int X509_LOOKUP_by_subject_ex(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
+ const X509_NAME *name, X509_OBJECT *ret,
+ OSSL_LIB_CTX *libctx, const char *propq);
int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
const X509_NAME *name,
const ASN1_INTEGER *serial,
@@ -515,6 +738,16 @@ int X509_STORE_load_locations(X509_STORE *ctx,
const char *dir);
int X509_STORE_set_default_paths(X509_STORE *ctx);
+int X509_STORE_load_file_ex(X509_STORE *ctx, const char *file,
+ OSSL_LIB_CTX *libctx, const char *propq);
+int X509_STORE_load_store_ex(X509_STORE *ctx, const char *store,
+ OSSL_LIB_CTX *libctx, const char *propq);
+int X509_STORE_load_locations_ex(X509_STORE *ctx, const char *file,
+ const char *dir, OSSL_LIB_CTX *libctx,
+ const char *propq);
+int X509_STORE_set_default_paths_ex(X509_STORE *ctx, OSSL_LIB_CTX *libctx,
+ const char *propq);
+
#define X509_STORE_CTX_get_ex_new_index(l, p, newf, dupf, freef) \
CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE_CTX, l, p, newf, dupf, freef)
int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data);
@@ -530,9 +763,9 @@ X509_CRL *X509_STORE_CTX_get0_current_crl(const X509_STORE_CTX *ctx);
X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(const X509_STORE_CTX *ctx);
STACK_OF(X509) *X509_STORE_CTX_get0_chain(const X509_STORE_CTX *ctx);
STACK_OF(X509) *X509_STORE_CTX_get1_chain(const X509_STORE_CTX *ctx);
-void X509_STORE_CTX_set_cert(X509_STORE_CTX *c, X509 *x);
+void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *target);
void X509_STORE_CTX_set0_verified_chain(X509_STORE_CTX *c, STACK_OF(X509) *sk);
-void X509_STORE_CTX_set0_crls(X509_STORE_CTX *c, STACK_OF(X509_CRL) *sk);
+void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk);
int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose);
int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust);
int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
diff --git a/openssl/include/openssl/x509err.h b/openssl/include/openssl/x509err.h
index 85e7419d..5c43fd3d 100644..100755
--- a/openssl/include/openssl/x509err.h
+++ b/openssl/include/openssl/x509err.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -14,86 +14,9 @@
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
+# include <openssl/cryptoerr_legacy.h>
-# ifdef __cplusplus
-extern "C"
-# endif
-int ERR_load_X509_strings(void);
-
-/*
- * X509 function codes.
- */
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define X509_F_ADD_CERT_DIR 0
-# define X509_F_BUILD_CHAIN 0
-# define X509_F_BY_FILE_CTRL 0
-# define X509_F_CACHE_OBJECTS 0
-# define X509_F_CHECK_NAME_CONSTRAINTS 0
-# define X509_F_CHECK_POLICY 0
-# define X509_F_COMMON_VERIFY_SM2 0
-# define X509_F_DANE_I2D 0
-# define X509_F_DIR_CTRL 0
-# define X509_F_GET_CERT_BY_SUBJECT 0
-# define X509_F_I2D_X509_AUX 0
-# define X509_F_LOOKUP_CERTS_SK 0
-# define X509_F_NETSCAPE_SPKI_B64_DECODE 0
-# define X509_F_NETSCAPE_SPKI_B64_ENCODE 0
-# define X509_F_NEW_DIR 0
-# define X509_F_X509AT_ADD1_ATTR 0
-# define X509_F_X509V3_ADD_EXT 0
-# define X509_F_X509_ATTRIBUTE_CREATE_BY_NID 0
-# define X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ 0
-# define X509_F_X509_ATTRIBUTE_CREATE_BY_TXT 0
-# define X509_F_X509_ATTRIBUTE_GET0_DATA 0
-# define X509_F_X509_ATTRIBUTE_SET1_DATA 0
-# define X509_F_X509_CHECK_PRIVATE_KEY 0
-# define X509_F_X509_CRL_DIFF 0
-# define X509_F_X509_CRL_METHOD_NEW 0
-# define X509_F_X509_CRL_PRINT_FP 0
-# define X509_F_X509_EXTENSION_CREATE_BY_NID 0
-# define X509_F_X509_EXTENSION_CREATE_BY_OBJ 0
-# define X509_F_X509_GET_PUBKEY_PARAMETERS 0
-# define X509_F_X509_LOAD_CERT_CRL_FILE 0
-# define X509_F_X509_LOAD_CERT_FILE 0
-# define X509_F_X509_LOAD_CRL_FILE 0
-# define X509_F_X509_LOOKUP_METH_NEW 0
-# define X509_F_X509_LOOKUP_NEW 0
-# define X509_F_X509_NAME_ADD_ENTRY 0
-# define X509_F_X509_NAME_CANON 0
-# define X509_F_X509_NAME_ENTRY_CREATE_BY_NID 0
-# define X509_F_X509_NAME_ENTRY_CREATE_BY_TXT 0
-# define X509_F_X509_NAME_ENTRY_SET_OBJECT 0
-# define X509_F_X509_NAME_ONELINE 0
-# define X509_F_X509_NAME_PRINT 0
-# define X509_F_X509_OBJECT_NEW 0
-# define X509_F_X509_PRINT_EX_FP 0
-# define X509_F_X509_PUBKEY_DECODE 0
-# define X509_F_X509_PUBKEY_GET 0
-# define X509_F_X509_PUBKEY_GET0 0
-# define X509_F_X509_PUBKEY_SET 0
-# define X509_F_X509_REQ_CHECK_PRIVATE_KEY 0
-# define X509_F_X509_REQ_PRINT_EX 0
-# define X509_F_X509_REQ_PRINT_FP 0
-# define X509_F_X509_REQ_TO_X509 0
-# define X509_F_X509_REQ_VERIFY 0
-# define X509_F_X509_REQ_VERIFY_SM2 0
-# define X509_F_X509_STORE_ADD_CERT 0
-# define X509_F_X509_STORE_ADD_CRL 0
-# define X509_F_X509_STORE_ADD_LOOKUP 0
-# define X509_F_X509_STORE_CTX_GET1_ISSUER 0
-# define X509_F_X509_STORE_CTX_INIT 0
-# define X509_F_X509_STORE_CTX_NEW 0
-# define X509_F_X509_STORE_CTX_PURPOSE_INHERIT 0
-# define X509_F_X509_STORE_NEW 0
-# define X509_F_X509_TO_X509_REQ 0
-# define X509_F_X509_TRUST_ADD 0
-# define X509_F_X509_TRUST_SET 0
-# define X509_F_X509_VERIFY 0
-# define X509_F_X509_VERIFY_CERT 0
-# define X509_F_X509_VERIFY_PARAM_NEW 0
-# define X509_F_X509_VERIFY_SM2 0
-# endif
/*
* X509 reason codes.
@@ -107,9 +30,12 @@ int ERR_load_X509_strings(void);
# define X509_R_CERT_ALREADY_IN_HASH_TABLE 101
# define X509_R_CRL_ALREADY_DELTA 127
# define X509_R_CRL_VERIFY_FAILURE 131
+# define X509_R_ERROR_GETTING_MD_BY_NID 141
+# define X509_R_ERROR_USING_SIGINF_SET 142
# define X509_R_IDP_MISMATCH 128
# define X509_R_INVALID_ATTRIBUTES 138
# define X509_R_INVALID_DIRECTORY 113
+# define X509_R_INVALID_DISTPOINT 143
# define X509_R_INVALID_FIELD_NAME 119
# define X509_R_INVALID_TRUST 123
# define X509_R_ISSUER_MISMATCH 129
@@ -133,6 +59,7 @@ int ERR_load_X509_strings(void);
# define X509_R_UNKNOWN_KEY_TYPE 117
# define X509_R_UNKNOWN_NID 109
# define X509_R_UNKNOWN_PURPOSE_ID 121
+# define X509_R_UNKNOWN_SIGID_ALGS 144
# define X509_R_UNKNOWN_TRUST_ID 120
# define X509_R_UNSUPPORTED_ALGORITHM 111
# define X509_R_WRONG_LOOKUP_TYPE 112
diff --git a/openssl/include/openssl/x509v3.h b/openssl/include/openssl/x509v3.h
index 26d0fd80..97a6a6f2 100644..100755
--- a/openssl/include/openssl/x509v3.h
+++ b/openssl/include/openssl/x509v3.h
@@ -1,5 +1,8 @@
/*
- * Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * WARNING: do not edit!
+ * Generated by makefile from include\openssl\x509v3.h.in
+ *
+ * Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -7,6 +10,8 @@
* https://www.openssl.org/source/license.html
*/
+
+
#ifndef OPENSSL_X509V3_H
# define OPENSSL_X509V3_H
# pragma once
@@ -81,9 +86,12 @@ typedef struct X509V3_CONF_METHOD_st {
void (*free_section) (void *db, STACK_OF(CONF_VALUE) *section);
} X509V3_CONF_METHOD;
-/* Context specific info */
+/* Context specific info for producing X509 v3 extensions*/
struct v3_ext_ctx {
-# define CTX_TEST 0x1
+# define X509V3_CTX_TEST 0x1
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define CTX_TEST X509V3_CTX_TEST
+# endif
# define X509V3_CTX_REPLACE 0x2
int flags;
X509 *issuer_cert;
@@ -92,12 +100,39 @@ struct v3_ext_ctx {
X509_CRL *crl;
X509V3_CONF_METHOD *db_meth;
void *db;
+ EVP_PKEY *issuer_pkey;
/* Maybe more here */
};
typedef struct v3_ext_method X509V3_EXT_METHOD;
-DEFINE_OR_DECLARE_STACK_OF(X509V3_EXT_METHOD)
+SKM_DEFINE_STACK_OF_INTERNAL(X509V3_EXT_METHOD, X509V3_EXT_METHOD, X509V3_EXT_METHOD)
+#define sk_X509V3_EXT_METHOD_num(sk) OPENSSL_sk_num(ossl_check_const_X509V3_EXT_METHOD_sk_type(sk))
+#define sk_X509V3_EXT_METHOD_value(sk, idx) ((X509V3_EXT_METHOD *)OPENSSL_sk_value(ossl_check_const_X509V3_EXT_METHOD_sk_type(sk), (idx)))
+#define sk_X509V3_EXT_METHOD_new(cmp) ((STACK_OF(X509V3_EXT_METHOD) *)OPENSSL_sk_new(ossl_check_X509V3_EXT_METHOD_compfunc_type(cmp)))
+#define sk_X509V3_EXT_METHOD_new_null() ((STACK_OF(X509V3_EXT_METHOD) *)OPENSSL_sk_new_null())
+#define sk_X509V3_EXT_METHOD_new_reserve(cmp, n) ((STACK_OF(X509V3_EXT_METHOD) *)OPENSSL_sk_new_reserve(ossl_check_X509V3_EXT_METHOD_compfunc_type(cmp), (n)))
+#define sk_X509V3_EXT_METHOD_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_X509V3_EXT_METHOD_sk_type(sk), (n))
+#define sk_X509V3_EXT_METHOD_free(sk) OPENSSL_sk_free(ossl_check_X509V3_EXT_METHOD_sk_type(sk))
+#define sk_X509V3_EXT_METHOD_zero(sk) OPENSSL_sk_zero(ossl_check_X509V3_EXT_METHOD_sk_type(sk))
+#define sk_X509V3_EXT_METHOD_delete(sk, i) ((X509V3_EXT_METHOD *)OPENSSL_sk_delete(ossl_check_X509V3_EXT_METHOD_sk_type(sk), (i)))
+#define sk_X509V3_EXT_METHOD_delete_ptr(sk, ptr) ((X509V3_EXT_METHOD *)OPENSSL_sk_delete_ptr(ossl_check_X509V3_EXT_METHOD_sk_type(sk), ossl_check_X509V3_EXT_METHOD_type(ptr)))
+#define sk_X509V3_EXT_METHOD_push(sk, ptr) OPENSSL_sk_push(ossl_check_X509V3_EXT_METHOD_sk_type(sk), ossl_check_X509V3_EXT_METHOD_type(ptr))
+#define sk_X509V3_EXT_METHOD_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_X509V3_EXT_METHOD_sk_type(sk), ossl_check_X509V3_EXT_METHOD_type(ptr))
+#define sk_X509V3_EXT_METHOD_pop(sk) ((X509V3_EXT_METHOD *)OPENSSL_sk_pop(ossl_check_X509V3_EXT_METHOD_sk_type(sk)))
+#define sk_X509V3_EXT_METHOD_shift(sk) ((X509V3_EXT_METHOD *)OPENSSL_sk_shift(ossl_check_X509V3_EXT_METHOD_sk_type(sk)))
+#define sk_X509V3_EXT_METHOD_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_X509V3_EXT_METHOD_sk_type(sk),ossl_check_X509V3_EXT_METHOD_freefunc_type(freefunc))
+#define sk_X509V3_EXT_METHOD_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_X509V3_EXT_METHOD_sk_type(sk), ossl_check_X509V3_EXT_METHOD_type(ptr), (idx))
+#define sk_X509V3_EXT_METHOD_set(sk, idx, ptr) ((X509V3_EXT_METHOD *)OPENSSL_sk_set(ossl_check_X509V3_EXT_METHOD_sk_type(sk), (idx), ossl_check_X509V3_EXT_METHOD_type(ptr)))
+#define sk_X509V3_EXT_METHOD_find(sk, ptr) OPENSSL_sk_find(ossl_check_X509V3_EXT_METHOD_sk_type(sk), ossl_check_X509V3_EXT_METHOD_type(ptr))
+#define sk_X509V3_EXT_METHOD_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_X509V3_EXT_METHOD_sk_type(sk), ossl_check_X509V3_EXT_METHOD_type(ptr))
+#define sk_X509V3_EXT_METHOD_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_X509V3_EXT_METHOD_sk_type(sk), ossl_check_X509V3_EXT_METHOD_type(ptr), pnum)
+#define sk_X509V3_EXT_METHOD_sort(sk) OPENSSL_sk_sort(ossl_check_X509V3_EXT_METHOD_sk_type(sk))
+#define sk_X509V3_EXT_METHOD_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_X509V3_EXT_METHOD_sk_type(sk))
+#define sk_X509V3_EXT_METHOD_dup(sk) ((STACK_OF(X509V3_EXT_METHOD) *)OPENSSL_sk_dup(ossl_check_const_X509V3_EXT_METHOD_sk_type(sk)))
+#define sk_X509V3_EXT_METHOD_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(X509V3_EXT_METHOD) *)OPENSSL_sk_deep_copy(ossl_check_const_X509V3_EXT_METHOD_sk_type(sk), ossl_check_X509V3_EXT_METHOD_copyfunc_type(copyfunc), ossl_check_X509V3_EXT_METHOD_freefunc_type(freefunc)))
+#define sk_X509V3_EXT_METHOD_set_cmp_func(sk, cmp) ((sk_X509V3_EXT_METHOD_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_X509V3_EXT_METHOD_sk_type(sk), ossl_check_X509V3_EXT_METHOD_compfunc_type(cmp)))
+
/* ext_flags values */
# define X509V3_EXT_DYNAMIC 0x1
@@ -163,15 +198,92 @@ typedef struct ACCESS_DESCRIPTION_st {
GENERAL_NAME *location;
} ACCESS_DESCRIPTION;
-DEFINE_OR_DECLARE_STACK_OF(ACCESS_DESCRIPTION)
-DEFINE_OR_DECLARE_STACK_OF(GENERAL_NAME)
+SKM_DEFINE_STACK_OF_INTERNAL(ACCESS_DESCRIPTION, ACCESS_DESCRIPTION, ACCESS_DESCRIPTION)
+#define sk_ACCESS_DESCRIPTION_num(sk) OPENSSL_sk_num(ossl_check_const_ACCESS_DESCRIPTION_sk_type(sk))
+#define sk_ACCESS_DESCRIPTION_value(sk, idx) ((ACCESS_DESCRIPTION *)OPENSSL_sk_value(ossl_check_const_ACCESS_DESCRIPTION_sk_type(sk), (idx)))
+#define sk_ACCESS_DESCRIPTION_new(cmp) ((STACK_OF(ACCESS_DESCRIPTION) *)OPENSSL_sk_new(ossl_check_ACCESS_DESCRIPTION_compfunc_type(cmp)))
+#define sk_ACCESS_DESCRIPTION_new_null() ((STACK_OF(ACCESS_DESCRIPTION) *)OPENSSL_sk_new_null())
+#define sk_ACCESS_DESCRIPTION_new_reserve(cmp, n) ((STACK_OF(ACCESS_DESCRIPTION) *)OPENSSL_sk_new_reserve(ossl_check_ACCESS_DESCRIPTION_compfunc_type(cmp), (n)))
+#define sk_ACCESS_DESCRIPTION_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_ACCESS_DESCRIPTION_sk_type(sk), (n))
+#define sk_ACCESS_DESCRIPTION_free(sk) OPENSSL_sk_free(ossl_check_ACCESS_DESCRIPTION_sk_type(sk))
+#define sk_ACCESS_DESCRIPTION_zero(sk) OPENSSL_sk_zero(ossl_check_ACCESS_DESCRIPTION_sk_type(sk))
+#define sk_ACCESS_DESCRIPTION_delete(sk, i) ((ACCESS_DESCRIPTION *)OPENSSL_sk_delete(ossl_check_ACCESS_DESCRIPTION_sk_type(sk), (i)))
+#define sk_ACCESS_DESCRIPTION_delete_ptr(sk, ptr) ((ACCESS_DESCRIPTION *)OPENSSL_sk_delete_ptr(ossl_check_ACCESS_DESCRIPTION_sk_type(sk), ossl_check_ACCESS_DESCRIPTION_type(ptr)))
+#define sk_ACCESS_DESCRIPTION_push(sk, ptr) OPENSSL_sk_push(ossl_check_ACCESS_DESCRIPTION_sk_type(sk), ossl_check_ACCESS_DESCRIPTION_type(ptr))
+#define sk_ACCESS_DESCRIPTION_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_ACCESS_DESCRIPTION_sk_type(sk), ossl_check_ACCESS_DESCRIPTION_type(ptr))
+#define sk_ACCESS_DESCRIPTION_pop(sk) ((ACCESS_DESCRIPTION *)OPENSSL_sk_pop(ossl_check_ACCESS_DESCRIPTION_sk_type(sk)))
+#define sk_ACCESS_DESCRIPTION_shift(sk) ((ACCESS_DESCRIPTION *)OPENSSL_sk_shift(ossl_check_ACCESS_DESCRIPTION_sk_type(sk)))
+#define sk_ACCESS_DESCRIPTION_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_ACCESS_DESCRIPTION_sk_type(sk),ossl_check_ACCESS_DESCRIPTION_freefunc_type(freefunc))
+#define sk_ACCESS_DESCRIPTION_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_ACCESS_DESCRIPTION_sk_type(sk), ossl_check_ACCESS_DESCRIPTION_type(ptr), (idx))
+#define sk_ACCESS_DESCRIPTION_set(sk, idx, ptr) ((ACCESS_DESCRIPTION *)OPENSSL_sk_set(ossl_check_ACCESS_DESCRIPTION_sk_type(sk), (idx), ossl_check_ACCESS_DESCRIPTION_type(ptr)))
+#define sk_ACCESS_DESCRIPTION_find(sk, ptr) OPENSSL_sk_find(ossl_check_ACCESS_DESCRIPTION_sk_type(sk), ossl_check_ACCESS_DESCRIPTION_type(ptr))
+#define sk_ACCESS_DESCRIPTION_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_ACCESS_DESCRIPTION_sk_type(sk), ossl_check_ACCESS_DESCRIPTION_type(ptr))
+#define sk_ACCESS_DESCRIPTION_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_ACCESS_DESCRIPTION_sk_type(sk), ossl_check_ACCESS_DESCRIPTION_type(ptr), pnum)
+#define sk_ACCESS_DESCRIPTION_sort(sk) OPENSSL_sk_sort(ossl_check_ACCESS_DESCRIPTION_sk_type(sk))
+#define sk_ACCESS_DESCRIPTION_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_ACCESS_DESCRIPTION_sk_type(sk))
+#define sk_ACCESS_DESCRIPTION_dup(sk) ((STACK_OF(ACCESS_DESCRIPTION) *)OPENSSL_sk_dup(ossl_check_const_ACCESS_DESCRIPTION_sk_type(sk)))
+#define sk_ACCESS_DESCRIPTION_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(ACCESS_DESCRIPTION) *)OPENSSL_sk_deep_copy(ossl_check_const_ACCESS_DESCRIPTION_sk_type(sk), ossl_check_ACCESS_DESCRIPTION_copyfunc_type(copyfunc), ossl_check_ACCESS_DESCRIPTION_freefunc_type(freefunc)))
+#define sk_ACCESS_DESCRIPTION_set_cmp_func(sk, cmp) ((sk_ACCESS_DESCRIPTION_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_ACCESS_DESCRIPTION_sk_type(sk), ossl_check_ACCESS_DESCRIPTION_compfunc_type(cmp)))
+SKM_DEFINE_STACK_OF_INTERNAL(GENERAL_NAME, GENERAL_NAME, GENERAL_NAME)
+#define sk_GENERAL_NAME_num(sk) OPENSSL_sk_num(ossl_check_const_GENERAL_NAME_sk_type(sk))
+#define sk_GENERAL_NAME_value(sk, idx) ((GENERAL_NAME *)OPENSSL_sk_value(ossl_check_const_GENERAL_NAME_sk_type(sk), (idx)))
+#define sk_GENERAL_NAME_new(cmp) ((STACK_OF(GENERAL_NAME) *)OPENSSL_sk_new(ossl_check_GENERAL_NAME_compfunc_type(cmp)))
+#define sk_GENERAL_NAME_new_null() ((STACK_OF(GENERAL_NAME) *)OPENSSL_sk_new_null())
+#define sk_GENERAL_NAME_new_reserve(cmp, n) ((STACK_OF(GENERAL_NAME) *)OPENSSL_sk_new_reserve(ossl_check_GENERAL_NAME_compfunc_type(cmp), (n)))
+#define sk_GENERAL_NAME_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_GENERAL_NAME_sk_type(sk), (n))
+#define sk_GENERAL_NAME_free(sk) OPENSSL_sk_free(ossl_check_GENERAL_NAME_sk_type(sk))
+#define sk_GENERAL_NAME_zero(sk) OPENSSL_sk_zero(ossl_check_GENERAL_NAME_sk_type(sk))
+#define sk_GENERAL_NAME_delete(sk, i) ((GENERAL_NAME *)OPENSSL_sk_delete(ossl_check_GENERAL_NAME_sk_type(sk), (i)))
+#define sk_GENERAL_NAME_delete_ptr(sk, ptr) ((GENERAL_NAME *)OPENSSL_sk_delete_ptr(ossl_check_GENERAL_NAME_sk_type(sk), ossl_check_GENERAL_NAME_type(ptr)))
+#define sk_GENERAL_NAME_push(sk, ptr) OPENSSL_sk_push(ossl_check_GENERAL_NAME_sk_type(sk), ossl_check_GENERAL_NAME_type(ptr))
+#define sk_GENERAL_NAME_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_GENERAL_NAME_sk_type(sk), ossl_check_GENERAL_NAME_type(ptr))
+#define sk_GENERAL_NAME_pop(sk) ((GENERAL_NAME *)OPENSSL_sk_pop(ossl_check_GENERAL_NAME_sk_type(sk)))
+#define sk_GENERAL_NAME_shift(sk) ((GENERAL_NAME *)OPENSSL_sk_shift(ossl_check_GENERAL_NAME_sk_type(sk)))
+#define sk_GENERAL_NAME_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_GENERAL_NAME_sk_type(sk),ossl_check_GENERAL_NAME_freefunc_type(freefunc))
+#define sk_GENERAL_NAME_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_GENERAL_NAME_sk_type(sk), ossl_check_GENERAL_NAME_type(ptr), (idx))
+#define sk_GENERAL_NAME_set(sk, idx, ptr) ((GENERAL_NAME *)OPENSSL_sk_set(ossl_check_GENERAL_NAME_sk_type(sk), (idx), ossl_check_GENERAL_NAME_type(ptr)))
+#define sk_GENERAL_NAME_find(sk, ptr) OPENSSL_sk_find(ossl_check_GENERAL_NAME_sk_type(sk), ossl_check_GENERAL_NAME_type(ptr))
+#define sk_GENERAL_NAME_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_GENERAL_NAME_sk_type(sk), ossl_check_GENERAL_NAME_type(ptr))
+#define sk_GENERAL_NAME_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_GENERAL_NAME_sk_type(sk), ossl_check_GENERAL_NAME_type(ptr), pnum)
+#define sk_GENERAL_NAME_sort(sk) OPENSSL_sk_sort(ossl_check_GENERAL_NAME_sk_type(sk))
+#define sk_GENERAL_NAME_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_GENERAL_NAME_sk_type(sk))
+#define sk_GENERAL_NAME_dup(sk) ((STACK_OF(GENERAL_NAME) *)OPENSSL_sk_dup(ossl_check_const_GENERAL_NAME_sk_type(sk)))
+#define sk_GENERAL_NAME_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(GENERAL_NAME) *)OPENSSL_sk_deep_copy(ossl_check_const_GENERAL_NAME_sk_type(sk), ossl_check_GENERAL_NAME_copyfunc_type(copyfunc), ossl_check_GENERAL_NAME_freefunc_type(freefunc)))
+#define sk_GENERAL_NAME_set_cmp_func(sk, cmp) ((sk_GENERAL_NAME_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_GENERAL_NAME_sk_type(sk), ossl_check_GENERAL_NAME_compfunc_type(cmp)))
+
typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
typedef STACK_OF(ASN1_OBJECT) EXTENDED_KEY_USAGE;
typedef STACK_OF(ASN1_INTEGER) TLS_FEATURE;
typedef STACK_OF(GENERAL_NAME) GENERAL_NAMES;
-DEFINE_OR_DECLARE_STACK_OF(GENERAL_NAMES)
+SKM_DEFINE_STACK_OF_INTERNAL(GENERAL_NAMES, GENERAL_NAMES, GENERAL_NAMES)
+#define sk_GENERAL_NAMES_num(sk) OPENSSL_sk_num(ossl_check_const_GENERAL_NAMES_sk_type(sk))
+#define sk_GENERAL_NAMES_value(sk, idx) ((GENERAL_NAMES *)OPENSSL_sk_value(ossl_check_const_GENERAL_NAMES_sk_type(sk), (idx)))
+#define sk_GENERAL_NAMES_new(cmp) ((STACK_OF(GENERAL_NAMES) *)OPENSSL_sk_new(ossl_check_GENERAL_NAMES_compfunc_type(cmp)))
+#define sk_GENERAL_NAMES_new_null() ((STACK_OF(GENERAL_NAMES) *)OPENSSL_sk_new_null())
+#define sk_GENERAL_NAMES_new_reserve(cmp, n) ((STACK_OF(GENERAL_NAMES) *)OPENSSL_sk_new_reserve(ossl_check_GENERAL_NAMES_compfunc_type(cmp), (n)))
+#define sk_GENERAL_NAMES_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_GENERAL_NAMES_sk_type(sk), (n))
+#define sk_GENERAL_NAMES_free(sk) OPENSSL_sk_free(ossl_check_GENERAL_NAMES_sk_type(sk))
+#define sk_GENERAL_NAMES_zero(sk) OPENSSL_sk_zero(ossl_check_GENERAL_NAMES_sk_type(sk))
+#define sk_GENERAL_NAMES_delete(sk, i) ((GENERAL_NAMES *)OPENSSL_sk_delete(ossl_check_GENERAL_NAMES_sk_type(sk), (i)))
+#define sk_GENERAL_NAMES_delete_ptr(sk, ptr) ((GENERAL_NAMES *)OPENSSL_sk_delete_ptr(ossl_check_GENERAL_NAMES_sk_type(sk), ossl_check_GENERAL_NAMES_type(ptr)))
+#define sk_GENERAL_NAMES_push(sk, ptr) OPENSSL_sk_push(ossl_check_GENERAL_NAMES_sk_type(sk), ossl_check_GENERAL_NAMES_type(ptr))
+#define sk_GENERAL_NAMES_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_GENERAL_NAMES_sk_type(sk), ossl_check_GENERAL_NAMES_type(ptr))
+#define sk_GENERAL_NAMES_pop(sk) ((GENERAL_NAMES *)OPENSSL_sk_pop(ossl_check_GENERAL_NAMES_sk_type(sk)))
+#define sk_GENERAL_NAMES_shift(sk) ((GENERAL_NAMES *)OPENSSL_sk_shift(ossl_check_GENERAL_NAMES_sk_type(sk)))
+#define sk_GENERAL_NAMES_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_GENERAL_NAMES_sk_type(sk),ossl_check_GENERAL_NAMES_freefunc_type(freefunc))
+#define sk_GENERAL_NAMES_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_GENERAL_NAMES_sk_type(sk), ossl_check_GENERAL_NAMES_type(ptr), (idx))
+#define sk_GENERAL_NAMES_set(sk, idx, ptr) ((GENERAL_NAMES *)OPENSSL_sk_set(ossl_check_GENERAL_NAMES_sk_type(sk), (idx), ossl_check_GENERAL_NAMES_type(ptr)))
+#define sk_GENERAL_NAMES_find(sk, ptr) OPENSSL_sk_find(ossl_check_GENERAL_NAMES_sk_type(sk), ossl_check_GENERAL_NAMES_type(ptr))
+#define sk_GENERAL_NAMES_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_GENERAL_NAMES_sk_type(sk), ossl_check_GENERAL_NAMES_type(ptr))
+#define sk_GENERAL_NAMES_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_GENERAL_NAMES_sk_type(sk), ossl_check_GENERAL_NAMES_type(ptr), pnum)
+#define sk_GENERAL_NAMES_sort(sk) OPENSSL_sk_sort(ossl_check_GENERAL_NAMES_sk_type(sk))
+#define sk_GENERAL_NAMES_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_GENERAL_NAMES_sk_type(sk))
+#define sk_GENERAL_NAMES_dup(sk) ((STACK_OF(GENERAL_NAMES) *)OPENSSL_sk_dup(ossl_check_const_GENERAL_NAMES_sk_type(sk)))
+#define sk_GENERAL_NAMES_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(GENERAL_NAMES) *)OPENSSL_sk_deep_copy(ossl_check_const_GENERAL_NAMES_sk_type(sk), ossl_check_GENERAL_NAMES_copyfunc_type(copyfunc), ossl_check_GENERAL_NAMES_freefunc_type(freefunc)))
+#define sk_GENERAL_NAMES_set_cmp_func(sk, cmp) ((sk_GENERAL_NAMES_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_GENERAL_NAMES_sk_type(sk), ossl_check_GENERAL_NAMES_compfunc_type(cmp)))
+
typedef struct DIST_POINT_NAME_st {
int type;
@@ -204,7 +316,33 @@ struct DIST_POINT_st {
int dp_reasons;
};
-DEFINE_OR_DECLARE_STACK_OF(DIST_POINT)
+SKM_DEFINE_STACK_OF_INTERNAL(DIST_POINT, DIST_POINT, DIST_POINT)
+#define sk_DIST_POINT_num(sk) OPENSSL_sk_num(ossl_check_const_DIST_POINT_sk_type(sk))
+#define sk_DIST_POINT_value(sk, idx) ((DIST_POINT *)OPENSSL_sk_value(ossl_check_const_DIST_POINT_sk_type(sk), (idx)))
+#define sk_DIST_POINT_new(cmp) ((STACK_OF(DIST_POINT) *)OPENSSL_sk_new(ossl_check_DIST_POINT_compfunc_type(cmp)))
+#define sk_DIST_POINT_new_null() ((STACK_OF(DIST_POINT) *)OPENSSL_sk_new_null())
+#define sk_DIST_POINT_new_reserve(cmp, n) ((STACK_OF(DIST_POINT) *)OPENSSL_sk_new_reserve(ossl_check_DIST_POINT_compfunc_type(cmp), (n)))
+#define sk_DIST_POINT_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_DIST_POINT_sk_type(sk), (n))
+#define sk_DIST_POINT_free(sk) OPENSSL_sk_free(ossl_check_DIST_POINT_sk_type(sk))
+#define sk_DIST_POINT_zero(sk) OPENSSL_sk_zero(ossl_check_DIST_POINT_sk_type(sk))
+#define sk_DIST_POINT_delete(sk, i) ((DIST_POINT *)OPENSSL_sk_delete(ossl_check_DIST_POINT_sk_type(sk), (i)))
+#define sk_DIST_POINT_delete_ptr(sk, ptr) ((DIST_POINT *)OPENSSL_sk_delete_ptr(ossl_check_DIST_POINT_sk_type(sk), ossl_check_DIST_POINT_type(ptr)))
+#define sk_DIST_POINT_push(sk, ptr) OPENSSL_sk_push(ossl_check_DIST_POINT_sk_type(sk), ossl_check_DIST_POINT_type(ptr))
+#define sk_DIST_POINT_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_DIST_POINT_sk_type(sk), ossl_check_DIST_POINT_type(ptr))
+#define sk_DIST_POINT_pop(sk) ((DIST_POINT *)OPENSSL_sk_pop(ossl_check_DIST_POINT_sk_type(sk)))
+#define sk_DIST_POINT_shift(sk) ((DIST_POINT *)OPENSSL_sk_shift(ossl_check_DIST_POINT_sk_type(sk)))
+#define sk_DIST_POINT_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_DIST_POINT_sk_type(sk),ossl_check_DIST_POINT_freefunc_type(freefunc))
+#define sk_DIST_POINT_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_DIST_POINT_sk_type(sk), ossl_check_DIST_POINT_type(ptr), (idx))
+#define sk_DIST_POINT_set(sk, idx, ptr) ((DIST_POINT *)OPENSSL_sk_set(ossl_check_DIST_POINT_sk_type(sk), (idx), ossl_check_DIST_POINT_type(ptr)))
+#define sk_DIST_POINT_find(sk, ptr) OPENSSL_sk_find(ossl_check_DIST_POINT_sk_type(sk), ossl_check_DIST_POINT_type(ptr))
+#define sk_DIST_POINT_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_DIST_POINT_sk_type(sk), ossl_check_DIST_POINT_type(ptr))
+#define sk_DIST_POINT_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_DIST_POINT_sk_type(sk), ossl_check_DIST_POINT_type(ptr), pnum)
+#define sk_DIST_POINT_sort(sk) OPENSSL_sk_sort(ossl_check_DIST_POINT_sk_type(sk))
+#define sk_DIST_POINT_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_DIST_POINT_sk_type(sk))
+#define sk_DIST_POINT_dup(sk) ((STACK_OF(DIST_POINT) *)OPENSSL_sk_dup(ossl_check_const_DIST_POINT_sk_type(sk)))
+#define sk_DIST_POINT_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(DIST_POINT) *)OPENSSL_sk_deep_copy(ossl_check_const_DIST_POINT_sk_type(sk), ossl_check_DIST_POINT_copyfunc_type(copyfunc), ossl_check_DIST_POINT_freefunc_type(freefunc)))
+#define sk_DIST_POINT_set_cmp_func(sk, cmp) ((sk_DIST_POINT_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_DIST_POINT_sk_type(sk), ossl_check_DIST_POINT_compfunc_type(cmp)))
+
typedef STACK_OF(DIST_POINT) CRL_DIST_POINTS;
@@ -221,7 +359,34 @@ typedef struct SXNET_ID_st {
ASN1_OCTET_STRING *user;
} SXNETID;
-DEFINE_OR_DECLARE_STACK_OF(SXNETID)
+SKM_DEFINE_STACK_OF_INTERNAL(SXNETID, SXNETID, SXNETID)
+#define sk_SXNETID_num(sk) OPENSSL_sk_num(ossl_check_const_SXNETID_sk_type(sk))
+#define sk_SXNETID_value(sk, idx) ((SXNETID *)OPENSSL_sk_value(ossl_check_const_SXNETID_sk_type(sk), (idx)))
+#define sk_SXNETID_new(cmp) ((STACK_OF(SXNETID) *)OPENSSL_sk_new(ossl_check_SXNETID_compfunc_type(cmp)))
+#define sk_SXNETID_new_null() ((STACK_OF(SXNETID) *)OPENSSL_sk_new_null())
+#define sk_SXNETID_new_reserve(cmp, n) ((STACK_OF(SXNETID) *)OPENSSL_sk_new_reserve(ossl_check_SXNETID_compfunc_type(cmp), (n)))
+#define sk_SXNETID_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_SXNETID_sk_type(sk), (n))
+#define sk_SXNETID_free(sk) OPENSSL_sk_free(ossl_check_SXNETID_sk_type(sk))
+#define sk_SXNETID_zero(sk) OPENSSL_sk_zero(ossl_check_SXNETID_sk_type(sk))
+#define sk_SXNETID_delete(sk, i) ((SXNETID *)OPENSSL_sk_delete(ossl_check_SXNETID_sk_type(sk), (i)))
+#define sk_SXNETID_delete_ptr(sk, ptr) ((SXNETID *)OPENSSL_sk_delete_ptr(ossl_check_SXNETID_sk_type(sk), ossl_check_SXNETID_type(ptr)))
+#define sk_SXNETID_push(sk, ptr) OPENSSL_sk_push(ossl_check_SXNETID_sk_type(sk), ossl_check_SXNETID_type(ptr))
+#define sk_SXNETID_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_SXNETID_sk_type(sk), ossl_check_SXNETID_type(ptr))
+#define sk_SXNETID_pop(sk) ((SXNETID *)OPENSSL_sk_pop(ossl_check_SXNETID_sk_type(sk)))
+#define sk_SXNETID_shift(sk) ((SXNETID *)OPENSSL_sk_shift(ossl_check_SXNETID_sk_type(sk)))
+#define sk_SXNETID_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_SXNETID_sk_type(sk),ossl_check_SXNETID_freefunc_type(freefunc))
+#define sk_SXNETID_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_SXNETID_sk_type(sk), ossl_check_SXNETID_type(ptr), (idx))
+#define sk_SXNETID_set(sk, idx, ptr) ((SXNETID *)OPENSSL_sk_set(ossl_check_SXNETID_sk_type(sk), (idx), ossl_check_SXNETID_type(ptr)))
+#define sk_SXNETID_find(sk, ptr) OPENSSL_sk_find(ossl_check_SXNETID_sk_type(sk), ossl_check_SXNETID_type(ptr))
+#define sk_SXNETID_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_SXNETID_sk_type(sk), ossl_check_SXNETID_type(ptr))
+#define sk_SXNETID_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_SXNETID_sk_type(sk), ossl_check_SXNETID_type(ptr), pnum)
+#define sk_SXNETID_sort(sk) OPENSSL_sk_sort(ossl_check_SXNETID_sk_type(sk))
+#define sk_SXNETID_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_SXNETID_sk_type(sk))
+#define sk_SXNETID_dup(sk) ((STACK_OF(SXNETID) *)OPENSSL_sk_dup(ossl_check_const_SXNETID_sk_type(sk)))
+#define sk_SXNETID_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(SXNETID) *)OPENSSL_sk_deep_copy(ossl_check_const_SXNETID_sk_type(sk), ossl_check_SXNETID_copyfunc_type(copyfunc), ossl_check_SXNETID_freefunc_type(freefunc)))
+#define sk_SXNETID_set_cmp_func(sk, cmp) ((sk_SXNETID_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_SXNETID_sk_type(sk), ossl_check_SXNETID_compfunc_type(cmp)))
+
+
typedef struct SXNET_st {
ASN1_INTEGER *version;
@@ -254,14 +419,67 @@ typedef struct POLICYQUALINFO_st {
} d;
} POLICYQUALINFO;
-DEFINE_OR_DECLARE_STACK_OF(POLICYQUALINFO)
+SKM_DEFINE_STACK_OF_INTERNAL(POLICYQUALINFO, POLICYQUALINFO, POLICYQUALINFO)
+#define sk_POLICYQUALINFO_num(sk) OPENSSL_sk_num(ossl_check_const_POLICYQUALINFO_sk_type(sk))
+#define sk_POLICYQUALINFO_value(sk, idx) ((POLICYQUALINFO *)OPENSSL_sk_value(ossl_check_const_POLICYQUALINFO_sk_type(sk), (idx)))
+#define sk_POLICYQUALINFO_new(cmp) ((STACK_OF(POLICYQUALINFO) *)OPENSSL_sk_new(ossl_check_POLICYQUALINFO_compfunc_type(cmp)))
+#define sk_POLICYQUALINFO_new_null() ((STACK_OF(POLICYQUALINFO) *)OPENSSL_sk_new_null())
+#define sk_POLICYQUALINFO_new_reserve(cmp, n) ((STACK_OF(POLICYQUALINFO) *)OPENSSL_sk_new_reserve(ossl_check_POLICYQUALINFO_compfunc_type(cmp), (n)))
+#define sk_POLICYQUALINFO_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_POLICYQUALINFO_sk_type(sk), (n))
+#define sk_POLICYQUALINFO_free(sk) OPENSSL_sk_free(ossl_check_POLICYQUALINFO_sk_type(sk))
+#define sk_POLICYQUALINFO_zero(sk) OPENSSL_sk_zero(ossl_check_POLICYQUALINFO_sk_type(sk))
+#define sk_POLICYQUALINFO_delete(sk, i) ((POLICYQUALINFO *)OPENSSL_sk_delete(ossl_check_POLICYQUALINFO_sk_type(sk), (i)))
+#define sk_POLICYQUALINFO_delete_ptr(sk, ptr) ((POLICYQUALINFO *)OPENSSL_sk_delete_ptr(ossl_check_POLICYQUALINFO_sk_type(sk), ossl_check_POLICYQUALINFO_type(ptr)))
+#define sk_POLICYQUALINFO_push(sk, ptr) OPENSSL_sk_push(ossl_check_POLICYQUALINFO_sk_type(sk), ossl_check_POLICYQUALINFO_type(ptr))
+#define sk_POLICYQUALINFO_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_POLICYQUALINFO_sk_type(sk), ossl_check_POLICYQUALINFO_type(ptr))
+#define sk_POLICYQUALINFO_pop(sk) ((POLICYQUALINFO *)OPENSSL_sk_pop(ossl_check_POLICYQUALINFO_sk_type(sk)))
+#define sk_POLICYQUALINFO_shift(sk) ((POLICYQUALINFO *)OPENSSL_sk_shift(ossl_check_POLICYQUALINFO_sk_type(sk)))
+#define sk_POLICYQUALINFO_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_POLICYQUALINFO_sk_type(sk),ossl_check_POLICYQUALINFO_freefunc_type(freefunc))
+#define sk_POLICYQUALINFO_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_POLICYQUALINFO_sk_type(sk), ossl_check_POLICYQUALINFO_type(ptr), (idx))
+#define sk_POLICYQUALINFO_set(sk, idx, ptr) ((POLICYQUALINFO *)OPENSSL_sk_set(ossl_check_POLICYQUALINFO_sk_type(sk), (idx), ossl_check_POLICYQUALINFO_type(ptr)))
+#define sk_POLICYQUALINFO_find(sk, ptr) OPENSSL_sk_find(ossl_check_POLICYQUALINFO_sk_type(sk), ossl_check_POLICYQUALINFO_type(ptr))
+#define sk_POLICYQUALINFO_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_POLICYQUALINFO_sk_type(sk), ossl_check_POLICYQUALINFO_type(ptr))
+#define sk_POLICYQUALINFO_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_POLICYQUALINFO_sk_type(sk), ossl_check_POLICYQUALINFO_type(ptr), pnum)
+#define sk_POLICYQUALINFO_sort(sk) OPENSSL_sk_sort(ossl_check_POLICYQUALINFO_sk_type(sk))
+#define sk_POLICYQUALINFO_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_POLICYQUALINFO_sk_type(sk))
+#define sk_POLICYQUALINFO_dup(sk) ((STACK_OF(POLICYQUALINFO) *)OPENSSL_sk_dup(ossl_check_const_POLICYQUALINFO_sk_type(sk)))
+#define sk_POLICYQUALINFO_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(POLICYQUALINFO) *)OPENSSL_sk_deep_copy(ossl_check_const_POLICYQUALINFO_sk_type(sk), ossl_check_POLICYQUALINFO_copyfunc_type(copyfunc), ossl_check_POLICYQUALINFO_freefunc_type(freefunc)))
+#define sk_POLICYQUALINFO_set_cmp_func(sk, cmp) ((sk_POLICYQUALINFO_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_POLICYQUALINFO_sk_type(sk), ossl_check_POLICYQUALINFO_compfunc_type(cmp)))
+
+
typedef struct POLICYINFO_st {
ASN1_OBJECT *policyid;
STACK_OF(POLICYQUALINFO) *qualifiers;
} POLICYINFO;
-DEFINE_OR_DECLARE_STACK_OF(POLICYINFO)
+SKM_DEFINE_STACK_OF_INTERNAL(POLICYINFO, POLICYINFO, POLICYINFO)
+#define sk_POLICYINFO_num(sk) OPENSSL_sk_num(ossl_check_const_POLICYINFO_sk_type(sk))
+#define sk_POLICYINFO_value(sk, idx) ((POLICYINFO *)OPENSSL_sk_value(ossl_check_const_POLICYINFO_sk_type(sk), (idx)))
+#define sk_POLICYINFO_new(cmp) ((STACK_OF(POLICYINFO) *)OPENSSL_sk_new(ossl_check_POLICYINFO_compfunc_type(cmp)))
+#define sk_POLICYINFO_new_null() ((STACK_OF(POLICYINFO) *)OPENSSL_sk_new_null())
+#define sk_POLICYINFO_new_reserve(cmp, n) ((STACK_OF(POLICYINFO) *)OPENSSL_sk_new_reserve(ossl_check_POLICYINFO_compfunc_type(cmp), (n)))
+#define sk_POLICYINFO_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_POLICYINFO_sk_type(sk), (n))
+#define sk_POLICYINFO_free(sk) OPENSSL_sk_free(ossl_check_POLICYINFO_sk_type(sk))
+#define sk_POLICYINFO_zero(sk) OPENSSL_sk_zero(ossl_check_POLICYINFO_sk_type(sk))
+#define sk_POLICYINFO_delete(sk, i) ((POLICYINFO *)OPENSSL_sk_delete(ossl_check_POLICYINFO_sk_type(sk), (i)))
+#define sk_POLICYINFO_delete_ptr(sk, ptr) ((POLICYINFO *)OPENSSL_sk_delete_ptr(ossl_check_POLICYINFO_sk_type(sk), ossl_check_POLICYINFO_type(ptr)))
+#define sk_POLICYINFO_push(sk, ptr) OPENSSL_sk_push(ossl_check_POLICYINFO_sk_type(sk), ossl_check_POLICYINFO_type(ptr))
+#define sk_POLICYINFO_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_POLICYINFO_sk_type(sk), ossl_check_POLICYINFO_type(ptr))
+#define sk_POLICYINFO_pop(sk) ((POLICYINFO *)OPENSSL_sk_pop(ossl_check_POLICYINFO_sk_type(sk)))
+#define sk_POLICYINFO_shift(sk) ((POLICYINFO *)OPENSSL_sk_shift(ossl_check_POLICYINFO_sk_type(sk)))
+#define sk_POLICYINFO_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_POLICYINFO_sk_type(sk),ossl_check_POLICYINFO_freefunc_type(freefunc))
+#define sk_POLICYINFO_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_POLICYINFO_sk_type(sk), ossl_check_POLICYINFO_type(ptr), (idx))
+#define sk_POLICYINFO_set(sk, idx, ptr) ((POLICYINFO *)OPENSSL_sk_set(ossl_check_POLICYINFO_sk_type(sk), (idx), ossl_check_POLICYINFO_type(ptr)))
+#define sk_POLICYINFO_find(sk, ptr) OPENSSL_sk_find(ossl_check_POLICYINFO_sk_type(sk), ossl_check_POLICYINFO_type(ptr))
+#define sk_POLICYINFO_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_POLICYINFO_sk_type(sk), ossl_check_POLICYINFO_type(ptr))
+#define sk_POLICYINFO_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_POLICYINFO_sk_type(sk), ossl_check_POLICYINFO_type(ptr), pnum)
+#define sk_POLICYINFO_sort(sk) OPENSSL_sk_sort(ossl_check_POLICYINFO_sk_type(sk))
+#define sk_POLICYINFO_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_POLICYINFO_sk_type(sk))
+#define sk_POLICYINFO_dup(sk) ((STACK_OF(POLICYINFO) *)OPENSSL_sk_dup(ossl_check_const_POLICYINFO_sk_type(sk)))
+#define sk_POLICYINFO_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(POLICYINFO) *)OPENSSL_sk_deep_copy(ossl_check_const_POLICYINFO_sk_type(sk), ossl_check_POLICYINFO_copyfunc_type(copyfunc), ossl_check_POLICYINFO_freefunc_type(freefunc)))
+#define sk_POLICYINFO_set_cmp_func(sk, cmp) ((sk_POLICYINFO_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_POLICYINFO_sk_type(sk), ossl_check_POLICYINFO_compfunc_type(cmp)))
+
typedef STACK_OF(POLICYINFO) CERTIFICATEPOLICIES;
@@ -270,7 +488,33 @@ typedef struct POLICY_MAPPING_st {
ASN1_OBJECT *subjectDomainPolicy;
} POLICY_MAPPING;
-DEFINE_OR_DECLARE_STACK_OF(POLICY_MAPPING)
+SKM_DEFINE_STACK_OF_INTERNAL(POLICY_MAPPING, POLICY_MAPPING, POLICY_MAPPING)
+#define sk_POLICY_MAPPING_num(sk) OPENSSL_sk_num(ossl_check_const_POLICY_MAPPING_sk_type(sk))
+#define sk_POLICY_MAPPING_value(sk, idx) ((POLICY_MAPPING *)OPENSSL_sk_value(ossl_check_const_POLICY_MAPPING_sk_type(sk), (idx)))
+#define sk_POLICY_MAPPING_new(cmp) ((STACK_OF(POLICY_MAPPING) *)OPENSSL_sk_new(ossl_check_POLICY_MAPPING_compfunc_type(cmp)))
+#define sk_POLICY_MAPPING_new_null() ((STACK_OF(POLICY_MAPPING) *)OPENSSL_sk_new_null())
+#define sk_POLICY_MAPPING_new_reserve(cmp, n) ((STACK_OF(POLICY_MAPPING) *)OPENSSL_sk_new_reserve(ossl_check_POLICY_MAPPING_compfunc_type(cmp), (n)))
+#define sk_POLICY_MAPPING_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_POLICY_MAPPING_sk_type(sk), (n))
+#define sk_POLICY_MAPPING_free(sk) OPENSSL_sk_free(ossl_check_POLICY_MAPPING_sk_type(sk))
+#define sk_POLICY_MAPPING_zero(sk) OPENSSL_sk_zero(ossl_check_POLICY_MAPPING_sk_type(sk))
+#define sk_POLICY_MAPPING_delete(sk, i) ((POLICY_MAPPING *)OPENSSL_sk_delete(ossl_check_POLICY_MAPPING_sk_type(sk), (i)))
+#define sk_POLICY_MAPPING_delete_ptr(sk, ptr) ((POLICY_MAPPING *)OPENSSL_sk_delete_ptr(ossl_check_POLICY_MAPPING_sk_type(sk), ossl_check_POLICY_MAPPING_type(ptr)))
+#define sk_POLICY_MAPPING_push(sk, ptr) OPENSSL_sk_push(ossl_check_POLICY_MAPPING_sk_type(sk), ossl_check_POLICY_MAPPING_type(ptr))
+#define sk_POLICY_MAPPING_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_POLICY_MAPPING_sk_type(sk), ossl_check_POLICY_MAPPING_type(ptr))
+#define sk_POLICY_MAPPING_pop(sk) ((POLICY_MAPPING *)OPENSSL_sk_pop(ossl_check_POLICY_MAPPING_sk_type(sk)))
+#define sk_POLICY_MAPPING_shift(sk) ((POLICY_MAPPING *)OPENSSL_sk_shift(ossl_check_POLICY_MAPPING_sk_type(sk)))
+#define sk_POLICY_MAPPING_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_POLICY_MAPPING_sk_type(sk),ossl_check_POLICY_MAPPING_freefunc_type(freefunc))
+#define sk_POLICY_MAPPING_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_POLICY_MAPPING_sk_type(sk), ossl_check_POLICY_MAPPING_type(ptr), (idx))
+#define sk_POLICY_MAPPING_set(sk, idx, ptr) ((POLICY_MAPPING *)OPENSSL_sk_set(ossl_check_POLICY_MAPPING_sk_type(sk), (idx), ossl_check_POLICY_MAPPING_type(ptr)))
+#define sk_POLICY_MAPPING_find(sk, ptr) OPENSSL_sk_find(ossl_check_POLICY_MAPPING_sk_type(sk), ossl_check_POLICY_MAPPING_type(ptr))
+#define sk_POLICY_MAPPING_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_POLICY_MAPPING_sk_type(sk), ossl_check_POLICY_MAPPING_type(ptr))
+#define sk_POLICY_MAPPING_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_POLICY_MAPPING_sk_type(sk), ossl_check_POLICY_MAPPING_type(ptr), pnum)
+#define sk_POLICY_MAPPING_sort(sk) OPENSSL_sk_sort(ossl_check_POLICY_MAPPING_sk_type(sk))
+#define sk_POLICY_MAPPING_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_POLICY_MAPPING_sk_type(sk))
+#define sk_POLICY_MAPPING_dup(sk) ((STACK_OF(POLICY_MAPPING) *)OPENSSL_sk_dup(ossl_check_const_POLICY_MAPPING_sk_type(sk)))
+#define sk_POLICY_MAPPING_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(POLICY_MAPPING) *)OPENSSL_sk_deep_copy(ossl_check_const_POLICY_MAPPING_sk_type(sk), ossl_check_POLICY_MAPPING_copyfunc_type(copyfunc), ossl_check_POLICY_MAPPING_freefunc_type(freefunc)))
+#define sk_POLICY_MAPPING_set_cmp_func(sk, cmp) ((sk_POLICY_MAPPING_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_POLICY_MAPPING_sk_type(sk), ossl_check_POLICY_MAPPING_compfunc_type(cmp)))
+
typedef STACK_OF(POLICY_MAPPING) POLICY_MAPPINGS;
@@ -280,7 +524,33 @@ typedef struct GENERAL_SUBTREE_st {
ASN1_INTEGER *maximum;
} GENERAL_SUBTREE;
-DEFINE_OR_DECLARE_STACK_OF(GENERAL_SUBTREE)
+SKM_DEFINE_STACK_OF_INTERNAL(GENERAL_SUBTREE, GENERAL_SUBTREE, GENERAL_SUBTREE)
+#define sk_GENERAL_SUBTREE_num(sk) OPENSSL_sk_num(ossl_check_const_GENERAL_SUBTREE_sk_type(sk))
+#define sk_GENERAL_SUBTREE_value(sk, idx) ((GENERAL_SUBTREE *)OPENSSL_sk_value(ossl_check_const_GENERAL_SUBTREE_sk_type(sk), (idx)))
+#define sk_GENERAL_SUBTREE_new(cmp) ((STACK_OF(GENERAL_SUBTREE) *)OPENSSL_sk_new(ossl_check_GENERAL_SUBTREE_compfunc_type(cmp)))
+#define sk_GENERAL_SUBTREE_new_null() ((STACK_OF(GENERAL_SUBTREE) *)OPENSSL_sk_new_null())
+#define sk_GENERAL_SUBTREE_new_reserve(cmp, n) ((STACK_OF(GENERAL_SUBTREE) *)OPENSSL_sk_new_reserve(ossl_check_GENERAL_SUBTREE_compfunc_type(cmp), (n)))
+#define sk_GENERAL_SUBTREE_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_GENERAL_SUBTREE_sk_type(sk), (n))
+#define sk_GENERAL_SUBTREE_free(sk) OPENSSL_sk_free(ossl_check_GENERAL_SUBTREE_sk_type(sk))
+#define sk_GENERAL_SUBTREE_zero(sk) OPENSSL_sk_zero(ossl_check_GENERAL_SUBTREE_sk_type(sk))
+#define sk_GENERAL_SUBTREE_delete(sk, i) ((GENERAL_SUBTREE *)OPENSSL_sk_delete(ossl_check_GENERAL_SUBTREE_sk_type(sk), (i)))
+#define sk_GENERAL_SUBTREE_delete_ptr(sk, ptr) ((GENERAL_SUBTREE *)OPENSSL_sk_delete_ptr(ossl_check_GENERAL_SUBTREE_sk_type(sk), ossl_check_GENERAL_SUBTREE_type(ptr)))
+#define sk_GENERAL_SUBTREE_push(sk, ptr) OPENSSL_sk_push(ossl_check_GENERAL_SUBTREE_sk_type(sk), ossl_check_GENERAL_SUBTREE_type(ptr))
+#define sk_GENERAL_SUBTREE_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_GENERAL_SUBTREE_sk_type(sk), ossl_check_GENERAL_SUBTREE_type(ptr))
+#define sk_GENERAL_SUBTREE_pop(sk) ((GENERAL_SUBTREE *)OPENSSL_sk_pop(ossl_check_GENERAL_SUBTREE_sk_type(sk)))
+#define sk_GENERAL_SUBTREE_shift(sk) ((GENERAL_SUBTREE *)OPENSSL_sk_shift(ossl_check_GENERAL_SUBTREE_sk_type(sk)))
+#define sk_GENERAL_SUBTREE_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_GENERAL_SUBTREE_sk_type(sk),ossl_check_GENERAL_SUBTREE_freefunc_type(freefunc))
+#define sk_GENERAL_SUBTREE_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_GENERAL_SUBTREE_sk_type(sk), ossl_check_GENERAL_SUBTREE_type(ptr), (idx))
+#define sk_GENERAL_SUBTREE_set(sk, idx, ptr) ((GENERAL_SUBTREE *)OPENSSL_sk_set(ossl_check_GENERAL_SUBTREE_sk_type(sk), (idx), ossl_check_GENERAL_SUBTREE_type(ptr)))
+#define sk_GENERAL_SUBTREE_find(sk, ptr) OPENSSL_sk_find(ossl_check_GENERAL_SUBTREE_sk_type(sk), ossl_check_GENERAL_SUBTREE_type(ptr))
+#define sk_GENERAL_SUBTREE_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_GENERAL_SUBTREE_sk_type(sk), ossl_check_GENERAL_SUBTREE_type(ptr))
+#define sk_GENERAL_SUBTREE_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_GENERAL_SUBTREE_sk_type(sk), ossl_check_GENERAL_SUBTREE_type(ptr), pnum)
+#define sk_GENERAL_SUBTREE_sort(sk) OPENSSL_sk_sort(ossl_check_GENERAL_SUBTREE_sk_type(sk))
+#define sk_GENERAL_SUBTREE_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_GENERAL_SUBTREE_sk_type(sk))
+#define sk_GENERAL_SUBTREE_dup(sk) ((STACK_OF(GENERAL_SUBTREE) *)OPENSSL_sk_dup(ossl_check_const_GENERAL_SUBTREE_sk_type(sk)))
+#define sk_GENERAL_SUBTREE_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(GENERAL_SUBTREE) *)OPENSSL_sk_deep_copy(ossl_check_const_GENERAL_SUBTREE_sk_type(sk), ossl_check_GENERAL_SUBTREE_copyfunc_type(copyfunc), ossl_check_GENERAL_SUBTREE_freefunc_type(freefunc)))
+#define sk_GENERAL_SUBTREE_set_cmp_func(sk, cmp) ((sk_GENERAL_SUBTREE_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_GENERAL_SUBTREE_sk_type(sk), ossl_check_GENERAL_SUBTREE_compfunc_type(cmp)))
+
struct NAME_CONSTRAINTS_st {
STACK_OF(GENERAL_SUBTREE) *permittedSubtrees;
@@ -336,7 +606,7 @@ struct ISSUING_DIST_POINT_st {
",name:", (val)->name, ",value:", (val)->value)
# define X509V3_set_ctx_test(ctx) \
- X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST)
+ X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, X509V3_CTX_TEST)
# define X509V3_set_ctx_nodb(ctx) (ctx)->db = NULL;
# define EXT_BITSTRING(nid, table) { nid, 0, ASN1_ITEM_ref(ASN1_BIT_STRING), \
@@ -354,6 +624,13 @@ struct ISSUING_DIST_POINT_st {
0,0,0,0, \
NULL}
+#define EXT_UTF8STRING(nid) { nid, 0, ASN1_ITEM_ref(ASN1_UTF8STRING), \
+ 0,0,0,0, \
+ (X509V3_EXT_I2S)i2s_ASN1_UTF8STRING, \
+ (X509V3_EXT_S2I)s2i_ASN1_UTF8STRING, \
+ 0,0,0,0, \
+ NULL}
+
# define EXT_END { -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}
/* X509_PURPOSE stuff */
@@ -364,8 +641,7 @@ struct ISSUING_DIST_POINT_st {
# define EXFLAG_NSCERT 0x8
# define EXFLAG_CA 0x10
-/* Really self issued not necessarily self signed */
-# define EXFLAG_SI 0x20
+# define EXFLAG_SI 0x20 /* self-issued, maybe not self-signed */
# define EXFLAG_V1 0x40
# define EXFLAG_INVALID 0x80
/* EXFLAG_SET is set to indicate that some values have been precomputed */
@@ -375,8 +651,13 @@ struct ISSUING_DIST_POINT_st {
# define EXFLAG_INVALID_POLICY 0x800
# define EXFLAG_FRESHEST 0x1000
-/* Self signed */
-# define EXFLAG_SS 0x2000
+# define EXFLAG_SS 0x2000 /* cert is apparently self-signed */
+
+# define EXFLAG_BCONS_CRITICAL 0x10000
+# define EXFLAG_AKID_CRITICAL 0x20000
+# define EXFLAG_SKID_CRITICAL 0x40000
+# define EXFLAG_SAN_CRITICAL 0x80000
+# define EXFLAG_NO_FINGERPRINT 0x100000
# define KU_DIGITAL_SIGNATURE 0x0080
# define KU_NON_REPUDIATION 0x0040
@@ -401,7 +682,7 @@ struct ISSUING_DIST_POINT_st {
# define XKU_SSL_CLIENT 0x2
# define XKU_SMIME 0x4
# define XKU_CODE_SIGN 0x8
-# define XKU_SGC 0x10
+# define XKU_SGC 0x10 /* Netscape or MS Server-Gated Crypto */
# define XKU_OCSP_SIGN 0x20
# define XKU_TIMESTAMP 0x40
# define XKU_DVCS 0x80
@@ -420,7 +701,34 @@ typedef struct x509_purpose_st {
void *usr_data;
} X509_PURPOSE;
-DEFINE_OR_DECLARE_STACK_OF(X509_PURPOSE)
+SKM_DEFINE_STACK_OF_INTERNAL(X509_PURPOSE, X509_PURPOSE, X509_PURPOSE)
+#define sk_X509_PURPOSE_num(sk) OPENSSL_sk_num(ossl_check_const_X509_PURPOSE_sk_type(sk))
+#define sk_X509_PURPOSE_value(sk, idx) ((X509_PURPOSE *)OPENSSL_sk_value(ossl_check_const_X509_PURPOSE_sk_type(sk), (idx)))
+#define sk_X509_PURPOSE_new(cmp) ((STACK_OF(X509_PURPOSE) *)OPENSSL_sk_new(ossl_check_X509_PURPOSE_compfunc_type(cmp)))
+#define sk_X509_PURPOSE_new_null() ((STACK_OF(X509_PURPOSE) *)OPENSSL_sk_new_null())
+#define sk_X509_PURPOSE_new_reserve(cmp, n) ((STACK_OF(X509_PURPOSE) *)OPENSSL_sk_new_reserve(ossl_check_X509_PURPOSE_compfunc_type(cmp), (n)))
+#define sk_X509_PURPOSE_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_X509_PURPOSE_sk_type(sk), (n))
+#define sk_X509_PURPOSE_free(sk) OPENSSL_sk_free(ossl_check_X509_PURPOSE_sk_type(sk))
+#define sk_X509_PURPOSE_zero(sk) OPENSSL_sk_zero(ossl_check_X509_PURPOSE_sk_type(sk))
+#define sk_X509_PURPOSE_delete(sk, i) ((X509_PURPOSE *)OPENSSL_sk_delete(ossl_check_X509_PURPOSE_sk_type(sk), (i)))
+#define sk_X509_PURPOSE_delete_ptr(sk, ptr) ((X509_PURPOSE *)OPENSSL_sk_delete_ptr(ossl_check_X509_PURPOSE_sk_type(sk), ossl_check_X509_PURPOSE_type(ptr)))
+#define sk_X509_PURPOSE_push(sk, ptr) OPENSSL_sk_push(ossl_check_X509_PURPOSE_sk_type(sk), ossl_check_X509_PURPOSE_type(ptr))
+#define sk_X509_PURPOSE_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_X509_PURPOSE_sk_type(sk), ossl_check_X509_PURPOSE_type(ptr))
+#define sk_X509_PURPOSE_pop(sk) ((X509_PURPOSE *)OPENSSL_sk_pop(ossl_check_X509_PURPOSE_sk_type(sk)))
+#define sk_X509_PURPOSE_shift(sk) ((X509_PURPOSE *)OPENSSL_sk_shift(ossl_check_X509_PURPOSE_sk_type(sk)))
+#define sk_X509_PURPOSE_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_X509_PURPOSE_sk_type(sk),ossl_check_X509_PURPOSE_freefunc_type(freefunc))
+#define sk_X509_PURPOSE_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_X509_PURPOSE_sk_type(sk), ossl_check_X509_PURPOSE_type(ptr), (idx))
+#define sk_X509_PURPOSE_set(sk, idx, ptr) ((X509_PURPOSE *)OPENSSL_sk_set(ossl_check_X509_PURPOSE_sk_type(sk), (idx), ossl_check_X509_PURPOSE_type(ptr)))
+#define sk_X509_PURPOSE_find(sk, ptr) OPENSSL_sk_find(ossl_check_X509_PURPOSE_sk_type(sk), ossl_check_X509_PURPOSE_type(ptr))
+#define sk_X509_PURPOSE_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_X509_PURPOSE_sk_type(sk), ossl_check_X509_PURPOSE_type(ptr))
+#define sk_X509_PURPOSE_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_X509_PURPOSE_sk_type(sk), ossl_check_X509_PURPOSE_type(ptr), pnum)
+#define sk_X509_PURPOSE_sort(sk) OPENSSL_sk_sort(ossl_check_X509_PURPOSE_sk_type(sk))
+#define sk_X509_PURPOSE_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_X509_PURPOSE_sk_type(sk))
+#define sk_X509_PURPOSE_dup(sk) ((STACK_OF(X509_PURPOSE) *)OPENSSL_sk_dup(ossl_check_const_X509_PURPOSE_sk_type(sk)))
+#define sk_X509_PURPOSE_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(X509_PURPOSE) *)OPENSSL_sk_deep_copy(ossl_check_const_X509_PURPOSE_sk_type(sk), ossl_check_X509_PURPOSE_copyfunc_type(copyfunc), ossl_check_X509_PURPOSE_freefunc_type(freefunc)))
+#define sk_X509_PURPOSE_set_cmp_func(sk, cmp) ((sk_X509_PURPOSE_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_X509_PURPOSE_sk_type(sk), ossl_check_X509_PURPOSE_compfunc_type(cmp)))
+
+
# define X509_PURPOSE_SSL_CLIENT 1
# define X509_PURPOSE_SSL_SERVER 2
@@ -492,6 +800,9 @@ STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, ASN1_IA5STRING *ia5);
ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
X509V3_CTX *ctx, const char *str);
+char *i2s_ASN1_UTF8STRING(X509V3_EXT_METHOD *method, ASN1_UTF8STRING *utf8);
+ASN1_UTF8STRING *s2i_ASN1_UTF8STRING(X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx, const char *str);
STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
GENERAL_NAME *gen,
@@ -571,8 +882,6 @@ GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
X509V3_CTX *ctx, CONF_VALUE *cnf,
int is_nc);
-int X509v3_cache_extensions(X509 *x, OPENSSL_CTX *libctx, const char *propq);
-
void X509V3_conf_free(CONF_VALUE *val);
X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid,
@@ -614,6 +923,8 @@ void X509V3_string_free(X509V3_CTX *ctx, char *str);
void X509V3_section_free(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section);
void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject,
X509_REQ *req, X509_CRL *crl, int flags);
+/* For API backward compatibility, this is separate from X509V3_set_ctx(): */
+int X509V3_set_issuer_pkey(X509V3_CTX *ctx, EVP_PKEY *pkey);
int X509V3_add_value(const char *name, const char *value,
STACK_OF(CONF_VALUE) **extlist);
@@ -667,7 +978,7 @@ int X509_check_purpose(X509 *x, int id, int ca);
int X509_supported_extension(X509_EXTENSION *ex);
int X509_PURPOSE_set(int *p, int purpose);
int X509_check_issued(X509 *issuer, X509 *subject);
-int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid);
+int X509_check_akid(const X509 *issuer, const AUTHORITY_KEYID *akid);
void X509_set_proxy_flag(X509 *x);
void X509_set_proxy_pathlen(X509 *x, long l);
long X509_get_proxy_pathlen(X509 *x);
@@ -734,7 +1045,34 @@ int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE) *dn_sk,
unsigned long chtype);
void X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node, int indent);
-DEFINE_OR_DECLARE_STACK_OF(X509_POLICY_NODE)
+SKM_DEFINE_STACK_OF_INTERNAL(X509_POLICY_NODE, X509_POLICY_NODE, X509_POLICY_NODE)
+#define sk_X509_POLICY_NODE_num(sk) OPENSSL_sk_num(ossl_check_const_X509_POLICY_NODE_sk_type(sk))
+#define sk_X509_POLICY_NODE_value(sk, idx) ((X509_POLICY_NODE *)OPENSSL_sk_value(ossl_check_const_X509_POLICY_NODE_sk_type(sk), (idx)))
+#define sk_X509_POLICY_NODE_new(cmp) ((STACK_OF(X509_POLICY_NODE) *)OPENSSL_sk_new(ossl_check_X509_POLICY_NODE_compfunc_type(cmp)))
+#define sk_X509_POLICY_NODE_new_null() ((STACK_OF(X509_POLICY_NODE) *)OPENSSL_sk_new_null())
+#define sk_X509_POLICY_NODE_new_reserve(cmp, n) ((STACK_OF(X509_POLICY_NODE) *)OPENSSL_sk_new_reserve(ossl_check_X509_POLICY_NODE_compfunc_type(cmp), (n)))
+#define sk_X509_POLICY_NODE_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_X509_POLICY_NODE_sk_type(sk), (n))
+#define sk_X509_POLICY_NODE_free(sk) OPENSSL_sk_free(ossl_check_X509_POLICY_NODE_sk_type(sk))
+#define sk_X509_POLICY_NODE_zero(sk) OPENSSL_sk_zero(ossl_check_X509_POLICY_NODE_sk_type(sk))
+#define sk_X509_POLICY_NODE_delete(sk, i) ((X509_POLICY_NODE *)OPENSSL_sk_delete(ossl_check_X509_POLICY_NODE_sk_type(sk), (i)))
+#define sk_X509_POLICY_NODE_delete_ptr(sk, ptr) ((X509_POLICY_NODE *)OPENSSL_sk_delete_ptr(ossl_check_X509_POLICY_NODE_sk_type(sk), ossl_check_X509_POLICY_NODE_type(ptr)))
+#define sk_X509_POLICY_NODE_push(sk, ptr) OPENSSL_sk_push(ossl_check_X509_POLICY_NODE_sk_type(sk), ossl_check_X509_POLICY_NODE_type(ptr))
+#define sk_X509_POLICY_NODE_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_X509_POLICY_NODE_sk_type(sk), ossl_check_X509_POLICY_NODE_type(ptr))
+#define sk_X509_POLICY_NODE_pop(sk) ((X509_POLICY_NODE *)OPENSSL_sk_pop(ossl_check_X509_POLICY_NODE_sk_type(sk)))
+#define sk_X509_POLICY_NODE_shift(sk) ((X509_POLICY_NODE *)OPENSSL_sk_shift(ossl_check_X509_POLICY_NODE_sk_type(sk)))
+#define sk_X509_POLICY_NODE_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_X509_POLICY_NODE_sk_type(sk),ossl_check_X509_POLICY_NODE_freefunc_type(freefunc))
+#define sk_X509_POLICY_NODE_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_X509_POLICY_NODE_sk_type(sk), ossl_check_X509_POLICY_NODE_type(ptr), (idx))
+#define sk_X509_POLICY_NODE_set(sk, idx, ptr) ((X509_POLICY_NODE *)OPENSSL_sk_set(ossl_check_X509_POLICY_NODE_sk_type(sk), (idx), ossl_check_X509_POLICY_NODE_type(ptr)))
+#define sk_X509_POLICY_NODE_find(sk, ptr) OPENSSL_sk_find(ossl_check_X509_POLICY_NODE_sk_type(sk), ossl_check_X509_POLICY_NODE_type(ptr))
+#define sk_X509_POLICY_NODE_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_X509_POLICY_NODE_sk_type(sk), ossl_check_X509_POLICY_NODE_type(ptr))
+#define sk_X509_POLICY_NODE_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_X509_POLICY_NODE_sk_type(sk), ossl_check_X509_POLICY_NODE_type(ptr), pnum)
+#define sk_X509_POLICY_NODE_sort(sk) OPENSSL_sk_sort(ossl_check_X509_POLICY_NODE_sk_type(sk))
+#define sk_X509_POLICY_NODE_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_X509_POLICY_NODE_sk_type(sk))
+#define sk_X509_POLICY_NODE_dup(sk) ((STACK_OF(X509_POLICY_NODE) *)OPENSSL_sk_dup(ossl_check_const_X509_POLICY_NODE_sk_type(sk)))
+#define sk_X509_POLICY_NODE_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(X509_POLICY_NODE) *)OPENSSL_sk_deep_copy(ossl_check_const_X509_POLICY_NODE_sk_type(sk), ossl_check_X509_POLICY_NODE_copyfunc_type(copyfunc), ossl_check_X509_POLICY_NODE_freefunc_type(freefunc)))
+#define sk_X509_POLICY_NODE_set_cmp_func(sk, cmp) ((sk_X509_POLICY_NODE_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_X509_POLICY_NODE_sk_type(sk), ossl_check_X509_POLICY_NODE_compfunc_type(cmp)))
+
+
#ifndef OPENSSL_NO_RFC3779
typedef struct ASRange_st {
@@ -752,7 +1090,33 @@ typedef struct ASIdOrRange_st {
} u;
} ASIdOrRange;
-DEFINE_OR_DECLARE_STACK_OF(ASIdOrRange)
+SKM_DEFINE_STACK_OF_INTERNAL(ASIdOrRange, ASIdOrRange, ASIdOrRange)
+#define sk_ASIdOrRange_num(sk) OPENSSL_sk_num(ossl_check_const_ASIdOrRange_sk_type(sk))
+#define sk_ASIdOrRange_value(sk, idx) ((ASIdOrRange *)OPENSSL_sk_value(ossl_check_const_ASIdOrRange_sk_type(sk), (idx)))
+#define sk_ASIdOrRange_new(cmp) ((STACK_OF(ASIdOrRange) *)OPENSSL_sk_new(ossl_check_ASIdOrRange_compfunc_type(cmp)))
+#define sk_ASIdOrRange_new_null() ((STACK_OF(ASIdOrRange) *)OPENSSL_sk_new_null())
+#define sk_ASIdOrRange_new_reserve(cmp, n) ((STACK_OF(ASIdOrRange) *)OPENSSL_sk_new_reserve(ossl_check_ASIdOrRange_compfunc_type(cmp), (n)))
+#define sk_ASIdOrRange_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_ASIdOrRange_sk_type(sk), (n))
+#define sk_ASIdOrRange_free(sk) OPENSSL_sk_free(ossl_check_ASIdOrRange_sk_type(sk))
+#define sk_ASIdOrRange_zero(sk) OPENSSL_sk_zero(ossl_check_ASIdOrRange_sk_type(sk))
+#define sk_ASIdOrRange_delete(sk, i) ((ASIdOrRange *)OPENSSL_sk_delete(ossl_check_ASIdOrRange_sk_type(sk), (i)))
+#define sk_ASIdOrRange_delete_ptr(sk, ptr) ((ASIdOrRange *)OPENSSL_sk_delete_ptr(ossl_check_ASIdOrRange_sk_type(sk), ossl_check_ASIdOrRange_type(ptr)))
+#define sk_ASIdOrRange_push(sk, ptr) OPENSSL_sk_push(ossl_check_ASIdOrRange_sk_type(sk), ossl_check_ASIdOrRange_type(ptr))
+#define sk_ASIdOrRange_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_ASIdOrRange_sk_type(sk), ossl_check_ASIdOrRange_type(ptr))
+#define sk_ASIdOrRange_pop(sk) ((ASIdOrRange *)OPENSSL_sk_pop(ossl_check_ASIdOrRange_sk_type(sk)))
+#define sk_ASIdOrRange_shift(sk) ((ASIdOrRange *)OPENSSL_sk_shift(ossl_check_ASIdOrRange_sk_type(sk)))
+#define sk_ASIdOrRange_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_ASIdOrRange_sk_type(sk),ossl_check_ASIdOrRange_freefunc_type(freefunc))
+#define sk_ASIdOrRange_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_ASIdOrRange_sk_type(sk), ossl_check_ASIdOrRange_type(ptr), (idx))
+#define sk_ASIdOrRange_set(sk, idx, ptr) ((ASIdOrRange *)OPENSSL_sk_set(ossl_check_ASIdOrRange_sk_type(sk), (idx), ossl_check_ASIdOrRange_type(ptr)))
+#define sk_ASIdOrRange_find(sk, ptr) OPENSSL_sk_find(ossl_check_ASIdOrRange_sk_type(sk), ossl_check_ASIdOrRange_type(ptr))
+#define sk_ASIdOrRange_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_ASIdOrRange_sk_type(sk), ossl_check_ASIdOrRange_type(ptr))
+#define sk_ASIdOrRange_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_ASIdOrRange_sk_type(sk), ossl_check_ASIdOrRange_type(ptr), pnum)
+#define sk_ASIdOrRange_sort(sk) OPENSSL_sk_sort(ossl_check_ASIdOrRange_sk_type(sk))
+#define sk_ASIdOrRange_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_ASIdOrRange_sk_type(sk))
+#define sk_ASIdOrRange_dup(sk) ((STACK_OF(ASIdOrRange) *)OPENSSL_sk_dup(ossl_check_const_ASIdOrRange_sk_type(sk)))
+#define sk_ASIdOrRange_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(ASIdOrRange) *)OPENSSL_sk_deep_copy(ossl_check_const_ASIdOrRange_sk_type(sk), ossl_check_ASIdOrRange_copyfunc_type(copyfunc), ossl_check_ASIdOrRange_freefunc_type(freefunc)))
+#define sk_ASIdOrRange_set_cmp_func(sk, cmp) ((sk_ASIdOrRange_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_ASIdOrRange_sk_type(sk), ossl_check_ASIdOrRange_compfunc_type(cmp)))
+
typedef STACK_OF(ASIdOrRange) ASIdOrRanges;
@@ -791,7 +1155,33 @@ typedef struct IPAddressOrRange_st {
} u;
} IPAddressOrRange;
-DEFINE_OR_DECLARE_STACK_OF(IPAddressOrRange)
+SKM_DEFINE_STACK_OF_INTERNAL(IPAddressOrRange, IPAddressOrRange, IPAddressOrRange)
+#define sk_IPAddressOrRange_num(sk) OPENSSL_sk_num(ossl_check_const_IPAddressOrRange_sk_type(sk))
+#define sk_IPAddressOrRange_value(sk, idx) ((IPAddressOrRange *)OPENSSL_sk_value(ossl_check_const_IPAddressOrRange_sk_type(sk), (idx)))
+#define sk_IPAddressOrRange_new(cmp) ((STACK_OF(IPAddressOrRange) *)OPENSSL_sk_new(ossl_check_IPAddressOrRange_compfunc_type(cmp)))
+#define sk_IPAddressOrRange_new_null() ((STACK_OF(IPAddressOrRange) *)OPENSSL_sk_new_null())
+#define sk_IPAddressOrRange_new_reserve(cmp, n) ((STACK_OF(IPAddressOrRange) *)OPENSSL_sk_new_reserve(ossl_check_IPAddressOrRange_compfunc_type(cmp), (n)))
+#define sk_IPAddressOrRange_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_IPAddressOrRange_sk_type(sk), (n))
+#define sk_IPAddressOrRange_free(sk) OPENSSL_sk_free(ossl_check_IPAddressOrRange_sk_type(sk))
+#define sk_IPAddressOrRange_zero(sk) OPENSSL_sk_zero(ossl_check_IPAddressOrRange_sk_type(sk))
+#define sk_IPAddressOrRange_delete(sk, i) ((IPAddressOrRange *)OPENSSL_sk_delete(ossl_check_IPAddressOrRange_sk_type(sk), (i)))
+#define sk_IPAddressOrRange_delete_ptr(sk, ptr) ((IPAddressOrRange *)OPENSSL_sk_delete_ptr(ossl_check_IPAddressOrRange_sk_type(sk), ossl_check_IPAddressOrRange_type(ptr)))
+#define sk_IPAddressOrRange_push(sk, ptr) OPENSSL_sk_push(ossl_check_IPAddressOrRange_sk_type(sk), ossl_check_IPAddressOrRange_type(ptr))
+#define sk_IPAddressOrRange_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_IPAddressOrRange_sk_type(sk), ossl_check_IPAddressOrRange_type(ptr))
+#define sk_IPAddressOrRange_pop(sk) ((IPAddressOrRange *)OPENSSL_sk_pop(ossl_check_IPAddressOrRange_sk_type(sk)))
+#define sk_IPAddressOrRange_shift(sk) ((IPAddressOrRange *)OPENSSL_sk_shift(ossl_check_IPAddressOrRange_sk_type(sk)))
+#define sk_IPAddressOrRange_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_IPAddressOrRange_sk_type(sk),ossl_check_IPAddressOrRange_freefunc_type(freefunc))
+#define sk_IPAddressOrRange_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_IPAddressOrRange_sk_type(sk), ossl_check_IPAddressOrRange_type(ptr), (idx))
+#define sk_IPAddressOrRange_set(sk, idx, ptr) ((IPAddressOrRange *)OPENSSL_sk_set(ossl_check_IPAddressOrRange_sk_type(sk), (idx), ossl_check_IPAddressOrRange_type(ptr)))
+#define sk_IPAddressOrRange_find(sk, ptr) OPENSSL_sk_find(ossl_check_IPAddressOrRange_sk_type(sk), ossl_check_IPAddressOrRange_type(ptr))
+#define sk_IPAddressOrRange_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_IPAddressOrRange_sk_type(sk), ossl_check_IPAddressOrRange_type(ptr))
+#define sk_IPAddressOrRange_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_IPAddressOrRange_sk_type(sk), ossl_check_IPAddressOrRange_type(ptr), pnum)
+#define sk_IPAddressOrRange_sort(sk) OPENSSL_sk_sort(ossl_check_IPAddressOrRange_sk_type(sk))
+#define sk_IPAddressOrRange_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_IPAddressOrRange_sk_type(sk))
+#define sk_IPAddressOrRange_dup(sk) ((STACK_OF(IPAddressOrRange) *)OPENSSL_sk_dup(ossl_check_const_IPAddressOrRange_sk_type(sk)))
+#define sk_IPAddressOrRange_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(IPAddressOrRange) *)OPENSSL_sk_deep_copy(ossl_check_const_IPAddressOrRange_sk_type(sk), ossl_check_IPAddressOrRange_copyfunc_type(copyfunc), ossl_check_IPAddressOrRange_freefunc_type(freefunc)))
+#define sk_IPAddressOrRange_set_cmp_func(sk, cmp) ((sk_IPAddressOrRange_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_IPAddressOrRange_sk_type(sk), ossl_check_IPAddressOrRange_compfunc_type(cmp)))
+
typedef STACK_OF(IPAddressOrRange) IPAddressOrRanges;
@@ -811,7 +1201,34 @@ typedef struct IPAddressFamily_st {
IPAddressChoice *ipAddressChoice;
} IPAddressFamily;
-DEFINE_OR_DECLARE_STACK_OF(IPAddressFamily)
+SKM_DEFINE_STACK_OF_INTERNAL(IPAddressFamily, IPAddressFamily, IPAddressFamily)
+#define sk_IPAddressFamily_num(sk) OPENSSL_sk_num(ossl_check_const_IPAddressFamily_sk_type(sk))
+#define sk_IPAddressFamily_value(sk, idx) ((IPAddressFamily *)OPENSSL_sk_value(ossl_check_const_IPAddressFamily_sk_type(sk), (idx)))
+#define sk_IPAddressFamily_new(cmp) ((STACK_OF(IPAddressFamily) *)OPENSSL_sk_new(ossl_check_IPAddressFamily_compfunc_type(cmp)))
+#define sk_IPAddressFamily_new_null() ((STACK_OF(IPAddressFamily) *)OPENSSL_sk_new_null())
+#define sk_IPAddressFamily_new_reserve(cmp, n) ((STACK_OF(IPAddressFamily) *)OPENSSL_sk_new_reserve(ossl_check_IPAddressFamily_compfunc_type(cmp), (n)))
+#define sk_IPAddressFamily_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_IPAddressFamily_sk_type(sk), (n))
+#define sk_IPAddressFamily_free(sk) OPENSSL_sk_free(ossl_check_IPAddressFamily_sk_type(sk))
+#define sk_IPAddressFamily_zero(sk) OPENSSL_sk_zero(ossl_check_IPAddressFamily_sk_type(sk))
+#define sk_IPAddressFamily_delete(sk, i) ((IPAddressFamily *)OPENSSL_sk_delete(ossl_check_IPAddressFamily_sk_type(sk), (i)))
+#define sk_IPAddressFamily_delete_ptr(sk, ptr) ((IPAddressFamily *)OPENSSL_sk_delete_ptr(ossl_check_IPAddressFamily_sk_type(sk), ossl_check_IPAddressFamily_type(ptr)))
+#define sk_IPAddressFamily_push(sk, ptr) OPENSSL_sk_push(ossl_check_IPAddressFamily_sk_type(sk), ossl_check_IPAddressFamily_type(ptr))
+#define sk_IPAddressFamily_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_IPAddressFamily_sk_type(sk), ossl_check_IPAddressFamily_type(ptr))
+#define sk_IPAddressFamily_pop(sk) ((IPAddressFamily *)OPENSSL_sk_pop(ossl_check_IPAddressFamily_sk_type(sk)))
+#define sk_IPAddressFamily_shift(sk) ((IPAddressFamily *)OPENSSL_sk_shift(ossl_check_IPAddressFamily_sk_type(sk)))
+#define sk_IPAddressFamily_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_IPAddressFamily_sk_type(sk),ossl_check_IPAddressFamily_freefunc_type(freefunc))
+#define sk_IPAddressFamily_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_IPAddressFamily_sk_type(sk), ossl_check_IPAddressFamily_type(ptr), (idx))
+#define sk_IPAddressFamily_set(sk, idx, ptr) ((IPAddressFamily *)OPENSSL_sk_set(ossl_check_IPAddressFamily_sk_type(sk), (idx), ossl_check_IPAddressFamily_type(ptr)))
+#define sk_IPAddressFamily_find(sk, ptr) OPENSSL_sk_find(ossl_check_IPAddressFamily_sk_type(sk), ossl_check_IPAddressFamily_type(ptr))
+#define sk_IPAddressFamily_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_IPAddressFamily_sk_type(sk), ossl_check_IPAddressFamily_type(ptr))
+#define sk_IPAddressFamily_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_IPAddressFamily_sk_type(sk), ossl_check_IPAddressFamily_type(ptr), pnum)
+#define sk_IPAddressFamily_sort(sk) OPENSSL_sk_sort(ossl_check_IPAddressFamily_sk_type(sk))
+#define sk_IPAddressFamily_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_IPAddressFamily_sk_type(sk))
+#define sk_IPAddressFamily_dup(sk) ((STACK_OF(IPAddressFamily) *)OPENSSL_sk_dup(ossl_check_const_IPAddressFamily_sk_type(sk)))
+#define sk_IPAddressFamily_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(IPAddressFamily) *)OPENSSL_sk_deep_copy(ossl_check_const_IPAddressFamily_sk_type(sk), ossl_check_IPAddressFamily_copyfunc_type(copyfunc), ossl_check_IPAddressFamily_freefunc_type(freefunc)))
+#define sk_IPAddressFamily_set_cmp_func(sk, cmp) ((sk_IPAddressFamily_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_IPAddressFamily_sk_type(sk), ossl_check_IPAddressFamily_compfunc_type(cmp)))
+
+
typedef STACK_OF(IPAddressFamily) IPAddrBlocks;
@@ -885,7 +1302,33 @@ int X509v3_addr_validate_resource_set(STACK_OF(X509) *chain,
#endif /* OPENSSL_NO_RFC3779 */
-DEFINE_OR_DECLARE_STACK_OF(ASN1_STRING)
+SKM_DEFINE_STACK_OF_INTERNAL(ASN1_STRING, ASN1_STRING, ASN1_STRING)
+#define sk_ASN1_STRING_num(sk) OPENSSL_sk_num(ossl_check_const_ASN1_STRING_sk_type(sk))
+#define sk_ASN1_STRING_value(sk, idx) ((ASN1_STRING *)OPENSSL_sk_value(ossl_check_const_ASN1_STRING_sk_type(sk), (idx)))
+#define sk_ASN1_STRING_new(cmp) ((STACK_OF(ASN1_STRING) *)OPENSSL_sk_new(ossl_check_ASN1_STRING_compfunc_type(cmp)))
+#define sk_ASN1_STRING_new_null() ((STACK_OF(ASN1_STRING) *)OPENSSL_sk_new_null())
+#define sk_ASN1_STRING_new_reserve(cmp, n) ((STACK_OF(ASN1_STRING) *)OPENSSL_sk_new_reserve(ossl_check_ASN1_STRING_compfunc_type(cmp), (n)))
+#define sk_ASN1_STRING_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_ASN1_STRING_sk_type(sk), (n))
+#define sk_ASN1_STRING_free(sk) OPENSSL_sk_free(ossl_check_ASN1_STRING_sk_type(sk))
+#define sk_ASN1_STRING_zero(sk) OPENSSL_sk_zero(ossl_check_ASN1_STRING_sk_type(sk))
+#define sk_ASN1_STRING_delete(sk, i) ((ASN1_STRING *)OPENSSL_sk_delete(ossl_check_ASN1_STRING_sk_type(sk), (i)))
+#define sk_ASN1_STRING_delete_ptr(sk, ptr) ((ASN1_STRING *)OPENSSL_sk_delete_ptr(ossl_check_ASN1_STRING_sk_type(sk), ossl_check_ASN1_STRING_type(ptr)))
+#define sk_ASN1_STRING_push(sk, ptr) OPENSSL_sk_push(ossl_check_ASN1_STRING_sk_type(sk), ossl_check_ASN1_STRING_type(ptr))
+#define sk_ASN1_STRING_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_ASN1_STRING_sk_type(sk), ossl_check_ASN1_STRING_type(ptr))
+#define sk_ASN1_STRING_pop(sk) ((ASN1_STRING *)OPENSSL_sk_pop(ossl_check_ASN1_STRING_sk_type(sk)))
+#define sk_ASN1_STRING_shift(sk) ((ASN1_STRING *)OPENSSL_sk_shift(ossl_check_ASN1_STRING_sk_type(sk)))
+#define sk_ASN1_STRING_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_ASN1_STRING_sk_type(sk),ossl_check_ASN1_STRING_freefunc_type(freefunc))
+#define sk_ASN1_STRING_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_ASN1_STRING_sk_type(sk), ossl_check_ASN1_STRING_type(ptr), (idx))
+#define sk_ASN1_STRING_set(sk, idx, ptr) ((ASN1_STRING *)OPENSSL_sk_set(ossl_check_ASN1_STRING_sk_type(sk), (idx), ossl_check_ASN1_STRING_type(ptr)))
+#define sk_ASN1_STRING_find(sk, ptr) OPENSSL_sk_find(ossl_check_ASN1_STRING_sk_type(sk), ossl_check_ASN1_STRING_type(ptr))
+#define sk_ASN1_STRING_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_ASN1_STRING_sk_type(sk), ossl_check_ASN1_STRING_type(ptr))
+#define sk_ASN1_STRING_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_ASN1_STRING_sk_type(sk), ossl_check_ASN1_STRING_type(ptr), pnum)
+#define sk_ASN1_STRING_sort(sk) OPENSSL_sk_sort(ossl_check_ASN1_STRING_sk_type(sk))
+#define sk_ASN1_STRING_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_ASN1_STRING_sk_type(sk))
+#define sk_ASN1_STRING_dup(sk) ((STACK_OF(ASN1_STRING) *)OPENSSL_sk_dup(ossl_check_const_ASN1_STRING_sk_type(sk)))
+#define sk_ASN1_STRING_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(ASN1_STRING) *)OPENSSL_sk_deep_copy(ossl_check_const_ASN1_STRING_sk_type(sk), ossl_check_ASN1_STRING_copyfunc_type(copyfunc), ossl_check_ASN1_STRING_freefunc_type(freefunc)))
+#define sk_ASN1_STRING_set_cmp_func(sk, cmp) ((sk_ASN1_STRING_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_ASN1_STRING_sk_type(sk), ossl_check_ASN1_STRING_compfunc_type(cmp)))
+
/*
* Admission Syntax
@@ -898,8 +1341,59 @@ DECLARE_ASN1_FUNCTIONS(NAMING_AUTHORITY)
DECLARE_ASN1_FUNCTIONS(PROFESSION_INFO)
DECLARE_ASN1_FUNCTIONS(ADMISSIONS)
DECLARE_ASN1_FUNCTIONS(ADMISSION_SYNTAX)
-DEFINE_OR_DECLARE_STACK_OF(PROFESSION_INFO)
-DEFINE_OR_DECLARE_STACK_OF(ADMISSIONS)
+SKM_DEFINE_STACK_OF_INTERNAL(PROFESSION_INFO, PROFESSION_INFO, PROFESSION_INFO)
+#define sk_PROFESSION_INFO_num(sk) OPENSSL_sk_num(ossl_check_const_PROFESSION_INFO_sk_type(sk))
+#define sk_PROFESSION_INFO_value(sk, idx) ((PROFESSION_INFO *)OPENSSL_sk_value(ossl_check_const_PROFESSION_INFO_sk_type(sk), (idx)))
+#define sk_PROFESSION_INFO_new(cmp) ((STACK_OF(PROFESSION_INFO) *)OPENSSL_sk_new(ossl_check_PROFESSION_INFO_compfunc_type(cmp)))
+#define sk_PROFESSION_INFO_new_null() ((STACK_OF(PROFESSION_INFO) *)OPENSSL_sk_new_null())
+#define sk_PROFESSION_INFO_new_reserve(cmp, n) ((STACK_OF(PROFESSION_INFO) *)OPENSSL_sk_new_reserve(ossl_check_PROFESSION_INFO_compfunc_type(cmp), (n)))
+#define sk_PROFESSION_INFO_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_PROFESSION_INFO_sk_type(sk), (n))
+#define sk_PROFESSION_INFO_free(sk) OPENSSL_sk_free(ossl_check_PROFESSION_INFO_sk_type(sk))
+#define sk_PROFESSION_INFO_zero(sk) OPENSSL_sk_zero(ossl_check_PROFESSION_INFO_sk_type(sk))
+#define sk_PROFESSION_INFO_delete(sk, i) ((PROFESSION_INFO *)OPENSSL_sk_delete(ossl_check_PROFESSION_INFO_sk_type(sk), (i)))
+#define sk_PROFESSION_INFO_delete_ptr(sk, ptr) ((PROFESSION_INFO *)OPENSSL_sk_delete_ptr(ossl_check_PROFESSION_INFO_sk_type(sk), ossl_check_PROFESSION_INFO_type(ptr)))
+#define sk_PROFESSION_INFO_push(sk, ptr) OPENSSL_sk_push(ossl_check_PROFESSION_INFO_sk_type(sk), ossl_check_PROFESSION_INFO_type(ptr))
+#define sk_PROFESSION_INFO_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_PROFESSION_INFO_sk_type(sk), ossl_check_PROFESSION_INFO_type(ptr))
+#define sk_PROFESSION_INFO_pop(sk) ((PROFESSION_INFO *)OPENSSL_sk_pop(ossl_check_PROFESSION_INFO_sk_type(sk)))
+#define sk_PROFESSION_INFO_shift(sk) ((PROFESSION_INFO *)OPENSSL_sk_shift(ossl_check_PROFESSION_INFO_sk_type(sk)))
+#define sk_PROFESSION_INFO_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_PROFESSION_INFO_sk_type(sk),ossl_check_PROFESSION_INFO_freefunc_type(freefunc))
+#define sk_PROFESSION_INFO_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_PROFESSION_INFO_sk_type(sk), ossl_check_PROFESSION_INFO_type(ptr), (idx))
+#define sk_PROFESSION_INFO_set(sk, idx, ptr) ((PROFESSION_INFO *)OPENSSL_sk_set(ossl_check_PROFESSION_INFO_sk_type(sk), (idx), ossl_check_PROFESSION_INFO_type(ptr)))
+#define sk_PROFESSION_INFO_find(sk, ptr) OPENSSL_sk_find(ossl_check_PROFESSION_INFO_sk_type(sk), ossl_check_PROFESSION_INFO_type(ptr))
+#define sk_PROFESSION_INFO_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_PROFESSION_INFO_sk_type(sk), ossl_check_PROFESSION_INFO_type(ptr))
+#define sk_PROFESSION_INFO_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_PROFESSION_INFO_sk_type(sk), ossl_check_PROFESSION_INFO_type(ptr), pnum)
+#define sk_PROFESSION_INFO_sort(sk) OPENSSL_sk_sort(ossl_check_PROFESSION_INFO_sk_type(sk))
+#define sk_PROFESSION_INFO_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_PROFESSION_INFO_sk_type(sk))
+#define sk_PROFESSION_INFO_dup(sk) ((STACK_OF(PROFESSION_INFO) *)OPENSSL_sk_dup(ossl_check_const_PROFESSION_INFO_sk_type(sk)))
+#define sk_PROFESSION_INFO_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(PROFESSION_INFO) *)OPENSSL_sk_deep_copy(ossl_check_const_PROFESSION_INFO_sk_type(sk), ossl_check_PROFESSION_INFO_copyfunc_type(copyfunc), ossl_check_PROFESSION_INFO_freefunc_type(freefunc)))
+#define sk_PROFESSION_INFO_set_cmp_func(sk, cmp) ((sk_PROFESSION_INFO_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_PROFESSION_INFO_sk_type(sk), ossl_check_PROFESSION_INFO_compfunc_type(cmp)))
+SKM_DEFINE_STACK_OF_INTERNAL(ADMISSIONS, ADMISSIONS, ADMISSIONS)
+#define sk_ADMISSIONS_num(sk) OPENSSL_sk_num(ossl_check_const_ADMISSIONS_sk_type(sk))
+#define sk_ADMISSIONS_value(sk, idx) ((ADMISSIONS *)OPENSSL_sk_value(ossl_check_const_ADMISSIONS_sk_type(sk), (idx)))
+#define sk_ADMISSIONS_new(cmp) ((STACK_OF(ADMISSIONS) *)OPENSSL_sk_new(ossl_check_ADMISSIONS_compfunc_type(cmp)))
+#define sk_ADMISSIONS_new_null() ((STACK_OF(ADMISSIONS) *)OPENSSL_sk_new_null())
+#define sk_ADMISSIONS_new_reserve(cmp, n) ((STACK_OF(ADMISSIONS) *)OPENSSL_sk_new_reserve(ossl_check_ADMISSIONS_compfunc_type(cmp), (n)))
+#define sk_ADMISSIONS_reserve(sk, n) OPENSSL_sk_reserve(ossl_check_ADMISSIONS_sk_type(sk), (n))
+#define sk_ADMISSIONS_free(sk) OPENSSL_sk_free(ossl_check_ADMISSIONS_sk_type(sk))
+#define sk_ADMISSIONS_zero(sk) OPENSSL_sk_zero(ossl_check_ADMISSIONS_sk_type(sk))
+#define sk_ADMISSIONS_delete(sk, i) ((ADMISSIONS *)OPENSSL_sk_delete(ossl_check_ADMISSIONS_sk_type(sk), (i)))
+#define sk_ADMISSIONS_delete_ptr(sk, ptr) ((ADMISSIONS *)OPENSSL_sk_delete_ptr(ossl_check_ADMISSIONS_sk_type(sk), ossl_check_ADMISSIONS_type(ptr)))
+#define sk_ADMISSIONS_push(sk, ptr) OPENSSL_sk_push(ossl_check_ADMISSIONS_sk_type(sk), ossl_check_ADMISSIONS_type(ptr))
+#define sk_ADMISSIONS_unshift(sk, ptr) OPENSSL_sk_unshift(ossl_check_ADMISSIONS_sk_type(sk), ossl_check_ADMISSIONS_type(ptr))
+#define sk_ADMISSIONS_pop(sk) ((ADMISSIONS *)OPENSSL_sk_pop(ossl_check_ADMISSIONS_sk_type(sk)))
+#define sk_ADMISSIONS_shift(sk) ((ADMISSIONS *)OPENSSL_sk_shift(ossl_check_ADMISSIONS_sk_type(sk)))
+#define sk_ADMISSIONS_pop_free(sk, freefunc) OPENSSL_sk_pop_free(ossl_check_ADMISSIONS_sk_type(sk),ossl_check_ADMISSIONS_freefunc_type(freefunc))
+#define sk_ADMISSIONS_insert(sk, ptr, idx) OPENSSL_sk_insert(ossl_check_ADMISSIONS_sk_type(sk), ossl_check_ADMISSIONS_type(ptr), (idx))
+#define sk_ADMISSIONS_set(sk, idx, ptr) ((ADMISSIONS *)OPENSSL_sk_set(ossl_check_ADMISSIONS_sk_type(sk), (idx), ossl_check_ADMISSIONS_type(ptr)))
+#define sk_ADMISSIONS_find(sk, ptr) OPENSSL_sk_find(ossl_check_ADMISSIONS_sk_type(sk), ossl_check_ADMISSIONS_type(ptr))
+#define sk_ADMISSIONS_find_ex(sk, ptr) OPENSSL_sk_find_ex(ossl_check_ADMISSIONS_sk_type(sk), ossl_check_ADMISSIONS_type(ptr))
+#define sk_ADMISSIONS_find_all(sk, ptr, pnum) OPENSSL_sk_find_all(ossl_check_ADMISSIONS_sk_type(sk), ossl_check_ADMISSIONS_type(ptr), pnum)
+#define sk_ADMISSIONS_sort(sk) OPENSSL_sk_sort(ossl_check_ADMISSIONS_sk_type(sk))
+#define sk_ADMISSIONS_is_sorted(sk) OPENSSL_sk_is_sorted(ossl_check_const_ADMISSIONS_sk_type(sk))
+#define sk_ADMISSIONS_dup(sk) ((STACK_OF(ADMISSIONS) *)OPENSSL_sk_dup(ossl_check_const_ADMISSIONS_sk_type(sk)))
+#define sk_ADMISSIONS_deep_copy(sk, copyfunc, freefunc) ((STACK_OF(ADMISSIONS) *)OPENSSL_sk_deep_copy(ossl_check_const_ADMISSIONS_sk_type(sk), ossl_check_ADMISSIONS_copyfunc_type(copyfunc), ossl_check_ADMISSIONS_freefunc_type(freefunc)))
+#define sk_ADMISSIONS_set_cmp_func(sk, cmp) ((sk_ADMISSIONS_compfunc)OPENSSL_sk_set_cmp_func(ossl_check_ADMISSIONS_sk_type(sk), ossl_check_ADMISSIONS_compfunc_type(cmp)))
+
typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
const ASN1_OBJECT *NAMING_AUTHORITY_get0_authorityId(
diff --git a/openssl/include/openssl/x509v3err.h b/openssl/include/openssl/x509v3err.h
index ca21ab5c..3ad4a08e 100644..100755
--- a/openssl/include/openssl/x509v3err.h
+++ b/openssl/include/openssl/x509v3err.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -14,88 +14,9 @@
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
+# include <openssl/cryptoerr_legacy.h>
-# ifdef __cplusplus
-extern "C"
-# endif
-int ERR_load_X509V3_strings(void);
-
-/*
- * X509V3 function codes.
- */
-# ifndef OPENSSL_NO_DEPRECATED_3_0
-# define X509V3_F_A2I_GENERAL_NAME 0
-# define X509V3_F_ADDR_VALIDATE_PATH_INTERNAL 0
-# define X509V3_F_ASIDENTIFIERCHOICE_CANONIZE 0
-# define X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL 0
-# define X509V3_F_BIGNUM_TO_STRING 0
-# define X509V3_F_COPY_EMAIL 0
-# define X509V3_F_COPY_ISSUER 0
-# define X509V3_F_DO_DIRNAME 0
-# define X509V3_F_DO_EXT_I2D 0
-# define X509V3_F_DO_EXT_NCONF 0
-# define X509V3_F_GNAMES_FROM_SECTNAME 0
-# define X509V3_F_I2R_ISSUER_SIGN_TOOL 0
-# define X509V3_F_I2S_ASN1_ENUMERATED 0
-# define X509V3_F_I2S_ASN1_IA5STRING 0
-# define X509V3_F_I2S_ASN1_INTEGER 0
-# define X509V3_F_I2S_ASN1_UTF8STRING 0
-# define X509V3_F_I2V_AUTHORITY_INFO_ACCESS 0
-# define X509V3_F_LEVEL_ADD_NODE 0
-# define X509V3_F_NOTICE_SECTION 0
-# define X509V3_F_NREF_NOS 0
-# define X509V3_F_POLICY_CACHE_CREATE 0
-# define X509V3_F_POLICY_CACHE_NEW 0
-# define X509V3_F_POLICY_DATA_NEW 0
-# define X509V3_F_POLICY_SECTION 0
-# define X509V3_F_PROCESS_PCI_VALUE 0
-# define X509V3_F_R2I_CERTPOL 0
-# define X509V3_F_R2I_PCI 0
-# define X509V3_F_S2I_ASN1_IA5STRING 0
-# define X509V3_F_S2I_ASN1_INTEGER 0
-# define X509V3_F_S2I_ASN1_OCTET_STRING 0
-# define X509V3_F_S2I_ASN1_UTF8STRING 0
-# define X509V3_F_S2I_SKEY_ID 0
-# define X509V3_F_SET_DIST_POINT_NAME 0
-# define X509V3_F_SXNET_ADD_ID_ASC 0
-# define X509V3_F_SXNET_ADD_ID_INTEGER 0
-# define X509V3_F_SXNET_ADD_ID_ULONG 0
-# define X509V3_F_SXNET_GET_ID_ASC 0
-# define X509V3_F_SXNET_GET_ID_ULONG 0
-# define X509V3_F_TREE_INIT 0
-# define X509V3_F_V2I_ASIDENTIFIERS 0
-# define X509V3_F_V2I_ASN1_BIT_STRING 0
-# define X509V3_F_V2I_AUTHORITY_INFO_ACCESS 0
-# define X509V3_F_V2I_AUTHORITY_KEYID 0
-# define X509V3_F_V2I_BASIC_CONSTRAINTS 0
-# define X509V3_F_V2I_CRLD 0
-# define X509V3_F_V2I_EXTENDED_KEY_USAGE 0
-# define X509V3_F_V2I_GENERAL_NAMES 0
-# define X509V3_F_V2I_GENERAL_NAME_EX 0
-# define X509V3_F_V2I_IDP 0
-# define X509V3_F_V2I_IPADDRBLOCKS 0
-# define X509V3_F_V2I_ISSUER_ALT 0
-# define X509V3_F_V2I_ISSUER_SIGN_TOOL 0
-# define X509V3_F_V2I_NAME_CONSTRAINTS 0
-# define X509V3_F_V2I_POLICY_CONSTRAINTS 0
-# define X509V3_F_V2I_POLICY_MAPPINGS 0
-# define X509V3_F_V2I_SUBJECT_ALT 0
-# define X509V3_F_V2I_TLS_FEATURE 0
-# define X509V3_F_V3_GENERIC_EXTENSION 0
-# define X509V3_F_X509V3_ADD1_I2D 0
-# define X509V3_F_X509V3_ADD_VALUE 0
-# define X509V3_F_X509V3_EXT_ADD 0
-# define X509V3_F_X509V3_EXT_ADD_ALIAS 0
-# define X509V3_F_X509V3_EXT_I2D 0
-# define X509V3_F_X509V3_EXT_NCONF 0
-# define X509V3_F_X509V3_GET_SECTION 0
-# define X509V3_F_X509V3_GET_STRING 0
-# define X509V3_F_X509V3_GET_VALUE_BOOL 0
-# define X509V3_F_X509V3_PARSE_LIST 0
-# define X509V3_F_X509_PURPOSE_ADD 0
-# define X509V3_F_X509_PURPOSE_SET 0
-# endif
/*
* X509V3 reason codes.
@@ -107,6 +28,7 @@ int ERR_load_X509V3_strings(void);
# define X509V3_R_DIRNAME_ERROR 149
# define X509V3_R_DISTPOINT_ALREADY_SET 160
# define X509V3_R_DUPLICATE_ZONE_ID 133
+# define X509V3_R_EMPTY_KEY_USAGE 169
# define X509V3_R_ERROR_CONVERTING_ZONE 131
# define X509V3_R_ERROR_CREATING_EXTENSION 144
# define X509V3_R_ERROR_IN_EXTENSION 128
@@ -121,13 +43,14 @@ int ERR_load_X509V3_strings(void);
# define X509V3_R_INVALID_ASNUMBER 162
# define X509V3_R_INVALID_ASRANGE 163
# define X509V3_R_INVALID_BOOLEAN_STRING 104
+# define X509V3_R_INVALID_CERTIFICATE 158
+# define X509V3_R_INVALID_EMPTY_NAME 108
# define X509V3_R_INVALID_EXTENSION_STRING 105
# define X509V3_R_INVALID_INHERITANCE 165
# define X509V3_R_INVALID_IPADDRESS 166
# define X509V3_R_INVALID_MULTIPLE_RDNS 161
# define X509V3_R_INVALID_NAME 106
# define X509V3_R_INVALID_NULL_ARGUMENT 107
-# define X509V3_R_INVALID_NULL_NAME 108
# define X509V3_R_INVALID_NULL_VALUE 109
# define X509V3_R_INVALID_NUMBER 140
# define X509V3_R_INVALID_NUMBERS 141
@@ -142,6 +65,7 @@ int ERR_load_X509V3_strings(void);
# define X509V3_R_ISSUER_DECODE_ERROR 126
# define X509V3_R_MISSING_VALUE 124
# define X509V3_R_NEED_ORGANIZATION_AND_NUMBERS 142
+# define X509V3_R_NEGATIVE_PATHLEN 168
# define X509V3_R_NO_CONFIG_DATABASE 136
# define X509V3_R_NO_ISSUER_CERTIFICATE 121
# define X509V3_R_NO_ISSUER_DETAILS 127